summaryrefslogtreecommitdiffstats
path: root/puppet
diff options
context:
space:
mode:
Diffstat (limited to 'puppet')
-rw-r--r--puppet/cinder-storage.yaml22
-rw-r--r--puppet/compute.yaml47
-rw-r--r--puppet/controller.yaml86
-rw-r--r--puppet/manifests/overcloud_controller.pp2
-rw-r--r--puppet/manifests/overcloud_controller_pacemaker.pp18
5 files changed, 49 insertions, 126 deletions
diff --git a/puppet/cinder-storage.yaml b/puppet/cinder-storage.yaml
index 239c2026..b536418d 100644
--- a/puppet/cinder-storage.yaml
+++ b/puppet/cinder-storage.yaml
@@ -44,14 +44,6 @@ parameters:
type: string
constraints:
- custom_constraint: nova.flavor
- GlancePort:
- default: "9292"
- description: Glance port.
- type: string
- GlanceProtocol:
- default: http
- description: Protocol to use when connecting to glance, set to https for SSL.
- type: string
KeyName:
default: default
description: Name of an existing EC2 KeyPair to enable SSH access to the instances
@@ -104,6 +96,11 @@ parameters:
description: Mapping of service_name -> network name. Typically set
via parameter_defaults in the resource registry.
type: json
+ EndpointMap:
+ default: {}
+ description: Mapping of service endpoint -> protocol. Typically set
+ via parameter_defaults in the resource registry.
+ type: json
GlanceApiVirtualIP:
type: string
default: ''
@@ -201,14 +198,7 @@ resources:
cinder_enable_iscsi_backend: {get_param: CinderEnableIscsiBackend}
cinder_iscsi_helper: {get_param: CinderISCSIHelper}
cinder_iscsi_ip_address: {get_attr: [NetIpMap, net_ip_map, {get_param: [ServiceNetMap, CinderIscsiNetwork]}]}
- glance_api_servers:
- list_join:
- - ''
- - - {get_param: GlanceProtocol}
- - '://'
- - {get_param: GlanceApiVirtualIP}
- - ':'
- - {get_param: GlancePort}
+ glance_api_servers: {get_param: [EndpointMap, GlanceInternal, uri]}
rabbit_username: {get_param: RabbitUserName}
rabbit_password: {get_param: RabbitPassword}
rabbit_client_use_ssl: {get_param: RabbitClientUseSSL}
diff --git a/puppet/compute.yaml b/puppet/compute.yaml
index 07638fb9..18547732 100644
--- a/puppet/compute.yaml
+++ b/puppet/compute.yaml
@@ -51,14 +51,6 @@ parameters:
GlanceHost:
type: string
default: '' # Has to be here because of the ignored empty value bug
- GlancePort:
- default: "9292"
- description: Glance port.
- type: string
- GlanceProtocol:
- default: http
- description: Protocol to use when connecting to glance, set to https for SSL.
- type: string
Image:
type: string
default: overcloud-compute
@@ -262,6 +254,11 @@ parameters:
description: Mapping of service_name -> network name. Typically set
via parameter_defaults in the resource registry.
type: json
+ EndpointMap:
+ default: {}
+ description: Mapping of service endpoint -> protocol. Typically set
+ via parameter_defaults in the resource registry.
+ type: json
UpdateIdentifier:
default: ''
type: string
@@ -407,7 +404,7 @@ resources:
nova::glance_api_servers: {get_input: glance_api_servers}
neutron::debug: {get_input: debug}
neutron::rabbit_password: {get_input: rabbit_password}
- neutron::rabbit_user: {get_input: rabbit_user}
+ neutron::rabbit_user: {get_input: rabbit_username}
neutron::rabbit_use_ssl: {get_input: rabbit_client_use_ssl}
neutron::rabbit_port: {get_input: rabbit_client_port}
neutron_flat_networks: {get_input: neutron_flat_networks}
@@ -424,7 +421,7 @@ resources:
neutron_physical_bridge: {get_input: neutron_physical_bridge}
neutron_public_interface: {get_input: neutron_public_interface}
nova::network::neutron::neutron_admin_password: {get_input: neutron_password}
- nova::network::neutron::neutron_url: {get_input: neutron_url}
+ nova::network::neutron::neutron_url: {get_input: neutron_internal_url}
nova::network::neutron::neutron_admin_auth_url: {get_input: neutron_admin_auth_url}
neutron_router_distributed: {get_input: neutron_router_distributed}
neutron_agent_mode: {get_input: neutron_agent_mode}
@@ -459,22 +456,10 @@ resources:
ceilometer_metering_secret: {get_param: CeilometerMeteringSecret}
ceilometer_password: {get_param: CeilometerPassword}
ceilometer_compute_agent: {get_param: CeilometerComputeAgent}
- ceilometer_agent_auth_url:
- list_join:
- - ''
- - - 'http://'
- - {get_param: KeystonePublicApiVirtualIP}
- - ':5000/v2.0'
+ ceilometer_agent_auth_url: {get_param: [EndpointMap, KeystoneInternal, uri]}
snmpd_readonly_user_name: {get_param: SnmpdReadonlyUserName}
snmpd_readonly_user_password: {get_param: SnmpdReadonlyUserPassword}
- glance_api_servers:
- list_join:
- - ''
- - - {get_param: GlanceProtocol}
- - '://'
- - {get_param: GlanceHost}
- - ':'
- - {get_param: GlancePort}
+ glance_api_servers: {get_param: [EndpointMap, GlanceInternal, uri]}
neutron_flat_networks: {get_param: NeutronFlatNetworks}
neutron_host: {get_param: NeutronHost}
neutron_local_ip: {get_attr: [NetIpMap, net_ip_map, {get_param: [ServiceNetMap, NeutronTenantNetwork]}]}
@@ -531,18 +516,8 @@ resources:
- {get_param: NeutronTypeDrivers}
neutron_mechanism_drivers: {get_param: NeutronMechanismDrivers}
neutron_public_interface_raw_device: {get_param: NeutronPublicInterfaceRawDevice}
- neutron_url:
- list_join:
- - ''
- - - 'http://'
- - {get_param: NeutronHost}
- - ':9696'
- neutron_admin_auth_url:
- list_join:
- - ''
- - - 'http://'
- - {get_param: KeystoneAdminApiVirtualIP}
- - ':35357/v2.0'
+ neutron_internal_url: {get_param: [EndpointMap, NeutronInternal, uri]}
+ neutron_admin_auth_url: {get_param: [EndpointMap, KeystoneAdmin, uri]}
admin_password: {get_param: AdminPassword}
rabbit_username: {get_param: RabbitUserName}
rabbit_password: {get_param: RabbitPassword}
diff --git a/puppet/controller.yaml b/puppet/controller.yaml
index af673d7a..ae2b66e3 100644
--- a/puppet/controller.yaml
+++ b/puppet/controller.yaml
@@ -170,14 +170,6 @@ parameters:
description: The password for the glance service and db account, used by the glance services.
type: string
hidden: true
- GlancePort:
- default: "9292"
- description: Glance port.
- type: string
- GlanceProtocol:
- default: http
- description: Protocol to use when connecting to glance, set to https for SSL.
- type: string
GlanceBackend:
default: swift
description: The short name of the Glance backend to use. Should be one
@@ -591,6 +583,11 @@ parameters:
description: Mapping of service_name -> network name. Typically set
via parameter_defaults in the resource registry.
type: json
+ EndpointMap:
+ default: {}
+ description: Mapping of service endpoint -> protocol. Typically set
+ via parameter_defaults in the resource registry.
+ type: json
UpdateIdentifier:
default: ''
type: string
@@ -760,7 +757,7 @@ resources:
- '@'
- {get_param: MysqlVirtualIP}
- '/cinder'
- glance_port: {get_param: GlancePort}
+ glance_port: {get_param: [EndpointMap, GlanceInternal, port]}
glance_password: {get_param: GlancePassword}
glance_backend: {get_param: GlanceBackend}
glance_file_pcmk_device: {get_param: GlanceFilePcmkDevice}
@@ -787,7 +784,6 @@ resources:
- '@'
- {get_param: MysqlVirtualIP}
- '/heat'
- keystone_auth_address: {list_join: ['', ['http://', {get_param: KeystonePublicApiVirtualIP} , ':5000/v2.0']]}
keystone_ca_certificate: {get_param: KeystoneCACertificate}
keystone_signing_key: {get_param: KeystoneSigningKey}
keystone_signing_certificate: {get_param: KeystoneSigningCertificate}
@@ -803,36 +799,11 @@ resources:
- '@'
- {get_param: MysqlVirtualIP}
- '/keystone'
- keystone_identity_uri:
- list_join:
- - ''
- - - 'http://'
- - {get_param: KeystoneAdminApiVirtualIP}
- - ':35357'
- keystone_auth_uri:
- list_join:
- - ''
- - - 'http://'
- - {get_param: KeystonePublicApiVirtualIP}
- - ':5000/v2.0/'
- keystone_public_url:
- list_join:
- - ''
- - - 'http://'
- - {get_param: PublicVirtualIP}
- - ':5000'
- keystone_internal_url:
- list_join:
- - ''
- - - 'http://'
- - {get_param: KeystonePublicApiVirtualIP}
- - ':5000'
- keystone_ec2_uri:
- list_join:
- - ''
- - - 'http://'
- - {get_param: KeystonePublicApiVirtualIP}
- - ':5000/v2.0/ec2tokens'
+ keystone_identity_uri: { get_param: [EndpointMap, KeystoneAdmin, uri_no_suffix] }
+ keystone_auth_uri: {get_param: [EndpointMap, KeystoneInternal, uri] }
+ keystone_public_url: { get_param: [EndpointMap, KeystonePublic, uri_no_suffix] }
+ keystone_internal_url: { get_param: [EndpointMap, KeystoneInternal, uri_no_suffix] }
+ keystone_ec2_uri: { get_param: [EndpointMap, KeystoneEC2, uri] }
enable_fencing: {get_param: EnableFencing}
enable_galera: {get_param: EnableGalera}
enable_ceph_storage: {get_param: EnableCephStorage}
@@ -912,18 +883,10 @@ resources:
- '@'
- {get_param: MysqlVirtualIP}
- '/ovs_neutron?charset=utf8'
- neutron_url:
- list_join:
- - ''
- - - 'http://'
- - {get_param: NeutronApiVirtualIP}
- - ':9696'
- neutron_admin_auth_url:
- list_join:
- - ''
- - - 'http://'
- - {get_param: KeystoneAdminApiVirtualIP}
- - ':35357/v2.0'
+ neutron_internal_url: { get_param: [ EndpointMap, NeutronInternal, uri ] }
+ neutron_public_url: { get_param: [ EndpointMap, NeutronPublic, uri ] }
+ neutron_admin_url: { get_param: [ EndpointMap, NeutronAdmin, uri ] }
+ neutron_admin_auth_url: { get_param: [ EndpointMap, KeystoneAdmin, uri ] }
ceilometer_backend: {get_param: CeilometerBackend}
ceilometer_metering_secret: {get_param: CeilometerMeteringSecret}
ceilometer_password: {get_param: CeilometerPassword}
@@ -985,14 +948,7 @@ resources:
cinder_api_network: {get_attr: [NetIpMap, net_ip_map, {get_param: [ServiceNetMap, CinderApiNetwork]}]}
glance_api_network: {get_attr: [NetIpMap, net_ip_map, {get_param: [ServiceNetMap, GlanceApiNetwork]}]}
glance_registry_network: {get_attr: [NetIpMap, net_ip_map, {get_param: [ServiceNetMap, GlanceRegistryNetwork]}]}
- glance_api_servers:
- list_join:
- - ''
- - - {get_param: GlanceProtocol}
- - '://'
- - {get_param: GlanceApiVirtualIP}
- - ':'
- - {get_param: GlancePort}
+ glance_api_servers: { get_param: [EndpointMap, GlanceInternal, uri]}
glance_registry_host: {get_param: GlanceRegistryVirtualIP}
heat_api_network: {get_attr: [NetIpMap, net_ip_map, {get_param: [ServiceNetMap, HeatApiNetwork]}]}
keystone_public_api_network: {get_attr: [NetIpMap, net_ip_map, {get_param: [ServiceNetMap, KeystonePublicApiNetwork]}]}
@@ -1126,7 +1082,7 @@ resources:
glance::registry::auth_uri: {get_input: keystone_auth_uri}
glance::registry::identity_uri: {get_input: keystone_identity_uri}
glance::registry::debug: {get_input: debug}
- glance::backend::swift::swift_store_auth_address: {get_input: keystone_auth_address}
+ glance::backend::swift::swift_store_auth_address: {get_input: keystone_auth_uri}
glance::backend::swift::swift_store_user: service:glance
glance::backend::swift::swift_store_key: {get_input: glance_password}
glance_backend: {get_input: glance_backend}
@@ -1199,7 +1155,7 @@ resources:
# Neutron
neutron::bind_host: {get_input: neutron_api_network}
neutron::rabbit_password: {get_input: rabbit_password}
- neutron::rabbit_user: {get_input: rabbit_user}
+ neutron::rabbit_user: {get_input: rabbit_username}
neutron::rabbit_use_ssl: {get_input: rabbit_client_use_ssl}
neutron::rabbit_port: {get_input: rabbit_client_port}
neutron::debug: {get_input: debug}
@@ -1252,7 +1208,7 @@ resources:
ceilometer::api::keystone_auth_uri: {get_input: keystone_auth_uri}
ceilometer::api::keystone_identity_uri: {get_input: keystone_identity_uri}
ceilometer::agent::auth::auth_password: {get_input: ceilometer_password}
- ceilometer::agent::auth::auth_url: {get_input: keystone_auth_address}
+ ceilometer::agent::auth::auth_url: {get_input: keystone_auth_uri}
ceilometer::agent::central::coordination_url: {get_input: ceilometer_coordination_url}
ceilometer::db::mysql::password: {get_input: ceilometer_password}
snmpd_readonly_user_name: {get_input: snmpd_readonly_user_name}
@@ -1273,7 +1229,7 @@ resources:
nova::glance_api_servers: {get_input: glance_api_servers}
nova::api::neutron_metadata_proxy_shared_secret: {get_input: neutron_metadata_proxy_shared_secret}
nova::network::neutron::neutron_admin_password: {get_input: neutron_password}
- nova::network::neutron::neutron_url: {get_input: neutron_url}
+ nova::network::neutron::neutron_url: {get_input: neutron_internal_url}
nova::network::neutron::neutron_admin_auth_url: {get_input: neutron_admin_auth_url}
nova::vncproxy::host: {get_input: nova_api_network}
nova::db::mysql::password: {get_input: nova_password}
@@ -1290,6 +1246,8 @@ resources:
rabbitmq::node_ip_address: {get_input: rabbitmq_network}
rabbitmq::erlang_cookie: {get_input: rabbit_cookie}
rabbitmq::file_limit: {get_input: rabbit_fd_limit}
+ rabbitmq::default_user: {get_input: rabbit_username}
+ rabbitmq::default_pass: {get_input: rabbit_password}
# Redis
redis::bind: {get_input: redis_network}
redis_vip: {get_input: redis_vip}
diff --git a/puppet/manifests/overcloud_controller.pp b/puppet/manifests/overcloud_controller.pp
index f1c24f0d..34be39f3 100644
--- a/puppet/manifests/overcloud_controller.pp
+++ b/puppet/manifests/overcloud_controller.pp
@@ -381,7 +381,7 @@ if hiera('step') >= 3 {
package {'nfs-utils': } ->
cinder::backend::nfs { $cinder_nfs_backend :
nfs_servers => hiera('cinder_nfs_servers'),
- nfs_mount_options => hiera('cinder_nfs_mount_options'),
+ nfs_mount_options => hiera('cinder_nfs_mount_options',''),
nfs_shares_config => '/etc/cinder/shares-nfs.conf',
}
}
diff --git a/puppet/manifests/overcloud_controller_pacemaker.pp b/puppet/manifests/overcloud_controller_pacemaker.pp
index 3edd7ded..6cfa13ec 100644
--- a/puppet/manifests/overcloud_controller_pacemaker.pp
+++ b/puppet/manifests/overcloud_controller_pacemaker.pp
@@ -74,11 +74,11 @@ if hiera('step') >= 1 {
Class['tripleo::fencing'] -> Class['pacemaker::stonith']
}
- # FIXME(gfidente): sets 90secs as default start timeout op
+ # FIXME(gfidente): sets 95secs as default start timeout op
# param; until we can use pcmk global defaults we'll still
# need to add it to every resource which redefines op params
Pacemaker::Resource::Service {
- op_params => 'start timeout=90s',
+ op_params => 'start timeout=95s stop timeout=95s',
}
# Only configure RabbitMQ in this step, don't start it yet to
@@ -344,7 +344,7 @@ if hiera('step') >= 2 {
if downcase(hiera('ceilometer_backend')) == 'mongodb' {
pacemaker::resource::service { $::mongodb::params::service_name :
- op_params => 'start timeout=120s',
+ op_params => 'start timeout=120s stop timeout=95s',
clone_params => true,
require => Class['::mongodb::server'],
}
@@ -757,7 +757,7 @@ if hiera('step') >= 3 {
package { 'nfs-utils': } ->
cinder::backend::nfs { $cinder_nfs_backend:
nfs_servers => hiera('cinder_nfs_servers'),
- nfs_mount_options => hiera('cinder_nfs_mount_options'),
+ nfs_mount_options => hiera('cinder_nfs_mount_options',''),
nfs_shares_config => '/etc/cinder/shares-nfs.conf',
}
}
@@ -1186,24 +1186,24 @@ if hiera('step') >= 4 {
# Nova
pacemaker::resource::service { $::nova::params::api_service_name :
clone_params => 'interleave=true',
- op_params => 'start timeout=90s monitor start-delay=10s',
+ op_params => 'start timeout=95s stop timeout=95s monitor start-delay=10s',
}
pacemaker::resource::service { $::nova::params::conductor_service_name :
clone_params => 'interleave=true',
- op_params => 'start timeout=90s monitor start-delay=10s',
+ op_params => 'start timeout=95s stop timeout=95s monitor start-delay=10s',
}
pacemaker::resource::service { $::nova::params::consoleauth_service_name :
clone_params => 'interleave=true',
- op_params => 'start timeout=90s monitor start-delay=10s',
+ op_params => 'start timeout=95s stop timeout=95s monitor start-delay=10s',
require => Pacemaker::Resource::Service[$::keystone::params::service_name],
}
pacemaker::resource::service { $::nova::params::vncproxy_service_name :
clone_params => 'interleave=true',
- op_params => 'start timeout=90s monitor start-delay=10s',
+ op_params => 'start timeout=95s stop timeout=95s monitor start-delay=10s',
}
pacemaker::resource::service { $::nova::params::scheduler_service_name :
clone_params => 'interleave=true',
- op_params => 'start timeout=90s monitor start-delay=10s',
+ op_params => 'start timeout=95s stop timeout=95s monitor start-delay=10s',
}
pacemaker::constraint::base { 'keystone-then-nova-consoleauth-constraint':