diff options
Diffstat (limited to 'puppet')
21 files changed, 61 insertions, 130 deletions
diff --git a/puppet/all-nodes-config.yaml b/puppet/all-nodes-config.yaml index c764d4ef..89f2705e 100644 --- a/puppet/all-nodes-config.yaml +++ b/puppet/all-nodes-config.yaml @@ -56,6 +56,12 @@ parameters: Heat action on performed top-level stack. constraints: - allowed_values: ['CREATE', 'UPDATE'] + # NOTE(jaosorior): This is being set as IPA as it's the first + # CA we'll actually be testing out. But we can change this if + # people request it. + CertmongerCA: + type: string + default: 'IPA' resources: @@ -210,6 +216,8 @@ resources: cloud_name_storage: {get_param: cloud_name_storage} cloud_name_storage_mgmt: {get_param: cloud_name_storage_mgmt} cloud_name_ctlplane: {get_param: cloud_name_ctlplane} + # TLS parameters + certmonger_ca: {get_param: CertmongerCA} outputs: config_id: diff --git a/puppet/blockstorage-config.yaml b/puppet/blockstorage-config.yaml index e455c4cb..0a052315 100644 --- a/puppet/blockstorage-config.yaml +++ b/puppet/blockstorage-config.yaml @@ -1,7 +1,7 @@ heat_template_version: 2015-04-30 description: > - A software config which runs manifests/overcloud_volume.pp + A software config which applies puppet on the blockstorage role parameters: ConfigDebug: @@ -32,10 +32,13 @@ resources: config: list_join: - '' - - - get_file: manifests/overcloud_volume.pp + - - str_replace: + template: {get_file: manifests/overcloud_role.pp} + params: + __ROLE__: blockstorage - {get_param: StepConfig} outputs: OS::stack_id: - description: The software config which runs overcloud_controller.pp + description: The software config which applies puppet on the blockstorage role value: {get_resource: BlockStoragePuppetConfigImpl} diff --git a/puppet/cinder-storage.yaml b/puppet/blockstorage.yaml index a66ea08b..a66ea08b 100644 --- a/puppet/cinder-storage.yaml +++ b/puppet/blockstorage.yaml diff --git a/puppet/cephstorage-config.yaml b/puppet/cephstorage-config.yaml index 3f428609..09757ea7 100644 --- a/puppet/cephstorage-config.yaml +++ b/puppet/cephstorage-config.yaml @@ -1,7 +1,7 @@ heat_template_version: 2015-04-30 description: > - A software config which runs manifests/overcloud_cephstorage.pp + A software config which runs applies puppet on the cephstorage role parameters: ConfigDebug: @@ -32,10 +32,13 @@ resources: config: list_join: - '' - - - get_file: manifests/overcloud_cephstorage.pp + - - str_replace: + template: {get_file: manifests/overcloud_role.pp} + params: + __ROLE__: cephstorage - {get_param: StepConfig} outputs: OS::stack_id: - description: The software config which runs overcloud_controller.pp + description: The software config which applies puppet on the cephstorage role value: {get_resource: CephStoragePuppetConfigImpl} diff --git a/puppet/ceph-storage.yaml b/puppet/cephstorage.yaml index 03a53b00..03a53b00 100644 --- a/puppet/ceph-storage.yaml +++ b/puppet/cephstorage.yaml diff --git a/puppet/compute-config.yaml b/puppet/compute-config.yaml index 2314c47d..acc9e61d 100644 --- a/puppet/compute-config.yaml +++ b/puppet/compute-config.yaml @@ -1,7 +1,7 @@ heat_template_version: 2015-04-30 description: > - A software config which runs manifests/overcloud_compute.pp + A software config which applies puppet on the compute role parameters: ConfigDebug: @@ -32,10 +32,13 @@ resources: config: list_join: - '' - - - get_file: manifests/overcloud_compute.pp + - - str_replace: + template: {get_file: manifests/overcloud_role.pp} + params: + __ROLE__: compute - {get_param: StepConfig} outputs: OS::stack_id: - description: The software config which runs overcloud_controller.pp + description: The software config which applies puppet on the compute role value: {get_resource: ComputePuppetConfigImpl} diff --git a/puppet/controller-config.yaml b/puppet/controller-config.yaml index 99c7b26e..39963479 100644 --- a/puppet/controller-config.yaml +++ b/puppet/controller-config.yaml @@ -1,7 +1,7 @@ heat_template_version: 2015-04-30 description: > - A software config which runs manifests/overcloud_controller.pp + A software config which runs puppet on the controller role parameters: ConfigDebug: @@ -32,10 +32,13 @@ resources: config: list_join: - '' - - - get_file: manifests/overcloud_controller.pp + - - str_replace: + template: {get_file: manifests/overcloud_role.pp} + params: + __ROLE__: controller - {get_param: StepConfig} outputs: OS::stack_id: - description: The software config which runs overcloud_controller.pp + description: The software config which runs puppet on the controller role value: {get_resource: ControllerPuppetConfigImpl} diff --git a/puppet/extraconfig/tls/tls-cert-inject.yaml b/puppet/extraconfig/tls/tls-cert-inject.yaml index e281ef51..49d84574 100644 --- a/puppet/extraconfig/tls/tls-cert-inject.yaml +++ b/puppet/extraconfig/tls/tls-cert-inject.yaml @@ -64,11 +64,9 @@ resources: | openssl md5 | cut -c 10- \ > ${heat_outputs_path}.key_modulus # We need to reload haproxy in case the certificate changed because - # puppet doesn't know the contents of the cert file. The pacemaker - # case is handled separately in a pacemaker-specific resource. - pacemaker_status=$(systemctl is-active pacemaker) + # puppet doesn't know the contents of the cert file. haproxy_status=$(systemctl is-active haproxy) - if [ "$pacemaker_status" != "active" -a "$haproxy_status" = "active"]; then + if [ "$haproxy_status" = "active" ]; then systemctl reload haproxy fi diff --git a/puppet/manifests/overcloud_cephstorage.pp b/puppet/manifests/overcloud_cephstorage.pp deleted file mode 100644 index 2653badf..00000000 --- a/puppet/manifests/overcloud_cephstorage.pp +++ /dev/null @@ -1,21 +0,0 @@ -# Copyright 2015 Red Hat, Inc. -# All Rights Reserved. -# -# Licensed under the Apache License, Version 2.0 (the "License"); you may -# not use this file except in compliance with the License. You may obtain -# a copy of the License at -# -# http://www.apache.org/licenses/LICENSE-2.0 -# -# Unless required by applicable law or agreed to in writing, software -# distributed under the License is distributed on an "AS IS" BASIS, WITHOUT -# WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the -# License for the specific language governing permissions and limitations -# under the License. - -if hiera('step') >= 4 { - hiera_include('ceph_classes', []) -} - -$package_manifest_name = join(['/var/lib/tripleo/installed-packages/overcloud_ceph', hiera('step')]) -package_manifest{$package_manifest_name: ensure => present} diff --git a/puppet/manifests/overcloud_controller.pp b/puppet/manifests/overcloud_controller.pp deleted file mode 100644 index 25bdbfb2..00000000 --- a/puppet/manifests/overcloud_controller.pp +++ /dev/null @@ -1,21 +0,0 @@ -# Copyright 2014 Red Hat, Inc. -# All Rights Reserved. -# -# Licensed under the Apache License, Version 2.0 (the "License"); you may -# not use this file except in compliance with the License. You may obtain -# a copy of the License at -# -# http://www.apache.org/licenses/LICENSE-2.0 -# -# Unless required by applicable law or agreed to in writing, software -# distributed under the License is distributed on an "AS IS" BASIS, WITHOUT -# WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the -# License for the specific language governing permissions and limitations -# under the License. - -if hiera('step') >= 4 { - hiera_include('controller_classes', []) -} - -$package_manifest_name = join(['/var/lib/tripleo/installed-packages/overcloud_controller', hiera('step')]) -package_manifest{$package_manifest_name: ensure => present} diff --git a/puppet/manifests/overcloud_object.pp b/puppet/manifests/overcloud_object.pp deleted file mode 100644 index 414a06ba..00000000 --- a/puppet/manifests/overcloud_object.pp +++ /dev/null @@ -1,21 +0,0 @@ -# Copyright 2015 Red Hat, Inc. -# All Rights Reserved. -# -# Licensed under the Apache License, Version 2.0 (the "License"); you may -# not use this file except in compliance with the License. You may obtain -# a copy of the License at -# -# http://www.apache.org/licenses/LICENSE-2.0 -# -# Unless required by applicable law or agreed to in writing, software -# distributed under the License is distributed on an "AS IS" BASIS, WITHOUT -# WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the -# License for the specific language governing permissions and limitations -# under the License. - -if hiera('step') >= 4 { - hiera_include('object_classes', []) -} - -$package_manifest_name = join(['/var/lib/tripleo/installed-packages/overcloud_object', hiera('step')]) -package_manifest{$package_manifest_name: ensure => present} diff --git a/puppet/manifests/overcloud_compute.pp b/puppet/manifests/overcloud_role.pp index f96c193c..1a59620c 100644 --- a/puppet/manifests/overcloud_compute.pp +++ b/puppet/manifests/overcloud_role.pp @@ -13,9 +13,14 @@ # License for the specific language governing permissions and limitations # under the License. +# The content of this file will be used to generate +# the puppet manifests for all roles, the placeholder +# __ROLE__ will be replaced by 'controller', 'blockstorage', +# 'cephstorage' and all the deployed roles. + if hiera('step') >= 4 { - hiera_include('compute_classes', []) + hiera_include('__ROLE___classes', []) } -$package_manifest_name = join(['/var/lib/tripleo/installed-packages/overcloud_compute', hiera('step')]) +$package_manifest_name = join(['/var/lib/tripleo/installed-packages/overcloud___ROLE__', hiera('step')]) package_manifest{$package_manifest_name: ensure => present} diff --git a/puppet/manifests/overcloud_volume.pp b/puppet/manifests/overcloud_volume.pp deleted file mode 100644 index e1cdadd5..00000000 --- a/puppet/manifests/overcloud_volume.pp +++ /dev/null @@ -1,21 +0,0 @@ -# Copyright 2015 Red Hat, Inc. -# All Rights Reserved. -# -# Licensed under the Apache License, Version 2.0 (the "License"); you may -# not use this file except in compliance with the License. You may obtain -# a copy of the License at -# -# http://www.apache.org/licenses/LICENSE-2.0 -# -# Unless required by applicable law or agreed to in writing, software -# distributed under the License is distributed on an "AS IS" BASIS, WITHOUT -# WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the -# License for the specific language governing permissions and limitations -# under the License. - -if hiera('step') >= 4 { - hiera_include('volume_classes', []) -} - -$package_manifest_name = join(['/var/lib/tripleo/installed-packages/overcloud_volume', hiera('step')]) -package_manifest{$package_manifest_name: ensure => present} diff --git a/puppet/objectstorage-config.yaml b/puppet/objectstorage-config.yaml index 33480544..76bffdd1 100644 --- a/puppet/objectstorage-config.yaml +++ b/puppet/objectstorage-config.yaml @@ -1,7 +1,7 @@ heat_template_version: 2015-04-30 description: > - A software config which runs manifests/overcloud_object.pp + A software config which applies puppet on the objectstorage role parameters: ConfigDebug: @@ -32,10 +32,13 @@ resources: config: list_join: - '' - - - get_file: manifests/overcloud_object.pp + - - str_replace: + template: {get_file: manifests/overcloud_role.pp} + params: + __ROLE__: objectstorage - {get_param: StepConfig} outputs: OS::stack_id: - description: The software config which runs overcloud_controller.pp + description: The software config which applies puppet on the objectstorage role value: {get_resource: ObjectStoragePuppetConfigImpl} diff --git a/puppet/swift-storage.yaml b/puppet/objectstorage.yaml index 899ba66d..899ba66d 100644 --- a/puppet/swift-storage.yaml +++ b/puppet/objectstorage.yaml diff --git a/puppet/services/aodh-base.yaml b/puppet/services/aodh-base.yaml index 950e9026..0e2410f7 100644 --- a/puppet/services/aodh-base.yaml +++ b/puppet/services/aodh-base.yaml @@ -59,14 +59,7 @@ outputs: value: service_name: aodh_base config_settings: - aodh::evaluator::coordination_url: - list_join: - - '' - - - 'redis://:' - - {get_param: RedisPassword} - - '@' - - "%{hiera('redis_vip')}" - - ':6379/' + aodh_redis_password: {get_param: RedisPassword} aodh::db::database_connection: list_join: - '' diff --git a/puppet/services/ceilometer-agent-central.yaml b/puppet/services/ceilometer-agent-central.yaml index 2ae46d0e..c4abc307 100644 --- a/puppet/services/ceilometer-agent-central.yaml +++ b/puppet/services/ceilometer-agent-central.yaml @@ -51,13 +51,6 @@ outputs: config_settings: map_merge: - get_attr: [CeilometerServiceBase, role_data, config_settings] - - ceilometer::agent::central::coordination_url: - list_join: - - '' - - - 'redis://:' - - {get_param: RedisPassword} - - '@' - - "%{hiera('redis_vip')}" - - ':6379/' + - ceilometer_redis_password: {get_param: RedisPassword} step_config: | include ::tripleo::profile::base::ceilometer::agent::central diff --git a/puppet/services/cinder-base.yaml b/puppet/services/cinder-base.yaml index 93ab1d79..59c9b844 100644 --- a/puppet/services/cinder-base.yaml +++ b/puppet/services/cinder-base.yaml @@ -66,7 +66,6 @@ outputs: cinder::rabbit_password: {get_param: RabbitPassword} cinder::rabbit_port: {get_param: RabbitClientPort} cinder::rabbit_heartbeat_timeout_threshold: 60 - cinder::host: hostgroup cinder::cron::db_purge::destination: '/dev/null' cinder::db::database_db_max_retries: -1 cinder::db::database_max_retries: -1 diff --git a/puppet/services/gnocchi-base.yaml b/puppet/services/gnocchi-base.yaml index 73889363..556baae0 100644 --- a/puppet/services/gnocchi-base.yaml +++ b/puppet/services/gnocchi-base.yaml @@ -56,6 +56,7 @@ outputs: service_name: gnocchi_base config_settings: #Gnocchi engine + gnocchi_redis_password: {get_param: RedisPassword} gnocchi::debug: {get_param: Debug} gnocchi::db::database_connection: list_join: @@ -67,14 +68,6 @@ outputs: - {get_param: [EndpointMap, MysqlInternal, host]} - '/gnocchi' gnocchi::db::sync::extra_opts: '--skip-storage --create-legacy-resource-types' - gnocchi::storage::coordination_url: - list_join: - - '' - - - 'redis://:' - - {get_param: RedisPassword} - - '@' - - "%{hiera('redis_vip')}" - - ':6379/' gnocchi::storage::swift::swift_user: 'service:gnocchi' gnocchi::storage::swift::swift_auth_version: 2 gnocchi::storage::swift::swift_key: {get_param: GnocchiPassword} diff --git a/puppet/services/pacemaker/cinder-volume.yaml b/puppet/services/pacemaker/cinder-volume.yaml index 11b9bf8f..d91a0181 100644 --- a/puppet/services/pacemaker/cinder-volume.yaml +++ b/puppet/services/pacemaker/cinder-volume.yaml @@ -41,5 +41,6 @@ outputs: - get_attr: [CinderVolumeBase, role_data, config_settings] - cinder::volume::manage_service: false cinder::volume::enabled: false + cinder::host: hostgroup step_config: include ::tripleo::profile::pacemaker::cinder::volume diff --git a/puppet/services/rabbitmq.yaml b/puppet/services/rabbitmq.yaml index 52300a2f..5387529d 100644 --- a/puppet/services/rabbitmq.yaml +++ b/puppet/services/rabbitmq.yaml @@ -38,6 +38,13 @@ parameters: type: string default: '' hidden: true + RabbitHAQueues: + description: + The number of HA queues to be configured in rabbit. The default is 0 which will + be automatically overridden to CEIL(N/2) where N is the number of nodes running + rabbitmq. + default: 0 + type: number MonitoringSubscriptionRabbitmq: default: 'overcloud-rabbitmq' type: string @@ -73,6 +80,7 @@ outputs: rabbitmq_config_variables: tcp_listen_options: '[binary, {packet, raw}, {reuseaddr, true}, {backlog, 128}, {nodelay, true}, {exit_on_close, false}, {keepalive, true}]' cluster_partition_handling: 'pause_minority' + queue_master_locator: '<<"min-masters">>' loopback_users: '[]' rabbitmq::erlang_cookie: yaql: @@ -88,5 +96,7 @@ outputs: # internal_api_uri -> [IP] # internal_api_subnet - > IP/CIDR rabbitmq::node_ip_address: {get_param: [ServiceNetMap, RabbitmqNetwork]} + rabbitmq::nr_ha_queues: {get_param: RabbitHAQueues} + step_config: | include ::tripleo::profile::base::rabbitmq |