-# NOTE: This is an environment specific for containers upgrade
-# CI. Mainly we deploy non-pacemakerized overcloud, as at the time
-# being containerization of services managed by pacemaker is not
-# complete, so we deploy and upgrade the non-HA services for now.
+# NOTE: This is an environment specific for containers CI. Mainly we
+# deploy non-pacemakerized overcloud. Once we are able to deploy and
+# upgrade pacemakerized and containerized overcloud, we should remove
+# this file and use normal CI multinode environments/scenarios.
resource_registry:
OS::TripleO::Controller::Net::SoftwareConfig: ../common/net-config-multinode-os-net-config.yaml
--- /dev/null
+# NOTE: This is an environment specific for containers CI. Mainly we
+# deploy non-pacemakerized overcloud. Once we are able to deploy and
+# upgrade pacemakerized and containerized overcloud, we should remove
+# this file and use normal CI multinode environments/scenarios.
+
+resource_registry:
+ OS::TripleO::Controller::Net::SoftwareConfig: ../common/net-config-multinode.yaml
+ OS::TripleO::Compute::Net::SoftwareConfig: ../common/net-config-multinode.yaml
+ OS::TripleO::Services::CephMon: ../../puppet/services/ceph-mon.yaml
+ OS::TripleO::Services::CephOSD: ../../puppet/services/ceph-osd.yaml
+ OS::TripleO::Services::CephClient: ../../puppet/services/ceph-client.yaml
+ OS::TripleO::Services::PankoApi: ../../puppet/services/panko-api.yaml
+ OS::TripleO::Services::Collectd: ../../puppet/services/metrics/collectd.yaml
+ OS::TripleO::Services::Tacker: ../../puppet/services/tacker.yaml
+ OS::TripleO::Services::Congress: ../../puppet/services/congress.yaml
+ OS::TripleO::Services::FluentdClient: ../../puppet/services/logging/fluentd-client.yaml
+ OS::TripleO::Services::SensuClient: ../../puppet/services/monitoring/sensu-client.yaml
+ # NOTE: This is needed because of upgrades from Ocata to Pike. We
+ # deploy the initial environment with Ocata templates, and
+ # overcloud-resource-registry.yaml there doesn't have this Docker
+ # mapping at all. After we stop CI'ing Ocata->Pike upgrade, we can
+ # remove this.
+ OS::TripleO::Services::Docker: OS::Heat::None
+
+parameter_defaults:
+ ControllerServices:
+ - OS::TripleO::Services::Docker
+ - OS::TripleO::Services::Kernel
+ - OS::TripleO::Services::Keystone
+ - OS::TripleO::Services::GlanceApi
+ - OS::TripleO::Services::HeatApi
+ - OS::TripleO::Services::HeatApiCfn
+ - OS::TripleO::Services::HeatApiCloudwatch
+ - OS::TripleO::Services::HeatEngine
+ - OS::TripleO::Services::MySQL
+ - OS::TripleO::Services::MySQLClient
+ - OS::TripleO::Services::NeutronDhcpAgent
+ - OS::TripleO::Services::NeutronL3Agent
+ - OS::TripleO::Services::NeutronMetadataAgent
+ - OS::TripleO::Services::NeutronServer
+ - OS::TripleO::Services::NeutronCorePlugin
+ - OS::TripleO::Services::NeutronOvsAgent
+ - OS::TripleO::Services::RabbitMQ
+ - OS::TripleO::Services::HAproxy
+ - OS::TripleO::Services::Keepalived
+ - OS::TripleO::Services::Memcached
+ - OS::TripleO::Services::Pacemaker
+ - OS::TripleO::Services::NovaConductor
+ - OS::TripleO::Services::NovaApi
+ - OS::TripleO::Services::NovaPlacement
+ - OS::TripleO::Services::NovaMetadata
+ - OS::TripleO::Services::NovaScheduler
+ - OS::TripleO::Services::Ntp
+ - OS::TripleO::Services::Snmp
+ - OS::TripleO::Services::Sshd
+ - OS::TripleO::Services::Securetty
+ - OS::TripleO::Services::Timezone
+ - OS::TripleO::Services::NovaCompute
+ - OS::TripleO::Services::NovaLibvirt
+ - OS::TripleO::Services::MongoDb
+ - OS::TripleO::Services::Redis
+ - OS::TripleO::Services::AodhApi
+ - OS::TripleO::Services::AodhEvaluator
+ - OS::TripleO::Services::AodhNotifier
+ - OS::TripleO::Services::AodhListener
+ - OS::TripleO::Services::CeilometerAgentCentral
+ - OS::TripleO::Services::CeilometerAgentIpmi
+ - OS::TripleO::Services::CeilometerAgentNotification
+ - OS::TripleO::Services::GnocchiApi
+ - OS::TripleO::Services::GnocchiMetricd
+ - OS::TripleO::Services::GnocchiStatsd
+ - OS::TripleO::Services::PankoApi
+ - OS::TripleO::Services::CephMon
+ - OS::TripleO::Services::CephOSD
+ - OS::TripleO::Services::CephClient
+ - OS::TripleO::Services::CinderApi
+ - OS::TripleO::Services::CinderBackup
+ - OS::TripleO::Services::CinderScheduler
+ - OS::TripleO::Services::CinderVolume
+ - OS::TripleO::Services::Collectd
+ - OS::TripleO::Services::Tacker
+ - OS::TripleO::Services::Congress
+ - OS::TripleO::Services::TripleoPackages
+ - OS::TripleO::Services::TripleoFirewall
+ - OS::TripleO::Services::FluentdClient
+ - OS::TripleO::Services::SensuClient
+
+ ControllerExtraConfig:
+ nova::compute::libvirt::services::libvirt_virt_type: qemu
+ nova::compute::libvirt::libvirt_virt_type: qemu
+ Debug: true
+ #NOTE(gfidente): not great but we need this to deploy on ext4
+ #http://docs.ceph.com/docs/jewel/rados/configuration/filesystem-recommendations/
+ ExtraConfig:
+ ceph::profile::params::osd_max_object_name_len: 256
+ ceph::profile::params::osd_max_object_namespace_len: 64
+ #NOTE: These ID's and keys should be regenerated for
+ # a production deployment. What is here is suitable for
+ # developer and CI testing only.
+ CephClusterFSID: '4b5c8c0a-ff60-454b-a1b4-9747aa737d19'
+ CephMonKey: 'AQC+Ox1VmEr3BxAALZejqeHj50Nj6wJDvs96OQ=='
+ CephAdminKey: 'AQDLOh1VgEp6FRAAFzT7Zw+Y9V6JJExQAsRnRQ=='
+ CephClientKey: 'AQC+vYNXgDAgAhAAc8UoYt+OTz5uhV7ItLdwUw=='
+ NovaEnableRbdBackend: true
+ CinderEnableRbdBackend: true
+ CinderBackupBackend: ceph
+ GlanceBackend: rbd
+ GnocchiBackend: rbd
+ CinderEnableIscsiBackend: false
+ BannerText: |
+ ******************************************************************
+ * This system is for the use of authorized users only. Usage of *
+ * this system may be monitored and recorded by system personnel. *
+ * Anyone using this system expressly consents to such monitoring *
+ * and is advised that if such monitoring reveals possible *
+ * evidence of criminal activity, system personnel may provide *
+ * the evidence from such monitoring to law enforcement officials.*
+ ******************************************************************
+ CollectdExtraPlugins:
+ - rrdtool
+ LoggingServers:
+ - host: 127.0.0.1
+ port: 24224
+ MonitoringRabbitHost: 127.0.0.1
+ MonitoringRabbitPort: 5676
+ MonitoringRabbitPassword: sensu
+ TtyValues:
+ - console
+ - tty1
+ - tty2
+ - tty3
+ - tty4
+ - tty5
+ - tty6
--- /dev/null
+# NOTE: This is an environment specific for containers CI. Mainly we
+# deploy non-pacemakerized overcloud. Once we are able to deploy and
+# upgrade pacemakerized and containerized overcloud, we should remove
+# this file and use normal CI multinode environments/scenarios.
+
+resource_registry:
+ OS::TripleO::Controller::Net::SoftwareConfig: ../common/net-config-multinode.yaml
+ OS::TripleO::Compute::Net::SoftwareConfig: ../common/net-config-multinode.yaml
+ OS::TripleO::Services::BarbicanApi: ../../puppet/services/barbican-api.yaml
+ OS::TripleO::Services::Zaqar: ../../puppet/services/zaqar.yaml
+ OS::TripleO::Services::Ec2Api: ../../puppet/services/ec2-api.yaml
+ # NOTE: This is needed because of upgrades from Ocata to Pike. We
+ # deploy the initial environment with Ocata templates, and
+ # overcloud-resource-registry.yaml there doesn't have this Docker
+ # mapping at all. After we stop CI'ing Ocata->Pike upgrade, we can
+ # remove this.
+ OS::TripleO::Services::Docker: OS::Heat::None
+
+parameter_defaults:
+ ControllerServices:
+ - OS::TripleO::Services::Docker
+ - OS::TripleO::Services::Kernel
+ - OS::TripleO::Services::Keystone
+ - OS::TripleO::Services::GlanceApi
+ - OS::TripleO::Services::HeatApi
+ - OS::TripleO::Services::HeatApiCfn
+ - OS::TripleO::Services::HeatApiCloudwatch
+ - OS::TripleO::Services::HeatEngine
+ - OS::TripleO::Services::MySQL
+ - OS::TripleO::Services::MySQLClient
+ - OS::TripleO::Services::NeutronDhcpAgent
+ - OS::TripleO::Services::NeutronL3Agent
+ - OS::TripleO::Services::NeutronMetadataAgent
+ - OS::TripleO::Services::NeutronServer
+ - OS::TripleO::Services::NeutronCorePlugin
+ - OS::TripleO::Services::NeutronOvsAgent
+ - OS::TripleO::Services::RabbitMQ
+ - OS::TripleO::Services::HAproxy
+ - OS::TripleO::Services::Keepalived
+ - OS::TripleO::Services::Memcached
+ - OS::TripleO::Services::Pacemaker
+ - OS::TripleO::Services::NovaConductor
+ - OS::TripleO::Services::NovaApi
+ - OS::TripleO::Services::NovaPlacement
+ - OS::TripleO::Services::NovaMetadata
+ - OS::TripleO::Services::NovaScheduler
+ - OS::TripleO::Services::Ntp
+ - OS::TripleO::Services::Snmp
+ - OS::TripleO::Services::Timezone
+ - OS::TripleO::Services::NovaCompute
+ - OS::TripleO::Services::NovaLibvirt
+ - OS::TripleO::Services::CinderApi
+ - OS::TripleO::Services::CinderBackup
+ - OS::TripleO::Services::CinderScheduler
+ - OS::TripleO::Services::CinderVolume
+ - OS::TripleO::Services::SwiftProxy
+ - OS::TripleO::Services::SwiftStorage
+ - OS::TripleO::Services::SwiftRingBuilder
+ - OS::TripleO::Services::BarbicanApi
+ - OS::TripleO::Services::MongoDb
+ - OS::TripleO::Services::Zaqar
+ - OS::TripleO::Services::Ec2Api
+ - OS::TripleO::Services::TripleoPackages
+ - OS::TripleO::Services::TripleoFirewall
+ - OS::TripleO::Services::Sshd
+ ControllerExtraConfig:
+ nova::compute::libvirt::services::libvirt_virt_type: qemu
+ nova::compute::libvirt::libvirt_virt_type: qemu
+ Debug: true
+ SwiftCeilometerPipelineEnabled: false
--- /dev/null
+# NOTE: This is an environment specific for containers CI. Mainly we
+# deploy non-pacemakerized overcloud. Once we are able to deploy and
+# upgrade pacemakerized and containerized overcloud, we should remove
+# this file and use normal CI multinode environments/scenarios.
+
+resource_registry:
+ OS::TripleO::Controller::Net::SoftwareConfig: ../common/net-config-multinode.yaml
+ OS::TripleO::Compute::Net::SoftwareConfig: ../common/net-config-multinode.yaml
+ OS::TripleO::Services::SaharaApi: ../../puppet/services/sahara-api.yaml
+ OS::TripleO::Services::SaharaEngine: ../../puppet/services/sahara-engine.yaml
+ OS::TripleO::Services::MistralApi: ../../puppet/services/mistral-api.yaml
+ OS::TripleO::Services::MistralEngine: ../../puppet/services/mistral-engine.yaml
+ OS::TripleO::Services::MistralExecutor: ../../puppet/services/mistral-executor.yaml
+ # NOTE: This is needed because of upgrades from Ocata to Pike. We
+ # deploy the initial environment with Ocata templates, and
+ # overcloud-resource-registry.yaml there doesn't have this Docker
+ # mapping at all. After we stop CI'ing Ocata->Pike upgrade, we can
+ # remove this.
+ OS::TripleO::Services::Docker: OS::Heat::None
+
+parameter_defaults:
+ ControllerServices:
+ - OS::TripleO::Services::Docker
+ - OS::TripleO::Services::Kernel
+ - OS::TripleO::Services::Keystone
+ - OS::TripleO::Services::GlanceApi
+ - OS::TripleO::Services::HeatApi
+ - OS::TripleO::Services::HeatApiCfn
+ - OS::TripleO::Services::HeatApiCloudwatch
+ - OS::TripleO::Services::HeatEngine
+ - OS::TripleO::Services::MySQL
+ - OS::TripleO::Services::MySQLClient
+ - OS::TripleO::Services::NeutronDhcpAgent
+ - OS::TripleO::Services::NeutronL3Agent
+ - OS::TripleO::Services::NeutronMetadataAgent
+ - OS::TripleO::Services::NeutronServer
+ - OS::TripleO::Services::NeutronCorePlugin
+ - OS::TripleO::Services::NeutronOvsAgent
+ - OS::TripleO::Services::RabbitMQ
+ - OS::TripleO::Services::HAproxy
+ - OS::TripleO::Services::Keepalived
+ - OS::TripleO::Services::Memcached
+ - OS::TripleO::Services::Pacemaker
+ - OS::TripleO::Services::NovaConductor
+ - OS::TripleO::Services::NovaApi
+ - OS::TripleO::Services::NovaPlacement
+ - OS::TripleO::Services::NovaMetadata
+ - OS::TripleO::Services::NovaScheduler
+ - OS::TripleO::Services::Ntp
+ - OS::TripleO::Services::Snmp
+ - OS::TripleO::Services::Timezone
+ - OS::TripleO::Services::NovaCompute
+ - OS::TripleO::Services::NovaLibvirt
+ - OS::TripleO::Services::SaharaApi
+ - OS::TripleO::Services::SaharaEngine
+ - OS::TripleO::Services::MistralApi
+ - OS::TripleO::Services::MistralEngine
+ - OS::TripleO::Services::MistralExecutor
+ - OS::TripleO::Services::TripleoPackages
+ - OS::TripleO::Services::TripleoFirewall
+ - OS::TripleO::Services::Sshd
+ ControllerExtraConfig:
+ nova::compute::libvirt::services::libvirt_virt_type: qemu
+ nova::compute::libvirt::libvirt_virt_type: qemu
+ Debug: true
+ # we don't deploy Swift so we switch to file backend.
+ GlanceBackend: 'file'
+ KeystoneTokenProvider: 'fernet'
+ SwiftCeilometerPipelineEnabled: false
--- /dev/null
+# NOTE: This is an environment specific for containers CI. Mainly we
+# deploy non-pacemakerized overcloud. Once we are able to deploy and
+# upgrade pacemakerized and containerized overcloud, we should remove
+# this file and use normal CI multinode environments/scenarios.
+
+resource_registry:
+ OS::TripleO::Controller::Net::SoftwareConfig: ../common/net-config-multinode.yaml
+ OS::TripleO::Compute::Net::SoftwareConfig: ../common/net-config-multinode.yaml
+ OS::TripleO::Services::CephMds: ../../puppet/services/ceph-mds.yaml
+ OS::TripleO::Services::CephMon: ../../puppet/services/ceph-mon.yaml
+ OS::TripleO::Services::CephOSD: ../../puppet/services/ceph-osd.yaml
+ OS::TripleO::Services::CephRgw: ../../puppet/services/ceph-rgw.yaml
+ OS::TripleO::Services::SwiftProxy: OS::Heat::None
+ OS::TripleO::Services::SwiftStorage: OS::Heat::None
+ OS::TripleO::Services::SwiftRingBuilder: OS::Heat::None
+ OS::TripleO::Services::ManilaApi: ../../puppet/services/manila-api.yaml
+ OS::TripleO::Services::ManilaScheduler: ../../puppet/services/manila-scheduler.yaml
+ OS::TripleO::Services::ManilaShare: ../../puppet/services/manila-share.yaml
+ OS::TripleO::Services::ManilaBackendCephFs: ../../puppet/services/manila-backend-cephfs.yaml
+ OS::TripleO::Services::NeutronBgpVpnApi: ../../puppet/services/neutron-bgpvpn-api.yaml
+ # NOTE: This is needed because of upgrades from Ocata to Pike. We
+ # deploy the initial environment with Ocata templates, and
+ # overcloud-resource-registry.yaml there doesn't have this Docker
+ # mapping at all. After we stop CI'ing Ocata->Pike upgrade, we can
+ # remove this.
+ OS::TripleO::Services::Docker: OS::Heat::None
+
+
+parameter_defaults:
+ ControllerServices:
+ - OS::TripleO::Services::CephMds
+ - OS::TripleO::Services::CephMon
+ - OS::TripleO::Services::CephOSD
+ - OS::TripleO::Services::CephRgw
+ - OS::TripleO::Services::Docker
+ - OS::TripleO::Services::Kernel
+ - OS::TripleO::Services::Keystone
+ - OS::TripleO::Services::GlanceApi
+ - OS::TripleO::Services::HeatApi
+ - OS::TripleO::Services::HeatApiCfn
+ - OS::TripleO::Services::HeatApiCloudwatch
+ - OS::TripleO::Services::HeatEngine
+ - OS::TripleO::Services::MySQL
+ - OS::TripleO::Services::MySQLClient
+ - OS::TripleO::Services::NeutronBgpVpnApi
+ - OS::TripleO::Services::NeutronDhcpAgent
+ - OS::TripleO::Services::NeutronL3Agent
+ - OS::TripleO::Services::NeutronMetadataAgent
+ - OS::TripleO::Services::NeutronServer
+ - OS::TripleO::Services::NeutronCorePlugin
+ - OS::TripleO::Services::NeutronOvsAgent
+ - OS::TripleO::Services::RabbitMQ
+ - OS::TripleO::Services::HAproxy
+ - OS::TripleO::Services::Keepalived
+ - OS::TripleO::Services::ManilaApi
+ - OS::TripleO::Services::ManilaScheduler
+ - OS::TripleO::Services::ManilaBackendCephFs
+ - OS::TripleO::Services::ManilaShare
+ - OS::TripleO::Services::Memcached
+ - OS::TripleO::Services::Pacemaker
+ - OS::TripleO::Services::NovaConductor
+ - OS::TripleO::Services::NovaApi
+ - OS::TripleO::Services::NovaPlacement
+ - OS::TripleO::Services::NovaMetadata
+ - OS::TripleO::Services::NovaScheduler
+ - OS::TripleO::Services::Ntp
+ - OS::TripleO::Services::Snmp
+ - OS::TripleO::Services::Timezone
+ - OS::TripleO::Services::NovaCompute
+ - OS::TripleO::Services::NovaLibvirt
+ - OS::TripleO::Services::TripleoPackages
+ - OS::TripleO::Services::TripleoFirewall
+ - OS::TripleO::Services::Sshd
+ ControllerExtraConfig:
+ nova::compute::libvirt::services::libvirt_virt_type: qemu
+ nova::compute::libvirt::libvirt_virt_type: qemu
+ Debug: true
+ #NOTE(gfidente): not great but we need this to deploy on ext4
+ #http://docs.ceph.com/docs/jewel/rados/configuration/filesystem-recommendations/
+ ExtraConfig:
+ ceph::profile::params::osd_max_object_name_len: 256
+ ceph::profile::params::osd_max_object_namespace_len: 64
+ #NOTE: These ID's and keys should be regenerated for
+ # a production deployment. What is here is suitable for
+ # developer and CI testing only.
+ CephClusterFSID: '4b5c8c0a-ff60-454b-a1b4-9747aa737d19'
+ CephMonKey: 'AQC+Ox1VmEr3BxAALZejqeHj50Nj6wJDvs96OQ=='
+ CephAdminKey: 'AQDLOh1VgEp6FRAAFzT7Zw+Y9V6JJExQAsRnRQ=='
+ CephClientKey: 'AQC+vYNXgDAgAhAAc8UoYt+OTz5uhV7ItLdwUw=='
+ SwiftCeilometerPipelineEnabled: false
+ NeutronServicePlugins: 'router, networking_bgpvpn.neutron.services.plugin.BGPVPNPlugin'
+ BgpvpnServiceProvider: 'BGPVPN:Dummy:networking_bgpvpn.neutron.services.service_drivers.driver_api.BGPVPNDriver:default'
upgrade_tasks:
- name: Stop and disable ceilometer agent central service
tags: step2
- service: name=openstack-ceilometer-agent-central state=stopped enabled=no
+ service: name=openstack-ceilometer-central state=stopped enabled=no
upgrade_tasks:
- name: Stop and disable ceilometer-agent-compute service
tags: step2
- service: name=openstack-ceilometer-agent-compute state=stopped enabled=no
+ service: name=openstack-ceilometer-compute state=stopped enabled=no
--- /dev/null
+heat_template_version: pike
+
+description: >
+ OpenStack containerized HAproxy service
+
+parameters:
+ DockerNamespace:
+ description: namespace
+ default: 'tripleoupstream'
+ type: string
+ DockerHAProxyImage:
+ description: image
+ default: 'centos-binary-haproxy:latest'
+ type: string
+ ServiceNetMap:
+ default: {}
+ description: Mapping of service_name -> network name. Typically set
+ via parameter_defaults in the resource registry. This
+ mapping overrides those in ServiceNetMapDefaults.
+ type: json
+ DefaultPasswords:
+ default: {}
+ type: json
+ EndpointMap:
+ default: {}
+ description: Mapping of service endpoint -> protocol. Typically set
+ via parameter_defaults in the resource registry.
+ type: json
+ HAProxyStatsPassword:
+ description: Password for HAProxy stats endpoint
+ hidden: true
+ type: string
+ HAProxyStatsUser:
+ description: User for HAProxy stats endpoint
+ default: admin
+ type: string
+ HAProxySyslogAddress:
+ default: /dev/log
+ description: Syslog address where HAproxy will send its log
+ type: string
+ RedisPassword:
+ description: The password for Redis
+ type: string
+ hidden: true
+ MonitoringSubscriptionHaproxy:
+ default: 'overcloud-haproxy'
+ type: string
+ RoleName:
+ default: ''
+ description: Role name on which the service is applied
+ type: string
+ RoleParameters:
+ default: {}
+ description: Parameters specific to the role
+ type: json
+
+resources:
+
+ ContainersCommon:
+ type: ./containers-common.yaml
+
+ HAProxyBase:
+ type: ../../puppet/services/haproxy.yaml
+ properties:
+ EndpointMap: {get_param: EndpointMap}
+ ServiceNetMap: {get_param: ServiceNetMap}
+ DefaultPasswords: {get_param: DefaultPasswords}
+ RoleName: {get_param: RoleName}
+ RoleParameters: {get_param: RoleParameters}
+
+outputs:
+ role_data:
+ description: Role data for the HAproxy role.
+ value:
+ service_name: {get_attr: [HAProxyBase, role_data, service_name]}
+ config_settings:
+ map_merge:
+ - get_attr: [HAProxyBase, role_data, config_settings]
+ - tripleo::haproxy::haproxy_daemon: false
+ step_config: &step_config
+ get_attr: [HAProxyBase, role_data, step_config]
+ service_config_settings: {get_attr: [HAProxyBase, role_data, service_config_settings]}
+ # BEGIN DOCKER SETTINGS
+ puppet_config:
+ config_volume: haproxy
+ puppet_tags: haproxy_config
+ step_config: *step_config
+ config_image: &haproxy_image
+ list_join:
+ - '/'
+ - [ {get_param: DockerNamespace}, {get_param: DockerHAProxyImage} ]
+ kolla_config:
+ /var/lib/kolla/config_files/haproxy.json:
+ command: haproxy -f /etc/haproxy/haproxy.cfg
+ docker_config:
+ step_1:
+ haproxy:
+ image: *haproxy_image
+ net: host
+ privileged: false
+ restart: always
+ volumes:
+ list_concat:
+ - {get_attr: [ContainersCommon, volumes]}
+ -
+ - /var/lib/kolla/config_files/haproxy.json:/var/lib/kolla/config_files/config.json:ro
+ - /var/lib/config-data/haproxy/etc/:/etc/:ro
+ environment:
+ - KOLLA_CONFIG_STRATEGY=COPY_ALWAYS
+ metadata_settings:
+ get_attr: [HAProxyBase, role_data, metadata_settings]
--- /dev/null
+heat_template_version: pike
+
+description: >
+ MySQL HA clustercheck service deployment using puppet
+ This service is used by HAProxy in a HA scenario to report whether
+ the local galera node is synced
+
+parameters:
+ DockerNamespace:
+ description: namespace
+ default: 'tripleoupstream'
+ type: string
+ DockerClustercheckImage:
+ description: image
+ default: 'centos-binary-mariadb:latest'
+ type: string
+ EndpointMap:
+ default: {}
+ description: Mapping of service endpoint -> protocol. Typically set
+ via parameter_defaults in the resource registry.
+ type: json
+ ServiceNetMap:
+ default: {}
+ description: Mapping of service_name -> network name. Typically set
+ via parameter_defaults in the resource registry. This
+ mapping overrides those in ServiceNetMapDefaults.
+ type: json
+ DefaultPasswords:
+ default: {}
+ type: json
+ RoleName:
+ default: ''
+ description: Role name on which the service is applied
+ type: string
+ RoleParameters:
+ default: {}
+ description: Parameters specific to the role
+ type: json
+
+resources:
+
+ ContainersCommon:
+ type: ../containers-common.yaml
+
+ MysqlPuppetBase:
+ type: ../../../puppet/services/pacemaker/database/mysql.yaml
+ properties:
+ EndpointMap: {get_param: EndpointMap}
+ ServiceNetMap: {get_param: ServiceNetMap}
+ DefaultPasswords: {get_param: DefaultPasswords}
+ RoleName: {get_param: RoleName}
+ RoleParameters: {get_param: RoleParameters}
+
+outputs:
+ role_data:
+ description: Containerized service clustercheck using composable services.
+ value:
+ service_name: clustercheck
+ config_settings: {get_attr: [MysqlPuppetBase, role_data, config_settings]}
+ step_config: "include ::tripleo::profile::pacemaker::clustercheck"
+ # BEGIN DOCKER SETTINGS #
+ puppet_config:
+ config_volume: clustercheck
+ puppet_tags: file # set this even though file is the default
+ step_config: "include ::tripleo::profile::pacemaker::clustercheck"
+ config_image: &clustercheck_image
+ list_join:
+ - '/'
+ - [ {get_param: DockerNamespace}, {get_param: DockerClustercheckImage} ]
+ kolla_config:
+ /var/lib/kolla/config_files/clustercheck.json:
+ command: /usr/sbin/xinetd -dontfork
+ config_files:
+ - dest: /etc/xinetd.conf
+ source: /var/lib/kolla/config_files/src/etc/xinetd.conf
+ owner: mysql
+ perm: '0644'
+ - dest: /etc/xinetd.d/galera-monitor
+ source: /var/lib/kolla/config_files/src/etc/xinetd.d/galera-monitor
+ owner: mysql
+ perm: '0644'
+ - dest: /etc/sysconfig/clustercheck
+ source: /var/lib/kolla/config_files/src/etc/sysconfig/clustercheck
+ owner: mysql
+ perm: '0600'
+ docker_config:
+ step_2:
+ clustercheck:
+ start_order: 1
+ image: *clustercheck_image
+ restart: always
+ net: host
+ volumes:
+ list_concat:
+ - {get_attr: [ContainersCommon, volumes]}
+ -
+ - /var/lib/kolla/config_files/clustercheck.json:/var/lib/kolla/config_files/config.json
+ - /var/lib/config-data/clustercheck/:/var/lib/kolla/config_files/src:ro
+ - /var/lib/mysql:/var/lib/mysql
+ environment:
+ - KOLLA_CONFIG_STRATEGY=COPY_ALWAYS
+ host_prep_tasks:
+ upgrade_tasks:
--- /dev/null
+heat_template_version: pike
+
+description: >
+ MySQL service deployment with pacemaker bundle
+
+parameters:
+ DockerNamespace:
+ description: namespace
+ default: 'tripleoupstream'
+ type: string
+ DockerMysqlImage:
+ description: image
+ default: 'centos-binary-mariadb:latest'
+ type: string
+ EndpointMap:
+ default: {}
+ description: Mapping of service endpoint -> protocol. Typically set
+ via parameter_defaults in the resource registry.
+ type: json
+ ServiceNetMap:
+ default: {}
+ description: Mapping of service_name -> network name. Typically set
+ via parameter_defaults in the resource registry. This
+ mapping overrides those in ServiceNetMapDefaults.
+ type: json
+ DefaultPasswords:
+ default: {}
+ type: json
+ MysqlRootPassword:
+ type: string
+ hidden: true
+ default: ''
+ RoleName:
+ default: ''
+ description: Role name on which the service is applied
+ type: string
+ RoleParameters:
+ default: {}
+ description: Parameters specific to the role
+ type: json
+
+resources:
+
+ ContainersCommon:
+ type: ../../containers-common.yaml
+
+ MysqlPuppetBase:
+ type: ../../../../puppet/services/pacemaker/database/mysql.yaml
+ properties:
+ EndpointMap: {get_param: EndpointMap}
+ ServiceNetMap: {get_param: ServiceNetMap}
+ DefaultPasswords: {get_param: DefaultPasswords}
+ RoleName: {get_param: RoleName}
+ RoleParameters: {get_param: RoleParameters}
+
+outputs:
+ role_data:
+ description: Containerized service MySQL using composable services.
+ value:
+ service_name: {get_attr: [MysqlPuppetBase, role_data, service_name]}
+ config_settings:
+ map_merge:
+ - {get_attr: [MysqlPuppetBase, role_data, config_settings]}
+ - tripleo::profile::pacemaker::database::mysql_bundle::mysql_docker_image: &mysql_image
+ list_join:
+ - '/'
+ - - {get_param: DockerNamespace}
+ - {get_param: DockerMysqlImage}
+ step_config: ""
+ # BEGIN DOCKER SETTINGS #
+ puppet_config:
+ config_volume: mysql
+ puppet_tags: file # set this even though file is the default
+ step_config:
+ list_join:
+ - "\n"
+ - - "['Mysql_datadir', 'Mysql_user', 'Mysql_database', 'Mysql_grant', 'Mysql_plugin'].each |String $val| { noop_resource($val) }"
+ - "exec {'wait-for-settle': command => '/bin/true' }"
+ - "include ::tripleo::profile::pacemaker::database::mysql_bundle"
+ config_image: *mysql_image
+ kolla_config:
+ /var/lib/kolla/config_files/mysql.json:
+ command: /usr/sbin/pacemaker_remoted
+ config_files:
+ - dest: /etc/libqb/force-filesystem-sockets
+ source: /dev/null
+ owner: root
+ perm: '0644'
+ - dest: /etc/my.cnf
+ source: /var/lib/kolla/config_files/src/etc/my.cnf
+ owner: mysql
+ perm: '0644'
+ - dest: /etc/my.cnf.d/galera.cnf
+ source: /var/lib/kolla/config_files/src/etc/my.cnf.d/galera.cnf
+ owner: mysql
+ perm: '0644'
+ - dest: /etc/sysconfig/clustercheck
+ source: /var/lib/kolla/config_files/src/etc/sysconfig/clustercheck
+ owner: root
+ perm: '0600'
+ docker_config:
+ step_1:
+ mysql_data_ownership:
+ start_order: 0
+ detach: false
+ image: *mysql_image
+ net: host
+ user: root
+ # Kolla does only non-recursive chown
+ command: ['chown', '-R', 'mysql:', '/var/lib/mysql']
+ volumes:
+ - /var/lib/mysql:/var/lib/mysql
+ mysql_bootstrap:
+ start_order: 1
+ detach: false
+ image: *mysql_image
+ net: host
+ # Kolla bootstraps aren't idempotent, explicitly checking if bootstrap was done
+ command: ['bash', '-c', 'test -e /var/lib/mysql/mysql || kolla_start']
+ volumes: &mysql_volumes
+ list_concat:
+ - {get_attr: [ContainersCommon, volumes]}
+ -
+ - /var/lib/kolla/config_files/mysql.json:/var/lib/kolla/config_files/config.json
+ - /var/lib/config-data/mysql/:/var/lib/kolla/config_files/src:ro
+ - /var/lib/mysql:/var/lib/mysql
+ environment:
+ - KOLLA_CONFIG_STRATEGY=COPY_ALWAYS
+ - KOLLA_BOOTSTRAP=True
+ # NOTE(mandre) skip wsrep cluster status check
+ - KOLLA_KUBERNETES=True
+ -
+ list_join:
+ - '='
+ - - 'DB_ROOT_PASSWORD'
+ -
+ yaql:
+ expression: $.data.passwords.where($ != '').first()
+ data:
+ passwords:
+ - {get_param: MysqlRootPassword}
+ - {get_param: [DefaultPasswords, mysql_root_password]}
+ step_2:
+ mysql_init_bundle:
+ start_order: 1
+ detach: false
+ net: host
+ user: root
+ command:
+ - '/bin/bash'
+ - '-c'
+ - str_replace:
+ template:
+ list_join:
+ - '; '
+ - - "cp -a /tmp/puppet-etc/* /etc/puppet; echo '{\"step\": 2}' > /etc/puppet/hieradata/docker.json"
+ - "FACTER_uuid=docker puppet apply --tags file,file_line,concat,augeas,TAGS -v -e 'CONFIG'"
+ params:
+ TAGS: 'pacemaker::resource::bundle,pacemaker::property,pacemaker::resource::ocf,pacemaker::constraint::order,pacemaker::constraint::colocation,galera_ready,mysql_database,mysql_grant,mysql_user'
+ CONFIG: 'include ::tripleo::profile::base::pacemaker;include ::tripleo::profile::pacemaker::database::mysql_bundle'
+ image: *mysql_image
+ volumes:
+ - /etc/hosts:/etc/hosts:ro
+ - /etc/localtime:/etc/localtime:ro
+ - /etc/puppet:/tmp/puppet-etc:ro
+ - /usr/share/openstack-puppet/modules:/usr/share/openstack-puppet/modules:ro
+ - /etc/corosync/corosync.conf:/etc/corosync/corosync.conf:ro
+ - /dev/shm:/dev/shm:rw
+ - /var/lib/config-data/mysql/etc/my.cnf:/etc/my.cnf:ro
+ - /var/lib/config-data/mysql/etc/my.cnf.d:/etc/my.cnf.d:ro
+ - /var/lib/mysql:/var/lib/mysql:rw
+ host_prep_tasks:
+ - name: create /var/lib/mysql
+ file:
+ path: /var/lib/mysql
+ state: directory
+ upgrade_tasks:
+ - name: Stop and disable mysql service
+ tags: step2
+ service: name=mariadb state=stopped enabled=no
--- /dev/null
+heat_template_version: pike
+
+description: >
+ OpenStack containerized Redis services
+
+parameters:
+ DockerNamespace:
+ description: namespace
+ default: 'tripleoupstream'
+ type: string
+ DockerRedisImage:
+ description: image
+ default: 'centos-binary-redis:latest'
+ type: string
+ EndpointMap:
+ default: {}
+ description: Mapping of service endpoint -> protocol. Typically set
+ via parameter_defaults in the resource registry.
+ type: json
+ ServiceNetMap:
+ default: {}
+ description: Mapping of service_name -> network name. Typically set
+ via parameter_defaults in the resource registry. This
+ mapping overrides those in ServiceNetMapDefaults.
+ type: json
+ DefaultPasswords:
+ default: {}
+ type: json
+ RoleName:
+ default: ''
+ description: Role name on which the service is applied
+ type: string
+ RoleParameters:
+ default: {}
+ description: Parameters specific to the role
+ type: json
+
+resources:
+
+ RedisBase:
+ type: ../../../../puppet/services/database/redis.yaml
+ properties:
+ EndpointMap: {get_param: EndpointMap}
+ ServiceNetMap: {get_param: ServiceNetMap}
+ DefaultPasswords: {get_param: DefaultPasswords}
+ RoleName: {get_param: RoleName}
+ RoleParameters: {get_param: RoleParameters}
+
+outputs:
+ role_data:
+ description: Role data for the Redis API role.
+ value:
+ service_name: {get_attr: [RedisBase, role_data, service_name]}
+ config_settings:
+ map_merge:
+ - {get_attr: [RedisBase, role_data, config_settings]}
+ - redis::service_manage: false
+ redis::notify_service: false
+ redis::managed_by_cluster_manager: true
+ tripleo::profile::pacemaker::database::redis_bundle::redis_docker_image: &redis_image
+ list_join:
+ - '/'
+ - - {get_param: DockerNamespace}
+ - {get_param: DockerRedisImage}
+
+ step_config: ""
+ service_config_settings: {get_attr: [RedisBase, role_data, service_config_settings]}
+ # BEGIN DOCKER SETTINGS
+ puppet_config:
+ config_volume: 'redis'
+ # NOTE: we need the exec tag to copy /etc/redis.conf.puppet to
+ # /etc/redis.conf
+ # https://github.com/arioch/puppet-redis/commit/1c004143223e660cbd433422ff8194508aab9763
+ puppet_tags: 'exec'
+ step_config:
+ get_attr: [RedisBase, role_data, step_config]
+ config_image: *redis_image
+ kolla_config:
+ /var/lib/kolla/config_files/redis.json:
+ command: /usr/sbin/pacemaker_remoted
+ config_files:
+ - dest: /etc/libqb/force-filesystem-sockets
+ source: /dev/null
+ owner: root
+ perm: '0644'
+ permissions:
+ - path: /var/run/redis
+ owner: redis:redis
+ recurse: true
+ - path: /var/lib/redis
+ owner: redis:redis
+ recurse: true
+ - path: /var/log/redis
+ owner: redis:redis
+ recurse: true
+ docker_config:
+ step_2:
+ redis_init_bundle:
+ start_order: 2
+ detach: false
+ net: host
+ user: root
+ config_volume: 'redis_init_bundle'
+ command:
+ - '/bin/bash'
+ - '-c'
+ - str_replace:
+ template:
+ list_join:
+ - '; '
+ - - "cp -a /tmp/puppet-etc/* /etc/puppet; echo '{\"step\": 2}' > /etc/puppet/hieradata/docker.json"
+ - "FACTER_uuid=docker puppet apply --tags file,file_line,concat,augeas,TAGS -v -e 'CONFIG'"
+ params:
+ TAGS: 'pacemaker::resource::bundle,pacemaker::property,pacemaker::resource::ocf,pacemaker::constraint::order,pacemaker::constraint::colocation'
+ CONFIG: 'include ::tripleo::profile::base::pacemaker;include ::tripleo::profile::pacemaker::database::redis_bundle'
+ image: *redis_image
+ volumes:
+ - /etc/hosts:/etc/hosts:ro
+ - /etc/localtime:/etc/localtime:ro
+ - /etc/puppet:/tmp/puppet-etc:ro
+ - /usr/share/openstack-puppet/modules:/usr/share/openstack-puppet/modules:ro
+ - /etc/corosync/corosync.conf:/etc/corosync/corosync.conf:ro
+ - /dev/shm:/dev/shm:rw
+ host_prep_tasks:
+ - name: create /var/run/redis
+ file:
+ path: /var/run/redis
+ state: directory
+ - name: create /var/log/redis
+ file:
+ path: /var/log/redis
+ state: directory
+ - name: create /var/lib/redis
+ file:
+ path: /var/lib/redis
+ state: directory
+ upgrade_tasks:
+ - name: Stop and disable redis service
+ tags: step2
+ service: name=redis state=stopped enabled=no
--- /dev/null
+heat_template_version: pike
+
+description: >
+ OpenStack containerized HAproxy service for pacemaker
+
+parameters:
+ DockerNamespace:
+ description: namespace
+ default: 'tripleoupstream'
+ type: string
+ DockerHAProxyImage:
+ description: image
+ default: 'centos-binary-haproxy:latest'
+ type: string
+ ServiceNetMap:
+ default: {}
+ description: Mapping of service_name -> network name. Typically set
+ via parameter_defaults in the resource registry. This
+ mapping overrides those in ServiceNetMapDefaults.
+ type: json
+ DefaultPasswords:
+ default: {}
+ type: json
+ EndpointMap:
+ default: {}
+ description: Mapping of service endpoint -> protocol. Typically set
+ via parameter_defaults in the resource registry.
+ type: json
+ RoleName:
+ default: ''
+ description: Role name on which the service is applied
+ type: string
+ RoleParameters:
+ default: {}
+ description: Parameters specific to the role
+ type: json
+
+resources:
+
+ HAProxyBase:
+ type: ../../../puppet/services/pacemaker/haproxy.yaml
+ properties:
+ EndpointMap: {get_param: EndpointMap}
+ ServiceNetMap: {get_param: ServiceNetMap}
+ DefaultPasswords: {get_param: DefaultPasswords}
+ RoleName: {get_param: RoleName}
+ RoleParameters: {get_param: RoleParameters}
+
+outputs:
+ role_data:
+ description: Role data for the HAproxy role.
+ value:
+ service_name: {get_attr: [HAProxyBase, role_data, service_name]}
+ config_settings:
+ map_merge:
+ - get_attr: [HAProxyBase, role_data, config_settings]
+ - tripleo::haproxy::haproxy_daemon: false
+ haproxy_docker: true
+ tripleo::profile::pacemaker::haproxy_bundle::haproxy_docker_image: &haproxy_image
+ list_join:
+ - '/'
+ - [ {get_param: DockerNamespace}, {get_param: DockerHAProxyImage} ]
+ step_config:
+ list_join:
+ - "\n"
+ - - &noop_pcmk "['pcmk_bundle', 'pcmk_resource', 'pcmk_property', 'pcmk_constraint', 'pcmk_resource_default'].each |String $val| { noop_resource($val) }"
+ - 'include ::tripleo::profile::pacemaker::haproxy_bundle'
+ service_config_settings: {get_attr: [HAProxyBase, role_data, service_config_settings]}
+ # BEGIN DOCKER SETTINGS
+ puppet_config:
+ config_volume: haproxy
+ puppet_tags: haproxy_config
+ step_config:
+ list_join:
+ - "\n"
+ - - "exec {'wait-for-settle': command => '/bin/true' }"
+ - &noop_firewall "class tripleo::firewall(){}; define tripleo::firewall::rule( $port = undef, $dport = undef, $sport = undef, $proto = undef, $action = undef, $state = undef, $source = undef, $iniface = undef, $chain = undef, $destination = undef, $extras = undef){}"
+ - *noop_pcmk
+ - 'include ::tripleo::profile::pacemaker::haproxy_bundle'
+ config_image: *haproxy_image
+ kolla_config:
+ /var/lib/kolla/config_files/haproxy.json:
+ command: haproxy -f /etc/haproxy/haproxy.cfg
+ docker_config:
+ step_2:
+ haproxy_init_bundle:
+ start_order: 3
+ detach: false
+ net: host
+ user: root
+ command:
+ - '/bin/bash'
+ - '-c'
+ - str_replace:
+ template:
+ list_join:
+ - '; '
+ - - "cp -a /tmp/puppet-etc/* /etc/puppet; echo '{\"step\": 2}' > /etc/puppet/hieradata/docker.json"
+ - "FACTER_uuid=docker puppet apply --tags file,file_line,concat,augeas,TAGS -v -e 'CONFIG'"
+ params:
+ TAGS: 'pacemaker::resource::bundle,pacemaker::property,pacemaker::resource::ip,pacemaker::resource::ocf,pacemaker::constraint::order,pacemaker::constraint::colocation'
+ CONFIG:
+ list_join:
+ - ';'
+ - - *noop_firewall
+ - 'include ::tripleo::profile::base::pacemaker;include ::tripleo::profile::pacemaker::haproxy_bundle'
+ image: *haproxy_image
+ volumes:
+ - /etc/hosts:/etc/hosts:ro
+ - /etc/localtime:/etc/localtime:ro
+ - /etc/puppet:/tmp/puppet-etc:ro
+ - /usr/share/openstack-puppet/modules:/usr/share/openstack-puppet/modules:ro
+ - /etc/corosync/corosync.conf:/etc/corosync/corosync.conf:ro
+ - /dev/shm:/dev/shm:rw
+ metadata_settings:
+ get_attr: [HAProxyBase, role_data, metadata_settings]
--- /dev/null
+heat_template_version: pike
+
+description: >
+ OpenStack containerized Rabbitmq service
+
+parameters:
+ DockerNamespace:
+ description: namespace
+ default: 'tripleoupstream'
+ type: string
+ DockerRabbitmqImage:
+ description: image
+ default: 'centos-binary-rabbitmq:latest'
+ type: string
+ EndpointMap:
+ default: {}
+ description: Mapping of service endpoint -> protocol. Typically set
+ via parameter_defaults in the resource registry.
+ type: json
+ ServiceNetMap:
+ default: {}
+ description: Mapping of service_name -> network name. Typically set
+ via parameter_defaults in the resource registry. This
+ mapping overrides those in ServiceNetMapDefaults.
+ type: json
+ DefaultPasswords:
+ default: {}
+ type: json
+ RabbitCookie:
+ type: string
+ default: ''
+ hidden: true
+ RoleName:
+ default: ''
+ description: Role name on which the service is applied
+ type: string
+ RoleParameters:
+ default: {}
+ description: Parameters specific to the role
+ type: json
+
+resources:
+
+ RabbitmqBase:
+ type: ../../../puppet/services/rabbitmq.yaml
+ properties:
+ EndpointMap: {get_param: EndpointMap}
+ ServiceNetMap: {get_param: ServiceNetMap}
+ DefaultPasswords: {get_param: DefaultPasswords}
+ RoleName: {get_param: RoleName}
+ RoleParameters: {get_param: RoleParameters}
+
+outputs:
+ role_data:
+ description: Role data for the Rabbitmq API role.
+ value:
+ service_name: {get_attr: [RabbitmqBase, role_data, service_name]}
+ config_settings:
+ map_merge:
+ - {get_attr: [RabbitmqBase, role_data, config_settings]}
+ - rabbitmq::service_manage: false
+ tripleo::profile::pacemaker::rabbitmq_bundle::rabbitmq_docker_image: &rabbitmq_image
+ list_join:
+ - '/'
+ - - {get_param: DockerNamespace}
+ - {get_param: DockerRabbitmqImage}
+ step_config: &step_config
+ get_attr: [RabbitmqBase, role_data, step_config]
+ service_config_settings: {get_attr: [RabbitmqBase, role_data, service_config_settings]}
+ # BEGIN DOCKER SETTINGS
+ puppet_config:
+ config_volume: rabbitmq
+ puppet_tags: file
+ step_config: *step_config
+ config_image: *rabbitmq_image
+ kolla_config:
+ /var/lib/kolla/config_files/rabbitmq.json:
+ command: /usr/sbin/pacemaker_remoted
+ config_files:
+ - dest: /etc/libqb/force-filesystem-sockets
+ source: /dev/null
+ owner: root
+ perm: '0644'
+ permissions:
+ - path: /var/lib/rabbitmq
+ owner: rabbitmq:rabbitmq
+ recurse: true
+ - path: /var/log/rabbitmq
+ owner: rabbitmq:rabbitmq
+ recurse: true
+ # When using pacemaker we don't launch the container, instead that is done by pacemaker
+ # itself.
+ docker_config:
+ step_1:
+ rabbitmq_bootstrap:
+ start_order: 0
+ image: *rabbitmq_image
+ net: host
+ privileged: false
+ volumes:
+ - /var/lib/kolla/config_files/rabbitmq.json:/var/lib/kolla/config_files/config.json:ro
+ - /var/lib/config-data/rabbitmq/etc/rabbitmq:/etc/rabbitmq:ro
+ - /etc/hosts:/etc/hosts:ro
+ - /etc/localtime:/etc/localtime:ro
+ - /var/lib/rabbitmq:/var/lib/rabbitmq
+ environment:
+ - KOLLA_CONFIG_STRATEGY=COPY_ALWAYS
+ - KOLLA_BOOTSTRAP=True
+ -
+ list_join:
+ - '='
+ - - 'RABBITMQ_CLUSTER_COOKIE'
+ -
+ yaql:
+ expression: $.data.passwords.where($ != '').first()
+ data:
+ passwords:
+ - {get_param: RabbitCookie}
+ - {get_param: [DefaultPasswords, rabbit_cookie]}
+ step_2:
+ rabbitmq_init_bundle:
+ start_order: 0
+ detach: false
+ net: host
+ user: root
+ command:
+ - '/bin/bash'
+ - '-c'
+ - str_replace:
+ template:
+ list_join:
+ - '; '
+ - - "cp -a /tmp/puppet-etc/* /etc/puppet; echo '{\"step\": 2}' > /etc/puppet/hieradata/docker.json"
+ - "FACTER_uuid=docker puppet apply --tags file,file_line,concat,augeas,TAGS -v -e 'CONFIG'"
+ params:
+ TAGS: 'pacemaker::resource::bundle,pacemaker::property,pacemaker::resource::ocf,pacemaker::constraint::order,pacemaker::constraint::colocation'
+ CONFIG: 'include ::tripleo::profile::base::pacemaker;include ::tripleo::profile::pacemaker::rabbitmq_bundle'
+ image: *rabbitmq_image
+ volumes:
+ - /etc/hosts:/etc/hosts:ro
+ - /etc/localtime:/etc/localtime:ro
+ - /etc/puppet:/tmp/puppet-etc:ro
+ - /usr/share/openstack-puppet/modules:/usr/share/openstack-puppet/modules:ro
+ - /etc/corosync/corosync.conf:/etc/corosync/corosync.conf:ro
+ - /dev/shm:/dev/shm:rw
+ host_prep_tasks:
+ - name: create /var/lib/rabbitmq
+ file:
+ path: /var/lib/rabbitmq
+ state: directory
+ - name: stop the Erlang port mapper on the host and make sure it cannot bind to the port used by container
+ shell: |
+ echo 'export ERL_EPMD_ADDRESS=127.0.0.1' > /etc/rabbitmq/rabbitmq-env.conf
+ echo 'export ERL_EPMD_PORT=4370' >> /etc/rabbitmq/rabbitmq-env.conf
+ for pid in $(pgrep epmd); do if [ "$(lsns -o NS -p $pid)" == "$(lsns -o NS -p 1)" ]; then kill $pid; break; fi; done
+ upgrade_tasks:
+ - name: Stop and disable rabbitmq service
+ tags: step2
+ service: name=rabbitmq-server state=stopped enabled=no
- OS::TripleO::Services::NovaLibvirt
- OS::TripleO::Services::ComputeNeutronOvsAgent
- OS::TripleO::Services::Docker
+ - OS::TripleO::Services::Sshd
OS::TripleO::Services::NeutronDhcpAgent: ../docker/services/neutron-dhcp.yaml
OS::TripleO::Services::NeutronL3Agent: ../docker/services/neutron-l3.yaml
OS::TripleO::Services::MySQL: ../docker/services/database/mysql.yaml
+ OS::TripleO::Services::HAProxy: ../docker/services/haproxy.yaml
OS::TripleO::Services::RabbitMQ: ../docker/services/rabbitmq.yaml
OS::TripleO::Services::MongoDb: ../docker/services/database/mongodb.yaml
OS::TripleO::Services::Redis: ../docker/services/database/redis.yaml
- OS::TripleO::Services::ComputeNeutronOvsAgent
- OS::TripleO::Services::Docker
- OS::TripleO::Services::CeilometerAgentCompute
+ - OS::TripleO::Services::Sshd
- OS::TripleO::Services::Kernel
- OS::TripleO::Services::ComputeNeutronCorePlugin
- OS::TripleO::Services::ComputeNeutronOvsAgent
+ - OS::TripleO::Services::NeutronLinuxbridgeAgent
- OS::TripleO::Services::ComputeCeilometerAgent
- OS::TripleO::Services::ComputeNeutronL3Agent
- OS::TripleO::Services::ComputeNeutronMetadataAgent
--- /dev/null
+# A Heat environment file that can be used to deploy Neutron BGPVPN service
+#
+# This environment file deploys Neutron BGPVPN service and configures
+# Opendaylight as its service provider.
+#
+# - OpenDaylight: BGPVPN:OpenDaylight:networking_bgpvpn.neutron.services.service_drivers.opendaylight.odl.OpenDaylightBgpvpnDriver:default
+resource_registry:
+ OS::TripleO::Services::NeutronBgpVpnApi: ../puppet/services/neutron-bgpvpn-api.yaml
+
+parameter_defaults:
+ NeutronServicePlugins: 'router, networking_bgpvpn.neutron.services.plugin.BGPVPNPlugin'
+ BgpvpnServiceProvider: 'BGPVPN:OpenDaylight:networking_bgpvpn.neutron.services.service_drivers.opendaylight.odl.OpenDaylightBgpvpnDriver:default'
--- /dev/null
+## A Heat environment that can be used to deploy linuxbridge
+resource_registry:
+ OS::TripleO::Services::ComputeNeutronOvsAgent: OS::Heat::None
+ OS::TripleO::Services::NeutronOvsAgent: OS::Heat::None
+ OS::TripleO::Services::NeutronLinuxbridgeAgent: ../puppet/services/neutron-linuxbridge-agent.yaml
+
+parameter_defaults:
+ NeutronMechanismDrivers: ['linuxbridge']
#NeutronDpdkMemoryChannels: ""
NeutronDatapathType: "netdev"
- NeutronVhostuserSocketDir: "/var/run/openvswitch"
+ NeutronVhostuserSocketDir: "/var/lib/vhost_sockets"
#NeutronDpdkSocketMemory: ""
#NeutronDpdkDriverType: "vfio-pci"
GlanceBackend: rbd
GnocchiBackend: rbd
CinderEnableIscsiBackend: false
- CephPoolDefaultSite: 1
+ CephPoolDefaultSize: 1
OS::TripleO::Services::NeutronCorePluginMidonet: puppet/services/neutron-midonet.yaml
OS::TripleO::Services::NeutronOvsAgent: puppet/services/neutron-ovs-agent.yaml
+ OS::TripleO::Services::NeutronLinuxbridgeAgent: OS::Heat::None
OS::TripleO::Services::ComputeNeutronOvsAgent: puppet/services/neutron-ovs-agent.yaml
OS::TripleO::Services::Pacemaker: OS::Heat::None
OS::TripleO::Services::PacemakerRemote: OS::Heat::None
description: >
Set to true to append per network Vips to /etc/hosts on each node.
+ DeploymentServerBlacklist:
+ default: []
+ type: comma_delimited_list
+ description: >
+ List of server hostnames to blacklist from any triggered deployments.
+
conditions:
add_vips_to_etc_hosts: {equals : [{get_param: AddVipsToEtcHosts}, True]}
properties:
name: {{role.name}}HostsDeployment
config: {get_attr: [hostsConfig, config_id]}
- servers: {get_attr: [{{role.name}}, attributes, nova_server_resource]}
+ servers: {get_attr: [{{role.name}}Servers, value]}
{{role.name}}SshKnownHostsDeployment:
type: OS::Heat::StructuredDeployments
properties:
name: {{role.name}}SshKnownHostsDeployment
config: {get_resource: SshKnownHostsConfig}
- servers: {get_attr: [{{role.name}}, attributes, nova_server_resource]}
+ servers: {get_attr: [{{role.name}}Servers, value]}
{{role.name}}AllNodesDeployment:
type: OS::Heat::StructuredDeployments
properties:
name: {{role.name}}AllNodesDeployment
config: {get_attr: [allNodesConfig, config_id]}
- servers: {get_attr: [{{role.name}}, attributes, nova_server_resource]}
+ servers: {get_attr: [{{role.name}}Servers, value]}
input_values:
# Note we have to use yaql to look up the first hostname/ip in the
# list because heat path based attributes operate on the attribute
properties:
name: {{role.name}}AllNodesValidationDeployment
config: {get_resource: AllNodesValidationConfig}
- servers: {get_attr: [{{role.name}}, attributes, nova_server_resource]}
+ servers: {get_attr: [{{role.name}}Servers, value]}
{{role.name}}IpListMap:
type: OS::TripleO::Network::Ports::NetIpListMap
ServiceNames: {get_attr: [{{role.name}}ServiceNames, value]}
MonitoringSubscriptions: {get_attr: [{{role.name}}ServiceChainRoleData, value, monitoring_subscriptions]}
ServiceMetadataSettings: {get_attr: [{{role.name}}ServiceChainRoleData, value, service_metadata_settings]}
+ DeploymentServerBlacklistDict: {get_attr: [DeploymentServerBlacklistDict, value]}
+{% endfor %}
+
+{% for role in roles %}
+ {{role.name}}Servers:
+ type: OS::Heat::Value
+ depends_on: {{role.name}}
+ properties:
+ type: json
+ value:
+ yaql:
+ expression: let(servers=>switch(isDict($.data.servers) => $.data.servers, true => {})) -> $servers.deleteAll($servers.keys().where($servers[$] = null))
+ data:
+ servers: {get_attr: [{{role.name}}, attributes, nova_server_resource]}
{% endfor %}
+ # This resource just creates a dict out of the DeploymentServerBlacklist,
+ # which is a list. The dict is used in the role templates to set a condition
+ # on whether to create the deployment resources. We can't use the list
+ # directly because there is no way to ask Heat if a list contains a specific
+ # value.
+ DeploymentServerBlacklistDict:
+ type: OS::Heat::Value
+ properties:
+ type: json
+ value:
+ map_merge:
+ repeat:
+ template:
+ hostname: 1
+ for_each:
+ hostname: {get_param: DeploymentServerBlacklist}
+
hostsConfig:
type: OS::TripleO::Hosts::SoftwareConfig
properties:
properties:
servers:
{% for role in roles %}
- {{role.name}}: {get_attr: [{{role.name}}, attributes, nova_server_resource]}
+ {{role.name}}: {get_attr: [{{role.name}}Servers, value]}
{% endfor %}
input_values:
deploy_identifier: {get_param: DeployIdentifier}
properties:
servers:
{% for role in roles %}
- {{role.name}}: {get_attr: [{{role.name}}, attributes, nova_server_resource]}
+ {{role.name}}: {get_attr: [{{role.name}}Servers, value]}
{% endfor %}
# Post deployment steps for all roles
properties:
servers:
{% for role in roles %}
- {{role.name}}: {get_attr: [{{role.name}}, attributes, nova_server_resource]}
+ {{role.name}}: {get_attr: [{{role.name}}Servers, value]}
{% endfor %}
EndpointMap: {get_attr: [EndpointMap, endpoint_map]}
role_data:
major-upgrade-composable-steps.yaml and major-upgrade-converge.yaml
environment files.
default: ''
+ DeploymentServerBlacklistDict:
+ default: {}
+ type: json
+ description: >
+ Map of server hostnames to blacklist from any triggered
+ deployments. If the value is 1, the server will be blacklisted. This
+ parameter is generated from the parent template.
+
+conditions:
+ server_not_blacklisted:
+ not:
+ equals:
+ - {get_param: [DeploymentServerBlacklistDict, {get_param: Hostname}]}
+ - 1
resources:
BlockStorage:
NetworkDeployment:
type: OS::TripleO::SoftwareDeployment
depends_on: PreNetworkConfig
+ condition: server_not_blacklisted
properties:
name: NetworkDeployment
config: {get_resource: NetworkConfig}
BlockStorageUpgradeInitDeployment:
type: OS::Heat::SoftwareDeployment
depends_on: NetworkDeployment
+ condition: server_not_blacklisted
properties:
name: BlockStorageUpgradeInitDeployment
server: {get_resource: BlockStorage}
BlockStorageDeployment:
type: OS::Heat::StructuredDeployment
depends_on: BlockStorageUpgradeInitDeployment
+ condition: server_not_blacklisted
properties:
name: BlockStorageDeployment
server: {get_resource: BlockStorage}
UpdateDeployment:
type: OS::Heat::SoftwareDeployment
depends_on: NetworkDeployment
+ condition: server_not_blacklisted
properties:
name: UpdateDeployment
config: {get_resource: UpdateConfig}
description: Heat resource handle for the block storage server
value:
{get_resource: BlockStorage}
+ condition: server_not_blacklisted
external_ip_address:
description: IP address of the server in the external network
value: {get_attr: [ExternalPort, ip_address]}
major-upgrade-composable-steps.yaml and major-upgrade-converge.yaml
environment files.
default: ''
+ DeploymentServerBlacklistDict:
+ default: {}
+ type: json
+ description: >
+ Map of server hostnames to blacklist from any triggered
+ deployments. If the value is 1, the server will be blacklisted. This
+ parameter is generated from the parent template.
+
+conditions:
+ server_not_blacklisted:
+ not:
+ equals:
+ - {get_param: [DeploymentServerBlacklistDict, {get_param: Hostname}]}
+ - 1
resources:
CephStorage:
NetworkDeployment:
type: OS::TripleO::SoftwareDeployment
depends_on: PreNetworkConfig
+ condition: server_not_blacklisted
properties:
name: NetworkDeployment
config: {get_resource: NetworkConfig}
CephStorageUpgradeInitDeployment:
type: OS::Heat::SoftwareDeployment
depends_on: NetworkDeployment
+ condition: server_not_blacklisted
properties:
name: CephStorageUpgradeInitDeployment
server: {get_resource: CephStorage}
CephStorageDeployment:
type: OS::Heat::StructuredDeployment
depends_on: CephStorageUpgradeInitDeployment
+ condition: server_not_blacklisted
properties:
name: CephStorageDeployment
config: {get_resource: CephStorageConfig}
UpdateDeployment:
type: OS::Heat::SoftwareDeployment
depends_on: NetworkDeployment
+ condition: server_not_blacklisted
properties:
config: {get_resource: UpdateConfig}
server: {get_resource: CephStorage}
description: Heat resource handle for the ceph storage server
value:
{get_resource: CephStorage}
+ condition: server_not_blacklisted
external_ip_address:
description: IP address of the server in the external network
value: {get_attr: [ExternalPort, ip_address]}
major-upgrade-composable-steps.yaml and major-upgrade-converge.yaml
environment files.
default: ''
+ DeploymentServerBlacklistDict:
+ default: {}
+ type: json
+ description: >
+ Map of server hostnames to blacklist from any triggered
+ deployments. If the value is 1, the server will be blacklisted. This
+ parameter is generated from the parent template.
+
+conditions:
+ server_not_blacklisted:
+ not:
+ equals:
+ - {get_param: [DeploymentServerBlacklistDict, {get_param: Hostname}]}
+ - 1
resources:
NetworkDeployment:
type: OS::TripleO::SoftwareDeployment
depends_on: PreNetworkConfig
+ condition: server_not_blacklisted
properties:
name: NetworkDeployment
config: {get_resource: NetworkConfig}
NovaComputeUpgradeInitDeployment:
type: OS::Heat::SoftwareDeployment
depends_on: NetworkDeployment
+ condition: server_not_blacklisted
properties:
name: NovaComputeUpgradeInitDeployment
server: {get_resource: NovaCompute}
NovaComputeDeployment:
type: OS::TripleO::SoftwareDeployment
depends_on: NovaComputeUpgradeInitDeployment
+ condition: server_not_blacklisted
properties:
name: NovaComputeDeployment
config: {get_resource: NovaComputeConfig}
UpdateDeployment:
type: OS::Heat::SoftwareDeployment
depends_on: NetworkDeployment
+ condition: server_not_blacklisted
properties:
name: UpdateDeployment
config: {get_resource: UpdateConfig}
nova_server_resource:
description: Heat resource handle for the Nova compute server
value:
- {get_resource: NovaCompute}
\ No newline at end of file
+ {get_resource: NovaCompute}
+ condition: server_not_blacklisted
major-upgrade-composable-steps.yaml and major-upgrade-converge.yaml
environment files.
default: ''
+ DeploymentServerBlacklistDict:
+ default: {}
+ type: json
+ description: >
+ Map of server hostnames to blacklist from any triggered
+ deployments. If the value is 1, the server will be blacklisted. This
+ parameter is generated from the parent template.
parameter_groups:
- label: deprecated
parameters:
- controllerExtraConfig
+conditions:
+ server_not_blacklisted:
+ not:
+ equals:
+ - {get_param: [DeploymentServerBlacklistDict, {get_param: Hostname}]}
+ - 1
+
+
resources:
Controller:
NetworkDeployment:
type: OS::TripleO::SoftwareDeployment
+ condition: server_not_blacklisted
depends_on: PreNetworkConfig
properties:
name: NetworkDeployment
# but https://bugs.launchpad.net/heat/+bug/1649900 needs fixing first
ControllerUpgradeInitDeployment:
type: OS::Heat::SoftwareDeployment
+ condition: server_not_blacklisted
depends_on: NetworkDeployment
properties:
name: ControllerUpgradeInitDeployment
ControllerDeployment:
type: OS::TripleO::SoftwareDeployment
+ condition: server_not_blacklisted
depends_on: ControllerUpgradeInitDeployment
properties:
name: ControllerDeployment
UpdateDeployment:
type: OS::Heat::SoftwareDeployment
+ condition: server_not_blacklisted
depends_on: NetworkDeployment
properties:
name: UpdateDeployment
description: Heat resource handle for the Nova compute server
value:
{get_resource: Controller}
+ condition: server_not_blacklisted
tls_key_modulus_md5:
description: MD5 checksum of the TLS Key Modulus
value: {get_attr: [NodeTLSData, key_modulus_md5]}
- ''
- - "#!/bin/bash\n\n"
- "set -eu\n\n"
- - "if hiera -c /etc/puppet/hiera.yaml service_names | grep nova_compute ; then\n\n"
- - " crudini --set /etc/nova/nova.conf placement auth_type password\n\n"
- - " crudini --set /etc/nova/nova.conf placement username placement\n\n"
- - " crudini --set /etc/nova/nova.conf placement project_domain_name Default\n\n"
- - " crudini --set /etc/nova/nova.conf placement user_domain_name Default\n\n"
- - " crudini --set /etc/nova/nova.conf placement project_name service\n\n"
- - " crudini --set /etc/nova/nova.conf placement os_interface internal\n\n"
- - str_replace:
- template: |
- crudini --set /etc/nova/nova.conf placement password 'SERVICE_PASSWORD'
- crudini --set /etc/nova/nova.conf placement os_region_name 'REGION_NAME'
- crudini --set /etc/nova/nova.conf placement auth_url 'AUTH_URL'
- params:
- SERVICE_PASSWORD: { get_param: NovaPassword }
- REGION_NAME: { get_param: KeystoneRegion }
- AUTH_URL: { get_param: [EndpointMap, KeystoneAdmin, uri_no_suffix]}
- - " systemctl restart openstack-nova-compute\n\n"
- - "fi\n\n"
- str_replace:
template: |
ROLE='ROLE_NAME'
major-upgrade-composable-steps.yaml and major-upgrade-converge.yaml
environment files.
default: ''
+ DeploymentServerBlacklistDict:
+ default: {}
+ type: json
+ description: >
+ Map of server hostnames to blacklist from any triggered
+ deployments. If the value is 1, the server will be blacklisted. This
+ parameter is generated from the parent template.
+
+conditions:
+ server_not_blacklisted:
+ not:
+ equals:
+ - {get_param: [DeploymentServerBlacklistDict, {get_param: Hostname}]}
+ - 1
resources:
NetworkDeployment:
type: OS::TripleO::SoftwareDeployment
depends_on: PreNetworkConfig
+ condition: server_not_blacklisted
properties:
name: NetworkDeployment
config: {get_resource: NetworkConfig}
SwiftStorageUpgradeInitDeployment:
type: OS::Heat::SoftwareDeployment
depends_on: NetworkDeployment
+ condition: server_not_blacklisted
properties:
name: SwiftStorageUpgradeInitDeployment
server: {get_resource: SwiftStorage}
SwiftStorageHieraDeploy:
type: OS::Heat::StructuredDeployment
depends_on: SwiftStorageUpgradeInitDeployment
+ condition: server_not_blacklisted
properties:
name: SwiftStorageHieraDeploy
server: {get_resource: SwiftStorage}
UpdateDeployment:
type: OS::Heat::SoftwareDeployment
depends_on: NetworkDeployment
+ condition: server_not_blacklisted
properties:
config: {get_resource: UpdateConfig}
server: {get_resource: SwiftStorage}
description: Heat resource handle for the swift storage server
value:
{get_resource: SwiftStorage}
+ condition: server_not_blacklisted
external_ip_address:
description: IP address of the server in the external network
value: {get_attr: [ExternalPort, ip_address]}
major-upgrade-composable-steps.yaml and major-upgrade-converge.yaml
environment files.
default: ''
+ DeploymentServerBlacklistDict:
+ default: {}
+ type: json
+ description: >
+ Map of server hostnames to blacklist from any triggered
+ deployments. If the value is 1, the server will be blacklisted. This
+ parameter is generated from the parent template.
+
+conditions:
+ server_not_blacklisted:
+ not:
+ equals:
+ - {get_param: [DeploymentServerBlacklistDict, {get_param: Hostname}]}
+ - 1
resources:
{{role}}:
NetworkDeployment:
type: OS::TripleO::SoftwareDeployment
depends_on: PreNetworkConfig
+ condition: server_not_blacklisted
properties:
name: NetworkDeployment
config: {get_resource: NetworkConfig}
{{role}}UpgradeInitDeployment:
type: OS::Heat::SoftwareDeployment
depends_on: NetworkDeployment
+ condition: server_not_blacklisted
properties:
name: {{role}}UpgradeInitDeployment
server: {get_resource: {{role}}}
{{role}}Deployment:
type: OS::Heat::StructuredDeployment
depends_on: {{role}}UpgradeInitDeployment
+ condition: server_not_blacklisted
properties:
name: {{role}}Deployment
config: {get_resource: {{role}}Config}
UpdateDeployment:
type: OS::Heat::SoftwareDeployment
depends_on: NetworkDeployment
+ condition: server_not_blacklisted
properties:
name: UpdateDeployment
config: {get_resource: UpdateConfig}
description: Heat resource handle for {{role}} server
value:
{get_resource: {{role}}}
+ condition: server_not_blacklisted
external_ip_address:
description: IP address of the server in the external network
value: {get_attr: [ExternalPort, ip_address]}
description: The short name of the Gnocchi indexer backend to use.
type: string
MetricProcessingDelay:
- default: 60
+ default: 30
description: Delay between processing metrics.
type: number
GnocchiPassword:
query:
read_default_file: /etc/my.cnf.d/tripleo.cnf
read_default_group: tripleo
- gnocchi::db::sync::extra_opts: '--skip-storage'
+ gnocchi::db::sync::extra_opts: ''
gnocchi::storage::metric_processing_delay: {get_param: MetricProcessingDelay}
gnocchi::storage::swift::swift_user: 'service:gnocchi'
gnocchi::storage::swift::swift_auth_version: 3
--- /dev/null
+heat_template_version: ocata
+
+description: >
+ OpenStack Neutron Linuxbridge agent configured with Puppet.
+
+parameters:
+ ServiceNetMap:
+ default: {}
+ description: Mapping of service_name -> network name. Typically set
+ via parameter_defaults in the resource registry. This
+ mapping overrides those in ServiceNetMapDefaults.
+ type: json
+ DefaultPasswords:
+ default: {}
+ type: json
+ EndpointMap:
+ default: {}
+ description: Mapping of service endpoint -> protocol. Typically set
+ via parameter_defaults in the resource registry.
+ type: json
+ RoleName:
+ default: ''
+ description: Role name on which the service is applied
+ type: string
+ RoleParameters:
+ default: {}
+ description: Parameters specific to the role
+ type: json
+ PhysicalInterfaceMapping:
+ description: List of <physical_network>:<physical_interface> tuples
+ mapping physical network names to agent's node-specific
+ physical network interfaces. Defaults to empty list.
+ type: comma_delimited_list
+ default: ''
+ NeutronLinuxbridgeFirewallDriver:
+ default: ''
+ description: Configure the classname of the firewall driver to use for
+ implementing security groups. Possible values depend on
+ system configuration. The default value of an empty string
+ will result in a default supported configuration.
+ type: string
+ NeutronEnableL2Pop:
+ type: string
+ description: Enable/disable the L2 population feature in the Neutron agents.
+ default: 'False'
+ NeutronTunnelTypes:
+ default: 'vxlan'
+ description: The tunnel types for the Neutron tenant network.
+ type: comma_delimited_list
+
+conditions:
+ no_firewall_driver: {equals : [{get_param: NeutronLinuxbridgeFirewallDriver}, '']}
+
+resources:
+
+ NeutronBase:
+ type: ./neutron-base.yaml
+ properties:
+ ServiceNetMap: {get_param: ServiceNetMap}
+ DefaultPasswords: {get_param: DefaultPasswords}
+ EndpointMap: {get_param: EndpointMap}
+
+outputs:
+ role_data:
+ description: Role data for the Neutron Linuxbridge agent service.
+ value:
+ service_name: neutron_linuxbridge_agent
+ config_settings:
+ map_merge:
+ - get_attr: [NeutronBase, role_data, config_settings]
+ - neutron::agents::ml2::linuxbridge::physical_interface_mappings: {get_param: PhysicalInterfaceMapping}
+ neutron::agents::ml2::linuxbridge::l2_population: {get_param: NeutronEnableL2Pop}
+ neutron::agents::ml2::linuxbridge::tunnel_types: {get_param: NeutronTunnelTypes}
+ neutron::agents::ml2::linuxbridge::local_ip: {get_param: [ServiceNetMap, NeutronTenantNetwork]}
+ neutron::agents::dhcp::interface_driver: 'neutron.agent.linux.interface.BridgeInterfaceDriver'
+ neutron::agents::dhcp::dhcp_driver: 'neutron.agent.linux.dhcp.Dnsmasq'
+ -
+ if:
+ - no_firewall_driver
+ - {}
+ - neutron::agents::ml2::linuxbridge::firewall_driver: {get_param: NeutronLinuxbridgeFirewallDriver}
+ step_config: |
+ include ::tripleo::profile::base::neutron::linuxbridge
via parameter_defaults in the resource registry.
type: json
HostCpusList:
- default: "'0'"
+ default: "0"
description: List of cores to be used for host process
type: string
constraints:
- - allowed_pattern: "'[0-9,-]+'"
+ - allowed_pattern: "[0-9,-]+"
NeutronDpdkCoreList:
- default: "''"
+ default: ""
description: List of cores to be used for DPDK Poll Mode Driver
type: string
constraints:
- - allowed_pattern: "'[0-9,-]*'"
+ - allowed_pattern: "[0-9,-]*"
NeutronDpdkMemoryChannels:
default: ""
description: Number of memory channels to be used for DPDK
description: >
Reserved RAM for host processes.
type: number
- default: 2048
+ default: 4096
constraints:
- range: { min: 512 }
MonitoringSubscriptionNovaCompute:
cinder::host: hostgroup
step_config:
include ::tripleo::profile::pacemaker::cinder::volume
+ upgrade_tasks:
+ - name: Stop cinder_volume service (pacemaker)
+ tags: step1
+ pacemaker_resource:
+ resource: openstack-cinder-volume
+ state: disable
+ wait_for_resource: true
+ - name: Sync cinder DB
+ tags: step5
+ command: cinder-manage db sync
+ - name: Start cinder_volume service (pacemaker)
+ tags: step5
+ pacemaker_resource:
+ resource: openstack-cinder-volume
+ state: enable
--- /dev/null
+---
+other:
+ - Increased the default of NovaReservedHostMemory for
+ Compute nodes to 4096 MB.
--- /dev/null
+---
+features:
+ - Added the ability to blacklist servers by name from being
+ associated with any Heat triggered SoftwareDeployment
+ resources. The servers are specified in the new
+ DeploymentServerBlacklist parameter.
--- /dev/null
+---
+fixes:
+ - Update the default metric processing delay to 30. This will help reduce
+ the metric backlog and wont load up the storage backend.
--- /dev/null
+---
+issues:
+ - Modify ``NeutronVhostuserSocketDir`` to a seprate directory in the DPDK
+ environment file. A different set of permission is required for creating
+ vhost sockets when the vhost type is dpdkvhostuserclient (which is default
+ from ocata).
# built documents.
#
# The full version, including alpha/beta/rc tags.
-release = '7.0.0.0b1'
+release = '7.0.0.0b2'
# The short X.Y version.
version = '7.0.0'
- OS::TripleO::Services::NeutronCorePlugin
- OS::TripleO::Services::NeutronOvsAgent
- OS::TripleO::Services::NeutronL2gwAgent
+ - OS::TripleO::Services::NeutronLinuxbridgeAgent
- OS::TripleO::Services::RabbitMQ
- OS::TripleO::Services::HAproxy
- OS::TripleO::Services::Keepalived
- OS::TripleO::Services::Kernel
- OS::TripleO::Services::ComputeNeutronCorePlugin
- OS::TripleO::Services::ComputeNeutronOvsAgent
+ - OS::TripleO::Services::NeutronLinuxbridgeAgent
- OS::TripleO::Services::ComputeCeilometerAgent
- OS::TripleO::Services::ComputeNeutronL3Agent
- OS::TripleO::Services::ComputeNeutronMetadataAgent
six>=1.9.0 # MIT
sphinx!=1.6.1,>=1.5.1 # BSD
oslosphinx>=4.7.0 # Apache-2.0
-reno>=1.8.0 # Apache-2.0
+reno!=2.3.1,>=1.8.0 # Apache-2.0
Code Review / apex-tripleo-heat-templates.git / commitdiff