summaryrefslogtreecommitdiffstats
path: root/puppet
diff options
context:
space:
mode:
Diffstat (limited to 'puppet')
-rw-r--r--puppet/ceph-storage-post.yaml1
-rw-r--r--puppet/ceph-storage.yaml20
-rw-r--r--puppet/cinder-storage-post.yaml1
-rw-r--r--puppet/cinder-storage.yaml2
-rw-r--r--puppet/compute-post.yaml1
-rw-r--r--puppet/compute.yaml2
-rw-r--r--puppet/controller-config-pacemaker.yaml1
-rw-r--r--puppet/controller-config.yaml1
-rw-r--r--puppet/controller.yaml77
-rw-r--r--puppet/services/aodh-api.yaml1
-rw-r--r--puppet/services/aodh-base.yaml7
-rw-r--r--puppet/services/ceilometer-api.yaml1
-rw-r--r--puppet/services/ceilometer-base.yaml7
-rw-r--r--puppet/services/ceph-base.yaml18
-rw-r--r--puppet/services/database/redis-base.yaml1
-rw-r--r--puppet/services/gnocchi-api.yaml1
-rw-r--r--puppet/services/gnocchi-base.yaml1
-rw-r--r--puppet/services/gnocchi-metricd.yaml1
-rw-r--r--puppet/services/gnocchi-statsd.yaml1
-rw-r--r--puppet/services/haproxy.yaml32
-rw-r--r--puppet/services/ironic-api.yaml10
-rw-r--r--puppet/services/keepalived.yaml13
-rw-r--r--puppet/services/manila-api.yaml8
-rw-r--r--puppet/services/neutron-dhcp.yaml15
-rw-r--r--puppet/services/neutron-ovs-agent.yaml6
-rw-r--r--puppet/services/nova-api.yaml5
-rw-r--r--puppet/services/pacemaker/gnocchi-api.yaml2
-rw-r--r--puppet/services/pacemaker/gnocchi-metricd.yaml1
-rw-r--r--puppet/services/pacemaker/gnocchi-statsd.yaml1
-rw-r--r--puppet/services/swift-storage.yaml5
-rw-r--r--puppet/swift-storage-post.yaml1
-rw-r--r--puppet/swift-storage.yaml13
32 files changed, 145 insertions, 112 deletions
diff --git a/puppet/ceph-storage-post.yaml b/puppet/ceph-storage-post.yaml
index 70baeb6e..a83e0cfe 100644
--- a/puppet/ceph-storage-post.yaml
+++ b/puppet/ceph-storage-post.yaml
@@ -38,6 +38,7 @@ resources:
enable_debug: {get_param: ConfigDebug}
enable_hiera: True
enable_facter: False
+ modulepath: /etc/puppet/modules:/opt/stack/puppet-modules:/usr/share/openstack-puppet/modules
inputs:
- name: step
outputs:
diff --git a/puppet/ceph-storage.yaml b/puppet/ceph-storage.yaml
index de5a9c39..829456b5 100644
--- a/puppet/ceph-storage.yaml
+++ b/puppet/ceph-storage.yaml
@@ -231,22 +231,6 @@ resources:
server: {get_resource: CephStorage}
input_values:
enable_package_upgrade: {get_attr: [UpdateDeployment, update_managed_packages]}
- ceph_cluster_network:
- get_attr:
- - NetIpMap
- - net_ip_map
- - str_replace:
- template: "NETWORK_subnet"
- params:
- NETWORK: {get_param: [ServiceNetMap, CephClusterNetwork]}
- ceph_public_network:
- get_attr:
- - NetIpMap
- - net_ip_map
- - str_replace:
- template: "NETWORK_subnet"
- params:
- NETWORK: {get_param: [ServiceNetMap, CephPublicNetwork]}
CephStorageConfig:
type: OS::Heat::StructuredConfig
@@ -261,8 +245,6 @@ resources:
- extraconfig
- service_names
- service_configs
- - ceph_cluster # provided by CephClusterConfig
- - ceph
- all_nodes # provided by allNodesConfig
- '"%{::osfamily}"'
merge_behavior: deeper
@@ -282,8 +264,6 @@ resources:
ceph:
mapped_data:
tripleo::packages::enable_upgrade: {get_input: enable_package_upgrade}
- ceph::profile::params::cluster_network: {get_input: ceph_cluster_network}
- ceph::profile::params::public_network: {get_input: ceph_public_network}
# Resource for site-specific injection of root certificate
NodeTLSCAData:
diff --git a/puppet/cinder-storage-post.yaml b/puppet/cinder-storage-post.yaml
index c3dd403e..6416c43e 100644
--- a/puppet/cinder-storage-post.yaml
+++ b/puppet/cinder-storage-post.yaml
@@ -37,6 +37,7 @@ resources:
enable_debug: {get_param: ConfigDebug}
enable_hiera: True
enable_facter: False
+ modulepath: /etc/puppet/modules:/opt/stack/puppet-modules:/usr/share/openstack-puppet/modules
inputs:
- name: step
outputs:
diff --git a/puppet/cinder-storage.yaml b/puppet/cinder-storage.yaml
index ff2c5d1c..ef3f08ff 100644
--- a/puppet/cinder-storage.yaml
+++ b/puppet/cinder-storage.yaml
@@ -106,7 +106,7 @@ resources:
properties:
image:
{get_param: BlockStorageImage}
- flavor: {get_param: Flavor}
+ flavor: {get_param: OvercloudBlockStorageFlavor}
key_name: {get_param: KeyName}
networks:
- network: ctlplane
diff --git a/puppet/compute-post.yaml b/puppet/compute-post.yaml
index c1b37772..d0c6082c 100644
--- a/puppet/compute-post.yaml
+++ b/puppet/compute-post.yaml
@@ -38,6 +38,7 @@ resources:
enable_debug: {get_param: ConfigDebug}
enable_hiera: True
enable_facter: False
+ modulepath: /etc/puppet/modules:/opt/stack/puppet-modules:/usr/share/openstack-puppet/modules
inputs:
- name: step
outputs:
diff --git a/puppet/compute.yaml b/puppet/compute.yaml
index dbf2f610..1790aa0d 100644
--- a/puppet/compute.yaml
+++ b/puppet/compute.yaml
@@ -258,7 +258,6 @@ resources:
- service_names
- service_configs
- compute
- - ceph_cluster # provided by CephClusterConfig
- all_nodes # provided by allNodesConfig
- '"%{::osfamily}"'
- neutron_bigswitch_data # Optionally provided by ComputeExtraConfigPre
@@ -266,6 +265,7 @@ resources:
- nova_nuage_data # Optionally provided by ComputeExtraConfigPre
- midonet_data # Optionally provided by AllNodesExtraConfig
- neutron_opencontrail_data # Optionally provided by ComputeExtraConfigPre
+ - cisco_aci_data # Optionally provided by ComputeExtraConfigPre
merge_behavior: deeper
datafiles:
service_names:
diff --git a/puppet/controller-config-pacemaker.yaml b/puppet/controller-config-pacemaker.yaml
index 5116cac7..b313f5de 100644
--- a/puppet/controller-config-pacemaker.yaml
+++ b/puppet/controller-config-pacemaker.yaml
@@ -23,6 +23,7 @@ resources:
enable_debug: {get_param: ConfigDebug}
enable_hiera: True
enable_facter: False
+ modulepath: /etc/puppet/modules:/opt/stack/puppet-modules:/usr/share/openstack-puppet/modules
outputs:
- name: result
config:
diff --git a/puppet/controller-config.yaml b/puppet/controller-config.yaml
index cadba703..811c544d 100644
--- a/puppet/controller-config.yaml
+++ b/puppet/controller-config.yaml
@@ -23,6 +23,7 @@ resources:
enable_debug: {get_param: ConfigDebug}
enable_hiera: True
enable_facter: False
+ modulepath: /etc/puppet/modules:/opt/stack/puppet-modules:/usr/share/openstack-puppet/modules
outputs:
- name: result
config:
diff --git a/puppet/controller.yaml b/puppet/controller.yaml
index 65e47b77..a8dc5fba 100644
--- a/puppet/controller.yaml
+++ b/puppet/controller.yaml
@@ -27,10 +27,6 @@ parameters:
...
}
type: json
- ControlVirtualInterface:
- default: 'br-ex'
- description: Interface where virtual ip will be assigned.
- type: string
CorosyncIPv6:
default: false
description: Enable IPv6 in Corosync
@@ -91,17 +87,6 @@ parameters:
type: string
constraints:
- custom_constraint: nova.flavor
- HAProxyStatsPassword:
- description: Password for HAProxy stats endpoint
- type: string
- HAProxyStatsUser:
- description: User for HAProxy stats endpoint
- default: admin
- type: string
- HAProxySyslogAddress:
- default: /dev/log
- description: Syslog address where HAproxy will send its log
- type: string
HeatAuthEncryptionKey:
description: Auth encryption key for heat-engine
type: string
@@ -170,12 +155,6 @@ parameters:
type: string
description: The password for the 'pcsd' user.
hidden: true
- PublicVirtualInterface:
- default: 'br-ex'
- description: >
- Specifies the interface where the public-facing virtual ip will be assigned.
- This should be int_public when a VLAN is being used.
- type: string
RedisPassword:
description: The password for Redis
type: string
@@ -192,6 +171,10 @@ parameters:
in the ring.
hidden: true
type: string
+ SwiftRawDisks:
+ default: {}
+ description: 'A hash of additional raw devices to use as Swift backend (eg. {sdb: {}})'
+ type: json
UpgradeLevelNovaCompute:
type: string
description: Nova Compute upgrade level
@@ -422,9 +405,6 @@ resources:
server: {get_resource: Controller}
input_values:
bootstack_nodeid: {get_attr: [Controller, name]}
- haproxy_log_address: {get_param: HAProxySyslogAddress}
- haproxy_stats_password: {get_param: HAProxyStatsPassword}
- haproxy_stats_user: {get_param: HAProxyStatsUser}
heat_auth_encryption_key: {get_param: HeatAuthEncryptionKey}
horizon_secret: {get_param: HorizonSecret}
debug: {get_param: Debug}
@@ -456,8 +436,6 @@ resources:
instance_name_template: {get_param: InstanceNameTemplate}
fencing_config: {get_param: FencingConfig}
pcsd_password: {get_param: PcsdPassword}
- control_virtual_interface: {get_param: ControlVirtualInterface}
- public_virtual_interface: {get_param: PublicVirtualInterface}
swift_hash_suffix: {get_param: SwiftHashSuffix}
enable_package_upgrade: {get_attr: [UpdateDeployment, update_managed_packages]}
swift_proxy_network: {get_attr: [NetIpMap, net_ip_map, {get_param: [ServiceNetMap, SwiftProxyNetwork]}]}
@@ -494,23 +472,6 @@ resources:
redis_vip: {get_param: RedisVirtualIP}
sahara_api_network: {get_attr: [NetIpMap, net_ip_map, {get_param: [ServiceNetMap, SaharaApiNetwork]}]}
memcached_network: {get_attr: [NetIpMap, net_ip_map, {get_param: [ServiceNetMap, MemcachedNetwork]}]}
- ceph_cluster_network:
- get_attr:
- - NetIpMap
- - net_ip_map
- - str_replace:
- template: "NETWORK_subnet"
- params:
- NETWORK: {get_param: [ServiceNetMap, CephClusterNetwork]}
- ceph_public_network:
- get_attr:
- - NetIpMap
- - net_ip_map
- - str_replace:
- template: "NETWORK_subnet"
- params:
- NETWORK: {get_param: [ServiceNetMap, CephPublicNetwork]}
- ceph_public_ip: {get_attr: [NetIpMap, net_ip_map, {get_param: [ServiceNetMap, CephPublicNetwork]}]}
ironic_api_network: {get_attr: [NetIpMap, net_ip_map, {get_param: [ServiceNetMap, IronicApiNetwork]}]}
# Map heat metadata into hiera datafiles
@@ -529,8 +490,6 @@ resources:
- service_names
- controller
- swift_devices_and_proxy # provided by SwiftDevicesAndProxyConfig
- - ceph_cluster # provided by CephClusterConfig
- - ceph
- bootstrap_node # provided by BootstrapNodeConfig
- all_nodes # provided by allNodesConfig
- vip_data # provided by vip-config
@@ -542,6 +501,7 @@ resources:
- neutron_cisco_data # Optionally provided by ControllerExtraConfigPre
- cisco_n1kv_data # Optionally provided by ControllerExtraConfigPre
- midonet_data #Optionally provided by AllNodesExtraConfig
+ - cisco_aci_data # Optionally provided by ControllerExtraConfigPre
merge_behavior: deeper
datafiles:
service_names:
@@ -559,11 +519,6 @@ resources:
- {get_param: ControllerExtraConfig}
extraconfig:
mapped_data: {get_param: ExtraConfig}
- ceph:
- mapped_data:
- ceph::profile::params::cluster_network: {get_input: ceph_cluster_network}
- ceph::profile::params::public_network: {get_input: ceph_public_network}
- ceph::profile::params::public_addr: {get_input: ceph_public_ip}
controller:
mapped_data: # data supplied directly to this deployment configuration, etc
bootstack_nodeid: {get_input: bootstack_nodeid}
@@ -627,11 +582,8 @@ resources:
# Nova
nova::upgrade_level_compute: {get_input: upgrade_level_nova_compute}
nova::use_ipv6: {get_input: nova_ipv6}
- nova::api::auth_uri: {get_input: keystone_auth_uri}
- nova::api::identity_uri: {get_input: keystone_identity_uri}
nova::api::api_bind_address: {get_input: nova_api_network}
nova::api::metadata_listen: {get_input: nova_metadata_network}
- nova::api::admin_password: {get_input: nova_password}
nova::glance_api_servers: {get_input: glance_api_servers}
nova::api::neutron_metadata_proxy_shared_secret: {get_input: neutron_metadata_proxy_shared_secret}
nova::api::instance_name_template: {get_input: instance_name_template}
@@ -658,17 +610,7 @@ resources:
# Misc
memcached_ipv6: {get_input: memcached_ipv6}
memcached::listen_ip: {get_input: memcached_network}
- control_virtual_interface: {get_input: control_virtual_interface}
- public_virtual_interface: {get_input: public_virtual_interface}
- tripleo::keepalived::control_virtual_interface: {get_input: control_virtual_interface}
- tripleo::keepalived::public_virtual_interface: {get_input: public_virtual_interface}
- tripleo::haproxy::control_virtual_interface: {get_input: control_virtual_interface}
- tripleo::haproxy::public_virtual_interface: {get_input: public_virtual_interface}
- tripleo::haproxy::haproxy_log_address: {get_input: haproxy_log_address}
tripleo::haproxy::service_certificate: {get_attr: [NodeTLSData, deployed_ssl_certificate_path]}
- tripleo::haproxy::haproxy_stats_user: {get_input: haproxy_stats_user}
- tripleo::haproxy::haproxy_stats_password: {get_input: haproxy_stats_password}
- tripleo::haproxy::redis_password: {get_input: redis_password}
tripleo::packages::enable_upgrade: {get_input: enable_package_upgrade}
# Hook for site-specific additional pre-deployment config, e.g extra hieradata
@@ -785,7 +727,14 @@ outputs:
description: Swift device formatted for swift-ring-builder
value:
str_replace:
- template: 'r1z1-IP:%PORT%/d1'
+ template:
+ list_join:
+ - ','
+ - ['r1z1-IP:%PORT%/d1']
+ - repeat:
+ template: 'r1z1-IP:%PORT%/DEVICE'
+ for_each:
+ DEVICE: {get_param: SwiftRawDisks}
params:
IP:
get_attr:
diff --git a/puppet/services/aodh-api.yaml b/puppet/services/aodh-api.yaml
index b85cfe71..ae0f0c2d 100644
--- a/puppet/services/aodh-api.yaml
+++ b/puppet/services/aodh-api.yaml
@@ -37,7 +37,6 @@ outputs:
- get_attr: [AodhBase, role_data, config_settings]
- aodh::wsgi::apache::ssl: false
aodh::api::service_name: 'httpd'
- aodh::api::keystone_tenant: 'service'
- tripleo.aodh_api.firewall_rules:
'128 aodh-api':
dport:
diff --git a/puppet/services/aodh-base.yaml b/puppet/services/aodh-base.yaml
index 603b2d82..15f81953 100644
--- a/puppet/services/aodh-base.yaml
+++ b/puppet/services/aodh-base.yaml
@@ -82,9 +82,10 @@ outputs:
aodh::rabbit_password: {get_param: RabbitPassword}
aodh::rabbit_use_ssl: {get_param: RabbitClientUseSSL}
aodh::rabbit_port: {get_param: RabbitClientPort}
- aodh::api::keystone_password: {get_param: AodhPassword}
- aodh::api::keystone_auth_uri: {get_param: [EndpointMap, KeystoneInternal, uri] }
- aodh::api::keystone_identity_uri: { get_param: [EndpointMap, KeystoneAdmin, uri_no_suffix] }
+ aodh::keystone::authtoken::project_name: 'service'
+ aodh::keystone::authtoken::password: {get_param: AodhPassword}
+ aodh::keystone::authtoken::auth_uri: {get_param: [EndpointMap, KeystoneInternal, uri] }
+ aodh::keystone::authtoken::auth_url: { get_param: [EndpointMap, KeystoneAdmin, uri_no_suffix] }
aodh::auth::auth_password: {get_param: AodhPassword}
aodh::keystone::auth::public_url: {get_param: [EndpointMap, AodhPublic, uri]}
aodh::keystone::auth::internal_url: {get_param: [EndpointMap, AodhInternal, uri]}
diff --git a/puppet/services/ceilometer-api.yaml b/puppet/services/ceilometer-api.yaml
index b9f021e3..3a01a1f9 100644
--- a/puppet/services/ceilometer-api.yaml
+++ b/puppet/services/ceilometer-api.yaml
@@ -41,6 +41,5 @@ outputs:
dport:
- 8777
- 13777
- - ceilometer::api::keystone_tenant: 'service'
step_config: |
include ::tripleo::profile::base::ceilometer::api
diff --git a/puppet/services/ceilometer-base.yaml b/puppet/services/ceilometer-base.yaml
index 1a65a595..62fdd5c1 100644
--- a/puppet/services/ceilometer-base.yaml
+++ b/puppet/services/ceilometer-base.yaml
@@ -91,9 +91,10 @@ outputs:
ceilometer::metering_secret: {get_param: CeilometerMeteringSecret}
# we include db_sync class in puppet-tripleo
ceilometer::db::sync_db: false
- ceilometer::api::keystone_password: {get_param: CeilometerPassword}
- ceilometer::api::keystone_auth_uri: {get_param: [EndpointMap, KeystoneInternal, uri] }
- ceilometer::api::keystone_identity_uri: { get_param: [EndpointMap, KeystoneAdmin, uri_no_suffix] }
+ ceilometer::keystone::authtoken::project_name: 'service'
+ ceilometer::keystone::authtoken::password: {get_param: CeilometerPassword}
+ ceilometer::keystone::authtoken::auth_uri: {get_param: [EndpointMap, KeystoneInternal, uri] }
+ ceilometer::keystone::authtoken::auth_url: { get_param: [EndpointMap, KeystoneAdmin, uri_no_suffix] }
ceilometer::agent::auth::auth_password: {get_param: CeilometerPassword}
ceilometer::agent::auth::auth_url: {get_param: [EndpointMap, KeystoneInternal, uri_no_suffix] }
ceilometer::agent::notification::store_events: {get_param: CeilometerStoreEvents}
diff --git a/puppet/services/ceph-base.yaml b/puppet/services/ceph-base.yaml
index 415b77b6..4d98546d 100644
--- a/puppet/services/ceph-base.yaml
+++ b/puppet/services/ceph-base.yaml
@@ -4,7 +4,9 @@ description: >
Ceph base service. Shared by all Ceph services.
parameters:
+ # NOTE(gfidente): needs a default to cope with external Ceph deployments were we don't pass (and need) an Admin key
CephAdminKey:
+ default: ''
description: The Ceph admin client key. Can be created with ceph-authtool --gen-print-key.
type: string
hidden: true
@@ -77,6 +79,22 @@ outputs:
ceph::profile::params::manage_repo: false
ceph::profile::params::authentication_type: cephx
ceph::profile::params::fsid: {get_param: CephClusterFSID}
+ # NOTE: bind IP is found in Heat replacing the network name with the local node IP
+ # for the given network; replacement examples (eg. for internal_api):
+ # internal_api -> IP
+ # internal_api_uri -> [IP]
+ # internal_api_subnet - > IP/CIDR
+ ceph::profile::params::cluster_network:
+ str_replace:
+ template: "NETWORK_subnet"
+ params:
+ NETWORK: {get_param: [ServiceNetMap, CephClusterNetwork]}
+ ceph::profile::params::public_network:
+ str_replace:
+ template: "NETWORK_subnet"
+ params:
+ NETWORK: {get_param: [ServiceNetMap, CephPublicNetwork]}
+ ceph::profile::params::public_addr: {get_param: [ServiceNetMap, CephPublicNetwork]}
ceph::profile::params::client_keys:
str_replace:
template: "{
diff --git a/puppet/services/database/redis-base.yaml b/puppet/services/database/redis-base.yaml
index 301b2bb1..40711432 100644
--- a/puppet/services/database/redis-base.yaml
+++ b/puppet/services/database/redis-base.yaml
@@ -36,4 +36,3 @@ outputs:
redis::sentinel::master_name: '"%{hiera(\"bootstrap_nodeid\")}"'
redis::sentinel::redis_host: '"%{hiera(\"bootstrap_nodeid_ip\")}"'
redis::sentinel::notification_script: '/usr/local/bin/redis-notifications.sh'
- tripleo::loadbalancer::redis_password: {get_param: RedisPassword}
diff --git a/puppet/services/gnocchi-api.yaml b/puppet/services/gnocchi-api.yaml
index bc217743..cbf7e218 100644
--- a/puppet/services/gnocchi-api.yaml
+++ b/puppet/services/gnocchi-api.yaml
@@ -56,7 +56,6 @@ outputs:
- 8041
- 13041
gnocchi::api::enabled: true
- gnocchi::api::manage_service: false
gnocchi::api::service_name: 'httpd'
gnocchi::keystone::auth::admin_url: { get_param: [ EndpointMap, GnocchiAdmin, uri ] }
gnocchi::keystone::auth::internal_url: {get_param: [EndpointMap, GnocchiInternal, uri]}
diff --git a/puppet/services/gnocchi-base.yaml b/puppet/services/gnocchi-base.yaml
index ac5a17ca..9b9cafb8 100644
--- a/puppet/services/gnocchi-base.yaml
+++ b/puppet/services/gnocchi-base.yaml
@@ -85,7 +85,6 @@ outputs:
- {get_param: CephClientUserName}
- 'keyring'
#Gnocchi statsd
- gnocchi::statsd::manage_service: false
gnocchi::statsd::resource_id: '0a8b55df-f90f-491c-8cb9-7cdecec6fc26'
gnocchi::statsd::user_id: '27c0d3f8-e7ee-42f0-8317-72237d1c5ae3'
gnocchi::statsd::project_id: '6c38cd8d-099a-4cb2-aecf-17be688e8616'
diff --git a/puppet/services/gnocchi-metricd.yaml b/puppet/services/gnocchi-metricd.yaml
index df342ebd..205d0552 100644
--- a/puppet/services/gnocchi-metricd.yaml
+++ b/puppet/services/gnocchi-metricd.yaml
@@ -35,6 +35,5 @@ outputs:
config_settings:
map_merge:
- get_attr: [GnocchiServiceBase, role_data, config_settings]
- - gnocchi::metricd::manage_service: false
step_config: |
include ::tripleo::profile::base::gnocchi::metricd
diff --git a/puppet/services/gnocchi-statsd.yaml b/puppet/services/gnocchi-statsd.yaml
index b6e63bf3..018ad2b1 100644
--- a/puppet/services/gnocchi-statsd.yaml
+++ b/puppet/services/gnocchi-statsd.yaml
@@ -35,6 +35,5 @@ outputs:
config_settings:
map_merge:
- get_attr: [GnocchiServiceBase, role_data, config_settings]
- - gnocchi::statsd::manage_service: false
step_config: |
include ::tripleo::profile::base::gnocchi::statsd
diff --git a/puppet/services/haproxy.yaml b/puppet/services/haproxy.yaml
index 00574c2f..8ac669a9 100644
--- a/puppet/services/haproxy.yaml
+++ b/puppet/services/haproxy.yaml
@@ -18,6 +18,32 @@ parameters:
description: Mapping of service endpoint -> protocol. Typically set
via parameter_defaults in the resource registry.
type: json
+ HAProxyStatsPassword:
+ description: Password for HAProxy stats endpoint
+ hidden: true
+ type: string
+ HAProxyStatsUser:
+ description: User for HAProxy stats endpoint
+ default: admin
+ type: string
+ HAProxySyslogAddress:
+ default: /dev/log
+ description: Syslog address where HAproxy will send its log
+ type: string
+ RedisPassword:
+ description: The password for Redis
+ type: string
+ hidden: true
+ ControlVirtualInterface:
+ default: 'br-ex'
+ description: Interface where virtual ip will be assigned.
+ type: string
+ PublicVirtualInterface:
+ default: 'br-ex'
+ description: >
+ Specifies the interface where the public-facing virtual ip will be assigned.
+ This should be int_public when a VLAN is being used.
+ type: string
outputs:
role_data:
@@ -49,5 +75,11 @@ outputs:
tripleo::haproxy::heat_cloudwatch: true
tripleo::haproxy::heat_cfn: true
tripleo::haproxy::horizon: true
+ tripleo::haproxy::haproxy_log_address: {get_param: HAProxySyslogAddress}
+ tripleo::haproxy::haproxy_stats_user: {get_param: HAProxyStatsUser}
+ tripleo::haproxy::haproxy_stats_password: {get_param: HAProxyStatsPassword}
+ tripleo::haproxy::redis_password: {get_param: RedisPassword}
+ tripleo::haproxy::control_virtual_interface: {get_param: ControlVirtualInterface}
+ tripleo::haproxy::public_virtual_interface: {get_param: PublicVirtualInterface}
step_config: |
include ::tripleo::profile::base::haproxy
diff --git a/puppet/services/ironic-api.yaml b/puppet/services/ironic-api.yaml
index e185630e..6b494256 100644
--- a/puppet/services/ironic-api.yaml
+++ b/puppet/services/ironic-api.yaml
@@ -45,11 +45,11 @@ outputs:
# the TFTP server IP in ironic-conductor.yaml as it should not be
# the VIP, but rather a real IP of the controller.
- ironic::my_ip: {get_param: [EndpointMap, MysqlInternal, host]}
- ironic::api::admin_password: {get_param: IronicPassword}
- ironic::api::admin_tenant_name: 'service'
- ironic::api::admin_user: 'ironic'
- ironic::api::auth_uri: {get_param: [EndpointMap, KeystoneInternal, uri] }
- ironic::api::identity_uri: {get_param: [EndpointMap, KeystoneAdmin, uri_no_suffix]}
+ ironic::api::authtoken::password: {get_param: IronicPassword}
+ ironic::api::authtoken::project_name: 'service'
+ ironic::api::authtoken::username: 'ironic'
+ ironic::api::authtoken::auth_uri: {get_param: [EndpointMap, KeystoneInternal, uri] }
+ ironic::api::authtoken::auth_url: {get_param: [EndpointMap, KeystoneAdmin, uri_no_suffix]}
ironic::api::port: {get_param: [EndpointMap, IronicInternal, port]}
# This is used to build links in responses
ironic::api::public_endpoint: {get_param: [EndpointMap, IronicPublic, uri_no_suffix]}
diff --git a/puppet/services/keepalived.yaml b/puppet/services/keepalived.yaml
index c8c977c6..b783345b 100644
--- a/puppet/services/keepalived.yaml
+++ b/puppet/services/keepalived.yaml
@@ -18,11 +18,24 @@ parameters:
description: Mapping of service endpoint -> protocol. Typically set
via parameter_defaults in the resource registry.
type: json
+ ControlVirtualInterface:
+ default: 'br-ex'
+ description: Interface where virtual ip will be assigned.
+ type: string
+ PublicVirtualInterface:
+ default: 'br-ex'
+ description: >
+ Specifies the interface where the public-facing virtual ip will be assigned.
+ This should be int_public when a VLAN is being used.
+ type: string
outputs:
role_data:
description: Role data for the Keepalived role.
value:
service_name: keepalived
+ config_settings:
+ tripleo::keepalived::control_virtual_interface: {get_param: ControlVirtualInterface}
+ tripleo::keepalived::public_virtual_interface: {get_param: PublicVirtualInterface}
step_config: |
include ::tripleo::profile::base::keepalived
diff --git a/puppet/services/manila-api.yaml b/puppet/services/manila-api.yaml
index 8b456af5..633e75ba 100644
--- a/puppet/services/manila-api.yaml
+++ b/puppet/services/manila-api.yaml
@@ -43,9 +43,10 @@ outputs:
config_settings:
map_merge:
- get_attr: [ManilaBase, role_data, config_settings]
- - manila::api::keystone_password: {get_param: ManilaPassword}
- manila::api::keystone_auth_uri: {get_param: [EndpointMap, KeystoneInternal, uri]}
- manila::api::keystone_auth_host: {get_param: [EndpointMap, ManilaInternal, host]}
+ - manila::keystone::authtoken::password: {get_param: ManilaPassword}
+ manila::keystone::authtoken::auth_uri: {get_param: [EndpointMap, KeystoneInternal, uri]}
+ manila::keystone::authtoken::auth_url: { get_param: [EndpointMap, KeystoneAdmin, uri_no_suffix] }
+ manila::keystone::authtoken::project_name: 'service'
manila::keystone::auth::public_url: {get_param: [EndpointMap, ManilaV1Public, uri]}
manila::keystone::auth::internal_url: {get_param: [EndpointMap, ManilaV1Internal, uri]}
manila::keystone::auth::admin_url: {get_param: [EndpointMap, ManilaV1Admin, uri]}
@@ -54,7 +55,6 @@ outputs:
manila::keystone::auth::admin_url_v2: {get_param: [EndpointMap, ManilaAdmin, uri]}
manila::keystone::auth::password: {get_param: ManilaPassword }
manila::keystone::auth::region: {get_param: KeystoneRegion }
- manila::api::keystone_tenant: 'service'
step_config: |
include ::tripleo::profile::base::manila::api
diff --git a/puppet/services/neutron-dhcp.yaml b/puppet/services/neutron-dhcp.yaml
index ed2dbd0e..513cb2d4 100644
--- a/puppet/services/neutron-dhcp.yaml
+++ b/puppet/services/neutron-dhcp.yaml
@@ -18,10 +18,19 @@ parameters:
description: Mapping of service endpoint -> protocol. Typically set
via parameter_defaults in the resource registry.
type: json
+ NeutronEnableMetadataNetwork:
+ default: false
+ description: If True, DHCP provide metadata network. Requires either
+ IsolatedMetadata or ForceMetadata parameters to also be True.
+ type: boolean
NeutronEnableIsolatedMetadata:
- default: 'False'
+ default: false
description: If True, DHCP provide metadata route to VM.
- type: string
+ type: boolean
+ NeutronEnableForceMetadata:
+ default: false
+ description: If True, DHCP always provides metadata route to VM.
+ type: boolean
resources:
@@ -41,6 +50,8 @@ outputs:
map_merge:
- get_attr: [NeutronBase, role_data, config_settings]
- neutron::agents::dhcp::enable_isolated_metadata: {get_param: NeutronEnableIsolatedMetadata}
+ neutron::agents::dhcp::enable_force_metadata: {get_param: NeutronEnableForceMetadata}
+ neutron::agents::dhcp::enable_metadata_network: {get_param: NeutronEnableMetadataNetwork}
tripleo.neutron_dhcp.firewall_rules:
'115 neutron dhcp input':
proto: 'udp'
diff --git a/puppet/services/neutron-ovs-agent.yaml b/puppet/services/neutron-ovs-agent.yaml
index 2b653612..1b19f90f 100644
--- a/puppet/services/neutron-ovs-agent.yaml
+++ b/puppet/services/neutron-ovs-agent.yaml
@@ -48,6 +48,11 @@ parameters:
description: |
Enable support for distributed routing in the OVS Agent.
type: boolean
+ NeutronEnableARPResponder:
+ default: false
+ description: |
+ Enable ARP responder feature in the OVS Agent.
+ type: boolean
resources:
@@ -68,6 +73,7 @@ outputs:
- get_attr: [NeutronBase, role_data, config_settings]
neutron::agents::ml2::ovs::l2_population: {get_param: NeutronEnableL2Pop}
neutron::agents::ml2::ovs::enable_distributed_routing: {get_param: NeutronEnableDVR}
+ neutron::agents::ml2::ovs::arp_responder: {get_param: NeutronEnableARPResponder}
neutron::agents::ml2::ovs::bridge_mappings:
str_replace:
template: MAPPINGS
diff --git a/puppet/services/nova-api.yaml b/puppet/services/nova-api.yaml
index 143c0619..c2bd395e 100644
--- a/puppet/services/nova-api.yaml
+++ b/puppet/services/nova-api.yaml
@@ -61,7 +61,10 @@ outputs:
- 8774
- 13774
- 8775
- nova::api::admin_tenant_name: 'service'
+ nova::keystone::authtoken::project_name: 'service'
+ nova::keystone::authtoken::password: {get_param: NovaPassword}
+ nova::keystone::authtoken::auth_uri: {get_param: [EndpointMap, KeystoneInternal, uri] }
+ nova::keystone::authtoken::auth_url: {get_param: [EndpointMap, KeystoneAdmin, uri_no_suffix]}
nova::api::enabled: true
nova::api::default_floating_pool: 'public'
nova::api::sync_db_api: true
diff --git a/puppet/services/pacemaker/gnocchi-api.yaml b/puppet/services/pacemaker/gnocchi-api.yaml
index 1f6ed461..50bd3fa7 100644
--- a/puppet/services/pacemaker/gnocchi-api.yaml
+++ b/puppet/services/pacemaker/gnocchi-api.yaml
@@ -35,5 +35,7 @@ outputs:
config_settings:
map_merge:
- get_attr: [GnocchiServiceBase, role_data, config_settings]
+ - gnocchi::metricd::manage_service: false
+ gnocchi::metricd::enabled: false
step_config: |
include ::tripleo::profile::pacemaker::gnocchi::api
diff --git a/puppet/services/pacemaker/gnocchi-metricd.yaml b/puppet/services/pacemaker/gnocchi-metricd.yaml
index cea27e9a..0a6b03ea 100644
--- a/puppet/services/pacemaker/gnocchi-metricd.yaml
+++ b/puppet/services/pacemaker/gnocchi-metricd.yaml
@@ -36,6 +36,7 @@ outputs:
map_merge:
- get_attr: [GnocchiServiceBase, role_data, config_settings]
- gnocchi::metricd::manage_service: false
+ gnocchi::metricd::enabled: false
tripleo::profile::pacemaker::gnocchi::gnocchi_indexer_backend: {get_attr: [GnocchiServiceBase, aux_parameters, gnocchi_indexer_backend]}
step_config: |
diff --git a/puppet/services/pacemaker/gnocchi-statsd.yaml b/puppet/services/pacemaker/gnocchi-statsd.yaml
index 2e1531fc..12256d32 100644
--- a/puppet/services/pacemaker/gnocchi-statsd.yaml
+++ b/puppet/services/pacemaker/gnocchi-statsd.yaml
@@ -36,6 +36,7 @@ outputs:
map_merge:
- get_attr: [GnocchiServiceBase, role_data, config_settings]
- gnocchi::statsd::manage_service: false
+ gnocchi::statsd::enabled: false
tripleo::profile::pacemaker::gnocchi::gnocchi_indexer_backend: {get_attr: [GnocchiServiceBase, aux_parameters, gnocchi_indexer_backend]}
step_config: |
include ::tripleo::profile::pacemaker::gnocchi::statsd
diff --git a/puppet/services/swift-storage.yaml b/puppet/services/swift-storage.yaml
index 558f2752..664a701f 100644
--- a/puppet/services/swift-storage.yaml
+++ b/puppet/services/swift-storage.yaml
@@ -26,6 +26,10 @@ parameters:
default: false
description: Value of mount_check in Swift account/container/object -server.conf
type: boolean
+ SwiftRawDisks:
+ default: {}
+ description: 'A hash of additional raw devices to use as Swift backend (eg. {sdb: {}})'
+ type: json
# DEPRECATED options for compatibility with overcloud.yaml
# This should be removed and manipulation of the ControllerServices list
@@ -69,5 +73,6 @@ outputs:
swift::storage::all::account_pipeline:
- healthcheck
- account-server
+ swift::storage::disks: {get_param: SwiftRawDisks}
step_config: |
include ::tripleo::profile::base::swift::storage
diff --git a/puppet/swift-storage-post.yaml b/puppet/swift-storage-post.yaml
index 306a4d6e..859fad2c 100644
--- a/puppet/swift-storage-post.yaml
+++ b/puppet/swift-storage-post.yaml
@@ -36,6 +36,7 @@ resources:
enable_debug: {get_param: ConfigDebug}
enable_hiera: True
enable_facter: False
+ modulepath: /etc/puppet/modules:/opt/stack/puppet-modules:/usr/share/openstack-puppet/modules
inputs:
- name: step
outputs:
diff --git a/puppet/swift-storage.yaml b/puppet/swift-storage.yaml
index dc28ee76..1f3022b8 100644
--- a/puppet/swift-storage.yaml
+++ b/puppet/swift-storage.yaml
@@ -101,6 +101,10 @@ parameters:
type: string
description: Command which will be run whenever configuration data changes
default: os-refresh-config --timeout 14400
+ SwiftRawDisks:
+ default: {}
+ description: 'A hash of additional raw devices to use as Swift backend (eg. {sdb: {}})'
+ type: json
resources:
@@ -377,7 +381,14 @@ outputs:
description: Swift device formatted for swift-ring-builder
value:
str_replace:
- template: 'r1z1-IP:%PORT%/d1'
+ template:
+ list_join:
+ - ','
+ - ['r1z1-IP:%PORT%/d1']
+ - repeat:
+ template: 'r1z1-IP:%PORT%/DEVICE'
+ for_each:
+ DEVICE: {get_param: SwiftRawDisks}
params:
IP:
get_attr: