diff options
Diffstat (limited to 'puppet')
40 files changed, 1472 insertions, 594 deletions
diff --git a/puppet/all-nodes-config.yaml b/puppet/all-nodes-config.yaml index 69bb1935..c764d4ef 100644 --- a/puppet/all-nodes-config.yaml +++ b/puppet/all-nodes-config.yaml @@ -10,7 +10,7 @@ parameters: type: string cloud_name_storage_mgmt: type: string - cloud_name_management: + cloud_name_ctlplane: type: string hosts: type: comma_delimited_list @@ -90,6 +90,33 @@ resources: for_each: SERVICE: str_split: [',', {get_param: enabled_services}] + # Dynamically generate per-service network data + # This works as follows (outer->inner functions) + # yaql - filters services where no mapping exists in ServiceNetMap + # map_replace: substitute e.g heat_api_network with network name from ServiceNetMap + # map_merge/repeat: generate a per-service mapping + - yaql: + # This filters any entries where the value hasn't been substituted for + # a list, e.g it's still $service_network. This happens when there is + # no network defined for the service in the ServiceNetMap, which is OK + # as not all services have to be bound to a network, so we filter them + expression: dict($.data.map.items().where(isString($[1]) and not $[1].endsWith("_network"))) + data: + map: + map_replace: + - map_merge: + repeat: + template: + SERVICE_network: SERVICE_network + for_each: + SERVICE: + str_split: [',', {get_param: enabled_services}] + - values: {get_param: ServiceNetMap} + # Keystone doesn't provide separate entries for the public + # and admin endpoints, so we need to add them here manually + # like we do in the vip-config below + - keystone_admin_api_network: {get_param: [ServiceNetMap, keystone_admin_api_network]} + keystone_public_api_network: {get_param: [ServiceNetMap, keystone_public_api_network]} # provides a mapping of service_name_ips to a list of IPs - {get_param: service_ips} - {get_param: service_node_names} @@ -182,7 +209,7 @@ resources: cloud_name_internal_api: {get_param: cloud_name_internal_api} cloud_name_storage: {get_param: cloud_name_storage} cloud_name_storage_mgmt: {get_param: cloud_name_storage_mgmt} - cloud_name_management: {get_param: cloud_name_management} + cloud_name_ctlplane: {get_param: cloud_name_ctlplane} outputs: config_id: diff --git a/puppet/blockstorage-config.yaml b/puppet/blockstorage-config.yaml new file mode 100644 index 00000000..9b31b448 --- /dev/null +++ b/puppet/blockstorage-config.yaml @@ -0,0 +1,38 @@ +heat_template_version: 2015-04-30 + +description: > + A software config which runs manifests/overcloud_volume.pp + +parameters: + ConfigDebug: + default: false + description: Whether to run config management (e.g. Puppet) in debug mode. + type: boolean + StepConfig: + type: string + description: Config manifests that will be used to step through the deployment. + default: '' + +resources: + + BlockStoragePuppetConfigImpl: + type: OS::Heat::SoftwareConfig + properties: + group: puppet + options: + enable_debug: {get_param: ConfigDebug} + enable_hiera: True + enable_facter: False + modulepath: /etc/puppet/modules:/opt/stack/puppet-modules:/usr/share/openstack-puppet/modules + outputs: + - name: result + config: + list_join: + - '' + - - get_file: manifests/overcloud_volume.pp + - {get_param: StepConfig} + +outputs: + OS::stack_id: + description: The software config which runs overcloud_controller.pp + value: {get_resource: BlockStoragePuppetConfigImpl} diff --git a/puppet/ceph-storage-post.yaml b/puppet/ceph-storage-post.yaml deleted file mode 100644 index df6b7249..00000000 --- a/puppet/ceph-storage-post.yaml +++ /dev/null @@ -1,81 +0,0 @@ -heat_template_version: 2015-04-30 - -description: > - OpenStack ceph storage node post deployment for Puppet - -parameters: - ConfigDebug: - default: false - description: Whether to run config management (e.g. Puppet) in debug mode. - type: boolean - servers: - type: json - RoleData: - type: json - default: {} - DeployIdentifier: - type: string - default: '' - description: Value which changes if the node configuration may need to be re-applied - -resources: - - CephStorageArtifactsConfig: - type: deploy-artifacts.yaml - - CephStorageArtifactsDeploy: - type: OS::Heat::StructuredDeployments - properties: - servers: {get_param: servers} - config: {get_resource: CephStorageArtifactsConfig} - input_values: - update_identifier: {get_param: DeployIdentifier} - - CephStoragePuppetConfig: - type: OS::Heat::SoftwareConfig - properties: - group: puppet - options: - enable_debug: {get_param: ConfigDebug} - enable_hiera: True - enable_facter: False - modulepath: /etc/puppet/modules:/opt/stack/puppet-modules:/usr/share/openstack-puppet/modules - inputs: - - name: step - outputs: - - name: result - config: - list_join: - - '' - - - get_file: manifests/overcloud_cephstorage.pp - - {get_param: [RoleData, step_config]} - - CephStorageDeployment_Step2: - type: OS::Heat::StructuredDeployments - depends_on: CephStorageArtifactsDeploy - properties: - name: CephStorageDeployment_Step2 - servers: {get_param: servers} - config: {get_resource: CephStoragePuppetConfig} - input_values: - step: 2 - update_identifier: {get_param: DeployIdentifier} - - CephStorageDeployment_Step3: - type: OS::Heat::StructuredDeployments - depends_on: CephStorageDeployment_Step2 - properties: - name: CephStorageDeployment_Step3 - servers: {get_param: servers} - config: {get_resource: CephStoragePuppetConfig} - input_values: - step: 3 - update_identifier: {get_param: DeployIdentifier} - - # Note, this should come last, so use depends_on to ensure - # this is created after any other resources. - ExtraConfig: - depends_on: CephStorageDeployment_Step3 - type: OS::TripleO::NodeExtraConfigPost - properties: - servers: {get_param: servers} diff --git a/puppet/ceph-storage.yaml b/puppet/ceph-storage.yaml index 5ba2c298..62748f94 100644 --- a/puppet/ceph-storage.yaml +++ b/puppet/ceph-storage.yaml @@ -27,6 +27,11 @@ parameters: description: Mapping of service_name -> network name. Typically set via parameter_defaults in the resource registry. type: json + EndpointMap: + default: {} + description: Mapping of service endpoint -> protocol. Typically set + via parameter_defaults in the resource registry. + type: json UpdateIdentifier: default: '' type: string @@ -323,6 +328,7 @@ outputs: STORAGE_MGMTIP STORAGE_MGMTHOST.DOMAIN STORAGE_MGMTHOST TENANTIP TENANTHOST.DOMAIN TENANTHOST MANAGEMENTIP MANAGEMENTHOST.DOMAIN MANAGEMENTHOST + CTLPLANEIP CTLPLANEHOST.DOMAIN CTLPLANEHOST params: PRIMARYIP: {get_attr: [NetIpMap, net_ip_map, {get_param: [ServiceNetMap, CephStorageHostnameResolveNetwork]}]} DOMAIN: {get_param: CloudDomain} @@ -363,6 +369,12 @@ outputs: - '.' - - {get_attr: [CephStorage, name]} - management + CTLPLANEIP: {get_attr: [CephStorage, networks, ctlplane, 0]} + CTLPLANEHOST: + list_join: + - '.' + - - {get_attr: [CephStorage, name]} + - ctlplane nova_server_resource: description: Heat resource handle for the ceph storage server value: diff --git a/puppet/cephstorage-config.yaml b/puppet/cephstorage-config.yaml new file mode 100644 index 00000000..4bad4a16 --- /dev/null +++ b/puppet/cephstorage-config.yaml @@ -0,0 +1,38 @@ +heat_template_version: 2015-04-30 + +description: > + A software config which runs manifests/overcloud_cephstorage.pp + +parameters: + ConfigDebug: + default: false + description: Whether to run config management (e.g. Puppet) in debug mode. + type: boolean + StepConfig: + type: string + description: Config manifests that will be used to step through the deployment. + default: '' + +resources: + + CephStoragePuppetConfigImpl: + type: OS::Heat::SoftwareConfig + properties: + group: puppet + options: + enable_debug: {get_param: ConfigDebug} + enable_hiera: True + enable_facter: False + modulepath: /etc/puppet/modules:/opt/stack/puppet-modules:/usr/share/openstack-puppet/modules + outputs: + - name: result + config: + list_join: + - '' + - - get_file: manifests/overcloud_cephstorage.pp + - {get_param: StepConfig} + +outputs: + OS::stack_id: + description: The software config which runs overcloud_controller.pp + value: {get_resource: CephStoragePuppetConfigImpl} diff --git a/puppet/cinder-storage-post.yaml b/puppet/cinder-storage-post.yaml deleted file mode 100644 index 0620bc6c..00000000 --- a/puppet/cinder-storage-post.yaml +++ /dev/null @@ -1,91 +0,0 @@ -heat_template_version: 2015-04-30 -description: 'OpenStack cinder storage post deployment for Puppet' - -parameters: - ConfigDebug: - default: false - description: Whether to run config management (e.g. Puppet) in debug mode. - type: boolean - servers: - type: json - DeployIdentifier: - type: string - default: '' - description: Value which changes if the node configuration may need to be re-applied - RoleData: - type: json - default: {} - -resources: - - VolumeArtifactsConfig: - type: deploy-artifacts.yaml - - VolumeArtifactsDeploy: - type: OS::Heat::StructuredDeployments - properties: - servers: {get_param: servers} - config: {get_resource: VolumeArtifactsConfig} - input_values: - update_identifier: {get_param: DeployIdentifier} - - VolumePuppetConfig: - type: OS::Heat::SoftwareConfig - depends_on: VolumeArtifactsDeploy - properties: - group: puppet - options: - enable_debug: {get_param: ConfigDebug} - enable_hiera: True - enable_facter: False - modulepath: /etc/puppet/modules:/opt/stack/puppet-modules:/usr/share/openstack-puppet/modules - inputs: - - name: step - outputs: - - name: result - config: - list_join: - - '' - - - get_file: manifests/overcloud_volume.pp - - {get_param: [RoleData, step_config]} - - VolumeDeployment_Step2: - type: OS::Heat::StructuredDeployments - depends_on: VolumeArtifactsDeploy - properties: - name: VolumeDeployment_Step2 - servers: {get_param: servers} - config: {get_resource: VolumePuppetConfig} - input_values: - step: 2 - update_identifier: {get_param: DeployIdentifier} - - VolumeDeployment_Step3: - type: OS::Heat::StructuredDeployments - depends_on: VolumeDeployment_Step2 - properties: - name: VolumeDeployment_Step3 - servers: {get_param: servers} - config: {get_resource: VolumePuppetConfig} - input_values: - step: 3 - update_identifier: {get_param: DeployIdentifier} - - VolumeDeployment_Step4: - type: OS::Heat::StructuredDeployments - depends_on: VolumeDeployment_Step3 - properties: - name: VolumeDeployment_Step4 - servers: {get_param: servers} - config: {get_resource: VolumePuppetConfig} - input_values: - step: 4 - update_identifier: {get_param: DeployIdentifier} - - # Note, this should come last, so use depends_on to ensure - # this is created after any other resources. - ExtraConfig: - depends_on: VolumeDeployment_Step4 - type: OS::TripleO::NodeExtraConfigPost - properties: - servers: {get_param: servers} diff --git a/puppet/cinder-storage.yaml b/puppet/cinder-storage.yaml index 699a0969..f5118c2c 100644 --- a/puppet/cinder-storage.yaml +++ b/puppet/cinder-storage.yaml @@ -48,6 +48,11 @@ parameters: description: Mapping of service_name -> network name. Typically set via parameter_defaults in the resource registry. type: json + EndpointMap: + default: {} + description: Mapping of service endpoint -> protocol. Typically set + via parameter_defaults in the resource registry. + type: json NetworkDeploymentActions: type: comma_delimited_list description: > @@ -313,6 +318,7 @@ outputs: STORAGE_MGMTIP STORAGE_MGMTHOST.DOMAIN STORAGE_MGMTHOST TENANTIP TENANTHOST.DOMAIN TENANTHOST MANAGEMENTIP MANAGEMENTHOST.DOMAIN MANAGEMENTHOST + CTLPLANEIP CTLPLANEHOST.DOMAIN CTLPLANEHOST params: PRIMARYIP: {get_attr: [NetIpMap, net_ip_map, {get_param: [ServiceNetMap, BlockStorageHostnameResolveNetwork]}]} DOMAIN: {get_param: CloudDomain} @@ -353,6 +359,12 @@ outputs: - '.' - - {get_attr: [BlockStorage, name]} - management + CTLPLANEIP: {get_attr: [BlockStorage, networks, ctlplane, 0]} + CTLPLANEHOST: + list_join: + - '.' + - - {get_attr: [BlockStorage, name]} + - ctlplane nova_server_resource: description: Heat resource handle for the block storage server value: diff --git a/puppet/compute-config.yaml b/puppet/compute-config.yaml new file mode 100644 index 00000000..9e128d3a --- /dev/null +++ b/puppet/compute-config.yaml @@ -0,0 +1,38 @@ +heat_template_version: 2015-04-30 + +description: > + A software config which runs manifests/overcloud_compute.pp + +parameters: + ConfigDebug: + default: false + description: Whether to run config management (e.g. Puppet) in debug mode. + type: boolean + StepConfig: + type: string + description: Config manifests that will be used to step through the deployment. + default: '' + +resources: + + ComputePuppetConfigImpl: + type: OS::Heat::SoftwareConfig + properties: + group: puppet + options: + enable_debug: {get_param: ConfigDebug} + enable_hiera: True + enable_facter: False + modulepath: /etc/puppet/modules:/opt/stack/puppet-modules:/usr/share/openstack-puppet/modules + outputs: + - name: result + config: + list_join: + - '' + - - get_file: manifests/overcloud_compute.pp + - {get_param: StepConfig} + +outputs: + OS::stack_id: + description: The software config which runs overcloud_controller.pp + value: {get_resource: ComputePuppetConfigImpl} diff --git a/puppet/compute-post.yaml b/puppet/compute-post.yaml deleted file mode 100644 index 358ec5a8..00000000 --- a/puppet/compute-post.yaml +++ /dev/null @@ -1,93 +0,0 @@ -heat_template_version: 2015-04-30 - -description: > - OpenStack compute node post deployment for Puppet. - -parameters: - ConfigDebug: - default: false - description: Whether to run config management (e.g. Puppet) in debug mode. - type: boolean - servers: - type: json - RoleData: - type: json - default: {} - DeployIdentifier: - type: string - default: '' - description: Value which changes if the node configuration may need to be re-applied - -resources: - - ComputeArtifactsConfig: - type: deploy-artifacts.yaml - - ComputeArtifactsDeploy: - type: OS::Heat::StructuredDeployments - properties: - servers: {get_param: servers} - config: {get_resource: ComputeArtifactsConfig} - input_values: - update_identifier: {get_param: DeployIdentifier} - - ComputePuppetConfig: - type: OS::Heat::SoftwareConfig - properties: - group: puppet - options: - enable_debug: {get_param: ConfigDebug} - enable_hiera: True - enable_facter: False - modulepath: /etc/puppet/modules:/opt/stack/puppet-modules:/usr/share/openstack-puppet/modules - inputs: - - name: step - outputs: - - name: result - config: - list_join: - - '' - - - get_file: manifests/overcloud_compute.pp - - {get_param: [RoleData, step_config]} - - ComputeServicesBaseDeployment_Step2: - type: OS::Heat::StructuredDeployments - depends_on: [ComputeArtifactsDeploy] - properties: - name: ComputeServicesBaseDeployment_Step2 - servers: {get_param: servers} - config: {get_resource: ComputePuppetConfig} - input_values: - step: 2 - update_identifier: {get_param: DeployIdentifier} - - ComputeOvercloudServicesDeployment_Step3: - type: OS::Heat::StructuredDeployments - depends_on: ComputeServicesBaseDeployment_Step2 - properties: - name: ComputeOvercloudServicesDeployment_Step3 - servers: {get_param: servers} - config: {get_resource: ComputePuppetConfig} - input_values: - step: 3 - update_identifier: {get_param: DeployIdentifier} - - ComputeOvercloudServicesDeployment_Step4: - type: OS::Heat::StructuredDeployments - depends_on: ComputeOvercloudServicesDeployment_Step3 - properties: - name: ComputeOvercloudServicesDeployment_Step4 - servers: {get_param: servers} - config: {get_resource: ComputePuppetConfig} - input_values: - step: 4 - update_identifier: {get_param: DeployIdentifier} - - # Note, this should come last, so use depends_on to ensure - # this is created after any other resources. - ExtraConfig: - depends_on: ComputeOvercloudServicesDeployment_Step4 - type: OS::TripleO::NodeExtraConfigPost - properties: - servers: {get_param: servers} - diff --git a/puppet/compute.yaml b/puppet/compute.yaml index e74d1a54..05b8d065 100644 --- a/puppet/compute.yaml +++ b/puppet/compute.yaml @@ -373,6 +373,7 @@ outputs: STORAGE_MGMTIP STORAGE_MGMTHOST.DOMAIN STORAGE_MGMTHOST TENANTIP TENANTHOST.DOMAIN TENANTHOST MANAGEMENTIP MANAGEMENTHOST.DOMAIN MANAGEMENTHOST + CTLPLANEIP CTLPLANEHOST.DOMAIN CTLPLANEHOST params: PRIMARYIP: {get_attr: [NetIpMap, net_ip_map, {get_param: [ServiceNetMap, ComputeHostnameResolveNetwork]}]} DOMAIN: {get_param: CloudDomain} @@ -413,6 +414,12 @@ outputs: - '.' - - {get_attr: [NovaCompute, name]} - management + CTLPLANEIP: {get_attr: [NovaCompute, networks, ctlplane, 0]} + CTLPLANEHOST: + list_join: + - '.' + - - {get_attr: [NovaCompute, name]} + - ctlplane nova_server_resource: description: Heat resource handle for the Nova compute server value: diff --git a/puppet/controller-post.yaml b/puppet/controller-post.yaml deleted file mode 100644 index c97c3bc8..00000000 --- a/puppet/controller-post.yaml +++ /dev/null @@ -1,117 +0,0 @@ -heat_template_version: 2015-04-30 - -description: > - OpenStack controller node post deployment for Puppet. - -parameters: - ConfigDebug: - default: false - description: Whether to run config management (e.g. Puppet) in debug mode. - type: boolean - servers: - type: json - RoleData: - type: json - default: {} - DeployIdentifier: - type: string - default: '' - description: Value which changes if the node configuration may need to be re-applied - -resources: - - ControllerArtifactsConfig: - type: deploy-artifacts.yaml - - ControllerArtifactsDeploy: - type: OS::Heat::StructuredDeployments - properties: - servers: {get_param: servers} - config: {get_resource: ControllerArtifactsConfig} - - ControllerPrePuppet: - type: OS::TripleO::Tasks::ControllerPrePuppet - properties: - servers: {get_param: servers} - input_values: - update_identifier: {get_param: DeployIdentifier} - - ControllerPuppetConfig: - type: OS::TripleO::ControllerConfig - properties: - StepConfig: {get_param: [RoleData, step_config]} - - # Step through a series of Puppet runs using the same manifest. - # NOTE: To enable stepping through the deployments via heat hooks, - # you must observe the glob naming defined in overcloud-steps.yaml - # e.g all Deployment resources should have a *Deployment_StepN suffix - ControllerLoadBalancerDeployment_Step1: - type: OS::Heat::StructuredDeployments - depends_on: [ControllerPrePuppet, ControllerArtifactsDeploy] - properties: - name: ControllerLoadBalancerDeployment_Step1 - servers: {get_param: servers} - config: {get_resource: ControllerPuppetConfig} - input_values: - step: 1 - update_identifier: {get_param: DeployIdentifier} - - ControllerServicesBaseDeployment_Step2: - type: OS::Heat::StructuredDeployments - depends_on: ControllerLoadBalancerDeployment_Step1 - properties: - name: ControllerServicesBaseDeployment_Step2 - servers: {get_param: servers} - config: {get_resource: ControllerPuppetConfig} - input_values: - step: 2 - update_identifier: {get_param: DeployIdentifier} - - ControllerOvercloudServicesDeployment_Step3: - type: OS::Heat::StructuredDeployments - depends_on: ControllerServicesBaseDeployment_Step2 - properties: - name: ControllerOvercloudServicesDeployment_Step3 - servers: {get_param: servers} - config: {get_resource: ControllerPuppetConfig} - input_values: - step: 3 - update_identifier: {get_param: DeployIdentifier} - - ControllerOvercloudServicesDeployment_Step4: - type: OS::Heat::StructuredDeployments - depends_on: ControllerOvercloudServicesDeployment_Step3 - properties: - name: ControllerOvercloudServicesDeployment_Step4 - servers: {get_param: servers} - config: {get_resource: ControllerPuppetConfig} - input_values: - step: 4 - update_identifier: {get_param: DeployIdentifier} - - ControllerOvercloudServicesDeployment_Step5: - type: OS::Heat::StructuredDeployments - depends_on: ControllerOvercloudServicesDeployment_Step4 - properties: - name: ControllerOvercloudServicesDeployment_Step5 - servers: {get_param: servers} - config: {get_resource: ControllerPuppetConfig} - input_values: - step: 5 - update_identifier: {get_param: DeployIdentifier} - - ControllerPostPuppet: - type: OS::TripleO::Tasks::ControllerPostPuppet - depends_on: ControllerOvercloudServicesDeployment_Step5 - properties: - servers: {get_param: servers} - input_values: - update_identifier: {get_param: DeployIdentifier} - - # Note, this should come last, so use depends_on to ensure - # this is created after any other resources. - ExtraConfig: - depends_on: ControllerPostPuppet - type: OS::TripleO::NodeExtraConfigPost - properties: - servers: {get_param: servers} diff --git a/puppet/controller.yaml b/puppet/controller.yaml index 1656aea7..33ed51c0 100644 --- a/puppet/controller.yaml +++ b/puppet/controller.yaml @@ -62,10 +62,6 @@ parameters: default: nic1 description: What interface to bridge onto br-ex for network nodes. type: string - SwiftRawDisks: - default: {} - description: 'A hash of additional raw devices to use as Swift backend (eg. {sdb: {}})' - type: json ServiceNetMap: default: {} description: Mapping of service_name -> network name. Typically set @@ -313,8 +309,7 @@ resources: - service_configs - service_names - controller - - swift_devices_and_proxy # provided by SwiftDevicesAndProxyConfig - - bootstrap_node # provided by allNodesConfig + - bootstrap_node # provided by BootstrapNodeConfig - all_nodes # provided by allNodesConfig - vip_data # provided by allNodesConfig - '"%{::osfamily}"' @@ -421,6 +416,7 @@ outputs: STORAGE_MGMTIP STORAGE_MGMTHOST.DOMAIN STORAGE_MGMTHOST TENANTIP TENANTHOST.DOMAIN TENANTHOST MANAGEMENTIP MANAGEMENTHOST.DOMAIN MANAGEMENTHOST + CTLPLANEIP CTLPLANEHOST.DOMAIN CTLPLANEHOST params: PRIMARYIP: {get_attr: [NetIpMap, net_ip_map, {get_param: [ServiceNetMap, ControllerHostnameResolveNetwork]}]} DOMAIN: {get_param: CloudDomain} @@ -461,31 +457,16 @@ outputs: - '.' - - {get_attr: [Controller, name]} - management + CTLPLANEIP: {get_attr: [Controller, networks, ctlplane, 0]} + CTLPLANEHOST: + list_join: + - '.' + - - {get_attr: [Controller, name]} + - ctlplane nova_server_resource: description: Heat resource handle for the Nova compute server value: {get_resource: Controller} - swift_device: - description: Swift device formatted for swift-ring-builder - value: - str_replace: - template: - list_join: - - ',' - - ['r1z1-IP:%PORT%/d1'] - - repeat: - template: 'r1z1-IP:%PORT%/DEVICE' - for_each: - DEVICE: {get_param: SwiftRawDisks} - params: - IP: - get_attr: - - NetIpMap - - net_ip_map - - str_replace: - template: "NETWORK_uri" - params: - NETWORK: {get_param: [ServiceNetMap, SwiftMgmtNetwork]} tls_key_modulus_md5: description: MD5 checksum of the TLS Key Modulus value: {get_attr: [NodeTLSData, key_modulus_md5]} diff --git a/puppet/objectstorage-config.yaml b/puppet/objectstorage-config.yaml new file mode 100644 index 00000000..1dee8e60 --- /dev/null +++ b/puppet/objectstorage-config.yaml @@ -0,0 +1,38 @@ +heat_template_version: 2015-04-30 + +description: > + A software config which runs manifests/overcloud_object.pp + +parameters: + ConfigDebug: + default: false + description: Whether to run config management (e.g. Puppet) in debug mode. + type: boolean + StepConfig: + type: string + description: Config manifests that will be used to step through the deployment. + default: '' + +resources: + + ObjectStoragePuppetConfigImpl: + type: OS::Heat::SoftwareConfig + properties: + group: puppet + options: + enable_debug: {get_param: ConfigDebug} + enable_hiera: True + enable_facter: False + modulepath: /etc/puppet/modules:/opt/stack/puppet-modules:/usr/share/openstack-puppet/modules + outputs: + - name: result + config: + list_join: + - '' + - - get_file: manifests/overcloud_object.pp + - {get_param: StepConfig} + +outputs: + OS::stack_id: + description: The software config which runs overcloud_controller.pp + value: {get_resource: ObjectStoragePuppetConfigImpl} diff --git a/puppet/post.yaml b/puppet/post.yaml new file mode 100644 index 00000000..8f57b34e --- /dev/null +++ b/puppet/post.yaml @@ -0,0 +1,644 @@ +heat_template_version: 2016-10-14 + +description: > + Post-deploy configuration steps via puppet for all roles, + Controller, Compute, BlockStorage, SwiftStorage and CephStorage. + +parameters: + servers: + type: json + description: Mapping of Role name e.g Controller to a list of servers + + role_data: + type: json + description: Mapping of Role name e.g Controller to the per-role data + + DeployIdentifier: + default: '' + type: string + description: > + Setting this to a unique value will re-run any deployment tasks which + perform configuration on a Heat stack-update. + +resources: + # Post deployment steps for all roles + # A single config is re-applied with an incrementing step number + # Controller Role steps + ControllerArtifactsConfig: + type: deploy-artifacts.yaml + + ControllerArtifactsDeploy: + type: OS::Heat::StructuredDeployments + properties: + servers: {get_param: [servers, Controller]} + config: {get_resource: ControllerArtifactsConfig} + + ControllerPreConfig: + type: OS::TripleO::Tasks::ControllerPreConfig + properties: + servers: {get_param: [servers, Controller]} + input_values: + update_identifier: {get_param: DeployIdentifier} + + ControllerConfig: + type: OS::TripleO::ControllerConfig + properties: + StepConfig: {get_param: [role_data, Controller, step_config]} + + # Step through a series of configuration steps + ControllerDeployment_Step1: + type: OS::Heat::StructuredDeploymentGroup + depends_on: [ControllerPreConfig, ControllerArtifactsDeploy] + properties: + name: ControllerDeployment_Step1 + servers: {get_param: [servers, Controller]} + config: {get_resource: ControllerConfig} + input_values: + step: 1 + update_identifier: {get_param: DeployIdentifier} + + ControllerDeployment_Step2: + type: OS::Heat::StructuredDeploymentGroup + depends_on: + - ControllerDeployment_Step1 + - ComputeDeployment_Step1 + - BlockStorageDeployment_Step1 + - ObjectStorageDeployment_Step1 + - CephStorageDeployment_Step1 + properties: + name: ControllerDeployment_Step2 + servers: {get_param: [servers, Controller]} + config: {get_resource: ControllerConfig} + input_values: + step: 2 + update_identifier: {get_param: DeployIdentifier} + + ControllerDeployment_Step3: + type: OS::Heat::StructuredDeploymentGroup + depends_on: + - ControllerDeployment_Step2 + - ComputeDeployment_Step2 + - BlockStorageDeployment_Step2 + - ObjectStorageDeployment_Step2 + - CephStorageDeployment_Step2 + properties: + name: ControllerDeployment_Step3 + servers: {get_param: [servers, Controller]} + config: {get_resource: ControllerConfig} + input_values: + step: 3 + update_identifier: {get_param: DeployIdentifier} + + ControllerDeployment_Step4: + type: OS::Heat::StructuredDeploymentGroup + depends_on: + - ControllerDeployment_Step3 + - ComputeDeployment_Step3 + - BlockStorageDeployment_Step3 + - ObjectStorageDeployment_Step3 + - CephStorageDeployment_Step3 + properties: + name: ControllerDeployment_Step4 + servers: {get_param: [servers, Controller]} + config: {get_resource: ControllerConfig} + input_values: + step: 4 + update_identifier: {get_param: DeployIdentifier} + + ControllerDeployment_Step5: + type: OS::Heat::StructuredDeploymentGroup + depends_on: + - ControllerDeployment_Step4 + - ComputeDeployment_Step4 + - BlockStorageDeployment_Step4 + - ObjectStorageDeployment_Step4 + - CephStorageDeployment_Step4 + properties: + name: ControllerDeployment_Step5 + servers: {get_param: [servers, Controller]} + config: {get_resource: ControllerConfig} + input_values: + step: 5 + update_identifier: {get_param: DeployIdentifier} + + ControllerPostConfig: + type: OS::TripleO::Tasks::ControllerPostConfig + depends_on: + - ControllerDeployment_Step5 + - ComputeDeployment_Step5 + - BlockStorageDeployment_Step5 + - ObjectStorageDeployment_Step5 + - CephStorageDeployment_Step5 + properties: + servers: {get_param: servers} + input_values: + update_identifier: {get_param: DeployIdentifier} + + # Note, this should come last, so use depends_on to ensure + # this is created after any other resources. + ControllerExtraConfigPost: + depends_on: + - ControllerPostConfig + - ComputePostConfig + - BlockStoragePostConfig + - ObjectStoragePostConfig + - CephStoragePostConfig + type: OS::TripleO::NodeExtraConfigPost + properties: + servers: {get_param: [servers, Controller]} + + # Compute Role steps + ComputeArtifactsConfig: + type: deploy-artifacts.yaml + + ComputeArtifactsDeploy: + type: OS::Heat::StructuredDeployments + properties: + servers: {get_param: [servers, Compute]} + config: {get_resource: ComputeArtifactsConfig} + + ComputePreConfig: + type: OS::TripleO::Tasks::ComputePreConfig + properties: + servers: {get_param: [servers, Compute]} + input_values: + update_identifier: {get_param: DeployIdentifier} + + ComputeConfig: + type: OS::TripleO::ComputeConfig + properties: + StepConfig: {get_param: [role_data, Compute, step_config]} + + # Step through a series of configuration steps + ComputeDeployment_Step1: + type: OS::Heat::StructuredDeploymentGroup + depends_on: [ComputePreConfig, ComputeArtifactsDeploy] + properties: + name: ComputeDeployment_Step1 + servers: {get_param: [servers, Compute]} + config: {get_resource: ComputeConfig} + input_values: + step: 1 + update_identifier: {get_param: DeployIdentifier} + + ComputeDeployment_Step2: + type: OS::Heat::StructuredDeploymentGroup + depends_on: + - ControllerDeployment_Step1 + - ComputeDeployment_Step1 + - BlockStorageDeployment_Step1 + - ObjectStorageDeployment_Step1 + - CephStorageDeployment_Step1 + properties: + name: ComputeDeployment_Step2 + servers: {get_param: [servers, Compute]} + config: {get_resource: ComputeConfig} + input_values: + step: 2 + update_identifier: {get_param: DeployIdentifier} + + ComputeDeployment_Step3: + type: OS::Heat::StructuredDeploymentGroup + depends_on: + - ControllerDeployment_Step2 + - ComputeDeployment_Step2 + - BlockStorageDeployment_Step2 + - ObjectStorageDeployment_Step2 + - CephStorageDeployment_Step2 + properties: + name: ComputeDeployment_Step3 + servers: {get_param: [servers, Compute]} + config: {get_resource: ComputeConfig} + input_values: + step: 3 + update_identifier: {get_param: DeployIdentifier} + + ComputeDeployment_Step4: + type: OS::Heat::StructuredDeploymentGroup + depends_on: + - ControllerDeployment_Step3 + - ComputeDeployment_Step3 + - BlockStorageDeployment_Step3 + - ObjectStorageDeployment_Step3 + - CephStorageDeployment_Step3 + properties: + name: ComputeDeployment_Step4 + servers: {get_param: [servers, Compute]} + config: {get_resource: ComputeConfig} + input_values: + step: 4 + update_identifier: {get_param: DeployIdentifier} + + ComputeDeployment_Step5: + type: OS::Heat::StructuredDeploymentGroup + depends_on: + - ControllerDeployment_Step4 + - ComputeDeployment_Step4 + - BlockStorageDeployment_Step4 + - ObjectStorageDeployment_Step4 + - CephStorageDeployment_Step4 + properties: + name: ComputeDeployment_Step5 + servers: {get_param: [servers, Compute]} + config: {get_resource: ComputeConfig} + input_values: + step: 5 + update_identifier: {get_param: DeployIdentifier} + + ComputePostConfig: + type: OS::TripleO::Tasks::ComputePostConfig + depends_on: + - ControllerDeployment_Step5 + - ComputeDeployment_Step5 + - BlockStorageDeployment_Step5 + - ObjectStorageDeployment_Step5 + - CephStorageDeployment_Step5 + properties: + servers: {get_param: servers} + input_values: + update_identifier: {get_param: DeployIdentifier} + + # Note, this should come last, so use depends_on to ensure + # this is created after any other resources. + ComputeExtraConfigPost: + depends_on: + - ControllerPostConfig + - ComputePostConfig + - BlockStoragePostConfig + - ObjectStoragePostConfig + - CephStoragePostConfig + type: OS::TripleO::NodeExtraConfigPost + properties: + servers: {get_param: [servers, Compute]} + + # BlockStorage Role steps + BlockStorageArtifactsConfig: + type: deploy-artifacts.yaml + + BlockStorageArtifactsDeploy: + type: OS::Heat::StructuredDeployments + properties: + servers: {get_param: [servers, BlockStorage]} + config: {get_resource: BlockStorageArtifactsConfig} + + BlockStoragePreConfig: + type: OS::TripleO::Tasks::BlockStoragePreConfig + properties: + servers: {get_param: [servers, BlockStorage]} + input_values: + update_identifier: {get_param: DeployIdentifier} + + BlockStorageConfig: + type: OS::TripleO::BlockStorageConfig + properties: + StepConfig: {get_param: [role_data, BlockStorage, step_config]} + + # Step through a series of configuration steps + BlockStorageDeployment_Step1: + type: OS::Heat::StructuredDeploymentGroup + depends_on: [BlockStoragePreConfig, BlockStorageArtifactsDeploy] + properties: + name: BlockStorageDeployment_Step1 + servers: {get_param: [servers, BlockStorage]} + config: {get_resource: BlockStorageConfig} + input_values: + step: 1 + update_identifier: {get_param: DeployIdentifier} + + BlockStorageDeployment_Step2: + type: OS::Heat::StructuredDeploymentGroup + depends_on: + - ControllerDeployment_Step1 + - ComputeDeployment_Step1 + - BlockStorageDeployment_Step1 + - ObjectStorageDeployment_Step1 + - CephStorageDeployment_Step1 + properties: + name: BlockStorageDeployment_Step2 + servers: {get_param: [servers, BlockStorage]} + config: {get_resource: BlockStorageConfig} + input_values: + step: 2 + update_identifier: {get_param: DeployIdentifier} + + BlockStorageDeployment_Step3: + type: OS::Heat::StructuredDeploymentGroup + depends_on: + - ControllerDeployment_Step2 + - ComputeDeployment_Step2 + - BlockStorageDeployment_Step2 + - ObjectStorageDeployment_Step2 + - CephStorageDeployment_Step2 + properties: + name: BlockStorageDeployment_Step3 + servers: {get_param: [servers, BlockStorage]} + config: {get_resource: BlockStorageConfig} + input_values: + step: 3 + update_identifier: {get_param: DeployIdentifier} + + BlockStorageDeployment_Step4: + type: OS::Heat::StructuredDeploymentGroup + depends_on: + - ControllerDeployment_Step3 + - ComputeDeployment_Step3 + - BlockStorageDeployment_Step3 + - ObjectStorageDeployment_Step3 + - CephStorageDeployment_Step3 + properties: + name: BlockStorageDeployment_Step4 + servers: {get_param: [servers, BlockStorage]} + config: {get_resource: BlockStorageConfig} + input_values: + step: 4 + update_identifier: {get_param: DeployIdentifier} + + BlockStorageDeployment_Step5: + type: OS::Heat::StructuredDeploymentGroup + depends_on: + - ControllerDeployment_Step4 + - ComputeDeployment_Step4 + - BlockStorageDeployment_Step4 + - ObjectStorageDeployment_Step4 + - CephStorageDeployment_Step4 + properties: + name: BlockStorageDeployment_Step5 + servers: {get_param: [servers, BlockStorage]} + config: {get_resource: BlockStorageConfig} + input_values: + step: 5 + update_identifier: {get_param: DeployIdentifier} + + BlockStoragePostConfig: + type: OS::TripleO::Tasks::BlockStoragePostConfig + depends_on: + - ControllerDeployment_Step5 + - ComputeDeployment_Step5 + - BlockStorageDeployment_Step5 + - ObjectStorageDeployment_Step5 + - CephStorageDeployment_Step5 + properties: + servers: {get_param: servers} + input_values: + update_identifier: {get_param: DeployIdentifier} + + # Note, this should come last, so use depends_on to ensure + # this is created after any other resources. + BlockStorageExtraConfigPost: + depends_on: + - ControllerPostConfig + - ComputePostConfig + - BlockStoragePostConfig + - ObjectStoragePostConfig + - CephStoragePostConfig + type: OS::TripleO::NodeExtraConfigPost + properties: + servers: {get_param: [servers, BlockStorage]} + + # ObjectStorage Role steps + ObjectStorageArtifactsConfig: + type: deploy-artifacts.yaml + + ObjectStorageArtifactsDeploy: + type: OS::Heat::StructuredDeployments + properties: + servers: {get_param: [servers, ObjectStorage]} + config: {get_resource: ObjectStorageArtifactsConfig} + + ObjectStoragePreConfig: + type: OS::TripleO::Tasks::ObjectStoragePreConfig + properties: + servers: {get_param: [servers, ObjectStorage]} + input_values: + update_identifier: {get_param: DeployIdentifier} + + ObjectStorageConfig: + type: OS::TripleO::ObjectStorageConfig + properties: + StepConfig: {get_param: [role_data, ObjectStorage, step_config]} + + # Step through a series of configuration steps + ObjectStorageDeployment_Step1: + type: OS::Heat::StructuredDeploymentGroup + depends_on: [ObjectStoragePreConfig, ObjectStorageArtifactsDeploy] + properties: + name: ObjectStorageDeployment_Step1 + servers: {get_param: [servers, ObjectStorage]} + config: {get_resource: ObjectStorageConfig} + input_values: + step: 1 + update_identifier: {get_param: DeployIdentifier} + + ObjectStorageDeployment_Step2: + type: OS::Heat::StructuredDeploymentGroup + depends_on: + - ControllerDeployment_Step1 + - ComputeDeployment_Step1 + - BlockStorageDeployment_Step1 + - ObjectStorageDeployment_Step1 + - CephStorageDeployment_Step1 + properties: + name: ObjectStorageDeployment_Step2 + servers: {get_param: [servers, ObjectStorage]} + config: {get_resource: ObjectStorageConfig} + input_values: + step: 2 + update_identifier: {get_param: DeployIdentifier} + + ObjectStorageDeployment_Step3: + type: OS::Heat::StructuredDeploymentGroup + depends_on: + - ControllerDeployment_Step2 + - ComputeDeployment_Step2 + - BlockStorageDeployment_Step2 + - ObjectStorageDeployment_Step2 + - CephStorageDeployment_Step2 + properties: + name: ObjectStorageDeployment_Step3 + servers: {get_param: [servers, ObjectStorage]} + config: {get_resource: ObjectStorageConfig} + input_values: + step: 3 + update_identifier: {get_param: DeployIdentifier} + + ObjectStorageDeployment_Step4: + type: OS::Heat::StructuredDeploymentGroup + depends_on: + - ControllerDeployment_Step3 + - ComputeDeployment_Step3 + - BlockStorageDeployment_Step3 + - ObjectStorageDeployment_Step3 + - CephStorageDeployment_Step3 + properties: + name: ObjectStorageDeployment_Step4 + servers: {get_param: [servers, ObjectStorage]} + config: {get_resource: ObjectStorageConfig} + input_values: + step: 4 + update_identifier: {get_param: DeployIdentifier} + + ObjectStorageDeployment_Step5: + type: OS::Heat::StructuredDeploymentGroup + depends_on: + - ControllerDeployment_Step4 + - ComputeDeployment_Step4 + - BlockStorageDeployment_Step4 + - ObjectStorageDeployment_Step4 + - CephStorageDeployment_Step4 + properties: + name: ObjectStorageDeployment_Step5 + servers: {get_param: [servers, ObjectStorage]} + config: {get_resource: ObjectStorageConfig} + input_values: + step: 5 + update_identifier: {get_param: DeployIdentifier} + + ObjectStoragePostConfig: + type: OS::TripleO::Tasks::ObjectStoragePostConfig + depends_on: + - ControllerDeployment_Step5 + - ComputeDeployment_Step5 + - BlockStorageDeployment_Step5 + - ObjectStorageDeployment_Step5 + - CephStorageDeployment_Step5 + properties: + servers: {get_param: servers} + input_values: + update_identifier: {get_param: DeployIdentifier} + + # Note, this should come last, so use depends_on to ensure + # this is created after any other resources. + ObjectStorageExtraConfigPost: + depends_on: + - ControllerPostConfig + - ComputePostConfig + - BlockStoragePostConfig + - ObjectStoragePostConfig + - CephStoragePostConfig + type: OS::TripleO::NodeExtraConfigPost + properties: + servers: {get_param: [servers, ObjectStorage]} + + # CephStorage Role steps + CephStorageArtifactsConfig: + type: deploy-artifacts.yaml + + CephStorageArtifactsDeploy: + type: OS::Heat::StructuredDeployments + properties: + servers: {get_param: [servers, CephStorage]} + config: {get_resource: CephStorageArtifactsConfig} + + CephStoragePreConfig: + type: OS::TripleO::Tasks::CephStoragePreConfig + properties: + servers: {get_param: [servers, CephStorage]} + input_values: + update_identifier: {get_param: DeployIdentifier} + + CephStorageConfig: + type: OS::TripleO::CephStorageConfig + properties: + StepConfig: {get_param: [role_data, CephStorage, step_config]} + + # Step through a series of configuration steps + CephStorageDeployment_Step1: + type: OS::Heat::StructuredDeploymentGroup + depends_on: [CephStoragePreConfig, CephStorageArtifactsDeploy] + properties: + name: CephStorageDeployment_Step1 + servers: {get_param: [servers, CephStorage]} + config: {get_resource: CephStorageConfig} + input_values: + step: 1 + update_identifier: {get_param: DeployIdentifier} + + CephStorageDeployment_Step2: + type: OS::Heat::StructuredDeploymentGroup + depends_on: + - ControllerDeployment_Step1 + - ComputeDeployment_Step1 + - BlockStorageDeployment_Step1 + - ObjectStorageDeployment_Step1 + - CephStorageDeployment_Step1 + properties: + name: CephStorageDeployment_Step2 + servers: {get_param: [servers, CephStorage]} + config: {get_resource: CephStorageConfig} + input_values: + step: 2 + update_identifier: {get_param: DeployIdentifier} + + CephStorageDeployment_Step3: + type: OS::Heat::StructuredDeploymentGroup + depends_on: + - ControllerDeployment_Step2 + - ComputeDeployment_Step2 + - BlockStorageDeployment_Step2 + - ObjectStorageDeployment_Step2 + - CephStorageDeployment_Step2 + properties: + name: CephStorageDeployment_Step3 + servers: {get_param: [servers, CephStorage]} + config: {get_resource: CephStorageConfig} + input_values: + step: 3 + update_identifier: {get_param: DeployIdentifier} + + CephStorageDeployment_Step4: + type: OS::Heat::StructuredDeploymentGroup + depends_on: + - ControllerDeployment_Step3 + - ComputeDeployment_Step3 + - BlockStorageDeployment_Step3 + - ObjectStorageDeployment_Step3 + - CephStorageDeployment_Step3 + properties: + name: CephStorageDeployment_Step4 + servers: {get_param: [servers, CephStorage]} + config: {get_resource: CephStorageConfig} + input_values: + step: 4 + update_identifier: {get_param: DeployIdentifier} + + CephStorageDeployment_Step5: + type: OS::Heat::StructuredDeploymentGroup + depends_on: + - ControllerDeployment_Step4 + - ComputeDeployment_Step4 + - BlockStorageDeployment_Step4 + - ObjectStorageDeployment_Step4 + - CephStorageDeployment_Step4 + properties: + name: CephStorageDeployment_Step5 + servers: {get_param: [servers, CephStorage]} + config: {get_resource: CephStorageConfig} + input_values: + step: 5 + update_identifier: {get_param: DeployIdentifier} + + CephStoragePostConfig: + type: OS::TripleO::Tasks::CephStoragePostConfig + depends_on: + - ControllerDeployment_Step5 + - ComputeDeployment_Step5 + - BlockStorageDeployment_Step5 + - ObjectStorageDeployment_Step5 + - CephStorageDeployment_Step5 + properties: + servers: {get_param: servers} + input_values: + update_identifier: {get_param: DeployIdentifier} + + # Note, this should come last, so use depends_on to ensure + # this is created after any other resources. + CephStorageExtraConfigPost: + depends_on: + - ControllerPostConfig + - ComputePostConfig + - BlockStoragePostConfig + - ObjectStoragePostConfig + - CephStoragePostConfig + type: OS::TripleO::NodeExtraConfigPost + properties: + servers: {get_param: [servers, CephStorage]} diff --git a/puppet/services/README.rst b/puppet/services/README.rst index 15c8c1f1..8fe51fa3 100644 --- a/puppet/services/README.rst +++ b/puppet/services/README.rst @@ -31,6 +31,8 @@ are re-asserted when applying latter ones. * config_settings: Custom hiera settings for this service. + * global_config_settings: Additional hiera settings distributed to all roles. + * step_config: A puppet manifest that is used to step through the deployment sequence. Each sequence is given a "step" (via hiera('step') that provides information for when puppet classes should activate themselves. diff --git a/puppet/services/ceph-rgw.yaml b/puppet/services/ceph-rgw.yaml new file mode 100644 index 00000000..6bb4f6d1 --- /dev/null +++ b/puppet/services/ceph-rgw.yaml @@ -0,0 +1,77 @@ +heat_template_version: 2016-04-08 + +description: > + Ceph RadosGW service. + +parameters: + ServiceNetMap: + default: {} + description: Mapping of service_name -> network name. Typically set + via parameter_defaults in the resource registry. This + mapping overrides those in ServiceNetMapDefaults. + type: json + DefaultPasswords: + default: {} + type: json + EndpointMap: + default: {} + description: Mapping of service endpoint -> protocol. Typically set + via parameter_defaults in the resource registry. + type: json + AdminToken: + description: The keystone auth secret and db password. + type: string + hidden: true + CephRgwKey: + description: The cephx key for the radosgw client. Can be created + with ceph-authtool --gen-print-key. + type: string + hidden: true + SwiftPassword: + description: The password for the swift service account, used by the Ceph RGW services. + type: string + hidden: true + KeystoneRegion: + type: string + default: 'regionOne' + description: Keystone region for endpoint + +resources: + CephBase: + type: ./ceph-base.yaml + properties: + ServiceNetMap: {get_param: ServiceNetMap} + DefaultPasswords: {get_param: DefaultPasswords} + EndpointMap: {get_param: EndpointMap} + +outputs: + role_data: + description: Role data for the Ceph RadosGW service. + value: + service_name: ceph_rgw + config_settings: + map_merge: + - get_attr: [CephBase, role_data, config_settings] + - tripleo::profile::base::ceph::rgw::rgw_key: {get_param: CephRgwKey} + tripleo::profile::base::ceph::rgw::keystone_admin_token: {get_param: AdminToken} + tripleo::profile::base::ceph::rgw::keystone_url: {get_param: [EndpointMap, KeystoneAdmin, uri_no_suffix]} + ceph::profile::params::frontend_type: 'civetweb' + ceph_rgw_civetweb_bind_address: {get_param: [ServiceNetMap, CephRgwNetwork]} + ceph::profile::params::rgw_frontends: + list_join: + - '' + - - 'civetweb port=' + - '%{hiera("ceph_rgw_civetweb_bind_address")}' + - ':' + - {get_param: [EndpointMap, CephRgwInternal, port]} + tripleo.ceph_rgw.firewall_rules: + '122 ceph rgw': + dport: {get_param: [EndpointMap, CephRgwInternal, port]} + ceph::rgw::keystone::auth::public_url: {get_param: [EndpointMap, CephRgwPublic, uri]} + ceph::rgw::keystone::auth::internal_url: {get_param: [EndpointMap, CephRgwInternal, uri]} + ceph::rgw::keystone::auth::admin_url: {get_param: [EndpointMap, CephRgwAdmin, uri]} + ceph::rgw::keystone::auth::password: {get_param: SwiftPassword} + ceph::rgw::keystone::auth::region: {get_param: KeystoneRegion} + ceph::rgw::keystone::auth::tenant: 'service' + step_config: | + include ::tripleo::profile::base::ceph::rgw diff --git a/puppet/services/keystone.yaml b/puppet/services/keystone.yaml index 79033047..b321ecbe 100644 --- a/puppet/services/keystone.yaml +++ b/puppet/services/keystone.yaml @@ -87,6 +87,12 @@ parameters: MonitoringSubscriptionKeystone: default: 'overcloud-kestone' type: string + KeystoneCredential0: + type: string + description: The first Keystone credential key. Must be a valid key. + KeystoneCredential1: + type: string + description: The second Keystone credential key. Must be a valid key. resources: @@ -121,6 +127,12 @@ outputs: keystone_ssl_certificate: {get_param: KeystoneSSLCertificate} keystone_ssl_certificate_key: {get_param: KeystoneSSLCertificateKey} keystone::enable_proxy_headers_parsing: true + keystone::enable_credential_setup: true + keystone::credential_keys: + '/etc/keystone/credential-keys/0': + content: {get_param: KeystoneCredential0} + '/etc/keystone/credential-keys/1': + content: {get_param: KeystoneCredential1} keystone::debug: {get_param: Debug} keystone::db::mysql::password: {get_param: AdminToken} keystone::rabbit_userid: {get_param: RabbitUserName} diff --git a/puppet/services/manila-api.yaml b/puppet/services/manila-api.yaml index 2e43730d..1513ab31 100644 --- a/puppet/services/manila-api.yaml +++ b/puppet/services/manila-api.yaml @@ -66,6 +66,7 @@ outputs: # internal_api_uri -> [IP] # internal_api_subnet - > IP/CIDR manila::api::bind_host: {get_param: [ServiceNetMap, ManilaApiNetwork]} + manila::api::enable_proxy_headers_parsing: true step_config: | include ::tripleo::profile::base::manila::api diff --git a/puppet/services/network/contrail-analytics.yaml b/puppet/services/network/contrail-analytics.yaml new file mode 100644 index 00000000..1c2331fa --- /dev/null +++ b/puppet/services/network/contrail-analytics.yaml @@ -0,0 +1,90 @@ +heat_template_version: 2016-04-08 + +description: > + Contrail Analytics service deployment using puppet, this YAML file + creates the interface between the HOT template + and the puppet manifest that actually installs + and configures Contrail Analytics. + +parameters: + ServiceNetMap: + default: {} + description: Mapping of service_name -> network name. Typically set + via parameter_defaults in the resource registry. This + mapping overrides those in ServiceNetMapDefaults. + type: json + DefaultPasswords: + default: {} + type: json + EndpointMap: + default: {} + description: Mapping of service endpoint -> protocol. Typically set + via parameter_defaults in the resource registry. + type: json + ContrailAnalyticsHostIP: + description: host IP address of Analytics + type: string + ContrailAnalyticsRedisServerIp: + description: Redis server ip address + type: string + ContrailAnalyticsCollectorServerHttpPort: + description: Collector http port + type: number + default: 8089 + ContrailAnalyticsCollectorSandeshPort: + description: Collector sandesh port + type: number + default: 8086 + ContrailAnalyticsHttpServerPort: + description: Analytics http port + type: number + default: 8090 + ContrailAnalyticsListenAddress: + default: '0.0.0.0' + description: IP address Config API is listening on + type: string + ContrailAnalyticsListenPort: + default: 8082 + description: Port Config API is listening on + type: number + ContrailAnalyticsRedisServerPort: + description: Redis server port + type: number + default: 6379 + ContrailAnalyticsRestApiIp: + description: IP address Analytics rest interface listens on + type: string + default: '0.0.0.0' + ContrailAnalyticsRestApiPort: + description: Analytics rest port + type: number + default: 8081 + +resources: + ContrailBase: + type: ./contrail-base.yaml + properties: + ServiceNetMap: {get_param: ServiceNetMap} + DefaultPasswords: {get_param: DefaultPasswords} + EndpointMap: {get_param: EndpointMap} + +outputs: + role_data: + description: Role Contrail Analytics using composable services. + value: + service_name: contrail_analytics + config_settings: + map_merge: + - get_attr: [ContrailBase, role_data, config_settings] + - contrail::analytics::collector_http_server_port: {get_param: ContrailAnalyticsCollectorServerHttpPort} + contrail::analytics::collector_sandesh_port: {get_param: ContrailAnalyticsCollectorSandeshPort} + contrail::analytics::host_ip: {get_param: ContrailAnalyticsHostIP} + contrail::analytics::http_server_port: {get_param: ContrailAnalyticsHttpServerPort} + contrail::analytics::listen_ip_address: {get_param: ContrailAnalyticsListenAddress} + contrail::analytics::listen_port: {get_param: ContrailAnalyticsListenPort} + contrail::analytics::redis_server: {get_param: ContrailAnalyticsRedisServerIp} + contrail::analytics::redis_server_port: {get_param: ContrailAnalyticsRedisServerPort} + contrail::analytics::rest_api_ip: {get_param: ContrailAnalyticsRestApiIp} + contrail::analytics::rest_api_port: {get_param: ContrailAnalyticsRestApiPort} + step_config: | + include ::tripleo::network::contrail::analytics diff --git a/puppet/services/network/contrail-base.yaml b/puppet/services/network/contrail-base.yaml new file mode 100644 index 00000000..03dbea5b --- /dev/null +++ b/puppet/services/network/contrail-base.yaml @@ -0,0 +1,100 @@ +heat_template_version: 2016-04-08 + +description: > + Base parameters for all Contrail Services. + +parameters: + ServiceNetMap: + default: {} + description: Mapping of service_name -> network name. Typically set + via parameter_defaults in the resource registry. This + mapping overrides those in ServiceNetMapDefaults. + type: json + DefaultPasswords: + default: {} + type: json + EndpointMap: + default: {} + description: Mapping of service endpoint -> protocol. Typically set + via parameter_defaults in the resource registry. + type: json + AdminPassword: + description: Keystone admin user password + type: string + AdminTenantName: + description: Keystone admin tenant name + type: string + AdminToken: + description: Keystone admin token + type: string + AdminUser: + description: Keystone admin user name + type: string + AuthHost: + description: Keystone host IP address + type: string + AuthPort: + default: 35357 + description: Keystone port + type: number + AuthProtocol: + default: 'http' + description: Keystone authentication protocol + type: string + ContrailDiscoveryServerIp: + description: Discovery server ip address + type: string + ContrailKafkaBrokerList: + description: List of kafka servers + type: comma_delimited_list + ContrailAuth: + default: 'keystone' + description: Keystone authentication method + type: string + ContrailCassandraServerList: + default: [] + description: List of cassandra servers + type: comma_delimited_list + ContrailDiscoveryServerPort: + description: Discovery server port + type: number + default: 5998 + ContrailInsecure: + default: false + description: Keystone insecure mode + type: boolean + ContrailMemcachedServer: + default: '127.0.0.1:12111' + description: Memcached server + type: string + ContrailMultiTenancy: + default: true + description: Turn on/off multi-tenancy + type: boolean + ContrailZkServerIp: + default: [] + description: List of zookeeper servers + type: comma_delimited_list + +outputs: + role_data: + description: Shared role data for the Contrail services. + value: + service_name: contrail_base + config_settings: + contrail::admin_password: {get_param: AdminPassword} + contrail::admin_tenant_name: {get_param: AdminTenantName} + contrail::admin_token: {get_param: AdminToken} + contrail::admin_user: {get_param: AdminUser} + contrail::auth_host: {get_param: [EndpointMap, KeystoneInternal, host] } + contrail::auth_port: {get_param: [EndpointMap, KeystoneInternal, port] } + contrail::auth_protocol: {get_param: [EndpointMap, KeystoneInternal, protocol] } + contrail::disc_server_ip: {get_param: ContrailDiscoveryServerIp} + contrail::kafka_broker_list: {get_param: ContrailKafkaBrokerList} + contrail::auth: {get_param: ContrailAuth} + contrail::cassandra_server_list: {get_param: ContrailCassandraServerList} + contrail::disc_server_port: {get_param: ContrailDiscoveryServerPort} + contrail::insecure: {get_param: ContrailInsecure} + contrail::memcached_server: {get_param: ContrailMemcachedServer} + contrail::multi_tenancy: {get_param: ContrailMultiTenancy} + contrail::zk_server_ip: {get_param: ContrailZkServerIp} diff --git a/puppet/services/network/contrail-config.yaml b/puppet/services/network/contrail-config.yaml new file mode 100644 index 00000000..0987fc75 --- /dev/null +++ b/puppet/services/network/contrail-config.yaml @@ -0,0 +1,72 @@ +heat_template_version: 2016-04-08 + +description: > + Contrail Config service deployment using puppet, this YAML file + creates the interface between the HOT template + and the puppet manifest that actually installs + and configures Contrail Config. + +parameters: + ServiceNetMap: + default: {} + description: Mapping of service_name -> network name. Typically set + via parameter_defaults in the resource registry. This + mapping overrides those in ServiceNetMapDefaults. + type: json + DefaultPasswords: + default: {} + type: json + EndpointMap: + default: {} + description: Mapping of service endpoint -> protocol. Typically set + via parameter_defaults in the resource registry. + type: json + ContrailConfigIfmapServerIp: + description: Ifmap server ip address + type: string + ContrailConfigIfmapUserName: + description: Ifmap user name + type: string + ContrailConfigIfmapUserPassword: + description: Ifmap user password + type: string + ContrailConfigRabbitServerIp: + description: RabbitMq server ip address + type: string + ContrailConfigRedisServerIp: + description: Redis server ip address + type: string + ContrailConfigListenAddress: + default: '0.0.0.0' + description: IP address Config API is listening on + type: string + ContrailConfigListenPort: + default: 8082 + description: Port Config API is listening on + type: number + +resources: + ContrailBase: + type: ./contrail-base.yaml + properties: + ServiceNetMap: {get_param: ServiceNetMap} + DefaultPasswords: {get_param: DefaultPasswords} + EndpointMap: {get_param: EndpointMap} + +outputs: + role_data: + description: Role Contrail Config using composable services. + value: + service_name: contrail_config + config_settings: + map_merge: + - get_attr: [ContrailBase, role_data, config_settings] + - contrail::config::ifmap_password: {get_param: ContrailConfigIfmapUserPassword} + contrail::config::ifmap_server_ip: {get_param: ContrailConfigIfmapServerIp} + contrail::config::ifmap_username: {get_param: ContrailConfigIfmapUserName} + contrail::config::listen_ip_address: {get_param: ContrailConfigListenAddress} + contrail::config::listen_port: {get_param: ContrailConfigListenPort} + contrail::config::rabbit_server: {get_param: ContrailConfigRabbitServerIp} + contrail::config::redis_server: {get_param: ContrailConfigRedisServerIp} + step_config: | + include ::tripleo::network::contrail::config diff --git a/puppet/services/network/contrail-control.yaml b/puppet/services/network/contrail-control.yaml new file mode 100644 index 00000000..9356e9e9 --- /dev/null +++ b/puppet/services/network/contrail-control.yaml @@ -0,0 +1,54 @@ +heat_template_version: 2016-04-08 + +description: > + Contrail Control service deployment using puppet, this YAML file + creates the interface between the HOT template + and the puppet manifest that actually installs + and configures Contrail Control. + +parameters: + ServiceNetMap: + default: {} + description: Mapping of service_name -> network name. Typically set + via parameter_defaults in the resource registry. This + mapping overrides those in ServiceNetMapDefaults. + type: json + DefaultPasswords: + default: {} + type: json + EndpointMap: + default: {} + description: Mapping of service endpoint -> protocol. Typically set + via parameter_defaults in the resource registry. + type: json + ContrailControlHostIP: + description: host IP address of Analytics + type: string + ContrailControlIfmapUserName: + description: Ifmap user name + type: string + ContrailControlIfmapUserPassword: + description: Ifmap user password + type: string + +resources: + ContrailBase: + type: ./contrail-base.yaml + properties: + ServiceNetMap: {get_param: ServiceNetMap} + DefaultPasswords: {get_param: DefaultPasswords} + EndpointMap: {get_param: EndpointMap} + +outputs: + role_data: + description: Role Contrail Control using composable services. + value: + service_name: contrail_control + config_settings: + map_merge: + - get_attr: [ContrailBase, role_data, config_settings] + - contrail::control::host_ip: {get_param: ContrailControlHostIP} + contrail::control::ifmap_username: {get_param: ContrailControlIfmapUserName} + contrail::control::ifmap_password: {get_param: ContrailControlIfmapUserPassword} + step_config: | + include ::tripleo::network::contrail::control diff --git a/puppet/services/network/contrail-database.yaml b/puppet/services/network/contrail-database.yaml new file mode 100644 index 00000000..e5712618 --- /dev/null +++ b/puppet/services/network/contrail-database.yaml @@ -0,0 +1,51 @@ +heat_template_version: 2016-04-08 + +description: > + Contrail Database service deployment using puppet, this YAML file + creates the interface between the HOT template + and the puppet manifest that actually installs + and configures Contrail Database. + +parameters: + ServiceNetMap: + default: {} + description: Mapping of service_name -> network name. Typically set + via parameter_defaults in the resource registry. This + mapping overrides those in ServiceNetMapDefaults. + type: json + DefaultPasswords: + default: {} + type: json + EndpointMap: + default: {} + description: Mapping of service endpoint -> protocol. Typically set + via parameter_defaults in the resource registry. + type: json + ContrailDatabaseHostIP: + description: host IP address of Database node + type: string + ContrailDatabaseMinDisk: + description: Minimum disk size for database + type: number + default: 64 + +resources: + ContrailBase: + type: ./contrail-base.yaml + properties: + ServiceNetMap: {get_param: ServiceNetMap} + DefaultPasswords: {get_param: DefaultPasswords} + EndpointMap: {get_param: EndpointMap} + +outputs: + role_data: + description: Role Contrail Database using composable services. + value: + service_name: contrail_database + config_settings: + map_merge: + - get_attr: [ContrailBase, role_data, config_settings] + - contrail::database::host_ip: {get_param: ContrailDatabaseHostIP} + contrail::database::minimum_diskGB: {get_param: ContrailDatabaseMinDisk} + step_config: | + include ::tripleo::profile::contrail::database diff --git a/puppet/services/network/contrail-webui.yaml b/puppet/services/network/contrail-webui.yaml new file mode 100644 index 00000000..72b9e1c0 --- /dev/null +++ b/puppet/services/network/contrail-webui.yaml @@ -0,0 +1,69 @@ +heat_template_version: 2016-04-08 + +description: > + Contrail WebUI service deployment using puppet, this YAML file + creates the interface between the HOT template + and the puppet manifest that actually installs + and configures Contrail WebUI. + +parameters: + ServiceNetMap: + default: {} + description: Mapping of service_name -> network name. Typically set + via parameter_defaults in the resource registry. This + mapping overrides those in ServiceNetMapDefaults. + type: json + DefaultPasswords: + default: {} + type: json + EndpointMap: + default: {} + description: Mapping of service endpoint -> protocol. Typically set + via parameter_defaults in the resource registry. + type: json + ContrailWebUiAnalyticsVip: + description: Contrail Analytics VIP + type: string + ContrailWebUiConfigVip: + description: Contrail Config VIP + type: string + ContrailWebUiNeutronVip: + description: Neutron VIP + type: string + ContrailWebuiHttpPort: + default: 8080 + description: HTTP Port of Webui + type: number + ContrailWebuiHttpsPort: + default: 8143 + description: HTTPS Port of Webui + type: number + ContrailWebUiRedisIp: + description: Redis IP + type: string + default: '127.0.0.1' + +resources: + ContrailBase: + type: ./contrail-base.yaml + properties: + ServiceNetMap: {get_param: ServiceNetMap} + DefaultPasswords: {get_param: DefaultPasswords} + EndpointMap: {get_param: EndpointMap} + +outputs: + role_data: + description: Role Contrail WebUI using composable services. + value: + service_name: contrail_webui + config_settings: + map_merge: + - get_attr: [ContrailBase, role_data, config_settings] + - contrail::webui::contrail_analytics_vip: {get_param: ContrailWebUiAnalyticsVip} + contrail::webui::contrail_config_vip: {get_param: ContrailWebUiConfigVip} + contrail::webui::contrail_webui_http_port: {get_param: ContrailWebuiHttpPort} + contrail::webui::contrail_webui_https_port: {get_param: ContrailWebuiHttpsPort} + contrail::webui::neutron_vip: {get_param: ContrailWebUiNeutronVip} + contrail::webui::redis_ip: {get_param: ContrailWebUiRedisIp} + step_config: | + include ::tripleo::network::contrail::webui diff --git a/puppet/services/neutron-api.yaml b/puppet/services/neutron-api.yaml index 72ae7d9c..e4ca489a 100644 --- a/puppet/services/neutron-api.yaml +++ b/puppet/services/neutron-api.yaml @@ -75,7 +75,7 @@ outputs: config_settings: map_merge: - get_attr: [NeutronBase, role_data, config_settings] - neutron::server::database_connection: + - neutron::server::database_connection: list_join: - '' - - {get_param: [EndpointMap, MysqlInternal, protocol]} diff --git a/puppet/services/neutron-base.yaml b/puppet/services/neutron-base.yaml index 4eb417c0..32d50d41 100644 --- a/puppet/services/neutron-base.yaml +++ b/puppet/services/neutron-base.yaml @@ -50,13 +50,16 @@ parameters: to false may result in configuration remnants after updates/upgrades. NeutronGlobalPhysnetMtu: type: number - default: 1500 + default: 1496 description: | MTU of the underlying physical network. Neutron uses this value to calculate MTU for all virtual network components. For flat and VLAN networks, neutron uses this value without modification. For overlay networks such as VXLAN, neutron automatically subtracts the overlay - protocol overhead from this value. + protocol overhead from this value. The default value of 1496 is + currently in effect to compensate for some additional overhead when + deploying with some network configurations (e.g. network isolation over + single network interfaces) ServiceNetMap: default: {} description: Mapping of service_name -> network name. Typically set diff --git a/puppet/services/neutron-ovs-agent.yaml b/puppet/services/neutron-ovs-agent.yaml index 36b609fc..ade322ed 100644 --- a/puppet/services/neutron-ovs-agent.yaml +++ b/puppet/services/neutron-ovs-agent.yaml @@ -56,6 +56,14 @@ parameters: MonitoringSubscriptionNeutronOvs: default: 'overcloud-neutron-ovs-agent' type: string + NeutronOVSFirewallDriver: + default: '' + description: | + Configure the classname of the firewall driver to use for implementing + security groups. Possible values depend on system configuration. Some + examples are: noop, openvswitch, iptables_hybrid. The default value of an + empty string will result in a default supported configuration. + type: string resources: @@ -75,7 +83,7 @@ outputs: config_settings: map_merge: - get_attr: [NeutronBase, role_data, config_settings] - neutron::agents::ml2::ovs::l2_population: {get_param: NeutronEnableL2Pop} + - neutron::agents::ml2::ovs::l2_population: {get_param: NeutronEnableL2Pop} neutron::agents::ml2::ovs::enable_distributed_routing: {get_param: NeutronEnableDVR} neutron::agents::ml2::ovs::arp_responder: {get_param: NeutronEnableARPResponder} neutron::agents::ml2::ovs::bridge_mappings: @@ -100,5 +108,6 @@ outputs: # internal_api_uri -> [IP] # internal_api_subnet - > IP/CIDR neutron::agents::ml2::ovs::local_ip: {get_param: [ServiceNetMap, NeutronTenantNetwork]} + neutron::agents::ml2::ovs::firewall_driver: {get_param: NeutronOVSFirewallDriver} step_config: | include ::tripleo::profile::base::neutron::ovs diff --git a/puppet/services/neutron-ovs-dpdk-agent.yaml b/puppet/services/neutron-ovs-dpdk-agent.yaml index 8ee98a3d..cc772c9d 100644 --- a/puppet/services/neutron-ovs-dpdk-agent.yaml +++ b/puppet/services/neutron-ovs-dpdk-agent.yaml @@ -65,7 +65,7 @@ outputs: config_settings: map_merge: - get_attr: [NeutronOvsAgent, role_data, config_settings] - neutron::agents::ml2::ovs::enable_dpdk: true + - neutron::agents::ml2::ovs::enable_dpdk: true neutron::agents::ml2::ovs::datapath_type: {get_param: NeutronDatapathType} neutron::agents::ml2::ovs::vhostuser_socket_dir: {get_param: NeutronVhostuserSocketDir} vswitch::dpdk::core_list: {get_param: NeutronDpdkCoreList} diff --git a/puppet/services/neutron-plugin-ml2.yaml b/puppet/services/neutron-plugin-ml2.yaml index 5dbae3dc..17e8bca1 100644 --- a/puppet/services/neutron-plugin-ml2.yaml +++ b/puppet/services/neutron-plugin-ml2.yaml @@ -33,7 +33,7 @@ parameters: default: 'datacentre' description: If set, flat networks to configure in neutron plugins. NeutronPluginExtensions: - default: "qos,port_security" + default: "qos,port_security,trunk" description: | Comma-separated list of extensions enabled for the Neutron plugin. type: comma_delimited_list diff --git a/puppet/services/neutron-sriov-agent.yaml b/puppet/services/neutron-sriov-agent.yaml index b9a93394..44f7f242 100644 --- a/puppet/services/neutron-sriov-agent.yaml +++ b/puppet/services/neutron-sriov-agent.yaml @@ -14,6 +14,11 @@ parameters: DefaultPasswords: default: {} type: json + EndpointMap: + default: {} + description: Mapping of service endpoint -> protocol. Typically set + via parameter_defaults in the resource registry. + type: json NeutronPhysicalDevMappings: description: > List of <physical_network>:<physical device> @@ -39,11 +44,15 @@ parameters: Example "eth1:4096","eth2:128" type: comma_delimited_list default: "" - EndpointMap: - default: {} - description: Mapping of service endpoint -> protocol. Typically set - via parameter_defaults in the resource registry. - type: json + +resources: + + NeutronBase: + type: ./neutron-base.yaml + properties: + ServiceNetMap: {get_param: ServiceNetMap} + DefaultPasswords: {get_param: DefaultPasswords} + EndpointMap: {get_param: EndpointMap} outputs: role_data: @@ -51,8 +60,10 @@ outputs: value: service_name: neutron_sriov_agent config_settings: - neutron::agents::ml2::sriov::physical_device_mappings: {get_param: NeutronPhysicalDevMappings} - neutron::agents::ml2::sriov::exclude_devices: {get_param: NeutronExcludeDevices} - tripleo::host::sriov::number_of_vfs: {get_param: NeutronSriovNumVFs} + map_merge: + - get_attr: [NeutronBase, role_data, config_settings] + - neutron::agents::ml2::sriov::physical_device_mappings: {get_param: NeutronPhysicalDevMappings} + neutron::agents::ml2::sriov::exclude_devices: {get_param: NeutronExcludeDevices} + tripleo::host::sriov::number_of_vfs: {get_param: NeutronSriovNumVFs} step_config: | include ::tripleo::profile::base::neutron::sriov diff --git a/puppet/services/nova-compute.yaml b/puppet/services/nova-compute.yaml index ccdcb52f..d1d7ae60 100644 --- a/puppet/services/nova-compute.yaml +++ b/puppet/services/nova-compute.yaml @@ -128,7 +128,7 @@ outputs: # internal_api_uri -> [IP] # internal_api_subnet - > IP/CIDR nova::compute::vncserver_proxyclient_address: {get_param: [ServiceNetMap, NovaVncProxyNetwork]} - nova::compute::vncproxy_host: {get_param: [EndpointMap, NovaPublic, host]} + nova::compute::vncproxy_host: {get_param: [EndpointMap, NovaPublic, host_nobrackets]} step_config: | # TODO(emilien): figure how to deal with libvirt profile. # We'll probably treat it like we do with Neutron plugins. diff --git a/puppet/services/nova-vncproxy.yaml b/puppet/services/nova-vnc-proxy.yaml index ce15fccc..899fa353 100644 --- a/puppet/services/nova-vncproxy.yaml +++ b/puppet/services/nova-vnc-proxy.yaml @@ -34,21 +34,14 @@ outputs: role_data: description: Role data for the Nova Vncproxy service. value: - service_name: nova_vncproxy + service_name: nova_vnc_proxy monitoring_subscription: {get_param: MonitoringSubscriptionNovaVNCProxy} config_settings: map_merge: - get_attr: [NovaBase, role_data, config_settings] - nova::vncproxy::enabled: true nova::vncproxy::common::vncproxy_protocol: {get_param: [EndpointMap, NovaVNCProxyPublic, protocol]} - # Remove brackets that may come if the IP address is IPv6. - # For DNS names and IPv4, this will just get NovaVNCProxyPublic - nova::vncproxy::common::vncproxy_host: - str_replace: - template: {get_param: [EndpointMap, NovaVNCProxyPublic, host]} - params: - '[': '' - ']': '' + nova::vncproxy::common::vncproxy_host: {get_param: [EndpointMap, NovaVNCProxyPublic, host_nobrackets]} nova::vncproxy::common::vncproxy_port: {get_param: [EndpointMap, NovaVNCProxyPublic, port]} # NOTE: bind IP is found in Heat replacing the network name with the local node IP # for the given network; replacement examples (eg. for internal_api): diff --git a/puppet/services/pacemaker/nova-vncproxy.yaml b/puppet/services/pacemaker/nova-vnc-proxy.yaml index 0ec5de68..d0c4f1d0 100644 --- a/puppet/services/pacemaker/nova-vncproxy.yaml +++ b/puppet/services/pacemaker/nova-vnc-proxy.yaml @@ -22,7 +22,7 @@ parameters: resources: NovaVncproxyBase: - type: ../nova-vncproxy.yaml + type: ../nova-vnc-proxy.yaml properties: ServiceNetMap: {get_param: ServiceNetMap} DefaultPasswords: {get_param: DefaultPasswords} @@ -32,7 +32,7 @@ outputs: role_data: description: Role data for the Nova Vncproxy role. value: - service_name: nova_vncproxy + service_name: nova_vnc_proxy monitoring_subscription: {get_attr: [NovaVncproxyBase, role_data, monitoring_subscription]} config_settings: map_merge: diff --git a/puppet/services/services.yaml b/puppet/services/services.yaml index 669e2872..b54a6d7a 100644 --- a/puppet/services/services.yaml +++ b/puppet/services/services.yaml @@ -54,4 +54,9 @@ outputs: expression: list($.data.subscriptions.where($ != null)) data: {subscriptions: {get_attr: [ServiceChain, role_data, monitoring_subscription]}} config_settings: {map_merge: {get_attr: [ServiceChain, role_data, config_settings]}} + global_config_settings: + map_merge: + yaql: + expression: list($.data.configs.where($ != null)) + data: {configs: {get_attr: [ServiceChain, role_data, global_config_settings]}} step_config: {list_join: ["\n", {get_attr: [ServiceChain, role_data, step_config]}]} diff --git a/puppet/services/swift-ringbuilder.yaml b/puppet/services/swift-ringbuilder.yaml index f41228e7..e151d185 100644 --- a/puppet/services/swift-ringbuilder.yaml +++ b/puppet/services/swift-ringbuilder.yaml @@ -1,4 +1,4 @@ -heat_template_version: 2016-04-08 +heat_template_version: 2016-10-14 description: > OpenStack Swift Ringbuilder @@ -34,6 +34,11 @@ parameters: type: number default: 3 description: How many replicas to use in the swift rings. + SwiftRawDisks: + default: {} + description: 'A hash of additional raw devices to use as Swift backend (eg. {sdb: {}})' + type: json + outputs: role_data: @@ -43,6 +48,17 @@ outputs: config_settings: tripleo::profile::base::swift::ringbuilder::build_ring: {get_param: SwiftRingBuild} tripleo::profile::base::swift::ringbuilder::replicas: {get_param: SwiftReplicas} + tripleo::profile::base::swift::ringbuilder::raw_disk_prefix: 'r1z1-' + tripleo::profile::base::swift::ringbuilder::raw_disks: + yaql: + expression: $.data.raw_disk_lists.flatten() + data: + raw_disk_lists: + - [':%PORT%/d1'] + - repeat: + template: ':%PORT%/DEVICE' + for_each: + DEVICE: {get_param: SwiftRawDisks} swift::ringbuilder::part_power: {get_param: SwiftPartPower} swift::ringbuilder::min_part_hours: {get_param: SwiftMinPartHours} step_config: | diff --git a/puppet/services/swift-storage.yaml b/puppet/services/swift-storage.yaml index 91d52569..7fbb8d90 100644 --- a/puppet/services/swift-storage.yaml +++ b/puppet/services/swift-storage.yaml @@ -87,6 +87,6 @@ outputs: - healthcheck - account-server swift::storage::disks: {get_param: SwiftRawDisks} - swift::storage::all::storage_local_net_ip: {get_param: [ServiceNetMap, SwiftMgmtNetwork]} + swift::storage::all::storage_local_net_ip: {get_param: [ServiceNetMap, SwiftStorageNetwork]} step_config: | include ::tripleo::profile::base::swift::storage diff --git a/puppet/services/vip-hosts.yaml b/puppet/services/vip-hosts.yaml index 445a276c..a9d757ee 100644 --- a/puppet/services/vip-hosts.yaml +++ b/puppet/services/vip-hosts.yaml @@ -47,10 +47,10 @@ outputs: ip: "%{hiera('storage_mgmt_virtual_ip')}" ensure: present comment: FQDN of the storage mgmt VIP - management: - name: "%{hiera('cloud_name_management')}" + ctlplane: + name: "%{hiera('cloud_name_ctlplane')}" ip: "%{hiera('controller_virtual_ip')}" ensure: present - comment: FQDN of the management VIP + comment: FQDN of the ctlplane VIP step_config: | include ::tripleo::vip_hosts diff --git a/puppet/swift-devices-and-proxy-config.yaml b/puppet/swift-devices-and-proxy-config.yaml deleted file mode 100644 index afee4dac..00000000 --- a/puppet/swift-devices-and-proxy-config.yaml +++ /dev/null @@ -1,35 +0,0 @@ -heat_template_version: 2015-04-30 -description: 'Swift Devices and Proxy Config for Puppet' - -parameters: - controller_swift_devices: - type: comma_delimited_list - object_store_swift_devices: - type: comma_delimited_list - -resources: - - SwiftDevicesAndProxyConfigImpl: - type: OS::Heat::StructuredConfig - properties: - group: os-apply-config - config: - hiera: - datafiles: - swift_devices_and_proxy: - mapped_data: - tripleo::profile::base::swift::ringbuilder::devices: - list_join: - - ", " - - - list_join: - - ", " - - {get_param: controller_swift_devices} - - list_join: - - ", " - - {get_param: object_store_swift_devices} - -outputs: - config_id: - description: The ID of the SwiftDevicesAndProxyConfigImpl resource. - value: - {get_resource: SwiftDevicesAndProxyConfigImpl} diff --git a/puppet/swift-storage-post.yaml b/puppet/swift-storage-post.yaml deleted file mode 100644 index ebc54ab0..00000000 --- a/puppet/swift-storage-post.yaml +++ /dev/null @@ -1,91 +0,0 @@ -heat_template_version: 2015-04-30 -description: 'OpenStack swift storage node post deployment for Puppet' - -parameters: - ConfigDebug: - default: false - description: Whether to run config management (e.g. Puppet) in debug mode. - type: boolean - servers: - type: json - RoleData: - type: json - default: {} - DeployIdentifier: - type: string - default: '' - description: Value which changes if the node configuration may need to be re-applied - -resources: - - StorageArtifactsConfig: - type: deploy-artifacts.yaml - - StorageArtifactsDeploy: - type: OS::Heat::StructuredDeployments - properties: - servers: {get_param: servers} - config: {get_resource: StorageArtifactsConfig} - input_values: - update_identifier: {get_param: DeployIdentifier} - - StoragePuppetConfig: - type: OS::Heat::SoftwareConfig - properties: - group: puppet - options: - enable_debug: {get_param: ConfigDebug} - enable_hiera: True - enable_facter: False - modulepath: /etc/puppet/modules:/opt/stack/puppet-modules:/usr/share/openstack-puppet/modules - inputs: - - name: step - outputs: - - name: result - config: - list_join: - - '' - - - get_file: manifests/overcloud_object.pp - - {get_param: [RoleData, step_config]} - - StorageRingbuilderDeployment_Step2: - type: OS::Heat::StructuredDeployments - depends_on: StorageArtifactsDeploy - properties: - name: StorageRingbuilderDeployment_Step2 - servers: {get_param: servers} - config: {get_resource: StoragePuppetConfig} - input_values: - step: 2 - update_identifier: {get_param: DeployIdentifier} - - StorageRingbuilderDeployment_Step3: - type: OS::Heat::StructuredDeployments - depends_on: StorageRingbuilderDeployment_Step2 - properties: - name: StorageRingbuilderDeployment_Step3 - servers: {get_param: servers} - config: {get_resource: StoragePuppetConfig} - input_values: - step: 3 - update_identifier: {get_param: DeployIdentifier} - - StorageDeployment_Step4: - type: OS::Heat::StructuredDeployments - depends_on: StorageRingbuilderDeployment_Step3 - properties: - name: StorageDeployment_Step4 - servers: {get_param: servers} - config: {get_resource: StoragePuppetConfig} - input_values: - step: 4 - update_identifier: {get_param: DeployIdentifier} - - # Note, this should come last, so use depends_on to ensure - # this is created after any other resources. - ExtraConfig: - depends_on: StorageDeployment_Step4 - type: OS::TripleO::NodeExtraConfigPost - properties: - servers: {get_param: servers} - diff --git a/puppet/swift-storage.yaml b/puppet/swift-storage.yaml index d8e49cac..9eb66314 100644 --- a/puppet/swift-storage.yaml +++ b/puppet/swift-storage.yaml @@ -27,6 +27,11 @@ parameters: description: Mapping of service_name -> network name. Typically set via parameter_defaults in the resource registry. type: json + EndpointMap: + default: {} + description: Mapping of service endpoint -> protocol. Typically set + via parameter_defaults in the resource registry. + type: json Hostname: type: string default: '' # Defaults to Heat created hostname @@ -91,10 +96,6 @@ parameters: type: string description: Command which will be run whenever configuration data changes default: os-refresh-config --timeout 14400 - SwiftRawDisks: - default: {} - description: 'A hash of additional raw devices to use as Swift backend (eg. {sdb: {}})' - type: json resources: @@ -237,7 +238,6 @@ resources: - service_names - service_configs - object - - swift_devices_and_proxy # provided by SwiftDevicesAndProxyConfig - bootstrap_node # provided by allNodesConfig - all_nodes # provided by allNodesConfig - vip_data # provided by allNodesConfig @@ -317,6 +317,7 @@ outputs: STORAGE_MGMTIP STORAGE_MGMTHOST.DOMAIN STORAGE_MGMTHOST TENANTIP TENANTHOST.DOMAIN TENANTHOST MANAGEMENTIP MANAGEMENTHOST.DOMAIN MANAGEMENTHOST + CTLPLANEIP CTLPLANEHOST.DOMAIN CTLPLANEHOST params: PRIMARYIP: {get_attr: [NetIpMap, net_ip_map, {get_param: [ServiceNetMap, ObjectStorageHostnameResolveNetwork]}]} DOMAIN: {get_param: CloudDomain} @@ -357,31 +358,16 @@ outputs: - '.' - - {get_attr: [SwiftStorage, name]} - management + CTLPLANEIP: {get_attr: [SwiftStorage, networks, ctlplane, 0]} + CTLPLANEHOST: + list_join: + - '.' + - - {get_attr: [SwiftStorage, name]} + - ctlplane nova_server_resource: description: Heat resource handle for the swift storage server value: {get_resource: SwiftStorage} - swift_device: - description: Swift device formatted for swift-ring-builder - value: - str_replace: - template: - list_join: - - ',' - - ['r1z1-IP:%PORT%/d1'] - - repeat: - template: 'r1z1-IP:%PORT%/DEVICE' - for_each: - DEVICE: {get_param: SwiftRawDisks} - params: - IP: - get_attr: - - NetIpMap - - net_ip_map - - str_replace: - template: "NETWORK_uri" - params: - NETWORK: {get_param: [ServiceNetMap, SwiftMgmtNetwork]} external_ip_address: description: IP address of the server in the external network value: {get_attr: [ExternalPort, ip_address]} |