summaryrefslogtreecommitdiffstats
path: root/roles
diff options
context:
space:
mode:
Diffstat (limited to 'roles')
-rw-r--r--roles/BlockStorage.yaml5
-rw-r--r--roles/CephStorage.yaml3
-rw-r--r--roles/Compute.yaml5
-rw-r--r--roles/Controller.yaml7
-rw-r--r--roles/ControllerOpenstack.yaml6
-rw-r--r--roles/Database.yaml2
-rw-r--r--roles/IronicConductor.yaml21
-rw-r--r--roles/Messaging.yaml2
-rw-r--r--roles/Networker.yaml2
-rw-r--r--roles/ObjectStorage.yaml4
-rw-r--r--roles/README.rst4
-rw-r--r--roles/Telemetry.yaml2
-rw-r--r--roles/Undercloud.yaml1
13 files changed, 64 insertions, 0 deletions
diff --git a/roles/BlockStorage.yaml b/roles/BlockStorage.yaml
index d242a5bb..b0117400 100644
--- a/roles/BlockStorage.yaml
+++ b/roles/BlockStorage.yaml
@@ -4,6 +4,10 @@
- name: BlockStorage
description: |
Cinder Block Storage node role
+ networks:
+ - InternalApi
+ - Storage
+ - StorageMgmt
ServicesDefault:
- OS::TripleO::Services::AuditD
- OS::TripleO::Services::BlockStorageCinderVolume
@@ -12,6 +16,7 @@
- OS::TripleO::Services::Collectd
- OS::TripleO::Services::Docker
- OS::TripleO::Services::FluentdClient
+ - OS::TripleO::Services::Iscsid
- OS::TripleO::Services::Kernel
- OS::TripleO::Services::MySQLClient
- OS::TripleO::Services::Ntp
diff --git a/roles/CephStorage.yaml b/roles/CephStorage.yaml
index d3de6bae..647c4d5a 100644
--- a/roles/CephStorage.yaml
+++ b/roles/CephStorage.yaml
@@ -4,6 +4,9 @@
- name: CephStorage
description: |
Ceph OSD Storage node role
+ networks:
+ - Storage
+ - StorageMgmt
ServicesDefault:
- OS::TripleO::Services::AuditD
- OS::TripleO::Services::CACerts
diff --git a/roles/Compute.yaml b/roles/Compute.yaml
index 73ec6595..75a6f608 100644
--- a/roles/Compute.yaml
+++ b/roles/Compute.yaml
@@ -5,6 +5,10 @@
description: |
Basic Compute Node role
CountDefault: 1
+ networks:
+ - InternalApi
+ - Tenant
+ - Storage
HostnameFormatDefault: '%stackname%-novacompute-%index%'
disable_upgrade_deployment: True
ServicesDefault:
@@ -21,6 +25,7 @@
- OS::TripleO::Services::ComputeNeutronOvsAgent
- OS::TripleO::Services::Docker
- OS::TripleO::Services::FluentdClient
+ - OS::TripleO::Services::Iscsid
- OS::TripleO::Services::Kernel
- OS::TripleO::Services::MySQLClient
- OS::TripleO::Services::NeutronLinuxbridgeAgent
diff --git a/roles/Controller.yaml b/roles/Controller.yaml
index 7511d4c0..b0a13138 100644
--- a/roles/Controller.yaml
+++ b/roles/Controller.yaml
@@ -9,6 +9,12 @@
tags:
- primary
- controller
+ networks:
+ - External
+ - InternalApi
+ - Storage
+ - StorageMgmt
+ - Tenant
HostnameFormatDefault: '%stackname%-controller-%index%'
ServicesDefault:
- OS::TripleO::Services::AodhApi
@@ -57,6 +63,7 @@
- OS::TripleO::Services::Horizon
- OS::TripleO::Services::IronicApi
- OS::TripleO::Services::IronicConductor
+ - OS::TripleO::Services::Iscsid
- OS::TripleO::Services::Keepalived
- OS::TripleO::Services::Kernel
- OS::TripleO::Services::Keystone
diff --git a/roles/ControllerOpenstack.yaml b/roles/ControllerOpenstack.yaml
index 2d1702e8..6cf2120e 100644
--- a/roles/ControllerOpenstack.yaml
+++ b/roles/ControllerOpenstack.yaml
@@ -9,6 +9,12 @@
tags:
- primary
- controller
+ networks:
+ - External
+ - InternalApi
+ - Storage
+ - StorageMgmt
+ - Tenant
HostnameFormatDefault: '%stackname%-controller-%index%'
ServicesDefault:
- OS::TripleO::Services::AodhApi
diff --git a/roles/Database.yaml b/roles/Database.yaml
index 3ef751a7..75b26a8c 100644
--- a/roles/Database.yaml
+++ b/roles/Database.yaml
@@ -4,6 +4,8 @@
- name: Database
description: |
Standalone database role with the database being managed via Pacemaker
+ networks:
+ - InternalApi
HostnameFormatDefault: '%stackname%-database-%index%'
ServicesDefault:
- OS::TripleO::Services::AuditD
diff --git a/roles/IronicConductor.yaml b/roles/IronicConductor.yaml
new file mode 100644
index 00000000..8a29b337
--- /dev/null
+++ b/roles/IronicConductor.yaml
@@ -0,0 +1,21 @@
+###############################################################################
+# Role: IronicConductor #
+###############################################################################
+- name: IronicConductor
+ description: |
+ Ironic Conductor node role
+ HostnameFormatDefault: '%stackname%-ironic-%index%'
+ ServicesDefault:
+ - OS::TripleO::Services::AuditD
+ - OS::TripleO::Services::CACerts
+ - OS::TripleO::Services::Collectd
+ - OS::TripleO::Services::FluentdClient
+ - OS::TripleO::Services::IronicConductor
+ - OS::TripleO::Services::Kernel
+ - OS::TripleO::Services::MySQLClient
+ - OS::TripleO::Services::Ntp
+ - OS::TripleO::Services::SensuClient
+ - OS::TripleO::Services::Snmp
+ - OS::TripleO::Services::Timezone
+ - OS::TripleO::Services::TripleoFirewall
+ - OS::TripleO::Services::TripleoPackages
diff --git a/roles/Messaging.yaml b/roles/Messaging.yaml
index cbef61ab..5b06063f 100644
--- a/roles/Messaging.yaml
+++ b/roles/Messaging.yaml
@@ -4,6 +4,8 @@
- name: Messaging
description: |
Standalone messaging role with RabbitMQ being managed via Pacemaker
+ networks:
+ - InternalApi
HostnameFormatDefault: '%stackname%-messaging-%index%'
ServicesDefault:
- OS::TripleO::Services::AuditD
diff --git a/roles/Networker.yaml b/roles/Networker.yaml
index b393fa7b..a28eaa63 100644
--- a/roles/Networker.yaml
+++ b/roles/Networker.yaml
@@ -5,6 +5,8 @@
description: |
Standalone networking role to run Neutron services their own. Includes
Pacemaker integration via PacemakerRemote
+ networks:
+ - InternalApi
HostnameFormatDefault: '%stackname%-networker-%index%'
ServicesDefault:
- OS::TripleO::Services::AuditD
diff --git a/roles/ObjectStorage.yaml b/roles/ObjectStorage.yaml
index 3741ca66..27dc1233 100644
--- a/roles/ObjectStorage.yaml
+++ b/roles/ObjectStorage.yaml
@@ -4,6 +4,10 @@
- name: ObjectStorage
description: |
Swift Object Storage node role
+ networks:
+ - InternalApi
+ - Storage
+ - StorageMgmt
disable_upgrade_deployment: True
ServicesDefault:
- OS::TripleO::Services::AuditD
diff --git a/roles/README.rst b/roles/README.rst
index 6c742332..cd1fcb47 100644
--- a/roles/README.rst
+++ b/roles/README.rst
@@ -58,6 +58,10 @@ Role Options
* description: (string) as few sentences describing the role and information
pertaining to the usage of the role.
+ * networks: (list), optional list of networks which the role will have
+ access to when network isolation is enabled. The names should match
+ those defined in network_data.yaml.
+
Working with Roles
==================
The tripleoclient provides a series of commands that can be used to view
diff --git a/roles/Telemetry.yaml b/roles/Telemetry.yaml
index 0f60364b..d23ab6e3 100644
--- a/roles/Telemetry.yaml
+++ b/roles/Telemetry.yaml
@@ -4,6 +4,8 @@
- name: Telemetry
description: |
Telemetry role that has all the telemetry services.
+ networks:
+ - InternalApi
HostnameFormatDefault: '%stackname%-telemetry-%index%'
ServicesDefault:
- OS::TripleO::Services::AodhApi
diff --git a/roles/Undercloud.yaml b/roles/Undercloud.yaml
index 0a9bcadf..bcdedc71 100644
--- a/roles/Undercloud.yaml
+++ b/roles/Undercloud.yaml
@@ -19,6 +19,7 @@
- OS::TripleO::Services::IronicApi
- OS::TripleO::Services::IronicConductor
- OS::TripleO::Services::IronicPxe
+ - OS::TripleO::Services::Iscsid
- OS::TripleO::Services::Keystone
- OS::TripleO::Services::Memcached
- OS::TripleO::Services::MistralApi