summaryrefslogtreecommitdiffstats
path: root/overcloud-source.yaml
AgeCommit message (Collapse)AuthorFilesLines
2014-01-31Prep work for a scalable control plane.Robert Collins1-35/+35
This is complete as far as it goes but it isn't enough to make running a scaled out control plane actually work. Specifically, the constructs to point at API hosts based on looking up a network address aren't suirtable for scaled out - we need to be using the virtual IP or DNS round robin or other such resilient configurations, but that is largely / entirely orthogonal to making the template be ready for scaling. Change-Id: Ib9e6db5e7d5db84e4746afdabea046d2b8702bbb
2014-01-31Update overcloud to support N compute hosts.Robert Collins1-6/+13
This uses the new merge feature earlier in this series. Exporting COMPUTESCALE before running make will build a different template. Note that since Make doesn't depend on variable values, you need to delete overcloud.yaml between building with different scales. Change-Id: If05b99ae3596bcc794e3a899ab1443aeb14ec754
2014-01-25Allow setting a single NTP ServerClint Byrum1-0/+6
We can allow multiple later when we have better tools for such things. Change-Id: Ie902843c28f8a7258b207745653184784e3e9665 Partial-Bug: #1184486
2014-01-24Merge "Use OS::Heat::UpdateWaitConditionHandle"Jenkins1-1/+1
2014-01-23Expose bridge_mappings in the overcloud.Robert Collins1-1/+7
Some overclouds will want physical networks to be accessible by VMs, and this is a component of that. Change-Id: I5f65c040526f785b4e976f87980d94588b3fb63c
2014-01-16Use OS::Heat::UpdateWaitConditionHandleClint Byrum1-1/+1
This alternate wait condition handle is used to make updates wait for signals from all parties to signal they're ready. This change will not work until the following Change Id lands in Heat: Ibfadc6f9c436ce3d0f468a4e5560233f762038dd Change-Id: Id11b5c79df5f41e49f1bf3c860e414204a242293
2014-01-02Add Ceilometer parameters for the overcloudTomas Sedovic1-0/+21
Change-Id: I205bb2c0bb7c9b956fd3e0d6b266bdf5afb48864
2013-12-17Permit setting overcloud image update policies.Robert Collins1-0/+6
This is the first step towards preserving state on stack updates when the image id has changed. I chose REPLACE as the default value because that is the current behaviour and we can override it from the command line. Change-Id: I64eab51892922ab51a89a9f389457fd1ed979fb2
2013-11-26Fix case of OpenStack in templates.Dan Prince1-1/+1
merge.py seems to look for OpenStack::ImageBuilder::Elements But we use Openstack::ImageBuilder::Elements in our templates. Change-Id: I94ee367cf77c3f2929ee23d2dcdd28622849c89e
2013-11-25Wait for o-r-c on nova compute as well.Clint Byrum1-1/+1
We have seen situations where nova-compute is not ready when notcompute has run its waitcondition. That leads to errors while we fail to boot instances until there is at least one nova compute available. We also update nova-compute-instance.yaml so that it continues to work stand-alone. Change-Id: Iadea7a34e2cd4576cc78659b99c12e1041af5b45
2013-11-18Add metadata to configure swiftDerek Higgins1-0/+4
o Adds the required swift metadata (in swift-source.yaml). o Sets up glance to use the swift backend on the overcloud. o Sets up glance to use the file backend on the undercloud and seed, i.e. maintain the Status quo. Change-Id: I4a70ffbf9c51f1fea5cfc84d8718d3d30d36b3f2
2013-11-05Fix KeystoneURLImre Farkas1-6/+10
Currently KeystoneURL reports back the noncompute instance IP, not the proper API endpoint for the Keystone service. Change-Id: If121620ec549d33f81522465f72e501b7723dd7d
2013-10-29Rename heat_watch_server_url to watch_server_urlDerek Higgins1-1/+1
The other *_server_url parameters are not prefixed with heat_ and this is already in the heat namespace. Change-Id: I24effcfedccb7b69b4e4d022db6676da51083401
2013-10-23Merge "Add KeystoneURL to Outputs section"Jenkins1-0/+11
2013-10-22Add KeystoneURL to Outputs sectionImre Farkas1-0/+11
Having the KeystoneURL accessible in Heat allows the user to access the overcloud services using the service catalog. Change-Id: Ie6ef1aadf2f027d0b0793fea59385832c9f0c25f
2013-10-15Move os-collect-config sectionDerek Higgins1-11/+11
All these sections are in alphabetical order except this one. Change-Id: Id0586b5ba11e3c00e36397c7e2cd46e0c8cae292
2013-10-14Hide the AdminToken too.Robert Collins1-0/+1
This is arguably more important than passwords as it allow rooting keystone :). Change-Id: I12d8ae0f096480112a82d7598eedae64a6fbd861
2013-10-14Add metadata for the nova floating-ips extension.Robert Collins1-0/+2
Nova defaults to trying to allocate floating ips from a neutron network called 'nova' but we called our external one ext-net (which various Neutron documentation uses), so we need to override it or the nova floating-ips extension isn't usable [without explicitly setting a pool in the API calls]. Partial-Bug: #1239450 Change-Id: I1ef78642bdc1f19d25422961350e4f02a8f6c16f
2013-10-14Alpha sort the nova and neutron sections.Robert Collins1-14/+14
I'm having a minor OCD moment. Change-Id: I49cdf078d24a38dcdb1f2801764dbcbd6dd10ccf
2013-10-12Permit overriding the default route for neutron.Robert Collins1-0/+6
The intent here is that the undercloud default route will be discard, but the router kept for access to the metadata service, and this specified route will be used for all other traffic. Change-Id: Idf3f8252c4d4be30839d9d08ad7d4ce49538f04e
2013-10-12Allow making the public interface a vlan.Robert Collins1-0/+6
In the CD overcloud we need to use a VLAN for public traffic. Change-Id: I8d674e1ae58063d9be338023819f174d1bc028e4
2013-10-12Make it possible to set the public interface ip.Robert Collins1-0/+7
This is already supported by the ovs agent, but we didn't need it for the emulated overclouds. Now we're working on bare metal, it's needed for some deployments. Change-Id: Ibb41c40d371e4c153a84fd09c370b158add75b81
2013-10-11Make neutron public interface configurable.Robert Collins1-1/+6
Not all machines use eth0 :). Change-Id: I2d0cfd8df46e7eda1b7db2ea5c8e84d3e970c862
2013-10-11Delete unused interfaces.control key.Robert Collins1-5/+0
Change-Id: I3a84cf52cc46f0c338319a046d77edb2a9b29c45
2013-10-10Add a waitcondition for signalling stack-up.Robert Collins1-0/+11
Without this we need horrible hacks to detect whether the cloud is ready to use. Change-Id: Ic5c5fd16c6c283d3d339e1f1238d3349d0b93f7c
2013-09-17Set NoEcho: true for parameters containing secretsSteve Baker1-0/+6
This prevents secret values being returned for stack-show. Change-Id: I82eff26fda31511b66c6371f6ded2a5fb559f3fb Fixes-Bug: #1226730
2013-09-17Finish correcting all OS::Nova::Server referencesClint Byrum1-13/+27
Some references to first_private_address were missed and some of the Fn::Select calls were only half-completed. Change-Id: I92a4e5e67784e5d64ec6e44ddcac55762cde81eb
2013-09-17Replace broken usage of first_private_addressClint Byrum1-27/+53
The OpenStack native OS::Nova::Server gives us the full list of networks rather than AWS::EC2::Instance's contrived view of 'private' and 'public'. We know we want ctlplane, and use Fn::Select to choose that network directly. The outer Fn::Select is meant to choose the first network every time, which may not always be correct, but is at this point. Change-Id: Iae54ab8d9ac8d84f4f6e2f86ac1b66aacb687473
2013-09-16Update PrivateIp to first_private_address.James Slagle1-17/+17
Update the PrivateIp attribute to first_private_address as a result of the change to the OS::Nova::Server type. Change-Id: Id90f8c7c4e0217e1f94d3e5134744a810390e7b7
2013-09-14Make Heat service password configurable.Robert Collins1-1/+6
So that it can be a snowflake! (unique). Change-Id: Ic823620ace7df5636cd9ff16dcd7476654692e6c
2013-09-14Get rid of global service-password.Robert Collins1-2/+0
No longer needed, less globals == win. Change-Id: I2872e5a8775a09b2e857ef082f3b86109785a126
2013-09-14Add Nova service password.Robert Collins1-0/+6
Another service converted to match the keystone model of unique accounts per service. Change-Id: I62fce289a7032138be3aca8c74df499c2b1fde28
2013-09-14Add Glance service password.Robert Collins1-0/+6
The in-instance scripts are about to require this. Change-Id: I0260da5502639acc60b2791e9f957952f7ab5956
2013-09-14Add cinder service-password.Robert Collins1-0/+6
The instance config is about to require this. Change-Id: Ia778a7f5926b54758e73a4ee0940ef42fe5be6a9
2013-09-13Use native server resource in overcloudClint Byrum1-6/+6
Change-Id: I4745627508e8b6b687fc17527cdd3c41d09b0d80
2013-09-13Add in Neutron service password.Robert Collins1-0/+6
The in-instance scripts are being fixed to not confuse the admin password with the neutron service password. Change-Id: I341574bb838a9563120791b9ac014d75274a96aa
2013-09-12Make admin-password configurable.Robert Collins1-1/+6
We use the admin password in in-instance scripts that configure e.g. nagios from the cloud metadata, but production clouds will all have unique passwords - it has to be a parameter. Change-Id: I1f6c697ce27580fd669c7623e7fcea4c96ec62d0
2013-09-11Make the keystone admin token configurable.Robert Collins1-1/+6
Because unique is good for auth secrets. Change-Id: Iaadc102d11d68d7fc059e62bd992de7ee6f2c818
2013-08-15Migrate nova-compute-instance to split Metadata.Clint Byrum1-2/+7
The file was using the old 0.0.0.0 method from heat-localip, but it was missed when converting the other templates to a split Metadata approach to enable a machine to know its own IP. Change-Id: I0b117de12416a52950b1c7079f659df8649d67f9
2013-08-14Load local IP using separate post-boot Metadata.Clint Byrum1-13/+73
Previously we could not feed the IP of an instance into its own Metadata because of circular dependency problems. 0.0.0.0 was used with the heat-localip element to work around this problem. This caused problems though, as heat-localip would edit the source local heat metadata, which would make cfn-hup and/or os-collect-config think that the Metadata had changed, causing it to restart everything every time we query the Metadata, which was about every five minutes. Now we can just query this inert LaunchConfiguration resource to get its' Metadata once it is ready. This resource will only change when legitimate things are changed in the stack, and so we won't restart everything every five minutes anymore. Note that when the native Heat DSL lands, the OS::Heat::SoftwareConfig resource is meant for exactly this purpose. After this is merged we no longer need the heat-localip element. Fixes bug #1202322 Change-Id: Id06323ba43203570eeebfa5b3d03fa56c16c0c10
2013-08-14Migrate from cfn-hup to os-collect-configClint Byrum1-13/+11
Os-collect-config is meant to replace cfn-hup from heat-cfntools. It allows pulling from multiple metadata sources and runs continuously. Fixes bug #1211289 Change-Id: Ia4e9127fb79048bd1022b32a37272f8463a774ae
2013-08-14Make Resource names suitable for merge/includeClint Byrum1-1/+16
In nova-compute-instance.yaml, we need to use resource names that are unique within the entire set of resources that may be merged or included. However, we need the instance resource name to _match_ the one in overcloud-source.yaml so that its own access policies can function. Without this change we will not have unique users and Metadata access keys/policies for compute and controller. Change-Id: Iebde7e6adede4984f4f693cf2d57b6fadb8be558
2013-08-14Fix missing NovaComputeLibvirtType parameter.Clint Byrum1-0/+3
Also change default to '' as null is not technically allowed as a string default in cloudformation (Heat accidentally allows this). Os-apply-config, via pystache, will still treat this as false for the purposes of checking if it is set or not. Change-Id: Ia02dbcf619bdc92647f1d21157fa4a8e3f749de3
2013-08-12Set a physical bridge for network nodes.Robert Collins1-0/+1
The overcloud control plane needs to bring up an ovs bridge for the ovs plugin hot-plugging and floating ip logic to work. The previous in-instance script didn't migrate IP address and route information. We can do that by using the core ovs script we wrote for baremetal setups - triggered by setting the physical interface parameter. Change-Id: I6d6b09140ee751371607c0963dc76cc5b95f7674
2013-08-12Remove unused network configuration metadata.Robert Collins1-6/+2
This is supplied to neutron etc via API calls - having it in Heat leads to having redundancy, confusion and tricky scripts. Incubator now has scripts to configure this and instances won't consult these keys. Change-Id: Ia45d9bf5bb326ec88f9f4a48c5520570cf5b6d72
2013-07-12overcloud-source: Fix overcloud parameters.Clint Byrum1-3/+2
These values were missed in the initial overcloud-source.yaml. nova.metadata-proxy is required to allow vms to communicate with the EC2-style metadata service. quantum.ovs.fixed_range constraints DHCP allocation for the undercloud, but in the overcloud we do not want this constraint because the individual subnets we define will do that. quantum.ovs.ovs_range configures the range of ips that can be assigned to the tenant subnets. Change-Id: If7191fa8baf1209ae33b9e8200f52ea0ade97810
2013-07-10Provide values for all nova compute params needed.Clint Byrum1-17/+15
Previously these would have to be set for overcloud at runtime, but we have good sane defaults now, and for nova-compute-instance we are able to feed them in using the appropriate references with Fn::GetAtt. Change-Id: Idfff2885bf2afa58b2dec84f06639198e411eae2
2013-07-10Add an example of Type: FileInclude.Clint Byrum1-0/+140
Change-Id: Ie9d45ea5e26e38e8782e7a3d0a626e36090f5388