summaryrefslogtreecommitdiffstats
path: root/overcloud-resource-registry-puppet.j2.yaml
AgeCommit message (Collapse)AuthorFilesLines
2016-10-20Generate internal TLS hieradata for apache servicesJuan Antonio Osorio Robles1-0/+1
This adds an environment file that can be used to enable TLS in the internal endpoints via certmonger if used. This will include a nested stack that will create the hash that will be used to create the certmonger certificates. When setting up a service over apache via puppet, we used to disable explicitly ssl (which sets modd_ssl-related fields for that vhost). We now make this depend on the EnableInternalTLS flag. This has only been done for keystone, but more services will be added as the puppet code lands bp tls-via-certmonger Depends-On: I303f6cf47859284785c0cdc65284a7eb89a4e039 Change-Id: I12e794f2d4076be9505dabfe456c1ca6cfbd359c
2016-10-14Merge "Add contrail services to the resource registry"Jenkins1-0/+5
2016-10-13Split out hosts config deploymentDan Prince1-0/+1
This patch moves the hosts configuration into its own deployment. It will continue to use os-apply-config as something that is required early on in the bootstrapping (it needs to be configured before puppet runs for example). The motivation here is so we can refactor all-nodes-config.yaml to use a new hiera hook that that avoids os-apply-config entirely. Change-Id: Ib3e4380f205358b27d22a1102b663cf300b1ed86 Partial-bug: #1596373
2016-10-13Merge "Add HAProxy TLS handled by certmonger as composable service"Jenkins1-0/+2
2016-10-12Add contrail services to the resource registryCarlos Camacho1-0/+5
Added contrail resource registry entries. Implements: blueprint contrail-services Change-Id: I03894bff63d54637ba1b10a279e2d75f97a06b3c
2016-10-12Special case non-matching ObjectStorage role port namesSteven Hardy1-1/+10
Unfortunately we use "SwiftStorage" in the ObjectStorage role template, so we have to special-case this for backwards compatibility or deployments enabling the ObjectStorage role will fail. Ideally we'd align the port names in the objectstorage-role.yaml, but we can't becauuse all the ports would be replaced in existing deployments on update. Change-Id: Ia07e193d2b9a4d33c6272c2b4448133584b81350 Closes-Bug: #1632663
2016-10-05Renames OpenDaylight to OpenDaylightApi and splits out OVS configurationTim Rozet1-1/+1
This patch modifies the service name to be more appropriately called "OpenDaylightApi" along side the "OpenDaylightOvs" service used to configure OpenVSwitch. It also splits out the OVS configuration for controller nodes into the composable OpenDaylightOvs service. Related-Bug: #1629408 Change-Id: I15221401acdfb2a9ef81107b54a8005348f8372f Signed-off-by: Tim Rozet <trozet@redhat.com>
2016-10-04Move the main template files for defalut services to new syntax generationCarlos Camacho1-1/+1
When generating these templates, we should create them with the "-role" appended as they will be generated from a role.role.j2.yaml file. i.e. role.role.j2.yaml will generate <service>-role.yaml config.role.j2.yaml will generate <service>-config.yaml Partial-Bug: #1626976 Change-Id: I614dc462fd7fc088b67634d489d8e7b68e7d4ab1
2016-10-03Merge "Cinder volume service is not managed by Pacemaker on BlockStorage"Jenkins1-0/+1
2016-09-29Add HAProxy TLS handled by certmonger as composable serviceJuan Antonio Osorio Robles1-0/+2
This adds some basic pieces to get certmonger to manage the certificates for HAProxy. The aim is to be flexible enough that we will be able to manage both public and internal certificates. This also adds a relevant environment to get the endpoints to have TLS everywhere. bp tls-via-certmonger Depends-On: I89001ae32f46c9682aecc118753ef6cd647baa62 Change-Id: Ife5f8c2f07233295bc15b4c605acf3d9bd62f162
2016-09-29Cinder volume service is not managed by Pacemaker on BlockStorageGiulio Fidente1-0/+1
We do not want cinder-volume to be managed by Pacemaker on BlockStorage nodes, where Pacemaker is not running at all. This change adds a new BlockStorageCinderVolume service name which can (and is, by default) mapped to the non Pacemaker implementation of the service. The error was: Could not find dependency Exec[wait-for-settle] for Pacemaker::Resource::Systemd[openstack-cinder-volume] Also moves cinder::host setting into the Pacemaker specific service definition because we only want to set a shared host= string when the service is managed by Pacemaker. Closes-Bug: #1628912 Change-Id: I2f7e82db4fdfd5f161e44d65d17893c3e19a89c9
2016-09-29Move the rest of static roles resource registry entries to j2Carlos Camacho1-14/+4
Moving the rest of the static based resource registry entries to j2, this allows to extend the content of the template to the roles_list. Also moved the templates to correspond with the role name. Partial-Bug: #1626976 Change-Id: I1cbe101eb4ce5a89cba5f2cc45cace43d3380f22
2016-09-29j2 template per-role things in default registrySteven Hardy1-0/+206
The default resource-registry file contains a bunch of per-role things which mean you need to cut/paste into a custom environment file for custom roles, even if you only want the defaults like the built-in roles. Using j2 we can template these just like in the overcloud.j2.yaml and other files. Change-Id: I52a9bffd043ca8fb0f05077c8a401a68def82926 Partial-Bug: #1626976