aboutsummaryrefslogtreecommitdiffstats
path: root/puppet
diff options
context:
space:
mode:
Diffstat (limited to 'puppet')
-rw-r--r--puppet/all-nodes-config.yaml383
-rw-r--r--puppet/controller.yaml88
-rw-r--r--puppet/services/aodh-api.yaml8
-rw-r--r--puppet/services/apache.yaml40
-rw-r--r--puppet/services/ceilometer-api.yaml8
-rw-r--r--puppet/services/gnocchi-api.yaml11
-rw-r--r--puppet/services/gnocchi-base.yaml6
-rw-r--r--puppet/services/haproxy.yaml40
-rw-r--r--puppet/services/horizon.yaml39
-rw-r--r--puppet/services/keystone.yaml153
-rw-r--r--puppet/services/neutron-api.yaml6
-rw-r--r--puppet/services/neutron-metadata.yaml6
-rw-r--r--puppet/services/nova-api.yaml24
-rw-r--r--puppet/services/nova-base.yaml4
-rw-r--r--puppet/services/nova-compute.yaml32
-rw-r--r--puppet/services/nova-vncproxy.yaml6
-rw-r--r--puppet/services/opendaylight-api.yaml (renamed from puppet/services/opendaylight.yaml)2
17 files changed, 383 insertions, 473 deletions
diff --git a/puppet/all-nodes-config.yaml b/puppet/all-nodes-config.yaml
index ddde5498..644c1938 100644
--- a/puppet/all-nodes-config.yaml
+++ b/puppet/all-nodes-config.yaml
@@ -1,63 +1,31 @@
-heat_template_version: 2015-04-30
+heat_template_version: 2016-10-14
description: 'All Nodes Config for Puppet'
parameters:
hosts:
type: comma_delimited_list
+ # FIXME(shardy) this can be comma_delimited_list when
+ # https://bugs.launchpad.net/heat/+bug/1617019 is fixed
+ enabled_services:
+ type: string
controller_ips:
type: comma_delimited_list
+ service_ips:
+ type: json
controller_names:
type: comma_delimited_list
rabbit_node_ips:
type: comma_delimited_list
- mongo_node_ips:
- type: comma_delimited_list
- redis_node_ips:
- type: comma_delimited_list
memcache_node_ips:
type: comma_delimited_list
- mysql_node_ips:
- type: comma_delimited_list
- horizon_node_ips:
- type: comma_delimited_list
- heat_api_node_ips:
- type: comma_delimited_list
- swift_proxy_node_ips:
- type: comma_delimited_list
- ceilometer_api_node_ips:
- type: comma_delimited_list
- aodh_api_node_ips:
- type: comma_delimited_list
- nova_api_node_ips:
- type: comma_delimited_list
- nova_metadata_node_ips:
- type: comma_delimited_list
- glance_api_node_ips:
- type: comma_delimited_list
- glance_registry_node_ips:
- type: comma_delimited_list
- gnocchi_api_node_ips:
- type: comma_delimited_list
- cinder_api_node_ips:
- type: comma_delimited_list
- manila_api_node_ips:
- type: comma_delimited_list
- neutron_api_node_ips:
- type: comma_delimited_list
keystone_public_api_node_ips:
type: comma_delimited_list
keystone_admin_api_node_ips:
type: comma_delimited_list
- sahara_api_node_ips:
- type: comma_delimited_list
- ironic_api_node_ips:
- type: comma_delimited_list
ceph_mon_node_ips:
type: comma_delimited_list
ceph_mon_node_names:
type: comma_delimited_list
- opendaylight_api_node_ips:
- type: comma_delimited_list
DeployIdentifier:
type: string
description: >
@@ -94,252 +62,99 @@ resources:
bootstrap_nodeid_ip: {get_input: bootstrap_nodeid_ip}
all_nodes:
mapped_data:
- controller_node_ips:
- list_join:
- - ','
- - {get_param: controller_ips}
- controller_node_names:
- list_join:
- - ','
- - {get_param: controller_names}
- galera_node_names:
- list_join:
- - ','
- - {get_param: controller_names}
- rabbitmq_node_ips: &rabbit_nodes_array
- str_replace:
- template: "['SERVERS_LIST']"
- params:
- SERVERS_LIST:
- list_join:
- - "','"
- - {get_param: rabbit_node_ips}
- mongodb_node_ips:
- str_replace:
- template: "['SERVERS_LIST']"
- params:
- SERVERS_LIST:
- list_join:
- - "','"
- - {get_param: mongo_node_ips}
- redis_node_ips:
- str_replace:
- template: "['SERVERS_LIST']"
- params:
- SERVERS_LIST:
- list_join:
- - "','"
- - {get_param: redis_node_ips}
- memcached_node_ips:
- str_replace:
- template: "['SERVERS_LIST']"
- params:
- SERVERS_LIST:
- list_join:
- - "','"
- - {get_param: memcache_node_ips}
- memcached_node_ips_v6:
- str_replace:
- template: "['inet6:[SERVERS_LIST]']"
- params:
- SERVERS_LIST:
- list_join:
- - "]','inet6:["
- - {get_param: memcache_node_ips}
- mysql_node_ips:
- str_replace:
- template: "['SERVERS_LIST']"
- params:
- SERVERS_LIST:
- list_join:
- - "','"
- - {get_param: mysql_node_ips}
- horizon_node_ips:
- str_replace:
- template: "['SERVERS_LIST']"
- params:
- SERVERS_LIST:
- list_join:
- - "','"
- - {get_param: horizon_node_ips}
- heat_api_node_ips:
- str_replace:
- template: "['SERVERS_LIST']"
- params:
- SERVERS_LIST:
- list_join:
- - "','"
- - {get_param: heat_api_node_ips}
- swift_proxy_node_ips:
- str_replace:
- template: "['SERVERS_LIST']"
- params:
- SERVERS_LIST:
- list_join:
- - "','"
- - {get_param: swift_proxy_node_ips}
- ceilometer_api_node_ips:
- str_replace:
- template: "['SERVERS_LIST']"
- params:
- SERVERS_LIST:
- list_join:
- - "','"
- - {get_param: ceilometer_api_node_ips}
- aodh_api_node_ips:
- str_replace:
- template: "['SERVERS_LIST']"
- params:
- SERVERS_LIST:
- list_join:
- - "','"
- - {get_param: aodh_api_node_ips}
- gnocchi_api_node_ips:
- str_replace:
- template: "['SERVERS_LIST']"
- params:
- SERVERS_LIST:
- list_join:
- - "','"
- - {get_param: gnocchi_api_node_ips}
- nova_api_node_ips:
- str_replace:
- template: "['SERVERS_LIST']"
- params:
- SERVERS_LIST:
- list_join:
- - "','"
- - {get_param: nova_api_node_ips}
- nova_metadata_node_ips:
- str_replace:
- template: "['SERVERS_LIST']"
- params:
- SERVERS_LIST:
- list_join:
- - "','"
- - {get_param: nova_metadata_node_ips}
- glance_api_node_ips:
- str_replace:
- template: "['SERVERS_LIST']"
- params:
- SERVERS_LIST:
- list_join:
- - "','"
- - {get_param: glance_api_node_ips}
- glance_registry_node_ips:
- str_replace:
- template: "['SERVERS_LIST']"
- params:
- SERVERS_LIST:
- list_join:
- - "','"
- - {get_param: glance_registry_node_ips}
- cinder_api_node_ips:
- str_replace:
- template: "['SERVERS_LIST']"
- params:
- SERVERS_LIST:
- list_join:
- - "','"
- - {get_param: cinder_api_node_ips}
- manila_api_node_ips:
- str_replace:
- template: "['SERVERS_LIST']"
- params:
- SERVERS_LIST:
- list_join:
- - "','"
- - {get_param: manila_api_node_ips}
- neutron_api_node_ips:
- str_replace:
- template: "['SERVERS_LIST']"
- params:
- SERVERS_LIST:
- list_join:
- - "','"
- - {get_param: neutron_api_node_ips}
- # TODO: pass a `midonet_api_node_ips` var
- midonet_api_node_ips:
- str_replace:
- template: "['SERVERS_LIST']"
- params:
- SERVERS_LIST:
- list_join:
- - "','"
- - {get_param: neutron_api_node_ips}
- keystone_public_api_node_ips:
- str_replace:
- template: "['SERVERS_LIST']"
- params:
- SERVERS_LIST:
- list_join:
- - "','"
- - {get_param: keystone_public_api_node_ips}
- keystone_admin_api_node_ips:
- str_replace:
- template: "['SERVERS_LIST']"
- params:
- SERVERS_LIST:
- list_join:
- - "','"
- - {get_param: keystone_admin_api_node_ips}
- sahara_api_node_ips:
- str_replace:
- template: "['SERVERS_LIST']"
- params:
- SERVERS_LIST:
- list_join:
- - "','"
- - {get_param: sahara_api_node_ips}
- ironic_api_node_ips:
- str_replace:
- template: "['SERVERS_LIST']"
- params:
- SERVERS_LIST:
- list_join:
- - "','"
- - {get_param: ironic_api_node_ips}
- opendaylight_api_node_ips:
- str_replace:
- template: "['SERVERS_LIST']"
- params:
- SERVERS_LIST:
- list_join:
- - "','"
- - {get_param: opendaylight_api_node_ips}
- tripleo::profile::base::ceph::ceph_mon_initial_members:
- list_join:
- - ','
- - {get_param: ceph_mon_node_names}
- tripleo::profile::base::ceph::ceph_mon_host:
- list_join:
- - ','
- - {get_param: ceph_mon_node_ips}
- tripleo::profile::base::ceph::ceph_mon_host_v6:
- str_replace:
- template: "'[IPS_LIST]'"
- params:
- IPS_LIST:
- list_join:
- - '],['
- - {get_param: ceph_mon_node_ips}
- # NOTE(gfidente): interpolation with %{} in the
- # hieradata file can't be used as it returns string
- ceilometer::rabbit_hosts: *rabbit_nodes_array
- aodh::rabbit_hosts: *rabbit_nodes_array
- cinder::rabbit_hosts: *rabbit_nodes_array
- glance::notify::rabbitmq::rabbit_hosts: *rabbit_nodes_array
- manila::rabbit_hosts: *rabbit_nodes_array
- heat::rabbit_hosts: *rabbit_nodes_array
- neutron::rabbit_hosts: *rabbit_nodes_array
- nova::rabbit_hosts: *rabbit_nodes_array
- keystone::rabbit_hosts: *rabbit_nodes_array
- sahara::rabbit_hosts: *rabbit_nodes_array
- ironic::rabbit_hosts: *rabbit_nodes_array
+ map_merge:
+ - enabled_services: {get_param: enabled_services}
+ # This writes out a mapping of service_name_enabled: 'true'
+ # For any services not enabled, hiera foo_enabled will
+ # return nil, as it's undefined
+ - map_merge:
+ repeat:
+ template:
+ # Note this must be string 'true' due to
+ # https://bugs.launchpad.net/heat/+bug/1617203
+ SERVICE_enabled: 'true'
+ for_each:
+ SERVICE:
+ str_split: [',', {get_param: enabled_services}]
+ # provides a mapping of service_name_ips to a list of IPs
+ - {get_param: service_ips}
+ - controller_node_ips:
+ list_join:
+ - ','
+ - {get_param: controller_ips}
+ controller_node_names:
+ list_join:
+ - ','
+ - {get_param: controller_names}
+ galera_node_names:
+ list_join:
+ - ','
+ - {get_param: controller_names}
+ rabbitmq_node_ips: &rabbit_nodes_array
+ str_replace:
+ template: "['SERVERS_LIST']"
+ params:
+ SERVERS_LIST:
+ list_join:
+ - "','"
+ - {get_param: rabbit_node_ips}
+ memcached_node_ips_v6:
+ str_replace:
+ template: "['inet6:[SERVERS_LIST]']"
+ params:
+ SERVERS_LIST:
+ list_join:
+ - "]','inet6:["
+ - {get_param: memcache_node_ips}
+ keystone_public_api_node_ips:
+ str_replace:
+ template: "['SERVERS_LIST']"
+ params:
+ SERVERS_LIST:
+ list_join:
+ - "','"
+ - {get_param: keystone_public_api_node_ips}
+ keystone_admin_api_node_ips:
+ str_replace:
+ template: "['SERVERS_LIST']"
+ params:
+ SERVERS_LIST:
+ list_join:
+ - "','"
+ - {get_param: keystone_admin_api_node_ips}
+ tripleo::profile::base::ceph::ceph_mon_initial_members:
+ list_join:
+ - ','
+ - {get_param: ceph_mon_node_names}
+ tripleo::profile::base::ceph::ceph_mon_host:
+ list_join:
+ - ','
+ - {get_param: ceph_mon_node_ips}
+ tripleo::profile::base::ceph::ceph_mon_host_v6:
+ str_replace:
+ template: "'[IPS_LIST]'"
+ params:
+ IPS_LIST:
+ list_join:
+ - '],['
+ - {get_param: ceph_mon_node_ips}
+ # NOTE(gfidente): interpolation with %{} in the
+ # hieradata file can't be used as it returns string
+ ceilometer::rabbit_hosts: *rabbit_nodes_array
+ aodh::rabbit_hosts: *rabbit_nodes_array
+ cinder::rabbit_hosts: *rabbit_nodes_array
+ glance::notify::rabbitmq::rabbit_hosts: *rabbit_nodes_array
+ manila::rabbit_hosts: *rabbit_nodes_array
+ heat::rabbit_hosts: *rabbit_nodes_array
+ neutron::rabbit_hosts: *rabbit_nodes_array
+ nova::rabbit_hosts: *rabbit_nodes_array
+ keystone::rabbit_hosts: *rabbit_nodes_array
+ sahara::rabbit_hosts: *rabbit_nodes_array
+ ironic::rabbit_hosts: *rabbit_nodes_array
- deploy_identifier: {get_param: DeployIdentifier}
- update_identifier: {get_param: UpdateIdentifier}
- stack_action: {get_param: StackAction}
+ deploy_identifier: {get_param: DeployIdentifier}
+ update_identifier: {get_param: UpdateIdentifier}
+ stack_action: {get_param: StackAction}
outputs:
config_id:
diff --git a/puppet/controller.yaml b/puppet/controller.yaml
index 28fd08da..0225231e 100644
--- a/puppet/controller.yaml
+++ b/puppet/controller.yaml
@@ -83,10 +83,6 @@ parameters:
type: string
constraints:
- custom_constraint: nova.flavor
- HorizonSecret:
- description: Secret key for Django
- type: string
- hidden: true
controllerImage:
type: string
default: overcloud-full
@@ -96,10 +92,6 @@ parameters:
default: 'REBUILD_PRESERVE_EPHEMERAL'
description: What policy to use when reconstructing instances. REBUILD for rebuilds, REBUILD_PRESERVE_EPHEMERAL to preserve /mnt.
type: string
- InstanceNameTemplate:
- default: 'instance-%08x'
- description: Template string to be used to generate instance names
- type: string
KeyName:
default: default
description: Name of an existing Nova key pair to enable SSH access to the instances
@@ -110,39 +102,14 @@ parameters:
default: false
description: Whether to manage IPtables rules.
type: boolean
- MemcachedIPv6:
- default: false
- description: Enable IPv6 features in Memcached.
- type: boolean
PurgeFirewallRules:
default: false
description: Whether IPtables rules should be purged before setting up the new ones.
type: boolean
- NeutronMetadataProxySharedSecret:
- description: Shared secret to prevent spoofing
- type: string
- hidden: true
- NeutronPassword:
- description: The password for the neutron service and db account, used by neutron agents.
- type: string
- hidden: true
NeutronPublicInterface:
default: nic1
description: What interface to bridge onto br-ex for network nodes.
type: string
- NovaEnableDBPurge:
- default: true
- description: |
- Whether to create cron job for purging soft deleted rows in Nova database.
- type: boolean
- NovaIPv6:
- default: false
- description: Enable IPv6 features in Nova
- type: boolean
- NovaPassword:
- description: The password for the nova service and db account, used by nova-api.
- type: string
- hidden: true
PcsdPassword:
type: string
description: The password for the 'pcsd' user.
@@ -162,10 +129,6 @@ parameters:
default: {}
description: 'A hash of additional raw devices to use as Swift backend (eg. {sdb: {}})'
type: json
- UpgradeLevelNovaCompute:
- type: string
- description: Nova Compute upgrade level
- default: ''
ServiceNetMap:
default: {}
description: Mapping of service_name -> network name. Typically set
@@ -392,43 +355,15 @@ resources:
server: {get_resource: Controller}
input_values:
bootstack_nodeid: {get_attr: [Controller, name]}
- horizon_secret: {get_param: HorizonSecret}
debug: {get_param: Debug}
- keystone_identity_uri: { get_param: [EndpointMap, KeystoneAdmin, uri_no_suffix] }
- keystone_auth_uri: {get_param: [EndpointMap, KeystoneInternal, uri] }
- keystone_ec2_uri: { get_param: [EndpointMap, KeystoneEC2, uri] }
enable_fencing: {get_param: EnableFencing}
enable_load_balancer: {get_param: EnableLoadBalancer}
manage_firewall: {get_param: ManageFirewall}
purge_firewall_rules: {get_param: PurgeFirewallRules}
- neutron_metadata_proxy_shared_secret: {get_param: NeutronMetadataProxySharedSecret}
- nova_enable_db_purge: {get_param: NovaEnableDBPurge}
- nova_ipv6: {get_param: NovaIPv6}
corosync_ipv6: {get_param: CorosyncIPv6}
- memcached_ipv6: {get_param: MemcachedIPv6}
- nova_password: {get_param: NovaPassword}
- upgrade_level_nova_compute: {get_param: UpgradeLevelNovaCompute}
- instance_name_template: {get_param: InstanceNameTemplate}
fencing_config: {get_param: FencingConfig}
pcsd_password: {get_param: PcsdPassword}
enable_package_upgrade: {get_attr: [UpdateDeployment, update_managed_packages]}
- glance_api_servers: { get_param: [EndpointMap, GlanceInternal, uri]}
- neutron_api_network: {get_attr: [NetIpMap, net_ip_map, {get_param: [ServiceNetMap, NeutronApiNetwork]}]}
- nova_api_network: {get_attr: [NetIpMap, net_ip_map, {get_param: [ServiceNetMap, NovaApiNetwork]}]}
- nova_metadata_network: {get_attr: [NetIpMap, net_ip_map, {get_param: [ServiceNetMap, NovaMetadataNetwork]}]}
- horizon_network: {get_attr: [NetIpMap, net_ip_map, {get_param: [ServiceNetMap, HorizonNetwork]}]}
- horizon_subnet:
- str_replace:
- template: "['SUBNET']"
- params:
- SUBNET:
- get_attr:
- - NetIpMap
- - net_ip_map
- - str_replace:
- template: "NETWORK_subnet"
- params:
- NETWORK: {get_param: [ServiceNetMap, HorizonNetwork]}
redis_vip: {get_param: RedisVirtualIP}
ironic_api_network: {get_attr: [NetIpMap, net_ip_map, {get_param: [ServiceNetMap, IronicApiNetwork]}]}
@@ -489,37 +424,14 @@ resources:
tripleo::fencing::config: {get_input: fencing_config}
# Neutron
- neutron::bind_host: {get_input: neutron_api_network}
- neutron::agents::metadata::metadata_ip: {get_input: neutron_api_network}
snmpd_readonly_user_name: {get_input: snmpd_readonly_user_name}
snmpd_readonly_user_password: {get_input: snmpd_readonly_user_password}
-
- # Nova
- nova::upgrade_level_compute: {get_input: upgrade_level_nova_compute}
- nova::use_ipv6: {get_input: nova_ipv6}
- nova::api::api_bind_address: {get_input: nova_api_network}
- nova::api::metadata_listen: {get_input: nova_metadata_network}
- nova::glance_api_servers: {get_input: glance_api_servers}
- nova::api::neutron_metadata_proxy_shared_secret: {get_input: neutron_metadata_proxy_shared_secret}
- nova::api::instance_name_template: {get_input: instance_name_template}
- nova::vncproxy::host: {get_input: nova_api_network}
- nova_enable_db_purge: {get_input: nova_enable_db_purge}
-
- # Horizon
- apache::mod::remoteip::proxy_ips: {get_input: horizon_subnet}
- apache::ip: {get_input: horizon_network}
- horizon::django_debug: {get_input: debug}
- horizon::secret_key: {get_input: horizon_secret}
- horizon::bind_address: {get_input: horizon_network}
- horizon::keystone_url: {get_input: keystone_auth_uri}
-
# Redis
redis_vip: {get_input: redis_vip}
# Firewall
tripleo::firewall::manage_firewall: {get_input: manage_firewall}
tripleo::firewall::purge_firewall_rules: {get_input: purge_firewall_rules}
# Misc
- memcached_ipv6: {get_input: memcached_ipv6}
tripleo::haproxy::service_certificate: {get_attr: [NodeTLSData, deployed_ssl_certificate_path]}
tripleo::packages::enable_upgrade: {get_input: enable_package_upgrade}
diff --git a/puppet/services/aodh-api.yaml b/puppet/services/aodh-api.yaml
index 4308052b..cc1f4b09 100644
--- a/puppet/services/aodh-api.yaml
+++ b/puppet/services/aodh-api.yaml
@@ -27,6 +27,13 @@ resources:
DefaultPasswords: {get_param: DefaultPasswords}
EndpointMap: {get_param: EndpointMap}
+ ApacheServiceBase:
+ type: ./apache.yaml
+ properties:
+ ServiceNetMap: {get_param: ServiceNetMap}
+ DefaultPasswords: {get_param: DefaultPasswords}
+ EndpointMap: {get_param: EndpointMap}
+
outputs:
role_data:
description: Role data for the Aodh API service.
@@ -35,6 +42,7 @@ outputs:
config_settings:
map_merge:
- get_attr: [AodhBase, role_data, config_settings]
+ - get_attr: [ApacheServiceBase, role_data, config_settings]
- aodh::wsgi::apache::ssl: false
aodh::api::service_name: 'httpd'
tripleo.aodh_api.firewall_rules:
diff --git a/puppet/services/apache.yaml b/puppet/services/apache.yaml
new file mode 100644
index 00000000..758d9510
--- /dev/null
+++ b/puppet/services/apache.yaml
@@ -0,0 +1,40 @@
+heat_template_version: 2016-10-14
+
+description: >
+ Apache service configured with Puppet. Note this is typically included
+ automatically via other services which run via Apache.
+
+parameters:
+ ServiceNetMap:
+ default: {}
+ description: Mapping of service_name -> network name. Typically set
+ via parameter_defaults in the resource registry. This
+ mapping overrides those in ServiceNetMapDefaults.
+ type: json
+ DefaultPasswords:
+ default: {}
+ type: json
+ EndpointMap:
+ default: {}
+ description: Mapping of service endpoint -> protocol. Typically set
+ via parameter_defaults in the resource registry.
+ type: json
+
+outputs:
+ role_data:
+ description: Role data for the Apache role.
+ value:
+ service_name: apache
+ config_settings:
+ # for the given network; replacement examples (eg. for internal_api):
+ # internal_api -> IP
+ # internal_api_uri -> [IP]
+ # internal_api_subnet - > IP/CIDR
+ apache::ip: {get_param: [ServiceNetMap, ApacheNetwork]}
+ apache_remote_proxy_ips_network:
+ str_replace:
+ template: "NETWORK_subnet"
+ params:
+ NETWORK: {get_param: [ServiceNetMap, ApacheNetwork]}
+ apache::mod::remoteip::proxy_ips:
+ - "%{hiera('apache_remote_proxy_ips_network')}"
diff --git a/puppet/services/ceilometer-api.yaml b/puppet/services/ceilometer-api.yaml
index 201a2b7b..2baac511 100644
--- a/puppet/services/ceilometer-api.yaml
+++ b/puppet/services/ceilometer-api.yaml
@@ -28,6 +28,13 @@ resources:
DefaultPasswords: {get_param: DefaultPasswords}
EndpointMap: {get_param: EndpointMap}
+ ApacheServiceBase:
+ type: ./apache.yaml
+ properties:
+ ServiceNetMap: {get_param: ServiceNetMap}
+ DefaultPasswords: {get_param: DefaultPasswords}
+ EndpointMap: {get_param: EndpointMap}
+
outputs:
role_data:
description: Role data for the Ceilometer API role.
@@ -35,6 +42,7 @@ outputs:
service_name: ceilometer_api
config_settings:
map_merge:
+ - get_attr: [ApacheServiceBase, role_data, config_settings]
- get_attr: [CeilometerServiceBase, role_data, config_settings]
- tripleo.ceilometer_api.firewall_rules:
'124 ceilometer':
diff --git a/puppet/services/gnocchi-api.yaml b/puppet/services/gnocchi-api.yaml
index d21e5b2b..dc6e7de7 100644
--- a/puppet/services/gnocchi-api.yaml
+++ b/puppet/services/gnocchi-api.yaml
@@ -23,7 +23,7 @@ parameters:
type: string
hidden: true
GnocchiBackend:
- default: file
+ default: swift
description: The short name of the Gnocchi backend to use. Should be one
of swift, rbd, or file
type: string
@@ -35,6 +35,7 @@ parameters:
description: Keystone region for endpoint
resources:
+
GnocchiServiceBase:
type: ./gnocchi-base.yaml
properties:
@@ -42,6 +43,13 @@ resources:
DefaultPasswords: {get_param: DefaultPasswords}
EndpointMap: {get_param: EndpointMap}
+ ApacheServiceBase:
+ type: ./apache.yaml
+ properties:
+ ServiceNetMap: {get_param: ServiceNetMap}
+ DefaultPasswords: {get_param: DefaultPasswords}
+ EndpointMap: {get_param: EndpointMap}
+
outputs:
role_data:
description: Role data for the Gnocchi role.
@@ -49,6 +57,7 @@ outputs:
service_name: gnocchi_api
config_settings:
map_merge:
+ - get_attr: [ApacheServiceBase, role_data, config_settings]
- get_attr: [GnocchiServiceBase, role_data, config_settings]
- tripleo.gnocchi_api.firewall_rules:
'129 gnocchi-api':
diff --git a/puppet/services/gnocchi-base.yaml b/puppet/services/gnocchi-base.yaml
index 9b9cafb8..9f114ac4 100644
--- a/puppet/services/gnocchi-base.yaml
+++ b/puppet/services/gnocchi-base.yaml
@@ -40,6 +40,10 @@ parameters:
description: The password for the redis service account.
type: string
hidden: true
+ Debug:
+ type: string
+ default: ''
+ description: Set to True to enable debugging on all services.
outputs:
aux_parameters:
@@ -52,7 +56,7 @@ outputs:
service_name: gnocchi_base
config_settings:
#Gnocchi engine
- gnocchi::debug: {get_input: debug}
+ gnocchi::debug: {get_param: Debug}
gnocchi::db::database_connection:
list_join:
- ''
diff --git a/puppet/services/haproxy.yaml b/puppet/services/haproxy.yaml
index c0e1c113..6885449e 100644
--- a/puppet/services/haproxy.yaml
+++ b/puppet/services/haproxy.yaml
@@ -55,27 +55,27 @@ outputs:
'107 haproxy stats':
dport: 1993
# TODO(emilien) make it composable to find which services are actually running
- tripleo::haproxy::keystone_admin: true
- tripleo::haproxy::keystone_public: true
- tripleo::haproxy::neutron: true
- tripleo::haproxy::cinder: true
- tripleo::haproxy::glance_api: true
- tripleo::haproxy::glance_registry: true
- tripleo::haproxy::nova_osapi: true
- tripleo::haproxy::nova_metadata: true
- tripleo::haproxy::nova_novncproxy: true
+ tripleo::haproxy::keystone_admin: '"%{hiera(\"keystone_enabled\")}"'
+ tripleo::haproxy::keystone_public: '"%{hiera(\"keystone_enabled\")}"'
+ tripleo::haproxy::neutron: '"%{hiera(\"neutron_api_enabled\")}"'
+ tripleo::haproxy::cinder: '"%{hiera(\"cinder_api_enabled\")}"'
+ tripleo::haproxy::glance_api: '"%{hiera(\"glance_api_enabled\")}"'
+ tripleo::haproxy::glance_registry: '"%{hiera(\"glance_registry_enabled\")}"'
+ tripleo::haproxy::nova_osapi: '"%{hiera(\"nova_api_enabled\")}"'
+ tripleo::haproxy::nova_metadata: '"%{hiera(\"nova_api_enabled\")}"'
+ tripleo::haproxy::nova_novncproxy: '"%{hiera(\"nova_vncproxy_enabled\")}"'
tripleo::haproxy::mysql: true
- tripleo::haproxy::redis: true
- tripleo::haproxy::sahara: true
- tripleo::haproxy::swift_proxy_server: true
- tripleo::haproxy::ceilometer: true
- tripleo::haproxy::aodh: true
- tripleo::haproxy::gnocchi: true
- tripleo::haproxy::heat_api: true
- tripleo::haproxy::heat_cloudwatch: true
- tripleo::haproxy::heat_cfn: true
- tripleo::haproxy::horizon: true
- tripleo::haproxy::ironic: true
+ tripleo::haproxy::redis: '"%{hiera(\"redis_enabled\")}"'
+ tripleo::haproxy::sahara: '"%{hiera(\"sahara_api_enabled\")}"'
+ tripleo::haproxy::swift_proxy_server: '"%{hiera(\"swift_proxy_enabled\")}"'
+ tripleo::haproxy::ceilometer: '"%{hiera(\"ceilometer_api_enabled\")}"'
+ tripleo::haproxy::aodh: '"%{hiera(\"aodh_api_enabled\")}"'
+ tripleo::haproxy::gnocchi: '"%{hiera(\"gnocchi_api_enabled\")}"'
+ tripleo::haproxy::heat_api: '"%{hiera(\"heat_api_enabled\")}"'
+ tripleo::haproxy::heat_cloudwatch: '"%{hiera(\"heat_api_cloudwatch_enabled\")}"'
+ tripleo::haproxy::heat_cfn: '"%{hiera(\"heat_api_cfn_enabled\")}"'
+ tripleo::haproxy::horizon: '"%{hiera(\"horizon_enabled\")}"'
+ tripleo::haproxy::ironic: '"%{hiera(\"ironic_api_enabled\")}"'
tripleo::haproxy::haproxy_log_address: {get_param: HAProxySyslogAddress}
tripleo::haproxy::haproxy_stats_user: {get_param: HAProxyStatsUser}
tripleo::haproxy::haproxy_stats_password: {get_param: HAProxyStatsPassword}
diff --git a/puppet/services/horizon.yaml b/puppet/services/horizon.yaml
index c5d96819..1ea686b9 100644
--- a/puppet/services/horizon.yaml
+++ b/puppet/services/horizon.yaml
@@ -1,4 +1,4 @@
-heat_template_version: 2016-04-08
+heat_template_version: 2016-10-14
description: >
Horizon service configured with Puppet
@@ -10,6 +10,10 @@ parameters:
via parameter_defaults in the resource registry. This
mapping overrides those in ServiceNetMapDefaults.
type: json
+ Debug:
+ default: ''
+ description: Set to True to enable debugging on all services.
+ type: string
DefaultPasswords:
default: {}
type: json
@@ -22,11 +26,20 @@ parameters:
default: '*'
description: A list of IP/Hostname allowed to connect to horizon
type: comma_delimited_list
+ HorizonSecret:
+ description: Secret key for Django
+ type: string
+ hidden: true
+ default: ''
NeutronMechanismDrivers:
default: 'openvswitch'
description: |
The mechanism drivers for the Neutron tenant network.
type: comma_delimited_list
+ MemcachedIPv6:
+ default: false
+ description: Enable IPv6 features in Memcached.
+ type: boolean
outputs:
role_data:
@@ -51,5 +64,29 @@ outputs:
add_listen: false
priority: 10
access_log_format: '%a %l %u %t \"%r\" %>s %b \"%%{}{Referer}i\" \"%%{}{User-Agent}i\"'
+ # NOTE: bind IP is found in Heat replacing the network name with the local node IP
+ # for the given network; replacement examples (eg. for internal_api):
+ # internal_api -> IP
+ # internal_api_uri -> [IP]
+ # internal_api_subnet - > IP/CIDR
+ apache::ip: {get_param: [ServiceNetMap, HorizonNetwork]}
+ apache_remote_proxy_ips_network:
+ str_replace:
+ template: "NETWORK_subnet"
+ params:
+ NETWORK: {get_param: [ServiceNetMap, HorizonNetwork]}
+ apache::mod::remoteip::proxy_ips:
+ - "%{hiera('apache_remote_proxy_ips_network')}"
+ horizon::bind_address: {get_param: [ServiceNetMap, HorizonNetwork]}
+ horizon::django_debug: {get_param: Debug}
+ horizon::keystone_url: {get_param: [EndpointMap, KeystoneInternal, uri]}
+ horizon::secret_key:
+ yaql:
+ expression: $.data.passwords.where($ != '').first()
+ data:
+ passwords:
+ - {get_param: HorizonSecret}
+ - {get_param: [DefaultPasswords, horizon_secret]}
+ memcached_ipv6: {get_param: MemcachedIPv6}
step_config: |
include ::tripleo::profile::base::horizon
diff --git a/puppet/services/keystone.yaml b/puppet/services/keystone.yaml
index c763c391..45531abc 100644
--- a/puppet/services/keystone.yaml
+++ b/puppet/services/keystone.yaml
@@ -84,81 +84,94 @@ parameters:
type: string
description: Set the number of workers for keystone::wsgi::apache
default: '"%{::processorcount}"'
+
+resources:
+
+ ApacheServiceBase:
+ type: ./apache.yaml
+ properties:
+ ServiceNetMap: {get_param: ServiceNetMap}
+ DefaultPasswords: {get_param: DefaultPasswords}
+ EndpointMap: {get_param: EndpointMap}
+
outputs:
role_data:
description: Role data for the Keystone role.
value:
service_name: keystone
config_settings:
- keystone::database_connection:
- list_join:
- - ''
- - - {get_param: [EndpointMap, MysqlInternal, protocol]}
- - '://keystone:'
- - {get_param: AdminToken}
- - '@'
- - {get_param: [EndpointMap, MysqlInternal, host]}
- - '/keystone'
- keystone::admin_token: {get_param: AdminToken}
- keystone::roles::admin::password: {get_param: AdminPassword}
- keystone_ssl_certificate: {get_param: KeystoneSSLCertificate}
- keystone_ssl_certificate_key: {get_param: KeystoneSSLCertificateKey}
- keystone::enable_proxy_headers_parsing: true
- keystone::debug: {get_param: Debug}
- keystone::db::mysql::password: {get_param: AdminToken}
- keystone::rabbit_userid: {get_param: RabbitUserName}
- keystone::rabbit_password: {get_param: RabbitPassword}
- keystone::rabbit_use_ssl: {get_param: RabbitClientUseSSL}
- keystone::rabbit_port: {get_param: RabbitClientPort}
- keystone::notification_driver: {get_param: KeystoneNotificationDriver}
- keystone::notification_format: {get_param: KeystoneNotificationFormat}
- keystone::roles::admin::email: {get_param: AdminEmail}
- keystone::roles::admin::password: {get_param: AdminPassword}
- keystone::endpoint::public_url: {get_param: [EndpointMap, KeystonePublic, uri_no_suffix]}
- keystone::endpoint::internal_url: {get_param: [EndpointMap, KeystoneInternal, uri_no_suffix]}
- keystone::endpoint::admin_url: {get_param: [EndpointMap, KeystoneAdmin, uri_no_suffix]}
- keystone::endpoint::region: {get_param: KeystoneRegion}
- keystone_enable_db_purge: {get_param: KeystoneEnableDBPurge}
- keystone::public_endpoint: {get_param: [EndpointMap, KeystonePublic, uri_no_suffix]}
- keystone::db::mysql::user: keystone
- keystone::db::mysql::host: {get_param: [EndpointMap, MysqlInternal, host_nobrackets]}
- keystone::db::mysql::dbname: keystone
- keystone::db::mysql::allowed_hosts:
- - '%'
- - "%{hiera('mysql_bind_host')}"
- keystone::rabbit_heartbeat_timeout_threshold: 60
- keystone::cron::token_flush::maxdelay: 3600
- keystone::roles::admin::service_tenant: 'service'
- keystone::roles::admin::admin_tenant: 'admin'
- keystone::cron::token_flush::destination: '/dev/null'
- keystone::config::keystone_config:
- ec2/driver:
- value: 'keystone.contrib.ec2.backends.sql.Ec2'
- keystone::service_name: 'httpd'
- keystone::wsgi::apache::ssl: false
-
- keystone::wsgi::apache::workers: {get_param: KeystoneWorkers}
- # override via extraconfig:
- keystone::wsgi::apache::threads: 1
- keystone::db::database_db_max_retries: -1
- keystone::db::database_max_retries: -1
- tripleo.keystone.firewall_rules:
- '111 keystone':
- dport:
- - 5000
- - 13000
- - 35357
- - 13357
- # NOTE: bind IP is found in Heat replacing the network name with the
- # local node IP for the given network; replacement examples
- # (eg. for internal_api):
- # internal_api -> IP
- # internal_api_uri -> [IP]
- # internal_api_subnet - > IP/CIDR
- # NOTE: this applies to all 4 bind IP settings below...
- keystone::admin_bind_host: {get_param: [ServiceNetMap, KeystoneAdminApiNetwork]}
- keystone::public_bind_host: {get_param: [ServiceNetMap, KeystonePublicApiNetwork]}
- keystone::wsgi::apache::bind_host: {get_param: [ServiceNetMap, KeystonePublicApiNetwork]}
- keystone::wsgi::apache::admin_bind_host: {get_param: [ServiceNetMap, KeystoneAdminApiNetwork]}
+ config_settings:
+ map_merge:
+ - get_attr: [ApacheServiceBase, role_data, config_settings]
+ - keystone::database_connection:
+ list_join:
+ - ''
+ - - {get_param: [EndpointMap, MysqlInternal, protocol]}
+ - '://keystone:'
+ - {get_param: AdminToken}
+ - '@'
+ - {get_param: [EndpointMap, MysqlInternal, host]}
+ - '/keystone'
+ keystone::admin_token: {get_param: AdminToken}
+ keystone::roles::admin::password: {get_param: AdminPassword}
+ keystone_ssl_certificate: {get_param: KeystoneSSLCertificate}
+ keystone_ssl_certificate_key: {get_param: KeystoneSSLCertificateKey}
+ keystone::enable_proxy_headers_parsing: true
+ keystone::debug: {get_param: Debug}
+ keystone::db::mysql::password: {get_param: AdminToken}
+ keystone::rabbit_userid: {get_param: RabbitUserName}
+ keystone::rabbit_password: {get_param: RabbitPassword}
+ keystone::rabbit_use_ssl: {get_param: RabbitClientUseSSL}
+ keystone::rabbit_port: {get_param: RabbitClientPort}
+ keystone::notification_driver: {get_param: KeystoneNotificationDriver}
+ keystone::notification_format: {get_param: KeystoneNotificationFormat}
+ keystone::roles::admin::email: {get_param: AdminEmail}
+ keystone::roles::admin::password: {get_param: AdminPassword}
+ keystone::endpoint::public_url: {get_param: [EndpointMap, KeystonePublic, uri_no_suffix]}
+ keystone::endpoint::internal_url: {get_param: [EndpointMap, KeystoneInternal, uri_no_suffix]}
+ keystone::endpoint::admin_url: {get_param: [EndpointMap, KeystoneAdmin, uri_no_suffix]}
+ keystone::endpoint::region: {get_param: KeystoneRegion}
+ keystone_enable_db_purge: {get_param: KeystoneEnableDBPurge}
+ keystone::public_endpoint: {get_param: [EndpointMap, KeystonePublic, uri_no_suffix]}
+ keystone::db::mysql::user: keystone
+ keystone::db::mysql::host: {get_param: [EndpointMap, MysqlInternal, host_nobrackets]}
+ keystone::db::mysql::dbname: keystone
+ keystone::db::mysql::allowed_hosts:
+ - '%'
+ - "%{hiera('mysql_bind_host')}"
+ keystone::rabbit_heartbeat_timeout_threshold: 60
+ keystone::cron::token_flush::maxdelay: 3600
+ keystone::roles::admin::service_tenant: 'service'
+ keystone::roles::admin::admin_tenant: 'admin'
+ keystone::cron::token_flush::destination: '/dev/null'
+ keystone::config::keystone_config:
+ ec2/driver:
+ value: 'keystone.contrib.ec2.backends.sql.Ec2'
+ keystone::service_name: 'httpd'
+ keystone::wsgi::apache::ssl: false
+
+ keystone::wsgi::apache::workers: {get_param: KeystoneWorkers}
+ # override via extraconfig:
+ keystone::wsgi::apache::threads: 1
+ keystone::db::database_db_max_retries: -1
+ keystone::db::database_max_retries: -1
+ tripleo.keystone.firewall_rules:
+ '111 keystone':
+ dport:
+ - 5000
+ - 13000
+ - 35357
+ - 13357
+ # NOTE: bind IP is found in Heat replacing the network name with the
+ # local node IP for the given network; replacement examples
+ # (eg. for internal_api):
+ # internal_api -> IP
+ # internal_api_uri -> [IP]
+ # internal_api_subnet - > IP/CIDR
+ # NOTE: this applies to all 4 bind IP settings below...
+ keystone::admin_bind_host: {get_param: [ServiceNetMap, KeystoneAdminApiNetwork]}
+ keystone::public_bind_host: {get_param: [ServiceNetMap, KeystonePublicApiNetwork]}
+ keystone::wsgi::apache::bind_host: {get_param: [ServiceNetMap, KeystonePublicApiNetwork]}
+ keystone::wsgi::apache::admin_bind_host: {get_param: [ServiceNetMap, KeystoneAdminApiNetwork]}
step_config: |
include ::tripleo::profile::base::keystone
diff --git a/puppet/services/neutron-api.yaml b/puppet/services/neutron-api.yaml
index 35ac32db..cd8a20a1 100644
--- a/puppet/services/neutron-api.yaml
+++ b/puppet/services/neutron-api.yaml
@@ -111,5 +111,11 @@ outputs:
'106 vrrp':
proto: vrrp
neutron::server::router_distributed: {get_param: NeutronEnableDVR}
+ # NOTE: bind IP is found in Heat replacing the network name with the local node IP
+ # for the given network; replacement examples (eg. for internal_api):
+ # internal_api -> IP
+ # internal_api_uri -> [IP]
+ # internal_api_subnet - > IP/CIDR
+ neutron::bind_host: {get_param: [ServiceNetMap, NeutronApiNetwork]}
step_config: |
include tripleo::profile::base::neutron::server
diff --git a/puppet/services/neutron-metadata.yaml b/puppet/services/neutron-metadata.yaml
index b9ec277a..6bb931b1 100644
--- a/puppet/services/neutron-metadata.yaml
+++ b/puppet/services/neutron-metadata.yaml
@@ -53,5 +53,11 @@ outputs:
neutron::agents::metadata::auth_password: {get_param: NeutronPassword}
neutron::agents::metadata::auth_url: { get_param: [EndpointMap, KeystoneAdmin, uri_no_suffix] }
neutron::agents::metadata::auth_tenant: 'service'
+ # NOTE: bind IP is found in Heat replacing the network name with the local node IP
+ # for the given network; replacement examples (eg. for internal_api):
+ # internal_api -> IP
+ # internal_api_uri -> [IP]
+ # internal_api_subnet - > IP/CIDR
+ neutron::agents::metadata::metadata_ip: {get_param: [ServiceNetMap, NeutronApiNetwork]}
step_config: |
include tripleo::profile::base::neutron::metadata
diff --git a/puppet/services/nova-api.yaml b/puppet/services/nova-api.yaml
index c2bd395e..b5c3815e 100644
--- a/puppet/services/nova-api.yaml
+++ b/puppet/services/nova-api.yaml
@@ -30,6 +30,19 @@ parameters:
type: string
default: 'regionOne'
description: Keystone region for endpoint
+ NeutronMetadataProxySharedSecret:
+ description: Shared secret to prevent spoofing
+ type: string
+ hidden: true
+ InstanceNameTemplate:
+ default: 'instance-%08x'
+ description: Template string to be used to generate instance names
+ type: string
+ NovaEnableDBPurge:
+ default: true
+ description: |
+ Whether to create cron job for purging soft deleted rows in Nova database.
+ type: boolean
resources:
NovaBase:
@@ -75,5 +88,16 @@ outputs:
nova::keystone::auth::admin_url: {get_param: [EndpointMap, NovaAdmin, uri]}
nova::keystone::auth::password: {get_param: NovaPassword}
nova::keystone::auth::region: {get_param: KeystoneRegion}
+ # NOTE: bind IP is found in Heat replacing the network name with the local node IP
+ # for the given network; replacement examples (eg. for internal_api):
+ # internal_api -> IP
+ # internal_api_uri -> [IP]
+ # internal_api_subnet - > IP/CIDR
+ nova::api::api_bind_address: {get_param: [ServiceNetMap, NovaApiNetwork]}
+ nova::api::metadata_listen: {get_param: [ServiceNetMap, NovaMetadataNetwork]}
+ nova::api::neutron_metadata_proxy_shared_secret: {get_param: NeutronMetadataProxySharedSecret}
+ nova::api::instance_name_template: {get_param: InstanceNameTemplate}
+ nova_enable_db_purge: {get_param: NovaEnableDBPurge}
+
step_config: |
include tripleo::profile::base::nova::api
diff --git a/puppet/services/nova-base.yaml b/puppet/services/nova-base.yaml
index 471ece34..24a63bb4 100644
--- a/puppet/services/nova-base.yaml
+++ b/puppet/services/nova-base.yaml
@@ -95,14 +95,14 @@ outputs:
- '@'
- {get_param: [EndpointMap, MysqlInternal, host]}
- '/nova_api'
- nova::db::mysql::password: {get_input: nova_password}
+ nova::db::mysql::password: {get_param: NovaPassword}
nova::db::mysql::user: nova
nova::db::mysql::host: {get_param: [EndpointMap, MysqlInternal, host_nobrackets]}
nova::db::mysql::dbname: nova
nova::db::mysql::allowed_hosts:
- '%'
- "%{hiera('mysql_bind_host')}"
- nova::db::mysql_api::password: {get_input: nova_password}
+ nova::db::mysql_api::password: {get_param: NovaPassword}
nova::db::mysql_api::user: nova_api
nova::db::mysql_api::host: {get_param: [EndpointMap, MysqlInternal, host_nobrackets]}
nova::db::mysql_api::dbname: nova_api
diff --git a/puppet/services/nova-compute.yaml b/puppet/services/nova-compute.yaml
index 13ec03ea..e8849a06 100644
--- a/puppet/services/nova-compute.yaml
+++ b/puppet/services/nova-compute.yaml
@@ -40,6 +40,19 @@ parameters:
default: ''
description: Libvirt VIF driver configuration for the network
type: string
+ NovaPCIPassthrough:
+ description: >
+ List of PCI Passthrough whitelist parameters.
+ Example -
+ NovaPCIPassthrough:
+ - vendor_id: "8086"
+ product_id: "154c"
+ address: "0000:05:00.0"
+ physical_network: "datacentre"
+ For different formats, refer to the nova.conf documentation for
+ pci_passthrough_whitelist configuration
+ type: json
+ default: ''
NovaVcpuPinSet:
description: >
A list or range of physical CPU cores to reserve for virtual machine
@@ -47,6 +60,14 @@ parameters:
Ex. NovaVcpuPinSet: ['4-12','^8'] will reserve cores from 4-12 excluding 8
type: comma_delimited_list
default: []
+ NovaReservedHostMemory:
+ description: >
+ Reserved RAM for host processes.
+ type: number
+ default: 2048
+ constraints:
+ - range: { min: 512 }
+
resources:
NovaBase:
type: ./nova-base.yaml
@@ -64,7 +85,13 @@ outputs:
map_merge:
- get_attr: [NovaBase, role_data, config_settings]
- nova::compute::libvirt::manage_libvirt_services: false
+ nova::compute::pci_passthrough:
+ str_replace:
+ template: "'JSON_PARAM'"
+ params:
+ JSON_PARAM: {get_param: NovaPCIPassthrough}
nova::compute::vcpu_pin_set: {get_param: NovaVcpuPinSet}
+ nova::compute::reserved_host_memory: {get_param: NovaReservedHostMemory}
# we manage migration in nova common puppet profile
nova::compute::libvirt::migration_support: false
tripleo::profile::base::nova::manage_migration: true
@@ -89,11 +116,6 @@ outputs:
# encryption work will obsolete the need to use TUNNELLED transport
# mode.
nova::migration::live_migration_tunnelled: {get_param: NovaEnableRbdBackend}
- # Changing the default from 512MB. The current templates can not deploy
- # overclouds with swap. On an idle compute node, we see ~1024MB of RAM
- # used. 2048 is suggested to account for other possible operations for
- # example openvswitch.
- nova::compute::reserved_host_memory: 2048
nova::compute::neutron::libvirt_vif_driver: {get_param: NovaComputeLibvirtVifDriver}
# NOTE: bind IP is found in Heat replacing the network name with the
# local node IP for the given network; replacement examples
diff --git a/puppet/services/nova-vncproxy.yaml b/puppet/services/nova-vncproxy.yaml
index 0a1785d8..7444d7d8 100644
--- a/puppet/services/nova-vncproxy.yaml
+++ b/puppet/services/nova-vncproxy.yaml
@@ -46,5 +46,11 @@ outputs:
'[': ''
']': ''
nova::vncproxy::common::vncproxy_port: {get_param: [EndpointMap, NovaVNCProxyPublic, port]}
+ # NOTE: bind IP is found in Heat replacing the network name with the local node IP
+ # for the given network; replacement examples (eg. for internal_api):
+ # internal_api -> IP
+ # internal_api_uri -> [IP]
+ # internal_api_subnet - > IP/CIDR
+ nova::vncproxy::host: {get_param: [ServiceNetMap, NovaApiNetwork]}
step_config: |
include tripleo::profile::base::nova::vncproxy
diff --git a/puppet/services/opendaylight.yaml b/puppet/services/opendaylight-api.yaml
index c8da7014..64dd7663 100644
--- a/puppet/services/opendaylight.yaml
+++ b/puppet/services/opendaylight-api.yaml
@@ -63,7 +63,7 @@ outputs:
role_data:
description: Role data for the OpenDaylight service.
value:
- service_name: opendaylight
+ service_name: opendaylight_api
config_settings:
opendaylight::odl_rest_port: {get_param: OpenDaylightPort}
odl_on_controller: {get_param: EnableOpenDaylightOnController}