aboutsummaryrefslogtreecommitdiffstats
path: root/puppet
diff options
context:
space:
mode:
Diffstat (limited to 'puppet')
-rw-r--r--puppet/all-nodes-config.yaml12
-rw-r--r--puppet/services/aodh-api.yaml1
-rw-r--r--puppet/services/ceilometer-api.yaml1
-rw-r--r--puppet/services/ceph-base.yaml26
-rw-r--r--puppet/services/ceph-external.yaml2
-rw-r--r--puppet/services/ceph-mon.yaml2
-rw-r--r--puppet/services/gnocchi-api.yaml1
-rw-r--r--puppet/services/heat-api-cfn.yaml2
-rw-r--r--puppet/services/heat-engine.yaml3
-rw-r--r--puppet/services/nova-api.yaml92
-rw-r--r--puppet/services/nova-conductor.yaml11
-rw-r--r--puppet/services/nova-metadata.yaml14
-rw-r--r--puppet/services/opendaylight-ovs.yaml10
-rw-r--r--puppet/services/swift-proxy.yaml2
-rw-r--r--puppet/services/swift-ringbuilder.yaml4
15 files changed, 119 insertions, 64 deletions
diff --git a/puppet/all-nodes-config.yaml b/puppet/all-nodes-config.yaml
index d64f70db..cc5e4eac 100644
--- a/puppet/all-nodes-config.yaml
+++ b/puppet/all-nodes-config.yaml
@@ -12,8 +12,6 @@ parameters:
type: string
cloud_name_ctlplane:
type: string
- hosts:
- type: comma_delimited_list
# FIXME(shardy) this can be comma_delimited_list when
# https://bugs.launchpad.net/heat/+bug/1617019 is fixed
enabled_services:
@@ -75,10 +73,6 @@ resources:
properties:
group: os-apply-config
config:
- hosts:
- list_join:
- - "\n"
- - {get_param: hosts}
hiera:
datafiles:
bootstrap_node:
@@ -217,9 +211,3 @@ outputs:
description: The ID of the allNodesConfigImpl resource.
value:
{get_resource: allNodesConfigImpl}
- hosts_entries:
- description: |
- The content that should be appended to your /etc/hosts if you want to get
- hostname-based access to the deployed nodes (useful for testing without
- setting up a DNS).
- value: {get_attr: [allNodesConfigImpl, config, hosts]}
diff --git a/puppet/services/aodh-api.yaml b/puppet/services/aodh-api.yaml
index f4f5bad8..da043c80 100644
--- a/puppet/services/aodh-api.yaml
+++ b/puppet/services/aodh-api.yaml
@@ -60,6 +60,7 @@ outputs:
params:
$NETWORK: {get_param: [ServiceNetMap, AodhApiNetwork]}
aodh::api::service_name: 'httpd'
+ aodh::api::enable_proxy_headers_parsing: true
tripleo.aodh_api.firewall_rules:
'128 aodh-api':
dport:
diff --git a/puppet/services/ceilometer-api.yaml b/puppet/services/ceilometer-api.yaml
index ecea38b2..27c32bfd 100644
--- a/puppet/services/ceilometer-api.yaml
+++ b/puppet/services/ceilometer-api.yaml
@@ -68,6 +68,7 @@ outputs:
# internal_api_uri -> [IP]
# internal_api_subnet - > IP/CIDR
- ceilometer::api::service_name: 'httpd'
+ ceilometer::api::enable_proxy_headers_parsing: true
ceilometer::api::host: {get_param: [ServiceNetMap, CeilometerApiNetwork]}
ceilometer::wsgi::apache::bind_host: {get_param: [ServiceNetMap, CeilometerApiNetwork]}
ceilometer::wsgi::apache::ssl: false
diff --git a/puppet/services/ceph-base.yaml b/puppet/services/ceph-base.yaml
index adb17b26..71d81dc2 100644
--- a/puppet/services/ceph-base.yaml
+++ b/puppet/services/ceph-base.yaml
@@ -1,4 +1,4 @@
-heat_template_version: 2016-04-08
+heat_template_version: 2016-10-14
description: >
Ceph base service. Shared by all Ceph services.
@@ -29,9 +29,20 @@ parameters:
GlanceRbdPoolName:
default: images
type: string
+ GlanceBackend:
+ default: swift
+ description: The short name of the Glance backend to use. Should be one
+ of swift, rbd, or file
+ type: string
+ constraints:
+ - allowed_values: ['swift', 'file', 'rbd']
GnocchiRbdPoolName:
default: metrics
type: string
+ NovaEnableRbdBackend:
+ default: false
+ description: Whether to enable or not the Rbd backend for Nova
+ type: boolean
NovaRbdPoolName:
default: vms
type: string
@@ -63,6 +74,16 @@ parameter_groups:
parameters:
- ControllerEnableCephStorage
+conditions:
+ glance_multiple_locations:
+ and:
+ - equals:
+ - get_param: GlanceBackend
+ - rbd
+ - equals:
+ - get_param: NovaEnableRbdBackend
+ - false
+
outputs:
role_data:
description: Role data for the Ceph base service.
@@ -128,3 +149,6 @@ outputs:
CINDERBACKUP_POOL: {get_param: CinderBackupRbdPoolName}
GLANCE_POOL: {get_param: GlanceRbdPoolName}
GNOCCHI_POOL: {get_param: GnocchiRbdPoolName}
+ service_config_settings:
+ glance_api:
+ glance::api::show_multiple_locations: {if: [glance_multiple_locations, true, false]}
diff --git a/puppet/services/ceph-external.yaml b/puppet/services/ceph-external.yaml
index 52c4824f..7d75074c 100644
--- a/puppet/services/ceph-external.yaml
+++ b/puppet/services/ceph-external.yaml
@@ -78,5 +78,7 @@ outputs:
CINDERBACKUP_POOL: {get_param: CinderBackupRbdPoolName}
GLANCE_POOL: {get_param: GlanceRbdPoolName}
GNOCCHI_POOL: {get_param: GnocchiRbdPoolName}
+ service_config_settings:
+ get_attr: [CephBase, role_data, service_config_settings]
step_config: |
include ::tripleo::profile::base::ceph::client
diff --git a/puppet/services/ceph-mon.yaml b/puppet/services/ceph-mon.yaml
index 552086ab..3471f16c 100644
--- a/puppet/services/ceph-mon.yaml
+++ b/puppet/services/ceph-mon.yaml
@@ -101,5 +101,7 @@ outputs:
'110 ceph_mon':
dport:
- 6789
+ service_config_settings:
+ get_attr: [CephBase, role_data, service_config_settings]
step_config: |
include ::tripleo::profile::base::ceph::mon
diff --git a/puppet/services/gnocchi-api.yaml b/puppet/services/gnocchi-api.yaml
index 15121790..e3397769 100644
--- a/puppet/services/gnocchi-api.yaml
+++ b/puppet/services/gnocchi-api.yaml
@@ -77,6 +77,7 @@ outputs:
- 8041
- 13041
gnocchi::api::enabled: true
+ gnocchi::api::enable_proxy_headers_parsing: true
gnocchi::api::service_name: 'httpd'
gnocchi::keystone::authtoken::auth_uri: {get_param: [EndpointMap, KeystoneInternal, uri]}
gnocchi::keystone::authtoken::auth_url: {get_param: [EndpointMap, KeystoneAdmin, uri_no_suffix]}
diff --git a/puppet/services/heat-api-cfn.yaml b/puppet/services/heat-api-cfn.yaml
index a47fec5a..1a86ec71 100644
--- a/puppet/services/heat-api-cfn.yaml
+++ b/puppet/services/heat-api-cfn.yaml
@@ -81,4 +81,4 @@ outputs:
heat::keystone::auth_cfn::internal_url: {get_param: [EndpointMap, HeatCfnInternal, uri]}
heat::keystone::auth_cfn::admin_url: {get_param: [EndpointMap, HeatCfnAdmin, uri]}
heat::keystone::auth_cfn::password: {get_param: HeatPassword}
- heat::keystone::auth::region: {get_param: KeystoneRegion}
+ heat::keystone::auth_cfn::region: {get_param: KeystoneRegion}
diff --git a/puppet/services/heat-engine.yaml b/puppet/services/heat-engine.yaml
index 24c36362..20415eef 100644
--- a/puppet/services/heat-engine.yaml
+++ b/puppet/services/heat-engine.yaml
@@ -103,3 +103,6 @@ outputs:
heat::db::mysql::allowed_hosts:
- '%'
- "%{hiera('mysql_bind_host')}"
+ keystone:
+ # This is needed because the keystone profile handles creating the domain
+ heat::keystone::domain::domain_password: {get_param: HeatStackDomainAdminPassword}
diff --git a/puppet/services/nova-api.yaml b/puppet/services/nova-api.yaml
index e1e1856d..a12742ff 100644
--- a/puppet/services/nova-api.yaml
+++ b/puppet/services/nova-api.yaml
@@ -1,4 +1,4 @@
-heat_template_version: 2016-04-08
+heat_template_version: 2016-10-14
description: >
OpenStack Nova API service configured with Puppet
@@ -52,6 +52,9 @@ parameters:
tag: openstack.nova.api
path: /var/log/nova/nova-api.log
+conditions:
+ nova_workers_zero: {equals : [{get_param: NovaWorkers}, 0]}
+
resources:
ApacheServiceBase:
type: ./apache.yaml
@@ -78,49 +81,52 @@ outputs:
- nova
config_settings:
map_merge:
- - get_attr: [NovaBase, role_data, config_settings]
- - get_attr: [ApacheServiceBase, role_data, config_settings]
+ - get_attr: [NovaBase, role_data, config_settings]
+ - get_attr: [ApacheServiceBase, role_data, config_settings]
+ - nova::cron::archive_deleted_rows::hour: '"*/12"'
+ nova::cron::archive_deleted_rows::destination: '"/dev/null"'
+ tripleo.nova_api.firewall_rules:
+ '113 nova_api':
+ dport:
+ - 6080
+ - 13080
+ - 8773
+ - 3773
+ - 8774
+ - 13774
+ - 8775
+ nova::keystone::authtoken::project_name: 'service'
+ nova::keystone::authtoken::password: {get_param: NovaPassword}
+ nova::keystone::authtoken::auth_uri: {get_param: [EndpointMap, KeystoneInternal, uri] }
+ nova::keystone::authtoken::auth_url: {get_param: [EndpointMap, KeystoneAdmin, uri_no_suffix]}
+ nova::api::enabled: true
+ nova::api::default_floating_pool: 'public'
+ nova::api::sync_db_api: true
+ nova::api::enable_proxy_headers_parsing: true
+ # NOTE: bind IP is found in Heat replacing the network name with the local node IP
+ # for the given network; replacement examples (eg. for internal_api):
+ # internal_api -> IP
+ # internal_api_uri -> [IP]
+ # internal_api_subnet - > IP/CIDR
+ nova::api::api_bind_address: {get_param: [ServiceNetMap, NovaApiNetwork]}
+ nova::wsgi::apache::ssl: false
+ nova::wsgi::apache::bind_host: {get_param: [ServiceNetMap, NovaApiNetwork]}
+ nova::wsgi::apache::servername:
+ str_replace:
+ template:
+ '"%{::fqdn_$NETWORK}"'
+ params:
+ $NETWORK: {get_param: [ServiceNetMap, MysqlNetwork]}
+ nova::wsgi::apache::workers: {get_param: NovaWorkers}
+ nova::wsgi::apache::bind_host: {get_param: [ServiceNetMap, NovaApiNetwork]}
+ nova::api::neutron_metadata_proxy_shared_secret: {get_param: NeutronMetadataProxySharedSecret}
+ nova::api::instance_name_template: {get_param: InstanceNameTemplate}
+ nova_enable_db_purge: {get_param: NovaEnableDBPurge}
+ -
+ if:
+ - nova_workers_zero
+ - {}
- nova::api::osapi_compute_workers: {get_param: NovaWorkers}
- nova::cron::archive_deleted_rows::hour: '"*/12"'
- nova::cron::archive_deleted_rows::destination: '"/dev/null"'
- tripleo.nova_api.firewall_rules:
- '113 nova_api':
- dport:
- - 6080
- - 13080
- - 8773
- - 3773
- - 8774
- - 13774
- - 8775
- nova::keystone::authtoken::project_name: 'service'
- nova::keystone::authtoken::password: {get_param: NovaPassword}
- nova::keystone::authtoken::auth_uri: {get_param: [EndpointMap, KeystoneInternal, uri] }
- nova::keystone::authtoken::auth_url: {get_param: [EndpointMap, KeystoneAdmin, uri_no_suffix]}
- nova::api::enabled: true
- nova::api::default_floating_pool: 'public'
- nova::api::sync_db_api: true
- nova::api::enable_proxy_headers_parsing: true
- # NOTE: bind IP is found in Heat replacing the network name with the local node IP
- # for the given network; replacement examples (eg. for internal_api):
- # internal_api -> IP
- # internal_api_uri -> [IP]
- # internal_api_subnet - > IP/CIDR
- nova::api::api_bind_address: {get_param: [ServiceNetMap, NovaApiNetwork]}
- nova::wsgi::apache::ssl: false
- nova::wsgi::apache::bind_host: {get_param: [ServiceNetMap, NovaApiNetwork]}
- nova::wsgi::apache::servername:
- str_replace:
- template:
- '"%{::fqdn_$NETWORK}"'
- params:
- $NETWORK: {get_param: [ServiceNetMap, MysqlNetwork]}
- nova::wsgi::apache::workers: {get_param: NovaWorkers}
- nova::wsgi::apache::bind_host: {get_param: [ServiceNetMap, NovaApiNetwork]}
- nova::api::neutron_metadata_proxy_shared_secret: {get_param: NeutronMetadataProxySharedSecret}
- nova::api::instance_name_template: {get_param: InstanceNameTemplate}
- nova_enable_db_purge: {get_param: NovaEnableDBPurge}
-
step_config: |
include tripleo::profile::base::nova::api
service_config_settings:
diff --git a/puppet/services/nova-conductor.yaml b/puppet/services/nova-conductor.yaml
index 2671cdd3..a10d9560 100644
--- a/puppet/services/nova-conductor.yaml
+++ b/puppet/services/nova-conductor.yaml
@@ -1,4 +1,4 @@
-heat_template_version: 2016-04-08
+heat_template_version: 2016-10-14
description: >
OpenStack Nova Conductor service configured with Puppet
@@ -31,6 +31,9 @@ parameters:
tag: openstack.nova.scheduler
path: /var/log/nova/nova-scheduler.log
+conditions:
+ nova_workers_zero: {equals : [{get_param: NovaWorkers}, 0]}
+
resources:
NovaBase:
type: ./nova-base.yaml
@@ -50,7 +53,11 @@ outputs:
- nova
config_settings:
map_merge:
- - get_attr: [NovaBase, role_data, config_settings]
+ - get_attr: [NovaBase, role_data, config_settings]
+ -
+ if:
+ - nova_workers_zero
+ - {}
- nova::conductor::workers: {get_param: NovaWorkers}
step_config: |
include tripleo::profile::base::nova::conductor
diff --git a/puppet/services/nova-metadata.yaml b/puppet/services/nova-metadata.yaml
index 92373c56..40931da6 100644
--- a/puppet/services/nova-metadata.yaml
+++ b/puppet/services/nova-metadata.yaml
@@ -1,4 +1,4 @@
-heat_template_version: 2016-04-08
+heat_template_version: 2016-10-14
description: >
OpenStack Nova API service configured with Puppet
@@ -23,12 +23,20 @@ parameters:
description: Number of workers for Nova API service.
type: number
+conditions:
+ nova_workers_zero: {equals : [{get_param: NovaWorkers}, 0]}
+
outputs:
role_data:
description: Role data for the Nova Metadata service.
value:
service_name: nova_metadata
config_settings:
- nova::api::metadata_workers: {get_param: NovaWorkers}
- nova::api::metadata_listen: {get_param: [ServiceNetMap, NovaMetadataNetwork]}
+ map_merge:
+ - nova::api::metadata_listen: {get_param: [ServiceNetMap, NovaMetadataNetwork]}
+ -
+ if:
+ - nova_workers_zero
+ - {}
+ - nova::api::metadata_workers: {get_param: NovaWorkers}
step_config: ""
diff --git a/puppet/services/opendaylight-ovs.yaml b/puppet/services/opendaylight-ovs.yaml
index 8bcb72f7..ea7410ca 100644
--- a/puppet/services/opendaylight-ovs.yaml
+++ b/puppet/services/opendaylight-ovs.yaml
@@ -19,6 +19,11 @@ parameters:
OpenDaylightApiVirtualIP:
type: string
default: ''
+ OpenDaylightProviderMappings:
+ description: Mappings between logical networks and physical interfaces.
+ Required for VLAN deployments. For example physnet1 -> eth1.
+ type: comma_delimited_list
+ default: "datacentre:br-ex"
EndpointMap:
default: {}
description: Mapping of service endpoint -> protocol. Typically set
@@ -43,5 +48,10 @@ outputs:
opendaylight::odl_rest_port: {get_param: OpenDaylightPort}
opendaylight_check_url: {get_param: OpenDaylightCheckURL}
opendaylight::nb_connection_protocol: {get_param: OpenDaylightConnectionProtocol}
+ neutron::plugins::ovs::opendaylight::provider_mappings:
+ str_replace:
+ template: MAPPINGS
+ params:
+ MAPPINGS: {get_param: OpenDaylightProviderMappings}
step_config: |
include tripleo::profile::base::neutron::plugins::ovs::opendaylight
diff --git a/puppet/services/swift-proxy.yaml b/puppet/services/swift-proxy.yaml
index 8b990bcd..ed0d12cf 100644
--- a/puppet/services/swift-proxy.yaml
+++ b/puppet/services/swift-proxy.yaml
@@ -75,6 +75,7 @@ outputs:
- admin
- swiftoperator
- ResellerAdmin
+ swift::proxy::versioned_writes::allow_versioned_writes: true
swift::proxy::pipeline:
- 'catch_errors'
- 'healthcheck'
@@ -87,6 +88,7 @@ outputs:
- 'authtoken'
- 'keystone'
- 'staticweb'
+ - 'versioned_writes'
- 'proxy-logging'
- 'proxy-server'
swift::proxy::account_autocreate: true
diff --git a/puppet/services/swift-ringbuilder.yaml b/puppet/services/swift-ringbuilder.yaml
index e151d185..8ed4e9f4 100644
--- a/puppet/services/swift-ringbuilder.yaml
+++ b/puppet/services/swift-ringbuilder.yaml
@@ -48,6 +48,8 @@ outputs:
config_settings:
tripleo::profile::base::swift::ringbuilder::build_ring: {get_param: SwiftRingBuild}
tripleo::profile::base::swift::ringbuilder::replicas: {get_param: SwiftReplicas}
+ tripleo::profile::base::swift::ringbuilder::part_power: {get_param: SwiftPartPower}
+ tripleo::profile::base::swift::ringbuilder::min_part_hours: {get_param: SwiftMinPartHours}
tripleo::profile::base::swift::ringbuilder::raw_disk_prefix: 'r1z1-'
tripleo::profile::base::swift::ringbuilder::raw_disks:
yaql:
@@ -59,7 +61,5 @@ outputs:
template: ':%PORT%/DEVICE'
for_each:
DEVICE: {get_param: SwiftRawDisks}
- swift::ringbuilder::part_power: {get_param: SwiftPartPower}
- swift::ringbuilder::min_part_hours: {get_param: SwiftMinPartHours}
step_config: |
include ::tripleo::profile::base::swift::ringbuilder