controller-config-puppet.yaml

   1 # Copyright 2014 Red Hat, Inc.
   2 # All Rights Reserved.
   3 #
   4 # Licensed under the Apache License, Version 2.0 (the "License"); you may
   5 # not use this file except in compliance with the License. You may obtain
   6 # a copy of the License at
   7 #
   8 #     http://www.apache.org/licenses/LICENSE-2.0
   9 #
  10 # Unless required by applicable law or agreed to in writing, software
  11 # distributed under the License is distributed on an "AS IS" BASIS, WITHOUT
  12 # WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the
  13 # License for the specific language governing permissions and limitations
  14 # under the License.
  15 heat_template_version: 2014-10-16
  16
  17 description: >
  18   Puppet Software Config for the Controller.
  19
  20 parameters:
  21   controller_id:
  22     type: string
  23     hidden: true
  24
  25 resources:
  26
  27   # The first manifest we execute is to setup HAProxy/Keepalived.
  28   # NOTE(dprince): this example uses a composition class
  29   # on the puppet side (loadbalancer.pp). This seemed like the
  30   # cleanest way to encapulate the puppet resources definitions
  31   # for HAProxy and Keepalived.
  32   ControllerLoadbalancerPuppetConfig:
  33     type: OS::Heat::SoftwareConfig
  34     properties:
  35       group: puppet
  36       options:
  37         enable_hiera: True
  38         enable_facter: False
  39       inputs:
  40       outputs:
  41       - name: result
  42       config:
  43         get_file: puppet/loadbalancer.pp
  44
  45   ControllerLoadbalancerPuppetDeployment:
  46     type: OS::Heat::StructuredDeployment
  47     properties:
  48       name: puppet_1
  49       server: {get_param: controller_id}
  50       config: {get_resource: ControllerLoadbalancerPuppetConfig}
  51       input_values:
  52       signal_transport: NO_SIGNAL
  53
  54   ControllerPuppetConfig:
  55     type: OS::Heat::SoftwareConfig
  56     properties:
  57       group: puppet
  58       options:
  59         enable_hiera: True
  60         enable_facter: False
  61       inputs:
  62       - name: step
  63       outputs:
  64       - name: result
  65       config:
  66         get_file: puppet/overcloud_controller.pp
  67
  68   # Step through a series of two more Puppet runs using the same manifest.
  69   # NOTE(dprince): Heat breakpoints would make for a really cool way to step
  70   # through breakpoints in a controlled manner across the entire cluster
  71   ControllerPuppetDeploymentTwo:
  72     type: OS::Heat::StructuredDeployment
  73     properties:
  74       name: puppet_2
  75       server: {get_param: controller_id}
  76       config: {get_resource: ControllerPuppetConfig}
  77       input_values:
  78         step: 1
  79       signal_transport: NO_SIGNAL
  80       actions: ['CREATE'] # no need for two passes on an UPDATE
  81
  82   ControllerPuppetDeploymentThree:
  83     type: OS::Heat::StructuredDeployment
  84     properties:
  85       name: puppet_3
  86       server: {get_param: controller_id}
  87       config: {get_resource: ControllerPuppetConfig}
  88       input_values:
  89         step: 2
  90       signal_transport: NO_SIGNAL
  91
  92   # Map heat metadata into hiera datafiles
  93   ControllerConfigImpl:
  94     type: OS::Heat::StructuredConfig
  95     properties:
  96       group: os-apply-config
  97       config:
  98         hiera:
  99           hierarchy:
 100             - heat_config_%{::deploy_config_name}
 101             - controller
 102             - common
 103           datafiles:
 104             common:
 105               raw_data: {get_file: puppet/hieradata/common.yaml}
 106             controller:
 107               raw_data: {get_file: puppet/hieradata/controller.yaml}
 108               oac_data: # data we map in from other OAC configurations
 109                 bootstrap_nodeid: bootstrap_host.bootstrap_nodeid
 110               mapped_data: # data supplied directly to this deployment configuration, etc
 111                 debug: {get_input: debug}
 112                 bootstack_nodeid: {get_input: bootstack_nodeid}
 113                 controller_host: {get_input: controller_host} #local-ipv4
 114                 # Cinder
 115                 cinder_lvm_loop_device_size: {get_input: cinder_lvm_loop_device_size}
 116                 cinder::volume::iscsi::iscsi_helper: {get_input: cinder_iscsi_helper}
 117                 cinder::volume::iscsi::iscsi_ip_address: {get_input: controller_host}
 118                 cinder::database_connection: {get_input: cinder_dsn}
 119                 cinder::api::keystone_password: {get_input: cinder_password}
 120                 cinder::api::keystone_auth_host: {get_input: controller_virtual_ip}
 121                 cinder::api::bind_host: {get_input: controller_host}
 122                 cinder::rabbit_userid: {get_input: rabbit_username}
 123                 cinder::rabbit_password: {get_input: rabbit_password}
 124                 #cinder::debug: {get_input: debug}
 125                 # Glance
 126                 glance::api::bind_port: {get_input: glance_port}
 127                 glance::api::bind_host: {get_input: controller_host}
 128                 glance::api::auth_host: {get_input: controller_virtual_ip}
 129                 glance::api::registry_host: {get_input: controller_host}
 130                 glance::api::keystone_password: {get_input: glance_password}
 131                 # used to construct glance_api_servers
 132                 glance_port: {get_input: glance_port}
 133                 glance_protocol: {get_input: glance_protocol}
 134                 glance_notifier_strategy: {get_input: glance_notifier_strategy}
 135                 glance_log_file: {get_input: glance_log_file}
 136                 glance_log_file: {get_input: glance_log_file}
 137                 glance::api::database_connection: {get_input: glance_dsn}
 138                 glance::registry::keystone_password: {get_input: glance_password}
 139                 glance::registry::database_connection: {get_input: glance_dsn}
 140                 glance::registry::bind_host: {get_input: controller_host}
 141                 glance::registry::auth_host: {get_input: controller_virtual_ip}
 142                 # Heat
 143                 heat_password: {get_input: heat_password}
 144                 heat_stack_domain_admin_password: {get_input: heat_stack_domain_admin_password}
 145                 heat_dsn: {get_input: heat_dsn}
 146                 heat.watch_server_url: {get_input: heat.watch_server_url}
 147                 heat.metadata_server_url: {get_input: heat.metadata_server_url}
 148                 heat.waitcondition_server_url: {get_input: heat.waitcondition_server_url}
 149                 # Keystone
 150                 keystone::admin_token: {get_input: admin_token}
 151                 keystone_ca_certificate: {get_input: keystone_ca_certificate}
 152                 keystone_signing_key: {get_input: keystone_signing_key}
 153                 keystone_signing_certificate: {get_input: keystone_signing_certificate}
 154                 keystone_ssl_certificate: {get_input: keystone_ssl_certificate}
 155                 keystone_ssl_certificate_key: {get_input: keystone_ssl_certificate_key}
 156                 keystone::database_connection: {get_input: keystone_dsn}
 157                 keystone::public_bind_host: {get_input: controller_host}
 158                 keystone::admin_bind_host: {get_input: controller_host}
 159                 #keystone::debug: {get_input: debug}
 160                 # MySQL
 161                 admin_password: {get_input: admin_password}
 162                 mysql_innodb_buffer_pool_size: {get_input: mysql_innodb_buffer_pool_size}
 163                 mysql_root_password: {get_input: mysql_root_password}
 164                 mysql_cluster_name: {get_input: mysql_cluster_name}
 165                 # Neutron
 166                 neutron::bind_host: {get_input: controller_host}
 167                 neutron::rabbit_password: {get_input: rabbit_password}
 168                 neutron::rabbit_user: {get_input: rabbit_user}
 169                 #neutron::debug: {get_input: debug}
 170                 neutron::server::auth_host: {get_input: controller_virtual_ip}
 171                 neutron::server::database_connection: {get_input: neutron_dsn}
 172                 neutron::agents::ml2::ovs::enable_tunneling: {get_input: neutron_enable_tunneling}
 173                 neutron::agents::ml2::ovs::local_ip: {get_input: controller_host}
 174                 neutron_flat_networks: {get_input: neutron_flat_networks}
 175                 neutron::agents::metadata::shared_secret: {get_input: neutron_metadata_proxy_shared_secret}
 176                 neutron_agent_mode: {get_input: neutron_agent_mode}
 177                 neutron_router_distributed: {get_input: neutron_router_distributed}
 178                 neutron_mechanism_drivers: {get_input: neutron_mechanism_drivers}
 179                 neutron_allow_l3agent_failover: {get_input: neutron_allow_l3agent_failover}
 180                 neutron::plugins::ml2::network_vlan_ranges: {get_input: neutron_network_vlan_ranges}
 181                 neutron_bridge_mappings: {get_input: neutron_bridge_mappings}
 182                 neutron_public_interface: {get_input: neutron_public_interface}
 183                 neutron_public_interface_raw_device: {get_input: neutron_public_interface_raw_device}
 184                 neutron_public_interface_default_route: {get_input: neutron_public_interface_default_route}
 185                 neutron_public_interface_tag: {get_input: neutron_public_interface_tag}
 186                 neutron_tenant_network_type: {get_input: neutron_tenant_network_type}
 187                 neutron_tunnel_types: {get_input: neutron_tunnel_types}
 188                 neutron::server::auth_password: {get_input: neutron_password}
 189                 neutron::agents::metadata::auth_password: {get_input: neutron_password}
 190                 neutron_dnsmasq_options: {get_input: neutron_dnsmasq_options}
 191                 neutron_dsn: {get_input: neutron_dsn}
 192                 # Ceilometer
 193                 ceilometer_metering_secret: {get_input: ceilometer_metering_secret}
 194                 ceilometer_password: {get_input: ceilometer_password}
 195                 ceilometer_dsn: {get_input: ceilometer_dsn}
 196                 snmpd_readonly_user_name: {get_input: snmpd_readonly_user_name}
 197                 snmpd_readonly_user_password: {get_input: snmpd_readonly_user_password}
 198                 # Nova
 199                 nova::rabbit_userid: {get_input: rabbit_username}
 200                 nova::rabbit_password: {get_input: rabbit_password}
 201                 nova::api::auth_host: {get_input: controller_virtual_ip}
 202                 nova::api::api_bind_address: {get_input: controller_host}
 203                 nova::api::metadata_listen: {get_input: controller_host}
 204                 nova::api::admin_password: {get_input: nova_password}
 205                 nova::database_connection: {get_input: nova_dsn}
 206                 nova::api::neutron_metadata_proxy_shared_secret: {get_input: neutron_metadata_proxy_shared_secret}
 207                 # Rabbit
 208                 rabbit_username: {get_input: rabbit_username}
 209                 rabbit_password: {get_input: rabbit_password}
 210                 rabbit_cookie: {get_input: rabbit_cookie}
 211                 rabbit_client_use_ssl: {get_input: rabbit_client_use_ssl}
 212                 rabbit_client_port: {get_input: rabbit_client_port}
 213                 # Misc
 214                 neutron_public_interface_ip: {get_input: neutron_public_interface_ip}
 215                 ntp_server: {get_input: ntp_server}
 216                 control_virtual_interface: {get_input: control_virtual_interface}
 217                 controller_virtual_ip: {get_input: controller_virtual_ip}
 218                 public_virtual_interface: {get_input: public_virtual_interface}
 219                 public_virtual_ip: {get_input: public_virtual_ip}
 220                 # Load Balancer (composition class parameters)
 221                 tripleo::loadbalancer::keystone_admin: true
 222                 tripleo::loadbalancer::keystone_public: true
 223                 tripleo::loadbalancer::neutron: true
 224                 tripleo::loadbalancer::cinder: true
 225                 tripleo::loadbalancer::glance_api: true
 226                 tripleo::loadbalancer::glance_registry: true
 227                 tripleo::loadbalancer::nova_ec2: true
 228                 tripleo::loadbalancer::nova_osapi: true
 229                 tripleo::loadbalancer::nova_metadata: true
 230                 tripleo::loadbalancer::nova_novncproxy: true
 231                 tripleo::loadbalancer::mysql: true
 232                 tripleo::loadbalancer::rabbitmq: true
 233
 234 outputs:
 235   config_id:
 236     description: The ID of the ControllerConfigImpl resource.
 237     value:
 238       {get_resource: ControllerConfigImpl}