X-Git-Url: https://gerrit.opnfv.org/gerrit/gitweb?a=blobdiff_plain;f=overcloud-source.yaml;h=a5784f06fc638e0dc8711c56264226ae6eab2f6a;hb=408c50dcab1656a69f4d756f037f854f0869c068;hp=6b7be9ad47991a7120b51d02cc9a6d90d3ebe636;hpb=64a616c4267e663f2a51fcb29117734b2a7af87b;p=apex-tripleo-heat-templates.git diff --git a/overcloud-source.yaml b/overcloud-source.yaml index 6b7be9ad..a5784f06 100644 --- a/overcloud-source.yaml +++ b/overcloud-source.yaml @@ -21,6 +21,48 @@ Parameters: Default: tgtadm Description: The iSCSI helper to use with cinder. Type: String + CinderLVMLoopDeviceSize: + Default: 5000 + Description: The size of the loopback file used by the cinder LVM driver. + Type: Number + ExtraConfig: + Default: {} + Description: | + Additional configuration to inject into the cluster. The JSON should have + the following structure: + {"FILEKEY": + {"config": + [{"section": "SECTIONNAME", + "values": + [{"option": "OPTIONNAME", + "value": "VALUENAME" + } + ] + } + ] + } + } + For instance: + {"nova": + {"config": + [{"section": "default", + "values": + [{"option": "compute_manager", + "value": "ironic.nova.compute.manager.ClusterComputeManager" + } + ] + }, + {"section": "cells", + "values": + [{"option": "driver", + "value": "nova.cells.rpc_driver.CellsRPCDriver" + } + ] + } + ] + } + } + Type: Json OvercloudControlFlavor: Default: baremetal Description: Flavor for control nodes to request when deploying. @@ -29,6 +71,14 @@ Parameters: Default: baremetal Description: Flavor for compute nodes to request when deploying. Type: String + GlancePort: + Default: 9292 + Description: Glance port. + Type: String + GlanceProtocol: + Default: http + Description: Protocol to use when connecting to glance, set to https for SSL. + Type: String GlancePassword: Default: unset Description: The password for the glance service account, used by the glance services. @@ -79,6 +129,15 @@ Parameters: Description: The password for the ceilometer service account. Type: String NoEcho: true + SnmpdReadonlyUserName: + Default: ro_snmp_user + Description: The user name for SNMPd with readonly rights running on all Overcloud nodes + Type: String + SnmpdReadonlyUserPassword: + Default: unset + Description: The user password for SNMPd with readonly rights running on all Overcloud nodes + Type: String + NoEcho: true CloudName: Default: '' Description: The DNS name of this cloud. E.g. ci-overcloud.tripleo.org @@ -125,7 +184,15 @@ Parameters: Default: '' Description: If set, the public interface is a vlan with this device as the raw device. Type: String - notcomputeImage: + NeutronControlPlaneID: + Default: '' + Type: String + Description: Neutron ID for ctlplane network. + NeutronDnsmasqOptions: + Default: 'dhcp-option-force=26,1400' + Description: Dnsmasq options for neutron-dhcp-agent. The default value here forces MTU to be set to 1400 to account for the gre tunnel overhead. + Type: String + controllerImage: Type: String Default: overcloud-control NtpServer: @@ -171,72 +238,60 @@ Parameters: Description: The image ID for live-updates to the overcloud compute nodes. Default: '' MysqlInnodbBufferPoolSize: - Description: Specifies the size of the buffer pool in megabytes. + Description: > + Specifies the size of the buffer pool in megabytes. Setting to + zero should be interpreted as "no value" and will defer to the + lower level default. Type: Number - Default: 100 + Default: 0 + ControlVirtualInterface: + Default: 'br-ex' + Description: Interface where virtual ip will be assigned. + Type: String + ControlFixedIPs: + Default: [] + Description: Should be used for arbitrary ips. + Type: Json + KeystoneCACertificate: + Default: '' + Description: Keystone self-signed certificate authority certificate. + Type: String + KeystoneSigningCertificate: + Default: '' + Description: Keystone certificate for verifying token validity. + Type: String + KeystoneSigningKey: + Default: '' + Description: Keystone key for signing tokens. + Type: String + NoEcho: true Resources: + ControlVirtualIP: + Type: OS::Neutron::Port + Properties: + name: control_virtual_ip + network_id: {Ref: NeutronControlPlaneID} + fixed_ips: + Ref: ControlFixedIPs RabbitCookie: Type: OS::Heat::RandomString Properties: length: 20 salt: Ref: RabbitCookieSalt - AccessPolicy: - Properties: - AllowedResources: - - notCompute0 - - notCompute0Config - Type: OS::Heat::AccessPolicy - ComputeAccessPolicy: - Properties: - AllowedResources: - - NovaCompute0 - - NovaCompute0Config - Type: OS::Heat::AccessPolicy - notCompute0Key: - Properties: - UserName: - Ref: User - Type: AWS::IAM::AccessKey - notCompute0CompletionCondition: - Type: AWS::CloudFormation::WaitCondition - DependsOn: notCompute0Config - Properties: - Handle: {Ref: notCompute0CompletionHandle} - Count: '1' - Timeout: '1800' - notCompute0CompletionHandle: - Type: OS::Heat::UpdateWaitConditionHandle - NovaCompute0Key: - Type: FileInclude - Path: nova-compute-instance.yaml - SubKey: Resources.NovaCompute0Key - NovaCompute0CompletionCondition: - Type: FileInclude - Path: nova-compute-instance.yaml - SubKey: Resources.NovaCompute0CompletionCondition - NovaCompute0CompletionHandle: - Type: FileInclude - Path: nova-compute-instance.yaml - SubKey: Resources.NovaCompute0CompletionHandle - ComputeUser: - Properties: - Policies: - - Ref: ComputeAccessPolicy - Type: AWS::IAM::User NovaCompute0Config: Type: FileInclude Path: nova-compute-instance.yaml - SubKey: Resources.NovaCompute0Config + SubKey: Resources.NovaCompute0Deploy Parameters: - NovaApiHost: {"Fn::Select": [ 0, {"Fn::Select": [ "ctlplane", {"Fn::GetAtt": [notCompute0, networks]} ]} ] } - KeystoneHost: {"Fn::Select": [ 0, {"Fn::Select": [ "ctlplane", {"Fn::GetAtt": [notCompute0, networks]} ]} ] } - RabbitHost: {"Fn::Select": [ 0, {"Fn::Select": [ "ctlplane", {"Fn::GetAtt": [notCompute0, networks]} ]} ] } - NeutronHost: {"Fn::Select": [ 0, {"Fn::Select": [ "ctlplane", {"Fn::GetAtt": [notCompute0, networks]} ]} ] } - GlanceHost: {"Fn::Select": [ 0, {"Fn::Select": [ "ctlplane", {"Fn::GetAtt": [notCompute0, networks]} ]} ] } - NovaDSN: {"Fn::Join": ['', ['mysql://nova:unset@', {"Fn::Select": [ 0, {"Fn::Select": [ "ctlplane", {"Fn::GetAtt": [notCompute0, networks]} ]} ]}, '/nova']]} - CeilometerDSN: {"Fn::Join": ['', ['mysql://ceilometer:unset@', {"Fn::Select": [ 0, {"Fn::Select": [ "ctlplane", {"Fn::GetAtt": [notCompute0, networks]} ]} ]}, '/ceilometer']]} - NeutronDSN: {"Fn::Join": ['', ['mysql://neutron:unset@', {"Fn::Select": [ 0, {"Fn::Select": [ "ctlplane", {"Fn::GetAtt": [notCompute0, networks]} ]} ]}, '/neutron']]} + NovaApiHost: {'Fn::Select': [ip_address, 'Fn::Select': [0, 'Fn::GetAtt': [ControlVirtualIP, fixed_ips]]]} + KeystoneHost: {'Fn::Select': [ip_address, 'Fn::Select': [0, 'Fn::GetAtt': [ControlVirtualIP, fixed_ips]]]} + RabbitHost: {'Fn::Select': [ip_address, 'Fn::Select': [0, 'Fn::GetAtt': [ControlVirtualIP, fixed_ips]]]} + NeutronHost: {'Fn::Select': [ip_address, 'Fn::Select': [0, 'Fn::GetAtt': [ControlVirtualIP, fixed_ips]]]} + GlanceHost: {'Fn::Select': [ip_address, 'Fn::Select': [0, 'Fn::GetAtt': [ControlVirtualIP, fixed_ips]]]} + NovaDSN: {"Fn::Join": ['', ['mysql://nova:unset@', {'Fn::Select': [ip_address, 'Fn::Select': [0, 'Fn::GetAtt': [ControlVirtualIP, fixed_ips]]]}, '/nova']]} + CeilometerDSN: {"Fn::Join": ['', ['mysql://ceilometer:unset@', {'Fn::Select': [ip_address, 'Fn::Select': [0, 'Fn::GetAtt': [ControlVirtualIP, fixed_ips]]]}, '/ceilometer']]} + NeutronDSN: {"Fn::Join": ['', ['mysql://neutron:unset@', {'Fn::Select': [ip_address, 'Fn::Select': [0, 'Fn::GetAtt': [ControlVirtualIP, fixed_ips]]]}, '/neutron']]} NeutronNetworkType: "gre" NeutronEnableTunnelling: "True" NeutronFlatNetworks: @@ -278,258 +333,358 @@ Resources: - show - 'novalocal' - Fn::Join: - - ' ' - - - Fn::Select: - - 0 - - Fn::Select: - - ctlplane - - Fn::GetAtt: - - notCompute0 - - networks - - {Ref: CloudName} - # If CloudName is unset, make the hosts line still valid - - unused + - "\n" + - Merge::Map: + controller0: + Fn::Join: + - ' ' + - - Fn::Select: + - 0 + - Fn::Select: + - ctlplane + - Fn::GetAtt: + - controller0 + - networks + - Fn::Select: + - name + - Fn::GetAtt: + - controller0 + - show + - Fn::Join: + - '.' + - - Fn::Select: + - name + - Fn::GetAtt: + - controller0 + - show + - 'novalocal' + - {Ref: CloudName} + NovaCompute0Passthrough: + Type: OS::Heat::StructuredDeployment + Properties: + config: {Ref: NovaComputePassthrough} + server: {Ref: NovaCompute0} + signal_transport: NO_SIGNAL + input_values: + passthrough_config: {Ref: ExtraConfig} NovaCompute0: Type: FileInclude Path: nova-compute-instance.yaml SubKey: Resources.NovaCompute0 - User: + controllerConfig: + Type: OS::Heat::StructuredConfig + Properties: + group: os-apply-config + config: + completion-signal: {get_input: deploy_signal_id} + admin-password: + Ref: AdminPassword + admin-token: + Ref: AdminToken + bootstack: + public_interface_ip: + Ref: NeutronPublicInterfaceIP + bootstrap_host: + bootstrap_nodeid: + Fn::Select: + - 0 + - Fn::Select: + - 0 + - Merge::Map: + controller0: + - Fn::Select: + - name + - Fn::GetAtt: + - controller0 + - show + nodeid: {get_input: bootstack_nodeid} + cinder: + db: mysql://cinder:unset@localhost/cinder + volume_size_mb: + Ref: CinderLVMLoopDeviceSize + service-password: + Ref: CinderPassword + iscsi-helper: + Ref: CinderISCSIHelper + controller-address: + get_input: controller_host + db-password: unset + glance: + registry: + host: {get_input: controller_virtual_ip} + backend: swift + db: mysql://glance:unset@localhost/glance + host: + get_input: controller_host + port: + Ref: GlancePort + protocol: + Ref: GlanceProtocol + service-password: + Ref: GlancePassword + swift-store-user: service:glance + swift-store-key: + Ref: GlancePassword + notifier-strategy: + Ref: GlanceNotifierStrategy + log-file: + Ref: GlanceLogFile + heat: + admin_password: + Ref: HeatPassword + admin_tenant_name: service + admin_user: heat + auth_encryption_key: unset___________ + db: mysql://heat:unset@localhost/heat + stack_domain_admin_password: {Ref: HeatStackDomainAdminPassword} + watch_server_url: {get_input: heat.watch_server_url} + metadata_server_url: {get_input: heat.metadata_server_url} + waitcondition_server_url: {get_input: heat.waitcondition_server_url} + hosts: {get_input: hosts} + keystone: + db: mysql://keystone:unset@localhost/keystone + host: + get_input: controller_host + ca_certificate: {Ref: KeystoneCACertificate} + signing_key: {Ref: KeystoneSigningKey} + signing_certificate: {Ref: KeystoneSigningCertificate} + mysql: + innodb_buffer_pool_size: {Ref: MysqlInnodbBufferPoolSize} + neutron: + flat-networks: {Ref: NeutronFlatNetworks} + host: {get_input: controller_virtual_ip} + metadata_proxy_shared_secret: unset + ovs: + enable_tunneling: 'True' + local_ip: + get_input: controller_host + bridge_mappings: {Ref: NeutronBridgeMappings} + public_interface: + Ref: NeutronPublicInterface + public_interface_raw_device: + Ref: NeutronPublicInterfaceRawDevice + public_interface_route: + Ref: NeutronPublicInterfaceDefaultRoute + physical_bridge: br-ex + tenant_network_type: gre + ovs_db: mysql://neutron:unset@localhost/ovs_neutron?charset=utf8 + service-password: + Ref: NeutronPassword + dnsmasq-options: + Ref: NeutronDnsmasqOptions + ceilometer: + db: mysql://ceilometer:unset@localhost/ceilometer + metering_secret: {Ref: CeilometerMeteringSecret} + service-password: + Ref: CeilometerPassword + snmpd: + export_MIB: UCD-SNMP-MIB + readonly_user_name: + Ref: SnmpdReadonlyUserName + readonly_user_password: + Ref: SnmpdReadonlyUserPassword + nova: + compute_driver: libvirt.LibvirtDriver + db: mysql://nova:unset@localhost/nova + default_floating_pool: + ext-net + host: {get_input: controller_virtual_ip} + metadata-proxy: true + service-password: + Ref: NovaPassword + rabbit: + host: + get_input: controller_host + username: + Ref: RabbitUserName + password: + Ref: RabbitPassword + cookie: + Fn::GetAtt: + - RabbitCookie + - value + ntp: + servers: + - {server: {Ref: NtpServer}, fudge: "stratum 0"} + keepalived: + keepalive_interface: + Ref: NeutronPublicInterface + priority: 101 + virtual_ips: + - + ip: {'Fn::Select': [ip_address, 'Fn::Select': [0, 'Fn::GetAtt': [ControlVirtualIP, fixed_ips]]]} + interface: + Ref: ControlVirtualInterface + haproxy: + nodes: + Merge::Map: + controller0: + ip: {"Fn::Select": [ 0, {"Fn::Select": [ "ctlplane", {"Fn::GetAtt": [controller0, networks]} ]} ] } + name: {"Fn::Select": [ name, {"Fn::GetAtt": [controller0, show]} ] } + net_binds: + - ip: {'Fn::Select': [ip_address, 'Fn::Select': [0, 'Fn::GetAtt': [ControlVirtualIP, fixed_ips]]]} + services: + - name: keystone_admin + port: 35357 + - name: keystone_public + port: 5000 + - name: horizon + port: 80 + - name: neutron + port: 9696 + - name: cinder + port: 8776 + - name: glance_api + port: 9292 + - name: glance_registry + port: 9191 + - name: heat_api + port: 8004 + - name: heat_cloudwatch + port: 8003 + - name: heat_cfn + port: 8000 + - name: nova_ec2 + port: 8773 + - name: nova_osapi + port: 8774 + - name: nova_metadata + port: 8775 + - name: ceilometer + port: 8777 + - name: swift_proxy_server + port: 8080 + controllerPassthrough: + Type: OS::Heat::StructuredConfig + Properties: + group: os-apply-config + config: {get_input: passthrough_config} + controller0: + Type: OS::Nova::Server Properties: - Policies: - - Ref: AccessPolicy - Type: AWS::IAM::User - notCompute0Config: - Type: AWS::AutoScaling::LaunchConfiguration + image: + Ref: controllerImage + image_update_policy: + Ref: ImageUpdatePolicy + flavor: + Ref: OvercloudControlFlavor + key_name: + Ref: KeyName + user_data_format: SOFTWARE_CONFIG + controller0Deployment: + Type: OS::Heat::StructuredDeployment Properties: - ImageId: '0' - InstanceType: '0' - Metadata: - OpenStack::Heat::Stack: {} - OpenStack::ImageBuilder::Elements: - - boot-stack - - heat-cfntools - - heat-localip - - neutron-network-node - admin-password: - Ref: AdminPassword - admin-token: - Ref: AdminToken - bootstack: - public_interface_ip: - Ref: NeutronPublicInterfaceIP - cinder: - db: mysql://cinder:unset@localhost/cinder - volume_size_mb: '5000' - service-password: - Ref: CinderPassword - iscsi-helper: - Ref: CinderISCSIHelper - completion-handle: - Ref: notCompute0CompletionHandle - controller-address: - Fn::Select: - - 0 - - Fn::Select: - - 'ctlplane' - - Fn::GetAtt: - - notCompute0 - - networks - db-password: unset - glance: - backend: swift - db: mysql://glance:unset@localhost/glance - host: + config: {Ref: controllerConfig} + server: {Ref: controller0} + input_values: + bootstack_nodeid: + Fn::Select: + - name + - Fn::GetAtt: + - controller0 + - show + controller_host: Fn::Select: - - 0 - - Fn::Select: - - 'ctlplane' - - Fn::GetAtt: - - notCompute0 - - networks - service-password: - Ref: GlancePassword - swift-store-user: service:glance - swift-store-key: - Ref: GlancePassword - notifier-strategy: - Ref: GlanceNotifierStrategy - log-file: - Ref: GlanceLogFile - heat: - admin_password: - Ref: HeatPassword - admin_tenant_name: service - admin_user: heat - auth_encryption_key: unset___________ - db: mysql://heat:unset@localhost/heat - stack_domain_admin_password: {Ref: HeatStackDomainAdminPassword} - watch_server_url: + - 0 + - Fn::Select: + - ctlplane + - Fn::GetAtt: + - controller0 + - networks + heat.watch_server_url: Fn::Join: - '' - - 'http://' - - Fn::Select: - - 0 - - Fn::Select: - - 'ctlplane' - - Fn::GetAtt: - - notCompute0 - - networks + - {'Fn::Select': [ip_address, 'Fn::Select': [0, 'Fn::GetAtt': [ControlVirtualIP, fixed_ips]]]} - ':8003' - metadata_server_url: + heat.metadata_server_url: Fn::Join: - '' - - 'http://' - - Fn::Select: - - 0 - - Fn::Select: - - 'ctlplane' - - Fn::GetAtt: - - notCompute0 - - networks + - {'Fn::Select': [ip_address, 'Fn::Select': [0, 'Fn::GetAtt': [ControlVirtualIP, fixed_ips]]]} - ':8000' - waitcondition_server_url: + heat.waitcondition_server_url: Fn::Join: - '' - - 'http://' - - Fn::Select: - - 0 - - Fn::Select: - - 'ctlplane' - - Fn::GetAtt: - - notCompute0 - - networks + - {'Fn::Select': [ip_address, 'Fn::Select': [0, 'Fn::GetAtt': [ControlVirtualIP, fixed_ips]]]} - ':8000/v1/waitcondition' - hosts: - Fn::Join: - - ' ' - - - Fn::Select: - - 0 - - Fn::Select: - - ctlplane - - Fn::GetAtt: - - notCompute0 - - networks - - {Ref: CloudName} - keystone: - db: mysql://keystone:unset@localhost/keystone - host: - Fn::Select: - - 0 - - Fn::Select: - - 'ctlplane' - - Fn::GetAtt: - - notCompute0 - - networks - mysql: - innodb_buffer_pool_size: {Ref: MysqlInnodbBufferPoolSize} - neutron: - flat-networks: {Ref: NeutronFlatNetworks} - host: - Fn::Select: - - 0 - - Fn::Select: - - ctlplane - - Fn::GetAtt: - - notCompute0 - - networks - metadata_proxy_shared_secret: unset - ovs: - enable_tunneling: 'True' - local_ip: - Fn::Select: - - 0 - - Fn::Select: - - ctlplane - - Fn::GetAtt: - - notCompute0 - - networks - bridge_mappings: {Ref: NeutronBridgeMappings} - public_interface: - Ref: NeutronPublicInterface - public_interface_raw_device: - Ref: NeutronPublicInterfaceRawDevice - public_interface_route: - Ref: NeutronPublicInterfaceDefaultRoute - physical_bridge: br-ex - tenant_network_type: gre - ovs_db: mysql://neutron:unset@localhost/ovs_neutron?charset=utf8 - service-password: - Ref: NeutronPassword - ceilometer: - db: mysql://ceilometer:unset@localhost/ceilometer - metering_secret: {Ref: CeilometerMeteringSecret} - service-password: - Ref: CeilometerPassword - nova: - compute_driver: libvirt.LibvirtDriver - db: mysql://nova:unset@localhost/nova - default_floating_pool: - ext-net - host: - Fn::Select: - - 0 - - Fn::Select: - - 'ctlplane' - - Fn::GetAtt: - - notCompute0 - - networks - metadata-proxy: true - service-password: - Ref: NovaPassword - os-collect-config: - cfn: - access_key_id: - Ref: notCompute0Key - path: notCompute0Config.Metadata - secret_access_key: - Fn::GetAtt: - - notCompute0Key - - SecretAccessKey - stack_name: - Ref: AWS::StackName - rabbit: - host: - Fn::Select: - - 0 - - Fn::Select: - - ctlplane - - Fn::GetAtt: - - notCompute0 - - networks - username: - Ref: RabbitUserName - password: - Ref: RabbitPassword - cookie: - Fn::GetAtt: - - RabbitCookie - - value - ntp: - servers: - - {server: {Ref: NtpServer}, fudge: "stratum 0"} - notCompute0: - Type: OS::Nova::Server + hosts: + Fn::Join: + - "\n" + - - Fn::Join: + - "\n" + - Merge::Map: + NovaCompute0: + Fn::Join: + - ' ' + - - Fn::Select: + - 0 + - Fn::Select: + - ctlplane + - Fn::GetAtt: + - NovaCompute0 + - networks + - Fn::Select: + - name + - Fn::GetAtt: + - NovaCompute0 + - show + - Fn::Join: + - '.' + - - Fn::Select: + - name + - Fn::GetAtt: + - NovaCompute0 + - show + - 'novalocal' + - Fn::Join: + - "\n" + - Merge::Map: + controller0: + Fn::Join: + - ' ' + - - Fn::Select: + - 0 + - Fn::Select: + - ctlplane + - Fn::GetAtt: + - controller0 + - networks + - Fn::Select: + - name + - Fn::GetAtt: + - controller0 + - show + - Fn::Join: + - '.' + - - Fn::Select: + - name + - Fn::GetAtt: + - controller0 + - show + - 'novalocal' + - {Ref: CloudName} + controller_virtual_ip: + {'Fn::Select': [ip_address, 'Fn::Select': [0, 'Fn::GetAtt': [ControlVirtualIP, fixed_ips]]]} + controller0SSLDeployment: + Type: OS::Heat::StructuredDeployment Properties: - image: - Ref: notcomputeImage - image_update_policy: - Ref: ImageUpdatePolicy - flavor: - Ref: OvercloudControlFlavor - key_name: - Ref: KeyName - Metadata: - os-collect-config: - cfn: - access_key_id: - Ref: notCompute0Key - path: notCompute0Config.Metadata - secret_access_key: - Fn::GetAtt: - - notCompute0Key - - SecretAccessKey - stack_name: - Ref: AWS::StackName + config: {Ref: SSLConfig} + server: {Ref: controller0} + signal_transport: NO_SIGNAL + input_values: + ssl_certificate: {Ref: SSLCertificate} + ssl_key: {Ref: SSLKey} + ssl_ca_certificate: {Ref: SSLCACertificate} + controller0Passthrough: + Type: OS::Heat::StructuredDeployment + Properties: + config: {Ref: controllerPassthrough} + server: {Ref: controller0} + signal_transport: NO_SIGNAL + input_values: + passthrough_config: {Ref: ExtraConfig} Outputs: KeystoneURL: Description: URL for the Overcloud Keystone service @@ -538,10 +693,10 @@ Outputs: - '' - - http:// - Fn::Select: - - 0 + - ip_address - Fn::Select: - - ctlplane + - 0 - Fn::GetAtt: - - notCompute0 - - networks + - ControlVirtualIP + - fixed_ips - :5000/v2.0/