diff options
Diffstat (limited to 'puppet')
| -rw-r--r-- | puppet/blockstorage-role.yaml | 1 | ||||
| -rw-r--r-- | puppet/cephstorage-role.yaml | 1 | ||||
| -rw-r--r-- | puppet/compute-role.yaml | 1 | ||||
| -rw-r--r-- | puppet/controller-role.yaml | 5 | ||||
| -rw-r--r-- | puppet/post-upgrade.j2.yaml | 7 | ||||
| -rw-r--r-- | puppet/role.role.j2.yaml | 312 | ||||
| -rw-r--r-- | puppet/services/ceph-base.yaml | 24 | ||||
| -rw-r--r-- | puppet/services/ceph-external.yaml | 24 | ||||
| -rw-r--r-- | puppet/services/disabled/ceilometer-api-disabled.yaml | 41 | ||||
| -rw-r--r-- | puppet/services/disabled/ceilometer-expirer-disabled.yaml | 3 | ||||
| -rw-r--r-- | puppet/services/glance-api.yaml | 13 | ||||
| -rw-r--r-- | puppet/services/neutron-lbaas.yaml | 70 | ||||
| -rw-r--r-- | puppet/services/nova-api.yaml | 222 | ||||
| -rw-r--r-- | puppet/services/nova-compute.yaml | 15 | ||||
| -rw-r--r-- | puppet/services/nova-conductor.yaml | 2 | ||||
| -rw-r--r-- | puppet/services/nova-metadata.yaml | 2 | ||||
| -rw-r--r-- | puppet/services/nova-placement.yaml | 2 |
17 files changed, 370 insertions, 375 deletions
diff --git a/puppet/blockstorage-role.yaml b/puppet/blockstorage-role.yaml index 612a4a01..f28f606f 100644 --- a/puppet/blockstorage-role.yaml +++ b/puppet/blockstorage-role.yaml @@ -142,6 +142,7 @@ parameters: RoleParameters: type: json description: Role Specific Parameters + default: {} DeploymentSwiftDataMap: type: json description: | diff --git a/puppet/cephstorage-role.yaml b/puppet/cephstorage-role.yaml index e7afcb40..85b276d6 100644 --- a/puppet/cephstorage-role.yaml +++ b/puppet/cephstorage-role.yaml @@ -148,6 +148,7 @@ parameters: RoleParameters: type: json description: Role Specific Parameters + default: {} DeploymentSwiftDataMap: type: json description: | diff --git a/puppet/compute-role.yaml b/puppet/compute-role.yaml index 5a662e86..10d082cb 100644 --- a/puppet/compute-role.yaml +++ b/puppet/compute-role.yaml @@ -160,6 +160,7 @@ parameters: RoleParameters: type: json description: Role Specific Parameters + default: {} DeploymentSwiftDataMap: type: json description: | diff --git a/puppet/controller-role.yaml b/puppet/controller-role.yaml index 09e5b2b9..34e8c965 100644 --- a/puppet/controller-role.yaml +++ b/puppet/controller-role.yaml @@ -178,6 +178,7 @@ parameters: RoleParameters: type: json description: Role Specific Parameters + default: {} DeploymentSwiftDataMap: type: json description: | @@ -523,7 +524,6 @@ resources: config: {get_resource: ControllerConfig} server: {get_resource: Controller} input_values: - bootstack_nodeid: {get_attr: [Controller, name]} enable_load_balancer: {get_param: EnableLoadBalancer} enable_package_upgrade: {get_attr: [UpdateDeployment, update_managed_packages]} @@ -566,9 +566,6 @@ resources: - {get_param: ControllerExtraConfig} extraconfig: {get_param: ExtraConfig} controller: - # data supplied directly to this deployment configuration, etc - bootstack_nodeid: {get_input: bootstack_nodeid} - # Pacemaker enable_load_balancer: {get_input: enable_load_balancer} # Misc diff --git a/puppet/post-upgrade.j2.yaml b/puppet/post-upgrade.j2.yaml index c51b6e1b..bdd1e613 100644 --- a/puppet/post-upgrade.j2.yaml +++ b/puppet/post-upgrade.j2.yaml @@ -8,17 +8,20 @@ parameters: servers: type: json description: Mapping of Role name e.g Controller to a list of servers - + stack_name: + type: string + description: Name of the topmost stack role_data: type: json description: Mapping of Role name e.g Controller to the per-role data - DeployIdentifier: default: '' type: string description: > Setting this to a unique value will re-run any deployment tasks which perform configuration on a Heat stack-update. + ctlplane_service_ips: + type: json resources: # Note the include here is the same as post.j2.yaml but the data used at diff --git a/puppet/role.role.j2.yaml b/puppet/role.role.j2.yaml index b45736c1..8617307b 100644 --- a/puppet/role.role.j2.yaml +++ b/puppet/role.role.j2.yaml @@ -1,18 +1,18 @@ heat_template_version: pike -description: 'OpenStack {{role}} node configured by Puppet' +description: 'OpenStack {{role.name}} node configured by Puppet' parameters: - Overcloud{{role}}Flavor: - description: Flavor for the {{role}} node. + Overcloud{{role.name}}Flavor: + description: Flavor for the {{role.name}} node. default: baremetal type: string -{% if disable_constraints is not defined %} +{% if role.disable_constraints is not defined %} constraints: - custom_constraint: nova.flavor {% endif %} - {{role}}Image: + {{role.name}}Image: type: string default: overcloud-full -{% if disable_constraints is not defined %} +{% if role.disable_constraints is not defined %} constraints: - custom_constraint: glance.image {% endif %} @@ -24,7 +24,7 @@ parameters: description: Name of an existing Nova key pair to enable SSH access to the instances type: string default: default -{% if disable_constraints is not defined %} +{% if role.disable_constraints is not defined %} constraints: - custom_constraint: nova.keypair {% endif %} @@ -63,14 +63,14 @@ parameters: default: {} description: | Additional hiera configuration to inject into the cluster. Note - that {{role}}ExtraConfig takes precedence over ExtraConfig. + that {{role.name}}ExtraConfig takes precedence over ExtraConfig. type: json - {{role}}ExtraConfig: + {{role.name}}ExtraConfig: default: {} description: | Role specific additional hiera configuration to inject into the cluster. type: json - {{role}}IPs: + {{role.name}}IPs: default: {} type: json NetworkDeploymentActions: @@ -91,7 +91,7 @@ parameters: description: > The DNS domain used for the hosts. This must match the overcloud_domain_name configured on the undercloud. - {{role}}ServerMetadata: + {{role.name}}ServerMetadata: default: {} description: > Extra properties or metadata passed to Nova for the created nodes in @@ -106,7 +106,7 @@ parameters: the overcloud. It's accessible via the Nova metadata API. This applies to all roles and is merged with a role-specific metadata parameter. type: json - {{role}}SchedulerHints: + {{role.name}}SchedulerHints: type: json description: Optional scheduler hints to pass to nova default: {} @@ -168,6 +168,7 @@ parameters: RoleParameters: type: json description: Role Specific Parameters + default: {} DeploymentSwiftDataMap: type: json description: | @@ -202,16 +203,16 @@ conditions: - "" resources: - {{role}}: - type: OS::TripleO::{{role}}Server + {{role.name}}: + type: OS::TripleO::{{role.name}}Server metadata: os-collect-config: command: {get_param: ConfigCommand} splay: {get_param: ConfigCollectSplay} properties: - image: {get_param: {{role}}Image} + image: {get_param: {{role.name}}Image} image_update_policy: {get_param: ImageUpdatePolicy} - flavor: {get_param: Overcloud{{role}}Flavor} + flavor: {get_param: Overcloud{{role.name}}Flavor} key_name: {get_param: KeyName} networks: - network: ctlplane @@ -225,9 +226,9 @@ resources: metadata: map_merge: - {get_param: ServerMetadata} - - {get_param: {{role}}ServerMetadata} + - {get_param: {{role.name}}ServerMetadata} - {get_param: ServiceMetadataSettings} - scheduler_hints: {get_param: {{role}}SchedulerHints} + scheduler_hints: {get_param: {{role.name}}SchedulerHints} deployment_swift_data: if: - deployment_swift_data_map_unset @@ -260,83 +261,34 @@ resources: # For optional operator role-specific userdata # Should return a OS::Heat::MultipartMime reference via OS::stack_id RoleUserData: - type: OS::TripleO::{{role}}::NodeUserData - - ExternalPort: - type: OS::TripleO::{{role}}::Ports::ExternalPort - properties: - ControlPlaneIP: {get_attr: [{{role}}, networks, ctlplane, 0]} - IPPool: {get_param: {{role}}IPs} - NodeIndex: {get_param: NodeIndex} - - InternalApiPort: - type: OS::TripleO::{{role}}::Ports::InternalApiPort - properties: - ControlPlaneIP: {get_attr: [{{role}}, networks, ctlplane, 0]} - IPPool: {get_param: {{role}}IPs} - NodeIndex: {get_param: NodeIndex} - - StoragePort: - type: OS::TripleO::{{role}}::Ports::StoragePort - properties: - ControlPlaneIP: {get_attr: [{{role}}, networks, ctlplane, 0]} - IPPool: {get_param: {{role}}IPs} - NodeIndex: {get_param: NodeIndex} - - StorageMgmtPort: - type: OS::TripleO::{{role}}::Ports::StorageMgmtPort - properties: - ControlPlaneIP: {get_attr: [{{role}}, networks, ctlplane, 0]} - IPPool: {get_param: {{role}}IPs} - NodeIndex: {get_param: NodeIndex} - - TenantPort: - type: OS::TripleO::{{role}}::Ports::TenantPort - properties: - ControlPlaneIP: {get_attr: [{{role}}, networks, ctlplane, 0]} - IPPool: {get_param: {{role}}IPs} - NodeIndex: {get_param: NodeIndex} + type: OS::TripleO::{{role.name}}::NodeUserData - ManagementPort: - type: OS::TripleO::{{role}}::Ports::ManagementPort + {%- for network in networks %} + {{network.name}}Port: + type: OS::TripleO::{{role.name}}::Ports::{{network.name}}Port properties: - ControlPlaneIP: {get_attr: [{{role}}, networks, ctlplane, 0]} - IPPool: {get_param: {{role}}IPs} + ControlPlaneIP: {get_attr: [{{role.name}}, networks, ctlplane, 0]} + IPPool: {get_param: {{role.name}}IPs} NodeIndex: {get_param: NodeIndex} + {%- endfor %} NetworkConfig: - type: OS::TripleO::{{role}}::Net::SoftwareConfig + type: OS::TripleO::{{role.name}}::Net::SoftwareConfig properties: - ControlPlaneIp: {get_attr: [{{role}}, networks, ctlplane, 0]} - ExternalIpSubnet: {get_attr: [ExternalPort, ip_subnet]} - InternalApiIpSubnet: {get_attr: [InternalApiPort, ip_subnet]} - StorageIpSubnet: {get_attr: [StoragePort, ip_subnet]} - StorageMgmtIpSubnet: {get_attr: [StorageMgmtPort, ip_subnet]} - TenantIpSubnet: {get_attr: [TenantPort, ip_subnet]} - ManagementIpSubnet: {get_attr: [ManagementPort, ip_subnet]} + ControlPlaneIp: {get_attr: [{{role.name}}, networks, ctlplane, 0]} + {%- for network in networks %} + {{network.name}}IpSubnet: {get_attr: [{{network.name}}Port, ip_subnet]} + {%- endfor %} NetIpMap: type: OS::TripleO::Network::Ports::NetIpMap properties: - ControlPlaneIp: {get_attr: [{{role}}, networks, ctlplane, 0]} - ExternalIp: {get_attr: [ExternalPort, ip_address]} - ExternalIpSubnet: {get_attr: [ExternalPort, ip_subnet]} - ExternalIpUri: {get_attr: [ExternalPort, ip_address_uri]} - InternalApiIp: {get_attr: [InternalApiPort, ip_address]} - InternalApiIpSubnet: {get_attr: [InternalApiPort, ip_subnet]} - InternalApiIpUri: {get_attr: [InternalApiPort, ip_address_uri]} - StorageIp: {get_attr: [StoragePort, ip_address]} - StorageIpSubnet: {get_attr: [StoragePort, ip_subnet]} - StorageIpUri: {get_attr: [StoragePort, ip_address_uri]} - StorageMgmtIp: {get_attr: [StorageMgmtPort, ip_address]} - StorageMgmtIpSubnet: {get_attr: [StorageMgmtPort, ip_subnet]} - StorageMgmtIpUri: {get_attr: [StorageMgmtPort, ip_address_uri]} - TenantIp: {get_attr: [TenantPort, ip_address]} - TenantIpSubnet: {get_attr: [TenantPort, ip_subnet]} - TenantIpUri: {get_attr: [TenantPort, ip_address_uri]} - ManagementIp: {get_attr: [ManagementPort, ip_address]} - ManagementIpSubnet: {get_attr: [ManagementPort, ip_subnet]} - ManagementIpUri: {get_attr: [ManagementPort, ip_address_uri]} + ControlPlaneIp: {get_attr: [{{role.name}}, networks, ctlplane, 0]} + {%- for network in networks %} + {{network.name}}Ip: {get_attr: [{{network.name}}Port, ip_address]} + {{network.name}}IpSubnet: {get_attr: [{{network.name}}Port, ip_subnet]} + {{network.name}}IpUri: {get_attr: [{{network.name}}Port, ip_address_uri]} + {%- endfor %} NetHostMap: type: OS::Heat::Value @@ -347,91 +299,91 @@ resources: fqdn: list_join: - '.' - - - {get_attr: [{{role}}, name]} + - - {get_attr: [{{role.name}}, name]} - external - {get_param: CloudDomain} short: list_join: - '.' - - - {get_attr: [{{role}}, name]} + - - {get_attr: [{{role.name}}, name]} - external internal_api: fqdn: list_join: - '.' - - - {get_attr: [{{role}}, name]} + - - {get_attr: [{{role.name}}, name]} - internalapi - {get_param: CloudDomain} short: list_join: - '.' - - - {get_attr: [{{role}}, name]} + - - {get_attr: [{{role.name}}, name]} - internalapi storage: fqdn: list_join: - '.' - - - {get_attr: [{{role}}, name]} + - - {get_attr: [{{role.name}}, name]} - storage - {get_param: CloudDomain} short: list_join: - '.' - - - {get_attr: [{{role}}, name]} + - - {get_attr: [{{role.name}}, name]} - storage storage_mgmt: fqdn: list_join: - '.' - - - {get_attr: [{{role}}, name]} + - - {get_attr: [{{role.name}}, name]} - storagemgmt - {get_param: CloudDomain} short: list_join: - '.' - - - {get_attr: [{{role}}, name]} + - - {get_attr: [{{role.name}}, name]} - storagemgmt tenant: fqdn: list_join: - '.' - - - {get_attr: [{{role}}, name]} + - - {get_attr: [{{role.name}}, name]} - tenant - {get_param: CloudDomain} short: list_join: - '.' - - - {get_attr: [{{role}}, name]} + - - {get_attr: [{{role.name}}, name]} - tenant management: fqdn: list_join: - '.' - - - {get_attr: [{{role}}, name]} + - - {get_attr: [{{role.name}}, name]} - management - {get_param: CloudDomain} short: list_join: - '.' - - - {get_attr: [{{role}}, name]} + - - {get_attr: [{{role.name}}, name]} - management ctlplane: fqdn: list_join: - '.' - - - {get_attr: [{{role}}, name]} + - - {get_attr: [{{role.name}}, name]} - ctlplane - {get_param: CloudDomain} short: list_join: - '.' - - - {get_attr: [{{role}}, name]} + - - {get_attr: [{{role.name}}, name]} - ctlplane PreNetworkConfig: - type: OS::TripleO::{{role}}::PreNetworkConfig + type: OS::TripleO::{{role.name}}::PreNetworkConfig properties: - server: {get_resource: {{role}}} + server: {get_resource: {{role.name}}} RoleParameters: {get_param: RoleParameters} ServiceNames: {get_param: ServiceNames} @@ -441,7 +393,7 @@ resources: properties: name: NetworkDeployment config: {get_resource: NetworkConfig} - server: {get_resource: {{role}}} + server: {get_resource: {{role.name}}} actions: {get_param: NetworkDeploymentActions} input_values: bridge_name: {get_param: NeutronPhysicalBridge} @@ -452,7 +404,7 @@ resources: - {get_param: NetworkDeploymentActions} - [] - {{role}}UpgradeInitConfig: + {{role.name}}UpgradeInitConfig: type: OS::Heat::SoftwareConfig properties: group: script @@ -466,26 +418,26 @@ resources: # Note we may be able to make this conditional on UpgradeInitCommandNotEmpty # but https://bugs.launchpad.net/heat/+bug/1649900 needs fixing first - {{role}}UpgradeInitDeployment: + {{role.name}}UpgradeInitDeployment: type: OS::Heat::SoftwareDeployment depends_on: NetworkDeployment properties: - name: {{role}}UpgradeInitDeployment - server: {get_resource: {{role}}} - config: {get_resource: {{role}}UpgradeInitConfig} + name: {{role.name}}UpgradeInitDeployment + server: {get_resource: {{role.name}}} + config: {get_resource: {{role.name}}UpgradeInitConfig} actions: if: - server_not_blacklisted - ['CREATE', 'UPDATE'] - [] - {{role}}Deployment: + {{role.name}}Deployment: type: OS::Heat::StructuredDeployment - depends_on: {{role}}UpgradeInitDeployment + depends_on: {{role.name}}UpgradeInitDeployment properties: - name: {{role}}Deployment - config: {get_resource: {{role}}Config} - server: {get_resource: {{role}}} + name: {{role.name}}Deployment + config: {get_resource: {{role.name}}Config} + server: {get_resource: {{role.name}}} input_values: enable_package_upgrade: {get_attr: [UpdateDeployment, update_managed_packages]} actions: @@ -494,7 +446,7 @@ resources: - ['CREATE', 'UPDATE'] - [] - {{role}}Config: + {{role.name}}Config: type: OS::Heat::StructuredConfig properties: group: hiera @@ -503,11 +455,11 @@ resources: - '"%{::uuid}"' - heat_config_%{::deploy_config_name} - config_step - - {{role.lower()}}_extraconfig + - {{role.name.lower()}}_extraconfig - extraconfig - service_names - service_configs - - {{role.lower()}} + - {{role.name.lower()}} - bootstrap_node # provided by allNodesConfig - all_nodes # provided by allNodesConfig - vip_data # provided by allNodesConfig @@ -521,9 +473,9 @@ resources: map_replace: - {get_param: ServiceConfigSettings} - values: {get_attr: [NetIpMap, net_ip_map]} - {{role.lower()}}_extraconfig: {get_param: {{role}}ExtraConfig} + {{role.name.lower()}}_extraconfig: {get_param: {{role.name}}ExtraConfig} extraconfig: {get_param: ExtraConfig} - {{role.lower()}}: + {{role.name.lower()}}: tripleo::packages::enable_upgrade: {get_input: enable_package_upgrade} tripleo::profile::base::logging::fluentd::fluentd_sources: {get_param: LoggingSources} tripleo::profile::base::logging::fluentd::fluentd_groups: {get_param: LoggingGroups} @@ -537,25 +489,25 @@ resources: # Resource for site-specific injection of root certificate NodeTLSCAData: - depends_on: {{role}}Deployment + depends_on: {{role.name}}Deployment type: OS::TripleO::NodeTLSCAData properties: - server: {get_resource: {{role}}} + server: {get_resource: {{role.name}}} # Hook for site-specific additional pre-deployment config, e.g extra hieradata - {{role}}ExtraConfigPre: - depends_on: {{role}}Deployment - type: OS::TripleO::{{role}}ExtraConfigPre + {{role.name}}ExtraConfigPre: + depends_on: {{role.name}}Deployment + type: OS::TripleO::{{role.name}}ExtraConfigPre properties: - server: {get_resource: {{role}}} + server: {get_resource: {{role.name}}} # Hook for site-specific additional pre-deployment config, # applying to all nodes, e.g node registration/unregistration NodeExtraConfig: - depends_on: [{{role}}ExtraConfigPre, NodeTLSCAData] + depends_on: [{{role.name}}ExtraConfigPre, NodeTLSCAData] type: OS::TripleO::NodeExtraConfig properties: - server: {get_resource: {{role}}} + server: {get_resource: {{role.name}}} UpdateConfig: type: OS::TripleO::Tasks::PackageUpdate @@ -566,7 +518,7 @@ resources: properties: name: UpdateDeployment config: {get_resource: UpdateConfig} - server: {get_resource: {{role}}} + server: {get_resource: {{role.name}}} input_values: update_identifier: get_param: UpdateIdentifier @@ -578,111 +530,73 @@ resources: SshHostPubKey: type: OS::TripleO::Ssh::HostPubKey - depends_on: {{role}}Deployment + depends_on: {{role.name}}Deployment properties: - server: {get_resource: {{role}}} + server: {get_resource: {{role.name}}} outputs: ip_address: description: IP address of the server in the ctlplane network - value: {get_attr: [{{role}}, networks, ctlplane, 0]} + value: {get_attr: [{{role.name}}, networks, ctlplane, 0]} hostname: description: Hostname of the server - value: {get_attr: [{{role}}, name]} + value: {get_attr: [{{role.name}}, name]} hostname_map: description: Mapping of network names to hostnames value: - external: {get_attr: [NetHostMap, value, external, fqdn]} - internal_api: {get_attr: [NetHostMap, value, internal_api, fqdn]} - storage: {get_attr: [NetHostMap, value, storage, fqdn]} - storage_mgmt: {get_attr: [NetHostMap, value, storage_mgmt, fqdn]} - tenant: {get_attr: [NetHostMap, value, tenant, fqdn]} - management: {get_attr: [NetHostMap, value, management, fqdn]} + {%- for network in networks %} + {{network.name_lower|default(network.name.lower())}}: {get_attr: [NetHostMap, value, {{network.name_lower|default(network.name.lower()) }}, fqdn]} + {%- endfor %} ctlplane: {get_attr: [NetHostMap, value, ctlplane, fqdn]} hosts_entry: value: str_replace: template: | PRIMARYIP PRIMARYHOST.DOMAIN PRIMARYHOST - EXTERNALIP EXTERNALHOST.DOMAIN EXTERNALHOST - INTERNAL_APIIP INTERNAL_APIHOST.DOMAIN INTERNAL_APIHOST - STORAGEIP STORAGEHOST.DOMAIN STORAGEHOST - STORAGE_MGMTIP STORAGE_MGMTHOST.DOMAIN STORAGE_MGMTHOST - TENANTIP TENANTHOST.DOMAIN TENANTHOST - MANAGEMENTIP MANAGEMENTHOST.DOMAIN MANAGEMENTHOST + {%- for network in networks %} + {{network.name}}IP {{network.name}}HOST.DOMAIN {{network.name}}HOST + {%- endfor %} CTLPLANEIP CTLPLANEHOST.DOMAIN CTLPLANEHOST params: - PRIMARYIP: {get_attr: [NetIpMap, net_ip_map, {get_param: [ServiceNetMap, {{role}}HostnameResolveNetwork]}]} + PRIMARYIP: {get_attr: [NetIpMap, net_ip_map, {get_param: [ServiceNetMap, {{role.name}}HostnameResolveNetwork]}]} DOMAIN: {get_param: CloudDomain} - PRIMARYHOST: {get_attr: [{{role}}, name]} - EXTERNALIP: {get_attr: [ExternalPort, ip_address]} - EXTERNALHOST: {get_attr: [NetHostMap, value, external, short]} - INTERNAL_APIIP: {get_attr: [InternalApiPort, ip_address]} - INTERNAL_APIHOST: {get_attr: [NetHostMap, value, internal_api, short]} - STORAGEIP: {get_attr: [StoragePort, ip_address]} - STORAGEHOST: {get_attr: [NetHostMap, value, storage, short]} - STORAGE_MGMTIP: {get_attr: [StorageMgmtPort, ip_address]} - STORAGE_MGMTHOST: {get_attr: [NetHostMap, value, storage_mgmt, short]} - TENANTIP: {get_attr: [TenantPort, ip_address]} - TENANTHOST: {get_attr: [NetHostMap, value, tenant, short]} - MANAGEMENTIP: {get_attr: [ManagementPort, ip_address]} - MANAGEMENTHOST: {get_attr: [NetHostMap, value, management, short]} - CTLPLANEIP: {get_attr: [{{role}}, networks, ctlplane, 0]} + PRIMARYHOST: {get_attr: [{{role.name}}, name]} + {%- for network in networks %} + {{network.name}}IP: {get_attr: [{{network.name}}Port, ip_address]} + {{network.name}}HOST: {get_attr: [NetHostMap, value, {{network.name_lower|default(network.name.lower())}}, short]} + {%- endfor %} + CTLPLANEIP: {get_attr: [{{role.name}}, networks, ctlplane, 0]} CTLPLANEHOST: {get_attr: [NetHostMap, value, ctlplane, short]} known_hosts_entry: description: Entry for ssh known hosts value: str_replace: template: "PRIMARYIP,PRIMARYHOST.DOMAIN,PRIMARYHOST,\ -EXTERNALIP,EXTERNALHOST.DOMAIN,EXTERNALHOST,\ -INTERNAL_APIIP,INTERNAL_APIHOST.DOMAIN,INTERNAL_APIHOST,\ -STORAGEIP,STORAGEHOST.DOMAIN,STORAGEHOST,\ -STORAGE_MGMTIP,STORAGE_MGMTHOST.DOMAIN,STORAGE_MGMTHOST,\ -TENANTIP,TENANTHOST.DOMAIN,TENANTHOST,\ -MANAGEMENTIP,MANAGEMENTHOST.DOMAIN,MANAGEMENTHOST,\ + {%- for network in networks %} +{{network.name}}IP,{{network.name}}HOST.DOMAIN,{{network.name}}HOST,\ + {%- endfor %} CTLPLANEIP,CTLPLANEHOST.DOMAIN,CTLPLANEHOST HOSTSSHPUBKEY" params: - PRIMARYIP: {get_attr: [NetIpMap, net_ip_map, {get_param: [ServiceNetMap, {{role}}HostnameResolveNetwork]}]} + PRIMARYIP: {get_attr: [NetIpMap, net_ip_map, {get_param: [ServiceNetMap, {{role.name}}HostnameResolveNetwork]}]} DOMAIN: {get_param: CloudDomain} - PRIMARYHOST: {get_attr: [{{role}}, name]} - EXTERNALIP: {get_attr: [ExternalPort, ip_address]} - EXTERNALHOST: {get_attr: [NetHostMap, value, external, short]} - INTERNAL_APIIP: {get_attr: [InternalApiPort, ip_address]} - INTERNAL_APIHOST: {get_attr: [NetHostMap, value, internal_api, short]} - STORAGEIP: {get_attr: [StoragePort, ip_address]} - STORAGEHOST: {get_attr: [NetHostMap, value, storage, short]} - STORAGE_MGMTIP: {get_attr: [StorageMgmtPort, ip_address]} - STORAGE_MGMTHOST: {get_attr: [NetHostMap, value, storage_mgmt, short]} - TENANTIP: {get_attr: [TenantPort, ip_address]} - TENANTHOST: {get_attr: [NetHostMap, value, tenant, short]} - MANAGEMENTIP: {get_attr: [ManagementPort, ip_address]} - MANAGEMENTHOST: {get_attr: [NetHostMap, value, management, short]} - CTLPLANEIP: {get_attr: [{{role}}, networks, ctlplane, 0]} + PRIMARYHOST: {get_attr: [{{role.name}}, name]} + {%- for network in networks %} + {{network.name}}IP: {get_attr: [{{network.name}}Port, ip_address]} + {{network.name}}HOST: {get_attr: [NetHostMap, value, {{network.name_lower|default(network.name.lower())}}, short]} + {%- endfor %} + CTLPLANEIP: {get_attr: [{{role.name}}, networks, ctlplane, 0]} CTLPLANEHOST: {get_attr: [NetHostMap, value, ctlplane, short]} HOSTSSHPUBKEY: {get_attr: [SshHostPubKey, ecdsa]} nova_server_resource: - description: Heat resource handle for {{role}} server + description: Heat resource handle for {{role.name}} server value: - {get_resource: {{role}}} + {get_resource: {{role.name}}} condition: server_not_blacklisted - external_ip_address: - description: IP address of the server in the external network - value: {get_attr: [ExternalPort, ip_address]} - internal_api_ip_address: - description: IP address of the server in the internal_api network - value: {get_attr: [InternalApiPort, ip_address]} - storage_ip_address: - description: IP address of the server in the storage network - value: {get_attr: [StoragePort, ip_address]} - storage_mgmt_ip_address: - description: IP address of the server in the storage_mgmt network - value: {get_attr: [StorageMgmtPort, ip_address]} - tenant_ip_address: - description: IP address of the server in the tenant network - value: {get_attr: [TenantPort, ip_address]} - management_ip_address: - description: IP address of the server in the management network - value: {get_attr: [ManagementPort, ip_address]} os_collect_config: description: The os-collect-config configuration associated with this server resource - value: {get_attr: [{{role}}, os_collect_config]} + value: {get_attr: [{{role.name}}, os_collect_config]} + {%- for network in networks %} + {{network.name_lower|default(network.name.lower())}}_ip_address: + description: IP address of the server in the {{network.name}} network + value: {get_attr: [{{network.name}}Port, ip_address]} + {%- endfor %} diff --git a/puppet/services/ceph-base.yaml b/puppet/services/ceph-base.yaml index e12c55eb..48d95993 100644 --- a/puppet/services/ceph-base.yaml +++ b/puppet/services/ceph-base.yaml @@ -29,20 +29,9 @@ parameters: GlanceRbdPoolName: default: images type: string - GlanceBackend: - default: swift - description: The short name of the Glance backend to use. Should be one - of swift, rbd, or file - type: string - constraints: - - allowed_values: ['swift', 'file', 'rbd'] GnocchiRbdPoolName: default: metrics type: string - NovaEnableRbdBackend: - default: false - description: Whether to enable or not the Rbd backend for Nova - type: boolean NovaRbdPoolName: default: vms type: string @@ -82,16 +71,6 @@ parameter_groups: parameters: - ControllerEnableCephStorage -conditions: - glance_multiple_locations: - and: - - equals: - - get_param: GlanceBackend - - rbd - - equals: - - get_param: NovaEnableRbdBackend - - true - outputs: role_data: description: Role data for the Ceph base service. @@ -153,6 +132,3 @@ outputs: - keys: CEPH_CLIENT_KEY: list_join: ['.', ['client', {get_param: CephClientUserName}]] - service_config_settings: - glance_api: - glance::api::show_multiple_locations: {if: [glance_multiple_locations, true, false]} diff --git a/puppet/services/ceph-external.yaml b/puppet/services/ceph-external.yaml index 599532c4..65e6ea80 100644 --- a/puppet/services/ceph-external.yaml +++ b/puppet/services/ceph-external.yaml @@ -27,20 +27,9 @@ parameters: GlanceRbdPoolName: default: images type: string - GlanceBackend: - default: swift - description: The short name of the Glance backend to use. Should be one - of swift, rbd, or file - type: string - constraints: - - allowed_values: ['swift', 'file', 'rbd'] GnocchiRbdPoolName: default: metrics type: string - NovaEnableRbdBackend: - default: false - description: Whether to enable or not the Rbd backend for Nova - type: boolean NovaRbdPoolName: default: vms type: string @@ -76,16 +65,6 @@ parameters: clients using older Ceph servers. type: string -conditions: - glance_multiple_locations: - and: - - equals: - - get_param: GlanceBackend - - rbd - - equals: - - get_param: NovaEnableRbdBackend - - true - outputs: role_data: description: Role data for the Ceph External service. @@ -122,8 +101,5 @@ outputs: - ceph-base - ceph-mon - ceph-osd - service_config_settings: - glance_api: - glance::api::show_multiple_locations: {if: [glance_multiple_locations, true, false]} step_config: | include ::tripleo::profile::base::ceph::client diff --git a/puppet/services/disabled/ceilometer-api-disabled.yaml b/puppet/services/disabled/ceilometer-api-disabled.yaml new file mode 100644 index 00000000..6dce61e3 --- /dev/null +++ b/puppet/services/disabled/ceilometer-api-disabled.yaml @@ -0,0 +1,41 @@ +heat_template_version: pike + +description: > + OpenStack Ceilometer API service, disabled since pike + +parameters: + ServiceNetMap: + default: {} + description: Mapping of service_name -> network name. Typically set + via parameter_defaults in the resource registry. This + mapping overrides those in ServiceNetMapDefaults. + type: json + DefaultPasswords: + default: {} + type: json + RoleName: + default: '' + description: Role name on which the service is applied + type: string + RoleParameters: + default: {} + description: Parameters specific to the role + type: json + EndpointMap: + default: {} + description: Mapping of service endpoint -> protocol. Typically set + via parameter_defaults in the resource registry. + type: json + +outputs: + role_data: + description: Role data for the disabled Ceilometer API role. + value: + service_name: ceilometer_api_disabled + upgrade_tasks: + - name: Purge Ceilometer apache config files + tags: step1 + file: path=/etc/httpd/conf.d/10-ceilometer_wsgi.conf state=absent + - name: Clean up ceilometer port from ports.conf + tags: step1 + lineinfile: dest=/etc/httpd/conf/ports.conf state=absent regexp="8777$" diff --git a/puppet/services/disabled/ceilometer-expirer-disabled.yaml b/puppet/services/disabled/ceilometer-expirer-disabled.yaml index 7be394b6..7110afaa 100644 --- a/puppet/services/disabled/ceilometer-expirer-disabled.yaml +++ b/puppet/services/disabled/ceilometer-expirer-disabled.yaml @@ -36,3 +36,6 @@ outputs: - name: Remove ceilometer expirer cron tab on upgrade tags: step1 shell: '/usr/bin/crontab -u ceilometer -r' + register: remove_ceilometer_expirer_crontab + failed_when: remove_ceilometer_expirer_crontab.rc != 0 and remove_ceilometer_expirer_crontab.stderr != "no crontab for ceilometer" + changed_when: remove_ceilometer_expirer_crontab.stderr != "no crontab for ceilometer" diff --git a/puppet/services/glance-api.yaml b/puppet/services/glance-api.yaml index 7812c8e2..a3d5a793 100644 --- a/puppet/services/glance-api.yaml +++ b/puppet/services/glance-api.yaml @@ -96,6 +96,10 @@ parameters: GlanceRbdPoolName: default: images type: string + NovaEnableRbdBackend: + default: false + description: Whether to enable or not the Rbd backend for Nova + type: boolean RabbitPassword: description: The password for RabbitMQ type: string @@ -129,6 +133,14 @@ conditions: use_tls_proxy: {equals : [{get_param: EnableInternalTLS}, true]} glance_workers_unset: {equals : [{get_param: GlanceWorkers}, '']} service_debug_unset: {equals : [{get_param: GlanceDebug}, '']} + glance_multiple_locations: + and: + - equals: + - get_param: GlanceBackend + - rbd + - equals: + - get_param: NovaEnableRbdBackend + - true resources: @@ -187,6 +199,7 @@ outputs: glance::keystone::authtoken::project_domain_name: 'Default' glance::api::pipeline: 'keystone' glance::api::show_image_direct_url: true + glance::api::show_multiple_locations: {if: [glance_multiple_locations, true, false]} # NOTE: bind IP is found in Heat replacing the network name with the # local node IP for the given network; replacement examples # (eg. for internal_api): diff --git a/puppet/services/neutron-lbaas.yaml b/puppet/services/neutron-lbaas.yaml new file mode 100644 index 00000000..5529db95 --- /dev/null +++ b/puppet/services/neutron-lbaas.yaml @@ -0,0 +1,70 @@ +heat_template_version: pike + +description: > + Neutron LBaaS service configured with Puppet + +parameters: + ServiceNetMap: + default: {} + description: Mapping of service_name -> network name. Typically set + via parameter_defaults in the resource registry. This + mapping overrides those in ServiceNetMapDefaults. + type: json + DefaultPasswords: + default: {} + type: json + RoleName: + default: '' + description: Role name on which the service is applied + type: string + RoleParameters: + default: {} + description: Parameters specific to the role + type: json + EndpointMap: + default: {} + description: Mapping of service endpoint -> protocol. Typically set + via parameter_defaults in the resource registry. + type: json + NeutronLbaasInterfaceDriver: + default: 'neutron.agent.linux.interface.OVSInterfaceDriver' + type: string + NeutronLbaasDeviceDriver: + default: 'neutron.services.loadbalancer.drivers.haproxy.namespace_driver.HaproxyNSDriver' + type: string + NeutronServiceProviders: + default: 'LOADBALANCERV2:Haproxy:neutron_lbaas.drivers.haproxy.plugin_driver.HaproxyOnHostPluginDriver:default' + description: Global list of service providers used by neutron. This + list should be passed in to ensure all service + providers desired by the user are included. The + provided default value only set the provider for the LBaaSv2 + subsystem.This is currently incompatible with enabling + octavia-api as one service or the other will break because the defaults are different. + type: comma_delimited_list + +resources: + + NeutronBase: + type: ./neutron-base.yaml + properties: + ServiceNetMap: {get_param: ServiceNetMap} + DefaultPasswords: {get_param: DefaultPasswords} + EndpointMap: {get_param: EndpointMap} + RoleName: {get_param: RoleName} + RoleParameters: {get_param: RoleParameters} + +outputs: + role_data: + description: Role data for the Neutron LBaaS role. + value: + service_name: neutron_lbaas + config_settings: + map_merge: + - get_attr: [NeutronBase, role_data, config_settings] + - neutron::agents::lbaas::interface_driver: {get_param: NeutronLbaasInterfaceDriver} + neutron::agents::lbaas::device_driver: {get_param: NeutronLbaasDeviceDriver} + step_config: | + include ::tripleo::profile::base::neutron::lbaas + service_config_settings: + neutron_api: + neutron::server::service_providers: {get_param: NeutronServiceProviders} diff --git a/puppet/services/nova-api.yaml b/puppet/services/nova-api.yaml index fe2f2946..4ce5316d 100644 --- a/puppet/services/nova-api.yaml +++ b/puppet/services/nova-api.yaml @@ -28,7 +28,7 @@ parameters: type: json NovaWorkers: default: 0 - description: Number of workers for Nova API service. + description: Number of workers for Nova services. type: number NovaPassword: description: The password for the nova service and db account, used by nova-api. @@ -81,17 +81,15 @@ conditions: nova_workers_zero: {equals : [{get_param: NovaWorkers}, 0]} resources: - # Temporarily disable Nova API deployed in WSGI - # https://bugs.launchpad.net/nova/+bug/1661360 - # ApacheServiceBase: - # type: ./apache.yaml - # properties: - # ServiceNetMap: {get_param: ServiceNetMap} - # DefaultPasswords: {get_param: DefaultPasswords} - # EndpointMap: {get_param: EndpointMap} - # RoleName: {get_param: RoleName} - # RoleParameters: {get_param: RoleParameters} - # EnableInternalTLS: {get_param: EnableInternalTLS} + ApacheServiceBase: + type: ./apache.yaml + properties: + ServiceNetMap: {get_param: ServiceNetMap} + DefaultPasswords: {get_param: DefaultPasswords} + EndpointMap: {get_param: EndpointMap} + RoleName: {get_param: RoleName} + RoleParameters: {get_param: RoleParameters} + EnableInternalTLS: {get_param: EnableInternalTLS} NovaBase: type: ./nova-base.yaml @@ -114,9 +112,7 @@ outputs: config_settings: map_merge: - get_attr: [NovaBase, role_data, config_settings] - # Temporarily disable Nova API deployed in WSGI - # https://bugs.launchpad.net/nova/+bug/1661360 - # - get_attr: [ApacheServiceBase, role_data, config_settings] + - get_attr: [ApacheServiceBase, role_data, config_settings] - nova::cron::archive_deleted_rows::hour: '*/12' nova::cron::archive_deleted_rows::destination: '/dev/null' tripleo.nova_api.firewall_rules: @@ -143,23 +139,21 @@ outputs: "%{hiera('fqdn_$NETWORK')}" params: $NETWORK: {get_param: [ServiceNetMap, NovaApiNetwork]} - # Temporarily disable Nova API deployed in WSGI - # https://bugs.launchpad.net/nova/+bug/1661360 - nova_wsgi_enabled: false - # nova::api::service_name: 'httpd' - # nova::wsgi::apache_api::ssl: {get_param: EnableInternalTLS} + nova_wsgi_enabled: true + nova::api::service_name: 'httpd' + nova::wsgi::apache_api::ssl: {get_param: EnableInternalTLS} # NOTE: bind IP is found in Heat replacing the network name with the local node IP # for the given network; replacement examples (eg. for internal_api): # internal_api -> IP # internal_api_uri -> [IP] # internal_api_subnet - > IP/CIDR - # nova::wsgi::apache_api::bind_host: {get_param: [ServiceNetMap, NovaApiNetwork]} - # nova::wsgi::apache_api::servername: - # str_replace: - # template: - # "%{hiera('fqdn_$NETWORK')}" - # params: - # $NETWORK: {get_param: [ServiceNetMap, NovaApiNetwork]} + nova::wsgi::apache_api::bind_host: {get_param: [ServiceNetMap, NovaApiNetwork]} + nova::wsgi::apache_api::servername: + str_replace: + template: + "%{hiera('fqdn_$NETWORK')}" + params: + $NETWORK: {get_param: [ServiceNetMap, NovaApiNetwork]} nova::api::neutron_metadata_proxy_shared_secret: {get_param: NeutronMetadataProxySharedSecret} nova::api::instance_name_template: {get_param: InstanceNameTemplate} nova_enable_db_purge: {get_param: NovaEnableDBPurge} @@ -169,9 +163,7 @@ outputs: - nova_workers_zero - {} - nova::api::osapi_compute_workers: {get_param: NovaWorkers} - # Temporarily disable Nova API deployed in WSGI - # https://bugs.launchpad.net/nova/+bug/1661360 - # nova::wsgi::apache_api::workers: {get_param: NovaWorkers} + nova::wsgi::apache_api::workers: {get_param: NovaWorkers} step_config: | include tripleo::profile::base::nova::api service_config_settings: @@ -199,87 +191,91 @@ outputs: nova::keystone::auth::admin_url: {get_param: [EndpointMap, NovaAdmin, uri]} nova::keystone::auth::password: {get_param: NovaPassword} nova::keystone::auth::region: {get_param: KeystoneRegion} - # Temporarily disable Nova API deployed in WSGI - # https://bugs.launchpad.net/nova/+bug/1661360 - # metadata_settings: - # get_attr: [ApacheServiceBase, role_data, metadata_settings] + metadata_settings: + get_attr: [ApacheServiceBase, role_data, metadata_settings] upgrade_tasks: - - name: get bootstrap nodeid - tags: common - command: hiera bootstrap_nodeid - register: bootstrap_node - - name: set is_bootstrap_node fact - tags: common - set_fact: is_bootstrap_node={{bootstrap_node.stdout|lower == ansible_hostname|lower}} - - name: Extra migration for nova tripleo/+bug/1656791 - tags: step0,pre-upgrade - when: is_bootstrap_node - command: nova-manage db online_data_migrations - - name: Stop and disable nova_api service (pre-upgrade not under httpd) - tags: step2 - service: name=openstack-nova-api state=stopped enabled=no - - name: Create puppet manifest to set transport_url in nova.conf - tags: step5 - when: is_bootstrap_node - copy: - dest: /root/nova-api_upgrade_manifest.pp - mode: 0600 - content: > - $transport_url = os_transport_url({ - 'transport' => hiera('messaging_service_name', 'rabbit'), - 'hosts' => any2array(hiera('rabbitmq_node_names', undef)), - 'port' => sprintf('%s',hiera('nova::rabbit_port', '5672') ), - 'username' => hiera('nova::rabbit_userid', 'guest'), - 'password' => hiera('nova::rabbit_password'), - 'ssl' => sprintf('%s', bool2num(str2bool(hiera('nova::rabbit_use_ssl', '0')))) - }) - oslo::messaging::default { 'nova_config': - transport_url => $transport_url - } - - name: Run puppet apply to set tranport_url in nova.conf - tags: step5 - when: is_bootstrap_node - command: puppet apply --modulepath /etc/puppet/modules:/opt/stack/puppet-modules:/usr/share/openstack-puppet/modules --detailed-exitcodes /root/nova-api_upgrade_manifest.pp - register: puppet_apply_nova_api_upgrade - failed_when: puppet_apply_nova_api_upgrade.rc not in [0,2] - changed_when: puppet_apply_nova_api_upgrade.rc == 2 - - name: Setup cell_v2 (map cell0) - tags: step5 - when: is_bootstrap_node - shell: nova-manage cell_v2 map_cell0 --database_connection=$(hiera nova::cell0_database_connection) - - name: Setup cell_v2 (create default cell) - tags: step5 - when: is_bootstrap_node - # (owalsh) puppet-nova expects the cell name 'default' - # (owalsh) pass the db uri explicitly to avoid https://bugs.launchpad.net/tripleo/+bug/1662344 - shell: nova-manage cell_v2 create_cell --name='default' --database_connection=$(hiera nova::database_connection) - register: nova_api_create_cell - failed_when: nova_api_create_cell.rc not in [0,2] - changed_when: nova_api_create_cell.rc == 0 - - name: Setup cell_v2 (sync nova/cell DB) - tags: step5 - when: is_bootstrap_node - command: nova-manage db sync - async: {get_param: NovaDbSyncTimeout} - poll: 10 - - name: Setup cell_v2 (get cell uuid) - tags: step5 - when: is_bootstrap_node - shell: nova-manage cell_v2 list_cells | sed -e '1,3d' -e '$d' | awk -F ' *| *' '$2 == "default" {print $4}' - register: nova_api_cell_uuid - - name: Setup cell_v2 (migrate hosts) - tags: step5 - when: is_bootstrap_node - command: nova-manage cell_v2 discover_hosts --cell_uuid {{nova_api_cell_uuid.stdout}} --verbose - - name: Setup cell_v2 (migrate instances) - tags: step5 - when: is_bootstrap_node - command: nova-manage cell_v2 map_instances --cell_uuid {{nova_api_cell_uuid.stdout}} - - name: Sync nova_api DB - tags: step5 - command: nova-manage api_db sync - when: is_bootstrap_node - - name: Online data migration for nova - tags: step5 - when: is_bootstrap_node - command: nova-manage db online_data_migrations + yaql: + expression: $.data.apache_upgrade + $.data.nova_api_upgrade + data: + apache_upgrade: + get_attr: [ApacheServiceBase, role_data, upgrade_tasks] + nova_api_upgrade: + - name: get bootstrap nodeid + tags: common + command: hiera bootstrap_nodeid + register: bootstrap_node + - name: set is_bootstrap_node fact + tags: common + set_fact: is_bootstrap_node={{bootstrap_node.stdout|lower == ansible_hostname|lower}} + - name: Extra migration for nova tripleo/+bug/1656791 + tags: step0,pre-upgrade + when: is_bootstrap_node + command: nova-manage db online_data_migrations + - name: Stop and disable nova_api service (pre-upgrade not under httpd) + tags: step2 + service: name=openstack-nova-api state=stopped enabled=no + - name: Create puppet manifest to set transport_url in nova.conf + tags: step5 + when: is_bootstrap_node + copy: + dest: /root/nova-api_upgrade_manifest.pp + mode: 0600 + content: > + $transport_url = os_transport_url({ + 'transport' => hiera('messaging_service_name', 'rabbit'), + 'hosts' => any2array(hiera('rabbitmq_node_names', undef)), + 'port' => sprintf('%s',hiera('nova::rabbit_port', '5672') ), + 'username' => hiera('nova::rabbit_userid', 'guest'), + 'password' => hiera('nova::rabbit_password'), + 'ssl' => sprintf('%s', bool2num(str2bool(hiera('nova::rabbit_use_ssl', '0')))) + }) + oslo::messaging::default { 'nova_config': + transport_url => $transport_url + } + - name: Run puppet apply to set tranport_url in nova.conf + tags: step5 + when: is_bootstrap_node + command: puppet apply --modulepath /etc/puppet/modules:/opt/stack/puppet-modules:/usr/share/openstack-puppet/modules --detailed-exitcodes /root/nova-api_upgrade_manifest.pp + register: puppet_apply_nova_api_upgrade + failed_when: puppet_apply_nova_api_upgrade.rc not in [0,2] + changed_when: puppet_apply_nova_api_upgrade.rc == 2 + - name: Setup cell_v2 (map cell0) + tags: step5 + when: is_bootstrap_node + shell: nova-manage cell_v2 map_cell0 --database_connection=$(hiera nova::cell0_database_connection) + - name: Setup cell_v2 (create default cell) + tags: step5 + when: is_bootstrap_node + # (owalsh) puppet-nova expects the cell name 'default' + # (owalsh) pass the db uri explicitly to avoid https://bugs.launchpad.net/tripleo/+bug/1662344 + shell: nova-manage cell_v2 create_cell --name='default' --database_connection=$(hiera nova::database_connection) + register: nova_api_create_cell + failed_when: nova_api_create_cell.rc not in [0,2] + changed_when: nova_api_create_cell.rc == 0 + - name: Setup cell_v2 (sync nova/cell DB) + tags: step5 + when: is_bootstrap_node + command: nova-manage db sync + async: {get_param: NovaDbSyncTimeout} + poll: 10 + - name: Setup cell_v2 (get cell uuid) + tags: step5 + when: is_bootstrap_node + shell: nova-manage cell_v2 list_cells | sed -e '1,3d' -e '$d' | awk -F ' *| *' '$2 == "default" {print $4}' + register: nova_api_cell_uuid + - name: Setup cell_v2 (migrate hosts) + tags: step5 + when: is_bootstrap_node + command: nova-manage cell_v2 discover_hosts --cell_uuid {{nova_api_cell_uuid.stdout}} --verbose + - name: Setup cell_v2 (migrate instances) + tags: step5 + when: is_bootstrap_node + command: nova-manage cell_v2 map_instances --cell_uuid {{nova_api_cell_uuid.stdout}} + - name: Sync nova_api DB + tags: step5 + command: nova-manage api_db sync + when: is_bootstrap_node + - name: Online data migration for nova + tags: step5 + when: is_bootstrap_node + command: nova-manage db online_data_migrations diff --git a/puppet/services/nova-compute.yaml b/puppet/services/nova-compute.yaml index 68a71e42..33b07ded 100644 --- a/puppet/services/nova-compute.yaml +++ b/puppet/services/nova-compute.yaml @@ -32,6 +32,13 @@ parameters: CephClientUserName: default: openstack type: string + CephClientKey: + description: The Ceph client key. Can be created with ceph-authtool --gen-print-key. Currently only used for external Ceph deployments to create the openstack user keyring. + type: string + hidden: true + CephClusterFSID: + type: string + description: The Ceph cluster FSID. Must be a UUID. CinderEnableNfsBackend: default: false description: Whether to enable or not the NFS backend for Cinder @@ -159,12 +166,8 @@ outputs: nova::compute::rbd::libvirt_rbd_user: {get_param: CephClientUserName} tripleo::profile::base::nova::compute::cinder_nfs_backend: {get_param: CinderEnableNfsBackend} rbd_persistent_storage: {get_param: CinderEnableRbdBackend} - nova::compute::rbd::rbd_keyring: - list_join: - - '.' - - - 'client' - - {get_param: CephClientUserName} - nova::compute::rbd::libvirt_rbd_secret_uuid: "%{hiera('ceph::profile::params::fsid')}" + nova::compute::rbd::libvirt_rbd_secret_key: {get_param: CephClientKey} + nova::compute::rbd::libvirt_rbd_secret_uuid: {get_param: CephClusterFSID} nova::compute::instance_usage_audit: true nova::compute::instance_usage_audit_period: 'hour' nova::compute::rbd::ephemeral_storage: {get_param: NovaEnableRbdBackend} diff --git a/puppet/services/nova-conductor.yaml b/puppet/services/nova-conductor.yaml index 30eb1277..b83b9852 100644 --- a/puppet/services/nova-conductor.yaml +++ b/puppet/services/nova-conductor.yaml @@ -28,7 +28,7 @@ parameters: type: json NovaWorkers: default: 0 - description: Number of workers for Nova Conductor service. + description: Number of workers for Nova services. type: number MonitoringSubscriptionNovaConductor: default: 'overcloud-nova-conductor' diff --git a/puppet/services/nova-metadata.yaml b/puppet/services/nova-metadata.yaml index 335b2c28..bc7dc1b0 100644 --- a/puppet/services/nova-metadata.yaml +++ b/puppet/services/nova-metadata.yaml @@ -28,7 +28,7 @@ parameters: type: json NovaWorkers: default: 0 - description: Number of workers for Nova API service. + description: Number of workers for Nova services. type: number conditions: diff --git a/puppet/services/nova-placement.yaml b/puppet/services/nova-placement.yaml index 86aa079e..aaa7ef5b 100644 --- a/puppet/services/nova-placement.yaml +++ b/puppet/services/nova-placement.yaml @@ -28,7 +28,7 @@ parameters: type: json NovaWorkers: default: 0 - description: Number of workers for Nova Placement API service. + description: Number of workers for Nova services. type: number NovaPassword: description: The password for the nova service and db account, used by nova-placement. |