diff options
Diffstat (limited to 'puppet')
40 files changed, 187 insertions, 153 deletions
diff --git a/puppet/all-nodes-config.yaml b/puppet/all-nodes-config.yaml index 793b17dd..6f13b74e 100644 --- a/puppet/all-nodes-config.yaml +++ b/puppet/all-nodes-config.yaml @@ -104,7 +104,7 @@ resources: list_join: - ',' - {get_param: controller_names} - rabbit_node_ips: &rabbit_nodes_array + rabbit_node_ips: str_replace: template: "['SERVERS_LIST']" params: @@ -112,6 +112,22 @@ resources: list_join: - "','" - {get_param: rabbit_node_ips} + rabbitmq_node_ips: &rabbit_nodes_array + str_replace: + template: "['SERVERS_LIST']" + params: + SERVERS_LIST: + list_join: + - "','" + - {get_param: rabbit_node_ips} + mongodb_node_ips: + str_replace: + template: "['SERVERS_LIST']" + params: + SERVERS_LIST: + list_join: + - "','" + - {get_param: mongo_node_ips} mongo_node_ips: str_replace: template: "['SERVERS_LIST']" @@ -128,6 +144,22 @@ resources: list_join: - "','" - {get_param: redis_node_ips} + memcached_node_ips: + str_replace: + template: "['SERVERS_LIST']" + params: + SERVERS_LIST: + list_join: + - "','" + - {get_param: memcache_node_ips} + memcached_node_ips_v6: + str_replace: + template: "['inet6:[SERVERS_LIST]']" + params: + SERVERS_LIST: + list_join: + - "]','inet6:[" + - {get_param: memcache_node_ips} memcache_node_ips: str_replace: template: "['SERVERS_LIST']" diff --git a/puppet/ceph-storage.yaml b/puppet/ceph-storage.yaml index 2f007536..08d66f5c 100644 --- a/puppet/ceph-storage.yaml +++ b/puppet/ceph-storage.yaml @@ -1,8 +1,9 @@ -heat_template_version: 2015-04-30 +heat_template_version: 2016-10-14 description: 'OpenStack ceph storage node configured by Puppet' parameters: - Flavor: + OvercloudCephStorageFlavor: description: Flavor for the Ceph Storage node. + default: baremetal type: string constraints: - custom_constraint: nova.flavor @@ -70,7 +71,6 @@ parameters: constraints: - allowed_values: [POLL_SERVER_CFN, POLL_SERVER_HEAT, POLL_TEMP_URL, ZAQAR_MESSAGE] CloudDomain: - default: '' type: string description: > The DNS domain used for the hosts. This should match the dhcp_domain @@ -108,7 +108,7 @@ resources: properties: image: {get_param: CephStorageImage} image_update_policy: {get_param: ImageUpdatePolicy} - flavor: {get_param: Flavor} + flavor: {get_param: OvercloudCephStorageFlavor} key_name: {get_param: KeyName} networks: - network: ctlplane @@ -263,7 +263,10 @@ resources: mapped_data: service_names: {get_param: ServiceNames} service_configs: - mapped_data: {get_param: ServiceConfigSettings} + mapped_data: + map_replace: + - {get_param: ServiceConfigSettings} + - values: {get_attr: [NetIpMap, net_ip_map]} network: mapped_data: net_ip_map: {get_attr: [NetIpMap, net_ip_map]} @@ -274,7 +277,6 @@ resources: extraconfig: mapped_data: {get_param: ExtraConfig} ceph: - raw_data: {get_file: hieradata/ceph.yaml} mapped_data: tripleo::packages::enable_install: {get_input: enable_package_install} tripleo::packages::enable_upgrade: {get_input: enable_package_upgrade} diff --git a/puppet/cinder-storage.yaml b/puppet/cinder-storage.yaml index 28f16866..ba84fb77 100644 --- a/puppet/cinder-storage.yaml +++ b/puppet/cinder-storage.yaml @@ -1,4 +1,4 @@ -heat_template_version: 2015-04-30 +heat_template_version: 2016-10-14 description: 'OpenStack cinder storage configured by Puppet' parameters: BlockStorageImage: @@ -20,9 +20,10 @@ parameters: BlockStorageIPs: default: {} type: json - Flavor: + OvercloudBlockStorageFlavor: description: Flavor for block storage nodes to request when deploying. type: string + default: baremetal constraints: - custom_constraint: nova.flavor KeyName: @@ -72,7 +73,6 @@ parameters: constraints: - allowed_values: [POLL_SERVER_CFN, POLL_SERVER_HEAT, POLL_TEMP_URL, ZAQAR_MESSAGE] CloudDomain: - default: '' type: string description: > The DNS domain used for the hosts. This should match the dhcp_domain @@ -270,7 +270,10 @@ resources: mapped_data: service_names: {get_param: ServiceNames} service_configs: - mapped_data: {get_param: ServiceConfigSettings} + mapped_data: + map_replace: + - {get_param: ServiceConfigSettings} + - values: {get_attr: [NetIpMap, net_ip_map]} network: mapped_data: net_ip_map: {get_attr: [NetIpMap, net_ip_map]} @@ -281,7 +284,6 @@ resources: extraconfig: mapped_data: {get_param: ExtraConfig} volume: - raw_data: {get_file: hieradata/volume.yaml} mapped_data: # Cinder tripleo::profile::base::cinder::volume::iscsi::cinder_iscsi_ip_address: {get_input: cinder_iscsi_ip_address} diff --git a/puppet/compute.yaml b/puppet/compute.yaml index 1ae55cd3..0fc5345c 100644 --- a/puppet/compute.yaml +++ b/puppet/compute.yaml @@ -1,4 +1,4 @@ -heat_template_version: 2015-10-15 +heat_template_version: 2016-10-14 description: > OpenStack hypervisor node configured via Puppet. @@ -40,8 +40,9 @@ parameters: Additional hiera configuration to inject into the cluster. Note that NovaComputeExtraConfig takes precedence over ExtraConfig. type: json - Flavor: + OvercloudComputeFlavor: description: Flavor for the nova compute node + default: baremetal type: string constraints: - custom_constraint: nova.flavor @@ -194,7 +195,6 @@ parameters: constraints: - allowed_values: [POLL_SERVER_CFN, POLL_SERVER_HEAT, POLL_TEMP_URL, ZAQAR_MESSAGE] CloudDomain: - default: '' type: string description: > The DNS domain used for the hosts. This should match the dhcp_domain @@ -231,7 +231,7 @@ resources: image: {get_param: NovaImage} image_update_policy: get_param: ImageUpdatePolicy - flavor: {get_param: Flavor} + flavor: {get_param: OvercloudComputeFlavor} key_name: {get_param: KeyName} networks: - network: ctlplane @@ -367,7 +367,6 @@ resources: - service_configs - compute - ceph_cluster # provided by CephClusterConfig - - ceph - all_nodes # provided by allNodesConfig - '"%{::osfamily}"' - network @@ -382,7 +381,10 @@ resources: mapped_data: service_names: {get_param: ServiceNames} service_configs: - mapped_data: {get_param: ServiceConfigSettings} + mapped_data: + map_replace: + - {get_param: ServiceConfigSettings} + - values: {get_attr: [NetIpMap, net_ip_map]} compute_extraconfig: mapped_data: {get_param: NovaComputeExtraConfig} extraconfig: @@ -392,10 +394,7 @@ resources: net_ip_map: {get_attr: [NetIpMap, net_ip_map]} net_ip_subnet_map: {get_attr: [NetIpMap, net_ip_subnet_map]} net_ip_uri_map: {get_attr: [NetIpMap, net_ip_uri_map]} - ceph: - raw_data: {get_file: hieradata/ceph.yaml} compute: - raw_data: {get_file: hieradata/compute.yaml} mapped_data: cinder_enable_nfs_backend: {get_input: cinder_enable_nfs_backend} nova::use_ipv6: {get_input: nova_ipv6} diff --git a/puppet/controller.yaml b/puppet/controller.yaml index 93ba4760..4591edf2 100644 --- a/puppet/controller.yaml +++ b/puppet/controller.yaml @@ -1,4 +1,4 @@ -heat_template_version: 2016-04-08 +heat_template_version: 2016-10-14 description: > OpenStack controller node configured by Puppet. @@ -93,8 +93,9 @@ parameters: ] } type: json - Flavor: + OvercloudControlFlavor: description: Flavor for control nodes to request when deploying. + default: baremetal type: string constraints: - custom_constraint: nova.flavor @@ -136,10 +137,6 @@ parameters: type: string constraints: - custom_constraint: nova.keypair - KeystoneRegion: - type: string - default: 'regionOne' - description: Keystone region for endpoint ManageFirewall: default: false description: Whether to manage IPtables rules. @@ -300,7 +297,6 @@ parameters: constraints: - allowed_values: [POLL_SERVER_CFN, POLL_SERVER_HEAT, POLL_TEMP_URL, ZAQAR_MESSAGE] CloudDomain: - default: '' type: string description: > The DNS domain used for the hosts. This should match the dhcp_domain @@ -342,7 +338,7 @@ resources: properties: image: {get_param: controllerImage} image_update_policy: {get_param: ImageUpdatePolicy} - flavor: {get_param: Flavor} + flavor: {get_param: OvercloudControlFlavor} key_name: {get_param: KeyName} networks: - network: ctlplane @@ -495,12 +491,6 @@ resources: horizon_secret: {get_param: HorizonSecret} admin_password: {get_param: AdminPassword} debug: {get_param: Debug} - cinder_public_url: {get_param: [EndpointMap, CinderPublic, uri]} - cinder_internal_url: {get_param: [EndpointMap, CinderInternal, uri]} - cinder_admin_url: {get_param: [EndpointMap, CinderAdmin, uri]} - cinder_public_url_v2: {get_param: [EndpointMap, CinderV2Public, uri]} - cinder_internal_url_v2: {get_param: [EndpointMap, CinderV2Internal, uri]} - cinder_admin_url_v2: {get_param: [EndpointMap, CinderV2Admin, uri]} keystone_identity_uri: { get_param: [EndpointMap, KeystoneAdmin, uri_no_suffix] } keystone_auth_uri: {get_param: [EndpointMap, KeystoneInternal, uri] } keystone_ec2_uri: { get_param: [EndpointMap, KeystoneEC2, uri] } @@ -519,12 +509,6 @@ resources: params: CLUSTER: {get_param: MysqlClusterUniquePart} neutron_metadata_proxy_shared_secret: {get_param: NeutronMetadataProxySharedSecret} - neutron_password: {get_param: NeutronPassword} - neutron_internal_url: { get_param: [ EndpointMap, NeutronInternal, uri ] } - neutron_public_url: { get_param: [ EndpointMap, NeutronPublic, uri ] } - neutron_admin_url: { get_param: [ EndpointMap, NeutronAdmin, uri ] } - neutron_auth_url: { get_param: [ EndpointMap, KeystoneV3Admin, uri ] } - nova_internal_url: { get_param: [ EndpointMap, NovaInternal, uri ] } aodh_internal_url: { get_param: [ EndpointMap, AodhInternal, uri ] } aodh_public_url: { get_param: [ EndpointMap, AodhPublic, uri ] } aodh_admin_url: { get_param: [ EndpointMap, AodhAdmin, uri ] } @@ -536,9 +520,6 @@ resources: - '@' - {get_param: RedisVirtualIPUri} - ':6379/' - gnocchi_internal_url: {get_param: [EndpointMap, GnocchiInternal, uri]} - gnocchi_public_url: { get_param: [ EndpointMap, GnocchiPublic, uri ] } - gnocchi_admin_url: { get_param: [ EndpointMap, GnocchiAdmin, uri ] } nova_enable_db_purge: {get_param: NovaEnableDBPurge} nova_ipv6: {get_param: NovaIPv6} corosync_ipv6: {get_param: CorosyncIPv6} @@ -546,9 +527,6 @@ resources: nova_password: {get_param: NovaPassword} upgrade_level_nova_compute: {get_param: UpgradeLevelNovaCompute} instance_name_template: {get_param: InstanceNameTemplate} - nova_public_url: {get_param: [EndpointMap, NovaPublic, uri]} - nova_internal_url: {get_param: [EndpointMap, NovaInternal, uri]} - nova_admin_url: {get_param: [EndpointMap, NovaAdmin, uri]} fencing_config: {get_param: FencingConfig} pcsd_password: {get_param: PcsdPassword} rabbit_username: {get_param: RabbitUserName} @@ -575,9 +553,8 @@ resources: heat_api_network: {get_attr: [NetIpMap, net_ip_map, {get_param: [ServiceNetMap, HeatApiNetwork]}]} keystone_public_api_network: {get_attr: [NetIpMap, net_ip_map, {get_param: [ServiceNetMap, KeystonePublicApiNetwork]}]} keystone_admin_api_network: {get_attr: [NetIpMap, net_ip_map, {get_param: [ServiceNetMap, KeystoneAdminApiNetwork]}]} - keystone_region: {get_param: KeystoneRegion} manila_api_network: {get_attr: [NetIpMap, net_ip_map, {get_param: [ServiceNetMap, ManilaApiNetwork]}]} - mongo_db_network: {get_attr: [NetIpMap, net_ip_map, {get_param: [ServiceNetMap, MongoDbNetwork]}]} + mongo_db_network: {get_attr: [NetIpMap, net_ip_map, {get_param: [ServiceNetMap, MongodbNetwork]}]} neutron_api_network: {get_attr: [NetIpMap, net_ip_map, {get_param: [ServiceNetMap, NeutronApiNetwork]}]} neutron_local_ip: {get_attr: [NetIpMap, net_ip_map, {get_param: [ServiceNetMap, NeutronTenantNetwork]}]} ceilometer_api_network: {get_attr: [NetIpMap, net_ip_map, {get_param: [ServiceNetMap, CeilometerApiNetwork]}]} @@ -591,7 +568,7 @@ resources: template: "['SUBNET']" params: SUBNET: {get_attr: [NetIpMap, net_ip_subnet_map, {get_param: [ServiceNetMap, HorizonNetwork]}]} - rabbitmq_network: {get_attr: [NetIpMap, net_ip_map, {get_param: [ServiceNetMap, RabbitMqNetwork]}]} + rabbitmq_network: {get_attr: [NetIpMap, net_ip_map, {get_param: [ServiceNetMap, RabbitmqNetwork]}]} redis_network: {get_attr: [NetIpMap, net_ip_map, {get_param: [ServiceNetMap, RedisNetwork]}]} redis_vip: {get_param: RedisVirtualIP} sahara_api_network: {get_attr: [NetIpMap, net_ip_map, {get_param: [ServiceNetMap, SaharaApiNetwork]}]} @@ -618,7 +595,6 @@ resources: - service_configs - service_names - controller - - object - swift_devices_and_proxy # provided by SwiftDevicesAndProxyConfig - ceph_cluster # provided by CephClusterConfig - ceph @@ -640,7 +616,10 @@ resources: mapped_data: service_names: {get_param: ServiceNames} service_configs: - mapped_data: {get_param: ServiceConfigSettings} + mapped_data: + map_replace: + - {get_param: ServiceConfigSettings} + - values: {get_attr: [NetIpMap, net_ip_map]} controller_extraconfig: mapped_data: map_merge: @@ -654,15 +633,11 @@ resources: net_ip_subnet_map: {get_attr: [NetIpMap, net_ip_subnet_map]} net_ip_uri_map: {get_attr: [NetIpMap, net_ip_uri_map]} ceph: - raw_data: {get_file: hieradata/ceph.yaml} mapped_data: ceph::profile::params::cluster_network: {get_input: ceph_cluster_network} ceph::profile::params::public_network: {get_input: ceph_public_network} ceph::profile::params::public_addr: {get_input: ceph_public_ip} - object: - raw_data: {get_file: hieradata/object.yaml} controller: - raw_data: {get_file: hieradata/controller.yaml} mapped_data: # data supplied directly to this deployment configuration, etc bootstack_nodeid: {get_input: bootstack_nodeid} @@ -682,19 +657,10 @@ resources: # Cinder tripleo::profile::base::cinder::volume::iscsi::cinder_iscsi_address: {get_input: cinder_iscsi_network} cinder::api::bind_host: {get_input: cinder_api_network} - cinder::keystone::auth::public_url: {get_input: cinder_public_url } - cinder::keystone::auth::internal_url: {get_input: cinder_internal_url } - cinder::keystone::auth::admin_url: {get_input: cinder_admin_url } - cinder::keystone::auth::public_url_v2: {get_input: cinder_public_url_v2 } - cinder::keystone::auth::internal_url_v2: {get_input: cinder_internal_url_v2 } - cinder::keystone::auth::admin_url_v2: {get_input: cinder_admin_url_v2 } - cinder::keystone::auth::password: {get_input: cinder_password } - cinder::keystone::auth::region: {get_input: keystone_region} # Glance glance::api::bind_host: {get_input: glance_api_network} glance::registry::bind_host: {get_input: glance_registry_network} - glance::keystone::auth::region: {get_input: keystone_region} # Heat heat::api::bind_host: {get_input: heat_api_network} @@ -729,11 +695,6 @@ resources: neutron::bind_host: {get_input: neutron_api_network} neutron::agents::ml2::ovs::local_ip: {get_input: neutron_local_ip} neutron::agents::metadata::metadata_ip: {get_input: neutron_api_network} - neutron::keystone::auth::public_url: {get_input: neutron_public_url } - neutron::keystone::auth::internal_url: {get_input: neutron_internal_url } - neutron::keystone::auth::admin_url: {get_input: neutron_admin_url } - neutron::keystone::auth::password: {get_input: neutron_password } - neutron::keystone::auth::region: {get_input: keystone_region} # Aodh aodh::api::host: {get_input: aodh_api_network} @@ -750,10 +711,6 @@ resources: gnocchi::api::keystone_auth_uri: {get_input: keystone_auth_uri} gnocchi::api::keystone_identity_uri: {get_input: keystone_identity_uri} gnocchi::storage::swift::swift_authurl: {get_input: keystone_auth_uri} - gnocchi::keystone::auth::public_url: {get_input: gnocchi_public_url } - gnocchi::keystone::auth::internal_url: {get_input: gnocchi_internal_url } - gnocchi::keystone::auth::admin_url: {get_input: gnocchi_admin_url } - gnocchi::keystone::auth::region: {get_input: keystone_region} # Nova nova::upgrade_level_compute: {get_input: upgrade_level_nova_compute} @@ -766,16 +723,8 @@ resources: nova::glance_api_servers: {get_input: glance_api_servers} nova::api::neutron_metadata_proxy_shared_secret: {get_input: neutron_metadata_proxy_shared_secret} nova::api::instance_name_template: {get_input: instance_name_template} - nova::network::neutron::neutron_password: {get_input: neutron_password} - nova::network::neutron::neutron_url: {get_input: neutron_internal_url} - nova::network::neutron::neutron_auth_url: {get_input: neutron_auth_url} nova::vncproxy::host: {get_input: nova_api_network} nova_enable_db_purge: {get_input: nova_enable_db_purge} - nova::keystone::auth::public_url: {get_input: nova_public_url} - nova::keystone::auth::internal_url: {get_input: nova_internal_url} - nova::keystone::auth::admin_url: {get_input: nova_admin_url} - nova::keystone::auth::password: {get_input: nova_password } - nova::keystone::auth::region: {get_input: keystone_region} # Horizon apache::mod::remoteip::proxy_ips: {get_input: horizon_subnet} diff --git a/puppet/hieradata/README.rst b/puppet/hieradata/README.rst deleted file mode 100644 index 64a60229..00000000 --- a/puppet/hieradata/README.rst +++ /dev/null @@ -1 +0,0 @@ -Do not add more hieradata in this directory, and use composable services. diff --git a/puppet/hieradata/ceph.yaml b/puppet/hieradata/ceph.yaml deleted file mode 100644 index c8c5804b..00000000 --- a/puppet/hieradata/ceph.yaml +++ /dev/null @@ -1,2 +0,0 @@ -# Do not add hieradata in this file, and use composable services. -ceph_classes: [] diff --git a/puppet/hieradata/compute.yaml b/puppet/hieradata/compute.yaml deleted file mode 100644 index 54b3d412..00000000 --- a/puppet/hieradata/compute.yaml +++ /dev/null @@ -1,3 +0,0 @@ -# Do not add hieradata in this file, and use composable services. - -compute_classes: [] diff --git a/puppet/hieradata/controller.yaml b/puppet/hieradata/controller.yaml deleted file mode 100644 index d18e0bc9..00000000 --- a/puppet/hieradata/controller.yaml +++ /dev/null @@ -1,3 +0,0 @@ -# Do not add hieradata in this file, and use composable services. - -controller_classes: [] diff --git a/puppet/hieradata/object.yaml b/puppet/hieradata/object.yaml deleted file mode 100644 index 5aa0cfb6..00000000 --- a/puppet/hieradata/object.yaml +++ /dev/null @@ -1,3 +0,0 @@ -# Do not add hieradata in this file, and use composable services. - -object_classes: [] diff --git a/puppet/hieradata/volume.yaml b/puppet/hieradata/volume.yaml deleted file mode 100644 index 42b85e1a..00000000 --- a/puppet/hieradata/volume.yaml +++ /dev/null @@ -1,3 +0,0 @@ -# Do not add hieradata in this file, and use composable services. - -volume_classes: [] diff --git a/puppet/manifests/overcloud_cephstorage.pp b/puppet/manifests/overcloud_cephstorage.pp index 152694d9..df83496f 100644 --- a/puppet/manifests/overcloud_cephstorage.pp +++ b/puppet/manifests/overcloud_cephstorage.pp @@ -17,7 +17,7 @@ include ::tripleo::packages include ::tripleo::firewall if hiera('step') >= 4 { - hiera_include('ceph_classes') + hiera_include('ceph_classes', []) } $package_manifest_name = join(['/var/lib/tripleo/installed-packages/overcloud_ceph', hiera('step')]) diff --git a/puppet/manifests/overcloud_compute.pp b/puppet/manifests/overcloud_compute.pp index ab7f846f..19ec575a 100644 --- a/puppet/manifests/overcloud_compute.pp +++ b/puppet/manifests/overcloud_compute.pp @@ -17,7 +17,7 @@ include ::tripleo::packages include ::tripleo::firewall if hiera('step') >= 4 { - hiera_include('compute_classes') + hiera_include('compute_classes', []) } $package_manifest_name = join(['/var/lib/tripleo/installed-packages/overcloud_compute', hiera('step')]) diff --git a/puppet/manifests/overcloud_controller.pp b/puppet/manifests/overcloud_controller.pp index 69e48e95..30e7c8d9 100644 --- a/puppet/manifests/overcloud_controller.pp +++ b/puppet/manifests/overcloud_controller.pp @@ -17,8 +17,8 @@ include ::tripleo::packages include ::tripleo::firewall if hiera('step') >= 4 { - hiera_include('controller_classes') -} #END STEP 4 + hiera_include('controller_classes', []) +} $package_manifest_name = join(['/var/lib/tripleo/installed-packages/overcloud_controller', hiera('step')]) package_manifest{$package_manifest_name: ensure => present} diff --git a/puppet/manifests/overcloud_controller_pacemaker.pp b/puppet/manifests/overcloud_controller_pacemaker.pp index 0aec972d..a782207e 100644 --- a/puppet/manifests/overcloud_controller_pacemaker.pp +++ b/puppet/manifests/overcloud_controller_pacemaker.pp @@ -16,17 +16,9 @@ include ::tripleo::packages include ::tripleo::firewall -if $::hostname == downcase(hiera('bootstrap_nodeid')) { - $pacemaker_master = true - $sync_db = true -} else { - $pacemaker_master = false - $sync_db = false +if hiera('step') >= 4 { + hiera_include('controller_classes', []) } -if hiera('step') >= 4 or ( hiera('step') >= 3 and $sync_db ) { - hiera_include('controller_classes') -} #END STEP 4 - $package_manifest_name = join(['/var/lib/tripleo/installed-packages/overcloud_controller_pacemaker', hiera('step')]) package_manifest{$package_manifest_name: ensure => present} diff --git a/puppet/manifests/overcloud_object.pp b/puppet/manifests/overcloud_object.pp index 1f04c581..18e90d1f 100644 --- a/puppet/manifests/overcloud_object.pp +++ b/puppet/manifests/overcloud_object.pp @@ -17,7 +17,7 @@ include ::tripleo::packages include ::tripleo::firewall if hiera('step') >= 4 { - hiera_include('object_classes') + hiera_include('object_classes', []) } $package_manifest_name = join(['/var/lib/tripleo/installed-packages/overcloud_object', hiera('step')]) diff --git a/puppet/manifests/overcloud_volume.pp b/puppet/manifests/overcloud_volume.pp index 7c7da586..f6787719 100644 --- a/puppet/manifests/overcloud_volume.pp +++ b/puppet/manifests/overcloud_volume.pp @@ -17,7 +17,7 @@ include ::tripleo::packages include ::tripleo::firewall if hiera('step') >= 4 { - hiera_include('volume_classes') + hiera_include('volume_classes', []) } $package_manifest_name = join(['/var/lib/tripleo/installed-packages/overcloud_volume', hiera('step')]) diff --git a/puppet/services/aodh-base.yaml b/puppet/services/aodh-base.yaml index 30c3f416..6a9f5d75 100644 --- a/puppet/services/aodh-base.yaml +++ b/puppet/services/aodh-base.yaml @@ -85,7 +85,7 @@ outputs: aodh::keystone::auth::tenant: 'service' aodh::db::mysql::user: aodh aodh::db::mysql::password: {get_param: AodhPassword} - aodh::db::mysql::host: {get_param: [EndpointMap, MysqlNoBracketsInternal, host]} + aodh::db::mysql::host: {get_param: [EndpointMap, MysqlInternal, host_nobrackets]} aodh::db::mysql::dbname: aodh aodh::db::mysql::allowed_hosts: - '%' diff --git a/puppet/services/ceilometer-base.yaml b/puppet/services/ceilometer-base.yaml index 5342cefb..1398fedb 100644 --- a/puppet/services/ceilometer-base.yaml +++ b/puppet/services/ceilometer-base.yaml @@ -103,7 +103,7 @@ outputs: ceilometer::rabbit_use_ssl: {get_param: RabbitClientUseSSL} ceilometer::rabbit_port: {get_param: RabbitClientPort} ceilometer::db::mysql::user: ceilometer - ceilometer::db::mysql::host: {get_param: [EndpointMap, MysqlNoBracketsInternal, host]} + ceilometer::db::mysql::host: {get_param: [EndpointMap, MysqlInternal, host_nobrackets]} ceilometer::db::mysql::dbname: ceilometer ceilometer::db::mysql::allowed_hosts: - '%' diff --git a/puppet/services/cinder-api.yaml b/puppet/services/cinder-api.yaml index fa2324b3..3568cb06 100644 --- a/puppet/services/cinder-api.yaml +++ b/puppet/services/cinder-api.yaml @@ -18,6 +18,10 @@ parameters: description: Mapping of service endpoint -> protocol. Typically set via parameter_defaults in the resource registry. type: json + KeystoneRegion: + type: string + default: 'regionOne' + description: Keystone region for endpoint resources: @@ -38,6 +42,18 @@ outputs: cinder::keystone::authtoken::auth_url: {get_param: [EndpointMap, KeystoneAdmin, uri_no_suffix]} cinder::keystone::authtoken::password: {get_param: CinderPassword} cinder::keystone::authtoken::project_name: 'service' + cinder::keystone::auth::tenant: 'service' + cinder::keystone::auth::public_url: {get_param: [EndpointMap, CinderPublic, uri]} + cinder::keystone::auth::internal_url: {get_param: [EndpointMap, CinderInternal, uri]} + cinder::keystone::auth::admin_url: {get_param: [EndpointMap, CinderAdmin, uri]} + cinder::keystone::auth::public_url_v2: {get_param: [EndpointMap, CinderV2Public, uri]} + cinder::keystone::auth::internal_url_v2: {get_param: [EndpointMap, CinderV2Internal, uri]} + cinder::keystone::auth::admin_url_v2: {get_param: [EndpointMap, CinderV2Admin, uri]} + cinder::keystone::auth::public_url_v3: {get_param: [EndpointMap, CinderV3Public, uri]} + cinder::keystone::auth::internal_url_v3: {get_param: [EndpointMap, CinderV3Internal, uri]} + cinder::keystone::auth::admin_url_v3: {get_param: [EndpointMap, CinderV3Admin, uri]} + cinder::keystone::auth::password: {get_param: CinderPassword} + cinder::keystone::auth::region: {get_param: KeystoneRegion} cinder::api::enable_proxy_headers_parsing: true cinder::api::nova_catalog_info: 'compute:Compute Service:internalURL' # TODO(emilien) move it to puppet-cinder diff --git a/puppet/services/cinder-base.yaml b/puppet/services/cinder-base.yaml index d923e7c6..c554bf97 100644 --- a/puppet/services/cinder-base.yaml +++ b/puppet/services/cinder-base.yaml @@ -58,13 +58,12 @@ outputs: cinder::rabbit_password: {get_param: RabbitPassword} cinder::rabbit_port: {get_param: RabbitClientPort} cinder::db::mysql::user: cinder - cinder::db::mysql::host: {get_param: [EndpointMap, MysqlNoBracketsInternal, host]} + cinder::db::mysql::host: {get_param: [EndpointMap, MysqlInternal, host_nobrackets]} cinder::db::mysql::dbname: cinder cinder::db::mysql::allowed_hosts: - '%' - "%{hiera('mysql_bind_host')}" cinder::rabbit_heartbeat_timeout_threshold: 60 - cinder::keystone::auth::tenant: 'service' cinder::host: hostgroup cinder::cron::db_purge::destination: '/dev/null' cinder::db::database_db_max_retries: -1 diff --git a/puppet/services/glance-api.yaml b/puppet/services/glance-api.yaml index 99065789..bb14546f 100644 --- a/puppet/services/glance-api.yaml +++ b/puppet/services/glance-api.yaml @@ -60,6 +60,10 @@ parameters: Rabbit client subscriber parameter to specify an SSL connection to the RabbitMQ host. type: string + KeystoneRegion: + type: string + default: 'regionOne' + description: Keystone region for endpoint outputs: role_data: @@ -106,6 +110,7 @@ outputs: glance::keystone::auth::internal_url: {get_param: [EndpointMap, GlanceInternal, uri]} glance::keystone::auth::admin_url: {get_param: [EndpointMap, GlanceAdmin, uri]} glance::keystone::auth::password: {get_param: GlancePassword } + glance::keystone::auth::region: {get_param: KeystoneRegion} glance::registry::db::database_db_max_retries: -1 glance::registry::db::database_max_retries: -1 tripleo.glance_api.firewall_rules: diff --git a/puppet/services/glance-registry.yaml b/puppet/services/glance-registry.yaml index 40d18191..ca10fd12 100644 --- a/puppet/services/glance-registry.yaml +++ b/puppet/services/glance-registry.yaml @@ -45,7 +45,7 @@ outputs: glance::registry::debug: {get_param: Debug} glance::registry::workers: {get_param: GlanceWorkers} glance::db::mysql::user: glance - glance::db::mysql::host: {get_param: [EndpointMap, MysqlNoBracketsInternal, host]} + glance::db::mysql::host: {get_param: [EndpointMap, MysqlInternal, host_nobrackets]} glance::db::mysql::dbname: glance glance::db::mysql::allowed_hosts: - '%' diff --git a/puppet/services/gnocchi-api.yaml b/puppet/services/gnocchi-api.yaml index d97626a6..265cb9f0 100644 --- a/puppet/services/gnocchi-api.yaml +++ b/puppet/services/gnocchi-api.yaml @@ -9,6 +9,14 @@ parameters: description: Mapping of service endpoint -> protocol. Typically set via parameter_defaults in the resource registry. type: json + GnocchiPassword: + description: The password for the gnocchi service and db account. + type: string + hidden: true + KeystoneRegion: + type: string + default: 'regionOne' + description: Keystone region for endpoint resources: GnocchiServiceBase: @@ -29,6 +37,12 @@ outputs: dport: - 8041 - 13041 - - gnocchi::api::keystone_tenant: 'service' + gnocchi::api::keystone_tenant: 'service' + gnocchi::keystone::auth::tenant: 'service' + gnocchi::keystone::auth::region: {get_param: KeystoneRegion} + gnocchi::keystone::auth::password: {get_param: GnocchiPassword} + gnocchi::keystone::auth::public_url: { get_param: [ EndpointMap, GnocchiPublic, uri ] } + gnocchi::keystone::auth::internal_url: {get_param: [EndpointMap, GnocchiInternal, uri]} + gnocchi::keystone::auth::admin_url: { get_param: [ EndpointMap, GnocchiAdmin, uri ] } step_config: | include ::tripleo::profile::base::gnocchi::api diff --git a/puppet/services/gnocchi-base.yaml b/puppet/services/gnocchi-base.yaml index a408d5d7..3631508e 100644 --- a/puppet/services/gnocchi-base.yaml +++ b/puppet/services/gnocchi-base.yaml @@ -56,9 +56,6 @@ outputs: - '@' - {get_param: [EndpointMap, MysqlInternal, host]} - '/gnocchi' - gnocchi::keystone::auth::region: {get_param: KeystoneRegion} - gnocchi::keystone::auth::tenant: 'service' - gnocchi::keystone::auth::password: {get_param: GnocchiPassword} gnocchi::db::mysql::password: {get_param: GnocchiPassword} gnocchi::db::sync::extra_opts: '--skip-storage --create-legacy-resource-types' #Gnocchi API @@ -66,7 +63,6 @@ outputs: gnocchi::api::manage_service: false gnocchi::api::enabled: true gnocchi::api::service_name: 'httpd' - gnocchi::api::keystone_tenant: 'service' gnocchi::api::keystone_password: {get_param: GnocchiPassword} gnocchi::wsgi::apache::ssl: false gnocchi::storage::swift::swift_user: 'service:gnocchi' @@ -89,7 +85,7 @@ outputs: gnocchi::statsd::flush_delay: 10 gnocchi::statsd::archive_policy_name: 'low' gnocchi::db::mysql::user: gnocchi - gnocchi::db::mysql::host: {get_param: [EndpointMap, MysqlNoBracketsInternal, host]} + gnocchi::db::mysql::host: {get_param: [EndpointMap, MysqlInternal, host_nobrackets]} gnocchi::db::mysql::dbname: gnocchi gnocchi::db::mysql::allowed_hosts: - '%' diff --git a/puppet/services/heat-api-cfn.yaml b/puppet/services/heat-api-cfn.yaml index f8832dd8..c3a3b7ae 100644 --- a/puppet/services/heat-api-cfn.yaml +++ b/puppet/services/heat-api-cfn.yaml @@ -35,6 +35,7 @@ outputs: map_merge: - get_attr: [HeatBase, role_data, config_settings] - heat::api_cfn::workers: {get_param: HeatWorkers} + heat::keystone::auth_cfn::tenant: 'service' heat::keystone::auth_cfn::public_url: {get_param: [EndpointMap, HeatCfnPublic, uri]} heat::keystone::auth_cfn::internal_url: {get_param: [EndpointMap, HeatCfnInternal, uri]} heat::keystone::auth_cfn::admin_url: {get_param: [EndpointMap, HeatCfnAdmin, uri]} diff --git a/puppet/services/heat-api.yaml b/puppet/services/heat-api.yaml index c0e7a690..b4402a17 100644 --- a/puppet/services/heat-api.yaml +++ b/puppet/services/heat-api.yaml @@ -35,6 +35,7 @@ outputs: map_merge: - get_attr: [HeatBase, role_data, config_settings] - heat::api::workers: {get_param: HeatWorkers} + heat::keystone::auth::tenant: 'service' heat::keystone::auth::public_url: {get_param: [EndpointMap, HeatPublic, uri]} heat::keystone::auth::internal_url: {get_param: [EndpointMap, HeatInternal, uri]} heat::keystone::auth::admin_url: {get_param: [EndpointMap, HeatAdmin, uri]} diff --git a/puppet/services/heat-base.yaml b/puppet/services/heat-base.yaml index 01f2a51b..091a4e9b 100644 --- a/puppet/services/heat-base.yaml +++ b/puppet/services/heat-base.yaml @@ -47,7 +47,6 @@ outputs: value: 'role:admin' heat::rabbit_heartbeat_timeout_threshold: 60 heat::keystone_tenant: 'service' - heat::keystone::auth::tenant: 'service' heat::keystone::domain::domain_name: 'heat_stack' heat::keystone::domain::domain_admin: 'heat_stack_domain_admin' heat::keystone::domain::domain_admin_email: 'heat_stack_domain_admin@localhost' diff --git a/puppet/services/heat-engine.yaml b/puppet/services/heat-engine.yaml index 13555a62..044ca880 100644 --- a/puppet/services/heat-engine.yaml +++ b/puppet/services/heat-engine.yaml @@ -58,7 +58,7 @@ outputs: heat::db::mysql::password: {get_param: HeatPassword} heat::keystone::domain::domain_password: {get_param: HeatStackDomainAdminPassword} heat::db::mysql::user: heat - heat::db::mysql::host: {get_param: [EndpointMap, MysqlNoBracketsInternal, host]} + heat::db::mysql::host: {get_param: [EndpointMap, MysqlInternal, host_nobrackets]} heat::db::mysql::dbname: heat heat::db::mysql::allowed_hosts: - '%' diff --git a/puppet/services/ironic-base.yaml b/puppet/services/ironic-base.yaml index 41d2234a..508694ee 100644 --- a/puppet/services/ironic-base.yaml +++ b/puppet/services/ironic-base.yaml @@ -59,7 +59,7 @@ outputs: ironic::rabbit_use_ssl: {get_param: RabbitClientUseSSL} ironic::db::mysql::password: {get_param: IronicPassword} ironic::db::mysql::user: ironic - ironic::db::mysql::host: {get_param: [EndpointMap, MysqlNoBracketsInternal, host]} + ironic::db::mysql::host: {get_param: [EndpointMap, MysqlInternal, host_nobrackets]} ironic::db::mysql::dbname: ironic ironic::db::mysql::allowed_hosts: - '%' diff --git a/puppet/services/keystone.yaml b/puppet/services/keystone.yaml index d45ed86e..988c80ce 100644 --- a/puppet/services/keystone.yaml +++ b/puppet/services/keystone.yaml @@ -112,7 +112,7 @@ outputs: keystone_enable_db_purge: {get_param: KeystoneEnableDBPurge} keystone::public_endpoint: {get_param: [EndpointMap, KeystonePublic, uri_no_suffix]} keystone::db::mysql::user: keystone - keystone::db::mysql::host: {get_param: [EndpointMap, MysqlNoBracketsInternal, host]} + keystone::db::mysql::host: {get_param: [EndpointMap, MysqlInternal, host_nobrackets]} keystone::db::mysql::dbname: keystone keystone::db::mysql::allowed_hosts: - '%' diff --git a/puppet/services/manila-api.yaml b/puppet/services/manila-api.yaml index ccae4467..389fa2e3 100644 --- a/puppet/services/manila-api.yaml +++ b/puppet/services/manila-api.yaml @@ -35,9 +35,12 @@ outputs: - manila::api::keystone_password: {get_param: ManilaPassword} manila::api::keystone_auth_uri: {get_param: [EndpointMap, KeystoneInternal, uri]} manila::api::keystone_auth_host: {get_param: [EndpointMap, ManilaInternal, host]} - manila::keystone::auth::public_url: {get_param: [EndpointMap, ManilaPublic, uri]} - manila::keystone::auth::internal_url: {get_param: [EndpointMap, ManilaInternal, uri]} - manila::keystone::auth::admin_url: {get_param: [EndpointMap, ManilaAdmin, uri]} + manila::keystone::auth::public_url: {get_param: [EndpointMap, ManilaV1Public, uri]} + manila::keystone::auth::internal_url: {get_param: [EndpointMap, ManilaV1Internal, uri]} + manila::keystone::auth::admin_url: {get_param: [EndpointMap, ManilaV1Admin, uri]} + manila::keystone::auth::public_url_v2: {get_param: [EndpointMap, ManilaPublic, uri]} + manila::keystone::auth::internal_url_v2: {get_param: [EndpointMap, ManilaInternal, uri]} + manila::keystone::auth::admin_url_v2: {get_param: [EndpointMap, ManilaAdmin, uri]} manila::keystone::auth::password: {get_param: ManilaPassword } manila::keystone::auth::region: {get_param: KeystoneRegion } manila::api::keystone_tenant: 'service' diff --git a/puppet/services/manila-base.yaml b/puppet/services/manila-base.yaml index c156379b..663a9345 100644 --- a/puppet/services/manila-base.yaml +++ b/puppet/services/manila-base.yaml @@ -93,7 +93,7 @@ outputs: manila::rabbit_port: {get_param: RabbitClientPort} manila::debug: {get_param: Debug} manila::db::mysql::user: manila - manila::db::mysql::host: {get_param: [EndpointMap, MysqlNoBracketsInternal, host]} + manila::db::mysql::host: {get_param: [EndpointMap, MysqlInternal, host_nobrackets]} manila::db::mysql::dbname: manila manila::db::database_db_max_retries: -1 manila::db::database_max_retries: -1 diff --git a/puppet/services/neutron-base.yaml b/puppet/services/neutron-base.yaml index 3f8ac7e8..bc8dd8d1 100644 --- a/puppet/services/neutron-base.yaml +++ b/puppet/services/neutron-base.yaml @@ -42,6 +42,12 @@ parameters: type: string default: '' description: Set to True to enable debugging on all services. + EnableConfigPurge: + type: boolean + default: true + description: > + Remove configuration that is not generated by TripleO. Setting + to false may result in configuration remnants after updates/upgrades. outputs: role_data: @@ -61,9 +67,9 @@ outputs: params: PLUGINS: {get_param: NeutronServicePlugins} neutron::debug: {get_param: Debug} + neutron::purge_config: {get_param: EnableConfigPurge} neutron::allow_overlapping_ips: true neutron::rabbit_heartbeat_timeout_threshold: 60 neutron::host: '"%{::fqdn}"' #NOTE: extra quoting is needed - neutron::keystone::auth::tenant: 'service' neutron::db::database_db_max_retries: -1 neutron::db::database_max_retries: -1 diff --git a/puppet/services/neutron-ovs-agent.yaml b/puppet/services/neutron-ovs-agent.yaml index 7a97cd84..d52b8a26 100644 --- a/puppet/services/neutron-ovs-agent.yaml +++ b/puppet/services/neutron-ovs-agent.yaml @@ -9,9 +9,6 @@ parameters: description: Mapping of service endpoint -> protocol. Typically set via parameter_defaults in the resource registry. type: json - NeutronEnableTunnelling: - type: string - default: "True" NeutronEnableL2Pop: type: string description: > @@ -56,7 +53,6 @@ outputs: config_settings: map_merge: - get_attr: [NeutronBase, role_data, config_settings] - neutron::agents::ml2::ovs::enable_tunneling: {get_param: NeutronEnableTunnelling} neutron::agents::ml2::ovs::l2_population: {get_param: NeutronEnableL2Pop} neutron::agents::ml2::ovs::enable_distributed_routing: {get_param: NeutronEnableDVR} neutron::agents::ml2::ovs::bridge_mappings: diff --git a/puppet/services/neutron-server.yaml b/puppet/services/neutron-server.yaml index d64fd66d..c40b37b0 100644 --- a/puppet/services/neutron-server.yaml +++ b/puppet/services/neutron-server.yaml @@ -33,6 +33,10 @@ parameters: description: Enable Neutron DVR. default: false type: boolean + KeystoneRegion: + type: string + default: 'regionOne' + description: Keystone region for endpoint resources: @@ -56,14 +60,18 @@ outputs: - '@' - {get_param: [EndpointMap, MysqlInternal, host]} - '/ovs_neutron' + neutron::keystone::auth::tenant: 'service' + neutron::keystone::auth::public_url: {get_param: [EndpointMap, NeutronPublic, uri]} + neutron::keystone::auth::internal_url: { get_param: [ EndpointMap, NeutronInternal, uri ] } + neutron::keystone::auth::admin_url: { get_param: [ EndpointMap, NeutronAdmin, uri ] } + neutron::keystone::auth::password: {get_param: NeutronPassword} + neutron::keystone::auth::region: {get_param: KeystoneRegion} neutron::server::auth_uri: {get_param: [EndpointMap, KeystoneInternal, uri] } neutron::server::auth_url: {get_param: [EndpointMap, KeystoneAdmin, uri_no_suffix]} - neutron::server::auth_tenant: 'service' - neutron::server::identity_uri: { get_param: [EndpointMap, KeystoneAdmin, uri_no_suffix] } neutron::server::api_workers: {get_param: NeutronWorkers} neutron::server::allow_automatic_l3agent_failover: {get_param: NeutronAllowL3AgentFailover} neutron::server::l3_ha: {get_param: NeutronL3HA} - neutron::server::auth_password: {get_param: NeutronPassword} + neutron::server::password: {get_param: NeutronPassword} neutron::server::notifications::nova_url: { get_param: [ EndpointMap, NovaInternal, uri ] } neutron::server::notifications::auth_url: { get_param: [ EndpointMap, KeystoneV3Admin, uri ] } @@ -74,7 +82,7 @@ outputs: neutron::server::sync_db: true neutron::db::mysql::password: {get_param: NeutronPassword} neutron::db::mysql::user: neutron - neutron::db::mysql::host: {get_param: [EndpointMap, MysqlNoBracketsInternal, host]} + neutron::db::mysql::host: {get_param: [EndpointMap, MysqlInternal, host_nobrackets]} neutron::db::mysql::dbname: ovs_neutron neutron::db::mysql::allowed_hosts: - '%' diff --git a/puppet/services/nova-api.yaml b/puppet/services/nova-api.yaml index 045a8614..d560edb4 100644 --- a/puppet/services/nova-api.yaml +++ b/puppet/services/nova-api.yaml @@ -13,6 +13,14 @@ parameters: default: 0 description: Number of workers for Nova API service. type: number + NovaPassword: + description: The password for the nova service and db account, used by nova-api. + type: string + hidden: true + KeystoneRegion: + type: string + default: 'regionOne' + description: Keystone region for endpoint resources: NovaBase: @@ -47,5 +55,11 @@ outputs: nova::api::default_floating_pool: 'public' nova::api::sync_db_api: true nova::api::enable_proxy_headers_parsing: true + nova::keystone::auth::tenant: 'service' + nova::keystone::auth::public_url: {get_param: [EndpointMap, NovaPublic, uri]} + nova::keystone::auth::internal_url: {get_param: [EndpointMap, NovaInternal, uri]} + nova::keystone::auth::admin_url: {get_param: [EndpointMap, NovaAdmin, uri]} + nova::keystone::auth::password: {get_param: NovaPassword} + nova::keystone::auth::region: {get_param: KeystoneRegion} step_config: | include tripleo::profile::base::nova::api diff --git a/puppet/services/nova-base.yaml b/puppet/services/nova-base.yaml index e3379821..ef7eaaf3 100644 --- a/puppet/services/nova-base.yaml +++ b/puppet/services/nova-base.yaml @@ -13,6 +13,10 @@ parameters: description: The password for the nova service and db account, used by nova-api. type: string hidden: true + NeutronPassword: + description: The password for the neutron service and db account, used by neutron agents. + type: string + hidden: true RabbitPassword: description: The password for RabbitMQ type: string @@ -35,6 +39,12 @@ parameters: type: string default: '' description: Set to True to enable debugging on all services. + EnableConfigPurge: + type: boolean + default: true + description: > + Remove configuration that is not generated by TripleO. Setting + to false may result in configuration remnants after updates/upgrades. outputs: role_data: @@ -66,37 +76,40 @@ outputs: - '/nova_api' nova::db::mysql::password: {get_input: nova_password} nova::db::mysql::user: nova - nova::db::mysql::host: {get_param: [EndpointMap, MysqlNoBracketsInternal, host]} + nova::db::mysql::host: {get_param: [EndpointMap, MysqlInternal, host_nobrackets]} nova::db::mysql::dbname: nova nova::db::mysql::allowed_hosts: - '%' - "%{hiera('mysql_bind_host')}" nova::db::mysql_api::password: {get_input: nova_password} nova::db::mysql_api::user: nova_api - nova::db::mysql_api::host: {get_param: [EndpointMap, MysqlNoBracketsInternal, host]} + nova::db::mysql_api::host: {get_param: [EndpointMap, MysqlInternal, host_nobrackets]} nova::db::mysql_api::dbname: nova_api nova::db::mysql_api::allowed_hosts: - '%' - "%{hiera('mysql_bind_host')}" nova::debug: {get_param: Debug} + nova::purge_config: {get_param: EnableConfigPurge} nova::network::neutron::neutron_project_name: 'service' nova::network::neutron::neutron_username: 'neutron' nova::network::neutron::dhcp_domain: '' + nova::network::neutron::neutron_password: {get_param: NeutronPassword} + nova::network::neutron::neutron_url: {get_param: [EndpointMap, NeutronInternal, uri]} + nova::network::neutron::neutron_auth_url: {get_param: [EndpointMap, KeystoneV3Admin, uri]} nova::rabbit_heartbeat_timeout_threshold: 60 nova::cinder_catalog_info: 'volumev2:cinderv2:internalURL' nova::host: '"%{::fqdn}"' # NOTE: extra quoting is needed. nova::notify_on_state_change: 'vm_and_task_state' nova::notification_driver: messagingv2 nova::network::neutron::neutron_auth_type: 'v3password' - nova::keystone::auth::tenant: 'service' nova::db::mysql::user: nova - nova::db::mysql::host: {get_param: [EndpointMap, MysqlNoBracketsInternal, host]} + nova::db::mysql::host: {get_param: [EndpointMap, MysqlInternal, host_nobrackets]} nova::db::mysql::dbname: nova nova::db::mysql::allowed_hosts: - '%' - "%{hiera('mysql_bind_host')}" nova::db::mysql_api::user: nova_api - nova::db::mysql_api::host: {get_param: [EndpointMap, MysqlNoBracketsInternal, host]} + nova::db::mysql_api::host: {get_param: [EndpointMap, MysqlInternal, host_nobrackets]} nova::db::mysql_api::dbname: nova_api nova::db::mysql_api::allowed_hosts: - '%' diff --git a/puppet/services/sahara-base.yaml b/puppet/services/sahara-base.yaml index f9a100f0..cac89e32 100644 --- a/puppet/services/sahara-base.yaml +++ b/puppet/services/sahara-base.yaml @@ -53,7 +53,7 @@ outputs: - '/sahara' sahara::db::mysql::password: {get_param: SaharaPassword} sahara::db::mysql::user: sahara - sahara::db::mysql::host: {get_param: [EndpointMap, MysqlNoBracketsInternal, host]} + sahara::db::mysql::host: {get_param: [EndpointMap, MysqlInternal, host_nobrackets]} sahara::db::mysql::dbname: sahara sahara::db::mysql::allowed_hosts: - '%' diff --git a/puppet/swift-storage.yaml b/puppet/swift-storage.yaml index 5e331f44..1d451ab2 100644 --- a/puppet/swift-storage.yaml +++ b/puppet/swift-storage.yaml @@ -1,8 +1,9 @@ -heat_template_version: 2015-04-30 +heat_template_version: 2016-10-14 description: 'OpenStack swift storage node configured by Puppet' parameters: - Flavor: + OvercloudSwiftStorageFlavor: description: Flavor for Swift storage nodes to request when deploying. + default: baremetal type: string constraints: - custom_constraint: nova.flavor @@ -77,7 +78,6 @@ parameters: constraints: - allowed_values: [POLL_SERVER_CFN, POLL_SERVER_HEAT, POLL_TEMP_URL, ZAQAR_MESSAGE] CloudDomain: - default: '' type: string description: > The DNS domain used for the hosts. This should match the dhcp_domain @@ -115,7 +115,7 @@ resources: command: {get_param: ConfigCommand} properties: image: {get_param: SwiftStorageImage} - flavor: {get_param: Flavor} + flavor: {get_param: OvercloudSwiftStorageFlavor} key_name: {get_param: KeyName} networks: - network: ctlplane @@ -257,7 +257,10 @@ resources: mapped_data: service_names: {get_param: ServiceNames} service_configs: - mapped_data: {get_param: ServiceConfigSettings} + mapped_data: + map_replace: + - {get_param: ServiceConfigSettings} + - values: {get_attr: [NetIpMap, net_ip_map]} network: mapped_data: net_ip_map: {get_attr: [NetIpMap, net_ip_map]} @@ -268,7 +271,6 @@ resources: extraconfig: mapped_data: {get_param: ExtraConfig} object: - raw_data: {get_file: hieradata/object.yaml} mapped_data: # data supplied directly to this deployment configuration, etc swift::swift_hash_path_suffix: { get_input: swift_hash_suffix } swift::storage::all::storage_local_net_ip: {get_input: swift_management_network} |