# This is a cross-platform list tracking distribution packages needed by tests;
# see http://docs.openstack.org/infra/bindep/ for additional information.
+libssl-dev [platform:dpkg]
+openssl-devel [platform:rpm]
description: Enables Neutron BGPVPN Service Plugin
requires:
- overcloud-resource-registry-puppet.yaml
+ - file: environments/services/neutron-lbaasv2.yaml
+ title: Neutron LBaaSv2 Service Plugin
+ description: Enables Neutron LBaaSv2 Service Plugin and Agent
+ requires:
+ - overcloud-resource-registry-puppet.yaml
- file: environments/neutron-ml2-bigswitch.yaml
title: BigSwitch Extensions
description: >
--- /dev/null
+heat_template_version: pike
+
+description: >
+ Software Config to drive validations that occur on all nodes.
+ Note, you need the heat-config-script element built into your
+ images, due to the script group below.
+
+ This implementation of the validations is a noop that always reports success.
+
+parameters:
+ PingTestIps:
+ default: ''
+ description: A string containing a space separated list of IP addresses used to ping test each available network interface.
+ type: string
+ ValidateFqdn:
+ default: false
+ description: Optional validation to ensure FQDN as set by Nova matches the name set in /etc/hosts.
+ type: boolean
+ ValidateNtp:
+ default: true
+ description: Validation to ensure at least one time source is accessible.
+ type: boolean
+
+resources:
+ AllNodesValidationsImpl:
+ type: OS::Heat::SoftwareConfig
+ properties:
+ group: script
+ inputs:
+ - name: ping_test_ips
+ default: {get_param: PingTestIps}
+ - name: validate_fqdn
+ default: {get_param: ValidateFqdn}
+ - name: validate_ntp
+ default: {get_param: ValidateNtp}
+ config: |
+ #!/bin/bash
+ exit 0
+
+outputs:
+ OS::stack_id:
+ description: The ID of the AllNodesValidationsImpl resource.
+ value: {get_resource: AllNodesValidationsImpl}
# mapping at all. After we stop CI'ing Ocata->Pike upgrade, we can
# remove this.
OS::TripleO::Services::Docker: OS::Heat::None
+ # Some infra instances don't pass the ping test but are otherwise working.
+ # Since the OVB jobs also test this functionality we can shut it off here.
+ OS::TripleO::AllNodes::Validation: ../common/all-nodes-validation-disabled.yaml
parameter_defaults:
ControllerServices:
OS::TripleO::Tasks::ControllerPreConfig: ../../extraconfig/tasks/pre_puppet_pacemaker.yaml
OS::TripleO::Tasks::ControllerPostConfig: ../../extraconfig/tasks/post_puppet_pacemaker.yaml
OS::TripleO::Tasks::ControllerPostPuppetRestart: ../../extraconfig/tasks/post_puppet_pacemaker_restart.yaml
+ # Some infra instances don't pass the ping test but are otherwise working.
+ # Since the OVB jobs also test this functionality we can shut it off here.
+ OS::TripleO::AllNodes::Validation: ../common/all-nodes-validation-disabled.yaml
parameter_defaults:
ControllerServices:
OS::TripleO::Services::PankoApi: ../../docker/services/panko-api.yaml
OS::TripleO::Services::Collectd: ../../docker/services/collectd.yaml
OS::TripleO::Services::Tacker: ../../docker/services/tacker.yaml
- OS::TripleO::Services::Congress: ../../docker/services/congress-api.yaml
+ OS::TripleO::Services::Congress: ../../docker/services/congress.yaml
# TODO fluentd is being containerized: https://review.openstack.org/#/c/467072/
OS::TripleO::Services::FluentdClient: ../../puppet/services/logging/fluentd-client.yaml
OS::TripleO::Services::SensuClient: ../../docker/services/sensu-client.yaml
# mapping at all. After we stop CI'ing Ocata->Pike upgrade, we can
# remove this.
OS::TripleO::Services::Docker: OS::Heat::None
+ # Some infra instances don't pass the ping test but are otherwise working.
+ # Since the OVB jobs also test this functionality we can shut it off here.
+ OS::TripleO::AllNodes::Validation: ../common/all-nodes-validation-disabled.yaml
parameter_defaults:
ControllerServices:
OS::TripleO::Tasks::ControllerPostPuppetRestart: ../../extraconfig/tasks/post_puppet_pacemaker_restart.yaml
OS::TripleO::Services::FluentdClient: ../../puppet/services/logging/fluentd-client.yaml
OS::TripleO::Services::SensuClient: ../../puppet/services/monitoring/sensu-client.yaml
+ # Some infra instances don't pass the ping test but are otherwise working.
+ # Since the OVB jobs also test this functionality we can shut it off here.
+ OS::TripleO::AllNodes::Validation: ../common/all-nodes-validation-disabled.yaml
parameter_defaults:
ControllerServices:
# mapping at all. After we stop CI'ing Ocata->Pike upgrade, we can
# remove this.
OS::TripleO::Services::Docker: OS::Heat::None
+ # Some infra instances don't pass the ping test but are otherwise working.
+ # Since the OVB jobs also test this functionality we can shut it off here.
+ OS::TripleO::AllNodes::Validation: ../common/all-nodes-validation-disabled.yaml
parameter_defaults:
ControllerServices:
OS::TripleO::Tasks::ControllerPreConfig: ../../extraconfig/tasks/pre_puppet_pacemaker.yaml
OS::TripleO::Tasks::ControllerPostConfig: ../../extraconfig/tasks/post_puppet_pacemaker.yaml
OS::TripleO::Tasks::ControllerPostPuppetRestart: ../../extraconfig/tasks/post_puppet_pacemaker_restart.yaml
+ # Some infra instances don't pass the ping test but are otherwise working.
+ # Since the OVB jobs also test this functionality we can shut it off here.
+ OS::TripleO::AllNodes::Validation: ../common/all-nodes-validation-disabled.yaml
parameter_defaults:
ControllerServices:
# mapping at all. After we stop CI'ing Ocata->Pike upgrade, we can
# remove this.
OS::TripleO::Services::Docker: OS::Heat::None
+ # Some infra instances don't pass the ping test but are otherwise working.
+ # Since the OVB jobs also test this functionality we can shut it off here.
+ OS::TripleO::AllNodes::Validation: ../common/all-nodes-validation-disabled.yaml
parameter_defaults:
ControllerServices:
OS::TripleO::Tasks::ControllerPreConfig: ../../extraconfig/tasks/pre_puppet_pacemaker.yaml
OS::TripleO::Tasks::ControllerPostConfig: ../../extraconfig/tasks/post_puppet_pacemaker.yaml
OS::TripleO::Tasks::ControllerPostPuppetRestart: ../../extraconfig/tasks/post_puppet_pacemaker_restart.yaml
+ # Some infra instances don't pass the ping test but are otherwise working.
+ # Since the OVB jobs also test this functionality we can shut it off here.
+ OS::TripleO::AllNodes::Validation: ../common/all-nodes-validation-disabled.yaml
parameter_defaults:
ControllerServices:
# mapping at all. After we stop CI'ing Ocata->Pike upgrade, we can
# remove this.
OS::TripleO::Services::Docker: OS::Heat::None
+ # Some infra instances don't pass the ping test but are otherwise working.
+ # Since the OVB jobs also test this functionality we can shut it off here.
+ OS::TripleO::AllNodes::Validation: ../common/all-nodes-validation-disabled.yaml
parameter_defaults:
OS::TripleO::Services::Redis: ../../puppet/services/pacemaker/database/redis.yaml
OS::TripleO::Services::MySQL: ../../puppet/services/pacemaker/database/mysql.yaml
OS::TripleO::Services::Keepalived: OS::Heat::None
+ # Some infra instances don't pass the ping test but are otherwise working.
+ # Since the OVB jobs also test this functionality we can shut it off here.
+ OS::TripleO::AllNodes::Validation: ../common/all-nodes-validation-disabled.yaml
parameter_defaults:
--- /dev/null
+resource_registry:
+ OS::TripleO::Controller::Net::SoftwareConfig: ../common/net-config-multinode.yaml
+ OS::TripleO::Compute::Net::SoftwareConfig: ../common/net-config-multinode.yaml
+ OS::TripleO::Services::NovaIronic: ../docker/services/nova-ironic.yaml
+ OS::TripleO::Services::IronicApi: ../docker/services/ironic-api.yaml
+ OS::TripleO::Services::IronicConductor: ../docker/services/ironic-conductor.yaml
+ OS::TripleO::Services::IronicPxe: ../docker/services/ironic-pxe.yaml
+ OS::TripleO::Services::Docker: OS::Heat::None
+
+parameter_defaults:
+ ControllerServices:
+ - OS::TripleO::Services::Docker
+ - OS::TripleO::Services::Kernel
+ - OS::TripleO::Services::Keystone
+ - OS::TripleO::Services::GlanceApi
+ - OS::TripleO::Services::IronicApi
+ - OS::TripleO::Services::IronicConductor
+ - OS::TripleO::Services::IronicPxe
+ - OS::TripleO::Services::MySQL
+ - OS::TripleO::Services::MySQLClient
+ - OS::TripleO::Services::NeutronDhcpAgent
+ - OS::TripleO::Services::NeutronL3Agent
+ - OS::TripleO::Services::NeutronMetadataAgent
+ - OS::TripleO::Services::NeutronServer
+ - OS::TripleO::Services::NeutronCorePlugin
+ - OS::TripleO::Services::NeutronOvsAgent
+ - OS::TripleO::Services::RabbitMQ
+ - OS::TripleO::Services::HAproxy
+ - OS::TripleO::Services::Keepalived
+ - OS::TripleO::Services::Memcached
+ - OS::TripleO::Services::Pacemaker
+ - OS::TripleO::Services::NovaConductor
+ - OS::TripleO::Services::NovaApi
+ - OS::TripleO::Services::NovaIronic
+ - OS::TripleO::Services::NovaPlacement
+ - OS::TripleO::Services::NovaMetadata
+ - OS::TripleO::Services::NovaScheduler
+ - OS::TripleO::Services::Ntp
+ - OS::TripleO::Services::Snmp
+ - OS::TripleO::Services::Sshd
+ - OS::TripleO::Services::Securetty
+ - OS::TripleO::Services::Timezone
+ - OS::TripleO::Services::MongoDb
+ - OS::TripleO::Services::Redis
+ - OS::TripleO::Services::TripleoPackages
+ - OS::TripleO::Services::TripleoFirewall
+
+ Debug: true
+ BannerText: |
+ ******************************************************************
+ * This system is for the use of authorized users only. Usage of *
+ * this system may be monitored and recorded by system personnel. *
+ * Anyone using this system expressly consents to such monitoring *
+ * and is advised that if such monitoring reveals possible *
+ * evidence of criminal activity, system personnel may provide *
+ * the evidence from such monitoring to law enforcement officials.*
+ ******************************************************************
+ # we don't deploy Swift so we switch to file backend.
+ GlanceBackend: 'file'
+ IronicCleaningDiskErase: 'metadata'
--- /dev/null
+heat_template_version: pike
+
+parameters:
+ RoleCounts:
+ type: json
+ default: {}
+ VipMap:
+ type: json
+ default: {}
+ DeployedServerPortMap:
+ type: json
+ default: {}
+ DeployedServerDeploymentSwiftDataMap:
+ type: json
+ default: {}
+ DefaultRouteIp:
+ type: string
+ default: 192.168.24.1
+
+resources:
+
+ DeployedServerPortMapParameter:
+ type: OS::Heat::Value
+ properties:
+ type: json
+ value:
+ DeployedServerPortMap:
+ map_merge:
+ - {get_param: DeployedServerPortMap}
+ - control_virtual_ip:
+ fixed_ips:
+ - ip_address: {get_param: [VipMap, ctlplane]}
+ - redis_virtual_ip:
+ fixed_ips:
+ - ip_address: {get_param: [VipMap, redis]}
+
+ ResourceRegistry:
+ type: OS::Heat::Value
+ properties:
+ type: json
+ value:
+ OS::TripleO::DeployedServer::ControlPlanePort: tripleo-heat-templates/deployed-server/deployed-neutron-port.yaml
+ OS::TripleO::Network::Ports::ControlPlaneVipPort: tripleo-heat-templates/deployed-server/deployed-neutron-port.yaml
+
+ DeployedServerEnvironment:
+ type: OS::Heat::Value
+ properties:
+ type: json
+ value:
+ resource_registry:
+ {get_attr: [ResourceRegistry, value]}
+ parameter_defaults:
+ map_merge:
+ - {get_attr: [DeployedServerPortMapParameter, value]}
+ - DeploymentSwiftDataMap: {get_param: DeployedServerDeploymentSwiftDataMap}
+ - EC2MetadataIp: {get_param: DefaultRouteIp}
+ - ControlPlaneDefaultRoute: {get_param: DefaultRouteIp}
+ - {get_param: RoleCounts}
+
+outputs:
+ deployed_server_environment:
+ description:
+ Environment data that can be used as input into the services stack when
+ using split-stack.
+ value: {get_attr: [DeployedServerEnvironment, value]}
TAGS="--tags \"$PUPPET_TAGS\""
fi
- # workaround LP1696283
- mkdir -p /etc/ssh
- touch /etc/ssh/ssh_known_hosts
+ # Create a reference timestamp to easily find all files touched by
+ # puppet. The sync ensures we get all the files we want due to
+ # different timestamp.
+ touch /tmp/the_origin_of_time
+ sync
FACTER_hostname=$HOSTNAME FACTER_uuid=docker /usr/bin/puppet apply --verbose $TAGS /etc/config.pp
# Disables archiving
if [ -z "$NO_ARCHIVE" ]; then
- archivedirs=("/etc" "/root" "/var/lib/ironic/tftpboot" "/var/lib/ironic/httpboot" "/var/www")
+ archivedirs=("/etc" "/root" "/opt" "/var/lib/ironic/tftpboot" "/var/lib/ironic/httpboot" "/var/www" "/var/spool/cron")
rsync_srcs=""
for d in "${archivedirs[@]}"; do
if [ -d "$d" ]; then
# This is useful for debugging
mkdir -p /var/lib/config-data/puppet-generated/${NAME}
rsync -a -R -0 --delay-updates --delete-after \
- --files-from=<(find $rsync_srcs -newer /etc/ssh/ssh_known_hosts -print0) \
+ --files-from=<(find $rsync_srcs -newer /tmp/the_origin_of_time -not -path '/etc/puppet*' -print0) \
/ /var/lib/config-data/puppet-generated/${NAME}
# Write a checksum of the config-data dir, this is used as a
volumes = service[4] if len(service) > 4 else []
if puppet_tags:
- puppet_tags = "file,file_line,concat,augeas,%s" % puppet_tags
+ puppet_tags = "file,file_line,concat,augeas,cron,%s" % puppet_tags
else:
- puppet_tags = "file,file_line,concat,augeas"
+ puppet_tags = "file,file_line,concat,augeas,cron"
process_map.append([config_volume, puppet_tags, manifest, config_image, volumes])
* puppet_tags: Puppet resource tag names that are used to generate config
files with puppet. Only the named config resources are used to generate
a config file. Any service that specifies tags will have the default
- tags of 'file,concat,file_line,augeas' appended to the setting.
+ tags of 'file,concat,file_line,augeas,cron' appended to the setting.
Example: keystone_config
* config_volume: The name of the volume (directory) where config files
kolla_config:
/var/lib/kolla/config_files/aodh_api.json:
command: /usr/sbin/httpd -DFOREGROUND
+ config_files:
+ - source: "/var/lib/kolla/config_files/src/*"
+ dest: "/"
+ merge: true
+ preserve_properties: true
permissions:
- path: /var/log/aodh
owner: aodh:aodh
- {get_attr: [ContainersCommon, volumes]}
-
- /var/lib/kolla/config_files/aodh_api.json:/var/lib/kolla/config_files/config.json:ro
- - /var/lib/config-data/aodh/etc/aodh/:/etc/aodh/:ro
- - /var/lib/config-data/aodh/etc/httpd/conf/:/etc/httpd/conf/:ro
- - /var/lib/config-data/aodh/etc/httpd/conf.d/:/etc/httpd/conf.d/:ro
- - /var/lib/config-data/aodh/etc/httpd/conf.modules.d/:/etc/httpd/conf.modules.d/:ro
- - /var/lib/config-data/aodh/var/www/:/var/www/:ro
+ - /var/lib/config-data/puppet-generated/aodh/:/var/lib/kolla/config_files/src:ro
- /var/log/containers/aodh:/var/log/aodh
-
if:
kolla_config:
/var/lib/kolla/config_files/aodh_evaluator.json:
command: /usr/bin/aodh-evaluator
+ config_files:
+ - source: "/var/lib/kolla/config_files/src/*"
+ dest: "/"
+ merge: true
+ preserve_properties: true
permissions:
- path: /var/log/aodh
owner: aodh:aodh
- {get_attr: [ContainersCommon, volumes]}
-
- /var/lib/kolla/config_files/aodh_evaluator.json:/var/lib/kolla/config_files/config.json:ro
- - /var/lib/config-data/aodh/etc/aodh/:/etc/aodh/:ro
+ - /var/lib/config-data/puppet-generated/aodh/:/var/lib/kolla/config_files/src:ro
- /var/log/containers/aodh:/var/log/aodh
environment:
- KOLLA_CONFIG_STRATEGY=COPY_ALWAYS
kolla_config:
/var/lib/kolla/config_files/aodh_listener.json:
command: /usr/bin/aodh-listener
+ config_files:
+ - source: "/var/lib/kolla/config_files/src/*"
+ dest: "/"
+ merge: true
+ preserve_properties: true
permissions:
- path: /var/log/aodh
owner: aodh:aodh
- {get_attr: [ContainersCommon, volumes]}
-
- /var/lib/kolla/config_files/aodh_listener.json:/var/lib/kolla/config_files/config.json:ro
- - /var/lib/config-data/aodh/etc/aodh/:/etc/aodh/:ro
+ - /var/lib/config-data/puppet-generated/aodh/:/var/lib/kolla/config_files/src:ro
- /var/log/containers/aodh:/var/log/aodh
environment:
- KOLLA_CONFIG_STRATEGY=COPY_ALWAYS
kolla_config:
/var/lib/kolla/config_files/aodh_notifier.json:
command: /usr/bin/aodh-notifier
+ config_files:
+ - source: "/var/lib/kolla/config_files/src/*"
+ dest: "/"
+ merge: true
+ preserve_properties: true
permissions:
- path: /var/log/aodh
owner: aodh:aodh
- {get_attr: [ContainersCommon, volumes]}
-
- /var/lib/kolla/config_files/aodh_notifier.json:/var/lib/kolla/config_files/config.json:ro
- - /var/lib/config-data/aodh/etc/aodh/:/etc/aodh/:ro
+ - /var/lib/config-data/puppet-generated/aodh/:/var/lib/kolla/config_files/src:ro
- /var/log/containers/aodh:/var/log/aodh
environment:
- KOLLA_CONFIG_STRATEGY=COPY_ALWAYS
kolla_config:
/var/lib/kolla/config_files/ceilometer_agent_central.json:
command: /usr/bin/ceilometer-polling --polling-namespaces central
+ config_files:
+ - source: "/var/lib/kolla/config_files/src/*"
+ dest: "/"
+ merge: true
+ preserve_properties: true
docker_config:
step_3:
ceilometer_init_log:
- {get_attr: [ContainersCommon, volumes]}
-
- /var/lib/kolla/config_files/ceilometer_agent_central.json:/var/lib/kolla/config_files/config.json:ro
- - /var/lib/config-data/ceilometer/etc/ceilometer/:/etc/ceilometer/:ro
+ - /var/lib/config-data/puppet-generated/ceilometer/:/var/lib/kolla/config_files/src:ro
environment:
- KOLLA_CONFIG_STRATEGY=COPY_ALWAYS
step_5:
kolla_config:
/var/lib/kolla/config_files/ceilometer_agent_compute.json:
command: /usr/bin/ceilometer-polling --polling-namespaces compute
+ config_files:
+ - source: "/var/lib/kolla/config_files/src/*"
+ dest: "/"
+ merge: true
+ preserve_properties: true
docker_config:
step_4:
ceilometer_agent_compute:
- {get_attr: [ContainersCommon, volumes]}
-
- /var/lib/kolla/config_files/ceilometer_agent_compute.json:/var/lib/kolla/config_files/config.json:ro
- - /var/lib/config-data/ceilometer/etc/ceilometer/:/etc/ceilometer/:ro
+ - /var/lib/config-data/puppet-generated/ceilometer/:/var/lib/kolla/config_files/src:ro
- /var/run/libvirt:/var/run/libvirt:ro
environment:
- KOLLA_CONFIG_STRATEGY=COPY_ALWAYS
kolla_config:
/var/lib/kolla/config_files/ceilometer-agent-ipmi.json:
command: /usr/bin/ceilometer-polling --polling-namespaces ipmi
+ config_files:
+ - source: "/var/lib/kolla/config_files/src/*"
+ dest: "/"
+ merge: true
+ preserve_properties: true
docker_config:
step_3:
ceilometer_init_log:
- {get_attr: [ContainersCommon, volumes]}
-
- /var/lib/kolla/config_files/ceilometer-agent-ipmi.json:/var/lib/kolla/config_files/config.json:ro
- - /var/lib/config-data/ceilometer/etc/ceilometer/:/etc/ceilometer/:ro
+ - /var/lib/config-data/puppet-generated/ceilometer/:/var/lib/kolla/config_files/src:ro
environment:
- KOLLA_CONFIG_STRATEGY=COPY_ALWAYS
upgrade_tasks:
kolla_config:
/var/lib/kolla/config_files/ceilometer_agent_notification.json:
command: /usr/bin/ceilometer-agent-notification
+ config_files:
+ - source: "/var/lib/kolla/config_files/src/*"
+ dest: "/"
+ merge: true
+ preserve_properties: true
docker_config:
step_3:
ceilometer_init_log:
- {get_attr: [ContainersCommon, volumes]}
-
- /var/lib/kolla/config_files/ceilometer_agent_notification.json:/var/lib/kolla/config_files/config.json:ro
- - /var/lib/config-data/ceilometer/etc/ceilometer/:/etc/ceilometer/:ro
+ - /var/lib/config-data/puppet-generated/ceilometer/:/var/lib/kolla/config_files/src:ro
environment:
- KOLLA_CONFIG_STRATEGY=COPY_ALWAYS
upgrade_tasks:
kolla_config:
/var/lib/kolla/config_files/cinder_api.json:
command: /usr/sbin/httpd -DFOREGROUND
+ config_files:
+ - source: "/var/lib/kolla/config_files/src/*"
+ dest: "/"
+ merge: true
+ preserve_properties: true
permissions:
- path: /var/log/cinder
owner: cinder:cinder
- {get_attr: [ContainersCommon, volumes]}
-
- /var/lib/kolla/config_files/cinder_api.json:/var/lib/kolla/config_files/config.json:ro
- - /var/lib/config-data/cinder/etc/cinder/:/etc/cinder/:ro
- - /var/lib/config-data/cinder/etc/httpd/:/etc/httpd/:ro
- - /var/lib/config-data/cinder/var/www/:/var/www/:ro
+ - /var/lib/config-data/puppet-generated/cinder/:/var/lib/kolla/config_files/src:ro
- /var/log/containers/cinder:/var/log/cinder
-
if:
kolla_config:
/var/lib/kolla/config_files/cinder_backup.json:
command: /usr/bin/cinder-backup --config-file /usr/share/cinder/cinder-dist.conf --config-file /etc/cinder/cinder.conf
+ config_files:
+ # NOTE(mandre): the copy of ceph conf will need to go once we
+ # generate a ceph.conf for cinder in puppet
+ # Copy ceph config files before cinder ones as a precaution, for
+ # the later one to take precendence in case of duplicate files.
+ - source: "/var/lib/kolla/config_files/src-ceph/*"
+ dest: "/"
+ merge: true
+ preserve_properties: true
+ - source: "/var/lib/kolla/config_files/src/*"
+ dest: "/"
+ merge: true
+ preserve_properties: true
permissions:
- path: /var/lib/cinder
owner: cinder:cinder
- {get_attr: [ContainersCommon, volumes]}
-
- /var/lib/kolla/config_files/cinder_backup.json:/var/lib/kolla/config_files/config.json:ro
- - /var/lib/config-data/cinder/etc/cinder/:/etc/cinder/:ro
- - /var/lib/config-data/ceph/etc/ceph/:/etc/ceph/:ro #FIXME: we need to generate a ceph.conf with puppet for this
+ - /var/lib/config-data/puppet-generated/cinder/:/var/lib/kolla/config_files/src:ro
+ # FIXME: we need to generate a ceph.conf with puppet for this
+ - /var/lib/config-data/puppet-generated/ceph/:/var/lib/kolla/config_files/src-ceph:ro
- /dev/:/dev/
- /run/:/run/
- /sys:/sys
kolla_config:
/var/lib/kolla/config_files/cinder_scheduler.json:
command: /usr/bin/cinder-scheduler --config-file /usr/share/cinder/cinder-dist.conf --config-file /etc/cinder/cinder.conf
+ config_files:
+ - source: "/var/lib/kolla/config_files/src/*"
+ dest: "/"
+ merge: true
+ preserve_properties: true
permissions:
- path: /var/log/cinder
owner: cinder:cinder
- {get_attr: [ContainersCommon, volumes]}
-
- /var/lib/kolla/config_files/cinder_scheduler.json:/var/lib/kolla/config_files/config.json:ro
- - /var/lib/config-data/cinder/etc/cinder/:/etc/cinder/:ro
+ - /var/lib/config-data/puppet-generated/cinder/:/var/lib/kolla/config_files/src:ro
- /var/log/containers/cinder:/var/log/cinder
environment:
- KOLLA_CONFIG_STRATEGY=COPY_ALWAYS
kolla_config:
/var/lib/kolla/config_files/cinder_volume.json:
command: /usr/bin/cinder-volume --config-file /usr/share/cinder/cinder-dist.conf --config-file /etc/cinder/cinder.conf
+ config_files:
+ # NOTE(mandre): the copy of ceph conf will need to go once we
+ # generate a ceph.conf for cinder in puppet
+ # Copy ceph config files before cinder ones as a precaution, for
+ # the later one to take precendence in case of duplicate files.
+ - source: "/var/lib/kolla/config_files/src-ceph/*"
+ dest: "/"
+ merge: true
+ preserve_properties: true
+ - source: "/var/lib/kolla/config_files/src/*"
+ dest: "/"
+ merge: true
+ preserve_properties: true
permissions:
- path: /var/log/cinder
owner: cinder:cinder
- {get_attr: [ContainersCommon, volumes]}
-
- /var/lib/kolla/config_files/cinder_volume.json:/var/lib/kolla/config_files/config.json:ro
- - /var/lib/config-data/cinder/etc/cinder/:/etc/cinder/:ro
- - /var/lib/config-data/ceph/etc/ceph/:/etc/ceph/:ro #FIXME: we need to generate a ceph.conf with puppet for this
+ - /var/lib/config-data/puppet-generated/cinder/:/var/lib/kolla/config_files/src:ro
+ # FIXME: we need to generate a ceph.conf with puppet for this
+ - /var/lib/config-data/puppet-generated/ceph/:/var/lib/kolla/config_files/src-ceph:ro
- /dev/:/dev/
- /run/:/run/
- /sys:/sys
kolla_config:
/var/lib/kolla/config_files/collectd.json:
command: /usr/sbin/collectd -f
+ config_files:
+ - source: "/var/lib/kolla/config_files/src/*"
+ dest: "/"
+ merge: true
+ preserve_properties: true
permissions:
- path: /var/log/collectd
owner: collectd:collectd
-
- /var/run/docker.sock:/var/run/docker.sock:rw
- /var/lib/kolla/config_files/collectd.json:/var/lib/kolla/config_files/config.json:ro
- - /var/lib/config-data/collectd/etc/collectd.conf:/etc/collectd.conf:ro
- - /var/lib/config-data/collectd/etc/collectd.d:/etc/collectd.d:ro
- - /var/log/containers/collectd:/var/log/collectd:rw
+ - /var/lib/config-data/puppet-generated/collectd/:/var/lib/kolla/config_files/src:ro
environment:
- KOLLA_CONFIG_STRATEGY=COPY_ALWAYS
host_prep_tasks:
ContainersCommon:
type: ./containers-common.yaml
- CongressApiBase:
+ CongressBase:
type: ../../puppet/services/congress.yaml
properties:
EndpointMap: {get_param: EndpointMap}
role_data:
description: Role data for the Congress API role.
value:
- service_name: {get_attr: [CongressApiBase, role_data, service_name]}
+ service_name: {get_attr: [CongressBase, role_data, service_name]}
config_settings:
map_merge:
- - get_attr: [CongressApiBase, role_data, config_settings]
+ - get_attr: [CongressBase, role_data, config_settings]
step_config: &step_config
- get_attr: [CongressApiBase, role_data, step_config]
- service_config_settings: {get_attr: [CongressApiBase, role_data, service_config_settings]}
+ get_attr: [CongressBase, role_data, step_config]
+ service_config_settings: {get_attr: [CongressBase, role_data, service_config_settings]}
# BEGIN DOCKER SETTINGS
puppet_config:
config_volume: congress
kolla_config:
/var/lib/kolla/config_files/congress_api.json:
command: /usr/bin/congress-server --config-file=/etc/congress/congress.conf --log-file=/var/log/congress/api.log
+ config_files:
+ - source: "/var/lib/kolla/config_files/src/*"
+ dest: "/"
+ merge: true
+ preserve_properties: true
permissions:
- path: /var/log/congress
owner: congress:congress
list_concat:
- {get_attr: [ContainersCommon, volumes]}
-
- - /var/lib/config-data/congress/etc/:/etc/:ro
+ # FIXME(mandre) mounting /etc rw to workaround LP1696283
+ # This should go away anyway and mount the exact files it
+ # needs or use kolla set_configs.py
+ - /var/lib/config-data/congress/etc/:/etc/
- /var/log/containers/congress:/var/log/congress
command: "/usr/bin/bootstrap_host_exec congress su congress -s /bin/bash -c 'congress-db-manage --config-file /etc/congress/congress.conf upgrade head'"
step_4:
- {get_attr: [ContainersCommon, volumes]}
-
- /var/lib/kolla/config_files/congress_api.json:/var/lib/kolla/config_files/config.json:ro
- - /var/lib/config-data/congress/etc/congress/:/etc/congress/:ro
+ - /var/lib/config-data/puppet-generated/congress/:/var/lib/kolla/config_files/src:ro
- /var/log/containers/congress:/var/log/congress
environment:
- KOLLA_CONFIG_STRATEGY=COPY_ALWAYS
kolla_config:
/var/lib/kolla/config_files/mongodb.json:
command: /usr/bin/mongod --unixSocketPrefix=/var/run/mongodb --config /etc/mongod.conf run
+ config_files:
+ - source: "/var/lib/kolla/config_files/src/*"
+ dest: "/"
+ merge: true
+ preserve_properties: true
permissions:
- path: /var/lib/mongodb
owner: mongodb:mongodb
privileged: false
volumes: &mongodb_volumes
- /var/lib/kolla/config_files/mongodb.json:/var/lib/kolla/config_files/config.json
- - /var/lib/config-data/mongodb/etc/mongod.conf:/etc/mongod.conf:ro
- - /var/lib/config-data/mongodb/etc/mongos.conf:/etc/mongos.conf:ro
+ - /var/lib/config-data/puppet-generated/mongodb/:/var/lib/kolla/config_files/src:ro
- /etc/localtime:/etc/localtime:ro
- /var/log/containers/mongodb:/var/log/mongodb
- /var/lib/mongodb:/var/lib/mongodb
kolla_config:
/var/lib/kolla/config_files/mysql.json:
command: /usr/bin/mysqld_safe
+ config_files:
+ - source: "/var/lib/kolla/config_files/src/*"
+ dest: "/"
+ merge: true
+ preserve_properties: true
permissions:
- path: /var/lib/mysql
owner: mysql:mysql
command: ['bash', '-c', 'test -e /var/lib/mysql/mysql || kolla_start']
volumes: &mysql_volumes
- /var/lib/kolla/config_files/mysql.json:/var/lib/kolla/config_files/config.json
- - /var/lib/config-data/mysql/etc/my.cnf.d:/etc/my.cnf.d:ro
+ - /var/lib/config-data/puppet-generated/mysql/:/var/lib/kolla/config_files/src:ro
- /etc/localtime:/etc/localtime:ro
- /etc/hosts:/etc/hosts:ro
- /var/lib/mysql:/var/lib/mysql
kolla_config:
/var/lib/kolla/config_files/redis.json:
command: /usr/bin/redis-server /etc/redis.conf
+ config_files:
+ - source: "/var/lib/kolla/config_files/src/*"
+ dest: "/"
+ merge: true
+ preserve_properties: true
permissions:
- path: /var/run/redis
owner: redis:redis
volumes:
- /run:/run
- /var/lib/kolla/config_files/redis.json:/var/lib/kolla/config_files/config.json:ro
- - /var/lib/config-data/redis/etc/redis.conf:/etc/redis.conf:ro
+ - /var/lib/config-data/puppet-generated/redis/:/var/lib/kolla/config_files/src:ro
- /etc/localtime:/etc/localtime:ro
- /var/log/containers/redis:/var/log/redis
environment:
kolla_config:
/var/lib/kolla/config_files/ec2_api.json:
command: /usr/bin/ec2-api
+ config_files:
+ - source: "/var/lib/kolla/config_files/src/*"
+ dest: "/"
+ merge: true
+ preserve_properties: true
permissions:
- path: /var/log/ec2api
owner: ec2api:ec2api
recurse: true
/var/lib/kolla/config_files/ec2_api_metadata.json:
command: /usr/bin/ec2-api-metadata
+ config_files:
+ - source: "/var/lib/kolla/config_files/src/*"
+ dest: "/"
+ merge: true
+ preserve_properties: true
permissions:
- path: /var/log/ec2api # default log dir for metadata service as well
owner: ec2api:ec2api
- {get_attr: [ContainersCommon, volumes]}
-
- /var/lib/kolla/config_files/ec2_api.json:/var/lib/kolla/config_files/config.json:ro
- - /var/lib/config-data/ec2_api/etc/ec2api/:/etc/ec2api/:ro
+ - /var/lib/config-data/puppet-generated/ec2_api/:/var/lib/kolla/config_files/src:ro
- /var/log/containers/ec2_api:/var/log/ec2api
environment:
- KOLLA_CONFIG_STRATEGY=COPY_ALWAYS
- {get_attr: [ContainersCommon, volumes]}
-
- /var/lib/kolla/config_files/ec2_api_metadata.json:/var/lib/kolla/config_files/config.json:ro
- - /var/lib/config-data/ec2_api/etc/ec2api/:/etc/ec2api/:ro
+ - /var/lib/config-data/puppet-generated/ec2_api/:/var/lib/kolla/config_files/src:ro
- /var/log/containers/ec2_api_metadata:/var/log/ec2api
environment:
- KOLLA_CONFIG_STRATEGY=COPY_ALWAYS
kolla_config:
/var/lib/kolla/config_files/etcd.json:
command: /usr/bin/etcd --config-file /etc/etcd/etcd.yml
+ config_files:
+ - source: "/var/lib/kolla/config_files/src/*"
+ dest: "/"
+ merge: true
+ preserve_properties: true
permissions:
- path: /var/lib/etcd
owner: etcd:etcd
- /var/lib/etcd:/var/lib/etcd
- /etc/localtime:/etc/localtime:ro
- /var/lib/kolla/config_files/etcd.json:/var/lib/kolla/config_files/config.json:ro
- - /var/lib/config-data/etcd/etc/etcd/etcd.yml:/etc/etcd/etcd.yml:ro
+ - /var/lib/config-data/puppet-generated/etcd/:/var/lib/kolla/config_files/src:ro
environment:
- KOLLA_CONFIG_STRATEGY=COPY_ALWAYS
docker_puppet_tasks:
kolla_config:
/var/lib/kolla/config_files/glance_api.json:
command: /usr/bin/glance-api --config-file /usr/share/glance/glance-api-dist.conf --config-file /etc/glance/glance-api.conf
+ config_files:
+ - source: "/var/lib/kolla/config_files/src/*"
+ dest: "/"
+ merge: true
+ preserve_properties: true
/var/lib/kolla/config_files/glance_api_tls_proxy.json:
command: /usr/sbin/httpd -DFOREGROUND
+ config_files:
+ - source: "/var/lib/kolla/config_files/src/*"
+ dest: "/"
+ merge: true
+ preserve_properties: true
docker_config:
# Kolla_bootstrap/db_sync runs before permissions set by kolla_config
step_2:
- {get_attr: [ContainersCommon, volumes]}
-
- /var/lib/kolla/config_files/glance_api.json:/var/lib/kolla/config_files/config.json
- - /var/lib/config-data/glance_api/etc/glance/:/etc/glance/:ro
+ - /var/lib/config-data/puppet-generated/glance_api/:/var/lib/kolla/config_files/src:ro
- /var/log/containers/glance:/var/log/glance
environment:
- KOLLA_BOOTSTRAP=True
- {get_attr: [ContainersCommon, volumes]}
-
- /var/lib/kolla/config_files/glance_api_tls_proxy.json:/var/lib/kolla/config_files/config.json:ro
- - /var/lib/config-data/glance_api/etc/httpd/conf/:/etc/httpd/conf/:ro
- - /var/lib/config-data/glance_api/etc/httpd/conf.d/:/etc/httpd/conf.d/:ro
- - /var/lib/config-data/glance_api/etc/httpd/conf.modules.d/:/etc/httpd/conf.modules.d/:ro
+ - /var/lib/config-data/puppet-generated/glance_api/:/var/lib/kolla/config_files/src:ro
- /etc/pki/tls/certs/httpd:/etc/pki/tls/certs/httpd:ro
- /etc/pki/tls/private/httpd:/etc/pki/tls/private/httpd:ro
environment:
kolla_config:
/var/lib/kolla/config_files/gnocchi_api.json:
command: /usr/sbin/httpd -DFOREGROUND
+ config_files:
+ - source: "/var/lib/kolla/config_files/src/*"
+ dest: "/"
+ merge: true
+ preserve_properties: true
permissions:
- path: /var/log/gnocchi
owner: gnocchi:gnocchi
- {get_attr: [ContainersCommon, volumes]}
-
- /var/lib/kolla/config_files/gnocchi_api.json:/var/lib/kolla/config_files/config.json:ro
- - /var/lib/config-data/gnocchi/etc/gnocchi/:/etc/gnocchi/:ro
- - /var/lib/config-data/gnocchi/etc/httpd/conf/:/etc/httpd/conf/:ro
- - /var/lib/config-data/gnocchi/etc/httpd/conf.d/:/etc/httpd/conf.d/:ro
- - /var/lib/config-data/gnocchi/etc/httpd/conf.modules.d/:/etc/httpd/conf.modules.d/:ro
- - /var/lib/config-data/gnocchi/var/www/:/var/www/:ro
+ - /var/lib/config-data/puppet-generated/gnocchi/:/var/lib/kolla/config_files/src:ro
- /var/log/containers/gnocchi:/var/log/gnocchi
-
if:
kolla_config:
/var/lib/kolla/config_files/gnocchi_metricd.json:
command: /usr/bin/gnocchi-metricd
+ config_files:
+ - source: "/var/lib/kolla/config_files/src/*"
+ dest: "/"
+ merge: true
+ preserve_properties: true
permissions:
- path: /var/log/gnocchi
owner: gnocchi:gnocchi
- {get_attr: [ContainersCommon, volumes]}
-
- /var/lib/kolla/config_files/gnocchi_metricd.json:/var/lib/kolla/config_files/config.json:ro
- - /var/lib/config-data/gnocchi/etc/gnocchi/:/etc/gnocchi/:ro
+ - /var/lib/config-data/puppet-generated/gnocchi/:/var/lib/kolla/config_files/src:ro
- /var/log/containers/gnocchi:/var/log/gnocchi
environment:
- KOLLA_CONFIG_STRATEGY=COPY_ALWAYS
kolla_config:
/var/lib/kolla/config_files/gnocchi_statsd.json:
command: /usr/bin/gnocchi-statsd
+ config_files:
+ - source: "/var/lib/kolla/config_files/src/*"
+ dest: "/"
+ merge: true
+ preserve_properties: true
permissions:
- path: /var/log/gnocchi
owner: gnocchi:gnocchi
- {get_attr: [ContainersCommon, volumes]}
-
- /var/lib/kolla/config_files/gnocchi_statsd.json:/var/lib/kolla/config_files/config.json:ro
- - /var/lib/config-data/gnocchi/etc/gnocchi/:/etc/gnocchi/:ro
+ - /var/lib/config-data/puppet-generated/gnocchi/:/var/lib/kolla/config_files/src:ro
- /var/log/containers/gnocchi:/var/log/gnocchi
environment:
- KOLLA_CONFIG_STRATEGY=COPY_ALWAYS
default: /dev/log
description: Syslog address where HAproxy will send its log
type: string
+ DeployedSSLCertificatePath:
+ default: '/etc/pki/tls/private/overcloud_endpoint.pem'
+ description: >
+ The filepath of the certificate as it will be stored in the controller.
+ type: string
RedisPassword:
description: The password for Redis
type: string
list_join:
- '/'
- [ {get_param: DockerNamespace}, {get_param: DockerHAProxyConfigImage} ]
+ volumes: &deployed_cert_mount
+ - list_join:
+ - ':'
+ - - {get_param: DeployedSSLCertificatePath}
+ - {get_param: DeployedSSLCertificatePath}
+ - 'ro'
kolla_config:
/var/lib/kolla/config_files/haproxy.json:
command: haproxy -f /etc/haproxy/haproxy.cfg
+ config_files:
+ - source: "/var/lib/kolla/config_files/src/*"
+ dest: "/"
+ merge: true
+ preserve_properties: true
docker_config:
step_1:
haproxy:
volumes:
list_concat:
- {get_attr: [ContainersCommon, volumes]}
+ - *deployed_cert_mount
-
- /var/lib/kolla/config_files/haproxy.json:/var/lib/kolla/config_files/config.json:ro
- - /var/lib/config-data/haproxy/etc/:/etc/:ro
+ - /var/lib/config-data/puppet-generated/haproxy/:/var/lib/kolla/config_files/src:ro
environment:
- KOLLA_CONFIG_STRATEGY=COPY_ALWAYS
metadata_settings:
kolla_config:
/var/lib/kolla/config_files/heat_api_cfn.json:
command: /usr/sbin/httpd -DFOREGROUND
+ config_files:
+ - source: "/var/lib/kolla/config_files/src/*"
+ dest: "/"
+ merge: true
+ preserve_properties: true
permissions:
- path: /var/log/heat
owner: heat:heat
- {get_attr: [ContainersCommon, volumes]}
-
- /var/lib/kolla/config_files/heat_api_cfn.json:/var/lib/kolla/config_files/config.json:ro
- - /var/lib/config-data/heat_api_cfn/etc/heat/:/etc/heat/:ro
- - /var/lib/config-data/heat_api_cfn/etc/httpd/conf/:/etc/httpd/conf/:ro
- - /var/lib/config-data/heat_api_cfn/etc/httpd/conf.d/:/etc/httpd/conf.d/:ro
- - /var/lib/config-data/heat_api_cfn/etc/httpd/conf.modules.d/:/etc/httpd/conf.modules.d/:ro
- - /var/lib/config-data/heat_api_cfn/var/www/:/var/www/:ro
+ - /var/lib/config-data/puppet-generated/heat_api_cfn/:/var/lib/kolla/config_files/src:ro
- /var/log/containers/heat:/var/log/heat
-
if:
kolla_config:
/var/lib/kolla/config_files/heat_api.json:
command: /usr/sbin/httpd -DFOREGROUND
+ config_files:
+ - source: "/var/lib/kolla/config_files/src/*"
+ dest: "/"
+ merge: true
+ preserve_properties: true
permissions:
- path: /var/log/heat
owner: heat:heat
- {get_attr: [ContainersCommon, volumes]}
-
- /var/lib/kolla/config_files/heat_api.json:/var/lib/kolla/config_files/config.json:ro
- - /var/lib/config-data/heat_api/etc/heat/:/etc/heat/:ro
- - /var/lib/config-data/heat_api/etc/httpd/conf/:/etc/httpd/conf/:ro
- - /var/lib/config-data/heat_api/etc/httpd/conf.d/:/etc/httpd/conf.d/:ro
- - /var/lib/config-data/heat_api/etc/httpd/conf.modules.d/:/etc/httpd/conf.modules.d/:ro
- - /var/lib/config-data/heat_api/var/www/:/var/www/:ro
+ - /var/lib/config-data/puppet-generated/heat_api/:/var/lib/kolla/config_files/src:ro
- /var/log/containers/heat:/var/log/heat
-
if:
kolla_config:
/var/lib/kolla/config_files/heat_engine.json:
command: /usr/bin/heat-engine --config-file /usr/share/heat/heat-dist.conf --config-file /etc/heat/heat.conf
+ config_files:
+ - source: "/var/lib/kolla/config_files/src/*"
+ dest: "/"
+ merge: true
+ preserve_properties: true
permissions:
- path: /var/log/heat
owner: heat:heat
- {get_attr: [ContainersCommon, volumes]}
-
- /var/lib/kolla/config_files/heat_engine.json:/var/lib/kolla/config_files/config.json:ro
- - /var/lib/config-data/heat/etc/heat/:/etc/heat/:ro
+ - /var/lib/config-data/puppet-generated/heat/:/var/lib/kolla/config_files/src:ro
- /var/log/containers/heat:/var/log/heat
environment:
- KOLLA_CONFIG_STRATEGY=COPY_ALWAYS
kolla_config:
/var/lib/kolla/config_files/horizon.json:
command: /usr/sbin/httpd -DFOREGROUND
+ config_files:
+ - source: "/var/lib/kolla/config_files/src/*"
+ dest: "/"
+ merge: true
+ preserve_properties: true
permissions:
- path: /var/log/horizon/
owner: apache:apache
- {get_attr: [ContainersCommon, volumes]}
-
- /var/lib/kolla/config_files/horizon.json:/var/lib/kolla/config_files/config.json:ro
- - /var/lib/config-data/horizon/etc/httpd:/etc/httpd:ro
- - /var/lib/config-data/horizon/etc/openstack-dashboard:/etc/openstack-dashboard:ro
+ - /var/lib/config-data/puppet-generated/horizon/:/var/lib/kolla/config_files/src:ro
- /var/log/containers/horizon:/var/log/horizon
environment:
- KOLLA_CONFIG_STRATEGY=COPY_ALWAYS
description: image
default: 'centos-binary-ironic-api:latest'
type: string
- DockerIronicConfigImage:
- description: The container image to use for the ironic config_volume
- default: 'centos-binary-ironic-pxe:latest'
+ DockerIronicApiConfigImage:
+ description: The container image to use for the ironic_api config_volume
+ default: 'centos-binary-ironic-api:latest'
type: string
EndpointMap:
default: {}
service_config_settings: {get_attr: [IronicApiBase, role_data, service_config_settings]}
# BEGIN DOCKER SETTINGS
puppet_config:
- config_volume: ironic
+ config_volume: ironic_api
puppet_tags: ironic_config
step_config: *step_config
config_image:
list_join:
- '/'
- - [ {get_param: DockerNamespace}, {get_param: DockerIronicConfigImage} ]
+ - [ {get_param: DockerNamespace}, {get_param: DockerIronicApiConfigImage} ]
kolla_config:
/var/lib/kolla/config_files/ironic_api.json:
command: /usr/sbin/httpd -DFOREGROUND
+ config_files:
+ - source: "/var/lib/kolla/config_files/src/*"
+ dest: "/"
+ merge: true
+ preserve_properties: true
permissions:
- path: /var/log/ironic
owner: ironic:ironic
list_concat:
- {get_attr: [ContainersCommon, volumes]}
-
- - /var/lib/config-data/ironic/etc/ironic:/etc/ironic:ro
+ - /var/lib/config-data/ironic_api/etc/ironic:/etc/ironic:ro
- /var/log/containers/ironic:/var/log/ironic
command: "/usr/bin/bootstrap_host_exec ironic_api su ironic -s /bin/bash -c 'ironic-dbsync --config-file /etc/ironic/ironic.conf'"
step_4:
- {get_attr: [ContainersCommon, volumes]}
-
- /var/lib/kolla/config_files/ironic_api.json:/var/lib/kolla/config_files/config.json:ro
- - /var/lib/config-data/ironic/etc/ironic:/etc/ironic:ro
- - /var/lib/config-data/ironic/etc/httpd/conf/:/etc/httpd/conf/:ro
- - /var/lib/config-data/ironic/etc/httpd/conf.d/:/etc/httpd/conf.d/:ro
- - /var/lib/config-data/ironic/etc/httpd/conf.modules.d/:/etc/httpd/conf.modules.d/:ro
- - /var/lib/config-data/ironic/var/www/:/var/www/:ro
+ - /var/lib/config-data/puppet-generated/ironic_api/:/var/lib/kolla/config_files/src:ro
- /var/log/containers/ironic:/var/log/ironic
environment:
- KOLLA_CONFIG_STRATEGY=COPY_ALWAYS
kolla_config:
/var/lib/kolla/config_files/ironic_conductor.json:
command: /usr/bin/ironic-conductor
+ config_files:
+ - source: "/var/lib/kolla/config_files/src/*"
+ dest: "/"
+ merge: true
+ preserve_properties: true
permissions:
- path: /var/lib/ironic
owner: ironic:ironic
- {get_attr: [ContainersCommon, volumes]}
-
- /var/lib/kolla/config_files/ironic_conductor.json:/var/lib/kolla/config_files/config.json:ro
- - /var/lib/config-data/ironic/etc/ironic/:/etc/ironic/:ro
+ - /var/lib/config-data/puppet-generated/ironic/:/var/lib/kolla/config_files/src:ro
- /lib/modules:/lib/modules:ro
- /sys:/sys
- /dev:/dev
kolla_config:
/var/lib/kolla/config_files/ironic_pxe_http.json:
command: /usr/sbin/httpd -DFOREGROUND
+ config_files:
+ - source: "/var/lib/kolla/config_files/src/*"
+ dest: "/"
+ merge: true
+ preserve_properties: true
/var/lib/kolla/config_files/ironic_pxe_tftp.json:
command: /usr/sbin/in.tftpd --foreground --user root --address 0.0.0.0:69 --map-file /var/lib/ironic/tftpboot/map-file /var/lib/ironic/tftpboot
+ config_files:
+ - source: "/var/lib/kolla/config_files/src/*"
+ dest: "/"
+ merge: true
+ preserve_properties: true
permissions:
- path: /var/log/ironic
owner: ironic:ironic
- {get_attr: [ContainersCommon, volumes]}
-
- /var/lib/kolla/config_files/ironic_pxe_tftp.json:/var/lib/kolla/config_files/config.json:ro
- - /var/lib/config-data/ironic/etc/ironic/:/etc/ironic/:ro
- # TODO(mandre) check how docker like mounting in a bind-mounted tree
- # This directory may contain migrated data from BM
+ - /var/lib/config-data/puppet-generated/ironic/:/var/lib/kolla/config_files/src:ro
- /var/lib/ironic:/var/lib/ironic/
- # These files were generated by puppet inside the config container
- # TODO(mandre) check the mount permission (ro/rw)
- - /var/lib/config-data/ironic/var/lib/ironic/tftpboot/chain.c32:/var/lib/ironic/tftpboot/chain.c32
- - /var/lib/config-data/ironic/var/lib/ironic/tftpboot/pxelinux.0:/var/lib/ironic/tftpboot/pxelinux.0
- - /var/lib/config-data/ironic/var/lib/ironic/tftpboot/ipxe.efi:/var/lib/ironic/tftpboot/ipxe.efi
- - /var/lib/config-data/ironic/var/lib/ironic/tftpboot/undionly.kpxe:/var/lib/ironic/tftpboot/undionly.kpxe
- - /var/lib/config-data/ironic/var/lib/ironic/tftpboot/map-file:/var/lib/ironic/tftpboot/map-file
- /dev/log:/dev/log
- /var/log/containers/ironic:/var/log/ironic
environment:
- {get_attr: [ContainersCommon, volumes]}
-
- /var/lib/kolla/config_files/ironic_pxe_http.json:/var/lib/kolla/config_files/config.json:ro
- - /var/lib/config-data/ironic/etc/ironic/:/etc/ironic/:ro
- - /var/lib/config-data/ironic/etc/httpd/conf/:/etc/httpd/conf/:ro
- - /var/lib/config-data/ironic/etc/httpd/conf.d/:/etc/httpd/conf.d/:ro
- - /var/lib/config-data/ironic/etc/httpd/conf.modules.d/:/etc/httpd/conf.modules.d/:ro
- - /var/lib/config-data/ironic/var/www/:/var/www/:ro
+ - /var/lib/config-data/puppet-generated/ironic/:/var/lib/kolla/config_files/src:ro
- /var/lib/ironic:/var/lib/ironic/
- /var/log/containers/ironic:/var/log/ironic
environment:
when: stat_iscsid_socket.stat.exists
upgrade_tasks:
- name: stat /lib/systemd/system/iscsid.service
+ tags: step2
stat: path=/lib/systemd/system/iscsid.service
register: stat_iscsid_service
- name: Stop and disable iscsid service
service: name=iscsid state=stopped enabled=no
when: stat_iscsid_service.stat.exists
- name: stat /lib/systemd/system/iscsid.socket
+ tags: step2
stat: path=/lib/systemd/system/iscsid.socket
register: stat_iscsid_socket
- name: Stop and disable iscsid.socket service
kolla_config:
/var/lib/kolla/config_files/keystone.json:
command: /usr/sbin/httpd -DFOREGROUND
+ config_files:
+ - source: "/var/lib/kolla/config_files/src/*"
+ dest: "/"
+ merge: true
+ preserve_properties: true
docker_config:
# Kolla_bootstrap/db sync runs before permissions set by kolla_config
step_2:
- {get_attr: [ContainersCommon, volumes]}
-
- /var/lib/kolla/config_files/keystone.json:/var/lib/kolla/config_files/config.json:ro
- - /var/lib/config-data/keystone/var/www/:/var/www/:ro
- - /var/lib/config-data/keystone/etc/keystone/:/etc/keystone/:ro
- - /var/lib/config-data/keystone/etc/httpd/conf/:/etc/httpd/conf/:ro
- - /var/lib/config-data/keystone/etc/httpd/conf.d/:/etc/httpd/conf.d/:ro
- - /var/lib/config-data/keystone/etc/httpd/conf.modules.d/:/etc/httpd/conf.modules.d/:ro
+ - /var/lib/config-data/puppet-generated/keystone/:/var/lib/kolla/config_files/src:ro
- /var/log/containers/keystone:/var/log/keystone
-
if:
kolla_config:
/var/lib/kolla/config_files/manila_api.json:
command: /usr/bin/manila-api --config-file /usr/share/manila/manila-dist.conf --config-file /etc/manila/manila.conf
+ config_files:
+ - source: "/var/lib/kolla/config_files/src/*"
+ dest: "/"
+ merge: true
+ preserve_properties: true
permissions:
- path: /var/log/manila
owner: manila:manila
- {get_attr: [ContainersCommon, volumes]}
-
- /var/lib/kolla/config_files/manila_api.json:/var/lib/kolla/config_files/config.json:ro
- - /var/lib/config-data/manila/etc/manila/:/etc/manila/:ro
+ - /var/lib/config-data/puppet-generated/manila/:/var/lib/kolla/config_files/src:ro
- /var/log/containers/manila:/var/log/manila
environment:
- KOLLA_CONFIG_STRATEGY=COPY_ALWAYS
kolla_config:
/var/lib/kolla/config_files/manila_scheduler.json:
command: /usr/bin/manila-scheduler --config-file /usr/share/manila/manila-dist.conf --config-file /etc/manila/manila.conf
+ config_files:
+ - source: "/var/lib/kolla/config_files/src/*"
+ dest: "/"
+ merge: true
+ preserve_properties: true
permissions:
- path: /var/log/manila
owner: manila:manila
- {get_attr: [ContainersCommon, volumes]}
-
- /var/lib/kolla/config_files/manila_scheduler.json:/var/lib/kolla/config_files/config.json:ro
- - /var/lib/config-data/manila/etc/manila/:/etc/manila/:ro
+ - /var/lib/config-data/puppet-generated/manila/:/var/lib/kolla/config_files/src:ro
- /var/log/containers/manila:/var/log/manila
environment:
- KOLLA_CONFIG_STRATEGY=COPY_ALWAYS
--- /dev/null
+heat_template_version: pike
+
+description: >
+ OpenStack containerized Manila Share service
+
+parameters:
+ DockerNamespace:
+ description: namespace
+ default: 'tripleoupstream'
+ type: string
+ DockerManilaShareImage:
+ description: image
+ default: 'centos-binary-manila-share:latest'
+ type: string
+ DockerManilaConfigImage:
+ description: image
+ default: 'centos-binary-manila-base:latest'
+ type: string
+ EndpointMap:
+ default: {}
+ description: Mapping of service endpoint -> protocol. Typically set
+ via parameter_defaults in the resource registry.
+ type: json
+ ServiceNetMap:
+ default: {}
+ description: Mapping of service_name -> network name. Typically set
+ via parameter_defaults in the resource registry. This
+ mapping overrides those in ServiceNetMapDefaults.
+ type: json
+ DefaultPasswords:
+ default: {}
+ type: json
+ RoleName:
+ default: ''
+ description: Role name on which the service is applied
+ type: string
+ RoleParameters:
+ default: {}
+ description: Parameters specific to the role
+ type: json
+
+resources:
+
+ ContainersCommon:
+ type: ./containers-common.yaml
+
+ ManilaBase:
+ type: ../../puppet/services/manila-share.yaml
+ properties:
+ EndpointMap: {get_param: EndpointMap}
+ ServiceNetMap: {get_param: ServiceNetMap}
+ DefaultPasswords: {get_param: DefaultPasswords}
+ RoleName: {get_param: RoleName}
+ RoleParameters: {get_param: RoleParameters}
+
+outputs:
+ role_data:
+ description: Role data for the Manila Share role.
+ value:
+ service_name: {get_attr: [ManilaBase, role_data, service_name]}
+ config_settings: {get_attr: [ManilaBase, role_data, config_settings]}
+ step_config: &step_config
+ get_attr: [ManilaBase, role_data, step_config]
+ service_config_settings: {get_attr: [ManilaBase, role_data, service_config_settings]}
+ # BEGIN DOCKER SETTINGS
+ puppet_config:
+ config_volume: manila
+ puppet_tags: manila_config
+ step_config: *step_config
+ config_image:
+ list_join:
+ - '/'
+ - [ {get_param: DockerNamespace}, {get_param: DockerManilaConfigImage} ]
+ kolla_config:
+ /var/lib/kolla/config_files/manila_share.json:
+ command: /usr/bin/manila-share --config-file /usr/share/manila/manila-dist.conf --config-file /etc/manila/manila.conf
+ config_files:
+ - source: "/var/lib/kolla/config_files/src/*"
+ dest: "/"
+ merge: true
+ preserve_properties: true
+ # NOTE(gfidente): ceph-ansible generated
+ - source: "/var/lib/kolla/config_files/src-ceph/*"
+ dest: "/etc/ceph"
+ merge: true
+ preserve_properties: true
+ permissions:
+ - path: /var/log/manila
+ owner: manila:manila
+ recurse: true
+ docker_config:
+ step_4:
+ manila_share:
+ image: &manila_share_image
+ list_join:
+ - '/'
+ - [ {get_param: DockerNamespace}, {get_param: DockerManilaShareImage} ]
+ net: host
+ restart: always
+ volumes:
+ list_concat:
+ - {get_attr: [ContainersCommon, volumes]}
+ -
+ - /var/lib/kolla/config_files/manila_share.json:/var/lib/kolla/config_files/config.json:ro
+ - /var/lib/config-data/puppet-generated/manila/:/var/lib/kolla/config_files/src:ro
+ - /var/log/containers/manila:/var/log/manila
+ - /etc/ceph/:/var/lib/kolla/config_files/src-ceph:ro
+ environment:
+ - KOLLA_CONFIG_STRATEGY=COPY_ALWAYS
+ host_prep_tasks:
+ - name: create persistent directories
+ file:
+ path: /var/log/containers/manila
+ state: directory
+ upgrade_tasks:
+ - name: Stop and disable manila_share service
+ tags: step2
+ service: name=openstack-manila-share state=stopped enabled=no
- /var/lib/config-data/memcached/etc/sysconfig/memcached:/etc/sysconfig/memcached:ro
# TODO(bogdando) capture memcached syslog logs from a container
command: ['/bin/bash', '-c', 'source /etc/sysconfig/memcached; /usr/bin/memcached -p ${PORT} -u ${USER} -m ${CACHESIZE} -c ${MAXCONN} $OPTIONS']
- environment:
- - KOLLA_CONFIG_STRATEGY=COPY_ALWAYS
upgrade_tasks:
- name: Stop and disable memcached service
tags: step2
kolla_config:
/var/lib/kolla/config_files/mistral_api.json:
command: /usr/bin/mistral-server --config-file=/etc/mistral/mistral.conf --log-file=/var/log/mistral/api.log --server=api
+ config_files:
+ - source: "/var/lib/kolla/config_files/src/*"
+ dest: "/"
+ merge: true
+ preserve_properties: true
permissions:
- path: /var/log/mistral
owner: mistral:mistral
- {get_attr: [ContainersCommon, volumes]}
-
- /var/lib/kolla/config_files/mistral_api.json:/var/lib/kolla/config_files/config.json:ro
- - /var/lib/config-data/mistral/etc/mistral/:/etc/mistral/:ro
+ - /var/lib/config-data/puppet-generated/mistral/:/var/lib/kolla/config_files/src:ro
- /var/log/containers/mistral:/var/log/mistral
environment:
- KOLLA_CONFIG_STRATEGY=COPY_ALWAYS
kolla_config:
/var/lib/kolla/config_files/mistral_engine.json:
command: /usr/bin/mistral-server --config-file=/etc/mistral/mistral.conf --log-file=/var/log/mistral/engine.log --server=engine
+ config_files:
+ - source: "/var/lib/kolla/config_files/src/*"
+ dest: "/"
+ merge: true
+ preserve_properties: true
permissions:
- path: /var/log/mistral
owner: mistral:mistral
-
- /run:/run
- /var/lib/kolla/config_files/mistral_engine.json:/var/lib/kolla/config_files/config.json:ro
- - /var/lib/config-data/mistral/etc/mistral/:/etc/mistral/:ro
+ - /var/lib/config-data/puppet-generated/mistral/:/var/lib/kolla/config_files/src:ro
- /var/log/containers/mistral:/var/log/mistral
environment:
- KOLLA_CONFIG_STRATEGY=COPY_ALWAYS
kolla_config:
/var/lib/kolla/config_files/mistral_executor.json:
command: /usr/bin/mistral-server --config-file=/etc/mistral/mistral.conf --log-file=/var/log/mistral/executor.log --server=executor
+ config_files:
+ - source: "/var/lib/kolla/config_files/src/*"
+ dest: "/"
+ merge: true
+ preserve_properties: true
permissions:
- path: /var/log/mistral
owner: mistral:mistral
- {get_attr: [ContainersCommon, volumes]}
-
- /var/lib/kolla/config_files/mistral_executor.json:/var/lib/kolla/config_files/config.json:ro
- - /var/lib/config-data/mistral/etc/mistral/:/etc/mistral/:ro
+ - /var/lib/config-data/puppet-generated/mistral/:/var/lib/kolla/config_files/src:ro
- /run:/run
# FIXME: this is required in order for Nova cells
# initialization workflows on the Undercloud. Need to
kolla_config:
/var/lib/kolla/config_files/neutron_api.json:
command: /usr/bin/neutron-server --config-file /usr/share/neutron/neutron-dist.conf --config-file /etc/neutron/neutron.conf --config-file /etc/neutron/plugin.ini --config-dir /etc/neutron/conf.d/common --config-dir /etc/neutron/conf.d/neutron-server
+ config_files:
+ - source: "/var/lib/kolla/config_files/src/*"
+ dest: "/"
+ merge: true
+ preserve_properties: true
permissions:
- path: /var/log/neutron
owner: neutron:neutron
recurse: true
/var/lib/kolla/config_files/neutron_server_tls_proxy.json:
command: /usr/sbin/httpd -DFOREGROUND
+ config_files:
+ - source: "/var/lib/kolla/config_files/src/*"
+ dest: "/"
+ merge: true
+ preserve_properties: true
docker_config:
# db sync runs before permissions set by kolla_config
step_2:
- {get_attr: [ContainersCommon, volumes]}
-
- /var/lib/kolla/config_files/neutron_api.json:/var/lib/kolla/config_files/config.json:ro
- - /var/lib/config-data/neutron/etc/neutron/:/etc/neutron/:ro
+ - /var/lib/config-data/puppet-generated/neutron/:/var/lib/kolla/config_files/src:ro
- /var/log/containers/neutron:/var/log/neutron
environment:
- KOLLA_CONFIG_STRATEGY=COPY_ALWAYS
- {get_attr: [ContainersCommon, volumes]}
-
- /var/lib/kolla/config_files/neutron_server_tls_proxy.json:/var/lib/kolla/config_files/config.json:ro
- - /var/lib/config-data/neutron/etc/httpd/conf/:/etc/httpd/conf/:ro
- - /var/lib/config-data/neutron/etc/httpd/conf.d/:/etc/httpd/conf.d/:ro
- - /var/lib/config-data/neutron/etc/httpd/conf.modules.d/:/etc/httpd/conf.modules.d/:ro
+ - /var/lib/config-data/puppet-generated/neutron/:/var/lib/kolla/config_files/src:ro
- /etc/pki/tls/certs/httpd:/etc/pki/tls/certs/httpd:ro
- /etc/pki/tls/private/httpd:/etc/pki/tls/private/httpd:ro
environment:
kolla_config:
/var/lib/kolla/config_files/neutron_dhcp.json:
command: /usr/bin/neutron-dhcp-agent --config-file /usr/share/neutron/neutron-dist.conf --config-file /etc/neutron/neutron.conf --config-file /etc/neutron/dhcp_agent.ini --log-file /var/log/neutron/dhcp-agent.log --config-dir /etc/neutron/conf.d/common --config-dir /etc/neutron/conf.d/neutron-dhcp-agent
+ config_files:
+ - source: "/var/lib/kolla/config_files/src/*"
+ dest: "/"
+ merge: true
+ preserve_properties: true
permissions:
- path: /var/log/neutron
owner: neutron:neutron
- {get_attr: [ContainersCommon, volumes]}
-
- /var/lib/kolla/config_files/neutron_dhcp.json:/var/lib/kolla/config_files/config.json:ro
- - /var/lib/config-data/neutron/etc/neutron/:/etc/neutron/:ro
+ - /var/lib/config-data/puppet-generated/neutron/:/var/lib/kolla/config_files/src:ro
- /lib/modules:/lib/modules:ro
- /run/:/run
- /var/log/containers/neutron:/var/log/neutron
kolla_config:
/var/lib/kolla/config_files/neutron_l3_agent.json:
command: /usr/bin/neutron-l3-agent --config-file /usr/share/neutron/neutron-dist.conf --config-dir /usr/share/neutron/l3_agent --config-file /etc/neutron/neutron.conf --config-file /etc/neutron/l3_agent.ini --config-dir /etc/neutron/conf.d/common --config-dir /etc/neutron/conf.d/neutron-l3-agent
+ config_files:
+ - source: "/var/lib/kolla/config_files/src/*"
+ dest: "/"
+ merge: true
+ preserve_properties: true
permissions:
- path: /var/log/neutron
owner: neutron:neutron
- {get_attr: [ContainersCommon, volumes]}
-
- /var/lib/kolla/config_files/neutron_l3_agent.json:/var/lib/kolla/config_files/config.json:ro
- - /var/lib/config-data/neutron/etc/neutron/:/etc/neutron/:ro
+ - /var/lib/config-data/puppet-generated/neutron/:/var/lib/kolla/config_files/src:ro
- /lib/modules:/lib/modules:ro
- /run:/run
- /var/log/containers/neutron:/var/log/neutron
kolla_config:
/var/lib/kolla/config_files/neutron_metadata_agent.json:
command: /usr/bin/neutron-metadata-agent --config-file /usr/share/neutron/neutron-dist.conf --config-file /etc/neutron/neutron.conf --config-file /etc/neutron/metadata_agent.ini --config-dir /etc/neutron/conf.d/common --config-dir /etc/neutron/conf.d/neutron-metadata-agent
+ config_files:
+ - source: "/var/lib/kolla/config_files/src/*"
+ dest: "/"
+ merge: true
+ preserve_properties: true
permissions:
- path: /var/log/neutron
owner: neutron:neutron
- {get_attr: [ContainersCommon, volumes]}
-
- /var/lib/kolla/config_files/neutron_metadata_agent.json:/var/lib/kolla/config_files/config.json:ro
- - /var/lib/config-data/neutron/etc/neutron/:/etc/neutron/:ro
+ - /var/lib/config-data/puppet-generated/neutron/:/var/lib/kolla/config_files/src:ro
- /lib/modules:/lib/modules:ro
- /run:/run
- /var/log/containers/neutron:/var/log/neutron
kolla_config:
/var/lib/kolla/config_files/neutron_ovs_agent.json:
command: /usr/bin/neutron-openvswitch-agent --config-file /usr/share/neutron/neutron-dist.conf --config-file /etc/neutron/neutron.conf --config-file /etc/neutron/plugins/ml2/openvswitch_agent.ini --config-file /etc/neutron/plugins/ml2/ml2_conf.ini --config-dir /etc/neutron/conf.d/common
+ config_files:
+ - source: "/var/lib/kolla/config_files/src/*"
+ dest: "/"
+ merge: true
+ preserve_properties: true
permissions:
- path: /var/log/neutron
owner: neutron:neutron
- {get_attr: [ContainersCommon, volumes]}
-
- /var/lib/kolla/config_files/neutron_ovs_agent.json:/var/lib/kolla/config_files/config.json:ro
- - /var/lib/config-data/neutron/etc/neutron/:/etc/neutron/:ro
+ - /var/lib/config-data/puppet-generated/neutron/:/var/lib/kolla/config_files/src:ro
- /lib/modules:/lib/modules:ro
- /run:/run
- /var/log/containers/neutron:/var/log/neutron
resources:
NeutronBase:
- type: ../../puppet/services/neutron-plugin-ml2.yaml
+ type: OS::TripleO::Docker::NeutronMl2PluginBase
properties:
EndpointMap: {get_param: EndpointMap}
ServiceNetMap: {get_param: ServiceNetMap}
# BEGIN DOCKER SETTINGS
puppet_config:
config_volume: 'neutron'
- puppet_tags: ''
+ puppet_tags: neutron_plugin_ml2
step_config: *step_config
config_image:
list_join:
kolla_config:
/var/lib/kolla/config_files/nova_api.json:
command: /usr/bin/nova-api
+ config_files:
+ - source: "/var/lib/kolla/config_files/src/*"
+ dest: "/"
+ merge: true
+ preserve_properties: true
permissions:
- path: /var/log/nova
owner: nova:nova
net: host
detach: false
user: root
- volumes: &nova_api_volumes
+ volumes: &nova_api_bootstrap_volumes
list_concat:
- {get_attr: [ContainersCommon, volumes]}
-
- - /var/lib/kolla/config_files/nova_api.json:/var/lib/kolla/config_files/config.json:ro
- /var/lib/config-data/nova/etc/nova/:/etc/nova/:ro
- /var/log/containers/nova:/var/log/nova
command: "/usr/bin/bootstrap_host_exec nova_api su nova -s /bin/bash -c '/usr/bin/nova-manage api_db sync'"
net: host
detach: false
user: root
- volumes: *nova_api_volumes
+ volumes: *nova_api_bootstrap_volumes
command: "/usr/bin/bootstrap_host_exec nova_api su nova -s /bin/bash -c '/usr/bin/nova-manage cell_v2 map_cell0'"
nova_api_create_default_cell:
start_order: 2
image: *nova_api_image
net: host
detach: false
- volumes: *nova_api_volumes
+ volumes: *nova_api_bootstrap_volumes
# NOTE: allowing the exit code 2 is a dirty way of making
# this idempotent (if the resource already exists a conflict
# is raised)
image: *nova_api_image
net: host
detach: false
- volumes: *nova_api_volumes
+ volumes: *nova_api_bootstrap_volumes
user: root
command: "/usr/bin/bootstrap_host_exec nova_api su nova -s /bin/bash -c '/usr/bin/nova-manage db sync'"
step_4:
user: nova
privileged: true
restart: always
+ volumes: &nova_api_volumes
+ list_concat:
+ - {get_attr: [ContainersCommon, volumes]}
+ -
+ - /var/lib/kolla/config_files/nova_api.json:/var/lib/kolla/config_files/config.json:ro
+ - /var/lib/config-data/puppet-generated/nova/:/var/lib/kolla/config_files/src:ro
+ - /var/log/containers/nova:/var/log/nova
+ environment:
+ - KOLLA_CONFIG_STRATEGY=COPY_ALWAYS
+ nova_api_cron:
+ image: *nova_api_image
+ net: host
+ user: root
+ privileged: true
+ restart: always
volumes: *nova_api_volumes
environment:
- KOLLA_CONFIG_STRATEGY=COPY_ALWAYS
+ command: "/usr/sbin/crond -n"
step_5:
nova_api_discover_hosts:
start_order: 1
image: *nova_api_image
net: host
detach: false
- volumes: *nova_api_volumes
+ volumes: *nova_api_bootstrap_volumes
user: root
command: "/usr/bin/bootstrap_host_exec nova_api su nova -s /bin/bash -c '/usr/bin/nova-manage cell_v2 discover_hosts'"
host_prep_tasks:
kolla_config:
/var/lib/kolla/config_files/nova_compute.json:
command: /usr/bin/nova-compute --config-file /etc/nova/nova.conf --config-file /etc/nova/rootwrap.conf
+ config_files:
+ - source: "/var/lib/kolla/config_files/src/*"
+ dest: "/"
+ merge: true
+ preserve_properties: true
permissions:
- path: /var/log/nova
owner: nova:nova
- {get_attr: [ContainersCommon, volumes]}
-
- /var/lib/kolla/config_files/nova_compute.json:/var/lib/kolla/config_files/config.json:ro
- - /var/lib/config-data/nova_libvirt/etc/nova/:/etc/nova/:ro
+ - /var/lib/config-data/puppet-generated/nova_libvirt/:/var/lib/kolla/config_files/src:ro
- /dev:/dev
- /etc/iscsi:/etc/iscsi
- /lib/modules:/lib/modules:ro
kolla_config:
/var/lib/kolla/config_files/nova_conductor.json:
command: /usr/bin/nova-conductor
+ config_files:
+ - source: "/var/lib/kolla/config_files/src/*"
+ dest: "/"
+ merge: true
+ preserve_properties: true
permissions:
- path: /var/log/nova
owner: nova:nova
- {get_attr: [ContainersCommon, volumes]}
-
- /var/lib/kolla/config_files/nova_conductor.json:/var/lib/kolla/config_files/config.json:ro
- - /var/lib/config-data/nova/etc/nova/:/etc/nova/:ro
+ - /var/lib/config-data/puppet-generated/nova/:/var/lib/kolla/config_files/src:ro
- /var/log/containers/nova:/var/log/nova
environment:
- KOLLA_CONFIG_STRATEGY=COPY_ALWAYS
kolla_config:
/var/lib/kolla/config_files/nova_consoleauth.json:
command: /usr/bin/nova-consoleauth
+ config_files:
+ - source: "/var/lib/kolla/config_files/src/*"
+ dest: "/"
+ merge: true
+ preserve_properties: true
permissions:
- path: /var/log/nova
owner: nova:nova
- {get_attr: [ContainersCommon, volumes]}
-
- /var/lib/kolla/config_files/nova_consoleauth.json:/var/lib/kolla/config_files/config.json:ro
- - /var/lib/config-data/nova/etc/nova/:/etc/nova/:ro
+ - /var/lib/config-data/puppet-generated/nova/:/var/lib/kolla/config_files/src:ro
- /var/log/containers/nova:/var/log/nova
environment:
- KOLLA_CONFIG_STRATEGY=COPY_ALWAYS
kolla_config:
/var/lib/kolla/config_files/nova_ironic.json:
command: /usr/bin/nova-compute --config-file /etc/nova/nova.conf --config-file /etc/nova/rootwrap.conf
+ config_files:
+ - source: "/var/lib/kolla/config_files/src/*"
+ dest: "/"
+ merge: true
+ preserve_properties: true
permissions:
- path: /var/log/nova
owner: nova:nova
- {get_attr: [ContainersCommon, volumes]}
-
- /var/lib/kolla/config_files/nova_ironic.json:/var/lib/kolla/config_files/config.json:ro
- - /var/lib/config-data/nova/etc/nova/:/etc/nova/:ro
+ - /var/lib/config-data/puppet-generated/nova/:/var/lib/kolla/config_files/src:ro
- /run:/run
- /dev:/dev
- /etc/iscsi:/etc/iscsi
- use_tls_for_live_migration
- /usr/sbin/libvirtd --listen --config /etc/libvirt/libvirtd.conf
- /usr/sbin/libvirtd --config /etc/libvirt/libvirtd.conf
+ config_files:
+ - source: "/var/lib/kolla/config_files/src/*"
+ dest: "/"
+ merge: true
+ preserve_properties: true
permissions:
- path: /var/log/nova
owner: nova:nova
- {get_attr: [ContainersCommon, volumes]}
-
- /var/lib/kolla/config_files/nova_libvirt.json:/var/lib/kolla/config_files/config.json:ro
- - /var/lib/config-data/nova_libvirt/etc/libvirt/:/etc/libvirt/:ro
+ - /var/lib/config-data/puppet-generated/nova_libvirt/:/var/lib/kolla/config_files/src:ro
- /lib/modules:/lib/modules:ro
- /dev:/dev
- /run:/run
kolla_config:
/var/lib/kolla/config_files/nova_placement.json:
command: /usr/sbin/httpd -DFOREGROUND
+ config_files:
+ - source: "/var/lib/kolla/config_files/src/*"
+ dest: "/"
+ merge: true
+ preserve_properties: true
permissions:
- path: /var/log/nova
owner: nova:nova
- {get_attr: [ContainersCommon, volumes]}
-
- /var/lib/kolla/config_files/nova_placement.json:/var/lib/kolla/config_files/config.json:ro
- - /var/lib/config-data/nova_placement/etc/nova/:/etc/nova/:ro
- - /var/lib/config-data/nova_placement/etc/httpd/conf/:/etc/httpd/conf/:ro
- - /var/lib/config-data/nova_placement/etc/httpd/conf.d/:/etc/httpd/conf.d/:ro
- - /var/lib/config-data/nova_placement/etc/httpd/conf.modules.d/:/etc/httpd/conf.modules.d/:ro
- - /var/lib/config-data/nova_placement/var/www/:/var/www/:ro
+ - /var/lib/config-data/puppet-generated/nova_placement/:/var/lib/kolla/config_files/src:ro
- /var/log/containers/nova:/var/log/nova
environment:
- KOLLA_CONFIG_STRATEGY=COPY_ALWAYS
kolla_config:
/var/lib/kolla/config_files/nova_scheduler.json:
command: /usr/bin/nova-scheduler
+ config_files:
+ - source: "/var/lib/kolla/config_files/src/*"
+ dest: "/"
+ merge: true
+ preserve_properties: true
permissions:
- path: /var/log/nova
owner: nova:nova
- {get_attr: [ContainersCommon, volumes]}
-
- /var/lib/kolla/config_files/nova_scheduler.json:/var/lib/kolla/config_files/config.json:ro
- - /var/lib/config-data/nova/etc/nova/:/etc/nova/:ro
+ - /var/lib/config-data/puppet-generated/nova/:/var/lib/kolla/config_files/src:ro
- /run:/run
- /var/log/containers/nova:/var/log/nova
environment:
kolla_config:
/var/lib/kolla/config_files/nova_vnc_proxy.json:
command: /usr/bin/nova-novncproxy --web /usr/share/novnc/
+ config_files:
+ - source: "/var/lib/kolla/config_files/src/*"
+ dest: "/"
+ merge: true
+ preserve_properties: true
permissions:
- path: /var/log/nova
owner: nova:nova
- {get_attr: [ContainersCommon, volumes]}
-
- /var/lib/kolla/config_files/nova_vnc_proxy.json:/var/lib/kolla/config_files/config.json:ro
- - /var/lib/config-data/nova/etc/nova/:/etc/nova/:ro
+ - /var/lib/config-data/puppet-generated/nova/:/var/lib/kolla/config_files/src:ro
- /var/log/containers/nova:/var/log/nova
environment:
- KOLLA_CONFIG_STRATEGY=COPY_ALWAYS
kolla_config:
/var/lib/kolla/config_files/octavia_api.json:
command: /usr/bin/octavia-api --config-file /usr/share/octavia/octavia-dist.conf --config-file /etc/octavia/octavia.conf --log-file /var/log/octavia/api.log --config-dir /etc/octavia/conf.d/common --config-dir /etc/octavia/conf.d/octavia-api
+ config_files:
+ - source: "/var/lib/kolla/config_files/src/*"
+ dest: "/"
+ merge: true
+ preserve_properties: true
/var/lib/kolla/config_files/octavia_api_tls_proxy.json:
command: /usr/sbin/httpd -DFOREGROUND
+ config_files:
+ - source: "/var/lib/kolla/config_files/src/*"
+ dest: "/"
+ merge: true
+ preserve_properties: true
docker_config:
# Kolla_bootstrap/db_sync runs before permissions set by kolla_config
step_2:
- [ {get_param: DockerNamespace}, {get_param: DockerOctaviaApiImage} ]
user: root
volumes:
- - /var/lib/config-data/octavia/etc/octavia:/etc/octavia/
+ # NOTE(mandre) we need extra dir for the service in /etc/octavia/conf.d
+ # It is normally created as part of the RPM install, but it is
+ # missing here because we use the same config_volume for all
+ # octavia services, hence the same container image to generate
+ # configuration.
+ - /var/lib/config-data/puppet-generated/octavia/etc/octavia:/etc/octavia/
- /var/log/containers/octavia:/var/log/octavia
command: ['/bin/bash', '-c', 'mkdir -p /etc/octavia/conf.d/octavia-api; chown -R octavia:octavia /etc/octavia/conf.d/octavia-api; chown -R octavia:octavia /var/log/octavia']
step_3:
privileged: false
detach: false
user: root
- volumes: &octavia_volumes
+ volumes:
list_concat:
- {get_attr: [ContainersCommon, volumes]}
-
- - /var/lib/kolla/config_files/octavia_api.json:/var/lib/kolla/config_files/config.json:ro
- /var/lib/config-data/octavia/etc/octavia/:/etc/octavia/:ro
- /var/log/containers/octavia:/var/log/octavia
command: "/usr/bin/bootstrap_host_exec octavia_api su octavia -s /bin/bash -c '/usr/bin/octavia-db-manage upgrade head'"
net: host
privileged: false
restart: always
- volumes: *octavia_volumes
+ volumes:
+ list_concat:
+ - {get_attr: [ContainersCommon, volumes]}
+ -
+ - /var/lib/kolla/config_files/octavia_api.json:/var/lib/kolla/config_files/config.json:ro
+ - /var/lib/config-data/puppet-generated/octavia/:/var/lib/kolla/config_files/src:ro
+ - /var/log/containers/octavia:/var/log/octavia
environment:
- KOLLA_CONFIG_STRATEGY=COPY_ALWAYS
- if:
- {get_attr: [ContainersCommon, volumes]}
-
- /var/lib/kolla/config_files/octavia_api_tls_proxy.json:/var/lib/kolla/config_files/config.json:ro
- - /var/lib/config-data/octavia/etc/httpd/:/etc/httpd/:ro
+ - /var/lib/config-data/puppet-generated/octavia/:/var/lib/kolla/config_files/src:ro
- /etc/pki/tls/certs/httpd:/etc/pki/tls/certs/httpd:ro
- /etc/pki/tls/private/httpd:/etc/pki/tls/private/httpd:ro
environment:
kolla_config:
/var/lib/kolla/config_files/octavia_health_manager.json:
command: /usr/bin/octavia-health-manager --config-file /usr/share/octavia/octavia-dist.conf --config-file /etc/octavia/octavia.conf --log-file /var/log/octavia/health-manager.log --config-dir /etc/octavia/conf.d/common --config-dir /etc/octavia/conf.d/octavia-health-manager
+ config_files:
+ - source: "/var/lib/kolla/config_files/src/*"
+ dest: "/"
+ merge: true
+ preserve_properties: true
docker_config:
step_2:
octavia_health_manager_init_dirs:
- [ {get_param: DockerNamespace}, {get_param: DockerOctaviaHealthManagerImage} ]
user: root
volumes:
- - /var/lib/config-data/octavia/etc/octavia:/etc/octavia/
+ # NOTE(mandre) we need extra dir for the service in /etc/octavia/conf.d
+ # It is normally created as part of the RPM install, but it is
+ # missing here because we use the same config_volume for all
+ # octavia services, hence the same container image to generate
+ # configuration.
+ - /var/lib/config-data/puppet-generated/octavia/etc/octavia:/etc/octavia/
command: ['/bin/bash', '-c', 'mkdir -p /etc/octavia/conf.d/octavia-health-manager; chown -R octavia:octavia /etc/octavia/conf.d/octavia-health-manager']
step_4:
octavia_health_manager:
- {get_attr: [ContainersCommon, volumes]}
-
- /var/lib/kolla/config_files/octavia_health_manager.json:/var/lib/kolla/config_files/config.json:ro
- - /var/lib/config-data/octavia/etc/octavia/:/etc/octavia/:ro
+ - /var/lib/config-data/puppet-generated/octavia/:/var/lib/kolla/config_files/src:ro
- /var/log/containers/octavia:/var/log/octavia
environment:
- KOLLA_CONFIG_STRATEGY=COPY_ALWAYS
kolla_config:
/var/lib/kolla/config_files/octavia_housekeeping.json:
command: /usr/bin/octavia-housekeeping --config-file /usr/share/octavia/octavia-dist.conf --config-file /etc/octavia/octavia.conf --log-file /var/log/octavia/housekeeping.log --config-dir /etc/octavia/conf.d/common --config-dir /etc/octavia/conf.d/octavia-housekeeping
+ config_files:
+ - source: "/var/lib/kolla/config_files/src/*"
+ dest: "/"
+ merge: true
+ preserve_properties: true
docker_config:
step_2:
octavia_housekeeping_init_dirs:
- [ {get_param: DockerNamespace}, {get_param: DockerOctaviaHousekeepingImage} ]
user: root
volumes:
- - /var/lib/config-data/octavia/etc/octavia:/etc/octavia/
+ # NOTE(mandre) we need extra dir for the service in /etc/octavia/conf.d
+ # It is normally created as part of the RPM install, but it is
+ # missing here because we use the same config_volume for all
+ # octavia services, hence the same container image to generate
+ # configuration.
+ - /var/lib/config-data/puppet-generated/octavia/etc/octavia:/etc/octavia/
command: ['/bin/bash', '-c', 'mkdir -p /etc/octavia/conf.d/octavia-housekeeping; chown -R octavia:octavia /etc/octavia/conf.d/octavia-housekeeping']
step_4:
octavia_housekeeping:
- {get_attr: [ContainersCommon, volumes]}
-
- /var/lib/kolla/config_files/octavia_housekeeping.json:/var/lib/kolla/config_files/config.json:ro
- - /var/lib/config-data/octavia/etc/octavia/:/etc/octavia/:ro
+ - /var/lib/config-data/puppet-generated/octavia/:/var/lib/kolla/config_files/src:ro
- /var/log/containers/octavia:/var/log/octavia
environment:
- KOLLA_CONFIG_STRATEGY=COPY_ALWAYS
kolla_config:
/var/lib/kolla/config_files/octavia_worker.json:
command: /usr/bin/octavia-worker --config-file /usr/share/octavia/octavia-dist.conf --config-file /etc/octavia/octavia.conf --log-file /var/log/octavia/worker.log --config-dir /etc/octavia/conf.d/common --config-dir /etc/octavia/conf.d/octavia-worker
+ config_files:
+ - source: "/var/lib/kolla/config_files/src/*"
+ dest: "/"
+ merge: true
+ preserve_properties: true
docker_config:
step_2:
octavia_worker_init_dirs:
- [ {get_param: DockerNamespace}, {get_param: DockerOctaviaWorkerImage} ]
user: root
volumes:
- - /var/lib/config-data/octavia/etc/octavia:/etc/octavia/
+ # NOTE(mandre) we need extra dir for the service in /etc/octavia/conf.d
+ # It is normally created as part of the RPM install, but it is
+ # missing here because we use the same config_volume for all
+ # octavia services, hence the same container image to generate
+ # configuration.
+ - /var/lib/config-data/puppet-generated/octavia/etc/octavia:/etc/octavia/
command: ['/bin/bash', '-c', 'mkdir -p /etc/octavia/conf.d/octavia-worker; chown -R octavia:octavia /etc/octavia/conf.d/octavia-worker']
step_4:
octavia_worker:
- {get_attr: [ContainersCommon, volumes]}
-
- /var/lib/kolla/config_files/octavia_worker.json:/var/lib/kolla/config_files/config.json:ro
- - /var/lib/config-data/octavia/etc/octavia/:/etc/octavia/:ro
+ - /var/lib/config-data/puppet-generated/octavia/:/var/lib/kolla/config_files/src:ro
- /var/log/containers/octavia:/var/log/octavia
environment:
- KOLLA_CONFIG_STRATEGY=COPY_ALWAYS
--- /dev/null
+heat_template_version: pike
+
+description: >
+ OpenStack containerized OpenDaylight API service
+
+parameters:
+ DockerNamespace:
+ description: namespace
+ default: 'tripleoupstream'
+ type: string
+ DockerOpendaylightApiImage:
+ description: image
+ default: 'centos-binary-opendaylight:latest'
+ type: string
+ DockerOpendaylightConfigImage:
+ description: image
+ default: 'centos-binary-opendaylight:latest'
+ type: string
+ EndpointMap:
+ default: {}
+ description: Mapping of service endpoint -> protocol. Typically set
+ via parameter_defaults in the resource registry.
+ type: json
+ ServiceNetMap:
+ default: {}
+ description: Mapping of service_name -> network name. Typically set
+ via parameter_defaults in the resource registry. This
+ mapping overrides those in ServiceNetMapDefaults.
+ type: json
+ DefaultPasswords:
+ default: {}
+ type: json
+ RoleName:
+ default: ''
+ description: Role name on which the service is applied
+ type: string
+ RoleParameters:
+ default: {}
+ description: Parameters specific to the role
+ type: json
+
+resources:
+
+ ContainersCommon:
+ type: ./containers-common.yaml
+
+ OpenDaylightBase:
+ type: ../../puppet/services/opendaylight-api.yaml
+ properties:
+ EndpointMap: {get_param: EndpointMap}
+ ServiceNetMap: {get_param: ServiceNetMap}
+ DefaultPasswords: {get_param: DefaultPasswords}
+ RoleName: {get_param: RoleName}
+ RoleParameters: {get_param: RoleParameters}
+
+outputs:
+ role_data:
+ description: Role data for the OpenDaylight API role.
+ value:
+ service_name: {get_attr: [OpenDaylightBase, role_data, service_name]}
+ config_settings:
+ map_merge:
+ - get_attr: [OpenDaylightBase, role_data, config_settings]
+ step_config: &step_config
+ list_join:
+ - "\n"
+ - - get_attr: [OpenDaylightBase, role_data, step_config]
+ - "include tripleo::profile::base::neutron::opendaylight::create_cluster"
+ # BEGIN DOCKER SETTINGS
+ puppet_config:
+ config_volume: opendaylight
+ # 'file,concat,file_line,augeas' are included by default
+ puppet_tags: odl_user,tripleo::profile::base::neutron::opendaylight::configure_cluster
+ step_config: *step_config
+ config_image:
+ list_join:
+ - '/'
+ - [ {get_param: DockerNamespace}, {get_param: DockerOpendaylightConfigImage} ]
+ kolla_config:
+ /var/lib/kolla/config_files/opendaylight_api.json:
+ command: /opt/opendaylight/bin/karaf
+ config_files:
+ - source: "/var/lib/kolla/config_files/src/*"
+ dest: "/"
+ merge: true
+ preserve_properties: true
+ permissions:
+ - path: /opt/opendaylight
+ owner: odl:odl
+ recurse: true
+ docker_config:
+ step_1:
+ opendaylight_api:
+ start_order: 0
+ image: &odl_api_image
+ list_join:
+ - '/'
+ - [ {get_param: DockerNamespace}, {get_param: DockerOpendaylightApiImage} ]
+ privileged: false
+ net: host
+ detach: true
+ user: odl
+ restart: always
+ volumes:
+ list_concat:
+ - {get_attr: [ContainersCommon, volumes]}
+ -
+ - /var/lib/kolla/config_files/opendaylight_api.json:/var/lib/kolla/config_files/config.json:ro
+ - /var/lib/config-data/puppet-generated/opendaylight/:/var/lib/kolla/config_files/src:ro
+ environment:
+ - KOLLA_CONFIG_STRATEGY=COPY_ALWAYS
+
+ upgrade_tasks:
+ - name: Stop and disable opendaylight_api service
+ tags: step2
+ service: name=opendaylight state=stopped enabled=no
/var/lib/kolla/config_files/clustercheck.json:
command: /usr/sbin/xinetd -dontfork
config_files:
- - dest: /etc/xinetd.conf
- source: /var/lib/kolla/config_files/src/etc/xinetd.conf
- owner: mysql
- perm: '0644'
- - dest: /etc/xinetd.d/galera-monitor
- source: /var/lib/kolla/config_files/src/etc/xinetd.d/galera-monitor
- owner: mysql
- perm: '0644'
- - dest: /etc/sysconfig/clustercheck
- source: /var/lib/kolla/config_files/src/etc/sysconfig/clustercheck
- owner: mysql
- perm: '0600'
+ - source: "/var/lib/kolla/config_files/src/*"
+ dest: "/"
+ merge: true
+ preserve_properties: true
docker_config:
step_2:
clustercheck:
- {get_attr: [ContainersCommon, volumes]}
-
- /var/lib/kolla/config_files/clustercheck.json:/var/lib/kolla/config_files/config.json
- - /var/lib/config-data/clustercheck/:/var/lib/kolla/config_files/src:ro
+ - /var/lib/config-data/puppet-generated/clustercheck/:/var/lib/kolla/config_files/src:ro
- /var/lib/mysql:/var/lib/mysql
environment:
- KOLLA_CONFIG_STRATEGY=COPY_ALWAYS
/var/lib/kolla/config_files/mysql.json:
command: /usr/sbin/pacemaker_remoted
config_files:
- - dest: /etc/libqb/force-filesystem-sockets
- source: /dev/null
- owner: root
- perm: '0644'
- - dest: /etc/my.cnf
- source: /var/lib/kolla/config_files/src/etc/my.cnf
- owner: mysql
- perm: '0644'
- - dest: /etc/my.cnf.d/galera.cnf
- source: /var/lib/kolla/config_files/src/etc/my.cnf.d/galera.cnf
- owner: mysql
- perm: '0644'
- - dest: /etc/sysconfig/clustercheck
- source: /var/lib/kolla/config_files/src/etc/sysconfig/clustercheck
- owner: root
- perm: '0600'
+ - dest: /etc/libqb/force-filesystem-sockets
+ source: /dev/null
+ owner: root
+ perm: '0644'
+ - source: "/var/lib/kolla/config_files/src/*"
+ dest: "/"
+ merge: true
+ preserve_properties: true
docker_config:
step_1:
mysql_data_ownership:
- {get_attr: [ContainersCommon, volumes]}
-
- /var/lib/kolla/config_files/mysql.json:/var/lib/kolla/config_files/config.json
- - /var/lib/config-data/mysql/:/var/lib/kolla/config_files/src:ro
+ - /var/lib/config-data/puppet-generated/mysql/:/var/lib/kolla/config_files/src:ro
- /var/lib/mysql:/var/lib/mysql
environment:
- KOLLA_CONFIG_STRATEGY=COPY_ALWAYS
- /usr/share/openstack-puppet/modules:/usr/share/openstack-puppet/modules:ro
- /etc/corosync/corosync.conf:/etc/corosync/corosync.conf:ro
- /dev/shm:/dev/shm:rw
- - /var/lib/config-data/mysql/etc/my.cnf:/etc/my.cnf:ro
- - /var/lib/config-data/mysql/etc/my.cnf.d:/etc/my.cnf.d:ro
- /var/lib/mysql:/var/lib/mysql:rw
host_prep_tasks:
- name: create /var/lib/mysql
source: /dev/null
owner: root
perm: '0644'
+ - source: "/var/lib/kolla/config_files/src/*"
+ dest: "/"
+ merge: true
+ preserve_properties: true
+ optional: true
permissions:
- path: /var/run/redis
owner: redis:redis
description: Mapping of service endpoint -> protocol. Typically set
via parameter_defaults in the resource registry.
type: json
+ DeployedSSLCertificatePath:
+ default: '/etc/pki/tls/private/overcloud_endpoint.pem'
+ description: >
+ The filepath of the certificate as it will be stored in the controller.
+ type: string
RoleName:
default: ''
description: Role name on which the service is applied
list_join:
- '/'
- [ {get_param: DockerNamespace}, {get_param: DockerHAProxyConfigImage} ]
+ volumes: &deployed_cert_mount
+ - list_join:
+ - ':'
+ - - {get_param: DeployedSSLCertificatePath}
+ - {get_param: DeployedSSLCertificatePath}
+ - 'ro'
kolla_config:
/var/lib/kolla/config_files/haproxy.json:
command: haproxy -f /etc/haproxy/haproxy.cfg
+ config_files:
+ - source: "/var/lib/kolla/config_files/src/*"
+ dest: "/"
+ merge: true
+ preserve_properties: true
+ optional: true
docker_config:
step_2:
haproxy_init_bundle:
- 'include ::tripleo::profile::pacemaker::haproxy_bundle'
image: *haproxy_image
volumes:
- # puppet saves iptables rules in /etc/sysconfig
- - /etc/sysconfig:/etc/sysconfig:rw
- # saving rules require accessing /usr/libexec/iptables/iptables.init, just bind-mount
- # the necessary bit and prevent systemd to try to reload the service in the container
- - /usr/libexec/iptables:/usr/libexec/iptables:ro
- - /usr/libexec/initscripts/legacy-actions:/usr/libexec/initscripts/legacy-actions:ro
- - /etc/hosts:/etc/hosts:ro
- - /etc/localtime:/etc/localtime:ro
- - /etc/puppet:/tmp/puppet-etc:ro
- - /usr/share/openstack-puppet/modules:/usr/share/openstack-puppet/modules:ro
- - /etc/corosync/corosync.conf:/etc/corosync/corosync.conf:ro
- - /dev/shm:/dev/shm:rw
+ list_concat:
+ - *deployed_cert_mount
+ -
+ # puppet saves iptables rules in /etc/sysconfig
+ - /etc/sysconfig:/etc/sysconfig:rw
+ # saving rules require accessing /usr/libexec/iptables/iptables.init, just bind-mount
+ # the necessary bit and prevent systemd to try to reload the service in the container
+ - /usr/libexec/iptables:/usr/libexec/iptables:ro
+ - /usr/libexec/initscripts/legacy-actions:/usr/libexec/initscripts/legacy-actions:ro
+ - /etc/hosts:/etc/hosts:ro
+ - /etc/localtime:/etc/localtime:ro
+ - /etc/puppet:/tmp/puppet-etc:ro
+ - /usr/share/openstack-puppet/modules:/usr/share/openstack-puppet/modules:ro
+ - /etc/corosync/corosync.conf:/etc/corosync/corosync.conf:ro
+ - /dev/shm:/dev/shm:rw
metadata_settings:
get_attr: [HAProxyBase, role_data, metadata_settings]
source: /dev/null
owner: root
perm: '0644'
+ - source: "/var/lib/kolla/config_files/src/*"
+ dest: "/"
+ merge: true
+ preserve_properties: true
permissions:
- path: /var/lib/rabbitmq
owner: rabbitmq:rabbitmq
privileged: false
volumes:
- /var/lib/kolla/config_files/rabbitmq.json:/var/lib/kolla/config_files/config.json:ro
- - /var/lib/config-data/rabbitmq/etc/rabbitmq:/etc/rabbitmq:ro
+ - /var/lib/config-data/puppet-generated/rabbitmq/:/var/lib/kolla/config_files/src:ro
- /etc/hosts:/etc/hosts:ro
- /etc/localtime:/etc/localtime:ro
- /var/lib/rabbitmq:/var/lib/rabbitmq
kolla_config:
/var/lib/kolla/config_files/panko_api.json:
command: /usr/sbin/httpd -DFOREGROUND
+ config_files:
+ - source: "/var/lib/kolla/config_files/src/*"
+ dest: "/"
+ merge: true
+ preserve_properties: true
permissions:
- path: /var/log/panko
owner: panko:panko
- {get_attr: [ContainersCommon, volumes]}
-
- /var/lib/kolla/config_files/panko_api.json:/var/lib/kolla/config_files/config.json:ro
- - /var/lib/config-data/panko/etc/panko/:/etc/panko/:ro
- - /var/lib/config-data/panko/etc/httpd/conf/:/etc/httpd/conf/:ro
- - /var/lib/config-data/panko/etc/httpd/conf.d/:/etc/httpd/conf.d/:ro
- - /var/lib/config-data/panko/etc/httpd/conf.modules.d/:/etc/httpd/conf.modules.d/:ro
- - /var/lib/config-data/panko/var/www/:/var/www/:ro
+ - /var/lib/config-data/puppet-generated/panko/:/var/lib/kolla/config_files/src:ro
- /var/log/containers/panko:/var/log/panko
-
if:
kolla_config:
/var/lib/kolla/config_files/rabbitmq.json:
command: /usr/lib/rabbitmq/bin/rabbitmq-server
+ config_files:
+ - source: "/var/lib/kolla/config_files/src/*"
+ dest: "/"
+ merge: true
+ preserve_properties: true
permissions:
- path: /var/lib/rabbitmq
owner: rabbitmq:rabbitmq
- {get_attr: [ContainersCommon, volumes]}
-
- /var/lib/kolla/config_files/rabbitmq.json:/var/lib/kolla/config_files/config.json:ro
- - /var/lib/config-data/rabbitmq/etc/rabbitmq/:/etc/rabbitmq/:ro
+ - /var/lib/config-data/puppet-generated/rabbitmq/:/var/lib/kolla/config_files/src:ro
- /var/lib/rabbitmq:/var/lib/rabbitmq
- /var/log/containers/rabbitmq:/var/log/rabbitmq
environment:
- {get_attr: [ContainersCommon, volumes]}
-
- /var/lib/kolla/config_files/rabbitmq.json:/var/lib/kolla/config_files/config.json:ro
- - /var/lib/config-data/rabbitmq/etc/rabbitmq/:/etc/rabbitmq/:ro
+ - /var/lib/config-data/puppet-generated/rabbitmq/:/var/lib/kolla/config_files/src:ro
- /var/lib/rabbitmq:/var/lib/rabbitmq
- /var/log/containers/rabbitmq:/var/log/rabbitmq
environment:
kolla_config:
/var/lib/kolla/config_files/sahara-api.json:
command: /usr/bin/sahara-api --config-file /etc/sahara/sahara.conf
+ config_files:
+ - source: "/var/lib/kolla/config_files/src/*"
+ dest: "/"
+ merge: true
+ preserve_properties: true
permissions:
- path: /var/lib/sahara
owner: sahara:sahara
privileged: false
detach: false
user: root
- volumes: &sahara_volumes
+ volumes:
list_concat:
- {get_attr: [ContainersCommon, volumes]}
-
- - /var/lib/kolla/config_files/sahara-api.json:/var/lib/kolla/config_files/config.json
- /var/lib/config-data/sahara/etc/sahara/:/etc/sahara/:ro
- /lib/modules:/lib/modules:ro
- /var/lib/sahara:/var/lib/sahara
net: host
privileged: false
restart: always
- volumes: *sahara_volumes
+ volumes:
+ list_concat:
+ - {get_attr: [ContainersCommon, volumes]}
+ -
+ - /var/lib/kolla/config_files/sahara-api.json:/var/lib/kolla/config_files/config.json
+ - /var/lib/config-data/puppet-generated/sahara/:/var/lib/kolla/config_files/src:ro
+ - /lib/modules:/lib/modules:ro
+ - /var/lib/sahara:/var/lib/sahara
+ - /var/log/containers/sahara:/var/log/sahara
environment:
- KOLLA_CONFIG_STRATEGY=COPY_ALWAYS
host_prep_tasks:
kolla_config:
/var/lib/kolla/config_files/sahara-engine.json:
command: /usr/bin/sahara-engine --config-file /etc/sahara/sahara.conf
+ config_files:
+ - source: "/var/lib/kolla/config_files/src/*"
+ dest: "/"
+ merge: true
+ preserve_properties: true
permissions:
- path: /var/lib/sahara
owner: sahara:sahara
net: host
privileged: false
restart: always
- volumes: &sahara_volumes
+ volumes:
list_concat:
- {get_attr: [ContainersCommon, volumes]}
-
- /var/lib/kolla/config_files/sahara-engine.json:/var/lib/kolla/config_files/config.json
- - /var/lib/config-data/sahara/etc/sahara/:/etc/sahara/:ro
+ - /var/lib/config-data/puppet-generated/sahara/:/var/lib/kolla/config_files/src:ro
- /var/lib/sahara:/var/lib/sahara
- /var/log/containers/sahara:/var/log/sahara
environment:
kolla_config:
/var/lib/kolla/config_files/sensu-client.json:
command: /usr/bin/sensu-client -d /etc/sensu/conf.d/ -l /var/log/sensu/sensu-client.log
+ config_files:
+ - source: "/var/lib/kolla/config_files/src/*"
+ dest: "/"
+ merge: true
+ preserve_properties: true
permissions:
- path: /var/log/sensu
owner: sensu:sensu
-
- /var/run/docker.sock:/var/run/docker.sock:rw
- /var/lib/kolla/config_files/sensu-client.json:/var/lib/kolla/config_files/config.json:ro
- - /var/lib/config-data/sensu/etc/sensu/:/etc/sensu/:ro
+ - /var/lib/config-data/puppet-generated/sensu/:/var/lib/kolla/config_files/src:ro
- /var/log/containers/sensu:/var/log/sensu:rw
environment:
- KOLLA_CONFIG_STRATEGY=COPY_ALWAYS
kolla_config:
/var/lib/kolla/config_files/swift_proxy.json:
command: /usr/bin/swift-proxy-server /etc/swift/proxy-server.conf
+ config_files:
+ - source: "/var/lib/kolla/config_files/src/*"
+ dest: "/"
+ merge: true
+ preserve_properties: true
permissions:
- path: /var/log/swift
owner: swift:swift
recurse: true
/var/lib/kolla/config_files/swift_proxy_tls_proxy.json:
command: /usr/sbin/httpd -DFOREGROUND
+ config_files:
+ - source: "/var/lib/kolla/config_files/src/*"
+ dest: "/"
+ merge: true
+ preserve_properties: true
docker_config:
step_4:
map_merge:
- {get_attr: [ContainersCommon, volumes]}
-
- /var/lib/kolla/config_files/swift_proxy.json:/var/lib/kolla/config_files/config.json:ro
- # FIXME I'm mounting /etc/swift as rw. Are the rings written to
- # at all during runtime?
- - /var/lib/config-data/swift/etc/swift:/etc/swift:rw
+ - /var/lib/config-data/puppet-generated/swift/:/var/lib/kolla/config_files/src:ro
- /run:/run
- /srv/node:/srv/node
- /dev:/dev
- {get_attr: [ContainersCommon, volumes]}
-
- /var/lib/kolla/config_files/swift_proxy_tls_proxy.json:/var/lib/kolla/config_files/config.json:ro
- - /var/lib/config-data/swift/etc/httpd/conf/:/etc/httpd/conf/:ro
- - /var/lib/config-data/swift/etc/httpd/conf.d/:/etc/httpd/conf.d/:ro
- - /var/lib/config-data/swift/etc/httpd/conf.modules.d/:/etc/httpd/conf.modules.d/:ro
+ - /var/lib/config-data/puppet-generated/swift/:/var/lib/kolla/config_files/src:ro
- /etc/pki/tls/certs/httpd:/etc/pki/tls/certs/httpd:ro
- /etc/pki/tls/private/httpd:/etc/pki/tls/private/httpd:ro
environment:
kolla_config:
/var/lib/kolla/config_files/swift_account_auditor.json:
command: /usr/bin/swift-account-auditor /etc/swift/account-server.conf
+ config_files:
+ - source: "/var/lib/kolla/config_files/src/*"
+ dest: "/"
+ merge: true
+ preserve_properties: true
/var/lib/kolla/config_files/swift_account_reaper.json:
command: /usr/bin/swift-account-reaper /etc/swift/account-server.conf
+ config_files:
+ - source: "/var/lib/kolla/config_files/src/*"
+ dest: "/"
+ merge: true
+ preserve_properties: true
/var/lib/kolla/config_files/swift_account_replicator.json:
command: /usr/bin/swift-account-replicator /etc/swift/account-server.conf
+ config_files:
+ - source: "/var/lib/kolla/config_files/src/*"
+ dest: "/"
+ merge: true
+ preserve_properties: true
/var/lib/kolla/config_files/swift_account_server.json:
command: /usr/bin/swift-account-server /etc/swift/account-server.conf
+ config_files:
+ - source: "/var/lib/kolla/config_files/src/*"
+ dest: "/"
+ merge: true
+ preserve_properties: true
/var/lib/kolla/config_files/swift_container_auditor.json:
command: /usr/bin/swift-container-auditor /etc/swift/container-server.conf
+ config_files:
+ - source: "/var/lib/kolla/config_files/src/*"
+ dest: "/"
+ merge: true
+ preserve_properties: true
/var/lib/kolla/config_files/swift_container_replicator.json:
command: /usr/bin/swift-container-replicator /etc/swift/container-server.conf
+ config_files:
+ - source: "/var/lib/kolla/config_files/src/*"
+ dest: "/"
+ merge: true
+ preserve_properties: true
/var/lib/kolla/config_files/swift_container_updater.json:
command: /usr/bin/swift-container-updater /etc/swift/container-server.conf
+ config_files:
+ - source: "/var/lib/kolla/config_files/src/*"
+ dest: "/"
+ merge: true
+ preserve_properties: true
/var/lib/kolla/config_files/swift_container_server.json:
command: /usr/bin/swift-container-server /etc/swift/container-server.conf
+ config_files:
+ - source: "/var/lib/kolla/config_files/src/*"
+ dest: "/"
+ merge: true
+ preserve_properties: true
/var/lib/kolla/config_files/swift_object_auditor.json:
command: /usr/bin/swift-object-auditor /etc/swift/object-server.conf
+ config_files:
+ - source: "/var/lib/kolla/config_files/src/*"
+ dest: "/"
+ merge: true
+ preserve_properties: true
/var/lib/kolla/config_files/swift_object_expirer.json:
command: /usr/bin/swift-object-expirer /etc/swift/object-expirer.conf
+ config_files:
+ - source: "/var/lib/kolla/config_files/src/*"
+ dest: "/"
+ merge: true
+ preserve_properties: true
/var/lib/kolla/config_files/swift_object_replicator.json:
command: /usr/bin/swift-object-replicator /etc/swift/object-server.conf
+ config_files:
+ - source: "/var/lib/kolla/config_files/src/*"
+ dest: "/"
+ merge: true
+ preserve_properties: true
/var/lib/kolla/config_files/swift_object_updater.json:
command: /usr/bin/swift-object-updater /etc/swift/object-server.conf
+ config_files:
+ - source: "/var/lib/kolla/config_files/src/*"
+ dest: "/"
+ merge: true
+ preserve_properties: true
/var/lib/kolla/config_files/swift_object_server.json:
command: /usr/bin/swift-object-server /etc/swift/object-server.conf
+ config_files:
+ - source: "/var/lib/kolla/config_files/src/*"
+ dest: "/"
+ merge: true
+ preserve_properties: true
permissions:
- path: /var/log/swift
owner: swift:swift
recurse: true
- /var/lib/kolla/config_files/swift_xinetd_rsync.json:
- command: /usr/sbin/xinetd -dontfork
+ /var/lib/kolla/config_files/swift_rsync.json:
+ command: /usr/bin/rsync --daemon --no-detach --config=/etc/rsyncd.conf
+ config_files:
+ - source: "/var/lib/kolla/config_files/src/*"
+ dest: "/"
+ merge: true
+ preserve_properties: true
docker_config:
step_3:
# The puppet config sets this up but we don't have a way to mount the named
- {get_attr: [ContainersCommon, volumes]}
-
- /var/lib/kolla/config_files/swift_account_auditor.json:/var/lib/kolla/config_files/config.json:ro
- - /var/lib/config-data/swift/etc/swift:/etc/swift:rw
+ - /var/lib/config-data/puppet-generated/swift/:/var/lib/kolla/config_files/src:ro
- /run:/run
- /srv/node:/srv/node
- /dev:/dev
- {get_attr: [ContainersCommon, volumes]}
-
- /var/lib/kolla/config_files/swift_account_reaper.json:/var/lib/kolla/config_files/config.json:ro
- - /var/lib/config-data/swift/etc/swift:/etc/swift:rw
+ - /var/lib/config-data/puppet-generated/swift/:/var/lib/kolla/config_files/src:ro
- /run:/run
- /srv/node:/srv/node
- /dev:/dev
- {get_attr: [ContainersCommon, volumes]}
-
- /var/lib/kolla/config_files/swift_account_replicator.json:/var/lib/kolla/config_files/config.json:ro
- - /var/lib/config-data/swift/etc/swift:/etc/swift:rw
+ - /var/lib/config-data/puppet-generated/swift/:/var/lib/kolla/config_files/src:ro
- /run:/run
- /srv/node:/srv/node
- /dev:/dev
- {get_attr: [ContainersCommon, volumes]}
-
- /var/lib/kolla/config_files/swift_account_server.json:/var/lib/kolla/config_files/config.json:ro
- - /var/lib/config-data/swift/etc/swift:/etc/swift:rw
+ - /var/lib/config-data/puppet-generated/swift/:/var/lib/kolla/config_files/src:ro
- /run:/run
- /srv/node:/srv/node
- /dev:/dev
- {get_attr: [ContainersCommon, volumes]}
-
- /var/lib/kolla/config_files/swift_container_auditor.json:/var/lib/kolla/config_files/config.json:ro
- - /var/lib/config-data/swift/etc/swift:/etc/swift:rw
+ - /var/lib/config-data/puppet-generated/swift/:/var/lib/kolla/config_files/src:ro
- /run:/run
- /srv/node:/srv/node
- /dev:/dev
- {get_attr: [ContainersCommon, volumes]}
-
- /var/lib/kolla/config_files/swift_container_replicator.json:/var/lib/kolla/config_files/config.json:ro
- - /var/lib/config-data/swift/etc/swift:/etc/swift:rw
+ - /var/lib/config-data/puppet-generated/swift/:/var/lib/kolla/config_files/src:ro
- /run:/run
- /srv/node:/srv/node
- /dev:/dev
- {get_attr: [ContainersCommon, volumes]}
-
- /var/lib/kolla/config_files/swift_container_updater.json:/var/lib/kolla/config_files/config.json:ro
- - /var/lib/config-data/swift/etc/swift:/etc/swift:rw
+ - /var/lib/config-data/puppet-generated/swift/:/var/lib/kolla/config_files/src:ro
- /run:/run
- /srv/node:/srv/node
- /dev:/dev
- {get_attr: [ContainersCommon, volumes]}
-
- /var/lib/kolla/config_files/swift_container_server.json:/var/lib/kolla/config_files/config.json:ro
- - /var/lib/config-data/swift/etc/swift:/etc/swift:rw
+ - /var/lib/config-data/puppet-generated/swift/:/var/lib/kolla/config_files/src:ro
- /run:/run
- /srv/node:/srv/node
- /dev:/dev
- {get_attr: [ContainersCommon, volumes]}
-
- /var/lib/kolla/config_files/swift_object_auditor.json:/var/lib/kolla/config_files/config.json:ro
- - /var/lib/config-data/swift/etc/swift:/etc/swift:rw
+ - /var/lib/config-data/puppet-generated/swift/:/var/lib/kolla/config_files/src:ro
- /run:/run
- /srv/node:/srv/node
- /dev:/dev
- {get_attr: [ContainersCommon, volumes]}
-
- /var/lib/kolla/config_files/swift_object_expirer.json:/var/lib/kolla/config_files/config.json:ro
- - /var/lib/config-data/swift/etc/swift:/etc/swift:rw
+ - /var/lib/config-data/puppet-generated/swift/:/var/lib/kolla/config_files/src:ro
- /run:/run
- /srv/node:/srv/node
- /dev:/dev
- {get_attr: [ContainersCommon, volumes]}
-
- /var/lib/kolla/config_files/swift_object_replicator.json:/var/lib/kolla/config_files/config.json:ro
- - /var/lib/config-data/swift/etc/swift:/etc/swift:rw
+ - /var/lib/config-data/puppet-generated/swift/:/var/lib/kolla/config_files/src:ro
- /run:/run
- /srv/node:/srv/node
- /dev:/dev
- {get_attr: [ContainersCommon, volumes]}
-
- /var/lib/kolla/config_files/swift_object_updater.json:/var/lib/kolla/config_files/config.json:ro
- - /var/lib/config-data/swift/etc/swift:/etc/swift:rw
+ - /var/lib/config-data/puppet-generated/swift/:/var/lib/kolla/config_files/src:ro
- /run:/run
- /srv/node:/srv/node
- /dev:/dev
- {get_attr: [ContainersCommon, volumes]}
-
- /var/lib/kolla/config_files/swift_object_server.json:/var/lib/kolla/config_files/config.json:ro
- - /var/lib/config-data/swift/etc/swift:/etc/swift:rw
+ - /var/lib/config-data/puppet-generated/swift/:/var/lib/kolla/config_files/src:ro
- /run:/run
- /srv/node:/srv/node
- /dev:/dev
- /var/log/containers/swift:/var/log/swift
environment: *kolla_env
- swift_xinetd_rsync:
+ swift_rsync:
image: *swift_object_image
net: host
user: root
list_concat:
- {get_attr: [ContainersCommon, volumes]}
-
- - /var/lib/kolla/config_files/swift_xinetd_rsync.json:/var/lib/kolla/config_files/config.json:ro
- - /var/lib/config-data/swift/etc:/etc
+ - /var/lib/kolla/config_files/swift_rsync.json:/var/lib/kolla/config_files/config.json:ro
+ - /var/lib/config-data/puppet-generated/swift/:/var/lib/kolla/config_files/src:ro
- /run:/run
- /srv/node:/srv/node
- /dev:/dev
kolla_config:
/var/lib/kolla/config_files/tacker_api.json:
command: /usr/bin/tacker-server --config-file=/etc/tacker/tacker.conf --log-file=/var/log/tacker/api.log
+ config_files:
+ - source: "/var/lib/kolla/config_files/src/*"
+ dest: "/"
+ merge: true
+ preserve_properties: true
permissions:
- path: /var/log/tacker
owner: tacker:tacker
list_concat:
- {get_attr: [ContainersCommon, volumes]}
-
- - /var/lib/config-data/tacker/etc/:/etc/:ro
+ # FIXME(mandre) mounting /etc rw to workaround LP1696283
+ # This should go away anyway and mount the exact files it
+ # needs or use kolla set_configs.py
+ - /var/lib/config-data/tacker/etc/:/etc/
- /var/log/containers/tacker:/var/log/tacker
command: "/usr/bin/bootstrap_host_exec tacker su tacker -s /bin/bash -c 'tacker-db-manage --config-file /etc/tacker/tacker.conf upgrade head'"
step_4:
- {get_attr: [ContainersCommon, volumes]}
-
- /var/lib/kolla/config_files/tacker_api.json:/var/lib/kolla/config_files/config.json:ro
- - /var/lib/config-data/tacker/etc/tacker/:/etc/tacker/:ro
+ - /var/lib/config-data/puppet-generated/tacker/:/var/lib/kolla/config_files/src:ro
- /var/log/containers/tacker:/var/log/tacker
environment:
- KOLLA_CONFIG_STRATEGY=COPY_ALWAYS
kolla_config:
/var/lib/kolla/config_files/zaqar.json:
command: /usr/sbin/httpd -DFOREGROUND
+ config_files:
+ - source: "/var/lib/kolla/config_files/src/*"
+ dest: "/"
+ merge: true
+ preserve_properties: true
/var/lib/kolla/config_files/zaqar_websocket.json:
command: /usr/bin/zaqar-server --config-file /etc/zaqar/zaqar.conf --config-file /etc/zaqar/1.conf
+ config_files:
+ - source: "/var/lib/kolla/config_files/src/*"
+ dest: "/"
+ merge: true
+ preserve_properties: true
permissions:
- path: /var/log/zaqar
owner: zaqar:zaqar
- {get_attr: [ContainersCommon, volumes]}
-
- /var/lib/kolla/config_files/zaqar.json:/var/lib/kolla/config_files/config.json:ro
- - /var/lib/config-data/zaqar/etc/zaqar/:/etc/zaqar/:ro
- - /var/lib/config-data/zaqar/var/www/:/var/www/:ro
- - /var/lib/config-data/zaqar/etc/httpd/conf/:/etc/httpd/conf/:ro
- - /var/lib/config-data/zaqar/etc/httpd/conf.d/:/etc/httpd/conf.d/:ro
- - /var/lib/config-data/zaqar/etc/httpd/conf.modules.d/:/etc/httpd/conf.modules.d/:ro
+ - /var/lib/config-data/puppet-generated/zaqar/:/var/lib/kolla/config_files/src:ro
- /var/log/containers/zaqar:/var/log/zaqar
environment:
- KOLLA_CONFIG_STRATEGY=COPY_ALWAYS
- {get_attr: [ContainersCommon, volumes]}
-
- /var/lib/kolla/config_files/zaqar_websocket.json:/var/lib/kolla/config_files/config.json:ro
- - /var/lib/config-data/zaqar/etc/zaqar/:/etc/zaqar/:ro
- - /var/lib/config-data/zaqar/var/www/:/var/www/:ro
- - /var/lib/config-data/zaqar/etc/httpd/:/etc/httpd/:ro
+ - /var/lib/config-data/puppet-generated/zaqar/:/var/lib/kolla/config_files/src:ro
- /var/log/containers/zaqar:/var/log/zaqar
environment:
- KOLLA_CONFIG_STRATEGY=COPY_ALWAYS
OS::TripleO::Services::AodhNotifier: OS::Heat::None
OS::TripleO::Services::AodhListener: OS::Heat::None
OS::TripleO::Services::PankoApi: OS::Heat::None
+
+parameter_defaults:
+ NotificationDriver: 'noop'
--- /dev/null
+parameter_defaults:
+ # FIXME: Remove this when we uncomment at least one parameter in this file.
+ # It seems an environment file with empty parameter_defaults section has the
+ # potential to confuse Heat in a way that it doesn't deploy a single service
+ # on the overcloud in the multinode job.
+ # https://bugs.launchpad.net/tripleo/+bug/1703599
+ PlaceholderParameter: can be removed when we add a different param to this env file
+
+ #DockerAodhApiImage: 'tripleoupstream/centos-binary-aodh-api:latest'
+ #DockerAodhConfigImage: 'tripleoupstream/centos-binary-aodh-api:latest'
+ #DockerAodhEvaluatorImage: 'tripleoupstream/centos-binary-aodh-evaluator:latest'
+ #DockerAodhListenerImage: 'tripleoupstream/centos-binary-aodh-listener:latest'
+ #DockerAodhNotifierImage: 'tripleoupstream/centos-binary-aodh-notifier:latest'
+ #DockerCeilometerCentralImage: 'tripleoupstream/centos-binary-ceilometer-central:latest'
+ #DockerCeilometerComputeImage: 'tripleoupstream/centos-binary-ceilometer-compute:latest'
+ #DockerCeilometerConfigImage: 'tripleoupstream/centos-binary-ceilometer-central:latest'
+ #DockerCeilometerIpmiImage: 'tripleoupstream/centos-binary-ceilometer-ipmi:latest'
+ #DockerCeilometerNotificationImage: 'tripleoupstream/centos-binary-ceilometer-notification:latest'
+ #DockerCinderApiImage: 'tripleoupstream/centos-binary-cinder-api:latest'
+ #DockerCinderBackupImage: 'tripleoupstream/centos-binary-cinder-backup:latest'
+ #DockerCinderConfigImage: 'tripleoupstream/centos-binary-cinder-api:latest'
+ #DockerCinderSchedulerImage: 'tripleoupstream/centos-binary-cinder-scheduler:latest'
+ #DockerCinderVolumeImage: 'tripleoupstream/centos-binary-cinder-volume:latest'
+ #DockerClustercheckConfigImage: 'tripleoupstream/centos-binary-mariadb:latest'
+ #DockerClustercheckImage: 'tripleoupstream/centos-binary-mariadb:latest'
+ #DockerCollectdConfigImage: 'tripleoupstream/centos-binary-collectd:latest'
+ #DockerCollectdImage: 'tripleoupstream/centos-binary-collectd:latest'
+ #DockerCongressApiImage: 'tripleoupstream/centos-binary-congress-api:latest'
+ #DockerCongressConfigImage: 'tripleoupstream/centos-binary-congress-api:latest'
+ #DockerEc2ApiConfigImage: 'tripleoupstream/centos-binary-ec2-api:latest'
+ #DockerEc2ApiImage: 'tripleoupstream/centos-binary-ec2-api:latest'
+ #DockerEtcdConfigImage: 'tripleoupstream/centos-binary-etcd:latest'
+ #DockerEtcdImage: 'tripleoupstream/centos-binary-etcd:latest'
+ #DockerGlanceApiConfigImage: 'tripleoupstream/centos-binary-glance-api:latest'
+ #DockerGlanceApiImage: 'tripleoupstream/centos-binary-glance-api:latest'
+ #DockerGnocchiApiImage: 'tripleoupstream/centos-binary-gnocchi-api:latest'
+ #DockerGnocchiConfigImage: 'tripleoupstream/centos-binary-gnocchi-api:latest'
+ #DockerGnocchiMetricdImage: 'tripleoupstream/centos-binary-gnocchi-metricd:latest'
+ #DockerGnocchiStatsdImage: 'tripleoupstream/centos-binary-gnocchi-statsd:latest'
+ #DockerHAProxyConfigImage: 'tripleoupstream/centos-binary-haproxy:latest'
+ #DockerHAProxyImage: 'tripleoupstream/centos-binary-haproxy:latest'
+ #DockerHeatApiCfnConfigImage: 'tripleoupstream/centos-binary-heat-api-cfn:latest'
+ #DockerHeatApiCfnImage: 'tripleoupstream/centos-binary-heat-api-cfn:latest'
+ #DockerHeatApiConfigImage: 'tripleoupstream/centos-binary-heat-api:latest'
+ #DockerHeatApiImage: 'tripleoupstream/centos-binary-heat-api:latest'
+ #DockerHeatConfigImage: 'tripleoupstream/centos-binary-heat-api:latest'
+ #DockerHeatEngineImage: 'tripleoupstream/centos-binary-heat-engine:latest'
+ #DockerHorizonConfigImage: 'tripleoupstream/centos-binary-horizon:latest'
+ #DockerHorizonImage: 'tripleoupstream/centos-binary-horizon:latest'
+ #DockerIronicApiImage: 'tripleoupstream/centos-binary-ironic-api:latest'
+ #DockerIronicConductorImage: 'tripleoupstream/centos-binary-ironic-conductor:latest'
+ #DockerIronicConfigImage: 'tripleoupstream/centos-binary-ironic-pxe:latest'
+ #DockerIronicPxeImage: 'tripleoupstream/centos-binary-ironic-pxe:latest'
+ #DockerIscsidConfigImage: 'tripleoupstream/centos-binary-iscsid:latest'
+ #DockerIscsidImage: 'tripleoupstream/centos-binary-iscsid:latest'
+ #DockerKeystoneConfigImage: 'tripleoupstream/centos-binary-keystone:latest'
+ #DockerKeystoneImage: 'tripleoupstream/centos-binary-keystone:latest'
+ #DockerManilaApiImage: 'tripleoupstream/centos-binary-manila-api:latest'
+ #DockerManilaConfigImage: 'tripleoupstream/centos-binary-manila-api:latest'
+ #DockerManilaSchedulerImage: 'tripleoupstream/centos-binary-manila-scheduler:latest'
+ #DockerMemcachedConfigImage: 'tripleoupstream/centos-binary-memcached:latest'
+ #DockerMemcachedImage: 'tripleoupstream/centos-binary-memcached:latest'
+ #DockerMistralApiImage: 'tripleoupstream/centos-binary-mistral-api:latest'
+ #DockerMistralConfigImage: 'tripleoupstream/centos-binary-mistral-api:latest'
+ #DockerMistralEngineImage: 'tripleoupstream/centos-binary-mistral-engine:latest'
+ #DockerMistralExecutorImage: 'tripleoupstream/centos-binary-mistral-executor:latest'
+ #DockerMongodbConfigImage: 'tripleoupstream/centos-binary-mongodb:latest'
+ #DockerMongodbImage: 'tripleoupstream/centos-binary-mongodb:latest'
+ #DockerMultipathdConfigImage: 'tripleoupstream/centos-binary-multipathd:latest'
+ #DockerMultipathdImage: 'tripleoupstream/centos-binary-multipathd:latest'
+ #DockerMysqlClientConfigImage: 'tripleoupstream/centos-binary-mariadb:latest'
+ #DockerMysqlConfigImage: 'tripleoupstream/centos-binary-mariadb:latest'
+ #DockerMysqlImage: 'tripleoupstream/centos-binary-mariadb:latest'
+ #DockerNeutronApiImage: 'tripleoupstream/centos-binary-neutron-server:latest'
+ #DockerNeutronConfigImage: 'tripleoupstream/centos-binary-neutron-server:latest'
+ #DockerNeutronDHCPImage: 'tripleoupstream/centos-binary-neutron-dhcp-agent:latest'
+ #DockerNeutronL3AgentImage: 'tripleoupstream/centos-binary-neutron-l3-agent:latest'
+ #DockerNeutronMetadataImage: 'tripleoupstream/centos-binary-neutron-metadata-agent:latest'
+ #DockerNovaApiImage: 'tripleoupstream/centos-binary-nova-api:latest'
+ #DockerNovaComputeImage: 'tripleoupstream/centos-binary-nova-compute:latest'
+ #DockerNovaComputeIronicImage: 'tripleoupstream/centos-binary-nova-compute-ironic:latest'
+ #DockerNovaConductorImage: 'tripleoupstream/centos-binary-nova-conductor:latest'
+ #DockerNovaConfigImage: 'tripleoupstream/centos-binary-nova-base:latest'
+ #DockerNovaConsoleauthImage: 'tripleoupstream/centos-binary-nova-consoleauth:latest'
+ #DockerNovaLibvirtConfigImage: 'tripleoupstream/centos-binary-nova-compute:latest'
+ #DockerNovaLibvirtImage: 'tripleoupstream/centos-binary-nova-libvirt:latest'
+ #DockerNovaPlacementConfigImage: 'tripleoupstream/centos-binary-nova-placement-api:latest'
+ #DockerNovaPlacementImage: 'tripleoupstream/centos-binary-nova-placement-api:latest'
+ #DockerNovaSchedulerImage: 'tripleoupstream/centos-binary-nova-scheduler:latest'
+ #DockerNovaVncProxyImage: 'tripleoupstream/centos-binary-nova-novncproxy:latest'
+ #DockerOctaviaApiImage: 'tripleoupstream/centos-binary-octavia-api:latest'
+ #DockerOctaviaConfigImage: 'tripleoupstream/centos-binary-octavia-api:latest'
+ #DockerOctaviaHealthManagerImage: 'tripleoupstream/centos-binary-octavia-health-manager:latest'
+ #DockerOctaviaHousekeepingImage: 'tripleoupstream/centos-binary-octavia-housekeeping:latest'
+ #DockerOctaviaWorkerImage: 'tripleoupstream/centos-binary-octavia-worker:latest'
+ #DockerOpenvswitchImage: 'tripleoupstream/centos-binary-neutron-openvswitch-agent:latest'
+ #DockerPankoApiImage: 'tripleoupstream/centos-binary-panko-api:latest'
+ #DockerPankoConfigImage: 'tripleoupstream/centos-binary-panko-api:latest'
+ #DockerRabbitmqConfigImage: 'tripleoupstream/centos-binary-rabbitmq:latest'
+ #DockerRabbitmqImage: 'tripleoupstream/centos-binary-rabbitmq:latest'
+ #DockerRedisConfigImage: 'tripleoupstream/centos-binary-redis:latest'
+ #DockerRedisImage: 'tripleoupstream/centos-binary-redis:latest'
+ #DockerSaharaApiImage: 'tripleoupstream/centos-binary-sahara-api:latest'
+ #DockerSaharaConfigImage: 'tripleoupstream/centos-binary-sahara-api:latest'
+ #DockerSaharaEngineImage: 'tripleoupstream/centos-binary-sahara-engine:latest'
+ #DockerSensuClientImage: 'tripleoupstream/centos-binary-sensu-client:latest'
+ #DockerSensuConfigImage: 'tripleoupstream/centos-binary-sensu-client:latest'
+ #DockerSwiftAccountImage: 'tripleoupstream/centos-binary-swift-account:latest'
+ #DockerSwiftConfigImage: 'tripleoupstream/centos-binary-swift-proxy-server:latest'
+ #DockerSwiftContainerImage: 'tripleoupstream/centos-binary-swift-container:latest'
+ #DockerSwiftObjectImage: 'tripleoupstream/centos-binary-swift-object:latest'
+ #DockerSwiftProxyImage: 'tripleoupstream/centos-binary-swift-proxy-server:latest'
+ #DockerTackerConfigImage: 'tripleoupstream/centos-binary-tacker:latest'
+ #DockerTackerImage: 'tripleoupstream/centos-binary-tacker:latest'
+ #DockerZaqarConfigImage: 'tripleoupstream/centos-binary-zaqar:latest'
+ #DockerZaqarImage: 'tripleoupstream/centos-binary-zaqar:latest'
OS::TripleO::PostDeploySteps: ../docker/post.yaml
OS::TripleO::PostUpgradeSteps: ../docker/post-upgrade.yaml
-
-parameter_defaults:
- # To specify a local docker registry, enable these
- # where 192.168.24.1 is the host running docker-distribution
- #DockerNamespace: 192.168.24.1:8787/tripleoupstream
- #DockerNamespaceIsRegistry: true
-
- ComputeServices:
- - OS::TripleO::Services::CACerts
- - OS::TripleO::Services::CertmongerUser
- - OS::TripleO::Services::NovaCompute
- - OS::TripleO::Services::NovaLibvirt
- - OS::TripleO::Services::ComputeNeutronOvsAgent
- - OS::TripleO::Services::Docker
- - OS::TripleO::Services::Sshd
OS::TripleO::Compute::NodeUserData: ../docker/firstboot/setup_docker_host.yaml
OS::TripleO::Services::Docker: ../puppet/services/docker.yaml
+ # Default Neutron ML2 puppet plugin to use when NeutronCorePlugin is set to ML2
+ OS::TripleO::Docker::NeutronMl2PluginBase: ../puppet/services/neutron-plugin-ml2.yaml
#NOTE (dprince) add roles to be docker enabled as we support them
OS::TripleO::Services::NovaLibvirt: ../docker/services/nova-libvirt.yaml
OS::TripleO::PostDeploySteps: ../docker/post.yaml
OS::TripleO::PostUpgradeSteps: ../docker/post-upgrade.yaml
-
-parameter_defaults:
- # To specify a local docker registry, enable these
- # where 192.168.24.1 is the host running docker-distribution
- #DockerNamespace: 192.168.24.1:8787/tripleoupstream
- #DockerNamespaceIsRegistry: true
-
- ComputeServices:
- - OS::TripleO::Services::NovaCompute
- - OS::TripleO::Services::NovaLibvirt
- - OS::TripleO::Services::ComputeNeutronOvsAgent
- - OS::TripleO::Services::Docker
- - OS::TripleO::Services::CeilometerAgentCompute
- - OS::TripleO::Services::Sshd
UpgradeLevelNovaCompute: auto
UpgradeInitCommonCommand: |
#!/bin/bash
+ set -eu
# Ocata to Pike, put any needed host-level workarounds here
+ yum install -y ansible-pacemaker
NeutronBigswitchRestproxyServerAuth:
NeutronMechanismDrivers: openvswitch,bsn_ml2
NeutronServicePlugins: bsn_l3,bsn_service_plugin
- KeystoneNotificationDriver: messaging
# Optional:
# NeutronBigswitchRestproxyAutoSyncOnFailure:
OS::TripleO::DefaultPasswords: OS::Heat::None
OS::TripleO::RandomString: OS::Heat::None
OS::TripleO::AllNodesDeployment: OS::Heat::None
+ OS::TripleO::DeployedServerEnvironment: ../deployed-server/deployed-server-environment-output.yaml
parameter_defaults:
# Deploy no services
+resource_registry:
+ OS::TripleO::DeployedServerEnvironment: ../deployed-server/deployed-server-environment-output.yaml
+
parameter_defaults:
# Consistent Hostname format
ControllerDeployedServerHostnameFormat: overcloud-controller-%index%
resource_registry:
- OS::TripleO::Services::Congress: ../../docker/services/congress-api.yaml
+ OS::TripleO::Services::Congress: ../../docker/services/congress.yaml
resource_registry:
OS::TripleO::Services::ManilaApi: ../../docker/services/manila-api.yaml
OS::TripleO::Services::ManilaScheduler: ../../docker/services/manila-scheduler.yaml
+ OS::TripleO::Services::ManilaShare: ../../docker/services/manila-share.yaml
--- /dev/null
+# A Heat environment that can be used to deploy OpenDaylight with L3 DVR using Docker containers
+resource_registry:
+ OS::TripleO::Services::NeutronOvsAgent: OS::Heat::None
+ OS::TripleO::Services::ComputeNeutronOvsAgent: OS::Heat::None
+ OS::TripleO::Services::ComputeNeutronCorePlugin: OS::Heat::None
+ OS::TripleO::Services::OpenDaylightApi: ../../docker/services/opendaylight-api.yaml
+ OS::TripleO::Services::OpenDaylightOvs: ../../puppet/services/opendaylight-ovs.yaml
+ OS::TripleO::Services::NeutronL3Agent: OS::Heat::None
+ OS::TripleO::Docker::NeutronMl2PluginBase: ../../puppet/services/neutron-plugin-ml2-odl.yaml
+
+parameter_defaults:
+ NeutronEnableForceMetadata: true
+ NeutronMechanismDrivers: 'opendaylight_v2'
+ NeutronServicePlugins: 'odl-router_v2,trunk'
+ DockerNeutronApiImage: 'centos-binary-neutron-server-opendaylight:latest'
+ DockerNeutronConfigImage: 'centos-binary-neutron-server-opendaylight:latest'
--- /dev/null
+# A Heat environment file that can be used to deploy Neutron LBaaSv2 service
+#
+# Currently there are only two interface drivers for Neutron LBaaSv2
+# The default option is the standard OVS driver the other option is to be used
+# when linux bridges are used instead of OVS
+# In order to enable other backend, replace the content of NeutronLbaasInterfaceDriver
+#
+# - OVS: neutron.agent.linux.interface.OVSInterfaceDriver
+# - LinuxBridges: neutron.agent.linux.interface.BridgeInterfaceDriver
+resource_registry:
+ OS::TripleO::Services::NeutronLbaas: ../puppet/services/neutron-lbaas.yaml
+
+parameter_defaults:
+ NeutronLbaasInterfaceDriver: "neutron.agent.linux.interface.OVSInterfaceDriver"
+ NeutronLbaasDeviceDriver: "neutron.services.loadbalancer.drivers.haproxy.namespace_driver.HaproxyNSDriver"
+ NeutronServiceProviders: ['LOADBALANCERV2:Haproxy:neutron_lbaas.drivers.haproxy.plugin_driver.HaproxyOnHostPluginDriver:default']
+
# Type: string
CinderNetappLogin: <None>
+ #
+ # Type: string
+ CinderNetappNasSecureFileOperations: false
+
+ #
+ # Type: string
+ CinderNetappNasSecureFilePermissions: false
+
#
# Type: string
CinderNetappNfsMountOptions: ''
description: |
When enabled, the system will perform a yum update after performing the
RHEL Registration process.
+ deployment_actions:
+ default: ['CREATE', 'UPDATE']
+ type: comma_delimited_list
+ description: >
+ List of stack actions that will trigger any deployments in this
+ templates. The actions will be an empty list of the server is in the
+ toplevel DeploymentServerBlacklist parameter's value.
+
+conditions:
+ deployment_actions_empty:
+ equals:
+ - {get_param: deployment_actions}
+ - []
resources:
name: RHELUnregistrationDeployment
server: {get_param: server}
config: {get_resource: RHELUnregistration}
- actions: ['DELETE'] # Only do this on DELETE
+ actions:
+ if:
+ - deployment_actions_empty
+ - []
+ - ['DELETE'] # Only do this on DELETE
input_values:
REG_METHOD: {get_param: rhel_reg_method}
name: UpdateDeploymentAfterRHELRegistration
config: {get_resource: YumUpdateConfigurationAfterRHELRegistration}
server: {get_param: server}
- actions: ['CREATE'] # Only do this on CREATE
+ actions:
+ if:
+ - deployment_actions_empty
+ - []
+ - ['CREATE'] # Only do this on CREATE
outputs:
deploy_stdout:
parameters:
server:
type: string
+ deployment_actions:
+ default: ['CREATE', 'UPDATE']
+ type: comma_delimited_list
+ description: >
+ List of stack actions that will trigger any deployments in this
+ templates. The actions will be an empty list of the server is in the
+ toplevel DeploymentServerBlacklist parameter's value.
+
+conditions:
+ deployment_actions_empty:
+ equals:
+ - {get_param: deployment_actions}
+ - []
resources:
name: SomeDeployment
server: {get_param: server}
config: {get_resource: SomeConfig}
+ actions:
+ if:
+ - deployment_actions_empty
+ - []
+ - ['CREATE'] # Only do this on CREATE
actions: ['CREATE'] # Only do this on CREATE
RebootConfig:
name: RebootDeployment
server: {get_param: server}
config: {get_resource: RebootConfig}
- actions: ['CREATE'] # Only do this on CREATE
+ actions:
+ if:
+ - deployment_actions_empty
+ - []
+ - ['CREATE'] # Only do this on CREATE
signal_transport: NO_SIGNAL
{{role}}HostCpusList:
type: string
default: ""
+ deployment_actions:
+ default: ['CREATE', 'UPDATE']
+ type: comma_delimited_list
+ description: >
+ List of stack actions that will trigger any deployments in this
+ templates. The actions will be an empty list of the server is in the
+ toplevel DeploymentServerBlacklist parameter's value.
parameter_group:
- label: deprecated
equals:
- get_param: {{role}}TunedProfileName
- ""
+ deployment_actions_empty:
+ equals:
+ - {get_param: deployment_actions}
+ - []
resources:
name: HostParametersDeployment
server: {get_param: server}
config: {get_resource: HostParametersConfig}
- actions: ['CREATE'] # Only do this on CREATE
+ actions:
+ if:
+ - deployment_actions_empty
+ - []
+ - ['CREATE'] # Only do this on CREATE
input_values:
_KERNEL_ARGS_: {get_param: {{role}}KernelArgs}
_TUNED_PROFILE_NAME_: {get_param: {{role}}TunedProfileName}
name: RebootDeployment
server: {get_param: server}
config: {get_resource: RebootConfig}
- actions: ['CREATE'] # Only do this on CREATE
+ actions:
+ if:
+ - deployment_actions_empty
+ - []
+ - ['CREATE'] # Only do this on CREATE
signal_transport: NO_SIGNAL
outputs:
default: "vfio-pci"
description: DPDK Driver type
type: string
+ deployment_actions:
+ default: ['CREATE', 'UPDATE']
+ type: comma_delimited_list
+ description: >
+ List of stack actions that will trigger any deployments in this
+ templates. The actions will be an empty list of the server is in the
+ toplevel DeploymentServerBlacklist parameter's value.
conditions:
is_host_config_required: {not: {equals: [{get_param: [RoleParameters, KernelArgs]}, ""]}}
socket_mem_empty: {equals: [{get_param: OvsDpdkSocketMemory}, '']}
driver_not_set: {equals: [{get_param: OvsDpdkDriverType}, 'vfio-pci']}
isol_cpus_empty: {equals: [{get_param: IsolCpusList}, '0']}
+ deployment_actions_empty:
+ equals:
+ - {get_param: deployment_actions}
+ - []
resources:
RoleParametersValue:
name: HostParametersDeployment
server: {get_param: server}
config: {get_resource: HostParametersConfig}
- actions: ['CREATE'] # Only do this on CREATE
+ actions:
+ if:
+ - deployment_actions_empty
+ - []
+ - ['CREATE'] # Only do this on CREATE
input_values:
_KERNEL_ARGS_: {get_param: [RoleParameters, KernelArgs]}
_TUNED_PROFILE_NAME_: {get_param: [RoleParameters, TunedProfileName]}
name: RebootDeployment
server: {get_param: server}
config: {get_resource: RebootConfig}
- actions: ['CREATE'] # Only do this on CREATE
+ actions:
+ if:
+ - deployment_actions_empty
+ - []
+ - ['CREATE'] # Only do this on CREATE
signal_transport: NO_SIGNAL
outputs:
server:
description: ID of the node to apply this config to
type: string
+ deployment_actions:
+ default: ['CREATE', 'UPDATE']
+ type: comma_delimited_list
+ description: >
+ List of stack actions that will trigger any deployments in this
+ templates. The actions will be an empty list of the server is in the
+ toplevel DeploymentServerBlacklist parameter's value.
resources:
SshHostPubKeyConfig:
properties:
config: {get_resource: SshHostPubKeyConfig}
server: {get_param: server}
+ actions: {get_param: deployment_actions}
outputs:
addresses:
- ip_netmask:
get_param: StorageIpSubnet
+ # Uncomment when including environments/hyperconverged-ceph.yaml
+ #- type: vlan
+ # device: bond1
+ # vlan_id: {get_param: StorageMgmtNetworkVlanID}
+ # addresses:
+ # - ip_netmask: {get_param: StorageMgmtIpSubnet}
- type: vlan
device: bond1
vlan_id:
# Uncomment when including environments/network-management.yaml
# If setting default route on the Management interface, comment
# out the default route on the Control Plane.
- #-
- # type: vlan
+ #- type: vlan
# device: bond1
# vlan_id: {get_param: ManagementNetworkVlanID}
# addresses:
- # -
- # ip_netmask: {get_param: ManagementIpSubnet}
+ # - ip_netmask: {get_param: ManagementIpSubnet}
# routes:
- # -
- # default: true
+ # - default: true
# next_hop: {get_param: ManagementInterfaceDefaultRoute}
outputs:
OS::stack_id:
--- /dev/null
+heat_template_version: pike
+description: >
+ Software Config to drive os-net-config with 2 bonded nics on a bridge with VLANs attached for a dedicated Neutron networker role.
+parameters:
+ ControlPlaneIp:
+ default: ''
+ description: IP address/subnet on the ctlplane network
+ type: string
+ ExternalIpSubnet:
+ default: ''
+ description: IP address/subnet on the external network
+ type: string
+ InternalApiIpSubnet:
+ default: ''
+ description: IP address/subnet on the internal API network
+ type: string
+ StorageIpSubnet:
+ default: ''
+ description: IP address/subnet on the storage network
+ type: string
+ StorageMgmtIpSubnet:
+ default: ''
+ description: IP address/subnet on the storage mgmt network
+ type: string
+ TenantIpSubnet:
+ default: ''
+ description: IP address/subnet on the tenant network
+ type: string
+ ManagementIpSubnet: # Only populated when including environments/network-management.yaml
+ default: ''
+ description: IP address/subnet on the management network
+ type: string
+ BondInterfaceOvsOptions:
+ default: bond_mode=active-backup
+ description: The ovs_options string for the bond interface. Set things like lacp=active and/or bond_mode=balance-slb using
+ this option.
+ type: string
+ constraints:
+ - allowed_pattern: ^((?!balance.tcp).)*$
+ description: 'The balance-tcp bond mode is known to cause packet loss and
+ should not be used in BondInterfaceOvsOptions.
+ '
+ ExternalNetworkVlanID:
+ default: 10
+ description: Vlan ID for the external network traffic.
+ type: number
+ InternalApiNetworkVlanID:
+ default: 20
+ description: Vlan ID for the internal_api network traffic.
+ type: number
+ StorageNetworkVlanID:
+ default: 30
+ description: Vlan ID for the storage network traffic.
+ type: number
+ StorageMgmtNetworkVlanID:
+ default: 40
+ description: Vlan ID for the storage mgmt network traffic.
+ type: number
+ TenantNetworkVlanID:
+ default: 50
+ description: Vlan ID for the tenant network traffic.
+ type: number
+ ManagementNetworkVlanID:
+ default: 60
+ description: Vlan ID for the management network traffic.
+ type: number
+ ControlPlaneDefaultRoute: # Override this via parameter_defaults
+ description: The default route of the control plane network.
+ type: string
+ ExternalInterfaceDefaultRoute:
+ default: 10.0.0.1
+ description: default route for the external network
+ type: string
+ ManagementInterfaceDefaultRoute: # Commented out by default in this template
+ default: unset
+ description: The default route of the management network.
+ type: string
+ ControlPlaneSubnetCidr: # Override this via parameter_defaults
+ default: '24'
+ description: The subnet CIDR of the control plane network.
+ type: string
+ DnsServers: # Override this via parameter_defaults
+ default: []
+ description: A list of DNS servers (2 max for some implementations) that will be added to resolv.conf.
+ type: comma_delimited_list
+ EC2MetadataIp: # Override this via parameter_defaults
+ description: The IP address of the EC2 metadata server.
+ type: string
+resources:
+ OsNetConfigImpl:
+ type: OS::Heat::SoftwareConfig
+ properties:
+ group: script
+ config:
+ str_replace:
+ template:
+ get_file: ../../scripts/run-os-net-config.sh
+ params:
+ $network_config:
+ network_config:
+ - type: interface
+ name: nic1
+ use_dhcp: false
+ addresses:
+ - ip_netmask:
+ list_join:
+ - /
+ - - get_param: ControlPlaneIp
+ - get_param: ControlPlaneSubnetCidr
+ routes:
+ - ip_netmask: 169.254.169.254/32
+ next_hop:
+ get_param: EC2MetadataIp
+ - type: ovs_bridge
+ name: bridge_name
+ dns_servers:
+ get_param: DnsServers
+ members:
+ - type: ovs_bond
+ name: bond1
+ ovs_options:
+ get_param: BondInterfaceOvsOptions
+ members:
+ - type: interface
+ name: nic2
+ primary: true
+ - type: interface
+ name: nic3
+ - type: vlan
+ device: bond1
+ vlan_id:
+ get_param: ExternalNetworkVlanID
+ addresses:
+ - ip_netmask:
+ get_param: ExternalIpSubnet
+ routes:
+ - default: true
+ next_hop:
+ get_param: ExternalInterfaceDefaultRoute
+ - type: vlan
+ device: bond1
+ vlan_id:
+ get_param: InternalApiNetworkVlanID
+ addresses:
+ - ip_netmask:
+ get_param: InternalApiIpSubnet
+ - type: vlan
+ device: bond1
+ vlan_id:
+ get_param: TenantNetworkVlanID
+ addresses:
+ - ip_netmask:
+ get_param: TenantIpSubnet
+ # Uncomment when including environments/network-management.yaml
+ # If setting default route on the Management interface, comment
+ # out the default route on the External interface. This will
+ # make the External API unreachable from remote subnets.
+ #-
+ # type: vlan
+ # device: bond1
+ # vlan_id: {get_param: ManagementNetworkVlanID}
+ # addresses:
+ # -
+ # ip_netmask: {get_param: ManagementIpSubnet}
+ # routes:
+ # -
+ # default: true
+ # next_hop: {get_param: ManagementInterfaceDefaultRoute}
+outputs:
+ OS::stack_id:
+ description: The OsNetConfigImpl resource.
+ value:
+ get_resource: OsNetConfigImpl
+
addresses:
- ip_netmask:
get_param: StorageIpSubnet
+ # Uncomment when including environments/hyperconverged-ceph.yaml
+ #- type: interface
+ # name: nic3
+ # use_dhcp: false
+ # addresses:
+ # - ip_netmask: {get_param: StorageMgmtIpSubnet}
- type: interface
name: nic4
use_dhcp: false
# Uncomment when including environments/network-management.yaml
# If setting default route on the Management interface, comment
# out the default route on the Control Plane.
- #-
- # type: interface
+ #- type: interface
# name: nic7
# use_dhcp: false
# addresses:
- # -
- # ip_netmask: {get_param: ManagementIpSubnet}
+ # - ip_netmask: {get_param: ManagementIpSubnet}
# routes:
- # -
- # default: true
+ # - default: true
# next_hop: {get_param: ManagementInterfaceDefaultRoute}
outputs:
OS::stack_id:
--- /dev/null
+heat_template_version: pike
+description: >
+ Software Config to drive os-net-config to configure multiple interfaces for a dedicated Neutron networker role.
+parameters:
+ ControlPlaneIp:
+ default: ''
+ description: IP address/subnet on the ctlplane network
+ type: string
+ ExternalIpSubnet:
+ default: ''
+ description: IP address/subnet on the external network
+ type: string
+ InternalApiIpSubnet:
+ default: ''
+ description: IP address/subnet on the internal API network
+ type: string
+ StorageIpSubnet:
+ default: ''
+ description: IP address/subnet on the storage network
+ type: string
+ StorageMgmtIpSubnet:
+ default: ''
+ description: IP address/subnet on the storage mgmt network
+ type: string
+ TenantIpSubnet:
+ default: ''
+ description: IP address/subnet on the tenant network
+ type: string
+ ManagementIpSubnet: # Only populated when including environments/network-management.yaml
+ default: ''
+ description: IP address/subnet on the management network
+ type: string
+ ExternalNetworkVlanID:
+ default: 10
+ description: Vlan ID for the external network traffic.
+ type: number
+ InternalApiNetworkVlanID:
+ default: 20
+ description: Vlan ID for the internal_api network traffic.
+ type: number
+ StorageNetworkVlanID:
+ default: 30
+ description: Vlan ID for the storage network traffic.
+ type: number
+ StorageMgmtNetworkVlanID:
+ default: 40
+ description: Vlan ID for the storage mgmt network traffic.
+ type: number
+ TenantNetworkVlanID:
+ default: 50
+ description: Vlan ID for the tenant network traffic.
+ type: number
+ ManagementNetworkVlanID:
+ default: 60
+ description: Vlan ID for the management network traffic.
+ type: number
+ ControlPlaneSubnetCidr: # Override this via parameter_defaults
+ default: '24'
+ description: The subnet CIDR of the control plane network.
+ type: string
+ ControlPlaneDefaultRoute: # Override this via parameter_defaults
+ description: The default route of the control plane network.
+ type: string
+ ExternalInterfaceDefaultRoute:
+ default: 10.0.0.1
+ description: default route for the external network
+ type: string
+ ManagementInterfaceDefaultRoute: # Commented out by default in this template
+ default: unset
+ description: The default route of the management network.
+ type: string
+ DnsServers: # Override this via parameter_defaults
+ default: []
+ description: A list of DNS servers (2 max for some implementations) that will be added to resolv.conf.
+ type: comma_delimited_list
+ EC2MetadataIp: # Override this via parameter_defaults
+ description: The IP address of the EC2 metadata server.
+ type: string
+resources:
+ OsNetConfigImpl:
+ type: OS::Heat::SoftwareConfig
+ properties:
+ group: script
+ config:
+ str_replace:
+ template:
+ get_file: ../../scripts/run-os-net-config.sh
+ params:
+ $network_config:
+ network_config:
+ - type: interface
+ name: nic1
+ use_dhcp: false
+ dns_servers:
+ get_param: DnsServers
+ addresses:
+ - ip_netmask:
+ list_join:
+ - /
+ - - get_param: ControlPlaneIp
+ - get_param: ControlPlaneSubnetCidr
+ routes:
+ - ip_netmask: 169.254.169.254/32
+ next_hop:
+ get_param: EC2MetadataIp
+ - type: interface
+ name: nic4
+ use_dhcp: false
+ addresses:
+ - ip_netmask:
+ get_param: InternalApiIpSubnet
+ - type: ovs_bridge
+ name: br-tenant
+ use_dhcp: false
+ addresses:
+ - ip_netmask:
+ get_param: TenantIpSubnet
+ members:
+ - type: interface
+ name: nic5
+ use_dhcp: false
+ primary: true
+ - type: ovs_bridge
+ name: bridge_name
+ dns_servers:
+ get_param: DnsServers
+ use_dhcp: false
+ addresses:
+ - ip_netmask:
+ get_param: ExternalIpSubnet
+ routes:
+ - default: true
+ next_hop:
+ get_param: ExternalInterfaceDefaultRoute
+ members:
+ - type: interface
+ name: nic6
+ primary: true
+ # Uncomment when including environments/network-management.yaml
+ # If setting default route on the Management interface, comment
+ # out the default route on the External interface. This will
+ # make the External API unreachable from remote subnets.
+ #-
+ # type: interface
+ # name: nic7
+ # use_dhcp: false
+ # addresses:
+ # -
+ # ip_netmask: {get_param: ManagementIpSubnet}
+ # routes:
+ # -
+ # default: true
+ # next_hop: {get_param: ManagementInterfaceDefaultRoute}
+outputs:
+ OS::stack_id:
+ description: The OsNetConfigImpl resource.
+ value:
+ get_resource: OsNetConfigImpl
+
addresses:
- ip_netmask:
get_param: StorageIpSubnet
+ # Uncomment when including environments/hyperconverged-ceph.yaml
+ #- type: vlan
+ # vlan_id: {get_param: StorageMgmtNetworkVlanID}
+ # device: bridge_name
+ # addresses:
+ # - ip_netmask: {get_param: StorageMgmtIpSubnet}
- type: vlan
vlan_id:
get_param: TenantNetworkVlanID
# Uncomment when including environments/network-management.yaml
# If setting default route on the Management interface, comment
# out the default route on the Control Plane.
- #-
- # type: vlan
+ #- type: vlan
# vlan_id: {get_param: ManagementNetworkVlanID}
# device: bridge_name
# addresses:
- # -
- # ip_netmask: {get_param: ManagementIpSubnet}
+ # - ip_netmask: {get_param: ManagementIpSubnet}
# routes:
- # -
- # default: true
+ # - default: true
# next_hop: {get_param: ManagementInterfaceDefaultRoute}
outputs:
OS::stack_id:
--- /dev/null
+heat_template_version: pike
+description: >
+ Software Config to drive os-net-config to configure VLANs for a dedicated Neutron networker role.
+parameters:
+ ControlPlaneIp:
+ default: ''
+ description: IP address/subnet on the ctlplane network
+ type: string
+ ExternalIpSubnet:
+ default: ''
+ description: IP address/subnet on the external network
+ type: string
+ InternalApiIpSubnet:
+ default: ''
+ description: IP address/subnet on the internal API network
+ type: string
+ StorageIpSubnet:
+ default: ''
+ description: IP address/subnet on the storage network
+ type: string
+ StorageMgmtIpSubnet:
+ default: ''
+ description: IP address/subnet on the storage mgmt network
+ type: string
+ TenantIpSubnet:
+ default: ''
+ description: IP address/subnet on the tenant network
+ type: string
+ ManagementIpSubnet: # Only populated when including environments/network-management.yaml
+ default: ''
+ description: IP address/subnet on the management network
+ type: string
+ ExternalNetworkVlanID:
+ default: 10
+ description: Vlan ID for the external network traffic.
+ type: number
+ InternalApiNetworkVlanID:
+ default: 20
+ description: Vlan ID for the internal_api network traffic.
+ type: number
+ StorageNetworkVlanID:
+ default: 30
+ description: Vlan ID for the storage network traffic.
+ type: number
+ StorageMgmtNetworkVlanID:
+ default: 40
+ description: Vlan ID for the storage mgmt network traffic.
+ type: number
+ TenantNetworkVlanID:
+ default: 50
+ description: Vlan ID for the tenant network traffic.
+ type: number
+ ManagementNetworkVlanID:
+ default: 60
+ description: Vlan ID for the management network traffic.
+ type: number
+ ControlPlaneDefaultRoute: # Override this via parameter_defaults
+ description: The default route of the control plane network.
+ type: string
+ ExternalInterfaceDefaultRoute:
+ default: 10.0.0.1
+ description: default route for the external network
+ type: string
+ ManagementInterfaceDefaultRoute: # Commented out by default in this template
+ default: unset
+ description: The default route of the management network.
+ type: string
+ ControlPlaneSubnetCidr: # Override this via parameter_defaults
+ default: '24'
+ description: The subnet CIDR of the control plane network.
+ type: string
+ DnsServers: # Override this via parameter_defaults
+ default: []
+ description: A list of DNS servers (2 max for some implementations) that will be added to resolv.conf.
+ type: comma_delimited_list
+ EC2MetadataIp: # Override this via parameter_defaults
+ description: The IP address of the EC2 metadata server.
+ type: string
+resources:
+ OsNetConfigImpl:
+ type: OS::Heat::SoftwareConfig
+ properties:
+ group: script
+ config:
+ str_replace:
+ template:
+ get_file: ../../scripts/run-os-net-config.sh
+ params:
+ $network_config:
+ network_config:
+ - type: linux_bridge
+ name: bridge_name
+ use_dhcp: false
+ dns_servers:
+ get_param: DnsServers
+ addresses:
+ - ip_netmask:
+ list_join:
+ - /
+ - - get_param: ControlPlaneIp
+ - get_param: ControlPlaneSubnetCidr
+ routes:
+ - ip_netmask: 169.254.169.254/32
+ next_hop:
+ get_param: EC2MetadataIp
+ - default: true
+ next_hop:
+ get_param: ControlPlaneDefaultRoute
+ members:
+ - type: interface
+ # NOTE: "interface_name" will be replaced by the value of NeutronPublicInterface,
+ # default is "nic1". Set this value via parameter_defaults in an environment file.
+ name: interface_name
+ primary: true
+ - type: vlan
+ vlan_id:
+ get_param: ExternalNetworkVlanID
+ device: bridge_name
+ addresses:
+ - ip_netmask:
+ get_param: ExternalIpSubnet
+ routes:
+ - default: true
+ next_hop:
+ get_param: ExternalInterfaceDefaultRoute
+ - type: vlan
+ vlan_id:
+ get_param: InternalApiNetworkVlanID
+ device: bridge_name
+ addresses:
+ - ip_netmask:
+ get_param: InternalApiIpSubnet
+ - type: vlan
+ vlan_id:
+ get_param: TenantNetworkVlanID
+ device: bridge_name
+ addresses:
+ - ip_netmask:
+ get_param: TenantIpSubnet
+ # Uncomment when including environments/network-management.yaml
+ # If setting default route on the Management interface, comment
+ # out the default route on the External interface. This will
+ # make the External API unreachable from remote subnets.
+ #-
+ # type: vlan
+ # vlan_id: {get_param: ManagementNetworkVlanID}
+ # device: bridge_name
+ # addresses:
+ # -
+ # ip_netmask: {get_param: ManagementIpSubnet}
+ # routes:
+ # -
+ # default: true
+ # next_hop: {get_param: ManagementInterfaceDefaultRoute}
+outputs:
+ OS::stack_id:
+ description: The OsNetConfigImpl resource.
+ value:
+ get_resource: OsNetConfigImpl
+
default: 30
description: Vlan ID for the storage network traffic.
type: number
+ StorageMgmtNetworkVlanID:
+ default: 40
+ description: Vlan ID for the storage mgmt network traffic.
+ type: number
TenantNetworkVlanID:
default: 50
description: Vlan ID for the tenant network traffic.
addresses:
- ip_netmask:
get_param: StorageIpSubnet
+ # Uncomment when including environments/hyperconverged-ceph.yaml
+ #- type: vlan
+ # vlan_id: {get_param: StorageMgmtNetworkVlanID}
+ # addresses:
+ # - ip_netmask: {get_param: StorageMgmtIpSubnet}
- type: vlan
vlan_id:
get_param: TenantNetworkVlanID
# Uncomment when including environments/network-management.yaml
# If setting default route on the Management interface, comment
# out the default route on the Control Plane.
- #-
- # type: vlan
+ #- type: vlan
# vlan_id: {get_param: ManagementNetworkVlanID}
# addresses:
- # -
- # ip_netmask: {get_param: ManagementIpSubnet}
+ # - ip_netmask: {get_param: ManagementIpSubnet}
# routes:
- # -
- # default: true
+ # - default: true
# next_hop: {get_param: ManagementInterfaceDefaultRoute}
outputs:
OS::stack_id:
--- /dev/null
+heat_template_version: pike
+description: >
+ Software Config to drive os-net-config to configure VLANs for a dedicated Neutron networker role.
+parameters:
+ ControlPlaneIp:
+ default: ''
+ description: IP address/subnet on the ctlplane network
+ type: string
+ ExternalIpSubnet:
+ default: ''
+ description: IP address/subnet on the external network
+ type: string
+ InternalApiIpSubnet:
+ default: ''
+ description: IP address/subnet on the internal API network
+ type: string
+ StorageIpSubnet:
+ default: ''
+ description: IP address/subnet on the storage network
+ type: string
+ StorageMgmtIpSubnet:
+ default: ''
+ description: IP address/subnet on the storage mgmt network
+ type: string
+ TenantIpSubnet:
+ default: ''
+ description: IP address/subnet on the tenant network
+ type: string
+ ManagementIpSubnet: # Only populated when including environments/network-management.yaml
+ default: ''
+ description: IP address/subnet on the management network
+ type: string
+ ExternalNetworkVlanID:
+ default: 10
+ description: Vlan ID for the external network traffic.
+ type: number
+ InternalApiNetworkVlanID:
+ default: 20
+ description: Vlan ID for the internal_api network traffic.
+ type: number
+ StorageNetworkVlanID:
+ default: 30
+ description: Vlan ID for the storage network traffic.
+ type: number
+ StorageMgmtNetworkVlanID:
+ default: 40
+ description: Vlan ID for the storage mgmt network traffic.
+ type: number
+ TenantNetworkVlanID:
+ default: 50
+ description: Vlan ID for the tenant network traffic.
+ type: number
+ ManagementNetworkVlanID:
+ default: 60
+ description: Vlan ID for the management network traffic.
+ type: number
+ ControlPlaneDefaultRoute: # Override this via parameter_defaults
+ description: The default route of the control plane network.
+ type: string
+ ExternalInterfaceDefaultRoute:
+ default: 10.0.0.1
+ description: default route for the external network
+ type: string
+ ManagementInterfaceDefaultRoute: # Commented out by default in this template
+ default: unset
+ description: The default route of the management network.
+ type: string
+ ControlPlaneSubnetCidr: # Override this via parameter_defaults
+ default: '24'
+ description: The subnet CIDR of the control plane network.
+ type: string
+ DnsServers: # Override this via parameter_defaults
+ default: []
+ description: A list of DNS servers (2 max for some implementations) that will be added to resolv.conf.
+ type: comma_delimited_list
+ EC2MetadataIp: # Override this via parameter_defaults
+ description: The IP address of the EC2 metadata server.
+ type: string
+resources:
+ OsNetConfigImpl:
+ type: OS::Heat::SoftwareConfig
+ properties:
+ group: script
+ config:
+ str_replace:
+ template:
+ get_file: ../../scripts/run-os-net-config.sh
+ params:
+ $network_config:
+ network_config:
+ - type: ovs_bridge
+ name: bridge_name
+ use_dhcp: false
+ dns_servers:
+ get_param: DnsServers
+ addresses:
+ - ip_netmask:
+ list_join:
+ - /
+ - - get_param: ControlPlaneIp
+ - get_param: ControlPlaneSubnetCidr
+ routes:
+ - ip_netmask: 169.254.169.254/32
+ next_hop:
+ get_param: EC2MetadataIp
+ members:
+ - type: interface
+ name: nic1
+ # force the MAC address of the bridge to this interface
+ primary: true
+ - type: vlan
+ vlan_id:
+ get_param: ExternalNetworkVlanID
+ addresses:
+ - ip_netmask:
+ get_param: ExternalIpSubnet
+ routes:
+ - default: true
+ next_hop:
+ get_param: ExternalInterfaceDefaultRoute
+ - type: vlan
+ vlan_id:
+ get_param: InternalApiNetworkVlanID
+ addresses:
+ - ip_netmask:
+ get_param: InternalApiIpSubnet
+ - type: vlan
+ vlan_id:
+ get_param: TenantNetworkVlanID
+ addresses:
+ - ip_netmask:
+ get_param: TenantIpSubnet
+ # Uncomment when including environments/network-management.yaml
+ # If setting default route on the Management interface, comment
+ # out the default route on the External interface. This will
+ # make the External API unreachable from remote subnets.
+ #-
+ # type: vlan
+ # vlan_id: {get_param: ManagementNetworkVlanID}
+ # addresses:
+ # -
+ # ip_netmask: {get_param: ManagementIpSubnet}
+ # routes:
+ # -
+ # default: true
+ # next_hop: {get_param: ManagementInterfaceDefaultRoute}
+outputs:
+ OS::stack_id:
+ description: The OsNetConfigImpl resource.
+ value:
+ get_resource: OsNetConfigImpl
+
type: json
ExternalNetAdminStateUp:
default: false
- description: This admin state of the network.
+ description: The admin state of the network.
type: boolean
ExternalNetEnableDHCP:
default: false
type: json
ExternalNetAdminStateUp:
default: false
- description: This admin state of of the network.
+ description: The admin state of the network.
type: boolean
ExternalNetShared:
default: false
type: json
InternalApiNetAdminStateUp:
default: false
- description: This admin state of the network.
+ description: The admin state of the network.
type: boolean
InternalApiNetEnableDHCP:
default: false
type: json
InternalApiNetAdminStateUp:
default: false
- description: This admin state of of the network.
+ description: The admin state of the network.
type: boolean
InternalApiNetShared:
default: false
type: json
ManagementNetAdminStateUp:
default: false
- description: This admin state of of the network.
+ description: The admin state of the network.
type: boolean
ManagementNetShared:
default: false
ManagementIpSubnet:
default: ''
type: string
+ description: IP address/subnet on the management network
ManagementIpUri:
default: ''
type: string
type: json
StorageNetAdminStateUp:
default: false
- description: This admin state of the network.
+ description: The admin state of the network.
type: boolean
StorageNetEnableDHCP:
default: false
type: json
StorageMgmtNetAdminStateUp:
default: false
- description: This admin state of the network.
+ description: The admin state of the network.
type: boolean
StorageMgmtNetEnableDHCP:
default: false
type: json
StorageMgmtNetAdminStateUp:
default: false
- description: This admin state of of the network.
+ description: The admin state of the network.
type: boolean
StorageMgmtNetShared:
default: false
type: json
StorageNetAdminStateUp:
default: false
- description: This admin state of of the network.
+ description: The admin state of the network.
type: boolean
StorageNetShared:
default: false
type: json
TenantNetAdminStateUp:
default: false
- description: This admin state of the network.
+ description: The admin state of the network.
type: boolean
TenantNetEnableDHCP:
default: false
type: json
TenantNetAdminStateUp:
default: false
- description: This admin state of of the network.
+ description: The admin state of the network.
type: boolean
TenantNetShared:
default: false
# Upgrade resources
OS::TripleO::UpgradeConfig: puppet/upgrade_config.yaml
+ OS::TripleO::DeployedServerEnvironment: OS::Heat::None
+
# services
OS::TripleO::Services: services.yaml
OS::TripleO::Services::Apache: puppet/services/apache.yaml
OS::TripleO::Services::NeutronL2gwApi: OS::Heat::None
OS::TripleO::Services::NeutronL3Agent: puppet/services/neutron-l3.yaml
OS::TripleO::Services::NeutronL2gwAgent: OS::Heat::None
+ OS::TripleO::Services::NeutronLbaasv2Agent: OS::Heat::None
OS::TripleO::Services::NeutronMetadataAgent: puppet/services/neutron-metadata.yaml
# FIXME(shardy) the duplicate NeutronServer line can be removed when we've updated
# the multinode job ControllerServices after this patch merges
OS::TripleO::Services::Snmp: puppet/services/snmp.yaml
OS::TripleO::Services::Tacker: OS::Heat::None
OS::TripleO::Services::Timezone: puppet/services/time/timezone.yaml
- OS::TripleO::Services::CeilometerApi: puppet/services/ceilometer-api.yaml
+ OS::TripleO::Services::CeilometerApi: puppet/services/disabled/ceilometer-api-disabled.yaml
OS::TripleO::Services::CeilometerCollector: puppet/services/disabled/ceilometer-collector-disabled.yaml
OS::TripleO::Services::CeilometerExpirer: puppet/services/disabled/ceilometer-expirer-disabled.yaml
OS::TripleO::Services::CeilometerAgentCentral: puppet/services/ceilometer-agent-central.yaml
StorageMgmtIp: {get_attr: [StorageMgmtVirtualIP, ip_address]}
StorageMgmtIpUri: {get_attr: [StorageMgmtVirtualIP, ip_address_uri]}
# No tenant or management VIP required
+ # Because of nested get_attr functions in the KeystoneAdminVip output, we
+ # can't determine which attributes of VipMap are used until after
+ # ServiceNetMap's attribute values are available.
+ depends_on: ServiceNetMap
# All Nodes Validations
AllNodesValidationConfig:
{{role.name}}: {get_attr: [{{role.name}}, attributes, os_collect_config]}
{% endfor %}
+ DeployedServerEnvironment:
+ type: OS::TripleO::DeployedServerEnvironment
+ properties:
+ RoleCounts:
+{% for role in roles %}
+ {{role.name}}DeployedServerCount: {get_param: {{role.name}}Count}
+{% endfor %}
+ VipMap:
+ map_merge:
+ - {get_attr: [VipMap, net_ip_map]}
+ - redis: {get_attr: [RedisVirtualIP, ip_address]}
+ DeployedServerPortMap:
+ map_merge:
+ list_concat:
+{% for role in roles %}
+ - {get_attr: [{{role.name}}, deployed_server_port_map]}
+{% endfor %}
+ DeployedServerDeploymentSwiftDataMap:
+ map_merge:
+ list_concat:
+{% for role in roles %}
+ - {get_attr: [{{role.name}}, deployed_server_deployment_swift_data_map]}
+{% endfor %}
+ DefaultRouteIp:
+ str_split:
+ - ':'
+ - str_split:
+ - '/'
+ - {get_attr: [ServerOsCollectConfigData, value, {{primary_role_name}}, '0', request, metadata_url]}
+ - 2
+ - 0
+
outputs:
ManagedEndpoints:
description: Asserts that the keystone endpoints have been provisioned.
value: {get_attr: [EndpointMapData, value, KeystonePublic, uri]}
KeystoneAdminVip:
description: Keystone Admin VIP endpoint
+ # Note that these nested get_attr functions require a dependency
+ # relationship between VipMap and ServiceNetMap, since we can't determine
+ # which attributes of VipMap are used until after ServiceNetMap's attribute
+ # values are available. If this is ever reworked to not use nested
+ # get_attr, that dependency can be removed.
value: {get_attr: [VipMap, net_ip_map, {get_attr: [ServiceNetMap, service_net_map, KeystoneAdminApiNetwork]}]}
EndpointMap:
description: |
{% endfor %}
ServerOsCollectConfigData:
description: The os-collect-config configuration associated with each server resource
- value:
-{% for role in roles %}
- {{role.name}}: {get_attr: [{{role.name}}, attributes, os_collect_config]}
-{% endfor %}
+ value: {get_attr: [ServerOsCollectConfigData, value]}
VipMap:
description: Mapping of each network to VIP addresses. Also includes the Redis VIP.
value:
ServerIdData:
description: Mapping of each role to a list of nova server IDs and the bootstrap ID
value: {get_attr: [ServerIdMap, value]}
+ DeployedServerEnvironment:
+ description:
+ Environment data that can be used as input into the services stack when
+ using split-stack.
+ value: {get_attr: [DeployedServerEnvironment, deployed_server_environment]}
server: {get_resource: BlockStorage}
RoleParameters: {get_param: RoleParameters}
ServiceNames: {get_param: ServiceNames}
+ deployment_actions: {get_attr: [DeploymentActions, value]}
NetworkDeployment:
type: OS::TripleO::SoftwareDeployment
NodeExtraConfig:
depends_on: NodeTLSCAData
type: OS::TripleO::NodeExtraConfig
+ # We have to use conditions here so that we don't break backwards
+ # compatibility with templates everywhere
+ condition: server_not_blacklisted
properties:
server: {get_resource: BlockStorage}
- ['CREATE', 'UPDATE']
- []
+ DeploymentActions:
+ type: OS::Heat::Value
+ properties:
+ value:
+ if:
+ - server_not_blacklisted
+ - ['CREATE', 'UPDATE']
+ - []
+
SshHostPubKey:
type: OS::TripleO::Ssh::HostPubKey
depends_on: BlockStorageDeployment
properties:
server: {get_resource: BlockStorage}
+ deployment_actions: {get_attr: [DeploymentActions, value]}
outputs:
ip_address:
management_ip_address:
description: IP address of the server in the management network
value: {get_attr: [ManagementPort, ip_address]}
+ deployed_server_port_map:
+ description: |
+ Map of Heat created hostname of the server to ip address. This is the
+ hostname before it has been mapped with the HostnameMap parameter, and
+ the IP address from the ctlplane network. This map can be used to construct
+ the DeployedServerPortMap parameter when using split-stack.
+ value:
+ map_replace:
+ - hostname:
+ fixed_ips:
+ - ip_address: {get_attr: [BlockStorage, networks, ctlplane, 0]}
+ - keys:
+ hostname:
+ list_join:
+ - '-'
+ - - {get_param: Hostname}
+ - ctlplane
+ deployed_server_deployment_swift_data_map:
+ description:
+ Map of Heat created hostname of the server to the Swift container and object
+ used to created the temporary url for metadata polling with
+ os-collect-config.
+ value:
+ map_replace:
+ - hostname:
+ container:
+ str_split:
+ - '/'
+ - {get_attr: [BlockStorage, os_collect_config, request, metadata_url]}
+ - 5
+ object:
+ str_split:
+ - '?'
+ - str_split:
+ - '/'
+ - {get_attr: [BlockStorage, os_collect_config, request, metadata_url]}
+ - 6
+ - 0
+ - keys: {hostname: {get_param: Hostname}}
os_collect_config:
description: The os-collect-config configuration associated with this server resource
value: {get_attr: [BlockStorage, os_collect_config]}
server: {get_resource: CephStorage}
RoleParameters: {get_param: RoleParameters}
ServiceNames: {get_param: ServiceNames}
+ deployment_actions: {get_attr: [DeploymentActions, value]}
NetworkDeployment:
type: OS::TripleO::SoftwareDeployment
CephStorageExtraConfigPre:
depends_on: CephStorageDeployment
type: OS::TripleO::CephStorageExtraConfigPre
+ # We have to use conditions here so that we don't break backwards
+ # compatibility with templates everywhere
+ condition: server_not_blacklisted
properties:
server: {get_resource: CephStorage}
NodeExtraConfig:
depends_on: [CephStorageExtraConfigPre, NodeTLSCAData]
type: OS::TripleO::NodeExtraConfig
+ # We have to use conditions here so that we don't break backwards
+ # compatibility with templates everywhere
+ condition: server_not_blacklisted
properties:
server: {get_resource: CephStorage}
- ['CREATE', 'UPDATE']
- []
+ DeploymentActions:
+ type: OS::Heat::Value
+ properties:
+ value:
+ if:
+ - server_not_blacklisted
+ - ['CREATE', 'UPDATE']
+ - []
+
SshHostPubKey:
type: OS::TripleO::Ssh::HostPubKey
depends_on: CephStorageDeployment
properties:
server: {get_resource: CephStorage}
+ deployment_actions: {get_attr: [DeploymentActions, value]}
outputs:
ip_address:
management_ip_address:
description: IP address of the server in the management network
value: {get_attr: [ManagementPort, ip_address]}
+ deployed_server_port_map:
+ description: |
+ Map of Heat created hostname of the server to ip address. This is the
+ hostname before it has been mapped with the HostnameMap parameter, and
+ the IP address from the ctlplane network. This map can be used to construct
+ the DeployedServerPortMap parameter when using split-stack.
+ value:
+ map_replace:
+ - hostname:
+ fixed_ips:
+ - ip_address: {get_attr: [CephStorage, networks, ctlplane, 0]}
+ - keys:
+ hostname:
+ list_join:
+ - '-'
+ - - {get_param: Hostname}
+ - ctlplane
+ deployed_server_deployment_swift_data_map:
+ description:
+ Map of Heat created hostname of the server to the Swift container and object
+ used to created the temporary url for metadata polling with
+ os-collect-config.
+ value:
+ map_replace:
+ - hostname:
+ container:
+ str_split:
+ - '/'
+ - {get_attr: [CephStorage, os_collect_config, request, metadata_url]}
+ - 5
+ object:
+ str_split:
+ - '?'
+ - str_split:
+ - '/'
+ - {get_attr: [CephStorage, os_collect_config, request, metadata_url]}
+ - 6
+ - 0
+ - keys: {hostname: {get_param: Hostname}}
os_collect_config:
description: The os-collect-config configuration associated with this server resource
value: {get_attr: [CephStorage, os_collect_config]}
server: {get_resource: NovaCompute}
RoleParameters: {get_param: RoleParameters}
ServiceNames: {get_param: ServiceNames}
+ deployment_actions: {get_attr: [DeploymentActions, value]}
NetworkConfig:
type: OS::TripleO::Compute::Net::SoftwareConfig
ComputeExtraConfigPre:
depends_on: NovaComputeDeployment
type: OS::TripleO::ComputeExtraConfigPre
+ # We have to use conditions here so that we don't break backwards
+ # compatibility with templates everywhere
+ condition: server_not_blacklisted
properties:
server: {get_resource: NovaCompute}
NodeExtraConfig:
depends_on: [ComputeExtraConfigPre, NodeTLSCAData]
type: OS::TripleO::NodeExtraConfig
+ # We have to use conditions here so that we don't break backwards
+ # compatibility with templates everywhere
+ condition: server_not_blacklisted
properties:
server: {get_resource: NovaCompute}
update_identifier:
get_param: UpdateIdentifier
+ DeploymentActions:
+ type: OS::Heat::Value
+ properties:
+ value:
+ if:
+ - server_not_blacklisted
+ - ['CREATE', 'UPDATE']
+ - []
+
SshHostPubKey:
type: OS::TripleO::Ssh::HostPubKey
depends_on: NovaComputeDeployment
properties:
server: {get_resource: NovaCompute}
+ deployment_actions: {get_attr: [DeploymentActions, value]}
outputs:
ip_address:
management_ip_address:
description: IP address of the server in the management network
value: {get_attr: [ManagementPort, ip_address]}
+ deployed_server_port_map:
+ description: |
+ Map of Heat created hostname of the server to ip address. This is the
+ hostname before it has been mapped with the HostnameMap parameter, and
+ the IP address from the ctlplane network. This map can be used to construct
+ the DeployedServerPortMap parameter when using split-stack.
+ value:
+ map_replace:
+ - hostname:
+ fixed_ips:
+ - ip_address: {get_attr: [NovaCompute, networks, ctlplane, 0]}
+ - keys:
+ hostname:
+ list_join:
+ - '-'
+ - - {get_param: Hostname}
+ - ctlplane
+ deployed_server_deployment_swift_data_map:
+ description:
+ Map of Heat created hostname of the server to the Swift container and object
+ used to created the temporary url for metadata polling with
+ os-collect-config.
+ value:
+ map_replace:
+ - hostname:
+ container:
+ str_split:
+ - '/'
+ - {get_attr: [NovaCompute, os_collect_config, request, metadata_url]}
+ - 5
+ object:
+ str_split:
+ - '?'
+ - str_split:
+ - '/'
+ - {get_attr: [NovaCompute, os_collect_config, request, metadata_url]}
+ - 6
+ - 0
+ - keys: {hostname: {get_param: Hostname}}
hostname:
description: Hostname of the server
value: {get_attr: [NovaCompute, name]}
server: {get_resource: Controller}
RoleParameters: {get_param: RoleParameters}
ServiceNames: {get_param: ServiceNames}
+ deployment_actions: {get_attr: [DeploymentActions, value]}
NetworkConfig:
type: OS::TripleO::Controller::Net::SoftwareConfig
config: {get_resource: ControllerConfig}
server: {get_resource: Controller}
input_values:
- bootstack_nodeid: {get_attr: [Controller, name]}
enable_load_balancer: {get_param: EnableLoadBalancer}
enable_package_upgrade: {get_attr: [UpdateDeployment, update_managed_packages]}
- {get_param: ControllerExtraConfig}
extraconfig: {get_param: ExtraConfig}
controller:
- # data supplied directly to this deployment configuration, etc
- bootstack_nodeid: {get_input: bootstack_nodeid}
- # Pacemaker
enable_load_balancer: {get_input: enable_load_balancer}
# Misc
ControllerExtraConfigPre:
depends_on: ControllerDeployment
type: OS::TripleO::ControllerExtraConfigPre
+ # We have to use conditions here so that we don't break backwards
+ # compatibility with templates everywhere
+ condition: server_not_blacklisted
properties:
server: {get_resource: Controller}
NodeExtraConfig:
depends_on: [ControllerExtraConfigPre, NodeTLSData]
type: OS::TripleO::NodeExtraConfig
+ # We have to use conditions here so that we don't break backwards
+ # compatibility with templates everywhere
+ condition: server_not_blacklisted
properties:
server: {get_resource: Controller}
update_identifier:
get_param: UpdateIdentifier
+ DeploymentActions:
+ type: OS::Heat::Value
+ properties:
+ value:
+ if:
+ - server_not_blacklisted
+ - ['CREATE', 'UPDATE']
+ - []
+
SshHostPubKey:
type: OS::TripleO::Ssh::HostPubKey
depends_on: ControllerDeployment
properties:
server: {get_resource: Controller}
+ deployment_actions: {get_attr: [DeploymentActions, value]}
outputs:
ip_address:
management_ip_address:
description: IP address of the server in the management network
value: {get_attr: [ManagementPort, ip_address]}
+ deployed_server_port_map:
+ description:
+ Map of Heat created hostname of the server to ip address. This is the
+ hostname before it has been mapped with the HostnameMap parameter, and
+ the IP address from the ctlplane network. This map can be used to construct
+ the DeployedServerPortMap parameter when using split-stack.
+ value:
+ map_replace:
+ - hostname:
+ fixed_ips:
+ - ip_address: {get_attr: [Controller, networks, ctlplane, 0]}
+ - keys:
+ hostname:
+ list_join:
+ - '-'
+ - - {get_param: Hostname}
+ - ctlplane
+ deployed_server_deployment_swift_data_map:
+ description:
+ Map of Heat created hostname of the server to the Swift container and object
+ used to created the temporary url for metadata polling with
+ os-collect-config.
+ value:
+ map_replace:
+ - hostname:
+ container:
+ str_split:
+ - '/'
+ - {get_attr: [Controller, os_collect_config, request, metadata_url]}
+ - 5
+ object:
+ str_split:
+ - '?'
+ - str_split:
+ - '/'
+ - {get_attr: [Controller, os_collect_config, request, metadata_url]}
+ - 6
+ - 0
+ - keys: {hostname: {get_param: Hostname}}
hostname:
description: Hostname of the server
value: {get_attr: [Controller, name]}
server: {get_resource: SwiftStorage}
RoleParameters: {get_param: RoleParameters}
ServiceNames: {get_param: ServiceNames}
+ deployment_actions: {get_attr: [DeploymentActions, value]}
NetworkDeployment:
type: OS::TripleO::SoftwareDeployment
NodeExtraConfig:
depends_on: NodeTLSCAData
type: OS::TripleO::NodeExtraConfig
+ # We have to use conditions here so that we don't break backwards
+ # compatibility with templates everywhere
+ condition: server_not_blacklisted
properties:
server: {get_resource: SwiftStorage}
- ['CREATE', 'UPDATE']
- []
+ DeploymentActions:
+ type: OS::Heat::Value
+ properties:
+ value:
+ if:
+ - server_not_blacklisted
+ - ['CREATE', 'UPDATE']
+ - []
+
SshHostPubKey:
type: OS::TripleO::Ssh::HostPubKey
depends_on: SwiftStorageHieraDeploy
properties:
server: {get_resource: SwiftStorage}
+ deployment_actions: {get_attr: [DeploymentActions, value]}
outputs:
ip_address:
management_ip_address:
description: IP address of the server in the management network
value: {get_attr: [ManagementPort, ip_address]}
+ deployed_server_port_map:
+ description: |
+ Map of Heat created hostname of the server to ip address. This is the
+ hostname before it has been mapped with the HostnameMap parameter, and
+ the IP address from the ctlplane network. This map can be used to construct
+ the DeployedServerPortMap parameter when using split-stack.
+ value:
+ map_replace:
+ - hostname:
+ fixed_ips:
+ - ip_address: {get_attr: [SwiftStorage, networks, ctlplane, 0]}
+ - keys:
+ hostname:
+ list_join:
+ - '-'
+ - - {get_param: Hostname}
+ - ctlplane
+ deployed_server_deployment_swift_data_map:
+ description:
+ Map of Heat created hostname of the server to the Swift container and object
+ used to created the temporary url for metadata polling with
+ os-collect-config.
+ value:
+ map_replace:
+ - hostname:
+ container:
+ str_split:
+ - '/'
+ - {get_attr: [SwiftStorage, os_collect_config, request, metadata_url]}
+ - 5
+ object:
+ str_split:
+ - '?'
+ - str_split:
+ - '/'
+ - {get_attr: [SwiftStorage, os_collect_config, request, metadata_url]}
+ - 6
+ - 0
+ - keys: {hostname: {get_param: Hostname}}
os_collect_config:
description: The os-collect-config configuration associated with this server resource
value: {get_attr: [SwiftStorage, os_collect_config]}
heat_template_version: pike
-description: 'OpenStack {{role}} node configured by Puppet'
+description: 'OpenStack {{role.name}} node configured by Puppet'
parameters:
- Overcloud{{role}}Flavor:
- description: Flavor for the {{role}} node.
+ Overcloud{{role.name}}Flavor:
+ description: Flavor for the {{role.name}} node.
default: baremetal
type: string
-{% if disable_constraints is not defined %}
+{% if role.disable_constraints is not defined %}
constraints:
- custom_constraint: nova.flavor
{% endif %}
- {{role}}Image:
+ {{role.name}}Image:
type: string
default: overcloud-full
-{% if disable_constraints is not defined %}
+{% if role.disable_constraints is not defined %}
constraints:
- custom_constraint: glance.image
{% endif %}
description: Name of an existing Nova key pair to enable SSH access to the instances
type: string
default: default
-{% if disable_constraints is not defined %}
+{% if role.disable_constraints is not defined %}
constraints:
- custom_constraint: nova.keypair
{% endif %}
default: {}
description: |
Additional hiera configuration to inject into the cluster. Note
- that {{role}}ExtraConfig takes precedence over ExtraConfig.
+ that {{role.name}}ExtraConfig takes precedence over ExtraConfig.
type: json
- {{role}}ExtraConfig:
+ {{role.name}}ExtraConfig:
default: {}
description: |
Role specific additional hiera configuration to inject into the cluster.
type: json
- {{role}}IPs:
+ {{role.name}}IPs:
default: {}
type: json
NetworkDeploymentActions:
description: >
The DNS domain used for the hosts. This must match the
overcloud_domain_name configured on the undercloud.
- {{role}}ServerMetadata:
+ {{role.name}}ServerMetadata:
default: {}
description: >
Extra properties or metadata passed to Nova for the created nodes in
the overcloud. It's accessible via the Nova metadata API. This applies to
all roles and is merged with a role-specific metadata parameter.
type: json
- {{role}}SchedulerHints:
+ {{role.name}}SchedulerHints:
type: json
description: Optional scheduler hints to pass to nova
default: {}
- ""
resources:
- {{role}}:
- type: OS::TripleO::{{role}}Server
+ {{role.name}}:
+ type: OS::TripleO::{{role.name}}Server
metadata:
os-collect-config:
command: {get_param: ConfigCommand}
splay: {get_param: ConfigCollectSplay}
properties:
- image: {get_param: {{role}}Image}
+ image: {get_param: {{role.name}}Image}
image_update_policy: {get_param: ImageUpdatePolicy}
- flavor: {get_param: Overcloud{{role}}Flavor}
+ flavor: {get_param: Overcloud{{role.name}}Flavor}
key_name: {get_param: KeyName}
networks:
- network: ctlplane
metadata:
map_merge:
- {get_param: ServerMetadata}
- - {get_param: {{role}}ServerMetadata}
+ - {get_param: {{role.name}}ServerMetadata}
- {get_param: ServiceMetadataSettings}
- scheduler_hints: {get_param: {{role}}SchedulerHints}
+ scheduler_hints: {get_param: {{role.name}}SchedulerHints}
deployment_swift_data:
if:
- deployment_swift_data_map_unset
# For optional operator role-specific userdata
# Should return a OS::Heat::MultipartMime reference via OS::stack_id
RoleUserData:
- type: OS::TripleO::{{role}}::NodeUserData
+ type: OS::TripleO::{{role.name}}::NodeUserData
- ExternalPort:
- type: OS::TripleO::{{role}}::Ports::ExternalPort
+ {%- for network in networks %}
+ {{network.name}}Port:
+ type: OS::TripleO::{{role.name}}::Ports::{{network.name}}Port
properties:
- ControlPlaneIP: {get_attr: [{{role}}, networks, ctlplane, 0]}
- IPPool: {get_param: {{role}}IPs}
- NodeIndex: {get_param: NodeIndex}
-
- InternalApiPort:
- type: OS::TripleO::{{role}}::Ports::InternalApiPort
- properties:
- ControlPlaneIP: {get_attr: [{{role}}, networks, ctlplane, 0]}
- IPPool: {get_param: {{role}}IPs}
- NodeIndex: {get_param: NodeIndex}
-
- StoragePort:
- type: OS::TripleO::{{role}}::Ports::StoragePort
- properties:
- ControlPlaneIP: {get_attr: [{{role}}, networks, ctlplane, 0]}
- IPPool: {get_param: {{role}}IPs}
- NodeIndex: {get_param: NodeIndex}
-
- StorageMgmtPort:
- type: OS::TripleO::{{role}}::Ports::StorageMgmtPort
- properties:
- ControlPlaneIP: {get_attr: [{{role}}, networks, ctlplane, 0]}
- IPPool: {get_param: {{role}}IPs}
- NodeIndex: {get_param: NodeIndex}
-
- TenantPort:
- type: OS::TripleO::{{role}}::Ports::TenantPort
- properties:
- ControlPlaneIP: {get_attr: [{{role}}, networks, ctlplane, 0]}
- IPPool: {get_param: {{role}}IPs}
- NodeIndex: {get_param: NodeIndex}
-
- ManagementPort:
- type: OS::TripleO::{{role}}::Ports::ManagementPort
- properties:
- ControlPlaneIP: {get_attr: [{{role}}, networks, ctlplane, 0]}
- IPPool: {get_param: {{role}}IPs}
+ ControlPlaneIP: {get_attr: [{{role.name}}, networks, ctlplane, 0]}
+ IPPool: {get_param: {{role.name}}IPs}
NodeIndex: {get_param: NodeIndex}
+ {%- endfor %}
NetworkConfig:
- type: OS::TripleO::{{role}}::Net::SoftwareConfig
+ type: OS::TripleO::{{role.name}}::Net::SoftwareConfig
properties:
- ControlPlaneIp: {get_attr: [{{role}}, networks, ctlplane, 0]}
- ExternalIpSubnet: {get_attr: [ExternalPort, ip_subnet]}
- InternalApiIpSubnet: {get_attr: [InternalApiPort, ip_subnet]}
- StorageIpSubnet: {get_attr: [StoragePort, ip_subnet]}
- StorageMgmtIpSubnet: {get_attr: [StorageMgmtPort, ip_subnet]}
- TenantIpSubnet: {get_attr: [TenantPort, ip_subnet]}
- ManagementIpSubnet: {get_attr: [ManagementPort, ip_subnet]}
+ ControlPlaneIp: {get_attr: [{{role.name}}, networks, ctlplane, 0]}
+ {%- for network in networks %}
+ {{network.name}}IpSubnet: {get_attr: [{{network.name}}Port, ip_subnet]}
+ {%- endfor %}
NetIpMap:
type: OS::TripleO::Network::Ports::NetIpMap
properties:
- ControlPlaneIp: {get_attr: [{{role}}, networks, ctlplane, 0]}
- ExternalIp: {get_attr: [ExternalPort, ip_address]}
- ExternalIpSubnet: {get_attr: [ExternalPort, ip_subnet]}
- ExternalIpUri: {get_attr: [ExternalPort, ip_address_uri]}
- InternalApiIp: {get_attr: [InternalApiPort, ip_address]}
- InternalApiIpSubnet: {get_attr: [InternalApiPort, ip_subnet]}
- InternalApiIpUri: {get_attr: [InternalApiPort, ip_address_uri]}
- StorageIp: {get_attr: [StoragePort, ip_address]}
- StorageIpSubnet: {get_attr: [StoragePort, ip_subnet]}
- StorageIpUri: {get_attr: [StoragePort, ip_address_uri]}
- StorageMgmtIp: {get_attr: [StorageMgmtPort, ip_address]}
- StorageMgmtIpSubnet: {get_attr: [StorageMgmtPort, ip_subnet]}
- StorageMgmtIpUri: {get_attr: [StorageMgmtPort, ip_address_uri]}
- TenantIp: {get_attr: [TenantPort, ip_address]}
- TenantIpSubnet: {get_attr: [TenantPort, ip_subnet]}
- TenantIpUri: {get_attr: [TenantPort, ip_address_uri]}
- ManagementIp: {get_attr: [ManagementPort, ip_address]}
- ManagementIpSubnet: {get_attr: [ManagementPort, ip_subnet]}
- ManagementIpUri: {get_attr: [ManagementPort, ip_address_uri]}
+ ControlPlaneIp: {get_attr: [{{role.name}}, networks, ctlplane, 0]}
+ {%- for network in networks %}
+ {{network.name}}Ip: {get_attr: [{{network.name}}Port, ip_address]}
+ {{network.name}}IpSubnet: {get_attr: [{{network.name}}Port, ip_subnet]}
+ {{network.name}}IpUri: {get_attr: [{{network.name}}Port, ip_address_uri]}
+ {%- endfor %}
NetHostMap:
type: OS::Heat::Value
fqdn:
list_join:
- '.'
- - - {get_attr: [{{role}}, name]}
+ - - {get_attr: [{{role.name}}, name]}
- external
- {get_param: CloudDomain}
short:
list_join:
- '.'
- - - {get_attr: [{{role}}, name]}
+ - - {get_attr: [{{role.name}}, name]}
- external
internal_api:
fqdn:
list_join:
- '.'
- - - {get_attr: [{{role}}, name]}
+ - - {get_attr: [{{role.name}}, name]}
- internalapi
- {get_param: CloudDomain}
short:
list_join:
- '.'
- - - {get_attr: [{{role}}, name]}
+ - - {get_attr: [{{role.name}}, name]}
- internalapi
storage:
fqdn:
list_join:
- '.'
- - - {get_attr: [{{role}}, name]}
+ - - {get_attr: [{{role.name}}, name]}
- storage
- {get_param: CloudDomain}
short:
list_join:
- '.'
- - - {get_attr: [{{role}}, name]}
+ - - {get_attr: [{{role.name}}, name]}
- storage
storage_mgmt:
fqdn:
list_join:
- '.'
- - - {get_attr: [{{role}}, name]}
+ - - {get_attr: [{{role.name}}, name]}
- storagemgmt
- {get_param: CloudDomain}
short:
list_join:
- '.'
- - - {get_attr: [{{role}}, name]}
+ - - {get_attr: [{{role.name}}, name]}
- storagemgmt
tenant:
fqdn:
list_join:
- '.'
- - - {get_attr: [{{role}}, name]}
+ - - {get_attr: [{{role.name}}, name]}
- tenant
- {get_param: CloudDomain}
short:
list_join:
- '.'
- - - {get_attr: [{{role}}, name]}
+ - - {get_attr: [{{role.name}}, name]}
- tenant
management:
fqdn:
list_join:
- '.'
- - - {get_attr: [{{role}}, name]}
+ - - {get_attr: [{{role.name}}, name]}
- management
- {get_param: CloudDomain}
short:
list_join:
- '.'
- - - {get_attr: [{{role}}, name]}
+ - - {get_attr: [{{role.name}}, name]}
- management
ctlplane:
fqdn:
list_join:
- '.'
- - - {get_attr: [{{role}}, name]}
+ - - {get_attr: [{{role.name}}, name]}
- ctlplane
- {get_param: CloudDomain}
short:
list_join:
- '.'
- - - {get_attr: [{{role}}, name]}
+ - - {get_attr: [{{role.name}}, name]}
- ctlplane
PreNetworkConfig:
- type: OS::TripleO::{{role}}::PreNetworkConfig
+ type: OS::TripleO::{{role.name}}::PreNetworkConfig
properties:
- server: {get_resource: {{role}}}
+ server: {get_resource: {{role.name}}}
RoleParameters: {get_param: RoleParameters}
ServiceNames: {get_param: ServiceNames}
+ deployment_actions: {get_attr: [DeploymentActions, value]}
NetworkDeployment:
type: OS::TripleO::SoftwareDeployment
properties:
name: NetworkDeployment
config: {get_resource: NetworkConfig}
- server: {get_resource: {{role}}}
+ server: {get_resource: {{role.name}}}
actions: {get_param: NetworkDeploymentActions}
input_values:
bridge_name: {get_param: NeutronPhysicalBridge}
- {get_param: NetworkDeploymentActions}
- []
- {{role}}UpgradeInitConfig:
+ {{role.name}}UpgradeInitConfig:
type: OS::Heat::SoftwareConfig
properties:
group: script
# Note we may be able to make this conditional on UpgradeInitCommandNotEmpty
# but https://bugs.launchpad.net/heat/+bug/1649900 needs fixing first
- {{role}}UpgradeInitDeployment:
+ {{role.name}}UpgradeInitDeployment:
type: OS::Heat::SoftwareDeployment
depends_on: NetworkDeployment
properties:
- name: {{role}}UpgradeInitDeployment
- server: {get_resource: {{role}}}
- config: {get_resource: {{role}}UpgradeInitConfig}
+ name: {{role.name}}UpgradeInitDeployment
+ server: {get_resource: {{role.name}}}
+ config: {get_resource: {{role.name}}UpgradeInitConfig}
actions:
if:
- server_not_blacklisted
- ['CREATE', 'UPDATE']
- []
- {{role}}Deployment:
+ {{role.name}}Deployment:
type: OS::Heat::StructuredDeployment
- depends_on: {{role}}UpgradeInitDeployment
+ depends_on: {{role.name}}UpgradeInitDeployment
properties:
- name: {{role}}Deployment
- config: {get_resource: {{role}}Config}
- server: {get_resource: {{role}}}
+ name: {{role.name}}Deployment
+ config: {get_resource: {{role.name}}Config}
+ server: {get_resource: {{role.name}}}
input_values:
enable_package_upgrade: {get_attr: [UpdateDeployment, update_managed_packages]}
actions:
- ['CREATE', 'UPDATE']
- []
- {{role}}Config:
+ {{role.name}}Config:
type: OS::Heat::StructuredConfig
properties:
group: hiera
- '"%{::uuid}"'
- heat_config_%{::deploy_config_name}
- config_step
- - {{role.lower()}}_extraconfig
+ - {{role.name.lower()}}_extraconfig
- extraconfig
- service_names
- service_configs
- - {{role.lower()}}
+ - {{role.name.lower()}}
- bootstrap_node # provided by allNodesConfig
- all_nodes # provided by allNodesConfig
- vip_data # provided by allNodesConfig
map_replace:
- {get_param: ServiceConfigSettings}
- values: {get_attr: [NetIpMap, net_ip_map]}
- {{role.lower()}}_extraconfig: {get_param: {{role}}ExtraConfig}
+ {{role.name.lower()}}_extraconfig: {get_param: {{role.name}}ExtraConfig}
extraconfig: {get_param: ExtraConfig}
- {{role.lower()}}:
+ {{role.name.lower()}}:
tripleo::packages::enable_upgrade: {get_input: enable_package_upgrade}
tripleo::profile::base::logging::fluentd::fluentd_sources: {get_param: LoggingSources}
tripleo::profile::base::logging::fluentd::fluentd_groups: {get_param: LoggingGroups}
# Resource for site-specific injection of root certificate
NodeTLSCAData:
- depends_on: {{role}}Deployment
+ depends_on: {{role.name}}Deployment
type: OS::TripleO::NodeTLSCAData
properties:
- server: {get_resource: {{role}}}
+ server: {get_resource: {{role.name}}}
# Hook for site-specific additional pre-deployment config, e.g extra hieradata
- {{role}}ExtraConfigPre:
- depends_on: {{role}}Deployment
- type: OS::TripleO::{{role}}ExtraConfigPre
+ {{role.name}}ExtraConfigPre:
+ depends_on: {{role.name}}Deployment
+ type: OS::TripleO::{{role.name}}ExtraConfigPre
+ # We have to use conditions here so that we don't break backwards
+ # compatibility with templates everywhere
+ condition: server_not_blacklisted
properties:
- server: {get_resource: {{role}}}
+ server: {get_resource: {{role.name}}}
# Hook for site-specific additional pre-deployment config,
# applying to all nodes, e.g node registration/unregistration
NodeExtraConfig:
- depends_on: [{{role}}ExtraConfigPre, NodeTLSCAData]
+ depends_on: [{{role.name}}ExtraConfigPre, NodeTLSCAData]
type: OS::TripleO::NodeExtraConfig
+ # We have to use conditions here so that we don't break backwards
+ # compatibility with templates everywhere
+ condition: server_not_blacklisted
properties:
- server: {get_resource: {{role}}}
+ server: {get_resource: {{role.name}}}
UpdateConfig:
type: OS::TripleO::Tasks::PackageUpdate
properties:
name: UpdateDeployment
config: {get_resource: UpdateConfig}
- server: {get_resource: {{role}}}
+ server: {get_resource: {{role.name}}}
input_values:
update_identifier:
get_param: UpdateIdentifier
- ['CREATE', 'UPDATE']
- []
+ DeploymentActions:
+ type: OS::Heat::Value
+ properties:
+ value:
+ if:
+ - server_not_blacklisted
+ - ['CREATE', 'UPDATE']
+ - []
+
SshHostPubKey:
type: OS::TripleO::Ssh::HostPubKey
- depends_on: {{role}}Deployment
+ depends_on: {{role.name}}Deployment
properties:
- server: {get_resource: {{role}}}
+ server: {get_resource: {{role.name}}}
+ deployment_actions: {get_attr: [DeploymentActions, value]}
outputs:
ip_address:
description: IP address of the server in the ctlplane network
- value: {get_attr: [{{role}}, networks, ctlplane, 0]}
+ value: {get_attr: [{{role.name}}, networks, ctlplane, 0]}
hostname:
description: Hostname of the server
- value: {get_attr: [{{role}}, name]}
+ value: {get_attr: [{{role.name}}, name]}
hostname_map:
description: Mapping of network names to hostnames
value:
- external: {get_attr: [NetHostMap, value, external, fqdn]}
- internal_api: {get_attr: [NetHostMap, value, internal_api, fqdn]}
- storage: {get_attr: [NetHostMap, value, storage, fqdn]}
- storage_mgmt: {get_attr: [NetHostMap, value, storage_mgmt, fqdn]}
- tenant: {get_attr: [NetHostMap, value, tenant, fqdn]}
- management: {get_attr: [NetHostMap, value, management, fqdn]}
+ {%- for network in networks %}
+ {{network.name_lower|default(network.name.lower())}}: {get_attr: [NetHostMap, value, {{network.name_lower|default(network.name.lower()) }}, fqdn]}
+ {%- endfor %}
ctlplane: {get_attr: [NetHostMap, value, ctlplane, fqdn]}
hosts_entry:
value:
str_replace:
template: |
PRIMARYIP PRIMARYHOST.DOMAIN PRIMARYHOST
- EXTERNALIP EXTERNALHOST.DOMAIN EXTERNALHOST
- INTERNAL_APIIP INTERNAL_APIHOST.DOMAIN INTERNAL_APIHOST
- STORAGEIP STORAGEHOST.DOMAIN STORAGEHOST
- STORAGE_MGMTIP STORAGE_MGMTHOST.DOMAIN STORAGE_MGMTHOST
- TENANTIP TENANTHOST.DOMAIN TENANTHOST
- MANAGEMENTIP MANAGEMENTHOST.DOMAIN MANAGEMENTHOST
+ {%- for network in networks %}
+ {{network.name}}IP {{network.name}}HOST.DOMAIN {{network.name}}HOST
+ {%- endfor %}
CTLPLANEIP CTLPLANEHOST.DOMAIN CTLPLANEHOST
params:
- PRIMARYIP: {get_attr: [NetIpMap, net_ip_map, {get_param: [ServiceNetMap, {{role}}HostnameResolveNetwork]}]}
+ PRIMARYIP: {get_attr: [NetIpMap, net_ip_map, {get_param: [ServiceNetMap, {{role.name}}HostnameResolveNetwork]}]}
DOMAIN: {get_param: CloudDomain}
- PRIMARYHOST: {get_attr: [{{role}}, name]}
- EXTERNALIP: {get_attr: [ExternalPort, ip_address]}
- EXTERNALHOST: {get_attr: [NetHostMap, value, external, short]}
- INTERNAL_APIIP: {get_attr: [InternalApiPort, ip_address]}
- INTERNAL_APIHOST: {get_attr: [NetHostMap, value, internal_api, short]}
- STORAGEIP: {get_attr: [StoragePort, ip_address]}
- STORAGEHOST: {get_attr: [NetHostMap, value, storage, short]}
- STORAGE_MGMTIP: {get_attr: [StorageMgmtPort, ip_address]}
- STORAGE_MGMTHOST: {get_attr: [NetHostMap, value, storage_mgmt, short]}
- TENANTIP: {get_attr: [TenantPort, ip_address]}
- TENANTHOST: {get_attr: [NetHostMap, value, tenant, short]}
- MANAGEMENTIP: {get_attr: [ManagementPort, ip_address]}
- MANAGEMENTHOST: {get_attr: [NetHostMap, value, management, short]}
- CTLPLANEIP: {get_attr: [{{role}}, networks, ctlplane, 0]}
+ PRIMARYHOST: {get_attr: [{{role.name}}, name]}
+ {%- for network in networks %}
+ {{network.name}}IP: {get_attr: [{{network.name}}Port, ip_address]}
+ {{network.name}}HOST: {get_attr: [NetHostMap, value, {{network.name_lower|default(network.name.lower())}}, short]}
+ {%- endfor %}
+ CTLPLANEIP: {get_attr: [{{role.name}}, networks, ctlplane, 0]}
CTLPLANEHOST: {get_attr: [NetHostMap, value, ctlplane, short]}
known_hosts_entry:
description: Entry for ssh known hosts
value:
str_replace:
template: "PRIMARYIP,PRIMARYHOST.DOMAIN,PRIMARYHOST,\
-EXTERNALIP,EXTERNALHOST.DOMAIN,EXTERNALHOST,\
-INTERNAL_APIIP,INTERNAL_APIHOST.DOMAIN,INTERNAL_APIHOST,\
-STORAGEIP,STORAGEHOST.DOMAIN,STORAGEHOST,\
-STORAGE_MGMTIP,STORAGE_MGMTHOST.DOMAIN,STORAGE_MGMTHOST,\
-TENANTIP,TENANTHOST.DOMAIN,TENANTHOST,\
-MANAGEMENTIP,MANAGEMENTHOST.DOMAIN,MANAGEMENTHOST,\
+ {%- for network in networks %}
+{{network.name}}IP,{{network.name}}HOST.DOMAIN,{{network.name}}HOST,\
+ {%- endfor %}
CTLPLANEIP,CTLPLANEHOST.DOMAIN,CTLPLANEHOST HOSTSSHPUBKEY"
params:
- PRIMARYIP: {get_attr: [NetIpMap, net_ip_map, {get_param: [ServiceNetMap, {{role}}HostnameResolveNetwork]}]}
+ PRIMARYIP: {get_attr: [NetIpMap, net_ip_map, {get_param: [ServiceNetMap, {{role.name}}HostnameResolveNetwork]}]}
DOMAIN: {get_param: CloudDomain}
- PRIMARYHOST: {get_attr: [{{role}}, name]}
- EXTERNALIP: {get_attr: [ExternalPort, ip_address]}
- EXTERNALHOST: {get_attr: [NetHostMap, value, external, short]}
- INTERNAL_APIIP: {get_attr: [InternalApiPort, ip_address]}
- INTERNAL_APIHOST: {get_attr: [NetHostMap, value, internal_api, short]}
- STORAGEIP: {get_attr: [StoragePort, ip_address]}
- STORAGEHOST: {get_attr: [NetHostMap, value, storage, short]}
- STORAGE_MGMTIP: {get_attr: [StorageMgmtPort, ip_address]}
- STORAGE_MGMTHOST: {get_attr: [NetHostMap, value, storage_mgmt, short]}
- TENANTIP: {get_attr: [TenantPort, ip_address]}
- TENANTHOST: {get_attr: [NetHostMap, value, tenant, short]}
- MANAGEMENTIP: {get_attr: [ManagementPort, ip_address]}
- MANAGEMENTHOST: {get_attr: [NetHostMap, value, management, short]}
- CTLPLANEIP: {get_attr: [{{role}}, networks, ctlplane, 0]}
+ PRIMARYHOST: {get_attr: [{{role.name}}, name]}
+ {%- for network in networks %}
+ {{network.name}}IP: {get_attr: [{{network.name}}Port, ip_address]}
+ {{network.name}}HOST: {get_attr: [NetHostMap, value, {{network.name_lower|default(network.name.lower())}}, short]}
+ {%- endfor %}
+ CTLPLANEIP: {get_attr: [{{role.name}}, networks, ctlplane, 0]}
CTLPLANEHOST: {get_attr: [NetHostMap, value, ctlplane, short]}
HOSTSSHPUBKEY: {get_attr: [SshHostPubKey, ecdsa]}
nova_server_resource:
- description: Heat resource handle for {{role}} server
+ description: Heat resource handle for {{role.name}} server
value:
- {get_resource: {{role}}}
+ {get_resource: {{role.name}}}
condition: server_not_blacklisted
- external_ip_address:
- description: IP address of the server in the external network
- value: {get_attr: [ExternalPort, ip_address]}
- internal_api_ip_address:
- description: IP address of the server in the internal_api network
- value: {get_attr: [InternalApiPort, ip_address]}
- storage_ip_address:
- description: IP address of the server in the storage network
- value: {get_attr: [StoragePort, ip_address]}
- storage_mgmt_ip_address:
- description: IP address of the server in the storage_mgmt network
- value: {get_attr: [StorageMgmtPort, ip_address]}
- tenant_ip_address:
- description: IP address of the server in the tenant network
- value: {get_attr: [TenantPort, ip_address]}
- management_ip_address:
- description: IP address of the server in the management network
- value: {get_attr: [ManagementPort, ip_address]}
+ deployed_server_port_map:
+ description: |
+ Map of Heat created hostname of the server to ip address. This is the
+ hostname before it has been mapped with the HostnameMap parameter, and
+ the IP address from the ctlplane network. This map can be used to construct
+ the DeployedServerPortMap parameter when using split-stack.
+ value:
+ map_replace:
+ - hostname:
+ fixed_ips:
+ - ip_address: {get_attr: [{{role.name}}, networks, ctlplane, 0]}
+ - keys:
+ hostname:
+ list_join:
+ - '-'
+ - - {get_param: Hostname}
+ - ctlplane
+ deployed_server_deployment_swift_data_map:
+ description:
+ Map of Heat created hostname of the server to the Swift container and object
+ used to created the temporary url for metadata polling with
+ os-collect-config.
+ value:
+ map_replace:
+ - hostname:
+ container:
+ str_split:
+ - '/'
+ - {get_attr: [{{role.name}}, os_collect_config, request, metadata_url]}
+ - 5
+ object:
+ str_split:
+ - '?'
+ - str_split:
+ - '/'
+ - {get_attr: [{{role.name}}, os_collect_config, request, metadata_url]}
+ - 6
+ - 0
+ - keys: {hostname: {get_param: Hostname}}
os_collect_config:
description: The os-collect-config configuration associated with this server resource
- value: {get_attr: [{{role}}, os_collect_config]}
+ value: {get_attr: [{{role.name}}, os_collect_config]}
+ {%- for network in networks %}
+ {{network.name_lower|default(network.name.lower())}}_ip_address:
+ description: IP address of the server in the {{network.name}} network
+ value: {get_attr: [{{network.name}}Port, ip_address]}
+ {%- endfor %}
type: string
default: 'regionOne'
description: Keystone region for endpoint
+ NotificationDriver:
+ type: string
+ default: 'messagingv2'
+ description: Driver or drivers to handle sending notifications.
+ constraints:
+ - allowed_values: [ 'messagingv2', 'noop' ]
conditions:
service_debug_unset: {equals : [{get_param: AodhDebug}, '']}
- {get_param: Debug }
- {get_param: AodhDebug }
aodh::auth::auth_url: {get_param: [EndpointMap, KeystoneInternal, uri_no_suffix] }
+ aodh::notification_driver: {get_param: NotificationDriver}
aodh::rabbit_userid: {get_param: RabbitUserName}
aodh::rabbit_password: {get_param: RabbitPassword}
aodh::rabbit_use_ssl: {get_param: RabbitClientUseSSL}
e.g. { barbican-context_is_admin: { key: context_is_admin, value: 'role:admin' } }
default: {}
type: json
+ NotificationDriver:
+ type: string
+ default: 'messagingv2'
+ description: Driver or drivers to handle sending notifications.
+ constraints:
+ - allowed_values: [ 'messagingv2', 'noop' ]
resources:
- service_debug_unset
- {get_param: Debug }
- {get_param: BarbicanDebug }
+ barbican::api::notification_driver: {get_param: NotificationDriver}
barbican::api::rabbit_use_ssl: {get_param: RabbitClientUseSSL}
barbican::api::rabbit_userid: {get_param: RabbitUserName}
barbican::api::rabbit_password: {get_param: RabbitPassword}
description: The user password for SNMPd with readonly rights running on all Overcloud nodes
type: string
hidden: true
+ NotificationDriver:
+ type: string
+ default: 'messagingv2'
+ description: Driver or drivers to handle sending notifications.
+ constraints:
+ - allowed_values: [ 'messagingv2', 'noop' ]
conditions:
service_debug_unset: {equals : [{get_param: CeilometerDebug}, '']}
ceilometer::dispatcher::gnocchi::filter_project: 'service'
ceilometer::dispatcher::gnocchi::archive_policy: 'low'
ceilometer::dispatcher::gnocchi::resources_definition_file: 'gnocchi_resources.yaml'
+ ceilometer::notification_driver: {get_param: NotificationDriver}
ceilometer::rabbit_userid: {get_param: RabbitUserName}
ceilometer::rabbit_password: {get_param: RabbitPassword}
ceilometer::rabbit_use_ssl: {get_param: RabbitClientUseSSL}
type: json
CephValidationRetries:
type: number
- default: 5
+ default: 40
description: Number of retry attempts for Ceph validation
CephValidationDelay:
type: number
- default: 10
+ default: 30
description: Interval (in seconds) in between validation checks
MonitoringSubscriptionCephMon:
default: 'overcloud-ceph-mon'
e.g. { cinder-context_is_admin: { key: context_is_admin, value: 'role:admin' } }
default: {}
type: json
+ NotificationDriver:
+ type: string
+ default: 'messagingv2'
+ description: Driver or drivers to handle sending notifications.
+ constraints:
+ - allowed_values: [ 'messagingv2', 'noop' ]
conditions:
cinder_workers_zero: {equals : [{get_param: CinderWorkers}, 0]}
cinder::keystone::authtoken::user_domain_name: 'Default'
cinder::keystone::authtoken::project_domain_name: 'Default'
cinder::policy::policies: {get_param: CinderApiPolicies}
+ cinder::ceilometer::notification_driver: {get_param: NotificationDriver}
cinder::api::enable_proxy_headers_parsing: true
cinder::api::nova_catalog_info: 'compute:nova:internalURL'
e.g. { congress-context_is_admin: { key: context_is_admin, value: 'role:admin' } }
default: {}
type: json
+ NotificationDriver:
+ type: string
+ default: 'messagingv2'
+ description: Driver or drivers to handle sending notifications.
+ constraints:
+ - allowed_values: [ 'messagingv2', 'noop' ]
conditions:
service_debug_unset: {equals : [{get_param: CongressDebug}, '']}
- {get_param: Debug }
- {get_param: CongressDebug }
congress::rpc_backend: rabbit
+ congress::notification_driver: {get_param: NotificationDriver}
congress::rabbit_userid: {get_param: RabbitUserName}
congress::rabbit_password: {get_param: RabbitPassword}
congress::rabbit_use_ssl: {get_param: RabbitClientUseSSL}
--- /dev/null
+heat_template_version: pike
+
+description: >
+ OpenStack Ceilometer API service, disabled since pike
+
+parameters:
+ ServiceNetMap:
+ default: {}
+ description: Mapping of service_name -> network name. Typically set
+ via parameter_defaults in the resource registry. This
+ mapping overrides those in ServiceNetMapDefaults.
+ type: json
+ DefaultPasswords:
+ default: {}
+ type: json
+ RoleName:
+ default: ''
+ description: Role name on which the service is applied
+ type: string
+ RoleParameters:
+ default: {}
+ description: Parameters specific to the role
+ type: json
+ EndpointMap:
+ default: {}
+ description: Mapping of service endpoint -> protocol. Typically set
+ via parameter_defaults in the resource registry.
+ type: json
+
+outputs:
+ role_data:
+ description: Role data for the disabled Ceilometer API role.
+ value:
+ service_name: ceilometer_api_disabled
+ upgrade_tasks:
+ - name: Purge Ceilometer apache config files
+ tags: step1
+ file: path=/etc/httpd/conf.d/10-ceilometer_wsgi.conf state=absent
+ - name: Clean up ceilometer port from ports.conf
+ tags: step1
+ lineinfile: dest=/etc/httpd/conf/ports.conf state=absent regexp="8777$"
e.g. { glance-context_is_admin: { key: context_is_admin, value: 'role:admin' } }
default: {}
type: json
+ NotificationDriver:
+ type: string
+ default: 'messagingv2'
+ description: Driver or drivers to handle sending notifications.
+ constraints:
+ - allowed_values: [ 'messagingv2', 'noop' ]
conditions:
use_tls_proxy: {equals : [{get_param: EnableInternalTLS}, true]}
glance::notify::rabbitmq::rabbit_port: {get_param: RabbitClientPort}
glance::notify::rabbitmq::rabbit_password: {get_param: RabbitPassword}
glance::notify::rabbitmq::rabbit_use_ssl: {get_param: RabbitClientUseSSL}
- glance::notify::rabbitmq::notification_driver: messagingv2
+ glance::notify::rabbitmq::notification_driver: {get_param: NotificationDriver}
tripleo::profile::base::glance::api::glance_nfs_enabled: {get_param: GlanceNfsEnabled}
tripleo::glance::nfs_mount::share: {get_param: GlanceNfsShare}
tripleo::glance::nfs_mount::options: {get_param: GlanceNfsOptions}
default: 1048576
description: Maximum raw byte size of the Heat API JSON request body.
type: number
+ NotificationDriver:
+ type: string
+ default: 'messagingv2'
+ description: Driver or drivers to handle sending notifications.
+ constraints:
+ - allowed_values: [ 'messagingv2', 'noop' ]
conditions:
service_debug_unset: {equals : [{get_param: HeatDebug}, '']}
value:
service_name: heat_base
config_settings:
+ heat::notification_driver: {get_param: NotificationDriver}
heat::rabbit_userid: {get_param: RabbitUserName}
heat::rabbit_password: {get_param: RabbitPassword}
heat::rabbit_use_ssl: {get_param: RabbitClientUseSSL}
type: json
default: {}
hidden: true
+ NotificationDriver:
+ type: string
+ default: 'messagingv2'
+ description: Driver or drivers to handle sending notifications.
+ constraints:
+ - allowed_values: [ 'messagingv2', 'noop' ]
parameter_groups:
- label: deprecated
parameters:
- KeystoneFernetKey0
- KeystoneFernetKey1
+ - KeystoneNotificationDriver
resources:
keystone::rabbit_password: {get_param: RabbitPassword}
keystone::rabbit_use_ssl: {get_param: RabbitClientUseSSL}
keystone::rabbit_port: {get_param: RabbitClientPort}
- keystone::notification_driver: {get_param: KeystoneNotificationDriver}
+ keystone::notification_driver: {get_param: NotificationDriver}
keystone::notification_format: {get_param: KeystoneNotificationFormat}
keystone::roles::admin::email: {get_param: AdminEmail}
keystone::roles::admin::password: {get_param: AdminPassword}
description: The password for the manila service account.
type: string
hidden: true
+ NotificationDriver:
+ type: string
+ default: 'messagingv2'
+ description: Driver or drivers to handle sending notifications.
+ constraints:
+ - allowed_values: [ 'messagingv2', 'noop' ]
conditions:
service_debug_unset: {equals : [{get_param: ManilaDebug}, '']}
value:
service_name: manila_base
config_settings:
+ manila::notification_driver: {get_param: NotificationDriver}
manila::rabbit_userid: {get_param: RabbitUserName}
manila::rabbit_password: {get_param: RabbitPassword}
manila::rabbit_use_ssl: {get_param: RabbitClientUseSSL}
type: string
default: 'regionOne'
description: Keystone region for endpoint
+ NotificationDriver:
+ type: string
+ default: 'messagingv2'
+ description: Driver or drivers to handle sending notifications.
+ constraints:
+ - allowed_values: [ 'messagingv2', 'noop' ]
conditions:
service_debug_unset: {equals : [{get_param: MistralDebug}, '']}
query:
read_default_file: /etc/my.cnf.d/tripleo.cnf
read_default_group: tripleo
+ mistral::notification_driver: {get_param: NotificationDriver}
mistral::rabbit_userid: {get_param: RabbitUserName}
mistral::rabbit_password: {get_param: RabbitPassword}
mistral::rabbit_use_ssl: {get_param: RabbitClientUseSSL}
description: Mapping of service endpoint -> protocol. Typically set
via parameter_defaults in the resource registry.
type: json
+ NotificationDriver:
+ type: string
+ default: 'messagingv2'
+ description: Driver or drivers to handle sending notifications.
+ constraints:
+ - allowed_values: [ 'messagingv2', 'noop' ]
conditions:
dhcp_agents_zero: {equals : [{get_param: NeutronDhcpAgentsPerNetwork}, 0]}
neutron::rabbit_user: {get_param: RabbitUserName}
neutron::rabbit_use_ssl: {get_param: RabbitClientUseSSL}
neutron::rabbit_port: {get_param: RabbitClientPort}
+ neutron::notification_driver: {get_param: NotificationDriver}
neutron::core_plugin: {get_param: NeutronCorePlugin}
neutron::service_plugins: {get_param: NeutronServicePlugins}
neutron::debug:
--- /dev/null
+heat_template_version: pike
+
+description: >
+ Neutron LBaaS service configured with Puppet
+
+parameters:
+ ServiceNetMap:
+ default: {}
+ description: Mapping of service_name -> network name. Typically set
+ via parameter_defaults in the resource registry. This
+ mapping overrides those in ServiceNetMapDefaults.
+ type: json
+ DefaultPasswords:
+ default: {}
+ type: json
+ RoleName:
+ default: ''
+ description: Role name on which the service is applied
+ type: string
+ RoleParameters:
+ default: {}
+ description: Parameters specific to the role
+ type: json
+ EndpointMap:
+ default: {}
+ description: Mapping of service endpoint -> protocol. Typically set
+ via parameter_defaults in the resource registry.
+ type: json
+ NeutronLbaasInterfaceDriver:
+ default: 'neutron.agent.linux.interface.OVSInterfaceDriver'
+ type: string
+ NeutronLbaasDeviceDriver:
+ default: 'neutron.services.loadbalancer.drivers.haproxy.namespace_driver.HaproxyNSDriver'
+ type: string
+ NeutronServiceProviders:
+ default: 'LOADBALANCERV2:Haproxy:neutron_lbaas.drivers.haproxy.plugin_driver.HaproxyOnHostPluginDriver:default'
+ description: Global list of service providers used by neutron. This
+ list should be passed in to ensure all service
+ providers desired by the user are included. The
+ provided default value only set the provider for the LBaaSv2
+ subsystem.This is currently incompatible with enabling
+ octavia-api as one service or the other will break because the defaults are different.
+ type: comma_delimited_list
+
+resources:
+
+ NeutronBase:
+ type: ./neutron-base.yaml
+ properties:
+ ServiceNetMap: {get_param: ServiceNetMap}
+ DefaultPasswords: {get_param: DefaultPasswords}
+ EndpointMap: {get_param: EndpointMap}
+ RoleName: {get_param: RoleName}
+ RoleParameters: {get_param: RoleParameters}
+
+outputs:
+ role_data:
+ description: Role data for the Neutron LBaaS role.
+ value:
+ service_name: neutron_lbaas
+ config_settings:
+ map_merge:
+ - get_attr: [NeutronBase, role_data, config_settings]
+ - neutron::agents::lbaas::interface_driver: {get_param: NeutronLbaasInterfaceDriver}
+ neutron::agents::lbaas::device_driver: {get_param: NeutronLbaasDeviceDriver}
+ step_config: |
+ include ::tripleo::profile::base::neutron::lbaas
+ service_config_settings:
+ neutron_api:
+ neutron::server::service_providers: {get_param: NeutronServiceProviders}
type: string
default: 'regionOne'
description: Keystone region for endpoint
+ NotificationDriver:
+ type: string
+ default: 'messagingv2'
+ description: Driver or drivers to handle sending notifications.
+ constraints:
+ - allowed_values: [ 'messagingv2', 'noop' ]
NovaPassword:
description: The password for the nova service and db account, used by nova-api.
type: string
nova::cinder_catalog_info: 'volumev2:cinderv2:internalURL'
nova::host: '%{::fqdn}'
nova::notify_on_state_change: 'vm_and_task_state'
- nova::notification_driver: messagingv2
+ nova::notification_driver: {get_param: NotificationDriver}
nova::network::neutron::neutron_auth_type: 'v3password'
nova::db::database_db_max_retries: -1
nova::db::database_max_retries: -1
CephClientUserName:
default: openstack
type: string
+ CephClientKey:
+ description: The Ceph client key. Can be created with ceph-authtool --gen-print-key. Currently only used for external Ceph deployments to create the openstack user keyring.
+ type: string
+ hidden: true
+ CephClusterFSID:
+ type: string
+ description: The Ceph cluster FSID. Must be a UUID.
CinderEnableNfsBackend:
default: false
description: Whether to enable or not the NFS backend for Cinder
nova::compute::rbd::libvirt_rbd_user: {get_param: CephClientUserName}
tripleo::profile::base::nova::compute::cinder_nfs_backend: {get_param: CinderEnableNfsBackend}
rbd_persistent_storage: {get_param: CinderEnableRbdBackend}
- nova::compute::rbd::rbd_keyring:
- list_join:
- - '.'
- - - 'client'
- - {get_param: CephClientUserName}
- nova::compute::rbd::libvirt_rbd_secret_uuid: "%{hiera('ceph::profile::params::fsid')}"
+ nova::compute::rbd::libvirt_rbd_secret_key: {get_param: CephClientKey}
+ nova::compute::rbd::libvirt_rbd_secret_uuid: {get_param: CephClusterFSID}
nova::compute::instance_usage_audit: true
nova::compute::instance_usage_audit_period: 'hour'
nova::compute::rbd::ephemeral_storage: {get_param: NovaEnableRbdBackend}
default: 5672
description: Set rabbit subscriber port, change this if using SSL
type: number
+ NotificationDriver:
+ type: string
+ default: 'messagingv2'
+ description: Driver or drivers to handle sending notifications.
+ constraints:
+ - allowed_values: [ 'messagingv2', 'noop' ]
conditions:
service_debug_unset: {equals : [{get_param: OctaviaDebug}, '']}
- {get_param: Debug }
- {get_param: OctaviaDebug }
octavia::purge_config: {get_param: EnableConfigPurge}
+ octavia::notification_driver: {get_param: NotificationDriver}
octavia::rabbit_use_ssl: {get_param: RabbitClientUseSSL}
octavia::rabbit_userid: {get_param: RabbitUserName}
octavia::rabbit_password: {get_param: RabbitPassword}
type: json
RabbitUserName:
default: guest
- description: The username for Qdr
+ description: The username for RabbitMQ
type: string
RabbitPassword:
- description: The password for Qdr
+ description: The password for RabbitMQ
type: string
hidden: true
RabbitClientPort:
- description: Listening port for Qdr
+ description: Set rabbit subscriber port, change this if using SSL
default: 5672
type: number
MonitoringSubscriptionQdr:
default: ["ambari","cdh","mapr","vanilla","spark","storm"]
description: Sahara enabled plugin list
type: comma_delimited_list
+ NotificationDriver:
+ type: string
+ default: 'messagingv2'
+ description: Driver or drivers to handle sending notifications.
+ constraints:
+ - allowed_values: [ 'messagingv2', 'noop' ]
conditions:
service_debug_unset: {equals : [{get_param: SaharaDebug}, '']}
query:
read_default_file: /etc/my.cnf.d/tripleo.cnf
read_default_group: tripleo
+ sahara::notify::notification_driver: {get_param: NotificationDriver}
sahara::rabbit_password: {get_param: RabbitPassword}
sahara::rabbit_user: {get_param: RabbitUserName}
sahara::rabbit_use_ssl: {get_param: RabbitClientUseSSL}
e.g. { tacker-context_is_admin: { key: context_is_admin, value: 'role:admin' } }
default: {}
type: json
+ NotificationDriver:
+ type: string
+ default: 'messagingv2'
+ description: Driver or drivers to handle sending notifications.
+ constraints:
+ - allowed_values: [ 'messagingv2', 'noop' ]
conditions:
service_debug_unset: {equals : [{get_param: TackerDebug}, '']}
- {get_param: Debug }
- {get_param: TackerDebug }
tacker::rpc_backend: rabbit
+ tacker::notification_driver: {get_param: NotificationDriver}
tacker::rabbit_userid: {get_param: RabbitUserName}
tacker::rabbit_password: {get_param: RabbitPassword}
tacker::rabbit_use_ssl: {get_param: RabbitClientUseSSL}
--- /dev/null
+---
+features:
+ - Add a new output, DeployedServerEnvironment, that can be used as
+ the contents of an environment file. This environment file can then be used
+ as input into a services only stack when using split-stack. The parameter
+ simplifies the manual steps needed to deploy split-stack.
--- /dev/null
+---
+features:
+ - Allows the configuration of the Neutron LBaaS
+ agent.
\ No newline at end of file
--- /dev/null
+---
+features:
+ - |
+ Allow to configure the Message Queue notification driver.
+ By default, we'll configure 'messagingv2' but we can now
+ override NotificationDriver parameter and set 'noop' when
+ we don't want notifications, which is the case when
+ we disable Telemetry services.
+deprecations:
+ - KeystoneNotificationDriver is deprecated in favor of NotificationDriver.
--- /dev/null
+---
+features:
+ - |
+ The roles_data.yaml and roles_data_undercloud.yaml can be generated with
+ tox using ``tox -e genrolesdata``.
+ - |
+ pep8 now checks that the roles_data.yaml and roles_data_undercloud.yaml
+ matches data generated from the roles/ files.
# extensions coming with Sphinx (named 'sphinx.ext.*') or your custom
# ones.
extensions = [
- 'oslosphinx',
+ 'openstackdocstheme',
'reno.sphinxext',
]
# The theme to use for HTML and HTML Help pages. See the documentation for
# a list of builtin themes.
-html_theme = 'default'
+html_theme = 'openstackdocs'
# Theme options are theme-specific and customize the look and feel of a theme
# further. For a list of options available for each theme, see the
# -- Options for Internationalization output ------------------------------
locale_dirs = ['locale/']
+
+# openstackdocstheme options
+repository_name = 'openstack/tripleo-heat-templates'
+bug_project = 'tripleo'
+bug_tag = 'documentation'
pbr!=2.1.0,>=2.0.0 # Apache-2.0
Jinja2!=2.9.0,!=2.9.1,!=2.9.2,!=2.9.3,!=2.9.4,>=2.8 # BSD License (3 clause)
six>=1.9.0 # MIT
+tripleo-common>=7.1.0 # Apache-2.0
- OS::TripleO::Services::CinderHPELeftHandISCSI
- OS::TripleO::Services::CinderScheduler
- OS::TripleO::Services::CinderVolume
+ - OS::TripleO::Services::Clustercheck
- OS::TripleO::Services::Collectd
- OS::TripleO::Services::Congress
- - OS::TripleO::Services::Clustercheck
- OS::TripleO::Services::Docker
- OS::TripleO::Services::Ec2Api
- OS::TripleO::Services::Etcd
- OS::TripleO::Services::NeutronL2gwAgent
- OS::TripleO::Services::NeutronL2gwApi
- OS::TripleO::Services::NeutronL3Agent
+ - OS::TripleO::Services::NeutronLbaasv2Agent
- OS::TripleO::Services::NeutronLinuxbridgeAgent
- OS::TripleO::Services::NeutronMetadataAgent
- OS::TripleO::Services::NeutronML2FujitsuCfab
- OS::TripleO::Services::Kernel
- OS::TripleO::Services::MySQLClient
- OS::TripleO::Services::NeutronApi
- - OS::TripleO::Services::NeutronBgpvpnApi
+ - OS::TripleO::Services::NeutronBgpVpnApi
- OS::TripleO::Services::NeutronCorePlugin
- OS::TripleO::Services::NeutronDhcpAgent
- OS::TripleO::Services::NeutronL2gwAgent
- OS::TripleO::Services::NeutronL2gwApi
- OS::TripleO::Services::NeutronL3Agent
+ - OS::TripleO::Services::NeutronLbaasv2Agent
- OS::TripleO::Services::NeutronMetadataAgent
- OS::TripleO::Services::NeutronML2FujitsuCfab
- OS::TripleO::Services::NeutronML2FujitsuFossw
- OS::TripleO::Services::HeatEngine
- OS::TripleO::Services::IronicApi
- OS::TripleO::Services::IronicConductor
+ - OS::TripleO::Services::IronicInspector
- OS::TripleO::Services::IronicPxe
- OS::TripleO::Services::Iscsid
- OS::TripleO::Services::Keystone
- OS::TripleO::Services::UndercloudAodhListener
- OS::TripleO::Services::UndercloudAodhNotifier
- OS::TripleO::Services::UndercloudCeilometerAgentCentral
+ - OS::TripleO::Services::UndercloudCeilometerAgentIpmi
- OS::TripleO::Services::UndercloudCeilometerAgentNotification
- OS::TripleO::Services::UndercloudGnocchiApi
- OS::TripleO::Services::UndercloudGnocchiMetricd
###############################################################################
-# File generated by tripleoclient
+# File generated by TripleO
###############################################################################
###############################################################################
# Role: Controller #
- OS::TripleO::Services::NeutronL2gwAgent
- OS::TripleO::Services::NeutronL2gwApi
- OS::TripleO::Services::NeutronL3Agent
+ - OS::TripleO::Services::NeutronLbaasv2Agent
- OS::TripleO::Services::NeutronLinuxbridgeAgent
- OS::TripleO::Services::NeutronMetadataAgent
- OS::TripleO::Services::NeutronML2FujitsuCfab
- OS::TripleO::Services::Timezone
- OS::TripleO::Services::TripleoFirewall
- OS::TripleO::Services::TripleoPackages
+
###############################################################################
-# File generated by tripleoclient
+# File generated by TripleO
###############################################################################
###############################################################################
# Role: Undercloud #
- OS::TripleO::Services::UndercloudGnocchiStatsd
- OS::TripleO::Services::UndercloudPankoApi
- OS::TripleO::Services::Zaqar
+
# The order of packages is significant, because pip processes them in the order
# of appearance. Changing the order has an impact on the overall integration
# process, which may cause wedges in the gate later.
+openstackdocstheme>=1.11.0 # Apache-2.0
PyYAML>=3.10.0 # MIT
Jinja2!=2.9.0,!=2.9.1,!=2.9.2,!=2.9.3,!=2.9.4,>=2.8 # BSD License (3 clause)
six>=1.9.0 # MIT
-sphinx!=1.6.1,>=1.5.1 # BSD
-oslosphinx>=4.7.0 # Apache-2.0
+sphinx>=1.6.2 # BSD
reno!=2.3.1,>=1.8.0 # Apache-2.0
coverage!=4.4,>=4.0 # Apache-2.0
fixtures>=3.0.0 # Apache-2.0/BSD
print("jinja2 rendering roles %s" % ","
.join(role_names))
for role in role_names:
- j2_data = {'role': role}
- # (dprince) For the undercloud installer we don't
- # want to have heat check nova/glance API's
- if r_map[role].get('disable_constraints', False):
- j2_data['disable_constraints'] = True
+ j2_data = {'role': r_map[role]}
out_f = "-".join(
[role.lower(),
os.path.basename(f).replace('.role.j2.yaml',
'.yaml')])
out_f_path = os.path.join(out_dir, out_f)
if not (out_f_path in excl_templates):
- _j2_render_to_file(template_data, j2_data,
- out_f_path, overwrite)
+ if '{{role.name}}' in template_data:
+ j2_data = {'role': r_map[role],
+ 'networks': network_data}
+ _j2_render_to_file(template_data, j2_data,
+ out_f_path, overwrite)
+ else:
+ # Backwards compatibility with templates
+ # that specify {{role}} vs {{role.name}}
+ j2_data = {'role': role,
+ 'networks': network_data}
+ # (dprince) For the undercloud installer we
+ # don'twant to have heat check nova/glance
+ # API's
+ if r_map[role].get('disable_constraints',
+ False):
+ j2_data['disable_constraints'] = True
+ _j2_render_to_file(
+ template_data,j2_data,
+ out_f_path, overwrite)
+
else:
print('skipping rendering of %s' % out_f_path)
elif f.endswith('.j2.yaml'):
--- /dev/null
+#!/bin/bash
+#
+# Copyright 2017 Red Hat, Inc.
+#
+# Licensed under the Apache License, Version 2.0 (the "License"); you may
+# not use this file except in compliance with the License. You may obtain
+# a copy of the License at
+#
+# http://www.apache.org/licenses/LICENSE-2.0
+#
+# Unless required by applicable law or agreed to in writing, software
+# distributed under the License is distributed on an "AS IS" BASIS, WITHOUT
+# WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the
+# License for the specific language governing permissions and limitations
+# under the License.
+#
+set -e
+
+SCRIPT_DIR=$(cd `dirname $0` && pwd -P)
+OUTPUT_DIR=${OUTPUT_DIR:-$(cd "${SCRIPT_DIR}/../" && pwd -P)}
+
+echo "Generating ${OUTPUT_DIR}/roles_data.yaml"
+$SCRIPT_DIR/roles-data-generate.py Controller Compute BlockStorage ObjectStorage CephStorage > $OUTPUT_DIR/roles_data.yaml
+
+echo "Generating ${OUTPUT_DIR}/roles_data_undercloud.yaml"
+$SCRIPT_DIR/roles-data-generate.py Undercloud > $OUTPUT_DIR/roles_data_undercloud.yaml
--- /dev/null
+#!/usr/bin/env python
+#
+# Copyright 2017 Red Hat, Inc.
+#
+# Licensed under the Apache License, Version 2.0 (the "License"); you may
+# not use this file except in compliance with the License. You may obtain
+# a copy of the License at
+#
+# http://www.apache.org/licenses/LICENSE-2.0
+#
+# Unless required by applicable law or agreed to in writing, software
+# distributed under the License is distributed on an "AS IS" BASIS, WITHOUT
+# WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the
+# License for the specific language governing permissions and limitations
+# under the License.
+#
+
+import argparse
+import collections
+import os
+import sys
+
+from tripleo_common.utils import roles as rolesutils
+
+__tht_root_dir = os.path.dirname(os.path.dirname(__file__))
+__tht_roles_dir = os.path.join(__tht_root_dir, 'roles')
+
+
+def parse_opts(argv):
+ parser = argparse.ArgumentParser(
+ description='Generate roles_data.yaml for requested roles. NOTE: '
+ 'This is a stripped down version of what is provided by '
+ 'the tripleoclient. The tripleoclient should be used for '
+ 'additional functionality.')
+ parser.add_argument('--roles-path', metavar='<roles directory>',
+ help="Filesystem path containing the roles yaml files",
+ default=__tht_roles_dir)
+ parser.add_argument('roles', nargs="+", metavar='<role>',
+ help='List of roles to use to generate the '
+ 'roles_data.yaml file')
+ opts = parser.parse_args(argv[1:])
+
+ return opts
+
+opts = parse_opts(sys.argv)
+
+roles = collections.OrderedDict.fromkeys(opts.roles)
+print(rolesutils.generate_roles_data_from_directory(opts.roles_path,
+ roles.keys()))
--- /dev/null
+#!/bin/bash
+#
+# Copyright 2017 Red Hat, Inc.
+#
+# Licensed under the Apache License, Version 2.0 (the "License"); you may
+# not use this file except in compliance with the License. You may obtain
+# a copy of the License at
+#
+# http://www.apache.org/licenses/LICENSE-2.0
+#
+# Unless required by applicable law or agreed to in writing, software
+# distributed under the License is distributed on an "AS IS" BASIS, WITHOUT
+# WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the
+# License for the specific language governing permissions and limitations
+# under the License.
+#
+set -e
+
+SCRIPT_DIR=$(cd `dirname $0` && pwd -P)
+THT_DIR=${OUTPUT_DIR:-$(cd "${SCRIPT_DIR}/../" && pwd -P)}
+TMPDIR=$(mktemp -d)
+
+function do_cleanup {
+ rm -rf $TMPDIR
+}
+trap do_cleanup EXIT
+
+function check_diff {
+ local thtfile=$1
+ local genfile=$2
+ echo -n "Performing diff on $thtfile $genfile... "
+ diff $thtfile $genfile > $TMPDIR/diff_results
+ if [ $? = 1 ]; then
+ echo "ERROR: Generated roles file not match the current ${thtfile}"
+ echo "Please make sure to update the appropriate roles/* files."
+ echo "Here is the diff ${thtfile} ${genfile}"
+ cat $TMPDIR/diff_results
+ exit 1
+ fi
+ echo "OK!"
+}
+
+OUTPUT_DIR=$TMPDIR
+source $SCRIPT_DIR/roles-data-generate-samples.sh
+
+set +e
+check_diff $THT_DIR/roles_data.yaml $TMPDIR/roles_data.yaml
+check_diff $THT_DIR/roles_data_undercloud.yaml $TMPDIR/roles_data_undercloud.yaml
'metadata_settings', 'kolla_config']
REQUIRED_DOCKER_PUPPET_CONFIG_SECTIONS = ['config_volume', 'step_config',
'config_image']
-OPTIONAL_DOCKER_PUPPET_CONFIG_SECTIONS = [ 'puppet_tags' ]
+OPTIONAL_DOCKER_PUPPET_CONFIG_SECTIONS = [ 'puppet_tags', 'volumes' ]
# Mapping of parameter names to a list of the fields we should _not_ enforce
# consistency across files on. This should only contain parameters whose
# definition we cannot change for backwards compatibility reasons. New
for base_path in path_args:
if os.path.isdir(base_path):
for subdir, dirs, files in os.walk(base_path):
+ if '.tox' in dirs:
+ dirs.remove('.tox')
for f in files:
if f.endswith('.yaml') and not f.endswith('.j2.yaml'):
file_path = os.path.join(subdir, f)
commands = {posargs}
[testenv:pep8]
+whielist_externals =
+ bash
commands =
python ./tools/process-templates.py
python ./network/endpoints/build_endpoint_map.py --check
python ./tools/yaml-validate.py .
+ bash -c ./tools/roles-data-validation.sh
[testenv:templates]
commands = python ./tools/process-templates.py
commands =
python ./tools/process-templates.py
python ./tripleo_heat_templates/environment_generator.py sample-env-generator/
+
+[testenv:genroledata]
+whielist_externals =
+ bash
+commands =
+ bash -c tools/roles-data-generate-samples.sh
PING_CMD=ping6
fi
until [ $COUNT -ge $TIMES ]; do
- if $PING_CMD -w 300 -c 1 $IP_ADDR &> /dev/null; then
+ if $PING_CMD -w 10 -c 1 $IP_ADDR &> /dev/null; then
echo "Ping to $IP_ADDR succeeded."
return 0
fi
echo "Ping to $IP_ADDR failed. Retrying..."
COUNT=$(($COUNT + 1))
+ sleep 60
done
return 1
}