X-Git-Url: https://gerrit.opnfv.org/gerrit/gitweb?a=blobdiff_plain;f=puppet%2Fcontroller-puppet.yaml;h=b012b4f435cd3ae1d06bbd0f2c6263935b0ab197;hb=089c26acab8ed3b5a6c32ea862969d71f7bd033c;hp=df965566c927fe9b7390db6fcdaf4af84f74d59c;hpb=5009cc64322e9fb5723799eb9fbd79076a2dc5da;p=apex-tripleo-heat-templates.git diff --git a/puppet/controller-puppet.yaml b/puppet/controller-puppet.yaml index df965566..b012b4f4 100644 --- a/puppet/controller-puppet.yaml +++ b/puppet/controller-puppet.yaml @@ -1,4 +1,4 @@ -heat_template_version: 2014-10-16 +heat_template_version: 2015-04-30 description: > OpenStack controller node configured by Puppet. @@ -14,6 +14,10 @@ parameters: description: The keystone auth secret. type: string hidden: true + CeilometerBackend: + default: 'mongodb' + description: The ceilometer backend type. + type: string CeilometerMeteringSecret: default: unset description: Secret shared by the ceilometer services. @@ -63,6 +67,23 @@ parameters: default: '' description: Set to True to enable debugging on all services. type: string + EnableGalera: + default: true + description: Whether to use Galera instead of regular MariaDB. + type: boolean + EnablePacemaker: + default: false + description: If enabled services will be monitored by Pacemaker; it + will manage VIPs as well, in place of Keepalived. + type: boolean + EnableCephStorage: + default: false + description: Whether to deploy Ceph Storage (OSD) on the Controller + type: boolean + EnableSwiftStorage: + default: true + description: Whether to enable Swift Storage on the Controller + type: boolean ExtraConfig: default: {} description: | @@ -127,6 +148,13 @@ parameters: default: http description: Protocol to use when connecting to glance, set to https for SSL. type: string + GlanceBackend: + default: swift + description: The short name of the Glance backend to use. Should be one + of swift, rbd, or file + type: string + constraints: + - allowed_values: ['swift', 'file', 'rbd'] HeatPassword: default: unset description: The password for the Heat service account, used by the Heat services. @@ -140,6 +168,9 @@ parameters: HeatAuthEncryptionKey: description: Auth encryption key for heat-engine type: string + HorizonSecret: + description: Secret key for Django + type: string Image: type: string default: overcloud-control @@ -204,7 +235,7 @@ parameters: network) - if changing this either use different post-install network scripts or be sure to keep 'datacentre' as a mapping network name. type: string - default: "" + default: "datacentre:br-ex" NeutronDnsmasqOptions: default: 'dhcp-option-force=26,1400' description: Dnsmasq options for neutron-dhcp-agent. The default value here forces MTU to be set to 1400 to account for the gre tunnel overhead. @@ -240,7 +271,7 @@ parameters: default: "True" NeutronFlatNetworks: type: string - default: '' + default: 'datacentre' description: If set, flat networks to configure in neutron plugins. NeutronL3HA: default: 'False' @@ -302,6 +333,9 @@ parameters: NtpServer: type: string default: '' + PcsdPassword: + type: string + description: The password for the 'pcsd' user. PublicVirtualInterface: default: 'br-ex' description: > @@ -392,6 +426,11 @@ parameters: default: 'false' description: Set to true to enable package installation via Puppet type: boolean + ServiceNetMap: + default: {} + description: Mapping of service_name -> network name. Typically set + via parameter_defaults in the resource registry. + type: json resources: @@ -405,15 +444,59 @@ resources: networks: - network: ctlplane user_data_format: SOFTWARE_CONFIG + user_data: {get_resource: NodeUserData} + + NodeUserData: + type: OS::TripleO::NodeUserData + + ExternalPort: + type: OS::TripleO::Controller::Ports::ExternalPort + properties: + ControlPlaneIP: {get_attr: [Controller, networks, ctlplane, 0]} + + InternalApiPort: + type: OS::TripleO::Controller::Ports::InternalApiPort + properties: + ControlPlaneIP: {get_attr: [Controller, networks, ctlplane, 0]} + + StoragePort: + type: OS::TripleO::Controller::Ports::StoragePort + properties: + ControlPlaneIP: {get_attr: [Controller, networks, ctlplane, 0]} + + StorageMgmtPort: + type: OS::TripleO::Controller::Ports::StorageMgmtPort + properties: + ControlPlaneIP: {get_attr: [Controller, networks, ctlplane, 0]} + + TenantPort: + type: OS::TripleO::Controller::Ports::TenantPort + properties: + ControlPlaneIP: {get_attr: [Controller, networks, ctlplane, 0]} + + NetIpMap: + type: OS::TripleO::Network::Ports::NetIpMap + properties: + ExternalIp: {get_attr: [ExternalPort, ip_address]} + InternalApiIp: {get_attr: [InternalApiPort, ip_address]} + StorageIp: {get_attr: [StoragePort, ip_address]} + StorageMgmtIp: {get_attr: [StorageMgmtPort, ip_address]} + TenantIp: {get_attr: [TenantPort, ip_address]} NetworkConfig: - type: OS::TripleO::Net::SoftwareConfig + type: OS::TripleO::Controller::Net::SoftwareConfig + properties: + ExternalIpSubnet: {get_attr: [ExternalPort, ip_subnet]} + InternalApiIpSubnet: {get_attr: [InternalApiPort, ip_subnet]} + StorageIpSubnet: {get_attr: [StoragePort, ip_subnet]} + StorageMgmtIpSubnet: {get_attr: [StorageMgmtPort, ip_subnet]} + TenantIpSubnet: {get_attr: [TenantPort, ip_subnet]} NetworkDeployment: type: OS::TripleO::SoftwareDeployment properties: signal_transport: NO_SIGNAL - config: {get_attr: [NetworkConfig, config_id]} + config: {get_resource: NetworkConfig} server: {get_resource: Controller} input_values: bridge_name: br-ex @@ -449,6 +532,7 @@ resources: - {get_param: VirtualIP} - ':8000/v1/waitcondition' heat_auth_encryption_key: {get_param: HeatAuthEncryptionKey} + horizon_secret: {get_param: HorizonSecret} admin_password: {get_param: AdminPassword} admin_token: {get_param: AdminToken} neutron_public_interface_ip: {get_param: NeutronPublicInterfaceIP} @@ -467,6 +551,7 @@ resources: glance_port: {get_param: GlancePort} glance_protocol: {get_param: GlanceProtocol} glance_password: {get_param: GlancePassword} + glance_backend: {get_param: GlanceBackend} glance_swift_store_auth_address: {list_join: ['', ['http://', {get_param: VirtualIP} , ':5000/v2.0']]} glance_notifier_strategy: {get_param: GlanceNotifierStrategy} glance_log_file: {get_param: GlanceLogFile} @@ -507,6 +592,9 @@ resources: - - 'http://' - {get_param: VirtualIP} - ':5000/v2.0/' + enable_galera: {get_param: EnableGalera} + enable_ceph_storage: {get_param: EnableCephStorage} + enable_swift_storage: {get_param: EnableSwiftStorage} mysql_innodb_buffer_pool_size: {get_param: MysqlInnodbBufferPoolSize} mysql_root_password: {get_param: MysqlRootPassword} mysql_cluster_name: @@ -549,6 +637,7 @@ resources: - - 'http://' - {get_param: VirtualIP} - ':35357/v2.0' + ceilometer_backend: {get_param: CeilometerBackend} ceilometer_metering_secret: {get_param: CeilometerMeteringSecret} ceilometer_password: {get_param: CeilometerPassword} ceilometer_dsn: @@ -566,11 +655,7 @@ resources: - - 'mysql://nova:unset@' - {get_param: VirtualIP} - '/nova' - rabbit_hosts: - str_replace: - template: '["host"]' - params: - host: {get_param: VirtualIP} + pcsd_password: {get_param: PcsdPassword} rabbit_username: {get_param: RabbitUserName} rabbit_password: {get_param: RabbitPassword} rabbit_cookie: {get_param: RabbitCookie} @@ -620,9 +705,12 @@ resources: controller: raw_data: {get_file: hieradata/controller.yaml} mapped_data: # data supplied directly to this deployment configuration, etc - debug: {get_input: debug} bootstack_nodeid: {get_input: bootstack_nodeid} controller_host: {get_input: controller_host} #local-ipv4 + + # Pacemaker + hacluster_pwd: {get_input: pcsd_password} + # Swift swift::proxy::proxy_local_net_ip: {get_input: controller_host} swift::proxy::authtoken::auth_uri: {get_input: keystone_auth_uri} @@ -638,23 +726,24 @@ resources: # NOTE(dprince): build_ring support is currently not wired in. # See: https://review.openstack.org/#/c/109225/ tripleo::ringbuilder::build_ring: True + # Cinder cinder_enable_rbd_backend: {get_input: cinder_enable_rbd_backend} cinder_lvm_loop_device_size: {get_input: cinder_lvm_loop_device_size} cinder_iscsi_helper: {get_input: cinder_iscsi_helper} - cinder_iscsi_ip_address: {get_input: controller_host} + cinder_iscsi_ip_address: {get_attr: [NetIpMap, net_ip_map, {get_param: [ServiceNetMap, CinderIscsiNetwork]}]} cinder::database_connection: {get_input: cinder_dsn} cinder::api::keystone_password: {get_input: cinder_password} cinder::api::auth_uri: {get_input: keystone_auth_uri} cinder::api::identity_uri: {get_input: keystone_identity_uri} - cinder::api::bind_host: {get_input: controller_host} - cinder::rabbit_hosts: {get_input: rabbit_hosts} + cinder::api::bind_host: {get_attr: [NetIpMap, net_ip_map, {get_param: [ServiceNetMap, CinderApiNetwork]}]} cinder::rabbit_userid: {get_input: rabbit_username} cinder::rabbit_password: {get_input: rabbit_password} cinder::rabbit_use_ssl: {get_input: rabbit_client_use_ssl} cinder::rabbit_port: {get_input: rabbit_client_port} + cinder::debug: {get_input: debug} cinder_enable_iscsi_backend: {get_input: cinder_enable_iscsi_backend} - #cinder::debug: {get_input: debug} + # Glance glance::api::bind_port: {get_input: glance_port} glance::api::bind_host: {get_input: controller_host} @@ -662,6 +751,7 @@ resources: glance::api::identity_uri: {get_input: keystone_identity_uri} glance::api::registry_host: {get_input: controller_host} glance::api::keystone_password: {get_input: glance_password} + glance::api::debug: {get_input: debug} # used to construct glance_api_servers glance_port: {get_input: glance_port} glance_protocol: {get_input: glance_protocol} @@ -674,16 +764,18 @@ resources: glance::registry::bind_host: {get_input: controller_host} glance::registry::auth_uri: {get_input: keystone_auth_uri} glance::registry::identity_uri: {get_input: keystone_identity_uri} + glance::registry::debug: {get_input: debug} glance::backend::swift::swift_store_auth_address: {get_input: glance_swift_store_auth_address} glance::backend::swift::swift_store_user: service:glance glance::backend::swift::swift_store_key: {get_input: glance_password} + glance_backend: {get_input: glance_backend} + # Heat heat_stack_domain_admin_password: {get_input: heat_stack_domain_admin_password} heat::engine::heat_watch_server_url: {get_input: heat.watch_server_url} heat::engine::heat_metadata_server_url: {get_input: heat.metadata_server_url} heat::engine::heat_waitcondition_server_url: {get_input: heat.waitcondition_server_url} heat::engine::auth_encryption_key: {get_input: heat_auth_encryption_key} - heat::rabbit_hosts: {get_input: rabbit_hosts} heat::rabbit_userid: {get_input: rabbit_username} heat::rabbit_password: {get_input: rabbit_password} heat::rabbit_use_ssl: {get_input: rabbit_client_use_ssl} @@ -696,6 +788,7 @@ resources: heat::api_cfn::bind_host: {get_input: controller_host} heat::database_connection: {get_input: heat_dsn} heat::instance_user: heat-admin + heat::debug: {get_input: debug} # Keystone keystone::admin_token: {get_input: admin_token} @@ -707,25 +800,30 @@ resources: keystone::database_connection: {get_input: keystone_dsn} keystone::public_bind_host: {get_input: controller_host} keystone::admin_bind_host: {get_input: controller_host} - #keystone::debug: {get_input: debug} + keystone::debug: {get_input: debug} + # MongoDB + mongodb::server::bind_ip: {get_attr: [NetIpMap, net_ip_map, {get_param: [ServiceNetMap, MongoDbNetwork]}]} # MySQL admin_password: {get_input: admin_password} + enable_galera: {get_input: enable_galera} + enable_ceph_storage: {get_input: enable_ceph_storage} + enable_swift_storage: {get_input: enable_swift_storage} mysql_innodb_buffer_pool_size: {get_input: mysql_innodb_buffer_pool_size} mysql::server::root_password: {get_input: mysql_root_password} mysql_cluster_name: {get_input: mysql_cluster_name} + # Neutron neutron::bind_host: {get_input: controller_host} - neutron::rabbit_hosts: {get_input: rabbit_hosts} neutron::rabbit_password: {get_input: rabbit_password} neutron::rabbit_user: {get_input: rabbit_user} neutron::rabbit_use_ssl: {get_input: rabbit_client_use_ssl} neutron::rabbit_port: {get_input: rabbit_client_port} - #neutron::debug: {get_input: debug} + neutron::debug: {get_input: debug} neutron::server::auth_uri: {get_input: keystone_auth_uri} neutron::server::identity_uri: {get_input: keystone_identity_uri} neutron::server::database_connection: {get_input: neutron_dsn} neutron::agents::ml2::ovs::enable_tunneling: {get_input: neutron_enable_tunneling} - neutron::agents::ml2::ovs::local_ip: {get_input: controller_host} + neutron::agents::ml2::ovs::local_ip: {get_attr: [NetIpMap, net_ip_map, {get_param: [ServiceNetMap, NeutronLocalIp]}]} neutron_flat_networks: {get_input: neutron_flat_networks} neutron::agents::metadata::shared_secret: {get_input: neutron_metadata_proxy_shared_secret} neutron::agents::metadata::metadata_ip: {get_input: controller_virtual_ip} @@ -746,27 +844,30 @@ resources: neutron::agents::metadata::auth_password: {get_input: neutron_password} neutron_dnsmasq_options: {get_input: neutron_dnsmasq_options} neutron_dsn: {get_input: neutron_dsn} + # Ceilometer + ceilometer_backend: {get_input: ceilometer_backend} + ceilometer_mysql_conn_string: {get_input: ceilometer_dsn} ceilometer::metering_secret: {get_input: ceilometer_metering_secret} - ceilometer::rabbit_hosts: {get_input: rabbit_hosts} ceilometer::rabbit_userid: {get_input: rabbit_username} ceilometer::rabbit_password: {get_input: rabbit_password} ceilometer::rabbit_use_ssl: {get_input: rabbit_client_use_ssl} ceilometer::rabbit_port: {get_input: rabbit_client_port} - ceilometer::api::host: {get_input: controller_host} + ceilometer::debug: {get_input: debug} + ceilometer::api::host: {get_attr: [NetIpMap, net_ip_map, {get_param: [ServiceNetMap, CeilometerApiNetwork]}]} ceilometer::api::keystone_password: {get_input: ceilometer_password} ceilometer::api::keystone_auth_uri: {get_input: keystone_auth_uri} ceilometer::api::keystone_identity_uri: {get_input: keystone_identity_uri} - ceilometer::db::database_connection: {get_input: ceilometer_dsn} ceilometer::agent::auth::auth_password: {get_input: ceilometer_password} snmpd_readonly_user_name: {get_input: snmpd_readonly_user_name} snmpd_readonly_user_password: {get_input: snmpd_readonly_user_password} + # Nova - nova::rabbit_hosts: {get_input: rabbit_hosts} nova::rabbit_userid: {get_input: rabbit_username} nova::rabbit_password: {get_input: rabbit_password} nova::rabbit_use_ssl: {get_input: rabbit_client_use_ssl} nova::rabbit_port: {get_input: rabbit_client_port} + nova::debug: {get_input: debug} nova::api::auth_uri: {get_input: keystone_auth_uri} nova::api::identity_uri: {get_input: keystone_identity_uri} nova::api::api_bind_address: {get_input: controller_host} @@ -777,9 +878,20 @@ resources: nova::network::neutron::neutron_admin_password: {get_input: neutron_password} nova::network::neutron::neutron_url: {get_input: neutron_url} nova::network::neutron::neutron_admin_auth_url: {get_input: neutron_admin_auth_url} + + # Horizon + horizon::django_debug: {get_input: debug} + horizon::secret_key: {get_input: horizon_secret} + horizon::bind_address: {get_input: controller_host} + horizon::keystone_url: {get_input: keystone_auth_uri} + # Rabbit + rabbitmq::node_ip_address: {get_input: controller_host} rabbitmq::erlang_cookie: {get_input: rabbit_cookie} + # Redis + redis::bind: {get_input: controller_host} # Misc + memcached::listen_ip: {get_input: controller_host} neutron_public_interface_ip: {get_input: neutron_public_interface_ip} ntp::servers: {get_input: ntp_servers} control_virtual_interface: {get_input: control_virtual_interface} @@ -796,6 +908,21 @@ outputs: ip_address: description: IP address of the server in the ctlplane network value: {get_attr: [Controller, networks, ctlplane, 0]} + external_ip_address: + description: IP address of the server in the external network + value: {get_attr: [ExternalPort, ip_address]} + internal_api_ip_address: + description: IP address of the server in the internal_api network + value: {get_attr: [InternalApiPort, ip_address]} + storage_ip_address: + description: IP address of the server in the storage network + value: {get_attr: [StoragePort, ip_address]} + storage_mgmt_ip_address: + description: IP address of the server in the storage_mgmt network + value: {get_attr: [StorageMgmtPort, ip_address]} + tenant_ip_address: + description: IP address of the server in the tenant network + value: {get_attr: [TenantPort, ip_address]} hostname: description: Hostname of the server value: {get_attr: [Controller, name]} @@ -811,7 +938,7 @@ outputs: Server's IP address and hostname in the /etc/hosts format value: str_replace: - template: IP HOST HOST.novalocal CLOUDNAME + template: IP HOST CLOUDNAME params: IP: {get_attr: [Controller, networks, ctlplane, 0]} HOST: {get_attr: [Controller, name]}