X-Git-Url: https://gerrit.opnfv.org/gerrit/gitweb?a=blobdiff_plain;f=puppet%2Fcontroller.yaml;h=c445ec03289103f5492c9bf30a2a955771725f46;hb=9c16693ef8c47981a209f5b37b88d95a3e72cbab;hp=7334d4a1baafccfbd733c8bd690e1d20a163df77;hpb=30c8663b9f3360e5c83413cf2b7487e99b805950;p=apex-tripleo-heat-templates.git diff --git a/puppet/controller.yaml b/puppet/controller.yaml index 7334d4a1..c445ec03 100644 --- a/puppet/controller.yaml +++ b/puppet/controller.yaml @@ -15,6 +15,8 @@ parameters: description: The password for the aodh services. type: string hidden: true + #TODO(composable Redis): Remove the Redis password param + #As is used by ceilometer CeilometerApiVirtualIP: type: string default: '' @@ -47,56 +49,6 @@ parameters: default: 0 description: Number of workers for Ceilometer service. type: number - CinderEnableDBPurge: - default: true - description: | - Whether to create cron job for purging soft deleted rows in Cinder database. - type: boolean - CinderEnableNfsBackend: - default: false - description: Whether to enable or not the NFS backend for Cinder - type: boolean - CinderEnableIscsiBackend: - default: true - description: Whether to enable or not the Iscsi backend for Cinder - type: boolean - CinderEnableRbdBackend: - default: false - description: Whether to enable or not the Rbd backend for Cinder - type: boolean - CinderISCSIHelper: - default: lioadm - description: The iSCSI helper to use with cinder. - type: string - CinderLVMLoopDeviceSize: - default: 10280 - description: The size of the loopback file used by the cinder LVM driver. - type: number - CinderNfsMountOptions: - default: '' - description: > - Mount options for NFS mounts used by Cinder NFS backend. Effective - when CinderEnableNfsBackend is true. - type: string - CinderNfsServers: - default: '' - description: > - NFS servers used by Cinder NFS backend. Effective when - CinderEnableNfsBackend is true. - type: comma_delimited_list - CinderPassword: - description: The password for the cinder service and db account, used by cinder-api. - type: string - hidden: true - CinderBackendConfig: - default: {} - description: Contains parameters to configure Cinder backends. Typically - set via parameter_defaults in the resource registry. - type: json - CinderWorkers: - default: 0 - description: Number of workers for Cinder service. - type: number controllerExtraConfig: default: {} description: | @@ -220,14 +172,6 @@ parameters: default: /dev/log description: Syslog address where HAproxy will send its log type: string - HeatPassword: - description: The password for the Heat service and db account, used by the Heat services. - type: string - hidden: true - HeatStackDomainAdminPassword: - description: Password for heat_stack_domain_admin user. - type: string - hidden: true HeatAuthEncryptionKey: description: Auth encryption key for heat-engine type: string @@ -236,15 +180,6 @@ parameters: default: '*' description: A list of IP/Hostname allowed to connect to horizon type: comma_delimited_list - HeatWorkers: - default: 0 - description: Number of workers for Heat service. - type: number - HeatEnableDBPurge: - type: boolean - default: true - description: | - Whether to create cron job for purging soft deleted rows in the Heat database. HorizonSecret: description: Secret key for Django type: string @@ -287,11 +222,6 @@ parameters: SaharaApiVirtualIP: type: string default: '' - SaharaPassword: - default: unset - description: The password for the sahara service account, used by sahara-api. - type: string - hidden: true MysqlClusterUniquePart: description: A unique identifier of the MySQL cluster the controller is in. type: string @@ -310,105 +240,17 @@ parameters: description: Configures MySQL max_connections config setting type: number default: 4096 + MysqlClustercheckPassword: + type: string + hidden: true MysqlRootPassword: type: string hidden: true default: '' # Has to be here because of the ignored empty value bug - NeutronExternalNetworkBridge: - description: Name of bridge used for external network traffic. - type: string - default: 'br-ex' - NeutronBridgeMappings: - description: > - The OVS logical->physical bridge mappings to use. See the Neutron - documentation for details. Defaults to mapping br-ex - the external - bridge on hosts - to a physical name 'datacentre' which can be used - to create provider networks (and we use this for the default floating - network) - if changing this either use different post-install network - scripts or be sure to keep 'datacentre' as a mapping network name. - type: comma_delimited_list - default: "datacentre:br-ex" - NeutronEnableL3Agent: - description: Knob to enable/disable L3 agent - type: boolean - default: true - NeutronEnableMetadataAgent: - description: Knob to enable/disable Metadata agent - type: boolean - default: true - NeutronEnableOVSAgent: - description: Knob to enable/disable OVS Agent - type: boolean - default: true - NeutronAgentMode: - default: 'dvr_snat' - description: Agent mode for the neutron-l3-agent on the controller hosts - type: string - NeutronL3HA: - default: 'False' - description: Whether to enable l3-agent HA - type: string - NeutronDVR: - default: 'False' - description: Whether to configure Neutron Distributed Virtual Routers - type: string NeutronMetadataProxySharedSecret: description: Shared secret to prevent spoofing type: string hidden: true - NeutronCorePlugin: - default: 'ml2' - description: | - The core plugin for Neutron. The value should be the entrypoint to be loaded - from neutron.core_plugins namespace. - type: string - NeutronServicePlugins: - default: "router,qos" - description: | - Comma-separated list of service plugin entrypoints to be loaded from the - neutron.service_plugins namespace. - type: comma_delimited_list - NeutronTypeDrivers: - default: "vxlan,vlan,flat,gre" - description: | - Comma-separated list of network type driver entrypoints to be loaded. - type: comma_delimited_list - NeutronMechanismDrivers: - default: 'openvswitch' - description: | - The mechanism drivers for the Neutron tenant network. - type: comma_delimited_list - NeutronAllowL3AgentFailover: - default: 'True' - description: Allow automatic l3-agent failover - type: string - NeutronEnableTunnelling: - type: string - default: "True" - NeutronEnableL2Pop: - type: string - description: > - Enable/disable the L2 population feature in the Neutron agents. - default: "False" - NeutronFlatNetworks: - type: comma_delimited_list - default: 'datacentre' - description: If set, flat networks to configure in neutron plugins. - NeutronL3HA: - default: 'False' - description: Whether to enable l3-agent HA - type: string - NeutronNetworkType: - default: 'vxlan' - description: The tenant network type for Neutron. - type: comma_delimited_list - NeutronNetworkVLANRanges: - default: 'datacentre:1:1000' - description: > - The Neutron ML2 and OpenVSwitch vlan mapping range to support. See the - Neutron documentation for permitted values. Defaults to permitting any - VLAN on the 'datacentre' physical network (See NeutronBridgeMappings). - type: comma_delimited_list NeutronPassword: description: The password for the neutron service and db account, used by neutron agents. type: string @@ -417,28 +259,6 @@ parameters: default: nic1 description: What interface to bridge onto br-ex for network nodes. type: string - NeutronPublicInterfaceTag: - default: '' - description: > - VLAN tag for creating a public VLAN. The tag will be used to - create an access port on the exterior bridge for each control plane node, - and that port will be given the IP address returned by neutron from the - public network. Set CONTROLEXTRA=overcloud-vlan-port.yaml when compiling - overcloud.yaml to include the deployment of VLAN ports to the control - plane. - type: string - NeutronPublicInterfaceDefaultRoute: - default: '' - description: A custom default route for the NeutronPublicInterface. - type: string - NeutronPublicInterfaceIP: - default: '' - description: A custom IP address to put onto the NeutronPublicInterface. - type: string - NeutronPublicInterfaceRawDevice: - default: '' - description: If set, the public interface is a vlan with this device as the raw device. - type: string NeutronTenantMtu: description: > The default MTU for tenant networks. For VXLAN/GRE tunneling, this should @@ -448,40 +268,9 @@ parameters: will determine the MTU that is assigned to the VM host through DHCP. default: 1400 type: number - NeutronTunnelTypes: - default: 'vxlan' - description: | - The tunnel types for the Neutron tenant network. - type: comma_delimited_list - NeutronTunnelIdRanges: - description: | - Comma-separated list of : tuples enumerating ranges - of GRE tunnel IDs that are available for tenant network allocation - default: ["1:4094", ] - type: comma_delimited_list - NeutronVniRanges: - description: | - Comma-separated list of : tuples enumerating ranges - of VXLAN VNI IDs that are available for tenant network allocation - default: ["1:4094", ] - type: comma_delimited_list - NeutronPluginExtensions: - default: "qos,port_security" - description: | - Comma-separated list of extensions enabled for the Neutron plugin. - type: comma_delimited_list - NeutronAgentExtensions: - default: "qos" - description: | - Comma-separated list of extensions enabled for the Neutron agents. - type: comma_delimited_list NovaApiVirtualIP: type: string default: '' - NeutronWorkers: - default: 0 - description: Number of workers for Neutron service. - type: number NovaEnableDBPurge: default: true description: | @@ -495,18 +284,6 @@ parameters: description: The password for the nova service and db account, used by nova-api. type: string hidden: true - NovaWorkers: - default: 0 - description: Number of workers for Nova service. - type: number - MongoDbNoJournal: - default: false - description: Should MongoDb journaling be disabled - type: boolean - MongoDbIPv6: - default: false - description: Enable IPv6 if Mongo DB VIP is IPv6 - type: boolean NtpServer: default: '' description: Comma-separated list of ntp servers @@ -546,17 +323,9 @@ parameters: default: 5672 description: Set rabbit subscriber port, change this if using SSL type: number - RabbitFDLimit: - default: 16384 - description: Configures RabbitMQ FD limit - type: string - RabbitIPv6: - default: false - description: Enable IPv6 in RabbitMQ - type: boolean RedisPassword: + description: The password for Redis type: string - description: The password to access the Redis service hidden: true RedisVirtualIP: type: string @@ -594,11 +363,6 @@ parameters: default: true description: Whether to manage Swift rings or not type: boolean - SwiftPassword: - description: The password for the swift service account, used by the swift proxy - services. - hidden: true - type: string SwiftProxyVirtualIP: type: string default: '' @@ -606,10 +370,6 @@ parameters: type: number default: 3 description: How many replicas to use in the swift rings. - SwiftWorkers: - default: 0 - description: Number of workers for Swift service. - type: number TimeZone: default: 'UTC' description: The timezone to be set on controller nodes. @@ -630,9 +390,6 @@ parameters: MysqlVirtualIP: type: string default: '' - MysqlVirtualIPUri: - type: string - default: '' NeutronApiVirtualIP: type: string default: '' @@ -792,28 +549,23 @@ resources: properties: ControlPlaneIp: {get_attr: [Controller, networks, ctlplane, 0]} ExternalIp: {get_attr: [ExternalPort, ip_address]} + ExternalIpSubnet: {get_attr: [ExternalPort, ip_subnet]} ExternalIpUri: {get_attr: [ExternalPort, ip_address_uri]} InternalApiIp: {get_attr: [InternalApiPort, ip_address]} + InternalApiIpSubnet: {get_attr: [InternalApiPort, ip_subnet]} InternalApiIpUri: {get_attr: [InternalApiPort, ip_address_uri]} StorageIp: {get_attr: [StoragePort, ip_address]} + StorageIpSubnet: {get_attr: [StoragePort, ip_subnet]} StorageIpUri: {get_attr: [StoragePort, ip_address_uri]} StorageMgmtIp: {get_attr: [StorageMgmtPort, ip_address]} + StorageMgmtIpSubnet: {get_attr: [StorageMgmtPort, ip_subnet]} StorageMgmtIpUri: {get_attr: [StorageMgmtPort, ip_address_uri]} TenantIp: {get_attr: [TenantPort, ip_address]} + TenantIpSubnet: {get_attr: [TenantPort, ip_subnet]} TenantIpUri: {get_attr: [TenantPort, ip_address_uri]} ManagementIp: {get_attr: [ManagementPort, ip_address]} - ManagementIpUri: {get_attr: [ManagementPort, ip_address_uri]} - - NetIpSubnetMap: - type: OS::TripleO::Network::Ports::NetIpSubnetMap - properties: - ControlPlaneIp: {get_attr: [Controller, networks, ctlplane, 0]} - ExternalIpSubnet: {get_attr: [ExternalPort, ip_subnet]} - InternalApiIpSubnet: {get_attr: [InternalApiPort, ip_subnet]} - StorageIpSubnet: {get_attr: [StoragePort, ip_subnet]} - StorageMgmtIpSubnet: {get_attr: [StorageMgmtPort, ip_subnet]} - TenantIpSubnet: {get_attr: [TenantPort, ip_subnet]} ManagementIpSubnet: {get_attr: [ManagementPort, ip_subnet]} + ManagementIpUri: {get_attr: [ManagementPort, ip_address_uri]} NetworkConfig: type: OS::TripleO::Controller::Net::SoftwareConfig @@ -863,82 +615,20 @@ resources: input_values: bootstack_nodeid: {get_attr: [Controller, name]} ceilometer_workers: {get_param: CeilometerWorkers} - cinder_workers: {get_param: CinderWorkers} - heat_workers: {get_param: HeatWorkers} - nova_workers: {get_param: NovaWorkers} - neutron_workers: {get_param: NeutronWorkers} - swift_workers: {get_param: SwiftWorkers} - neutron_enable_tunneling: {get_param: NeutronEnableTunnelling} - neutron_enable_l2pop: {get_param: NeutronEnableL2Pop} haproxy_log_address: {get_param: HAProxySyslogAddress} haproxy_stats_password: {get_param: HAProxyStatsPassword} haproxy_stats_user: {get_param: HAProxyStatsUser} - heat.watch_server_url: - list_join: - - '' - - - 'http://' - - {get_param: HeatApiVirtualIPUri} - - ':8003' - heat.metadata_server_url: - list_join: - - '' - - - 'http://' - - {get_param: HeatApiVirtualIPUri} - - ':8000' - heat.waitcondition_server_url: - list_join: - - '' - - - 'http://' - - {get_param: HeatApiVirtualIPUri} - - ':8000/v1/waitcondition' - heat_public_url: {get_param: [EndpointMap, HeatPublic, uri]} - heat_internal_url: {get_param: [EndpointMap, HeatInternal, uri]} - heat_admin_url: {get_param: [EndpointMap, HeatAdmin, uri]} heat_auth_encryption_key: {get_param: HeatAuthEncryptionKey} - heat_enable_db_purge: {get_param: HeatEnableDBPurge} horizon_allowed_hosts: {get_param: HorizonAllowedHosts} horizon_secret: {get_param: HorizonSecret} admin_password: {get_param: AdminPassword} - neutron_public_interface_ip: {get_param: NeutronPublicInterfaceIP} debug: {get_param: Debug} - cinder_enable_db_purge: {get_param: CinderEnableDBPurge} - cinder_enable_nfs_backend: {get_param: CinderEnableNfsBackend} - cinder_enable_rbd_backend: {get_param: CinderEnableRbdBackend} - cinder_nfs_mount_options: {get_param: CinderNfsMountOptions} - cinder_nfs_servers: - str_replace: - template: SERVERS - params: - SERVERS: {get_param: CinderNfsServers} - cinder_lvm_loop_device_size: {get_param: CinderLVMLoopDeviceSize} - cinder_password: {get_param: CinderPassword} - cinder_enable_iscsi_backend: {get_param: CinderEnableIscsiBackend} - cinder_iscsi_helper: {get_param: CinderISCSIHelper} - cinder_backend_config: {get_param: CinderBackendConfig} - cinder_dsn: - list_join: - - '' - - - 'mysql+pymysql://cinder:' - - {get_param: CinderPassword} - - '@' - - {get_param: MysqlVirtualIPUri} - - '/cinder' cinder_public_url: {get_param: [EndpointMap, CinderPublic, uri]} cinder_internal_url: {get_param: [EndpointMap, CinderInternal, uri]} cinder_admin_url: {get_param: [EndpointMap, CinderAdmin, uri]} cinder_public_url_v2: {get_param: [EndpointMap, CinderV2Public, uri]} cinder_internal_url_v2: {get_param: [EndpointMap, CinderV2Internal, uri]} cinder_admin_url_v2: {get_param: [EndpointMap, CinderV2Admin, uri]} - heat_password: {get_param: HeatPassword} - heat_stack_domain_admin_password: {get_param: HeatStackDomainAdminPassword} - heat_dsn: - list_join: - - '' - - - 'mysql+pymysql://heat:' - - {get_param: HeatPassword} - - '@' - - {get_param: MysqlVirtualIPUri} - - '/heat' keystone_identity_uri: { get_param: [EndpointMap, KeystoneAdmin, uri_no_suffix] } keystone_auth_uri: {get_param: [EndpointMap, KeystoneInternal, uri] } keystone_ec2_uri: { get_param: [EndpointMap, KeystoneEC2, uri] } @@ -952,95 +642,15 @@ resources: mysql_innodb_buffer_pool_size: {get_param: MysqlInnodbBufferPoolSize} mysql_max_connections: {get_param: MysqlMaxConnections} mysql_root_password: {get_param: MysqlRootPassword} + mysql_clustercheck_password: {get_param: MysqlClustercheckPassword} mysql_cluster_name: str_replace: template: tripleo-CLUSTER params: CLUSTER: {get_param: MysqlClusterUniquePart} - neutron_flat_networks: - str_replace: - template: NETWORKS - params: - NETWORKS: {get_param: NeutronFlatNetworks} neutron_metadata_proxy_shared_secret: {get_param: NeutronMetadataProxySharedSecret} - neutron_agent_mode: {get_param: NeutronAgentMode} - neutron_router_distributed: {get_param: NeutronDVR} - neutron_core_plugin: {get_param: NeutronCorePlugin} - neutron_service_plugins: - str_replace: - template: PLUGINS - params: - PLUGINS: {get_param: NeutronServicePlugins} - neutron_type_drivers: - str_replace: - template: DRIVERS - params: - DRIVERS: {get_param: NeutronTypeDrivers} - neutron_enable_l3_agent: {get_param: NeutronEnableL3Agent} - neutron_enable_metadata_agent: {get_param: NeutronEnableMetadataAgent} - neutron_enable_ovs_agent: {get_param: NeutronEnableOVSAgent} - neutron_mechanism_drivers: - str_replace: - template: MECHANISMS - params: - MECHANISMS: {get_param: NeutronMechanismDrivers} - neutron_allow_l3agent_failover: {get_param: NeutronAllowL3AgentFailover} - neutron_l3_ha: {get_param: NeutronL3HA} - neutron_network_vlan_ranges: - str_replace: - template: RANGES - params: - RANGES: {get_param: NeutronNetworkVLANRanges} - neutron_bridge_mappings: - str_replace: - template: MAPPINGS - params: - MAPPINGS: {get_param: NeutronBridgeMappings} - neutron_external_network_bridge: {get_param: NeutronExternalNetworkBridge} - neutron_public_interface: {get_param: NeutronPublicInterface} - neutron_public_interface_raw_device: {get_param: NeutronPublicInterfaceRawDevice} - neutron_public_interface_default_route: {get_param: NeutronPublicInterfaceDefaultRoute} - neutron_public_interface_tag: {get_param: NeutronPublicInterfaceTag} - neutron_tunnel_id_ranges: - str_replace: - template: RANGES - params: - RANGES: {get_param: NeutronTunnelIdRanges} - neutron_vni_ranges: - str_replace: - template: RANGES - params: - RANGES: {get_param: NeutronVniRanges} - neutron_tenant_network_types: - str_replace: - template: TYPES - params: - TYPES: {get_param: NeutronNetworkType} - neutron_tunnel_types: - str_replace: - template: TYPES - params: - TYPES: {get_param: NeutronTunnelTypes} - neutron_plugin_extensions: - str_replace: - template: PLUGIN_EXTENSIONS - params: - PLUGIN_EXTENSIONS: {get_param: NeutronPluginExtensions} - neutron_agent_extensions: - str_replace: - template: AGENT_EXTENSIONS - params: - AGENT_EXTENSIONS: {get_param: NeutronAgentExtensions} neutron_password: {get_param: NeutronPassword} neutron_tenant_mtu: {get_param: NeutronTenantMtu} - neutron_dsn: - list_join: - - '' - - - 'mysql+pymysql://neutron:' - - {get_param: NeutronPassword} - - '@' - - {get_param: MysqlVirtualIPUri} - - '/ovs_neutron?charset=utf8' neutron_internal_url: { get_param: [ EndpointMap, NeutronInternal, uri ] } neutron_public_url: { get_param: [ EndpointMap, NeutronPublic, uri ] } neutron_admin_url: { get_param: [ EndpointMap, NeutronAdmin, uri ] } @@ -1069,18 +679,20 @@ resources: ceilometer_dsn: list_join: - '' - - - 'mysql+pymysql://ceilometer:' + - - {get_param: [EndpointMap, MysqlInternal, protocol]} + - '://ceilometer:' - {get_param: CeilometerPassword} - '@' - - {get_param: MysqlVirtualIPUri} + - {get_param: [EndpointMap, MysqlInternal, host]} - '/ceilometer' gnocchi_dsn: list_join: - '' - - - 'mysql+pymysql://gnocchi:' + - - {get_param: [EndpointMap, MysqlInternal, protocol]} + - '://gnocchi:' - {get_param: GnocchiPassword} - '@' - - {get_param: MysqlVirtualIPUri} + - {get_param: [EndpointMap, MysqlInternal, host]} - '/gnocchi' gnocchi_internal_url: {get_param: [EndpointMap, GnocchiInternal, uri]} gnocchi_public_url: { get_param: [ EndpointMap, GnocchiPublic, uri ] } @@ -1098,27 +710,26 @@ resources: nova_dsn: list_join: - '' - - - 'mysql+pymysql://nova:' + - - {get_param: [EndpointMap, MysqlInternal, protocol]} + - '://nova:' - {get_param: NovaPassword} - '@' - - {get_param: MysqlVirtualIPUri} + - {get_param: [EndpointMap, MysqlInternal, host]} - '/nova' nova_api_dsn: list_join: - '' - - - 'mysql+pymysql://nova_api:' + - - {get_param: [EndpointMap, MysqlInternal, protocol]} + - '://nova_api:' - {get_param: NovaPassword} - '@' - - {get_param: MysqlVirtualIPUri} + - {get_param: [EndpointMap, MysqlInternal, host]} - '/nova_api' upgrade_level_nova_compute: {get_param: UpgradeLevelNovaCompute} instance_name_template: {get_param: InstanceNameTemplate} nova_public_url: {get_param: [EndpointMap, NovaPublic, uri]} nova_internal_url: {get_param: [EndpointMap, NovaInternal, uri]} nova_admin_url: {get_param: [EndpointMap, NovaAdmin, uri]} - nova_ec2_public_url: {get_param: [EndpointMap, NovaEC2Public, uri]} - nova_ec2_internal_url: {get_param: [EndpointMap, NovaEC2Internal, uri]} - nova_ec2_admin_url: {get_param: [EndpointMap, NovaEC2Admin, uri]} fencing_config: {get_param: FencingConfig} pcsd_password: {get_param: PcsdPassword} rabbit_username: {get_param: RabbitUserName} @@ -1126,41 +737,18 @@ resources: rabbit_cookie: {get_param: RabbitCookie} rabbit_client_use_ssl: {get_param: RabbitClientUseSSL} rabbit_client_port: {get_param: RabbitClientPort} - rabbit_ipv6: {get_param: RabbitIPv6} - rabbit_fd_limit: {get_param: RabbitFDLimit} - mongodb_no_journal: {get_param: MongoDbNoJournal} - mongodb_ipv6: {get_param: MongoDbIPv6} ntp_servers: {get_param: NtpServer} timezone: {get_param: TimeZone} control_virtual_interface: {get_param: ControlVirtualInterface} public_virtual_interface: {get_param: PublicVirtualInterface} swift_hash_suffix: {get_param: SwiftHashSuffix} - swift_password: {get_param: SwiftPassword} swift_part_power: {get_param: SwiftPartPower} swift_ring_build: {get_param: SwiftRingBuild} swift_replicas: {get_param: SwiftReplicas} swift_min_part_hours: {get_param: SwiftMinPartHours} swift_mount_check: {get_param: SwiftMountCheck} - swift_public_url: {get_param: [EndpointMap, SwiftPublic, uri]} - swift_internal_url: {get_param: [EndpointMap, SwiftInternal, uri]} - swift_admin_url: {get_param: [EndpointMap, SwiftAdmin, uri]} - swift_public_url_s3: {get_param: [EndpointMap, SwiftS3Public, uri]} - swift_internal_url_s3: {get_param: [EndpointMap, SwiftS3Internal, uri]} - swift_admin_url_s3: {get_param: [EndpointMap, SwiftS3Admin, uri]} enable_package_install: {get_param: EnablePackageInstall} enable_package_upgrade: {get_attr: [UpdateDeployment, update_managed_packages]} - sahara_password: {get_param: SaharaPassword} - sahara_public_url: {get_param: [EndpointMap, SaharaPublic, uri]} - sahara_internal_url: {get_param: [EndpointMap, SaharaInternal, uri]} - sahara_admin_url: {get_param: [EndpointMap, SaharaAdmin, uri]} - sahara_dsn: - list_join: - - '' - - - 'mysql://sahara:' - - {get_param: SaharaPassword} - - '@' - - {get_param: MysqlVirtualIPUri} - - '/sahara' swift_proxy_network: {get_attr: [NetIpMap, net_ip_map, {get_param: [ServiceNetMap, SwiftProxyNetwork]}]} swift_management_network: {get_attr: [NetIpMap, net_ip_map, {get_param: [ServiceNetMap, SwiftMgmtNetwork]}]} cinder_iscsi_network: @@ -1189,17 +777,16 @@ resources: str_replace: template: "['SUBNET']" params: - SUBNET: {get_attr: [NetIpSubnetMap, net_ip_subnet_map, {get_param: [ServiceNetMap, HorizonNetwork]}]} + SUBNET: {get_attr: [NetIpMap, net_ip_subnet_map, {get_param: [ServiceNetMap, HorizonNetwork]}]} rabbitmq_network: {get_attr: [NetIpMap, net_ip_map, {get_param: [ServiceNetMap, RabbitMqNetwork]}]} redis_network: {get_attr: [NetIpMap, net_ip_map, {get_param: [ServiceNetMap, RedisNetwork]}]} - redis_password: {get_param: RedisPassword} redis_vip: {get_param: RedisVirtualIP} sahara_api_network: {get_attr: [NetIpMap, net_ip_map, {get_param: [ServiceNetMap, SaharaApiNetwork]}]} memcached_network: {get_attr: [NetIpMap, net_ip_map, {get_param: [ServiceNetMap, MemcachedNetwork]}]} mysql_network: {get_attr: [NetIpMap, net_ip_map, {get_param: [ServiceNetMap, MysqlNetwork]}]} mysql_virtual_ip: {get_param: MysqlVirtualIP} - ceph_cluster_network: {get_attr: [NetIpSubnetMap, net_ip_subnet_map, {get_param: [ServiceNetMap, CephClusterNetwork]}]} - ceph_public_network: {get_attr: [NetIpSubnetMap, net_ip_subnet_map, {get_param: [ServiceNetMap, CephPublicNetwork]}]} + ceph_cluster_network: {get_attr: [NetIpMap, net_ip_subnet_map, {get_param: [ServiceNetMap, CephClusterNetwork]}]} + ceph_public_network: {get_attr: [NetIpMap, net_ip_subnet_map, {get_param: [ServiceNetMap, CephPublicNetwork]}]} ceph_public_ip: {get_attr: [NetIpMap, net_ip_map, {get_param: [ServiceNetMap, CephPublicNetwork]}]} # Map heat metadata into hiera datafiles @@ -1226,6 +813,7 @@ resources: - vip_data # provided by vip-config - '"%{::osfamily}"' - common + - network - cinder_dellsc_data # Optionally provided by ControllerExtraConfigPre - cinder_netapp_data # Optionally provided by ControllerExtraConfigPre - cinder_eqlx_data # Optionally provided by ControllerExtraConfigPre @@ -1235,7 +823,6 @@ resources: - neutron_nuage_data # Optionally provided by ControllerExtraConfigPre - midonet_data #Optionally provided by AllNodesExtraConfig - neutron_opencontrail_data # Optionally provided by ControllerExtraConfigPre - - neutron_plumgrid_data # Optionally provided by ControllerExtraConfigPre merge_behavior: deeper datafiles: service_configs: @@ -1249,6 +836,11 @@ resources: mapped_data: {get_param: ExtraConfig} common: raw_data: {get_file: hieradata/common.yaml} + network: + mapped_data: + net_ip_map: {get_attr: [NetIpMap, net_ip_map]} + net_ip_subnet_map: {get_attr: [NetIpMap, net_ip_subnet_map]} + net_ip_uri_map: {get_attr: [NetIpMap, net_ip_uri_map]} ceph: raw_data: {get_file: hieradata/ceph.yaml} mapped_data: @@ -1272,50 +864,19 @@ resources: tripleo::fencing::config: {get_input: fencing_config} # Swift + # FIXME: need to move proxy_local_net_ip into swift-proxy.yaml swift::proxy::proxy_local_net_ip: {get_input: swift_proxy_network} - swift::proxy::authtoken::auth_uri: {get_input: keystone_auth_uri} - swift::proxy::authtoken::identity_uri: {get_input: keystone_identity_uri} swift::storage::all::storage_local_net_ip: {get_input: swift_management_network} - swift::swift_hash_suffix: {get_input: swift_hash_suffix} - swift::proxy::authtoken::admin_password: {get_input: swift_password} - swift::proxy::workers: {get_input: swift_workers} + swift::swift_hash_path_suffix: {get_input: swift_hash_suffix} tripleo::ringbuilder::build_ring: { get_input: swift_ring_build } tripleo::ringbuilder::part_power: {get_input: swift_part_power} tripleo::ringbuilder::replicas: {get_input: swift_replicas} tripleo::ringbuilder::min_part_hours: {get_input: swift_min_part_hours} swift_mount_check: {get_input: swift_mount_check} - swift::keystone::auth::public_url: {get_input: swift_public_url } - swift::keystone::auth::internal_url: {get_input: swift_internal_url } - swift::keystone::auth::admin_url: {get_input: swift_admin_url } - swift::keystone::auth::public_url_s3: {get_input: swift_public_url_v3 } - swift::keystone::auth::internal_url_s3: {get_input: swift_internal_url_v3 } - swift::keystone::auth::admin_url_s3: {get_input: swift_admin_url_v3 } - swift::keystone::auth::password: {get_input: swift_password } - swift::keystone::auth::region: {get_input: keystone_region} # Cinder - cinder_enable_db_purge: {get_input: cinder_enable_db_purge} - cinder_enable_nfs_backend: {get_input: cinder_enable_nfs_backend} - cinder_enable_rbd_backend: {get_input: cinder_enable_rbd_backend} - cinder_nfs_mount_options: {get_input: cinder_nfs_mount_options} - cinder_nfs_servers: {get_input: cinder_nfs_servers} - cinder_lvm_loop_device_size: {get_input: cinder_lvm_loop_device_size} - cinder_iscsi_helper: {get_input: cinder_iscsi_helper} - cinder_iscsi_ip_address: {get_input: cinder_iscsi_network} - cinder::database_connection: {get_input: cinder_dsn} - cinder::api::keystone_password: {get_input: cinder_password} - cinder::api::auth_uri: {get_input: keystone_auth_uri} - cinder::api::identity_uri: {get_input: keystone_identity_uri} + tripleo::profile::base::cinder::volume::iscsi::cinder_iscsi_address: {get_input: cinder_iscsi_network} cinder::api::bind_host: {get_input: cinder_api_network} - cinder::rabbit_userid: {get_input: rabbit_username} - cinder::rabbit_password: {get_input: rabbit_password} - cinder::rabbit_use_ssl: {get_input: rabbit_client_use_ssl} - cinder::rabbit_port: {get_input: rabbit_client_port} - cinder::debug: {get_input: debug} - cinder_enable_iscsi_backend: {get_input: cinder_enable_iscsi_backend} - cinder::glance::glance_api_servers: {get_input: glance_api_servers} - cinder_backend_config: {get_input: CinderBackendConfig} - cinder::db::mysql::password: {get_input: cinder_password} cinder::keystone::auth::public_url: {get_input: cinder_public_url } cinder::keystone::auth::internal_url: {get_input: cinder_internal_url } cinder::keystone::auth::admin_url: {get_input: cinder_admin_url } @@ -1331,46 +892,20 @@ resources: glance::keystone::auth::region: {get_input: keystone_region} # Heat - heat_stack_domain_admin_password: {get_input: heat_stack_domain_admin_password} - heat::engine::heat_watch_server_url: {get_input: heat.watch_server_url} - heat::engine::heat_metadata_server_url: {get_input: heat.metadata_server_url} - heat::engine::heat_waitcondition_server_url: {get_input: heat.waitcondition_server_url} - heat::engine::auth_encryption_key: {get_input: heat_auth_encryption_key} - heat::rabbit_userid: {get_input: rabbit_username} - heat::rabbit_password: {get_input: rabbit_password} - heat::rabbit_use_ssl: {get_input: rabbit_client_use_ssl} - heat::rabbit_port: {get_input: rabbit_client_port} - heat::auth_uri: {get_input: keystone_auth_uri} - heat::keystone_ec2_uri: {get_input: keystone_ec2_uri} - heat::identity_uri: {get_input: keystone_identity_uri} - heat::keystone_password: {get_input: heat_password} heat::api::bind_host: {get_input: heat_api_network} - heat::api::workers: {get_input: heat_workers} heat::api_cloudwatch::bind_host: {get_input: heat_api_network} - heat::api_cloudwatch::workers: {get_input: heat_workers} heat::api_cfn::bind_host: {get_input: heat_api_network} - heat::api_cfn::workers: {get_input: heat_workers} - heat::engine::num_engine_workers: {get_input: heat_workers} - heat::database_connection: {get_input: heat_dsn} - heat::debug: {get_input: debug} - heat::db::mysql::password: {get_input: heat_password} - heat_enable_db_purge: {get_input: heat_enable_db_purge} - heat::keystone::domain::domain_password: {get_input: heat_stack_domain_admin_password} - heat::keystone::auth::public_url: {get_input: heat_public_url } - heat::keystone::auth::internal_url: {get_input: heat_internal_url } - heat::keystone::auth::admin_url: {get_input: heat_admin_url } - heat::keystone::auth::password: {get_input: heat_password } - heat::keystone::auth::region: {get_input: keystone_region} + heat::engine::auth_encryption_key: {get_input: heat_auth_encryption_key} # Keystone keystone::admin_bind_host: {get_input: keystone_admin_api_network} keystone::public_bind_host: {get_input: keystone_public_api_network} keystone::wsgi::apache::bind_host: {get_input: keystone_public_api_network} keystone::wsgi::apache::admin_bind_host: {get_input: keystone_admin_api_network} + # MongoDB mongodb::server::bind_ip: {get_input: mongo_db_network} - mongodb::server::nojournal: {get_input: mongodb_no_journal} - mongodb::server::ipv6: {get_input: mongodb_ipv6} + # MySQL admin_password: {get_input: admin_password} enable_galera: {get_input: enable_galera} @@ -1379,68 +914,26 @@ resources: mysql_innodb_buffer_pool_size: {get_input: mysql_innodb_buffer_pool_size} mysql_max_connections: {get_input: mysql_max_connections} mysql::server::root_password: {get_input: mysql_root_password} + mysql_clustercheck_password: {get_input: mysql_clustercheck_password} mysql_cluster_name: {get_input: mysql_cluster_name} mysql_bind_host: {get_input: mysql_network} mysql_virtual_ip: {get_input: mysql_virtual_ip} # Neutron neutron::bind_host: {get_input: neutron_api_network} - neutron::server::auth_uri: {get_input: keystone_auth_uri} - neutron::server::identity_uri: {get_input: keystone_identity_uri} - neutron::server::database_connection: {get_input: neutron_dsn} - neutron::server::api_workers: {get_input: neutron_workers} - neutron::agents::l3::external_network_bridge: {get_input: neutron_external_network_bridge} neutron::network_device_mtu: {get_input: neutron_tenant_mtu} - neutron::agents::ml2::ovs::enable_tunneling: {get_input: neutron_enable_tunneling} - neutron::agents::ml2::ovs::l2_population: {get_input: neutron_enable_l2pop} neutron::agents::ml2::ovs::local_ip: {get_input: neutron_local_ip} - neutron::plugins::ml2::flat_networks: {get_input: neutron_flat_networks} - neutron::agents::metadata::shared_secret: {get_input: neutron_metadata_proxy_shared_secret} neutron::agents::metadata::metadata_ip: {get_input: neutron_api_network} - neutron::agents::metadata::metadata_workers: {get_input: neutron_workers} - neutron_agent_mode: {get_input: neutron_agent_mode} - neutron_router_distributed: {get_input: neutron_router_distributed} - neutron::core_plugin: {get_input: neutron_core_plugin} - neutron::service_plugins: {get_input: neutron_service_plugins} - neutron::enable_l3_agent: {get_input: neutron_enable_l3_agent} - neutron::enable_metadata_agent: {get_input: neutron_enable_metadata_agent} - neutron::enable_ovs_agent: {get_input: neutron_enable_ovs_agent} - neutron::plugins::ml2::type_drivers: {get_input: neutron_type_drivers} - neutron::plugins::ml2::mechanism_drivers: {get_input: neutron_mechanism_drivers} - neutron::plugins::ml2::extension_drivers: {get_input: neutron_plugin_extensions} - neutron::server::allow_automatic_l3agent_failover: {get_input: neutron_allow_l3agent_failover} - neutron::server::l3_ha: {get_input: neutron_l3_ha} - neutron::plugins::ml2::network_vlan_ranges: {get_input: neutron_network_vlan_ranges} - neutron::plugins::ml2::tunnel_id_ranges: {get_input: neutron_tunnel_id_ranges} - neutron::plugins::ml2::vni_ranges: {get_input: neutron_vni_ranges} - neutron::agents::ml2::ovs::bridge_mappings: {get_input: neutron_bridge_mappings} - neutron_public_interface: {get_input: neutron_public_interface} - neutron_public_interface_raw_device: {get_input: neutron_public_interface_raw_device} - neutron_public_interface_default_route: {get_input: neutron_public_interface_default_route} - neutron_public_interface_tag: {get_input: neutron_public_interface_tag} - neutron::plugins::ml2::tenant_network_types: {get_input: neutron_tenant_network_types} - neutron::agents::ml2::ovs::tunnel_types: {get_input: neutron_tunnel_types} - neutron::agents::ml2::ovs::extensions: {get_input: neutron_agent_extensions} - neutron::server::auth_password: {get_input: neutron_password} - neutron::agents::metadata::auth_password: {get_input: neutron_password} - neutron_dsn: {get_input: neutron_dsn} - neutron::agents::metadata::auth_url: {get_input: keystone_identity_uri} - neutron::db::mysql::password: {get_input: neutron_password} neutron::keystone::auth::public_url: {get_input: neutron_public_url } neutron::keystone::auth::internal_url: {get_input: neutron_internal_url } neutron::keystone::auth::admin_url: {get_input: neutron_admin_url } neutron::keystone::auth::password: {get_input: neutron_password } neutron::keystone::auth::region: {get_input: keystone_region} - neutron::server::notifications::nova_url: {get_input: nova_internal_url} - neutron::server::notifications::auth_url: {get_input: neutron_auth_url} - neutron::server::notifications::tenant_name: 'service' - neutron::server::notifications::project_name: 'service' - neutron::server::notifications::password: {get_input: nova_password} # Ceilometer ceilometer_backend: {get_input: ceilometer_backend} ceilometer_mysql_conn_string: {get_input: ceilometer_dsn} - ceilometer::metering_secret: {get_input: ceilometer_metering_secret} + ceilometer::telemetry_secret: {get_input: ceilometer_metering_secret} ceilometer::rabbit_userid: {get_input: rabbit_username} ceilometer::rabbit_password: {get_input: rabbit_password} ceilometer::rabbit_use_ssl: {get_input: rabbit_client_use_ssl} @@ -1448,8 +941,8 @@ resources: ceilometer::debug: {get_input: debug} ceilometer::api::host: {get_input: ceilometer_api_network} ceilometer::api::keystone_password: {get_input: ceilometer_password} - ceilometer::api::keystone_auth_uri: {get_input: keystone_auth_uri} - ceilometer::api::keystone_identity_uri: {get_input: keystone_identity_uri} + ceilometer::api::auth_uri: {get_input: keystone_auth_uri} + ceilometer::api::identity_uri: {get_input: keystone_identity_uri} ceilometer::agent::auth::auth_password: {get_input: ceilometer_password} ceilometer::agent::auth::auth_url: {get_input: keystone_auth_uri} ceilometer::agent::central::coordination_url: {get_input: ceilometer_coordination_url} @@ -1481,6 +974,7 @@ resources: aodh::api::keystone_password: {get_input: aodh_password} aodh::api::keystone_auth_uri: {get_input: keystone_auth_uri} aodh::api::keystone_identity_uri: {get_input: keystone_identity_uri} + aodh::auth::auth_url: {get_input: keystone_auth_uri} aodh::auth::auth_password: {get_input: aodh_password} aodh::db::mysql::password: {get_input: aodh_password} # for a migration path from ceilometer-alarm to aodh, we use the same database & coordination @@ -1513,21 +1007,13 @@ resources: gnocchi::keystone::auth::region: {get_input: keystone_region} # Nova - nova::rabbit_userid: {get_input: rabbit_username} - nova::rabbit_password: {get_input: rabbit_password} - nova::rabbit_use_ssl: {get_input: rabbit_client_use_ssl} - nova::rabbit_port: {get_input: rabbit_client_port} nova::upgrade_level_compute: {get_input: upgrade_level_nova_compute} - nova::debug: {get_input: debug} nova::use_ipv6: {get_input: nova_ipv6} nova::api::auth_uri: {get_input: keystone_auth_uri} nova::api::identity_uri: {get_input: keystone_identity_uri} nova::api::api_bind_address: {get_input: nova_api_network} nova::api::metadata_listen: {get_input: nova_metadata_network} nova::api::admin_password: {get_input: nova_password} - nova::api::osapi_compute_workers: {get_input: nova_workers} - nova::api::ec2_workers: {get_input: nova_workers} - nova::api::metadata_workers: {get_input: nova_workers} nova::compute::network_device_mtu: {get_input: neutron_tenant_mtu} nova::database_connection: {get_input: nova_dsn} nova::api_database_connection: {get_input: nova_api_dsn} @@ -1544,9 +1030,6 @@ resources: nova::keystone::auth::public_url: {get_input: nova_public_url} nova::keystone::auth::internal_url: {get_input: nova_internal_url} nova::keystone::auth::admin_url: {get_input: nova_admin_url} - nova::keystone::auth::ec2_public_url: {get_input: nova_ec2_public_url} - nova::keystone::auth::ec2_internal_url: {get_input: nova_ec2_internal_url} - nova::keystone::auth::ec2_admin_url: {get_input: nova_ec2_admin_url} nova::keystone::auth::password: {get_input: nova_password } nova::keystone::auth::region: {get_input: keystone_region} @@ -1559,46 +1042,11 @@ resources: horizon::bind_address: {get_input: horizon_network} horizon::keystone_url: {get_input: keystone_auth_uri} - # Sahara - sahara::host: {get_input: sahara_api_network} - sahara::plugins: - - cdh - - hdp - - mapr - - vanilla - - spark - - storm - sahara::admin_password: {get_input: sahara_password} - sahara::auth_uri: {get_input: keystone_auth_uri} - sahara::admin_user: sahara - sahara::identity_uri: {get_input: keystone_identity_uri} - sahara::use_neutron: true - sahara::database_connection: {get_input: sahara_dsn} - sahara::debug: {get_input: debug} - sahara::rpc_backend: rabbit - sahara::rabbit_userid: {get_input: rabbit_username} - sahara::rabbit_password: {get_input: rabbit_password} - sahara::rabbit_use_ssl: {get_input: rabbit_client_use_ssl} - sahara::rabbit_port: {get_input: rabbit_client_port} - sahara::db::mysql::password: {get_input: sahara_password} - sahara::keystone::auth::public_url: {get_input: sahara_public_url } - sahara::keystone::auth::internal_url: {get_input: sahara_internal_url } - sahara::keystone::auth::admin_url: {get_input: sahara_admin_url } - sahara::keystone::auth::password: {get_input: sahara_password } - sahara::keystone::auth::region: {get_input: keystone_region} - - # Rabbit + # RabbitMQ rabbitmq::node_ip_address: {get_input: rabbitmq_network} rabbitmq::erlang_cookie: {get_input: rabbit_cookie} - rabbitmq::file_limit: {get_input: rabbit_fd_limit} - rabbitmq::default_user: {get_input: rabbit_username} - rabbitmq::default_pass: {get_input: rabbit_password} - rabbit_ipv6: {get_input: rabbit_ipv6} # Redis redis::bind: {get_input: redis_network} - redis::requirepass: {get_input: redis_password} - redis::masterauth: {get_input: redis_password} - redis::sentinel_auth_pass: {get_input: redis_password} redis_vip: {get_input: redis_vip} # Firewall tripleo::firewall::manage_firewall: {get_input: manage_firewall} @@ -1606,18 +1054,19 @@ resources: # Misc memcached_ipv6: {get_input: memcached_ipv6} memcached::listen_ip: {get_input: memcached_network} - neutron_public_interface_ip: {get_input: neutron_public_interface_ip} ntp::servers: {get_input: ntp_servers} timezone::timezone: {get_input: timezone} control_virtual_interface: {get_input: control_virtual_interface} public_virtual_interface: {get_input: public_virtual_interface} - tripleo::loadbalancer::control_virtual_interface: {get_input: control_virtual_interface} - tripleo::loadbalancer::public_virtual_interface: {get_input: public_virtual_interface} - tripleo::loadbalancer::haproxy_log_address: {get_input: haproxy_log_address} - tripleo::loadbalancer::service_certificate: {get_attr: [NodeTLSData, deployed_ssl_certificate_path]} - tripleo::loadbalancer::haproxy_stats_user: {get_input: haproxy_stats_user} - tripleo::loadbalancer::haproxy_stats_password: {get_input: haproxy_stats_password} - tripleo::loadbalancer::redis_password: {get_input: redis_password} + tripleo::keepalived::control_virtual_interface: {get_input: control_virtual_interface} + tripleo::keepalived::public_virtual_interface: {get_input: public_virtual_interface} + tripleo::haproxy::control_virtual_interface: {get_input: control_virtual_interface} + tripleo::haproxy::public_virtual_interface: {get_input: public_virtual_interface} + tripleo::haproxy::haproxy_log_address: {get_input: haproxy_log_address} + tripleo::haproxy::service_certificate: {get_attr: [NodeTLSData, deployed_ssl_certificate_path]} + tripleo::haproxy::haproxy_stats_user: {get_input: haproxy_stats_user} + tripleo::haproxy::haproxy_stats_password: {get_input: haproxy_stats_password} + tripleo::haproxy::redis_password: {get_input: redis_password} tripleo::packages::enable_install: {get_input: enable_package_install} tripleo::packages::enable_upgrade: {get_input: enable_package_upgrade} @@ -1674,13 +1123,6 @@ outputs: hostname: description: Hostname of the server value: {get_attr: [Controller, name]} - corosync_node: - description: > - Node object in the format {ip: ..., name: ...} format that the corosync - element expects - value: - ip: {get_attr: [Controller, networks, ctlplane, 0]} - name: {get_attr: [Controller, name]} hosts_entry: description: > Server's IP address and hostname in the /etc/hosts format