diff options
Diffstat (limited to 'puppet')
-rw-r--r-- | puppet/all-nodes-config.yaml | 171 | ||||
-rw-r--r-- | puppet/ceph-storage-puppet.yaml | 41 | ||||
-rw-r--r-- | puppet/cinder-storage-puppet.yaml | 24 | ||||
-rw-r--r-- | puppet/compute-puppet.yaml | 41 | ||||
-rw-r--r-- | puppet/controller-puppet.yaml | 158 | ||||
-rw-r--r-- | puppet/hieradata/common.yaml | 10 | ||||
-rw-r--r-- | puppet/hieradata/compute.yaml | 2 | ||||
-rw-r--r-- | puppet/hieradata/controller.yaml | 4 | ||||
-rw-r--r-- | puppet/manifests/overcloud_compute.pp | 1 | ||||
-rw-r--r-- | puppet/manifests/overcloud_controller.pp | 43 | ||||
-rw-r--r-- | puppet/manifests/overcloud_controller_pacemaker.pp | 153 | ||||
-rw-r--r-- | puppet/swift-storage-puppet.yaml | 47 | ||||
-rw-r--r-- | puppet/vip-config.yaml | 42 |
13 files changed, 598 insertions, 139 deletions
diff --git a/puppet/all-nodes-config.yaml b/puppet/all-nodes-config.yaml index 963835e9..c50d6820 100644 --- a/puppet/all-nodes-config.yaml +++ b/puppet/all-nodes-config.yaml @@ -16,6 +16,40 @@ parameters: type: comma_delimited_list controller_names: type: comma_delimited_list + rabbit_node_ips: + type: comma_delimited_list + mongo_node_ips: + type: comma_delimited_list + redis_node_ips: + type: comma_delimited_list + memcache_node_ips: + type: comma_delimited_list + mysql_node_ips: + type: comma_delimited_list + horizon_node_ips: + type: comma_delimited_list + heat_api_node_ips: + type: comma_delimited_list + swift_proxy_node_ips: + type: comma_delimited_list + ceilometer_api_node_ips: + type: comma_delimited_list + nova_api_node_ips: + type: comma_delimited_list + nova_metadata_node_ips: + type: comma_delimited_list + glance_api_node_ips: + type: comma_delimited_list + glance_registry_node_ips: + type: comma_delimited_list + cinder_api_node_ips: + type: comma_delimited_list + neutron_api_node_ips: + type: comma_delimited_list + keystone_public_api_node_ips: + type: comma_delimited_list + keystone_admin_api_node_ips: + type: comma_delimited_list resources: @@ -65,19 +99,136 @@ resources: SERVERS_LIST: list_join: - "','" - - {get_param: controller_ips} + - {get_param: rabbit_node_ips} mongo_node_ips: - list_join: - - ',' - - {get_param: controller_ips} + str_replace: + template: "['SERVERS_LIST']" + params: + SERVERS_LIST: + list_join: + - "','" + - {get_param: mongo_node_ips} redis_node_ips: - list_join: - - ',' - - {get_param: controller_ips} + str_replace: + template: "['SERVERS_LIST']" + params: + SERVERS_LIST: + list_join: + - "','" + - {get_param: redis_node_ips} memcache_node_ips: - list_join: - - ',' - - {get_param: controller_ips} + str_replace: + template: "['SERVERS_LIST']" + params: + SERVERS_LIST: + list_join: + - "','" + - {get_param: memcache_node_ips} + mysql_node_ips: + str_replace: + template: "['SERVERS_LIST']" + params: + SERVERS_LIST: + list_join: + - "','" + - {get_param: mysql_node_ips} + horizon_node_ips: + str_replace: + template: "['SERVERS_LIST']" + params: + SERVERS_LIST: + list_join: + - "','" + - {get_param: horizon_node_ips} + heat_api_node_ips: + str_replace: + template: "['SERVERS_LIST']" + params: + SERVERS_LIST: + list_join: + - "','" + - {get_param: heat_api_node_ips} + swift_proxy_node_ips: + str_replace: + template: "['SERVERS_LIST']" + params: + SERVERS_LIST: + list_join: + - "','" + - {get_param: swift_proxy_node_ips} + ceilometer_api_node_ips: + str_replace: + template: "['SERVERS_LIST']" + params: + SERVERS_LIST: + list_join: + - "','" + - {get_param: ceilometer_api_node_ips} + nova_api_node_ips: + str_replace: + template: "['SERVERS_LIST']" + params: + SERVERS_LIST: + list_join: + - "','" + - {get_param: nova_api_node_ips} + nova_metadata_node_ips: + str_replace: + template: "['SERVERS_LIST']" + params: + SERVERS_LIST: + list_join: + - "','" + - {get_param: nova_metadata_node_ips} + glance_api_node_ips: + str_replace: + template: "['SERVERS_LIST']" + params: + SERVERS_LIST: + list_join: + - "','" + - {get_param: glance_api_node_ips} + glance_registry_node_ips: + str_replace: + template: "['SERVERS_LIST']" + params: + SERVERS_LIST: + list_join: + - "','" + - {get_param: glance_registry_node_ips} + cinder_api_node_ips: + str_replace: + template: "['SERVERS_LIST']" + params: + SERVERS_LIST: + list_join: + - "','" + - {get_param: cinder_api_node_ips} + neutron_api_node_ips: + str_replace: + template: "['SERVERS_LIST']" + params: + SERVERS_LIST: + list_join: + - "','" + - {get_param: neutron_api_node_ips} + keystone_public_api_node_ips: + str_replace: + template: "['SERVERS_LIST']" + params: + SERVERS_LIST: + list_join: + - "','" + - {get_param: keystone_public_api_node_ips} + keystone_admin_api_node_ips: + str_replace: + template: "['SERVERS_LIST']" + params: + SERVERS_LIST: + list_join: + - "','" + - {get_param: keystone_admin_api_node_ips} + # NOTE(gfidente): interpolation with %{} in the # hieradata file can't be used as it returns string ceilometer::rabbit_hosts: *rabbit_nodes_array diff --git a/puppet/ceph-storage-puppet.yaml b/puppet/ceph-storage-puppet.yaml index 00dbca01..615533ee 100644 --- a/puppet/ceph-storage-puppet.yaml +++ b/puppet/ceph-storage-puppet.yaml @@ -28,6 +28,20 @@ parameters: default: 'false' description: Set to true to enable package installation via Puppet type: boolean + ServiceNetMap: + default: {} + description: Mapping of service_name -> network name. Typically set + via parameter_defaults in the resource registry. + type: json + UpdateIdentifier: + default: '' + type: string + description: > + Setting to a previously unused value during stack-update will trigger + package update on all nodes + Hostname: + type: string + default: '' # Defaults to Heat created hostname resources: CephStorage: @@ -41,6 +55,7 @@ resources: - network: ctlplane user_data_format: SOFTWARE_CONFIG user_data: {get_resource: NodeUserData} + name: {get_param: Hostname} NodeUserData: type: OS::TripleO::NodeUserData @@ -61,6 +76,12 @@ resources: StorageIpSubnet: {get_attr: [StoragePort, ip_subnet]} StorageMgmtIpSubnet: {get_attr: [StorageMgmtPort, ip_subnet]} + NetIpSubnetMap: + type: OS::TripleO::Network::Ports::NetIpMap + properties: + StorageIp: {get_attr: [StoragePort, ip_subnet]} + StorageMgmtIp: {get_attr: [StorageMgmtPort, ip_subnet]} + NetworkDeployment: type: OS::TripleO::SoftwareDeployment properties: @@ -79,6 +100,8 @@ resources: params: server: {get_param: NtpServer} enable_package_install: {get_param: EnablePackageInstall} + ceph_cluster_network: {get_attr: [NetIpSubnetMap, net_ip_map, {get_param: [ServiceNetMap, CephClusterNetwork]}]} + ceph_public_network: {get_attr: [NetIpSubnetMap, net_ip_map, {get_param: [ServiceNetMap, CephPublicNetwork]}]} CephStorageConfig: type: OS::Heat::StructuredConfig @@ -88,7 +111,6 @@ resources: hiera: hierarchy: - heat_config_%{::deploy_config_name} - - cephstorage - ceph_cluster # provided by CephClusterConfig - ceph - '"%{::osfamily}"' @@ -98,16 +120,29 @@ resources: raw_data: {get_file: hieradata/common.yaml} ceph: raw_data: {get_file: hieradata/ceph.yaml} - cephstorage: mapped_data: ntp::servers: {get_input: ntp_servers} enable_package_install: {get_input: enable_package_install} + ceph::profile::params::cluster_network: {get_input: ceph_cluster_network} + ceph::profile::params::public_network: {get_input: ceph_public_network} + + UpdateConfig: + type: OS::TripleO::Tasks::PackageUpdate + + UpdateDeployment: + type: OS::Heat::SoftwareDeployment + properties: + config: {get_resource: UpdateConfig} + server: {get_resource: CephStorage} + input_values: + update_identifier: + get_param: UpdateIdentifier outputs: hosts_entry: value: str_replace: - template: "IP HOST" + template: "IP HOST.localdomain HOST" params: IP: {get_attr: [CephStorage, networks, ctlplane, 0]} HOST: {get_attr: [CephStorage, name]} diff --git a/puppet/cinder-storage-puppet.yaml b/puppet/cinder-storage-puppet.yaml index b02fe065..88618e53 100644 --- a/puppet/cinder-storage-puppet.yaml +++ b/puppet/cinder-storage-puppet.yaml @@ -111,6 +111,15 @@ parameters: default: 'false' description: Set to true to enable package installation via Puppet type: boolean + UpdateIdentifier: + default: '' + type: string + description: > + Setting to a previously unused value during stack-update will trigger + package update on all nodes + Hostname: + type: string + default: '' # Defaults to Heat created hostname resources: BlockStorage: @@ -124,6 +133,7 @@ resources: - network: ctlplane user_data_format: SOFTWARE_CONFIG user_data: {get_resource: NodeUserData} + name: {get_param: Hostname} NodeUserData: type: OS::TripleO::NodeUserData @@ -221,11 +231,23 @@ resources: snmpd_readonly_user_name: {get_input: snmpd_readonly_user_name} snmpd_readonly_user_password: {get_input: snmpd_readonly_user_password} + UpdateConfig: + type: OS::TripleO::Tasks::PackageUpdate + + UpdateDeployment: + type: OS::Heat::SoftwareDeployment + properties: + config: {get_resource: UpdateConfig} + server: {get_resource: BlockStorage} + input_values: + update_identifier: + get_param: UpdateIdentifier + outputs: hosts_entry: value: str_replace: - template: "IP HOST" + template: "IP HOST.localdomain HOST" params: IP: {get_attr: [BlockStorage, networks, ctlplane, 0]} HOST: {get_attr: [BlockStorage, name]} diff --git a/puppet/compute-puppet.yaml b/puppet/compute-puppet.yaml index 6d843e54..ed897a43 100644 --- a/puppet/compute-puppet.yaml +++ b/puppet/compute-puppet.yaml @@ -132,7 +132,7 @@ parameters: The Neutron ML2 and OpenVSwitch vlan mapping range to support. See the Neutron documentation for permitted values. Defaults to permitting any VLAN on the 'datacentre' physical network (See NeutronBridgeMappings). - type: string + type: comma_delimited_list NeutronPassword: default: unset description: The password for the neutron service account, used by neutron agents. @@ -252,6 +252,15 @@ parameters: description: Mapping of service_name -> network name. Typically set via parameter_defaults in the resource registry. type: json + UpdateIdentifier: + default: '' + type: string + description: > + Setting to a previously unused value during stack-update will trigger + package update on all nodes + Hostname: + type: string + default: '' # Defaults to Heat created hostname resources: @@ -268,6 +277,7 @@ resources: - network: ctlplane user_data_format: SOFTWARE_CONFIG user_data: {get_resource: NodeUserData} + name: {get_param: Hostname} NodeUserData: type: OS::TripleO::NodeUserData @@ -331,8 +341,6 @@ resources: raw_data: {get_file: hieradata/ceph.yaml} compute: raw_data: {get_file: hieradata/compute.yaml} - oac_data: - nova::compute::vncserver_proxyclient_address: local-ipv4 mapped_data: nova::debug: {get_input: debug} nova::rabbit_userid: {get_input: rabbit_username} @@ -345,6 +353,7 @@ resources: nova::compute::vncproxy_host: {get_input: nova_public_ip} nova_enable_rbd_backend: {get_input: nova_enable_rbd_backend} nova_password: {get_input: nova_password} + nova::compute::vncserver_proxyclient_address: {get_input: nova_vnc_proxyclient_address} ceilometer::debug: {get_input: debug} ceilometer::rabbit_userid: {get_input: rabbit_username} ceilometer::rabbit_password: {get_input: rabbit_password} @@ -368,7 +377,7 @@ resources: neutron_tenant_network_type: {get_input: neutron_tenant_network_type} neutron_tunnel_types: {get_input: neutron_tunnel_types} - neutron::network_vlan_ranges: {get_input: neutron_network_vlan_ranges} + neutron::plugins::ml2::network_vlan_ranges: {get_input: neutron_network_vlan_ranges} neutron_bridge_mappings: {get_input: neutron_bridge_mappings} neutron::agents::ml2::ovs::enable_tunneling: {get_input: neutron_enable_tunneling} neutron_physical_bridge: {get_input: neutron_physical_bridge} @@ -399,6 +408,7 @@ resources: nova_api_host: {get_param: NovaApiHost} nova_password: {get_param: NovaPassword} nova_enable_rbd_backend: {get_param: NovaEnableRbdBackend} + nova_vnc_proxyclient_address: {get_attr: [NetIpMap, net_ip_map, {get_param: [ServiceNetMap, NovaVncProxyNetwork]}]} ceilometer_metering_secret: {get_param: CeilometerMeteringSecret} ceilometer_password: {get_param: CeilometerPassword} ceilometer_compute_agent: {get_param: CeilometerComputeAgent} @@ -423,7 +433,14 @@ resources: neutron_local_ip: {get_attr: [NetIpMap, net_ip_map, {get_param: [ServiceNetMap, NeutronLocalIp]}]} neutron_tenant_network_type: {get_param: NeutronNetworkType} neutron_tunnel_types: {get_param: NeutronTunnelTypes} - neutron_network_vlan_ranges: {get_param: NeutronNetworkVLANRanges} + neutron_network_vlan_ranges: + str_replace: + template: "['RANGES']" + params: + RANGES: + list_join: + - "','" + - {get_param: NeutronNetworkVLANRanges} neutron_bridge_mappings: {get_param: NeutronBridgeMappings} neutron_enable_tunneling: {get_param: NeutronEnableTunnelling} neutron_physical_bridge: {get_param: NeutronPhysicalBridge} @@ -458,6 +475,18 @@ resources: server: {get_param: NtpServer} enable_package_install: {get_param: EnablePackageInstall} + UpdateConfig: + type: OS::TripleO::Tasks::PackageUpdate + + UpdateDeployment: + type: OS::Heat::SoftwareDeployment + properties: + config: {get_resource: UpdateConfig} + server: {get_resource: NovaCompute} + input_values: + update_identifier: + get_param: UpdateIdentifier + outputs: ip_address: description: IP address of the server in the ctlplane network @@ -479,7 +508,7 @@ outputs: Server's IP address and hostname in the /etc/hosts format value: str_replace: - template: "IP HOST" + template: "IP HOST.localdomain HOST" params: IP: {get_attr: [NovaCompute, networks, ctlplane, 0]} HOST: {get_attr: [NovaCompute, name]} diff --git a/puppet/controller-puppet.yaml b/puppet/controller-puppet.yaml index 31fe8665..67a11f00 100644 --- a/puppet/controller-puppet.yaml +++ b/puppet/controller-puppet.yaml @@ -49,6 +49,11 @@ parameters: description: The password for the cinder service and db account, used by cinder-api. type: string hidden: true + CinderBackendConfig: + default: {} + description: Contains parameters to configure Cinder backends. Typically + set via parameter_defaults in the resource registry. + type: json CloudName: default: '' description: The DNS name of this cloud. E.g. ci-overcloud.tripleo.org @@ -71,11 +76,6 @@ parameters: default: true description: Whether to use Galera instead of regular MariaDB. type: boolean - EnablePacemaker: - default: false - description: If enabled services will be monitored by Pacemaker; it - will manage VIPs as well, in place of Keepalived. - type: boolean EnableCephStorage: default: false description: Whether to deploy Ceph Storage (OSD) on the Controller @@ -244,7 +244,7 @@ parameters: default: 'dvr_snat' description: Agent mode for the neutron-l3-agent on the controller hosts type: string - NeutronL3HA: #FIXME this isn't wired in + NeutronL3HA: default: 'False' description: Whether to enable l3-agent HA type: string @@ -287,7 +287,7 @@ parameters: The Neutron ML2 and OpenVSwitch vlan mapping range to support. See the Neutron documentation for permitted values. Defaults to permitting any VLAN on the 'datacentre' physical network (See NeutronBridgeMappings). - type: string + type: comma_delimited_list NeutronPassword: default: unset description: The password for the neutron service and db account, used by neutron agents. @@ -342,7 +342,7 @@ parameters: Specifies the interface where the public-facing virtual ip will be assigned. This should be int_public when a VLAN is being used. type: string - PublicVirtualIP: + PublicVirtualIP: # DEPRECATED: use per service settings instead type: string default: '' # Has to be here because of the ignored empty value bug RabbitCookie: @@ -368,6 +368,9 @@ parameters: default: 5672 description: Set rabbit subscriber port, change this if using SSL type: number + RedisVirtualIP: + type: string + default: '' # Has to be here because of the ignored empty value bug SnmpdReadonlyUserName: default: ro_snmp_user description: The user name for SNMPd with readonly rights running on all Overcloud nodes @@ -419,9 +422,24 @@ parameters: type: number default: 3 description: How many replicas to use in the swift rings. - VirtualIP: + VirtualIP: # DEPRECATED: use per service settings instead type: string default: '' # Has to be here because of the ignored empty value bug + HeatApiVirtualIP: + type: string + default: '' + GlanceApiVirtualIP: + type: string + default: '' + MysqlVirtualIP: + type: string + default: '' + KeystonePublicApiVirtualIP: + type: string + default: '' + NeutronApiVirtualIP: + type: string + default: '' EnablePackageInstall: default: 'false' description: Set to true to enable package installation via Puppet @@ -431,6 +449,15 @@ parameters: description: Mapping of service_name -> network name. Typically set via parameter_defaults in the resource registry. type: json + UpdateIdentifier: + default: '' + type: string + description: > + Setting to a previously unused value during stack-update will trigger + package update on all nodes + Hostname: + type: string + default: '' # Defaults to Heat created hostname resources: @@ -445,6 +472,7 @@ resources: - network: ctlplane user_data_format: SOFTWARE_CONFIG user_data: {get_resource: NodeUserData} + name: {get_param: Hostname} NodeUserData: type: OS::TripleO::NodeUserData @@ -483,6 +511,15 @@ resources: StorageMgmtIp: {get_attr: [StorageMgmtPort, ip_address]} TenantIp: {get_attr: [TenantPort, ip_address]} + NetIpSubnetMap: + type: OS::TripleO::Network::Ports::NetIpMap + properties: + ExternalIp: {get_attr: [ExternalPort, ip_subnet]} + InternalApiIp: {get_attr: [InternalApiPort, ip_subnet]} + StorageIp: {get_attr: [StoragePort, ip_subnet]} + StorageMgmtIp: {get_attr: [StorageMgmtPort, ip_subnet]} + TenantIp: {get_attr: [TenantPort, ip_subnet]} + NetworkConfig: type: OS::TripleO::Controller::Net::SoftwareConfig properties: @@ -509,25 +546,24 @@ resources: server: {get_resource: Controller} input_values: bootstack_nodeid: {get_attr: [Controller, name]} - controller_virtual_ip: {get_param: VirtualIP} neutron_enable_tunneling: {get_param: NeutronEnableTunnelling} heat.watch_server_url: list_join: - '' - - 'http://' - - {get_param: VirtualIP} + - {get_param: HeatApiVirtualIP} - ':8003' heat.metadata_server_url: list_join: - '' - - 'http://' - - {get_param: VirtualIP} + - {get_param: HeatApiVirtualIP} - ':8000' heat.waitcondition_server_url: list_join: - '' - - 'http://' - - {get_param: VirtualIP} + - {get_param: HeatApiVirtualIP} - ':8000/v1/waitcondition' heat_auth_encryption_key: {get_param: HeatAuthEncryptionKey} horizon_secret: {get_param: HorizonSecret} @@ -540,19 +576,18 @@ resources: cinder_password: {get_param: CinderPassword} cinder_enable_iscsi_backend: {get_param: CinderEnableIscsiBackend} cinder_iscsi_helper: {get_param: CinderISCSIHelper} + cinder_backend_config: {get_param: CinderBackendConfig} cinder_dsn: list_join: - '' - - 'mysql://cinder:' - {get_param: CinderPassword} - '@' - - {get_param: VirtualIP} + - {get_param: MysqlVirtualIP} - '/cinder' glance_port: {get_param: GlancePort} - glance_protocol: {get_param: GlanceProtocol} glance_password: {get_param: GlancePassword} glance_backend: {get_param: GlanceBackend} - glance_swift_store_auth_address: {list_join: ['', ['http://', {get_param: VirtualIP} , ':5000/v2.0']]} glance_notifier_strategy: {get_param: GlanceNotifierStrategy} glance_log_file: {get_param: GlanceLogFile} glance_dsn: @@ -561,7 +596,7 @@ resources: - - 'mysql://glance:' - {get_param: GlancePassword} - '@' - - {get_param: VirtualIP} + - {get_param: MysqlVirtualIP} - '/glance' heat_password: {get_param: HeatPassword} heat_stack_domain_admin_password: {get_param: HeatStackDomainAdminPassword} @@ -571,8 +606,9 @@ resources: - - 'mysql://heat:' - {get_param: HeatPassword} - '@' - - {get_param: VirtualIP} + - {get_param: MysqlVirtualIP} - '/heat' + keystone_auth_address: {list_join: ['', ['http://', {get_param: KeystonePublicApiVirtualIP} , ':5000/v2.0']]} keystone_ca_certificate: {get_param: KeystoneCACertificate} keystone_signing_key: {get_param: KeystoneSigningKey} keystone_signing_certificate: {get_param: KeystoneSigningCertificate} @@ -584,19 +620,19 @@ resources: - - 'mysql://keystone:' - {get_param: AdminToken} - '@' - - {get_param: VirtualIP} + - {get_param: MysqlVirtualIP} - '/keystone' keystone_identity_uri: list_join: - '' - - 'http://' - - {get_param: VirtualIP} + - {get_param: KeystonePublicApiVirtualIP} - ':35357/' keystone_auth_uri: list_join: - '' - - 'http://' - - {get_param: VirtualIP} + - {get_param: KeystonePublicApiVirtualIP} - ':5000/v2.0/' enable_galera: {get_param: EnableGalera} enable_ceph_storage: {get_param: EnableCephStorage} @@ -615,7 +651,14 @@ resources: neutron_mechanism_drivers: {get_param: NeutronMechanismDrivers} neutron_allow_l3agent_failover: {get_param: NeutronAllowL3AgentFailover} neutron_l3_ha: {get_param: NeutronL3HA} - neutron_network_vlan_ranges: {get_param: NeutronNetworkVLANRanges} + neutron_network_vlan_ranges: + str_replace: + template: "['RANGES']" + params: + RANGES: + list_join: + - "','" + - {get_param: NeutronNetworkVLANRanges} neutron_bridge_mappings: {get_param: NeutronBridgeMappings} neutron_public_interface: {get_param: NeutronPublicInterface} neutron_public_interface_raw_device: {get_param: NeutronPublicInterfaceRawDevice} @@ -631,19 +674,19 @@ resources: - - 'mysql://neutron:' - {get_param: NeutronPassword} - '@' - - {get_param: VirtualIP} + - {get_param: MysqlVirtualIP} - '/ovs_neutron?charset=utf8' neutron_url: list_join: - '' - - 'http://' - - {get_param: VirtualIP} + - {get_param: NeutronApiVirtualIP} - ':9696' neutron_admin_auth_url: list_join: - '' - - 'http://' - - {get_param: VirtualIP} + - {get_param: KeystonePublicApiVirtualIP} - ':35357/v2.0' ceilometer_backend: {get_param: CeilometerBackend} ceilometer_metering_secret: {get_param: CeilometerMeteringSecret} @@ -652,7 +695,7 @@ resources: list_join: - '' - - 'mysql://ceilometer:unset@' - - {get_param: VirtualIP} + - {get_param: MysqlVirtualIP} - '/ceilometer' snmpd_readonly_user_name: {get_param: SnmpdReadonlyUserName} snmpd_readonly_user_password: {get_param: SnmpdReadonlyUserPassword} @@ -663,7 +706,7 @@ resources: - - 'mysql://nova:' - {get_param: NovaPassword} - '@' - - {get_param: VirtualIP} + - {get_param: MysqlVirtualIP} - '/nova' pcsd_password: {get_param: PcsdPassword} rabbit_username: {get_param: RabbitUserName} @@ -678,7 +721,6 @@ resources: server: {get_param: NtpServer} control_virtual_interface: {get_param: ControlVirtualInterface} public_virtual_interface: {get_param: PublicVirtualInterface} - public_virtual_ip: {get_param: PublicVirtualIP} swift_hash_suffix: {get_param: SwiftHashSuffix} swift_password: {get_param: SwiftPassword} swift_part_power: {get_param: SwiftPartPower} @@ -692,9 +734,15 @@ resources: cinder_api_network: {get_attr: [NetIpMap, net_ip_map, {get_param: [ServiceNetMap, CinderApiNetwork]}]} glance_api_network: {get_attr: [NetIpMap, net_ip_map, {get_param: [ServiceNetMap, GlanceApiNetwork]}]} glance_registry_network: {get_attr: [NetIpMap, net_ip_map, {get_param: [ServiceNetMap, GlanceRegistryNetwork]}]} + glance_api_servers: + list_join: + - '' + - - {get_param: GlanceProtocol} + - '://' + - {get_param: GlanceApiVirtualIP} + - ':' + - {get_param: GlancePort} heat_api_network: {get_attr: [NetIpMap, net_ip_map, {get_param: [ServiceNetMap, HeatApiNetwork]}]} - heat_api_cloudwatch_network: {get_attr: [NetIpMap, net_ip_map, {get_param: [ServiceNetMap, HeatApiCloudwatchNetwork]}]} - heat_api_cfn_network: {get_attr: [NetIpMap, net_ip_map, {get_param: [ServiceNetMap, HeatApiCfnNetwork]}]} keystone_public_api_network: {get_attr: [NetIpMap, net_ip_map, {get_param: [ServiceNetMap, KeystonePublicApiNetwork]}]} keystone_admin_api_network: {get_attr: [NetIpMap, net_ip_map, {get_param: [ServiceNetMap, KeystoneAdminApiNetwork]}]} mongo_db_network: {get_attr: [NetIpMap, net_ip_map, {get_param: [ServiceNetMap, MongoDbNetwork]}]} @@ -706,8 +754,12 @@ resources: horizon_network: {get_attr: [NetIpMap, net_ip_map, {get_param: [ServiceNetMap, HorizonNetwork]}]} rabbitmq_network: {get_attr: [NetIpMap, net_ip_map, {get_param: [ServiceNetMap, RabbitMqNetwork]}]} redis_network: {get_attr: [NetIpMap, net_ip_map, {get_param: [ServiceNetMap, RedisNetwork]}]} + redis_vip: {get_param: RedisVirtualIP} memcached_network: {get_attr: [NetIpMap, net_ip_map, {get_param: [ServiceNetMap, MemcachedNetwork]}]} mysql_network: {get_attr: [NetIpMap, net_ip_map, {get_param: [ServiceNetMap, MysqlNetwork]}]} + ceph_cluster_network: {get_attr: [NetIpSubnetMap, net_ip_map, {get_param: [ServiceNetMap, CephClusterNetwork]}]} + ceph_public_network: {get_attr: [NetIpSubnetMap, net_ip_map, {get_param: [ServiceNetMap, CephPublicNetwork]}]} + ceph_public_ip: {get_attr: [NetIpMap, net_ip_map, {get_param: [ServiceNetMap, CephPublicNetwork]}]} # Map heat metadata into hiera datafiles ControllerConfig: @@ -725,6 +777,7 @@ resources: - ceph - bootstrap_node # provided by BootstrapNodeConfig - all_nodes # provided by allNodesConfig + - vip_data # provided by vip-config - '"%{::osfamily}"' - common datafiles: @@ -732,6 +785,10 @@ resources: raw_data: {get_file: hieradata/common.yaml} ceph: raw_data: {get_file: hieradata/ceph.yaml} + mapped_data: + ceph::profile::params::cluster_network: {get_input: ceph_cluster_network} + ceph::profile::params::public_network: {get_input: ceph_public_network} + ceph::mon::public_addr: {get_input: ceph_public_ip} object: raw_data: {get_file: hieradata/object.yaml} controller: @@ -774,6 +831,8 @@ resources: cinder::rabbit_port: {get_input: rabbit_client_port} cinder::debug: {get_input: debug} cinder_enable_iscsi_backend: {get_input: cinder_enable_iscsi_backend} + cinder::glance::glance_api_servers: {get_input: glance_api_servers} + cinder_backend_config: {get_input: CinderBackendConfig} # Glance glance::api::bind_port: {get_input: glance_port} @@ -783,9 +842,6 @@ resources: glance::api::registry_host: {get_input: glance_registry_network} glance::api::keystone_password: {get_input: glance_password} glance::api::debug: {get_input: debug} - # used to construct glance_api_servers - glance_port: {get_input: glance_port} - glance_protocol: {get_input: glance_protocol} glance_notifier_strategy: {get_input: glance_notifier_strategy} glance_log_file: {get_input: glance_log_file} glance_log_file: {get_input: glance_log_file} @@ -796,7 +852,7 @@ resources: glance::registry::auth_uri: {get_input: keystone_auth_uri} glance::registry::identity_uri: {get_input: keystone_identity_uri} glance::registry::debug: {get_input: debug} - glance::backend::swift::swift_store_auth_address: {get_input: glance_swift_store_auth_address} + glance::backend::swift::swift_store_auth_address: {get_input: keystone_auth_address} glance::backend::swift::swift_store_user: service:glance glance::backend::swift::swift_store_key: {get_input: glance_password} glance_backend: {get_input: glance_backend} @@ -815,8 +871,8 @@ resources: heat::identity_uri: {get_input: keystone_identity_uri} heat::keystone_password: {get_input: heat_password} heat::api::bind_host: {get_input: heat_api_network} - heat::api_cloudwatch::bind_host: {get_input: heat_api_cloudwatch_network} - heat::api_cfn::bind_host: {get_input: heat_api_cfn_network} + heat::api_cloudwatch::bind_host: {get_input: heat_api_network} + heat::api_cfn::bind_host: {get_input: heat_api_network} heat::database_connection: {get_input: heat_dsn} heat::instance_user: heat-admin heat::debug: {get_input: debug} @@ -858,11 +914,11 @@ resources: neutron::agents::ml2::ovs::local_ip: {get_input: neutron_local_ip} neutron_flat_networks: {get_input: neutron_flat_networks} neutron::agents::metadata::shared_secret: {get_input: neutron_metadata_proxy_shared_secret} - neutron::agents::metadata::metadata_ip: {get_input: controller_virtual_ip} + neutron::agents::metadata::metadata_ip: {get_input: neutron_api_network} neutron_agent_mode: {get_input: neutron_agent_mode} neutron_router_distributed: {get_input: neutron_router_distributed} neutron_mechanism_drivers: {get_input: neutron_mechanism_drivers} - neutron_allow_l3agent_failover: {get_input: neutron_allow_l3agent_failover} + neutron::server::allow_automatic_l3agent_failover: {get_input: neutron_allow_l3agent_failover} neutron::server::l3_ha: {get_input: neutron_l3_ha} neutron::plugins::ml2::network_vlan_ranges: {get_input: neutron_network_vlan_ranges} neutron_bridge_mappings: {get_input: neutron_bridge_mappings} @@ -876,6 +932,7 @@ resources: neutron::agents::metadata::auth_password: {get_input: neutron_password} neutron_dnsmasq_options: {get_input: neutron_dnsmasq_options} neutron_dsn: {get_input: neutron_dsn} + neutron::agents::metadata::auth_url: {get_input: keystone_identity_uri} # Ceilometer ceilometer_backend: {get_input: ceilometer_backend} @@ -891,6 +948,7 @@ resources: ceilometer::api::keystone_auth_uri: {get_input: keystone_auth_uri} ceilometer::api::keystone_identity_uri: {get_input: keystone_identity_uri} ceilometer::agent::auth::auth_password: {get_input: ceilometer_password} + ceilometer::agent::auth::auth_url: {get_input: keystone_auth_address} snmpd_readonly_user_name: {get_input: snmpd_readonly_user_name} snmpd_readonly_user_password: {get_input: snmpd_readonly_user_password} @@ -906,6 +964,7 @@ resources: nova::api::metadata_listen: {get_input: nova_metadata_network} nova::api::admin_password: {get_input: nova_password} nova::database_connection: {get_input: nova_dsn} + nova::glance_api_servers: {get_input: glance_api_servers} nova::api::neutron_metadata_proxy_shared_secret: {get_input: neutron_metadata_proxy_shared_secret} nova::network::neutron::neutron_admin_password: {get_input: neutron_password} nova::network::neutron::neutron_url: {get_input: neutron_url} @@ -922,20 +981,29 @@ resources: rabbitmq::erlang_cookie: {get_input: rabbit_cookie} # Redis redis::bind: {get_input: redis_network} + redis_vip: {get_input: redis_vip} # Misc memcached::listen_ip: {get_input: memcached_network} neutron_public_interface_ip: {get_input: neutron_public_interface_ip} ntp::servers: {get_input: ntp_servers} control_virtual_interface: {get_input: control_virtual_interface} - controller_virtual_ip: {get_input: controller_virtual_ip} public_virtual_interface: {get_input: public_virtual_interface} - public_virtual_ip: {get_input: public_virtual_ip} tripleo::loadbalancer::control_virtual_interface: {get_input: control_virtual_interface} - tripleo::loadbalancer::controller_virtual_ip: {get_input: controller_virtual_ip} tripleo::loadbalancer::public_virtual_interface: {get_input: public_virtual_interface} - tripleo::loadbalancer::public_virtual_ip: {get_input: public_virtual_ip} enable_package_install: {get_input: enable_package_install} + UpdateConfig: + type: OS::TripleO::Tasks::PackageUpdate + + UpdateDeployment: + type: OS::Heat::SoftwareDeployment + properties: + config: {get_resource: UpdateConfig} + server: {get_resource: Controller} + input_values: + update_identifier: + get_param: UpdateIdentifier + outputs: ip_address: description: IP address of the server in the ctlplane network @@ -970,7 +1038,7 @@ outputs: Server's IP address and hostname in the /etc/hosts format value: str_replace: - template: IP HOST CLOUDNAME + template: IP HOST.localdomain HOST CLOUDNAME params: IP: {get_attr: [Controller, networks, ctlplane, 0]} HOST: {get_attr: [Controller, name]} @@ -985,11 +1053,11 @@ outputs: str_replace: template: 'r1z1-IP:%PORT%/d1' params: - IP: {get_attr: [Controller, networks, ctlplane, 0]} + IP: {get_attr: [NetIpMap, net_ip_map, {get_param: [ServiceNetMap, SwiftMgmtNetwork]}]} swift_proxy_memcache: description: Swift proxy-memcache value value: str_replace: template: "IP:11211" params: - IP: {get_attr: [Controller, networks, ctlplane, 0]} + IP: {get_attr: [NetIpMap, net_ip_map, {get_param: [ServiceNetMap, MemcachedNetwork]}]} diff --git a/puppet/hieradata/common.yaml b/puppet/hieradata/common.yaml index c15d43ea..40c44aef 100644 --- a/puppet/hieradata/common.yaml +++ b/puppet/hieradata/common.yaml @@ -13,6 +13,16 @@ nova::network::neutron::vif_plugging_is_fatal: false nova::network::neutron::vif_plugging_timeout: 30 nova::network::neutron::dhcp_domain: '' +neutron::plugins::ml2::tunnel_id_ranges: + - '1:1000' +neutron::plugins::ml2::vni_ranges: + - '1:1000' +neutron::plugins::ml2::type_drivers: + - flat + - gre + - vxlan + - vlan + sysctl_settings: net.ipv4.tcp_keepalive_intvl: value: 1 diff --git a/puppet/hieradata/compute.yaml b/puppet/hieradata/compute.yaml index a72c4850..4915d3c8 100644 --- a/puppet/hieradata/compute.yaml +++ b/puppet/hieradata/compute.yaml @@ -15,6 +15,4 @@ nova::compute::rbd::rbd_keyring: 'client.openstack' nova::compute::rbd::libvirt_images_rbd_pool: 'vms' nova::compute::rbd::libvirt_rbd_secret_uuid: "%{hiera('ceph::profile::params::fsid')}" -neutron::plugins::ml2::tunnel_id_ranges: ['1:1000'] - ceilometer::agent::auth::auth_tenant_name: 'service' diff --git a/puppet/hieradata/controller.yaml b/puppet/hieradata/controller.yaml index 4f46c7fb..99ec0e91 100644 --- a/puppet/hieradata/controller.yaml +++ b/puppet/hieradata/controller.yaml @@ -67,8 +67,6 @@ neutron::core_plugin: 'ml2' neutron::service_plugins: - 'neutron.services.l3_router.l3_router_plugin.L3RouterPlugin' neutron::dhcp_agents_per_network: 2 -neutron::plugins::ml2::tunnel_id_ranges: - - '1:1000' neutron::server::sync_db: true neutron::agents::dhcp::dnsmasq_config_file: /etc/neutron/dnsmasq-neutron.conf @@ -90,6 +88,8 @@ pacemaker::corosync::manage_fw: false # horizon horizon::allowed_hosts: '*' +horizon::django_session_engine: 'django.contrib.sessions.backends.cache' + mysql::server::manage_config_file: true diff --git a/puppet/manifests/overcloud_compute.pp b/puppet/manifests/overcloud_compute.pp index caca89a8..00bab7f6 100644 --- a/puppet/manifests/overcloud_compute.pp +++ b/puppet/manifests/overcloud_compute.pp @@ -68,7 +68,6 @@ include ::neutron class { 'neutron::plugins::ml2': flat_networks => split(hiera('neutron_flat_networks'), ','), tenant_network_types => [hiera('neutron_tenant_network_type')], - type_drivers => [hiera('neutron_tenant_network_type')], } class { 'neutron::agents::ml2::ovs': diff --git a/puppet/manifests/overcloud_controller.pp b/puppet/manifests/overcloud_controller.pp index ac765321..19ed97fb 100644 --- a/puppet/manifests/overcloud_controller.pp +++ b/puppet/manifests/overcloud_controller.pp @@ -48,8 +48,7 @@ if hiera('step') >= 2 { include ::mongodb::globals include ::mongodb::server - $mongo_node_ips = split(hiera('mongo_node_ips'), ',') - $mongo_node_ips_with_port = suffix($mongo_node_ips, ':27017') + $mongo_node_ips_with_port = suffix(hiera('mongo_node_ips'), ':27017') $mongo_node_string = join($mongo_node_ips_with_port, ',') $mongodb_replset = hiera('mongodb::server::replset') @@ -62,7 +61,7 @@ if hiera('step') >= 2 { } # Redis - $redis_node_ips = split(hiera('redis_node_ips'), ',') + $redis_node_ips = hiera('redis_node_ips') $redis_master_hostname = downcase(hiera('bootstrap_nodeid')) if $redis_master_hostname == $::hostname { @@ -77,9 +76,7 @@ if hiera('step') >= 2 { if count($redis_node_ips) > 1 { Class['::tripleo::redis_notification'] -> Service['redis-sentinel'] include ::redis::sentinel - class {'::tripleo::redis_notification' : - haproxy_monitor_ip => hiera('tripleo::loadbalancer::controller_virtual_ip'), - } + include ::tripleo::redis_notification } if str2bool(hiera('enable_galera', 'true')) { @@ -254,10 +251,7 @@ if hiera('step') >= 3 { include ::glance::registry include join(['::glance::backend::', $glance_backend]) - class { 'nova': - glance_api_servers => join([hiera('glance_protocol'), '://', hiera('controller_virtual_ip'), ':', hiera('glance_port')]), - } - + include ::nova include ::nova::api include ::nova::cert include ::nova::conductor @@ -270,9 +264,7 @@ if hiera('step') >= 3 { include ::neutron::server include ::neutron::agents::l3 include ::neutron::agents::dhcp - class { 'neutron::agents::metadata': - auth_url => join(['http://', hiera('controller_virtual_ip'), ':35357/v2.0']), - } + include ::neutron::agents::metadata file { '/etc/neutron/dnsmasq-neutron.conf': content => hiera('neutron_dnsmasq_options'), @@ -285,7 +277,6 @@ if hiera('step') >= 3 { class { 'neutron::plugins::ml2': flat_networks => split(hiera('neutron_flat_networks'), ','), tenant_network_types => [hiera('neutron_tenant_network_type')], - type_drivers => [hiera('neutron_tenant_network_type')], } class { 'neutron::agents::ml2::ovs': bridge_mappings => split(hiera('neutron_bridge_mappings'), ','), @@ -343,7 +334,23 @@ if hiera('step') >= 3 { } } - $cinder_enabled_backends = delete_undef_values([$cinder_iscsi_backend, $cinder_rbd_backend]) + if hiera('cinder_enable_netapp_backend', false) { + $cinder_netapp_backend = hiera('cinder::backend::netapp::title') + + cinder_config { + "${cinder_netapp_backend}/host": value => 'hostgroup'; + } + + if hiera('cinder_netapp_nfs_shares', undef) { + $cinder_netapp_nfs_shares = split(hiera('cinder_netapp_nfs_shares', undef), ',') + } + + cinder::backend::netapp { $cinder_netapp_backend : + nfs_shares => $cinder_netapp_nfs_shares, + } + } + + $cinder_enabled_backends = delete_undef_values([$cinder_iscsi_backend, $cinder_rbd_backend, $cinder_netapp_backend]) class { '::cinder::backends' : enabled_backends => $cinder_enabled_backends, } @@ -399,12 +406,10 @@ if hiera('step') >= 3 { include ::ceilometer::alarm::evaluator include ::ceilometer::expirer include ::ceilometer::collector + include ceilometer::agent::auth class { '::ceilometer::db' : database_connection => $ceilometer_database_connection, } - class { 'ceilometer::agent::auth': - auth_url => join(['http://', hiera('controller_virtual_ip'), ':5000/v2.0']), - } Cron <| title == 'ceilometer-expirer' |> { command => "sleep $((\$(od -A n -t d -N 3 /dev/urandom) % 86400)) && ${::ceilometer::params::expirer_command}" } @@ -418,7 +423,7 @@ if hiera('step') >= 3 { # Horizon $vhost_params = { add_listen => false } class { 'horizon': - cache_server_ip => split(hiera('memcache_node_ips', '127.0.0.1'), ','), + cache_server_ip => hiera('memcache_node_ips', '127.0.0.1'), vhost_extra_params => $vhost_params, } diff --git a/puppet/manifests/overcloud_controller_pacemaker.pp b/puppet/manifests/overcloud_controller_pacemaker.pp index ba25162a..a9499821 100644 --- a/puppet/manifests/overcloud_controller_pacemaker.pp +++ b/puppet/manifests/overcloud_controller_pacemaker.pp @@ -55,6 +55,7 @@ if hiera('step') >= 1 { class { '::tripleo::loadbalancer' : controller_hosts => $controller_node_ips, controller_hosts_names => $controller_node_names, + redis => false, manage_vip => false, haproxy_service_manage => false, } @@ -96,11 +97,8 @@ if hiera('step') >= 1 { if downcase(hiera('ceilometer_backend')) == 'mongodb' { include ::mongodb::globals - # FIXME: replace with service_manage => false on ::mongodb::server - # when this is merged: https://github.com/puppetlabs/pupp etlabs-mongodb/pull/198 class { '::mongodb::server' : - service_ensure => undef, - service_enable => false, + service_manage => false, } } @@ -109,6 +107,12 @@ if hiera('step') >= 1 { service_manage => false, } + # Redis + class { '::redis' : + service_manage => false, + notify_service => false, + } + # Galera if str2bool(hiera('enable_galera', 'true')) { $mysql_config_file = '/etc/my.cnf.d/galera.cnf' @@ -160,6 +164,11 @@ if hiera('step') >= 1 { if hiera('step') >= 2 { if $pacemaker_master { + + # FIXME: we should not have to access tripleo::loadbalancer class + # parameters here to configure pacemaker VIPs. The configuration + # of pacemaker VIPs could move into puppet-tripleo or we should + # make use of less specific hiera parameters here for the settings. $control_vip = hiera('tripleo::loadbalancer::controller_virtual_ip') pacemaker::resource::ip { 'control_vip': ip_address => $control_vip, @@ -168,6 +177,28 @@ if hiera('step') >= 2 { pacemaker::resource::ip { 'public_vip': ip_address => $public_vip, } + + $internal_api_vip = hiera('tripleo::loadbalancer::internal_api_virtual_ip') + if $internal_api_vip and $internal_api_vip != $control_vip { + pacemaker::resource::ip { 'internal_api_vip': + ip_address => $internal_api_vip, + } + } + + $storage_vip = hiera('tripleo::loadbalancer::storage_virtual_ip') + if $storage_vip and $storage_vip != $control_vip { + pacemaker::resource::ip { 'storage_vip': + ip_address => $storage_vip, + } + } + + $storage_mgmt_vip = hiera('tripleo::loadbalancer::storage_mgmt_virtual_ip') + if $storage_mgmt_vip and $storage_mgmt_vip != $control_vip { + pacemaker::resource::ip { 'storage_mgmt_vip': + ip_address => $storage_mgmt_vip, + } + } + pacemaker::resource::service { 'haproxy': clone_params => true, } @@ -188,25 +219,20 @@ if hiera('step') >= 2 { op_params => 'start timeout=120s', clone_params => true, require => Class['::mongodb::server'], - before => Exec['mongodb-ready'], } # NOTE (spredzy) : The replset can only be run # once all the nodes have joined the cluster. - $mongo_node_ips = split(hiera('mongo_node_ips'), ',') + $mongo_node_ips = hiera('mongo_node_ips') $mongo_node_ips_with_port = suffix($mongo_node_ips, ':27017') $mongo_node_string = join($mongo_node_ips_with_port, ',') - $mongodb_replset = hiera('mongodb::server::replset') - $mongodb_cluster_ready_command = join(suffix(prefix($mongo_node_ips, '/bin/nc -w1 '), ' 27017 < /dev/null'), ' && ') $mongodb_pacemaker_resource = Pacemaker::Resource::Service[$::mongodb::params::service_name] - exec { 'mongodb-ready' : - command => $mongodb_cluster_ready_command, - timeout => 30, - tries => 180, - try_sleep => 10, + $mongodb_replset = hiera('mongodb::server::replset') + mongodb_conn_validator { $mongo_node_ips_with_port : + require => Pacemaker::Resource::Service[$::mongodb::params::service_name], + before => Mongodb_replset[$mongodb_replset], } mongodb_replset { $mongodb_replset : members => $mongo_node_ips_with_port, - require => Exec['mongodb-ready'], } } @@ -219,27 +245,35 @@ if hiera('step') >= 2 { require => Class['::mysql::server'], before => Exec['galera-ready'], } - } - # Redis - $redis_node_ips = split(hiera('redis_node_ips'), ',') - $redis_master_hostname = downcase(hiera('bootstrap_nodeid')) - - if $redis_master_hostname == $::hostname { - $slaveof = undef - } else { - $slaveof = "${redis_master_hostname} 6379" - } - class {'::redis' : - slaveof => $slaveof, - } - - if count($redis_node_ips) > 1 { - Class['::tripleo::redis_notification'] -> Service['redis-sentinel'] - include ::redis::sentinel - class {'::tripleo::redis_notification' : - haproxy_monitor_ip => hiera('tripleo::loadbalancer::controller_virtual_ip'), + pacemaker::resource::ocf { 'redis': + ocf_agent_name => 'heartbeat:redis', + master_params => '', + meta_params => 'notify=true ordered=true interleave=true', + resource_params => 'wait_last_known_master=true', + require => Class['::redis'], + } + $redis_vip = hiera('redis_vip') + pacemaker::resource::ip { 'vip-redis': + ip_address => $redis_vip, } + pacemaker::constraint::base { 'redis-master-then-vip-redis': + constraint_type => 'order', + first_resource => 'redis-master', + second_resource => "ip-${redis_vip}", + first_action => 'promote', + second_action => 'start', + require => [Pacemaker::Resource::Ocf['redis'], + Pacemaker::Resource::Ip['vip-redis']], + } + pacemaker::constraint::colocation { 'vip-redis-with-redis-master': + source => "ip-${redis_vip}", + target => 'redis-master', + score => 'INFINITY', + require => [Pacemaker::Resource::Ocf['redis'], + Pacemaker::Resource::Ip['vip-redis']], + } + } exec { 'galera-ready' : @@ -426,9 +460,7 @@ if hiera('step') >= 3 { } include join(['::glance::backend::', $glance_backend]) - class { 'nova': - glance_api_servers => join([hiera('glance_protocol'), '://', hiera('controller_virtual_ip'), ':', hiera('glance_port')]), - } + include ::nova class { '::nova::api' : sync_db => $sync_db, @@ -473,7 +505,6 @@ if hiera('step') >= 3 { enabled => false, } class { 'neutron::agents::metadata': - auth_url => join(['http://', hiera('controller_virtual_ip'), ':35357/v2.0']), manage_service => false, enabled => false, } @@ -487,7 +518,6 @@ if hiera('step') >= 3 { class { 'neutron::plugins::ml2': flat_networks => split(hiera('neutron_flat_networks'), ','), tenant_network_types => [hiera('neutron_tenant_network_type')], - type_drivers => [hiera('neutron_tenant_network_type')], } class { 'neutron::agents::ml2::ovs': # manage_service => false # not implemented @@ -496,7 +526,6 @@ if hiera('step') >= 3 { tunnel_types => split(hiera('neutron_tunnel_types'), ','), } - include ::cinder class { '::cinder::api': sync_db => $sync_db, @@ -553,7 +582,23 @@ if hiera('step') >= 3 { } } - $cinder_enabled_backends = delete_undef_values([$cinder_iscsi_backend, $cinder_rbd_backend]) + if hiera('cinder_enable_netapp_backend', false) { + $cinder_netapp_backend = hiera('cinder::backend::netapp::title') + + cinder_config { + "${cinder_netapp_backend}/host": value => 'hostgroup'; + } + + if hiera('cinder_netapp_nfs_shares', undef) { + $cinder_netapp_nfs_shares = split(hiera('cinder_netapp_nfs_shares', undef), ',') + } + + cinder::backend::netapp { $cinder_netapp_backend : + nfs_shares => $cinder_netapp_nfs_shares, + } + } + + $cinder_enabled_backends = delete_undef_values([$cinder_iscsi_backend, $cinder_rbd_backend, $cinder_netapp_backend]) class { '::cinder::backends' : enabled_backends => $cinder_enabled_backends, } @@ -627,6 +672,7 @@ if hiera('step') >= 3 { class { '::ceilometer::agent::central' : manage_service => false, enabled => false, + coordination_url => "redis://${redis_vip}:6379", } class { '::ceilometer::alarm::notifier' : manage_service => false, @@ -645,9 +691,7 @@ if hiera('step') >= 3 { database_connection => $ceilometer_database_connection, sync_db => $sync_db, } - class { 'ceilometer::agent::auth': - auth_url => join(['http://', hiera('controller_virtual_ip'), ':5000/v2.0']), - } + include ceilometer::agent::auth Cron <| title == 'ceilometer-expirer' |> { command => "sleep $((\$(od -A n -t d -N 3 /dev/urandom) % 86400)) && ${::ceilometer::params::expirer_command}" } @@ -672,10 +716,14 @@ if hiera('step') >= 3 { enabled => false, } - # Horizon + # httpd/apache and horizon + include ::apache + class { '::apache::mod::status': + allow_from => ['127.0.0.1'], + } $vhost_params = { add_listen => false } class { 'horizon': - cache_server_ip => split(hiera('memcache_node_ips', '127.0.0.1'), ','), + cache_server_ip => hiera('memcache_node_ips', '127.0.0.1'), vhost_extra_params => $vhost_params, } @@ -1157,6 +1205,15 @@ if hiera('step') >= 4 { Pacemaker::Resource::Service[$::mongodb::params::service_name]], } } + pacemaker::constraint::base { 'vip-redis-then-ceilometer-central': + constraint_type => 'order', + first_resource => "ip-${redis_vip}", + second_resource => "${::ceilometer::params::agent_central_service_name}-clone", + first_action => 'start', + second_action => 'start', + require => [Pacemaker::Resource::Service[$::ceilometer::params::agent_central_service_name], + Pacemaker::Resource::Ip['vip-redis']], + } pacemaker::constraint::base { 'keystone-then-ceilometer-central-constraint': constraint_type => 'order', first_resource => "${::keystone::params::service_name}-clone", @@ -1238,6 +1295,12 @@ if hiera('step') >= 4 { Pacemaker::Resource::Service[$::ceilometer::params::agent_notification_service_name]], } + # Horizon + pacemaker::resource::service { $::horizon::params::http_service: + clone_params => "interleave=true", + } + + } } #END STEP 4 diff --git a/puppet/swift-storage-puppet.yaml b/puppet/swift-storage-puppet.yaml index 40f8ee4a..15481032 100644 --- a/puppet/swift-storage-puppet.yaml +++ b/puppet/swift-storage-puppet.yaml @@ -51,6 +51,20 @@ parameters: default: 'false' description: Set to true to enable package installation via Puppet type: boolean + UpdateIdentifier: + default: '' + type: string + description: > + Setting to a previously unused value during stack-update will trigger + package update on all nodes + ServiceNetMap: + default: {} + description: Mapping of service_name -> network name. Typically set + via parameter_defaults in the resource registry. + type: json + Hostname: + type: string + default: '' # Defaults to Heat created hostname resources: @@ -64,6 +78,7 @@ resources: - network: ctlplane user_data_format: SOFTWARE_CONFIG user_data: {get_resource: NodeUserData} + name: {get_param: Hostname} NodeUserData: type: OS::TripleO::NodeUserData @@ -90,6 +105,13 @@ resources: StorageIpSubnet: {get_attr: [StoragePort, ip_subnet]} StorageMgmtIpSubnet: {get_attr: [StorageMgmtPort, ip_subnet]} + NetIpMap: + type: OS::TripleO::Network::Ports::NetIpMap + properties: + InternalApiIp: {get_attr: [InternalApiPort, ip_address]} + StorageIp: {get_attr: [StoragePort, ip_address]} + StorageMgmtIp: {get_attr: [StorageMgmtPort, ip_address]} + NetworkDeployment: type: OS::TripleO::SoftwareDeployment properties: @@ -105,6 +127,8 @@ resources: hierarchy: - heat_config_%{::deploy_config_name} - object + - swift_devices_and_proxy # provided by SwiftDevicesAndProxyConfig + - all_nodes # provided by allNodesConfig - '"%{::osfamily}"' - common datafiles: @@ -112,20 +136,20 @@ resources: raw_data: {get_file: hieradata/common.yaml} object: raw_data: {get_file: hieradata/object.yaml} - oac_data: # data we map in from other OAC configurations - tripleo::ringbuilder::devices: swift.devices mapped_data: # data supplied directly to this deployment configuration, etc swift::swift_hash_suffix: { get_input: swift_hash_suffix } tripleo::ringbuilder::part_power: { get_input: swift_part_power } tripleo::ringbuilder::replicas: {get_input: swift_replicas } # Swift - swift::storage::all::storage_local_net_ip: {get_input: local_ip} + swift::storage::all::storage_local_net_ip: {get_input: swift_management_network} swift_mount_check: {get_input: swift_mount_check } tripleo::ringbuilder::min_part_hours: { get_input: swift_min_part_hours } ntp::servers: {get_input: ntp_servers} # NOTE(dprince): build_ring support is currently not wired in. # See: https://review.openstack.org/#/c/109225/ tripleo::ringbuilder::build_ring: True + snmpd_readonly_user_name: {get_input: snmpd_readonly_user_name} + snmpd_readonly_user_password: {get_input: snmpd_readonly_user_password} enable_package_install: {get_input: enable_package_install} @@ -150,12 +174,25 @@ resources: params: server: {get_param: NtpServer} enable_package_install: {get_param: EnablePackageInstall} + swift_management_network: {get_attr: [NetIpMap, net_ip_map, {get_param: [ServiceNetMap, SwiftMgmtNetwork]}]} + + UpdateConfig: + type: OS::TripleO::Tasks::PackageUpdate + + UpdateDeployment: + type: OS::Heat::SoftwareDeployment + properties: + config: {get_resource: UpdateConfig} + server: {get_resource: SwiftStorage} + input_values: + update_identifier: + get_param: UpdateIdentifier outputs: hosts_entry: value: str_replace: - template: "IP HOST" + template: "IP HOST.localdomain HOST" params: IP: {get_attr: [SwiftStorage, networks, ctlplane, 0]} HOST: {get_attr: [SwiftStorage, name]} @@ -169,7 +206,7 @@ outputs: str_replace: template: 'r1z1-IP:%PORT%/d1' params: - IP: {get_attr: [SwiftStorage, networks, ctlplane, 0]} + IP: {get_attr: [NetIpMap, net_ip_map, {get_param: [ServiceNetMap, SwiftMgmtNetwork]}]} internal_api_ip_address: description: IP address of the server in the internal_api network value: {get_attr: [InternalApiPort, ip_address]} diff --git a/puppet/vip-config.yaml b/puppet/vip-config.yaml new file mode 100644 index 00000000..c083821e --- /dev/null +++ b/puppet/vip-config.yaml @@ -0,0 +1,42 @@ +heat_template_version: 2015-04-30 + +description: > + Configure hieradata for service -> virtual IP mappings. + +resources: + VipConfigImpl: + type: OS::Heat::StructuredConfig + properties: + group: os-apply-config + config: + hiera: + datafiles: + vip_data: + mapped_data: + keystone_admin_api_vip: {get_input: keystone_admin_api_vip} + keystone_public_api_vip: {get_input: keystone_public_api_vip} + neutron_api_vip: {get_input: neutron_api_vip} + cinder_api_vip: {get_input: cinder_api_vip} + glance_api_vip: {get_input: glance_api_vip} + glance_registry_vip: {get_input: glance_registry_vip} + swift_proxy_vip: {get_input: swift_proxy_vip} + nova_api_vip: {get_input: nova_api_vip} + nova_metadata_vip: {get_input: nova_metadata_vip} + ceilometer_api_vip: {get_input: ceilometer_api_vip} + heat_api_vip: {get_input: heat_api_vip} + horizon_vip: {get_input: horizon_vip} + redis_vip: {get_input: redis_vip} + mysql_vip: {get_input: mysql_vip} + mysql_vip: {get_input: mysql_vip} + tripleo::loadbalancer::public_virtual_ip: {get_input: public_virtual_ip} + tripleo::loadbalancer::controller_virtual_ip: {get_input: control_virtual_ip} + tripleo::loadbalancer::internal_api_virtual_ip: {get_input: internal_api_virtual_ip} + tripleo::loadbalancer::storage_virtual_ip: {get_input: storage_virtual_ip} + tripleo::loadbalancer::storage_mgmt_virtual_ip: {get_input: storage_mgmt_virtual_ip} + tripleo::redis_notification::haproxy_monitor_ip: {get_input: control_virtual_ip} + + +outputs: + OS::stack_id: + description: The VipConfigImpl resource. + value: {get_resource: VipConfigImpl} |