summaryrefslogtreecommitdiffstats
path: root/puppet/swift-storage.yaml
AgeCommit message (Collapse)AuthorFilesLines
2016-08-31Availability monitoring agents supportMartin Mágr1-0/+4
- adds possibility to install sensu-client on all nodes - each composable service has it's own subscription Co-Authored-By: Emilien Macchi <emilien@redhat.com> Co-Authored-By: Michele Baldessari <michele@redhat.com> Implements: blueprint tripleo-opstools-availability-monitoring Change-Id: I6a215763fd0f0015285b3573305d18d0f56c7770
2016-08-25Move Swift hiera settings into composable servicesDan Prince1-22/+0
This moves the swift local bind and hash prefix settings into the relevant swift-* composable services. Change-Id: I807ff14c4cc9afa39efee13849e0f8c22718f1c0
2016-08-23Permit usage of raw disks as backends for Swift storageGiulio Fidente1-1/+12
Adds a SwiftRawDisks parameter which can be used to provide a map disk-keyed with properties for each additional disk to be used as backend for Swift storage. Change-Id: I65ff488c8eb62c03fc45f04e70e18a5f4022d6b6 Depends-On: Id450e777930bb0b749c0ecfab0679a52a84fd7fe Depends-On: Iac75cf2244339fae444be5859b7583e80bafc4e2
2016-08-17Add tripleo-packages composable serviceDan Prince1-6/+0
This creates a new service to help manage the puppet-tripleo class that enables and disables package installation features. NOTE: we can't move the upgrade setting into the new composable service yet due to coupling with the UpgradeDeployment resources. Change-Id: If35cf6a6f023e12ae8ebbc2d9929d244eb3ffa3a
2016-08-16Remove unneeded net_ip_map dump into hieradataGiulio Fidente1-4/+0
We will lookup bind addresses using map_replace within the templates so dumping net_ip_map as hieradata is unneeded. Change-Id: If54c9033fc58d2cfaa040e30adeed7f58e44fd88
2016-08-16Remove deprecated net_ip_uri_map outputGiulio Fidente1-2/+8
Takes the net_ip_uri_map value from the *_uri values emitted by net_ip_map instead. Also removes TenantIp and TenantIpUri from net_vip_map_external templates as there won't be any VIP on the tenant network. Change-Id: Icdac3d58162891f5ca3d5c20f14fcdff1781996f
2016-08-16Remove deprecated net_ip_subnet_map outputGiulio Fidente1-1/+0
Change-Id: I83ca923140d7f8ca3101e851e88ca3107a99555a
2016-08-11Reinstate CloudDomain properties for Controller/Compute rolesSteven Hardy1-1/+0
These were removed in https://review.openstack.org/#/c/347050 but it turns out the defaults in the role templates is bad, as an empty string results in a malformed hosts file fqdn. So, partially revert that patch so we always pass the global CloudDomain from overcloud.yaml, accepting the default configured there, and remove the empty-string defaults in the role templates. Change-Id: I0ea4190a23488986a3ee9e887328e0e7a03fe3aa
2016-08-09Allow map_replace substitution of network namesSteven Hardy1-2/+5
To allow per-node data such as bind_ip's to move into the composable services templates, we do a value substitution on the config settings hiera map, where e.g internal_api will be replaced with the NetIpMap IP assigned to that. To enable subnet/uri lookup via the same method, we add all the subnet/uri mappings to the main net_ip_map output. Change-Id: I7850d4dc8bf4db5f7ac6a6b53c1d900b561b4580
2016-08-09Merge "Remove static hieradata"Jenkins1-1/+0
2016-08-09Merge "Move *Flavor parameters into per-role templates"Jenkins1-2/+3
2016-08-08Remove static hieradataEmilien Macchi1-1/+0
Static hieradata moved to composable services, we don't need the files anymore. It also cleanup how we construct Hieradata configuration by removing unused hiera files. Change-Id: I19f85b6c1b734473cf908ddaca29ad966f9f5405
2016-08-05Add Aodh composable rolesPradeep Kilambi1-3/+0
Implements: blueprint composable-services-within-roles Depends-On: Ie48a123cc5bc402aee635a5daf118b158c6f3b6a Closes-Bug: #1601850 Change-Id: Ifcfe0e3937fa8577635d803d46c3dfc2e873e553
2016-07-27Move *Flavor parameters into per-role templatesSteven Hardy1-2/+3
We have some inconsistent naming here, but move them with their current names for backwards compatibility, we can address the deprecation of the inconsistent names at a future time. This is required to enable jinja templating of roles in overcloud.yaml Change-Id: I2ea673d9bc52967f9b7c25555059b964abf66966 Partially-Implements: blueprint custom-roles
2016-07-27Move *Image parameters into role templatesSteven Hardy1-3/+5
We've got some inconsistent naming here, but I'm not attempting to fix that yet, only move the current parameters inside each role template. This should be backwards compatible because the parameter names don't change, but also enable progress on custom-roles. We can figure out a strategy for deprecating these and aligning per-role parameter naming in a subsequent patch. Also moves ImageUpdatePolicy, which wasn't consistently passed to all roles anyway, and aligns the default image and constraints for each role. Change-Id: I85ec979934df220acbab9f7c3a6055f23e3bfc29 Partially-Implements: blueprint custom-roles
2016-07-27Move per-role *SchedulerHints parameters into role templatesSteven Hardy1-2/+2
To enable custom roles, move these into the role templates where they can be passed via parameter defaults. Because the Compute role uses an inconsistent NovaCompute naming, these parameters cannot be generated in overcloud.yaml, so moving them enables backwards compatibility to be maintained when we move to a fully jinja generated overcloud (e.g including the role ResourceGroup resources) Change-Id: I3f9b2275f2b1daeb8b83f09548a089dadcfe9eee Partially-Implements: blueprint custom-roles
2016-07-25Merge "Convert Swift ringbuilder to composable services format"Jenkins1-24/+0
2016-07-25Convert Swift ringbuilder to composable services formatSteven Hardy1-24/+0
This moves the ringbuilder puppet code to puppet-tripleo and migrates to the composable services format. Closes-Bug: #1601857 Change-Id: I0ea2230072d3ff61a4047ffff1f4187951370f67 Depends-On: I427f0b5ee93a0870d43419009178e0690ac66bd6
2016-07-22Add 'service_name' to composable servicesDan Prince1-0/+7
This patch adds a new service_name section to each composable service. We now have an explicit unit test check to ensure that service_name exists in tools/yaml-validate.py. This patch also wires service_names into hieradata on each of the roles so that tools can access the deployed services locally during deployment and upgrades. Change-Id: I60861c5aa760534db3e314bba16a13b90ea72f0c
2016-07-12Merge "Combine BootstrapNodeDeployment with AllNodesDeployment"Jenkins1-0/+6
2016-07-11Merge "Set os-refresh-config timeout to 4 hours"Jenkins1-1/+1
2016-07-11Merge "Template param for what command occ runs"Jenkins1-0/+7
2016-07-05Combine BootstrapNodeDeployment with AllNodesDeploymentSteven Hardy1-0/+6
Currently we have a special controller-only deployment which writes the name/ip of the "bootstrap node", e.g the cluster master, which defaults to the first node in the Controller ResourceGroup. Now we're moving to fully composable services/roles, it's possible folks will want to deploy services that expect to detect the bootstrap node (e.g so only one node does a DB sync) for non-controller roles. So, take this opportunity to combine the bootstrap node deployment with the "all nodes" data, such that we deploy the same data for all roles. Because the boostrap node data is per role cluster, rather than truly global, we pass it via input_values into each per-role Deployment. At some future point we might consider renaming this, e.g to something which describes per-cluster config vs "all nodes", but as a first step let's just rationalize the resources. Change-Id: I4011526a13c51b3d0f95c17fe8ed38115b4fdce4
2016-07-05Set os-refresh-config timeout to 4 hoursSteve Baker1-1/+1
This change uses the new os-refresh-config --timeout argument to set a kill timeout for stalled os-refresh-config runs. 4 hours is a reasonable conservative value since it matches the stack timeout - but it can be set shorter in the future based on actual run times. Change-Id: I433f558515df24736263ec0d50de08ad8f78498f Closes-Bug: #1595722 DependsOn: Ibcbb2090aed126abec8dac49efa53ecbdb2b9b2c
2016-07-05Template param for what command occ runsSteve Baker1-0/+7
The ConfigCommand parameter overrides the server resource metadata to specify what command os-collect-config runs whenever any configuration data changes. The default is already 'os-refresh-config' so this change has no effect but it allows a future change to specify an os-refresh-config --timeout argument to fix bug #1595722. Change-Id: I8dd35b6724d8c00e5495faca84ee8fee77641b82 Partial-Bug: #1595722
2016-07-04Replace NodeConfigIdentifiers with DeployIdentifierSteven Hardy1-8/+0
We added NodeConfigIdentifiers to trigger config to be re-applied on update, but then later added DeployIdentifier which forces config to *always* be applied on update, so we can simplify things by just referencing the DeployIdentifier directly. Change-Id: I79212def1936740825b714419dcb4952bc586a39
2016-06-30Composable Timezone service - ObjectStorageCarlos Camacho1-6/+0
Add timezone as a composable service Change-Id: I5bed49e1f8b803fb6d9d0b06165a38f61b132431 Partially-implements: blueprint composable-services-within-roles
2016-06-29Convert swift storage to composable servicesSteven Hardy1-6/+0
Depends-On: Ie68d7eccf4938bdbdea93327af0638b3fd002b3e Change-Id: I1eb68d0cd5f8bf4bf954dd9f12941bc493345708 Partially-Implements: blueprint composable-services-within-roles
2016-06-21Composable roles within services - NTP - ObjectStorageCarlos Camacho1-6/+0
Add NTP as a composable service for ObjectStorage. Partially-implements: blueprint composable-services-within-roles Change-Id: I6315abc7955c9dc1df9f211c1c5b7332b5e01d5a
2016-05-31Merge "Configure ObjectStorage services via resource chains"Jenkins1-0/+6
2016-05-31Cleanup hieradata to reduce Puppet warningsEmilien Macchi1-1/+1
Some puppet parameters were deprecated, some of them removed. This patch reduce the number of warnings to a few, and the rest of warnings are bugs that are in progress by Puppet OpenStack team. This patch is mostly some cleanup so we don't have useless warnings in Puppet catalog. Changes: * Update Ceilometer auth params * Update Neutron auth params * Update Heat auth params * Update Swift hash suffix param * Remove neutron::server::notifications::nova_url, useless. Change-Id: Ie32681a1fe32735f70ba372630da09f91227298c
2016-05-31Configure ObjectStorage services via resource chainsSteven Hardy1-0/+6
Similar to the https://review.openstack.org/#/c/259568 which added support for the composable services StepConfig and ServiceConfigSettings parameters so that the Controller role supports composable services, this adds those interfaces for the ObjectStorage role. Note that at this time the ObjectStorage post config only supports steps 2, 3 and 4, not all those in services/README.rst Partially-Implements: blueprint composable-services-within-roles Change-Id: I22ffaa68a6ccd4be29d51674871268179bcddcbc
2016-05-18Dump IPs configuration as hieradataGiulio Fidente1-0/+12
This might be useful if we switch to %{hiera()} calls to lookup the bind address from within a service. Also gets rid of NetIpSubnetMap and provides same output from NetIpMap instead. Change-Id: I328a417d1f1fff9c31e9ad7b2b5083ac19bc7329
2016-04-21Use 'deeper' hiera_hash merge behavior for all rolesGiulio Fidente1-0/+1
This change configures the hiera merge behavior to 'deeper' [1], which is useful to merge values when the same hiera key is found in multiple datafiles. The hiera default 'native' only picks the value from the key with the highest priority in the hierarchy. 1. https://docs.puppetlabs.com/hiera/1/lookup_types.html#deep-merging-in-hiera--120 Change-Id: I88c764d9af510ffbbad9fcaa4b747655e38255c2
2016-04-04Change /etc/hosts format and add domainJuan Antonio Osorio Robles1-12/+12
Right now, the service-related IPs assosiated with the machine are registered in the /etc/hosts with different hostnames. This is fine, except if you need to register that hostname in a third party service (such as FreeIPA), since the current configuration is not assigning a domain to those IP addresses. So the current implementation requires DNS to be properly working, which is not ideal for testing purposes. Since the current hostnames are not currently being used; it's still trivial to change this mapping and the format of them. instead of having entries such as: <INTERNAL IP> <node>-internalapi <STORAGE IP> <node>-storage ... in /etc/hosts; This changes the format to: <INTERNAL IP> <node>.internalapi.<domain> <node>.internalapi <STORAGE IP> <node>.storage.<domain> <node>.storage ... So the network (external, internal, storage, etc...) is now represented as a subdomain. For simplicity, the format without the domain is still available through an alias. Change-Id: I6502959a974546e5de757935acea15df6326acda
2016-03-21Allow option to disable Swift ring managementChristian Schwede1-4/+6
There are quite a few cases where it is useful to disable ring building on the nodes. For example: - using different weights, regions, and zones - replacing a node in an existing Swift cluster - adding a new node to an existing cluster - using storage policies and therefore multiple rings - using different nodes and disks for account, container and object servers This patch allows it to disable ring building. Rings need to be maintained manually then, and copied to all storage and proxy nodes within a cluster. This patch is similar to I01311ec3ca265b151f8740bf7dc57cdf0cf0df6f, except that it uses the current templates. Change-Id: I56978b15823dd6eaf4b6fd3440df2f895e89611a
2016-03-09Enable predictable IPs on non-controllersBen Nemec1-0/+18
For the external loadbalancer work, we added the ability to specify fixed ips for controller nodes on all network isolation networks. In order to allow users full control over the placement and ip addresses of deployed nodes, we need to be able to do the same thing for the other node types. Change-Id: I3ea91768b2ea3a40287f2f3cdb823c23533cf290
2016-03-07Fixup swift device string to delimit the ipv6 address with []marios1-1/+1
The swift device string is formatted in the outputs of the controller template and swift-storage templates. For ipv6 we need to delimit the address with [] as discussed in https://bugzilla.redhat.com/show_bug.cgi?id=1296701#c0 Change-Id: Ie611d62c3668a65a7be52777a613d265682c6a8b Co-Authored-By: Jiri Stransky <jistr@redhat.com> Closes-Bug: 1534135
2016-03-04Add IPv6 Support to Isolated NetworksDan Sneddon1-0/+6
This change adds a new set of network templates with IPv6 subnets that can be used instead of the existing IPv4 networks. Each network can use either the IPv4 or IPv6 template, and the Neutron subnet will be created with the specified IP version. The default addresses used for the IPv6 networks use the fd00::/8 prefix for the internal isolated networks (this range is reserved for private use similar to 10.0.0.0/8), and 2001:db8:fd00:1000::/64 is used as an example default for the External network (2001:db8::/32 are the documentation addresses [RFC3849]), but this would ordinarily be a globally addressable subnet. These parameters may be overridden in an environment file. This change will require updates to the OpenStack Puppet Modules to support IPv6 addresses in some of the hieradata values. Many of the OPM modules already have IPv6 support to support IPv6 deployments in Packstack, but some OPM packages that apply only to Instack/TripleO deployments need to be updated. IPv6 addresses used in URLs need to be surrounded by brackets in order to differentiate IP address from port number. This change adds a new output to the network/ports resources for ip_address_uri, which is an IP address with brackets in the case of IPv6, and a raw IP address without brackets for IPv4 ports. This change also updates some URLs which are constructed in Heat. This has been tested and problems were found with Puppet not accepting IPv6 addresses. This is addressed in the latest Puppet. Additional changes were required to make this work with Ceph. IPv6 tunnel endpoints with Open vSwitch are not yet supported (although support is coming soon), so this review leaves the Tenant network as an isolated IPv4 network for the time being. Change-Id: Ie7a742bdf1db533edda2998a53d28528f80ef8e2
2016-03-02Merge "Add HostnameMap to allow granular control of hostnames"Jenkins1-1/+8
2016-02-24Emits a different hostname for each network the node is onGiulio Fidente1-3/+46
Populates /etc/hosts with an entry for each IP address the node is on, which will be useful to migrate services configuration from using IPs into using hostnames. This is how the lines look like on a host which doesn't have all ports: 172.16.2.6 overcloud-novacompute-0.localdomain overcloud-novacompute-0 192.0.2.9 overcloud-novacompute-0-external 172.16.2.6 overcloud-novacompute-0-internalapi 172.16.1.6 overcloud-novacompute-0-storage 192.0.2.9 overcloud-novacompute-0-storagemgmt 172.16.0.4 overcloud-novacompute-0-tenant 192.0.2.9 overcloud-novacompute-0-management the network against which the default (or primary) name is resolved can be configured (for computes) via ComputeHostnameResolveNetwork Change-Id: Id480207c68e5d68967d67e2091cd081c17ab5dd7
2016-02-03Add HostnameMap to allow granular control of hostnamesSteven Hardy1-1/+8
Some operators desire more granular control of hostnames than is currently possible via the *HostnameFormat parameters, in particular mapping nodes to explicit IDs (such as inventory references) is not easily possible. So, add a HostnameMap parameter, which is optional and allows explicit overriding of the default hostnames. E.g pass an environment like this: parameter_defaults: HostnameMap: overcloud-controller-0: overcloud-controller-prod-123-0 overcloud-controller-1: overcloud-controller-prod-456-0 overcloud-controller-2: overcloud-controller-prod-789-0 Note this is mapping is global (for all roles), because we expect the keys to be unique given that they include the role name and index by default. Note that this depends on a fix for heat bug #1539737 Change-Id: Ib4d3d40e9523903ebccc06c3e14b2d71d924afa3 Depends-On: Ib934f443a8b8e4f75335a9d8b992e7f86791aa45
2016-01-18Merge "Set the name property for all deployment resources"Jenkins1-0/+2
2016-01-05Add TimeZone parameter for all node typesNico Auv1-0/+6
Adds a TimeZone parameter for node types and the top level stack. Defaults to UTC. Change-Id: I98123d894ce429c34744233fe3e631cbdd7c12b5 Depends-On: Icf7c681f359e3e48b653ea4648db6a73b532d45e
2015-12-23Merge "Add all isolated networks to all nodes."Jenkins1-0/+20
2015-12-23Merge "Add Management Network For System Administration."Jenkins1-0/+10
2015-12-23Merge "Remove unsafe "unset" defaults"Jenkins1-2/+0
2015-12-21Merge "Add SoftwareConfigTransport for switching transports"Jenkins1-0/+8
2015-12-18Add all isolated networks to all nodes.Dan Sneddon1-0/+20
This change allows every overcloud node to optionally participate in any of the isolated networks. The optional networks are not enabled by default, but allow additional flexibility. Since the new networks are not enabled by default, the standared deployment is unchanged. This change was originally requested for OpenDaylight support. There are several use cases for using non-standard networks. For instance, one example might be adding the Internal API network to the Ceph nodes, in order to use that network for administrative functions. Another example would be adding the Storage Management network to the compute nodes, in order to use it for backup. Without this change, any deviation from the standard set of roles that use a network is a custom change to the Heat templates, which makes upgrades much more difficult. Change-Id: Ia386c964aa0ef79e457821d8d96ebb8ac2847231
2015-12-18Add Management Network For System Administration.Dan Sneddon1-0/+10
This change adds a system management network to all overcloud nodes. The purpose of this network is for system administration, for access to infrastructure services like DNS or NTP, or for monitoring. This allows the management network to be placed on a bond for redundancy, or for the system management network to be an out-of-band network with no routing in or out. The management network might also be configured as a default route instead of the provisioning 'ctlplane' network. This change does not enable the management network by default. An environment file named network-management.yaml may be included to enable the network and ports for each role. The included NIC config templates have been updated with a block that may be uncommented when the management network is enabled. This change also contains some minor cleanup to the NIC templates, particularly the multiple nic templates. Change-Id: I0813a13f60a4f797be04b34258a2cffa9ea7e84f