X-Git-Url: https://gerrit.opnfv.org/gerrit/gitweb?a=blobdiff_plain;f=puppet%2Fcontroller.yaml;h=c18dc92c0ffdf8aaa08e62fa51b9643c62140c2d;hb=e1484c6e2fc4052a51e07b9e1847777d57d2ccda;hp=9b48cf596d9fbb08099c40718d1af00dec6e7c97;hpb=4ff84638ab1fd39b6c907ed2899227462da358cf;p=apex-tripleo-heat-templates.git diff --git a/puppet/controller.yaml b/puppet/controller.yaml index 9b48cf59..c18dc92c 100644 --- a/puppet/controller.yaml +++ b/puppet/controller.yaml @@ -10,12 +10,10 @@ parameters: type: string hidden: true AdminPassword: - default: unset description: The password for the keystone admin account, used for monitoring, querying neutron etc. type: string hidden: true AdminToken: - default: unset description: The keystone auth secret and db password. type: string hidden: true @@ -27,18 +25,25 @@ parameters: description: The ceilometer backend type. type: string CeilometerMeteringSecret: - default: unset description: Secret shared by the ceilometer services. type: string hidden: true CeilometerPassword: - default: unset description: The password for the ceilometer service and db account. type: string hidden: true CinderApiVirtualIP: type: string default: '' + CeilometerWorkers: + default: 0 + description: Number of workers for Ceilometer service. + type: number + CinderEnableDBPurge: + default: true + description: | + Whether to create cron job for purging soft deleted rows in Cinder database. + type: boolean CinderEnableNfsBackend: default: false description: Whether to enable or not the NFS backend for Cinder @@ -72,7 +77,6 @@ parameters: CinderEnableNfsBackend is true. type: comma_delimited_list CinderPassword: - default: unset description: The password for the cinder service and db account, used by cinder-api. type: string hidden: true @@ -81,6 +85,10 @@ parameters: description: Contains parameters to configure Cinder backends. Typically set via parameter_defaults in the resource registry. type: json + CinderWorkers: + default: 0 + description: Number of workers for Cinder service. + type: number CloudName: default: overcloud description: The DNS name of this cloud. E.g. ci-overcloud.tripleo.org @@ -90,6 +98,15 @@ parameters: description: | Controller specific hiera configuration data to inject into the cluster. type: json + ControllerIPs: + default: {} + description: > + A network mapped list of IPs to assign to Controllers in the following form: + { + "internal_api": ["a.b.c.d", "e.f.g.h"], + ... + } + type: json ControlVirtualInterface: default: 'br-ex' description: Interface where virtual ip will be assigned. @@ -170,7 +187,6 @@ parameters: type: string default: '' GlancePassword: - default: unset description: The password for the glance service and db account, used by the glance services. type: string hidden: true @@ -209,15 +225,17 @@ parameters: default: /dev/log description: Syslog address where HAproxy will send its log type: string + GlanceWorkers: + default: 0 + description: Number of workers for Glance service. + type: number HeatPassword: - default: unset description: The password for the Heat service and db account, used by the Heat services. type: string hidden: true HeatStackDomainAdminPassword: description: Password for heat_domain_admin user. type: string - default: '' hidden: true HeatAuthEncryptionKey: description: Auth encryption key for heat-engine @@ -227,6 +245,10 @@ parameters: default: '*' description: A list of IP/Hostname allowed to connect to horizon type: comma_delimited_list + HeatWorkers: + default: 0 + description: Number of workers for Heat service. + type: number HorizonSecret: description: Secret key for Django type: string @@ -294,6 +316,10 @@ parameters: default: false description: Whether IPtables rules should be purged before setting up the new ones. type: boolean + KeystoneWorkers: + default: 0 + description: Number of workers for Keystone service. + type: number MysqlClusterUniquePart: description: A unique identifier of the MySQL cluster the controller is in. type: string @@ -367,7 +393,6 @@ parameters: description: Whether to configure Neutron Distributed Virtual Routers type: string NeutronMetadataProxySharedSecret: - default: 'unset' description: Shared secret to prevent spoofing type: string hidden: true @@ -378,7 +403,7 @@ parameters: from neutron.core_plugins namespace. type: string NeutronServicePlugins: - default: "router" + default: "router,qos" description: | Comma-separated list of service plugin entrypoints to be loaded from the neutron.service_plugins namespace. @@ -429,7 +454,6 @@ parameters: VLAN on the 'datacentre' physical network (See NeutronBridgeMappings). type: comma_delimited_list NeutronPassword: - default: unset description: The password for the neutron service and db account, used by neutron agents. type: string hidden: true @@ -476,14 +500,36 @@ parameters: of VXLAN VNI IDs that are available for tenant network allocation default: ["1:1000", ] type: comma_delimited_list + NeutronPluginExtensions: + default: "qos" + description: | + Comma-separated list of extensions enabled for the Neutron plugin. + type: comma_delimited_list + NeutronAgentExtensions: + default: "qos" + description: | + Comma-separated list of extensions enabled for the Neutron agents. + type: comma_delimited_list NovaApiVirtualIP: type: string default: '' + NeutronWorkers: + default: 0 + description: Number of workers for Neutron service. + type: number + NovaEnableDBPurge: + default: true + description: | + Whether to create cron job for purging soft deleted rows in Nova database. + type: boolean NovaPassword: - default: unset description: The password for the nova service and db account, used by nova-api. type: string hidden: true + NovaWorkers: + default: 0 + description: Number of workers for Nova service. + type: number MongoDbNoJournal: default: false description: Should MongoDb journaling be disabled @@ -540,12 +586,10 @@ parameters: description: The user name for SNMPd with readonly rights running on all Overcloud nodes type: string SnmpdReadonlyUserPassword: - default: unset description: The user password for SNMPd with readonly rights running on all Overcloud nodes type: string hidden: true SwiftHashSuffix: - default: unset description: A random string to be used as a salt when hashing to determine mappings in the ring. hidden: true @@ -563,7 +607,6 @@ parameters: description: Partition Power to use when building Swift rings type: number SwiftPassword: - default: unset description: The password for the swift service account, used by the swift proxy services. hidden: true @@ -575,6 +618,14 @@ parameters: type: number default: 3 description: How many replicas to use in the swift rings. + SwiftWorkers: + default: 0 + description: Number of workers for Swift service. + type: number + TimeZone: + default: 'UTC' + description: The timezone to be set on controller nodes. + type: string VirtualIP: # DEPRECATED: use per service settings instead type: string default: '' # Has to be here because of the ignored empty value bug @@ -630,6 +681,13 @@ parameters: NodeIndex: type: number default: 0 + SoftwareConfigTransport: + default: POLL_SERVER_CFN + description: | + How the server should receive the metadata required for software configuration. + type: string + constraints: + - allowed_values: [POLL_SERVER_CFN, POLL_SERVER_HEAT, POLL_TEMP_URL, ZAQAR_MESSAGE] CloudDomain: default: '' type: string @@ -661,6 +719,7 @@ resources: user_data_format: SOFTWARE_CONFIG user_data: {get_resource: UserData} name: {get_param: Hostname} + software_config_transport: {get_param: SoftwareConfigTransport} metadata: {get_param: ServerMetadata} scheduler_hints: {get_param: SchedulerHints} @@ -687,25 +746,40 @@ resources: ExternalPort: type: OS::TripleO::Controller::Ports::ExternalPort properties: + IPPool: {get_param: ControllerIPs} + NodeIndex: {get_param: NodeIndex} ControlPlaneIP: {get_attr: [Controller, networks, ctlplane, 0]} InternalApiPort: type: OS::TripleO::Controller::Ports::InternalApiPort properties: + IPPool: {get_param: ControllerIPs} + NodeIndex: {get_param: NodeIndex} ControlPlaneIP: {get_attr: [Controller, networks, ctlplane, 0]} StoragePort: type: OS::TripleO::Controller::Ports::StoragePort properties: + IPPool: {get_param: ControllerIPs} + NodeIndex: {get_param: NodeIndex} ControlPlaneIP: {get_attr: [Controller, networks, ctlplane, 0]} StorageMgmtPort: type: OS::TripleO::Controller::Ports::StorageMgmtPort properties: + IPPool: {get_param: ControllerIPs} + NodeIndex: {get_param: NodeIndex} ControlPlaneIP: {get_attr: [Controller, networks, ctlplane, 0]} TenantPort: type: OS::TripleO::Controller::Ports::TenantPort + properties: + IPPool: {get_param: ControllerIPs} + NodeIndex: {get_param: NodeIndex} + ControlPlaneIP: {get_attr: [Controller, networks, ctlplane, 0]} + + ManagementPort: + type: OS::TripleO::Controller::Ports::ManagementPort properties: ControlPlaneIP: {get_attr: [Controller, networks, ctlplane, 0]} @@ -718,6 +792,7 @@ resources: StorageIp: {get_attr: [StoragePort, ip_address]} StorageMgmtIp: {get_attr: [StorageMgmtPort, ip_address]} TenantIp: {get_attr: [TenantPort, ip_address]} + ManagementIp: {get_attr: [ManagementPort, ip_address]} NetIpSubnetMap: type: OS::TripleO::Network::Ports::NetIpSubnetMap @@ -728,6 +803,7 @@ resources: StorageIpSubnet: {get_attr: [StoragePort, ip_subnet]} StorageMgmtIpSubnet: {get_attr: [StorageMgmtPort, ip_subnet]} TenantIpSubnet: {get_attr: [TenantPort, ip_subnet]} + ManagementIpSubnet: {get_attr: [ManagementPort, ip_subnet]} NetworkConfig: type: OS::TripleO::Controller::Net::SoftwareConfig @@ -738,6 +814,7 @@ resources: StorageIpSubnet: {get_attr: [StoragePort, ip_subnet]} StorageMgmtIpSubnet: {get_attr: [StorageMgmtPort, ip_subnet]} TenantIpSubnet: {get_attr: [TenantPort, ip_subnet]} + ManagementIpSubnet: {get_attr: [ManagementPort, ip_subnet]} NetworkDeployment: type: OS::TripleO::SoftwareDeployment @@ -772,6 +849,14 @@ resources: server: {get_resource: Controller} input_values: bootstack_nodeid: {get_attr: [Controller, name]} + ceilometer_workers: {get_param: CeilometerWorkers} + cinder_workers: {get_param: CinderWorkers} + glance_workers: {get_param: GlanceWorkers} + heat_workers: {get_param: HeatWorkers} + keystone_workers: {get_param: KeystoneWorkers} + nova_workers: {get_param: NovaWorkers} + neutron_workers: {get_param: NeutronWorkers} + swift_workers: {get_param: SwiftWorkers} neutron_enable_tunneling: {get_param: NeutronEnableTunnelling} neutron_enable_l2pop: {get_param: NeutronEnableL2Pop} neutron_enable_isolated_metadata: {get_param: NeutronEnableIsolatedMetadata} @@ -802,6 +887,7 @@ resources: admin_token: {get_param: AdminToken} neutron_public_interface_ip: {get_param: NeutronPublicInterfaceIP} debug: {get_param: Debug} + cinder_enable_db_purge: {get_param: CinderEnableDBPurge} cinder_enable_nfs_backend: {get_param: CinderEnableNfsBackend} cinder_enable_rbd_backend: {get_param: CinderEnableRbdBackend} cinder_nfs_mount_options: {get_param: CinderNfsMountOptions} @@ -951,6 +1037,16 @@ resources: template: TYPES params: TYPES: {get_param: NeutronTunnelTypes} + neutron_plugin_extensions: + str_replace: + template: PLUGIN_EXTENSIONS + params: + PLUGIN_EXTENSIONS: {get_param: NeutronPluginExtensions} + neutron_agent_extensions: + str_replace: + template: AGENT_EXTENSIONS + params: + AGENT_EXTENSIONS: {get_param: NeutronAgentExtensions} neutron_password: {get_param: NeutronPassword} neutron_dnsmasq_options: {get_param: NeutronDnsmasqOptions} neutron_dsn: @@ -985,6 +1081,7 @@ resources: - '/ceilometer' snmpd_readonly_user_name: {get_param: SnmpdReadonlyUserName} snmpd_readonly_user_password: {get_param: SnmpdReadonlyUserPassword} + nova_enable_db_purge: {get_param: NovaEnableDBPurge} nova_password: {get_param: NovaPassword} nova_dsn: list_join: @@ -1012,6 +1109,7 @@ resources: params: LIMIT: {get_param: RabbitFDLimit} ntp_servers: {get_param: NtpServer} + timezone: {get_param: TimeZone} control_virtual_interface: {get_param: ControlVirtualInterface} public_virtual_interface: {get_param: PublicVirtualInterface} swift_hash_suffix: {get_param: SwiftHashSuffix} @@ -1074,11 +1172,14 @@ resources: - vip_data # provided by vip-config - '"%{::osfamily}"' - common + - cinder_dellsc_data # Optionally provided by ControllerExtraConfigPre - cinder_netapp_data # Optionally provided by ControllerExtraConfigPre + - cinder_eqlx_data # Optionally provided by ControllerExtraConfigPre - neutron_bigswitch_data # Optionally provided by ControllerExtraConfigPre - neutron_cisco_data # Optionally provided by ControllerExtraConfigPre - cisco_n1kv_data # Optionally provided by ControllerExtraConfigPre - neutron_nuage_data # Optionally provided by ControllerExtraConfigPre + - midonet_data #Optionally provided by AllNodesExtraConfig datafiles: controller_extraconfig: mapped_data: {get_param: ControllerExtraConfig} @@ -1114,6 +1215,7 @@ resources: swift::storage::all::storage_local_net_ip: {get_input: swift_management_network} swift::swift_hash_suffix: {get_input: swift_hash_suffix} swift::proxy::authtoken::admin_password: {get_input: swift_password} + swift::proxy::workers: {get_input: swift_workers} tripleo::ringbuilder::part_power: {get_input: swift_part_power} tripleo::ringbuilder::replicas: {get_input: swift_replicas} tripleo::ringbuilder::min_part_hours: {get_input: swift_min_part_hours} @@ -1124,6 +1226,7 @@ resources: tripleo::ringbuilder::build_ring: True # Cinder + cinder_enable_db_purge: {get_input: cinder_enable_db_purge} cinder_enable_nfs_backend: {get_input: cinder_enable_nfs_backend} cinder_enable_rbd_backend: {get_input: cinder_enable_rbd_backend} cinder_nfs_mount_options: {get_input: cinder_nfs_mount_options} @@ -1154,6 +1257,7 @@ resources: glance::api::registry_host: {get_input: glance_registry_host} glance::api::keystone_password: {get_input: glance_password} glance::api::debug: {get_input: debug} + glance::api::workers: {get_input: glance_workers} glance_notifier_strategy: {get_input: glance_notifier_strategy} glance_log_file: {get_input: glance_log_file} glance_log_file: {get_input: glance_log_file} @@ -1165,6 +1269,7 @@ resources: glance::registry::identity_uri: {get_input: keystone_identity_uri} glance::registry::debug: {get_input: debug} glance::backend::swift::swift_store_auth_address: {get_input: keystone_auth_uri} + glance::registry::workers: {get_input: glance_workers} glance::backend::swift::swift_store_user: service:glance glance::backend::swift::swift_store_key: {get_input: glance_password} glance_backend: {get_input: glance_backend} @@ -1189,8 +1294,11 @@ resources: heat::identity_uri: {get_input: keystone_identity_uri} heat::keystone_password: {get_input: heat_password} heat::api::bind_host: {get_input: heat_api_network} + heat::api::workers: {get_input: heat_workers} heat::api_cloudwatch::bind_host: {get_input: heat_api_network} + heat::api_cloudwatch::workers: {get_input: heat_workers} heat::api_cfn::bind_host: {get_input: heat_api_network} + heat::api_cfn::workers: {get_input: heat_workers} heat::database_connection: {get_input: heat_dsn} heat::debug: {get_input: debug} heat::db::mysql::password: {get_input: heat_password} @@ -1219,6 +1327,9 @@ resources: keystone::endpoint::internal_url: {get_input: keystone_internal_url} keystone::endpoint::admin_url: {get_input: keystone_identity_uri} keystone::endpoint::region: {get_input: keystone_region} + keystone::admin_workers: {get_input: keystone_workers} + keystone::public_workers: {get_input: keystone_workers} + # MongoDB mongodb::server::bind_ip: {get_input: mongo_db_network} mongodb::server::nojournal: {get_input: mongodb_no_journal} @@ -1244,6 +1355,7 @@ resources: neutron::server::auth_uri: {get_input: keystone_auth_uri} neutron::server::identity_uri: {get_input: keystone_identity_uri} neutron::server::database_connection: {get_input: neutron_dsn} + neutron::server::api_workers: {get_input: neutron_workers} neutron::agents::l3::external_network_bridge: {get_input: neutron_external_network_bridge} neutron::agents::ml2::ovs::enable_tunneling: {get_input: neutron_enable_tunneling} neutron::agents::ml2::ovs::l2_population: {get_input: neutron_enable_l2pop} @@ -1252,6 +1364,7 @@ resources: neutron::plugins::ml2::flat_networks: {get_input: neutron_flat_networks} neutron::agents::metadata::shared_secret: {get_input: neutron_metadata_proxy_shared_secret} neutron::agents::metadata::metadata_ip: {get_input: neutron_api_network} + neutron::agents::metadata::metadata_workers: {get_input: neutron_workers} neutron_agent_mode: {get_input: neutron_agent_mode} neutron_router_distributed: {get_input: neutron_router_distributed} neutron::core_plugin: {get_input: neutron_core_plugin} @@ -1262,6 +1375,7 @@ resources: neutron::enable_ovs_agent: {get_input: neutron_enable_ovs_agent} neutron::plugins::ml2::type_drivers: {get_input: neutron_type_drivers} neutron::plugins::ml2::mechanism_drivers: {get_input: neutron_mechanism_drivers} + neutron::plugins::ml2::extension_drivers: {get_input: neutron_plugin_extensions} neutron::server::allow_automatic_l3agent_failover: {get_input: neutron_allow_l3agent_failover} neutron::server::l3_ha: {get_input: neutron_l3_ha} neutron::dhcp_agents_per_network: {get_input: neutron_dhcp_agents_per_network} @@ -1275,6 +1389,7 @@ resources: neutron_public_interface_tag: {get_input: neutron_public_interface_tag} neutron::plugins::ml2::tenant_network_types: {get_input: neutron_tenant_network_types} neutron::agents::ml2::ovs::tunnel_types: {get_input: neutron_tunnel_types} + neutron::agents::ml2::ovs::extensions: {get_input: neutron_agent_extensions} neutron::server::auth_password: {get_input: neutron_password} neutron::agents::metadata::auth_password: {get_input: neutron_password} neutron_dnsmasq_options: {get_input: neutron_dnsmasq_options} @@ -1322,6 +1437,9 @@ resources: nova::api::api_bind_address: {get_input: nova_api_network} nova::api::metadata_listen: {get_input: nova_metadata_network} nova::api::admin_password: {get_input: nova_password} + nova::api::osapi_compute_workers: {get_input: nova_workers} + nova::api::ec2_workers: {get_input: nova_workers} + nova::api::metadata_workers: {get_input: nova_workers} nova::database_connection: {get_input: nova_dsn} nova::glance_api_servers: {get_input: glance_api_servers} nova::api::neutron_metadata_proxy_shared_secret: {get_input: neutron_metadata_proxy_shared_secret} @@ -1331,6 +1449,7 @@ resources: nova::network::neutron::neutron_admin_auth_url: {get_input: neutron_admin_auth_url} nova::vncproxy::host: {get_input: nova_api_network} nova::db::mysql::password: {get_input: nova_password} + nova_enable_db_purge: {get_input: nova_enable_db_purge} # Horizon apache::ip: {get_input: horizon_network} @@ -1356,17 +1475,13 @@ resources: memcached::listen_ip: {get_input: memcached_network} neutron_public_interface_ip: {get_input: neutron_public_interface_ip} ntp::servers: {get_input: ntp_servers} + timezone::timezone: {get_input: timezone} control_virtual_interface: {get_input: control_virtual_interface} public_virtual_interface: {get_input: public_virtual_interface} tripleo::loadbalancer::control_virtual_interface: {get_input: control_virtual_interface} tripleo::loadbalancer::public_virtual_interface: {get_input: public_virtual_interface} tripleo::loadbalancer::haproxy_log_address: {get_input: haproxy_log_address} - # NOTE(jaosorior): The service certificate configuration for - # HAProxy was left commented because to properly use this, we - # need to be able to set up the keystone endpoints. And - # currently that is not possible, but is being addressed by - # other commits. A subsequent commit will uncomment this. - #tripleo::loadbalancer::service_certificate: {get_attr: [NodeTLSData, deployed_ssl_certificate_path]} + tripleo::loadbalancer::service_certificate: {get_attr: [NodeTLSData, deployed_ssl_certificate_path]} tripleo::packages::enable_install: {get_input: enable_package_install} tripleo::packages::enable_upgrade: {get_input: enable_package_upgrade} @@ -1416,6 +1531,9 @@ outputs: tenant_ip_address: description: IP address of the server in the tenant network value: {get_attr: [TenantPort, ip_address]} + management_ip_address: + description: IP address of the server in the management network + value: {get_attr: [ManagementPort, ip_address]} hostname: description: Hostname of the server value: {get_attr: [Controller, name]}