diff options
Diffstat (limited to 'puppet')
32 files changed, 145 insertions, 112 deletions
diff --git a/puppet/ceph-storage-post.yaml b/puppet/ceph-storage-post.yaml index 70baeb6e..a83e0cfe 100644 --- a/puppet/ceph-storage-post.yaml +++ b/puppet/ceph-storage-post.yaml @@ -38,6 +38,7 @@ resources: enable_debug: {get_param: ConfigDebug} enable_hiera: True enable_facter: False + modulepath: /etc/puppet/modules:/opt/stack/puppet-modules:/usr/share/openstack-puppet/modules inputs: - name: step outputs: diff --git a/puppet/ceph-storage.yaml b/puppet/ceph-storage.yaml index de5a9c39..829456b5 100644 --- a/puppet/ceph-storage.yaml +++ b/puppet/ceph-storage.yaml @@ -231,22 +231,6 @@ resources: server: {get_resource: CephStorage} input_values: enable_package_upgrade: {get_attr: [UpdateDeployment, update_managed_packages]} - ceph_cluster_network: - get_attr: - - NetIpMap - - net_ip_map - - str_replace: - template: "NETWORK_subnet" - params: - NETWORK: {get_param: [ServiceNetMap, CephClusterNetwork]} - ceph_public_network: - get_attr: - - NetIpMap - - net_ip_map - - str_replace: - template: "NETWORK_subnet" - params: - NETWORK: {get_param: [ServiceNetMap, CephPublicNetwork]} CephStorageConfig: type: OS::Heat::StructuredConfig @@ -261,8 +245,6 @@ resources: - extraconfig - service_names - service_configs - - ceph_cluster # provided by CephClusterConfig - - ceph - all_nodes # provided by allNodesConfig - '"%{::osfamily}"' merge_behavior: deeper @@ -282,8 +264,6 @@ resources: ceph: mapped_data: tripleo::packages::enable_upgrade: {get_input: enable_package_upgrade} - ceph::profile::params::cluster_network: {get_input: ceph_cluster_network} - ceph::profile::params::public_network: {get_input: ceph_public_network} # Resource for site-specific injection of root certificate NodeTLSCAData: diff --git a/puppet/cinder-storage-post.yaml b/puppet/cinder-storage-post.yaml index c3dd403e..6416c43e 100644 --- a/puppet/cinder-storage-post.yaml +++ b/puppet/cinder-storage-post.yaml @@ -37,6 +37,7 @@ resources: enable_debug: {get_param: ConfigDebug} enable_hiera: True enable_facter: False + modulepath: /etc/puppet/modules:/opt/stack/puppet-modules:/usr/share/openstack-puppet/modules inputs: - name: step outputs: diff --git a/puppet/cinder-storage.yaml b/puppet/cinder-storage.yaml index ff2c5d1c..ef3f08ff 100644 --- a/puppet/cinder-storage.yaml +++ b/puppet/cinder-storage.yaml @@ -106,7 +106,7 @@ resources: properties: image: {get_param: BlockStorageImage} - flavor: {get_param: Flavor} + flavor: {get_param: OvercloudBlockStorageFlavor} key_name: {get_param: KeyName} networks: - network: ctlplane diff --git a/puppet/compute-post.yaml b/puppet/compute-post.yaml index c1b37772..d0c6082c 100644 --- a/puppet/compute-post.yaml +++ b/puppet/compute-post.yaml @@ -38,6 +38,7 @@ resources: enable_debug: {get_param: ConfigDebug} enable_hiera: True enable_facter: False + modulepath: /etc/puppet/modules:/opt/stack/puppet-modules:/usr/share/openstack-puppet/modules inputs: - name: step outputs: diff --git a/puppet/compute.yaml b/puppet/compute.yaml index dbf2f610..1790aa0d 100644 --- a/puppet/compute.yaml +++ b/puppet/compute.yaml @@ -258,7 +258,6 @@ resources: - service_names - service_configs - compute - - ceph_cluster # provided by CephClusterConfig - all_nodes # provided by allNodesConfig - '"%{::osfamily}"' - neutron_bigswitch_data # Optionally provided by ComputeExtraConfigPre @@ -266,6 +265,7 @@ resources: - nova_nuage_data # Optionally provided by ComputeExtraConfigPre - midonet_data # Optionally provided by AllNodesExtraConfig - neutron_opencontrail_data # Optionally provided by ComputeExtraConfigPre + - cisco_aci_data # Optionally provided by ComputeExtraConfigPre merge_behavior: deeper datafiles: service_names: diff --git a/puppet/controller-config-pacemaker.yaml b/puppet/controller-config-pacemaker.yaml index 5116cac7..b313f5de 100644 --- a/puppet/controller-config-pacemaker.yaml +++ b/puppet/controller-config-pacemaker.yaml @@ -23,6 +23,7 @@ resources: enable_debug: {get_param: ConfigDebug} enable_hiera: True enable_facter: False + modulepath: /etc/puppet/modules:/opt/stack/puppet-modules:/usr/share/openstack-puppet/modules outputs: - name: result config: diff --git a/puppet/controller-config.yaml b/puppet/controller-config.yaml index cadba703..811c544d 100644 --- a/puppet/controller-config.yaml +++ b/puppet/controller-config.yaml @@ -23,6 +23,7 @@ resources: enable_debug: {get_param: ConfigDebug} enable_hiera: True enable_facter: False + modulepath: /etc/puppet/modules:/opt/stack/puppet-modules:/usr/share/openstack-puppet/modules outputs: - name: result config: diff --git a/puppet/controller.yaml b/puppet/controller.yaml index 65e47b77..a8dc5fba 100644 --- a/puppet/controller.yaml +++ b/puppet/controller.yaml @@ -27,10 +27,6 @@ parameters: ... } type: json - ControlVirtualInterface: - default: 'br-ex' - description: Interface where virtual ip will be assigned. - type: string CorosyncIPv6: default: false description: Enable IPv6 in Corosync @@ -91,17 +87,6 @@ parameters: type: string constraints: - custom_constraint: nova.flavor - HAProxyStatsPassword: - description: Password for HAProxy stats endpoint - type: string - HAProxyStatsUser: - description: User for HAProxy stats endpoint - default: admin - type: string - HAProxySyslogAddress: - default: /dev/log - description: Syslog address where HAproxy will send its log - type: string HeatAuthEncryptionKey: description: Auth encryption key for heat-engine type: string @@ -170,12 +155,6 @@ parameters: type: string description: The password for the 'pcsd' user. hidden: true - PublicVirtualInterface: - default: 'br-ex' - description: > - Specifies the interface where the public-facing virtual ip will be assigned. - This should be int_public when a VLAN is being used. - type: string RedisPassword: description: The password for Redis type: string @@ -192,6 +171,10 @@ parameters: in the ring. hidden: true type: string + SwiftRawDisks: + default: {} + description: 'A hash of additional raw devices to use as Swift backend (eg. {sdb: {}})' + type: json UpgradeLevelNovaCompute: type: string description: Nova Compute upgrade level @@ -422,9 +405,6 @@ resources: server: {get_resource: Controller} input_values: bootstack_nodeid: {get_attr: [Controller, name]} - haproxy_log_address: {get_param: HAProxySyslogAddress} - haproxy_stats_password: {get_param: HAProxyStatsPassword} - haproxy_stats_user: {get_param: HAProxyStatsUser} heat_auth_encryption_key: {get_param: HeatAuthEncryptionKey} horizon_secret: {get_param: HorizonSecret} debug: {get_param: Debug} @@ -456,8 +436,6 @@ resources: instance_name_template: {get_param: InstanceNameTemplate} fencing_config: {get_param: FencingConfig} pcsd_password: {get_param: PcsdPassword} - control_virtual_interface: {get_param: ControlVirtualInterface} - public_virtual_interface: {get_param: PublicVirtualInterface} swift_hash_suffix: {get_param: SwiftHashSuffix} enable_package_upgrade: {get_attr: [UpdateDeployment, update_managed_packages]} swift_proxy_network: {get_attr: [NetIpMap, net_ip_map, {get_param: [ServiceNetMap, SwiftProxyNetwork]}]} @@ -494,23 +472,6 @@ resources: redis_vip: {get_param: RedisVirtualIP} sahara_api_network: {get_attr: [NetIpMap, net_ip_map, {get_param: [ServiceNetMap, SaharaApiNetwork]}]} memcached_network: {get_attr: [NetIpMap, net_ip_map, {get_param: [ServiceNetMap, MemcachedNetwork]}]} - ceph_cluster_network: - get_attr: - - NetIpMap - - net_ip_map - - str_replace: - template: "NETWORK_subnet" - params: - NETWORK: {get_param: [ServiceNetMap, CephClusterNetwork]} - ceph_public_network: - get_attr: - - NetIpMap - - net_ip_map - - str_replace: - template: "NETWORK_subnet" - params: - NETWORK: {get_param: [ServiceNetMap, CephPublicNetwork]} - ceph_public_ip: {get_attr: [NetIpMap, net_ip_map, {get_param: [ServiceNetMap, CephPublicNetwork]}]} ironic_api_network: {get_attr: [NetIpMap, net_ip_map, {get_param: [ServiceNetMap, IronicApiNetwork]}]} # Map heat metadata into hiera datafiles @@ -529,8 +490,6 @@ resources: - service_names - controller - swift_devices_and_proxy # provided by SwiftDevicesAndProxyConfig - - ceph_cluster # provided by CephClusterConfig - - ceph - bootstrap_node # provided by BootstrapNodeConfig - all_nodes # provided by allNodesConfig - vip_data # provided by vip-config @@ -542,6 +501,7 @@ resources: - neutron_cisco_data # Optionally provided by ControllerExtraConfigPre - cisco_n1kv_data # Optionally provided by ControllerExtraConfigPre - midonet_data #Optionally provided by AllNodesExtraConfig + - cisco_aci_data # Optionally provided by ControllerExtraConfigPre merge_behavior: deeper datafiles: service_names: @@ -559,11 +519,6 @@ resources: - {get_param: ControllerExtraConfig} extraconfig: mapped_data: {get_param: ExtraConfig} - ceph: - mapped_data: - ceph::profile::params::cluster_network: {get_input: ceph_cluster_network} - ceph::profile::params::public_network: {get_input: ceph_public_network} - ceph::profile::params::public_addr: {get_input: ceph_public_ip} controller: mapped_data: # data supplied directly to this deployment configuration, etc bootstack_nodeid: {get_input: bootstack_nodeid} @@ -627,11 +582,8 @@ resources: # Nova nova::upgrade_level_compute: {get_input: upgrade_level_nova_compute} nova::use_ipv6: {get_input: nova_ipv6} - nova::api::auth_uri: {get_input: keystone_auth_uri} - nova::api::identity_uri: {get_input: keystone_identity_uri} nova::api::api_bind_address: {get_input: nova_api_network} nova::api::metadata_listen: {get_input: nova_metadata_network} - nova::api::admin_password: {get_input: nova_password} nova::glance_api_servers: {get_input: glance_api_servers} nova::api::neutron_metadata_proxy_shared_secret: {get_input: neutron_metadata_proxy_shared_secret} nova::api::instance_name_template: {get_input: instance_name_template} @@ -658,17 +610,7 @@ resources: # Misc memcached_ipv6: {get_input: memcached_ipv6} memcached::listen_ip: {get_input: memcached_network} - control_virtual_interface: {get_input: control_virtual_interface} - public_virtual_interface: {get_input: public_virtual_interface} - tripleo::keepalived::control_virtual_interface: {get_input: control_virtual_interface} - tripleo::keepalived::public_virtual_interface: {get_input: public_virtual_interface} - tripleo::haproxy::control_virtual_interface: {get_input: control_virtual_interface} - tripleo::haproxy::public_virtual_interface: {get_input: public_virtual_interface} - tripleo::haproxy::haproxy_log_address: {get_input: haproxy_log_address} tripleo::haproxy::service_certificate: {get_attr: [NodeTLSData, deployed_ssl_certificate_path]} - tripleo::haproxy::haproxy_stats_user: {get_input: haproxy_stats_user} - tripleo::haproxy::haproxy_stats_password: {get_input: haproxy_stats_password} - tripleo::haproxy::redis_password: {get_input: redis_password} tripleo::packages::enable_upgrade: {get_input: enable_package_upgrade} # Hook for site-specific additional pre-deployment config, e.g extra hieradata @@ -785,7 +727,14 @@ outputs: description: Swift device formatted for swift-ring-builder value: str_replace: - template: 'r1z1-IP:%PORT%/d1' + template: + list_join: + - ',' + - ['r1z1-IP:%PORT%/d1'] + - repeat: + template: 'r1z1-IP:%PORT%/DEVICE' + for_each: + DEVICE: {get_param: SwiftRawDisks} params: IP: get_attr: diff --git a/puppet/services/aodh-api.yaml b/puppet/services/aodh-api.yaml index b85cfe71..ae0f0c2d 100644 --- a/puppet/services/aodh-api.yaml +++ b/puppet/services/aodh-api.yaml @@ -37,7 +37,6 @@ outputs: - get_attr: [AodhBase, role_data, config_settings] - aodh::wsgi::apache::ssl: false aodh::api::service_name: 'httpd' - aodh::api::keystone_tenant: 'service' - tripleo.aodh_api.firewall_rules: '128 aodh-api': dport: diff --git a/puppet/services/aodh-base.yaml b/puppet/services/aodh-base.yaml index 603b2d82..15f81953 100644 --- a/puppet/services/aodh-base.yaml +++ b/puppet/services/aodh-base.yaml @@ -82,9 +82,10 @@ outputs: aodh::rabbit_password: {get_param: RabbitPassword} aodh::rabbit_use_ssl: {get_param: RabbitClientUseSSL} aodh::rabbit_port: {get_param: RabbitClientPort} - aodh::api::keystone_password: {get_param: AodhPassword} - aodh::api::keystone_auth_uri: {get_param: [EndpointMap, KeystoneInternal, uri] } - aodh::api::keystone_identity_uri: { get_param: [EndpointMap, KeystoneAdmin, uri_no_suffix] } + aodh::keystone::authtoken::project_name: 'service' + aodh::keystone::authtoken::password: {get_param: AodhPassword} + aodh::keystone::authtoken::auth_uri: {get_param: [EndpointMap, KeystoneInternal, uri] } + aodh::keystone::authtoken::auth_url: { get_param: [EndpointMap, KeystoneAdmin, uri_no_suffix] } aodh::auth::auth_password: {get_param: AodhPassword} aodh::keystone::auth::public_url: {get_param: [EndpointMap, AodhPublic, uri]} aodh::keystone::auth::internal_url: {get_param: [EndpointMap, AodhInternal, uri]} diff --git a/puppet/services/ceilometer-api.yaml b/puppet/services/ceilometer-api.yaml index b9f021e3..3a01a1f9 100644 --- a/puppet/services/ceilometer-api.yaml +++ b/puppet/services/ceilometer-api.yaml @@ -41,6 +41,5 @@ outputs: dport: - 8777 - 13777 - - ceilometer::api::keystone_tenant: 'service' step_config: | include ::tripleo::profile::base::ceilometer::api diff --git a/puppet/services/ceilometer-base.yaml b/puppet/services/ceilometer-base.yaml index 1a65a595..62fdd5c1 100644 --- a/puppet/services/ceilometer-base.yaml +++ b/puppet/services/ceilometer-base.yaml @@ -91,9 +91,10 @@ outputs: ceilometer::metering_secret: {get_param: CeilometerMeteringSecret} # we include db_sync class in puppet-tripleo ceilometer::db::sync_db: false - ceilometer::api::keystone_password: {get_param: CeilometerPassword} - ceilometer::api::keystone_auth_uri: {get_param: [EndpointMap, KeystoneInternal, uri] } - ceilometer::api::keystone_identity_uri: { get_param: [EndpointMap, KeystoneAdmin, uri_no_suffix] } + ceilometer::keystone::authtoken::project_name: 'service' + ceilometer::keystone::authtoken::password: {get_param: CeilometerPassword} + ceilometer::keystone::authtoken::auth_uri: {get_param: [EndpointMap, KeystoneInternal, uri] } + ceilometer::keystone::authtoken::auth_url: { get_param: [EndpointMap, KeystoneAdmin, uri_no_suffix] } ceilometer::agent::auth::auth_password: {get_param: CeilometerPassword} ceilometer::agent::auth::auth_url: {get_param: [EndpointMap, KeystoneInternal, uri_no_suffix] } ceilometer::agent::notification::store_events: {get_param: CeilometerStoreEvents} diff --git a/puppet/services/ceph-base.yaml b/puppet/services/ceph-base.yaml index 415b77b6..4d98546d 100644 --- a/puppet/services/ceph-base.yaml +++ b/puppet/services/ceph-base.yaml @@ -4,7 +4,9 @@ description: > Ceph base service. Shared by all Ceph services. parameters: + # NOTE(gfidente): needs a default to cope with external Ceph deployments were we don't pass (and need) an Admin key CephAdminKey: + default: '' description: The Ceph admin client key. Can be created with ceph-authtool --gen-print-key. type: string hidden: true @@ -77,6 +79,22 @@ outputs: ceph::profile::params::manage_repo: false ceph::profile::params::authentication_type: cephx ceph::profile::params::fsid: {get_param: CephClusterFSID} + # NOTE: bind IP is found in Heat replacing the network name with the local node IP + # for the given network; replacement examples (eg. for internal_api): + # internal_api -> IP + # internal_api_uri -> [IP] + # internal_api_subnet - > IP/CIDR + ceph::profile::params::cluster_network: + str_replace: + template: "NETWORK_subnet" + params: + NETWORK: {get_param: [ServiceNetMap, CephClusterNetwork]} + ceph::profile::params::public_network: + str_replace: + template: "NETWORK_subnet" + params: + NETWORK: {get_param: [ServiceNetMap, CephPublicNetwork]} + ceph::profile::params::public_addr: {get_param: [ServiceNetMap, CephPublicNetwork]} ceph::profile::params::client_keys: str_replace: template: "{ diff --git a/puppet/services/database/redis-base.yaml b/puppet/services/database/redis-base.yaml index 301b2bb1..40711432 100644 --- a/puppet/services/database/redis-base.yaml +++ b/puppet/services/database/redis-base.yaml @@ -36,4 +36,3 @@ outputs: redis::sentinel::master_name: '"%{hiera(\"bootstrap_nodeid\")}"' redis::sentinel::redis_host: '"%{hiera(\"bootstrap_nodeid_ip\")}"' redis::sentinel::notification_script: '/usr/local/bin/redis-notifications.sh' - tripleo::loadbalancer::redis_password: {get_param: RedisPassword} diff --git a/puppet/services/gnocchi-api.yaml b/puppet/services/gnocchi-api.yaml index bc217743..cbf7e218 100644 --- a/puppet/services/gnocchi-api.yaml +++ b/puppet/services/gnocchi-api.yaml @@ -56,7 +56,6 @@ outputs: - 8041 - 13041 gnocchi::api::enabled: true - gnocchi::api::manage_service: false gnocchi::api::service_name: 'httpd' gnocchi::keystone::auth::admin_url: { get_param: [ EndpointMap, GnocchiAdmin, uri ] } gnocchi::keystone::auth::internal_url: {get_param: [EndpointMap, GnocchiInternal, uri]} diff --git a/puppet/services/gnocchi-base.yaml b/puppet/services/gnocchi-base.yaml index ac5a17ca..9b9cafb8 100644 --- a/puppet/services/gnocchi-base.yaml +++ b/puppet/services/gnocchi-base.yaml @@ -85,7 +85,6 @@ outputs: - {get_param: CephClientUserName} - 'keyring' #Gnocchi statsd - gnocchi::statsd::manage_service: false gnocchi::statsd::resource_id: '0a8b55df-f90f-491c-8cb9-7cdecec6fc26' gnocchi::statsd::user_id: '27c0d3f8-e7ee-42f0-8317-72237d1c5ae3' gnocchi::statsd::project_id: '6c38cd8d-099a-4cb2-aecf-17be688e8616' diff --git a/puppet/services/gnocchi-metricd.yaml b/puppet/services/gnocchi-metricd.yaml index df342ebd..205d0552 100644 --- a/puppet/services/gnocchi-metricd.yaml +++ b/puppet/services/gnocchi-metricd.yaml @@ -35,6 +35,5 @@ outputs: config_settings: map_merge: - get_attr: [GnocchiServiceBase, role_data, config_settings] - - gnocchi::metricd::manage_service: false step_config: | include ::tripleo::profile::base::gnocchi::metricd diff --git a/puppet/services/gnocchi-statsd.yaml b/puppet/services/gnocchi-statsd.yaml index b6e63bf3..018ad2b1 100644 --- a/puppet/services/gnocchi-statsd.yaml +++ b/puppet/services/gnocchi-statsd.yaml @@ -35,6 +35,5 @@ outputs: config_settings: map_merge: - get_attr: [GnocchiServiceBase, role_data, config_settings] - - gnocchi::statsd::manage_service: false step_config: | include ::tripleo::profile::base::gnocchi::statsd diff --git a/puppet/services/haproxy.yaml b/puppet/services/haproxy.yaml index 00574c2f..8ac669a9 100644 --- a/puppet/services/haproxy.yaml +++ b/puppet/services/haproxy.yaml @@ -18,6 +18,32 @@ parameters: description: Mapping of service endpoint -> protocol. Typically set via parameter_defaults in the resource registry. type: json + HAProxyStatsPassword: + description: Password for HAProxy stats endpoint + hidden: true + type: string + HAProxyStatsUser: + description: User for HAProxy stats endpoint + default: admin + type: string + HAProxySyslogAddress: + default: /dev/log + description: Syslog address where HAproxy will send its log + type: string + RedisPassword: + description: The password for Redis + type: string + hidden: true + ControlVirtualInterface: + default: 'br-ex' + description: Interface where virtual ip will be assigned. + type: string + PublicVirtualInterface: + default: 'br-ex' + description: > + Specifies the interface where the public-facing virtual ip will be assigned. + This should be int_public when a VLAN is being used. + type: string outputs: role_data: @@ -49,5 +75,11 @@ outputs: tripleo::haproxy::heat_cloudwatch: true tripleo::haproxy::heat_cfn: true tripleo::haproxy::horizon: true + tripleo::haproxy::haproxy_log_address: {get_param: HAProxySyslogAddress} + tripleo::haproxy::haproxy_stats_user: {get_param: HAProxyStatsUser} + tripleo::haproxy::haproxy_stats_password: {get_param: HAProxyStatsPassword} + tripleo::haproxy::redis_password: {get_param: RedisPassword} + tripleo::haproxy::control_virtual_interface: {get_param: ControlVirtualInterface} + tripleo::haproxy::public_virtual_interface: {get_param: PublicVirtualInterface} step_config: | include ::tripleo::profile::base::haproxy diff --git a/puppet/services/ironic-api.yaml b/puppet/services/ironic-api.yaml index e185630e..6b494256 100644 --- a/puppet/services/ironic-api.yaml +++ b/puppet/services/ironic-api.yaml @@ -45,11 +45,11 @@ outputs: # the TFTP server IP in ironic-conductor.yaml as it should not be # the VIP, but rather a real IP of the controller. - ironic::my_ip: {get_param: [EndpointMap, MysqlInternal, host]} - ironic::api::admin_password: {get_param: IronicPassword} - ironic::api::admin_tenant_name: 'service' - ironic::api::admin_user: 'ironic' - ironic::api::auth_uri: {get_param: [EndpointMap, KeystoneInternal, uri] } - ironic::api::identity_uri: {get_param: [EndpointMap, KeystoneAdmin, uri_no_suffix]} + ironic::api::authtoken::password: {get_param: IronicPassword} + ironic::api::authtoken::project_name: 'service' + ironic::api::authtoken::username: 'ironic' + ironic::api::authtoken::auth_uri: {get_param: [EndpointMap, KeystoneInternal, uri] } + ironic::api::authtoken::auth_url: {get_param: [EndpointMap, KeystoneAdmin, uri_no_suffix]} ironic::api::port: {get_param: [EndpointMap, IronicInternal, port]} # This is used to build links in responses ironic::api::public_endpoint: {get_param: [EndpointMap, IronicPublic, uri_no_suffix]} diff --git a/puppet/services/keepalived.yaml b/puppet/services/keepalived.yaml index c8c977c6..b783345b 100644 --- a/puppet/services/keepalived.yaml +++ b/puppet/services/keepalived.yaml @@ -18,11 +18,24 @@ parameters: description: Mapping of service endpoint -> protocol. Typically set via parameter_defaults in the resource registry. type: json + ControlVirtualInterface: + default: 'br-ex' + description: Interface where virtual ip will be assigned. + type: string + PublicVirtualInterface: + default: 'br-ex' + description: > + Specifies the interface where the public-facing virtual ip will be assigned. + This should be int_public when a VLAN is being used. + type: string outputs: role_data: description: Role data for the Keepalived role. value: service_name: keepalived + config_settings: + tripleo::keepalived::control_virtual_interface: {get_param: ControlVirtualInterface} + tripleo::keepalived::public_virtual_interface: {get_param: PublicVirtualInterface} step_config: | include ::tripleo::profile::base::keepalived diff --git a/puppet/services/manila-api.yaml b/puppet/services/manila-api.yaml index 8b456af5..633e75ba 100644 --- a/puppet/services/manila-api.yaml +++ b/puppet/services/manila-api.yaml @@ -43,9 +43,10 @@ outputs: config_settings: map_merge: - get_attr: [ManilaBase, role_data, config_settings] - - manila::api::keystone_password: {get_param: ManilaPassword} - manila::api::keystone_auth_uri: {get_param: [EndpointMap, KeystoneInternal, uri]} - manila::api::keystone_auth_host: {get_param: [EndpointMap, ManilaInternal, host]} + - manila::keystone::authtoken::password: {get_param: ManilaPassword} + manila::keystone::authtoken::auth_uri: {get_param: [EndpointMap, KeystoneInternal, uri]} + manila::keystone::authtoken::auth_url: { get_param: [EndpointMap, KeystoneAdmin, uri_no_suffix] } + manila::keystone::authtoken::project_name: 'service' manila::keystone::auth::public_url: {get_param: [EndpointMap, ManilaV1Public, uri]} manila::keystone::auth::internal_url: {get_param: [EndpointMap, ManilaV1Internal, uri]} manila::keystone::auth::admin_url: {get_param: [EndpointMap, ManilaV1Admin, uri]} @@ -54,7 +55,6 @@ outputs: manila::keystone::auth::admin_url_v2: {get_param: [EndpointMap, ManilaAdmin, uri]} manila::keystone::auth::password: {get_param: ManilaPassword } manila::keystone::auth::region: {get_param: KeystoneRegion } - manila::api::keystone_tenant: 'service' step_config: | include ::tripleo::profile::base::manila::api diff --git a/puppet/services/neutron-dhcp.yaml b/puppet/services/neutron-dhcp.yaml index ed2dbd0e..513cb2d4 100644 --- a/puppet/services/neutron-dhcp.yaml +++ b/puppet/services/neutron-dhcp.yaml @@ -18,10 +18,19 @@ parameters: description: Mapping of service endpoint -> protocol. Typically set via parameter_defaults in the resource registry. type: json + NeutronEnableMetadataNetwork: + default: false + description: If True, DHCP provide metadata network. Requires either + IsolatedMetadata or ForceMetadata parameters to also be True. + type: boolean NeutronEnableIsolatedMetadata: - default: 'False' + default: false description: If True, DHCP provide metadata route to VM. - type: string + type: boolean + NeutronEnableForceMetadata: + default: false + description: If True, DHCP always provides metadata route to VM. + type: boolean resources: @@ -41,6 +50,8 @@ outputs: map_merge: - get_attr: [NeutronBase, role_data, config_settings] - neutron::agents::dhcp::enable_isolated_metadata: {get_param: NeutronEnableIsolatedMetadata} + neutron::agents::dhcp::enable_force_metadata: {get_param: NeutronEnableForceMetadata} + neutron::agents::dhcp::enable_metadata_network: {get_param: NeutronEnableMetadataNetwork} tripleo.neutron_dhcp.firewall_rules: '115 neutron dhcp input': proto: 'udp' diff --git a/puppet/services/neutron-ovs-agent.yaml b/puppet/services/neutron-ovs-agent.yaml index 2b653612..1b19f90f 100644 --- a/puppet/services/neutron-ovs-agent.yaml +++ b/puppet/services/neutron-ovs-agent.yaml @@ -48,6 +48,11 @@ parameters: description: | Enable support for distributed routing in the OVS Agent. type: boolean + NeutronEnableARPResponder: + default: false + description: | + Enable ARP responder feature in the OVS Agent. + type: boolean resources: @@ -68,6 +73,7 @@ outputs: - get_attr: [NeutronBase, role_data, config_settings] neutron::agents::ml2::ovs::l2_population: {get_param: NeutronEnableL2Pop} neutron::agents::ml2::ovs::enable_distributed_routing: {get_param: NeutronEnableDVR} + neutron::agents::ml2::ovs::arp_responder: {get_param: NeutronEnableARPResponder} neutron::agents::ml2::ovs::bridge_mappings: str_replace: template: MAPPINGS diff --git a/puppet/services/nova-api.yaml b/puppet/services/nova-api.yaml index 143c0619..c2bd395e 100644 --- a/puppet/services/nova-api.yaml +++ b/puppet/services/nova-api.yaml @@ -61,7 +61,10 @@ outputs: - 8774 - 13774 - 8775 - nova::api::admin_tenant_name: 'service' + nova::keystone::authtoken::project_name: 'service' + nova::keystone::authtoken::password: {get_param: NovaPassword} + nova::keystone::authtoken::auth_uri: {get_param: [EndpointMap, KeystoneInternal, uri] } + nova::keystone::authtoken::auth_url: {get_param: [EndpointMap, KeystoneAdmin, uri_no_suffix]} nova::api::enabled: true nova::api::default_floating_pool: 'public' nova::api::sync_db_api: true diff --git a/puppet/services/pacemaker/gnocchi-api.yaml b/puppet/services/pacemaker/gnocchi-api.yaml index 1f6ed461..50bd3fa7 100644 --- a/puppet/services/pacemaker/gnocchi-api.yaml +++ b/puppet/services/pacemaker/gnocchi-api.yaml @@ -35,5 +35,7 @@ outputs: config_settings: map_merge: - get_attr: [GnocchiServiceBase, role_data, config_settings] + - gnocchi::metricd::manage_service: false + gnocchi::metricd::enabled: false step_config: | include ::tripleo::profile::pacemaker::gnocchi::api diff --git a/puppet/services/pacemaker/gnocchi-metricd.yaml b/puppet/services/pacemaker/gnocchi-metricd.yaml index cea27e9a..0a6b03ea 100644 --- a/puppet/services/pacemaker/gnocchi-metricd.yaml +++ b/puppet/services/pacemaker/gnocchi-metricd.yaml @@ -36,6 +36,7 @@ outputs: map_merge: - get_attr: [GnocchiServiceBase, role_data, config_settings] - gnocchi::metricd::manage_service: false + gnocchi::metricd::enabled: false tripleo::profile::pacemaker::gnocchi::gnocchi_indexer_backend: {get_attr: [GnocchiServiceBase, aux_parameters, gnocchi_indexer_backend]} step_config: | diff --git a/puppet/services/pacemaker/gnocchi-statsd.yaml b/puppet/services/pacemaker/gnocchi-statsd.yaml index 2e1531fc..12256d32 100644 --- a/puppet/services/pacemaker/gnocchi-statsd.yaml +++ b/puppet/services/pacemaker/gnocchi-statsd.yaml @@ -36,6 +36,7 @@ outputs: map_merge: - get_attr: [GnocchiServiceBase, role_data, config_settings] - gnocchi::statsd::manage_service: false + gnocchi::statsd::enabled: false tripleo::profile::pacemaker::gnocchi::gnocchi_indexer_backend: {get_attr: [GnocchiServiceBase, aux_parameters, gnocchi_indexer_backend]} step_config: | include ::tripleo::profile::pacemaker::gnocchi::statsd diff --git a/puppet/services/swift-storage.yaml b/puppet/services/swift-storage.yaml index 558f2752..664a701f 100644 --- a/puppet/services/swift-storage.yaml +++ b/puppet/services/swift-storage.yaml @@ -26,6 +26,10 @@ parameters: default: false description: Value of mount_check in Swift account/container/object -server.conf type: boolean + SwiftRawDisks: + default: {} + description: 'A hash of additional raw devices to use as Swift backend (eg. {sdb: {}})' + type: json # DEPRECATED options for compatibility with overcloud.yaml # This should be removed and manipulation of the ControllerServices list @@ -69,5 +73,6 @@ outputs: swift::storage::all::account_pipeline: - healthcheck - account-server + swift::storage::disks: {get_param: SwiftRawDisks} step_config: | include ::tripleo::profile::base::swift::storage diff --git a/puppet/swift-storage-post.yaml b/puppet/swift-storage-post.yaml index 306a4d6e..859fad2c 100644 --- a/puppet/swift-storage-post.yaml +++ b/puppet/swift-storage-post.yaml @@ -36,6 +36,7 @@ resources: enable_debug: {get_param: ConfigDebug} enable_hiera: True enable_facter: False + modulepath: /etc/puppet/modules:/opt/stack/puppet-modules:/usr/share/openstack-puppet/modules inputs: - name: step outputs: diff --git a/puppet/swift-storage.yaml b/puppet/swift-storage.yaml index dc28ee76..1f3022b8 100644 --- a/puppet/swift-storage.yaml +++ b/puppet/swift-storage.yaml @@ -101,6 +101,10 @@ parameters: type: string description: Command which will be run whenever configuration data changes default: os-refresh-config --timeout 14400 + SwiftRawDisks: + default: {} + description: 'A hash of additional raw devices to use as Swift backend (eg. {sdb: {}})' + type: json resources: @@ -377,7 +381,14 @@ outputs: description: Swift device formatted for swift-ring-builder value: str_replace: - template: 'r1z1-IP:%PORT%/d1' + template: + list_join: + - ',' + - ['r1z1-IP:%PORT%/d1'] + - repeat: + template: 'r1z1-IP:%PORT%/DEVICE' + for_each: + DEVICE: {get_param: SwiftRawDisks} params: IP: get_attr: |