diff options
Diffstat (limited to 'puppet')
| -rw-r--r-- | puppet/extraconfig/pre_deploy/compute/neutron-ml2-bigswitch.yaml | 21 | ||||
| -rw-r--r-- | puppet/extraconfig/pre_deploy/controller/neutron-ml2-bigswitch.yaml | 19 | ||||
| -rw-r--r-- | puppet/role.role.j2.yaml | 2 | ||||
| -rw-r--r-- | puppet/services/cinder-base.yaml | 2 | ||||
| -rw-r--r-- | puppet/services/database/mysql.yaml | 50 | ||||
| -rw-r--r-- | puppet/services/glance-api.yaml | 4 | ||||
| -rw-r--r-- | puppet/services/nova-compute.yaml | 2 | ||||
| -rw-r--r-- | puppet/services/nova-placement.yaml | 2 |
8 files changed, 56 insertions, 46 deletions
diff --git a/puppet/extraconfig/pre_deploy/compute/neutron-ml2-bigswitch.yaml b/puppet/extraconfig/pre_deploy/compute/neutron-ml2-bigswitch.yaml index 93408dd1..6e010dea 100644 --- a/puppet/extraconfig/pre_deploy/compute/neutron-ml2-bigswitch.yaml +++ b/puppet/extraconfig/pre_deploy/compute/neutron-ml2-bigswitch.yaml @@ -24,17 +24,16 @@ resources: config: datafiles: neutron_bigswitch_data: - mapped_data: - neutron::agents::bigswitch::agent_enabled: {get_input: neutron_enable_bigswitch_agent} - neutron::agents::bigswitch::lldp_enabled: {get_input: neutron_enable_bigswitch_lldp} - # NOTE(aschultz): required for the puppet module but we don't - # actually want them defined on the compute nodes so we're - # relying on the puppet module's handling of <SERVICE DEFAULT> - # to just not set these but still accept that they were defined. - # This will should be fixed in puppet-neutron and removed here, - # but for backportability, we need to define something. - neutron::plugins::ml2::bigswitch::restproxy::servers: '<SERVICE DEFAULT>' - neutron::plugins::ml2::bigswitch::restproxy::server_auth: '<SERVICE DEFAULT>' + neutron::agents::bigswitch::agent_enabled: {get_input: neutron_enable_bigswitch_agent} + neutron::agents::bigswitch::lldp_enabled: {get_input: neutron_enable_bigswitch_lldp} + # NOTE(aschultz): required for the puppet module but we don't + # actually want them defined on the compute nodes so we're + # relying on the puppet module's handling of <SERVICE DEFAULT> + # to just not set these but still accept that they were defined. + # This will should be fixed in puppet-neutron and removed here, + # but for backportability, we need to define something. + neutron::plugins::ml2::bigswitch::restproxy::servers: '<SERVICE DEFAULT>' + neutron::plugins::ml2::bigswitch::restproxy::server_auth: '<SERVICE DEFAULT>' NeutronBigswitchDeployment: diff --git a/puppet/extraconfig/pre_deploy/controller/neutron-ml2-bigswitch.yaml b/puppet/extraconfig/pre_deploy/controller/neutron-ml2-bigswitch.yaml index 71a915df..cda598a5 100644 --- a/puppet/extraconfig/pre_deploy/controller/neutron-ml2-bigswitch.yaml +++ b/puppet/extraconfig/pre_deploy/controller/neutron-ml2-bigswitch.yaml @@ -50,16 +50,15 @@ resources: config: datafiles: neutron_bigswitch_data: - mapped_data: - neutron::agents::bigswitch::agent_enabled: {get_input: neutron_enable_bigswitch_agent} - neutron::agents::bigswitch::lldp_enabled: {get_input: neutron_enable_bigswitch_lldp} - neutron::plugins::ml2::bigswitch::restproxy::servers: {get_input: restproxy_servers} - neutron::plugins::ml2::bigswitch::restproxy::server_auth: {get_input: restproxy_server_auth} - neutron::plugins::ml2::bigswitch::restproxy::auto_sync_on_failure: {get_input: restproxy_auto_sync_on_failure} - neutron::plugins::ml2::bigswitch::restproxy::consistency_interval: {get_input: restproxy_consistency_interval} - neutron::plugins::ml2::bigswitch::restproxy::neutron_id: {get_input: restproxy_neutron_id} - neutron::plugins::ml2::bigswitch::restproxy::server_ssl: {get_input: restproxy_server_ssl} - neutron::plugins::ml2::bigswitch::restproxy::ssl_cert_directory: {get_input: restproxy_ssl_cert_directory} + neutron::agents::bigswitch::agent_enabled: {get_input: neutron_enable_bigswitch_agent} + neutron::agents::bigswitch::lldp_enabled: {get_input: neutron_enable_bigswitch_lldp} + neutron::plugins::ml2::bigswitch::restproxy::servers: {get_input: restproxy_servers} + neutron::plugins::ml2::bigswitch::restproxy::server_auth: {get_input: restproxy_server_auth} + neutron::plugins::ml2::bigswitch::restproxy::auto_sync_on_failure: {get_input: restproxy_auto_sync_on_failure} + neutron::plugins::ml2::bigswitch::restproxy::consistency_interval: {get_input: restproxy_consistency_interval} + neutron::plugins::ml2::bigswitch::restproxy::neutron_id: {get_input: restproxy_neutron_id} + neutron::plugins::ml2::bigswitch::restproxy::server_ssl: {get_input: restproxy_server_ssl} + neutron::plugins::ml2::bigswitch::restproxy::ssl_cert_directory: {get_input: restproxy_ssl_cert_directory} NeutronBigswitchDeployment: type: OS::Heat::StructuredDeployment diff --git a/puppet/role.role.j2.yaml b/puppet/role.role.j2.yaml index 15da1773..d53afd04 100644 --- a/puppet/role.role.j2.yaml +++ b/puppet/role.role.j2.yaml @@ -565,6 +565,7 @@ resources: - bootstrap_node # provided by allNodesConfig - all_nodes # provided by allNodesConfig - vip_data # provided by allNodesConfig + - net_ip_map - '"%{::osfamily}"' # The following are required for compatibility with the Controller role # where some vendor integrations added hieradata via ExtraConfigPre @@ -578,6 +579,7 @@ resources: service_names: service_names: {get_param: ServiceNames} sensu::subscriptions: {get_param: MonitoringSubscriptions} + net_ip_map: {get_attr: [NetIpMap, net_ip_map]} service_configs: map_replace: - {get_param: ServiceConfigSettings} diff --git a/puppet/services/cinder-base.yaml b/puppet/services/cinder-base.yaml index 5b2a2582..2a8026da 100644 --- a/puppet/services/cinder-base.yaml +++ b/puppet/services/cinder-base.yaml @@ -89,7 +89,7 @@ parameters: type: string description: > Cron to move deleted instances to another table - User - default: 'keystone' + default: 'cinder' CinderCronDbPurgeAge: type: string description: > diff --git a/puppet/services/database/mysql.yaml b/puppet/services/database/mysql.yaml index abbe7a22..c1f54bb6 100644 --- a/puppet/services/database/mysql.yaml +++ b/puppet/services/database/mysql.yaml @@ -57,6 +57,11 @@ parameters: EnableInternalTLS: type: boolean default: false + MysqlIPv6: + default: false + description: Enable IPv6 in MySQL + type: boolean + conditions: @@ -77,6 +82,7 @@ outputs: # in tripleo-puppet-elements. mysql::server::package_name: 'mariadb-galera-server' mysql::server::manage_config_file: true + mysql_ipv6: {get_param: MysqlIPv6} tripleo.mysql.firewall_rules: '104 mysql galera': dport: @@ -113,30 +119,34 @@ outputs: {get_param: [ServiceNetMap, MysqlNetwork]} tripleo::profile::base::database::mysql::generate_dropin_file_limit: {get_param: MysqlIncreaseFileLimit} - - generate_service_certificates: true - tripleo::profile::base::database::mysql::certificate_specs: - service_certificate: '/etc/pki/tls/certs/mysql.crt' - service_key: '/etc/pki/tls/private/mysql.key' - hostname: - str_replace: - template: "%{hiera('cloud_name_NETWORK')}" - params: - NETWORK: {get_param: [ServiceNetMap, MysqlNetwork]} - dnsnames: - - str_replace: + - if: + - internal_tls_enabled + - + generate_service_certificates: true + tripleo::profile::base::database::mysql::certificate_specs: + service_certificate: '/etc/pki/tls/certs/mysql.crt' + service_key: '/etc/pki/tls/private/mysql.key' + hostname: + str_replace: template: "%{hiera('cloud_name_NETWORK')}" params: NETWORK: {get_param: [ServiceNetMap, MysqlNetwork]} - - str_replace: - template: - "%{hiera('fqdn_$NETWORK')}" + dnsnames: + - str_replace: + template: "%{hiera('cloud_name_NETWORK')}" + params: + NETWORK: {get_param: [ServiceNetMap, MysqlNetwork]} + - str_replace: + template: + "%{hiera('fqdn_$NETWORK')}" + params: + $NETWORK: {get_param: [ServiceNetMap, MysqlNetwork]} + principal: + str_replace: + template: "mysql/%{hiera('cloud_name_NETWORK')}" params: - $NETWORK: {get_param: [ServiceNetMap, MysqlNetwork]} - principal: - str_replace: - template: "mysql/%{hiera('cloud_name_NETWORK')}" - params: - NETWORK: {get_param: [ServiceNetMap, MysqlNetwork]} + NETWORK: {get_param: [ServiceNetMap, MysqlNetwork]} + - {} step_config: | include ::tripleo::profile::base::database::mysql metadata_settings: diff --git a/puppet/services/glance-api.yaml b/puppet/services/glance-api.yaml index 8ec3546f..1baf120b 100644 --- a/puppet/services/glance-api.yaml +++ b/puppet/services/glance-api.yaml @@ -78,10 +78,10 @@ parameters: GlanceBackend: default: swift description: The short name of the Glance backend to use. Should be one - of swift, rbd, or file + of swift, rbd, cinder, or file type: string constraints: - - allowed_values: ['swift', 'file', 'rbd'] + - allowed_values: ['swift', 'file', 'rbd', 'cinder'] GlanceNfsEnabled: default: false description: > diff --git a/puppet/services/nova-compute.yaml b/puppet/services/nova-compute.yaml index 9e5ba129..5326a250 100644 --- a/puppet/services/nova-compute.yaml +++ b/puppet/services/nova-compute.yaml @@ -210,7 +210,7 @@ outputs: collectd: tripleo.collectd.plugins.nova_compute: - virt - collectd::plugins::virt::connection: "qemu:///system" + collectd::plugin::virt::connection: 'qemu:///system' upgrade_tasks: - name: Stop nova-compute service tags: step1 diff --git a/puppet/services/nova-placement.yaml b/puppet/services/nova-placement.yaml index 916cefd9..e44a7215 100644 --- a/puppet/services/nova-placement.yaml +++ b/puppet/services/nova-placement.yaml @@ -99,7 +99,7 @@ outputs: - 13778 nova::keystone::authtoken::project_name: 'service' nova::keystone::authtoken::password: {get_param: NovaPassword} - nova::keystone::authtoken::auth_uri: {get_param: [EndpointMap, KeystoneInternal, uri] } + nova::keystone::authtoken::auth_uri: {get_param: [EndpointMap, KeystoneInternal, uri_no_suffix] } nova::keystone::authtoken::auth_url: {get_param: [EndpointMap, KeystoneAdmin, uri_no_suffix]} nova::wsgi::apache_placement::api_port: '8778' nova::wsgi::apache_placement::ssl: {get_param: EnableInternalTLS} |