diff options
Diffstat (limited to 'puppet')
| -rw-r--r-- | puppet/all-nodes-config.yaml | 11 | ||||
| -rw-r--r-- | puppet/cinder-storage.yaml | 7 | ||||
| -rw-r--r-- | puppet/compute.yaml | 1 | ||||
| -rw-r--r-- | puppet/controller-config-pacemaker.yaml | 5 | ||||
| -rw-r--r-- | puppet/controller-config.yaml | 5 | ||||
| -rw-r--r-- | puppet/controller-post.yaml | 42 | ||||
| -rw-r--r-- | puppet/controller.yaml | 78 | ||||
| -rw-r--r-- | puppet/hieradata/common.yaml | 3 | ||||
| -rw-r--r-- | puppet/hieradata/controller.yaml | 7 | ||||
| -rw-r--r-- | puppet/manifests/overcloud_controller.pp | 42 | ||||
| -rw-r--r-- | puppet/manifests/overcloud_controller_pacemaker.pp | 138 | ||||
| -rw-r--r-- | puppet/manifests/ringbuilder.pp | 8 | ||||
| -rw-r--r-- | puppet/swift-storage.yaml | 10 | ||||
| -rw-r--r-- | puppet/vip-config.yaml | 1 |
14 files changed, 284 insertions, 74 deletions
diff --git a/puppet/all-nodes-config.yaml b/puppet/all-nodes-config.yaml index 2f2a1e9d..fed9dd31 100644 --- a/puppet/all-nodes-config.yaml +++ b/puppet/all-nodes-config.yaml @@ -34,6 +34,8 @@ parameters: type: comma_delimited_list ceilometer_api_node_ips: type: comma_delimited_list + aodh_api_node_ips: + type: comma_delimited_list nova_api_node_ips: type: comma_delimited_list nova_metadata_node_ips: @@ -187,6 +189,14 @@ resources: list_join: - "','" - {get_param: ceilometer_api_node_ips} + aodh_api_node_ips: + str_replace: + template: "['SERVERS_LIST']" + params: + SERVERS_LIST: + list_join: + - "','" + - {get_param: aodh_api_node_ips} nova_api_node_ips: str_replace: template: "['SERVERS_LIST']" @@ -272,6 +282,7 @@ resources: # NOTE(gfidente): interpolation with %{} in the # hieradata file can't be used as it returns string ceilometer::rabbit_hosts: *rabbit_nodes_array + aodh::rabbit_hosts: *rabbit_nodes_array cinder::rabbit_hosts: *rabbit_nodes_array glance::notify::rabbitmq::rabbit_hosts: *rabbit_nodes_array heat::rabbit_hosts: *rabbit_nodes_array diff --git a/puppet/cinder-storage.yaml b/puppet/cinder-storage.yaml index 888f3cf8..b5694802 100644 --- a/puppet/cinder-storage.yaml +++ b/puppet/cinder-storage.yaml @@ -51,7 +51,6 @@ parameters: description: Name of an existing Nova key pair to enable SSH access to the instances type: string RabbitPassword: - default: 'guest' type: string hidden: true RabbitUserName: @@ -286,7 +285,11 @@ resources: size: {get_param: CinderLVMLoopDeviceSize} cinder_enable_iscsi_backend: {get_param: CinderEnableIscsiBackend} cinder_iscsi_helper: {get_param: CinderISCSIHelper} - cinder_iscsi_ip_address: {get_attr: [NetIpMap, net_ip_map, {get_param: [ServiceNetMap, CinderIscsiNetwork]}]} + cinder_iscsi_ip_address: + str_replace: + template: "'IP'" + params: + IP: {get_attr: [NetIpMap, net_ip_uri_map, {get_param: [ServiceNetMap, CinderIscsiNetwork]}]} glance_api_servers: {get_param: [EndpointMap, GlanceInternal, uri]} rabbit_username: {get_param: RabbitUserName} rabbit_password: {get_param: RabbitPassword} diff --git a/puppet/compute.yaml b/puppet/compute.yaml index ee5bced6..f5c848c8 100644 --- a/puppet/compute.yaml +++ b/puppet/compute.yaml @@ -251,7 +251,6 @@ parameters: type: string default: '' # Has to be here because of the ignored empty value bug RabbitPassword: - default: guest description: The password for RabbitMQ type: string hidden: true diff --git a/puppet/controller-config-pacemaker.yaml b/puppet/controller-config-pacemaker.yaml index dc81498a..21db825a 100644 --- a/puppet/controller-config-pacemaker.yaml +++ b/puppet/controller-config-pacemaker.yaml @@ -22,7 +22,10 @@ resources: outputs: - name: result config: - get_file: manifests/overcloud_controller_pacemaker.pp + list_join: + - '' + - - get_file: manifests/overcloud_controller_pacemaker.pp + - get_file: manifests/ringbuilder.pp outputs: OS::stack_id: diff --git a/puppet/controller-config.yaml b/puppet/controller-config.yaml index f85e1a9e..f7a6a56d 100644 --- a/puppet/controller-config.yaml +++ b/puppet/controller-config.yaml @@ -22,7 +22,10 @@ resources: outputs: - name: result config: - get_file: manifests/overcloud_controller.pp + list_join: + - '' + - - get_file: manifests/overcloud_controller.pp + - get_file: manifests/ringbuilder.pp outputs: OS::stack_id: diff --git a/puppet/controller-post.yaml b/puppet/controller-post.yaml index 713ad706..04f20b61 100644 --- a/puppet/controller-post.yaml +++ b/puppet/controller-post.yaml @@ -64,39 +64,26 @@ resources: update_identifier: {get_param: NodeConfigIdentifiers} actions: ['CREATE'] # no need for two passes on an UPDATE - ControllerRingbuilderPuppetConfig: - type: OS::Heat::SoftwareConfig - properties: - group: puppet - options: - enable_debug: {get_param: ConfigDebug} - enable_hiera: True - enable_facter: False - inputs: - outputs: - - name: result - config: - get_file: manifests/ringbuilder.pp - - ControllerRingbuilderDeployment_Step3: + ControllerOvercloudServicesDeployment_Step3: type: OS::Heat::StructuredDeployments depends_on: ControllerServicesBaseDeployment_Step2 properties: - name: ControllerRingbuilderDeployment_Step3 + name: ControllerOvercloudServicesDeployment_Step3 servers: {get_param: servers} - config: {get_resource: ControllerRingbuilderPuppetConfig} + config: {get_resource: ControllerPuppetConfig} input_values: + step: 3 update_identifier: {get_param: NodeConfigIdentifiers} ControllerOvercloudServicesDeployment_Step4: type: OS::Heat::StructuredDeployments - depends_on: ControllerRingbuilderDeployment_Step3 + depends_on: ControllerOvercloudServicesDeployment_Step3 properties: name: ControllerOvercloudServicesDeployment_Step4 servers: {get_param: servers} config: {get_resource: ControllerPuppetConfig} input_values: - step: 3 + step: 4 update_identifier: {get_param: NodeConfigIdentifiers} ControllerOvercloudServicesDeployment_Step5: @@ -107,7 +94,7 @@ resources: servers: {get_param: servers} config: {get_resource: ControllerPuppetConfig} input_values: - step: 4 + step: 5 update_identifier: {get_param: NodeConfigIdentifiers} ControllerOvercloudServicesDeployment_Step6: @@ -118,12 +105,23 @@ resources: servers: {get_param: servers} config: {get_resource: ControllerPuppetConfig} input_values: - step: 5 + step: 6 + update_identifier: {get_param: NodeConfigIdentifiers} + + ControllerOvercloudServicesDeployment_Step7: + type: OS::Heat::StructuredDeployments + depends_on: ControllerOvercloudServicesDeployment_Step6 + properties: + name: ControllerOvercloudServicesDeployment_Step7 + servers: {get_param: servers} + config: {get_resource: ControllerPuppetConfig} + input_values: + step: 7 update_identifier: {get_param: NodeConfigIdentifiers} ControllerPostPuppet: type: OS::TripleO::Tasks::ControllerPostPuppet - depends_on: ControllerOvercloudServicesDeployment_Step6 + depends_on: ControllerOvercloudServicesDeployment_Step7 properties: servers: {get_param: servers} input_values: diff --git a/puppet/controller.yaml b/puppet/controller.yaml index 094102f5..efdf08bb 100644 --- a/puppet/controller.yaml +++ b/puppet/controller.yaml @@ -17,6 +17,13 @@ parameters: description: The keystone auth secret and db password. type: string hidden: true + AodhApiVirtualIP: + type: string + default: '' + AodhPassword: + description: The password for the aodh services. + type: string + hidden: true CeilometerApiVirtualIP: type: string default: '' @@ -225,6 +232,13 @@ parameters: Mount options for Pacemaker mount used as Glance storage. Effective when GlanceFilePcmkManage is true. type: string + HAProxyStatsPassword: + description: Password for HAProxy stats endpoint + type: string + HAProxyStatsUser: + description: User for HAProxy stats endpoint + default: admin + type: string HAProxySyslogAddress: default: /dev/log description: Syslog address where HAproxy will send its log @@ -326,6 +340,10 @@ parameters: default: false description: Whether to manage IPtables rules. type: boolean + MemcachedIPv6: + default: false + description: Enable IPv6 features in Memcached. + type: boolean PurgeFirewallRules: default: false description: Whether IPtables rules should be purged before setting up the new ones. @@ -595,7 +613,6 @@ parameters: default: '' # Has to be here because of the ignored empty value bug hidden: true RabbitPassword: - default: guest description: The password for RabbitMQ type: string hidden: true @@ -657,6 +674,10 @@ parameters: default: 10 description: Partition Power to use when building Swift rings type: number + SwiftRingBuild: + default: true + description: Whether to manage Swift rings or not + type: boolean SwiftPassword: description: The password for the swift service account, used by the swift proxy services. @@ -940,6 +961,8 @@ resources: neutron_enable_l2pop: {get_param: NeutronEnableL2Pop} neutron_enable_isolated_metadata: {get_param: NeutronEnableIsolatedMetadata} haproxy_log_address: {get_param: HAProxySyslogAddress} + haproxy_stats_password: {get_param: HAProxyStatsPassword} + haproxy_stats_user: {get_param: HAProxyStatsUser} heat.watch_server_url: list_join: - '' @@ -1148,13 +1171,15 @@ resources: ceilometer_metering_secret: {get_param: CeilometerMeteringSecret} ceilometer_password: {get_param: CeilometerPassword} ceilometer_store_events: {get_param: CeilometerStoreEvents} + aodh_password: {get_param: AodhPassword} ceilometer_coordination_url: list_join: - '' - - - 'redis://' - - {get_param: RedisVirtualIPUri} - - ':6379/?password=' + - - 'redis://:' - {get_param: RedisPassword} + - '@' + - {get_param: RedisVirtualIPUri} + - ':6379/' ceilometer_dsn: list_join: - '' @@ -1168,6 +1193,7 @@ resources: nova_enable_db_purge: {get_param: NovaEnableDBPurge} nova_ipv6: {get_param: NovaIPv6} corosync_ipv6: {get_param: CorosyncIPv6} + memcached_ipv6: {get_param: MemcachedIPv6} nova_password: {get_param: NovaPassword} nova_dsn: list_join: @@ -1195,16 +1221,9 @@ resources: rabbit_client_use_ssl: {get_param: RabbitClientUseSSL} rabbit_client_port: {get_param: RabbitClientPort} rabbit_ipv6: {get_param: RabbitIPv6} + rabbit_fd_limit: {get_param: RabbitFDLimit} mongodb_no_journal: {get_param: MongoDbNoJournal} mongodb_ipv6: {get_param: MongoDbIPv6} - # We need to force this into quotes or hiera will return integer causing - # the puppet module validation regexp to fail. - # Remove when: https://github.com/puppetlabs/puppetlabs-rabbitmq/pull/401 - rabbit_fd_limit: - str_replace: - template: "'LIMIT'" - params: - LIMIT: {get_param: RabbitFDLimit} ntp_servers: {get_param: NtpServer} timezone: {get_param: TimeZone} control_virtual_interface: {get_param: ControlVirtualInterface} @@ -1212,6 +1231,7 @@ resources: swift_hash_suffix: {get_param: SwiftHashSuffix} swift_password: {get_param: SwiftPassword} swift_part_power: {get_param: SwiftPartPower} + swift_ring_build: {get_param: SwiftRingBuild} swift_replicas: {get_param: SwiftReplicas} swift_min_part_hours: {get_param: SwiftMinPartHours} swift_mount_check: {get_param: SwiftMountCheck} @@ -1228,7 +1248,11 @@ resources: - '/sahara' swift_proxy_network: {get_attr: [NetIpMap, net_ip_map, {get_param: [ServiceNetMap, SwiftProxyNetwork]}]} swift_management_network: {get_attr: [NetIpMap, net_ip_map, {get_param: [ServiceNetMap, SwiftMgmtNetwork]}]} - cinder_iscsi_network: {get_attr: [NetIpMap, net_ip_map, {get_param: [ServiceNetMap, CinderIscsiNetwork]}]} + cinder_iscsi_network: + str_replace: + template: "'IP'" + params: + IP: {get_attr: [NetIpMap, net_ip_uri_map, {get_param: [ServiceNetMap, CinderIscsiNetwork]}]} cinder_api_network: {get_attr: [NetIpMap, net_ip_map, {get_param: [ServiceNetMap, CinderApiNetwork]}]} glance_api_network: {get_attr: [NetIpMap, net_ip_map, {get_param: [ServiceNetMap, GlanceApiNetwork]}]} glance_registry_network: {get_attr: [NetIpMap, net_ip_map, {get_param: [ServiceNetMap, GlanceRegistryNetwork]}]} @@ -1242,6 +1266,7 @@ resources: neutron_api_network: {get_attr: [NetIpMap, net_ip_map, {get_param: [ServiceNetMap, NeutronApiNetwork]}]} neutron_local_ip: {get_attr: [NetIpMap, net_ip_map, {get_param: [ServiceNetMap, NeutronTenantNetwork]}]} ceilometer_api_network: {get_attr: [NetIpMap, net_ip_map, {get_param: [ServiceNetMap, CeilometerApiNetwork]}]} + aodh_api_network: {get_attr: [NetIpMap, net_ip_map, {get_param: [ServiceNetMap, AodhApiNetwork]}]} nova_api_network: {get_attr: [NetIpMap, net_ip_map, {get_param: [ServiceNetMap, NovaApiNetwork]}]} nova_metadata_network: {get_attr: [NetIpMap, net_ip_map, {get_param: [ServiceNetMap, NovaMetadataNetwork]}]} horizon_network: {get_attr: [NetIpMap, net_ip_map, {get_param: [ServiceNetMap, HorizonNetwork]}]} @@ -1327,15 +1352,12 @@ resources: swift::swift_hash_suffix: {get_input: swift_hash_suffix} swift::proxy::authtoken::admin_password: {get_input: swift_password} swift::proxy::workers: {get_input: swift_workers} + tripleo::ringbuilder::build_ring: { get_input: swift_ring_build } tripleo::ringbuilder::part_power: {get_input: swift_part_power} tripleo::ringbuilder::replicas: {get_input: swift_replicas} tripleo::ringbuilder::min_part_hours: {get_input: swift_min_part_hours} swift_mount_check: {get_input: swift_mount_check} - # NOTE(dprince): build_ring support is currently not wired in. - # See: https://review.openstack.org/#/c/109225/ - tripleo::ringbuilder::build_ring: True - # Cinder cinder_enable_db_purge: {get_input: cinder_enable_db_purge} cinder_enable_nfs_backend: {get_input: cinder_enable_nfs_backend} @@ -1550,6 +1572,24 @@ resources: snmpd_readonly_user_name: {get_input: snmpd_readonly_user_name} snmpd_readonly_user_password: {get_input: snmpd_readonly_user_password} + # Aodh + aodh::rabbit_userid: {get_input: rabbit_username} + aodh::rabbit_password: {get_input: rabbit_password} + aodh::rabbit_use_ssl: {get_input: rabbit_client_use_ssl} + aodh::rabbit_port: {get_input: rabbit_client_port} + aodh::debug: {get_input: debug} + aodh::wsgi::apache::ssl: false + aodh::wsgi::apache::bind_host: {get_input: aodh_api_network} + aodh::api::service_name: 'httpd' + aodh::api::host: {get_input: aodh_api_network} + aodh::api::keystone_password: {get_input: aodh_password} + aodh::api::keystone_auth_uri: {get_input: keystone_auth_uri} + aodh::api::keystone_identity_uri: {get_input: keystone_identity_uri} + aodh::auth::auth_password: {get_input: aodh_password} + aodh::db::mysql::password: {get_input: aodh_password} + # for a migration path from ceilometer-alarm to aodh, we use the same database & coordination + aodh::evaluator::coordination_url: {get_input: ceilometer_coordination_url} + # Nova nova::rabbit_userid: {get_input: rabbit_username} nova::rabbit_password: {get_input: rabbit_password} @@ -1628,6 +1668,7 @@ resources: tripleo::firewall::manage_firewall: {get_input: manage_firewall} tripleo::firewall::purge_firewall_rules: {get_input: purge_firewall_rules} # Misc + memcached_ipv6: {get_input: memcached_ipv6} memcached::listen_ip: {get_input: memcached_network} neutron_public_interface_ip: {get_input: neutron_public_interface_ip} ntp::servers: {get_input: ntp_servers} @@ -1638,6 +1679,9 @@ resources: tripleo::loadbalancer::public_virtual_interface: {get_input: public_virtual_interface} tripleo::loadbalancer::haproxy_log_address: {get_input: haproxy_log_address} tripleo::loadbalancer::service_certificate: {get_attr: [NodeTLSData, deployed_ssl_certificate_path]} + tripleo::loadbalancer::haproxy_stats_user: {get_input: haproxy_stats_user} + tripleo::loadbalancer::haproxy_stats_password: {get_input: haproxy_stats_password} + tripleo::loadbalancer::redis_password: {get_input: redis_password} tripleo::packages::enable_install: {get_input: enable_package_install} tripleo::packages::enable_upgrade: {get_input: enable_package_upgrade} diff --git a/puppet/hieradata/common.yaml b/puppet/hieradata/common.yaml index 98cec364..46471c3b 100644 --- a/puppet/hieradata/common.yaml +++ b/puppet/hieradata/common.yaml @@ -5,6 +5,9 @@ ssh::server::storeconfigs_enabled: false ceilometer::agent::auth::auth_region: 'regionOne' ceilometer::agent::auth::auth_tenant_name: 'service' +aodh::auth::auth_region: 'regionOne' +aodh::auth::auth_tenant_name: 'service' + nova::api::admin_tenant_name: 'service' nova::network::neutron::neutron_project_name: 'service' nova::network::neutron::neutron_username: 'neutron' diff --git a/puppet/hieradata/controller.yaml b/puppet/hieradata/controller.yaml index 288d224f..3e523f1b 100644 --- a/puppet/hieradata/controller.yaml +++ b/puppet/hieradata/controller.yaml @@ -35,6 +35,7 @@ keystone::roles::admin::email: 'root@localhost' # service tenant glance::api::keystone_tenant: 'service' +aodh::api::keystone_tenant: 'service' glance::registry::keystone_tenant: 'service' neutron::server::auth_tenant: 'service' neutron::agents::metadata::auth_tenant: 'service' @@ -80,7 +81,6 @@ glance::api::pipeline: 'keystone' glance::api::show_image_direct_url: true glance::registry::pipeline: 'keystone' glance::backend::swift::swift_store_create_container_on_put: true -glance::backend::rbd::rbd_store_user: 'openstack' glance_file_pcmk_directory: '/var/lib/glance/images' # neutron @@ -150,6 +150,7 @@ tripleo::loadbalancer::redis: true tripleo::loadbalancer::sahara: true tripleo::loadbalancer::swift_proxy_server: true tripleo::loadbalancer::ceilometer: true +tripleo::loadbalancer::aodh: true tripleo::loadbalancer::heat_api: true tripleo::loadbalancer::heat_cloudwatch: true tripleo::loadbalancer::heat_cfn: true @@ -262,3 +263,7 @@ tripleo::firewall::firewall_rules: '127 snmp': port: 161 proto: 'udp' + '128 aodh': + port: + - 8042 + - 13042 diff --git a/puppet/manifests/overcloud_controller.pp b/puppet/manifests/overcloud_controller.pp index d786b29c..c6667ae6 100644 --- a/puppet/manifests/overcloud_controller.pp +++ b/puppet/manifests/overcloud_controller.pp @@ -123,6 +123,7 @@ if hiera('step') >= 2 { include ::sahara::db::mysql if downcase(hiera('ceilometer_backend')) == 'mysql' { include ::ceilometer::db::mysql + include ::aodh::db::mysql } $rabbit_nodes = hiera('rabbit_node_ips') @@ -209,7 +210,7 @@ if hiera('step') >= 2 { } #END STEP 2 -if hiera('step') >= 3 { +if hiera('step') >= 4 { include ::keystone include ::keystone::config @@ -267,8 +268,15 @@ if hiera('step') >= 3 { include ::glance::notify::rabbitmq include join(['::glance::backend::', $glance_backend]) + $nova_ipv6 = hiera('nova::use_ipv6', false) + if $nova_ipv6 { + $memcached_servers = suffix(hiera('memcache_node_ips_v6'), ':11211') + } else { + $memcached_servers = suffix(hiera('memcache_node_ips'), ':11211') + } + class { '::nova' : - memcached_servers => suffix(hiera('memcache_node_ips'), ':11211'), + memcached_servers => $memcached_servers } include ::nova::config include ::nova::api @@ -611,6 +619,21 @@ if hiera('step') >= 3 { Cron <| title == 'ceilometer-expirer' |> { command => "sleep $((\$(od -A n -t d -N 3 /dev/urandom) % 86400)) && ${::ceilometer::params::expirer_command}" } + # Aodh + class { '::aodh' : + database_connection => $ceilometer_database_connection, + } + include ::aodh::db::sync + # To manage the upgrade: + Exec['ceilometer-dbsync'] -> Exec['aodh-db-sync'] + include ::aodh::auth + include ::aodh::api + include ::aodh::wsgi::apache + include ::aodh::evaluator + include ::aodh::notifier + include ::aodh::listener + include ::aodh::client + # Heat class { '::heat' : notification_driver => 'messaging', @@ -634,8 +657,15 @@ if hiera('step') >= 3 { } $neutron_options = {'profile_support' => $_profile_support } + $memcached_ipv6 = hiera('memcached_ipv6', false) + if $memcached_ipv6 { + $horizon_memcached_servers = hiera('memcache_node_ips_v6', '[::1]') + } else { + $horizon_memcached_servers = hiera('memcache_node_ips', '127.0.0.1') + } + class { '::horizon': - cache_server_ip => hiera('memcache_node_ips', '127.0.0.1'), + cache_server_ip => $horizon_memcached_servers, neutron_options => $neutron_options, } @@ -651,9 +681,9 @@ if hiera('step') >= 3 { hiera_include('controller_classes') -} #END STEP 3 +} #END STEP 4 -if hiera('step') >= 4 { +if hiera('step') >= 5 { $keystone_enable_db_purge = hiera('keystone_enable_db_purge', true) $nova_enable_db_purge = hiera('nova_enable_db_purge', true) $cinder_enable_db_purge = hiera('cinder_enable_db_purge', true) @@ -688,7 +718,7 @@ if hiera('step') >= 4 { } } -} #END STEP 4 +} #END STEP 5 $package_manifest_name = join(['/var/lib/tripleo/installed-packages/overcloud_controller', hiera('step')]) package_manifest{$package_manifest_name: ensure => present} diff --git a/puppet/manifests/overcloud_controller_pacemaker.pp b/puppet/manifests/overcloud_controller_pacemaker.pp index e3f31e91..fd12c342 100644 --- a/puppet/manifests/overcloud_controller_pacemaker.pp +++ b/puppet/manifests/overcloud_controller_pacemaker.pp @@ -18,6 +18,24 @@ Pcmk_resource <| |> { try_sleep => 3, } +# TODO(jistr): use pcs resource provider instead of just no-ops +Service <| + tag == 'aodh-service' or + tag == 'cinder-service' or + tag == 'ceilometer-service' or + tag == 'glance-service' or + tag == 'heat-service' or + tag == 'keystone-service' or + tag == 'neutron-service' or + tag == 'nova-service' or + tag == 'sahara-service' +|> { + hasrestart => true, + restart => '/bin/true', + start => '/bin/true', + stop => '/bin/true', +} + include ::tripleo::packages include ::tripleo::firewall @@ -29,13 +47,13 @@ if $::hostname == downcase(hiera('bootstrap_nodeid')) { $sync_db = false } -$enable_fencing = str2bool(hiera('enable_fencing', false)) and hiera('step') >= 5 +$enable_fencing = str2bool(hiera('enable_fencing', false)) and hiera('step') >= 6 $enable_load_balancer = hiera('enable_load_balancer', true) # When to start and enable services which haven't been Pacemakerized # FIXME: remove when we start all OpenStack services using Pacemaker # (occurrences of this variable will be gradually replaced with false) -$non_pcmk_start = hiera('step') >= 4 +$non_pcmk_start = hiera('step') >= 5 if hiera('step') >= 1 { @@ -68,9 +86,6 @@ if hiera('step') >= 1 { } else { $cluster_setup_extras = {} } - user { 'hacluster': - ensure => present, - } -> class { '::pacemaker': hacluster_pwd => hiera('hacluster_pwd'), } -> @@ -587,7 +602,7 @@ MYSQL_HOST=localhost\n", } #END STEP 2 -if hiera('step') >= 3 { +if hiera('step') >= 4 { class { '::keystone': sync_db => $sync_db, @@ -1129,11 +1144,45 @@ if hiera('step') >= 3 { $_profile_support = 'None' } $neutron_options = {'profile_support' => $_profile_support } + + $memcached_ipv6 = hiera('memcached_ipv6', false) + if $memcached_ipv6 { + $horizon_memcached_servers = hiera('memcache_node_ips_v6', '[::1]') + } else { + $horizon_memcached_servers = hiera('memcache_node_ips', '127.0.0.1') + } + class { '::horizon': - cache_server_ip => hiera('memcache_node_ips', '127.0.0.1'), + cache_server_ip => $horizon_memcached_servers, neutron_options => $neutron_options, } + # Aodh + class { '::aodh' : + database_connection => $ceilometer_database_connection, + } + include ::aodh::config + include ::aodh::auth + include ::aodh::client + include ::aodh::wsgi::apache + class { '::aodh::api': + manage_service => false, + enabled => false, + service_name => 'httpd', + } + class { '::aodh::evaluator': + manage_service => false, + enabled => false, + } + class { '::aodh::notifier': + manage_service => false, + enabled => false, + } + class { '::aodh::listener': + manage_service => false, + enabled => false, + } + $snmpd_user = hiera('snmpd_readonly_user_name') snmp::snmpv3_user { $snmpd_user: authtype => 'MD5', @@ -1146,9 +1195,9 @@ if hiera('step') >= 3 { hiera_include('controller_classes') -} #END STEP 3 +} #END STEP 4 -if hiera('step') >= 4 { +if hiera('step') >= 5 { $keystone_enable_db_purge = hiera('keystone_enable_db_purge', true) $nova_enable_db_purge = hiera('nova_enable_db_purge', true) $cinder_enable_db_purge = hiera('cinder_enable_db_purge', true) @@ -1323,7 +1372,7 @@ if hiera('step') >= 4 { Pacemaker::Resource::Service[$::glance::params::api_service_name]], } - if hiera('step') == 4 { + if hiera('step') == 5 { # Neutron # NOTE(gfidente): Neutron will try to populate the database with some data # as soon as neutron-server is started; to avoid races we want to make this @@ -1624,7 +1673,7 @@ if hiera('step') >= 4 { Pacemaker::Resource::Service[$::nova::params::conductor_service_name]], } - # Ceilometer + # Ceilometer and Aodh case downcase(hiera('ceilometer_backend')) { /mysql/: { pacemaker::resource::service { $::ceilometer::params::agent_central_service_name: @@ -1657,8 +1706,10 @@ if hiera('step') >= 4 { # Fedora doesn't know `require-all` parameter for constraints yet if $::operatingsystem == 'Fedora' { $redis_ceilometer_constraint_params = undef + $redis_aodh_constraint_params = undef } else { $redis_ceilometer_constraint_params = 'require-all=false' + $redis_aodh_constraint_params = 'require-all=false' } pacemaker::constraint::base { 'redis-then-ceilometer-central-constraint': constraint_type => 'order', @@ -1670,6 +1721,16 @@ if hiera('step') >= 4 { require => [Pacemaker::Resource::Ocf['redis'], Pacemaker::Resource::Service[$::ceilometer::params::agent_central_service_name]], } + pacemaker::constraint::base { 'redis-then-aodh-evaluator-constraint': + constraint_type => 'order', + first_resource => 'redis-master', + second_resource => "${::aodh::params::evaluator_service_name}-clone", + first_action => 'promote', + second_action => 'start', + constraint_params => $redis_aodh_constraint_params, + require => [Pacemaker::Resource::Ocf['redis'], + Pacemaker::Resource::Service[$::aodh::params::evaluator_service_name]], + } pacemaker::constraint::base { 'keystone-then-ceilometer-central-constraint': constraint_type => 'order', first_resource => 'openstack-core-clone', @@ -1720,6 +1781,55 @@ if hiera('step') >= 4 { require => [Pacemaker::Resource::Service[$::ceilometer::params::api_service_name], Pacemaker::Resource::Ocf['delay']], } + # Aodh + pacemaker::resource::service { $::aodh::params::evaluator_service_name : + clone_params => 'interleave=true', + } + pacemaker::resource::service { $::aodh::params::notifier_service_name : + clone_params => 'interleave=true', + } + pacemaker::resource::service { $::aodh::params::listener_service_name : + clone_params => 'interleave=true', + } + pacemaker::constraint::base { 'aodh-delay-then-aodh-evaluator-constraint': + constraint_type => 'order', + first_resource => 'delay-clone', + second_resource => "${::aodh::params::evaluator_service_name}-clone", + first_action => 'start', + second_action => 'start', + require => [Pacemaker::Resource::Service[$::aodh::params::evaluator_service_name], + Pacemaker::Resource::Ocf['delay']], + } + pacemaker::constraint::colocation { 'aodh-evaluator-with-aodh-delay-colocation': + source => "${::aodh::params::evaluator_service_name}-clone", + target => 'delay-clone', + score => 'INFINITY', + require => [Pacemaker::Resource::Service[$::aodh::params::evaluator_service_name], + Pacemaker::Resource::Ocf['delay']], + } + pacemaker::constraint::base { 'aodh-evaluator-then-aodh-notifier-constraint': + constraint_type => 'order', + first_resource => "${::aodh::params::evaluator_service_name}-clone", + second_resource => "${::aodh::params::notifier_service_name}-clone", + first_action => 'start', + second_action => 'start', + require => [Pacemaker::Resource::Service[$::aodh::params::evaluator_service_name], + Pacemaker::Resource::Service[$::aodh::params::notifier_service_name]], + } + pacemaker::constraint::colocation { 'aodh-notifier-with-aodh-evaluator-colocation': + source => "${::aodh::params::notifier_service_name}-clone", + target => "${::aodh::params::evaluator_service_name}-clone", + score => 'INFINITY', + require => [Pacemaker::Resource::Service[$::aodh::params::evaluator_service_name], + Pacemaker::Resource::Service[$::aodh::params::notifier_service_name]], + } + pacemaker::constraint::colocation { 'aodh-listener-with-aodh-evaluator-colocation': + source => "${::aodh::params::listener_service_name}-clone", + target => "${::aodh::params::evaluator_service_name}-clone", + score => 'INFINITY', + require => [Pacemaker::Resource::Service[$::aodh::params::evaluator_service_name], + Pacemaker::Resource::Service[$::aodh::params::listener_service_name]], + } if downcase(hiera('ceilometer_backend')) == 'mongodb' { pacemaker::constraint::base { 'mongodb-then-ceilometer-central-constraint': constraint_type => 'order', @@ -1848,9 +1958,9 @@ if hiera('step') >= 4 { } -} #END STEP 4 +} #END STEP 5 -if hiera('step') >= 5 { +if hiera('step') >= 6 { if $pacemaker_master { @@ -1872,7 +1982,7 @@ if hiera('step') >= 5 { } } -} #END STEP 5 +} #END STEP 6 $package_manifest_name = join(['/var/lib/tripleo/installed-packages/overcloud_controller_pacemaker', hiera('step')]) package_manifest{$package_manifest_name: ensure => present} diff --git a/puppet/manifests/ringbuilder.pp b/puppet/manifests/ringbuilder.pp index 2d880d33..a623da29 100644 --- a/puppet/manifests/ringbuilder.pp +++ b/puppet/manifests/ringbuilder.pp @@ -13,8 +13,6 @@ # License for the specific language governing permissions and limitations # under the License. -include ::tripleo::packages - define add_devices( $swift_zones = '1' ){ @@ -91,6 +89,6 @@ class tripleo::ringbuilder ( } } -include ::tripleo::ringbuilder - -package_manifest{'/var/lib/tripleo/installed-packages/ringbuilder': ensure => present} +if hiera('step') >= 3 { + include ::tripleo::ringbuilder +} diff --git a/puppet/swift-storage.yaml b/puppet/swift-storage.yaml index c26aca77..8a4ea21f 100644 --- a/puppet/swift-storage.yaml +++ b/puppet/swift-storage.yaml @@ -30,6 +30,10 @@ parameters: default: 10 description: Partition Power to use when building Swift rings type: number + RingBuild: + default: true + description: Whether to manage Swift rings or not + type: boolean Replicas: type: number default: 3 @@ -263,17 +267,14 @@ resources: raw_data: {get_file: hieradata/object.yaml} mapped_data: # data supplied directly to this deployment configuration, etc swift::swift_hash_suffix: { get_input: swift_hash_suffix } + tripleo::ringbuilder::build_ring: { get_input: swift_ring_build } tripleo::ringbuilder::part_power: { get_input: swift_part_power } tripleo::ringbuilder::replicas: {get_input: swift_replicas } - # Swift swift::storage::all::storage_local_net_ip: {get_input: swift_management_network} swift_mount_check: {get_input: swift_mount_check } tripleo::ringbuilder::min_part_hours: { get_input: swift_min_part_hours } ntp::servers: {get_input: ntp_servers} timezone::timezone: {get_input: timezone} - # NOTE(dprince): build_ring support is currently not wired in. - # See: https://review.openstack.org/#/c/109225/ - tripleo::ringbuilder::build_ring: True snmpd_readonly_user_name: {get_input: snmpd_readonly_user_name} snmpd_readonly_user_password: {get_input: snmpd_readonly_user_password} tripleo::packages::enable_install: {get_input: enable_package_install} @@ -294,6 +295,7 @@ resources: swift_hash_suffix: {get_param: HashSuffix} swift_mount_check: {get_param: MountCheck} swift_min_part_hours: {get_param: MinPartHours} + swift_ring_build: {get_param: RingBuild} swift_part_power: {get_param: PartPower} swift_replicas: { get_param: Replicas} ntp_servers: {get_param: NtpServer} diff --git a/puppet/vip-config.yaml b/puppet/vip-config.yaml index 5e2f698f..ebecd0cb 100644 --- a/puppet/vip-config.yaml +++ b/puppet/vip-config.yaml @@ -26,6 +26,7 @@ resources: nova_api_vip: {get_input: nova_api_vip} nova_metadata_vip: {get_input: nova_metadata_vip} ceilometer_api_vip: {get_input: ceilometer_api_vip} + aodh_api_vip: {get_input: aodh_api_vip} heat_api_vip: {get_input: heat_api_vip} horizon_vip: {get_input: horizon_vip} redis_vip: {get_input: redis_vip} |