summaryrefslogtreecommitdiffstats
path: root/puppet
diff options
context:
space:
mode:
Diffstat (limited to 'puppet')
-rw-r--r--puppet/all-nodes-config.yaml11
-rw-r--r--puppet/controller.yaml1
-rw-r--r--puppet/hieradata/database.yaml8
-rw-r--r--puppet/services/ironic-api.yaml43
-rw-r--r--puppet/services/ironic-base.yaml64
-rw-r--r--puppet/services/ironic-conductor.yaml36
-rw-r--r--puppet/vip-config.yaml1
7 files changed, 164 insertions, 0 deletions
diff --git a/puppet/all-nodes-config.yaml b/puppet/all-nodes-config.yaml
index b065ddd2..a53d8981 100644
--- a/puppet/all-nodes-config.yaml
+++ b/puppet/all-nodes-config.yaml
@@ -56,6 +56,8 @@ parameters:
type: comma_delimited_list
sahara_api_node_ips:
type: comma_delimited_list
+ ironic_api_node_ips:
+ type: comma_delimited_list
DeployIdentifier:
type: string
@@ -294,6 +296,14 @@ resources:
list_join:
- "','"
- {get_param: sahara_api_node_ips}
+ ironic_api_node_ips:
+ str_replace:
+ template: "['SERVERS_LIST']"
+ params:
+ SERVERS_LIST:
+ list_join:
+ - "','"
+ - {get_param: ironic_api_node_ips}
# NOTE(gfidente): interpolation with %{} in the
# hieradata file can't be used as it returns string
@@ -306,6 +316,7 @@ resources:
nova::rabbit_hosts: *rabbit_nodes_array
keystone::rabbit_hosts: *rabbit_nodes_array
sahara::rabbit_hosts: *rabbit_nodes_array
+ ironic::rabbit_hosts: *rabbit_nodes_array
deploy_identifier: {get_param: DeployIdentifier}
update_identifier: {get_param: UpdateIdentifier}
diff --git a/puppet/controller.yaml b/puppet/controller.yaml
index 9d57f28d..865b5c76 100644
--- a/puppet/controller.yaml
+++ b/puppet/controller.yaml
@@ -737,6 +737,7 @@ resources:
ceph_cluster_network: {get_attr: [NetIpMap, net_ip_subnet_map, {get_param: [ServiceNetMap, CephClusterNetwork]}]}
ceph_public_network: {get_attr: [NetIpMap, net_ip_subnet_map, {get_param: [ServiceNetMap, CephPublicNetwork]}]}
ceph_public_ip: {get_attr: [NetIpMap, net_ip_map, {get_param: [ServiceNetMap, CephPublicNetwork]}]}
+ ironic_api_network: {get_attr: [NetIpMap, net_ip_map, {get_param: [ServiceNetMap, IronicApiNetwork]}]}
# Map heat metadata into hiera datafiles
ControllerConfig:
diff --git a/puppet/hieradata/database.yaml b/puppet/hieradata/database.yaml
index f2c95de6..9cbff586 100644
--- a/puppet/hieradata/database.yaml
+++ b/puppet/hieradata/database.yaml
@@ -53,6 +53,14 @@ heat::db::mysql::allowed_hosts:
- '%'
- "%{hiera('mysql_bind_host')}"
+# Ironic
+ironic::db::mysql::user: ironic
+ironic::db::mysql::host: "%{hiera('mysql_virtual_ip')}"
+ironic::db::mysql::dbname: ironic
+ironic::db::mysql::allowed_hosts:
+ - '%'
+ - "%{hiera('mysql_bind_host')}"
+
# Ceilometer
ceilometer::db::mysql::user: ceilometer
ceilometer::db::mysql::host: "%{hiera('mysql_virtual_ip')}"
diff --git a/puppet/services/ironic-api.yaml b/puppet/services/ironic-api.yaml
new file mode 100644
index 00000000..e1626d5b
--- /dev/null
+++ b/puppet/services/ironic-api.yaml
@@ -0,0 +1,43 @@
+heat_template_version: 2016-04-08
+
+description: >
+ OpenStack Ironic API configured with Puppet
+
+parameters:
+ EndpointMap:
+ default: {}
+ description: Mapping of service endpoint -> protocol. Typically set
+ via parameter_defaults in the resource registry.
+ type: json
+ IronicPassword:
+ description: The password for the Ironic service and db account, used by the Ironic services
+ type: string
+ hidden: true
+
+resources:
+ IronicBase:
+ type: ./ironic-base.yaml
+ properties:
+ EndpointMap: {get_param: EndpointMap}
+
+outputs:
+ role_data:
+ description: Role data for the Ironic API role.
+ value:
+ config_settings:
+ map_merge:
+ - get_attr: [IronicBase, role_data, config_settings]
+ # NOTE(dtantsur): the my_ip parameter is heavily overloaded in
+ # ironic. It's used as a default value for e.g. TFTP server IP,
+ # glance and neutron endpoints, virtual console IP. We override
+ # the TFTP server IP in ironic-conductor.yaml as it should not be
+ # the VIP, but rather a real IP of the controller.
+ - ironic::my_ip: {get_param: [EndpointMap, MysqlInternal, host]}
+ ironic::api::admin_password: {get_param: IronicPassword}
+ ironic::keystone::auth::public_url: {get_param: [EndpointMap, IronicPublic, uri]}
+ ironic::keystone::auth::internal_url: {get_param: [EndpointMap, IronicInternal, uri]}
+ ironic::keystone::auth::admin_url: {get_param: [EndpointMap, IronicAdmin, uri]}
+ ironic::keystone::auth::password: {get_param: IronicPassword }
+
+ step_config: |
+ include ::tripleo::profile::base::ironic::api
diff --git a/puppet/services/ironic-base.yaml b/puppet/services/ironic-base.yaml
new file mode 100644
index 00000000..0eaa53cb
--- /dev/null
+++ b/puppet/services/ironic-base.yaml
@@ -0,0 +1,64 @@
+heat_template_version: 2016-04-08
+
+description: >
+ OpenStack Ironic services configured with Puppet
+
+parameters:
+ EndpointMap:
+ default: {}
+ description: Mapping of service endpoint -> protocol. Typically set
+ via parameter_defaults in the resource registry.
+ type: json
+ Debug:
+ default: ''
+ description: Set to True to enable debugging on all services.
+ type: string
+ IronicPassword:
+ description: The password for the Ironic service and db account, used by the Ironic services
+ type: string
+ hidden: true
+ RabbitUserName:
+ default: guest
+ description: The username for RabbitMQ
+ type: string
+ RabbitPassword:
+ description: The password for RabbitMQ
+ type: string
+ hidden: true
+ RabbitClientPort:
+ default: 5672
+ description: Set rabbit subscriber port, change this if using SSL
+ type: number
+ RabbitClientUseSSL:
+ default: false
+ description: >
+ Rabbit client subscriber parameter to specify
+ an SSL connection to the RabbitMQ host.
+ type: string
+
+outputs:
+ role_data:
+ description: Role data for the Ironic role.
+ value:
+ config_settings:
+ ironic_dsn: &ironic_dsn
+ list_join:
+ - ''
+ - - {get_param: [EndpointMap, MysqlInternal, protocol]}
+ - '://ironic:'
+ - {get_param: IronicPassword}
+ - '@'
+ - {get_param: [EndpointMap, MysqlInternal, host]}
+ - '/ironic'
+ ironic::admin_tenant_name: 'service'
+ ironic::database_connection: *ironic_dsn
+ ironic::debug: {get_param: Debug}
+ ironic::rabbit_userid: {get_param: RabbitUserName}
+ ironic::rabbit_password: {get_param: RabbitPassword}
+ ironic::rabbit_port: {get_param: RabbitClientPort}
+ ironic::rabbit_use_ssl: {get_param: RabbitClientUseSSL}
+ ironic::db::mysql::password: {get_param: IronicPassword}
+ ironic::keystone::auth::tenant: 'service'
+
+ step_config: |
+ include ::tripleo::profile::base::ironic
diff --git a/puppet/services/ironic-conductor.yaml b/puppet/services/ironic-conductor.yaml
new file mode 100644
index 00000000..3fb3d9fd
--- /dev/null
+++ b/puppet/services/ironic-conductor.yaml
@@ -0,0 +1,36 @@
+heat_template_version: 2016-04-08
+
+description: >
+ OpenStack Ironic conductor configured with Puppet
+
+parameters:
+ EndpointMap:
+ default: {}
+ description: Mapping of service endpoint -> protocol. Typically set
+ via parameter_defaults in the resource registry.
+ type: json
+ IronicEnabledDrivers:
+ default: ['pxe_ipmitool', 'agent_ipmitool']
+ description: Enabled Ironic drivers
+ type: comma_delimited_list
+
+resources:
+ IronicBase:
+ type: ./ironic-base.yaml
+ properties:
+ EndpointMap: {get_param: EndpointMap}
+
+outputs:
+ role_data:
+ description: Role data for the Ironic conductor role.
+ value:
+ config_settings:
+ map_merge:
+ - get_attr: [IronicBase, role_data, config_settings]
+ - ironic::enabled_drivers: {get_param: IronicEnabledDrivers}
+ # Prevent tftp_server from defaulting to my_ip setting, which is
+ # controller VIP, not a real IP.
+ ironic::drivers::pxe::tftp_server: {get_input: ironic_api_network}
+
+ step_config: |
+ include ::tripleo::profile::base::ironic::conductor
diff --git a/puppet/vip-config.yaml b/puppet/vip-config.yaml
index 92234b6c..51129053 100644
--- a/puppet/vip-config.yaml
+++ b/puppet/vip-config.yaml
@@ -37,6 +37,7 @@ resources:
internal_api_virtual_ip: {get_input: internal_api_virtual_ip}
storage_virtual_ip: {get_input: storage_virtual_ip}
storage_mgmt_virtual_ip: {get_input: storage_mgmt_virtual_ip}
+ ironic_api_vip: {get_input: ironic_api_vip}
# public_virtual_ip and controller_virtual_ip are needed in
# both HAproxy & keepalived.
tripleo::haproxy::public_virtual_ip: {get_input: public_virtual_ip}