diff options
Diffstat (limited to 'puppet')
| -rw-r--r-- | puppet/ceph-storage-puppet.yaml | 20 | ||||
| -rw-r--r-- | puppet/cinder-storage-puppet.yaml | 49 | ||||
| -rw-r--r-- | puppet/compute-puppet.yaml | 50 | ||||
| -rw-r--r-- | puppet/controller-puppet.yaml | 32 | ||||
| -rw-r--r-- | puppet/extraconfig/pre_deploy/controller/cinder-netapp.yaml | 6 | ||||
| -rw-r--r-- | puppet/hieradata/ceph.yaml | 4 | ||||
| -rw-r--r-- | puppet/hieradata/common.yaml | 1 | ||||
| -rw-r--r-- | puppet/hieradata/compute.yaml | 6 | ||||
| -rw-r--r-- | puppet/hieradata/controller.yaml | 5 | ||||
| -rw-r--r-- | puppet/hieradata/volume.yaml | 6 | ||||
| -rw-r--r-- | puppet/manifests/overcloud_cephstorage.pp | 27 | ||||
| -rw-r--r-- | puppet/manifests/overcloud_compute.pp | 23 | ||||
| -rw-r--r-- | puppet/manifests/overcloud_controller.pp | 75 | ||||
| -rw-r--r-- | puppet/manifests/overcloud_controller_pacemaker.pp | 99 | ||||
| -rw-r--r-- | puppet/manifests/overcloud_object.pp | 11 | ||||
| -rw-r--r-- | puppet/manifests/overcloud_volume.pp | 12 | ||||
| -rw-r--r-- | puppet/manifests/ringbuilder.pp | 11 | ||||
| -rw-r--r-- | puppet/swift-storage-puppet.yaml | 20 |
18 files changed, 290 insertions, 167 deletions
diff --git a/puppet/ceph-storage-puppet.yaml b/puppet/ceph-storage-puppet.yaml index 2d089419..fcf4259f 100644 --- a/puppet/ceph-storage-puppet.yaml +++ b/puppet/ceph-storage-puppet.yaml @@ -42,6 +42,18 @@ parameters: Hostname: type: string default: '' # Defaults to Heat created hostname + ExtraConfig: + default: {} + description: | + Additional hiera configuration to inject into the cluster. Note + that CephStorageExtraConfig takes precedence over ExtraConfig. + type: json + CephStorageExtraConfig: + default: {} + description: | + Role specific additional hiera configuration to inject into the cluster. + type: json + resources: CephStorage: @@ -118,6 +130,8 @@ resources: hiera: hierarchy: - heat_config_%{::deploy_config_name} + - ceph_extraconfig + - extraconfig - ceph_cluster # provided by CephClusterConfig - ceph - '"%{::osfamily}"' @@ -125,11 +139,15 @@ resources: datafiles: common: raw_data: {get_file: hieradata/common.yaml} + ceph_extraconfig: + mapped_data: {get_param: CephStorageExtraConfig} + extraconfig: + mapped_data: {get_param: ExtraConfig} ceph: raw_data: {get_file: hieradata/ceph.yaml} mapped_data: ntp::servers: {get_input: ntp_servers} - enable_package_install: {get_input: enable_package_install} + tripleo::packages::enable_install: {get_input: enable_package_install} ceph::profile::params::cluster_network: {get_input: ceph_cluster_network} ceph::profile::params::public_network: {get_input: ceph_public_network} diff --git a/puppet/cinder-storage-puppet.yaml b/puppet/cinder-storage-puppet.yaml index 94a0a5c4..091d1f1b 100644 --- a/puppet/cinder-storage-puppet.yaml +++ b/puppet/cinder-storage-puppet.yaml @@ -31,40 +31,13 @@ parameters: ExtraConfig: default: {} description: | - Additional configuration to inject into the cluster. The JSON should have - the following structure: - {"FILEKEY": - {"config": - [{"section": "SECTIONNAME", - "values": - [{"option": "OPTIONNAME", - "value": "VALUENAME" - } - ] - } - ] - } - } - For instance: - {"nova": - {"config": - [{"section": "default", - "values": - [{"option": "force_config_drive", - "value": "always" - } - ] - }, - {"section": "cells", - "values": - [{"option": "driver", - "value": "nova.cells.rpc_driver.CellsRPCDriver" - } - ] - } - ] - } - } + Additional hiera configuration to inject into the cluster. Note + that BlockStorageExtraConfig takes precedence over ExtraConfig. + type: json + BlockStorageExtraConfig: + default: {} + description: | + Role specific additional hiera configuration to inject into the cluster. type: json Flavor: description: Flavor for block storage nodes to request when deploying. @@ -235,6 +208,8 @@ resources: hiera: hierarchy: - heat_config_%{::deploy_config_name} + - volume_extraconfig + - extraconfig - volume - all_nodes # provided by allNodesConfig - '"%{::osfamily}"' @@ -242,6 +217,10 @@ resources: datafiles: common: raw_data: {get_file: hieradata/common.yaml} + volume_extraconfig: + mapped_data: {get_param: BlockStorageExtraConfig} + extraconfig: + mapped_data: {get_param: ExtraConfig} volume: raw_data: {get_file: hieradata/volume.yaml} mapped_data: @@ -258,7 +237,7 @@ resources: cinder_iscsi_ip_address: {get_input: cinder_iscsi_ip_address} cinder::glance::glance_api_servers: {get_input: glance_api_servers} ntp::servers: {get_input: ntp_servers} - enable_package_install: {get_input: enable_package_install} + tripleo::packages::enable_install: {get_input: enable_package_install} snmpd_readonly_user_name: {get_input: snmpd_readonly_user_name} snmpd_readonly_user_password: {get_input: snmpd_readonly_user_password} diff --git a/puppet/compute-puppet.yaml b/puppet/compute-puppet.yaml index 02756925..e85a96aa 100644 --- a/puppet/compute-puppet.yaml +++ b/puppet/compute-puppet.yaml @@ -25,6 +25,10 @@ parameters: description: The password for the ceilometer service account. type: string hidden: true + CinderEnableNfsBackend: + default: false + description: Whether to enable or not the NFS backend for Cinder + type: boolean Debug: default: '' description: Set to True to enable debugging on all services. @@ -32,40 +36,8 @@ parameters: ExtraConfig: default: {} description: | - Additional configuration to inject into the cluster. The JSON should have - the following structure: - {"FILEKEY": - {"config": - [{"section": "SECTIONNAME", - "values": - [{"option": "OPTIONNAME", - "value": "VALUENAME" - } - ] - } - ] - } - } - For instance: - {"nova": - {"config": - [{"section": "default", - "values": - [{"option": "force_config_drive", - "value": "always" - } - ] - }, - {"section": "cells", - "values": - [{"option": "driver", - "value": "nova.cells.rpc_driver.CellsRPCDriver" - } - ] - } - ] - } - } + Additional hiera configuration to inject into the cluster. Note + that NovaComputeExtraConfig takes precedence over ExtraConfig. type: json Flavor: description: Flavor for the nova compute node @@ -340,6 +312,8 @@ resources: hiera: hierarchy: - heat_config_%{::deploy_config_name} + - compute_extraconfig + - extraconfig - compute - ceph_cluster # provided by CephClusterConfig - ceph @@ -347,6 +321,10 @@ resources: - '"%{::osfamily}"' - common datafiles: + compute_extraconfig: + mapped_data: {get_param: NovaComputeExtraConfig} + extraconfig: + mapped_data: {get_param: ExtraConfig} common: raw_data: {get_file: hieradata/common.yaml} ceph: @@ -354,6 +332,7 @@ resources: compute: raw_data: {get_file: hieradata/compute.yaml} mapped_data: + cinder_enable_nfs_backend: {get_input: cinder_enable_nfs_backend} nova::debug: {get_input: debug} nova::rabbit_userid: {get_input: rabbit_username} nova::rabbit_password: {get_input: rabbit_password} @@ -406,7 +385,7 @@ resources: neutron_public_interface_raw_device: {get_input: neutron_public_interface_raw_device} admin_password: {get_input: admin_password} ntp::servers: {get_input: ntp_servers} - enable_package_install: {get_input: enable_package_install} + tripleo::packages::enable_install: {get_input: enable_package_install} NovaComputeDeployment: type: OS::TripleO::SoftwareDeployment @@ -415,6 +394,7 @@ resources: config: {get_resource: NovaComputeConfig} server: {get_resource: NovaCompute} input_values: + cinder_enable_nfs_backend: {get_param: CinderEnableNfsBackend} debug: {get_param: Debug} nova_compute_driver: {get_param: NovaComputeDriver} nova_compute_libvirt_type: {get_param: NovaComputeLibvirtType} diff --git a/puppet/controller-puppet.yaml b/puppet/controller-puppet.yaml index bd8823ad..89b35c31 100644 --- a/puppet/controller-puppet.yaml +++ b/puppet/controller-puppet.yaml @@ -28,6 +28,10 @@ parameters: description: The password for the ceilometer service and db account. type: string hidden: true + CinderEnableNfsBackend: + default: false + description: Whether to enable or not the NFS backend for Cinder + type: boolean CinderEnableIscsiBackend: default: true description: Whether to enable or not the Iscsi backend for Cinder @@ -44,6 +48,18 @@ parameters: default: 5000 description: The size of the loopback file used by the cinder LVM driver. type: number + CinderNfsMountOptions: + default: '' + description: > + Mount options for NFS mounts used by Cinder NFS backend. Effective + when CinderEnableNfsBackend is true. + type: string + CinderNfsServers: + default: '' + description: > + NFS servers used by Cinder NFS backend. Effective when + CinderEnableNfsBackend is true. + type: comma_delimited_list CinderPassword: default: unset description: The password for the cinder service and db account, used by cinder-api. @@ -602,7 +618,17 @@ resources: admin_token: {get_param: AdminToken} neutron_public_interface_ip: {get_param: NeutronPublicInterfaceIP} debug: {get_param: Debug} + cinder_enable_nfs_backend: {get_param: CinderEnableNfsBackend} cinder_enable_rbd_backend: {get_param: CinderEnableRbdBackend} + cinder_nfs_mount_options: {get_param: CinderNfsMountOptions} + cinder_nfs_servers: + str_replace: + template: "['SERVERS']" + params: + SERVERS: + list_join: + - "','" + - {get_param: CinderNfsServers} cinder_lvm_loop_device_size: {get_param: CinderLVMLoopDeviceSize} cinder_password: {get_param: CinderPassword} cinder_enable_iscsi_backend: {get_param: CinderEnableIscsiBackend} @@ -890,7 +916,10 @@ resources: tripleo::ringbuilder::build_ring: True # Cinder + cinder_enable_nfs_backend: {get_input: cinder_enable_nfs_backend} cinder_enable_rbd_backend: {get_input: cinder_enable_rbd_backend} + cinder_nfs_mount_options: {get_input: cinder_nfs_mount_options} + cinder_nfs_servers: {get_input: cinder_nfs_servers} cinder_lvm_loop_device_size: {get_input: cinder_lvm_loop_device_size} cinder_iscsi_helper: {get_input: cinder_iscsi_helper} cinder_iscsi_ip_address: {get_input: cinder_iscsi_network} @@ -949,7 +978,6 @@ resources: heat::api_cloudwatch::bind_host: {get_input: heat_api_network} heat::api_cfn::bind_host: {get_input: heat_api_network} heat::database_connection: {get_input: heat_dsn} - heat::instance_user: heat-admin heat::debug: {get_input: debug} # Keystone @@ -1074,7 +1102,7 @@ resources: public_virtual_interface: {get_input: public_virtual_interface} tripleo::loadbalancer::control_virtual_interface: {get_input: control_virtual_interface} tripleo::loadbalancer::public_virtual_interface: {get_input: public_virtual_interface} - enable_package_install: {get_input: enable_package_install} + tripleo::packages::enable_install: {get_input: enable_package_install} # Hook for site-specific additional pre-deployment config, e.g extra hieradata ControllerExtraConfigPre: diff --git a/puppet/extraconfig/pre_deploy/controller/cinder-netapp.yaml b/puppet/extraconfig/pre_deploy/controller/cinder-netapp.yaml index 1d982dff..18295a2f 100644 --- a/puppet/extraconfig/pre_deploy/controller/cinder-netapp.yaml +++ b/puppet/extraconfig/pre_deploy/controller/cinder-netapp.yaml @@ -9,8 +9,8 @@ parameters: # Config specific parameters, to be provided via parameter_defaults CinderEnableNetappBackend: - type: string - default: false + type: boolean + default: true CinderNetappBackendName: type: string default: 'tripleo_netapp' @@ -89,7 +89,7 @@ resources: cinder::backend::netapp::title: {get_input: NetappBackendName} cinder::backend::netapp::netapp_login: {get_input: NetappLogin} cinder::backend::netapp::netapp_password: {get_input: NetappPassword} - cinder::backend::netapp::netapp_hostname: {get_input: NetappServerHostname} + cinder::backend::netapp::netapp_server_hostname: {get_input: NetappServerHostname} cinder::backend::netapp::netapp_server_port: {get_input: NetappServerPort} cinder::backend::netapp::netapp_size_multiplier: {get_input: NetappSizeMultiplier} cinder::backend::netapp::netapp_storage_family: {get_input: NetappStorageFamily} diff --git a/puppet/hieradata/ceph.yaml b/puppet/hieradata/ceph.yaml index 6eb0e671..18a48622 100644 --- a/puppet/hieradata/ceph.yaml +++ b/puppet/hieradata/ceph.yaml @@ -12,4 +12,6 @@ ceph_pools: - vms - images -ceph_classes: []
\ No newline at end of file +ceph_classes: [] + +ceph_osd_selinux_permissive: true diff --git a/puppet/hieradata/common.yaml b/puppet/hieradata/common.yaml index 9d152570..ab88a69a 100644 --- a/puppet/hieradata/common.yaml +++ b/puppet/hieradata/common.yaml @@ -13,6 +13,7 @@ nova::network::neutron::vif_plugging_is_fatal: false nova::network::neutron::vif_plugging_timeout: 30 nova::network::neutron::dhcp_domain: '' +neutron::allow_overlapping_ips: true neutron::plugins::ml2::type_drivers: - flat - gre diff --git a/puppet/hieradata/compute.yaml b/puppet/hieradata/compute.yaml index 63a3473d..bb49bb90 100644 --- a/puppet/hieradata/compute.yaml +++ b/puppet/hieradata/compute.yaml @@ -15,6 +15,12 @@ nova::compute::rbd::rbd_keyring: 'client.openstack' nova::compute::rbd::libvirt_images_rbd_pool: 'vms' nova::compute::rbd::libvirt_rbd_secret_uuid: "%{hiera('ceph::profile::params::fsid')}" +nova::config::nova_config: + cinder/catalog_info: + value: 'volumev2:cinderv2:internalURL' + DEFAULT/default_floating_pool: + value: 'public' + ceilometer::agent::auth::auth_tenant_name: 'service' compute_classes: []
\ No newline at end of file diff --git a/puppet/hieradata/controller.yaml b/puppet/hieradata/controller.yaml index 3cc64971..25719709 100644 --- a/puppet/hieradata/controller.yaml +++ b/puppet/hieradata/controller.yaml @@ -73,12 +73,17 @@ neutron::agents::dhcp::dnsmasq_config_file: /etc/neutron/dnsmasq-neutron.conf nova::notify_on_state_change: 'vm_and_task_state' nova::api::osapi_v3: true +nova::config::nova_config: + DEFAULT/default_floating_pool: + value: 'public' + # cinder cinder::scheduler::scheduler_driver: cinder.scheduler.filter_scheduler.FilterScheduler # heat heat::engine::configure_delegated_roles: false heat::engine::trusts_delegated_roles: [] +heat::instance_user: '' # pacemaker pacemaker::corosync::cluster_name: 'tripleo_cluster' diff --git a/puppet/hieradata/volume.yaml b/puppet/hieradata/volume.yaml index 9f3907ef..f4cd78a9 100644 --- a/puppet/hieradata/volume.yaml +++ b/puppet/hieradata/volume.yaml @@ -3,4 +3,10 @@ # cinder cinder::scheduler::scheduler_driver: cinder.scheduler.filter_scheduler.FilterScheduler +cinder::config::cinder_config: + DEFAULT/nova_catalog_info: + value: 'compute:Compute Service:internalURL' + DEFAULT/swift_catalog_info: + value: 'object-store:swift:internalURL' + volume_classes: []
\ No newline at end of file diff --git a/puppet/manifests/overcloud_cephstorage.pp b/puppet/manifests/overcloud_cephstorage.pp index 21fd5f98..6c5dda42 100644 --- a/puppet/manifests/overcloud_cephstorage.pp +++ b/puppet/manifests/overcloud_cephstorage.pp @@ -13,16 +13,7 @@ # License for the specific language governing permissions and limitations # under the License. -if !str2bool(hiera('enable_package_install', 'false')) { - case $::osfamily { - 'RedHat': { - Package { provider => 'norpm' } # provided by tripleo-puppet - } - default: { - warning('enable_package_install option not supported.') - } - } -} +include tripleo::packages create_resources(sysctl::value, hiera('sysctl_settings'), {}) @@ -30,7 +21,21 @@ if count(hiera('ntp::servers')) > 0 { include ::ntp } +if str2bool(hiera('ceph_osd_selinux_permissive', true)) { + exec { 'set selinux to permissive on boot': + command => "sed -ie 's/^SELINUX=.*/SELINUX=permissive/' /etc/selinux/config", + onlyif => "test -f /etc/selinux/config && ! grep '^SELINUX=permissive' /etc/selinux/config", + path => ["/usr/bin", "/usr/sbin"], + } + + exec { 'set selinux to permissive': + command => "setenforce 0", + onlyif => "which setenforce && getenforce | grep -i 'enforcing'", + path => ["/usr/bin", "/usr/sbin"], + } -> Class['ceph::profile::osd'] +} + include ::ceph::profile::client include ::ceph::profile::osd -hiera_include('ceph_classes')
\ No newline at end of file +hiera_include('ceph_classes') diff --git a/puppet/manifests/overcloud_compute.pp b/puppet/manifests/overcloud_compute.pp index 67a73dda..e6fa9471 100644 --- a/puppet/manifests/overcloud_compute.pp +++ b/puppet/manifests/overcloud_compute.pp @@ -13,16 +13,7 @@ # License for the specific language governing permissions and limitations # under the License. -if !str2bool(hiera('enable_package_install', 'false')) { - case $::osfamily { - 'RedHat': { - Package { provider => 'norpm' } # provided by tripleo-puppet - } - default: { - warning('enable_package_install option not supported.') - } - } -} +include tripleo::packages create_resources(sysctl::value, hiera('sysctl_settings'), {}) @@ -44,6 +35,7 @@ exec { 'libvirt-default-net-destroy': } include ::nova +include ::nova::config include ::nova::compute nova_config { @@ -61,6 +53,17 @@ if $nova_enable_rbd_backend { } } +if hiera('cinder_enable_nfs_backend', false) { + if ($::selinux != "false") { + selboolean { 'virt_use_nfs': + value => on, + persistent => true, + } -> Package['nfs-utils'] + } + + package {'nfs-utils': } -> Service['nova-compute'] +} + include ::nova::compute::libvirt include ::nova::network::neutron include ::neutron diff --git a/puppet/manifests/overcloud_controller.pp b/puppet/manifests/overcloud_controller.pp index f17dc831..09edef50 100644 --- a/puppet/manifests/overcloud_controller.pp +++ b/puppet/manifests/overcloud_controller.pp @@ -13,16 +13,7 @@ # License for the specific language governing permissions and limitations # under the License. -if !str2bool(hiera('enable_package_install', 'false')) { - case $::osfamily { - 'RedHat': { - Package { provider => 'norpm' } # provided by tripleo-puppet - } - default: { - warning('enable_package_install option not supported.') - } - } -} +include tripleo::packages if hiera('step') >= 1 { @@ -193,6 +184,20 @@ if hiera('step') >= 2 { } if str2bool(hiera('enable_ceph_storage', 'false')) { + if str2bool(hiera('ceph_osd_selinux_permissive', true)) { + exec { 'set selinux to permissive on boot': + command => "sed -ie 's/^SELINUX=.*/SELINUX=permissive/' /etc/selinux/config", + onlyif => "test -f /etc/selinux/config && ! grep '^SELINUX=permissive' /etc/selinux/config", + path => ["/usr/bin", "/usr/sbin"], + } + + exec { 'set selinux to permissive': + command => "setenforce 0", + onlyif => "which setenforce && getenforce | grep -i 'enforcing'", + path => ["/usr/bin", "/usr/sbin"], + } -> Class['ceph::profile::osd'] + } + include ::ceph::profile::client include ::ceph::profile::osd } @@ -253,7 +258,10 @@ if hiera('step') >= 3 { include ::glance::registry include join(['::glance::backend::', $glance_backend]) - include ::nova + class { '::nova' : + memcached_servers => suffix(hiera('memcache_node_ips'), ':11211'), + } + include ::nova::config include ::nova::api include ::nova::cert include ::nova::conductor @@ -343,16 +351,53 @@ if hiera('step') >= 3 { "${cinder_netapp_backend}/host": value => 'hostgroup'; } - if hiera('cinder_netapp_nfs_shares', undef) { - $cinder_netapp_nfs_shares = split(hiera('cinder_netapp_nfs_shares', undef), ',') + if hiera('cinder::backend::netapp::nfs_shares', undef) { + $cinder_netapp_nfs_shares = split(hiera('cinder::backend::netapp::nfs_shares', undef), ',') } cinder::backend::netapp { $cinder_netapp_backend : - nfs_shares => $cinder_netapp_nfs_shares, + netapp_login => hiera('cinder::backend::netapp::netapp_login', undef), + netapp_password => hiera('cinder::backend::netapp::netapp_password', undef), + netapp_server_hostname => hiera('cinder::backend::netapp::netapp_server_hostname', undef), + netapp_server_port => hiera('cinder::backend::netapp::netapp_server_port', undef), + netapp_size_multiplier => hiera('cinder::backend::netapp::netapp_size_multiplier', undef), + netapp_storage_family => hiera('cinder::backend::netapp::netapp_storage_family', undef), + netapp_storage_protocol => hiera('cinder::backend::netapp::netapp_storage_protocol', undef), + netapp_transport_type => hiera('cinder::backend::netapp::netapp_transport_type', undef), + netapp_vfiler => hiera('cinder::backend::netapp::netapp_vfiler', undef), + netapp_volume_list => hiera('cinder::backend::netapp::netapp_volume_list', undef), + netapp_vserver => hiera('cinder::backend::netapp::netapp_vserver', undef), + netapp_partner_backend_name => hiera('cinder::backend::netapp::netapp_partner_backend_name', undef), + nfs_shares => $cinder_netapp_nfs_shares, + nfs_shares_config => hiera('cinder::backend::netapp::nfs_shares_config', undef), + netapp_copyoffload_tool_path => hiera('cinder::backend::netapp::netapp_copyoffload_tool_path', undef), + netapp_controller_ips => hiera('cinder::backend::netapp::netapp_controller_ips', undef), + netapp_sa_password => hiera('cinder::backend::netapp::netapp_sa_password', undef), + netapp_storage_pools => hiera('cinder::backend::netapp::netapp_storage_pools', undef), + netapp_eseries_host_type => hiera('cinder::backend::netapp::netapp_eseries_host_type', undef), + netapp_webservice_path => hiera('cinder::backend::netapp::netapp_webservice_path', undef), + } + } + + if hiera('cinder_enable_nfs_backend', false) { + $cinder_nfs_backend = 'tripleo_nfs' + + if ($::selinux != "false") { + selboolean { 'virt_use_nfs': + value => on, + persistent => true, + } -> Package['nfs-utils'] + } + + package {'nfs-utils': } -> + cinder::backend::nfs { $cinder_nfs_backend : + nfs_servers => hiera('cinder_nfs_servers'), + nfs_mount_options => hiera('cinder_nfs_mount_options'), + nfs_shares_config => '/etc/cinder/shares-nfs.conf', } } - $cinder_enabled_backends = delete_undef_values([$cinder_iscsi_backend, $cinder_rbd_backend, $cinder_netapp_backend]) + $cinder_enabled_backends = delete_undef_values([$cinder_iscsi_backend, $cinder_rbd_backend, $cinder_netapp_backend, $cinder_nfs_backend]) class { '::cinder::backends' : enabled_backends => $cinder_enabled_backends, } diff --git a/puppet/manifests/overcloud_controller_pacemaker.pp b/puppet/manifests/overcloud_controller_pacemaker.pp index e739ca03..a3eb6e5d 100644 --- a/puppet/manifests/overcloud_controller_pacemaker.pp +++ b/puppet/manifests/overcloud_controller_pacemaker.pp @@ -18,16 +18,7 @@ Pcmk_resource <| |> { try_sleep => 3, } -if !str2bool(hiera('enable_package_install', 'false')) { - case $::osfamily { - 'RedHat': { - Package { provider => 'norpm' } # provided by tripleo-puppet - } - default: { - warning('enable_package_install option not supported.') - } - } -} +include tripleo::packages if $::hostname == downcase(hiera('bootstrap_nodeid')) { $pacemaker_master = true @@ -83,6 +74,13 @@ if hiera('step') >= 1 { Class['tripleo::fencing'] -> Class['pacemaker::stonith'] } + # FIXME(gfidente): sets 90secs as default start timeout op + # param; until we can use pcmk global defaults we'll still + # need to add it to every resource which redefines op params + Pacemaker::Resource::Service { + op_params => 'start timeout=90s', + } + # Only configure RabbitMQ in this step, don't start it yet to # avoid races where non-master nodes attempt to start without # config (eg. binding on 0.0.0.0) @@ -494,6 +492,20 @@ MYSQL_HOST=localhost\n", } if str2bool(hiera('enable_ceph_storage', 'false')) { + if str2bool(hiera('ceph_osd_selinux_permissive', true)) { + exec { 'set selinux to permissive on boot': + command => "sed -ie 's/^SELINUX=.*/SELINUX=permissive/' /etc/selinux/config", + onlyif => "test -f /etc/selinux/config && ! grep '^SELINUX=permissive' /etc/selinux/config", + path => ["/usr/bin", "/usr/sbin"], + } + + exec { 'set selinux to permissive': + command => "setenforce 0", + onlyif => "which setenforce && getenforce | grep -i 'enforcing'", + path => ["/usr/bin", "/usr/sbin"], + } -> Class['ceph::profile::osd'] + } + include ::ceph::profile::client include ::ceph::profile::osd } @@ -565,7 +577,11 @@ if hiera('step') >= 3 { } include join(['::glance::backend::', $glance_backend]) - include ::nova + class { '::nova' : + memcached_servers => suffix(hiera('memcache_node_ips'), ':11211'), + } + + include ::nova::config class { '::nova::api' : sync_db => $sync_db, @@ -694,16 +710,53 @@ if hiera('step') >= 3 { "${cinder_netapp_backend}/host": value => 'hostgroup'; } - if hiera('cinder_netapp_nfs_shares', undef) { - $cinder_netapp_nfs_shares = split(hiera('cinder_netapp_nfs_shares', undef), ',') + if hiera('cinder::backend::netapp::nfs_shares', undef) { + $cinder_netapp_nfs_shares = split(hiera('cinder::backend::netapp::nfs_shares', undef), ',') } cinder::backend::netapp { $cinder_netapp_backend : - nfs_shares => $cinder_netapp_nfs_shares, - } - } - - $cinder_enabled_backends = delete_undef_values([$cinder_iscsi_backend, $cinder_rbd_backend, $cinder_netapp_backend]) + netapp_login => hiera('cinder::backend::netapp::netapp_login', undef), + netapp_password => hiera('cinder::backend::netapp::netapp_password', undef), + netapp_server_hostname => hiera('cinder::backend::netapp::netapp_server_hostname', undef), + netapp_server_port => hiera('cinder::backend::netapp::netapp_server_port', undef), + netapp_size_multiplier => hiera('cinder::backend::netapp::netapp_size_multiplier', undef), + netapp_storage_family => hiera('cinder::backend::netapp::netapp_storage_family', undef), + netapp_storage_protocol => hiera('cinder::backend::netapp::netapp_storage_protocol', undef), + netapp_transport_type => hiera('cinder::backend::netapp::netapp_transport_type', undef), + netapp_vfiler => hiera('cinder::backend::netapp::netapp_vfiler', undef), + netapp_volume_list => hiera('cinder::backend::netapp::netapp_volume_list', undef), + netapp_vserver => hiera('cinder::backend::netapp::netapp_vserver', undef), + netapp_partner_backend_name => hiera('cinder::backend::netapp::netapp_partner_backend_name', undef), + nfs_shares => $cinder_netapp_nfs_shares, + nfs_shares_config => hiera('cinder::backend::netapp::nfs_shares_config', undef), + netapp_copyoffload_tool_path => hiera('cinder::backend::netapp::netapp_copyoffload_tool_path', undef), + netapp_controller_ips => hiera('cinder::backend::netapp::netapp_controller_ips', undef), + netapp_sa_password => hiera('cinder::backend::netapp::netapp_sa_password', undef), + netapp_storage_pools => hiera('cinder::backend::netapp::netapp_storage_pools', undef), + netapp_eseries_host_type => hiera('cinder::backend::netapp::netapp_eseries_host_type', undef), + netapp_webservice_path => hiera('cinder::backend::netapp::netapp_webservice_path', undef), + } + } + + if hiera('cinder_enable_nfs_backend', false) { + $cinder_nfs_backend = 'tripleo_nfs' + + if ($::selinux != "false") { + selboolean { 'virt_use_nfs': + value => on, + persistent => true, + } -> Package['nfs-utils'] + } + + package {'nfs-utils': } -> + cinder::backend::nfs { $cinder_nfs_backend: + nfs_servers => hiera('cinder_nfs_servers'), + nfs_mount_options => hiera('cinder_nfs_mount_options'), + nfs_shares_config => '/etc/cinder/shares-nfs.conf', + } + } + + $cinder_enabled_backends = delete_undef_values([$cinder_iscsi_backend, $cinder_rbd_backend, $cinder_netapp_backend, $cinder_nfs_backend]) class { '::cinder::backends' : enabled_backends => $cinder_enabled_backends, } @@ -1077,24 +1130,24 @@ if hiera('step') >= 4 { # Nova pacemaker::resource::service { $::nova::params::api_service_name : clone_params => "interleave=true", - op_params => "monitor start-delay=10s", + op_params => "start timeout=90s monitor start-delay=10s", } pacemaker::resource::service { $::nova::params::conductor_service_name : clone_params => "interleave=true", - op_params => "monitor start-delay=10s", + op_params => "start timeout=90s monitor start-delay=10s", } pacemaker::resource::service { $::nova::params::consoleauth_service_name : clone_params => "interleave=true", - op_params => "monitor start-delay=10s", + op_params => "start timeout=90s monitor start-delay=10s", require => Pacemaker::Resource::Service[$::keystone::params::service_name], } pacemaker::resource::service { $::nova::params::vncproxy_service_name : clone_params => "interleave=true", - op_params => "monitor start-delay=10s", + op_params => "start timeout=90s monitor start-delay=10s", } pacemaker::resource::service { $::nova::params::scheduler_service_name : clone_params => "interleave=true", - op_params => "monitor start-delay=10s", + op_params => "start timeout=90s monitor start-delay=10s", } pacemaker::constraint::base { 'keystone-then-nova-consoleauth-constraint': diff --git a/puppet/manifests/overcloud_object.pp b/puppet/manifests/overcloud_object.pp index ed2ca7c0..59db696e 100644 --- a/puppet/manifests/overcloud_object.pp +++ b/puppet/manifests/overcloud_object.pp @@ -13,16 +13,7 @@ # License for the specific language governing permissions and limitations # under the License. -if !str2bool(hiera('enable_package_install', 'false')) { - case $::osfamily { - 'RedHat': { - Package { provider => 'norpm' } # provided by tripleo-puppet - } - default: { - warning('enable_package_install option not supported.') - } - } -} +include tripleo::packages create_resources(sysctl::value, hiera('sysctl_settings'), {}) diff --git a/puppet/manifests/overcloud_volume.pp b/puppet/manifests/overcloud_volume.pp index 2ef0884b..d1f6d6a5 100644 --- a/puppet/manifests/overcloud_volume.pp +++ b/puppet/manifests/overcloud_volume.pp @@ -13,16 +13,7 @@ # License for the specific language governing permissions and limitations # under the License. -if str2bool(hiera('disable_package_install', 'false')) { - case $::osfamily { - 'RedHat': { - Package { provider => 'norpm' } # provided by tripleo-puppet - } - default: { - warning('disable_package_install option not supported.') - } - } -} +include tripleo::packages create_resources(sysctl::value, hiera('sysctl_settings'), {}) @@ -31,6 +22,7 @@ if count(hiera('ntp::servers')) > 0 { } include ::cinder +include ::cinder::config include ::cinder::glance include ::cinder::volume include ::cinder::setup_test_volume diff --git a/puppet/manifests/ringbuilder.pp b/puppet/manifests/ringbuilder.pp index 531706d2..14fbafdd 100644 --- a/puppet/manifests/ringbuilder.pp +++ b/puppet/manifests/ringbuilder.pp @@ -13,16 +13,7 @@ # License for the specific language governing permissions and limitations # under the License. -if str2bool(hiera('disable_package_install', 'false')) { - case $::osfamily { - 'RedHat': { - Package { provider => 'norpm' } # provided by tripleo-puppet - } - default: { - warning('disable_package_install option not supported.') - } - } -} +include tripleo::packages define add_devices( $swift_zones = '1' diff --git a/puppet/swift-storage-puppet.yaml b/puppet/swift-storage-puppet.yaml index fb1756b8..b3579429 100644 --- a/puppet/swift-storage-puppet.yaml +++ b/puppet/swift-storage-puppet.yaml @@ -65,6 +65,18 @@ parameters: Hostname: type: string default: '' # Defaults to Heat created hostname + ExtraConfig: + default: {} + description: | + Additional hiera configuration to inject into the cluster. Note + that ObjectStorageExtraConfig takes precedence over ExtraConfig. + type: json + ObjectStorageExtraConfig: + default: {} + description: | + Role specific additional hiera configuration to inject into the cluster. + type: json + resources: @@ -126,6 +138,8 @@ resources: hiera: hierarchy: - heat_config_%{::deploy_config_name} + - object_extraconfig + - extraconfig - object - swift_devices_and_proxy # provided by SwiftDevicesAndProxyConfig - all_nodes # provided by allNodesConfig @@ -134,6 +148,10 @@ resources: datafiles: common: raw_data: {get_file: hieradata/common.yaml} + object_extraconfig: + mapped_data: {get_param: ObjectStorageExtraConfig} + extraconfig: + mapped_data: {get_param: ExtraConfig} object: raw_data: {get_file: hieradata/object.yaml} mapped_data: # data supplied directly to this deployment configuration, etc @@ -150,7 +168,7 @@ resources: tripleo::ringbuilder::build_ring: True snmpd_readonly_user_name: {get_input: snmpd_readonly_user_name} snmpd_readonly_user_password: {get_input: snmpd_readonly_user_password} - enable_package_install: {get_input: enable_package_install} + tripleo::packages::enable_install: {get_input: enable_package_install} SwiftStorageHieraDeploy: |