+----------------+-------------+-------------+-------------+-------------+-----------------+--------------+
| swift | | X | | | X | |
+----------------+-------------+-------------+-------------+-------------+-----------------+--------------+
-| aodh | X | | | | | |
+| aodh | X | X | | | | |
+----------------+-------------+-------------+-------------+-------------+-----------------+--------------+
-| ceilometer | X | | | | | |
+| ceilometer | X | X | | | | |
+----------------+-------------+-------------+-------------+-------------+-----------------+--------------+
-| gnocchi | X | | | | | |
+| gnocchi | rbd | swift | | | | |
+----------------+-------------+-------------+-------------+-------------+-----------------+--------------+
-| panko | X | | | | | |
+| panko | X | X | | | | |
+----------------+-------------+-------------+-------------+-------------+-----------------+--------------+
| barbican | | X | | | | |
+----------------+-------------+-------------+-------------+-------------+-----------------+--------------+
# environment_groups: (required)
# environment_groups:
-# Identifies an environment choice. If group includes multiple environments it
-# indicates that environments in group are mutually exclusive.
+# Identifies a group of environments.
# Attributes:
# title: (optional)
# description: (optional)
# tags: a list of tags to provide additional information for e.g. filtering (optional)
# environments: (required)
+# mutually_exclusive: (optional) boolean to identify that environments in group are mutually exclusive
# environments:
# List of environments in environment group
# title: (required)
# description: (optional)
# requires: an array of environments which are required by this environment (optional)
-# resource_registry: [tbd] (optional)
-
-# resource_registry:
-# [tbd] Each environment can provide options on resource_registry level applicable
-# only when that given environment is used. (resource_type of that environment can
-# be implemented using multiple templates).
topics:
- - title: Base Resources Configuration
+ - title: General Deployment Options
description:
environment_groups:
- - title:
- description: Enable base configuration for all resources required for OpenStack Deployment
+ - name: general-deployment-options
+ title:
+ description: Enables base configuration for all resources required for OpenStack Deployment
environments:
- file: overcloud-resource-registry-puppet.yaml
title: Base resources configuration
description:
-
- - title: Deployment Options
- description:
- environment_groups:
- - title: High Availability
- description: Enables configuration of an Overcloud controller with Pacemaker
- environments:
- - file: environments/puppet-pacemaker.yaml
- title: Pacemaker
- description: Enable configuration of an Overcloud controller with Pacemaker
- requires:
- - overcloud-resource-registry-puppet.yaml
- - title: Pacemaker options
- description:
- environments:
- - file: environments/puppet-pacemaker-no-restart.yaml
- title: Pacemaker No Restart
- description:
- requires:
- - environments/puppet-pacemaker.yaml
- - overcloud-resource-registry-puppet.yaml
- - title: Docker RDO
+ - title: Containerized Deployment
description: >
- Docker container with heat agents for containerized compute node
+ Configures Deployment to use containerized services
environments:
- file: environments/docker.yaml
- title: Docker RDO
+ title: Containerized Deployment
description:
requires:
- overcloud-resource-registry-puppet.yaml
- - title: Enable TLS
- description: >
- environments:
- - file: environments/enable-tls.yaml
- title: TLS
- description: >
- Use this option to pass in certificates for SSL deployments.
- For these values to take effect, one of the TLS endpoints
- environments must also be used.
- requires:
- - overcloud-resource-registry-puppet.yaml
- - title: TLS Endpoints
- description: >
- environments:
- - file: environments/tls-endpoints-public-dns.yaml
- title: SSL-enabled deployment with DNS name as public endpoint
- description: >
- Use this environment when deploying an SSL-enabled overcloud where the public
- endpoint is a DNS name.
- requires:
- - environments/enable-tls.yaml
- - overcloud-resource-registry-puppet.yaml
- - file: environments/tls-endpoints-public-ip.yaml
- title: SSL-enabled deployment with IP address as public endpoint
- description: >
- Use this environment when deploying an SSL-enabled overcloud where the public
- endpoint is an IP address.
- requires:
- - environments/enable-tls.yaml
- - overcloud-resource-registry-puppet.yaml
- - title: External load balancer
- description: >
- Enable external load balancer
- environments:
- - file: environments/external-loadbalancer-vip-v6.yaml
- title: External load balancer IPv6
- description: >
- requires:
- - overcloud-resource-registry-puppet.yaml
- - file: environments/external-loadbalancer-vip.yaml
- title: External load balancer IPv4
- description: >
- requires:
- - overcloud-resource-registry-puppet.yaml
-
- - title: Additional Services
- description: Deploy additional Overcloud services
- environment_groups:
- - title: Manila
- description:
- environments:
- - file: environments/manila-generic-config.yaml
- title: Manila
- description: Enable Manila generic driver backend
- requires:
- - overcloud-resource-registry-puppet.yaml
- - title: Sahara
- description:
- environments:
- - file: environments/services/sahara.yaml
- title: Sahara
- description: Deploy Sahara service
- requires:
- - overcloud-resource-registry-puppet.yaml
- - title: Ironic
- description:
- environments:
- - file: environments/services/ironic.yaml
- title: Ironic
- description: Deploy Ironic service
- requires:
- - overcloud-resource-registry-puppet.yaml
- - title: Mistral
- description:
- environments:
- - file: environments/services/mistral.yaml
- title: Mistral
- description: Deploy Mistral service
- requires:
- - overcloud-resource-registry-puppet.yaml
- - title: Ceilometer Api
- description:
+ - title: High Availability
+ description: Enables configuration of an Overcloud Controller with Pacemaker
environments:
- - file: environments/services/disable-ceilometer-api.yaml
- title: Ceilometer Api
- description: Disable Ceilometer Api service. This service is
- deprecated and will be removed in future releases. Please move
- to using gnocchi/aodh/panko apis instead.
+ - file: environments/puppet-pacemaker.yaml
+ title: High Availability (Pacemaker)
+ description:
requires:
- overcloud-resource-registry-puppet.yaml
- # - title: Network Interface Configuration
- # description:
- # environment_groups:
-
- - title: Overlay Network Configuration
+ - title: Network Configuration
description:
environment_groups:
- title: Network Isolation
to that role) on these networks.
requires:
- overcloud-resource-registry-puppet.yaml
- - title: Single NIC or Bonding
+ mutually_exclusive: true
+ - title: NICs, Bonding, VLANs Configuration
description: >
- Configure roles to use pair of bonded nics or to use Vlans on a
- single nic. This option assumes use of Network Isolation.
+ Choose one of the pre-defined configurations or provide custom
+ network-environment.yaml instead. Note that pre-defined configuration work
+ only with standard Roles and Networks. These options assume use of Network Isolation.
environments:
- file: environments/net-bond-with-vlans.yaml
title: Bond with Vlans
for each role. This option assumes use of Network Isolation.
requires:
- environments/network-isolation.yaml
- - overcloud-resource-registry-puppet.yaml
- file: environments/net-bond-with-vlans-no-external.yaml
title: Bond with Vlans No External Ports
description: >
Sets external ports to noop.
requires:
- environments/network-isolation.yaml
- - overcloud-resource-registry-puppet.yaml
- file: environments/net-bond-with-vlans-v6.yaml
title: Bond with Vlans IPv6
description: >
This option assumes use of Network Isolation IPv6.
requires:
- environments/network-isolation-v6.yaml
- - overcloud-resource-registry-puppet.yaml
- file: environments/net-multiple-nics.yaml
title: Multiple NICs
description: >
This option assumes use of Network Isolation.
requires:
- environments/network-isolation.yaml
- - overcloud-resource-registry-puppet.yaml
- file: environments/net-multiple-nics-v6.yaml
title: Multiple NICs IPv6
description: >
This option assumes use of Network Isolation IPv6.
requires:
- environments/network-isolation-v6.yaml
- - overcloud-resource-registry-puppet.yaml
- file: environments/net-single-nic-with-vlans.yaml
title: Single NIC with Vlans
description: >
each isolated network. This option assumes use of Network Isolation.
requires:
- environments/network-isolation.yaml
- - overcloud-resource-registry-puppet.yaml
- file: environments/net-single-nic-with-vlans-no-external.yaml
title: Single NIC with Vlans No External Ports
description: >
Sets external ports to noop.
requires:
- environments/network-isolation.yaml
- - overcloud-resource-registry-puppet.yaml
- file: environments/net-single-nic-linux-bridge-with-vlans.yaml
title: Single NIC with Linux Bridge Vlans
description: >
each isolated network. This option assumes use of Network Isolation.
requires:
- environments/network-isolation.yaml
- - overcloud-resource-registry-puppet.yaml
- file: environments/net-single-nic-with-vlans-v6.yaml
title: Single NIC with Vlans IPv6
description: >
This option assumes use of Network Isolation IPv6
requires:
- environments/network-isolation-v6.yaml
- - overcloud-resource-registry-puppet.yaml
+ mutually_exclusive: true
- title: Management Network
description: >
Enable the creation of a system management network. This
description:
requires:
- overcloud-resource-registry-puppet.yaml
+ mutually_exclusive: true
+
+ - title: Docker Network
+ description: >
+ [Temporary] Use this option when deploying containerized deployment
+ without network isolation
+ environments:
+ - file: environments/docker-network.yaml
+ title: Docker network
+ description:
+ requires:
+ - environments/docker.yaml
+
+ - title: External load balancer
+ description: >
+ Enable external load balancer, requires network Isolation to be enabled.
+ Note that this option assumes standard isolated networks set.
+ environments:
+ - file: environments/external-loadbalancer-vip.yaml
+ title: External load balancer IPv4
+ description: >
+ requires:
+ - environments/network-isolation.yaml
+ - file: environments/external-loadbalancer-vip-v6.yaml
+ title: External load balancer IPv6
+ description: >
+ requires:
+ - environments/network-isolation-v6.yaml
+ mutually_exclusive: true
- title: Neutron Plugin Configuration
description:
description:
requires:
- overcloud-resource-registry-puppet.yaml
- - file: environments/neutron-midonet.yaml
- title: Deploy MidoNet Services
+ - file: environments/networking/neutron-midonet.yaml
+ title: Neutron MidoNet Services
description:
requires:
- overcloud-resource-registry-puppet.yaml
requires:
- overcloud-resource-registry-puppet.yaml
- - title: Nova Extensions
- description:
- environment_groups:
- - title: Nova Extensions
- description:
- environments:
- - file: environments/nova-nuage-config.yaml
- title: Nuage backend
- description: >
- Enables Nuage backend on the Compute
- requires:
- - overcloud-resource-registry-puppet.yaml
-
- title: Storage
description:
environment_groups:
- - title: Cinder backup service
- description:
- environments:
- - file: environments/cinder-backup.yaml
- title: Cinder backup service
- description: >
- OpenStack Cinder Backup service with Pacemaker configured
- with Puppet
- requires:
- - environments/puppet-pacemaker.yaml
- - overcloud-resource-registry-puppet.yaml
- - title: Cinder backend
+ - title: Cinder backends
description: >
Enable various Cinder backends
environments:
description:
requires:
- overcloud-resource-registry-puppet.yaml
- - file: environments/cinder-netapp-config.yaml
+ - file: environments/storage/cinder-netapp-config.yaml
title: Cinder NetApp backend
description:
requires:
- file: environments/cinder-dellsc-config.yaml
title: Cinder Dell EMC Storage Center ISCSI backend
description: >
- Enables a Cinder Dell EMC Storage Center ISCSI backend,
- configured via puppet
+ Enables a Cinder Dell EMC Storage Center ISCSI backend
requires:
- overcloud-resource-registry-puppet.yaml
- file: environments/cinder-hpelefthand-config.yaml
title: Cinder HPELeftHandISCSI backend
description: >
- Enables a Cinder HPELeftHandISCSI backend, configured
- via puppet
+ Enables a Cinder HPELeftHandISCSI backend
requires:
- overcloud-resource-registry-puppet.yaml
- file: environments/cinder-dellps-config.yaml
title: Cinder Dell EMC PS Series backend
description: >
- Enables a Cinder Dell EMC PS Series backend,
- configured via puppet
+ Enables a Cinder Dell EMC PS Series backend
requires:
- overcloud-resource-registry-puppet.yaml
- file: environments/cinder-iser.yaml
- file: environments/cinder-scaleio-config.yaml
title: Cinder Dell EMC ScaleIO backend
description: >
- Enables a Cinder Dell EMC ScaleIO backend,
- configured via puppet
+ Enables a Cinder Dell EMC ScaleIO backend
requires:
- overcloud-resource-registry-puppet.yaml
- file: environments/cinder-veritas-hyperscale-config.yaml
configured via puppet
requires:
- overcloud-resource-registry-puppet.yaml
- - title: Ceph
- description: >
- Enable the use of Ceph in the overcloud
+ - title: Cinder backup service
+ description:
environments:
- - file: environments/puppet-ceph-external.yaml
- title: Externally managed Ceph
+ - file: environments/cinder-backup.yaml
+ title: Cinder backup service
description: >
- Configures the overcloud to use an externally managed Ceph cluster, via RBD driver.
+ OpenStack Cinder Backup service with Pacemaker
requires:
+ - environments/puppet-pacemaker.yaml
- overcloud-resource-registry-puppet.yaml
+ - title: Ceph
+ description: >
+ Enable the use of Ceph in the overcloud
+ environments:
- file: environments/puppet-ceph.yaml
- title: TripleO managed Ceph
+ title: Ceph Storage Backend
description: >
Deploys a Ceph cluster via TripleO, requires at lease one CephStorage node or
use of hyperconverged-ceph.yaml environment for the HCI scenario, where CephOSD is
colocated with NovaCompute and configures the overcloud to use it, via RBD driver.
requires:
- overcloud-resource-registry-puppet.yaml
- - title: CephMDS
- description: >
- Deploys CephMDS via TripleO, an additional Ceph service needed to create shared
- filesystems hosted in Ceph.
+ - file: environments/storage/external-ceph.yaml
+ title: Externally managed Ceph
+ description: >
+ Configures the overcloud to use an externally managed Ceph cluster, via RBD driver.
+ requires:
+ - overcloud-resource-registry-puppet.yaml
+ mutually_exclusive: true
+ - title: Additional Ceph Options
+ description:
environments:
- file: environments/services/ceph-mds.yaml
title: Deploys CephMDS
- description:
+ description: >
+ Deploys CephMDS via TripleO, an additional Ceph service needed to create shared
+ filesystems hosted in Ceph.
requires:
- environments/puppet-ceph.yaml
- - title: Ceph Rados Gateway
- description: >
- Deploys CephRGW via TripleO, transparently replaces Swift providing a compatible API
- which stores data in the Ceph cluster.
- environments:
- file: environments/ceph-radosgw.yaml
- title: Deploys CephRGW
- description:
+ title: Ceph Rados Gateway
+ description: >
+ Deploys CephRGW via TripleO, transparently replaces Swift providing a compatible API
+ which stores data in the Ceph cluster.
requires:
- environments/puppet-ceph.yaml
- - title: Manila with CephFS
- description: >
- Deploys Manila and configures it with the CephFS driver. This requires the deployment of
- Ceph and CephMDS from TripleO or the use of an external Ceph cluster for the overcloud.
- environments:
- file: environments/manila-cephfsnative-config.yaml
- title: Deploys Manila with CephFS driver
- description: Deploys Manila and configures CephFS as its default backend.
+ title: Manila with CephFS
+ description: >
+ Deploys Manila and configures it with the CephFS driver. This requires the deployment of
+ Ceph and CephMDS from TripleO or the use of an external Ceph cluster for the overcloud.
requires:
- overcloud-resource-registry-puppet.yaml
- - title: Storage Environment
- description: >
- Can be used to set up storage backends. Defaults to Ceph used as a
- backend for Cinder, Glance, Nova ephemeral storage and Gnocchi. It
- configures which services will use Ceph, or if any of the services
- will use NFS. And more. Usually requires to be edited by user first.
- tags:
- - no-gui
+ - title: Glance backends
+ description:
environments:
- - file: environments/storage-environment.yaml
- title: Storage Environment
- description:
+ - file: environments/storage/glance-nfs.yaml
+ title: Glance NFS Backend
+ description: |
+ Configure and enable this option to enable the use of an NFS
+ share as the backend for Glance.
requires:
- overcloud-resource-registry-puppet.yaml
- - title: Utilities
- description:
+
+ - title: Security
+ description: Security Hardening Options
environment_groups:
- - title: Config Debug
- description: Enable config management (e.g. Puppet) debugging
+ - title: TLS
+ description:
environments:
- - file: environments/config-debug.yaml
- title: Config Debug
+ - file: environments/ssl/enable-tls.yaml
+ title: SSL on OpenStack Public Endpoints
+ description: >
+ Use this option to pass in certificates for SSL deployments.
+ For these values to take effect, one of the TLS endpoints
+ options must also be used.
+ requires:
+ - overcloud-resource-registry-puppet.yaml
+ - title: TLS Endpoints
+ description:
+ environments:
+ - file: environments/ssl/tls-endpoints-public-dns.yaml
+ title: SSL-enabled deployment with DNS name as public endpoint
+ description: >
+ Use this option when deploying an SSL-enabled overcloud where the public
+ endpoint is a DNS name.
+ requires:
+ - environments/ssl/enable-tls.yaml
+ - file: environments/ssl/tls-everywhere-endpoints-dns.yaml
+ title: Deploy All SSL Endpoints as DNS names
+ description: >
+ Use this option when deploying an overcloud where all the endpoints are
+ DNS names and there's TLS in all endpoint types.
+ requires:
+ - environments/ssl/enable-tls.yaml
+ - file: environments/ssl/tls-endpoints-public-ip.yaml
+ title: SSL-enabled deployment with IP address as public endpoint
+ description: >
+ Use this option when deploying an SSL-enabled overcloud where the public
+ endpoint is an IP address.
+ requires:
+ - environments/ssl/enable-tls.yaml
+ mutually_exclusive: true
+ - title: SSH Banner Text
+ description: Enables population of SSH Banner Text
+ environments:
+ - file: environments/sshd-banner.yaml
+ title: SSH Banner Text
description:
requires:
- overcloud-resource-registry-puppet.yaml
- - title: Disable journal in MongoDb
- description: >
- Since, when journaling is enabled, MongoDb will create big journal
- file it can take time. In a CI environment for example journaling is
- not necessary.
+ - title: Horizon Password Validation
+ description: Enable Horizon Password validation
environments:
- - file: environments/mongodb-nojournal.yaml
- title: Disable journal in MongoDb
+ - file: environments/horizon_password_validation.yaml
+ title: Horizon Password Validation
description:
requires:
- overcloud-resource-registry-puppet.yaml
- - title: Overcloud Steps
- description: >
- Specifies hooks/breakpoints where overcloud deployment should stop
- Allows operator validation between steps, and/or more granular control.
- Note: the wildcards relate to naming convention for some resource suffixes,
- e.g see puppet/*-post.yaml, enabling this will mean we wait for
- a user signal on every *Deployment_StepN resource defined in those files.
- tags:
- - no-gui
+ - title: AuditD Rules
+ description: Management of AuditD rules
environments:
- - file: environments/overcloud-steps.yaml
- title: Overcloud Steps
+ - file: environments/auditd.yaml
+ title: AuditD Rule Management
description:
requires:
- overcloud-resource-registry-puppet.yaml
+ - title: Keystone CADF auditing
+ description: Enable CADF notifications in Keystone for auditing
+ environments:
+ - file: environments/cadf.yaml
+ title: Keystone CADF auditing
+ - title: SecureTTY Values
+ description: Set values within /etc/securetty
+ environments:
+ - file: environments/securetty.yaml
+ title: SecureTTY Values
+
+ - title: Additional Services
+ description:
+ environment_groups:
+ - title:
+ description: Deploy additional services
+ environments:
+ - file: environments/services/manila-generic-config.yaml
+ title: Barbican
+ description: Enable Barbican with the default secret store backend
+ requires:
+ - overcloud-resource-registry-puppet.yaml
+ - file: environments/manila-generic-config.yaml
+ title: Manila
+ description: Enable Manila with generic driver backend
+ requires:
+ - overcloud-resource-registry-puppet.yaml
+ - file: environments/services/sahara.yaml
+ title: Sahara
+ description: Deploy Sahara service
+ requires:
+ - overcloud-resource-registry-puppet.yaml
+ - file: environments/services/ironic.yaml
+ title: Ironic
+ description: Deploy Ironic service
+ requires:
+ - overcloud-resource-registry-puppet.yaml
+ - file: environments/services/mistral.yaml
+ title: Mistral
+ description: Deploy Mistral service
+ requires:
+ - overcloud-resource-registry-puppet.yaml
+ - file: environments/services/ec2-api.yaml
+ title: EC2 API
+ description: Enable EC2-API service
+ requires:
+ - overcloud-resource-registry-puppet.yaml
+ - file: environments/services/zaqar.yaml
+ title: Zaqar
+ description: Deploy Zaqar service
+ requires:
+ - overcloud-resource-registry-puppet.yaml
+
+ - title: Nova Extensions
+ description:
+ environment_groups:
+ - title: Nova Extensions
+ description:
+ environments:
+ - file: environments/nova-nuage-config.yaml
+ title: Nuage backend
+ description: >
+ Enables Nuage backend on the Compute
+ requires:
+ - overcloud-resource-registry-puppet.yaml
- title: Operational Tools
description:
description: Enable monitoring agents
environments:
- file: environments/monitoring-environment.yaml
- title: Enable monitoring agents
+ title: Monitoring agents
description:
requires:
- overcloud-resource-registry-puppet.yaml
description: Enable centralized logging clients (fluentd)
environments:
- file: environments/logging-environment.yaml
- title: Enable fluentd client
+ title: fluentd client
description:
requires:
- overcloud-resource-registry-puppet.yaml
description: Enable performance monitoring agents
environments:
- file: environments/collectd-environment.yaml
- title: Enable performance monitoring agents
+ title: Performance monitoring agents
description:
requires:
- overcloud-resource-registry-puppet.yaml
- - title: Security Options
- description: Security Hardening Options
+ - title: Utilities
+ description:
environment_groups:
- - title: SSH Banner Text
- description: Enables population of SSH Banner Text
+ - title: Config Debug
+ description: Enable config management (e.g. Puppet) debugging
environments:
- - file: environments/sshd-banner.yaml
- title: SSH Banner Text
+ - file: environments/config-debug.yaml
+ title: Config Debug
description:
requires:
- overcloud-resource-registry-puppet.yaml
- - title: Horizon Password Validation
- description: Enable Horizon Password validation
+ - title: Disable journal in MongoDb
+ description: >
+ Since, when journaling is enabled, MongoDb will create big journal
+ file it can take time. In a CI environment for example journaling is
+ not necessary.
environments:
- - file: environments/horizon_password_validation.yaml
- title: Horizon Password Validation
+ - file: environments/mongodb-nojournal.yaml
+ title: Disable journal in MongoDb
description:
requires:
- overcloud-resource-registry-puppet.yaml
- - title: AuditD Rules
- description: Management of AuditD rules
+ - title: Overcloud Steps
+ description: >
+ Specifies hooks/breakpoints where overcloud deployment should stop
+ Allows operator validation between steps, and/or more granular control.
+ Note: the wildcards relate to naming convention for some resource suffixes,
+ e.g see puppet/*-post.yaml, enabling this will mean we wait for
+ a user signal on every *Deployment_StepN resource defined in those files.
+ tags:
+ - no-gui
environments:
- - file: environments/auditd.yaml
- title: AuditD Rule Management
+ - file: environments/overcloud-steps.yaml
+ title: Overcloud Steps
description:
requires:
- overcloud-resource-registry-puppet.yaml
- - title: Keystone CADF auditing
- description: Enable CADF notifications in Keystone for auditing
- environments:
- - file: environments/cadf.yaml
- title: Keystone CADF auditing
- - title: SecureTTY Values
- description: Set values within /etc/securetty
- environments:
- - file: environments/securetty.yaml
- title: SecureTTY Values
OS::TripleO::Services::Zaqar: ../../puppet/services/zaqar.yaml
OS::TripleO::Services::Ec2Api: ../../puppet/services/ec2-api.yaml
OS::TripleO::Services::RabbitMQ: ../../puppet/services/pacemaker/rabbitmq.yaml
+ OS::TripleO::Services::Redis: ../../puppet/services/pacemaker/database/redis.yaml
OS::TripleO::Services::HAproxy: ../../puppet/services/pacemaker/haproxy.yaml
OS::TripleO::Services::Pacemaker: ../../puppet/services/pacemaker.yaml
OS::TripleO::Services::MySQL: ../../puppet/services/pacemaker/database/mysql.yaml
- OS::TripleO::Services::TripleoFirewall
- OS::TripleO::Services::Sshd
- OS::TripleO::Services::Iscsid
+ - OS::TripleO::Services::Redis
+ - OS::TripleO::Services::AodhApi
+ - OS::TripleO::Services::AodhEvaluator
+ - OS::TripleO::Services::AodhNotifier
+ - OS::TripleO::Services::AodhListener
+ - OS::TripleO::Services::CeilometerAgentCentral
+ - OS::TripleO::Services::CeilometerAgentIpmi
+ - OS::TripleO::Services::CeilometerAgentNotification
+ - OS::TripleO::Services::GnocchiApi
+ - OS::TripleO::Services::GnocchiMetricd
+ - OS::TripleO::Services::GnocchiStatsd
+ - OS::TripleO::Services::PankoApi
ControllerExtraConfig:
nova::compute::libvirt::services::libvirt_virt_type: qemu
nova::compute::libvirt::libvirt_virt_type: qemu
OS::TripleO::Services::NeutronDhcpAgent: OS::Heat::None
OS::TripleO::Services::ComputeNeutronOvsAgent: OS::Heat::None
OS::TripleO::Services::NeutronCorePlugin: OS::TripleO::Services::NeutronCorePluginML2OVN
- OS::TripleO::Services::ComputeNeutronCorePlugin: ../../puppet/services/neutron-compute-plugin-ovn.yaml
+ OS::TripleO::Services::ComputeNeutronCorePlugin: OS::Heat::None
+ OS::TripleO::Services::OVNController: ../../puppet/services/ovn-controller.yaml
OS::TripleO::Services::OVNDBs: ../../puppet/services/ovn-dbs.yaml
parameter_defaults:
- OS::TripleO::Services::NeutronServer
- OS::TripleO::Services::NeutronCorePlugin
- OS::TripleO::Services::OVNDBs
- - OS::TripleO::Services::ComputeNeutronCorePlugin
+ - OS::TripleO::Services::OVNController
- OS::TripleO::Services::RabbitMQ
- OS::TripleO::Services::HAproxy
- OS::TripleO::Services::Keepalived
description: Role name on which the service is applied
type: string
RoleParameters:
- description: Role Specific parameters to be provided to service
+ description: Parameters specific to the role
default: {}
type: json
key_name:
type: string
default: unused
+ description: Name of keypair to assign to servers
security_groups:
type: json
default: []
-# Using Docker Containers With TripleO
+# Containers based OpenStack deployment
-## Configuring TripleO with to use a container based compute node.
-
-Steps include:
-- Adding a base OS image to glance
-- Deploy an overcloud configured to use the docker compute heat templates
-
-## Getting base OS image working.
-
-Download the fedora atomic image into glance:
-
-```
-wget https://download.fedoraproject.org/pub/fedora/linux/releases/22/Cloud/x86_64/Images/Fedora-Cloud-Atomic-22-20150521.x86_64.qcow2
-glance image-create --name atomic-image --file Fedora-Cloud-Atomic-22-20150521.x86_64.qcow2 --disk-format qcow2 --container-format bare
-```
-
-## Configuring TripleO
-
-You can use the tripleo.sh script up until the point of running the Overcloud.
-https://github.com/openstack/tripleo-common/blob/master/scripts/tripleo.sh
-
-You will want to set up the runtime puppet script delivery system described here:
-http://hardysteven.blogspot.ca/2016/08/tripleo-deploy-artifacts-and-puppet.html
-
-Create the Overcloud:
-```
-$ openstack overcloud deploy --templates=tripleo-heat-templates -e tripleo-heat-templates/environments/docker.yaml -e tripleo-heat-templates/environments/docker-network.yaml --libvirt-type=qemu
-```
-
-Using Network Isolation in the Overcloud:
-```
-$ openstack overcloud deploy --templates=tripleo-heat-templates -e tripleo-heat-templates/environments/docker.yaml -e tripleo-heat-templates/environments/docker-network-isolation.yaml --libvirt-type=qemu
-```
-
-Source the overcloudrc and then you can use the overcloud.
-
-## Debugging
-
-You can ssh into the controller/compute nodes by using the heat key, eg:
-```
-nova list
-ssh heat-admin@<compute_node_ip>
-```
-
-You can check to see what docker containers are running:
-```
-sudo docker ps -a
-```
-
-To enter a container that doesn't seem to be working right:
-```
-sudo docker exec -ti <container name> /bin/bash
-```
-
-Then you can check logs etc.
-
-You can also just do a 'docker logs' on a given container.
+https://docs.openstack.org/tripleo-docs/latest/install/containers_deployment/
command: >-
puppet apply
--modulepath=/etc/puppet/modules:/opt/stack/puppet-modules:/usr/share/openstack-puppet/modules
- --logdest syslog --color=false
+ --logdest syslog --logdest console --color=false
/var/lib/tripleo-config/puppet_step_config.pp
changed_when: false
check_mode: no
sync
FACTER_hostname=$HOSTNAME FACTER_uuid=docker /usr/bin/puppet apply \
- --color=false --logdest syslog $TAGS /etc/config.pp
+ --color=false --logdest syslog --logdest console $TAGS /etc/config.pp
# Disables archiving
if [ -z "$NO_ARCHIVE" ]; then
ContainersCommon:
type: ./containers-common.yaml
+ MySQLClient:
+ type: ../../puppet/services/database/mysql-client.yaml
+
AodhApiPuppetBase:
type: ../../puppet/services/aodh-api.yaml
properties:
- get_attr: [AodhApiPuppetBase, role_data, config_settings]
- apache::default_vhost: false
step_config: &step_config
- get_attr: [AodhApiPuppetBase, role_data, step_config]
+ list_join:
+ - "\n"
+ - - {get_attr: [AodhApiPuppetBase, role_data, step_config]}
+ - {get_attr: [MySQLClient, role_data, step_config]}
service_config_settings: {get_attr: [AodhApiPuppetBase, role_data, service_config_settings]}
# BEGIN DOCKER SETTINGS
puppet_config:
ContainersCommon:
type: ./containers-common.yaml
+ MySQLClient:
+ type: ../../puppet/services/database/mysql-client.yaml
+
AodhEvaluatorBase:
type: ../../puppet/services/aodh-evaluator.yaml
properties:
map_merge:
- get_attr: [AodhEvaluatorBase, role_data, config_settings]
step_config: &step_config
- get_attr: [AodhEvaluatorBase, role_data, step_config]
+ list_join:
+ - "\n"
+ - - {get_attr: [AodhEvaluatorBase, role_data, step_config]}
+ - {get_attr: [MySQLClient, role_data, step_config]}
service_config_settings: {get_attr: [AodhEvaluatorBase, role_data, service_config_settings]}
# BEGIN DOCKER SETTINGS
puppet_config:
ContainersCommon:
type: ./containers-common.yaml
+ MySQLClient:
+ type: ../../puppet/services/database/mysql-client.yaml
+
AodhListenerBase:
type: ../../puppet/services/aodh-listener.yaml
properties:
map_merge:
- get_attr: [AodhListenerBase, role_data, config_settings]
step_config: &step_config
- get_attr: [AodhListenerBase, role_data, step_config]
+ list_join:
+ - "\n"
+ - - {get_attr: [AodhListenerBase, role_data, step_config]}
+ - {get_attr: [MySQLClient, role_data, step_config]}
service_config_settings: {get_attr: [AodhListenerBase, role_data, service_config_settings]}
# BEGIN DOCKER SETTINGS
puppet_config:
ContainersCommon:
type: ./containers-common.yaml
+ MySQLClient:
+ type: ../../puppet/services/database/mysql-client.yaml
+
AodhNotifierBase:
type: ../../puppet/services/aodh-notifier.yaml
properties:
map_merge:
- get_attr: [AodhNotifierBase, role_data, config_settings]
step_config: &step_config
- get_attr: [AodhNotifierBase, role_data, step_config]
+ list_join:
+ - "\n"
+ - - {get_attr: [AodhNotifierBase, role_data, step_config]}
+ - {get_attr: [MySQLClient, role_data, step_config]}
service_config_settings: {get_attr: [AodhNotifierBase, role_data, service_config_settings]}
# BEGIN DOCKER SETTINGS
puppet_config:
--- /dev/null
+heat_template_version: pike
+
+description: >
+ Ceph base service. Shared by all Ceph services.
+
+parameters:
+ ServiceData:
+ default: {}
+ description: Dictionary packing service data
+ type: json
+ ServiceNetMap:
+ default: {}
+ description: Mapping of service_name -> network name. Typically set
+ via parameter_defaults in the resource registry. This
+ mapping overrides those in ServiceNetMapDefaults.
+ type: json
+ DefaultPasswords:
+ default: {}
+ type: json
+ RoleName:
+ default: ''
+ description: Role name on which the service is applied
+ type: string
+ RoleParameters:
+ default: {}
+ description: Parameters specific to the role
+ type: json
+ EndpointMap:
+ default: {}
+ description: Mapping of service endpoint -> protocol. Typically set
+ via parameter_defaults in the resource registry.
+ type: json
+ CephAnsibleWorkflowName:
+ type: string
+ description: Name of the Mistral workflow to execute
+ default: tripleo.storage.v1.ceph-install
+ CephAnsiblePlaybook:
+ type: string
+ description: Path to the ceph-ansible playbook to execute
+ default: /usr/share/ceph-ansible/site-docker.yml.sample
+ CephAnsibleExtraConfig:
+ type: json
+ description: Extra vars for the ceph-ansible playbook
+ default: {}
+ CephClusterFSID:
+ type: string
+ description: The Ceph cluster FSID. Must be a UUID.
+ CephPoolDefaultPgNum:
+ description: default pg_num to use for the RBD pools
+ type: number
+ default: 32
+ CephPools:
+ description: >
+ It can be used to override settings for one of the predefined pools, or to create
+ additional ones. Example:
+ {
+ "volumes": {
+ "size": 5,
+ "pg_num": 128,
+ "pgp_num": 128
+ }
+ }
+ default: {}
+ type: json
+ CinderRbdPoolName:
+ default: volumes
+ type: string
+ CinderBackupRbdPoolName:
+ default: backups
+ type: string
+ GlanceRbdPoolName:
+ default: images
+ type: string
+ GnocchiRbdPoolName:
+ default: metrics
+ type: string
+ NovaRbdPoolName:
+ default: vms
+ type: string
+ CephClientKey:
+ description: The Ceph client key. Can be created with ceph-authtool --gen-print-key. Currently only used for external Ceph deployments to create the openstack user keyring.
+ type: string
+ hidden: true
+ CephClientUserName:
+ default: openstack
+ type: string
+ CephPoolDefaultSize:
+ description: default minimum replication for RBD copies
+ type: number
+ default: 3
+ CephIPv6:
+ default: False
+ type: boolean
+ DockerCephDaemonImage:
+ description: image
+ type: string
+ default: 'ceph/daemon:tag-build-master-jewel-centos-7'
+
+conditions:
+ custom_registry_host:
+ yaql:
+ data: {get_param: DockerCephDaemonImage}
+ expression: $.data.split('/')[0].matches('(\.|:)')
+
+outputs:
+ role_data:
+ description: Role data for the Ceph base service.
+ value:
+ service_name: ceph_base
+ upgrade_tasks: []
+ step_config: ''
+ puppet_config:
+ config_image: ''
+ config_volume: ''
+ step_config: ''
+ docker_config: {}
+ service_workflow_tasks:
+ step2:
+ - name: ceph_base_ansible_workflow
+ workflow: { get_param: CephAnsibleWorkflowName }
+ input:
+ ceph_ansible_extra_vars: {get_param: CephAnsibleExtraConfig}
+ ceph_ansible_playbook: {get_param: CephAnsiblePlaybook}
+ config_settings:
+ ceph_common_ansible_vars:
+ fsid: { get_param: CephClusterFSID }
+ docker: true
+ ceph_docker_registry:
+ if:
+ - custom_registry_host
+ - yaql:
+ expression: regex('(?:https?://)?(.*)/').split($.data)[1]
+ data: {str_split: [':', {get_param: DockerCephDaemonImage}, 0]}
+ - docker.io
+ ceph_docker_image:
+ if:
+ - custom_registry_host
+ - yaql:
+ expression: regex('(?:https?://)?(.*)/').split($.data)[2]
+ data: {str_split: [':', {get_param: DockerCephDaemonImage}, 0]}
+ - {str_split: [':', {get_param: DockerCephDaemonImage}, 0]}
+ ceph_docker_image_tag: {str_split: [':', {get_param: DockerCephDaemonImage}, 1]}
+ containerized_deployment: true
+ public_network: {get_param: [ServiceData, net_cidr_map, {get_param: [ServiceNetMap, CephMonNetwork]}]}
+ cluster_network: {get_param: [ServiceData, net_cidr_map, {get_param: [ServiceNetMap, CephClusterNetwork]}]}
+ user_config: true
+ ceph_stable: true
+ ceph_origin: distro
+ openstack_config: true
+ openstack_pools:
+ list_concat:
+ - repeat:
+ template:
+ name: <%pool%>
+ pg_num: {get_param: CephPoolDefaultPgNum}
+ rule_name: ""
+ for_each:
+ <%pool%>:
+ - {get_param: CinderRbdPoolName}
+ - {get_param: CinderBackupRbdPoolName}
+ - {get_param: NovaRbdPoolName}
+ - {get_param: GlanceRbdPoolName}
+ - {get_param: GnocchiRbdPoolName}
+ - repeat:
+ template:
+ name: <%pool%>
+ pg_num: {get_param: CephPoolDefaultPgNum}
+ rule_name: ""
+ for_each:
+ <%pool%>: {get_param: CephPools}
+ openstack_keys: &openstack_keys
+ - name:
+ list_join:
+ - '.'
+ - - client
+ - {get_param: CephClientUserName}
+ key: {get_param: CephClientKey}
+ mon_cap: "allow r"
+ osd_cap:
+ str_replace:
+ template: "allow class-read object_prefix rbd_children, allow rwx pool=CINDER_POOL, allow rwx pool=CINDERBACKUP_POOL, allow rwx pool=NOVA_POOL, allow rwx pool=GLANCE_POOL, allow rwx pool=GNOCCHI_POOL"
+ params:
+ NOVA_POOL: {get_param: NovaRbdPoolName}
+ CINDER_POOL: {get_param: CinderRbdPoolName}
+ CINDERBACKUP_POOL: {get_param: CinderBackupRbdPoolName}
+ GLANCE_POOL: {get_param: GlanceRbdPoolName}
+ GNOCCHI_POOL: {get_param: GnocchiRbdPoolName}
+ acls:
+ - "u:glance:r--"
+ - "u:nova:r--"
+ - "u:cinder:r--"
+ - "u:gnocchi:r--"
+ keys: *openstack_keys
+ pools: []
+ ceph_conf_overrides:
+ global:
+ osd_pool_default_size: {get_param: CephPoolDefaultSize}
+ osd_pool_default_pg_num: {get_param: CephPoolDefaultPgNum}
+ ntp_service_enabled: false
+ generate_fsid: false
+ ip_version:
+ if:
+ - {get_param: CephIPv6}
+ - ipv6
+ - ipv4
heat_template_version: pike
description: >
- Provision Contrail services after deployment
+ Ceph Client service.
parameters:
ServiceData:
type: json
resources:
- ContrailBase:
- type: ./contrail-base.yaml
+ CephBase:
+ type: ./ceph-base.yaml
properties:
ServiceData: {get_param: ServiceData}
ServiceNetMap: {get_param: ServiceNetMap}
outputs:
role_data:
- description: Contrail provisioning role
+ description: Role data for the Ceph Client service.
value:
- service_name: contrail_provision
- config_settings:
- map_merge:
- - get_attr: [ContrailBase, role_data, config_settings]
- step_config: |
- include ::tripleo::network::contrail::provision
+ service_name: ceph_client
+ upgrade_tasks: []
+ step_config: ''
+ puppet_config:
+ config_image: ''
+ config_volume: ''
+ step_config: ''
+ docker_config: {}
+ service_workflow_tasks: {get_attr: [CephBase, role_data, service_workflow_tasks]}
+ config_settings: {}
--- /dev/null
+heat_template_version: pike
+
+description: >
+ Ceph Monitor service.
+
+parameters:
+ ServiceData:
+ default: {}
+ description: Dictionary packing service data
+ type: json
+ ServiceNetMap:
+ default: {}
+ description: Mapping of service_name -> network name. Typically set
+ via parameter_defaults in the resource registry. This
+ mapping overrides those in ServiceNetMapDefaults.
+ type: json
+ DefaultPasswords:
+ default: {}
+ type: json
+ RoleName:
+ default: ''
+ description: Role name on which the service is applied
+ type: string
+ RoleParameters:
+ default: {}
+ description: Parameters specific to the role
+ type: json
+ EndpointMap:
+ default: {}
+ description: Mapping of service endpoint -> protocol. Typically set
+ via parameter_defaults in the resource registry.
+ type: json
+ CephMonKey:
+ description: The Ceph monitors key. Can be created with ceph-authtool --gen-print-key.
+ type: string
+ hidden: true
+ CephAdminKey:
+ default: ''
+ description: The Ceph admin client key. Can be created with ceph-authtool --gen-print-key.
+ type: string
+ hidden: true
+ CephValidationRetries:
+ type: number
+ default: 40
+ description: Number of retry attempts for Ceph validation
+ CephValidationDelay:
+ type: number
+ default: 30
+ description: Interval (in seconds) in between validation checks
+
+resources:
+ CephBase:
+ type: ./ceph-base.yaml
+ properties:
+ ServiceData: {get_param: ServiceData}
+ ServiceNetMap: {get_param: ServiceNetMap}
+ DefaultPasswords: {get_param: DefaultPasswords}
+ EndpointMap: {get_param: EndpointMap}
+ RoleName: {get_param: RoleName}
+ RoleParameters: {get_param: RoleParameters}
+
+outputs:
+ role_data:
+ description: Role data for the Ceph Monitor service.
+ value:
+ service_name: ceph_mon
+ upgrade_tasks: []
+ step_config: ''
+ puppet_config:
+ config_image: ''
+ config_volume: ''
+ step_config: ''
+ docker_config: {}
+ service_workflow_tasks: {get_attr: [CephBase, role_data, service_workflow_tasks]}
+ config_settings:
+ map_merge:
+ - tripleo.ceph_mon.firewall_rules:
+ '110 ceph_mon':
+ dport:
+ - 6789
+ - ceph_mon_ansible_vars:
+ map_merge:
+ - {get_attr: [CephBase, role_data, config_settings, ceph_common_ansible_vars]}
+ - monitor_secret: {get_param: CephMonKey}
+ admin_secret: {get_param: CephAdminKey}
+ monitor_interface: br_ex
--- /dev/null
+heat_template_version: pike
+
+description: >
+ Ceph OSD service.
+
+parameters:
+ ServiceData:
+ default: {}
+ description: Dictionary packing service data
+ type: json
+ ServiceNetMap:
+ default: {}
+ description: Mapping of service_name -> network name. Typically set
+ via parameter_defaults in the resource registry. This
+ mapping overrides those in ServiceNetMapDefaults.
+ type: json
+ DefaultPasswords:
+ default: {}
+ type: json
+ RoleName:
+ default: ''
+ description: Role name on which the service is applied
+ type: string
+ RoleParameters:
+ default: {}
+ description: Parameters specific to the role
+ type: json
+ EndpointMap:
+ default: {}
+ description: Mapping of service endpoint -> protocol. Typically set
+ via parameter_defaults in the resource registry.
+ type: json
+ CephAnsibleDisksConfig:
+ type: json
+ description: Disks config settings for ceph-ansible
+ default:
+ devices:
+ - /dev/vdb
+ journal_size: 512
+ journal_collocation: true
+
+resources:
+ CephBase:
+ type: ./ceph-base.yaml
+ properties:
+ ServiceData: {get_param: ServiceData}
+ ServiceNetMap: {get_param: ServiceNetMap}
+ DefaultPasswords: {get_param: DefaultPasswords}
+ EndpointMap: {get_param: EndpointMap}
+ RoleName: {get_param: RoleName}
+ RoleParameters: {get_param: RoleParameters}
+
+outputs:
+ role_data:
+ description: Role data for the Ceph OSD service.
+ value:
+ service_name: ceph_osd
+ upgrade_tasks: []
+ step_config: ''
+ puppet_config:
+ config_image: ''
+ config_volume: ''
+ step_config: ''
+ docker_config: {}
+ service_workflow_tasks: {get_attr: [CephBase, role_data, service_workflow_tasks]}
+ config_settings:
+ map_merge:
+ - tripleo.ceph_osd.firewall_rules:
+ '111 ceph_osd':
+ dport:
+ - '6800-7300'
+ - ceph_osd_ansible_vars:
+ map_merge:
+ - {get_attr: [CephBase, role_data, config_settings, ceph_common_ansible_vars]}
+ - {get_param: CephAnsibleDisksConfig}
\ No newline at end of file
ContainersCommon:
type: ./containers-common.yaml
+ MySQLClient:
+ type: ../../puppet/services/database/mysql-client.yaml
+
CinderBase:
type: ../../puppet/services/cinder-api.yaml
properties:
service_name: {get_attr: [CinderBase, role_data, service_name]}
config_settings: {get_attr: [CinderBase, role_data, config_settings]}
step_config: &step_config
- get_attr: [CinderBase, role_data, step_config]
+ list_join:
+ - "\n"
+ - - {get_attr: [CinderBase, role_data, step_config]}
+ - {get_attr: [MySQLClient, role_data, step_config]}
service_config_settings: {get_attr: [CinderBase, role_data, service_config_settings]}
# BEGIN DOCKER SETTINGS
puppet_config:
cinder_api_cron:
image: *cinder_api_image
net: host
+ user: root
privileged: false
restart: always
volumes:
environment:
- KOLLA_CONFIG_STRATEGY=COPY_ALWAYS
+ metadata_settings:
+ get_attr: [CinderBase, role_data, metadata_settings]
host_prep_tasks:
- name: create persistent logs directory
file:
ContainersCommon:
type: ./containers-common.yaml
+ MySQLClient:
+ type: ../../puppet/services/database/mysql-client.yaml
+
CinderBase:
type: ../../puppet/services/cinder-backup.yaml
properties:
service_name: {get_attr: [CinderBase, role_data, service_name]}
config_settings: {get_attr: [CinderBase, role_data, config_settings]}
step_config: &step_config
- get_attr: [CinderBase, role_data, step_config]
+ list_join:
+ - "\n"
+ - - {get_attr: [CinderBase, role_data, step_config]}
+ - {get_attr: [MySQLClient, role_data, step_config]}
service_config_settings: {get_attr: [CinderBase, role_data, service_config_settings]}
# BEGIN DOCKER SETTINGS
puppet_config:
/var/lib/kolla/config_files/cinder_backup.json:
command: /usr/bin/cinder-backup --config-file /usr/share/cinder/cinder-dist.conf --config-file /etc/cinder/cinder.conf
config_files:
- # NOTE(mandre): the copy of ceph conf will need to go once we
- # generate a ceph.conf for cinder in puppet
- # Copy ceph config files before cinder ones as a precaution, for
- # the later one to take precendence in case of duplicate files.
- - source: "/var/lib/kolla/config_files/src-ceph/*"
+ - source: "/var/lib/kolla/config_files/src/*"
dest: "/"
merge: true
preserve_properties: true
- - source: "/var/lib/kolla/config_files/src/*"
- dest: "/"
+ - source: "/var/lib/kolla/config_files/src-ceph/"
+ dest: "/etc/ceph/"
merge: true
preserve_properties: true
- source: "/var/lib/kolla/config_files/src-iscsid/*"
- /var/lib/kolla/config_files/cinder_backup.json:/var/lib/kolla/config_files/config.json:ro
- /var/lib/config-data/puppet-generated/cinder/:/var/lib/kolla/config_files/src:ro
- /var/lib/config-data/puppet-generated/iscsid/:/var/lib/kolla/config_files/src-iscsid:ro
- # FIXME: we need to generate a ceph.conf with puppet for this
- - /var/lib/config-data/puppet-generated/ceph/:/var/lib/kolla/config_files/src-ceph:ro
+ - /etc/ceph:/var/lib/kolla/config_files/src-ceph:ro
- /dev/:/dev/
- /run/:/run/
- /sys:/sys
with_items:
- /var/lib/cinder
- /var/log/containers/cinder
+ - name: ensure ceph configurations exist
+ file:
+ path: /etc/ceph
+ state: directory
upgrade_tasks:
- name: Stop and disable cinder_backup service
tags: step2
ContainersCommon:
type: ./containers-common.yaml
+ MySQLClient:
+ type: ../../puppet/services/database/mysql-client.yaml
+
CinderBase:
type: ../../puppet/services/cinder-scheduler.yaml
properties:
service_name: {get_attr: [CinderBase, role_data, service_name]}
config_settings: {get_attr: [CinderBase, role_data, config_settings]}
step_config: &step_config
- get_attr: [CinderBase, role_data, step_config]
+ list_join:
+ - "\n"
+ - - {get_attr: [CinderBase, role_data, step_config]}
+ - {get_attr: [MySQLClient, role_data, step_config]}
service_config_settings: {get_attr: [CinderBase, role_data, service_config_settings]}
# BEGIN DOCKER SETTINGS
puppet_config:
ContainersCommon:
type: ./containers-common.yaml
+ MySQLClient:
+ type: ../../puppet/services/database/mysql-client.yaml
+
CinderBase:
type: ../../puppet/services/cinder-volume.yaml
properties:
- "\n"
- - "include ::tripleo::profile::base::lvm"
- get_attr: [CinderBase, role_data, step_config]
+ - get_attr: [MySQLClient, role_data, step_config]
service_config_settings: {get_attr: [CinderBase, role_data, service_config_settings]}
# BEGIN DOCKER SETTINGS
puppet_config:
/var/lib/kolla/config_files/cinder_volume.json:
command: /usr/bin/cinder-volume --config-file /usr/share/cinder/cinder-dist.conf --config-file /etc/cinder/cinder.conf
config_files:
- # NOTE(mandre): the copy of ceph conf will need to go once we
- # generate a ceph.conf for cinder in puppet
- # Copy ceph config files before cinder ones as a precaution, for
- # the later one to take precendence in case of duplicate files.
- - source: "/var/lib/kolla/config_files/src-ceph/*"
+ - source: "/var/lib/kolla/config_files/src/*"
dest: "/"
merge: true
preserve_properties: true
- - source: "/var/lib/kolla/config_files/src/*"
- dest: "/"
+ - source: "/var/lib/kolla/config_files/src-ceph/"
+ dest: "/etc/ceph/"
merge: true
preserve_properties: true
- source: "/var/lib/kolla/config_files/src-iscsid/*"
- /var/lib/kolla/config_files/cinder_volume.json:/var/lib/kolla/config_files/config.json:ro
- /var/lib/config-data/puppet-generated/cinder/:/var/lib/kolla/config_files/src:ro
- /var/lib/config-data/puppet-generated/iscsid/:/var/lib/kolla/config_files/src-iscsid:ro
- # FIXME: we need to generate a ceph.conf with puppet for this
- - /var/lib/config-data/puppet-generated/ceph/:/var/lib/kolla/config_files/src-ceph:ro
+ - /etc/ceph:/var/lib/kolla/config_files/src-ceph:ro
- /lib/modules:/lib/modules:ro
- /dev/:/dev/
- /run/:/run/
with_items:
- /var/log/containers/cinder
- /var/lib/cinder
+ - name: ensure ceph configurations exist
+ file:
+ path: /etc/ceph
+ state: directory
- name: cinder_enable_iscsi_backend fact
set_fact:
cinder_enable_iscsi_backend: {get_param: CinderEnableIscsiBackend}
collectd:
image: {get_param: DockerCollectdImage}
net: host
+ pid: host
privileged: true
+ user: root
restart: always
volumes:
list_concat:
- {get_attr: [ContainersCommon, volumes]}
-
- - /var/run/docker.sock:/var/run/docker.sock:rw
- /var/lib/kolla/config_files/collectd.json:/var/lib/kolla/config_files/config.json:ro
- /var/lib/config-data/puppet-generated/collectd/:/var/lib/kolla/config_files/src:ro
+ - /var/log/containers/collectd:/var/log/collectd:rw
environment:
- KOLLA_CONFIG_STRATEGY=COPY_ALWAYS
host_prep_tasks:
ContainersCommon:
type: ./containers-common.yaml
+ MySQLClient:
+ type: ../../puppet/services/database/mysql-client.yaml
+
CongressBase:
type: ../../puppet/services/congress.yaml
properties:
map_merge:
- get_attr: [CongressBase, role_data, config_settings]
step_config: &step_config
- get_attr: [CongressBase, role_data, step_config]
+ list_join:
+ - "\n"
+ - - {get_attr: [CongressBase, role_data, step_config]}
+ - {get_attr: [MySQLClient, role_data, step_config]}
service_config_settings: {get_attr: [CongressBase, role_data, service_config_settings]}
# BEGIN DOCKER SETTINGS
puppet_config:
- /etc/ssh/ssh_known_hosts:/etc/ssh/ssh_known_hosts:ro
- if:
- internal_tls_enabled
- - - {get_param: InternalTLSCAFile}
+ - - list_join:
+ - ':'
+ - - {get_param: InternalTLSCAFile}
+ - {get_param: InternalTLSCAFile}
+ - 'ro'
- null
+++ /dev/null
-heat_template_version: pike
-
-description: >
- Configuration for containerized MySQL clients
-
-parameters:
- DockerMysqlClientConfigImage:
- description: The container image to use for the mysql_client config_volume
- type: string
- ServiceData:
- default: {}
- description: Dictionary packing service data
- type: json
- ServiceNetMap:
- default: {}
- description: Mapping of service_name -> network name. Typically set
- via parameter_defaults in the resource registry. This
- mapping overrides those in ServiceNetMapDefaults.
- type: json
- DefaultPasswords:
- default: {}
- type: json
- RoleName:
- default: ''
- description: Role name on which the service is applied
- type: string
- RoleParameters:
- default: {}
- description: Parameters specific to the role
- type: json
- EndpointMap:
- default: {}
- description: Mapping of service endpoint -> protocol. Typically set
- via parameter_defaults in the resource registry.
- type: json
- EnableInternalTLS:
- type: boolean
- default: false
- InternalTLSCAFile:
- default: '/etc/ipa/ca.crt'
- type: string
- description: Specifies the default CA cert to use if TLS is used for
- services in the internal network.
-
-outputs:
- role_data:
- description: Role for setting mysql client parameters
- value:
- service_name: mysql_client
- config_settings:
- tripleo::profile::base::database::mysql::client::mysql_client_bind_address: {get_param: [ServiceNetMap, MysqlNetwork]}
- tripleo::profile::base::database::mysql::client::enable_ssl: {get_param: EnableInternalTLS}
- tripleo::profile::base::database::mysql::client::ssl_ca: {get_param: InternalTLSCAFile}
- # BEGIN DOCKER SETTINGS #
- step_config: ""
- puppet_config:
- config_volume: mysql_client
- puppet_tags: file # set this even though file is the default
- step_config: "include ::tripleo::profile::base::database::mysql::client"
- config_image: {get_param: DockerMysqlClientConfigImage}
- # no need for a docker config, this service only generates configuration files
- docker_config: {}
ContainersCommon:
type: ./containers-common.yaml
+ MySQLClient:
+ type: ../../puppet/services/database/mysql-client.yaml
+
Ec2ApiPuppetBase:
type: ../../puppet/services/ec2-api.yaml
properties:
service_name: {get_attr: [Ec2ApiPuppetBase, role_data, service_name]}
config_settings: {get_attr: [Ec2ApiPuppetBase, role_data, config_settings]}
step_config: &step_config
- get_attr: [Ec2ApiPuppetBase, role_data, step_config]
+ list_join:
+ - "\n"
+ - - {get_attr: [Ec2ApiPuppetBase, role_data, step_config]}
+ - {get_attr: [MySQLClient, role_data, step_config]}
service_config_settings: {get_attr: [Ec2ApiPuppetBase, role_data, service_config_settings]}
# BEGIN DOCKER SETTINGS
puppet_config:
ContainersCommon:
type: ./containers-common.yaml
+ MySQLClient:
+ type: ../../puppet/services/database/mysql-client.yaml
+
GlanceApiPuppetBase:
type: ../../puppet/services/glance-api.yaml
properties:
- get_attr: [GlanceApiPuppetBase, role_data, config_settings]
- glance::api::sync_db: false
step_config: &step_config
- get_attr: [GlanceApiPuppetBase, role_data, step_config]
+ list_join:
+ - "\n"
+ - - {get_attr: [GlanceApiPuppetBase, role_data, step_config]}
+ - {get_attr: [MySQLClient, role_data, step_config]}
service_config_settings: {get_attr: [GlanceApiPuppetBase, role_data, service_config_settings]}
# BEGIN DOCKER SETTINGS #
puppet_config:
dest: "/"
merge: true
preserve_properties: true
+ - source: "/var/lib/kolla/config_files/src-ceph/"
+ dest: "/etc/ceph/"
+ merge: true
+ preserve_properties: true
/var/lib/kolla/config_files/glance_api_tls_proxy.json:
command: /usr/sbin/httpd -DFOREGROUND
config_files:
- /var/lib/kolla/config_files/glance_api.json:/var/lib/kolla/config_files/config.json
- /var/lib/config-data/puppet-generated/glance_api/:/var/lib/kolla/config_files/src:ro
- /var/log/containers/glance:/var/log/glance
+ - /etc/ceph:/var/lib/kolla/config_files/src-ceph:ro
environment:
- KOLLA_BOOTSTRAP=True
- KOLLA_CONFIG_STRATEGY=COPY_ALWAYS
file:
path: /var/log/containers/glance
state: directory
+ - name: ensure ceph configurations exist
+ file:
+ path: /etc/ceph
+ state: directory
upgrade_tasks:
- name: Stop and disable glance_api service
tags: step2
EnableInternalTLS:
type: boolean
default: false
+ NumberOfStorageSacks:
+ default: 128
+ description: Number of storage sacks to create.
+ type: number
conditions:
-
- /var/lib/config-data/gnocchi/etc/gnocchi/:/etc/gnocchi/:ro
- /var/log/containers/gnocchi:/var/log/gnocchi
- command: "/usr/bin/bootstrap_host_exec gnocchi_api su gnocchi -s /bin/bash -c '/usr/bin/gnocchi-upgrade --skip-storage'"
+ command:
+ str_replace:
+ template: "/usr/bin/bootstrap_host_exec gnocchi_api su gnocchi -s /bin/bash -c /usr/bin/gnocchi-upgrade --sacks-number=SACK_NUM"
+ params:
+ SACK_NUM: {get_param: NumberOfStorageSacks}
step_4:
gnocchi_api:
image: *gnocchi_api_image
ContainersCommon:
type: ./containers-common.yaml
+ MySQLClient:
+ type: ../../puppet/services/database/mysql-client.yaml
+
GnocchiMetricdBase:
type: ../../puppet/services/gnocchi-metricd.yaml
properties:
service_name: {get_attr: [GnocchiMetricdBase, role_data, service_name]}
config_settings: {get_attr: [GnocchiMetricdBase, role_data, config_settings]}
step_config: &step_config
- get_attr: [GnocchiMetricdBase, role_data, step_config]
+ list_join:
+ - "\n"
+ - - {get_attr: [GnocchiMetricdBase, role_data, step_config]}
+ - {get_attr: [MySQLClient, role_data, step_config]}
service_config_settings: {get_attr: [GnocchiMetricdBase, role_data, service_config_settings]}
# BEGIN DOCKER SETTINGS
puppet_config:
dest: "/"
merge: true
preserve_properties: true
+ - source: "/var/lib/kolla/config_files/src-ceph/"
+ dest: "/etc/ceph/"
+ merge: true
+ preserve_properties: true
permissions:
- path: /var/log/gnocchi
owner: gnocchi:gnocchi
- /var/lib/kolla/config_files/gnocchi_metricd.json:/var/lib/kolla/config_files/config.json:ro
- /var/lib/config-data/puppet-generated/gnocchi/:/var/lib/kolla/config_files/src:ro
- /var/log/containers/gnocchi:/var/log/gnocchi
+ - /etc/ceph:/var/lib/kolla/config_files/src-ceph:ro
environment:
- KOLLA_CONFIG_STRATEGY=COPY_ALWAYS
host_prep_tasks:
file:
path: /var/log/containers/gnocchi
state: directory
+ - name: ensure ceph configurations exist
+ file:
+ path: /etc/ceph
+ state: directory
upgrade_tasks:
- name: Stop and disable openstack-gnocchi-metricd service
tags: step2
ContainersCommon:
type: ./containers-common.yaml
+ MySQLClient:
+ type: ../../puppet/services/database/mysql-client.yaml
+
GnocchiStatsdBase:
type: ../../puppet/services/gnocchi-statsd.yaml
properties:
service_name: {get_attr: [GnocchiStatsdBase, role_data, service_name]}
config_settings: {get_attr: [GnocchiStatsdBase, role_data, config_settings]}
step_config: &step_config
- get_attr: [GnocchiStatsdBase, role_data, step_config]
+ list_join:
+ - "\n"
+ - - {get_attr: [GnocchiStatsdBase, role_data, step_config]}
+ - {get_attr: [MySQLClient, role_data, step_config]}
service_config_settings: {get_attr: [GnocchiStatsdBase, role_data, service_config_settings]}
# BEGIN DOCKER SETTINGS
puppet_config:
The filepath of the certificate as it will be stored in the controller.
type: string
RedisPassword:
- description: The password for Redis
+ description: The password for the redis service account.
type: string
hidden: true
MonitoringSubscriptionHaproxy:
map_merge:
- get_attr: [HAProxyBase, role_data, config_settings]
- tripleo::haproxy::haproxy_daemon: false
+ tripleo::haproxy::haproxy_service_manage: false
step_config: &step_config
get_attr: [HAProxyBase, role_data, step_config]
service_config_settings: {get_attr: [HAProxyBase, role_data, service_config_settings]}
puppet_config:
config_volume: haproxy
puppet_tags: haproxy_config
- step_config: *step_config
+ step_config:
+ "class {'::tripleo::profile::base::haproxy': manage_firewall => false}"
config_image: {get_param: DockerHAProxyConfigImage}
volumes: &deployed_cert_mount
- list_join:
preserve_properties: true
docker_config:
step_1:
+ haproxy_firewall:
+ detach: false
+ image: {get_param: DockerHAProxyImage}
+ net: host
+ user: root
+ privileged: true
+ command:
+ - '/bin/bash'
+ - '-c'
+ - str_replace:
+ template:
+ list_join:
+ - '; '
+ - - "cp -a /tmp/puppet-etc/* /etc/puppet; echo '{\"step\": 1}' > /etc/puppet/hieradata/docker.json"
+ - "FACTER_uuid=docker puppet apply --tags TAGS -v -e 'CONFIG'"
+ params:
+ TAGS: 'tripleo::firewall::rule'
+ CONFIG: *step_config
+ volumes:
+ list_concat:
+ - {get_attr: [ContainersCommon, volumes]}
+ - *deployed_cert_mount
+ -
+ - /var/lib/kolla/config_files/haproxy.json:/var/lib/kolla/config_files/config.json:ro
+ - /var/lib/config-data/puppet-generated/haproxy/:/var/lib/kolla/config_files/src:ro
+ # puppet saves iptables rules in /etc/sysconfig
+ - /etc/sysconfig:/etc/sysconfig:rw
+ # saving rules require accessing /usr/libexec/iptables/iptables.init, just bind-mount
+ # the necessary bit and prevent systemd to try to reload the service in the container
+ - /usr/libexec/iptables:/usr/libexec/iptables:ro
+ - /usr/libexec/initscripts/legacy-actions:/usr/libexec/initscripts/legacy-actions:ro
+ - /etc/puppet:/tmp/puppet-etc:ro
+ - /usr/share/openstack-puppet/modules:/usr/share/openstack-puppet/modules:ro
+ environment:
+ - KOLLA_CONFIG_STRATEGY=COPY_ALWAYS
haproxy:
image: {get_param: DockerHAProxyImage}
net: host
- privileged: false
restart: always
volumes:
list_concat:
path: /var/log/containers/heat
state: directory
upgrade_tasks:
- - name: Stop and disable heat_api_cfn service
+ - name: Check if heat_api_cfn is deployed
+ command: systemctl is-enabled openstack-heat-api-cfn
+ tags: common
+ ignore_errors: True
+ register: heat_api_cfn_enabled
+ - name: check for heat_api_cfn running under apache (post upgrade)
tags: step2
- service: name=httpd state=stopped enabled=no
+ shell: "httpd -t -D DUMP_VHOSTS | grep -q heat_api_cfn_wsgi"
+ register: heat_api_cfn_apache
+ ignore_errors: true
+ changed_when: false
+ check_mode: no
+ - name: Stop heat_api_cfn service (running under httpd)
+ tags: step2
+ service: name=httpd state=stopped
+ when: heat_api_cfn_apache.rc == 0
+ - name: Stop and disable heat_api_cfn service (pre-upgrade not under httpd)
+ tags: step2
+ service: name=openstack-heat-api-cfn state=stopped enabled=no
+ when: heat_api_cfn_enabled.rc == 0
metadata_settings:
get_attr: [HeatBase, role_data, metadata_settings]
heat_api_cron:
image: {get_param: DockerHeatApiImage}
net: host
+ user: root
privileged: false
restart: always
volumes:
path: /var/log/containers/heat
state: directory
upgrade_tasks:
- - name: Stop and disable heat_api service
+ - name: Check is heat_api is deployed
+ command: systemctl is-enabled openstack-heat-api
+ tags: common
+ ignore_errors: True
+ register: heat_api_enabled
+ - name: check for heat_api running under apache (post upgrade)
+ tags: step2
+ shell: "httpd -t -D DUMP_VHOSTS | grep -q heat_api_wsgi"
+ register: heat_api_apache
+ ignore_errors: true
+ changed_when: false
+ check_mode: no
+ - name: Stop heat_api service (running under httpd)
+ tags: step2
+ service: name=httpd state=stopped
+ when: heat_api_apache.rc == 0
+ - name: Stop and disable heat_api service (pre-upgrade not under httpd)
tags: step2
- service: name=httpd state=stopped enabled=no
+ service: name=openstack-heat-api state=stopped enabled=no
+ when: heat_api_enabled.rc == 0
metadata_settings:
get_attr: [HeatBase, role_data, metadata_settings]
ContainersCommon:
type: ./containers-common.yaml
+ MySQLClient:
+ type: ../../puppet/services/database/mysql-client.yaml
+
HeatBase:
type: ../../puppet/services/heat-engine.yaml
properties:
- get_attr: [HeatBase, role_data, config_settings]
- apache::default_vhost: false
step_config: &step_config
- get_attr: [HeatBase, role_data, step_config]
+ list_join:
+ - "\n"
+ - - {get_attr: [HeatBase, role_data, step_config]}
+ - {get_attr: [MySQLClient, role_data, step_config]}
service_config_settings: {get_attr: [HeatBase, role_data, service_config_settings]}
# BEGIN DOCKER SETTINGS
puppet_config:
ContainersCommon:
type: ./containers-common.yaml
+ MySQLClient:
+ type: ../../puppet/services/database/mysql-client.yaml
+
IronicApiBase:
type: ../../puppet/services/ironic-api.yaml
properties:
- get_attr: [IronicApiBase, role_data, config_settings]
- apache::default_vhost: false
step_config: &step_config
- get_attr: [IronicApiBase, role_data, step_config]
+ list_join:
+ - "\n"
+ - - {get_attr: [IronicApiBase, role_data, step_config]}
+ - {get_attr: [MySQLClient, role_data, step_config]}
service_config_settings: {get_attr: [IronicApiBase, role_data, service_config_settings]}
# BEGIN DOCKER SETTINGS
puppet_config:
ContainersCommon:
type: ./containers-common.yaml
+ MySQLClient:
+ type: ../../puppet/services/database/mysql-client.yaml
+
IronicConductorBase:
type: ../../puppet/services/ironic-conductor.yaml
properties:
- ironic::pxe::http_root: /var/lib/ironic/httpboot
- ironic::conductor::http_root: /var/lib/ironic/httpboot
step_config: &step_config
- get_attr: [IronicConductorBase, role_data, step_config]
+ list_join:
+ - "\n"
+ - - {get_attr: [IronicConductorBase, role_data, step_config]}
+ - {get_attr: [MySQLClient, role_data, step_config]}
service_config_settings: {get_attr: [IronicConductorBase, role_data, service_config_settings]}
# BEGIN DOCKER SETTINGS
puppet_config:
tags: step2
service: name=iscsid.socket state=stopped enabled=no
when: stat_iscsid_socket.stat.exists
- metadata_settings: {}
ContainersCommon:
type: ./containers-common.yaml
+ MySQLClient:
+ type: ../../puppet/services/database/mysql-client.yaml
+
KeystoneBase:
type: ../../puppet/services/keystone.yaml
properties:
- "\n"
- - "['Keystone_user', 'Keystone_endpoint', 'Keystone_domain', 'Keystone_tenant', 'Keystone_user_role', 'Keystone_role', 'Keystone_service'].each |String $val| { noop_resource($val) }"
- {get_attr: [KeystoneBase, role_data, step_config]}
+ - {get_attr: [MySQLClient, role_data, step_config]}
service_config_settings: {get_attr: [KeystoneBase, role_data, service_config_settings]}
# BEGIN DOCKER SETTINGS
puppet_config:
dest: "/"
merge: true
preserve_properties: true
+ /var/lib/kolla/config_files/keystone_cron.json:
+ # FIXME(dprince): this is unused ATM because Kolla hardcodes the
+ # args for the keystone container to -DFOREGROUND
+ command: /usr/sbin/crond -n
+ config_files:
+ - source: "/var/lib/kolla/config_files/src/*"
+ dest: "/"
+ merge: true
+ preserve_properties: true
+ permissions:
+ - path: /var/log/keystone
+ owner: keystone:keystone
+ recurse: true
docker_config:
# Kolla_bootstrap/db sync runs before permissions set by kolla_config
step_2:
user: root
command:
[ 'keystone', '/usr/bin/bootstrap_host_exec', 'keystone' ,'keystone-manage', 'bootstrap', '--bootstrap-password', {get_param: AdminPassword} ]
+ keystone_cron:
+ start_order: 4
+ image: *keystone_image
+ user: root
+ net: host
+ privileged: false
+ restart: always
+ command: ['/bin/bash', '-c', '/usr/local/bin/kolla_set_configs && /usr/sbin/crond -n']
+ volumes:
+ list_concat:
+ - {get_attr: [ContainersCommon, volumes]}
+ -
+ - /var/lib/kolla/config_files/keystone_cron.json:/var/lib/kolla/config_files/config.json:ro
+ - /var/lib/config-data/puppet-generated/keystone/:/var/lib/kolla/config_files/src:ro
+ - /var/log/containers/keystone:/var/log/keystone
+ environment:
+ - KOLLA_CONFIG_STRATEGY=COPY_ALWAYS
docker_puppet_tasks:
# Keystone endpoint creation occurs only on single node
step_3:
ContainersCommon:
type: ./containers-common.yaml
+ MySQLClient:
+ type: ../../puppet/services/database/mysql-client.yaml
+
ManilaApiPuppetBase:
type: ../../puppet/services/manila-api.yaml
properties:
service_name: {get_attr: [ManilaApiPuppetBase, role_data, service_name]}
config_settings: {get_attr: [ManilaApiPuppetBase, role_data, config_settings]}
step_config: &step_config
- {get_attr: [ManilaApiPuppetBase, role_data, step_config]}
+ list_join:
+ - "\n"
+ - - {get_attr: [ManilaApiPuppetBase, role_data, step_config]}
+ - {get_attr: [MySQLClient, role_data, step_config]}
service_config_settings: {get_attr: [ManilaApiPuppetBase, role_data, service_config_settings]}
# BEGIN DOCKER SETTINGS #
puppet_config:
ContainersCommon:
type: ./containers-common.yaml
+ MySQLClient:
+ type: ../../puppet/services/database/mysql-client.yaml
+
ManilaSchedulerPuppetBase:
type: ../../puppet/services/manila-scheduler.yaml
properties:
service_name: {get_attr: [ManilaSchedulerPuppetBase, role_data, service_name]}
config_settings: {get_attr: [ManilaSchedulerPuppetBase, role_data, config_settings]}
step_config: &step_config
- {get_attr: [ManilaSchedulerPuppetBase, role_data, step_config]}
+ list_join:
+ - "\n"
+ - - {get_attr: [ManilaSchedulerPuppetBase, role_data, step_config]}
+ - {get_attr: [MySQLClient, role_data, step_config]}
service_config_settings: {get_attr: [ManilaSchedulerPuppetBase, role_data, service_config_settings]}
# BEGIN DOCKER SETTINGS #
puppet_config:
ContainersCommon:
type: ./containers-common.yaml
+ MySQLClient:
+ type: ../../puppet/services/database/mysql-client.yaml
+
ManilaBase:
type: ../../puppet/services/manila-share.yaml
properties:
service_name: {get_attr: [ManilaBase, role_data, service_name]}
config_settings: {get_attr: [ManilaBase, role_data, config_settings]}
step_config: &step_config
- get_attr: [ManilaBase, role_data, step_config]
+ list_join:
+ - "\n"
+ - - {get_attr: [ManilaBase, role_data, step_config]}
+ - {get_attr: [MySQLClient, role_data, step_config]}
service_config_settings: {get_attr: [ManilaBase, role_data, service_config_settings]}
# BEGIN DOCKER SETTINGS
puppet_config:
dest: "/"
merge: true
preserve_properties: true
- # NOTE(gfidente): ceph-ansible generated
- - source: "/var/lib/kolla/config_files/src-ceph/*"
- dest: "/etc/ceph"
+ - source: "/var/lib/kolla/config_files/src-ceph/"
+ dest: "/etc/ceph/"
merge: true
preserve_properties: true
permissions:
- /var/lib/kolla/config_files/manila_share.json:/var/lib/kolla/config_files/config.json:ro
- /var/lib/config-data/puppet-generated/manila/:/var/lib/kolla/config_files/src:ro
- /var/log/containers/manila:/var/log/manila
- - /etc/ceph/:/var/lib/kolla/config_files/src-ceph:ro
+ - /etc/ceph:/var/lib/kolla/config_files/src-ceph:ro
environment:
- KOLLA_CONFIG_STRATEGY=COPY_ALWAYS
host_prep_tasks:
file:
path: /var/log/containers/manila
state: directory
+ - name: ensure ceph configurations exist
+ file:
+ path: /etc/ceph
+ state: directory
upgrade_tasks:
- name: Stop and disable manila_share service
tags: step2
ContainersCommon:
type: ./containers-common.yaml
+ MySQLClient:
+ type: ../../puppet/services/database/mysql-client.yaml
+
MistralApiBase:
type: ../../puppet/services/mistral-api.yaml
properties:
map_merge:
- get_attr: [MistralApiBase, role_data, config_settings]
step_config: &step_config
- get_attr: [MistralApiBase, role_data, step_config]
+ list_join:
+ - "\n"
+ - - {get_attr: [MistralApiBase, role_data, step_config]}
+ - {get_attr: [MySQLClient, role_data, step_config]}
service_config_settings: {get_attr: [MistralApiBase, role_data, service_config_settings]}
# BEGIN DOCKER SETTINGS
puppet_config:
ContainersCommon:
type: ./containers-common.yaml
+ MySQLClient:
+ type: ../../puppet/services/database/mysql-client.yaml
+
MistralBase:
type: ../../puppet/services/mistral-engine.yaml
properties:
map_merge:
- get_attr: [MistralBase, role_data, config_settings]
step_config: &step_config
- get_attr: [MistralBase, role_data, step_config]
+ list_join:
+ - "\n"
+ - - {get_attr: [MistralBase, role_data, step_config]}
+ - {get_attr: [MySQLClient, role_data, step_config]}
service_config_settings: {get_attr: [MistralBase, role_data, service_config_settings]}
# BEGIN DOCKER SETTINGS
puppet_config:
ContainersCommon:
type: ./containers-common.yaml
+ MySQLClient:
+ type: ../../puppet/services/database/mysql-client.yaml
+
MistralBase:
type: ../../puppet/services/mistral-executor.yaml
properties:
map_merge:
- get_attr: [MistralBase, role_data, config_settings]
step_config: &step_config
- get_attr: [MistralBase, role_data, step_config]
+ list_join:
+ - "\n"
+ - - {get_attr: [MistralBase, role_data, step_config]}
+ - {get_attr: [MySQLClient, role_data, step_config]}
service_config_settings: {get_attr: [MistralBase, role_data, service_config_settings]}
# BEGIN DOCKER SETTINGS
puppet_config:
kolla_config:
/var/lib/kolla/config_files/multipathd.json:
command: /usr/sbin/multipathd -d
- config_files:
- - source: "/var/lib/kolla/config_files/src-iscsid/*"
- dest: "/"
- merge: true
- preserve_properties: true
+ config_files:
+ - source: "/var/lib/kolla/config_files/src-iscsid/*"
+ dest: "/"
+ merge: true
+ preserve_properties: true
docker_config:
step_3:
multipathd:
- name: Stop and disable multipathd service
tags: step2
service: name=multipathd state=stopped enabled=no
- metadata_settings: {}
ContainersCommon:
type: ./containers-common.yaml
+ MySQLClient:
+ type: ../../puppet/services/database/mysql-client.yaml
+
NeutronBase:
type: ../../puppet/services/neutron-api.yaml
properties:
map_merge:
- get_attr: [NeutronBase, role_data, config_settings]
step_config: &step_config
- get_attr: [NeutronBase, role_data, step_config]
+ list_join:
+ - "\n"
+ - - {get_attr: [NeutronBase, role_data, step_config]}
+ - {get_attr: [MySQLClient, role_data, step_config]}
service_config_settings: {get_attr: [NeutronBase, role_data, service_config_settings]}
# BEGIN DOCKER SETTINGS
puppet_config:
ContainersCommon:
type: ./containers-common.yaml
+ MySQLClient:
+ type: ../../puppet/services/database/mysql-client.yaml
+
NovaApiBase:
type: ../../puppet/services/nova-api.yaml
properties:
- "\n"
- - "['Nova_cell_v2'].each |String $val| { noop_resource($val) }"
- {get_attr: [NovaApiBase, role_data, step_config]}
+ - {get_attr: [MySQLClient, role_data, step_config]}
service_config_settings: {get_attr: [NovaApiBase, role_data, service_config_settings]}
# BEGIN DOCKER SETTINGS
puppet_config:
- path: /var/log/nova
owner: nova:nova
recurse: true
+ /var/lib/kolla/config_files/nova_api_cron.json:
+ command: /usr/sbin/crond -n
+ config_files:
+ - source: "/var/lib/kolla/config_files/src/*"
+ dest: "/"
+ merge: true
+ preserve_properties: true
+ permissions:
+ - path: /var/log/nova
+ owner: nova:nova
+ recurse: true
docker_config:
# db sync runs before permissions set by kolla_config
step_2:
user: nova
privileged: true
restart: always
- volumes: &nova_api_volumes
+ volumes:
list_concat:
- {get_attr: [ContainersCommon, volumes]}
-
image: *nova_api_image
net: host
user: root
- privileged: true
+ privileged: false
restart: always
- volumes: *nova_api_volumes
+ volumes:
+ list_concat:
+ - {get_attr: [ContainersCommon, volumes]}
+ -
+ - /var/lib/kolla/config_files/nova_api_cron.json:/var/lib/kolla/config_files/config.json:ro
+ - /var/lib/config-data/puppet-generated/nova/:/var/lib/kolla/config_files/src:ro
+ - /var/log/containers/nova:/var/log/nova
environment:
- KOLLA_CONFIG_STRATEGY=COPY_ALWAYS
- command: "/usr/sbin/crond -n"
step_5:
nova_api_discover_hosts:
start_order: 1
volumes: *nova_api_bootstrap_volumes
user: root
command: "/usr/bin/bootstrap_host_exec nova_api su nova -s /bin/bash -c '/usr/bin/nova-manage cell_v2 discover_hosts'"
+ metadata_settings:
+ get_attr: [NovaApiBase, role_data, metadata_settings]
host_prep_tasks:
- name: create persistent logs directory
file:
ContainersCommon:
type: ./containers-common.yaml
+ MySQLClient:
+ type: ../../puppet/services/database/mysql-client.yaml
+
NovaComputeBase:
type: ../../puppet/services/nova-compute.yaml
properties:
config_settings:
get_attr: [NovaComputeBase, role_data, config_settings]
step_config: &step_config
- get_attr: [NovaComputeBase, role_data, step_config]
+ list_join:
+ - "\n"
+ - - {get_attr: [NovaComputeBase, role_data, step_config]}
+ - {get_attr: [MySQLClient, role_data, step_config]}
puppet_config:
config_volume: nova_libvirt
puppet_tags: nova_config,nova_paste_api_ini
dest: "/"
merge: true
preserve_properties: true
+ - source: "/var/lib/kolla/config_files/src-ceph/"
+ dest: "/etc/ceph/"
+ merge: true
+ preserve_properties: true
permissions:
- path: /var/log/nova
owner: nova:nova
- /var/lib/kolla/config_files/nova_compute.json:/var/lib/kolla/config_files/config.json:ro
- /var/lib/config-data/puppet-generated/nova_libvirt/:/var/lib/kolla/config_files/src:ro
- /var/lib/config-data/puppet-generated/iscsid/:/var/lib/kolla/config_files/src-iscsid:ro
+ - /etc/ceph:/var/lib/kolla/config_files/src-ceph:ro
- /dev:/dev
- /lib/modules:/lib/modules:ro
- /run:/run
- /var/lib/nova:/var/lib/nova
- /var/lib/libvirt:/var/lib/libvirt
- /var/log/containers/nova:/var/log/nova
+ - /sys/class/net:/sys/class/net
+ - /sys/bus/pci:/sys/bus/pci
environment:
- KOLLA_CONFIG_STRATEGY=COPY_ALWAYS
host_prep_tasks:
- /var/log/containers/nova
- /var/lib/nova
- /var/lib/libvirt
+ - name: ensure ceph configurations exist
+ file:
+ path: /etc/ceph
+ state: directory
upgrade_tasks:
- name: Stop and disable nova-compute service
tags: step2
ContainersCommon:
type: ./containers-common.yaml
+ MySQLClient:
+ type: ../../puppet/services/database/mysql-client.yaml
+
NovaConductorBase:
type: ../../puppet/services/nova-conductor.yaml
properties:
service_name: {get_attr: [NovaConductorBase, role_data, service_name]}
config_settings: {get_attr: [NovaConductorBase, role_data, config_settings]}
step_config: &step_config
- get_attr: [NovaConductorBase, role_data, step_config]
+ list_join:
+ - "\n"
+ - - {get_attr: [NovaConductorBase, role_data, step_config]}
+ - {get_attr: [MySQLClient, role_data, step_config]}
service_config_settings: {get_attr: [NovaConductorBase, role_data, service_config_settings]}
# BEGIN DOCKER SETTINGS
puppet_config:
ContainersCommon:
type: ./containers-common.yaml
+ MySQLClient:
+ type: ../../puppet/services/database/mysql-client.yaml
+
NovaConsoleauthPuppetBase:
type: ../../puppet/services/nova-consoleauth.yaml
properties:
service_name: {get_attr: [NovaConsoleauthPuppetBase, role_data, service_name]}
config_settings: {get_attr: [NovaConsoleauthPuppetBase, role_data, config_settings]}
step_config: &step_config
- get_attr: [NovaConsoleauthPuppetBase, role_data, step_config]
+ list_join:
+ - "\n"
+ - - {get_attr: [NovaConsoleauthPuppetBase, role_data, step_config]}
+ - {get_attr: [MySQLClient, role_data, step_config]}
service_config_settings: {get_attr: [NovaConsoleauthPuppetBase, role_data, service_config_settings]}
# BEGIN DOCKER SETTINGS
puppet_config:
ContainersCommon:
type: ./containers-common.yaml
+ MySQLClient:
+ type: ../../puppet/services/database/mysql-client.yaml
+
NovaIronicBase:
type: ../../puppet/services/nova-ironic.yaml
properties:
service_name: {get_attr: [NovaIronicBase, role_data, service_name]}
config_settings: {get_attr: [NovaIronicBase, role_data, config_settings]}
step_config: &step_config
- get_attr: [NovaIronicBase, role_data, step_config]
+ list_join:
+ - "\n"
+ - - {get_attr: [NovaIronicBase, role_data, step_config]}
+ - {get_attr: [MySQLClient, role_data, step_config]}
puppet_config:
config_volume: nova
puppet_tags: nova_config,nova_paste_api_ini
ContainersCommon:
type: ./containers-common.yaml
+ MySQLClient:
+ type: ../../puppet/services/database/mysql-client.yaml
+
NovaLibvirtBase:
type: ../../puppet/services/nova-libvirt.yaml
properties:
config_settings:
get_attr: [NovaLibvirtBase, role_data, config_settings]
step_config: &step_config
- get_attr: [NovaLibvirtBase, role_data, step_config]
+ list_join:
+ - "\n"
+ - - {get_attr: [NovaLibvirtBase, role_data, step_config]}
+ - {get_attr: [MySQLClient, role_data, step_config]}
puppet_config:
config_volume: nova_libvirt
- puppet_tags: nova_config,file,exec
+ puppet_tags: libvirtd_config,nova_config,file,exec
step_config: *step_config
config_image: {get_param: DockerNovaLibvirtConfigImage}
kolla_config:
dest: "/"
merge: true
preserve_properties: true
+ - source: "/var/lib/kolla/config_files/src-ceph/"
+ dest: "/etc/ceph/"
+ merge: true
+ preserve_properties: true
permissions:
- path: /var/log/nova
owner: nova:nova
-
- /var/lib/kolla/config_files/nova_libvirt.json:/var/lib/kolla/config_files/config.json:ro
- /var/lib/config-data/puppet-generated/nova_libvirt/:/var/lib/kolla/config_files/src:ro
+ - /etc/ceph:/var/lib/kolla/config_files/src-ceph:ro
- /lib/modules:/lib/modules:ro
- /dev:/dev
- /run:/run
- /etc/libvirt/qemu
- /var/lib/libvirt
- /var/log/containers/nova
+ - name: ensure ceph configurations exist
+ file:
+ path: /etc/ceph
+ state: directory
- name: set enable_package_install fact
set_fact:
enable_package_install: {get_param: EnablePackageInstall}
ContainersCommon:
type: ./containers-common.yaml
+ MySQLClient:
+ type: ../../puppet/services/database/mysql-client.yaml
+
NovaPlacementBase:
type: ../../puppet/services/nova-placement.yaml
properties:
- get_attr: [NovaPlacementBase, role_data, config_settings]
- apache::default_vhost: false
step_config: &step_config
- get_attr: [NovaPlacementBase, role_data, step_config]
+ list_join:
+ - "\n"
+ - - {get_attr: [NovaPlacementBase, role_data, step_config]}
+ - {get_attr: [MySQLClient, role_data, step_config]}
service_config_settings: {get_attr: [NovaPlacementBase, role_data, service_config_settings]}
# BEGIN DOCKER SETTINGS
puppet_config:
- /var/log/containers/nova:/var/log/nova
environment:
- KOLLA_CONFIG_STRATEGY=COPY_ALWAYS
+ metadata_settings:
+ get_attr: [NovaPlacementBase, role_data, metadata_settings]
host_prep_tasks:
- name: create persistent logs directory
file:
ContainersCommon:
type: ./containers-common.yaml
+ MySQLClient:
+ type: ../../puppet/services/database/mysql-client.yaml
+
NovaSchedulerBase:
type: ../../puppet/services/nova-scheduler.yaml
properties:
service_name: {get_attr: [NovaSchedulerBase, role_data, service_name]}
config_settings: {get_attr: [NovaSchedulerBase, role_data, config_settings]}
step_config: &step_config
- get_attr: [NovaSchedulerBase, role_data, step_config]
+ list_join:
+ - "\n"
+ - - {get_attr: [NovaSchedulerBase, role_data, step_config]}
+ - {get_attr: [MySQLClient, role_data, step_config]}
service_config_settings: {get_attr: [NovaSchedulerBase, role_data, service_config_settings]}
# BEGIN DOCKER SETTINGS
puppet_config:
ContainersCommon:
type: ./containers-common.yaml
+ MySQLClient:
+ type: ../../puppet/services/database/mysql-client.yaml
+
NovaVncProxyPuppetBase:
type: ../../puppet/services/nova-vnc-proxy.yaml
properties:
service_name: {get_attr: [NovaVncProxyPuppetBase, role_data, service_name]}
config_settings: {get_attr: [NovaVncProxyPuppetBase, role_data, config_settings]}
step_config: &step_config
- get_attr: [NovaVncProxyPuppetBase, role_data, step_config]
+ list_join:
+ - "\n"
+ - - {get_attr: [NovaVncProxyPuppetBase, role_data, step_config]}
+ - {get_attr: [MySQLClient, role_data, step_config]}
service_config_settings: {get_attr: [NovaVncProxyPuppetBase, role_data, service_config_settings]}
# BEGIN DOCKER SETTINGS
puppet_config:
ContainersCommon:
type: ./containers-common.yaml
+ MySQLClient:
+ type: ../../puppet/services/database/mysql-client.yaml
+
OctaviaApiPuppetBase:
type: ../../puppet/services/octavia-api.yaml
properties:
service_name: {get_attr: [OctaviaApiPuppetBase, role_data, service_name]}
config_settings: {get_attr: [OctaviaApiPuppetBase, role_data, config_settings]}
step_config: &step_config
- get_attr: [OctaviaApiPuppetBase, role_data, step_config]
+ list_join:
+ - "\n"
+ - - {get_attr: [OctaviaApiPuppetBase, role_data, step_config]}
+ - {get_attr: [MySQLClient, role_data, step_config]}
service_config_settings: {get_attr: [OctaviaApiPuppetBase, role_data, service_config_settings]}
# BEGIN DOCKER SETTINGS #
puppet_config:
resources:
+ MySQLClient:
+ type: ../../../puppet/services/database/mysql-client.yaml
+
CinderBackupBase:
type: ../../../puppet/services/cinder-backup.yaml
properties:
puppet_config:
config_volume: cinder
puppet_tags: cinder_config,file,concat,file_line
- step_config: {get_attr: [CinderBackupBase, role_data, step_config]}
+ step_config:
+ list_join:
+ - "\n"
+ - - {get_attr: [CinderBackupBase, role_data, step_config]}
+ - {get_attr: [MySQLClient, role_data, step_config]}
config_image: {get_param: DockerCinderConfigImage}
kolla_config:
/var/lib/kolla/config_files/cinder_backup.json:
resources:
+ MySQLClient:
+ type: ../../../puppet/services/database/mysql-client.yaml
+
CinderBase:
type: ../../../puppet/services/cinder-volume.yaml
properties:
puppet_config:
config_volume: cinder
puppet_tags: cinder_config,file,concat,file_line
- step_config: {get_attr: [CinderBase, role_data, step_config]}
+ step_config:
+ list_join:
+ - "\n"
+ - - {get_attr: [CinderBase, role_data, step_config]}
+ - {get_attr: [MySQLClient, role_data, step_config]}
config_image: {get_param: DockerCinderConfigImage}
kolla_config:
/var/lib/kolla/config_files/cinder_volume.json:
type: string
hidden: true
default: ''
+ MysqlClustercheckPassword:
+ type: string
+ hidden: true
RoleName:
default: ''
description: Role name on which the service is applied
map_merge:
- {get_attr: [MysqlPuppetBase, role_data, config_settings]}
- tripleo::profile::pacemaker::database::mysql_bundle::mysql_docker_image: &mysql_image {get_param: DockerMysqlImage}
+ tripleo::profile::pacemaker::database::mysql_bundle::control_port: 3123
+ tripleo.mysql.firewall_rules:
+ '104 mysql galera-bundle':
+ dport:
+ - 873
+ - 3123
+ - 3306
+ - 4444
+ - 4567
+ - 4568
+ - 9200
step_config: ""
# BEGIN DOCKER SETTINGS #
puppet_config:
image: *mysql_image
net: host
# Kolla bootstraps aren't idempotent, explicitly checking if bootstrap was done
- command: ['bash', '-c', 'test -e /var/lib/mysql/mysql || kolla_start']
+ command:
+ - 'bash'
+ - '-ec'
+ -
+ list_join:
+ - "\n"
+ - - 'if [ -e /var/lib/mysql/mysql ]; then exit 0; fi'
+ - 'kolla_start'
+ - 'mysqld_safe --skip-networking --wsrep-on=OFF &'
+ - 'timeout ${DB_MAX_TIMEOUT} /bin/bash -c ''until mysqladmin -uroot -p"${DB_ROOT_PASSWORD}" ping 2>/dev/null; do sleep 1; done'''
+ - 'mysql -uroot -p"${DB_ROOT_PASSWORD}" -e "CREATE USER ''clustercheck''@''localhost'' IDENTIFIED BY ''${DB_CLUSTERCHECK_PASSWORD}'';"'
+ - 'mysql -uroot -p"${DB_ROOT_PASSWORD}" -e "GRANT PROCESS ON *.* TO ''clustercheck''@''localhost'' WITH GRANT OPTION;"'
+ - 'timeout ${DB_MAX_TIMEOUT} mysqladmin -uroot -p"${DB_ROOT_PASSWORD}" shutdown'
volumes: &mysql_volumes
list_concat:
- {get_attr: [ContainersCommon, volumes]}
- KOLLA_BOOTSTRAP=True
# NOTE(mandre) skip wsrep cluster status check
- KOLLA_KUBERNETES=True
+ - DB_MAX_TIMEOUT=60
+ -
+ list_join:
+ - '='
+ - - 'DB_CLUSTERCHECK_PASSWORD'
+ - {get_param: MysqlClustercheckPassword}
-
list_join:
- '='
redis::notify_service: false
redis::managed_by_cluster_manager: true
tripleo::profile::pacemaker::database::redis_bundle::redis_docker_image: &redis_image {get_param: DockerRedisImage}
-
+ tripleo::profile::pacemaker::database::redis_bundle::control_port: 3124
+ tripleo.redis.firewall_rules:
+ '108 redis-bundle':
+ dport:
+ - 3124
+ - 6379
+ - 26379
step_config: ""
service_config_settings: {get_attr: [RedisBase, role_data, service_config_settings]}
# BEGIN DOCKER SETTINGS
- {get_attr: [RabbitmqBase, role_data, config_settings]}
- rabbitmq::service_manage: false
tripleo::profile::pacemaker::rabbitmq_bundle::rabbitmq_docker_image: &rabbitmq_image {get_param: DockerRabbitmqImage}
+ tripleo::profile::pacemaker::rabbitmq_bundle::control_port: 3122
+ tripleo.rabbitmq.firewall_rules:
+ '109 rabbitmq-bundle':
+ dport:
+ - 3122
+ - 4369
+ - 5672
+ - 25672
step_config: &step_config
get_attr: [RabbitmqBase, role_data, step_config]
service_config_settings: {get_attr: [RabbitmqBase, role_data, service_config_settings]}
ContainersCommon:
type: ./containers-common.yaml
+ MySQLClient:
+ type: ../../puppet/services/database/mysql-client.yaml
+
PankoApiPuppetBase:
type: ../../puppet/services/panko-api.yaml
properties:
- get_attr: [PankoApiPuppetBase, role_data, config_settings]
- apache::default_vhost: false
step_config: &step_config
- get_attr: [PankoApiPuppetBase, role_data, step_config]
+ list_join:
+ - "\n"
+ - - {get_attr: [PankoApiPuppetBase, role_data, step_config]}
+ - {get_attr: [MySQLClient, role_data, step_config]}
service_config_settings: {get_attr: [PankoApiPuppetBase, role_data, service_config_settings]}
# BEGIN DOCKER SETTINGS #
puppet_config:
ContainersCommon:
type: ./containers-common.yaml
+ MySQLClient:
+ type: ../../puppet/services/database/mysql-client.yaml
+
SaharaApiPuppetBase:
type: ../../puppet/services/sahara-api.yaml
properties:
- get_attr: [SaharaApiPuppetBase, role_data, config_settings]
- sahara::sync_db: false
step_config: &step_config
- get_attr: [SaharaApiPuppetBase, role_data, step_config]
+ list_join:
+ - "\n"
+ - - {get_attr: [SaharaApiPuppetBase, role_data, step_config]}
+ - {get_attr: [MySQLClient, role_data, step_config]}
service_config_settings: {get_attr: [SaharaApiPuppetBase, role_data, service_config_settings]}
# BEGIN DOCKER SETTINGS #
puppet_config:
ContainersCommon:
type: ./containers-common.yaml
+ MySQLClient:
+ type: ../../puppet/services/database/mysql-client.yaml
+
SaharaEnginePuppetBase:
type: ../../puppet/services/sahara-engine.yaml
properties:
- get_attr: [SaharaEnginePuppetBase, role_data, config_settings]
- sahara::sync_db: false
step_config: &step_config
- get_attr: [SaharaEnginePuppetBase, role_data, step_config]
+ list_join:
+ - "\n"
+ - - {get_attr: [SaharaEnginePuppetBase, role_data, step_config]}
+ - {get_attr: [MySQLClient, role_data, step_config]}
service_config_settings: {get_attr: [SaharaEnginePuppetBase, role_data, service_config_settings]}
# BEGIN DOCKER SETTINGS #
puppet_config:
- openstack-swift-container-updater
- openstack-swift-container
- openstack-swift-object-auditor
+ - openstack-swift-object-expirer
- openstack-swift-object-replicator
- openstack-swift-object-updater
- openstack-swift-object
ContainersCommon:
type: ./containers-common.yaml
+ MySQLClient:
+ type: ../../puppet/services/database/mysql-client.yaml
+
TackerBase:
type: ../../puppet/services/tacker.yaml
properties:
map_merge:
- get_attr: [TackerBase, role_data, config_settings]
step_config: &step_config
- get_attr: [TackerBase, role_data, step_config]
+ list_join:
+ - "\n"
+ - - {get_attr: [TackerBase, role_data, step_config]}
+ - {get_attr: [MySQLClient, role_data, step_config]}
service_config_settings: {get_attr: [TackerBase, role_data, service_config_settings]}
# BEGIN DOCKER SETTINGS
puppet_config:
default: {}
description: Parameters specific to the role
type: json
+ EnableInternalTLS:
+ type: boolean
+ default: false
conditions:
zaqar_management_store_sqlalchemy: {equals : [{get_param: ZaqarManagementStore}, 'sqlalchemy']}
+ internal_tls_enabled: {get_param: EnableInternalTLS}
resources:
ContainersCommon:
type: ./containers-common.yaml
+ MySQLClient:
+ type: ../../puppet/services/database/mysql-client.yaml
+
ZaqarBase:
type: ../../puppet/services/zaqar.yaml
properties:
DefaultPasswords: {get_param: DefaultPasswords}
RoleName: {get_param: RoleName}
RoleParameters: {get_param: RoleParameters}
+ EnableInternalTLS: {get_param: EnableInternalTLS}
outputs:
role_data:
service_name: {get_attr: [ZaqarBase, role_data, service_name]}
config_settings: {get_attr: [ZaqarBase, role_data, config_settings]}
step_config: &step_config
- get_attr: [ZaqarBase, role_data, step_config]
+ list_join:
+ - "\n"
+ - - {get_attr: [ZaqarBase, role_data, step_config]}
+ - {get_attr: [MySQLClient, role_data, step_config]}
service_config_settings: {get_attr: [ZaqarBase, role_data, service_config_settings]}
# BEGIN DOCKER SETTINGS
puppet_config:
- /var/lib/kolla/config_files/zaqar.json:/var/lib/kolla/config_files/config.json:ro
- /var/lib/config-data/puppet-generated/zaqar/:/var/lib/kolla/config_files/src:ro
- /var/log/containers/zaqar:/var/log/zaqar
+ -
+ if:
+ - internal_tls_enabled
+ - /etc/pki/tls/certs/httpd:/etc/pki/tls/certs/httpd:ro
+ - ''
+ -
+ if:
+ - internal_tls_enabled
+ - /etc/pki/tls/private/httpd:/etc/pki/tls/private/httpd:ro
+ - ''
environment:
- KOLLA_CONFIG_STRATEGY=COPY_ALWAYS
zaqar_websocket:
- name: Stop and disable zaqar service
tags: step2
service: name=httpd state=stopped enabled=no
+ metadata_settings:
+ get_attr: [ZaqarBase, role_data, metadata_settings]
--- /dev/null
+resource_registry:
+ OS::TripleO::Services::CephMon: ../../docker/services/ceph-ansible/ceph-mon.yaml
+ OS::TripleO::Services::CephOSD: ../../docker/services/ceph-ansible/ceph-osd.yaml
+ OS::TripleO::Services::CephClient: ../../docker/services/ceph-ansible/ceph-client.yaml
+
+parameter_defaults:
+ CinderEnableIscsiBackend: false
+ CinderEnableRbdBackend: true
+ CinderBackupBackend: ceph
+ NovaEnableRbdBackend: true
+ GlanceBackend: rbd
+ GnocchiBackend: rbd
CinderDellPsSanIp: ''
CinderDellPsSanLogin: ''
CinderDellPsSanPassword: ''
+ CinderDellPsSanPrivateKey: ''
CinderDellPsSanThinProvision: true
CinderDellPsGroupname: 'group-0'
CinderDellPsPool: 'default'
--- /dev/null
+resource_registry:
+ OS::TripleO::Compute::Net::SoftwareConfig: contrail-nic-config-compute-storage-mgmt.yaml
+ OS::TripleO::ContrailDpdk::Net::SoftwareConfig: contrail-nic-config-compute-storage-mgmt.yaml
+ OS::TripleO::Controller::Net::SoftwareConfig: contrail-nic-config-storage-mgmt.yaml
+ OS::TripleO::ContrailController::Net::SoftwareConfig: contrail-nic-config-storage-mgmt.yaml
+ OS::TripleO::ContrailAnalytics::Net::SoftwareConfig: contrail-nic-config-storage-mgmt.yaml
+ OS::TripleO::ContrailAnalyticsDatabase::Net::SoftwareConfig: contrail-nic-config-storage-mgmt.yaml
+ OS::TripleO::ContrailTsn::Net::SoftwareConfig: contrail-nic-config-compute-storage-mgmt.yaml
+
+parameter_defaults:
+ ContrailConfigVIP: 10.0.0.10
+ ContrailAnalyticsVIP: 10.0.0.10
+ ContrailWebuiVIP: 10.0.0.10
+ ContrailVIP: 10.0.0.10
+ ControlPlaneSubnetCidr: '24'
+ ControlPlaneDefaultRoute: 192.168.24.254
+ InternalApiNetCidr: 10.3.0.0/24
+ InternalApiAllocationPools: [{'start': '10.3.0.10', 'end': '10.3.0.200'}]
+ InternalApiDefaultRoute: 10.3.0.1
+ StorageMgmtNetCidr: 10.0.0.0/24
+ StorageMgmtAllocationPools: [{'start': '10.0.0.10', 'end': '10.0.0.200'}]
+ StorageMgmtDefaultRoute: 10.0.0.1
+ StorageMgmtInterfaceDefaultRoute: 10.0.0.1
+ StorageMgmtVirtualIP: 10.0.0.10
+ ManagementNetCidr: 10.1.0.0/24
+ ManagementAllocationPools: [{'start': '10.1.0.10', 'end': '10.1.0.200'}]
+ ManagementInterfaceDefaultRoute: 10.1.0.1
+ ExternalNetCidr: 10.2.0.0/24
+ ExternalAllocationPools: [{'start': '10.2.0.10', 'end': '10.2.0.200'}]
+ EC2MetadataIp: 192.168.24.1 # Generally the IP of the Undercloud
+ DnsServers: ["10.87.64.101"]
+ VrouterPhysicalInterface: eth1
+ VrouterGateway: 10.0.0.1
+ VrouterNetmask: 255.255.255.0
+ ControlVirtualInterface: eth0
+ PublicVirtualInterface: vlan10
+# VlanParentInterface: eth1 # If VrouterPhysicalInterface is a vlan interface using vlanX notation
resource_registry:
- OS::TripleO::Compute::Net::SoftwareConfig: contrail-nic-config-compute.yaml
- OS::TripleO::Controller::Net::SoftwareConfig: contrail-nic-config.yaml
- OS::TripleO::ContrailController::Net::SoftwareConfig: contrail-nic-config.yaml
- OS::TripleO::ContrailAnalytics::Net::SoftwareConfig: contrail-nic-config.yaml
- OS::TripleO::ContrailAnalyticsDatabase::Net::SoftwareConfig: contrail-nic-config.yaml
- OS::TripleO::ContrailTsn::Net::SoftwareConfig: contrail-nic-config-compute.yaml
+ OS::TripleO::Compute::Net::SoftwareConfig: ../../network/config/contrail/contrail-nic-config-compute.yaml
+ OS::TripleO::Controller::Net::SoftwareConfig: ../../network/config/contrail/contrail-nic-config.yaml
+ OS::TripleO::ContrailController::Net::SoftwareConfig: ../../network/config/contrail/contrail-nic-config.yaml
+ OS::TripleO::ContrailAnalytics::Net::SoftwareConfig: ../../network/config/contrail/contrail-nic-config.yaml
+ OS::TripleO::ContrailAnalyticsDatabase::Net::SoftwareConfig: ../../network/config/contrail/contrail-nic-config.yaml
+ OS::TripleO::ContrailTsn::Net::SoftwareConfig: ../../network/config/contrail/contrail-nic-config-compute.yaml
parameter_defaults:
ControlPlaneSubnetCidr: '24'
ExternalNetCidr: 10.2.0.0/24
ExternalAllocationPools: [{'start': '10.2.0.10', 'end': '10.2.0.200'}]
EC2MetadataIp: 192.168.24.1 # Generally the IP of the Undercloud
- DnsServers: ["8.8.8.8","8.8.4.4"]
- VrouterPhysicalInterface: eth1
- VrouterGateway: 10.0.0.1
- VrouterNetmask: 255.255.255.0
+ DnsServers: ["8.8.8.8"]
+ NtpServer: 10.0.0.1
+ ContrailVrouterPhysicalInterface: eth1
+ ContrailVrouterGateway: 10.0.0.1
+ ContrailVrouterNetmask: 255.255.255.0
ControlVirtualInterface: eth0
PublicVirtualInterface: vlan10
+## If vhost0 is linked to a vlan interface:
+# ContrailVlanParentInterface: eth1 # If VrouterPhysicalInterface is a vlan interface using vlanX notation
+## If vhost0 is linked to a bonded vlan interface:
+# ContrailVlanParentInterface: bond0
+# ContrailBondInterface: bond0
+# ContrailBondInterfaceMembers: 'eth1,eth2'
OS::TripleO::Services::ComputeNeutronOvsAgent: OS::Heat::None
OS::TripleO::Services::NeutronCorePlugin: OS::TripleO::Services::NeutronCorePluginContrail
OS::TripleO::Services::ComputeNeutronCorePlugin: OS::TripleO::Services::ComputeNeutronCorePluginContrail
- OS::TripleO::NodeUserData: ../../firstboot/install_vrouter_kmod.yaml
OS::TripleO::Services::ContrailHeat: ../../puppet/services/network/contrail-heat.yaml
OS::TripleO::Services::ContrailAnalytics: ../../puppet/services/network/contrail-analytics.yaml
OS::TripleO::Services::ContrailAnalyticsDatabase: ../../puppet/services/network/contrail-analytics-database.yaml
OS::TripleO::Services::ContrailDatabase: ../../puppet/services/network/contrail-database.yaml
OS::TripleO::Services::ContrailWebUI: ../../puppet/services/network/contrail-webui.yaml
OS::TripleO::Services::ContrailTsn: ../../puppet/services/network/contrail-tsn.yaml
+ OS::TripleO::Services::ContrailDpdk: ../../puppet/services/network/contrail-dpdk.yaml
OS::TripleO::Services::ComputeNeutronCorePluginContrail: ../../puppet/services/network/contrail-vrouter.yaml
OS::TripleO::Services::NeutronCorePluginContrail: ../../puppet/services/network/contrail-neutron-plugin.yaml
+ OS::TripleO::NodeUserData: ../../extraconfig/all_nodes/contrail/enable_contrail_repo.yaml
+ OS::TripleO::ContrailTsn::PreNetworkConfig: ../../extraconfig/pre_network/contrail/compute_pre_network.yaml
+ OS::TripleO::ContrailDpdk::PreNetworkConfig: ../../extraconfig/pre_network/contrail/contrail_dpdk_pre_network.yaml
+ OS::TripleO::Compute::PreNetworkConfig: ../../extraconfig/pre_network/contrail/compute_pre_network.yaml
parameter_defaults:
- ContrailRepo: http://192.168.24.1/contrail-3.2.0.0-19
+ ServiceNetMap:
+ ContrailAnalyticsNetwork: internal_api
+ ContrailAnalyticsDatabaseNetwork: internal_api
+ ContrailConfigNetwork: internal_api
+ ContrailControlNetwork: internal_api
+ ContrailDatabaseNetwork: internal_api
+ ContrailWebuiNetwork: internal_api
+ ContrailTsnNetwork: internal_api
+ ContrailVrouterNetwork: internal_api
+ ContrailDpdkNetwork: internal_api
+ ContrailRepo: http://192.168.24.1/contrail
+ ContrailControlManageNamed: true
EnablePackageInstall: true
# ContrailConfigIfmapUserName: api-server
# ContrailConfigIfmapUserPassword: api-server
OvercloudContrailAnalyticsDatabaseFlavor: contrail-analytics-database
OvercloudContrailTsnFlavor: contrail-tsn
OvercloudComputeFlavor: compute
+ OvercloudContrailDpdkFlavor: compute-dpdk
ControllerCount: 3
ContrailControllerCount: 3
ContrailAnalyticsCount: 3
ContrailAnalyticsDatabaseCount: 3
- ContrailTsnCount: 1
+ ContrailTsnCount: 0
ComputeCount: 3
- DnsServers: ["8.8.8.8","8.8.4.4"]
- NtpServer: 10.0.0.1
+ ContrailDpdkCount: 0
NeutronCorePlugin: neutron_plugin_contrail.plugins.opencontrail.contrail_plugin.NeutronPluginContrailCoreV2
- NeutronServicePlugins: ''
+ NeutronServicePlugins: 'neutron_plugin_contrail.plugins.opencontrail.loadbalancer.v2.plugin.LoadBalancerPluginV2'
NeutronTunnelTypes: ''
# NeutronMetadataProxySharedSecret:
# ContrailControlRNDCSecret: # sda1/256 hmac key, e.g. echo -n "values" | openssl dgst -sha256 -hmac key -binary | base64
- OS::TripleO::Services::TripleoPackages
- OS::TripleO::Services::SensuClient
- OS::TripleO::Services::FluentdClient
+
+- name: ContrailDpdk
+ ServicesDefault:
+ - OS::TripleO::Services::CACerts
+ - OS::TripleO::Services::CertmongerUser
+ - OS::TripleO::Services::ContrailTsn
+ - OS::TripleO::Services::Kernel
+ - OS::TripleO::Services::Ntp
+ - OS::TripleO::Services::Timezone
+ - OS::TripleO::Services::Snmp
+ - OS::TripleO::Services::TripleoPackages
+ - OS::TripleO::Services::SensuClient
+ - OS::TripleO::Services::FluentdClient
OS::TripleO::Services::Docker: ../puppet/services/docker.yaml
# The compute node still needs extra initialization steps
OS::TripleO::Compute::NodeUserData: ../docker/firstboot/setup_docker_host.yaml
+ # Default Neutron ML2 puppet plugin to use when NeutronCorePlugin is set to ML2
+ OS::TripleO::Docker::NeutronMl2PluginBase: ../puppet/services/neutron-plugin-ml2.yaml
# NOTE: add roles to be docker enabled as we support them.
OS::TripleO::Services::AodhApi: ../docker/services/aodh-api.yaml
OS::TripleO::Services::AodhEvaluator: ../docker/services/aodh-evaluator.yaml
OS::TripleO::Services::AodhListener: ../docker/services/aodh-listener.yaml
OS::TripleO::Services::AodhNotifier: ../docker/services/aodh-notifier.yaml
+ OS::TripleO::Services::CeilometerAgentCentral: ../docker/services/ceilometer-agent-central.yaml
+ OS::TripleO::Services::CeilometerAgentIpmi: ../docker/services/ceilometer-agent-ipmi.yaml
+ OS::TripleO::Services::CeilometerAgentNotification: ../docker/services/ceilometer-agent-notification.yaml
+ OS::TripleO::Services::ComputeCeilometerAgent: ../docker/services/ceilometer-agent-compute.yaml
OS::TripleO::Services::ComputeNeutronOvsAgent: ../docker/services/neutron-ovs-agent.yaml
OS::TripleO::Services::GlanceApi: ../docker/services/glance-api.yaml
OS::TripleO::Services::GnocchiApi: ../docker/services/gnocchi-api.yaml
OS::TripleO::Services::HeatEngine: ../docker/services/heat-engine.yaml
OS::TripleO::Services::Iscsid: ../docker/services/iscsid.yaml
OS::TripleO::Services::Keystone: ../docker/services/keystone.yaml
- OS::TripleO::Services::NovaMigrationTarget: ../docker/services/nova-migration-target.yaml
+ OS::TripleO::Services::Memcached: ../docker/services/memcached.yaml
OS::TripleO::Services::NeutronApi: ../docker/services/neutron-api.yaml
OS::TripleO::Services::NeutronCorePlugin: ../docker/services/neutron-plugin-ml2.yaml
OS::TripleO::Services::NeutronDhcpAgent: ../docker/services/neutron-dhcp.yaml
OS::TripleO::Services::NeutronL3Agent: ../docker/services/neutron-l3.yaml
+ OS::TripleO::Services::NeutronMetadataAgent: ../docker/services/neutron-metadata.yaml
OS::TripleO::Services::NeutronOvsAgent: ../docker/services/neutron-ovs-agent.yaml
OS::TripleO::Services::NeutronServer: ../docker/services/neutron-api.yaml
OS::TripleO::Services::PankoApi: ../docker/services/panko-api.yaml
+ OS::TripleO::Services::Redis: ../docker/services/database/redis.yaml
OS::TripleO::Services::SwiftProxy: ../docker/services/swift-proxy.yaml
OS::TripleO::Services::SwiftRingBuilder: ../docker/services/swift-ringbuilder.yaml
OS::TripleO::Services::SwiftStorage: ../docker/services/swift-storage.yaml
OS::TripleO::Services::NeutronOvsAgent: ../docker/services/neutron-ovs-agent.yaml
OS::TripleO::Services::NeutronDhcpAgent: ../docker/services/neutron-dhcp.yaml
OS::TripleO::Services::NeutronL3Agent: ../docker/services/neutron-l3.yaml
+ OS::TripleO::Services::HAproxy: ../docker/services/haproxy.yaml
OS::TripleO::Services::MySQL: ../docker/services/database/mysql.yaml
- OS::TripleO::Services::MySQLClient: ../docker/services/database/mysql-client.yaml
OS::TripleO::Services::RabbitMQ: ../docker/services/rabbitmq.yaml
OS::TripleO::Services::MongoDb: ../docker/services/database/mongodb.yaml
OS::TripleO::Services::Redis: ../docker/services/database/redis.yaml
OS::TripleO::Services::PankoApi: ../docker/services/panko-api.yaml
OS::TripleO::Services::CeilometerAgentCentral: ../docker/services/ceilometer-agent-central.yaml
OS::TripleO::Services::CeilometerAgentIpmi: ../docker/services/ceilometer-agent-ipmi.yaml
- OS::TripleO::Services::CeilometerAgentCompute: ../docker/services/ceilometer-agent-compute.yaml
+ OS::TripleO::Services::ComputeCeilometerAgent: ../docker/services/ceilometer-agent-compute.yaml
OS::TripleO::Services::CeilometerAgentNotification: ../docker/services/ceilometer-agent-notification.yaml
OS::TripleO::Services::Horizon: ../docker/services/horizon.yaml
OS::TripleO::Services::Iscsid: ../docker/services/iscsid.yaml
- OS::TripleO::Services::ComputeNeutronMetadataAgent
- OS::TripleO::Services::TripleoPackages
- OS::TripleO::Services::TripleoFirewall
+ - OS::TripleO::Services::Tuned
- OS::TripleO::Services::NeutronSriovAgent
- OS::TripleO::Services::OpenDaylightOvs
- OS::TripleO::Services::SensuClient
- OS::TripleO::Services::MySQLClient
- OS::TripleO::Services::Docker
- OS::TripleO::Services::Iscsid
+ - OS::TripleO::Services::OVNController
{%- endfor %}
# Port assignments for the VIPs
- {%- for network in networks if network.vip %}
+ {%- for network in networks if network.vip and network.enabled|default(true) %}
OS::TripleO::Network::Ports::{{network.name}}VipPort: ../network/ports/{{network.name_lower|default(network.name.lower())}}.yaml
{%- endfor %}
OS::TripleO::Network::Ports::RedisVipPort: ../network/ports/vip.yaml
# extensions, configured via puppet
resource_registry:
OS::TripleO::Services::NeutronCorePlugin: OS::TripleO::Services::NeutronCorePluginML2OVN
- OS::TripleO::Services::ComputeNeutronCorePlugin: ../puppet/services/neutron-compute-plugin-ovn.yaml
+ OS::TripleO::Services::OVNController: ../puppet/services/ovn-controller.yaml
OS::TripleO::Services::OVNDBs: ../puppet/services/pacemaker/ovn-dbs.yaml
# Disabling Neutron services that overlap with OVN
- OS::TripleO::Services::NeutronL3Agent: OS::Heat::None
OS::TripleO::Services::NeutronOvsAgent: OS::Heat::None
+ OS::TripleO::Services::ComputeNeutronOvsAgent: OS::Heat::None
+ OS::TripleO::Services::NeutronL3Agent: OS::Heat::None
OS::TripleO::Services::NeutronMetadataAgent: OS::Heat::None
OS::TripleO::Services::NeutronDhcpAgent: OS::Heat::None
- OS::TripleO::Services::ComputeNeutronOvsAgent: OS::Heat::None
+ OS::TripleO::Services::ComputeNeutronCorePlugin: OS::Heat::None
parameter_defaults:
NeutronMechanismDrivers: ovn
# A Heat environment file which can be used to enable OVN
# extensions, configured via puppet
resource_registry:
- OS::TripleO::Services::NeutronL3Agent: OS::Heat::None
- OS::TripleO::Services::NeutronOvsAgent: OS::Heat::None
- OS::TripleO::Services::NeutronMetadataAgent: OS::Heat::None
OS::TripleO::Services::NeutronCorePlugin: OS::TripleO::Services::NeutronCorePluginML2OVN
- OS::TripleO::Services::ComputeNeutronCorePlugin: ../puppet/services/neutron-compute-plugin-ovn.yaml
+ OS::TripleO::Services::OVNController: ../puppet/services/ovn-controller.yaml
+ OS::TripleO::Services::OVNDBs: ../puppet/services/ovn-dbs.yaml
# Disabling Neutron services that overlap with OVN
- OS::TripleO::Services::NeutronDhcpAgent: OS::Heat::None
+ OS::TripleO::Services::NeutronOvsAgent: OS::Heat::None
OS::TripleO::Services::ComputeNeutronOvsAgent: OS::Heat::None
- OS::TripleO::Services::OVNDBs: ../puppet/services/ovn-dbs.yaml
+ OS::TripleO::Services::NeutronDhcpAgent: OS::Heat::None
+ OS::TripleO::Services::NeutronL3Agent: OS::Heat::None
+ OS::TripleO::Services::NeutronMetadataAgent: OS::Heat::None
+ OS::TripleO::Services::ComputeNeutronCorePlugin: OS::Heat::None
parameter_defaults:
NeutronMechanismDrivers: ovn
# A Heat environment file which can be used to enable a
# a Neutron Nuage backend on the controller, configured via puppet
resource_registry:
+ OS::TripleO::Services::NeutronDhcpAgent: OS::Heat::None
OS::TripleO::Services::NeutronL3Agent: OS::Heat::None
OS::TripleO::Services::NeutronMetadataAgent: OS::Heat::None
OS::TripleO::Services::NeutronOvsAgent: OS::Heat::None
OS::TripleO::Services::ComputeNeutronOvsAgent: OS::Heat::None
# Override the NeutronCorePlugin to use Nuage
- OS::TripleO::Services::NeutronCorePlugin: OS::TripleO::Services::NeutronCorePluginNuage
- OS::TripleO::Services::ComputeNeutronCorePlugin: ../puppet/services/neutron-compute-plugin-nuage.yaml
+ OS::TripleO::Services::NeutronCorePlugin: OS::TripleO::Services::NeutronCorePluginML2Nuage
parameter_defaults:
NeutronNuageNetPartitionName: 'default_name'
NeutronNuageBaseURIVersion: 'default_uri_version'
NeutronNuageCMSId: ''
UseForwardedFor: true
- NeutronCorePlugin: 'nuage_neutron.plugins.nuage.plugin.NuagePlugin'
- NeutronEnableDHCPAgent: false
- NeutronServicePlugins: []
- NovaOVSBridge: 'alubr0'
- controllerExtraConfig:
+ NeutronServicePlugins: ''
+ NeutronDBSyncExtraParams: '--config-file /etc/neutron/neutron.conf --config-file /etc/neutron/plugin.ini'
+ NeutronTypeDrivers: ''
+ NeutronNetworkType: ''
+ NeutronMechanismDrivers: ''
+ NeutronPluginExtensions: ''
+ NeutronFlatNetworks: ''
+ NeutronTunnelIdRanges: ''
+ NeutronNetworkVLANRanges: ''
+ NeutronVniRanges: ''
+ NovaOVSBridge: 'default_bridge'
+ NeutronMetadataProxySharedSecret: 'default'
+ InstanceNameTemplate: 'inst-%08x'
+ ControllerExtraConfig:
neutron::api_extensions_path: '/usr/lib/python2.7/site-packages/neutron/plugins/nuage/'
--- /dev/null
+# A Heat environment that can be used to deploy OpenDaylight with SRIOV
+resource_registry:
+ OS::TripleO::Services::NeutronOvsAgent: OS::Heat::None
+ OS::TripleO::Services::ComputeNeutronOvsAgent: OS::Heat::None
+ OS::TripleO::Services::ComputeNeutronCorePlugin: ../puppet/services/neutron-plugin-ml2.yaml
+ OS::TripleO::Services::NeutronCorePlugin: ../puppet/services/neutron-plugin-ml2-odl.yaml
+ OS::TripleO::Services::OpenDaylightApi: ../puppet/services/opendaylight-api.yaml
+ OS::TripleO::Services::OpenDaylightOvs: ../puppet/services/opendaylight-ovs.yaml
+ OS::TripleO::Services::NeutronSriovAgent: ../puppet/services/neutron-sriov-agent.yaml
+ OS::TripleO::Services::NeutronL3Agent: OS::Heat::None
+
+parameter_defaults:
+ NeutronEnableForceMetadata: true
+ NeutronMechanismDrivers: ['sriovnicswitch','opendaylight_v2']
+ NeutronServicePlugins: 'odl-router_v2,trunk'
+
+ # Add PciPassthroughFilter to the scheduler default filters
+ #NovaSchedulerDefaultFilters: ['RetryFilter','AvailabilityZoneFilter','RamFilter','ComputeFilter','ComputeCapabilitiesFilter','ImagePropertiesFilter','ServerGroupAntiAffinityFilter','ServerGroupAffinityFilter','PciPassthroughFilter']
+ #NovaSchedulerAvailableFilters: ["nova.scheduler.filters.all_filters","nova.scheduler.filters.pci_passthrough_filter.PciPassthroughFilter"]
+
+ #NeutronPhysicalDevMappings: "datacentre:ens20f2"
+
+ # Number of VFs that needs to be configured for a physical interface
+ #NeutronSriovNumVFs: "ens20f2:5"
+
+ #NovaPCIPassthrough:
+ # - devname: "ens20f2"
+ # physical_network: "datacentre"
# Nuage backend on the compute, configured via puppet
resource_registry:
OS::TripleO::ComputeExtraConfigPre: ../puppet/extraconfig/pre_deploy/compute/nova-nuage.yaml
+ OS::TripleO::Services::ComputeNeutronCorePlugin: ../puppet/services/neutron-compute-plugin-nuage.yaml
parameter_defaults:
NuageActiveController: '0.0.0.0'
NuageStandbyController: '0.0.0.0'
+ NovaOVSBridge: 'default_bridge'
+ NovaComputeLibvirtType: 'default_type'
+ NovaIPv6: False
+ NuageMetadataProxySharedSecret: 'default'
+ NuageNovaApiEndpoint: 'default_endpoint'
{% for role in roles %}
{{role.name}}Services: []
{% endfor %}
-
- # Consistent Hostname format
- ControllerHostnameFormat: overcloud-controller-%index%
- ComputeHostnameFormat: overcloud-novacompute-%index%
- ObjectStorageHostnameFormat: overcloud-objectstorage-%index%
- CephStorageHostnameFormat: overcloud-cephstorage-%index%
- BlockStorageHostnameFormat: overcloud-blockstorage-%index%
resource_registry:
OS::TripleO::DeployedServerEnvironment: ../deployed-server/deployed-server-environment-output.yaml
-
-parameter_defaults:
- # Consistent Hostname format
- ControllerDeployedServerHostnameFormat: overcloud-controller-%index%
- ComputeDeployedServerHostnameFormat: overcloud-novacompute-%index%
- ObjectStorageDeployedServerHostnameFormat: overcloud-objectstorage-%index%
- CephStorageDeployedServerHostnameFormat: overcloud-cephstorage-%index%
- BlockStorageDeployedServerHostnameFormat: overcloud-blockstorage-%index%
--- /dev/null
+# *******************************************************************
+# This file was created automatically by the sample environment
+# generator. Developers should use `tox -e genconfig` to update it.
+# Users are recommended to make changes to a copy of the file instead
+# of the original, if any customizations are needed.
+# *******************************************************************
+# title: Custom Domain Name
+# description: |
+# This environment contains the parameters that need to be set in order to
+# use a custom domain name and have all of the various FQDNs reflect it.
+parameter_defaults:
+ # The DNS domain used for the hosts. This must match the overcloud_domain_name configured on the undercloud.
+ # Type: string
+ CloudDomain: localdomain
+
+ # The DNS name of this cloud. E.g. ci-overcloud.tripleo.org
+ # Type: string
+ CloudName: overcloud.localdomain
+
+ # The DNS name of this cloud's provisioning network endpoint. E.g. 'ci-overcloud.ctlplane.tripleo.org'.
+ # Type: string
+ CloudNameCtlplane: overcloud.ctlplane.localdomain
+
+ # The DNS name of this cloud's internal API endpoint. E.g. 'ci-overcloud.internalapi.tripleo.org'.
+ # Type: string
+ CloudNameInternal: overcloud.internalapi.localdomain
+
+ # The DNS name of this cloud's storage endpoint. E.g. 'ci-overcloud.storage.tripleo.org'.
+ # Type: string
+ CloudNameStorage: overcloud.storage.localdomain
+
+ # The DNS name of this cloud's storage management endpoint. E.g. 'ci-overcloud.storagemgmt.tripleo.org'.
+ # Type: string
+ CloudNameStorageManagement: overcloud.storagemgmt.localdomain
+
+# ****************************************************************************
+# DEPRECATED: Use tripleo-heat-templates/environments/storage/enable-ceph.yaml
+# instead.
+# ****************************************************************************
resource_registry:
OS::TripleO::Services::CephMon: ../puppet/services/ceph-mon.yaml
OS::TripleO::Services::CephOSD: ../puppet/services/ceph-osd.yaml
OS::TripleO::Services::IronicConductor: ../../docker/services/ironic-conductor.yaml
OS::TripleO::Services::IronicPxe: ../../docker/services/ironic-pxe.yaml
OS::TripleO::Services::NovaIronic: ../../docker/services/nova-ironic.yaml
+parameter_defaults:
+ NovaSchedulerDiscoverHostsInCellsInterval: 15
OS::TripleO::Services::OctaviaHousekeeping: ../../docker/services/octavia-housekeeping.yaml
OS::TripleO::Services::OctaviaHealthManager: ../../docker/services/octavia-health-manager.yaml
OS::TripleO::Services::OctaviaWorker: ../../docker/services/octavia-worker.yaml
+
+parameter_defaults:
+ NeutronServicePlugins: "qos,router,trunk,lbaasv2"
+ NeutronEnableForceMetadata: true
+
--- /dev/null
+parameter_defaults:
+ # Consistent Hostname format
+{% for role in roles %}
+ {{role.name}}HostnameFormat: overcloud-{{role.name.lower()}}-%index%
+{% endfor %}
CongressAdmin: {protocol: 'http', port: '1789', host: 'IP_ADDRESS'}
CongressInternal: {protocol: 'http', port: '1789', host: 'IP_ADDRESS'}
CongressPublic: {protocol: 'https', port: '13789', host: 'CLOUDNAME'}
- ContrailAnalyticsApiAdmin: {protocol: 'http', port: '8081', host: 'IP_ADDRESS'}
- ContrailAnalyticsApiInternal: {protocol: 'http', port: '8081', host: 'IP_ADDRESS'}
- ContrailAnalyticsApiPublic: {protocol: 'http', port: '8081', host: 'IP_ADDRESS'}
- ContrailAnalyticsCollectorHttpAdmin: {protocol: 'http', port: '8089',
- host: 'IP_ADDRESS'}
- ContrailAnalyticsCollectorHttpInternal: {protocol: 'http', port: '8089',
- host: 'IP_ADDRESS'}
- ContrailAnalyticsCollectorHttpPublic: {protocol: 'http', port: '8089',
- host: 'IP_ADDRESS'}
- ContrailAnalyticsCollectorSandeshAdmin: {protocol: 'http', port: '8086',
- host: 'IP_ADDRESS'}
- ContrailAnalyticsCollectorSandeshInternal: {protocol: 'http', port: '8086',
- host: 'IP_ADDRESS'}
- ContrailAnalyticsCollectorSandeshPublic: {protocol: 'http', port: '8086',
- host: 'IP_ADDRESS'}
- ContrailAnalyticsHttpAdmin: {protocol: 'http', port: '8090', host: 'IP_ADDRESS'}
- ContrailAnalyticsHttpInternal: {protocol: 'http', port: '8090', host: 'IP_ADDRESS'}
- ContrailAnalyticsHttpPublic: {protocol: 'http', port: '8090', host: 'IP_ADDRESS'}
- ContrailAnalyticsRedisAdmin: {protocol: 'http', port: '6379', host: 'IP_ADDRESS'}
- ContrailAnalyticsRedisInternal: {protocol: 'http', port: '6379', host: 'IP_ADDRESS'}
- ContrailAnalyticsRedisPublic: {protocol: 'http', port: '6379', host: 'IP_ADDRESS'}
- ContrailConfigAdmin: {protocol: 'http', port: '8082', host: 'IP_ADDRESS'}
- ContrailConfigInternal: {protocol: 'http', port: '8082', host: 'IP_ADDRESS'}
- ContrailConfigPublic: {protocol: 'http', port: '8082', host: 'IP_ADDRESS'}
- ContrailDiscoveryAdmin: {protocol: 'http', port: '5998', host: 'IP_ADDRESS'}
- ContrailDiscoveryInternal: {protocol: 'http', port: '5998', host: 'IP_ADDRESS'}
- ContrailDiscoveryPublic: {protocol: 'http', port: '5998', host: 'IP_ADDRESS'}
- ContrailWebuiHttpAdmin: {protocol: 'http', port: '8080', host: 'IP_ADDRESS'}
- ContrailWebuiHttpInternal: {protocol: 'http', port: '8080', host: 'IP_ADDRESS'}
- ContrailWebuiHttpPublic: {protocol: 'http', port: '8080', host: 'IP_ADDRESS'}
- ContrailWebuiHttpsAdmin: {protocol: 'http', port: '8143', host: 'IP_ADDRESS'}
- ContrailWebuiHttpsInternal: {protocol: 'http', port: '8143', host: 'IP_ADDRESS'}
- ContrailWebuiHttpsPublic: {protocol: 'http', port: '8143', host: 'IP_ADDRESS'}
Ec2ApiAdmin: {protocol: 'http', port: '8788', host: 'IP_ADDRESS'}
Ec2ApiInternal: {protocol: 'http', port: '8788', host: 'IP_ADDRESS'}
Ec2ApiPublic: {protocol: 'https', port: '13788', host: 'CLOUDNAME'}
CongressAdmin: {protocol: 'http', port: '1789', host: 'IP_ADDRESS'}
CongressInternal: {protocol: 'http', port: '1789', host: 'IP_ADDRESS'}
CongressPublic: {protocol: 'https', port: '13789', host: 'IP_ADDRESS'}
- ContrailAnalyticsApiAdmin: {protocol: 'http', port: '8081', host: 'IP_ADDRESS'}
- ContrailAnalyticsApiInternal: {protocol: 'http', port: '8081', host: 'IP_ADDRESS'}
- ContrailAnalyticsApiPublic: {protocol: 'http', port: '8081', host: 'IP_ADDRESS'}
- ContrailAnalyticsCollectorHttpAdmin: {protocol: 'http', port: '8089',
- host: 'IP_ADDRESS'}
- ContrailAnalyticsCollectorHttpInternal: {protocol: 'http', port: '8089',
- host: 'IP_ADDRESS'}
- ContrailAnalyticsCollectorHttpPublic: {protocol: 'http', port: '8089',
- host: 'IP_ADDRESS'}
- ContrailAnalyticsCollectorSandeshAdmin: {protocol: 'http', port: '8086',
- host: 'IP_ADDRESS'}
- ContrailAnalyticsCollectorSandeshInternal: {protocol: 'http', port: '8086',
- host: 'IP_ADDRESS'}
- ContrailAnalyticsCollectorSandeshPublic: {protocol: 'http', port: '8086',
- host: 'IP_ADDRESS'}
- ContrailAnalyticsHttpAdmin: {protocol: 'http', port: '8090', host: 'IP_ADDRESS'}
- ContrailAnalyticsHttpInternal: {protocol: 'http', port: '8090', host: 'IP_ADDRESS'}
- ContrailAnalyticsHttpPublic: {protocol: 'http', port: '8090', host: 'IP_ADDRESS'}
- ContrailAnalyticsRedisAdmin: {protocol: 'http', port: '6379', host: 'IP_ADDRESS'}
- ContrailAnalyticsRedisInternal: {protocol: 'http', port: '6379', host: 'IP_ADDRESS'}
- ContrailAnalyticsRedisPublic: {protocol: 'http', port: '6379', host: 'IP_ADDRESS'}
- ContrailConfigAdmin: {protocol: 'http', port: '8082', host: 'IP_ADDRESS'}
- ContrailConfigInternal: {protocol: 'http', port: '8082', host: 'IP_ADDRESS'}
- ContrailConfigPublic: {protocol: 'http', port: '8082', host: 'IP_ADDRESS'}
- ContrailDiscoveryAdmin: {protocol: 'http', port: '5998', host: 'IP_ADDRESS'}
- ContrailDiscoveryInternal: {protocol: 'http', port: '5998', host: 'IP_ADDRESS'}
- ContrailDiscoveryPublic: {protocol: 'http', port: '5998', host: 'IP_ADDRESS'}
- ContrailWebuiHttpAdmin: {protocol: 'http', port: '8080', host: 'IP_ADDRESS'}
- ContrailWebuiHttpInternal: {protocol: 'http', port: '8080', host: 'IP_ADDRESS'}
- ContrailWebuiHttpPublic: {protocol: 'http', port: '8080', host: 'IP_ADDRESS'}
- ContrailWebuiHttpsAdmin: {protocol: 'http', port: '8143', host: 'IP_ADDRESS'}
- ContrailWebuiHttpsInternal: {protocol: 'http', port: '8143', host: 'IP_ADDRESS'}
- ContrailWebuiHttpsPublic: {protocol: 'http', port: '8143', host: 'IP_ADDRESS'}
Ec2ApiAdmin: {protocol: 'http', port: '8788', host: 'IP_ADDRESS'}
Ec2ApiInternal: {protocol: 'http', port: '8788', host: 'IP_ADDRESS'}
Ec2ApiPublic: {protocol: 'https', port: '13788', host: 'IP_ADDRESS'}
CongressAdmin: {protocol: 'https', port: '1789', host: 'CLOUDNAME'}
CongressInternal: {protocol: 'https', port: '1789', host: 'CLOUDNAME'}
CongressPublic: {protocol: 'https', port: '13789', host: 'CLOUDNAME'}
- ContrailAnalyticsApiAdmin: {protocol: 'http', port: '8081', host: 'IP_ADDRESS'}
- ContrailAnalyticsApiInternal: {protocol: 'http', port: '8081', host: 'IP_ADDRESS'}
- ContrailAnalyticsApiPublic: {protocol: 'http', port: '8081', host: 'IP_ADDRESS'}
- ContrailAnalyticsCollectorHttpAdmin: {protocol: 'http', port: '8089',
- host: 'IP_ADDRESS'}
- ContrailAnalyticsCollectorHttpInternal: {protocol: 'http', port: '8089',
- host: 'IP_ADDRESS'}
- ContrailAnalyticsCollectorHttpPublic: {protocol: 'http', port: '8089',
- host: 'IP_ADDRESS'}
- ContrailAnalyticsCollectorSandeshAdmin: {protocol: 'http', port: '8086',
- host: 'IP_ADDRESS'}
- ContrailAnalyticsCollectorSandeshInternal: {protocol: 'http', port: '8086',
- host: 'IP_ADDRESS'}
- ContrailAnalyticsCollectorSandeshPublic: {protocol: 'http', port: '8086',
- host: 'IP_ADDRESS'}
- ContrailAnalyticsHttpAdmin: {protocol: 'http', port: '8090', host: 'IP_ADDRESS'}
- ContrailAnalyticsHttpInternal: {protocol: 'http', port: '8090', host: 'IP_ADDRESS'}
- ContrailAnalyticsHttpPublic: {protocol: 'http', port: '8090', host: 'IP_ADDRESS'}
- ContrailAnalyticsRedisAdmin: {protocol: 'http', port: '6379', host: 'IP_ADDRESS'}
- ContrailAnalyticsRedisInternal: {protocol: 'http', port: '6379', host: 'IP_ADDRESS'}
- ContrailAnalyticsRedisPublic: {protocol: 'http', port: '6379', host: 'IP_ADDRESS'}
- ContrailConfigAdmin: {protocol: 'http', port: '8082', host: 'IP_ADDRESS'}
- ContrailConfigInternal: {protocol: 'http', port: '8082', host: 'IP_ADDRESS'}
- ContrailConfigPublic: {protocol: 'http', port: '8082', host: 'IP_ADDRESS'}
- ContrailDiscoveryAdmin: {protocol: 'http', port: '5998', host: 'IP_ADDRESS'}
- ContrailDiscoveryInternal: {protocol: 'http', port: '5998', host: 'IP_ADDRESS'}
- ContrailDiscoveryPublic: {protocol: 'http', port: '5998', host: 'IP_ADDRESS'}
- ContrailWebuiHttpAdmin: {protocol: 'http', port: '8080', host: 'IP_ADDRESS'}
- ContrailWebuiHttpInternal: {protocol: 'http', port: '8080', host: 'IP_ADDRESS'}
- ContrailWebuiHttpPublic: {protocol: 'http', port: '8080', host: 'IP_ADDRESS'}
- ContrailWebuiHttpsAdmin: {protocol: 'http', port: '8143', host: 'IP_ADDRESS'}
- ContrailWebuiHttpsInternal: {protocol: 'http', port: '8143', host: 'IP_ADDRESS'}
- ContrailWebuiHttpsPublic: {protocol: 'http', port: '8143', host: 'IP_ADDRESS'}
Ec2ApiAdmin: {protocol: 'https', port: '8788', host: 'CLOUDNAME'}
Ec2ApiInternal: {protocol: 'https', port: '8788', host: 'CLOUDNAME'}
Ec2ApiPublic: {protocol: 'https', port: '13788', host: 'CLOUDNAME'}
# Type: boolean
NovaEnableRbdBackend: True
+resource_registry:
+ OS::TripleO::Services::CephClient: ../../puppet/services/ceph-client.yaml
+ OS::TripleO::Services::CephMon: ../../puppet/services/ceph-mon.yaml
+ OS::TripleO::Services::CephOSD: ../../puppet/services/ceph-osd.yaml
CongressAdmin: {protocol: 'http', port: '1789', host: 'IP_ADDRESS'}
CongressInternal: {protocol: 'http', port: '1789', host: 'IP_ADDRESS'}
CongressPublic: {protocol: 'https', port: '13789', host: 'CLOUDNAME'}
- ContrailAnalyticsApiAdmin: {protocol: 'http', port: '8081', host: 'IP_ADDRESS'}
- ContrailAnalyticsApiInternal: {protocol: 'http', port: '8081', host: 'IP_ADDRESS'}
- ContrailAnalyticsApiPublic: {protocol: 'http', port: '8081', host: 'IP_ADDRESS'}
- ContrailAnalyticsCollectorHttpAdmin: {protocol: 'http', port: '8089',
- host: 'IP_ADDRESS'}
- ContrailAnalyticsCollectorHttpInternal: {protocol: 'http', port: '8089',
- host: 'IP_ADDRESS'}
- ContrailAnalyticsCollectorHttpPublic: {protocol: 'http', port: '8089',
- host: 'IP_ADDRESS'}
- ContrailAnalyticsCollectorSandeshAdmin: {protocol: 'http', port: '8086',
- host: 'IP_ADDRESS'}
- ContrailAnalyticsCollectorSandeshInternal: {protocol: 'http', port: '8086',
- host: 'IP_ADDRESS'}
- ContrailAnalyticsCollectorSandeshPublic: {protocol: 'http', port: '8086',
- host: 'IP_ADDRESS'}
- ContrailAnalyticsHttpAdmin: {protocol: 'http', port: '8090', host: 'IP_ADDRESS'}
- ContrailAnalyticsHttpInternal: {protocol: 'http', port: '8090', host: 'IP_ADDRESS'}
- ContrailAnalyticsHttpPublic: {protocol: 'http', port: '8090', host: 'IP_ADDRESS'}
- ContrailAnalyticsRedisAdmin: {protocol: 'http', port: '6379', host: 'IP_ADDRESS'}
- ContrailAnalyticsRedisInternal: {protocol: 'http', port: '6379', host: 'IP_ADDRESS'}
- ContrailAnalyticsRedisPublic: {protocol: 'http', port: '6379', host: 'IP_ADDRESS'}
- ContrailConfigAdmin: {protocol: 'http', port: '8082', host: 'IP_ADDRESS'}
- ContrailConfigInternal: {protocol: 'http', port: '8082', host: 'IP_ADDRESS'}
- ContrailConfigPublic: {protocol: 'http', port: '8082', host: 'IP_ADDRESS'}
- ContrailDiscoveryAdmin: {protocol: 'http', port: '5998', host: 'IP_ADDRESS'}
- ContrailDiscoveryInternal: {protocol: 'http', port: '5998', host: 'IP_ADDRESS'}
- ContrailDiscoveryPublic: {protocol: 'http', port: '5998', host: 'IP_ADDRESS'}
- ContrailWebuiHttpAdmin: {protocol: 'http', port: '8080', host: 'IP_ADDRESS'}
- ContrailWebuiHttpInternal: {protocol: 'http', port: '8080', host: 'IP_ADDRESS'}
- ContrailWebuiHttpPublic: {protocol: 'http', port: '8080', host: 'IP_ADDRESS'}
- ContrailWebuiHttpsAdmin: {protocol: 'http', port: '8143', host: 'IP_ADDRESS'}
- ContrailWebuiHttpsInternal: {protocol: 'http', port: '8143', host: 'IP_ADDRESS'}
- ContrailWebuiHttpsPublic: {protocol: 'http', port: '8143', host: 'IP_ADDRESS'}
Ec2ApiAdmin: {protocol: 'http', port: '8788', host: 'IP_ADDRESS'}
Ec2ApiInternal: {protocol: 'http', port: '8788', host: 'IP_ADDRESS'}
Ec2ApiPublic: {protocol: 'https', port: '13788', host: 'CLOUDNAME'}
CongressAdmin: {protocol: 'http', port: '1789', host: 'IP_ADDRESS'}
CongressInternal: {protocol: 'http', port: '1789', host: 'IP_ADDRESS'}
CongressPublic: {protocol: 'https', port: '13789', host: 'IP_ADDRESS'}
- ContrailAnalyticsApiAdmin: {protocol: 'http', port: '8081', host: 'IP_ADDRESS'}
- ContrailAnalyticsApiInternal: {protocol: 'http', port: '8081', host: 'IP_ADDRESS'}
- ContrailAnalyticsApiPublic: {protocol: 'http', port: '8081', host: 'IP_ADDRESS'}
- ContrailAnalyticsCollectorHttpAdmin: {protocol: 'http', port: '8089',
- host: 'IP_ADDRESS'}
- ContrailAnalyticsCollectorHttpInternal: {protocol: 'http', port: '8089',
- host: 'IP_ADDRESS'}
- ContrailAnalyticsCollectorHttpPublic: {protocol: 'http', port: '8089',
- host: 'IP_ADDRESS'}
- ContrailAnalyticsCollectorSandeshAdmin: {protocol: 'http', port: '8086',
- host: 'IP_ADDRESS'}
- ContrailAnalyticsCollectorSandeshInternal: {protocol: 'http', port: '8086',
- host: 'IP_ADDRESS'}
- ContrailAnalyticsCollectorSandeshPublic: {protocol: 'http', port: '8086',
- host: 'IP_ADDRESS'}
- ContrailAnalyticsHttpAdmin: {protocol: 'http', port: '8090', host: 'IP_ADDRESS'}
- ContrailAnalyticsHttpInternal: {protocol: 'http', port: '8090', host: 'IP_ADDRESS'}
- ContrailAnalyticsHttpPublic: {protocol: 'http', port: '8090', host: 'IP_ADDRESS'}
- ContrailAnalyticsRedisAdmin: {protocol: 'http', port: '6379', host: 'IP_ADDRESS'}
- ContrailAnalyticsRedisInternal: {protocol: 'http', port: '6379', host: 'IP_ADDRESS'}
- ContrailAnalyticsRedisPublic: {protocol: 'http', port: '6379', host: 'IP_ADDRESS'}
- ContrailConfigAdmin: {protocol: 'http', port: '8082', host: 'IP_ADDRESS'}
- ContrailConfigInternal: {protocol: 'http', port: '8082', host: 'IP_ADDRESS'}
- ContrailConfigPublic: {protocol: 'http', port: '8082', host: 'IP_ADDRESS'}
- ContrailDiscoveryAdmin: {protocol: 'http', port: '5998', host: 'IP_ADDRESS'}
- ContrailDiscoveryInternal: {protocol: 'http', port: '5998', host: 'IP_ADDRESS'}
- ContrailDiscoveryPublic: {protocol: 'http', port: '5998', host: 'IP_ADDRESS'}
- ContrailWebuiHttpAdmin: {protocol: 'http', port: '8080', host: 'IP_ADDRESS'}
- ContrailWebuiHttpInternal: {protocol: 'http', port: '8080', host: 'IP_ADDRESS'}
- ContrailWebuiHttpPublic: {protocol: 'http', port: '8080', host: 'IP_ADDRESS'}
- ContrailWebuiHttpsAdmin: {protocol: 'http', port: '8143', host: 'IP_ADDRESS'}
- ContrailWebuiHttpsInternal: {protocol: 'http', port: '8143', host: 'IP_ADDRESS'}
- ContrailWebuiHttpsPublic: {protocol: 'http', port: '8143', host: 'IP_ADDRESS'}
Ec2ApiAdmin: {protocol: 'http', port: '8788', host: 'IP_ADDRESS'}
Ec2ApiInternal: {protocol: 'http', port: '8788', host: 'IP_ADDRESS'}
Ec2ApiPublic: {protocol: 'https', port: '13788', host: 'IP_ADDRESS'}
CongressAdmin: {protocol: 'https', port: '1789', host: 'CLOUDNAME'}
CongressInternal: {protocol: 'https', port: '1789', host: 'CLOUDNAME'}
CongressPublic: {protocol: 'https', port: '13789', host: 'CLOUDNAME'}
- ContrailAnalyticsApiAdmin: {protocol: 'http', port: '8081', host: 'IP_ADDRESS'}
- ContrailAnalyticsApiInternal: {protocol: 'http', port: '8081', host: 'IP_ADDRESS'}
- ContrailAnalyticsApiPublic: {protocol: 'http', port: '8081', host: 'IP_ADDRESS'}
- ContrailAnalyticsCollectorHttpAdmin: {protocol: 'http', port: '8089',
- host: 'IP_ADDRESS'}
- ContrailAnalyticsCollectorHttpInternal: {protocol: 'http', port: '8089',
- host: 'IP_ADDRESS'}
- ContrailAnalyticsCollectorHttpPublic: {protocol: 'http', port: '8089',
- host: 'IP_ADDRESS'}
- ContrailAnalyticsCollectorSandeshAdmin: {protocol: 'http', port: '8086',
- host: 'IP_ADDRESS'}
- ContrailAnalyticsCollectorSandeshInternal: {protocol: 'http', port: '8086',
- host: 'IP_ADDRESS'}
- ContrailAnalyticsCollectorSandeshPublic: {protocol: 'http', port: '8086',
- host: 'IP_ADDRESS'}
- ContrailAnalyticsHttpAdmin: {protocol: 'http', port: '8090', host: 'IP_ADDRESS'}
- ContrailAnalyticsHttpInternal: {protocol: 'http', port: '8090', host: 'IP_ADDRESS'}
- ContrailAnalyticsHttpPublic: {protocol: 'http', port: '8090', host: 'IP_ADDRESS'}
- ContrailAnalyticsRedisAdmin: {protocol: 'http', port: '6379', host: 'IP_ADDRESS'}
- ContrailAnalyticsRedisInternal: {protocol: 'http', port: '6379', host: 'IP_ADDRESS'}
- ContrailAnalyticsRedisPublic: {protocol: 'http', port: '6379', host: 'IP_ADDRESS'}
- ContrailConfigAdmin: {protocol: 'http', port: '8082', host: 'IP_ADDRESS'}
- ContrailConfigInternal: {protocol: 'http', port: '8082', host: 'IP_ADDRESS'}
- ContrailConfigPublic: {protocol: 'http', port: '8082', host: 'IP_ADDRESS'}
- ContrailDiscoveryAdmin: {protocol: 'http', port: '5998', host: 'IP_ADDRESS'}
- ContrailDiscoveryInternal: {protocol: 'http', port: '5998', host: 'IP_ADDRESS'}
- ContrailDiscoveryPublic: {protocol: 'http', port: '5998', host: 'IP_ADDRESS'}
- ContrailWebuiHttpAdmin: {protocol: 'http', port: '8080', host: 'IP_ADDRESS'}
- ContrailWebuiHttpInternal: {protocol: 'http', port: '8080', host: 'IP_ADDRESS'}
- ContrailWebuiHttpPublic: {protocol: 'http', port: '8080', host: 'IP_ADDRESS'}
- ContrailWebuiHttpsAdmin: {protocol: 'http', port: '8143', host: 'IP_ADDRESS'}
- ContrailWebuiHttpsInternal: {protocol: 'http', port: '8143', host: 'IP_ADDRESS'}
- ContrailWebuiHttpsPublic: {protocol: 'http', port: '8143', host: 'IP_ADDRESS'}
Ec2ApiAdmin: {protocol: 'https', port: '8788', host: 'CLOUDNAME'}
Ec2ApiInternal: {protocol: 'https', port: '8788', host: 'CLOUDNAME'}
Ec2ApiPublic: {protocol: 'https', port: '13788', host: 'CLOUDNAME'}
VrtsRabbitPassword: ''
VrtsKeystonePassword: ''
VrtsMysqlPassword: ''
+ VrtsCtrlMgmtIP: ''
+ VrtsDashboardIP: ''
+ VrtsZookeeperIP: ''
+ VrtsSSHPassword: ''
+ VrtsConfigParam1: ''
+ VrtsConfigParam2: ''
+ VrtsConfigParam3: ''
--- /dev/null
+heat_template_version: pike
+
+parameters:
+ ContrailRepo:
+ type: string
+ default: ''
+
+resources:
+ userdata:
+ type: OS::Heat::MultipartMime
+ properties:
+ parts:
+ - config: {get_resource: EnableContrailRepoConfig}
+
+ EnableContrailRepoConfig:
+ type: OS::Heat::SoftwareConfig
+ properties:
+ config:
+ str_replace:
+ template: |
+ #!/bin/bash
+ contrail_repo=$contrail_repo
+ if [[ ${contrail_repo} ]]; then
+ cat <<EOF > /etc/yum.repos.d/contrail.repo
+ [Contrail]
+ name=Contrail Repo
+ baseurl=${contrail_repo}
+ enabled=1
+ gpgcheck=0
+ protect=1
+ metadata_expire=30
+ EOF
+ fi
+ params:
+ $contrail_repo: {get_param: ContrailRepo}
+
+outputs:
+ # This means get_resource from the parent template will get the userdata, see:
+ # http://docs.openstack.org/developer/heat/template_guide/composition.html#making-your-template-resource-more-transparent
+ # Note this is new-for-kilo, an alternative is returning a value then using
+ # get_attr in the parent template instead.
+ OS::stack_id:
+ value: {get_resource: userdata}
CloudNameCtlplane:
default: overcloud.ctlplane.localdomain
description: >
- The DNS name of this cloud's storage management endpoint. E.g.
- 'ci-overcloud.management.tripleo.org'.
+ The DNS name of this cloud's provisioning network endpoint. E.g.
+ 'ci-overcloud.ctlplane.tripleo.org'.
type: string
resources:
--- /dev/null
+heat_template_version: pike
+
+# NOTE: You don't need to pass the parameter explicitly from the
+# parent template, it can be specified via the parameter_defaults
+# in the resource_registry instead, if you want to override the default
+# and/or share values with other templates in the tree.
+parameters:
+ ContrailRepo:
+ type: string
+ default: ''
+ ContrailVrouterPhysicalInterface:
+ default: 'eth0'
+ description: vRouter physical interface
+ type: string
+ ContrailVlanParentInterface:
+ default: ''
+ description: Parent interface of vlan interface
+ type: string
+ ContrailBondInterface:
+ default: ''
+ description: Bond interface name
+ type: string
+ ContrailBondInterfaceMembers:
+ default: ''
+ description: Bond interface members
+ type: string
+ ContrailBondMode:
+ default: '4'
+ description: Bond Mode
+ type: string
+ ContrailBondPolicy:
+ default: '1'
+ description: Bond Policy
+ type: string
+ RoleParameters:
+ type: json
+ description: Parameters specific to the role
+ default: {}
+ ServiceNames:
+ type: comma_delimited_list
+ default: []
+ server:
+ type: string
+
+description: >
+ This template installs the Contrail kernel module packages in order
+ to bring vhost0 interface up. Vhost0 interface must be up before
+ os-net-config takes over.
+
+resources:
+
+ ContrailVrouterModuleDeployment:
+ type: OS::Heat::SoftwareDeployment
+ properties:
+ name: ContrailVrouterModuleDeployment
+ server: {get_param: server}
+ config: {get_resource: ContrailVrouterModuleConfig}
+ input_values:
+ phy_int: {get_param: ContrailVrouterPhysicalInterface}
+ bond_int: {get_param: ContrailBondInterface}
+ bond_int_members: {get_param: ContrailBondInterfaceMembers}
+ vlan_parent: {get_param: ContrailVlanParentInterface}
+ contrail_repo: {get_param: ContrailRepo}
+ bond_mode: {get_param: ContrailBondMode}
+ bond_policy: {get_param: ContrailBondPolicy}
+ actions: ['CREATE'] # Only do this on CREATE
+
+ ContrailVrouterModuleConfig:
+ type: OS::Heat::SoftwareConfig
+ properties:
+ group: script
+ inputs:
+ - name: phy_int
+ - name: bond_int
+ - name: bond_int_members
+ - name: vlan_parent
+ - name: contrail_repo
+ - name: bond_mode
+ - name: bond_policy
+ config: |
+ #!/bin/bash
+ phy_int=$phy_int
+ bond_int=$bond_int
+ bond_int_members=$bond_int_members
+ bond_mode=$bond_mode
+ bond_policy=$bond_policy
+ vlan_parent=$vlan_parent
+ contrail_repo=$contrail_repo
+ if [[ ${contrail_repo} ]]; then
+ yum install -y contrail-vrouter-utils
+ fi
+ function pkt_setup () {
+ for f in /sys/class/net/$1/queues/rx-*
+ do
+ q="$(echo $f | cut -d '-' -f2)"
+ r=$(($q%32))
+ s=$(($q/32))
+ ((mask=1<<$r))
+ str=(`printf "%x" $mask`)
+ if [ $s -gt 0 ]; then
+ for ((i=0; i < $s; i++))
+ do
+ str+=,00000000
+ done
+ fi
+ echo $str > $f/rps_cpus
+ done
+ ifconfig $1 up
+ }
+ function insert_vrouter() {
+ if [ -f /sys/class/net/pkt1/queues/rx-0/rps_cpus ]; then
+ pkt_setup pkt1
+ fi
+ if [ -f /sys/class/net/pkt2/queues/rx-0/rps_cpus ]; then
+ pkt_setup pkt2
+ fi
+ if [ -f /sys/class/net/pkt3/queues/rx-0/rps_cpus ]; then
+ pkt_setup pkt3
+ fi
+ DEV_MAC=$(cat /sys/class/net/${phy_int}/address)
+ vif --create vhost0 --mac $DEV_MAC
+ vif --add ${phy_int} --mac $DEV_MAC --vrf 0 --vhost-phys --type physical
+ vif --add vhost0 --mac $DEV_MAC --vrf 0 --type vhost --xconnect ${phy_int}
+ ip link set vhost0 up
+ return 0
+ }
+ if [[ ${bond_int} ]]; then
+ bond_int_member_list=$(echo ${bond_int_members} | tr "," "\n")
+ ip link add name ${bond_int} type bond
+ echo ${bond_mode} > /sys/class/net/${bond_int}/bonding/mode
+ echo ${bond_policy} > /sys/class/net/${bond_int}/bonding/xmit_hash_policy
+ for member in ${bond_int_member_list}; do
+ ip link set dev $member master ${bond_int}
+ done
+ fi
+ if [[ ${vlan_parent} ]]; then
+ vlanId=`echo ${phy_int} | awk -F"vlan" '{print $2}'`
+ ip link add name ${phy_int} link ${vlan_parent} type vlan id ${vlanId}
+ fi
+ if [[ ${contrail_repo} ]]; then
+ yumdownloader contrail-vrouter --destdir /tmp
+ cd /tmp
+ rpm2cpio /tmp/contrail-vrouter*.rpm | cpio -idmv
+ cp `find /tmp/lib/modules -name vrouter.ko |tail -1` /tmp
+ insmod /tmp/vrouter.ko
+ else
+ modprobe vrouter
+ fi
+ insert_vrouter
+ if [[ `ifconfig ${phy_int} |grep "inet "` ]]; then
+ def_gw=''
+ if [[ `ip route show |grep default|grep ${phy_int}` ]]; then
+ def_gw=`ip route show |grep default|grep ${phy_int}|awk '{print $3}'`
+ fi
+ ip=`ifconfig ${phy_int} |grep "inet "|awk '{print $2}'`
+ mask=`ifconfig ${phy_int} |grep "inet "|awk '{print $4}'`
+ ip address delete $ip/$mask dev ${phy_int}
+ ip address add $ip/$mask dev vhost0
+ if [[ $def_gw ]]; then
+ ip route add default via $def_gw
+ fi
+ fi
--- /dev/null
+heat_template_version: pike
+
+# NOTE: You don't need to pass the parameter explicitly from the
+# parent template, it can be specified via the parameter_defaults
+# in the resource_registry instead, if you want to override the default
+# and/or share values with other templates in the tree.
+parameters:
+ ContrailRepo:
+ type: string
+ default: ''
+ ContrailVrouterPhysicalInterface:
+ default: 'eth0'
+ description: vRouter physical interface
+ type: string
+ ContrailVlanParentInterface:
+ default: ''
+ description: Parent interface of vlan interface
+ type: string
+ ContrailBondInterface:
+ default: ''
+ description: Bond interface name
+ type: string
+ ContrailBondInterfaceMembers:
+ default: ''
+ description: Bond interface members
+ type: string
+ ContrailBondMode:
+ default: '4'
+ description: Bond Mode
+ type: string
+ ContrailBondPolicy:
+ default: '1'
+ description: Bond Policy
+ type: string
+ ContrailDpdkHugePages:
+ default: '2048'
+ description: DPDK Hugepages setting
+ type: string
+ RoleParameters:
+ type: json
+ description: Parameters specific to the role
+ default: {}
+ ServiceNames:
+ type: comma_delimited_list
+ default: []
+ server:
+ type: string
+
+description: >
+ This template installs the Contrail dpdk packages in order
+ to bring vhost0 interface up. Vhost0 interface must be up before
+ os-net-config takes over.
+
+resources:
+
+ ContrailVrouterDpdkDeployment:
+ type: OS::Heat::SoftwareDeployment
+ properties:
+ name: ContrailVrouterDpdkDeployment
+ server: {get_param: server}
+ config: {get_resource: ContrailVrouterDpdkConfig}
+ input_values:
+ phy_int: {get_param: ContrailVrouterPhysicalInterface}
+ bond_int: {get_param: ContrailBondInterface}
+ bond_int_members: {get_param: ContrailBondInterfaceMembers}
+ vlan_parent: {get_param: ContrailVlanParentInterface}
+ contrail_repo: {get_param: ContrailRepo}
+ bond_mode: {get_param: ContrailBondMode}
+ bond_policy: {get_param: ContrailBondPolicy}
+ dpdk_hugepages: {get_param: ContrailDpdkHugePages}
+ actions: ['CREATE'] # Only do this on CREATE
+
+ ContrailVrouterDpdkConfig:
+ type: OS::Heat::SoftwareConfig
+ properties:
+ group: script
+ config: |
+ #!/bin/bash
+ phy_int=$phy_int
+ bond_int=$bond_int
+ bond_int_members=$bond_int_members
+ bond_mode=$bond_mode
+ bond_policy=$bond_policy
+ vlan_parent=$vlan_parent
+ contrail_repo=$contrail_repo
+ dpdk_hugepages=$dpdk_hugepages
+ echo "vm.nr_hugepages = $dpdk_hugepages" >> /etc/sysctl.conf
+ echo "vm.max_map_count = 128960" >> /etc/sysctl.conf
+ echo "kernel.core_pattern = /var/crashes/core.%e.%p.%h.%t" >> /etc/sysctl.conf
+ echo "net.ipv4.tcp_keepalive_time = 5" >> /etc/sysctl.conf
+ echo "net.ipv4.tcp_keepalive_probes = 5" >> /etc/sysctl.conf
+ echo "net.ipv4.tcp_keepalive_intvl = 1" >> /etc/sysctl.conf
+ /sbin/sysctl --system
+ modprobe uio
+ if [[ ${contrail_repo} ]]; then
+ yum install -y contrail-vrouter-utils contrail-vrouter-dpdk contrail-vrouter-dpdk-init
+ fi
+ pci_address=`ethtool -i ${phy_int} |grep bus-info| awk '{print $2}' |tr -d ' '`
+ if [[ ${vlan_parent} ]]; then
+ pci_address=`ethtool -i ${vlan_parent} |grep bus-info| awk '{print $2}' |tr -d ' '`
+ fi
+ if [[ ${bond_int} ]]; then
+ bond_int_member_list=$(echo ${bond_int_members} | tr "," "\n")
+ cat <<EOF> /etc/sysconfig/network-scripts/ifcfg-${bond_int}
+ DEVICE=${bond_int}
+ BOOTPROTO=none
+ ONBOOT=yes
+ USERCTL=no
+ BONDING_OPTS="mode=${bond_mode} xmit_hash_policy=${bond_policy}"
+ EOF
+ for member in ${bond_int_member_list}; do
+ cat <<EOF> /etc/sysconfig/network-scripts/ifcfg-${member}
+ DEVICE=${member}
+ BOOTPROTO=none
+ ONBOOT=yes
+ MASTER=${bond_int}
+ SLAVE=yes
+ USERCTL=no
+ EOF
+ ip link set dev ${member} down
+ done
+ ifup ${bond_int}
+ pci_address=0000:00:00.0
+ fi
+ if [[ ${vlan_parent} ]]; then
+ echo ${vlan_parent} >> /tmp/vlan_parent
+ vlanId=`echo ${phy_int} | awk -F"vlan" '{print $2}'`
+ ip link add name ${phy_int} link ${vlan_parent} type vlan id ${vlanId}
+ fi
+ cat <<EOF > /etc/contrail/agent_param
+ LOG=/var/log/contrail.log
+ CONFIG=/etc/contrail/contrail-vrouter-agent.conf
+ prog=/usr/bin/contrail-vrouter-agent
+ pname=contrail-vrouter-agent
+ LIBDIR=/usr/lib64
+ DEVICE=vhost0
+ dev=${phy_int}
+ vgw_subnet_ip=__VGW_SUBNET_IP__
+ vgw_intf=__VGW_INTF_LIST__
+ LOGFILE=--log-file=/var/log/contrail/vrouter.log
+ EOF
+ mac=`ip link sh dev ${phy_int} | grep link/ether|awk '{print $2}' | tr -d ' '`
+ cat <<EOF > /etc/contrail/contrail-vrouter-agent.conf
+ [DEFAULT]
+ platform=dpdk
+ physical_interface_address=$pci_address
+ physical_interface_mac=$mac
+ physical_uio_driver=uio_pci_generic
+ [VIRTUAL-HOST-INTERFACE]
+ physical_interface=${phy_int}
+ name=vhost0
+ EOF
+ echo $pci_address > /etc/contrail/dpdk_pci
+ echo $mac > /etc/contrail/dpdk_mac
+ systemctl start supervisor-vrouter
+ if [[ `ifconfig ${phy_int} |grep "inet "` ]]; then
+ def_gw=''
+ if [[ `ip route show |grep default|grep ${phy_int}` ]]; then
+ def_gw=`ip route show |grep default|grep ${phy_int}|awk '{print $3}'`
+ fi
+ ip=`ifconfig ${phy_int} |grep "inet "|awk '{print $2}'`
+ mask=`ifconfig ${phy_int} |grep "inet "|awk '{print $4}'`
+ ip address delete $ip/$mask dev ${phy_int}
+ ip address add $ip/$mask dev vhost0
+ if [[ $def_gw ]]; then
+ ip route add default via $def_gw
+ fi
+ fi
type: string
RoleParameters:
type: json
- description: Role Specific parameters
+ description: Parameters specific to the role
default: {}
ServiceNames:
type: comma_delimited_list
- allowed_pattern: "[0-9,-]*"
type: string
default: ""
+ deployment_actions:
+ default: ['CREATE', 'UPDATE']
+ type: comma_delimited_list
+ description: >
+ List of stack actions that will trigger any deployments in this
+ templates. The actions will be an empty list of the server is in the
+ toplevel DeploymentServerBlacklist parameter's value.
+ EnableDpdkDeploymentActions:
+ default: ['CREATE']
+ type: comma_delimited_list
+ description: >
+ Exposing the DPDK deployment action, it may be required to run DPDK
+ config during an upgrade. By default DPDK will be enabled during the
+ CREATE action only. But on cases when it requires for certain migration,
+ it may be required to run it for UPDATE action too.
# DEPRECATED: the following options are deprecated and are currently maintained
# for backwards compatibility. They will be removed in the Queens cycle.
HostCpusList:
default: ''
description: Memory allocated for each socket
type: string
- deployment_actions:
- default: ['CREATE', 'UPDATE']
- type: comma_delimited_list
- description: >
- List of stack actions that will trigger any deployments in this
- templates. The actions will be an empty list of the server is in the
- toplevel DeploymentServerBlacklist parameter's value.
conditions:
is_host_config_required: {not: {equals: [{get_param: [RoleParameters, KernelArgs]}, ""]}}
_TUNED_PROFILE_NAME_: {get_param: [RoleParameters, TunedProfileName]}
_TUNED_CORES_: {get_param: [RoleParameters, IsolCpusList]}
+ RebootConfig:
+ type: OS::Heat::SoftwareConfig
+ condition: is_reboot_config_required
+ properties:
+ group: script
+ config: |
+ #!/bin/bash
+ # Stop os-collect-config to avoid any race collecting another
+ # deployment before reboot happens
+ systemctl stop os-collect-config.service
+ /sbin/reboot
+
+ RebootDeployment:
+ type: OS::Heat::SoftwareDeployment
+ depends_on: HostParametersDeployment
+ condition: is_reboot_config_required
+ properties:
+ name: RebootDeployment
+ server: {get_param: server}
+ config: {get_resource: RebootConfig}
+ actions:
+ if:
+ - deployment_actions_empty
+ - []
+ - ['CREATE'] # Only do this on CREATE
+ signal_transport: NO_SIGNAL
+
+ # With OvS2.7 (which is default with pike), ovs-vswitchd will start dpdk
+ # immediately after setting dpdk-init (behaviour change from ovs2.6).
+ # Starting of DPDK require the huge page configuration to be enabled. So
+ # reboot will happen before DPDK config and we don't need an explicity
+ # restart after dpdk-init as true because of the behavior change.
+ # TODO(skramaja): Dependency is that till the service file workaround, is
+ # maintained, restart of ovs is required.
EnableDpdkConfig:
type: OS::Heat::SoftwareConfig
condition: is_dpdk_config_required
sed -i 's/start_daemon \"\$OVS_VSWITCHD_PRIORITY\"/umask 0002 \&\& start_daemon \"$OVS_VSWITCHD_PRIORITY\"/' $ovs_ctl_path
fi
+ systemctl daemon-reload
+ systemctl restart openvswitch
# DO NOT use --detailed-exitcodes
puppet apply --logdest console \
EnableDpdkDeployment:
type: OS::Heat::SoftwareDeployment
condition: is_dpdk_config_required
+ depends_on: RebootDeployment
properties:
name: EnableDpdkDeployment
server: {get_param: server}
if:
- deployment_actions_empty
- []
- - ['CREATE'] # Only do this on CREATE
-
- RebootConfig:
- type: OS::Heat::SoftwareConfig
- condition: is_reboot_config_required
- properties:
- group: script
- config: |
- #!/bin/bash
- # Stop os-collect-config to avoid any race collecting another
- # deployment before reboot happens
- systemctl stop os-collect-config.service
- /sbin/reboot
-
- RebootDeployment:
- type: OS::Heat::SoftwareDeployment
- depends_on: HostParametersDeployment
- condition: is_reboot_config_required
- properties:
- name: RebootDeployment
- server: {get_param: server}
- config: {get_resource: RebootConfig}
- actions:
- if:
- - deployment_actions_empty
- - []
- - ['CREATE'] # Only do this on CREATE
- signal_transport: NO_SIGNAL
+ - {get_param: EnableDpdkDeploymentActions}
outputs:
result:
log_debug "Restarting openstack ceilometer agent compute"
systemctl restart openstack-ceilometer-compute
yum install -y openstack-nova-migration
+ # https://bugs.launchpad.net/tripleo/+bug/1707926 stop&disable libvirtd
+ log_debug "Stop and disable libvirtd service for upgrade to containers"
+ systemctl stop libvirtd
+ systemctl disable libvirtd
+ log_debug "Stop and disable openstack-nova-compute for upgrade to containers"
+ systemctl stop openstack-nova-compute
+ systemctl disable openstack-nova-compute
fi
# Apply puppet manifest to converge just right after the ${ROLE} upgrade
+++ /dev/null
-heat_template_version: pike
-
-parameters:
- ContrailRepo:
- type: string
- default: http://192.168.24.1/contrail
- VrouterPhysicalInterface:
- default: 'eth0'
- description: vRouter physical interface
- type: string
-
-description: >
- Prepares vhost0 interface to be used by os-net-config
-
-resources:
- userdata:
- type: OS::Heat::MultipartMime
- properties:
- parts:
- - config: {get_resource: vrouter_module_config}
-
- vrouter_module_config:
- type: OS::Heat::SoftwareConfig
- properties:
- config:
- str_replace:
- template: |
- #!/bin/bash
- sed -i '/\[main\]/a \ \ \ \ \parser = future' /etc/puppet/puppet.conf
- cat <<EOF > /etc/yum.repos.d/contrail.repo
- [Contrail]
- name=Contrail Repo
- baseurl=$contrail_repo
- enabled=1
- gpgcheck=0
- protect=1
- EOF
- if [[ `hostname |awk -F"-" '{print $2}'` == "novacompute" || `hostname |awk -F"-" '{print $2}'` == "contrailtsn" ]]; then
- yum install -y contrail-vrouter-utils
- function pkt_setup () {
- for f in /sys/class/net/$1/queues/rx-*
- do
- q="$(echo $f | cut -d '-' -f2)"
- r=$(($q%32))
- s=$(($q/32))
- ((mask=1<<$r))
- str=(`printf "%x" $mask`)
- if [ $s -gt 0 ]; then
- for ((i=0; i < $s; i++))
- do
- str+=,00000000
- done
- fi
- echo $str > $f/rps_cpus
- done
- ifconfig $1 up
- }
- function insert_vrouter() {
- insmod /tmp/vrouter.ko
- if [ -f /sys/class/net/pkt1/queues/rx-0/rps_cpus ]; then
- pkt_setup pkt1
- fi
- if [ -f /sys/class/net/pkt2/queues/rx-0/rps_cpus ]; then
- pkt_setup pkt2
- fi
- if [ -f /sys/class/net/pkt3/queues/rx-0/rps_cpus ]; then
- pkt_setup pkt3
- fi
- DEV_MAC=$(cat /sys/class/net/$phy_int/address)
- vif --create vhost0 --mac $DEV_MAC
- vif --add $phy_int --mac $DEV_MAC --vrf 0 --vhost-phys --type physical
- vif --add vhost0 --mac $DEV_MAC --vrf 0 --type vhost --xconnect $phy_int
- ip link set vhost0 up
- return 0
- }
- yumdownloader contrail-vrouter --destdir /tmp
- cd /tmp
- rpm2cpio /tmp/contrail-vrouter*.rpm | cpio -idmv
- cp `find /tmp/lib/modules -name vrouter.ko |tail -1` /tmp
- insert_vrouter
- if [[ `ifconfig $dev |grep "inet "` ]]; then
- def_gw=''
- if [[ `ip route show |grep default|grep $dev` ]]; then
- def_gw=`ip route show |grep default|grep $dev|awk '{print $3}'`
- fi
- ip=`ifconfig $dev |grep "inet "|awk '{print $2}'`
- mask=`ifconfig $dev |grep "inet "|awk '{print $4}'`
- ip address delete $ip/$mask dev $dev
- ip address add $ip/$mask dev vhost0
- if [[ $def_gw ]]; then
- ip route add default via $def_gw
- fi
- fi
- fi
- params:
- $phy_int: {get_param: VrouterPhysicalInterface}
- $contrail_repo: {get_param: ContrailRepo}
-
-outputs:
- # This means get_resource from the parent template will get the userdata, see:
- # http://docs.openstack.org/developer/heat/template_guide/composition.html#making-your-template-resource-more-transparent
- # Note this is new-for-kilo, an alternative is returning a value then using
- # get_attr in the parent template instead.
- OS::stack_id:
- value: {get_resource: userdata}
str_replace:
template: |
#!/bin/bash
- curl http://169.254.169.254/openstack/2012-08-10/meta_data.json -o /root/meta_data.json
mkdir -p /home/$user/.ssh
chmod 700 /home/$user/.ssh
- cat /root/meta_data.json | jq -r ".keys[0].data" > /home/$user/.ssh/authorized_keys
+ os-apply-config --key public-keys.0.openssh-key --type raw > /home/$user/.ssh/authorized_keys
chmod 600 /home/$user/.ssh/authorized_keys
chown -R $user:$user /home/$user/.ssh
params:
- puppet/blockstorage-role.yaml
- puppet/objectstorage-role.yaml
- puppet/cephstorage-role.yaml
+ - network/internal_api.yaml
+ - network/external.yaml
+ - network/storage.yaml
+ - network/storage_mgmt.yaml
+ - network/tenant.yaml
+ - network/management.yaml
+ - network/internal_api_v6.yaml
+ - network/external_v6.yaml
+ - network/storage_v6.yaml
+ - network/storage_mgmt_v6.yaml
+ - network/tenant_v6.yaml
+ - network/management_v6.yaml
+ - network/ports/internal_api.yaml
+ - network/ports/external.yaml
+ - network/ports/storage.yaml
+ - network/ports/storage_mgmt.yaml
+ - network/ports/tenant.yaml
+ - network/ports/management.yaml
+ - network/ports/internal_api_v6.yaml
+ - network/ports/external_v6.yaml
+ - network/ports/storage_v6.yaml
+ - network/ports/storage_mgmt_v6.yaml
+ - network/ports/tenant_v6.yaml
+ - network/ports/management_v6.yaml
+ - network/ports/internal_api_from_pool.yaml
+ - network/ports/external_from_pool.yaml
+ - network/ports/storage_from_pool.yaml
+ - network/ports/storage_mgmt_from_pool.yaml
+ - network/ports/tenant_from_pool.yaml
+ - network/ports/management_from_pool.yaml
+ - network/ports/internal_api_from_pool_v6.yaml
+ - network/ports/external_from_pool_v6.yaml
+ - network/ports/storage_from_pool_v6.yaml
+ - network/ports/storage_mgmt_from_pool_v6.yaml
+ - network/ports/tenant_from_pool_v6.yaml
+ - network/ports/management_from_pool_v6.yaml
--- /dev/null
+heat_template_version: pike
+
+description: >
+ Software Config to drive os-net-config to configure multiple interfaces
+ for the compute role. This is an example for a Nova compute node using
+ Contrail vrouter and the vhost0 interface.
+
+parameters:
+ ControlPlaneIp:
+ default: ''
+ description: IP address/subnet on the ctlplane network
+ type: string
+ ExternalIpSubnet:
+ default: ''
+ description: IP address/subnet on the external network
+ type: string
+ InternalApiIpSubnet:
+ default: ''
+ description: IP address/subnet on the internal API network
+ type: string
+ InternalApiDefaultRoute: # Not used by default in this template
+ default: '10.0.0.1'
+ description: The default route of the internal api network.
+ type: string
+ StorageIpSubnet:
+ default: ''
+ description: IP address/subnet on the storage network
+ type: string
+ StorageMgmtIpSubnet:
+ default: ''
+ description: IP address/subnet on the storage mgmt network
+ type: string
+ TenantIpSubnet:
+ default: ''
+ description: IP address/subnet on the tenant network
+ type: string
+ ManagementIpSubnet: # Only populated when including environments/network-management.yaml
+ default: ''
+ description: IP address/subnet on the management network
+ type: string
+ ExternalNetworkVlanID:
+ default: 10
+ description: Vlan ID for the external network traffic.
+ type: number
+ InternalApiNetworkVlanID:
+ default: 20
+ description: Vlan ID for the internal_api network traffic.
+ type: number
+ StorageNetworkVlanID:
+ default: 30
+ description: Vlan ID for the storage network traffic.
+ type: number
+ StorageMgmtNetworkVlanID:
+ default: 40
+ description: Vlan ID for the storage mgmt network traffic.
+ type: number
+ TenantNetworkVlanID:
+ default: 50
+ description: Vlan ID for the tenant network traffic.
+ type: number
+ ManagementNetworkVlanID:
+ default: 60
+ description: Vlan ID for the management network traffic.
+ type: number
+ ControlPlaneSubnetCidr: # Override this via parameter_defaults
+ default: '24'
+ description: The subnet CIDR of the control plane network.
+ type: string
+ ControlPlaneDefaultRoute: # Override this via parameter_defaults
+ description: The default route of the control plane network.
+ type: string
+ ExternalInterfaceDefaultRoute: # Not used by default in this template
+ default: '10.0.0.1'
+ description: The default route of the external network.
+ type: string
+ ManagementInterfaceDefaultRoute: # Commented out by default in this template
+ default: unset
+ description: The default route of the management network.
+ type: string
+ DnsServers: # Override this via parameter_defaults
+ default: []
+ description: A list of DNS servers (2 max for some implementations) that will be added to resolv.conf.
+ type: comma_delimited_list
+ EC2MetadataIp: # Override this via parameter_defaults
+ description: The IP address of the EC2 metadata server.
+ type: string
+
+resources:
+ OsNetConfigImpl:
+ type: OS::Heat::SoftwareConfig
+ properties:
+ group: script
+ config:
+ str_replace:
+ template:
+ get_file: ../../scripts/run-os-net-config.sh
+ params:
+ $network_config:
+ network_config:
+ - type: interface
+ name: nic1
+ use_dhcp: false
+ dns_servers:
+ get_param: DnsServers
+ addresses:
+ - ip_netmask:
+ list_join:
+ - '/'
+ - - get_param: ControlPlaneIp
+ - get_param: ControlPlaneSubnetCidr
+ routes:
+ - ip_netmask: 169.254.169.254/32
+ next_hop:
+ get_param: EC2MetadataIp
+ - type: interface
+ name: nic2
+ use_dhcp: false
+ addresses:
+ - ip_netmask:
+ get_param: InternalApiIpSubnet
+ routes:
+ - default: true
+ next_hop:
+ get_param: InternalApiDefaultRoute
+ - type: linux_bridge
+ name: br0
+ use_dhcp: false
+ members:
+ - type: interface
+ name: nic3
+ - type: vlan
+ vlan_id:
+ get_param: ManagementNetworkVlanID
+ device: br0
+ addresses:
+ - ip_netmask:
+ get_param: ManagementIpSubnet
+ - type: vlan
+ vlan_id:
+ get_param: ExternalNetworkVlanID
+ device: br0
+ addresses:
+ - ip_netmask:
+ get_param: ExternalIpSubnet
+ - type: vlan
+ vlan_id:
+ get_param: StorageNetworkVlanID
+ device: br0
+ addresses:
+ - ip_netmask:
+ get_param: StorageIpSubnet
+ - type: vlan
+ vlan_id:
+ get_param: StorageMgmtNetworkVlanID
+ device: br0
+ addresses:
+ - ip_netmask:
+ get_param: StorageMgmtIpSubnet
+
+outputs:
+ OS::stack_id:
+ description: The OsNetConfigImpl resource.
+ value:
+ get_resource: OsNetConfigImpl
net_param: CeilometerApi
port: 8777
-ContrailConfig:
- Internal:
- net_param: ContrailConfig
- Public:
- net_param: Public
- Admin:
- net_param: ContrailConfig
- port: 8082
-
-ContrailDiscovery:
- Internal:
- net_param: ContrailConfig
- Public:
- net_param: Public
- Admin:
- net_param: ContrailConfig
- port: 5998
-
-ContrailAnalyticsCollectorHttp:
- Internal:
- net_param: ContrailAnalytics
- Public:
- net_param: Public
- Admin:
- net_param: ContrailAnalytics
- port: 8089
-
-ContrailAnalyticsApi:
- Internal:
- net_param: ContrailAnalytics
- Public:
- net_param: Public
- Admin:
- net_param: ContrailAnalytics
- port: 8081
-
-ContrailAnalyticsHttp:
- Internal:
- net_param: ContrailAnalytics
- Public:
- net_param: Public
- Admin:
- net_param: ContrailAnalytics
- port: 8090
-
-ContrailAnalyticsCollectorSandesh:
- Internal:
- net_param: ContrailAnalytics
- Public:
- net_param: Public
- Admin:
- net_param: ContrailAnalytics
- port: 8086
-
-ContrailAnalyticsRedis:
- Internal:
- net_param: ContrailAnalytics
- Public:
- net_param: Public
- Admin:
- net_param: ContrailAnalytics
- port: 6379
-
-ContrailWebuiHttp:
- Internal:
- net_param: ContrailConfig
- Public:
- net_param: Public
- Admin:
- net_param: ContrailConfig
- port: 8080
-
-ContrailWebuiHttps:
- Internal:
- net_param: ContrailConfig
- Public:
- net_param: Public
- Admin:
- net_param: ContrailConfig
- port: 8143
-
Ec2Api:
Internal:
net_param: Ec2Api
CongressAdmin: {protocol: http, port: '1789', host: IP_ADDRESS}
CongressInternal: {protocol: http, port: '1789', host: IP_ADDRESS}
CongressPublic: {protocol: http, port: '1789', host: IP_ADDRESS}
- ContrailAnalyticsApiAdmin: {protocol: http, port: '8081', host: IP_ADDRESS}
- ContrailAnalyticsApiInternal: {protocol: http, port: '8081', host: IP_ADDRESS}
- ContrailAnalyticsApiPublic: {protocol: http, port: '8081', host: IP_ADDRESS}
- ContrailAnalyticsCollectorHttpAdmin: {protocol: http, port: '8089',
- host: IP_ADDRESS}
- ContrailAnalyticsCollectorHttpInternal: {protocol: http, port: '8089',
- host: IP_ADDRESS}
- ContrailAnalyticsCollectorHttpPublic: {protocol: http, port: '8089',
- host: IP_ADDRESS}
- ContrailAnalyticsCollectorSandeshAdmin: {protocol: http, port: '8086',
- host: IP_ADDRESS}
- ContrailAnalyticsCollectorSandeshInternal: {protocol: http, port: '8086',
- host: IP_ADDRESS}
- ContrailAnalyticsCollectorSandeshPublic: {protocol: http, port: '8086',
- host: IP_ADDRESS}
- ContrailAnalyticsHttpAdmin: {protocol: http, port: '8090', host: IP_ADDRESS}
- ContrailAnalyticsHttpInternal: {protocol: http, port: '8090', host: IP_ADDRESS}
- ContrailAnalyticsHttpPublic: {protocol: http, port: '8090', host: IP_ADDRESS}
- ContrailAnalyticsRedisAdmin: {protocol: http, port: '6379', host: IP_ADDRESS}
- ContrailAnalyticsRedisInternal: {protocol: http, port: '6379', host: IP_ADDRESS}
- ContrailAnalyticsRedisPublic: {protocol: http, port: '6379', host: IP_ADDRESS}
- ContrailConfigAdmin: {protocol: http, port: '8082', host: IP_ADDRESS}
- ContrailConfigInternal: {protocol: http, port: '8082', host: IP_ADDRESS}
- ContrailConfigPublic: {protocol: http, port: '8082', host: IP_ADDRESS}
- ContrailDiscoveryAdmin: {protocol: http, port: '5998', host: IP_ADDRESS}
- ContrailDiscoveryInternal: {protocol: http, port: '5998', host: IP_ADDRESS}
- ContrailDiscoveryPublic: {protocol: http, port: '5998', host: IP_ADDRESS}
- ContrailWebuiHttpAdmin: {protocol: http, port: '8080', host: IP_ADDRESS}
- ContrailWebuiHttpInternal: {protocol: http, port: '8080', host: IP_ADDRESS}
- ContrailWebuiHttpPublic: {protocol: http, port: '8080', host: IP_ADDRESS}
- ContrailWebuiHttpsAdmin: {protocol: http, port: '8143', host: IP_ADDRESS}
- ContrailWebuiHttpsInternal: {protocol: http, port: '8143', host: IP_ADDRESS}
- ContrailWebuiHttpsPublic: {protocol: http, port: '8143', host: IP_ADDRESS}
Ec2ApiAdmin: {protocol: http, port: '8788', host: IP_ADDRESS}
Ec2ApiInternal: {protocol: http, port: '8788', host: IP_ADDRESS}
Ec2ApiPublic: {protocol: http, port: '8788', host: IP_ADDRESS}
template: NETWORK_uri
- ':'
- get_param: [EndpointMap, CongressPublic, port]
- ContrailAnalyticsApiAdmin:
- host:
- str_replace:
- template:
- get_param: [EndpointMap, ContrailAnalyticsApiAdmin, host]
- params:
- CLOUDNAME:
- get_param:
- - CloudEndpoints
- - get_param: [ServiceNetMap, ContrailAnalyticsNetwork]
- IP_ADDRESS:
- get_param:
- - NetIpMap
- - str_replace:
- params:
- NETWORK:
- get_param: [ServiceNetMap, ContrailAnalyticsNetwork]
- template: NETWORK_uri
- host_nobrackets:
- str_replace:
- template:
- get_param: [EndpointMap, ContrailAnalyticsApiAdmin, host]
- params:
- CLOUDNAME:
- get_param:
- - CloudEndpoints
- - get_param: [ServiceNetMap, ContrailAnalyticsNetwork]
- IP_ADDRESS:
- get_param:
- - NetIpMap
- - get_param: [ServiceNetMap, ContrailAnalyticsNetwork]
- port:
- get_param: [EndpointMap, ContrailAnalyticsApiAdmin, port]
- protocol:
- get_param: [EndpointMap, ContrailAnalyticsApiAdmin, protocol]
- uri:
- list_join:
- - ''
- - - get_param: [EndpointMap, ContrailAnalyticsApiAdmin, protocol]
- - ://
- - str_replace:
- template:
- get_param: [EndpointMap, ContrailAnalyticsApiAdmin,
- host]
- params:
- CLOUDNAME:
- get_param:
- - CloudEndpoints
- - get_param: [ServiceNetMap, ContrailAnalyticsNetwork]
- IP_ADDRESS:
- get_param:
- - NetIpMap
- - str_replace:
- params:
- NETWORK:
- get_param: [ServiceNetMap, ContrailAnalyticsNetwork]
- template: NETWORK_uri
- - ':'
- - get_param: [EndpointMap, ContrailAnalyticsApiAdmin, port]
- uri_no_suffix:
- list_join:
- - ''
- - - get_param: [EndpointMap, ContrailAnalyticsApiAdmin, protocol]
- - ://
- - str_replace:
- template:
- get_param: [EndpointMap, ContrailAnalyticsApiAdmin,
- host]
- params:
- CLOUDNAME:
- get_param:
- - CloudEndpoints
- - get_param: [ServiceNetMap, ContrailAnalyticsNetwork]
- IP_ADDRESS:
- get_param:
- - NetIpMap
- - str_replace:
- params:
- NETWORK:
- get_param: [ServiceNetMap, ContrailAnalyticsNetwork]
- template: NETWORK_uri
- - ':'
- - get_param: [EndpointMap, ContrailAnalyticsApiAdmin, port]
- ContrailAnalyticsApiInternal:
- host:
- str_replace:
- template:
- get_param: [EndpointMap, ContrailAnalyticsApiInternal, host]
- params:
- CLOUDNAME:
- get_param:
- - CloudEndpoints
- - get_param: [ServiceNetMap, ContrailAnalyticsNetwork]
- IP_ADDRESS:
- get_param:
- - NetIpMap
- - str_replace:
- params:
- NETWORK:
- get_param: [ServiceNetMap, ContrailAnalyticsNetwork]
- template: NETWORK_uri
- host_nobrackets:
- str_replace:
- template:
- get_param: [EndpointMap, ContrailAnalyticsApiInternal, host]
- params:
- CLOUDNAME:
- get_param:
- - CloudEndpoints
- - get_param: [ServiceNetMap, ContrailAnalyticsNetwork]
- IP_ADDRESS:
- get_param:
- - NetIpMap
- - get_param: [ServiceNetMap, ContrailAnalyticsNetwork]
- port:
- get_param: [EndpointMap, ContrailAnalyticsApiInternal, port]
- protocol:
- get_param: [EndpointMap, ContrailAnalyticsApiInternal, protocol]
- uri:
- list_join:
- - ''
- - - get_param: [EndpointMap, ContrailAnalyticsApiInternal, protocol]
- - ://
- - str_replace:
- template:
- get_param: [EndpointMap, ContrailAnalyticsApiInternal,
- host]
- params:
- CLOUDNAME:
- get_param:
- - CloudEndpoints
- - get_param: [ServiceNetMap, ContrailAnalyticsNetwork]
- IP_ADDRESS:
- get_param:
- - NetIpMap
- - str_replace:
- params:
- NETWORK:
- get_param: [ServiceNetMap, ContrailAnalyticsNetwork]
- template: NETWORK_uri
- - ':'
- - get_param: [EndpointMap, ContrailAnalyticsApiInternal, port]
- uri_no_suffix:
- list_join:
- - ''
- - - get_param: [EndpointMap, ContrailAnalyticsApiInternal, protocol]
- - ://
- - str_replace:
- template:
- get_param: [EndpointMap, ContrailAnalyticsApiInternal,
- host]
- params:
- CLOUDNAME:
- get_param:
- - CloudEndpoints
- - get_param: [ServiceNetMap, ContrailAnalyticsNetwork]
- IP_ADDRESS:
- get_param:
- - NetIpMap
- - str_replace:
- params:
- NETWORK:
- get_param: [ServiceNetMap, ContrailAnalyticsNetwork]
- template: NETWORK_uri
- - ':'
- - get_param: [EndpointMap, ContrailAnalyticsApiInternal, port]
- ContrailAnalyticsApiPublic:
- host:
- str_replace:
- template:
- get_param: [EndpointMap, ContrailAnalyticsApiPublic, host]
- params:
- CLOUDNAME:
- get_param:
- - CloudEndpoints
- - get_param: [ServiceNetMap, PublicNetwork]
- IP_ADDRESS:
- get_param:
- - NetIpMap
- - str_replace:
- params:
- NETWORK:
- get_param: [ServiceNetMap, PublicNetwork]
- template: NETWORK_uri
- host_nobrackets:
- str_replace:
- template:
- get_param: [EndpointMap, ContrailAnalyticsApiPublic, host]
- params:
- CLOUDNAME:
- get_param:
- - CloudEndpoints
- - get_param: [ServiceNetMap, PublicNetwork]
- IP_ADDRESS:
- get_param:
- - NetIpMap
- - get_param: [ServiceNetMap, PublicNetwork]
- port:
- get_param: [EndpointMap, ContrailAnalyticsApiPublic, port]
- protocol:
- get_param: [EndpointMap, ContrailAnalyticsApiPublic, protocol]
- uri:
- list_join:
- - ''
- - - get_param: [EndpointMap, ContrailAnalyticsApiPublic, protocol]
- - ://
- - str_replace:
- template:
- get_param: [EndpointMap, ContrailAnalyticsApiPublic,
- host]
- params:
- CLOUDNAME:
- get_param:
- - CloudEndpoints
- - get_param: [ServiceNetMap, PublicNetwork]
- IP_ADDRESS:
- get_param:
- - NetIpMap
- - str_replace:
- params:
- NETWORK:
- get_param: [ServiceNetMap, PublicNetwork]
- template: NETWORK_uri
- - ':'
- - get_param: [EndpointMap, ContrailAnalyticsApiPublic, port]
- uri_no_suffix:
- list_join:
- - ''
- - - get_param: [EndpointMap, ContrailAnalyticsApiPublic, protocol]
- - ://
- - str_replace:
- template:
- get_param: [EndpointMap, ContrailAnalyticsApiPublic,
- host]
- params:
- CLOUDNAME:
- get_param:
- - CloudEndpoints
- - get_param: [ServiceNetMap, PublicNetwork]
- IP_ADDRESS:
- get_param:
- - NetIpMap
- - str_replace:
- params:
- NETWORK:
- get_param: [ServiceNetMap, PublicNetwork]
- template: NETWORK_uri
- - ':'
- - get_param: [EndpointMap, ContrailAnalyticsApiPublic, port]
- ContrailAnalyticsCollectorHttpAdmin:
- host:
- str_replace:
- template:
- get_param: [EndpointMap, ContrailAnalyticsCollectorHttpAdmin,
- host]
- params:
- CLOUDNAME:
- get_param:
- - CloudEndpoints
- - get_param: [ServiceNetMap, ContrailAnalyticsNetwork]
- IP_ADDRESS:
- get_param:
- - NetIpMap
- - str_replace:
- params:
- NETWORK:
- get_param: [ServiceNetMap, ContrailAnalyticsNetwork]
- template: NETWORK_uri
- host_nobrackets:
- str_replace:
- template:
- get_param: [EndpointMap, ContrailAnalyticsCollectorHttpAdmin,
- host]
- params:
- CLOUDNAME:
- get_param:
- - CloudEndpoints
- - get_param: [ServiceNetMap, ContrailAnalyticsNetwork]
- IP_ADDRESS:
- get_param:
- - NetIpMap
- - get_param: [ServiceNetMap, ContrailAnalyticsNetwork]
- port:
- get_param: [EndpointMap, ContrailAnalyticsCollectorHttpAdmin,
- port]
- protocol:
- get_param: [EndpointMap, ContrailAnalyticsCollectorHttpAdmin,
- protocol]
- uri:
- list_join:
- - ''
- - - get_param: [EndpointMap, ContrailAnalyticsCollectorHttpAdmin,
- protocol]
- - ://
- - str_replace:
- template:
- get_param: [EndpointMap, ContrailAnalyticsCollectorHttpAdmin,
- host]
- params:
- CLOUDNAME:
- get_param:
- - CloudEndpoints
- - get_param: [ServiceNetMap, ContrailAnalyticsNetwork]
- IP_ADDRESS:
- get_param:
- - NetIpMap
- - str_replace:
- params:
- NETWORK:
- get_param: [ServiceNetMap, ContrailAnalyticsNetwork]
- template: NETWORK_uri
- - ':'
- - get_param: [EndpointMap, ContrailAnalyticsCollectorHttpAdmin,
- port]
- uri_no_suffix:
- list_join:
- - ''
- - - get_param: [EndpointMap, ContrailAnalyticsCollectorHttpAdmin,
- protocol]
- - ://
- - str_replace:
- template:
- get_param: [EndpointMap, ContrailAnalyticsCollectorHttpAdmin,
- host]
- params:
- CLOUDNAME:
- get_param:
- - CloudEndpoints
- - get_param: [ServiceNetMap, ContrailAnalyticsNetwork]
- IP_ADDRESS:
- get_param:
- - NetIpMap
- - str_replace:
- params:
- NETWORK:
- get_param: [ServiceNetMap, ContrailAnalyticsNetwork]
- template: NETWORK_uri
- - ':'
- - get_param: [EndpointMap, ContrailAnalyticsCollectorHttpAdmin,
- port]
- ContrailAnalyticsCollectorHttpInternal:
- host:
- str_replace:
- template:
- get_param: [EndpointMap, ContrailAnalyticsCollectorHttpInternal,
- host]
- params:
- CLOUDNAME:
- get_param:
- - CloudEndpoints
- - get_param: [ServiceNetMap, ContrailAnalyticsNetwork]
- IP_ADDRESS:
- get_param:
- - NetIpMap
- - str_replace:
- params:
- NETWORK:
- get_param: [ServiceNetMap, ContrailAnalyticsNetwork]
- template: NETWORK_uri
- host_nobrackets:
- str_replace:
- template:
- get_param: [EndpointMap, ContrailAnalyticsCollectorHttpInternal,
- host]
- params:
- CLOUDNAME:
- get_param:
- - CloudEndpoints
- - get_param: [ServiceNetMap, ContrailAnalyticsNetwork]
- IP_ADDRESS:
- get_param:
- - NetIpMap
- - get_param: [ServiceNetMap, ContrailAnalyticsNetwork]
- port:
- get_param: [EndpointMap, ContrailAnalyticsCollectorHttpInternal,
- port]
- protocol:
- get_param: [EndpointMap, ContrailAnalyticsCollectorHttpInternal,
- protocol]
- uri:
- list_join:
- - ''
- - - get_param: [EndpointMap, ContrailAnalyticsCollectorHttpInternal,
- protocol]
- - ://
- - str_replace:
- template:
- get_param: [EndpointMap, ContrailAnalyticsCollectorHttpInternal,
- host]
- params:
- CLOUDNAME:
- get_param:
- - CloudEndpoints
- - get_param: [ServiceNetMap, ContrailAnalyticsNetwork]
- IP_ADDRESS:
- get_param:
- - NetIpMap
- - str_replace:
- params:
- NETWORK:
- get_param: [ServiceNetMap, ContrailAnalyticsNetwork]
- template: NETWORK_uri
- - ':'
- - get_param: [EndpointMap, ContrailAnalyticsCollectorHttpInternal,
- port]
- uri_no_suffix:
- list_join:
- - ''
- - - get_param: [EndpointMap, ContrailAnalyticsCollectorHttpInternal,
- protocol]
- - ://
- - str_replace:
- template:
- get_param: [EndpointMap, ContrailAnalyticsCollectorHttpInternal,
- host]
- params:
- CLOUDNAME:
- get_param:
- - CloudEndpoints
- - get_param: [ServiceNetMap, ContrailAnalyticsNetwork]
- IP_ADDRESS:
- get_param:
- - NetIpMap
- - str_replace:
- params:
- NETWORK:
- get_param: [ServiceNetMap, ContrailAnalyticsNetwork]
- template: NETWORK_uri
- - ':'
- - get_param: [EndpointMap, ContrailAnalyticsCollectorHttpInternal,
- port]
- ContrailAnalyticsCollectorHttpPublic:
- host:
- str_replace:
- template:
- get_param: [EndpointMap, ContrailAnalyticsCollectorHttpPublic,
- host]
- params:
- CLOUDNAME:
- get_param:
- - CloudEndpoints
- - get_param: [ServiceNetMap, PublicNetwork]
- IP_ADDRESS:
- get_param:
- - NetIpMap
- - str_replace:
- params:
- NETWORK:
- get_param: [ServiceNetMap, PublicNetwork]
- template: NETWORK_uri
- host_nobrackets:
- str_replace:
- template:
- get_param: [EndpointMap, ContrailAnalyticsCollectorHttpPublic,
- host]
- params:
- CLOUDNAME:
- get_param:
- - CloudEndpoints
- - get_param: [ServiceNetMap, PublicNetwork]
- IP_ADDRESS:
- get_param:
- - NetIpMap
- - get_param: [ServiceNetMap, PublicNetwork]
- port:
- get_param: [EndpointMap, ContrailAnalyticsCollectorHttpPublic,
- port]
- protocol:
- get_param: [EndpointMap, ContrailAnalyticsCollectorHttpPublic,
- protocol]
- uri:
- list_join:
- - ''
- - - get_param: [EndpointMap, ContrailAnalyticsCollectorHttpPublic,
- protocol]
- - ://
- - str_replace:
- template:
- get_param: [EndpointMap, ContrailAnalyticsCollectorHttpPublic,
- host]
- params:
- CLOUDNAME:
- get_param:
- - CloudEndpoints
- - get_param: [ServiceNetMap, PublicNetwork]
- IP_ADDRESS:
- get_param:
- - NetIpMap
- - str_replace:
- params:
- NETWORK:
- get_param: [ServiceNetMap, PublicNetwork]
- template: NETWORK_uri
- - ':'
- - get_param: [EndpointMap, ContrailAnalyticsCollectorHttpPublic,
- port]
- uri_no_suffix:
- list_join:
- - ''
- - - get_param: [EndpointMap, ContrailAnalyticsCollectorHttpPublic,
- protocol]
- - ://
- - str_replace:
- template:
- get_param: [EndpointMap, ContrailAnalyticsCollectorHttpPublic,
- host]
- params:
- CLOUDNAME:
- get_param:
- - CloudEndpoints
- - get_param: [ServiceNetMap, PublicNetwork]
- IP_ADDRESS:
- get_param:
- - NetIpMap
- - str_replace:
- params:
- NETWORK:
- get_param: [ServiceNetMap, PublicNetwork]
- template: NETWORK_uri
- - ':'
- - get_param: [EndpointMap, ContrailAnalyticsCollectorHttpPublic,
- port]
- ContrailAnalyticsCollectorSandeshAdmin:
- host:
- str_replace:
- template:
- get_param: [EndpointMap, ContrailAnalyticsCollectorSandeshAdmin,
- host]
- params:
- CLOUDNAME:
- get_param:
- - CloudEndpoints
- - get_param: [ServiceNetMap, ContrailAnalyticsNetwork]
- IP_ADDRESS:
- get_param:
- - NetIpMap
- - str_replace:
- params:
- NETWORK:
- get_param: [ServiceNetMap, ContrailAnalyticsNetwork]
- template: NETWORK_uri
- host_nobrackets:
- str_replace:
- template:
- get_param: [EndpointMap, ContrailAnalyticsCollectorSandeshAdmin,
- host]
- params:
- CLOUDNAME:
- get_param:
- - CloudEndpoints
- - get_param: [ServiceNetMap, ContrailAnalyticsNetwork]
- IP_ADDRESS:
- get_param:
- - NetIpMap
- - get_param: [ServiceNetMap, ContrailAnalyticsNetwork]
- port:
- get_param: [EndpointMap, ContrailAnalyticsCollectorSandeshAdmin,
- port]
- protocol:
- get_param: [EndpointMap, ContrailAnalyticsCollectorSandeshAdmin,
- protocol]
- uri:
- list_join:
- - ''
- - - get_param: [EndpointMap, ContrailAnalyticsCollectorSandeshAdmin,
- protocol]
- - ://
- - str_replace:
- template:
- get_param: [EndpointMap, ContrailAnalyticsCollectorSandeshAdmin,
- host]
- params:
- CLOUDNAME:
- get_param:
- - CloudEndpoints
- - get_param: [ServiceNetMap, ContrailAnalyticsNetwork]
- IP_ADDRESS:
- get_param:
- - NetIpMap
- - str_replace:
- params:
- NETWORK:
- get_param: [ServiceNetMap, ContrailAnalyticsNetwork]
- template: NETWORK_uri
- - ':'
- - get_param: [EndpointMap, ContrailAnalyticsCollectorSandeshAdmin,
- port]
- uri_no_suffix:
- list_join:
- - ''
- - - get_param: [EndpointMap, ContrailAnalyticsCollectorSandeshAdmin,
- protocol]
- - ://
- - str_replace:
- template:
- get_param: [EndpointMap, ContrailAnalyticsCollectorSandeshAdmin,
- host]
- params:
- CLOUDNAME:
- get_param:
- - CloudEndpoints
- - get_param: [ServiceNetMap, ContrailAnalyticsNetwork]
- IP_ADDRESS:
- get_param:
- - NetIpMap
- - str_replace:
- params:
- NETWORK:
- get_param: [ServiceNetMap, ContrailAnalyticsNetwork]
- template: NETWORK_uri
- - ':'
- - get_param: [EndpointMap, ContrailAnalyticsCollectorSandeshAdmin,
- port]
- ContrailAnalyticsCollectorSandeshInternal:
- host:
- str_replace:
- template:
- get_param: [EndpointMap, ContrailAnalyticsCollectorSandeshInternal,
- host]
- params:
- CLOUDNAME:
- get_param:
- - CloudEndpoints
- - get_param: [ServiceNetMap, ContrailAnalyticsNetwork]
- IP_ADDRESS:
- get_param:
- - NetIpMap
- - str_replace:
- params:
- NETWORK:
- get_param: [ServiceNetMap, ContrailAnalyticsNetwork]
- template: NETWORK_uri
- host_nobrackets:
- str_replace:
- template:
- get_param: [EndpointMap, ContrailAnalyticsCollectorSandeshInternal,
- host]
- params:
- CLOUDNAME:
- get_param:
- - CloudEndpoints
- - get_param: [ServiceNetMap, ContrailAnalyticsNetwork]
- IP_ADDRESS:
- get_param:
- - NetIpMap
- - get_param: [ServiceNetMap, ContrailAnalyticsNetwork]
- port:
- get_param: [EndpointMap, ContrailAnalyticsCollectorSandeshInternal,
- port]
- protocol:
- get_param: [EndpointMap, ContrailAnalyticsCollectorSandeshInternal,
- protocol]
- uri:
- list_join:
- - ''
- - - get_param: [EndpointMap, ContrailAnalyticsCollectorSandeshInternal,
- protocol]
- - ://
- - str_replace:
- template:
- get_param: [EndpointMap, ContrailAnalyticsCollectorSandeshInternal,
- host]
- params:
- CLOUDNAME:
- get_param:
- - CloudEndpoints
- - get_param: [ServiceNetMap, ContrailAnalyticsNetwork]
- IP_ADDRESS:
- get_param:
- - NetIpMap
- - str_replace:
- params:
- NETWORK:
- get_param: [ServiceNetMap, ContrailAnalyticsNetwork]
- template: NETWORK_uri
- - ':'
- - get_param: [EndpointMap, ContrailAnalyticsCollectorSandeshInternal,
- port]
- uri_no_suffix:
- list_join:
- - ''
- - - get_param: [EndpointMap, ContrailAnalyticsCollectorSandeshInternal,
- protocol]
- - ://
- - str_replace:
- template:
- get_param: [EndpointMap, ContrailAnalyticsCollectorSandeshInternal,
- host]
- params:
- CLOUDNAME:
- get_param:
- - CloudEndpoints
- - get_param: [ServiceNetMap, ContrailAnalyticsNetwork]
- IP_ADDRESS:
- get_param:
- - NetIpMap
- - str_replace:
- params:
- NETWORK:
- get_param: [ServiceNetMap, ContrailAnalyticsNetwork]
- template: NETWORK_uri
- - ':'
- - get_param: [EndpointMap, ContrailAnalyticsCollectorSandeshInternal,
- port]
- ContrailAnalyticsCollectorSandeshPublic:
- host:
- str_replace:
- template:
- get_param: [EndpointMap, ContrailAnalyticsCollectorSandeshPublic,
- host]
- params:
- CLOUDNAME:
- get_param:
- - CloudEndpoints
- - get_param: [ServiceNetMap, PublicNetwork]
- IP_ADDRESS:
- get_param:
- - NetIpMap
- - str_replace:
- params:
- NETWORK:
- get_param: [ServiceNetMap, PublicNetwork]
- template: NETWORK_uri
- host_nobrackets:
- str_replace:
- template:
- get_param: [EndpointMap, ContrailAnalyticsCollectorSandeshPublic,
- host]
- params:
- CLOUDNAME:
- get_param:
- - CloudEndpoints
- - get_param: [ServiceNetMap, PublicNetwork]
- IP_ADDRESS:
- get_param:
- - NetIpMap
- - get_param: [ServiceNetMap, PublicNetwork]
- port:
- get_param: [EndpointMap, ContrailAnalyticsCollectorSandeshPublic,
- port]
- protocol:
- get_param: [EndpointMap, ContrailAnalyticsCollectorSandeshPublic,
- protocol]
- uri:
- list_join:
- - ''
- - - get_param: [EndpointMap, ContrailAnalyticsCollectorSandeshPublic,
- protocol]
- - ://
- - str_replace:
- template:
- get_param: [EndpointMap, ContrailAnalyticsCollectorSandeshPublic,
- host]
- params:
- CLOUDNAME:
- get_param:
- - CloudEndpoints
- - get_param: [ServiceNetMap, PublicNetwork]
- IP_ADDRESS:
- get_param:
- - NetIpMap
- - str_replace:
- params:
- NETWORK:
- get_param: [ServiceNetMap, PublicNetwork]
- template: NETWORK_uri
- - ':'
- - get_param: [EndpointMap, ContrailAnalyticsCollectorSandeshPublic,
- port]
- uri_no_suffix:
- list_join:
- - ''
- - - get_param: [EndpointMap, ContrailAnalyticsCollectorSandeshPublic,
- protocol]
- - ://
- - str_replace:
- template:
- get_param: [EndpointMap, ContrailAnalyticsCollectorSandeshPublic,
- host]
- params:
- CLOUDNAME:
- get_param:
- - CloudEndpoints
- - get_param: [ServiceNetMap, PublicNetwork]
- IP_ADDRESS:
- get_param:
- - NetIpMap
- - str_replace:
- params:
- NETWORK:
- get_param: [ServiceNetMap, PublicNetwork]
- template: NETWORK_uri
- - ':'
- - get_param: [EndpointMap, ContrailAnalyticsCollectorSandeshPublic,
- port]
- ContrailAnalyticsHttpAdmin:
- host:
- str_replace:
- template:
- get_param: [EndpointMap, ContrailAnalyticsHttpAdmin, host]
- params:
- CLOUDNAME:
- get_param:
- - CloudEndpoints
- - get_param: [ServiceNetMap, ContrailAnalyticsNetwork]
- IP_ADDRESS:
- get_param:
- - NetIpMap
- - str_replace:
- params:
- NETWORK:
- get_param: [ServiceNetMap, ContrailAnalyticsNetwork]
- template: NETWORK_uri
- host_nobrackets:
- str_replace:
- template:
- get_param: [EndpointMap, ContrailAnalyticsHttpAdmin, host]
- params:
- CLOUDNAME:
- get_param:
- - CloudEndpoints
- - get_param: [ServiceNetMap, ContrailAnalyticsNetwork]
- IP_ADDRESS:
- get_param:
- - NetIpMap
- - get_param: [ServiceNetMap, ContrailAnalyticsNetwork]
- port:
- get_param: [EndpointMap, ContrailAnalyticsHttpAdmin, port]
- protocol:
- get_param: [EndpointMap, ContrailAnalyticsHttpAdmin, protocol]
- uri:
- list_join:
- - ''
- - - get_param: [EndpointMap, ContrailAnalyticsHttpAdmin, protocol]
- - ://
- - str_replace:
- template:
- get_param: [EndpointMap, ContrailAnalyticsHttpAdmin,
- host]
- params:
- CLOUDNAME:
- get_param:
- - CloudEndpoints
- - get_param: [ServiceNetMap, ContrailAnalyticsNetwork]
- IP_ADDRESS:
- get_param:
- - NetIpMap
- - str_replace:
- params:
- NETWORK:
- get_param: [ServiceNetMap, ContrailAnalyticsNetwork]
- template: NETWORK_uri
- - ':'
- - get_param: [EndpointMap, ContrailAnalyticsHttpAdmin, port]
- uri_no_suffix:
- list_join:
- - ''
- - - get_param: [EndpointMap, ContrailAnalyticsHttpAdmin, protocol]
- - ://
- - str_replace:
- template:
- get_param: [EndpointMap, ContrailAnalyticsHttpAdmin,
- host]
- params:
- CLOUDNAME:
- get_param:
- - CloudEndpoints
- - get_param: [ServiceNetMap, ContrailAnalyticsNetwork]
- IP_ADDRESS:
- get_param:
- - NetIpMap
- - str_replace:
- params:
- NETWORK:
- get_param: [ServiceNetMap, ContrailAnalyticsNetwork]
- template: NETWORK_uri
- - ':'
- - get_param: [EndpointMap, ContrailAnalyticsHttpAdmin, port]
- ContrailAnalyticsHttpInternal:
- host:
- str_replace:
- template:
- get_param: [EndpointMap, ContrailAnalyticsHttpInternal,
- host]
- params:
- CLOUDNAME:
- get_param:
- - CloudEndpoints
- - get_param: [ServiceNetMap, ContrailAnalyticsNetwork]
- IP_ADDRESS:
- get_param:
- - NetIpMap
- - str_replace:
- params:
- NETWORK:
- get_param: [ServiceNetMap, ContrailAnalyticsNetwork]
- template: NETWORK_uri
- host_nobrackets:
- str_replace:
- template:
- get_param: [EndpointMap, ContrailAnalyticsHttpInternal,
- host]
- params:
- CLOUDNAME:
- get_param:
- - CloudEndpoints
- - get_param: [ServiceNetMap, ContrailAnalyticsNetwork]
- IP_ADDRESS:
- get_param:
- - NetIpMap
- - get_param: [ServiceNetMap, ContrailAnalyticsNetwork]
- port:
- get_param: [EndpointMap, ContrailAnalyticsHttpInternal, port]
- protocol:
- get_param: [EndpointMap, ContrailAnalyticsHttpInternal, protocol]
- uri:
- list_join:
- - ''
- - - get_param: [EndpointMap, ContrailAnalyticsHttpInternal,
- protocol]
- - ://
- - str_replace:
- template:
- get_param: [EndpointMap, ContrailAnalyticsHttpInternal,
- host]
- params:
- CLOUDNAME:
- get_param:
- - CloudEndpoints
- - get_param: [ServiceNetMap, ContrailAnalyticsNetwork]
- IP_ADDRESS:
- get_param:
- - NetIpMap
- - str_replace:
- params:
- NETWORK:
- get_param: [ServiceNetMap, ContrailAnalyticsNetwork]
- template: NETWORK_uri
- - ':'
- - get_param: [EndpointMap, ContrailAnalyticsHttpInternal,
- port]
- uri_no_suffix:
- list_join:
- - ''
- - - get_param: [EndpointMap, ContrailAnalyticsHttpInternal,
- protocol]
- - ://
- - str_replace:
- template:
- get_param: [EndpointMap, ContrailAnalyticsHttpInternal,
- host]
- params:
- CLOUDNAME:
- get_param:
- - CloudEndpoints
- - get_param: [ServiceNetMap, ContrailAnalyticsNetwork]
- IP_ADDRESS:
- get_param:
- - NetIpMap
- - str_replace:
- params:
- NETWORK:
- get_param: [ServiceNetMap, ContrailAnalyticsNetwork]
- template: NETWORK_uri
- - ':'
- - get_param: [EndpointMap, ContrailAnalyticsHttpInternal,
- port]
- ContrailAnalyticsHttpPublic:
- host:
- str_replace:
- template:
- get_param: [EndpointMap, ContrailAnalyticsHttpPublic, host]
- params:
- CLOUDNAME:
- get_param:
- - CloudEndpoints
- - get_param: [ServiceNetMap, PublicNetwork]
- IP_ADDRESS:
- get_param:
- - NetIpMap
- - str_replace:
- params:
- NETWORK:
- get_param: [ServiceNetMap, PublicNetwork]
- template: NETWORK_uri
- host_nobrackets:
- str_replace:
- template:
- get_param: [EndpointMap, ContrailAnalyticsHttpPublic, host]
- params:
- CLOUDNAME:
- get_param:
- - CloudEndpoints
- - get_param: [ServiceNetMap, PublicNetwork]
- IP_ADDRESS:
- get_param:
- - NetIpMap
- - get_param: [ServiceNetMap, PublicNetwork]
- port:
- get_param: [EndpointMap, ContrailAnalyticsHttpPublic, port]
- protocol:
- get_param: [EndpointMap, ContrailAnalyticsHttpPublic, protocol]
- uri:
- list_join:
- - ''
- - - get_param: [EndpointMap, ContrailAnalyticsHttpPublic, protocol]
- - ://
- - str_replace:
- template:
- get_param: [EndpointMap, ContrailAnalyticsHttpPublic,
- host]
- params:
- CLOUDNAME:
- get_param:
- - CloudEndpoints
- - get_param: [ServiceNetMap, PublicNetwork]
- IP_ADDRESS:
- get_param:
- - NetIpMap
- - str_replace:
- params:
- NETWORK:
- get_param: [ServiceNetMap, PublicNetwork]
- template: NETWORK_uri
- - ':'
- - get_param: [EndpointMap, ContrailAnalyticsHttpPublic, port]
- uri_no_suffix:
- list_join:
- - ''
- - - get_param: [EndpointMap, ContrailAnalyticsHttpPublic, protocol]
- - ://
- - str_replace:
- template:
- get_param: [EndpointMap, ContrailAnalyticsHttpPublic,
- host]
- params:
- CLOUDNAME:
- get_param:
- - CloudEndpoints
- - get_param: [ServiceNetMap, PublicNetwork]
- IP_ADDRESS:
- get_param:
- - NetIpMap
- - str_replace:
- params:
- NETWORK:
- get_param: [ServiceNetMap, PublicNetwork]
- template: NETWORK_uri
- - ':'
- - get_param: [EndpointMap, ContrailAnalyticsHttpPublic, port]
- ContrailAnalyticsRedisAdmin:
- host:
- str_replace:
- template:
- get_param: [EndpointMap, ContrailAnalyticsRedisAdmin, host]
- params:
- CLOUDNAME:
- get_param:
- - CloudEndpoints
- - get_param: [ServiceNetMap, ContrailAnalyticsNetwork]
- IP_ADDRESS:
- get_param:
- - NetIpMap
- - str_replace:
- params:
- NETWORK:
- get_param: [ServiceNetMap, ContrailAnalyticsNetwork]
- template: NETWORK_uri
- host_nobrackets:
- str_replace:
- template:
- get_param: [EndpointMap, ContrailAnalyticsRedisAdmin, host]
- params:
- CLOUDNAME:
- get_param:
- - CloudEndpoints
- - get_param: [ServiceNetMap, ContrailAnalyticsNetwork]
- IP_ADDRESS:
- get_param:
- - NetIpMap
- - get_param: [ServiceNetMap, ContrailAnalyticsNetwork]
- port:
- get_param: [EndpointMap, ContrailAnalyticsRedisAdmin, port]
- protocol:
- get_param: [EndpointMap, ContrailAnalyticsRedisAdmin, protocol]
- uri:
- list_join:
- - ''
- - - get_param: [EndpointMap, ContrailAnalyticsRedisAdmin, protocol]
- - ://
- - str_replace:
- template:
- get_param: [EndpointMap, ContrailAnalyticsRedisAdmin,
- host]
- params:
- CLOUDNAME:
- get_param:
- - CloudEndpoints
- - get_param: [ServiceNetMap, ContrailAnalyticsNetwork]
- IP_ADDRESS:
- get_param:
- - NetIpMap
- - str_replace:
- params:
- NETWORK:
- get_param: [ServiceNetMap, ContrailAnalyticsNetwork]
- template: NETWORK_uri
- - ':'
- - get_param: [EndpointMap, ContrailAnalyticsRedisAdmin, port]
- uri_no_suffix:
- list_join:
- - ''
- - - get_param: [EndpointMap, ContrailAnalyticsRedisAdmin, protocol]
- - ://
- - str_replace:
- template:
- get_param: [EndpointMap, ContrailAnalyticsRedisAdmin,
- host]
- params:
- CLOUDNAME:
- get_param:
- - CloudEndpoints
- - get_param: [ServiceNetMap, ContrailAnalyticsNetwork]
- IP_ADDRESS:
- get_param:
- - NetIpMap
- - str_replace:
- params:
- NETWORK:
- get_param: [ServiceNetMap, ContrailAnalyticsNetwork]
- template: NETWORK_uri
- - ':'
- - get_param: [EndpointMap, ContrailAnalyticsRedisAdmin, port]
- ContrailAnalyticsRedisInternal:
- host:
- str_replace:
- template:
- get_param: [EndpointMap, ContrailAnalyticsRedisInternal,
- host]
- params:
- CLOUDNAME:
- get_param:
- - CloudEndpoints
- - get_param: [ServiceNetMap, ContrailAnalyticsNetwork]
- IP_ADDRESS:
- get_param:
- - NetIpMap
- - str_replace:
- params:
- NETWORK:
- get_param: [ServiceNetMap, ContrailAnalyticsNetwork]
- template: NETWORK_uri
- host_nobrackets:
- str_replace:
- template:
- get_param: [EndpointMap, ContrailAnalyticsRedisInternal,
- host]
- params:
- CLOUDNAME:
- get_param:
- - CloudEndpoints
- - get_param: [ServiceNetMap, ContrailAnalyticsNetwork]
- IP_ADDRESS:
- get_param:
- - NetIpMap
- - get_param: [ServiceNetMap, ContrailAnalyticsNetwork]
- port:
- get_param: [EndpointMap, ContrailAnalyticsRedisInternal, port]
- protocol:
- get_param: [EndpointMap, ContrailAnalyticsRedisInternal, protocol]
- uri:
- list_join:
- - ''
- - - get_param: [EndpointMap, ContrailAnalyticsRedisInternal,
- protocol]
- - ://
- - str_replace:
- template:
- get_param: [EndpointMap, ContrailAnalyticsRedisInternal,
- host]
- params:
- CLOUDNAME:
- get_param:
- - CloudEndpoints
- - get_param: [ServiceNetMap, ContrailAnalyticsNetwork]
- IP_ADDRESS:
- get_param:
- - NetIpMap
- - str_replace:
- params:
- NETWORK:
- get_param: [ServiceNetMap, ContrailAnalyticsNetwork]
- template: NETWORK_uri
- - ':'
- - get_param: [EndpointMap, ContrailAnalyticsRedisInternal,
- port]
- uri_no_suffix:
- list_join:
- - ''
- - - get_param: [EndpointMap, ContrailAnalyticsRedisInternal,
- protocol]
- - ://
- - str_replace:
- template:
- get_param: [EndpointMap, ContrailAnalyticsRedisInternal,
- host]
- params:
- CLOUDNAME:
- get_param:
- - CloudEndpoints
- - get_param: [ServiceNetMap, ContrailAnalyticsNetwork]
- IP_ADDRESS:
- get_param:
- - NetIpMap
- - str_replace:
- params:
- NETWORK:
- get_param: [ServiceNetMap, ContrailAnalyticsNetwork]
- template: NETWORK_uri
- - ':'
- - get_param: [EndpointMap, ContrailAnalyticsRedisInternal,
- port]
- ContrailAnalyticsRedisPublic:
- host:
- str_replace:
- template:
- get_param: [EndpointMap, ContrailAnalyticsRedisPublic, host]
- params:
- CLOUDNAME:
- get_param:
- - CloudEndpoints
- - get_param: [ServiceNetMap, PublicNetwork]
- IP_ADDRESS:
- get_param:
- - NetIpMap
- - str_replace:
- params:
- NETWORK:
- get_param: [ServiceNetMap, PublicNetwork]
- template: NETWORK_uri
- host_nobrackets:
- str_replace:
- template:
- get_param: [EndpointMap, ContrailAnalyticsRedisPublic, host]
- params:
- CLOUDNAME:
- get_param:
- - CloudEndpoints
- - get_param: [ServiceNetMap, PublicNetwork]
- IP_ADDRESS:
- get_param:
- - NetIpMap
- - get_param: [ServiceNetMap, PublicNetwork]
- port:
- get_param: [EndpointMap, ContrailAnalyticsRedisPublic, port]
- protocol:
- get_param: [EndpointMap, ContrailAnalyticsRedisPublic, protocol]
- uri:
- list_join:
- - ''
- - - get_param: [EndpointMap, ContrailAnalyticsRedisPublic, protocol]
- - ://
- - str_replace:
- template:
- get_param: [EndpointMap, ContrailAnalyticsRedisPublic,
- host]
- params:
- CLOUDNAME:
- get_param:
- - CloudEndpoints
- - get_param: [ServiceNetMap, PublicNetwork]
- IP_ADDRESS:
- get_param:
- - NetIpMap
- - str_replace:
- params:
- NETWORK:
- get_param: [ServiceNetMap, PublicNetwork]
- template: NETWORK_uri
- - ':'
- - get_param: [EndpointMap, ContrailAnalyticsRedisPublic, port]
- uri_no_suffix:
- list_join:
- - ''
- - - get_param: [EndpointMap, ContrailAnalyticsRedisPublic, protocol]
- - ://
- - str_replace:
- template:
- get_param: [EndpointMap, ContrailAnalyticsRedisPublic,
- host]
- params:
- CLOUDNAME:
- get_param:
- - CloudEndpoints
- - get_param: [ServiceNetMap, PublicNetwork]
- IP_ADDRESS:
- get_param:
- - NetIpMap
- - str_replace:
- params:
- NETWORK:
- get_param: [ServiceNetMap, PublicNetwork]
- template: NETWORK_uri
- - ':'
- - get_param: [EndpointMap, ContrailAnalyticsRedisPublic, port]
- ContrailConfigAdmin:
- host:
- str_replace:
- template:
- get_param: [EndpointMap, ContrailConfigAdmin, host]
- params:
- CLOUDNAME:
- get_param:
- - CloudEndpoints
- - get_param: [ServiceNetMap, ContrailConfigNetwork]
- IP_ADDRESS:
- get_param:
- - NetIpMap
- - str_replace:
- params:
- NETWORK:
- get_param: [ServiceNetMap, ContrailConfigNetwork]
- template: NETWORK_uri
- host_nobrackets:
- str_replace:
- template:
- get_param: [EndpointMap, ContrailConfigAdmin, host]
- params:
- CLOUDNAME:
- get_param:
- - CloudEndpoints
- - get_param: [ServiceNetMap, ContrailConfigNetwork]
- IP_ADDRESS:
- get_param:
- - NetIpMap
- - get_param: [ServiceNetMap, ContrailConfigNetwork]
- port:
- get_param: [EndpointMap, ContrailConfigAdmin, port]
- protocol:
- get_param: [EndpointMap, ContrailConfigAdmin, protocol]
- uri:
- list_join:
- - ''
- - - get_param: [EndpointMap, ContrailConfigAdmin, protocol]
- - ://
- - str_replace:
- template:
- get_param: [EndpointMap, ContrailConfigAdmin, host]
- params:
- CLOUDNAME:
- get_param:
- - CloudEndpoints
- - get_param: [ServiceNetMap, ContrailConfigNetwork]
- IP_ADDRESS:
- get_param:
- - NetIpMap
- - str_replace:
- params:
- NETWORK:
- get_param: [ServiceNetMap, ContrailConfigNetwork]
- template: NETWORK_uri
- - ':'
- - get_param: [EndpointMap, ContrailConfigAdmin, port]
- uri_no_suffix:
- list_join:
- - ''
- - - get_param: [EndpointMap, ContrailConfigAdmin, protocol]
- - ://
- - str_replace:
- template:
- get_param: [EndpointMap, ContrailConfigAdmin, host]
- params:
- CLOUDNAME:
- get_param:
- - CloudEndpoints
- - get_param: [ServiceNetMap, ContrailConfigNetwork]
- IP_ADDRESS:
- get_param:
- - NetIpMap
- - str_replace:
- params:
- NETWORK:
- get_param: [ServiceNetMap, ContrailConfigNetwork]
- template: NETWORK_uri
- - ':'
- - get_param: [EndpointMap, ContrailConfigAdmin, port]
- ContrailConfigInternal:
- host:
- str_replace:
- template:
- get_param: [EndpointMap, ContrailConfigInternal, host]
- params:
- CLOUDNAME:
- get_param:
- - CloudEndpoints
- - get_param: [ServiceNetMap, ContrailConfigNetwork]
- IP_ADDRESS:
- get_param:
- - NetIpMap
- - str_replace:
- params:
- NETWORK:
- get_param: [ServiceNetMap, ContrailConfigNetwork]
- template: NETWORK_uri
- host_nobrackets:
- str_replace:
- template:
- get_param: [EndpointMap, ContrailConfigInternal, host]
- params:
- CLOUDNAME:
- get_param:
- - CloudEndpoints
- - get_param: [ServiceNetMap, ContrailConfigNetwork]
- IP_ADDRESS:
- get_param:
- - NetIpMap
- - get_param: [ServiceNetMap, ContrailConfigNetwork]
- port:
- get_param: [EndpointMap, ContrailConfigInternal, port]
- protocol:
- get_param: [EndpointMap, ContrailConfigInternal, protocol]
- uri:
- list_join:
- - ''
- - - get_param: [EndpointMap, ContrailConfigInternal, protocol]
- - ://
- - str_replace:
- template:
- get_param: [EndpointMap, ContrailConfigInternal, host]
- params:
- CLOUDNAME:
- get_param:
- - CloudEndpoints
- - get_param: [ServiceNetMap, ContrailConfigNetwork]
- IP_ADDRESS:
- get_param:
- - NetIpMap
- - str_replace:
- params:
- NETWORK:
- get_param: [ServiceNetMap, ContrailConfigNetwork]
- template: NETWORK_uri
- - ':'
- - get_param: [EndpointMap, ContrailConfigInternal, port]
- uri_no_suffix:
- list_join:
- - ''
- - - get_param: [EndpointMap, ContrailConfigInternal, protocol]
- - ://
- - str_replace:
- template:
- get_param: [EndpointMap, ContrailConfigInternal, host]
- params:
- CLOUDNAME:
- get_param:
- - CloudEndpoints
- - get_param: [ServiceNetMap, ContrailConfigNetwork]
- IP_ADDRESS:
- get_param:
- - NetIpMap
- - str_replace:
- params:
- NETWORK:
- get_param: [ServiceNetMap, ContrailConfigNetwork]
- template: NETWORK_uri
- - ':'
- - get_param: [EndpointMap, ContrailConfigInternal, port]
- ContrailConfigPublic:
- host:
- str_replace:
- template:
- get_param: [EndpointMap, ContrailConfigPublic, host]
- params:
- CLOUDNAME:
- get_param:
- - CloudEndpoints
- - get_param: [ServiceNetMap, PublicNetwork]
- IP_ADDRESS:
- get_param:
- - NetIpMap
- - str_replace:
- params:
- NETWORK:
- get_param: [ServiceNetMap, PublicNetwork]
- template: NETWORK_uri
- host_nobrackets:
- str_replace:
- template:
- get_param: [EndpointMap, ContrailConfigPublic, host]
- params:
- CLOUDNAME:
- get_param:
- - CloudEndpoints
- - get_param: [ServiceNetMap, PublicNetwork]
- IP_ADDRESS:
- get_param:
- - NetIpMap
- - get_param: [ServiceNetMap, PublicNetwork]
- port:
- get_param: [EndpointMap, ContrailConfigPublic, port]
- protocol:
- get_param: [EndpointMap, ContrailConfigPublic, protocol]
- uri:
- list_join:
- - ''
- - - get_param: [EndpointMap, ContrailConfigPublic, protocol]
- - ://
- - str_replace:
- template:
- get_param: [EndpointMap, ContrailConfigPublic, host]
- params:
- CLOUDNAME:
- get_param:
- - CloudEndpoints
- - get_param: [ServiceNetMap, PublicNetwork]
- IP_ADDRESS:
- get_param:
- - NetIpMap
- - str_replace:
- params:
- NETWORK:
- get_param: [ServiceNetMap, PublicNetwork]
- template: NETWORK_uri
- - ':'
- - get_param: [EndpointMap, ContrailConfigPublic, port]
- uri_no_suffix:
- list_join:
- - ''
- - - get_param: [EndpointMap, ContrailConfigPublic, protocol]
- - ://
- - str_replace:
- template:
- get_param: [EndpointMap, ContrailConfigPublic, host]
- params:
- CLOUDNAME:
- get_param:
- - CloudEndpoints
- - get_param: [ServiceNetMap, PublicNetwork]
- IP_ADDRESS:
- get_param:
- - NetIpMap
- - str_replace:
- params:
- NETWORK:
- get_param: [ServiceNetMap, PublicNetwork]
- template: NETWORK_uri
- - ':'
- - get_param: [EndpointMap, ContrailConfigPublic, port]
- ContrailDiscoveryAdmin:
- host:
- str_replace:
- template:
- get_param: [EndpointMap, ContrailDiscoveryAdmin, host]
- params:
- CLOUDNAME:
- get_param:
- - CloudEndpoints
- - get_param: [ServiceNetMap, ContrailConfigNetwork]
- IP_ADDRESS:
- get_param:
- - NetIpMap
- - str_replace:
- params:
- NETWORK:
- get_param: [ServiceNetMap, ContrailConfigNetwork]
- template: NETWORK_uri
- host_nobrackets:
- str_replace:
- template:
- get_param: [EndpointMap, ContrailDiscoveryAdmin, host]
- params:
- CLOUDNAME:
- get_param:
- - CloudEndpoints
- - get_param: [ServiceNetMap, ContrailConfigNetwork]
- IP_ADDRESS:
- get_param:
- - NetIpMap
- - get_param: [ServiceNetMap, ContrailConfigNetwork]
- port:
- get_param: [EndpointMap, ContrailDiscoveryAdmin, port]
- protocol:
- get_param: [EndpointMap, ContrailDiscoveryAdmin, protocol]
- uri:
- list_join:
- - ''
- - - get_param: [EndpointMap, ContrailDiscoveryAdmin, protocol]
- - ://
- - str_replace:
- template:
- get_param: [EndpointMap, ContrailDiscoveryAdmin, host]
- params:
- CLOUDNAME:
- get_param:
- - CloudEndpoints
- - get_param: [ServiceNetMap, ContrailConfigNetwork]
- IP_ADDRESS:
- get_param:
- - NetIpMap
- - str_replace:
- params:
- NETWORK:
- get_param: [ServiceNetMap, ContrailConfigNetwork]
- template: NETWORK_uri
- - ':'
- - get_param: [EndpointMap, ContrailDiscoveryAdmin, port]
- uri_no_suffix:
- list_join:
- - ''
- - - get_param: [EndpointMap, ContrailDiscoveryAdmin, protocol]
- - ://
- - str_replace:
- template:
- get_param: [EndpointMap, ContrailDiscoveryAdmin, host]
- params:
- CLOUDNAME:
- get_param:
- - CloudEndpoints
- - get_param: [ServiceNetMap, ContrailConfigNetwork]
- IP_ADDRESS:
- get_param:
- - NetIpMap
- - str_replace:
- params:
- NETWORK:
- get_param: [ServiceNetMap, ContrailConfigNetwork]
- template: NETWORK_uri
- - ':'
- - get_param: [EndpointMap, ContrailDiscoveryAdmin, port]
- ContrailDiscoveryInternal:
- host:
- str_replace:
- template:
- get_param: [EndpointMap, ContrailDiscoveryInternal, host]
- params:
- CLOUDNAME:
- get_param:
- - CloudEndpoints
- - get_param: [ServiceNetMap, ContrailConfigNetwork]
- IP_ADDRESS:
- get_param:
- - NetIpMap
- - str_replace:
- params:
- NETWORK:
- get_param: [ServiceNetMap, ContrailConfigNetwork]
- template: NETWORK_uri
- host_nobrackets:
- str_replace:
- template:
- get_param: [EndpointMap, ContrailDiscoveryInternal, host]
- params:
- CLOUDNAME:
- get_param:
- - CloudEndpoints
- - get_param: [ServiceNetMap, ContrailConfigNetwork]
- IP_ADDRESS:
- get_param:
- - NetIpMap
- - get_param: [ServiceNetMap, ContrailConfigNetwork]
- port:
- get_param: [EndpointMap, ContrailDiscoveryInternal, port]
- protocol:
- get_param: [EndpointMap, ContrailDiscoveryInternal, protocol]
- uri:
- list_join:
- - ''
- - - get_param: [EndpointMap, ContrailDiscoveryInternal, protocol]
- - ://
- - str_replace:
- template:
- get_param: [EndpointMap, ContrailDiscoveryInternal,
- host]
- params:
- CLOUDNAME:
- get_param:
- - CloudEndpoints
- - get_param: [ServiceNetMap, ContrailConfigNetwork]
- IP_ADDRESS:
- get_param:
- - NetIpMap
- - str_replace:
- params:
- NETWORK:
- get_param: [ServiceNetMap, ContrailConfigNetwork]
- template: NETWORK_uri
- - ':'
- - get_param: [EndpointMap, ContrailDiscoveryInternal, port]
- uri_no_suffix:
- list_join:
- - ''
- - - get_param: [EndpointMap, ContrailDiscoveryInternal, protocol]
- - ://
- - str_replace:
- template:
- get_param: [EndpointMap, ContrailDiscoveryInternal,
- host]
- params:
- CLOUDNAME:
- get_param:
- - CloudEndpoints
- - get_param: [ServiceNetMap, ContrailConfigNetwork]
- IP_ADDRESS:
- get_param:
- - NetIpMap
- - str_replace:
- params:
- NETWORK:
- get_param: [ServiceNetMap, ContrailConfigNetwork]
- template: NETWORK_uri
- - ':'
- - get_param: [EndpointMap, ContrailDiscoveryInternal, port]
- ContrailDiscoveryPublic:
- host:
- str_replace:
- template:
- get_param: [EndpointMap, ContrailDiscoveryPublic, host]
- params:
- CLOUDNAME:
- get_param:
- - CloudEndpoints
- - get_param: [ServiceNetMap, PublicNetwork]
- IP_ADDRESS:
- get_param:
- - NetIpMap
- - str_replace:
- params:
- NETWORK:
- get_param: [ServiceNetMap, PublicNetwork]
- template: NETWORK_uri
- host_nobrackets:
- str_replace:
- template:
- get_param: [EndpointMap, ContrailDiscoveryPublic, host]
- params:
- CLOUDNAME:
- get_param:
- - CloudEndpoints
- - get_param: [ServiceNetMap, PublicNetwork]
- IP_ADDRESS:
- get_param:
- - NetIpMap
- - get_param: [ServiceNetMap, PublicNetwork]
- port:
- get_param: [EndpointMap, ContrailDiscoveryPublic, port]
- protocol:
- get_param: [EndpointMap, ContrailDiscoveryPublic, protocol]
- uri:
- list_join:
- - ''
- - - get_param: [EndpointMap, ContrailDiscoveryPublic, protocol]
- - ://
- - str_replace:
- template:
- get_param: [EndpointMap, ContrailDiscoveryPublic, host]
- params:
- CLOUDNAME:
- get_param:
- - CloudEndpoints
- - get_param: [ServiceNetMap, PublicNetwork]
- IP_ADDRESS:
- get_param:
- - NetIpMap
- - str_replace:
- params:
- NETWORK:
- get_param: [ServiceNetMap, PublicNetwork]
- template: NETWORK_uri
- - ':'
- - get_param: [EndpointMap, ContrailDiscoveryPublic, port]
- uri_no_suffix:
- list_join:
- - ''
- - - get_param: [EndpointMap, ContrailDiscoveryPublic, protocol]
- - ://
- - str_replace:
- template:
- get_param: [EndpointMap, ContrailDiscoveryPublic, host]
- params:
- CLOUDNAME:
- get_param:
- - CloudEndpoints
- - get_param: [ServiceNetMap, PublicNetwork]
- IP_ADDRESS:
- get_param:
- - NetIpMap
- - str_replace:
- params:
- NETWORK:
- get_param: [ServiceNetMap, PublicNetwork]
- template: NETWORK_uri
- - ':'
- - get_param: [EndpointMap, ContrailDiscoveryPublic, port]
- ContrailWebuiHttpAdmin:
- host:
- str_replace:
- template:
- get_param: [EndpointMap, ContrailWebuiHttpAdmin, host]
- params:
- CLOUDNAME:
- get_param:
- - CloudEndpoints
- - get_param: [ServiceNetMap, ContrailConfigNetwork]
- IP_ADDRESS:
- get_param:
- - NetIpMap
- - str_replace:
- params:
- NETWORK:
- get_param: [ServiceNetMap, ContrailConfigNetwork]
- template: NETWORK_uri
- host_nobrackets:
- str_replace:
- template:
- get_param: [EndpointMap, ContrailWebuiHttpAdmin, host]
- params:
- CLOUDNAME:
- get_param:
- - CloudEndpoints
- - get_param: [ServiceNetMap, ContrailConfigNetwork]
- IP_ADDRESS:
- get_param:
- - NetIpMap
- - get_param: [ServiceNetMap, ContrailConfigNetwork]
- port:
- get_param: [EndpointMap, ContrailWebuiHttpAdmin, port]
- protocol:
- get_param: [EndpointMap, ContrailWebuiHttpAdmin, protocol]
- uri:
- list_join:
- - ''
- - - get_param: [EndpointMap, ContrailWebuiHttpAdmin, protocol]
- - ://
- - str_replace:
- template:
- get_param: [EndpointMap, ContrailWebuiHttpAdmin, host]
- params:
- CLOUDNAME:
- get_param:
- - CloudEndpoints
- - get_param: [ServiceNetMap, ContrailConfigNetwork]
- IP_ADDRESS:
- get_param:
- - NetIpMap
- - str_replace:
- params:
- NETWORK:
- get_param: [ServiceNetMap, ContrailConfigNetwork]
- template: NETWORK_uri
- - ':'
- - get_param: [EndpointMap, ContrailWebuiHttpAdmin, port]
- uri_no_suffix:
- list_join:
- - ''
- - - get_param: [EndpointMap, ContrailWebuiHttpAdmin, protocol]
- - ://
- - str_replace:
- template:
- get_param: [EndpointMap, ContrailWebuiHttpAdmin, host]
- params:
- CLOUDNAME:
- get_param:
- - CloudEndpoints
- - get_param: [ServiceNetMap, ContrailConfigNetwork]
- IP_ADDRESS:
- get_param:
- - NetIpMap
- - str_replace:
- params:
- NETWORK:
- get_param: [ServiceNetMap, ContrailConfigNetwork]
- template: NETWORK_uri
- - ':'
- - get_param: [EndpointMap, ContrailWebuiHttpAdmin, port]
- ContrailWebuiHttpInternal:
- host:
- str_replace:
- template:
- get_param: [EndpointMap, ContrailWebuiHttpInternal, host]
- params:
- CLOUDNAME:
- get_param:
- - CloudEndpoints
- - get_param: [ServiceNetMap, ContrailConfigNetwork]
- IP_ADDRESS:
- get_param:
- - NetIpMap
- - str_replace:
- params:
- NETWORK:
- get_param: [ServiceNetMap, ContrailConfigNetwork]
- template: NETWORK_uri
- host_nobrackets:
- str_replace:
- template:
- get_param: [EndpointMap, ContrailWebuiHttpInternal, host]
- params:
- CLOUDNAME:
- get_param:
- - CloudEndpoints
- - get_param: [ServiceNetMap, ContrailConfigNetwork]
- IP_ADDRESS:
- get_param:
- - NetIpMap
- - get_param: [ServiceNetMap, ContrailConfigNetwork]
- port:
- get_param: [EndpointMap, ContrailWebuiHttpInternal, port]
- protocol:
- get_param: [EndpointMap, ContrailWebuiHttpInternal, protocol]
- uri:
- list_join:
- - ''
- - - get_param: [EndpointMap, ContrailWebuiHttpInternal, protocol]
- - ://
- - str_replace:
- template:
- get_param: [EndpointMap, ContrailWebuiHttpInternal,
- host]
- params:
- CLOUDNAME:
- get_param:
- - CloudEndpoints
- - get_param: [ServiceNetMap, ContrailConfigNetwork]
- IP_ADDRESS:
- get_param:
- - NetIpMap
- - str_replace:
- params:
- NETWORK:
- get_param: [ServiceNetMap, ContrailConfigNetwork]
- template: NETWORK_uri
- - ':'
- - get_param: [EndpointMap, ContrailWebuiHttpInternal, port]
- uri_no_suffix:
- list_join:
- - ''
- - - get_param: [EndpointMap, ContrailWebuiHttpInternal, protocol]
- - ://
- - str_replace:
- template:
- get_param: [EndpointMap, ContrailWebuiHttpInternal,
- host]
- params:
- CLOUDNAME:
- get_param:
- - CloudEndpoints
- - get_param: [ServiceNetMap, ContrailConfigNetwork]
- IP_ADDRESS:
- get_param:
- - NetIpMap
- - str_replace:
- params:
- NETWORK:
- get_param: [ServiceNetMap, ContrailConfigNetwork]
- template: NETWORK_uri
- - ':'
- - get_param: [EndpointMap, ContrailWebuiHttpInternal, port]
- ContrailWebuiHttpPublic:
- host:
- str_replace:
- template:
- get_param: [EndpointMap, ContrailWebuiHttpPublic, host]
- params:
- CLOUDNAME:
- get_param:
- - CloudEndpoints
- - get_param: [ServiceNetMap, PublicNetwork]
- IP_ADDRESS:
- get_param:
- - NetIpMap
- - str_replace:
- params:
- NETWORK:
- get_param: [ServiceNetMap, PublicNetwork]
- template: NETWORK_uri
- host_nobrackets:
- str_replace:
- template:
- get_param: [EndpointMap, ContrailWebuiHttpPublic, host]
- params:
- CLOUDNAME:
- get_param:
- - CloudEndpoints
- - get_param: [ServiceNetMap, PublicNetwork]
- IP_ADDRESS:
- get_param:
- - NetIpMap
- - get_param: [ServiceNetMap, PublicNetwork]
- port:
- get_param: [EndpointMap, ContrailWebuiHttpPublic, port]
- protocol:
- get_param: [EndpointMap, ContrailWebuiHttpPublic, protocol]
- uri:
- list_join:
- - ''
- - - get_param: [EndpointMap, ContrailWebuiHttpPublic, protocol]
- - ://
- - str_replace:
- template:
- get_param: [EndpointMap, ContrailWebuiHttpPublic, host]
- params:
- CLOUDNAME:
- get_param:
- - CloudEndpoints
- - get_param: [ServiceNetMap, PublicNetwork]
- IP_ADDRESS:
- get_param:
- - NetIpMap
- - str_replace:
- params:
- NETWORK:
- get_param: [ServiceNetMap, PublicNetwork]
- template: NETWORK_uri
- - ':'
- - get_param: [EndpointMap, ContrailWebuiHttpPublic, port]
- uri_no_suffix:
- list_join:
- - ''
- - - get_param: [EndpointMap, ContrailWebuiHttpPublic, protocol]
- - ://
- - str_replace:
- template:
- get_param: [EndpointMap, ContrailWebuiHttpPublic, host]
- params:
- CLOUDNAME:
- get_param:
- - CloudEndpoints
- - get_param: [ServiceNetMap, PublicNetwork]
- IP_ADDRESS:
- get_param:
- - NetIpMap
- - str_replace:
- params:
- NETWORK:
- get_param: [ServiceNetMap, PublicNetwork]
- template: NETWORK_uri
- - ':'
- - get_param: [EndpointMap, ContrailWebuiHttpPublic, port]
- ContrailWebuiHttpsAdmin:
- host:
- str_replace:
- template:
- get_param: [EndpointMap, ContrailWebuiHttpsAdmin, host]
- params:
- CLOUDNAME:
- get_param:
- - CloudEndpoints
- - get_param: [ServiceNetMap, ContrailConfigNetwork]
- IP_ADDRESS:
- get_param:
- - NetIpMap
- - str_replace:
- params:
- NETWORK:
- get_param: [ServiceNetMap, ContrailConfigNetwork]
- template: NETWORK_uri
- host_nobrackets:
- str_replace:
- template:
- get_param: [EndpointMap, ContrailWebuiHttpsAdmin, host]
- params:
- CLOUDNAME:
- get_param:
- - CloudEndpoints
- - get_param: [ServiceNetMap, ContrailConfigNetwork]
- IP_ADDRESS:
- get_param:
- - NetIpMap
- - get_param: [ServiceNetMap, ContrailConfigNetwork]
- port:
- get_param: [EndpointMap, ContrailWebuiHttpsAdmin, port]
- protocol:
- get_param: [EndpointMap, ContrailWebuiHttpsAdmin, protocol]
- uri:
- list_join:
- - ''
- - - get_param: [EndpointMap, ContrailWebuiHttpsAdmin, protocol]
- - ://
- - str_replace:
- template:
- get_param: [EndpointMap, ContrailWebuiHttpsAdmin, host]
- params:
- CLOUDNAME:
- get_param:
- - CloudEndpoints
- - get_param: [ServiceNetMap, ContrailConfigNetwork]
- IP_ADDRESS:
- get_param:
- - NetIpMap
- - str_replace:
- params:
- NETWORK:
- get_param: [ServiceNetMap, ContrailConfigNetwork]
- template: NETWORK_uri
- - ':'
- - get_param: [EndpointMap, ContrailWebuiHttpsAdmin, port]
- uri_no_suffix:
- list_join:
- - ''
- - - get_param: [EndpointMap, ContrailWebuiHttpsAdmin, protocol]
- - ://
- - str_replace:
- template:
- get_param: [EndpointMap, ContrailWebuiHttpsAdmin, host]
- params:
- CLOUDNAME:
- get_param:
- - CloudEndpoints
- - get_param: [ServiceNetMap, ContrailConfigNetwork]
- IP_ADDRESS:
- get_param:
- - NetIpMap
- - str_replace:
- params:
- NETWORK:
- get_param: [ServiceNetMap, ContrailConfigNetwork]
- template: NETWORK_uri
- - ':'
- - get_param: [EndpointMap, ContrailWebuiHttpsAdmin, port]
- ContrailWebuiHttpsInternal:
- host:
- str_replace:
- template:
- get_param: [EndpointMap, ContrailWebuiHttpsInternal, host]
- params:
- CLOUDNAME:
- get_param:
- - CloudEndpoints
- - get_param: [ServiceNetMap, ContrailConfigNetwork]
- IP_ADDRESS:
- get_param:
- - NetIpMap
- - str_replace:
- params:
- NETWORK:
- get_param: [ServiceNetMap, ContrailConfigNetwork]
- template: NETWORK_uri
- host_nobrackets:
- str_replace:
- template:
- get_param: [EndpointMap, ContrailWebuiHttpsInternal, host]
- params:
- CLOUDNAME:
- get_param:
- - CloudEndpoints
- - get_param: [ServiceNetMap, ContrailConfigNetwork]
- IP_ADDRESS:
- get_param:
- - NetIpMap
- - get_param: [ServiceNetMap, ContrailConfigNetwork]
- port:
- get_param: [EndpointMap, ContrailWebuiHttpsInternal, port]
- protocol:
- get_param: [EndpointMap, ContrailWebuiHttpsInternal, protocol]
- uri:
- list_join:
- - ''
- - - get_param: [EndpointMap, ContrailWebuiHttpsInternal, protocol]
- - ://
- - str_replace:
- template:
- get_param: [EndpointMap, ContrailWebuiHttpsInternal,
- host]
- params:
- CLOUDNAME:
- get_param:
- - CloudEndpoints
- - get_param: [ServiceNetMap, ContrailConfigNetwork]
- IP_ADDRESS:
- get_param:
- - NetIpMap
- - str_replace:
- params:
- NETWORK:
- get_param: [ServiceNetMap, ContrailConfigNetwork]
- template: NETWORK_uri
- - ':'
- - get_param: [EndpointMap, ContrailWebuiHttpsInternal, port]
- uri_no_suffix:
- list_join:
- - ''
- - - get_param: [EndpointMap, ContrailWebuiHttpsInternal, protocol]
- - ://
- - str_replace:
- template:
- get_param: [EndpointMap, ContrailWebuiHttpsInternal,
- host]
- params:
- CLOUDNAME:
- get_param:
- - CloudEndpoints
- - get_param: [ServiceNetMap, ContrailConfigNetwork]
- IP_ADDRESS:
- get_param:
- - NetIpMap
- - str_replace:
- params:
- NETWORK:
- get_param: [ServiceNetMap, ContrailConfigNetwork]
- template: NETWORK_uri
- - ':'
- - get_param: [EndpointMap, ContrailWebuiHttpsInternal, port]
- ContrailWebuiHttpsPublic:
- host:
- str_replace:
- template:
- get_param: [EndpointMap, ContrailWebuiHttpsPublic, host]
- params:
- CLOUDNAME:
- get_param:
- - CloudEndpoints
- - get_param: [ServiceNetMap, PublicNetwork]
- IP_ADDRESS:
- get_param:
- - NetIpMap
- - str_replace:
- params:
- NETWORK:
- get_param: [ServiceNetMap, PublicNetwork]
- template: NETWORK_uri
- host_nobrackets:
- str_replace:
- template:
- get_param: [EndpointMap, ContrailWebuiHttpsPublic, host]
- params:
- CLOUDNAME:
- get_param:
- - CloudEndpoints
- - get_param: [ServiceNetMap, PublicNetwork]
- IP_ADDRESS:
- get_param:
- - NetIpMap
- - get_param: [ServiceNetMap, PublicNetwork]
- port:
- get_param: [EndpointMap, ContrailWebuiHttpsPublic, port]
- protocol:
- get_param: [EndpointMap, ContrailWebuiHttpsPublic, protocol]
- uri:
- list_join:
- - ''
- - - get_param: [EndpointMap, ContrailWebuiHttpsPublic, protocol]
- - ://
- - str_replace:
- template:
- get_param: [EndpointMap, ContrailWebuiHttpsPublic, host]
- params:
- CLOUDNAME:
- get_param:
- - CloudEndpoints
- - get_param: [ServiceNetMap, PublicNetwork]
- IP_ADDRESS:
- get_param:
- - NetIpMap
- - str_replace:
- params:
- NETWORK:
- get_param: [ServiceNetMap, PublicNetwork]
- template: NETWORK_uri
- - ':'
- - get_param: [EndpointMap, ContrailWebuiHttpsPublic, port]
- uri_no_suffix:
- list_join:
- - ''
- - - get_param: [EndpointMap, ContrailWebuiHttpsPublic, protocol]
- - ://
- - str_replace:
- template:
- get_param: [EndpointMap, ContrailWebuiHttpsPublic, host]
- params:
- CLOUDNAME:
- get_param:
- - CloudEndpoints
- - get_param: [ServiceNetMap, PublicNetwork]
- IP_ADDRESS:
- get_param:
- - NetIpMap
- - str_replace:
- params:
- NETWORK:
- get_param: [ServiceNetMap, PublicNetwork]
- template: NETWORK_uri
- - ':'
- - get_param: [EndpointMap, ContrailWebuiHttpsPublic, port]
Ec2ApiAdmin:
host:
str_replace:
description: Neutron external network
value: {get_resource: ExternalNetwork}
subnet_cidr:
- value: {get_attr: ExternalSubnet, cidr}
+ value: {get_attr: [ExternalSubnet, cidr]}
description: Neutron external network
value: {get_resource: ExternalNetwork}
subnet_cidr:
- value: {get_attr: ExternalSubnet, cidr}
+ value: {get_attr: [ExternalSubnet, cidr]}
description: Neutron internal network
value: {get_resource: InternalApiNetwork}
subnet_cidr:
- value: {get_attr: InternalApiSubnet, cidr}
+ value: {get_attr: [InternalApiSubnet, cidr]}
description: Neutron internal network
value: {get_resource: InternalApiNetwork}
subnet_cidr:
- value: {get_attr: InternalApiSubnet, cidr}
+ value: {get_attr: [InternalApiSubnet, cidr]}
description: Ip allocation pool range for the management network.
type: json
ManagementInterfaceDefaultRoute:
- default: null
+ default: unset
description: The default route of the management network.
type: string
description: Neutron management network
value: {get_resource: ManagementNetwork}
subnet_cidr:
- value: {get_attr: ManagementSubnet, cidr}
+ value: {get_attr: [ManagementSubnet, cidr]}
description: Neutron management network
value: {get_resource: ManagementNetwork}
subnet_cidr:
- value: {get_attr: ManagementSubnet, cidr}
+ value: {get_attr: [ManagementSubnet, cidr]}
--- /dev/null
+heat_template_version: pike
+
+description: >
+ {{network.name}} network definition (automatically generated).
+
+parameters:
+ # the defaults here work for static IP assignment (IPAM) only
+ {{network.name}}NetCidr:
+ default: {{network.ip_subnet|default("")}}
+ description: Cidr for the {{network.name_lower}} network.
+ type: string
+ {{network.name}}NetValueSpecs:
+ default: {'provider:physical_network': '{{network.name_lower}}', 'provider:network_type': 'flat'}
+ description: Value specs for the {{network.name_lower}} network.
+ type: json
+ {{network.name}}NetAdminStateUp:
+ default: false
+ description: This admin state of the network.
+ type: boolean
+ {{network.name}}NetEnableDHCP:
+ default: false
+ description: Whether to enable DHCP on the associated subnet.
+ type: boolean
+ {{network.name}}NetShared:
+ default: false
+ description: Whether this network is shared across all tenants.
+ type: boolean
+ {{network.name}}NetName:
+ default: {{network.name_lower}}
+ description: The name of the {{network.name_lower}} network.
+ type: string
+ {{network.name}}SubnetName:
+ default: {{network.name_lower}}_subnet
+ description: The name of the {{network.name_lower}} subnet in Neutron.
+ type: string
+ {{network.name}}AllocationPools:
+ default: {{network.allocation_pools|default([])}}
+ description: Ip allocation pool range for the {{network.name_lower}} network.
+ type: json
+ {{network.name}}InterfaceDefaultRoute:
+ default: {{network.gateway_ip|default("not_defined")}}
+ description: default route for the {{network.name_lower}} network
+ type: string
+{%- if network.vlan %}
+ {{network.name}}NetworkVlanID:
+ default: {{network.vlan}}
+ description: Vlan ID for the {{network.name}} network traffic.
+ type: number
+{%- endif %}
+{%- if network.ipv6 %}
+ IPv6AddressMode:
+ default: dhcpv6-stateful
+ description: Neutron subnet IPv6 address mode
+ type: string
+ IPv6RAMode:
+ default: dhcpv6-stateful
+ description: Neutron subnet IPv6 router advertisement mode
+ type: string
+{%- endif %}
+
+resources:
+ {{network.name}}Network:
+ type: OS::Neutron::Net
+ properties:
+ admin_state_up: {get_param: {{network.name}}NetAdminStateUp}
+ name: {get_param: {{network.name}}NetName}
+ shared: {get_param: {{network.name}}NetShared}
+ value_specs: {get_param: {{network.name}}NetValueSpecs}
+
+ {{network.name}}Subnet:
+ type: OS::Neutron::Subnet
+ properties:
+ cidr: {get_param: {{network.name}}NetCidr}
+ name: {get_param: {{network.name}}SubnetName}
+ network: {get_resource: {{network.name}}Network}
+ allocation_pools: {get_param: {{network.name}}AllocationPools}
+ gateway_ip: {get_param: {{network.name}}InterfaceDefaultRoute}
+{%- if network.ipv6 %}
+ ip_version: 6
+ ipv6_address_mode: {get_param: IPv6AddressMode}
+ ipv6_ra_mode: {get_param: IPv6RAMode}
+{%- else %}
+ enable_dhcp: {get_param: {{network.name}}NetEnableDHCP}
+{%- endif %}
+
+outputs:
+ OS::stack_id:
+ description: {{network.name_lower}} network
+ value: {get_resource: {{network.name}}Network}
+ subnet_cidr:
+ value: {get_attr: [{{network.name}}Subnet, cidr]}
resources:
{%- for network in networks %}
- {%- if network.name != 'InternalApi' %}
{{network.name}}Network:
- {%- else %}
- InternalNetwork:
- {%- endif %}
type: OS::TripleO::Network::{{network.name}}
{%- endfor %}
# NOTE(gfidente): we need to replace the null value with a
# string to work around https://bugs.launchpad.net/heat/+bug/1700025
{%- for network in networks %}
- {%- if network.name != 'InternalApi' %}
{{network.name_lower}}:
yaql:
data: {get_attr: [{{network.name}}Network, subnet_cidr]}
expression: str($.data).replace('null', 'disabled')
- {%- else %}
- {{network.name_lower}}:
- yaql:
- data: {get_attr: [InternalNetwork, subnet_cidr]}
- expression: str($.data).replace('null', 'disabled')
- {%- endif %}
{%- endfor %}
description: Name of the service to lookup
default: ''
type: string
- NetworkName:
- description: # Here for compatibility with isolated networks
+ NetworkName: # Here for compatibility with isolated networks
+ description: Name of the network where the VIP will be created
default: ctlplane
type: string
PortName:
parameters:
ExternalNetName:
- description: Name of the external neutron network
+ description: The name of the external network.
default: external
type: string
PortName:
parameters:
ExternalNetName:
- description: Name of the external network
+ description: The name of the external network.
default: external
type: string
PortName:
parameters:
ExternalNetName:
- description: Name of the external network
+ description: The name of the external network.
default: external
type: string
PortName:
parameters:
ExternalNetName:
- description: Name of the external neutron network
+ description: The name of the external network.
default: external
type: string
PortName:
parameters:
InternalApiNetName:
- description: Name of the internal API neutron network
+ description: The name of the internal API network.
default: internal_api
type: string
PortName:
parameters:
InternalApiNetName:
- description: Name of the internal API network
+ description: The name of the internal API network.
default: internal_api
type: string
PortName:
parameters:
InternalApiNetName:
- description: Name of the internal API network
+ description: The name of the internal API network.
default: internal_api
type: string
PortName:
parameters:
InternalApiNetName:
- description: Name of the internal API neutron network
+ description: The name of the internal API network.
default: internal_api
type: string
PortName:
parameters:
ManagementNetName:
- description: Name of the management neutron network
+ description: The name of the management network.
default: management
type: string
PortName:
parameters:
ManagementNetName:
- description: Name of the management network
+ description: The name of the management network.
default: management
type: string
PortName:
parameters:
ManagementNetName:
- description: Name of the management network
+ description: The name of the management network.
default: management
type: string
PortName:
parameters:
ManagementNetName:
- description: Name of the management neutron network
+ description: The name of the management network.
default: management
type: string
PortName:
ExternalIpSubnet:
default: ''
type: string
+ description: IP address/subnet on the external network
ExternalIpUri:
default: ''
type: string
InternalApiIpSubnet:
default: ''
type: string
+ description: IP address/subnet on the internal API network
InternalApiIpUri:
default: ''
type: string
StorageIpSubnet:
default: ''
type: string
+ description: IP address/subnet on the storage network
StorageIpUri:
default: ''
type: string
StorageMgmtIpSubnet:
default: ''
type: string
+ description: IP address/subnet on the storage mgmt network
StorageMgmtIpUri:
default: ''
type: string
TenantIpSubnet:
default: ''
type: string
+ description: IP address/subnet on the tenant network
TenantIpUri:
default: ''
type: string
ExternalIpUri:
default: ''
type: string
+ description: IP address with brackets in case of IPv6
InternalApiIp:
default: ''
type: string
InternalApiIpUri:
default: ''
type: string
+ description: IP address with brackets in case of IPv6
StorageIp:
default: ''
type: string
StorageIpUri:
default: ''
type: string
+ description: IP address with brackets in case of IPv6
StorageMgmtIp:
default: ''
type: string
StorageMgmtIpUri:
default: ''
type: string
+ description: IP address with brackets in case of IPv6
outputs:
net_ip_map:
ExternalIpUri:
default: ''
type: string
+ description: IP address with brackets in case of IPv6
InternalApiIp:
default: ''
type: string
InternalApiIpUri:
default: ''
type: string
+ description: IP address with brackets in case of IPv6
StorageIp:
default: ''
type: string
StorageIpUri:
default: ''
type: string
+ description: IP address with brackets in case of IPv6
StorageMgmtIp:
default: ''
type: string
StorageMgmtIpUri:
default: ''
type: string
+ description: IP address with brackets in case of IPv6
outputs:
net_ip_map:
description: IP address on the control plane
type: string
ControlPlaneNetwork:
- description: Name of the control plane network
+ description: The name of the undercloud Neutron control plane
default: ctlplane
type: string
PortName:
description: Name of the port
default: ''
type: string
- NetworkName:
- description: # Here for compatibility with vip.yaml
- default: ''
+ NetworkName: # Here for compatibility with vip.yaml
+ description: Name of the network where the VIP will be created
+ default: ctlplane
type: string
FixedIPs:
- description: # Here for compatibility with vip.yaml
+ description: >
+ Control the IP allocation for the VIP port. E.g.
+ [{'ip_address':'1.2.3.4'}]
default: []
type: json
ControlPlaneSubnetCidr: # Override this via parameter_defaults
--- /dev/null
+heat_template_version: pike
+
+description: >
+ Creates a port on the {{network.name}} network. The IP address will be chosen
+ automatically if FixedIPs is empty.
+
+parameters:
+ {{network.name}}NetName:
+ description: Name of the {{network.name_lower}} neutron network
+ default: {{network.name_lower|default(network.name|lower)}}
+ type: string
+ PortName:
+ description: Name of the port
+ default: ''
+ type: string
+ ControlPlaneIP: # Here for compatibility with noop.yaml
+ description: IP address on the control plane
+ default: ''
+ type: string
+ ControlPlaneNetwork: # Here for compatibility with ctlplane_vip.yaml
+ description: The name of the undercloud Neutron control plane
+ default: ctlplane
+ type: string
+ FixedIPs:
+ description: >
+ Control the IP allocation for the VIP port. E.g.
+ [{'ip_address':'1.2.3.4'}]
+ default: []
+ type: json
+ IPPool: # Here for compatibility with from_pool.yaml
+ default: {}
+ type: json
+ NodeIndex: # Here for compatibility with from_pool.yaml
+ default: 0
+ type: number
+
+resources:
+
+ {{network.name}}Port:
+ type: OS::Neutron::Port
+ properties:
+ network: {get_param: {{network.name}}NetName}
+ name: {get_param: PortName}
+ fixed_ips: {get_param: FixedIPs}
+ replacement_policy: AUTO
+
+outputs:
+ ip_address:
+ description: {{network.name}} network IP
+ value: {get_attr: [{{network.name}}Port, fixed_ips, 0, ip_address]}
+ ip_address_uri:
+{%- if network.ipv6 %}
+ description: {{network.name}} network IP (with brackets for IPv6 URLs)
+ value:
+ list_join:
+ - ''
+ - - '['
+ - {get_attr: [{{network.name}}Port, fixed_ips, 0, ip_address]}
+ - ']'
+{%- else %}
+ description: {{network.name}} network IP (for compatibility with IPv6 URLs)
+ value: {get_attr: [{{network.name}}Port, fixed_ips, 0, ip_address]}
+{%- endif %}
+ ip_subnet:
+ description: IP/Subnet CIDR for the {{network.name}} network IP
+ value:
+ list_join:
+ - ''
+ - - {get_attr: [{{network.name}}Port, fixed_ips, 0, ip_address]}
+ - '/'
+ - {str_split: ['/', {get_attr: [{{network.name}}Port, subnets, 0, cidr]}, 1]}
+
--- /dev/null
+heat_template_version: pike
+
+description: >
+ Creates a port on the {{network.name}} network, using a map of IPs per role.
+ Each role has a map of IPs in <Role>IPs parameters, with a list of IPs by
+ network (lower_name or lower case). For example:
+ ControllerIPs:
+ external:
+ - 1.2.3.4 # First controller
+ - 1.2.3.5 # Second controller
+
+parameters:
+ {{network.name}}NetName:
+ description: Name of the {{network.name}} neutron network
+ default: {{network.name_lower}}
+ type: string
+ PortName:
+ description: Name of the port
+ default: ''
+ type: string
+ ControlPlaneIP: # Here for compatibility with noop.yaml
+ description: IP address on the control plane
+ default: ''
+ type: string
+ ControlPlaneNetwork: # Here for compatibility with ctlplane_vip.yaml
+ description: The name of the undercloud Neutron control plane
+ default: ctlplane
+ type: string
+ IPPool: # Set in <Role>IPs map, see environments/ips-from-pool-all.yaml
+ default: {}
+ type: json
+ NodeIndex: # First node in the role will get first IP, and so on...
+ default: 0
+ type: number
+ {{network.name}}NetCidr:
+ default: {{network.ip_subnet}}
+ description: Cidr for the {{network.name_lower}} network.
+ type: string
+
+outputs:
+ ip_address:
+ description: {{network.name}} network IP
+ value: {get_param: [IPPool, {get_param: {{network.name}}NetName}, {get_param: NodeIndex}]}
+ ip_address_uri:
+{%- if network.ipv6 %}
+ description: {{network.name}} network IP (with brackets for IPv6 URLs)
+ value:
+ list_join:
+ - ''
+ - - '['
+ - {get_param: [IPPool, {get_param: {{network.name}}NetName}, {get_param: NodeIndex}]}
+ - ']'
+{%- else %}
+ description: {{network.name}} network IP (for compatibility with {{network.name_lower}}_v6.yaml)
+ value: {get_param: [IPPool, {get_param: {{network.name}}NetName}, {get_param: NodeIndex}]}
+{%- endif %}
+ ip_subnet:
+ description: IP/Subnet CIDR for the {{network.name}} network IP
+ value:
+ list_join:
+ - ''
+ - - {get_param: [IPPool, {get_param: {{network.name}}NetName}, {get_param: NodeIndex}]}
+ - '/'
+ - {str_split: ['/', {get_param: {{network.name}}NetCidr}, 1]}
+
parameters:
StorageNetName:
- description: Name of the storage neutron network
+ description: The name of the storage network.
default: storage
type: string
PortName:
parameters:
StorageNetName:
- description: Name of the storage network
+ description: The name of the storage network.
default: storage
type: string
PortName:
parameters:
StorageNetName:
- description: Name of the storage network
+ description: The name of the storage network.
default: storage
type: string
PortName:
parameters:
StorageMgmtNetName:
- description: Name of the storage_mgmt API neutron network
+ description: The name of the Storage management network.
default: storage_mgmt
type: string
PortName:
parameters:
StorageMgmtNetName:
- description: Name of the storage MGMT network
+ description: The name of the Storage management network.
default: storage_mgmt
type: string
PortName:
type: number
StorageMgmtNetCidr:
default: '172.16.3.0/24'
- description: Cidr for the storage MGMT network.
+ description: Cidr for the storage management network.
type: string
outputs:
parameters:
StorageMgmtNetName:
- description: Name of the storage MGMT network
+ description: The name of the Storage management network.
default: storage_mgmt
type: string
PortName:
type: number
StorageMgmtNetCidr:
default: 'fd00:fd00:fd00:4000::/64'
- description: Cidr for the storage MGMT network.
+ description: Cidr for the storage management network.
type: string
outputs:
parameters:
StorageMgmtNetName:
- description: Name of the storage_mgmt API neutron network
+ description: The name of the Storage management network.
default: storage_mgmt
type: string
PortName:
parameters:
StorageNetName:
- description: Name of the storage neutron network
+ description: The name of the storage network.
default: storage
type: string
PortName:
parameters:
TenantNetName:
- description: Name of the tenant neutron network
+ description: The name of the tenant network.
default: tenant
type: string
PortName:
parameters:
TenantNetName:
- description: Name of the tenant network
+ description: The name of the tenant network.
default: tenant
type: string
PortName:
parameters:
TenantNetName:
- description: Name of the tenant network
+ description: The name of the tenant network.
default: tenant
type: string
PortName:
parameters:
TenantNetName:
- description: Name of the tenant neutron network
+ description: The name of the tenant network.
default: tenant
type: string
PortName:
type: string
NetworkName:
description: Name of the network where the VIP will be created
- default: internal_api
+ default: ctlplane
type: string
PortName:
description: Name of the port
type: string
NetworkName:
description: Name of the network where the VIP will be created
- default: internal_api
+ default: ctlplane
type: string
PortName:
description: Name of the port
description: Neutron storage network
value: {get_resource: StorageNetwork}
subnet_cidr:
- value: {get_attr: StorageSubnet, cidr}
+ value: {get_attr: [StorageSubnet, cidr]}
description: Neutron storage management network
value: {get_resource: StorageMgmtNetwork}
subnet_cidr:
- value: {get_attr: StorageMgmtSubnet, cidr}
+ value: {get_attr: [StorageMgmtSubnet, cidr]}
description: Neutron storage management network
value: {get_resource: StorageMgmtNetwork}
subnet_cidr:
- value: {get_attr: StorageMgmtSubnet, cidr}
+ value: {get_attr: [StorageMgmtSubnet, cidr]}
description: Neutron storage network
value: {get_resource: StorageNetwork}
subnet_cidr:
- value: {get_attr: StorageSubnet, cidr}
+ value: {get_attr: [StorageSubnet, cidr]}
description: Neutron tenant network
value: {get_resource: TenantNetwork}
subnet_cidr:
- value: {get_attr: TenantSubnet, cidr}
+ value: {get_attr: [TenantSubnet, cidr]}
description: Neutron tenant network
value: {get_resource: TenantNetwork}
subnet_cidr:
- value: {get_attr: TenantSubnet, cidr}
+ value: {get_attr: [TenantSubnet, cidr]}
# name: Name of the network (mandatory)
# name_lower: lowercase version of name used for filenames
# (optional, defaults to name.lower())
-# vlan: vlan for the network (optional)
-# gateway: gateway for the network (optional)
# enabled: Is the network enabled (optional, defaults to true)
+# ipv6: Does this network use IPv6 IPs? (optional, defaults to false)
+# (optional, may use parameter defaults in environment to set)
+# vlan: vlan for the network (optional)
# vip: Enable creation of a virtual IP on this network
-# [TODO] (dsneddon@redhat.com) - Enable dynamic creation of VIP ports, to support
-# VIPs on non-default networks. See https://bugs.launchpad.net/tripleo/+bug/1667104
+# [TODO] (dsneddon@redhat.com) - Enable dynamic creation of VIP ports,
+# to support VIPs on non-default networks.
+# See https://bugs.launchpad.net/tripleo/+bug/1667104
+# ip_subnet: IP/CIDR, e.g. '192.168.24.0/24' (optional, may use parameter defaults)
+# allocation_pools: IP range list e.g. [{'start':'10.0.0.4', 'end':'10.0.0.250}]
+# gateway_ip: gateway for the network (optional, may use parameter defaults)
+# NOTE: IP-related values set parameter defaults in templates, may be overridden.
+#
+# Example:
+# - name Example
+# vip: false
+# ip_subnet: '10.0.2.0/24'
+# allocation_pools: [{'start': '10.0.2.4', 'end': '10.0.2.250'}]
+# gateway_ip: '10.0.2.254'
#
+# TODO (dsneddon) remove existing templates from j2_excludes.yaml
+# and generate all templates dynamically.
+
- name: External
vip: true
name_lower: external
+ ip_subnet: '10.0.0.0/24'
+ allocation_pools: [{'start': '10.0.0.4', 'end': '10.0.0.250'}]
+ gateway_ip: '10.0.0.1'
- name: InternalApi
name_lower: internal_api
vip: true
+ ip_subnet: '172.16.2.0/24'
+ allocation_pools: [{'start': '172.16.2.4', 'end': '172.16.2.250'}]
- name: Storage
vip: true
name_lower: storage
+ ip_subnet: '172.16.1.0/24'
+ allocation_pools: [{'start': '172.16.1.4', 'end': '172.16.1.250'}]
- name: StorageMgmt
name_lower: storage_mgmt
vip: true
+ ip_subnet: '172.16.3.0/24'
+ allocation_pools: [{'start': '172.16.3.4', 'end': '172.16.3.250'}]
- name: Tenant
vip: false # Tenant network does not use VIPs
name_lower: tenant
+ ip_subnet: '172.16.0.0/24'
+ allocation_pools: [{'start': '172.16.0.4', 'end': '172.16.0.250'}]
- name: Management
# Management network is disabled by default
enabled: false
vip: false # Management network does not use VIPs
name_lower: management
+ ip_subnet: '10.0.1.0/24'
+ allocation_pools: [{'start': '10.0.1.4', 'end': '10.0.1.250'}]
OS::TripleO::Services::NeutronCorePluginML2OVN: puppet/services/neutron-plugin-ml2-ovn.yaml
OS::TripleO::Services::NeutronCorePluginPlumgrid: puppet/services/neutron-plugin-plumgrid.yaml
OS::TripleO::Services::NeutronCorePluginNuage: puppet/services/neutron-plugin-nuage.yaml
+ OS::TripleO::Services::NeutronCorePluginML2Nuage: puppet/services/neutron-plugin-ml2-nuage.yaml
OS::TripleO::Services::NeutronCorePluginNSX: puppet/services/neutron-plugin-nsx.yaml
OS::TripleO::Services::OVNDBs: OS::Heat::None
+ OS::TripleO::Services::OVNController: OS::Heat::None
OS::TripleO::Services::NeutronCorePluginMidonet: puppet/services/neutron-midonet.yaml
OS::TripleO::Services::NeutronOvsAgent: puppet/services/neutron-ovs-agent.yaml
OS::TripleO::Services::Memcached: puppet/services/memcached.yaml
OS::TripleO::Services::SaharaApi: OS::Heat::None
OS::TripleO::Services::SaharaEngine: OS::Heat::None
+ OS::TripleO::Services::Tuned: puppet/services/tuned.yaml
OS::TripleO::Services::Securetty: OS::Heat::None
OS::TripleO::Services::Sshd: puppet/services/sshd.yaml
OS::TripleO::Services::Redis: puppet/services/database/redis.yaml
CloudNameCtlplane:
default: overcloud.ctlplane.localdomain
description: >
- The DNS name of this cloud's storage management endpoint. E.g.
- 'ci-overcloud.management.tripleo.org'.
+ The DNS name of this cloud's provisioning network endpoint. E.g.
+ 'ci-overcloud.ctlplane.tripleo.org'.
type: string
ControlFixedIPs:
default: []
description: Neutron ID or name for ctlplane network.
NeutronPublicInterface:
default: nic1
- description: What interface to bridge onto br-ex for network nodes.
+ description: Which interface to add to the NeutronPhysicalBridge.
type: string
PublicVirtualFixedIPs:
default: []
parameter is generated from the parent template.
RoleParameters:
type: json
- description: Role Specific Parameters
+ description: Parameters specific to the role
default: {}
DeploymentSwiftDataMap:
type: json
parameter is generated from the parent template.
RoleParameters:
type: json
- description: Role Specific Parameters
+ description: Parameters specific to the role
default: {}
DeploymentSwiftDataMap:
type: json
parameter is generated from the parent template.
RoleParameters:
type: json
- description: Role Specific Parameters
+ description: Parameters specific to the role
default: {}
DeploymentSwiftDataMap:
type: json
parameter is generated from the parent template.
RoleParameters:
type: json
- description: Role Specific Parameters
+ description: Parameters specific to the role
default: {}
DeploymentSwiftDataMap:
type: json
default: 'regionOne'
description: Keystone region for endpoint
NovaPassword:
- description: The password for the nova service and db account, used by nova-api.
+ description: The password for the nova service and db account
type: string
hidden: true
parameter is generated from the parent template.
RoleParameters:
type: json
- description: Role Specific Parameters
+ description: Parameters specific to the role
default: {}
DeploymentSwiftDataMap:
type: json
parameter is generated from the parent template.
RoleParameters:
type: json
- description: Role Specific Parameters
+ description: Parameters specific to the role
default: {}
DeploymentSwiftDataMap:
type: json
fqdn_management: {get_attr: [NetHostMap, value, management, fqdn]}
fqdn_ctlplane: {get_attr: [NetHostMap, value, ctlplane, fqdn]}
fqdn_external: {get_attr: [NetHostMap, value, external, fqdn]}
+ {%- if 'primary' in role.tags and 'controller' in role.tags %}
+ tripleo::haproxy::service_certificate: {get_attr: [NodeTLSData, deployed_ssl_certificate_path]}
+ {%- endif -%}
# Resource for site-specific injection of root certificate
NodeTLSCAData:
- depends_on: {{role.name}}Deployment
+ depends_on: NetworkDeployment
type: OS::TripleO::NodeTLSCAData
properties:
server: {get_resource: {{role.name}}}
+ {%- if 'primary' in role.tags and 'controller' in role.tags %}
+ # Resource for site-specific passing of private keys/certificates
+ NodeTLSData:
+ depends_on: NodeTLSCAData
+ type: OS::TripleO::NodeTLSData
+ properties:
+ server: {get_resource: {{role.name}}}
+ NodeIndex: {get_param: NodeIndex}
+ {%- endif -%}
+
# Hook for site-specific additional pre-deployment config, e.g extra hieradata
{{role.name}}ExtraConfigPre:
depends_on: {{role.name}}Deployment
# Hook for site-specific additional pre-deployment config,
# applying to all nodes, e.g node registration/unregistration
NodeExtraConfig:
- depends_on: [{{role.name}}ExtraConfigPre, NodeTLSCAData]
+ depends_on:
+ - {{role.name}}ExtraConfigPre
+ {%- if 'primary' in role.tags and 'controller' in role.tags %}
+ - NodeTLSData
+ {%- else %}
+ - NodeTLSCAData
+ {%- endif %}
type: OS::TripleO::NodeExtraConfig
# We have to use conditions here so that we don't break backwards
# compatibility with templates everywhere
- 6
- 0
- keys: {hostname: {get_param: Hostname}}
+ {%- if 'primary' in role.tags and 'controller' in role.tags %}
+ tls_key_modulus_md5:
+ description: MD5 checksum of the TLS Key Modulus
+ value: {get_attr: [NodeTLSData, key_modulus_md5]}
+ tls_cert_modulus_md5:
+ description: MD5 checksum of the TLS Certificate Modulus
+ value: {get_attr: [NodeTLSData, cert_modulus_md5]}
+ {%- endif %}
os_collect_config:
description: The os-collect-config configuration associated with this server resource
value: {get_attr: [{{role.name}}, os_collect_config]}
description: Mapping of service endpoint -> protocol. Typically set
via parameter_defaults in the resource registry.
type: json
+ GnocchiExternalProject:
+ default: 'service'
+ description: Project name of resources creator in Gnocchi.
+ type: string
MonitoringSubscriptionAodhApi:
default: 'overcloud-ceilometer-aodh-api'
type: string
aodh::wsgi::apache::wsgi_process_display_name: 'aodh_wsgi'
aodh::api::service_name: 'httpd'
aodh::api::enable_proxy_headers_parsing: true
+ aodh::api::gnocchi_external_project_owner: {get_param: GnocchiExternalProject}
aodh::policy::policies: {get_param: AodhApiPolicies}
tripleo.aodh_api.firewall_rules:
'128 aodh-api':
type: string
constraints:
- allowed_values: ['naive', 'libvirt_metadata', 'workload_partitioning']
+ RedisPassword:
+ description: The password for the redis service account.
+ type: string
+ hidden: true
resources:
CeilometerServiceBase:
map_merge:
- get_attr: [CeilometerServiceBase, role_data, config_settings]
- ceilometer::agent::compute::instance_discovery_method: {get_param: InstanceDiscoveryMethod}
+ - ceilometer_redis_password: {get_param: RedisPassword}
compute_namespace: true
service_config_settings:
get_attr: [CeilometerServiceBase, role_data, service_config_settings]
description: >
A list of publishers to put in event_pipeline.yaml. When the
collector is used, override this with notifier:// publisher.
+ If zaqar is enabled, you can also publish to a zaqar queue
+ by including "zaqar://?queue=queue_name" in this list.
Set ManageEventPipeline to true for override to take effect.
type: comma_delimited_list
ManagePipeline:
type: string
hidden: true
SwiftPassword:
- description: The password for the swift service account, used by the Ceph RGW services.
+ description: The password for the swift service account
type: string
hidden: true
KeystoneRegion:
CinderDellPsSanPassword:
type: string
hidden: true
+ CinderDellPsSanPrivateKey:
+ type: string
+ default: ''
CinderDellPsSanThinProvision:
type: boolean
default: true
cinder::backend::eqlx::san_ip: {get_param: CinderDellPsSanIp}
cinder::backend::eqlx::san_login: {get_param: CinderDellPsSanLogin}
cinder::backend::eqlx::san_password: {get_param: CinderDellPsSanPassword}
+ cinder::backend::eqlx::san_private_key: {get_param: CinderDellPsSanPrivateKey}
cinder::backend::eqlx::san_thin_provision: {get_param: CinderDellPsSanThinProvision}
cinder::backend::eqlx::eqlx_group_name: {get_param: CinderDellPsGroupname}
cinder::backend::eqlx::eqlx_pool: {get_param: CinderDellPsPool}
description: Whether to use Galera instead of regular MariaDB.
type: boolean
NovaPassword:
- description: The password for the nova db account
+ description: The password for the nova service and db account
type: string
hidden: true
EnableInternalTLS:
parameters:
RedisPassword:
- description: The password for Redis
+ description: The password for the redis service account.
type: string
hidden: true
RedisFDLimit:
tags: step3
yum: name=redis state=latest
when: redis_enabled.rc != 0
+ - name: Start redis service
+ tags: step4
+ service: name=redis state=started
type: string
default: 'service'
SwiftPassword:
- description: The password for the swift service account, used by the swift proxy services.
+ description: The password for the swift service account
type: string
hidden: true
KeystoneRegion:
description: Mapping of service endpoint -> protocol. Typically set
via parameter_defaults in the resource registry.
type: json
+ HAProxyInternalTLSCertsDirectory:
+ default: '/etc/pki/tls/certs/haproxy'
+ type: string
+ HAProxyInternalTLSKeysDirectory:
+ default: '/etc/pki/tls/private/haproxy'
+ type: string
resources:
config_settings:
generate_service_certificates: true
tripleo::haproxy::use_internal_certificates: true
+ tripleo::certmonger::haproxy_dirs::certificate_dir:
+ get_param: HAProxyInternalTLSCertsDirectory
+ tripleo::certmonger::haproxy_dirs::key_dir:
+ get_param: HAProxyInternalTLSKeysDirectory
certificates_specs:
map_merge:
repeat:
template:
haproxy-NETWORK:
- service_pem: '/etc/pki/tls/certs/overcloud-haproxy-NETWORK.pem'
- service_certificate: '/etc/pki/tls/certs/overcloud-haproxy-NETWORK.crt'
- service_key: '/etc/pki/tls/private/overcloud-haproxy-NETWORK.key'
+ service_pem:
+ list_join:
+ - ''
+ - - {get_param: HAProxyInternalTLSCertsDirectory}
+ - '/overcloud-haproxy-NETWORK.pem'
+ service_certificate:
+ list_join:
+ - ''
+ - - {get_param: HAProxyInternalTLSCertsDirectory}
+ - '/overcloud-haproxy-NETWORK.crt'
+ service_key:
+ list_join:
+ - ''
+ - - {get_param: HAProxyInternalTLSKeysDirectory}
+ - '/overcloud-haproxy-NETWORK.key'
hostname: "%{hiera('cloud_name_NETWORK')}"
postsave_cmd: "" # TODO
principal: "haproxy/%{hiera('cloud_name_NETWORK')}"
description: Mapping of service endpoint -> protocol. Typically set
via parameter_defaults in the resource registry.
type: json
+ HAProxyInternalTLSCertsDirectory:
+ default: '/etc/pki/tls/certs/haproxy'
+ type: string
+ HAProxyInternalTLSKeysDirectory:
+ default: '/etc/pki/tls/private/haproxy'
+ type: string
outputs:
role_data:
service_name: haproxy_public_tls_certmonger
config_settings:
generate_service_certificates: true
- tripleo::haproxy::service_certificate: '/etc/pki/tls/certs/overcloud-haproxy-external.pem'
+ tripleo::haproxy::service_certificate:
+ list_join:
+ - ''
+ - - {get_param: HAProxyInternalTLSCertsDirectory}
+ - '/overcloud-haproxy-external.pem'
+ tripleo::certmonger::haproxy_dirs::certificate_dir:
+ get_param: HAProxyInternalTLSCertsDirectory
+ tripleo::certmonger::haproxy_dirs::key_dir:
+ get_param: HAProxyInternalTLSKeysDirectory
certificates_specs:
haproxy-external:
- service_pem: '/etc/pki/tls/certs/overcloud-haproxy-external.pem'
- service_certificate: '/etc/pki/tls/certs/overcloud-haproxy-external.crt'
- service_key: '/etc/pki/tls/private/overcloud-haproxy-external.key'
+ service_pem:
+ list_join:
+ - ''
+ - - {get_param: HAProxyInternalTLSCertsDirectory}
+ - '/overcloud-haproxy-external.pem'
+ service_certificate:
+ list_join:
+ - ''
+ - - {get_param: HAProxyInternalTLSCertsDirectory}
+ - '/overcloud-haproxy-external.crt'
+ service_key:
+ list_join:
+ - ''
+ - - {get_param: HAProxyInternalTLSKeysDirectory}
+ - '/overcloud-haproxy-external.key'
hostname: "%{hiera('cloud_name_external')}"
postsave_cmd: "" # TODO
principal: "haproxy/%{hiera('cloud_name_external')}"
description: Whether or not to enable the HAProxy stats interface.
type: boolean
RedisPassword:
- description: The password for Redis
+ description: The password for the redis service account.
type: string
hidden: true
MonitoringSubscriptionHaproxy:
when: heat_api_cfn_apache.rc == 0
- name: Stop and disable heat_api_cfn service (pre-upgrade not under httpd)
tags: step1
- when: heat_api_cfn_apache.rc == 0
+ when: heat_api_cfn_enabled.rc == 0
service: name=openstack-heat-api-cfn state=stopped enabled=no
description: Role data for iscsid
value:
service_name: iscsid
- config_setting: {}
+ config_settings: {}
step_config: |
include ::tripleo::profile::base::iscsid
Cron to purge expired tokens - Week Day
default: '*'
KeystoneCronTokenFlushMaxDelay:
- type: string
+ type: number
description: >
Cron to purge expired tokens - Max Delay
- default: '0'
+ default: 0
KeystoneCronTokenFlushDestination:
type: string
description: >
type: json
NovaPassword:
type: string
- description: The password for the nova service and db account, used by nova-api.
+ description: The password for the nova service and db account
hidden: true
NeutronPassword:
description: The password for the neutron service and db account, used by neutron agents.
via parameter_defaults in the resource registry.
type: json
AdminPassword:
- description: Keystone admin user password
+ description: The password for the keystone admin account, used for monitoring, querying neutron etc.
type: string
+ hidden: true
KeystoneRegion:
default: 'regionOne'
description: Keystone region for endpoint
description: Mapping of service endpoint -> protocol. Typically set
via parameter_defaults in the resource registry.
type: json
+ ContrailAnalyticsCollectorHttp:
+ default: 8089
+ description: Contrail Analytics Collector http port
+ type: number
+ ContrailAnalyticsCollectorSandesh:
+ default: 8086
+ description: Contrail Analytics Collector sandesh port
+ type: number
+ ContrailAnalyticsHttp:
+ default: 8090
+ description: Contrail Analytics http port
+ type: number
+ ContrailAnalyticsRedis:
+ default: 6379
+ description: Contrail Analytics redis port
+ type: number
+ ContrailAnalyticsApi:
+ default: 8081
+ description: Contrail Analytics Api port
+ type: number
resources:
ContrailBase:
ServiceData: {get_param: ServiceData}
ServiceNetMap: {get_param: ServiceNetMap}
DefaultPasswords: {get_param: DefaultPasswords}
- EndpointMap: {get_param: EndpointMap}
RoleName: {get_param: RoleName}
RoleParameters: {get_param: RoleParameters}
config_settings:
map_merge:
- get_attr: [ContrailBase, role_data, config_settings]
- - contrail::analytics::collector_http_server_port: {get_param: [EndpointMap, ContrailAnalyticsCollectorHttpInternal, port]}
- contrail::analytics::collector_sandesh_port: {get_param: [EndpointMap, ContrailAnalyticsCollectorSandeshInternal, port]}
+ - contrail::analytics::collector_http_server_port: {get_param: ContrailAnalyticsCollectorHttp}
+ contrail::analytics::collector_sandesh_port: {get_param: ContrailAnalyticsCollectorSandesh}
contrail::analytics::host_ip: {get_param: [ServiceNetMap, ContrailAnalyticsNetwork]}
- contrail::analytics::http_server_port: {get_param: [EndpointMap, ContrailAnalyticsHttpInternal, port]}
+ contrail::analytics::http_server_port: {get_param: ContrailAnalyticsHttp}
contrail::analytics::listen_ip_address: {get_param: [ServiceNetMap, ContrailAnalyticsNetwork]}
contrail::analytics::redis_server: '127.0.0.1'
- contrail::analytics::redis_server_port: {get_param: [EndpointMap, ContrailAnalyticsRedisInternal, port]}
+ contrail::analytics::redis_server_port: {get_param: ContrailAnalyticsRedis}
contrail::analytics::rest_api_ip: {get_param: [ServiceNetMap, ContrailAnalyticsNetwork]}
- contrail::analytics::rest_api_port: {get_param: [EndpointMap, ContrailAnalyticsApiInternal, port]}
+ contrail::analytics::rest_api_port: {get_param: ContrailAnalyticsApi}
step_config: |
include ::tripleo::network::contrail::analytics
description: Mapping of service endpoint -> protocol. Typically set
via parameter_defaults in the resource registry.
type: json
- ContrailAAAMode:
+ AAAMode:
description: AAAmode can be no-auth, cloud-admin or rbac
type: string
default: 'rbac'
- ContrailAAAModeAnalytics:
+ AAAModeAnalytics:
description: AAAmode for analytics can be no-auth, cloud-admin or rbac
type: string
default: 'no-auth'
AdminPassword:
- description: Keystone admin user password
+ description: The password for the keystone admin account, used for monitoring, querying neutron etc.
type: string
hidden: true
AdminTenantName:
type: string
default: 'admin'
AdminToken:
- description: Keystone admin token
+ description: The keystone auth secret and db password.
type: string
hidden: true
AdminUser:
description: Keystone admin user name
type: string
default: 'admin'
- AuthPortSSL:
- default: 13357
- description: Keystone SSL port
- type: number
- AuthPortSSLPublic:
- default: 13000
- description: Keystone Public SSL port
- type: number
ContrailAuth:
default: 'keystone'
description: Keystone authentication method
type: string
+ ContrailAnalyticsVIP:
+ default: ''
+ description: Contrail Analytics Api Virtual IP address
+ type: string
+ ContrailConfigPort:
+ default: 8082
+ description: Contrail Config Api port
+ type: number
+ ContrailConfigVIP:
+ default: ''
+ description: Contrail Config Virtual IP address
+ type: string
+ ContrailDiscoveryPort:
+ default: 5998
+ description: Contrail Config Api port
+ type: number
ContrailInsecure:
default: false
description: Keystone insecure mode
default: '127.0.0.1:12111'
description: Memcached server
type: string
+ ContrailVIP:
+ default: ''
+ description: Contrail VIP
+ type: string
+ ContrailWebuiVIP:
+ default: ''
+ description: Contrail Webui Virtual IP address
+ type: string
RabbitPassword:
description: The password for RabbitMQ
type: string
description: Set rabbit subscriber port, change this if using SSL
type: number
+conditions:
+ contrail_config_vip_unset: {equals : [{get_param: ContrailConfigVIP}, '']}
+ contrail_analytics_vip_unset: {equals : [{get_param: ContrailAnalyticsVIP}, '']}
+ contrail_webui_vip_unset: {equals : [{get_param: ContrailWebuiVIP}, '']}
+
outputs:
role_data:
description: Shared role data for the Contrail services.
value:
service_name: contrail_base
config_settings:
- contrail::aaa_mode: {get_param: ContrailAAAMode}
- contrail::analytics_aaa_mode: {get_param: ContrailAAAModeAnalytics}
- contrail::admin_password: {get_param: AdminPassword}
- contrail::admin_tenant_name: {get_param: AdminTenantName}
- contrail::admin_token: {get_param: AdminToken}
- contrail::admin_user: {get_param: AdminUser}
- contrail::auth: {get_param: ContrailAuth}
- contrail::auth_host: {get_param: [EndpointMap, KeystonePublic, host] }
- contrail::auth_port: {get_param: [EndpointMap, KeystoneAdmin, port] }
- contrail::auth_port_ssl: {get_param: AuthPortSSL }
- contrail::auth_port_public: {get_param: [EndpointMap, KeystonePublic, port] }
- contrail::auth_port_ssl_public: {get_param: AuthPortSSLPublic }
- contrail::auth_protocol: {get_param: [EndpointMap, KeystoneInternal, protocol] }
- contrail::api_port: {get_param: [EndpointMap, ContrailConfigInternal, port] }
- contrail::disc_server_port: {get_param: [EndpointMap, ContrailDiscoveryInternal, port] }
- contrail::insecure: {get_param: ContrailInsecure}
- contrail::memcached_server: {get_param: ContrailMemcachedServer}
- contrail::rabbit_password: {get_param: RabbitPassword}
- contrail::rabbit_user: {get_param: RabbitUserName}
- contrail::rabbit_port: {get_param: RabbitClientPort}
+ map_merge:
+ - contrail::aaa_mode: {get_param: AAAMode}
+ contrail::analytics_aaa_mode: {get_param: AAAModeAnalytics}
+ contrail::admin_password: {get_param: AdminPassword}
+ contrail::admin_tenant_name: {get_param: AdminTenantName}
+ contrail::admin_token: {get_param: AdminToken}
+ contrail::admin_user: {get_param: AdminUser}
+ contrail::auth: {get_param: ContrailAuth}
+ contrail::auth_host: {get_param: [EndpointMap, KeystoneAdmin, host] }
+ contrail::auth_port: {get_param: [EndpointMap, KeystoneAdmin, port] }
+ contrail::auth_port_public: {get_param: [EndpointMap, KeystonePublic, port] }
+ contrail::auth_protocol: {get_param: [EndpointMap, KeystonePublic, protocol] }
+ contrail::api_port: {get_param: ContrailConfigPort }
+ contrail::disc_server_port: {get_param: ContrailDiscoveryPort }
+ contrail::insecure: {get_param: ContrailInsecure}
+ contrail::memcached_server: {get_param: ContrailMemcachedServer}
+ contrail::rabbit_password: {get_param: RabbitPassword}
+ contrail::rabbit_user: {get_param: RabbitUserName}
+ contrail::rabbit_port: {get_param: RabbitClientPort}
+ contrail::vip: {get_param: ContrailVIP}
+ -
+ if:
+ - contrail_config_vip_unset
+ - {}
+ - contrail_config_vip: {get_param: ContrailConfigVIP}
+ -
+ if:
+ - contrail_webui_vip_unset
+ - {}
+ - contrail_webui_vip: {get_param: ContrailWebuiVIP}
+ -
+ if:
+ - contrail_analytics_vip_unset
+ - {}
+ - contrail_analytics_vip: {get_param: ContrailAnalyticsVIP}
description: Ifmap user password
type: string
default: 'api-server'
+ ContrailConfigPort:
+ default: 8082
+ description: Contrail Config Api port
+ type: number
resources:
ContrailBase:
- contrail::config::ifmap_password: {get_param: ContrailConfigIfmapUserPassword}
contrail::config::ifmap_username: {get_param: ContrailConfigIfmapUserName}
contrail::config::listen_ip_address: {get_param: [ServiceNetMap, ContrailConfigNetwork]}
- contrail::config::listen_port: {get_param: [EndpointMap, ContrailConfigInternal, port] }
+ contrail::config::listen_port: {get_param: ContrailConfigPort}
contrail::config::redis_server: '127.0.0.1'
- contrail::config::host_ip: {get_param: [ServiceNetMap, ContrailConfigNetwork] }
+ contrail::config::host_ip: {get_param: [ServiceNetMap, ContrailConfigNetwork]}
step_config: |
include ::tripleo::network::contrail::config
description: sda1/256 hmac key, e.g. echo -n "values" | openssl dgst -sha256 -hmac key -binary | base64
type: string
hidden: true
+ ContrailControlManageNamed:
+ description: named config file mgmt
+ type: string
+ default: true
resources:
ContrailBase:
- contrail::control::asn: {get_param: ContrailControlASN }
contrail::control::host_ip: {get_param: [ServiceNetMap, ContrailControlNetwork]}
contrail::control::rndc_secret: {get_param: ContrailControlRNDCSecret}
+ contrail::control::manage_named: {get_param: ContrailControlManageNamed}
step_config: |
include ::tripleo::network::contrail::control
--- /dev/null
+heat_template_version: pike
+
+description: >
+ OpenStack Neutron Compute OpenContrail plugin
+
+parameters:
+ ServiceData:
+ default: {}
+ description: Dictionary packing service data
+ type: json
+ ServiceNetMap:
+ default: {}
+ description: Mapping of service_name -> network name. Typically set
+ via parameter_defaults in the resource registry. This
+ mapping overrides those in ServiceNetMapDefaults.
+ type: json
+ DefaultPasswords:
+ default: {}
+ type: json
+ RoleName:
+ default: ''
+ description: Role name on which the service is applied
+ type: string
+ RoleParameters:
+ default: {}
+ description: Parameters specific to the role
+ type: json
+ EndpointMap:
+ default: {}
+ description: Mapping of service endpoint -> protocol. Typically set
+ via parameter_defaults in the resource registry.
+ type: json
+ NeutronMetadataProxySharedSecret:
+ description: Shared secret to prevent spoofing
+ type: string
+ hidden: true
+ ContrailVrouterPhysicalInterface:
+ default: 'eth0'
+ description: vRouter physical interface
+ type: string
+ ContrailVrouterGateway:
+ default: '192.168.24.1'
+ description: vRouter default gateway
+ type: string
+ ContrailVrouterNetmask:
+ default: '255.255.255.0'
+ description: vRouter netmask
+ type: string
+
+resources:
+ ContrailBase:
+ type: ./contrail-base.yaml
+ properties:
+ ServiceData: {get_param: ServiceData}
+ ServiceNetMap: {get_param: ServiceNetMap}
+ DefaultPasswords: {get_param: DefaultPasswords}
+ EndpointMap: {get_param: EndpointMap}
+ RoleName: {get_param: RoleName}
+ RoleParameters: {get_param: RoleParameters}
+
+outputs:
+ role_data:
+ description: Role data for the Neutron Compute OpenContrail plugin
+ value:
+ service_name: contrail_dpdk
+ config_settings:
+ map_merge:
+ - get_attr: [ContrailBase, role_data, config_settings]
+ - contrail::vrouter::host_ip: {get_param: [ServiceNetMap, ContrailVrouterNetwork]}
+ contrail::vrouter::is_dpdk: 'true'
+ contrail::vrouter::physical_interface: {get_param: ContrailVrouterPhysicalInterface}
+ contrail::vrouter::gateway: {get_param: ContrailVrouterGateway}
+ contrail::vrouter::netmask: {get_param: ContrailVrouterNetmask}
+ contrail::vrouter::metadata_proxy_shared_secret: {get_param: NeutronMetadataProxySharedSecret}
+ tripleo.neutron_compute_plugin_opencontrail.firewall_rules:
+ '111 neutron_compute_plugin_opencontrail proxy':
+ dport:
+ - 8097
+ - 8085
+ proto: tcp
+ step_config: |
+ include ::tripleo::network::contrail::vrouter
ContrailExtensions:
description: List of OpenContrail extensions to be enabled
type: comma_delimited_list
- default: ''
+ default: 'ipam:neutron_plugin_contrail.plugins.opencontrail.contrail_plugin_ipam.NeutronPluginContrailIpam,policy:neutron_plugin_contrail.plugins.opencontrail.contrail_plugin_policy.NeutronPluginContrailPolicy,route-table:neutron_plugin_contrail.plugins.opencontrail.contrail_plugin_vpc.NeutronPluginContrailVpc,contrail:None'
resources:
ContrailBase:
config_settings:
map_merge:
- get_attr: [ContrailBase, role_data, config_settings]
- - neutron::api_extensions_path: /usr/lib/python2.7/site-packages/neutron_plugin_contrail/extensions
+ - neutron::api_extensions_path: '/usr/lib/python2.7/site-packages/neutron_plugin_contrail/extensions:/usr/lib/python2.7/site-packages/neutron_lbaas/extensions'
contrail::vrouter::contrail_extensions: {get_param: ContrailExtensions}
step_config: |
include tripleo::network::contrail::neutron_plugin
via parameter_defaults in the resource registry.
type: json
NeutronMetadataProxySharedSecret:
- description: Metadata Secret
+ description: Shared secret to prevent spoofing
type: string
- VrouterPhysicalInterface:
+ hidden: true
+ ContrailVrouterPhysicalInterface:
default: 'eth0'
description: vRouter physical interface
type: string
- VrouterGateway:
+ ContrailVrouterGateway:
default: '192.168.24.1'
description: vRouter default gateway
type: string
- VrouterNetmask:
+ ContrailVrouterNetmask:
default: '255.255.255.0'
description: vRouter netmask
type: string
config_settings:
map_merge:
- get_attr: [ContrailBase, role_data, config_settings]
- - contrail::vrouter::host_ip: {get_param: [ServiceNetMap, NeutronCorePluginOpencontrailNetwork]}
- contrail::vrouter::physical_interface: {get_param: VrouterPhysicalInterface}
- contrail::vrouter::gateway: {get_param: VrouterGateway}
- contrail::vrouter::netmask: {get_param: VrouterNetmask}
+ - contrail::vrouter::host_ip: {get_param: [ServiceNetMap, ContrailVrouterNetwork]}
+ contrail::vrouter::physical_interface: {get_param: ContrailVrouterPhysicalInterface}
+ contrail::vrouter::gateway: {get_param: ContrailVrouterGateway}
+ contrail::vrouter::netmask: {get_param: ContrailVrouterNetmask}
contrail::vrouter::metadata_proxy_shared_secret: {get_param: NeutronMetadataProxySharedSecret}
contrail::vrouter::is_tsn: 'true'
tripleo.neutron_compute_plugin_opencontrail.firewall_rules:
via parameter_defaults in the resource registry.
type: json
NeutronMetadataProxySharedSecret:
- description: Metadata Secret
+ description: Shared secret to prevent spoofing
type: string
hidden: true
ContrailVrouterPhysicalInterface:
default: '255.255.255.0'
description: vRouter netmask
type: string
+ ContrailVrouterControlNodeIps:
+ description: List of Contrail Node IPs
+ type: comma_delimited_list
+ default: ''
resources:
ContrailBase:
config_settings:
map_merge:
- get_attr: [ContrailBase, role_data, config_settings]
- - contrail::vrouter::host_ip: {get_param: [ServiceNetMap, NeutronCorePluginOpencontrailNetwork]}
+ - contrail::vrouter::host_ip: {get_param: [ServiceNetMap, ContrailVrouterNetwork]}
contrail::vrouter::physical_interface: {get_param: ContrailVrouterPhysicalInterface}
contrail::vrouter::gateway: {get_param: ContrailVrouterGateway}
contrail::vrouter::netmask: {get_param: ContrailVrouterNetmask}
contrail::vrouter::metadata_proxy_shared_secret: {get_param: NeutronMetadataProxySharedSecret}
- tripleo.neutron_compute_plugin_opencontrail.firewall_rules:
- '111 neutron_compute_plugin_opencontrail proxy':
+ contrail::vrouter::control_node_ips: {get_param: ContrailVrouterControlNodeIps}
+ tripleo.contrail_vrouter.firewall_rules:
+ '111 contrail_vrouter_8085':
+ dport: 8085
+ '112 contrail_vrouter_8097':
dport: 8097
- proto: tcp
step_config: |
include ::tripleo::network::contrail::vrouter
description: Mapping of service endpoint -> protocol. Typically set
via parameter_defaults in the resource registry.
type: json
+ ContrailWebuiHttp:
+ default: 8080
+ description: Contrail Webui http port
+ type: number
+ ContrailWebuiHttps:
+ default: 8143
+ description: Contrail Webui https port
+ type: number
resources:
ContrailBase:
config_settings:
map_merge:
- get_attr: [ContrailBase, role_data, config_settings]
- - contrail::webui::http_port: {get_param: [EndpointMap, ContrailWebuiHttpInternal, port] }
- contrail::webui::https_port: {get_param: [EndpointMap, ContrailWebuiHttpsInternal, port] }
+ - contrail::webui::http_port: {get_param: ContrailWebuiHttp }
+ contrail::webui::https_port: {get_param: ContrailWebuiHttps }
contrail::webui::redis_ip: '127.0.0.1'
step_config: |
include ::tripleo::network::contrail::webui
description: Allow automatic l3-agent failover
type: string
NovaPassword:
- description: The password for the nova service and db account, used by nova-api.
+ description: The password for the nova service and db account
type: string
hidden: true
NeutronEnableDVR:
networks, neutron uses this value without modification. For overlay
networks such as VXLAN, neutron automatically subtracts the overlay
protocol overhead from this value.
+ NeutronDBSyncExtraParams:
+ default: ''
+ description: |
+ String of extra command line parameters to append to the neutron-db-manage
+ upgrade head command.
+ type: string
ServiceData:
default: {}
description: Dictionary packing service data
neutron::db::database_max_retries: -1
neutron::db::sync::db_sync_timeout: {get_param: DatabaseSyncTimeout}
neutron::global_physnet_mtu: {get_param: NeutronGlobalPhysnetMtu}
+ neutron::db::sync::extra_params: {get_param: NeutronDBSyncExtraParams}
- if:
- dhcp_agents_zero
- {}
via parameter_defaults in the resource registry.
type: json
NovaPassword:
- description: The password for the nova service account, used by nova-api.
+ description: The password for the nova service and db account
type: string
hidden: true
NuageMetadataPort:
type: json
NeutronEnableL2Pop:
type: string
- description: >
- Enable/disable the L2 population feature in the Neutron agents.
+ description: Enable/disable the L2 population feature in the Neutron agents.
default: "False"
NeutronBridgeMappings:
description: >
default: "datacentre:br-ex"
NeutronTunnelTypes:
default: 'vxlan'
- description: |
- The tunnel types for the Neutron tenant network.
+ description: The tunnel types for the Neutron tenant network.
type: comma_delimited_list
NeutronAgentExtensions:
default: "qos"
--- /dev/null
+heat_template_version: pike
+
+description: >
+ OpenStack Neutron ML2/Nuage plugin configured with Puppet
+
+parameters:
+ ServiceData:
+ default: {}
+ description: Dictionary packing service data
+ type: json
+ ServiceNetMap:
+ default: {}
+ description: Mapping of service_name -> network name. Typically set
+ via parameter_defaults in the resource registry. This
+ mapping overrides those in ServiceNetMapDefaults.
+ type: json
+ DefaultPasswords:
+ default: {}
+ type: json
+ RoleName:
+ default: ''
+ description: Role name on which the service is applied
+ type: string
+ RoleParameters:
+ default: {}
+ description: Parameters specific to the role
+ type: json
+ EndpointMap:
+ default: {}
+ description: Mapping of service endpoint -> protocol. Typically set
+ via parameter_defaults in the resource registry.
+ type: json
+ # Config specific parameters, to be provided via parameter_defaults
+ NeutronNuageNetPartitionName:
+ description: Specifies the title that you will see on the VSD
+ type: string
+ default: 'default_name'
+
+ NeutronNuageVSDIp:
+ description: IP address and port of the Virtual Services Directory
+ type: string
+
+ NeutronNuageVSDUsername:
+ description: Username to be used to log into VSD
+ type: string
+
+ NeutronNuageVSDPassword:
+ description: Password to be used to log into VSD
+ type: string
+
+ NeutronNuageVSDOrganization:
+ description: Organization parameter required to log into VSD
+ type: string
+ default: 'organization'
+
+ NeutronNuageBaseURIVersion:
+ description: URI version to be used based on the VSD release
+ type: string
+ default: 'default_uri_version'
+
+ NeutronNuageCMSId:
+ description: Cloud Management System ID (CMS ID) to distinguish between OS instances on the same VSD
+ type: string
+
+ UseForwardedFor:
+ description: Treat X-Forwarded-For as the canonical remote address. Only enable this if you have a sanitizing proxy.
+ type: boolean
+ default: false
+
+resources:
+
+ NeutronML2Base:
+ type: ./neutron-plugin-ml2.yaml
+ properties:
+ ServiceData: {get_param: ServiceData}
+ ServiceNetMap: {get_param: ServiceNetMap}
+ DefaultPasswords: {get_param: DefaultPasswords}
+ EndpointMap: {get_param: EndpointMap}
+ RoleName: {get_param: RoleName}
+ RoleParameters: {get_param: RoleParameters}
+
+outputs:
+ role_data:
+ description: Role data for the Neutron ML2/Nuage plugin
+ value:
+ service_name: neutron_plugin_ml2_nuage
+ config_settings:
+ map_merge:
+ - get_attr: [NeutronML2Base, role_data, config_settings]
+ - neutron::plugins::ml2::nuage::nuage_net_partition_name: {get_param: NeutronNuageNetPartitionName}
+ neutron::plugins::ml2::nuage::nuage_vsd_ip: {get_param: NeutronNuageVSDIp}
+ neutron::plugins::ml2::nuage::nuage_vsd_username: {get_param: NeutronNuageVSDUsername}
+ neutron::plugins::ml2::nuage::nuage_vsd_password: {get_param: NeutronNuageVSDPassword}
+ neutron::plugins::ml2::nuage::nuage_vsd_organization: {get_param: NeutronNuageVSDOrganization}
+ neutron::plugins::ml2::nuage::nuage_base_uri_version: {get_param: NeutronNuageBaseURIVersion}
+ neutron::plugins::ml2::nuage::nuage_cms_id: {get_param: NeutronNuageCMSId}
+ nova::api::use_forwarded_for: {get_param: UseForwardedFor}
+ step_config: |
+ include tripleo::profile::base::neutron::plugins::ml2
OpenDaylightPortBindingController:
description: OpenDaylight port binding controller
type: string
- default: 'network-topology'
+ default: 'pseudo-agentdb-binding'
resources:
default: 'vxlan'
description: The tenant network type for Neutron.
type: comma_delimited_list
+ NeutronFirewallDriver:
+ description: Firewall driver for realizing neutron security group function
+ type: string
+ default: 'openvswitch'
resources:
NeutronBase:
neutron::plugins::ml2::tunnel_id_ranges: {get_param: NeutronTunnelIdRanges}
neutron::plugins::ml2::vni_ranges: {get_param: NeutronVniRanges}
neutron::plugins::ml2::tenant_network_types: {get_param: NeutronNetworkType}
+ neutron::plugins::ml2::firewall_driver: {get_param: NeutronFirewallDriver}
step_config: |
include ::tripleo::profile::base::neutron::plugins::ml2
description: Number of workers for Nova services.
type: number
NovaPassword:
- description: The password for the nova service and db account, used by nova-api.
+ description: The password for the nova service and db account
type: string
hidden: true
KeystoneRegion:
constraints:
- allowed_values: [ 'messagingv2', 'noop' ]
NovaPassword:
- description: The password for the nova service and db account, used by nova-api.
+ description: The password for the nova service and db account
type: string
hidden: true
NeutronPassword:
UpgradeLevelNovaCompute:
type: string
description: Nova Compute upgrade level
- default: auto
+ default: ''
MigrationSshKey:
type: json
description: >
UpgradeLevelNovaCompute:
type: string
description: Nova Compute upgrade level
- default: auto
+ default: ''
conditions:
nova_workers_zero: {equals : [{get_param: NovaWorkers}, 0]}
description: Number of workers for Nova services.
type: number
NovaPassword:
- description: The password for the nova service and db account, used by nova-placement.
+ description: The password for the nova service and db account
type: string
hidden: true
KeystoneRegion:
Required for VLAN deployments. For example physnet1 -> eth1.
type: comma_delimited_list
default: "datacentre:br-ex"
+ HostAllowedNetworkTypes:
+ description: Allowed tenant network types for this OVS host. Note this can
+ vary per host or role to constrain which hosts nova instances
+ and networks are scheduled to.
+ type: comma_delimited_list
+ default: ['local', 'vlan', 'vxlan', 'gre']
+ OvsEnableDpdk:
+ description: Whether or not to configure enable DPDK in OVS
+ default: false
+ type: boolean
+ OvsVhostuserMode:
+ description: Specify the mode for OVS with vhostuser port creation. In
+ client mode, the hypervisor will be responsible for creating
+ vhostuser sockets. In server mode, OVS will create them.
+ type: string
+ default: "client"
+ constraints:
+ - allowed_values: [ 'client', 'server' ]
+ VhostuserSocketDir:
+ description: Specify the directory to use for vhostuser sockets
+ type: string
+ default: "/var/run/openvswitch"
EndpointMap:
default: {}
description: Mapping of service endpoint -> protocol. Typically set
RoleName: {get_param: RoleName}
RoleParameters: {get_param: RoleParameters}
+ # Merging role-specific parameters (RoleParameters) with the default parameters.
+ # RoleParameters will have the precedence over the default parameters.
+ RoleParametersValue:
+ type: OS::Heat::Value
+ properties:
+ type: json
+ value:
+ map_replace:
+ - map_replace:
+ - neutron::plugins::ovs::opendaylight::allowed_network_types: HostAllowedNetworkTypes
+ neutron::plugins::ovs::opendaylight::enable_dpdk: OvsEnableDpdk
+ neutron::plugins::ovs::opendaylight::vhostuser_socket_dir: VhostuserSocketDir
+ neutron::plugins::ovs::opendaylight::vhostuser_mode: OvsVhostuserMode
+ neutron::plugins::ovs::opendaylight::provider_mappings: OpenDaylightProviderMappings
+ - values: {get_param: [RoleParameters]}
+ - values:
+ HostAllowedNetworkTypes: {get_param: HostAllowedNetworkTypes}
+ OvsEnableDpdk: {get_param: OvsEnableDpdk}
+ VhostuserSocketDir: {get_param: VhostuserSocketDir}
+ OvsVhostuserMode: {get_param: OvsVhostuserMode}
+ OpenDaylightProviderMappings: {get_param: OpenDaylightProviderMappings}
+
outputs:
role_data:
description: Role data for the OpenDaylight service.
opendaylight_check_url: {get_param: OpenDaylightCheckURL}
opendaylight::nb_connection_protocol: {get_param: OpenDaylightConnectionProtocol}
neutron::agents::ml2::ovs::local_ip: {get_param: [ServiceNetMap, NeutronTenantNetwork]}
- neutron::plugins::ovs::opendaylight::provider_mappings: {get_param: OpenDaylightProviderMappings}
tripleo.opendaylight_ovs.firewall_rules:
'118 neutron vxlan networks':
proto: 'udp'
'136 neutron gre networks':
proto: 'gre'
- get_attr: [Ovs, role_data, config_settings]
+ - get_attr: [RoleParametersValue, value]
step_config: |
include tripleo::profile::base::neutron::plugins::ovs::opendaylight
upgrade_tasks:
heat_template_version: pike
description: >
- OpenStack Neutron Compute OVN agent
+ OpenStack OVN Controller agent
parameters:
EndpointMap:
bridge on hosts - to a physical name 'datacentre' which can be used
to create provider networks (and we use this for the default floating
network) - if changing this either use different post-install network
- scripts or be sure to keep 'datacentre' as a mapping network name
+ scripts or be sure to keep 'datacentre' as a mapping network name.
type: comma_delimited_list
default: "datacentre:br-ex"
outputs:
role_data:
- description: Role data for the Neutron Compute OVN agent
+ description: Role data for the OVN Controller agent
value:
- service_name: neutron_compute_plugin_ovn
+ service_name: ovn_controller
config_settings:
ovn::southbound::port: {get_param: OVNSouthboundServerPort}
ovn::controller::ovn_encap_type: {get_param: OVNTunnelEncapType}
ovn::controller::ovn_encap_ip: {get_param: [ServiceNetMap, NeutronApiNetwork]}
ovn::controller::ovn_bridge_mappings: {get_param: NeutronBridgeMappings}
nova::compute::force_config_drive: true
- tripleo.neutron_compute_plugin_ovn.firewall_rules:
+ tripleo.ovn_controller.firewall_rules:
'118 neutron vxlan networks':
proto: 'udp'
dport: 4789
dport: 6081
step_config: |
include ::tripleo::profile::base::neutron::agents::ovn
+ upgrade_tasks:
+ - name: Check if ovn_controller is deployed
+ command: systemctl is-enabled ovn-controller
+ tags: common
+ ignore_errors: True
+ register: ovn_controller_enabled
+ - name: "PreUpgrade step0,validation: Check service ovn-controller is running"
+ shell: /usr/bin/systemctl show 'ovn-controller' --property ActiveState | grep '\bactive\b'
+ when: ovn_controller_enabled.rc == 0
+ tags: step0,validation
+ - name: Stop ovn-controller service
+ tags: step1
+ when: ovn_controller_enabled.rc == 0
+ service: name=ovn-controller state=stopped
- {get_param: OVNSouthboundServerPort}
step_config: |
include ::tripleo::profile::base::neutron::ovn_northd
+ upgrade_tasks:
+ - name: Check if ovn_northd is deployed
+ command: systemctl is-enabled ovn-northd
+ tags: common
+ ignore_errors: True
+ register: ovn_northd_enabled
+ - name: "PreUpgrade step0,validation: Check service ovn-northd is running"
+ shell: /usr/bin/systemctl show 'ovn-northd' --property ActiveState | grep '\bactive\b'
+ when: ovn_northd_enabled.rc == 0
+ tags: step0,validation
+ - name: Stop ovn-northd service
+ tags: step1
+ when: ovn_northd_enabled.rc == 0
+ service: name=ovn-northd state=stopped
description: Set to True to enable debugging on all services.
type: string
SwiftPassword:
- description: The password for the swift service account, used by the swift proxy services.
+ description: The password for the swift service account
type: string
hidden: true
SwiftProxyNodeTimeout:
- openstack-swift-container-updater
- openstack-swift-container
- openstack-swift-object-auditor
+ - openstack-swift-object-expirer
- openstack-swift-object-replicator
- openstack-swift-object-updater
- openstack-swift-object
--- /dev/null
+heat_template_version: ocata
+
+description: >
+ Configure tuned
+
+parameters:
+ ServiceData:
+ default: {}
+ description: Dictionary packing service data
+ type: json
+ ServiceNetMap:
+ default: {}
+ description: Mapping of service_name -> network name. Typically set
+ via parameter_defaults in the resource registry. This
+ mapping overrides those in ServiceNetMapDefaults.
+ type: json
+ DefaultPasswords:
+ default: {}
+ type: json
+ EndpointMap:
+ default: {}
+ description: Mapping of service endpoint -> protocol. Typically set
+ via parameter_defaults in the resource registry.
+ type: json
+ RoleName:
+ default: ''
+ description: Role name on which the service is applied
+ type: string
+ RoleParameters:
+ default: {}
+ description: Parameters specific to the role
+ type: json
+ TunedProfileName:
+ default: ''
+ description: Tuned Profile to apply to the host
+ type: string
+
+outputs:
+ role_data:
+ description: Role data for tuned
+ value:
+ service_name: tuned
+ config_settings:
+ map_replace:
+ - map_replace:
+ - tripleo::profile::base::tuned::profile: TunedProfileName
+ - values: {get_param: RoleParameters}
+ - values: {'TunedProfileName': {get_param: TunedProfileName}}
+ step_config: |
+ include ::tripleo::profile::base::tuned
parameters:
VrtsRabbitPassword:
type: string
- default: ''
+ description: The Rabbitmq password of the hyperscale user. Mandatory.
VrtsKeystonePassword:
type: string
- default: ''
+ description: The Keystone password of the hyperscale service. Mandatory.
VrtsMysqlPassword:
+ type: string
+ description: The MySQL password of the hyperscale user. Mandatory.
+ VrtsCtrlMgmtIP:
+ type: string
+ default: ''
+ description: The management IP of HyperScale. The value will be inferred
+ from the rest of the deployment settings if left blank.
+ VrtsDashboardIP:
+ type: string
+ default: ''
+ description: The dashboard IP of HyperScale. The value will be inferred
+ from the rest of the deployment settings if left blank.
+ VrtsZookeeperIP:
+ type: string
+ description: The IP of a node where Zookeeper is configured. Mandatory.
+ VrtsSSHPassword:
+ type: string
+ description: The SSH password of the hyperscale user. Mandatory.
+ VrtsConfigParam1:
+ type: string
+ default: ''
+ description: Additional config parameter. Optional.
+ VrtsConfigParam2:
+ type: string
+ default: ''
+ description: Additional config parameter. Optional.
+ VrtsConfigParam3:
type: string
default: ''
+ description: Additional config parameter. Optional.
ServiceData:
default: {}
description: Dictionary packing service data
value:
service_name: veritas_hyperscale_controller
config_settings:
+ global_config_settings:
+ vrts_ctrl_mgmt_ip: {get_param: VrtsCtrlMgmtIP}
+ vrts_dashboard_ip: {get_param: VrtsDashboardIP}
+ vrts_zookeeper_ip: {get_param: VrtsZookeeperIP}
+ vrts_ssh_passwd: {get_param: VrtsSSHPassword}
+ vrts_config_param1: {get_param: VrtsConfigParam1}
+ vrts_config_param2: {get_param: VrtsConfigParam2}
+ vrts_config_param3: {get_param: VrtsConfigParam3}
step_config: |
include ::veritas_hyperscale::controller_pkg_inst
service_config_settings:
- {get_param: ZaqarDebug }
zaqar::server::service_name: 'httpd'
zaqar::transport::websocket::bind: {get_param: [EndpointMap, ZaqarInternal, host]}
- zaqar::wsgi::apache::ssl: false
+ zaqar::wsgi::apache::ssl: {get_param: EnableInternalTLS}
zaqar::wsgi::apache::bind_host: {get_param: [ServiceNetMap, ZaqarApiNetwork]}
zaqar::message_pipeline: 'zaqar.notification.notifier'
zaqar::unreliable: true
- {}
step_config: |
include ::tripleo::profile::base::zaqar
+ metadata_settings:
+ get_attr: [ApacheServiceBase, role_data, metadata_settings]
upgrade_tasks:
yaql:
expression: $.data.apache_upgrade + $.data.zaqar_upgrade
--- /dev/null
+---
+features:
+ - Adds new environment file for deploying SRIOV
+ with OpenDaylight.
--- /dev/null
+---
+prelude: >
+ Deployment of Ceph in containers is implemented using a Mistral workflow.
+other:
+ - |
+ It is possible to deploy Ceph in docker containers in the overcloud. This
+ is implemented by triggering `ceph-ansible` via a Mistral workflow. A new
+ `CephAnsibleExtraConfig` parameter has been added to the templates and can
+ be used to provide arbitrary config variables consumed by `ceph-ansible`.
+ The pre-existing template params consumed by the TripleO Pike release to
+ drive `puppet-ceph` continue to work and are translated, when possible, into
+ their equivalent `ceph-ansible` variable. To enable the deployment of Ceph
+ in containers use `environments/ceph-ansible/ceph-ansible.yaml` when
+ deploying the overcloud.
\ No newline at end of file
--- /dev/null
+---
+features:
+ - |
+ This patch enables the configuration of Contrail DPDK on the Compute nodes
+ by specifying the required parameters in an environment file.
+fixes:
+ - |
+ The patch moves the Contrail control plane communication from the public
+ network to the internal_api network.
--- /dev/null
+---
+fixes:
+ - Setting the port-binding to be pseudo-agentdb-binding.
+ Networking-odl no longer supports network-topology
+features:
+ - Enables per role configuration of per host
+ configuration which allows an operator to dedicate
+ different compute roles to different network or
+ port types in OpenDaylight deployments.
--- /dev/null
+---
+features:
+ - Added support for DPDK with OvS2.7, which requires huge page
+ configuration (with reboot) to be available before enabling DPDK.
+
--- /dev/null
+---
+features:
+ - Added new parameter san_private_key to configure SSH Private Key
+ for the PS Series cinder backend
--- /dev/null
+---
+features:
+ - Allows the user to set the tuned profile on a given
+ host. Defaults to throughput-performance.
- OS::TripleO::Services::Timezone
- OS::TripleO::Services::TripleoFirewall
- OS::TripleO::Services::TripleoPackages
+ - OS::TripleO::Services::Tuned
- OS::TripleO::Services::Timezone
- OS::TripleO::Services::TripleoFirewall
- OS::TripleO::Services::TripleoPackages
+ - OS::TripleO::Services::Tuned
- OS::TripleO::Services::Timezone
- OS::TripleO::Services::TripleoFirewall
- OS::TripleO::Services::TripleoPackages
+ - OS::TripleO::Services::Tuned
- OS::TripleO::Services::Vpp
+ - OS::TripleO::Services::OVNController
- OS::TripleO::Services::Timezone
- OS::TripleO::Services::TripleoFirewall
- OS::TripleO::Services::TripleoPackages
+ - OS::TripleO::Services::Tuned
- OS::TripleO::Services::Vpp
+ - OS::TripleO::Services::OVNController
- OS::TripleO::Services::OpenDaylightApi
- OS::TripleO::Services::OpenDaylightOvs
- OS::TripleO::Services::OVNDBs
+ - OS::TripleO::Services::OVNController
- OS::TripleO::Services::Pacemaker
- OS::TripleO::Services::PankoApi
- OS::TripleO::Services::RabbitMQ
- OS::TripleO::Services::Timezone
- OS::TripleO::Services::TripleoFirewall
- OS::TripleO::Services::TripleoPackages
+ - OS::TripleO::Services::Tuned
- OS::TripleO::Services::Vpp
- OS::TripleO::Services::Zaqar
- OS::TripleO::Services::OpenDaylightApi
- OS::TripleO::Services::OpenDaylightOvs
- OS::TripleO::Services::OVNDBs
+ - OS::TripleO::Services::OVNController
- OS::TripleO::Services::Pacemaker
- OS::TripleO::Services::PankoApi
- OS::TripleO::Services::Redis
- OS::TripleO::Services::Timezone
- OS::TripleO::Services::TripleoFirewall
- OS::TripleO::Services::TripleoPackages
+ - OS::TripleO::Services::Tuned
- OS::TripleO::Services::Vpp
- OS::TripleO::Services::Zaqar
- OS::TripleO::Services::Timezone
- OS::TripleO::Services::TripleoFirewall
- OS::TripleO::Services::TripleoPackages
-
+ - OS::TripleO::Services::Tuned
- OS::TripleO::Services::Timezone
- OS::TripleO::Services::TripleoFirewall
- OS::TripleO::Services::TripleoPackages
+ - OS::TripleO::Services::Tuned
- OS::TripleO::Services::Timezone
- OS::TripleO::Services::TripleoFirewall
- OS::TripleO::Services::TripleoPackages
+ - OS::TripleO::Services::Tuned
- OS::TripleO::Services::Timezone
- OS::TripleO::Services::TripleoFirewall
- OS::TripleO::Services::TripleoPackages
-
+ - OS::TripleO::Services::Tuned
- OS::TripleO::Services::Timezone
- OS::TripleO::Services::TripleoFirewall
- OS::TripleO::Services::TripleoPackages
+ - OS::TripleO::Services::Tuned
- OS::TripleO::Services::Timezone
- OS::TripleO::Services::TripleoFirewall
- OS::TripleO::Services::TripleoPackages
-
+ - OS::TripleO::Services::Tuned
- OS::TripleO::Services::SwiftProxy
- OS::TripleO::Services::SwiftRingBuilder
- OS::TripleO::Services::SwiftStorage
+ - OS::TripleO::Services::Tuned
- OS::TripleO::Services::UndercloudAodhApi
- OS::TripleO::Services::UndercloudAodhEvaluator
- OS::TripleO::Services::UndercloudAodhListener
- OS::TripleO::Services::OpenDaylightApi
- OS::TripleO::Services::OpenDaylightOvs
- OS::TripleO::Services::OVNDBs
+ - OS::TripleO::Services::OVNController
- OS::TripleO::Services::Pacemaker
- OS::TripleO::Services::PankoApi
- OS::TripleO::Services::RabbitMQ
- OS::TripleO::Services::Timezone
- OS::TripleO::Services::TripleoFirewall
- OS::TripleO::Services::TripleoPackages
+ - OS::TripleO::Services::Tuned
- OS::TripleO::Services::Vpp
- OS::TripleO::Services::Zaqar
###############################################################################
- OS::TripleO::Services::Timezone
- OS::TripleO::Services::TripleoFirewall
- OS::TripleO::Services::TripleoPackages
+ - OS::TripleO::Services::Tuned
- OS::TripleO::Services::Vpp
+ - OS::TripleO::Services::OVNController
###############################################################################
# Role: BlockStorage #
###############################################################################
- OS::TripleO::Services::Timezone
- OS::TripleO::Services::TripleoFirewall
- OS::TripleO::Services::TripleoPackages
+ - OS::TripleO::Services::Tuned
###############################################################################
# Role: ObjectStorage #
###############################################################################
- OS::TripleO::Services::Timezone
- OS::TripleO::Services::TripleoFirewall
- OS::TripleO::Services::TripleoPackages
+ - OS::TripleO::Services::Tuned
###############################################################################
# Role: CephStorage #
###############################################################################
- OS::TripleO::Services::Timezone
- OS::TripleO::Services::TripleoFirewall
- OS::TripleO::Services::TripleoPackages
+ - OS::TripleO::Services::Tuned
- OS::TripleO::Services::SwiftProxy
- OS::TripleO::Services::SwiftRingBuilder
- OS::TripleO::Services::SwiftStorage
+ - OS::TripleO::Services::Tuned
- OS::TripleO::Services::UndercloudAodhApi
- OS::TripleO::Services::UndercloudAodhEvaluator
- OS::TripleO::Services::UndercloudAodhListener
Note %index% is translated into the index of the node, e.g 0/1/2 etc
and %stackname% is replaced with OS::stack_name in the template below.
If you want to use the heat generated names, pass '' (empty string).
+ -
+ name: predictable-placement/custom-domain
+ title: Custom Domain Name
+ files:
+ overcloud.yaml:
+ parameters:
+ - CloudDomain
+ - CloudName
+ - CloudNameInternal
+ - CloudNameStorage
+ - CloudNameStorageManagement
+ - CloudNameCtlplane
+ description: |
+ This environment contains the parameters that need to be set in order to
+ use a custom domain name and have all of the various FQDNs reflect it.
NovaEnableRbdBackend: True
GlanceBackend: rbd
GnocchiBackend: rbd
+ resource_registry:
+ OS::TripleO::Services::CephMon: ../../puppet/services/ceph-mon.yaml
+ OS::TripleO::Services::CephOSD: ../../puppet/services/ceph-osd.yaml
+ OS::TripleO::Services::CephClient: ../../puppet/services/ceph-client.yaml
description: |
Include this environment to enable Ceph as the backend for
Cinder, Nova, Gnocchi, and Glance.
r_map = {}
for r in role_data:
r_map[r.get('name')] = r
+
+ n_map = {}
+ for n in network_data:
+ if (n.get('enabled') is not False):
+ n_map[n.get('name')] = n
+ if not n.get('name_lower'):
+ n_map[n.get('name')]['name_lower'] = n.get('name').lower()
+ else:
+ print("skipping %s network: network is disabled" % n.get('name'))
+
excl_templates = ['%s/%s' % (template_path, e)
for e in j2_excludes.get('name')]
for f in files:
file_path = os.path.join(subdir, f)
- # We do two templating passes here:
+ # We do three templating passes here:
# 1. *.role.j2.yaml - we template just the role name
# and create multiple files (one per role)
- # 2. *.j2.yaml - we template with all roles_data,
+ # 2 *.network.j2.yaml - we template the network name and
+ # data and create multiple files for networks and
+ # network ports (one per network)
+ # 3. *.j2.yaml - we template with all roles_data,
# and create one file common to all roles
if f.endswith('.role.j2.yaml'):
print("jinja2 rendering role template %s" % f)
else:
print('skipping rendering of %s' % out_f_path)
+
+ elif f.endswith('.network.j2.yaml'):
+ print("jinja2 rendering network template %s" % f)
+ with open(file_path) as j2_template:
+ template_data = j2_template.read()
+ print("jinja2 rendering networks %s" % ",".join(n_map))
+ for network in n_map:
+ j2_data = {'network': n_map[network]}
+ # Output file names in "<name>.yaml" format
+ out_f = os.path.basename(f).replace('.network.j2.yaml',
+ '.yaml')
+ if os.path.dirname(file_path).endswith('ports'):
+ out_f = out_f.replace('port',
+ n_map[network]['name_lower'])
+ else:
+ out_f = out_f.replace('network',
+ n_map[network]['name_lower'])
+ out_f_path = os.path.join(out_dir, out_f)
+ if not (out_f_path in excl_templates):
+ _j2_render_to_file(template_data, j2_data,
+ out_f_path)
+ else:
+ print('skipping rendering of %s' % out_f_path)
+
elif f.endswith('.j2.yaml'):
print("jinja2 rendering normal template %s" % f)
with open(file_path) as j2_template:
'tls-endpoints-public-ip.yaml',
'tls-everywhere-endpoints-dns.yaml']
ENDPOINT_MAP_FILE = 'endpoint_map.yaml'
+OPTIONAL_SECTIONS = ['service_workflow_tasks']
REQUIRED_DOCKER_SECTIONS = ['service_name', 'docker_config', 'puppet_config',
'config_settings', 'step_config']
OPTIONAL_DOCKER_SECTIONS = ['docker_puppet_tasks', 'upgrade_tasks',
'ExternalAllocationPools': ['default'],
'StorageNetCidr': ['default'],
'StorageAllocationPools': ['default'],
- 'StorageMgmtNetCidr': ['default',
- # FIXME
- 'description'],
+ 'StorageMgmtNetCidr': ['default'],
'StorageMgmtAllocationPools': ['default'],
'TenantNetCidr': ['default'],
'TenantAllocationPools': ['default'],
'InternalApiNetCidr': ['default'],
+ 'InternalApiAllocationPools': ['default'],
'UpdateIdentifier': ['description'],
+ 'key_name': ['default'],
+ # There's one template that defines this
+ # differently, and I'm not sure if we can
+ # safely change it.
+ 'EC2MetadataIp': ['default'],
+ # Same as EC2MetadataIp
+ 'ControlPlaneDefaultRoute': ['default'],
# TODO(bnemec): Address these existing
# inconsistencies.
- 'NeutronMetadataProxySharedSecret': [
- 'description', 'hidden'],
'ServiceNetMap': ['description', 'default'],
- 'RedisPassword': ['description'],
- 'EC2MetadataIp': ['default'],
'network': ['default'],
'ControlPlaneIP': ['default',
'description'],
'ControlPlaneIp': ['default',
'description'],
'NeutronBigswitchLLDPEnabled': ['default'],
- 'NeutronEnableL2Pop': ['description'],
'NeutronWorkers': ['description'],
- 'TenantIpSubnet': ['description'],
- 'ExternalNetName': ['description'],
- 'AdminToken': ['description'],
- 'ControlPlaneDefaultRoute': ['default'],
- 'StorageMgmtNetName': ['description'],
'ServerMetadata': ['description'],
- 'InternalApiIpUri': ['description'],
- 'UpgradeLevelNovaCompute': ['default'],
- 'StorageMgmtIpUri': ['description'],
'server': ['description'],
'servers': ['description'],
- 'FixedIPs': ['description'],
- 'ExternalIpSubnet': ['description'],
- 'NeutronBridgeMappings': ['description'],
'ExtraConfig': ['description'],
- 'InternalApiIpSubnet': ['description'],
'DefaultPasswords': ['description',
'default'],
'BondInterfaceOvsOptions': ['description',
'default',
'constraints'],
'KeyName': ['constraints'],
- 'TenantNetName': ['description'],
- 'StorageIpSubnet': ['description'],
'OVNSouthboundServerPort': ['description'],
'ExternalInterfaceDefaultRoute':
['description', 'default'],
- 'ExternalIpUri': ['description'],
'IPPool': ['description'],
- 'ControlPlaneNetwork': ['description'],
'SSLCertificate': ['description',
'default',
'hidden'],
'HostCpusList': ['default', 'constraints'],
- 'InternalApiAllocationPools': ['default'],
'NodeIndex': ['description'],
- 'SwiftPassword': ['description'],
'name': ['description', 'default'],
- 'StorageNetName': ['description'],
- 'ManagementNetName': ['description'],
- 'NeutronPublicInterface': ['description'],
- 'RoleParameters': ['description'],
- 'AdminPassword': ['description', 'hidden'],
- 'ManagementInterfaceDefaultRoute':
- ['default'],
- 'NovaPassword': ['description'],
'image': ['description', 'default'],
'NeutronBigswitchAgentEnabled': ['default'],
'EndpointMap': ['description', 'default'],
'DockerManilaConfigImage': ['description',
'default'],
- 'NetworkName': ['default', 'description'],
- 'StorageIpUri': ['description'],
- 'InternalApiNetName': ['description'],
- 'NeutronTunnelTypes': ['description'],
'replacement_policy': ['default'],
- 'StorageMgmtIpSubnet': ['description'],
'CloudDomain': ['description', 'default'],
- 'key_name': ['default', 'description'],
'EnableLoadBalancer': ['description'],
'ControllerExtraConfig': ['description'],
'NovaComputeExtraConfig': ['description'],
return 0
+def search(item, check_item, check_key):
+ if check_item(item):
+ return True
+ elif isinstance(item, list):
+ for i in item:
+ if search(i, check_item, check_key):
+ return True
+ elif isinstance(item, dict):
+ for k in item.keys():
+ if check_key(k, item[k]):
+ return True
+ elif search(item[k], check_item, check_key):
+ return True
+ return False
+
+
def validate_mysql_connection(settings):
no_op = lambda *args: False
error_status = [0]
error_status[0] = 1
return False
- def search(item, check_item, check_key):
- if check_item(item):
- return True
- elif isinstance(item, list):
- for i in item:
- if search(i, check_item, check_key):
- return True
- elif isinstance(item, dict):
- for k in item.keys():
- if check_key(k, item[k]):
- return True
- elif search(item[k], check_item, check_key):
- return True
- return False
-
search(settings, no_op, validate_mysql_uri)
return error_status[0]
+def validate_docker_service_mysql_usage(filename, tpl):
+ no_op = lambda *args: False
+ included_res = []
+
+ def match_included_res(item):
+ is_config_setting = isinstance(item, list) and len(item) > 1 and \
+ item[1:] == ['role_data', 'config_settings']
+ if is_config_setting:
+ included_res.append(item[0])
+ return is_config_setting
+
+ def match_use_mysql_protocol(items):
+ return items == ['EndpointMap', 'MysqlInternal', 'protocol']
+
+ all_content = []
+
+ def read_all(incfile, inctpl):
+ # search for included content
+ content = inctpl['outputs']['role_data']['value'].get('config_settings',{})
+ all_content.append(content)
+ included_res[:] = []
+ if search(content, match_included_res, no_op):
+ files = [inctpl['resources'][x]['type'] for x in included_res]
+ # parse included content
+ for r, f in zip(included_res, files):
+ # disregard class names, only consider file names
+ if 'OS::' in f:
+ continue
+ newfile = os.path.normpath(os.path.dirname(incfile)+'/'+f)
+ newtmp = yaml.load(open(newfile).read())
+ read_all(newfile, newtmp)
+
+ read_all(filename, tpl)
+ if search(all_content, match_use_mysql_protocol, no_op):
+ # ensure this service includes the mysqlclient service
+ resources = tpl['resources']
+ mysqlclient = [x for x in resources
+ if resources[x]['type'].endswith('mysql-client.yaml')]
+ if len(mysqlclient) == 0:
+ print("ERROR: containerized service %s uses mysql but "
+ "resource mysql-client.yaml is not used"
+ % filename)
+ return 1
+
+ # and that mysql::client puppet module is included in puppet-config
+ match_mysqlclient = \
+ lambda x: x == [mysqlclient[0], 'role_data', 'step_config']
+ role_data = tpl['outputs']['role_data']
+ puppet_config = role_data['value']['puppet_config']['step_config']
+ if not search(puppet_config, match_mysqlclient, no_op):
+ print("ERROR: containerized service %s uses mysql but "
+ "puppet_config section does not include "
+ "::tripleo::profile::base::database::mysql::client"
+ % filename)
+ return 1
+
+ return 0
+
+
def validate_docker_service(filename, tpl):
if 'outputs' in tpl and 'role_data' in tpl['outputs']:
if 'value' not in tpl['outputs']['role_data']:
else:
if section_name in OPTIONAL_DOCKER_SECTIONS:
continue
+ elif section_name in OPTIONAL_SECTIONS:
+ continue
else:
print('ERROR: %s is extra in role_data for %s.'
% (section_name, filename))
return 1
if 'puppet_config' in role_data:
+ if validate_docker_service_mysql_usage(filename, tpl):
+ print('ERROR: could not validate use of mysql service for %s.'
+ % filename)
+ return 1
puppet_config = role_data['puppet_config']
for key in puppet_config:
if key in REQUIRED_DOCKER_PUPPET_CONFIG_SECTIONS:
Code Review / apex-tripleo-heat-templates.git / commitdiff