diff options
Diffstat (limited to 'puppet')
-rw-r--r-- | puppet/controller.yaml | 10 | ||||
-rw-r--r-- | puppet/services/ca-certs.yaml | 35 | ||||
-rw-r--r-- | puppet/services/ceilometer-api.yaml | 3 | ||||
-rw-r--r-- | puppet/services/database/redis-base.yaml | 6 | ||||
-rw-r--r-- | puppet/services/memcached.yaml | 6 | ||||
-rw-r--r-- | puppet/services/nova-compute.yaml | 9 | ||||
-rw-r--r-- | puppet/services/nova-scheduler.yaml | 8 | ||||
-rw-r--r-- | puppet/services/pacemaker/ceilometer-agent-central.yaml | 2 | ||||
-rw-r--r-- | puppet/services/pacemaker/ceilometer-agent-notification.yaml | 2 | ||||
-rw-r--r-- | puppet/services/pacemaker/ceilometer-api.yaml | 2 | ||||
-rw-r--r-- | puppet/services/pacemaker/ceilometer-collector.yaml | 2 | ||||
-rw-r--r-- | puppet/services/pacemaker/gnocchi-api.yaml | 2 | ||||
-rw-r--r-- | puppet/services/pacemaker/gnocchi-metricd.yaml | 2 | ||||
-rw-r--r-- | puppet/services/pacemaker/gnocchi-statsd.yaml | 2 | ||||
-rw-r--r-- | puppet/services/sahara-api.yaml | 6 |
15 files changed, 79 insertions, 18 deletions
diff --git a/puppet/controller.yaml b/puppet/controller.yaml index b5d3b6f8..28fd08da 100644 --- a/puppet/controller.yaml +++ b/puppet/controller.yaml @@ -414,7 +414,6 @@ resources: enable_package_upgrade: {get_attr: [UpdateDeployment, update_managed_packages]} glance_api_servers: { get_param: [EndpointMap, GlanceInternal, uri]} neutron_api_network: {get_attr: [NetIpMap, net_ip_map, {get_param: [ServiceNetMap, NeutronApiNetwork]}]} - neutron_local_ip: {get_attr: [NetIpMap, net_ip_map, {get_param: [ServiceNetMap, NeutronTenantNetwork]}]} nova_api_network: {get_attr: [NetIpMap, net_ip_map, {get_param: [ServiceNetMap, NovaApiNetwork]}]} nova_metadata_network: {get_attr: [NetIpMap, net_ip_map, {get_param: [ServiceNetMap, NovaMetadataNetwork]}]} horizon_network: {get_attr: [NetIpMap, net_ip_map, {get_param: [ServiceNetMap, HorizonNetwork]}]} @@ -430,10 +429,7 @@ resources: template: "NETWORK_subnet" params: NETWORK: {get_param: [ServiceNetMap, HorizonNetwork]} - redis_network: {get_attr: [NetIpMap, net_ip_map, {get_param: [ServiceNetMap, RedisNetwork]}]} redis_vip: {get_param: RedisVirtualIP} - sahara_api_network: {get_attr: [NetIpMap, net_ip_map, {get_param: [ServiceNetMap, SaharaApiNetwork]}]} - memcached_network: {get_attr: [NetIpMap, net_ip_map, {get_param: [ServiceNetMap, MemcachedNetwork]}]} ironic_api_network: {get_attr: [NetIpMap, net_ip_map, {get_param: [ServiceNetMap, IronicApiNetwork]}]} # Map heat metadata into hiera datafiles @@ -494,7 +490,6 @@ resources: # Neutron neutron::bind_host: {get_input: neutron_api_network} - neutron::agents::ml2::ovs::local_ip: {get_input: neutron_local_ip} neutron::agents::metadata::metadata_ip: {get_input: neutron_api_network} snmpd_readonly_user_name: {get_input: snmpd_readonly_user_name} snmpd_readonly_user_password: {get_input: snmpd_readonly_user_password} @@ -518,18 +513,13 @@ resources: horizon::bind_address: {get_input: horizon_network} horizon::keystone_url: {get_input: keystone_auth_uri} - # Sahara - sahara::host: {get_input: sahara_api_network} - # Redis - redis::bind: {get_input: redis_network} redis_vip: {get_input: redis_vip} # Firewall tripleo::firewall::manage_firewall: {get_input: manage_firewall} tripleo::firewall::purge_firewall_rules: {get_input: purge_firewall_rules} # Misc memcached_ipv6: {get_input: memcached_ipv6} - memcached::listen_ip: {get_input: memcached_network} tripleo::haproxy::service_certificate: {get_attr: [NodeTLSData, deployed_ssl_certificate_path]} tripleo::packages::enable_upgrade: {get_input: enable_package_upgrade} diff --git a/puppet/services/ca-certs.yaml b/puppet/services/ca-certs.yaml new file mode 100644 index 00000000..1a534156 --- /dev/null +++ b/puppet/services/ca-certs.yaml @@ -0,0 +1,35 @@ +heat_template_version: 2016-04-08 + +description: > + HAproxy service configured with Puppet + +parameters: + ServiceNetMap: + default: {} + description: Mapping of service_name -> network name. Typically set + via parameter_defaults in the resource registry. This + mapping overrides those in ServiceNetMapDefaults. + type: json + DefaultPasswords: + default: {} + type: json + EndpointMap: + default: {} + description: Mapping of service endpoint -> protocol. Typically set + via parameter_defaults in the resource registry. + type: json + CAMap: + description: > + Map containing the CA certs and information needed for deploying them. + default: {} + type: json + +outputs: + role_data: + description: Role data for injecting CA certificates. + value: + service_name: ca_certs + config_settings: + tripleo::trusted_cas::ca_map: {get_param: CAMap} + step_config: | + include ::tripleo::trusted_cas diff --git a/puppet/services/ceilometer-api.yaml b/puppet/services/ceilometer-api.yaml index 85b9aacc..201a2b7b 100644 --- a/puppet/services/ceilometer-api.yaml +++ b/puppet/services/ceilometer-api.yaml @@ -47,6 +47,9 @@ outputs: # internal_api -> IP # internal_api_uri -> [IP] # internal_api_subnet - > IP/CIDR + - ceilometer::api::service_name: 'httpd' ceilometer::api::host: {get_param: [ServiceNetMap, CeilometerApiNetwork]} + ceilometer::wsgi::apache::bind_host: {get_param: [ServiceNetMap, CeilometerApiNetwork]} + ceilometer::wsgi::apache::ssl: false step_config: | include ::tripleo::profile::base::ceilometer::api diff --git a/puppet/services/database/redis-base.yaml b/puppet/services/database/redis-base.yaml index 40711432..4ed3c007 100644 --- a/puppet/services/database/redis-base.yaml +++ b/puppet/services/database/redis-base.yaml @@ -32,6 +32,12 @@ outputs: redis::requirepass: {get_param: RedisPassword} redis::masterauth: {get_param: RedisPassword} redis::sentinel_auth_pass: {get_param: RedisPassword} + # NOTE: bind IP is found in Heat replacing the network name with the local node IP + # for the given network; replacement examples (eg. for internal_api): + # internal_api -> IP + # internal_api_uri -> [IP] + # internal_api_subnet - > IP/CIDR + redis::bind: {get_param: [ServiceNetMap, RedisNetwork]} redis::port: 6379 redis::sentinel::master_name: '"%{hiera(\"bootstrap_nodeid\")}"' redis::sentinel::redis_host: '"%{hiera(\"bootstrap_nodeid_ip\")}"' diff --git a/puppet/services/memcached.yaml b/puppet/services/memcached.yaml index 59c639e8..3b47261e 100644 --- a/puppet/services/memcached.yaml +++ b/puppet/services/memcached.yaml @@ -25,6 +25,12 @@ outputs: value: service_name: memcached config_settings: + # NOTE: bind IP is found in Heat replacing the network name with the local node IP + # for the given network; replacement examples (eg. for internal_api): + # internal_api -> IP + # internal_api_uri -> [IP] + # internal_api_subnet - > IP/CIDR + memcached::listen_ip: {get_param: [ServiceNetMap, MemcachedNetwork]} tripleo.memcached.firewall_rules: '121 memcached': dport: 11211 diff --git a/puppet/services/nova-compute.yaml b/puppet/services/nova-compute.yaml index dc962297..13ec03ea 100644 --- a/puppet/services/nova-compute.yaml +++ b/puppet/services/nova-compute.yaml @@ -40,7 +40,13 @@ parameters: default: '' description: Libvirt VIF driver configuration for the network type: string - + NovaVcpuPinSet: + description: > + A list or range of physical CPU cores to reserve for virtual machine + processes. + Ex. NovaVcpuPinSet: ['4-12','^8'] will reserve cores from 4-12 excluding 8 + type: comma_delimited_list + default: [] resources: NovaBase: type: ./nova-base.yaml @@ -58,6 +64,7 @@ outputs: map_merge: - get_attr: [NovaBase, role_data, config_settings] - nova::compute::libvirt::manage_libvirt_services: false + nova::compute::vcpu_pin_set: {get_param: NovaVcpuPinSet} # we manage migration in nova common puppet profile nova::compute::libvirt::migration_support: false tripleo::profile::base::nova::manage_migration: true diff --git a/puppet/services/nova-scheduler.yaml b/puppet/services/nova-scheduler.yaml index 1e12b5ba..c8f2591d 100644 --- a/puppet/services/nova-scheduler.yaml +++ b/puppet/services/nova-scheduler.yaml @@ -22,6 +22,13 @@ parameters: default: [] description: List of scheduler available filters type: comma_delimited_list + NovaSchedulerDefaultFilters: + type: comma_delimited_list + default: [] + description: > + An array of filters used by Nova to filter a node.These filters will be + applied in the order they are listed, so place your most restrictive + filters first to make the filtering process more efficient. resources: NovaBase: @@ -41,5 +48,6 @@ outputs: - get_attr: [NovaBase, role_data, config_settings] - nova::scheduler::filter::ram_allocation_ratio: '1.0' nova::scheduler::filter::scheduler_available_filters: {get_param: NovaSchedulerAvailableFilters} + nova::scheduler::filter::scheduler_default_filters: {get_param: NovaSchedulerDefaultFilters} step_config: | include tripleo::profile::base::nova::scheduler diff --git a/puppet/services/pacemaker/ceilometer-agent-central.yaml b/puppet/services/pacemaker/ceilometer-agent-central.yaml index ac4bdcf0..78714878 100644 --- a/puppet/services/pacemaker/ceilometer-agent-central.yaml +++ b/puppet/services/pacemaker/ceilometer-agent-central.yaml @@ -21,7 +21,7 @@ parameters: resources: CeilometerServiceBase: - type: ../ceilometer-base.yaml + type: ../ceilometer-agent-central.yaml properties: ServiceNetMap: {get_param: ServiceNetMap} DefaultPasswords: {get_param: DefaultPasswords} diff --git a/puppet/services/pacemaker/ceilometer-agent-notification.yaml b/puppet/services/pacemaker/ceilometer-agent-notification.yaml index 112dde1c..6290203a 100644 --- a/puppet/services/pacemaker/ceilometer-agent-notification.yaml +++ b/puppet/services/pacemaker/ceilometer-agent-notification.yaml @@ -21,7 +21,7 @@ parameters: resources: CeilometerServiceBase: - type: ../ceilometer-base.yaml + type: ../ceilometer-agent-notification.yaml properties: ServiceNetMap: {get_param: ServiceNetMap} DefaultPasswords: {get_param: DefaultPasswords} diff --git a/puppet/services/pacemaker/ceilometer-api.yaml b/puppet/services/pacemaker/ceilometer-api.yaml index f50e4a15..d130a4bb 100644 --- a/puppet/services/pacemaker/ceilometer-api.yaml +++ b/puppet/services/pacemaker/ceilometer-api.yaml @@ -21,7 +21,7 @@ parameters: resources: CeilometerServiceBase: - type: ../ceilometer-base.yaml + type: ../ceilometer-api.yaml properties: ServiceNetMap: {get_param: ServiceNetMap} DefaultPasswords: {get_param: DefaultPasswords} diff --git a/puppet/services/pacemaker/ceilometer-collector.yaml b/puppet/services/pacemaker/ceilometer-collector.yaml index 8d4348db..97da92e8 100644 --- a/puppet/services/pacemaker/ceilometer-collector.yaml +++ b/puppet/services/pacemaker/ceilometer-collector.yaml @@ -21,7 +21,7 @@ parameters: resources: CeilometerServiceBase: - type: ../ceilometer-base.yaml + type: ../ceilometer-collector.yaml properties: ServiceNetMap: {get_param: ServiceNetMap} DefaultPasswords: {get_param: DefaultPasswords} diff --git a/puppet/services/pacemaker/gnocchi-api.yaml b/puppet/services/pacemaker/gnocchi-api.yaml index 50bd3fa7..42c7131d 100644 --- a/puppet/services/pacemaker/gnocchi-api.yaml +++ b/puppet/services/pacemaker/gnocchi-api.yaml @@ -21,7 +21,7 @@ parameters: resources: GnocchiServiceBase: - type: ../gnocchi-base.yaml + type: ../gnocchi-api.yaml properties: ServiceNetMap: {get_param: ServiceNetMap} DefaultPasswords: {get_param: DefaultPasswords} diff --git a/puppet/services/pacemaker/gnocchi-metricd.yaml b/puppet/services/pacemaker/gnocchi-metricd.yaml index 0a6b03ea..177d7744 100644 --- a/puppet/services/pacemaker/gnocchi-metricd.yaml +++ b/puppet/services/pacemaker/gnocchi-metricd.yaml @@ -21,7 +21,7 @@ parameters: resources: GnocchiServiceBase: - type: ../gnocchi-base.yaml + type: ../gnocchi-metricd.yaml properties: ServiceNetMap: {get_param: ServiceNetMap} DefaultPasswords: {get_param: DefaultPasswords} diff --git a/puppet/services/pacemaker/gnocchi-statsd.yaml b/puppet/services/pacemaker/gnocchi-statsd.yaml index 12256d32..a247a514 100644 --- a/puppet/services/pacemaker/gnocchi-statsd.yaml +++ b/puppet/services/pacemaker/gnocchi-statsd.yaml @@ -21,7 +21,7 @@ parameters: resources: GnocchiServiceBase: - type: ../gnocchi-base.yaml + type: ../gnocchi-statsd.yaml properties: ServiceNetMap: {get_param: ServiceNetMap} DefaultPasswords: {get_param: DefaultPasswords} diff --git a/puppet/services/sahara-api.yaml b/puppet/services/sahara-api.yaml index 5715a8c3..fae9c434 100644 --- a/puppet/services/sahara-api.yaml +++ b/puppet/services/sahara-api.yaml @@ -54,6 +54,12 @@ outputs: sahara::keystone::auth::admin_url: {get_param: [EndpointMap, SaharaAdmin, uri]} sahara::keystone::auth::password: {get_param: SaharaPassword } sahara::keystone::auth::region: {get_param: KeystoneRegion} + # NOTE: bind IP is found in Heat replacing the network name with the local node IP + # for the given network; replacement examples (eg. for internal_api): + # internal_api -> IP + # internal_api_uri -> [IP] + # internal_api_subnet - > IP/CIDR + sahara::host: {get_param: [ServiceNetMap, SaharaApiNetwork]} tripleo.sahara_api.firewall_rules: '132 sahara': dport: |