The configuration for the CI scenarios will be defined in `tripleo-heat-templates/ci/`
and should be executed according to the following table:
-+----------------+-------------+-------------+-------------+-------------+-----------------+
-| - | scenario001 | scenario002 | scenario003 | scenario004 | multinode-nonha |
-+================+=============+=============+=============+=============+=================+
-| keystone | X | X | X | X | X |
-+----------------+-------------+-------------+-------------+-------------+-----------------+
-| glance | rbd | swift | file | swift + rbd | swift |
-+----------------+-------------+-------------+-------------+-------------+-----------------+
-| cinder | rbd | iscsi | | | iscsi |
-+----------------+-------------+-------------+-------------+-------------+-----------------+
-| heat | X | X | X | X | X |
-+----------------+-------------+-------------+-------------+-------------+-----------------+
-| mysql | X | X | X | X | X |
-+----------------+-------------+-------------+-------------+-------------+-----------------+
-| neutron | ovs | ovs | ovs | ovs | X |
-+----------------+-------------+-------------+-------------+-------------+-----------------+
-| neutron-bgpvpn | | | | X | |
-+----------------+-------------+-------------+-------------+-------------+-----------------+
-| neutron-l2gw | | | | X | |
-+----------------+-------------+-------------+-------------+-------------+-----------------+
-| rabbitmq | X | X | X | X | X |
-+----------------+-------------+-------------+-------------+-------------+-----------------+
-| mongodb | X | X | | | |
-+----------------+-------------+-------------+-------------+-------------+-----------------+
-| redis | X | | | | |
-+----------------+-------------+-------------+-------------+-------------+-----------------+
-| haproxy | X | X | X | X | X |
-+----------------+-------------+-------------+-------------+-------------+-----------------+
-| keepalived | X | X | X | X | X |
-+----------------+-------------+-------------+-------------+-------------+-----------------+
-| memcached | X | X | X | X | X |
-+----------------+-------------+-------------+-------------+-------------+-----------------+
-| pacemaker | X | X | X | X | X |
-+----------------+-------------+-------------+-------------+-------------+-----------------+
-| nova | qemu | qemu | qemu | qemu | X |
-+----------------+-------------+-------------+-------------+-------------+-----------------+
-| ntp | X | X | X | X | X |
-+----------------+-------------+-------------+-------------+-------------+-----------------+
-| snmp | X | X | X | X | X |
-+----------------+-------------+-------------+-------------+-------------+-----------------+
-| timezone | X | X | X | X | X |
-+----------------+-------------+-------------+-------------+-------------+-----------------+
-| sahara | | | X | | |
-+----------------+-------------+-------------+-------------+-------------+-----------------+
-| mistral | | | X | | |
-+----------------+-------------+-------------+-------------+-------------+-----------------+
-| swift | | X | | | X |
-+----------------+-------------+-------------+-------------+-------------+-----------------+
-| aodh | X | | | | |
-+----------------+-------------+-------------+-------------+-------------+-----------------+
-| ceilometer | X | | | | |
-+----------------+-------------+-------------+-------------+-------------+-----------------+
-| gnocchi | X | | | | |
-+----------------+-------------+-------------+-------------+-------------+-----------------+
-| panko | X | | | | |
-+----------------+-------------+-------------+-------------+-------------+-----------------+
-| barbican | | X | | | |
-+----------------+-------------+-------------+-------------+-------------+-----------------+
-| zaqar | | X | | | |
-+----------------+-------------+-------------+-------------+-------------+-----------------+
-| ec2api | | X | | | |
-+----------------+-------------+-------------+-------------+-------------+-----------------+
-| cephrgw | | X | | X | |
-+----------------+-------------+-------------+-------------+-------------+-----------------+
-| tacker | X | | | | |
-+----------------+-------------+-------------+-------------+-------------+-----------------+
-| congress | X | | | | |
-+----------------+-------------+-------------+-------------+-------------+-----------------+
-| cephmds | | | | X | |
-+----------------+-------------+-------------+-------------+-------------+-----------------+
-| manila | | | | X | |
-+----------------+-------------+-------------+-------------+-------------+-----------------+
-| collectd | X | | | | |
-+----------------+-------------+-------------+-------------+-------------+-----------------+
-| fluentd | X | | | | |
-+----------------+-------------+-------------+-------------+-------------+-----------------+
-| sensu-client | X | | | | |
-+----------------+-------------+-------------+-------------+-------------+-----------------+
++----------------+-------------+-------------+-------------+-------------+-----------------++-------------+
+| - | scenario001 | scenario002 | scenario003 | scenario004 | multinode-nonha | scenario007 |
++================+=============+=============+=============+=============+=================+==============+
+| keystone | X | X | X | X | X | X |
++----------------+-------------+-------------+-------------+-------------+-----------------+--------------+
+| glance | rbd | swift | file | swift + rbd | swift | file |
++----------------+-------------+-------------+-------------+-------------+-----------------+--------------+
+| cinder | rbd | iscsi | | | iscsi | |
++----------------+-------------+-------------+-------------+-------------+-----------------+--------------+
+| heat | X | X | X | X | X | X |
++----------------+-------------+-------------+-------------+-------------+-----------------+--------------+
+| mysql | X | X | X | X | X | X |
++----------------+-------------+-------------+-------------+-------------+-----------------+--------------+
+| neutron | ovs | ovs | ovs | ovs | X | ovn |
++----------------+-------------+-------------+-------------+-------------+-----------------+--------------+
+| neutron-bgpvpn | | | | X | | |
++----------------+-------------+-------------+-------------+-------------+-----------------+--------------+
+| ovn | | | | | | X |
++---------------------------------------------------------------------------------------------------------+
+| neutron-l2gw | | | | X | | |
++----------------+-------------+-------------+-------------+-------------+-----------------+--------------+
+| rabbitmq | X | X | X | X | X | X |
++----------------+-------------+-------------+-------------+-------------+-----------------+--------------+
+| mongodb | X | X | | | | |
++----------------+-------------+-------------+-------------+-------------+-----------------+--------------+
+| redis | X | | | | | |
++----------------+-------------+-------------+-------------+-------------+-----------------+--------------+
+| haproxy | X | X | X | X | X | X |
++----------------+-------------+-------------+-------------+-------------+-----------------+--------------+
+| keepalived | X | X | X | X | X | X |
++----------------+-------------+-------------+-------------+-------------+-----------------+--------------+
+| memcached | X | X | X | X | X | X |
++----------------+-------------+-------------+-------------+-------------+-----------------+--------------+
+| pacemaker | X | X | X | X | X | X |
++----------------+-------------+-------------+-------------+-------------+-----------------+--------------+
+| nova | qemu | qemu | qemu | qemu | X | qemu |
++----------------+-------------+-------------+-------------+-------------+-----------------+--------------+
+| ntp | X | X | X | X | X | X |
++----------------+-------------+-------------+-------------+-------------+-----------------+--------------+
+| snmp | X | X | X | X | X | X |
++----------------+-------------+-------------+-------------+-------------+-----------------+--------------+
+| timezone | X | X | X | X | X | X |
++----------------+-------------+-------------+-------------+-------------+-----------------+--------------+
+| sahara | | | X | | | X |
++----------------+-------------+-------------+-------------+-------------+-----------------+--------------+
+| mistral | | | X | | | X |
++----------------+-------------+-------------+-------------+-------------+-----------------+--------------+
+| swift | | X | | | X | |
++----------------+-------------+-------------+-------------+-------------+-----------------+--------------+
+| aodh | X | | | | | |
++----------------+-------------+-------------+-------------+-------------+-----------------+--------------+
+| ceilometer | X | | | | | |
++----------------+-------------+-------------+-------------+-------------+-----------------+--------------+
+| gnocchi | X | | | | | |
++----------------+-------------+-------------+-------------+-------------+-----------------+--------------+
+| panko | X | | | | | |
++----------------+-------------+-------------+-------------+-------------+-----------------+--------------+
+| barbican | | X | | | | |
++----------------+-------------+-------------+-------------+-------------+-----------------+--------------+
+| zaqar | | X | | | | |
++----------------+-------------+-------------+-------------+-------------+-----------------+--------------+
+| ec2api | | X | | | | |
++----------------+-------------+-------------+-------------+-------------+-----------------+--------------+
+| cephrgw | | X | | X | | |
++----------------+-------------+-------------+-------------+-------------+-----------------+--------------+
+| tacker | X | | | | | |
++----------------+-------------+-------------+-------------+-------------+-----------------+--------------+
+| congress | X | | | | | |
++----------------+-------------+-------------+-------------+-------------+-----------------+--------------+
+| cephmds | | | | X | | |
++----------------+-------------+-------------+-------------+-------------+-----------------+--------------+
+| manila | | | | X | | |
++----------------+-------------+-------------+-------------+-------------+-----------------+--------------+
+| collectd | X | | | | | |
++----------------+-------------+-------------+-------------+-------------+-----------------+--------------+
+| fluentd | X | | | | | |
++----------------+-------------+-------------+-------------+-------------+-----------------+--------------+
+| sensu-client | X | | | | | |
++----------------+-------------+-------------+-------------+-------------+-----------------+--------------+
configured via puppet
requires:
- overcloud-resource-registry-puppet.yaml
+ - file: environments/cinder-veritas-hyperscale-config.yaml
+ title: Cinder Veritas HyperScale backend
+ description: >
+ Enables a Cinder Veritas HyperScale backend,
+ configured via puppet
+ requires:
+ - overcloud-resource-registry-puppet.yaml
- title: Ceph
description: >
Enable the use of Ceph in the overcloud
- OS::TripleO::Services::TripleoFirewall
- OS::TripleO::Services::NovaCompute
- OS::TripleO::Services::NovaLibvirt
+ - OS::TripleO::Services::NovaMigrationTarget
- OS::TripleO::Services::MySQLClient
- OS::TripleO::Services::Sshd
+ - OS::TripleO::Services::Iscsid
- name: Controller
CountDefault: 1
- OS::TripleO::Services::TripleoPackages
- OS::TripleO::Services::TripleoFirewall
- OS::TripleO::Services::Sshd
+ - OS::TripleO::Services::Iscsid
# Some infra instances don't pass the ping test but are otherwise working.
# Since the OVB jobs also test this functionality we can shut it off here.
OS::TripleO::AllNodes::Validation: ../common/all-nodes-validation-disabled.yaml
+ OS::TripleO::Services::NovaMigrationTarget: OS::Heat::None
parameter_defaults:
ControllerServices:
- OS::TripleO::Services::TripleoPackages
- OS::TripleO::Services::NovaCompute
- OS::TripleO::Services::NovaLibvirt
+ - OS::TripleO::Services::NovaMigrationTarget
- OS::TripleO::Services::Sshd
+ - OS::TripleO::Services::Iscsid
ControllerExtraConfig:
nova::compute::libvirt::services::libvirt_virt_type: qemu
nova::compute::libvirt::libvirt_virt_type: qemu
ceph::profile::params::osd_max_object_namespace_len: 64
SwiftCeilometerPipelineEnabled: False
Debug: True
+ NotificationDriver: 'noop'
Debug:
type: string
default: ''
+ description: Set to True to enable debugging on all services.
resources:
- OS::TripleO::Services::NovaLibvirt
- OS::TripleO::Services::Horizon
- OS::TripleO::Services::TripleoFirewall
+ - OS::TripleO::Services::NovaMigrationTarget
- OS::TripleO::Services::Sshd
+ - OS::TripleO::Services::Iscsid
ControllerExtraConfig:
nova::compute::libvirt::services::libvirt_virt_type: qemu
nova::compute::libvirt::libvirt_virt_type: qemu
ceph::profile::params::osd_max_object_namespace_len: 64
SwiftCeilometerPipelineEnabled: False
Debug: True
+ NotificationDriver: 'noop'
- OS::TripleO::Services::NovaScheduler
- OS::TripleO::Services::NovaCompute
- OS::TripleO::Services::NovaLibvirt
+ - OS::TripleO::Services::NovaMigrationTarget
- OS::TripleO::Services::Pacemaker
- OS::TripleO::Services::Horizon
- OS::TripleO::Services::Sshd
+ - OS::TripleO::Services::Iscsid
ControllerExtraConfig:
nova::compute::libvirt::services::libvirt_virt_type: qemu
nova::compute::libvirt::libvirt_virt_type: qemu
heat::rpc_response_timeout: 600
SwiftCeilometerPipelineEnabled: False
Debug: True
+ NotificationDriver: 'noop'
# Some infra instances don't pass the ping test but are otherwise working.
# Since the OVB jobs also test this functionality we can shut it off here.
OS::TripleO::AllNodes::Validation: ../common/all-nodes-validation-disabled.yaml
+ OS::TripleO::Services::NovaMigrationTarget: OS::Heat::None
parameter_defaults:
ControllerServices:
- OS::TripleO::Services::Timezone
- OS::TripleO::Services::NovaCompute
- OS::TripleO::Services::NovaLibvirt
+ - OS::TripleO::Services::NovaMigrationTarget
- OS::TripleO::Services::MongoDb
- OS::TripleO::Services::Redis
- OS::TripleO::Services::AodhApi
- OS::TripleO::Services::TripleoFirewall
- OS::TripleO::Services::FluentdClient
- OS::TripleO::Services::SensuClient
+ - OS::TripleO::Services::Iscsid
ControllerExtraConfig:
nova::compute::libvirt::services::libvirt_virt_type: qemu
- OS::TripleO::Services::Timezone
- OS::TripleO::Services::NovaCompute
- OS::TripleO::Services::NovaLibvirt
+ - OS::TripleO::Services::NovaMigrationTarget
- OS::TripleO::Services::MongoDb
- OS::TripleO::Services::Redis
- OS::TripleO::Services::AodhApi
- OS::TripleO::Services::TripleoFirewall
- OS::TripleO::Services::FluentdClient
- OS::TripleO::Services::SensuClient
+ - OS::TripleO::Services::Iscsid
ControllerExtraConfig:
nova::compute::libvirt::services::libvirt_virt_type: qemu
# Some infra instances don't pass the ping test but are otherwise working.
# Since the OVB jobs also test this functionality we can shut it off here.
OS::TripleO::AllNodes::Validation: ../common/all-nodes-validation-disabled.yaml
+ OS::TripleO::Services::NovaMigrationTarget: OS::Heat::None
parameter_defaults:
ControllerServices:
- OS::TripleO::Services::Timezone
- OS::TripleO::Services::NovaCompute
- OS::TripleO::Services::NovaLibvirt
+ - OS::TripleO::Services::NovaMigrationTarget
- OS::TripleO::Services::CinderApi
- OS::TripleO::Services::CinderBackup
- OS::TripleO::Services::CinderScheduler
- OS::TripleO::Services::TripleoPackages
- OS::TripleO::Services::TripleoFirewall
- OS::TripleO::Services::Sshd
+ - OS::TripleO::Services::Iscsid
ControllerExtraConfig:
nova::compute::libvirt::services::libvirt_virt_type: qemu
nova::compute::libvirt::libvirt_virt_type: qemu
Debug: true
SwiftCeilometerPipelineEnabled: false
+ NotificationDriver: 'noop'
- OS::TripleO::Services::Timezone
- OS::TripleO::Services::NovaCompute
- OS::TripleO::Services::NovaLibvirt
+ - OS::TripleO::Services::NovaMigrationTarget
- OS::TripleO::Services::CinderApi
- OS::TripleO::Services::CinderBackup
- OS::TripleO::Services::CinderScheduler
- OS::TripleO::Services::TripleoPackages
- OS::TripleO::Services::TripleoFirewall
- OS::TripleO::Services::Sshd
+ - OS::TripleO::Services::Iscsid
ControllerExtraConfig:
nova::compute::libvirt::services::libvirt_virt_type: qemu
nova::compute::libvirt::libvirt_virt_type: qemu
Debug: true
SwiftCeilometerPipelineEnabled: false
+ NotificationDriver: 'noop'
# Some infra instances don't pass the ping test but are otherwise working.
# Since the OVB jobs also test this functionality we can shut it off here.
OS::TripleO::AllNodes::Validation: ../common/all-nodes-validation-disabled.yaml
+ OS::TripleO::Services::NovaMigrationTarget: OS::Heat::None
parameter_defaults:
ControllerServices:
- OS::TripleO::Services::TripleoPackages
- OS::TripleO::Services::TripleoFirewall
- OS::TripleO::Services::Sshd
+ - OS::TripleO::Services::Iscsid
ControllerExtraConfig:
nova::compute::libvirt::services::libvirt_virt_type: qemu
nova::compute::libvirt::libvirt_virt_type: qemu
GlanceBackend: 'file'
KeystoneTokenProvider: 'fernet'
SwiftCeilometerPipelineEnabled: false
+ NotificationDriver: 'noop'
- OS::TripleO::Services::Snmp
- OS::TripleO::Services::Timezone
- OS::TripleO::Services::NovaCompute
+ - OS::TripleO::Services::NovaMigrationTarget
- OS::TripleO::Services::NovaLibvirt
- OS::TripleO::Services::SaharaApi
- OS::TripleO::Services::SaharaEngine
- OS::TripleO::Services::TripleoPackages
- OS::TripleO::Services::TripleoFirewall
- OS::TripleO::Services::Sshd
+ - OS::TripleO::Services::Iscsid
ControllerExtraConfig:
nova::compute::libvirt::services::libvirt_virt_type: qemu
nova::compute::libvirt::libvirt_virt_type: qemu
GlanceBackend: 'file'
KeystoneTokenProvider: 'fernet'
SwiftCeilometerPipelineEnabled: false
+ NotificationDriver: 'noop'
OS::TripleO::Services::SwiftRingBuilder: OS::Heat::None
OS::TripleO::Services::ManilaApi: ../../docker/services/manila-api.yaml
OS::TripleO::Services::ManilaScheduler: ../../docker/services/manila-scheduler.yaml
- # NOTE: being containerized here: https://review.openstack.org/#/c/471527/
- OS::TripleO::Services::ManilaShare: ../../puppet/services/manila-share.yaml
+ OS::TripleO::Services::ManilaShare: ../../docker/services/manila-share.yaml
OS::TripleO::Services::ManilaBackendCephFs: ../../puppet/services/manila-backend-cephfs.yaml
# TODO: containerize NeutronBgpVpnApi
OS::TripleO::Services::NeutronBgpVpnApi: ../../puppet/services/neutron-bgpvpn-api.yaml
# Some infra instances don't pass the ping test but are otherwise working.
# Since the OVB jobs also test this functionality we can shut it off here.
OS::TripleO::AllNodes::Validation: ../common/all-nodes-validation-disabled.yaml
+ OS::TripleO::Services::NovaMigrationTarget: OS::Heat::None
parameter_defaults:
- OS::TripleO::Services::Timezone
- OS::TripleO::Services::NovaCompute
- OS::TripleO::Services::NovaLibvirt
+ - OS::TripleO::Services::NovaMigrationTarget
- OS::TripleO::Services::TripleoPackages
- OS::TripleO::Services::TripleoFirewall
- OS::TripleO::Services::Sshd
+ - OS::TripleO::Services::Iscsid
ControllerExtraConfig:
nova::compute::libvirt::services::libvirt_virt_type: qemu
nova::compute::libvirt::libvirt_virt_type: qemu
SwiftCeilometerPipelineEnabled: false
NeutronServicePlugins: 'router, networking_bgpvpn.neutron.services.plugin.BGPVPNPlugin'
BgpvpnServiceProvider: 'BGPVPN:Dummy:networking_bgpvpn.neutron.services.service_drivers.driver_api.BGPVPNDriver:default'
+ NotificationDriver: 'noop'
- OS::TripleO::Services::Timezone
- OS::TripleO::Services::NovaCompute
- OS::TripleO::Services::NovaLibvirt
+ - OS::TripleO::Services::NovaMigrationTarget
- OS::TripleO::Services::TripleoPackages
- OS::TripleO::Services::TripleoFirewall
- OS::TripleO::Services::Sshd
+ - OS::TripleO::Services::Iscsid
ControllerExtraConfig:
nova::compute::libvirt::services::libvirt_virt_type: qemu
nova::compute::libvirt::libvirt_virt_type: qemu
NeutronServicePlugins: 'router, networking_bgpvpn.neutron.services.plugin.BGPVPNPlugin, networking_l2gw.services.l2gateway.plugin.L2GatewayPlugin'
BgpvpnServiceProvider: 'BGPVPN:Dummy:networking_bgpvpn.neutron.services.service_drivers.driver_api.BGPVPNDriver:default'
L2gwServiceProvider: ['L2GW:l2gw:networking_l2gw.services.l2gateway.service_drivers.L2gwDriver:default']
+ NotificationDriver: 'noop'
--- /dev/null
+resource_registry:
+ OS::TripleO::Controller::Net::SoftwareConfig: ../common/net-config-multinode.yaml
+ OS::TripleO::Compute::Net::SoftwareConfig: ../common/net-config-multinode.yaml
+ OS::TripleO::Services::NovaIronic: ../docker/services/nova-ironic.yaml
+ OS::TripleO::Services::IronicApi: ../docker/services/ironic-api.yaml
+ OS::TripleO::Services::IronicConductor: ../docker/services/ironic-conductor.yaml
+ OS::TripleO::Services::IronicPxe: ../docker/services/ironic-pxe.yaml
+ OS::TripleO::Services::Docker: OS::Heat::None
+
+parameter_defaults:
+ ControllerServices:
+ - OS::TripleO::Services::Docker
+ - OS::TripleO::Services::Kernel
+ - OS::TripleO::Services::Keystone
+ - OS::TripleO::Services::GlanceApi
+ - OS::TripleO::Services::IronicApi
+ - OS::TripleO::Services::IronicConductor
+ - OS::TripleO::Services::IronicPxe
+ - OS::TripleO::Services::MySQL
+ - OS::TripleO::Services::MySQLClient
+ - OS::TripleO::Services::NeutronDhcpAgent
+ - OS::TripleO::Services::NeutronL3Agent
+ - OS::TripleO::Services::NeutronMetadataAgent
+ - OS::TripleO::Services::NeutronServer
+ - OS::TripleO::Services::NeutronCorePlugin
+ - OS::TripleO::Services::NeutronOvsAgent
+ - OS::TripleO::Services::RabbitMQ
+ - OS::TripleO::Services::HAproxy
+ - OS::TripleO::Services::Keepalived
+ - OS::TripleO::Services::Memcached
+ - OS::TripleO::Services::Pacemaker
+ - OS::TripleO::Services::NovaConductor
+ - OS::TripleO::Services::NovaApi
+ - OS::TripleO::Services::NovaIronic
+ - OS::TripleO::Services::NovaPlacement
+ - OS::TripleO::Services::NovaMetadata
+ - OS::TripleO::Services::NovaScheduler
+ - OS::TripleO::Services::Ntp
+ - OS::TripleO::Services::Snmp
+ - OS::TripleO::Services::Sshd
+ - OS::TripleO::Services::Securetty
+ - OS::TripleO::Services::Timezone
+ - OS::TripleO::Services::MongoDb
+ - OS::TripleO::Services::Redis
+ - OS::TripleO::Services::TripleoPackages
+ - OS::TripleO::Services::TripleoFirewall
+
+ Debug: true
+ BannerText: |
+ ******************************************************************
+ * This system is for the use of authorized users only. Usage of *
+ * this system may be monitored and recorded by system personnel. *
+ * Anyone using this system expressly consents to such monitoring *
+ * and is advised that if such monitoring reveals possible *
+ * evidence of criminal activity, system personnel may provide *
+ * the evidence from such monitoring to law enforcement officials.*
+ ******************************************************************
+ # we don't deploy Swift so we switch to file backend.
+ GlanceBackend: 'file'
+ IronicCleaningDiskErase: 'metadata'
+ NotificationDriver: 'noop'
--- /dev/null
+resource_registry:
+ OS::TripleO::Controller::Net::SoftwareConfig: ../common/net-config-multinode.yaml
+ OS::TripleO::Compute::Net::SoftwareConfig: ../common/net-config-multinode.yaml
+ OS::TripleO::Services::RabbitMQ: ../../puppet/services/pacemaker/rabbitmq.yaml
+ OS::TripleO::Services::HAproxy: ../../puppet/services/pacemaker/haproxy.yaml
+ OS::TripleO::Services::Pacemaker: ../../puppet/services/pacemaker.yaml
+ OS::TripleO::Services::MySQL: ../../puppet/services/pacemaker/database/mysql.yaml
+ OS::TripleO::Services::Keepalived: OS::Heat::None
+ OS::TripleO::Tasks::ControllerPreConfig: ../../extraconfig/tasks/pre_puppet_pacemaker.yaml
+ OS::TripleO::Tasks::ControllerPostConfig: ../../extraconfig/tasks/post_puppet_pacemaker.yaml
+ OS::TripleO::Tasks::ControllerPostPuppetRestart: ../../extraconfig/tasks/post_puppet_pacemaker_restart.yaml
+ # Disable neutron services not required for OVN and enable services required for OVN.
+ OS::TripleO::Services::NeutronL3Agent: OS::Heat::None
+ OS::TripleO::Services::NeutronOvsAgent: OS::Heat::None
+ OS::TripleO::Services::NeutronMetadataAgent: OS::Heat::None
+ OS::TripleO::Services::NeutronDhcpAgent: OS::Heat::None
+ OS::TripleO::Services::ComputeNeutronOvsAgent: OS::Heat::None
+ OS::TripleO::Services::NeutronCorePlugin: OS::TripleO::Services::NeutronCorePluginML2OVN
+ OS::TripleO::Services::ComputeNeutronCorePlugin: ../../puppet/services/neutron-compute-plugin-ovn.yaml
+ OS::TripleO::Services::OVNDBs: ../../puppet/services/ovn-dbs.yaml
+
+parameter_defaults:
+ ControllerServices:
+ - OS::TripleO::Services::Docker
+ - OS::TripleO::Services::Kernel
+ - OS::TripleO::Services::Keystone
+ - OS::TripleO::Services::GlanceApi
+ - OS::TripleO::Services::HeatApi
+ - OS::TripleO::Services::HeatApiCfn
+ - OS::TripleO::Services::HeatApiCloudwatch
+ - OS::TripleO::Services::HeatEngine
+ - OS::TripleO::Services::MySQL
+ - OS::TripleO::Services::MySQLClient
+ - OS::TripleO::Services::NeutronServer
+ - OS::TripleO::Services::NeutronCorePlugin
+ - OS::TripleO::Services::OVNDBs
+ - OS::TripleO::Services::ComputeNeutronCorePlugin
+ - OS::TripleO::Services::RabbitMQ
+ - OS::TripleO::Services::HAproxy
+ - OS::TripleO::Services::Keepalived
+ - OS::TripleO::Services::Memcached
+ - OS::TripleO::Services::Pacemaker
+ - OS::TripleO::Services::NovaConductor
+ - OS::TripleO::Services::NovaApi
+ - OS::TripleO::Services::NovaPlacement
+ - OS::TripleO::Services::NovaMetadata
+ - OS::TripleO::Services::NovaScheduler
+ - OS::TripleO::Services::Ntp
+ - OS::TripleO::Services::Snmp
+ - OS::TripleO::Services::Timezone
+ - OS::TripleO::Services::NovaCompute
+ - OS::TripleO::Services::NovaLibvirt
+ - OS::TripleO::Services::TripleoPackages
+ - OS::TripleO::Services::TripleoFirewall
+ - OS::TripleO::Services::Sshd
+ ControllerExtraConfig:
+ nova::compute::libvirt::services::libvirt_virt_type: qemu
+ nova::compute::libvirt::libvirt_virt_type: qemu
+ # For OVN.
+ NeutronMechanismDrivers: ovn
+ OVNVifType: ovs
+ OVNNeutronSyncMode: log
+ OVNQosDriver: ovn-qos
+ OVNTunnelEncapType: geneve
+ NeutronEnableDHCPAgent: false
+ NeutronTypeDrivers: 'geneve,vlan,flat,vxlan'
+ NeutronNetworkType: 'geneve'
+ NeutronServicePlugins: 'qos,networking_ovn.l3.l3_ovn.OVNL3RouterPlugin'
+ NeutronVniRanges: ['1:65536', ]
+ OVNBridgeMappings: 'datacentre:br-ex'
+ Debug: true
+ # we don't deploy Swift so we switch to file backend.
+ GlanceBackend: 'file'
+ KeystoneTokenProvider: 'fernet'
+ SwiftCeilometerPipelineEnabled: false
--- /dev/null
+heat_template_version: pike
+
+description: >
+ HOT template to created resources deployed by scenario007.
+parameters:
+ key_name:
+ type: string
+ description: Name of keypair to assign to servers
+ default: 'pingtest_key'
+ image:
+ type: string
+ description: Name of image to use for servers
+ default: 'pingtest_image'
+ public_net_name:
+ type: string
+ default: 'nova'
+ description: >
+ ID or name of public network for which floating IP addresses will be allocated
+ private_net_name:
+ type: string
+ description: Name of private network to be created
+ default: 'default-net'
+ private_net_cidr:
+ type: string
+ description: Private network address (CIDR notation)
+ default: '192.168.2.0/24'
+ private_net_gateway:
+ type: string
+ description: Private network gateway address
+ default: '192.168.2.1'
+ private_net_pool_start:
+ type: string
+ description: Start of private network IP address allocation pool
+ default: '192.168.2.100'
+ private_net_pool_end:
+ type: string
+ default: '192.168.2.200'
+ description: End of private network IP address allocation pool
+
+resources:
+
+ key_pair:
+ type: OS::Nova::KeyPair
+ properties:
+ save_private_key: true
+ name: {get_param: key_name }
+
+ private_net:
+ type: OS::Neutron::Net
+ properties:
+ name: { get_param: private_net_name }
+
+ private_subnet:
+ type: OS::Neutron::Subnet
+ properties:
+ network_id: { get_resource: private_net }
+ cidr: { get_param: private_net_cidr }
+ gateway_ip: { get_param: private_net_gateway }
+ allocation_pools:
+ - start: { get_param: private_net_pool_start }
+ end: { get_param: private_net_pool_end }
+
+ router:
+ type: OS::Neutron::Router
+ properties:
+ external_gateway_info:
+ network: { get_param: public_net_name }
+
+ router_interface:
+ type: OS::Neutron::RouterInterface
+ properties:
+ router_id: { get_resource: router }
+ subnet_id: { get_resource: private_subnet }
+
+ server1:
+ type: OS::Nova::Server
+ properties:
+ name: Server1
+ flavor: { get_resource: test_flavor }
+ image: { get_param: image }
+ key_name: { get_resource: key_pair }
+ networks:
+ - port: { get_resource: server1_port }
+
+ server1_port:
+ type: OS::Neutron::Port
+ properties:
+ network_id: { get_resource: private_net }
+ fixed_ips:
+ - subnet_id: { get_resource: private_subnet }
+ security_groups: [{ get_resource: server_security_group }]
+
+ server1_floating_ip:
+ type: OS::Neutron::FloatingIP
+ # TODO: investigate why we need this depends_on and if we could
+ # replace it by router_id with get_resource: router_interface
+ depends_on: router_interface
+ properties:
+ floating_network: { get_param: public_net_name }
+ port_id: { get_resource: server1_port }
+
+ server_security_group:
+ type: OS::Neutron::SecurityGroup
+ properties:
+ description: Add security group rules for server
+ name: pingtest-security-group
+ rules:
+ - remote_ip_prefix: 0.0.0.0/0
+ protocol: tcp
+ port_range_min: 22
+ port_range_max: 22
+ - remote_ip_prefix: 0.0.0.0/0
+ protocol: icmp
+
+ test_flavor:
+ type: OS::Nova::Flavor
+ properties:
+ ram: 512
+ vcpus: 1
+
+outputs:
+ server1_private_ip:
+ description: IP address of server1 in private network
+ value: { get_attr: [ server1, first_address ] }
+ server1_public_ip:
+ description: Floating IP address of server1 in public network
+ value: { get_attr: [ server1_floating_ip, floating_ip_address ] }
+++ /dev/null
-This will contain some common templates but it needs to be added to the RPM spec first
--- /dev/null
+heat_template_version: pike
+
+description: >
+ Utility stack to convert an array of services into a set of combined
+ role configs.
+
+parameters:
+ Services:
+ default: []
+ description: |
+ List nested stack service templates.
+ type: comma_delimited_list
+ ServiceData:
+ default: {}
+ description: Dictionary packing service data
+ type: json
+ ServiceNetMap:
+ default: {}
+ description: Mapping of service_name -> network name. Typically set
+ via parameter_defaults in the resource registry. This
+ mapping overrides those in ServiceNetMapDefaults.
+ type: json
+ EndpointMap:
+ default: {}
+ description: Mapping of service endpoint -> protocol. Typically set
+ via parameter_defaults in the resource registry.
+ type: json
+ DefaultPasswords:
+ default: {}
+ description: Mapping of service -> default password. Used to help
+ pass top level passwords managed by Heat into services.
+ type: json
+ RoleName:
+ default: ''
+ description: Role name on which the service is applied
+ type: string
+ RoleParameters:
+ description: Role Specific parameters to be provided to service
+ default: {}
+ type: json
+
+resources:
+
+ ServiceChain:
+ type: OS::Heat::ResourceChain
+ properties:
+ resources: {get_param: Services}
+ concurrent: true
+ resource_properties:
+ ServiceData: {get_param: ServiceData}
+ ServiceNetMap: {get_param: ServiceNetMap}
+ EndpointMap: {get_param: EndpointMap}
+ DefaultPasswords: {get_param: DefaultPasswords}
+ RoleName: {get_param: RoleName}
+ RoleParameters: {get_param: RoleParameters}
+
+ LoggingConfiguration:
+ type: OS::TripleO::LoggingConfiguration
+
+ ServiceServerMetadataHook:
+ type: OS::TripleO::ServiceServerMetadataHook
+ properties:
+ RoleData: {get_attr: [ServiceChain, role_data]}
+
+ PuppetStepConfig:
+ type: OS::Heat::Value
+ properties:
+ type: string
+ value:
+ yaql:
+ expression:
+ # select 'step_config' only from services that do not have a docker_config
+ coalesce($.data.service_names, []).zip(coalesce($.data.step_config, []), coalesce($.data.docker_config, [])).where($[2] = null).where($[1] != null).select($[1]).join("\n")
+ data:
+ service_names: {get_attr: [ServiceChain, role_data, service_name]}
+ step_config: {get_attr: [ServiceChain, role_data, step_config]}
+ docker_config: {get_attr: [ServiceChain, role_data, docker_config]}
+
+ DockerConfig:
+ type: OS::Heat::Value
+ properties:
+ type: json
+ value:
+ yaql:
+ expression:
+ # select 'docker_config' only from services that have it
+ coalesce($.data.service_names, []).zip(coalesce($.data.docker_config, [])).where($[1] != null).select($[1]).reduce($1.mergeWith($2), {})
+ data:
+ service_names: {get_attr: [ServiceChain, role_data, service_names]}
+ docker_config: {get_attr: [ServiceChain, role_data, docker_config]}
+
+ LoggingSourcesConfig:
+ type: OS::Heat::Value
+ properties:
+ type: comma_delimited_list
+ value:
+ # Transform the individual logging_source configuration from
+ # each service in the chain into a global list, adding some
+ # default configuration at the same time.
+ yaql:
+ expression: >
+ let(
+ default_format => coalesce($.data.default_format, ''),
+ pos_file_path => coalesce($.data.pos_file_path, ''),
+ sources => coalesce($.data.sources, {}).flatten()
+ ) ->
+ $sources.where($ != null).select({
+ 'type' => 'tail',
+ 'tag' => $.tag,
+ 'path' => $.path,
+ 'format' => $.get('format', $default_format),
+ 'pos_file' => $.get('pos_file', $pos_file_path + '/' + $.tag + '.pos')
+ })
+ data:
+ sources:
+ - {get_attr: [LoggingConfiguration, LoggingDefaultSources]}
+ - yaql:
+ expression: list(coalesce($.data.role_data, []).where($ != null).select($.get('logging_source')).where($ != null))
+ data: {role_data: {get_attr: [ServiceChain, role_data]}}
+
+ - {get_attr: [LoggingConfiguration, LoggingExtraSources]}
+ default_format: {get_attr: [LoggingConfiguration, LoggingDefaultFormat]}
+ pos_file_path: {get_attr: [LoggingConfiguration, LoggingPosFilePath]}
+
+ LoggingGroupsConfig:
+ type: OS::Heat::Value
+ properties:
+ type: comma_delimited_list
+ value:
+ # Build a list of unique groups to which we should add the
+ # fluentd user.
+ yaql:
+ expression: >
+ set((coalesce($.data.default, []) + coalesce($.data.extra, []) + coalesce($.data.role_data, []).where($ != null).select($.get('logging_groups'))).flatten()).where($)
+ data:
+ default: {get_attr: [LoggingConfiguration, LoggingDefaultGroups]}
+ extra: {get_attr: [LoggingConfiguration, LoggingExtraGroups]}
+ role_data: {get_attr: [ServiceChain, role_data]}
+
+ MonitoringSubscriptionsConfig:
+ type: OS::Heat::Value
+ properties:
+ type: comma_delimited_list
+ value:
+ yaql:
+ expression: list(coalesce($.data.role_data, []).where($ != null).select($.get('monitoring_subscription')).where($ != null))
+ data: {role_data: {get_attr: [ServiceChain, role_data]}}
+
+ ServiceNames:
+ type: OS::Heat::Value
+ properties:
+ type: comma_delimited_list
+ value:
+ filter:
+ - [null]
+ - {get_attr: [ServiceChain, role_data, service_name]}
+
+ GlobalConfigSettings:
+ type: OS::Heat::Value
+ properties:
+ type: json
+ value:
+ map_merge:
+ yaql:
+ expression: list(coalesce($.data.role_data, []).where($ != null).select($.get('global_config_settings')).where($ != null))
+ data: {role_data: {get_attr: [ServiceChain, role_data]}}
+
+ ServiceConfigSettings:
+ type: OS::Heat::Value
+ properties:
+ type: json
+ value:
+ yaql:
+ expression: coalesce($.data.role_data, []).where($ != null).select($.get('service_config_settings')).where($ != null).reduce($1.mergeWith($2), {})
+ data: {role_data: {get_attr: [ServiceChain, role_data]}}
+
+ ServiceWorkflowTasks:
+ type: OS::Heat::Value
+ properties:
+ type: json
+ value:
+ yaql:
+ expression: coalesce($.data.role_data, []).where($ != null).select($.get('service_workflow_tasks')).where($ != null).reduce($1.mergeWith($2), {})
+ data: {role_data: {get_attr: [ServiceChain, role_data]}}
+
+ UpgradeTasks:
+ type: OS::Heat::Value
+ properties:
+ type: comma_delimited_list
+ value:
+ yaql:
+ # Note we use distinct() here to filter any identical tasks, e.g yum update for all services
+ expression: coalesce($.data, []).where($ != null).select($.get('upgrade_tasks')).where($ != null).flatten().distinct()
+ data: {get_attr: [ServiceChain, role_data]}
+
+ UpgradeBatchTasks:
+ type: OS::Heat::Value
+ properties:
+ type: comma_delimited_list
+ value:
+ yaql:
+ expression: coalesce($.data, []).where($ != null).select($.get('upgrade_batch_tasks')).where($ != null).flatten().distinct()
+ data: {get_attr: [ServiceChain, role_data]}
+
+ PuppetConfig:
+ type: OS::Heat::Value
+ properties:
+ type: comma_delimited_list
+ value:
+ yaql:
+ expression: coalesce($.data, []).where($ != null).select($.get('puppet_config')).where($ != null).distinct()
+ data: {get_attr: [ServiceChain, role_data]}
+
+ KollaConfig:
+ type: OS::Heat::Value
+ properties:
+ type: json
+ value:
+ yaql:
+ expression: coalesce($.data.role_data, []).where($ != null).select($.get('kolla_config')).where($ != null).reduce($1.mergeWith($2), {})
+ data: {role_data: {get_attr: [ServiceChain, role_data]}}
+
+ DockerPuppetTasks:
+ type: OS::Heat::Value
+ properties:
+ type: json
+ value:
+ yaql:
+ expression: dict(coalesce($.data, []).where($ != null).select($.get('docker_puppet_tasks')).where($ != null).selectMany($.items()).groupBy($[0], $[1]))
+ data: {get_attr: [ServiceChain, role_data]}
+
+ HostPrepTasks:
+ type: OS::Heat::Value
+ properties:
+ type: comma_delimited_list
+ value:
+ yaql:
+ # Note we use distinct() here to filter any identical tasks
+ expression: coalesce($.data, []).where($ != null).select($.get('host_prep_tasks')).where($ != null).flatten().distinct()
+ data: {get_attr: [ServiceChain, role_data]}
+
+outputs:
+ role_data:
+ description: Combined Role data for this set of services.
+ value:
+ service_names: {get_attr: [ServiceNames, value]}
+ monitoring_subscriptions: {get_attr: [MonitoringSubscriptionsConfig, value]}
+ logging_sources: {get_attr: [LoggingSourcesConfig, value]}
+ logging_groups: {get_attr: [LoggingGroupsConfig, value]}
+ config_settings: {map_merge: {get_attr: [ServiceChain, role_data, config_settings]}}
+ global_config_settings: {get_attr: [GlobalConfigSettings, value]}
+ service_config_settings: {get_attr: [ServiceConfigSettings, value]}
+ service_workflow_tasks: {get_attr: [ServiceWorkflowTasks, value]}
+ step_config: {get_attr: [PuppetStepConfig, value]}
+ upgrade_tasks: {get_attr: [UpgradeTasks, value]}
+ upgrade_batch_tasks: {get_attr: [UpgradeBatchTasks, value]}
+ service_metadata_settings: {get_attr: [ServiceServerMetadataHook, metadata]}
+
+ # Keys to support docker/services
+ puppet_config: {get_attr: [PuppetConfig, value]}
+ kolla_config: {get_attr: [KollaConfig, value]}
+ docker_config: {get_attr: [DockerConfig, value]}
+ docker_puppet_tasks: {get_attr: [DockerPuppetTasks, value]}
+ host_prep_tasks: {get_attr: [HostPrepTasks, value]}
DeployedServerBootstrapDeployment:
type: OS::Heat::SoftwareDeployment
properties:
+ name: DeployedServerBootstrapDeployment
config: {get_resource: DeployedServerBootstrapConfig}
server: {get_param: server}
DeployedServerBootstrapDeployment:
type: OS::Heat::SoftwareDeployment
properties:
+ name: DeployedServerBootstrapDeployment
config: {get_resource: DeployedServerBootstrapConfig}
server: {get_param: server}
--- /dev/null
+heat_template_version: pike
+
+parameters:
+ RoleCounts:
+ type: json
+ default: {}
+ VipMap:
+ type: json
+ default: {}
+ DeployedServerPortMap:
+ type: json
+ default: {}
+ DeployedServerDeploymentSwiftDataMap:
+ type: json
+ default: {}
+ DefaultRouteIp:
+ type: string
+ default: 192.168.24.1
+
+resources:
+
+ DeployedServerPortMapParameter:
+ type: OS::Heat::Value
+ properties:
+ type: json
+ value:
+ DeployedServerPortMap:
+ map_merge:
+ - {get_param: DeployedServerPortMap}
+ - control_virtual_ip:
+ fixed_ips:
+ - ip_address: {get_param: [VipMap, ctlplane]}
+ - redis_virtual_ip:
+ fixed_ips:
+ - ip_address: {get_param: [VipMap, redis]}
+
+ DeployedServerEnvironment:
+ type: OS::Heat::Value
+ properties:
+ type: json
+ value:
+ parameter_defaults:
+ map_merge:
+ - {get_attr: [DeployedServerPortMapParameter, value]}
+ - DeploymentSwiftDataMap: {get_param: DeployedServerDeploymentSwiftDataMap}
+ - EC2MetadataIp: {get_param: DefaultRouteIp}
+ - ControlPlaneDefaultRoute: {get_param: DefaultRouteIp}
+ - {get_param: RoleCounts}
+
+outputs:
+ deployed_server_environment:
+ description:
+ Environment data that can be used as input into the services stack when
+ using split-stack.
+ value: {get_attr: [DeployedServerEnvironment, value]}
- OS::TripleO::Services::HeatApiCfn
- OS::TripleO::Services::HeatApiCloudwatch
- OS::TripleO::Services::HeatEngine
+ - OS::TripleO::Services::Iscsid
- OS::TripleO::Services::MySQL
- OS::TripleO::Services::MySQLClient
- OS::TripleO::Services::NeutronDhcpAgent
- OS::TripleO::Services::Snmp
- OS::TripleO::Services::NovaCompute
- OS::TripleO::Services::NovaLibvirt
+ - OS::TripleO::Services::NovaMigrationTarget
- OS::TripleO::Services::Kernel
- OS::TripleO::Services::ComputeNeutronCorePlugin
- OS::TripleO::Services::ComputeNeutronOvsAgent
- OS::TripleO::Services::OpenDaylightOvs
- OS::TripleO::Services::SensuClient
- OS::TripleO::Services::FluentdClient
+ - OS::TripleO::Services::Iscsid
- name: BlockStorageDeployedServer
disable_constraints: True
-# Using Docker Containers With TripleO
+# Containers based OpenStack deployment
-## Configuring TripleO with to use a container based compute node.
-
-Steps include:
-- Adding a base OS image to glance
-- Deploy an overcloud configured to use the docker compute heat templates
-
-## Getting base OS image working.
-
-Download the fedora atomic image into glance:
-
-```
-wget https://download.fedoraproject.org/pub/fedora/linux/releases/22/Cloud/x86_64/Images/Fedora-Cloud-Atomic-22-20150521.x86_64.qcow2
-glance image-create --name atomic-image --file Fedora-Cloud-Atomic-22-20150521.x86_64.qcow2 --disk-format qcow2 --container-format bare
-```
-
-## Configuring TripleO
-
-You can use the tripleo.sh script up until the point of running the Overcloud.
-https://github.com/openstack/tripleo-common/blob/master/scripts/tripleo.sh
-
-You will want to set up the runtime puppet script delivery system described here:
-http://hardysteven.blogspot.ca/2016/08/tripleo-deploy-artifacts-and-puppet.html
-
-Create the Overcloud:
-```
-$ openstack overcloud deploy --templates=tripleo-heat-templates -e tripleo-heat-templates/environments/docker.yaml -e tripleo-heat-templates/environments/docker-network.yaml --libvirt-type=qemu
-```
-
-Using Network Isolation in the Overcloud:
-```
-$ openstack overcloud deploy --templates=tripleo-heat-templates -e tripleo-heat-templates/environments/docker.yaml -e tripleo-heat-templates/environments/docker-network-isolation.yaml --libvirt-type=qemu
-```
-
-Source the overcloudrc and then you can use the overcloud.
-
-## Debugging
-
-You can ssh into the controller/compute nodes by using the heat key, eg:
-```
-nova list
-ssh heat-admin@<compute_node_ip>
-```
-
-You can check to see what docker containers are running:
-```
-sudo docker ps -a
-```
-
-To enter a container that doesn't seem to be working right:
-```
-sudo docker exec -ti <container name> /bin/bash
-```
-
-Then you can check logs etc.
-
-You can also just do a 'docker logs' on a given container.
+https://docs.openstack.org/tripleo-docs/latest/install/containers_deployment/
- name: Write the config_step hieradata
copy: content="{{dict(step=step|int)|to_json}}" dest=/etc/puppet/hieradata/config_step.json force=true
- name: Run puppet host configuration for step {{step}}
- # FIXME: modulepath requires ansible 2.4, our builds currently only have 2.3
- # puppet: manifest=/var/lib/tripleo-config/puppet_step_config.pp modulepath=/etc/puppet/modules:/opt/stack/puppet-modules:/usr/share/openstack-puppet/modules
- puppet: manifest=/var/lib/tripleo-config/puppet_step_config.pp
+ command: >-
+ puppet apply
+ --modulepath=/etc/puppet/modules:/opt/stack/puppet-modules:/usr/share/openstack-puppet/modules
+ --logdest syslog --color=false
+ /var/lib/tripleo-config/puppet_step_config.pp
+ changed_when: false
+ check_mode: no
+ register: outputs
+ failed_when: false
+ no_log: true
+ - debug: var=(outputs.stderr|default('')).split('\n')|union(outputs.stdout_lines|default([]))
+ when: outputs is defined
+ failed_when: outputs|failed
######################################
# Generate config via docker-puppet.py
######################################
when: step == "1"
changed_when: false
check_mode: no
+ register: outputs
+ failed_when: false
+ no_log: true
+ - debug: var=(outputs.stderr|default('')).split('\n')|union(outputs.stdout_lines|default([]))
+ when: outputs is defined
+ failed_when: outputs|failed
##################################################
# Per step starting of the containers using paunch
##################################################
# the *step_n.json with a hash of the generated external config added
# This acts as a salt to enable restarting the container if config changes
- name: Start containers for step {{step}}
- command: paunch --debug apply --file /var/lib/tripleo-config/hashed-docker-container-startup-config-step_{{step}}.json --config-id tripleo_step{{step}} --managed-by tripleo-{{role_name}}
+ command: >-
+ paunch --debug apply
+ --file /var/lib/tripleo-config/hashed-docker-container-startup-config-step_{{step}}.json
+ --config-id tripleo_step{{step}} --managed-by tripleo-{{role_name}}
when: docker_config_json.stat.exists
changed_when: false
check_mode: no
+ register: outputs
+ failed_when: false
+ no_log: true
+ - debug: var=(outputs.stderr|default('')).split('\n')|union(outputs.stdout_lines|default([]))
+ when: outputs is defined
+ failed_when: outputs|failed
########################################################
# Bootstrap tasks, only performed on bootstrap_server_id
########################################################
+ - name: Check if /var/lib/docker-puppet/docker-puppet-tasks{{step}}.json exists
+ stat:
+ path: /var/lib/docker-puppet/docker-puppet-tasks{{step}}.json
+ register: docker_puppet_tasks_json
- name: Run docker-puppet tasks (bootstrap tasks)
shell: python /var/lib/docker-puppet/docker-puppet.py
environment:
NET_HOST: "true"
NO_ARCHIVE: "true"
STEP: "{{step}}"
- when: deploy_server_id == bootstrap_server_id
+ when: deploy_server_id == bootstrap_server_id and docker_puppet_tasks_json.stat.exists
changed_when: false
check_mode: no
+ register: outputs
+ failed_when: false
+ no_log: true
+ - debug: var=(outputs.stderr|default('')).split('\n')|union(outputs.stdout_lines|default([]))
+ when: outputs is defined
+ failed_when: outputs|failed
import tempfile
import multiprocessing
-log = logging.getLogger()
-ch = logging.StreamHandler(sys.stdout)
-if os.environ.get('DEBUG', False):
- log.setLevel(logging.DEBUG)
- ch.setLevel(logging.DEBUG)
-else:
- log.setLevel(logging.INFO)
- ch.setLevel(logging.INFO)
-formatter = logging.Formatter('%(asctime)s %(levelname)s: %(message)s')
-ch.setFormatter(formatter)
-log.addHandler(ch)
+logger = None
+
+def get_logger():
+ global logger
+ if logger is None:
+ logger = logging.getLogger()
+ ch = logging.StreamHandler(sys.stdout)
+ if os.environ.get('DEBUG', False):
+ logger.setLevel(logging.DEBUG)
+ ch.setLevel(logging.DEBUG)
+ else:
+ logger.setLevel(logging.INFO)
+ ch.setLevel(logging.INFO)
+ formatter = logging.Formatter('%(asctime)s %(levelname)s: '
+ '%(process)s -- %(message)s')
+ ch.setFormatter(formatter)
+ logger.addHandler(ch)
+ return logger
+
# this is to match what we do in deployed-server
def short_hostname():
process_count = int(os.environ.get('PROCESS_COUNT',
multiprocessing.cpu_count()))
-
+log = get_logger()
log.info('Running docker-puppet')
config_file = os.environ.get('CONFIG', '/var/lib/docker-puppet/docker-puppet.json')
log.debug('CONFIG: %s' % config_file)
log.info('Service compilation completed.')
def mp_puppet_config((config_volume, puppet_tags, manifest, config_image, volumes)):
-
+ log = get_logger()
+ log.info('Started processing puppet configs')
log.debug('config_volume %s' % config_volume)
log.debug('puppet_tags %s' % puppet_tags)
log.debug('manifest %s' % manifest)
touch /tmp/the_origin_of_time
sync
- FACTER_hostname=$HOSTNAME FACTER_uuid=docker /usr/bin/puppet apply --verbose $TAGS /etc/config.pp
+ FACTER_hostname=$HOSTNAME FACTER_uuid=docker /usr/bin/puppet apply \
+ --color=false --logdest syslog $TAGS /etc/config.pp
# Disables archiving
if [ -z "$NO_ARCHIVE" ]; then
- archivedirs=("/etc" "/root" "/opt" "/var/lib/ironic/tftpboot" "/var/lib/ironic/httpboot" "/var/www")
+ archivedirs=("/etc" "/root" "/opt" "/var/lib/ironic/tftpboot" "/var/lib/ironic/httpboot" "/var/www" "/var/spool/cron" "/var/lib/nova/.ssh")
rsync_srcs=""
for d in "${archivedirs[@]}"; do
if [ -d "$d" ]; then
'--volume', '/usr/share/openstack-puppet/modules/:/usr/share/openstack-puppet/modules/:ro',
'--volume', '/var/lib/config-data/:/var/lib/config-data/:rw',
'--volume', 'tripleo_logs:/var/log/tripleo/',
+ # Syslog socket for puppet logs
+ '--volume', '/dev/log:/dev/log',
# OpenSSL trusted CA injection
'--volume', '/etc/pki/ca-trust/extracted:/etc/pki/ca-trust/extracted:ro',
'--volume', '/etc/pki/tls/certs/ca-bundle.crt:/etc/pki/tls/certs/ca-bundle.crt:ro',
log.debug(cmd_stderr)
# only delete successful runs, for debugging
rm_container('docker-puppet-%s' % config_volume)
+
+ log.info('Finished processing puppet configs')
return subproc.returncode
# Holds all the information for each process to consume.
volumes = service[4] if len(service) > 4 else []
if puppet_tags:
- puppet_tags = "file,file_line,concat,augeas,%s" % puppet_tags
+ puppet_tags = "file,file_line,concat,augeas,cron,%s" % puppet_tags
else:
- puppet_tags = "file,file_line,concat,augeas"
+ puppet_tags = "file,file_line,concat,augeas,cron"
process_map.append([config_volume, puppet_tags, manifest, config_image, volumes])
{% for step in range(1, deploy_steps_max) %}
WorkflowTasks_Step{{step}}_Enabled:
or:
- {% for role in roles %}
+ {%- for role in roles %}
- not:
equals:
- get_param: [role_data, {{role.name}}, service_workflow_tasks, step{{step}}]
- ''
- False
- {% endfor %}
+ {%- endfor %}
{% endfor %}
resources:
- # These utility tasks use docker-puppet.py to execute tasks via puppet
- # We only execute these on the first node in the primary role
- {{primary_role_name}}DockerPuppetTasks:
- type: OS::Heat::Value
- properties:
- type: json
- value:
- yaql:
- expression:
- $.data.default_tasks + dict($.data.docker_puppet_tasks.where($1 != null).selectMany($.items()).groupBy($[0], $[1]))
- data:
- docker_puppet_tasks: {get_param: [role_data, {{primary_role_name}}, docker_puppet_tasks]}
- default_tasks:
-{%- for step in range(1, deploy_steps_max) %}
- step_{{step}}: {}
-{%- endfor %}
-
RoleConfig:
type: OS::Heat::SoftwareConfig
properties:
type: OS::Mistral::Workflow
condition: WorkflowTasks_Step{{step}}_Enabled
depends_on:
- {% if step == 1 %}
- {% for dep in roles %}
+ {%- if step == 1 %}
+ {%- for dep in roles %}
- {{dep.name}}PreConfig
- {{dep.name}}ArtifactsDeploy
- {% endfor %}
- {% else %}
- {% for dep in roles %}
+ {%- endfor %}
+ {%- else %}
+ {%- for dep in roles %}
- {{dep.name}}Deployment_Step{{step -1}}
- {% endfor %}
- {% endif %}
+ {%- endfor %}
+ {%- endif %}
properties:
name: {list_join: [".", ["tripleo", {get_param: stack_name}, "workflowtasks", "step{{step}}"]]}
type: direct
yaql:
expression: $.data.where($ != '').select($.get('step{{step}}')).where($ != null).flatten()
data:
- {% for role in roles %}
+ {%- for role in roles %}
- get_param: [role_data, {{role.name}}, service_workflow_tasks]
- {% endfor %}
+ {%- endfor %}
WorkflowTasks_Step{{step}}_Execution:
type: OS::Mistral::ExternalResource
params:
env:
service_ips: { get_param: ctlplane_service_ips }
+ role_merged_configs:
+ {%- for r in roles %}
+ {{r.name}}: {get_param: [role_data, {{r.name}}, merged_config_settings]}
+ {%- endfor %}
+ evaluate_env: false
UPDATE:
workflow: { get_resource: WorkflowTasks_Step{{step}} }
params:
env:
service_ips: { get_param: ctlplane_service_ips }
+ role_merged_configs:
+ {%- for r in roles %}
+ {{r.name}}: {get_param: [role_data, {{r.name}}, merged_config_settings]}
+ {%- endfor %}
+ evaluate_env: false
always_update: true
# END service_workflow_tasks handling
{% endfor %}
vars:
puppet_config: {get_param: [role_data, {{role.name}}, puppet_config]}
docker_puppet_script: {get_file: docker-puppet.py}
- docker_puppet_tasks: {get_attr: [{{primary_role_name}}DockerPuppetTasks, value]}
- docker_startup_configs: {get_attr: [{{role.name}}DockerConfig, value]}
+ docker_puppet_tasks: {get_param: [role_data, {{role.name}}, docker_puppet_tasks]}
+ docker_startup_configs: {get_param: [role_data, {{role.name}}, docker_config]}
kolla_config: {get_param: [role_data, {{role.name}}, kolla_config]}
bootstrap_server_id: {get_param: [servers, {{primary_role_name}}, '0']}
- puppet_step_config: {get_attr: [{{role.name}}PuppetStepConfig, value]}
+ puppet_step_config: {get_param: [role_data, {{role.name}}, step_config]}
tasks:
# Join host_prep_tasks with the other per-host configuration
yaql:
file: path=/var/lib/tripleo-config state=directory
- name: Write the puppet step_config manifest
copy: content="{{puppet_step_config}}" dest=/var/lib/tripleo-config/puppet_step_config.pp force=yes
- # This is the docker-puppet configs end in
+ # this creates a JSON config file for our docker-puppet.py script
- name: Create /var/lib/docker-puppet
file: path=/var/lib/docker-puppet state=directory
- # this creates a JSON config file for our docker-puppet.py script
- name: Write docker-puppet-tasks json files
copy: content="{{puppet_config | to_json}}" dest=/var/lib/docker-puppet/docker-puppet.json force=yes
# FIXME: can we move docker-puppet somewhere so it's installed via a package?
########################################################
# Bootstrap tasks, only performed on bootstrap_server_id
########################################################
+ - name: Clean /var/lib/docker-puppet/docker-puppet-tasks*.json files
+ file:
+ path: "{{item}}"
+ state: absent
+ with_fileglob:
+ - /var/lib/docker-puppet/docker-puppet-tasks*.json
+ when: deploy_server_id == bootstrap_server_id
- name: Write docker-puppet-tasks json files
copy: content="{{item.value|to_json}}" dest=/var/lib/docker-puppet/docker-puppet-tasks{{item.key.replace("step_", "")}}.json force=yes
with_dict: "{{docker_puppet_tasks}}"
servers: {get_param: [servers, {{role.name}}]}
config: {get_resource: {{role.name}}HostPrepConfig}
- {{role.name}}PuppetStepConfig:
- type: OS::Heat::Value
- properties:
- type: string
- value:
- yaql:
- expression:
- # select 'step_config' only from services that do not have a docker_config
- $.data.service_names.zip($.data.step_config, $.data.docker_config).where($[2] = null).where($[1] != null).select($[1]).join("\n")
- data:
- service_names: {get_param: [role_data, {{role.name}}, service_names]}
- step_config: {get_param: [role_data, {{role.name}}, step_config]}
- docker_config: {get_param: [role_data, {{role.name}}, docker_config]}
-
- {{role.name}}DockerConfig:
- type: OS::Heat::Value
- properties:
- type: json
- value:
- yaql:
- expression:
- # select 'docker_config' only from services that have it
- $.data.service_names.zip($.data.docker_config).where($[1] != null).select($[1]).reduce($1.mergeWith($2), {})
- data:
- service_names: {get_param: [role_data, {{role.name}}, service_names]}
- docker_config: {get_param: [role_data, {{role.name}}, docker_config]}
-
# BEGIN CONFIG STEPS
{{role.name}}PreConfig:
update_identifier: {get_param: DeployIdentifier}
{% for step in range(1, deploy_steps_max) %}
-
{{role.name}}Deployment_Step{{step}}:
type: OS::Heat::StructuredDeploymentGroup
depends_on:
# WorkflowTasks_StepX resource and can be remove
# if https://bugs.launchpad.net/heat/+bug/1700569
# is fixed.
- {% if step == 1 %}
- {% for dep in roles %}
+ {%- if step == 1 %}
+ {%- for dep in roles %}
- {{dep.name}}PreConfig
- {{dep.name}}ArtifactsDeploy
- {% endfor %}
- {% else %}
- {% for dep in roles %}
+ {%- endfor %}
+ {%- else %}
+ {%- for dep in roles %}
- {{dep.name}}Deployment_Step{{step -1}}
- {% endfor %}
- {% endif %}
+ {%- endfor %}
+ {%- endif %}
properties:
name: {{role.name}}Deployment_Step{{step}}
servers: {get_param: [servers, {{role.name}}]}
update_identifier: {get_param: DeployIdentifier}
bootstrap_server_id: {get_param: [servers, {{primary_role_name}}, '0']}
docker_puppet_debug: {get_param: DockerPuppetDebug}
-
{% endfor %}
# END CONFIG STEPS
# after all the previous deployment steps.
{{role.name}}ExtraConfigPost:
depends_on:
- {% for dep in roles %}
+ {%- for dep in roles %}
- {{dep.name}}Deployment_Step5
- {% endfor %}
+ {%- endfor %}
type: OS::TripleO::NodeExtraConfigPost
properties:
servers: {get_param: [servers, {{role.name}}]}
{{role.name}}PostConfig:
type: OS::TripleO::Tasks::{{role.name}}PostConfig
depends_on:
- {% for dep in roles %}
+ {%- for dep in roles %}
- {{dep.name}}ExtraConfigPost
- {% endfor %}
+ {%- endfor %}
properties:
servers: {get_param: servers}
input_values:
heat_template_version: pike
-parameters:
- DockerNamespace:
- type: string
- default: tripleoupstream
- description: namespace
- DockerNamespaceIsRegistry:
- type: boolean
- default: false
-
resources:
userdata:
type: OS::Heat::SoftwareConfig
properties:
group: script
- config:
- str_replace:
- params:
- $docker_registry: {get_param: DockerNamespace}
- $docker_namespace_is_registry: {get_param: DockerNamespaceIsRegistry}
- template: {get_file: ./setup_docker_host.sh}
+ config: {get_file: ./setup_docker_host.sh}
outputs:
OS::stack_id:
* puppet_tags: Puppet resource tag names that are used to generate config
files with puppet. Only the named config resources are used to generate
a config file. Any service that specifies tags will have the default
- tags of 'file,concat,file_line,augeas' appended to the setting.
+ tags of 'file,concat,file_line,augeas,cron' appended to the setting.
Example: keystone_config
* config_volume: The name of the volume (directory) where config files
OpenStack containerized aodh service
parameters:
- DockerNamespace:
- description: namespace
- default: 'tripleoupstream'
- type: string
DockerAodhApiImage:
description: image
- default: 'centos-binary-aodh-api:latest'
type: string
DockerAodhConfigImage:
description: The container image to use for the aodh config_volume
- default: 'centos-binary-aodh-api:latest'
type: string
EndpointMap:
default: {}
description: Mapping of service endpoint -> protocol. Typically set
via parameter_defaults in the resource registry.
type: json
+ ServiceData:
+ default: {}
+ description: Dictionary packing service data
+ type: json
ServiceNetMap:
default: {}
description: Mapping of service_name -> network name. Typically set
config_volume: aodh
puppet_tags: aodh_api_paste_ini,aodh_config
step_config: *step_config
- config_image:
- list_join:
- - '/'
- - [ {get_param: DockerNamespace}, {get_param: DockerAodhConfigImage} ]
+ config_image: {get_param: DockerAodhConfigImage}
kolla_config:
/var/lib/kolla/config_files/aodh_api.json:
command: /usr/sbin/httpd -DFOREGROUND
# db sync runs before permissions set by kolla_config
step_2:
aodh_init_log:
- image: &aodh_api_image
- list_join:
- - '/'
- - [ {get_param: DockerNamespace}, {get_param: DockerAodhApiImage} ]
+ image: &aodh_api_image {get_param: DockerAodhApiImage}
user: root
volumes:
- /var/log/containers/aodh:/var/log/aodh
OpenStack containerized Aodh Evaluator service
parameters:
- DockerNamespace:
- description: namespace
- default: 'tripleoupstream'
- type: string
DockerAodhEvaluatorImage:
description: image
- default: 'centos-binary-aodh-evaluator:latest'
type: string
DockerAodhConfigImage:
description: The container image to use for the aodh config_volume
- default: 'centos-binary-aodh-api:latest'
type: string
EndpointMap:
default: {}
description: Mapping of service endpoint -> protocol. Typically set
via parameter_defaults in the resource registry.
type: json
+ ServiceData:
+ default: {}
+ description: Dictionary packing service data
+ type: json
ServiceNetMap:
default: {}
description: Mapping of service_name -> network name. Typically set
type: ../../puppet/services/aodh-evaluator.yaml
properties:
EndpointMap: {get_param: EndpointMap}
+ ServiceData: {get_param: ServiceData}
ServiceNetMap: {get_param: ServiceNetMap}
DefaultPasswords: {get_param: DefaultPasswords}
RoleName: {get_param: RoleName}
config_volume: aodh
puppet_tags: aodh_config
step_config: *step_config
- config_image:
- list_join:
- - '/'
- - [ {get_param: DockerNamespace}, {get_param: DockerAodhConfigImage} ]
+ config_image: {get_param: DockerAodhConfigImage}
kolla_config:
/var/lib/kolla/config_files/aodh_evaluator.json:
command: /usr/bin/aodh-evaluator
docker_config:
step_4:
aodh_evaluator:
- image:
- list_join:
- - '/'
- - [ {get_param: DockerNamespace}, {get_param: DockerAodhEvaluatorImage} ]
+ image: {get_param: DockerAodhEvaluatorImage}
net: host
privileged: false
restart: always
OpenStack containerized Aodh Listener service
parameters:
- DockerNamespace:
- description: namespace
- default: 'tripleoupstream'
- type: string
DockerAodhListenerImage:
description: image
- default: 'centos-binary-aodh-listener:latest'
type: string
DockerAodhConfigImage:
description: The container image to use for the aodh config_volume
- default: 'centos-binary-aodh-api:latest'
type: string
EndpointMap:
default: {}
description: Mapping of service endpoint -> protocol. Typically set
via parameter_defaults in the resource registry.
type: json
+ ServiceData:
+ default: {}
+ description: Dictionary packing service data
+ type: json
ServiceNetMap:
default: {}
description: Mapping of service_name -> network name. Typically set
type: ../../puppet/services/aodh-listener.yaml
properties:
EndpointMap: {get_param: EndpointMap}
+ ServiceData: {get_param: ServiceData}
ServiceNetMap: {get_param: ServiceNetMap}
DefaultPasswords: {get_param: DefaultPasswords}
RoleName: {get_param: RoleName}
config_volume: aodh
puppet_tags: aodh_config
step_config: *step_config
- config_image:
- list_join:
- - '/'
- - [ {get_param: DockerNamespace}, {get_param: DockerAodhConfigImage} ]
+ config_image: {get_param: DockerAodhConfigImage}
kolla_config:
/var/lib/kolla/config_files/aodh_listener.json:
command: /usr/bin/aodh-listener
docker_config:
step_4:
aodh_listener:
- image:
- list_join:
- - '/'
- - [ {get_param: DockerNamespace}, {get_param: DockerAodhListenerImage} ]
+ image: {get_param: DockerAodhListenerImage}
net: host
privileged: false
restart: always
OpenStack containerized Aodh Notifier service
parameters:
- DockerNamespace:
- description: namespace
- default: 'tripleoupstream'
- type: string
DockerAodhNotifierImage:
description: image
- default: 'centos-binary-aodh-notifier:latest'
type: string
DockerAodhConfigImage:
description: The container image to use for the aodh config_volume
- default: 'centos-binary-aodh-api:latest'
type: string
EndpointMap:
default: {}
description: Mapping of service endpoint -> protocol. Typically set
via parameter_defaults in the resource registry.
type: json
+ ServiceData:
+ default: {}
+ description: Dictionary packing service data
+ type: json
ServiceNetMap:
default: {}
description: Mapping of service_name -> network name. Typically set
type: ../../puppet/services/aodh-notifier.yaml
properties:
EndpointMap: {get_param: EndpointMap}
+ ServiceData: {get_param: ServiceData}
ServiceNetMap: {get_param: ServiceNetMap}
DefaultPasswords: {get_param: DefaultPasswords}
RoleName: {get_param: RoleName}
config_volume: aodh
puppet_tags: aodh_config
step_config: *step_config
- config_image:
- list_join:
- - '/'
- - [ {get_param: DockerNamespace}, {get_param: DockerAodhConfigImage} ]
+ config_image: {get_param: DockerAodhConfigImage}
kolla_config:
/var/lib/kolla/config_files/aodh_notifier.json:
command: /usr/bin/aodh-notifier
docker_config:
step_4:
aodh_notifier:
- image:
- list_join:
- - '/'
- - [ {get_param: DockerNamespace}, {get_param: DockerAodhNotifierImage} ]
+ image: {get_param: DockerAodhNotifierImage}
net: host
privileged: false
restart: always
OpenStack containerized Ceilometer Agent Central service
parameters:
- DockerNamespace:
- description: namespace
- default: 'tripleoupstream'
- type: string
DockerCeilometerCentralImage:
description: image
- default: 'centos-binary-ceilometer-central:latest'
type: string
DockerCeilometerConfigImage:
description: The container image to use for the ceilometer config_volume
- default: 'centos-binary-ceilometer-central:latest'
type: string
EndpointMap:
default: {}
description: Mapping of service endpoint -> protocol. Typically set
via parameter_defaults in the resource registry.
type: json
+ ServiceData:
+ default: {}
+ description: Dictionary packing service data
+ type: json
ServiceNetMap:
default: {}
description: Mapping of service_name -> network name. Typically set
type: ../../puppet/services/ceilometer-agent-central.yaml
properties:
EndpointMap: {get_param: EndpointMap}
+ ServiceData: {get_param: ServiceData}
ServiceNetMap: {get_param: ServiceNetMap}
DefaultPasswords: {get_param: DefaultPasswords}
RoleName: {get_param: RoleName}
config_volume: ceilometer
puppet_tags: ceilometer_config
step_config: *step_config
- config_image:
- list_join:
- - '/'
- - [ {get_param: DockerNamespace}, {get_param: DockerCeilometerConfigImage} ]
+ config_image: {get_param: DockerCeilometerConfigImage}
kolla_config:
/var/lib/kolla/config_files/ceilometer_agent_central.json:
command: /usr/bin/ceilometer-polling --polling-namespaces central
step_3:
ceilometer_init_log:
start_order: 0
- image: &ceilometer_agent_central_image
- list_join:
- - '/'
- - [ {get_param: DockerNamespace}, {get_param: DockerCeilometerCentralImage} ]
+ image: &ceilometer_agent_central_image {get_param: DockerCeilometerCentralImage}
user: root
command: ['/bin/bash', '-c', 'chown -R ceilometer:ceilometer /var/log/ceilometer']
volumes:
net: host
detach: false
privileged: false
+ user: root
volumes:
list_concat:
- {get_attr: [ContainersCommon, volumes]}
-
- /var/lib/config-data/ceilometer/etc/ceilometer/:/etc/ceilometer/:ro
- /var/log/containers/ceilometer:/var/log/ceilometer
- command: ["/usr/bin/ceilometer-upgrade", "--skip-metering-database"]
+ command:
+ - '/usr/bin/bootstrap_host_exec'
+ - 'ceilometer_agent_central'
+ - "su ceilometer -s /bin/bash -c '/usr/bin/ceilometer-upgrade --skip-metering-database'"
upgrade_tasks:
- name: Stop and disable ceilometer agent central service
tags: step2
OpenStack containerized Ceilometer Agent Compute service
parameters:
- DockerNamespace:
- description: namespace
- default: 'tripleoupstream'
- type: string
DockerCeilometerComputeImage:
description: image
- default: 'centos-binary-ceilometer-compute:latest'
type: string
DockerCeilometerConfigImage:
description: The container image to use for the ceilometer config_volume
- default: 'centos-binary-ceilometer-central:latest'
type: string
EndpointMap:
default: {}
description: Mapping of service endpoint -> protocol. Typically set
via parameter_defaults in the resource registry.
type: json
+ ServiceData:
+ default: {}
+ description: Dictionary packing service data
+ type: json
ServiceNetMap:
default: {}
description: Mapping of service_name -> network name. Typically set
type: ../../puppet/services/ceilometer-agent-compute.yaml
properties:
EndpointMap: {get_param: EndpointMap}
+ ServiceData: {get_param: ServiceData}
ServiceNetMap: {get_param: ServiceNetMap}
DefaultPasswords: {get_param: DefaultPasswords}
RoleName: {get_param: RoleName}
config_volume: ceilometer
puppet_tags: ceilometer_config
step_config: *step_config
- config_image:
- list_join:
- - '/'
- - [ {get_param: DockerNamespace}, {get_param: DockerCeilometerConfigImage} ]
+ config_image: {get_param: DockerCeilometerConfigImage}
kolla_config:
/var/lib/kolla/config_files/ceilometer_agent_compute.json:
command: /usr/bin/ceilometer-polling --polling-namespaces compute
docker_config:
step_4:
ceilometer_agent_compute:
- image:
- list_join:
- - '/'
- - [ {get_param: DockerNamespace}, {get_param: DockerCeilometerComputeImage} ]
+ image: {get_param: DockerCeilometerComputeImage}
net: host
privileged: false
restart: always
OpenStack containerized Ceilometer Agent Ipmi service
parameters:
- DockerNamespace:
- description: namespace
- default: 'tripleoupstream'
- type: string
DockerCeilometerIpmiImage:
description: image
- default: 'centos-binary-ceilometer-ipmi:latest'
type: string
DockerCeilometerConfigImage:
description: The container image to use for the ceilometer config_volume
- default: 'centos-binary-ceilometer-central:latest'
type: string
EndpointMap:
default: {}
description: Mapping of service endpoint -> protocol. Typically set
via parameter_defaults in the resource registry.
type: json
+ ServiceData:
+ default: {}
+ description: Dictionary packing service data
+ type: json
ServiceNetMap:
default: {}
description: Mapping of service_name -> network name. Typically set
type: ../../puppet/services/ceilometer-agent-ipmi.yaml
properties:
EndpointMap: {get_param: EndpointMap}
+ ServiceData: {get_param: ServiceData}
ServiceNetMap: {get_param: ServiceNetMap}
DefaultPasswords: {get_param: DefaultPasswords}
RoleName: {get_param: RoleName}
config_volume: ceilometer
puppet_tags: ceilometer_config
step_config: *step_config
- config_image:
- list_join:
- - '/'
- - [ {get_param: DockerNamespace}, {get_param: DockerCeilometerConfigImage} ]
+ config_image: {get_param: DockerCeilometerConfigImage}
kolla_config:
/var/lib/kolla/config_files/ceilometer-agent-ipmi.json:
command: /usr/bin/ceilometer-polling --polling-namespaces ipmi
step_3:
ceilometer_init_log:
start_order: 0
- image: &ceilometer_agent_ipmi_image
- list_join:
- - '/'
- - [ {get_param: DockerNamespace}, {get_param: DockerCeilometerIpmiImage} ]
+ image: &ceilometer_agent_ipmi_image {get_param: DockerCeilometerIpmiImage}
user: root
command: ['/bin/bash', '-c', 'chown -R ceilometer:ceilometer /var/log/ceilometer']
volumes:
OpenStack containerized Ceilometer Agent Notification service
parameters:
- DockerNamespace:
- description: namespace
- default: 'tripleoupstream'
- type: string
DockerCeilometerNotificationImage:
description: image
- default: 'centos-binary-ceilometer-notification:latest'
type: string
DockerCeilometerConfigImage:
description: The container image to use for the ceilometer config_volume
- default: 'centos-binary-ceilometer-central:latest'
type: string
EndpointMap:
default: {}
description: Mapping of service endpoint -> protocol. Typically set
via parameter_defaults in the resource registry.
type: json
+ ServiceData:
+ default: {}
+ description: Dictionary packing service data
+ type: json
ServiceNetMap:
default: {}
description: Mapping of service_name -> network name. Typically set
type: ../../puppet/services/ceilometer-agent-notification.yaml
properties:
EndpointMap: {get_param: EndpointMap}
+ ServiceData: {get_param: ServiceData}
ServiceNetMap: {get_param: ServiceNetMap}
DefaultPasswords: {get_param: DefaultPasswords}
RoleName: {get_param: RoleName}
config_volume: ceilometer
puppet_tags: ceilometer_config
step_config: *step_config
- config_image:
- list_join:
- - '/'
- - [ {get_param: DockerNamespace}, {get_param: DockerCeilometerConfigImage} ]
+ config_image: {get_param: DockerCeilometerConfigImage}
kolla_config:
/var/lib/kolla/config_files/ceilometer_agent_notification.json:
command: /usr/bin/ceilometer-agent-notification
step_3:
ceilometer_init_log:
start_order: 0
- image: &ceilometer_agent_notification_image
- list_join:
- - '/'
- - [ {get_param: DockerNamespace}, {get_param: DockerCeilometerNotificationImage} ]
+ image: &ceilometer_agent_notification_image {get_param: DockerCeilometerNotificationImage}
user: root
command: ['/bin/bash', '-c', 'chown -R ceilometer:ceilometer /var/log/ceilometer']
volumes:
--- /dev/null
+heat_template_version: pike
+
+description: >
+ Ceph base service. Shared by all Ceph services.
+
+parameters:
+ ServiceData:
+ default: {}
+ description: Dictionary packing service data
+ type: json
+ ServiceNetMap:
+ default: {}
+ description: Mapping of service_name -> network name. Typically set
+ via parameter_defaults in the resource registry. This
+ mapping overrides those in ServiceNetMapDefaults.
+ type: json
+ DefaultPasswords:
+ default: {}
+ type: json
+ RoleName:
+ default: ''
+ description: Role name on which the service is applied
+ type: string
+ RoleParameters:
+ default: {}
+ description: Parameters specific to the role
+ type: json
+ EndpointMap:
+ default: {}
+ description: Mapping of service endpoint -> protocol. Typically set
+ via parameter_defaults in the resource registry.
+ type: json
+ CephAnsibleWorkflowName:
+ type: string
+ description: Name of the Mistral workflow to execute
+ default: tripleo.storage.v1.ceph-install
+ CephAnsiblePlaybook:
+ type: string
+ description: Path to the ceph-ansible playbook to execute
+ default: /usr/share/ceph-ansible/site-docker.yml.sample
+ CephAnsibleExtraConfig:
+ type: json
+ description: Extra vars for the ceph-ansible playbook
+ default: {}
+ CephClusterFSID:
+ type: string
+ description: The Ceph cluster FSID. Must be a UUID.
+ CephPoolDefaultPgNum:
+ description: default pg_num to use for the RBD pools
+ type: number
+ default: 32
+ CephPools:
+ description: >
+ It can be used to override settings for one of the predefined pools, or to create
+ additional ones. Example:
+ {
+ "volumes": {
+ "size": 5,
+ "pg_num": 128,
+ "pgp_num": 128
+ }
+ }
+ default: {}
+ type: json
+ CinderRbdPoolName:
+ default: volumes
+ type: string
+ CinderBackupRbdPoolName:
+ default: backups
+ type: string
+ GlanceRbdPoolName:
+ default: images
+ type: string
+ GnocchiRbdPoolName:
+ default: metrics
+ type: string
+ NovaRbdPoolName:
+ default: vms
+ type: string
+ CephClientKey:
+ description: The Ceph client key. Can be created with ceph-authtool --gen-print-key. Currently only used for external Ceph deployments to create the openstack user keyring.
+ type: string
+ hidden: true
+ CephClientUserName:
+ default: openstack
+ type: string
+ CephPoolDefaultSize:
+ description: default minimum replication for RBD copies
+ type: number
+ default: 3
+ CephIPv6:
+ default: False
+ type: boolean
+ DockerCephDaemonImage:
+ description: image
+ type: string
+ default: 'ceph/daemon:tag-build-master-jewel-centos-7'
+
+conditions:
+ custom_registry_host:
+ yaql:
+ data: {get_param: DockerCephDaemonImage}
+ expression: $.data.split('/')[0].matches('(\.|:)')
+
+outputs:
+ role_data:
+ description: Role data for the Ceph base service.
+ value:
+ service_name: ceph_base
+ upgrade_tasks: []
+ step_config: ''
+ puppet_config:
+ config_image: ''
+ config_volume: ''
+ step_config: ''
+ docker_config: {}
+ service_workflow_tasks:
+ step2:
+ - name: ceph_base_ansible_workflow
+ workflow: { get_param: CephAnsibleWorkflowName }
+ input:
+ ceph_ansible_extra_vars: {get_param: CephAnsibleExtraConfig}
+ ceph_ansible_playbook: {get_param: CephAnsiblePlaybook}
+ config_settings:
+ ceph_common_ansible_vars:
+ fsid: { get_param: CephClusterFSID }
+ docker: true
+ ceph_docker_registry:
+ if:
+ - custom_registry_host
+ - yaql:
+ expression: regex('(?:https?://)?(.*)/').split($.data)[1]
+ data: {str_split: [':', {get_param: DockerCephDaemonImage}, 0]}
+ - docker.io
+ ceph_docker_image:
+ if:
+ - custom_registry_host
+ - yaql:
+ expression: regex('(?:https?://)?(.*)/').split($.data)[2]
+ data: {str_split: [':', {get_param: DockerCephDaemonImage}, 0]}
+ - {str_split: [':', {get_param: DockerCephDaemonImage}, 0]}
+ ceph_docker_image_tag: {str_split: [':', {get_param: DockerCephDaemonImage}, 1]}
+ containerized_deployment: true
+ public_network: {get_param: [ServiceData, net_cidr_map, {get_param: [ServiceNetMap, CephMonNetwork]}]}
+ cluster_network: {get_param: [ServiceData, net_cidr_map, {get_param: [ServiceNetMap, CephClusterNetwork]}]}
+ user_config: true
+ ceph_stable: true
+ ceph_origin: distro
+ openstack_config: true
+ openstack_pools:
+ list_concat:
+ - repeat:
+ template:
+ name: <%pool%>
+ pg_num: {get_param: CephPoolDefaultPgNum}
+ rule_name: ""
+ for_each:
+ <%pool%>:
+ - {get_param: CinderRbdPoolName}
+ - {get_param: CinderBackupRbdPoolName}
+ - {get_param: NovaRbdPoolName}
+ - {get_param: GlanceRbdPoolName}
+ - {get_param: GnocchiRbdPoolName}
+ - repeat:
+ template:
+ name: <%pool%>
+ pg_num: {get_param: CephPoolDefaultPgNum}
+ rule_name: ""
+ for_each:
+ <%pool%>: {get_param: CephPools}
+ openstack_keys: &openstack_keys
+ - name:
+ list_join:
+ - '.'
+ - - client
+ - {get_param: CephClientUserName}
+ key: {get_param: CephClientKey}
+ mon_cap: "allow r"
+ osd_cap:
+ str_replace:
+ template: "allow class-read object_prefix rbd_children, allow rwx pool=CINDER_POOL, allow rwx pool=CINDERBACKUP_POOL, allow rwx pool=NOVA_POOL, allow rwx pool=GLANCE_POOL, allow rwx pool=GNOCCHI_POOL"
+ params:
+ NOVA_POOL: {get_param: NovaRbdPoolName}
+ CINDER_POOL: {get_param: CinderRbdPoolName}
+ CINDERBACKUP_POOL: {get_param: CinderBackupRbdPoolName}
+ GLANCE_POOL: {get_param: GlanceRbdPoolName}
+ GNOCCHI_POOL: {get_param: GnocchiRbdPoolName}
+ acls:
+ - "u:glance:r--"
+ - "u:nova:r--"
+ - "u:cinder:r--"
+ - "u:gnocchi:r--"
+ keys: *openstack_keys
+ pools: []
+ ceph_conf_overrides:
+ global:
+ osd_pool_default_size: {get_param: CephPoolDefaultSize}
+ osd_pool_default_pg_num: {get_param: CephPoolDefaultPgNum}
+ ntp_service_enabled: false
+ generate_fsid: false
+ ip_version:
+ if:
+ - {get_param: CephIPv6}
+ - ipv6
+ - ipv4
heat_template_version: pike
description: >
- Provision Contrail services after deployment
+ Ceph Client service.
parameters:
+ ServiceData:
+ default: {}
+ description: Dictionary packing service data
+ type: json
ServiceNetMap:
default: {}
description: Mapping of service_name -> network name. Typically set
type: json
resources:
- ContrailBase:
- type: ./contrail-base.yaml
+ CephBase:
+ type: ./ceph-base.yaml
properties:
+ ServiceData: {get_param: ServiceData}
ServiceNetMap: {get_param: ServiceNetMap}
DefaultPasswords: {get_param: DefaultPasswords}
EndpointMap: {get_param: EndpointMap}
outputs:
role_data:
- description: Contrail provisioning role
+ description: Role data for the Ceph Client service.
value:
- service_name: contrail_provision
- config_settings:
- map_merge:
- - get_attr: [ContrailBase, role_data, config_settings]
- step_config: |
- include ::tripleo::network::contrail::provision
+ service_name: ceph_client
+ upgrade_tasks: []
+ step_config: ''
+ puppet_config:
+ config_image: ''
+ config_volume: ''
+ step_config: ''
+ docker_config: {}
+ service_workflow_tasks: {get_attr: [CephBase, role_data, service_workflow_tasks]}
+ config_settings: {}
--- /dev/null
+heat_template_version: pike
+
+description: >
+ Ceph Monitor service.
+
+parameters:
+ ServiceData:
+ default: {}
+ description: Dictionary packing service data
+ type: json
+ ServiceNetMap:
+ default: {}
+ description: Mapping of service_name -> network name. Typically set
+ via parameter_defaults in the resource registry. This
+ mapping overrides those in ServiceNetMapDefaults.
+ type: json
+ DefaultPasswords:
+ default: {}
+ type: json
+ RoleName:
+ default: ''
+ description: Role name on which the service is applied
+ type: string
+ RoleParameters:
+ default: {}
+ description: Parameters specific to the role
+ type: json
+ EndpointMap:
+ default: {}
+ description: Mapping of service endpoint -> protocol. Typically set
+ via parameter_defaults in the resource registry.
+ type: json
+ CephMonKey:
+ description: The Ceph monitors key. Can be created with ceph-authtool --gen-print-key.
+ type: string
+ hidden: true
+ CephAdminKey:
+ default: ''
+ description: The Ceph admin client key. Can be created with ceph-authtool --gen-print-key.
+ type: string
+ hidden: true
+ CephValidationRetries:
+ type: number
+ default: 40
+ description: Number of retry attempts for Ceph validation
+ CephValidationDelay:
+ type: number
+ default: 30
+ description: Interval (in seconds) in between validation checks
+
+resources:
+ CephBase:
+ type: ./ceph-base.yaml
+ properties:
+ ServiceData: {get_param: ServiceData}
+ ServiceNetMap: {get_param: ServiceNetMap}
+ DefaultPasswords: {get_param: DefaultPasswords}
+ EndpointMap: {get_param: EndpointMap}
+ RoleName: {get_param: RoleName}
+ RoleParameters: {get_param: RoleParameters}
+
+outputs:
+ role_data:
+ description: Role data for the Ceph Monitor service.
+ value:
+ service_name: ceph_mon
+ upgrade_tasks: []
+ step_config: ''
+ puppet_config:
+ config_image: ''
+ config_volume: ''
+ step_config: ''
+ docker_config: {}
+ service_workflow_tasks: {get_attr: [CephBase, role_data, service_workflow_tasks]}
+ config_settings:
+ map_merge:
+ - tripleo.ceph_mon.firewall_rules:
+ '110 ceph_mon':
+ dport:
+ - 6789
+ - ceph_mon_ansible_vars:
+ map_merge:
+ - {get_attr: [CephBase, role_data, config_settings, ceph_common_ansible_vars]}
+ - monitor_secret: {get_param: CephMonKey}
+ admin_secret: {get_param: CephAdminKey}
+ monitor_interface: br_ex
--- /dev/null
+heat_template_version: pike
+
+description: >
+ Ceph OSD service.
+
+parameters:
+ ServiceData:
+ default: {}
+ description: Dictionary packing service data
+ type: json
+ ServiceNetMap:
+ default: {}
+ description: Mapping of service_name -> network name. Typically set
+ via parameter_defaults in the resource registry. This
+ mapping overrides those in ServiceNetMapDefaults.
+ type: json
+ DefaultPasswords:
+ default: {}
+ type: json
+ RoleName:
+ default: ''
+ description: Role name on which the service is applied
+ type: string
+ RoleParameters:
+ default: {}
+ description: Parameters specific to the role
+ type: json
+ EndpointMap:
+ default: {}
+ description: Mapping of service endpoint -> protocol. Typically set
+ via parameter_defaults in the resource registry.
+ type: json
+ CephAnsibleDisksConfig:
+ type: json
+ description: Disks config settings for ceph-ansible
+ default:
+ devices:
+ - /dev/vdb
+ journal_size: 512
+ journal_collocation: true
+
+resources:
+ CephBase:
+ type: ./ceph-base.yaml
+ properties:
+ ServiceData: {get_param: ServiceData}
+ ServiceNetMap: {get_param: ServiceNetMap}
+ DefaultPasswords: {get_param: DefaultPasswords}
+ EndpointMap: {get_param: EndpointMap}
+ RoleName: {get_param: RoleName}
+ RoleParameters: {get_param: RoleParameters}
+
+outputs:
+ role_data:
+ description: Role data for the Ceph OSD service.
+ value:
+ service_name: ceph_osd
+ upgrade_tasks: []
+ step_config: ''
+ puppet_config:
+ config_image: ''
+ config_volume: ''
+ step_config: ''
+ docker_config: {}
+ service_workflow_tasks: {get_attr: [CephBase, role_data, service_workflow_tasks]}
+ config_settings:
+ map_merge:
+ - tripleo.ceph_osd.firewall_rules:
+ '111 ceph_osd':
+ dport:
+ - '6800-7300'
+ - ceph_osd_ansible_vars:
+ map_merge:
+ - {get_attr: [CephBase, role_data, config_settings, ceph_common_ansible_vars]}
+ - {get_param: CephAnsibleDisksConfig}
\ No newline at end of file
OpenStack containerized Cinder API service
parameters:
- DockerNamespace:
- description: namespace
- default: 'tripleoupstream'
- type: string
DockerCinderApiImage:
description: image
- default: 'centos-binary-cinder-api:latest'
type: string
DockerCinderConfigImage:
description: The container image to use for the cinder config_volume
- default: 'centos-binary-cinder-api:latest'
type: string
EndpointMap:
default: {}
description: Mapping of service endpoint -> protocol. Typically set
via parameter_defaults in the resource registry.
type: json
+ ServiceData:
+ default: {}
+ description: Dictionary packing service data
+ type: json
ServiceNetMap:
default: {}
description: Mapping of service_name -> network name. Typically set
type: ../../puppet/services/cinder-api.yaml
properties:
EndpointMap: {get_param: EndpointMap}
+ ServiceData: {get_param: ServiceData}
ServiceNetMap: {get_param: ServiceNetMap}
DefaultPasswords: {get_param: DefaultPasswords}
RoleName: {get_param: RoleName}
config_volume: cinder
puppet_tags: cinder_config,file,concat,file_line
step_config: *step_config
- config_image:
- list_join:
- - '/'
- - [ {get_param: DockerNamespace}, {get_param: DockerCinderConfigImage} ]
+ config_image: {get_param: DockerCinderConfigImage}
kolla_config:
/var/lib/kolla/config_files/cinder_api.json:
command: /usr/sbin/httpd -DFOREGROUND
- path: /var/log/cinder
owner: cinder:cinder
recurse: true
+ /var/lib/kolla/config_files/cinder_api_cron.json:
+ command: /usr/sbin/crond -n
+ config_files:
+ - source: "/var/lib/kolla/config_files/src/*"
+ dest: "/"
+ merge: true
+ preserve_properties: true
+ permissions:
+ - path: /var/log/cinder
+ owner: cinder:cinder
+ recurse: true
docker_config:
step_2:
cinder_api_init_logs:
- image: &cinder_api_image
- list_join:
- - '/'
- - [ {get_param: DockerNamespace}, {get_param: DockerCinderApiImage} ]
+ image: &cinder_api_image {get_param: DockerCinderApiImage}
privileged: false
user: root
volumes:
- ''
environment:
- KOLLA_CONFIG_STRATEGY=COPY_ALWAYS
+ cinder_api_cron:
+ image: *cinder_api_image
+ net: host
+ privileged: false
+ restart: always
+ volumes:
+ list_concat:
+ - {get_attr: [ContainersCommon, volumes]}
+ -
+ - /var/lib/kolla/config_files/cinder_api_cron.json:/var/lib/kolla/config_files/config.json:ro
+ - /var/lib/config-data/puppet-generated/cinder/:/var/lib/kolla/config_files/src:ro
+ - /var/log/containers/cinder:/var/log/cinder
+ environment:
+ - KOLLA_CONFIG_STRATEGY=COPY_ALWAYS
+
host_prep_tasks:
- name: create persistent logs directory
file:
OpenStack containerized Cinder Backup service
parameters:
- DockerNamespace:
- description: namespace
- default: 'tripleoupstream'
- type: string
DockerCinderBackupImage:
description: image
- default: 'centos-binary-cinder-backup:latest'
type: string
DockerCinderConfigImage:
description: The container image to use for the cinder config_volume
- default: 'centos-binary-cinder-api:latest'
type: string
EndpointMap:
default: {}
description: Mapping of service endpoint -> protocol. Typically set
via parameter_defaults in the resource registry.
type: json
+ ServiceData:
+ default: {}
+ description: Dictionary packing service data
+ type: json
ServiceNetMap:
default: {}
description: Mapping of service_name -> network name. Typically set
type: ../../puppet/services/cinder-backup.yaml
properties:
EndpointMap: {get_param: EndpointMap}
+ ServiceData: {get_param: ServiceData}
ServiceNetMap: {get_param: ServiceNetMap}
DefaultPasswords: {get_param: DefaultPasswords}
RoleName: {get_param: RoleName}
config_volume: cinder
puppet_tags: cinder_config,file,concat,file_line
step_config: *step_config
- config_image:
- list_join:
- - '/'
- - [ {get_param: DockerNamespace}, {get_param: DockerCinderConfigImage} ]
+ config_image: {get_param: DockerCinderConfigImage}
kolla_config:
/var/lib/kolla/config_files/cinder_backup.json:
command: /usr/bin/cinder-backup --config-file /usr/share/cinder/cinder-dist.conf --config-file /etc/cinder/cinder.conf
config_files:
- # NOTE(mandre): the copy of ceph conf will need to go once we
- # generate a ceph.conf for cinder in puppet
- # Copy ceph config files before cinder ones as a precaution, for
- # the later one to take precendence in case of duplicate files.
- - source: "/var/lib/kolla/config_files/src-ceph/*"
+ - source: "/var/lib/kolla/config_files/src/*"
dest: "/"
merge: true
preserve_properties: true
- - source: "/var/lib/kolla/config_files/src/*"
+ - source: "/var/lib/kolla/config_files/src-ceph/"
+ dest: "/etc/ceph/"
+ merge: true
+ preserve_properties: true
+ - source: "/var/lib/kolla/config_files/src-iscsid/*"
dest: "/"
merge: true
preserve_properties: true
step_3:
cinder_backup_init_logs:
start_order: 0
- image: &cinder_backup_image
- list_join:
- - '/'
- - [ {get_param: DockerNamespace}, {get_param: DockerCinderBackupImage} ]
+ image: &cinder_backup_image {get_param: DockerCinderBackupImage}
privileged: false
user: root
volumes:
-
- /var/lib/kolla/config_files/cinder_backup.json:/var/lib/kolla/config_files/config.json:ro
- /var/lib/config-data/puppet-generated/cinder/:/var/lib/kolla/config_files/src:ro
- # FIXME: we need to generate a ceph.conf with puppet for this
+ - /var/lib/config-data/puppet-generated/iscsid/:/var/lib/kolla/config_files/src-iscsid:ro
- /var/lib/config-data/puppet-generated/ceph/:/var/lib/kolla/config_files/src-ceph:ro
+ - /etc/ceph:/var/lib/kolla/config_files/src-ceph:ro
- /dev/:/dev/
- /run/:/run/
- /sys:/sys
- /lib/modules:/lib/modules:ro
- - /etc/iscsi:/etc/iscsi
- /var/lib/cinder:/var/lib/cinder
- /var/log/containers/cinder:/var/log/cinder
environment:
with_items:
- /var/lib/cinder
- /var/log/containers/cinder
+ - name: ensure ceph configurations exist
+ file:
+ path: /etc/ceph
+ state: directory
upgrade_tasks:
- name: Stop and disable cinder_backup service
tags: step2
OpenStack containerized Cinder Scheduler service
parameters:
- DockerNamespace:
- description: namespace
- default: 'tripleoupstream'
- type: string
DockerCinderSchedulerImage:
description: image
- default: 'centos-binary-cinder-scheduler:latest'
type: string
DockerCinderConfigImage:
description: The container image to use for the cinder config_volume
- default: 'centos-binary-cinder-api:latest'
type: string
EndpointMap:
default: {}
description: Mapping of service endpoint -> protocol. Typically set
via parameter_defaults in the resource registry.
type: json
+ ServiceData:
+ default: {}
+ description: Dictionary packing service data
+ type: json
ServiceNetMap:
default: {}
description: Mapping of service_name -> network name. Typically set
type: ../../puppet/services/cinder-scheduler.yaml
properties:
EndpointMap: {get_param: EndpointMap}
+ ServiceData: {get_param: ServiceData}
ServiceNetMap: {get_param: ServiceNetMap}
DefaultPasswords: {get_param: DefaultPasswords}
RoleName: {get_param: RoleName}
config_volume: cinder
puppet_tags: cinder_config,file,concat,file_line
step_config: *step_config
- config_image:
- list_join:
- - '/'
- - [ {get_param: DockerNamespace}, {get_param: DockerCinderConfigImage} ]
+ config_image: {get_param: DockerCinderConfigImage}
kolla_config:
/var/lib/kolla/config_files/cinder_scheduler.json:
command: /usr/bin/cinder-scheduler --config-file /usr/share/cinder/cinder-dist.conf --config-file /etc/cinder/cinder.conf
docker_config:
step_2:
cinder_scheduler_init_logs:
- image: &cinder_scheduler_image
- list_join:
- - '/'
- - [ {get_param: DockerNamespace}, {get_param: DockerCinderSchedulerImage} ]
+ image: &cinder_scheduler_image {get_param: DockerCinderSchedulerImage}
privileged: false
user: root
volumes:
OpenStack containerized Cinder Volume service
parameters:
- DockerNamespace:
- description: namespace
- default: 'tripleoupstream'
- type: string
DockerCinderVolumeImage:
description: image
- default: 'centos-binary-cinder-volume:latest'
type: string
DockerCinderConfigImage:
description: The container image to use for the cinder config_volume
- default: 'centos-binary-cinder-api:latest'
type: string
EndpointMap:
default: {}
description: Mapping of service endpoint -> protocol. Typically set
via parameter_defaults in the resource registry.
type: json
+ ServiceData:
+ default: {}
+ description: Dictionary packing service data
+ type: json
ServiceNetMap:
default: {}
description: Mapping of service_name -> network name. Typically set
type: ../../puppet/services/cinder-volume.yaml
properties:
EndpointMap: {get_param: EndpointMap}
+ ServiceData: {get_param: ServiceData}
ServiceNetMap: {get_param: ServiceNetMap}
DefaultPasswords: {get_param: DefaultPasswords}
RoleName: {get_param: RoleName}
description: Role data for the Cinder Volume role.
value:
service_name: {get_attr: [CinderBase, role_data, service_name]}
- config_settings: {get_attr: [CinderBase, role_data, config_settings]}
+ config_settings:
+ map_merge:
+ - get_attr: [CinderBase, role_data, config_settings]
+ - tripleo::profile::base::lvm::enable_udev: false
step_config: &step_config
- get_attr: [CinderBase, role_data, step_config]
+ list_join:
+ - "\n"
+ - - "include ::tripleo::profile::base::lvm"
+ - get_attr: [CinderBase, role_data, step_config]
service_config_settings: {get_attr: [CinderBase, role_data, service_config_settings]}
# BEGIN DOCKER SETTINGS
puppet_config:
config_volume: cinder
puppet_tags: cinder_config,file,concat,file_line
step_config: *step_config
- config_image:
- list_join:
- - '/'
- - [ {get_param: DockerNamespace}, {get_param: DockerCinderConfigImage} ]
+ config_image: {get_param: DockerCinderConfigImage}
kolla_config:
/var/lib/kolla/config_files/cinder_volume.json:
command: /usr/bin/cinder-volume --config-file /usr/share/cinder/cinder-dist.conf --config-file /etc/cinder/cinder.conf
config_files:
- # NOTE(mandre): the copy of ceph conf will need to go once we
- # generate a ceph.conf for cinder in puppet
- # Copy ceph config files before cinder ones as a precaution, for
- # the later one to take precendence in case of duplicate files.
- - source: "/var/lib/kolla/config_files/src-ceph/*"
+ - source: "/var/lib/kolla/config_files/src/*"
dest: "/"
merge: true
preserve_properties: true
- - source: "/var/lib/kolla/config_files/src/*"
+ - source: "/var/lib/kolla/config_files/src-ceph/"
+ dest: "/etc/ceph/"
+ merge: true
+ preserve_properties: true
+ - source: "/var/lib/kolla/config_files/src-iscsid/*"
dest: "/"
merge: true
preserve_properties: true
step_3:
cinder_volume_init_logs:
start_order: 0
- image: &cinder_volume_image
- list_join:
- - '/'
- - [ {get_param: DockerNamespace}, {get_param: DockerCinderVolumeImage} ]
+ image: &cinder_volume_image {get_param: DockerCinderVolumeImage}
privileged: false
user: root
volumes:
-
- /var/lib/kolla/config_files/cinder_volume.json:/var/lib/kolla/config_files/config.json:ro
- /var/lib/config-data/puppet-generated/cinder/:/var/lib/kolla/config_files/src:ro
- # FIXME: we need to generate a ceph.conf with puppet for this
+ - /var/lib/config-data/puppet-generated/iscsid/:/var/lib/kolla/config_files/src-iscsid:ro
- /var/lib/config-data/puppet-generated/ceph/:/var/lib/kolla/config_files/src-ceph:ro
+ - /etc/ceph:/var/lib/kolla/config_files/src-ceph:ro
+ - /lib/modules:/lib/modules:ro
- /dev/:/dev/
- /run/:/run/
- /sys:/sys
- - /etc/iscsi:/etc/iscsi
- /var/lib/cinder:/var/lib/cinder
- /var/log/containers/cinder:/var/log/cinder
environment:
with_items:
- /var/log/containers/cinder
- /var/lib/cinder
+ - name: ensure ceph configurations exist
+ file:
+ path: /etc/ceph
+ state: directory
- name: cinder_enable_iscsi_backend fact
set_fact:
cinder_enable_iscsi_backend: {get_param: CinderEnableIscsiBackend}
Containerized collectd service
parameters:
- DockerNamespace:
- description: namespace
- default: 'tripleoupstream'
- type: string
DockerCollectdImage:
description: image
- default: 'centos-binary-collectd:latest'
type: string
DockerCollectdConfigImage:
description: The container image to use for the collectd config_volume
- default: 'centos-binary-collectd:latest'
type: string
EndpointMap:
default: {}
description: Mapping of service endpoint -> protocol. Typically set
via parameter_defaults in the resource registry.
type: json
+ ServiceData:
+ default: {}
+ description: Dictionary packing service data
+ type: json
ServiceNetMap:
default: {}
description: Mapping of service_name -> network name. Typically set
type: ../../puppet/services/metrics/collectd.yaml
properties:
EndpointMap: {get_param: EndpointMap}
+ ServiceData: {get_param: ServiceData}
ServiceNetMap: {get_param: ServiceNetMap}
DefaultPasswords: {get_param: DefaultPasswords}
RoleName: {get_param: RoleName}
config_volume: collectd
puppet_tags: collectd_client_config
step_config: *step_config
- config_image:
- list_join:
- - '/'
- - [ {get_param: DockerNamespace}, {get_param: DockerCollectdConfigImage} ]
+ config_image: {get_param: DockerCollectdConfigImage}
kolla_config:
/var/lib/kolla/config_files/collectd.json:
command: /usr/sbin/collectd -f
docker_config:
step_3:
collectd:
- image:
- list_join:
- - '/'
- - [ {get_param: DockerNamespace}, {get_param: DockerCollectdImage} ]
+ image: {get_param: DockerCollectdImage}
net: host
+ pid: host
privileged: true
+ user: root
restart: always
volumes:
list_concat:
- {get_attr: [ContainersCommon, volumes]}
-
- - /var/run/docker.sock:/var/run/docker.sock:rw
- /var/lib/kolla/config_files/collectd.json:/var/lib/kolla/config_files/config.json:ro
- /var/lib/config-data/puppet-generated/collectd/:/var/lib/kolla/config_files/src:ro
+ - /var/log/containers/collectd:/var/log/collectd:rw
environment:
- KOLLA_CONFIG_STRATEGY=COPY_ALWAYS
host_prep_tasks:
OpenStack containerized Congress API service
parameters:
- DockerNamespace:
- description: namespace
- default: 'tripleoupstream'
- type: string
DockerCongressApiImage:
description: image
- default: 'centos-binary-congress-api:latest'
type: string
DockerCongressConfigImage:
description: The container image to use for the congress config_volume
- default: 'centos-binary-congress-api:latest'
type: string
EndpointMap:
default: {}
description: Mapping of service endpoint -> protocol. Typically set
via parameter_defaults in the resource registry.
type: json
+ ServiceData:
+ default: {}
+ description: Dictionary packing service data
+ type: json
ServiceNetMap:
default: {}
description: Mapping of service_name -> network name. Typically set
type: ../../puppet/services/congress.yaml
properties:
EndpointMap: {get_param: EndpointMap}
+ ServiceData: {get_param: ServiceData}
ServiceNetMap: {get_param: ServiceNetMap}
DefaultPasswords: {get_param: DefaultPasswords}
RoleName: {get_param: RoleName}
config_volume: congress
puppet_tags: congress_config
step_config: *step_config
- config_image:
- list_join:
- - '/'
- - [ {get_param: DockerNamespace}, {get_param: DockerCongressConfigImage} ]
+ config_image: {get_param: DockerCongressConfigImage}
kolla_config:
/var/lib/kolla/config_files/congress_api.json:
command: /usr/bin/congress-server --config-file=/etc/congress/congress.conf --log-file=/var/log/congress/api.log
# db sync runs before permissions set by kolla_config
step_2:
congress_init_logs:
- image: &congress_api_image
- list_join:
- - '/'
- - [ {get_param: DockerNamespace}, {get_param: DockerCongressApiImage} ]
+ image: &congress_api_image {get_param: DockerCongressApiImage}
privileged: false
user: root
volumes:
description: Mapping of service endpoint -> protocol. Typically set
via parameter_defaults in the resource registry.
type: json
+ ServiceData:
+ default: {}
+ description: Dictionary packing service data
+ type: json
ServiceNetMap:
default: {}
description: Mapping of service_name -> network name. Typically set
MongoDB service deployment using puppet and docker
parameters:
- DockerNamespace:
- description: namespace
- default: 'tripleoupstream'
- type: string
DockerMongodbImage:
description: image
- default: 'centos-binary-mongodb:latest'
type: string
DockerMongodbConfigImage:
description: The container image to use for the mongodb config_volume
- default: 'centos-binary-mongodb:latest'
type: string
EndpointMap:
default: {}
description: Mapping of service endpoint -> protocol. Typically set
via parameter_defaults in the resource registry.
type: json
+ ServiceData:
+ default: {}
+ description: Dictionary packing service data
+ type: json
ServiceNetMap:
default: {}
description: Mapping of service_name -> network name. Typically set
type: ../../../puppet/services/database/mongodb.yaml
properties:
EndpointMap: {get_param: EndpointMap}
+ ServiceData: {get_param: ServiceData}
ServiceNetMap: {get_param: ServiceNetMap}
DefaultPasswords: {get_param: DefaultPasswords}
RoleName: {get_param: RoleName}
config_volume: mongodb
puppet_tags: file # set this even though file is the default
step_config: *step_config
- config_image: &mongodb_config_image
- list_join:
- - '/'
- - [ {get_param: DockerNamespace}, {get_param: DockerMongodbConfigImage} ]
+ config_image: &mongodb_config_image {get_param: DockerMongodbConfigImage}
kolla_config:
/var/lib/kolla/config_files/mongodb.json:
command: /usr/bin/mongod --unixSocketPrefix=/var/run/mongodb --config /etc/mongod.conf run
docker_config:
step_2:
mongodb:
- image:
- list_join:
- - '/'
- - [ {get_param: DockerNamespace}, {get_param: DockerMongodbImage} ]
+ image: {get_param: DockerMongodbImage}
net: host
privileged: false
volumes: &mongodb_volumes
Configuration for containerized MySQL clients
parameters:
- DockerNamespace:
- description: namespace
- default: 'tripleoupstream'
- type: string
DockerMysqlClientConfigImage:
description: The container image to use for the mysql_client config_volume
- default: 'centos-binary-mariadb:latest'
type: string
+ ServiceData:
+ default: {}
+ description: Dictionary packing service data
+ type: json
ServiceNetMap:
default: {}
description: Mapping of service_name -> network name. Typically set
config_volume: mysql_client
puppet_tags: file # set this even though file is the default
step_config: "include ::tripleo::profile::base::database::mysql::client"
- config_image:
- list_join:
- - '/'
- - [ {get_param: DockerNamespace}, {get_param: DockerMysqlClientConfigImage} ]
+ config_image: {get_param: DockerMysqlClientConfigImage}
# no need for a docker config, this service only generates configuration files
docker_config: {}
MySQL service deployment using puppet
parameters:
- DockerNamespace:
- description: namespace
- default: 'tripleoupstream'
- type: string
DockerMysqlImage:
description: image
- default: 'centos-binary-mariadb:latest'
type: string
DockerMysqlConfigImage:
description: The container image to use for the mysql config_volume
- default: 'centos-binary-mariadb:latest'
type: string
EndpointMap:
default: {}
description: Mapping of service endpoint -> protocol. Typically set
via parameter_defaults in the resource registry.
type: json
+ ServiceData:
+ default: {}
+ description: Dictionary packing service data
+ type: json
ServiceNetMap:
default: {}
description: Mapping of service_name -> network name. Typically set
type: ../../../puppet/services/database/mysql.yaml
properties:
EndpointMap: {get_param: EndpointMap}
+ ServiceData: {get_param: ServiceData}
ServiceNetMap: {get_param: ServiceNetMap}
DefaultPasswords: {get_param: DefaultPasswords}
RoleName: {get_param: RoleName}
config_volume: mysql
puppet_tags: file # set this even though file is the default
step_config: *step_config
- config_image: &mysql_config_image
- list_join:
- - '/'
- - [ {get_param: DockerNamespace}, {get_param: DockerMysqlConfigImage} ]
+ config_image: &mysql_config_image {get_param: DockerMysqlConfigImage}
kolla_config:
/var/lib/kolla/config_files/mysql.json:
command: /usr/bin/mysqld_safe
# Kolla_bootstrap runs before permissions set by kolla_config
step_1:
mysql_init_logs:
- image: &mysql_image
- list_join:
- - '/'
- - [ {get_param: DockerNamespace}, {get_param: DockerMysqlImage} ]
+ image: &mysql_image {get_param: DockerMysqlImage}
privileged: false
user: root
volumes:
OpenStack containerized Redis services
parameters:
- DockerNamespace:
- description: namespace
- default: 'tripleoupstream'
- type: string
DockerRedisImage:
description: image
- default: 'centos-binary-redis:latest'
type: string
DockerRedisConfigImage:
description: The container image to use for the redis config_volume
- default: 'centos-binary-redis:latest'
type: string
EndpointMap:
default: {}
description: Mapping of service endpoint -> protocol. Typically set
via parameter_defaults in the resource registry.
type: json
+ ServiceData:
+ default: {}
+ description: Dictionary packing service data
+ type: json
ServiceNetMap:
default: {}
description: Mapping of service_name -> network name. Typically set
type: ../../../puppet/services/database/redis.yaml
properties:
EndpointMap: {get_param: EndpointMap}
+ ServiceData: {get_param: ServiceData}
ServiceNetMap: {get_param: ServiceNetMap}
DefaultPasswords: {get_param: DefaultPasswords}
# https://github.com/arioch/puppet-redis/commit/1c004143223e660cbd433422ff8194508aab9763
puppet_tags: 'exec'
step_config: *step_config
- config_image:
- list_join:
- - '/'
- - [ {get_param: DockerNamespace}, {get_param: DockerRedisConfigImage} ]
+ config_image: {get_param: DockerRedisConfigImage}
kolla_config:
/var/lib/kolla/config_files/redis.json:
command: /usr/bin/redis-server /etc/redis.conf
redis_init_logs:
start_order: 0
detach: false
- image: &redis_image
- list_join:
- - '/'
- - [ {get_param: DockerNamespace}, {get_param: DockerRedisImage} ]
+ image: &redis_image {get_param: DockerRedisImage}
privileged: false
user: root
volumes:
OpenStack containerized EC2 API service
parameters:
- DockerNamespace:
- description: namespace
- default: 'tripleoupstream'
- type: string
DockerEc2ApiImage:
description: image
- default: 'centos-binary-ec2-api:latest'
type: string
DockerEc2ApiConfigImage:
description: The container image to use for the ec2_api config_volume
- default: 'centos-binary-ec2-api:latest'
type: string
EndpointMap:
default: {}
description: Mapping of service endpoint -> protocol. Typically set
via parameter_defaults in the resource registry.
type: json
+ ServiceData:
+ default: {}
+ description: Dictionary packing service data
+ type: json
ServiceNetMap:
default: {}
description: Mapping of service_name -> network name. Typically set
config_volume: ec2_api
puppet_tags: ec2api_api_paste_ini,ec2api_config
step_config: *step_config
- config_image:
- list_join:
- - '/'
- - [ {get_param: DockerNamespace}, {get_param: DockerEc2ApiConfigImage} ]
+ config_image: {get_param: DockerEc2ApiConfigImage}
kolla_config:
/var/lib/kolla/config_files/ec2_api.json:
command: /usr/bin/ec2-api
# db sync runs before permissions set by kolla_config
step_2:
ec2_api_init_logs:
- image: &ec2_api_image
- list_join:
- - '/'
- - [ {get_param: DockerNamespace}, {get_param: DockerEc2ApiImage} ]
+ image: &ec2_api_image {get_param: DockerEc2ApiImage}
privileged: false
user: root
volumes:
OpenStack containerized etcd services
parameters:
- DockerNamespace:
- description: namespace
- default: 'tripleoupstream'
- type: string
DockerEtcdImage:
description: image
- default: 'centos-binary-etcd:latest'
type: string
DockerEtcdConfigImage:
description: The container image to use for the etcd config_volume
- default: 'centos-binary-etcd:latest'
type: string
EndpointMap:
default: {}
description: Mapping of service endpoint -> protocol. Typically set
via parameter_defaults in the resource registry.
type: json
+ ServiceData:
+ default: {}
+ description: Dictionary packing service data
+ type: json
ServiceNetMap:
default: {}
description: Mapping of service_name -> network name. Typically set
type: ../../puppet/services/etcd.yaml
properties:
EndpointMap: {get_param: EndpointMap}
+ ServiceData: {get_param: ServiceData}
ServiceNetMap: {get_param: ServiceNetMap}
DefaultPasswords: {get_param: DefaultPasswords}
EtcdInitialClusterToken: {get_param: EtcdInitialClusterToken}
puppet_config:
config_volume: etcd
step_config: *step_config
- config_image: &etcd_config_image
- list_join:
- - '/'
- - [ {get_param: DockerNamespace}, {get_param: DockerEtcdConfigImage} ]
+ config_image: &etcd_config_image {get_param: DockerEtcdConfigImage}
kolla_config:
/var/lib/kolla/config_files/etcd.json:
command: /usr/bin/etcd --config-file /etc/etcd/etcd.yml
docker_config:
step_2:
etcd:
- image:
- list_join:
- - '/'
- - [ {get_param: DockerNamespace}, {get_param: DockerEtcdImage} ]
+ image: {get_param: DockerEtcdImage}
net: host
privileged: false
restart: always
OpenStack Glance service configured with Puppet
parameters:
- DockerNamespace:
- description: namespace
- default: 'tripleoupstream'
- type: string
DockerGlanceApiImage:
description: image
- default: 'centos-binary-glance-api:latest'
type: string
DockerGlanceApiConfigImage:
description: The container image to use for the glance_api config_volume
- default: 'centos-binary-glance-api:latest'
type: string
EndpointMap:
default: {}
description: Mapping of service endpoint -> protocol. Typically set
via parameter_defaults in the resource registry.
type: json
+ ServiceData:
+ default: {}
+ description: Dictionary packing service data
+ type: json
ServiceNetMap:
default: {}
description: Mapping of service_name -> network name. Typically set
type: ../../puppet/services/glance-api.yaml
properties:
EndpointMap: {get_param: EndpointMap}
+ ServiceData: {get_param: ServiceData}
ServiceNetMap: {get_param: ServiceNetMap}
DefaultPasswords: {get_param: DefaultPasswords}
RoleName: {get_param: RoleName}
config_volume: glance_api
puppet_tags: glance_api_config,glance_api_paste_ini,glance_swift_config,glance_cache_config
step_config: *step_config
- config_image:
- list_join:
- - '/'
- - [ {get_param: DockerNamespace}, {get_param: DockerGlanceApiConfigImage} ]
+ config_image: {get_param: DockerGlanceApiConfigImage}
kolla_config:
/var/lib/kolla/config_files/glance_api.json:
command: /usr/bin/glance-api --config-file /usr/share/glance/glance-api-dist.conf --config-file /etc/glance/glance-api.conf
dest: "/"
merge: true
preserve_properties: true
+ - source: "/var/lib/kolla/config_files/src-ceph/"
+ dest: "/etc/ceph/"
+ merge: true
+ preserve_properties: true
/var/lib/kolla/config_files/glance_api_tls_proxy.json:
command: /usr/sbin/httpd -DFOREGROUND
config_files:
# Kolla_bootstrap/db_sync runs before permissions set by kolla_config
step_2:
glance_init_logs:
- image: &glance_api_image
- list_join:
- - '/'
- - [ {get_param: DockerNamespace}, {get_param: DockerGlanceApiImage} ]
+ image: &glance_api_image {get_param: DockerGlanceApiImage}
privileged: false
user: root
volumes:
- /var/lib/kolla/config_files/glance_api.json:/var/lib/kolla/config_files/config.json
- /var/lib/config-data/puppet-generated/glance_api/:/var/lib/kolla/config_files/src:ro
- /var/log/containers/glance:/var/log/glance
+ - /etc/ceph:/var/lib/kolla/config_files/src-ceph:ro
environment:
- KOLLA_BOOTSTRAP=True
- KOLLA_CONFIG_STRATEGY=COPY_ALWAYS
file:
path: /var/log/containers/glance
state: directory
+ - name: ensure ceph configurations exist
+ file:
+ path: /etc/ceph
+ state: directory
upgrade_tasks:
- name: Stop and disable glance_api service
tags: step2
OpenStack containerized gnocchi service
parameters:
- DockerNamespace:
- description: namespace
- default: 'tripleoupstream'
- type: string
DockerGnocchiApiImage:
description: image
- default: 'centos-binary-gnocchi-api:latest'
type: string
DockerGnocchiConfigImage:
description: The container image to use for the gnocchi config_volume
- default: 'centos-binary-gnocchi-api:latest'
type: string
EndpointMap:
default: {}
description: Mapping of service endpoint -> protocol. Typically set
via parameter_defaults in the resource registry.
type: json
+ ServiceData:
+ default: {}
+ description: Dictionary packing service data
+ type: json
ServiceNetMap:
default: {}
description: Mapping of service_name -> network name. Typically set
config_volume: gnocchi
puppet_tags: gnocchi_api_paste_ini,gnocchi_config
step_config: *step_config
- config_image:
- list_join:
- - '/'
- - [ {get_param: DockerNamespace}, {get_param: DockerGnocchiConfigImage} ]
+ config_image: {get_param: DockerGnocchiConfigImage}
kolla_config:
/var/lib/kolla/config_files/gnocchi_api.json:
command: /usr/sbin/httpd -DFOREGROUND
# db sync runs before permissions set by kolla_config
step_2:
gnocchi_init_log:
- image: &gnocchi_api_image
- list_join:
- - '/'
- - [ {get_param: DockerNamespace}, {get_param: DockerGnocchiApiImage} ]
+ image: &gnocchi_api_image {get_param: DockerGnocchiApiImage}
user: root
volumes:
- /var/log/containers/gnocchi:/var/log/gnocchi
OpenStack containerized Gnocchi Metricd service
parameters:
- DockerNamespace:
- description: namespace
- default: 'tripleoupstream'
- type: string
DockerGnocchiMetricdImage:
description: image
- default: 'centos-binary-gnocchi-metricd:latest'
type: string
DockerGnocchiConfigImage:
description: The container image to use for the gnocchi config_volume
- default: 'centos-binary-gnocchi-api:latest'
type: string
EndpointMap:
default: {}
description: Mapping of service endpoint -> protocol. Typically set
via parameter_defaults in the resource registry.
type: json
+ ServiceData:
+ default: {}
+ description: Dictionary packing service data
+ type: json
ServiceNetMap:
default: {}
description: Mapping of service_name -> network name. Typically set
type: ../../puppet/services/gnocchi-metricd.yaml
properties:
EndpointMap: {get_param: EndpointMap}
+ ServiceData: {get_param: ServiceData}
ServiceNetMap: {get_param: ServiceNetMap}
DefaultPasswords: {get_param: DefaultPasswords}
RoleName: {get_param: RoleName}
config_volume: gnocchi
puppet_tags: gnocchi_config
step_config: *step_config
- config_image:
- list_join:
- - '/'
- - [ {get_param: DockerNamespace}, {get_param: DockerGnocchiConfigImage} ]
+ config_image: {get_param: DockerGnocchiConfigImage}
kolla_config:
/var/lib/kolla/config_files/gnocchi_metricd.json:
command: /usr/bin/gnocchi-metricd
dest: "/"
merge: true
preserve_properties: true
+ - source: "/var/lib/kolla/config_files/src-ceph/"
+ dest: "/etc/ceph/"
+ merge: true
+ preserve_properties: true
permissions:
- path: /var/log/gnocchi
owner: gnocchi:gnocchi
docker_config:
step_4:
gnocchi_metricd:
- image:
- list_join:
- - '/'
- - [ {get_param: DockerNamespace}, {get_param: DockerGnocchiMetricdImage} ]
+ image: {get_param: DockerGnocchiMetricdImage}
net: host
privileged: false
restart: always
- /var/lib/kolla/config_files/gnocchi_metricd.json:/var/lib/kolla/config_files/config.json:ro
- /var/lib/config-data/puppet-generated/gnocchi/:/var/lib/kolla/config_files/src:ro
- /var/log/containers/gnocchi:/var/log/gnocchi
+ - /etc/ceph:/var/lib/kolla/config_files/src-ceph:ro
environment:
- KOLLA_CONFIG_STRATEGY=COPY_ALWAYS
host_prep_tasks:
file:
path: /var/log/containers/gnocchi
state: directory
+ - name: ensure ceph configurations exist
+ file:
+ path: /etc/ceph
+ state: directory
upgrade_tasks:
- name: Stop and disable openstack-gnocchi-metricd service
tags: step2
OpenStack containerized Gnocchi Statsd service
parameters:
- DockerNamespace:
- description: namespace
- default: 'tripleoupstream'
- type: string
DockerGnocchiStatsdImage:
description: image
- default: 'centos-binary-gnocchi-statsd:latest'
type: string
DockerGnocchiConfigImage:
description: The container image to use for the gnocchi config_volume
- default: 'centos-binary-gnocchi-api:latest'
type: string
EndpointMap:
default: {}
description: Mapping of service endpoint -> protocol. Typically set
via parameter_defaults in the resource registry.
type: json
+ ServiceData:
+ default: {}
+ description: Dictionary packing service data
+ type: json
ServiceNetMap:
default: {}
description: Mapping of service_name -> network name. Typically set
type: ../../puppet/services/gnocchi-statsd.yaml
properties:
EndpointMap: {get_param: EndpointMap}
+ ServiceData: {get_param: ServiceData}
ServiceNetMap: {get_param: ServiceNetMap}
DefaultPasswords: {get_param: DefaultPasswords}
RoleName: {get_param: RoleName}
config_volume: gnocchi
puppet_tags: gnocchi_config
step_config: *step_config
- config_image:
- list_join:
- - '/'
- - [ {get_param: DockerNamespace}, {get_param: DockerGnocchiConfigImage} ]
+ config_image: {get_param: DockerGnocchiConfigImage}
kolla_config:
/var/lib/kolla/config_files/gnocchi_statsd.json:
command: /usr/bin/gnocchi-statsd
docker_config:
step_4:
gnocchi_statsd:
- image:
- list_join:
- - '/'
- - [ {get_param: DockerNamespace}, {get_param: DockerGnocchiStatsdImage} ]
+ image: {get_param: DockerGnocchiStatsdImage}
net: host
privileged: false
restart: always
OpenStack containerized HAproxy service
parameters:
- DockerNamespace:
- description: namespace
- default: 'tripleoupstream'
- type: string
DockerHAProxyImage:
description: image
- default: 'centos-binary-haproxy:latest'
type: string
DockerHAProxyConfigImage:
description: The container image to use for the haproxy config_volume
- default: 'centos-binary-haproxy:latest'
type: string
+ ServiceData:
+ default: {}
+ description: Dictionary packing service data
+ type: json
ServiceNetMap:
default: {}
description: Mapping of service_name -> network name. Typically set
The filepath of the certificate as it will be stored in the controller.
type: string
RedisPassword:
- description: The password for Redis
+ description: The password for the redis service account.
type: string
hidden: true
MonitoringSubscriptionHaproxy:
type: ../../puppet/services/haproxy.yaml
properties:
EndpointMap: {get_param: EndpointMap}
+ ServiceData: {get_param: ServiceData}
ServiceNetMap: {get_param: ServiceNetMap}
DefaultPasswords: {get_param: DefaultPasswords}
RoleName: {get_param: RoleName}
config_volume: haproxy
puppet_tags: haproxy_config
step_config: *step_config
- config_image:
- list_join:
- - '/'
- - [ {get_param: DockerNamespace}, {get_param: DockerHAProxyConfigImage} ]
+ config_image: {get_param: DockerHAProxyConfigImage}
volumes: &deployed_cert_mount
- list_join:
- ':'
docker_config:
step_1:
haproxy:
- image:
- list_join:
- - '/'
- - [ {get_param: DockerNamespace}, {get_param: DockerHAProxyImage} ]
+ image: {get_param: DockerHAProxyImage}
net: host
privileged: false
restart: always
OpenStack containerized Heat API CFN service
parameters:
- DockerNamespace:
- description: namespace
- default: 'tripleoupstream'
- type: string
DockerHeatApiCfnImage:
description: image
- default: 'centos-binary-heat-api-cfn:latest'
type: string
# puppet needs the heat-wsgi-api-cfn binary from centos-binary-heat-api-cfn
DockerHeatApiCfnConfigImage:
description: The container image to use for the heat_api_cfn config_volume
- default: 'centos-binary-heat-api-cfn:latest'
type: string
EndpointMap:
default: {}
description: Mapping of service endpoint -> protocol. Typically set
via parameter_defaults in the resource registry.
type: json
+ ServiceData:
+ default: {}
+ description: Dictionary packing service data
+ type: json
ServiceNetMap:
default: {}
description: Mapping of service_name -> network name. Typically set
type: ../../puppet/services/heat-api-cfn.yaml
properties:
EndpointMap: {get_param: EndpointMap}
+ ServiceData: {get_param: ServiceData}
ServiceNetMap: {get_param: ServiceNetMap}
DefaultPasswords: {get_param: DefaultPasswords}
RoleName: {get_param: RoleName}
config_volume: heat_api_cfn
puppet_tags: heat_config,file,concat,file_line
step_config: *step_config
- config_image:
- list_join:
- - '/'
- - [ {get_param: DockerNamespace}, {get_param: DockerHeatApiCfnConfigImage} ]
+ config_image: {get_param: DockerHeatApiCfnConfigImage}
kolla_config:
/var/lib/kolla/config_files/heat_api_cfn.json:
command: /usr/sbin/httpd -DFOREGROUND
docker_config:
step_4:
heat_api_cfn:
- image:
- list_join:
- - '/'
- - [ {get_param: DockerNamespace}, {get_param: DockerHeatApiCfnImage} ]
+ image: {get_param: DockerHeatApiCfnImage}
net: host
privileged: false
restart: always
path: /var/log/containers/heat
state: directory
upgrade_tasks:
- - name: Stop and disable heat_api_cfn service
+ - name: Check if heat_api_cfn is deployed
+ command: systemctl is-enabled openstack-heat-api-cfn
+ tags: common
+ ignore_errors: True
+ register: heat_api_cfn_enabled
+ - name: check for heat_api_cfn running under apache (post upgrade)
+ tags: step2
+ shell: "httpd -t -D DUMP_VHOSTS | grep -q heat_api_cfn_wsgi"
+ register: heat_api_cfn_apache
+ ignore_errors: true
+ changed_when: false
+ check_mode: no
+ - name: Stop heat_api_cfn service (running under httpd)
+ tags: step2
+ service: name=httpd state=stopped
+ when: heat_api_cfn_apache.rc == 0
+ - name: Stop and disable heat_api_cfn service (pre-upgrade not under httpd)
tags: step2
- service: name=httpd state=stopped enabled=no
+ service: name=openstack-heat-api-cfn state=stopped enabled=no
+ when: heat_api_cfn_enabled.rc == 0
metadata_settings:
get_attr: [HeatBase, role_data, metadata_settings]
OpenStack containerized Heat API service
parameters:
- DockerNamespace:
- description: namespace
- default: 'tripleoupstream'
- type: string
DockerHeatApiImage:
description: image
- default: 'centos-binary-heat-api:latest'
type: string
# puppet needs the heat-wsgi-api binary from centos-binary-heat-api
DockerHeatApiConfigImage:
description: The container image to use for the heat_api config_volume
- default: 'centos-binary-heat-api:latest'
type: string
EndpointMap:
default: {}
description: Mapping of service endpoint -> protocol. Typically set
via parameter_defaults in the resource registry.
type: json
+ ServiceData:
+ default: {}
+ description: Dictionary packing service data
+ type: json
ServiceNetMap:
default: {}
description: Mapping of service_name -> network name. Typically set
type: ../../puppet/services/heat-api.yaml
properties:
EndpointMap: {get_param: EndpointMap}
+ ServiceData: {get_param: ServiceData}
ServiceNetMap: {get_param: ServiceNetMap}
DefaultPasswords: {get_param: DefaultPasswords}
RoleName: {get_param: RoleName}
config_volume: heat_api
puppet_tags: heat_config,file,concat,file_line
step_config: *step_config
- config_image:
- list_join:
- - '/'
- - [ {get_param: DockerNamespace}, {get_param: DockerHeatApiConfigImage} ]
+ config_image: {get_param: DockerHeatApiConfigImage}
kolla_config:
/var/lib/kolla/config_files/heat_api.json:
command: /usr/sbin/httpd -DFOREGROUND
- path: /var/log/heat
owner: heat:heat
recurse: true
+ /var/lib/kolla/config_files/heat_api_cron.json:
+ command: /usr/sbin/crond -n
+ config_files:
+ - source: "/var/lib/kolla/config_files/src/*"
+ dest: "/"
+ merge: true
+ preserve_properties: true
+ permissions:
+ - path: /var/log/heat
+ owner: heat:heat
+ recurse: true
docker_config:
step_4:
heat_api:
- image:
- list_join:
- - '/'
- - [ {get_param: DockerNamespace}, {get_param: DockerHeatApiImage} ]
+ image: {get_param: DockerHeatApiImage}
net: host
privileged: false
restart: always
- ''
environment:
- KOLLA_CONFIG_STRATEGY=COPY_ALWAYS
+ heat_api_cron:
+ image: {get_param: DockerHeatApiImage}
+ net: host
+ privileged: false
+ restart: always
+ volumes:
+ list_concat:
+ - {get_attr: [ContainersCommon, volumes]}
+ -
+ - /var/lib/kolla/config_files/heat_api_cron.json:/var/lib/kolla/config_files/config.json:ro
+ - /var/lib/config-data/puppet-generated/heat_api/:/var/lib/kolla/config_files/src:ro
+ - /var/log/containers/heat:/var/log/heat
+ environment:
+ - KOLLA_CONFIG_STRATEGY=COPY_ALWAYS
host_prep_tasks:
- name: create persistent logs directory
file:
path: /var/log/containers/heat
state: directory
upgrade_tasks:
- - name: Stop and disable heat_api service
+ - name: Check is heat_api is deployed
+ command: systemctl is-enabled openstack-heat-api
+ tags: common
+ ignore_errors: True
+ register: heat_api_enabled
+ - name: check for heat_api running under apache (post upgrade)
+ tags: step2
+ shell: "httpd -t -D DUMP_VHOSTS | grep -q heat_api_wsgi"
+ register: heat_api_apache
+ ignore_errors: true
+ changed_when: false
+ check_mode: no
+ - name: Stop heat_api service (running under httpd)
+ tags: step2
+ service: name=httpd state=stopped
+ when: heat_api_apache.rc == 0
+ - name: Stop and disable heat_api service (pre-upgrade not under httpd)
tags: step2
- service: name=httpd state=stopped enabled=no
+ service: name=openstack-heat-api state=stopped enabled=no
+ when: heat_api_enabled.rc == 0
metadata_settings:
get_attr: [HeatBase, role_data, metadata_settings]
OpenStack containerized Heat Engine service
parameters:
- DockerNamespace:
- description: namespace
- default: 'tripleoupstream'
- type: string
DockerHeatEngineImage:
description: image
- default: 'centos-binary-heat-engine:latest'
type: string
DockerHeatConfigImage:
description: The container image to use for the heat config_volume
- default: 'centos-binary-heat-api:latest'
type: string
EndpointMap:
default: {}
description: Mapping of service endpoint -> protocol. Typically set
via parameter_defaults in the resource registry.
type: json
+ ServiceData:
+ default: {}
+ description: Dictionary packing service data
+ type: json
ServiceNetMap:
default: {}
description: Mapping of service_name -> network name. Typically set
type: ../../puppet/services/heat-engine.yaml
properties:
EndpointMap: {get_param: EndpointMap}
+ ServiceData: {get_param: ServiceData}
ServiceNetMap: {get_param: ServiceNetMap}
DefaultPasswords: {get_param: DefaultPasswords}
RoleName: {get_param: RoleName}
config_volume: heat
puppet_tags: heat_config,file,concat,file_line
step_config: *step_config
- config_image:
- list_join:
- - '/'
- - [ {get_param: DockerNamespace}, {get_param: DockerHeatConfigImage} ]
+ config_image: {get_param: DockerHeatConfigImage}
kolla_config:
/var/lib/kolla/config_files/heat_engine.json:
command: /usr/bin/heat-engine --config-file /usr/share/heat/heat-dist.conf --config-file /etc/heat/heat.conf
# db sync runs before permissions set by kolla_config
step_2:
heat_init_log:
- image: &heat_engine_image
- list_join:
- - '/'
- - [ {get_param: DockerNamespace}, {get_param: DockerHeatEngineImage} ]
+ image: &heat_engine_image {get_param: DockerHeatEngineImage}
user: root
volumes:
- /var/log/containers/heat:/var/log/heat
OpenStack containerized Horizon service
parameters:
- DockerNamespace:
- description: namespace
- default: 'tripleoupstream'
- type: string
DockerHorizonImage:
description: image
- default: 'centos-binary-horizon:latest'
type: string
DockerHorizonConfigImage:
description: The container image to use for the horizon config_volume
- default: 'centos-binary-horizon:latest'
type: string
EndpointMap:
default: {}
description: Mapping of service endpoint -> protocol. Typically set
via parameter_defaults in the resource registry.
type: json
+ ServiceData:
+ default: {}
+ description: Dictionary packing service data
+ type: json
ServiceNetMap:
default: {}
description: Mapping of service_name -> network name. Typically set
type: ../../puppet/services/horizon.yaml
properties:
EndpointMap: {get_param: EndpointMap}
+ ServiceData: {get_param: ServiceData}
ServiceNetMap: {get_param: ServiceNetMap}
DefaultPasswords: {get_param: DefaultPasswords}
RoleName: {get_param: RoleName}
config_volume: horizon
puppet_tags: horizon_config
step_config: {get_attr: [HorizonBase, role_data, step_config]}
- config_image:
- list_join:
- - '/'
- - [ {get_param: DockerNamespace}, {get_param: DockerHorizonConfigImage} ]
+ config_image: {get_param: DockerHorizonConfigImage}
kolla_config:
/var/lib/kolla/config_files/horizon.json:
command: /usr/sbin/httpd -DFOREGROUND
docker_config:
step_2:
horizon_fix_perms:
- image: &horizon_image
- list_join:
- - '/'
- - [ {get_param: DockerNamespace}, {get_param: DockerHorizonImage} ]
+ image: &horizon_image {get_param: DockerHorizonImage}
user: root
# NOTE Set ownership for /var/log/horizon/horizon.log file here,
# otherwise it's created by root when generating django cache.
OpenStack containerized Ironic API service
parameters:
- DockerNamespace:
- description: namespace
- default: 'tripleoupstream'
- type: string
DockerIronicApiImage:
description: image
- default: 'centos-binary-ironic-api:latest'
type: string
- DockerIronicConfigImage:
- description: The container image to use for the ironic config_volume
- default: 'centos-binary-ironic-pxe:latest'
+ DockerIronicApiConfigImage:
+ description: The container image to use for the ironic_api config_volume
type: string
EndpointMap:
default: {}
description: Mapping of service endpoint -> protocol. Typically set
via parameter_defaults in the resource registry.
type: json
+ ServiceData:
+ default: {}
+ description: Dictionary packing service data
+ type: json
ServiceNetMap:
default: {}
description: Mapping of service_name -> network name. Typically set
type: ../../puppet/services/ironic-api.yaml
properties:
EndpointMap: {get_param: EndpointMap}
+ ServiceData: {get_param: ServiceData}
ServiceNetMap: {get_param: ServiceNetMap}
DefaultPasswords: {get_param: DefaultPasswords}
RoleName: {get_param: RoleName}
service_config_settings: {get_attr: [IronicApiBase, role_data, service_config_settings]}
# BEGIN DOCKER SETTINGS
puppet_config:
- config_volume: ironic
+ config_volume: ironic_api
puppet_tags: ironic_config
step_config: *step_config
- config_image:
- list_join:
- - '/'
- - [ {get_param: DockerNamespace}, {get_param: DockerIronicConfigImage} ]
+ config_image: {get_param: DockerIronicApiConfigImage}
kolla_config:
/var/lib/kolla/config_files/ironic_api.json:
command: /usr/sbin/httpd -DFOREGROUND
# db sync runs before permissions set by kolla_config
step_2:
ironic_init_logs:
- image: &ironic_api_image
- list_join:
- - '/'
- - [ {get_param: DockerNamespace}, {get_param: DockerIronicApiImage} ]
+ image: &ironic_api_image {get_param: DockerIronicApiImage}
privileged: false
user: root
volumes:
list_concat:
- {get_attr: [ContainersCommon, volumes]}
-
- - /var/lib/config-data/ironic/etc/ironic:/etc/ironic:ro
+ - /var/lib/config-data/ironic_api/etc/ironic:/etc/ironic:ro
- /var/log/containers/ironic:/var/log/ironic
command: "/usr/bin/bootstrap_host_exec ironic_api su ironic -s /bin/bash -c 'ironic-dbsync --config-file /etc/ironic/ironic.conf'"
step_4:
- {get_attr: [ContainersCommon, volumes]}
-
- /var/lib/kolla/config_files/ironic_api.json:/var/lib/kolla/config_files/config.json:ro
- - /var/lib/config-data/puppet-generated/ironic/:/var/lib/kolla/config_files/src:ro
+ - /var/lib/config-data/puppet-generated/ironic_api/:/var/lib/kolla/config_files/src:ro
- /var/log/containers/ironic:/var/log/ironic
environment:
- KOLLA_CONFIG_STRATEGY=COPY_ALWAYS
OpenStack containerized Ironic Conductor service
parameters:
- DockerNamespace:
- description: namespace
- default: 'tripleoupstream'
- type: string
DockerIronicConductorImage:
description: image
- default: 'centos-binary-ironic-conductor:latest'
type: string
DockerIronicConfigImage:
description: The container image to use for the ironic config_volume
- default: 'centos-binary-ironic-pxe:latest'
type: string
EndpointMap:
default: {}
description: Mapping of service endpoint -> protocol. Typically set
via parameter_defaults in the resource registry.
type: json
+ ServiceData:
+ default: {}
+ description: Dictionary packing service data
+ type: json
ServiceNetMap:
default: {}
description: Mapping of service_name -> network name. Typically set
type: ../../puppet/services/ironic-conductor.yaml
properties:
EndpointMap: {get_param: EndpointMap}
+ ServiceData: {get_param: ServiceData}
ServiceNetMap: {get_param: ServiceNetMap}
DefaultPasswords: {get_param: DefaultPasswords}
RoleName: {get_param: RoleName}
config_volume: ironic
puppet_tags: ironic_config
step_config: *step_config
- config_image:
- list_join:
- - '/'
- - [ {get_param: DockerNamespace}, {get_param: DockerIronicConfigImage} ]
+ config_image: {get_param: DockerIronicConfigImage}
kolla_config:
/var/lib/kolla/config_files/ironic_conductor.json:
command: /usr/bin/ironic-conductor
step_4:
ironic_conductor:
start_order: 80
- image:
- list_join:
- - '/'
- - [ {get_param: DockerNamespace}, {get_param: DockerIronicConductorImage} ]
+ image: {get_param: DockerIronicConductorImage}
net: host
privileged: true
restart: always
OpenStack containerized Ironic PXE service
parameters:
- DockerNamespace:
- description: namespace
- default: 'tripleoupstream'
- type: string
DockerIronicPxeImage:
description: image
- default: 'centos-binary-ironic-pxe:latest'
type: string
DockerIronicConfigImage:
description: The container image to use for the ironic config_volume
- default: 'centos-binary-ironic-pxe:latest'
type: string
EndpointMap:
default: {}
description: Mapping of service endpoint -> protocol. Typically set
via parameter_defaults in the resource registry.
type: json
+ ServiceData:
+ default: {}
+ description: Dictionary packing service data
+ type: json
ServiceNetMap:
default: {}
description: Mapping of service_name -> network name. Typically set
config_volume: ironic
puppet_tags: ironic_config
step_config: *step_config
- config_image:
- list_join:
- - '/'
- - [ {get_param: DockerNamespace}, {get_param: DockerIronicConfigImage} ]
+ config_image: {get_param: DockerIronicConfigImage}
kolla_config:
/var/lib/kolla/config_files/ironic_pxe_http.json:
command: /usr/sbin/httpd -DFOREGROUND
step_4:
ironic_pxe_tftp:
start_order: 90
- image: &ironic_pxe_image
- list_join:
- - '/'
- - [ {get_param: DockerNamespace}, {get_param: DockerIronicPxeImage} ]
+ image: &ironic_pxe_image {get_param: DockerIronicPxeImage}
net: host
privileged: false
restart: always
OpenStack containerized Iscsid service
parameters:
- DockerNamespace:
- description: namespace
- default: 'tripleoupstream'
- type: string
DockerIscsidImage:
description: image
- default: 'centos-binary-iscsid:latest'
type: string
DockerIscsidConfigImage:
description: The container image to use for the iscsid config_volume
- default: 'centos-binary-iscsid:latest'
type: string
EndpointMap:
default: {}
description: Mapping of service endpoint -> protocol. Typically set
via parameter_defaults in the resource registry.
type: json
+ ServiceData:
+ default: {}
+ description: Dictionary packing service data
+ type: json
ServiceNetMap:
default: {}
description: Mapping of service_name -> network name. Typically set
ContainersCommon:
type: ./containers-common.yaml
+ IscsidBase:
+ type: ../../puppet/services/iscsid.yaml
+ properties:
+ EndpointMap: {get_param: EndpointMap}
+ ServiceNetMap: {get_param: ServiceNetMap}
+ DefaultPasswords: {get_param: DefaultPasswords}
+ RoleName: {get_param: RoleName}
+ RoleParameters: {get_param: RoleParameters}
+
outputs:
role_data:
- description: Role data for the Iscsid API role.
+ description: Role data for the Iscsid role.
value:
- service_name: iscsid
- config_settings: {}
- step_config: ''
- service_config_settings: {}
+ service_name: {get_attr: [IscsidBase, role_data, service_name]}
+ config_settings: {get_attr: [IscsidBase, role_data, config_settings]}
+ step_config: &step_config
+ {get_attr: [IscsidBase, role_data, step_config]}
+ service_config_settings: {get_attr: [IscsidBase, role_data, service_config_settings]}
# BEGIN DOCKER SETTINGS
puppet_config:
config_volume: iscsid
- #puppet_tags: file
- step_config: ''
- config_image:
- list_join:
- - '/'
- - [ {get_param: DockerNamespace}, {get_param: DockerIscsidConfigImage} ]
+ puppet_tags: iscsid_config
+ step_config: *step_config
+ config_image: {get_param: DockerIscsidConfigImage}
kolla_config:
/var/lib/kolla/config_files/iscsid.json:
command: /usr/sbin/iscsid -f
+ config_files:
+ - source: "/var/lib/kolla/config_files/src-iscsid/*"
+ dest: "/"
+ merge: true
+ preserve_properties: true
docker_config:
step_3:
iscsid:
start_order: 2
- image:
- list_join:
- - '/'
- - [ {get_param: DockerNamespace}, {get_param: DockerIscsidImage} ]
+ image: {get_param: DockerIscsidImage}
net: host
privileged: true
restart: always
- /run/:/run/
- /sys:/sys
- /lib/modules:/lib/modules:ro
- - /etc/iscsi:/etc/iscsi
+ - /var/lib/config-data/puppet-generated/iscsid/:/var/lib/kolla/config_files/src-iscsid:ro
environment:
- KOLLA_CONFIG_STRATEGY=COPY_ALWAYS
host_prep_tasks:
- - name: create /etc/iscsi
- file:
- path: /etc/iscsi
- state: directory
- name: stat /lib/systemd/system/iscsid.socket
stat: path=/lib/systemd/system/iscsid.socket
register: stat_iscsid_socket
when: stat_iscsid_socket.stat.exists
upgrade_tasks:
- name: stat /lib/systemd/system/iscsid.service
+ tags: step2
stat: path=/lib/systemd/system/iscsid.service
register: stat_iscsid_service
- name: Stop and disable iscsid service
service: name=iscsid state=stopped enabled=no
when: stat_iscsid_service.stat.exists
- name: stat /lib/systemd/system/iscsid.socket
+ tags: step2
stat: path=/lib/systemd/system/iscsid.socket
register: stat_iscsid_socket
- name: Stop and disable iscsid.socket service
OpenStack containerized Keystone service
parameters:
- DockerNamespace:
- description: namespace
- default: 'tripleoupstream'
- type: string
DockerKeystoneImage:
description: image
- default: 'centos-binary-keystone:latest'
type: string
DockerKeystoneConfigImage:
description: The container image to use for the keystone config_volume
- default: 'centos-binary-keystone:latest'
type: string
EndpointMap:
default: {}
description: Mapping of service endpoint -> protocol. Typically set
via parameter_defaults in the resource registry.
type: json
+ ServiceData:
+ default: {}
+ description: Dictionary packing service data
+ type: json
ServiceNetMap:
default: {}
description: Mapping of service_name -> network name. Typically set
type: ../../puppet/services/keystone.yaml
properties:
EndpointMap: {get_param: EndpointMap}
+ ServiceData: {get_param: ServiceData}
ServiceNetMap: {get_param: ServiceNetMap}
DefaultPasswords: {get_param: DefaultPasswords}
RoleName: {get_param: RoleName}
config_volume: keystone
puppet_tags: keystone_config
step_config: *step_config
- config_image: &keystone_config_image
- list_join:
- - '/'
- - [ {get_param: DockerNamespace}, {get_param: DockerKeystoneConfigImage} ]
+ config_image: &keystone_config_image {get_param: DockerKeystoneConfigImage}
kolla_config:
/var/lib/kolla/config_files/keystone.json:
command: /usr/sbin/httpd -DFOREGROUND
dest: "/"
merge: true
preserve_properties: true
+ /var/lib/kolla/config_files/keystone_cron.json:
+ command: /usr/sbin/cron -n
+ config_files:
+ - source: "/var/lib/kolla/config_files/src/*"
+ dest: "/"
+ merge: true
+ preserve_properties: true
+ permissions:
+ - path: /var/log/keystone
+ owner: keystone:keystone
+ recurse: true
docker_config:
# Kolla_bootstrap/db sync runs before permissions set by kolla_config
step_2:
keystone_init_log:
- image: &keystone_image
- list_join:
- - '/'
- - [ {get_param: DockerNamespace}, {get_param: DockerKeystoneImage} ]
+ image: &keystone_image {get_param: DockerKeystoneImage}
user: root
command: ['/bin/bash', '-c', 'mkdir -p /var/log/httpd; chown -R keystone:keystone /var/log/keystone']
volumes:
user: root
command:
[ 'keystone', '/usr/bin/bootstrap_host_exec', 'keystone' ,'keystone-manage', 'bootstrap', '--bootstrap-password', {get_param: AdminPassword} ]
+ keystone_cron:
+ start_order: 4
+ image: *keystone_image
+ net: host
+ privileged: false
+ restart: always
+ volumes:
+ list_concat:
+ - {get_attr: [ContainersCommon, volumes]}
+ -
+ - /var/lib/kolla/config_files/keystone_cron.json:/var/lib/kolla/config_files/config.json:ro
+ - /var/lib/config-data/puppet-generated/keystone/:/var/lib/kolla/config_files/src:ro
+ - /var/log/containers/keystone:/var/log/keystone
+ environment:
+ - KOLLA_CONFIG_STRATEGY=COPY_ALWAYS
docker_puppet_tasks:
# Keystone endpoint creation occurs only on single node
step_3:
OpenStack containerized Manila API service
parameters:
- DockerNamespace:
- description: namespace
- default: 'tripleoupstream'
- type: string
DockerManilaApiImage:
description: image
- default: 'centos-binary-manila-api:latest'
type: string
DockerManilaConfigImage:
description: The container image to use for the manila config_volume
- default: 'centos-binary-manila-api:latest'
type: string
EndpointMap:
default: {}
description: Mapping of service endpoint -> protocol. Typically set
via parameter_defaults in the resource registry.
type: json
+ ServiceData:
+ default: {}
+ description: Dictionary packing service data
+ type: json
ServiceNetMap:
default: {}
description: Mapping of service_name -> network name. Typically set
type: ../../puppet/services/manila-api.yaml
properties:
EndpointMap: {get_param: EndpointMap}
+ ServiceData: {get_param: ServiceData}
ServiceNetMap: {get_param: ServiceNetMap}
DefaultPasswords: {get_param: DefaultPasswords}
config_volume: manila
puppet_tags: manila_config,manila_api_paste_ini
step_config: *step_config
- config_image:
- list_join:
- - '/'
- - [ {get_param: DockerNamespace}, {get_param: DockerManilaConfigImage} ]
+ config_image: {get_param: DockerManilaConfigImage}
kolla_config:
/var/lib/kolla/config_files/manila_api.json:
command: /usr/bin/manila-api --config-file /usr/share/manila/manila-dist.conf --config-file /etc/manila/manila.conf
docker_config:
step_2:
manila_init_logs:
- image: &manila_api_image
- list_join:
- - '/'
- - [ {get_param: DockerNamespace}, {get_param: DockerManilaApiImage} ]
+ image: &manila_api_image {get_param: DockerManilaApiImage}
user: root
volumes:
- /var/log/containers/manila:/var/log/manila
OpenStack containerized Manila Scheduler service
parameters:
- DockerNamespace:
- description: namespace
- default: 'tripleoupstream'
- type: string
DockerManilaSchedulerImage:
description: image
- default: 'centos-binary-manila-scheduler:latest'
type: string
DockerManilaConfigImage:
description: The container image to use for the manila config_volume
- default: 'centos-binary-manila-api:latest'
type: string
EndpointMap:
default: {}
description: Mapping of service endpoint -> protocol. Typically set
via parameter_defaults in the resource registry.
type: json
+ ServiceData:
+ default: {}
+ description: Dictionary packing service data
+ type: json
ServiceNetMap:
default: {}
description: Mapping of service_name -> network name. Typically set
type: ../../puppet/services/manila-scheduler.yaml
properties:
EndpointMap: {get_param: EndpointMap}
+ ServiceData: {get_param: ServiceData}
ServiceNetMap: {get_param: ServiceNetMap}
DefaultPasswords: {get_param: DefaultPasswords}
config_volume: manila
puppet_tags: manila_config,manila_scheduler_paste_ini
step_config: *step_config
- config_image:
- list_join:
- - '/'
- - [ {get_param: DockerNamespace}, {get_param: DockerManilaConfigImage} ]
+ config_image: {get_param: DockerManilaConfigImage}
kolla_config:
/var/lib/kolla/config_files/manila_scheduler.json:
command: /usr/bin/manila-scheduler --config-file /usr/share/manila/manila-dist.conf --config-file /etc/manila/manila.conf
docker_config:
step_4:
manila_scheduler:
- image:
- list_join:
- - '/'
- - [ {get_param: DockerNamespace}, {get_param: DockerManilaSchedulerImage} ]
+ image: {get_param: DockerManilaSchedulerImage}
net: host
restart: always
volumes:
--- /dev/null
+heat_template_version: pike
+
+description: >
+ OpenStack containerized Manila Share service
+
+parameters:
+ DockerManilaShareImage:
+ description: image
+ type: string
+ DockerManilaConfigImage:
+ description: image
+ type: string
+ EndpointMap:
+ default: {}
+ description: Mapping of service endpoint -> protocol. Typically set
+ via parameter_defaults in the resource registry.
+ type: json
+ ServiceData:
+ default: {}
+ description: Dictionary packing service data
+ type: json
+ ServiceNetMap:
+ default: {}
+ description: Mapping of service_name -> network name. Typically set
+ via parameter_defaults in the resource registry. This
+ mapping overrides those in ServiceNetMapDefaults.
+ type: json
+ DefaultPasswords:
+ default: {}
+ type: json
+ RoleName:
+ default: ''
+ description: Role name on which the service is applied
+ type: string
+ RoleParameters:
+ default: {}
+ description: Parameters specific to the role
+ type: json
+
+resources:
+
+ ContainersCommon:
+ type: ./containers-common.yaml
+
+ ManilaBase:
+ type: ../../puppet/services/manila-share.yaml
+ properties:
+ EndpointMap: {get_param: EndpointMap}
+ ServiceData: {get_param: ServiceData}
+ ServiceNetMap: {get_param: ServiceNetMap}
+ DefaultPasswords: {get_param: DefaultPasswords}
+ RoleName: {get_param: RoleName}
+ RoleParameters: {get_param: RoleParameters}
+
+outputs:
+ role_data:
+ description: Role data for the Manila Share role.
+ value:
+ service_name: {get_attr: [ManilaBase, role_data, service_name]}
+ config_settings: {get_attr: [ManilaBase, role_data, config_settings]}
+ step_config: &step_config
+ get_attr: [ManilaBase, role_data, step_config]
+ service_config_settings: {get_attr: [ManilaBase, role_data, service_config_settings]}
+ # BEGIN DOCKER SETTINGS
+ puppet_config:
+ config_volume: manila
+ puppet_tags: manila_config
+ step_config: *step_config
+ config_image: {get_param: DockerManilaConfigImage}
+ kolla_config:
+ /var/lib/kolla/config_files/manila_share.json:
+ command: /usr/bin/manila-share --config-file /usr/share/manila/manila-dist.conf --config-file /etc/manila/manila.conf
+ config_files:
+ - source: "/var/lib/kolla/config_files/src/*"
+ dest: "/"
+ merge: true
+ preserve_properties: true
+ - source: "/var/lib/kolla/config_files/src-ceph/"
+ dest: "/etc/ceph/"
+ merge: true
+ preserve_properties: true
+ permissions:
+ - path: /var/log/manila
+ owner: manila:manila
+ recurse: true
+ docker_config:
+ step_4:
+ manila_share:
+ image: &manila_share_image {get_param: DockerManilaShareImage}
+ net: host
+ restart: always
+ volumes:
+ list_concat:
+ - {get_attr: [ContainersCommon, volumes]}
+ -
+ - /var/lib/kolla/config_files/manila_share.json:/var/lib/kolla/config_files/config.json:ro
+ - /var/lib/config-data/puppet-generated/manila/:/var/lib/kolla/config_files/src:ro
+ - /var/log/containers/manila:/var/log/manila
+ - /etc/ceph:/var/lib/kolla/config_files/src-ceph:ro
+ environment:
+ - KOLLA_CONFIG_STRATEGY=COPY_ALWAYS
+ host_prep_tasks:
+ - name: create persistent directories
+ file:
+ path: /var/log/containers/manila
+ state: directory
+ - name: ensure ceph configurations exist
+ file:
+ path: /etc/ceph
+ state: directory
+ upgrade_tasks:
+ - name: Stop and disable manila_share service
+ tags: step2
+ service: name=openstack-manila-share state=stopped enabled=no
OpenStack containerized Memcached services
parameters:
- DockerNamespace:
- description: namespace
- default: 'tripleoupstream'
- type: string
DockerMemcachedImage:
description: image
- default: 'centos-binary-memcached:latest'
type: string
DockerMemcachedConfigImage:
description: The container image to use for the memcached config_volume
- default: 'centos-binary-memcached:latest'
type: string
EndpointMap:
default: {}
description: Mapping of service endpoint -> protocol. Typically set
via parameter_defaults in the resource registry.
type: json
+ ServiceData:
+ default: {}
+ description: Dictionary packing service data
+ type: json
ServiceNetMap:
default: {}
description: Mapping of service_name -> network name. Typically set
type: ../../puppet/services/memcached.yaml
properties:
EndpointMap: {get_param: EndpointMap}
+ ServiceData: {get_param: ServiceData}
ServiceNetMap: {get_param: ServiceNetMap}
DefaultPasswords: {get_param: DefaultPasswords}
RoleName: {get_param: RoleName}
config_volume: 'memcached'
puppet_tags: 'file'
step_config: *step_config
- config_image:
- list_join:
- - '/'
- - [ {get_param: DockerNamespace}, {get_param: DockerMemcachedConfigImage} ]
+ config_image: {get_param: DockerMemcachedConfigImage}
kolla_config: {}
docker_config:
step_1:
memcached_init_logs:
start_order: 0
detach: false
- image: &memcached_image
- list_join:
- - '/'
- - [ {get_param: DockerNamespace}, {get_param: DockerMemcachedImage} ]
+ image: &memcached_image {get_param: DockerMemcachedImage}
privileged: false
user: root
volumes:
OpenStack containerized Mistral API service
parameters:
- DockerNamespace:
- description: namespace
- default: 'tripleoupstream'
- type: string
DockerMistralApiImage:
description: image
- default: 'centos-binary-mistral-api:latest'
type: string
DockerMistralConfigImage:
description: The container image to use for the mistral config_volume
- default: 'centos-binary-mistral-api:latest'
type: string
EndpointMap:
default: {}
description: Mapping of service endpoint -> protocol. Typically set
via parameter_defaults in the resource registry.
type: json
+ ServiceData:
+ default: {}
+ description: Dictionary packing service data
+ type: json
ServiceNetMap:
default: {}
description: Mapping of service_name -> network name. Typically set
type: ../../puppet/services/mistral-api.yaml
properties:
EndpointMap: {get_param: EndpointMap}
+ ServiceData: {get_param: ServiceData}
ServiceNetMap: {get_param: ServiceNetMap}
DefaultPasswords: {get_param: DefaultPasswords}
RoleName: {get_param: RoleName}
config_volume: mistral
puppet_tags: mistral_config
step_config: *step_config
- config_image:
- list_join:
- - '/'
- - [ {get_param: DockerNamespace}, {get_param: DockerMistralConfigImage} ]
+ config_image: {get_param: DockerMistralConfigImage}
kolla_config:
/var/lib/kolla/config_files/mistral_api.json:
command: /usr/bin/mistral-server --config-file=/etc/mistral/mistral.conf --log-file=/var/log/mistral/api.log --server=api
# db sync runs before permissions set by kolla_config
step_2:
mistral_init_logs:
- image: &mistral_api_image
- list_join:
- - '/'
- - [ {get_param: DockerNamespace}, {get_param: DockerMistralApiImage} ]
+ image: &mistral_api_image {get_param: DockerMistralApiImage}
privileged: false
user: root
volumes:
OpenStack containerized Mistral Engine service
parameters:
- DockerNamespace:
- description: namespace
- default: 'tripleoupstream'
- type: string
DockerMistralEngineImage:
description: image
- default: 'centos-binary-mistral-engine:latest'
type: string
DockerMistralConfigImage:
description: The container image to use for the mistral config_volume
- default: 'centos-binary-mistral-api:latest'
type: string
EndpointMap:
default: {}
description: Mapping of service endpoint -> protocol. Typically set
via parameter_defaults in the resource registry.
type: json
+ ServiceData:
+ default: {}
+ description: Dictionary packing service data
+ type: json
ServiceNetMap:
default: {}
description: Mapping of service_name -> network name. Typically set
type: ../../puppet/services/mistral-engine.yaml
properties:
EndpointMap: {get_param: EndpointMap}
+ ServiceData: {get_param: ServiceData}
ServiceNetMap: {get_param: ServiceNetMap}
DefaultPasswords: {get_param: DefaultPasswords}
RoleName: {get_param: RoleName}
config_volume: mistral
puppet_tags: mistral_config
step_config: *step_config
- config_image:
- list_join:
- - '/'
- - [ {get_param: DockerNamespace}, {get_param: DockerMistralConfigImage} ]
+ config_image: {get_param: DockerMistralConfigImage}
kolla_config:
/var/lib/kolla/config_files/mistral_engine.json:
command: /usr/bin/mistral-server --config-file=/etc/mistral/mistral.conf --log-file=/var/log/mistral/engine.log --server=engine
docker_config:
step_4:
mistral_engine:
- image:
- list_join:
- - '/'
- - [ {get_param: DockerNamespace}, {get_param: DockerMistralEngineImage} ]
+ image: {get_param: DockerMistralEngineImage}
net: host
privileged: false
restart: always
OpenStack containerized Mistral Executor service
parameters:
- DockerNamespace:
- description: namespace
- default: 'tripleoupstream'
- type: string
DockerMistralExecutorImage:
description: image
- default: 'centos-binary-mistral-executor:latest'
type: string
DockerMistralConfigImage:
description: The container image to use for the mistral config_volume
- default: 'centos-binary-mistral-api:latest'
type: string
EndpointMap:
default: {}
description: Mapping of service endpoint -> protocol. Typically set
via parameter_defaults in the resource registry.
type: json
+ ServiceData:
+ default: {}
+ description: Dictionary packing service data
+ type: json
ServiceNetMap:
default: {}
description: Mapping of service_name -> network name. Typically set
type: ../../puppet/services/mistral-executor.yaml
properties:
EndpointMap: {get_param: EndpointMap}
+ ServiceData: {get_param: ServiceData}
ServiceNetMap: {get_param: ServiceNetMap}
DefaultPasswords: {get_param: DefaultPasswords}
RoleName: {get_param: RoleName}
config_volume: mistral
puppet_tags: mistral_config
step_config: *step_config
- config_image:
- list_join:
- - '/'
- - [ {get_param: DockerNamespace}, {get_param: DockerMistralConfigImage} ]
+ config_image: {get_param: DockerMistralConfigImage}
kolla_config:
/var/lib/kolla/config_files/mistral_executor.json:
command: /usr/bin/mistral-server --config-file=/etc/mistral/mistral.conf --log-file=/var/log/mistral/executor.log --server=executor
docker_config:
step_4:
mistral_executor:
- image:
- list_join:
- - '/'
- - [ {get_param: DockerNamespace}, {get_param: DockerMistralExecutorImage} ]
+ image: {get_param: DockerMistralExecutorImage}
net: host
privileged: false
restart: always
path: /var/log/containers/mistral
state: directory
upgrade_tasks:
+ - name: Check if mistral executor is deployed
+ command: systemctl is-enabled openstack-mistral-executor
+ tags: common
+ ignore_errors: True
+ register: mistral_executor_enabled
+ - name: "PreUpgrade step0,validation: Check if openstack-mistral-executor is running"
+ shell: >
+ /usr/bin/systemctl show 'openstack-mistral-executor' --property ActiveState |
+ grep '\bactive\b'
+ when: mistral_executor_enabled.rc == 0
+ tags: step0,validation
- name: Stop and disable mistral_executor service
tags: step2
+ when: mistral_executor_enabled.rc == 0
service: name=openstack-mistral-executor state=stopped enabled=no
OpenStack containerized Multipathd service
parameters:
- DockerNamespace:
- description: namespace
- default: 'tripleoupstream'
- type: string
DockerMultipathdImage:
description: image
- default: 'centos-binary-multipathd:latest'
type: string
DockerMultipathdConfigImage:
description: The container image to use for the multipathd config_volume
- default: 'centos-binary-multipathd:latest'
type: string
EndpointMap:
default: {}
description: Mapping of service endpoint -> protocol. Typically set
via parameter_defaults in the resource registry.
type: json
+ ServiceData:
+ default: {}
+ description: Dictionary packing service data
+ type: json
ServiceNetMap:
default: {}
description: Mapping of service_name -> network name. Typically set
config_volume: multipathd
#puppet_tags: file
step_config: ''
- config_image:
- list_join:
- - '/'
- - [ {get_param: DockerNamespace}, {get_param: DockerMultipathdConfigImage} ]
+ config_image: {get_param: DockerMultipathdConfigImage}
kolla_config:
/var/lib/kolla/config_files/multipathd.json:
command: /usr/sbin/multipathd -d
+ config_files:
+ - source: "/var/lib/kolla/config_files/src-iscsid/*"
+ dest: "/"
+ merge: true
+ preserve_properties: true
docker_config:
step_3:
multipathd:
start_order: 1
- image:
- list_join:
- - '/'
- - [ {get_param: DockerNamespace}, {get_param: DockerMultipathdImage} ]
+ image: {get_param: DockerMultipathdImage}
net: host
privileged: true
restart: always
- {get_attr: [ContainersCommon, volumes]}
-
- /var/lib/kolla/config_files/multipathd.json:/var/lib/kolla/config_files/config.json:ro
+ - /var/lib/config-data/puppet-generated/iscsid/:/var/lib/kolla/config_files/src-iscsid:ro
- /dev/:/dev/
- /run/:/run/
- /sys:/sys
- /lib/modules:/lib/modules:ro
- - /etc/iscsi:/etc/iscsi
- /var/lib/cinder:/var/lib/cinder
environment:
- KOLLA_CONFIG_STRATEGY=COPY_ALWAYS
OpenStack containerized Neutron API service
parameters:
- DockerNamespace:
- description: namespace
- default: 'tripleoupstream'
- type: string
DockerNeutronApiImage:
description: image
- default: 'centos-binary-neutron-server:latest'
type: string
DockerNeutronConfigImage:
description: The container image to use for the neutron config_volume
- default: 'centos-binary-neutron-server:latest'
type: string
EndpointMap:
default: {}
description: Mapping of service endpoint -> protocol. Typically set
via parameter_defaults in the resource registry.
type: json
+ ServiceData:
+ default: {}
+ description: Dictionary packing service data
+ type: json
ServiceNetMap:
default: {}
description: Mapping of service_name -> network name. Typically set
type: ../../puppet/services/neutron-api.yaml
properties:
EndpointMap: {get_param: EndpointMap}
+ ServiceData: {get_param: ServiceData}
ServiceNetMap: {get_param: ServiceNetMap}
DefaultPasswords: {get_param: DefaultPasswords}
RoleName: {get_param: RoleName}
config_volume: neutron
puppet_tags: neutron_config,neutron_api_config
step_config: *step_config
- config_image:
- list_join:
- - '/'
- - [ {get_param: DockerNamespace}, {get_param: DockerNeutronConfigImage} ]
+ config_image: {get_param: DockerNeutronConfigImage}
kolla_config:
/var/lib/kolla/config_files/neutron_api.json:
command: /usr/bin/neutron-server --config-file /usr/share/neutron/neutron-dist.conf --config-file /etc/neutron/neutron.conf --config-file /etc/neutron/plugin.ini --config-dir /etc/neutron/conf.d/common --config-dir /etc/neutron/conf.d/neutron-server
# db sync runs before permissions set by kolla_config
step_2:
neutron_init_logs:
- image: &neutron_api_image
- list_join:
- - '/'
- - [ {get_param: DockerNamespace}, {get_param: DockerNeutronApiImage} ]
+ image: &neutron_api_image {get_param: DockerNeutronApiImage}
privileged: false
user: root
volumes:
path: /var/log/containers/neutron
state: directory
upgrade_tasks:
+ - name: Check if neutron_server is deployed
+ command: systemctl is-enabled neutron-server
+ tags: common
+ ignore_errors: True
+ register: neutron_server_enabled
+ - name: "PreUpgrade step0,validation: Check service neutron-server is running"
+ shell: /usr/bin/systemctl show 'neutron-server' --property ActiveState | grep '\bactive\b'
+ when: neutron_server_enabled.rc == 0
+ tags: step0,validation
- name: Stop and disable neutron_api service
tags: step2
+ when: neutron_server_enabled.rc == 0
service: name=neutron-server state=stopped enabled=no
metadata_settings:
get_attr: [NeutronBase, role_data, metadata_settings]
OpenStack containerized Neutron DHCP service
parameters:
- DockerNamespace:
- description: namespace
- default: 'tripleoupstream'
- type: string
DockerNeutronDHCPImage:
description: image
- default: 'centos-binary-neutron-dhcp-agent:latest'
type: string
DockerNeutronConfigImage:
description: The container image to use for the neutron config_volume
- default: 'centos-binary-neutron-server:latest'
type: string
EndpointMap:
default: {}
description: Mapping of service endpoint -> protocol. Typically set
via parameter_defaults in the resource registry.
type: json
+ ServiceData:
+ default: {}
+ description: Dictionary packing service data
+ type: json
ServiceNetMap:
default: {}
description: Mapping of service_name -> network name. Typically set
type: ../../puppet/services/neutron-dhcp.yaml
properties:
EndpointMap: {get_param: EndpointMap}
+ ServiceData: {get_param: ServiceData}
ServiceNetMap: {get_param: ServiceNetMap}
DefaultPasswords: {get_param: DefaultPasswords}
RoleName: {get_param: RoleName}
config_volume: neutron
puppet_tags: neutron_config,neutron_dhcp_agent_config
step_config: *step_config
- config_image:
- list_join:
- - '/'
- - [ {get_param: DockerNamespace}, {get_param: DockerNeutronConfigImage} ]
+ config_image: {get_param: DockerNeutronConfigImage}
kolla_config:
/var/lib/kolla/config_files/neutron_dhcp.json:
command: /usr/bin/neutron-dhcp-agent --config-file /usr/share/neutron/neutron-dist.conf --config-file /etc/neutron/neutron.conf --config-file /etc/neutron/dhcp_agent.ini --log-file /var/log/neutron/dhcp-agent.log --config-dir /etc/neutron/conf.d/common --config-dir /etc/neutron/conf.d/neutron-dhcp-agent
- path: /var/log/neutron
owner: neutron:neutron
recurse: true
+ - path: /var/lib/neutron
+ owner: neutron:neutron
+ recurse: true
docker_config:
step_4:
neutron_dhcp:
- image:
- list_join:
- - '/'
- - [ {get_param: DockerNamespace}, {get_param: DockerNeutronDHCPImage} ]
+ image: {get_param: DockerNeutronDHCPImage}
net: host
pid: host
privileged: true
- /var/lib/config-data/puppet-generated/neutron/:/var/lib/kolla/config_files/src:ro
- /lib/modules:/lib/modules:ro
- /run/:/run
+ - /var/lib/neutron:/var/lib/neutron
- /var/log/containers/neutron:/var/log/neutron
environment:
- KOLLA_CONFIG_STRATEGY=COPY_ALWAYS
host_prep_tasks:
+ - name: create /var/lib/neutron
+ file:
+ path: /var/lib/neutron
+ state: directory
- name: create persistent logs directory
file:
path: /var/log/containers/neutron
state: directory
upgrade_tasks:
+ - name: Check if neutron_dhcp_agent is deployed
+ command: systemctl is-enabled neutron-dhcp-agent
+ tags: common
+ ignore_errors: True
+ register: neutron_dhcp_agent_enabled
+ - name: "PreUpgrade step0,validation: Check service neutron-dhcp-agent is running"
+ shell: /usr/bin/systemctl show 'neutron-dhcp-agent' --property ActiveState | grep '\bactive\b'
+ when: neutron_dhcp_agent_enabled.rc == 0
+ tags: step0,validation
- name: Stop and disable neutron_dhcp service
tags: step2
+ when: neutron_dhcp_agent_enabled.rc == 0
service: name=neutron-dhcp-agent state=stopped enabled=no
OpenStack containerized Neutron L3 agent
parameters:
- DockerNamespace:
- description: namespace
- default: 'tripleoupstream'
- type: string
DockerNeutronL3AgentImage:
description: image
- default: 'centos-binary-neutron-l3-agent:latest'
type: string
DockerNeutronConfigImage:
description: The container image to use for the neutron config_volume
- default: 'centos-binary-neutron-server:latest'
type: string
+ ServiceData:
+ default: {}
+ description: Dictionary packing service data
+ type: json
ServiceNetMap:
default: {}
description: Mapping of service_name -> network name. Typically set
type: ../../puppet/services/neutron-l3.yaml
properties:
EndpointMap: {get_param: EndpointMap}
+ ServiceData: {get_param: ServiceData}
ServiceNetMap: {get_param: ServiceNetMap}
DefaultPasswords: {get_param: DefaultPasswords}
RoleName: {get_param: RoleName}
puppet_tags: neutron_config,neutron_l3_agent_config
config_volume: neutron
step_config: *step_config
- config_image:
- list_join:
- - '/'
- - [ {get_param: DockerNamespace}, {get_param: DockerNeutronConfigImage} ]
+ config_image: {get_param: DockerNeutronConfigImage}
kolla_config:
/var/lib/kolla/config_files/neutron_l3_agent.json:
command: /usr/bin/neutron-l3-agent --config-file /usr/share/neutron/neutron-dist.conf --config-dir /usr/share/neutron/l3_agent --config-file /etc/neutron/neutron.conf --config-file /etc/neutron/l3_agent.ini --config-dir /etc/neutron/conf.d/common --config-dir /etc/neutron/conf.d/neutron-l3-agent
- path: /var/log/neutron
owner: neutron:neutron
recurse: true
+ - path: /var/lib/neutron
+ owner: neutron:neutron
+ recurse: true
docker_config:
step_4:
neutron_l3_agent:
- image:
- list_join:
- - '/'
- - [ {get_param: DockerNamespace}, {get_param: DockerNeutronL3AgentImage} ]
+ image: {get_param: DockerNeutronL3AgentImage}
net: host
pid: host
privileged: true
- /var/lib/config-data/puppet-generated/neutron/:/var/lib/kolla/config_files/src:ro
- /lib/modules:/lib/modules:ro
- /run:/run
+ - /var/lib/neutron:/var/lib/neutron
- /var/log/containers/neutron:/var/log/neutron
environment:
- KOLLA_CONFIG_STRATEGY=COPY_ALWAYS
host_prep_tasks:
+ - name: create /var/lib/neutron
+ file:
+ path: /var/lib/neutron
+ state: directory
- name: create persistent logs directory
file:
path: /var/log/containers/neutron
OpenStack containerized Neutron Metadata agent
parameters:
- DockerNamespace:
- description: namespace
- default: 'tripleoupstream'
- type: string
DockerNeutronMetadataImage:
description: image
- default: 'centos-binary-neutron-metadata-agent:latest'
type: string
DockerNeutronConfigImage:
description: The container image to use for the neutron config_volume
- default: 'centos-binary-neutron-server:latest'
type: string
+ ServiceData:
+ default: {}
+ description: Dictionary packing service data
+ type: json
ServiceNetMap:
default: {}
description: Mapping of service_name -> network name. Typically set
type: ../../puppet/services/neutron-metadata.yaml
properties:
EndpointMap: {get_param: EndpointMap}
+ ServiceData: {get_param: ServiceData}
ServiceNetMap: {get_param: ServiceNetMap}
DefaultPasswords: {get_param: DefaultPasswords}
RoleName: {get_param: RoleName}
puppet_tags: neutron_config,neutron_metadata_agent_config
config_volume: neutron
step_config: *step_config
- config_image:
- list_join:
- - '/'
- - [ {get_param: DockerNamespace}, {get_param: DockerNeutronConfigImage} ]
+ config_image: {get_param: DockerNeutronConfigImage}
kolla_config:
/var/lib/kolla/config_files/neutron_metadata_agent.json:
command: /usr/bin/neutron-metadata-agent --config-file /usr/share/neutron/neutron-dist.conf --config-file /etc/neutron/neutron.conf --config-file /etc/neutron/metadata_agent.ini --config-dir /etc/neutron/conf.d/common --config-dir /etc/neutron/conf.d/neutron-metadata-agent
- path: /var/log/neutron
owner: neutron:neutron
recurse: true
+ - path: /var/lib/neutron
+ owner: neutron:neutron
+ recurse: true
docker_config:
step_4:
neutron_metadata_agent:
- image:
- list_join:
- - '/'
- - [ {get_param: DockerNamespace}, {get_param: DockerNeutronMetadataImage} ]
+ image: {get_param: DockerNeutronMetadataImage}
net: host
pid: host
privileged: true
- /var/lib/config-data/puppet-generated/neutron/:/var/lib/kolla/config_files/src:ro
- /lib/modules:/lib/modules:ro
- /run:/run
+ - /var/lib/neutron:/var/lib/neutron
- /var/log/containers/neutron:/var/log/neutron
environment:
- KOLLA_CONFIG_STRATEGY=COPY_ALWAYS
host_prep_tasks:
+ - name: create /var/lib/neutron
+ file:
+ path: /var/lib/neutron
+ state: directory
- name: create persistent logs directory
file:
path: /var/log/containers/neutron
state: directory
upgrade_tasks:
+ - name: Check if neutron_metadata_agent is deployed
+ command: systemctl is-enabled neutron-metadata-agent
+ tags: common
+ ignore_errors: True
+ register: neutron_metadata_agent_enabled
+ - name: "PreUpgrade step0,validation: Check service neutron-metadata-agent is running"
+ shell: /usr/bin/systemctl show 'neutron-metadata-agent' --property ActiveState | grep '\bactive\b'
+ when: neutron_metadata_agent_enabled.rc == 0
+ tags: step0,validation
- name: Stop and disable neutron_metadata service
tags: step2
+ when: neutron_metadata_agent_enabled.rc == 0
service: name=neutron-metadata-agent state=stopped enabled=no
OpenStack Neutron openvswitch service
parameters:
- DockerNamespace:
- description: namespace
- default: 'tripleoupstream'
- type: string
DockerOpenvswitchImage:
description: image
- default: 'centos-binary-neutron-openvswitch-agent:latest'
type: string
DockerNeutronConfigImage:
description: The container image to use for the neutron config_volume
- default: 'centos-binary-neutron-server:latest'
type: string
+ ServiceData:
+ default: {}
+ description: Dictionary packing service data
+ type: json
ServiceNetMap:
default: {}
description: Mapping of service_name -> network name. Typically set
type: ../../puppet/services/neutron-ovs-agent.yaml
properties:
EndpointMap: {get_param: EndpointMap}
+ ServiceData: {get_param: ServiceData}
ServiceNetMap: {get_param: ServiceNetMap}
DefaultPasswords: {get_param: DefaultPasswords}
RoleName: {get_param: RoleName}
config_volume: neutron
puppet_tags: neutron_config,neutron_agent_ovs,neutron_plugin_ml2
step_config: *step_config
- config_image:
- list_join:
- - '/'
- - [ {get_param: DockerNamespace}, {get_param: DockerNeutronConfigImage} ]
+ config_image: {get_param: DockerNeutronConfigImage}
kolla_config:
/var/lib/kolla/config_files/neutron_ovs_agent.json:
command: /usr/bin/neutron-openvswitch-agent --config-file /usr/share/neutron/neutron-dist.conf --config-file /etc/neutron/neutron.conf --config-file /etc/neutron/plugins/ml2/openvswitch_agent.ini --config-file /etc/neutron/plugins/ml2/ml2_conf.ini --config-dir /etc/neutron/conf.d/common
docker_config:
step_4:
neutron_ovs_agent:
- image:
- list_join:
- - '/'
- - [ {get_param: DockerNamespace}, {get_param: DockerOpenvswitchImage} ]
+ image: {get_param: DockerOpenvswitchImage}
net: host
pid: host
privileged: true
description: Mapping of service endpoint -> protocol. Typically set
via parameter_defaults in the resource registry.
type: json
+ ServiceData:
+ default: {}
+ description: Dictionary packing service data
+ type: json
ServiceNetMap:
default: {}
description: Mapping of service_name -> network name. Typically set
via parameter_defaults in the resource registry. This
mapping overrides those in ServiceNetMapDefaults.
type: json
- DockerNamespace:
- description: namespace
- default: 'tripleoupstream'
- type: string
DockerNeutronConfigImage:
description: The container image to use for the neutron config_volume
- default: 'centos-binary-neutron-server:latest'
type: string
DefaultPasswords:
- default: {}
type: json
RoleName:
default: ''
type: OS::TripleO::Docker::NeutronMl2PluginBase
properties:
EndpointMap: {get_param: EndpointMap}
+ ServiceData: {get_param: ServiceData}
ServiceNetMap: {get_param: ServiceNetMap}
DefaultPasswords: {get_param: DefaultPasswords}
RoleName: {get_param: RoleName}
config_volume: 'neutron'
puppet_tags: neutron_plugin_ml2
step_config: *step_config
- config_image:
- list_join:
- - '/'
- - [ {get_param: DockerNamespace}, {get_param: DockerNeutronConfigImage} ]
+ config_image: {get_param: DockerNeutronConfigImage}
kolla_config: {}
docker_config: {}
OpenStack containerized Nova API service
parameters:
- DockerNamespace:
- description: namespace
- default: 'tripleoupstream'
- type: string
DockerNovaApiImage:
description: image
- default: 'centos-binary-nova-api:latest'
type: string
DockerNovaConfigImage:
description: The container image to use for the nova config_volume
- default: 'centos-binary-nova-base:latest'
type: string
EndpointMap:
default: {}
description: Mapping of service endpoint -> protocol. Typically set
via parameter_defaults in the resource registry.
type: json
+ ServiceData:
+ default: {}
+ description: Dictionary packing service data
+ type: json
ServiceNetMap:
default: {}
description: Mapping of service_name -> network name. Typically set
type: ../../puppet/services/nova-api.yaml
properties:
EndpointMap: {get_param: EndpointMap}
+ ServiceData: {get_param: ServiceData}
ServiceNetMap: {get_param: ServiceNetMap}
DefaultPasswords: {get_param: DefaultPasswords}
RoleName: {get_param: RoleName}
config_volume: nova
puppet_tags: nova_config
step_config: *step_config
- config_image:
- list_join:
- - '/'
- - [ {get_param: DockerNamespace}, {get_param: DockerNovaConfigImage} ]
+ config_image: {get_param: DockerNovaConfigImage}
kolla_config:
/var/lib/kolla/config_files/nova_api.json:
command: /usr/bin/nova-api
- path: /var/log/nova
owner: nova:nova
recurse: true
+ /var/lib/kolla/config_files/nova_api_cron.json:
+ command: /usr/sbin/crond -n
+ config_files:
+ - source: "/var/lib/kolla/config_files/src/*"
+ dest: "/"
+ merge: true
+ preserve_properties: true
+ permissions:
+ - path: /var/log/nova
+ owner: nova:nova
+ recurse: true
docker_config:
# db sync runs before permissions set by kolla_config
step_2:
nova_init_logs:
- image: &nova_api_image
- list_join:
- - '/'
- - [ {get_param: DockerNamespace}, {get_param: DockerNovaApiImage} ]
+ image: &nova_api_image {get_param: DockerNovaApiImage}
privileged: false
user: root
volumes:
- /var/log/containers/nova:/var/log/nova
environment:
- KOLLA_CONFIG_STRATEGY=COPY_ALWAYS
+ nova_api_cron:
+ image: *nova_api_image
+ net: host
+ user: root
+ privileged: false
+ restart: always
+ volumes:
+ list_concat:
+ - {get_attr: [ContainersCommon, volumes]}
+ -
+ - /var/lib/kolla/config_files/nova_api_cron.json:/var/lib/kolla/config_files/config.json:ro
+ - /var/lib/config-data/puppet-generated/nova/:/var/lib/kolla/config_files/src:ro
+ - /var/log/containers/nova:/var/log/nova
+ environment:
+ - KOLLA_CONFIG_STRATEGY=COPY_ALWAYS
step_5:
nova_api_discover_hosts:
start_order: 1
OpenStack containerized Nova Compute service
parameters:
- DockerNamespace:
- description: namespace
- default: 'tripleoupstream'
- type: string
DockerNovaComputeImage:
description: image
- default: 'centos-binary-nova-compute:latest'
type: string
DockerNovaLibvirtConfigImage:
description: The container image to use for the nova_libvirt config_volume
- default: 'centos-binary-nova-compute:latest'
type: string
+ ServiceData:
+ default: {}
+ description: Dictionary packing service data
+ type: json
ServiceNetMap:
default: {}
description: Mapping of service_name -> network name. Typically set
description: Mapping of service endpoint -> protocol. Typically set
via parameter_defaults in the resource registry.
type: json
+ DockerNovaMigrationSshdPort:
+ default: 2022
+ description: Port that dockerized nova migration target sshd service
+ binds to.
+ type: number
resources:
type: ../../puppet/services/nova-compute.yaml
properties:
EndpointMap: {get_param: EndpointMap}
+ ServiceData: {get_param: ServiceData}
ServiceNetMap: {get_param: ServiceNetMap}
DefaultPasswords: {get_param: DefaultPasswords}
RoleName: {get_param: RoleName}
RoleParameters: {get_param: RoleParameters}
+ MigrationSshPort: {get_param: DockerNovaMigrationSshdPort}
outputs:
role_data:
value:
service_name: {get_attr: [NovaComputeBase, role_data, service_name]}
config_settings:
- map_merge:
- - get_attr: [NovaComputeBase, role_data, config_settings]
- # FIXME: we need to disable migration for now as the
- # hieradata is common for all services, and this means nova
- # and nova_placement puppet runs also try to configure
- # libvirt, and they fail. We can remove this override when
- # we have hieradata separation between containers.
- - tripleo::profile::base::nova::manage_migration: false
+ get_attr: [NovaComputeBase, role_data, config_settings]
step_config: &step_config
get_attr: [NovaComputeBase, role_data, step_config]
puppet_config:
config_volume: nova_libvirt
puppet_tags: nova_config,nova_paste_api_ini
step_config: *step_config
- config_image:
- list_join:
- - '/'
- - [ {get_param: DockerNamespace}, {get_param: DockerNovaLibvirtConfigImage} ]
+ config_image: {get_param: DockerNovaLibvirtConfigImage}
kolla_config:
/var/lib/kolla/config_files/nova_compute.json:
command: /usr/bin/nova-compute --config-file /etc/nova/nova.conf --config-file /etc/nova/rootwrap.conf
dest: "/"
merge: true
preserve_properties: true
+ - source: "/var/lib/kolla/config_files/src-iscsid/*"
+ dest: "/"
+ merge: true
+ preserve_properties: true
+ - source: "/var/lib/kolla/config_files/src-ceph/"
+ dest: "/etc/ceph/"
+ merge: true
+ preserve_properties: true
permissions:
- path: /var/log/nova
owner: nova:nova
# FIXME: run discover hosts here
step_4:
nova_compute:
- image: &nova_compute_image
- list_join:
- - '/'
- - [ {get_param: DockerNamespace}, {get_param: DockerNovaComputeImage} ]
+ image: &nova_compute_image {get_param: DockerNovaComputeImage}
net: host
privileged: true
user: nova
-
- /var/lib/kolla/config_files/nova_compute.json:/var/lib/kolla/config_files/config.json:ro
- /var/lib/config-data/puppet-generated/nova_libvirt/:/var/lib/kolla/config_files/src:ro
+ - /var/lib/config-data/puppet-generated/iscsid/:/var/lib/kolla/config_files/src-iscsid:ro
+ - /etc/ceph:/var/lib/kolla/config_files/src-ceph:ro
- /dev:/dev
- - /etc/iscsi:/etc/iscsi
- /lib/modules:/lib/modules:ro
- /run:/run
- /var/lib/nova:/var/lib/nova
- /var/log/containers/nova
- /var/lib/nova
- /var/lib/libvirt
+ - name: ensure ceph configurations exist
+ file:
+ path: /etc/ceph
+ state: directory
upgrade_tasks:
- name: Stop and disable nova-compute service
tags: step2
OpenStack containerized Nova Conductor service
parameters:
- DockerNamespace:
- description: namespace
- default: 'tripleoupstream'
- type: string
DockerNovaConductorImage:
description: image
- default: 'centos-binary-nova-conductor:latest'
type: string
DockerNovaConfigImage:
description: The container image to use for the nova config_volume
- default: 'centos-binary-nova-base:latest'
type: string
EndpointMap:
default: {}
description: Mapping of service endpoint -> protocol. Typically set
via parameter_defaults in the resource registry.
type: json
+ ServiceData:
+ default: {}
+ description: Dictionary packing service data
+ type: json
ServiceNetMap:
default: {}
description: Mapping of service_name -> network name. Typically set
type: ../../puppet/services/nova-conductor.yaml
properties:
EndpointMap: {get_param: EndpointMap}
+ ServiceData: {get_param: ServiceData}
ServiceNetMap: {get_param: ServiceNetMap}
DefaultPasswords: {get_param: DefaultPasswords}
RoleName: {get_param: RoleName}
config_volume: nova
puppet_tags: nova_config
step_config: *step_config
- config_image:
- list_join:
- - '/'
- - [ {get_param: DockerNamespace}, {get_param: DockerNovaConfigImage} ]
+ config_image: {get_param: DockerNovaConfigImage}
kolla_config:
/var/lib/kolla/config_files/nova_conductor.json:
command: /usr/bin/nova-conductor
docker_config:
step_4:
nova_conductor:
- image:
- list_join:
- - '/'
- - [ {get_param: DockerNamespace}, {get_param: DockerNovaConductorImage} ]
+ image: {get_param: DockerNovaConductorImage}
net: host
privileged: false
restart: always
OpenStack containerized Nova Consoleauth service
parameters:
- DockerNamespace:
- description: namespace
- default: 'tripleoupstream'
- type: string
DockerNovaConsoleauthImage:
description: image
- default: 'centos-binary-nova-consoleauth:latest'
type: string
DockerNovaConfigImage:
description: The container image to use for the nova config_volume
- default: 'centos-binary-nova-base:latest'
type: string
EndpointMap:
default: {}
description: Mapping of service endpoint -> protocol. Typically set
via parameter_defaults in the resource registry.
type: json
+ ServiceData:
+ default: {}
+ description: Dictionary packing service data
+ type: json
ServiceNetMap:
default: {}
description: Mapping of service_name -> network name. Typically set
type: ../../puppet/services/nova-consoleauth.yaml
properties:
EndpointMap: {get_param: EndpointMap}
+ ServiceData: {get_param: ServiceData}
ServiceNetMap: {get_param: ServiceNetMap}
DefaultPasswords: {get_param: DefaultPasswords}
RoleName: {get_param: RoleName}
config_volume: nova
puppet_tags: nova_config
step_config: *step_config
- config_image:
- list_join:
- - '/'
- - [ {get_param: DockerNamespace}, {get_param: DockerNovaConfigImage} ]
+ config_image: {get_param: DockerNovaConfigImage}
kolla_config:
/var/lib/kolla/config_files/nova_consoleauth.json:
command: /usr/bin/nova-consoleauth
docker_config:
step_4:
nova_consoleauth:
- image:
- list_join:
- - '/'
- - [ {get_param: DockerNamespace}, {get_param: DockerNovaConsoleauthImage} ]
+ image: {get_param: DockerNovaConsoleauthImage}
net: host
privileged: false
restart: always
OpenStack containerized Nova Ironic Compute service
parameters:
- DockerNamespace:
- description: namespace
- default: 'tripleoupstream'
- type: string
DockerNovaComputeIronicImage:
description: image
- default: 'centos-binary-nova-compute-ironic:latest'
type: string
DockerNovaConfigImage:
description: The container image to use for the nova config_volume
- default: 'centos-binary-nova-base:latest'
type: string
+ ServiceData:
+ default: {}
+ description: Dictionary packing service data
+ type: json
ServiceNetMap:
default: {}
description: Mapping of service_name -> network name. Typically set
NovaIronicBase:
type: ../../puppet/services/nova-ironic.yaml
properties:
+ ServiceData: {get_param: ServiceData}
ServiceNetMap: {get_param: ServiceNetMap}
DefaultPasswords: {get_param: DefaultPasswords}
EndpointMap: {get_param: EndpointMap}
config_volume: nova
puppet_tags: nova_config,nova_paste_api_ini
step_config: *step_config
- config_image:
- list_join:
- - '/'
- - [ {get_param: DockerNamespace}, {get_param: DockerNovaConfigImage} ]
+ config_image: {get_param: DockerNovaConfigImage}
kolla_config:
/var/lib/kolla/config_files/nova_ironic.json:
command: /usr/bin/nova-compute --config-file /etc/nova/nova.conf --config-file /etc/nova/rootwrap.conf
dest: "/"
merge: true
preserve_properties: true
+ - source: "/var/lib/kolla/config_files/src-iscsid/*"
+ dest: "/"
+ merge: true
+ preserve_properties: true
permissions:
- path: /var/log/nova
owner: nova:nova
docker_config:
step_5:
nova_compute:
- image:
- list_join:
- - '/'
- - [ {get_param: DockerNamespace}, {get_param: DockerNovaComputeIronicImage} ]
+ image: {get_param: DockerNovaComputeIronicImage}
net: host
privileged: true
user: root
-
- /var/lib/kolla/config_files/nova_ironic.json:/var/lib/kolla/config_files/config.json:ro
- /var/lib/config-data/puppet-generated/nova/:/var/lib/kolla/config_files/src:ro
+ - /var/lib/config-data/puppet-generated/iscsid/:/var/lib/kolla/config_files/src-iscsid:ro
- /run:/run
- /dev:/dev
- - /etc/iscsi:/etc/iscsi
- /var/lib/nova/:/var/lib/nova
- /var/log/containers/nova:/var/log/nova
environment:
OpenStack Libvirt Service
parameters:
- DockerNamespace:
- description: namespace
- default: 'tripleoupstream'
- type: string
DockerNovaLibvirtImage:
description: image
- default: 'centos-binary-nova-libvirt:latest'
type: string
# we configure libvirt via the nova-compute container due to coupling
# in the puppet modules
DockerNovaLibvirtConfigImage:
description: The container image to use for the nova_libvirt config_volume
- default: 'centos-binary-nova-compute:latest'
type: string
EnablePackageInstall:
default: 'false'
- description: Set to true to enable package installation
+ description: Set to true to enable package installation at deploy time
type: boolean
+ ServiceData:
+ default: {}
+ description: Dictionary packing service data
+ type: json
ServiceNetMap:
default: {}
description: Mapping of service_name -> network name. Typically set
description: If set to true and if EnableInternalTLS is enabled, it will
set the libvirt URI's transport to tls and configure the
relevant keys for libvirt.
+ DockerNovaMigrationSshdPort:
+ default: 2022
+ description: Port that dockerized nova migration target sshd service
+ binds to.
+ type: number
+
conditions:
type: ../../puppet/services/nova-libvirt.yaml
properties:
EndpointMap: {get_param: EndpointMap}
+ ServiceData: {get_param: ServiceData}
ServiceNetMap: {get_param: ServiceNetMap}
DefaultPasswords: {get_param: DefaultPasswords}
RoleName: {get_param: RoleName}
RoleParameters: {get_param: RoleParameters}
+ MigrationSshPort: {get_param: DockerNovaMigrationSshdPort}
outputs:
role_data:
value:
service_name: {get_attr: [NovaLibvirtBase, role_data, service_name]}
config_settings:
- map_merge:
- - get_attr: [NovaLibvirtBase, role_data, config_settings]
- # FIXME: we need to disable migration for now as the
- # hieradata is common for all services, and this means nova
- # and nova_placement puppet runs also try to configure
- # libvirt, and they fail. We can remove this override when
- # we have hieradata separation between containers.
- - tripleo::profile::base::nova::manage_migration: false
+ get_attr: [NovaLibvirtBase, role_data, config_settings]
step_config: &step_config
get_attr: [NovaLibvirtBase, role_data, step_config]
puppet_config:
config_volume: nova_libvirt
- puppet_tags: nova_config
+ puppet_tags: libvirtd_config,nova_config,file,exec
step_config: *step_config
- config_image:
- list_join:
- - '/'
- - [ {get_param: DockerNamespace}, {get_param: DockerNovaLibvirtConfigImage} ]
+ config_image: {get_param: DockerNovaLibvirtConfigImage}
kolla_config:
/var/lib/kolla/config_files/nova_libvirt.json:
command:
dest: "/"
merge: true
preserve_properties: true
+ - source: "/var/lib/kolla/config_files/src-ceph/"
+ dest: "/etc/ceph/"
+ merge: true
+ preserve_properties: true
permissions:
- path: /var/log/nova
owner: nova:nova
docker_config:
step_3:
nova_libvirt:
- image:
- list_join:
- - '/'
- - [ {get_param: DockerNamespace}, {get_param: DockerNovaLibvirtImage} ]
+ image: {get_param: DockerNovaLibvirtImage}
net: host
pid: host
privileged: true
-
- /var/lib/kolla/config_files/nova_libvirt.json:/var/lib/kolla/config_files/config.json:ro
- /var/lib/config-data/puppet-generated/nova_libvirt/:/var/lib/kolla/config_files/src:ro
+ - /etc/ceph:/var/lib/kolla/config_files/src-ceph:ro
- /lib/modules:/lib/modules:ro
- /dev:/dev
- /run:/run
- /sys/fs/cgroup:/sys/fs/cgroup
- /var/lib/nova:/var/lib/nova
+ - /etc/libvirt/secrets:/etc/libvirt/secrets
# Needed to use host's virtlogd
- /var/run/libvirt:/var/run/libvirt
- /var/lib/libvirt:/var/lib/libvirt
path: "{{ item }}"
state: directory
with_items:
+ - /etc/libvirt/secrets
- /etc/libvirt/qemu
- /var/lib/libvirt
- /var/log/containers/nova
+ - name: ensure ceph configurations exist
+ file:
+ path: /etc/ceph
+ state: directory
- name: set enable_package_install fact
set_fact:
enable_package_install: {get_param: EnablePackageInstall}
description: Mapping of service endpoint -> protocol. Typically set
via parameter_defaults in the resource registry.
type: json
+ ServiceData:
+ default: {}
+ description: Dictionary packing service data
+ type: json
ServiceNetMap:
default: {}
description: Mapping of service_name -> network name. Typically set
type: ../../puppet/services/nova-metadata.yaml
properties:
EndpointMap: {get_param: EndpointMap}
+ ServiceData: {get_param: ServiceData}
ServiceNetMap: {get_param: ServiceNetMap}
DefaultPasswords: {get_param: DefaultPasswords}
RoleName: {get_param: RoleName}
--- /dev/null
+heat_template_version: pike
+
+description: >
+ OpenStack containerized Nova Migration Target service
+
+parameters:
+ DockerNovaComputeImage:
+ description: image
+ type: string
+ DockerNovaLibvirtConfigImage:
+ description: The container image to use for the nova_libvirt config_volume
+ type: string
+ ServiceData:
+ default: {}
+ description: Dictionary packing service data
+ type: json
+ ServiceNetMap:
+ default: {}
+ description: Mapping of service_name -> network name. Typically set
+ via parameter_defaults in the resource registry. This
+ mapping overrides those in ServiceNetMapDefaults.
+ type: json
+ DefaultPasswords:
+ default: {}
+ type: json
+ RoleName:
+ default: ''
+ description: Role name on which the service is applied
+ type: string
+ RoleParameters:
+ default: {}
+ description: Parameters specific to the role
+ type: json
+ EndpointMap:
+ default: {}
+ description: Mapping of service endpoint -> protocol. Typically set
+ via parameter_defaults in the resource registry.
+ type: json
+ DockerNovaMigrationSshdPort:
+ default: 2022
+ description: Port that dockerized nova migration target sshd service
+ binds to.
+ type: number
+
+resources:
+
+ ContainersCommon:
+ type: ./containers-common.yaml
+
+ SshdBase:
+ type: ../../puppet/services/sshd.yaml
+ properties:
+ EndpointMap: {get_param: EndpointMap}
+ ServiceNetMap: {get_param: ServiceNetMap}
+ DefaultPasswords: {get_param: DefaultPasswords}
+ RoleName: {get_param: RoleName}
+ RoleParameters: {get_param: RoleParameters}
+
+ NovaMigrationTargetBase:
+ type: ../../puppet/services/nova-migration-target.yaml
+ properties:
+ EndpointMap: {get_param: EndpointMap}
+ ServiceNetMap: {get_param: ServiceNetMap}
+ DefaultPasswords: {get_param: DefaultPasswords}
+ RoleName: {get_param: RoleName}
+ RoleParameters: {get_param: RoleParameters}
+
+outputs:
+ role_data:
+ description: Role data for the Nova Migration Target service.
+ value:
+ service_name: nova_migration_target
+ config_settings:
+ map_merge:
+ - get_attr: [SshdBase, role_data, config_settings]
+ - get_attr: [NovaMigrationTargetBase, role_data, config_settings]
+ - tripleo.nova_migration_target.firewall_rules:
+ '113 nova_migration_target':
+ dport:
+ - {get_param: DockerNovaMigrationSshdPort}
+ step_config: &step_config
+ list_join:
+ - "\n"
+ - - get_attr: [SshdBase, role_data, step_config]
+ - get_attr: [NovaMigrationTargetBase, role_data, step_config]
+ puppet_config:
+ config_volume: nova_libvirt
+ step_config: *step_config
+ config_image: {get_param: DockerNovaLibvirtConfigImage}
+ kolla_config:
+ /var/lib/kolla/config_files/nova-migration-target.json:
+ command:
+ str_replace:
+ template: "/usr/sbin/sshd -D -p SSHDPORT"
+ params:
+ SSHDPORT: {get_param: DockerNovaMigrationSshdPort}
+ config_files:
+ - source: "/var/lib/kolla/config_files/src/*"
+ dest: "/"
+ merge: true
+ preserve_properties: true
+ - source: /host-ssh/ssh_host_*_key
+ dest: /etc/ssh/
+ owner: "root"
+ perm: "0600"
+ docker_config:
+ step_4:
+ nova_migration_target:
+ image: {get_param: DockerNovaComputeImage}
+ net: host
+ privileged: true
+ user: root
+ restart: always
+ volumes:
+ list_concat:
+ - {get_attr: [ContainersCommon, volumes]}
+ -
+ - /var/lib/kolla/config_files/nova-migration-target.json:/var/lib/kolla/config_files/config.json:ro
+ - /var/lib/config-data/puppet-generated/nova_libvirt/:/var/lib/kolla/config_files/src:ro
+ - /etc/ssh/:/host-ssh/:ro
+ - /run:/run
+ - /var/lib/nova:/var/lib/nova
+ environment:
+ - KOLLA_CONFIG_STRATEGY=COPY_ALWAYS
OpenStack containerized Nova Placement API service
parameters:
- DockerNamespace:
- description: namespace
- default: 'tripleoupstream'
- type: string
DockerNovaPlacementImage:
description: image
- default: 'centos-binary-nova-placement-api:latest'
type: string
DockerNovaPlacementConfigImage:
description: The container image to use for the nova_placement config_volume
- default: 'centos-binary-nova-placement-api:latest'
type: string
EndpointMap:
default: {}
description: Mapping of service endpoint -> protocol. Typically set
via parameter_defaults in the resource registry.
type: json
+ ServiceData:
+ default: {}
+ description: Dictionary packing service data
+ type: json
ServiceNetMap:
default: {}
description: Mapping of service_name -> network name. Typically set
type: ../../puppet/services/nova-placement.yaml
properties:
EndpointMap: {get_param: EndpointMap}
+ ServiceData: {get_param: ServiceData}
ServiceNetMap: {get_param: ServiceNetMap}
DefaultPasswords: {get_param: DefaultPasswords}
RoleName: {get_param: RoleName}
config_volume: nova_placement
puppet_tags: nova_config
step_config: *step_config
- config_image:
- list_join:
- - '/'
- - [ {get_param: DockerNamespace}, {get_param: DockerNovaPlacementConfigImage} ]
+ config_image: {get_param: DockerNovaPlacementConfigImage}
kolla_config:
/var/lib/kolla/config_files/nova_placement.json:
command: /usr/sbin/httpd -DFOREGROUND
step_3:
nova_placement:
start_order: 1
- image:
- list_join:
- - '/'
- - [ {get_param: DockerNamespace}, {get_param: DockerNovaPlacementImage} ]
+ image: {get_param: DockerNovaPlacementImage}
net: host
user: root
restart: always
OpenStack containerized Nova Scheduler service
parameters:
- DockerNamespace:
- description: namespace
- default: 'tripleoupstream'
- type: string
DockerNovaSchedulerImage:
description: image
- default: 'centos-binary-nova-scheduler:latest'
type: string
DockerNovaConfigImage:
description: The container image to use for the nova config_volume
- default: 'centos-binary-nova-base:latest'
type: string
EndpointMap:
default: {}
description: Mapping of service endpoint -> protocol. Typically set
via parameter_defaults in the resource registry.
type: json
+ ServiceData:
+ default: {}
+ description: Dictionary packing service data
+ type: json
ServiceNetMap:
default: {}
description: Mapping of service_name -> network name. Typically set
type: ../../puppet/services/nova-scheduler.yaml
properties:
EndpointMap: {get_param: EndpointMap}
+ ServiceData: {get_param: ServiceData}
ServiceNetMap: {get_param: ServiceNetMap}
DefaultPasswords: {get_param: DefaultPasswords}
RoleName: {get_param: RoleName}
config_volume: nova
puppet_tags: nova_config
step_config: *step_config
- config_image:
- list_join:
- - '/'
- - [ {get_param: DockerNamespace}, {get_param: DockerNovaConfigImage} ]
+ config_image: {get_param: DockerNovaConfigImage}
kolla_config:
/var/lib/kolla/config_files/nova_scheduler.json:
command: /usr/bin/nova-scheduler
docker_config:
step_4:
nova_scheduler:
- image:
- list_join:
- - '/'
- - [ {get_param: DockerNamespace}, {get_param: DockerNovaSchedulerImage} ]
+ image: {get_param: DockerNovaSchedulerImage}
net: host
privileged: false
restart: always
OpenStack containerized Nova Vncproxy service
parameters:
- DockerNamespace:
- description: namespace
- default: 'tripleoupstream'
- type: string
DockerNovaVncProxyImage:
description: image
- default: 'centos-binary-nova-novncproxy:latest'
type: string
DockerNovaConfigImage:
description: The container image to use for the nova config_volume
- default: 'centos-binary-nova-base:latest'
type: string
EndpointMap:
default: {}
description: Mapping of service endpoint -> protocol. Typically set
via parameter_defaults in the resource registry.
type: json
+ ServiceData:
+ default: {}
+ description: Dictionary packing service data
+ type: json
ServiceNetMap:
default: {}
description: Mapping of service_name -> network name. Typically set
type: ../../puppet/services/nova-vnc-proxy.yaml
properties:
EndpointMap: {get_param: EndpointMap}
+ ServiceData: {get_param: ServiceData}
ServiceNetMap: {get_param: ServiceNetMap}
DefaultPasswords: {get_param: DefaultPasswords}
RoleName: {get_param: RoleName}
config_volume: nova
puppet_tags: nova_config
step_config: *step_config
- config_image:
- list_join:
- - '/'
- - [ {get_param: DockerNamespace}, {get_param: DockerNovaConfigImage} ]
+ config_image: {get_param: DockerNovaConfigImage}
kolla_config:
/var/lib/kolla/config_files/nova_vnc_proxy.json:
command: /usr/bin/nova-novncproxy --web /usr/share/novnc/
docker_config:
step_4:
nova_vnc_proxy:
- image:
- list_join:
- - '/'
- - [ {get_param: DockerNamespace}, {get_param: DockerNovaVncProxyImage} ]
+ image: {get_param: DockerNovaVncProxyImage}
net: host
privileged: false
restart: always
OpenStack Octavia service configured with Puppet
parameters:
- DockerNamespace:
- description: namespace
- default: 'tripleoupstream'
- type: string
DockerOctaviaApiImage:
description: image
- default: 'centos-binary-octavia-api:latest'
type: string
DockerOctaviaConfigImage:
description: The container image to use for the octavia config_volume
- default: 'centos-binary-octavia-api:latest'
type: string
EndpointMap:
default: {}
description: Mapping of service endpoint -> protocol. Typically set
via parameter_defaults in the resource registry.
type: json
+ ServiceData:
+ default: {}
+ description: Dictionary packing service data
+ type: json
ServiceNetMap:
default: {}
description: Mapping of service_name -> network name. Typically set
type: ../../puppet/services/octavia-api.yaml
properties:
EndpointMap: {get_param: EndpointMap}
+ ServiceData: {get_param: ServiceData}
ServiceNetMap: {get_param: ServiceNetMap}
DefaultPasswords: {get_param: DefaultPasswords}
RoleName: {get_param: RoleName}
config_volume: octavia
puppet_tags: octavia_config
step_config: *step_config
- config_image:
- list_join:
- - '/'
- - [ {get_param: DockerNamespace}, {get_param: DockerOctaviaConfigImage} ]
+ config_image: {get_param: DockerOctaviaConfigImage}
kolla_config:
/var/lib/kolla/config_files/octavia_api.json:
command: /usr/bin/octavia-api --config-file /usr/share/octavia/octavia-dist.conf --config-file /etc/octavia/octavia.conf --log-file /var/log/octavia/api.log --config-dir /etc/octavia/conf.d/common --config-dir /etc/octavia/conf.d/octavia-api
step_2:
octavia_api_init_dirs:
start_order: 0
- image: &octavia_api_image
- list_join:
- - '/'
- - [ {get_param: DockerNamespace}, {get_param: DockerOctaviaApiImage} ]
+ image: &octavia_api_image {get_param: DockerOctaviaApiImage}
user: root
volumes:
# NOTE(mandre) we need extra dir for the service in /etc/octavia/conf.d
OpenStack Octavia health-manager service configured with Puppet
parameters:
- DockerNamespace:
- description: namespace
- default: 'tripleoupstream'
- type: string
DockerOctaviaHealthManagerImage:
description: image
- default: 'centos-binary-octavia-health-manager:latest'
type: string
DockerOctaviaConfigImage:
description: The container image to use for the octavia config_volume
- default: 'centos-binary-octavia-api:latest'
type: string
EndpointMap:
default: {}
description: Mapping of service endpoint -> protocol. Typically set
via parameter_defaults in the resource registry.
type: json
+ ServiceData:
+ default: {}
+ description: Dictionary packing service data
+ type: json
ServiceNetMap:
default: {}
description: Mapping of service_name -> network name. Typically set
type: ../../puppet/services/octavia-health-manager.yaml
properties:
EndpointMap: {get_param: EndpointMap}
+ ServiceData: {get_param: ServiceData}
ServiceNetMap: {get_param: ServiceNetMap}
DefaultPasswords: {get_param: DefaultPasswords}
RoleName: {get_param: RoleName}
config_volume: octavia
puppet_tags: octavia_config
step_config: *step_config
- config_image:
- list_join:
- - '/'
- - [ {get_param: DockerNamespace}, {get_param: DockerOctaviaConfigImage} ]
+ config_image: {get_param: DockerOctaviaConfigImage}
kolla_config:
/var/lib/kolla/config_files/octavia_health_manager.json:
command: /usr/bin/octavia-health-manager --config-file /usr/share/octavia/octavia-dist.conf --config-file /etc/octavia/octavia.conf --log-file /var/log/octavia/health-manager.log --config-dir /etc/octavia/conf.d/common --config-dir /etc/octavia/conf.d/octavia-health-manager
step_2:
octavia_health_manager_init_dirs:
start_order: 0
- image: &octavia_health_manager_image
- list_join:
- - '/'
- - [ {get_param: DockerNamespace}, {get_param: DockerOctaviaHealthManagerImage} ]
+ image: &octavia_health_manager_image {get_param: DockerOctaviaHealthManagerImage}
user: root
volumes:
# NOTE(mandre) we need extra dir for the service in /etc/octavia/conf.d
OpenStack Octavia service configured with Puppet
parameters:
- DockerNamespace:
- description: namespace
- default: 'tripleoupstream'
- type: string
DockerOctaviaHousekeepingImage:
description: image
- default: 'centos-binary-octavia-housekeeping:latest'
type: string
DockerOctaviaConfigImage:
description: The container image to use for the octavia config_volume
- default: 'centos-binary-octavia-api:latest'
type: string
EndpointMap:
default: {}
description: Mapping of service endpoint -> protocol. Typically set
via parameter_defaults in the resource registry.
type: json
+ ServiceData:
+ default: {}
+ description: Dictionary packing service data
+ type: json
ServiceNetMap:
default: {}
description: Mapping of service_name -> network name. Typically set
type: ../../puppet/services/octavia-housekeeping.yaml
properties:
EndpointMap: {get_param: EndpointMap}
+ ServiceData: {get_param: ServiceData}
ServiceNetMap: {get_param: ServiceNetMap}
DefaultPasswords: {get_param: DefaultPasswords}
RoleName: {get_param: RoleName}
config_volume: octavia
puppet_tags: octavia_config
step_config: *step_config
- config_image:
- list_join:
- - '/'
- - [ {get_param: DockerNamespace}, {get_param: DockerOctaviaConfigImage} ]
+ config_image: {get_param: DockerOctaviaConfigImage}
kolla_config:
/var/lib/kolla/config_files/octavia_housekeeping.json:
command: /usr/bin/octavia-housekeeping --config-file /usr/share/octavia/octavia-dist.conf --config-file /etc/octavia/octavia.conf --log-file /var/log/octavia/housekeeping.log --config-dir /etc/octavia/conf.d/common --config-dir /etc/octavia/conf.d/octavia-housekeeping
step_2:
octavia_housekeeping_init_dirs:
start_order: 0
- image: &octavia_housekeeping_image
- list_join:
- - '/'
- - [ {get_param: DockerNamespace}, {get_param: DockerOctaviaHousekeepingImage} ]
+ image: &octavia_housekeeping_image {get_param: DockerOctaviaHousekeepingImage}
user: root
volumes:
# NOTE(mandre) we need extra dir for the service in /etc/octavia/conf.d
OpenStack Octavia worker service configured with Puppet
parameters:
- DockerNamespace:
- description: namespace
- default: 'tripleoupstream'
- type: string
DockerOctaviaWorkerImage:
description: image
- default: 'centos-binary-octavia-worker:latest'
type: string
DockerOctaviaConfigImage:
description: The container image to use for the octavia config_volume
- default: 'centos-binary-octavia-api:latest'
type: string
EndpointMap:
default: {}
description: Mapping of service endpoint -> protocol. Typically set
via parameter_defaults in the resource registry.
type: json
+ ServiceData:
+ default: {}
+ description: Dictionary packing service data
+ type: json
ServiceNetMap:
default: {}
description: Mapping of service_name -> network name. Typically set
type: ../../puppet/services/octavia-worker.yaml
properties:
EndpointMap: {get_param: EndpointMap}
+ ServiceData: {get_param: ServiceData}
ServiceNetMap: {get_param: ServiceNetMap}
DefaultPasswords: {get_param: DefaultPasswords}
RoleName: {get_param: RoleName}
config_volume: octavia
puppet_tags: octavia_config
step_config: *step_config
- config_image:
- list_join:
- - '/'
- - [ {get_param: DockerNamespace}, {get_param: DockerOctaviaConfigImage} ]
+ config_image: {get_param: DockerOctaviaConfigImage}
kolla_config:
/var/lib/kolla/config_files/octavia_worker.json:
command: /usr/bin/octavia-worker --config-file /usr/share/octavia/octavia-dist.conf --config-file /etc/octavia/octavia.conf --log-file /var/log/octavia/worker.log --config-dir /etc/octavia/conf.d/common --config-dir /etc/octavia/conf.d/octavia-worker
step_2:
octavia_worker_init_dirs:
start_order: 0
- image: &octavia_worker_image
- list_join:
- - '/'
- - [ {get_param: DockerNamespace}, {get_param: DockerOctaviaWorkerImage} ]
+ image: &octavia_worker_image {get_param: DockerOctaviaWorkerImage}
user: root
volumes:
# NOTE(mandre) we need extra dir for the service in /etc/octavia/conf.d
OpenStack containerized OpenDaylight API service
parameters:
- DockerNamespace:
- description: namespace
- default: 'tripleoupstream'
- type: string
DockerOpendaylightApiImage:
description: image
- default: 'centos-binary-opendaylight:latest'
type: string
DockerOpendaylightConfigImage:
description: image
- default: 'centos-binary-opendaylight:latest'
type: string
EndpointMap:
default: {}
description: Mapping of service endpoint -> protocol. Typically set
via parameter_defaults in the resource registry.
type: json
+ ServiceData:
+ default: {}
+ description: Dictionary packing service data
+ type: json
ServiceNetMap:
default: {}
description: Mapping of service_name -> network name. Typically set
type: ../../puppet/services/opendaylight-api.yaml
properties:
EndpointMap: {get_param: EndpointMap}
+ ServiceData: {get_param: ServiceData}
ServiceNetMap: {get_param: ServiceNetMap}
DefaultPasswords: {get_param: DefaultPasswords}
RoleName: {get_param: RoleName}
map_merge:
- get_attr: [OpenDaylightBase, role_data, config_settings]
step_config: &step_config
- list_join:
- - "\n"
- - - get_attr: [OpenDaylightBase, role_data, step_config]
- - "include tripleo::profile::base::neutron::opendaylight::create_cluster"
+ get_attr: [OpenDaylightBase, role_data, step_config]
# BEGIN DOCKER SETTINGS
puppet_config:
config_volume: opendaylight
# 'file,concat,file_line,augeas' are included by default
- puppet_tags: odl_user,tripleo::profile::base::neutron::opendaylight::configure_cluster
+ puppet_tags: odl_user
step_config: *step_config
- config_image:
- list_join:
- - '/'
- - [ {get_param: DockerNamespace}, {get_param: DockerOpendaylightConfigImage} ]
+ config_image: {get_param: DockerOpendaylightConfigImage}
kolla_config:
/var/lib/kolla/config_files/opendaylight_api.json:
command: /opt/opendaylight/bin/karaf
step_1:
opendaylight_api:
start_order: 0
- image: &odl_api_image
- list_join:
- - '/'
- - [ {get_param: DockerNamespace}, {get_param: DockerOpendaylightApiImage} ]
+ image: &odl_api_image {get_param: DockerOpendaylightApiImage}
privileged: false
net: host
detach: true
OpenStack containerized Cinder Backup service
parameters:
- DockerNamespace:
- description: namespace
- default: 'tripleoupstream'
- type: string
DockerCinderBackupImage:
description: image
- default: 'centos-binary-cinder-backup:latest'
type: string
DockerCinderConfigImage:
description: The container image to use for the cinder config_volume
- default: 'centos-binary-cinder-api:latest'
type: string
CinderBackupBackend:
default: swift
description: Mapping of service endpoint -> protocol. Typically set
via parameter_defaults in the resource registry.
type: json
+ ServiceData:
+ default: {}
+ description: Dictionary packing service data
+ type: json
ServiceNetMap:
default: {}
description: Mapping of service_name -> network name. Typically set
type: ../../../puppet/services/cinder-backup.yaml
properties:
EndpointMap: {get_param: EndpointMap}
+ ServiceData: {get_param: ServiceData}
ServiceNetMap: {get_param: ServiceNetMap}
DefaultPasswords: {get_param: DefaultPasswords}
RoleName: {get_param: RoleName}
config_settings:
map_merge:
- get_attr: [CinderBackupBase, role_data, config_settings]
- - tripleo::profile::pacemaker::cinder::backup_bundle::cinder_backup_docker_image: &cinder_backup_image
- list_join:
- - '/'
- - [ {get_param: DockerNamespace}, {get_param: DockerCinderBackupImage} ]
+ - tripleo::profile::pacemaker::cinder::backup_bundle::cinder_backup_docker_image: &cinder_backup_image {get_param: DockerCinderBackupImage}
cinder::backup::manage_service: false
cinder::backup::enabled: false
step_config: ""
config_volume: cinder
puppet_tags: cinder_config,file,concat,file_line
step_config: {get_attr: [CinderBackupBase, role_data, step_config]}
- config_image:
- list_join:
- - '/'
- - [ {get_param: DockerNamespace}, {get_param: DockerCinderConfigImage} ]
+ config_image: {get_param: DockerCinderConfigImage}
kolla_config:
/var/lib/kolla/config_files/cinder_backup.json:
command: /usr/bin/cinder-backup --config-file /usr/share/cinder/cinder-dist.conf --config-file /etc/cinder/cinder.conf
- /var/lib/cinder
- /var/log/containers/cinder
upgrade_tasks:
- - name: Stop and disable cinder_backup service
+ - name: get bootstrap nodeid
+ tags: common
+ command: hiera -c /etc/puppet/hiera.yaml bootstrap_nodeid
+ register: bootstrap_node
+ - name: set is_bootstrap_node fact
+ tags: common
+ set_fact: is_bootstrap_node={{bootstrap_node.stdout|lower == ansible_hostname|lower}}
+ - name: Disable the openstack-cinder-backup cluster resource
+ tags: step2
+ pacemaker_resource:
+ resource: openstack-cinder-backup
+ state: disable
+ wait_for_resource: true
+ when: is_bootstrap_node
+ - name: Delete the stopped openstack-cinder-backup cluster resource.
+ tags: step2
+ pacemaker_resource:
+ resource: openstack-cinder-backup
+ state: delete
+ wait_for_resource: true
+ when: is_bootstrap_node
+ - name: Disable cinder_backup service
tags: step2
- service: name=openstack-cinder-backup state=stopped enabled=no
+ service: name=openstack-cinder-backup enabled=no
OpenStack containerized Cinder Volume service
parameters:
- DockerNamespace:
- description: namespace
- default: 'tripleoupstream'
- type: string
DockerCinderVolumeImage:
description: image
- default: 'centos-binary-cinder-volume:latest'
type: string
DockerCinderConfigImage:
description: The container image to use for the cinder config_volume
- default: 'centos-binary-cinder-api:latest'
type: string
EndpointMap:
default: {}
description: Mapping of service endpoint -> protocol. Typically set
via parameter_defaults in the resource registry.
type: json
+ ServiceData:
+ default: {}
+ description: Dictionary packing service data
+ type: json
ServiceNetMap:
default: {}
description: Mapping of service_name -> network name. Typically set
type: ../../../puppet/services/cinder-volume.yaml
properties:
EndpointMap: {get_param: EndpointMap}
+ ServiceData: {get_param: ServiceData}
ServiceNetMap: {get_param: ServiceNetMap}
DefaultPasswords: {get_param: DefaultPasswords}
RoleName: {get_param: RoleName}
config_settings:
map_merge:
- get_attr: [CinderBase, role_data, config_settings]
- - tripleo::profile::pacemaker::cinder::volume_bundle::cinder_volume_docker_image: &cinder_volume_image
- list_join:
- - '/'
- - [ {get_param: DockerNamespace}, {get_param: DockerCinderVolumeImage} ]
+ - tripleo::profile::pacemaker::cinder::volume_bundle::cinder_volume_docker_image: &cinder_volume_image {get_param: DockerCinderVolumeImage}
cinder::volume::manage_service: false
cinder::volume::enabled: false
cinder::host: hostgroup
config_volume: cinder
puppet_tags: cinder_config,file,concat,file_line
step_config: {get_attr: [CinderBase, role_data, step_config]}
- config_image:
- list_join:
- - '/'
- - [ {get_param: DockerNamespace}, {get_param: DockerCinderConfigImage} ]
+ config_image: {get_param: DockerCinderConfigImage}
kolla_config:
/var/lib/kolla/config_files/cinder_volume.json:
command: /usr/bin/cinder-volume --config-file /usr/share/cinder/cinder-dist.conf --config-file /etc/cinder/cinder.conf
executable: /bin/bash
creates: /dev/loop2
upgrade_tasks:
- - name: Stop and disable cinder_volume service
+ - name: get bootstrap nodeid
+ tags: common
+ command: hiera -c /etc/puppet/hiera.yaml bootstrap_nodeid
+ register: bootstrap_node
+ - name: set is_bootstrap_node fact
+ tags: common
+ set_fact: is_bootstrap_node={{bootstrap_node.stdout|lower == ansible_hostname|lower}}
+ - name: Disable the openstack-cinder-volume cluster resource
+ tags: step2
+ pacemaker_resource:
+ resource: openstack-cinder-volume
+ state: disable
+ wait_for_resource: true
+ when: is_bootstrap_node
+ - name: Delete the stopped openstack-cinder-volume cluster resource.
tags: step2
- service: name=openstack-cinder-volume state=stopped enabled=no
+ pacemaker_resource:
+ resource: openstack-cinder-volume
+ state: delete
+ wait_for_resource: true
+ when: is_bootstrap_node
+ - name: Disable cinder_volume service from boot
+ tags: step2
+ service: name=openstack-cinder-volume enabled=no
+
+
+
the local galera node is synced
parameters:
- DockerNamespace:
- description: namespace
- default: 'tripleoupstream'
- type: string
DockerClustercheckImage:
description: image
- default: 'centos-binary-mariadb:latest'
type: string
DockerClustercheckConfigImage:
description: The container image to use for the clustercheck config_volume
- default: 'centos-binary-mariadb:latest'
type: string
EndpointMap:
default: {}
description: Mapping of service endpoint -> protocol. Typically set
via parameter_defaults in the resource registry.
type: json
+ ServiceData:
+ default: {}
+ description: Dictionary packing service data
+ type: json
ServiceNetMap:
default: {}
description: Mapping of service_name -> network name. Typically set
type: ../../../puppet/services/pacemaker/database/mysql.yaml
properties:
EndpointMap: {get_param: EndpointMap}
+ ServiceData: {get_param: ServiceData}
ServiceNetMap: {get_param: ServiceNetMap}
DefaultPasswords: {get_param: DefaultPasswords}
RoleName: {get_param: RoleName}
config_volume: clustercheck
puppet_tags: file # set this even though file is the default
step_config: "include ::tripleo::profile::pacemaker::clustercheck"
- config_image:
- list_join:
- - '/'
- - [ {get_param: DockerNamespace}, {get_param: DockerClustercheckConfigImage} ]
+ config_image: {get_param: DockerClustercheckConfigImage}
kolla_config:
/var/lib/kolla/config_files/clustercheck.json:
command: /usr/sbin/xinetd -dontfork
step_2:
clustercheck:
start_order: 1
- image:
- list_join:
- - '/'
- - [ {get_param: DockerNamespace}, {get_param: DockerClustercheckImage} ]
+ image: {get_param: DockerClustercheckImage}
restart: always
net: host
volumes:
MySQL service deployment with pacemaker bundle
parameters:
- DockerNamespace:
- description: namespace
- default: 'tripleoupstream'
- type: string
DockerMysqlImage:
description: image
- default: 'centos-binary-mariadb:latest'
type: string
DockerMysqlConfigImage:
description: The container image to use for the mysql config_volume
- default: 'centos-binary-mariadb:latest'
type: string
EndpointMap:
default: {}
description: Mapping of service endpoint -> protocol. Typically set
via parameter_defaults in the resource registry.
type: json
+ ServiceData:
+ default: {}
+ description: Dictionary packing service data
+ type: json
ServiceNetMap:
default: {}
description: Mapping of service_name -> network name. Typically set
type: ../../../../puppet/services/pacemaker/database/mysql.yaml
properties:
EndpointMap: {get_param: EndpointMap}
+ ServiceData: {get_param: ServiceData}
ServiceNetMap: {get_param: ServiceNetMap}
DefaultPasswords: {get_param: DefaultPasswords}
RoleName: {get_param: RoleName}
config_settings:
map_merge:
- {get_attr: [MysqlPuppetBase, role_data, config_settings]}
- - tripleo::profile::pacemaker::database::mysql_bundle::mysql_docker_image: &mysql_image
- list_join:
- - '/'
- - - {get_param: DockerNamespace}
- - {get_param: DockerMysqlImage}
+ - tripleo::profile::pacemaker::database::mysql_bundle::mysql_docker_image: &mysql_image {get_param: DockerMysqlImage}
+ tripleo::profile::pacemaker::database::mysql_bundle::control_port: 3123
+ tripleo.mysql.firewall_rules:
+ '104 mysql galera-bundle':
+ dport:
+ - 873
+ - 3123
+ - 3306
+ - 4444
+ - 4567
+ - 4568
+ - 9200
step_config: ""
# BEGIN DOCKER SETTINGS #
puppet_config:
- - "['Mysql_datadir', 'Mysql_user', 'Mysql_database', 'Mysql_grant', 'Mysql_plugin'].each |String $val| { noop_resource($val) }"
- "exec {'wait-for-settle': command => '/bin/true' }"
- "include ::tripleo::profile::pacemaker::database::mysql_bundle"
- config_image:
- list_join:
- - '/'
- - [ {get_param: DockerNamespace}, {get_param: DockerMysqlConfigImage} ]
+ config_image: {get_param: DockerMysqlConfigImage}
kolla_config:
/var/lib/kolla/config_files/mysql.json:
command: /usr/sbin/pacemaker_remoted
path: /var/lib/mysql
state: directory
upgrade_tasks:
- - name: Stop and disable mysql service
+ - name: get bootstrap nodeid
+ tags: common
+ command: hiera -c /etc/puppet/hiera.yaml bootstrap_nodeid
+ register: bootstrap_node
+ - name: set is_bootstrap_node fact
+ tags: common
+ set_fact: is_bootstrap_node={{bootstrap_node.stdout|lower == ansible_hostname|lower}}
+ - name: Disable the galera cluster resource
+ tags: step2
+ pacemaker_resource:
+ resource: galera
+ state: disable
+ wait_for_resource: true
+ when: is_bootstrap_node
+ - name: Delete the stopped galera cluster resource.
+ tags: step2
+ pacemaker_resource:
+ resource: galera
+ state: delete
+ wait_for_resource: true
+ when: is_bootstrap_node
+ - name: Disable mysql service
tags: step2
- service: name=mariadb state=stopped enabled=no
+ service: name=mariadb enabled=no
OpenStack containerized Redis services
parameters:
- DockerNamespace:
- description: namespace
- default: 'tripleoupstream'
- type: string
DockerRedisImage:
description: image
- default: 'centos-binary-redis:latest'
type: string
DockerRedisConfigImage:
description: The container image to use for the redis config_volume
- default: 'centos-binary-redis:latest'
type: string
EndpointMap:
default: {}
description: Mapping of service endpoint -> protocol. Typically set
via parameter_defaults in the resource registry.
type: json
+ ServiceData:
+ default: {}
+ description: Dictionary packing service data
+ type: json
ServiceNetMap:
default: {}
description: Mapping of service_name -> network name. Typically set
type: ../../../../puppet/services/database/redis.yaml
properties:
EndpointMap: {get_param: EndpointMap}
+ ServiceData: {get_param: ServiceData}
ServiceNetMap: {get_param: ServiceNetMap}
DefaultPasswords: {get_param: DefaultPasswords}
RoleName: {get_param: RoleName}
- redis::service_manage: false
redis::notify_service: false
redis::managed_by_cluster_manager: true
- tripleo::profile::pacemaker::database::redis_bundle::redis_docker_image: &redis_image
- list_join:
- - '/'
- - - {get_param: DockerNamespace}
- - {get_param: DockerRedisImage}
-
+ tripleo::profile::pacemaker::database::redis_bundle::redis_docker_image: &redis_image {get_param: DockerRedisImage}
+ tripleo::profile::pacemaker::database::redis_bundle::control_port: 3124
+ tripleo.redis.firewall_rules:
+ '108 redis-bundle':
+ dport:
+ - 3124
+ - 6379
+ - 26379
step_config: ""
service_config_settings: {get_attr: [RedisBase, role_data, service_config_settings]}
# BEGIN DOCKER SETTINGS
puppet_tags: 'exec'
step_config:
get_attr: [RedisBase, role_data, step_config]
- config_image: &redis_config_image
- list_join:
- - '/'
- - [ {get_param: DockerNamespace}, {get_param: DockerRedisConfigImage} ]
+ config_image: &redis_config_image {get_param: DockerRedisConfigImage}
kolla_config:
/var/lib/kolla/config_files/redis.json:
command: /usr/sbin/pacemaker_remoted
path: /var/lib/redis
state: directory
upgrade_tasks:
- - name: Stop and disable redis service
+ - name: get bootstrap nodeid
+ tags: common
+ command: hiera -c /etc/puppet/hiera.yaml bootstrap_nodeid
+ register: bootstrap_node
+ - name: set is_bootstrap_node fact
+ tags: common
+ set_fact: is_bootstrap_node={{bootstrap_node.stdout|lower == ansible_hostname|lower}}
+ - name: Disable the redis cluster resource
+ tags: step2
+ pacemaker_resource:
+ resource: {get_attr: [RedisBase, role_data, service_name]}
+ state: disable
+ wait_for_resource: true
+ when: is_bootstrap_node
+ - name: Delete the stopped redis cluster resource.
+ tags: step2
+ pacemaker_resource:
+ resource: {get_attr: [RedisBase, role_data, service_name]}
+ state: delete
+ wait_for_resource: true
+ when: is_bootstrap_node
+ - name: Disable redis service
tags: step2
- service: name=redis state=stopped enabled=no
+ service: name=redis enabled=no
OpenStack containerized HAproxy service for pacemaker
parameters:
- DockerNamespace:
- description: namespace
- default: 'tripleoupstream'
- type: string
DockerHAProxyImage:
description: image
- default: 'centos-binary-haproxy:latest'
type: string
DockerHAProxyConfigImage:
description: The container image to use for the haproxy config_volume
- default: 'centos-binary-haproxy:latest'
type: string
+ ServiceData:
+ default: {}
+ description: Dictionary packing service data
+ type: json
ServiceNetMap:
default: {}
description: Mapping of service_name -> network name. Typically set
description: Mapping of service endpoint -> protocol. Typically set
via parameter_defaults in the resource registry.
type: json
+ DeployedSSLCertificatePath:
+ default: '/etc/pki/tls/private/overcloud_endpoint.pem'
+ description: >
+ The filepath of the certificate as it will be stored in the controller.
+ type: string
RoleName:
default: ''
description: Role name on which the service is applied
type: ../../../puppet/services/pacemaker/haproxy.yaml
properties:
EndpointMap: {get_param: EndpointMap}
+ ServiceData: {get_param: ServiceData}
ServiceNetMap: {get_param: ServiceNetMap}
DefaultPasswords: {get_param: DefaultPasswords}
RoleName: {get_param: RoleName}
- get_attr: [HAProxyBase, role_data, config_settings]
- tripleo::haproxy::haproxy_daemon: false
haproxy_docker: true
- tripleo::profile::pacemaker::haproxy_bundle::haproxy_docker_image: &haproxy_image
- list_join:
- - '/'
- - [ {get_param: DockerNamespace}, {get_param: DockerHAProxyImage} ]
+ tripleo::profile::pacemaker::haproxy_bundle::haproxy_docker_image: &haproxy_image {get_param: DockerHAProxyImage}
step_config: ""
service_config_settings: {get_attr: [HAProxyBase, role_data, service_config_settings]}
# BEGIN DOCKER SETTINGS
- "class tripleo::firewall(){}; define tripleo::firewall::rule( $port = undef, $dport = undef, $sport = undef, $proto = undef, $action = undef, $state = undef, $source = undef, $iniface = undef, $chain = undef, $destination = undef, $extras = undef){}"
- "['pcmk_bundle', 'pcmk_resource', 'pcmk_property', 'pcmk_constraint', 'pcmk_resource_default'].each |String $val| { noop_resource($val) }"
- 'include ::tripleo::profile::pacemaker::haproxy_bundle'
- config_image:
- list_join:
- - '/'
- - [ {get_param: DockerNamespace}, {get_param: DockerHAProxyConfigImage} ]
+ config_image: {get_param: DockerHAProxyConfigImage}
+ volumes: &deployed_cert_mount
+ - list_join:
+ - ':'
+ - - {get_param: DeployedSSLCertificatePath}
+ - {get_param: DeployedSSLCertificatePath}
+ - 'ro'
kolla_config:
/var/lib/kolla/config_files/haproxy.json:
command: haproxy -f /etc/haproxy/haproxy.cfg
- 'include ::tripleo::profile::pacemaker::haproxy_bundle'
image: *haproxy_image
volumes:
- # puppet saves iptables rules in /etc/sysconfig
- - /etc/sysconfig:/etc/sysconfig:rw
- # saving rules require accessing /usr/libexec/iptables/iptables.init, just bind-mount
- # the necessary bit and prevent systemd to try to reload the service in the container
- - /usr/libexec/iptables:/usr/libexec/iptables:ro
- - /usr/libexec/initscripts/legacy-actions:/usr/libexec/initscripts/legacy-actions:ro
- - /etc/hosts:/etc/hosts:ro
- - /etc/localtime:/etc/localtime:ro
- - /etc/puppet:/tmp/puppet-etc:ro
- - /usr/share/openstack-puppet/modules:/usr/share/openstack-puppet/modules:ro
- - /etc/corosync/corosync.conf:/etc/corosync/corosync.conf:ro
- - /dev/shm:/dev/shm:rw
+ list_concat:
+ - *deployed_cert_mount
+ -
+ # puppet saves iptables rules in /etc/sysconfig
+ - /etc/sysconfig:/etc/sysconfig:rw
+ # saving rules require accessing /usr/libexec/iptables/iptables.init, just bind-mount
+ # the necessary bit and prevent systemd to try to reload the service in the container
+ - /usr/libexec/iptables:/usr/libexec/iptables:ro
+ - /usr/libexec/initscripts/legacy-actions:/usr/libexec/initscripts/legacy-actions:ro
+ - /etc/hosts:/etc/hosts:ro
+ - /etc/localtime:/etc/localtime:ro
+ - /etc/puppet:/tmp/puppet-etc:ro
+ - /usr/share/openstack-puppet/modules:/usr/share/openstack-puppet/modules:ro
+ - /etc/corosync/corosync.conf:/etc/corosync/corosync.conf:ro
+ - /dev/shm:/dev/shm:rw
metadata_settings:
get_attr: [HAProxyBase, role_data, metadata_settings]
+ upgrade_tasks:
+ - name: get bootstrap nodeid
+ tags: common
+ command: hiera -c /etc/puppet/hiera.yaml bootstrap_nodeid
+ register: bootstrap_node
+ - name: set is_bootstrap_node fact
+ tags: common
+ set_fact: is_bootstrap_node={{bootstrap_node.stdout|lower == ansible_hostname|lower}}
+ - name: Disable the haproxy cluster resource.
+ tags: step2
+ pacemaker_resource:
+ resource: {get_attr: [HAProxyBase, role_data, service_name]}
+ state: disable
+ wait_for_resource: true
+ when: is_bootstrap_node
+ - name: Delete the stopped haproxy cluster resource.
+ tags: step2
+ pacemaker_resource:
+ resource: {get_attr: [HAProxyBase, role_data, service_name]}
+ state: delete
+ wait_for_resource: true
+ when: is_bootstrap_node
OpenStack containerized Rabbitmq service
parameters:
- DockerNamespace:
- description: namespace
- default: 'tripleoupstream'
- type: string
DockerRabbitmqImage:
description: image
- default: 'centos-binary-rabbitmq:latest'
type: string
DockerRabbitmqConfigImage:
description: The container image to use for the rabbitmq config_volume
- default: 'centos-binary-rabbitmq:latest'
type: string
EndpointMap:
default: {}
description: Mapping of service endpoint -> protocol. Typically set
via parameter_defaults in the resource registry.
type: json
+ ServiceData:
+ default: {}
+ description: Dictionary packing service data
+ type: json
ServiceNetMap:
default: {}
description: Mapping of service_name -> network name. Typically set
type: ../../../puppet/services/rabbitmq.yaml
properties:
EndpointMap: {get_param: EndpointMap}
+ ServiceData: {get_param: ServiceData}
ServiceNetMap: {get_param: ServiceNetMap}
DefaultPasswords: {get_param: DefaultPasswords}
RoleName: {get_param: RoleName}
map_merge:
- {get_attr: [RabbitmqBase, role_data, config_settings]}
- rabbitmq::service_manage: false
- tripleo::profile::pacemaker::rabbitmq_bundle::rabbitmq_docker_image: &rabbitmq_image
- list_join:
- - '/'
- - - {get_param: DockerNamespace}
- - {get_param: DockerRabbitmqImage}
+ tripleo::profile::pacemaker::rabbitmq_bundle::rabbitmq_docker_image: &rabbitmq_image {get_param: DockerRabbitmqImage}
+ tripleo::profile::pacemaker::rabbitmq_bundle::control_port: 3122
+ tripleo.rabbitmq.firewall_rules:
+ '109 rabbitmq-bundle':
+ dport:
+ - 3122
+ - 4369
+ - 5672
+ - 25672
step_config: &step_config
get_attr: [RabbitmqBase, role_data, step_config]
service_config_settings: {get_attr: [RabbitmqBase, role_data, service_config_settings]}
config_volume: rabbitmq
puppet_tags: file
step_config: *step_config
- config_image:
- list_join:
- - '/'
- - [ {get_param: DockerNamespace}, {get_param: DockerRabbitmqConfigImage} ]
+ config_image: {get_param: DockerRabbitmqConfigImage}
kolla_config:
/var/lib/kolla/config_files/rabbitmq.json:
command: /usr/sbin/pacemaker_remoted
echo 'export ERL_EPMD_PORT=4370' >> /etc/rabbitmq/rabbitmq-env.conf
for pid in $(pgrep epmd); do if [ "$(lsns -o NS -p $pid)" == "$(lsns -o NS -p 1)" ]; then kill $pid; break; fi; done
upgrade_tasks:
- - name: Stop and disable rabbitmq service
+ - name: get bootstrap nodeid
+ tags: common
+ command: hiera -c /etc/puppet/hiera.yaml bootstrap_nodeid
+ register: bootstrap_node
+ - name: set is_bootstrap_node fact
+ tags: common
+ set_fact: is_bootstrap_node={{bootstrap_node.stdout|lower == ansible_hostname|lower}}
+ - name: Disable the rabbitmq cluster resource.
+ tags: step2
+ pacemaker_resource:
+ resource: {get_attr: [RabbitmqBase, role_data, service_name]}
+ state: disable
+ wait_for_resource: true
+ when: is_bootstrap_node
+ - name: Delete the stopped rabbitmq cluster resource.
+ tags: step2
+ pacemaker_resource:
+ resource: {get_attr: [RabbitmqBase, role_data, service_name]}
+ state: delete
+ wait_for_resource: true
+ when: is_bootstrap_node
+ - name: Disable rabbitmq service
tags: step2
- service: name=rabbitmq-server state=stopped enabled=no
+ service: name=rabbitmq-server enabled=no
will be disabled in future releases.
parameters:
- DockerNamespace:
- description: namespace
- default: 'tripleoupstream'
- type: string
DockerPankoApiImage:
description: image
- default: 'centos-binary-panko-api:latest'
type: string
DockerPankoConfigImage:
description: The container image to use for the panko config_volume
- default: 'centos-binary-panko-api:latest'
type: string
EndpointMap:
default: {}
description: Mapping of service endpoint -> protocol. Typically set
via parameter_defaults in the resource registry.
type: json
+ ServiceData:
+ default: {}
+ description: Dictionary packing service data
+ type: json
ServiceNetMap:
default: {}
description: Mapping of service_name -> network name. Typically set
type: ../../puppet/services/panko-api.yaml
properties:
EndpointMap: {get_param: EndpointMap}
+ ServiceData: {get_param: ServiceData}
ServiceNetMap: {get_param: ServiceNetMap}
DefaultPasswords: {get_param: DefaultPasswords}
RoleName: {get_param: RoleName}
config_volume: panko
puppet_tags: panko_api_paste_ini,panko_config
step_config: *step_config
- config_image:
- list_join:
- - '/'
- - [ {get_param: DockerNamespace}, {get_param: DockerPankoConfigImage} ]
+ config_image: {get_param: DockerPankoConfigImage}
kolla_config:
/var/lib/kolla/config_files/panko_api.json:
command: /usr/sbin/httpd -DFOREGROUND
docker_config:
step_2:
panko_init_log:
- image: &panko_api_image
- list_join:
- - '/'
- - [ {get_param: DockerNamespace}, {get_param: DockerPankoApiImage} ]
+ image: &panko_api_image {get_param: DockerPankoApiImage}
user: root
volumes:
- /var/log/containers/panko:/var/log/panko
OpenStack containerized Rabbitmq service
parameters:
- DockerNamespace:
- description: namespace
- default: 'tripleoupstream'
- type: string
DockerRabbitmqImage:
description: image
- default: 'centos-binary-rabbitmq:latest'
type: string
DockerRabbitmqConfigImage:
description: The container image to use for the rabbitmq config_volume
- default: 'centos-binary-rabbitmq:latest'
type: string
EndpointMap:
default: {}
description: Mapping of service endpoint -> protocol. Typically set
via parameter_defaults in the resource registry.
type: json
+ ServiceData:
+ default: {}
+ description: Dictionary packing service data
+ type: json
ServiceNetMap:
default: {}
description: Mapping of service_name -> network name. Typically set
type: ../../puppet/services/rabbitmq.yaml
properties:
EndpointMap: {get_param: EndpointMap}
+ ServiceData: {get_param: ServiceData}
ServiceNetMap: {get_param: ServiceNetMap}
DefaultPasswords: {get_param: DefaultPasswords}
RoleName: {get_param: RoleName}
puppet_config:
config_volume: rabbitmq
step_config: *step_config
- config_image: &rabbitmq_config_image
- list_join:
- - '/'
- - [ {get_param: DockerNamespace}, {get_param: DockerRabbitmqConfigImage} ]
+ config_image: &rabbitmq_config_image {get_param: DockerRabbitmqConfigImage}
kolla_config:
/var/lib/kolla/config_files/rabbitmq.json:
command: /usr/lib/rabbitmq/bin/rabbitmq-server
rabbitmq_init_logs:
start_order: 0
detach: false
- image: &rabbitmq_image
- list_join:
- - '/'
- - [ {get_param: DockerNamespace}, {get_param: DockerRabbitmqImage} ]
+ image: &rabbitmq_image {get_param: DockerRabbitmqImage}
privileged: false
user: root
volumes:
OpenStack Sahara service configured with Puppet
parameters:
- DockerNamespace:
- description: namespace
- default: 'tripleoupstream'
- type: string
DockerSaharaApiImage:
description: image
- default: 'centos-binary-sahara-api:latest'
type: string
DockerSaharaConfigImage:
description: The container image to use for the sahara config_volume
- default: 'centos-binary-sahara-api:latest'
type: string
EndpointMap:
default: {}
description: Mapping of service endpoint -> protocol. Typically set
via parameter_defaults in the resource registry.
type: json
+ ServiceData:
+ default: {}
+ description: Dictionary packing service data
+ type: json
ServiceNetMap:
default: {}
description: Mapping of service_name -> network name. Typically set
type: ../../puppet/services/sahara-api.yaml
properties:
EndpointMap: {get_param: EndpointMap}
+ ServiceData: {get_param: ServiceData}
ServiceNetMap: {get_param: ServiceNetMap}
DefaultPasswords: {get_param: DefaultPasswords}
config_volume: sahara
puppet_tags: sahara_api_paste_ini,sahara_cluster_template,sahara_config,sahara_node_group_template
step_config: *step_config
- config_image:
- list_join:
- - '/'
- - [ {get_param: DockerNamespace}, {get_param: DockerSaharaConfigImage} ]
+ config_image: {get_param: DockerSaharaConfigImage}
kolla_config:
/var/lib/kolla/config_files/sahara-api.json:
command: /usr/bin/sahara-api --config-file /etc/sahara/sahara.conf
docker_config:
step_3:
sahara_db_sync:
- image: &sahara_api_image
- list_join:
- - '/'
- - [ {get_param: DockerNamespace}, {get_param: DockerSaharaApiImage} ]
+ image: &sahara_api_image {get_param: DockerSaharaApiImage}
net: host
privileged: false
detach: false
OpenStack Sahara service configured with Puppet
parameters:
- DockerNamespace:
- description: namespace
- default: 'tripleoupstream'
- type: string
DockerSaharaEngineImage:
description: image
- default: 'centos-binary-sahara-engine:latest'
type: string
DockerSaharaConfigImage:
description: The container image to use for the sahara config_volume
- default: 'centos-binary-sahara-api:latest'
type: string
EndpointMap:
default: {}
description: Mapping of service endpoint -> protocol. Typically set
via parameter_defaults in the resource registry.
type: json
+ ServiceData:
+ default: {}
+ description: Dictionary packing service data
+ type: json
ServiceNetMap:
default: {}
description: Mapping of service_name -> network name. Typically set
type: ../../puppet/services/sahara-engine.yaml
properties:
EndpointMap: {get_param: EndpointMap}
+ ServiceData: {get_param: ServiceData}
ServiceNetMap: {get_param: ServiceNetMap}
DefaultPasswords: {get_param: DefaultPasswords}
config_volume: sahara
puppet_tags: sahara_engine_paste_ini,sahara_cluster_template,sahara_config,sahara_node_group_template
step_config: *step_config
- config_image:
- list_join:
- - '/'
- - [ {get_param: DockerNamespace}, {get_param: DockerSaharaConfigImage} ]
+ config_image: {get_param: DockerSaharaConfigImage}
kolla_config:
/var/lib/kolla/config_files/sahara-engine.json:
command: /usr/bin/sahara-engine --config-file /etc/sahara/sahara.conf
docker_config:
step_4:
sahara_engine:
- image:
- list_join:
- - '/'
- - [ {get_param: DockerNamespace}, {get_param: DockerSaharaEngineImage} ]
+ image: {get_param: DockerSaharaEngineImage}
net: host
privileged: false
restart: always
Containerized Sensu client service
parameters:
- DockerNamespace:
- description: namespace
- default: 'tripleoupstream'
- type: string
DockerSensuClientImage:
description: image
- default: 'centos-binary-sensu-client:latest'
type: string
DockerSensuConfigImage:
description: The container image to use for the sensu config_volume
- default: 'centos-binary-sensu-client:latest'
type: string
EndpointMap:
default: {}
description: Mapping of service endpoint -> protocol. Typically set
via parameter_defaults in the resource registry.
type: json
+ ServiceData:
+ default: {}
+ description: Dictionary packing service data
+ type: json
ServiceNetMap:
default: {}
description: Mapping of service_name -> network name. Typically set
type: ../../puppet/services/monitoring/sensu-client.yaml
properties:
EndpointMap: {get_param: EndpointMap}
+ ServiceData: {get_param: ServiceData}
ServiceNetMap: {get_param: ServiceNetMap}
DefaultPasswords: {get_param: DefaultPasswords}
config_volume: sensu
puppet_tags: sensu_rabbitmq_config,sensu_client_config,sensu_check_config,sensu_check
step_config: *step_config
- config_image:
- list_join:
- - '/'
- - [ {get_param: DockerNamespace}, {get_param: DockerSensuConfigImage} ]
+ config_image: {get_param: DockerSensuConfigImage}
kolla_config:
/var/lib/kolla/config_files/sensu-client.json:
command: /usr/bin/sensu-client -d /etc/sensu/conf.d/ -l /var/log/sensu/sensu-client.log
docker_config:
step_3:
sensu_client:
- image:
- list_join:
- - '/'
- - [ {get_param: DockerNamespace}, {get_param: DockerSensuClientImage} ]
+ image: {get_param: DockerSensuClientImage}
net: host
privileged: true
# NOTE(mmagr) kolla image changes the user to 'sensu', we need it
OpenStack containerized swift proxy service
parameters:
- DockerNamespace:
- description: namespace
- default: 'tripleoupstream'
- type: string
DockerSwiftProxyImage:
description: image
- default: 'centos-binary-swift-proxy-server:latest'
type: string
DockerSwiftConfigImage:
description: The container image to use for the swift config_volume
- default: 'centos-binary-swift-proxy-server:latest'
type: string
EndpointMap:
default: {}
description: Mapping of service endpoint -> protocol. Typically set
via parameter_defaults in the resource registry.
type: json
+ ServiceData:
+ default: {}
+ description: Dictionary packing service data
+ type: json
ServiceNetMap:
default: {}
description: Mapping of service_name -> network name. Typically set
type: ../../puppet/services/swift-proxy.yaml
properties:
EndpointMap: {get_param: EndpointMap}
+ ServiceData: {get_param: ServiceData}
ServiceNetMap: {get_param: ServiceNetMap}
DefaultPasswords: {get_param: DefaultPasswords}
RoleName: {get_param: RoleName}
config_volume: swift
puppet_tags: swift_proxy_config
step_config: *step_config
- config_image:
- list_join:
- - '/'
- - [ {get_param: DockerNamespace}, {get_param: DockerSwiftConfigImage} ]
+ config_image: {get_param: DockerSwiftConfigImage}
kolla_config:
/var/lib/kolla/config_files/swift_proxy.json:
command: /usr/bin/swift-proxy-server /etc/swift/proxy-server.conf
step_4:
map_merge:
- swift_proxy:
- image: &swift_proxy_image
- list_join:
- - '/'
- - [ {get_param: DockerNamespace}, {get_param: DockerSwiftProxyImage} ]
+ image: &swift_proxy_image {get_param: DockerSwiftProxyImage}
net: host
user: swift
restart: always
OpenStack Swift Ringbuilder
parameters:
- DockerNamespace:
- description: namespace
- default: 'tripleoupstream'
- type: string
DockerSwiftConfigImage:
description: The container image to use for the swift config_volume
- default: 'centos-binary-swift-proxy-server:latest'
type: string
+ ServiceData:
+ default: {}
+ description: Dictionary packing service data
+ type: json
ServiceNetMap:
default: {}
description: Mapping of service_name -> network name. Typically set
type: ../../puppet/services/swift-ringbuilder.yaml
properties:
EndpointMap: {get_param: EndpointMap}
+ ServiceData: {get_param: ServiceData}
ServiceNetMap: {get_param: ServiceNetMap}
DefaultPasswords: {get_param: DefaultPasswords}
RoleName: {get_param: RoleName}
config_volume: 'swift'
puppet_tags: exec,fetch_swift_ring_tarball,extract_swift_ring_tarball,ring_object_device,swift::ringbuilder::create,tripleo::profile::base::swift::add_devices,swift::ringbuilder::rebalance,create_swift_ring_tarball,upload_swift_ring_tarball
step_config: *step_config
- config_image:
- list_join:
- - '/'
- - [ {get_param: DockerNamespace}, {get_param: DockerSwiftConfigImage} ]
+ config_image: {get_param: DockerSwiftConfigImage}
kolla_config: {}
docker_config: {}
OpenStack containerized Swift Storage services.
parameters:
- DockerNamespace:
- description: namespace
- default: 'tripleoupstream'
- type: string
DockerSwiftProxyImage:
description: image
- default: 'centos-binary-swift-proxy-server:latest'
type: string
DockerSwiftAccountImage:
description: image
- default: 'centos-binary-swift-account:latest'
type: string
DockerSwiftContainerImage:
description: image
- default: 'centos-binary-swift-container:latest'
type: string
DockerSwiftObjectImage:
description: image
- default: 'centos-binary-swift-object:latest'
type: string
DockerSwiftConfigImage:
description: The container image to use for the swift config_volume
default: {}
description: Parameters specific to the role
type: json
+ ServiceData:
+ default: {}
+ description: Dictionary packing service data
+ type: json
ServiceNetMap:
default: {}
description: Mapping of service_name -> network name. Typically set
type: ../../puppet/services/swift-storage.yaml
properties:
EndpointMap: {get_param: EndpointMap}
+ ServiceData: {get_param: ServiceData}
ServiceNetMap: {get_param: ServiceNetMap}
DefaultPasswords: {get_param: DefaultPasswords}
RoleName: {get_param: RoleName}
config_volume: swift
puppet_tags: swift_config,swift_container_config,swift_container_sync_realms_config,swift_account_config,swift_object_config,swift_object_expirer_config,rsync::server
step_config: *step_config
- config_image:
- list_join:
- - '/'
- - [ {get_param: DockerNamespace}, {get_param: DockerSwiftConfigImage} ]
+ config_image: {get_param: DockerSwiftConfigImage}
kolla_config:
/var/lib/kolla/config_files/swift_account_auditor.json:
command: /usr/bin/swift-account-auditor /etc/swift/account-server.conf
- path: /var/log/swift
owner: swift:swift
recurse: true
- /var/lib/kolla/config_files/swift_xinetd_rsync.json:
- command: /usr/sbin/xinetd -dontfork
+ /var/lib/kolla/config_files/swift_rsync.json:
+ command: /usr/bin/rsync --daemon --no-detach --config=/etc/rsyncd.conf
config_files:
- source: "/var/lib/kolla/config_files/src/*"
dest: "/"
# volume during the configuration stage. We just need to create this
# directory and make sure it's owned by swift.
swift_setup_srv:
- image: &swift_account_image
- list_join:
- - '/'
- - [ {get_param: DockerNamespace}, {get_param: DockerSwiftAccountImage} ]
+ image: &swift_account_image {get_param: DockerSwiftAccountImage}
user: root
command: ['chown', '-R', 'swift:', '/srv/node']
volumes:
- /var/log/containers/swift:/var/log/swift
environment: *kolla_env
swift_container_auditor:
- image: &swift_container_image
- list_join:
- - '/'
- - [ {get_param: DockerNamespace}, {get_param: DockerSwiftContainerImage} ]
+ image: &swift_container_image {get_param: DockerSwiftContainerImage}
net: host
user: swift
restart: always
- /var/log/containers/swift:/var/log/swift
environment: *kolla_env
swift_object_auditor:
- image: &swift_object_image
- list_join:
- - '/'
- - [ {get_param: DockerNamespace}, {get_param: DockerSwiftObjectImage} ]
+ image: &swift_object_image {get_param: DockerSwiftObjectImage}
net: host
user: swift
restart: always
- /var/log/containers/swift:/var/log/swift
environment: *kolla_env
swift_object_expirer:
- image: &swift_proxy_image
- list_join:
- - '/'
- - [ {get_param: DockerNamespace}, {get_param: DockerSwiftProxyImage} ]
+ image: &swift_proxy_image {get_param: DockerSwiftProxyImage}
net: host
user: swift
restart: always
- /dev:/dev
- /var/log/containers/swift:/var/log/swift
environment: *kolla_env
- swift_xinetd_rsync:
+ swift_rsync:
image: *swift_object_image
net: host
user: root
list_concat:
- {get_attr: [ContainersCommon, volumes]}
-
- - /var/lib/kolla/config_files/swift_xinetd_rsync.json:/var/lib/kolla/config_files/config.json:ro
+ - /var/lib/kolla/config_files/swift_rsync.json:/var/lib/kolla/config_files/config.json:ro
- /var/lib/config-data/puppet-generated/swift/:/var/lib/kolla/config_files/src:ro
- /run:/run
- /srv/node:/srv/node
- openstack-swift-container-updater
- openstack-swift-container
- openstack-swift-object-auditor
+ - openstack-swift-object-expirer
- openstack-swift-object-replicator
- openstack-swift-object-updater
- openstack-swift-object
OpenStack containerized Tacker service
parameters:
- DockerNamespace:
- description: namespace
- default: 'tripleoupstream'
- type: string
DockerTackerImage:
description: image
- default: 'centos-binary-tacker:latest'
type: string
DockerTackerConfigImage:
description: The container image to use for the tacker config_volume
- default: 'centos-binary-tacker:latest'
type: string
EndpointMap:
default: {}
description: Mapping of service endpoint -> protocol. Typically set
via parameter_defaults in the resource registry.
type: json
+ ServiceData:
+ default: {}
+ description: Dictionary packing service data
+ type: json
ServiceNetMap:
default: {}
description: Mapping of service_name -> network name. Typically set
type: ../../puppet/services/tacker.yaml
properties:
EndpointMap: {get_param: EndpointMap}
+ ServiceData: {get_param: ServiceData}
ServiceNetMap: {get_param: ServiceNetMap}
DefaultPasswords: {get_param: DefaultPasswords}
RoleName: {get_param: RoleName}
config_volume: tacker
puppet_tags: tacker_config
step_config: *step_config
- config_image:
- list_join:
- - '/'
- - [ {get_param: DockerNamespace}, {get_param: DockerTackerConfigImage} ]
+ config_image: {get_param: DockerTackerConfigImage}
kolla_config:
/var/lib/kolla/config_files/tacker_api.json:
command: /usr/bin/tacker-server --config-file=/etc/tacker/tacker.conf --log-file=/var/log/tacker/api.log
# db sync runs before permissions set by kolla_config
step_2:
tacker_init_logs:
- image: &tacker_image
- list_join:
- - '/'
- - [ {get_param: DockerNamespace}, {get_param: DockerTackerImage} ]
+ image: &tacker_image {get_param: DockerTackerImage}
privileged: false
user: root
volumes:
OpenStack containerized Zaqar services
parameters:
- DockerNamespace:
- description: namespace
- default: 'tripleoupstream'
- type: string
DockerZaqarImage:
description: image
- default: 'centos-binary-zaqar:latest'
type: string
DockerZaqarConfigImage:
description: The container image to use for the zaqar config_volume
- default: 'centos-binary-zaqar:latest'
type: string
+ ZaqarManagementStore:
+ type: string
+ description: The management store for Zaqar
+ default: mongodb
EndpointMap:
default: {}
description: Mapping of service endpoint -> protocol. Typically set
via parameter_defaults in the resource registry.
type: json
+ ServiceData:
+ default: {}
+ description: Dictionary packing service data
+ type: json
ServiceNetMap:
default: {}
description: Mapping of service_name -> network name. Typically set
description: Parameters specific to the role
type: json
+conditions:
+ zaqar_management_store_sqlalchemy: {equals : [{get_param: ZaqarManagementStore}, 'sqlalchemy']}
+
resources:
ContainersCommon:
type: ../../puppet/services/zaqar.yaml
properties:
EndpointMap: {get_param: EndpointMap}
+ ServiceData: {get_param: ServiceData}
ServiceNetMap: {get_param: ServiceNetMap}
DefaultPasswords: {get_param: DefaultPasswords}
RoleName: {get_param: RoleName}
config_volume: zaqar
puppet_tags: zaqar_config
step_config: *step_config
- config_image:
- list_join:
- - '/'
- - [ {get_param: DockerNamespace}, {get_param: DockerZaqarConfigImage} ]
+ config_image: {get_param: DockerZaqarConfigImage}
kolla_config:
/var/lib/kolla/config_files/zaqar.json:
command: /usr/sbin/httpd -DFOREGROUND
owner: zaqar:zaqar
recurse: true
docker_config:
- step_4:
- zaqar:
- image: &zaqar_image
- list_join:
- - '/'
- - [ {get_param: DockerNamespace}, {get_param: DockerZaqarImage} ]
- net: host
- privileged: false
- restart: always
- # NOTE(mandre) kolla image changes the user to 'zaqar', we need it
- # to be root to run httpd
- user: root
- volumes:
- list_concat:
- - {get_attr: [ContainersCommon, volumes]}
- -
- - /var/lib/kolla/config_files/zaqar.json:/var/lib/kolla/config_files/config.json:ro
- - /var/lib/config-data/puppet-generated/zaqar/:/var/lib/kolla/config_files/src:ro
- - /var/log/containers/zaqar:/var/log/zaqar
- environment:
- - KOLLA_CONFIG_STRATEGY=COPY_ALWAYS
- zaqar_websocket:
- image: *zaqar_image
- net: host
- privileged: false
- restart: always
- volumes:
- list_concat:
- - {get_attr: [ContainersCommon, volumes]}
- -
- - /var/lib/kolla/config_files/zaqar_websocket.json:/var/lib/kolla/config_files/config.json:ro
- - /var/lib/config-data/puppet-generated/zaqar/:/var/lib/kolla/config_files/src:ro
- - /var/log/containers/zaqar:/var/log/zaqar
- environment:
- - KOLLA_CONFIG_STRATEGY=COPY_ALWAYS
+ map_merge:
+ -
+ if:
+ - zaqar_management_store_sqlalchemy
+ -
+ step_2:
+ zaqar_init_log:
+ image: &zaqar_image {get_param: DockerZaqarImage}
+ user: root
+ volumes:
+ - /var/log/containers/zaqar:/var/log/zaqar
+ command: ['/bin/bash', '-c', 'chown -R zaqar:zaqar /var/log/zaqar']
+ step_3:
+ zaqar_db_sync:
+ image: *zaqar_image
+ net: host
+ privileged: false
+ detach: false
+ user: root
+ volumes:
+ list_concat:
+ - {get_attr: [ContainersCommon, volumes]}
+ -
+ - /var/lib/config-data/zaqar/etc/zaqar/:/etc/zaqar/:ro
+ - /var/log/containers/zaqar:/var/log/zaqar
+ command: "/usr/bin/bootstrap_host_exec zaqar su zaqar -s /bin/bash -c 'zaqar-sql-db-manage upgrade head'"
+ - {}
+ - step_4:
+ zaqar:
+ image: *zaqar_image
+ net: host
+ privileged: false
+ restart: always
+ # NOTE(mandre) kolla image changes the user to 'zaqar', we need it
+ # to be root to run httpd
+ user: root
+ volumes:
+ list_concat:
+ - {get_attr: [ContainersCommon, volumes]}
+ -
+ - /var/lib/kolla/config_files/zaqar.json:/var/lib/kolla/config_files/config.json:ro
+ - /var/lib/config-data/puppet-generated/zaqar/:/var/lib/kolla/config_files/src:ro
+ - /var/log/containers/zaqar:/var/log/zaqar
+ environment:
+ - KOLLA_CONFIG_STRATEGY=COPY_ALWAYS
+ zaqar_websocket:
+ image: *zaqar_image
+ net: host
+ privileged: false
+ restart: always
+ volumes:
+ list_concat:
+ - {get_attr: [ContainersCommon, volumes]}
+ -
+ - /var/lib/kolla/config_files/zaqar_websocket.json:/var/lib/kolla/config_files/config.json:ro
+ - /var/lib/config-data/puppet-generated/zaqar/:/var/lib/kolla/config_files/src:ro
+ - /var/log/containers/zaqar:/var/log/zaqar
+ environment:
+ - KOLLA_CONFIG_STRATEGY=COPY_ALWAYS
host_prep_tasks:
- name: create persistent logs directory
file:
--- /dev/null
+resource_registry:
+ OS::TripleO::Services::CephMon: ../../docker/services/ceph-ansible/ceph-mon.yaml
+ OS::TripleO::Services::CephOSD: ../../docker/services/ceph-ansible/ceph-osd.yaml
+ OS::TripleO::Services::CephClient: ../../docker/services/ceph-ansible/ceph-client.yaml
+
+parameter_defaults:
+ CinderEnableIscsiBackend: false
+ CinderEnableRbdBackend: true
+ CinderBackupBackend: ceph
+ NovaEnableRbdBackend: true
+ GlanceBackend: rbd
+ GnocchiBackend: rbd
CinderDellPsSanIp: ''
CinderDellPsSanLogin: ''
CinderDellPsSanPassword: ''
+ CinderDellPsSanPrivateKey: ''
CinderDellPsSanThinProvision: true
CinderDellPsGroupname: 'group-0'
CinderDellPsPool: 'default'
--- /dev/null
+resource_registry:
+ OS::TripleO::Compute::Net::SoftwareConfig: contrail-nic-config-compute-storage-mgmt.yaml
+ OS::TripleO::ContrailDpdk::Net::SoftwareConfig: contrail-nic-config-compute-storage-mgmt.yaml
+ OS::TripleO::Controller::Net::SoftwareConfig: contrail-nic-config-storage-mgmt.yaml
+ OS::TripleO::ContrailController::Net::SoftwareConfig: contrail-nic-config-storage-mgmt.yaml
+ OS::TripleO::ContrailAnalytics::Net::SoftwareConfig: contrail-nic-config-storage-mgmt.yaml
+ OS::TripleO::ContrailAnalyticsDatabase::Net::SoftwareConfig: contrail-nic-config-storage-mgmt.yaml
+ OS::TripleO::ContrailTsn::Net::SoftwareConfig: contrail-nic-config-compute-storage-mgmt.yaml
+
+parameter_defaults:
+ ContrailConfigVIP: 10.0.0.10
+ ContrailAnalyticsVIP: 10.0.0.10
+ ContrailWebuiVIP: 10.0.0.10
+ ContrailVIP: 10.0.0.10
+ ControlPlaneSubnetCidr: '24'
+ ControlPlaneDefaultRoute: 192.168.24.254
+ InternalApiNetCidr: 10.3.0.0/24
+ InternalApiAllocationPools: [{'start': '10.3.0.10', 'end': '10.3.0.200'}]
+ InternalApiDefaultRoute: 10.3.0.1
+ StorageMgmtNetCidr: 10.0.0.0/24
+ StorageMgmtAllocationPools: [{'start': '10.0.0.10', 'end': '10.0.0.200'}]
+ StorageMgmtDefaultRoute: 10.0.0.1
+ StorageMgmtInterfaceDefaultRoute: 10.0.0.1
+ StorageMgmtVirtualIP: 10.0.0.10
+ ManagementNetCidr: 10.1.0.0/24
+ ManagementAllocationPools: [{'start': '10.1.0.10', 'end': '10.1.0.200'}]
+ ManagementInterfaceDefaultRoute: 10.1.0.1
+ ExternalNetCidr: 10.2.0.0/24
+ ExternalAllocationPools: [{'start': '10.2.0.10', 'end': '10.2.0.200'}]
+ EC2MetadataIp: 192.168.24.1 # Generally the IP of the Undercloud
+ DnsServers: ["10.87.64.101"]
+ VrouterPhysicalInterface: eth1
+ VrouterGateway: 10.0.0.1
+ VrouterNetmask: 255.255.255.0
+ ControlVirtualInterface: eth0
+ PublicVirtualInterface: vlan10
+# VlanParentInterface: eth1 # If VrouterPhysicalInterface is a vlan interface using vlanX notation
resource_registry:
- OS::TripleO::Compute::Net::SoftwareConfig: contrail-nic-config-compute.yaml
- OS::TripleO::Controller::Net::SoftwareConfig: contrail-nic-config.yaml
- OS::TripleO::ContrailController::Net::SoftwareConfig: contrail-nic-config.yaml
- OS::TripleO::ContrailAnalytics::Net::SoftwareConfig: contrail-nic-config.yaml
- OS::TripleO::ContrailAnalyticsDatabase::Net::SoftwareConfig: contrail-nic-config.yaml
- OS::TripleO::ContrailTsn::Net::SoftwareConfig: contrail-nic-config-compute.yaml
+ OS::TripleO::Compute::Net::SoftwareConfig: ../../network/config/contrail/contrail-nic-config-compute.yaml
+ OS::TripleO::Controller::Net::SoftwareConfig: ../../network/config/contrail/contrail-nic-config.yaml
+ OS::TripleO::ContrailController::Net::SoftwareConfig: ../../network/config/contrail/contrail-nic-config.yaml
+ OS::TripleO::ContrailAnalytics::Net::SoftwareConfig: ../../network/config/contrail/contrail-nic-config.yaml
+ OS::TripleO::ContrailAnalyticsDatabase::Net::SoftwareConfig: ../../network/config/contrail/contrail-nic-config.yaml
+ OS::TripleO::ContrailTsn::Net::SoftwareConfig: ../../network/config/contrail/contrail-nic-config-compute.yaml
parameter_defaults:
ControlPlaneSubnetCidr: '24'
ExternalNetCidr: 10.2.0.0/24
ExternalAllocationPools: [{'start': '10.2.0.10', 'end': '10.2.0.200'}]
EC2MetadataIp: 192.168.24.1 # Generally the IP of the Undercloud
- DnsServers: ["8.8.8.8","8.8.4.4"]
- VrouterPhysicalInterface: eth1
- VrouterGateway: 10.0.0.1
- VrouterNetmask: 255.255.255.0
+ DnsServers: ["8.8.8.8"]
+ NtpServer: 10.0.0.1
+ ContrailVrouterPhysicalInterface: eth1
+ ContrailVrouterGateway: 10.0.0.1
+ ContrailVrouterNetmask: 255.255.255.0
ControlVirtualInterface: eth0
PublicVirtualInterface: vlan10
+## If vhost0 is linked to a vlan interface:
+# ContrailVlanParentInterface: eth1 # If VrouterPhysicalInterface is a vlan interface using vlanX notation
+## If vhost0 is linked to a bonded vlan interface:
+# ContrailVlanParentInterface: bond0
+# ContrailBondInterface: bond0
+# ContrailBondInterfaceMembers: 'eth1,eth2'
OS::TripleO::Services::ComputeNeutronOvsAgent: OS::Heat::None
OS::TripleO::Services::NeutronCorePlugin: OS::TripleO::Services::NeutronCorePluginContrail
OS::TripleO::Services::ComputeNeutronCorePlugin: OS::TripleO::Services::ComputeNeutronCorePluginContrail
- OS::TripleO::NodeUserData: ../../firstboot/install_vrouter_kmod.yaml
OS::TripleO::Services::ContrailHeat: ../../puppet/services/network/contrail-heat.yaml
OS::TripleO::Services::ContrailAnalytics: ../../puppet/services/network/contrail-analytics.yaml
OS::TripleO::Services::ContrailAnalyticsDatabase: ../../puppet/services/network/contrail-analytics-database.yaml
OS::TripleO::Services::ContrailDatabase: ../../puppet/services/network/contrail-database.yaml
OS::TripleO::Services::ContrailWebUI: ../../puppet/services/network/contrail-webui.yaml
OS::TripleO::Services::ContrailTsn: ../../puppet/services/network/contrail-tsn.yaml
+ OS::TripleO::Services::ContrailDpdk: ../../puppet/services/network/contrail-dpdk.yaml
OS::TripleO::Services::ComputeNeutronCorePluginContrail: ../../puppet/services/network/contrail-vrouter.yaml
OS::TripleO::Services::NeutronCorePluginContrail: ../../puppet/services/network/contrail-neutron-plugin.yaml
+ OS::TripleO::NodeUserData: ../../extraconfig/all_nodes/contrail/enable_contrail_repo.yaml
+ OS::TripleO::ContrailTsn::PreNetworkConfig: ../../extraconfig/pre_network/contrail/compute_pre_network.yaml
+ OS::TripleO::ContrailDpdk::PreNetworkConfig: ../../extraconfig/pre_network/contrail/contrail_dpdk_pre_network.yaml
+ OS::TripleO::Compute::PreNetworkConfig: ../../extraconfig/pre_network/contrail/compute_pre_network.yaml
parameter_defaults:
- ContrailRepo: http://192.168.24.1/contrail-3.2.0.0-19
+ ServiceNetMap:
+ ContrailAnalyticsNetwork: internal_api
+ ContrailAnalyticsDatabaseNetwork: internal_api
+ ContrailConfigNetwork: internal_api
+ ContrailControlNetwork: internal_api
+ ContrailDatabaseNetwork: internal_api
+ ContrailWebuiNetwork: internal_api
+ ContrailTsnNetwork: internal_api
+ ContrailVrouterNetwork: internal_api
+ ContrailDpdkNetwork: internal_api
+ ContrailRepo: http://192.168.24.1/contrail
+ ContrailControlManageNamed: true
EnablePackageInstall: true
# ContrailConfigIfmapUserName: api-server
# ContrailConfigIfmapUserPassword: api-server
OvercloudContrailAnalyticsDatabaseFlavor: contrail-analytics-database
OvercloudContrailTsnFlavor: contrail-tsn
OvercloudComputeFlavor: compute
+ OvercloudContrailDpdkFlavor: compute-dpdk
ControllerCount: 3
ContrailControllerCount: 3
ContrailAnalyticsCount: 3
ContrailAnalyticsDatabaseCount: 3
- ContrailTsnCount: 1
+ ContrailTsnCount: 0
ComputeCount: 3
- DnsServers: ["8.8.8.8","8.8.4.4"]
- NtpServer: 10.0.0.1
+ ContrailDpdkCount: 0
NeutronCorePlugin: neutron_plugin_contrail.plugins.opencontrail.contrail_plugin.NeutronPluginContrailCoreV2
- NeutronServicePlugins: ''
+ NeutronServicePlugins: 'neutron_plugin_contrail.plugins.opencontrail.loadbalancer.v2.plugin.LoadBalancerPluginV2'
NeutronTunnelTypes: ''
# NeutronMetadataProxySharedSecret:
# ContrailControlRNDCSecret: # sda1/256 hmac key, e.g. echo -n "values" | openssl dgst -sha256 -hmac key -binary | base64
- OS::TripleO::Services::CinderHPELeftHandISCSI
- OS::TripleO::Services::Etcd
- OS::TripleO::Services::AuditD
+ - OS::TripleO::Services::Iscsid
- name: Compute
CountDefault: 1
- OS::TripleO::Services::Sshd
- OS::TripleO::Services::NovaCompute
- OS::TripleO::Services::NovaLibvirt
+ - OS::TripleO::Services::NovaMigrationTarget
- OS::TripleO::Services::Kernel
- OS::TripleO::Services::ComputeNeutronCorePlugin
- OS::TripleO::Services::ComputeNeutronOvsAgent
- OS::TripleO::Services::SensuClient
- OS::TripleO::Services::FluentdClient
- OS::TripleO::Services::AuditD
+ - OS::TripleO::Services::Iscsid
- name: BlockStorage
ServicesDefault:
- OS::TripleO::Services::TripleoPackages
- OS::TripleO::Services::SensuClient
- OS::TripleO::Services::FluentdClient
+ - OS::TripleO::Services::Iscsid
- name: ContrailAnalytics
ServicesDefault:
- OS::TripleO::Services::TripleoPackages
- OS::TripleO::Services::SensuClient
- OS::TripleO::Services::FluentdClient
+
+- name: ContrailDpdk
+ ServicesDefault:
+ - OS::TripleO::Services::CACerts
+ - OS::TripleO::Services::CertmongerUser
+ - OS::TripleO::Services::ContrailTsn
+ - OS::TripleO::Services::Kernel
+ - OS::TripleO::Services::Ntp
+ - OS::TripleO::Services::Timezone
+ - OS::TripleO::Services::Snmp
+ - OS::TripleO::Services::TripleoPackages
+ - OS::TripleO::Services::SensuClient
+ - OS::TripleO::Services::FluentdClient
--- /dev/null
+resource_registry:
+ OS::TripleO::Network::Ports::ControlPlaneVipPort: ../deployed-server/deployed-neutron-port.yaml
+ OS::TripleO::DeployedServer::ControlPlanePort: ../deployed-server/deployed-neutron-port.yaml
+
OS::TripleO::Services::AodhNotifier: OS::Heat::None
OS::TripleO::Services::AodhListener: OS::Heat::None
OS::TripleO::Services::PankoApi: OS::Heat::None
+
+parameter_defaults:
+ NotificationDriver: 'noop'
+# Generated with the following on 2017-07-12T11:40:50.219622
+#
+# overcloud container image prepare --env-file environments/docker-centos-tripleoupstream.yaml
+#
+
parameter_defaults:
- #DockerAodhApiImage: 'tripleoupstream/centos-binary-aodh-api:latest'
- #DockerAodhConfigImage: 'tripleoupstream/centos-binary-aodh-api:latest'
- #DockerAodhEvaluatorImage: 'tripleoupstream/centos-binary-aodh-evaluator:latest'
- #DockerAodhListenerImage: 'tripleoupstream/centos-binary-aodh-listener:latest'
- #DockerAodhNotifierImage: 'tripleoupstream/centos-binary-aodh-notifier:latest'
- #DockerCeilometerCentralImage: 'tripleoupstream/centos-binary-ceilometer-central:latest'
- #DockerCeilometerComputeImage: 'tripleoupstream/centos-binary-ceilometer-compute:latest'
- #DockerCeilometerConfigImage: 'tripleoupstream/centos-binary-ceilometer-central:latest'
- #DockerCeilometerIpmiImage: 'tripleoupstream/centos-binary-ceilometer-ipmi:latest'
- #DockerCeilometerNotificationImage: 'tripleoupstream/centos-binary-ceilometer-notification:latest'
- #DockerCinderApiImage: 'tripleoupstream/centos-binary-cinder-api:latest'
- #DockerCinderBackupImage: 'tripleoupstream/centos-binary-cinder-backup:latest'
- #DockerCinderConfigImage: 'tripleoupstream/centos-binary-cinder-api:latest'
- #DockerCinderSchedulerImage: 'tripleoupstream/centos-binary-cinder-scheduler:latest'
- #DockerCinderVolumeImage: 'tripleoupstream/centos-binary-cinder-volume:latest'
- #DockerClustercheckConfigImage: 'tripleoupstream/centos-binary-mariadb:latest'
- #DockerClustercheckImage: 'tripleoupstream/centos-binary-mariadb:latest'
- #DockerCollectdConfigImage: 'tripleoupstream/centos-binary-collectd:latest'
- #DockerCollectdImage: 'tripleoupstream/centos-binary-collectd:latest'
- #DockerCongressApiImage: 'tripleoupstream/centos-binary-congress-api:latest'
- #DockerCongressConfigImage: 'tripleoupstream/centos-binary-congress-api:latest'
- #DockerEc2ApiConfigImage: 'tripleoupstream/centos-binary-ec2-api:latest'
- #DockerEc2ApiImage: 'tripleoupstream/centos-binary-ec2-api:latest'
- #DockerEtcdConfigImage: 'tripleoupstream/centos-binary-etcd:latest'
- #DockerEtcdImage: 'tripleoupstream/centos-binary-etcd:latest'
- #DockerGlanceApiConfigImage: 'tripleoupstream/centos-binary-glance-api:latest'
- #DockerGlanceApiImage: 'tripleoupstream/centos-binary-glance-api:latest'
- #DockerGnocchiApiImage: 'tripleoupstream/centos-binary-gnocchi-api:latest'
- #DockerGnocchiConfigImage: 'tripleoupstream/centos-binary-gnocchi-api:latest'
- #DockerGnocchiMetricdImage: 'tripleoupstream/centos-binary-gnocchi-metricd:latest'
- #DockerGnocchiStatsdImage: 'tripleoupstream/centos-binary-gnocchi-statsd:latest'
- #DockerHAProxyConfigImage: 'tripleoupstream/centos-binary-haproxy:latest'
- #DockerHAProxyImage: 'tripleoupstream/centos-binary-haproxy:latest'
- #DockerHeatApiCfnConfigImage: 'tripleoupstream/centos-binary-heat-api-cfn:latest'
- #DockerHeatApiCfnImage: 'tripleoupstream/centos-binary-heat-api-cfn:latest'
- #DockerHeatApiConfigImage: 'tripleoupstream/centos-binary-heat-api:latest'
- #DockerHeatApiImage: 'tripleoupstream/centos-binary-heat-api:latest'
- #DockerHeatConfigImage: 'tripleoupstream/centos-binary-heat-api:latest'
- #DockerHeatEngineImage: 'tripleoupstream/centos-binary-heat-engine:latest'
- #DockerHorizonConfigImage: 'tripleoupstream/centos-binary-horizon:latest'
- #DockerHorizonImage: 'tripleoupstream/centos-binary-horizon:latest'
- #DockerIronicApiImage: 'tripleoupstream/centos-binary-ironic-api:latest'
- #DockerIronicConductorImage: 'tripleoupstream/centos-binary-ironic-conductor:latest'
- #DockerIronicConfigImage: 'tripleoupstream/centos-binary-ironic-pxe:latest'
- #DockerIronicPxeImage: 'tripleoupstream/centos-binary-ironic-pxe:latest'
- #DockerIscsidConfigImage: 'tripleoupstream/centos-binary-iscsid:latest'
- #DockerIscsidImage: 'tripleoupstream/centos-binary-iscsid:latest'
- #DockerKeystoneConfigImage: 'tripleoupstream/centos-binary-keystone:latest'
- #DockerKeystoneImage: 'tripleoupstream/centos-binary-keystone:latest'
- #DockerManilaApiImage: 'tripleoupstream/centos-binary-manila-api:latest'
- #DockerManilaConfigImage: 'tripleoupstream/centos-binary-manila-api:latest'
- #DockerManilaSchedulerImage: 'tripleoupstream/centos-binary-manila-scheduler:latest'
- #DockerMemcachedConfigImage: 'tripleoupstream/centos-binary-memcached:latest'
- #DockerMemcachedImage: 'tripleoupstream/centos-binary-memcached:latest'
- #DockerMistralApiImage: 'tripleoupstream/centos-binary-mistral-api:latest'
- #DockerMistralConfigImage: 'tripleoupstream/centos-binary-mistral-api:latest'
- #DockerMistralEngineImage: 'tripleoupstream/centos-binary-mistral-engine:latest'
- #DockerMistralExecutorImage: 'tripleoupstream/centos-binary-mistral-executor:latest'
- #DockerMongodbConfigImage: 'tripleoupstream/centos-binary-mongodb:latest'
- #DockerMongodbImage: 'tripleoupstream/centos-binary-mongodb:latest'
- #DockerMultipathdConfigImage: 'tripleoupstream/centos-binary-multipathd:latest'
- #DockerMultipathdImage: 'tripleoupstream/centos-binary-multipathd:latest'
- #DockerMysqlClientConfigImage: 'tripleoupstream/centos-binary-mariadb:latest'
- #DockerMysqlConfigImage: 'tripleoupstream/centos-binary-mariadb:latest'
- #DockerMysqlImage: 'tripleoupstream/centos-binary-mariadb:latest'
- #DockerNeutronApiImage: 'tripleoupstream/centos-binary-neutron-server:latest'
- #DockerNeutronConfigImage: 'tripleoupstream/centos-binary-neutron-server:latest'
- #DockerNeutronDHCPImage: 'tripleoupstream/centos-binary-neutron-dhcp-agent:latest'
- #DockerNeutronL3AgentImage: 'tripleoupstream/centos-binary-neutron-l3-agent:latest'
- #DockerNeutronMetadataImage: 'tripleoupstream/centos-binary-neutron-metadata-agent:latest'
- #DockerNovaApiImage: 'tripleoupstream/centos-binary-nova-api:latest'
- #DockerNovaComputeImage: 'tripleoupstream/centos-binary-nova-compute:latest'
- #DockerNovaComputeIronicImage: 'tripleoupstream/centos-binary-nova-compute-ironic:latest'
- #DockerNovaConductorImage: 'tripleoupstream/centos-binary-nova-conductor:latest'
- #DockerNovaConfigImage: 'tripleoupstream/centos-binary-nova-base:latest'
- #DockerNovaConsoleauthImage: 'tripleoupstream/centos-binary-nova-consoleauth:latest'
- #DockerNovaLibvirtConfigImage: 'tripleoupstream/centos-binary-nova-compute:latest'
- #DockerNovaLibvirtImage: 'tripleoupstream/centos-binary-nova-libvirt:latest'
- #DockerNovaPlacementConfigImage: 'tripleoupstream/centos-binary-nova-placement-api:latest'
- #DockerNovaPlacementImage: 'tripleoupstream/centos-binary-nova-placement-api:latest'
- #DockerNovaSchedulerImage: 'tripleoupstream/centos-binary-nova-scheduler:latest'
- #DockerNovaVncProxyImage: 'tripleoupstream/centos-binary-nova-novncproxy:latest'
- #DockerOctaviaApiImage: 'tripleoupstream/centos-binary-octavia-api:latest'
- #DockerOctaviaConfigImage: 'tripleoupstream/centos-binary-octavia-api:latest'
- #DockerOctaviaHealthManagerImage: 'tripleoupstream/centos-binary-octavia-health-manager:latest'
- #DockerOctaviaHousekeepingImage: 'tripleoupstream/centos-binary-octavia-housekeeping:latest'
- #DockerOctaviaWorkerImage: 'tripleoupstream/centos-binary-octavia-worker:latest'
- #DockerOpenvswitchImage: 'tripleoupstream/centos-binary-neutron-openvswitch-agent:latest'
- #DockerPankoApiImage: 'tripleoupstream/centos-binary-panko-api:latest'
- #DockerPankoConfigImage: 'tripleoupstream/centos-binary-panko-api:latest'
- #DockerRabbitmqConfigImage: 'tripleoupstream/centos-binary-rabbitmq:latest'
- #DockerRabbitmqImage: 'tripleoupstream/centos-binary-rabbitmq:latest'
- #DockerRedisConfigImage: 'tripleoupstream/centos-binary-redis:latest'
- #DockerRedisImage: 'tripleoupstream/centos-binary-redis:latest'
- #DockerSaharaApiImage: 'tripleoupstream/centos-binary-sahara-api:latest'
- #DockerSaharaConfigImage: 'tripleoupstream/centos-binary-sahara-api:latest'
- #DockerSaharaEngineImage: 'tripleoupstream/centos-binary-sahara-engine:latest'
- #DockerSensuClientImage: 'tripleoupstream/centos-binary-sensu-client:latest'
- #DockerSensuConfigImage: 'tripleoupstream/centos-binary-sensu-client:latest'
- #DockerSwiftAccountImage: 'tripleoupstream/centos-binary-swift-account:latest'
- #DockerSwiftConfigImage: 'tripleoupstream/centos-binary-swift-proxy-server:latest'
- #DockerSwiftContainerImage: 'tripleoupstream/centos-binary-swift-container:latest'
- #DockerSwiftObjectImage: 'tripleoupstream/centos-binary-swift-object:latest'
- #DockerSwiftProxyImage: 'tripleoupstream/centos-binary-swift-proxy-server:latest'
- #DockerTackerConfigImage: 'tripleoupstream/centos-binary-tacker:latest'
- #DockerTackerImage: 'tripleoupstream/centos-binary-tacker:latest'
- #DockerZaqarConfigImage: 'tripleoupstream/centos-binary-zaqar:latest'
- #DockerZaqarImage: 'tripleoupstream/centos-binary-zaqar:latest'
+ DockerAodhApiImage: tripleoupstream/centos-binary-aodh-api:latest
+ DockerAodhConfigImage: tripleoupstream/centos-binary-aodh-api:latest
+ DockerAodhEvaluatorImage: tripleoupstream/centos-binary-aodh-evaluator:latest
+ DockerAodhListenerImage: tripleoupstream/centos-binary-aodh-listener:latest
+ DockerAodhNotifierImage: tripleoupstream/centos-binary-aodh-notifier:latest
+ DockerCeilometerCentralImage: tripleoupstream/centos-binary-ceilometer-central:latest
+ DockerCeilometerComputeImage: tripleoupstream/centos-binary-ceilometer-compute:latest
+ DockerCeilometerConfigImage: tripleoupstream/centos-binary-ceilometer-central:latest
+ DockerCeilometerIpmiImage: tripleoupstream/centos-binary-ceilometer-ipmi:latest
+ DockerCeilometerNotificationImage: tripleoupstream/centos-binary-ceilometer-notification:latest
+ DockerCinderApiImage: tripleoupstream/centos-binary-cinder-api:latest
+ DockerCinderBackupImage: tripleoupstream/centos-binary-cinder-backup:latest
+ DockerCinderConfigImage: tripleoupstream/centos-binary-cinder-api:latest
+ DockerCinderSchedulerImage: tripleoupstream/centos-binary-cinder-scheduler:latest
+ DockerCinderVolumeImage: tripleoupstream/centos-binary-cinder-volume:latest
+ DockerClustercheckConfigImage: tripleoupstream/centos-binary-mariadb:latest
+ DockerClustercheckImage: tripleoupstream/centos-binary-mariadb:latest
+ DockerCollectdConfigImage: tripleoupstream/centos-binary-collectd:latest
+ DockerCollectdImage: tripleoupstream/centos-binary-collectd:latest
+ DockerCongressApiImage: tripleoupstream/centos-binary-congress-api:latest
+ DockerCongressConfigImage: tripleoupstream/centos-binary-congress-api:latest
+ DockerEc2ApiConfigImage: tripleoupstream/centos-binary-ec2-api:latest
+ DockerEc2ApiImage: tripleoupstream/centos-binary-ec2-api:latest
+ DockerEtcdConfigImage: tripleoupstream/centos-binary-etcd:latest
+ DockerEtcdImage: tripleoupstream/centos-binary-etcd:latest
+ DockerGlanceApiConfigImage: tripleoupstream/centos-binary-glance-api:latest
+ DockerGlanceApiImage: tripleoupstream/centos-binary-glance-api:latest
+ DockerGnocchiApiImage: tripleoupstream/centos-binary-gnocchi-api:latest
+ DockerGnocchiConfigImage: tripleoupstream/centos-binary-gnocchi-api:latest
+ DockerGnocchiMetricdImage: tripleoupstream/centos-binary-gnocchi-metricd:latest
+ DockerGnocchiStatsdImage: tripleoupstream/centos-binary-gnocchi-statsd:latest
+ DockerHAProxyConfigImage: tripleoupstream/centos-binary-haproxy:latest
+ DockerHAProxyImage: tripleoupstream/centos-binary-haproxy:latest
+ DockerHeatApiCfnConfigImage: tripleoupstream/centos-binary-heat-api-cfn:latest
+ DockerHeatApiCfnImage: tripleoupstream/centos-binary-heat-api-cfn:latest
+ DockerHeatApiConfigImage: tripleoupstream/centos-binary-heat-api:latest
+ DockerHeatApiImage: tripleoupstream/centos-binary-heat-api:latest
+ DockerHeatConfigImage: tripleoupstream/centos-binary-heat-api:latest
+ DockerHeatEngineImage: tripleoupstream/centos-binary-heat-engine:latest
+ DockerHorizonConfigImage: tripleoupstream/centos-binary-horizon:latest
+ DockerHorizonImage: tripleoupstream/centos-binary-horizon:latest
+ DockerIronicApiImage: tripleoupstream/centos-binary-ironic-api:latest
+ DockerIronicApiConfigImage: tripleoupstream/centos-binary-ironic-api:latest
+ DockerIronicConductorImage: tripleoupstream/centos-binary-ironic-conductor:latest
+ DockerIronicConfigImage: tripleoupstream/centos-binary-ironic-pxe:latest
+ DockerIronicInspectorConfigImage: tripleoupstream/centos-binary-ironic-inspector:latest
+ DockerIronicInspectorImage: tripleoupstream/centos-binary-ironic-inspector:latest
+ DockerIronicPxeImage: tripleoupstream/centos-binary-ironic-pxe:latest
+ DockerIscsidConfigImage: tripleoupstream/centos-binary-iscsid:latest
+ DockerIscsidImage: tripleoupstream/centos-binary-iscsid:latest
+ DockerKeystoneConfigImage: tripleoupstream/centos-binary-keystone:latest
+ DockerKeystoneImage: tripleoupstream/centos-binary-keystone:latest
+ DockerManilaApiImage: tripleoupstream/centos-binary-manila-api:latest
+ DockerManilaConfigImage: tripleoupstream/centos-binary-manila-api:latest
+ DockerManilaSchedulerImage: tripleoupstream/centos-binary-manila-scheduler:latest
+ DockerManilaShareImage: tripleoupstream/centos-binary-manila-share:latest
+ DockerMemcachedConfigImage: tripleoupstream/centos-binary-memcached:latest
+ DockerMemcachedImage: tripleoupstream/centos-binary-memcached:latest
+ DockerMistralApiImage: tripleoupstream/centos-binary-mistral-api:latest
+ DockerMistralConfigImage: tripleoupstream/centos-binary-mistral-api:latest
+ DockerMistralEngineImage: tripleoupstream/centos-binary-mistral-engine:latest
+ DockerMistralExecutorImage: tripleoupstream/centos-binary-mistral-executor:latest
+ DockerMongodbConfigImage: tripleoupstream/centos-binary-mongodb:latest
+ DockerMongodbImage: tripleoupstream/centos-binary-mongodb:latest
+ DockerMultipathdConfigImage: tripleoupstream/centos-binary-multipathd:latest
+ DockerMultipathdImage: tripleoupstream/centos-binary-multipathd:latest
+ DockerMysqlClientConfigImage: tripleoupstream/centos-binary-mariadb:latest
+ DockerMysqlConfigImage: tripleoupstream/centos-binary-mariadb:latest
+ DockerMysqlImage: tripleoupstream/centos-binary-mariadb:latest
+ DockerNeutronApiImage: tripleoupstream/centos-binary-neutron-server:latest
+ DockerNeutronConfigImage: tripleoupstream/centos-binary-neutron-server:latest
+ DockerNeutronDHCPImage: tripleoupstream/centos-binary-neutron-dhcp-agent:latest
+ DockerNeutronL3AgentImage: tripleoupstream/centos-binary-neutron-l3-agent:latest
+ DockerNeutronMetadataImage: tripleoupstream/centos-binary-neutron-metadata-agent:latest
+ DockerNovaApiImage: tripleoupstream/centos-binary-nova-api:latest
+ DockerNovaComputeImage: tripleoupstream/centos-binary-nova-compute:latest
+ DockerNovaComputeIronicImage: tripleoupstream/centos-binary-nova-compute-ironic:latest
+ DockerNovaConductorImage: tripleoupstream/centos-binary-nova-conductor:latest
+ DockerNovaConfigImage: tripleoupstream/centos-binary-nova-base:latest
+ DockerNovaConsoleauthImage: tripleoupstream/centos-binary-nova-consoleauth:latest
+ DockerNovaLibvirtConfigImage: tripleoupstream/centos-binary-nova-compute:latest
+ DockerNovaLibvirtImage: tripleoupstream/centos-binary-nova-libvirt:latest
+ DockerNovaPlacementConfigImage: tripleoupstream/centos-binary-nova-placement-api:latest
+ DockerNovaPlacementImage: tripleoupstream/centos-binary-nova-placement-api:latest
+ DockerNovaSchedulerImage: tripleoupstream/centos-binary-nova-scheduler:latest
+ DockerNovaVncProxyImage: tripleoupstream/centos-binary-nova-novncproxy:latest
+ DockerOVNControllerConfigImage: tripleoupstream/centos-binary-ovn-controller:latest
+ DockerOVNControllerImage: tripleoupstream/centos-binary-ovn-controller:latest
+ DockerOVNNbDbImage: tripleoupstream/centos-binary-ovn-nb-db-server:latest
+ DockerOVNNorthdImage: tripleoupstream/centos-binary-ovn-northd:latest
+ DockerOVNSbDbImage: tripleoupstream/centos-binary-ovn-sb-db-server:latest
+ DockerOctaviaApiImage: tripleoupstream/centos-binary-octavia-api:latest
+ DockerOctaviaConfigImage: tripleoupstream/centos-binary-octavia-api:latest
+ DockerOctaviaHealthManagerImage: tripleoupstream/centos-binary-octavia-health-manager:latest
+ DockerOctaviaHousekeepingImage: tripleoupstream/centos-binary-octavia-housekeeping:latest
+ DockerOctaviaWorkerImage: tripleoupstream/centos-binary-octavia-worker:latest
+ DockerOpendaylightApiImage: tripleoupstream/centos-binary-opendaylight:latest
+ DockerOpendaylightConfigImage: tripleoupstream/centos-binary-opendaylight:latest
+ DockerOpenvswitchImage: tripleoupstream/centos-binary-neutron-openvswitch-agent:latest
+ DockerPankoApiImage: tripleoupstream/centos-binary-panko-api:latest
+ DockerPankoConfigImage: tripleoupstream/centos-binary-panko-api:latest
+ DockerRabbitmqConfigImage: tripleoupstream/centos-binary-rabbitmq:latest
+ DockerRabbitmqImage: tripleoupstream/centos-binary-rabbitmq:latest
+ DockerRedisConfigImage: tripleoupstream/centos-binary-redis:latest
+ DockerRedisImage: tripleoupstream/centos-binary-redis:latest
+ DockerSaharaApiImage: tripleoupstream/centos-binary-sahara-api:latest
+ DockerSaharaConfigImage: tripleoupstream/centos-binary-sahara-api:latest
+ DockerSaharaEngineImage: tripleoupstream/centos-binary-sahara-engine:latest
+ DockerSensuClientImage: tripleoupstream/centos-binary-sensu-client:latest
+ DockerSensuConfigImage: tripleoupstream/centos-binary-sensu-client:latest
+ DockerSwiftAccountImage: tripleoupstream/centos-binary-swift-account:latest
+ DockerSwiftConfigImage: tripleoupstream/centos-binary-swift-proxy-server:latest
+ DockerSwiftContainerImage: tripleoupstream/centos-binary-swift-container:latest
+ DockerSwiftObjectImage: tripleoupstream/centos-binary-swift-object:latest
+ DockerSwiftProxyImage: tripleoupstream/centos-binary-swift-proxy-server:latest
+ DockerTackerConfigImage: tripleoupstream/centos-binary-tacker:latest
+ DockerTackerImage: tripleoupstream/centos-binary-tacker:latest
+ DockerZaqarConfigImage: tripleoupstream/centos-binary-zaqar:latest
+ DockerZaqarImage: tripleoupstream/centos-binary-zaqar:latest
# ...deploy..-e docker.yaml -e docker-ha.yaml
resource_registry:
# Pacemaker runs on the host
- OS::TripleO::Tasks::ControllerPreConfig: ../extraconfig/tasks/pre_puppet_pacemaker.yaml
- OS::TripleO::Tasks::ControllerPostConfig: ../extraconfig/tasks/post_puppet_pacemaker.yaml
- OS::TripleO::Tasks::ControllerPostPuppetRestart: ../extraconfig/tasks/post_puppet_pacemaker_restart.yaml
OS::TripleO::Services::Pacemaker: ../puppet/services/pacemaker.yaml
OS::TripleO::Services::PacemakerRemote: ../puppet/services/pacemaker_remote.yaml
OS::TripleO::Services::Keepalived: OS::Heat::None
# HA Containers managed by pacemaker
- OS::TripleO::Services::CinderVolume: ../docker/services/pacemaker/cinder-volume.yaml
- OS::TripleO::Services::CinderBackup: ../docker/services/pacemaker/cinder-backup.yaml
+ # FIXME: enable those Cinder services once their non-HA counterpart are enabled
+ # OS::TripleO::Services::CinderVolume: ../docker/services/pacemaker/cinder-volume.yaml
+ # OS::TripleO::Services::CinderBackup: ../docker/services/pacemaker/cinder-backup.yaml
OS::TripleO::Services::Clustercheck: ../docker/services/pacemaker/clustercheck.yaml
OS::TripleO::Services::HAproxy: ../docker/services/pacemaker/haproxy.yaml
OS::TripleO::Services::MySQL: ../docker/services/pacemaker/database/mysql.yaml
OS::TripleO::Services::HeatApi: ../docker/services/heat-api.yaml
OS::TripleO::Services::HeatApiCfn: ../docker/services/heat-api-cfn.yaml
OS::TripleO::Services::HeatEngine: ../docker/services/heat-engine.yaml
+ OS::TripleO::Services::Iscsid: ../docker/services/iscsid.yaml
OS::TripleO::Services::Keystone: ../docker/services/keystone.yaml
+ OS::TripleO::Services::NovaMigrationTarget: ../docker/services/nova-migration-target.yaml
OS::TripleO::Services::NeutronApi: ../docker/services/neutron-api.yaml
OS::TripleO::Services::NeutronCorePlugin: ../docker/services/neutron-plugin-ml2.yaml
OS::TripleO::Services::NeutronDhcpAgent: ../docker/services/neutron-dhcp.yaml
OS::TripleO::PostDeploySteps: ../docker/post.yaml
OS::TripleO::PostUpgradeSteps: ../docker/post-upgrade.yaml
-
-parameter_defaults:
- # To specify a local docker registry, enable these
- # where 192.168.24.1 is the host running docker-distribution
- #DockerNamespace: 192.168.24.1:8787/tripleoupstream
- #DockerNamespaceIsRegistry: true
-
- ComputeServices:
- - OS::TripleO::Services::CACerts
- - OS::TripleO::Services::CertmongerUser
- - OS::TripleO::Services::NovaCompute
- - OS::TripleO::Services::NovaLibvirt
- - OS::TripleO::Services::ComputeNeutronOvsAgent
- - OS::TripleO::Services::Docker
- - OS::TripleO::Services::Sshd
OS::TripleO::Services::NovaPlacement: ../docker/services/nova-placement.yaml
OS::TripleO::Services::NovaConductor: ../docker/services/nova-conductor.yaml
OS::TripleO::Services::NovaConsoleauth: ../docker/services/nova-consoleauth.yaml
+ OS::TripleO::Services::NovaMigrationTarget: ../docker/services/nova-migration-target.yaml
OS::TripleO::Services::NovaScheduler: ../docker/services/nova-scheduler.yaml
OS::TripleO::Services::NovaVncProxy: ../docker/services/nova-vnc-proxy.yaml
OS::TripleO::Services::NeutronServer: ../docker/services/neutron-api.yaml
OS::TripleO::PostDeploySteps: ../docker/post.yaml
OS::TripleO::PostUpgradeSteps: ../docker/post-upgrade.yaml
-
-parameter_defaults:
- # To specify a local docker registry, enable these
- # where 192.168.24.1 is the host running docker-distribution
- #DockerNamespace: 192.168.24.1:8787/tripleoupstream
- #DockerNamespaceIsRegistry: true
-
- ComputeServices:
- - OS::TripleO::Services::NovaCompute
- - OS::TripleO::Services::NovaLibvirt
- - OS::TripleO::Services::ComputeNeutronOvsAgent
- - OS::TripleO::Services::Docker
- - OS::TripleO::Services::CeilometerAgentCompute
- - OS::TripleO::Services::Sshd
- - OS::TripleO::Services::OpenDaylightOvs
#ComputeParameters:
#KernelArgs: ""
#TunedProfileName: ""
- #HostIsolatedCoreList: ""
+ #IsolCpusList: ""
#ComputeOvsDpdkParameters:
- #KernelArgs: ""
- #TunedProfileName: ""
- #HostIsolatedCoreList: ""
+ #KernelArgs: "intel_iommu=on iommu=pt default_hugepagesz=1GB hugepagesz=1G hugepages=60"
+ #TunedProfileName: "cpu-partitioning"
+ #IsolCpusList: ""
- OS::TripleO::Services::Securetty
- OS::TripleO::Services::NovaCompute
- OS::TripleO::Services::NovaLibvirt
+ - OS::TripleO::Services::NovaMigrationTarget
- OS::TripleO::Services::Kernel
- OS::TripleO::Services::ComputeNeutronCorePlugin
- OS::TripleO::Services::ComputeNeutronOvsAgent
- OS::TripleO::Services::ComputeNeutronMetadataAgent
- OS::TripleO::Services::TripleoPackages
- OS::TripleO::Services::TripleoFirewall
+ - OS::TripleO::Services::Tuned
- OS::TripleO::Services::NeutronSriovAgent
- OS::TripleO::Services::OpenDaylightOvs
- OS::TripleO::Services::SensuClient
NeutronBigswitchRestproxyServerAuth:
NeutronMechanismDrivers: openvswitch,bsn_ml2
NeutronServicePlugins: bsn_l3,bsn_service_plugin
- KeystoneNotificationDriver: messaging
# Optional:
# NeutronBigswitchRestproxyAutoSyncOnFailure:
NeutronMechanismDrivers: 'opendaylight_v2'
NeutronServicePlugins: 'odl-router_v2'
NovaSchedulerDefaultFilters: "RamFilter,ComputeFilter,AvailabilityZoneFilter,ComputeCapabilitiesFilter,ImagePropertiesFilter,NUMATopologyFilter"
- ## Deploying DPDK requires enabling hugepages for the overcloud compute nodes.
- ## It also requires enabling IOMMU when using the VFIO (vfio-pci) OvsDpdkDriverType.
- ## This can be done using ComputeKernelArgs as shown below.
- ComputeParameters:
- #ComputeKernelArgs: "intel_iommu=on default_hugepagesz=2MB hugepagesz=2MB hugepages=2048"
+
+ ComputeOvsDpdkParameters:
+ OvsEnableDpdk: True
+
+ ## Host configuration Parameters
+ #TunedProfileName: "cpu-partitioning"
+ #IsolCpusList: "" # Logical CPUs list to be isolated from the host process (applied via cpu-partitioning tuned).
+ # It is mandatory to provide isolated cpus for tuned to achive optimal performance.
+ # Example: "3-8,12-15,18"
+ #KernelArgs: "" # Space separated kernel args to configure hugepage and IOMMU.
+ # Deploying DPDK requires enabling hugepages for the overcloud compute nodes.
+ # It also requires enabling IOMMU when using the VFIO (vfio-pci) OvsDpdkDriverType.
+ # This should be done by configuring parameters via host-config-and-reboot.yaml environment file.
+
## Attempting to deploy DPDK without appropriate values for the below parameters may lead to unstable deployments
## due to CPU contention of DPDK PMD threads.
- OvsEnableDpdk: True
- ## It is highly recommended to to enable isolcpus (via ComputeKernelArgs) on compute overcloud nodes and set the following parameters:
+ ## It is highly recommended to to enable isolcpus (via KernelArgs) on compute overcloud nodes and set the following parameters:
#OvsDpdkSocketMemory: "" # Sets the amount of hugepage memory to assign per NUMA node.
# It is recommended to use the socket closest to the PCIe slot used for the
# desired DPDK NIC. Format should be comma separated per socket string such as:
# A Heat environment that can be used to deploy DPDK with OVS
# Deploying DPDK requires enabling hugepages for the overcloud nodes
resource_registry:
- OS::TripleO::Services::ComputeNeutronOvsAgent: ../puppet/services/neutron-ovs-dpdk-agent.yaml
+ OS::TripleO::Services::ComputeNeutronOvsDpdk: ../puppet/services/neutron-ovs-dpdk-agent.yaml
parameter_defaults:
NeutronDatapathType: "netdev"
NeutronVhostuserSocketDir: "/var/lib/vhost_sockets"
NovaSchedulerDefaultFilters: "RamFilter,ComputeFilter,AvailabilityZoneFilter,ComputeCapabilitiesFilter,ImagePropertiesFilter,NUMATopologyFilter"
- ## Deploying DPDK requires enabling hugepages for the overcloud compute nodes.
- ## It also requires enabling IOMMU when using the VFIO (vfio-pci) OvsDpdkDriverType.
- ## This can be done using ComputeKernelArgs as shown below.
- #ComputeParameters:
- #ComputeKernelArgs: "intel_iommu=on default_hugepagesz=2MB hugepagesz=2MB hugepages=2048"
+ OvsDpdkDriverType: "vfio-pci"
+
+ #ComputeOvsDpdkParameters:
+ ## Host configuration Parameters
+ #TunedProfileName: "cpu-partitioning"
+ #IsolCpusList: "" # Logical CPUs list to be isolated from the host process (applied via cpu-partitioning tuned).
+ # It is mandatory to provide isolated cpus for tuned to achive optimal performance.
+ # Example: "3-8,12-15,18"
+ #KernelArgs: "" # Space separated kernel args to configure hugepage and IOMMU.
+ # Deploying DPDK requires enabling hugepages for the overcloud compute nodes.
+ # It also requires enabling IOMMU when using the VFIO (vfio-pci) OvsDpdkDriverType.
+ # This should be done by configuring parameters via host-config-and-reboot.yaml environment file.
+
## Attempting to deploy DPDK without appropriate values for the below parameters may lead to unstable deployments
## due to CPU contention of DPDK PMD threads.
- ## It is highly recommended to to enable isolcpus (via ComputeKernelArgs) on compute overcloud nodes and set the following parameters:
+ ## It is highly recommended to to enable isolcpus (via KernelArgs) on compute overcloud nodes and set the following parameters:
#OvsDpdkSocketMemory: "" # Sets the amount of hugepage memory to assign per NUMA node.
# It is recommended to use the socket closest to the PCIe slot used for the
# desired DPDK NIC. Format should be comma separated per socket string such as:
# "<socket 0 mem MB>,<socket 1 mem MB>", for example: "1024,0".
- #OvsDpdkDriverType: "vfio-pci" # Ensure the Overcloud NIC to be used for DPDK supports this UIO/PMD driver.
#OvsPmdCoreList: "" # List or range of CPU cores for PMD threads to be pinned to. Note, NIC
# location to cores on socket, number of hyper-threaded logical cores, and
# desired number of PMD threads can all play a role in configuring this setting.
OS::TripleO::DefaultPasswords: OS::Heat::None
OS::TripleO::RandomString: OS::Heat::None
OS::TripleO::AllNodesDeployment: OS::Heat::None
+ OS::TripleO::DeployedServerEnvironment: ../deployed-server/deployed-server-environment-output.yaml
parameter_defaults:
# Deploy no services
+resource_registry:
+ OS::TripleO::DeployedServerEnvironment: ../deployed-server/deployed-server-environment-output.yaml
+
parameter_defaults:
# Consistent Hostname format
ControllerDeployedServerHostnameFormat: overcloud-controller-%index%
+# ****************************************************************************
+# DEPRECATED: Use tripleo-heat-templates/environments/storage/enable-ceph.yaml
+# instead.
+# ****************************************************************************
resource_registry:
OS::TripleO::Services::CephMon: ../puppet/services/ceph-mon.yaml
OS::TripleO::Services::CephOSD: ../puppet/services/ceph-osd.yaml
resource_registry:
OS::TripleO::Services::ManilaApi: ../../docker/services/manila-api.yaml
OS::TripleO::Services::ManilaScheduler: ../../docker/services/manila-scheduler.yaml
+ OS::TripleO::Services::ManilaShare: ../../docker/services/manila-share.yaml
# - OVS: neutron.agent.linux.interface.OVSInterfaceDriver
# - LinuxBridges: neutron.agent.linux.interface.BridgeInterfaceDriver
resource_registry:
- OS::TripleO::Services::NeutronLbaas: ../puppet/services/neutron-lbaas.yaml
+ OS::TripleO::Services::NeutronLbaasv2Agent: ../puppet/services/neutron-lbaas.yaml
parameter_defaults:
NeutronLbaasInterfaceDriver: "neutron.agent.linux.interface.OVSInterfaceDriver"
- NeutronLbaasDeviceDriver: "neutron.services.loadbalancer.drivers.haproxy.namespace_driver.HaproxyNSDriver"
+ NeutronLbaasDeviceDriver: "neutron_lbaas.drivers.haproxy.namespace_driver.HaproxyNSDriver"
NeutronServiceProviders: ['LOADBALANCERV2:Haproxy:neutron_lbaas.drivers.haproxy.plugin_driver.HaproxyOnHostPluginDriver:default']
+ NeutronServicePlugins: "qos,router,trunk,lbaasv2"
CongressAdmin: {protocol: 'http', port: '1789', host: 'IP_ADDRESS'}
CongressInternal: {protocol: 'http', port: '1789', host: 'IP_ADDRESS'}
CongressPublic: {protocol: 'https', port: '13789', host: 'CLOUDNAME'}
- ContrailAnalyticsApiAdmin: {protocol: 'http', port: '8081', host: 'IP_ADDRESS'}
- ContrailAnalyticsApiInternal: {protocol: 'http', port: '8081', host: 'IP_ADDRESS'}
- ContrailAnalyticsApiPublic: {protocol: 'http', port: '8081', host: 'IP_ADDRESS'}
- ContrailAnalyticsCollectorHttpAdmin: {protocol: 'http', port: '8089',
- host: 'IP_ADDRESS'}
- ContrailAnalyticsCollectorHttpInternal: {protocol: 'http', port: '8089',
- host: 'IP_ADDRESS'}
- ContrailAnalyticsCollectorHttpPublic: {protocol: 'http', port: '8089',
- host: 'IP_ADDRESS'}
- ContrailAnalyticsCollectorSandeshAdmin: {protocol: 'http', port: '8086',
- host: 'IP_ADDRESS'}
- ContrailAnalyticsCollectorSandeshInternal: {protocol: 'http', port: '8086',
- host: 'IP_ADDRESS'}
- ContrailAnalyticsCollectorSandeshPublic: {protocol: 'http', port: '8086',
- host: 'IP_ADDRESS'}
- ContrailAnalyticsHttpAdmin: {protocol: 'http', port: '8090', host: 'IP_ADDRESS'}
- ContrailAnalyticsHttpInternal: {protocol: 'http', port: '8090', host: 'IP_ADDRESS'}
- ContrailAnalyticsHttpPublic: {protocol: 'http', port: '8090', host: 'IP_ADDRESS'}
- ContrailAnalyticsRedisAdmin: {protocol: 'http', port: '6379', host: 'IP_ADDRESS'}
- ContrailAnalyticsRedisInternal: {protocol: 'http', port: '6379', host: 'IP_ADDRESS'}
- ContrailAnalyticsRedisPublic: {protocol: 'http', port: '6379', host: 'IP_ADDRESS'}
- ContrailConfigAdmin: {protocol: 'http', port: '8082', host: 'IP_ADDRESS'}
- ContrailConfigInternal: {protocol: 'http', port: '8082', host: 'IP_ADDRESS'}
- ContrailConfigPublic: {protocol: 'http', port: '8082', host: 'IP_ADDRESS'}
- ContrailDiscoveryAdmin: {protocol: 'http', port: '5998', host: 'IP_ADDRESS'}
- ContrailDiscoveryInternal: {protocol: 'http', port: '5998', host: 'IP_ADDRESS'}
- ContrailDiscoveryPublic: {protocol: 'http', port: '5998', host: 'IP_ADDRESS'}
- ContrailWebuiHttpAdmin: {protocol: 'http', port: '8080', host: 'IP_ADDRESS'}
- ContrailWebuiHttpInternal: {protocol: 'http', port: '8080', host: 'IP_ADDRESS'}
- ContrailWebuiHttpPublic: {protocol: 'http', port: '8080', host: 'IP_ADDRESS'}
- ContrailWebuiHttpsAdmin: {protocol: 'http', port: '8143', host: 'IP_ADDRESS'}
- ContrailWebuiHttpsInternal: {protocol: 'http', port: '8143', host: 'IP_ADDRESS'}
- ContrailWebuiHttpsPublic: {protocol: 'http', port: '8143', host: 'IP_ADDRESS'}
Ec2ApiAdmin: {protocol: 'http', port: '8788', host: 'IP_ADDRESS'}
Ec2ApiInternal: {protocol: 'http', port: '8788', host: 'IP_ADDRESS'}
Ec2ApiPublic: {protocol: 'https', port: '13788', host: 'CLOUDNAME'}
CongressAdmin: {protocol: 'http', port: '1789', host: 'IP_ADDRESS'}
CongressInternal: {protocol: 'http', port: '1789', host: 'IP_ADDRESS'}
CongressPublic: {protocol: 'https', port: '13789', host: 'IP_ADDRESS'}
- ContrailAnalyticsApiAdmin: {protocol: 'http', port: '8081', host: 'IP_ADDRESS'}
- ContrailAnalyticsApiInternal: {protocol: 'http', port: '8081', host: 'IP_ADDRESS'}
- ContrailAnalyticsApiPublic: {protocol: 'http', port: '8081', host: 'IP_ADDRESS'}
- ContrailAnalyticsCollectorHttpAdmin: {protocol: 'http', port: '8089',
- host: 'IP_ADDRESS'}
- ContrailAnalyticsCollectorHttpInternal: {protocol: 'http', port: '8089',
- host: 'IP_ADDRESS'}
- ContrailAnalyticsCollectorHttpPublic: {protocol: 'http', port: '8089',
- host: 'IP_ADDRESS'}
- ContrailAnalyticsCollectorSandeshAdmin: {protocol: 'http', port: '8086',
- host: 'IP_ADDRESS'}
- ContrailAnalyticsCollectorSandeshInternal: {protocol: 'http', port: '8086',
- host: 'IP_ADDRESS'}
- ContrailAnalyticsCollectorSandeshPublic: {protocol: 'http', port: '8086',
- host: 'IP_ADDRESS'}
- ContrailAnalyticsHttpAdmin: {protocol: 'http', port: '8090', host: 'IP_ADDRESS'}
- ContrailAnalyticsHttpInternal: {protocol: 'http', port: '8090', host: 'IP_ADDRESS'}
- ContrailAnalyticsHttpPublic: {protocol: 'http', port: '8090', host: 'IP_ADDRESS'}
- ContrailAnalyticsRedisAdmin: {protocol: 'http', port: '6379', host: 'IP_ADDRESS'}
- ContrailAnalyticsRedisInternal: {protocol: 'http', port: '6379', host: 'IP_ADDRESS'}
- ContrailAnalyticsRedisPublic: {protocol: 'http', port: '6379', host: 'IP_ADDRESS'}
- ContrailConfigAdmin: {protocol: 'http', port: '8082', host: 'IP_ADDRESS'}
- ContrailConfigInternal: {protocol: 'http', port: '8082', host: 'IP_ADDRESS'}
- ContrailConfigPublic: {protocol: 'http', port: '8082', host: 'IP_ADDRESS'}
- ContrailDiscoveryAdmin: {protocol: 'http', port: '5998', host: 'IP_ADDRESS'}
- ContrailDiscoveryInternal: {protocol: 'http', port: '5998', host: 'IP_ADDRESS'}
- ContrailDiscoveryPublic: {protocol: 'http', port: '5998', host: 'IP_ADDRESS'}
- ContrailWebuiHttpAdmin: {protocol: 'http', port: '8080', host: 'IP_ADDRESS'}
- ContrailWebuiHttpInternal: {protocol: 'http', port: '8080', host: 'IP_ADDRESS'}
- ContrailWebuiHttpPublic: {protocol: 'http', port: '8080', host: 'IP_ADDRESS'}
- ContrailWebuiHttpsAdmin: {protocol: 'http', port: '8143', host: 'IP_ADDRESS'}
- ContrailWebuiHttpsInternal: {protocol: 'http', port: '8143', host: 'IP_ADDRESS'}
- ContrailWebuiHttpsPublic: {protocol: 'http', port: '8143', host: 'IP_ADDRESS'}
Ec2ApiAdmin: {protocol: 'http', port: '8788', host: 'IP_ADDRESS'}
Ec2ApiInternal: {protocol: 'http', port: '8788', host: 'IP_ADDRESS'}
Ec2ApiPublic: {protocol: 'https', port: '13788', host: 'IP_ADDRESS'}
CongressAdmin: {protocol: 'https', port: '1789', host: 'CLOUDNAME'}
CongressInternal: {protocol: 'https', port: '1789', host: 'CLOUDNAME'}
CongressPublic: {protocol: 'https', port: '13789', host: 'CLOUDNAME'}
- ContrailAnalyticsApiAdmin: {protocol: 'http', port: '8081', host: 'IP_ADDRESS'}
- ContrailAnalyticsApiInternal: {protocol: 'http', port: '8081', host: 'IP_ADDRESS'}
- ContrailAnalyticsApiPublic: {protocol: 'http', port: '8081', host: 'IP_ADDRESS'}
- ContrailAnalyticsCollectorHttpAdmin: {protocol: 'http', port: '8089',
- host: 'IP_ADDRESS'}
- ContrailAnalyticsCollectorHttpInternal: {protocol: 'http', port: '8089',
- host: 'IP_ADDRESS'}
- ContrailAnalyticsCollectorHttpPublic: {protocol: 'http', port: '8089',
- host: 'IP_ADDRESS'}
- ContrailAnalyticsCollectorSandeshAdmin: {protocol: 'http', port: '8086',
- host: 'IP_ADDRESS'}
- ContrailAnalyticsCollectorSandeshInternal: {protocol: 'http', port: '8086',
- host: 'IP_ADDRESS'}
- ContrailAnalyticsCollectorSandeshPublic: {protocol: 'http', port: '8086',
- host: 'IP_ADDRESS'}
- ContrailAnalyticsHttpAdmin: {protocol: 'http', port: '8090', host: 'IP_ADDRESS'}
- ContrailAnalyticsHttpInternal: {protocol: 'http', port: '8090', host: 'IP_ADDRESS'}
- ContrailAnalyticsHttpPublic: {protocol: 'http', port: '8090', host: 'IP_ADDRESS'}
- ContrailAnalyticsRedisAdmin: {protocol: 'http', port: '6379', host: 'IP_ADDRESS'}
- ContrailAnalyticsRedisInternal: {protocol: 'http', port: '6379', host: 'IP_ADDRESS'}
- ContrailAnalyticsRedisPublic: {protocol: 'http', port: '6379', host: 'IP_ADDRESS'}
- ContrailConfigAdmin: {protocol: 'http', port: '8082', host: 'IP_ADDRESS'}
- ContrailConfigInternal: {protocol: 'http', port: '8082', host: 'IP_ADDRESS'}
- ContrailConfigPublic: {protocol: 'http', port: '8082', host: 'IP_ADDRESS'}
- ContrailDiscoveryAdmin: {protocol: 'http', port: '5998', host: 'IP_ADDRESS'}
- ContrailDiscoveryInternal: {protocol: 'http', port: '5998', host: 'IP_ADDRESS'}
- ContrailDiscoveryPublic: {protocol: 'http', port: '5998', host: 'IP_ADDRESS'}
- ContrailWebuiHttpAdmin: {protocol: 'http', port: '8080', host: 'IP_ADDRESS'}
- ContrailWebuiHttpInternal: {protocol: 'http', port: '8080', host: 'IP_ADDRESS'}
- ContrailWebuiHttpPublic: {protocol: 'http', port: '8080', host: 'IP_ADDRESS'}
- ContrailWebuiHttpsAdmin: {protocol: 'http', port: '8143', host: 'IP_ADDRESS'}
- ContrailWebuiHttpsInternal: {protocol: 'http', port: '8143', host: 'IP_ADDRESS'}
- ContrailWebuiHttpsPublic: {protocol: 'http', port: '8143', host: 'IP_ADDRESS'}
Ec2ApiAdmin: {protocol: 'https', port: '8788', host: 'CLOUDNAME'}
Ec2ApiInternal: {protocol: 'https', port: '8788', host: 'CLOUDNAME'}
Ec2ApiPublic: {protocol: 'https', port: '13788', host: 'CLOUDNAME'}
# Type: boolean
NovaEnableRbdBackend: True
+resource_registry:
+ OS::TripleO::Services::CephClient: ../../puppet/services/ceph-client.yaml
+ OS::TripleO::Services::CephMon: ../../puppet/services/ceph-mon.yaml
+ OS::TripleO::Services::CephOSD: ../../puppet/services/ceph-osd.yaml
CongressAdmin: {protocol: 'http', port: '1789', host: 'IP_ADDRESS'}
CongressInternal: {protocol: 'http', port: '1789', host: 'IP_ADDRESS'}
CongressPublic: {protocol: 'https', port: '13789', host: 'CLOUDNAME'}
- ContrailAnalyticsApiAdmin: {protocol: 'http', port: '8081', host: 'IP_ADDRESS'}
- ContrailAnalyticsApiInternal: {protocol: 'http', port: '8081', host: 'IP_ADDRESS'}
- ContrailAnalyticsApiPublic: {protocol: 'http', port: '8081', host: 'IP_ADDRESS'}
- ContrailAnalyticsCollectorHttpAdmin: {protocol: 'http', port: '8089',
- host: 'IP_ADDRESS'}
- ContrailAnalyticsCollectorHttpInternal: {protocol: 'http', port: '8089',
- host: 'IP_ADDRESS'}
- ContrailAnalyticsCollectorHttpPublic: {protocol: 'http', port: '8089',
- host: 'IP_ADDRESS'}
- ContrailAnalyticsCollectorSandeshAdmin: {protocol: 'http', port: '8086',
- host: 'IP_ADDRESS'}
- ContrailAnalyticsCollectorSandeshInternal: {protocol: 'http', port: '8086',
- host: 'IP_ADDRESS'}
- ContrailAnalyticsCollectorSandeshPublic: {protocol: 'http', port: '8086',
- host: 'IP_ADDRESS'}
- ContrailAnalyticsHttpAdmin: {protocol: 'http', port: '8090', host: 'IP_ADDRESS'}
- ContrailAnalyticsHttpInternal: {protocol: 'http', port: '8090', host: 'IP_ADDRESS'}
- ContrailAnalyticsHttpPublic: {protocol: 'http', port: '8090', host: 'IP_ADDRESS'}
- ContrailAnalyticsRedisAdmin: {protocol: 'http', port: '6379', host: 'IP_ADDRESS'}
- ContrailAnalyticsRedisInternal: {protocol: 'http', port: '6379', host: 'IP_ADDRESS'}
- ContrailAnalyticsRedisPublic: {protocol: 'http', port: '6379', host: 'IP_ADDRESS'}
- ContrailConfigAdmin: {protocol: 'http', port: '8082', host: 'IP_ADDRESS'}
- ContrailConfigInternal: {protocol: 'http', port: '8082', host: 'IP_ADDRESS'}
- ContrailConfigPublic: {protocol: 'http', port: '8082', host: 'IP_ADDRESS'}
- ContrailDiscoveryAdmin: {protocol: 'http', port: '5998', host: 'IP_ADDRESS'}
- ContrailDiscoveryInternal: {protocol: 'http', port: '5998', host: 'IP_ADDRESS'}
- ContrailDiscoveryPublic: {protocol: 'http', port: '5998', host: 'IP_ADDRESS'}
- ContrailWebuiHttpAdmin: {protocol: 'http', port: '8080', host: 'IP_ADDRESS'}
- ContrailWebuiHttpInternal: {protocol: 'http', port: '8080', host: 'IP_ADDRESS'}
- ContrailWebuiHttpPublic: {protocol: 'http', port: '8080', host: 'IP_ADDRESS'}
- ContrailWebuiHttpsAdmin: {protocol: 'http', port: '8143', host: 'IP_ADDRESS'}
- ContrailWebuiHttpsInternal: {protocol: 'http', port: '8143', host: 'IP_ADDRESS'}
- ContrailWebuiHttpsPublic: {protocol: 'http', port: '8143', host: 'IP_ADDRESS'}
Ec2ApiAdmin: {protocol: 'http', port: '8788', host: 'IP_ADDRESS'}
Ec2ApiInternal: {protocol: 'http', port: '8788', host: 'IP_ADDRESS'}
Ec2ApiPublic: {protocol: 'https', port: '13788', host: 'CLOUDNAME'}
CongressAdmin: {protocol: 'http', port: '1789', host: 'IP_ADDRESS'}
CongressInternal: {protocol: 'http', port: '1789', host: 'IP_ADDRESS'}
CongressPublic: {protocol: 'https', port: '13789', host: 'IP_ADDRESS'}
- ContrailAnalyticsApiAdmin: {protocol: 'http', port: '8081', host: 'IP_ADDRESS'}
- ContrailAnalyticsApiInternal: {protocol: 'http', port: '8081', host: 'IP_ADDRESS'}
- ContrailAnalyticsApiPublic: {protocol: 'http', port: '8081', host: 'IP_ADDRESS'}
- ContrailAnalyticsCollectorHttpAdmin: {protocol: 'http', port: '8089',
- host: 'IP_ADDRESS'}
- ContrailAnalyticsCollectorHttpInternal: {protocol: 'http', port: '8089',
- host: 'IP_ADDRESS'}
- ContrailAnalyticsCollectorHttpPublic: {protocol: 'http', port: '8089',
- host: 'IP_ADDRESS'}
- ContrailAnalyticsCollectorSandeshAdmin: {protocol: 'http', port: '8086',
- host: 'IP_ADDRESS'}
- ContrailAnalyticsCollectorSandeshInternal: {protocol: 'http', port: '8086',
- host: 'IP_ADDRESS'}
- ContrailAnalyticsCollectorSandeshPublic: {protocol: 'http', port: '8086',
- host: 'IP_ADDRESS'}
- ContrailAnalyticsHttpAdmin: {protocol: 'http', port: '8090', host: 'IP_ADDRESS'}
- ContrailAnalyticsHttpInternal: {protocol: 'http', port: '8090', host: 'IP_ADDRESS'}
- ContrailAnalyticsHttpPublic: {protocol: 'http', port: '8090', host: 'IP_ADDRESS'}
- ContrailAnalyticsRedisAdmin: {protocol: 'http', port: '6379', host: 'IP_ADDRESS'}
- ContrailAnalyticsRedisInternal: {protocol: 'http', port: '6379', host: 'IP_ADDRESS'}
- ContrailAnalyticsRedisPublic: {protocol: 'http', port: '6379', host: 'IP_ADDRESS'}
- ContrailConfigAdmin: {protocol: 'http', port: '8082', host: 'IP_ADDRESS'}
- ContrailConfigInternal: {protocol: 'http', port: '8082', host: 'IP_ADDRESS'}
- ContrailConfigPublic: {protocol: 'http', port: '8082', host: 'IP_ADDRESS'}
- ContrailDiscoveryAdmin: {protocol: 'http', port: '5998', host: 'IP_ADDRESS'}
- ContrailDiscoveryInternal: {protocol: 'http', port: '5998', host: 'IP_ADDRESS'}
- ContrailDiscoveryPublic: {protocol: 'http', port: '5998', host: 'IP_ADDRESS'}
- ContrailWebuiHttpAdmin: {protocol: 'http', port: '8080', host: 'IP_ADDRESS'}
- ContrailWebuiHttpInternal: {protocol: 'http', port: '8080', host: 'IP_ADDRESS'}
- ContrailWebuiHttpPublic: {protocol: 'http', port: '8080', host: 'IP_ADDRESS'}
- ContrailWebuiHttpsAdmin: {protocol: 'http', port: '8143', host: 'IP_ADDRESS'}
- ContrailWebuiHttpsInternal: {protocol: 'http', port: '8143', host: 'IP_ADDRESS'}
- ContrailWebuiHttpsPublic: {protocol: 'http', port: '8143', host: 'IP_ADDRESS'}
Ec2ApiAdmin: {protocol: 'http', port: '8788', host: 'IP_ADDRESS'}
Ec2ApiInternal: {protocol: 'http', port: '8788', host: 'IP_ADDRESS'}
Ec2ApiPublic: {protocol: 'https', port: '13788', host: 'IP_ADDRESS'}
CongressAdmin: {protocol: 'https', port: '1789', host: 'CLOUDNAME'}
CongressInternal: {protocol: 'https', port: '1789', host: 'CLOUDNAME'}
CongressPublic: {protocol: 'https', port: '13789', host: 'CLOUDNAME'}
- ContrailAnalyticsApiAdmin: {protocol: 'http', port: '8081', host: 'IP_ADDRESS'}
- ContrailAnalyticsApiInternal: {protocol: 'http', port: '8081', host: 'IP_ADDRESS'}
- ContrailAnalyticsApiPublic: {protocol: 'http', port: '8081', host: 'IP_ADDRESS'}
- ContrailAnalyticsCollectorHttpAdmin: {protocol: 'http', port: '8089',
- host: 'IP_ADDRESS'}
- ContrailAnalyticsCollectorHttpInternal: {protocol: 'http', port: '8089',
- host: 'IP_ADDRESS'}
- ContrailAnalyticsCollectorHttpPublic: {protocol: 'http', port: '8089',
- host: 'IP_ADDRESS'}
- ContrailAnalyticsCollectorSandeshAdmin: {protocol: 'http', port: '8086',
- host: 'IP_ADDRESS'}
- ContrailAnalyticsCollectorSandeshInternal: {protocol: 'http', port: '8086',
- host: 'IP_ADDRESS'}
- ContrailAnalyticsCollectorSandeshPublic: {protocol: 'http', port: '8086',
- host: 'IP_ADDRESS'}
- ContrailAnalyticsHttpAdmin: {protocol: 'http', port: '8090', host: 'IP_ADDRESS'}
- ContrailAnalyticsHttpInternal: {protocol: 'http', port: '8090', host: 'IP_ADDRESS'}
- ContrailAnalyticsHttpPublic: {protocol: 'http', port: '8090', host: 'IP_ADDRESS'}
- ContrailAnalyticsRedisAdmin: {protocol: 'http', port: '6379', host: 'IP_ADDRESS'}
- ContrailAnalyticsRedisInternal: {protocol: 'http', port: '6379', host: 'IP_ADDRESS'}
- ContrailAnalyticsRedisPublic: {protocol: 'http', port: '6379', host: 'IP_ADDRESS'}
- ContrailConfigAdmin: {protocol: 'http', port: '8082', host: 'IP_ADDRESS'}
- ContrailConfigInternal: {protocol: 'http', port: '8082', host: 'IP_ADDRESS'}
- ContrailConfigPublic: {protocol: 'http', port: '8082', host: 'IP_ADDRESS'}
- ContrailDiscoveryAdmin: {protocol: 'http', port: '5998', host: 'IP_ADDRESS'}
- ContrailDiscoveryInternal: {protocol: 'http', port: '5998', host: 'IP_ADDRESS'}
- ContrailDiscoveryPublic: {protocol: 'http', port: '5998', host: 'IP_ADDRESS'}
- ContrailWebuiHttpAdmin: {protocol: 'http', port: '8080', host: 'IP_ADDRESS'}
- ContrailWebuiHttpInternal: {protocol: 'http', port: '8080', host: 'IP_ADDRESS'}
- ContrailWebuiHttpPublic: {protocol: 'http', port: '8080', host: 'IP_ADDRESS'}
- ContrailWebuiHttpsAdmin: {protocol: 'http', port: '8143', host: 'IP_ADDRESS'}
- ContrailWebuiHttpsInternal: {protocol: 'http', port: '8143', host: 'IP_ADDRESS'}
- ContrailWebuiHttpsPublic: {protocol: 'http', port: '8143', host: 'IP_ADDRESS'}
Ec2ApiAdmin: {protocol: 'https', port: '8788', host: 'CLOUDNAME'}
Ec2ApiInternal: {protocol: 'https', port: '8788', host: 'CLOUDNAME'}
Ec2ApiPublic: {protocol: 'https', port: '13788', host: 'CLOUDNAME'}
HeatMaxJsonBodySize: 2097152
IronicInspectorInterface: br-ctlplane
IronicInspectorIpRange: '192.168.24.100,192.168.24.200'
+ ZaqarMessageStore: 'swift'
+ ZaqarManagementStore: 'sqlalchemy'
--- /dev/null
+# Copyright (c) 2017 Veritas Technologies LLC.
+#
+# Licensed under the Apache License, Version 2.0 (the "License");
+# you may not use this file except in compliance with the License.
+# You may obtain a copy of the License at
+#
+# http://www.apache.org/licenses/LICENSE-2.0
+#
+# Unless required by applicable law or agreed to in writing, software
+# distributed under the License is distributed on an "AS IS" BASIS,
+# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+# See the License for the specific language governing permissions and
+# limitations under the License.
+#
+# A Heat environment file which can be used to enable a
+# a Veritas HyperScale backend, configured via puppet
+resource_registry:
+ OS::TripleO::Services::CinderBackendVRTSHyperScale: ../../puppet/services/cinder-backend-veritas-hyperscale.yaml
--- /dev/null
+# Copyright (c) 2017 Veritas Technologies LLC.
+#
+# Licensed under the Apache License, Version 2.0 (the "License");
+# you may not use this file except in compliance with the License.
+# You may obtain a copy of the License at
+#
+# http://www.apache.org/licenses/LICENSE-2.0
+#
+# Unless required by applicable law or agreed to in writing, software
+# distributed under the License is distributed on an "AS IS" BASIS,
+# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+# See the License for the specific language governing permissions and
+# limitations under the License.
+#
+# A Heat environment file which can be used to install
+# Veritas HyperScale packages for controller.
+resource_registry:
+ OS::TripleO::Services::VRTSHyperScale: ../../puppet/services/veritas-hyperscale-controller.yaml
+
+parameter_defaults:
+ EnablePackageInstall: true
+ VrtsRabbitPassword: ''
+ VrtsKeystonePassword: ''
+ VrtsMysqlPassword: ''
+ VrtsCtrlMgmtIP: ''
+ VrtsDashboardIP: ''
+ VrtsZookeeperIP: ''
+ VrtsSSHPassword: ''
+ VrtsConfigParam1: ''
+ VrtsConfigParam2: ''
+ VrtsConfigParam3: ''
--- /dev/null
+heat_template_version: pike
+
+parameters:
+ ContrailRepo:
+ type: string
+ default: ''
+
+resources:
+ userdata:
+ type: OS::Heat::MultipartMime
+ properties:
+ parts:
+ - config: {get_resource: EnableContrailRepoConfig}
+
+ EnableContrailRepoConfig:
+ type: OS::Heat::SoftwareConfig
+ properties:
+ config:
+ str_replace:
+ template: |
+ #!/bin/bash
+ contrail_repo=$contrail_repo
+ if [[ ${contrail_repo} ]]; then
+ cat <<EOF > /etc/yum.repos.d/contrail.repo
+ [Contrail]
+ name=Contrail Repo
+ baseurl=${contrail_repo}
+ enabled=1
+ gpgcheck=0
+ protect=1
+ metadata_expire=30
+ EOF
+ fi
+ params:
+ $contrail_repo: {get_param: ContrailRepo}
+
+outputs:
+ # This means get_resource from the parent template will get the userdata, see:
+ # http://docs.openstack.org/developer/heat/template_guide/composition.html#making-your-template-resource-more-transparent
+ # Note this is new-for-kilo, an alternative is returning a value then using
+ # get_attr in the parent template instead.
+ OS::stack_id:
+ value: {get_resource: userdata}
# otherwise unchanged
DeployIdentifier:
type: string
+ default: ''
+ description: >
+ Setting this to a unique value will re-run any deployment tasks which perform configuration on a Heat stack-update.
resources:
description: |
When enabled, the system will perform a yum update after performing the
RHEL Registration process.
+ deployment_actions:
+ default: ['CREATE', 'UPDATE']
+ type: comma_delimited_list
+ description: >
+ List of stack actions that will trigger any deployments in this
+ templates. The actions will be an empty list of the server is in the
+ toplevel DeploymentServerBlacklist parameter's value.
+
+conditions:
+ deployment_actions_empty:
+ equals:
+ - {get_param: deployment_actions}
+ - []
resources:
name: RHELUnregistrationDeployment
server: {get_param: server}
config: {get_resource: RHELUnregistration}
- actions: ['DELETE'] # Only do this on DELETE
+ actions:
+ if:
+ - deployment_actions_empty
+ - []
+ - ['DELETE'] # Only do this on DELETE
input_values:
REG_METHOD: {get_param: rhel_reg_method}
name: UpdateDeploymentAfterRHELRegistration
config: {get_resource: YumUpdateConfigurationAfterRHELRegistration}
server: {get_param: server}
- actions: ['CREATE'] # Only do this on CREATE
+ actions:
+ if:
+ - deployment_actions_empty
+ - []
+ - ['CREATE'] # Only do this on CREATE
outputs:
deploy_stdout:
parameters:
server:
type: string
+ deployment_actions:
+ default: ['CREATE', 'UPDATE']
+ type: comma_delimited_list
+ description: >
+ List of stack actions that will trigger any deployments in this
+ templates. The actions will be an empty list of the server is in the
+ toplevel DeploymentServerBlacklist parameter's value.
+
+conditions:
+ deployment_actions_empty:
+ equals:
+ - {get_param: deployment_actions}
+ - []
resources:
name: SomeDeployment
server: {get_param: server}
config: {get_resource: SomeConfig}
+ actions:
+ if:
+ - deployment_actions_empty
+ - []
+ - ['CREATE'] # Only do this on CREATE
actions: ['CREATE'] # Only do this on CREATE
RebootConfig:
name: RebootDeployment
server: {get_param: server}
config: {get_resource: RebootConfig}
- actions: ['CREATE'] # Only do this on CREATE
+ actions:
+ if:
+ - deployment_actions_empty
+ - []
+ - ['CREATE'] # Only do this on CREATE
signal_transport: NO_SIGNAL
--- /dev/null
+heat_template_version: pike
+
+# NOTE: You don't need to pass the parameter explicitly from the
+# parent template, it can be specified via the parameter_defaults
+# in the resource_registry instead, if you want to override the default
+# and/or share values with other templates in the tree.
+parameters:
+ ContrailRepo:
+ type: string
+ default: ''
+ ContrailVrouterPhysicalInterface:
+ default: 'eth0'
+ description: vRouter physical interface
+ type: string
+ ContrailVlanParentInterface:
+ default: ''
+ description: Parent interface of vlan interface
+ type: string
+ ContrailBondInterface:
+ default: ''
+ description: Bond interface name
+ type: string
+ ContrailBondInterfaceMembers:
+ default: ''
+ description: Bond interface members
+ type: string
+ ContrailBondMode:
+ default: '4'
+ description: Bond Mode
+ type: string
+ ContrailBondPolicy:
+ default: '1'
+ description: Bond Policy
+ type: string
+ RoleParameters:
+ type: json
+ description: Role Specific parameters
+ default: {}
+ ServiceNames:
+ type: comma_delimited_list
+ default: []
+ server:
+ type: string
+
+description: >
+ This template installs the Contrail kernel module packages in order
+ to bring vhost0 interface up. Vhost0 interface must be up before
+ os-net-config takes over.
+
+resources:
+
+ ContrailVrouterModuleDeployment:
+ type: OS::Heat::SoftwareDeployment
+ properties:
+ name: ContrailVrouterModuleDeployment
+ server: {get_param: server}
+ config: {get_resource: ContrailVrouterModuleConfig}
+ input_values:
+ phy_int: {get_param: ContrailVrouterPhysicalInterface}
+ bond_int: {get_param: ContrailBondInterface}
+ bond_int_members: {get_param: ContrailBondInterfaceMembers}
+ vlan_parent: {get_param: ContrailVlanParentInterface}
+ contrail_repo: {get_param: ContrailRepo}
+ bond_mode: {get_param: ContrailBondMode}
+ bond_policy: {get_param: ContrailBondPolicy}
+ actions: ['CREATE'] # Only do this on CREATE
+
+ ContrailVrouterModuleConfig:
+ type: OS::Heat::SoftwareConfig
+ properties:
+ group: script
+ inputs:
+ - name: phy_int
+ - name: bond_int
+ - name: bond_int_members
+ - name: vlan_parent
+ - name: contrail_repo
+ - name: bond_mode
+ - name: bond_policy
+ config: |
+ #!/bin/bash
+ phy_int=$phy_int
+ bond_int=$bond_int
+ bond_int_members=$bond_int_members
+ bond_mode=$bond_mode
+ bond_policy=$bond_policy
+ vlan_parent=$vlan_parent
+ contrail_repo=$contrail_repo
+ if [[ ${contrail_repo} ]]; then
+ yum install -y contrail-vrouter-utils
+ fi
+ function pkt_setup () {
+ for f in /sys/class/net/$1/queues/rx-*
+ do
+ q="$(echo $f | cut -d '-' -f2)"
+ r=$(($q%32))
+ s=$(($q/32))
+ ((mask=1<<$r))
+ str=(`printf "%x" $mask`)
+ if [ $s -gt 0 ]; then
+ for ((i=0; i < $s; i++))
+ do
+ str+=,00000000
+ done
+ fi
+ echo $str > $f/rps_cpus
+ done
+ ifconfig $1 up
+ }
+ function insert_vrouter() {
+ if [ -f /sys/class/net/pkt1/queues/rx-0/rps_cpus ]; then
+ pkt_setup pkt1
+ fi
+ if [ -f /sys/class/net/pkt2/queues/rx-0/rps_cpus ]; then
+ pkt_setup pkt2
+ fi
+ if [ -f /sys/class/net/pkt3/queues/rx-0/rps_cpus ]; then
+ pkt_setup pkt3
+ fi
+ DEV_MAC=$(cat /sys/class/net/${phy_int}/address)
+ vif --create vhost0 --mac $DEV_MAC
+ vif --add ${phy_int} --mac $DEV_MAC --vrf 0 --vhost-phys --type physical
+ vif --add vhost0 --mac $DEV_MAC --vrf 0 --type vhost --xconnect ${phy_int}
+ ip link set vhost0 up
+ return 0
+ }
+ if [[ ${bond_int} ]]; then
+ bond_int_member_list=$(echo ${bond_int_members} | tr "," "\n")
+ ip link add name ${bond_int} type bond
+ echo ${bond_mode} > /sys/class/net/${bond_int}/bonding/mode
+ echo ${bond_policy} > /sys/class/net/${bond_int}/bonding/xmit_hash_policy
+ for member in ${bond_int_member_list}; do
+ ip link set dev $member master ${bond_int}
+ done
+ fi
+ if [[ ${vlan_parent} ]]; then
+ vlanId=`echo ${phy_int} | awk -F"vlan" '{print $2}'`
+ ip link add name ${phy_int} link ${vlan_parent} type vlan id ${vlanId}
+ fi
+ if [[ ${contrail_repo} ]]; then
+ yumdownloader contrail-vrouter --destdir /tmp
+ cd /tmp
+ rpm2cpio /tmp/contrail-vrouter*.rpm | cpio -idmv
+ cp `find /tmp/lib/modules -name vrouter.ko |tail -1` /tmp
+ insmod /tmp/vrouter.ko
+ else
+ modprobe vrouter
+ fi
+ insert_vrouter
+ if [[ `ifconfig ${phy_int} |grep "inet "` ]]; then
+ def_gw=''
+ if [[ `ip route show |grep default|grep ${phy_int}` ]]; then
+ def_gw=`ip route show |grep default|grep ${phy_int}|awk '{print $3}'`
+ fi
+ ip=`ifconfig ${phy_int} |grep "inet "|awk '{print $2}'`
+ mask=`ifconfig ${phy_int} |grep "inet "|awk '{print $4}'`
+ ip address delete $ip/$mask dev ${phy_int}
+ ip address add $ip/$mask dev vhost0
+ if [[ $def_gw ]]; then
+ ip route add default via $def_gw
+ fi
+ fi
--- /dev/null
+heat_template_version: pike
+
+# NOTE: You don't need to pass the parameter explicitly from the
+# parent template, it can be specified via the parameter_defaults
+# in the resource_registry instead, if you want to override the default
+# and/or share values with other templates in the tree.
+parameters:
+ ContrailRepo:
+ type: string
+ default: ''
+ ContrailVrouterPhysicalInterface:
+ default: 'eth0'
+ description: vRouter physical interface
+ type: string
+ ContrailVlanParentInterface:
+ default: ''
+ description: Parent interface of vlan interface
+ type: string
+ ContrailBondInterface:
+ default: ''
+ description: Bond interface name
+ type: string
+ ContrailBondInterfaceMembers:
+ default: ''
+ description: Bond interface members
+ type: string
+ ContrailBondMode:
+ default: '4'
+ description: Bond Mode
+ type: string
+ ContrailBondPolicy:
+ default: '1'
+ description: Bond Policy
+ type: string
+ ContrailDpdkHugePages:
+ default: '2048'
+ description: DPDK Hugepages setting
+ type: string
+ RoleParameters:
+ type: json
+ description: Role Specific parameters
+ default: {}
+ ServiceNames:
+ type: comma_delimited_list
+ default: []
+ server:
+ type: string
+
+description: >
+ This template installs the Contrail dpdk packages in order
+ to bring vhost0 interface up. Vhost0 interface must be up before
+ os-net-config takes over.
+
+resources:
+
+ ContrailVrouterDpdkDeployment:
+ type: OS::Heat::SoftwareDeployment
+ properties:
+ name: ContrailVrouterDpdkDeployment
+ server: {get_param: server}
+ config: {get_resource: ContrailVrouterDpdkConfig}
+ input_values:
+ phy_int: {get_param: ContrailVrouterPhysicalInterface}
+ bond_int: {get_param: ContrailBondInterface}
+ bond_int_members: {get_param: ContrailBondInterfaceMembers}
+ vlan_parent: {get_param: ContrailVlanParentInterface}
+ contrail_repo: {get_param: ContrailRepo}
+ bond_mode: {get_param: ContrailBondMode}
+ bond_policy: {get_param: ContrailBondPolicy}
+ dpdk_hugepages: {get_param: ContrailDpdkHugePages}
+ actions: ['CREATE'] # Only do this on CREATE
+
+ ContrailVrouterDpdkConfig:
+ type: OS::Heat::SoftwareConfig
+ properties:
+ group: script
+ config: |
+ #!/bin/bash
+ phy_int=$phy_int
+ bond_int=$bond_int
+ bond_int_members=$bond_int_members
+ bond_mode=$bond_mode
+ bond_policy=$bond_policy
+ vlan_parent=$vlan_parent
+ contrail_repo=$contrail_repo
+ dpdk_hugepages=$dpdk_hugepages
+ echo "vm.nr_hugepages = $dpdk_hugepages" >> /etc/sysctl.conf
+ echo "vm.max_map_count = 128960" >> /etc/sysctl.conf
+ echo "kernel.core_pattern = /var/crashes/core.%e.%p.%h.%t" >> /etc/sysctl.conf
+ echo "net.ipv4.tcp_keepalive_time = 5" >> /etc/sysctl.conf
+ echo "net.ipv4.tcp_keepalive_probes = 5" >> /etc/sysctl.conf
+ echo "net.ipv4.tcp_keepalive_intvl = 1" >> /etc/sysctl.conf
+ /sbin/sysctl --system
+ modprobe uio
+ if [[ ${contrail_repo} ]]; then
+ yum install -y contrail-vrouter-utils contrail-vrouter-dpdk contrail-vrouter-dpdk-init
+ fi
+ pci_address=`ethtool -i ${phy_int} |grep bus-info| awk '{print $2}' |tr -d ' '`
+ if [[ ${vlan_parent} ]]; then
+ pci_address=`ethtool -i ${vlan_parent} |grep bus-info| awk '{print $2}' |tr -d ' '`
+ fi
+ if [[ ${bond_int} ]]; then
+ bond_int_member_list=$(echo ${bond_int_members} | tr "," "\n")
+ cat <<EOF> /etc/sysconfig/network-scripts/ifcfg-${bond_int}
+ DEVICE=${bond_int}
+ BOOTPROTO=none
+ ONBOOT=yes
+ USERCTL=no
+ BONDING_OPTS="mode=${bond_mode} xmit_hash_policy=${bond_policy}"
+ EOF
+ for member in ${bond_int_member_list}; do
+ cat <<EOF> /etc/sysconfig/network-scripts/ifcfg-${member}
+ DEVICE=${member}
+ BOOTPROTO=none
+ ONBOOT=yes
+ MASTER=${bond_int}
+ SLAVE=yes
+ USERCTL=no
+ EOF
+ ip link set dev ${member} down
+ done
+ ifup ${bond_int}
+ pci_address=0000:00:00.0
+ fi
+ if [[ ${vlan_parent} ]]; then
+ echo ${vlan_parent} >> /tmp/vlan_parent
+ vlanId=`echo ${phy_int} | awk -F"vlan" '{print $2}'`
+ ip link add name ${phy_int} link ${vlan_parent} type vlan id ${vlanId}
+ fi
+ cat <<EOF > /etc/contrail/agent_param
+ LOG=/var/log/contrail.log
+ CONFIG=/etc/contrail/contrail-vrouter-agent.conf
+ prog=/usr/bin/contrail-vrouter-agent
+ pname=contrail-vrouter-agent
+ LIBDIR=/usr/lib64
+ DEVICE=vhost0
+ dev=${phy_int}
+ vgw_subnet_ip=__VGW_SUBNET_IP__
+ vgw_intf=__VGW_INTF_LIST__
+ LOGFILE=--log-file=/var/log/contrail/vrouter.log
+ EOF
+ mac=`ip link sh dev ${phy_int} | grep link/ether|awk '{print $2}' | tr -d ' '`
+ cat <<EOF > /etc/contrail/contrail-vrouter-agent.conf
+ [DEFAULT]
+ platform=dpdk
+ physical_interface_address=$pci_address
+ physical_interface_mac=$mac
+ physical_uio_driver=uio_pci_generic
+ [VIRTUAL-HOST-INTERFACE]
+ physical_interface=${phy_int}
+ name=vhost0
+ EOF
+ echo $pci_address > /etc/contrail/dpdk_pci
+ echo $mac > /etc/contrail/dpdk_mac
+ systemctl start supervisor-vrouter
+ if [[ `ifconfig ${phy_int} |grep "inet "` ]]; then
+ def_gw=''
+ if [[ `ip route show |grep default|grep ${phy_int}` ]]; then
+ def_gw=`ip route show |grep default|grep ${phy_int}|awk '{print $3}'`
+ fi
+ ip=`ifconfig ${phy_int} |grep "inet "|awk '{print $2}'`
+ mask=`ifconfig ${phy_int} |grep "inet "|awk '{print $4}'`
+ ip address delete $ip/$mask dev ${phy_int}
+ ip address add $ip/$mask dev vhost0
+ if [[ $def_gw ]]; then
+ ip route add default via $def_gw
+ fi
+ fi
{{role}}HostCpusList:
type: string
default: ""
+ deployment_actions:
+ default: ['CREATE', 'UPDATE']
+ type: comma_delimited_list
+ description: >
+ List of stack actions that will trigger any deployments in this
+ templates. The actions will be an empty list of the server is in the
+ toplevel DeploymentServerBlacklist parameter's value.
parameter_group:
- label: deprecated
equals:
- get_param: {{role}}TunedProfileName
- ""
+ deployment_actions_empty:
+ equals:
+ - {get_param: deployment_actions}
+ - []
resources:
name: HostParametersDeployment
server: {get_param: server}
config: {get_resource: HostParametersConfig}
- actions: ['CREATE'] # Only do this on CREATE
+ actions:
+ if:
+ - deployment_actions_empty
+ - []
+ - ['CREATE'] # Only do this on CREATE
input_values:
_KERNEL_ARGS_: {get_param: {{role}}KernelArgs}
_TUNED_PROFILE_NAME_: {get_param: {{role}}TunedProfileName}
name: RebootDeployment
server: {get_param: server}
config: {get_resource: RebootConfig}
- actions: ['CREATE'] # Only do this on CREATE
+ actions:
+ if:
+ - deployment_actions_empty
+ - []
+ - ['CREATE'] # Only do this on CREATE
signal_transport: NO_SIGNAL
outputs:
ServiceNames:
type: comma_delimited_list
default: []
- IsolCpusList:
- default: "0"
- description: List of cores to be isolated by tuned
- type: string
- constraints:
- - allowed_pattern: "[0-9,-]+"
OvsEnableDpdk:
default: false
description: Whether or not to configure enable DPDK in OVS
mem>, <socket n mem>", where the value is specified in MB. For example:
"1024,0".
type: string
- OvsDpdkDriverType:
- default: "vfio-pci"
- description: >
- DPDK Driver type. Ensure the Overcloud NIC to be used for DPDK supports
- this UIO/PMD driver.
- type: string
OvsPmdCoreList:
description: >
A list or range of CPU cores for PMD threads to be pinned to. Note, NIC
default: ''
description: Memory allocated for each socket
type: string
- NeutronDpdkDriverType:
- default: "vfio-pci"
- description: DPDK Driver type
- type: string
+ deployment_actions:
+ default: ['CREATE', 'UPDATE']
+ type: comma_delimited_list
+ description: >
+ List of stack actions that will trigger any deployments in this
+ templates. The actions will be an empty list of the server is in the
+ toplevel DeploymentServerBlacklist parameter's value.
conditions:
is_host_config_required: {not: {equals: [{get_param: [RoleParameters, KernelArgs]}, ""]}}
- # YAQL is enabled in conditions with https://review.openstack.org/#/c/467506/
is_dpdk_config_required:
or:
- yaql:
- expression: $.data.service_names.contains('neutron_ovs_dpdk_agent')
- data:
- service_names: {get_param: ServiceNames}
- - {get_param: OvsEnableDpdk}
- - {get_param: [RoleParameters, OvsEnableDpdk]}
+ expression: $.data.service_names.contains('neutron_ovs_dpdk_agent')
+ data:
+ service_names: {get_param: ServiceNames}
+ - {equals: [{get_param: [RoleParameters, OvsEnableDpdk]}, true]}
is_reboot_config_required:
or:
- is_host_config_required
pmd_cores_empty: {equals: [{get_param: OvsPmdCoreList}, '']}
mem_channels_empty: {equals: [{get_param: OvsDpdkMemoryChannels}, '']}
socket_mem_empty: {equals: [{get_param: OvsDpdkSocketMemory}, '']}
- driver_not_set: {equals: [{get_param: OvsDpdkDriverType}, 'vfio-pci']}
- isol_cpus_empty: {equals: [{get_param: IsolCpusList}, '0']}
+ deployment_actions_empty:
+ equals:
+ - {get_param: deployment_actions}
+ - []
resources:
RoleParametersValue:
value:
map_replace:
- map_replace:
- - IsolCpusList: IsolCpusList
- OvsDpdkCoreList: OvsDpdkCoreList
+ - OvsDpdkCoreList: OvsDpdkCoreList
OvsDpdkMemoryChannels: OvsDpdkMemoryChannels
OvsDpdkSocketMemory: OvsDpdkSocketMemory
- OvsDpdkDriverType: OvsDpdkDriverType
- OvsPmdCoreList: OvsDpdkCoreList
+ OvsPmdCoreList: OvsPmdCoreList
- values: {get_param: [RoleParameters]}
- values:
- IsolCpusList: {if: [isol_cpus_empty, {get_param: HostCpusList}, {get_param: IsolCpusList}]}
OvsDpdkCoreList: {if: [l_cores_empty, {get_param: HostCpusList}, {get_param: OvsDpdkCoreList}]}
OvsDpdkMemoryChannels: {if: [mem_channels_empty, {get_param: NeutronDpdkMemoryChannels}, {get_param: OvsDpdkMemoryChannels}]}
OvsDpdkSocketMemory: {if: [socket_mem_empty, {get_param: NeutronDpdkSocketMemory}, {get_param: OvsDpdkSocketMemory}]}
- OvsDpdkDriverType: {if: [driver_not_set, {get_param: NeutronDpdkDriverType}, {get_param: OvsDpdkDriverType}]}
OvsPmdCoreList: {if: [pmd_cores_empty, {get_param: NeutronDpdkCoreList}, {get_param: OvsPmdCoreList}]}
HostParametersConfig:
name: HostParametersDeployment
server: {get_param: server}
config: {get_resource: HostParametersConfig}
- actions: ['CREATE'] # Only do this on CREATE
+ actions:
+ if:
+ - deployment_actions_empty
+ - []
+ - ['CREATE'] # Only do this on CREATE
input_values:
_KERNEL_ARGS_: {get_param: [RoleParameters, KernelArgs]}
_TUNED_PROFILE_NAME_: {get_param: [RoleParameters, TunedProfileName]}
template: |
#!/bin/bash
set -x
+
+ # OvS Permission issue temporary workaround
+ # https://bugzilla.redhat.com/show_bug.cgi?id=1459436
+ # Actual solution from openvswitch - https://mail.openvswitch.org/pipermail/ovs-dev/2017-June/333423.html
+ ovs_service_path="/usr/lib/systemd/system/ovs-vswitchd.service"
+
+ if grep -q 'RuntimeDirectoryMode' $ovs_service_path; then
+ sed -i 's/RuntimeDirectoryMode=.*/RuntimeDirectoryMode=0775/' $ovs_service_path
+ else
+ echo "RuntimeDirectoryMode=0775" >> $ovs_service_path
+ fi
+
+ if ! grep -Fxq "Group=qemu" $ovs_service_path ; then
+ echo "Group=qemu" >> $ovs_service_path
+ fi
+
+ if ! grep -Fxq "UMask=0002" $ovs_service_path ; then
+ echo "UMask=0002" >> $ovs_service_path
+ fi
+
+ ovs_ctl_path='/usr/share/openvswitch/scripts/ovs-ctl'
+ if ! grep -q "umask 0002 \&\& start_daemon \"\$OVS_VSWITCHD_PRIORITY\"" $ovs_ctl_path ; then
+ sed -i 's/start_daemon \"\$OVS_VSWITCHD_PRIORITY\"/umask 0002 \&\& start_daemon \"$OVS_VSWITCHD_PRIORITY\"/' $ovs_ctl_path
+ fi
+
+
# DO NOT use --detailed-exitcodes
puppet apply --logdest console \
--modulepath /etc/puppet/modules:/opt/stack/puppet-modules:/usr/share/openstack-puppet/modules \
name: EnableDpdkDeployment
server: {get_param: server}
config: {get_resource: EnableDpdkConfig}
- actions: ['CREATE'] # Only do this on CREATE
+ actions:
+ if:
+ - deployment_actions_empty
+ - []
+ - ['CREATE'] # Only do this on CREATE
RebootConfig:
type: OS::Heat::SoftwareConfig
name: RebootDeployment
server: {get_param: server}
config: {get_resource: RebootConfig}
- actions: ['CREATE'] # Only do this on CREATE
+ actions:
+ if:
+ - deployment_actions_empty
+ - []
+ - ['CREATE'] # Only do this on CREATE
signal_transport: NO_SIGNAL
outputs:
fi
)
}
+
+# https://bugs.launchpad.net/tripleo/+bug/1704131 guard against yum update
+# waiting for an existing process until the heat stack time out
+function check_for_yum_lock {
+ if [[ -f /var/run/yum.pid ]] ; then
+ ERR="ERROR existing yum.pid detected - can't continue! Please ensure
+there is no other package update process for the duration of the minor update
+worfklow. Exiting."
+ echo $ERR
+ exit 1
+ fi
+}
{{role.name}}PostPuppetMaintenanceModeDeployment:
type: OS::Heat::SoftwareDeployments
properties:
+ name: {{role.name}}PostPuppetMaintenanceModeDeployment
servers: {get_param: [servers, {{role.name}}]}
config: {get_resource: {{role.name}}PostPuppetMaintenanceModeConfig}
input_values: {get_param: input_values}
ControllerPostPuppetRestartDeployment:
type: OS::Heat::SoftwareDeployments
properties:
+ name: ControllerPostPuppetRestartDeployment
servers: {get_param: servers}
config: {get_resource: ControllerPostPuppetRestartConfig}
input_values: {get_param: input_values}
server:
description: ID of the node to apply this config to
type: string
+ deployment_actions:
+ default: ['CREATE', 'UPDATE']
+ type: comma_delimited_list
+ description: >
+ List of stack actions that will trigger any deployments in this
+ templates. The actions will be an empty list of the server is in the
+ toplevel DeploymentServerBlacklist parameter's value.
resources:
SshHostPubKeyConfig:
properties:
config: {get_resource: SshHostPubKeyConfig}
server: {get_param: server}
+ actions: {get_param: deployment_actions}
+ name: SshHostPubKeyDeployment
outputs:
command_arguments=${command_arguments:-}
+# Always ensure yum has full cache
+yum makecache || echo "Yum makecache failed. This can cause failure later on."
+
# yum check-update exits 100 if updates are available
set +e
check_update=$(yum check-update 2>&1)
fi
else
echo "Upgrading openstack-puppet-modules and its dependencies"
+ check_for_yum_lock
yum -q -y update openstack-puppet-modules
yum deplist openstack-puppet-modules | awk '/dependency/{print $2}' | xargs yum -q -y update
echo "Upgrading other packages is handled by config management tooling"
command=${command:-update}
full_command="yum -q -y $command $command_arguments"
-echo "Running: $full_command"
+echo "Running: $full_command"
+check_for_yum_lock
result=$($full_command)
return_code=$?
echo "$result"
+++ /dev/null
-heat_template_version: pike
-
-parameters:
- ContrailRepo:
- type: string
- default: http://192.168.24.1/contrail
- VrouterPhysicalInterface:
- default: 'eth0'
- description: vRouter physical interface
- type: string
-
-description: >
- Prepares vhost0 interface to be used by os-net-config
-
-resources:
- userdata:
- type: OS::Heat::MultipartMime
- properties:
- parts:
- - config: {get_resource: vrouter_module_config}
-
- vrouter_module_config:
- type: OS::Heat::SoftwareConfig
- properties:
- config:
- str_replace:
- template: |
- #!/bin/bash
- sed -i '/\[main\]/a \ \ \ \ \parser = future' /etc/puppet/puppet.conf
- cat <<EOF > /etc/yum.repos.d/contrail.repo
- [Contrail]
- name=Contrail Repo
- baseurl=$contrail_repo
- enabled=1
- gpgcheck=0
- protect=1
- EOF
- if [[ `hostname |awk -F"-" '{print $2}'` == "novacompute" || `hostname |awk -F"-" '{print $2}'` == "contrailtsn" ]]; then
- yum install -y contrail-vrouter-utils
- function pkt_setup () {
- for f in /sys/class/net/$1/queues/rx-*
- do
- q="$(echo $f | cut -d '-' -f2)"
- r=$(($q%32))
- s=$(($q/32))
- ((mask=1<<$r))
- str=(`printf "%x" $mask`)
- if [ $s -gt 0 ]; then
- for ((i=0; i < $s; i++))
- do
- str+=,00000000
- done
- fi
- echo $str > $f/rps_cpus
- done
- ifconfig $1 up
- }
- function insert_vrouter() {
- insmod /tmp/vrouter.ko
- if [ -f /sys/class/net/pkt1/queues/rx-0/rps_cpus ]; then
- pkt_setup pkt1
- fi
- if [ -f /sys/class/net/pkt2/queues/rx-0/rps_cpus ]; then
- pkt_setup pkt2
- fi
- if [ -f /sys/class/net/pkt3/queues/rx-0/rps_cpus ]; then
- pkt_setup pkt3
- fi
- DEV_MAC=$(cat /sys/class/net/$phy_int/address)
- vif --create vhost0 --mac $DEV_MAC
- vif --add $phy_int --mac $DEV_MAC --vrf 0 --vhost-phys --type physical
- vif --add vhost0 --mac $DEV_MAC --vrf 0 --type vhost --xconnect $phy_int
- ip link set vhost0 up
- return 0
- }
- yumdownloader contrail-vrouter --destdir /tmp
- cd /tmp
- rpm2cpio /tmp/contrail-vrouter*.rpm | cpio -idmv
- cp `find /tmp/lib/modules -name vrouter.ko |tail -1` /tmp
- insert_vrouter
- if [[ `ifconfig $dev |grep "inet "` ]]; then
- def_gw=''
- if [[ `ip route show |grep default|grep $dev` ]]; then
- def_gw=`ip route show |grep default|grep $dev|awk '{print $3}'`
- fi
- ip=`ifconfig $dev |grep "inet "|awk '{print $2}'`
- mask=`ifconfig $dev |grep "inet "|awk '{print $4}'`
- ip address delete $ip/$mask dev $dev
- ip address add $ip/$mask dev vhost0
- if [[ $def_gw ]]; then
- ip route add default via $def_gw
- fi
- fi
- fi
- params:
- $phy_int: {get_param: VrouterPhysicalInterface}
- $contrail_repo: {get_param: ContrailRepo}
-
-outputs:
- # This means get_resource from the parent template will get the userdata, see:
- # http://docs.openstack.org/developer/heat/template_guide/composition.html#making-your-template-resource-more-transparent
- # Note this is new-for-kilo, an alternative is returning a value then using
- # get_attr in the parent template instead.
- OS::stack_id:
- value: {get_resource: userdata}
--- /dev/null
+heat_template_version: pike
+
+description: >
+ Software Config to drive os-net-config to configure multiple interfaces
+ for the compute role. This is an example for a Nova compute node using
+ Contrail vrouter and the vhost0 interface.
+
+parameters:
+ ControlPlaneIp:
+ default: ''
+ description: IP address/subnet on the ctlplane network
+ type: string
+ ExternalIpSubnet:
+ default: ''
+ description: IP address/subnet on the external network
+ type: string
+ InternalApiIpSubnet:
+ default: ''
+ description: IP address/subnet on the internal API network
+ type: string
+ InternalApiDefaultRoute: # Not used by default in this template
+ default: '10.0.0.1'
+ description: The default route of the internal api network.
+ type: string
+ StorageIpSubnet:
+ default: ''
+ description: IP address/subnet on the storage network
+ type: string
+ StorageMgmtIpSubnet:
+ default: ''
+ description: IP address/subnet on the storage mgmt network
+ type: string
+ TenantIpSubnet:
+ default: ''
+ description: IP address/subnet on the tenant network
+ type: string
+ ManagementIpSubnet: # Only populated when including environments/network-management.yaml
+ default: ''
+ description: IP address/subnet on the management network
+ type: string
+ ExternalNetworkVlanID:
+ default: 10
+ description: Vlan ID for the external network traffic.
+ type: number
+ InternalApiNetworkVlanID:
+ default: 20
+ description: Vlan ID for the internal_api network traffic.
+ type: number
+ StorageNetworkVlanID:
+ default: 30
+ description: Vlan ID for the storage network traffic.
+ type: number
+ StorageMgmtNetworkVlanID:
+ default: 40
+ description: Vlan ID for the storage mgmt network traffic.
+ type: number
+ TenantNetworkVlanID:
+ default: 50
+ description: Vlan ID for the tenant network traffic.
+ type: number
+ ManagementNetworkVlanID:
+ default: 60
+ description: Vlan ID for the management network traffic.
+ type: number
+ ControlPlaneSubnetCidr: # Override this via parameter_defaults
+ default: '24'
+ description: The subnet CIDR of the control plane network.
+ type: string
+ ControlPlaneDefaultRoute: # Override this via parameter_defaults
+ description: The default route of the control plane network.
+ type: string
+ ExternalInterfaceDefaultRoute: # Not used by default in this template
+ default: '10.0.0.1'
+ description: The default route of the external network.
+ type: string
+ ManagementInterfaceDefaultRoute: # Commented out by default in this template
+ default: unset
+ description: The default route of the management network.
+ type: string
+ DnsServers: # Override this via parameter_defaults
+ default: []
+ description: A list of DNS servers (2 max for some implementations) that will be added to resolv.conf.
+ type: comma_delimited_list
+ EC2MetadataIp: # Override this via parameter_defaults
+ description: The IP address of the EC2 metadata server.
+ type: string
+
+resources:
+ OsNetConfigImpl:
+ type: OS::Heat::SoftwareConfig
+ properties:
+ group: script
+ config:
+ str_replace:
+ template:
+ get_file: ../../scripts/run-os-net-config.sh
+ params:
+ $network_config:
+ network_config:
+ - type: interface
+ name: nic1
+ use_dhcp: false
+ dns_servers:
+ get_param: DnsServers
+ addresses:
+ - ip_netmask:
+ list_join:
+ - '/'
+ - - get_param: ControlPlaneIp
+ - get_param: ControlPlaneSubnetCidr
+ routes:
+ - ip_netmask: 169.254.169.254/32
+ next_hop:
+ get_param: EC2MetadataIp
+ - type: interface
+ name: nic2
+ use_dhcp: false
+ addresses:
+ - ip_netmask:
+ get_param: InternalApiIpSubnet
+ routes:
+ - default: true
+ next_hop:
+ get_param: InternalApiDefaultRoute
+ - type: linux_bridge
+ name: br0
+ use_dhcp: false
+ members:
+ - type: interface
+ name: nic3
+ - type: vlan
+ vlan_id:
+ get_param: ManagementNetworkVlanID
+ device: br0
+ addresses:
+ - ip_netmask:
+ get_param: ManagementIpSubnet
+ - type: vlan
+ vlan_id:
+ get_param: ExternalNetworkVlanID
+ device: br0
+ addresses:
+ - ip_netmask:
+ get_param: ExternalIpSubnet
+ - type: vlan
+ vlan_id:
+ get_param: StorageNetworkVlanID
+ device: br0
+ addresses:
+ - ip_netmask:
+ get_param: StorageIpSubnet
+ - type: vlan
+ vlan_id:
+ get_param: StorageMgmtNetworkVlanID
+ device: br0
+ addresses:
+ - ip_netmask:
+ get_param: StorageMgmtIpSubnet
+
+outputs:
+ OS::stack_id:
+ description: The OsNetConfigImpl resource.
+ value:
+ get_resource: OsNetConfigImpl
net_param: CeilometerApi
port: 8777
-ContrailConfig:
- Internal:
- net_param: ContrailConfig
- Public:
- net_param: Public
- Admin:
- net_param: ContrailConfig
- port: 8082
-
-ContrailDiscovery:
- Internal:
- net_param: ContrailConfig
- Public:
- net_param: Public
- Admin:
- net_param: ContrailConfig
- port: 5998
-
-ContrailAnalyticsCollectorHttp:
- Internal:
- net_param: ContrailAnalytics
- Public:
- net_param: Public
- Admin:
- net_param: ContrailAnalytics
- port: 8089
-
-ContrailAnalyticsApi:
- Internal:
- net_param: ContrailAnalytics
- Public:
- net_param: Public
- Admin:
- net_param: ContrailAnalytics
- port: 8081
-
-ContrailAnalyticsHttp:
- Internal:
- net_param: ContrailAnalytics
- Public:
- net_param: Public
- Admin:
- net_param: ContrailAnalytics
- port: 8090
-
-ContrailAnalyticsCollectorSandesh:
- Internal:
- net_param: ContrailAnalytics
- Public:
- net_param: Public
- Admin:
- net_param: ContrailAnalytics
- port: 8086
-
-ContrailAnalyticsRedis:
- Internal:
- net_param: ContrailAnalytics
- Public:
- net_param: Public
- Admin:
- net_param: ContrailAnalytics
- port: 6379
-
-ContrailWebuiHttp:
- Internal:
- net_param: ContrailConfig
- Public:
- net_param: Public
- Admin:
- net_param: ContrailConfig
- port: 8080
-
-ContrailWebuiHttps:
- Internal:
- net_param: ContrailConfig
- Public:
- net_param: Public
- Admin:
- net_param: ContrailConfig
- port: 8143
-
Ec2Api:
Internal:
net_param: Ec2Api
CongressAdmin: {protocol: http, port: '1789', host: IP_ADDRESS}
CongressInternal: {protocol: http, port: '1789', host: IP_ADDRESS}
CongressPublic: {protocol: http, port: '1789', host: IP_ADDRESS}
- ContrailAnalyticsApiAdmin: {protocol: http, port: '8081', host: IP_ADDRESS}
- ContrailAnalyticsApiInternal: {protocol: http, port: '8081', host: IP_ADDRESS}
- ContrailAnalyticsApiPublic: {protocol: http, port: '8081', host: IP_ADDRESS}
- ContrailAnalyticsCollectorHttpAdmin: {protocol: http, port: '8089',
- host: IP_ADDRESS}
- ContrailAnalyticsCollectorHttpInternal: {protocol: http, port: '8089',
- host: IP_ADDRESS}
- ContrailAnalyticsCollectorHttpPublic: {protocol: http, port: '8089',
- host: IP_ADDRESS}
- ContrailAnalyticsCollectorSandeshAdmin: {protocol: http, port: '8086',
- host: IP_ADDRESS}
- ContrailAnalyticsCollectorSandeshInternal: {protocol: http, port: '8086',
- host: IP_ADDRESS}
- ContrailAnalyticsCollectorSandeshPublic: {protocol: http, port: '8086',
- host: IP_ADDRESS}
- ContrailAnalyticsHttpAdmin: {protocol: http, port: '8090', host: IP_ADDRESS}
- ContrailAnalyticsHttpInternal: {protocol: http, port: '8090', host: IP_ADDRESS}
- ContrailAnalyticsHttpPublic: {protocol: http, port: '8090', host: IP_ADDRESS}
- ContrailAnalyticsRedisAdmin: {protocol: http, port: '6379', host: IP_ADDRESS}
- ContrailAnalyticsRedisInternal: {protocol: http, port: '6379', host: IP_ADDRESS}
- ContrailAnalyticsRedisPublic: {protocol: http, port: '6379', host: IP_ADDRESS}
- ContrailConfigAdmin: {protocol: http, port: '8082', host: IP_ADDRESS}
- ContrailConfigInternal: {protocol: http, port: '8082', host: IP_ADDRESS}
- ContrailConfigPublic: {protocol: http, port: '8082', host: IP_ADDRESS}
- ContrailDiscoveryAdmin: {protocol: http, port: '5998', host: IP_ADDRESS}
- ContrailDiscoveryInternal: {protocol: http, port: '5998', host: IP_ADDRESS}
- ContrailDiscoveryPublic: {protocol: http, port: '5998', host: IP_ADDRESS}
- ContrailWebuiHttpAdmin: {protocol: http, port: '8080', host: IP_ADDRESS}
- ContrailWebuiHttpInternal: {protocol: http, port: '8080', host: IP_ADDRESS}
- ContrailWebuiHttpPublic: {protocol: http, port: '8080', host: IP_ADDRESS}
- ContrailWebuiHttpsAdmin: {protocol: http, port: '8143', host: IP_ADDRESS}
- ContrailWebuiHttpsInternal: {protocol: http, port: '8143', host: IP_ADDRESS}
- ContrailWebuiHttpsPublic: {protocol: http, port: '8143', host: IP_ADDRESS}
Ec2ApiAdmin: {protocol: http, port: '8788', host: IP_ADDRESS}
Ec2ApiInternal: {protocol: http, port: '8788', host: IP_ADDRESS}
Ec2ApiPublic: {protocol: http, port: '8788', host: IP_ADDRESS}
template: NETWORK_uri
- ':'
- get_param: [EndpointMap, CongressPublic, port]
- ContrailAnalyticsApiAdmin:
- host:
- str_replace:
- template:
- get_param: [EndpointMap, ContrailAnalyticsApiAdmin, host]
- params:
- CLOUDNAME:
- get_param:
- - CloudEndpoints
- - get_param: [ServiceNetMap, ContrailAnalyticsNetwork]
- IP_ADDRESS:
- get_param:
- - NetIpMap
- - str_replace:
- params:
- NETWORK:
- get_param: [ServiceNetMap, ContrailAnalyticsNetwork]
- template: NETWORK_uri
- host_nobrackets:
- str_replace:
- template:
- get_param: [EndpointMap, ContrailAnalyticsApiAdmin, host]
- params:
- CLOUDNAME:
- get_param:
- - CloudEndpoints
- - get_param: [ServiceNetMap, ContrailAnalyticsNetwork]
- IP_ADDRESS:
- get_param:
- - NetIpMap
- - get_param: [ServiceNetMap, ContrailAnalyticsNetwork]
- port:
- get_param: [EndpointMap, ContrailAnalyticsApiAdmin, port]
- protocol:
- get_param: [EndpointMap, ContrailAnalyticsApiAdmin, protocol]
- uri:
- list_join:
- - ''
- - - get_param: [EndpointMap, ContrailAnalyticsApiAdmin, protocol]
- - ://
- - str_replace:
- template:
- get_param: [EndpointMap, ContrailAnalyticsApiAdmin,
- host]
- params:
- CLOUDNAME:
- get_param:
- - CloudEndpoints
- - get_param: [ServiceNetMap, ContrailAnalyticsNetwork]
- IP_ADDRESS:
- get_param:
- - NetIpMap
- - str_replace:
- params:
- NETWORK:
- get_param: [ServiceNetMap, ContrailAnalyticsNetwork]
- template: NETWORK_uri
- - ':'
- - get_param: [EndpointMap, ContrailAnalyticsApiAdmin, port]
- uri_no_suffix:
- list_join:
- - ''
- - - get_param: [EndpointMap, ContrailAnalyticsApiAdmin, protocol]
- - ://
- - str_replace:
- template:
- get_param: [EndpointMap, ContrailAnalyticsApiAdmin,
- host]
- params:
- CLOUDNAME:
- get_param:
- - CloudEndpoints
- - get_param: [ServiceNetMap, ContrailAnalyticsNetwork]
- IP_ADDRESS:
- get_param:
- - NetIpMap
- - str_replace:
- params:
- NETWORK:
- get_param: [ServiceNetMap, ContrailAnalyticsNetwork]
- template: NETWORK_uri
- - ':'
- - get_param: [EndpointMap, ContrailAnalyticsApiAdmin, port]
- ContrailAnalyticsApiInternal:
- host:
- str_replace:
- template:
- get_param: [EndpointMap, ContrailAnalyticsApiInternal, host]
- params:
- CLOUDNAME:
- get_param:
- - CloudEndpoints
- - get_param: [ServiceNetMap, ContrailAnalyticsNetwork]
- IP_ADDRESS:
- get_param:
- - NetIpMap
- - str_replace:
- params:
- NETWORK:
- get_param: [ServiceNetMap, ContrailAnalyticsNetwork]
- template: NETWORK_uri
- host_nobrackets:
- str_replace:
- template:
- get_param: [EndpointMap, ContrailAnalyticsApiInternal, host]
- params:
- CLOUDNAME:
- get_param:
- - CloudEndpoints
- - get_param: [ServiceNetMap, ContrailAnalyticsNetwork]
- IP_ADDRESS:
- get_param:
- - NetIpMap
- - get_param: [ServiceNetMap, ContrailAnalyticsNetwork]
- port:
- get_param: [EndpointMap, ContrailAnalyticsApiInternal, port]
- protocol:
- get_param: [EndpointMap, ContrailAnalyticsApiInternal, protocol]
- uri:
- list_join:
- - ''
- - - get_param: [EndpointMap, ContrailAnalyticsApiInternal, protocol]
- - ://
- - str_replace:
- template:
- get_param: [EndpointMap, ContrailAnalyticsApiInternal,
- host]
- params:
- CLOUDNAME:
- get_param:
- - CloudEndpoints
- - get_param: [ServiceNetMap, ContrailAnalyticsNetwork]
- IP_ADDRESS:
- get_param:
- - NetIpMap
- - str_replace:
- params:
- NETWORK:
- get_param: [ServiceNetMap, ContrailAnalyticsNetwork]
- template: NETWORK_uri
- - ':'
- - get_param: [EndpointMap, ContrailAnalyticsApiInternal, port]
- uri_no_suffix:
- list_join:
- - ''
- - - get_param: [EndpointMap, ContrailAnalyticsApiInternal, protocol]
- - ://
- - str_replace:
- template:
- get_param: [EndpointMap, ContrailAnalyticsApiInternal,
- host]
- params:
- CLOUDNAME:
- get_param:
- - CloudEndpoints
- - get_param: [ServiceNetMap, ContrailAnalyticsNetwork]
- IP_ADDRESS:
- get_param:
- - NetIpMap
- - str_replace:
- params:
- NETWORK:
- get_param: [ServiceNetMap, ContrailAnalyticsNetwork]
- template: NETWORK_uri
- - ':'
- - get_param: [EndpointMap, ContrailAnalyticsApiInternal, port]
- ContrailAnalyticsApiPublic:
- host:
- str_replace:
- template:
- get_param: [EndpointMap, ContrailAnalyticsApiPublic, host]
- params:
- CLOUDNAME:
- get_param:
- - CloudEndpoints
- - get_param: [ServiceNetMap, PublicNetwork]
- IP_ADDRESS:
- get_param:
- - NetIpMap
- - str_replace:
- params:
- NETWORK:
- get_param: [ServiceNetMap, PublicNetwork]
- template: NETWORK_uri
- host_nobrackets:
- str_replace:
- template:
- get_param: [EndpointMap, ContrailAnalyticsApiPublic, host]
- params:
- CLOUDNAME:
- get_param:
- - CloudEndpoints
- - get_param: [ServiceNetMap, PublicNetwork]
- IP_ADDRESS:
- get_param:
- - NetIpMap
- - get_param: [ServiceNetMap, PublicNetwork]
- port:
- get_param: [EndpointMap, ContrailAnalyticsApiPublic, port]
- protocol:
- get_param: [EndpointMap, ContrailAnalyticsApiPublic, protocol]
- uri:
- list_join:
- - ''
- - - get_param: [EndpointMap, ContrailAnalyticsApiPublic, protocol]
- - ://
- - str_replace:
- template:
- get_param: [EndpointMap, ContrailAnalyticsApiPublic,
- host]
- params:
- CLOUDNAME:
- get_param:
- - CloudEndpoints
- - get_param: [ServiceNetMap, PublicNetwork]
- IP_ADDRESS:
- get_param:
- - NetIpMap
- - str_replace:
- params:
- NETWORK:
- get_param: [ServiceNetMap, PublicNetwork]
- template: NETWORK_uri
- - ':'
- - get_param: [EndpointMap, ContrailAnalyticsApiPublic, port]
- uri_no_suffix:
- list_join:
- - ''
- - - get_param: [EndpointMap, ContrailAnalyticsApiPublic, protocol]
- - ://
- - str_replace:
- template:
- get_param: [EndpointMap, ContrailAnalyticsApiPublic,
- host]
- params:
- CLOUDNAME:
- get_param:
- - CloudEndpoints
- - get_param: [ServiceNetMap, PublicNetwork]
- IP_ADDRESS:
- get_param:
- - NetIpMap
- - str_replace:
- params:
- NETWORK:
- get_param: [ServiceNetMap, PublicNetwork]
- template: NETWORK_uri
- - ':'
- - get_param: [EndpointMap, ContrailAnalyticsApiPublic, port]
- ContrailAnalyticsCollectorHttpAdmin:
- host:
- str_replace:
- template:
- get_param: [EndpointMap, ContrailAnalyticsCollectorHttpAdmin,
- host]
- params:
- CLOUDNAME:
- get_param:
- - CloudEndpoints
- - get_param: [ServiceNetMap, ContrailAnalyticsNetwork]
- IP_ADDRESS:
- get_param:
- - NetIpMap
- - str_replace:
- params:
- NETWORK:
- get_param: [ServiceNetMap, ContrailAnalyticsNetwork]
- template: NETWORK_uri
- host_nobrackets:
- str_replace:
- template:
- get_param: [EndpointMap, ContrailAnalyticsCollectorHttpAdmin,
- host]
- params:
- CLOUDNAME:
- get_param:
- - CloudEndpoints
- - get_param: [ServiceNetMap, ContrailAnalyticsNetwork]
- IP_ADDRESS:
- get_param:
- - NetIpMap
- - get_param: [ServiceNetMap, ContrailAnalyticsNetwork]
- port:
- get_param: [EndpointMap, ContrailAnalyticsCollectorHttpAdmin,
- port]
- protocol:
- get_param: [EndpointMap, ContrailAnalyticsCollectorHttpAdmin,
- protocol]
- uri:
- list_join:
- - ''
- - - get_param: [EndpointMap, ContrailAnalyticsCollectorHttpAdmin,
- protocol]
- - ://
- - str_replace:
- template:
- get_param: [EndpointMap, ContrailAnalyticsCollectorHttpAdmin,
- host]
- params:
- CLOUDNAME:
- get_param:
- - CloudEndpoints
- - get_param: [ServiceNetMap, ContrailAnalyticsNetwork]
- IP_ADDRESS:
- get_param:
- - NetIpMap
- - str_replace:
- params:
- NETWORK:
- get_param: [ServiceNetMap, ContrailAnalyticsNetwork]
- template: NETWORK_uri
- - ':'
- - get_param: [EndpointMap, ContrailAnalyticsCollectorHttpAdmin,
- port]
- uri_no_suffix:
- list_join:
- - ''
- - - get_param: [EndpointMap, ContrailAnalyticsCollectorHttpAdmin,
- protocol]
- - ://
- - str_replace:
- template:
- get_param: [EndpointMap, ContrailAnalyticsCollectorHttpAdmin,
- host]
- params:
- CLOUDNAME:
- get_param:
- - CloudEndpoints
- - get_param: [ServiceNetMap, ContrailAnalyticsNetwork]
- IP_ADDRESS:
- get_param:
- - NetIpMap
- - str_replace:
- params:
- NETWORK:
- get_param: [ServiceNetMap, ContrailAnalyticsNetwork]
- template: NETWORK_uri
- - ':'
- - get_param: [EndpointMap, ContrailAnalyticsCollectorHttpAdmin,
- port]
- ContrailAnalyticsCollectorHttpInternal:
- host:
- str_replace:
- template:
- get_param: [EndpointMap, ContrailAnalyticsCollectorHttpInternal,
- host]
- params:
- CLOUDNAME:
- get_param:
- - CloudEndpoints
- - get_param: [ServiceNetMap, ContrailAnalyticsNetwork]
- IP_ADDRESS:
- get_param:
- - NetIpMap
- - str_replace:
- params:
- NETWORK:
- get_param: [ServiceNetMap, ContrailAnalyticsNetwork]
- template: NETWORK_uri
- host_nobrackets:
- str_replace:
- template:
- get_param: [EndpointMap, ContrailAnalyticsCollectorHttpInternal,
- host]
- params:
- CLOUDNAME:
- get_param:
- - CloudEndpoints
- - get_param: [ServiceNetMap, ContrailAnalyticsNetwork]
- IP_ADDRESS:
- get_param:
- - NetIpMap
- - get_param: [ServiceNetMap, ContrailAnalyticsNetwork]
- port:
- get_param: [EndpointMap, ContrailAnalyticsCollectorHttpInternal,
- port]
- protocol:
- get_param: [EndpointMap, ContrailAnalyticsCollectorHttpInternal,
- protocol]
- uri:
- list_join:
- - ''
- - - get_param: [EndpointMap, ContrailAnalyticsCollectorHttpInternal,
- protocol]
- - ://
- - str_replace:
- template:
- get_param: [EndpointMap, ContrailAnalyticsCollectorHttpInternal,
- host]
- params:
- CLOUDNAME:
- get_param:
- - CloudEndpoints
- - get_param: [ServiceNetMap, ContrailAnalyticsNetwork]
- IP_ADDRESS:
- get_param:
- - NetIpMap
- - str_replace:
- params:
- NETWORK:
- get_param: [ServiceNetMap, ContrailAnalyticsNetwork]
- template: NETWORK_uri
- - ':'
- - get_param: [EndpointMap, ContrailAnalyticsCollectorHttpInternal,
- port]
- uri_no_suffix:
- list_join:
- - ''
- - - get_param: [EndpointMap, ContrailAnalyticsCollectorHttpInternal,
- protocol]
- - ://
- - str_replace:
- template:
- get_param: [EndpointMap, ContrailAnalyticsCollectorHttpInternal,
- host]
- params:
- CLOUDNAME:
- get_param:
- - CloudEndpoints
- - get_param: [ServiceNetMap, ContrailAnalyticsNetwork]
- IP_ADDRESS:
- get_param:
- - NetIpMap
- - str_replace:
- params:
- NETWORK:
- get_param: [ServiceNetMap, ContrailAnalyticsNetwork]
- template: NETWORK_uri
- - ':'
- - get_param: [EndpointMap, ContrailAnalyticsCollectorHttpInternal,
- port]
- ContrailAnalyticsCollectorHttpPublic:
- host:
- str_replace:
- template:
- get_param: [EndpointMap, ContrailAnalyticsCollectorHttpPublic,
- host]
- params:
- CLOUDNAME:
- get_param:
- - CloudEndpoints
- - get_param: [ServiceNetMap, PublicNetwork]
- IP_ADDRESS:
- get_param:
- - NetIpMap
- - str_replace:
- params:
- NETWORK:
- get_param: [ServiceNetMap, PublicNetwork]
- template: NETWORK_uri
- host_nobrackets:
- str_replace:
- template:
- get_param: [EndpointMap, ContrailAnalyticsCollectorHttpPublic,
- host]
- params:
- CLOUDNAME:
- get_param:
- - CloudEndpoints
- - get_param: [ServiceNetMap, PublicNetwork]
- IP_ADDRESS:
- get_param:
- - NetIpMap
- - get_param: [ServiceNetMap, PublicNetwork]
- port:
- get_param: [EndpointMap, ContrailAnalyticsCollectorHttpPublic,
- port]
- protocol:
- get_param: [EndpointMap, ContrailAnalyticsCollectorHttpPublic,
- protocol]
- uri:
- list_join:
- - ''
- - - get_param: [EndpointMap, ContrailAnalyticsCollectorHttpPublic,
- protocol]
- - ://
- - str_replace:
- template:
- get_param: [EndpointMap, ContrailAnalyticsCollectorHttpPublic,
- host]
- params:
- CLOUDNAME:
- get_param:
- - CloudEndpoints
- - get_param: [ServiceNetMap, PublicNetwork]
- IP_ADDRESS:
- get_param:
- - NetIpMap
- - str_replace:
- params:
- NETWORK:
- get_param: [ServiceNetMap, PublicNetwork]
- template: NETWORK_uri
- - ':'
- - get_param: [EndpointMap, ContrailAnalyticsCollectorHttpPublic,
- port]
- uri_no_suffix:
- list_join:
- - ''
- - - get_param: [EndpointMap, ContrailAnalyticsCollectorHttpPublic,
- protocol]
- - ://
- - str_replace:
- template:
- get_param: [EndpointMap, ContrailAnalyticsCollectorHttpPublic,
- host]
- params:
- CLOUDNAME:
- get_param:
- - CloudEndpoints
- - get_param: [ServiceNetMap, PublicNetwork]
- IP_ADDRESS:
- get_param:
- - NetIpMap
- - str_replace:
- params:
- NETWORK:
- get_param: [ServiceNetMap, PublicNetwork]
- template: NETWORK_uri
- - ':'
- - get_param: [EndpointMap, ContrailAnalyticsCollectorHttpPublic,
- port]
- ContrailAnalyticsCollectorSandeshAdmin:
- host:
- str_replace:
- template:
- get_param: [EndpointMap, ContrailAnalyticsCollectorSandeshAdmin,
- host]
- params:
- CLOUDNAME:
- get_param:
- - CloudEndpoints
- - get_param: [ServiceNetMap, ContrailAnalyticsNetwork]
- IP_ADDRESS:
- get_param:
- - NetIpMap
- - str_replace:
- params:
- NETWORK:
- get_param: [ServiceNetMap, ContrailAnalyticsNetwork]
- template: NETWORK_uri
- host_nobrackets:
- str_replace:
- template:
- get_param: [EndpointMap, ContrailAnalyticsCollectorSandeshAdmin,
- host]
- params:
- CLOUDNAME:
- get_param:
- - CloudEndpoints
- - get_param: [ServiceNetMap, ContrailAnalyticsNetwork]
- IP_ADDRESS:
- get_param:
- - NetIpMap
- - get_param: [ServiceNetMap, ContrailAnalyticsNetwork]
- port:
- get_param: [EndpointMap, ContrailAnalyticsCollectorSandeshAdmin,
- port]
- protocol:
- get_param: [EndpointMap, ContrailAnalyticsCollectorSandeshAdmin,
- protocol]
- uri:
- list_join:
- - ''
- - - get_param: [EndpointMap, ContrailAnalyticsCollectorSandeshAdmin,
- protocol]
- - ://
- - str_replace:
- template:
- get_param: [EndpointMap, ContrailAnalyticsCollectorSandeshAdmin,
- host]
- params:
- CLOUDNAME:
- get_param:
- - CloudEndpoints
- - get_param: [ServiceNetMap, ContrailAnalyticsNetwork]
- IP_ADDRESS:
- get_param:
- - NetIpMap
- - str_replace:
- params:
- NETWORK:
- get_param: [ServiceNetMap, ContrailAnalyticsNetwork]
- template: NETWORK_uri
- - ':'
- - get_param: [EndpointMap, ContrailAnalyticsCollectorSandeshAdmin,
- port]
- uri_no_suffix:
- list_join:
- - ''
- - - get_param: [EndpointMap, ContrailAnalyticsCollectorSandeshAdmin,
- protocol]
- - ://
- - str_replace:
- template:
- get_param: [EndpointMap, ContrailAnalyticsCollectorSandeshAdmin,
- host]
- params:
- CLOUDNAME:
- get_param:
- - CloudEndpoints
- - get_param: [ServiceNetMap, ContrailAnalyticsNetwork]
- IP_ADDRESS:
- get_param:
- - NetIpMap
- - str_replace:
- params:
- NETWORK:
- get_param: [ServiceNetMap, ContrailAnalyticsNetwork]
- template: NETWORK_uri
- - ':'
- - get_param: [EndpointMap, ContrailAnalyticsCollectorSandeshAdmin,
- port]
- ContrailAnalyticsCollectorSandeshInternal:
- host:
- str_replace:
- template:
- get_param: [EndpointMap, ContrailAnalyticsCollectorSandeshInternal,
- host]
- params:
- CLOUDNAME:
- get_param:
- - CloudEndpoints
- - get_param: [ServiceNetMap, ContrailAnalyticsNetwork]
- IP_ADDRESS:
- get_param:
- - NetIpMap
- - str_replace:
- params:
- NETWORK:
- get_param: [ServiceNetMap, ContrailAnalyticsNetwork]
- template: NETWORK_uri
- host_nobrackets:
- str_replace:
- template:
- get_param: [EndpointMap, ContrailAnalyticsCollectorSandeshInternal,
- host]
- params:
- CLOUDNAME:
- get_param:
- - CloudEndpoints
- - get_param: [ServiceNetMap, ContrailAnalyticsNetwork]
- IP_ADDRESS:
- get_param:
- - NetIpMap
- - get_param: [ServiceNetMap, ContrailAnalyticsNetwork]
- port:
- get_param: [EndpointMap, ContrailAnalyticsCollectorSandeshInternal,
- port]
- protocol:
- get_param: [EndpointMap, ContrailAnalyticsCollectorSandeshInternal,
- protocol]
- uri:
- list_join:
- - ''
- - - get_param: [EndpointMap, ContrailAnalyticsCollectorSandeshInternal,
- protocol]
- - ://
- - str_replace:
- template:
- get_param: [EndpointMap, ContrailAnalyticsCollectorSandeshInternal,
- host]
- params:
- CLOUDNAME:
- get_param:
- - CloudEndpoints
- - get_param: [ServiceNetMap, ContrailAnalyticsNetwork]
- IP_ADDRESS:
- get_param:
- - NetIpMap
- - str_replace:
- params:
- NETWORK:
- get_param: [ServiceNetMap, ContrailAnalyticsNetwork]
- template: NETWORK_uri
- - ':'
- - get_param: [EndpointMap, ContrailAnalyticsCollectorSandeshInternal,
- port]
- uri_no_suffix:
- list_join:
- - ''
- - - get_param: [EndpointMap, ContrailAnalyticsCollectorSandeshInternal,
- protocol]
- - ://
- - str_replace:
- template:
- get_param: [EndpointMap, ContrailAnalyticsCollectorSandeshInternal,
- host]
- params:
- CLOUDNAME:
- get_param:
- - CloudEndpoints
- - get_param: [ServiceNetMap, ContrailAnalyticsNetwork]
- IP_ADDRESS:
- get_param:
- - NetIpMap
- - str_replace:
- params:
- NETWORK:
- get_param: [ServiceNetMap, ContrailAnalyticsNetwork]
- template: NETWORK_uri
- - ':'
- - get_param: [EndpointMap, ContrailAnalyticsCollectorSandeshInternal,
- port]
- ContrailAnalyticsCollectorSandeshPublic:
- host:
- str_replace:
- template:
- get_param: [EndpointMap, ContrailAnalyticsCollectorSandeshPublic,
- host]
- params:
- CLOUDNAME:
- get_param:
- - CloudEndpoints
- - get_param: [ServiceNetMap, PublicNetwork]
- IP_ADDRESS:
- get_param:
- - NetIpMap
- - str_replace:
- params:
- NETWORK:
- get_param: [ServiceNetMap, PublicNetwork]
- template: NETWORK_uri
- host_nobrackets:
- str_replace:
- template:
- get_param: [EndpointMap, ContrailAnalyticsCollectorSandeshPublic,
- host]
- params:
- CLOUDNAME:
- get_param:
- - CloudEndpoints
- - get_param: [ServiceNetMap, PublicNetwork]
- IP_ADDRESS:
- get_param:
- - NetIpMap
- - get_param: [ServiceNetMap, PublicNetwork]
- port:
- get_param: [EndpointMap, ContrailAnalyticsCollectorSandeshPublic,
- port]
- protocol:
- get_param: [EndpointMap, ContrailAnalyticsCollectorSandeshPublic,
- protocol]
- uri:
- list_join:
- - ''
- - - get_param: [EndpointMap, ContrailAnalyticsCollectorSandeshPublic,
- protocol]
- - ://
- - str_replace:
- template:
- get_param: [EndpointMap, ContrailAnalyticsCollectorSandeshPublic,
- host]
- params:
- CLOUDNAME:
- get_param:
- - CloudEndpoints
- - get_param: [ServiceNetMap, PublicNetwork]
- IP_ADDRESS:
- get_param:
- - NetIpMap
- - str_replace:
- params:
- NETWORK:
- get_param: [ServiceNetMap, PublicNetwork]
- template: NETWORK_uri
- - ':'
- - get_param: [EndpointMap, ContrailAnalyticsCollectorSandeshPublic,
- port]
- uri_no_suffix:
- list_join:
- - ''
- - - get_param: [EndpointMap, ContrailAnalyticsCollectorSandeshPublic,
- protocol]
- - ://
- - str_replace:
- template:
- get_param: [EndpointMap, ContrailAnalyticsCollectorSandeshPublic,
- host]
- params:
- CLOUDNAME:
- get_param:
- - CloudEndpoints
- - get_param: [ServiceNetMap, PublicNetwork]
- IP_ADDRESS:
- get_param:
- - NetIpMap
- - str_replace:
- params:
- NETWORK:
- get_param: [ServiceNetMap, PublicNetwork]
- template: NETWORK_uri
- - ':'
- - get_param: [EndpointMap, ContrailAnalyticsCollectorSandeshPublic,
- port]
- ContrailAnalyticsHttpAdmin:
- host:
- str_replace:
- template:
- get_param: [EndpointMap, ContrailAnalyticsHttpAdmin, host]
- params:
- CLOUDNAME:
- get_param:
- - CloudEndpoints
- - get_param: [ServiceNetMap, ContrailAnalyticsNetwork]
- IP_ADDRESS:
- get_param:
- - NetIpMap
- - str_replace:
- params:
- NETWORK:
- get_param: [ServiceNetMap, ContrailAnalyticsNetwork]
- template: NETWORK_uri
- host_nobrackets:
- str_replace:
- template:
- get_param: [EndpointMap, ContrailAnalyticsHttpAdmin, host]
- params:
- CLOUDNAME:
- get_param:
- - CloudEndpoints
- - get_param: [ServiceNetMap, ContrailAnalyticsNetwork]
- IP_ADDRESS:
- get_param:
- - NetIpMap
- - get_param: [ServiceNetMap, ContrailAnalyticsNetwork]
- port:
- get_param: [EndpointMap, ContrailAnalyticsHttpAdmin, port]
- protocol:
- get_param: [EndpointMap, ContrailAnalyticsHttpAdmin, protocol]
- uri:
- list_join:
- - ''
- - - get_param: [EndpointMap, ContrailAnalyticsHttpAdmin, protocol]
- - ://
- - str_replace:
- template:
- get_param: [EndpointMap, ContrailAnalyticsHttpAdmin,
- host]
- params:
- CLOUDNAME:
- get_param:
- - CloudEndpoints
- - get_param: [ServiceNetMap, ContrailAnalyticsNetwork]
- IP_ADDRESS:
- get_param:
- - NetIpMap
- - str_replace:
- params:
- NETWORK:
- get_param: [ServiceNetMap, ContrailAnalyticsNetwork]
- template: NETWORK_uri
- - ':'
- - get_param: [EndpointMap, ContrailAnalyticsHttpAdmin, port]
- uri_no_suffix:
- list_join:
- - ''
- - - get_param: [EndpointMap, ContrailAnalyticsHttpAdmin, protocol]
- - ://
- - str_replace:
- template:
- get_param: [EndpointMap, ContrailAnalyticsHttpAdmin,
- host]
- params:
- CLOUDNAME:
- get_param:
- - CloudEndpoints
- - get_param: [ServiceNetMap, ContrailAnalyticsNetwork]
- IP_ADDRESS:
- get_param:
- - NetIpMap
- - str_replace:
- params:
- NETWORK:
- get_param: [ServiceNetMap, ContrailAnalyticsNetwork]
- template: NETWORK_uri
- - ':'
- - get_param: [EndpointMap, ContrailAnalyticsHttpAdmin, port]
- ContrailAnalyticsHttpInternal:
- host:
- str_replace:
- template:
- get_param: [EndpointMap, ContrailAnalyticsHttpInternal,
- host]
- params:
- CLOUDNAME:
- get_param:
- - CloudEndpoints
- - get_param: [ServiceNetMap, ContrailAnalyticsNetwork]
- IP_ADDRESS:
- get_param:
- - NetIpMap
- - str_replace:
- params:
- NETWORK:
- get_param: [ServiceNetMap, ContrailAnalyticsNetwork]
- template: NETWORK_uri
- host_nobrackets:
- str_replace:
- template:
- get_param: [EndpointMap, ContrailAnalyticsHttpInternal,
- host]
- params:
- CLOUDNAME:
- get_param:
- - CloudEndpoints
- - get_param: [ServiceNetMap, ContrailAnalyticsNetwork]
- IP_ADDRESS:
- get_param:
- - NetIpMap
- - get_param: [ServiceNetMap, ContrailAnalyticsNetwork]
- port:
- get_param: [EndpointMap, ContrailAnalyticsHttpInternal, port]
- protocol:
- get_param: [EndpointMap, ContrailAnalyticsHttpInternal, protocol]
- uri:
- list_join:
- - ''
- - - get_param: [EndpointMap, ContrailAnalyticsHttpInternal,
- protocol]
- - ://
- - str_replace:
- template:
- get_param: [EndpointMap, ContrailAnalyticsHttpInternal,
- host]
- params:
- CLOUDNAME:
- get_param:
- - CloudEndpoints
- - get_param: [ServiceNetMap, ContrailAnalyticsNetwork]
- IP_ADDRESS:
- get_param:
- - NetIpMap
- - str_replace:
- params:
- NETWORK:
- get_param: [ServiceNetMap, ContrailAnalyticsNetwork]
- template: NETWORK_uri
- - ':'
- - get_param: [EndpointMap, ContrailAnalyticsHttpInternal,
- port]
- uri_no_suffix:
- list_join:
- - ''
- - - get_param: [EndpointMap, ContrailAnalyticsHttpInternal,
- protocol]
- - ://
- - str_replace:
- template:
- get_param: [EndpointMap, ContrailAnalyticsHttpInternal,
- host]
- params:
- CLOUDNAME:
- get_param:
- - CloudEndpoints
- - get_param: [ServiceNetMap, ContrailAnalyticsNetwork]
- IP_ADDRESS:
- get_param:
- - NetIpMap
- - str_replace:
- params:
- NETWORK:
- get_param: [ServiceNetMap, ContrailAnalyticsNetwork]
- template: NETWORK_uri
- - ':'
- - get_param: [EndpointMap, ContrailAnalyticsHttpInternal,
- port]
- ContrailAnalyticsHttpPublic:
- host:
- str_replace:
- template:
- get_param: [EndpointMap, ContrailAnalyticsHttpPublic, host]
- params:
- CLOUDNAME:
- get_param:
- - CloudEndpoints
- - get_param: [ServiceNetMap, PublicNetwork]
- IP_ADDRESS:
- get_param:
- - NetIpMap
- - str_replace:
- params:
- NETWORK:
- get_param: [ServiceNetMap, PublicNetwork]
- template: NETWORK_uri
- host_nobrackets:
- str_replace:
- template:
- get_param: [EndpointMap, ContrailAnalyticsHttpPublic, host]
- params:
- CLOUDNAME:
- get_param:
- - CloudEndpoints
- - get_param: [ServiceNetMap, PublicNetwork]
- IP_ADDRESS:
- get_param:
- - NetIpMap
- - get_param: [ServiceNetMap, PublicNetwork]
- port:
- get_param: [EndpointMap, ContrailAnalyticsHttpPublic, port]
- protocol:
- get_param: [EndpointMap, ContrailAnalyticsHttpPublic, protocol]
- uri:
- list_join:
- - ''
- - - get_param: [EndpointMap, ContrailAnalyticsHttpPublic, protocol]
- - ://
- - str_replace:
- template:
- get_param: [EndpointMap, ContrailAnalyticsHttpPublic,
- host]
- params:
- CLOUDNAME:
- get_param:
- - CloudEndpoints
- - get_param: [ServiceNetMap, PublicNetwork]
- IP_ADDRESS:
- get_param:
- - NetIpMap
- - str_replace:
- params:
- NETWORK:
- get_param: [ServiceNetMap, PublicNetwork]
- template: NETWORK_uri
- - ':'
- - get_param: [EndpointMap, ContrailAnalyticsHttpPublic, port]
- uri_no_suffix:
- list_join:
- - ''
- - - get_param: [EndpointMap, ContrailAnalyticsHttpPublic, protocol]
- - ://
- - str_replace:
- template:
- get_param: [EndpointMap, ContrailAnalyticsHttpPublic,
- host]
- params:
- CLOUDNAME:
- get_param:
- - CloudEndpoints
- - get_param: [ServiceNetMap, PublicNetwork]
- IP_ADDRESS:
- get_param:
- - NetIpMap
- - str_replace:
- params:
- NETWORK:
- get_param: [ServiceNetMap, PublicNetwork]
- template: NETWORK_uri
- - ':'
- - get_param: [EndpointMap, ContrailAnalyticsHttpPublic, port]
- ContrailAnalyticsRedisAdmin:
- host:
- str_replace:
- template:
- get_param: [EndpointMap, ContrailAnalyticsRedisAdmin, host]
- params:
- CLOUDNAME:
- get_param:
- - CloudEndpoints
- - get_param: [ServiceNetMap, ContrailAnalyticsNetwork]
- IP_ADDRESS:
- get_param:
- - NetIpMap
- - str_replace:
- params:
- NETWORK:
- get_param: [ServiceNetMap, ContrailAnalyticsNetwork]
- template: NETWORK_uri
- host_nobrackets:
- str_replace:
- template:
- get_param: [EndpointMap, ContrailAnalyticsRedisAdmin, host]
- params:
- CLOUDNAME:
- get_param:
- - CloudEndpoints
- - get_param: [ServiceNetMap, ContrailAnalyticsNetwork]
- IP_ADDRESS:
- get_param:
- - NetIpMap
- - get_param: [ServiceNetMap, ContrailAnalyticsNetwork]
- port:
- get_param: [EndpointMap, ContrailAnalyticsRedisAdmin, port]
- protocol:
- get_param: [EndpointMap, ContrailAnalyticsRedisAdmin, protocol]
- uri:
- list_join:
- - ''
- - - get_param: [EndpointMap, ContrailAnalyticsRedisAdmin, protocol]
- - ://
- - str_replace:
- template:
- get_param: [EndpointMap, ContrailAnalyticsRedisAdmin,
- host]
- params:
- CLOUDNAME:
- get_param:
- - CloudEndpoints
- - get_param: [ServiceNetMap, ContrailAnalyticsNetwork]
- IP_ADDRESS:
- get_param:
- - NetIpMap
- - str_replace:
- params:
- NETWORK:
- get_param: [ServiceNetMap, ContrailAnalyticsNetwork]
- template: NETWORK_uri
- - ':'
- - get_param: [EndpointMap, ContrailAnalyticsRedisAdmin, port]
- uri_no_suffix:
- list_join:
- - ''
- - - get_param: [EndpointMap, ContrailAnalyticsRedisAdmin, protocol]
- - ://
- - str_replace:
- template:
- get_param: [EndpointMap, ContrailAnalyticsRedisAdmin,
- host]
- params:
- CLOUDNAME:
- get_param:
- - CloudEndpoints
- - get_param: [ServiceNetMap, ContrailAnalyticsNetwork]
- IP_ADDRESS:
- get_param:
- - NetIpMap
- - str_replace:
- params:
- NETWORK:
- get_param: [ServiceNetMap, ContrailAnalyticsNetwork]
- template: NETWORK_uri
- - ':'
- - get_param: [EndpointMap, ContrailAnalyticsRedisAdmin, port]
- ContrailAnalyticsRedisInternal:
- host:
- str_replace:
- template:
- get_param: [EndpointMap, ContrailAnalyticsRedisInternal,
- host]
- params:
- CLOUDNAME:
- get_param:
- - CloudEndpoints
- - get_param: [ServiceNetMap, ContrailAnalyticsNetwork]
- IP_ADDRESS:
- get_param:
- - NetIpMap
- - str_replace:
- params:
- NETWORK:
- get_param: [ServiceNetMap, ContrailAnalyticsNetwork]
- template: NETWORK_uri
- host_nobrackets:
- str_replace:
- template:
- get_param: [EndpointMap, ContrailAnalyticsRedisInternal,
- host]
- params:
- CLOUDNAME:
- get_param:
- - CloudEndpoints
- - get_param: [ServiceNetMap, ContrailAnalyticsNetwork]
- IP_ADDRESS:
- get_param:
- - NetIpMap
- - get_param: [ServiceNetMap, ContrailAnalyticsNetwork]
- port:
- get_param: [EndpointMap, ContrailAnalyticsRedisInternal, port]
- protocol:
- get_param: [EndpointMap, ContrailAnalyticsRedisInternal, protocol]
- uri:
- list_join:
- - ''
- - - get_param: [EndpointMap, ContrailAnalyticsRedisInternal,
- protocol]
- - ://
- - str_replace:
- template:
- get_param: [EndpointMap, ContrailAnalyticsRedisInternal,
- host]
- params:
- CLOUDNAME:
- get_param:
- - CloudEndpoints
- - get_param: [ServiceNetMap, ContrailAnalyticsNetwork]
- IP_ADDRESS:
- get_param:
- - NetIpMap
- - str_replace:
- params:
- NETWORK:
- get_param: [ServiceNetMap, ContrailAnalyticsNetwork]
- template: NETWORK_uri
- - ':'
- - get_param: [EndpointMap, ContrailAnalyticsRedisInternal,
- port]
- uri_no_suffix:
- list_join:
- - ''
- - - get_param: [EndpointMap, ContrailAnalyticsRedisInternal,
- protocol]
- - ://
- - str_replace:
- template:
- get_param: [EndpointMap, ContrailAnalyticsRedisInternal,
- host]
- params:
- CLOUDNAME:
- get_param:
- - CloudEndpoints
- - get_param: [ServiceNetMap, ContrailAnalyticsNetwork]
- IP_ADDRESS:
- get_param:
- - NetIpMap
- - str_replace:
- params:
- NETWORK:
- get_param: [ServiceNetMap, ContrailAnalyticsNetwork]
- template: NETWORK_uri
- - ':'
- - get_param: [EndpointMap, ContrailAnalyticsRedisInternal,
- port]
- ContrailAnalyticsRedisPublic:
- host:
- str_replace:
- template:
- get_param: [EndpointMap, ContrailAnalyticsRedisPublic, host]
- params:
- CLOUDNAME:
- get_param:
- - CloudEndpoints
- - get_param: [ServiceNetMap, PublicNetwork]
- IP_ADDRESS:
- get_param:
- - NetIpMap
- - str_replace:
- params:
- NETWORK:
- get_param: [ServiceNetMap, PublicNetwork]
- template: NETWORK_uri
- host_nobrackets:
- str_replace:
- template:
- get_param: [EndpointMap, ContrailAnalyticsRedisPublic, host]
- params:
- CLOUDNAME:
- get_param:
- - CloudEndpoints
- - get_param: [ServiceNetMap, PublicNetwork]
- IP_ADDRESS:
- get_param:
- - NetIpMap
- - get_param: [ServiceNetMap, PublicNetwork]
- port:
- get_param: [EndpointMap, ContrailAnalyticsRedisPublic, port]
- protocol:
- get_param: [EndpointMap, ContrailAnalyticsRedisPublic, protocol]
- uri:
- list_join:
- - ''
- - - get_param: [EndpointMap, ContrailAnalyticsRedisPublic, protocol]
- - ://
- - str_replace:
- template:
- get_param: [EndpointMap, ContrailAnalyticsRedisPublic,
- host]
- params:
- CLOUDNAME:
- get_param:
- - CloudEndpoints
- - get_param: [ServiceNetMap, PublicNetwork]
- IP_ADDRESS:
- get_param:
- - NetIpMap
- - str_replace:
- params:
- NETWORK:
- get_param: [ServiceNetMap, PublicNetwork]
- template: NETWORK_uri
- - ':'
- - get_param: [EndpointMap, ContrailAnalyticsRedisPublic, port]
- uri_no_suffix:
- list_join:
- - ''
- - - get_param: [EndpointMap, ContrailAnalyticsRedisPublic, protocol]
- - ://
- - str_replace:
- template:
- get_param: [EndpointMap, ContrailAnalyticsRedisPublic,
- host]
- params:
- CLOUDNAME:
- get_param:
- - CloudEndpoints
- - get_param: [ServiceNetMap, PublicNetwork]
- IP_ADDRESS:
- get_param:
- - NetIpMap
- - str_replace:
- params:
- NETWORK:
- get_param: [ServiceNetMap, PublicNetwork]
- template: NETWORK_uri
- - ':'
- - get_param: [EndpointMap, ContrailAnalyticsRedisPublic, port]
- ContrailConfigAdmin:
- host:
- str_replace:
- template:
- get_param: [EndpointMap, ContrailConfigAdmin, host]
- params:
- CLOUDNAME:
- get_param:
- - CloudEndpoints
- - get_param: [ServiceNetMap, ContrailConfigNetwork]
- IP_ADDRESS:
- get_param:
- - NetIpMap
- - str_replace:
- params:
- NETWORK:
- get_param: [ServiceNetMap, ContrailConfigNetwork]
- template: NETWORK_uri
- host_nobrackets:
- str_replace:
- template:
- get_param: [EndpointMap, ContrailConfigAdmin, host]
- params:
- CLOUDNAME:
- get_param:
- - CloudEndpoints
- - get_param: [ServiceNetMap, ContrailConfigNetwork]
- IP_ADDRESS:
- get_param:
- - NetIpMap
- - get_param: [ServiceNetMap, ContrailConfigNetwork]
- port:
- get_param: [EndpointMap, ContrailConfigAdmin, port]
- protocol:
- get_param: [EndpointMap, ContrailConfigAdmin, protocol]
- uri:
- list_join:
- - ''
- - - get_param: [EndpointMap, ContrailConfigAdmin, protocol]
- - ://
- - str_replace:
- template:
- get_param: [EndpointMap, ContrailConfigAdmin, host]
- params:
- CLOUDNAME:
- get_param:
- - CloudEndpoints
- - get_param: [ServiceNetMap, ContrailConfigNetwork]
- IP_ADDRESS:
- get_param:
- - NetIpMap
- - str_replace:
- params:
- NETWORK:
- get_param: [ServiceNetMap, ContrailConfigNetwork]
- template: NETWORK_uri
- - ':'
- - get_param: [EndpointMap, ContrailConfigAdmin, port]
- uri_no_suffix:
- list_join:
- - ''
- - - get_param: [EndpointMap, ContrailConfigAdmin, protocol]
- - ://
- - str_replace:
- template:
- get_param: [EndpointMap, ContrailConfigAdmin, host]
- params:
- CLOUDNAME:
- get_param:
- - CloudEndpoints
- - get_param: [ServiceNetMap, ContrailConfigNetwork]
- IP_ADDRESS:
- get_param:
- - NetIpMap
- - str_replace:
- params:
- NETWORK:
- get_param: [ServiceNetMap, ContrailConfigNetwork]
- template: NETWORK_uri
- - ':'
- - get_param: [EndpointMap, ContrailConfigAdmin, port]
- ContrailConfigInternal:
- host:
- str_replace:
- template:
- get_param: [EndpointMap, ContrailConfigInternal, host]
- params:
- CLOUDNAME:
- get_param:
- - CloudEndpoints
- - get_param: [ServiceNetMap, ContrailConfigNetwork]
- IP_ADDRESS:
- get_param:
- - NetIpMap
- - str_replace:
- params:
- NETWORK:
- get_param: [ServiceNetMap, ContrailConfigNetwork]
- template: NETWORK_uri
- host_nobrackets:
- str_replace:
- template:
- get_param: [EndpointMap, ContrailConfigInternal, host]
- params:
- CLOUDNAME:
- get_param:
- - CloudEndpoints
- - get_param: [ServiceNetMap, ContrailConfigNetwork]
- IP_ADDRESS:
- get_param:
- - NetIpMap
- - get_param: [ServiceNetMap, ContrailConfigNetwork]
- port:
- get_param: [EndpointMap, ContrailConfigInternal, port]
- protocol:
- get_param: [EndpointMap, ContrailConfigInternal, protocol]
- uri:
- list_join:
- - ''
- - - get_param: [EndpointMap, ContrailConfigInternal, protocol]
- - ://
- - str_replace:
- template:
- get_param: [EndpointMap, ContrailConfigInternal, host]
- params:
- CLOUDNAME:
- get_param:
- - CloudEndpoints
- - get_param: [ServiceNetMap, ContrailConfigNetwork]
- IP_ADDRESS:
- get_param:
- - NetIpMap
- - str_replace:
- params:
- NETWORK:
- get_param: [ServiceNetMap, ContrailConfigNetwork]
- template: NETWORK_uri
- - ':'
- - get_param: [EndpointMap, ContrailConfigInternal, port]
- uri_no_suffix:
- list_join:
- - ''
- - - get_param: [EndpointMap, ContrailConfigInternal, protocol]
- - ://
- - str_replace:
- template:
- get_param: [EndpointMap, ContrailConfigInternal, host]
- params:
- CLOUDNAME:
- get_param:
- - CloudEndpoints
- - get_param: [ServiceNetMap, ContrailConfigNetwork]
- IP_ADDRESS:
- get_param:
- - NetIpMap
- - str_replace:
- params:
- NETWORK:
- get_param: [ServiceNetMap, ContrailConfigNetwork]
- template: NETWORK_uri
- - ':'
- - get_param: [EndpointMap, ContrailConfigInternal, port]
- ContrailConfigPublic:
- host:
- str_replace:
- template:
- get_param: [EndpointMap, ContrailConfigPublic, host]
- params:
- CLOUDNAME:
- get_param:
- - CloudEndpoints
- - get_param: [ServiceNetMap, PublicNetwork]
- IP_ADDRESS:
- get_param:
- - NetIpMap
- - str_replace:
- params:
- NETWORK:
- get_param: [ServiceNetMap, PublicNetwork]
- template: NETWORK_uri
- host_nobrackets:
- str_replace:
- template:
- get_param: [EndpointMap, ContrailConfigPublic, host]
- params:
- CLOUDNAME:
- get_param:
- - CloudEndpoints
- - get_param: [ServiceNetMap, PublicNetwork]
- IP_ADDRESS:
- get_param:
- - NetIpMap
- - get_param: [ServiceNetMap, PublicNetwork]
- port:
- get_param: [EndpointMap, ContrailConfigPublic, port]
- protocol:
- get_param: [EndpointMap, ContrailConfigPublic, protocol]
- uri:
- list_join:
- - ''
- - - get_param: [EndpointMap, ContrailConfigPublic, protocol]
- - ://
- - str_replace:
- template:
- get_param: [EndpointMap, ContrailConfigPublic, host]
- params:
- CLOUDNAME:
- get_param:
- - CloudEndpoints
- - get_param: [ServiceNetMap, PublicNetwork]
- IP_ADDRESS:
- get_param:
- - NetIpMap
- - str_replace:
- params:
- NETWORK:
- get_param: [ServiceNetMap, PublicNetwork]
- template: NETWORK_uri
- - ':'
- - get_param: [EndpointMap, ContrailConfigPublic, port]
- uri_no_suffix:
- list_join:
- - ''
- - - get_param: [EndpointMap, ContrailConfigPublic, protocol]
- - ://
- - str_replace:
- template:
- get_param: [EndpointMap, ContrailConfigPublic, host]
- params:
- CLOUDNAME:
- get_param:
- - CloudEndpoints
- - get_param: [ServiceNetMap, PublicNetwork]
- IP_ADDRESS:
- get_param:
- - NetIpMap
- - str_replace:
- params:
- NETWORK:
- get_param: [ServiceNetMap, PublicNetwork]
- template: NETWORK_uri
- - ':'
- - get_param: [EndpointMap, ContrailConfigPublic, port]
- ContrailDiscoveryAdmin:
- host:
- str_replace:
- template:
- get_param: [EndpointMap, ContrailDiscoveryAdmin, host]
- params:
- CLOUDNAME:
- get_param:
- - CloudEndpoints
- - get_param: [ServiceNetMap, ContrailConfigNetwork]
- IP_ADDRESS:
- get_param:
- - NetIpMap
- - str_replace:
- params:
- NETWORK:
- get_param: [ServiceNetMap, ContrailConfigNetwork]
- template: NETWORK_uri
- host_nobrackets:
- str_replace:
- template:
- get_param: [EndpointMap, ContrailDiscoveryAdmin, host]
- params:
- CLOUDNAME:
- get_param:
- - CloudEndpoints
- - get_param: [ServiceNetMap, ContrailConfigNetwork]
- IP_ADDRESS:
- get_param:
- - NetIpMap
- - get_param: [ServiceNetMap, ContrailConfigNetwork]
- port:
- get_param: [EndpointMap, ContrailDiscoveryAdmin, port]
- protocol:
- get_param: [EndpointMap, ContrailDiscoveryAdmin, protocol]
- uri:
- list_join:
- - ''
- - - get_param: [EndpointMap, ContrailDiscoveryAdmin, protocol]
- - ://
- - str_replace:
- template:
- get_param: [EndpointMap, ContrailDiscoveryAdmin, host]
- params:
- CLOUDNAME:
- get_param:
- - CloudEndpoints
- - get_param: [ServiceNetMap, ContrailConfigNetwork]
- IP_ADDRESS:
- get_param:
- - NetIpMap
- - str_replace:
- params:
- NETWORK:
- get_param: [ServiceNetMap, ContrailConfigNetwork]
- template: NETWORK_uri
- - ':'
- - get_param: [EndpointMap, ContrailDiscoveryAdmin, port]
- uri_no_suffix:
- list_join:
- - ''
- - - get_param: [EndpointMap, ContrailDiscoveryAdmin, protocol]
- - ://
- - str_replace:
- template:
- get_param: [EndpointMap, ContrailDiscoveryAdmin, host]
- params:
- CLOUDNAME:
- get_param:
- - CloudEndpoints
- - get_param: [ServiceNetMap, ContrailConfigNetwork]
- IP_ADDRESS:
- get_param:
- - NetIpMap
- - str_replace:
- params:
- NETWORK:
- get_param: [ServiceNetMap, ContrailConfigNetwork]
- template: NETWORK_uri
- - ':'
- - get_param: [EndpointMap, ContrailDiscoveryAdmin, port]
- ContrailDiscoveryInternal:
- host:
- str_replace:
- template:
- get_param: [EndpointMap, ContrailDiscoveryInternal, host]
- params:
- CLOUDNAME:
- get_param:
- - CloudEndpoints
- - get_param: [ServiceNetMap, ContrailConfigNetwork]
- IP_ADDRESS:
- get_param:
- - NetIpMap
- - str_replace:
- params:
- NETWORK:
- get_param: [ServiceNetMap, ContrailConfigNetwork]
- template: NETWORK_uri
- host_nobrackets:
- str_replace:
- template:
- get_param: [EndpointMap, ContrailDiscoveryInternal, host]
- params:
- CLOUDNAME:
- get_param:
- - CloudEndpoints
- - get_param: [ServiceNetMap, ContrailConfigNetwork]
- IP_ADDRESS:
- get_param:
- - NetIpMap
- - get_param: [ServiceNetMap, ContrailConfigNetwork]
- port:
- get_param: [EndpointMap, ContrailDiscoveryInternal, port]
- protocol:
- get_param: [EndpointMap, ContrailDiscoveryInternal, protocol]
- uri:
- list_join:
- - ''
- - - get_param: [EndpointMap, ContrailDiscoveryInternal, protocol]
- - ://
- - str_replace:
- template:
- get_param: [EndpointMap, ContrailDiscoveryInternal,
- host]
- params:
- CLOUDNAME:
- get_param:
- - CloudEndpoints
- - get_param: [ServiceNetMap, ContrailConfigNetwork]
- IP_ADDRESS:
- get_param:
- - NetIpMap
- - str_replace:
- params:
- NETWORK:
- get_param: [ServiceNetMap, ContrailConfigNetwork]
- template: NETWORK_uri
- - ':'
- - get_param: [EndpointMap, ContrailDiscoveryInternal, port]
- uri_no_suffix:
- list_join:
- - ''
- - - get_param: [EndpointMap, ContrailDiscoveryInternal, protocol]
- - ://
- - str_replace:
- template:
- get_param: [EndpointMap, ContrailDiscoveryInternal,
- host]
- params:
- CLOUDNAME:
- get_param:
- - CloudEndpoints
- - get_param: [ServiceNetMap, ContrailConfigNetwork]
- IP_ADDRESS:
- get_param:
- - NetIpMap
- - str_replace:
- params:
- NETWORK:
- get_param: [ServiceNetMap, ContrailConfigNetwork]
- template: NETWORK_uri
- - ':'
- - get_param: [EndpointMap, ContrailDiscoveryInternal, port]
- ContrailDiscoveryPublic:
- host:
- str_replace:
- template:
- get_param: [EndpointMap, ContrailDiscoveryPublic, host]
- params:
- CLOUDNAME:
- get_param:
- - CloudEndpoints
- - get_param: [ServiceNetMap, PublicNetwork]
- IP_ADDRESS:
- get_param:
- - NetIpMap
- - str_replace:
- params:
- NETWORK:
- get_param: [ServiceNetMap, PublicNetwork]
- template: NETWORK_uri
- host_nobrackets:
- str_replace:
- template:
- get_param: [EndpointMap, ContrailDiscoveryPublic, host]
- params:
- CLOUDNAME:
- get_param:
- - CloudEndpoints
- - get_param: [ServiceNetMap, PublicNetwork]
- IP_ADDRESS:
- get_param:
- - NetIpMap
- - get_param: [ServiceNetMap, PublicNetwork]
- port:
- get_param: [EndpointMap, ContrailDiscoveryPublic, port]
- protocol:
- get_param: [EndpointMap, ContrailDiscoveryPublic, protocol]
- uri:
- list_join:
- - ''
- - - get_param: [EndpointMap, ContrailDiscoveryPublic, protocol]
- - ://
- - str_replace:
- template:
- get_param: [EndpointMap, ContrailDiscoveryPublic, host]
- params:
- CLOUDNAME:
- get_param:
- - CloudEndpoints
- - get_param: [ServiceNetMap, PublicNetwork]
- IP_ADDRESS:
- get_param:
- - NetIpMap
- - str_replace:
- params:
- NETWORK:
- get_param: [ServiceNetMap, PublicNetwork]
- template: NETWORK_uri
- - ':'
- - get_param: [EndpointMap, ContrailDiscoveryPublic, port]
- uri_no_suffix:
- list_join:
- - ''
- - - get_param: [EndpointMap, ContrailDiscoveryPublic, protocol]
- - ://
- - str_replace:
- template:
- get_param: [EndpointMap, ContrailDiscoveryPublic, host]
- params:
- CLOUDNAME:
- get_param:
- - CloudEndpoints
- - get_param: [ServiceNetMap, PublicNetwork]
- IP_ADDRESS:
- get_param:
- - NetIpMap
- - str_replace:
- params:
- NETWORK:
- get_param: [ServiceNetMap, PublicNetwork]
- template: NETWORK_uri
- - ':'
- - get_param: [EndpointMap, ContrailDiscoveryPublic, port]
- ContrailWebuiHttpAdmin:
- host:
- str_replace:
- template:
- get_param: [EndpointMap, ContrailWebuiHttpAdmin, host]
- params:
- CLOUDNAME:
- get_param:
- - CloudEndpoints
- - get_param: [ServiceNetMap, ContrailConfigNetwork]
- IP_ADDRESS:
- get_param:
- - NetIpMap
- - str_replace:
- params:
- NETWORK:
- get_param: [ServiceNetMap, ContrailConfigNetwork]
- template: NETWORK_uri
- host_nobrackets:
- str_replace:
- template:
- get_param: [EndpointMap, ContrailWebuiHttpAdmin, host]
- params:
- CLOUDNAME:
- get_param:
- - CloudEndpoints
- - get_param: [ServiceNetMap, ContrailConfigNetwork]
- IP_ADDRESS:
- get_param:
- - NetIpMap
- - get_param: [ServiceNetMap, ContrailConfigNetwork]
- port:
- get_param: [EndpointMap, ContrailWebuiHttpAdmin, port]
- protocol:
- get_param: [EndpointMap, ContrailWebuiHttpAdmin, protocol]
- uri:
- list_join:
- - ''
- - - get_param: [EndpointMap, ContrailWebuiHttpAdmin, protocol]
- - ://
- - str_replace:
- template:
- get_param: [EndpointMap, ContrailWebuiHttpAdmin, host]
- params:
- CLOUDNAME:
- get_param:
- - CloudEndpoints
- - get_param: [ServiceNetMap, ContrailConfigNetwork]
- IP_ADDRESS:
- get_param:
- - NetIpMap
- - str_replace:
- params:
- NETWORK:
- get_param: [ServiceNetMap, ContrailConfigNetwork]
- template: NETWORK_uri
- - ':'
- - get_param: [EndpointMap, ContrailWebuiHttpAdmin, port]
- uri_no_suffix:
- list_join:
- - ''
- - - get_param: [EndpointMap, ContrailWebuiHttpAdmin, protocol]
- - ://
- - str_replace:
- template:
- get_param: [EndpointMap, ContrailWebuiHttpAdmin, host]
- params:
- CLOUDNAME:
- get_param:
- - CloudEndpoints
- - get_param: [ServiceNetMap, ContrailConfigNetwork]
- IP_ADDRESS:
- get_param:
- - NetIpMap
- - str_replace:
- params:
- NETWORK:
- get_param: [ServiceNetMap, ContrailConfigNetwork]
- template: NETWORK_uri
- - ':'
- - get_param: [EndpointMap, ContrailWebuiHttpAdmin, port]
- ContrailWebuiHttpInternal:
- host:
- str_replace:
- template:
- get_param: [EndpointMap, ContrailWebuiHttpInternal, host]
- params:
- CLOUDNAME:
- get_param:
- - CloudEndpoints
- - get_param: [ServiceNetMap, ContrailConfigNetwork]
- IP_ADDRESS:
- get_param:
- - NetIpMap
- - str_replace:
- params:
- NETWORK:
- get_param: [ServiceNetMap, ContrailConfigNetwork]
- template: NETWORK_uri
- host_nobrackets:
- str_replace:
- template:
- get_param: [EndpointMap, ContrailWebuiHttpInternal, host]
- params:
- CLOUDNAME:
- get_param:
- - CloudEndpoints
- - get_param: [ServiceNetMap, ContrailConfigNetwork]
- IP_ADDRESS:
- get_param:
- - NetIpMap
- - get_param: [ServiceNetMap, ContrailConfigNetwork]
- port:
- get_param: [EndpointMap, ContrailWebuiHttpInternal, port]
- protocol:
- get_param: [EndpointMap, ContrailWebuiHttpInternal, protocol]
- uri:
- list_join:
- - ''
- - - get_param: [EndpointMap, ContrailWebuiHttpInternal, protocol]
- - ://
- - str_replace:
- template:
- get_param: [EndpointMap, ContrailWebuiHttpInternal,
- host]
- params:
- CLOUDNAME:
- get_param:
- - CloudEndpoints
- - get_param: [ServiceNetMap, ContrailConfigNetwork]
- IP_ADDRESS:
- get_param:
- - NetIpMap
- - str_replace:
- params:
- NETWORK:
- get_param: [ServiceNetMap, ContrailConfigNetwork]
- template: NETWORK_uri
- - ':'
- - get_param: [EndpointMap, ContrailWebuiHttpInternal, port]
- uri_no_suffix:
- list_join:
- - ''
- - - get_param: [EndpointMap, ContrailWebuiHttpInternal, protocol]
- - ://
- - str_replace:
- template:
- get_param: [EndpointMap, ContrailWebuiHttpInternal,
- host]
- params:
- CLOUDNAME:
- get_param:
- - CloudEndpoints
- - get_param: [ServiceNetMap, ContrailConfigNetwork]
- IP_ADDRESS:
- get_param:
- - NetIpMap
- - str_replace:
- params:
- NETWORK:
- get_param: [ServiceNetMap, ContrailConfigNetwork]
- template: NETWORK_uri
- - ':'
- - get_param: [EndpointMap, ContrailWebuiHttpInternal, port]
- ContrailWebuiHttpPublic:
- host:
- str_replace:
- template:
- get_param: [EndpointMap, ContrailWebuiHttpPublic, host]
- params:
- CLOUDNAME:
- get_param:
- - CloudEndpoints
- - get_param: [ServiceNetMap, PublicNetwork]
- IP_ADDRESS:
- get_param:
- - NetIpMap
- - str_replace:
- params:
- NETWORK:
- get_param: [ServiceNetMap, PublicNetwork]
- template: NETWORK_uri
- host_nobrackets:
- str_replace:
- template:
- get_param: [EndpointMap, ContrailWebuiHttpPublic, host]
- params:
- CLOUDNAME:
- get_param:
- - CloudEndpoints
- - get_param: [ServiceNetMap, PublicNetwork]
- IP_ADDRESS:
- get_param:
- - NetIpMap
- - get_param: [ServiceNetMap, PublicNetwork]
- port:
- get_param: [EndpointMap, ContrailWebuiHttpPublic, port]
- protocol:
- get_param: [EndpointMap, ContrailWebuiHttpPublic, protocol]
- uri:
- list_join:
- - ''
- - - get_param: [EndpointMap, ContrailWebuiHttpPublic, protocol]
- - ://
- - str_replace:
- template:
- get_param: [EndpointMap, ContrailWebuiHttpPublic, host]
- params:
- CLOUDNAME:
- get_param:
- - CloudEndpoints
- - get_param: [ServiceNetMap, PublicNetwork]
- IP_ADDRESS:
- get_param:
- - NetIpMap
- - str_replace:
- params:
- NETWORK:
- get_param: [ServiceNetMap, PublicNetwork]
- template: NETWORK_uri
- - ':'
- - get_param: [EndpointMap, ContrailWebuiHttpPublic, port]
- uri_no_suffix:
- list_join:
- - ''
- - - get_param: [EndpointMap, ContrailWebuiHttpPublic, protocol]
- - ://
- - str_replace:
- template:
- get_param: [EndpointMap, ContrailWebuiHttpPublic, host]
- params:
- CLOUDNAME:
- get_param:
- - CloudEndpoints
- - get_param: [ServiceNetMap, PublicNetwork]
- IP_ADDRESS:
- get_param:
- - NetIpMap
- - str_replace:
- params:
- NETWORK:
- get_param: [ServiceNetMap, PublicNetwork]
- template: NETWORK_uri
- - ':'
- - get_param: [EndpointMap, ContrailWebuiHttpPublic, port]
- ContrailWebuiHttpsAdmin:
- host:
- str_replace:
- template:
- get_param: [EndpointMap, ContrailWebuiHttpsAdmin, host]
- params:
- CLOUDNAME:
- get_param:
- - CloudEndpoints
- - get_param: [ServiceNetMap, ContrailConfigNetwork]
- IP_ADDRESS:
- get_param:
- - NetIpMap
- - str_replace:
- params:
- NETWORK:
- get_param: [ServiceNetMap, ContrailConfigNetwork]
- template: NETWORK_uri
- host_nobrackets:
- str_replace:
- template:
- get_param: [EndpointMap, ContrailWebuiHttpsAdmin, host]
- params:
- CLOUDNAME:
- get_param:
- - CloudEndpoints
- - get_param: [ServiceNetMap, ContrailConfigNetwork]
- IP_ADDRESS:
- get_param:
- - NetIpMap
- - get_param: [ServiceNetMap, ContrailConfigNetwork]
- port:
- get_param: [EndpointMap, ContrailWebuiHttpsAdmin, port]
- protocol:
- get_param: [EndpointMap, ContrailWebuiHttpsAdmin, protocol]
- uri:
- list_join:
- - ''
- - - get_param: [EndpointMap, ContrailWebuiHttpsAdmin, protocol]
- - ://
- - str_replace:
- template:
- get_param: [EndpointMap, ContrailWebuiHttpsAdmin, host]
- params:
- CLOUDNAME:
- get_param:
- - CloudEndpoints
- - get_param: [ServiceNetMap, ContrailConfigNetwork]
- IP_ADDRESS:
- get_param:
- - NetIpMap
- - str_replace:
- params:
- NETWORK:
- get_param: [ServiceNetMap, ContrailConfigNetwork]
- template: NETWORK_uri
- - ':'
- - get_param: [EndpointMap, ContrailWebuiHttpsAdmin, port]
- uri_no_suffix:
- list_join:
- - ''
- - - get_param: [EndpointMap, ContrailWebuiHttpsAdmin, protocol]
- - ://
- - str_replace:
- template:
- get_param: [EndpointMap, ContrailWebuiHttpsAdmin, host]
- params:
- CLOUDNAME:
- get_param:
- - CloudEndpoints
- - get_param: [ServiceNetMap, ContrailConfigNetwork]
- IP_ADDRESS:
- get_param:
- - NetIpMap
- - str_replace:
- params:
- NETWORK:
- get_param: [ServiceNetMap, ContrailConfigNetwork]
- template: NETWORK_uri
- - ':'
- - get_param: [EndpointMap, ContrailWebuiHttpsAdmin, port]
- ContrailWebuiHttpsInternal:
- host:
- str_replace:
- template:
- get_param: [EndpointMap, ContrailWebuiHttpsInternal, host]
- params:
- CLOUDNAME:
- get_param:
- - CloudEndpoints
- - get_param: [ServiceNetMap, ContrailConfigNetwork]
- IP_ADDRESS:
- get_param:
- - NetIpMap
- - str_replace:
- params:
- NETWORK:
- get_param: [ServiceNetMap, ContrailConfigNetwork]
- template: NETWORK_uri
- host_nobrackets:
- str_replace:
- template:
- get_param: [EndpointMap, ContrailWebuiHttpsInternal, host]
- params:
- CLOUDNAME:
- get_param:
- - CloudEndpoints
- - get_param: [ServiceNetMap, ContrailConfigNetwork]
- IP_ADDRESS:
- get_param:
- - NetIpMap
- - get_param: [ServiceNetMap, ContrailConfigNetwork]
- port:
- get_param: [EndpointMap, ContrailWebuiHttpsInternal, port]
- protocol:
- get_param: [EndpointMap, ContrailWebuiHttpsInternal, protocol]
- uri:
- list_join:
- - ''
- - - get_param: [EndpointMap, ContrailWebuiHttpsInternal, protocol]
- - ://
- - str_replace:
- template:
- get_param: [EndpointMap, ContrailWebuiHttpsInternal,
- host]
- params:
- CLOUDNAME:
- get_param:
- - CloudEndpoints
- - get_param: [ServiceNetMap, ContrailConfigNetwork]
- IP_ADDRESS:
- get_param:
- - NetIpMap
- - str_replace:
- params:
- NETWORK:
- get_param: [ServiceNetMap, ContrailConfigNetwork]
- template: NETWORK_uri
- - ':'
- - get_param: [EndpointMap, ContrailWebuiHttpsInternal, port]
- uri_no_suffix:
- list_join:
- - ''
- - - get_param: [EndpointMap, ContrailWebuiHttpsInternal, protocol]
- - ://
- - str_replace:
- template:
- get_param: [EndpointMap, ContrailWebuiHttpsInternal,
- host]
- params:
- CLOUDNAME:
- get_param:
- - CloudEndpoints
- - get_param: [ServiceNetMap, ContrailConfigNetwork]
- IP_ADDRESS:
- get_param:
- - NetIpMap
- - str_replace:
- params:
- NETWORK:
- get_param: [ServiceNetMap, ContrailConfigNetwork]
- template: NETWORK_uri
- - ':'
- - get_param: [EndpointMap, ContrailWebuiHttpsInternal, port]
- ContrailWebuiHttpsPublic:
- host:
- str_replace:
- template:
- get_param: [EndpointMap, ContrailWebuiHttpsPublic, host]
- params:
- CLOUDNAME:
- get_param:
- - CloudEndpoints
- - get_param: [ServiceNetMap, PublicNetwork]
- IP_ADDRESS:
- get_param:
- - NetIpMap
- - str_replace:
- params:
- NETWORK:
- get_param: [ServiceNetMap, PublicNetwork]
- template: NETWORK_uri
- host_nobrackets:
- str_replace:
- template:
- get_param: [EndpointMap, ContrailWebuiHttpsPublic, host]
- params:
- CLOUDNAME:
- get_param:
- - CloudEndpoints
- - get_param: [ServiceNetMap, PublicNetwork]
- IP_ADDRESS:
- get_param:
- - NetIpMap
- - get_param: [ServiceNetMap, PublicNetwork]
- port:
- get_param: [EndpointMap, ContrailWebuiHttpsPublic, port]
- protocol:
- get_param: [EndpointMap, ContrailWebuiHttpsPublic, protocol]
- uri:
- list_join:
- - ''
- - - get_param: [EndpointMap, ContrailWebuiHttpsPublic, protocol]
- - ://
- - str_replace:
- template:
- get_param: [EndpointMap, ContrailWebuiHttpsPublic, host]
- params:
- CLOUDNAME:
- get_param:
- - CloudEndpoints
- - get_param: [ServiceNetMap, PublicNetwork]
- IP_ADDRESS:
- get_param:
- - NetIpMap
- - str_replace:
- params:
- NETWORK:
- get_param: [ServiceNetMap, PublicNetwork]
- template: NETWORK_uri
- - ':'
- - get_param: [EndpointMap, ContrailWebuiHttpsPublic, port]
- uri_no_suffix:
- list_join:
- - ''
- - - get_param: [EndpointMap, ContrailWebuiHttpsPublic, protocol]
- - ://
- - str_replace:
- template:
- get_param: [EndpointMap, ContrailWebuiHttpsPublic, host]
- params:
- CLOUDNAME:
- get_param:
- - CloudEndpoints
- - get_param: [ServiceNetMap, PublicNetwork]
- IP_ADDRESS:
- get_param:
- - NetIpMap
- - str_replace:
- params:
- NETWORK:
- get_param: [ServiceNetMap, PublicNetwork]
- template: NETWORK_uri
- - ':'
- - get_param: [EndpointMap, ContrailWebuiHttpsPublic, port]
Ec2ApiAdmin:
host:
str_replace:
type: json
ExternalNetAdminStateUp:
default: false
- description: This admin state of the network.
+ description: The admin state of the network.
type: boolean
ExternalNetEnableDHCP:
default: false
OS::stack_id:
description: Neutron external network
value: {get_resource: ExternalNetwork}
+ subnet_cidr:
+ value: {get_attr: ExternalSubnet, cidr}
type: json
ExternalNetAdminStateUp:
default: false
- description: This admin state of of the network.
+ description: The admin state of the network.
type: boolean
ExternalNetShared:
default: false
OS::stack_id:
description: Neutron external network
value: {get_resource: ExternalNetwork}
+ subnet_cidr:
+ value: {get_attr: ExternalSubnet, cidr}
type: json
InternalApiNetAdminStateUp:
default: false
- description: This admin state of the network.
+ description: The admin state of the network.
type: boolean
InternalApiNetEnableDHCP:
default: false
OS::stack_id:
description: Neutron internal network
value: {get_resource: InternalApiNetwork}
+ subnet_cidr:
+ value: {get_attr: InternalApiSubnet, cidr}
type: json
InternalApiNetAdminStateUp:
default: false
- description: This admin state of of the network.
+ description: The admin state of the network.
type: boolean
InternalApiNetShared:
default: false
OS::stack_id:
description: Neutron internal network
value: {get_resource: InternalApiNetwork}
+ subnet_cidr:
+ value: {get_attr: InternalApiSubnet, cidr}
OS::stack_id:
description: Neutron management network
value: {get_resource: ManagementNetwork}
-
+ subnet_cidr:
+ value: {get_attr: ManagementSubnet, cidr}
type: json
ManagementNetAdminStateUp:
default: false
- description: This admin state of of the network.
+ description: The admin state of the network.
type: boolean
ManagementNetShared:
default: false
OS::stack_id:
description: Neutron management network
value: {get_resource: ManagementNetwork}
+ subnet_cidr:
+ value: {get_attr: ManagementSubnet, cidr}
NetworkExtraConfig:
type: OS::TripleO::Network::ExtraConfig
+
+
+outputs:
+ net_cidr_map:
+ value:
+ # NOTE(gfidente): we need to replace the null value with a
+ # string to work around https://bugs.launchpad.net/heat/+bug/1700025
+ {%- for network in networks %}
+ {%- if network.name != 'InternalApi' %}
+ {{network.name_lower}}:
+ yaql:
+ data: {get_attr: [{{network.name}}Network, subnet_cidr]}
+ expression: str($.data).replace('null', 'disabled')
+ {%- else %}
+ {{network.name_lower}}:
+ yaql:
+ data: {get_attr: [InternalNetwork, subnet_cidr]}
+ expression: str($.data).replace('null', 'disabled')
+ {%- endif %}
+ {%- endfor %}
ManagementIpSubnet:
default: ''
type: string
+ description: IP address/subnet on the management network
ManagementIpUri:
default: ''
type: string
type: json
StorageNetAdminStateUp:
default: false
- description: This admin state of the network.
+ description: The admin state of the network.
type: boolean
StorageNetEnableDHCP:
default: false
OS::stack_id:
description: Neutron storage network
value: {get_resource: StorageNetwork}
+ subnet_cidr:
+ value: {get_attr: StorageSubnet, cidr}
type: json
StorageMgmtNetAdminStateUp:
default: false
- description: This admin state of the network.
+ description: The admin state of the network.
type: boolean
StorageMgmtNetEnableDHCP:
default: false
OS::stack_id:
description: Neutron storage management network
value: {get_resource: StorageMgmtNetwork}
+ subnet_cidr:
+ value: {get_attr: StorageMgmtSubnet, cidr}
type: json
StorageMgmtNetAdminStateUp:
default: false
- description: This admin state of of the network.
+ description: The admin state of the network.
type: boolean
StorageMgmtNetShared:
default: false
OS::stack_id:
description: Neutron storage management network
value: {get_resource: StorageMgmtNetwork}
+ subnet_cidr:
+ value: {get_attr: StorageMgmtSubnet, cidr}
type: json
StorageNetAdminStateUp:
default: false
- description: This admin state of of the network.
+ description: The admin state of the network.
type: boolean
StorageNetShared:
default: false
OS::stack_id:
description: Neutron storage network
value: {get_resource: StorageNetwork}
+ subnet_cidr:
+ value: {get_attr: StorageSubnet, cidr}
type: json
TenantNetAdminStateUp:
default: false
- description: This admin state of the network.
+ description: The admin state of the network.
type: boolean
TenantNetEnableDHCP:
default: false
OS::stack_id:
description: Neutron tenant network
value: {get_resource: TenantNetwork}
+ subnet_cidr:
+ value: {get_attr: TenantSubnet, cidr}
type: json
TenantNetAdminStateUp:
default: false
- description: This admin state of of the network.
+ description: The admin state of the network.
type: boolean
TenantNetShared:
default: false
OS::stack_id:
description: Neutron tenant network
value: {get_resource: TenantNetwork}
+ subnet_cidr:
+ value: {get_attr: TenantSubnet, cidr}
#
- name: External
vip: true
+ name_lower: external
- name: InternalApi
name_lower: internal_api
vip: true
- name: Storage
vip: true
+ name_lower: storage
- name: StorageMgmt
name_lower: storage_mgmt
vip: true
- name: Tenant
vip: false # Tenant network does not use VIPs
+ name_lower: tenant
- name: Management
# Management network is disabled by default
enabled: false
vip: false # Management network does not use VIPs
+ name_lower: management
# Upgrade resources
OS::TripleO::UpgradeConfig: puppet/upgrade_config.yaml
+ OS::TripleO::DeployedServerEnvironment: OS::Heat::None
+
# services
- OS::TripleO::Services: services.yaml
+ OS::TripleO::Services: common/services.yaml
OS::TripleO::Services::Apache: puppet/services/apache.yaml
OS::TripleO::Services::CACerts: puppet/services/ca-certs.yaml
OS::TripleO::Services::CephMds: OS::Heat::None
OS::TripleO::Services::NeutronOvsAgent: puppet/services/neutron-ovs-agent.yaml
OS::TripleO::Services::NeutronLinuxbridgeAgent: OS::Heat::None
OS::TripleO::Services::ComputeNeutronOvsAgent: puppet/services/neutron-ovs-agent.yaml
+ OS::TripleO::Services::ComputeNeutronOvsDpdk: OS::Heat::None
OS::TripleO::Services::Pacemaker: OS::Heat::None
OS::TripleO::Services::PacemakerRemote: OS::Heat::None
OS::TripleO::Services::NeutronSriovAgent: OS::Heat::None
OS::TripleO::Services::HAproxy: puppet/services/haproxy.yaml
OS::TripleO::Services::HAProxyPublicTLS: OS::Heat::None
OS::TripleO::Services::HAProxyInternalTLS: OS::Heat::None
+ OS::TripleO::Services::Iscsid: puppet/services/iscsid.yaml
OS::TripleO::Services::Keepalived: puppet/services/keepalived.yaml
OS::TripleO::Services::Memcached: puppet/services/memcached.yaml
OS::TripleO::Services::SaharaApi: OS::Heat::None
OS::TripleO::Services::SaharaEngine: OS::Heat::None
+ OS::TripleO::Services::Tuned: puppet/services/tuned.yaml
OS::TripleO::Services::Securetty: OS::Heat::None
OS::TripleO::Services::Sshd: puppet/services/sshd.yaml
OS::TripleO::Services::Redis: puppet/services/database/redis.yaml
OS::TripleO::Services::NovaVncProxy: puppet/services/nova-vnc-proxy.yaml
OS::TripleO::Services::NovaCompute: puppet/services/nova-compute.yaml
OS::TripleO::Services::NovaLibvirt: puppet/services/nova-libvirt.yaml
+ OS::TripleO::Services::NovaMigrationTarget: puppet/services/nova-migration-target.yaml
OS::TripleO::Services::Ntp: puppet/services/time/ntp.yaml
OS::TripleO::Services::SwiftProxy: puppet/services/swift-proxy.yaml
OS::TripleO::Services::ExternalSwiftProxy: OS::Heat::None
OS::TripleO::Services::Snmp: puppet/services/snmp.yaml
OS::TripleO::Services::Tacker: OS::Heat::None
OS::TripleO::Services::Timezone: puppet/services/time/timezone.yaml
- OS::TripleO::Services::CeilometerApi: puppet/services/ceilometer-api.yaml
+ OS::TripleO::Services::CeilometerApi: puppet/services/disabled/ceilometer-api-disabled.yaml
OS::TripleO::Services::CeilometerCollector: puppet/services/disabled/ceilometer-collector-disabled.yaml
OS::TripleO::Services::CeilometerExpirer: puppet/services/disabled/ceilometer-expirer-disabled.yaml
OS::TripleO::Services::CeilometerAgentCentral: puppet/services/ceilometer-agent-central.yaml
OS::TripleO::Services::CinderBackendDellSc: OS::Heat::None
OS::TripleO::Services::CinderBackendNetApp: OS::Heat::None
OS::TripleO::Services::CinderBackendScaleIO: OS::Heat::None
+ OS::TripleO::Services::CinderBackendVRTSHyperScale: OS::Heat::None
OS::TripleO::Services::CinderHPELeftHandISCSI: OS::Heat::None
OS::TripleO::Services::Etcd: OS::Heat::None
OS::TripleO::Services::Ec2Api: OS::Heat::None
OS::TripleO::Services::CertmongerUser: OS::Heat::None
OS::TripleO::Services::Iscsid: OS::Heat::None
OS::TripleO::Services::Clustercheck: OS::Heat::None
+ OS::TripleO::Services::VRTSHyperScale: OS::Heat::None
parameter_defaults:
EnablePackageInstall: false
Control the IP allocation for the ControlVirtualIP port. E.g.
[{'ip_address':'1.2.3.4'}]
type: json
+ ExtraConfig:
+ default: {}
+ description: |
+ Additional hiera configuration to inject into the cluster.
+ type: json
+{%- for role in roles %}
+ {{role.name}}ExtraConfig:
+ default: {}
+ description: |
+ Role specific additional hiera configuration to inject into the cluster.
+ type: json
+{%- endfor %}
+ controllerExtraConfig:
+ default: {}
+ description: |
+ DEPRECATED use ControllerExtraConfig instead
+ type: json
+ NovaComputeExtraConfig:
+ default: {}
+ description: |
+ DEPRECATED use ComputeExtraConfig instead
+ type: json
InternalApiVirtualFixedIPs:
default: []
description: >
{% else %}
default: "%stackname%-{{role.name.lower()}}-%index%"
{% endif %}
-
{{role.name}}RemovalPolicies:
default: []
type: json
description: >
List of server hostnames to blacklist from any triggered deployments.
+parameter_groups:
+- label: deprecated
+ description: Do not use deprecated params, they will be removed.
+ parameters:
+ - controllerExtraConfig
+ - NovaComputeExtraConfig
+
conditions:
add_vips_to_etc_hosts: {equals : [{get_param: AddVipsToEtcHosts}, True]}
properties:
length: 10
+ NetCidrMapValue:
+ type: OS::Heat::Value
+ properties:
+ type: json
+ value:
+ map_replace:
+ - map_merge:
+ - {get_attr: [Networks, net_cidr_map]}
+ - ctlplane: {get_attr: [ControlVirtualIP, subnets, 0, cidr]}
+ - keys:
+ ctlplane: {get_param: NeutronControlPlaneID}
+ values:
+ disabled: {get_attr: [ControlVirtualIP, subnets, 0, cidr]}
+
ServiceNetMap:
type: OS::TripleO::ServiceNetMap
Services:
get_param: {{role.name}}Services
ServiceNetMap: {get_attr: [ServiceNetMap, service_net_map]}
+ ServiceData:
+ net_cidr_map: {get_attr: [NetCidrMapValue, value]}
EndpointMap: {get_attr: [EndpointMap, endpoint_map]}
DefaultPasswords: {get_attr: [DefaultPasswords, passwords]}
RoleName: {{role.name}}
type: json
value: {get_attr: [{{role.name}}ServiceChain, role_data]}
+ {{role.name}}ServiceConfigSettings:
+ type: OS::Heat::Value
+ properties:
+ type: json
+ value:
+ map_merge:
+ - get_attr: [{{role.name}}ServiceChainRoleData, value, config_settings]
+ {% for r in roles %}
+ - get_attr: [{{r.name}}ServiceChainRoleData, value, global_config_settings]
+ {% endfor %}
+ # This next step combines two yaql passes:
+ # - The inner one does a deep merge on the service_config_settings for all roles
+ # - The outer one filters the map based on the services enabled for the role
+ # then merges the result into one map.
+ - yaql:
+ expression: let(root => $) -> $.data.map.items().where($[0] in coalesce($root.data.services, [])).select($[1]).reduce($1.mergeWith($2), {})
+ data:
+ map:
+ yaql:
+ expression: $.data.where($ != null).reduce($1.mergeWith($2), {})
+ data:
+ {% for r in roles %}
+ - get_attr: [{{r.name}}ServiceChainRoleData, value, service_config_settings]
+ {% endfor %}
+ services: {get_attr: [{{role.name}}ServiceNames, value]}
+
+ {{role.name}}MergedConfigSettings:
+ type: OS::Heat::Value
+ properties:
+ type: json
+ value:
+ config_settings: {}
+ global_config_settings: {}
+ service_config_settings: {}
+ merged_config_settings:
+ map_merge:
+ - get_attr: [{{role.name}}ServiceConfigSettings, value]
+ - get_param: ExtraConfig
+ {%- if role.name == 'Controller' %}
+ - map_merge:
+ - get_param: controllerExtraConfig
+ - get_param: {{role.name}}ExtraConfig
+ {%- elif role.name == 'Compute' %}
+ - map_merge:
+ - get_param: NovaComputeExtraConfig
+ - get_param: {{role.name}}ExtraConfig
+ {%- else %}
+ - get_param: {{role.name}}ExtraConfig
+ {%- endif %}
+
# Filter any null/None service_names which may be present due to mapping
# of services to OS::Heat::None
{{role.name}}ServiceNames:
{% else %}
NovaComputeSchedulerHints: {get_param: NovaComputeSchedulerHints}
{% endif %}
- ServiceConfigSettings:
- map_merge:
- - get_attr: [{{role.name}}ServiceChainRoleData, value, config_settings]
- {% for r in roles %}
- - get_attr: [{{r.name}}ServiceChain, role_data, global_config_settings]
- {% endfor %}
- # This next step combines two yaql passes:
- # - The inner one does a deep merge on the service_config_settings for all roles
- # - The outer one filters the map based on the services enabled for the role
- # then merges the result into one map.
- - yaql:
- expression: let(root => $) -> $.data.map.items().where($[0] in coalesce($root.data.services, [])).select($[1]).reduce($1.mergeWith($2), {})
- data:
- map:
- yaql:
- expression: $.data.where($ != null).reduce($1.mergeWith($2), {})
- data:
- {% for r in roles %}
- - get_attr: [{{r.name}}ServiceChain, role_data, service_config_settings]
- {% endfor %}
- services: {get_attr: [{{role.name}}ServiceNames, value]}
+ ServiceConfigSettings: {get_attr: [{{role.name}}ServiceConfigSettings, value]}
ServiceNames: {get_attr: [{{role.name}}ServiceNames, value]}
MonitoringSubscriptions: {get_attr: [{{role.name}}ServiceChainRoleData, value, monitoring_subscriptions]}
ServiceMetadataSettings: {get_attr: [{{role.name}}ServiceChainRoleData, value, service_metadata_settings]}
{% for role in roles %}
- {get_attr: [{{role.name}}IpListMap, short_service_bootstrap_hostnames]}
{% endfor %}
- # FIXME(shardy): These require further work to move into service_ips
- memcache_node_ips: {get_attr: [{{primary_role_name}}IpListMap, net_ip_map, {get_attr: [ServiceNetMap, service_net_map, MemcachedNetwork]}]}
NetVipMap: {get_attr: [VipMap, net_ip_map]}
RedisVirtualIP: {get_attr: [RedisVirtualIP, ip_address]}
ServiceNetMap: {get_attr: [ServiceNetMap, service_net_map_lower]}
StorageMgmtIp: {get_attr: [StorageMgmtVirtualIP, ip_address]}
StorageMgmtIpUri: {get_attr: [StorageMgmtVirtualIP, ip_address_uri]}
# No tenant or management VIP required
+ # Because of nested get_attr functions in the KeystoneAdminVip output, we
+ # can't determine which attributes of VipMap are used until after
+ # ServiceNetMap's attribute values are available.
+ depends_on: ServiceNetMap
# All Nodes Validations
AllNodesValidationConfig:
{% endfor %}
role_data:
{% for role in roles %}
- {{role.name}}: {get_attr: [{{role.name}}ServiceChainRoleData, value]}
+ {{role.name}}:
+ map_merge:
+ - {get_attr: [{{role.name}}ServiceChainRoleData, value]}
+ - {get_attr: [{{role.name}}MergedConfigSettings, value]}
{% endfor %}
ServerOsCollectConfigData:
{{role.name}}: {get_attr: [{{role.name}}, attributes, os_collect_config]}
{% endfor %}
+ DeployedServerEnvironment:
+ type: OS::TripleO::DeployedServerEnvironment
+ properties:
+ RoleCounts:
+{% for role in roles %}
+ {{role.name}}DeployedServerCount: {get_param: {{role.name}}Count}
+{% endfor %}
+ VipMap:
+ map_merge:
+ - {get_attr: [VipMap, net_ip_map]}
+ - redis: {get_attr: [RedisVirtualIP, ip_address]}
+ DeployedServerPortMap:
+ map_merge:
+ list_concat:
+{% for role in roles %}
+ - {get_attr: [{{role.name}}, deployed_server_port_map]}
+{% endfor %}
+ DeployedServerDeploymentSwiftDataMap:
+ map_merge:
+ list_concat:
+{% for role in roles %}
+ - {get_attr: [{{role.name}}, deployed_server_deployment_swift_data_map]}
+{% endfor %}
+ DefaultRouteIp:
+ str_split:
+ - ':'
+ - str_split:
+ - '/'
+ - {get_attr: [ServerOsCollectConfigData, value, {{primary_role_name}}, '0', request, metadata_url]}
+ - 2
+ - 0
+
outputs:
ManagedEndpoints:
description: Asserts that the keystone endpoints have been provisioned.
value: {get_attr: [EndpointMapData, value, KeystonePublic, uri]}
KeystoneAdminVip:
description: Keystone Admin VIP endpoint
+ # Note that these nested get_attr functions require a dependency
+ # relationship between VipMap and ServiceNetMap, since we can't determine
+ # which attributes of VipMap are used until after ServiceNetMap's attribute
+ # values are available. If this is ever reworked to not use nested
+ # get_attr, that dependency can be removed.
value: {get_attr: [VipMap, net_ip_map, {get_attr: [ServiceNetMap, service_net_map, KeystoneAdminApiNetwork]}]}
EndpointMap:
description: |
description: The configuration data associated with each role
value:
{% for role in roles %}
- {{role.name}}: {get_attr: [{{role.name}}ServiceChainRoleData, value]}
+ {{role.name}}:
+ map_merge:
+ - {get_attr: [{{role.name}}ServiceChainRoleData, value]}
+ - {get_attr: [{{role.name}}MergedConfigSettings, value]}
{% endfor %}
RoleNetIpMap:
description: Mapping of each network to a list of IPs for each role
{% endfor %}
ServerOsCollectConfigData:
description: The os-collect-config configuration associated with each server resource
- value:
-{% for role in roles %}
- {{role.name}}: {get_attr: [{{role.name}}, attributes, os_collect_config]}
-{% endfor %}
+ value: {get_attr: [ServerOsCollectConfigData, value]}
VipMap:
description: Mapping of each network to VIP addresses. Also includes the Redis VIP.
value:
ServerIdData:
description: Mapping of each role to a list of nova server IDs and the bootstrap ID
value: {get_attr: [ServerIdMap, value]}
+ DeployedServerEnvironment:
+ description:
+ Environment data that can be used as input into the services stack when
+ using split-stack.
+ value: {get_attr: [DeployedServerEnvironment, deployed_server_environment]}
workflow_parameters:
tripleo.derive_params.v1.derive_parameters:
# DPDK Parameters
- number_of_pmd_cpu_threads_per_numa_node: 2
+ num_phy_cores_per_numa_node_for_pmd: 2
All the parameters specified under the workflow name will be passed as
-``user_input`` to the workflow, while invoking from the tripleoclient.
\ No newline at end of file
+``user_input`` to the workflow, while invoking from the tripleoclient.
workflow_parameters:
tripleo.derive_params.v1.derive_parameters:
######### DPDK Parameters #########
- # Specifices the minimum number of CPU threads to be allocated for DPDK
+ # Specifices the minimum number of CPU physical cores to be allocated for DPDK
# PMD threads. The actual allocation will be based on network config, if
# the a DPDK port is associated with a numa node, then this configuration
- # will be used, else 0.
- number_of_pmd_cpu_threads_per_numa_node: 4
+ # will be used, else 1.
+ num_phy_cores_per_numa_node_for_pmd: 2
# Amount of memory to be configured as huge pages in percentage. Ouf the
# total available memory (excluding the NovaReservedHostMemory), the
# specified percentage of the remaining is configured as huge pages.
type: json
controller_names:
type: comma_delimited_list
- memcache_node_ips:
- type: comma_delimited_list
NetVipMap:
type: json
RedisVirtualIP:
perform configuration on a Heat stack-update.
UpdateIdentifier:
type: string
+ default: ''
description: >
Setting to a previously unused value during stack-update will trigger
package update on all nodes
list_join:
- ','
- {get_param: controller_names}
- memcached_node_ips_v6:
- repeat:
- template: "inet6:[NAME]"
- for_each:
- NAME: {get_param: memcache_node_ips}
deploy_identifier: {get_param: DeployIdentifier}
update_identifier: {get_param: UpdateIdentifier}
stack_action: {get_param: StackAction}
server: {get_resource: BlockStorage}
RoleParameters: {get_param: RoleParameters}
ServiceNames: {get_param: ServiceNames}
+ deployment_actions: {get_attr: [DeploymentActions, value]}
NetworkDeployment:
type: OS::TripleO::SoftwareDeployment
NodeExtraConfig:
depends_on: NodeTLSCAData
type: OS::TripleO::NodeExtraConfig
+ # We have to use conditions here so that we don't break backwards
+ # compatibility with templates everywhere
+ condition: server_not_blacklisted
properties:
server: {get_resource: BlockStorage}
- ['CREATE', 'UPDATE']
- []
+ DeploymentActions:
+ type: OS::Heat::Value
+ properties:
+ value:
+ if:
+ - server_not_blacklisted
+ - ['CREATE', 'UPDATE']
+ - []
+
SshHostPubKey:
type: OS::TripleO::Ssh::HostPubKey
depends_on: BlockStorageDeployment
properties:
server: {get_resource: BlockStorage}
+ deployment_actions: {get_attr: [DeploymentActions, value]}
outputs:
ip_address:
management_ip_address:
description: IP address of the server in the management network
value: {get_attr: [ManagementPort, ip_address]}
+ deployed_server_port_map:
+ description: |
+ Map of Heat created hostname of the server to ip address. This is the
+ hostname before it has been mapped with the HostnameMap parameter, and
+ the IP address from the ctlplane network. This map can be used to construct
+ the DeployedServerPortMap parameter when using split-stack.
+ value:
+ map_replace:
+ - hostname:
+ fixed_ips:
+ - ip_address: {get_attr: [BlockStorage, networks, ctlplane, 0]}
+ - keys:
+ hostname:
+ list_join:
+ - '-'
+ - - {get_param: Hostname}
+ - ctlplane
+ deployed_server_deployment_swift_data_map:
+ description:
+ Map of Heat created hostname of the server to the Swift container and object
+ used to created the temporary url for metadata polling with
+ os-collect-config.
+ value:
+ map_replace:
+ - hostname:
+ container:
+ str_split:
+ - '/'
+ - {get_attr: [BlockStorage, os_collect_config, request, metadata_url]}
+ - 5
+ object:
+ str_split:
+ - '?'
+ - str_split:
+ - '/'
+ - {get_attr: [BlockStorage, os_collect_config, request, metadata_url]}
+ - 6
+ - 0
+ - keys: {hostname: {get_param: Hostname}}
os_collect_config:
description: The os-collect-config configuration associated with this server resource
value: {get_attr: [BlockStorage, os_collect_config]}
server: {get_resource: CephStorage}
RoleParameters: {get_param: RoleParameters}
ServiceNames: {get_param: ServiceNames}
+ deployment_actions: {get_attr: [DeploymentActions, value]}
NetworkDeployment:
type: OS::TripleO::SoftwareDeployment
CephStorageExtraConfigPre:
depends_on: CephStorageDeployment
type: OS::TripleO::CephStorageExtraConfigPre
+ # We have to use conditions here so that we don't break backwards
+ # compatibility with templates everywhere
+ condition: server_not_blacklisted
properties:
server: {get_resource: CephStorage}
NodeExtraConfig:
depends_on: [CephStorageExtraConfigPre, NodeTLSCAData]
type: OS::TripleO::NodeExtraConfig
+ # We have to use conditions here so that we don't break backwards
+ # compatibility with templates everywhere
+ condition: server_not_blacklisted
properties:
server: {get_resource: CephStorage}
- ['CREATE', 'UPDATE']
- []
+ DeploymentActions:
+ type: OS::Heat::Value
+ properties:
+ value:
+ if:
+ - server_not_blacklisted
+ - ['CREATE', 'UPDATE']
+ - []
+
SshHostPubKey:
type: OS::TripleO::Ssh::HostPubKey
depends_on: CephStorageDeployment
properties:
server: {get_resource: CephStorage}
+ deployment_actions: {get_attr: [DeploymentActions, value]}
outputs:
ip_address:
management_ip_address:
description: IP address of the server in the management network
value: {get_attr: [ManagementPort, ip_address]}
+ deployed_server_port_map:
+ description: |
+ Map of Heat created hostname of the server to ip address. This is the
+ hostname before it has been mapped with the HostnameMap parameter, and
+ the IP address from the ctlplane network. This map can be used to construct
+ the DeployedServerPortMap parameter when using split-stack.
+ value:
+ map_replace:
+ - hostname:
+ fixed_ips:
+ - ip_address: {get_attr: [CephStorage, networks, ctlplane, 0]}
+ - keys:
+ hostname:
+ list_join:
+ - '-'
+ - - {get_param: Hostname}
+ - ctlplane
+ deployed_server_deployment_swift_data_map:
+ description:
+ Map of Heat created hostname of the server to the Swift container and object
+ used to created the temporary url for metadata polling with
+ os-collect-config.
+ value:
+ map_replace:
+ - hostname:
+ container:
+ str_split:
+ - '/'
+ - {get_attr: [CephStorage, os_collect_config, request, metadata_url]}
+ - 5
+ object:
+ str_split:
+ - '?'
+ - str_split:
+ - '/'
+ - {get_attr: [CephStorage, os_collect_config, request, metadata_url]}
+ - 6
+ - 0
+ - keys: {hostname: {get_param: Hostname}}
os_collect_config:
description: The os-collect-config configuration associated with this server resource
value: {get_attr: [CephStorage, os_collect_config]}
server: {get_resource: NovaCompute}
RoleParameters: {get_param: RoleParameters}
ServiceNames: {get_param: ServiceNames}
+ deployment_actions: {get_attr: [DeploymentActions, value]}
NetworkConfig:
type: OS::TripleO::Compute::Net::SoftwareConfig
ComputeExtraConfigPre:
depends_on: NovaComputeDeployment
type: OS::TripleO::ComputeExtraConfigPre
+ # We have to use conditions here so that we don't break backwards
+ # compatibility with templates everywhere
+ condition: server_not_blacklisted
properties:
server: {get_resource: NovaCompute}
NodeExtraConfig:
depends_on: [ComputeExtraConfigPre, NodeTLSCAData]
type: OS::TripleO::NodeExtraConfig
+ # We have to use conditions here so that we don't break backwards
+ # compatibility with templates everywhere
+ condition: server_not_blacklisted
properties:
server: {get_resource: NovaCompute}
update_identifier:
get_param: UpdateIdentifier
+ DeploymentActions:
+ type: OS::Heat::Value
+ properties:
+ value:
+ if:
+ - server_not_blacklisted
+ - ['CREATE', 'UPDATE']
+ - []
+
SshHostPubKey:
type: OS::TripleO::Ssh::HostPubKey
depends_on: NovaComputeDeployment
properties:
server: {get_resource: NovaCompute}
+ deployment_actions: {get_attr: [DeploymentActions, value]}
outputs:
ip_address:
management_ip_address:
description: IP address of the server in the management network
value: {get_attr: [ManagementPort, ip_address]}
+ deployed_server_port_map:
+ description: |
+ Map of Heat created hostname of the server to ip address. This is the
+ hostname before it has been mapped with the HostnameMap parameter, and
+ the IP address from the ctlplane network. This map can be used to construct
+ the DeployedServerPortMap parameter when using split-stack.
+ value:
+ map_replace:
+ - hostname:
+ fixed_ips:
+ - ip_address: {get_attr: [NovaCompute, networks, ctlplane, 0]}
+ - keys:
+ hostname:
+ list_join:
+ - '-'
+ - - {get_param: Hostname}
+ - ctlplane
+ deployed_server_deployment_swift_data_map:
+ description:
+ Map of Heat created hostname of the server to the Swift container and object
+ used to created the temporary url for metadata polling with
+ os-collect-config.
+ value:
+ map_replace:
+ - hostname:
+ container:
+ str_split:
+ - '/'
+ - {get_attr: [NovaCompute, os_collect_config, request, metadata_url]}
+ - 5
+ object:
+ str_split:
+ - '?'
+ - str_split:
+ - '/'
+ - {get_attr: [NovaCompute, os_collect_config, request, metadata_url]}
+ - 6
+ - 0
+ - keys: {hostname: {get_param: Hostname}}
hostname:
description: Hostname of the server
value: {get_attr: [NovaCompute, name]}
default: ''
description: Set to True to enable debugging on all services.
type: string
- EnableLoadBalancer:
- default: true
- description: Whether to deploy a LoadBalancer on the Controller
- type: boolean
ExtraConfig:
default: {}
description: |
server: {get_resource: Controller}
RoleParameters: {get_param: RoleParameters}
ServiceNames: {get_param: ServiceNames}
+ deployment_actions: {get_attr: [DeploymentActions, value]}
NetworkConfig:
type: OS::TripleO::Controller::Net::SoftwareConfig
config: {get_resource: ControllerConfig}
server: {get_resource: Controller}
input_values:
- bootstack_nodeid: {get_attr: [Controller, name]}
- enable_load_balancer: {get_param: EnableLoadBalancer}
enable_package_upgrade: {get_attr: [UpdateDeployment, update_managed_packages]}
# Map heat metadata into hiera datafiles
- {get_param: ControllerExtraConfig}
extraconfig: {get_param: ExtraConfig}
controller:
- # data supplied directly to this deployment configuration, etc
- bootstack_nodeid: {get_input: bootstack_nodeid}
- # Pacemaker
- enable_load_balancer: {get_input: enable_load_balancer}
-
# Misc
tripleo::haproxy::service_certificate: {get_attr: [NodeTLSData, deployed_ssl_certificate_path]}
tripleo::packages::enable_upgrade: {get_input: enable_package_upgrade}
ControllerExtraConfigPre:
depends_on: ControllerDeployment
type: OS::TripleO::ControllerExtraConfigPre
+ # We have to use conditions here so that we don't break backwards
+ # compatibility with templates everywhere
+ condition: server_not_blacklisted
properties:
server: {get_resource: Controller}
NodeExtraConfig:
depends_on: [ControllerExtraConfigPre, NodeTLSData]
type: OS::TripleO::NodeExtraConfig
+ # We have to use conditions here so that we don't break backwards
+ # compatibility with templates everywhere
+ condition: server_not_blacklisted
properties:
server: {get_resource: Controller}
update_identifier:
get_param: UpdateIdentifier
+ DeploymentActions:
+ type: OS::Heat::Value
+ properties:
+ value:
+ if:
+ - server_not_blacklisted
+ - ['CREATE', 'UPDATE']
+ - []
+
SshHostPubKey:
type: OS::TripleO::Ssh::HostPubKey
depends_on: ControllerDeployment
properties:
server: {get_resource: Controller}
+ deployment_actions: {get_attr: [DeploymentActions, value]}
outputs:
ip_address:
management_ip_address:
description: IP address of the server in the management network
value: {get_attr: [ManagementPort, ip_address]}
+ deployed_server_port_map:
+ description:
+ Map of Heat created hostname of the server to ip address. This is the
+ hostname before it has been mapped with the HostnameMap parameter, and
+ the IP address from the ctlplane network. This map can be used to construct
+ the DeployedServerPortMap parameter when using split-stack.
+ value:
+ map_replace:
+ - hostname:
+ fixed_ips:
+ - ip_address: {get_attr: [Controller, networks, ctlplane, 0]}
+ - keys:
+ hostname:
+ list_join:
+ - '-'
+ - - {get_param: Hostname}
+ - ctlplane
+ deployed_server_deployment_swift_data_map:
+ description:
+ Map of Heat created hostname of the server to the Swift container and object
+ used to created the temporary url for metadata polling with
+ os-collect-config.
+ value:
+ map_replace:
+ - hostname:
+ container:
+ str_split:
+ - '/'
+ - {get_attr: [Controller, os_collect_config, request, metadata_url]}
+ - 5
+ object:
+ str_split:
+ - '?'
+ - str_split:
+ - '/'
+ - {get_attr: [Controller, os_collect_config, request, metadata_url]}
+ - 6
+ - 0
+ - keys: {hostname: {get_param: Hostname}}
hostname:
description: Hostname of the server
value: {get_attr: [Controller, name]}
echo "$HOST_FQDN $MACS"
fi
- CollectMacDeploymentsController:
+{% for role in roles %}
+ CollectMacDeployments{{role.name}}:
type: OS::Heat::SoftwareDeployments
properties:
- name: CollectMacDeploymentsController
- servers: {get_param: [servers, Controller]}
- config: {get_resource: CollectMacConfig}
- actions: ['CREATE'] # Only do this on CREATE
-
- CollectMacDeploymentsCompute:
- type: OS::Heat::SoftwareDeployments
- properties:
- name: CollectMacDeploymentsCompute
- servers: {get_param: [servers, Compute]}
- config: {get_resource: CollectMacConfig}
- actions: ['CREATE'] # Only do this on CREATE
-
- CollectMacDeploymentsBlockStorage:
- type: OS::Heat::SoftwareDeployments
- properties:
- name: CollectMacDeploymentsBlockStorage
- servers: {get_param: [servers, BlockStorage]}
- config: {get_resource: CollectMacConfig}
- actions: ['CREATE'] # Only do this on CREATE
-
- CollectMacDeploymentsObjectStorage:
- type: OS::Heat::SoftwareDeployments
- properties:
- name: CollectMacDeploymentsObjectStorage
- servers: {get_param: [servers, ObjectStorage]}
- config: {get_resource: CollectMacConfig}
- actions: ['CREATE'] # Only do this on CREATE
-
- CollectMacDeploymentsCephStorage:
- type: OS::Heat::SoftwareDeployments
- properties:
- name: CollectMacDeploymentsCephStorage
- servers: {get_param: [servers, CephStorage]}
+ name: CollectMacDeployments{{role.name}}
+ servers: {get_param: [servers, {{role.name}}]}
config: {get_resource: CollectMacConfig}
actions: ['CREATE'] # Only do this on CREATE
+{% endfor %}
# Now we calculate the additional nexus config based on the mappings
MappingToNexusConfig:
properties:
group: script
inputs:
- - name: controller_mappings
- - name: compute_mappings
- - name: blockstorage_mappings
- - name: objectstorage_mappings
- - name: cephstorage_mappings
+ {%- for role in roles %}
+ - name: {{role.name}}_mappings
+ {%- endfor %}
- name: nexus_config
config: |
#!/bin/python
import os
from copy import deepcopy
- mappings = ['controller_mappings',
- 'compute_mappings',
- 'blockstorage_mappings',
- 'objectstorage_mappings',
- 'cephstorage_mappings',
+ mappings = [{%- for role in roles %}
+ '{{role.name}}_mappings',
+ {%- endfor %}
'nexus_config']
mapdict_list = []
nexus = {}
# FIXME(shardy): It'd be more convenient if we could join these
# items together but because the returned format is a map (not a list)
# we can't use list_join or str_replace. Possible Heat TODO.
- controller_mappings: {get_attr: [CollectMacDeploymentsController, deploy_stdouts]}
- compute_mappings: {get_attr: [CollectMacDeploymentsCompute, deploy_stdouts]}
- blockstorage_mappings: {get_attr: [CollectMacDeploymentsBlockStorage, deploy_stdouts]}
- objectstorage_mappings: {get_attr: [CollectMacDeploymentsObjectStorage, deploy_stdouts]}
- cephstorage_mappings: {get_attr: [CollectMacDeploymentsCephStorage, deploy_stdouts]}
+ {%- for role in roles %}
+ {{role.name}}_mappings: {get_attr: [CollectMacDeployments{{role.name}}, deploy_stdouts]}
+ {%- endfor %}
nexus_config: {get_param: NetworkNexusConfig}
actions: ['CREATE'] # Only do this on CREATE
type: json
UpdateIdentifier:
type: string
+ default: ''
description: >
Setting to a previously unused value during stack-update will trigger
the Upgrade resources to re-run on all roles.
default: 'regionOne'
description: Keystone region for endpoint
NovaPassword:
- description: The password for the nova service and db account, used by nova-api.
+ description: The password for the nova service and db account
type: string
hidden: true
server: {get_resource: SwiftStorage}
RoleParameters: {get_param: RoleParameters}
ServiceNames: {get_param: ServiceNames}
+ deployment_actions: {get_attr: [DeploymentActions, value]}
NetworkDeployment:
type: OS::TripleO::SoftwareDeployment
NodeExtraConfig:
depends_on: NodeTLSCAData
type: OS::TripleO::NodeExtraConfig
+ # We have to use conditions here so that we don't break backwards
+ # compatibility with templates everywhere
+ condition: server_not_blacklisted
properties:
server: {get_resource: SwiftStorage}
- ['CREATE', 'UPDATE']
- []
+ DeploymentActions:
+ type: OS::Heat::Value
+ properties:
+ value:
+ if:
+ - server_not_blacklisted
+ - ['CREATE', 'UPDATE']
+ - []
+
SshHostPubKey:
type: OS::TripleO::Ssh::HostPubKey
depends_on: SwiftStorageHieraDeploy
properties:
server: {get_resource: SwiftStorage}
+ deployment_actions: {get_attr: [DeploymentActions, value]}
outputs:
ip_address:
management_ip_address:
description: IP address of the server in the management network
value: {get_attr: [ManagementPort, ip_address]}
+ deployed_server_port_map:
+ description: |
+ Map of Heat created hostname of the server to ip address. This is the
+ hostname before it has been mapped with the HostnameMap parameter, and
+ the IP address from the ctlplane network. This map can be used to construct
+ the DeployedServerPortMap parameter when using split-stack.
+ value:
+ map_replace:
+ - hostname:
+ fixed_ips:
+ - ip_address: {get_attr: [SwiftStorage, networks, ctlplane, 0]}
+ - keys:
+ hostname:
+ list_join:
+ - '-'
+ - - {get_param: Hostname}
+ - ctlplane
+ deployed_server_deployment_swift_data_map:
+ description:
+ Map of Heat created hostname of the server to the Swift container and object
+ used to created the temporary url for metadata polling with
+ os-collect-config.
+ value:
+ map_replace:
+ - hostname:
+ container:
+ str_split:
+ - '/'
+ - {get_attr: [SwiftStorage, os_collect_config, request, metadata_url]}
+ - 5
+ object:
+ str_split:
+ - '?'
+ - str_split:
+ - '/'
+ - {get_attr: [SwiftStorage, os_collect_config, request, metadata_url]}
+ - 6
+ - 0
+ - keys: {hostname: {get_param: Hostname}}
os_collect_config:
description: The os-collect-config configuration associated with this server resource
value: {get_attr: [SwiftStorage, os_collect_config]}
{% set deploy_steps_max = 6 %}
-
conditions:
{% for step in range(1, deploy_steps_max) %}
WorkflowTasks_Step{{step}}_Enabled:
or:
- {% for role in roles %}
+ {%- for role in roles %}
- not:
equals:
- get_param: [role_data, {{role.name}}, service_workflow_tasks, step{{step}}]
- ''
- False
- {% endfor %}
+ {%- endfor %}
{% endfor %}
resources:
{{role.name}}ArtifactsDeploy:
type: OS::Heat::StructuredDeployments
properties:
+ name: {{role.name}}ArtifactsDeploy
servers: {get_param: [servers, {{role.name}}]}
config: {get_resource: {{role.name}}ArtifactsConfig}
{{role.name}}Config:
type: OS::TripleO::{{role.name}}Config
properties:
- StepConfig: {list_join: ["\n", {get_param: [role_data, {{role.name}}, step_config]}]}
+ StepConfig: {get_param: [role_data, {{role.name}}, step_config]}
# Step through a series of configuration steps
{% for step in range(1, deploy_steps_max) %}
# WorkflowTasks_StepX resource and can be remove
# if https://bugs.launchpad.net/heat/+bug/1700569
# is fixed.
- {% if step == 1 %}
- {% for dep in roles %}
+ {%- if step == 1 %}
+ {%- for dep in roles %}
- {{dep.name}}PreConfig
- {{dep.name}}ArtifactsDeploy
- {% endfor %}
- {% else %}
- {% for dep in roles %}
+ {%- endfor %}
+ {%- else %}
+ {%- for dep in roles %}
- {{dep.name}}Deployment_Step{{step -1}}
- {% endfor %}
- {% endif %}
+ {%- endfor %}
+ {%- endif %}
properties:
name: {{role.name}}Deployment_Step{{step}}
servers: {get_param: [servers, {{role.name}}]}
# after all the previous deployment steps.
{{role.name}}ExtraConfigPost:
depends_on:
- {% for dep in roles %}
+ {%- for dep in roles %}
- {{dep.name}}Deployment_Step5
- {% endfor %}
+ {%- endfor %}
type: OS::TripleO::NodeExtraConfigPost
properties:
servers: {get_param: [servers, {{role.name}}]}
{{role.name}}PostConfig:
type: OS::TripleO::Tasks::{{role.name}}PostConfig
depends_on:
- {% for dep in roles %}
+ {%- for dep in roles %}
- {{dep.name}}ExtraConfigPost
- {% endfor %}
+ {%- endfor %}
properties:
servers: {get_param: servers}
input_values:
type: OS::Mistral::Workflow
condition: WorkflowTasks_Step{{step}}_Enabled
depends_on:
- {% if step == 1 %}
- {% for dep in roles %}
+ {%- if step == 1 %}
+ {%- for dep in roles %}
- {{dep.name}}PreConfig
- {{dep.name}}ArtifactsDeploy
- {% endfor %}
- {% else %}
- {% for dep in roles %}
+ {%- endfor %}
+ {%- else %}
+ {%- for dep in roles %}
- {{dep.name}}Deployment_Step{{step -1}}
- {% endfor %}
- {% endif %}
+ {%- endfor %}
+ {%- endif %}
properties:
name: {list_join: [".", ["tripleo", {get_param: stack_name}, "workflowtasks", "step{{step}}"]]}
type: direct
yaql:
expression: $.data.where($ != '').select($.get('step{{step}}')).where($ != null).flatten()
data:
- {% for role in roles %}
+ {%- for role in roles %}
- get_param: [role_data, {{role.name}}, service_workflow_tasks]
- {% endfor %}
+ {%- endfor %}
WorkflowTasks_Step{{step}}_Execution:
type: OS::Mistral::ExternalResource
params:
env:
service_ips: { get_param: ctlplane_service_ips }
+ role_merged_configs:
+ {%- for r in roles %}
+ {{r.name}}: {get_param: [role_data, {{r.name}}, merged_config_settings]}
+ {%- endfor %}
+ evaluate_env: false
UPDATE:
workflow: { get_resource: WorkflowTasks_Step{{step}} }
params:
env:
service_ips: { get_param: ctlplane_service_ips }
+ role_merged_configs:
+ {%- for r in roles %}
+ {{r.name}}: {get_param: [role_data, {{r.name}}, merged_config_settings]}
+ {%- endfor %}
+ evaluate_env: false
always_update: true
{% endfor %}
# END service_workflow_tasks handling
+{# ## Some variables are set to enable rendering backwards compatible templates #}
+{# ## where a few parameter/resource names don't match the expected pattern #}
+{# ## FIXME: we need some way to deprecate the old inconsistent parameters #}
+{%- if role.name == 'Controller' -%}
+ {%- set deprecated_extraconfig_param = 'controllerExtraConfig' -%}
+{% endif %}
heat_template_version: pike
description: 'OpenStack {{role.name}} node configured by Puppet'
parameters:
description: |
Role specific additional hiera configuration to inject into the cluster.
type: json
+{%- if deprecated_extraconfig_param is defined %}
+ {{deprecated_extraconfig_param}}:
+ default: {}
+ description: |
+ DEPRECATED use {{role.name}}ExtraConfig instead
+ type: json
+{%- endif %}
{{role.name}}IPs:
default: {}
type: json
object: 0
default: {}
+{% if deprecated_extraconfig_param is defined %}
+parameter_groups:
+- label: deprecated
+ description: Do not use deprecated params, they will be removed.
+ parameters:
+ - {{deprecated_extraconfig_param}}
+{%- endif %}
+
conditions:
server_not_blacklisted:
not:
server: {get_resource: {{role.name}}}
RoleParameters: {get_param: RoleParameters}
ServiceNames: {get_param: ServiceNames}
+ deployment_actions: {get_attr: [DeploymentActions, value]}
NetworkDeployment:
type: OS::TripleO::SoftwareDeployment
map_replace:
- {get_param: ServiceConfigSettings}
- values: {get_attr: [NetIpMap, net_ip_map]}
- {{role.name.lower()}}_extraconfig: {get_param: {{role.name}}ExtraConfig}
+ {{role.name.lower()}}_extraconfig:
+ map_merge:
+{%- if deprecated_extraconfig_param is defined %}
+ - {get_param: {{deprecated_extraconfig_param}}}
+{%- endif %}
+ - {get_param: {{role.name}}ExtraConfig}
extraconfig: {get_param: ExtraConfig}
{{role.name.lower()}}:
tripleo::packages::enable_upgrade: {get_input: enable_package_upgrade}
fqdn_management: {get_attr: [NetHostMap, value, management, fqdn]}
fqdn_ctlplane: {get_attr: [NetHostMap, value, ctlplane, fqdn]}
fqdn_external: {get_attr: [NetHostMap, value, external, fqdn]}
+ {%- if 'primary' in role.tags and 'controller' in role.tags %}
+ tripleo::haproxy::service_certificate: {get_attr: [NodeTLSData, deployed_ssl_certificate_path]}
+ {%- endif -%}
# Resource for site-specific injection of root certificate
NodeTLSCAData:
- depends_on: {{role.name}}Deployment
+ depends_on: NetworkDeployment
type: OS::TripleO::NodeTLSCAData
properties:
server: {get_resource: {{role.name}}}
+ {%- if 'primary' in role.tags and 'controller' in role.tags %}
+ # Resource for site-specific passing of private keys/certificates
+ NodeTLSData:
+ depends_on: NodeTLSCAData
+ type: OS::TripleO::NodeTLSData
+ properties:
+ server: {get_resource: {{role.name}}}
+ NodeIndex: {get_param: NodeIndex}
+ {%- endif -%}
+
# Hook for site-specific additional pre-deployment config, e.g extra hieradata
{{role.name}}ExtraConfigPre:
depends_on: {{role.name}}Deployment
type: OS::TripleO::{{role.name}}ExtraConfigPre
+ # We have to use conditions here so that we don't break backwards
+ # compatibility with templates everywhere
+ condition: server_not_blacklisted
properties:
server: {get_resource: {{role.name}}}
# Hook for site-specific additional pre-deployment config,
# applying to all nodes, e.g node registration/unregistration
NodeExtraConfig:
- depends_on: [{{role.name}}ExtraConfigPre, NodeTLSCAData]
+ depends_on:
+ - {{role.name}}ExtraConfigPre
+ {%- if 'primary' in role.tags and 'controller' in role.tags %}
+ - NodeTLSData
+ {%- else %}
+ - NodeTLSCAData
+ {%- endif %}
type: OS::TripleO::NodeExtraConfig
+ # We have to use conditions here so that we don't break backwards
+ # compatibility with templates everywhere
+ condition: server_not_blacklisted
properties:
server: {get_resource: {{role.name}}}
- ['CREATE', 'UPDATE']
- []
+ DeploymentActions:
+ type: OS::Heat::Value
+ properties:
+ value:
+ if:
+ - server_not_blacklisted
+ - ['CREATE', 'UPDATE']
+ - []
+
SshHostPubKey:
type: OS::TripleO::Ssh::HostPubKey
depends_on: {{role.name}}Deployment
properties:
server: {get_resource: {{role.name}}}
+ deployment_actions: {get_attr: [DeploymentActions, value]}
outputs:
ip_address:
value:
{get_resource: {{role.name}}}
condition: server_not_blacklisted
+ deployed_server_port_map:
+ description: |
+ Map of Heat created hostname of the server to ip address. This is the
+ hostname before it has been mapped with the HostnameMap parameter, and
+ the IP address from the ctlplane network. This map can be used to construct
+ the DeployedServerPortMap parameter when using split-stack.
+ value:
+ map_replace:
+ - hostname:
+ fixed_ips:
+ - ip_address: {get_attr: [{{role.name}}, networks, ctlplane, 0]}
+ - keys:
+ hostname:
+ list_join:
+ - '-'
+ - - {get_param: Hostname}
+ - ctlplane
+ deployed_server_deployment_swift_data_map:
+ description:
+ Map of Heat created hostname of the server to the Swift container and object
+ used to created the temporary url for metadata polling with
+ os-collect-config.
+ value:
+ map_replace:
+ - hostname:
+ container:
+ str_split:
+ - '/'
+ - {get_attr: [{{role.name}}, os_collect_config, request, metadata_url]}
+ - 5
+ object:
+ str_split:
+ - '?'
+ - str_split:
+ - '/'
+ - {get_attr: [{{role.name}}, os_collect_config, request, metadata_url]}
+ - 6
+ - 0
+ - keys: {hostname: {get_param: Hostname}}
+ {%- if 'primary' in role.tags and 'controller' in role.tags %}
+ tls_key_modulus_md5:
+ description: MD5 checksum of the TLS Key Modulus
+ value: {get_attr: [NodeTLSData, key_modulus_md5]}
+ tls_cert_modulus_md5:
+ description: MD5 checksum of the TLS Certificate Modulus
+ value: {get_attr: [NodeTLSData, cert_modulus_md5]}
+ {%- endif %}
os_collect_config:
description: The os-collect-config configuration associated with this server resource
value: {get_attr: [{{role.name}}, os_collect_config]}
OpenStack Aodh API service configured with Puppet
parameters:
+ ServiceData:
+ default: {}
+ description: Dictionary packing service data
+ type: json
ServiceNetMap:
default: {}
description: Mapping of service_name -> network name. Typically set
description: Mapping of service endpoint -> protocol. Typically set
via parameter_defaults in the resource registry.
type: json
+ GnocchiExternalProject:
+ default: 'service'
+ description: Project name of resources creator in Gnocchi.
+ type: string
MonitoringSubscriptionAodhApi:
default: 'overcloud-ceilometer-aodh-api'
type: string
AodhBase:
type: ./aodh-base.yaml
properties:
+ ServiceData: {get_param: ServiceData}
ServiceNetMap: {get_param: ServiceNetMap}
DefaultPasswords: {get_param: DefaultPasswords}
EndpointMap: {get_param: EndpointMap}
ApacheServiceBase:
type: ./apache.yaml
properties:
+ ServiceData: {get_param: ServiceData}
ServiceNetMap: {get_param: ServiceNetMap}
DefaultPasswords: {get_param: DefaultPasswords}
EndpointMap: {get_param: EndpointMap}
aodh::wsgi::apache::wsgi_process_display_name: 'aodh_wsgi'
aodh::api::service_name: 'httpd'
aodh::api::enable_proxy_headers_parsing: true
+ aodh::api::gnocchi_external_project_owner: {get_param: GnocchiExternalProject}
aodh::policy::policies: {get_param: AodhApiPolicies}
tripleo.aodh_api.firewall_rules:
'128 aodh-api':
OpenStack Aodh service configured with Puppet
parameters:
+ ServiceData:
+ default: {}
+ description: Dictionary packing service data
+ type: json
ServiceNetMap:
default: {}
description: Mapping of service_name -> network name. Typically set
type: string
default: 'regionOne'
description: Keystone region for endpoint
+ NotificationDriver:
+ type: string
+ default: 'messagingv2'
+ description: Driver or drivers to handle sending notifications.
+ constraints:
+ - allowed_values: [ 'messagingv2', 'noop' ]
conditions:
service_debug_unset: {equals : [{get_param: AodhDebug}, '']}
- {get_param: Debug }
- {get_param: AodhDebug }
aodh::auth::auth_url: {get_param: [EndpointMap, KeystoneInternal, uri_no_suffix] }
+ aodh::notification_driver: {get_param: NotificationDriver}
aodh::rabbit_userid: {get_param: RabbitUserName}
aodh::rabbit_password: {get_param: RabbitPassword}
aodh::rabbit_use_ssl: {get_param: RabbitClientUseSSL}
OpenStack Aodh Evaluator service configured with Puppet
parameters:
+ ServiceData:
+ default: {}
+ description: Dictionary packing service data
+ type: json
ServiceNetMap:
default: {}
description: Mapping of service_name -> network name. Typically set
AodhBase:
type: ./aodh-base.yaml
properties:
+ ServiceData: {get_param: ServiceData}
ServiceNetMap: {get_param: ServiceNetMap}
DefaultPasswords: {get_param: DefaultPasswords}
EndpointMap: {get_param: EndpointMap}
OpenStack Aodh Listener service configured with Puppet
parameters:
+ ServiceData:
+ default: {}
+ description: Dictionary packing service data
+ type: json
ServiceNetMap:
default: {}
description: Mapping of service_name -> network name. Typically set
AodhBase:
type: ./aodh-base.yaml
properties:
+ ServiceData: {get_param: ServiceData}
ServiceNetMap: {get_param: ServiceNetMap}
DefaultPasswords: {get_param: DefaultPasswords}
EndpointMap: {get_param: EndpointMap}
OpenStack Aodh Notifier service configured with Puppet
parameters:
+ ServiceData:
+ default: {}
+ description: Dictionary packing service data
+ type: json
ServiceNetMap:
default: {}
description: Mapping of service_name -> network name. Typically set
AodhBase:
type: ./aodh-base.yaml
properties:
+ ServiceData: {get_param: ServiceData}
ServiceNetMap: {get_param: ServiceNetMap}
DefaultPasswords: {get_param: DefaultPasswords}
EndpointMap: {get_param: EndpointMap}
default: 256
description: Maximum number of Apache processes.
type: number
+ ServiceData:
+ default: {}
+ description: Dictionary packing service data
+ type: json
ServiceNetMap:
default: {}
description: Mapping of service_name -> network name. Typically set
AuditD configured with Puppet
parameters:
+ ServiceData:
+ default: {}
+ description: Dictionary packing service data
+ type: json
ServiceNetMap:
default: {}
description: Mapping of service_name -> network name. Typically set
OpenStack Barbican API service configured with Puppet
parameters:
+ ServiceData:
+ default: {}
+ description: Dictionary packing service data
+ type: json
ServiceNetMap:
default: {}
description: Mapping of service_name -> network name. Typically set
e.g. { barbican-context_is_admin: { key: context_is_admin, value: 'role:admin' } }
default: {}
type: json
+ NotificationDriver:
+ type: string
+ default: 'messagingv2'
+ description: Driver or drivers to handle sending notifications.
+ constraints:
+ - allowed_values: [ 'messagingv2', 'noop' ]
resources:
ApacheServiceBase:
type: ./apache.yaml
properties:
+ ServiceData: {get_param: ServiceData}
ServiceNetMap: {get_param: ServiceNetMap}
DefaultPasswords: {get_param: DefaultPasswords}
EndpointMap: {get_param: EndpointMap}
- service_debug_unset
- {get_param: Debug }
- {get_param: BarbicanDebug }
+ barbican::api::notification_driver: {get_param: NotificationDriver}
barbican::api::rabbit_use_ssl: {get_param: RabbitClientUseSSL}
barbican::api::rabbit_userid: {get_param: RabbitUserName}
barbican::api::rabbit_password: {get_param: RabbitPassword}
HAproxy service configured with Puppet
parameters:
+ ServiceData:
+ default: {}
+ description: Dictionary packing service data
+ type: json
ServiceNetMap:
default: {}
description: Mapping of service_name -> network name. Typically set
OpenStack Ceilometer Central Agent service configured with Puppet
parameters:
+ ServiceData:
+ default: {}
+ description: Dictionary packing service data
+ type: json
ServiceNetMap:
default: {}
description: Mapping of service_name -> network name. Typically set
CeilometerServiceBase:
type: ./ceilometer-base.yaml
properties:
+ ServiceData: {get_param: ServiceData}
ServiceNetMap: {get_param: ServiceNetMap}
DefaultPasswords: {get_param: DefaultPasswords}
EndpointMap: {get_param: EndpointMap}
OpenStack Ceilometer Compute Agent service configured with Puppet
parameters:
+ ServiceData:
+ default: {}
+ description: Dictionary packing service data
+ type: json
ServiceNetMap:
default: {}
description: Mapping of service_name -> network name. Typically set
CeilometerServiceBase:
type: ./ceilometer-base.yaml
properties:
+ ServiceData: {get_param: ServiceData}
ServiceNetMap: {get_param: ServiceNetMap}
DefaultPasswords: {get_param: DefaultPasswords}
EndpointMap: {get_param: EndpointMap}
OpenStack Ceilometer Ipmi Agent service configured with Puppet
parameters:
+ ServiceData:
+ default: {}
+ description: Dictionary packing service data
+ type: json
ServiceNetMap:
default: {}
description: Mapping of service_name -> network name. Typically set
CeilometerServiceBase:
type: ./ceilometer-base.yaml
properties:
+ ServiceData: {get_param: ServiceData}
ServiceNetMap: {get_param: ServiceNetMap}
DefaultPasswords: {get_param: DefaultPasswords}
EndpointMap: {get_param: EndpointMap}
OpenStack Ceilometer Notification Agent service configured with Puppet
parameters:
+ ServiceData:
+ default: {}
+ description: Dictionary packing service data
+ type: json
ServiceNetMap:
default: {}
description: Mapping of service_name -> network name. Typically set
CeilometerServiceBase:
type: ./ceilometer-base.yaml
properties:
+ ServiceData: {get_param: ServiceData}
ServiceNetMap: {get_param: ServiceNetMap}
DefaultPasswords: {get_param: DefaultPasswords}
EndpointMap: {get_param: EndpointMap}
OpenStack Ceilometer API service configured with Puppet
parameters:
+ ServiceData:
+ default: {}
+ description: Dictionary packing service data
+ type: json
ServiceNetMap:
default: {}
description: Mapping of service_name -> network name. Typically set
CeilometerServiceBase:
type: ./ceilometer-base.yaml
properties:
+ ServiceData: {get_param: ServiceData}
ServiceNetMap: {get_param: ServiceNetMap}
DefaultPasswords: {get_param: DefaultPasswords}
EndpointMap: {get_param: EndpointMap}
ApacheServiceBase:
type: ./apache.yaml
properties:
+ ServiceData: {get_param: ServiceData}
ServiceNetMap: {get_param: ServiceNetMap}
DefaultPasswords: {get_param: DefaultPasswords}
EndpointMap: {get_param: EndpointMap}
OpenStack Ceilometer service configured with Puppet
parameters:
+ ServiceData:
+ default: {}
+ description: Dictionary packing service data
+ type: json
ServiceNetMap:
default: {}
description: Mapping of service_name -> network name. Typically set
description: The user password for SNMPd with readonly rights running on all Overcloud nodes
type: string
hidden: true
+ NotificationDriver:
+ type: string
+ default: 'messagingv2'
+ description: Driver or drivers to handle sending notifications.
+ constraints:
+ - allowed_values: [ 'messagingv2', 'noop' ]
conditions:
service_debug_unset: {equals : [{get_param: CeilometerDebug}, '']}
ceilometer::dispatcher::gnocchi::filter_project: 'service'
ceilometer::dispatcher::gnocchi::archive_policy: 'low'
ceilometer::dispatcher::gnocchi::resources_definition_file: 'gnocchi_resources.yaml'
+ ceilometer::notification_driver: {get_param: NotificationDriver}
ceilometer::rabbit_userid: {get_param: RabbitUserName}
ceilometer::rabbit_password: {get_param: RabbitPassword}
ceilometer::rabbit_use_ssl: {get_param: RabbitClientUseSSL}
This service is deprecated and will be removed in future releases.
parameters:
+ ServiceData:
+ default: {}
+ description: Dictionary packing service data
+ type: json
ServiceNetMap:
default: {}
description: Mapping of service_name -> network name. Typically set
CeilometerServiceBase:
type: ./ceilometer-base.yaml
properties:
+ ServiceData: {get_param: ServiceData}
ServiceNetMap: {get_param: ServiceNetMap}
DefaultPasswords: {get_param: DefaultPasswords}
EndpointMap: {get_param: EndpointMap}
MongoDbBase:
type: ./database/mongodb-base.yaml
properties:
+ ServiceData: {get_param: ServiceData}
ServiceNetMap: {get_param: ServiceNetMap}
DefaultPasswords: {get_param: DefaultPasswords}
EndpointMap: {get_param: EndpointMap}
future releases.
parameters:
+ ServiceData:
+ default: {}
+ description: Dictionary packing service data
+ type: json
ServiceNetMap:
default: {}
description: Mapping of service_name -> network name. Typically set
CeilometerServiceBase:
type: ./ceilometer-base.yaml
properties:
+ ServiceData: {get_param: ServiceData}
ServiceNetMap: {get_param: ServiceNetMap}
DefaultPasswords: {get_param: DefaultPasswords}
EndpointMap: {get_param: EndpointMap}
NovaRbdPoolName:
default: vms
type: string
+ ServiceData:
+ default: {}
+ description: Dictionary packing service data
+ type: json
ServiceNetMap:
default: {}
description: Mapping of service_name -> network name. Typically set
Ceph Client service.
parameters:
+ ServiceData:
+ default: {}
+ description: Dictionary packing service data
+ type: json
ServiceNetMap:
default: {}
description: Mapping of service_name -> network name. Typically set
CephBase:
type: ./ceph-base.yaml
properties:
+ ServiceData: {get_param: ServiceData}
ServiceNetMap: {get_param: ServiceNetMap}
DefaultPasswords: {get_param: DefaultPasswords}
EndpointMap: {get_param: EndpointMap}
NovaRbdPoolName:
default: vms
type: string
+ ServiceData:
+ default: {}
+ description: Dictionary packing service data
+ type: json
ServiceNetMap:
default: {}
description: Mapping of service_name -> network name. Typically set
Ceph MDS service.
parameters:
+ ServiceData:
+ default: {}
+ description: Dictionary packing service data
+ type: json
ServiceNetMap:
default: {}
description: Mapping of service_name -> network name. Typically set
CephBase:
type: ./ceph-base.yaml
properties:
+ ServiceData: {get_param: ServiceData}
ServiceNetMap: {get_param: ServiceNetMap}
DefaultPasswords: {get_param: DefaultPasswords}
EndpointMap: {get_param: EndpointMap}
Ceph Monitor service.
parameters:
+ ServiceData:
+ default: {}
+ description: Dictionary packing service data
+ type: json
ServiceNetMap:
default: {}
description: Mapping of service_name -> network name. Typically set
type: json
CephValidationRetries:
type: number
- default: 5
+ default: 40
description: Number of retry attempts for Ceph validation
CephValidationDelay:
type: number
- default: 10
+ default: 30
description: Interval (in seconds) in between validation checks
MonitoringSubscriptionCephMon:
default: 'overcloud-ceph-mon'
CephBase:
type: ./ceph-base.yaml
properties:
+ ServiceData: {get_param: ServiceData}
ServiceNetMap: {get_param: ServiceNetMap}
DefaultPasswords: {get_param: DefaultPasswords}
EndpointMap: {get_param: EndpointMap}
Ceph OSD service.
parameters:
+ ServiceData:
+ default: {}
+ description: Dictionary packing service data
+ type: json
ServiceNetMap:
default: {}
description: Mapping of service_name -> network name. Typically set
CephBase:
type: ./ceph-base.yaml
properties:
+ ServiceData: {get_param: ServiceData}
ServiceNetMap: {get_param: ServiceNetMap}
DefaultPasswords: {get_param: DefaultPasswords}
EndpointMap: {get_param: EndpointMap}
Ceph RadosGW service.
parameters:
+ ServiceData:
+ default: {}
+ description: Dictionary packing service data
+ type: json
ServiceNetMap:
default: {}
description: Mapping of service_name -> network name. Typically set
type: string
hidden: true
SwiftPassword:
- description: The password for the swift service account, used by the Ceph RGW services.
+ description: The password for the swift service account
type: string
hidden: true
KeystoneRegion:
CephBase:
type: ./ceph-base.yaml
properties:
+ ServiceData: {get_param: ServiceData}
ServiceNetMap: {get_param: ServiceNetMap}
DefaultPasswords: {get_param: DefaultPasswords}
EndpointMap: {get_param: EndpointMap}
Requests certificates using certmonger through Puppet
parameters:
+ ServiceData:
+ default: {}
+ description: Dictionary packing service data
+ type: json
ServiceNetMap:
default: {}
description: Mapping of service_name -> network name. Typically set
description: The password for the cinder service account, used by cinder-api.
type: string
hidden: true
+ ServiceData:
+ default: {}
+ description: Dictionary packing service data
+ type: json
ServiceNetMap:
default: {}
description: Mapping of service_name -> network name. Typically set
e.g. { cinder-context_is_admin: { key: context_is_admin, value: 'role:admin' } }
default: {}
type: json
+ NotificationDriver:
+ type: string
+ default: 'messagingv2'
+ description: Driver or drivers to handle sending notifications.
+ constraints:
+ - allowed_values: [ 'messagingv2', 'noop' ]
conditions:
cinder_workers_zero: {equals : [{get_param: CinderWorkers}, 0]}
ApacheServiceBase:
type: ./apache.yaml
properties:
+ ServiceData: {get_param: ServiceData}
ServiceNetMap: {get_param: ServiceNetMap}
DefaultPasswords: {get_param: DefaultPasswords}
EndpointMap: {get_param: EndpointMap}
CinderBase:
type: ./cinder-base.yaml
properties:
+ ServiceData: {get_param: ServiceData}
ServiceNetMap: {get_param: ServiceNetMap}
DefaultPasswords: {get_param: DefaultPasswords}
EndpointMap: {get_param: EndpointMap}
cinder::keystone::authtoken::user_domain_name: 'Default'
cinder::keystone::authtoken::project_domain_name: 'Default'
cinder::policy::policies: {get_param: CinderApiPolicies}
+ cinder::ceilometer::notification_driver: {get_param: NotificationDriver}
cinder::api::enable_proxy_headers_parsing: true
cinder::api::nova_catalog_info: 'compute:nova:internalURL'
CinderDellPsSanPassword:
type: string
hidden: true
+ CinderDellPsSanPrivateKey:
+ type: string
+ default: ''
CinderDellPsSanThinProvision:
type: boolean
default: true
CinderDellPsUseChap:
type: boolean
default: false
+ ServiceData:
+ default: {}
+ description: Dictionary packing service data
+ type: json
ServiceNetMap:
default: {}
description: Mapping of service_name -> network name. Typically set
cinder::backend::eqlx::san_ip: {get_param: CinderDellPsSanIp}
cinder::backend::eqlx::san_login: {get_param: CinderDellPsSanLogin}
cinder::backend::eqlx::san_password: {get_param: CinderDellPsSanPassword}
+ cinder::backend::eqlx::san_private_key: {get_param: CinderDellPsSanPrivateKey}
cinder::backend::eqlx::san_thin_provision: {get_param: CinderDellPsSanThinProvision}
cinder::backend::eqlx::eqlx_group_name: {get_param: CinderDellPsGroupname}
cinder::backend::eqlx::eqlx_pool: {get_param: CinderDellPsPool}
CinderDellScExcludedDomainIp:
type: string
default: ''
+ ServiceData:
+ default: {}
+ description: Dictionary packing service data
+ type: json
ServiceNetMap:
default: {}
description: Mapping of service_name -> network name. Typically set
description: Openstack Cinder Netapp backend
parameters:
+ ServiceData:
+ default: {}
+ description: Dictionary packing service data
+ type: json
ServiceNetMap:
default: {}
description: Mapping of service_name -> network name. Typically set
Openstack Cinder Pure Storage FlashArray backend
parameters:
+ ServiceData:
+ default: {}
+ description: Dictionary packing service data
+ type: json
ServiceNetMap:
default: {}
description: Mapping of service_name -> network name. Typically set
CinderScaleIOSanThinProvision:
type: boolean
default: true
+ ServiceData:
+ default: {}
+ description: Dictionary packing service data
+ type: json
ServiceNetMap:
default: {}
description: Mapping of service_name -> network name. Typically set
--- /dev/null
+# Copyright (c) 2017 Veritas Technologies LLC.
+#
+# Licensed under the Apache License, Version 2.0 (the "License");
+# you may not use this file except in compliance with the License.
+# You may obtain a copy of the License at
+#
+# http://www.apache.org/licenses/LICENSE-2.0
+#
+# Unless required by applicable law or agreed to in writing, software
+# distributed under the License is distributed on an "AS IS" BASIS,
+# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+# See the License for the specific language governing permissions and
+# limitations under the License.
+heat_template_version: ocata
+
+description: >
+ Openstack Veritas HyperScale backend
+
+parameters:
+ ServiceData:
+ default: {}
+ description: Dictionary packing service data
+ type: json
+
+ ServiceNetMap:
+ default: {}
+ description: Mapping of service_name -> network name. Typically set
+ via parameter_defaults in the resource registry. This
+ mapping overrides those in ServiceNetMapDefaults.
+ type: json
+ DefaultPasswords:
+ default: {}
+ type: json
+ RoleName:
+ default: ''
+ description: Role name on which the service is applied
+ type: string
+ RoleParameters:
+ default: {}
+ description: Parameters specific to the role
+ type: json
+ EndpointMap:
+ default: {}
+ type: json
+ description: Mapping of service endpoint -> protocol. Typically set
+ via parameter_defaults in the resource registry.
+
+outputs:
+ role_data:
+ description: Role data for the Cinder Veritas HyperScale backend.
+ value:
+ service_name: cinder_backend_veritas_hyperscale
+ config_settings:
+ tripleo::profile::base::cinder::volume::cinder_enable_vrts_hs_backend: true
+ step_config: |
+ include ::tripleo::profile::base::cinder::volume
CephClientUserName:
default: openstack
type: string
+ ServiceData:
+ default: {}
+ description: Dictionary packing service data
+ type: json
ServiceNetMap:
default: {}
description: Mapping of service_name -> network name. Typically set
CinderBase:
type: ./cinder-base.yaml
properties:
+ ServiceData: {get_param: ServiceData}
ServiceNetMap: {get_param: ServiceNetMap}
DefaultPasswords: {get_param: DefaultPasswords}
EndpointMap: {get_param: EndpointMap}
default: ''
description: Set to True to enable debugging on Cinder services.
type: string
+ ServiceData:
+ default: {}
+ description: Dictionary packing service data
+ type: json
ServiceNetMap:
default: {}
description: Mapping of service_name -> network name. Typically set
CinderHPELeftHandDebug:
type: boolean
default: false
+ ServiceData:
+ default: {}
+ description: Dictionary packing service data
+ type: json
ServiceNetMap:
default: {}
description: Mapping of service_name -> network name. Typically set
OpenStack Cinder Scheduler service configured with Puppet
parameters:
+ ServiceData:
+ default: {}
+ description: Dictionary packing service data
+ type: json
ServiceNetMap:
default: {}
description: Mapping of service_name -> network name. Typically set
CinderBase:
type: ./cinder-base.yaml
properties:
+ ServiceData: {get_param: ServiceData}
ServiceNetMap: {get_param: ServiceNetMap}
DefaultPasswords: {get_param: DefaultPasswords}
EndpointMap: {get_param: EndpointMap}
CephClientUserName:
default: openstack
type: string
+ ServiceData:
+ default: {}
+ description: Dictionary packing service data
+ type: json
ServiceNetMap:
default: {}
description: Mapping of service_name -> network name. Typically set
CinderBase:
type: ./cinder-base.yaml
properties:
+ ServiceData: {get_param: ServiceData}
ServiceNetMap: {get_param: ServiceNetMap}
DefaultPasswords: {get_param: DefaultPasswords}
EndpointMap: {get_param: EndpointMap}
OpenStack Congress service configured with Puppet
parameters:
+ ServiceData:
+ default: {}
+ description: Dictionary packing service data
+ type: json
ServiceNetMap:
default: {}
description: Mapping of service_name -> network name. Typically set
Debug:
type: string
default: ''
+ description: Set to True to enable debugging on all services.
CongressDebug:
default: ''
description: Set to True to enable debugging Glance service.
e.g. { congress-context_is_admin: { key: context_is_admin, value: 'role:admin' } }
default: {}
type: json
+ NotificationDriver:
+ type: string
+ default: 'messagingv2'
+ description: Driver or drivers to handle sending notifications.
+ constraints:
+ - allowed_values: [ 'messagingv2', 'noop' ]
conditions:
service_debug_unset: {equals : [{get_param: CongressDebug}, '']}
- {get_param: Debug }
- {get_param: CongressDebug }
congress::rpc_backend: rabbit
+ congress::notification_driver: {get_param: NotificationDriver}
congress::rabbit_userid: {get_param: RabbitUserName}
congress::rabbit_password: {get_param: RabbitPassword}
congress::rabbit_use_ssl: {get_param: RabbitClientUseSSL}
MongoDbReplset:
type: string
default: "tripleo"
+ ServiceData:
+ default: {}
+ description: Dictionary packing service data
+ type: json
ServiceNetMap:
default: {}
description: Mapping of service_name -> network name. Typically set
parameters:
#Parameters not used EndpointMap
+ ServiceData:
+ default: {}
+ description: Dictionary packing service data
+ type: json
ServiceNetMap:
default: {}
description: Mapping of service_name -> network name. Typically set
MongoDbBase:
type: ./mongodb-base.yaml
properties:
+ ServiceData: {get_param: ServiceData}
ServiceNetMap: {get_param: ServiceNetMap}
DefaultPasswords: {get_param: DefaultPasswords}
EndpointMap: {get_param: EndpointMap}
Mysql client settings
parameters:
+ ServiceData:
+ default: {}
+ description: Dictionary packing service data
+ type: json
ServiceNetMap:
default: {}
description: Mapping of service_name -> network name. Typically set
parameters:
#Parameters not used EndpointMap
+ ServiceData:
+ default: {}
+ description: Dictionary packing service data
+ type: json
ServiceNetMap:
default: {}
description: Mapping of service_name -> network name. Typically set
description: Whether to use Galera instead of regular MariaDB.
type: boolean
NovaPassword:
- description: The password for the nova db account
+ description: The password for the nova service and db account
type: string
hidden: true
EnableInternalTLS:
parameters:
RedisPassword:
- description: The password for Redis
+ description: The password for the redis service account.
type: string
hidden: true
RedisFDLimit:
description: Configure Redis FD limit
type: string
default: 10240
+ ServiceData:
+ default: {}
+ description: Dictionary packing service data
+ type: json
ServiceNetMap:
default: {}
description: Mapping of service_name -> network name. Typically set
OpenStack Redis service configured with Puppet
parameters:
+ ServiceData:
+ default: {}
+ description: Dictionary packing service data
+ type: json
ServiceNetMap:
default: {}
description: Mapping of service_name -> network name. Typically set
RedisBase:
type: ./redis-base.yaml
properties:
+ ServiceData: {get_param: ServiceData}
ServiceNetMap: {get_param: ServiceNetMap}
DefaultPasswords: {get_param: DefaultPasswords}
EndpointMap: {get_param: EndpointMap}
--- /dev/null
+heat_template_version: pike
+
+description: >
+ OpenStack Ceilometer API service, disabled since pike
+
+parameters:
+ ServiceData:
+ default: {}
+ description: Dictionary packing service data
+ type: json
+ ServiceNetMap:
+ default: {}
+ description: Mapping of service_name -> network name. Typically set
+ via parameter_defaults in the resource registry. This
+ mapping overrides those in ServiceNetMapDefaults.
+ type: json
+ DefaultPasswords:
+ default: {}
+ type: json
+ RoleName:
+ default: ''
+ description: Role name on which the service is applied
+ type: string
+ RoleParameters:
+ default: {}
+ description: Parameters specific to the role
+ type: json
+ EndpointMap:
+ default: {}
+ description: Mapping of service endpoint -> protocol. Typically set
+ via parameter_defaults in the resource registry.
+ type: json
+
+outputs:
+ role_data:
+ description: Role data for the disabled Ceilometer API role.
+ value:
+ service_name: ceilometer_api_disabled
+ upgrade_tasks:
+ - name: Purge Ceilometer apache config files
+ tags: step1
+ file: path=/etc/httpd/conf.d/10-ceilometer_wsgi.conf state=absent
+ - name: Clean up ceilometer port from ports.conf
+ tags: step1
+ lineinfile: dest=/etc/httpd/conf/ports.conf state=absent regexp="8777$"
OpenStack Ceilometer Collector service, disabled since pike
parameters:
+ ServiceData:
+ default: {}
+ description: Dictionary packing service data
+ type: json
ServiceNetMap:
default: {}
description: Mapping of service_name -> network name. Typically set
OpenStack Ceilometer Expirer service, disabled since pike
parameters:
+ ServiceData:
+ default: {}
+ description: Dictionary packing service data
+ type: json
ServiceNetMap:
default: {}
description: Mapping of service_name -> network name. Typically set
OpenStack Glance Registry service, disabled since ocata
parameters:
+ ServiceData:
+ default: {}
+ description: Dictionary packing service data
+ type: json
ServiceNetMap:
default: {}
description: Mapping of service_name -> network name. Typically set
Mongodb service, disabled by default since pike
parameters:
+ ServiceData:
+ default: {}
+ description: Dictionary packing service data
+ type: json
ServiceNetMap:
default: {}
description: Mapping of service_name -> network name. Typically set
Configures docker on the host
parameters:
- DockerNamespace:
- description: namespace
- default: tripleoupstream
+ DockerInsecureRegistryAddress:
+ description: Optional. The IP Address and Port of an insecure docker
+ namespace that will be configured in /etc/sysconfig/docker.
type: string
- DockerNamespaceIsRegistry:
- type: boolean
- default: false
+ default: ''
EndpointMap:
default: {}
description: Mapping of service endpoint -> protocol. Typically set
via parameter_defaults in the resource registry.
type: json
+ ServiceData:
+ default: {}
+ description: Dictionary packing service data
+ type: json
ServiceNetMap:
default: {}
description: Mapping of service_name -> network name. Typically set
description: Parameters specific to the role
type: json
+conditions:
+ insecure_registry_is_empty: {equals : [{get_param: DockerInsecureRegistryAddress}, '']}
+
outputs:
role_data:
description: Role data for the docker service
value:
service_name: docker
config_settings:
- tripleo::profile::base::docker::docker_namespace: {get_param: DockerNamespace}
- tripleo::profile::base::docker::insecure_registry: {get_param: DockerNamespaceIsRegistry}
+ if:
+ - insecure_registry_is_empty
+ - {}
+ - tripleo::profile::base::docker::insecure_registry_address: {get_param: DockerInsecureRegistryAddress}
step_config: |
include ::tripleo::profile::base::docker
upgrade_tasks:
OpenStack EC2-API service configured with Puppet
parameters:
+ ServiceData:
+ default: {}
+ description: Dictionary packing service data
+ type: json
ServiceNetMap:
default: {}
description: Mapping of service_name -> network name. Typically set
path: /var/log/ec2api/ec2api.log
EnablePackageInstall:
default: 'false'
- description: Set to true to enable package installation via Puppet
+ description: Set to true to enable package installation at deploy time
type: boolean
Ec2ApiPolicies:
description: |
Etcd service configured with Puppet
parameters:
+ ServiceData:
+ default: {}
+ description: Dictionary packing service data
+ type: json
ServiceNetMap:
default: {}
description: Mapping of service_name -> network name. Typically set
External Swift Proxy endpoint configured with Puppet
parameters:
+ ServiceData:
+ default: {}
+ description: Dictionary packing service data
+ type: json
ServiceNetMap:
default: {}
description: Mapping of service_name -> network name. Typically set
type: string
default: 'service'
SwiftPassword:
- description: The password for the swift service account, used by the swift proxy services.
+ description: The password for the swift service account
type: string
hidden: true
KeystoneRegion:
OpenStack Glance API service configured with Puppet
parameters:
+ ServiceData:
+ default: {}
+ description: Dictionary packing service data
+ type: json
ServiceNetMap:
default: {}
description: Mapping of service_name -> network name. Typically set
e.g. { glance-context_is_admin: { key: context_is_admin, value: 'role:admin' } }
default: {}
type: json
+ NotificationDriver:
+ type: string
+ default: 'messagingv2'
+ description: Driver or drivers to handle sending notifications.
+ constraints:
+ - allowed_values: [ 'messagingv2', 'noop' ]
conditions:
use_tls_proxy: {equals : [{get_param: EnableInternalTLS}, true]}
TLSProxyBase:
type: OS::TripleO::Services::TLSProxyBase
properties:
+ ServiceData: {get_param: ServiceData}
ServiceNetMap: {get_param: ServiceNetMap}
DefaultPasswords: {get_param: DefaultPasswords}
EndpointMap: {get_param: EndpointMap}
glance::api::pipeline: 'keystone'
glance::api::show_image_direct_url: true
glance::api::show_multiple_locations: {if: [glance_multiple_locations, true, false]}
+ glance::api::os_region_name: {get_param: KeystoneRegion}
# NOTE: bind IP is found in Heat replacing the network name with the
# local node IP for the given network; replacement examples
# (eg. for internal_api):
glance::notify::rabbitmq::rabbit_port: {get_param: RabbitClientPort}
glance::notify::rabbitmq::rabbit_password: {get_param: RabbitPassword}
glance::notify::rabbitmq::rabbit_use_ssl: {get_param: RabbitClientUseSSL}
- glance::notify::rabbitmq::notification_driver: messagingv2
+ glance::notify::rabbitmq::notification_driver: {get_param: NotificationDriver}
tripleo::profile::base::glance::api::glance_nfs_enabled: {get_param: GlanceNfsEnabled}
tripleo::glance::nfs_mount::share: {get_param: GlanceNfsShare}
tripleo::glance::nfs_mount::options: {get_param: GlanceNfsOptions}
Gnocchi service configured with Puppet
parameters:
+ ServiceData:
+ default: {}
+ description: Dictionary packing service data
+ type: json
ServiceNetMap:
default: {}
description: Mapping of service_name -> network name. Typically set
GnocchiServiceBase:
type: ./gnocchi-base.yaml
properties:
+ ServiceData: {get_param: ServiceData}
ServiceNetMap: {get_param: ServiceNetMap}
DefaultPasswords: {get_param: DefaultPasswords}
EndpointMap: {get_param: EndpointMap}
ApacheServiceBase:
type: ./apache.yaml
properties:
+ ServiceData: {get_param: ServiceData}
ServiceNetMap: {get_param: ServiceNetMap}
DefaultPasswords: {get_param: DefaultPasswords}
EndpointMap: {get_param: EndpointMap}
Gnocchi service configured with Puppet
parameters:
+ ServiceData:
+ default: {}
+ description: Dictionary packing service data
+ type: json
ServiceNetMap:
default: {}
description: Mapping of service_name -> network name. Typically set
Gnocchi service configured with Puppet
parameters:
+ ServiceData:
+ default: {}
+ description: Dictionary packing service data
+ type: json
ServiceNetMap:
default: {}
description: Mapping of service_name -> network name. Typically set
GnocchiServiceBase:
type: ./gnocchi-base.yaml
properties:
+ ServiceData: {get_param: ServiceData}
ServiceNetMap: {get_param: ServiceNetMap}
DefaultPasswords: {get_param: DefaultPasswords}
EndpointMap: {get_param: EndpointMap}
Gnocchi service configured with Puppet
parameters:
+ ServiceData:
+ default: {}
+ description: Dictionary packing service data
+ type: json
ServiceNetMap:
default: {}
description: Mapping of service_name -> network name. Typically set
GnocchiServiceBase:
type: ./gnocchi-base.yaml
properties:
+ ServiceData: {get_param: ServiceData}
ServiceNetMap: {get_param: ServiceNetMap}
DefaultPasswords: {get_param: DefaultPasswords}
EndpointMap: {get_param: EndpointMap}
HAProxy deployment with TLS enabled, powered by certmonger
parameters:
+ ServiceData:
+ default: {}
+ description: Dictionary packing service data
+ type: json
ServiceNetMap:
default: {}
description: Mapping of service_name -> network name. Typically set
HAProxy deployment with TLS enabled, powered by certmonger
parameters:
+ ServiceData:
+ default: {}
+ description: Dictionary packing service data
+ type: json
ServiceNetMap:
default: {}
description: Mapping of service_name -> network name. Typically set
HAproxy service configured with Puppet
parameters:
+ ServiceData:
+ default: {}
+ description: Dictionary packing service data
+ type: json
ServiceNetMap:
default: {}
description: Mapping of service_name -> network name. Typically set
description: Mapping of service endpoint -> protocol. Typically set
via parameter_defaults in the resource registry.
type: json
+ EnableLoadBalancer:
+ default: true
+ description: Whether to deploy a LoadBalancer, set to false when an external load balancer is used.
+ type: boolean
HAProxyStatsPassword:
description: Password for HAProxy stats endpoint
hidden: true
description: Whether or not to enable the HAProxy stats interface.
type: boolean
RedisPassword:
- description: The password for Redis
+ description: The password for the redis service account.
type: string
hidden: true
MonitoringSubscriptionHaproxy:
HAProxyPublicTLS:
type: OS::TripleO::Services::HAProxyPublicTLS
properties:
+ ServiceData: {get_param: ServiceData}
ServiceNetMap: {get_param: ServiceNetMap}
DefaultPasswords: {get_param: DefaultPasswords}
EndpointMap: {get_param: EndpointMap}
HAProxyInternalTLS:
type: OS::TripleO::Services::HAProxyInternalTLS
properties:
+ ServiceData: {get_param: ServiceData}
ServiceNetMap: {get_param: ServiceNetMap}
DefaultPasswords: {get_param: DefaultPasswords}
EndpointMap: {get_param: EndpointMap}
tripleo::haproxy::ca_bundle: {get_param: InternalTLSCAFile}
tripleo::haproxy::crl_file: {get_param: InternalTLSCRLPEMFile}
tripleo::haproxy::haproxy_stats: {get_param: HAProxyStatsEnabled}
+ enable_load_balancer: {get_param: EnableLoadBalancer}
tripleo::profile::base::haproxy::certificates_specs:
map_merge:
- get_attr: [HAProxyPublicTLS, role_data, certificates_specs]
Openstack Heat CloudFormation API service configured with Puppet
parameters:
+ ServiceData:
+ default: {}
+ description: Dictionary packing service data
+ type: json
ServiceNetMap:
default: {}
description: Mapping of service_name -> network name. Typically set
ApacheServiceBase:
type: ./apache.yaml
properties:
+ ServiceData: {get_param: ServiceData}
ServiceNetMap: {get_param: ServiceNetMap}
DefaultPasswords: {get_param: DefaultPasswords}
EndpointMap: {get_param: EndpointMap}
HeatBase:
type: ./heat-base.yaml
properties:
+ ServiceData: {get_param: ServiceData}
ServiceNetMap: {get_param: ServiceNetMap}
DefaultPasswords: {get_param: DefaultPasswords}
EndpointMap: {get_param: EndpointMap}
heat::keystone::auth_cfn::admin_url: {get_param: [EndpointMap, HeatCfnAdmin, uri]}
heat::keystone::auth_cfn::password: {get_param: HeatPassword}
heat::keystone::auth_cfn::region: {get_param: KeystoneRegion}
+ metadata_settings:
+ get_attr: [ApacheServiceBase, role_data, metadata_settings]
upgrade_tasks:
- name: Check if heat_api_cfn is deployed
command: systemctl is-enabled openstack-heat-api-cfn
when: heat_api_cfn_apache.rc == 0
- name: Stop and disable heat_api_cfn service (pre-upgrade not under httpd)
tags: step1
- when: heat_api_cfn_apache.rc == 0
+ when: heat_api_cfn_enabled.rc == 0
service: name=openstack-heat-api-cfn state=stopped enabled=no
Openstack Heat CloudWatch API service configured with Puppet
parameters:
+ ServiceData:
+ default: {}
+ description: Dictionary packing service data
+ type: json
ServiceNetMap:
default: {}
description: Mapping of service_name -> network name. Typically set
ApacheServiceBase:
type: ./apache.yaml
properties:
+ ServiceData: {get_param: ServiceData}
ServiceNetMap: {get_param: ServiceNetMap}
DefaultPasswords: {get_param: DefaultPasswords}
EndpointMap: {get_param: EndpointMap}
HeatBase:
type: ./heat-base.yaml
properties:
+ ServiceData: {get_param: ServiceData}
ServiceNetMap: {get_param: ServiceNetMap}
DefaultPasswords: {get_param: DefaultPasswords}
EndpointMap: {get_param: EndpointMap}
- heat::wsgi::apache_api_cloudwatch::workers: {get_param: HeatWorkers}
step_config: |
include ::tripleo::profile::base::heat::api_cloudwatch
+ metadata_settings:
+ get_attr: [ApacheServiceBase, role_data, metadata_settings]
upgrade_tasks:
- name: Check if heat_api_cloudwatch is deployed
command: systemctl is-enabled openstack-heat-api-cloudwatch
Openstack Heat API service configured with Puppet
parameters:
+ ServiceData:
+ default: {}
+ description: Dictionary packing service data
+ type: json
ServiceNetMap:
default: {}
description: Mapping of service_name -> network name. Typically set
ApacheServiceBase:
type: ./apache.yaml
properties:
+ ServiceData: {get_param: ServiceData}
ServiceNetMap: {get_param: ServiceNetMap}
DefaultPasswords: {get_param: DefaultPasswords}
EndpointMap: {get_param: EndpointMap}
HeatBase:
type: ./heat-base.yaml
properties:
+ ServiceData: {get_param: ServiceData}
ServiceNetMap: {get_param: ServiceNetMap}
DefaultPasswords: {get_param: DefaultPasswords}
EndpointMap: {get_param: EndpointMap}
heat::keystone::auth::admin_url: {get_param: [EndpointMap, HeatAdmin, uri]}
heat::keystone::auth::password: {get_param: HeatPassword}
heat::keystone::auth::region: {get_param: KeystoneRegion}
+ metadata_settings:
+ get_attr: [ApacheServiceBase, role_data, metadata_settings]
upgrade_tasks:
- name: Check is heat_api is deployed
command: systemctl is-enabled openstack-heat-api
default: 5672
description: Set rabbit subscriber port, change this if using SSL
type: number
+ ServiceData:
+ default: {}
+ description: Dictionary packing service data
+ type: json
ServiceNetMap:
default: {}
description: Mapping of service_name -> network name. Typically set
default: 1048576
description: Maximum raw byte size of the Heat API JSON request body.
type: number
+ NotificationDriver:
+ type: string
+ default: 'messagingv2'
+ description: Driver or drivers to handle sending notifications.
+ constraints:
+ - allowed_values: [ 'messagingv2', 'noop' ]
conditions:
service_debug_unset: {equals : [{get_param: HeatDebug}, '']}
value:
service_name: heat_base
config_settings:
+ heat::notification_driver: {get_param: NotificationDriver}
heat::rabbit_userid: {get_param: RabbitUserName}
heat::rabbit_password: {get_param: RabbitPassword}
heat::rabbit_use_ssl: {get_param: RabbitClientUseSSL}
Openstack Heat Engine service configured with Puppet
parameters:
+ ServiceData:
+ default: {}
+ description: Dictionary packing service data
+ type: json
ServiceNetMap:
default: {}
description: Mapping of service_name -> network name. Typically set
HeatBase:
type: ./heat-base.yaml
properties:
+ ServiceData: {get_param: ServiceData}
ServiceNetMap: {get_param: ServiceNetMap}
DefaultPasswords: {get_param: DefaultPasswords}
EndpointMap: {get_param: EndpointMap}
Horizon service configured with Puppet
parameters:
+ ServiceData:
+ default: {}
+ description: Dictionary packing service data
+ type: json
ServiceNetMap:
default: {}
description: Mapping of service_name -> network name. Typically set
OpenStack Ironic API configured with Puppet
parameters:
+ ServiceData:
+ default: {}
+ description: Dictionary packing service data
+ type: json
ServiceNetMap:
default: {}
description: Mapping of service_name -> network name. Typically set
ApacheServiceBase:
type: ./apache.yaml
properties:
+ ServiceData: {get_param: ServiceData}
ServiceNetMap: {get_param: ServiceNetMap}
DefaultPasswords: {get_param: DefaultPasswords}
EndpointMap: {get_param: EndpointMap}
IronicBase:
type: ./ironic-base.yaml
properties:
+ ServiceData: {get_param: ServiceData}
ServiceNetMap: {get_param: ServiceNetMap}
DefaultPasswords: {get_param: DefaultPasswords}
EndpointMap: {get_param: EndpointMap}
OpenStack Ironic services configured with Puppet
parameters:
+ ServiceData:
+ default: {}
+ description: Dictionary packing service data
+ type: json
ServiceNetMap:
default: {}
description: Mapping of service_name -> network name. Typically set
OpenStack Ironic conductor configured with Puppet
parameters:
+ ServiceData:
+ default: {}
+ description: Dictionary packing service data
+ type: json
ServiceNetMap:
default: {}
description: Mapping of service_name -> network name. Typically set
IronicBase:
type: ./ironic-base.yaml
properties:
+ ServiceData: {get_param: ServiceData}
ServiceNetMap: {get_param: ServiceNetMap}
DefaultPasswords: {get_param: DefaultPasswords}
EndpointMap: {get_param: EndpointMap}
OpenStack Ironic Inspector configured with Puppet (EXPERIMENTAL)
parameters:
+ ServiceData:
+ default: {}
+ description: Dictionary packing service data
+ type: json
ServiceNetMap:
default: {}
description: Mapping of service_name -> network name. Typically set
--- /dev/null
+heat_template_version: pike
+
+description: >
+ Configure iscsid
+
+parameters:
+ ServiceData:
+ default: {}
+ description: Dictionary packing service data
+ type: json
+ ServiceNetMap:
+ default: {}
+ description: Mapping of service_name -> network name. Typically set
+ via parameter_defaults in the resource registry. This
+ mapping overrides those in ServiceNetMapDefaults.
+ type: json
+ DefaultPasswords:
+ default: {}
+ type: json
+ RoleName:
+ default: ''
+ description: Role name on which the service is applied
+ type: string
+ RoleParameters:
+ default: {}
+ description: Parameters specific to the role
+ type: json
+ EndpointMap:
+ default: {}
+ description: Mapping of service endpoint -> protocol. Typically set
+ via parameter_defaults in the resource registry.
+ type: json
+
+outputs:
+ role_data:
+ description: Role data for iscsid
+ value:
+ service_name: iscsid
+ config_setting: {}
+ step_config: |
+ include ::tripleo::profile::base::iscsid
Keepalived service configured with Puppet
parameters:
+ ServiceData:
+ default: {}
+ description: Dictionary packing service data
+ type: json
ServiceNetMap:
default: {}
description: Mapping of service_name -> network name. Typically set
Load kernel modules with kmod and configure kernel options with sysctl.
parameters:
+ ServiceData:
+ default: {}
+ description: Dictionary packing service data
+ type: json
ServiceNetMap:
default: {}
description: Mapping of service_name -> network name. Typically set
default: 'fernet'
constraints:
- allowed_values: ['uuid', 'fernet']
+ ServiceData:
+ default: {}
+ description: Dictionary packing service data
+ type: json
ServiceNetMap:
default: {}
description: Mapping of service_name -> network name. Typically set
Debug:
type: string
default: ''
+ description: Set to True to enable debugging on all services.
KeystoneDebug:
default: ''
description: Set to True to enable debugging Keystone service.
type: json
default: {}
hidden: true
+ NotificationDriver:
+ type: string
+ default: 'messagingv2'
+ description: Driver or drivers to handle sending notifications.
+ constraints:
+ - allowed_values: [ 'messagingv2', 'noop' ]
parameter_groups:
- label: deprecated
parameters:
- KeystoneFernetKey0
- KeystoneFernetKey1
+ - KeystoneNotificationDriver
resources:
ApacheServiceBase:
type: ./apache.yaml
properties:
+ ServiceData: {get_param: ServiceData}
ServiceNetMap: {get_param: ServiceNetMap}
DefaultPasswords: {get_param: DefaultPasswords}
EndpointMap: {get_param: EndpointMap}
keystone::rabbit_password: {get_param: RabbitPassword}
keystone::rabbit_use_ssl: {get_param: RabbitClientUseSSL}
keystone::rabbit_port: {get_param: RabbitClientPort}
- keystone::notification_driver: {get_param: KeystoneNotificationDriver}
+ keystone::notification_driver: {get_param: NotificationDriver}
keystone::notification_format: {get_param: KeystoneNotificationFormat}
keystone::roles::admin::email: {get_param: AdminEmail}
keystone::roles::admin::password: {get_param: AdminPassword}
description: Fluentd base service
parameters:
+ ServiceData:
+ default: {}
+ description: Dictionary packing service data
+ type: json
ServiceNetMap:
default: {}
description: Mapping of service_name -> network name. Typically set
description: Fluentd client configured with Puppet
parameters:
+ ServiceData:
+ default: {}
+ description: Dictionary packing service data
+ type: json
ServiceNetMap:
default: {}
description: Mapping of service_name -> network name. Typically set
EndpointMap: {get_param: EndpointMap}
RoleName: {get_param: RoleName}
RoleParameters: {get_param: RoleParameters}
+ ServiceData: {get_param: ServiceData}
ServiceNetMap: {get_param: ServiceNetMap}
DefaultPasswords: {get_param: DefaultPasswords}
description: Fluentd logging configuration
parameters:
+ ServiceData:
+ default: {}
+ description: Dictionary packing service data
+ type: json
ServiceNetMap:
default: {}
description: Mapping of service_name -> network name. Typically set
Manila-api service configured with Puppet
parameters:
+ ServiceData:
+ default: {}
+ description: Dictionary packing service data
+ type: json
ServiceNetMap:
default: {}
description: Mapping of service_name -> network name. Typically set
ManilaBase:
type: ./manila-base.yaml
properties:
+ ServiceData: {get_param: ServiceData}
ServiceNetMap: {get_param: ServiceNetMap}
DefaultPasswords: {get_param: DefaultPasswords}
EndpointMap: {get_param: EndpointMap}
Openstack Manila Cephfs backend
parameters:
+ ServiceData:
+ default: {}
+ description: Dictionary packing service data
+ type: json
ServiceNetMap:
default: {}
description: Mapping of service_name -> network name. Typically set
ManilaServiceNetworkCidr:
type: string
default: '172.16.0.0/16'
+ ServiceData:
+ default: {}
+ description: Dictionary packing service data
+ type: json
ServiceNetMap:
default: {}
description: Mapping of service_name -> network name. Typically set
ManilaNetappSnapmirrorQuiesceTimeout:
type: number
default: 3600
+ ServiceData:
+ default: {}
+ description: Dictionary packing service data
+ type: json
ServiceNetMap:
default: {}
description: Mapping of service_name -> network name. Typically set
Openstack Manila base service. Shared by manila-api/scheduler/share services
parameters:
+ ServiceData:
+ default: {}
+ description: Dictionary packing service data
+ type: json
ServiceNetMap:
default: {}
description: Mapping of service_name -> network name. Typically set
description: The password for the manila service account.
type: string
hidden: true
+ NotificationDriver:
+ type: string
+ default: 'messagingv2'
+ description: Driver or drivers to handle sending notifications.
+ constraints:
+ - allowed_values: [ 'messagingv2', 'noop' ]
conditions:
service_debug_unset: {equals : [{get_param: ManilaDebug}, '']}
value:
service_name: manila_base
config_settings:
+ manila::notification_driver: {get_param: NotificationDriver}
manila::rabbit_userid: {get_param: RabbitUserName}
manila::rabbit_password: {get_param: RabbitPassword}
manila::rabbit_use_ssl: {get_param: RabbitClientUseSSL}
Manila-scheduler service configured with Puppet
parameters:
+ ServiceData:
+ default: {}
+ description: Dictionary packing service data
+ type: json
ServiceNetMap:
default: {}
description: Mapping of service_name -> network name. Typically set
type: json
NovaPassword:
type: string
- description: The password for the nova service and db account, used by nova-api.
+ description: The password for the nova service and db account
hidden: true
NeutronPassword:
description: The password for the neutron service and db account, used by neutron agents.
ManilaBase:
type: ./manila-base.yaml
properties:
+ ServiceData: {get_param: ServiceData}
ServiceNetMap: {get_param: ServiceNetMap}
DefaultPasswords: {get_param: DefaultPasswords}
EndpointMap: {get_param: EndpointMap}
Manila-share service configured with Puppet
parameters:
+ ServiceData:
+ default: {}
+ description: Dictionary packing service data
+ type: json
ServiceNetMap:
default: {}
description: Mapping of service_name -> network name. Typically set
ManilaBase:
type: ./manila-base.yaml
properties:
+ ServiceData: {get_param: ServiceData}
ServiceNetMap: {get_param: ServiceNetMap}
DefaultPasswords: {get_param: DefaultPasswords}
EndpointMap: {get_param: EndpointMap}
Memcached service configured with Puppet
parameters:
+ ServiceData:
+ default: {}
+ description: Dictionary packing service data
+ type: json
ServiceNetMap:
default: {}
description: Mapping of service_name -> network name. Typically set
description: Collectd client service
parameters:
+ ServiceData:
+ default: {}
+ description: Dictionary packing service data
+ type: json
ServiceNetMap:
default: {}
description: Mapping of service_name -> network name. Typically set
Openstack Mistral API service configured with Puppet
parameters:
+ ServiceData:
+ default: {}
+ description: Dictionary packing service data
+ type: json
ServiceNetMap:
default: {}
description: Mapping of service_name -> network name. Typically set
ApacheServiceBase:
type: ./apache.yaml
properties:
+ ServiceData: {get_param: ServiceData}
ServiceNetMap: {get_param: ServiceNetMap}
DefaultPasswords: {get_param: DefaultPasswords}
EndpointMap: {get_param: EndpointMap}
MistralBase:
type: ./mistral-base.yaml
properties:
+ ServiceData: {get_param: ServiceData}
ServiceNetMap: {get_param: ServiceNetMap}
DefaultPasswords: {get_param: DefaultPasswords}
EndpointMap: {get_param: EndpointMap}
Openstack Mistral base service. Shared for all Mistral services.
parameters:
+ ServiceData:
+ default: {}
+ description: Dictionary packing service data
+ type: json
ServiceNetMap:
default: {}
description: Mapping of service_name -> network name. Typically set
type: string
default: 'regionOne'
description: Keystone region for endpoint
+ NotificationDriver:
+ type: string
+ default: 'messagingv2'
+ description: Driver or drivers to handle sending notifications.
+ constraints:
+ - allowed_values: [ 'messagingv2', 'noop' ]
conditions:
service_debug_unset: {equals : [{get_param: MistralDebug}, '']}
query:
read_default_file: /etc/my.cnf.d/tripleo.cnf
read_default_group: tripleo
+ mistral::notification_driver: {get_param: NotificationDriver}
mistral::rabbit_userid: {get_param: RabbitUserName}
mistral::rabbit_password: {get_param: RabbitPassword}
mistral::rabbit_use_ssl: {get_param: RabbitClientUseSSL}
Openstack Mistral Engine service configured with Puppet
parameters:
+ ServiceData:
+ default: {}
+ description: Dictionary packing service data
+ type: json
ServiceNetMap:
default: {}
description: Mapping of service_name -> network name. Typically set
MistralBase:
type: ./mistral-base.yaml
properties:
+ ServiceData: {get_param: ServiceData}
ServiceNetMap: {get_param: ServiceNetMap}
DefaultPasswords: {get_param: DefaultPasswords}
EndpointMap: {get_param: EndpointMap}
Openstack Mistral API service configured with Puppet
parameters:
+ ServiceData:
+ default: {}
+ description: Dictionary packing service data
+ type: json
ServiceNetMap:
default: {}
description: Mapping of service_name -> network name. Typically set
MistralBase:
type: ./mistral-base.yaml
properties:
+ ServiceData: {get_param: ServiceData}
ServiceNetMap: {get_param: ServiceNetMap}
DefaultPasswords: {get_param: DefaultPasswords}
EndpointMap: {get_param: EndpointMap}
description: Sensu base service
parameters:
+ ServiceData:
+ default: {}
+ description: Dictionary packing service data
+ type: json
ServiceNetMap:
default: {}
description: Mapping of service_name -> network name. Typically set
to the RabbitMQ host. Set MonitoringRabbitUseSSL to true without
specifying a private key or cert chain to use SSL transport,
but not cert auth.
- type: string
+ type: boolean
MonitoringRabbitSSLPrivateKey:
default: ''
description: Private key to be used by Sensu to connect to RabbitMQ host.
description: Sensu client configured with Puppet
parameters:
+ ServiceData:
+ default: {}
+ description: Dictionary packing service data
+ type: json
ServiceNetMap:
default: {}
description: Mapping of service_name -> network name. Typically set
via parameter_defaults in the resource registry.
type: json
AdminPassword:
- description: Keystone admin user password
+ description: The password for the keystone admin account, used for monitoring, querying neutron etc.
type: string
+ hidden: true
KeystoneRegion:
default: 'regionOne'
description: Keystone region for endpoint
SensuBase:
type: ./sensu-base.yaml
properties:
+ ServiceData: {get_param: ServiceData}
ServiceNetMap: {get_param: ServiceNetMap}
DefaultPasswords: {get_param: DefaultPasswords}
EndpointMap: {get_param: EndpointMap}
and configures Contrail Analytics Database.
parameters:
+ ServiceData:
+ default: {}
+ description: Dictionary packing service data
+ type: json
ServiceNetMap:
default: {}
description: Mapping of service_name -> network name. Typically set
ContrailBase:
type: ./contrail-base.yaml
properties:
+ ServiceData: {get_param: ServiceData}
ServiceNetMap: {get_param: ServiceNetMap}
DefaultPasswords: {get_param: DefaultPasswords}
EndpointMap: {get_param: EndpointMap}
and configures Contrail Analytics.
parameters:
+ ServiceData:
+ default: {}
+ description: Dictionary packing service data
+ type: json
ServiceNetMap:
default: {}
description: Mapping of service_name -> network name. Typically set
description: Mapping of service endpoint -> protocol. Typically set
via parameter_defaults in the resource registry.
type: json
+ ContrailAnalyticsCollectorHttp:
+ default: 8089
+ description: Contrail Analytics Collector http port
+ type: number
+ ContrailAnalyticsCollectorSandesh:
+ default: 8086
+ description: Contrail Analytics Collector sandesh port
+ type: number
+ ContrailAnalyticsHttp:
+ default: 8090
+ description: Contrail Analytics http port
+ type: number
+ ContrailAnalyticsRedis:
+ default: 6379
+ description: Contrail Analytics redis port
+ type: number
+ ContrailAnalyticsApi:
+ default: 8081
+ description: Contrail Analytics Api port
+ type: number
resources:
ContrailBase:
type: ./contrail-base.yaml
properties:
+ ServiceData: {get_param: ServiceData}
ServiceNetMap: {get_param: ServiceNetMap}
DefaultPasswords: {get_param: DefaultPasswords}
- EndpointMap: {get_param: EndpointMap}
RoleName: {get_param: RoleName}
RoleParameters: {get_param: RoleParameters}
config_settings:
map_merge:
- get_attr: [ContrailBase, role_data, config_settings]
- - contrail::analytics::collector_http_server_port: {get_param: [EndpointMap, ContrailAnalyticsCollectorHttpInternal, port]}
- contrail::analytics::collector_sandesh_port: {get_param: [EndpointMap, ContrailAnalyticsCollectorSandeshInternal, port]}
+ - contrail::analytics::collector_http_server_port: {get_param: ContrailAnalyticsCollectorHttp}
+ contrail::analytics::collector_sandesh_port: {get_param: ContrailAnalyticsCollectorSandesh}
contrail::analytics::host_ip: {get_param: [ServiceNetMap, ContrailAnalyticsNetwork]}
- contrail::analytics::http_server_port: {get_param: [EndpointMap, ContrailAnalyticsHttpInternal, port]}
+ contrail::analytics::http_server_port: {get_param: ContrailAnalyticsHttp}
contrail::analytics::listen_ip_address: {get_param: [ServiceNetMap, ContrailAnalyticsNetwork]}
contrail::analytics::redis_server: '127.0.0.1'
- contrail::analytics::redis_server_port: {get_param: [EndpointMap, ContrailAnalyticsRedisInternal, port]}
+ contrail::analytics::redis_server_port: {get_param: ContrailAnalyticsRedis}
contrail::analytics::rest_api_ip: {get_param: [ServiceNetMap, ContrailAnalyticsNetwork]}
- contrail::analytics::rest_api_port: {get_param: [EndpointMap, ContrailAnalyticsApiInternal, port]}
+ contrail::analytics::rest_api_port: {get_param: ContrailAnalyticsApi}
step_config: |
include ::tripleo::network::contrail::analytics
Base parameters for all Contrail Services.
parameters:
+ ServiceData:
+ default: {}
+ description: Dictionary packing service data
+ type: json
ServiceNetMap:
default: {}
description: Mapping of service_name -> network name. Typically set
description: Mapping of service endpoint -> protocol. Typically set
via parameter_defaults in the resource registry.
type: json
- ContrailAAAMode:
+ AAAMode:
description: AAAmode can be no-auth, cloud-admin or rbac
type: string
default: 'rbac'
- ContrailAAAModeAnalytics:
+ AAAModeAnalytics:
description: AAAmode for analytics can be no-auth, cloud-admin or rbac
type: string
default: 'no-auth'
AdminPassword:
- description: Keystone admin user password
+ description: The password for the keystone admin account, used for monitoring, querying neutron etc.
type: string
hidden: true
AdminTenantName:
type: string
default: 'admin'
AdminToken:
- description: Keystone admin token
+ description: The keystone auth secret and db password.
type: string
hidden: true
AdminUser:
description: Keystone admin user name
type: string
default: 'admin'
- AuthPortSSL:
- default: 13357
- description: Keystone SSL port
- type: number
- AuthPortSSLPublic:
- default: 13000
- description: Keystone Public SSL port
- type: number
ContrailAuth:
default: 'keystone'
description: Keystone authentication method
type: string
+ ContrailAnalyticsVIP:
+ default: ''
+ description: Contrail Analytics Api Virtual IP address
+ type: string
+ ContrailConfigPort:
+ default: 8082
+ description: Contrail Config Api port
+ type: number
+ ContrailConfigVIP:
+ default: ''
+ description: Contrail Config Virtual IP address
+ type: string
+ ContrailDiscoveryPort:
+ default: 5998
+ description: Contrail Config Api port
+ type: number
ContrailInsecure:
default: false
description: Keystone insecure mode
default: '127.0.0.1:12111'
description: Memcached server
type: string
+ ContrailVIP:
+ default: ''
+ description: Contrail VIP
+ type: string
+ ContrailWebuiVIP:
+ default: ''
+ description: Contrail Webui Virtual IP address
+ type: string
RabbitPassword:
description: The password for RabbitMQ
type: string
description: Set rabbit subscriber port, change this if using SSL
type: number
+conditions:
+ contrail_config_vip_unset: {equals : [{get_param: ContrailConfigVIP}, '']}
+ contrail_analytics_vip_unset: {equals : [{get_param: ContrailAnalyticsVIP}, '']}
+ contrail_webui_vip_unset: {equals : [{get_param: ContrailWebuiVIP}, '']}
+
outputs:
role_data:
description: Shared role data for the Contrail services.
value:
service_name: contrail_base
config_settings:
- contrail::aaa_mode: {get_param: ContrailAAAMode}
- contrail::analytics_aaa_mode: {get_param: ContrailAAAModeAnalytics}
- contrail::admin_password: {get_param: AdminPassword}
- contrail::admin_tenant_name: {get_param: AdminTenantName}
- contrail::admin_token: {get_param: AdminToken}
- contrail::admin_user: {get_param: AdminUser}
- contrail::auth: {get_param: ContrailAuth}
- contrail::auth_host: {get_param: [EndpointMap, KeystonePublic, host] }
- contrail::auth_port: {get_param: [EndpointMap, KeystoneAdmin, port] }
- contrail::auth_port_ssl: {get_param: AuthPortSSL }
- contrail::auth_port_public: {get_param: [EndpointMap, KeystonePublic, port] }
- contrail::auth_port_ssl_public: {get_param: AuthPortSSLPublic }
- contrail::auth_protocol: {get_param: [EndpointMap, KeystoneInternal, protocol] }
- contrail::api_port: {get_param: [EndpointMap, ContrailConfigInternal, port] }
- contrail::disc_server_port: {get_param: [EndpointMap, ContrailDiscoveryInternal, port] }
- contrail::insecure: {get_param: ContrailInsecure}
- contrail::memcached_server: {get_param: ContrailMemcachedServer}
- contrail::rabbit_password: {get_param: RabbitPassword}
- contrail::rabbit_user: {get_param: RabbitUserName}
- contrail::rabbit_port: {get_param: RabbitClientPort}
+ map_merge:
+ - contrail::aaa_mode: {get_param: AAAMode}
+ contrail::analytics_aaa_mode: {get_param: AAAModeAnalytics}
+ contrail::admin_password: {get_param: AdminPassword}
+ contrail::admin_tenant_name: {get_param: AdminTenantName}
+ contrail::admin_token: {get_param: AdminToken}
+ contrail::admin_user: {get_param: AdminUser}
+ contrail::auth: {get_param: ContrailAuth}
+ contrail::auth_host: {get_param: [EndpointMap, KeystoneAdmin, host] }
+ contrail::auth_port: {get_param: [EndpointMap, KeystoneAdmin, port] }
+ contrail::auth_port_public: {get_param: [EndpointMap, KeystonePublic, port] }
+ contrail::auth_protocol: {get_param: [EndpointMap, KeystonePublic, protocol] }
+ contrail::api_port: {get_param: ContrailConfigPort }
+ contrail::disc_server_port: {get_param: ContrailDiscoveryPort }
+ contrail::insecure: {get_param: ContrailInsecure}
+ contrail::memcached_server: {get_param: ContrailMemcachedServer}
+ contrail::rabbit_password: {get_param: RabbitPassword}
+ contrail::rabbit_user: {get_param: RabbitUserName}
+ contrail::rabbit_port: {get_param: RabbitClientPort}
+ contrail::vip: {get_param: ContrailVIP}
+ -
+ if:
+ - contrail_config_vip_unset
+ - {}
+ - contrail_config_vip: {get_param: ContrailConfigVIP}
+ -
+ if:
+ - contrail_webui_vip_unset
+ - {}
+ - contrail_webui_vip: {get_param: ContrailWebuiVIP}
+ -
+ if:
+ - contrail_analytics_vip_unset
+ - {}
+ - contrail_analytics_vip: {get_param: ContrailAnalyticsVIP}
and configures Contrail Config.
parameters:
+ ServiceData:
+ default: {}
+ description: Dictionary packing service data
+ type: json
ServiceNetMap:
default: {}
description: Mapping of service_name -> network name. Typically set
description: Ifmap user password
type: string
default: 'api-server'
+ ContrailConfigPort:
+ default: 8082
+ description: Contrail Config Api port
+ type: number
resources:
ContrailBase:
type: ./contrail-base.yaml
properties:
+ ServiceData: {get_param: ServiceData}
ServiceNetMap: {get_param: ServiceNetMap}
DefaultPasswords: {get_param: DefaultPasswords}
EndpointMap: {get_param: EndpointMap}
- contrail::config::ifmap_password: {get_param: ContrailConfigIfmapUserPassword}
contrail::config::ifmap_username: {get_param: ContrailConfigIfmapUserName}
contrail::config::listen_ip_address: {get_param: [ServiceNetMap, ContrailConfigNetwork]}
- contrail::config::listen_port: {get_param: [EndpointMap, ContrailConfigInternal, port] }
+ contrail::config::listen_port: {get_param: ContrailConfigPort}
contrail::config::redis_server: '127.0.0.1'
- contrail::config::host_ip: {get_param: [ServiceNetMap, ContrailConfigNetwork] }
+ contrail::config::host_ip: {get_param: [ServiceNetMap, ContrailConfigNetwork]}
step_config: |
include ::tripleo::network::contrail::config
and configures Contrail Control.
parameters:
+ ServiceData:
+ default: {}
+ description: Dictionary packing service data
+ type: json
ServiceNetMap:
default: {}
description: Mapping of service_name -> network name. Typically set
description: sda1/256 hmac key, e.g. echo -n "values" | openssl dgst -sha256 -hmac key -binary | base64
type: string
hidden: true
+ ContrailControlManageNamed:
+ description: named config file mgmt
+ type: string
+ default: true
resources:
ContrailBase:
type: ./contrail-base.yaml
properties:
+ ServiceData: {get_param: ServiceData}
ServiceNetMap: {get_param: ServiceNetMap}
DefaultPasswords: {get_param: DefaultPasswords}
EndpointMap: {get_param: EndpointMap}
- contrail::control::asn: {get_param: ContrailControlASN }
contrail::control::host_ip: {get_param: [ServiceNetMap, ContrailControlNetwork]}
contrail::control::rndc_secret: {get_param: ContrailControlRNDCSecret}
+ contrail::control::manage_named: {get_param: ContrailControlManageNamed}
step_config: |
include ::tripleo::network::contrail::control
and configures Contrail Database.
parameters:
+ ServiceData:
+ default: {}
+ description: Dictionary packing service data
+ type: json
ServiceNetMap:
default: {}
description: Mapping of service_name -> network name. Typically set
ContrailBase:
type: ./contrail-base.yaml
properties:
+ ServiceData: {get_param: ServiceData}
ServiceNetMap: {get_param: ServiceNetMap}
DefaultPasswords: {get_param: DefaultPasswords}
EndpointMap: {get_param: EndpointMap}
--- /dev/null
+heat_template_version: pike
+
+description: >
+ OpenStack Neutron Compute OpenContrail plugin
+
+parameters:
+ ServiceData:
+ default: {}
+ description: Dictionary packing service data
+ type: json
+ ServiceNetMap:
+ default: {}
+ description: Mapping of service_name -> network name. Typically set
+ via parameter_defaults in the resource registry. This
+ mapping overrides those in ServiceNetMapDefaults.
+ type: json
+ DefaultPasswords:
+ default: {}
+ type: json
+ RoleName:
+ default: ''
+ description: Role name on which the service is applied
+ type: string
+ RoleParameters:
+ default: {}
+ description: Parameters specific to the role
+ type: json
+ EndpointMap:
+ default: {}
+ description: Mapping of service endpoint -> protocol. Typically set
+ via parameter_defaults in the resource registry.
+ type: json
+ NeutronMetadataProxySharedSecret:
+ description: Metadata Secret
+ type: string
+ hidden: true
+ ContrailVrouterPhysicalInterface:
+ default: 'eth0'
+ description: vRouter physical interface
+ type: string
+ ContrailVrouterGateway:
+ default: '192.168.24.1'
+ description: vRouter default gateway
+ type: string
+ ContrailVrouterNetmask:
+ default: '255.255.255.0'
+ description: vRouter netmask
+ type: string
+
+resources:
+ ContrailBase:
+ type: ./contrail-base.yaml
+ properties:
+ ServiceData: {get_param: ServiceData}
+ ServiceNetMap: {get_param: ServiceNetMap}
+ DefaultPasswords: {get_param: DefaultPasswords}
+ EndpointMap: {get_param: EndpointMap}
+ RoleName: {get_param: RoleName}
+ RoleParameters: {get_param: RoleParameters}
+
+outputs:
+ role_data:
+ description: Role data for the Neutron Compute OpenContrail plugin
+ value:
+ service_name: contrail_dpdk
+ config_settings:
+ map_merge:
+ - get_attr: [ContrailBase, role_data, config_settings]
+ - contrail::vrouter::host_ip: {get_param: [ServiceNetMap, ContrailVrouterNetwork]}
+ contrail::vrouter::is_dpdk: 'true'
+ contrail::vrouter::physical_interface: {get_param: ContrailVrouterPhysicalInterface}
+ contrail::vrouter::gateway: {get_param: ContrailVrouterGateway}
+ contrail::vrouter::netmask: {get_param: ContrailVrouterNetmask}
+ contrail::vrouter::metadata_proxy_shared_secret: {get_param: NeutronMetadataProxySharedSecret}
+ tripleo.neutron_compute_plugin_opencontrail.firewall_rules:
+ '111 neutron_compute_plugin_opencontrail proxy':
+ dport:
+ - 8097
+ - 8085
+ proto: tcp
+ step_config: |
+ include ::tripleo::network::contrail::vrouter
to orchestrate Contrail
parameters:
+ ServiceData:
+ default: {}
+ description: Dictionary packing service data
+ type: json
ServiceNetMap:
default: {}
description: Mapping of service_name -> network name. Typically set
ContrailBase:
type: ./contrail-base.yaml
properties:
+ ServiceData: {get_param: ServiceData}
ServiceNetMap: {get_param: ServiceNetMap}
DefaultPasswords: {get_param: DefaultPasswords}
EndpointMap: {get_param: EndpointMap}
OpenStack Neutron Opencontrail plugin
parameters:
+ ServiceData:
+ default: {}
+ description: Dictionary packing service data
+ type: json
ServiceNetMap:
default: {}
description: Mapping of service_name -> network name. Typically set
ContrailExtensions:
description: List of OpenContrail extensions to be enabled
type: comma_delimited_list
- default: ''
+ default: 'ipam:neutron_plugin_contrail.plugins.opencontrail.contrail_plugin_ipam.NeutronPluginContrailIpam,policy:neutron_plugin_contrail.plugins.opencontrail.contrail_plugin_policy.NeutronPluginContrailPolicy,route-table:neutron_plugin_contrail.plugins.opencontrail.contrail_plugin_vpc.NeutronPluginContrailVpc,contrail:None'
resources:
ContrailBase:
type: ./contrail-base.yaml
properties:
+ ServiceData: {get_param: ServiceData}
ServiceNetMap: {get_param: ServiceNetMap}
DefaultPasswords: {get_param: DefaultPasswords}
EndpointMap: {get_param: EndpointMap}
config_settings:
map_merge:
- get_attr: [ContrailBase, role_data, config_settings]
- - neutron::api_extensions_path: /usr/lib/python2.7/site-packages/neutron_plugin_contrail/extensions
+ - neutron::api_extensions_path: '/usr/lib/python2.7/site-packages/neutron_plugin_contrail/extensions:/usr/lib/python2.7/site-packages/neutron_lbaas/extensions'
contrail::vrouter::contrail_extensions: {get_param: ContrailExtensions}
step_config: |
include tripleo::network::contrail::neutron_plugin
Contrail TSN Service
parameters:
+ ServiceData:
+ default: {}
+ description: Dictionary packing service data
+ type: json
ServiceNetMap:
default: {}
description: Mapping of service_name -> network name. Typically set
NeutronMetadataProxySharedSecret:
description: Metadata Secret
type: string
- VrouterPhysicalInterface:
+ ContrailVrouterPhysicalInterface:
default: 'eth0'
description: vRouter physical interface
type: string
- VrouterGateway:
+ ContrailVrouterGateway:
default: '192.168.24.1'
description: vRouter default gateway
type: string
- VrouterNetmask:
+ ContrailVrouterNetmask:
default: '255.255.255.0'
description: vRouter netmask
type: string
ContrailBase:
type: ./contrail-base.yaml
properties:
+ ServiceData: {get_param: ServiceData}
ServiceNetMap: {get_param: ServiceNetMap}
DefaultPasswords: {get_param: DefaultPasswords}
EndpointMap: {get_param: EndpointMap}
config_settings:
map_merge:
- get_attr: [ContrailBase, role_data, config_settings]
- - contrail::vrouter::host_ip: {get_param: [ServiceNetMap, NeutronCorePluginOpencontrailNetwork]}
- contrail::vrouter::physical_interface: {get_param: VrouterPhysicalInterface}
- contrail::vrouter::gateway: {get_param: VrouterGateway}
- contrail::vrouter::netmask: {get_param: VrouterNetmask}
+ - contrail::vrouter::host_ip: {get_param: [ServiceNetMap, ContrailVrouterNetwork]}
+ contrail::vrouter::physical_interface: {get_param: ContrailVrouterPhysicalInterface}
+ contrail::vrouter::gateway: {get_param: ContrailVrouterGateway}
+ contrail::vrouter::netmask: {get_param: ContrailVrouterNetmask}
contrail::vrouter::metadata_proxy_shared_secret: {get_param: NeutronMetadataProxySharedSecret}
contrail::vrouter::is_tsn: 'true'
tripleo.neutron_compute_plugin_opencontrail.firewall_rules:
OpenStack Neutron Compute OpenContrail plugin
parameters:
+ ServiceData:
+ default: {}
+ description: Dictionary packing service data
+ type: json
ServiceNetMap:
default: {}
description: Mapping of service_name -> network name. Typically set
default: '255.255.255.0'
description: vRouter netmask
type: string
+ ContrailVrouterControlNodeIps:
+ description: List of Contrail Node IPs
+ type: comma_delimited_list
+ default: ''
resources:
ContrailBase:
type: ./contrail-base.yaml
properties:
+ ServiceData: {get_param: ServiceData}
ServiceNetMap: {get_param: ServiceNetMap}
DefaultPasswords: {get_param: DefaultPasswords}
EndpointMap: {get_param: EndpointMap}
config_settings:
map_merge:
- get_attr: [ContrailBase, role_data, config_settings]
- - contrail::vrouter::host_ip: {get_param: [ServiceNetMap, NeutronCorePluginOpencontrailNetwork]}
+ - contrail::vrouter::host_ip: {get_param: [ServiceNetMap, ContrailVrouterNetwork]}
contrail::vrouter::physical_interface: {get_param: ContrailVrouterPhysicalInterface}
contrail::vrouter::gateway: {get_param: ContrailVrouterGateway}
contrail::vrouter::netmask: {get_param: ContrailVrouterNetmask}
contrail::vrouter::metadata_proxy_shared_secret: {get_param: NeutronMetadataProxySharedSecret}
- tripleo.neutron_compute_plugin_opencontrail.firewall_rules:
- '111 neutron_compute_plugin_opencontrail proxy':
+ contrail::vrouter::control_node_ips: {get_param: ContrailVrouterControlNodeIps}
+ tripleo.contrail_vrouter.firewall_rules:
+ '111 contrail_vrouter_8085':
+ dport: 8085
+ '112 contrail_vrouter_8097':
dport: 8097
- proto: tcp
step_config: |
include ::tripleo::network::contrail::vrouter
and configures Contrail WebUI.
parameters:
+ ServiceData:
+ default: {}
+ description: Dictionary packing service data
+ type: json
ServiceNetMap:
default: {}
description: Mapping of service_name -> network name. Typically set
description: Mapping of service endpoint -> protocol. Typically set
via parameter_defaults in the resource registry.
type: json
+ ContrailWebuiHttp:
+ default: 8080
+ description: Contrail Webui http port
+ type: number
+ ContrailWebuiHttps:
+ default: 8143
+ description: Contrail Webui https port
+ type: number
resources:
ContrailBase:
type: ./contrail-base.yaml
properties:
+ ServiceData: {get_param: ServiceData}
ServiceNetMap: {get_param: ServiceNetMap}
DefaultPasswords: {get_param: DefaultPasswords}
EndpointMap: {get_param: EndpointMap}
config_settings:
map_merge:
- get_attr: [ContrailBase, role_data, config_settings]
- - contrail::webui::http_port: {get_param: [EndpointMap, ContrailWebuiHttpInternal, port] }
- contrail::webui::https_port: {get_param: [EndpointMap, ContrailWebuiHttpsInternal, port] }
+ - contrail::webui::http_port: {get_param: ContrailWebuiHttp }
+ contrail::webui::https_port: {get_param: ContrailWebuiHttps }
contrail::webui::redis_ip: '127.0.0.1'
step_config: |
include ::tripleo::network::contrail::webui
OpenStack Neutron Server configured with Puppet
parameters:
+ ServiceData:
+ default: {}
+ description: Dictionary packing service data
+ type: json
ServiceNetMap:
default: {}
description: Mapping of service_name -> network name. Typically set
description: Allow automatic l3-agent failover
type: string
NovaPassword:
- description: The password for the nova service and db account, used by nova-api.
+ description: The password for the nova service and db account
type: string
hidden: true
NeutronEnableDVR:
TLSProxyBase:
type: OS::TripleO::Services::TLSProxyBase
properties:
+ ServiceData: {get_param: ServiceData}
ServiceNetMap: {get_param: ServiceNetMap}
DefaultPasswords: {get_param: DefaultPasswords}
EndpointMap: {get_param: EndpointMap}
NeutronBase:
type: ./neutron-base.yaml
properties:
+ ServiceData: {get_param: ServiceData}
ServiceNetMap: {get_param: ServiceNetMap}
DefaultPasswords: {get_param: DefaultPasswords}
EndpointMap: {get_param: EndpointMap}
networks, neutron uses this value without modification. For overlay
networks such as VXLAN, neutron automatically subtracts the overlay
protocol overhead from this value.
+ ServiceData:
+ default: {}
+ description: Dictionary packing service data
+ type: json
ServiceNetMap:
default: {}
description: Mapping of service_name -> network name. Typically set
description: Mapping of service endpoint -> protocol. Typically set
via parameter_defaults in the resource registry.
type: json
+ NotificationDriver:
+ type: string
+ default: 'messagingv2'
+ description: Driver or drivers to handle sending notifications.
+ constraints:
+ - allowed_values: [ 'messagingv2', 'noop' ]
conditions:
dhcp_agents_zero: {equals : [{get_param: NeutronDhcpAgentsPerNetwork}, 0]}
neutron::rabbit_user: {get_param: RabbitUserName}
neutron::rabbit_use_ssl: {get_param: RabbitClientUseSSL}
neutron::rabbit_port: {get_param: RabbitClientPort}
+ neutron::notification_driver: {get_param: NotificationDriver}
neutron::core_plugin: {get_param: NeutronCorePlugin}
neutron::service_plugins: {get_param: NeutronServicePlugins}
neutron::debug:
BGPVPN API service configured with Puppet
parameters:
+ ServiceData:
+ default: {}
+ description: Dictionary packing service data
+ type: json
ServiceNetMap:
default: {}
description: Mapping of service_name -> network name. Typically set
Installs bigswitch agent and enables the services
parameters:
+ ServiceData:
+ default: {}
+ description: Dictionary packing service data
+ type: json
ServiceNetMap:
default: {}
description: Mapping of service_name -> network name. Typically set
OpenStack Neutron Compute Midonet plugin
parameters:
+ ServiceData:
+ default: {}
+ description: Dictionary packing service data
+ type: json
ServiceNetMap:
default: {}
description: Mapping of service_name -> network name. Typically set
OpenStack Neutron Compute Nuage plugin
parameters:
+ ServiceData:
+ default: {}
+ description: Dictionary packing service data
+ type: json
ServiceNetMap:
default: {}
description: Mapping of service_name -> network name. Typically set
via parameter_defaults in the resource registry.
type: json
NovaPassword:
- description: The password for the nova service account, used by nova-api.
+ description: The password for the nova service and db account
type: string
hidden: true
NuageMetadataPort:
default: {}
description: Parameters specific to the role
type: json
+ ServiceData:
+ default: {}
+ description: Dictionary packing service data
+ type: json
ServiceNetMap:
default: {}
description: Mapping of service_name -> network name. Typically set
OpenStack Neutron Compute Plumgrid plugin
parameters:
+ ServiceData:
+ default: {}
+ description: Dictionary packing service data
+ type: json
ServiceNetMap:
default: {}
description: Mapping of service_name -> network name. Typically set
OpenStack Neutron DHCP agent configured with Puppet
parameters:
+ ServiceData:
+ default: {}
+ description: Dictionary packing service data
+ type: json
ServiceNetMap:
default: {}
description: Mapping of service_name -> network name. Typically set
NeutronBase:
type: ./neutron-base.yaml
properties:
+ ServiceData: {get_param: ServiceData}
ServiceNetMap: {get_param: ServiceNetMap}
DefaultPasswords: {get_param: DefaultPasswords}
EndpointMap: {get_param: EndpointMap}
description: >
L2 Gateway agent configured with Puppet
parameters:
+ ServiceData:
+ default: {}
+ description: Dictionary packing service data
+ type: json
ServiceNetMap:
default: {}
description: Mapping of service_name -> network name. Typically set
L2 Gateway service plugin configured with Puppet
parameters:
+ ServiceData:
+ default: {}
+ description: Dictionary packing service data
+ type: json
ServiceNetMap:
default: {}
description: Mapping of service_name -> network name. Typically set
configured with Puppet
parameters:
+ ServiceData:
+ default: {}
+ description: Dictionary packing service data
+ type: json
ServiceNetMap:
default: {}
description: Mapping of service_name -> network name. Typically set
Debug:
type: string
default: ''
+ description: Set to True to enable debugging on all services.
MonitoringSubscriptionNeutronL3Dvr:
default: 'overcloud-neutron-l3-dvr'
type: string
NeutronBase:
type: ./neutron-base.yaml
properties:
+ ServiceData: {get_param: ServiceData}
ServiceNetMap: {get_param: ServiceNetMap}
DefaultPasswords: {get_param: DefaultPasswords}
EndpointMap: {get_param: EndpointMap}
OpenStack Neutron L3 agent configured with Puppet
parameters:
+ ServiceData:
+ default: {}
+ description: Dictionary packing service data
+ type: json
ServiceNetMap:
default: {}
description: Mapping of service_name -> network name. Typically set
Debug:
type: string
default: ''
+ description: Set to True to enable debugging on all services.
NeutronL3AgentMode:
description: |
Agent mode for L3 agent. Must be one of legacy or dvr_snat.
NeutronBase:
type: ./neutron-base.yaml
properties:
+ ServiceData: {get_param: ServiceData}
ServiceNetMap: {get_param: ServiceNetMap}
DefaultPasswords: {get_param: DefaultPasswords}
EndpointMap: {get_param: EndpointMap}
Neutron LBaaS service configured with Puppet
parameters:
+ ServiceData:
+ default: {}
+ description: Dictionary packing service data
+ type: json
ServiceNetMap:
default: {}
description: Mapping of service_name -> network name. Typically set
NeutronBase:
type: ./neutron-base.yaml
properties:
+ ServiceData: {get_param: ServiceData}
ServiceNetMap: {get_param: ServiceNetMap}
DefaultPasswords: {get_param: DefaultPasswords}
EndpointMap: {get_param: EndpointMap}
OpenStack Neutron Linuxbridge agent configured with Puppet.
parameters:
+ ServiceData:
+ default: {}
+ description: Dictionary packing service data
+ type: json
ServiceNetMap:
default: {}
description: Mapping of service_name -> network name. Typically set
NeutronBase:
type: ./neutron-base.yaml
properties:
+ ServiceData: {get_param: ServiceData}
ServiceNetMap: {get_param: ServiceNetMap}
DefaultPasswords: {get_param: DefaultPasswords}
EndpointMap: {get_param: EndpointMap}
OpenStack Neutron Metadata agent configured with Puppet
parameters:
+ ServiceData:
+ default: {}
+ description: Dictionary packing service data
+ type: json
ServiceNetMap:
default: {}
description: Mapping of service_name -> network name. Typically set
NeutronBase:
type: ./neutron-base.yaml
properties:
+ ServiceData: {get_param: ServiceData}
ServiceNetMap: {get_param: ServiceNetMap}
DefaultPasswords: {get_param: DefaultPasswords}
EndpointMap: {get_param: EndpointMap}
OpenStack Neutron Midonet plugin and services
parameters:
+ ServiceData:
+ default: {}
+ description: Dictionary packing service data
+ type: json
ServiceNetMap:
default: {}
description: Mapping of service_name -> network name. Typically set
OpenStack Neutron OVS agent configured with Puppet
parameters:
+ ServiceData:
+ default: {}
+ description: Dictionary packing service data
+ type: json
ServiceNetMap:
default: {}
description: Mapping of service_name -> network name. Typically set
type: comma_delimited_list
NeutronEnableDVR:
default: False
- description: |
- Enable support for distributed routing in the OVS Agent.
+ description: Enable Neutron DVR.
type: boolean
NeutronEnableARPResponder:
default: false
NeutronBase:
type: ./neutron-base.yaml
properties:
+ ServiceData: {get_param: ServiceData}
ServiceNetMap: {get_param: ServiceNetMap}
DefaultPasswords: {get_param: DefaultPasswords}
EndpointMap: {get_param: EndpointMap}
OpenStack Neutron OVS DPDK configured with Puppet for Compute Role
parameters:
+ ServiceData:
+ default: {}
+ description: Dictionary packing service data
+ type: json
ServiceNetMap:
default: {}
description: Mapping of service_name -> network name. Typically set
NeutronOvsAgent:
type: ./neutron-ovs-agent.yaml
properties:
+ ServiceData: {get_param: ServiceData}
ServiceNetMap: {get_param: ServiceNetMap}
DefaultPasswords: {get_param: DefaultPasswords}
EndpointMap: {get_param: EndpointMap}
Configure hieradata for Fujitsu C-Fabric plugin configuration
parameters:
+ ServiceData:
+ default: {}
+ description: Dictionary packing service data
+ type: json
ServiceNetMap:
default: {}
description: Mapping of service_name -> network name. Typically set
NeutronMl2Base:
type: ./neutron-plugin-ml2.yaml
properties:
+ ServiceData: {get_param: ServiceData}
ServiceNetMap: {get_param: ServiceNetMap}
DefaultPasswords: {get_param: DefaultPasswords}
EndpointMap: {get_param: EndpointMap}
description: Configure hieradata for Fujitsu fossw plugin configuration
parameters:
+ ServiceData:
+ default: {}
+ description: Dictionary packing service data
+ type: json
ServiceNetMap:
default: {}
description: Mapping of service_name -> network name. Typically set
NeutronMl2Base:
type: ./neutron-plugin-ml2.yaml
properties:
+ ServiceData: {get_param: ServiceData}
ServiceNetMap: {get_param: ServiceNetMap}
DefaultPasswords: {get_param: DefaultPasswords}
EndpointMap: {get_param: EndpointMap}
OpenStack Neutron ML2/OpenDaylight plugin configured with Puppet
parameters:
+ ServiceData:
+ default: {}
+ description: Dictionary packing service data
+ type: json
ServiceNetMap:
default: {}
description: Mapping of service_name -> network name. Typically set
NeutronMl2Base:
type: ./neutron-plugin-ml2.yaml
properties:
+ ServiceData: {get_param: ServiceData}
ServiceNetMap: {get_param: ServiceNetMap}
DefaultPasswords: {get_param: DefaultPasswords}
EndpointMap: {get_param: EndpointMap}
OpenStack Neutron ML2/OVN plugin configured with Puppet
parameters:
+ ServiceData:
+ default: {}
+ description: Dictionary packing service data
+ type: json
ServiceNetMap:
default: {}
description: Mapping of service_name -> network name. Typically set
NeutronMl2Base:
type: ./neutron-plugin-ml2.yaml
properties:
+ ServiceData: {get_param: ServiceData}
ServiceNetMap: {get_param: ServiceNetMap}
DefaultPasswords: {get_param: DefaultPasswords}
EndpointMap: {get_param: EndpointMap}
OpenStack Neutron ML2 Plugin configured with Puppet
parameters:
+ ServiceData:
+ default: {}
+ description: Dictionary packing service data
+ type: json
ServiceNetMap:
default: {}
description: Mapping of service_name -> network name. Typically set
default: 'datacentre:1:1000'
description: >
The Neutron ML2 and OpenVSwitch vlan mapping range to support. See the
- Neutron documentation for permitted values. Defaults to permitting any
- VLAN on the 'datacentre' physical network (See NeutronBridgeMappings).
+ Neutron documentation for permitted values. Defaults to permitting VLANs
+ 1 to 1000 on the 'datacentre' physical network (See NeutronBridgeMappings).
type: comma_delimited_list
NeutronTunnelIdRanges:
description: |
NeutronBase:
type: ./neutron-base.yaml
properties:
+ ServiceData: {get_param: ServiceData}
ServiceNetMap: {get_param: ServiceNetMap}
DefaultPasswords: {get_param: DefaultPasswords}
EndpointMap: {get_param: EndpointMap}
OpenStack Neutron NSX
parameters:
+ ServiceData:
+ default: {}
+ description: Dictionary packing service data
+ type: json
ServiceNetMap:
default: {}
description: Mapping of service_name -> network name. Typically set
OpenStack Neutron Nuage plugin
parameters:
+ ServiceData:
+ default: {}
+ description: Dictionary packing service data
+ type: json
ServiceNetMap:
default: {}
description: Mapping of service_name -> network name. Typically set
NeutronBase:
type: ./neutron-base.yaml
properties:
+ ServiceData: {get_param: ServiceData}
ServiceNetMap: {get_param: ServiceNetMap}
DefaultPasswords: {get_param: DefaultPasswords}
EndpointMap: {get_param: EndpointMap}
OpenStack Neutron Plumgrid plugin
parameters:
+ ServiceData:
+ default: {}
+ description: Dictionary packing service data
+ type: json
ServiceNetMap:
default: {}
description: Mapping of service_name -> network name. Typically set
OpenStack Neutron SR-IOV nic agent configured with Puppet
parameters:
+ ServiceData:
+ default: {}
+ description: Dictionary packing service data
+ type: json
ServiceNetMap:
default: {}
description: >
NeutronBase:
type: ./neutron-base.yaml
properties:
+ ServiceData: {get_param: ServiceData}
ServiceNetMap: {get_param: ServiceNetMap}
DefaultPasswords: {get_param: DefaultPasswords}
EndpointMap: {get_param: EndpointMap}
OpenStack Neutron ML2/VPP agent configured with Puppet
parameters:
+ ServiceData:
+ default: {}
+ description: Dictionary packing service data
+ type: json
ServiceNetMap:
default: {}
description: >
NeutronBase:
type: ./neutron-base.yaml
properties:
+ ServiceData: {get_param: ServiceData}
ServiceNetMap: {get_param: ServiceNetMap}
DefaultPasswords: {get_param: DefaultPasswords}
EndpointMap: {get_param: EndpointMap}
OpenStack Nova API service configured with Puppet
parameters:
+ ServiceData:
+ default: {}
+ description: Dictionary packing service data
+ type: json
ServiceNetMap:
default: {}
description: Mapping of service_name -> network name. Typically set
description: Number of workers for Nova services.
type: number
NovaPassword:
- description: The password for the nova service and db account, used by nova-api.
+ description: The password for the nova service and db account
type: string
hidden: true
KeystoneRegion:
NovaBase:
type: ./nova-base.yaml
properties:
+ ServiceData: {get_param: ServiceData}
ServiceNetMap: {get_param: ServiceNetMap}
DefaultPasswords: {get_param: DefaultPasswords}
EndpointMap: {get_param: EndpointMap}
OpenStack Nova base service. Shared for all Nova services.
parameters:
+ ServiceData:
+ default: {}
+ description: Dictionary packing service data
+ type: json
ServiceNetMap:
default: {}
description: Mapping of service_name -> network name. Typically set
type: string
default: 'regionOne'
description: Keystone region for endpoint
+ NotificationDriver:
+ type: string
+ default: 'messagingv2'
+ description: Driver or drivers to handle sending notifications.
+ constraints:
+ - allowed_values: [ 'messagingv2', 'noop' ]
NovaPassword:
- description: The password for the nova service and db account, used by nova-api.
+ description: The password for the nova service and db account
type: string
hidden: true
NeutronPassword:
nova::cinder_catalog_info: 'volumev2:cinderv2:internalURL'
nova::host: '%{::fqdn}'
nova::notify_on_state_change: 'vm_and_task_state'
- nova::notification_driver: messagingv2
+ nova::notification_driver: {get_param: NotificationDriver}
nova::network::neutron::neutron_auth_type: 'v3password'
nova::db::database_db_max_retries: -1
nova::db::database_max_retries: -1
OpenStack Nova Compute service configured with Puppet
parameters:
+ ServiceData:
+ default: {}
+ description: Dictionary packing service data
+ type: json
ServiceNetMap:
default: {}
description: Mapping of service_name -> network name. Typically set
SSH key for migration.
Expects a dictionary with keys 'public_key' and 'private_key'.
Values should be identical to SSH public/private key files.
- default: {}
+ default:
+ public_key: ''
+ private_key: ''
+ MigrationSshPort:
+ default: 22
+ description: Target port for migration over ssh
+ type: number
resources:
NovaBase:
type: ./nova-base.yaml
properties:
+ ServiceData: {get_param: ServiceData}
ServiceNetMap: {get_param: ServiceNetMap}
DefaultPasswords: {get_param: DefaultPasswords}
EndpointMap: {get_param: EndpointMap}
NovaPCIPassthrough: {get_param: NovaPCIPassthrough}
# we manage migration in nova common puppet profile
nova::compute::libvirt::migration_support: false
- tripleo::profile::base::nova::manage_migration: true
- tripleo::profile::base::nova::migration_ssh_key: {get_param: MigrationSshKey}
- tripleo::profile::base::nova::migration_ssh_localaddrs:
- - "%{hiera('cold_migration_ssh_inbound_addr')}"
- - "%{hiera('live_migration_ssh_inbound_addr')}"
- live_migration_ssh_inbound_addr: {get_param: [ServiceNetMap, NovaLibvirtNetwork]}
- cold_migration_ssh_inbound_addr: {get_param: [ServiceNetMap, NovaColdMigrationNetwork]}
- tripleo::profile::base::nova::nova_compute_enabled: true
+ tripleo::profile::base::nova::migration::client::nova_compute_enabled: true
+ tripleo::profile::base::nova::migration::client::ssh_private_key: {get_param: [ MigrationSshKey, private_key ]}
+ tripleo::profile::base::nova::migration::client::ssh_port: {get_param: MigrationSshPort}
nova::compute::rbd::libvirt_images_rbd_pool: {get_param: NovaRbdPoolName}
nova::compute::rbd::libvirt_rbd_user: {get_param: CephClientUserName}
tripleo::profile::base::nova::compute::cinder_nfs_backend: {get_param: CinderEnableNfsBackend}
OpenStack Nova Conductor service configured with Puppet
parameters:
+ ServiceData:
+ default: {}
+ description: Dictionary packing service data
+ type: json
ServiceNetMap:
default: {}
description: Mapping of service_name -> network name. Typically set
NovaBase:
type: ./nova-base.yaml
properties:
+ ServiceData: {get_param: ServiceData}
ServiceNetMap: {get_param: ServiceNetMap}
DefaultPasswords: {get_param: DefaultPasswords}
EndpointMap: {get_param: EndpointMap}
OpenStack Nova Consoleauth service configured with Puppet
parameters:
+ ServiceData:
+ default: {}
+ description: Dictionary packing service data
+ type: json
ServiceNetMap:
default: {}
description: Mapping of service_name -> network name. Typically set
NovaBase:
type: ./nova-base.yaml
properties:
+ ServiceData: {get_param: ServiceData}
ServiceNetMap: {get_param: ServiceNetMap}
DefaultPasswords: {get_param: DefaultPasswords}
EndpointMap: {get_param: EndpointMap}
OpenStack Nova Compute service configured with Puppet and using Ironic
parameters:
+ ServiceData:
+ default: {}
+ description: Dictionary packing service data
+ type: json
ServiceNetMap:
default: {}
description: Mapping of service_name -> network name. Typically set
NovaBase:
type: ./nova-base.yaml
properties:
+ ServiceData: {get_param: ServiceData}
ServiceNetMap: {get_param: ServiceNetMap}
DefaultPasswords: {get_param: DefaultPasswords}
EndpointMap: {get_param: EndpointMap}
Libvirt service configured with Puppet
parameters:
+ ServiceData:
+ default: {}
+ description: Dictionary packing service data
+ type: json
ServiceNetMap:
default: {}
description: Mapping of service_name -> network name. Typically set
description: Mapping of service endpoint -> protocol. Typically set
via parameter_defaults in the resource registry.
type: json
+ CephClientUserName:
+ default: openstack
+ type: string
+ CephClientKey:
+ description: The Ceph client key. Can be created with ceph-authtool --gen-print-key. Currently only used for external Ceph deployments to create the openstack user keyring.
+ type: string
+ hidden: true
+ CephClusterFSID:
+ type: string
+ description: The Ceph cluster FSID. Must be a UUID.
+ CinderEnableRbdBackend:
+ default: false
+ description: Whether to enable or not the Rbd backend for Cinder
+ type: boolean
NovaComputeLibvirtType:
type: string
default: kvm
the InternalTLSCAFile parameter) is not desired. The current
default reflects TripleO's default CA, which is FreeIPA.
It will only be used if internal TLS is enabled.
+ MigrationSshKey:
+ type: json
+ description: >
+ SSH key for migration.
+ Expects a dictionary with keys 'public_key' and 'private_key'.
+ Values should be identical to SSH public/private key files.
+ default:
+ public_key: ''
+ private_key: ''
+ MigrationSshPort:
+ default: 22
+ description: Target port for migration over ssh
+ type: number
conditions:
NovaBase:
type: ./nova-base.yaml
properties:
+ ServiceData: {get_param: ServiceData}
ServiceNetMap: {get_param: ServiceNetMap}
DefaultPasswords: {get_param: DefaultPasswords}
EndpointMap: {get_param: EndpointMap}
- nova::compute::libvirt::manage_libvirt_services: false
# we manage migration in nova common puppet profile
nova::compute::libvirt::migration_support: false
- tripleo::profile::base::nova::manage_migration: true
- tripleo::profile::base::nova::libvirt_enabled: true
+ nova::compute::rbd::libvirt_rbd_user: {get_param: CephClientUserName}
+ nova::compute::rbd::libvirt_rbd_secret_key: {get_param: CephClientKey}
+ nova::compute::rbd::libvirt_rbd_secret_uuid: {get_param: CephClusterFSID}
+ tripleo::profile::base::nova::migration::client::libvirt_enabled: true
+ tripleo::profile::base::nova::migration::client::ssh_private_key: {get_param: [ MigrationSshKey, private_key ]}
+ tripleo::profile::base::nova::migration::client::ssh_port: {get_param: MigrationSshPort}
nova::compute::libvirt::services::libvirt_virt_type: {get_param: NovaComputeLibvirtType}
nova::compute::libvirt::libvirt_virt_type: {get_param: NovaComputeLibvirtType}
nova::compute::libvirt::libvirt_enabled_perf_events: {get_param: LibvirtEnabledPerfEvents}
nova::compute::libvirt::qemu::max_files: 32768
nova::compute::libvirt::qemu::max_processes: 131072
nova::compute::libvirt::vncserver_listen: {get_param: [ServiceNetMap, NovaLibvirtNetwork]}
+ rbd_persistent_storage: {get_param: CinderEnableRbdBackend}
tripleo.nova_libvirt.firewall_rules:
'200 nova_libvirt':
dport:
- use_tls_for_live_migration
-
generate_service_certificates: true
- tripleo::profile::base::nova::libvirt_tls: true
+ tripleo::profile::base::nova::migration::client::libvirt_tls: true
nova::migration::libvirt::live_migration_inbound_addr:
str_replace:
template:
OpenStack Nova API service configured with Puppet
parameters:
+ ServiceData:
+ default: {}
+ description: Dictionary packing service data
+ type: json
ServiceNetMap:
default: {}
description: Mapping of service_name -> network name. Typically set
--- /dev/null
+heat_template_version: ocata
+
+description: >
+ OpenStack Nova migration target configured with Puppet
+
+parameters:
+ ServiceData:
+ default: {}
+ description: Dictionary packing service data
+ type: json
+ ServiceNetMap:
+ default: {}
+ description: Mapping of service_name -> network name. Typically set
+ via parameter_defaults in the resource registry. This
+ mapping overrides those in ServiceNetMapDefaults.
+ type: json
+ DefaultPasswords:
+ default: {}
+ type: json
+ RoleName:
+ default: ''
+ description: Role name on which the service is applied
+ type: string
+ RoleParameters:
+ default: {}
+ description: Parameters specific to the role
+ type: json
+ EndpointMap:
+ default: {}
+ description: Mapping of service endpoint -> protocol. Typically set
+ via parameter_defaults in the resource registry.
+ type: json
+ MigrationSshKey:
+ type: json
+ description: >
+ SSH key for migration.
+ Expects a dictionary with keys 'public_key' and 'private_key'.
+ Values should be identical to SSH public/private key files.
+ default:
+ public_key: ''
+ private_key: ''
+
+outputs:
+ role_data:
+ description: Role data for the Nova migration target service.
+ value:
+ service_name: nova_migration_target
+ config_settings:
+ tripleo::profile::base::nova::migration::target::ssh_authorized_keys:
+ - {get_param: [ MigrationSshKey, public_key ]}
+ tripleo::profile::base::nova::migration::target::ssh_localaddrs:
+ - "%{hiera('cold_migration_ssh_inbound_addr')}"
+ - "%{hiera('live_migration_ssh_inbound_addr')}"
+ live_migration_ssh_inbound_addr: {get_param: [ServiceNetMap, NovaLibvirtNetwork]}
+ cold_migration_ssh_inbound_addr: {get_param: [ServiceNetMap, NovaColdMigrationNetwork]}
+ step_config: |
+ include tripleo::profile::base::nova::migration::target
OpenStack Nova Placement API service configured with Puppet
parameters:
+ ServiceData:
+ default: {}
+ description: Dictionary packing service data
+ type: json
ServiceNetMap:
default: {}
description: Mapping of service_name -> network name. Typically set
description: Number of workers for Nova services.
type: number
NovaPassword:
- description: The password for the nova service and db account, used by nova-placement.
+ description: The password for the nova service and db account
type: string
hidden: true
KeystoneRegion:
ApacheServiceBase:
type: ./apache.yaml
properties:
+ ServiceData: {get_param: ServiceData}
ServiceNetMap: {get_param: ServiceNetMap}
DefaultPasswords: {get_param: DefaultPasswords}
EndpointMap: {get_param: EndpointMap}
NovaBase:
type: ./nova-base.yaml
properties:
+ ServiceData: {get_param: ServiceData}
ServiceNetMap: {get_param: ServiceNetMap}
DefaultPasswords: {get_param: DefaultPasswords}
EndpointMap: {get_param: EndpointMap}
OpenStack Nova Scheduler service configured with Puppet
parameters:
+ ServiceData:
+ default: {}
+ description: Dictionary packing service data
+ type: json
ServiceNetMap:
default: {}
description: Mapping of service_name -> network name. Typically set
NovaBase:
type: ./nova-base.yaml
properties:
+ ServiceData: {get_param: ServiceData}
ServiceNetMap: {get_param: ServiceNetMap}
DefaultPasswords: {get_param: DefaultPasswords}
EndpointMap: {get_param: EndpointMap}
OpenStack Nova Vncproxy service configured with Puppet
parameters:
+ ServiceData:
+ default: {}
+ description: Dictionary packing service data
+ type: json
ServiceNetMap:
default: {}
description: Mapping of service_name -> network name. Typically set
NovaBase:
type: ./nova-base.yaml
properties:
+ ServiceData: {get_param: ServiceData}
ServiceNetMap: {get_param: ServiceNetMap}
DefaultPasswords: {get_param: DefaultPasswords}
EndpointMap: {get_param: EndpointMap}
OpenStack Octavia API service.
parameters:
+ ServiceData:
+ default: {}
+ description: Dictionary packing service data
+ type: json
ServiceNetMap:
default: {}
description: Mapping of service_name -> network name. Typically set
OctaviaBase:
type: ./octavia-base.yaml
properties:
+ ServiceData: {get_param: ServiceData}
ServiceNetMap: {get_param: ServiceNetMap}
DefaultPasswords: {get_param: DefaultPasswords}
EndpointMap: {get_param: EndpointMap}
OpenStack Octavia base service. Shared for all Octavia services
parameters:
+ ServiceData:
+ default: {}
+ description: Dictionary packing service data
+ type: json
ServiceNetMap:
default: {}
description: Mapping of service_name -> network name. Typically set
default: 5672
description: Set rabbit subscriber port, change this if using SSL
type: number
+ NotificationDriver:
+ type: string
+ default: 'messagingv2'
+ description: Driver or drivers to handle sending notifications.
+ constraints:
+ - allowed_values: [ 'messagingv2', 'noop' ]
conditions:
service_debug_unset: {equals : [{get_param: OctaviaDebug}, '']}
- {get_param: Debug }
- {get_param: OctaviaDebug }
octavia::purge_config: {get_param: EnableConfigPurge}
+ octavia::notification_driver: {get_param: NotificationDriver}
octavia::rabbit_use_ssl: {get_param: RabbitClientUseSSL}
octavia::rabbit_userid: {get_param: RabbitUserName}
octavia::rabbit_password: {get_param: RabbitPassword}
OpenStack Octavia Health Manager service.
parameters:
+ ServiceData:
+ default: {}
+ description: Dictionary packing service data
+ type: json
ServiceNetMap:
default: {}
description: Mapping of service_name -> network name. Typically set
OctaviaBase:
type: ./octavia-base.yaml
properties:
+ ServiceData: {get_param: ServiceData}
ServiceNetMap: {get_param: ServiceNetMap}
DefaultPasswords: {get_param: DefaultPasswords}
EndpointMap: {get_param: EndpointMap}
OpenStack Octavia Housekeeping service.
parameters:
+ ServiceData:
+ default: {}
+ description: Dictionary packing service data
+ type: json
ServiceNetMap:
default: {}
description: Mapping of service_name -> network name. Typically set
OctaviaBase:
type: ./octavia-base.yaml
properties:
+ ServiceData: {get_param: ServiceData}
ServiceNetMap: {get_param: ServiceNetMap}
DefaultPasswords: {get_param: DefaultPasswords}
EndpointMap: {get_param: EndpointMap}
OpenStack Octavia Worker service.
parameters:
+ ServiceData:
+ default: {}
+ description: Dictionary packing service data
+ type: json
ServiceNetMap:
default: {}
description: Mapping of service_name -> network name. Typically set
OctaviaBase:
type: ./octavia-base.yaml
properties:
+ ServiceData: {get_param: ServiceData}
ServiceNetMap: {get_param: ServiceNetMap}
DefaultPasswords: {get_param: DefaultPasswords}
EndpointMap: {get_param: EndpointMap}
description: Mapping of service endpoint -> protocol. Typically set
via parameter_defaults in the resource registry.
type: json
+ ServiceData:
+ default: {}
+ description: Dictionary packing service data
+ type: json
ServiceNetMap:
default: {}
description: Mapping of service_name -> network name. Typically set
default: {}
description: Parameters specific to the role
type: json
+ OpenDaylightManageRepositories:
+ description: Whether to manage the OpenDaylight repository
+ type: boolean
+ default: false
outputs:
role_data:
opendaylight::enable_dhcp: {get_param: OpenDaylightEnableDHCP}
opendaylight::odl_bind_ip: {get_param: [ServiceNetMap, OpendaylightApiNetwork]}
opendaylight::nb_connection_protocol: {get_param: OpenDaylightConnectionProtocol}
+ opendaylight::manage_repositories: {get_param: OpenDaylightManageRepositories}
tripleo.opendaylight_api.firewall_rules:
'137 opendaylight api':
dport:
description: Mapping of service endpoint -> protocol. Typically set
via parameter_defaults in the resource registry.
type: json
+ ServiceData:
+ default: {}
+ description: Dictionary packing service data
+ type: json
ServiceNetMap:
default: {}
description: Mapping of service_name -> network name. Typically set
Ovs:
type: ./openvswitch.yaml
properties:
+ ServiceData: {get_param: ServiceData}
ServiceNetMap: {get_param: ServiceNetMap}
DefaultPasswords: {get_param: DefaultPasswords}
EndpointMap: {get_param: EndpointMap}
- opendaylight::odl_rest_port: {get_param: OpenDaylightPort}
opendaylight::username: {get_param: OpenDaylightUsername}
opendaylight::password: {get_param: OpenDaylightPassword}
+ neutron::plugins::ovs::opendaylight::odl_username: {get_param: OpenDaylightUsername}
+ neutron::plugins::ovs::opendaylight::odl_password: {get_param: OpenDaylightPassword}
opendaylight_check_url: {get_param: OpenDaylightCheckURL}
opendaylight::nb_connection_protocol: {get_param: OpenDaylightConnectionProtocol}
neutron::agents::ml2::ovs::local_ip: {get_param: [ServiceNetMap, NeutronTenantNetwork]}
Open vSwitch Configuration
parameters:
+ ServiceData:
+ default: {}
+ description: Dictionary packing service data
+ type: json
ServiceNetMap:
default: {}
description: Mapping of service_name -> network name. Typically set
owner: root
group: root
mode: 0750
+ - name: Make yum cache.
+ command: yum makecache
- name: Download OVS packages.
command: yumdownloader --destdir /root/OVS_UPGRADE --resolve openvswitch
- name: Get rpm list for manual upgrade of OVS.
OVN databases configured with puppet
parameters:
+ ServiceData:
+ default: {}
+ description: Dictionary packing service data
+ type: json
ServiceNetMap:
default: {}
description: Mapping of service_name -> network name. Typically set
Pacemaker service configured with Puppet
parameters:
+ ServiceData:
+ default: {}
+ description: Dictionary packing service data
+ type: json
ServiceNetMap:
default: {}
description: Mapping of service_name -> network name. Typically set
description: Whether to deploy a LoadBalancer on the Controller
type: boolean
- PacemakerResources:
- type: comma_delimited_list
- description: List of resources managed by pacemaker
- default: ['rabbitmq', 'galera']
-
outputs:
role_data:
description: Role data for the Pacemaker role.
async: 30
poll: 4
- name: Stop pacemaker cluster
- tags: step2
+ tags: step3
pacemaker_cluster: state=offline
- name: Start pacemaker cluster
tags: step4
pacemaker_cluster: state=online
- - name: Check pacemaker resource
- tags: step4
- pacemaker_is_active:
- resource: "{{ item }}"
- max_wait: 500
- with_items: {get_param: PacemakerResources}
- - name: Check pacemaker haproxy resource
- tags: step4
- pacemaker_is_active:
- resource: haproxy
- max_wait: 500
- when: {get_param: EnableLoadBalancer}
Ceph RBD mirror service.
parameters:
+ ServiceData:
+ default: {}
+ description: Dictionary packing service data
+ type: json
ServiceNetMap:
default: {}
description: Mapping of service_name -> network name. Typically set
CephBase:
type: ../ceph-base.yaml
properties:
+ ServiceData: {get_param: ServiceData}
ServiceNetMap: {get_param: ServiceNetMap}
DefaultPasswords: {get_param: DefaultPasswords}
EndpointMap: {get_param: EndpointMap}
CephClientUserName:
default: openstack
type: string
+ ServiceData:
+ default: {}
+ description: Dictionary packing service data
+ type: json
ServiceNetMap:
default: {}
description: Mapping of service_name -> network name. Typically set
CinderBackupBase:
type: ../cinder-backup.yaml
properties:
+ ServiceData: {get_param: ServiceData}
ServiceNetMap: {get_param: ServiceNetMap}
DefaultPasswords: {get_param: DefaultPasswords}
EndpointMap: {get_param: EndpointMap}
OpenStack Cinder Volume service with Pacemaker configured with Puppet
parameters:
+ ServiceData:
+ default: {}
+ description: Dictionary packing service data
+ type: json
ServiceNetMap:
default: {}
description: Mapping of service_name -> network name. Typically set
CinderVolumeBase:
type: ../cinder-volume.yaml
properties:
+ ServiceData: {get_param: ServiceData}
ServiceNetMap: {get_param: ServiceNetMap}
DefaultPasswords: {get_param: DefaultPasswords}
EndpointMap: {get_param: EndpointMap}
parameters:
#Parameters not used EndpointMap
+ ServiceData:
+ default: {}
+ description: Dictionary packing service data
+ type: json
ServiceNetMap:
default: {}
description: Mapping of service_name -> network name. Typically set
MysqlBase:
type: ../../database/mysql.yaml
properties:
+ ServiceData: {get_param: ServiceData}
ServiceNetMap: {get_param: ServiceNetMap}
DefaultPasswords: {get_param: DefaultPasswords}
EndpointMap: {get_param: EndpointMap}
OpenStack Redis service configured with Puppet
parameters:
+ ServiceData:
+ default: {}
+ description: Dictionary packing service data
+ type: json
ServiceNetMap:
default: {}
description: Mapping of service_name -> network name. Typically set
RedisBase:
type: ../../database/redis.yaml
properties:
+ ServiceData: {get_param: ServiceData}
ServiceNetMap: {get_param: ServiceNetMap}
DefaultPasswords: {get_param: DefaultPasswords}
EndpointMap: {get_param: EndpointMap}
HAproxy service with Pacemaker configured with Puppet
parameters:
+ ServiceData:
+ default: {}
+ description: Dictionary packing service data
+ type: json
ServiceNetMap:
default: {}
description: Mapping of service_name -> network name. Typically set
LoadbalancerServiceBase:
type: ../haproxy.yaml
properties:
+ ServiceData: {get_param: ServiceData}
ServiceNetMap: {get_param: ServiceNetMap}
DefaultPasswords: {get_param: DefaultPasswords}
EndpointMap: {get_param: EndpointMap}
The manila-share service with Pacemaker configured with Puppet
parameters:
+ ServiceData:
+ default: {}
+ description: Dictionary packing service data
+ type: json
ServiceNetMap:
default: {}
description: Mapping of service_name -> network name. Typically set
ManilaShareBase:
type: ../manila-share.yaml
properties:
+ ServiceData: {get_param: ServiceData}
ServiceNetMap: {get_param: ServiceNetMap}
DefaultPasswords: {get_param: DefaultPasswords}
EndpointMap: {get_param: EndpointMap}
OVN databases configured with puppet in HA mode
parameters:
+ ServiceData:
+ default: {}
+ description: Dictionary packing service data
+ type: json
ServiceNetMap:
default: {}
description: Mapping of service_name -> network name. Typically set
OVNDBsBase:
type: ../ovn-dbs.yaml
properties:
+ ServiceData: {get_param: ServiceData}
ServiceNetMap: {get_param: ServiceNetMap}
DefaultPasswords: {get_param: DefaultPasswords}
EndpointMap: {get_param: EndpointMap}
RabbitMQ service with Pacemaker configured with Puppet
parameters:
+ ServiceData:
+ default: {}
+ description: Dictionary packing service data
+ type: json
ServiceNetMap:
default: {}
description: Mapping of service_name -> network name. Typically set
RabbitMQServiceBase:
type: ../rabbitmq.yaml
properties:
+ ServiceData: {get_param: ServiceData}
ServiceNetMap: {get_param: ServiceNetMap}
DefaultPasswords: {get_param: DefaultPasswords}
EndpointMap: {get_param: EndpointMap}
Pacemaker remote service configured with Puppet
parameters:
+ ServiceData:
+ default: {}
+ description: Dictionary packing service data
+ type: json
ServiceNetMap:
default: {}
description: Mapping of service_name -> network name. Typically set
be disabled in future releases.
parameters:
+ ServiceData:
+ default: {}
+ description: Dictionary packing service data
+ type: json
ServiceNetMap:
default: {}
description: Mapping of service_name -> network name. Typically set
PankoBase:
type: ./panko-base.yaml
properties:
+ ServiceData: {get_param: ServiceData}
ServiceNetMap: {get_param: ServiceNetMap}
DefaultPasswords: {get_param: DefaultPasswords}
EndpointMap: {get_param: EndpointMap}
ApacheServiceBase:
type: ./apache.yaml
properties:
+ ServiceData: {get_param: ServiceData}
ServiceNetMap: {get_param: ServiceNetMap}
DefaultPasswords: {get_param: DefaultPasswords}
EndpointMap: {get_param: EndpointMap}
OpenStack Panko service configured with Puppet
parameters:
+ ServiceData:
+ default: {}
+ description: Dictionary packing service data
+ type: json
ServiceNetMap:
default: {}
description: Mapping of service_name -> network name. Typically set
Qpid dispatch router service configured with Puppet
parameters:
+ ServiceData:
+ default: {}
+ description: Dictionary packing service data
+ type: json
ServiceNetMap:
default: {}
description: Mapping of service_name -> network name. Typically set
type: json
RabbitUserName:
default: guest
- description: The username for Qdr
+ description: The username for RabbitMQ
type: string
RabbitPassword:
- description: The password for Qdr
+ description: The password for RabbitMQ
type: string
hidden: true
RabbitClientPort:
- description: Listening port for Qdr
+ description: Set rabbit subscriber port, change this if using SSL
default: 5672
type: number
MonitoringSubscriptionQdr:
RabbitMQ service configured with Puppet
parameters:
+ ServiceData:
+ default: {}
+ description: Dictionary packing service data
+ type: json
ServiceNetMap:
default: {}
description: Mapping of service_name -> network name. Typically set
NODE_PORT: ''
NODE_IP_ADDRESS: ''
RABBITMQ_NODENAME: "rabbit@%{::hostname}"
- RABBITMQ_SERVER_ERL_ARGS: '"+K true +P 1048576 -kernel inet_default_connect_options [{nodelay,true},{raw,6,18,<<5000:64/native>>}] -kernel inet_default_listen_options [{raw,6,18,<<5000:64/native>>}]"'
+ RABBITMQ_SERVER_ERL_ARGS: '"+K true +P 1048576 -kernel inet_default_connect_options [{nodelay,true},{raw,6,18,<<15000:64/native>>}] -kernel inet_default_listen_options [{raw,6,18,<<15000:64/native>>}]"'
'export ERL_EPMD_ADDRESS': "%{hiera('rabbitmq::interface')}"
rabbitmq_kernel_variables:
inet_dist_listen_min: '25672'
OpenStack Sahara API service configured with Puppet
parameters:
+ ServiceData:
+ default: {}
+ description: Dictionary packing service data
+ type: json
ServiceNetMap:
default: {}
description: Mapping of service_name -> network name. Typically set
SaharaBase:
type: ./sahara-base.yaml
properties:
+ ServiceData: {get_param: ServiceData}
ServiceNetMap: {get_param: ServiceNetMap}
DefaultPasswords: {get_param: DefaultPasswords}
EndpointMap: {get_param: EndpointMap}
OpenStack Sahara base service. Shared for all Sahara services.
parameters:
+ ServiceData:
+ default: {}
+ description: Dictionary packing service data
+ type: json
ServiceNetMap:
default: {}
description: Mapping of service_name -> network name. Typically set
default: ["ambari","cdh","mapr","vanilla","spark","storm"]
description: Sahara enabled plugin list
type: comma_delimited_list
+ NotificationDriver:
+ type: string
+ default: 'messagingv2'
+ description: Driver or drivers to handle sending notifications.
+ constraints:
+ - allowed_values: [ 'messagingv2', 'noop' ]
conditions:
service_debug_unset: {equals : [{get_param: SaharaDebug}, '']}
query:
read_default_file: /etc/my.cnf.d/tripleo.cnf
read_default_group: tripleo
+ sahara::notify::notification_driver: {get_param: NotificationDriver}
sahara::rabbit_password: {get_param: RabbitPassword}
sahara::rabbit_user: {get_param: RabbitUserName}
sahara::rabbit_use_ssl: {get_param: RabbitClientUseSSL}
OpenStack Sahara Engine service configured with Puppet
parameters:
+ ServiceData:
+ default: {}
+ description: Dictionary packing service data
+ type: json
ServiceNetMap:
default: {}
description: Mapping of service_name -> network name. Typically set
SaharaBase:
type: ./sahara-base.yaml
properties:
+ ServiceData: {get_param: ServiceData}
ServiceNetMap: {get_param: ServiceNetMap}
DefaultPasswords: {get_param: DefaultPasswords}
EndpointMap: {get_param: EndpointMap}
Configure securetty values
parameters:
+ ServiceData:
+ default: {}
+ description: Dictionary packing service data
+ type: json
ServiceNetMap:
default: {}
description: Mapping of service_name -> network name. Typically set
monitoring.
parameters:
+ ServiceData:
+ default: {}
+ description: Dictionary packing service data
+ type: json
ServiceNetMap:
default: {}
description: Mapping of service_name -> network name. Typically set
Configure sshd_config
parameters:
+ ServiceData:
+ default: {}
+ description: Dictionary packing service data
+ type: json
ServiceNetMap:
default: {}
description: Mapping of service_name -> network name. Typically set
OpenStack Swift Proxy service configured with Puppet
parameters:
+ ServiceData:
+ default: {}
+ description: Dictionary packing service data
+ type: json
ServiceNetMap:
default: {}
description: Mapping of service_name -> network name. Typically set
OpenStack Swift Proxy service configured with Puppet
parameters:
+ ServiceData:
+ default: {}
+ description: Dictionary packing service data
+ type: json
ServiceNetMap:
default: {}
description: Mapping of service_name -> network name. Typically set
description: Set to True to enable debugging on all services.
type: string
SwiftPassword:
- description: The password for the swift service account, used by the swift proxy services.
+ description: The password for the swift service account
type: string
hidden: true
SwiftProxyNodeTimeout:
SwiftBase:
type: ./swift-base.yaml
properties:
+ ServiceData: {get_param: ServiceData}
ServiceNetMap: {get_param: ServiceNetMap}
DefaultPasswords: {get_param: DefaultPasswords}
EndpointMap: {get_param: EndpointMap}
TLSProxyBase:
type: OS::TripleO::Services::TLSProxyBase
properties:
+ ServiceData: {get_param: ServiceData}
ServiceNetMap: {get_param: ServiceNetMap}
DefaultPasswords: {get_param: DefaultPasswords}
EndpointMap: {get_param: EndpointMap}
OpenStack Swift Ringbuilder
parameters:
+ ServiceData:
+ default: {}
+ description: Dictionary packing service data
+ type: json
ServiceNetMap:
default: {}
description: Mapping of service_name -> network name. Typically set
OpenStack Swift Storage service configured with Puppet
parameters:
+ ServiceData:
+ default: {}
+ description: Dictionary packing service data
+ type: json
ServiceNetMap:
default: {}
description: Mapping of service_name -> network name. Typically set
SwiftBase:
type: ./swift-base.yaml
properties:
+ ServiceData: {get_param: ServiceData}
ServiceNetMap: {get_param: ServiceNetMap}
DefaultPasswords: {get_param: DefaultPasswords}
EndpointMap: {get_param: EndpointMap}
- openstack-swift-container-updater
- openstack-swift-container
- openstack-swift-object-auditor
+ - openstack-swift-object-expirer
- openstack-swift-object-replicator
- openstack-swift-object-updater
- openstack-swift-object
OpenStack Tacker service configured with Puppet
parameters:
+ ServiceData:
+ default: {}
+ description: Dictionary packing service data
+ type: json
ServiceNetMap:
default: {}
description: Mapping of service_name -> network name. Typically set
Debug:
type: string
default: ''
+ description: Set to True to enable debugging on all services.
TackerDebug:
default: ''
description: Set to True to enable debugging Tacker service.
e.g. { tacker-context_is_admin: { key: context_is_admin, value: 'role:admin' } }
default: {}
type: json
+ NotificationDriver:
+ type: string
+ default: 'messagingv2'
+ description: Driver or drivers to handle sending notifications.
+ constraints:
+ - allowed_values: [ 'messagingv2', 'noop' ]
conditions:
service_debug_unset: {equals : [{get_param: TackerDebug}, '']}
- {get_param: Debug }
- {get_param: TackerDebug }
tacker::rpc_backend: rabbit
+ tacker::notification_driver: {get_param: NotificationDriver}
tacker::rabbit_userid: {get_param: RabbitUserName}
tacker::rabbit_password: {get_param: RabbitPassword}
tacker::rabbit_use_ssl: {get_param: RabbitClientUseSSL}
and configure NTP.
parameters:
+ ServiceData:
+ default: {}
+ description: Dictionary packing service data
+ type: json
ServiceNetMap:
default: {}
description: Mapping of service_name -> network name. Typically set
Composable Timezone service
parameters:
+ ServiceData:
+ default: {}
+ description: Dictionary packing service data
+ type: json
ServiceNetMap:
default: {}
description: Mapping of service_name -> network name. Typically set
TripleO Firewall settings
parameters:
+ ServiceData:
+ default: {}
+ description: Dictionary packing service data
+ type: json
ServiceNetMap:
default: {}
description: Mapping of service_name -> network name. Typically set
TripleO Package installation settings
parameters:
+ ServiceData:
+ default: {}
+ description: Dictionary packing service data
+ type: json
ServiceNetMap:
default: {}
description: Mapping of service_name -> network name. Typically set
type: json
EnablePackageInstall:
default: 'false'
- description: Set to true to enable package installation via Puppet
+ description: Set to true to enable package installation at deploy time
type: boolean
outputs:
--- /dev/null
+heat_template_version: ocata
+
+description: >
+ Configure tuned
+
+parameters:
+ ServiceData:
+ default: {}
+ description: Dictionary packing service data
+ type: json
+ ServiceNetMap:
+ default: {}
+ description: Mapping of service_name -> network name. Typically set
+ via parameter_defaults in the resource registry. This
+ mapping overrides those in ServiceNetMapDefaults.
+ type: json
+ DefaultPasswords:
+ default: {}
+ type: json
+ EndpointMap:
+ default: {}
+ description: Mapping of service endpoint -> protocol. Typically set
+ via parameter_defaults in the resource registry.
+ type: json
+ RoleName:
+ default: ''
+ description: Role name on which the service is applied
+ type: string
+ RoleParameters:
+ default: {}
+ description: Parameters specific to the role
+ type: json
+ TunedProfileName:
+ default: ''
+ description: Tuned Profile to apply to the host
+ type: string
+
+outputs:
+ role_data:
+ description: Role data for tuned
+ value:
+ service_name: tuned
+ config_settings:
+ map_replace:
+ - map_replace:
+ - tripleo::profile::base::tuned::profile: TunedProfileName
+ - values: {get_param: RoleParameters}
+ - values: {'TunedProfileName': {get_param: TunedProfileName}}
+ step_config: |
+ include ::tripleo::profile::base::tuned
--- /dev/null
+# Copyright (c) 2017 Veritas Technologies LLC.
+#
+# Licensed under the Apache License, Version 2.0 (the "License");
+# you may not use this file except in compliance with the License.
+# You may obtain a copy of the License at
+#
+# http://www.apache.org/licenses/LICENSE-2.0
+#
+# Unless required by applicable law or agreed to in writing, software
+# distributed under the License is distributed on an "AS IS" BASIS,
+# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+# See the License for the specific language governing permissions and
+# limitations under the License.
+heat_template_version: ocata
+
+description: >
+ Openstack Veritas HyperScale backend
+
+parameters:
+ VrtsRabbitPassword:
+ type: string
+ description: The Rabbitmq password of the hyperscale user. Mandatory.
+ VrtsKeystonePassword:
+ type: string
+ description: The Keystone password of the hyperscale service. Mandatory.
+ VrtsMysqlPassword:
+ type: string
+ description: The MySQL password of the hyperscale user. Mandatory.
+ VrtsCtrlMgmtIP:
+ type: string
+ default: ''
+ description: The management IP of HyperScale. The value will be inferred
+ from the rest of the deployment settings if left blank.
+ VrtsDashboardIP:
+ type: string
+ default: ''
+ description: The dashboard IP of HyperScale. The value will be inferred
+ from the rest of the deployment settings if left blank.
+ VrtsZookeeperIP:
+ type: string
+ description: The IP of a node where Zookeeper is configured. Mandatory.
+ VrtsSSHPassword:
+ type: string
+ description: The SSH password of the hyperscale user. Mandatory.
+ VrtsConfigParam1:
+ type: string
+ default: ''
+ description: Additional config parameter. Optional.
+ VrtsConfigParam2:
+ type: string
+ default: ''
+ description: Additional config parameter. Optional.
+ VrtsConfigParam3:
+ type: string
+ default: ''
+ description: Additional config parameter. Optional.
+ ServiceData:
+ default: {}
+ description: Dictionary packing service data
+ type: json
+ ServiceNetMap:
+ default: {}
+ description: Mapping of service_name -> network name. Typically set
+ via parameter_defaults in the resource registry. This
+ mapping overrides those in ServiceNetMapDefaults.
+ type: json
+ DefaultPasswords:
+ default: {}
+ type: json
+ RoleName:
+ default: ''
+ description: Role name on which the service is applied
+ type: string
+ RoleParameters:
+ default: {}
+ description: Parameters specific to the role
+ type: json
+ EndpointMap:
+ default: {}
+ type: json
+ description: Mapping of service endpoint -> protocol. Typically set
+ via parameter_defaults in the resource registry.
+
+outputs:
+ role_data:
+ description: Install Veritas HyperScale packages for controller.
+ value:
+ service_name: veritas_hyperscale_controller
+ config_settings:
+ global_config_settings:
+ vrts_ctrl_mgmt_ip: {get_param: VrtsCtrlMgmtIP}
+ vrts_dashboard_ip: {get_param: VrtsDashboardIP}
+ vrts_zookeeper_ip: {get_param: VrtsZookeeperIP}
+ vrts_ssh_passwd: {get_param: VrtsSSHPassword}
+ vrts_config_param1: {get_param: VrtsConfigParam1}
+ vrts_config_param2: {get_param: VrtsConfigParam2}
+ vrts_config_param3: {get_param: VrtsConfigParam3}
+ step_config: |
+ include ::veritas_hyperscale::controller_pkg_inst
+ service_config_settings:
+ rabbitmq:
+ vrts_rabbitmq_passwd: {get_param: VrtsRabbitPassword}
+ keystone:
+ vrts_keystone_passwd: {get_param: VrtsKeystonePassword}
+ mysql:
+ vrts_mysql_passwd: {get_param: VrtsMysqlPassword}
Vpp service configured with Puppet
parameters:
+ ServiceData:
+ default: {}
+ description: Dictionary packing service data
+ type: json
ServiceNetMap:
default: {}
description: Mapping of service_name -> network name. Typically set
Openstack Zaqar service. Shared for all Heat services.
parameters:
+ ServiceData:
+ default: {}
+ description: Dictionary packing service data
+ type: json
ServiceNetMap:
default: {}
description: Mapping of service_name -> network name. Typically set
type: string
description: Set the number of workers for zaqar::wsgi::apache
default: '%{::os_workers}'
+ ZaqarMessageStore:
+ type: string
+ description: The messaging store for Zaqar
+ default: mongodb
+ ZaqarManagementStore:
+ type: string
+ description: The management store for Zaqar
+ default: mongodb
EnableInternalTLS:
type: boolean
default: false
conditions:
zaqar_workers_zero: {equals : [{get_param: ZaqarWorkers}, 0]}
service_debug_unset: {equals : [{get_param: ZaqarDebug}, '']}
+ zaqar_messaging_store_swift: {equals : [{get_param: ZaqarMessageStore}, 'swift']}
+ zaqar_management_store_sqlalchemy: {equals : [{get_param: ZaqarManagementStore}, 'sqlalchemy']}
resources:
ApacheServiceBase:
type: ./apache.yaml
properties:
+ ServiceData: {get_param: ServiceData}
ServiceNetMap: {get_param: ServiceNetMap}
DefaultPasswords: {get_param: DefaultPasswords}
EndpointMap: {get_param: EndpointMap}
"%{hiera('fqdn_$NETWORK')}"
params:
$NETWORK: {get_param: [ServiceNetMap, ZaqarApiNetwork]}
+ zaqar::message_store: {get_param: ZaqarMessageStore}
+ zaqar::management_store: {get_param: ZaqarManagementStore}
+ -
+ if:
+ - zaqar_messaging_store_swift
+ -
+ zaqar::messaging::swift::uri:
+ list_join:
+ - ''
+ - ['swift://zaqar:', {get_param: ZaqarPassword}, '@/service']
+ zaqar::messaging::swift::auth_url: {get_param: [EndpointMap, KeystoneInternal, uri_no_suffix] }
+ tripleo::profile::base::zaqar::messaging_store: 'swift'
+ - {}
+ -
+ if:
+ - zaqar_management_store_sqlalchemy
+ -
+ tripleo::profile::base::zaqar::management_store: 'sqlalchemy'
+ zaqar::management::sqlalchemy::uri:
+ make_url:
+ scheme: {get_param: [EndpointMap, MysqlInternal, protocol]}
+ username: zaqar
+ password: {get_param: ZaqarPassword}
+ host: {get_param: [EndpointMap, MysqlInternal, host]}
+ path: /zaqar
+ query:
+ read_default_file: /etc/my.cnf.d/tripleo.cnf
+ read_default_group: tripleo
+ - {}
-
if:
- zaqar_workers_zero
- {}
- zaqar::wsgi::apache::workers: {get_param: ZaqarWorkers}
service_config_settings:
- keystone:
- zaqar::keystone::auth::password: {get_param: ZaqarPassword}
- zaqar::keystone::auth::public_url: {get_param: [EndpointMap, ZaqarPublic, uri]}
- zaqar::keystone::auth::admin_url: {get_param: [EndpointMap, ZaqarAdmin, uri]}
- zaqar::keystone::auth::internal_url: {get_param: [EndpointMap, ZaqarInternal, uri]}
- zaqar::keystone::auth::region: {get_param: KeystoneRegion}
- zaqar::keystone::auth::tenant: 'service'
- zaqar::keystone::auth_websocket::password: {get_param: ZaqarPassword}
- zaqar::keystone::auth_websocket::public_url: {get_param: [EndpointMap, ZaqarWebSocketPublic, uri]}
- zaqar::keystone::auth_websocket::admin_url: {get_param: [EndpointMap, ZaqarWebSocketAdmin, uri]}
- zaqar::keystone::auth_websocket::internal_url: {get_param: [EndpointMap, ZaqarWebSocketInternal, uri]}
- zaqar::keystone::auth_websocket::region: {get_param: KeystoneRegion}
- zaqar::keystone::auth_websocket::tenant: 'service'
-
+ map_merge:
+ - keystone:
+ zaqar::keystone::auth::password: {get_param: ZaqarPassword}
+ zaqar::keystone::auth::public_url: {get_param: [EndpointMap, ZaqarPublic, uri]}
+ zaqar::keystone::auth::admin_url: {get_param: [EndpointMap, ZaqarAdmin, uri]}
+ zaqar::keystone::auth::internal_url: {get_param: [EndpointMap, ZaqarInternal, uri]}
+ zaqar::keystone::auth::region: {get_param: KeystoneRegion}
+ zaqar::keystone::auth::tenant: 'service'
+ zaqar::keystone::auth_websocket::password: {get_param: ZaqarPassword}
+ zaqar::keystone::auth_websocket::public_url: {get_param: [EndpointMap, ZaqarWebSocketPublic, uri]}
+ zaqar::keystone::auth_websocket::admin_url: {get_param: [EndpointMap, ZaqarWebSocketAdmin, uri]}
+ zaqar::keystone::auth_websocket::internal_url: {get_param: [EndpointMap, ZaqarWebSocketInternal, uri]}
+ zaqar::keystone::auth_websocket::region: {get_param: KeystoneRegion}
+ zaqar::keystone::auth_websocket::tenant: 'service'
+ -
+ if:
+ - zaqar_management_store_sqlalchemy
+ - mysql:
+ zaqar::db::mysql::user: zaqar
+ zaqar::db::mysql::host: {get_param: [EndpointMap, MysqlInternal, host_nobrackets]}
+ zaqar::db::mysql::dbname: zaqar
+ zaqar::db::mysql::password: {get_param: ZaqarPassword}
+ zaqar::db::mysql::allowed_hosts:
+ - '%'
+ - "%{hiera('mysql_bind_host')}"
+ - {}
step_config: |
include ::tripleo::profile::base::zaqar
upgrade_tasks:
--- /dev/null
+---
+prelude: >
+ Deployment of Ceph in containers is implemented using a Mistral workflow.
+other:
+ - |
+ It is possible to deploy Ceph in docker containers in the overcloud. This
+ is implemented by triggering `ceph-ansible` via a Mistral workflow. A new
+ `CephAnsibleExtraConfig` parameter has been added to the templates and can
+ be used to provide arbitrary config variables consumed by `ceph-ansible`.
+ The pre-existing template params consumed by the TripleO Pike release to
+ drive `puppet-ceph` continue to work and are translated, when possible, into
+ their equivalent `ceph-ansible` variable. To enable the deployment of Ceph
+ in containers use `environments/ceph-ansible/ceph-ansible.yaml` when
+ deploying the overcloud.
\ No newline at end of file
--- /dev/null
+---
+deprecations:
+ - Deprecate and remove configuring clustering for
+ OpenDaylight container using an exec.
+ Configuration is now handled via puppet-opendaylight
+ using file resources.
--- /dev/null
+---
+features:
+ - Add support for Veritas HyperScale Cinder backend.
--- /dev/null
+---
+features:
+ - A new role ComputeOvsDpdk has been added to enable dynamic roles_data
+ creation with OVS-DPDK role.
--- /dev/null
+---
+features:
+ - |
+ This patch enables the configuration of Contrail DPDK on the Compute nodes
+ by specifying the required parameters in an environment file.
+fixes:
+ - |
+ The patch moves the Contrail control plane communication from the public
+ network to the internal_api network.
--- /dev/null
+---
+features:
+ - Add a new output, DeployedServerEnvironment, that can be used as
+ the contents of an environment file. This environment file can then be used
+ as input into a services only stack when using split-stack. The parameter
+ simplifies the manual steps needed to deploy split-stack.
--- /dev/null
+---
+features:
+ - Allows the configuration of the Neutron LBaaS
+ agent.
--- /dev/null
+---
+features:
+ - |
+ Allow to configure the Message Queue notification driver.
+ By default, we'll configure 'messagingv2' but we can now
+ override NotificationDriver parameter and set 'noop' when
+ we don't want notifications, which is the case when
+ we disable Telemetry services.
+deprecations:
+ - KeystoneNotificationDriver is deprecated in favor of NotificationDriver.
--- /dev/null
+---
+fixes:
+ - Fixing an issue where a custom password for the
+ OpenDaylight controller caused the TripleO deployment
+ to fail
--- /dev/null
+---
+fixes:
+ - |
+ Adding the ability to disable the OpenDaylight upstream repository.
+ Introducing the OpenDaylightManageRepositories parameter.
--- /dev/null
+---
+fixes:
+ - Fixed the openvswitch permission to allow ovs to access vhost
+ sockets created by qemu. This is a workaround until openvswitch
+ provides the actual solution.
+
--- /dev/null
+---
+features:
+ - Added new parameter san_private_key to configure SSH Private Key
+ for the PS Series cinder backend
--- /dev/null
+---
+other:
+ - |
+ Adds the ability to resolve network subnets from within
+ the service templates. The new ServiceData structure contains
+ a mapping like {network_name: cidr} in net_cidr_map.
\ No newline at end of file
--- /dev/null
+---
+features:
+ - Allows the user to set the tuned profile on a given
+ host. Defaults to throughput-performance.
--- /dev/null
+---
+features:
+ - |
+ Add Heat parameters which allow the end user to configure custom
+ management and messaging backends for MySQL and Swift.
--- /dev/null
+---
+features:
+ - |
+ Update undercloud default Heat parameters so we use the Zaqar swift/mysql
+ backends. This allows us to drop MongoDB from the undercloud.
# extensions coming with Sphinx (named 'sphinx.ext.*') or your custom
# ones.
extensions = [
- 'oslosphinx',
+ 'openstackdocstheme',
'reno.sphinxext',
]
# built documents.
#
# The full version, including alpha/beta/rc tags.
-release = '7.0.0.0b2'
+release = '7.0.0.0b3'
# The short X.Y version.
version = '7.0.0'
# The theme to use for HTML and HTML Help pages. See the documentation for
# a list of builtin themes.
-html_theme = 'default'
+html_theme = 'openstackdocs'
# Theme options are theme-specific and customize the look and feel of a theme
# further. For a list of options available for each theme, see the
# -- Options for Internationalization output ------------------------------
locale_dirs = ['locale/']
+
+# openstackdocstheme options
+repository_name = 'openstack/tripleo-heat-templates'
+bug_project = 'tripleo'
+bug_tag = 'documentation'
- OS::TripleO::Services::BlockStorageCinderVolume
- OS::TripleO::Services::CACerts
- OS::TripleO::Services::CertmongerUser
+ - OS::TripleO::Services::CinderBackendVRTSHyperScale
- OS::TripleO::Services::Collectd
- OS::TripleO::Services::Docker
- OS::TripleO::Services::FluentdClient
- OS::TripleO::Services::Timezone
- OS::TripleO::Services::TripleoFirewall
- OS::TripleO::Services::TripleoPackages
+ - OS::TripleO::Services::Tuned
- OS::TripleO::Services::Timezone
- OS::TripleO::Services::TripleoFirewall
- OS::TripleO::Services::TripleoPackages
+ - OS::TripleO::Services::Tuned
- OS::TripleO::Services::NeutronVppAgent
- OS::TripleO::Services::NovaCompute
- OS::TripleO::Services::NovaLibvirt
+ - OS::TripleO::Services::NovaMigrationTarget
- OS::TripleO::Services::Ntp
- OS::TripleO::Services::OpenDaylightOvs
- OS::TripleO::Services::Securetty
- OS::TripleO::Services::Timezone
- OS::TripleO::Services::TripleoFirewall
- OS::TripleO::Services::TripleoPackages
+ - OS::TripleO::Services::Tuned
- OS::TripleO::Services::Vpp
--- /dev/null
+###############################################################################
+# Role: ComputeHCI #
+###############################################################################
+- name: ComputeHCI
+ description: |
+ Compute Node role hosting Ceph OSD too
+ networks:
+ - InternalApi
+ - Tenant
+ - Storage
+ - StorageMgmt
+ disable_upgrade_deployment: True
+ ServicesDefault:
+ - OS::TripleO::Services::AuditD
+ - OS::TripleO::Services::CACerts
+ - OS::TripleO::Services::CephClient
+ - OS::TripleO::Services::CephExternal
+ - OS::TripleO::Services::CephOSD
+ - OS::TripleO::Services::CertmongerUser
+ - OS::TripleO::Services::Collectd
+ - OS::TripleO::Services::ComputeCeilometerAgent
+ - OS::TripleO::Services::ComputeNeutronCorePlugin
+ - OS::TripleO::Services::ComputeNeutronL3Agent
+ - OS::TripleO::Services::ComputeNeutronMetadataAgent
+ - OS::TripleO::Services::ComputeNeutronOvsAgent
+ - OS::TripleO::Services::Docker
+ - OS::TripleO::Services::FluentdClient
+ - OS::TripleO::Services::Iscsid
+ - OS::TripleO::Services::Kernel
+ - OS::TripleO::Services::MySQLClient
+ - OS::TripleO::Services::NeutronLinuxbridgeAgent
+ - OS::TripleO::Services::NeutronSriovAgent
+ - OS::TripleO::Services::NeutronVppAgent
+ - OS::TripleO::Services::NovaCompute
+ - OS::TripleO::Services::NovaLibvirt
+ - OS::TripleO::Services::NovaMigrationTarget
+ - OS::TripleO::Services::Ntp
+ - OS::TripleO::Services::OpenDaylightOvs
+ - OS::TripleO::Services::Securetty
+ - OS::TripleO::Services::SensuClient
+ - OS::TripleO::Services::Snmp
+ - OS::TripleO::Services::Sshd
+ - OS::TripleO::Services::Timezone
+ - OS::TripleO::Services::TripleoFirewall
+ - OS::TripleO::Services::TripleoPackages
+ - OS::TripleO::Services::Tuned
+ - OS::TripleO::Services::Vpp
--- /dev/null
+###############################################################################
+# Role: ComputeOvsDpdk #
+###############################################################################
+- name: ComputeOvsDpdk
+ description: |
+ Compute OvS DPDK Role
+ CountDefault: 1
+ networks:
+ - InternalApi
+ - Tenant
+ - Storage
+ HostnameFormatDefault: '%stackname%-computeovsdpdk-%index%'
+ disable_upgrade_deployment: True
+ ServicesDefault:
+ - OS::TripleO::Services::AuditD
+ - OS::TripleO::Services::CACerts
+ - OS::TripleO::Services::CephClient
+ - OS::TripleO::Services::CephExternal
+ - OS::TripleO::Services::CertmongerUser
+ - OS::TripleO::Services::Collectd
+ - OS::TripleO::Services::ComputeCeilometerAgent
+ - OS::TripleO::Services::ComputeNeutronCorePlugin
+ - OS::TripleO::Services::ComputeNeutronL3Agent
+ - OS::TripleO::Services::ComputeNeutronMetadataAgent
+ - OS::TripleO::Services::ComputeNeutronOvsDpdk
+ - OS::TripleO::Services::Docker
+ - OS::TripleO::Services::FluentdClient
+ - OS::TripleO::Services::Iscsid
+ - OS::TripleO::Services::Kernel
+ - OS::TripleO::Services::MySQLClient
+ - OS::TripleO::Services::NovaCompute
+ - OS::TripleO::Services::NovaLibvirt
+ - OS::TripleO::Services::Ntp
+ - OS::TripleO::Services::OpenDaylightOvs
+ - OS::TripleO::Services::Securetty
+ - OS::TripleO::Services::SensuClient
+ - OS::TripleO::Services::Snmp
+ - OS::TripleO::Services::Sshd
+ - OS::TripleO::Services::Timezone
+ - OS::TripleO::Services::TripleoFirewall
+ - OS::TripleO::Services::TripleoPackages
- OS::TripleO::Services::CinderBackendDellSc
- OS::TripleO::Services::CinderBackendNetApp
- OS::TripleO::Services::CinderBackendScaleIO
+ - OS::TripleO::Services::CinderBackendVRTSHyperScale
- OS::TripleO::Services::CinderBackup
- OS::TripleO::Services::CinderHPELeftHandISCSI
- OS::TripleO::Services::CinderScheduler
- OS::TripleO::Services::Timezone
- OS::TripleO::Services::TripleoFirewall
- OS::TripleO::Services::TripleoPackages
+ - OS::TripleO::Services::Tuned
- OS::TripleO::Services::Vpp
- OS::TripleO::Services::Zaqar
- OS::TripleO::Services::Horizon
- OS::TripleO::Services::IronicApi
- OS::TripleO::Services::IronicConductor
+ - OS::TripleO::Services::Iscsid
- OS::TripleO::Services::Keepalived
- OS::TripleO::Services::Kernel
- OS::TripleO::Services::Keystone
- OS::TripleO::Services::Timezone
- OS::TripleO::Services::TripleoFirewall
- OS::TripleO::Services::TripleoPackages
+ - OS::TripleO::Services::Tuned
- OS::TripleO::Services::Vpp
- OS::TripleO::Services::Zaqar
- OS::TripleO::Services::Timezone
- OS::TripleO::Services::TripleoFirewall
- OS::TripleO::Services::TripleoPackages
-
+ - OS::TripleO::Services::Tuned
- OS::TripleO::Services::Timezone
- OS::TripleO::Services::TripleoFirewall
- OS::TripleO::Services::TripleoPackages
+ - OS::TripleO::Services::Tuned
- OS::TripleO::Services::Timezone
- OS::TripleO::Services::TripleoFirewall
- OS::TripleO::Services::TripleoPackages
+ - OS::TripleO::Services::Tuned
- OS::TripleO::Services::Timezone
- OS::TripleO::Services::TripleoFirewall
- OS::TripleO::Services::TripleoPackages
-
+ - OS::TripleO::Services::Tuned
- OS::TripleO::Services::Timezone
- OS::TripleO::Services::TripleoFirewall
- OS::TripleO::Services::TripleoPackages
+ - OS::TripleO::Services::Tuned
BlockStorage
CephStorage
Compute
+ ComputeOvsDpdk
Controller
ControllerOpenstack
Database
* OS::TripleO::Services::ComputeNeutronOvsAgent
* OS::TripleO::Services::Docker
* OS::TripleO::Services::FluentdClient
+ * OS::TripleO::Services::Iscsid
* OS::TripleO::Services::Kernel
* OS::TripleO::Services::MySQLClient
* OS::TripleO::Services::NeutronSriovAgent
* OS::TripleO::Services::NeutronVppAgent
* OS::TripleO::Services::NovaCompute
* OS::TripleO::Services::NovaLibvirt
+ * OS::TripleO::Services::NovaMigrationTarget
* OS::TripleO::Services::Ntp
* OS::TripleO::Services::OpenDaylightOvs
* OS::TripleO::Services::Securetty
- OS::TripleO::Services::Timezone
- OS::TripleO::Services::TripleoFirewall
- OS::TripleO::Services::TripleoPackages
-
+ - OS::TripleO::Services::Tuned
- OS::TripleO::Services::MistralApi
- OS::TripleO::Services::MistralEngine
- OS::TripleO::Services::MistralExecutor
- - OS::TripleO::Services::MongoDb
- OS::TripleO::Services::MySQL
- OS::TripleO::Services::NeutronApi
- OS::TripleO::Services::NeutronCorePlugin
- OS::TripleO::Services::SwiftProxy
- OS::TripleO::Services::SwiftRingBuilder
- OS::TripleO::Services::SwiftStorage
+ - OS::TripleO::Services::Tuned
- OS::TripleO::Services::UndercloudAodhApi
- OS::TripleO::Services::UndercloudAodhEvaluator
- OS::TripleO::Services::UndercloudAodhListener
- OS::TripleO::Services::CinderBackendDellSc
- OS::TripleO::Services::CinderBackendNetApp
- OS::TripleO::Services::CinderBackendScaleIO
+ - OS::TripleO::Services::CinderBackendVRTSHyperScale
- OS::TripleO::Services::CinderBackup
- OS::TripleO::Services::CinderHPELeftHandISCSI
- OS::TripleO::Services::CinderScheduler
- OS::TripleO::Services::Timezone
- OS::TripleO::Services::TripleoFirewall
- OS::TripleO::Services::TripleoPackages
+ - OS::TripleO::Services::Tuned
- OS::TripleO::Services::Vpp
- OS::TripleO::Services::Zaqar
###############################################################################
- OS::TripleO::Services::NeutronVppAgent
- OS::TripleO::Services::NovaCompute
- OS::TripleO::Services::NovaLibvirt
+ - OS::TripleO::Services::NovaMigrationTarget
- OS::TripleO::Services::Ntp
- OS::TripleO::Services::OpenDaylightOvs
- OS::TripleO::Services::Securetty
- OS::TripleO::Services::Timezone
- OS::TripleO::Services::TripleoFirewall
- OS::TripleO::Services::TripleoPackages
+ - OS::TripleO::Services::Tuned
- OS::TripleO::Services::Vpp
###############################################################################
# Role: BlockStorage #
- OS::TripleO::Services::BlockStorageCinderVolume
- OS::TripleO::Services::CACerts
- OS::TripleO::Services::CertmongerUser
+ - OS::TripleO::Services::CinderBackendVRTSHyperScale
- OS::TripleO::Services::Collectd
- OS::TripleO::Services::Docker
- OS::TripleO::Services::FluentdClient
- OS::TripleO::Services::Timezone
- OS::TripleO::Services::TripleoFirewall
- OS::TripleO::Services::TripleoPackages
+ - OS::TripleO::Services::Tuned
###############################################################################
# Role: ObjectStorage #
###############################################################################
- OS::TripleO::Services::Timezone
- OS::TripleO::Services::TripleoFirewall
- OS::TripleO::Services::TripleoPackages
+ - OS::TripleO::Services::Tuned
###############################################################################
# Role: CephStorage #
###############################################################################
- OS::TripleO::Services::Timezone
- OS::TripleO::Services::TripleoFirewall
- OS::TripleO::Services::TripleoPackages
+ - OS::TripleO::Services::Tuned
- OS::TripleO::Services::MistralApi
- OS::TripleO::Services::MistralEngine
- OS::TripleO::Services::MistralExecutor
- - OS::TripleO::Services::MongoDb
- OS::TripleO::Services::MySQL
- OS::TripleO::Services::NeutronApi
- OS::TripleO::Services::NeutronCorePlugin
- OS::TripleO::Services::SwiftProxy
- OS::TripleO::Services::SwiftRingBuilder
- OS::TripleO::Services::SwiftStorage
+ - OS::TripleO::Services::Tuned
- OS::TripleO::Services::UndercloudAodhApi
- OS::TripleO::Services::UndercloudAodhEvaluator
- OS::TripleO::Services::UndercloudAodhListener
NovaEnableRbdBackend: True
GlanceBackend: rbd
GnocchiBackend: rbd
+ resource_registry:
+ OS::TripleO::Services::CephMon: ../../puppet/services/ceph-mon.yaml
+ OS::TripleO::Services::CephOSD: ../../puppet/services/ceph-osd.yaml
+ OS::TripleO::Services::CephClient: ../../puppet/services/ceph-client.yaml
description: |
Include this environment to enable Ceph as the backend for
Cinder, Nova, Gnocchi, and Glance.
+++ /dev/null
-#FIXME move into common when specfile adds it
-heat_template_version: pike
-
-description: >
- Utility stack to convert an array of services into a set of combined
- role configs.
-
-parameters:
- Services:
- default: []
- description: |
- List nested stack service templates.
- type: comma_delimited_list
- ServiceNetMap:
- default: {}
- description: Mapping of service_name -> network name. Typically set
- via parameter_defaults in the resource registry. This
- mapping overrides those in ServiceNetMapDefaults.
- type: json
- EndpointMap:
- default: {}
- description: Mapping of service endpoint -> protocol. Typically set
- via parameter_defaults in the resource registry.
- type: json
- DefaultPasswords:
- default: {}
- description: Mapping of service -> default password. Used to help
- pass top level passwords managed by Heat into services.
- type: json
- RoleName:
- default: ''
- description: Role name on which the service is applied
- type: string
- RoleParameters:
- description: Role Specific parameters to be provided to service
- default: {}
- type: json
-
-resources:
-
- ServiceChain:
- type: OS::Heat::ResourceChain
- properties:
- resources: {get_param: Services}
- concurrent: true
- resource_properties:
- ServiceNetMap: {get_param: ServiceNetMap}
- EndpointMap: {get_param: EndpointMap}
- DefaultPasswords: {get_param: DefaultPasswords}
- RoleName: {get_param: RoleName}
- RoleParameters: {get_param: RoleParameters}
-
- LoggingConfiguration:
- type: OS::TripleO::LoggingConfiguration
-
- ServiceServerMetadataHook:
- type: OS::TripleO::ServiceServerMetadataHook
- properties:
- RoleData: {get_attr: [ServiceChain, role_data]}
-
-outputs:
- role_data:
- description: Combined Role data for this set of services.
- value:
- service_names:
- {get_attr: [ServiceChain, role_data, service_name]}
- monitoring_subscriptions:
- yaql:
- expression: list($.data.role_data.where($ != null).select($.get('monitoring_subscription')).where($ != null))
- data: {role_data: {get_attr: [ServiceChain, role_data]}}
- logging_sources:
- # Transform the individual logging_source configuration from
- # each service in the chain into a global list, adding some
- # default configuration at the same time.
- yaql:
- expression: >
- let(
- default_format => $.data.default_format,
- pos_file_path => $.data.pos_file_path,
- sources => $.data.sources.flatten()
- ) ->
- $sources.where($ != null).select({
- 'type' => 'tail',
- 'tag' => $.tag,
- 'path' => $.path,
- 'format' => $.get('format', $default_format),
- 'pos_file' => $.get('pos_file', $pos_file_path + '/' + $.tag + '.pos')
- })
- data:
- sources:
- - {get_attr: [LoggingConfiguration, LoggingDefaultSources]}
- - yaql:
- expression: list($.data.role_data.where($ != null).select($.get('logging_source')).where($ != null))
- data: {role_data: {get_attr: [ServiceChain, role_data]}}
-
- - {get_attr: [LoggingConfiguration, LoggingExtraSources]}
- default_format: {get_attr: [LoggingConfiguration, LoggingDefaultFormat]}
- pos_file_path: {get_attr: [LoggingConfiguration, LoggingPosFilePath]}
- logging_groups:
- # Build a list of unique groups to which we should add the
- # fluentd user.
- yaql:
- expression: >
- set(($.data.default + $.data.extra + $.data.role_data.where($ != null).select($.get('logging_groups'))).flatten()).where($)
- data:
- default: {get_attr: [LoggingConfiguration, LoggingDefaultGroups]}
- extra: {get_attr: [LoggingConfiguration, LoggingExtraGroups]}
- role_data: {get_attr: [ServiceChain, role_data]}
- config_settings: {map_merge: {get_attr: [ServiceChain, role_data, config_settings]}}
- global_config_settings:
- map_merge:
- yaql:
- expression: list($.data.role_data.where($ != null).select($.get('global_config_settings')).where($ != null))
- data: {role_data: {get_attr: [ServiceChain, role_data]}}
- service_config_settings:
- yaql:
- expression: $.data.role_data.where($ != null).select($.get('service_config_settings')).where($ != null).reduce($1.mergeWith($2), {})
- data: {role_data: {get_attr: [ServiceChain, role_data]}}
- service_workflow_tasks:
- yaql:
- expression: $.data.role_data.where($ != null).select($.get('service_workflow_tasks')).where($ != null).reduce($1.mergeWith($2), {})
- data: {role_data: {get_attr: [ServiceChain, role_data]}}
- step_config: {get_attr: [ServiceChain, role_data, step_config]}
- upgrade_tasks:
- yaql:
- # Note we use distinct() here to filter any identical tasks, e.g yum update for all services
- expression: $.data.where($ != null).select($.get('upgrade_tasks')).where($ != null).flatten().distinct()
- data: {get_attr: [ServiceChain, role_data]}
- upgrade_batch_tasks:
- yaql:
- # Note we use distinct() here to filter any identical tasks, e.g yum update for all services
- expression: $.data.where($ != null).select($.get('upgrade_batch_tasks')).where($ != null).flatten().distinct()
- data: {get_attr: [ServiceChain, role_data]}
- service_metadata_settings: {get_attr: [ServiceServerMetadataHook, metadata]}
-
- # Keys to support docker/services
- puppet_config: {get_attr: [ServiceChain, role_data, puppet_config]}
- kolla_config:
- map_merge: {get_attr: [ServiceChain, role_data, kolla_config]}
- docker_config:
- {get_attr: [ServiceChain, role_data, docker_config]}
- docker_puppet_tasks:
- {get_attr: [ServiceChain, role_data, docker_puppet_tasks]}
- host_prep_tasks:
- yaql:
- # Note we use distinct() here to filter any identical tasks
- expression: $.data.where($ != null).select($.get('host_prep_tasks')).where($ != null).flatten().distinct()
- data: {get_attr: [ServiceChain, role_data]}
# The order of packages is significant, because pip processes them in the order
# of appearance. Changing the order has an impact on the overall integration
# process, which may cause wedges in the gate later.
+openstackdocstheme>=1.11.0 # Apache-2.0
PyYAML>=3.10.0 # MIT
Jinja2!=2.9.0,!=2.9.1,!=2.9.2,!=2.9.3,!=2.9.4,>=2.8 # BSD License (3 clause)
six>=1.9.0 # MIT
sphinx>=1.6.2 # BSD
-oslosphinx>=4.7.0 # Apache-2.0
reno!=2.3.1,>=1.8.0 # Apache-2.0
coverage!=4.4,>=4.0 # Apache-2.0
fixtures>=3.0.0 # Apache-2.0/BSD
required_params = ['EndpointMap', 'ServiceNetMap', 'DefaultPasswords',
- 'RoleName', 'RoleParameters']
+ 'RoleName', 'RoleParameters', 'ServiceData']
# NOTE(bnemec): The duplication in this list is intentional. For the
# transition to generated environments we have two copies of these files,
'tls-endpoints-public-ip.yaml',
'tls-everywhere-endpoints-dns.yaml']
ENDPOINT_MAP_FILE = 'endpoint_map.yaml'
+OPTIONAL_SECTIONS = ['service_workflow_tasks']
REQUIRED_DOCKER_SECTIONS = ['service_name', 'docker_config', 'puppet_config',
'config_settings', 'step_config']
OPTIONAL_DOCKER_SECTIONS = ['docker_puppet_tasks', 'upgrade_tasks',
'ExternalAllocationPools': ['default'],
'StorageNetCidr': ['default'],
'StorageAllocationPools': ['default'],
- 'StorageMgmtNetCidr': ['default'],
+ 'StorageMgmtNetCidr': ['default',
+ # FIXME
+ 'description'],
'StorageMgmtAllocationPools': ['default'],
+ 'TenantNetCidr': ['default'],
+ 'TenantAllocationPools': ['default'],
+ 'InternalApiNetCidr': ['default'],
+ 'UpdateIdentifier': ['description'],
+ # TODO(bnemec): Address these existing
+ # inconsistencies.
+ 'NeutronMetadataProxySharedSecret': [
+ 'description', 'hidden'],
+ 'ServiceNetMap': ['description', 'default'],
+ 'EC2MetadataIp': ['default'],
+ 'network': ['default'],
+ 'ControlPlaneIP': ['default',
+ 'description'],
+ 'ControlPlaneIp': ['default',
+ 'description'],
+ 'NeutronBigswitchLLDPEnabled': ['default'],
+ 'NeutronEnableL2Pop': ['description'],
+ 'NeutronWorkers': ['description'],
+ 'TenantIpSubnet': ['description'],
+ 'ExternalNetName': ['description'],
+ 'ControlPlaneDefaultRoute': ['default'],
+ 'StorageMgmtNetName': ['description'],
+ 'ServerMetadata': ['description'],
+ 'InternalApiIpUri': ['description'],
+ 'UpgradeLevelNovaCompute': ['default'],
+ 'StorageMgmtIpUri': ['description'],
+ 'server': ['description'],
+ 'servers': ['description'],
+ 'FixedIPs': ['description'],
+ 'ExternalIpSubnet': ['description'],
+ 'NeutronBridgeMappings': ['description'],
+ 'ExtraConfig': ['description'],
+ 'InternalApiIpSubnet': ['description'],
+ 'DefaultPasswords': ['description',
+ 'default'],
+ 'BondInterfaceOvsOptions': ['description',
+ 'default',
+ 'constraints'],
+ 'KeyName': ['constraints'],
+ 'TenantNetName': ['description'],
+ 'StorageIpSubnet': ['description'],
+ 'OVNSouthboundServerPort': ['description'],
+ 'ExternalInterfaceDefaultRoute':
+ ['description', 'default'],
+ 'ExternalIpUri': ['description'],
+ 'IPPool': ['description'],
+ 'ControlPlaneNetwork': ['description'],
+ 'SSLCertificate': ['description',
+ 'default',
+ 'hidden'],
+ 'HostCpusList': ['default', 'constraints'],
+ 'InternalApiAllocationPools': ['default'],
+ 'NodeIndex': ['description'],
+ 'name': ['description', 'default'],
+ 'StorageNetName': ['description'],
+ 'ManagementNetName': ['description'],
+ 'NeutronPublicInterface': ['description'],
+ 'RoleParameters': ['description'],
+ 'ManagementInterfaceDefaultRoute':
+ ['default'],
+ 'image': ['description', 'default'],
+ 'NeutronBigswitchAgentEnabled': ['default'],
+ 'EndpointMap': ['description', 'default'],
+ 'DockerManilaConfigImage': ['description',
+ 'default'],
+ 'NetworkName': ['default', 'description'],
+ 'StorageIpUri': ['description'],
+ 'InternalApiNetName': ['description'],
+ 'NeutronTunnelTypes': ['description'],
+ 'replacement_policy': ['default'],
+ 'StorageMgmtIpSubnet': ['description'],
+ 'CloudDomain': ['description', 'default'],
+ 'key_name': ['default', 'description'],
+ 'EnableLoadBalancer': ['description'],
+ 'ControllerExtraConfig': ['description'],
+ 'NovaComputeExtraConfig': ['description'],
+ 'controllerExtraConfig': ['description'],
+ 'DockerSwiftConfigImage': ['default'],
}
PREFERRED_CAMEL_CASE = {
env_services_list = env_tpl['parameter_defaults']['ComputeServices']
env_services_list.remove('OS::TripleO::Services::CephOSD')
roles_filename = os.path.join(os.path.dirname(env_filename),
- '../roles_data.yaml')
+ '../roles/Compute.yaml')
roles_tpl = yaml.load(open(roles_filename).read())
for role in roles_tpl:
if role['name'] == 'Compute':
roles_services_list = role['ServicesDefault']
if sorted(env_services_list) != sorted(roles_services_list):
- print('ERROR: ComputeServices in %s is different '
- 'from ServicesDefault in roles_data.yaml' % env_filename)
+ print('ERROR: ComputeServices in %s is different from '
+ 'ServicesDefault in roles/Compute.yaml' % env_filename)
+ return 1
+ return 0
+
+
+def validate_hci_computehci_role(hci_role_filename, hci_role_tpl):
+ compute_role_filename = os.path.join(os.path.dirname(hci_role_filename),
+ './Compute.yaml')
+ compute_role_tpl = yaml.load(open(compute_role_filename).read())
+ compute_role_services = compute_role_tpl[0]['ServicesDefault']
+ for role in hci_role_tpl:
+ if role['name'] == 'ComputeHCI':
+ hci_role_services = role['ServicesDefault']
+ hci_role_services.remove('OS::TripleO::Services::CephOSD')
+ if sorted(hci_role_services) != sorted(compute_role_services):
+ print('ERROR: ServicesDefault in %s is different from'
+ 'ServicesDefault in roles/Compute.yaml' % hci_role_filename)
return 1
return 0
else:
if section_name in OPTIONAL_DOCKER_SECTIONS:
continue
+ elif section_name in OPTIONAL_SECTIONS:
+ continue
else:
print('ERROR: %s is extra in role_data for %s.'
% (section_name, filename))
if 'docker_config' in role_data:
docker_config = role_data['docker_config']
for _, step in docker_config.items():
+ if not isinstance(step, dict):
+ # NOTE(mandre) this skips everything that is not a dict
+ # so we may ignore some containers definitions if they
+ # are in a map_merge for example
+ continue
for _, container in step.items():
if not isinstance(container, dict):
- # NOTE(mandre) this skips everything that is not a dict
- # so we may ignore some containers definitions if they
- # are in a map_merge for example
continue
command = container.get('command', '')
if isinstance(command, list):
if filename.endswith('hyperconverged-ceph.yaml'):
retval = validate_hci_compute_services_default(filename, tpl)
+ if filename.startswith('./roles/ComputeHCI.yaml'):
+ retval = validate_hci_computehci_role(filename, tpl)
+
except Exception:
print(traceback.format_exc())
return 1
# If all items in the list are not == the first, then the check fails
if check_data.count(check_data[0]) != len(check_data):
mismatch_count += 1
- # TODO(bnemec): Make this a hard failure once all the templates have
- # been fixed.
- #exit_val |= 1
- #failed_files.extend([d['filename'] for d in defs])
+ exit_val |= 1
+ failed_files.extend([d['filename'] for d in defs])
print('Mismatched parameter definitions found for "%s"' % p)
print('Definitions found:')
for d in defs:
PING_CMD=ping6
fi
until [ $COUNT -ge $TIMES ]; do
- if $PING_CMD -w 300 -c 1 $IP_ADDR &> /dev/null; then
+ if $PING_CMD -w 10 -c 1 $IP_ADDR &> /dev/null; then
echo "Ping to $IP_ADDR succeeded."
return 0
fi
echo "Ping to $IP_ADDR failed. Retrying..."
COUNT=$(($COUNT + 1))
+ sleep 60
done
return 1
}