* validation-scripts: validation scripts useful to all deployment
configurations
+
+
+Service testing matrix
+----------------------
+
+The configuration for the CI scenarios will be defined in `tripleo-heat-templates/ci/`
+and should be executed according to the following table:
+
++----------------+-------------+-------------+-------------+-------------+-----------------+
+| - | scenario001 | scenario002 | scenario003 | scenario004 | multinode-nonha |
++================+=============+=============+=============+=============+=================+
+| keystone | X | X | X | X | X |
++----------------+-------------+-------------+-------------+-------------+-----------------+
+| glance | file | swift | file | file | swift |
++----------------+-------------+-------------+-------------+-------------+-----------------+
+| cinder | rbd | iscsi | | | iscsi |
++----------------+-------------+-------------+-------------+-------------+-----------------+
+| heat | X | X | X | X | X |
++----------------+-------------+-------------+-------------+-------------+-----------------+
+| mysql | X | X | X | X | X |
++----------------+-------------+-------------+-------------+-------------+-----------------+
+| neutron | ovs | ovs | ovs | ovs | X |
++----------------+-------------+-------------+-------------+-------------+-----------------+
+| rabbitmq | X | X | X | X | X |
++----------------+-------------+-------------+-------------+-------------+-----------------+
+| mongodb | X | X | | | |
++----------------+-------------+-------------+-------------+-------------+-----------------+
+| redis | X | | | | |
++----------------+-------------+-------------+-------------+-------------+-----------------+
+| haproxy | X | X | X | X | X |
++----------------+-------------+-------------+-------------+-------------+-----------------+
+| keepalived | X | X | X | X | X |
++----------------+-------------+-------------+-------------+-------------+-----------------+
+| memcached | X | X | X | X | X |
++----------------+-------------+-------------+-------------+-------------+-----------------+
+| pacemaker | X | X | X | X | X |
++----------------+-------------+-------------+-------------+-------------+-----------------+
+| nova | qemu | qemu | qemu | qemu | X |
++----------------+-------------+-------------+-------------+-------------+-----------------+
+| ntp | X | X | X | X | X |
++----------------+-------------+-------------+-------------+-------------+-----------------+
+| snmp | X | X | X | X | X |
++----------------+-------------+-------------+-------------+-------------+-----------------+
+| timezone | X | X | X | X | X |
++----------------+-------------+-------------+-------------+-------------+-----------------+
+| sahara | | | X | | |
++----------------+-------------+-------------+-------------+-------------+-----------------+
+| mistral | | | X | | |
++----------------+-------------+-------------+-------------+-------------+-----------------+
+| swift | | X | | | X |
++----------------+-------------+-------------+-------------+-------------+-----------------+
+| aodh | X | | | | |
++----------------+-------------+-------------+-------------+-------------+-----------------+
+| ceilometer | X | | | | |
++----------------+-------------+-------------+-------------+-------------+-----------------+
+| gnocchi | X | | | | |
++----------------+-------------+-------------+-------------+-------------+-----------------+
+| panko | X | | | | |
++----------------+-------------+-------------+-------------+-------------+-----------------+
+| barbican | | X | | | |
++----------------+-------------+-------------+-------------+-------------+-----------------+
+| zaqar | | X | | | |
++----------------+-------------+-------------+-------------+-------------+-----------------+
+| cephrgw | | X | | X | |
++----------------+-------------+-------------+-------------+-------------+-----------------+
-heat_template_version: 2015-04-30
+heat_template_version: ocata
description: >
Software Config to drive validations that occur on all nodes.
-heat_template_version: 2015-04-30
+heat_template_version: ocata
description: 'Bootstrap Config'
parameters:
-heat_template_version: 2015-04-30
+heat_template_version: ocata
description: >
Software Config to drive os-net-config for a simple bridge configured
OS::TripleO::Services::CephMon: /usr/share/openstack-tripleo-heat-templates/puppet/services/ceph-mon.yaml
OS::TripleO::Services::CephOSD: /usr/share/openstack-tripleo-heat-templates/puppet/services/ceph-osd.yaml
OS::TripleO::Services::CephClient: /usr/share/openstack-tripleo-heat-templates/puppet/services/ceph-client.yaml
+ OS::TripleO::Services::PankoApi: /usr/share/openstack-tripleo-heat-templates/puppet/services/panko-api.yaml
parameter_defaults:
ControllerServices:
- OS::TripleO::Services::GnocchiApi
- OS::TripleO::Services::GnocchiMetricd
- OS::TripleO::Services::GnocchiStatsd
+ - OS::TripleO::Services::PankoApi
- OS::TripleO::Services::CephMon
- OS::TripleO::Services::CephOSD
- OS::TripleO::Services::CephClient
nova::compute::libvirt::services::libvirt_virt_type: qemu
nova::compute::libvirt::libvirt_virt_type: qemu
Debug: true
+ SwiftCeilometerPipelineEnabled: false
# we don't deploy Swift so we switch to file backend.
GlanceBackend: 'file'
KeystoneTokenProvider: 'fernet'
+ SwiftCeilometerPipelineEnabled: false
CephMonKey: 'AQC+Ox1VmEr3BxAALZejqeHj50Nj6wJDvs96OQ=='
CephAdminKey: 'AQDLOh1VgEp6FRAAFzT7Zw+Y9V6JJExQAsRnRQ=='
CephClientKey: 'AQC+vYNXgDAgAhAAc8UoYt+OTz5uhV7ItLdwUw=='
+ SwiftCeilometerPipelineEnabled: false
-heat_template_version: 2013-05-23
+heat_template_version: ocata
description: >
HOT template to created resources deployed by scenario001.
-heat_template_version: 2013-05-23
+heat_template_version: ocata
description: >
HOT template to created resources deployed by scenario002.
-heat_template_version: 2013-05-23
+heat_template_version: ocata
description: >
HOT template to created resources deployed by scenario003.
-heat_template_version: 2013-05-23
+heat_template_version: ocata
description: >
HOT template to created resources deployed by scenario004.
--- /dev/null
+#!/bin/bash
+#
+# Used environment variables:
+#
+# - Hostname
+# - FreeIPAIP
+# - DirectoryManagerPassword
+# - AdminPassword
+# - UndercloudFQDN
+# - HostsSecret
+#
+set -eux
+
+if [ -f "~/freeipa-setup.env" ]; then
+ source ~/freeipa-setup.env
+elif [ -f "/tmp/freeipa-setup.env" ]; then
+ source /tmp/freeipa-setup.env
+fi
+
+# Set DNS servers
+echo "nameserver 8.8.8.8" >> /etc/resolv.conf
+echo "nameserver 8.8.4.4" >> /etc/resolv.conf
+
+yum -q -y remove openstack-dashboard
+
+# Install the needed packages
+yum -q install -y ipa-server ipa-server-dns epel-release rng-tools mod_nss
+yum -q install -y haveged
+
+# Prepare hostname
+hostnamectl set-hostname --static $Hostname
+
+echo $FreeIPAIP `hostname` | tee -a /etc/hosts
+
+# Set iptables rules
+cat << EOF > freeipa-iptables-rules.txt
+# Firewall configuration written by system-config-firewall
+# Manual customization of this file is not recommended.
+*filter
+:INPUT ACCEPT [0:0]
+:FORWARD ACCEPT [0:0]
+:OUTPUT ACCEPT [0:0]
+-A INPUT -m state --state ESTABLISHED,RELATED -j ACCEPT
+-A INPUT -p icmp -j ACCEPT
+-A INPUT -i lo -j ACCEPT
+-A INPUT -m state --state NEW -m tcp -p tcp --dport 22 -j ACCEPT
+#TCP ports for FreeIPA
+-A INPUT -m state --state NEW -m tcp -p tcp --dport 80 -j ACCEPT
+-A INPUT -m state --state NEW -m tcp -p tcp --dport 443 -j ACCEPT
+-A INPUT -m state --state NEW -m tcp -p tcp --dport 389 -j ACCEPT
+-A INPUT -m state --state NEW -m tcp -p tcp --dport 636 -j ACCEPT
+-A INPUT -m state --state NEW -m tcp -p tcp --dport 88 -j ACCEPT
+-A INPUT -m state --state NEW -m tcp -p tcp --dport 464 -j ACCEPT
+-A INPUT -m state --state NEW -m tcp -p tcp --dport 53 -j ACCEPT
+#UDP ports for FreeIPA
+-A INPUT -m state --state NEW -m udp -p udp --dport 88 -j ACCEPT
+-A INPUT -m state --state NEW -m udp -p udp --dport 464 -j ACCEPT
+-A INPUT -m state --state NEW -m udp -p udp --dport 123 -j ACCEPT
+-A INPUT -m state --state NEW -m udp -p udp --dport 53 -j ACCEPT
+-A INPUT -j REJECT --reject-with icmp-host-prohibited
+-A FORWARD -j REJECT --reject-with icmp-host-prohibited
+COMMIT
+EOF
+
+iptables-restore < freeipa-iptables-rules.txt
+
+# Entropy generation; otherwise, ipa-server-install will lag.
+chkconfig haveged on
+systemctl start haveged
+
+# Remove conflicting httpd configuration
+rm -f /etc/httpd/conf.d/ssl.conf
+
+# Set up FreeIPA
+ipa-server-install -U -r `hostname -d|tr "[a-z]" "[A-Z]"` \
+ -p $DirectoryManagerPassword -a $AdminPassword \
+ --hostname `hostname -f`
+
+# Authenticate
+echo $AdminPassword | kinit admin
+
+# Verify we have TGT
+klist
+
+if [ "$?" = '1' ]; then
+ exit 1
+fi
+
+# Create undercloud host
+ipa host-add $UndercloudFQDN --password=$HostsSecret --force
+
+# Create overcloud nodes and services
+git clone https://github.com/JAORMX/freeipa-tripleo-incubator.git
+cd freeipa-tripleo-incubator
+python create_ipa_tripleo_host_setup.py -w $HostsSecret -d $(hostname -d) \
+ --controller-count 1 --compute-count 1
-heat_template_version: 2016-10-14
+heat_template_version: ocata
description: Passwords we manage at the top level
+++ /dev/null
-heat_template_version: 2014-10-16
-
-parameters:
- Hostname:
- type: string
-
-resources:
-
- ControlPlanePort:
- type: OS::Neutron::Port
- properties:
- network: ctlplane
- name:
- list_join:
- - '-'
- - - {get_param: Hostname}
- - ctlplane
- - port
- replacement_policy: AUTO
-
-outputs:
- ip_address:
- value: {get_attr: [ControlPlanePort, fixed_ips, 0, ip_address]}
--- /dev/null
+heat_template_version: ocata
+
+description: "
+ A fake OS::Neutron::Port stack which outputs fixed_ips and subnets based on
+ the input from the DeployedServerPortMap (set via parameter_defaults). This
+ lookup requires the use of port naming conventions. In order for this to work
+ with deployed-server the keys should be <hostname>-<network>.
+ Example:
+ parameter_defaults:
+ DeployedServerPortMap:
+ gatsby_ctlplane:
+ fixed_ips:
+ - ip_address: 127.0.0.1
+ subnets:
+ - cidr: 24"
+
+parameters:
+ name:
+ default: ''
+ type: string
+ network:
+ default: ''
+ type: string
+ fixed_ips:
+ default: ''
+ type: comma_delimited_list
+ replacement_policy:
+ default: ''
+ type: string
+ DeployedServerPortMap:
+ default: {}
+ type: json
+
+
+outputs:
+ fixed_ips:
+ value:
+ {get_param: [DeployedServerPortMap, {get_param: name}, fixed_ips]}
+ subnets:
+ value:
+ {get_param: [DeployedServerPortMap, {get_param: name}, subnets]}
+ name:
+ value: {get_param: name}
+ status:
+ value: DOWN
+ allowed_address_pairs:
+ value: {}
+ device_id:
+ value: ''
+ device_owner:
+ value: {get_param: network}
+ dns_assignment:
+ value: ''
+ port_security_enabled:
+ value: False
+ admin_state_up:
+ value: False
+ security_groups:
+ value: {}
+ network_id:
+ value: ''
+ tenant_id:
+ value: ''
+ qos_policy_id:
+ value: ''
+ mac_address:
+ value: ''
+++ /dev/null
-heat_template_version: 2014-10-16
-parameters:
- user_data_format:
- type: string
- default: SOFTWARE_CONFIG
-
-resources:
- # We just need something which returns a unique ID, but we can't
- # use RandomString because RefId returns the value, not the physical
- # resource ID, SoftwareConfig should work as it returns a UUID
- deployed-server-config:
- type: OS::Heat::SoftwareConfig
-
-outputs:
- # FIXME(shardy) this is needed because TemplateResource returns an
- # ARN not a UUID, which overflows the Deployment server_id column..
- user_data_format:
- value: SOFTWARE_CONFIG
- OS::stack_id:
- value: {get_resource: deployed-server-config}
-
-
--- /dev/null
+# Specifies which roles (groups of nodes) will be deployed
+# Note this is used as an input to the various *.j2.yaml
+# jinja2 templates, so that they are converted into *.yaml
+# during the plan creation (via a mistral action/workflow).
+#
+# The format is a list, with the following format:
+#
+# * name: (string) mandatory, name of the role, must be unique
+#
+# CountDefault: (number) optional, default number of nodes, defaults to 0
+# sets the default for the {{role.name}}Count parameter in overcloud.yaml
+#
+# HostnameFormatDefault: (string) optional default format string for hostname
+# defaults to '%stackname%-{{role.name.lower()}}-%index%'
+# sets the default for {{role.name}}HostnameFormat parameter in overcloud.yaml
+#
+# disable_constraints: (boolean) optional, whether to disable Nova and Glance
+# constraints for each role specified in the templates.
+#
+# ServicesDefault: (list) optional default list of services to be deployed
+# on the role, defaults to an empty list. Sets the default for the
+# {{role.name}}Services parameter in overcloud.yaml
+
+- name: Controller
+ CountDefault: 1
+ disable_constraints: True
+ ServicesDefault:
+ - OS::TripleO::Services::CACerts
+ - OS::TripleO::Services::CephMon
+ - OS::TripleO::Services::CephExternal
+ - OS::TripleO::Services::CephRgw
+ - OS::TripleO::Services::CinderApi
+ - OS::TripleO::Services::CinderBackup
+ - OS::TripleO::Services::CinderScheduler
+ - OS::TripleO::Services::CinderVolume
+ - OS::TripleO::Services::Core
+ - OS::TripleO::Services::Kernel
+ - OS::TripleO::Services::Keystone
+ - OS::TripleO::Services::GlanceApi
+ - OS::TripleO::Services::GlanceRegistry
+ - OS::TripleO::Services::HeatApi
+ - OS::TripleO::Services::HeatApiCfn
+ - OS::TripleO::Services::HeatApiCloudwatch
+ - OS::TripleO::Services::HeatEngine
+ - OS::TripleO::Services::MySQL
+ - OS::TripleO::Services::NeutronDhcpAgent
+ - OS::TripleO::Services::NeutronL3Agent
+ - OS::TripleO::Services::NeutronMetadataAgent
+ - OS::TripleO::Services::NeutronApi
+ - OS::TripleO::Services::NeutronCorePlugin
+ - OS::TripleO::Services::NeutronOvsAgent
+ - OS::TripleO::Services::RabbitMQ
+ - OS::TripleO::Services::HAproxy
+ - OS::TripleO::Services::Keepalived
+ - OS::TripleO::Services::Memcached
+ - OS::TripleO::Services::Pacemaker
+ - OS::TripleO::Services::Redis
+ - OS::TripleO::Services::NovaConductor
+ - OS::TripleO::Services::MongoDb
+ - OS::TripleO::Services::NovaApi
+ - OS::TripleO::Services::NovaMetadata
+ - OS::TripleO::Services::NovaScheduler
+ - OS::TripleO::Services::NovaConsoleauth
+ - OS::TripleO::Services::NovaVncProxy
+ - OS::TripleO::Services::Ntp
+ - OS::TripleO::Services::SwiftProxy
+ - OS::TripleO::Services::SwiftStorage
+ - OS::TripleO::Services::SwiftRingBuilder
+ - OS::TripleO::Services::Snmp
+ - OS::TripleO::Services::Timezone
+ - OS::TripleO::Services::CeilometerApi
+ - OS::TripleO::Services::CeilometerCollector
+ - OS::TripleO::Services::CeilometerExpirer
+ - OS::TripleO::Services::CeilometerAgentCentral
+ - OS::TripleO::Services::CeilometerAgentNotification
+ - OS::TripleO::Services::Horizon
+ - OS::TripleO::Services::GnocchiApi
+ - OS::TripleO::Services::GnocchiMetricd
+ - OS::TripleO::Services::GnocchiStatsd
+ - OS::TripleO::Services::ManilaApi
+ - OS::TripleO::Services::ManilaScheduler
+ - OS::TripleO::Services::ManilaBackendGeneric
+ - OS::TripleO::Services::ManilaBackendNetapp
+ - OS::TripleO::Services::ManilaBackendCephFs
+ - OS::TripleO::Services::ManilaShare
+ - OS::TripleO::Services::AodhApi
+ - OS::TripleO::Services::AodhEvaluator
+ - OS::TripleO::Services::AodhNotifier
+ - OS::TripleO::Services::AodhListener
+ - OS::TripleO::Services::SaharaApi
+ - OS::TripleO::Services::SaharaEngine
+ - OS::TripleO::Services::IronicApi
+ - OS::TripleO::Services::IronicConductor
+ - OS::TripleO::Services::NovaIronic
+ - OS::TripleO::Services::TripleoPackages
+ - OS::TripleO::Services::TripleoFirewall
+ - OS::TripleO::Services::OpenDaylightApi
+ - OS::TripleO::Services::OpenDaylightOvs
+ - OS::TripleO::Services::SensuClient
+ - OS::TripleO::Services::FluentdClient
+ - OS::TripleO::Services::BarbicanApi
+ - OS::TripleO::Services::PankoApi
+ - OS::TripleO::Services::Zaqar
+ - OS::TripleO::Services::OVNDBs
+
+- name: Compute
+ CountDefault: 1
+ HostnameFormatDefault: '%stackname%-novacompute-%index%'
+ disable_constraints: True
+ ServicesDefault:
+ - OS::TripleO::Services::CACerts
+ - OS::TripleO::Services::CephClient
+ - OS::TripleO::Services::CephExternal
+ - OS::TripleO::Services::Timezone
+ - OS::TripleO::Services::Ntp
+ - OS::TripleO::Services::Snmp
+ - OS::TripleO::Services::NovaCompute
+ - OS::TripleO::Services::NovaLibvirt
+ - OS::TripleO::Services::Kernel
+ - OS::TripleO::Services::ComputeNeutronCorePlugin
+ - OS::TripleO::Services::ComputeNeutronOvsAgent
+ - OS::TripleO::Services::ComputeCeilometerAgent
+ - OS::TripleO::Services::ComputeNeutronL3Agent
+ - OS::TripleO::Services::ComputeNeutronMetadataAgent
+ - OS::TripleO::Services::TripleoPackages
+ - OS::TripleO::Services::TripleoFirewall
+ - OS::TripleO::Services::NeutronSriovAgent
+ - OS::TripleO::Services::OpenDaylightOvs
+ - OS::TripleO::Services::SensuClient
+ - OS::TripleO::Services::FluentdClient
+
+- name: BlockStorage
+ disable_constraints: True
+ ServicesDefault:
+ - OS::TripleO::Services::CACerts
+ - OS::TripleO::Services::BlockStorageCinderVolume
+ - OS::TripleO::Services::Kernel
+ - OS::TripleO::Services::Ntp
+ - OS::TripleO::Services::Timezone
+ - OS::TripleO::Services::Snmp
+ - OS::TripleO::Services::TripleoPackages
+ - OS::TripleO::Services::TripleoFirewall
+ - OS::TripleO::Services::SensuClient
+ - OS::TripleO::Services::FluentdClient
+
+- name: ObjectStorage
+ disable_constraints: True
+ ServicesDefault:
+ - OS::TripleO::Services::CACerts
+ - OS::TripleO::Services::Kernel
+ - OS::TripleO::Services::Ntp
+ - OS::TripleO::Services::SwiftStorage
+ - OS::TripleO::Services::SwiftRingBuilder
+ - OS::TripleO::Services::Snmp
+ - OS::TripleO::Services::Timezone
+ - OS::TripleO::Services::TripleoPackages
+ - OS::TripleO::Services::TripleoFirewall
+ - OS::TripleO::Services::SensuClient
+ - OS::TripleO::Services::FluentdClient
+
+- name: CephStorage
+ disable_constraints: True
+ ServicesDefault:
+ - OS::TripleO::Services::CACerts
+ - OS::TripleO::Services::CephOSD
+ - OS::TripleO::Services::Kernel
+ - OS::TripleO::Services::Ntp
+ - OS::TripleO::Services::Snmp
+ - OS::TripleO::Services::Timezone
+ - OS::TripleO::Services::TripleoPackages
+ - OS::TripleO::Services::TripleoFirewall
+ - OS::TripleO::Services::SensuClient
+ - OS::TripleO::Services::FluentdClient
-heat_template_version: 2014-10-16
+heat_template_version: ocata
parameters:
image:
type: string
default: ''
name:
type: string
- default: ''
+ default: 'deployed-server'
image_update_policy:
type: string
default: ''
default: {}
resources:
- # We just need something which returns a unique ID, but we can't
- # use RandomString because RefId returns the value, not the physical
- # resource ID, SoftwareConfig should work as it returns a UUID
deployed-server:
- type: OS::TripleO::DeployedServerConfig
+ type: OS::Heat::DeployedServer
properties:
- user_data_format: SOFTWARE_CONFIG
+ name: {get_param: name}
+ software_config_transport: {get_param: software_config_transport}
InstanceIdConfig:
type: OS::Heat::StructuredConfig
properties:
group: apply-config
config:
- instance-id: {get_attr: [deployed-server, "OS::stack_id"]}
+ instance-id: {get_resource: deployed-server}
InstanceIdDeployment:
type: OS::Heat::StructuredDeployment
config: {get_resource: HostsEntryConfig}
server: {get_resource: deployed-server}
- ControlPlanePort:
+ ControlPlanePortImpl:
type: OS::TripleO::DeployedServer::ControlPlanePort
properties:
- Hostname: {get_attr: [HostsEntryDeployment, hostname]}
+ network: ctlplane
+ name:
+ list_join:
+ - '-'
+ - - {get_attr: [HostsEntryDeployment, hostname]}
+ - ctlplane
+ replacement_policy: AUTO
outputs:
- # FIXME(shardy) this is needed because TemplateResource returns an
- # ARN not a UUID, which overflows the Deployment server_id column..
OS::stack_id:
- value: {get_attr: [deployed-server, "OS::stack_id"]}
+ value: {get_resource: deployed-server}
networks:
value:
ctlplane:
- - {get_attr: [ControlPlanePort, ip_address]}
+ - {get_attr: [ControlPlanePortImpl, fixed_ips, 0, ip_address]}
name:
value: {get_attr: [HostsEntryDeployment, hostname]}
server_stack=$(openstack stack resource show $stack $server_resource_name -c physical_resource_id -f value)
done
- deployed_server_stack=$(openstack stack resource show $server_stack deployed-server -c physical_resource_id -f value)
+ deployed_server_metadata_url=$(openstack stack resource metadata $server_stack deployed-server | jq -r '.["os-collect-config"].request.metadata_url')
echo "======================"
echo "$role$i os-collect-config.conf configuration:"
config="
[DEFAULT]
-collectors=heat
+collectors=request
command=os-refresh-config
polling_interval=30
-[heat]
-user_id=$admin_user_id
-password=$OS_PASSWORD
-auth_url=$OS_AUTH_URL
-project_id=$admin_project_id
-stack_id=$deployed_server_stack
-resource_name=deployed-server-config"
+[request]
+metadata_url=$deployed_server_metadata_url"
echo "$config"
echo "======================"
-heat_template_version: 2014-10-16
+heat_template_version: ocata
parameters:
DockerAgentImage:
-heat_template_version: 2016-10-14
+heat_template_version: ocata
description: >
Post-deploy configuration steps via puppet for all roles,
-heat_template_version: 2015-04-30
+heat_template_version: ocata
description: >
OpenStack Neutron openvswitch service
-heat_template_version: 2015-04-30
+heat_template_version: ocata
description: >
OpenStack containerized Nova Compute service
-heat_template_version: 2015-04-30
+heat_template_version: ocata
description: >
OpenStack Libvirt Service
-heat_template_version: 2016-10-14
+heat_template_version: ocata
description: >
Utility stack to convert an array of services into a set of combined
resource_registry:
OS::TripleO::Server: ../deployed-server/deployed-server.yaml
- OS::TripleO::DeployedServerConfig: ../deployed-server/deployed-server-config.yaml
- OS::TripleO::DeployedServer::ControlPlanePort: ../deployed-server/ctlplane-port.yaml
+ OS::TripleO::DeployedServer::ControlPlanePort: OS::Neutron::Port
resource_registry:
OS::TripleO::Server: ../deployed-server/deployed-server.yaml
- OS::TripleO::DeployedServerConfig: ../deployed-server/deployed-server-config.yaml
- OS::TripleO::DeployedServer::ControlPlanePort: OS::Heat::None
+ OS::TripleO::DeployedServer::ControlPlanePort: ../deployed-server/deployed-neutron-port.yaml
resource_registry:
- OS::TripleO::Network::Ports::NetVipMap: ../network/ports/net_vip_map_external_v6.yaml
- OS::TripleO::Network::Ports::ExternalVipPort: ../network/ports/noop.yaml
- OS::TripleO::Network::Ports::InternalApiVipPort: ../network/ports/noop.yaml
- OS::TripleO::Network::Ports::StorageVipPort: ../network/ports/noop.yaml
- OS::TripleO::Network::Ports::StorageMgmtVipPort: ../network/ports/noop.yaml
- OS::TripleO::Network::Ports::RedisVipPort: ../network/ports/from_service_v6.yaml
OS::TripleO::Controller::Ports::ExternalPort: ../network/ports/external_from_pool_v6.yaml
OS::TripleO::Controller::Ports::InternalApiPort: ../network/ports/internal_api_from_pool_v6.yaml
OS::TripleO::Controller::Ports::StoragePort: ../network/ports/storage_from_pool_v6.yaml
OS::TripleO::Controller::Ports::StorageMgmtPort: ../network/ports/storage_mgmt_from_pool_v6.yaml
# OVS doesn't support IPv6 endpoints for tunneling yet, so this remains IPv4 for now.
OS::TripleO::Controller::Ports::TenantPort: ../network/ports/tenant_from_pool.yaml
+ # Management network is optional and disabled by default
+ #OS::TripleO::Controller::Ports::ManagementPort: ../network/ports/management_from_pool_v6.yaml
parameter_defaults:
# When using an external loadbalancer set the following in parameter_defaults
# to control your VIPs (currently one per network)
# NOTE: we will eventually move to one VIP per service
#
- ControlPlaneIP: 192.0.2.251
- ExternalNetworkVip: 2001:db8:fd00:1000:0000:0000:0000:0005
- InternalApiNetworkVip: fd00:fd00:fd00:2000:0000:0000:0000:0005
- StorageNetworkVip: fd00:fd00:fd00:3000:0000:0000:0000:0005
- StorageMgmtNetworkVip: fd00:fd00:fd00:4000:0000:0000:0000:0005
- ServiceVips:
- redis: fd00:fd00:fd00:2000:0000:0000:0000:0006
+ ControlFixedIPs: [{'ip_address':'192.0.2.251'}]
+ PublicVirtualFixedIPs: [{'ip_address':'2001:db8:fd00:1000:0000:0000:0000:0005'}]
+ InternalApiVirtualFixedIPs: [{'ip_address':'fd00:fd00:fd00:2000:0000:0000:0000:0005'}]
+ StorageVirtualFixedIPs: [{'ip_address':'fd00:fd00:fd00:3000:0000:0000:0000:0005'}]
+ StorageMgmtVirtualFixedIPs: [{'ip_address':'fd00:fd00:fd00:4000:0000:0000:0000:0005'}]
+ RedisVirtualFixedIPs: [{'ip_address':'fd00:fd00:fd00:2000:0000:0000:0000:0006'}]
ControllerIPs:
external:
- 2001:db8:fd00:1000:0000:0000:0000:0007
resource_registry:
- OS::TripleO::Network::Ports::NetVipMap: ../network/ports/net_vip_map_external.yaml
- OS::TripleO::Network::Ports::ExternalVipPort: ../network/ports/noop.yaml
- OS::TripleO::Network::Ports::InternalApiVipPort: ../network/ports/noop.yaml
- OS::TripleO::Network::Ports::StorageVipPort: ../network/ports/noop.yaml
- OS::TripleO::Network::Ports::StorageMgmtVipPort: ../network/ports/noop.yaml
- OS::TripleO::Network::Ports::RedisVipPort: ../network/ports/from_service.yaml
OS::TripleO::Controller::Ports::ExternalPort: ../network/ports/external_from_pool.yaml
OS::TripleO::Controller::Ports::InternalApiPort: ../network/ports/internal_api_from_pool.yaml
OS::TripleO::Controller::Ports::StoragePort: ../network/ports/storage_from_pool.yaml
# to control your VIPs (currently one per network)
# NOTE: we will eventually move to one VIP per service
#
- ControlPlaneIP: 192.0.2.251
- ExternalNetworkVip: 10.0.0.251
- InternalApiNetworkVip: 172.16.2.251
- StorageNetworkVip: 172.16.1.251
- StorageMgmtNetworkVip: 172.16.3.251
- ServiceVips:
- redis: 172.16.2.252
+ ControlFixedIPs: [{'ip_address':'192.0.2.251'}]
+ PublicVirtualFixedIPs: [{'ip_address':'10.0.0.251'}]
+ InternalApiVirtualFixedIPs: [{'ip_address':'172.16.2.251'}]
+ StorageVirtualFixedIPs: [{'ip_address':'172.16.1.251'}]
+ StorageMgmtVirtualFixedIPs: [{'ip_address':'172.16.3.251'}]
+ RedisVirtualFixedIPs: [{'ip_address':'172.16.2.252'}]
ControllerIPs:
external:
- 10.0.0.253
--- /dev/null
+resource_registry:
+# Create the registry only for roles with the word "Compute" in it. Like ComputeOvsDpdk, ComputeSriov, etc.,
+{% for role in roles %}
+{% if "Compute" in role.name %}
+ OS::TripleO::{{role.name}}::PreNetworkConfig: ../extraconfig/pre_network/{{role.name.lower()}}-host_config_and_reboot.yaml
+{% endif %}
+{% endfor %}
+
+parameter_defaults:
+ # Sample parameters for Compute and ComputeOvsDpdk roles
+ #ComputeKernelArgs: ""
+ #ComputeTunedProfileName: ""
+ #ComputeHostCpuList: ""
+ #ComputeOvsDpdkKernelArgs: ""
+ #ComputeOvsDpdkTunedProfileName: ""
+ #ComputeOvsDpdkHostCpuList: ""
--- /dev/null
+# We run the upgrade steps without disabling the OS::TripleO::PostDeploySteps
+# this means you can do a major upgrade in one pass, which may be useful
+# e.g for all-in-one deployments where we can upgrade the compute services
+# at the same time as the controlplane
+# Note that it will be necessary to pass a mapping of OS::Heat::None again for
+# any subsequent updates, or the upgrade steps will run again.
+resource_registry:
+ OS::TripleO::UpgradeSteps: ../puppet/major_upgrade_steps.yaml
OS::TripleO::Network::InternalApi: ../network/internal_api.yaml
OS::TripleO::Network::StorageMgmt: ../network/storage_mgmt.yaml
OS::TripleO::Network::Storage: ../network/storage.yaml
+ OS::TripleO::Network::Tenant: ../network/noop.yaml
+ # Management network is optional and disabled by default.
+ # To enable it, include environments/network-management.yaml
+ #OS::TripleO::Network::Management: ../network/management.yaml
+
+ # Port assignments for the VIPs
+ OS::TripleO::Network::Ports::ExternalVipPort: ../network/ports/external.yaml
+ OS::TripleO::Network::Ports::InternalApiVipPort: ../network/ports/internal_api.yaml
+ OS::TripleO::Network::Ports::StorageVipPort: ../network/ports/storage.yaml
+ OS::TripleO::Network::Ports::StorageMgmtVipPort: ../network/ports/storage_mgmt.yaml
+ OS::TripleO::Network::Ports::RedisVipPort: ../network/ports/vip.yaml
# Port assignments for the controller role
OS::TripleO::Controller::Ports::ExternalPort: ../network/ports/external.yaml
OS::TripleO::Controller::Ports::InternalApiPort: ../network/ports/internal_api.yaml
OS::TripleO::Controller::Ports::StoragePort: ../network/ports/storage.yaml
OS::TripleO::Controller::Ports::StorageMgmtPort: ../network/ports/storage_mgmt.yaml
+ OS::TripleO::Controller::Ports::TenantPort: ../network/ports/noop.yaml
+ #OS::TripleO::Controller::Ports::ManagementPort: ../network/ports/management.yaml
# Port assignments for the compute role
+ OS::TripleO::Compute::Ports::ExternalPort: ../network/ports/noop.yaml
OS::TripleO::Compute::Ports::InternalApiPort: ../network/ports/internal_api.yaml
OS::TripleO::Compute::Ports::StoragePort: ../network/ports/storage.yaml
+ OS::TripleO::Compute::Ports::StorageMgmtPort: ../network/ports/noop.yaml
+ OS::TripleO::Compute::Ports::TenantPort: ../network/ports/noop.yaml
+ #OS::TripleO::Compute::Ports::ManagementPort: ../network/ports/management.yaml
# Port assignments for the ceph storage role
+ OS::TripleO::CephStorage::Ports::ExternalPort: ../network/ports/noop.yaml
+ OS::TripleO::CephStorage::Ports::InternalApiPort: ../network/ports/noop.yaml
OS::TripleO::CephStorage::Ports::StoragePort: ../network/ports/storage.yaml
OS::TripleO::CephStorage::Ports::StorageMgmtPort: ../network/ports/storage_mgmt.yaml
+ OS::TripleO::CephStorage::Ports::TenantPort: ../network/ports/noop.yaml
+ #OS::TripleO::CephStorage::Ports::ManagementPort: ../network/ports/management.yaml
# Port assignments for the swift storage role
+ OS::TripleO::SwiftStorage::Ports::ExternalPort: ../network/ports/noop.yaml
OS::TripleO::SwiftStorage::Ports::InternalApiPort: ../network/ports/internal_api.yaml
OS::TripleO::SwiftStorage::Ports::StoragePort: ../network/ports/storage.yaml
OS::TripleO::SwiftStorage::Ports::StorageMgmtPort: ../network/ports/storage_mgmt.yaml
+ OS::TripleO::SwiftStorage::Ports::TenantPort: ../network/ports/noop.yaml
+ #OS::TripleO::SwiftStorage::Ports::ManagementPort: ../network/ports/management.yaml
# Port assignments for the block storage role
+ OS::TripleO::BlockStorage::Ports::ExternalPort: ../network/ports/noop.yaml
OS::TripleO::BlockStorage::Ports::InternalApiPort: ../network/ports/internal_api.yaml
OS::TripleO::BlockStorage::Ports::StoragePort: ../network/ports/storage.yaml
OS::TripleO::BlockStorage::Ports::StorageMgmtPort: ../network/ports/storage_mgmt.yaml
-
- # Port assignments for service virtual IPs for the controller role
- OS::TripleO::Controller::Ports::RedisVipPort: ../network/ports/vip.yaml
+ OS::TripleO::BlockStorage::Ports::TenantPort: ../network/ports/noop.yaml
+ #OS::TripleO::BlockStorage::Ports::ManagementPort: ../network/ports/management.yaml
OS::TripleO::Network::Ports::StorageMgmtVipPort: ../network/ports/storage_mgmt.yaml
OS::TripleO::Network::Ports::RedisVipPort: ../network/ports/vip.yaml
- # Port assignments for service virtual IPs for the controller role
- OS::TripleO::Controller::Ports::RedisVipPort: ../network/ports/vip.yaml
# Port assignments for the controller role
OS::TripleO::Controller::Ports::ExternalPort: ../network/ports/external.yaml
OS::TripleO::Controller::Ports::InternalApiPort: ../network/ports/internal_api.yaml
OS::TripleO::BlockStorage::Ports::StorageMgmtPort: ../network/ports/storage_mgmt.yaml
OS::TripleO::BlockStorage::Ports::TenantPort: ../network/ports/noop.yaml
#OS::TripleO::BlockStorage::Ports::ManagementPort: ../network/ports/management.yaml
-
# Disabling Neutron services that overlap with OVN
OS::TripleO::Services::NeutronDhcpAgent: OS::Heat::None
OS::TripleO::Services::ComputeNeutronOvsAgent: OS::Heat::None
+ OS::TripleO::Services::OVNDBs: ../puppet/services/ovn-dbs.yaml
parameter_defaults:
NeutronMechanismDrivers: ovn
- OVNDbHost: '0.0.0.0'
OVNSouthboundServerPort: 6642
OVNNorthboundServerPort: 6641
OVNDbConnectionTimeout: 60
OVNNeutronSyncMode: log
OVNQosDriver: ovn-qos
OVNTunnelEncapType: geneve
+ NeutronEnableDHCPAgent: false
parameter_defaults:
NeutronEnableForceMetadata: true
- NeutronMechanismDrivers: 'opendaylight'
- NeutronServicePlugins: "networking_odl.l3.l3_odl.OpenDaylightL3RouterPlugin"
+ NeutronMechanismDrivers: 'opendaylight_v2'
+ NeutronServicePlugins: 'odl-router_v2'
OpenDaylightEnableL3: "'yes'"
-# A Heat environment that can be used to deploy OpenDaylight
+# A Heat environment that can be used to deploy OpenDaylight with L3 DVR
resource_registry:
OS::TripleO::Services::NeutronOvsAgent: OS::Heat::None
OS::TripleO::Services::ComputeNeutronOvsAgent: OS::Heat::None
OS::TripleO::Services::ComputeNeutronCorePlugin: OS::Heat::None
OS::TripleO::Services::OpenDaylightApi: ../puppet/services/opendaylight-api.yaml
OS::TripleO::Services::OpenDaylightOvs: ../puppet/services/opendaylight-ovs.yaml
+ OS::TripleO::Services::NeutronL3Agent: OS::Heat::None
parameter_defaults:
NeutronEnableForceMetadata: true
- NeutronMechanismDrivers: 'opendaylight'
+ NeutronMechanismDrivers: 'opendaylight_v2'
+ NeutronServicePlugins: 'odl-router_v2'
--- /dev/null
+resource_registry:
+ OS::TripleO::Services::CephMds: ../../puppet/services/ceph-mds.yaml
\ No newline at end of file
ZaqarAdmin: {protocol: 'http', port: '8888', host: 'IP_ADDRESS'}
ZaqarInternal: {protocol: 'http', port: '8888', host: 'IP_ADDRESS'}
ZaqarPublic: {protocol: 'https', port: '13888', host: 'CLOUDNAME'}
- ZaqarWebSocketAdmin: {protocol: 'http', port: '9000', host: 'IP_ADDRESS'}
- ZaqarWebSocketInternal: {protocol: 'http', port: '9000', host: 'IP_ADDRESS'}
- ZaqarWebSocketPublic: {protocol: 'https', port: '9000', host: 'CLOUDNAME'}
+ ZaqarWebSocketAdmin: {protocol: 'ws', port: '9000', host: 'IP_ADDRESS'}
+ ZaqarWebSocketInternal: {protocol: 'ws', port: '9000', host: 'IP_ADDRESS'}
+ ZaqarWebSocketPublic: {protocol: 'wss', port: '9000', host: 'CLOUDNAME'}
ZaqarAdmin: {protocol: 'http', port: '8888', host: 'IP_ADDRESS'}
ZaqarInternal: {protocol: 'http', port: '8888', host: 'IP_ADDRESS'}
ZaqarPublic: {protocol: 'https', port: '13888', host: 'IP_ADDRESS'}
- ZaqarWebSocketAdmin: {protocol: 'http', port: '9000', host: 'IP_ADDRESS'}
- ZaqarWebSocketInternal: {protocol: 'http', port: '9000', host: 'IP_ADDRESS'}
- ZaqarWebSocketPublic: {protocol: 'https', port: '9000', host: 'IP_ADDRESS'}
+ ZaqarWebSocketAdmin: {protocol: 'ws', port: '9000', host: 'IP_ADDRESS'}
+ ZaqarWebSocketInternal: {protocol: 'ws', port: '9000', host: 'IP_ADDRESS'}
+ ZaqarWebSocketPublic: {protocol: 'wss', port: '9000', host: 'IP_ADDRESS'}
ZaqarAdmin: {protocol: 'https', port: '8888', host: 'CLOUDNAME'}
ZaqarInternal: {protocol: 'https', port: '8888', host: 'CLOUDNAME'}
ZaqarPublic: {protocol: 'https', port: '13888', host: 'CLOUDNAME'}
- ZaqarWebSocketAdmin: {protocol: 'https', port: '9000', host: 'CLOUDNAME'}
- ZaqarWebSocketInternal: {protocol: 'https', port: '9000', host: 'CLOUDNAME'}
- ZaqarWebSocketPublic: {protocol: 'https', port: '9000', host: 'CLOUDNAME'}
+ ZaqarWebSocketAdmin: {protocol: 'wss', port: '9000', host: 'CLOUDNAME'}
+ ZaqarWebSocketInternal: {protocol: 'wss', port: '9000', host: 'CLOUDNAME'}
+ ZaqarWebSocketPublic: {protocol: 'wss', port: '9000', host: 'CLOUDNAME'}
--- /dev/null
+resource_registry:
+ OS::TripleO::Network::Ports::RedisVipPort: ../network/ports/noop.yaml
+ OS::TripleO::Network::Ports::ControlPlaneVipPort: ../deployed-server/deployed-neutron-port.yaml
+ OS::TripleO::Undercloud::Net::SoftwareConfig: ../net-config-undercloud.yaml
+ OS::TripleO::NodeExtraConfigPost: ../extraconfig/post_deploy/undercloud_post.yaml
+
+parameter_defaults:
+ StackAction: CREATE
+ SoftwareConfigTransport: POLL_SERVER_HEAT
+ NeutronTunnelTypes: []
+ NeutronBridgeMappings: ctlplane:br-ctlplane
+ NeutronAgentExtensions: []
+ NeutronFlatNetworks: '*'
+ NovaSchedulerAvailableFilters: 'tripleo_common.filters.list.tripleo_filters'
+ NovaSchedulerDefaultFilters: ['RetryFilter', 'TripleOCapabilitiesFilter', 'ComputeCapabilitiesFilter', 'AvailabilityZoneFilter', 'RamFilter', 'DiskFilter', 'ComputeFilter', 'ImagePropertiesFilter', 'ServerGroupAntiAffinityFilter', 'ServerGroupAffinityFilter']
+ NeutronDhcpAgentsPerNetwork: 2
+ HeatConvergenceEngine: false
+ HeatMaxResourcesPerStack: -1
# Keystone Admin API service is running on the Internal API network
parameter_defaults:
- ServiceNetMapDefaults:
- NeutronTenantNetwork: tenant
- CeilometerApiNetwork: internal_api
- MongodbNetwork: internal_api
- CinderApiNetwork: internal_api
- CinderIscsiNetwork: storage
- GlanceApiNetwork: storage
- GlanceRegistryNetwork: internal_api
+ ServiceNetMap:
KeystoneAdminApiNetwork: internal_api
- KeystonePublicApiNetwork: internal_api
- NeutronApiNetwork: internal_api
- HeatApiNetwork: internal_api
- NovaApiNetwork: internal_api
- NovaMetadataNetwork: internal_api
- NovaVncProxyNetwork: internal_api
- SwiftMgmtNetwork: storage_mgmt
- SwiftProxyNetwork: storage
- HorizonNetwork: internal_api
- MemcachedNetwork: internal_api
- RabbitmqNetwork: internal_api
- RedisNetwork: internal_api
- MysqlNetwork: internal_api
- CephClusterNetwork: storage_mgmt
- CephPublicNetwork: storage
- ControllerHostnameResolveNetwork: internal_api
- ComputeHostnameResolveNetwork: internal_api
- BlockStorageHostnameResolveNetwork: internal_api
- ObjectStorageHostnameResolveNetwork: internal_api
- CephStorageHostnameResolveNetwork: storage
-heat_template_version: 2014-10-16
+heat_template_version: ocata
description: >
Example extra config for cluster config
-heat_template_version: 2014-10-16
+heat_template_version: ocata
description: >
Example extra config for cluster config
-heat_template_version: 2014-10-16
+heat_template_version: ocata
description: >
Extra config to add swap space to nodes.
-heat_template_version: 2014-10-16
+heat_template_version: ocata
description: >
Extra config to add swap space to nodes.
-heat_template_version: 2014-10-16
+heat_template_version: ocata
description: 'Extra Post Deployment Config'
parameters:
servers:
-heat_template_version: 2014-10-16
+heat_template_version: ocata
description: >
Example extra config for post-deployment
-heat_template_version: 2014-10-16
+heat_template_version: ocata
description: >
Example extra config for post-deployment, this re-runs every update
--- /dev/null
+#!/bin/bash
+set -eux
+
+ln -sf /etc/puppet/hiera.yaml /etc/hiera.yaml
+
+
+# WRITE OUT STACKRC
+if [ ! -e /root/stackrc ]; then
+ touch /root/stackrc
+ chmod 0600 /root/stackrc
+
+cat >> /root/stackrc <<-EOF_CAT
+export OS_PASSWORD=$admin_password
+export OS_AUTH_URL=$auth_url
+export OS_USERNAME=admin
+export OS_TENANT_NAME=admin
+export COMPUTE_API_VERSION=1.1
+export NOVA_VERSION=1.1
+export OS_BAREMETAL_API_VERSION=1.15
+export OS_NO_CACHE=True
+export OS_CLOUDNAME=undercloud
+EOF_CAT
+
+ if [ -n "$ssl_certificate" ]; then
+cat >> /root/stackrc <<-EOF_CAT
+export PYTHONWARNINGS="ignore:Certificate has no, ignore:A true SSLContext object is not available"
+EOF_CAT
+ fi
+fi
+
+source /root/stackrc
+
+if [ ! -f /root/.ssh/authorized_keys ]; then
+ sudo mkdir -p /root/.ssh
+ sudo chmod 7000 /root/.ssh/
+ sudo touch /root/.ssh/authorized_keys
+ sudo chmod 600 /root/.ssh/authorized_keys
+fi
+
+if [ ! -f /root/.ssh/id_rsa ]; then
+ ssh-keygen -b 1024 -N '' -f /root/.ssh/id_rsa
+fi
+
+if ! grep "$(cat /root/.ssh/id_rsa.pub)" /root/.ssh/authorized_keys; then
+ cat /root/.ssh/id_rsa.pub >> /root/.ssh/authorized_keys
+fi
+
+PHYSICAL_NETWORK=ctlplane
+
+ctlplane_id=$(openstack network list -f csv -c ID -c Name --quote none | tail -n +2 | grep ctlplane | cut -d, -f1)
+subnet_ids=$(openstack subnet list -f csv -c ID --quote none | tail -n +2)
+subnet_id=
+
+for subnet_id in $subnet_ids; do
+ network_id=$(openstack subnet show -f value -c network_id $subnet_id)
+ if [ "$network_id" = "$ctlplane_id" ]; then
+ break
+ fi
+done
+
+net_create=1
+if [ -n "$subnet_id" ]; then
+ cidr=$(openstack subnet show $subnet_id -f value -c cidr)
+ if [ "$cidr" = "$undercloud_network_cidr" ]; then
+ net_create=0
+ else
+ echo "New cidr $undercloud_network_cidr does not equal old cidr $cidr"
+ echo "Will attempt to delete and recreate subnet $subnet_id"
+ fi
+fi
+
+if [ "$net_create" -eq "1" ]; then
+ # Delete the subnet and network to make sure it doesn't already exist
+ if openstack subnet list | grep start; then
+ openstack subnet delete $(openstack subnet list | grep start | awk '{print $4}')
+ fi
+ if openstack network show ctlplane; then
+ openstack network delete ctlplane
+ fi
+
+
+ NETWORK_ID=$(openstack network create --provider-network-type=flat --provider-physical-network=ctlplane ctlplane | grep " id " | awk '{print $4}')
+
+ NAMESERVER_ARG=""
+ if [ -n "${undercloud_nameserver:-}" ]; then
+ NAMESERVER_ARG="--dns-nameserver $undercloud_nameserver"
+ fi
+
+ openstack subnet create --network=$NETWORK_ID \
+ --gateway=$undercloud_network_gateway \
+ --subnet-range=$undercloud_network_cidr \
+ --allocation-pool start=$undercloud_dhcp_start,end=$undercloud_dhcp_end \
+ --host-route destination=169.254.169.254/32,gateway=$local_ip \
+ $NAMESERVER_ARG ctlplane
+fi
+
+# Disable nova quotas
+openstack quota set --cores -1 --instances -1 --ram -1 $(openstack project show admin | awk '$2=="id" {print $4}')
+
+# MISTRAL WORKFLOW CONFIGURATION
+if [ "$(hiera mistral_api_enabled)" = "true" ]; then
+ # load workflows
+ for workbook in $(openstack workbook list | grep tripleo | cut -f 2 -d ' '); do
+ openstack workbook delete $workbook
+ done
+ for workflow in $(openstack workflow list | grep tripleo | cut -f 2 -d ' '); do
+ openstack workflow delete $workflow
+ done
+ for workbook in $(ls /usr/share/openstack-tripleo-common/workbooks/*); do
+ openstack workbook create $workbook
+ done
+
+ # Store the SNMP password in a mistral environment
+ if ! openstack workflow env show tripleo.undercloud-config &>/dev/null; then
+ TMP_MISTRAL_ENV=$(mktemp)
+ echo "{\"name\": \"tripleo.undercloud-config\", \"variables\": {\"undercloud_ceilometer_snmpd_password\": \"$snmp_readonly_user_password\"}}" > $TMP_MISTRAL_ENV
+ openstack workflow env create $TMP_MISTRAL_ENV
+ fi
+
+fi
+
+# IP forwarding is needed to allow the overcloud nodes access to the outside
+# internet in cases where they are on an isolated network.
+sysctl -w net.ipv4.ip_forward=1
+# Make it persistent
+echo "net.ipv4.ip_forward=1" > /etc/sysctl.d/ip-forward.conf
--- /dev/null
+heat_template_version: ocata
+
+description: >
+ Post-deployment for the TripleO undercloud
+
+parameters:
+ servers:
+ type: json
+ DeployedServerPortMap:
+ default: {}
+ type: json
+ UndercloudDhcpRangeStart:
+ type: string
+ default: '192.168.24.5'
+ UndercloudDhcpRangeEnd:
+ type: string
+ default: '192.168.24.24'
+ UndercloudNetworkCidr:
+ type: string
+ default: '192.168.24.0/24'
+ UndercloudNetworkGateway:
+ type: string
+ default: '192.168.24.1'
+ UndercloudNameserver:
+ type: string
+ default: ''
+ AdminPassword: #supplied by tripleo-undercloud-passwords.yaml
+ type: string
+ description: The password for the keystone admin account, used for monitoring, querying neutron etc.
+ hidden: True
+ SSLCertificate:
+ description: >
+ The content of the SSL certificate (without Key) in PEM format.
+ type: string
+ default: ""
+ hidden: True
+ SnmpdReadonlyUserPassword:
+ description: The user password for SNMPd with readonly rights running on all Overcloud nodes
+ type: string
+ hidden: true
+
+conditions:
+
+ ssl_disabled: {equals : [{get_param: SSLCertificate}, ""]}
+
+resources:
+
+ UndercloudPostConfig:
+ type: OS::Heat::SoftwareConfig
+ properties:
+ group: script
+ inputs:
+ - name: deploy_identifier
+ - name: local_ip
+ - name: undercloud_dhcp_start
+ - name: undercloud_dhcp_end
+ - name: undercloud_network_cidr
+ - name: undercloud_network_gateway
+ - name: undercloud_nameserver
+ - name: admin_password
+ - name: auth_url
+ - name: snmp_readonly_user_password
+ config: {get_file: ./undercloud_post.sh}
+
+ UndercloudPostDeployment:
+ type: OS::Heat::SoftwareDeployments
+ properties:
+ servers: {get_param: servers}
+ config: {get_resource: UndercloudPostConfig}
+ input_values:
+ local_ip: {get_param: [DeployedServerPortMap, 'control_virtual_ip', fixed_ips, 0, ip_address]}
+ undercloud_dhcp_start: {get_param: UndercloudDhcpRangeStart}
+ undercloud_dhcp_end: {get_param: UndercloudDhcpRangeEnd}
+ undercloud_network_cidr: {get_param: UndercloudNetworkCidr}
+ undercloud_network_gateway: {get_param: UndercloudNetworkGateway}
+ undercloud_nameserver: {get_param: UndercloudNameserver}
+ ssl_certificate: {get_param: SSLCertificate}
+ admin_password: {get_param: AdminPassword}
+ snmp_readonly_user_password: {get_param: SnmpdReadonlyUserPassword}
+ # if SSL is enabled we use the public virtual ip as the stackrc endpoint
+ auth_url:
+ if:
+ - ssl_disabled
+ - list_join:
+ - ''
+ - - 'http://'
+ - {get_param: [DeployedServerPortMap, 'control_virtual_ip', fixed_ips, 0, ip_address]}
+ - ':5000/v2.0'
+ - list_join:
+ - ''
+ - - 'https://'
+ - {get_param: [DeployedServerPortMap, 'public_virtual_ip', fixed_ips, 0, ip_address]}
+ - ':13000/v2.0'
-heat_template_version: 2014-10-16
+heat_template_version: ocata
description: >
RHEL Registration and unregistration software deployments.
exit 0
fi
+retryCount=0
opts=
attach_opts=
sat5_opts=
opts="$opts --type=$REG_TYPE"
fi
+function retry() {
+ if [[ $retryCount < 3 ]]; then
+ $@
+ if ! [[ $? == 0 ]]; then
+ retryCount=$(echo $retryCount + 1 | bc)
+ echo "WARN: Failed to connect when running '$@', retrying..."
+ retry $@
+ else
+ retryCount=0
+ fi
+ else
+ echo "ERROR: Failed to connect after 3 attempts when running '$@'"
+ exit 1
+ fi
+}
+
function detect_satellite_version {
ping_api=$REG_SAT_URL/katello/api/ping
- if curl -L -k -s -D - -o /dev/null $ping_api | grep "200 OK"; then
+ if curl --retry 3 --retry-delay 10 --max-time 30 -L -k -s -D - -o /dev/null $ping_api | grep "200 OK"; then
echo Satellite 6 detected at $REG_SAT_URL
satellite_version=6
- elif curl -L -k -s -D - -o /dev/null $REG_SAT_URL/rhn/Login.do | grep "200 OK"; then
+ elif curl --retry 3 --retry-delay 10 --max-time 30 -L -k -s -D - -o /dev/null $REG_SAT_URL/rhn/Login.do | grep "200 OK"; then
echo Satellite 5 detected at $REG_SAT_URL
satellite_version=5
else
case "${REG_METHOD:-}" in
portal)
- subscription-manager register $opts
+ retry subscription-manager register $opts
if [ -z "${REG_AUTO_ATTACH:-}" -a -z "${REG_ACTIVATION_KEY:-}" ]; then
- subscription-manager attach $attach_opts
+ retry subscription-manager attach $attach_opts
fi
- subscription-manager repos --disable '*'
- subscription-manager $repos
+ retry subscription-manager repos --disable '*'
+ retry subscription-manager $repos
;;
satellite)
detect_satellite_version
if [ "$satellite_version" = "6" ]; then
repos="$repos --enable ${satellite_repo}"
- curl -L -k -O "$REG_SAT_URL/pub/katello-ca-consumer-latest.noarch.rpm"
+ curl --retry 3 --retry-delay 10 --max-time 30 -L -k -O "$REG_SAT_URL/pub/katello-ca-consumer-latest.noarch.rpm"
rpm -Uvh katello-ca-consumer-latest.noarch.rpm || true
- subscription-manager register $opts
- subscription-manager $repos
- yum install -y katello-agent || true # needed for errata reporting to satellite6
+ retry subscription-manager register $opts
+ retry subscription-manager $repos
+ retry yum install -y katello-agent || true # needed for errata reporting to satellite6
katello-package-upload
- subscription-manager repos --disable ${satellite_repo}
+ retry subscription-manager repos --disable ${satellite_repo}
else
pushd /usr/share/rhn/
- curl -k -O $REG_SAT_URL/pub/RHN-ORG-TRUSTED-SSL-CERT
+ curl --retry 3 --retry-delay 10 --max-time 30 -k -O $REG_SAT_URL/pub/RHN-ORG-TRUSTED-SSL-CERT
popd
- rhnreg_ks --serverUrl=$REG_SAT_URL/XMLRPC $sat5_opts
+ retry rhnreg_ks --serverUrl=$REG_SAT_URL/XMLRPC $sat5_opts
fi
;;
disable)
--- /dev/null
+---
+- name: Configuration to be applied before rebooting the node
+ connection: local
+ hosts: localhost
+
+ tasks:
+ # Kernel Args Configuration
+ - block:
+ - name: Ensure the kernel args ( {{ _KERNEL_ARGS_ }} ) is present as TRIPLEO_HEAT_TEMPLATE_KERNEL_ARGS
+ lineinfile:
+ dest: /etc/default/grub
+ regexp: '^TRIPLEO_HEAT_TEMPLATE_KERNEL_ARGS.*'
+ insertafter: '^GRUB_CMDLINE_LINUX.*'
+ line: 'TRIPLEO_HEAT_TEMPLATE_KERNEL_ARGS=" {{ _KERNEL_ARGS_ }} "'
+ - name: Add TRIPLEO_HEAT_TEMPLATE_KERNEL_ARGS to the GRUB_CMDLINE_LINUX parameter
+ lineinfile:
+ dest: /etc/default/grub
+ line: 'GRUB_CMDLINE_LINUX="${GRUB_CMDLINE_LINUX:+$GRUB_CMDLINE_LINUX }${TRIPLEO_HEAT_TEMPLATE_KERNEL_ARGS}"'
+ insertafter: '^TRIPLEO_HEAT_TEMPLATE_KERNEL_ARGS.*'
+ - name: Generate grub config file
+ command: grub2-mkconfig -o /boot/grub2/grub.cfg
+ become: true
+ when: _KERNEL_ARGS_|default("") != ""
+
+ # Tune-d Configuration
+ - block:
+ - name: Tune-d Configuration
+ lineinfile:
+ dest: /etc/tuned/cpu-partitioning-variables.conf
+ regexp: '^isolated_cores=.*'
+ line: 'isolated_cores={{ _HOST_CPUS_LIST_ }}'
+ when: _HOST_CPUS_LIST_|default("") != ""
+
+ - name: Tune-d provile activation
+ shell: tuned-adm profile {{ _TUNED_PROFILE_NAME_ }}
+ become: true
+ when: _TUNED_PROFILE_NAME_|default("") != ""
+
+ # Provisioning Network workaround
+ # The script will be executed before os-net-config, in which case, only Provisioning network will have IP
+ # BOOTPROTO of all interface config files (except provisioning), will be set to "none" to avoid reboot failing to acquire IP on other networks
+ - block:
+ - find:
+ paths: /etc/sysconfig/network-scripts/
+ patterns: ifcfg-*
+ register: ifcfg_files
+
+ - replace:
+ dest: "{{ item.path }}"
+ regexp: '^BOOTPROTO=.*'
+ replace: 'BOOTPROTO=none'
+ when:
+ - item.path | regex_replace('(^.*ifcfg-)(.*)', '\\2') != "lo"
+ # This condition will list all the interfaces except the one with valid IP (which is Provisioning network at this stage)
+ # Simpler Version - hostvars[inventory_hostname]['ansible_' + iface_name ]['ipv4']['address'] is undefined
+ - hostvars[inventory_hostname]['ansible_' + item.path | regex_replace('(^.*ifcfg-)(.*)', '\\2') ]['ipv4']['address'] is undefined
+ with_items:
+ - "{{ ifcfg_files.files }}"
--- /dev/null
+heat_template_version: 2014-10-16
+
+description: >
+ Do some configuration, then reboot - sometimes needed for early-boot
+ changes such as modifying kernel configuration
+
+parameters:
+ server:
+ type: string
+
+resources:
+
+ SomeConfig:
+ type: OS::Heat::SoftwareConfig
+ properties:
+ group: script
+ config: |
+ #!/bin/bash
+ echo "did some config before reboot" > /root/pre-reboot-config
+
+ SomeDeployment:
+ type: OS::Heat::SoftwareDeployment
+ properties:
+ name: SomeDeployment
+ server: {get_param: server}
+ config: {get_resource: SomeConfig}
+ actions: ['CREATE'] # Only do this on CREATE
+
+ RebootConfig:
+ type: OS::Heat::SoftwareConfig
+ properties:
+ group: script
+ config: |
+ #!/bin/bash
+ # Stop os-collect-config to avoid any race collecting another
+ # deployment before reboot happens
+ systemctl stop os-collect-config.service
+ /sbin/reboot
+
+ RebootDeployment:
+ type: OS::Heat::SoftwareDeployment
+ depends_on: SomeDeployment
+ properties:
+ name: RebootDeployment
+ server: {get_param: server}
+ config: {get_resource: RebootConfig}
+ actions: ['CREATE'] # Only do this on CREATE
+ signal_transport: NO_SIGNAL
--- /dev/null
+heat_template_version: 2016-10-14
+
+description: >
+ Do some configuration, then reboot - sometimes needed for early-boot
+ changes such as modifying kernel configuration
+
+parameters:
+ server:
+ type: string
+ {{role}}KernelArgs:
+ type: string
+ default: ""
+ {{role}}TunedProfileName:
+ type: string
+ default: ""
+ {{role}}HostCpusList:
+ type: string
+ default: ""
+
+conditions:
+ param_exists:
+ or:
+ - not:
+ equals:
+ - get_param: {{role}}KernelArgs
+ - ""
+ - not:
+ equals:
+ - get_param: {{role}}TunedProfileName
+ - ""
+
+resources:
+
+ HostParametersConfig:
+ type: OS::Heat::SoftwareConfig
+ condition: param_exists
+ properties:
+ group: ansible
+ inputs:
+ - name: _KERNEL_ARGS_
+ - name: _TUNED_PROFILE_NAME_
+ - name: _HOST_CPUS_LIST_
+ outputs:
+ - name: result
+ config:
+ get_file: ansible_host_config.ansible
+
+ HostParametersDeployment:
+ type: OS::Heat::SoftwareDeployment
+ condition: param_exists
+ properties:
+ name: HostParametersDeployment
+ server: {get_param: server}
+ config: {get_resource: HostParametersConfig}
+ actions: ['CREATE'] # Only do this on CREATE
+ input_values:
+ _KERNEL_ARGS_: {get_param: {{role}}KernelArgs}
+ _TUNED_PROFILE_NAME_: {get_param: {{role}}TunedProfileName}
+ _HOST_CPUS_LIST_: {get_param: {{role}}HostCpusList}
+
+ RebootConfig:
+ type: OS::Heat::SoftwareConfig
+ condition: param_exists
+ properties:
+ group: script
+ config: |
+ #!/bin/bash
+ # Stop os-collect-config to avoid any race collecting another
+ # deployment before reboot happens
+ systemctl stop os-collect-config.service
+ /sbin/reboot
+
+ RebootDeployment:
+ type: OS::Heat::SoftwareDeployment
+ condition: param_exists
+ depends_on: HostParametersDeployment
+ properties:
+ name: RebootDeployment
+ server: {get_param: server}
+ config: {get_resource: RebootConfig}
+ actions: ['CREATE'] # Only do this on CREATE
+ signal_transport: NO_SIGNAL
+
+outputs:
+ result:
+ value:
+ get_attr: [HostParametersDeployment, result]
+ condition: param_exists
+ stdout:
+ value:
+ get_attr: [HostParametersDeployment, deploy_stdout]
+ condition: param_exists
+ stderr:
+ value:
+ get_attr: [HostParametersDeployment, deploy_stderr]
+ condition: param_exists
+ status_code:
+ value:
+ get_attr: [HostParametersDeployment, deploy_status_code]
+ condition: param_exists
set -eu
# Special-case OVS for https://bugs.launchpad.net/tripleo/+bug/1635205
-if [[ -n $(rpm -q --scripts openvswitch | awk '/postuninstall/,/*/' | grep "systemctl.*try-restart") ]]; then
- echo "Manual upgrade of openvswitch - restart in postun detected"
- mkdir OVS_UPGRADE || true
- pushd OVS_UPGRADE
- echo "Attempting to downloading latest openvswitch with yumdownloader"
- yumdownloader --resolve openvswitch
- echo "Updating openvswitch with nopostun option"
- rpm -U --replacepkgs --nopostun ./*.rpm
- popd
-else
- echo "Skipping manual upgrade of openvswitch - no restart in postun detected"
-fi
+special_case_ovs_upgrade_if_needed
yum -y install python-zaqarclient # needed for os-collect-config
yum -y -q update
-heat_template_version: 2014-10-16
+heat_template_version: ocata
description: >
Software-config for ceilometer configuration under httpd during upgrades
UPGRADE_SCRIPT=/root/tripleo_upgrade_node.sh
-cat > $UPGRADE_SCRIPT << 'ENDOFCAT'
+declare -f special_case_ovs_upgrade_if_needed > $UPGRADE_SCRIPT
+# use >> here so we don't lose the declaration we added above
+cat >> $UPGRADE_SCRIPT << 'ENDOFCAT'
#!/bin/bash
### DO NOT MODIFY THIS FILE
### This file is automatically delivered to the ceph-storage nodes as part of the
sleep 2;
done"
-# Special-case OVS for https://bugs.launchpad.net/tripleo/+bug/1635205
-if [[ -n $(rpm -q --scripts openvswitch | awk '/postuninstall/,/*/' | grep "systemctl.*try-restart") ]]; then
- echo "Manual upgrade of openvswitch - restart in postun detected"
- mkdir OVS_UPGRADE || true
- pushd OVS_UPGRADE
- echo "Attempting to downloading latest openvswitch with yumdownloader"
- yumdownloader --resolve openvswitch
- echo "Updating openvswitch with nopostun option"
- rpm -U --replacepkgs --nopostun ./*.rpm
- popd
-else
- echo "Skipping manual upgrade of openvswitch - no restart in postun detected"
-fi
+special_case_ovs_upgrade_if_needed
# Update (Ceph to Jewel)
yum -y install python-zaqarclient # needed for os-collect-config
# If on ext4, we need to enforce lower values for name and namespace len
# or ceph-osd will refuse to start, see: http://tracker.ceph.com/issues/16187
for OSD_ID in $OSD_IDS; do
- OSD_FS=$(findmnt -n -o FSTYPE -T /var/lib/ceph/osd/ceph-${OSD_ID})
+ OSD_FS=$(df -l --output=fstype /var/lib/ceph/osd/ceph-${OSD_ID} | tail -n +2)
if [ ${OSD_FS} = ext4 ]; then
crudini --set /etc/ceph/ceph.conf global osd_max_object_name_len 256
crudini --set /etc/ceph/ceph.conf global osd_max_object_namespace_len 64
crudini --set /etc/nova/nova.conf upgrade_levels compute $upgrade_level_nova_compute
-# Special-case OVS for https://bugs.launchpad.net/tripleo/+bug/1635205
-if [[ -n \$(rpm -q --scripts openvswitch | awk '/postuninstall/,/*/' | grep "systemctl.*try-restart") ]]; then
- echo "Manual upgrade of openvswitch - restart in postun detected"
- mkdir OVS_UPGRADE || true
- pushd OVS_UPGRADE
- echo "Attempting to downloading latest openvswitch with yumdownloader"
- yumdownloader --resolve openvswitch
- echo "Updating openvswitch with nopostun option"
- rpm -U --replacepkgs --nopostun ./*.rpm
- popd
-else
- echo "Skipping manual upgrade of openvswitch - no restart in postun detected"
-fi
+$(declare -f special_case_ovs_upgrade_if_needed)
+special_case_ovs_upgrade_if_needed
yum -y install python-zaqarclient # needed for os-collect-config
yum -y update
fi
# Special-case OVS for https://bugs.launchpad.net/tripleo/+bug/1635205
-if [[ -n $(rpm -q --scripts openvswitch | awk '/postuninstall/,/*/' | grep "systemctl.*try-restart") ]]; then
- echo "Manual upgrade of openvswitch - restart in postun detected"
- mkdir OVS_UPGRADE || true
- pushd OVS_UPGRADE
- echo "Attempting to downloading latest openvswitch with yumdownloader"
- yumdownloader --resolve openvswitch
- echo "Updating openvswitch with nopostun option"
- rpm -U --replacepkgs --nopostun ./*.rpm
- popd
-else
- echo "Skipping manual upgrade of openvswitch - no restart in postun detected"
-fi
+special_case_ovs_upgrade_if_needed
yum -y install python-zaqarclient # needed for os-collect-config
yum -y -q update
done
}
-# Special-case OVS for https://bugs.launchpad.net/tripleo/+bug/1635205
-if [[ -n \$(rpm -q --scripts openvswitch | awk '/postuninstall/,/*/' | grep "systemctl.*try-restart") ]]; then
- echo "Manual upgrade of openvswitch - restart in postun detected"
- mkdir OVS_UPGRADE || true
- pushd OVS_UPGRADE
- echo "Attempting to downloading latest openvswitch with yumdownloader"
- yumdownloader --resolve openvswitch
- echo "Updating openvswitch with nopostun option"
- rpm -U --replacepkgs --nopostun ./*.rpm
- popd
-else
- echo "Skipping manual upgrade of openvswitch - no restart in postun detected"
-fi
+$(declare -f special_case_ovs_upgrade_if_needed)
+special_case_ovs_upgrade_if_needed
systemctl_swift stop
-heat_template_version: 2016-10-14
+heat_template_version: ocata
description: 'Upgrade for Pacemaker deployments'
parameters:
depends_on: ControllerPacemakerUpgradeDeployment_Step1
properties:
group: script
- config: {get_file: major_upgrade_block_storage.sh}
+ config:
+ list_join:
+ - ''
+ - - get_file: pacemaker_common_functions.sh
+ - get_file: major_upgrade_block_storage.sh
BlockStorageUpgradeDeployment:
type: OS::Heat::SoftwareDeploymentGroup
-heat_template_version: 2014-10-16
+heat_template_version: ocata
description: 'Upgrade for Pacemaker deployments'
parameters:
upgrade_level_nova_compute='UPGRADE_LEVEL_NOVA_COMPUTE'
params:
UPGRADE_LEVEL_NOVA_COMPUTE: {get_param: UpgradeLevelNovaCompute}
+ - get_file: pacemaker_common_functions.sh
- get_file: major_upgrade_compute.sh
ObjectStorageDeliverUpgradeScriptConfig:
type: OS::Heat::SoftwareConfig
properties:
group: script
- config: {get_file: major_upgrade_object_storage.sh}
+ config:
+ list_join:
+ - ''
+ - - get_file: pacemaker_common_functions.sh
+ - get_file: major_upgrade_object_storage.sh
CephStorageDeliverUpgradeScriptConfig:
type: OS::Heat::SoftwareConfig
properties:
group: script
- config: {get_file: major_upgrade_ceph_storage.sh}
+ config:
+ list_join:
+ - ''
+ - - get_file: pacemaker_common_functions.sh
+ - get_file: major_upgrade_ceph_storage.sh
{% for role in roles %}
UpgradeInit{{role.name}}Deployment:
-heat_template_version: 2014-10-16
+heat_template_version: ocata
description: >
Software-config for performing aodh data migration
manage_systemd_service $action $service
done
}
+
+# Special-case OVS for https://bugs.launchpad.net/tripleo/+bug/1635205
+function special_case_ovs_upgrade_if_needed {
+ if [[ -n $(rpm -q --scripts openvswitch | awk '/postuninstall/,/*/' | grep "systemctl.*try-restart") ]]; then
+ echo "Manual upgrade of openvswitch - restart in postun detected"
+ rm -rf OVS_UPGRADE
+ mkdir OVS_UPGRADE && pushd OVS_UPGRADE
+ echo "Attempting to downloading latest openvswitch with yumdownloader"
+ yumdownloader --resolve openvswitch
+ for pkg in $(ls -1 *.rpm); do
+ if rpm -U --test $pkg 2>&1 | grep "already installed" ; then
+ echo "Looks like newer version of $pkg is already installed, skipping"
+ else
+ echo "Updating $pkg with nopostun option"
+ rpm -U --replacepkgs --nopostun $pkg
+ fi
+ done
+ popd
+ else
+ echo "Skipping manual upgrade of openvswitch - no restart in postun detected"
+ fi
+
+}
+
-heat_template_version: 2014-10-16
+heat_template_version: ocata
description: 'Post-Puppet Config for Pacemaker deployments'
parameters:
-heat_template_version: 2014-10-16
+heat_template_version: ocata
description: 'Post-Puppet restart config for Pacemaker deployments'
parameters:
-heat_template_version: 2014-10-16
+heat_template_version: ocata
description: 'Pre-Puppet Config for Pacemaker deployments'
parameters:
fi
# Special-case OVS for https://bugs.launchpad.net/tripleo/+bug/1635205
-if [[ -n $(rpm -q --scripts openvswitch | awk '/postuninstall/,/*/' | grep "systemctl.*try-restart") ]]; then
- echo "Manual upgrade of openvswitch - restart in postun detected"
- mkdir OVS_UPGRADE || true
- pushd OVS_UPGRADE
- echo "Attempting to downloading latest openvswitch with yumdownloader"
- yumdownloader --resolve openvswitch
- echo "Updating openvswitch with nopostun option"
- rpm -U --replacepkgs --nopostun ./*.rpm
- popd
-else
- echo "Skipping manual upgrade of openvswitch - no restart in postun detected"
-fi
+special_case_ovs_upgrade_if_needed
if [[ "$pacemaker_status" == "active" ]] ; then
echo "Pacemaker running, stopping cluster node and doing full package update"
-heat_template_version: 2014-10-16
+heat_template_version: ocata
description: >
Software-config for performing package updates using yum
type: OS::Heat::SoftwareConfig
properties:
group: script
- config: {get_file: yum_update.sh}
+ config:
+ list_join:
+ - ''
+ - - get_file: pacemaker_common_functions.sh
+ - get_file: yum_update.sh
+
inputs:
- name: update_identifier
description: yum will only run for previously unused values of update_identifier
-heat_template_version: 2014-10-16
+heat_template_version: ocata
description: 'No-op yum update task'
resources:
-heat_template_version: 2015-10-15
+heat_template_version: ocata
description: >
Configure os-net-config mappings for specific nodes
-heat_template_version: 2014-10-16
+heat_template_version: ocata
description: >
This is a default no-op template which provides empty user-data
-heat_template_version: 2014-10-16
+heat_template_version: ocata
description: >
This is first boot configuration for development purposes. It allows
-heat_template_version: 2014-10-16
+heat_template_version: ocata
# NOTE: You don't need to pass the parameter explicitly from the
# parent template, it can be specified via the parameter_defaults
-heat_template_version: 2016-10-14
+heat_template_version: ocata
parameters:
# Can be overridden via parameter_defaults in the environment
--- /dev/null
+heat_template_version: ocata
+
+description: >
+ Uses cloud-init to enable root logins and set the root password.
+ Note this is less secure than the default configuration and may not be
+ appropriate for production environments, it's intended for illustration
+ and development/debugging only.
+
+parameters:
+ NodeRootPassword:
+ description: Root password for the nodes
+ hidden: true
+ type: string
+
+resources:
+ userdata:
+ type: OS::Heat::MultipartMime
+ properties:
+ parts:
+ - config: {get_resource: root_config}
+
+ root_config:
+ type: OS::Heat::CloudConfig
+ properties:
+ cloud_config:
+ ssh_pwauth: true
+ disable_root: false
+ chpasswd:
+ list:
+ str_replace:
+ template: "root:PASSWORD"
+ params:
+ PASSWORD: {get_param: NodeRootPassword}
+ expire: False
+
+outputs:
+ OS::stack_id:
+ value: {get_resource: userdata}
-heat_template_version: 2016-10-14
+heat_template_version: ocata
description: 'All Hosts Config'
parameters:
-heat_template_version: '2016-10-14'
+heat_template_version: ocata
description: >
Software Config to drive os-net-config with 2 bonded nics on a bridge.
parameters:
-heat_template_version: '2016-10-14'
+heat_template_version: ocata
description: >
Software Config to drive os-net-config for a simple bridge.
parameters:
-heat_template_version: '2016-10-14'
+heat_template_version: ocata
description: >
Software Config to drive os-net-config for a simple bridge.
parameters:
-heat_template_version: 2015-04-30
+heat_template_version: ocata
description: >
Software Config to no-op for os-net-config. Using this will allow you
OsNetConfigImpl:
type: OS::Heat::StructuredConfig
properties:
- group: os-apply-config
- config:
+ group: apply-config
+ config: {}
outputs:
OS::stack_id:
-heat_template_version: '2016-10-14'
+heat_template_version: ocata
description: >
Software Config to drive os-net-config for a simple bridge configured with a static IP address for the ctlplane network.
parameters:
-heat_template_version: '2016-10-14'
+heat_template_version: ocata
description: >
Software Config to drive os-net-config for a simple bridge configured with a static IP address for the ctlplane network.
parameters:
-heat_template_version: '2016-10-14'
+heat_template_version: ocata
description: >
Software Config to drive os-net-config for a simple bridge.
parameters:
--- /dev/null
+heat_template_version: ocata
+description: >
+ Software Config to drive os-net-config for a simple bridge configured with a static IP address for the ctlplane network.
+parameters:
+ ControlPlaneIp:
+ default: ''
+ description: IP address/subnet on the ctlplane network
+ type: string
+ ExternalIpSubnet:
+ default: ''
+ description: IP address/subnet on the external network
+ type: string
+ InternalApiIpSubnet:
+ default: ''
+ description: IP address/subnet on the internal API network
+ type: string
+ StorageIpSubnet:
+ default: ''
+ description: IP address/subnet on the storage network
+ type: string
+ StorageMgmtIpSubnet:
+ default: ''
+ description: IP address/subnet on the storage mgmt network
+ type: string
+ TenantIpSubnet:
+ default: ''
+ description: IP address/subnet on the tenant network
+ type: string
+ ManagementIpSubnet:
+ default: ''
+ description: IP address/subnet on the management network
+ type: string
+ ControlPlaneSubnetCidr: # Override this via parameter_defaults
+ default: '24'
+ description: The subnet CIDR of the control plane network.
+ type: string
+ DnsServers: # Override this via parameter_defaults
+ default: []
+ description: A list of DNS servers (2 max for some implementations) that will be added to resolv.conf.
+ type: comma_delimited_list
+resources:
+ OsNetConfigImpl:
+ type: OS::Heat::SoftwareConfig
+ properties:
+ group: script
+ inputs:
+ - name: disable_configure_safe_defaults
+ default: true
+ config:
+ str_replace:
+ template:
+ get_file: network/scripts/run-os-net-config.sh
+ params:
+ $network_config:
+ network_config:
+ - type: ovs_bridge
+ name: br-ctlplane
+ use_dhcp: false
+ dns_servers:
+ get_param: DnsServers
+ addresses:
+ - ip_netmask:
+ list_join:
+ - /
+ - - get_param: ControlPlaneIp
+ - get_param: ControlPlaneSubnetCidr
+ members:
+ - type: interface
+ name: eth1
+ # force the MAC address of the bridge to this interface
+ primary: true
+outputs:
+ OS::stack_id:
+ description: The OsNetConfigImpl resource.
+ value:
+ get_resource: OsNetConfigImpl
+
-heat_template_version: '2016-10-14'
+heat_template_version: ocata
description: >
Software Config to drive os-net-config with 2 bonded nics on a bridge with VLANs attached for the ceph storage role.
parameters:
-heat_template_version: '2016-10-14'
+heat_template_version: ocata
description: >
Software Config to drive os-net-config with 2 bonded nics on a bridge with VLANs attached for the cinder storage role.
parameters:
-heat_template_version: '2016-10-14'
+heat_template_version: ocata
description: >
Software Config to drive os-net-config with 2 bonded nics on a bridge with VLANs attached for the compute role.
parameters:
-heat_template_version: '2016-10-14'
+heat_template_version: ocata
description: >
Software Config to drive os-net-config with 2 bonded nics on a bridge with VLANs attached for the compute role.
parameters:
-heat_template_version: '2016-10-14'
+heat_template_version: ocata
description: >
Software Config to drive os-net-config with 2 bonded nics on a bridge with VLANs attached for the controller role.
parameters:
-heat_template_version: '2016-10-14'
+heat_template_version: ocata
description: >
Software Config to drive os-net-config with 2 bonded nics on a bridge with VLANs attached for the controller role with IPv6
on the External network. The IPv6 default route is on the External network, and the IPv4 default route is on the Control
-heat_template_version: '2016-10-14'
+heat_template_version: ocata
description: >
Software Config to drive os-net-config with 2 bonded nics on a bridge with VLANs attached for the controller role.
parameters:
-heat_template_version: '2016-10-14'
+heat_template_version: ocata
description: >
Software Config to drive os-net-config with 2 bonded nics on a bridge with VLANs attached for the swift storage role.
parameters:
-heat_template_version: '2016-10-14'
+heat_template_version: ocata
description: >
Software Config to drive os-net-config to configure multiple interfaces for the ceph storage role.
parameters:
-heat_template_version: '2016-10-14'
+heat_template_version: ocata
description: >
Software Config to drive os-net-config to configure multiple interfaces for the cinder storage role.
parameters:
-heat_template_version: '2016-10-14'
+heat_template_version: ocata
description: >
Software Config to drive os-net-config to configure multiple interfaces for the
compute role with external bridge for DVR.
-heat_template_version: '2016-10-14'
+heat_template_version: ocata
description: >
Software Config to drive os-net-config to configure multiple interfaces for the compute role.
parameters:
-heat_template_version: '2016-10-14'
+heat_template_version: ocata
description: >
Software Config to drive os-net-config to configure multiple interfaces for the controller role with IPv6 on the External
network. The IPv6 default route is on the External network, and the IPv4 default route is on the Control Plane.
-heat_template_version: '2016-10-14'
+heat_template_version: ocata
description: >
Software Config to drive os-net-config to configure multiple interfaces for the controller role.
parameters:
-heat_template_version: '2016-10-14'
+heat_template_version: ocata
description: >
Software Config to drive os-net-config to configure multiple interfaces for the swift storage role.
parameters:
-heat_template_version: '2016-10-14'
+heat_template_version: ocata
description: >
Software Config to drive os-net-config to configure VLANs for the ceph storage role.
parameters:
-heat_template_version: '2016-10-14'
+heat_template_version: ocata
description: >
Software Config to drive os-net-config to configure VLANs for the cinder storage role.
parameters:
-heat_template_version: '2016-10-14'
+heat_template_version: ocata
description: >
Software Config to drive os-net-config to configure VLANs for the compute role.
parameters:
-heat_template_version: '2016-10-14'
+heat_template_version: ocata
description: >
Software Config to drive os-net-config to configure VLANs for the controller role with IPv6 on the External network. The
IPv6 default route is on the External network, and the IPv4 default route is on the Control Plane.
-heat_template_version: '2016-10-14'
+heat_template_version: ocata
description: >
Software Config to drive os-net-config to configure VLANs for the controller role.
parameters:
-heat_template_version: '2016-10-14'
+heat_template_version: ocata
description: >
Software Config to drive os-net-config to configure VLANs for the swift storage role.
parameters:
-heat_template_version: '2016-10-14'
+heat_template_version: ocata
description: >
Software Config to drive os-net-config to configure VLANs for the ceph storage role.
parameters:
-heat_template_version: '2016-10-14'
+heat_template_version: ocata
description: >
Software Config to drive os-net-config to configure VLANs for the cinder storage role.
parameters:
-heat_template_version: '2016-10-14'
+heat_template_version: ocata
description: >
Software Config to drive os-net-config to configure VLANs for the compute role.
parameters:
-heat_template_version: '2016-10-14'
+heat_template_version: ocata
description: >
Software Config to drive os-net-config to configure VLANs for the controller role. No external IP is configured.
parameters:
-heat_template_version: '2016-10-14'
+heat_template_version: ocata
description: >
Software Config to drive os-net-config to configure VLANs for the controller role with IPv6 on the External network. The
IPv6 default route is on the External network, and the IPv4 default route is on the Control Plane.
-heat_template_version: '2016-10-14'
+heat_template_version: ocata
description: >
Software Config to drive os-net-config to configure VLANs for the controller role.
parameters:
-heat_template_version: '2016-10-14'
+heat_template_version: ocata
description: >
Software Config to drive os-net-config to configure VLANs for the swift storage role.
parameters:
def generate_endpoint_map_template(config):
return collections.OrderedDict([
- ('heat_template_version', '2015-04-30'),
+ ('heat_template_version', 'ocata'),
('description', 'A map of OpenStack endpoints. Since the endpoints '
'are URLs, we need to have brackets around IPv6 IP addresses. The '
'inputs to these parameters come from net_ip_uri_map, which will '
Admin:
net_param: ZaqarApi
port: 9000
+ protocol: ws
### This file is automatically generated from endpoint_data.yaml
### by the script build_endpoint_map.py
-heat_template_version: '2015-04-30'
+heat_template_version: ocata
description: A map of OpenStack endpoints. Since the endpoints are URLs,
we need to have brackets around IPv6 IP addresses. The inputs to these
parameters come from net_ip_uri_map, which will include these brackets
ZaqarAdmin: {protocol: http, port: '8888', host: IP_ADDRESS}
ZaqarInternal: {protocol: http, port: '8888', host: IP_ADDRESS}
ZaqarPublic: {protocol: http, port: '8888', host: IP_ADDRESS}
- ZaqarWebSocketAdmin: {protocol: http, port: '9000', host: IP_ADDRESS}
- ZaqarWebSocketInternal: {protocol: http, port: '9000', host: IP_ADDRESS}
- ZaqarWebSocketPublic: {protocol: http, port: '9000', host: IP_ADDRESS}
+ ZaqarWebSocketAdmin: {protocol: ws, port: '9000', host: IP_ADDRESS}
+ ZaqarWebSocketInternal: {protocol: ws, port: '9000', host: IP_ADDRESS}
+ ZaqarWebSocketPublic: {protocol: ws, port: '9000', host: IP_ADDRESS}
description: Mapping of service endpoint -> protocol. Typically set
via parameter_defaults in the resource registry.
CloudEndpoints:
-heat_template_version: 2015-04-30
+heat_template_version: ocata
description: >
External network. Public traffic, Neutron l3router for floating IPs/SNAT, etc.
-heat_template_version: 2015-04-30
+heat_template_version: ocata
description: >
External network. Public traffic, Neutron l3router for floating IPs/SNAT, etc.
-heat_template_version: 2015-04-30
+heat_template_version: ocata
description: >
Internal API network. Used for most APIs, Database, RPC.
-heat_template_version: 2015-04-30
+heat_template_version: ocata
description: >
Internal API network. Used for most APIs, Database, RPC.
-heat_template_version: 2015-04-30
+heat_template_version: ocata
description: >
Management network. System administration, SSH, DNS, NTP, etc. This network
-heat_template_version: 2015-04-30
+heat_template_version: ocata
description: >
Management network. System administration, SSH, DNS, NTP, etc. This network
-heat_template_version: 2015-04-30
+heat_template_version: ocata
description: Create networks to split out Overcloud traffic
-heat_template_version: 2015-10-15
+heat_template_version: ocata
description: >
Creates a port for a VIP on the undercloud ctlplane network.
-heat_template_version: 2015-10-15
+heat_template_version: ocata
description: >
Creates a port on the external network. The IP address will be chosen
-heat_template_version: 2015-10-15
+heat_template_version: ocata
description: >
Returns an IP from a network mapped list of IPs
-heat_template_version: 2015-10-15
+heat_template_version: ocata
description: >
Returns an IP from a network mapped list of IPs. This version is for IPv6
-heat_template_version: 2015-10-15
+heat_template_version: ocata
description: >
Creates a port on the external network. The IP address will be chosen
-heat_template_version: 2015-04-30
+heat_template_version: ocata
description: >
Returns an IP from a service mapped list of IPs
-heat_template_version: 2015-04-30
+heat_template_version: ocata
description: >
Returns an IP from a service mapped list of IPv6 IPs
-heat_template_version: 2015-10-15
+heat_template_version: ocata
description: >
Creates a port on the internal_api network.
-heat_template_version: 2015-10-15
+heat_template_version: ocata
description: >
Returns an IP from a network mapped list of IPs
-heat_template_version: 2015-10-15
+heat_template_version: ocata
description: >
Returns an IP from a network mapped list of IPs. This version is for IPv6
-heat_template_version: 2015-10-15
+heat_template_version: ocata
description: >
Creates a port on the internal_api network.
-heat_template_version: 2015-10-15
+heat_template_version: ocata
description: >
Creates a port on the management network. The IP address will be chosen
-heat_template_version: 2015-10-15
+heat_template_version: ocata
description: >
Returns an IP from a network mapped list of IPs
-heat_template_version: 2015-10-15
+heat_template_version: ocata
description: >
Returns an IP from a network mapped list of IPs. This version is for IPv6
-heat_template_version: 2015-10-15
+heat_template_version: ocata
description: >
Creates a port on the management network. The IP address will be chosen
-heat_template_version: 2016-10-14
+heat_template_version: ocata
parameters:
ControlPlaneIpList:
SERVICE_short_node_names: {get_param: ServiceHostnameList}
for_each:
SERVICE: {get_attr: [EnabledServicesValue, value]}
+ short_service_bootstrap_hostnames:
+ description: >
+ Map of enabled services to a list of hostnames where they're running regardless of the network
+ Used for bootstrap purposes
+ value:
+ yaql:
+ # If ServiceHostnameList is empty the role is deployed with zero nodes
+ # therefore we don't want to add any *_node_names to the map
+ expression: dict($.data.map.items().where(len($[1]) > 0))
+ data:
+ map:
+ map_merge:
+ repeat:
+ template:
+ SERVICE_short_bootstrap_node_name: {get_param: ServiceHostnameList}
+ for_each:
+ SERVICE: {get_attr: [EnabledServicesValue, value]}
-heat_template_version: 2015-04-30
+heat_template_version: ocata
parameters:
ControlPlaneIp:
-heat_template_version: 2015-04-30
+heat_template_version: ocata
parameters:
# Set these via parameter defaults to configure external VIPs
-heat_template_version: 2015-04-30
+heat_template_version: ocata
parameters:
# Set these via parameter defaults to configure external VIPs
-heat_template_version: 2015-04-30
+heat_template_version: ocata
description: >
Returns the control plane port (provisioning network) as the ip_address.
-heat_template_version: 2015-10-15
+heat_template_version: ocata
description: >
Creates a port on the storage network.
-heat_template_version: 2015-10-15
+heat_template_version: ocata
description: >
Returns an IP from a network mapped list of IPs
-heat_template_version: 2015-10-15
+heat_template_version: ocata
description: >
Returns an IP from a network mapped list of IPs. This version is for IPv6
-heat_template_version: 2015-10-15
+heat_template_version: ocata
description: >
Creates a port on the storage_mgmt API network.
-heat_template_version: 2015-10-15
+heat_template_version: ocata
description: >
Returns an IP from a network mapped list of IPs
-heat_template_version: 2015-10-15
+heat_template_version: ocata
description: >
Returns an IP from a network mapped list of IPs This version is for IPv6
-heat_template_version: 2015-10-15
+heat_template_version: ocata
description: >
Creates a port on the storage_mgmt API network.
-heat_template_version: 2015-10-15
+heat_template_version: ocata
description: >
Creates a port on the storage network.
-heat_template_version: 2015-10-15
+heat_template_version: ocata
description: >
Creates a port on the tenant network.
-heat_template_version: 2015-10-15
+heat_template_version: ocata
description: >
Returns an IP from a network mapped list of IPs
-heat_template_version: 2015-10-15
+heat_template_version: ocata
description: >
Returns an IP from a network mapped list of IPs
-heat_template_version: 2015-10-15
+heat_template_version: ocata
description: >
Creates a port on the tenant network.
-heat_template_version: 2015-10-15
+heat_template_version: ocata
description: >
Creates a port for a VIP on the isolated network NetworkName.
-heat_template_version: 2015-10-15
+heat_template_version: ocata
description: >
Creates a port for a VIP on the isolated network NetworkName.
#!/bin/bash
-# Note this script expects the following environment variables to be set
-# normally these are provided by the calling SoftwareConfig resource, but
-# they may also be set manually for testing
+# The following environment variables may be set to substitute in a
+# custom bridge or interface name. Normally these are provided by the calling
+# SoftwareConfig resource, but they may also be set manually for testing.
# $bridge_name : The bridge device name to apply
# $interface_name : The interface name to apply
#
}
if [ -n '$network_config' ]; then
- trap configure_safe_defaults EXIT
+ if [ -z "${disable_configure_safe_defaults:-''}" ]; then
+ trap configure_safe_defaults EXIT
+ fi
mkdir -p /etc/os-net-config
# Note these variables come from the calling heat SoftwareConfig
echo '$network_config' > /etc/os-net-config/config.json
- sed -i "s/bridge_name/$bridge_name/" /etc/os-net-config/config.json
- sed -i "s/interface_name/$interface_name/" /etc/os-net-config/config.json
+
+ if [ "$(type -t network_config_hook)" = "function" ]; then
+ network_config_hook
+ fi
+
+ sed -i "s/bridge_name/${bridge_name:-''}/" /etc/os-net-config/config.json
+ sed -i "s/interface_name/${interface_name:-''}/" /etc/os-net-config/config.json
os-net-config -c /etc/os-net-config/config.json -v --detailed-exit-codes
RETVAL=$?
+
if [[ $RETVAL == 2 ]]; then
ping_metadata_ip
-heat_template_version: 2016-10-14
+heat_template_version: ocata
description: >
Mapping of service_name_network -> network name
CephRgwNetwork: storage
PublicNetwork: external
OpendaylightApiNetwork: internal_api
+ OvnDbsNetwork: internal_api
MistralApiNetwork: internal_api
ZaqarApiNetwork: internal_api
# We special-case the default ResolveNetwork for the CephStorage role
-heat_template_version: 2015-04-30
+heat_template_version: ocata
description: >
Storage network.
-heat_template_version: 2015-04-30
+heat_template_version: ocata
description: >
Storage management network. Storage replication, etc.
-heat_template_version: 2015-04-30
+heat_template_version: ocata
description: >
Storage management network. Storage replication, etc.
-heat_template_version: 2015-04-30
+heat_template_version: ocata
description: >
Storage network.
-heat_template_version: 2015-04-30
+heat_template_version: ocata
description: >
Tenant network.
-heat_template_version: 2015-04-30
+heat_template_version: ocata
description: >
Tenant IPv6 network.
OS::TripleO::Tasks::PackageUpdate: extraconfig/tasks/yum_update.yaml
{% for role in roles %}
+ OS::TripleO::{{role.name}}::PreNetworkConfig: OS::Heat::None
OS::TripleO::{{role.name}}PostDeploySteps: puppet/post.yaml
OS::TripleO::{{role.name}}: puppet/{{role.name.lower()}}-role.yaml
OS::TripleO::{{role.name}}Config: puppet/{{role.name.lower()}}-config.yaml
# in the jinja loop
OS::TripleO::Controller::Net::SoftwareConfig: net-config-bridge.yaml
+ OS::TripleO::ServiceServerMetadataHook: OS::Heat::None
+
OS::TripleO::Server: OS::Nova::Server
# This creates the "heat-admin" user for all OS images by default
OS::TripleO::Services::Apache: puppet/services/apache.yaml
OS::TripleO::Services::ApacheTLS: OS::Heat::None
OS::TripleO::Services::CACerts: puppet/services/ca-certs.yaml
+ OS::TripleO::Services::CephMds: OS::Heat::None
OS::TripleO::Services::CephMon: OS::Heat::None
OS::TripleO::Services::CephRgw: OS::Heat::None
OS::TripleO::Services::CephOSD: OS::Heat::None
OS::TripleO::Services::CinderScheduler: puppet/services/cinder-scheduler.yaml
OS::TripleO::Services::CinderVolume: puppet/services/cinder-volume.yaml
OS::TripleO::Services::BlockStorageCinderVolume: puppet/services/cinder-volume.yaml
- OS::TripleO::Services::Core: OS::Heat::None
OS::TripleO::Services::Keystone: puppet/services/keystone.yaml
OS::TripleO::Services::GlanceApi: puppet/services/glance-api.yaml
OS::TripleO::Services::GlanceRegistry: puppet/services/glance-registry.yaml
OS::TripleO::Services::NeutronCorePluginPlumgrid: puppet/services/neutron-plugin-plumgrid.yaml
OS::TripleO::Services::NeutronCorePluginNuage: puppet/services/neutron-plugin-nuage.yaml
OS::TripleO::Services::NeutronCorePluginOpencontrail: puppet/services/neutron-plugin-opencontrail.yaml
+ OS::TripleO::Services::OVNDBs: OS::Heat::None
+
OS::TripleO::Services::NeutronCorePluginMidonet: puppet/services/neutron-midonet.yaml
OS::TripleO::Services::NeutronOvsAgent: puppet/services/neutron-ovs-agent.yaml
OS::TripleO::Services::ComputeNeutronOvsAgent: puppet/services/neutron-ovs-agent.yaml
-heat_template_version: 2016-10-14
+{% set primary_role_name = roles[0].name -%}
+heat_template_version: ocata
description: >
Deploy an OpenStack environment, consisting of several node types (roles),
services: {get_attr: [{{role.name}}ServiceChain, role_data, service_names]}
ServiceNames: {get_attr: [{{role.name}}ServiceChain, role_data, service_names]}
MonitoringSubscriptions: {get_attr: [{{role.name}}ServiceChain, role_data, monitoring_subscriptions]}
+ ServiceMetadataSettings: {get_attr: [{{role.name}}ServiceChain, role_data, service_metadata_settings]}
{% endfor %}
hostsConfig:
{% for role in roles %}
- {get_attr: [{{role.name}}ServiceChain, role_data, logging_sources]}
{% endfor %}
- controller_ips: {get_attr: [Controller, ip_address]}
- controller_names: {get_attr: [Controller, hostname]}
+ controller_ips: {get_attr: [{{primary_role_name}}, ip_address]}
+ controller_names: {get_attr: [{{primary_role_name}}, hostname]}
service_ips:
# Note (shardy) this somewhat complex yaql may be replaced
# with a map_deep_merge function in ocata. It merges the
l:
{% for role in roles %}
- {get_attr: [{{role.name}}IpListMap, short_service_hostnames]}
+{% endfor %}
+ short_service_bootstrap_node:
+ yaql:
+ expression: dict($.data.l.where($ != null).selectMany($.items()).groupBy($[0], $[1], [$[0], $[1].flatten().first()]))
+ data:
+ l:
+{% for role in roles %}
+ - {get_attr: [{{role.name}}IpListMap, short_service_bootstrap_hostnames]}
{% endfor %}
# FIXME(shardy): These require further work to move into service_ips
- memcache_node_ips: {get_attr: [ControllerIpListMap, net_ip_map, {get_attr: [ServiceNetMap, service_net_map, MemcachedNetwork]}]}
+ memcache_node_ips: {get_attr: [{{primary_role_name}}IpListMap, net_ip_map, {get_attr: [ServiceNetMap, service_net_map, MemcachedNetwork]}]}
NetVipMap: {get_attr: [VipMap, net_ip_map]}
RedisVirtualIP: {get_attr: [RedisVirtualIP, ip_address]}
ServiceNetMap: {get_attr: [ServiceNetMap, service_net_map_lower]}
PingTestIps:
list_join:
- ' '
- - - {get_attr: [Controller, resource.0.external_ip_address]}
- - {get_attr: [Controller, resource.0.internal_api_ip_address]}
- - {get_attr: [Controller, resource.0.storage_ip_address]}
- - {get_attr: [Controller, resource.0.storage_mgmt_ip_address]}
- - {get_attr: [Controller, resource.0.tenant_ip_address]}
- - {get_attr: [Controller, resource.0.management_ip_address]}
+ - - {get_attr: [{{primary_role_name}}, resource.0.external_ip_address]}
+ - {get_attr: [{{primary_role_name}}, resource.0.internal_api_ip_address]}
+ - {get_attr: [{{primary_role_name}}, resource.0.storage_ip_address]}
+ - {get_attr: [{{primary_role_name}}, resource.0.storage_mgmt_ip_address]}
+ - {get_attr: [{{primary_role_name}}, resource.0.tenant_ip_address]}
+ - {get_attr: [{{primary_role_name}}, resource.0.management_ip_address]}
UpdateWorkflow:
type: OS::TripleO::Tasks::UpdateWorkflow
servers: {get_attr: [{{role.name}}, attributes, nova_server_resource]}
{% endfor %}
- # Post deployment steps for all roles
- AllNodesDeploySteps:
- type: OS::TripleO::PostDeploySteps
+ # Upgrade steps for all roles
+ AllNodesUpgradeSteps:
+ type: OS::TripleO::UpgradeSteps
depends_on:
{% for role in roles %}
- {{role.name}}AllNodesDeployment
{{role.name}}: {get_attr: [{{role.name}}ServiceChain, role_data]}
{% endfor %}
- # Upgrade steps for all roles
- AllNodesUpgradeSteps:
- type: OS::TripleO::UpgradeSteps
- depends_on: AllNodesDeploySteps
+ # Post deployment steps for all roles
+ AllNodesDeploySteps:
+ type: OS::TripleO::PostDeploySteps
+ depends_on: AllNodesUpgradeSteps
properties:
servers:
{% for role in roles %}
{{role.name}}: {get_attr: [{{role.name}}ServiceChain, role_data]}
{% endfor %}
-
outputs:
ManagedEndpoints:
description: Asserts that the keystone endpoints have been provisioned.
-heat_template_version: 2016-10-14
+heat_template_version: ocata
description: 'All Nodes Config for Puppet'
parameters:
type: json
short_service_node_names:
type: json
+ short_service_bootstrap_node:
+ type: json
controller_names:
type: comma_delimited_list
memcache_node_ips:
- {get_param: service_ips}
- {get_param: service_node_names}
- {get_param: short_service_node_names}
+ - {get_param: short_service_bootstrap_node}
- controller_node_ips:
list_join:
- ','
-heat_template_version: 2016-10-14
+heat_template_version: ocata
description: 'OpenStack cinder storage configured by Puppet'
parameters:
BlockStorageImage:
MonitoringSubscriptions:
type: comma_delimited_list
default: []
+ ServiceMetadataSettings:
+ type: json
+ default: {}
ConfigCommand:
type: string
description: Command which will be run whenever configuration data changes
default: os-refresh-config --timeout 14400
+ UpgradeInitCommand:
+ type: string
+ description: |
+ Command or script snippet to run on all overcloud nodes to
+ initialize the upgrade process. E.g. a repository switch.
+ default: ''
resources:
BlockStorage:
map_merge:
- {get_param: ServerMetadata}
- {get_param: BlockStorageServerMetadata}
+ - {get_param: ServiceMetadataSettings}
scheduler_hints: {get_param: BlockStorageSchedulerHints}
# Combine the NodeAdminUserData and NodeUserData mime archives
- - {get_attr: [BlockStorage, name]}
- ctlplane
+ PreNetworkConfig:
+ type: OS::TripleO::BlockStorage::PreNetworkConfig
+ properties:
+ server: {get_resource: BlockStorage}
+
NetworkDeployment:
type: OS::TripleO::SoftwareDeployment
+ depends_on: PreNetworkConfig
properties:
name: NetworkDeployment
config: {get_resource: NetworkConfig}
server: {get_resource: BlockStorage}
actions: {get_param: NetworkDeploymentActions}
+ BlockStorageUpgradeInitConfig:
+ type: OS::Heat::SoftwareConfig
+ properties:
+ group: script
+ config:
+ list_join:
+ - ''
+ - - "#!/bin/bash\n\n"
+ - "if [[ -f /etc/resolv.conf.save ]] ; then rm /etc/resolv.conf.save; fi\n\n"
+ - get_param: UpgradeInitCommand
+
+ # Note we may be able to make this conditional on UpgradeInitCommandNotEmpty
+ # but https://bugs.launchpad.net/heat/+bug/1649900 needs fixing first
+ BlockStorageUpgradeInitDeployment:
+ type: OS::Heat::SoftwareDeployment
+ depends_on: NetworkDeployment
+ properties:
+ name: BlockStorageUpgradeInitDeployment
+ server: {get_resource: BlockStorage}
+ config: {get_resource: BlockStorageUpgradeInitConfig}
+
BlockStorageDeployment:
type: OS::Heat::StructuredDeployment
- depends_on: NetworkDeployment
+ depends_on: BlockStorageUpgradeInitDeployment
properties:
name: BlockStorageDeployment
server: {get_resource: BlockStorage}
-heat_template_version: 2016-10-14
+heat_template_version: ocata
description: 'OpenStack ceph storage node configured by Puppet'
parameters:
OvercloudCephStorageFlavor:
MonitoringSubscriptions:
type: comma_delimited_list
default: []
+ ServiceMetadataSettings:
+ type: json
+ default: {}
ConfigCommand:
type: string
description: Command which will be run whenever configuration data changes
default: os-refresh-config --timeout 14400
+ UpgradeInitCommand:
+ type: string
+ description: |
+ Command or script snippet to run on all overcloud nodes to
+ initialize the upgrade process. E.g. a repository switch.
+ default: ''
resources:
CephStorage:
map_merge:
- {get_param: ServerMetadata}
- {get_param: CephStorageServerMetadata}
+ - {get_param: ServiceMetadataSettings}
scheduler_hints: {get_param: CephStorageSchedulerHints}
# Combine the NodeAdminUserData and NodeUserData mime archives
- - {get_attr: [CephStorage, name]}
- ctlplane
+ PreNetworkConfig:
+ type: OS::TripleO::CephStorage::PreNetworkConfig
+ properties:
+ server: {get_resource: CephStorage}
+
NetworkDeployment:
type: OS::TripleO::SoftwareDeployment
+ depends_on: PreNetworkConfig
properties:
name: NetworkDeployment
config: {get_resource: NetworkConfig}
server: {get_resource: CephStorage}
actions: {get_param: NetworkDeploymentActions}
+ CephStorageUpgradeInitConfig:
+ type: OS::Heat::SoftwareConfig
+ properties:
+ group: script
+ config:
+ list_join:
+ - ''
+ - - "#!/bin/bash\n\n"
+ - "if [[ -f /etc/resolv.conf.save ]] ; then rm /etc/resolv.conf.save; fi\n\n"
+ - get_param: UpgradeInitCommand
+
+ # Note we may be able to make this conditional on UpgradeInitCommandNotEmpty
+ # but https://bugs.launchpad.net/heat/+bug/1649900 needs fixing first
+ CephStorageUpgradeInitDeployment:
+ type: OS::Heat::SoftwareDeployment
+ depends_on: NetworkDeployment
+ properties:
+ name: CephStorageUpgradeInitDeployment
+ server: {get_resource: CephStorage}
+ config: {get_resource: CephStorageUpgradeInitConfig}
+
CephStorageDeployment:
type: OS::Heat::StructuredDeployment
- depends_on: NetworkDeployment
+ depends_on: CephStorageUpgradeInitDeployment
properties:
name: CephStorageDeployment
config: {get_resource: CephStorageConfig}
-heat_template_version: 2016-10-14
+heat_template_version: ocata
description: >
OpenStack hypervisor node configured via Puppet.
MonitoringSubscriptions:
type: comma_delimited_list
default: []
+ ServiceMetadataSettings:
+ type: json
+ default: {}
ConfigCommand:
type: string
description: Command which will be run whenever configuration data changes
default: os-refresh-config --timeout 14400
+ UpgradeInitCommand:
+ type: string
+ description: |
+ Command or script snippet to run on all overcloud nodes to
+ initialize the upgrade process. E.g. a repository switch.
+ default: ''
resources:
map_merge:
- {get_param: ServerMetadata}
- {get_param: NovaComputeServerMetadata}
+ - {get_param: ServiceMetadataSettings}
scheduler_hints: {get_param: NovaComputeSchedulerHints}
# Combine the NodeAdminUserData and NodeUserData mime archives
- - {get_attr: [NovaCompute, name]}
- ctlplane
+ PreNetworkConfig:
+ type: OS::TripleO::Compute::PreNetworkConfig
+ properties:
+ server: {get_resource: NovaCompute}
+
NetworkConfig:
type: OS::TripleO::Compute::Net::SoftwareConfig
properties:
NetworkDeployment:
type: OS::TripleO::SoftwareDeployment
+ depends_on: PreNetworkConfig
properties:
name: NetworkDeployment
config: {get_resource: NetworkConfig}
bridge_name: {get_param: NeutronPhysicalBridge}
interface_name: {get_param: NeutronPublicInterface}
+ NovaComputeUpgradeInitConfig:
+ type: OS::Heat::SoftwareConfig
+ properties:
+ group: script
+ config:
+ list_join:
+ - ''
+ - - "#!/bin/bash\n\n"
+ - "if [[ -f /etc/resolv.conf.save ]] ; then rm /etc/resolv.conf.save; fi\n\n"
+ - get_param: UpgradeInitCommand
+
+ # Note we may be able to make this conditional on UpgradeInitCommandNotEmpty
+ # but https://bugs.launchpad.net/heat/+bug/1649900 needs fixing first
+ NovaComputeUpgradeInitDeployment:
+ type: OS::Heat::SoftwareDeployment
+ depends_on: NetworkDeployment
+ properties:
+ name: NovaComputeUpgradeInitDeployment
+ server: {get_resource: NovaCompute}
+ config: {get_resource: NovaComputeUpgradeInitConfig}
+
NovaComputeConfig:
type: OS::Heat::StructuredConfig
properties:
NovaComputeDeployment:
type: OS::TripleO::SoftwareDeployment
- depends_on: NetworkDeployment
+ depends_on: NovaComputeUpgradeInitDeployment
properties:
name: NovaComputeDeployment
config: {get_resource: NovaComputeConfig}
-heat_template_version: 2016-10-14
+heat_template_version: ocata
description: >
A software config which runs puppet on the {{role}} role
-heat_template_version: 2015-04-30
+heat_template_version: ocata
description: >
A software config which runs manifests/overcloud_controller_pacemaker.pp
-heat_template_version: 2016-10-14
+heat_template_version: ocata
description: >
OpenStack controller node configured by Puppet.
MonitoringSubscriptions:
type: comma_delimited_list
default: []
+ ServiceMetadataSettings:
+ type: json
+ default: {}
ConfigCommand:
type: string
description: Command which will be run whenever configuration data changes
default: os-refresh-config --timeout 14400
+ UpgradeInitCommand:
+ type: string
+ description: |
+ Command or script snippet to run on all overcloud nodes to
+ initialize the upgrade process. E.g. a repository switch.
+ default: ''
parameter_groups:
- label: deprecated
map_merge:
- {get_param: ServerMetadata}
- {get_param: ControllerServerMetadata}
+ - {get_param: ServiceMetadataSettings}
scheduler_hints: {get_param: ControllerSchedulerHints}
# Combine the NodeAdminUserData and NodeUserData mime archives
- - {get_attr: [Controller, name]}
- ctlplane
+ PreNetworkConfig:
+ type: OS::TripleO::Controller::PreNetworkConfig
+ properties:
+ server: {get_resource: Controller}
+
NetworkConfig:
type: OS::TripleO::Controller::Net::SoftwareConfig
properties:
NetworkDeployment:
type: OS::TripleO::SoftwareDeployment
+ depends_on: PreNetworkConfig
properties:
name: NetworkDeployment
config: {get_resource: NetworkConfig}
server: {get_resource: Controller}
NodeIndex: {get_param: NodeIndex}
+ ControllerUpgradeInitConfig:
+ type: OS::Heat::SoftwareConfig
+ properties:
+ group: script
+ config:
+ list_join:
+ - ''
+ - - "#!/bin/bash\n\n"
+ - "if [[ -f /etc/resolv.conf.save ]] ; then rm /etc/resolv.conf.save; fi\n\n"
+ - get_param: UpgradeInitCommand
+
+ # Note we may be able to make this conditional on UpgradeInitCommandNotEmpty
+ # but https://bugs.launchpad.net/heat/+bug/1649900 needs fixing first
+ ControllerUpgradeInitDeployment:
+ type: OS::Heat::SoftwareDeployment
+ depends_on: NetworkDeployment
+ properties:
+ name: ControllerUpgradeInitDeployment
+ server: {get_resource: Controller}
+ config: {get_resource: ControllerUpgradeInitConfig}
ControllerDeployment:
type: OS::TripleO::SoftwareDeployment
- depends_on: NetworkDeployment
+ depends_on: ControllerUpgradeInitDeployment
properties:
name: ControllerDeployment
config: {get_resource: ControllerConfig}
-heat_template_version: 2015-04-30
+heat_template_version: ocata
description: >
Software Config to install deployment artifacts (tarball's and/or
-heat_template_version: 2015-10-15
+heat_template_version: ocata
description: Configure hieradata for all MidoNet nodes
-heat_template_version: 2015-04-30
+heat_template_version: ocata
description: Configure hieradata for Network Cisco configuration
-heat_template_version: 2015-04-30
+heat_template_version: ocata
description: Configure hieradata for Big Switch agents on compute node
-heat_template_version: 2015-04-30
+heat_template_version: ocata
description: Compute node hieradata for Neutron OpenContrail configuration
-heat_template_version: 2015-04-30
+heat_template_version: ocata
description: Configure hieradata for Nuage configuration on the Compute
-heat_template_version: 2015-10-15
+heat_template_version: ocata
description: Configure hieradata for Cinder Dell Storage Center configuration
-heat_template_version: 2015-10-15
+heat_template_version: ocata
description: Configure hieradata for Cinder Eqlx configuration
-heat_template_version: 2015-04-30
+heat_template_version: ocata
description: Configure hieradata for Cinder Netapp configuration
-heat_template_version: 2014-10-16
+heat_template_version: ocata
description: 'Extra Pre-Deployment Config, multiple'
parameters:
server:
-heat_template_version: 2015-04-30
+heat_template_version: ocata
description: Configure hieradata for Neutron Big Switch configuration
-heat_template_version: 2015-04-30
+heat_template_version: ocata
description: Configure hieradata for Cisco N1KV configuration
-heat_template_version: 2014-10-16
+heat_template_version: ocata
description: 'Noop Extra Pre-Deployment Config'
parameters:
server:
-heat_template_version: 2015-04-30
+heat_template_version: ocata
description: Configure hieradata overrides for specific nodes
-heat_template_version: 2015-04-30
+heat_template_version: ocata
description: >
This is a template which will inject the trusted anchor.
-heat_template_version: 2015-10-15
+heat_template_version: ocata
description: Enroll nodes to FreeIPA
type: string
FreeIPAOTP:
+ default: ''
description: 'OTP that will be used for FreeIPA enrollment'
type: string
hidden: true
FreeIPAServer:
+ default: ''
description: 'FreeIPA server DNS name'
type: string
FreeIPAIPAddress:
- name: ipa_ip
config: |
#!/bin/sh
- sed -i "/${ipa_server}/d" /etc/hosts
- # Optionally add the FreeIPA server IP to /etc/hosts
- if [ -n "${ipa_ip}" ]; then
- echo "${ipa_ip} ${ipa_server}" >> /etc/hosts
+ # If no IPA server was given as a parameter, it will be assumed from
+ # DNS.
+ if [ -n "${ipa_server}" ]; then
+ sed -i "/${ipa_server}/d" /etc/hosts
+ # Optionally add the FreeIPA server IP to /etc/hosts
+ if [ -n "${ipa_ip}" ]; then
+ echo "${ipa_ip} ${ipa_server}" >> /etc/hosts
+ fi
fi
# Set the node's domain if needed
if [ ! $(hostname -f | grep "${ipa_domain}$") ]; then
hostnamectl set-hostname "$(hostname).${ipa_domain}"
fi
yum install -y ipa-client
- # Enroll. If there is already keytab, we have already done this.
+ # Enroll. If there is already keytab, we have already done this. If
+ # this node hasn't enrolled and the OTP is missing, fail.
if [ ! -f /etc/krb5.keytab ]; then
+ if [ -z "${otp}" ]; then
+ echo "OTP is missing"
+ exit 1
+ fi
ipa-client-install --server ${ipa_server} -w ${otp} \
--domain=${ipa_domain} -U
fi
-heat_template_version: 2015-04-30
+heat_template_version: ocata
description: >
This is a template which will build the TLS Certificates necessary
-heat_template_version: 2016-10-14
+heat_template_version: ocata
description: 'Upgrade steps for all roles'
parameters:
Setting to a previously unused value during stack-update will trigger
the Upgrade resources to re-run on all roles.
- UpgradeInitCommand:
- type: string
- description: |
- Command or script snippet to run on all overcloud nodes to
- initialize the upgrade process. E.g. a repository switch.
- default: ''
-
resources:
- # For the UpgradeInit also rename /etc/resolv.conf.save for +bug/1567004
- UpgradeInitConfig:
- type: OS::Heat::SoftwareConfig
- properties:
- group: script
- config:
- list_join:
- - ''
- - - "#!/bin/bash\n\n"
- - "if [[ -f /etc/resolv.conf.save ]] ; then rm /etc/resolv.conf.save; fi\n\n"
- - get_param: UpgradeInitCommand
-
-{% for role in roles %}
- {{role.name}}Upgrade_Init:
- type: OS::Heat::StructuredDeploymentGroup
- properties:
- name: {{role.name}}Upgrade_Init
- servers: {get_param: [servers, {{role.name}}]}
- config: {get_resource: UpgradeInitConfig}
-{% endfor %}
-
# Upgrade Steps for all roles
# FIXME(shardy): would be nice to make the number of steps configurable
{% for step in range(1, 8) %}
# serialization, but the event output is easier to follow if we
# do, and there should be minimal performance hit (creating the
# config is cheap compared to the time to apply the deployment).
+ {% if step > 1 %}
depends_on:
- {% if step == 1 %}
- - {{role.name}}Upgrade_Init
- {% else %}
{% for dep in roles %}
- {{dep.name}}Upgrade_Step{{step -1}}
{% endfor %}
-heat_template_version: 2016-10-14
+heat_template_version: ocata
description: 'OpenStack swift storage node configured by Puppet'
parameters:
OvercloudSwiftStorageFlavor:
MonitoringSubscriptions:
type: comma_delimited_list
default: []
+ ServiceMetadataSettings:
+ type: json
+ default: {}
ConfigCommand:
type: string
description: Command which will be run whenever configuration data changes
default: os-refresh-config --timeout 14400
+ UpgradeInitCommand:
+ type: string
+ description: |
+ Command or script snippet to run on all overcloud nodes to
+ initialize the upgrade process. E.g. a repository switch.
+ default: ''
resources:
map_merge:
- {get_param: ServerMetadata}
- {get_param: SwiftStorageServerMetadata}
+ - {get_param: ServiceMetadataSettings}
scheduler_hints: {get_param: ObjectStorageSchedulerHints}
# Combine the NodeAdminUserData and NodeUserData mime archives
- - {get_attr: [SwiftStorage, name]}
- ctlplane
+ PreNetworkConfig:
+ type: OS::TripleO::ObjectStorage::PreNetworkConfig
+ properties:
+ server: {get_resource: SwiftStorage}
+
NetworkDeployment:
type: OS::TripleO::SoftwareDeployment
+ depends_on: PreNetworkConfig
properties:
name: NetworkDeployment
config: {get_resource: NetworkConfig}
server: {get_resource: SwiftStorage}
actions: {get_param: NetworkDeploymentActions}
+ SwiftStorageUpgradeInitConfig:
+ type: OS::Heat::SoftwareConfig
+ properties:
+ group: script
+ config:
+ list_join:
+ - ''
+ - - "#!/bin/bash\n\n"
+ - "if [[ -f /etc/resolv.conf.save ]] ; then rm /etc/resolv.conf.save; fi\n\n"
+ - get_param: UpgradeInitCommand
+
+ # Note we may be able to make this conditional on UpgradeInitCommandNotEmpty
+ # but https://bugs.launchpad.net/heat/+bug/1649900 needs fixing first
+ SwiftStorageUpgradeInitDeployment:
+ type: OS::Heat::SoftwareDeployment
+ depends_on: NetworkDeployment
+ properties:
+ name: SwiftStorageUpgradeInitDeployment
+ server: {get_resource: SwiftStorage}
+ config: {get_resource: SwiftStorageUpgradeInitConfig}
+
SwiftStorageHieraConfig:
type: OS::Heat::StructuredConfig
properties:
SwiftStorageHieraDeploy:
type: OS::Heat::StructuredDeployment
- depends_on: NetworkDeployment
+ depends_on: SwiftStorageUpgradeInitDeployment
properties:
name: SwiftStorageHieraDeploy
server: {get_resource: SwiftStorage}
-heat_template_version: 2016-10-14
+heat_template_version: ocata
description: >
Post-deploy configuration steps via puppet for all roles,
-heat_template_version: 2016-10-14
+heat_template_version: ocata
description: 'OpenStack {{role}} node configured by Puppet'
parameters:
Overcloud{{role}}Flavor:
constraints:
- custom_constraint: nova.keypair
{% endif %}
+ NeutronPublicInterface:
+ default: nic1
+ description: What interface to bridge onto br-ex for network nodes.
+ type: string
ServiceNetMap:
default: {}
description: Mapping of service_name -> network name. Typically set
MonitoringSubscriptions:
type: comma_delimited_list
default: []
+ ServiceMetadataSettings:
+ type: json
+ default: {}
ConfigCommand:
type: string
description: Command which will be run whenever configuration data changes
LoggingGroups:
type: comma_delimited_list
default: []
+ UpgradeInitCommand:
+ type: string
+ description: |
+ Command or script snippet to run on all overcloud nodes to
+ initialize the upgrade process. E.g. a repository switch.
+ default: ''
+
resources:
{{role}}:
map_merge:
- {get_param: ServerMetadata}
- {get_param: {{role}}ServerMetadata}
+ - {get_param: ServiceMetadataSettings}
scheduler_hints: {get_param: {{role}}SchedulerHints}
# Combine the NodeAdminUserData and NodeUserData mime archives
- - {get_attr: [{{role}}, name]}
- ctlplane
+ PreNetworkConfig:
+ type: OS::TripleO::{{role}}::PreNetworkConfig
+ properties:
+ server: {get_resource: {{role}}}
+
NetworkDeployment:
type: OS::TripleO::SoftwareDeployment
+ depends_on: PreNetworkConfig
properties:
name: NetworkDeployment
config: {get_resource: NetworkConfig}
server: {get_resource: {{role}}}
actions: {get_param: NetworkDeploymentActions}
+ input_values:
+ bridge_name: br-ex
+ interface_name: {get_param: NeutronPublicInterface}
+
+ {{role}}UpgradeInitConfig:
+ type: OS::Heat::SoftwareConfig
+ properties:
+ group: script
+ config:
+ list_join:
+ - ''
+ - - "#!/bin/bash\n\n"
+ - "if [[ -f /etc/resolv.conf.save ]] ; then rm /etc/resolv.conf.save; fi\n\n"
+ - get_param: UpgradeInitCommand
+
+ # Note we may be able to make this conditional on UpgradeInitCommandNotEmpty
+ # but https://bugs.launchpad.net/heat/+bug/1649900 needs fixing first
+ {{role}}UpgradeInitDeployment:
+ type: OS::Heat::SoftwareDeployment
+ depends_on: NetworkDeployment
+ properties:
+ name: {{role}}UpgradeInitDeployment
+ server: {get_resource: {{role}}}
+ config: {get_resource: {{role}}UpgradeInitConfig}
{{role}}Deployment:
type: OS::Heat::StructuredDeployment
- depends_on: NetworkDeployment
+ depends_on: {{role}}UpgradeInitDeployment
properties:
name: {{role}}Deployment
config: {get_resource: {{role}}Config}
6) Start control-plane services
7) Any additional online migration tasks (e.g data migrations)
+
+Nova Server Metadata Settings
+-----------------------------
+
+One can use the hook of type `OS::TripleO::ServiceServerMetadataHook` to pass
+entries to the nova instances' metadata. It is, however, disabled by default.
+In order to overwrite it one needs to define it in the resource registry. An
+implementation of this hook needs to conform to the following:
+
+* It needs to define an input called `RoleData` of json type. This gets as
+ input the contents of the `role_data` for each role's ServiceChain.
+
+* This needs to define an output called `metadata` which will be given to the
+ Nova Server resource as the instance's metadata.
-heat_template_version: 2016-04-08
+heat_template_version: ocata
description: >
OpenStack Aodh API service configured with Puppet
"%{hiera('fqdn_$NETWORK')}"
params:
$NETWORK: {get_param: [ServiceNetMap, AodhApiNetwork]}
+ aodh::wsgi::apache::wsgi_process_display_name: 'aodh_wsgi'
aodh::api::service_name: 'httpd'
aodh::api::enable_proxy_headers_parsing: true
tripleo.aodh_api.firewall_rules:
-heat_template_version: 2016-04-08
+heat_template_version: ocata
description: >
OpenStack Aodh service configured with Puppet
- '@'
- {get_param: [EndpointMap, MysqlInternal, host]}
- '/aodh'
+ - '?bind_address='
+ - "%{hiera('tripleo::profile::base::database::mysql::client_bind_address')}"
aodh::debug: {get_param: Debug}
aodh::auth::auth_url: {get_param: [EndpointMap, KeystoneInternal, uri_no_suffix] }
aodh::rabbit_userid: {get_param: RabbitUserName}
-heat_template_version: 2016-04-08
+heat_template_version: ocata
description: >
OpenStack Aodh Evaluator service configured with Puppet
-heat_template_version: 2016-04-08
+heat_template_version: ocata
description: >
OpenStack Aodh Listener service configured with Puppet
-heat_template_version: 2016-04-08
+heat_template_version: ocata
description: >
OpenStack Aodh Notifier service configured with Puppet
-heat_template_version: 2016-10-14
+heat_template_version: ocata
description: >
Apache service TLS configurations.
-heat_template_version: 2016-10-14
+heat_template_version: ocata
description: >
Apache service configured with Puppet. Note this is typically included
-heat_template_version: 2016-04-08
+heat_template_version: ocata
description: >
OpenStack Barbican API service configured with Puppet
- '@'
- {get_param: [EndpointMap, MysqlInternal, host]}
- '/barbican'
+ - '?bind_address='
+ - "%{hiera('tripleo::profile::base::database::mysql::client_bind_address')}"
tripleo.barbican_api.firewall_rules:
'117 barbican':
dport:
-heat_template_version: 2016-04-08
+heat_template_version: ocata
description: >
HAproxy service configured with Puppet
-heat_template_version: 2016-04-08
+heat_template_version: ocata
description: >
OpenStack Ceilometer Central Agent service configured with Puppet
-heat_template_version: 2016-04-08
+heat_template_version: ocata
description: >
OpenStack Ceilometer Compute Agent service configured with Puppet
-heat_template_version: 2016-04-08
+heat_template_version: ocata
description: >
OpenStack Ceilometer Notification Agent service configured with Puppet
-heat_template_version: 2016-04-08
+heat_template_version: ocata
description: >
OpenStack Ceilometer API service configured with Puppet
-heat_template_version: 2016-04-08
+heat_template_version: ocata
description: >
OpenStack Ceilometer service configured with Puppet
default: false
description: Whether to store events in ceilometer.
type: boolean
+ EnableLegacyCeilometerApi:
+ default: false
+ description: Enable legacy ceilometer Api service if needed.
+ type: boolean
+ EventPipelinePublishers:
+ default: ['notifier://?topic=alarm.all']
+ description: A list of publishers to put in event_pipeline.yaml.
+ type: comma_delimited_list
Debug:
default: ''
description: Set to True to enable debugging on all services.
- '@'
- {get_param: [EndpointMap, MysqlInternal, host]}
- '/ceilometer'
+ - '?bind_address='
+ - "%{hiera('tripleo::profile::base::database::mysql::client_bind_address')}"
+ enable_legacy_ceilometer_api: {get_param: EnableLegacyCeilometerApi}
ceilometer_backend: {get_param: CeilometerBackend}
ceilometer::metering_secret: {get_param: CeilometerMeteringSecret}
# we include db_sync class in puppet-tripleo
ceilometer::agent::auth::auth_password: {get_param: CeilometerPassword}
ceilometer::agent::auth::auth_url: {get_param: [EndpointMap, KeystoneInternal, uri_no_suffix] }
ceilometer::agent::notification::store_events: {get_param: CeilometerStoreEvents}
+ ceilometer::agent::notification::event_pipeline_publishers: {get_param: EventPipelinePublishers}
ceilometer::agent::auth::auth_region: {get_param: KeystoneRegion}
ceilometer::agent::auth::auth_tenant_name: 'service'
ceilometer::agent::auth::auth_endpoint_type: 'internalURL'
-heat_template_version: 2016-04-08
+heat_template_version: ocata
description: >
OpenStack Ceilometer Collector service configured with Puppet
-heat_template_version: 2016-04-08
+heat_template_version: ocata
description: >
OpenStack Ceilometer Expirer service configured with Puppet
-heat_template_version: 2016-10-14
+heat_template_version: ocata
description: >
Ceph base service. Shared by all Ceph services.
-heat_template_version: 2016-04-08
+heat_template_version: ocata
description: >
Ceph Client service.
-heat_template_version: 2016-10-14
+heat_template_version: ocata
description: >
Ceph External service.
-heat_template_version: 2016-04-08
+heat_template_version: ocata
description: >
- Gnocchi service configured with Puppet
+ Ceph MDS service.
parameters:
ServiceNetMap:
description: Mapping of service endpoint -> protocol. Typically set
via parameter_defaults in the resource registry.
type: json
- MonitoringSubscriptionGnocchiApi:
- default: 'overcloud-gnocchi-api'
+ CephMdsKey:
+ description: The cephx key for the MDS service. Can be created
+ with ceph-authtool --gen-print-key.
type: string
+ hidden: true
resources:
- GnocchiServiceBase:
- type: ../gnocchi-api.yaml
+ CephBase:
+ type: ./ceph-base.yaml
properties:
ServiceNetMap: {get_param: ServiceNetMap}
DefaultPasswords: {get_param: DefaultPasswords}
outputs:
role_data:
- description: Role data for the Gnocchi role.
+ description: Role data for the Ceph MDS service.
value:
- service_name: gnocchi_api
- monitoring_subscription: {get_param: MonitoringSubscriptionGnocchiApi}
+ service_name: ceph_mds
config_settings:
map_merge:
- - get_attr: [GnocchiServiceBase, role_data, config_settings]
- - gnocchi::metricd::manage_service: false
- gnocchi::metricd::enabled: false
+ - get_attr: [CephBase, role_data, config_settings]
+ - ceph::profile::params::mds_key: {get_param: CephMdsKey}
+ tripleo.ceph_mds.firewall_rules:
+ '112 ceph_mds':
+ dport:
+ - '6800-7300'
step_config: |
- include ::tripleo::profile::pacemaker::gnocchi::api
+ include ::tripleo::profile::base::ceph::mds
-heat_template_version: 2016-04-08
+heat_template_version: ocata
description: >
Ceph Monitor service.
-heat_template_version: 2016-04-08
+heat_template_version: ocata
description: >
Ceph OSD service.
-heat_template_version: 2016-04-08
+heat_template_version: ocata
description: >
Ceph RadosGW service.
-heat_template_version: 2016-10-14
+heat_template_version: ocata
description: >
OpenStack Cinder API service configured with Puppet
-heat_template_version: 2016-04-08
+heat_template_version: ocata
description: >
OpenStack Cinder Backup service configured with Puppet
-heat_template_version: 2016-04-08
+heat_template_version: ocata
description: >
OpenStack Cinder base service. Shared by all Cinder services.
- '@'
- {get_param: [EndpointMap, MysqlInternal, host]}
- '/cinder'
+ - '?bind_address='
+ - "%{hiera('tripleo::profile::base::database::mysql::client_bind_address')}"
cinder::debug: {get_param: Debug}
cinder::rabbit_use_ssl: {get_param: RabbitClientUseSSL}
cinder::rabbit_userid: {get_param: RabbitUserName}
-heat_template_version: 2016-04-08
+heat_template_version: ocata
description: >
OpenStack Cinder Scheduler service configured with Puppet
-heat_template_version: 2016-04-08
+heat_template_version: ocata
description: >
OpenStack Cinder Volume service configured with Puppet
-heat_template_version: 2016-04-08
+heat_template_version: ocata
description: >
Configuration details for MongoDB service using composable roles
-heat_template_version: 2016-04-08
+heat_template_version: ocata
description: >
MongoDb service deployment using puppet
-heat_template_version: 2016-10-14
+heat_template_version: ocata
description: >
MySQL configurations for using TLS via certmonger.
-heat_template_version: 2016-10-14
+heat_template_version: ocata
description: >
MySQL service deployment using puppet
"%{hiera('fqdn_$NETWORK')}"
params:
$NETWORK: {get_param: [ServiceNetMap, MysqlNetwork]}
+ tripleo::profile::base::database::mysql::client_bind_address:
+ {get_param: [ServiceNetMap, MysqlNetwork]}
step_config: |
include ::tripleo::profile::base::database::mysql
upgrade_tasks:
-heat_template_version: 2016-04-08
+heat_template_version: ocata
description: >
OpenStack Redis service configured with Puppet
-heat_template_version: 2016-04-08
+heat_template_version: ocata
description: >
OpenStack Redis service configured with Puppet
-heat_template_version: 2016-04-08
+heat_template_version: ocata
description: >
OpenStack Glance API service configured with Puppet
- '@'
- {get_param: [EndpointMap, MysqlInternal, host]}
- '/glance'
+ - '?bind_address='
+ - "%{hiera('tripleo::profile::base::database::mysql::client_bind_address')}"
glance::api::bind_port: {get_param: [EndpointMap, GlanceInternal, port]}
glance::api::authtoken::auth_uri: {get_param: [EndpointMap, KeystoneInternal, uri] }
glance::api::authtoken::auth_url: { get_param: [EndpointMap, KeystoneAdmin, uri_no_suffix] }
include ::tripleo::profile::base::glance::api
service_config_settings:
get_attr: [GlanceBase, role_data, service_config_settings]
+ upgrade_tasks:
+ - name: Stop glance_api service
+ tags: step2
+ service: name=openstack-glance-api state=stopped
+ - name: Sync glance_api DB
+ tags: step5
+ command: glance-manage --config-file=/etc/glance/glance-api.conf db_sync
+ - name: Start glance_api service
+ tags: step6
+ service: name=openstack-glance-api state=started
-heat_template_version: 2016-10-14
+heat_template_version: ocata
description: >
OpenStack Glance Common settings with Puppet
-heat_template_version: 2016-04-08
+heat_template_version: ocata
description: >
OpenStack Glance Registry service configured with Puppet
- '@'
- {get_param: [EndpointMap, MysqlInternal, host]}
- '/glance'
+ - '?bind_address='
+ - "%{hiera('tripleo::profile::base::database::mysql::client_bind_address')}"
glance::registry::authtoken::password: {get_param: GlancePassword}
glance::registry::authtoken::project_name: 'service'
glance::registry::pipeline: 'keystone'
include ::tripleo::profile::base::glance::registry
service_config_settings:
get_attr: [GlanceBase, role_data, config_settings]
+ upgrade_tasks:
+ - name: Stop glance_registry service
+ tags: step2
+ service: name=openstack-glance-registry state=stopped
+ - name: Start glance_registry service
+ tags: step6
+ service: name=openstack-glance-registry state=started
-heat_template_version: 2016-04-08
+heat_template_version: ocata
description: >
Gnocchi service configured with Puppet
# internal_api_uri -> [IP]
# internal_api_subnet - > IP/CIDR
gnocchi::wsgi::apache::bind_host: {get_param: [ServiceNetMap, GnocchiApiNetwork]}
+ gnocchi::wsgi::apache::wsgi_process_display_name: 'gnocchi_wsgi'
gnocchi::api::host:
str_replace:
template:
-heat_template_version: 2016-04-08
+heat_template_version: ocata
description: >
Gnocchi service configured with Puppet
- '@'
- {get_param: [EndpointMap, MysqlInternal, host]}
- '/gnocchi'
+ - '?bind_address='
+ - "%{hiera('tripleo::profile::base::database::mysql::client_bind_address')}"
gnocchi::db::sync::extra_opts: '--skip-storage --create-legacy-resource-types'
gnocchi::storage::swift::swift_user: 'service:gnocchi'
gnocchi::storage::swift::swift_auth_version: 2
-heat_template_version: 2016-04-08
+heat_template_version: ocata
description: >
Gnocchi service configured with Puppet
-heat_template_version: 2016-04-08
+heat_template_version: ocata
description: >
Gnocchi service configured with Puppet
-heat_template_version: 2016-10-14
+heat_template_version: ocata
description: >
HAProxy deployment with TLS enabled, powered by certmonger
-heat_template_version: 2016-10-14
+heat_template_version: ocata
description: >
HAProxy deployment with TLS enabled, powered by certmonger
-heat_template_version: 2016-10-14
+heat_template_version: ocata
description: >
HAproxy service configured with Puppet
-heat_template_version: 2016-04-08
+heat_template_version: ocata
description: >
Openstack Heat CloudFormation API service configured with Puppet
-heat_template_version: 2016-04-08
+heat_template_version: ocata
description: >
Openstack Heat CloudWatch API service configured with Puppet
-heat_template_version: 2016-04-08
+heat_template_version: ocata
description: >
Openstack Heat API service configured with Puppet
-heat_template_version: 2016-04-08
+heat_template_version: ocata
description: >
Openstack Heat base service. Shared for all Heat services.
heat::rabbit_port: {get_param: RabbitClientPort}
heat::debug: {get_param: Debug}
heat::enable_proxy_headers_parsing: true
+ heat::rpc_response_timeout: 600
# We need this because the default heat policy.json no longer works on TripleO
# https://git.openstack.org/cgit/openstack/heat/commit/?id=ac86702172ddf01f5bdc3f3cd99d2e32ad9b7024
heat::policy::policies:
heat::cron::purge_deleted::destination: '/dev/null'
heat::db::database_db_max_retries: -1
heat::db::database_max_retries: -1
+ heat::yaql_memory_quota: 100000
+ heat::yaql_limit_iterators: 1000
service_config_settings:
keystone:
tripleo::profile::base::keystone::heat_admin_domain: 'heat_stack'
-heat_template_version: 2016-10-14
+heat_template_version: ocata
description: >
Openstack Heat Engine service configured with Puppet
default:
tag: openstack.heat.engine
path: /var/log/heat/heat-engine.log
+ HeatConvergenceEngine:
+ type: boolean
+ default: true
+ description: Enables the heat engine with the convergence architecture.
+ HeatMaxResourcesPerStack:
+ type: number
+ default: 1000
+ description: Maximum resources allowed per top-level stack. -1 stands for unlimited.
+
resources:
HeatBase:
- heat::engine::num_engine_workers: {get_param: HeatWorkers}
heat::engine::configure_delegated_roles: false
heat::engine::trusts_delegated_roles: []
+ heat::engine::max_nested_stack_depth: 6
+ heat::engine::max_resources_per_stack: {get_param: HeatMaxResourcesPerStack}
+ heat::engine::heat_metadata_server_url:
+ list_join:
+ - ''
+ - - {get_param: [EndpointMap, HeatCfnPublic, protocol]}
+ - '://'
+ - {get_param: [EndpointMap, HeatCfnPublic, host]}
+ - ':'
+ - {get_param: [EndpointMap, HeatCfnPublic, port]}
+ heat::engine::heat_waitcondition_server_url:
+ list_join:
+ - ''
+ - - {get_param: [EndpointMap, HeatCfnPublic, protocol]}
+ - '://'
+ - {get_param: [EndpointMap, HeatCfnPublic, host]}
+ - ':'
+ - {get_param: [EndpointMap, HeatCfnPublic, port]}
+ - '/v1/waitcondition'
+ heat::engine::convergence_engine: {get_param: HeatConvergenceEngine}
tripleo::profile::base::heat::manage_db_purge: {get_param: HeatEnableDBPurge}
heat::database_connection:
list_join:
- '@'
- {get_param: [EndpointMap, MysqlInternal, host]}
- '/heat'
+ - '?bind_address='
+ - "%{hiera('tripleo::profile::base::database::mysql::client_bind_address')}"
heat::keystone_ec2_uri: {get_param: [EndpointMap, KeystoneEC2, uri]}
heat::keystone::domain::domain_password: {get_param: HeatStackDomainAdminPassword}
heat::engine::auth_encryption_key:
-heat_template_version: 2016-10-14
+heat_template_version: ocata
description: >
Horizon service configured with Puppet
horizon::enable_secure_proxy_ssl_header: true
horizon::disable_password_reveal: true
horizon::enforce_password_check: true
+ horizon::disallow_iframe_embed: true
horizon::cache_backend: django.core.cache.backends.memcached.MemcachedCache
horizon::django_session_engine: 'django.contrib.sessions.backends.cache'
horizon::vhost_extra_params:
-heat_template_version: 2016-04-08
+heat_template_version: ocata
description: >
OpenStack Ironic API configured with Puppet
-heat_template_version: 2016-04-08
+heat_template_version: ocata
description: >
OpenStack Ironic services configured with Puppet
- '@'
- {get_param: [EndpointMap, MysqlInternal, host]}
- '/ironic'
+ - '?bind_address='
+ - "%{hiera('tripleo::profile::base::database::mysql::client_bind_address')}"
ironic::debug: {get_param: Debug}
ironic::rabbit_userid: {get_param: RabbitUserName}
ironic::rabbit_password: {get_param: RabbitPassword}
-heat_template_version: 2016-04-08
+heat_template_version: ocata
description: >
OpenStack Ironic conductor configured with Puppet
-heat_template_version: 2016-10-14
+heat_template_version: ocata
description: >
Keepalived service configured with Puppet
-heat_template_version: 2016-04-08
+heat_template_version: ocata
description: >
Load kernel modules with kmod and configure kernel options with sysctl.
-heat_template_version: 2016-10-14
+heat_template_version: ocata
description: >
OpenStack Keystone service configured with Puppet
- '@'
- {get_param: [EndpointMap, MysqlInternal, host]}
- '/keystone'
+ - '?bind_address='
+ - "%{hiera('tripleo::profile::base::database::mysql::client_bind_address')}"
keystone::admin_token: {get_param: AdminToken}
keystone::admin_password: {get_param: AdminPassword}
keystone::roles::admin::password: {get_param: AdminPassword}
-heat_template_version: 2016-04-08
+heat_template_version: ocata
description: Fluentd base service
-heat_template_version: 2016-10-14
+heat_template_version: ocata
description: Fluentd client configured with Puppet
-heat_template_version: 2016-10-14
+heat_template_version: ocata
description: Fluentd logging configuration
-heat_template_version: 2016-04-08
+heat_template_version: ocata
description: >
Manila-api service configured with Puppet
-heat_template_version: 2016-04-08
+heat_template_version: ocata
description: >
Openstack Manila Cephfs backend
-heat_template_version: 2016-04-08
+heat_template_version: ocata
description: >
Openstack Manila generic backend.
-heat_template_version: 2016-04-08
+heat_template_version: ocata
description: >
Openstack Manila netapp backend.
-heat_template_version: 2016-04-08
+heat_template_version: ocata
description: >
Openstack Manila base service. Shared by manila-api/scheduler/share services
- '@'
- {get_param: [EndpointMap, MysqlInternal, host]}
- '/manila'
+ - '?bind_address='
+ - "%{hiera('tripleo::profile::base::database::mysql::client_bind_address')}"
service_config_settings:
mysql:
manila::db::mysql::password: {get_param: ManilaPassword}
-heat_template_version: 2016-04-08
+heat_template_version: ocata
description: >
Manila-scheduler service configured with Puppet
-heat_template_version: 2016-04-08
+heat_template_version: ocata
description: >
Manila-share service configured with Puppet
-heat_template_version: 2016-04-08
+heat_template_version: ocata
description: >
Memcached service configured with Puppet
-heat_template_version: 2016-04-08
+heat_template_version: ocata
description: >
Openstack Mistral API service configured with Puppet
-heat_template_version: 2016-04-08
+heat_template_version: ocata
description: >
Openstack Mistral base service. Shared for all Mistral services.
- '@'
- {get_param: [EndpointMap, MysqlInternal, host]}
- '/mistral'
+ - '?bind_address='
+ - "%{hiera('tripleo::profile::base::database::mysql::client_bind_address')}"
mistral::rabbit_userid: {get_param: RabbitUserName}
mistral::rabbit_password: {get_param: RabbitPassword}
mistral::rabbit_use_ssl: {get_param: RabbitClientUseSSL}
-heat_template_version: 2016-04-08
+heat_template_version: ocata
description: >
Openstack Mistral Engine service configured with Puppet
-heat_template_version: 2016-04-08
+heat_template_version: ocata
description: >
Openstack Mistral API service configured with Puppet
-heat_template_version: 2016-04-08
+heat_template_version: ocata
description: Sensu base service
-heat_template_version: 2016-04-08
+heat_template_version: ocata
description: Sensu client configured with Puppet
-heat_template_version: 2016-04-08
+heat_template_version: ocata
description: >
Contrail Analytics service deployment using puppet, this YAML file
-heat_template_version: 2016-04-08
+heat_template_version: ocata
description: >
Base parameters for all Contrail Services.
-heat_template_version: 2016-04-08
+heat_template_version: ocata
description: >
Contrail Config service deployment using puppet, this YAML file
-heat_template_version: 2016-04-08
+heat_template_version: ocata
description: >
Contrail Control service deployment using puppet, this YAML file
-heat_template_version: 2016-04-08
+heat_template_version: ocata
description: >
Contrail Database service deployment using puppet, this YAML file
-heat_template_version: 2016-04-08
+heat_template_version: ocata
description: >
Contrail WebUI service deployment using puppet, this YAML file
-heat_template_version: 2016-10-14
+heat_template_version: ocata
description: >
OpenStack Neutron Server configured with Puppet
- '@'
- {get_param: [EndpointMap, MysqlInternal, host]}
- '/ovs_neutron'
+ - '?bind_address='
+ - "%{hiera('tripleo::profile::base::database::mysql::client_bind_address')}"
neutron::keystone::authtoken::auth_uri: {get_param: [EndpointMap, KeystoneInternal, uri] }
neutron::keystone::authtoken::auth_url: {get_param: [EndpointMap, KeystoneAdmin, uri_no_suffix]}
neutron::server::api_workers: {get_param: NeutronWorkers}
-heat_template_version: 2016-04-08
+heat_template_version: ocata
description: >
OpenStack Neutron base service. Shared for all Neutron agents.
-heat_template_version: 2016-04-08
+heat_template_version: ocata
description: >
OpenStack Neutron Compute Midonet plugin
-heat_template_version: 2016-04-08
+heat_template_version: ocata
description: >
OpenStack Neutron Compute Nuage plugin
-heat_template_version: 2016-04-08
+heat_template_version: ocata
description: >
OpenStack Neutron Compute OpenContrail plugin
-heat_template_version: 2016-04-08
+heat_template_version: ocata
description: >
OpenStack Neutron Compute OVN agent
-heat_template_version: 2016-04-08
+heat_template_version: ocata
description: >
OpenStack Neutron Compute Plumgrid plugin
-heat_template_version: 2016-04-08
+heat_template_version: ocata
description: >
OpenStack Neutron DHCP agent configured with Puppet
-heat_template_version: 2016-04-08
+heat_template_version: ocata
description: >
OpenStack Neutron L3 agent for DVR enabled compute nodes
-heat_template_version: 2016-10-14
+heat_template_version: ocata
description: >
OpenStack Neutron L3 agent configured with Puppet
-heat_template_version: 2016-04-08
+heat_template_version: ocata
description: >
OpenStack Neutron Metadata agent configured with Puppet
-heat_template_version: 2016-04-08
+heat_template_version: ocata
description: >
OpenStack Neutron Midonet plugin and services
-heat_template_version: 2016-04-08
+heat_template_version: ocata
description: >
OpenStack Neutron OVS agent configured with Puppet
-heat_template_version: 2016-04-08
+heat_template_version: ocata
description: >
OpenStack Neutron OVS DPDK configured with Puppet for Compute Role
-heat_template_version: 2016-04-08
+heat_template_version: ocata
description: >
OpenStack Neutron ML2/OVN plugin configured with Puppet
description: Mapping of service endpoint -> protocol. Typically set
via parameter_defaults in the resource registry.
type: json
- OVNDbHost:
- description: IP address on which the OVN DB servers are listening
- type: string
- OVNNorthboundServerPort:
- description: Port of the OVN Northbound DB server
- type: number
- default: 6641
OVNDbConnectionTimeout:
description: Timeout in seconds for the OVSDB connection transaction
type: number
config_settings:
map_merge:
- get_attr: [NeutronMl2Base, role_data, config_settings]
- - ovn::northbound::port: {get_param: OVNNorthboundServerPort}
- tripleo::profile::base::neutron::plugins::ml2::ovn::ovn_db_host: {get_param: OVNDbHost}
- neutron::plugins::ovn::ovsdb_connection_timeout: {get_param: OVNDbConnectionTimeout}
+ - neutron::plugins::ovn::ovsdb_connection_timeout: {get_param: OVNDbConnectionTimeout}
neutron::plugins::ovn::neutron_sync_mode: {get_param: OVNNeutronSyncMode}
neutron::plugins::ovn::ovn_l3_mode: true
neutron::plugins::ovn::vif_type: {get_param: OVNVifType}
-heat_template_version: 2016-04-08
+heat_template_version: ocata
description: >
OpenStack Neutron ML2 Plugin configured with Puppet
-heat_template_version: 2016-04-08
+heat_template_version: ocata
description: >
OpenStack Neutron Nuage plugin
-heat_template_version: 2016-04-08
+heat_template_version: ocata
description: >
OpenStack Neutron Opencontrail plugin
-heat_template_version: 2016-04-08
+heat_template_version: ocata
description: >
OpenStack Neutron Plumgrid plugin
- '@'
- {get_param: [EndpointMap, MysqlInternal, host]}
- '/ovs_neutron'
+ - '?bind_address='
+ - "%{hiera('tripleo::profile::base::database::mysql::client_bind_address')}"
neutron::plugins::plumgrid::controller_priv_host: {get_param: [EndpointMap, KeystoneAdmin, host]}
neutron::plugins::plumgrid::admin_password: {get_param: AdminPassword}
neutron::plugins::plumgrid::metadata_proxy_shared_secret: {get_param: NeutronMetadataProxySharedSecret}
-heat_template_version: 2016-04-08
+heat_template_version: ocata
description: >
OpenStack Neutron SR-IOV nic agent configured with Puppet
-heat_template_version: 2016-10-14
+heat_template_version: ocata
description: >
OpenStack Nova API service configured with Puppet
params:
$NETWORK: {get_param: [ServiceNetMap, NovaApiNetwork]}
nova::api::service_name: 'httpd'
- nova::wsgi::apache::ssl: {get_param: EnableInternalTLS}
+ nova::wsgi::apache_api::ssl: {get_param: EnableInternalTLS}
# NOTE: bind IP is found in Heat replacing the network name with the local node IP
# for the given network; replacement examples (eg. for internal_api):
# internal_api -> IP
# internal_api_uri -> [IP]
# internal_api_subnet - > IP/CIDR
- nova::wsgi::apache::bind_host: {get_param: [ServiceNetMap, NovaApiNetwork]}
- nova::wsgi::apache::servername:
+ nova::wsgi::apache_api::bind_host: {get_param: [ServiceNetMap, NovaApiNetwork]}
+ nova::wsgi::apache_api::servername:
str_replace:
template:
"%{hiera('fqdn_$NETWORK')}"
- nova_workers_zero
- {}
- nova::api::osapi_compute_workers: {get_param: NovaWorkers}
- nova::wsgi::apache::workers: {get_param: NovaWorkers}
+ nova::wsgi::apache_api::workers: {get_param: NovaWorkers}
step_config: |
include tripleo::profile::base::nova::api
service_config_settings:
+ mysql:
+ map_merge:
+ - {get_attr: [NovaBase, role_data, service_config_settings, mysql]}
+ - nova::db::mysql::password: {get_param: NovaPassword}
+ nova::db::mysql::user: nova
+ nova::db::mysql::host: {get_param: [EndpointMap, MysqlInternal, host_nobrackets]}
+ nova::db::mysql::dbname: nova
+ nova::db::mysql::allowed_hosts:
+ - '%'
+ - "%{hiera('mysql_bind_host')}"
+ nova::db::mysql_api::password: {get_param: NovaPassword}
+ nova::db::mysql_api::user: nova_api
+ nova::db::mysql_api::host: {get_param: [EndpointMap, MysqlInternal, host_nobrackets]}
+ nova::db::mysql_api::dbname: nova_api
+ nova::db::mysql_api::allowed_hosts:
+ - '%'
+ - "%{hiera('mysql_bind_host')}"
keystone:
nova::keystone::auth::tenant: 'service'
nova::keystone::auth::public_url: {get_param: [EndpointMap, NovaPublic, uri]}
nova::keystone::auth::admin_url: {get_param: [EndpointMap, NovaAdmin, uri]}
nova::keystone::auth::password: {get_param: NovaPassword}
nova::keystone::auth::region: {get_param: KeystoneRegion}
- mysql:
- nova::db::mysql::password: {get_param: NovaPassword}
- nova::db::mysql::user: nova
- nova::db::mysql::host: {get_param: [EndpointMap, MysqlInternal, host_nobrackets]}
- nova::db::mysql::dbname: nova
- nova::db::mysql::allowed_hosts:
- - '%'
- - "%{hiera('mysql_bind_host')}"
- nova::db::mysql_api::password: {get_param: NovaPassword}
- nova::db::mysql_api::user: nova_api
- nova::db::mysql_api::host: {get_param: [EndpointMap, MysqlInternal, host_nobrackets]}
- nova::db::mysql_api::dbname: nova_api
- nova::db::mysql_api::allowed_hosts:
- - '%'
- - "%{hiera('mysql_bind_host')}"
-heat_template_version: 2016-10-14
+heat_template_version: ocata
description: >
OpenStack Nova base service. Shared for all Nova services.
- '@'
- {get_param: [EndpointMap, MysqlInternal, host]}
- '/nova'
+ - '?bind_address='
+ - "%{hiera('tripleo::profile::base::database::mysql::client_bind_address')}"
nova::api_database_connection:
list_join:
- ''
- '@'
- {get_param: [EndpointMap, MysqlInternal, host]}
- '/nova_api'
+ - '?bind_address='
+ - "%{hiera('tripleo::profile::base::database::mysql::client_bind_address')}"
nova::debug: {get_param: Debug}
nova::purge_config: {get_param: EnableConfigPurge}
nova::network::neutron::neutron_project_name: 'service'
- compute_upgrade_level_empty
- {}
- nova::upgrade_level_compute: {get_param: UpgradeLevelNovaCompute}
+ service_config_settings:
+ mysql:
+ # NOTE(aschultz): this should be configurable if/when we support more
+ # complex cell v2 configurations. For now, this is the default cell
+ # created for the cell v2 configuration
+ nova::db::mysql_api::setup_cell0: true
+ nova::rabbit_password: {get_param: RabbitPassword}
+ nova::rabbit_userid: {get_param: RabbitUserName}
+ nova::rabbit_use_ssl: {get_param: RabbitClientUseSSL}
+ nova::rabbit_port: {get_param: RabbitClientPort}
-heat_template_version: 2016-04-08
+heat_template_version: ocata
description: >
OpenStack Nova Compute service configured with Puppet
-heat_template_version: 2016-10-14
+heat_template_version: ocata
description: >
OpenStack Nova Conductor service configured with Puppet
-heat_template_version: 2016-04-08
+heat_template_version: ocata
description: >
OpenStack Nova Consoleauth service configured with Puppet
-heat_template_version: 2016-04-08
+heat_template_version: ocata
description: >
OpenStack Nova Compute service configured with Puppet and using Ironic
-heat_template_version: 2016-04-08
+heat_template_version: ocata
description: >
Libvirt service configured with Puppet
NovaComputeLibvirtType:
type: string
default: kvm
+ LibvirtEnabledPerfEvents:
+ type: comma_delimited_list
+ default: []
+ description: This is a performance event list which could be used as monitor.
+ For example - ``enabled_perf_events = cmt, mbml, mbmt``
+ The supported events list can be found in
+ https://libvirt.org/html/libvirt-libvirt-domain.html ,
+ which you may need to search key words ``VIR_PERF_PARAM_*``
MonitoringSubscriptionNovaLibvirt:
default: 'overcloud-nova-libvirt'
type: string
tripleo::profile::base::nova::libvirt_enabled: true
nova::compute::libvirt::services::libvirt_virt_type: {get_param: NovaComputeLibvirtType}
nova::compute::libvirt::libvirt_virt_type: {get_param: NovaComputeLibvirtType}
+ nova::compute::libvirt::libvirt_enabled_perf_events: {get_param: LibvirtEnabledPerfEvents}
+ nova::compute::libvirt::qemu::configure_qemu: true
+ nova::compute::libvirt::qemu::max_files: 32768
+ nova::compute::libvirt::qemu::max_processes: 131072
tripleo.nova_libvirt.firewall_rules:
'200 nova_libvirt':
dport:
-heat_template_version: 2016-10-14
+heat_template_version: ocata
description: >
OpenStack Nova API service configured with Puppet
-heat_template_version: 2016-04-08
+heat_template_version: ocata
description: >
OpenStack Nova Scheduler service configured with Puppet
-heat_template_version: 2016-04-08
+heat_template_version: ocata
description: >
OpenStack Nova Vncproxy service configured with Puppet
-heat_template_version: 2016-04-08
+heat_template_version: ocata
description: >
OpenDaylight SDN Controller.
type: string
description: The password for the opendaylight server.
hidden: true
- OpenDaylightEnableL3:
- description: Knob to enable/disable ODL L3
- type: string
- default: 'no'
OpenDaylightEnableDHCP:
description: Knob to enable/disable ODL DHCP Server
type: boolean
opendaylight::odl_rest_port: {get_param: OpenDaylightPort}
opendaylight::username: {get_param: OpenDaylightUsername}
opendaylight::password: {get_param: OpenDaylightPassword}
- opendaylight::enable_l3: {get_param: OpenDaylightEnableL3}
opendaylight::extra_features: {get_param: OpenDaylightFeatures}
opendaylight::enable_dhcp: {get_param: OpenDaylightEnableDHCP}
opendaylight::odl_bind_ip: {get_param: [ServiceNetMap, OpendaylightApiNetwork]}
+ tripleo.opendaylight_api.firewall_rules:
+ '137 opendaylight api':
+ dport:
+ - {get_param: OpenDaylightPort}
+ - 6640
+ - 6653
step_config: |
include tripleo::profile::base::neutron::opendaylight
-heat_template_version: 2016-04-08
+heat_template_version: ocata
description: >
OpenDaylight OVS Configuration.
default: 8081
description: Set opendaylight service port
type: number
+ OpenDaylightUsername:
+ default: 'admin'
+ description: The username for the opendaylight server.
+ type: string
+ OpenDaylightPassword:
+ default: 'admin'
+ type: string
+ description: The password for the opendaylight server.
+ hidden: true
OpenDaylightConnectionProtocol:
description: L7 protocol used for REST access
type: string
service_name: opendaylight_ovs
config_settings:
opendaylight::odl_rest_port: {get_param: OpenDaylightPort}
+ opendaylight::username: {get_param: OpenDaylightUsername}
+ opendaylight::password: {get_param: OpenDaylightPassword}
opendaylight_check_url: {get_param: OpenDaylightCheckURL}
opendaylight::nb_connection_protocol: {get_param: OpenDaylightConnectionProtocol}
neutron::agents::ml2::ovs::local_ip: {get_param: [ServiceNetMap, NeutronTenantNetwork]}
--- /dev/null
+heat_template_version: 2016-04-08
+
+description: >
+ OVN databases configured with puppet
+
+parameters:
+ ServiceNetMap:
+ default: {}
+ description: Mapping of service_name -> network name. Typically set
+ via parameter_defaults in the resource registry. This
+ mapping overrides those in ServiceNetMapDefaults.
+ type: json
+ DefaultPasswords:
+ default: {}
+ type: json
+ EndpointMap:
+ default: {}
+ description: Mapping of service endpoint -> protocol. Typically set
+ via parameter_defaults in the resource registry.
+ type: json
+ OVNNorthboundServerPort:
+ description: Port of the OVN Northbound DB server
+ type: number
+ default: 6641
+ OVNSouthboundServerPort:
+ description: Port of the OVN Southbound DB server
+ type: number
+ default: 6642
+
+outputs:
+ role_data:
+ description: Role data for the OVN northd service
+ value:
+ service_name: ovn_dbs
+ config_settings:
+ ovn::northbound::port: {get_param: OVNNorthboundServerPort}
+ ovn::southbound::port: {get_param: OVNSouthboundServerPort}
+ ovn::northd::dbs_listen_ip: {get_param: [ServiceNetMap, OvnDbsNetwork]}
+ step_config: |
+ include ::tripleo::profile::base::neutron::ovn_northd
-heat_template_version: 2016-10-14
+heat_template_version: ocata
description: >
Pacemaker service configured with Puppet
+++ /dev/null
-heat_template_version: 2016-04-08
-
-description: >
- OpenStack Ceilometer Central Agent service with Pacemaker configured with Puppet
-
-parameters:
- ServiceNetMap:
- default: {}
- description: Mapping of service_name -> network name. Typically set
- via parameter_defaults in the resource registry. This
- mapping overrides those in ServiceNetMapDefaults.
- type: json
- DefaultPasswords:
- default: {}
- type: json
- EndpointMap:
- default: {}
- description: Mapping of service endpoint -> protocol. Typically set
- via parameter_defaults in the resource registry.
- type: json
- MonitoringSubscriptionCeilometerCentral:
- default: 'overcloud-ceilometer-agent-central'
- type: string
-
-resources:
- CeilometerServiceBase:
- type: ../ceilometer-agent-central.yaml
- properties:
- ServiceNetMap: {get_param: ServiceNetMap}
- DefaultPasswords: {get_param: DefaultPasswords}
- EndpointMap: {get_param: EndpointMap}
-
-outputs:
- role_data:
- description: Role data for the Ceilometer Central Agent pacemaker role.
- value:
- service_name: ceilometer_agent_central
- monitoring_subscription: {get_param: MonitoringSubscriptionCeilometerCentral}
- config_settings:
- map_merge:
- - get_attr: [CeilometerServiceBase, role_data, config_settings]
- - ceilometer::agent::central::manage_service: false
- ceilometer::agent::central::enabled: false
- step_config: |
- include ::tripleo::profile::pacemaker::ceilometer::agent::central
+++ /dev/null
-heat_template_version: 2016-04-08
-
-description: >
- OpenStack Ceilometer Notification Agent service with Pacemaker configured with Puppet
-
-parameters:
- ServiceNetMap:
- default: {}
- description: Mapping of service_name -> network name. Typically set
- via parameter_defaults in the resource registry. This
- mapping overrides those in ServiceNetMapDefaults.
- type: json
- DefaultPasswords:
- default: {}
- type: json
- EndpointMap:
- default: {}
- description: Mapping of service endpoint -> protocol. Typically set
- via parameter_defaults in the resource registry.
- type: json
- MonitoringSubscriptionCeilometerNotification:
- default: 'overcloud-ceilometer-agent-notification'
- type: string
-
-resources:
- CeilometerServiceBase:
- type: ../ceilometer-agent-notification.yaml
- properties:
- ServiceNetMap: {get_param: ServiceNetMap}
- DefaultPasswords: {get_param: DefaultPasswords}
- EndpointMap: {get_param: EndpointMap}
-
-outputs:
- role_data:
- description: Role data for the Ceilometer Notification Agent pacemaker role.
- value:
- service_name: ceilometer_agent_notification
- monitoring_subscription: {get_param: MonitoringSubscriptionCeilometerNotification}
- config_settings:
- map_merge:
- - get_attr: [CeilometerServiceBase, role_data, config_settings]
- - ceilometer::agent::notification::manage_service: false
- ceilometer::agent::notification::enabled: false
- step_config: |
- include ::tripleo::profile::pacemaker::ceilometer::agent::notification
+++ /dev/null
-heat_template_version: 2016-04-08
-
-description: >
- OpenStack Ceilometer API service with Pacemaker configured with Puppet
-
-parameters:
- ServiceNetMap:
- default: {}
- description: Mapping of service_name -> network name. Typically set
- via parameter_defaults in the resource registry. This
- mapping overrides those in ServiceNetMapDefaults.
- type: json
- DefaultPasswords:
- default: {}
- type: json
- EndpointMap:
- default: {}
- description: Mapping of service endpoint -> protocol. Typically set
- via parameter_defaults in the resource registry.
- type: json
- MonitoringSubscriptionCeilometerApi:
- default: 'overcloud-ceilometer-api'
- type: string
-
-resources:
- CeilometerServiceBase:
- type: ../ceilometer-api.yaml
- properties:
- ServiceNetMap: {get_param: ServiceNetMap}
- DefaultPasswords: {get_param: DefaultPasswords}
- EndpointMap: {get_param: EndpointMap}
-
-outputs:
- role_data:
- description: Role data for the Ceilometer API pacemaker role.
- value:
- service_name: ceilometer_api
- monitoring_subscription: {get_param: MonitoringSubscriptionCeilometerApi}
- config_settings:
- map_merge:
- - get_attr: [CeilometerServiceBase, role_data, config_settings]
- - ceilometer::api::manage_service: false
- ceilometer::api::enabled: false
- step_config: |
- include ::tripleo::profile::pacemaker::ceilometer::api
+++ /dev/null
-heat_template_version: 2016-04-08
-
-description: >
- OpenStack Ceilometer Collector service with Pacemaker configured with Puppet
-
-parameters:
- ServiceNetMap:
- default: {}
- description: Mapping of service_name -> network name. Typically set
- via parameter_defaults in the resource registry. This
- mapping overrides those in ServiceNetMapDefaults.
- type: json
- DefaultPasswords:
- default: {}
- type: json
- EndpointMap:
- default: {}
- description: Mapping of service endpoint -> protocol. Typically set
- via parameter_defaults in the resource registry.
- type: json
- MonitoringSubscriptionCeilometerCollector:
- default: 'overcloud-ceilometer-collector'
- type: string
-
-resources:
- CeilometerServiceBase:
- type: ../ceilometer-collector.yaml
- properties:
- ServiceNetMap: {get_param: ServiceNetMap}
- DefaultPasswords: {get_param: DefaultPasswords}
- EndpointMap: {get_param: EndpointMap}
-
-outputs:
- role_data:
- description: Role data for the Ceilometer Collector pacemaker role.
- value:
- service_name: ceilometer_collector
- monitoring_subscription: {get_param: MonitoringSubscriptionCeilometerCollector}
- config_settings:
- map_merge:
- - get_attr: [CeilometerServiceBase, role_data, config_settings]
- - ceilometer::collector::manage_service: false
- ceilometer::collector::enabled: false
- step_config: |
- include ::tripleo::profile::pacemaker::ceilometer::collector
+++ /dev/null
-heat_template_version: 2016-04-08
-
-description: >
- OpenStack Cinder API service with Pacemaker configured with Puppet.
-
-parameters:
- ServiceNetMap:
- default: {}
- description: Mapping of service_name -> network name. Typically set
- via parameter_defaults in the resource registry. This
- mapping overrides those in ServiceNetMapDefaults.
- type: json
- DefaultPasswords:
- default: {}
- type: json
- EndpointMap:
- default: {}
- description: Mapping of service endpoint -> protocol. Typically set
- via parameter_defaults in the resource registry.
- type: json
-
-resources:
-
- CinderApiBase:
- type: ../cinder-api.yaml
- properties:
- ServiceNetMap: {get_param: ServiceNetMap}
- DefaultPasswords: {get_param: DefaultPasswords}
- EndpointMap: {get_param: EndpointMap}
-
-outputs:
- role_data:
- description: Role data for the Cinder API role.
- value:
- service_name: cinder_api
- monitoring_subscription: {get_attr: [CinderApiBase, role_data, monitoring_subscription]}
- logging_source: {get_attr: [CinderApiBase, role_data, logging_source]}
- logging_groups: {get_attr: [CinderApiBase, role_data, logging_groups]}
- config_settings:
- map_merge:
- - get_attr: [CinderApiBase, role_data, config_settings]
- - cinder::api::manage_service: false
- cinder::api::enabled: false
- step_config: |
- include ::tripleo::profile::pacemaker::cinder::api
-heat_template_version: 2016-04-08
+heat_template_version: ocata
description: >
OpenStack Cinder Backup service with Pacemaker configured with Puppet
+++ /dev/null
-heat_template_version: 2016-04-08
-
-description: >
- OpenStack Cinder Scheduler service with Pacemaker configured with Puppet
-
-parameters:
- ServiceNetMap:
- default: {}
- description: Mapping of service_name -> network name. Typically set
- via parameter_defaults in the resource registry. This
- mapping overrides those in ServiceNetMapDefaults.
- type: json
- DefaultPasswords:
- default: {}
- type: json
- EndpointMap:
- default: {}
- description: Mapping of service endpoint -> protocol. Typically set
- via parameter_defaults in the resource registry.
- type: json
-
-resources:
-
- CinderSchedulerBase:
- type: ../cinder-scheduler.yaml
- properties:
- ServiceNetMap: {get_param: ServiceNetMap}
- DefaultPasswords: {get_param: DefaultPasswords}
- EndpointMap: {get_param: EndpointMap}
-
-outputs:
- role_data:
- description: Role data for the Cinder Scheduler role.
- value:
- service_name: cinder_scheduler
- monitoring_subscription: {get_attr: [CinderSchedulerBase, role_data, monitoring_subscription]}
- logging_source: {get_attr: [CinderSchedulerBase, role_data, logging_source]}
- logging_groups: {get_attr: [CinderSchedulerBase, role_data, logging_groups]}
- config_settings:
- map_merge:
- - get_attr: [CinderSchedulerBase, role_data, config_settings]
- - cinder::scheduler::manage_service: false
- cinder::scheduler::enabled: false
- step_config:
- include ::tripleo::profile::pacemaker::cinder::scheduler
-heat_template_version: 2016-04-08
+heat_template_version: ocata
description: >
OpenStack Cinder Volume service with Pacemaker configured with Puppet
+++ /dev/null
-heat_template_version: 2016-04-08
-
-description: >
- OpenStack Core (fake) service with Pacemaker configured with Puppet.
-
-parameters:
- ServiceNetMap:
- default: {}
- description: Mapping of service_name -> network name. Typically set
- via parameter_defaults in the resource registry. This
- mapping overrides those in ServiceNetMapDefaults.
- type: json
- DefaultPasswords:
- default: {}
- type: json
- EndpointMap:
- default: {}
- description: Mapping of service endpoint -> protocol. Typically set
- via parameter_defaults in the resource registry.
- type: json
-
-outputs:
- role_data:
- description: Role data for the Core role.
- value:
- service_name: core
- config_settings: {}
- step_config: |
- include ::tripleo::profile::pacemaker::core
\ No newline at end of file
+++ /dev/null
-heat_template_version: 2016-04-08
-
-description: >
- MongoDb service deployment using puppet
-
-parameters:
- #Parameters not used EndpointMap
- ServiceNetMap:
- default: {}
- description: Mapping of service_name -> network name. Typically set
- via parameter_defaults in the resource registry. This
- mapping overrides those in ServiceNetMapDefaults.
- type: json
- DefaultPasswords:
- default: {}
- type: json
- EndpointMap:
- default: {}
- description: Mapping of service endpoint -> protocol. Typically set
- via parameter_defaults in the resource registry.
- type: json
-
-resources:
- MongoDbBase:
- type: ../../database/mongodb.yaml
- properties:
- ServiceNetMap: {get_param: ServiceNetMap}
- DefaultPasswords: {get_param: DefaultPasswords}
- EndpointMap: {get_param: EndpointMap}
-
-outputs:
- role_data:
- description: Service mongodb using composable services.
- value:
- service_name: mongodb
- config_settings:
- map_merge:
- - get_attr: [MongoDbBase, role_data, config_settings]
- - tripleo::profile::pacemaker::database::mongodb::mongodb_replset: {get_attr: [MongoDbBase, aux_parameters, rplset_name]}
- mongodb::server::service_manage: False
- step_config: |
- include ::tripleo::profile::pacemaker::database::mongodb
-heat_template_version: 2016-04-08
+heat_template_version: ocata
description: >
MySQL with Pacemaker service deployment using puppet
-heat_template_version: 2016-04-08
+heat_template_version: ocata
description: >
OpenStack Redis service configured with Puppet
+++ /dev/null
-heat_template_version: 2016-04-08
-
-description: >
- OpenStack Glance API service with Pacemaker configured with Puppet.
-
-parameters:
- ServiceNetMap:
- default: {}
- description: Mapping of service_name -> network name. Typically set
- via parameter_defaults in the resource registry. This
- mapping overrides those in ServiceNetMapDefaults.
- type: json
- DefaultPasswords:
- default: {}
- type: json
- EndpointMap:
- default: {}
- description: Mapping of service endpoint -> protocol. Typically set
- via parameter_defaults in the resource registry.
- type: json
- GlanceFilePcmkDevice:
- default: ''
- description: >
- An exported storage device that should be mounted by Pacemaker
- as Glance storage. Effective when GlanceFilePcmkManage is true.
- type: string
- GlanceFilePcmkFstype:
- default: 'nfs'
- description: >
- Filesystem type for Pacemaker mount used as Glance storage.
- Effective when GlanceFilePcmkManage is true.
- type: string
- GlanceFilePcmkManage:
- default: false
- description: >
- Whether to make Glance file backend a mount managed by Pacemaker.
- Effective when GlanceBackend is 'file'.
- type: boolean
- GlanceFilePcmkOptions:
- default: ''
- description: >
- Mount options for Pacemaker mount used as Glance storage.
- Effective when GlanceFilePcmkManage is true.
- type: string
-
-resources:
-
- GlanceApiBase:
- type: ../glance-api.yaml
- properties:
- ServiceNetMap: {get_param: ServiceNetMap}
- DefaultPasswords: {get_param: DefaultPasswords}
- EndpointMap: {get_param: EndpointMap}
-
-outputs:
- role_data:
- description: Role data for the Glance role.
- value:
- service_name: glance_api
- monitoring_subscription: {get_attr: [GlanceApiBase, role_data, monitoring_subscription]}
- logging_source: {get_attr: [GlanceApiBase, role_data, logging_source]}
- logging_groups: {get_attr: [GlanceApiBase, role_data, logging_groups]}
- config_settings:
- map_merge:
- - get_attr: [GlanceApiBase, role_data, config_settings]
- - glance_file_pcmk_device: {get_param: GlanceFilePcmkDevice}
- glance_file_pcmk_fstype: {get_param: GlanceFilePcmkFstype}
- glance_file_pcmk_manage: {get_param: GlanceFilePcmkManage}
- glance_file_pcmk_options: {get_param: GlanceFilePcmkOptions}
- glance_file_pcmk_directory: '/var/lib/glance/images'
- glance::api::manage_service: false
- glance::api::enabled: false
- step_config: |
- include ::tripleo::profile::pacemaker::glance
+++ /dev/null
-heat_template_version: 2016-04-08
-
-description: >
- OpenStack Glance Registry service with Pacemaker configured with Puppet
-
-parameters:
- ServiceNetMap:
- default: {}
- description: Mapping of service_name -> network name. Typically set
- via parameter_defaults in the resource registry. This
- mapping overrides those in ServiceNetMapDefaults.
- type: json
- DefaultPasswords:
- default: {}
- type: json
- EndpointMap:
- default: {}
- description: Mapping of service endpoint -> protocol. Typically set
- via parameter_defaults in the resource registry.
- type: json
-
-resources:
-
- GlanceRegistryBase:
- type: ../glance-registry.yaml
- properties:
- ServiceNetMap: {get_param: ServiceNetMap}
- DefaultPasswords: {get_param: DefaultPasswords}
- EndpointMap: {get_param: EndpointMap}
-
-outputs:
- role_data:
- description: Role data for the Glance role.
- value:
- service_name: glance_registry
- monitoring_subscription: {get_attr: [GlanceRegistryBase, role_data, monitoring_subscription]}
- logging_source: {get_attr: [GlanceRegistryBase, role_data, logging_source]}
- logging_groups: {get_attr: [GlanceRegistryBase, role_data, logging_groups]}
- config_settings:
- map_merge:
- - get_attr: [GlanceRegistryBase, role_data, config_settings]
- - glance::registry::manage_service: false
- glance::registry::enabled: false
- # No puppet manifests since glance-registry is included in
- # ::tripleo::profile::pacemaker::glance which is maintained alongside of
- # pacemaker/glance-api.yaml.
- step_config:
+++ /dev/null
-heat_template_version: 2016-04-08
-
-description: >
- Gnocchi service configured with Puppet
-
-parameters:
- ServiceNetMap:
- default: {}
- description: Mapping of service_name -> network name. Typically set
- via parameter_defaults in the resource registry. This
- mapping overrides those in ServiceNetMapDefaults.
- type: json
- DefaultPasswords:
- default: {}
- type: json
- EndpointMap:
- default: {}
- description: Mapping of service endpoint -> protocol. Typically set
- via parameter_defaults in the resource registry.
- type: json
- MonitoringSubscriptionGnocchiMetricd:
- default: 'overcloud-gnocchi-metricd'
- type: string
-
-resources:
- GnocchiServiceBase:
- type: ../gnocchi-metricd.yaml
- properties:
- ServiceNetMap: {get_param: ServiceNetMap}
- DefaultPasswords: {get_param: DefaultPasswords}
- EndpointMap: {get_param: EndpointMap}
-
-outputs:
- role_data:
- description: Role data for the Gnocchi role.
- value:
- service_name: gnocchi_metricd
- monitoring_subscription: {get_param: MonitoringSubscriptionGnocchiMetricd}
- config_settings:
- map_merge:
- - get_attr: [GnocchiServiceBase, role_data, config_settings]
- - gnocchi::metricd::manage_service: false
- gnocchi::metricd::enabled: false
- tripleo::profile::pacemaker::gnocchi::gnocchi_indexer_backend: {get_attr: [GnocchiServiceBase, aux_parameters, gnocchi_indexer_backend]}
-
- step_config: |
- include ::tripleo::profile::pacemaker::gnocchi::metricd
+++ /dev/null
-heat_template_version: 2016-04-08
-
-description: >
- Gnocchi service configured with Puppet
-
-parameters:
- ServiceNetMap:
- default: {}
- description: Mapping of service_name -> network name. Typically set
- via parameter_defaults in the resource registry. This
- mapping overrides those in ServiceNetMapDefaults.
- type: json
- DefaultPasswords:
- default: {}
- type: json
- EndpointMap:
- default: {}
- description: Mapping of service endpoint -> protocol. Typically set
- via parameter_defaults in the resource registry.
- type: json
- MonitoringSubscriptionGnocchiStatsd:
- default: 'overcloud-gnocchi-statsd'
- type: string
-
-resources:
- GnocchiServiceBase:
- type: ../gnocchi-statsd.yaml
- properties:
- ServiceNetMap: {get_param: ServiceNetMap}
- DefaultPasswords: {get_param: DefaultPasswords}
- EndpointMap: {get_param: EndpointMap}
-
-outputs:
- role_data:
- description: Role data for the Gnocchi role.
- value:
- service_name: gnocchi_statsd
- monitoring_subscription: {get_param: MonitoringSubscriptionGnocchiStatsd}
- config_settings:
- map_merge:
- - get_attr: [GnocchiServiceBase, role_data, config_settings]
- - gnocchi::statsd::manage_service: false
- gnocchi::statsd::enabled: false
- tripleo::profile::pacemaker::gnocchi::gnocchi_indexer_backend: {get_attr: [GnocchiServiceBase, aux_parameters, gnocchi_indexer_backend]}
- step_config: |
- include ::tripleo::profile::pacemaker::gnocchi::statsd
-heat_template_version: 2016-04-08
+heat_template_version: ocata
description: >
HAproxy service with Pacemaker configured with Puppet
+++ /dev/null
-heat_template_version: 2016-04-08
-
-description: >
- Openstack Heat CloudFormation API service configured with Puppet
-
-parameters:
- ServiceNetMap:
- default: {}
- description: Mapping of service_name -> network name. Typically set
- via parameter_defaults in the resource registry. This
- mapping overrides those in ServiceNetMapDefaults.
- type: json
- DefaultPasswords:
- default: {}
- type: json
- EndpointMap:
- default: {}
- description: Mapping of service endpoint -> protocol. Typically set
- via parameter_defaults in the resource registry.
- type: json
-
-resources:
- HeatApiCfnBase:
- type: ../heat-api-cfn.yaml
- properties:
- ServiceNetMap: {get_param: ServiceNetMap}
- DefaultPasswords: {get_param: DefaultPasswords}
- EndpointMap: {get_param: EndpointMap}
-
-outputs:
- role_data:
- description: Role data for the Heat CloudFormation API role.
- value:
- service_name: heat_api_cfn
- monitoring_subscription: {get_attr: [HeatApiCfnBase, role_data, monitoring_subscription]}
- logging_source: {get_attr: [HeatApiCfnBase, role_data, logging_source]}
- logging_groups: {get_attr: [HeatApiCfnBase, role_data, logging_groups]}
- config_settings:
- map_merge:
- - get_attr: [HeatApiCfnBase, role_data, config_settings]
- - heat::api_cfn::manage_service: false
- heat::api_cfn::enabled: false
- step_config: |
- include ::tripleo::profile::pacemaker::heat::api_cfn
+++ /dev/null
-heat_template_version: 2016-04-08
-
-description: >
- Openstack Heat CloudWatch API service configured with Puppet
-
-parameters:
- ServiceNetMap:
- default: {}
- description: Mapping of service_name -> network name. Typically set
- via parameter_defaults in the resource registry. This
- mapping overrides those in ServiceNetMapDefaults.
- type: json
- DefaultPasswords:
- default: {}
- type: json
- EndpointMap:
- default: {}
- description: Mapping of service endpoint -> protocol. Typically set
- via parameter_defaults in the resource registry.
- type: json
-
-resources:
- HeatApiCloudwatchBase:
- type: ../heat-api-cloudwatch.yaml
- properties:
- ServiceNetMap: {get_param: ServiceNetMap}
- DefaultPasswords: {get_param: DefaultPasswords}
- EndpointMap: {get_param: EndpointMap}
-
-outputs:
- role_data:
- description: Role data for the Heat Cloudwatch API role.
- value:
- service_name: heat_api_cloudwatch
- monitoring_subscription: {get_attr: [HeatApiCloudwatchBase, role_data, monitoring_subscription]}
- logging_source: {get_attr: [HeatApiCloudwatchBase, role_data, logging_source]}
- logging_groups: {get_attr: [HeatApiCloudwatchBase, role_data, logging_groups]}
- config_settings:
- map_merge:
- - get_attr: [HeatApiCloudwatchBase, role_data, config_settings]
- - heat::api_cloudwatch::manage_service: false
- heat::api_cloudwatch::enabled: false
- step_config: |
- include ::tripleo::profile::pacemaker::heat::api_cloudwatch
+++ /dev/null
-heat_template_version: 2016-04-08
-
-description: >
- Openstack Heat API service configured with Puppet
-
-parameters:
- ServiceNetMap:
- default: {}
- description: Mapping of service_name -> network name. Typically set
- via parameter_defaults in the resource registry. This
- mapping overrides those in ServiceNetMapDefaults.
- type: json
- DefaultPasswords:
- default: {}
- type: json
- EndpointMap:
- default: {}
- description: Mapping of service endpoint -> protocol. Typically set
- via parameter_defaults in the resource registry.
- type: json
-
-resources:
- HeatApiBase:
- type: ../heat-api.yaml
- properties:
- ServiceNetMap: {get_param: ServiceNetMap}
- DefaultPasswords: {get_param: DefaultPasswords}
- EndpointMap: {get_param: EndpointMap}
-
-outputs:
- role_data:
- description: Role data for the Heat API role.
- value:
- service_name: heat_api
- monitoring_subscription: {get_attr: [HeatApiBase, role_data, monitoring_subscription]}
- logging_source: {get_attr: [HeatApiBase, role_data, logging_source]}
- logging_groups: {get_attr: [HeatApiBase, role_data, logging_groups]}
- config_settings:
- map_merge:
- - get_attr: [HeatApiBase, role_data, config_settings]
- - heat::api::manage_service: false
- heat::api::enabled: false
- step_config: |
- include ::tripleo::profile::pacemaker::heat::api
+++ /dev/null
-heat_template_version: 2016-04-08
-
-description: >
- Openstack Heat Engine service configured with Puppet
-
-parameters:
- ServiceNetMap:
- default: {}
- description: Mapping of service_name -> network name. Typically set
- via parameter_defaults in the resource registry. This
- mapping overrides those in ServiceNetMapDefaults.
- type: json
- DefaultPasswords:
- default: {}
- type: json
- EndpointMap:
- default: {}
- description: Mapping of service endpoint -> protocol. Typically set
- via parameter_defaults in the resource registry.
- type: json
-
-resources:
- HeatEngineBase:
- type: ../heat-engine.yaml
- properties:
- ServiceNetMap: {get_param: ServiceNetMap}
- DefaultPasswords: {get_param: DefaultPasswords}
- EndpointMap: {get_param: EndpointMap}
-
-
-outputs:
- role_data:
- description: Role data for the Heat engine role.
- value:
- service_name: heat_engine
- monitoring_subscription: {get_attr: [HeatEngineBase, role_data, monitoring_subscription]}
- logging_source: {get_attr: [HeatEngineBase, role_data, logging_source]}
- logging_groups: {get_attr: [HeatEngineBase, role_data, logging_groups]}
- config_settings:
- map_merge:
- - get_attr: [HeatEngineBase, role_data, config_settings]
- - heat::engine::manage_service: false
- heat::engine::enabled: false
- step_config: |
- include ::tripleo::profile::pacemaker::heat::engine
+++ /dev/null
-heat_template_version: 2016-04-08
-
-description: >
- Horizon service with Pacemaker configured with Puppet.
-
-parameters:
- ServiceNetMap:
- default: {}
- description: Mapping of service_name -> network name. Typically set
- via parameter_defaults in the resource registry. This
- mapping overrides those in ServiceNetMapDefaults.
- type: json
- DefaultPasswords:
- default: {}
- type: json
- EndpointMap:
- default: {}
- description: Mapping of service endpoint -> protocol. Typically set
- via parameter_defaults in the resource registry.
- type: json
-
-resources:
-
- HorizonBase:
- type: ../horizon.yaml
- properties:
- ServiceNetMap: {get_param: ServiceNetMap}
- DefaultPasswords: {get_param: DefaultPasswords}
- EndpointMap: {get_param: EndpointMap}
-
-outputs:
- role_data:
- description: Role data for the Horizon role.
- value:
- service_name: horizon
- monitoring_subscription: {get_attr: [HorizonBase, role_data, monitoring_subscription]}
- config_settings:
- get_attr: [HorizonBase, role_data, config_settings]
- step_config: |
- include ::tripleo::profile::base::horizon
- include ::tripleo::profile::pacemaker::apache
+++ /dev/null
-heat_template_version: 2016-04-08
-
-description: >
- OpenStack Keystone service with Pacemaker configured with Puppet
-
-parameters:
- ServiceNetMap:
- default: {}
- description: Mapping of service_name -> network name. Typically set
- via parameter_defaults in the resource registry. This
- mapping overrides those in ServiceNetMapDefaults.
- type: json
- DefaultPasswords:
- default: {}
- type: json
- EndpointMap:
- default: {}
- description: Mapping of service endpoint -> protocol. Typically set
- via parameter_defaults in the resource registry.
- type: json
-
-resources:
-
- KeystoneServiceBase:
- type: ../keystone.yaml
- properties:
- ServiceNetMap: {get_param: ServiceNetMap}
- DefaultPasswords: {get_param: DefaultPasswords}
- EndpointMap: {get_param: EndpointMap}
-
-outputs:
- role_data:
- description: Role data for the Keystone pacemaker role.
- value:
- service_name: keystone
- monitoring_subscription: {get_attr: [KeystoneServiceBase, role_data, monitoring_subscription]}
- logging_source: {get_attr: [KeystoneServiceBase, role_data, logging_source]}
- logging_groups: {get_attr: [KeystoneServiceBase, role_data, logging_groups]}
- config_settings:
- map_merge:
- - get_attr: [KeystoneServiceBase, role_data, config_settings]
- - keystone::manage_service: false
- keystone::enabled: false
- step_config: |
- include ::tripleo::profile::pacemaker::keystone
-heat_template_version: 2016-04-08
+heat_template_version: ocata
description: >
The manila-share service with Pacemaker configured with Puppet
+++ /dev/null
-heat_template_version: 2016-04-08
-
-description: >
- Mecached service with Pacemaker configured with Puppet
-
-parameters:
- ServiceNetMap:
- default: {}
- description: Mapping of service_name -> network name. Typically set
- via parameter_defaults in the resource registry. This
- mapping overrides those in ServiceNetMapDefaults.
- type: json
- DefaultPasswords:
- default: {}
- type: json
- EndpointMap:
- default: {}
- description: Mapping of service endpoint -> protocol. Typically set
- via parameter_defaults in the resource registry.
- type: json
-
-resources:
-
- MemcachedServiceBase:
- type: ../memcached.yaml
- properties:
- ServiceNetMap: {get_param: ServiceNetMap}
- DefaultPasswords: {get_param: DefaultPasswords}
- EndpointMap: {get_param: EndpointMap}
-
-outputs:
- role_data:
- description: Role data for the Memcached pacemaker role.
- value:
- service_name: memcached
- monitoring_subscription: {get_attr: [MemcachedServiceBase, role_data, monitoring_subscription]}
- config_settings:
- map_merge:
- - get_attr: [MemcachedServiceBase, role_data, config_settings]
- - memcached::service_manage: false
- step_config: |
- include ::tripleo::profile::pacemaker::memcached
+++ /dev/null
-heat_template_version: 2016-04-08
-
-description: >
- OpenStack Neutron DHCP service with Pacemaker configured with Puppet.
-
-parameters:
- ServiceNetMap:
- default: {}
- description: Mapping of service_name -> network name. Typically set
- via parameter_defaults in the resource registry. This
- mapping overrides those in ServiceNetMapDefaults.
- type: json
- DefaultPasswords:
- default: {}
- type: json
- EndpointMap:
- default: {}
- description: Mapping of service endpoint -> protocol. Typically set
- via parameter_defaults in the resource registry.
- type: json
-
-resources:
-
- NeutronDhcpBase:
- type: ../neutron-dhcp.yaml
- properties:
- ServiceNetMap: {get_param: ServiceNetMap}
- DefaultPasswords: {get_param: DefaultPasswords}
- EndpointMap: {get_param: EndpointMap}
-
-outputs:
- role_data:
- description: Role data for the Neutron DHCP role.
- value:
- service_name: neutron_dhcp
- monitoring_subscription: {get_attr: [NeutronDhcpBase, role_data, monitoring_subscription]}
- logging_source: {get_attr: [NeutronDhcpBase, role_data, logging_source]}
- logging_groups: {get_attr: [NeutronDhcpBase, role_data, logging_groups]}
- config_settings:
- map_merge:
- - get_attr: [NeutronDhcpBase, role_data, config_settings]
- - tripleo::profile::pacemaker::neutron::enable_dhcp: True
- neutron::agents::dhcp::enabled: false
- neutron::agents::dhcp::manage_service: false
- step_config: |
- include ::tripleo::profile::pacemaker::neutron::dhcp
+++ /dev/null
-heat_template_version: 2016-04-08
-
-description: >
- OpenStack Neutron L3 service with Pacemaker configured with Puppet.
-
-parameters:
- ServiceNetMap:
- default: {}
- description: Mapping of service_name -> network name. Typically set
- via parameter_defaults in the resource registry. This
- mapping overrides those in ServiceNetMapDefaults.
- type: json
- DefaultPasswords:
- default: {}
- type: json
- EndpointMap:
- default: {}
- description: Mapping of service endpoint -> protocol. Typically set
- via parameter_defaults in the resource registry.
- type: json
-
-resources:
-
- NeutronL3Base:
- type: ../neutron-l3.yaml
- properties:
- ServiceNetMap: {get_param: ServiceNetMap}
- DefaultPasswords: {get_param: DefaultPasswords}
- EndpointMap: {get_param: EndpointMap}
-
-outputs:
- role_data:
- description: Role data for the Neutron L3 role.
- value:
- service_name: neutron_l3
- monitoring_subscription: {get_attr: [NeutronL3Base, role_data, monitoring_subscription]}
- logging_source: {get_attr: [NeutronL3Base, role_data, logging_source]}
- logging_groups: {get_attr: [NeutronL3Base, role_data, logging_groups]}
- config_settings:
- map_merge:
- - get_attr: [NeutronL3Base, role_data, config_settings]
- - tripleo::profile::pacemaker::neutron::enable_l3: True
- neutron::agents::l3::enabled: false
- neutron::agents::l3::manage_service: false
- step_config: |
- include ::tripleo::profile::pacemaker::neutron::l3
+++ /dev/null
-heat_template_version: 2016-04-08
-
-description: >
- OpenStack Neutron Metadata service with Pacemaker configured with Puppet.
-
-parameters:
- ServiceNetMap:
- default: {}
- description: Mapping of service_name -> network name. Typically set
- via parameter_defaults in the resource registry. This
- mapping overrides those in ServiceNetMapDefaults.
- type: json
- DefaultPasswords:
- default: {}
- type: json
- EndpointMap:
- default: {}
- description: Mapping of service endpoint -> protocol. Typically set
- via parameter_defaults in the resource registry.
- type: json
-
-resources:
-
- NeutronMetadataBase:
- type: ../neutron-metadata.yaml
- properties:
- ServiceNetMap: {get_param: ServiceNetMap}
- DefaultPasswords: {get_param: DefaultPasswords}
- EndpointMap: {get_param: EndpointMap}
-
-outputs:
- role_data:
- description: Role data for the Neutron Metadata role.
- value:
- service_name: neutron_metadata
- monitoring_subscription: {get_attr: [NeutronMetadataBase, role_data, monitoring_subscription]}
- logging_source: {get_attr: [NeutronMetadataBase, role_data, logging_source]}
- logging_groups: {get_attr: [NeutronMetadataBase, role_data, logging_groups]}
- config_settings:
- map_merge:
- - get_attr: [NeutronMetadataBase, role_data, config_settings]
- - tripleo::profile::pacemaker::neutron::enable_metadata: True
- step_config: |
- include ::tripleo::profile::pacemaker::neutron::metadata
+++ /dev/null
-heat_template_version: 2016-04-08
-
-description: >
- OpenStack Neutron Midonet with Pacemaker configured with Puppet
-
-parameters:
- ServiceNetMap:
- default: {}
- description: Mapping of service_name -> network name. Typically set
- via parameter_defaults in the resource registry. This
- mapping overrides those in ServiceNetMapDefaults.
- type: json
- DefaultPasswords:
- default: {}
- type: json
- EndpointMap:
- default: {}
- description: Mapping of service endpoint -> protocol. Typically set
- via parameter_defaults in the resource registry.
- type: json
-
-resources:
-
- NeutronMidonetBase:
- type: ../neutron-midonet.yaml
- properties:
- ServiceNetMap: {get_param: ServiceNetMap}
- DefaultPasswords: {get_param: DefaultPasswords}
- EndpointMap: {get_param: EndpointMap}
-
-outputs:
- role_data:
- description: Role data for the Neutron Midonet plugin.
- value:
- service_name: neutron_midonet
- monitoring_subscription: {get_attr: [NeutronMidonetBase, role_data, monitoring_subscription]}
- config_settings:
- map_merge:
- - get_attr: [NeutronMidonetBase, role_data, config_settings]
- step_config: |
- include ::tripleo::profile::pacemaker::neutron::plugins::midonet
+++ /dev/null
-heat_template_version: 2016-04-08
-
-description: >
- OpenStack Neutron OVS agent with Pacemaker configured with Puppet
-
-parameters:
- ServiceNetMap:
- default: {}
- description: Mapping of service_name -> network name. Typically set
- via parameter_defaults in the resource registry. This
- mapping overrides those in ServiceNetMapDefaults.
- type: json
- DefaultPasswords:
- default: {}
- type: json
- EndpointMap:
- default: {}
- description: Mapping of service endpoint -> protocol. Typically set
- via parameter_defaults in the resource registry.
- type: json
-
-resources:
-
- NeutronOvsBase:
- type: ../neutron-ovs-agent.yaml
- properties:
- ServiceNetMap: {get_param: ServiceNetMap}
- DefaultPasswords: {get_param: DefaultPasswords}
- EndpointMap: {get_param: EndpointMap}
-
-outputs:
- role_data:
- description: Role data for the Neutron OVS agent service.
- value:
- service_name: neutron_ovs_agent
- monitoring_subscription: {get_attr: [NeutronOvsBase, role_data, monitoring_subscription]}
- logging_source: {get_attr: [NeutronOvsBase, role_data, logging_source]}
- logging_groups: {get_attr: [NeutronOvsBase, role_data, logging_groups]}
- config_settings:
- get_attr: [NeutronOvsBase, role_data, config_settings]
- step_config: |
- include ::tripleo::profile::pacemaker::neutron::ovs
+++ /dev/null
-heat_template_version: 2016-04-08
-
-description: >
- OpenStack Neutron ML2 Plugin with Pacemaker configured with Puppet
-
-parameters:
- ServiceNetMap:
- default: {}
- description: Mapping of service_name -> network name. Typically set
- via parameter_defaults in the resource registry. This
- mapping overrides those in ServiceNetMapDefaults.
- type: json
- DefaultPasswords:
- default: {}
- type: json
- EndpointMap:
- default: {}
- description: Mapping of service endpoint -> protocol. Typically set
- via parameter_defaults in the resource registry.
- type: json
-
-resources:
-
- NeutronMl2Base:
- type: ../neutron-plugin-ml2.yaml
- properties:
- ServiceNetMap: {get_param: ServiceNetMap}
- DefaultPasswords: {get_param: DefaultPasswords}
- EndpointMap: {get_param: EndpointMap}
-
-outputs:
- role_data:
- description: Role data for the Neutron ML2 plugin.
- value:
- service_name: neutron_plugin_ml2
- config_settings:
- map_merge:
- - get_attr: [NeutronMl2Base, role_data, config_settings]
- - neutron::agents::ml2::ovs::enabled: false
- neutron::agents::ml2::ovs::manage_service: false
- step_config: |
- include ::tripleo::profile::pacemaker::neutron::plugins::ml2
+++ /dev/null
-heat_template_version: 2016-04-08
-
-description: >
- OpenStack Neutron Nuage Plugin with Pacemaker configured with Puppet
-
-parameters:
- ServiceNetMap:
- default: {}
- description: Mapping of service_name -> network name. Typically set
- via parameter_defaults in the resource registry. This
- mapping overrides those in ServiceNetMapDefaults.
- type: json
- DefaultPasswords:
- default: {}
- type: json
- EndpointMap:
- default: {}
- description: Mapping of service endpoint -> protocol. Typically set
- via parameter_defaults in the resource registry.
- type: json
-
-resources:
-
- NeutronPluginNuageBase:
- type: ../neutron-plugin-nuage.yaml
- properties:
- ServiceNetMap: {get_param: ServiceNetMap}
- DefaultPasswords: {get_param: DefaultPasswords}
- EndpointMap: {get_param: EndpointMap}
-
-outputs:
- role_data:
- description: Role data for the Neutron Nuage plugin.
- value:
- service_name: neutron_plugin_nuage
- config_settings:
- map_merge:
- - get_attr: [NeutronPluginNuageBase, role_data, config_settings]
- step_config: |
- include ::tripleo::profile::pacemaker::neutron::plugins::nuage
+++ /dev/null
-heat_template_version: 2016-04-08
-
-description: >
- OpenStack Neutron OpenContrail Plugin with Pacemaker configured with Puppet
-
-parameters:
- ServiceNetMap:
- default: {}
- description: Mapping of service_name -> network name. Typically set
- via parameter_defaults in the resource registry. This
- mapping overrides those in ServiceNetMapDefaults.
- type: json
- DefaultPasswords:
- default: {}
- type: json
- EndpointMap:
- default: {}
- description: Mapping of service endpoint -> protocol. Typically set
- via parameter_defaults in the resource registry.
- type: json
-
-resources:
-
- NeutronPluginOpenContrail:
- type: ../neutron-plugin-nuage.yaml
- properties:
- ServiceNetMap: {get_param: ServiceNetMap}
- DefaultPasswords: {get_param: DefaultPasswords}
- EndpointMap: {get_param: EndpointMap}
-
-outputs:
- role_data:
- description: Role data for the Neutron OpenContrail plugin.
- value:
- service_name: neutron_plugin_opencontrail
- config_settings:
- map_merge:
- - get_attr: [NeutronPluginOpenContrail, role_data, config_settings]
- step_config: |
- include ::tripleo::profile::pacemaker::neutron::plugins::opencontrail
+++ /dev/null
-heat_template_version: 2016-04-08
-
-description: >
- OpenStack Neutron PLUMgrid Plugin with Pacemaker configured with Puppet
-
-parameters:
- ServiceNetMap:
- default: {}
- description: Mapping of service_name -> network name. Typically set
- via parameter_defaults in the resource registry. This
- mapping overrides those in ServiceNetMapDefaults.
- type: json
- DefaultPasswords:
- default: {}
- type: json
- EndpointMap:
- default: {}
- description: Mapping of service endpoint -> protocol. Typically set
- via parameter_defaults in the resource registry.
- type: json
-
-resources:
-
- NeutronPluginPlumgridBase:
- type: ../neutron-plugin-ml2.yaml
- properties:
- ServiceNetMap: {get_param: ServiceNetMap}
- DefaultPasswords: {get_param: DefaultPasswords}
- EndpointMap: {get_param: EndpointMap}
-
-outputs:
- role_data:
- description: Role data for the Neutron PLUMgrid plugin.
- value:
- service_name: neutron_plugin_plumgrid
- config_settings:
- map_merge:
- - get_attr: [NeutronPluginPlumgridBase, role_data, config_settings]
- step_config: |
- include ::tripleo::profile::pacemaker::neutron::plugins::plumgrid
+++ /dev/null
-heat_template_version: 2016-04-08
-
-description: >
- OpenStack Neutron Server with Pacemaker configured with Puppet.
-
-parameters:
- ServiceNetMap:
- default: {}
- description: Mapping of service_name -> network name. Typically set
- via parameter_defaults in the resource registry. This
- mapping overrides those in ServiceNetMapDefaults.
- type: json
- DefaultPasswords:
- default: {}
- type: json
- EndpointMap:
- default: {}
- description: Mapping of service endpoint -> protocol. Typically set
- via parameter_defaults in the resource registry.
- type: json
- NeutronL3HA:
- default: true
- description: Whether to enable HA for virtual routers
- type: boolean
-
-resources:
-
- NeutronServerBase:
- type: ../neutron-server.yaml
- properties:
- ServiceNetMap: {get_param: ServiceNetMap}
- DefaultPasswords: {get_param: DefaultPasswords}
- EndpointMap: {get_param: EndpointMap}
-
-outputs:
- role_data:
- description: Role data for the Neutron Server.
- value:
- service_name: neutron_server
- monitoring_subscription: {get_attr: [NeutronServerBase, role_data, monitoring_subscription]}
- config_settings:
- map_merge:
- - get_attr: [NeutronServerBase, role_data, config_settings]
- - neutron::server::enabled: false
- neutron::server::manage_service: false
- neutron::server::l3_ha: {get_param: NeutronL3HA}
- step_config: |
- include ::tripleo::profile::pacemaker::neutron::server
+++ /dev/null
-heat_template_version: 2016-04-08
-
-description: >
- OpenStack Nova API service with Pacemaker configured with Puppet.
-
-parameters:
- ServiceNetMap:
- default: {}
- description: Mapping of service_name -> network name. Typically set
- via parameter_defaults in the resource registry. This
- mapping overrides those in ServiceNetMapDefaults.
- type: json
- DefaultPasswords:
- default: {}
- type: json
- EndpointMap:
- default: {}
- description: Mapping of service endpoint -> protocol. Typically set
- via parameter_defaults in the resource registry.
- type: json
-
-resources:
-
- NovaApiBase:
- type: ../nova-api.yaml
- properties:
- ServiceNetMap: {get_param: ServiceNetMap}
- DefaultPasswords: {get_param: DefaultPasswords}
- EndpointMap: {get_param: EndpointMap}
-
-outputs:
- role_data:
- description: Role data for the Nova API role.
- value:
- service_name: nova_api
- monitoring_subscription: {get_attr: [NovaApiBase, role_data, monitoring_subscription]}
- logging_source: {get_attr: [NovaApiBase, role_data, logging_source]}
- logging_groups: {get_attr: [NovaApiBase, role_data, logging_groups]}
- config_settings:
- map_merge:
- - get_attr: [NovaApiBase, role_data, config_settings]
- - nova::api::manage_service: false
- nova::api::enabled: false
- step_config: |
- include ::tripleo::profile::pacemaker::nova::api
+++ /dev/null
-heat_template_version: 2016-04-08
-
-description: >
- OpenStack Nova Conductor service with Pacemaker configured with Puppet.
-
-parameters:
- ServiceNetMap:
- default: {}
- description: Mapping of service_name -> network name. Typically set
- via parameter_defaults in the resource registry. This
- mapping overrides those in ServiceNetMapDefaults.
- type: json
- DefaultPasswords:
- default: {}
- type: json
- EndpointMap:
- default: {}
- description: Mapping of service endpoint -> protocol. Typically set
- via parameter_defaults in the resource registry.
- type: json
-
-resources:
-
- NovaConductorBase:
- type: ../nova-conductor.yaml
- properties:
- ServiceNetMap: {get_param: ServiceNetMap}
- DefaultPasswords: {get_param: DefaultPasswords}
- EndpointMap: {get_param: EndpointMap}
-
-outputs:
- role_data:
- description: Role data for the Nova Conductor role.
- value:
- service_name: nova_conductor
- monitoring_subscription: {get_attr: [NovaConductorBase, role_data, monitoring_subscription]}
- logging_source: {get_attr: [NovaConductorBase, role_data, logging_source]}
- logging_groups: {get_attr: [NovaConductorBase, role_data, logging_groups]}
- config_settings:
- map_merge:
- - get_attr: [NovaConductorBase, role_data, config_settings]
- - nova::conductor::manage_service: false
- nova::conductor::enabled: false
- step_config: |
- include ::tripleo::profile::pacemaker::nova::conductor
+++ /dev/null
-heat_template_version: 2016-04-08
-
-description: >
- OpenStack Nova Consoleauth service with Pacemaker configured with Puppet.
-
-parameters:
- ServiceNetMap:
- default: {}
- description: Mapping of service_name -> network name. Typically set
- via parameter_defaults in the resource registry. This
- mapping overrides those in ServiceNetMapDefaults.
- type: json
- DefaultPasswords:
- default: {}
- type: json
- EndpointMap:
- default: {}
- description: Mapping of service endpoint -> protocol. Typically set
- via parameter_defaults in the resource registry.
- type: json
-
-resources:
-
- NovaConsoleauthBase:
- type: ../nova-consoleauth.yaml
- properties:
- ServiceNetMap: {get_param: ServiceNetMap}
- DefaultPasswords: {get_param: DefaultPasswords}
- EndpointMap: {get_param: EndpointMap}
-
-outputs:
- role_data:
- description: Role data for the Nova Consoleauth role.
- value:
- service_name: nova_consoleauth
- monitoring_subscription: {get_attr: [NovaConsoleauthBase, role_data, monitoring_subscription]}
- logging_source: {get_attr: [NovaConsoleauthBase, role_data, logging_source]}
- logging_groups: {get_attr: [NovaConsoleauthBase, role_data, logging_groups]}
- config_settings:
- map_merge:
- - get_attr: [NovaConsoleauthBase, role_data, config_settings]
- - nova::consoleauth::manage_service: false
- nova::consoleauth::enabled: false
- step_config: |
- include ::tripleo::profile::pacemaker::nova::consoleauth
+++ /dev/null
-heat_template_version: 2016-04-08
-
-description: >
- OpenStack Nova Scheduler service with Pacemaker configured with Puppet.
-
-parameters:
- ServiceNetMap:
- default: {}
- description: Mapping of service_name -> network name. Typically set
- via parameter_defaults in the resource registry. This
- mapping overrides those in ServiceNetMapDefaults.
- type: json
- DefaultPasswords:
- default: {}
- type: json
- EndpointMap:
- default: {}
- description: Mapping of service endpoint -> protocol. Typically set
- via parameter_defaults in the resource registry.
- type: json
-
-resources:
-
- NovaSchedulerBase:
- type: ../nova-scheduler.yaml
- properties:
- ServiceNetMap: {get_param: ServiceNetMap}
- DefaultPasswords: {get_param: DefaultPasswords}
- EndpointMap: {get_param: EndpointMap}
-
-outputs:
- role_data:
- description: Role data for the Nova Scheduler role.
- value:
- service_name: nova_scheduler
- monitoring_subscription: {get_attr: [NovaSchedulerBase, role_data, monitoring_subscription]}
- logging_source: {get_attr: [NovaSchedulerBase, role_data, logging_source]}
- logging_groups: {get_attr: [NovaSchedulerBase, role_data, logging_groups]}
- config_settings:
- map_merge:
- - get_attr: [NovaSchedulerBase, role_data, config_settings]
- - nova::scheduler::manage_service: false
- nova::scheduler::enabled: false
- step_config: |
- include ::tripleo::profile::pacemaker::nova::scheduler
+++ /dev/null
-heat_template_version: 2016-04-08
-
-description: >
- OpenStack Nova Vncproxy service with Pacemaker configured with Puppet.
-
-parameters:
- ServiceNetMap:
- default: {}
- description: Mapping of service_name -> network name. Typically set
- via parameter_defaults in the resource registry. This
- mapping overrides those in ServiceNetMapDefaults.
- type: json
- DefaultPasswords:
- default: {}
- type: json
- EndpointMap:
- default: {}
- description: Mapping of service endpoint -> protocol. Typically set
- via parameter_defaults in the resource registry.
- type: json
-
-resources:
-
- NovaVncproxyBase:
- type: ../nova-vnc-proxy.yaml
- properties:
- ServiceNetMap: {get_param: ServiceNetMap}
- DefaultPasswords: {get_param: DefaultPasswords}
- EndpointMap: {get_param: EndpointMap}
-
-outputs:
- role_data:
- description: Role data for the Nova Vncproxy role.
- value:
- service_name: nova_vnc_proxy
- monitoring_subscription: {get_attr: [NovaVncproxyBase, role_data, monitoring_subscription]}
- logging_source: {get_attr: [NovaVncproxyBase, role_data, logging_source]}
- logging_groups: {get_attr: [NovaVncproxyBase, role_data, logging_groups]}
- config_settings:
- map_merge:
- - get_attr: [NovaVncproxyBase, role_data, config_settings]
- - nova::vncproxy::manage_service: false
- nova::vncproxy::enabled: false
- step_config: |
- include ::tripleo::profile::pacemaker::nova::vncproxy
-heat_template_version: 2016-04-08
+heat_template_version: ocata
description: >
RabbitMQ service with Pacemaker configured with Puppet
+++ /dev/null
-heat_template_version: 2016-04-08
-
-description: >
- OpenStack Sahara API service with Pacemaker configured with Puppet
-
-parameters:
- ServiceNetMap:
- default: {}
- description: Mapping of service_name -> network name. Typically set
- via parameter_defaults in the resource registry. This
- mapping overrides those in ServiceNetMapDefaults.
- type: json
- DefaultPasswords:
- default: {}
- type: json
- EndpointMap:
- default: {}
- description: Mapping of service endpoint -> protocol. Typically set
- via parameter_defaults in the resource registry.
- type: json
-
-resources:
-
- SaharaApiBase:
- type: ../sahara-api.yaml
- properties:
- ServiceNetMap: {get_param: ServiceNetMap}
- DefaultPasswords: {get_param: DefaultPasswords}
- EndpointMap: {get_param: EndpointMap}
-
-outputs:
- role_data:
- description: Role data for the Sahara API role.
- value:
- service_name: sahara_api
- monitoring_subscription: {get_attr: [SaharaApiBase, role_data, monitoring_subscription]}
- logging_source: {get_attr: [SaharaApiBase, role_data, logging_source]}
- logging_groups: {get_attr: [SaharaApiBase, role_data, logging_groups]}
- config_settings:
- map_merge:
- - get_attr: [SaharaApiBase, role_data, config_settings]
- - sahara::service::api::manage_service: false
- sahara::service::api::enabled: false
- step_config: |
- include ::tripleo::profile::pacemaker::sahara::api
+++ /dev/null
-heat_template_version: 2016-04-08
-
-description: >
- OpenStack Sahara Engine service with Pacemaker configured with Puppet
-
-parameters:
- ServiceNetMap:
- default: {}
- description: Mapping of service_name -> network name. Typically set
- via parameter_defaults in the resource registry. This
- mapping overrides those in ServiceNetMapDefaults.
- type: json
- DefaultPasswords:
- default: {}
- type: json
- EndpointMap:
- default: {}
- description: Mapping of service endpoint -> protocol. Typically set
- via parameter_defaults in the resource registry.
- type: json
-
-resources:
-
- SaharaEngineBase:
- type: ../sahara-engine.yaml
- properties:
- ServiceNetMap: {get_param: ServiceNetMap}
- DefaultPasswords: {get_param: DefaultPasswords}
- EndpointMap: {get_param: EndpointMap}
-
-outputs:
- role_data:
- description: Role data for the Sahara Engine role.
- value:
- service_name: sahara_engine
- monitoring_subscription: {get_attr: [SaharaEngineBase, role_data, monitoring_subscription]}
- logging_source: {get_attr: [SaharaEngineBase, role_data, logging_source]}
- logging_groups: {get_attr: [SaharaEngineBase, role_data, logging_groups]}
- config_settings:
- map_merge:
- - get_attr: [SaharaEngineBase, role_data, config_settings]
- - sahara::service::engine::manage_service: false
- sahara::service::engine::enabled: false
- step_config: |
- include ::tripleo::profile::pacemaker::sahara::engine
-heat_template_version: 2016-04-08
+heat_template_version: ocata
description: >
OpenStack Panko API service configured with Puppet
-heat_template_version: 2016-04-08
+heat_template_version: ocata
description: >
OpenStack Panko service configured with Puppet
value:
service_name: panko_base
config_settings:
- panko_redis_password: {get_param: RedisPassword}
panko::db::database_connection:
list_join:
- ''
- '@'
- {get_param: [EndpointMap, MysqlInternal, host]}
- '/panko'
+ - '?bind_address='
+ - "%{hiera('tripleo::profile::base::database::mysql::client_bind_address')}"
panko::debug: {get_param: Debug}
panko::auth::auth_url: {get_param: [EndpointMap, KeystoneInternal, uri_no_suffix] }
panko::keystone::authtoken::project_name: 'service'
-heat_template_version: 2016-10-14
+heat_template_version: ocata
description: >
RabbitMQ service configured with Puppet
rabbitmq::delete_guest_user: false
rabbitmq::wipe_db_on_cookie_change: true
rabbitmq::port: '5672'
+ rabbitmq::package_provider: yum
rabbitmq::package_source: undef
rabbitmq::repos_ensure: false
rabbitmq::tcp_keepalive: true
-heat_template_version: 2016-04-08
+heat_template_version: ocata
description: >
OpenStack Sahara API service configured with Puppet
-heat_template_version: 2016-04-08
+heat_template_version: ocata
description: >
OpenStack Sahara base service. Shared for all Sahara services.
- '@'
- {get_param: [EndpointMap, MysqlInternal, host]}
- '/sahara'
+ - '?bind_address='
+ - "%{hiera('tripleo::profile::base::database::mysql::client_bind_address')}"
sahara::rabbit_password: {get_param: RabbitPassword}
sahara::rabbit_user: {get_param: RabbitUserName}
sahara::rabbit_use_ssl: {get_param: RabbitClientUseSSL}
-heat_template_version: 2016-04-08
+heat_template_version: ocata
description: >
OpenStack Sahara Engine service configured with Puppet
-heat_template_version: 2016-10-14
+heat_template_version: ocata
description: >
Utility stack to convert an array of services into a set of combined
LoggingConfiguration:
type: OS::TripleO::LoggingConfiguration
+ ServiceServerMetadataHook:
+ type: OS::TripleO::ServiceServerMetadataHook
+ properties:
+ RoleData: {get_attr: [ServiceChain, role_data]}
+
outputs:
role_data:
description: Combined Role data for this set of services.
# Note we use distinct() here to filter any identical tasks, e.g yum update for all services
expression: $.data.where($ != null).select($.get('upgrade_tasks')).where($ != null).flatten().distinct()
data: {get_attr: [ServiceChain, role_data]}
+ service_metadata_settings: {get_attr: [ServiceServerMetadataHook, metadata]}
-heat_template_version: 2016-04-08
+heat_template_version: ocata
description: >
SNMP client configured with Puppet, to facilitate Ceilometer Hardware
-heat_template_version: 2016-04-08
+heat_template_version: ocata
description: >
OpenStack Swift Proxy service configured with Puppet
-heat_template_version: 2016-04-08
+heat_template_version: ocata
description: >
OpenStack Swift Proxy service configured with Puppet
default: guest
description: The username for RabbitMQ
type: string
+ SwiftCeilometerPipelineEnabled:
+ description: Set to False to disable the swift proxy ceilometer pipeline.
+ default: True
+ type: boolean
+ RabbitClientPort:
+ default: 5672
+ description: Set rabbit subscriber port, change this if using SSL
+ type: number
+
+conditions:
+
+ ceilometer_pipeline_enabled: {equals : [{get_param: SwiftCeilometerPipelineEnabled}, True]}
resources:
SwiftBase:
swift::proxy::ceilometer::rabbit_password: {get_param: RabbitPassword}
swift::proxy::staticweb::url_base: {get_param: [EndpointMap, SwiftPublic, uri_no_suffix]}
swift::proxy::ceilometer::nonblocking_notify: true
+ tripleo::profile::base::swift::proxy::rabbit_port: {get_param: RabbitClientPort}
+ tripleo::profile::base::swift::proxy::ceilometer_enabled: {get_param: SwiftCeilometerPipelineEnabled}
tripleo.swift_proxy.firewall_rules:
'122 swift proxy':
dport:
- ResellerAdmin
swift::proxy::versioned_writes::allow_versioned_writes: true
swift::proxy::pipeline:
- - 'catch_errors'
- - 'healthcheck'
- - 'proxy-logging'
- - 'cache'
- - 'ratelimit'
- - 'bulk'
- - 'tempurl'
- - 'formpost'
- - 'authtoken'
- - 'keystone'
- - 'staticweb'
- - 'copy'
- - 'container-quotas'
- - 'account-quotas'
- - 'slo'
- - 'dlo'
- - 'versioned_writes'
- - 'ceilometer'
- - 'proxy-logging'
- - 'proxy-server'
+ yaql:
+ expression: $.data.pipeline.where($ != '')
+ data:
+ pipeline:
+ - 'catch_errors'
+ - 'healthcheck'
+ - 'proxy-logging'
+ - 'cache'
+ - 'ratelimit'
+ - 'bulk'
+ - 'tempurl'
+ - 'formpost'
+ - 'authtoken'
+ - 'keystone'
+ - 'staticweb'
+ - 'copy'
+ - 'container-quotas'
+ - 'account-quotas'
+ - 'slo'
+ - 'dlo'
+ - 'versioned_writes'
+ -
+ if:
+ - ceilometer_pipeline_enabled
+ - 'ceilometer'
+ - ''
+ - 'proxy-logging'
+ - 'proxy-server'
swift::proxy::account_autocreate: true
# NOTE: bind IP is found in Heat replacing the network name with the
# local node IP for the given network; replacement examples
-heat_template_version: 2016-10-14
+heat_template_version: ocata
description: >
OpenStack Swift Ringbuilder
-heat_template_version: 2016-04-08
+heat_template_version: ocata
description: >
OpenStack Swift Storage service configured with Puppet
-heat_template_version: 2016-04-08
+heat_template_version: ocata
description: >
NTP service deployment using puppet, this YAML file
-heat_template_version: 2016-04-08
+heat_template_version: ocata
description: >
Composable Timezone service
-heat_template_version: 2016-04-08
+heat_template_version: ocata
description: >
TripleO Firewall settings
-heat_template_version: 2016-04-08
+heat_template_version: ocata
description: >
TripleO Package installation settings
-heat_template_version: 2016-04-08
+heat_template_version: ocata
description: >
Openstack Zaqar service. Shared for all Heat services.
-heat_template_version: 2016-10-14
+heat_template_version: ocata
description: 'Upgrade for via ansible by applying a step related tag'
parameters:
template: "stepSTEP"
params:
STEP: {get_param: step}
+ modulepath: /usr/share/ansible-modules
inputs:
- name: role
config: {get_attr: [AnsibleConfig, value]}
-pbr>=0.5.21,<1.0
+# The order of packages is significant, because pip processes them in the order
+# of appearance. Changing the order has an impact on the overall integration
+# process, which may cause wedges in the gate later.
+pbr>=1.8 # Apache-2.0
Jinja2>=2.8 # BSD License (3 clause)
+six>=1.9.0 # MIT
# defaults to '%stackname%-{{role.name.lower()}}-%index%'
# sets the default for {{role.name}}HostnameFormat parameter in overcloud.yaml
#
+# disable_constraints: (boolean) optional, whether to disable Nova and Glance
+# constraints for each role specified in the templates.
+#
# ServicesDefault: (list) optional default list of services to be deployed
# on the role, defaults to an empty list. Sets the default for the
# {{role.name}}Services parameter in overcloud.yaml
-- name: Controller
+- name: Controller # the 'primary' role goes first
CountDefault: 1
ServicesDefault:
- OS::TripleO::Services::CACerts
+ - OS::TripleO::Services::CephMds
- OS::TripleO::Services::CephMon
- OS::TripleO::Services::CephExternal
- OS::TripleO::Services::CephRgw
- OS::TripleO::Services::CinderBackup
- OS::TripleO::Services::CinderScheduler
- OS::TripleO::Services::CinderVolume
- - OS::TripleO::Services::Core
- OS::TripleO::Services::Kernel
- OS::TripleO::Services::Keystone
- OS::TripleO::Services::GlanceApi
- OS::TripleO::Services::BarbicanApi
- OS::TripleO::Services::PankoApi
- OS::TripleO::Services::Zaqar
+ - OS::TripleO::Services::OVNDBs
- name: Compute
CountDefault: 1
--- /dev/null
+- name: Undercloud # the 'primary' role goes first
+ CountDefault: 1
+ disable_constraints: True
+ ServicesDefault:
+ - OS::TripleO::Services::Ntp
+ - OS::TripleO::Services::MySQL
+ - OS::TripleO::Services::MongoDb
+ - OS::TripleO::Services::Keystone
+ - OS::TripleO::Services::Apache
+ - OS::TripleO::Services::RabbitMQ
+ - OS::TripleO::Services::GlanceApi
+ - OS::TripleO::Services::GlanceRegistry
+ - OS::TripleO::Services::SwiftProxy
+ - OS::TripleO::Services::SwiftStorage
+ - OS::TripleO::Services::SwiftRingBuilder
+ - OS::TripleO::Services::Memcached
+ - OS::TripleO::Services::HeatApi
+ - OS::TripleO::Services::HeatApiCfn
+ - OS::TripleO::Services::HeatEngine
+ - OS::TripleO::Services::NovaApi
+ - OS::TripleO::Services::NovaMetadata
+ - OS::TripleO::Services::NovaScheduler
+ - OS::TripleO::Services::NovaConductor
+ - OS::TripleO::Services::MistralEngine
+ - OS::TripleO::Services::MistralApi
+ - OS::TripleO::Services::MistralExecutor
+ - OS::TripleO::Services::IronicApi
+ - OS::TripleO::Services::IronicConductor
+ - OS::TripleO::Services::NovaIronic
+ - OS::TripleO::Services::Zaqar
+ - OS::TripleO::Services::NeutronServer
+ - OS::TripleO::Services::NeutronApi
+ - OS::TripleO::Services::NeutronCorePlugin
+ - OS::TripleO::Services::NeutronOvsAgent
+ - OS::TripleO::Services::NeutronDhcpAgent
-#!/usr/bin/env python
# Copyright (c) 2013 Hewlett-Packard Development Company, L.P.
#
# Licensed under the Apache License, Version 2.0 (the "License");
# THIS FILE IS MANAGED BY THE GLOBAL REQUIREMENTS REPO - DO NOT EDIT
import setuptools
+# In python < 2.7.4, a lazy loading of package `pbr` will break
+# setuptools if some other modules registered functions in `atexit`.
+# solution from: http://bugs.python.org/issue15881#msg170215
+try:
+ import multiprocessing # noqa
+except ImportError:
+ pass
+
setuptools.setup(
- setup_requires=['pbr'],
+ setup_requires=['pbr>=1.8'],
pbr=True)
-pyyaml
+# The order of packages is significant, because pip processes them in the order
+# of appearance. Changing the order has an impact on the overall integration
+# process, which may cause wedges in the gate later.
+PyYAML>=3.10.0 # MIT
+Jinja2>=2.8 # BSD License (3 clause)
+six>=1.9.0 # MIT
import argparse
import jinja2
import os
+import six
import sys
import yaml
sys.exit(1)
+def validate_mysql_connection(settings):
+ no_op = lambda *args: False
+ error_status = [0]
+
+ def mysql_protocol(items):
+ return items == ['EndpointMap', 'MysqlInternal', 'protocol']
+
+ def client_bind_address(item):
+ return 'bind_address' in item
+
+ def validate_mysql_uri(key, items):
+ # Only consider a connection if it targets mysql
+ if key.endswith('connection') and \
+ search(items, mysql_protocol, no_op):
+ # Assume the "bind_address" option is one of
+ # the token that made up the uri
+ if not search(items, client_bind_address, no_op):
+ error_status[0] = 1
+ return False
+
+ def search(item, check_item, check_key):
+ if check_item(item):
+ return True
+ elif isinstance(item, list):
+ for i in item:
+ if search(i, check_item, check_key):
+ return True
+ elif isinstance(item, dict):
+ for k in item.keys():
+ if check_key(k, item[k]):
+ return True
+ elif search(item[k], check_item, check_key):
+ return True
+ return False
+
+ search(settings, no_op, validate_mysql_uri)
+ return error_status[0]
+
+
def validate_service(filename, tpl):
if 'outputs' in tpl and 'role_data' in tpl['outputs']:
if 'value' not in tpl['outputs']['role_data']:
print('ERROR: service_name should match file name for service: %s.'
% filename)
return 1
+ # if service connects to mysql, the uri should use option
+ # bind_address to avoid issues with VIP failover
+ if 'config_settings' in role_data and \
+ validate_mysql_connection(role_data['config_settings']):
+ print('ERROR: mysql connection uri should use option bind_address')
+ return 1
if 'parameters' in tpl:
for param in required_params:
if param not in tpl['parameters']:
Code Review / apex-tripleo-heat-templates.git / commitdiff