diff options
Diffstat (limited to 'puppet')
-rw-r--r-- | puppet/cinder-storage.yaml | 22 | ||||
-rw-r--r-- | puppet/compute.yaml | 47 | ||||
-rw-r--r-- | puppet/controller.yaml | 86 | ||||
-rw-r--r-- | puppet/manifests/overcloud_controller.pp | 2 | ||||
-rw-r--r-- | puppet/manifests/overcloud_controller_pacemaker.pp | 18 |
5 files changed, 49 insertions, 126 deletions
diff --git a/puppet/cinder-storage.yaml b/puppet/cinder-storage.yaml index 239c2026..b536418d 100644 --- a/puppet/cinder-storage.yaml +++ b/puppet/cinder-storage.yaml @@ -44,14 +44,6 @@ parameters: type: string constraints: - custom_constraint: nova.flavor - GlancePort: - default: "9292" - description: Glance port. - type: string - GlanceProtocol: - default: http - description: Protocol to use when connecting to glance, set to https for SSL. - type: string KeyName: default: default description: Name of an existing EC2 KeyPair to enable SSH access to the instances @@ -104,6 +96,11 @@ parameters: description: Mapping of service_name -> network name. Typically set via parameter_defaults in the resource registry. type: json + EndpointMap: + default: {} + description: Mapping of service endpoint -> protocol. Typically set + via parameter_defaults in the resource registry. + type: json GlanceApiVirtualIP: type: string default: '' @@ -201,14 +198,7 @@ resources: cinder_enable_iscsi_backend: {get_param: CinderEnableIscsiBackend} cinder_iscsi_helper: {get_param: CinderISCSIHelper} cinder_iscsi_ip_address: {get_attr: [NetIpMap, net_ip_map, {get_param: [ServiceNetMap, CinderIscsiNetwork]}]} - glance_api_servers: - list_join: - - '' - - - {get_param: GlanceProtocol} - - '://' - - {get_param: GlanceApiVirtualIP} - - ':' - - {get_param: GlancePort} + glance_api_servers: {get_param: [EndpointMap, GlanceInternal, uri]} rabbit_username: {get_param: RabbitUserName} rabbit_password: {get_param: RabbitPassword} rabbit_client_use_ssl: {get_param: RabbitClientUseSSL} diff --git a/puppet/compute.yaml b/puppet/compute.yaml index 07638fb9..18547732 100644 --- a/puppet/compute.yaml +++ b/puppet/compute.yaml @@ -51,14 +51,6 @@ parameters: GlanceHost: type: string default: '' # Has to be here because of the ignored empty value bug - GlancePort: - default: "9292" - description: Glance port. - type: string - GlanceProtocol: - default: http - description: Protocol to use when connecting to glance, set to https for SSL. - type: string Image: type: string default: overcloud-compute @@ -262,6 +254,11 @@ parameters: description: Mapping of service_name -> network name. Typically set via parameter_defaults in the resource registry. type: json + EndpointMap: + default: {} + description: Mapping of service endpoint -> protocol. Typically set + via parameter_defaults in the resource registry. + type: json UpdateIdentifier: default: '' type: string @@ -407,7 +404,7 @@ resources: nova::glance_api_servers: {get_input: glance_api_servers} neutron::debug: {get_input: debug} neutron::rabbit_password: {get_input: rabbit_password} - neutron::rabbit_user: {get_input: rabbit_user} + neutron::rabbit_user: {get_input: rabbit_username} neutron::rabbit_use_ssl: {get_input: rabbit_client_use_ssl} neutron::rabbit_port: {get_input: rabbit_client_port} neutron_flat_networks: {get_input: neutron_flat_networks} @@ -424,7 +421,7 @@ resources: neutron_physical_bridge: {get_input: neutron_physical_bridge} neutron_public_interface: {get_input: neutron_public_interface} nova::network::neutron::neutron_admin_password: {get_input: neutron_password} - nova::network::neutron::neutron_url: {get_input: neutron_url} + nova::network::neutron::neutron_url: {get_input: neutron_internal_url} nova::network::neutron::neutron_admin_auth_url: {get_input: neutron_admin_auth_url} neutron_router_distributed: {get_input: neutron_router_distributed} neutron_agent_mode: {get_input: neutron_agent_mode} @@ -459,22 +456,10 @@ resources: ceilometer_metering_secret: {get_param: CeilometerMeteringSecret} ceilometer_password: {get_param: CeilometerPassword} ceilometer_compute_agent: {get_param: CeilometerComputeAgent} - ceilometer_agent_auth_url: - list_join: - - '' - - - 'http://' - - {get_param: KeystonePublicApiVirtualIP} - - ':5000/v2.0' + ceilometer_agent_auth_url: {get_param: [EndpointMap, KeystoneInternal, uri]} snmpd_readonly_user_name: {get_param: SnmpdReadonlyUserName} snmpd_readonly_user_password: {get_param: SnmpdReadonlyUserPassword} - glance_api_servers: - list_join: - - '' - - - {get_param: GlanceProtocol} - - '://' - - {get_param: GlanceHost} - - ':' - - {get_param: GlancePort} + glance_api_servers: {get_param: [EndpointMap, GlanceInternal, uri]} neutron_flat_networks: {get_param: NeutronFlatNetworks} neutron_host: {get_param: NeutronHost} neutron_local_ip: {get_attr: [NetIpMap, net_ip_map, {get_param: [ServiceNetMap, NeutronTenantNetwork]}]} @@ -531,18 +516,8 @@ resources: - {get_param: NeutronTypeDrivers} neutron_mechanism_drivers: {get_param: NeutronMechanismDrivers} neutron_public_interface_raw_device: {get_param: NeutronPublicInterfaceRawDevice} - neutron_url: - list_join: - - '' - - - 'http://' - - {get_param: NeutronHost} - - ':9696' - neutron_admin_auth_url: - list_join: - - '' - - - 'http://' - - {get_param: KeystoneAdminApiVirtualIP} - - ':35357/v2.0' + neutron_internal_url: {get_param: [EndpointMap, NeutronInternal, uri]} + neutron_admin_auth_url: {get_param: [EndpointMap, KeystoneAdmin, uri]} admin_password: {get_param: AdminPassword} rabbit_username: {get_param: RabbitUserName} rabbit_password: {get_param: RabbitPassword} diff --git a/puppet/controller.yaml b/puppet/controller.yaml index af673d7a..ae2b66e3 100644 --- a/puppet/controller.yaml +++ b/puppet/controller.yaml @@ -170,14 +170,6 @@ parameters: description: The password for the glance service and db account, used by the glance services. type: string hidden: true - GlancePort: - default: "9292" - description: Glance port. - type: string - GlanceProtocol: - default: http - description: Protocol to use when connecting to glance, set to https for SSL. - type: string GlanceBackend: default: swift description: The short name of the Glance backend to use. Should be one @@ -591,6 +583,11 @@ parameters: description: Mapping of service_name -> network name. Typically set via parameter_defaults in the resource registry. type: json + EndpointMap: + default: {} + description: Mapping of service endpoint -> protocol. Typically set + via parameter_defaults in the resource registry. + type: json UpdateIdentifier: default: '' type: string @@ -760,7 +757,7 @@ resources: - '@' - {get_param: MysqlVirtualIP} - '/cinder' - glance_port: {get_param: GlancePort} + glance_port: {get_param: [EndpointMap, GlanceInternal, port]} glance_password: {get_param: GlancePassword} glance_backend: {get_param: GlanceBackend} glance_file_pcmk_device: {get_param: GlanceFilePcmkDevice} @@ -787,7 +784,6 @@ resources: - '@' - {get_param: MysqlVirtualIP} - '/heat' - keystone_auth_address: {list_join: ['', ['http://', {get_param: KeystonePublicApiVirtualIP} , ':5000/v2.0']]} keystone_ca_certificate: {get_param: KeystoneCACertificate} keystone_signing_key: {get_param: KeystoneSigningKey} keystone_signing_certificate: {get_param: KeystoneSigningCertificate} @@ -803,36 +799,11 @@ resources: - '@' - {get_param: MysqlVirtualIP} - '/keystone' - keystone_identity_uri: - list_join: - - '' - - - 'http://' - - {get_param: KeystoneAdminApiVirtualIP} - - ':35357' - keystone_auth_uri: - list_join: - - '' - - - 'http://' - - {get_param: KeystonePublicApiVirtualIP} - - ':5000/v2.0/' - keystone_public_url: - list_join: - - '' - - - 'http://' - - {get_param: PublicVirtualIP} - - ':5000' - keystone_internal_url: - list_join: - - '' - - - 'http://' - - {get_param: KeystonePublicApiVirtualIP} - - ':5000' - keystone_ec2_uri: - list_join: - - '' - - - 'http://' - - {get_param: KeystonePublicApiVirtualIP} - - ':5000/v2.0/ec2tokens' + keystone_identity_uri: { get_param: [EndpointMap, KeystoneAdmin, uri_no_suffix] } + keystone_auth_uri: {get_param: [EndpointMap, KeystoneInternal, uri] } + keystone_public_url: { get_param: [EndpointMap, KeystonePublic, uri_no_suffix] } + keystone_internal_url: { get_param: [EndpointMap, KeystoneInternal, uri_no_suffix] } + keystone_ec2_uri: { get_param: [EndpointMap, KeystoneEC2, uri] } enable_fencing: {get_param: EnableFencing} enable_galera: {get_param: EnableGalera} enable_ceph_storage: {get_param: EnableCephStorage} @@ -912,18 +883,10 @@ resources: - '@' - {get_param: MysqlVirtualIP} - '/ovs_neutron?charset=utf8' - neutron_url: - list_join: - - '' - - - 'http://' - - {get_param: NeutronApiVirtualIP} - - ':9696' - neutron_admin_auth_url: - list_join: - - '' - - - 'http://' - - {get_param: KeystoneAdminApiVirtualIP} - - ':35357/v2.0' + neutron_internal_url: { get_param: [ EndpointMap, NeutronInternal, uri ] } + neutron_public_url: { get_param: [ EndpointMap, NeutronPublic, uri ] } + neutron_admin_url: { get_param: [ EndpointMap, NeutronAdmin, uri ] } + neutron_admin_auth_url: { get_param: [ EndpointMap, KeystoneAdmin, uri ] } ceilometer_backend: {get_param: CeilometerBackend} ceilometer_metering_secret: {get_param: CeilometerMeteringSecret} ceilometer_password: {get_param: CeilometerPassword} @@ -985,14 +948,7 @@ resources: cinder_api_network: {get_attr: [NetIpMap, net_ip_map, {get_param: [ServiceNetMap, CinderApiNetwork]}]} glance_api_network: {get_attr: [NetIpMap, net_ip_map, {get_param: [ServiceNetMap, GlanceApiNetwork]}]} glance_registry_network: {get_attr: [NetIpMap, net_ip_map, {get_param: [ServiceNetMap, GlanceRegistryNetwork]}]} - glance_api_servers: - list_join: - - '' - - - {get_param: GlanceProtocol} - - '://' - - {get_param: GlanceApiVirtualIP} - - ':' - - {get_param: GlancePort} + glance_api_servers: { get_param: [EndpointMap, GlanceInternal, uri]} glance_registry_host: {get_param: GlanceRegistryVirtualIP} heat_api_network: {get_attr: [NetIpMap, net_ip_map, {get_param: [ServiceNetMap, HeatApiNetwork]}]} keystone_public_api_network: {get_attr: [NetIpMap, net_ip_map, {get_param: [ServiceNetMap, KeystonePublicApiNetwork]}]} @@ -1126,7 +1082,7 @@ resources: glance::registry::auth_uri: {get_input: keystone_auth_uri} glance::registry::identity_uri: {get_input: keystone_identity_uri} glance::registry::debug: {get_input: debug} - glance::backend::swift::swift_store_auth_address: {get_input: keystone_auth_address} + glance::backend::swift::swift_store_auth_address: {get_input: keystone_auth_uri} glance::backend::swift::swift_store_user: service:glance glance::backend::swift::swift_store_key: {get_input: glance_password} glance_backend: {get_input: glance_backend} @@ -1199,7 +1155,7 @@ resources: # Neutron neutron::bind_host: {get_input: neutron_api_network} neutron::rabbit_password: {get_input: rabbit_password} - neutron::rabbit_user: {get_input: rabbit_user} + neutron::rabbit_user: {get_input: rabbit_username} neutron::rabbit_use_ssl: {get_input: rabbit_client_use_ssl} neutron::rabbit_port: {get_input: rabbit_client_port} neutron::debug: {get_input: debug} @@ -1252,7 +1208,7 @@ resources: ceilometer::api::keystone_auth_uri: {get_input: keystone_auth_uri} ceilometer::api::keystone_identity_uri: {get_input: keystone_identity_uri} ceilometer::agent::auth::auth_password: {get_input: ceilometer_password} - ceilometer::agent::auth::auth_url: {get_input: keystone_auth_address} + ceilometer::agent::auth::auth_url: {get_input: keystone_auth_uri} ceilometer::agent::central::coordination_url: {get_input: ceilometer_coordination_url} ceilometer::db::mysql::password: {get_input: ceilometer_password} snmpd_readonly_user_name: {get_input: snmpd_readonly_user_name} @@ -1273,7 +1229,7 @@ resources: nova::glance_api_servers: {get_input: glance_api_servers} nova::api::neutron_metadata_proxy_shared_secret: {get_input: neutron_metadata_proxy_shared_secret} nova::network::neutron::neutron_admin_password: {get_input: neutron_password} - nova::network::neutron::neutron_url: {get_input: neutron_url} + nova::network::neutron::neutron_url: {get_input: neutron_internal_url} nova::network::neutron::neutron_admin_auth_url: {get_input: neutron_admin_auth_url} nova::vncproxy::host: {get_input: nova_api_network} nova::db::mysql::password: {get_input: nova_password} @@ -1290,6 +1246,8 @@ resources: rabbitmq::node_ip_address: {get_input: rabbitmq_network} rabbitmq::erlang_cookie: {get_input: rabbit_cookie} rabbitmq::file_limit: {get_input: rabbit_fd_limit} + rabbitmq::default_user: {get_input: rabbit_username} + rabbitmq::default_pass: {get_input: rabbit_password} # Redis redis::bind: {get_input: redis_network} redis_vip: {get_input: redis_vip} diff --git a/puppet/manifests/overcloud_controller.pp b/puppet/manifests/overcloud_controller.pp index f1c24f0d..34be39f3 100644 --- a/puppet/manifests/overcloud_controller.pp +++ b/puppet/manifests/overcloud_controller.pp @@ -381,7 +381,7 @@ if hiera('step') >= 3 { package {'nfs-utils': } -> cinder::backend::nfs { $cinder_nfs_backend : nfs_servers => hiera('cinder_nfs_servers'), - nfs_mount_options => hiera('cinder_nfs_mount_options'), + nfs_mount_options => hiera('cinder_nfs_mount_options',''), nfs_shares_config => '/etc/cinder/shares-nfs.conf', } } diff --git a/puppet/manifests/overcloud_controller_pacemaker.pp b/puppet/manifests/overcloud_controller_pacemaker.pp index 3edd7ded..6cfa13ec 100644 --- a/puppet/manifests/overcloud_controller_pacemaker.pp +++ b/puppet/manifests/overcloud_controller_pacemaker.pp @@ -74,11 +74,11 @@ if hiera('step') >= 1 { Class['tripleo::fencing'] -> Class['pacemaker::stonith'] } - # FIXME(gfidente): sets 90secs as default start timeout op + # FIXME(gfidente): sets 95secs as default start timeout op # param; until we can use pcmk global defaults we'll still # need to add it to every resource which redefines op params Pacemaker::Resource::Service { - op_params => 'start timeout=90s', + op_params => 'start timeout=95s stop timeout=95s', } # Only configure RabbitMQ in this step, don't start it yet to @@ -344,7 +344,7 @@ if hiera('step') >= 2 { if downcase(hiera('ceilometer_backend')) == 'mongodb' { pacemaker::resource::service { $::mongodb::params::service_name : - op_params => 'start timeout=120s', + op_params => 'start timeout=120s stop timeout=95s', clone_params => true, require => Class['::mongodb::server'], } @@ -757,7 +757,7 @@ if hiera('step') >= 3 { package { 'nfs-utils': } -> cinder::backend::nfs { $cinder_nfs_backend: nfs_servers => hiera('cinder_nfs_servers'), - nfs_mount_options => hiera('cinder_nfs_mount_options'), + nfs_mount_options => hiera('cinder_nfs_mount_options',''), nfs_shares_config => '/etc/cinder/shares-nfs.conf', } } @@ -1186,24 +1186,24 @@ if hiera('step') >= 4 { # Nova pacemaker::resource::service { $::nova::params::api_service_name : clone_params => 'interleave=true', - op_params => 'start timeout=90s monitor start-delay=10s', + op_params => 'start timeout=95s stop timeout=95s monitor start-delay=10s', } pacemaker::resource::service { $::nova::params::conductor_service_name : clone_params => 'interleave=true', - op_params => 'start timeout=90s monitor start-delay=10s', + op_params => 'start timeout=95s stop timeout=95s monitor start-delay=10s', } pacemaker::resource::service { $::nova::params::consoleauth_service_name : clone_params => 'interleave=true', - op_params => 'start timeout=90s monitor start-delay=10s', + op_params => 'start timeout=95s stop timeout=95s monitor start-delay=10s', require => Pacemaker::Resource::Service[$::keystone::params::service_name], } pacemaker::resource::service { $::nova::params::vncproxy_service_name : clone_params => 'interleave=true', - op_params => 'start timeout=90s monitor start-delay=10s', + op_params => 'start timeout=95s stop timeout=95s monitor start-delay=10s', } pacemaker::resource::service { $::nova::params::scheduler_service_name : clone_params => 'interleave=true', - op_params => 'start timeout=90s monitor start-delay=10s', + op_params => 'start timeout=95s stop timeout=95s monitor start-delay=10s', } pacemaker::constraint::base { 'keystone-then-nova-consoleauth-constraint': |