diff options
Diffstat (limited to 'puppet')
-rw-r--r-- | puppet/extraconfig/pre_deploy/controller/neutron-ml2-cisco-n1kv.yaml | 4 | ||||
-rw-r--r-- | puppet/puppet-steps.j2 | 18 | ||||
-rw-r--r-- | puppet/role.role.j2.yaml | 1 | ||||
-rw-r--r-- | puppet/services/apache.yaml | 6 | ||||
-rw-r--r-- | puppet/services/kernel.yaml | 8 | ||||
-rw-r--r-- | puppet/services/monitoring/sensu-client.yaml | 2 | ||||
-rw-r--r-- | puppet/services/network/contrail-vrouter.yaml | 2 | ||||
-rw-r--r-- | puppet/services/pacemaker.yaml | 2 | ||||
-rw-r--r-- | puppet/services/services.yaml | 11 | ||||
-rw-r--r-- | puppet/services/swift-ringbuilder.yaml | 10 |
10 files changed, 33 insertions, 31 deletions
diff --git a/puppet/extraconfig/pre_deploy/controller/neutron-ml2-cisco-n1kv.yaml b/puppet/extraconfig/pre_deploy/controller/neutron-ml2-cisco-n1kv.yaml index bca6010a..40b407bc 100644 --- a/puppet/extraconfig/pre_deploy/controller/neutron-ml2-cisco-n1kv.yaml +++ b/puppet/extraconfig/pre_deploy/controller/neutron-ml2-cisco-n1kv.yaml @@ -10,7 +10,7 @@ parameters: # Config specific parameters, to be provided via parameter_defaults N1000vVSMIP: type: string - default: '192.0.2.50' + default: '192.168.24.50' N1000vVSMDomainID: type: number default: 100 @@ -62,7 +62,7 @@ parameters: default: '255.255.255.0' N1000vMgmtGatewayIP: type: string - default: '192.0.2.1' + default: '192.168.24.1' N1000vPacemakerControl: type: boolean default: true diff --git a/puppet/puppet-steps.j2 b/puppet/puppet-steps.j2 index 86af6114..782a32c9 100644 --- a/puppet/puppet-steps.j2 +++ b/puppet/puppet-steps.j2 @@ -30,13 +30,6 @@ input_values: update_identifier: {get_param: DeployIdentifier} - {% if role.name in ['Controller', 'ObjectStorage'] %} - {{role.name}}SwiftRingDeploy: - type: OS::TripleO::Tasks::SwiftRingDeploy - properties: - servers: {get_param: [servers, {{role.name}}]} - {% endif %} - # Step through a series of configuration steps {% for step in range(1, 6) %} {{role.name}}Deployment_Step{{step}}: @@ -88,15 +81,4 @@ servers: {get_param: [servers, {{role.name}}]} input_values: update_identifier: {get_param: DeployIdentifier} - - {% if role.name in ['Controller', 'ObjectStorage'] %} - {{role.name}}SwiftRingUpdate: - type: OS::TripleO::Tasks::SwiftRingUpdate - depends_on: - {% for dep in roles %} - - {{dep.name}}Deployment_Step5 - {% endfor %} - properties: - servers: {get_param: [servers, {{role.name}}]} - {% endif %} {% endfor %} diff --git a/puppet/role.role.j2.yaml b/puppet/role.role.j2.yaml index 1f68f41f..9227b527 100644 --- a/puppet/role.role.j2.yaml +++ b/puppet/role.role.j2.yaml @@ -483,6 +483,7 @@ resources: type: OS::Heat::SoftwareDeployment depends_on: NetworkDeployment properties: + name: UpdateDeployment config: {get_resource: UpdateConfig} server: {get_resource: {{role}}} input_values: diff --git a/puppet/services/apache.yaml b/puppet/services/apache.yaml index 9bd282f8..6e53b1f7 100644 --- a/puppet/services/apache.yaml +++ b/puppet/services/apache.yaml @@ -77,13 +77,15 @@ outputs: - "%{hiera('apache_remote_proxy_ips_network')}" - generate_service_certificates: true + tripleo::certmonger::apache_dirs::certificate_dir: '/etc/pki/tls/certs/httpd' + tripleo::certmonger::apache_dirs::key_dir: '/etc/pki/tls/private/httpd' apache_certificates_specs: map_merge: repeat: template: httpd-NETWORK: - service_certificate: '/etc/pki/tls/certs/httpd-NETWORK.crt' - service_key: '/etc/pki/tls/private/httpd-NETWORK.key' + service_certificate: '/etc/pki/tls/certs/httpd/httpd-NETWORK.crt' + service_key: '/etc/pki/tls/private/httpd/httpd-NETWORK.key' hostname: "%{hiera('fqdn_NETWORK')}" principal: "HTTP/%{hiera('fqdn_NETWORK')}" for_each: diff --git a/puppet/services/kernel.yaml b/puppet/services/kernel.yaml index 94b15d4b..2a335b67 100644 --- a/puppet/services/kernel.yaml +++ b/puppet/services/kernel.yaml @@ -22,6 +22,10 @@ parameters: default: 1048576 description: Configures sysctl kernel.pid_max key type: number + KernelDisableIPv6: + default: 0 + description: Configures sysctl net.ipv6.{default/all}.disable_ipv6 keys + type: number outputs: role_data: @@ -57,6 +61,10 @@ outputs: value: 500000 net.netfilter.nf_conntrack_max: value: 500000 + net.ipv6.conf.default.disable_ipv6: + value: {get_param: KernelDisableIPv6} + net.ipv6.conf.all.disable_ipv6: + value: {get_param: KernelDisableIPv6} # prevent neutron bridges from autoconfiguring ipv6 addresses net.ipv6.conf.all.accept_ra: value: 0 diff --git a/puppet/services/monitoring/sensu-client.yaml b/puppet/services/monitoring/sensu-client.yaml index aba2b1ed..4b5f36ac 100644 --- a/puppet/services/monitoring/sensu-client.yaml +++ b/puppet/services/monitoring/sensu-client.yaml @@ -81,4 +81,4 @@ outputs: - name: Install sensu package if it was disabled tags: step3 yum: name=sensu state=latest - when: sensu_client.rc != 0 + when: sensu_client_enabled.rc != 0 diff --git a/puppet/services/network/contrail-vrouter.yaml b/puppet/services/network/contrail-vrouter.yaml index db9f0836..0cd1f829 100644 --- a/puppet/services/network/contrail-vrouter.yaml +++ b/puppet/services/network/contrail-vrouter.yaml @@ -27,7 +27,7 @@ parameters: description: vRouter physical interface type: string ContrailVrouterGateway: - default: '192.0.2.1' + default: '192.168.24.1' description: vRouter default gateway type: string ContrailVrouterNetmask: diff --git a/puppet/services/pacemaker.yaml b/puppet/services/pacemaker.yaml index 28fcbd6f..f7a0edf8 100644 --- a/puppet/services/pacemaker.yaml +++ b/puppet/services/pacemaker.yaml @@ -141,6 +141,8 @@ outputs: - name: Check pacemaker cluster running before upgrade tags: step0,validation pacemaker_cluster: state=online check_and_fail=true + async: 30 + poll: 4 - name: Stop pacemaker cluster tags: step2 pacemaker_cluster: state=offline diff --git a/puppet/services/services.yaml b/puppet/services/services.yaml index a2286d16..9820b431 100644 --- a/puppet/services/services.yaml +++ b/puppet/services/services.yaml @@ -90,14 +90,11 @@ outputs: # fluentd user. yaql: expression: > - set($.data.groups.flatten()).where($) + set(($.data.default + $.data.extra + $.data.role_data.where($ != null).select($.get('logging_groups'))).flatten()).where($) data: - groups: - - [{get_attr: [LoggingConfiguration, LoggingDefaultGroups]}] - - yaql: - expression: list($.data.role_data.where($ != null).select($.get('logging_groups')).where($ != null)) - data: {role_data: {get_attr: [ServiceChain, role_data]}} - - [{get_attr: [LoggingConfiguration, LoggingExtraGroups]}] + default: {get_attr: [LoggingConfiguration, LoggingDefaultGroups]} + extra: {get_attr: [LoggingConfiguration, LoggingExtraGroups]} + role_data: {get_attr: [ServiceChain, role_data]} config_settings: {map_merge: {get_attr: [ServiceChain, role_data, config_settings]}} global_config_settings: map_merge: diff --git a/puppet/services/swift-ringbuilder.yaml b/puppet/services/swift-ringbuilder.yaml index 2e3c818f..f62d5e18 100644 --- a/puppet/services/swift-ringbuilder.yaml +++ b/puppet/services/swift-ringbuilder.yaml @@ -42,6 +42,14 @@ parameters: default: true description: 'Use a local directory for Swift storage services when building rings' type: boolean + SwiftRingGetTempurl: + default: '' + description: A temporary Swift URL to download rings from. + type: string + SwiftRingPutTempurl: + default: '' + description: A temporary Swift URL to upload rings to. + type: string conditions: swift_use_local_dir: @@ -59,6 +67,8 @@ outputs: value: service_name: swift_ringbuilder config_settings: + tripleo::profile::base::swift::ringbuilder::swift_ring_get_tempurl: {get_param: SwiftRingGetTempurl} + tripleo::profile::base::swift::ringbuilder::swift_ring_put_tempurl: {get_param: SwiftRingPutTempurl} tripleo::profile::base::swift::ringbuilder::build_ring: {get_param: SwiftRingBuild} tripleo::profile::base::swift::ringbuilder::replicas: {get_param: SwiftReplicas} tripleo::profile::base::swift::ringbuilder::part_power: {get_param: SwiftPartPower} |