summaryrefslogtreecommitdiffstats
path: root/puppet
diff options
context:
space:
mode:
Diffstat (limited to 'puppet')
-rw-r--r--puppet/all-nodes-config.yaml11
-rw-r--r--puppet/ceph-storage-post.yaml1
-rw-r--r--puppet/ceph-storage.yaml2
-rw-r--r--puppet/cinder-storage-post.yaml1
-rw-r--r--puppet/cinder-storage.yaml5
-rw-r--r--puppet/compute-post.yaml1
-rw-r--r--puppet/compute.yaml9
-rw-r--r--puppet/controller-post.yaml6
-rw-r--r--puppet/controller.yaml33
-rw-r--r--puppet/extraconfig/all_nodes/neutron-ml2-cisco-nexus-ucsm.yaml8
-rw-r--r--puppet/extraconfig/pre_deploy/compute/nova-nuage.yaml1
-rw-r--r--puppet/extraconfig/pre_deploy/controller/cinder-netapp.yaml1
-rw-r--r--puppet/extraconfig/pre_deploy/controller/neutron-ml2-bigswitch.yaml1
-rw-r--r--puppet/extraconfig/pre_deploy/controller/neutron-ml2-cisco-n1kv.yaml1
-rw-r--r--puppet/extraconfig/pre_deploy/controller/neutron-nuage.yaml1
-rw-r--r--puppet/extraconfig/pre_deploy/per_node.yaml1
-rw-r--r--puppet/extraconfig/tls/ca-inject.yaml1
-rw-r--r--puppet/extraconfig/tls/tls-cert-inject.yaml1
-rw-r--r--puppet/hieradata/controller.yaml13
-rw-r--r--puppet/hieradata/database.yaml7
-rw-r--r--puppet/manifests/overcloud_cephstorage.pp1
-rw-r--r--puppet/manifests/overcloud_compute.pp12
-rw-r--r--puppet/manifests/overcloud_controller.pp46
-rw-r--r--puppet/manifests/overcloud_controller_pacemaker.pp177
-rw-r--r--puppet/swift-storage-post.yaml2
-rw-r--r--puppet/swift-storage.yaml2
-rw-r--r--puppet/vip-config.yaml2
27 files changed, 215 insertions, 132 deletions
diff --git a/puppet/all-nodes-config.yaml b/puppet/all-nodes-config.yaml
index 3dd3d5c9..e85975d4 100644
--- a/puppet/all-nodes-config.yaml
+++ b/puppet/all-nodes-config.yaml
@@ -69,8 +69,8 @@ resources:
allNodesConfigImpl:
type: OS::Heat::StructuredConfig
properties:
+ group: os-apply-config
config:
- completion-signal: {get_input: deploy_signal_id}
hosts:
list_join:
- "\n"
@@ -227,6 +227,15 @@ resources:
list_join:
- "','"
- {get_param: neutron_api_node_ips}
+ # TODO: pass a `midonet_api_node_ips` var
+ midonet_api_node_ips:
+ str_replace:
+ template: "['SERVERS_LIST']"
+ params:
+ SERVERS_LIST:
+ list_join:
+ - "','"
+ - {get_param: neutron_api_node_ips}
keystone_public_api_node_ips:
str_replace:
template: "['SERVERS_LIST']"
diff --git a/puppet/ceph-storage-post.yaml b/puppet/ceph-storage-post.yaml
index 0f7dd36f..f9c53465 100644
--- a/puppet/ceph-storage-post.yaml
+++ b/puppet/ceph-storage-post.yaml
@@ -30,6 +30,7 @@ resources:
CephStorageDeployment_Step1:
type: OS::Heat::StructuredDeployments
properties:
+ name: CephStorageDeployment_Step1
servers: {get_param: servers}
config: {get_resource: CephStoragePuppetConfig}
input_values:
diff --git a/puppet/ceph-storage.yaml b/puppet/ceph-storage.yaml
index 3044d975..e310e1f5 100644
--- a/puppet/ceph-storage.yaml
+++ b/puppet/ceph-storage.yaml
@@ -190,6 +190,7 @@ resources:
NetworkDeployment:
type: OS::TripleO::SoftwareDeployment
properties:
+ name: NetworkDeployment
config: {get_resource: NetworkConfig}
server: {get_resource: CephStorage}
actions: {get_param: NetworkDeploymentActions}
@@ -198,6 +199,7 @@ resources:
type: OS::Heat::StructuredDeployment
depends_on: NetworkDeployment
properties:
+ name: CephStorageDeployment
config: {get_resource: CephStorageConfig}
server: {get_resource: CephStorage}
input_values:
diff --git a/puppet/cinder-storage-post.yaml b/puppet/cinder-storage-post.yaml
index bb7f94de..9b7c752a 100644
--- a/puppet/cinder-storage-post.yaml
+++ b/puppet/cinder-storage-post.yaml
@@ -28,6 +28,7 @@ resources:
VolumeDeployment_Step1:
type: OS::Heat::StructuredDeployments
properties:
+ name: VolumeDeployment_Step1
servers: {get_param: servers}
config: {get_resource: VolumePuppetConfig}
diff --git a/puppet/cinder-storage.yaml b/puppet/cinder-storage.yaml
index fd9365bd..0bec3e93 100644
--- a/puppet/cinder-storage.yaml
+++ b/puppet/cinder-storage.yaml
@@ -13,7 +13,7 @@ parameters:
description: The iSCSI helper to use with cinder.
type: string
CinderLVMLoopDeviceSize:
- default: 5000
+ default: 10280
description: The size of the loopback file used by the cinder LVM driver.
type: number
CinderPassword:
@@ -231,6 +231,7 @@ resources:
NetworkDeployment:
type: OS::TripleO::SoftwareDeployment
properties:
+ name: NetworkDeployment
config: {get_resource: NetworkConfig}
server: {get_resource: BlockStorage}
actions: {get_param: NetworkDeploymentActions}
@@ -239,6 +240,7 @@ resources:
type: OS::Heat::StructuredDeployment
depends_on: NetworkDeployment
properties:
+ name: BlockStorageDeployment
server: {get_resource: BlockStorage}
config: {get_resource: BlockStorageConfig}
input_values:
@@ -330,6 +332,7 @@ resources:
UpdateDeployment:
type: OS::Heat::SoftwareDeployment
properties:
+ name: UpdateDeployment
config: {get_resource: UpdateConfig}
server: {get_resource: BlockStorage}
input_values:
diff --git a/puppet/compute-post.yaml b/puppet/compute-post.yaml
index b63b06b4..3861e50c 100644
--- a/puppet/compute-post.yaml
+++ b/puppet/compute-post.yaml
@@ -31,6 +31,7 @@ resources:
ComputePuppetDeployment:
type: OS::Heat::StructuredDeployments
properties:
+ name: ComputePuppetDeployment
servers: {get_param: servers}
config: {get_resource: ComputePuppetConfig}
input_values:
diff --git a/puppet/compute.yaml b/puppet/compute.yaml
index f4165756..8b2bcd33 100644
--- a/puppet/compute.yaml
+++ b/puppet/compute.yaml
@@ -127,13 +127,13 @@ parameters:
description: |
Comma-separated list of <tun_min>:<tun_max> tuples enumerating ranges
of GRE tunnel IDs that are available for tenant network allocation
- default: ["1:1000", ]
+ default: ["1:4094", ]
type: comma_delimited_list
NeutronVniRanges:
description: |
Comma-separated list of <vni_min>:<vni_max> tuples enumerating ranges
of VXLAN VNI IDs that are available for tenant network allocation
- default: ["1:1000", ]
+ default: ["1:4094", ]
type: comma_delimited_list
NeutronPublicInterfaceRawDevice:
default: ''
@@ -409,6 +409,7 @@ resources:
NetworkDeployment:
type: OS::TripleO::SoftwareDeployment
properties:
+ name: NetworkDeployment
config: {get_resource: NetworkConfig}
server: {get_resource: NovaCompute}
actions: {get_param: NetworkDeploymentActions}
@@ -487,7 +488,7 @@ resources:
neutron::agents::ml2::ovs::local_ip: {get_input: neutron_local_ip}
neutron::plugins::ml2::tenant_network_types: {get_input: neutron_tenant_network_types}
- neutron::agents::ml2::ovs:tunnel_types: {get_input: neutron_tunnel_types}
+ neutron::agents::ml2::ovs::tunnel_types: {get_input: neutron_tunnel_types}
neutron::agents::ml2::ovs::extensions: {get_input: neutron_agent_extensions}
neutron::plugins::ml2::network_vlan_ranges: {get_input: neutron_network_vlan_ranges}
neutron::plugins::ml2::tunnel_id_ranges: {get_input: neutron_tunnel_id_ranges}
@@ -519,6 +520,7 @@ resources:
type: OS::TripleO::SoftwareDeployment
depends_on: NetworkDeployment
properties:
+ name: NovaComputeDeployment
config: {get_resource: NovaComputeConfig}
server: {get_resource: NovaCompute}
input_values:
@@ -650,6 +652,7 @@ resources:
UpdateDeployment:
type: OS::Heat::SoftwareDeployment
properties:
+ name: UpdateDeployment
config: {get_resource: UpdateConfig}
server: {get_resource: NovaCompute}
input_values:
diff --git a/puppet/controller-post.yaml b/puppet/controller-post.yaml
index ed8129e7..d250dd70 100644
--- a/puppet/controller-post.yaml
+++ b/puppet/controller-post.yaml
@@ -35,6 +35,7 @@ resources:
type: OS::Heat::StructuredDeployments
depends_on: ControllerPrePuppet
properties:
+ name: ControllerLoadBalancerDeployment_Step1
servers: {get_param: servers}
config: {get_resource: ControllerPuppetConfig}
input_values:
@@ -46,6 +47,7 @@ resources:
type: OS::Heat::StructuredDeployments
depends_on: ControllerLoadBalancerDeployment_Step1
properties:
+ name: ControllerServicesBaseDeployment_Step2
servers: {get_param: servers}
config: {get_resource: ControllerPuppetConfig}
input_values:
@@ -71,6 +73,7 @@ resources:
type: OS::Heat::StructuredDeployments
depends_on: ControllerServicesBaseDeployment_Step2
properties:
+ name: ControllerRingbuilderDeployment_Step3
servers: {get_param: servers}
config: {get_resource: ControllerRingbuilderPuppetConfig}
input_values:
@@ -80,6 +83,7 @@ resources:
type: OS::Heat::StructuredDeployments
depends_on: ControllerRingbuilderDeployment_Step3
properties:
+ name: ControllerOvercloudServicesDeployment_Step4
servers: {get_param: servers}
config: {get_resource: ControllerPuppetConfig}
input_values:
@@ -90,6 +94,7 @@ resources:
type: OS::Heat::StructuredDeployments
depends_on: ControllerOvercloudServicesDeployment_Step4
properties:
+ name: ControllerOvercloudServicesDeployment_Step5
servers: {get_param: servers}
config: {get_resource: ControllerPuppetConfig}
input_values:
@@ -100,6 +105,7 @@ resources:
type: OS::Heat::StructuredDeployments
depends_on: ControllerOvercloudServicesDeployment_Step5
properties:
+ name: ControllerOvercloudServicesDeployment_Step6
servers: {get_param: servers}
config: {get_resource: ControllerPuppetConfig}
input_values:
diff --git a/puppet/controller.yaml b/puppet/controller.yaml
index f5378221..bad99378 100644
--- a/puppet/controller.yaml
+++ b/puppet/controller.yaml
@@ -61,7 +61,7 @@ parameters:
description: The iSCSI helper to use with cinder.
type: string
CinderLVMLoopDeviceSize:
- default: 5000
+ default: 10280
description: The size of the loopback file used by the cinder LVM driver.
type: number
CinderNfsMountOptions:
@@ -89,10 +89,6 @@ parameters:
default: 0
description: Number of workers for Cinder service.
type: number
- CloudName:
- default: overcloud
- description: The DNS name of this cloud. E.g. ci-overcloud.tripleo.org
- type: string
ControllerExtraConfig:
default: {}
description: |
@@ -505,13 +501,13 @@ parameters:
description: |
Comma-separated list of <tun_min>:<tun_max> tuples enumerating ranges
of GRE tunnel IDs that are available for tenant network allocation
- default: ["1:1000", ]
+ default: ["1:4094", ]
type: comma_delimited_list
NeutronVniRanges:
description: |
Comma-separated list of <vni_min>:<vni_max> tuples enumerating ranges
of VXLAN VNI IDs that are available for tenant network allocation
- default: ["1:1000", ]
+ default: ["1:4094", ]
type: comma_delimited_list
NeutronPluginExtensions:
default: "qos"
@@ -832,6 +828,7 @@ resources:
NetworkDeployment:
type: OS::TripleO::SoftwareDeployment
properties:
+ name: NetworkDeployment
config: {get_resource: NetworkConfig}
server: {get_resource: Controller}
actions: {get_param: NetworkDeploymentActions}
@@ -859,6 +856,7 @@ resources:
type: OS::TripleO::SoftwareDeployment
depends_on: NetworkDeployment
properties:
+ name: ControllerDeployment
config: {get_resource: ControllerConfig}
server: {get_resource: Controller}
input_values:
@@ -1075,7 +1073,7 @@ resources:
neutron_internal_url: { get_param: [ EndpointMap, NeutronInternal, uri ] }
neutron_public_url: { get_param: [ EndpointMap, NeutronPublic, uri ] }
neutron_admin_url: { get_param: [ EndpointMap, NeutronAdmin, uri ] }
- neutron_admin_auth_url: { get_param: [ EndpointMap, KeystoneAdmin, uri ] }
+ neutron_admin_auth_url: { get_param: [ EndpointMap, KeystoneAdmin, uri_no_suffix ] }
nova_internal_url: { get_param: [ EndpointMap, NovaInternal, uri ] }
ceilometer_backend: {get_param: CeilometerBackend}
ceilometer_metering_secret: {get_param: CeilometerMeteringSecret}
@@ -1106,6 +1104,14 @@ resources:
- '@'
- {get_param: MysqlVirtualIP}
- '/nova'
+ nova_api_dsn:
+ list_join:
+ - ''
+ - - 'mysql+pymysql://nova_api:'
+ - {get_param: NovaPassword}
+ - '@'
+ - {get_param: MysqlVirtualIP}
+ - '/nova_api'
instance_name_template: {get_param: InstanceNameTemplate}
fencing_config: {get_param: FencingConfig}
pcsd_password: {get_param: PcsdPassword}
@@ -1336,8 +1342,10 @@ resources:
keystone_ssl_certificate: {get_input: keystone_ssl_certificate}
keystone_ssl_certificate_key: {get_input: keystone_ssl_certificate_key}
keystone::database_connection: {get_input: keystone_dsn}
- keystone::public_bind_host: {get_input: keystone_public_api_network}
keystone::admin_bind_host: {get_input: keystone_admin_api_network}
+ keystone::public_bind_host: {get_input: keystone_public_api_network}
+ keystone::wsgi::apache::bind_host: {get_input: keystone_public_api_network}
+ keystone::wsgi::apache::admin_bind_host: {get_input: keystone_admin_api_network}
keystone::debug: {get_input: debug}
keystone::db::mysql::password: {get_input: admin_token}
keystone::rabbit_userid: {get_input: rabbit_username}
@@ -1430,6 +1438,7 @@ resources:
neutron::server::notifications::nova_url: {get_input: nova_internal_url}
neutron::server::notifications::auth_url: {get_input: neutron_admin_auth_url}
neutron::server::notifications::tenant_name: 'service'
+ neutron::server::notifications::project_name: 'service'
neutron::server::notifications::password: {get_input: nova_password}
# Ceilometer
@@ -1467,6 +1476,7 @@ resources:
nova::api::ec2_workers: {get_input: nova_workers}
nova::api::metadata_workers: {get_input: nova_workers}
nova::database_connection: {get_input: nova_dsn}
+ nova::api_database_connection: {get_input: nova_api_dsn}
nova::glance_api_servers: {get_input: glance_api_servers}
nova::api::neutron_metadata_proxy_shared_secret: {get_input: neutron_metadata_proxy_shared_secret}
nova::api::instance_name_template: {get_input: instance_name_template}
@@ -1475,6 +1485,7 @@ resources:
nova::network::neutron::neutron_admin_auth_url: {get_input: neutron_admin_auth_url}
nova::vncproxy::host: {get_input: nova_api_network}
nova::db::mysql::password: {get_input: nova_password}
+ nova::db::mysql_api::password: {get_input: nova_password}
nova_enable_db_purge: {get_input: nova_enable_db_purge}
# Horizon
@@ -1555,6 +1566,7 @@ resources:
UpdateDeployment:
type: OS::Heat::SoftwareDeployment
properties:
+ name: UpdateDeployment
config: {get_resource: UpdateConfig}
server: {get_resource: Controller}
input_values:
@@ -1598,12 +1610,11 @@ outputs:
Server's IP address and hostname in the /etc/hosts format
value:
str_replace:
- template: IP HOST.DOMAIN HOST CLOUDNAME
+ template: IP HOST.DOMAIN HOST
params:
IP: {get_attr: [NetIpMap, net_ip_map, {get_param: [ServiceNetMap, ControllerHostnameResolveNetwork]}]}
DOMAIN: {get_param: CloudDomain}
HOST: {get_attr: [Controller, name]}
- CLOUDNAME: {get_param: CloudName}
nova_server_resource:
description: Heat resource handle for the Nova compute server
value:
diff --git a/puppet/extraconfig/all_nodes/neutron-ml2-cisco-nexus-ucsm.yaml b/puppet/extraconfig/all_nodes/neutron-ml2-cisco-nexus-ucsm.yaml
index 2413f5a4..655fd0f2 100644
--- a/puppet/extraconfig/all_nodes/neutron-ml2-cisco-nexus-ucsm.yaml
+++ b/puppet/extraconfig/all_nodes/neutron-ml2-cisco-nexus-ucsm.yaml
@@ -131,6 +131,7 @@ resources:
NetworkCiscoDeployment:
type: OS::Heat::StructuredDeployments
properties:
+ name: NetworkCiscoDeployment
config: {get_resource: NetworkCiscoConfig}
servers: {get_param: controller_servers}
input_values:
@@ -178,6 +179,7 @@ resources:
CollectMacDeploymentsController:
type: OS::Heat::SoftwareDeployments
properties:
+ name: CollectMacDeploymentsController
servers: {get_param: controller_servers}
config: {get_resource: CollectMacConfig}
actions: ['CREATE'] # Only do this on CREATE
@@ -185,6 +187,7 @@ resources:
CollectMacDeploymentsCompute:
type: OS::Heat::SoftwareDeployments
properties:
+ name: CollectMacDeploymentsCompute
servers: {get_param: compute_servers}
config: {get_resource: CollectMacConfig}
actions: ['CREATE'] # Only do this on CREATE
@@ -192,6 +195,7 @@ resources:
CollectMacDeploymentsBlockStorage:
type: OS::Heat::SoftwareDeployments
properties:
+ name: CollectMacDeploymentsBlockStorage
servers: {get_param: blockstorage_servers}
config: {get_resource: CollectMacConfig}
actions: ['CREATE'] # Only do this on CREATE
@@ -199,6 +203,7 @@ resources:
CollectMacDeploymentsObjectStorage:
type: OS::Heat::SoftwareDeployments
properties:
+ name: CollectMacDeploymentsObjectStorage
servers: {get_param: objectstorage_servers}
config: {get_resource: CollectMacConfig}
actions: ['CREATE'] # Only do this on CREATE
@@ -206,6 +211,7 @@ resources:
CollectMacDeploymentsCephStorage:
type: OS::Heat::SoftwareDeployments
properties:
+ name: CollectMacDeploymentsCephStorage
servers: {get_param: cephstorage_servers}
config: {get_resource: CollectMacConfig}
actions: ['CREATE'] # Only do this on CREATE
@@ -280,6 +286,7 @@ resources:
MappingToNexusDeploymentsController:
type: OS::Heat::SoftwareDeployment
properties:
+ name: MappingToNexusDeploymentsController
server: {get_param: [controller_servers, '0']}
config: {get_resource: MappingToNexusConfig}
input_values:
@@ -323,6 +330,7 @@ resources:
type: OS::Heat::SoftwareDeployment
depends_on: MappingToNexusDeploymentsController
properties:
+ name: MappingToUCSMDeploymentsController
server: {get_param: [controller_servers, '0']}
config: {get_resource: MappingToUCSMConfig}
input_values:
diff --git a/puppet/extraconfig/pre_deploy/compute/nova-nuage.yaml b/puppet/extraconfig/pre_deploy/compute/nova-nuage.yaml
index 96368e37..5561c74a 100644
--- a/puppet/extraconfig/pre_deploy/compute/nova-nuage.yaml
+++ b/puppet/extraconfig/pre_deploy/compute/nova-nuage.yaml
@@ -70,6 +70,7 @@ resources:
NovaNuageDeployment:
type: OS::Heat::StructuredDeployment
properties:
+ name: NovaNuageDeployment
config: {get_resource: NovaNuageConfig}
server: {get_param: server}
input_values:
diff --git a/puppet/extraconfig/pre_deploy/controller/cinder-netapp.yaml b/puppet/extraconfig/pre_deploy/controller/cinder-netapp.yaml
index 7ec2190f..ab442f2b 100644
--- a/puppet/extraconfig/pre_deploy/controller/cinder-netapp.yaml
+++ b/puppet/extraconfig/pre_deploy/controller/cinder-netapp.yaml
@@ -114,6 +114,7 @@ resources:
CinderNetappDeployment:
type: OS::Heat::StructuredDeployment
properties:
+ name: CinderNetappDeployment
config: {get_resource: CinderNetappConfig}
server: {get_param: server}
input_values:
diff --git a/puppet/extraconfig/pre_deploy/controller/neutron-ml2-bigswitch.yaml b/puppet/extraconfig/pre_deploy/controller/neutron-ml2-bigswitch.yaml
index bf06d25d..1e652960 100644
--- a/puppet/extraconfig/pre_deploy/controller/neutron-ml2-bigswitch.yaml
+++ b/puppet/extraconfig/pre_deploy/controller/neutron-ml2-bigswitch.yaml
@@ -56,6 +56,7 @@ resources:
NeutronBigswitchDeployment:
type: OS::Heat::StructuredDeployment
properties:
+ name: NeutronBigswitchDeployment
config: {get_resource: NeutronBigswitchConfig}
server: {get_param: server}
input_values:
diff --git a/puppet/extraconfig/pre_deploy/controller/neutron-ml2-cisco-n1kv.yaml b/puppet/extraconfig/pre_deploy/controller/neutron-ml2-cisco-n1kv.yaml
index 6730ddf1..cec885cd 100644
--- a/puppet/extraconfig/pre_deploy/controller/neutron-ml2-cisco-n1kv.yaml
+++ b/puppet/extraconfig/pre_deploy/controller/neutron-ml2-cisco-n1kv.yaml
@@ -142,6 +142,7 @@ resources:
CiscoN1kvDeployment:
type: OS::Heat::StructuredDeployment
properties:
+ name: CiscoN1kvDeployment
config: {get_resource: CiscoN1kvConfig}
server: {get_param: server}
input_values:
diff --git a/puppet/extraconfig/pre_deploy/controller/neutron-nuage.yaml b/puppet/extraconfig/pre_deploy/controller/neutron-nuage.yaml
index 8378d2fc..a4cfea07 100644
--- a/puppet/extraconfig/pre_deploy/controller/neutron-nuage.yaml
+++ b/puppet/extraconfig/pre_deploy/controller/neutron-nuage.yaml
@@ -71,6 +71,7 @@ resources:
NeutronNuageDeployment:
type: OS::Heat::StructuredDeployment
properties:
+ name: NeutronNuageDeployment
config: {get_resource: NeutronNuageConfig}
server: {get_param: server}
input_values:
diff --git a/puppet/extraconfig/pre_deploy/per_node.yaml b/puppet/extraconfig/pre_deploy/per_node.yaml
index 80c8ad6e..e236e336 100644
--- a/puppet/extraconfig/pre_deploy/per_node.yaml
+++ b/puppet/extraconfig/pre_deploy/per_node.yaml
@@ -45,6 +45,7 @@ resources:
NodeSpecificDeployment:
type: OS::Heat::SoftwareDeployment
properties:
+ name: NodeSpecificDeployment
config: {get_resource: NodeSpecificConfig}
server: {get_param: server}
input_values:
diff --git a/puppet/extraconfig/tls/ca-inject.yaml b/puppet/extraconfig/tls/ca-inject.yaml
index 7e34f071..5a36e951 100644
--- a/puppet/extraconfig/tls/ca-inject.yaml
+++ b/puppet/extraconfig/tls/ca-inject.yaml
@@ -53,6 +53,7 @@ resources:
CADeployment:
type: OS::Heat::SoftwareDeployment
properties:
+ name: CADeployment
config: {get_resource: CAConfig}
server: {get_param: server}
input_values:
diff --git a/puppet/extraconfig/tls/tls-cert-inject.yaml b/puppet/extraconfig/tls/tls-cert-inject.yaml
index ce524ba9..20bb3737 100644
--- a/puppet/extraconfig/tls/tls-cert-inject.yaml
+++ b/puppet/extraconfig/tls/tls-cert-inject.yaml
@@ -67,6 +67,7 @@ resources:
ControllerTLSDeployment:
type: OS::Heat::SoftwareDeployment
properties:
+ name: ControllerTLSDeployment
config: {get_resource: ControllerTLSConfig}
server: {get_param: server}
input_values:
diff --git a/puppet/hieradata/controller.yaml b/puppet/hieradata/controller.yaml
index 7f30fe7a..a4dda4b4 100644
--- a/puppet/hieradata/controller.yaml
+++ b/puppet/hieradata/controller.yaml
@@ -34,6 +34,8 @@ glance::api::keystone_tenant: 'service'
glance::registry::keystone_tenant: 'service'
neutron::server::auth_tenant: 'service'
neutron::agents::metadata::auth_tenant: 'service'
+neutron::agents::l3::router_delete_namespaces: True
+neutron::agents::dhcp::dhcp_delete_namespaces: True
cinder::api::keystone_tenant: 'service'
swift::proxy::authtoken::admin_tenant_name: 'service'
ceilometer::api::keystone_tenant: 'service'
@@ -45,6 +47,13 @@ keystone::cron::token_flush::maxdelay: 3600
keystone::roles::admin::service_tenant: 'service'
keystone::roles::admin::admin_tenant: 'admin'
keystone::cron::token_flush::destination: '/dev/null'
+keystone::config::keystone_config:
+ DEFAULT/secure_proxy_ssl_header:
+ value: 'HTTP_X_FORWARDED_PROTO'
+ ec2/driver:
+ value: 'keystone.contrib.ec2.backends.sql.Ec2'
+keystone::service_name: 'httpd'
+keystone::wsgi::apache::ssl: false
#swift
swift::proxy::pipeline:
@@ -78,6 +87,7 @@ neutron::agents::dhcp::dnsmasq_config_file: /etc/neutron/dnsmasq-neutron.conf
nova::notify_on_state_change: 'vm_and_task_state'
nova::api::default_floating_pool: 'public'
nova::api::osapi_v3: true
+nova::api::sync_db_api: true
nova::scheduler::filter::ram_allocation_ratio: '1.0'
nova::cron::archive_deleted_rows::hour: '*/12'
nova::cron::archive_deleted_rows::destination: '/dev/null'
@@ -88,6 +98,9 @@ ceilometer::agent::auth::auth_endpoint_type: 'internalURL'
# cinder
cinder::scheduler::scheduler_driver: cinder.scheduler.filter_scheduler.FilterScheduler
cinder::cron::db_purge::destination: '/dev/null'
+cinder::config::cinder_config:
+ DEFAULT/host:
+ value: hostgroup
# heat
heat::engine::configure_delegated_roles: false
diff --git a/puppet/hieradata/database.yaml b/puppet/hieradata/database.yaml
index 89577505..61714691 100644
--- a/puppet/hieradata/database.yaml
+++ b/puppet/hieradata/database.yaml
@@ -6,6 +6,13 @@ nova::db::mysql::allowed_hosts:
- '%'
- "%{hiera('mysql_bind_host')}"
+nova::db::mysql_api::user: nova_api
+nova::db::mysql_api::host: "%{hiera('mysql_virtual_ip')}"
+nova::db::mysql_api::dbname: nova_api
+nova::db::mysql_api::allowed_hosts:
+ - '%'
+ - "%{hiera('mysql_bind_host')}"
+
# Glance
glance::db::mysql::user: glance
glance::db::mysql::host: "%{hiera('mysql_virtual_ip')}"
diff --git a/puppet/manifests/overcloud_cephstorage.pp b/puppet/manifests/overcloud_cephstorage.pp
index 7444155c..1d801adc 100644
--- a/puppet/manifests/overcloud_cephstorage.pp
+++ b/puppet/manifests/overcloud_cephstorage.pp
@@ -38,6 +38,7 @@ if str2bool(hiera('ceph_osd_selinux_permissive', true)) {
} -> Class['ceph::profile::osd']
}
+include ::ceph::conf
include ::ceph::profile::client
include ::ceph::profile::osd
diff --git a/puppet/manifests/overcloud_compute.pp b/puppet/manifests/overcloud_compute.pp
index bb3575cf..4b0f98e4 100644
--- a/puppet/manifests/overcloud_compute.pp
+++ b/puppet/manifests/overcloud_compute.pp
@@ -37,6 +37,16 @@ exec { 'libvirt-default-net-destroy':
before => Service['libvirt'],
}
+# When utilising images for deployment, we need to reset the iSCSI initiator name to make it unique
+exec { 'reset-iscsi-initiator-name':
+ command => '/bin/echo InitiatorName=$(/usr/sbin/iscsi-iname) > /etc/iscsi/initiatorname.iscsi',
+ onlyif => '/usr/bin/test ! -f /etc/iscsi/.initiator_reset',
+}->
+
+file { '/etc/iscsi/.initiator_reset':
+ ensure => present,
+}
+
include ::nova
include ::nova::config
include ::nova::compute
@@ -49,6 +59,7 @@ nova_config {
$rbd_ephemeral_storage = hiera('nova::compute::rbd::ephemeral_storage', false)
$rbd_persistent_storage = hiera('rbd_persistent_storage', false)
if $rbd_ephemeral_storage or $rbd_persistent_storage {
+ include ::ceph::conf
include ::ceph::profile::client
$client_keys = hiera('ceph::profile::params::client_keys')
@@ -78,6 +89,7 @@ if hiera('neutron::core_plugin') == 'midonet.neutron.plugin_v1.MidonetPluginV2'
}
include ::nova::network::neutron
include ::neutron
+include ::neutron::config
# If the value of core plugin is set to 'nuage',
# include nuage agent,
diff --git a/puppet/manifests/overcloud_controller.pp b/puppet/manifests/overcloud_controller.pp
index 2d22314d..e5fa752f 100644
--- a/puppet/manifests/overcloud_controller.pp
+++ b/puppet/manifests/overcloud_controller.pp
@@ -104,6 +104,7 @@ if hiera('step') >= 2 {
include ::keystone::db::mysql
include ::glance::db::mysql
include ::nova::db::mysql
+ include ::nova::db::mysql_api
include ::neutron::db::mysql
include ::cinder::db::mysql
include ::heat::db::mysql
@@ -141,6 +142,7 @@ if hiera('step') >= 2 {
class { '::ceph::profile::params':
mon_initial_members => downcase(hiera('ceph_mon_initial_members')),
}
+ include ::ceph::conf
include ::ceph::profile::mon
}
@@ -159,10 +161,12 @@ if hiera('step') >= 2 {
} -> Class['ceph::profile::osd']
}
+ include ::ceph::conf
include ::ceph::profile::osd
}
if str2bool(hiera('enable_external_ceph', false)) {
+ include ::ceph::conf
include ::ceph::profile::client
}
@@ -171,13 +175,13 @@ if hiera('step') >= 2 {
if hiera('step') >= 3 {
include ::keystone
+ include ::keystone::config
include ::keystone::roles::admin
include ::keystone::endpoint
+ include ::keystone::wsgi::apache
#TODO: need a cleanup-keystone-tokens.sh solution here
- keystone_config {
- 'ec2/driver': value => 'keystone.contrib.ec2.backends.sql.Ec2';
- }
+
file { [ '/etc/keystone/ssl', '/etc/keystone/ssl/certs', '/etc/keystone/ssl/private' ]:
ensure => 'directory',
owner => 'keystone',
@@ -218,6 +222,7 @@ if hiera('step') >= 3 {
# TODO: notifications, scrubber, etc.
include ::glance
+ include ::glance::config
class { '::glance::api':
known_stores => $glance_store,
}
@@ -247,7 +252,8 @@ if hiera('step') >= 3 {
if hiera('enable_zookeeper_on_controller') {
class {'::tripleo::cluster::zookeeper':
zookeeper_server_ips => $zookeeper_node_ips,
- zookeeper_client_ip => $ipaddress,
+ # TODO: create a 'bind' hiera key for zookeeper
+ zookeeper_client_ip => hiera('neutron::bind_host'),
zookeeper_hostnames => hiera('controller_node_names')
}
}
@@ -256,7 +262,8 @@ if hiera('step') >= 3 {
if hiera('enable_cassandra_on_controller') {
class {'::tripleo::cluster::cassandra':
cassandra_servers => $cassandra_node_ips,
- cassandra_ip => $ipaddress
+ # TODO: create a 'bind' hiera key for cassandra
+ cassandra_ip => hiera('neutron::bind_host'),
}
}
@@ -267,10 +274,11 @@ if hiera('step') >= 3 {
class {'::tripleo::network::midonet::api':
zookeeper_servers => $zookeeper_node_ips,
- vip => $ipaddress,
- keystone_ip => $ipaddress,
+ vip => hiera('tripleo::loadbalancer::public_virtual_ip'),
+ keystone_ip => hiera('tripleo::loadbalancer::public_virtual_ip'),
keystone_admin_token => hiera('keystone::admin_token'),
- bind_address => $ipaddress,
+ # TODO: create a 'bind' hiera key for api
+ bind_address => hiera('neutron::bind_host'),
admin_password => hiera('admin_password')
}
@@ -286,6 +294,7 @@ if hiera('step') >= 3 {
include ::neutron
}
+ include ::neutron::config
include ::neutron::server
include ::neutron::server::notifications
@@ -312,7 +321,7 @@ if hiera('step') >= 3 {
if hiera('neutron::core_plugin') == 'midonet.neutron.plugin_v1.MidonetPluginV2' {
class {'::neutron::plugins::midonet':
- midonet_api_ip => $ipaddress,
+ midonet_api_ip => hiera('tripleo::loadbalancer::public_virtual_ip'),
keystone_tenant => hiera('neutron::server::auth_tenant'),
keystone_password => hiera('neutron::server::auth_password')
}
@@ -362,6 +371,8 @@ if hiera('step') >= 3 {
}
include ::cinder
+ include ::cinder::config
+ include ::tripleo::ssl::cinder_config
include ::cinder::api
include ::cinder::glance
include ::cinder::scheduler
@@ -409,10 +420,6 @@ if hiera('step') >= 3 {
if hiera('cinder_enable_eqlx_backend', false) {
$cinder_eqlx_backend = hiera('cinder::backend::eqlx::volume_backend_name')
- cinder_config {
- "${cinder_eqlx_backend}/host": value => 'hostgroup';
- }
-
cinder::backend::eqlx { $cinder_eqlx_backend :
volume_backend_name => hiera('cinder::backend::eqlx::volume_backend_name', undef),
san_ip => hiera('cinder::backend::eqlx::san_ip', undef),
@@ -420,7 +427,7 @@ if hiera('step') >= 3 {
san_password => hiera('cinder::backend::eqlx::san_password', undef),
san_thin_provision => hiera('cinder::backend::eqlx::san_thin_provision', undef),
eqlx_group_name => hiera('cinder::backend::eqlx::eqlx_group_name', undef),
- eqlx_pool => hiera('cinder::backend::eqlx::eqlx_lpool', undef),
+ eqlx_pool => hiera('cinder::backend::eqlx::eqlx_pool', undef),
eqlx_use_chap => hiera('cinder::backend::eqlx::eqlx_use_chap', undef),
eqlx_chap_login => hiera('cinder::backend::eqlx::eqlx_chap_login', undef),
eqlx_chap_password => hiera('cinder::backend::eqlx::eqlx_san_password', undef),
@@ -430,10 +437,6 @@ if hiera('step') >= 3 {
if hiera('cinder_enable_dellsc_backend', false) {
$cinder_dellsc_backend = hiera('cinder::backend::dellsc_iscsi::volume_backend_name')
- cinder_config {
- "${cinder_dellsc_backend}/host": value => 'hostgroup';
- }
-
cinder::backend::dellsc_iscsi{ $cinder_dellsc_backend :
volume_backend_name => hiera('cinder::backend::dellsc_iscsi::volume_backend_name', undef),
san_ip => hiera('cinder::backend::dellsc_iscsi::san_ip', undef),
@@ -442,7 +445,7 @@ if hiera('step') >= 3 {
dell_sc_ssn => hiera('cinder::backend::dellsc_iscsi::dell_sc_ssn', undef),
iscsi_ip_address => hiera('cinder::backend::dellsc_iscsi::iscsi_ip_address', undef),
iscsi_port => hiera('cinder::backend::dellsc_iscsi::iscsi_port', undef),
- dell_sc_port => hiera('cinder::backend::dellsc_iscsi::dell_sc_port', undef),
+ dell_sc_api_port => hiera('cinder::backend::dellsc_iscsi::dell_sc_api_port', undef),
dell_sc_server_folder => hiera('cinder::backend::dellsc_iscsi::dell_sc_server_folder', undef),
dell_sc_volume_folder => hiera('cinder::backend::dellsc_iscsi::dell_sc_volume_folder', undef),
}
@@ -451,10 +454,6 @@ if hiera('step') >= 3 {
if hiera('cinder_enable_netapp_backend', false) {
$cinder_netapp_backend = hiera('cinder::backend::netapp::title')
- cinder_config {
- "${cinder_netapp_backend}/host": value => 'hostgroup';
- }
-
if hiera('cinder::backend::netapp::nfs_shares', undef) {
$cinder_netapp_nfs_shares = split(hiera('cinder::backend::netapp::nfs_shares', undef), ',')
}
@@ -564,6 +563,7 @@ if hiera('step') >= 3 {
# Heat
include ::heat
+ include ::heat::config
include ::heat::api
include ::heat::api_cfn
include ::heat::api_cloudwatch
diff --git a/puppet/manifests/overcloud_controller_pacemaker.pp b/puppet/manifests/overcloud_controller_pacemaker.pp
index fb1e87f7..613c1293 100644
--- a/puppet/manifests/overcloud_controller_pacemaker.pp
+++ b/puppet/manifests/overcloud_controller_pacemaker.pp
@@ -163,7 +163,6 @@ if hiera('step') >= 1 {
'wsrep_auto_increment_control' => '1',
'wsrep_drupal_282555_workaround'=> '0',
'wsrep_causal_reads' => '0',
- 'wsrep_notify_cmd' => '',
'wsrep_sst_method' => 'rsync',
'wsrep_provider_options' => "gmcast.listen_addr=tcp://[${mysql_bind_host}]:4567;",
},
@@ -436,6 +435,9 @@ MYSQL_HOST=localhost\n",
class { '::nova::db::mysql':
require => Exec['galera-ready'],
}
+ class { '::nova::db::mysql_api':
+ require => Exec['galera-ready'],
+ }
class { '::neutron::db::mysql':
require => Exec['galera-ready'],
}
@@ -467,6 +469,7 @@ MYSQL_HOST=localhost\n",
class { '::ceph::profile::params':
mon_initial_members => downcase(hiera('ceph_mon_initial_members')),
}
+ include ::ceph::conf
include ::ceph::profile::mon
}
@@ -485,10 +488,12 @@ MYSQL_HOST=localhost\n",
} -> Class['ceph::profile::osd']
}
+ include ::ceph::conf
include ::ceph::profile::osd
}
if str2bool(hiera('enable_external_ceph', false)) {
+ include ::ceph::conf
include ::ceph::profile::client
}
@@ -502,11 +507,10 @@ if hiera('step') >= 3 {
manage_service => false,
enabled => false,
}
+ include ::keystone::config
#TODO: need a cleanup-keystone-tokens.sh solution here
- keystone_config {
- 'ec2/driver': value => 'keystone.contrib.ec2.backends.sql.Ec2';
- }
+
file { [ '/etc/keystone/ssl', '/etc/keystone/ssl/certs', '/etc/keystone/ssl/private' ]:
ensure => 'directory',
owner => 'keystone',
@@ -558,6 +562,7 @@ if hiera('step') >= 3 {
# TODO: notifications, scrubber, etc.
include ::glance
+ include ::glance::config
class { '::glance::api':
known_stores => $glance_store,
manage_service => false,
@@ -578,6 +583,7 @@ if hiera('step') >= 3 {
class { '::nova::api' :
sync_db => $sync_db,
+ sync_db_api => $sync_db,
manage_service => false,
enabled => false,
}
@@ -614,8 +620,9 @@ if hiera('step') >= 3 {
if hiera('enable_zookeeper_on_controller') {
class {'::tripleo::cluster::zookeeper':
zookeeper_server_ips => $zookeeper_node_ips,
- zookeeper_client_ip => $ipaddress,
- zookeeper_hostnames => hiera('controller_node_names')
+ # TODO: create a 'bind' hiera key for zookeeper
+ zookeeper_client_ip => hiera('neutron::bind_host'),
+ zookeeper_hostnames => split(hiera('controller_node_names'), ',')
}
}
@@ -623,7 +630,8 @@ if hiera('step') >= 3 {
if hiera('enable_cassandra_on_controller') {
class {'::tripleo::cluster::cassandra':
cassandra_servers => $cassandra_node_ips,
- cassandra_ip => $ipaddress
+ # TODO: create a 'bind' hiera key for cassandra
+ cassandra_ip => hiera('neutron::bind_host'),
}
}
@@ -633,11 +641,12 @@ if hiera('step') >= 3 {
}
class {'::tripleo::network::midonet::api':
- zookeeper_servers => hiera('neutron_api_node_ips'),
- vip => $public_vip,
- keystone_ip => $public_vip,
+ zookeeper_servers => $zookeeper_node_ips,
+ vip => hiera('tripleo::loadbalancer::public_virtual_ip'),
+ keystone_ip => hiera('tripleo::loadbalancer::public_virtual_ip'),
keystone_admin_token => hiera('keystone::admin_token'),
- bind_address => $ipaddress,
+ # TODO: create a 'bind' hiera key for api
+ bind_address => hiera('neutron::bind_host'),
admin_password => hiera('admin_password')
}
@@ -652,6 +661,7 @@ if hiera('step') >= 3 {
include ::neutron
}
+ include ::neutron::config
class { '::neutron::server' :
sync_db => $sync_db,
manage_service => false,
@@ -663,7 +673,7 @@ if hiera('step') >= 3 {
}
if hiera('neutron::core_plugin') == 'midonet.neutron.plugin_v1.MidonetPluginV2' {
class {'::neutron::plugins::midonet':
- midonet_api_ip => $public_vip,
+ midonet_api_ip => hiera('tripleo::loadbalancer::public_virtual_ip'),
keystone_tenant => hiera('neutron::server::auth_tenant'),
keystone_password => hiera('neutron::server::auth_password')
}
@@ -731,6 +741,8 @@ if hiera('step') >= 3 {
}
include ::cinder
+ include ::cinder::config
+ include ::tripleo::ssl::cinder_config
class { '::cinder::api':
sync_db => $sync_db,
manage_service => false,
@@ -788,10 +800,6 @@ if hiera('step') >= 3 {
if hiera('cinder_enable_eqlx_backend', false) {
$cinder_eqlx_backend = hiera('cinder::backend::eqlx::volume_backend_name')
- cinder_config {
- "${cinder_eqlx_backend}/host": value => 'hostgroup';
- }
-
cinder::backend::eqlx { $cinder_eqlx_backend :
volume_backend_name => hiera('cinder::backend::eqlx::volume_backend_name', undef),
san_ip => hiera('cinder::backend::eqlx::san_ip', undef),
@@ -799,7 +807,7 @@ if hiera('step') >= 3 {
san_password => hiera('cinder::backend::eqlx::san_password', undef),
san_thin_provision => hiera('cinder::backend::eqlx::san_thin_provision', undef),
eqlx_group_name => hiera('cinder::backend::eqlx::eqlx_group_name', undef),
- eqlx_pool => hiera('cinder::backend::eqlx::eqlx_lpool', undef),
+ eqlx_pool => hiera('cinder::backend::eqlx::eqlx_pool', undef),
eqlx_use_chap => hiera('cinder::backend::eqlx::eqlx_use_chap', undef),
eqlx_chap_login => hiera('cinder::backend::eqlx::eqlx_chap_login', undef),
eqlx_chap_password => hiera('cinder::backend::eqlx::eqlx_san_password', undef),
@@ -809,10 +817,6 @@ if hiera('step') >= 3 {
if hiera('cinder_enable_dellsc_backend', false) {
$cinder_dellsc_backend = hiera('cinder::backend::dellsc_iscsi::volume_backend_name')
- cinder_config {
- "${cinder_dellsc_backend}/host": value => 'hostgroup';
- }
-
cinder::backend::dellsc_iscsi{ $cinder_dellsc_backend :
volume_backend_name => hiera('cinder::backend::dellsc_iscsi::volume_backend_name', undef),
san_ip => hiera('cinder::backend::dellsc_iscsi::san_ip', undef),
@@ -821,7 +825,7 @@ if hiera('step') >= 3 {
dell_sc_ssn => hiera('cinder::backend::dellsc_iscsi::dell_sc_ssn', undef),
iscsi_ip_address => hiera('cinder::backend::dellsc_iscsi::iscsi_ip_address', undef),
iscsi_port => hiera('cinder::backend::dellsc_iscsi::iscsi_port', undef),
- dell_sc_port => hiera('cinder::backend::dellsc_iscsi::dell_sc_port', undef),
+ dell_sc_api_port => hiera('cinder::backend::dellsc_iscsi::dell_sc_api_port', undef),
dell_sc_server_folder => hiera('cinder::backend::dellsc_iscsi::dell_sc_server_folder', undef),
dell_sc_volume_folder => hiera('cinder::backend::dellsc_iscsi::dell_sc_volume_folder', undef),
}
@@ -830,10 +834,6 @@ if hiera('step') >= 3 {
if hiera('cinder_enable_netapp_backend', false) {
$cinder_netapp_backend = hiera('cinder::backend::netapp::title')
- cinder_config {
- "${cinder_netapp_backend}/host": value => 'hostgroup';
- }
-
if hiera('cinder::backend::netapp::nfs_shares', undef) {
$cinder_netapp_nfs_shares = split(hiera('cinder::backend::netapp::nfs_shares', undef), ',')
}
@@ -981,6 +981,7 @@ if hiera('step') >= 3 {
Cron <| title == 'ceilometer-expirer' |> { command => "sleep $((\$(od -A n -t d -N 3 /dev/urandom) % 86400)) && ${::ceilometer::params::expirer_command}" }
# Heat
+ include ::heat::config
class { '::heat' :
sync_db => $sync_db,
}
@@ -1007,6 +1008,7 @@ if hiera('step') >= 3 {
service_enable => false,
# service_manage => false, # <-- not supported with horizon&apache mod_wsgi?
}
+ include ::keystone::wsgi::apache
include ::apache::mod::status
if 'cisco_n1kv' in hiera('neutron::plugins::ml2::mechanism_drivers') {
$_profile_support = 'cisco'
@@ -1050,57 +1052,49 @@ if hiera('step') >= 4 {
if $pacemaker_master {
- # Keystone
- pacemaker::resource::service { $::keystone::params::service_name :
- clone_params => 'interleave=true',
- verify_on_create => true,
- require => [File['/etc/keystone/ssl/certs/ca.pem'],
- File['/etc/keystone/ssl/private/signing_key.pem'],
- File['/etc/keystone/ssl/certs/signing_cert.pem']],
- }
if $enable_load_balancer {
pacemaker::constraint::base { 'haproxy-then-keystone-constraint':
constraint_type => 'order',
first_resource => 'haproxy-clone',
- second_resource => "${::keystone::params::service_name}-clone",
+ second_resource => "${::apache::params::service_name}-clone",
first_action => 'start',
second_action => 'start',
require => [Pacemaker::Resource::Service['haproxy'],
- Pacemaker::Resource::Service[$::keystone::params::service_name]],
+ Pacemaker::Resource::Service[$::apache::params::service_name]],
}
}
pacemaker::constraint::base { 'rabbitmq-then-keystone-constraint':
constraint_type => 'order',
first_resource => 'rabbitmq-clone',
- second_resource => "${::keystone::params::service_name}-clone",
+ second_resource => "${::apache::params::service_name}-clone",
first_action => 'start',
second_action => 'start',
require => [Pacemaker::Resource::Ocf['rabbitmq'],
- Pacemaker::Resource::Service[$::keystone::params::service_name]],
+ Pacemaker::Resource::Service[$::apache::params::service_name]],
}
pacemaker::constraint::base { 'memcached-then-keystone-constraint':
constraint_type => 'order',
first_resource => 'memcached-clone',
- second_resource => "${::keystone::params::service_name}-clone",
+ second_resource => "${::apache::params::service_name}-clone",
first_action => 'start',
second_action => 'start',
require => [Pacemaker::Resource::Service['memcached'],
- Pacemaker::Resource::Service[$::keystone::params::service_name]],
+ Pacemaker::Resource::Service[$::apache::params::service_name]],
}
pacemaker::constraint::base { 'galera-then-keystone-constraint':
constraint_type => 'order',
first_resource => 'galera-master',
- second_resource => "${::keystone::params::service_name}-clone",
+ second_resource => "${::apache::params::service_name}-clone",
first_action => 'promote',
second_action => 'start',
require => [Pacemaker::Resource::Ocf['galera'],
- Pacemaker::Resource::Service[$::keystone::params::service_name]],
+ Pacemaker::Resource::Service[$::apache::params::service_name]],
}
# Cinder
pacemaker::resource::service { $::cinder::params::api_service :
clone_params => 'interleave=true',
- require => Pacemaker::Resource::Service[$::keystone::params::service_name],
+ require => Pacemaker::Resource::Service[$::apache::params::service_name],
}
pacemaker::resource::service { $::cinder::params::scheduler_service :
clone_params => 'interleave=true',
@@ -1109,12 +1103,12 @@ if hiera('step') >= 4 {
pacemaker::constraint::base { 'keystone-then-cinder-api-constraint':
constraint_type => 'order',
- first_resource => "${::keystone::params::service_name}-clone",
+ first_resource => "${::apache::params::service_name}-clone",
second_resource => "${::cinder::params::api_service}-clone",
first_action => 'start',
second_action => 'start',
require => [Pacemaker::Resource::Service[$::cinder::params::api_service],
- Pacemaker::Resource::Service[$::keystone::params::service_name]],
+ Pacemaker::Resource::Service[$::apache::params::service_name]],
}
pacemaker::constraint::base { 'cinder-api-then-cinder-scheduler-constraint':
constraint_type => 'order',
@@ -1152,25 +1146,25 @@ if hiera('step') >= 4 {
# Sahara
pacemaker::resource::service { $::sahara::params::api_service_name :
clone_params => 'interleave=true',
- require => Pacemaker::Resource::Service[$::keystone::params::service_name],
+ require => Pacemaker::Resource::Service[$::apache::params::service_name],
}
pacemaker::resource::service { $::sahara::params::engine_service_name :
clone_params => 'interleave=true',
}
pacemaker::constraint::base { 'keystone-then-sahara-api-constraint':
constraint_type => 'order',
- first_resource => "${::keystone::params::service_name}-clone",
+ first_resource => "${::apache::params::service_name}-clone",
second_resource => "${::sahara::params::api_service_name}-clone",
first_action => 'start',
second_action => 'start',
require => [Pacemaker::Resource::Service[$::sahara::params::api_service_name],
- Pacemaker::Resource::Service[$::keystone::params::service_name]],
+ Pacemaker::Resource::Service[$::apache::params::service_name]],
}
# Glance
pacemaker::resource::service { $::glance::params::registry_service_name :
clone_params => 'interleave=true',
- require => Pacemaker::Resource::Service[$::keystone::params::service_name],
+ require => Pacemaker::Resource::Service[$::apache::params::service_name],
}
pacemaker::resource::service { $::glance::params::api_service_name :
clone_params => 'interleave=true',
@@ -1178,12 +1172,12 @@ if hiera('step') >= 4 {
pacemaker::constraint::base { 'keystone-then-glance-registry-constraint':
constraint_type => 'order',
- first_resource => "${::keystone::params::service_name}-clone",
+ first_resource => "${::apache::params::service_name}-clone",
second_resource => "${::glance::params::registry_service_name}-clone",
first_action => 'start',
second_action => 'start',
require => [Pacemaker::Resource::Service[$::glance::params::registry_service_name],
- Pacemaker::Resource::Service[$::keystone::params::service_name]],
+ Pacemaker::Resource::Service[$::apache::params::service_name]],
}
pacemaker::constraint::base { 'glance-registry-then-glance-api-constraint':
constraint_type => 'order',
@@ -1221,12 +1215,12 @@ if hiera('step') >= 4 {
} ->
pacemaker::resource::service { $::neutron::params::server_service:
clone_params => 'interleave=true',
- require => Pacemaker::Resource::Service[$::keystone::params::service_name]
+ require => Pacemaker::Resource::Service[$::apache::params::service_name]
}
} else {
pacemaker::resource::service { $::neutron::params::server_service:
clone_params => 'interleave=true',
- require => Pacemaker::Resource::Service[$::keystone::params::service_name]
+ require => Pacemaker::Resource::Service[$::apache::params::service_name]
}
}
if hiera('neutron::enable_l3_agent', true) {
@@ -1298,28 +1292,16 @@ if hiera('step') >= 4 {
Pacemaker::Resource::Service[$::neutron::params::ovs_agent_service]],
}
}
-
pacemaker::constraint::base { 'keystone-to-neutron-server-constraint':
- constraint_type => 'order',
- first_resource => "${::keystone::params::service_name}-clone",
- second_resource => "${::neutron::params::server_service}-clone",
- first_action => 'start',
- second_action => 'start',
- require => [Pacemaker::Resource::Service[$::keystone::params::service_name],
- Pacemaker::Resource::Service[$::neutron::params::server_service]],
- }
- if hiera('neutron::enable_ovs_agent',true) {
- pacemaker::constraint::base { 'neutron-server-to-openvswitch-agent-constraint':
- constraint_type => 'order',
- first_resource => "${::neutron::params::server_service}-clone",
- second_resource => "${::neutron::params::ovs_agent_service}-clone",
+ constraint_type => 'order',
+ first_resource => "${::apache::params::service_name}-clone",
+ second_resource => "${::neutron::params::server_service}-clone",
first_action => 'start',
second_action => 'start',
- require => [Pacemaker::Resource::Service[$::neutron::params::server_service],
- Pacemaker::Resource::Service[$::neutron::params::ovs_agent_service]],
+ require => [Pacemaker::Resource::Service[$::apache::params::service_name],
+ Pacemaker::Resource::Service[$::neutron::params::server_service]],
}
- }
- if hiera('neutron::enable_dhcp_agent',true) and hiera('neutron::enable_ovs_agent',true) {
+ if hiera('neutron::enable_ovs_agent',true) {
pacemaker::constraint::base { 'neutron-openvswitch-agent-to-dhcp-agent-constraint':
constraint_type => 'order',
first_resource => "${::neutron::params::ovs_agent_service}-clone",
@@ -1328,8 +1310,19 @@ if hiera('step') >= 4 {
second_action => 'start',
require => [Pacemaker::Resource::Service[$::neutron::params::ovs_agent_service],
Pacemaker::Resource::Service[$::neutron::params::dhcp_agent_service]],
-
}
+ }
+ if hiera('neutron::enable_dhcp_agent',true) and hiera('neutron::enable_ovs_agent',true) {
+ pacemaker::constraint::base { 'neutron-server-to-openvswitch-agent-constraint':
+ constraint_type => 'order',
+ first_resource => "${::neutron::params::server_service}-clone",
+ second_resource => "${::neutron::params::ovs_agent_service}-clone",
+ first_action => 'start',
+ second_action => 'start',
+ require => [Pacemaker::Resource::Service[$::neutron::params::server_service],
+ Pacemaker::Resource::Service[$::neutron::params::ovs_agent_service]],
+ }
+
pacemaker::constraint::colocation { 'neutron-openvswitch-agent-to-dhcp-agent-colocation':
source => "${::neutron::params::dhcp_agent_service}-clone",
target => "${::neutron::params::ovs_agent_service}-clone",
@@ -1415,34 +1408,29 @@ if hiera('step') >= 4 {
# Nova
pacemaker::resource::service { $::nova::params::api_service_name :
clone_params => 'interleave=true',
- op_params => 'start timeout=200s stop timeout=200s monitor start-delay=10s',
}
pacemaker::resource::service { $::nova::params::conductor_service_name :
clone_params => 'interleave=true',
- op_params => 'start timeout=200s stop timeout=200s monitor start-delay=10s',
}
pacemaker::resource::service { $::nova::params::consoleauth_service_name :
clone_params => 'interleave=true',
- op_params => 'start timeout=200s stop timeout=200s monitor start-delay=10s',
- require => Pacemaker::Resource::Service[$::keystone::params::service_name],
+ require => Pacemaker::Resource::Service[$::apache::params::service_name],
}
pacemaker::resource::service { $::nova::params::vncproxy_service_name :
clone_params => 'interleave=true',
- op_params => 'start timeout=200s stop timeout=200s monitor start-delay=10s',
}
pacemaker::resource::service { $::nova::params::scheduler_service_name :
clone_params => 'interleave=true',
- op_params => 'start timeout=200s stop timeout=200s monitor start-delay=10s',
}
pacemaker::constraint::base { 'keystone-then-nova-consoleauth-constraint':
constraint_type => 'order',
- first_resource => "${::keystone::params::service_name}-clone",
+ first_resource => "${::apache::params::service_name}-clone",
second_resource => "${::nova::params::consoleauth_service_name}-clone",
first_action => 'start',
second_action => 'start',
require => [Pacemaker::Resource::Service[$::nova::params::consoleauth_service_name],
- Pacemaker::Resource::Service[$::keystone::params::service_name]],
+ Pacemaker::Resource::Service[$::apache::params::service_name]],
}
pacemaker::constraint::base { 'nova-consoleauth-then-nova-vncproxy-constraint':
constraint_type => 'order',
@@ -1514,14 +1502,14 @@ if hiera('step') >= 4 {
/mysql/: {
pacemaker::resource::service { $::ceilometer::params::agent_central_service_name :
clone_params => 'interleave=true',
- require => Pacemaker::Resource::Service[$::keystone::params::service_name],
+ require => Pacemaker::Resource::Service[$::apache::params::service_name],
}
}
default: {
pacemaker::resource::service { $::ceilometer::params::agent_central_service_name :
clone_params => 'interleave=true',
- require => [Pacemaker::Resource::Service[$::keystone::params::service_name],
- Pacemaker::Resource::Service[$::mongodb::params::service_name]],
+ require => [Pacemaker::Resource::Service[$::apache::params::service_name],
+ Pacemaker::Resource::Service[$::mongodb::params::service_name]],
}
}
}
@@ -1557,12 +1545,12 @@ if hiera('step') >= 4 {
}
pacemaker::constraint::base { 'keystone-then-ceilometer-central-constraint':
constraint_type => 'order',
- first_resource => "${::keystone::params::service_name}-clone",
+ first_resource => "${::apache::params::service_name}-clone",
second_resource => "${::ceilometer::params::agent_central_service_name}-clone",
first_action => 'start',
second_action => 'start',
require => [Pacemaker::Resource::Service[$::ceilometer::params::agent_central_service_name],
- Pacemaker::Resource::Service[$::keystone::params::service_name]],
+ Pacemaker::Resource::Service[$::apache::params::service_name]],
}
pacemaker::constraint::base { 'ceilometer-central-then-ceilometer-collector-constraint':
constraint_type => 'order',
@@ -1632,12 +1620,12 @@ if hiera('step') >= 4 {
}
pacemaker::constraint::base { 'keystone-then-heat-api-constraint':
constraint_type => 'order',
- first_resource => "${::keystone::params::service_name}-clone",
+ first_resource => "${::apache::params::service_name}-clone",
second_resource => "${::heat::params::api_service_name}-clone",
first_action => 'start',
second_action => 'start',
require => [Pacemaker::Resource::Service[$::heat::params::api_service_name],
- Pacemaker::Resource::Service[$::keystone::params::service_name]],
+ Pacemaker::Resource::Service[$::apache::params::service_name]],
}
pacemaker::constraint::base { 'heat-api-then-heat-api-cfn-constraint':
constraint_type => 'order',
@@ -1697,9 +1685,13 @@ if hiera('step') >= 4 {
Pacemaker::Resource::Service[$::ceilometer::params::agent_notification_service_name]],
}
- # Horizon
- pacemaker::resource::service { $::horizon::params::http_service:
- clone_params => 'interleave=true',
+ # Horizon and Keystone
+ pacemaker::resource::service { $::apache::params::service_name:
+ clone_params => 'interleave=true',
+ verify_on_create => true,
+ require => [File['/etc/keystone/ssl/certs/ca.pem'],
+ File['/etc/keystone/ssl/private/signing_key.pem'],
+ File['/etc/keystone/ssl/certs/signing_cert.pem']],
}
#VSM
@@ -1736,12 +1728,11 @@ if hiera('step') >= 5 {
if $pacemaker_master {
class {'::keystone::roles::admin' :
- require => Pacemaker::Resource::Service[$::keystone::params::service_name],
+ require => Pacemaker::Resource::Service[$::apache::params::service_name],
} ->
class {'::keystone::endpoint' :
- require => Pacemaker::Resource::Service[$::keystone::params::service_name],
+ require => Pacemaker::Resource::Service[$::apache::params::service_name],
}
-
}
} #END STEP 5
diff --git a/puppet/swift-storage-post.yaml b/puppet/swift-storage-post.yaml
index d22f5386..a55b3959 100644
--- a/puppet/swift-storage-post.yaml
+++ b/puppet/swift-storage-post.yaml
@@ -29,6 +29,7 @@ resources:
StorageDeployment_Step1:
type: OS::Heat::StructuredDeployments
properties:
+ name: StorageDeployment_Step1
servers: {get_param: servers}
config: {get_resource: StoragePuppetConfig}
input_values:
@@ -49,6 +50,7 @@ resources:
type: OS::Heat::StructuredDeployments
depends_on: StorageDeployment_Step1
properties:
+ name: StorageRingbuilderDeployment_Step2
servers: {get_param: servers}
config: {get_resource: StorageRingbuilderPuppetConfig}
input_values:
diff --git a/puppet/swift-storage.yaml b/puppet/swift-storage.yaml
index 10c87493..142e47cc 100644
--- a/puppet/swift-storage.yaml
+++ b/puppet/swift-storage.yaml
@@ -200,6 +200,7 @@ resources:
NetworkDeployment:
type: OS::TripleO::SoftwareDeployment
properties:
+ name: NetworkDeployment
config: {get_resource: NetworkConfig}
server: {get_resource: SwiftStorage}
actions: {get_param: NetworkDeploymentActions}
@@ -252,6 +253,7 @@ resources:
type: OS::Heat::StructuredDeployment
depends_on: NetworkDeployment
properties:
+ name: SwiftStorageHieraDeploy
server: {get_resource: SwiftStorage}
config: {get_resource: SwiftStorageHieraConfig}
input_values:
diff --git a/puppet/vip-config.yaml b/puppet/vip-config.yaml
index c49a1047..5e2f698f 100644
--- a/puppet/vip-config.yaml
+++ b/puppet/vip-config.yaml
@@ -16,6 +16,8 @@ resources:
keystone_admin_api_vip: {get_input: keystone_admin_api_vip}
keystone_public_api_vip: {get_input: keystone_public_api_vip}
neutron_api_vip: {get_input: neutron_api_vip}
+ # TODO: pass a `midonet_api_vip` var
+ midonet_api_vip: {get_input: neutron_api_vip}
cinder_api_vip: {get_input: cinder_api_vip}
glance_api_vip: {get_input: glance_api_vip}
glance_registry_vip: {get_input: glance_registry_vip}