description: 'All Nodes Config for Puppet'
parameters:
- hosts:
- type: comma_delimited_list
+ cloud_name_external:
+ type: string
+ cloud_name_internal_api:
+ type: string
+ cloud_name_storage:
+ type: string
+ cloud_name_storage_mgmt:
+ type: string
+ cloud_name_ctlplane:
+ type: string
# FIXME(shardy) this can be comma_delimited_list when
# https://bugs.launchpad.net/heat/+bug/1617019 is fixed
enabled_services:
type: string
controller_ips:
type: comma_delimited_list
+ logging_groups:
+ type: json
+ logging_sources:
+ type: json
service_ips:
type: json
service_node_names:
type: json
+ short_service_node_names:
+ type: json
controller_names:
type: comma_delimited_list
memcache_node_ips:
type: comma_delimited_list
- keystone_public_api_node_ips:
- type: comma_delimited_list
- keystone_admin_api_node_ips:
- type: comma_delimited_list
NetVipMap:
type: json
+ RedisVirtualIP:
+ type: string
+ default: ''
ServiceNetMap:
type: json
DeployIdentifier:
Heat action on performed top-level stack.
constraints:
- allowed_values: ['CREATE', 'UPDATE']
+ # NOTE(jaosorior): This is being set as IPA as it's the first
+ # CA we'll actually be testing out. But we can change this if
+ # people request it.
+ CertmongerCA:
+ type: string
+ default: 'IPA'
+ EnableInternalTLS:
+ type: boolean
+ default: false
resources:
properties:
group: os-apply-config
config:
- hosts:
- list_join:
- - "\n"
- - {get_param: hosts}
hiera:
datafiles:
bootstrap_node:
all_nodes:
mapped_data:
map_merge:
+ - tripleo::profile::base::logging::fluentd::fluentd_sources: {get_param: logging_sources}
+ - tripleo::profile::base::logging::fluentd::fluentd_groups: {get_param: logging_groups}
- enabled_services: {get_param: enabled_services}
# This writes out a mapping of service_name_enabled: 'true'
# For any services not enabled, hiera foo_enabled will
for_each:
SERVICE:
str_split: [',', {get_param: enabled_services}]
+ # Dynamically generate per-service network data
+ # This works as follows (outer->inner functions)
+ # yaql - filters services where no mapping exists in ServiceNetMap
+ # map_replace: substitute e.g heat_api_network with network name from ServiceNetMap
+ # map_merge/repeat: generate a per-service mapping
+ - yaql:
+ # This filters any entries where the value hasn't been substituted for
+ # a list, e.g it's still $service_network. This happens when there is
+ # no network defined for the service in the ServiceNetMap, which is OK
+ # as not all services have to be bound to a network, so we filter them
+ expression: dict($.data.map.items().where(isString($[1]) and not $[1].endsWith("_network")))
+ data:
+ map:
+ map_replace:
+ - map_merge:
+ repeat:
+ template:
+ SERVICE_network: SERVICE_network
+ for_each:
+ SERVICE:
+ str_split: [',', {get_param: enabled_services}]
+ - values: {get_param: ServiceNetMap}
+ # Keystone doesn't provide separate entries for the public
+ # and admin endpoints, so we need to add them here manually
+ # like we do in the vip-config below
+ - keystone_admin_api_network: {get_param: [ServiceNetMap, keystone_admin_api_network]}
+ keystone_public_api_network: {get_param: [ServiceNetMap, keystone_public_api_network]}
# provides a mapping of service_name_ips to a list of IPs
- {get_param: service_ips}
- {get_param: service_node_names}
+ - {get_param: short_service_node_names}
- controller_node_ips:
list_join:
- ','
list_join:
- "]','inet6:["
- {get_param: memcache_node_ips}
- keystone_public_api_node_ips:
- str_replace:
- template: "['SERVERS_LIST']"
- params:
- SERVERS_LIST:
- list_join:
- - "','"
- - {get_param: keystone_public_api_node_ips}
- keystone_admin_api_node_ips:
- str_replace:
- template: "['SERVERS_LIST']"
- params:
- SERVERS_LIST:
- list_join:
- - "','"
- - {get_param: keystone_admin_api_node_ips}
deploy_identifier: {get_param: DeployIdentifier}
update_identifier: {get_param: UpdateIdentifier}
internal_api_virtual_ip: {get_param: [NetVipMap, internal_api]}
storage_virtual_ip: {get_param: [NetVipMap, storage]}
storage_mgmt_virtual_ip: {get_param: [NetVipMap, storage_mgmt]}
+ redis_vip: {get_param: RedisVirtualIP}
# public_virtual_ip and controller_virtual_ip are needed in
# both HAproxy & keepalived.
tripleo::haproxy::public_virtual_ip: {get_param: [NetVipMap, external]}
tripleo::keepalived::internal_api_virtual_ip: {get_param: [NetVipMap, internal_api]}
tripleo::keepalived::storage_virtual_ip: {get_param: [NetVipMap, storage]}
tripleo::keepalived::storage_mgmt_virtual_ip: {get_param: [NetVipMap, storage_mgmt]}
+ tripleo::keepalived::redis_virtual_ip: {get_param: RedisVirtualIP}
tripleo::redis_notification::haproxy_monitor_ip: {get_param: [NetVipMap, ctlplane]}
+ cloud_name_external: {get_param: cloud_name_external}
+ cloud_name_internal_api: {get_param: cloud_name_internal_api}
+ cloud_name_storage: {get_param: cloud_name_storage}
+ cloud_name_storage_mgmt: {get_param: cloud_name_storage_mgmt}
+ cloud_name_ctlplane: {get_param: cloud_name_ctlplane}
+ # TLS parameters
+ certmonger_ca: {get_param: CertmongerCA}
+ enable_internal_tls: {get_param: EnableInternalTLS}
outputs:
config_id:
description: The ID of the allNodesConfigImpl resource.
value:
{get_resource: allNodesConfigImpl}
- hosts_entries:
- description: |
- The content that should be appended to your /etc/hosts if you want to get
- hostname-based access to the deployed nodes (useful for testing without
- setting up a DNS).
- value: {get_attr: [allNodesConfigImpl, config, hosts]}
Code Review / apex-tripleo-heat-templates.git / blobdiff