Code Review / apex-tripleo-heat-templates.git / commitdiff
? search:
summary | shortlog | log | commit | commitdiff | review | tree
raw (from parent 2: 66b5c5d)
Merge "Populate vnc_api_lib.ini on compute nodes with OpenContrail"
authorJenkins <jenkins@review.openstack.org>
Fri, 16 Sep 2016 08:58:05 +0000 (08:58 +0000)
committerGerrit Code Review <review@openstack.org>
Fri, 16 Sep 2016 08:58:05 +0000 (08:58 +0000)
53 files changed:
environments/ceph-radosgw.yaml [new file with mode: 0644] patch | blob
environments/tls-endpoints-public-dns.yaml patch | blob | history
environments/tls-endpoints-public-ip.yaml patch | blob | history
extraconfig/tasks/major_upgrade_ceph_mon.sh patch | blob | history
extraconfig/tasks/major_upgrade_pacemaker.yaml patch | blob | history
network/endpoints/endpoint_data.yaml patch | blob | history
network/endpoints/endpoint_map.yaml patch | blob | history
network/service_net_map.yaml patch | blob | history
overcloud-resource-registry-puppet.yaml patch | blob | history
overcloud.j2.yaml [new file with mode: 0644] patch | blob
overcloud.yaml [deleted file] patch | blob | history
puppet/all-nodes-config.yaml patch | blob | history
puppet/blockstorage-config.yaml [new file with mode: 0644] patch | blob
puppet/ceph-storage-post.yaml [deleted file] patch | blob | history
puppet/ceph-storage.yaml patch | blob | history
puppet/cephstorage-config.yaml [new file with mode: 0644] patch | blob
puppet/cinder-storage-post.yaml [deleted file] patch | blob | history
puppet/cinder-storage.yaml patch | blob | history
puppet/compute-config.yaml [new file with mode: 0644] patch | blob
puppet/compute-post.yaml [deleted file] patch | blob | history
puppet/compute.yaml patch | blob | history
puppet/controller-post.yaml [deleted file] patch | blob | history
puppet/controller.yaml patch | blob | history
puppet/objectstorage-config.yaml [new file with mode: 0644] patch | blob
puppet/post.yaml [new file with mode: 0644] patch | blob
puppet/services/README.rst patch | blob | history
puppet/services/ceph-rgw.yaml [new file with mode: 0644] patch | blob
puppet/services/keystone.yaml patch | blob | history
puppet/services/manila-api.yaml patch | blob | history
puppet/services/network/contrail-analytics.yaml [new file with mode: 0644] patch | blob
puppet/services/network/contrail-base.yaml [new file with mode: 0644] patch | blob
puppet/services/network/contrail-config.yaml [new file with mode: 0644] patch | blob
puppet/services/network/contrail-control.yaml [new file with mode: 0644] patch | blob
puppet/services/network/contrail-database.yaml [new file with mode: 0644] patch | blob
puppet/services/network/contrail-webui.yaml [new file with mode: 0644] patch | blob
puppet/services/neutron-api.yaml patch | blob | history
puppet/services/neutron-base.yaml patch | blob | history
puppet/services/neutron-ovs-agent.yaml patch | blob | history
puppet/services/neutron-ovs-dpdk-agent.yaml patch | blob | history
puppet/services/neutron-plugin-ml2.yaml patch | blob | history
puppet/services/neutron-sriov-agent.yaml patch | blob | history
puppet/services/nova-compute.yaml patch | blob | history
puppet/services/nova-vnc-proxy.yaml [moved from puppet/services/nova-vncproxy.yaml with 82% similarity] patch | blob | history
puppet/services/pacemaker/nova-vnc-proxy.yaml [moved from puppet/services/pacemaker/nova-vncproxy.yaml with 95% similarity] patch | blob | history
puppet/services/services.yaml patch | blob | history
puppet/services/swift-ringbuilder.yaml patch | blob | history
puppet/services/swift-storage.yaml patch | blob | history
puppet/services/vip-hosts.yaml patch | blob | history
puppet/swift-devices-and-proxy-config.yaml [deleted file] patch | blob | history
puppet/swift-storage-post.yaml [deleted file] patch | blob | history
puppet/swift-storage.yaml patch | blob | history
roles_data.yaml [new file with mode: 0644] patch | blob
tools/yaml-validate.py patch | blob | history

diff --git a/environments/ceph-radosgw.yaml b/environments/ceph-radosgw.yaml
new file mode 100644 (file)
index 0000000..a9221a2
--- /dev/null
+++ b/environments/ceph-radosgw.yaml
@@ -0,0 +1,5 @@
+resource_registry:
+  OS::TripleO::Services::CephRgw: ../puppet/services/ceph-rgw.yaml
+  OS::TripleO::Services::SwiftProxy: OS::Heat::None
+  OS::TripleO::Services::SwiftStorage: OS::Heat::None
+  OS::TripleO::Services::SwiftRingBuilder: OS::Heat::None
diff --git a/environments/tls-endpoints-public-dns.yaml b/environments/tls-endpoints-public-dns.yaml
index 7c8e850..0a0996d 100644 (file)
--- a/environments/tls-endpoints-public-dns.yaml
+++ b/environments/tls-endpoints-public-dns.yaml
@@ -8,6 +8,9 @@ parameter_defaults:
     CeilometerAdmin: {protocol: 'http', port: '8777', host: 'IP_ADDRESS'}
     CeilometerInternal: {protocol: 'http', port: '8777', host: 'IP_ADDRESS'}
     CeilometerPublic: {protocol: 'https', port: '13777', host: 'CLOUDNAME'}
+    CephRgwAdmin: {protocol: 'http', port: '8080', host: 'IP_ADDRESS'}
+    CephRgwInternal: {protocol: 'http', port: '8080', host: 'IP_ADDRESS'}
+    CephRgwPublic: {protocol: 'https', port: '13808', host: 'CLOUDNAME'}
     CinderAdmin: {protocol: 'http', port: '8776', host: 'IP_ADDRESS'}
     CinderInternal: {protocol: 'http', port: '8776', host: 'IP_ADDRESS'}
     CinderPublic: {protocol: 'https', port: '13776', host: 'CLOUDNAME'}
diff --git a/environments/tls-endpoints-public-ip.yaml b/environments/tls-endpoints-public-ip.yaml
index 80595c6..5a2b883 100644 (file)
--- a/environments/tls-endpoints-public-ip.yaml
+++ b/environments/tls-endpoints-public-ip.yaml
@@ -8,6 +8,9 @@ parameter_defaults:
     CeilometerAdmin: {protocol: 'http', port: '8777', host: 'IP_ADDRESS'}
     CeilometerInternal: {protocol: 'http', port: '8777', host: 'IP_ADDRESS'}
     CeilometerPublic: {protocol: 'https', port: '13777', host: 'IP_ADDRESS'}
+    CephRgwAdmin: {protocol: 'http', port: '8080', host: 'IP_ADDRESS'}
+    CephRgwInternal: {protocol: 'http', port: '8080', host: 'IP_ADDRESS'}
+    CephRgwPublic: {protocol: 'https', port: '13808', host: 'IP_ADDRESS'}
     CinderAdmin: {protocol: 'http', port: '8776', host: 'IP_ADDRESS'}
     CinderInternal: {protocol: 'http', port: '8776', host: 'IP_ADDRESS'}
     CinderPublic: {protocol: 'https', port: '13776', host: 'IP_ADDRESS'}
diff --git a/extraconfig/tasks/major_upgrade_ceph_mon.sh b/extraconfig/tasks/major_upgrade_ceph_mon.sh
index 38befbb..b76dd7c 100755 (executable)
--- a/extraconfig/tasks/major_upgrade_ceph_mon.sh
+++ b/extraconfig/tasks/major_upgrade_ceph_mon.sh
@@ -17,6 +17,21 @@ if ! [[ "$INSTALLED_VERSION" =~ ^0\.94.* ]]; then
     exit 0
 fi
 
+CEPH_STATUS=$(ceph health | awk '{print $1}')
+if [ ${CEPH_STATUS} = HEALTH_ERR ]; do
+    echo ERROR: Ceph cluster status is HEALTH_ERR, cannot be upgraded
+    exit 1
+fi
+
+# Useful when upgrading with OSDs num < replica size
+if [ $ignore_ceph_upgrade_warnings != "true" ]; then
+    timeout 300 bash -c "while [ ${CEPH_STATUS} != HEALTH_OK ]; do
+      echo WARNING: Waiting for Ceph cluster status to go HEALTH_OK;
+      sleep 30;
+      CEPH_STATUS=$(ceph health | awk '{print $1}')
+    done"
+fi
+
 MON_PID=$(pidof ceph-mon)
 MON_ID=$(hostname -s)
 
@@ -37,8 +52,6 @@ if [[ "$UPDATED_VERSION" =~ ^0\.94.* ]]; then
     echo WARNING: Ceph was not upgraded, restarting daemons
     service ceph start mon.${MON_ID}
 elif [[ "$UPDATED_VERSION" =~ ^10\.2.* ]]; then
-    echo INFO: Ceph was upgraded to Jewel
-
     # RPM could own some of these but we can't take risks on the pre-existing files
     for d in /var/lib/ceph/mon /var/log/ceph /var/run/ceph /etc/ceph; do
         chown -R ceph:ceph $d
@@ -54,9 +67,11 @@ elif [[ "$UPDATED_VERSION" =~ ^10\.2.* ]]; then
 
     # Wait for daemon to be back in the quorum
     timeout 300 bash -c "until (ceph quorum_status | jq .quorum_names | grep -sq ${MON_ID}); do
-      echo Waiting for mon.${MON_ID} to re-join quorum;
+      echo WARNING: Waiting for mon.${MON_ID} to re-join quorum;
       sleep 10;
     done"
+
+    echo INFO: Ceph was upgraded to Jewel
 else
     echo ERROR: Ceph was upgraded to an unknown release, daemon is stopped, need manual intervention
     exit 1
diff --git a/extraconfig/tasks/major_upgrade_pacemaker.yaml b/extraconfig/tasks/major_upgrade_pacemaker.yaml
index c2e1488..598d22d 100644 (file)
--- a/extraconfig/tasks/major_upgrade_pacemaker.yaml
+++ b/extraconfig/tasks/major_upgrade_pacemaker.yaml
@@ -26,6 +26,10 @@ parameters:
     constraints:
     - allowed_values: ['auto', 'yes', 'no']
     default: 'auto'
+  IgnoreCephUpgradeWarnings:
+    type: boolean
+    default: false
+    description: If enabled, Ceph upgrade will be forced even though cluster or PGs status is not clean
 
 resources:
   # TODO(jistr): for Mitaka->Newton upgrades and further we can use
@@ -36,7 +40,16 @@ resources:
     type: OS::Heat::SoftwareConfig
     properties:
       group: script
-      config: {get_file: major_upgrade_ceph_mon.sh}
+      config:
+        list_join:
+        - ''
+        - - str_replace:
+              template: |
+                #!/bin/bash
+                ignore_ceph_upgrade_warnings='IGNORE_CEPH_UPGRADE_WARNINGS'
+              params:
+                IGNORE_CEPH_UPGRADE_WARNINGS: {get_param: IgnoreCephUpgradeWarnings}
+          - get_file: major_upgrade_ceph_mon.sh
 
   CephMonUpgradeDeployment:
     type: OS::Heat::SoftwareDeploymentGroup
diff --git a/network/endpoints/endpoint_data.yaml b/network/endpoints/endpoint_data.yaml
index 84b03c7..fb01925 100644 (file)
--- a/network/endpoints/endpoint_data.yaml
+++ b/network/endpoints/endpoint_data.yaml
@@ -199,6 +199,21 @@ Swift:
             S3:
     port: 8080
 
+CephRgw:
+    Internal:
+        net_param: CephRgw
+        uri_suffixes:
+            '': /swift/v1
+    Public:
+        net_param: Public
+        uri_suffixes:
+            '': /swift/v1
+    Admin:
+        net_param: CephRgw
+        uri_suffixes:
+            '': /swift/v1
+    port: 8080
+
 Sahara:
     Internal:
         net_param: SaharaApi
diff --git a/network/endpoints/endpoint_map.yaml b/network/endpoints/endpoint_map.yaml
index dd29bcd..734b643 100644 (file)
--- a/network/endpoints/endpoint_map.yaml
+++ b/network/endpoints/endpoint_map.yaml
@@ -25,6 +25,9 @@ parameters:
       CeilometerAdmin: {protocol: http, port: '8777', host: IP_ADDRESS}
       CeilometerInternal: {protocol: http, port: '8777', host: IP_ADDRESS}
       CeilometerPublic: {protocol: http, port: '8777', host: IP_ADDRESS}
+      CephRgwAdmin: {protocol: http, port: '8080', host: IP_ADDRESS}
+      CephRgwInternal: {protocol: http, port: '8080', host: IP_ADDRESS}
+      CephRgwPublic: {protocol: http, port: '8080', host: IP_ADDRESS}
       CinderAdmin: {protocol: http, port: '8776', host: IP_ADDRESS}
       CinderInternal: {protocol: http, port: '8776', host: IP_ADDRESS}
       CinderPublic: {protocol: http, port: '8776', host: IP_ADDRESS}
@@ -563,6 +566,252 @@ outputs:
                         template: NETWORK_uri
             - ':'
             - get_param: [EndpointMap, CeilometerPublic, port]
+      CephRgwAdmin:
+        host:
+          str_replace:
+            template:
+              get_param: [EndpointMap, CephRgwAdmin, host]
+            params:
+              CLOUDNAME:
+                get_param:
+                - CloudEndpoints
+                - get_param: [ServiceNetMap, CephRgwNetwork]
+              IP_ADDRESS:
+                get_param:
+                - NetIpMap
+                - str_replace:
+                    params:
+                      NETWORK:
+                        get_param: [ServiceNetMap, CephRgwNetwork]
+                    template: NETWORK_uri
+        host_nobrackets:
+          str_replace:
+            template:
+              get_param: [EndpointMap, CephRgwAdmin, host]
+            params:
+              CLOUDNAME:
+                get_param:
+                - CloudEndpoints
+                - get_param: [ServiceNetMap, CephRgwNetwork]
+              IP_ADDRESS:
+                get_param:
+                - NetIpMap
+                - get_param: [ServiceNetMap, CephRgwNetwork]
+        port:
+          get_param: [EndpointMap, CephRgwAdmin, port]
+        protocol:
+          get_param: [EndpointMap, CephRgwAdmin, protocol]
+        uri:
+          list_join:
+          - ''
+          - - get_param: [EndpointMap, CephRgwAdmin, protocol]
+            - ://
+            - str_replace:
+                template:
+                  get_param: [EndpointMap, CephRgwAdmin, host]
+                params:
+                  CLOUDNAME:
+                    get_param:
+                    - CloudEndpoints
+                    - get_param: [ServiceNetMap, CephRgwNetwork]
+                  IP_ADDRESS:
+                    get_param:
+                    - NetIpMap
+                    - str_replace:
+                        params:
+                          NETWORK:
+                            get_param: [ServiceNetMap, CephRgwNetwork]
+                        template: NETWORK_uri
+            - ':'
+            - get_param: [EndpointMap, CephRgwAdmin, port]
+            - /swift/v1
+        uri_no_suffix:
+          list_join:
+          - ''
+          - - get_param: [EndpointMap, CephRgwAdmin, protocol]
+            - ://
+            - str_replace:
+                template:
+                  get_param: [EndpointMap, CephRgwAdmin, host]
+                params:
+                  CLOUDNAME:
+                    get_param:
+                    - CloudEndpoints
+                    - get_param: [ServiceNetMap, CephRgwNetwork]
+                  IP_ADDRESS:
+                    get_param:
+                    - NetIpMap
+                    - str_replace:
+                        params:
+                          NETWORK:
+                            get_param: [ServiceNetMap, CephRgwNetwork]
+                        template: NETWORK_uri
+            - ':'
+            - get_param: [EndpointMap, CephRgwAdmin, port]
+      CephRgwInternal:
+        host:
+          str_replace:
+            template:
+              get_param: [EndpointMap, CephRgwInternal, host]
+            params:
+              CLOUDNAME:
+                get_param:
+                - CloudEndpoints
+                - get_param: [ServiceNetMap, CephRgwNetwork]
+              IP_ADDRESS:
+                get_param:
+                - NetIpMap
+                - str_replace:
+                    params:
+                      NETWORK:
+                        get_param: [ServiceNetMap, CephRgwNetwork]
+                    template: NETWORK_uri
+        host_nobrackets:
+          str_replace:
+            template:
+              get_param: [EndpointMap, CephRgwInternal, host]
+            params:
+              CLOUDNAME:
+                get_param:
+                - CloudEndpoints
+                - get_param: [ServiceNetMap, CephRgwNetwork]
+              IP_ADDRESS:
+                get_param:
+                - NetIpMap
+                - get_param: [ServiceNetMap, CephRgwNetwork]
+        port:
+          get_param: [EndpointMap, CephRgwInternal, port]
+        protocol:
+          get_param: [EndpointMap, CephRgwInternal, protocol]
+        uri:
+          list_join:
+          - ''
+          - - get_param: [EndpointMap, CephRgwInternal, protocol]
+            - ://
+            - str_replace:
+                template:
+                  get_param: [EndpointMap, CephRgwInternal, host]
+                params:
+                  CLOUDNAME:
+                    get_param:
+                    - CloudEndpoints
+                    - get_param: [ServiceNetMap, CephRgwNetwork]
+                  IP_ADDRESS:
+                    get_param:
+                    - NetIpMap
+                    - str_replace:
+                        params:
+                          NETWORK:
+                            get_param: [ServiceNetMap, CephRgwNetwork]
+                        template: NETWORK_uri
+            - ':'
+            - get_param: [EndpointMap, CephRgwInternal, port]
+            - /swift/v1
+        uri_no_suffix:
+          list_join:
+          - ''
+          - - get_param: [EndpointMap, CephRgwInternal, protocol]
+            - ://
+            - str_replace:
+                template:
+                  get_param: [EndpointMap, CephRgwInternal, host]
+                params:
+                  CLOUDNAME:
+                    get_param:
+                    - CloudEndpoints
+                    - get_param: [ServiceNetMap, CephRgwNetwork]
+                  IP_ADDRESS:
+                    get_param:
+                    - NetIpMap
+                    - str_replace:
+                        params:
+                          NETWORK:
+                            get_param: [ServiceNetMap, CephRgwNetwork]
+                        template: NETWORK_uri
+            - ':'
+            - get_param: [EndpointMap, CephRgwInternal, port]
+      CephRgwPublic:
+        host:
+          str_replace:
+            template:
+              get_param: [EndpointMap, CephRgwPublic, host]
+            params:
+              CLOUDNAME:
+                get_param:
+                - CloudEndpoints
+                - get_param: [ServiceNetMap, PublicNetwork]
+              IP_ADDRESS:
+                get_param:
+                - NetIpMap
+                - str_replace:
+                    params:
+                      NETWORK:
+                        get_param: [ServiceNetMap, PublicNetwork]
+                    template: NETWORK_uri
+        host_nobrackets:
+          str_replace:
+            template:
+              get_param: [EndpointMap, CephRgwPublic, host]
+            params:
+              CLOUDNAME:
+                get_param:
+                - CloudEndpoints
+                - get_param: [ServiceNetMap, PublicNetwork]
+              IP_ADDRESS:
+                get_param:
+                - NetIpMap
+                - get_param: [ServiceNetMap, PublicNetwork]
+        port:
+          get_param: [EndpointMap, CephRgwPublic, port]
+        protocol:
+          get_param: [EndpointMap, CephRgwPublic, protocol]
+        uri:
+          list_join:
+          - ''
+          - - get_param: [EndpointMap, CephRgwPublic, protocol]
+            - ://
+            - str_replace:
+                template:
+                  get_param: [EndpointMap, CephRgwPublic, host]
+                params:
+                  CLOUDNAME:
+                    get_param:
+                    - CloudEndpoints
+                    - get_param: [ServiceNetMap, PublicNetwork]
+                  IP_ADDRESS:
+                    get_param:
+                    - NetIpMap
+                    - str_replace:
+                        params:
+                          NETWORK:
+                            get_param: [ServiceNetMap, PublicNetwork]
+                        template: NETWORK_uri
+            - ':'
+            - get_param: [EndpointMap, CephRgwPublic, port]
+            - /swift/v1
+        uri_no_suffix:
+          list_join:
+          - ''
+          - - get_param: [EndpointMap, CephRgwPublic, protocol]
+            - ://
+            - str_replace:
+                template:
+                  get_param: [EndpointMap, CephRgwPublic, host]
+                params:
+                  CLOUDNAME:
+                    get_param:
+                    - CloudEndpoints
+                    - get_param: [ServiceNetMap, PublicNetwork]
+                  IP_ADDRESS:
+                    get_param:
+                    - NetIpMap
+                    - str_replace:
+                        params:
+                          NETWORK:
+                            get_param: [ServiceNetMap, PublicNetwork]
+                        template: NETWORK_uri
+            - ':'
+            - get_param: [EndpointMap, CephRgwPublic, port]
       CinderAdmin:
         host:
           str_replace:
diff --git a/network/service_net_map.yaml b/network/service_net_map.yaml
index 4cfff40..6e5c244 100644 (file)
--- a/network/service_net_map.yaml
+++ b/network/service_net_map.yaml
@@ -30,10 +30,12 @@ parameters:
       ManilaApiNetwork: internal_api
       NeutronApiNetwork: internal_api
       HeatApiNetwork: internal_api
+      HeatApiCfnNetwork: internal_api
+      HeatApiCloudwatchNetwork: internal_api
       NovaApiNetwork: internal_api
       NovaMetadataNetwork: internal_api
       NovaVncProxyNetwork: internal_api
-      SwiftMgmtNetwork: storage_mgmt
+      SwiftStorageNetwork: storage_mgmt
       SwiftProxyNetwork: storage
       SaharaApiNetwork: internal_api
       HorizonNetwork: internal_api
@@ -43,6 +45,7 @@ parameters:
       MysqlNetwork: internal_api
       CephClusterNetwork: storage_mgmt
       CephMonNetwork: storage
+      CephRgwNetwork: storage
       ControllerHostnameResolveNetwork: internal_api
       ComputeHostnameResolveNetwork: internal_api
       BlockStorageHostnameResolveNetwork: internal_api
@@ -61,6 +64,7 @@ parameters:
       MongoDbNetwork: MongodbNetwork
       RabbitMqNetwork: RabbitmqNetwork
       CephPublicNetwork: CephMonNetwork
+      SwiftMgmtNetwork: SwiftStorageNetwork
     description: Mapping older deprecated service names, intended for
                  internal use only, this will be removed in future.
     type: json
diff --git a/overcloud-resource-registry-puppet.yaml b/overcloud-resource-registry-puppet.yaml
index 6126fb0..d5fdaa0 100644 (file)
--- a/overcloud-resource-registry-puppet.yaml
+++ b/overcloud-resource-registry-puppet.yaml
@@ -10,22 +10,29 @@ resource_registry:
   OS::TripleO::ObjectStorage::Net::SoftwareConfig: net-config-noop.yaml
   OS::TripleO::CephStorage: puppet/ceph-storage.yaml
   OS::TripleO::CephStorage::Net::SoftwareConfig: net-config-noop.yaml
-  OS::TripleO::ControllerPostDeployment: puppet/controller-post.yaml
   # set to controller-config-pacemaker.yaml to enable pacemaker
   OS::TripleO::ControllerConfig: puppet/controller-config.yaml
-  OS::TripleO::ComputePostDeployment: puppet/compute-post.yaml
-  OS::TripleO::ObjectStoragePostDeployment: puppet/swift-storage-post.yaml
-  OS::TripleO::BlockStoragePostDeployment: puppet/cinder-storage-post.yaml
-  OS::TripleO::CephStoragePostDeployment: puppet/ceph-storage-post.yaml
-  OS::TripleO::SwiftDevicesAndProxy::SoftwareConfig: puppet/swift-devices-and-proxy-config.yaml
+  OS::TripleO::PostDeploySteps: puppet/post.yaml
+  OS::TripleO::ComputeConfig: puppet/compute-config.yaml
+  OS::TripleO::BlockStorageConfig: puppet/blockstorage-config.yaml
+  OS::TripleO::ObjectStorageConfig: puppet/objectstorage-config.yaml
+  OS::TripleO::CephStorageConfig: puppet/cephstorage-config.yaml
   OS::TripleO::AllNodes::SoftwareConfig: puppet/all-nodes-config.yaml
   OS::TripleO::DefaultPasswords: default_passwords.yaml
 
   # Tasks (for internal TripleO usage)
   OS::TripleO::Tasks::UpdateWorkflow: OS::Heat::None
   OS::TripleO::Tasks::PackageUpdate: extraconfig/tasks/yum_update.yaml
-  OS::TripleO::Tasks::ControllerPrePuppet: OS::Heat::None
-  OS::TripleO::Tasks::ControllerPostPuppet: OS::Heat::None
+  OS::TripleO::Tasks::ControllerPreConfig: OS::Heat::None
+  OS::TripleO::Tasks::ControllerPostConfig: OS::Heat::None
+  OS::TripleO::Tasks::ComputePreConfig: OS::Heat::None
+  OS::TripleO::Tasks::ComputePostConfig: OS::Heat::None
+  OS::TripleO::Tasks::BlockStoragePreConfig: OS::Heat::None
+  OS::TripleO::Tasks::BlockStoragePostConfig: OS::Heat::None
+  OS::TripleO::Tasks::ObjectStoragePreConfig: OS::Heat::None
+  OS::TripleO::Tasks::ObjectStoragePostConfig: OS::Heat::None
+  OS::TripleO::Tasks::CephStoragePreConfig: OS::Heat::None
+  OS::TripleO::Tasks::CephStoragePostConfig: OS::Heat::None
 
 
   OS::TripleO::Server: OS::Nova::Server
@@ -132,6 +139,7 @@ resource_registry:
   OS::TripleO::Services::Apache: puppet/services/apache.yaml
   OS::TripleO::Services::CACerts: puppet/services/ca-certs.yaml
   OS::TripleO::Services::CephMon: OS::Heat::None
+  OS::TripleO::Services::CephRgw: OS::Heat::None
   OS::TripleO::Services::CephOSD: OS::Heat::None
   OS::TripleO::Services::CephClient: OS::Heat::None
   OS::TripleO::Services::CephExternal: OS::Heat::None
@@ -182,7 +190,7 @@ resource_registry:
   OS::TripleO::Services::NovaApi: puppet/services/nova-api.yaml
   OS::TripleO::Services::NovaScheduler: puppet/services/nova-scheduler.yaml
   OS::TripleO::Services::NovaConsoleauth: puppet/services/nova-consoleauth.yaml
-  OS::TripleO::Services::NovaVncproxy: puppet/services/nova-vncproxy.yaml
+  OS::TripleO::Services::NovaVncProxy: puppet/services/nova-vnc-proxy.yaml
   OS::TripleO::Services::NovaCompute: puppet/services/nova-compute.yaml
   OS::TripleO::Services::NovaLibvirt: puppet/services/nova-libvirt.yaml
   OS::TripleO::Services::Ntp: puppet/services/time/ntp.yaml
diff --git a/overcloud.j2.yaml b/overcloud.j2.yaml
new file mode 100644 (file)
index 0000000..fa160e4
--- /dev/null
+++ b/overcloud.j2.yaml
@@ -0,0 +1,552 @@
+heat_template_version: 2016-10-14
+
+description: >
+  Deploy an OpenStack environment, consisting of several node types (roles),
+  Controller, Compute, BlockStorage, SwiftStorage and CephStorage. The Storage
+  roles enable independent scaling of the storage components, but the minimal
+  deployment is one Controller and one Compute node.
+
+
+# TODO(shadower): we should probably use the parameter groups to put
+# some order in here.
+parameters:
+
+  # Common parameters (not specific to a role)
+  CloudName:
+    default: overcloud.localdomain
+    description: The DNS name of this cloud. E.g. ci-overcloud.tripleo.org
+    type: string
+  CloudNameInternal:
+    default: overcloud.internalapi.localdomain
+    description: >
+      The DNS name of this cloud's internal API endpoint. E.g.
+      'ci-overcloud.internalapi.tripleo.org'.
+    type: string
+  CloudNameStorage:
+    default: overcloud.storage.localdomain
+    description: >
+      The DNS name of this cloud's storage endpoint. E.g.
+      'ci-overcloud.storage.tripleo.org'.
+    type: string
+  CloudNameStorageManagement:
+    default: overcloud.storagemgmt.localdomain
+    description: >
+      The DNS name of this cloud's storage management endpoint. E.g.
+      'ci-overcloud.storagemgmt.tripleo.org'.
+    type: string
+  CloudNameCtlplane:
+    default: overcloud.ctlplane.localdomain
+    description: >
+      The DNS name of this cloud's storage management endpoint. E.g.
+      'ci-overcloud.management.tripleo.org'.
+    type: string
+  ControlFixedIPs:
+    default: []
+    description: Should be used for arbitrary ips.
+    type: json
+  InternalApiVirtualFixedIPs:
+    default: []
+    description: >
+        Control the IP allocation for the InternalApiVirtualInterface port. E.g.
+        [{'ip_address':'1.2.3.4'}]
+    type: json
+  NeutronControlPlaneID:
+    default: 'ctlplane'
+    type: string
+    description: Neutron ID or name for ctlplane network.
+  NeutronPublicInterface:
+    default: nic1
+    description: What interface to bridge onto br-ex for network nodes.
+    type: string
+  PublicVirtualFixedIPs:
+    default: []
+    description: >
+        Control the IP allocation for the PublicVirtualInterface port. E.g.
+        [{'ip_address':'1.2.3.4'}]
+    type: json
+  RabbitCookieSalt:
+    type: string
+    default: unset
+    description: Salt for the rabbit cookie, change this to force the randomly generated rabbit cookie to change.
+  StorageVirtualFixedIPs:
+    default: []
+    description: >
+        Control the IP allocation for the StorageVirtualInterface port. E.g.
+        [{'ip_address':'1.2.3.4'}]
+    type: json
+  StorageMgmtVirtualFixedIPs:
+    default: []
+    description: >
+        Control the IP allocation for the StorageMgmgVirtualInterface port. E.g.
+        [{'ip_address':'1.2.3.4'}]
+    type: json
+  RedisVirtualFixedIPs:
+    default: []
+    description: >
+        Control the IP allocation for the virtual IP used by Redis. E.g.
+        [{'ip_address':'1.2.3.4'}]
+    type: json
+  CloudDomain:
+    default: 'localdomain'
+    type: string
+    description: >
+      The DNS domain used for the hosts. This should match the dhcp_domain
+      configured in the Undercloud neutron. Defaults to localdomain.
+  ServerMetadata:
+    default: {}
+    description: >
+      Extra properties or metadata passed to Nova for the created nodes in
+      the overcloud. It's accessible via the Nova metadata API.
+    type: json
+
+# Compute-specific params
+# FIXME(shardy) handle these deprecated names as they don't match compute.yaml
+  HypervisorNeutronPhysicalBridge:
+    default: 'br-ex'
+    description: >
+      An OVS bridge to create on each hypervisor. This defaults to br-ex the
+      same as the control plane nodes, as we have a uniform configuration of
+      the openvswitch agent. Typically should not need to be changed.
+    type: string
+  HypervisorNeutronPublicInterface:
+    default: nic1
+    description: What interface to add to the HypervisorNeutronPhysicalBridge.
+    type: string
+
+  # Jinja loop for Role in role_data.yaml
+{% for role in roles %}
+  # Parameters generated for {{role.name}} Role
+  {{role.name}}Services:
+    description: A list of service resources (configured in the Heat
+                 resource_registry) which represent nested stacks
+                 for each service that should get installed on the {{role.name}} role.
+    type: comma_delimited_list
+  {% if role.ServicesDefault %}
+    default: {{role.ServicesDefault}}
+  {% endif %}
+
+  {{role.name}}Count:
+    description: Number of {{role.name}} nodes to deploy
+    type: number
+  {% if role.CountDefault %}
+    default: {{role.CountDefault}}
+  {% endif %}
+
+  {{role.name}}HostnameFormat:
+    type: string
+    description: >
+      Format for {{role.name}} node hostnames
+      Note %index% is translated into the index of the node, e.g 0/1/2 etc
+      and %stackname% is replaced with the stack name e.g overcloud
+  {% if role.HostnameFormatDefault %}
+    default: "{{role.HostnameFormatDefault}}"
+  {% endif %}
+
+  {{role.name}}RemovalPolicies:
+    default: []
+    type: json
+    description: >
+      List of resources to be removed from {{role.name}} ResourceGroup when
+      doing an update which requires removal of specific resources.
+      Example format ComputeRemovalPolicies: [{'resource_list': ['0']}]
+{% endfor %}
+
+  # Identifiers to trigger tasks on nodes
+  UpdateIdentifier:
+    default: ''
+    type: string
+    description: >
+      Setting to a previously unused value during stack-update will trigger
+      package update on all nodes
+  DeployIdentifier:
+    default: ''
+    type: string
+    description: >
+      Setting this to a unique value will re-run any deployment tasks which
+      perform configuration on a Heat stack-update.
+
+resources:
+
+  HeatAuthEncryptionKey:
+    type: OS::Heat::RandomString
+
+  PcsdPassword:
+    type: OS::Heat::RandomString
+    properties:
+      length: 16
+
+  HorizonSecret:
+    type: OS::Heat::RandomString
+    properties:
+      length: 10
+
+  ServiceNetMap:
+    type: OS::TripleO::ServiceNetMap
+
+  EndpointMap:
+    type: OS::TripleO::EndpointMap
+    properties:
+      CloudEndpoints:
+        external: {get_param: CloudName}
+        internal_api: {get_param: CloudNameInternal}
+        storage: {get_param: CloudNameStorage}
+        storage_mgmt: {get_param: CloudNameStorageManagement}
+        ctlplane: {get_param: CloudNameCtlplane}
+      NetIpMap: {get_attr: [VipMap, net_ip_map]}
+      ServiceNetMap: {get_attr: [ServiceNetMap, service_net_map]}
+
+  # Jinja loop for Role in roles_data.yaml
+{% for role in roles %}
+  # Resources generated for {{role.name}} Role
+  {{role.name}}ServiceChain:
+    type: OS::TripleO::Services
+    properties:
+      Services:
+        get_param: {{role.name}}Services
+      ServiceNetMap: {get_attr: [ServiceNetMap, service_net_map]}
+      EndpointMap: {get_attr: [EndpointMap, endpoint_map]}
+      DefaultPasswords: {get_attr: [DefaultPasswords, passwords]}
+
+  {{role.name}}AllNodesDeployment:
+    type: OS::Heat::StructuredDeployments
+    properties:
+      name: {{role.name}}AllNodesDeployment
+      config: {get_attr: [allNodesConfig, config_id]}
+      servers: {get_attr: [{{role.name}}, attributes, nova_server_resource]}
+      input_values:
+        bootstrap_nodeid: {get_attr: [{{role.name}}, resource.0.hostname]}
+        bootstrap_nodeid_ip: {get_attr: [{{role.name}}, resource.0.ip_address]}
+
+  {{role.name}}AllNodesValidationDeployment:
+    type: OS::Heat::StructuredDeployments
+    depends_on: {{role.name}}AllNodesDeployment
+    properties:
+      name: {{role.name}}AllNodesValidationDeployment
+      config: {get_resource: AllNodesValidationConfig}
+      servers: {get_attr: [{{role.name}}, attributes, nova_server_resource]}
+
+  {{role.name}}IpListMap:
+    type: OS::TripleO::Network::Ports::NetIpListMap
+    properties:
+      ControlPlaneIpList: {get_attr: [{{role.name}}, ip_address]}
+      ExternalIpList: {get_attr: [{{role.name}}, external_ip_address]}
+      InternalApiIpList: {get_attr: [{{role.name}}, internal_api_ip_address]}
+      StorageIpList: {get_attr: [{{role.name}}, storage_ip_address]}
+      StorageMgmtIpList: {get_attr: [{{role.name}}, storage_mgmt_ip_address]}
+      TenantIpList: {get_attr: [{{role.name}}, tenant_ip_address]}
+      ManagementIpList: {get_attr: [{{role.name}}, management_ip_address]}
+      EnabledServices: {get_attr: [{{role.name}}ServiceChain, role_data, service_names]}
+      ServiceNetMap: {get_attr: [ServiceNetMap, service_net_map_lower]}
+      ServiceHostnameList: {get_attr: [{{role.name}}, hostname]}
+
+  {{role.name}}:
+    type: OS::Heat::ResourceGroup
+    depends_on: Networks
+    properties:
+      count: {get_param: {{role.name}}Count}
+      removal_policies: {get_param: {{role.name}}RemovalPolicies}
+      resource_def:
+        type: OS::TripleO::{{role.name}}
+        properties:
+          CloudDomain: {get_param: CloudDomain}
+          ServiceNetMap: {get_attr: [ServiceNetMap, service_net_map]}
+          EndpointMap: {get_attr: [EndpointMap, endpoint_map]}
+          Hostname:
+            str_replace:
+              template: {get_param: {{role.name}}HostnameFormat}
+              params:
+                '%stackname%': {get_param: 'OS::stack_name'}
+          NodeIndex: '%index%'
+          ServiceConfigSettings:
+            map_merge:
+              -  get_attr: [{{role.name}}ServiceChain, role_data, config_settings]
+          {% for r in roles %}
+              - get_attr: [{{r.name}}ServiceChain, role_data, global_config_settings]
+          {% endfor %}
+          ServiceNames: {get_attr: [{{role.name}}ServiceChain, role_data, service_names]}
+          MonitoringSubscriptions: {get_attr: [{{role.name}}ServiceChain, role_data, monitoring_subscriptions]}
+{% endfor %}
+
+  allNodesConfig:
+    type: OS::TripleO::AllNodes::SoftwareConfig
+    properties:
+      cloud_name_external: {get_param: CloudName}
+      cloud_name_internal_api: {get_param: CloudNameInternal}
+      cloud_name_storage: {get_param: CloudNameStorage}
+      cloud_name_storage_mgmt: {get_param: CloudNameStorageManagement}
+      cloud_name_ctlplane: {get_param: CloudNameCtlplane}
+      hosts:
+{% for role in roles %}
+        - list_join:
+            - '\n'
+            - {get_attr: [{{role.name}}, hosts_entry]}
+{% endfor %}
+      enabled_services:
+        list_join:
+          - ','
+{% for role in roles %}
+          - {get_attr: [{{role.name}}ServiceChain, role_data, service_names]}
+{% endfor %}
+      controller_ips: {get_attr: [Controller, ip_address]}
+      controller_names: {get_attr: [Controller, hostname]}
+      service_ips:
+        # Note (shardy) this somewhat complex yaql may be replaced
+        # with a map_deep_merge function in ocata.  It merges the
+        # list of maps, but appends to colliding lists when a service
+        # is deployed on more than one role
+        yaql:
+          expression: dict($.data.l.where($ != null).selectMany($.items()).groupBy($[0], $[1], [$[0], $[1].flatten()]))
+          data:
+            l:
+{% for role in roles %}
+              - {get_attr: [{{role.name}}IpListMap, service_ips]}
+{% endfor %}
+      service_node_names:
+        yaql:
+          expression: dict($.data.l.where($ != null).selectMany($.items()).groupBy($[0], $[1], [$[0], $[1].flatten()]))
+          data:
+            l:
+{% for role in roles %}
+              - {get_attr: [{{role.name}}IpListMap, service_hostnames]}
+{% endfor %}
+      # FIXME(shardy): These require further work to move into service_ips
+      memcache_node_ips: {get_attr: [ControllerIpListMap, net_ip_map, {get_attr: [ServiceNetMap, service_net_map, MemcachedNetwork]}]}
+      keystone_public_api_node_ips: {get_attr: [ControllerIpListMap, net_ip_map, {get_attr: [ServiceNetMap, service_net_map, KeystonePublicApiNetwork]}]}
+      keystone_admin_api_node_ips: {get_attr: [ControllerIpListMap, net_ip_map, {get_attr: [ServiceNetMap, service_net_map, KeystoneAdminApiNetwork]}]}
+      NetVipMap: {get_attr: [VipMap, net_ip_map]}
+      RedisVirtualIP: {get_attr: [RedisVirtualIP, ip_address]}
+      ServiceNetMap: {get_attr: [ServiceNetMap, service_net_map_lower]}
+      DeployIdentifier: {get_param: DeployIdentifier}
+      UpdateIdentifier: {get_param: UpdateIdentifier}
+
+  MysqlRootPassword:
+    type: OS::Heat::RandomString
+    properties:
+      length: 10
+
+  RabbitCookie:
+    type: OS::Heat::RandomString
+    properties:
+      length: 20
+      salt: {get_param: RabbitCookieSalt}
+
+  DefaultPasswords:
+    type: OS::TripleO::DefaultPasswords
+    properties:
+      DefaultMysqlRootPassword: {get_attr: [MysqlRootPassword, value]}
+      DefaultRabbitCookie: {get_attr: [RabbitCookie, value]}
+      DefaultHeatAuthEncryptionKey: {get_attr: [HeatAuthEncryptionKey, value]}
+      DefaultPcsdPassword: {get_attr: [PcsdPassword, value]}
+      DefaultHorizonSecret: {get_attr: [HorizonSecret, value]}
+
+  # creates the network architecture
+  Networks:
+    type: OS::TripleO::Network
+
+  ControlVirtualIP:
+    type: OS::Neutron::Port
+    depends_on: Networks
+    properties:
+      name: control_virtual_ip
+      network: {get_param: NeutronControlPlaneID}
+      fixed_ips: {get_param: ControlFixedIPs}
+      replacement_policy: AUTO
+
+  RedisVirtualIP:
+    depends_on: Networks
+    type: OS::TripleO::Network::Ports::RedisVipPort
+    properties:
+      ControlPlaneIP: {get_attr: [ControlVirtualIP, fixed_ips, 0, ip_address]}
+      ControlPlaneNetwork: {get_param: NeutronControlPlaneID}
+      PortName: redis_virtual_ip
+      NetworkName: {get_attr: [ServiceNetMap, service_net_map, RedisNetwork]}
+      ServiceName: redis
+      FixedIPs: {get_param: RedisVirtualFixedIPs}
+
+  # The public VIP is on the External net, falls back to ctlplane
+  PublicVirtualIP:
+    depends_on: Networks
+    type: OS::TripleO::Network::Ports::ExternalVipPort
+    properties:
+      ControlPlaneIP: {get_attr: [ControlVirtualIP, fixed_ips, 0, ip_address]}
+      ControlPlaneNetwork: {get_param: NeutronControlPlaneID}
+      PortName: public_virtual_ip
+      FixedIPs: {get_param: PublicVirtualFixedIPs}
+
+  InternalApiVirtualIP:
+    depends_on: Networks
+    type: OS::TripleO::Network::Ports::InternalApiVipPort
+    properties:
+      ControlPlaneIP: {get_attr: [ControlVirtualIP, fixed_ips, 0, ip_address]}
+      PortName: internal_api_virtual_ip
+      FixedIPs: {get_param: InternalApiVirtualFixedIPs}
+
+  StorageVirtualIP:
+    depends_on: Networks
+    type: OS::TripleO::Network::Ports::StorageVipPort
+    properties:
+      ControlPlaneIP: {get_attr: [ControlVirtualIP, fixed_ips, 0, ip_address]}
+      PortName: storage_virtual_ip
+      FixedIPs: {get_param: StorageVirtualFixedIPs}
+
+  StorageMgmtVirtualIP:
+    depends_on: Networks
+    type: OS::TripleO::Network::Ports::StorageMgmtVipPort
+    properties:
+      ControlPlaneIP: {get_attr: [ControlVirtualIP, fixed_ips, 0, ip_address]}
+      PortName: storage_management_virtual_ip
+      FixedIPs: {get_param: StorageMgmtVirtualFixedIPs}
+
+  VipMap:
+    type: OS::TripleO::Network::Ports::NetVipMap
+    properties:
+      ControlPlaneIp: {get_attr: [ControlVirtualIP, fixed_ips, 0, ip_address]}
+      ExternalIp: {get_attr: [PublicVirtualIP, ip_address]}
+      ExternalIpUri: {get_attr: [PublicVirtualIP, ip_address_uri]}
+      InternalApiIp: {get_attr: [InternalApiVirtualIP, ip_address]}
+      InternalApiIpUri: {get_attr: [InternalApiVirtualIP, ip_address_uri]}
+      StorageIp: {get_attr: [StorageVirtualIP, ip_address]}
+      StorageIpUri: {get_attr: [StorageVirtualIP, ip_address_uri]}
+      StorageMgmtIp: {get_attr: [StorageMgmtVirtualIP, ip_address]}
+      StorageMgmtIpUri: {get_attr: [StorageMgmtVirtualIP, ip_address_uri]}
+      # No tenant or management VIP required
+
+  # All Nodes Validations
+  AllNodesValidationConfig:
+    type: OS::TripleO::AllNodes::Validation
+    properties:
+      PingTestIps:
+        list_join:
+        - ' '
+        - - {get_attr: [Controller, resource.0.external_ip_address]}
+          - {get_attr: [Controller, resource.0.internal_api_ip_address]}
+          - {get_attr: [Controller, resource.0.storage_ip_address]}
+          - {get_attr: [Controller, resource.0.storage_mgmt_ip_address]}
+          - {get_attr: [Controller, resource.0.tenant_ip_address]}
+          - {get_attr: [Controller, resource.0.management_ip_address]}
+
+  UpdateWorkflow:
+    type: OS::TripleO::Tasks::UpdateWorkflow
+    properties:
+      controller_servers: {get_attr: [Controller, attributes, nova_server_resource]}
+      compute_servers: {get_attr: [Compute, attributes, nova_server_resource]}
+      blockstorage_servers: {get_attr: [BlockStorage, attributes, nova_server_resource]}
+      objectstorage_servers: {get_attr: [ObjectStorage, attributes, nova_server_resource]}
+      cephstorage_servers: {get_attr: [CephStorage, attributes, nova_server_resource]}
+      input_values:
+        deploy_identifier: {get_param: DeployIdentifier}
+        update_identifier: {get_param: UpdateIdentifier}
+
+  # Optional ExtraConfig for all nodes - all roles are passed in here, but
+  # the nested template may configure each role differently (or not at all)
+  AllNodesExtraConfig:
+    type: OS::TripleO::AllNodesExtraConfig
+    depends_on:
+      - UpdateWorkflow
+      - ComputeAllNodesValidationDeployment
+      - BlockStorageAllNodesValidationDeployment
+      - ObjectStorageAllNodesValidationDeployment
+      - CephStorageAllNodesValidationDeployment
+      - ControllerAllNodesValidationDeployment
+    properties:
+      controller_servers: {get_attr: [Controller, attributes, nova_server_resource]}
+      compute_servers: {get_attr: [Compute, attributes, nova_server_resource]}
+      blockstorage_servers: {get_attr: [BlockStorage, attributes, nova_server_resource]}
+      objectstorage_servers: {get_attr: [ObjectStorage, attributes, nova_server_resource]}
+      cephstorage_servers: {get_attr: [CephStorage, attributes, nova_server_resource]}
+
+  # Post deployment steps for all roles
+  AllNodesDeploySteps:
+    type: OS::TripleO::PostDeploySteps
+    properties:
+      servers:
+        Controller: {get_attr: [Controller, attributes, nova_server_resource]}
+        Compute: {get_attr: [Compute, attributes, nova_server_resource]}
+        BlockStorage: {get_attr: [BlockStorage, attributes, nova_server_resource]}
+        ObjectStorage: {get_attr: [ObjectStorage, attributes, nova_server_resource]}
+        CephStorage: {get_attr: [CephStorage, attributes, nova_server_resource]}
+      role_data:
+        Controller: {get_attr: [ControllerServiceChain, role_data]}
+        Compute: {get_attr: [ComputeServiceChain, role_data]}
+        BlockStorage: {get_attr: [BlockStorageServiceChain, role_data]}
+        ObjectStorage: {get_attr: [ObjectStorageServiceChain, role_data]}
+        CephStorage: {get_attr: [CephStorageServiceChain, role_data]}
+
+outputs:
+  ManagedEndpoints:
+    description: Asserts that the keystone endpoints have been provisioned.
+    value: true
+  KeystoneURL:
+    description: URL for the Overcloud Keystone service
+    value: {get_attr: [EndpointMap, endpoint_map, KeystonePublic, uri]}
+  KeystoneAdminVip:
+    description: Keystone Admin VIP endpoint
+    value: {get_attr: [VipMap, net_ip_map, {get_attr: [ServiceNetMap, service_net_map, KeystoneAdminApiNetwork]}]}
+  PublicVip:
+    description: Controller VIP for public API endpoints
+    value: {get_attr: [VipMap, net_ip_map, external]}
+  AodhInternalVip:
+    description: VIP for Aodh API internal endpoint
+    value: {get_attr: [VipMap, net_ip_map, {get_attr: [ServiceNetMap, service_net_map, AodhApiNetwork]}]}
+  CeilometerInternalVip:
+    description: VIP for Ceilometer API internal endpoint
+    value: {get_attr: [VipMap, net_ip_map, {get_attr: [ServiceNetMap, service_net_map, CeilometerApiNetwork]}]}
+  CephRgwInternalVip:
+    description: VIP for Ceph RGW internal endpoint
+    value: {get_attr: [VipMap, net_ip_map, {get_attr: [ServiceNetMap, service_net_map, CephRgwNetwork]}]}
+  CinderInternalVip:
+    description: VIP for Cinder API internal endpoint
+    value: {get_attr: [VipMap, net_ip_map, {get_attr: [ServiceNetMap, service_net_map, CinderApiNetwork]}]}
+  GlanceInternalVip:
+    description: VIP for Glance API internal endpoint
+    value: {get_attr: [VipMap, net_ip_map, {get_attr: [ServiceNetMap, service_net_map, GlanceApiNetwork]}]}
+  GnocchiInternalVip:
+    description: VIP for Gnocchi API internal endpoint
+    value: {get_attr: [VipMap, net_ip_map, {get_attr: [ServiceNetMap, service_net_map, GnocchiApiNetwork]}]}
+  HeatInternalVip:
+    description: VIP for Heat API internal endpoint
+    value: {get_attr: [VipMap, net_ip_map, {get_attr: [ServiceNetMap, service_net_map, HeatApiNetwork]}]}
+  IronicInternalVip:
+    description: VIP for Ironic API internal endpoint
+    value: {get_attr: [VipMap, net_ip_map, {get_attr: [ServiceNetMap, service_net_map, IronicApiNetwork]}]}
+  KeystoneInternalVip:
+    description: VIP for Keystone API internal endpoint
+    value: {get_attr: [VipMap, net_ip_map, {get_attr: [ServiceNetMap, service_net_map, KeystonePublicApiNetwork]}]}
+  ManilaInternalVip:
+    description: VIP for Manila API internal endpoint
+    value: {get_attr: [VipMap, net_ip_map, {get_attr: [ServiceNetMap, service_net_map, ManilaApiNetwork]}]}
+  NeutronInternalVip:
+    description: VIP for Neutron API internal endpoint
+    value: {get_attr: [VipMap, net_ip_map, {get_attr: [ServiceNetMap, service_net_map, NeutronApiNetwork]}]}
+  NovaInternalVip:
+    description: VIP for Nova API internal endpoint
+    value: {get_attr: [VipMap, net_ip_map, {get_attr: [ServiceNetMap, service_net_map, NovaApiNetwork]}]}
+  OpenDaylightInternalVip:
+    description: VIP for OpenDaylight API internal endpoint
+    value: {get_attr: [VipMap, net_ip_map, {get_attr: [ServiceNetMap, service_net_map, OpenDaylightApiNetwork]}]}
+  SaharaInternalVip:
+    description: VIP for Sahara API internal endpoint
+    value: {get_attr: [VipMap, net_ip_map, {get_attr: [ServiceNetMap, service_net_map, SaharaApiNetwork]}]}
+  SwiftInternalVip:
+    description: VIP for Swift Proxy internal endpoint
+    value: {get_attr: [VipMap, net_ip_map, {get_attr: [ServiceNetMap, service_net_map, SwiftProxyNetwork]}]}
+  EndpointMap:
+    description: |
+      Mapping of the resources with the needed info for their endpoints.
+      This includes the protocol used, the IP, port and also a full
+      representation of the URI.
+    value: {get_attr: [EndpointMap, endpoint_map]}
+  HostsEntry:
+    description: |
+      The content that should be appended to your /etc/hosts if you want to get
+      hostname-based access to the deployed nodes (useful for testing without
+      setting up a DNS).
+    value: {get_attr: [allNodesConfig, hosts_entries]}
+  EnabledServices:
+    description: The services enabled on each role
+    value:
+      Controller: {get_attr: [ControllerServiceChain, role_data, service_names]}
+      Compute: {get_attr: [ComputeServiceChain, role_data, service_names]}
+      BlockStorage: {get_attr: [BlockStorageServiceChain, role_data, service_names]}
+      ObjectStorage: {get_attr: [ObjectStorageServiceChain, role_data, service_names]}
+      CephStorage: {get_attr: [CephStorageServiceChain, role_data, service_names]}
diff --git a/overcloud.yaml b/overcloud.yaml
deleted file mode 100644 (file)
index 2a02fda..0000000
--- a/overcloud.yaml
+++ /dev/null
@@ -1,1086 +0,0 @@
-heat_template_version: 2016-10-14
-
-description: >
-  Deploy an OpenStack environment, consisting of several node types (roles),
-  Controller, Compute, BlockStorage, SwiftStorage and CephStorage. The Storage
-  roles enable independent scaling of the storage components, but the minimal
-  deployment is one Controller and one Compute node.
-
-
-# TODO(shadower): we should probably use the parameter groups to put
-# some order in here.
-parameters:
-
-  # Common parameters (not specific to a role)
-  CloudName:
-    default: overcloud.localdomain
-    description: The DNS name of this cloud. E.g. ci-overcloud.tripleo.org
-    type: string
-  CloudNameInternal:
-    default: overcloud.internalapi.localdomain
-    description: >
-      The DNS name of this cloud's internal API endpoint. E.g.
-      'ci-overcloud.internalapi.tripleo.org'.
-    type: string
-  CloudNameStorage:
-    default: overcloud.storage.localdomain
-    description: >
-      The DNS name of this cloud's storage endpoint. E.g.
-      'ci-overcloud.storage.tripleo.org'.
-    type: string
-  CloudNameStorageManagement:
-    default: overcloud.storagemgmt.localdomain
-    description: >
-      The DNS name of this cloud's storage management endpoint. E.g.
-      'ci-overcloud.storagemgmt.tripleo.org'.
-    type: string
-  CloudNameManagement:
-    default: overcloud.management.localdomain
-    description: >
-      The DNS name of this cloud's storage management endpoint. E.g.
-      'ci-overcloud.management.tripleo.org'.
-    type: string
-  ControlFixedIPs:
-    default: []
-    description: Should be used for arbitrary ips.
-    type: json
-  InternalApiVirtualFixedIPs:
-    default: []
-    description: >
-        Control the IP allocation for the InternalApiVirtualInterface port. E.g.
-        [{'ip_address':'1.2.3.4'}]
-    type: json
-  NeutronControlPlaneID:
-    default: 'ctlplane'
-    type: string
-    description: Neutron ID or name for ctlplane network.
-  NeutronPublicInterface:
-    default: nic1
-    description: What interface to bridge onto br-ex for network nodes.
-    type: string
-  PublicVirtualFixedIPs:
-    default: []
-    description: >
-        Control the IP allocation for the PublicVirtualInterface port. E.g.
-        [{'ip_address':'1.2.3.4'}]
-    type: json
-  RabbitCookieSalt:
-    type: string
-    default: unset
-    description: Salt for the rabbit cookie, change this to force the randomly generated rabbit cookie to change.
-  StorageVirtualFixedIPs:
-    default: []
-    description: >
-        Control the IP allocation for the StorageVirtualInterface port. E.g.
-        [{'ip_address':'1.2.3.4'}]
-    type: json
-  StorageMgmtVirtualFixedIPs:
-    default: []
-    description: >
-        Control the IP allocation for the StorageMgmgVirtualInterface port. E.g.
-        [{'ip_address':'1.2.3.4'}]
-    type: json
-  RedisVirtualFixedIPs:
-    default: []
-    description: >
-        Control the IP allocation for the virtual IP used by Redis. E.g.
-        [{'ip_address':'1.2.3.4'}]
-    type: json
-  CloudDomain:
-    default: 'localdomain'
-    type: string
-    description: >
-      The DNS domain used for the hosts. This should match the dhcp_domain
-      configured in the Undercloud neutron. Defaults to localdomain.
-  ServerMetadata:
-    default: {}
-    description: >
-      Extra properties or metadata passed to Nova for the created nodes in
-      the overcloud. It's accessible via the Nova metadata API.
-    type: json
-
-  # Controller-specific params
-  ControllerCount:
-    type: number
-    default: 1
-  controllerExtraConfig:
-    default: {}
-    description: |
-      Deprecated. Use ControllerExtraConfig via parameter_defaults instead.
-    type: json
-  ExtraConfig:
-    default: {}
-    description: |
-      Additional configuration to inject into the cluster. The format required
-      may be implementation specific, e.g puppet hieradata.  Any role specific
-      ExtraConfig, e.g controllerExtraConfig takes precedence over ExtraConfig.
-    type: json
-
-# Compute-specific params
-  ComputeCount:
-    type: number
-    default: 1
-  HypervisorNeutronPhysicalBridge:
-    default: 'br-ex'
-    description: >
-      An OVS bridge to create on each hypervisor. This defaults to br-ex the
-      same as the control plane nodes, as we have a uniform configuration of
-      the openvswitch agent. Typically should not need to be changed.
-    type: string
-  HypervisorNeutronPublicInterface:
-    default: nic1
-    description: What interface to add to the HypervisorNeutronPhysicalBridge.
-    type: string
-
-  ControllerServices:
-    default:
-      - OS::TripleO::Services::CACerts
-      - OS::TripleO::Services::CephMon
-      - OS::TripleO::Services::CephExternal
-      - OS::TripleO::Services::CinderApi
-      - OS::TripleO::Services::CinderBackup
-      - OS::TripleO::Services::CinderScheduler
-      - OS::TripleO::Services::CinderVolume
-      - OS::TripleO::Services::Core
-      - OS::TripleO::Services::Kernel
-      - OS::TripleO::Services::Keystone
-      - OS::TripleO::Services::GlanceApi
-      - OS::TripleO::Services::GlanceRegistry
-      - OS::TripleO::Services::HeatApi
-      - OS::TripleO::Services::HeatApiCfn
-      - OS::TripleO::Services::HeatApiCloudwatch
-      - OS::TripleO::Services::HeatEngine
-      - OS::TripleO::Services::MySQL
-      - OS::TripleO::Services::NeutronDhcpAgent
-      - OS::TripleO::Services::NeutronL3Agent
-      - OS::TripleO::Services::NeutronMetadataAgent
-      - OS::TripleO::Services::NeutronApi
-      - OS::TripleO::Services::NeutronCorePlugin
-      - OS::TripleO::Services::NeutronOvsAgent
-      - OS::TripleO::Services::RabbitMQ
-      - OS::TripleO::Services::HAproxy
-      - OS::TripleO::Services::Keepalived
-      - OS::TripleO::Services::Memcached
-      - OS::TripleO::Services::Pacemaker
-      - OS::TripleO::Services::Redis
-      - OS::TripleO::Services::NovaConductor
-      - OS::TripleO::Services::MongoDb
-      - OS::TripleO::Services::NovaApi
-      - OS::TripleO::Services::NovaScheduler
-      - OS::TripleO::Services::NovaConsoleauth
-      - OS::TripleO::Services::NovaVncproxy
-      - OS::TripleO::Services::Ntp
-      - OS::TripleO::Services::SwiftProxy
-      - OS::TripleO::Services::SwiftStorage
-      - OS::TripleO::Services::SwiftRingBuilder
-      - OS::TripleO::Services::Snmp
-      - OS::TripleO::Services::Timezone
-      - OS::TripleO::Services::CeilometerApi
-      - OS::TripleO::Services::CeilometerCollector
-      - OS::TripleO::Services::CeilometerExpirer
-      - OS::TripleO::Services::CeilometerAgentCentral
-      - OS::TripleO::Services::CeilometerAgentNotification
-      - OS::TripleO::Services::Horizon
-      - OS::TripleO::Services::GnocchiApi
-      - OS::TripleO::Services::GnocchiMetricd
-      - OS::TripleO::Services::GnocchiStatsd
-      - OS::Tripleo::Services::ManilaApi
-      - OS::Tripleo::Services::ManilaScheduler
-      - OS::Tripleo::Services::ManilaShare
-      - OS::TripleO::Services::AodhApi
-      - OS::TripleO::Services::AodhEvaluator
-      - OS::TripleO::Services::AodhNotifier
-      - OS::TripleO::Services::AodhListener
-      - OS::TripleO::Services::SaharaApi
-      - OS::TripleO::Services::SaharaEngine
-      - OS::TripleO::Services::IronicApi
-      - OS::TripleO::Services::IronicConductor
-      - OS::TripleO::Services::NovaIronic
-      - OS::TripleO::Services::TripleoPackages
-      - OS::TripleO::Services::TripleoFirewall
-      - OS::TripleO::Services::OpenDaylight
-      - OS::TripleO::Services::SensuClient
-      - OS::TripleO::Services::VipHosts
-    description: A list of service resources (configured in the Heat
-                 resource_registry) which represent nested stacks
-                 for each service that should get installed on the Controllers.
-    type: comma_delimited_list
-
-  ComputeServices:
-    default:
-      - OS::TripleO::Services::CACerts
-      - OS::TripleO::Services::CephClient
-      - OS::TripleO::Services::CephExternal
-      - OS::TripleO::Services::Timezone
-      - OS::TripleO::Services::Ntp
-      - OS::TripleO::Services::Snmp
-      - OS::TripleO::Services::NovaCompute
-      - OS::TripleO::Services::NovaLibvirt
-      - OS::TripleO::Services::Kernel
-      - OS::TripleO::Services::ComputeNeutronCorePlugin
-      - OS::TripleO::Services::ComputeNeutronOvsAgent
-      - OS::TripleO::Services::ComputeCeilometerAgent
-      - OS::TripleO::Services::ComputeNeutronL3Agent
-      - OS::TripleO::Services::ComputeNeutronMetadataAgent
-      - OS::TripleO::Services::TripleoPackages
-      - OS::TripleO::Services::TripleoFirewall
-      - OS::TripleO::Services::NeutronSriovAgent
-      - OS::TripleO::Services::OpenDaylightOvs
-      - OS::TripleO::Services::SensuClient
-      - OS::TripleO::Services::VipHosts
-    description: A list of service resources (configured in the Heat
-                 resource_registry) which represent nested stacks
-                 for each service that should get installed on the Compute Nodes.
-    type: comma_delimited_list
-
-# Block storage specific parameters
-  BlockStorageCount:
-    type: number
-    default: 0
-  BlockStorageExtraConfig:
-    default: {}
-    description: |
-      BlockStorage specific configuration to inject into the cluster. Same
-      structure as ExtraConfig.
-    type: json
-  BlockStorageServices:
-    default:
-      - OS::TripleO::Services::CACerts
-      - OS::TripleO::Services::CinderVolume
-      - OS::TripleO::Services::Kernel
-      - OS::TripleO::Services::Ntp
-      - OS::TripleO::Services::Timezone
-      - OS::TripleO::Services::Snmp
-      - OS::TripleO::Services::TripleoPackages
-      - OS::TripleO::Services::TripleoFirewall
-      - OS::TripleO::Services::SensuClient
-      - OS::TripleO::Services::VipHosts
-    description: A list of service resources (configured in the Heat
-                 resource_registry) which represent nested stacks
-                 for each service that should get installed on the BlockStorage nodes.
-    type: comma_delimited_list
-
-# Object storage specific parameters
-  ObjectStorageCount:
-    type: number
-    default: 0
-  ObjectStorageExtraConfig:
-    default: {}
-    description: |
-      ObjectStorage specific configuration to inject into the cluster. Same
-      structure as ExtraConfig.
-    type: json
-  ObjectStorageServices:
-    default:
-      - OS::TripleO::Services::CACerts
-      - OS::TripleO::Services::Kernel
-      - OS::TripleO::Services::Ntp
-      - OS::TripleO::Services::SwiftStorage
-      - OS::TripleO::Services::SwiftRingBuilder
-      - OS::TripleO::Services::Snmp
-      - OS::TripleO::Services::Timezone
-      - OS::TripleO::Services::TripleoPackages
-      - OS::TripleO::Services::TripleoFirewall
-      - OS::TripleO::Services::SensuClient
-      - OS::TripleO::Services::VipHosts
-    description: A list of service resources (configured in the Heat
-                 resource_registry) which represent nested stacks
-                 for each service that should get installed on the ObjectStorage nodes.
-                 Note this role currently only supports steps 2, 3 and 4 configuration.
-    type: comma_delimited_list
-
-
-# Ceph storage specific parameters
-  CephStorageCount:
-    type: number
-    default: 0
-  CephStorageExtraConfig:
-    default: {}
-    description: |
-      CephStorage specific configuration to inject into the cluster. Same
-      structure as ExtraConfig.
-    type: json
-  CephStorageServices:
-    default:
-      - OS::TripleO::Services::CACerts
-      - OS::TripleO::Services::CephOSD
-      - OS::TripleO::Services::Kernel
-      - OS::TripleO::Services::Ntp
-      - OS::TripleO::Services::Timezone
-      - OS::TripleO::Services::TripleoPackages
-      - OS::TripleO::Services::TripleoFirewall
-      - OS::TripleO::Services::SensuClient
-      - OS::TripleO::Services::VipHosts
-    description: A list of service resources (configured in the Heat
-                 resource_registry) which represent nested stacks
-                 for each service that should get installed on the CephStorage nodes.
-    type: comma_delimited_list
-
-  # Hostname format for each role
-  # Note %index% is translated into the index of the node, e.g 0/1/2 etc
-  # and %stackname% is replaced with OS::stack_name in the template below.
-  # If you want to use the heat generated names, pass '' (empty string).
-  ControllerHostnameFormat:
-    type: string
-    description: Format for Controller node hostnames
-    default: '%stackname%-controller-%index%'
-  ComputeHostnameFormat:
-    type: string
-    description: Format for Compute node hostnames
-    default: '%stackname%-novacompute-%index%'
-  BlockStorageHostnameFormat:
-    type: string
-    description: Format for BlockStorage node hostnames
-    default: '%stackname%-blockstorage-%index%'
-  ObjectStorageHostnameFormat:
-    type: string
-    description: Format for SwiftStorage node hostnames
-    default: '%stackname%-objectstorage-%index%'
-  CephStorageHostnameFormat:
-    type: string
-    description: Format for CephStorage node hostnames
-    default: '%stackname%-cephstorage-%index%'
-
-  # Identifiers to trigger tasks on nodes
-  UpdateIdentifier:
-    default: ''
-    type: string
-    description: >
-      Setting to a previously unused value during stack-update will trigger
-      package update on all nodes
-  DeployIdentifier:
-    default: ''
-    type: string
-    description: >
-      Setting this to a unique value will re-run any deployment tasks which
-      perform configuration on a Heat stack-update.
-
-  # If you want to remove a specific node from a resource group, you can pass
-  # the node name or id as a <Group>RemovalPolicies parameter, for example:
-  # ComputeRemovalPolicies: [{'resource_list': ['0']}]
-  ControllerRemovalPolicies:
-    default: []
-    type: json
-    description: >
-      List of resources to be removed from ControllerResourceGroup when
-      doing an update which requires removal of specific resources.
-  ComputeRemovalPolicies:
-    default: []
-    type: json
-    description: >
-      List of resources to be removed from ComputeResourceGroup when
-      doing an update which requires removal of specific resources.
-  BlockStorageRemovalPolicies:
-    default: []
-    type: json
-    description: >
-      List of resources to be removed from BlockStorageResourceGroup when
-      doing an update which requires removal of specific resources.
-  ObjectStorageRemovalPolicies:
-    default: []
-    type: json
-    description: >
-      List of resources to be removed from ObjectStorageResourceGroup when
-      doing an update which requires removal of specific resources.
-  CephStorageRemovalPolicies:
-    default: []
-    type: json
-    description: >
-      List of resources to be removed from CephStorageResourceGroup when
-      doing an update which requires removal of specific resources.
-
-parameter_groups:
-- label: deprecated
-  description: Do not use deprecated params, they will be removed.
-  parameters:
-  - controllerExtraConfig
-
-
-resources:
-
-  HeatAuthEncryptionKey:
-    type: OS::Heat::RandomString
-
-  PcsdPassword:
-    type: OS::Heat::RandomString
-    properties:
-      length: 16
-
-  HorizonSecret:
-    type: OS::Heat::RandomString
-    properties:
-      length: 10
-
-  ServiceNetMap:
-    type: OS::TripleO::ServiceNetMap
-
-  EndpointMap:
-    type: OS::TripleO::EndpointMap
-    properties:
-      CloudEndpoints:
-        external: {get_param: CloudName}
-        internal_api: {get_param: CloudNameInternal}
-        storage: {get_param: CloudNameStorage}
-        storage_mgmt: {get_param: CloudNameStorageManagement}
-        management: {get_param: CloudNameManagement}
-      NetIpMap: {get_attr: [VipMap, net_ip_map]}
-      ServiceNetMap: {get_attr: [ServiceNetMap, service_net_map]}
-
-  ControllerServiceChain:
-    type: OS::TripleO::Services
-    properties:
-      Services: {get_param: ControllerServices}
-      ServiceNetMap: {get_attr: [ServiceNetMap, service_net_map]}
-      EndpointMap: {get_attr: [EndpointMap, endpoint_map]}
-      DefaultPasswords: {get_attr: [DefaultPasswords, passwords]}
-
-  Controller:
-    type: OS::Heat::ResourceGroup
-    depends_on: Networks
-    properties:
-      count: {get_param: ControllerCount}
-      removal_policies: {get_param: ControllerRemovalPolicies}
-      resource_def:
-        type: OS::TripleO::Controller
-        properties:
-          CloudDomain: {get_param: CloudDomain}
-          controllerExtraConfig: {get_param: controllerExtraConfig}
-          ServiceNetMap: {get_attr: [ServiceNetMap, service_net_map]}
-          EndpointMap: {get_attr: [EndpointMap, endpoint_map]}
-          Hostname:
-            str_replace:
-              template: {get_param: ControllerHostnameFormat}
-              params:
-                '%stackname%': {get_param: 'OS::stack_name'}
-          NodeIndex: '%index%'
-          ServiceConfigSettings: {get_attr: [ControllerServiceChain, role_data, config_settings]}
-          ServiceNames: {get_attr: [ControllerServiceChain, role_data, service_names]}
-          MonitoringSubscriptions: {get_attr: [ControllerServiceChain, role_data, monitoring_subscriptions]}
-
-  ComputeServiceChain:
-    type: OS::TripleO::Services
-    properties:
-      Services: {get_param: ComputeServices}
-      ServiceNetMap: {get_attr: [ServiceNetMap, service_net_map]}
-      EndpointMap: {get_attr: [EndpointMap, endpoint_map]}
-      DefaultPasswords: {get_attr: [DefaultPasswords, passwords]}
-
-  Compute:
-    type: OS::Heat::ResourceGroup
-    depends_on: Networks
-    properties:
-      count: {get_param: ComputeCount}
-      removal_policies: {get_param: ComputeRemovalPolicies}
-      resource_def:
-        type: OS::TripleO::Compute
-        properties:
-          CloudDomain: {get_param: CloudDomain}
-          NeutronPhysicalBridge: {get_param: HypervisorNeutronPhysicalBridge}
-          NeutronPublicInterface: {get_param: HypervisorNeutronPublicInterface}
-          ServiceNetMap: {get_attr: [ServiceNetMap, service_net_map]}
-          EndpointMap: {get_attr: [EndpointMap, endpoint_map]}
-          Hostname:
-            str_replace:
-              template: {get_param: ComputeHostnameFormat}
-              params:
-                '%stackname%': {get_param: 'OS::stack_name'}
-          NodeIndex: '%index%'
-          ServiceConfigSettings: {get_attr: [ComputeServiceChain, role_data, config_settings]}
-          ServiceNames: {get_attr: [ComputeServiceChain, role_data, service_names]}
-          MonitoringSubscriptions: {get_attr: [ComputeServiceChain, role_data, monitoring_subscriptions]}
-
-  BlockStorageServiceChain:
-    type: OS::TripleO::Services
-    properties:
-      Services: {get_param: BlockStorageServices}
-      ServiceNetMap: {get_attr: [ServiceNetMap, service_net_map]}
-      EndpointMap: {get_attr: [EndpointMap, endpoint_map]}
-      DefaultPasswords: {get_attr: [DefaultPasswords, passwords]}
-
-  BlockStorage:
-    type: OS::Heat::ResourceGroup
-    depends_on: Networks
-    properties:
-      count: {get_param: BlockStorageCount}
-      removal_policies: {get_param: BlockStorageRemovalPolicies}
-      resource_def:
-        type: OS::TripleO::BlockStorage
-        properties:
-          UpdateIdentifier: {get_param: UpdateIdentifier}
-          Hostname:
-            str_replace:
-              template: {get_param: BlockStorageHostnameFormat}
-              params:
-                '%stackname%': {get_param: 'OS::stack_name'}
-          ServiceNetMap: {get_attr: [ServiceNetMap, service_net_map]}
-          ExtraConfig: {get_param: ExtraConfig}
-          BlockStorageExtraConfig: {get_param: BlockStorageExtraConfig}
-          CloudDomain: {get_param: CloudDomain}
-          ServerMetadata: {get_param: ServerMetadata}
-          NodeIndex: '%index%'
-          ServiceConfigSettings: {get_attr: [BlockStorageServiceChain, role_data, config_settings]}
-          ServiceNames: {get_attr: [BlockStorageServiceChain, role_data, service_names]}
-          MonitoringSubscriptions: {get_attr: [BlockStorageServiceChain, role_data, monitoring_subscriptions]}
-
-  ObjectStorageServiceChain:
-    type: OS::TripleO::Services
-    properties:
-      Services: {get_param: ObjectStorageServices}
-      ServiceNetMap: {get_attr: [ServiceNetMap, service_net_map]}
-      EndpointMap: {get_attr: [EndpointMap, endpoint_map]}
-      DefaultPasswords: {get_attr: [DefaultPasswords, passwords]}
-
-  ObjectStorage:
-    type: OS::Heat::ResourceGroup
-    depends_on: Networks
-    properties:
-      count: {get_param: ObjectStorageCount}
-      removal_policies: {get_param: ObjectStorageRemovalPolicies}
-      resource_def:
-        type: OS::TripleO::ObjectStorage
-        properties:
-          UpdateIdentifier: {get_param: UpdateIdentifier}
-          ServiceNetMap: {get_attr: [ServiceNetMap, service_net_map]}
-          Hostname:
-            str_replace:
-              template: {get_param: ObjectStorageHostnameFormat}
-              params:
-                '%stackname%': {get_param: 'OS::stack_name'}
-          ExtraConfig: {get_param: ExtraConfig}
-          ObjectStorageExtraConfig: {get_param: ObjectStorageExtraConfig}
-          CloudDomain: {get_param: CloudDomain}
-          ServerMetadata: {get_param: ServerMetadata}
-          NodeIndex: '%index%'
-          ServiceConfigSettings: {get_attr: [ObjectStorageServiceChain, role_data, config_settings]}
-          ServiceNames: {get_attr: [ObjectStorageServiceChain, role_data, service_names]}
-          MonitoringSubscriptions: {get_attr: [ObjectStorageServiceChain, role_data, monitoring_subscriptions]}
-
-  CephStorageServiceChain:
-    type: OS::TripleO::Services
-    properties:
-      Services: {get_param: CephStorageServices}
-      ServiceNetMap: {get_attr: [ServiceNetMap, service_net_map]}
-      EndpointMap: {get_attr: [EndpointMap, endpoint_map]}
-      DefaultPasswords: {get_attr: [DefaultPasswords, passwords]}
-
-  CephStorage:
-    type: OS::Heat::ResourceGroup
-    depends_on: Networks
-    properties:
-      count: {get_param: CephStorageCount}
-      removal_policies: {get_param: CephStorageRemovalPolicies}
-      resource_def:
-        type: OS::TripleO::CephStorage
-        properties:
-          ServiceNetMap: {get_attr: [ServiceNetMap, service_net_map]}
-          UpdateIdentifier: {get_param: UpdateIdentifier}
-          Hostname:
-            str_replace:
-              template: {get_param: CephStorageHostnameFormat}
-              params:
-                '%stackname%': {get_param: 'OS::stack_name'}
-          ExtraConfig: {get_param: ExtraConfig}
-          CephStorageExtraConfig: {get_param: CephStorageExtraConfig}
-          CloudDomain: {get_param: CloudDomain}
-          ServerMetadata: {get_param: ServerMetadata}
-          NodeIndex: '%index%'
-          ServiceConfigSettings: {get_attr: [CephStorageServiceChain, role_data, config_settings]}
-          ServiceNames: {get_attr: [CephStorageServiceChain, role_data, service_names]}
-          MonitoringSubscriptions: {get_attr: [CephStorageServiceChain, role_data, monitoring_subscriptions]}
-
-  ControllerIpListMap:
-    type: OS::TripleO::Network::Ports::NetIpListMap
-    properties:
-      ControlPlaneIpList: {get_attr: [Controller, ip_address]}
-      ExternalIpList: {get_attr: [Controller, external_ip_address]}
-      InternalApiIpList: {get_attr: [Controller, internal_api_ip_address]}
-      StorageIpList: {get_attr: [Controller, storage_ip_address]}
-      StorageMgmtIpList: {get_attr: [Controller, storage_mgmt_ip_address]}
-      TenantIpList: {get_attr: [Controller, tenant_ip_address]}
-      ManagementIpList: {get_attr: [Controller, management_ip_address]}
-      EnabledServices: {get_attr: [ControllerServiceChain, role_data, service_names]}
-      ServiceNetMap: {get_attr: [ServiceNetMap, service_net_map_lower]}
-      ServiceHostnameList: {get_attr: [Controller, hostname]}
-
-  ComputeIpListMap:
-    type: OS::TripleO::Network::Ports::NetIpListMap
-    properties:
-      ControlPlaneIpList: {get_attr: [Compute, ip_address]}
-      ExternalIpList: {get_attr: [Compute, external_ip_address]}
-      InternalApiIpList: {get_attr: [Compute, internal_api_ip_address]}
-      StorageIpList: {get_attr: [Compute, storage_ip_address]}
-      StorageMgmtIpList: {get_attr: [Compute, storage_mgmt_ip_address]}
-      TenantIpList: {get_attr: [Compute, tenant_ip_address]}
-      ManagementIpList: {get_attr: [Compute, management_ip_address]}
-      EnabledServices: {get_attr: [ComputeServiceChain, role_data, service_names]}
-      ServiceNetMap: {get_attr: [ServiceNetMap, service_net_map_lower]}
-      ServiceHostnameList: {get_attr: [Compute, hostname]}
-
-  BlockStorageIpListMap:
-    type: OS::TripleO::Network::Ports::NetIpListMap
-    properties:
-      ControlPlaneIpList: {get_attr: [BlockStorage, ip_address]}
-      ExternalIpList: {get_attr: [BlockStorage, external_ip_address]}
-      InternalApiIpList: {get_attr: [BlockStorage, internal_api_ip_address]}
-      StorageIpList: {get_attr: [BlockStorage, storage_ip_address]}
-      StorageMgmtIpList: {get_attr: [BlockStorage, storage_mgmt_ip_address]}
-      TenantIpList: {get_attr: [BlockStorage, tenant_ip_address]}
-      ManagementIpList: {get_attr: [BlockStorage, management_ip_address]}
-      EnabledServices: {get_attr: [BlockStorageServiceChain, role_data, service_names]}
-      ServiceNetMap: {get_attr: [ServiceNetMap, service_net_map_lower]}
-      ServiceHostnameList: {get_attr: [BlockStorage, hostname]}
-
-  ObjectStorageIpListMap:
-    type: OS::TripleO::Network::Ports::NetIpListMap
-    properties:
-      ControlPlaneIpList: {get_attr: [ObjectStorage, ip_address]}
-      ExternalIpList: {get_attr: [ObjectStorage, external_ip_address]}
-      InternalApiIpList: {get_attr: [ObjectStorage, internal_api_ip_address]}
-      StorageIpList: {get_attr: [ObjectStorage, storage_ip_address]}
-      StorageMgmtIpList: {get_attr: [ObjectStorage, storage_mgmt_ip_address]}
-      TenantIpList: {get_attr: [ObjectStorage, tenant_ip_address]}
-      ManagementIpList: {get_attr: [ObjectStorage, management_ip_address]}
-      EnabledServices: {get_attr: [ObjectStorageServiceChain, role_data, service_names]}
-      ServiceNetMap: {get_attr: [ServiceNetMap, service_net_map_lower]}
-      ServiceHostnameList: {get_attr: [ObjectStorage, hostname]}
-
-  CephStorageIpListMap:
-    type: OS::TripleO::Network::Ports::NetIpListMap
-    properties:
-      ControlPlaneIpList: {get_attr: [CephStorage, ip_address]}
-      ExternalIpList: {get_attr: [CephStorage, external_ip_address]}
-      InternalApiIpList: {get_attr: [CephStorage, internal_api_ip_address]}
-      StorageIpList: {get_attr: [CephStorage, storage_ip_address]}
-      StorageMgmtIpList: {get_attr: [CephStorage, storage_mgmt_ip_address]}
-      TenantIpList: {get_attr: [CephStorage, tenant_ip_address]}
-      ManagementIpList: {get_attr: [CephStorage, management_ip_address]}
-      EnabledServices: {get_attr: [CephStorageServiceChain, role_data, service_names]}
-      ServiceNetMap: {get_attr: [ServiceNetMap, service_net_map_lower]}
-      ServiceHostnameList: {get_attr: [CephStorage, hostname]}
-
-  allNodesConfig:
-    type: OS::TripleO::AllNodes::SoftwareConfig
-    properties:
-      cloud_name_external: {get_param: CloudName}
-      cloud_name_internal_api: {get_param: CloudNameInternal}
-      cloud_name_storage: {get_param: CloudNameStorage}
-      cloud_name_storage_mgmt: {get_param: CloudNameStorageManagement}
-      cloud_name_management: {get_param: CloudNameManagement}
-      hosts:
-        - list_join:
-            - '\n'
-            - {get_attr: [Compute, hosts_entry]}
-        - list_join:
-            - '\n'
-            - {get_attr: [Controller, hosts_entry]}
-        - list_join:
-            - '\n'
-            - {get_attr: [BlockStorage, hosts_entry]}
-        - list_join:
-            - '\n'
-            - {get_attr: [ObjectStorage, hosts_entry]}
-        - list_join:
-            - '\n'
-            - {get_attr: [CephStorage, hosts_entry]}
-      enabled_services:
-        list_join:
-          - ','
-          - {get_attr: [ControllerServiceChain, role_data, service_names]}
-          - {get_attr: [ComputeServiceChain, role_data, service_names]}
-          - {get_attr: [BlockStorageServiceChain, role_data, service_names]}
-          - {get_attr: [ObjectStorageServiceChain, role_data, service_names]}
-          - {get_attr: [CephStorageServiceChain, role_data, service_names]}
-      controller_ips: {get_attr: [Controller, ip_address]}
-      controller_names: {get_attr: [Controller, hostname]}
-      service_ips:
-        # Note (shardy) this somewhat complex yaql may be replaced
-        # with a map_deep_merge function in ocata.  It merges the
-        # list of maps, but appends to colliding lists when a service
-        # is deployed on more than one role
-        yaql:
-          expression: dict($.data.l.where($ != null).selectMany($.items()).groupBy($[0], $[1], [$[0], $[1].flatten()]))
-          data:
-            l:
-              - {get_attr: [ControllerIpListMap, service_ips]}
-              - {get_attr: [ComputeIpListMap, service_ips]}
-              - {get_attr: [BlockStorageIpListMap, service_ips]}
-              - {get_attr: [ObjectStorageIpListMap, service_ips]}
-              - {get_attr: [CephStorageIpListMap, service_ips]}
-      service_node_names:
-        yaql:
-          expression: dict($.data.l.where($ != null).selectMany($.items()).groupBy($[0], $[1], [$[0], $[1].flatten()]))
-          data:
-            l:
-              - {get_attr: [ControllerIpListMap, service_hostnames]}
-              - {get_attr: [ComputeIpListMap, service_hostnames]}
-              - {get_attr: [BlockStorageIpListMap, service_hostnames]}
-              - {get_attr: [ObjectStorageIpListMap, service_hostnames]}
-              - {get_attr: [CephStorageIpListMap, service_hostnames]}
-      # FIXME(shardy): These require further work to move into service_ips
-      memcache_node_ips: {get_attr: [ControllerIpListMap, net_ip_map, {get_attr: [ServiceNetMap, service_net_map, MemcachedNetwork]}]}
-      keystone_public_api_node_ips: {get_attr: [ControllerIpListMap, net_ip_map, {get_attr: [ServiceNetMap, service_net_map, KeystonePublicApiNetwork]}]}
-      keystone_admin_api_node_ips: {get_attr: [ControllerIpListMap, net_ip_map, {get_attr: [ServiceNetMap, service_net_map, KeystoneAdminApiNetwork]}]}
-      NetVipMap: {get_attr: [VipMap, net_ip_map]}
-      RedisVirtualIP: {get_attr: [RedisVirtualIP, ip_address]}
-      ServiceNetMap: {get_attr: [ServiceNetMap, service_net_map_lower]}
-      DeployIdentifier: {get_param: DeployIdentifier}
-      UpdateIdentifier: {get_param: UpdateIdentifier}
-
-  MysqlRootPassword:
-    type: OS::Heat::RandomString
-    properties:
-      length: 10
-
-  RabbitCookie:
-    type: OS::Heat::RandomString
-    properties:
-      length: 20
-      salt: {get_param: RabbitCookieSalt}
-
-  DefaultPasswords:
-    type: OS::TripleO::DefaultPasswords
-    properties:
-      DefaultMysqlRootPassword: {get_attr: [MysqlRootPassword, value]}
-      DefaultRabbitCookie: {get_attr: [RabbitCookie, value]}
-      DefaultHeatAuthEncryptionKey: {get_attr: [HeatAuthEncryptionKey, value]}
-      DefaultPcsdPassword: {get_attr: [PcsdPassword, value]}
-      DefaultHorizonSecret: {get_attr: [HorizonSecret, value]}
-
-  # creates the network architecture
-  Networks:
-    type: OS::TripleO::Network
-
-  ControlVirtualIP:
-    type: OS::Neutron::Port
-    depends_on: Networks
-    properties:
-      name: control_virtual_ip
-      network: {get_param: NeutronControlPlaneID}
-      fixed_ips: {get_param: ControlFixedIPs}
-      replacement_policy: AUTO
-
-  RedisVirtualIP:
-    depends_on: Networks
-    type: OS::TripleO::Network::Ports::RedisVipPort
-    properties:
-      ControlPlaneIP: {get_attr: [ControlVirtualIP, fixed_ips, 0, ip_address]}
-      ControlPlaneNetwork: {get_param: NeutronControlPlaneID}
-      PortName: redis_virtual_ip
-      NetworkName: {get_attr: [ServiceNetMap, service_net_map, RedisNetwork]}
-      ServiceName: redis
-      FixedIPs: {get_param: RedisVirtualFixedIPs}
-
-  # The public VIP is on the External net, falls back to ctlplane
-  PublicVirtualIP:
-    depends_on: Networks
-    type: OS::TripleO::Network::Ports::ExternalVipPort
-    properties:
-      ControlPlaneIP: {get_attr: [ControlVirtualIP, fixed_ips, 0, ip_address]}
-      ControlPlaneNetwork: {get_param: NeutronControlPlaneID}
-      PortName: public_virtual_ip
-      FixedIPs: {get_param: PublicVirtualFixedIPs}
-
-  InternalApiVirtualIP:
-    depends_on: Networks
-    type: OS::TripleO::Network::Ports::InternalApiVipPort
-    properties:
-      ControlPlaneIP: {get_attr: [ControlVirtualIP, fixed_ips, 0, ip_address]}
-      PortName: internal_api_virtual_ip
-      FixedIPs: {get_param: InternalApiVirtualFixedIPs}
-
-  StorageVirtualIP:
-    depends_on: Networks
-    type: OS::TripleO::Network::Ports::StorageVipPort
-    properties:
-      ControlPlaneIP: {get_attr: [ControlVirtualIP, fixed_ips, 0, ip_address]}
-      PortName: storage_virtual_ip
-      FixedIPs: {get_param: StorageVirtualFixedIPs}
-
-  StorageMgmtVirtualIP:
-    depends_on: Networks
-    type: OS::TripleO::Network::Ports::StorageMgmtVipPort
-    properties:
-      ControlPlaneIP: {get_attr: [ControlVirtualIP, fixed_ips, 0, ip_address]}
-      PortName: storage_management_virtual_ip
-      FixedIPs: {get_param: StorageMgmtVirtualFixedIPs}
-
-  VipMap:
-    type: OS::TripleO::Network::Ports::NetVipMap
-    properties:
-      ControlPlaneIp: {get_attr: [ControlVirtualIP, fixed_ips, 0, ip_address]}
-      ExternalIp: {get_attr: [PublicVirtualIP, ip_address]}
-      ExternalIpUri: {get_attr: [PublicVirtualIP, ip_address_uri]}
-      InternalApiIp: {get_attr: [InternalApiVirtualIP, ip_address]}
-      InternalApiIpUri: {get_attr: [InternalApiVirtualIP, ip_address_uri]}
-      StorageIp: {get_attr: [StorageVirtualIP, ip_address]}
-      StorageIpUri: {get_attr: [StorageVirtualIP, ip_address_uri]}
-      StorageMgmtIp: {get_attr: [StorageMgmtVirtualIP, ip_address]}
-      StorageMgmtIpUri: {get_attr: [StorageMgmtVirtualIP, ip_address_uri]}
-      # No tenant or management VIP required
-
-  ControllerSwiftDeployment:
-    type: OS::Heat::StructuredDeployments
-    properties:
-      name: ControllerSwiftDeployment
-      config: {get_attr: [SwiftDevicesAndProxyConfig, config_id]}
-      servers: {get_attr: [Controller, attributes, nova_server_resource]}
-
-  ObjectStorageSwiftDeployment:
-    type: OS::Heat::StructuredDeployments
-    properties:
-      name: ObjectStorageSwiftDeployment
-      config: {get_attr: [SwiftDevicesAndProxyConfig, config_id]}
-      servers: {get_attr: [ObjectStorage, attributes, nova_server_resource]}
-
-  SwiftDevicesAndProxyConfig:
-    type: OS::TripleO::SwiftDevicesAndProxy::SoftwareConfig
-    properties:
-      controller_swift_devices: {get_attr: [Controller, swift_device]}
-      object_store_swift_devices: {get_attr: [ObjectStorage, swift_device]}
-
-  ControllerAllNodesDeployment:
-    type: OS::Heat::StructuredDeployments
-    properties:
-      name: ControllerAllNodesDeployment
-      config: {get_attr: [allNodesConfig, config_id]}
-      servers: {get_attr: [Controller, attributes, nova_server_resource]}
-      input_values:
-        bootstrap_nodeid: {get_attr: [Controller, resource.0.hostname]}
-        bootstrap_nodeid_ip: {get_attr: [Controller, resource.0.ip_address]}
-
-  ComputeAllNodesDeployment:
-    type: OS::Heat::StructuredDeployments
-    properties:
-      name: ComputeAllNodesDeployment
-      config: {get_attr: [allNodesConfig, config_id]}
-      servers: {get_attr: [Compute, attributes, nova_server_resource]}
-      input_values:
-        bootstrap_nodeid: {get_attr: [Compute, resource.0.hostname]}
-        bootstrap_nodeid_ip: {get_attr: [Compute, resource.0.ip_address]}
-
-  BlockStorageAllNodesDeployment:
-    type: OS::Heat::StructuredDeployments
-    properties:
-      name: BlockStorageAllNodesDeployment
-      config: {get_attr: [allNodesConfig, config_id]}
-      servers: {get_attr: [BlockStorage, attributes, nova_server_resource]}
-      input_values:
-        bootstrap_nodeid: {get_attr: [BlockStorage, resource.0.hostname]}
-        bootstrap_nodeid_ip: {get_attr: [BlockStorage, resource.0.ip_address]}
-
-  ObjectStorageAllNodesDeployment:
-    type: OS::Heat::StructuredDeployments
-    properties:
-      name: ObjectStorageAllNodesDeployment
-      config: {get_attr: [allNodesConfig, config_id]}
-      servers: {get_attr: [ObjectStorage, attributes, nova_server_resource]}
-      input_values:
-        bootstrap_nodeid: {get_attr: [ObjectStorage, resource.0.hostname]}
-        bootstrap_nodeid_ip: {get_attr: [ObjectStorage, resource.0.ip_address]}
-
-  CephStorageAllNodesDeployment:
-    type: OS::Heat::StructuredDeployments
-    properties:
-      name: CephStorageAllNodesDeployment
-      config: {get_attr: [allNodesConfig, config_id]}
-      servers: {get_attr: [CephStorage, attributes, nova_server_resource]}
-      input_values:
-        bootstrap_nodeid: {get_attr: [CephStorage, resource.0.hostname]}
-        bootstrap_nodeid_ip: {get_attr: [CephStorage, resource.0.ip_address]}
-
-  # All Nodes Validations
-  AllNodesValidationConfig:
-    type: OS::TripleO::AllNodes::Validation
-    properties:
-      PingTestIps:
-        list_join:
-        - ' '
-        - - {get_attr: [Controller, resource.0.external_ip_address]}
-          - {get_attr: [Controller, resource.0.internal_api_ip_address]}
-          - {get_attr: [Controller, resource.0.storage_ip_address]}
-          - {get_attr: [Controller, resource.0.storage_mgmt_ip_address]}
-          - {get_attr: [Controller, resource.0.tenant_ip_address]}
-          - {get_attr: [Controller, resource.0.management_ip_address]}
-
-  ControllerAllNodesValidationDeployment:
-    type: OS::Heat::StructuredDeployments
-    depends_on: ControllerAllNodesDeployment
-    properties:
-      name: ControllerAllNodesValidationDeployment
-      config: {get_resource: AllNodesValidationConfig}
-      servers: {get_attr: [Controller, attributes, nova_server_resource]}
-
-  ComputeAllNodesValidationDeployment:
-    type: OS::Heat::StructuredDeployments
-    depends_on: ComputeAllNodesDeployment
-    properties:
-      name: ComputeAllNodesValidationDeployment
-      config: {get_resource: AllNodesValidationConfig}
-      servers: {get_attr: [Compute, attributes, nova_server_resource]}
-
-  BlockStorageAllNodesValidationDeployment:
-    type: OS::Heat::StructuredDeployments
-    depends_on: BlockStorageAllNodesDeployment
-    properties:
-      name: BlockStorageAllNodesValidationDeployment
-      config: {get_resource: AllNodesValidationConfig}
-      servers: {get_attr: [BlockStorage, attributes, nova_server_resource]}
-
-  ObjectStorageAllNodesValidationDeployment:
-    type: OS::Heat::StructuredDeployments
-    depends_on: ObjectStorageAllNodesDeployment
-    properties:
-      name: ObjectStorageAllNodesValidationDeployment
-      config: {get_resource: AllNodesValidationConfig}
-      servers: {get_attr: [ObjectStorage, attributes, nova_server_resource]}
-
-  CephStorageAllNodesValidationDeployment:
-    type: OS::Heat::StructuredDeployments
-    depends_on: CephStorageAllNodesDeployment
-    properties:
-      name: CephStorageAllNodesValidationDeployment
-      config: {get_resource: AllNodesValidationConfig}
-      servers: {get_attr: [CephStorage, attributes, nova_server_resource]}
-
-  UpdateWorkflow:
-    type: OS::TripleO::Tasks::UpdateWorkflow
-    properties:
-      controller_servers: {get_attr: [Controller, attributes, nova_server_resource]}
-      compute_servers: {get_attr: [Compute, attributes, nova_server_resource]}
-      blockstorage_servers: {get_attr: [BlockStorage, attributes, nova_server_resource]}
-      objectstorage_servers: {get_attr: [ObjectStorage, attributes, nova_server_resource]}
-      cephstorage_servers: {get_attr: [CephStorage, attributes, nova_server_resource]}
-      input_values:
-        deploy_identifier: {get_param: DeployIdentifier}
-        update_identifier: {get_param: UpdateIdentifier}
-
-  # Optional ExtraConfig for all nodes - all roles are passed in here, but
-  # the nested template may configure each role differently (or not at all)
-  AllNodesExtraConfig:
-    type: OS::TripleO::AllNodesExtraConfig
-    depends_on:
-      - UpdateWorkflow
-      - ComputeAllNodesValidationDeployment
-      - BlockStorageAllNodesValidationDeployment
-      - ObjectStorageAllNodesValidationDeployment
-      - CephStorageAllNodesValidationDeployment
-      - ControllerAllNodesValidationDeployment
-    properties:
-      controller_servers: {get_attr: [Controller, attributes, nova_server_resource]}
-      compute_servers: {get_attr: [Compute, attributes, nova_server_resource]}
-      blockstorage_servers: {get_attr: [BlockStorage, attributes, nova_server_resource]}
-      objectstorage_servers: {get_attr: [ObjectStorage, attributes, nova_server_resource]}
-      cephstorage_servers: {get_attr: [CephStorage, attributes, nova_server_resource]}
-
-  # Nested stack deployment runs after all other controller deployments
-  ControllerNodesPostDeployment:
-    type: OS::TripleO::ControllerPostDeployment
-    depends_on: [ControllerAllNodesDeployment, ControllerSwiftDeployment]
-    properties:
-      servers: {get_attr: [Controller, attributes, nova_server_resource]}
-      RoleData: {get_attr: [ControllerServiceChain, role_data]}
-
-  ComputeNodesPostDeployment:
-    type: OS::TripleO::ComputePostDeployment
-    depends_on: [ComputeAllNodesDeployment]
-    properties:
-      servers: {get_attr: [Compute, attributes, nova_server_resource]}
-      RoleData: {get_attr: [ComputeServiceChain, role_data]}
-
-  ObjectStorageNodesPostDeployment:
-    type: OS::TripleO::ObjectStoragePostDeployment
-    depends_on: [ObjectStorageSwiftDeployment, ObjectStorageAllNodesDeployment]
-    properties:
-      servers: {get_attr: [ObjectStorage, attributes, nova_server_resource]}
-      RoleData: {get_attr: [ObjectStorageServiceChain, role_data]}
-
-  BlockStorageNodesPostDeployment:
-    type: OS::TripleO::BlockStoragePostDeployment
-    depends_on: [ControllerNodesPostDeployment, BlockStorageAllNodesDeployment]
-    properties:
-      servers: {get_attr: [BlockStorage, attributes, nova_server_resource]}
-      RoleData: {get_attr: [BlockStorageServiceChain, role_data]}
-
-  CephStorageNodesPostDeployment:
-    type: OS::TripleO::CephStoragePostDeployment
-    depends_on: [ControllerNodesPostDeployment, CephStorageAllNodesDeployment]
-    properties:
-      servers: {get_attr: [CephStorage, attributes, nova_server_resource]}
-      RoleData: {get_attr: [CephStorageServiceChain, role_data]}
-
-
-outputs:
-  ManagedEndpoints:
-    description: Asserts that the keystone endpoints have been provisioned.
-    value: true
-  KeystoneURL:
-    description: URL for the Overcloud Keystone service
-    value: {get_attr: [EndpointMap, endpoint_map, KeystonePublic, uri]}
-  KeystoneAdminVip:
-    description: Keystone Admin VIP endpoint
-    value: {get_attr: [VipMap, net_ip_map, {get_attr: [ServiceNetMap, service_net_map, KeystoneAdminApiNetwork]}]}
-  PublicVip:
-    description: Controller VIP for public API endpoints
-    value: {get_attr: [VipMap, net_ip_map, external]}
-  AodhInternalVip:
-    description: VIP for Aodh API internal endpoint
-    value: {get_attr: [VipMap, net_ip_map, {get_attr: [ServiceNetMap, service_net_map, AodhApiNetwork]}]}
-  CeilometerInternalVip:
-    description: VIP for Ceilometer API internal endpoint
-    value: {get_attr: [VipMap, net_ip_map, {get_attr: [ServiceNetMap, service_net_map, CeilometerApiNetwork]}]}
-  CinderInternalVip:
-    description: VIP for Cinder API internal endpoint
-    value: {get_attr: [VipMap, net_ip_map, {get_attr: [ServiceNetMap, service_net_map, CinderApiNetwork]}]}
-  GlanceInternalVip:
-    description: VIP for Glance API internal endpoint
-    value: {get_attr: [VipMap, net_ip_map, {get_attr: [ServiceNetMap, service_net_map, GlanceApiNetwork]}]}
-  GnocchiInternalVip:
-    description: VIP for Gnocchi API internal endpoint
-    value: {get_attr: [VipMap, net_ip_map, {get_attr: [ServiceNetMap, service_net_map, GnocchiApiNetwork]}]}
-  HeatInternalVip:
-    description: VIP for Heat API internal endpoint
-    value: {get_attr: [VipMap, net_ip_map, {get_attr: [ServiceNetMap, service_net_map, HeatApiNetwork]}]}
-  IronicInternalVip:
-    description: VIP for Ironic API internal endpoint
-    value: {get_attr: [VipMap, net_ip_map, {get_attr: [ServiceNetMap, service_net_map, IronicApiNetwork]}]}
-  KeystoneInternalVip:
-    description: VIP for Keystone API internal endpoint
-    value: {get_attr: [VipMap, net_ip_map, {get_attr: [ServiceNetMap, service_net_map, KeystonePublicApiNetwork]}]}
-  ManilaInternalVip:
-    description: VIP for Manila API internal endpoint
-    value: {get_attr: [VipMap, net_ip_map, {get_attr: [ServiceNetMap, service_net_map, ManilaApiNetwork]}]}
-  NeutronInternalVip:
-    description: VIP for Neutron API internal endpoint
-    value: {get_attr: [VipMap, net_ip_map, {get_attr: [ServiceNetMap, service_net_map, NeutronApiNetwork]}]}
-  NovaInternalVip:
-    description: VIP for Nova API internal endpoint
-    value: {get_attr: [VipMap, net_ip_map, {get_attr: [ServiceNetMap, service_net_map, NovaApiNetwork]}]}
-  OpenDaylightInternalVip:
-    description: VIP for OpenDaylight API internal endpoint
-    value: {get_attr: [VipMap, net_ip_map, {get_attr: [ServiceNetMap, service_net_map, OpenDaylightApiNetwork]}]}
-  SaharaInternalVip:
-    description: VIP for Sahara API internal endpoint
-    value: {get_attr: [VipMap, net_ip_map, {get_attr: [ServiceNetMap, service_net_map, SaharaApiNetwork]}]}
-  SwiftInternalVip:
-    description: VIP for Swift Proxy internal endpoint
-    value: {get_attr: [VipMap, net_ip_map, {get_attr: [ServiceNetMap, service_net_map, SwiftProxyNetwork]}]}
-  EndpointMap:
-    description: |
-      Mapping of the resources with the needed info for their endpoints.
-      This includes the protocol used, the IP, port and also a full
-      representation of the URI.
-    value: {get_attr: [EndpointMap, endpoint_map]}
-  HostsEntry:
-    description: |
-      The content that should be appended to your /etc/hosts if you want to get
-      hostname-based access to the deployed nodes (useful for testing without
-      setting up a DNS).
-    value: {get_attr: [allNodesConfig, hosts_entries]}
-  EnabledServices:
-    description: The services enabled on each role
-    value:
-      Controller: {get_attr: [ControllerServiceChain, role_data, service_names]}
-      Compute: {get_attr: [ComputeServiceChain, role_data, service_names]}
-      BlockStorage: {get_attr: [BlockStorageServiceChain, role_data, service_names]}
-      ObjectStorage: {get_attr: [ObjectStorageServiceChain, role_data, service_names]}
-      CephStorage: {get_attr: [CephStorageServiceChain, role_data, service_names]}
diff --git a/puppet/all-nodes-config.yaml b/puppet/all-nodes-config.yaml
index 69bb193..c764d4e 100644 (file)
--- a/puppet/all-nodes-config.yaml
+++ b/puppet/all-nodes-config.yaml
@@ -10,7 +10,7 @@ parameters:
     type: string
   cloud_name_storage_mgmt:
     type: string
-  cloud_name_management:
+  cloud_name_ctlplane:
     type: string
   hosts:
     type: comma_delimited_list
@@ -90,6 +90,33 @@ resources:
                         for_each:
                           SERVICE:
                             str_split: [',', {get_param: enabled_services}]
+                  # Dynamically generate per-service network data
+                  # This works as follows (outer->inner functions)
+                  # yaql - filters services where no mapping exists in ServiceNetMap
+                  #   map_replace: substitute e.g heat_api_network with network name from ServiceNetMap
+                  #     map_merge/repeat: generate a per-service mapping
+                  - yaql:
+                      # This filters any entries where the value hasn't been substituted for
+                      # a list, e.g it's still $service_network.  This happens when there is
+                      # no network defined for the service in the ServiceNetMap, which is OK
+                      # as not all services have to be bound to a network, so we filter them
+                      expression: dict($.data.map.items().where(isString($[1]) and not $[1].endsWith("_network")))
+                      data:
+                        map:
+                          map_replace:
+                            - map_merge:
+                                repeat:
+                                  template:
+                                    SERVICE_network: SERVICE_network
+                                  for_each:
+                                    SERVICE:
+                                      str_split: [',', {get_param: enabled_services}]
+                            - values: {get_param: ServiceNetMap}
+                  # Keystone doesn't provide separate entries for the public
+                  # and admin endpoints, so we need to add them here manually
+                  # like we do in the vip-config below
+                  - keystone_admin_api_network: {get_param: [ServiceNetMap, keystone_admin_api_network]}
+                    keystone_public_api_network: {get_param: [ServiceNetMap, keystone_public_api_network]}
                   # provides a mapping of service_name_ips to a list of IPs
                   - {get_param: service_ips}
                   - {get_param: service_node_names}
@@ -182,7 +209,7 @@ resources:
                     cloud_name_internal_api: {get_param: cloud_name_internal_api}
                     cloud_name_storage: {get_param: cloud_name_storage}
                     cloud_name_storage_mgmt: {get_param: cloud_name_storage_mgmt}
-                    cloud_name_management: {get_param: cloud_name_management}
+                    cloud_name_ctlplane: {get_param: cloud_name_ctlplane}
 
 outputs:
   config_id:
diff --git a/puppet/blockstorage-config.yaml b/puppet/blockstorage-config.yaml
new file mode 100644 (file)
index 0000000..9b31b44
--- /dev/null
+++ b/puppet/blockstorage-config.yaml
@@ -0,0 +1,38 @@
+heat_template_version: 2015-04-30
+
+description: >
+  A software config which runs manifests/overcloud_volume.pp
+
+parameters:
+  ConfigDebug:
+    default: false
+    description: Whether to run config management (e.g. Puppet) in debug mode.
+    type: boolean
+  StepConfig:
+     type: string
+     description: Config manifests that will be used to step through the deployment.
+     default: ''
+
+resources:
+
+  BlockStoragePuppetConfigImpl:
+    type: OS::Heat::SoftwareConfig
+    properties:
+      group: puppet
+      options:
+        enable_debug: {get_param: ConfigDebug}
+        enable_hiera: True
+        enable_facter: False
+        modulepath: /etc/puppet/modules:/opt/stack/puppet-modules:/usr/share/openstack-puppet/modules
+      outputs:
+      - name: result
+      config:
+        list_join:
+        - ''
+        - - get_file: manifests/overcloud_volume.pp
+          - {get_param: StepConfig}
+
+outputs:
+  OS::stack_id:
+    description: The software config which runs overcloud_controller.pp
+    value: {get_resource: BlockStoragePuppetConfigImpl}
diff --git a/puppet/ceph-storage-post.yaml b/puppet/ceph-storage-post.yaml
deleted file mode 100644 (file)
index df6b724..0000000
--- a/puppet/ceph-storage-post.yaml
+++ /dev/null
@@ -1,81 +0,0 @@
-heat_template_version: 2015-04-30
-
-description: >
-  OpenStack ceph storage node post deployment for Puppet
-
-parameters:
-  ConfigDebug:
-    default: false
-    description: Whether to run config management (e.g. Puppet) in debug mode.
-    type: boolean
-  servers:
-    type: json
-  RoleData:
-    type: json
-    default: {}
-  DeployIdentifier:
-     type: string
-     default: ''
-     description: Value which changes if the node configuration may need to be re-applied
-
-resources:
-
-  CephStorageArtifactsConfig:
-    type: deploy-artifacts.yaml
-
-  CephStorageArtifactsDeploy:
-    type: OS::Heat::StructuredDeployments
-    properties:
-      servers:  {get_param: servers}
-      config: {get_resource: CephStorageArtifactsConfig}
-      input_values:
-        update_identifier: {get_param: DeployIdentifier}
-
-  CephStoragePuppetConfig:
-    type: OS::Heat::SoftwareConfig
-    properties:
-      group: puppet
-      options:
-        enable_debug: {get_param: ConfigDebug}
-        enable_hiera: True
-        enable_facter: False
-        modulepath: /etc/puppet/modules:/opt/stack/puppet-modules:/usr/share/openstack-puppet/modules
-      inputs:
-      - name: step
-      outputs:
-      - name: result
-      config:
-        list_join:
-        - ''
-        - - get_file: manifests/overcloud_cephstorage.pp
-          - {get_param: [RoleData, step_config]}
-
-  CephStorageDeployment_Step2:
-    type: OS::Heat::StructuredDeployments
-    depends_on: CephStorageArtifactsDeploy
-    properties:
-      name: CephStorageDeployment_Step2
-      servers:  {get_param: servers}
-      config: {get_resource: CephStoragePuppetConfig}
-      input_values:
-        step: 2
-        update_identifier: {get_param: DeployIdentifier}
-
-  CephStorageDeployment_Step3:
-    type: OS::Heat::StructuredDeployments
-    depends_on: CephStorageDeployment_Step2
-    properties:
-      name: CephStorageDeployment_Step3
-      servers:  {get_param: servers}
-      config: {get_resource: CephStoragePuppetConfig}
-      input_values:
-        step: 3
-        update_identifier: {get_param: DeployIdentifier}
-
-  # Note, this should come last, so use depends_on to ensure
-  # this is created after any other resources.
-  ExtraConfig:
-    depends_on: CephStorageDeployment_Step3
-    type: OS::TripleO::NodeExtraConfigPost
-    properties:
-        servers: {get_param: servers}
diff --git a/puppet/ceph-storage.yaml b/puppet/ceph-storage.yaml
index 5ba2c29..62748f9 100644 (file)
--- a/puppet/ceph-storage.yaml
+++ b/puppet/ceph-storage.yaml
@@ -27,6 +27,11 @@ parameters:
     description: Mapping of service_name -> network name. Typically set
                  via parameter_defaults in the resource registry.
     type: json
+  EndpointMap:
+    default: {}
+    description: Mapping of service endpoint -> protocol. Typically set
+                 via parameter_defaults in the resource registry.
+    type: json
   UpdateIdentifier:
     default: ''
     type: string
@@ -323,6 +328,7 @@ outputs:
           STORAGE_MGMTIP STORAGE_MGMTHOST.DOMAIN STORAGE_MGMTHOST
           TENANTIP TENANTHOST.DOMAIN TENANTHOST
           MANAGEMENTIP MANAGEMENTHOST.DOMAIN MANAGEMENTHOST
+          CTLPLANEIP CTLPLANEHOST.DOMAIN CTLPLANEHOST
         params:
           PRIMARYIP: {get_attr: [NetIpMap, net_ip_map, {get_param: [ServiceNetMap, CephStorageHostnameResolveNetwork]}]}
           DOMAIN: {get_param: CloudDomain}
@@ -363,6 +369,12 @@ outputs:
             - '.'
             - - {get_attr: [CephStorage, name]}
               - management
+          CTLPLANEIP: {get_attr: [CephStorage, networks, ctlplane, 0]}
+          CTLPLANEHOST:
+            list_join:
+            - '.'
+            - - {get_attr: [CephStorage, name]}
+              - ctlplane
   nova_server_resource:
     description: Heat resource handle for the ceph storage server
     value:
diff --git a/puppet/cephstorage-config.yaml b/puppet/cephstorage-config.yaml
new file mode 100644 (file)
index 0000000..4bad4a1
--- /dev/null
+++ b/puppet/cephstorage-config.yaml
@@ -0,0 +1,38 @@
+heat_template_version: 2015-04-30
+
+description: >
+  A software config which runs manifests/overcloud_cephstorage.pp
+
+parameters:
+  ConfigDebug:
+    default: false
+    description: Whether to run config management (e.g. Puppet) in debug mode.
+    type: boolean
+  StepConfig:
+     type: string
+     description: Config manifests that will be used to step through the deployment.
+     default: ''
+
+resources:
+
+  CephStoragePuppetConfigImpl:
+    type: OS::Heat::SoftwareConfig
+    properties:
+      group: puppet
+      options:
+        enable_debug: {get_param: ConfigDebug}
+        enable_hiera: True
+        enable_facter: False
+        modulepath: /etc/puppet/modules:/opt/stack/puppet-modules:/usr/share/openstack-puppet/modules
+      outputs:
+      - name: result
+      config:
+        list_join:
+        - ''
+        - - get_file: manifests/overcloud_cephstorage.pp
+          - {get_param: StepConfig}
+
+outputs:
+  OS::stack_id:
+    description: The software config which runs overcloud_controller.pp
+    value: {get_resource: CephStoragePuppetConfigImpl}
diff --git a/puppet/cinder-storage-post.yaml b/puppet/cinder-storage-post.yaml
deleted file mode 100644 (file)
index 0620bc6..0000000
--- a/puppet/cinder-storage-post.yaml
+++ /dev/null
@@ -1,91 +0,0 @@
-heat_template_version: 2015-04-30
-description: 'OpenStack cinder storage post deployment for Puppet'
-
-parameters:
-  ConfigDebug:
-    default: false
-    description: Whether to run config management (e.g. Puppet) in debug mode.
-    type: boolean
-  servers:
-    type: json
-  DeployIdentifier:
-     type: string
-     default: ''
-     description: Value which changes if the node configuration may need to be re-applied
-  RoleData:
-    type: json
-    default: {}
-
-resources:
-
-  VolumeArtifactsConfig:
-    type: deploy-artifacts.yaml
-
-  VolumeArtifactsDeploy:
-    type: OS::Heat::StructuredDeployments
-    properties:
-      servers:  {get_param: servers}
-      config: {get_resource: VolumeArtifactsConfig}
-      input_values:
-        update_identifier: {get_param: DeployIdentifier}
-
-  VolumePuppetConfig:
-    type: OS::Heat::SoftwareConfig
-    depends_on: VolumeArtifactsDeploy
-    properties:
-      group: puppet
-      options:
-        enable_debug: {get_param: ConfigDebug}
-        enable_hiera: True
-        enable_facter: False
-        modulepath: /etc/puppet/modules:/opt/stack/puppet-modules:/usr/share/openstack-puppet/modules
-      inputs:
-      - name: step
-      outputs:
-      - name: result
-      config:
-        list_join:
-        - ''
-        - - get_file: manifests/overcloud_volume.pp
-          - {get_param: [RoleData, step_config]}
-
-  VolumeDeployment_Step2:
-    type: OS::Heat::StructuredDeployments
-    depends_on: VolumeArtifactsDeploy
-    properties:
-      name: VolumeDeployment_Step2
-      servers:  {get_param: servers}
-      config: {get_resource: VolumePuppetConfig}
-      input_values:
-        step: 2
-        update_identifier: {get_param: DeployIdentifier}
-
-  VolumeDeployment_Step3:
-    type: OS::Heat::StructuredDeployments
-    depends_on: VolumeDeployment_Step2
-    properties:
-      name: VolumeDeployment_Step3
-      servers:  {get_param: servers}
-      config: {get_resource: VolumePuppetConfig}
-      input_values:
-        step: 3
-        update_identifier: {get_param: DeployIdentifier}
-
-  VolumeDeployment_Step4:
-    type: OS::Heat::StructuredDeployments
-    depends_on: VolumeDeployment_Step3
-    properties:
-      name: VolumeDeployment_Step4
-      servers:  {get_param: servers}
-      config: {get_resource: VolumePuppetConfig}
-      input_values:
-        step: 4
-        update_identifier: {get_param: DeployIdentifier}
-
-  # Note, this should come last, so use depends_on to ensure
-  # this is created after any other resources.
-  ExtraConfig:
-    depends_on: VolumeDeployment_Step4
-    type: OS::TripleO::NodeExtraConfigPost
-    properties:
-        servers: {get_param: servers}
diff --git a/puppet/cinder-storage.yaml b/puppet/cinder-storage.yaml
index 699a096..f5118c2 100644 (file)
--- a/puppet/cinder-storage.yaml
+++ b/puppet/cinder-storage.yaml
@@ -48,6 +48,11 @@ parameters:
     description: Mapping of service_name -> network name. Typically set
                  via parameter_defaults in the resource registry.
     type: json
+  EndpointMap:
+    default: {}
+    description: Mapping of service endpoint -> protocol. Typically set
+                 via parameter_defaults in the resource registry.
+    type: json
   NetworkDeploymentActions:
     type: comma_delimited_list
     description: >
@@ -313,6 +318,7 @@ outputs:
           STORAGE_MGMTIP STORAGE_MGMTHOST.DOMAIN STORAGE_MGMTHOST
           TENANTIP TENANTHOST.DOMAIN TENANTHOST
           MANAGEMENTIP MANAGEMENTHOST.DOMAIN MANAGEMENTHOST
+          CTLPLANEIP CTLPLANEHOST.DOMAIN CTLPLANEHOST
         params:
           PRIMARYIP: {get_attr: [NetIpMap, net_ip_map, {get_param: [ServiceNetMap, BlockStorageHostnameResolveNetwork]}]}
           DOMAIN: {get_param: CloudDomain}
@@ -353,6 +359,12 @@ outputs:
             - '.'
             - - {get_attr: [BlockStorage, name]}
               - management
+          CTLPLANEIP: {get_attr: [BlockStorage, networks, ctlplane, 0]}
+          CTLPLANEHOST:
+            list_join:
+            - '.'
+            - - {get_attr: [BlockStorage, name]}
+              - ctlplane
   nova_server_resource:
     description: Heat resource handle for the block storage server
     value:
diff --git a/puppet/compute-config.yaml b/puppet/compute-config.yaml
new file mode 100644 (file)
index 0000000..9e128d3
--- /dev/null
+++ b/puppet/compute-config.yaml
@@ -0,0 +1,38 @@
+heat_template_version: 2015-04-30
+
+description: >
+  A software config which runs manifests/overcloud_compute.pp
+
+parameters:
+  ConfigDebug:
+    default: false
+    description: Whether to run config management (e.g. Puppet) in debug mode.
+    type: boolean
+  StepConfig:
+     type: string
+     description: Config manifests that will be used to step through the deployment.
+     default: ''
+
+resources:
+
+  ComputePuppetConfigImpl:
+    type: OS::Heat::SoftwareConfig
+    properties:
+      group: puppet
+      options:
+        enable_debug: {get_param: ConfigDebug}
+        enable_hiera: True
+        enable_facter: False
+        modulepath: /etc/puppet/modules:/opt/stack/puppet-modules:/usr/share/openstack-puppet/modules
+      outputs:
+      - name: result
+      config:
+        list_join:
+        - ''
+        - - get_file: manifests/overcloud_compute.pp
+          - {get_param: StepConfig}
+
+outputs:
+  OS::stack_id:
+    description: The software config which runs overcloud_controller.pp
+    value: {get_resource: ComputePuppetConfigImpl}
diff --git a/puppet/compute-post.yaml b/puppet/compute-post.yaml
deleted file mode 100644 (file)
index 358ec5a..0000000
--- a/puppet/compute-post.yaml
+++ /dev/null
@@ -1,93 +0,0 @@
-heat_template_version: 2015-04-30
-
-description: >
-  OpenStack compute node post deployment for Puppet.
-
-parameters:
-  ConfigDebug:
-    default: false
-    description: Whether to run config management (e.g. Puppet) in debug mode.
-    type: boolean
-  servers:
-    type: json
-  RoleData:
-    type: json
-    default: {}
-  DeployIdentifier:
-     type: string
-     default: ''
-     description: Value which changes if the node configuration may need to be re-applied
-
-resources:
-
-  ComputeArtifactsConfig:
-    type: deploy-artifacts.yaml
-
-  ComputeArtifactsDeploy:
-    type: OS::Heat::StructuredDeployments
-    properties:
-      servers:  {get_param: servers}
-      config: {get_resource: ComputeArtifactsConfig}
-      input_values:
-        update_identifier: {get_param: DeployIdentifier}
-
-  ComputePuppetConfig:
-    type: OS::Heat::SoftwareConfig
-    properties:
-      group: puppet
-      options:
-        enable_debug: {get_param: ConfigDebug}
-        enable_hiera: True
-        enable_facter: False
-        modulepath: /etc/puppet/modules:/opt/stack/puppet-modules:/usr/share/openstack-puppet/modules
-      inputs:
-      - name: step
-      outputs:
-      - name: result
-      config:
-        list_join:
-        - ''
-        - - get_file: manifests/overcloud_compute.pp
-          - {get_param: [RoleData, step_config]}
-
-  ComputeServicesBaseDeployment_Step2:
-    type: OS::Heat::StructuredDeployments
-    depends_on: [ComputeArtifactsDeploy]
-    properties:
-      name: ComputeServicesBaseDeployment_Step2
-      servers:  {get_param: servers}
-      config: {get_resource: ComputePuppetConfig}
-      input_values:
-        step: 2
-        update_identifier: {get_param: DeployIdentifier}
-
-  ComputeOvercloudServicesDeployment_Step3:
-    type: OS::Heat::StructuredDeployments
-    depends_on: ComputeServicesBaseDeployment_Step2
-    properties:
-      name: ComputeOvercloudServicesDeployment_Step3
-      servers:  {get_param: servers}
-      config: {get_resource: ComputePuppetConfig}
-      input_values:
-        step: 3
-        update_identifier: {get_param: DeployIdentifier}
-
-  ComputeOvercloudServicesDeployment_Step4:
-    type: OS::Heat::StructuredDeployments
-    depends_on: ComputeOvercloudServicesDeployment_Step3
-    properties:
-      name: ComputeOvercloudServicesDeployment_Step4
-      servers:  {get_param: servers}
-      config: {get_resource: ComputePuppetConfig}
-      input_values:
-        step: 4
-        update_identifier: {get_param: DeployIdentifier}
-
-  # Note, this should come last, so use depends_on to ensure
-  # this is created after any other resources.
-  ExtraConfig:
-    depends_on: ComputeOvercloudServicesDeployment_Step4
-    type: OS::TripleO::NodeExtraConfigPost
-    properties:
-        servers: {get_param: servers}
-
diff --git a/puppet/compute.yaml b/puppet/compute.yaml
index e74d1a5..05b8d06 100644 (file)
--- a/puppet/compute.yaml
+++ b/puppet/compute.yaml
@@ -373,6 +373,7 @@ outputs:
           STORAGE_MGMTIP STORAGE_MGMTHOST.DOMAIN STORAGE_MGMTHOST
           TENANTIP TENANTHOST.DOMAIN TENANTHOST
           MANAGEMENTIP MANAGEMENTHOST.DOMAIN MANAGEMENTHOST
+          CTLPLANEIP CTLPLANEHOST.DOMAIN CTLPLANEHOST
         params:
           PRIMARYIP: {get_attr: [NetIpMap, net_ip_map, {get_param: [ServiceNetMap, ComputeHostnameResolveNetwork]}]}
           DOMAIN: {get_param: CloudDomain}
@@ -413,6 +414,12 @@ outputs:
             - '.'
             - - {get_attr: [NovaCompute, name]}
               - management
+          CTLPLANEIP: {get_attr: [NovaCompute, networks, ctlplane, 0]}
+          CTLPLANEHOST:
+            list_join:
+            - '.'
+            - - {get_attr: [NovaCompute, name]}
+              - ctlplane
   nova_server_resource:
     description: Heat resource handle for the Nova compute server
     value:
diff --git a/puppet/controller-post.yaml b/puppet/controller-post.yaml
deleted file mode 100644 (file)
index c97c3bc..0000000
--- a/puppet/controller-post.yaml
+++ /dev/null
@@ -1,117 +0,0 @@
-heat_template_version: 2015-04-30
-
-description: >
-  OpenStack controller node post deployment for Puppet.
-
-parameters:
-  ConfigDebug:
-    default: false
-    description: Whether to run config management (e.g. Puppet) in debug mode.
-    type: boolean
-  servers:
-    type: json
-  RoleData:
-    type: json
-    default: {}
-  DeployIdentifier:
-     type: string
-     default: ''
-     description: Value which changes if the node configuration may need to be re-applied
-
-resources:
-
-  ControllerArtifactsConfig:
-    type: deploy-artifacts.yaml
-
-  ControllerArtifactsDeploy:
-    type: OS::Heat::StructuredDeployments
-    properties:
-      servers:  {get_param: servers}
-      config: {get_resource: ControllerArtifactsConfig}
-
-  ControllerPrePuppet:
-    type: OS::TripleO::Tasks::ControllerPrePuppet
-    properties:
-      servers:  {get_param: servers}
-      input_values:
-        update_identifier: {get_param: DeployIdentifier}
-
-  ControllerPuppetConfig:
-    type: OS::TripleO::ControllerConfig
-    properties:
-      StepConfig: {get_param: [RoleData, step_config]}
-
-  # Step through a series of Puppet runs using the same manifest.
-  # NOTE: To enable stepping through the deployments via heat hooks,
-  # you must observe the glob naming defined in overcloud-steps.yaml
-  # e.g all Deployment resources should have a *Deployment_StepN suffix
-  ControllerLoadBalancerDeployment_Step1:
-    type: OS::Heat::StructuredDeployments
-    depends_on: [ControllerPrePuppet, ControllerArtifactsDeploy]
-    properties:
-      name: ControllerLoadBalancerDeployment_Step1
-      servers:  {get_param: servers}
-      config: {get_resource: ControllerPuppetConfig}
-      input_values:
-        step: 1
-        update_identifier: {get_param: DeployIdentifier}
-
-  ControllerServicesBaseDeployment_Step2:
-    type: OS::Heat::StructuredDeployments
-    depends_on: ControllerLoadBalancerDeployment_Step1
-    properties:
-      name: ControllerServicesBaseDeployment_Step2
-      servers:  {get_param: servers}
-      config: {get_resource: ControllerPuppetConfig}
-      input_values:
-        step: 2
-        update_identifier: {get_param: DeployIdentifier}
-
-  ControllerOvercloudServicesDeployment_Step3:
-    type: OS::Heat::StructuredDeployments
-    depends_on: ControllerServicesBaseDeployment_Step2
-    properties:
-      name: ControllerOvercloudServicesDeployment_Step3
-      servers:  {get_param: servers}
-      config: {get_resource: ControllerPuppetConfig}
-      input_values:
-        step: 3
-        update_identifier: {get_param: DeployIdentifier}
-
-  ControllerOvercloudServicesDeployment_Step4:
-    type: OS::Heat::StructuredDeployments
-    depends_on: ControllerOvercloudServicesDeployment_Step3
-    properties:
-      name: ControllerOvercloudServicesDeployment_Step4
-      servers:  {get_param: servers}
-      config: {get_resource: ControllerPuppetConfig}
-      input_values:
-        step: 4
-        update_identifier: {get_param: DeployIdentifier}
-
-  ControllerOvercloudServicesDeployment_Step5:
-    type: OS::Heat::StructuredDeployments
-    depends_on: ControllerOvercloudServicesDeployment_Step4
-    properties:
-      name: ControllerOvercloudServicesDeployment_Step5
-      servers:  {get_param: servers}
-      config: {get_resource: ControllerPuppetConfig}
-      input_values:
-        step: 5
-        update_identifier: {get_param: DeployIdentifier}
-
-  ControllerPostPuppet:
-    type: OS::TripleO::Tasks::ControllerPostPuppet
-    depends_on: ControllerOvercloudServicesDeployment_Step5
-    properties:
-      servers:  {get_param: servers}
-      input_values:
-        update_identifier: {get_param: DeployIdentifier}
-
-  # Note, this should come last, so use depends_on to ensure
-  # this is created after any other resources.
-  ExtraConfig:
-    depends_on: ControllerPostPuppet
-    type: OS::TripleO::NodeExtraConfigPost
-    properties:
-        servers: {get_param: servers}
diff --git a/puppet/controller.yaml b/puppet/controller.yaml
index 1656aea..33ed51c 100644 (file)
--- a/puppet/controller.yaml
+++ b/puppet/controller.yaml
@@ -62,10 +62,6 @@ parameters:
     default: nic1
     description: What interface to bridge onto br-ex for network nodes.
     type: string
-  SwiftRawDisks:
-    default: {}
-    description: 'A hash of additional raw devices to use as Swift backend (eg. {sdb: {}})'
-    type: json
   ServiceNetMap:
     default: {}
     description: Mapping of service_name -> network name. Typically set
@@ -313,8 +309,7 @@ resources:
             - service_configs
             - service_names
             - controller
-            - swift_devices_and_proxy # provided by SwiftDevicesAndProxyConfig
-            - bootstrap_node # provided by allNodesConfig
+            - bootstrap_node # provided by BootstrapNodeConfig
             - all_nodes # provided by allNodesConfig
             - vip_data # provided by allNodesConfig
             - '"%{::osfamily}"'
@@ -421,6 +416,7 @@ outputs:
           STORAGE_MGMTIP STORAGE_MGMTHOST.DOMAIN STORAGE_MGMTHOST
           TENANTIP TENANTHOST.DOMAIN TENANTHOST
           MANAGEMENTIP MANAGEMENTHOST.DOMAIN MANAGEMENTHOST
+          CTLPLANEIP CTLPLANEHOST.DOMAIN CTLPLANEHOST
         params:
           PRIMARYIP: {get_attr: [NetIpMap, net_ip_map, {get_param: [ServiceNetMap, ControllerHostnameResolveNetwork]}]}
           DOMAIN: {get_param: CloudDomain}
@@ -461,31 +457,16 @@ outputs:
             - '.'
             - - {get_attr: [Controller, name]}
               - management
+          CTLPLANEIP: {get_attr: [Controller, networks, ctlplane, 0]}
+          CTLPLANEHOST:
+            list_join:
+            - '.'
+            - - {get_attr: [Controller, name]}
+              - ctlplane
   nova_server_resource:
     description: Heat resource handle for the Nova compute server
     value:
       {get_resource: Controller}
-  swift_device:
-    description: Swift device formatted for swift-ring-builder
-    value:
-      str_replace:
-        template:
-          list_join:
-            - ','
-            - ['r1z1-IP:%PORT%/d1']
-            - repeat:
-                template: 'r1z1-IP:%PORT%/DEVICE'
-                for_each:
-                  DEVICE: {get_param: SwiftRawDisks}
-        params:
-          IP:
-            get_attr:
-              - NetIpMap
-              - net_ip_map
-              - str_replace:
-                  template: "NETWORK_uri"
-                  params:
-                    NETWORK: {get_param: [ServiceNetMap, SwiftMgmtNetwork]}
   tls_key_modulus_md5:
     description: MD5 checksum of the TLS Key Modulus
     value: {get_attr: [NodeTLSData, key_modulus_md5]}
diff --git a/puppet/objectstorage-config.yaml b/puppet/objectstorage-config.yaml
new file mode 100644 (file)
index 0000000..1dee8e6
--- /dev/null
+++ b/puppet/objectstorage-config.yaml
@@ -0,0 +1,38 @@
+heat_template_version: 2015-04-30
+
+description: >
+  A software config which runs manifests/overcloud_object.pp
+
+parameters:
+  ConfigDebug:
+    default: false
+    description: Whether to run config management (e.g. Puppet) in debug mode.
+    type: boolean
+  StepConfig:
+     type: string
+     description: Config manifests that will be used to step through the deployment.
+     default: ''
+
+resources:
+
+  ObjectStoragePuppetConfigImpl:
+    type: OS::Heat::SoftwareConfig
+    properties:
+      group: puppet
+      options:
+        enable_debug: {get_param: ConfigDebug}
+        enable_hiera: True
+        enable_facter: False
+        modulepath: /etc/puppet/modules:/opt/stack/puppet-modules:/usr/share/openstack-puppet/modules
+      outputs:
+      - name: result
+      config:
+        list_join:
+        - ''
+        - - get_file: manifests/overcloud_object.pp
+          - {get_param: StepConfig}
+
+outputs:
+  OS::stack_id:
+    description: The software config which runs overcloud_controller.pp
+    value: {get_resource: ObjectStoragePuppetConfigImpl}
diff --git a/puppet/post.yaml b/puppet/post.yaml
new file mode 100644 (file)
index 0000000..8f57b34
--- /dev/null
+++ b/puppet/post.yaml
@@ -0,0 +1,644 @@
+heat_template_version: 2016-10-14
+
+description: >
+  Post-deploy configuration steps via puppet for all roles,
+  Controller, Compute, BlockStorage, SwiftStorage and CephStorage.
+
+parameters:
+  servers:
+    type: json
+    description: Mapping of Role name e.g Controller to a list of servers
+
+  role_data:
+    type: json
+    description: Mapping of Role name e.g Controller to the per-role data
+
+  DeployIdentifier:
+    default: ''
+    type: string
+    description: >
+      Setting this to a unique value will re-run any deployment tasks which
+      perform configuration on a Heat stack-update.
+
+resources:
+  # Post deployment steps for all roles
+  # A single config is re-applied with an incrementing step number
+  # Controller Role steps
+  ControllerArtifactsConfig:
+    type: deploy-artifacts.yaml
+
+  ControllerArtifactsDeploy:
+    type: OS::Heat::StructuredDeployments
+    properties:
+      servers:  {get_param: [servers, Controller]}
+      config: {get_resource: ControllerArtifactsConfig}
+
+  ControllerPreConfig:
+    type: OS::TripleO::Tasks::ControllerPreConfig
+    properties:
+      servers: {get_param: [servers, Controller]}
+      input_values:
+        update_identifier: {get_param: DeployIdentifier}
+
+  ControllerConfig:
+    type: OS::TripleO::ControllerConfig
+    properties:
+      StepConfig: {get_param: [role_data, Controller, step_config]}
+
+  # Step through a series of configuration steps
+  ControllerDeployment_Step1:
+    type: OS::Heat::StructuredDeploymentGroup
+    depends_on: [ControllerPreConfig, ControllerArtifactsDeploy]
+    properties:
+      name: ControllerDeployment_Step1
+      servers: {get_param: [servers, Controller]}
+      config: {get_resource: ControllerConfig}
+      input_values:
+        step: 1
+        update_identifier: {get_param: DeployIdentifier}
+
+  ControllerDeployment_Step2:
+    type: OS::Heat::StructuredDeploymentGroup
+    depends_on:
+      - ControllerDeployment_Step1
+      - ComputeDeployment_Step1
+      - BlockStorageDeployment_Step1
+      - ObjectStorageDeployment_Step1
+      - CephStorageDeployment_Step1
+    properties:
+      name: ControllerDeployment_Step2
+      servers: {get_param: [servers, Controller]}
+      config: {get_resource: ControllerConfig}
+      input_values:
+        step: 2
+        update_identifier: {get_param: DeployIdentifier}
+
+  ControllerDeployment_Step3:
+    type: OS::Heat::StructuredDeploymentGroup
+    depends_on:
+      - ControllerDeployment_Step2
+      - ComputeDeployment_Step2
+      - BlockStorageDeployment_Step2
+      - ObjectStorageDeployment_Step2
+      - CephStorageDeployment_Step2
+    properties:
+      name: ControllerDeployment_Step3
+      servers: {get_param: [servers, Controller]}
+      config: {get_resource: ControllerConfig}
+      input_values:
+        step: 3
+        update_identifier: {get_param: DeployIdentifier}
+
+  ControllerDeployment_Step4:
+    type: OS::Heat::StructuredDeploymentGroup
+    depends_on:
+      - ControllerDeployment_Step3
+      - ComputeDeployment_Step3
+      - BlockStorageDeployment_Step3
+      - ObjectStorageDeployment_Step3
+      - CephStorageDeployment_Step3
+    properties:
+      name: ControllerDeployment_Step4
+      servers: {get_param: [servers, Controller]}
+      config: {get_resource: ControllerConfig}
+      input_values:
+        step: 4
+        update_identifier: {get_param: DeployIdentifier}
+
+  ControllerDeployment_Step5:
+    type: OS::Heat::StructuredDeploymentGroup
+    depends_on:
+      - ControllerDeployment_Step4
+      - ComputeDeployment_Step4
+      - BlockStorageDeployment_Step4
+      - ObjectStorageDeployment_Step4
+      - CephStorageDeployment_Step4
+    properties:
+      name: ControllerDeployment_Step5
+      servers: {get_param: [servers, Controller]}
+      config: {get_resource: ControllerConfig}
+      input_values:
+        step: 5
+        update_identifier: {get_param: DeployIdentifier}
+
+  ControllerPostConfig:
+    type: OS::TripleO::Tasks::ControllerPostConfig
+    depends_on:
+      - ControllerDeployment_Step5
+      - ComputeDeployment_Step5
+      - BlockStorageDeployment_Step5
+      - ObjectStorageDeployment_Step5
+      - CephStorageDeployment_Step5
+    properties:
+      servers:  {get_param: servers}
+      input_values:
+        update_identifier: {get_param: DeployIdentifier}
+
+  # Note, this should come last, so use depends_on to ensure
+  # this is created after any other resources.
+  ControllerExtraConfigPost:
+    depends_on:
+      - ControllerPostConfig
+      - ComputePostConfig
+      - BlockStoragePostConfig
+      - ObjectStoragePostConfig
+      - CephStoragePostConfig
+    type: OS::TripleO::NodeExtraConfigPost
+    properties:
+        servers: {get_param: [servers, Controller]}
+
+  # Compute Role steps
+  ComputeArtifactsConfig:
+    type: deploy-artifacts.yaml
+
+  ComputeArtifactsDeploy:
+    type: OS::Heat::StructuredDeployments
+    properties:
+      servers:  {get_param: [servers, Compute]}
+      config: {get_resource: ComputeArtifactsConfig}
+
+  ComputePreConfig:
+    type: OS::TripleO::Tasks::ComputePreConfig
+    properties:
+      servers: {get_param: [servers, Compute]}
+      input_values:
+        update_identifier: {get_param: DeployIdentifier}
+
+  ComputeConfig:
+    type: OS::TripleO::ComputeConfig
+    properties:
+      StepConfig: {get_param: [role_data, Compute, step_config]}
+
+  # Step through a series of configuration steps
+  ComputeDeployment_Step1:
+    type: OS::Heat::StructuredDeploymentGroup
+    depends_on: [ComputePreConfig, ComputeArtifactsDeploy]
+    properties:
+      name: ComputeDeployment_Step1
+      servers: {get_param: [servers, Compute]}
+      config: {get_resource: ComputeConfig}
+      input_values:
+        step: 1
+        update_identifier: {get_param: DeployIdentifier}
+
+  ComputeDeployment_Step2:
+    type: OS::Heat::StructuredDeploymentGroup
+    depends_on:
+      - ControllerDeployment_Step1
+      - ComputeDeployment_Step1
+      - BlockStorageDeployment_Step1
+      - ObjectStorageDeployment_Step1
+      - CephStorageDeployment_Step1
+    properties:
+      name: ComputeDeployment_Step2
+      servers: {get_param: [servers, Compute]}
+      config: {get_resource: ComputeConfig}
+      input_values:
+        step: 2
+        update_identifier: {get_param: DeployIdentifier}
+
+  ComputeDeployment_Step3:
+    type: OS::Heat::StructuredDeploymentGroup
+    depends_on:
+      - ControllerDeployment_Step2
+      - ComputeDeployment_Step2
+      - BlockStorageDeployment_Step2
+      - ObjectStorageDeployment_Step2
+      - CephStorageDeployment_Step2
+    properties:
+      name: ComputeDeployment_Step3
+      servers: {get_param: [servers, Compute]}
+      config: {get_resource: ComputeConfig}
+      input_values:
+        step: 3
+        update_identifier: {get_param: DeployIdentifier}
+
+  ComputeDeployment_Step4:
+    type: OS::Heat::StructuredDeploymentGroup
+    depends_on:
+      - ControllerDeployment_Step3
+      - ComputeDeployment_Step3
+      - BlockStorageDeployment_Step3
+      - ObjectStorageDeployment_Step3
+      - CephStorageDeployment_Step3
+    properties:
+      name: ComputeDeployment_Step4
+      servers: {get_param: [servers, Compute]}
+      config: {get_resource: ComputeConfig}
+      input_values:
+        step: 4
+        update_identifier: {get_param: DeployIdentifier}
+
+  ComputeDeployment_Step5:
+    type: OS::Heat::StructuredDeploymentGroup
+    depends_on:
+      - ControllerDeployment_Step4
+      - ComputeDeployment_Step4
+      - BlockStorageDeployment_Step4
+      - ObjectStorageDeployment_Step4
+      - CephStorageDeployment_Step4
+    properties:
+      name: ComputeDeployment_Step5
+      servers: {get_param: [servers, Compute]}
+      config: {get_resource: ComputeConfig}
+      input_values:
+        step: 5
+        update_identifier: {get_param: DeployIdentifier}
+
+  ComputePostConfig:
+    type: OS::TripleO::Tasks::ComputePostConfig
+    depends_on:
+      - ControllerDeployment_Step5
+      - ComputeDeployment_Step5
+      - BlockStorageDeployment_Step5
+      - ObjectStorageDeployment_Step5
+      - CephStorageDeployment_Step5
+    properties:
+      servers:  {get_param: servers}
+      input_values:
+        update_identifier: {get_param: DeployIdentifier}
+
+  # Note, this should come last, so use depends_on to ensure
+  # this is created after any other resources.
+  ComputeExtraConfigPost:
+    depends_on:
+      - ControllerPostConfig
+      - ComputePostConfig
+      - BlockStoragePostConfig
+      - ObjectStoragePostConfig
+      - CephStoragePostConfig
+    type: OS::TripleO::NodeExtraConfigPost
+    properties:
+      servers: {get_param: [servers, Compute]}
+
+  # BlockStorage Role steps
+  BlockStorageArtifactsConfig:
+    type: deploy-artifacts.yaml
+
+  BlockStorageArtifactsDeploy:
+    type: OS::Heat::StructuredDeployments
+    properties:
+      servers:  {get_param: [servers, BlockStorage]}
+      config: {get_resource: BlockStorageArtifactsConfig}
+
+  BlockStoragePreConfig:
+    type: OS::TripleO::Tasks::BlockStoragePreConfig
+    properties:
+      servers: {get_param: [servers, BlockStorage]}
+      input_values:
+        update_identifier: {get_param: DeployIdentifier}
+
+  BlockStorageConfig:
+    type: OS::TripleO::BlockStorageConfig
+    properties:
+      StepConfig: {get_param: [role_data, BlockStorage, step_config]}
+
+  # Step through a series of configuration steps
+  BlockStorageDeployment_Step1:
+    type: OS::Heat::StructuredDeploymentGroup
+    depends_on: [BlockStoragePreConfig, BlockStorageArtifactsDeploy]
+    properties:
+      name: BlockStorageDeployment_Step1
+      servers: {get_param: [servers, BlockStorage]}
+      config: {get_resource: BlockStorageConfig}
+      input_values:
+        step: 1
+        update_identifier: {get_param: DeployIdentifier}
+
+  BlockStorageDeployment_Step2:
+    type: OS::Heat::StructuredDeploymentGroup
+    depends_on:
+      - ControllerDeployment_Step1
+      - ComputeDeployment_Step1
+      - BlockStorageDeployment_Step1
+      - ObjectStorageDeployment_Step1
+      - CephStorageDeployment_Step1
+    properties:
+      name: BlockStorageDeployment_Step2
+      servers: {get_param: [servers, BlockStorage]}
+      config: {get_resource: BlockStorageConfig}
+      input_values:
+        step: 2
+        update_identifier: {get_param: DeployIdentifier}
+
+  BlockStorageDeployment_Step3:
+    type: OS::Heat::StructuredDeploymentGroup
+    depends_on:
+      - ControllerDeployment_Step2
+      - ComputeDeployment_Step2
+      - BlockStorageDeployment_Step2
+      - ObjectStorageDeployment_Step2
+      - CephStorageDeployment_Step2
+    properties:
+      name: BlockStorageDeployment_Step3
+      servers: {get_param: [servers, BlockStorage]}
+      config: {get_resource: BlockStorageConfig}
+      input_values:
+        step: 3
+        update_identifier: {get_param: DeployIdentifier}
+
+  BlockStorageDeployment_Step4:
+    type: OS::Heat::StructuredDeploymentGroup
+    depends_on:
+      - ControllerDeployment_Step3
+      - ComputeDeployment_Step3
+      - BlockStorageDeployment_Step3
+      - ObjectStorageDeployment_Step3
+      - CephStorageDeployment_Step3
+    properties:
+      name: BlockStorageDeployment_Step4
+      servers: {get_param: [servers, BlockStorage]}
+      config: {get_resource: BlockStorageConfig}
+      input_values:
+        step: 4
+        update_identifier: {get_param: DeployIdentifier}
+
+  BlockStorageDeployment_Step5:
+    type: OS::Heat::StructuredDeploymentGroup
+    depends_on:
+      - ControllerDeployment_Step4
+      - ComputeDeployment_Step4
+      - BlockStorageDeployment_Step4
+      - ObjectStorageDeployment_Step4
+      - CephStorageDeployment_Step4
+    properties:
+      name: BlockStorageDeployment_Step5
+      servers: {get_param: [servers, BlockStorage]}
+      config: {get_resource: BlockStorageConfig}
+      input_values:
+        step: 5
+        update_identifier: {get_param: DeployIdentifier}
+
+  BlockStoragePostConfig:
+    type: OS::TripleO::Tasks::BlockStoragePostConfig
+    depends_on:
+      - ControllerDeployment_Step5
+      - ComputeDeployment_Step5
+      - BlockStorageDeployment_Step5
+      - ObjectStorageDeployment_Step5
+      - CephStorageDeployment_Step5
+    properties:
+      servers:  {get_param: servers}
+      input_values:
+        update_identifier: {get_param: DeployIdentifier}
+
+  # Note, this should come last, so use depends_on to ensure
+  # this is created after any other resources.
+  BlockStorageExtraConfigPost:
+    depends_on:
+      - ControllerPostConfig
+      - ComputePostConfig
+      - BlockStoragePostConfig
+      - ObjectStoragePostConfig
+      - CephStoragePostConfig
+    type: OS::TripleO::NodeExtraConfigPost
+    properties:
+        servers: {get_param: [servers, BlockStorage]}
+
+  # ObjectStorage Role steps
+  ObjectStorageArtifactsConfig:
+    type: deploy-artifacts.yaml
+
+  ObjectStorageArtifactsDeploy:
+    type: OS::Heat::StructuredDeployments
+    properties:
+      servers:  {get_param: [servers, ObjectStorage]}
+      config: {get_resource: ObjectStorageArtifactsConfig}
+
+  ObjectStoragePreConfig:
+    type: OS::TripleO::Tasks::ObjectStoragePreConfig
+    properties:
+      servers: {get_param: [servers, ObjectStorage]}
+      input_values:
+        update_identifier: {get_param: DeployIdentifier}
+
+  ObjectStorageConfig:
+    type: OS::TripleO::ObjectStorageConfig
+    properties:
+      StepConfig: {get_param: [role_data, ObjectStorage, step_config]}
+
+  # Step through a series of configuration steps
+  ObjectStorageDeployment_Step1:
+    type: OS::Heat::StructuredDeploymentGroup
+    depends_on: [ObjectStoragePreConfig, ObjectStorageArtifactsDeploy]
+    properties:
+      name: ObjectStorageDeployment_Step1
+      servers: {get_param: [servers, ObjectStorage]}
+      config: {get_resource: ObjectStorageConfig}
+      input_values:
+        step: 1
+        update_identifier: {get_param: DeployIdentifier}
+
+  ObjectStorageDeployment_Step2:
+    type: OS::Heat::StructuredDeploymentGroup
+    depends_on:
+      - ControllerDeployment_Step1
+      - ComputeDeployment_Step1
+      - BlockStorageDeployment_Step1
+      - ObjectStorageDeployment_Step1
+      - CephStorageDeployment_Step1
+    properties:
+      name: ObjectStorageDeployment_Step2
+      servers: {get_param: [servers, ObjectStorage]}
+      config: {get_resource: ObjectStorageConfig}
+      input_values:
+        step: 2
+        update_identifier: {get_param: DeployIdentifier}
+
+  ObjectStorageDeployment_Step3:
+    type: OS::Heat::StructuredDeploymentGroup
+    depends_on:
+      - ControllerDeployment_Step2
+      - ComputeDeployment_Step2
+      - BlockStorageDeployment_Step2
+      - ObjectStorageDeployment_Step2
+      - CephStorageDeployment_Step2
+    properties:
+      name: ObjectStorageDeployment_Step3
+      servers: {get_param: [servers, ObjectStorage]}
+      config: {get_resource: ObjectStorageConfig}
+      input_values:
+        step: 3
+        update_identifier: {get_param: DeployIdentifier}
+
+  ObjectStorageDeployment_Step4:
+    type: OS::Heat::StructuredDeploymentGroup
+    depends_on:
+      - ControllerDeployment_Step3
+      - ComputeDeployment_Step3
+      - BlockStorageDeployment_Step3
+      - ObjectStorageDeployment_Step3
+      - CephStorageDeployment_Step3
+    properties:
+      name: ObjectStorageDeployment_Step4
+      servers: {get_param: [servers, ObjectStorage]}
+      config: {get_resource: ObjectStorageConfig}
+      input_values:
+        step: 4
+        update_identifier: {get_param: DeployIdentifier}
+
+  ObjectStorageDeployment_Step5:
+    type: OS::Heat::StructuredDeploymentGroup
+    depends_on:
+      - ControllerDeployment_Step4
+      - ComputeDeployment_Step4
+      - BlockStorageDeployment_Step4
+      - ObjectStorageDeployment_Step4
+      - CephStorageDeployment_Step4
+    properties:
+      name: ObjectStorageDeployment_Step5
+      servers: {get_param: [servers, ObjectStorage]}
+      config: {get_resource: ObjectStorageConfig}
+      input_values:
+        step: 5
+        update_identifier: {get_param: DeployIdentifier}
+
+  ObjectStoragePostConfig:
+    type: OS::TripleO::Tasks::ObjectStoragePostConfig
+    depends_on:
+      - ControllerDeployment_Step5
+      - ComputeDeployment_Step5
+      - BlockStorageDeployment_Step5
+      - ObjectStorageDeployment_Step5
+      - CephStorageDeployment_Step5
+    properties:
+      servers:  {get_param: servers}
+      input_values:
+        update_identifier: {get_param: DeployIdentifier}
+
+  # Note, this should come last, so use depends_on to ensure
+  # this is created after any other resources.
+  ObjectStorageExtraConfigPost:
+    depends_on:
+      - ControllerPostConfig
+      - ComputePostConfig
+      - BlockStoragePostConfig
+      - ObjectStoragePostConfig
+      - CephStoragePostConfig
+    type: OS::TripleO::NodeExtraConfigPost
+    properties:
+        servers: {get_param: [servers, ObjectStorage]}
+
+  # CephStorage Role steps
+  CephStorageArtifactsConfig:
+    type: deploy-artifacts.yaml
+
+  CephStorageArtifactsDeploy:
+    type: OS::Heat::StructuredDeployments
+    properties:
+      servers:  {get_param: [servers, CephStorage]}
+      config: {get_resource: CephStorageArtifactsConfig}
+
+  CephStoragePreConfig:
+    type: OS::TripleO::Tasks::CephStoragePreConfig
+    properties:
+      servers: {get_param: [servers, CephStorage]}
+      input_values:
+        update_identifier: {get_param: DeployIdentifier}
+
+  CephStorageConfig:
+    type: OS::TripleO::CephStorageConfig
+    properties:
+      StepConfig: {get_param: [role_data, CephStorage, step_config]}
+
+  # Step through a series of configuration steps
+  CephStorageDeployment_Step1:
+    type: OS::Heat::StructuredDeploymentGroup
+    depends_on: [CephStoragePreConfig, CephStorageArtifactsDeploy]
+    properties:
+      name: CephStorageDeployment_Step1
+      servers: {get_param: [servers, CephStorage]}
+      config: {get_resource: CephStorageConfig}
+      input_values:
+        step: 1
+        update_identifier: {get_param: DeployIdentifier}
+
+  CephStorageDeployment_Step2:
+    type: OS::Heat::StructuredDeploymentGroup
+    depends_on:
+      - ControllerDeployment_Step1
+      - ComputeDeployment_Step1
+      - BlockStorageDeployment_Step1
+      - ObjectStorageDeployment_Step1
+      - CephStorageDeployment_Step1
+    properties:
+      name: CephStorageDeployment_Step2
+      servers: {get_param: [servers, CephStorage]}
+      config: {get_resource: CephStorageConfig}
+      input_values:
+        step: 2
+        update_identifier: {get_param: DeployIdentifier}
+
+  CephStorageDeployment_Step3:
+    type: OS::Heat::StructuredDeploymentGroup
+    depends_on:
+      - ControllerDeployment_Step2
+      - ComputeDeployment_Step2
+      - BlockStorageDeployment_Step2
+      - ObjectStorageDeployment_Step2
+      - CephStorageDeployment_Step2
+    properties:
+      name: CephStorageDeployment_Step3
+      servers: {get_param: [servers, CephStorage]}
+      config: {get_resource: CephStorageConfig}
+      input_values:
+        step: 3
+        update_identifier: {get_param: DeployIdentifier}
+
+  CephStorageDeployment_Step4:
+    type: OS::Heat::StructuredDeploymentGroup
+    depends_on:
+      - ControllerDeployment_Step3
+      - ComputeDeployment_Step3
+      - BlockStorageDeployment_Step3
+      - ObjectStorageDeployment_Step3
+      - CephStorageDeployment_Step3
+    properties:
+      name: CephStorageDeployment_Step4
+      servers: {get_param: [servers, CephStorage]}
+      config: {get_resource: CephStorageConfig}
+      input_values:
+        step: 4
+        update_identifier: {get_param: DeployIdentifier}
+
+  CephStorageDeployment_Step5:
+    type: OS::Heat::StructuredDeploymentGroup
+    depends_on:
+      - ControllerDeployment_Step4
+      - ComputeDeployment_Step4
+      - BlockStorageDeployment_Step4
+      - ObjectStorageDeployment_Step4
+      - CephStorageDeployment_Step4
+    properties:
+      name: CephStorageDeployment_Step5
+      servers: {get_param: [servers, CephStorage]}
+      config: {get_resource: CephStorageConfig}
+      input_values:
+        step: 5
+        update_identifier: {get_param: DeployIdentifier}
+
+  CephStoragePostConfig:
+    type: OS::TripleO::Tasks::CephStoragePostConfig
+    depends_on:
+      - ControllerDeployment_Step5
+      - ComputeDeployment_Step5
+      - BlockStorageDeployment_Step5
+      - ObjectStorageDeployment_Step5
+      - CephStorageDeployment_Step5
+    properties:
+      servers:  {get_param: servers}
+      input_values:
+        update_identifier: {get_param: DeployIdentifier}
+
+  # Note, this should come last, so use depends_on to ensure
+  # this is created after any other resources.
+  CephStorageExtraConfigPost:
+    depends_on:
+      - ControllerPostConfig
+      - ComputePostConfig
+      - BlockStoragePostConfig
+      - ObjectStoragePostConfig
+      - CephStoragePostConfig
+    type: OS::TripleO::NodeExtraConfigPost
+    properties:
+        servers: {get_param: [servers, CephStorage]}
diff --git a/puppet/services/README.rst b/puppet/services/README.rst
index 15c8c1f..8fe51fa 100644 (file)
--- a/puppet/services/README.rst
+++ b/puppet/services/README.rst
@@ -31,6 +31,8 @@ are re-asserted when applying latter ones.
 
  * config_settings: Custom hiera settings for this service.
 
+ * global_config_settings: Additional hiera settings distributed to all roles.
+
  * step_config: A puppet manifest that is used to step through the deployment
    sequence. Each sequence is given a "step" (via hiera('step') that provides
    information for when puppet classes should activate themselves.
diff --git a/puppet/services/ceph-rgw.yaml b/puppet/services/ceph-rgw.yaml
new file mode 100644 (file)
index 0000000..6bb4f6d
--- /dev/null
+++ b/puppet/services/ceph-rgw.yaml
@@ -0,0 +1,77 @@
+heat_template_version: 2016-04-08
+
+description: >
+  Ceph RadosGW service.
+
+parameters:
+  ServiceNetMap:
+    default: {}
+    description: Mapping of service_name -> network name. Typically set
+                 via parameter_defaults in the resource registry.  This
+                 mapping overrides those in ServiceNetMapDefaults.
+    type: json
+  DefaultPasswords:
+    default: {}
+    type: json
+  EndpointMap:
+    default: {}
+    description: Mapping of service endpoint -> protocol. Typically set
+                 via parameter_defaults in the resource registry.
+    type: json
+  AdminToken:
+    description: The keystone auth secret and db password.
+    type: string
+    hidden: true
+  CephRgwKey:
+    description: The cephx key for the radosgw client. Can be created
+                 with ceph-authtool --gen-print-key.
+    type: string
+    hidden: true
+  SwiftPassword:
+    description: The password for the swift service account, used by the Ceph RGW services.
+    type: string
+    hidden: true
+  KeystoneRegion:
+    type: string
+    default: 'regionOne'
+    description: Keystone region for endpoint
+
+resources:
+  CephBase:
+    type: ./ceph-base.yaml
+    properties:
+      ServiceNetMap: {get_param: ServiceNetMap}
+      DefaultPasswords: {get_param: DefaultPasswords}
+      EndpointMap: {get_param: EndpointMap}
+
+outputs:
+  role_data:
+    description: Role data for the Ceph RadosGW service.
+    value:
+      service_name: ceph_rgw
+      config_settings:
+        map_merge:
+          - get_attr: [CephBase, role_data, config_settings]
+          - tripleo::profile::base::ceph::rgw::rgw_key: {get_param: CephRgwKey}
+            tripleo::profile::base::ceph::rgw::keystone_admin_token: {get_param: AdminToken}
+            tripleo::profile::base::ceph::rgw::keystone_url: {get_param: [EndpointMap, KeystoneAdmin, uri_no_suffix]}
+            ceph::profile::params::frontend_type: 'civetweb'
+            ceph_rgw_civetweb_bind_address: {get_param: [ServiceNetMap, CephRgwNetwork]}
+            ceph::profile::params::rgw_frontends:
+              list_join:
+               - ''
+               - - 'civetweb port='
+                 - '%{hiera("ceph_rgw_civetweb_bind_address")}'
+                 - ':'
+                 - {get_param: [EndpointMap, CephRgwInternal, port]}
+            tripleo.ceph_rgw.firewall_rules:
+              '122 ceph rgw':
+                dport: {get_param: [EndpointMap, CephRgwInternal, port]}
+            ceph::rgw::keystone::auth::public_url: {get_param: [EndpointMap, CephRgwPublic, uri]}
+            ceph::rgw::keystone::auth::internal_url: {get_param: [EndpointMap, CephRgwInternal, uri]}
+            ceph::rgw::keystone::auth::admin_url: {get_param: [EndpointMap, CephRgwAdmin, uri]}
+            ceph::rgw::keystone::auth::password: {get_param: SwiftPassword}
+            ceph::rgw::keystone::auth::region: {get_param: KeystoneRegion}
+            ceph::rgw::keystone::auth::tenant: 'service'
+      step_config: |
+        include ::tripleo::profile::base::ceph::rgw
diff --git a/puppet/services/keystone.yaml b/puppet/services/keystone.yaml
index 7903304..b321ecb 100644 (file)
--- a/puppet/services/keystone.yaml
+++ b/puppet/services/keystone.yaml
@@ -87,6 +87,12 @@ parameters:
   MonitoringSubscriptionKeystone:
     default: 'overcloud-kestone'
     type: string
+  KeystoneCredential0:
+    type: string
+    description: The first Keystone credential key. Must be a valid key.
+  KeystoneCredential1:
+    type: string
+    description: The second Keystone credential key. Must be a valid key.
 
 resources:
 
@@ -121,6 +127,12 @@ outputs:
             keystone_ssl_certificate: {get_param: KeystoneSSLCertificate}
             keystone_ssl_certificate_key: {get_param: KeystoneSSLCertificateKey}
             keystone::enable_proxy_headers_parsing: true
+            keystone::enable_credential_setup: true
+            keystone::credential_keys:
+              '/etc/keystone/credential-keys/0':
+                content: {get_param: KeystoneCredential0}
+              '/etc/keystone/credential-keys/1':
+                content: {get_param: KeystoneCredential1}
             keystone::debug: {get_param: Debug}
             keystone::db::mysql::password: {get_param: AdminToken}
             keystone::rabbit_userid: {get_param: RabbitUserName}
diff --git a/puppet/services/manila-api.yaml b/puppet/services/manila-api.yaml
index 2e43730..1513ab3 100644 (file)
--- a/puppet/services/manila-api.yaml
+++ b/puppet/services/manila-api.yaml
@@ -66,6 +66,7 @@ outputs:
             # internal_api_uri -> [IP]
             # internal_api_subnet - > IP/CIDR
             manila::api::bind_host: {get_param: [ServiceNetMap, ManilaApiNetwork]}
+            manila::api::enable_proxy_headers_parsing: true
       step_config: |
         include ::tripleo::profile::base::manila::api
 
diff --git a/puppet/services/network/contrail-analytics.yaml b/puppet/services/network/contrail-analytics.yaml
new file mode 100644 (file)
index 0000000..1c2331f
--- /dev/null
+++ b/puppet/services/network/contrail-analytics.yaml
@@ -0,0 +1,90 @@
+heat_template_version: 2016-04-08
+
+description: >
+  Contrail Analytics service deployment using puppet, this YAML file
+  creates the interface between the HOT template
+  and the puppet manifest that actually installs
+  and configures Contrail Analytics.
+
+parameters:
+  ServiceNetMap:
+    default: {}
+    description: Mapping of service_name -> network name. Typically set
+                 via parameter_defaults in the resource registry.  This
+                 mapping overrides those in ServiceNetMapDefaults.
+    type: json
+  DefaultPasswords:
+    default: {}
+    type: json
+  EndpointMap:
+    default: {}
+    description: Mapping of service endpoint -> protocol. Typically set
+                 via parameter_defaults in the resource registry.
+    type: json
+  ContrailAnalyticsHostIP:
+    description: host IP address of Analytics
+    type: string
+  ContrailAnalyticsRedisServerIp:
+    description: Redis server ip address
+    type: string
+  ContrailAnalyticsCollectorServerHttpPort:
+    description: Collector http port
+    type: number
+    default: 8089
+  ContrailAnalyticsCollectorSandeshPort:
+    description: Collector sandesh port
+    type: number
+    default: 8086
+  ContrailAnalyticsHttpServerPort:
+    description: Analytics http port
+    type: number
+    default: 8090
+  ContrailAnalyticsListenAddress:
+    default: '0.0.0.0'
+    description: IP address Config API is listening on
+    type: string
+  ContrailAnalyticsListenPort:
+    default: 8082
+    description: Port Config API is listening on
+    type: number
+  ContrailAnalyticsRedisServerPort:
+    description: Redis server port
+    type: number
+    default: 6379
+  ContrailAnalyticsRestApiIp:
+    description: IP address Analytics rest interface listens on
+    type: string
+    default: '0.0.0.0'
+  ContrailAnalyticsRestApiPort:
+    description: Analytics rest port
+    type: number
+    default: 8081
+
+resources:
+  ContrailBase:
+    type: ./contrail-base.yaml
+    properties:
+      ServiceNetMap: {get_param: ServiceNetMap}
+      DefaultPasswords: {get_param: DefaultPasswords}
+      EndpointMap: {get_param: EndpointMap}
+
+outputs:
+  role_data:
+    description: Role Contrail Analytics using composable services.
+    value:
+      service_name: contrail_analytics
+      config_settings:
+        map_merge:
+          - get_attr: [ContrailBase, role_data, config_settings]
+          - contrail::analytics::collector_http_server_port: {get_param: ContrailAnalyticsCollectorServerHttpPort}
+            contrail::analytics::collector_sandesh_port: {get_param: ContrailAnalyticsCollectorSandeshPort}
+            contrail::analytics::host_ip: {get_param: ContrailAnalyticsHostIP}
+            contrail::analytics::http_server_port: {get_param: ContrailAnalyticsHttpServerPort}
+            contrail::analytics::listen_ip_address: {get_param: ContrailAnalyticsListenAddress}
+            contrail::analytics::listen_port: {get_param: ContrailAnalyticsListenPort}
+            contrail::analytics::redis_server: {get_param: ContrailAnalyticsRedisServerIp}
+            contrail::analytics::redis_server_port: {get_param: ContrailAnalyticsRedisServerPort}
+            contrail::analytics::rest_api_ip: {get_param: ContrailAnalyticsRestApiIp}
+            contrail::analytics::rest_api_port: {get_param: ContrailAnalyticsRestApiPort}
+      step_config: |
+        include ::tripleo::network::contrail::analytics
diff --git a/puppet/services/network/contrail-base.yaml b/puppet/services/network/contrail-base.yaml
new file mode 100644 (file)
index 0000000..03dbea5
--- /dev/null
+++ b/puppet/services/network/contrail-base.yaml
@@ -0,0 +1,100 @@
+heat_template_version: 2016-04-08
+
+description: >
+  Base parameters for all Contrail Services.
+
+parameters:
+  ServiceNetMap:
+    default: {}
+    description: Mapping of service_name -> network name. Typically set
+                 via parameter_defaults in the resource registry.  This
+                 mapping overrides those in ServiceNetMapDefaults.
+    type: json
+  DefaultPasswords:
+    default: {}
+    type: json
+  EndpointMap:
+    default: {}
+    description: Mapping of service endpoint -> protocol. Typically set
+                 via parameter_defaults in the resource registry.
+    type: json
+  AdminPassword:
+    description: Keystone admin user password
+    type: string
+  AdminTenantName:
+    description: Keystone admin tenant name
+    type: string
+  AdminToken:
+    description: Keystone admin token
+    type: string
+  AdminUser:
+    description: Keystone admin user name
+    type: string
+  AuthHost:
+    description: Keystone host IP address
+    type: string
+  AuthPort:
+    default: 35357
+    description: Keystone port
+    type: number
+  AuthProtocol:
+    default: 'http'
+    description: Keystone authentication protocol
+    type: string
+  ContrailDiscoveryServerIp:
+    description: Discovery server ip address
+    type: string
+  ContrailKafkaBrokerList:
+    description: List of kafka servers
+    type: comma_delimited_list
+  ContrailAuth:
+    default: 'keystone'
+    description: Keystone authentication method
+    type: string
+  ContrailCassandraServerList:
+    default: []
+    description: List of cassandra servers
+    type: comma_delimited_list
+  ContrailDiscoveryServerPort:
+    description: Discovery server port
+    type: number
+    default: 5998
+  ContrailInsecure:
+    default: false
+    description: Keystone insecure mode
+    type: boolean
+  ContrailMemcachedServer:
+    default: '127.0.0.1:12111'
+    description: Memcached server
+    type: string
+  ContrailMultiTenancy:
+    default: true
+    description: Turn on/off multi-tenancy
+    type: boolean
+  ContrailZkServerIp:
+    default: []
+    description: List of zookeeper servers
+    type: comma_delimited_list
+
+outputs:
+  role_data:
+    description: Shared role data for the Contrail services.
+    value:
+      service_name: contrail_base
+      config_settings:
+        contrail::admin_password: {get_param: AdminPassword}
+        contrail::admin_tenant_name: {get_param: AdminTenantName}
+        contrail::admin_token: {get_param: AdminToken}
+        contrail::admin_user: {get_param: AdminUser}
+        contrail::auth_host: {get_param: [EndpointMap, KeystoneInternal, host] }
+        contrail::auth_port: {get_param: [EndpointMap, KeystoneInternal, port] }
+        contrail::auth_protocol: {get_param: [EndpointMap, KeystoneInternal, protocol] }
+        contrail::disc_server_ip: {get_param: ContrailDiscoveryServerIp}
+        contrail::kafka_broker_list: {get_param: ContrailKafkaBrokerList}
+        contrail::auth: {get_param: ContrailAuth}
+        contrail::cassandra_server_list: {get_param: ContrailCassandraServerList}
+        contrail::disc_server_port: {get_param: ContrailDiscoveryServerPort}
+        contrail::insecure: {get_param: ContrailInsecure}
+        contrail::memcached_server: {get_param: ContrailMemcachedServer}
+        contrail::multi_tenancy: {get_param: ContrailMultiTenancy}
+        contrail::zk_server_ip: {get_param: ContrailZkServerIp}
diff --git a/puppet/services/network/contrail-config.yaml b/puppet/services/network/contrail-config.yaml
new file mode 100644 (file)
index 0000000..0987fc7
--- /dev/null
+++ b/puppet/services/network/contrail-config.yaml
@@ -0,0 +1,72 @@
+heat_template_version: 2016-04-08
+
+description: >
+  Contrail Config service deployment using puppet, this YAML file
+  creates the interface between the HOT template
+  and the puppet manifest that actually installs
+  and configures Contrail Config.
+
+parameters:
+  ServiceNetMap:
+    default: {}
+    description: Mapping of service_name -> network name. Typically set
+                 via parameter_defaults in the resource registry.  This
+                 mapping overrides those in ServiceNetMapDefaults.
+    type: json
+  DefaultPasswords:
+    default: {}
+    type: json
+  EndpointMap:
+    default: {}
+    description: Mapping of service endpoint -> protocol. Typically set
+                 via parameter_defaults in the resource registry.
+    type: json
+  ContrailConfigIfmapServerIp:
+    description: Ifmap server ip address
+    type: string
+  ContrailConfigIfmapUserName:
+    description: Ifmap user name
+    type: string
+  ContrailConfigIfmapUserPassword:
+    description: Ifmap user password
+    type: string
+  ContrailConfigRabbitServerIp:
+    description: RabbitMq server ip address
+    type: string
+  ContrailConfigRedisServerIp:
+    description: Redis server ip address
+    type: string
+  ContrailConfigListenAddress:
+    default: '0.0.0.0'
+    description: IP address Config API is listening on
+    type: string
+  ContrailConfigListenPort:
+    default: 8082
+    description: Port Config API is listening on
+    type: number
+
+resources:
+  ContrailBase:
+    type: ./contrail-base.yaml
+    properties:
+      ServiceNetMap: {get_param: ServiceNetMap}
+      DefaultPasswords: {get_param: DefaultPasswords}
+      EndpointMap: {get_param: EndpointMap}
+
+outputs:
+  role_data:
+    description: Role Contrail Config using composable services.
+    value:
+      service_name: contrail_config
+      config_settings:
+        map_merge:
+          - get_attr: [ContrailBase, role_data, config_settings]
+          - contrail::config::ifmap_password: {get_param: ContrailConfigIfmapUserPassword}
+            contrail::config::ifmap_server_ip: {get_param: ContrailConfigIfmapServerIp}
+            contrail::config::ifmap_username: {get_param: ContrailConfigIfmapUserName}
+            contrail::config::listen_ip_address: {get_param: ContrailConfigListenAddress}
+            contrail::config::listen_port: {get_param: ContrailConfigListenPort}
+            contrail::config::rabbit_server: {get_param: ContrailConfigRabbitServerIp}
+            contrail::config::redis_server: {get_param: ContrailConfigRedisServerIp}
+      step_config: |
+        include ::tripleo::network::contrail::config
diff --git a/puppet/services/network/contrail-control.yaml b/puppet/services/network/contrail-control.yaml
new file mode 100644 (file)
index 0000000..9356e9e
--- /dev/null
+++ b/puppet/services/network/contrail-control.yaml
@@ -0,0 +1,54 @@
+heat_template_version: 2016-04-08
+
+description: >
+  Contrail Control service deployment using puppet, this YAML file
+  creates the interface between the HOT template
+  and the puppet manifest that actually installs
+  and configures Contrail Control.
+
+parameters:
+  ServiceNetMap:
+    default: {}
+    description: Mapping of service_name -> network name. Typically set
+                 via parameter_defaults in the resource registry.  This
+                 mapping overrides those in ServiceNetMapDefaults.
+    type: json
+  DefaultPasswords:
+    default: {}
+    type: json
+  EndpointMap:
+    default: {}
+    description: Mapping of service endpoint -> protocol. Typically set
+                 via parameter_defaults in the resource registry.
+    type: json
+  ContrailControlHostIP:
+    description: host IP address of Analytics
+    type: string
+  ContrailControlIfmapUserName:
+    description: Ifmap user name
+    type: string
+  ContrailControlIfmapUserPassword:
+    description: Ifmap user password
+    type: string
+
+resources:
+  ContrailBase:
+    type: ./contrail-base.yaml
+    properties:
+      ServiceNetMap: {get_param: ServiceNetMap}
+      DefaultPasswords: {get_param: DefaultPasswords}
+      EndpointMap: {get_param: EndpointMap}
+
+outputs:
+  role_data:
+    description: Role Contrail Control using composable services.
+    value:
+      service_name: contrail_control
+      config_settings:
+        map_merge:
+          - get_attr: [ContrailBase, role_data, config_settings]
+          - contrail::control::host_ip: {get_param: ContrailControlHostIP}
+            contrail::control::ifmap_username: {get_param: ContrailControlIfmapUserName}
+            contrail::control::ifmap_password: {get_param: ContrailControlIfmapUserPassword}
+      step_config: |
+        include ::tripleo::network::contrail::control
diff --git a/puppet/services/network/contrail-database.yaml b/puppet/services/network/contrail-database.yaml
new file mode 100644 (file)
index 0000000..e571261
--- /dev/null
+++ b/puppet/services/network/contrail-database.yaml
@@ -0,0 +1,51 @@
+heat_template_version: 2016-04-08
+
+description: >
+  Contrail Database service deployment using puppet, this YAML file
+  creates the interface between the HOT template
+  and the puppet manifest that actually installs
+  and configures Contrail Database.
+
+parameters:
+  ServiceNetMap:
+    default: {}
+    description: Mapping of service_name -> network name. Typically set
+                 via parameter_defaults in the resource registry.  This
+                 mapping overrides those in ServiceNetMapDefaults.
+    type: json
+  DefaultPasswords:
+    default: {}
+    type: json
+  EndpointMap:
+    default: {}
+    description: Mapping of service endpoint -> protocol. Typically set
+                 via parameter_defaults in the resource registry.
+    type: json
+  ContrailDatabaseHostIP:
+    description: host IP address of Database node
+    type: string
+  ContrailDatabaseMinDisk:
+    description: Minimum disk size for database
+    type: number
+    default: 64
+
+resources:
+  ContrailBase:
+    type: ./contrail-base.yaml
+    properties:
+      ServiceNetMap: {get_param: ServiceNetMap}
+      DefaultPasswords: {get_param: DefaultPasswords}
+      EndpointMap: {get_param: EndpointMap}
+
+outputs:
+  role_data:
+    description: Role Contrail Database using composable services.
+    value:
+      service_name: contrail_database
+      config_settings:
+        map_merge:
+          - get_attr: [ContrailBase, role_data, config_settings]
+          - contrail::database::host_ip: {get_param: ContrailDatabaseHostIP}
+            contrail::database::minimum_diskGB: {get_param: ContrailDatabaseMinDisk}
+      step_config: |
+        include ::tripleo::profile::contrail::database
diff --git a/puppet/services/network/contrail-webui.yaml b/puppet/services/network/contrail-webui.yaml
new file mode 100644 (file)
index 0000000..72b9e1c
--- /dev/null
+++ b/puppet/services/network/contrail-webui.yaml
@@ -0,0 +1,69 @@
+heat_template_version: 2016-04-08
+
+description: >
+  Contrail WebUI service deployment using puppet, this YAML file
+  creates the interface between the HOT template
+  and the puppet manifest that actually installs
+  and configures Contrail WebUI.
+
+parameters:
+  ServiceNetMap:
+    default: {}
+    description: Mapping of service_name -> network name. Typically set
+                 via parameter_defaults in the resource registry.  This
+                 mapping overrides those in ServiceNetMapDefaults.
+    type: json
+  DefaultPasswords:
+    default: {}
+    type: json
+  EndpointMap:
+    default: {}
+    description: Mapping of service endpoint -> protocol. Typically set
+                 via parameter_defaults in the resource registry.
+    type: json
+  ContrailWebUiAnalyticsVip:
+    description: Contrail Analytics VIP
+    type: string
+  ContrailWebUiConfigVip:
+    description: Contrail Config VIP
+    type: string
+  ContrailWebUiNeutronVip:
+    description: Neutron VIP
+    type: string
+  ContrailWebuiHttpPort:
+    default: 8080
+    description: HTTP Port of Webui
+    type: number
+  ContrailWebuiHttpsPort:
+    default: 8143
+    description: HTTPS Port of Webui
+    type: number
+  ContrailWebUiRedisIp:
+    description: Redis IP
+    type: string
+    default: '127.0.0.1'
+
+resources:
+  ContrailBase:
+    type: ./contrail-base.yaml
+    properties:
+      ServiceNetMap: {get_param: ServiceNetMap}
+      DefaultPasswords: {get_param: DefaultPasswords}
+      EndpointMap: {get_param: EndpointMap}
+
+outputs:
+  role_data:
+    description: Role Contrail WebUI using composable services.
+    value:
+      service_name: contrail_webui
+      config_settings:
+        map_merge:
+          - get_attr: [ContrailBase, role_data, config_settings]
+          - contrail::webui::contrail_analytics_vip: {get_param: ContrailWebUiAnalyticsVip}
+            contrail::webui::contrail_config_vip: {get_param: ContrailWebUiConfigVip}
+            contrail::webui::contrail_webui_http_port: {get_param: ContrailWebuiHttpPort}
+            contrail::webui::contrail_webui_https_port: {get_param: ContrailWebuiHttpsPort}
+            contrail::webui::neutron_vip: {get_param: ContrailWebUiNeutronVip}
+            contrail::webui::redis_ip: {get_param: ContrailWebUiRedisIp}
+      step_config: |
+        include ::tripleo::network::contrail::webui
diff --git a/puppet/services/neutron-api.yaml b/puppet/services/neutron-api.yaml
index 72ae7d9..e4ca489 100644 (file)
--- a/puppet/services/neutron-api.yaml
+++ b/puppet/services/neutron-api.yaml
@@ -75,7 +75,7 @@ outputs:
       config_settings:
         map_merge:
           - get_attr: [NeutronBase, role_data, config_settings]
-            neutron::server::database_connection:
+          - neutron::server::database_connection:
               list_join:
                 - ''
                 - - {get_param: [EndpointMap, MysqlInternal, protocol]}
diff --git a/puppet/services/neutron-base.yaml b/puppet/services/neutron-base.yaml
index 4eb417c..32d50d4 100644 (file)
--- a/puppet/services/neutron-base.yaml
+++ b/puppet/services/neutron-base.yaml
@@ -50,13 +50,16 @@ parameters:
         to false may result in configuration remnants after updates/upgrades.
   NeutronGlobalPhysnetMtu:
     type: number
-    default: 1500
+    default: 1496
     description: |
         MTU of the underlying physical network. Neutron uses this value to
         calculate MTU for all virtual network components. For flat and VLAN
         networks, neutron uses this value without modification. For overlay
         networks such as VXLAN, neutron automatically subtracts the overlay
-        protocol overhead from this value.
+        protocol overhead from this value. The default value of 1496 is
+        currently in effect to compensate for some additional overhead when
+        deploying with some network configurations (e.g. network isolation over
+        single network interfaces)
   ServiceNetMap:
     default: {}
     description: Mapping of service_name -> network name. Typically set
diff --git a/puppet/services/neutron-ovs-agent.yaml b/puppet/services/neutron-ovs-agent.yaml
index 36b609f..ade322e 100644 (file)
--- a/puppet/services/neutron-ovs-agent.yaml
+++ b/puppet/services/neutron-ovs-agent.yaml
@@ -56,6 +56,14 @@ parameters:
   MonitoringSubscriptionNeutronOvs:
     default: 'overcloud-neutron-ovs-agent'
     type: string
+  NeutronOVSFirewallDriver:
+    default: ''
+    description: |
+      Configure the classname of the firewall driver to use for implementing
+      security groups. Possible values depend on system configuration. Some
+      examples are: noop, openvswitch, iptables_hybrid. The default value of an
+      empty string will result in a default supported configuration.
+    type: string
 
 resources:
 
@@ -75,7 +83,7 @@ outputs:
       config_settings:
         map_merge:
           - get_attr: [NeutronBase, role_data, config_settings]
-            neutron::agents::ml2::ovs::l2_population: {get_param: NeutronEnableL2Pop}
+          - neutron::agents::ml2::ovs::l2_population: {get_param: NeutronEnableL2Pop}
             neutron::agents::ml2::ovs::enable_distributed_routing: {get_param: NeutronEnableDVR}
             neutron::agents::ml2::ovs::arp_responder: {get_param: NeutronEnableARPResponder}
             neutron::agents::ml2::ovs::bridge_mappings:
@@ -100,5 +108,6 @@ outputs:
             # internal_api_uri -> [IP]
             # internal_api_subnet - > IP/CIDR
             neutron::agents::ml2::ovs::local_ip: {get_param: [ServiceNetMap, NeutronTenantNetwork]}
+            neutron::agents::ml2::ovs::firewall_driver: {get_param: NeutronOVSFirewallDriver}
       step_config: |
         include ::tripleo::profile::base::neutron::ovs
diff --git a/puppet/services/neutron-ovs-dpdk-agent.yaml b/puppet/services/neutron-ovs-dpdk-agent.yaml
index 8ee98a3..cc772c9 100644 (file)
--- a/puppet/services/neutron-ovs-dpdk-agent.yaml
+++ b/puppet/services/neutron-ovs-dpdk-agent.yaml
@@ -65,7 +65,7 @@ outputs:
       config_settings:
         map_merge:
           - get_attr: [NeutronOvsAgent, role_data, config_settings]
-            neutron::agents::ml2::ovs::enable_dpdk: true
+          - neutron::agents::ml2::ovs::enable_dpdk: true
             neutron::agents::ml2::ovs::datapath_type: {get_param: NeutronDatapathType}
             neutron::agents::ml2::ovs::vhostuser_socket_dir: {get_param: NeutronVhostuserSocketDir}
             vswitch::dpdk::core_list: {get_param: NeutronDpdkCoreList}
diff --git a/puppet/services/neutron-plugin-ml2.yaml b/puppet/services/neutron-plugin-ml2.yaml
index 5dbae3d..17e8bca 100644 (file)
--- a/puppet/services/neutron-plugin-ml2.yaml
+++ b/puppet/services/neutron-plugin-ml2.yaml
@@ -33,7 +33,7 @@ parameters:
     default: 'datacentre'
     description: If set, flat networks to configure in neutron plugins.
   NeutronPluginExtensions:
-    default: "qos,port_security"
+    default: "qos,port_security,trunk"
     description: |
         Comma-separated list of extensions enabled for the Neutron plugin.
     type: comma_delimited_list
diff --git a/puppet/services/neutron-sriov-agent.yaml b/puppet/services/neutron-sriov-agent.yaml
index b9a9339..44f7f24 100644 (file)
--- a/puppet/services/neutron-sriov-agent.yaml
+++ b/puppet/services/neutron-sriov-agent.yaml
@@ -14,6 +14,11 @@ parameters:
   DefaultPasswords:
     default: {}
     type: json
+  EndpointMap:
+    default: {}
+    description: Mapping of service endpoint -> protocol. Typically set
+                 via parameter_defaults in the resource registry.
+    type: json
   NeutronPhysicalDevMappings:
     description: >
       List of <physical_network>:<physical device>
@@ -39,11 +44,15 @@ parameters:
       Example "eth1:4096","eth2:128"
     type: comma_delimited_list
     default: ""
-  EndpointMap:
-    default: {}
-    description: Mapping of service endpoint -> protocol. Typically set
-                 via parameter_defaults in the resource registry.
-    type: json
+
+resources:
+
+  NeutronBase:
+    type: ./neutron-base.yaml
+    properties:
+      ServiceNetMap: {get_param: ServiceNetMap}
+      DefaultPasswords: {get_param: DefaultPasswords}
+      EndpointMap: {get_param: EndpointMap}
 
 outputs:
   role_data:
@@ -51,8 +60,10 @@ outputs:
     value:
       service_name: neutron_sriov_agent
       config_settings:
-        neutron::agents::ml2::sriov::physical_device_mappings: {get_param: NeutronPhysicalDevMappings}
-        neutron::agents::ml2::sriov::exclude_devices: {get_param: NeutronExcludeDevices}
-        tripleo::host::sriov::number_of_vfs: {get_param: NeutronSriovNumVFs}
+        map_merge:
+          - get_attr: [NeutronBase, role_data, config_settings]
+          - neutron::agents::ml2::sriov::physical_device_mappings: {get_param: NeutronPhysicalDevMappings}
+            neutron::agents::ml2::sriov::exclude_devices: {get_param: NeutronExcludeDevices}
+            tripleo::host::sriov::number_of_vfs: {get_param: NeutronSriovNumVFs}
       step_config: |
         include ::tripleo::profile::base::neutron::sriov
diff --git a/puppet/services/nova-compute.yaml b/puppet/services/nova-compute.yaml
index ccdcb52..d1d7ae6 100644 (file)
--- a/puppet/services/nova-compute.yaml
+++ b/puppet/services/nova-compute.yaml
@@ -128,7 +128,7 @@ outputs:
             # internal_api_uri -> [IP]
             # internal_api_subnet - > IP/CIDR
             nova::compute::vncserver_proxyclient_address: {get_param: [ServiceNetMap, NovaVncProxyNetwork]}
-            nova::compute::vncproxy_host: {get_param: [EndpointMap, NovaPublic, host]}
+            nova::compute::vncproxy_host: {get_param: [EndpointMap, NovaPublic, host_nobrackets]}
       step_config: |
         # TODO(emilien): figure how to deal with libvirt profile.
         # We'll probably treat it like we do with Neutron plugins.
diff --git a/puppet/services/nova-vncproxy.yaml b/puppet/services/nova-vnc-proxy.yaml
similarity index 82%
rename from puppet/services/nova-vncproxy.yaml
rename to puppet/services/nova-vnc-proxy.yaml
index ce15fcc..899fa35 100644 (file)
--- a/puppet/services/nova-vncproxy.yaml
+++ b/puppet/services/nova-vnc-proxy.yaml
@@ -34,21 +34,14 @@ outputs:
   role_data:
     description: Role data for the Nova Vncproxy service.
     value:
-      service_name: nova_vncproxy
+      service_name: nova_vnc_proxy
       monitoring_subscription: {get_param: MonitoringSubscriptionNovaVNCProxy}
       config_settings:
         map_merge:
           - get_attr: [NovaBase, role_data, config_settings]
           - nova::vncproxy::enabled: true
             nova::vncproxy::common::vncproxy_protocol: {get_param: [EndpointMap, NovaVNCProxyPublic, protocol]}
-            # Remove brackets that may come if the IP address is IPv6.
-            # For DNS names and IPv4, this will just get NovaVNCProxyPublic
-            nova::vncproxy::common::vncproxy_host:
-              str_replace:
-                template: {get_param: [EndpointMap, NovaVNCProxyPublic, host]}
-                params:
-                  '[': ''
-                  ']': ''
+            nova::vncproxy::common::vncproxy_host: {get_param: [EndpointMap, NovaVNCProxyPublic, host_nobrackets]}
             nova::vncproxy::common::vncproxy_port: {get_param: [EndpointMap, NovaVNCProxyPublic, port]}
             # NOTE: bind IP is found in Heat replacing the network name with the local node IP
             # for the given network; replacement examples (eg. for internal_api):
diff --git a/puppet/services/pacemaker/nova-vncproxy.yaml b/puppet/services/pacemaker/nova-vnc-proxy.yaml
similarity index 95%
rename from puppet/services/pacemaker/nova-vncproxy.yaml
rename to puppet/services/pacemaker/nova-vnc-proxy.yaml
index 0ec5de6..d0c4f1d 100644 (file)
--- a/puppet/services/pacemaker/nova-vncproxy.yaml
+++ b/puppet/services/pacemaker/nova-vnc-proxy.yaml
@@ -22,7 +22,7 @@ parameters:
 resources:
 
   NovaVncproxyBase:
-    type: ../nova-vncproxy.yaml
+    type: ../nova-vnc-proxy.yaml
     properties:
       ServiceNetMap: {get_param: ServiceNetMap}
       DefaultPasswords: {get_param: DefaultPasswords}
@@ -32,7 +32,7 @@ outputs:
   role_data:
     description: Role data for the Nova Vncproxy role.
     value:
-      service_name: nova_vncproxy
+      service_name: nova_vnc_proxy
       monitoring_subscription: {get_attr: [NovaVncproxyBase, role_data, monitoring_subscription]}
       config_settings:
         map_merge:
diff --git a/puppet/services/services.yaml b/puppet/services/services.yaml
index 669e287..b54a6d7 100644 (file)
--- a/puppet/services/services.yaml
+++ b/puppet/services/services.yaml
@@ -54,4 +54,9 @@ outputs:
           expression: list($.data.subscriptions.where($ != null))
           data: {subscriptions: {get_attr: [ServiceChain, role_data, monitoring_subscription]}}
       config_settings: {map_merge: {get_attr: [ServiceChain, role_data, config_settings]}}
+      global_config_settings:
+        map_merge:
+          yaql:
+            expression: list($.data.configs.where($ != null))
+            data: {configs: {get_attr: [ServiceChain, role_data, global_config_settings]}}
       step_config: {list_join: ["\n", {get_attr: [ServiceChain, role_data, step_config]}]}
diff --git a/puppet/services/swift-ringbuilder.yaml b/puppet/services/swift-ringbuilder.yaml
index f41228e..e151d18 100644 (file)
--- a/puppet/services/swift-ringbuilder.yaml
+++ b/puppet/services/swift-ringbuilder.yaml
@@ -1,4 +1,4 @@
-heat_template_version: 2016-04-08
+heat_template_version: 2016-10-14
 
 description: >
   OpenStack Swift Ringbuilder
@@ -34,6 +34,11 @@ parameters:
     type: number
     default: 3
     description: How many replicas to use in the swift rings.
+  SwiftRawDisks:
+    default: {}
+    description: 'A hash of additional raw devices to use as Swift backend (eg. {sdb: {}})'
+    type: json
+
 
 outputs:
   role_data:
@@ -43,6 +48,17 @@ outputs:
       config_settings:
         tripleo::profile::base::swift::ringbuilder::build_ring: {get_param: SwiftRingBuild}
         tripleo::profile::base::swift::ringbuilder::replicas: {get_param: SwiftReplicas}
+        tripleo::profile::base::swift::ringbuilder::raw_disk_prefix: 'r1z1-'
+        tripleo::profile::base::swift::ringbuilder::raw_disks:
+          yaql:
+            expression: $.data.raw_disk_lists.flatten()
+            data:
+              raw_disk_lists:
+              - [':%PORT%/d1']
+              - repeat:
+                  template: ':%PORT%/DEVICE'
+                  for_each:
+                    DEVICE: {get_param: SwiftRawDisks}
         swift::ringbuilder::part_power: {get_param: SwiftPartPower}
         swift::ringbuilder::min_part_hours: {get_param: SwiftMinPartHours}
       step_config: |
diff --git a/puppet/services/swift-storage.yaml b/puppet/services/swift-storage.yaml
index 91d5256..7fbb8d9 100644 (file)
--- a/puppet/services/swift-storage.yaml
+++ b/puppet/services/swift-storage.yaml
@@ -87,6 +87,6 @@ outputs:
               - healthcheck
               - account-server
             swift::storage::disks: {get_param: SwiftRawDisks}
-            swift::storage::all::storage_local_net_ip: {get_param: [ServiceNetMap, SwiftMgmtNetwork]}
+            swift::storage::all::storage_local_net_ip: {get_param: [ServiceNetMap, SwiftStorageNetwork]}
       step_config: |
         include ::tripleo::profile::base::swift::storage
diff --git a/puppet/services/vip-hosts.yaml b/puppet/services/vip-hosts.yaml
index 445a276..a9d757e 100644 (file)
--- a/puppet/services/vip-hosts.yaml
+++ b/puppet/services/vip-hosts.yaml
@@ -47,10 +47,10 @@ outputs:
             ip: "%{hiera('storage_mgmt_virtual_ip')}"
             ensure: present
             comment: FQDN of the storage mgmt VIP
-          management:
-            name: "%{hiera('cloud_name_management')}"
+          ctlplane:
+            name: "%{hiera('cloud_name_ctlplane')}"
             ip: "%{hiera('controller_virtual_ip')}"
             ensure: present
-            comment: FQDN of the management VIP
+            comment: FQDN of the ctlplane VIP
       step_config: |
         include ::tripleo::vip_hosts
diff --git a/puppet/swift-devices-and-proxy-config.yaml b/puppet/swift-devices-and-proxy-config.yaml
deleted file mode 100644 (file)
index afee4da..0000000
--- a/puppet/swift-devices-and-proxy-config.yaml
+++ /dev/null
@@ -1,35 +0,0 @@
-heat_template_version: 2015-04-30
-description: 'Swift Devices and Proxy Config for Puppet'
-
-parameters:
-  controller_swift_devices:
-    type: comma_delimited_list
-  object_store_swift_devices:
-    type: comma_delimited_list
-
-resources:
-
-  SwiftDevicesAndProxyConfigImpl:
-    type: OS::Heat::StructuredConfig
-    properties:
-      group: os-apply-config
-      config:
-        hiera:
-          datafiles:
-            swift_devices_and_proxy:
-              mapped_data:
-                tripleo::profile::base::swift::ringbuilder::devices:
-                  list_join:
-                  - ", "
-                  - - list_join:
-                      - ", "
-                      - {get_param: controller_swift_devices}
-                    - list_join:
-                      - ", "
-                      - {get_param: object_store_swift_devices}
-
-outputs:
-  config_id:
-    description: The ID of the SwiftDevicesAndProxyConfigImpl resource.
-    value:
-      {get_resource: SwiftDevicesAndProxyConfigImpl}
diff --git a/puppet/swift-storage-post.yaml b/puppet/swift-storage-post.yaml
deleted file mode 100644 (file)
index ebc54ab..0000000
--- a/puppet/swift-storage-post.yaml
+++ /dev/null
@@ -1,91 +0,0 @@
-heat_template_version: 2015-04-30
-description: 'OpenStack swift storage node post deployment for Puppet'
-
-parameters:
-  ConfigDebug:
-    default: false
-    description: Whether to run config management (e.g. Puppet) in debug mode.
-    type: boolean
-  servers:
-    type: json
-  RoleData:
-    type: json
-    default: {}
-  DeployIdentifier:
-     type: string
-     default: ''
-     description: Value which changes if the node configuration may need to be re-applied
-
-resources:
-
-  StorageArtifactsConfig:
-    type: deploy-artifacts.yaml
-
-  StorageArtifactsDeploy:
-    type: OS::Heat::StructuredDeployments
-    properties:
-      servers:  {get_param: servers}
-      config: {get_resource: StorageArtifactsConfig}
-      input_values:
-        update_identifier: {get_param: DeployIdentifier}
-
-  StoragePuppetConfig:
-    type: OS::Heat::SoftwareConfig
-    properties:
-      group: puppet
-      options:
-        enable_debug: {get_param: ConfigDebug}
-        enable_hiera: True
-        enable_facter: False
-        modulepath: /etc/puppet/modules:/opt/stack/puppet-modules:/usr/share/openstack-puppet/modules
-      inputs:
-      - name: step
-      outputs:
-      - name: result
-      config:
-        list_join:
-        - ''
-        - - get_file: manifests/overcloud_object.pp
-          - {get_param: [RoleData, step_config]}
-
-  StorageRingbuilderDeployment_Step2:
-    type: OS::Heat::StructuredDeployments
-    depends_on: StorageArtifactsDeploy
-    properties:
-      name: StorageRingbuilderDeployment_Step2
-      servers:  {get_param: servers}
-      config: {get_resource: StoragePuppetConfig}
-      input_values:
-        step: 2
-        update_identifier: {get_param: DeployIdentifier}
-
-  StorageRingbuilderDeployment_Step3:
-    type: OS::Heat::StructuredDeployments
-    depends_on: StorageRingbuilderDeployment_Step2
-    properties:
-      name: StorageRingbuilderDeployment_Step3
-      servers:  {get_param: servers}
-      config: {get_resource: StoragePuppetConfig}
-      input_values:
-        step: 3
-        update_identifier: {get_param: DeployIdentifier}
-
-  StorageDeployment_Step4:
-    type: OS::Heat::StructuredDeployments
-    depends_on: StorageRingbuilderDeployment_Step3
-    properties:
-      name: StorageDeployment_Step4
-      servers:  {get_param: servers}
-      config: {get_resource: StoragePuppetConfig}
-      input_values:
-        step: 4
-        update_identifier: {get_param: DeployIdentifier}
-
-  # Note, this should come last, so use depends_on to ensure
-  # this is created after any other resources.
-  ExtraConfig:
-    depends_on: StorageDeployment_Step4
-    type: OS::TripleO::NodeExtraConfigPost
-    properties:
-        servers: {get_param: servers}
-
diff --git a/puppet/swift-storage.yaml b/puppet/swift-storage.yaml
index d8e49ca..9eb6631 100644 (file)
--- a/puppet/swift-storage.yaml
+++ b/puppet/swift-storage.yaml
@@ -27,6 +27,11 @@ parameters:
     description: Mapping of service_name -> network name. Typically set
                  via parameter_defaults in the resource registry.
     type: json
+  EndpointMap:
+    default: {}
+    description: Mapping of service endpoint -> protocol. Typically set
+                 via parameter_defaults in the resource registry.
+    type: json
   Hostname:
     type: string
     default: '' # Defaults to Heat created hostname
@@ -91,10 +96,6 @@ parameters:
     type: string
     description: Command which will be run whenever configuration data changes
     default: os-refresh-config --timeout 14400
-  SwiftRawDisks:
-    default: {}
-    description: 'A hash of additional raw devices to use as Swift backend (eg. {sdb: {}})'
-    type: json
 
 resources:
 
@@ -237,7 +238,6 @@ resources:
             - service_names
             - service_configs
             - object
-            - swift_devices_and_proxy # provided by SwiftDevicesAndProxyConfig
             - bootstrap_node # provided by allNodesConfig
             - all_nodes # provided by allNodesConfig
             - vip_data # provided by allNodesConfig
@@ -317,6 +317,7 @@ outputs:
           STORAGE_MGMTIP STORAGE_MGMTHOST.DOMAIN STORAGE_MGMTHOST
           TENANTIP TENANTHOST.DOMAIN TENANTHOST
           MANAGEMENTIP MANAGEMENTHOST.DOMAIN MANAGEMENTHOST
+          CTLPLANEIP CTLPLANEHOST.DOMAIN CTLPLANEHOST
         params:
           PRIMARYIP: {get_attr: [NetIpMap, net_ip_map, {get_param: [ServiceNetMap, ObjectStorageHostnameResolveNetwork]}]}
           DOMAIN: {get_param: CloudDomain}
@@ -357,31 +358,16 @@ outputs:
             - '.'
             - - {get_attr: [SwiftStorage, name]}
               - management
+          CTLPLANEIP: {get_attr: [SwiftStorage, networks, ctlplane, 0]}
+          CTLPLANEHOST:
+            list_join:
+            - '.'
+            - - {get_attr: [SwiftStorage, name]}
+              - ctlplane
   nova_server_resource:
     description: Heat resource handle for the swift storage server
     value:
       {get_resource: SwiftStorage}
-  swift_device:
-    description: Swift device formatted for swift-ring-builder
-    value:
-      str_replace:
-        template:
-          list_join:
-            - ','
-            - ['r1z1-IP:%PORT%/d1']
-            - repeat:
-                template: 'r1z1-IP:%PORT%/DEVICE'
-                for_each:
-                  DEVICE: {get_param: SwiftRawDisks}
-        params:
-          IP:
-            get_attr:
-              - NetIpMap
-              - net_ip_map
-              - str_replace:
-                  template: "NETWORK_uri"
-                  params:
-                    NETWORK: {get_param: [ServiceNetMap, SwiftMgmtNetwork]}
   external_ip_address:
     description: IP address of the server in the external network
     value: {get_attr: [ExternalPort, ip_address]}
diff --git a/roles_data.yaml b/roles_data.yaml
new file mode 100644 (file)
index 0000000..db0004c
--- /dev/null
+++ b/roles_data.yaml
@@ -0,0 +1,141 @@
+- name: Controller
+  CountDefault: 1
+  HostnameFormatDefault: '%stackname%-controller-%index%'
+  ServicesDefault:
+    - OS::TripleO::Services::CACerts
+    - OS::TripleO::Services::CephMon
+    - OS::TripleO::Services::CephExternal
+    - OS::TripleO::Services::CinderApi
+    - OS::TripleO::Services::CinderBackup
+    - OS::TripleO::Services::CinderScheduler
+    - OS::TripleO::Services::CinderVolume
+    - OS::TripleO::Services::Core
+    - OS::TripleO::Services::Kernel
+    - OS::TripleO::Services::Keystone
+    - OS::TripleO::Services::GlanceApi
+    - OS::TripleO::Services::GlanceRegistry
+    - OS::TripleO::Services::HeatApi
+    - OS::TripleO::Services::HeatApiCfn
+    - OS::TripleO::Services::HeatApiCloudwatch
+    - OS::TripleO::Services::HeatEngine
+    - OS::TripleO::Services::MySQL
+    - OS::TripleO::Services::NeutronDhcpAgent
+    - OS::TripleO::Services::NeutronL3Agent
+    - OS::TripleO::Services::NeutronMetadataAgent
+    - OS::TripleO::Services::NeutronApi
+    - OS::TripleO::Services::NeutronCorePlugin
+    - OS::TripleO::Services::NeutronOvsAgent
+    - OS::TripleO::Services::RabbitMQ
+    - OS::TripleO::Services::HAproxy
+    - OS::TripleO::Services::Keepalived
+    - OS::TripleO::Services::Memcached
+    - OS::TripleO::Services::Pacemaker
+    - OS::TripleO::Services::Redis
+    - OS::TripleO::Services::NovaConductor
+    - OS::TripleO::Services::MongoDb
+    - OS::TripleO::Services::NovaApi
+    - OS::TripleO::Services::NovaScheduler
+    - OS::TripleO::Services::NovaConsoleauth
+    - OS::TripleO::Services::NovaVncProxy
+    - OS::TripleO::Services::Ntp
+    - OS::TripleO::Services::SwiftProxy
+    - OS::TripleO::Services::SwiftStorage
+    - OS::TripleO::Services::SwiftRingBuilder
+    - OS::TripleO::Services::Snmp
+    - OS::TripleO::Services::Timezone
+    - OS::TripleO::Services::CeilometerApi
+    - OS::TripleO::Services::CeilometerCollector
+    - OS::TripleO::Services::CeilometerExpirer
+    - OS::TripleO::Services::CeilometerAgentCentral
+    - OS::TripleO::Services::CeilometerAgentNotification
+    - OS::TripleO::Services::Horizon
+    - OS::TripleO::Services::GnocchiApi
+    - OS::TripleO::Services::GnocchiMetricd
+    - OS::TripleO::Services::GnocchiStatsd
+    - OS::Tripleo::Services::ManilaApi
+    - OS::Tripleo::Services::ManilaScheduler
+    - OS::Tripleo::Services::ManilaShare
+    - OS::TripleO::Services::AodhApi
+    - OS::TripleO::Services::AodhEvaluator
+    - OS::TripleO::Services::AodhNotifier
+    - OS::TripleO::Services::AodhListener
+    - OS::TripleO::Services::SaharaApi
+    - OS::TripleO::Services::SaharaEngine
+    - OS::TripleO::Services::IronicApi
+    - OS::TripleO::Services::IronicConductor
+    - OS::TripleO::Services::NovaIronic
+    - OS::TripleO::Services::TripleoPackages
+    - OS::TripleO::Services::TripleoFirewall
+    - OS::TripleO::Services::OpenDaylight
+    - OS::TripleO::Services::SensuClient
+    - OS::TripleO::Services::VipHosts
+
+- name: Compute
+  CountDefault: 1
+  HostnameFormatDefault: '%stackname%-novacompute-%index%'
+  ServicesDefault:
+    - OS::TripleO::Services::CACerts
+    - OS::TripleO::Services::CephClient
+    - OS::TripleO::Services::CephExternal
+    - OS::TripleO::Services::Timezone
+    - OS::TripleO::Services::Ntp
+    - OS::TripleO::Services::Snmp
+    - OS::TripleO::Services::NovaCompute
+    - OS::TripleO::Services::NovaLibvirt
+    - OS::TripleO::Services::Kernel
+    - OS::TripleO::Services::ComputeNeutronCorePlugin
+    - OS::TripleO::Services::ComputeNeutronOvsAgent
+    - OS::TripleO::Services::ComputeCeilometerAgent
+    - OS::TripleO::Services::ComputeNeutronL3Agent
+    - OS::TripleO::Services::ComputeNeutronMetadataAgent
+    - OS::TripleO::Services::TripleoPackages
+    - OS::TripleO::Services::TripleoFirewall
+    - OS::TripleO::Services::NeutronSriovAgent
+    - OS::TripleO::Services::OpenDaylightOvs
+    - OS::TripleO::Services::SensuClient
+    - OS::TripleO::Services::VipHosts
+
+- name: BlockStorage
+  CountDefault: 0
+  HostnameFormatDefault: '%stackname%-blockstorage-%index%'
+  ServicesDefault:
+    - OS::TripleO::Services::CACerts
+    - OS::TripleO::Services::CinderVolume
+    - OS::TripleO::Services::Kernel
+    - OS::TripleO::Services::Ntp
+    - OS::TripleO::Services::Timezone
+    - OS::TripleO::Services::Snmp
+    - OS::TripleO::Services::TripleoPackages
+    - OS::TripleO::Services::TripleoFirewall
+    - OS::TripleO::Services::SensuClient
+    - OS::TripleO::Services::VipHosts
+
+- name: ObjectStorage
+  CountDefault: 0
+  HostnameFormatDefault: '%stackname%-objectstorage-%index%'
+  ServicesDefault:
+    - OS::TripleO::Services::CACerts
+    - OS::TripleO::Services::Kernel
+    - OS::TripleO::Services::Ntp
+    - OS::TripleO::Services::SwiftStorage
+    - OS::TripleO::Services::SwiftRingBuilder
+    - OS::TripleO::Services::Snmp
+    - OS::TripleO::Services::Timezone
+    - OS::TripleO::Services::TripleoPackages
+    - OS::TripleO::Services::TripleoFirewall
+    - OS::TripleO::Services::SensuClient
+    - OS::TripleO::Services::VipHosts
+
+- name: CephStorage
+  CountDefault: 0
+  HostnameFormatDefault: '%stackname%-cephstorage-%index%'
+  ServicesDefault:
+    - OS::TripleO::Services::CACerts
+    - OS::TripleO::Services::CephOSD
+    - OS::TripleO::Services::Kernel
+    - OS::TripleO::Services::Ntp
+    - OS::TripleO::Services::Timezone
+    - OS::TripleO::Services::TripleoPackages
+    - OS::TripleO::Services::TripleoFirewall
+    - OS::TripleO::Services::SensuClient
+    - OS::TripleO::Services::VipHosts
diff --git a/tools/yaml-validate.py b/tools/yaml-validate.py
index 7b3d347..95c7d02 100755 (executable)
--- a/tools/yaml-validate.py
+++ b/tools/yaml-validate.py
@@ -64,15 +64,16 @@ def validate(filename):
         print(traceback.format_exc())
         return 1
     # yaml is OK, now walk the parameters and output a warning for unused ones
-    for p in tpl.get('parameters', {}):
-        if p in required_params:
-            continue
-        str_p = '\'%s\'' % p
-        in_resources = str_p in str(tpl.get('resources', {}))
-        in_outputs = str_p in str(tpl.get('outputs', {}))
-        if not in_resources and not in_outputs:
-            print('Warning: parameter %s in template %s appears to be unused'
-                  % (p, filename))
+    if 'heat_template_version' in tpl:
+        for p in tpl.get('parameters', {}):
+            if p in required_params:
+                continue
+            str_p = '\'%s\'' % p
+            in_resources = str_p in str(tpl.get('resources', {}))
+            in_outputs = str_p in str(tpl.get('outputs', {}))
+            if not in_resources and not in_outputs:
+                print('Warning: parameter %s in template %s '
+                      'appears to be unused' % (p, filename))
 
     return retval
 
@@ -87,7 +88,7 @@ for base_path in path_args:
     if os.path.isdir(base_path):
         for subdir, dirs, files in os.walk(base_path):
             for f in files:
-                if f.endswith('.yaml'):
+                if f.endswith('.yaml') and not f.endswith('.j2.yaml'):
                     file_path = os.path.join(subdir, f)
                     failed = validate(file_path)
                     if failed: