summaryrefslogtreecommitdiffstats
path: root/puppet
diff options
context:
space:
mode:
Diffstat (limited to 'puppet')
-rw-r--r--puppet/all-nodes-config.yaml5
-rw-r--r--puppet/blockstorage-role.yaml64
-rw-r--r--puppet/cephstorage-role.yaml64
-rw-r--r--puppet/compute-role.yaml64
-rw-r--r--puppet/config.role.j2.yaml2
-rw-r--r--puppet/controller-config-pacemaker.yaml41
-rw-r--r--puppet/controller-role.yaml63
-rw-r--r--puppet/deploy-artifacts.yaml2
-rw-r--r--puppet/extraconfig/all_nodes/neutron-midonet-all-nodes.yaml2
-rw-r--r--puppet/extraconfig/all_nodes/neutron-ml2-cisco-nexus-ucsm.yaml2
-rw-r--r--puppet/extraconfig/pre_deploy/compute/neutron-ml2-bigswitch.yaml2
-rw-r--r--puppet/extraconfig/pre_deploy/compute/neutron-opencontrail.yaml2
-rw-r--r--puppet/extraconfig/pre_deploy/compute/nova-nuage.yaml2
-rw-r--r--puppet/extraconfig/pre_deploy/controller/cinder-dellsc.yaml2
-rw-r--r--puppet/extraconfig/pre_deploy/controller/cinder-eqlx.yaml2
-rw-r--r--puppet/extraconfig/pre_deploy/controller/cinder-netapp.yaml2
-rw-r--r--puppet/extraconfig/pre_deploy/controller/multiple.yaml2
-rw-r--r--puppet/extraconfig/pre_deploy/controller/neutron-ml2-bigswitch.yaml2
-rw-r--r--puppet/extraconfig/pre_deploy/controller/neutron-ml2-cisco-n1kv.yaml2
-rw-r--r--puppet/extraconfig/pre_deploy/default.yaml2
-rw-r--r--puppet/extraconfig/pre_deploy/per_node.yaml2
-rw-r--r--puppet/extraconfig/tls/ca-inject.yaml2
-rw-r--r--puppet/extraconfig/tls/freeipa-enroll.yaml83
-rw-r--r--puppet/extraconfig/tls/tls-cert-inject.yaml2
-rw-r--r--puppet/major_upgrade_steps.j2.yaml38
-rw-r--r--puppet/manifests/overcloud_controller_pacemaker.pp21
-rw-r--r--puppet/manifests/overcloud_role.pp4
-rw-r--r--puppet/objectstorage-role.yaml68
-rw-r--r--puppet/post.j2.yaml2
-rw-r--r--puppet/role.role.j2.yaml72
-rw-r--r--puppet/services/README.rst14
-rw-r--r--puppet/services/aodh-api.yaml3
-rw-r--r--puppet/services/aodh-base.yaml4
-rw-r--r--puppet/services/aodh-evaluator.yaml2
-rw-r--r--puppet/services/aodh-listener.yaml2
-rw-r--r--puppet/services/aodh-notifier.yaml2
-rw-r--r--puppet/services/apache-internal-tls-certmonger.yaml2
-rw-r--r--puppet/services/apache.yaml2
-rw-r--r--puppet/services/barbican-api.yaml4
-rw-r--r--puppet/services/ca-certs.yaml2
-rw-r--r--puppet/services/ceilometer-agent-central.yaml2
-rw-r--r--puppet/services/ceilometer-agent-compute.yaml2
-rw-r--r--puppet/services/ceilometer-agent-notification.yaml2
-rw-r--r--puppet/services/ceilometer-api.yaml2
-rw-r--r--puppet/services/ceilometer-base.yaml14
-rw-r--r--puppet/services/ceilometer-collector.yaml2
-rw-r--r--puppet/services/ceilometer-expirer.yaml2
-rw-r--r--puppet/services/ceph-base.yaml2
-rw-r--r--puppet/services/ceph-client.yaml2
-rw-r--r--puppet/services/ceph-external.yaml9
-rw-r--r--puppet/services/ceph-mds.yaml (renamed from puppet/services/pacemaker/gnocchi-api.yaml)30
-rw-r--r--puppet/services/ceph-mon.yaml10
-rw-r--r--puppet/services/ceph-osd.yaml2
-rw-r--r--puppet/services/ceph-rgw.yaml2
-rw-r--r--puppet/services/cinder-api.yaml18
-rw-r--r--puppet/services/cinder-backup.yaml2
-rw-r--r--puppet/services/cinder-base.yaml4
-rw-r--r--puppet/services/cinder-hpelefthand-iscsi.yaml56
-rw-r--r--puppet/services/cinder-scheduler.yaml9
-rw-r--r--puppet/services/cinder-volume.yaml13
-rw-r--r--puppet/services/database/mongodb-base.yaml2
-rw-r--r--puppet/services/database/mongodb.yaml2
-rw-r--r--puppet/services/database/mysql-internal-tls-certmonger.yaml2
-rw-r--r--puppet/services/database/mysql.yaml7
-rw-r--r--puppet/services/database/redis-base.yaml2
-rw-r--r--puppet/services/database/redis.yaml2
-rw-r--r--puppet/services/glance-api.yaml22
-rw-r--r--puppet/services/glance-base.yaml4
-rw-r--r--puppet/services/glance-registry.yaml100
-rw-r--r--puppet/services/gnocchi-api.yaml3
-rw-r--r--puppet/services/gnocchi-base.yaml4
-rw-r--r--puppet/services/gnocchi-metricd.yaml2
-rw-r--r--puppet/services/gnocchi-statsd.yaml2
-rw-r--r--puppet/services/haproxy-internal-tls-certmonger.yaml2
-rw-r--r--puppet/services/haproxy-public-tls-certmonger.yaml2
-rw-r--r--puppet/services/haproxy.yaml2
-rw-r--r--puppet/services/heat-api-cfn.yaml10
-rw-r--r--puppet/services/heat-api-cloudwatch.yaml9
-rw-r--r--puppet/services/heat-api.yaml9
-rw-r--r--puppet/services/heat-base.yaml5
-rw-r--r--puppet/services/heat-engine.yaml43
-rw-r--r--puppet/services/horizon.yaml4
-rw-r--r--puppet/services/ironic-api.yaml2
-rw-r--r--puppet/services/ironic-base.yaml4
-rw-r--r--puppet/services/ironic-conductor.yaml2
-rw-r--r--puppet/services/keepalived.yaml2
-rw-r--r--puppet/services/kernel.yaml2
-rw-r--r--puppet/services/keystone.yaml4
-rw-r--r--puppet/services/logging/fluentd-base.yaml2
-rw-r--r--puppet/services/logging/fluentd-client.yaml2
-rw-r--r--puppet/services/logging/fluentd-config.yaml2
-rw-r--r--puppet/services/manila-api.yaml2
-rw-r--r--puppet/services/manila-backend-cephfs.yaml20
-rw-r--r--puppet/services/manila-backend-generic.yaml2
-rw-r--r--puppet/services/manila-backend-netapp.yaml2
-rw-r--r--puppet/services/manila-base.yaml4
-rw-r--r--puppet/services/manila-scheduler.yaml2
-rw-r--r--puppet/services/manila-share.yaml2
-rw-r--r--puppet/services/memcached.yaml2
-rw-r--r--puppet/services/mistral-api.yaml2
-rw-r--r--puppet/services/mistral-base.yaml4
-rw-r--r--puppet/services/mistral-engine.yaml2
-rw-r--r--puppet/services/mistral-executor.yaml2
-rw-r--r--puppet/services/monitoring/sensu-base.yaml2
-rw-r--r--puppet/services/monitoring/sensu-client.yaml2
-rw-r--r--puppet/services/network/contrail-analytics.yaml2
-rw-r--r--puppet/services/network/contrail-base.yaml2
-rw-r--r--puppet/services/network/contrail-config.yaml2
-rw-r--r--puppet/services/network/contrail-control.yaml2
-rw-r--r--puppet/services/network/contrail-database.yaml2
-rw-r--r--puppet/services/network/contrail-webui.yaml2
-rw-r--r--puppet/services/neutron-api.yaml15
-rw-r--r--puppet/services/neutron-base.yaml2
-rw-r--r--puppet/services/neutron-compute-plugin-midonet.yaml2
-rw-r--r--puppet/services/neutron-compute-plugin-nuage.yaml2
-rw-r--r--puppet/services/neutron-compute-plugin-opencontrail.yaml2
-rw-r--r--puppet/services/neutron-compute-plugin-ovn.yaml2
-rw-r--r--puppet/services/neutron-compute-plugin-plumgrid.yaml2
-rw-r--r--puppet/services/neutron-dhcp.yaml9
-rw-r--r--puppet/services/neutron-l3-compute-dvr.yaml2
-rw-r--r--puppet/services/neutron-l3.yaml14
-rw-r--r--puppet/services/neutron-metadata.yaml9
-rw-r--r--puppet/services/neutron-midonet.yaml2
-rw-r--r--puppet/services/neutron-ovs-agent.yaml19
-rw-r--r--puppet/services/neutron-ovs-dpdk-agent.yaml2
-rw-r--r--puppet/services/neutron-plugin-ml2-fujitsu-cfab.yaml73
-rw-r--r--puppet/services/neutron-plugin-ml2-ovn.yaml13
-rw-r--r--puppet/services/neutron-plugin-ml2.yaml2
-rw-r--r--puppet/services/neutron-plugin-nuage.yaml2
-rw-r--r--puppet/services/neutron-plugin-opencontrail.yaml2
-rw-r--r--puppet/services/neutron-plugin-plumgrid.yaml4
-rw-r--r--puppet/services/neutron-sriov-agent.yaml7
-rw-r--r--puppet/services/nova-api.yaml48
-rw-r--r--puppet/services/nova-base.yaml23
-rw-r--r--puppet/services/nova-compute.yaml2
-rw-r--r--puppet/services/nova-conductor.yaml2
-rw-r--r--puppet/services/nova-consoleauth.yaml2
-rw-r--r--puppet/services/nova-ironic.yaml2
-rw-r--r--puppet/services/nova-libvirt.yaml14
-rw-r--r--puppet/services/nova-metadata.yaml2
-rw-r--r--puppet/services/nova-placement.yaml124
-rw-r--r--puppet/services/nova-scheduler.yaml2
-rw-r--r--puppet/services/nova-vnc-proxy.yaml2
-rw-r--r--puppet/services/opendaylight-api.yaml13
-rw-r--r--puppet/services/opendaylight-ovs.yaml13
-rw-r--r--puppet/services/ovn-dbs.yaml40
-rw-r--r--puppet/services/pacemaker.yaml2
-rw-r--r--puppet/services/pacemaker/ceilometer-agent-central.yaml45
-rw-r--r--puppet/services/pacemaker/ceilometer-agent-notification.yaml45
-rw-r--r--puppet/services/pacemaker/ceilometer-api.yaml45
-rw-r--r--puppet/services/pacemaker/ceilometer-collector.yaml45
-rw-r--r--puppet/services/pacemaker/cinder-api.yaml45
-rw-r--r--puppet/services/pacemaker/cinder-backup.yaml2
-rw-r--r--puppet/services/pacemaker/cinder-scheduler.yaml45
-rw-r--r--puppet/services/pacemaker/cinder-volume.yaml2
-rw-r--r--puppet/services/pacemaker/core.yaml29
-rw-r--r--puppet/services/pacemaker/database/mongodb.yaml42
-rw-r--r--puppet/services/pacemaker/database/mysql.yaml6
-rw-r--r--puppet/services/pacemaker/database/redis.yaml2
-rw-r--r--puppet/services/pacemaker/glance-api.yaml74
-rw-r--r--puppet/services/pacemaker/glance-registry.yaml47
-rw-r--r--puppet/services/pacemaker/gnocchi-metricd.yaml47
-rw-r--r--puppet/services/pacemaker/gnocchi-statsd.yaml46
-rw-r--r--puppet/services/pacemaker/haproxy.yaml2
-rw-r--r--puppet/services/pacemaker/heat-api-cfn.yaml44
-rw-r--r--puppet/services/pacemaker/heat-api-cloudwatch.yaml44
-rw-r--r--puppet/services/pacemaker/heat-api.yaml44
-rw-r--r--puppet/services/pacemaker/heat-engine.yaml45
-rw-r--r--puppet/services/pacemaker/horizon.yaml41
-rw-r--r--puppet/services/pacemaker/keystone.yaml45
-rw-r--r--puppet/services/pacemaker/manila-share.yaml2
-rw-r--r--puppet/services/pacemaker/memcached.yaml42
-rw-r--r--puppet/services/pacemaker/neutron-dhcp.yaml46
-rw-r--r--puppet/services/pacemaker/neutron-l3.yaml46
-rw-r--r--puppet/services/pacemaker/neutron-metadata.yaml44
-rw-r--r--puppet/services/pacemaker/neutron-midonet.yaml41
-rw-r--r--puppet/services/pacemaker/neutron-ovs-agent.yaml42
-rw-r--r--puppet/services/pacemaker/neutron-plugin-ml2.yaml42
-rw-r--r--puppet/services/pacemaker/neutron-plugin-nuage.yaml40
-rw-r--r--puppet/services/pacemaker/neutron-plugin-opencontrail.yaml40
-rw-r--r--puppet/services/pacemaker/neutron-plugin-plumgrid.yaml40
-rw-r--r--puppet/services/pacemaker/neutron-server.yaml48
-rw-r--r--puppet/services/pacemaker/nova-api.yaml45
-rw-r--r--puppet/services/pacemaker/nova-conductor.yaml45
-rw-r--r--puppet/services/pacemaker/nova-consoleauth.yaml45
-rw-r--r--puppet/services/pacemaker/nova-scheduler.yaml45
-rw-r--r--puppet/services/pacemaker/nova-vnc-proxy.yaml45
-rw-r--r--puppet/services/pacemaker/rabbitmq.yaml2
-rw-r--r--puppet/services/pacemaker/sahara-api.yaml45
-rw-r--r--puppet/services/pacemaker/sahara-engine.yaml45
-rw-r--r--puppet/services/panko-api.yaml2
-rw-r--r--puppet/services/panko-base.yaml5
-rw-r--r--puppet/services/rabbitmq.yaml9
-rw-r--r--puppet/services/sahara-api.yaml2
-rw-r--r--puppet/services/sahara-base.yaml4
-rw-r--r--puppet/services/sahara-engine.yaml2
-rw-r--r--puppet/services/services.yaml8
-rw-r--r--puppet/services/snmp.yaml2
-rw-r--r--puppet/services/swift-base.yaml2
-rw-r--r--puppet/services/swift-proxy.yaml64
-rw-r--r--puppet/services/swift-ringbuilder.yaml2
-rw-r--r--puppet/services/swift-storage.yaml2
-rw-r--r--puppet/services/time/ntp.yaml2
-rw-r--r--puppet/services/time/timezone.yaml2
-rw-r--r--puppet/services/tripleo-firewall.yaml2
-rw-r--r--puppet/services/tripleo-packages.yaml10
-rw-r--r--puppet/services/zaqar.yaml2
-rw-r--r--puppet/upgrade_config.yaml3
208 files changed, 1324 insertions, 2070 deletions
diff --git a/puppet/all-nodes-config.yaml b/puppet/all-nodes-config.yaml
index 0a8bec6e..ee43c3a5 100644
--- a/puppet/all-nodes-config.yaml
+++ b/puppet/all-nodes-config.yaml
@@ -1,4 +1,4 @@
-heat_template_version: 2016-10-14
+heat_template_version: ocata
description: 'All Nodes Config for Puppet'
parameters:
@@ -28,6 +28,8 @@ parameters:
type: json
short_service_node_names:
type: json
+ short_service_bootstrap_node:
+ type: json
controller_names:
type: comma_delimited_list
memcache_node_ips:
@@ -125,6 +127,7 @@ resources:
- {get_param: service_ips}
- {get_param: service_node_names}
- {get_param: short_service_node_names}
+ - {get_param: short_service_bootstrap_node}
- controller_node_ips:
list_join:
- ','
diff --git a/puppet/blockstorage-role.yaml b/puppet/blockstorage-role.yaml
index 36587a41..e92de45f 100644
--- a/puppet/blockstorage-role.yaml
+++ b/puppet/blockstorage-role.yaml
@@ -1,4 +1,4 @@
-heat_template_version: 2016-10-14
+heat_template_version: ocata
description: 'OpenStack cinder storage configured by Puppet'
parameters:
BlockStorageImage:
@@ -71,11 +71,20 @@ parameters:
description: >
The DNS domain used for the hosts. This should match the dhcp_domain
configured in the Undercloud neutron. Defaults to localdomain.
+ BlockStorageServerMetadata:
+ default: {}
+ description: >
+ Extra properties or metadata passed to Nova for the created nodes in
+ the overcloud. It's accessible via the Nova metadata API. This option is
+ role-specific and is merged with the values given to the ServerMetadata
+ parameter.
+ type: json
ServerMetadata:
default: {}
description: >
Extra properties or metadata passed to Nova for the created nodes in
- the overcloud. It's accessible via the Nova metadata API.
+ the overcloud. It's accessible via the Nova metadata API. This applies to
+ all roles and is merged with a role-specific metadata parameter.
type: json
BlockStorageSchedulerHints:
type: json
@@ -93,10 +102,19 @@ parameters:
MonitoringSubscriptions:
type: comma_delimited_list
default: []
+ ServiceMetadataSettings:
+ type: json
+ default: {}
ConfigCommand:
type: string
description: Command which will be run whenever configuration data changes
default: os-refresh-config --timeout 14400
+ UpgradeInitCommand:
+ type: string
+ description: |
+ Command or script snippet to run on all overcloud nodes to
+ initialize the upgrade process. E.g. a repository switch.
+ default: ''
resources:
BlockStorage:
@@ -118,7 +136,11 @@ resources:
template: {get_param: Hostname}
params: {get_param: HostnameMap}
software_config_transport: {get_param: SoftwareConfigTransport}
- metadata: {get_param: ServerMetadata}
+ metadata:
+ map_merge:
+ - {get_param: ServerMetadata}
+ - {get_param: BlockStorageServerMetadata}
+ - {get_param: ServiceMetadataSettings}
scheduler_hints: {get_param: BlockStorageSchedulerHints}
# Combine the NodeAdminUserData and NodeUserData mime archives
@@ -130,6 +152,8 @@ resources:
type: multipart
- config: {get_resource: NodeUserData}
type: multipart
+ - config: {get_resource: RoleUserData}
+ type: multipart
# Creates the "heat-admin" user if configured via the environment
# Should return a OS::Heat::MultipartMime reference via OS::stack_id
@@ -141,6 +165,11 @@ resources:
NodeUserData:
type: OS::TripleO::NodeUserData
+ # For optional operator role-specific userdata
+ # Should return a OS::Heat::MultipartMime reference via OS::stack_id
+ RoleUserData:
+ type: OS::TripleO::BlockStorage::NodeUserData
+
ExternalPort:
type: OS::TripleO::BlockStorage::Ports::ExternalPort
properties:
@@ -307,17 +336,44 @@ resources:
- - {get_attr: [BlockStorage, name]}
- ctlplane
+ PreNetworkConfig:
+ type: OS::TripleO::BlockStorage::PreNetworkConfig
+ properties:
+ server: {get_resource: BlockStorage}
+
NetworkDeployment:
type: OS::TripleO::SoftwareDeployment
+ depends_on: PreNetworkConfig
properties:
name: NetworkDeployment
config: {get_resource: NetworkConfig}
server: {get_resource: BlockStorage}
actions: {get_param: NetworkDeploymentActions}
+ BlockStorageUpgradeInitConfig:
+ type: OS::Heat::SoftwareConfig
+ properties:
+ group: script
+ config:
+ list_join:
+ - ''
+ - - "#!/bin/bash\n\n"
+ - "if [[ -f /etc/resolv.conf.save ]] ; then rm /etc/resolv.conf.save; fi\n\n"
+ - get_param: UpgradeInitCommand
+
+ # Note we may be able to make this conditional on UpgradeInitCommandNotEmpty
+ # but https://bugs.launchpad.net/heat/+bug/1649900 needs fixing first
+ BlockStorageUpgradeInitDeployment:
+ type: OS::Heat::SoftwareDeployment
+ depends_on: NetworkDeployment
+ properties:
+ name: BlockStorageUpgradeInitDeployment
+ server: {get_resource: BlockStorage}
+ config: {get_resource: BlockStorageUpgradeInitConfig}
+
BlockStorageDeployment:
type: OS::Heat::StructuredDeployment
- depends_on: NetworkDeployment
+ depends_on: BlockStorageUpgradeInitDeployment
properties:
name: BlockStorageDeployment
server: {get_resource: BlockStorage}
diff --git a/puppet/cephstorage-role.yaml b/puppet/cephstorage-role.yaml
index 558f97d8..892f91ef 100644
--- a/puppet/cephstorage-role.yaml
+++ b/puppet/cephstorage-role.yaml
@@ -1,4 +1,4 @@
-heat_template_version: 2016-10-14
+heat_template_version: ocata
description: 'OpenStack ceph storage node configured by Puppet'
parameters:
OvercloudCephStorageFlavor:
@@ -77,11 +77,20 @@ parameters:
description: >
The DNS domain used for the hosts. This should match the dhcp_domain
configured in the Undercloud neutron. Defaults to localdomain.
+ CephStorageServerMetadata:
+ default: {}
+ description: >
+ Extra properties or metadata passed to Nova for the created nodes in
+ the overcloud. It's accessible via the Nova metadata API. This option is
+ role-specific and is merged with the values given to the ServerMetadata
+ parameter.
+ type: json
ServerMetadata:
default: {}
description: >
Extra properties or metadata passed to Nova for the created nodes in
- the overcloud. It's accessible via the Nova metadata API.
+ the overcloud. It's accessible via the Nova metadata API. This applies to
+ all roles and is merged with a role-specific metadata parameter.
type: json
CephStorageSchedulerHints:
type: json
@@ -99,10 +108,19 @@ parameters:
MonitoringSubscriptions:
type: comma_delimited_list
default: []
+ ServiceMetadataSettings:
+ type: json
+ default: {}
ConfigCommand:
type: string
description: Command which will be run whenever configuration data changes
default: os-refresh-config --timeout 14400
+ UpgradeInitCommand:
+ type: string
+ description: |
+ Command or script snippet to run on all overcloud nodes to
+ initialize the upgrade process. E.g. a repository switch.
+ default: ''
resources:
CephStorage:
@@ -124,7 +142,11 @@ resources:
template: {get_param: Hostname}
params: {get_param: HostnameMap}
software_config_transport: {get_param: SoftwareConfigTransport}
- metadata: {get_param: ServerMetadata}
+ metadata:
+ map_merge:
+ - {get_param: ServerMetadata}
+ - {get_param: CephStorageServerMetadata}
+ - {get_param: ServiceMetadataSettings}
scheduler_hints: {get_param: CephStorageSchedulerHints}
# Combine the NodeAdminUserData and NodeUserData mime archives
@@ -136,6 +158,8 @@ resources:
type: multipart
- config: {get_resource: NodeUserData}
type: multipart
+ - config: {get_resource: RoleUserData}
+ type: multipart
# Creates the "heat-admin" user if configured via the environment
# Should return a OS::Heat::MultipartMime reference via OS::stack_id
@@ -147,6 +171,11 @@ resources:
NodeUserData:
type: OS::TripleO::NodeUserData
+ # For optional operator role-specific userdata
+ # Should return a OS::Heat::MultipartMime reference via OS::stack_id
+ RoleUserData:
+ type: OS::TripleO::CephStorage::NodeUserData
+
ExternalPort:
type: OS::TripleO::CephStorage::Ports::ExternalPort
properties:
@@ -313,17 +342,44 @@ resources:
- - {get_attr: [CephStorage, name]}
- ctlplane
+ PreNetworkConfig:
+ type: OS::TripleO::CephStorage::PreNetworkConfig
+ properties:
+ server: {get_resource: CephStorage}
+
NetworkDeployment:
type: OS::TripleO::SoftwareDeployment
+ depends_on: PreNetworkConfig
properties:
name: NetworkDeployment
config: {get_resource: NetworkConfig}
server: {get_resource: CephStorage}
actions: {get_param: NetworkDeploymentActions}
+ CephStorageUpgradeInitConfig:
+ type: OS::Heat::SoftwareConfig
+ properties:
+ group: script
+ config:
+ list_join:
+ - ''
+ - - "#!/bin/bash\n\n"
+ - "if [[ -f /etc/resolv.conf.save ]] ; then rm /etc/resolv.conf.save; fi\n\n"
+ - get_param: UpgradeInitCommand
+
+ # Note we may be able to make this conditional on UpgradeInitCommandNotEmpty
+ # but https://bugs.launchpad.net/heat/+bug/1649900 needs fixing first
+ CephStorageUpgradeInitDeployment:
+ type: OS::Heat::SoftwareDeployment
+ depends_on: NetworkDeployment
+ properties:
+ name: CephStorageUpgradeInitDeployment
+ server: {get_resource: CephStorage}
+ config: {get_resource: CephStorageUpgradeInitConfig}
+
CephStorageDeployment:
type: OS::Heat::StructuredDeployment
- depends_on: NetworkDeployment
+ depends_on: CephStorageUpgradeInitDeployment
properties:
name: CephStorageDeployment
config: {get_resource: CephStorageConfig}
diff --git a/puppet/compute-role.yaml b/puppet/compute-role.yaml
index 818f18c8..62adcd33 100644
--- a/puppet/compute-role.yaml
+++ b/puppet/compute-role.yaml
@@ -1,4 +1,4 @@
-heat_template_version: 2016-10-14
+heat_template_version: ocata
description: >
OpenStack hypervisor node configured via Puppet.
@@ -92,11 +92,20 @@ parameters:
description: >
The DNS domain used for the hosts. This should match the dhcp_domain
configured in the Undercloud neutron. Defaults to localdomain.
+ NovaComputeServerMetadata:
+ default: {}
+ description: >
+ Extra properties or metadata passed to Nova for the created nodes in
+ the overcloud. It's accessible via the Nova metadata API. This option is
+ role-specific and is merged with the values given to the ServerMetadata
+ parameter.
+ type: json
ServerMetadata:
default: {}
description: >
Extra properties or metadata passed to Nova for the created nodes in
- the overcloud. It's accessible via the Nova metadata API.
+ the overcloud. It's accessible via the Nova metadata API. This applies to
+ all roles and is merged with a role-specific metadata parameter.
type: json
NovaComputeSchedulerHints:
type: json
@@ -111,10 +120,19 @@ parameters:
MonitoringSubscriptions:
type: comma_delimited_list
default: []
+ ServiceMetadataSettings:
+ type: json
+ default: {}
ConfigCommand:
type: string
description: Command which will be run whenever configuration data changes
default: os-refresh-config --timeout 14400
+ UpgradeInitCommand:
+ type: string
+ description: |
+ Command or script snippet to run on all overcloud nodes to
+ initialize the upgrade process. E.g. a repository switch.
+ default: ''
resources:
@@ -138,7 +156,11 @@ resources:
template: {get_param: Hostname}
params: {get_param: HostnameMap}
software_config_transport: {get_param: SoftwareConfigTransport}
- metadata: {get_param: ServerMetadata}
+ metadata:
+ map_merge:
+ - {get_param: ServerMetadata}
+ - {get_param: NovaComputeServerMetadata}
+ - {get_param: ServiceMetadataSettings}
scheduler_hints: {get_param: NovaComputeSchedulerHints}
# Combine the NodeAdminUserData and NodeUserData mime archives
@@ -150,6 +172,8 @@ resources:
type: multipart
- config: {get_resource: NodeUserData}
type: multipart
+ - config: {get_resource: RoleUserData}
+ type: multipart
# Creates the "heat-admin" user if configured via the environment
# Should return a OS::Heat::MultipartMime reference via OS::stack_id
@@ -161,6 +185,11 @@ resources:
NodeUserData:
type: OS::TripleO::NodeUserData
+ # For optional operator role-specific userdata
+ # Should return a OS::Heat::MultipartMime reference via OS::stack_id
+ RoleUserData:
+ type: OS::TripleO::Compute::NodeUserData
+
ExternalPort:
type: OS::TripleO::Compute::Ports::ExternalPort
properties:
@@ -316,6 +345,11 @@ resources:
- - {get_attr: [NovaCompute, name]}
- ctlplane
+ PreNetworkConfig:
+ type: OS::TripleO::Compute::PreNetworkConfig
+ properties:
+ server: {get_resource: NovaCompute}
+
NetworkConfig:
type: OS::TripleO::Compute::Net::SoftwareConfig
properties:
@@ -329,6 +363,7 @@ resources:
NetworkDeployment:
type: OS::TripleO::SoftwareDeployment
+ depends_on: PreNetworkConfig
properties:
name: NetworkDeployment
config: {get_resource: NetworkConfig}
@@ -338,6 +373,27 @@ resources:
bridge_name: {get_param: NeutronPhysicalBridge}
interface_name: {get_param: NeutronPublicInterface}
+ NovaComputeUpgradeInitConfig:
+ type: OS::Heat::SoftwareConfig
+ properties:
+ group: script
+ config:
+ list_join:
+ - ''
+ - - "#!/bin/bash\n\n"
+ - "if [[ -f /etc/resolv.conf.save ]] ; then rm /etc/resolv.conf.save; fi\n\n"
+ - get_param: UpgradeInitCommand
+
+ # Note we may be able to make this conditional on UpgradeInitCommandNotEmpty
+ # but https://bugs.launchpad.net/heat/+bug/1649900 needs fixing first
+ NovaComputeUpgradeInitDeployment:
+ type: OS::Heat::SoftwareDeployment
+ depends_on: NetworkDeployment
+ properties:
+ name: NovaComputeUpgradeInitDeployment
+ server: {get_resource: NovaCompute}
+ config: {get_resource: NovaComputeUpgradeInitConfig}
+
NovaComputeConfig:
type: OS::Heat::StructuredConfig
properties:
@@ -383,7 +439,7 @@ resources:
NovaComputeDeployment:
type: OS::TripleO::SoftwareDeployment
- depends_on: NetworkDeployment
+ depends_on: NovaComputeUpgradeInitDeployment
properties:
name: NovaComputeDeployment
config: {get_resource: NovaComputeConfig}
diff --git a/puppet/config.role.j2.yaml b/puppet/config.role.j2.yaml
index 552c59b2..7337d062 100644
--- a/puppet/config.role.j2.yaml
+++ b/puppet/config.role.j2.yaml
@@ -1,4 +1,4 @@
-heat_template_version: 2016-10-14
+heat_template_version: ocata
description: >
A software config which runs puppet on the {{role}} role
diff --git a/puppet/controller-config-pacemaker.yaml b/puppet/controller-config-pacemaker.yaml
deleted file mode 100644
index 24f31dc8..00000000
--- a/puppet/controller-config-pacemaker.yaml
+++ /dev/null
@@ -1,41 +0,0 @@
-heat_template_version: 2015-04-30
-
-description: >
- A software config which runs manifests/overcloud_controller_pacemaker.pp
-
-parameters:
- ConfigDebug:
- default: false
- description: Whether to run config management (e.g. Puppet) in debug mode.
- type: boolean
- StepConfig:
- type: string
- description: Config manifests that will be used to step through the deployment.
- default: ''
-
-resources:
-
- ControllerPuppetConfigImpl:
- type: OS::Heat::SoftwareConfig
- properties:
- group: puppet
- options:
- enable_debug: {get_param: ConfigDebug}
- enable_hiera: True
- enable_facter: False
- modulepath: /etc/puppet/modules:/opt/stack/puppet-modules:/usr/share/openstack-puppet/modules
- outputs:
- - name: result
- inputs:
- - name: step
- type: Number
- config:
- list_join:
- - ''
- - - get_file: manifests/overcloud_controller_pacemaker.pp
- - {get_param: StepConfig}
-
-outputs:
- OS::stack_id:
- description: The software config which runs overcloud_controller_pacemaker.pp
- value: {get_resource: ControllerPuppetConfigImpl}
diff --git a/puppet/controller-role.yaml b/puppet/controller-role.yaml
index 2781daa0..9e35af5f 100644
--- a/puppet/controller-role.yaml
+++ b/puppet/controller-role.yaml
@@ -1,4 +1,4 @@
-heat_template_version: 2016-10-14
+heat_template_version: ocata
description: >
OpenStack controller node configured by Puppet.
@@ -106,11 +106,20 @@ parameters:
description: >
The DNS domain used for the hosts. This should match the dhcp_domain
configured in the Undercloud neutron. Defaults to localdomain.
+ ControllerServerMetadata:
+ default: {}
+ description: >
+ Extra properties or metadata passed to Nova for the created nodes in
+ the overcloud. It's accessible via the Nova metadata API. This option is
+ role-specific and is merged with the values given to the ServerMetadata
+ parameter.
+ type: json
ServerMetadata:
default: {}
description: >
Extra properties or metadata passed to Nova for the created nodes in
- the overcloud. It's accessible via the Nova metadata API.
+ the overcloud. It's accessible via the Nova metadata API. This applies to
+ all roles and is merged with a role-specific metadata parameter.
type: json
ControllerSchedulerHints:
type: json
@@ -125,10 +134,19 @@ parameters:
MonitoringSubscriptions:
type: comma_delimited_list
default: []
+ ServiceMetadataSettings:
+ type: json
+ default: {}
ConfigCommand:
type: string
description: Command which will be run whenever configuration data changes
default: os-refresh-config --timeout 14400
+ UpgradeInitCommand:
+ type: string
+ description: |
+ Command or script snippet to run on all overcloud nodes to
+ initialize the upgrade process. E.g. a repository switch.
+ default: ''
parameter_groups:
- label: deprecated
@@ -157,7 +175,11 @@ resources:
template: {get_param: Hostname}
params: {get_param: HostnameMap}
software_config_transport: {get_param: SoftwareConfigTransport}
- metadata: {get_param: ServerMetadata}
+ metadata:
+ map_merge:
+ - {get_param: ServerMetadata}
+ - {get_param: ControllerServerMetadata}
+ - {get_param: ServiceMetadataSettings}
scheduler_hints: {get_param: ControllerSchedulerHints}
# Combine the NodeAdminUserData and NodeUserData mime archives
@@ -169,6 +191,8 @@ resources:
type: multipart
- config: {get_resource: NodeUserData}
type: multipart
+ - config: {get_resource: RoleUserData}
+ type: multipart
# Creates the "heat-admin" user if configured via the environment
# Should return a OS::Heat::MultipartMime reference via OS::stack_id
@@ -180,6 +204,11 @@ resources:
NodeUserData:
type: OS::TripleO::NodeUserData
+ # For optional operator role-specific userdata
+ # Should return a OS::Heat::MultipartMime reference via OS::stack_id
+ RoleUserData:
+ type: OS::TripleO::Controller::NodeUserData
+
ExternalPort:
type: OS::TripleO::Controller::Ports::ExternalPort
properties:
@@ -335,6 +364,11 @@ resources:
- - {get_attr: [Controller, name]}
- ctlplane
+ PreNetworkConfig:
+ type: OS::TripleO::Controller::PreNetworkConfig
+ properties:
+ server: {get_resource: Controller}
+
NetworkConfig:
type: OS::TripleO::Controller::Net::SoftwareConfig
properties:
@@ -348,6 +382,7 @@ resources:
NetworkDeployment:
type: OS::TripleO::SoftwareDeployment
+ depends_on: PreNetworkConfig
properties:
name: NetworkDeployment
config: {get_resource: NetworkConfig}
@@ -372,10 +407,30 @@ resources:
server: {get_resource: Controller}
NodeIndex: {get_param: NodeIndex}
+ ControllerUpgradeInitConfig:
+ type: OS::Heat::SoftwareConfig
+ properties:
+ group: script
+ config:
+ list_join:
+ - ''
+ - - "#!/bin/bash\n\n"
+ - "if [[ -f /etc/resolv.conf.save ]] ; then rm /etc/resolv.conf.save; fi\n\n"
+ - get_param: UpgradeInitCommand
+
+ # Note we may be able to make this conditional on UpgradeInitCommandNotEmpty
+ # but https://bugs.launchpad.net/heat/+bug/1649900 needs fixing first
+ ControllerUpgradeInitDeployment:
+ type: OS::Heat::SoftwareDeployment
+ depends_on: NetworkDeployment
+ properties:
+ name: ControllerUpgradeInitDeployment
+ server: {get_resource: Controller}
+ config: {get_resource: ControllerUpgradeInitConfig}
ControllerDeployment:
type: OS::TripleO::SoftwareDeployment
- depends_on: NetworkDeployment
+ depends_on: ControllerUpgradeInitDeployment
properties:
name: ControllerDeployment
config: {get_resource: ControllerConfig}
diff --git a/puppet/deploy-artifacts.yaml b/puppet/deploy-artifacts.yaml
index 17f84163..5e89405b 100644
--- a/puppet/deploy-artifacts.yaml
+++ b/puppet/deploy-artifacts.yaml
@@ -1,4 +1,4 @@
-heat_template_version: 2015-04-30
+heat_template_version: ocata
description: >
Software Config to install deployment artifacts (tarball's and/or
diff --git a/puppet/extraconfig/all_nodes/neutron-midonet-all-nodes.yaml b/puppet/extraconfig/all_nodes/neutron-midonet-all-nodes.yaml
index 6a2ea4d5..3daf3fd3 100644
--- a/puppet/extraconfig/all_nodes/neutron-midonet-all-nodes.yaml
+++ b/puppet/extraconfig/all_nodes/neutron-midonet-all-nodes.yaml
@@ -1,4 +1,4 @@
-heat_template_version: 2015-10-15
+heat_template_version: ocata
description: Configure hieradata for all MidoNet nodes
diff --git a/puppet/extraconfig/all_nodes/neutron-ml2-cisco-nexus-ucsm.yaml b/puppet/extraconfig/all_nodes/neutron-ml2-cisco-nexus-ucsm.yaml
index 7bda0cd5..cb8d498c 100644
--- a/puppet/extraconfig/all_nodes/neutron-ml2-cisco-nexus-ucsm.yaml
+++ b/puppet/extraconfig/all_nodes/neutron-ml2-cisco-nexus-ucsm.yaml
@@ -1,4 +1,4 @@
-heat_template_version: 2015-04-30
+heat_template_version: ocata
description: Configure hieradata for Network Cisco configuration
diff --git a/puppet/extraconfig/pre_deploy/compute/neutron-ml2-bigswitch.yaml b/puppet/extraconfig/pre_deploy/compute/neutron-ml2-bigswitch.yaml
index 49c77190..7fe2a842 100644
--- a/puppet/extraconfig/pre_deploy/compute/neutron-ml2-bigswitch.yaml
+++ b/puppet/extraconfig/pre_deploy/compute/neutron-ml2-bigswitch.yaml
@@ -1,4 +1,4 @@
-heat_template_version: 2015-04-30
+heat_template_version: ocata
description: Configure hieradata for Big Switch agents on compute node
diff --git a/puppet/extraconfig/pre_deploy/compute/neutron-opencontrail.yaml b/puppet/extraconfig/pre_deploy/compute/neutron-opencontrail.yaml
index f5b1f0e6..66252f1f 100644
--- a/puppet/extraconfig/pre_deploy/compute/neutron-opencontrail.yaml
+++ b/puppet/extraconfig/pre_deploy/compute/neutron-opencontrail.yaml
@@ -1,4 +1,4 @@
-heat_template_version: 2015-04-30
+heat_template_version: ocata
description: Compute node hieradata for Neutron OpenContrail configuration
diff --git a/puppet/extraconfig/pre_deploy/compute/nova-nuage.yaml b/puppet/extraconfig/pre_deploy/compute/nova-nuage.yaml
index 5561c74a..47c782c7 100644
--- a/puppet/extraconfig/pre_deploy/compute/nova-nuage.yaml
+++ b/puppet/extraconfig/pre_deploy/compute/nova-nuage.yaml
@@ -1,4 +1,4 @@
-heat_template_version: 2015-04-30
+heat_template_version: ocata
description: Configure hieradata for Nuage configuration on the Compute
diff --git a/puppet/extraconfig/pre_deploy/controller/cinder-dellsc.yaml b/puppet/extraconfig/pre_deploy/controller/cinder-dellsc.yaml
index 9423208e..7d639883 100644
--- a/puppet/extraconfig/pre_deploy/controller/cinder-dellsc.yaml
+++ b/puppet/extraconfig/pre_deploy/controller/cinder-dellsc.yaml
@@ -1,4 +1,4 @@
-heat_template_version: 2015-10-15
+heat_template_version: ocata
description: Configure hieradata for Cinder Dell Storage Center configuration
diff --git a/puppet/extraconfig/pre_deploy/controller/cinder-eqlx.yaml b/puppet/extraconfig/pre_deploy/controller/cinder-eqlx.yaml
index c7af6f22..30509044 100644
--- a/puppet/extraconfig/pre_deploy/controller/cinder-eqlx.yaml
+++ b/puppet/extraconfig/pre_deploy/controller/cinder-eqlx.yaml
@@ -1,4 +1,4 @@
-heat_template_version: 2015-10-15
+heat_template_version: ocata
description: Configure hieradata for Cinder Eqlx configuration
diff --git a/puppet/extraconfig/pre_deploy/controller/cinder-netapp.yaml b/puppet/extraconfig/pre_deploy/controller/cinder-netapp.yaml
index 48446e5a..763ae39a 100644
--- a/puppet/extraconfig/pre_deploy/controller/cinder-netapp.yaml
+++ b/puppet/extraconfig/pre_deploy/controller/cinder-netapp.yaml
@@ -1,4 +1,4 @@
-heat_template_version: 2015-04-30
+heat_template_version: ocata
description: Configure hieradata for Cinder Netapp configuration
diff --git a/puppet/extraconfig/pre_deploy/controller/multiple.yaml b/puppet/extraconfig/pre_deploy/controller/multiple.yaml
index f949a397..d3d546dd 100644
--- a/puppet/extraconfig/pre_deploy/controller/multiple.yaml
+++ b/puppet/extraconfig/pre_deploy/controller/multiple.yaml
@@ -1,4 +1,4 @@
-heat_template_version: 2014-10-16
+heat_template_version: ocata
description: 'Extra Pre-Deployment Config, multiple'
parameters:
server:
diff --git a/puppet/extraconfig/pre_deploy/controller/neutron-ml2-bigswitch.yaml b/puppet/extraconfig/pre_deploy/controller/neutron-ml2-bigswitch.yaml
index 467f57cc..0f4806db 100644
--- a/puppet/extraconfig/pre_deploy/controller/neutron-ml2-bigswitch.yaml
+++ b/puppet/extraconfig/pre_deploy/controller/neutron-ml2-bigswitch.yaml
@@ -1,4 +1,4 @@
-heat_template_version: 2015-04-30
+heat_template_version: ocata
description: Configure hieradata for Neutron Big Switch configuration
diff --git a/puppet/extraconfig/pre_deploy/controller/neutron-ml2-cisco-n1kv.yaml b/puppet/extraconfig/pre_deploy/controller/neutron-ml2-cisco-n1kv.yaml
index cec885cd..6eae812f 100644
--- a/puppet/extraconfig/pre_deploy/controller/neutron-ml2-cisco-n1kv.yaml
+++ b/puppet/extraconfig/pre_deploy/controller/neutron-ml2-cisco-n1kv.yaml
@@ -1,4 +1,4 @@
-heat_template_version: 2015-04-30
+heat_template_version: ocata
description: Configure hieradata for Cisco N1KV configuration
diff --git a/puppet/extraconfig/pre_deploy/default.yaml b/puppet/extraconfig/pre_deploy/default.yaml
index dcbc6811..5da07f87 100644
--- a/puppet/extraconfig/pre_deploy/default.yaml
+++ b/puppet/extraconfig/pre_deploy/default.yaml
@@ -1,4 +1,4 @@
-heat_template_version: 2014-10-16
+heat_template_version: ocata
description: 'Noop Extra Pre-Deployment Config'
parameters:
server:
diff --git a/puppet/extraconfig/pre_deploy/per_node.yaml b/puppet/extraconfig/pre_deploy/per_node.yaml
index e236e336..65113f6a 100644
--- a/puppet/extraconfig/pre_deploy/per_node.yaml
+++ b/puppet/extraconfig/pre_deploy/per_node.yaml
@@ -1,4 +1,4 @@
-heat_template_version: 2015-04-30
+heat_template_version: ocata
description: Configure hieradata overrides for specific nodes
diff --git a/puppet/extraconfig/tls/ca-inject.yaml b/puppet/extraconfig/tls/ca-inject.yaml
index f955034d..04b5ccf6 100644
--- a/puppet/extraconfig/tls/ca-inject.yaml
+++ b/puppet/extraconfig/tls/ca-inject.yaml
@@ -1,4 +1,4 @@
-heat_template_version: 2015-04-30
+heat_template_version: ocata
description: >
This is a template which will inject the trusted anchor.
diff --git a/puppet/extraconfig/tls/freeipa-enroll.yaml b/puppet/extraconfig/tls/freeipa-enroll.yaml
new file mode 100644
index 00000000..7ce15069
--- /dev/null
+++ b/puppet/extraconfig/tls/freeipa-enroll.yaml
@@ -0,0 +1,83 @@
+heat_template_version: ocata
+
+description: Enroll nodes to FreeIPA
+
+parameters:
+ server:
+ description: ID of the controller node to apply this config to
+ type: string
+
+ CloudDomain:
+ description: >
+ The configured cloud domain; this will also be used as the kerberos realm
+ type: string
+
+ FreeIPAOTP:
+ default: ''
+ description: 'OTP that will be used for FreeIPA enrollment'
+ type: string
+ hidden: true
+ FreeIPAServer:
+ default: ''
+ description: 'FreeIPA server DNS name'
+ type: string
+ FreeIPAIPAddress:
+ default: ''
+ description: 'FreeIPA server IP Address'
+ type: string
+
+resources:
+ FreeIPAEnrollmentConfig:
+ type: OS::Heat::SoftwareConfig
+ properties:
+ group: script
+ inputs:
+ - name: otp
+ - name: ipa_server
+ - name: ipa_domain
+ - name: ipa_ip
+ config: |
+ #!/bin/sh
+ # If no IPA server was given as a parameter, it will be assumed from
+ # DNS.
+ if [ -n "${ipa_server}" ]; then
+ sed -i "/${ipa_server}/d" /etc/hosts
+ # Optionally add the FreeIPA server IP to /etc/hosts
+ if [ -n "${ipa_ip}" ]; then
+ echo "${ipa_ip} ${ipa_server}" >> /etc/hosts
+ fi
+ fi
+ # Set the node's domain if needed
+ if [ ! $(hostname -f | grep "${ipa_domain}$") ]; then
+ hostnamectl set-hostname "$(hostname).${ipa_domain}"
+ fi
+ yum install -y ipa-client
+ # Enroll. If there is already keytab, we have already done this. If
+ # this node hasn't enrolled and the OTP is missing, fail.
+ if [ ! -f /etc/krb5.keytab ]; then
+ if [ -z "${otp}" ]; then
+ echo "OTP is missing"
+ exit 1
+ fi
+ ipa-client-install --server ${ipa_server} -w ${otp} \
+ --domain=${ipa_domain} -U
+ fi
+ # Get a TGT
+ kinit -k -t /etc/krb5.keytab
+
+ FreeIPAControllerEnrollmentDeployment:
+ type: OS::Heat::SoftwareDeployment
+ properties:
+ name: FreeIPAEnrollmentDeployment
+ config: {get_resource: FreeIPAEnrollmentConfig}
+ server: {get_param: server}
+ input_values:
+ otp: {get_param: FreeIPAOTP}
+ ipa_server: {get_param: FreeIPAServer}
+ ipa_domain: {get_param: CloudDomain}
+ ipa_ip: {get_param: FreeIPAIPAddress}
+
+outputs:
+ deploy_stdout:
+ description: Output of the FreeIPA enrollment deployment
+ value: {get_attr: [FreeIPAControllerEnrollmentDeployment, deploy_stdout]}
diff --git a/puppet/extraconfig/tls/tls-cert-inject.yaml b/puppet/extraconfig/tls/tls-cert-inject.yaml
index 49d84574..2a61afc0 100644
--- a/puppet/extraconfig/tls/tls-cert-inject.yaml
+++ b/puppet/extraconfig/tls/tls-cert-inject.yaml
@@ -1,4 +1,4 @@
-heat_template_version: 2015-04-30
+heat_template_version: ocata
description: >
This is a template which will build the TLS Certificates necessary
diff --git a/puppet/major_upgrade_steps.j2.yaml b/puppet/major_upgrade_steps.j2.yaml
index f8dad433..9430a704 100644
--- a/puppet/major_upgrade_steps.j2.yaml
+++ b/puppet/major_upgrade_steps.j2.yaml
@@ -1,4 +1,4 @@
-heat_template_version: 2016-10-14
+heat_template_version: ocata
description: 'Upgrade steps for all roles'
parameters:
@@ -15,39 +15,11 @@ parameters:
Setting to a previously unused value during stack-update will trigger
the Upgrade resources to re-run on all roles.
- UpgradeInitCommand:
- type: string
- description: |
- Command or script snippet to run on all overcloud nodes to
- initialize the upgrade process. E.g. a repository switch.
- default: ''
-
resources:
- # For the UpgradeInit also rename /etc/resolv.conf.save for +bug/1567004
- UpgradeInitConfig:
- type: OS::Heat::SoftwareConfig
- properties:
- group: script
- config:
- list_join:
- - ''
- - - "#!/bin/bash\n\n"
- - "if [[ -f /etc/resolv.conf.save ]] ; then rm /etc/resolv.conf.save; fi\n\n"
- - get_param: UpgradeInitCommand
-
-{% for role in roles %}
- {{role.name}}Upgrade_Init:
- type: OS::Heat::StructuredDeploymentGroup
- properties:
- name: {{role.name}}Upgrade_Init
- servers: {get_param: [servers, {{role.name}}]}
- config: {get_resource: UpgradeInitConfig}
-{% endfor %}
-
# Upgrade Steps for all roles
# FIXME(shardy): would be nice to make the number of steps configurable
-{% for step in range(1, 8) %}
+{% for step in range(0, 8) %}
{% for role in roles %}
# Step {{step}} resources
{{role.name}}UpgradeConfig_Step{{step}}:
@@ -56,10 +28,8 @@ resources:
# serialization, but the event output is easier to follow if we
# do, and there should be minimal performance hit (creating the
# config is cheap compared to the time to apply the deployment).
+ {% if step > 0 %}
depends_on:
- {% if step == 1 %}
- - {{role.name}}Upgrade_Init
- {% else %}
{% for dep in roles %}
- {{dep.name}}Upgrade_Step{{step -1}}
{% endfor %}
@@ -70,7 +40,7 @@ resources:
{{role.name}}Upgrade_Step{{step}}:
type: OS::Heat::StructuredDeploymentGroup
- {% if step > 1 %}
+ {% if step > 0 %}
depends_on:
{% for dep in roles %}
- {{dep.name}}Upgrade_Step{{step -1}}
diff --git a/puppet/manifests/overcloud_controller_pacemaker.pp b/puppet/manifests/overcloud_controller_pacemaker.pp
deleted file mode 100644
index d329d5fc..00000000
--- a/puppet/manifests/overcloud_controller_pacemaker.pp
+++ /dev/null
@@ -1,21 +0,0 @@
-# Copyright 2015 Red Hat, Inc.
-# All Rights Reserved.
-#
-# Licensed under the Apache License, Version 2.0 (the "License"); you may
-# not use this file except in compliance with the License. You may obtain
-# a copy of the License at
-#
-# http://www.apache.org/licenses/LICENSE-2.0
-#
-# Unless required by applicable law or agreed to in writing, software
-# distributed under the License is distributed on an "AS IS" BASIS, WITHOUT
-# WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the
-# License for the specific language governing permissions and limitations
-# under the License.
-
-if hiera('step') >= 4 {
- hiera_include('controller_classes', [])
-}
-
-$package_manifest_name = join(['/var/lib/tripleo/installed-packages/overcloud_controller_pacemaker', hiera('step')])
-package_manifest{$package_manifest_name: ensure => present}
diff --git a/puppet/manifests/overcloud_role.pp b/puppet/manifests/overcloud_role.pp
index 1a59620c..e2bf5146 100644
--- a/puppet/manifests/overcloud_role.pp
+++ b/puppet/manifests/overcloud_role.pp
@@ -24,3 +24,7 @@ if hiera('step') >= 4 {
$package_manifest_name = join(['/var/lib/tripleo/installed-packages/overcloud___ROLE__', hiera('step')])
package_manifest{$package_manifest_name: ensure => present}
+
+# NOTE(gfidente): ensure deprecated package manifest is absent, can be removed after Pike
+$absent_package_manifest_name = join(['/var/lib/tripleo/installed-packages/overcloud_controller_pacemaker', hiera('step')])
+package_manifest{$absent_package_manifest_name: ensure => absent}
diff --git a/puppet/objectstorage-role.yaml b/puppet/objectstorage-role.yaml
index 40cd7578..1633134d 100644
--- a/puppet/objectstorage-role.yaml
+++ b/puppet/objectstorage-role.yaml
@@ -1,4 +1,4 @@
-heat_template_version: 2016-10-14
+heat_template_version: ocata
description: 'OpenStack swift storage node configured by Puppet'
parameters:
OvercloudSwiftStorageFlavor:
@@ -71,11 +71,20 @@ parameters:
description: >
The DNS domain used for the hosts. This should match the dhcp_domain
configured in the Undercloud neutron. Defaults to localdomain.
+ SwiftStorageServerMetadata:
+ default: {}
+ description: >
+ Extra properties or metadata passed to Nova for the created nodes in
+ the overcloud. It's accessible via the Nova metadata API. This option is
+ role-specific and is merged with the values given to the ServerMetadata
+ parameter.
+ type: json
ServerMetadata:
default: {}
description: >
Extra properties or metadata passed to Nova for the created nodes in
- the overcloud. It's accessible via the Nova metadata API.
+ the overcloud. It's accessible via the Nova metadata API. This applies to
+ all roles and is merged with a role-specific metadata parameter.
type: json
ObjectStorageSchedulerHints:
type: json
@@ -93,10 +102,19 @@ parameters:
MonitoringSubscriptions:
type: comma_delimited_list
default: []
+ ServiceMetadataSettings:
+ type: json
+ default: {}
ConfigCommand:
type: string
description: Command which will be run whenever configuration data changes
default: os-refresh-config --timeout 14400
+ UpgradeInitCommand:
+ type: string
+ description: |
+ Command or script snippet to run on all overcloud nodes to
+ initialize the upgrade process. E.g. a repository switch.
+ default: ''
resources:
@@ -118,7 +136,11 @@ resources:
template: {get_param: Hostname}
params: {get_param: HostnameMap}
software_config_transport: {get_param: SoftwareConfigTransport}
- metadata: {get_param: ServerMetadata}
+ metadata:
+ map_merge:
+ - {get_param: ServerMetadata}
+ - {get_param: SwiftStorageServerMetadata}
+ - {get_param: ServiceMetadataSettings}
scheduler_hints: {get_param: ObjectStorageSchedulerHints}
# Combine the NodeAdminUserData and NodeUserData mime archives
@@ -130,6 +152,8 @@ resources:
type: multipart
- config: {get_resource: NodeUserData}
type: multipart
+ - config: {get_resource: RoleUserData}
+ type: multipart
# Creates the "heat-admin" user if configured via the environment
# Should return a OS::Heat::MultipartMime reference via OS::stack_id
@@ -141,6 +165,11 @@ resources:
NodeUserData:
type: OS::TripleO::NodeUserData
+ # For optional operator role-specific userdata
+ # Should return a OS::Heat::MultipartMime reference via OS::stack_id
+ RoleUserData:
+ type: OS::TripleO::ObjectStorage::NodeUserData
+
ExternalPort:
type: OS::TripleO::SwiftStorage::Ports::ExternalPort
properties:
@@ -226,13 +255,13 @@ resources:
fqdn:
list_join:
- '.'
- - - {get_attr: [Swiftexternal, name]}
+ - - {get_attr: [SwiftStorage, name]}
- external
- {get_param: CloudDomain}
short:
list_join:
- '.'
- - - {get_attr: [Swiftexternal, name]}
+ - - {get_attr: [SwiftStorage, name]}
- external
internal_api:
fqdn:
@@ -307,14 +336,41 @@ resources:
- - {get_attr: [SwiftStorage, name]}
- ctlplane
+ PreNetworkConfig:
+ type: OS::TripleO::ObjectStorage::PreNetworkConfig
+ properties:
+ server: {get_resource: SwiftStorage}
+
NetworkDeployment:
type: OS::TripleO::SoftwareDeployment
+ depends_on: PreNetworkConfig
properties:
name: NetworkDeployment
config: {get_resource: NetworkConfig}
server: {get_resource: SwiftStorage}
actions: {get_param: NetworkDeploymentActions}
+ SwiftStorageUpgradeInitConfig:
+ type: OS::Heat::SoftwareConfig
+ properties:
+ group: script
+ config:
+ list_join:
+ - ''
+ - - "#!/bin/bash\n\n"
+ - "if [[ -f /etc/resolv.conf.save ]] ; then rm /etc/resolv.conf.save; fi\n\n"
+ - get_param: UpgradeInitCommand
+
+ # Note we may be able to make this conditional on UpgradeInitCommandNotEmpty
+ # but https://bugs.launchpad.net/heat/+bug/1649900 needs fixing first
+ SwiftStorageUpgradeInitDeployment:
+ type: OS::Heat::SoftwareDeployment
+ depends_on: NetworkDeployment
+ properties:
+ name: SwiftStorageUpgradeInitDeployment
+ server: {get_resource: SwiftStorage}
+ config: {get_resource: SwiftStorageUpgradeInitConfig}
+
SwiftStorageHieraConfig:
type: OS::Heat::StructuredConfig
properties:
@@ -354,7 +410,7 @@ resources:
SwiftStorageHieraDeploy:
type: OS::Heat::StructuredDeployment
- depends_on: NetworkDeployment
+ depends_on: SwiftStorageUpgradeInitDeployment
properties:
name: SwiftStorageHieraDeploy
server: {get_resource: SwiftStorage}
diff --git a/puppet/post.j2.yaml b/puppet/post.j2.yaml
index 582eb28d..2a02ea19 100644
--- a/puppet/post.j2.yaml
+++ b/puppet/post.j2.yaml
@@ -1,4 +1,4 @@
-heat_template_version: 2016-10-14
+heat_template_version: ocata
description: >
Post-deploy configuration steps via puppet for all roles,
diff --git a/puppet/role.role.j2.yaml b/puppet/role.role.j2.yaml
index 9726d978..2f070da2 100644
--- a/puppet/role.role.j2.yaml
+++ b/puppet/role.role.j2.yaml
@@ -1,4 +1,4 @@
-heat_template_version: 2016-10-14
+heat_template_version: ocata
description: 'OpenStack {{role}} node configured by Puppet'
parameters:
Overcloud{{role}}Flavor:
@@ -28,6 +28,10 @@ parameters:
constraints:
- custom_constraint: nova.keypair
{% endif %}
+ NeutronPublicInterface:
+ default: nic1
+ description: What interface to bridge onto br-ex for network nodes.
+ type: string
ServiceNetMap:
default: {}
description: Mapping of service_name -> network name. Typically set
@@ -83,11 +87,20 @@ parameters:
description: >
The DNS domain used for the hosts. This should match the dhcp_domain
configured in the Undercloud neutron. Defaults to localdomain.
+ {{role}}ServerMetadata:
+ default: {}
+ description: >
+ Extra properties or metadata passed to Nova for the created nodes in
+ the overcloud. It's accessible via the Nova metadata API. This option is
+ role-specific and is merged with the values given to the ServerMetadata
+ parameter.
+ type: json
ServerMetadata:
default: {}
description: >
Extra properties or metadata passed to Nova for the created nodes in
- the overcloud. It's accessible via the Nova metadata API.
+ the overcloud. It's accessible via the Nova metadata API. This applies to
+ all roles and is merged with a role-specific metadata parameter.
type: json
{{role}}SchedulerHints:
type: json
@@ -105,6 +118,9 @@ parameters:
MonitoringSubscriptions:
type: comma_delimited_list
default: []
+ ServiceMetadataSettings:
+ type: json
+ default: {}
ConfigCommand:
type: string
description: Command which will be run whenever configuration data changes
@@ -115,6 +131,13 @@ parameters:
LoggingGroups:
type: comma_delimited_list
default: []
+ UpgradeInitCommand:
+ type: string
+ description: |
+ Command or script snippet to run on all overcloud nodes to
+ initialize the upgrade process. E.g. a repository switch.
+ default: ''
+
resources:
{{role}}:
@@ -136,7 +159,11 @@ resources:
template: {get_param: Hostname}
params: {get_param: HostnameMap}
software_config_transport: {get_param: SoftwareConfigTransport}
- metadata: {get_param: ServerMetadata}
+ metadata:
+ map_merge:
+ - {get_param: ServerMetadata}
+ - {get_param: {{role}}ServerMetadata}
+ - {get_param: ServiceMetadataSettings}
scheduler_hints: {get_param: {{role}}SchedulerHints}
# Combine the NodeAdminUserData and NodeUserData mime archives
@@ -148,6 +175,8 @@ resources:
type: multipart
- config: {get_resource: NodeUserData}
type: multipart
+ - config: {get_resource: RoleUserData}
+ type: multipart
# Creates the "heat-admin" user if configured via the environment
# Should return a OS::Heat::MultipartMime reference via OS::stack_id
@@ -159,6 +188,11 @@ resources:
NodeUserData:
type: OS::TripleO::NodeUserData
+ # For optional operator role-specific userdata
+ # Should return a OS::Heat::MultipartMime reference via OS::stack_id
+ RoleUserData:
+ type: OS::TripleO::{{role}}::NodeUserData
+
ExternalPort:
type: OS::TripleO::{{role}}::Ports::ExternalPort
properties:
@@ -325,17 +359,47 @@ resources:
- - {get_attr: [{{role}}, name]}
- ctlplane
+ PreNetworkConfig:
+ type: OS::TripleO::{{role}}::PreNetworkConfig
+ properties:
+ server: {get_resource: {{role}}}
+
NetworkDeployment:
type: OS::TripleO::SoftwareDeployment
+ depends_on: PreNetworkConfig
properties:
name: NetworkDeployment
config: {get_resource: NetworkConfig}
server: {get_resource: {{role}}}
actions: {get_param: NetworkDeploymentActions}
+ input_values:
+ bridge_name: br-ex
+ interface_name: {get_param: NeutronPublicInterface}
+
+ {{role}}UpgradeInitConfig:
+ type: OS::Heat::SoftwareConfig
+ properties:
+ group: script
+ config:
+ list_join:
+ - ''
+ - - "#!/bin/bash\n\n"
+ - "if [[ -f /etc/resolv.conf.save ]] ; then rm /etc/resolv.conf.save; fi\n\n"
+ - get_param: UpgradeInitCommand
+
+ # Note we may be able to make this conditional on UpgradeInitCommandNotEmpty
+ # but https://bugs.launchpad.net/heat/+bug/1649900 needs fixing first
+ {{role}}UpgradeInitDeployment:
+ type: OS::Heat::SoftwareDeployment
+ depends_on: NetworkDeployment
+ properties:
+ name: {{role}}UpgradeInitDeployment
+ server: {get_resource: {{role}}}
+ config: {get_resource: {{role}}UpgradeInitConfig}
{{role}}Deployment:
type: OS::Heat::StructuredDeployment
- depends_on: NetworkDeployment
+ depends_on: {{role}}UpgradeInitDeployment
properties:
name: {{role}}Deployment
config: {get_resource: {{role}}Config}
diff --git a/puppet/services/README.rst b/puppet/services/README.rst
index 856b306e..6e4e9c1d 100644
--- a/puppet/services/README.rst
+++ b/puppet/services/README.rst
@@ -74,3 +74,17 @@ step, "step2" for the second, etc.
6) Start control-plane services
7) Any additional online migration tasks (e.g data migrations)
+
+Nova Server Metadata Settings
+-----------------------------
+
+One can use the hook of type `OS::TripleO::ServiceServerMetadataHook` to pass
+entries to the nova instances' metadata. It is, however, disabled by default.
+In order to overwrite it one needs to define it in the resource registry. An
+implementation of this hook needs to conform to the following:
+
+* It needs to define an input called `RoleData` of json type. This gets as
+ input the contents of the `role_data` for each role's ServiceChain.
+
+* This needs to define an output called `metadata` which will be given to the
+ Nova Server resource as the instance's metadata.
diff --git a/puppet/services/aodh-api.yaml b/puppet/services/aodh-api.yaml
index 0cc7ad8b..4e735b45 100644
--- a/puppet/services/aodh-api.yaml
+++ b/puppet/services/aodh-api.yaml
@@ -1,4 +1,4 @@
-heat_template_version: 2016-04-08
+heat_template_version: ocata
description: >
OpenStack Aodh API service configured with Puppet
@@ -58,6 +58,7 @@ outputs:
"%{hiera('fqdn_$NETWORK')}"
params:
$NETWORK: {get_param: [ServiceNetMap, AodhApiNetwork]}
+ aodh::wsgi::apache::wsgi_process_display_name: 'aodh_wsgi'
aodh::api::service_name: 'httpd'
aodh::api::enable_proxy_headers_parsing: true
tripleo.aodh_api.firewall_rules:
diff --git a/puppet/services/aodh-base.yaml b/puppet/services/aodh-base.yaml
index 0e2410f7..8648a971 100644
--- a/puppet/services/aodh-base.yaml
+++ b/puppet/services/aodh-base.yaml
@@ -1,4 +1,4 @@
-heat_template_version: 2016-04-08
+heat_template_version: ocata
description: >
OpenStack Aodh service configured with Puppet
@@ -69,6 +69,8 @@ outputs:
- '@'
- {get_param: [EndpointMap, MysqlInternal, host]}
- '/aodh'
+ - '?bind_address='
+ - "%{hiera('tripleo::profile::base::database::mysql::client_bind_address')}"
aodh::debug: {get_param: Debug}
aodh::auth::auth_url: {get_param: [EndpointMap, KeystoneInternal, uri_no_suffix] }
aodh::rabbit_userid: {get_param: RabbitUserName}
diff --git a/puppet/services/aodh-evaluator.yaml b/puppet/services/aodh-evaluator.yaml
index 405c500e..61f8c23f 100644
--- a/puppet/services/aodh-evaluator.yaml
+++ b/puppet/services/aodh-evaluator.yaml
@@ -1,4 +1,4 @@
-heat_template_version: 2016-04-08
+heat_template_version: ocata
description: >
OpenStack Aodh Evaluator service configured with Puppet
diff --git a/puppet/services/aodh-listener.yaml b/puppet/services/aodh-listener.yaml
index fc4e8b39..715165b3 100644
--- a/puppet/services/aodh-listener.yaml
+++ b/puppet/services/aodh-listener.yaml
@@ -1,4 +1,4 @@
-heat_template_version: 2016-04-08
+heat_template_version: ocata
description: >
OpenStack Aodh Listener service configured with Puppet
diff --git a/puppet/services/aodh-notifier.yaml b/puppet/services/aodh-notifier.yaml
index 2e51c639..da85581b 100644
--- a/puppet/services/aodh-notifier.yaml
+++ b/puppet/services/aodh-notifier.yaml
@@ -1,4 +1,4 @@
-heat_template_version: 2016-04-08
+heat_template_version: ocata
description: >
OpenStack Aodh Notifier service configured with Puppet
diff --git a/puppet/services/apache-internal-tls-certmonger.yaml b/puppet/services/apache-internal-tls-certmonger.yaml
index 1d76b9a3..07ec1b3c 100644
--- a/puppet/services/apache-internal-tls-certmonger.yaml
+++ b/puppet/services/apache-internal-tls-certmonger.yaml
@@ -1,4 +1,4 @@
-heat_template_version: 2016-10-14
+heat_template_version: ocata
description: >
Apache service TLS configurations.
diff --git a/puppet/services/apache.yaml b/puppet/services/apache.yaml
index 382e0ff9..2e95dcb0 100644
--- a/puppet/services/apache.yaml
+++ b/puppet/services/apache.yaml
@@ -1,4 +1,4 @@
-heat_template_version: 2016-10-14
+heat_template_version: ocata
description: >
Apache service configured with Puppet. Note this is typically included
diff --git a/puppet/services/barbican-api.yaml b/puppet/services/barbican-api.yaml
index 24687d03..000a744c 100644
--- a/puppet/services/barbican-api.yaml
+++ b/puppet/services/barbican-api.yaml
@@ -1,4 +1,4 @@
-heat_template_version: 2016-04-08
+heat_template_version: ocata
description: >
OpenStack Barbican API service configured with Puppet
@@ -105,6 +105,8 @@ outputs:
- '@'
- {get_param: [EndpointMap, MysqlInternal, host]}
- '/barbican'
+ - '?bind_address='
+ - "%{hiera('tripleo::profile::base::database::mysql::client_bind_address')}"
tripleo.barbican_api.firewall_rules:
'117 barbican':
dport:
diff --git a/puppet/services/ca-certs.yaml b/puppet/services/ca-certs.yaml
index 1a534156..735e6dde 100644
--- a/puppet/services/ca-certs.yaml
+++ b/puppet/services/ca-certs.yaml
@@ -1,4 +1,4 @@
-heat_template_version: 2016-04-08
+heat_template_version: ocata
description: >
HAproxy service configured with Puppet
diff --git a/puppet/services/ceilometer-agent-central.yaml b/puppet/services/ceilometer-agent-central.yaml
index c4abc307..b9d8966c 100644
--- a/puppet/services/ceilometer-agent-central.yaml
+++ b/puppet/services/ceilometer-agent-central.yaml
@@ -1,4 +1,4 @@
-heat_template_version: 2016-04-08
+heat_template_version: ocata
description: >
OpenStack Ceilometer Central Agent service configured with Puppet
diff --git a/puppet/services/ceilometer-agent-compute.yaml b/puppet/services/ceilometer-agent-compute.yaml
index 5457539c..b1d36c94 100644
--- a/puppet/services/ceilometer-agent-compute.yaml
+++ b/puppet/services/ceilometer-agent-compute.yaml
@@ -1,4 +1,4 @@
-heat_template_version: 2016-04-08
+heat_template_version: ocata
description: >
OpenStack Ceilometer Compute Agent service configured with Puppet
diff --git a/puppet/services/ceilometer-agent-notification.yaml b/puppet/services/ceilometer-agent-notification.yaml
index ea403aa1..9c9a3bd9 100644
--- a/puppet/services/ceilometer-agent-notification.yaml
+++ b/puppet/services/ceilometer-agent-notification.yaml
@@ -1,4 +1,4 @@
-heat_template_version: 2016-04-08
+heat_template_version: ocata
description: >
OpenStack Ceilometer Notification Agent service configured with Puppet
diff --git a/puppet/services/ceilometer-api.yaml b/puppet/services/ceilometer-api.yaml
index 2e2d3f2d..63e02d4f 100644
--- a/puppet/services/ceilometer-api.yaml
+++ b/puppet/services/ceilometer-api.yaml
@@ -1,4 +1,4 @@
-heat_template_version: 2016-04-08
+heat_template_version: ocata
description: >
OpenStack Ceilometer API service configured with Puppet
diff --git a/puppet/services/ceilometer-base.yaml b/puppet/services/ceilometer-base.yaml
index 060ae32d..a86a0cdf 100644
--- a/puppet/services/ceilometer-base.yaml
+++ b/puppet/services/ceilometer-base.yaml
@@ -1,4 +1,4 @@
-heat_template_version: 2016-04-08
+heat_template_version: ocata
description: >
OpenStack Ceilometer service configured with Puppet
@@ -46,10 +46,10 @@ parameters:
default: 0
description: Number of workers for Ceilometer service.
type: number
- CeilometerStoreEvents:
- default: false
- description: Whether to store events in ceilometer.
- type: boolean
+ EventPipelinePublishers:
+ default: ['notifier://?topic=alarm.all']
+ description: A list of publishers to put in event_pipeline.yaml.
+ type: comma_delimited_list
Debug:
default: ''
description: Set to True to enable debugging on all services.
@@ -93,6 +93,8 @@ outputs:
- '@'
- {get_param: [EndpointMap, MysqlInternal, host]}
- '/ceilometer'
+ - '?bind_address='
+ - "%{hiera('tripleo::profile::base::database::mysql::client_bind_address')}"
ceilometer_backend: {get_param: CeilometerBackend}
ceilometer::metering_secret: {get_param: CeilometerMeteringSecret}
# we include db_sync class in puppet-tripleo
@@ -103,7 +105,7 @@ outputs:
ceilometer::keystone::authtoken::auth_url: { get_param: [EndpointMap, KeystoneAdmin, uri_no_suffix] }
ceilometer::agent::auth::auth_password: {get_param: CeilometerPassword}
ceilometer::agent::auth::auth_url: {get_param: [EndpointMap, KeystoneInternal, uri_no_suffix] }
- ceilometer::agent::notification::store_events: {get_param: CeilometerStoreEvents}
+ ceilometer::agent::notification::event_pipeline_publishers: {get_param: EventPipelinePublishers}
ceilometer::agent::auth::auth_region: {get_param: KeystoneRegion}
ceilometer::agent::auth::auth_tenant_name: 'service'
ceilometer::agent::auth::auth_endpoint_type: 'internalURL'
diff --git a/puppet/services/ceilometer-collector.yaml b/puppet/services/ceilometer-collector.yaml
index e3f1ef4e..88e7d781 100644
--- a/puppet/services/ceilometer-collector.yaml
+++ b/puppet/services/ceilometer-collector.yaml
@@ -1,4 +1,4 @@
-heat_template_version: 2016-04-08
+heat_template_version: ocata
description: >
OpenStack Ceilometer Collector service configured with Puppet
diff --git a/puppet/services/ceilometer-expirer.yaml b/puppet/services/ceilometer-expirer.yaml
index 3b811c4d..714434b1 100644
--- a/puppet/services/ceilometer-expirer.yaml
+++ b/puppet/services/ceilometer-expirer.yaml
@@ -1,4 +1,4 @@
-heat_template_version: 2016-04-08
+heat_template_version: ocata
description: >
OpenStack Ceilometer Expirer service configured with Puppet
diff --git a/puppet/services/ceph-base.yaml b/puppet/services/ceph-base.yaml
index 8faf5640..033d3f77 100644
--- a/puppet/services/ceph-base.yaml
+++ b/puppet/services/ceph-base.yaml
@@ -1,4 +1,4 @@
-heat_template_version: 2016-10-14
+heat_template_version: ocata
description: >
Ceph base service. Shared by all Ceph services.
diff --git a/puppet/services/ceph-client.yaml b/puppet/services/ceph-client.yaml
index b482dd2e..f972e21b 100644
--- a/puppet/services/ceph-client.yaml
+++ b/puppet/services/ceph-client.yaml
@@ -1,4 +1,4 @@
-heat_template_version: 2016-04-08
+heat_template_version: ocata
description: >
Ceph Client service.
diff --git a/puppet/services/ceph-external.yaml b/puppet/services/ceph-external.yaml
index b708665f..aaa9b039 100644
--- a/puppet/services/ceph-external.yaml
+++ b/puppet/services/ceph-external.yaml
@@ -1,4 +1,4 @@
-heat_template_version: 2016-10-14
+heat_template_version: ocata
description: >
Ceph External service.
@@ -61,6 +61,12 @@ parameters:
MonitoringSubscriptionCephExternal:
default: 'overcloud-ceph-external'
type: string
+ RbdDefaultFeatures:
+ default: ''
+ description: The default features enabled when creating a block device
+ image. Only applies to format 2 images. Set to '1' for Jewel
+ clients using older Ceph servers.
+ type: string
conditions:
glance_multiple_locations:
@@ -81,6 +87,7 @@ outputs:
config_settings:
tripleo::profile::base::ceph::ceph_mon_host: {get_param: CephExternalMonHost}
ceph::profile::params::fsid: {get_param: CephClusterFSID}
+ ceph::profile::params::rbd_default_features: {get_param: RbdDefaultFeatures}
ceph::profile::params::client_keys:
str_replace:
template: "{
diff --git a/puppet/services/pacemaker/gnocchi-api.yaml b/puppet/services/ceph-mds.yaml
index 6a9161fa..b68567fb 100644
--- a/puppet/services/pacemaker/gnocchi-api.yaml
+++ b/puppet/services/ceph-mds.yaml
@@ -1,7 +1,7 @@
-heat_template_version: 2016-04-08
+heat_template_version: ocata
description: >
- Gnocchi service configured with Puppet
+ Ceph MDS service.
parameters:
ServiceNetMap:
@@ -18,13 +18,15 @@ parameters:
description: Mapping of service endpoint -> protocol. Typically set
via parameter_defaults in the resource registry.
type: json
- MonitoringSubscriptionGnocchiApi:
- default: 'overcloud-gnocchi-api'
+ CephMdsKey:
+ description: The cephx key for the MDS service. Can be created
+ with ceph-authtool --gen-print-key.
type: string
+ hidden: true
resources:
- GnocchiServiceBase:
- type: ../gnocchi-api.yaml
+ CephBase:
+ type: ./ceph-base.yaml
properties:
ServiceNetMap: {get_param: ServiceNetMap}
DefaultPasswords: {get_param: DefaultPasswords}
@@ -32,14 +34,16 @@ resources:
outputs:
role_data:
- description: Role data for the Gnocchi role.
+ description: Role data for the Ceph MDS service.
value:
- service_name: gnocchi_api
- monitoring_subscription: {get_param: MonitoringSubscriptionGnocchiApi}
+ service_name: ceph_mds
config_settings:
map_merge:
- - get_attr: [GnocchiServiceBase, role_data, config_settings]
- - gnocchi::metricd::manage_service: false
- gnocchi::metricd::enabled: false
+ - get_attr: [CephBase, role_data, config_settings]
+ - ceph::profile::params::mds_key: {get_param: CephMdsKey}
+ tripleo.ceph_mds.firewall_rules:
+ '112 ceph_mds':
+ dport:
+ - '6800-7300'
step_config: |
- include ::tripleo::profile::pacemaker::gnocchi::api
+ include ::tripleo::profile::base::ceph::mds
diff --git a/puppet/services/ceph-mon.yaml b/puppet/services/ceph-mon.yaml
index 3471f16c..68ad69b7 100644
--- a/puppet/services/ceph-mon.yaml
+++ b/puppet/services/ceph-mon.yaml
@@ -1,4 +1,4 @@
-heat_template_version: 2016-04-08
+heat_template_version: ocata
description: >
Ceph Monitor service.
@@ -28,6 +28,12 @@ parameters:
CinderRbdPoolName:
default: volumes
type: string
+ ManilaCephFSDataPoolName:
+ default: manila_data
+ type: string
+ ManilaCephFSMetadataPoolName:
+ default: manila_metadata
+ type: string
CinderBackupRbdPoolName:
default: backups
type: string
@@ -87,6 +93,8 @@ outputs:
for_each:
<%pool%>:
- {get_param: CinderRbdPoolName}
+ - {get_param: ManilaCephFSDataPoolName}
+ - {get_param: ManilaCephFSMetadataPoolName}
- {get_param: CinderBackupRbdPoolName}
- {get_param: NovaRbdPoolName}
- {get_param: GlanceRbdPoolName}
diff --git a/puppet/services/ceph-osd.yaml b/puppet/services/ceph-osd.yaml
index f6378720..df0ee6c3 100644
--- a/puppet/services/ceph-osd.yaml
+++ b/puppet/services/ceph-osd.yaml
@@ -1,4 +1,4 @@
-heat_template_version: 2016-04-08
+heat_template_version: ocata
description: >
Ceph OSD service.
diff --git a/puppet/services/ceph-rgw.yaml b/puppet/services/ceph-rgw.yaml
index 4b85d28f..6448387c 100644
--- a/puppet/services/ceph-rgw.yaml
+++ b/puppet/services/ceph-rgw.yaml
@@ -1,4 +1,4 @@
-heat_template_version: 2016-04-08
+heat_template_version: ocata
description: >
Ceph RadosGW service.
diff --git a/puppet/services/cinder-api.yaml b/puppet/services/cinder-api.yaml
index 6cb2b194..7d197831 100644
--- a/puppet/services/cinder-api.yaml
+++ b/puppet/services/cinder-api.yaml
@@ -1,4 +1,4 @@
-heat_template_version: 2016-10-14
+heat_template_version: ocata
description: >
OpenStack Cinder API service configured with Puppet
@@ -147,3 +147,19 @@ outputs:
cinder::db::mysql::allowed_hosts:
- '%'
- "%{hiera('mysql_bind_host')}"
+ upgrade_tasks:
+ - name: check for cinder running under apache (post upgrade)
+ tags: step2
+ shell: "apachectl -t -D DUMP_VHOSTS | grep -q cinder"
+ register: cinder_apache
+ ignore_errors: true
+ - name: Stop cinder_api service (running under httpd)
+ tags: step2
+ service: name=httpd state=stopped
+ when: "cinder_apache.rc == 0"
+ - name: Stop and disable cinder_api service (pre-upgrade not under httpd)
+ tags: step2
+ service: name=openstack-cinder-api state=stopped enabled=no
+ - name: Start cinder_api service (running under httpd)
+ tags: step6
+ service: name=httpd state=started
diff --git a/puppet/services/cinder-backup.yaml b/puppet/services/cinder-backup.yaml
index 80795457..14be07af 100644
--- a/puppet/services/cinder-backup.yaml
+++ b/puppet/services/cinder-backup.yaml
@@ -1,4 +1,4 @@
-heat_template_version: 2016-04-08
+heat_template_version: ocata
description: >
OpenStack Cinder Backup service configured with Puppet
diff --git a/puppet/services/cinder-base.yaml b/puppet/services/cinder-base.yaml
index 59c9b844..be4b4af2 100644
--- a/puppet/services/cinder-base.yaml
+++ b/puppet/services/cinder-base.yaml
@@ -1,4 +1,4 @@
-heat_template_version: 2016-04-08
+heat_template_version: ocata
description: >
OpenStack Cinder base service. Shared by all Cinder services.
@@ -60,6 +60,8 @@ outputs:
- '@'
- {get_param: [EndpointMap, MysqlInternal, host]}
- '/cinder'
+ - '?bind_address='
+ - "%{hiera('tripleo::profile::base::database::mysql::client_bind_address')}"
cinder::debug: {get_param: Debug}
cinder::rabbit_use_ssl: {get_param: RabbitClientUseSSL}
cinder::rabbit_userid: {get_param: RabbitUserName}
diff --git a/puppet/services/cinder-hpelefthand-iscsi.yaml b/puppet/services/cinder-hpelefthand-iscsi.yaml
new file mode 100644
index 00000000..ca7d2838
--- /dev/null
+++ b/puppet/services/cinder-hpelefthand-iscsi.yaml
@@ -0,0 +1,56 @@
+heat_template_version: ocata
+
+description: >
+ Configure Cinder HPELeftHandISCSIDriver
+
+parameters:
+ # Config specific parameters, to be provided via parameter_defaults
+ CinderHPELeftHandISCSIApiUrl:
+ type: string
+ CinderHPELeftHandISCSIUserName:
+ type: string
+ CinderHPELeftHandISCSIPassword:
+ type: string
+ hidden: true
+ CinderHPELeftHandISCSIBackendName:
+ type: string
+ default: 'tripleo_hpelefthand'
+ CinderHPELeftHandISCSIChapEnabled:
+ type: boolean
+ default: false
+ CinderHPELeftHandClusterName:
+ type: string
+ CinderHPELeftHandDebug:
+ type: boolean
+ default: false
+ ServiceNetMap:
+ default: {}
+ description: Mapping of service_name -> network name. Typically set
+ via parameter_defaults in the resource registry. This
+ mapping overrides those in ServiceNetMapDefaults.
+ type: json
+ DefaultPasswords:
+ default: {}
+ type: json
+ EndpointMap:
+ default: {}
+ type: json
+ description: Mapping of service endpoint -> protocol. Typically set
+ via parameter_defaults in the resource registry.
+
+outputs:
+ role_data:
+ description: Role data for Cinder HPELeftHandISCSIDriver
+ value:
+ service_name: cinder_hpelefthand_iscsi
+ config_settings:
+ tripleo::profile::base::cinder::volume::cinder_enable_hpelefthand_backend: true
+ cinder::backend::hpelefthand_iscsi::hpelefthand_api_url: {get_param: CinderHPELeftHandISCSIApiUrl}
+ cinder::backend::hpelefthand_iscsi::hpelefthand_username: {get_param: CinderHPELeftHandISCSIUserName}
+ cinder::backend::hpelefthand_iscsi::hpelefthand_password: {get_param: CinderHPELeftHandISCSIPassword}
+ cinder::backend::hpelefthand_iscsi::volume_backend_name: {get_param: CinderHPELeftHandISCSIBackendName}
+ cinder::backend::hpelefthand_iscsi::hpelefthand_iscsi_chap_enabled: {get_param: CinderHPELeftHandISCSIChapEnabled}
+ cinder::backend::hpelefthand_iscsi::hpelefthand_clustername: {get_param: CinderHPELeftHandClusterName}
+ cinder::backend::hpelefthand_iscsi::hpelefthand_debug: {get_param: CinderHPELeftHandDebug}
+ step_config: |
+ include ::tripleo::profile::base::cinder::volume
diff --git a/puppet/services/cinder-scheduler.yaml b/puppet/services/cinder-scheduler.yaml
index 94c263ea..e12af631 100644
--- a/puppet/services/cinder-scheduler.yaml
+++ b/puppet/services/cinder-scheduler.yaml
@@ -1,4 +1,4 @@
-heat_template_version: 2016-04-08
+heat_template_version: ocata
description: >
OpenStack Cinder Scheduler service configured with Puppet
@@ -51,3 +51,10 @@ outputs:
- cinder::scheduler::scheduler_driver: cinder.scheduler.filter_scheduler.FilterScheduler
step_config: |
include ::tripleo::profile::base::cinder::scheduler
+ upgrade_tasks:
+ - name: Stop cinder_scheduler service
+ tags: step2
+ service: name=openstack-cinder-scheduler state=stopped
+ - name: Start cinder_scheduler service
+ tags: step6
+ service: name=openstack-cinder-scheduler state=started
diff --git a/puppet/services/cinder-volume.yaml b/puppet/services/cinder-volume.yaml
index 82e16f39..cc06d87b 100644
--- a/puppet/services/cinder-volume.yaml
+++ b/puppet/services/cinder-volume.yaml
@@ -1,4 +1,4 @@
-heat_template_version: 2016-04-08
+heat_template_version: ocata
description: >
OpenStack Cinder Volume service configured with Puppet
@@ -110,3 +110,14 @@ outputs:
tripleo::profile::base::cinder::volume::iscsi::cinder_iscsi_address: {get_param: [ServiceNetMap, CinderIscsiNetwork]}
step_config: |
include ::tripleo::profile::base::cinder::volume
+ upgrade_tasks:
+ - name: Stop cinder_volume service
+ tags: step2
+ service: name=openstack-cinder-volume state=stopped
+ - name: Sync cinder_volume DB
+ tags: step5
+ command: cinder-manage db sync
+ - name: Start cinder_volume service
+ tags: step6
+ service: name=openstack-cinder-volume state=started
+
diff --git a/puppet/services/database/mongodb-base.yaml b/puppet/services/database/mongodb-base.yaml
index 3f4f106d..c27fcb7f 100644
--- a/puppet/services/database/mongodb-base.yaml
+++ b/puppet/services/database/mongodb-base.yaml
@@ -1,4 +1,4 @@
-heat_template_version: 2016-04-08
+heat_template_version: ocata
description: >
Configuration details for MongoDB service using composable roles
diff --git a/puppet/services/database/mongodb.yaml b/puppet/services/database/mongodb.yaml
index 01daeafe..8290cae7 100644
--- a/puppet/services/database/mongodb.yaml
+++ b/puppet/services/database/mongodb.yaml
@@ -1,4 +1,4 @@
-heat_template_version: 2016-04-08
+heat_template_version: ocata
description: >
MongoDb service deployment using puppet
diff --git a/puppet/services/database/mysql-internal-tls-certmonger.yaml b/puppet/services/database/mysql-internal-tls-certmonger.yaml
index 3ba51fb6..56d037e7 100644
--- a/puppet/services/database/mysql-internal-tls-certmonger.yaml
+++ b/puppet/services/database/mysql-internal-tls-certmonger.yaml
@@ -1,4 +1,4 @@
-heat_template_version: 2016-10-14
+heat_template_version: ocata
description: >
MySQL configurations for using TLS via certmonger.
diff --git a/puppet/services/database/mysql.yaml b/puppet/services/database/mysql.yaml
index abe752e2..7e12894f 100644
--- a/puppet/services/database/mysql.yaml
+++ b/puppet/services/database/mysql.yaml
@@ -1,4 +1,4 @@
-heat_template_version: 2016-10-14
+heat_template_version: ocata
description: >
MySQL service deployment using puppet
@@ -90,9 +90,14 @@ outputs:
"%{hiera('fqdn_$NETWORK')}"
params:
$NETWORK: {get_param: [ServiceNetMap, MysqlNetwork]}
+ tripleo::profile::base::database::mysql::client_bind_address:
+ {get_param: [ServiceNetMap, MysqlNetwork]}
step_config: |
include ::tripleo::profile::base::database::mysql
upgrade_tasks:
+ - name: Check for galera root password
+ tags: step0
+ file: path=/root/.my.cnf state=file
- name: Stop service
tags: step2
service: name=mariadb state=stopped
diff --git a/puppet/services/database/redis-base.yaml b/puppet/services/database/redis-base.yaml
index 2fab0eb6..2b7dd430 100644
--- a/puppet/services/database/redis-base.yaml
+++ b/puppet/services/database/redis-base.yaml
@@ -1,4 +1,4 @@
-heat_template_version: 2016-04-08
+heat_template_version: ocata
description: >
OpenStack Redis service configured with Puppet
diff --git a/puppet/services/database/redis.yaml b/puppet/services/database/redis.yaml
index 1c333b97..5ea25ca8 100644
--- a/puppet/services/database/redis.yaml
+++ b/puppet/services/database/redis.yaml
@@ -1,4 +1,4 @@
-heat_template_version: 2016-04-08
+heat_template_version: ocata
description: >
OpenStack Redis service configured with Puppet
diff --git a/puppet/services/glance-api.yaml b/puppet/services/glance-api.yaml
index 33abdbf9..6d01bd48 100644
--- a/puppet/services/glance-api.yaml
+++ b/puppet/services/glance-api.yaml
@@ -1,4 +1,4 @@
-heat_template_version: 2016-04-08
+heat_template_version: ocata
description: >
OpenStack Glance API service configured with Puppet
@@ -75,15 +75,13 @@ outputs:
- '@'
- {get_param: [EndpointMap, MysqlInternal, host]}
- '/glance'
+ - '?bind_address='
+ - "%{hiera('tripleo::profile::base::database::mysql::client_bind_address')}"
glance::api::bind_port: {get_param: [EndpointMap, GlanceInternal, port]}
glance::api::authtoken::auth_uri: {get_param: [EndpointMap, KeystoneInternal, uri] }
glance::api::authtoken::auth_url: { get_param: [EndpointMap, KeystoneAdmin, uri_no_suffix] }
- glance::api::registry_host:
- str_replace:
- template: "'REGISTRY_HOST'"
- params:
- REGISTRY_HOST: {get_param: [EndpointMap, GlanceRegistryInternal, host]}
- glance::api::registry_client_protocol: {get_param: [EndpointMap, GlanceRegistryInternal, protocol] }
+ glance::api::enable_v1_api: false
+ glance::api::enable_v2_api: true
glance::api::authtoken::password: {get_param: GlancePassword}
glance::api::enable_proxy_headers_parsing: true
glance::api::debug: {get_param: Debug}
@@ -107,3 +105,13 @@ outputs:
include ::tripleo::profile::base::glance::api
service_config_settings:
get_attr: [GlanceBase, role_data, service_config_settings]
+ upgrade_tasks:
+ - name: Stop glance_api service
+ tags: step2
+ service: name=openstack-glance-api state=stopped
+ - name: Sync glance_api DB
+ tags: step5
+ command: glance-manage --config-file=/etc/glance/glance-api.conf db_sync
+ - name: Start glance_api service
+ tags: step6
+ service: name=openstack-glance-api state=started
diff --git a/puppet/services/glance-base.yaml b/puppet/services/glance-base.yaml
index cc979af9..f5548982 100644
--- a/puppet/services/glance-base.yaml
+++ b/puppet/services/glance-base.yaml
@@ -1,4 +1,4 @@
-heat_template_version: 2016-10-14
+heat_template_version: ocata
description: >
OpenStack Glance Common settings with Puppet
@@ -105,8 +105,6 @@ outputs:
glance::notify::rabbitmq::rabbit_password: {get_param: RabbitPassword}
glance::notify::rabbitmq::rabbit_use_ssl: {get_param: RabbitClientUseSSL}
glance::notify::rabbitmq::notification_driver: messagingv2
- glance::registry::db::database_db_max_retries: -1
- glance::registry::db::database_max_retries: -1
tripleo::profile::base::glance::api::glance_nfs_enabled: {get_param: GlanceNfsEnabled}
tripleo::glance::nfs_mount::share: {get_param: GlanceNfsShare}
tripleo::glance::nfs_mount::options: {get_param: GlanceNfsOptions}
diff --git a/puppet/services/glance-registry.yaml b/puppet/services/glance-registry.yaml
deleted file mode 100644
index c45582d4..00000000
--- a/puppet/services/glance-registry.yaml
+++ /dev/null
@@ -1,100 +0,0 @@
-heat_template_version: 2016-04-08
-
-description: >
- OpenStack Glance Registry service configured with Puppet
-
-parameters:
- ServiceNetMap:
- default: {}
- description: Mapping of service_name -> network name. Typically set
- via parameter_defaults in the resource registry. This
- mapping overrides those in ServiceNetMapDefaults.
- type: json
- DefaultPasswords:
- default: {}
- type: json
- EndpointMap:
- default: {}
- description: Mapping of service endpoint -> protocol. Typically set
- via parameter_defaults in the resource registry.
- type: json
- Debug:
- default: ''
- description: Set to True to enable debugging on all services.
- type: string
- GlancePassword:
- description: The password for the glance service and db account, used by the glance services.
- type: string
- hidden: true
- GlanceWorkers:
- default: ''
- description: |
- Number of worker processes for glance registry. If left unset (empty
- string), the default value will result in the configuration being left
- unset and a system-dependent default value will be chosen (e.g.: number of
- processors). Please note that this will create a large number of processes
- on systems with a large number of CPUs resulting in excess memory
- consumption. It is recommended that a suitable non-default value be
- selected on such systems.
- type: string
- MonitoringSubscriptionGlanceRegistry:
- default: 'overcloud-glance-registry'
- type: string
- GlanceRegistryLoggingSource:
- type: json
- default:
- tag: openstack.glance.registry
- path: /var/log/glance/registry.log
-
-resources:
- GlanceBase:
- type: ./glance-base.yaml
- properties:
- ServiceNetMap: {get_param: ServiceNetMap}
- DefaultPasswords: {get_param: DefaultPasswords}
- EndpointMap: {get_param: EndpointMap}
-
-outputs:
- role_data:
- description: Role data for the Glance Registry role.
- value:
- service_name: glance_registry
- monitoring_subscription: {get_param: MonitoringSubscriptionGlanceRegistry}
- logging_source: {get_param: GlanceRegistryLoggingSource}
- logging_groups:
- - glance
- config_settings:
- map_merge:
- - get_attr: [GlanceBase, role_data, config_settings]
-
- - glance::registry::database_connection:
- list_join:
- - ''
- - - {get_param: [EndpointMap, MysqlInternal, protocol]}
- - '://glance:'
- - {get_param: GlancePassword}
- - '@'
- - {get_param: [EndpointMap, MysqlInternal, host]}
- - '/glance'
- glance::registry::authtoken::password: {get_param: GlancePassword}
- glance::registry::authtoken::project_name: 'service'
- glance::registry::pipeline: 'keystone'
- glance::registry::authtoken::auth_uri: {get_param: [EndpointMap, KeystoneInternal, uri] }
- glance::registry::authtoken::auth_url: { get_param: [EndpointMap, KeystoneAdmin, uri_no_suffix] }
- glance::registry::debug: {get_param: Debug}
- glance::registry::workers: {get_param: GlanceWorkers}
- tripleo.glance_registry.firewall_rules:
- '112 glance_registry':
- dport:
- - 9191
- # NOTE: bind IP is found in Heat replacing the network name with the
- # local node IP for the given network; replacement examples
- # (eg. for internal_api):
- # internal_api -> IP
- # internal_api_uri -> [IP]
- # internal_api_subnet - > IP/CIDR
- glance::registry::bind_host: {get_param: [ServiceNetMap, GlanceRegistryNetwork]}
- step_config: |
- include ::tripleo::profile::base::glance::registry
- service_config_settings:
- get_attr: [GlanceBase, role_data, config_settings]
diff --git a/puppet/services/gnocchi-api.yaml b/puppet/services/gnocchi-api.yaml
index b3d39e0f..3929e005 100644
--- a/puppet/services/gnocchi-api.yaml
+++ b/puppet/services/gnocchi-api.yaml
@@ -1,4 +1,4 @@
-heat_template_version: 2016-04-08
+heat_template_version: ocata
description: >
Gnocchi service configured with Puppet
@@ -102,6 +102,7 @@ outputs:
# internal_api_uri -> [IP]
# internal_api_subnet - > IP/CIDR
gnocchi::wsgi::apache::bind_host: {get_param: [ServiceNetMap, GnocchiApiNetwork]}
+ gnocchi::wsgi::apache::wsgi_process_display_name: 'gnocchi_wsgi'
gnocchi::api::host:
str_replace:
template:
diff --git a/puppet/services/gnocchi-base.yaml b/puppet/services/gnocchi-base.yaml
index 556baae0..d92b1766 100644
--- a/puppet/services/gnocchi-base.yaml
+++ b/puppet/services/gnocchi-base.yaml
@@ -1,4 +1,4 @@
-heat_template_version: 2016-04-08
+heat_template_version: ocata
description: >
Gnocchi service configured with Puppet
@@ -67,6 +67,8 @@ outputs:
- '@'
- {get_param: [EndpointMap, MysqlInternal, host]}
- '/gnocchi'
+ - '?bind_address='
+ - "%{hiera('tripleo::profile::base::database::mysql::client_bind_address')}"
gnocchi::db::sync::extra_opts: '--skip-storage --create-legacy-resource-types'
gnocchi::storage::swift::swift_user: 'service:gnocchi'
gnocchi::storage::swift::swift_auth_version: 2
diff --git a/puppet/services/gnocchi-metricd.yaml b/puppet/services/gnocchi-metricd.yaml
index 1400bc98..e5f9a8e7 100644
--- a/puppet/services/gnocchi-metricd.yaml
+++ b/puppet/services/gnocchi-metricd.yaml
@@ -1,4 +1,4 @@
-heat_template_version: 2016-04-08
+heat_template_version: ocata
description: >
Gnocchi service configured with Puppet
diff --git a/puppet/services/gnocchi-statsd.yaml b/puppet/services/gnocchi-statsd.yaml
index 983d6c91..df438b37 100644
--- a/puppet/services/gnocchi-statsd.yaml
+++ b/puppet/services/gnocchi-statsd.yaml
@@ -1,4 +1,4 @@
-heat_template_version: 2016-04-08
+heat_template_version: ocata
description: >
Gnocchi service configured with Puppet
diff --git a/puppet/services/haproxy-internal-tls-certmonger.yaml b/puppet/services/haproxy-internal-tls-certmonger.yaml
index c6d53542..77457593 100644
--- a/puppet/services/haproxy-internal-tls-certmonger.yaml
+++ b/puppet/services/haproxy-internal-tls-certmonger.yaml
@@ -1,4 +1,4 @@
-heat_template_version: 2016-10-14
+heat_template_version: ocata
description: >
HAProxy deployment with TLS enabled, powered by certmonger
diff --git a/puppet/services/haproxy-public-tls-certmonger.yaml b/puppet/services/haproxy-public-tls-certmonger.yaml
index 1551d16a..227697b9 100644
--- a/puppet/services/haproxy-public-tls-certmonger.yaml
+++ b/puppet/services/haproxy-public-tls-certmonger.yaml
@@ -1,4 +1,4 @@
-heat_template_version: 2016-10-14
+heat_template_version: ocata
description: >
HAProxy deployment with TLS enabled, powered by certmonger
diff --git a/puppet/services/haproxy.yaml b/puppet/services/haproxy.yaml
index 675a79ec..9049c901 100644
--- a/puppet/services/haproxy.yaml
+++ b/puppet/services/haproxy.yaml
@@ -1,4 +1,4 @@
-heat_template_version: 2016-10-14
+heat_template_version: ocata
description: >
HAproxy service configured with Puppet
diff --git a/puppet/services/heat-api-cfn.yaml b/puppet/services/heat-api-cfn.yaml
index 12d4a6a1..f4d3cad3 100644
--- a/puppet/services/heat-api-cfn.yaml
+++ b/puppet/services/heat-api-cfn.yaml
@@ -1,4 +1,4 @@
-heat_template_version: 2016-04-08
+heat_template_version: ocata
description: >
Openstack Heat CloudFormation API service configured with Puppet
@@ -84,3 +84,11 @@ outputs:
heat::keystone::auth_cfn::admin_url: {get_param: [EndpointMap, HeatCfnAdmin, uri]}
heat::keystone::auth_cfn::password: {get_param: HeatPassword}
heat::keystone::auth_cfn::region: {get_param: KeystoneRegion}
+ upgrade_tasks:
+ - name: Stop heat_api_cfn service
+ tags: step2
+ service: name=openstack-heat-api-cfn state=stopped
+ - name: Start heat_api_cfn service
+ tags: step6
+ service: name=openstack-heat-api-cfn state=started
+
diff --git a/puppet/services/heat-api-cloudwatch.yaml b/puppet/services/heat-api-cloudwatch.yaml
index 6dfeaaf3..ba4a287a 100644
--- a/puppet/services/heat-api-cloudwatch.yaml
+++ b/puppet/services/heat-api-cloudwatch.yaml
@@ -1,4 +1,4 @@
-heat_template_version: 2016-04-08
+heat_template_version: ocata
description: >
Openstack Heat CloudWatch API service configured with Puppet
@@ -66,3 +66,10 @@ outputs:
heat::api_cloudwatch::bind_host: {get_param: [ServiceNetMap, HeatApiNetwork]}
step_config: |
include ::tripleo::profile::base::heat::api_cloudwatch
+ upgrade_tasks:
+ - name: Stop heat_api_cloudwatch service
+ tags: step2
+ service: name=openstack-heat-api-cloudwatch state=stopped
+ - name: Start heat_api_cloudwatch service
+ tags: step6
+ service: name=openstack-heat-api state=started
diff --git a/puppet/services/heat-api.yaml b/puppet/services/heat-api.yaml
index b0cd16dd..7ec9d6d4 100644
--- a/puppet/services/heat-api.yaml
+++ b/puppet/services/heat-api.yaml
@@ -1,4 +1,4 @@
-heat_template_version: 2016-04-08
+heat_template_version: ocata
description: >
Openstack Heat API service configured with Puppet
@@ -84,3 +84,10 @@ outputs:
heat::keystone::auth::admin_url: {get_param: [EndpointMap, HeatAdmin, uri]}
heat::keystone::auth::password: {get_param: HeatPassword}
heat::keystone::auth::region: {get_param: KeystoneRegion}
+ upgrade_tasks:
+ - name: Stop heat_api service
+ tags: step2
+ service: name=openstack-heat-api state=stopped
+ - name: Start heat_api service
+ tags: step6
+ service: name=openstack-heat-api state=started
diff --git a/puppet/services/heat-base.yaml b/puppet/services/heat-base.yaml
index a2a65d7d..a933a94b 100644
--- a/puppet/services/heat-base.yaml
+++ b/puppet/services/heat-base.yaml
@@ -1,4 +1,4 @@
-heat_template_version: 2016-04-08
+heat_template_version: ocata
description: >
Openstack Heat base service. Shared for all Heat services.
@@ -57,6 +57,7 @@ outputs:
heat::rabbit_port: {get_param: RabbitClientPort}
heat::debug: {get_param: Debug}
heat::enable_proxy_headers_parsing: true
+ heat::rpc_response_timeout: 600
# We need this because the default heat policy.json no longer works on TripleO
# https://git.openstack.org/cgit/openstack/heat/commit/?id=ac86702172ddf01f5bdc3f3cd99d2e32ad9b7024
heat::policy::policies:
@@ -77,6 +78,8 @@ outputs:
heat::cron::purge_deleted::destination: '/dev/null'
heat::db::database_db_max_retries: -1
heat::db::database_max_retries: -1
+ heat::yaql_memory_quota: 100000
+ heat::yaql_limit_iterators: 1000
service_config_settings:
keystone:
tripleo::profile::base::keystone::heat_admin_domain: 'heat_stack'
diff --git a/puppet/services/heat-engine.yaml b/puppet/services/heat-engine.yaml
index 3f0e4105..6efb0653 100644
--- a/puppet/services/heat-engine.yaml
+++ b/puppet/services/heat-engine.yaml
@@ -1,4 +1,4 @@
-heat_template_version: 2016-10-14
+heat_template_version: ocata
description: >
Openstack Heat Engine service configured with Puppet
@@ -48,6 +48,15 @@ parameters:
default:
tag: openstack.heat.engine
path: /var/log/heat/heat-engine.log
+ HeatConvergenceEngine:
+ type: boolean
+ default: true
+ description: Enables the heat engine with the convergence architecture.
+ HeatMaxResourcesPerStack:
+ type: number
+ default: 1000
+ description: Maximum resources allowed per top-level stack. -1 stands for unlimited.
+
resources:
HeatBase:
@@ -72,6 +81,26 @@ outputs:
- heat::engine::num_engine_workers: {get_param: HeatWorkers}
heat::engine::configure_delegated_roles: false
heat::engine::trusts_delegated_roles: []
+ heat::engine::max_nested_stack_depth: 6
+ heat::engine::max_resources_per_stack: {get_param: HeatMaxResourcesPerStack}
+ heat::engine::heat_metadata_server_url:
+ list_join:
+ - ''
+ - - {get_param: [EndpointMap, HeatCfnPublic, protocol]}
+ - '://'
+ - {get_param: [EndpointMap, HeatCfnPublic, host]}
+ - ':'
+ - {get_param: [EndpointMap, HeatCfnPublic, port]}
+ heat::engine::heat_waitcondition_server_url:
+ list_join:
+ - ''
+ - - {get_param: [EndpointMap, HeatCfnPublic, protocol]}
+ - '://'
+ - {get_param: [EndpointMap, HeatCfnPublic, host]}
+ - ':'
+ - {get_param: [EndpointMap, HeatCfnPublic, port]}
+ - '/v1/waitcondition'
+ heat::engine::convergence_engine: {get_param: HeatConvergenceEngine}
tripleo::profile::base::heat::manage_db_purge: {get_param: HeatEnableDBPurge}
heat::database_connection:
list_join:
@@ -82,6 +111,8 @@ outputs:
- '@'
- {get_param: [EndpointMap, MysqlInternal, host]}
- '/heat'
+ - '?bind_address='
+ - "%{hiera('tripleo::profile::base::database::mysql::client_bind_address')}"
heat::keystone_ec2_uri: {get_param: [EndpointMap, KeystoneEC2, uri]}
heat::keystone::domain::domain_password: {get_param: HeatStackDomainAdminPassword}
heat::engine::auth_encryption_key:
@@ -106,3 +137,13 @@ outputs:
keystone:
# This is needed because the keystone profile handles creating the domain
tripleo::profile::base::keystone::heat_admin_password: {get_param: HeatStackDomainAdminPassword}
+ upgrade_tasks:
+ - name: Stop heat_engine service
+ tags: step2
+ service: name=openstack-heat-engine state=stopped
+ - name: Sync heat_engine DB
+ tags: step5
+ command: heat-manage --config-file /etc/heat/heat.conf db_sync
+ - name: Start heat_engine service
+ tags: step6
+ service: name=openstack-heat-engine state=started
diff --git a/puppet/services/horizon.yaml b/puppet/services/horizon.yaml
index 8eaf4044..cf35d202 100644
--- a/puppet/services/horizon.yaml
+++ b/puppet/services/horizon.yaml
@@ -1,4 +1,4 @@
-heat_template_version: 2016-10-14
+heat_template_version: ocata
description: >
Horizon service configured with Puppet
@@ -58,8 +58,10 @@ outputs:
dport:
- 80
- 443
+ horizon::enable_secure_proxy_ssl_header: true
horizon::disable_password_reveal: true
horizon::enforce_password_check: true
+ horizon::disallow_iframe_embed: true
horizon::cache_backend: django.core.cache.backends.memcached.MemcachedCache
horizon::django_session_engine: 'django.contrib.sessions.backends.cache'
horizon::vhost_extra_params:
diff --git a/puppet/services/ironic-api.yaml b/puppet/services/ironic-api.yaml
index c8a2e833..aebb37b2 100644
--- a/puppet/services/ironic-api.yaml
+++ b/puppet/services/ironic-api.yaml
@@ -1,4 +1,4 @@
-heat_template_version: 2016-04-08
+heat_template_version: ocata
description: >
OpenStack Ironic API configured with Puppet
diff --git a/puppet/services/ironic-base.yaml b/puppet/services/ironic-base.yaml
index 0ff393c6..ad7ef6ea 100644
--- a/puppet/services/ironic-base.yaml
+++ b/puppet/services/ironic-base.yaml
@@ -1,4 +1,4 @@
-heat_template_version: 2016-04-08
+heat_template_version: ocata
description: >
OpenStack Ironic services configured with Puppet
@@ -60,6 +60,8 @@ outputs:
- '@'
- {get_param: [EndpointMap, MysqlInternal, host]}
- '/ironic'
+ - '?bind_address='
+ - "%{hiera('tripleo::profile::base::database::mysql::client_bind_address')}"
ironic::debug: {get_param: Debug}
ironic::rabbit_userid: {get_param: RabbitUserName}
ironic::rabbit_password: {get_param: RabbitPassword}
diff --git a/puppet/services/ironic-conductor.yaml b/puppet/services/ironic-conductor.yaml
index f173aa63..194afec7 100644
--- a/puppet/services/ironic-conductor.yaml
+++ b/puppet/services/ironic-conductor.yaml
@@ -1,4 +1,4 @@
-heat_template_version: 2016-04-08
+heat_template_version: ocata
description: >
OpenStack Ironic conductor configured with Puppet
diff --git a/puppet/services/keepalived.yaml b/puppet/services/keepalived.yaml
index b4f1a100..38f9f3be 100644
--- a/puppet/services/keepalived.yaml
+++ b/puppet/services/keepalived.yaml
@@ -1,4 +1,4 @@
-heat_template_version: 2016-10-14
+heat_template_version: ocata
description: >
Keepalived service configured with Puppet
diff --git a/puppet/services/kernel.yaml b/puppet/services/kernel.yaml
index 69898718..29157959 100644
--- a/puppet/services/kernel.yaml
+++ b/puppet/services/kernel.yaml
@@ -1,4 +1,4 @@
-heat_template_version: 2016-04-08
+heat_template_version: ocata
description: >
Load kernel modules with kmod and configure kernel options with sysctl.
diff --git a/puppet/services/keystone.yaml b/puppet/services/keystone.yaml
index e48d7037..f69e20b4 100644
--- a/puppet/services/keystone.yaml
+++ b/puppet/services/keystone.yaml
@@ -1,4 +1,4 @@
-heat_template_version: 2016-10-14
+heat_template_version: ocata
description: >
OpenStack Keystone service configured with Puppet
@@ -148,6 +148,8 @@ outputs:
- '@'
- {get_param: [EndpointMap, MysqlInternal, host]}
- '/keystone'
+ - '?bind_address='
+ - "%{hiera('tripleo::profile::base::database::mysql::client_bind_address')}"
keystone::admin_token: {get_param: AdminToken}
keystone::admin_password: {get_param: AdminPassword}
keystone::roles::admin::password: {get_param: AdminPassword}
diff --git a/puppet/services/logging/fluentd-base.yaml b/puppet/services/logging/fluentd-base.yaml
index c8f67556..65ad80ed 100644
--- a/puppet/services/logging/fluentd-base.yaml
+++ b/puppet/services/logging/fluentd-base.yaml
@@ -1,4 +1,4 @@
-heat_template_version: 2016-04-08
+heat_template_version: ocata
description: Fluentd base service
diff --git a/puppet/services/logging/fluentd-client.yaml b/puppet/services/logging/fluentd-client.yaml
index 3ae7110f..769ab68f 100644
--- a/puppet/services/logging/fluentd-client.yaml
+++ b/puppet/services/logging/fluentd-client.yaml
@@ -1,4 +1,4 @@
-heat_template_version: 2016-10-14
+heat_template_version: ocata
description: Fluentd client configured with Puppet
diff --git a/puppet/services/logging/fluentd-config.yaml b/puppet/services/logging/fluentd-config.yaml
index 58b423fd..68f98aff 100644
--- a/puppet/services/logging/fluentd-config.yaml
+++ b/puppet/services/logging/fluentd-config.yaml
@@ -1,4 +1,4 @@
-heat_template_version: 2016-10-14
+heat_template_version: ocata
description: Fluentd logging configuration
diff --git a/puppet/services/manila-api.yaml b/puppet/services/manila-api.yaml
index b4b3d480..b7c64823 100644
--- a/puppet/services/manila-api.yaml
+++ b/puppet/services/manila-api.yaml
@@ -1,4 +1,4 @@
-heat_template_version: 2016-04-08
+heat_template_version: ocata
description: >
Manila-api service configured with Puppet
diff --git a/puppet/services/manila-backend-cephfs.yaml b/puppet/services/manila-backend-cephfs.yaml
index 0fc39e2a..36ef1ea9 100644
--- a/puppet/services/manila-backend-cephfs.yaml
+++ b/puppet/services/manila-backend-cephfs.yaml
@@ -1,4 +1,4 @@
-heat_template_version: 2016-04-08
+heat_template_version: ocata
description: >
Openstack Manila Cephfs backend
@@ -40,6 +40,20 @@ parameters:
ManilaCephFSNativeCephFSEnableSnapshots:
type: boolean
default: true
+ ManilaCephFSDataPoolName:
+ default: manila_data
+ type: string
+ ManilaCephFSMetadataPoolName:
+ default: manila_metadata
+ type: string
+ # (jprovazn) default value is set to assure this templates works with an
+ # external ceph too (user/key is created only when ceph is deployed by
+ # TripleO)
+ CephManilaClientKey:
+ default: ''
+ description: The Ceph client key. Can be created with ceph-authtool --gen-print-key.
+ type: string
+ hidden: true
outputs:
role_data:
@@ -54,4 +68,8 @@ outputs:
manila::backend::cephfsnative::cephfs_auth_id: {get_param: ManilaCephFSNativeCephFSAuthId}
manila::backend::cephfsnative::cephfs_cluster_name: {get_param: ManilaCephFSNativeCephFSClusterName}
manila::backend::cephfsnative::cephfs_enable_snapshots: {get_param: ManilaCephFSNativeCephFSEnableSnapshots}
+ manila::backend::cephfsnative::ceph_client_key: {get_param: CephManilaClientKey}
+ ceph::profile::params::fs_data_pool: {get_param: ManilaCephFSDataPoolName}
+ ceph::profile::params::fs_metadata_pool: {get_param: ManilaCephFSMetadataPoolName}
+ ceph::profile::params::fs_name: {get_param: ManilaCephFSNativeShareBackendName}
step_config:
diff --git a/puppet/services/manila-backend-generic.yaml b/puppet/services/manila-backend-generic.yaml
index c527666e..23831a6a 100644
--- a/puppet/services/manila-backend-generic.yaml
+++ b/puppet/services/manila-backend-generic.yaml
@@ -1,4 +1,4 @@
-heat_template_version: 2016-04-08
+heat_template_version: ocata
description: >
Openstack Manila generic backend.
diff --git a/puppet/services/manila-backend-netapp.yaml b/puppet/services/manila-backend-netapp.yaml
index e6d2f250..1f6fcf4f 100644
--- a/puppet/services/manila-backend-netapp.yaml
+++ b/puppet/services/manila-backend-netapp.yaml
@@ -1,4 +1,4 @@
-heat_template_version: 2016-04-08
+heat_template_version: ocata
description: >
Openstack Manila netapp backend.
diff --git a/puppet/services/manila-base.yaml b/puppet/services/manila-base.yaml
index 844bd3a3..2a9745a2 100644
--- a/puppet/services/manila-base.yaml
+++ b/puppet/services/manila-base.yaml
@@ -1,4 +1,4 @@
-heat_template_version: 2016-04-08
+heat_template_version: ocata
description: >
Openstack Manila base service. Shared by manila-api/scheduler/share services
@@ -67,6 +67,8 @@ outputs:
- '@'
- {get_param: [EndpointMap, MysqlInternal, host]}
- '/manila'
+ - '?bind_address='
+ - "%{hiera('tripleo::profile::base::database::mysql::client_bind_address')}"
service_config_settings:
mysql:
manila::db::mysql::password: {get_param: ManilaPassword}
diff --git a/puppet/services/manila-scheduler.yaml b/puppet/services/manila-scheduler.yaml
index d96b677b..c8114f2b 100644
--- a/puppet/services/manila-scheduler.yaml
+++ b/puppet/services/manila-scheduler.yaml
@@ -1,4 +1,4 @@
-heat_template_version: 2016-04-08
+heat_template_version: ocata
description: >
Manila-scheduler service configured with Puppet
diff --git a/puppet/services/manila-share.yaml b/puppet/services/manila-share.yaml
index 49c69fc1..e38fe675 100644
--- a/puppet/services/manila-share.yaml
+++ b/puppet/services/manila-share.yaml
@@ -1,4 +1,4 @@
-heat_template_version: 2016-04-08
+heat_template_version: ocata
description: >
Manila-share service configured with Puppet
diff --git a/puppet/services/memcached.yaml b/puppet/services/memcached.yaml
index 9e3f6375..ffa969e0 100644
--- a/puppet/services/memcached.yaml
+++ b/puppet/services/memcached.yaml
@@ -1,4 +1,4 @@
-heat_template_version: 2016-04-08
+heat_template_version: ocata
description: >
Memcached service configured with Puppet
diff --git a/puppet/services/mistral-api.yaml b/puppet/services/mistral-api.yaml
index 44d30358..daa1dc7c 100644
--- a/puppet/services/mistral-api.yaml
+++ b/puppet/services/mistral-api.yaml
@@ -1,4 +1,4 @@
-heat_template_version: 2016-04-08
+heat_template_version: ocata
description: >
Openstack Mistral API service configured with Puppet
diff --git a/puppet/services/mistral-base.yaml b/puppet/services/mistral-base.yaml
index a11624c0..e678b14f 100644
--- a/puppet/services/mistral-base.yaml
+++ b/puppet/services/mistral-base.yaml
@@ -1,4 +1,4 @@
-heat_template_version: 2016-04-08
+heat_template_version: ocata
description: >
Openstack Mistral base service. Shared for all Mistral services.
@@ -65,6 +65,8 @@ outputs:
- '@'
- {get_param: [EndpointMap, MysqlInternal, host]}
- '/mistral'
+ - '?bind_address='
+ - "%{hiera('tripleo::profile::base::database::mysql::client_bind_address')}"
mistral::rabbit_userid: {get_param: RabbitUserName}
mistral::rabbit_password: {get_param: RabbitPassword}
mistral::rabbit_use_ssl: {get_param: RabbitClientUseSSL}
diff --git a/puppet/services/mistral-engine.yaml b/puppet/services/mistral-engine.yaml
index 10af670d..4a92b863 100644
--- a/puppet/services/mistral-engine.yaml
+++ b/puppet/services/mistral-engine.yaml
@@ -1,4 +1,4 @@
-heat_template_version: 2016-04-08
+heat_template_version: ocata
description: >
Openstack Mistral Engine service configured with Puppet
diff --git a/puppet/services/mistral-executor.yaml b/puppet/services/mistral-executor.yaml
index 7afaf0db..6e273b92 100644
--- a/puppet/services/mistral-executor.yaml
+++ b/puppet/services/mistral-executor.yaml
@@ -1,4 +1,4 @@
-heat_template_version: 2016-04-08
+heat_template_version: ocata
description: >
Openstack Mistral API service configured with Puppet
diff --git a/puppet/services/monitoring/sensu-base.yaml b/puppet/services/monitoring/sensu-base.yaml
index ea23b8b6..a8303a59 100644
--- a/puppet/services/monitoring/sensu-base.yaml
+++ b/puppet/services/monitoring/sensu-base.yaml
@@ -1,4 +1,4 @@
-heat_template_version: 2016-04-08
+heat_template_version: ocata
description: Sensu base service
diff --git a/puppet/services/monitoring/sensu-client.yaml b/puppet/services/monitoring/sensu-client.yaml
index a26c7458..76ba59c1 100644
--- a/puppet/services/monitoring/sensu-client.yaml
+++ b/puppet/services/monitoring/sensu-client.yaml
@@ -1,4 +1,4 @@
-heat_template_version: 2016-04-08
+heat_template_version: ocata
description: Sensu client configured with Puppet
diff --git a/puppet/services/network/contrail-analytics.yaml b/puppet/services/network/contrail-analytics.yaml
index 1c2331fa..ad14d315 100644
--- a/puppet/services/network/contrail-analytics.yaml
+++ b/puppet/services/network/contrail-analytics.yaml
@@ -1,4 +1,4 @@
-heat_template_version: 2016-04-08
+heat_template_version: ocata
description: >
Contrail Analytics service deployment using puppet, this YAML file
diff --git a/puppet/services/network/contrail-base.yaml b/puppet/services/network/contrail-base.yaml
index 03dbea5b..b49b2add 100644
--- a/puppet/services/network/contrail-base.yaml
+++ b/puppet/services/network/contrail-base.yaml
@@ -1,4 +1,4 @@
-heat_template_version: 2016-04-08
+heat_template_version: ocata
description: >
Base parameters for all Contrail Services.
diff --git a/puppet/services/network/contrail-config.yaml b/puppet/services/network/contrail-config.yaml
index 0987fc75..03774480 100644
--- a/puppet/services/network/contrail-config.yaml
+++ b/puppet/services/network/contrail-config.yaml
@@ -1,4 +1,4 @@
-heat_template_version: 2016-04-08
+heat_template_version: ocata
description: >
Contrail Config service deployment using puppet, this YAML file
diff --git a/puppet/services/network/contrail-control.yaml b/puppet/services/network/contrail-control.yaml
index 9356e9e9..7c28d283 100644
--- a/puppet/services/network/contrail-control.yaml
+++ b/puppet/services/network/contrail-control.yaml
@@ -1,4 +1,4 @@
-heat_template_version: 2016-04-08
+heat_template_version: ocata
description: >
Contrail Control service deployment using puppet, this YAML file
diff --git a/puppet/services/network/contrail-database.yaml b/puppet/services/network/contrail-database.yaml
index e5712618..c56b90a2 100644
--- a/puppet/services/network/contrail-database.yaml
+++ b/puppet/services/network/contrail-database.yaml
@@ -1,4 +1,4 @@
-heat_template_version: 2016-04-08
+heat_template_version: ocata
description: >
Contrail Database service deployment using puppet, this YAML file
diff --git a/puppet/services/network/contrail-webui.yaml b/puppet/services/network/contrail-webui.yaml
index 72b9e1c0..72cc6fa5 100644
--- a/puppet/services/network/contrail-webui.yaml
+++ b/puppet/services/network/contrail-webui.yaml
@@ -1,4 +1,4 @@
-heat_template_version: 2016-04-08
+heat_template_version: ocata
description: >
Contrail WebUI service deployment using puppet, this YAML file
diff --git a/puppet/services/neutron-api.yaml b/puppet/services/neutron-api.yaml
index 5fd9d7a2..bbb79bba 100644
--- a/puppet/services/neutron-api.yaml
+++ b/puppet/services/neutron-api.yaml
@@ -1,4 +1,4 @@
-heat_template_version: 2016-10-14
+heat_template_version: ocata
description: >
OpenStack Neutron Server configured with Puppet
@@ -112,6 +112,8 @@ outputs:
- '@'
- {get_param: [EndpointMap, MysqlInternal, host]}
- '/ovs_neutron'
+ - '?bind_address='
+ - "%{hiera('tripleo::profile::base::database::mysql::client_bind_address')}"
neutron::keystone::authtoken::auth_uri: {get_param: [EndpointMap, KeystoneInternal, uri] }
neutron::keystone::authtoken::auth_url: {get_param: [EndpointMap, KeystoneAdmin, uri_no_suffix]}
neutron::server::api_workers: {get_param: NeutronWorkers}
@@ -158,3 +160,14 @@ outputs:
neutron::db::mysql::allowed_hosts:
- '%'
- "%{hiera('mysql_bind_host')}"
+ upgrade_tasks:
+ - name: Stop neutron_api service
+ tags: step2
+ service: name=neutron-server state=stopped
+ - name: Sync neutron_api DB
+ tags: step5
+ command: neutron-db-manage --config-file /etc/neutron/neutron.conf --config-file /etc/neutron/plugin.ini upgrade head
+ - name: Start neutron_api service
+ tags: step6
+ service: name=neutron-server state=started
+
diff --git a/puppet/services/neutron-base.yaml b/puppet/services/neutron-base.yaml
index 3d03c313..43657bd9 100644
--- a/puppet/services/neutron-base.yaml
+++ b/puppet/services/neutron-base.yaml
@@ -1,4 +1,4 @@
-heat_template_version: 2016-04-08
+heat_template_version: ocata
description: >
OpenStack Neutron base service. Shared for all Neutron agents.
diff --git a/puppet/services/neutron-compute-plugin-midonet.yaml b/puppet/services/neutron-compute-plugin-midonet.yaml
index 26b6fa6b..5b6fcca6 100644
--- a/puppet/services/neutron-compute-plugin-midonet.yaml
+++ b/puppet/services/neutron-compute-plugin-midonet.yaml
@@ -1,4 +1,4 @@
-heat_template_version: 2016-04-08
+heat_template_version: ocata
description: >
OpenStack Neutron Compute Midonet plugin
diff --git a/puppet/services/neutron-compute-plugin-nuage.yaml b/puppet/services/neutron-compute-plugin-nuage.yaml
index c4f8ad12..04431e28 100644
--- a/puppet/services/neutron-compute-plugin-nuage.yaml
+++ b/puppet/services/neutron-compute-plugin-nuage.yaml
@@ -1,4 +1,4 @@
-heat_template_version: 2016-04-08
+heat_template_version: ocata
description: >
OpenStack Neutron Compute Nuage plugin
diff --git a/puppet/services/neutron-compute-plugin-opencontrail.yaml b/puppet/services/neutron-compute-plugin-opencontrail.yaml
index 9f2fd13c..bbe4a051 100644
--- a/puppet/services/neutron-compute-plugin-opencontrail.yaml
+++ b/puppet/services/neutron-compute-plugin-opencontrail.yaml
@@ -1,4 +1,4 @@
-heat_template_version: 2016-04-08
+heat_template_version: ocata
description: >
OpenStack Neutron Compute OpenContrail plugin
diff --git a/puppet/services/neutron-compute-plugin-ovn.yaml b/puppet/services/neutron-compute-plugin-ovn.yaml
index 95e05dd4..ce28b5c3 100644
--- a/puppet/services/neutron-compute-plugin-ovn.yaml
+++ b/puppet/services/neutron-compute-plugin-ovn.yaml
@@ -1,4 +1,4 @@
-heat_template_version: 2016-04-08
+heat_template_version: ocata
description: >
OpenStack Neutron Compute OVN agent
diff --git a/puppet/services/neutron-compute-plugin-plumgrid.yaml b/puppet/services/neutron-compute-plugin-plumgrid.yaml
index 31a0a08b..09aa6191 100644
--- a/puppet/services/neutron-compute-plugin-plumgrid.yaml
+++ b/puppet/services/neutron-compute-plugin-plumgrid.yaml
@@ -1,4 +1,4 @@
-heat_template_version: 2016-04-08
+heat_template_version: ocata
description: >
OpenStack Neutron Compute Plumgrid plugin
diff --git a/puppet/services/neutron-dhcp.yaml b/puppet/services/neutron-dhcp.yaml
index 2cd08f98..c7965a64 100644
--- a/puppet/services/neutron-dhcp.yaml
+++ b/puppet/services/neutron-dhcp.yaml
@@ -1,4 +1,4 @@
-heat_template_version: 2016-04-08
+heat_template_version: ocata
description: >
OpenStack Neutron DHCP agent configured with Puppet
@@ -74,3 +74,10 @@ outputs:
dport: 68
step_config: |
include tripleo::profile::base::neutron::dhcp
+ upgrade_tasks:
+ - name: Stop neutron_dhcp service
+ tags: step2
+ service: name=neutron-dhcp-agent state=stopped
+ - name: Start neutron_dhcp service
+ tags: step6
+ service: name=neutron-dhcp-agent state=started
diff --git a/puppet/services/neutron-l3-compute-dvr.yaml b/puppet/services/neutron-l3-compute-dvr.yaml
index b6c29116..06927fe0 100644
--- a/puppet/services/neutron-l3-compute-dvr.yaml
+++ b/puppet/services/neutron-l3-compute-dvr.yaml
@@ -1,4 +1,4 @@
-heat_template_version: 2016-04-08
+heat_template_version: ocata
description: >
OpenStack Neutron L3 agent for DVR enabled compute nodes
diff --git a/puppet/services/neutron-l3.yaml b/puppet/services/neutron-l3.yaml
index a2157555..b3d7b3bf 100644
--- a/puppet/services/neutron-l3.yaml
+++ b/puppet/services/neutron-l3.yaml
@@ -1,4 +1,4 @@
-heat_template_version: 2016-10-14
+heat_template_version: ocata
description: >
OpenStack Neutron L3 agent configured with Puppet
@@ -68,15 +68,21 @@ outputs:
config_settings:
map_merge:
- get_attr: [NeutronBase, role_data, config_settings]
- - neutron::agents::l3::router_delete_namespaces: True
- neutron::agents::l3::agent_mode: {get_param: NeutronL3AgentMode}
+ - neutron::agents::l3::agent_mode: {get_param: NeutronL3AgentMode}
tripleo.neutron_l3.firewall_rules:
'106 neutron_l3 vrrp':
proto: vrrp
- -
+ -
if:
- external_network_bridge_empty
- {}
- neutron::agents::l3::external_network_bridge: {get_param: NeutronExternalNetworkBridge}
step_config: |
include tripleo::profile::base::neutron::l3
+ upgrade_tasks:
+ - name: Stop neutron_l3 service
+ tags: step2
+ service: name=neutron-l3-agent state=stopped
+ - name: Start neutron_l3 service
+ tags: step6
+ service: name=neutron-l3-agent state=started
diff --git a/puppet/services/neutron-metadata.yaml b/puppet/services/neutron-metadata.yaml
index c87de285..68d7110a 100644
--- a/puppet/services/neutron-metadata.yaml
+++ b/puppet/services/neutron-metadata.yaml
@@ -1,4 +1,4 @@
-heat_template_version: 2016-04-08
+heat_template_version: ocata
description: >
OpenStack Neutron Metadata agent configured with Puppet
@@ -75,3 +75,10 @@ outputs:
neutron::agents::metadata::metadata_ip: "%{hiera('nova_metadata_vip')}"
step_config: |
include tripleo::profile::base::neutron::metadata
+ upgrade_tasks:
+ - name: Stop neutron_metadata service
+ tags: step2
+ service: name=neutron-metadata-agent state=stopped
+ - name: Start neutron_metadata service
+ tags: step6
+ service: name=neutron-metadata-agent state=started
diff --git a/puppet/services/neutron-midonet.yaml b/puppet/services/neutron-midonet.yaml
index 0de256c0..9198f352 100644
--- a/puppet/services/neutron-midonet.yaml
+++ b/puppet/services/neutron-midonet.yaml
@@ -1,4 +1,4 @@
-heat_template_version: 2016-04-08
+heat_template_version: ocata
description: >
OpenStack Neutron Midonet plugin and services
diff --git a/puppet/services/neutron-ovs-agent.yaml b/puppet/services/neutron-ovs-agent.yaml
index e2b90b7b..e24fae7c 100644
--- a/puppet/services/neutron-ovs-agent.yaml
+++ b/puppet/services/neutron-ovs-agent.yaml
@@ -1,4 +1,4 @@
-heat_template_version: 2016-04-08
+heat_template_version: ocata
description: >
OpenStack Neutron OVS agent configured with Puppet
@@ -70,6 +70,9 @@ parameters:
tag: openstack.neutron.agent.openvswitch
path: /var/log/neutron/openvswitch-agent.log
+conditions:
+ no_firewall_driver: {equals : [{get_param: NeutronOVSFirewallDriver}, '']}
+
resources:
NeutronBase:
@@ -104,12 +107,24 @@ outputs:
# internal_api_uri -> [IP]
# internal_api_subnet - > IP/CIDR
neutron::agents::ml2::ovs::local_ip: {get_param: [ServiceNetMap, NeutronTenantNetwork]}
- neutron::agents::ml2::ovs::firewall_driver: {get_param: NeutronOVSFirewallDriver}
tripleo.neutron_ovs_agent.firewall_rules:
'118 neutron vxlan networks':
proto: 'udp'
dport: 4789
'136 neutron gre networks':
proto: 'gre'
+ -
+ if:
+ - no_firewall_driver
+ - {}
+ - neutron::agents::ml2::ovs::firewall_driver: {get_param: NeutronOVSFirewallDriver}
step_config: |
include ::tripleo::profile::base::neutron::ovs
+ upgrade_tasks:
+ - name: Stop neutron_ovs_agent service
+ tags: step2
+ service: name=neutron-openvswitch-agent state=stopped
+ - name: Start neutron_ovs_agent service
+ tags: step6
+ service: name=neutron-openvswitch-agent state=started
+
diff --git a/puppet/services/neutron-ovs-dpdk-agent.yaml b/puppet/services/neutron-ovs-dpdk-agent.yaml
index fdfa1c03..5c77e35d 100644
--- a/puppet/services/neutron-ovs-dpdk-agent.yaml
+++ b/puppet/services/neutron-ovs-dpdk-agent.yaml
@@ -1,4 +1,4 @@
-heat_template_version: 2016-04-08
+heat_template_version: ocata
description: >
OpenStack Neutron OVS DPDK configured with Puppet for Compute Role
diff --git a/puppet/services/neutron-plugin-ml2-fujitsu-cfab.yaml b/puppet/services/neutron-plugin-ml2-fujitsu-cfab.yaml
new file mode 100644
index 00000000..becd25c9
--- /dev/null
+++ b/puppet/services/neutron-plugin-ml2-fujitsu-cfab.yaml
@@ -0,0 +1,73 @@
+heat_template_version: ocata
+
+description: >
+ Configure hieradata for Fujitsu C-Fabric plugin configuration
+
+parameters:
+ ServiceNetMap:
+ default: {}
+ description: Mapping of service_name -> network name. Typically set
+ via parameter_defaults in the resource registry. This
+ mapping overrides those in ServiceNetMapDefaults.
+ type: json
+ DefaultPasswords:
+ default: {}
+ type: json
+ EndpointMap:
+ default: {}
+ description: Mapping of service endpoint -> protocol. Typically set
+ via parameter_defaults in the resource registry.
+ type: json
+ NeutronFujitsuCfabAddress:
+ description: 'The address of the C-Fabric to telnet to.'
+ type: string
+ NeutronFujitsuCfabUserName:
+ description: 'The C-Fabric username to use.'
+ type: string
+ NeutronFujitsuCfabPassword:
+ description: 'The C-Fabric password to use.'
+ type: string
+ hidden: true
+ NeutronFujitsuCfabPhysicalNetworks:
+ description: 'List of <physical_network>:<vfab_id> tuples specifying physical_network names and corresponding vfab ids.'
+ type: comma_delimited_list
+ default: ''
+ NeutronFujitsuCfabSharePprofile:
+ description: '"Whether to share a C-Fabric pprofile among Neutron ports using the same VLAN ID.'
+ type: boolean
+ default: false
+ NeutronFujitsuCfabPprofilePrefix:
+ description: 'The prefix string for pprofile name.'
+ type: string
+ default: ''
+ NeutronFujitsuCfabSaveConfig:
+ description: 'Whether to save configuration.'
+ type: boolean
+ default: true
+
+resources:
+
+ NeutronMl2Base:
+ type: ./neutron-plugin-ml2.yaml
+ properties:
+ ServiceNetMap: {get_param: ServiceNetMap}
+ DefaultPasswords: {get_param: DefaultPasswords}
+ EndpointMap: {get_param: EndpointMap}
+
+outputs:
+ role_data:
+ description: Role data for Fujitsu Cfab ML2 Driver
+ value:
+ service_name: neutron_plugin_ml2_fujitsu_cfab
+ config_settings:
+ map_merge:
+ - get_attr: [NeutronMl2Base, role_data, config_settings]
+ - neutron::plugins::ml2::fujitsu::cfab::address: {get_param: NeutronFujitsuCfabAddress}
+ neutron::plugins::ml2::fujitsu::cfab::username: {get_param: NeutronFujitsuCfabUserName}
+ neutron::plugins::ml2::fujitsu::cfab::password: {get_param: NeutronFujitsuCfabPassword}
+ neutron::plugins::ml2::fujitsu::cfab::physical_networks: {get_param: NeutronFujitsuCfabPhysicalNetworks}
+ neutron::plugins::ml2::fujitsu::cfab::share_pprofile: {get_param: NeutronFujitsuCfabSharePprofile}
+ neutron::plugins::ml2::fujitsu::cfab::pprofile_prefix: {get_param: NeutronFujitsuCfabPprofilePrefix}
+ neutron::plugins::ml2::fujitsu::cfab::save_config: {get_param: NeutronFujitsuCfabSaveConfig}
+ step_config: |
+ include ::tripleo::profile::base::neutron::plugins::ml2
diff --git a/puppet/services/neutron-plugin-ml2-ovn.yaml b/puppet/services/neutron-plugin-ml2-ovn.yaml
index e98ed497..59346edc 100644
--- a/puppet/services/neutron-plugin-ml2-ovn.yaml
+++ b/puppet/services/neutron-plugin-ml2-ovn.yaml
@@ -1,4 +1,4 @@
-heat_template_version: 2016-04-08
+heat_template_version: ocata
description: >
OpenStack Neutron ML2/OVN plugin configured with Puppet
@@ -18,13 +18,6 @@ parameters:
description: Mapping of service endpoint -> protocol. Typically set
via parameter_defaults in the resource registry.
type: json
- OVNDbHost:
- description: IP address on which the OVN DB servers are listening
- type: string
- OVNNorthboundServerPort:
- description: Port of the OVN Northbound DB server
- type: number
- default: 6641
OVNDbConnectionTimeout:
description: Timeout in seconds for the OVSDB connection transaction
type: number
@@ -68,9 +61,7 @@ outputs:
config_settings:
map_merge:
- get_attr: [NeutronMl2Base, role_data, config_settings]
- - ovn::northbound::port: {get_param: OVNNorthboundServerPort}
- tripleo::profile::base::neutron::plugins::ml2::ovn::ovn_db_host: {get_param: OVNDbHost}
- neutron::plugins::ovn::ovsdb_connection_timeout: {get_param: OVNDbConnectionTimeout}
+ - neutron::plugins::ovn::ovsdb_connection_timeout: {get_param: OVNDbConnectionTimeout}
neutron::plugins::ovn::neutron_sync_mode: {get_param: OVNNeutronSyncMode}
neutron::plugins::ovn::ovn_l3_mode: true
neutron::plugins::ovn::vif_type: {get_param: OVNVifType}
diff --git a/puppet/services/neutron-plugin-ml2.yaml b/puppet/services/neutron-plugin-ml2.yaml
index 88b5064c..407ce6ba 100644
--- a/puppet/services/neutron-plugin-ml2.yaml
+++ b/puppet/services/neutron-plugin-ml2.yaml
@@ -1,4 +1,4 @@
-heat_template_version: 2016-04-08
+heat_template_version: ocata
description: >
OpenStack Neutron ML2 Plugin configured with Puppet
diff --git a/puppet/services/neutron-plugin-nuage.yaml b/puppet/services/neutron-plugin-nuage.yaml
index 838ec5ea..e09cd704 100644
--- a/puppet/services/neutron-plugin-nuage.yaml
+++ b/puppet/services/neutron-plugin-nuage.yaml
@@ -1,4 +1,4 @@
-heat_template_version: 2016-04-08
+heat_template_version: ocata
description: >
OpenStack Neutron Nuage plugin
diff --git a/puppet/services/neutron-plugin-opencontrail.yaml b/puppet/services/neutron-plugin-opencontrail.yaml
index 098c9d05..976e5f19 100644
--- a/puppet/services/neutron-plugin-opencontrail.yaml
+++ b/puppet/services/neutron-plugin-opencontrail.yaml
@@ -1,4 +1,4 @@
-heat_template_version: 2016-04-08
+heat_template_version: ocata
description: >
OpenStack Neutron Opencontrail plugin
diff --git a/puppet/services/neutron-plugin-plumgrid.yaml b/puppet/services/neutron-plugin-plumgrid.yaml
index 30af8a3f..bd078074 100644
--- a/puppet/services/neutron-plugin-plumgrid.yaml
+++ b/puppet/services/neutron-plugin-plumgrid.yaml
@@ -1,4 +1,4 @@
-heat_template_version: 2016-04-08
+heat_template_version: ocata
description: >
OpenStack Neutron Plumgrid plugin
@@ -100,6 +100,8 @@ outputs:
- '@'
- {get_param: [EndpointMap, MysqlInternal, host]}
- '/ovs_neutron'
+ - '?bind_address='
+ - "%{hiera('tripleo::profile::base::database::mysql::client_bind_address')}"
neutron::plugins::plumgrid::controller_priv_host: {get_param: [EndpointMap, KeystoneAdmin, host]}
neutron::plugins::plumgrid::admin_password: {get_param: AdminPassword}
neutron::plugins::plumgrid::metadata_proxy_shared_secret: {get_param: NeutronMetadataProxySharedSecret}
diff --git a/puppet/services/neutron-sriov-agent.yaml b/puppet/services/neutron-sriov-agent.yaml
index 44f7f242..d3c82d88 100644
--- a/puppet/services/neutron-sriov-agent.yaml
+++ b/puppet/services/neutron-sriov-agent.yaml
@@ -1,4 +1,4 @@
-heat_template_version: 2016-04-08
+heat_template_version: ocata
description: >
OpenStack Neutron SR-IOV nic agent configured with Puppet
@@ -25,6 +25,7 @@ parameters:
All physical networks listed in network_vlan_ranges
on the server should have mappings to appropriate
interfaces on each agent.
+ Example "tenant0:ens2f0,tenant1:ens2f1"
type: comma_delimited_list
default: ""
NeutronExcludeDevices:
@@ -40,8 +41,8 @@ parameters:
NeutronSriovNumVFs:
description: >
Provide the list of VFs to be reserved for each SR-IOV interface.
- Format "<interface_name1>:<numvfs1>","<interface_name2>:<numvfs2>"
- Example "eth1:4096","eth2:128"
+ Format "<interface_name1>:<numvfs1>,<interface_name2>:<numvfs2>"
+ Example "eth1:4096,eth2:128"
type: comma_delimited_list
default: ""
diff --git a/puppet/services/nova-api.yaml b/puppet/services/nova-api.yaml
index 50e4c996..36ac3e08 100644
--- a/puppet/services/nova-api.yaml
+++ b/puppet/services/nova-api.yaml
@@ -1,4 +1,4 @@
-heat_template_version: 2016-10-14
+heat_template_version: ocata
description: >
OpenStack Nova API service configured with Puppet
@@ -54,6 +54,10 @@ parameters:
EnableInternalTLS:
type: boolean
default: false
+ NovaDefaultFloatingPool:
+ default: 'public'
+ description: Default pool for floating IP addresses
+ type: string
conditions:
nova_workers_zero: {equals : [{get_param: NovaWorkers}, 0]}
@@ -102,7 +106,7 @@ outputs:
nova::keystone::authtoken::auth_uri: {get_param: [EndpointMap, KeystoneInternal, uri] }
nova::keystone::authtoken::auth_url: {get_param: [EndpointMap, KeystoneAdmin, uri_no_suffix]}
nova::api::enabled: true
- nova::api::default_floating_pool: 'public'
+ nova::api::default_floating_pool: {get_param: NovaDefaultFloatingPool}
nova::api::sync_db_api: true
nova::api::enable_proxy_headers_parsing: true
nova::api::api_bind_address:
@@ -112,14 +116,14 @@ outputs:
params:
$NETWORK: {get_param: [ServiceNetMap, NovaApiNetwork]}
nova::api::service_name: 'httpd'
- nova::wsgi::apache::ssl: {get_param: EnableInternalTLS}
+ nova::wsgi::apache_api::ssl: {get_param: EnableInternalTLS}
# NOTE: bind IP is found in Heat replacing the network name with the local node IP
# for the given network; replacement examples (eg. for internal_api):
# internal_api -> IP
# internal_api_uri -> [IP]
# internal_api_subnet - > IP/CIDR
- nova::wsgi::apache::bind_host: {get_param: [ServiceNetMap, NovaApiNetwork]}
- nova::wsgi::apache::servername:
+ nova::wsgi::apache_api::bind_host: {get_param: [ServiceNetMap, NovaApiNetwork]}
+ nova::wsgi::apache_api::servername:
str_replace:
template:
"%{hiera('fqdn_$NETWORK')}"
@@ -133,10 +137,27 @@ outputs:
- nova_workers_zero
- {}
- nova::api::osapi_compute_workers: {get_param: NovaWorkers}
- nova::wsgi::apache::workers: {get_param: NovaWorkers}
+ nova::wsgi::apache_api::workers: {get_param: NovaWorkers}
step_config: |
include tripleo::profile::base::nova::api
service_config_settings:
+ mysql:
+ map_merge:
+ - {get_attr: [NovaBase, role_data, service_config_settings, mysql]}
+ - nova::db::mysql::password: {get_param: NovaPassword}
+ nova::db::mysql::user: nova
+ nova::db::mysql::host: {get_param: [EndpointMap, MysqlInternal, host_nobrackets]}
+ nova::db::mysql::dbname: nova
+ nova::db::mysql::allowed_hosts:
+ - '%'
+ - "%{hiera('mysql_bind_host')}"
+ nova::db::mysql_api::password: {get_param: NovaPassword}
+ nova::db::mysql_api::user: nova_api
+ nova::db::mysql_api::host: {get_param: [EndpointMap, MysqlInternal, host_nobrackets]}
+ nova::db::mysql_api::dbname: nova_api
+ nova::db::mysql_api::allowed_hosts:
+ - '%'
+ - "%{hiera('mysql_bind_host')}"
keystone:
nova::keystone::auth::tenant: 'service'
nova::keystone::auth::public_url: {get_param: [EndpointMap, NovaPublic, uri]}
@@ -144,18 +165,3 @@ outputs:
nova::keystone::auth::admin_url: {get_param: [EndpointMap, NovaAdmin, uri]}
nova::keystone::auth::password: {get_param: NovaPassword}
nova::keystone::auth::region: {get_param: KeystoneRegion}
- mysql:
- nova::db::mysql::password: {get_param: NovaPassword}
- nova::db::mysql::user: nova
- nova::db::mysql::host: {get_param: [EndpointMap, MysqlInternal, host_nobrackets]}
- nova::db::mysql::dbname: nova
- nova::db::mysql::allowed_hosts:
- - '%'
- - "%{hiera('mysql_bind_host')}"
- nova::db::mysql_api::password: {get_param: NovaPassword}
- nova::db::mysql_api::user: nova_api
- nova::db::mysql_api::host: {get_param: [EndpointMap, MysqlInternal, host_nobrackets]}
- nova::db::mysql_api::dbname: nova_api
- nova::db::mysql_api::allowed_hosts:
- - '%'
- - "%{hiera('mysql_bind_host')}"
diff --git a/puppet/services/nova-base.yaml b/puppet/services/nova-base.yaml
index 20bf2e42..d70e66a0 100644
--- a/puppet/services/nova-base.yaml
+++ b/puppet/services/nova-base.yaml
@@ -1,4 +1,4 @@
-heat_template_version: 2016-10-14
+heat_template_version: ocata
description: >
OpenStack Nova base service. Shared for all Nova services.
@@ -90,6 +90,8 @@ outputs:
- '@'
- {get_param: [EndpointMap, MysqlInternal, host]}
- '/nova'
+ - '?bind_address='
+ - "%{hiera('tripleo::profile::base::database::mysql::client_bind_address')}"
nova::api_database_connection:
list_join:
- ''
@@ -99,6 +101,19 @@ outputs:
- '@'
- {get_param: [EndpointMap, MysqlInternal, host]}
- '/nova_api'
+ - '?bind_address='
+ - "%{hiera('tripleo::profile::base::database::mysql::client_bind_address')}"
+ nova::placement_database_connection:
+ list_join:
+ - ''
+ - - {get_param: [EndpointMap, MysqlInternal, protocol]}
+ - '://nova_placement:'
+ - {get_param: NovaPassword}
+ - '@'
+ - {get_param: [EndpointMap, MysqlInternal, host]}
+ - '/nova_placement'
+ - '?bind_address='
+ - "%{hiera('tripleo::profile::base::database::mysql::client_bind_address')}"
nova::debug: {get_param: Debug}
nova::purge_config: {get_param: EnableConfigPurge}
nova::network::neutron::neutron_project_name: 'service'
@@ -123,3 +138,9 @@ outputs:
- compute_upgrade_level_empty
- {}
- nova::upgrade_level_compute: {get_param: UpgradeLevelNovaCompute}
+ service_config_settings:
+ mysql:
+ nova::rabbit_password: {get_param: RabbitPassword}
+ nova::rabbit_userid: {get_param: RabbitUserName}
+ nova::rabbit_use_ssl: {get_param: RabbitClientUseSSL}
+ nova::rabbit_port: {get_param: RabbitClientPort}
diff --git a/puppet/services/nova-compute.yaml b/puppet/services/nova-compute.yaml
index 908b676e..2312b635 100644
--- a/puppet/services/nova-compute.yaml
+++ b/puppet/services/nova-compute.yaml
@@ -1,4 +1,4 @@
-heat_template_version: 2016-04-08
+heat_template_version: ocata
description: >
OpenStack Nova Compute service configured with Puppet
diff --git a/puppet/services/nova-conductor.yaml b/puppet/services/nova-conductor.yaml
index a10d9560..b96bf6e6 100644
--- a/puppet/services/nova-conductor.yaml
+++ b/puppet/services/nova-conductor.yaml
@@ -1,4 +1,4 @@
-heat_template_version: 2016-10-14
+heat_template_version: ocata
description: >
OpenStack Nova Conductor service configured with Puppet
diff --git a/puppet/services/nova-consoleauth.yaml b/puppet/services/nova-consoleauth.yaml
index 85e60420..79969ded 100644
--- a/puppet/services/nova-consoleauth.yaml
+++ b/puppet/services/nova-consoleauth.yaml
@@ -1,4 +1,4 @@
-heat_template_version: 2016-04-08
+heat_template_version: ocata
description: >
OpenStack Nova Consoleauth service configured with Puppet
diff --git a/puppet/services/nova-ironic.yaml b/puppet/services/nova-ironic.yaml
index bf7639dd..306c6b6f 100644
--- a/puppet/services/nova-ironic.yaml
+++ b/puppet/services/nova-ironic.yaml
@@ -1,4 +1,4 @@
-heat_template_version: 2016-04-08
+heat_template_version: ocata
description: >
OpenStack Nova Compute service configured with Puppet and using Ironic
diff --git a/puppet/services/nova-libvirt.yaml b/puppet/services/nova-libvirt.yaml
index 70774bac..a9b2b3f9 100644
--- a/puppet/services/nova-libvirt.yaml
+++ b/puppet/services/nova-libvirt.yaml
@@ -1,4 +1,4 @@
-heat_template_version: 2016-04-08
+heat_template_version: ocata
description: >
Libvirt service configured with Puppet
@@ -21,6 +21,14 @@ parameters:
NovaComputeLibvirtType:
type: string
default: kvm
+ LibvirtEnabledPerfEvents:
+ type: comma_delimited_list
+ default: []
+ description: This is a performance event list which could be used as monitor.
+ For example - ``enabled_perf_events = cmt, mbml, mbmt``
+ The supported events list can be found in
+ https://libvirt.org/html/libvirt-libvirt-domain.html ,
+ which you may need to search key words ``VIR_PERF_PARAM_*``
MonitoringSubscriptionNovaLibvirt:
default: 'overcloud-nova-libvirt'
type: string
@@ -50,6 +58,10 @@ outputs:
tripleo::profile::base::nova::libvirt_enabled: true
nova::compute::libvirt::services::libvirt_virt_type: {get_param: NovaComputeLibvirtType}
nova::compute::libvirt::libvirt_virt_type: {get_param: NovaComputeLibvirtType}
+ nova::compute::libvirt::libvirt_enabled_perf_events: {get_param: LibvirtEnabledPerfEvents}
+ nova::compute::libvirt::qemu::configure_qemu: true
+ nova::compute::libvirt::qemu::max_files: 32768
+ nova::compute::libvirt::qemu::max_processes: 131072
tripleo.nova_libvirt.firewall_rules:
'200 nova_libvirt':
dport:
diff --git a/puppet/services/nova-metadata.yaml b/puppet/services/nova-metadata.yaml
index 40931da6..376f95b1 100644
--- a/puppet/services/nova-metadata.yaml
+++ b/puppet/services/nova-metadata.yaml
@@ -1,4 +1,4 @@
-heat_template_version: 2016-10-14
+heat_template_version: ocata
description: >
OpenStack Nova API service configured with Puppet
diff --git a/puppet/services/nova-placement.yaml b/puppet/services/nova-placement.yaml
new file mode 100644
index 00000000..9b7120d8
--- /dev/null
+++ b/puppet/services/nova-placement.yaml
@@ -0,0 +1,124 @@
+heat_template_version: ocata
+
+description: >
+ OpenStack Nova Placement API service configured with Puppet
+
+parameters:
+ ServiceNetMap:
+ default: {}
+ description: Mapping of service_name -> network name. Typically set
+ via parameter_defaults in the resource registry. This
+ mapping overrides those in ServiceNetMapDefaults.
+ type: json
+ DefaultPasswords:
+ default: {}
+ type: json
+ EndpointMap:
+ default: {}
+ description: Mapping of service endpoint -> protocol. Typically set
+ via parameter_defaults in the resource registry.
+ type: json
+ NovaWorkers:
+ default: 0
+ description: Number of workers for Nova Placement API service.
+ type: number
+ NovaPassword:
+ description: The password for the nova service and db account, used by nova-placement.
+ type: string
+ hidden: true
+ KeystoneRegion:
+ type: string
+ default: 'regionOne'
+ description: Keystone region for endpoint
+ MonitoringSubscriptionNovaPlacement:
+ default: 'overcloud-nova-placement'
+ type: string
+ NovaPlacementLoggingSource:
+ type: json
+ default:
+ tag: openstack.nova.placement
+ path: /var/log/httpd/nova_placement_wsgi_error_ssl.log
+ EnableInternalTLS:
+ type: boolean
+ default: false
+
+conditions:
+ nova_workers_zero: {equals : [{get_param: NovaWorkers}, 0]}
+
+resources:
+ ApacheServiceBase:
+ type: ./apache.yaml
+ properties:
+ ServiceNetMap: {get_param: ServiceNetMap}
+ DefaultPasswords: {get_param: DefaultPasswords}
+ EndpointMap: {get_param: EndpointMap}
+ EnableInternalTLS: {get_param: EnableInternalTLS}
+
+ NovaBase:
+ type: ./nova-base.yaml
+ properties:
+ ServiceNetMap: {get_param: ServiceNetMap}
+ DefaultPasswords: {get_param: DefaultPasswords}
+ EndpointMap: {get_param: EndpointMap}
+
+outputs:
+ role_data:
+ description: Role data for the Nova Placement API service.
+ value:
+ service_name: nova_placement
+ monitoring_subscription: {get_param: MonitoringSubscriptionNovaPlacement}
+ logging_source: {get_param: NovaPlacementLoggingSource}
+ logging_groups:
+ - nova
+ config_settings:
+ map_merge:
+ - get_attr: [NovaBase, role_data, config_settings]
+ - get_attr: [ApacheServiceBase, role_data, config_settings]
+ - tripleo.nova_placement.firewall_rules:
+ '138 nova_placement':
+ dport:
+ - 8778
+ - 13778
+ nova::placement::project_name: 'service'
+ nova::placement::password: {get_param: NovaPassword}
+ nova::placement::auth_url: {get_param: [EndpointMap, KeystoneAdmin, uri_no_suffix]}
+ nova::placement::os_region_name: {get_param: KeystoneRegion}
+ nova::wsgi::apache_placement::api_port: '8778'
+ nova::wsgi::apache_placement::ssl: {get_param: EnableInternalTLS}
+ # NOTE: bind IP is found in Heat replacing the network name with the local node IP
+ # for the given network; replacement examples (eg. for internal_api):
+ # internal_api -> IP
+ # internal_api_uri -> [IP]
+ # internal_api_subnet - > IP/CIDR
+ nova::wsgi::apache_placement::bind_host: {get_param: [ServiceNetMap, NovaApiNetwork]}
+ nova::wsgi::apache_placement::servername:
+ str_replace:
+ template:
+ "%{hiera('fqdn_$NETWORK')}"
+ params:
+ $NETWORK: {get_param: [ServiceNetMap, NovaApiNetwork]}
+ -
+ if:
+ - nova_workers_zero
+ - {}
+ - nova::wsgi::apache_placement::workers: {get_param: NovaWorkers}
+ step_config: |
+ include tripleo::profile::base::nova::placement
+ service_config_settings:
+ keystone:
+ nova::keystone::auth_placement::tenant: 'service'
+ nova::keystone::auth_placement::public_url: {get_param: [EndpointMap, NovaPlacementPublic, uri]}
+ nova::keystone::auth_placement::internal_url: {get_param: [EndpointMap, NovaPlacementInternal, uri]}
+ nova::keystone::auth_placement::admin_url: {get_param: [EndpointMap, NovaPlacementAdmin, uri]}
+ nova::keystone::auth_placement::password: {get_param: NovaPassword}
+ nova::keystone::auth_placement::region: {get_param: KeystoneRegion}
+ mysql:
+ map_merge:
+ - {get_attr: [NovaBase, role_data, service_config_settings, mysql]}
+ - nova::db::mysql_placement::password: {get_param: NovaPassword}
+ nova::db::mysql_placement::user: nova_placement
+ nova::db::mysql_placement::host: {get_param: [EndpointMap, MysqlInternal, host_nobrackets]}
+ nova::db::mysql_placement::dbname: nova_placement
+ nova::db::mysql_placement::allowed_hosts:
+ - '%'
+ - "%{hiera('mysql_bind_host')}"
diff --git a/puppet/services/nova-scheduler.yaml b/puppet/services/nova-scheduler.yaml
index d4e5fff6..353a75ac 100644
--- a/puppet/services/nova-scheduler.yaml
+++ b/puppet/services/nova-scheduler.yaml
@@ -1,4 +1,4 @@
-heat_template_version: 2016-04-08
+heat_template_version: ocata
description: >
OpenStack Nova Scheduler service configured with Puppet
diff --git a/puppet/services/nova-vnc-proxy.yaml b/puppet/services/nova-vnc-proxy.yaml
index e6b0703f..bf244943 100644
--- a/puppet/services/nova-vnc-proxy.yaml
+++ b/puppet/services/nova-vnc-proxy.yaml
@@ -1,4 +1,4 @@
-heat_template_version: 2016-04-08
+heat_template_version: ocata
description: >
OpenStack Nova Vncproxy service configured with Puppet
diff --git a/puppet/services/opendaylight-api.yaml b/puppet/services/opendaylight-api.yaml
index 253d63ef..0ed9d206 100644
--- a/puppet/services/opendaylight-api.yaml
+++ b/puppet/services/opendaylight-api.yaml
@@ -1,4 +1,4 @@
-heat_template_version: 2016-04-08
+heat_template_version: ocata
description: >
OpenDaylight SDN Controller.
@@ -17,10 +17,6 @@ parameters:
type: string
description: The password for the opendaylight server.
hidden: true
- OpenDaylightEnableL3:
- description: Knob to enable/disable ODL L3
- type: string
- default: 'no'
OpenDaylightEnableDHCP:
description: Knob to enable/disable ODL DHCP Server
type: boolean
@@ -56,9 +52,14 @@ outputs:
opendaylight::odl_rest_port: {get_param: OpenDaylightPort}
opendaylight::username: {get_param: OpenDaylightUsername}
opendaylight::password: {get_param: OpenDaylightPassword}
- opendaylight::enable_l3: {get_param: OpenDaylightEnableL3}
opendaylight::extra_features: {get_param: OpenDaylightFeatures}
opendaylight::enable_dhcp: {get_param: OpenDaylightEnableDHCP}
opendaylight::odl_bind_ip: {get_param: [ServiceNetMap, OpendaylightApiNetwork]}
+ tripleo.opendaylight_api.firewall_rules:
+ '137 opendaylight api':
+ dport:
+ - {get_param: OpenDaylightPort}
+ - 6640
+ - 6653
step_config: |
include tripleo::profile::base::neutron::opendaylight
diff --git a/puppet/services/opendaylight-ovs.yaml b/puppet/services/opendaylight-ovs.yaml
index 907ecddc..cfec3c48 100644
--- a/puppet/services/opendaylight-ovs.yaml
+++ b/puppet/services/opendaylight-ovs.yaml
@@ -1,4 +1,4 @@
-heat_template_version: 2016-04-08
+heat_template_version: ocata
description: >
OpenDaylight OVS Configuration.
@@ -8,6 +8,15 @@ parameters:
default: 8081
description: Set opendaylight service port
type: number
+ OpenDaylightUsername:
+ default: 'admin'
+ description: The username for the opendaylight server.
+ type: string
+ OpenDaylightPassword:
+ default: 'admin'
+ type: string
+ description: The password for the opendaylight server.
+ hidden: true
OpenDaylightConnectionProtocol:
description: L7 protocol used for REST access
type: string
@@ -46,6 +55,8 @@ outputs:
service_name: opendaylight_ovs
config_settings:
opendaylight::odl_rest_port: {get_param: OpenDaylightPort}
+ opendaylight::username: {get_param: OpenDaylightUsername}
+ opendaylight::password: {get_param: OpenDaylightPassword}
opendaylight_check_url: {get_param: OpenDaylightCheckURL}
opendaylight::nb_connection_protocol: {get_param: OpenDaylightConnectionProtocol}
neutron::agents::ml2::ovs::local_ip: {get_param: [ServiceNetMap, NeutronTenantNetwork]}
diff --git a/puppet/services/ovn-dbs.yaml b/puppet/services/ovn-dbs.yaml
new file mode 100644
index 00000000..7f81afde
--- /dev/null
+++ b/puppet/services/ovn-dbs.yaml
@@ -0,0 +1,40 @@
+heat_template_version: ocata
+
+description: >
+ OVN databases configured with puppet
+
+parameters:
+ ServiceNetMap:
+ default: {}
+ description: Mapping of service_name -> network name. Typically set
+ via parameter_defaults in the resource registry. This
+ mapping overrides those in ServiceNetMapDefaults.
+ type: json
+ DefaultPasswords:
+ default: {}
+ type: json
+ EndpointMap:
+ default: {}
+ description: Mapping of service endpoint -> protocol. Typically set
+ via parameter_defaults in the resource registry.
+ type: json
+ OVNNorthboundServerPort:
+ description: Port of the OVN Northbound DB server
+ type: number
+ default: 6641
+ OVNSouthboundServerPort:
+ description: Port of the OVN Southbound DB server
+ type: number
+ default: 6642
+
+outputs:
+ role_data:
+ description: Role data for the OVN northd service
+ value:
+ service_name: ovn_dbs
+ config_settings:
+ ovn::northbound::port: {get_param: OVNNorthboundServerPort}
+ ovn::southbound::port: {get_param: OVNSouthboundServerPort}
+ ovn::northd::dbs_listen_ip: {get_param: [ServiceNetMap, OvnDbsNetwork]}
+ step_config: |
+ include ::tripleo::profile::base::neutron::ovn_northd
diff --git a/puppet/services/pacemaker.yaml b/puppet/services/pacemaker.yaml
index abfb9c80..9adf1bdb 100644
--- a/puppet/services/pacemaker.yaml
+++ b/puppet/services/pacemaker.yaml
@@ -1,4 +1,4 @@
-heat_template_version: 2016-10-14
+heat_template_version: ocata
description: >
Pacemaker service configured with Puppet
diff --git a/puppet/services/pacemaker/ceilometer-agent-central.yaml b/puppet/services/pacemaker/ceilometer-agent-central.yaml
deleted file mode 100644
index 5dcb62ca..00000000
--- a/puppet/services/pacemaker/ceilometer-agent-central.yaml
+++ /dev/null
@@ -1,45 +0,0 @@
-heat_template_version: 2016-04-08
-
-description: >
- OpenStack Ceilometer Central Agent service with Pacemaker configured with Puppet
-
-parameters:
- ServiceNetMap:
- default: {}
- description: Mapping of service_name -> network name. Typically set
- via parameter_defaults in the resource registry. This
- mapping overrides those in ServiceNetMapDefaults.
- type: json
- DefaultPasswords:
- default: {}
- type: json
- EndpointMap:
- default: {}
- description: Mapping of service endpoint -> protocol. Typically set
- via parameter_defaults in the resource registry.
- type: json
- MonitoringSubscriptionCeilometerCentral:
- default: 'overcloud-ceilometer-agent-central'
- type: string
-
-resources:
- CeilometerServiceBase:
- type: ../ceilometer-agent-central.yaml
- properties:
- ServiceNetMap: {get_param: ServiceNetMap}
- DefaultPasswords: {get_param: DefaultPasswords}
- EndpointMap: {get_param: EndpointMap}
-
-outputs:
- role_data:
- description: Role data for the Ceilometer Central Agent pacemaker role.
- value:
- service_name: ceilometer_agent_central
- monitoring_subscription: {get_param: MonitoringSubscriptionCeilometerCentral}
- config_settings:
- map_merge:
- - get_attr: [CeilometerServiceBase, role_data, config_settings]
- - ceilometer::agent::central::manage_service: false
- ceilometer::agent::central::enabled: false
- step_config: |
- include ::tripleo::profile::pacemaker::ceilometer::agent::central
diff --git a/puppet/services/pacemaker/ceilometer-agent-notification.yaml b/puppet/services/pacemaker/ceilometer-agent-notification.yaml
deleted file mode 100644
index dbe14499..00000000
--- a/puppet/services/pacemaker/ceilometer-agent-notification.yaml
+++ /dev/null
@@ -1,45 +0,0 @@
-heat_template_version: 2016-04-08
-
-description: >
- OpenStack Ceilometer Notification Agent service with Pacemaker configured with Puppet
-
-parameters:
- ServiceNetMap:
- default: {}
- description: Mapping of service_name -> network name. Typically set
- via parameter_defaults in the resource registry. This
- mapping overrides those in ServiceNetMapDefaults.
- type: json
- DefaultPasswords:
- default: {}
- type: json
- EndpointMap:
- default: {}
- description: Mapping of service endpoint -> protocol. Typically set
- via parameter_defaults in the resource registry.
- type: json
- MonitoringSubscriptionCeilometerNotification:
- default: 'overcloud-ceilometer-agent-notification'
- type: string
-
-resources:
- CeilometerServiceBase:
- type: ../ceilometer-agent-notification.yaml
- properties:
- ServiceNetMap: {get_param: ServiceNetMap}
- DefaultPasswords: {get_param: DefaultPasswords}
- EndpointMap: {get_param: EndpointMap}
-
-outputs:
- role_data:
- description: Role data for the Ceilometer Notification Agent pacemaker role.
- value:
- service_name: ceilometer_agent_notification
- monitoring_subscription: {get_param: MonitoringSubscriptionCeilometerNotification}
- config_settings:
- map_merge:
- - get_attr: [CeilometerServiceBase, role_data, config_settings]
- - ceilometer::agent::notification::manage_service: false
- ceilometer::agent::notification::enabled: false
- step_config: |
- include ::tripleo::profile::pacemaker::ceilometer::agent::notification
diff --git a/puppet/services/pacemaker/ceilometer-api.yaml b/puppet/services/pacemaker/ceilometer-api.yaml
deleted file mode 100644
index 4b6c18f6..00000000
--- a/puppet/services/pacemaker/ceilometer-api.yaml
+++ /dev/null
@@ -1,45 +0,0 @@
-heat_template_version: 2016-04-08
-
-description: >
- OpenStack Ceilometer API service with Pacemaker configured with Puppet
-
-parameters:
- ServiceNetMap:
- default: {}
- description: Mapping of service_name -> network name. Typically set
- via parameter_defaults in the resource registry. This
- mapping overrides those in ServiceNetMapDefaults.
- type: json
- DefaultPasswords:
- default: {}
- type: json
- EndpointMap:
- default: {}
- description: Mapping of service endpoint -> protocol. Typically set
- via parameter_defaults in the resource registry.
- type: json
- MonitoringSubscriptionCeilometerApi:
- default: 'overcloud-ceilometer-api'
- type: string
-
-resources:
- CeilometerServiceBase:
- type: ../ceilometer-api.yaml
- properties:
- ServiceNetMap: {get_param: ServiceNetMap}
- DefaultPasswords: {get_param: DefaultPasswords}
- EndpointMap: {get_param: EndpointMap}
-
-outputs:
- role_data:
- description: Role data for the Ceilometer API pacemaker role.
- value:
- service_name: ceilometer_api
- monitoring_subscription: {get_param: MonitoringSubscriptionCeilometerApi}
- config_settings:
- map_merge:
- - get_attr: [CeilometerServiceBase, role_data, config_settings]
- - ceilometer::api::manage_service: false
- ceilometer::api::enabled: false
- step_config: |
- include ::tripleo::profile::pacemaker::ceilometer::api
diff --git a/puppet/services/pacemaker/ceilometer-collector.yaml b/puppet/services/pacemaker/ceilometer-collector.yaml
deleted file mode 100644
index 4c919515..00000000
--- a/puppet/services/pacemaker/ceilometer-collector.yaml
+++ /dev/null
@@ -1,45 +0,0 @@
-heat_template_version: 2016-04-08
-
-description: >
- OpenStack Ceilometer Collector service with Pacemaker configured with Puppet
-
-parameters:
- ServiceNetMap:
- default: {}
- description: Mapping of service_name -> network name. Typically set
- via parameter_defaults in the resource registry. This
- mapping overrides those in ServiceNetMapDefaults.
- type: json
- DefaultPasswords:
- default: {}
- type: json
- EndpointMap:
- default: {}
- description: Mapping of service endpoint -> protocol. Typically set
- via parameter_defaults in the resource registry.
- type: json
- MonitoringSubscriptionCeilometerCollector:
- default: 'overcloud-ceilometer-collector'
- type: string
-
-resources:
- CeilometerServiceBase:
- type: ../ceilometer-collector.yaml
- properties:
- ServiceNetMap: {get_param: ServiceNetMap}
- DefaultPasswords: {get_param: DefaultPasswords}
- EndpointMap: {get_param: EndpointMap}
-
-outputs:
- role_data:
- description: Role data for the Ceilometer Collector pacemaker role.
- value:
- service_name: ceilometer_collector
- monitoring_subscription: {get_param: MonitoringSubscriptionCeilometerCollector}
- config_settings:
- map_merge:
- - get_attr: [CeilometerServiceBase, role_data, config_settings]
- - ceilometer::collector::manage_service: false
- ceilometer::collector::enabled: false
- step_config: |
- include ::tripleo::profile::pacemaker::ceilometer::collector
diff --git a/puppet/services/pacemaker/cinder-api.yaml b/puppet/services/pacemaker/cinder-api.yaml
deleted file mode 100644
index 6823789e..00000000
--- a/puppet/services/pacemaker/cinder-api.yaml
+++ /dev/null
@@ -1,45 +0,0 @@
-heat_template_version: 2016-04-08
-
-description: >
- OpenStack Cinder API service with Pacemaker configured with Puppet.
-
-parameters:
- ServiceNetMap:
- default: {}
- description: Mapping of service_name -> network name. Typically set
- via parameter_defaults in the resource registry. This
- mapping overrides those in ServiceNetMapDefaults.
- type: json
- DefaultPasswords:
- default: {}
- type: json
- EndpointMap:
- default: {}
- description: Mapping of service endpoint -> protocol. Typically set
- via parameter_defaults in the resource registry.
- type: json
-
-resources:
-
- CinderApiBase:
- type: ../cinder-api.yaml
- properties:
- ServiceNetMap: {get_param: ServiceNetMap}
- DefaultPasswords: {get_param: DefaultPasswords}
- EndpointMap: {get_param: EndpointMap}
-
-outputs:
- role_data:
- description: Role data for the Cinder API role.
- value:
- service_name: cinder_api
- monitoring_subscription: {get_attr: [CinderApiBase, role_data, monitoring_subscription]}
- logging_source: {get_attr: [CinderApiBase, role_data, logging_source]}
- logging_groups: {get_attr: [CinderApiBase, role_data, logging_groups]}
- config_settings:
- map_merge:
- - get_attr: [CinderApiBase, role_data, config_settings]
- - cinder::api::manage_service: false
- cinder::api::enabled: false
- step_config: |
- include ::tripleo::profile::pacemaker::cinder::api
diff --git a/puppet/services/pacemaker/cinder-backup.yaml b/puppet/services/pacemaker/cinder-backup.yaml
index 2ebc7680..e75ac973 100644
--- a/puppet/services/pacemaker/cinder-backup.yaml
+++ b/puppet/services/pacemaker/cinder-backup.yaml
@@ -1,4 +1,4 @@
-heat_template_version: 2016-04-08
+heat_template_version: ocata
description: >
OpenStack Cinder Backup service with Pacemaker configured with Puppet
diff --git a/puppet/services/pacemaker/cinder-scheduler.yaml b/puppet/services/pacemaker/cinder-scheduler.yaml
deleted file mode 100644
index 15e44be2..00000000
--- a/puppet/services/pacemaker/cinder-scheduler.yaml
+++ /dev/null
@@ -1,45 +0,0 @@
-heat_template_version: 2016-04-08
-
-description: >
- OpenStack Cinder Scheduler service with Pacemaker configured with Puppet
-
-parameters:
- ServiceNetMap:
- default: {}
- description: Mapping of service_name -> network name. Typically set
- via parameter_defaults in the resource registry. This
- mapping overrides those in ServiceNetMapDefaults.
- type: json
- DefaultPasswords:
- default: {}
- type: json
- EndpointMap:
- default: {}
- description: Mapping of service endpoint -> protocol. Typically set
- via parameter_defaults in the resource registry.
- type: json
-
-resources:
-
- CinderSchedulerBase:
- type: ../cinder-scheduler.yaml
- properties:
- ServiceNetMap: {get_param: ServiceNetMap}
- DefaultPasswords: {get_param: DefaultPasswords}
- EndpointMap: {get_param: EndpointMap}
-
-outputs:
- role_data:
- description: Role data for the Cinder Scheduler role.
- value:
- service_name: cinder_scheduler
- monitoring_subscription: {get_attr: [CinderSchedulerBase, role_data, monitoring_subscription]}
- logging_source: {get_attr: [CinderSchedulerBase, role_data, logging_source]}
- logging_groups: {get_attr: [CinderSchedulerBase, role_data, logging_groups]}
- config_settings:
- map_merge:
- - get_attr: [CinderSchedulerBase, role_data, config_settings]
- - cinder::scheduler::manage_service: false
- cinder::scheduler::enabled: false
- step_config:
- include ::tripleo::profile::pacemaker::cinder::scheduler
diff --git a/puppet/services/pacemaker/cinder-volume.yaml b/puppet/services/pacemaker/cinder-volume.yaml
index d91a0181..bef47a57 100644
--- a/puppet/services/pacemaker/cinder-volume.yaml
+++ b/puppet/services/pacemaker/cinder-volume.yaml
@@ -1,4 +1,4 @@
-heat_template_version: 2016-04-08
+heat_template_version: ocata
description: >
OpenStack Cinder Volume service with Pacemaker configured with Puppet
diff --git a/puppet/services/pacemaker/core.yaml b/puppet/services/pacemaker/core.yaml
deleted file mode 100644
index 9eca1de3..00000000
--- a/puppet/services/pacemaker/core.yaml
+++ /dev/null
@@ -1,29 +0,0 @@
-heat_template_version: 2016-04-08
-
-description: >
- OpenStack Core (fake) service with Pacemaker configured with Puppet.
-
-parameters:
- ServiceNetMap:
- default: {}
- description: Mapping of service_name -> network name. Typically set
- via parameter_defaults in the resource registry. This
- mapping overrides those in ServiceNetMapDefaults.
- type: json
- DefaultPasswords:
- default: {}
- type: json
- EndpointMap:
- default: {}
- description: Mapping of service endpoint -> protocol. Typically set
- via parameter_defaults in the resource registry.
- type: json
-
-outputs:
- role_data:
- description: Role data for the Core role.
- value:
- service_name: core
- config_settings: {}
- step_config: |
- include ::tripleo::profile::pacemaker::core \ No newline at end of file
diff --git a/puppet/services/pacemaker/database/mongodb.yaml b/puppet/services/pacemaker/database/mongodb.yaml
deleted file mode 100644
index 982b6064..00000000
--- a/puppet/services/pacemaker/database/mongodb.yaml
+++ /dev/null
@@ -1,42 +0,0 @@
-heat_template_version: 2016-04-08
-
-description: >
- MongoDb service deployment using puppet
-
-parameters:
- #Parameters not used EndpointMap
- ServiceNetMap:
- default: {}
- description: Mapping of service_name -> network name. Typically set
- via parameter_defaults in the resource registry. This
- mapping overrides those in ServiceNetMapDefaults.
- type: json
- DefaultPasswords:
- default: {}
- type: json
- EndpointMap:
- default: {}
- description: Mapping of service endpoint -> protocol. Typically set
- via parameter_defaults in the resource registry.
- type: json
-
-resources:
- MongoDbBase:
- type: ../../database/mongodb.yaml
- properties:
- ServiceNetMap: {get_param: ServiceNetMap}
- DefaultPasswords: {get_param: DefaultPasswords}
- EndpointMap: {get_param: EndpointMap}
-
-outputs:
- role_data:
- description: Service mongodb using composable services.
- value:
- service_name: mongodb
- config_settings:
- map_merge:
- - get_attr: [MongoDbBase, role_data, config_settings]
- - tripleo::profile::pacemaker::database::mongodb::mongodb_replset: {get_attr: [MongoDbBase, aux_parameters, rplset_name]}
- mongodb::server::service_manage: False
- step_config: |
- include ::tripleo::profile::pacemaker::database::mongodb
diff --git a/puppet/services/pacemaker/database/mysql.yaml b/puppet/services/pacemaker/database/mysql.yaml
index f2905903..511a01ab 100644
--- a/puppet/services/pacemaker/database/mysql.yaml
+++ b/puppet/services/pacemaker/database/mysql.yaml
@@ -1,4 +1,4 @@
-heat_template_version: 2016-04-08
+heat_template_version: ocata
description: >
MySQL with Pacemaker service deployment using puppet
@@ -53,3 +53,7 @@ outputs:
get_param: [ServiceNetMap, MysqlNetwork]
step_config: |
include ::tripleo::profile::pacemaker::database::mysql
+ upgrade_tasks:
+ - name: Check for galera root password
+ tags: step0
+ file: path=/root/.my.cnf state=file
diff --git a/puppet/services/pacemaker/database/redis.yaml b/puppet/services/pacemaker/database/redis.yaml
index 196754eb..e702d28b 100644
--- a/puppet/services/pacemaker/database/redis.yaml
+++ b/puppet/services/pacemaker/database/redis.yaml
@@ -1,4 +1,4 @@
-heat_template_version: 2016-04-08
+heat_template_version: ocata
description: >
OpenStack Redis service configured with Puppet
diff --git a/puppet/services/pacemaker/glance-api.yaml b/puppet/services/pacemaker/glance-api.yaml
deleted file mode 100644
index 20a439f6..00000000
--- a/puppet/services/pacemaker/glance-api.yaml
+++ /dev/null
@@ -1,74 +0,0 @@
-heat_template_version: 2016-04-08
-
-description: >
- OpenStack Glance API service with Pacemaker configured with Puppet.
-
-parameters:
- ServiceNetMap:
- default: {}
- description: Mapping of service_name -> network name. Typically set
- via parameter_defaults in the resource registry. This
- mapping overrides those in ServiceNetMapDefaults.
- type: json
- DefaultPasswords:
- default: {}
- type: json
- EndpointMap:
- default: {}
- description: Mapping of service endpoint -> protocol. Typically set
- via parameter_defaults in the resource registry.
- type: json
- GlanceFilePcmkDevice:
- default: ''
- description: >
- An exported storage device that should be mounted by Pacemaker
- as Glance storage. Effective when GlanceFilePcmkManage is true.
- type: string
- GlanceFilePcmkFstype:
- default: 'nfs'
- description: >
- Filesystem type for Pacemaker mount used as Glance storage.
- Effective when GlanceFilePcmkManage is true.
- type: string
- GlanceFilePcmkManage:
- default: false
- description: >
- Whether to make Glance file backend a mount managed by Pacemaker.
- Effective when GlanceBackend is 'file'.
- type: boolean
- GlanceFilePcmkOptions:
- default: ''
- description: >
- Mount options for Pacemaker mount used as Glance storage.
- Effective when GlanceFilePcmkManage is true.
- type: string
-
-resources:
-
- GlanceApiBase:
- type: ../glance-api.yaml
- properties:
- ServiceNetMap: {get_param: ServiceNetMap}
- DefaultPasswords: {get_param: DefaultPasswords}
- EndpointMap: {get_param: EndpointMap}
-
-outputs:
- role_data:
- description: Role data for the Glance role.
- value:
- service_name: glance_api
- monitoring_subscription: {get_attr: [GlanceApiBase, role_data, monitoring_subscription]}
- logging_source: {get_attr: [GlanceApiBase, role_data, logging_source]}
- logging_groups: {get_attr: [GlanceApiBase, role_data, logging_groups]}
- config_settings:
- map_merge:
- - get_attr: [GlanceApiBase, role_data, config_settings]
- - glance_file_pcmk_device: {get_param: GlanceFilePcmkDevice}
- glance_file_pcmk_fstype: {get_param: GlanceFilePcmkFstype}
- glance_file_pcmk_manage: {get_param: GlanceFilePcmkManage}
- glance_file_pcmk_options: {get_param: GlanceFilePcmkOptions}
- glance_file_pcmk_directory: '/var/lib/glance/images'
- glance::api::manage_service: false
- glance::api::enabled: false
- step_config: |
- include ::tripleo::profile::pacemaker::glance
diff --git a/puppet/services/pacemaker/glance-registry.yaml b/puppet/services/pacemaker/glance-registry.yaml
deleted file mode 100644
index 41f89fdd..00000000
--- a/puppet/services/pacemaker/glance-registry.yaml
+++ /dev/null
@@ -1,47 +0,0 @@
-heat_template_version: 2016-04-08
-
-description: >
- OpenStack Glance Registry service with Pacemaker configured with Puppet
-
-parameters:
- ServiceNetMap:
- default: {}
- description: Mapping of service_name -> network name. Typically set
- via parameter_defaults in the resource registry. This
- mapping overrides those in ServiceNetMapDefaults.
- type: json
- DefaultPasswords:
- default: {}
- type: json
- EndpointMap:
- default: {}
- description: Mapping of service endpoint -> protocol. Typically set
- via parameter_defaults in the resource registry.
- type: json
-
-resources:
-
- GlanceRegistryBase:
- type: ../glance-registry.yaml
- properties:
- ServiceNetMap: {get_param: ServiceNetMap}
- DefaultPasswords: {get_param: DefaultPasswords}
- EndpointMap: {get_param: EndpointMap}
-
-outputs:
- role_data:
- description: Role data for the Glance role.
- value:
- service_name: glance_registry
- monitoring_subscription: {get_attr: [GlanceRegistryBase, role_data, monitoring_subscription]}
- logging_source: {get_attr: [GlanceRegistryBase, role_data, logging_source]}
- logging_groups: {get_attr: [GlanceRegistryBase, role_data, logging_groups]}
- config_settings:
- map_merge:
- - get_attr: [GlanceRegistryBase, role_data, config_settings]
- - glance::registry::manage_service: false
- glance::registry::enabled: false
- # No puppet manifests since glance-registry is included in
- # ::tripleo::profile::pacemaker::glance which is maintained alongside of
- # pacemaker/glance-api.yaml.
- step_config:
diff --git a/puppet/services/pacemaker/gnocchi-metricd.yaml b/puppet/services/pacemaker/gnocchi-metricd.yaml
deleted file mode 100644
index 0f36b5d5..00000000
--- a/puppet/services/pacemaker/gnocchi-metricd.yaml
+++ /dev/null
@@ -1,47 +0,0 @@
-heat_template_version: 2016-04-08
-
-description: >
- Gnocchi service configured with Puppet
-
-parameters:
- ServiceNetMap:
- default: {}
- description: Mapping of service_name -> network name. Typically set
- via parameter_defaults in the resource registry. This
- mapping overrides those in ServiceNetMapDefaults.
- type: json
- DefaultPasswords:
- default: {}
- type: json
- EndpointMap:
- default: {}
- description: Mapping of service endpoint -> protocol. Typically set
- via parameter_defaults in the resource registry.
- type: json
- MonitoringSubscriptionGnocchiMetricd:
- default: 'overcloud-gnocchi-metricd'
- type: string
-
-resources:
- GnocchiServiceBase:
- type: ../gnocchi-metricd.yaml
- properties:
- ServiceNetMap: {get_param: ServiceNetMap}
- DefaultPasswords: {get_param: DefaultPasswords}
- EndpointMap: {get_param: EndpointMap}
-
-outputs:
- role_data:
- description: Role data for the Gnocchi role.
- value:
- service_name: gnocchi_metricd
- monitoring_subscription: {get_param: MonitoringSubscriptionGnocchiMetricd}
- config_settings:
- map_merge:
- - get_attr: [GnocchiServiceBase, role_data, config_settings]
- - gnocchi::metricd::manage_service: false
- gnocchi::metricd::enabled: false
- tripleo::profile::pacemaker::gnocchi::gnocchi_indexer_backend: {get_attr: [GnocchiServiceBase, aux_parameters, gnocchi_indexer_backend]}
-
- step_config: |
- include ::tripleo::profile::pacemaker::gnocchi::metricd
diff --git a/puppet/services/pacemaker/gnocchi-statsd.yaml b/puppet/services/pacemaker/gnocchi-statsd.yaml
deleted file mode 100644
index b9afc590..00000000
--- a/puppet/services/pacemaker/gnocchi-statsd.yaml
+++ /dev/null
@@ -1,46 +0,0 @@
-heat_template_version: 2016-04-08
-
-description: >
- Gnocchi service configured with Puppet
-
-parameters:
- ServiceNetMap:
- default: {}
- description: Mapping of service_name -> network name. Typically set
- via parameter_defaults in the resource registry. This
- mapping overrides those in ServiceNetMapDefaults.
- type: json
- DefaultPasswords:
- default: {}
- type: json
- EndpointMap:
- default: {}
- description: Mapping of service endpoint -> protocol. Typically set
- via parameter_defaults in the resource registry.
- type: json
- MonitoringSubscriptionGnocchiStatsd:
- default: 'overcloud-gnocchi-statsd'
- type: string
-
-resources:
- GnocchiServiceBase:
- type: ../gnocchi-statsd.yaml
- properties:
- ServiceNetMap: {get_param: ServiceNetMap}
- DefaultPasswords: {get_param: DefaultPasswords}
- EndpointMap: {get_param: EndpointMap}
-
-outputs:
- role_data:
- description: Role data for the Gnocchi role.
- value:
- service_name: gnocchi_statsd
- monitoring_subscription: {get_param: MonitoringSubscriptionGnocchiStatsd}
- config_settings:
- map_merge:
- - get_attr: [GnocchiServiceBase, role_data, config_settings]
- - gnocchi::statsd::manage_service: false
- gnocchi::statsd::enabled: false
- tripleo::profile::pacemaker::gnocchi::gnocchi_indexer_backend: {get_attr: [GnocchiServiceBase, aux_parameters, gnocchi_indexer_backend]}
- step_config: |
- include ::tripleo::profile::pacemaker::gnocchi::statsd
diff --git a/puppet/services/pacemaker/haproxy.yaml b/puppet/services/pacemaker/haproxy.yaml
index e4115d64..50da4119 100644
--- a/puppet/services/pacemaker/haproxy.yaml
+++ b/puppet/services/pacemaker/haproxy.yaml
@@ -1,4 +1,4 @@
-heat_template_version: 2016-04-08
+heat_template_version: ocata
description: >
HAproxy service with Pacemaker configured with Puppet
diff --git a/puppet/services/pacemaker/heat-api-cfn.yaml b/puppet/services/pacemaker/heat-api-cfn.yaml
deleted file mode 100644
index dd25905b..00000000
--- a/puppet/services/pacemaker/heat-api-cfn.yaml
+++ /dev/null
@@ -1,44 +0,0 @@
-heat_template_version: 2016-04-08
-
-description: >
- Openstack Heat CloudFormation API service configured with Puppet
-
-parameters:
- ServiceNetMap:
- default: {}
- description: Mapping of service_name -> network name. Typically set
- via parameter_defaults in the resource registry. This
- mapping overrides those in ServiceNetMapDefaults.
- type: json
- DefaultPasswords:
- default: {}
- type: json
- EndpointMap:
- default: {}
- description: Mapping of service endpoint -> protocol. Typically set
- via parameter_defaults in the resource registry.
- type: json
-
-resources:
- HeatApiCfnBase:
- type: ../heat-api-cfn.yaml
- properties:
- ServiceNetMap: {get_param: ServiceNetMap}
- DefaultPasswords: {get_param: DefaultPasswords}
- EndpointMap: {get_param: EndpointMap}
-
-outputs:
- role_data:
- description: Role data for the Heat CloudFormation API role.
- value:
- service_name: heat_api_cfn
- monitoring_subscription: {get_attr: [HeatApiCfnBase, role_data, monitoring_subscription]}
- logging_source: {get_attr: [HeatApiCfnBase, role_data, logging_source]}
- logging_groups: {get_attr: [HeatApiCfnBase, role_data, logging_groups]}
- config_settings:
- map_merge:
- - get_attr: [HeatApiCfnBase, role_data, config_settings]
- - heat::api_cfn::manage_service: false
- heat::api_cfn::enabled: false
- step_config: |
- include ::tripleo::profile::pacemaker::heat::api_cfn
diff --git a/puppet/services/pacemaker/heat-api-cloudwatch.yaml b/puppet/services/pacemaker/heat-api-cloudwatch.yaml
deleted file mode 100644
index 18d2a0d5..00000000
--- a/puppet/services/pacemaker/heat-api-cloudwatch.yaml
+++ /dev/null
@@ -1,44 +0,0 @@
-heat_template_version: 2016-04-08
-
-description: >
- Openstack Heat CloudWatch API service configured with Puppet
-
-parameters:
- ServiceNetMap:
- default: {}
- description: Mapping of service_name -> network name. Typically set
- via parameter_defaults in the resource registry. This
- mapping overrides those in ServiceNetMapDefaults.
- type: json
- DefaultPasswords:
- default: {}
- type: json
- EndpointMap:
- default: {}
- description: Mapping of service endpoint -> protocol. Typically set
- via parameter_defaults in the resource registry.
- type: json
-
-resources:
- HeatApiCloudwatchBase:
- type: ../heat-api-cloudwatch.yaml
- properties:
- ServiceNetMap: {get_param: ServiceNetMap}
- DefaultPasswords: {get_param: DefaultPasswords}
- EndpointMap: {get_param: EndpointMap}
-
-outputs:
- role_data:
- description: Role data for the Heat Cloudwatch API role.
- value:
- service_name: heat_api_cloudwatch
- monitoring_subscription: {get_attr: [HeatApiCloudwatchBase, role_data, monitoring_subscription]}
- logging_source: {get_attr: [HeatApiCloudwatchBase, role_data, logging_source]}
- logging_groups: {get_attr: [HeatApiCloudwatchBase, role_data, logging_groups]}
- config_settings:
- map_merge:
- - get_attr: [HeatApiCloudwatchBase, role_data, config_settings]
- - heat::api_cloudwatch::manage_service: false
- heat::api_cloudwatch::enabled: false
- step_config: |
- include ::tripleo::profile::pacemaker::heat::api_cloudwatch
diff --git a/puppet/services/pacemaker/heat-api.yaml b/puppet/services/pacemaker/heat-api.yaml
deleted file mode 100644
index 43122cb0..00000000
--- a/puppet/services/pacemaker/heat-api.yaml
+++ /dev/null
@@ -1,44 +0,0 @@
-heat_template_version: 2016-04-08
-
-description: >
- Openstack Heat API service configured with Puppet
-
-parameters:
- ServiceNetMap:
- default: {}
- description: Mapping of service_name -> network name. Typically set
- via parameter_defaults in the resource registry. This
- mapping overrides those in ServiceNetMapDefaults.
- type: json
- DefaultPasswords:
- default: {}
- type: json
- EndpointMap:
- default: {}
- description: Mapping of service endpoint -> protocol. Typically set
- via parameter_defaults in the resource registry.
- type: json
-
-resources:
- HeatApiBase:
- type: ../heat-api.yaml
- properties:
- ServiceNetMap: {get_param: ServiceNetMap}
- DefaultPasswords: {get_param: DefaultPasswords}
- EndpointMap: {get_param: EndpointMap}
-
-outputs:
- role_data:
- description: Role data for the Heat API role.
- value:
- service_name: heat_api
- monitoring_subscription: {get_attr: [HeatApiBase, role_data, monitoring_subscription]}
- logging_source: {get_attr: [HeatApiBase, role_data, logging_source]}
- logging_groups: {get_attr: [HeatApiBase, role_data, logging_groups]}
- config_settings:
- map_merge:
- - get_attr: [HeatApiBase, role_data, config_settings]
- - heat::api::manage_service: false
- heat::api::enabled: false
- step_config: |
- include ::tripleo::profile::pacemaker::heat::api
diff --git a/puppet/services/pacemaker/heat-engine.yaml b/puppet/services/pacemaker/heat-engine.yaml
deleted file mode 100644
index 54bfdad2..00000000
--- a/puppet/services/pacemaker/heat-engine.yaml
+++ /dev/null
@@ -1,45 +0,0 @@
-heat_template_version: 2016-04-08
-
-description: >
- Openstack Heat Engine service configured with Puppet
-
-parameters:
- ServiceNetMap:
- default: {}
- description: Mapping of service_name -> network name. Typically set
- via parameter_defaults in the resource registry. This
- mapping overrides those in ServiceNetMapDefaults.
- type: json
- DefaultPasswords:
- default: {}
- type: json
- EndpointMap:
- default: {}
- description: Mapping of service endpoint -> protocol. Typically set
- via parameter_defaults in the resource registry.
- type: json
-
-resources:
- HeatEngineBase:
- type: ../heat-engine.yaml
- properties:
- ServiceNetMap: {get_param: ServiceNetMap}
- DefaultPasswords: {get_param: DefaultPasswords}
- EndpointMap: {get_param: EndpointMap}
-
-
-outputs:
- role_data:
- description: Role data for the Heat engine role.
- value:
- service_name: heat_engine
- monitoring_subscription: {get_attr: [HeatEngineBase, role_data, monitoring_subscription]}
- logging_source: {get_attr: [HeatEngineBase, role_data, logging_source]}
- logging_groups: {get_attr: [HeatEngineBase, role_data, logging_groups]}
- config_settings:
- map_merge:
- - get_attr: [HeatEngineBase, role_data, config_settings]
- - heat::engine::manage_service: false
- heat::engine::enabled: false
- step_config: |
- include ::tripleo::profile::pacemaker::heat::engine
diff --git a/puppet/services/pacemaker/horizon.yaml b/puppet/services/pacemaker/horizon.yaml
deleted file mode 100644
index 18de23ae..00000000
--- a/puppet/services/pacemaker/horizon.yaml
+++ /dev/null
@@ -1,41 +0,0 @@
-heat_template_version: 2016-04-08
-
-description: >
- Horizon service with Pacemaker configured with Puppet.
-
-parameters:
- ServiceNetMap:
- default: {}
- description: Mapping of service_name -> network name. Typically set
- via parameter_defaults in the resource registry. This
- mapping overrides those in ServiceNetMapDefaults.
- type: json
- DefaultPasswords:
- default: {}
- type: json
- EndpointMap:
- default: {}
- description: Mapping of service endpoint -> protocol. Typically set
- via parameter_defaults in the resource registry.
- type: json
-
-resources:
-
- HorizonBase:
- type: ../horizon.yaml
- properties:
- ServiceNetMap: {get_param: ServiceNetMap}
- DefaultPasswords: {get_param: DefaultPasswords}
- EndpointMap: {get_param: EndpointMap}
-
-outputs:
- role_data:
- description: Role data for the Horizon role.
- value:
- service_name: horizon
- monitoring_subscription: {get_attr: [HorizonBase, role_data, monitoring_subscription]}
- config_settings:
- get_attr: [HorizonBase, role_data, config_settings]
- step_config: |
- include ::tripleo::profile::base::horizon
- include ::tripleo::profile::pacemaker::apache
diff --git a/puppet/services/pacemaker/keystone.yaml b/puppet/services/pacemaker/keystone.yaml
deleted file mode 100644
index 908b9bbd..00000000
--- a/puppet/services/pacemaker/keystone.yaml
+++ /dev/null
@@ -1,45 +0,0 @@
-heat_template_version: 2016-04-08
-
-description: >
- OpenStack Keystone service with Pacemaker configured with Puppet
-
-parameters:
- ServiceNetMap:
- default: {}
- description: Mapping of service_name -> network name. Typically set
- via parameter_defaults in the resource registry. This
- mapping overrides those in ServiceNetMapDefaults.
- type: json
- DefaultPasswords:
- default: {}
- type: json
- EndpointMap:
- default: {}
- description: Mapping of service endpoint -> protocol. Typically set
- via parameter_defaults in the resource registry.
- type: json
-
-resources:
-
- KeystoneServiceBase:
- type: ../keystone.yaml
- properties:
- ServiceNetMap: {get_param: ServiceNetMap}
- DefaultPasswords: {get_param: DefaultPasswords}
- EndpointMap: {get_param: EndpointMap}
-
-outputs:
- role_data:
- description: Role data for the Keystone pacemaker role.
- value:
- service_name: keystone
- monitoring_subscription: {get_attr: [KeystoneServiceBase, role_data, monitoring_subscription]}
- logging_source: {get_attr: [KeystoneServiceBase, role_data, logging_source]}
- logging_groups: {get_attr: [KeystoneServiceBase, role_data, logging_groups]}
- config_settings:
- map_merge:
- - get_attr: [KeystoneServiceBase, role_data, config_settings]
- - keystone::manage_service: false
- keystone::enabled: false
- step_config: |
- include ::tripleo::profile::pacemaker::keystone
diff --git a/puppet/services/pacemaker/manila-share.yaml b/puppet/services/pacemaker/manila-share.yaml
index cabc31a0..ddc13df3 100644
--- a/puppet/services/pacemaker/manila-share.yaml
+++ b/puppet/services/pacemaker/manila-share.yaml
@@ -1,4 +1,4 @@
-heat_template_version: 2016-04-08
+heat_template_version: ocata
description: >
The manila-share service with Pacemaker configured with Puppet
diff --git a/puppet/services/pacemaker/memcached.yaml b/puppet/services/pacemaker/memcached.yaml
deleted file mode 100644
index 04b895b6..00000000
--- a/puppet/services/pacemaker/memcached.yaml
+++ /dev/null
@@ -1,42 +0,0 @@
-heat_template_version: 2016-04-08
-
-description: >
- Mecached service with Pacemaker configured with Puppet
-
-parameters:
- ServiceNetMap:
- default: {}
- description: Mapping of service_name -> network name. Typically set
- via parameter_defaults in the resource registry. This
- mapping overrides those in ServiceNetMapDefaults.
- type: json
- DefaultPasswords:
- default: {}
- type: json
- EndpointMap:
- default: {}
- description: Mapping of service endpoint -> protocol. Typically set
- via parameter_defaults in the resource registry.
- type: json
-
-resources:
-
- MemcachedServiceBase:
- type: ../memcached.yaml
- properties:
- ServiceNetMap: {get_param: ServiceNetMap}
- DefaultPasswords: {get_param: DefaultPasswords}
- EndpointMap: {get_param: EndpointMap}
-
-outputs:
- role_data:
- description: Role data for the Memcached pacemaker role.
- value:
- service_name: memcached
- monitoring_subscription: {get_attr: [MemcachedServiceBase, role_data, monitoring_subscription]}
- config_settings:
- map_merge:
- - get_attr: [MemcachedServiceBase, role_data, config_settings]
- - memcached::service_manage: false
- step_config: |
- include ::tripleo::profile::pacemaker::memcached
diff --git a/puppet/services/pacemaker/neutron-dhcp.yaml b/puppet/services/pacemaker/neutron-dhcp.yaml
deleted file mode 100644
index 7fca73d6..00000000
--- a/puppet/services/pacemaker/neutron-dhcp.yaml
+++ /dev/null
@@ -1,46 +0,0 @@
-heat_template_version: 2016-04-08
-
-description: >
- OpenStack Neutron DHCP service with Pacemaker configured with Puppet.
-
-parameters:
- ServiceNetMap:
- default: {}
- description: Mapping of service_name -> network name. Typically set
- via parameter_defaults in the resource registry. This
- mapping overrides those in ServiceNetMapDefaults.
- type: json
- DefaultPasswords:
- default: {}
- type: json
- EndpointMap:
- default: {}
- description: Mapping of service endpoint -> protocol. Typically set
- via parameter_defaults in the resource registry.
- type: json
-
-resources:
-
- NeutronDhcpBase:
- type: ../neutron-dhcp.yaml
- properties:
- ServiceNetMap: {get_param: ServiceNetMap}
- DefaultPasswords: {get_param: DefaultPasswords}
- EndpointMap: {get_param: EndpointMap}
-
-outputs:
- role_data:
- description: Role data for the Neutron DHCP role.
- value:
- service_name: neutron_dhcp
- monitoring_subscription: {get_attr: [NeutronDhcpBase, role_data, monitoring_subscription]}
- logging_source: {get_attr: [NeutronDhcpBase, role_data, logging_source]}
- logging_groups: {get_attr: [NeutronDhcpBase, role_data, logging_groups]}
- config_settings:
- map_merge:
- - get_attr: [NeutronDhcpBase, role_data, config_settings]
- - tripleo::profile::pacemaker::neutron::enable_dhcp: True
- neutron::agents::dhcp::enabled: false
- neutron::agents::dhcp::manage_service: false
- step_config: |
- include ::tripleo::profile::pacemaker::neutron::dhcp
diff --git a/puppet/services/pacemaker/neutron-l3.yaml b/puppet/services/pacemaker/neutron-l3.yaml
deleted file mode 100644
index cdb87f50..00000000
--- a/puppet/services/pacemaker/neutron-l3.yaml
+++ /dev/null
@@ -1,46 +0,0 @@
-heat_template_version: 2016-04-08
-
-description: >
- OpenStack Neutron L3 service with Pacemaker configured with Puppet.
-
-parameters:
- ServiceNetMap:
- default: {}
- description: Mapping of service_name -> network name. Typically set
- via parameter_defaults in the resource registry. This
- mapping overrides those in ServiceNetMapDefaults.
- type: json
- DefaultPasswords:
- default: {}
- type: json
- EndpointMap:
- default: {}
- description: Mapping of service endpoint -> protocol. Typically set
- via parameter_defaults in the resource registry.
- type: json
-
-resources:
-
- NeutronL3Base:
- type: ../neutron-l3.yaml
- properties:
- ServiceNetMap: {get_param: ServiceNetMap}
- DefaultPasswords: {get_param: DefaultPasswords}
- EndpointMap: {get_param: EndpointMap}
-
-outputs:
- role_data:
- description: Role data for the Neutron L3 role.
- value:
- service_name: neutron_l3
- monitoring_subscription: {get_attr: [NeutronL3Base, role_data, monitoring_subscription]}
- logging_source: {get_attr: [NeutronL3Base, role_data, logging_source]}
- logging_groups: {get_attr: [NeutronL3Base, role_data, logging_groups]}
- config_settings:
- map_merge:
- - get_attr: [NeutronL3Base, role_data, config_settings]
- - tripleo::profile::pacemaker::neutron::enable_l3: True
- neutron::agents::l3::enabled: false
- neutron::agents::l3::manage_service: false
- step_config: |
- include ::tripleo::profile::pacemaker::neutron::l3
diff --git a/puppet/services/pacemaker/neutron-metadata.yaml b/puppet/services/pacemaker/neutron-metadata.yaml
deleted file mode 100644
index 49a31eb5..00000000
--- a/puppet/services/pacemaker/neutron-metadata.yaml
+++ /dev/null
@@ -1,44 +0,0 @@
-heat_template_version: 2016-04-08
-
-description: >
- OpenStack Neutron Metadata service with Pacemaker configured with Puppet.
-
-parameters:
- ServiceNetMap:
- default: {}
- description: Mapping of service_name -> network name. Typically set
- via parameter_defaults in the resource registry. This
- mapping overrides those in ServiceNetMapDefaults.
- type: json
- DefaultPasswords:
- default: {}
- type: json
- EndpointMap:
- default: {}
- description: Mapping of service endpoint -> protocol. Typically set
- via parameter_defaults in the resource registry.
- type: json
-
-resources:
-
- NeutronMetadataBase:
- type: ../neutron-metadata.yaml
- properties:
- ServiceNetMap: {get_param: ServiceNetMap}
- DefaultPasswords: {get_param: DefaultPasswords}
- EndpointMap: {get_param: EndpointMap}
-
-outputs:
- role_data:
- description: Role data for the Neutron Metadata role.
- value:
- service_name: neutron_metadata
- monitoring_subscription: {get_attr: [NeutronMetadataBase, role_data, monitoring_subscription]}
- logging_source: {get_attr: [NeutronMetadataBase, role_data, logging_source]}
- logging_groups: {get_attr: [NeutronMetadataBase, role_data, logging_groups]}
- config_settings:
- map_merge:
- - get_attr: [NeutronMetadataBase, role_data, config_settings]
- - tripleo::profile::pacemaker::neutron::enable_metadata: True
- step_config: |
- include ::tripleo::profile::pacemaker::neutron::metadata
diff --git a/puppet/services/pacemaker/neutron-midonet.yaml b/puppet/services/pacemaker/neutron-midonet.yaml
deleted file mode 100644
index fdd5dafb..00000000
--- a/puppet/services/pacemaker/neutron-midonet.yaml
+++ /dev/null
@@ -1,41 +0,0 @@
-heat_template_version: 2016-04-08
-
-description: >
- OpenStack Neutron Midonet with Pacemaker configured with Puppet
-
-parameters:
- ServiceNetMap:
- default: {}
- description: Mapping of service_name -> network name. Typically set
- via parameter_defaults in the resource registry. This
- mapping overrides those in ServiceNetMapDefaults.
- type: json
- DefaultPasswords:
- default: {}
- type: json
- EndpointMap:
- default: {}
- description: Mapping of service endpoint -> protocol. Typically set
- via parameter_defaults in the resource registry.
- type: json
-
-resources:
-
- NeutronMidonetBase:
- type: ../neutron-midonet.yaml
- properties:
- ServiceNetMap: {get_param: ServiceNetMap}
- DefaultPasswords: {get_param: DefaultPasswords}
- EndpointMap: {get_param: EndpointMap}
-
-outputs:
- role_data:
- description: Role data for the Neutron Midonet plugin.
- value:
- service_name: neutron_midonet
- monitoring_subscription: {get_attr: [NeutronMidonetBase, role_data, monitoring_subscription]}
- config_settings:
- map_merge:
- - get_attr: [NeutronMidonetBase, role_data, config_settings]
- step_config: |
- include ::tripleo::profile::pacemaker::neutron::plugins::midonet
diff --git a/puppet/services/pacemaker/neutron-ovs-agent.yaml b/puppet/services/pacemaker/neutron-ovs-agent.yaml
deleted file mode 100644
index a2bd7c83..00000000
--- a/puppet/services/pacemaker/neutron-ovs-agent.yaml
+++ /dev/null
@@ -1,42 +0,0 @@
-heat_template_version: 2016-04-08
-
-description: >
- OpenStack Neutron OVS agent with Pacemaker configured with Puppet
-
-parameters:
- ServiceNetMap:
- default: {}
- description: Mapping of service_name -> network name. Typically set
- via parameter_defaults in the resource registry. This
- mapping overrides those in ServiceNetMapDefaults.
- type: json
- DefaultPasswords:
- default: {}
- type: json
- EndpointMap:
- default: {}
- description: Mapping of service endpoint -> protocol. Typically set
- via parameter_defaults in the resource registry.
- type: json
-
-resources:
-
- NeutronOvsBase:
- type: ../neutron-ovs-agent.yaml
- properties:
- ServiceNetMap: {get_param: ServiceNetMap}
- DefaultPasswords: {get_param: DefaultPasswords}
- EndpointMap: {get_param: EndpointMap}
-
-outputs:
- role_data:
- description: Role data for the Neutron OVS agent service.
- value:
- service_name: neutron_ovs_agent
- monitoring_subscription: {get_attr: [NeutronOvsBase, role_data, monitoring_subscription]}
- logging_source: {get_attr: [NeutronOvsBase, role_data, logging_source]}
- logging_groups: {get_attr: [NeutronOvsBase, role_data, logging_groups]}
- config_settings:
- get_attr: [NeutronOvsBase, role_data, config_settings]
- step_config: |
- include ::tripleo::profile::pacemaker::neutron::ovs
diff --git a/puppet/services/pacemaker/neutron-plugin-ml2.yaml b/puppet/services/pacemaker/neutron-plugin-ml2.yaml
deleted file mode 100644
index 234f116e..00000000
--- a/puppet/services/pacemaker/neutron-plugin-ml2.yaml
+++ /dev/null
@@ -1,42 +0,0 @@
-heat_template_version: 2016-04-08
-
-description: >
- OpenStack Neutron ML2 Plugin with Pacemaker configured with Puppet
-
-parameters:
- ServiceNetMap:
- default: {}
- description: Mapping of service_name -> network name. Typically set
- via parameter_defaults in the resource registry. This
- mapping overrides those in ServiceNetMapDefaults.
- type: json
- DefaultPasswords:
- default: {}
- type: json
- EndpointMap:
- default: {}
- description: Mapping of service endpoint -> protocol. Typically set
- via parameter_defaults in the resource registry.
- type: json
-
-resources:
-
- NeutronMl2Base:
- type: ../neutron-plugin-ml2.yaml
- properties:
- ServiceNetMap: {get_param: ServiceNetMap}
- DefaultPasswords: {get_param: DefaultPasswords}
- EndpointMap: {get_param: EndpointMap}
-
-outputs:
- role_data:
- description: Role data for the Neutron ML2 plugin.
- value:
- service_name: neutron_plugin_ml2
- config_settings:
- map_merge:
- - get_attr: [NeutronMl2Base, role_data, config_settings]
- - neutron::agents::ml2::ovs::enabled: false
- neutron::agents::ml2::ovs::manage_service: false
- step_config: |
- include ::tripleo::profile::pacemaker::neutron::plugins::ml2
diff --git a/puppet/services/pacemaker/neutron-plugin-nuage.yaml b/puppet/services/pacemaker/neutron-plugin-nuage.yaml
deleted file mode 100644
index 9fca2cc3..00000000
--- a/puppet/services/pacemaker/neutron-plugin-nuage.yaml
+++ /dev/null
@@ -1,40 +0,0 @@
-heat_template_version: 2016-04-08
-
-description: >
- OpenStack Neutron Nuage Plugin with Pacemaker configured with Puppet
-
-parameters:
- ServiceNetMap:
- default: {}
- description: Mapping of service_name -> network name. Typically set
- via parameter_defaults in the resource registry. This
- mapping overrides those in ServiceNetMapDefaults.
- type: json
- DefaultPasswords:
- default: {}
- type: json
- EndpointMap:
- default: {}
- description: Mapping of service endpoint -> protocol. Typically set
- via parameter_defaults in the resource registry.
- type: json
-
-resources:
-
- NeutronPluginNuageBase:
- type: ../neutron-plugin-nuage.yaml
- properties:
- ServiceNetMap: {get_param: ServiceNetMap}
- DefaultPasswords: {get_param: DefaultPasswords}
- EndpointMap: {get_param: EndpointMap}
-
-outputs:
- role_data:
- description: Role data for the Neutron Nuage plugin.
- value:
- service_name: neutron_plugin_nuage
- config_settings:
- map_merge:
- - get_attr: [NeutronPluginNuageBase, role_data, config_settings]
- step_config: |
- include ::tripleo::profile::pacemaker::neutron::plugins::nuage
diff --git a/puppet/services/pacemaker/neutron-plugin-opencontrail.yaml b/puppet/services/pacemaker/neutron-plugin-opencontrail.yaml
deleted file mode 100644
index 80d6ed92..00000000
--- a/puppet/services/pacemaker/neutron-plugin-opencontrail.yaml
+++ /dev/null
@@ -1,40 +0,0 @@
-heat_template_version: 2016-04-08
-
-description: >
- OpenStack Neutron OpenContrail Plugin with Pacemaker configured with Puppet
-
-parameters:
- ServiceNetMap:
- default: {}
- description: Mapping of service_name -> network name. Typically set
- via parameter_defaults in the resource registry. This
- mapping overrides those in ServiceNetMapDefaults.
- type: json
- DefaultPasswords:
- default: {}
- type: json
- EndpointMap:
- default: {}
- description: Mapping of service endpoint -> protocol. Typically set
- via parameter_defaults in the resource registry.
- type: json
-
-resources:
-
- NeutronPluginOpenContrail:
- type: ../neutron-plugin-nuage.yaml
- properties:
- ServiceNetMap: {get_param: ServiceNetMap}
- DefaultPasswords: {get_param: DefaultPasswords}
- EndpointMap: {get_param: EndpointMap}
-
-outputs:
- role_data:
- description: Role data for the Neutron OpenContrail plugin.
- value:
- service_name: neutron_plugin_opencontrail
- config_settings:
- map_merge:
- - get_attr: [NeutronPluginOpenContrail, role_data, config_settings]
- step_config: |
- include ::tripleo::profile::pacemaker::neutron::plugins::opencontrail
diff --git a/puppet/services/pacemaker/neutron-plugin-plumgrid.yaml b/puppet/services/pacemaker/neutron-plugin-plumgrid.yaml
deleted file mode 100644
index 5dd4e588..00000000
--- a/puppet/services/pacemaker/neutron-plugin-plumgrid.yaml
+++ /dev/null
@@ -1,40 +0,0 @@
-heat_template_version: 2016-04-08
-
-description: >
- OpenStack Neutron PLUMgrid Plugin with Pacemaker configured with Puppet
-
-parameters:
- ServiceNetMap:
- default: {}
- description: Mapping of service_name -> network name. Typically set
- via parameter_defaults in the resource registry. This
- mapping overrides those in ServiceNetMapDefaults.
- type: json
- DefaultPasswords:
- default: {}
- type: json
- EndpointMap:
- default: {}
- description: Mapping of service endpoint -> protocol. Typically set
- via parameter_defaults in the resource registry.
- type: json
-
-resources:
-
- NeutronPluginPlumgridBase:
- type: ../neutron-plugin-ml2.yaml
- properties:
- ServiceNetMap: {get_param: ServiceNetMap}
- DefaultPasswords: {get_param: DefaultPasswords}
- EndpointMap: {get_param: EndpointMap}
-
-outputs:
- role_data:
- description: Role data for the Neutron PLUMgrid plugin.
- value:
- service_name: neutron_plugin_plumgrid
- config_settings:
- map_merge:
- - get_attr: [NeutronPluginPlumgridBase, role_data, config_settings]
- step_config: |
- include ::tripleo::profile::pacemaker::neutron::plugins::plumgrid
diff --git a/puppet/services/pacemaker/neutron-server.yaml b/puppet/services/pacemaker/neutron-server.yaml
deleted file mode 100644
index 33bc2d99..00000000
--- a/puppet/services/pacemaker/neutron-server.yaml
+++ /dev/null
@@ -1,48 +0,0 @@
-heat_template_version: 2016-04-08
-
-description: >
- OpenStack Neutron Server with Pacemaker configured with Puppet.
-
-parameters:
- ServiceNetMap:
- default: {}
- description: Mapping of service_name -> network name. Typically set
- via parameter_defaults in the resource registry. This
- mapping overrides those in ServiceNetMapDefaults.
- type: json
- DefaultPasswords:
- default: {}
- type: json
- EndpointMap:
- default: {}
- description: Mapping of service endpoint -> protocol. Typically set
- via parameter_defaults in the resource registry.
- type: json
- NeutronL3HA:
- default: true
- description: Whether to enable HA for virtual routers
- type: boolean
-
-resources:
-
- NeutronServerBase:
- type: ../neutron-server.yaml
- properties:
- ServiceNetMap: {get_param: ServiceNetMap}
- DefaultPasswords: {get_param: DefaultPasswords}
- EndpointMap: {get_param: EndpointMap}
-
-outputs:
- role_data:
- description: Role data for the Neutron Server.
- value:
- service_name: neutron_server
- monitoring_subscription: {get_attr: [NeutronServerBase, role_data, monitoring_subscription]}
- config_settings:
- map_merge:
- - get_attr: [NeutronServerBase, role_data, config_settings]
- - neutron::server::enabled: false
- neutron::server::manage_service: false
- neutron::server::l3_ha: {get_param: NeutronL3HA}
- step_config: |
- include ::tripleo::profile::pacemaker::neutron::server
diff --git a/puppet/services/pacemaker/nova-api.yaml b/puppet/services/pacemaker/nova-api.yaml
deleted file mode 100644
index b86e438a..00000000
--- a/puppet/services/pacemaker/nova-api.yaml
+++ /dev/null
@@ -1,45 +0,0 @@
-heat_template_version: 2016-04-08
-
-description: >
- OpenStack Nova API service with Pacemaker configured with Puppet.
-
-parameters:
- ServiceNetMap:
- default: {}
- description: Mapping of service_name -> network name. Typically set
- via parameter_defaults in the resource registry. This
- mapping overrides those in ServiceNetMapDefaults.
- type: json
- DefaultPasswords:
- default: {}
- type: json
- EndpointMap:
- default: {}
- description: Mapping of service endpoint -> protocol. Typically set
- via parameter_defaults in the resource registry.
- type: json
-
-resources:
-
- NovaApiBase:
- type: ../nova-api.yaml
- properties:
- ServiceNetMap: {get_param: ServiceNetMap}
- DefaultPasswords: {get_param: DefaultPasswords}
- EndpointMap: {get_param: EndpointMap}
-
-outputs:
- role_data:
- description: Role data for the Nova API role.
- value:
- service_name: nova_api
- monitoring_subscription: {get_attr: [NovaApiBase, role_data, monitoring_subscription]}
- logging_source: {get_attr: [NovaApiBase, role_data, logging_source]}
- logging_groups: {get_attr: [NovaApiBase, role_data, logging_groups]}
- config_settings:
- map_merge:
- - get_attr: [NovaApiBase, role_data, config_settings]
- - nova::api::manage_service: false
- nova::api::enabled: false
- step_config: |
- include ::tripleo::profile::pacemaker::nova::api
diff --git a/puppet/services/pacemaker/nova-conductor.yaml b/puppet/services/pacemaker/nova-conductor.yaml
deleted file mode 100644
index a0a766ec..00000000
--- a/puppet/services/pacemaker/nova-conductor.yaml
+++ /dev/null
@@ -1,45 +0,0 @@
-heat_template_version: 2016-04-08
-
-description: >
- OpenStack Nova Conductor service with Pacemaker configured with Puppet.
-
-parameters:
- ServiceNetMap:
- default: {}
- description: Mapping of service_name -> network name. Typically set
- via parameter_defaults in the resource registry. This
- mapping overrides those in ServiceNetMapDefaults.
- type: json
- DefaultPasswords:
- default: {}
- type: json
- EndpointMap:
- default: {}
- description: Mapping of service endpoint -> protocol. Typically set
- via parameter_defaults in the resource registry.
- type: json
-
-resources:
-
- NovaConductorBase:
- type: ../nova-conductor.yaml
- properties:
- ServiceNetMap: {get_param: ServiceNetMap}
- DefaultPasswords: {get_param: DefaultPasswords}
- EndpointMap: {get_param: EndpointMap}
-
-outputs:
- role_data:
- description: Role data for the Nova Conductor role.
- value:
- service_name: nova_conductor
- monitoring_subscription: {get_attr: [NovaConductorBase, role_data, monitoring_subscription]}
- logging_source: {get_attr: [NovaConductorBase, role_data, logging_source]}
- logging_groups: {get_attr: [NovaConductorBase, role_data, logging_groups]}
- config_settings:
- map_merge:
- - get_attr: [NovaConductorBase, role_data, config_settings]
- - nova::conductor::manage_service: false
- nova::conductor::enabled: false
- step_config: |
- include ::tripleo::profile::pacemaker::nova::conductor
diff --git a/puppet/services/pacemaker/nova-consoleauth.yaml b/puppet/services/pacemaker/nova-consoleauth.yaml
deleted file mode 100644
index 5d51eb47..00000000
--- a/puppet/services/pacemaker/nova-consoleauth.yaml
+++ /dev/null
@@ -1,45 +0,0 @@
-heat_template_version: 2016-04-08
-
-description: >
- OpenStack Nova Consoleauth service with Pacemaker configured with Puppet.
-
-parameters:
- ServiceNetMap:
- default: {}
- description: Mapping of service_name -> network name. Typically set
- via parameter_defaults in the resource registry. This
- mapping overrides those in ServiceNetMapDefaults.
- type: json
- DefaultPasswords:
- default: {}
- type: json
- EndpointMap:
- default: {}
- description: Mapping of service endpoint -> protocol. Typically set
- via parameter_defaults in the resource registry.
- type: json
-
-resources:
-
- NovaConsoleauthBase:
- type: ../nova-consoleauth.yaml
- properties:
- ServiceNetMap: {get_param: ServiceNetMap}
- DefaultPasswords: {get_param: DefaultPasswords}
- EndpointMap: {get_param: EndpointMap}
-
-outputs:
- role_data:
- description: Role data for the Nova Consoleauth role.
- value:
- service_name: nova_consoleauth
- monitoring_subscription: {get_attr: [NovaConsoleauthBase, role_data, monitoring_subscription]}
- logging_source: {get_attr: [NovaConsoleauthBase, role_data, logging_source]}
- logging_groups: {get_attr: [NovaConsoleauthBase, role_data, logging_groups]}
- config_settings:
- map_merge:
- - get_attr: [NovaConsoleauthBase, role_data, config_settings]
- - nova::consoleauth::manage_service: false
- nova::consoleauth::enabled: false
- step_config: |
- include ::tripleo::profile::pacemaker::nova::consoleauth
diff --git a/puppet/services/pacemaker/nova-scheduler.yaml b/puppet/services/pacemaker/nova-scheduler.yaml
deleted file mode 100644
index 8828ee11..00000000
--- a/puppet/services/pacemaker/nova-scheduler.yaml
+++ /dev/null
@@ -1,45 +0,0 @@
-heat_template_version: 2016-04-08
-
-description: >
- OpenStack Nova Scheduler service with Pacemaker configured with Puppet.
-
-parameters:
- ServiceNetMap:
- default: {}
- description: Mapping of service_name -> network name. Typically set
- via parameter_defaults in the resource registry. This
- mapping overrides those in ServiceNetMapDefaults.
- type: json
- DefaultPasswords:
- default: {}
- type: json
- EndpointMap:
- default: {}
- description: Mapping of service endpoint -> protocol. Typically set
- via parameter_defaults in the resource registry.
- type: json
-
-resources:
-
- NovaSchedulerBase:
- type: ../nova-scheduler.yaml
- properties:
- ServiceNetMap: {get_param: ServiceNetMap}
- DefaultPasswords: {get_param: DefaultPasswords}
- EndpointMap: {get_param: EndpointMap}
-
-outputs:
- role_data:
- description: Role data for the Nova Scheduler role.
- value:
- service_name: nova_scheduler
- monitoring_subscription: {get_attr: [NovaSchedulerBase, role_data, monitoring_subscription]}
- logging_source: {get_attr: [NovaSchedulerBase, role_data, logging_source]}
- logging_groups: {get_attr: [NovaSchedulerBase, role_data, logging_groups]}
- config_settings:
- map_merge:
- - get_attr: [NovaSchedulerBase, role_data, config_settings]
- - nova::scheduler::manage_service: false
- nova::scheduler::enabled: false
- step_config: |
- include ::tripleo::profile::pacemaker::nova::scheduler
diff --git a/puppet/services/pacemaker/nova-vnc-proxy.yaml b/puppet/services/pacemaker/nova-vnc-proxy.yaml
deleted file mode 100644
index ebe84a03..00000000
--- a/puppet/services/pacemaker/nova-vnc-proxy.yaml
+++ /dev/null
@@ -1,45 +0,0 @@
-heat_template_version: 2016-04-08
-
-description: >
- OpenStack Nova Vncproxy service with Pacemaker configured with Puppet.
-
-parameters:
- ServiceNetMap:
- default: {}
- description: Mapping of service_name -> network name. Typically set
- via parameter_defaults in the resource registry. This
- mapping overrides those in ServiceNetMapDefaults.
- type: json
- DefaultPasswords:
- default: {}
- type: json
- EndpointMap:
- default: {}
- description: Mapping of service endpoint -> protocol. Typically set
- via parameter_defaults in the resource registry.
- type: json
-
-resources:
-
- NovaVncproxyBase:
- type: ../nova-vnc-proxy.yaml
- properties:
- ServiceNetMap: {get_param: ServiceNetMap}
- DefaultPasswords: {get_param: DefaultPasswords}
- EndpointMap: {get_param: EndpointMap}
-
-outputs:
- role_data:
- description: Role data for the Nova Vncproxy role.
- value:
- service_name: nova_vnc_proxy
- monitoring_subscription: {get_attr: [NovaVncproxyBase, role_data, monitoring_subscription]}
- logging_source: {get_attr: [NovaVncproxyBase, role_data, logging_source]}
- logging_groups: {get_attr: [NovaVncproxyBase, role_data, logging_groups]}
- config_settings:
- map_merge:
- - get_attr: [NovaVncproxyBase, role_data, config_settings]
- - nova::vncproxy::manage_service: false
- nova::vncproxy::enabled: false
- step_config: |
- include ::tripleo::profile::pacemaker::nova::vncproxy
diff --git a/puppet/services/pacemaker/rabbitmq.yaml b/puppet/services/pacemaker/rabbitmq.yaml
index f3fa2d28..03c2c83f 100644
--- a/puppet/services/pacemaker/rabbitmq.yaml
+++ b/puppet/services/pacemaker/rabbitmq.yaml
@@ -1,4 +1,4 @@
-heat_template_version: 2016-04-08
+heat_template_version: ocata
description: >
RabbitMQ service with Pacemaker configured with Puppet
diff --git a/puppet/services/pacemaker/sahara-api.yaml b/puppet/services/pacemaker/sahara-api.yaml
deleted file mode 100644
index 3dfb7d94..00000000
--- a/puppet/services/pacemaker/sahara-api.yaml
+++ /dev/null
@@ -1,45 +0,0 @@
-heat_template_version: 2016-04-08
-
-description: >
- OpenStack Sahara API service with Pacemaker configured with Puppet
-
-parameters:
- ServiceNetMap:
- default: {}
- description: Mapping of service_name -> network name. Typically set
- via parameter_defaults in the resource registry. This
- mapping overrides those in ServiceNetMapDefaults.
- type: json
- DefaultPasswords:
- default: {}
- type: json
- EndpointMap:
- default: {}
- description: Mapping of service endpoint -> protocol. Typically set
- via parameter_defaults in the resource registry.
- type: json
-
-resources:
-
- SaharaApiBase:
- type: ../sahara-api.yaml
- properties:
- ServiceNetMap: {get_param: ServiceNetMap}
- DefaultPasswords: {get_param: DefaultPasswords}
- EndpointMap: {get_param: EndpointMap}
-
-outputs:
- role_data:
- description: Role data for the Sahara API role.
- value:
- service_name: sahara_api
- monitoring_subscription: {get_attr: [SaharaApiBase, role_data, monitoring_subscription]}
- logging_source: {get_attr: [SaharaApiBase, role_data, logging_source]}
- logging_groups: {get_attr: [SaharaApiBase, role_data, logging_groups]}
- config_settings:
- map_merge:
- - get_attr: [SaharaApiBase, role_data, config_settings]
- - sahara::service::api::manage_service: false
- sahara::service::api::enabled: false
- step_config: |
- include ::tripleo::profile::pacemaker::sahara::api
diff --git a/puppet/services/pacemaker/sahara-engine.yaml b/puppet/services/pacemaker/sahara-engine.yaml
deleted file mode 100644
index a06d11b3..00000000
--- a/puppet/services/pacemaker/sahara-engine.yaml
+++ /dev/null
@@ -1,45 +0,0 @@
-heat_template_version: 2016-04-08
-
-description: >
- OpenStack Sahara Engine service with Pacemaker configured with Puppet
-
-parameters:
- ServiceNetMap:
- default: {}
- description: Mapping of service_name -> network name. Typically set
- via parameter_defaults in the resource registry. This
- mapping overrides those in ServiceNetMapDefaults.
- type: json
- DefaultPasswords:
- default: {}
- type: json
- EndpointMap:
- default: {}
- description: Mapping of service endpoint -> protocol. Typically set
- via parameter_defaults in the resource registry.
- type: json
-
-resources:
-
- SaharaEngineBase:
- type: ../sahara-engine.yaml
- properties:
- ServiceNetMap: {get_param: ServiceNetMap}
- DefaultPasswords: {get_param: DefaultPasswords}
- EndpointMap: {get_param: EndpointMap}
-
-outputs:
- role_data:
- description: Role data for the Sahara Engine role.
- value:
- service_name: sahara_engine
- monitoring_subscription: {get_attr: [SaharaEngineBase, role_data, monitoring_subscription]}
- logging_source: {get_attr: [SaharaEngineBase, role_data, logging_source]}
- logging_groups: {get_attr: [SaharaEngineBase, role_data, logging_groups]}
- config_settings:
- map_merge:
- - get_attr: [SaharaEngineBase, role_data, config_settings]
- - sahara::service::engine::manage_service: false
- sahara::service::engine::enabled: false
- step_config: |
- include ::tripleo::profile::pacemaker::sahara::engine
diff --git a/puppet/services/panko-api.yaml b/puppet/services/panko-api.yaml
index a8bd5e8a..06284fb2 100644
--- a/puppet/services/panko-api.yaml
+++ b/puppet/services/panko-api.yaml
@@ -1,4 +1,4 @@
-heat_template_version: 2016-04-08
+heat_template_version: ocata
description: >
OpenStack Panko API service configured with Puppet
diff --git a/puppet/services/panko-base.yaml b/puppet/services/panko-base.yaml
index 32754a55..6e25d796 100644
--- a/puppet/services/panko-base.yaml
+++ b/puppet/services/panko-base.yaml
@@ -1,4 +1,4 @@
-heat_template_version: 2016-04-08
+heat_template_version: ocata
description: >
OpenStack Panko service configured with Puppet
@@ -37,7 +37,6 @@ outputs:
value:
service_name: panko_base
config_settings:
- panko_redis_password: {get_param: RedisPassword}
panko::db::database_connection:
list_join:
- ''
@@ -47,6 +46,8 @@ outputs:
- '@'
- {get_param: [EndpointMap, MysqlInternal, host]}
- '/panko'
+ - '?bind_address='
+ - "%{hiera('tripleo::profile::base::database::mysql::client_bind_address')}"
panko::debug: {get_param: Debug}
panko::auth::auth_url: {get_param: [EndpointMap, KeystoneInternal, uri_no_suffix] }
panko::keystone::authtoken::project_name: 'service'
diff --git a/puppet/services/rabbitmq.yaml b/puppet/services/rabbitmq.yaml
index b77e0a91..ab9dad46 100644
--- a/puppet/services/rabbitmq.yaml
+++ b/puppet/services/rabbitmq.yaml
@@ -1,4 +1,4 @@
-heat_template_version: 2016-10-14
+heat_template_version: ocata
description: >
RabbitMQ service configured with Puppet
@@ -69,10 +69,13 @@ outputs:
rabbitmq::delete_guest_user: false
rabbitmq::wipe_db_on_cookie_change: true
rabbitmq::port: '5672'
+ rabbitmq::package_provider: yum
rabbitmq::package_source: undef
rabbitmq::repos_ensure: false
rabbitmq::tcp_keepalive: true
rabbitmq_environment:
+ NODE_PORT: ''
+ NODE_IP_ADDRESS: ''
RABBITMQ_NODENAME: "rabbit@%{::hostname}"
RABBITMQ_SERVER_ERL_ARGS: '"+K true +P 1048576 -kernel inet_default_connect_options [{nodelay,true},{raw,6,18,<<5000:64/native>>}] -kernel inet_default_listen_options [{raw,6,18,<<5000:64/native>>}]"'
rabbitmq_kernel_variables:
@@ -95,7 +98,7 @@ outputs:
# internal_api -> IP
# internal_api_uri -> [IP]
# internal_api_subnet - > IP/CIDR
- rabbitmq::node_ip_address: {get_param: [ServiceNetMap, RabbitmqNetwork]}
+ rabbitmq::interface: {get_param: [ServiceNetMap, RabbitmqNetwork]}
rabbitmq::nr_ha_queues: {get_param: RabbitHAQueues}
step_config: |
include ::tripleo::profile::base::rabbitmq
@@ -104,6 +107,6 @@ outputs:
tags: step2
service: name=rabbitmq-server state=stopped
- name: Start rabbitmq service
- tags: step6
+ tags: step4
service: name=rabbitmq-server state=started
diff --git a/puppet/services/sahara-api.yaml b/puppet/services/sahara-api.yaml
index 54e63df4..9e494385 100644
--- a/puppet/services/sahara-api.yaml
+++ b/puppet/services/sahara-api.yaml
@@ -1,4 +1,4 @@
-heat_template_version: 2016-04-08
+heat_template_version: ocata
description: >
OpenStack Sahara API service configured with Puppet
diff --git a/puppet/services/sahara-base.yaml b/puppet/services/sahara-base.yaml
index 4072a150..b4307053 100644
--- a/puppet/services/sahara-base.yaml
+++ b/puppet/services/sahara-base.yaml
@@ -1,4 +1,4 @@
-heat_template_version: 2016-04-08
+heat_template_version: ocata
description: >
OpenStack Sahara base service. Shared for all Sahara services.
@@ -64,6 +64,8 @@ outputs:
- '@'
- {get_param: [EndpointMap, MysqlInternal, host]}
- '/sahara'
+ - '?bind_address='
+ - "%{hiera('tripleo::profile::base::database::mysql::client_bind_address')}"
sahara::rabbit_password: {get_param: RabbitPassword}
sahara::rabbit_user: {get_param: RabbitUserName}
sahara::rabbit_use_ssl: {get_param: RabbitClientUseSSL}
diff --git a/puppet/services/sahara-engine.yaml b/puppet/services/sahara-engine.yaml
index 287c1c05..a1521c28 100644
--- a/puppet/services/sahara-engine.yaml
+++ b/puppet/services/sahara-engine.yaml
@@ -1,4 +1,4 @@
-heat_template_version: 2016-04-08
+heat_template_version: ocata
description: >
OpenStack Sahara Engine service configured with Puppet
diff --git a/puppet/services/services.yaml b/puppet/services/services.yaml
index 13df5bbe..90268c78 100644
--- a/puppet/services/services.yaml
+++ b/puppet/services/services.yaml
@@ -1,4 +1,4 @@
-heat_template_version: 2016-10-14
+heat_template_version: ocata
description: >
Utility stack to convert an array of services into a set of combined
@@ -42,6 +42,11 @@ resources:
LoggingConfiguration:
type: OS::TripleO::LoggingConfiguration
+ ServiceServerMetadataHook:
+ type: OS::TripleO::ServiceServerMetadataHook
+ properties:
+ RoleData: {get_attr: [ServiceChain, role_data]}
+
outputs:
role_data:
description: Combined Role data for this set of services.
@@ -113,3 +118,4 @@ outputs:
# Note we use distinct() here to filter any identical tasks, e.g yum update for all services
expression: $.data.where($ != null).select($.get('upgrade_tasks')).where($ != null).flatten().distinct()
data: {get_attr: [ServiceChain, role_data]}
+ service_metadata_settings: {get_attr: [ServiceServerMetadataHook, metadata]}
diff --git a/puppet/services/snmp.yaml b/puppet/services/snmp.yaml
index 4d01632d..be9d143e 100644
--- a/puppet/services/snmp.yaml
+++ b/puppet/services/snmp.yaml
@@ -1,4 +1,4 @@
-heat_template_version: 2016-04-08
+heat_template_version: ocata
description: >
SNMP client configured with Puppet, to facilitate Ceilometer Hardware
diff --git a/puppet/services/swift-base.yaml b/puppet/services/swift-base.yaml
index 741adb4d..6046d5e8 100644
--- a/puppet/services/swift-base.yaml
+++ b/puppet/services/swift-base.yaml
@@ -1,4 +1,4 @@
-heat_template_version: 2016-04-08
+heat_template_version: ocata
description: >
OpenStack Swift Proxy service configured with Puppet
diff --git a/puppet/services/swift-proxy.yaml b/puppet/services/swift-proxy.yaml
index ba184ab0..6ccfe7a2 100644
--- a/puppet/services/swift-proxy.yaml
+++ b/puppet/services/swift-proxy.yaml
@@ -1,4 +1,4 @@
-heat_template_version: 2016-04-08
+heat_template_version: ocata
description: >
OpenStack Swift Proxy service configured with Puppet
@@ -49,6 +49,18 @@ parameters:
default: guest
description: The username for RabbitMQ
type: string
+ SwiftCeilometerPipelineEnabled:
+ description: Set to False to disable the swift proxy ceilometer pipeline.
+ default: True
+ type: boolean
+ RabbitClientPort:
+ default: 5672
+ description: Set rabbit subscriber port, change this if using SSL
+ type: number
+
+conditions:
+
+ ceilometer_pipeline_enabled: {equals : [{get_param: SwiftCeilometerPipelineEnabled}, True]}
resources:
SwiftBase:
@@ -78,6 +90,8 @@ outputs:
swift::proxy::ceilometer::rabbit_password: {get_param: RabbitPassword}
swift::proxy::staticweb::url_base: {get_param: [EndpointMap, SwiftPublic, uri_no_suffix]}
swift::proxy::ceilometer::nonblocking_notify: true
+ tripleo::profile::base::swift::proxy::rabbit_port: {get_param: RabbitClientPort}
+ tripleo::profile::base::swift::proxy::ceilometer_enabled: {get_param: SwiftCeilometerPipelineEnabled}
tripleo.swift_proxy.firewall_rules:
'122 swift proxy':
dport:
@@ -89,26 +103,34 @@ outputs:
- ResellerAdmin
swift::proxy::versioned_writes::allow_versioned_writes: true
swift::proxy::pipeline:
- - 'catch_errors'
- - 'healthcheck'
- - 'proxy-logging'
- - 'cache'
- - 'ratelimit'
- - 'bulk'
- - 'tempurl'
- - 'formpost'
- - 'authtoken'
- - 'keystone'
- - 'staticweb'
- - 'copy'
- - 'container-quotas'
- - 'account-quotas'
- - 'slo'
- - 'dlo'
- - 'versioned_writes'
- - 'ceilometer'
- - 'proxy-logging'
- - 'proxy-server'
+ yaql:
+ expression: $.data.pipeline.where($ != '')
+ data:
+ pipeline:
+ - 'catch_errors'
+ - 'healthcheck'
+ - 'proxy-logging'
+ - 'cache'
+ - 'ratelimit'
+ - 'bulk'
+ - 'tempurl'
+ - 'formpost'
+ - 'authtoken'
+ - 'keystone'
+ - 'staticweb'
+ - 'copy'
+ - 'container-quotas'
+ - 'account-quotas'
+ - 'slo'
+ - 'dlo'
+ - 'versioned_writes'
+ -
+ if:
+ - ceilometer_pipeline_enabled
+ - 'ceilometer'
+ - ''
+ - 'proxy-logging'
+ - 'proxy-server'
swift::proxy::account_autocreate: true
# NOTE: bind IP is found in Heat replacing the network name with the
# local node IP for the given network; replacement examples
diff --git a/puppet/services/swift-ringbuilder.yaml b/puppet/services/swift-ringbuilder.yaml
index 5c70b6ab..a7ba7bad 100644
--- a/puppet/services/swift-ringbuilder.yaml
+++ b/puppet/services/swift-ringbuilder.yaml
@@ -1,4 +1,4 @@
-heat_template_version: 2016-10-14
+heat_template_version: ocata
description: >
OpenStack Swift Ringbuilder
diff --git a/puppet/services/swift-storage.yaml b/puppet/services/swift-storage.yaml
index cffe78f5..00ae9c35 100644
--- a/puppet/services/swift-storage.yaml
+++ b/puppet/services/swift-storage.yaml
@@ -1,4 +1,4 @@
-heat_template_version: 2016-04-08
+heat_template_version: ocata
description: >
OpenStack Swift Storage service configured with Puppet
diff --git a/puppet/services/time/ntp.yaml b/puppet/services/time/ntp.yaml
index eb5237fe..7c3a19a9 100644
--- a/puppet/services/time/ntp.yaml
+++ b/puppet/services/time/ntp.yaml
@@ -1,4 +1,4 @@
-heat_template_version: 2016-04-08
+heat_template_version: ocata
description: >
NTP service deployment using puppet, this YAML file
diff --git a/puppet/services/time/timezone.yaml b/puppet/services/time/timezone.yaml
index 384b5191..5d0eeae3 100644
--- a/puppet/services/time/timezone.yaml
+++ b/puppet/services/time/timezone.yaml
@@ -1,4 +1,4 @@
-heat_template_version: 2016-04-08
+heat_template_version: ocata
description: >
Composable Timezone service
diff --git a/puppet/services/tripleo-firewall.yaml b/puppet/services/tripleo-firewall.yaml
index 7eb39905..67e14d9c 100644
--- a/puppet/services/tripleo-firewall.yaml
+++ b/puppet/services/tripleo-firewall.yaml
@@ -1,4 +1,4 @@
-heat_template_version: 2016-04-08
+heat_template_version: ocata
description: >
TripleO Firewall settings
diff --git a/puppet/services/tripleo-packages.yaml b/puppet/services/tripleo-packages.yaml
index 69912fa5..737be829 100644
--- a/puppet/services/tripleo-packages.yaml
+++ b/puppet/services/tripleo-packages.yaml
@@ -1,4 +1,4 @@
-heat_template_version: 2016-04-08
+heat_template_version: ocata
description: >
TripleO Package installation settings
@@ -33,6 +33,14 @@ outputs:
step_config: |
include ::tripleo::packages
upgrade_tasks:
+ - name: Check yum for rpm-python present
+ tags: step0
+ yum: "name=rpm-python state=present"
+ register: rpm_python_check
+ - name: Fail when rpm-python wasn't present
+ fail: msg="rpm-python package was not present before this run! Check environment before re-running"
+ when: rpm_python_check.changed != false
+ tags: step0
- name: Update all packages
tags: step3
yum: name=* state=latest
diff --git a/puppet/services/zaqar.yaml b/puppet/services/zaqar.yaml
index 77240c3c..0224ac13 100644
--- a/puppet/services/zaqar.yaml
+++ b/puppet/services/zaqar.yaml
@@ -1,4 +1,4 @@
-heat_template_version: 2016-04-08
+heat_template_version: ocata
description: >
Openstack Zaqar service. Shared for all Heat services.
diff --git a/puppet/upgrade_config.yaml b/puppet/upgrade_config.yaml
index c67e10b3..e892d813 100644
--- a/puppet/upgrade_config.yaml
+++ b/puppet/upgrade_config.yaml
@@ -1,4 +1,4 @@
-heat_template_version: 2016-10-14
+heat_template_version: ocata
description: 'Upgrade for via ansible by applying a step related tag'
parameters:
@@ -35,6 +35,7 @@ resources:
template: "stepSTEP"
params:
STEP: {get_param: step}
+ modulepath: /usr/share/ansible-modules
inputs:
- name: role
config: {get_attr: [AnsibleConfig, value]}