Code Review / apex-tripleo-heat-templates.git / commitdiff
? search:
summary | shortlog | log | commit | commitdiff | review | tree
raw | patch | inline | side by side (parent: 9cd0c5a)
Hiera optimization: use a new hiera hook
authorDan Prince <dprince@redhat.com>
Tue, 11 Oct 2016 01:09:01 +0000 (21:09 -0400)
committerDan Prince <dprince@redhat.com>
Thu, 1 Dec 2016 03:16:13 +0000 (22:16 -0500)
This patch optimizes how we deploy hiera by using a new
heat hook specifically designed to help compose hiera
within heat templates. As part of this change:

 - we update all the 'hiera' software configurations to set the group to hiera
   instead of os-apply-config.

 - The new format uses JSON instead of YAML. The hook actually writes
   out the hiera JSON directly so no conversion takes place. Arrays,
   Strings, Booleans all stay in their native formats. As such we can avoid
   having to do many of the awkward string and list conversions in t-h-t to
   support the previous YAML formatting.

 - The new hook prefers JSON over YAML so upgrading users will have the
   new files prefered. (we will post a cleanup routine for the old files
   soon but this isn't a new behavior, JSON is now simply prefered.)

 - A lot of services required edits to account for default settings that
   worked in YAML that no longer work correctly in the native JSON
   format. In almost all these cases I think the resulting codes looks
   cleaner and is more explicit with regards to what is getting
   configured in hiera on the actual nodes.

Depends-On: I6a383b1ad4ec29458569763bd3f56fd3f2bd726b
Closes-bug: #1596373

Change-Id: Ibe7e2044e200e2c947223286fdf4fd5bcf98c2e1

27 files changed:
puppet/all-nodes-config.yaml patch | blob | history
puppet/blockstorage-role.yaml patch | blob | history
puppet/cephstorage-role.yaml patch | blob | history
puppet/compute-role.yaml patch | blob | history
puppet/controller-role.yaml patch | blob | history
puppet/objectstorage-role.yaml patch | blob | history
puppet/role.role.j2.yaml patch | blob | history
puppet/services/aodh-api.yaml patch | blob | history
puppet/services/barbican-api.yaml patch | blob | history
puppet/services/ceilometer-api.yaml patch | blob | history
puppet/services/ceph-base.yaml patch | blob | history
puppet/services/cinder-api.yaml patch | blob | history
puppet/services/database/mysql.yaml patch | blob | history
puppet/services/database/redis-base.yaml patch | blob | history
puppet/services/gnocchi-api.yaml patch | blob | history
puppet/services/ironic-conductor.yaml patch | blob | history
puppet/services/keepalived.yaml patch | blob | history
puppet/services/keystone.yaml patch | blob | history
puppet/services/neutron-base.yaml patch | blob | history
puppet/services/neutron-metadata.yaml patch | blob | history
puppet/services/neutron-ovs-agent.yaml patch | blob | history
puppet/services/neutron-plugin-ml2.yaml patch | blob | history
puppet/services/nova-api.yaml patch | blob | history
puppet/services/nova-base.yaml patch | blob | history
puppet/services/nova-compute.yaml patch | blob | history
puppet/services/pacemaker/database/mysql.yaml patch | blob | history
puppet/services/panko-api.yaml patch | blob | history

diff --git a/puppet/all-nodes-config.yaml b/puppet/all-nodes-config.yaml
index cc5e4ea..0a8bec6 100644 (file)
--- a/puppet/all-nodes-config.yaml
+++ b/puppet/all-nodes-config.yaml
@@ -71,140 +71,132 @@ resources:
   allNodesConfigImpl:
     type: OS::Heat::StructuredConfig
     properties:
-      group: os-apply-config
+      group: hiera
       config:
-        hiera:
-          datafiles:
-            bootstrap_node:
-              mapped_data:
-                bootstrap_nodeid: {get_input: bootstrap_nodeid}
-                bootstrap_nodeid_ip: {get_input: bootstrap_nodeid_ip}
-            all_nodes:
-              mapped_data:
-                map_merge:
-                  - tripleo::profile::base::logging::fluentd::fluentd_sources: {get_param: logging_sources}
-                  - tripleo::profile::base::logging::fluentd::fluentd_groups: {get_param: logging_groups}
-                  - enabled_services: {get_param: enabled_services}
-                  # This writes out a mapping of service_name_enabled: 'true'
-                  # For any services not enabled, hiera foo_enabled will
-                  # return nil, as it's undefined
-                  - map_merge:
-                      repeat:
-                        template:
-                          # Note this must be string 'true' due to
-                          # https://bugs.launchpad.net/heat/+bug/1617203
-                          SERVICE_enabled: 'true'
-                        for_each:
-                          SERVICE:
-                            str_split: [',', {get_param: enabled_services}]
-                  # Dynamically generate per-service network data
-                  # This works as follows (outer->inner functions)
-                  # yaql - filters services where no mapping exists in ServiceNetMap
-                  #   map_replace: substitute e.g heat_api_network with network name from ServiceNetMap
-                  #     map_merge/repeat: generate a per-service mapping
-                  - yaql:
-                      # This filters any entries where the value hasn't been substituted for
-                      # a list, e.g it's still $service_network.  This happens when there is
-                      # no network defined for the service in the ServiceNetMap, which is OK
-                      # as not all services have to be bound to a network, so we filter them
-                      expression: dict($.data.map.items().where(isString($[1]) and not $[1].endsWith("_network")))
-                      data:
-                        map:
-                          map_replace:
+        datafiles:
+          bootstrap_node:
+            bootstrap_nodeid: {get_input: bootstrap_nodeid}
+            bootstrap_nodeid_ip: {get_input: bootstrap_nodeid_ip}
+          all_nodes:
+           map_merge:
+              - tripleo::profile::base::logging::fluentd::fluentd_sources: {get_param: logging_sources}
+              - tripleo::profile::base::logging::fluentd::fluentd_groups: {get_param: logging_groups}
+              - enabled_services: {get_param: enabled_services}
+              # This writes out a mapping of service_name_enabled: 'true'
+              # For any services not enabled, hiera foo_enabled will
+              # return nil, as it's undefined
+              - map_merge:
+                  repeat:
+                    template:
+                      # Note this must be string 'true' due to
+                      # https://bugs.launchpad.net/heat/+bug/1617203
+                      SERVICE_enabled: 'true'
+                    for_each:
+                      SERVICE:
+                        str_split: [',', {get_param: enabled_services}]
+              # Dynamically generate per-service network data
+              # This works as follows (outer->inner functions)
+              # yaql - filters services where no mapping exists in ServiceNetMap
+              #   map_replace: substitute e.g heat_api_network with network name from ServiceNetMap
+              #     map_merge/repeat: generate a per-service mapping
+              - yaql:
+                  # This filters any entries where the value hasn't been substituted for
+                  # a list, e.g it's still $service_network.  This happens when there is
+                  # no network defined for the service in the ServiceNetMap, which is OK
+                  # as not all services have to be bound to a network, so we filter them
+                  expression: dict($.data.map.items().where(isString($[1]) and not $[1].endsWith("_network")))
+                  data:
+                    map:
+                      map_replace:
+                        - map_merge:
+                            repeat:
+                              template:
+                                SERVICE_network: SERVICE_network
+                              for_each:
+                                SERVICE:
+                                  str_split: [',', {get_param: enabled_services}]
+                        - values: {get_param: ServiceNetMap}
+              # Keystone doesn't provide separate entries for the public
+              # and admin endpoints, so we need to add them here manually
+              # like we do in the vip-config below
+              - keystone_admin_api_network: {get_param: [ServiceNetMap, keystone_admin_api_network]}
+                keystone_public_api_network: {get_param: [ServiceNetMap, keystone_public_api_network]}
+              # provides a mapping of service_name_ips to a list of IPs
+              - {get_param: service_ips}
+              - {get_param: service_node_names}
+              - {get_param: short_service_node_names}
+              - controller_node_ips:
+                  list_join:
+                  - ','
+                  - {get_param: controller_ips}
+                controller_node_names:
+                  list_join:
+                  - ','
+                  - {get_param: controller_names}
+                memcached_node_ips_v6:
+                  repeat:
+                    template: "inet6:[NAME]"
+                    for_each:
+                      NAME: {get_param: memcache_node_ips}
+                deploy_identifier: {get_param: DeployIdentifier}
+                update_identifier: {get_param: UpdateIdentifier}
+                stack_action: {get_param: StackAction}
+          vip_data:
+            map_merge:
+              # Dynamically generate per-service VIP data based on enabled_services
+              # This works as follows (outer->inner functions)
+              # yaql - filters services where no mapping exists in ServiceNetMap
+              #   map_replace: substitute e.g internal_api with the IP from NetVipMap
+              #     map_replace: substitute e.g heat_api_network with network name from ServiceNetMap
+              #       map_merge/repeat: generate a per-service mapping
+              - yaql:
+                  # This filters any entries where the value hasn't been substituted for
+                  # a list, e.g it's still $service_network.  This happens when there is
+                  # no network defined for the service in the ServiceNetMap, which is OK
+                  # as not all services have to be bound to a network, so we filter them
+                  expression: dict($.data.map.items().where(isString($[1]) and not $[1].endsWith("_network")))
+                  data:
+                    map:
+                      map_replace:
+                        - map_replace:
                             - map_merge:
                                 repeat:
                                   template:
-                                    SERVICE_network: SERVICE_network
+                                    SERVICE_vip: SERVICE_network
                                   for_each:
                                     SERVICE:
                                       str_split: [',', {get_param: enabled_services}]
                             - values: {get_param: ServiceNetMap}
-                  # Keystone doesn't provide separate entries for the public
-                  # and admin endpoints, so we need to add them here manually
-                  # like we do in the vip-config below
-                  - keystone_admin_api_network: {get_param: [ServiceNetMap, keystone_admin_api_network]}
-                    keystone_public_api_network: {get_param: [ServiceNetMap, keystone_public_api_network]}
-                  # provides a mapping of service_name_ips to a list of IPs
-                  - {get_param: service_ips}
-                  - {get_param: service_node_names}
-                  - {get_param: short_service_node_names}
-                  - controller_node_ips:
-                      list_join:
-                      - ','
-                      - {get_param: controller_ips}
-                    controller_node_names:
-                      list_join:
-                      - ','
-                      - {get_param: controller_names}
-                    memcached_node_ips_v6:
-                      str_replace:
-                        template: "['inet6:[SERVERS_LIST]']"
-                        params:
-                          SERVERS_LIST:
-                            list_join:
-                            - "]','inet6:["
-                            - {get_param: memcache_node_ips}
-
-                    deploy_identifier: {get_param: DeployIdentifier}
-                    update_identifier: {get_param: UpdateIdentifier}
-                    stack_action: {get_param: StackAction}
-            vip_data:
-              mapped_data:
-                map_merge:
-                  # Dynamically generate per-service VIP data based on enabled_services
-                  # This works as follows (outer->inner functions)
-                  # yaql - filters services where no mapping exists in ServiceNetMap
-                  #   map_replace: substitute e.g internal_api with the IP from NetVipMap
-                  #     map_replace: substitute e.g heat_api_network with network name from ServiceNetMap
-                  #       map_merge/repeat: generate a per-service mapping
-                  - yaql:
-                      # This filters any entries where the value hasn't been substituted for
-                      # a list, e.g it's still $service_network.  This happens when there is
-                      # no network defined for the service in the ServiceNetMap, which is OK
-                      # as not all services have to be bound to a network, so we filter them
-                      expression: dict($.data.map.items().where(isString($[1]) and not $[1].endsWith("_network")))
-                      data:
-                        map:
-                          map_replace:
-                            - map_replace:
-                                - map_merge:
-                                    repeat:
-                                      template:
-                                        SERVICE_vip: SERVICE_network
-                                      for_each:
-                                        SERVICE:
-                                          str_split: [',', {get_param: enabled_services}]
-                                - values: {get_param: ServiceNetMap}
-                            - values: {get_param: NetVipMap}
-                  - keystone_admin_api_vip:
-                      get_param: [NetVipMap, {get_param: [ServiceNetMap, keystone_admin_api_network]}]
-                    keystone_public_api_vip:
-                      get_param: [NetVipMap, {get_param: [ServiceNetMap, keystone_public_api_network]}]
-                    public_virtual_ip: {get_param: [NetVipMap, external]}
-                    controller_virtual_ip: {get_param: [NetVipMap, ctlplane]}
-                    internal_api_virtual_ip: {get_param: [NetVipMap, internal_api]}
-                    storage_virtual_ip: {get_param: [NetVipMap, storage]}
-                    storage_mgmt_virtual_ip: {get_param: [NetVipMap, storage_mgmt]}
-                    redis_vip: {get_param: RedisVirtualIP}
-                    # public_virtual_ip and controller_virtual_ip are needed in
-                    # both HAproxy & keepalived.
-                    tripleo::haproxy::public_virtual_ip: {get_param: [NetVipMap, external]}
-                    tripleo::haproxy::controller_virtual_ip: {get_param: [NetVipMap, ctlplane]}
-                    tripleo::keepalived::public_virtual_ip: {get_param: [NetVipMap, external]}
-                    tripleo::keepalived::controller_virtual_ip: {get_param: [NetVipMap, ctlplane]}
-                    tripleo::keepalived::internal_api_virtual_ip: {get_param: [NetVipMap, internal_api]}
-                    tripleo::keepalived::storage_virtual_ip: {get_param: [NetVipMap, storage]}
-                    tripleo::keepalived::storage_mgmt_virtual_ip: {get_param: [NetVipMap, storage_mgmt]}
-                    tripleo::keepalived::redis_virtual_ip: {get_param: RedisVirtualIP}
-                    tripleo::redis_notification::haproxy_monitor_ip: {get_param: [NetVipMap, ctlplane]}
-                    cloud_name_external: {get_param: cloud_name_external}
-                    cloud_name_internal_api: {get_param: cloud_name_internal_api}
-                    cloud_name_storage: {get_param: cloud_name_storage}
-                    cloud_name_storage_mgmt: {get_param: cloud_name_storage_mgmt}
-                    cloud_name_ctlplane: {get_param: cloud_name_ctlplane}
-                    # TLS parameters
-                    certmonger_ca: {get_param: CertmongerCA}
-                    enable_internal_tls: {get_param: EnableInternalTLS}
+                        - values: {get_param: NetVipMap}
+              - keystone_admin_api_vip:
+                  get_param: [NetVipMap, {get_param: [ServiceNetMap, keystone_admin_api_network]}]
+                keystone_public_api_vip:
+                  get_param: [NetVipMap, {get_param: [ServiceNetMap, keystone_public_api_network]}]
+                public_virtual_ip: {get_param: [NetVipMap, external]}
+                controller_virtual_ip: {get_param: [NetVipMap, ctlplane]}
+                internal_api_virtual_ip: {get_param: [NetVipMap, internal_api]}
+                storage_virtual_ip: {get_param: [NetVipMap, storage]}
+                storage_mgmt_virtual_ip: {get_param: [NetVipMap, storage_mgmt]}
+                redis_vip: {get_param: RedisVirtualIP}
+                # public_virtual_ip and controller_virtual_ip are needed in
+                # both HAproxy & keepalived.
+                tripleo::haproxy::public_virtual_ip: {get_param: [NetVipMap, external]}
+                tripleo::haproxy::controller_virtual_ip: {get_param: [NetVipMap, ctlplane]}
+                tripleo::keepalived::public_virtual_ip: {get_param: [NetVipMap, external]}
+                tripleo::keepalived::controller_virtual_ip: {get_param: [NetVipMap, ctlplane]}
+                tripleo::keepalived::internal_api_virtual_ip: {get_param: [NetVipMap, internal_api]}
+                tripleo::keepalived::storage_virtual_ip: {get_param: [NetVipMap, storage]}
+                tripleo::keepalived::storage_mgmt_virtual_ip: {get_param: [NetVipMap, storage_mgmt]}
+                tripleo::keepalived::redis_virtual_ip: {get_param: RedisVirtualIP}
+                tripleo::redis_notification::haproxy_monitor_ip: {get_param: [NetVipMap, ctlplane]}
+                cloud_name_external: {get_param: cloud_name_external}
+                cloud_name_internal_api: {get_param: cloud_name_internal_api}
+                cloud_name_storage: {get_param: cloud_name_storage}
+                cloud_name_storage_mgmt: {get_param: cloud_name_storage_mgmt}
+                cloud_name_ctlplane: {get_param: cloud_name_ctlplane}
+                # TLS parameters
+                certmonger_ca: {get_param: CertmongerCA}
+                enable_internal_tls: {get_param: EnableInternalTLS}
 
 outputs:
   config_id:
diff --git a/puppet/blockstorage-role.yaml b/puppet/blockstorage-role.yaml
index 34f10a2..45552e0 100644 (file)
--- a/puppet/blockstorage-role.yaml
+++ b/puppet/blockstorage-role.yaml
@@ -239,39 +239,33 @@ resources:
   BlockStorageConfig:
     type: OS::Heat::StructuredConfig
     properties:
-      group: os-apply-config
+      group: hiera
       config:
-        hiera:
-          hierarchy:
-            - '"%{::uuid}"'
-            - heat_config_%{::deploy_config_name}
-            - volume_extraconfig
-            - extraconfig
-            - service_names
-            - service_configs
-            - volume
-            - bootstrap_node # provided by allNodesConfig
-            - all_nodes # provided by allNodesConfig
-            - vip_data # provided by allNodesConfig
-            - '"%{::osfamily}"'
-          merge_behavior: deeper
-          datafiles:
-            service_names:
-              mapped_data:
-                service_names: {get_param: ServiceNames}
-                sensu::subscriptions: {get_param: MonitoringSubscriptions}
-            service_configs:
-              mapped_data:
-                map_replace:
-                  - {get_param: ServiceConfigSettings}
-                  - values: {get_attr: [NetIpMap, net_ip_map]}
-            volume_extraconfig:
-              mapped_data: {get_param: BlockStorageExtraConfig}
-            extraconfig:
-              mapped_data: {get_param: ExtraConfig}
-            volume:
-              mapped_data:
-                tripleo::packages::enable_upgrade: {get_input: enable_package_upgrade}
+        hierarchy:
+          - '"%{::uuid}"'
+          - heat_config_%{::deploy_config_name}
+          - volume_extraconfig
+          - extraconfig
+          - service_names
+          - service_configs
+          - volume
+          - bootstrap_node # provided by allNodesConfig
+          - all_nodes # provided by allNodesConfig
+          - vip_data # provided by allNodesConfig
+          - '"%{::osfamily}"'
+        merge_behavior: deeper
+        datafiles:
+          service_names:
+            service_names: {get_param: ServiceNames}
+            sensu::subscriptions: {get_param: MonitoringSubscriptions}
+          service_configs:
+            map_replace:
+              - {get_param: ServiceConfigSettings}
+              - values: {get_attr: [NetIpMap, net_ip_map]}
+          volume_extraconfig: {get_param: BlockStorageExtraConfig}
+          extraconfig: {get_param: ExtraConfig}
+          volume:
+            tripleo::packages::enable_upgrade: {get_input: enable_package_upgrade}
 
   # Resource for site-specific injection of root certificate
   NodeTLSCAData:
diff --git a/puppet/cephstorage-role.yaml b/puppet/cephstorage-role.yaml
index 0854330..03b57e2 100644 (file)
--- a/puppet/cephstorage-role.yaml
+++ b/puppet/cephstorage-role.yaml
@@ -244,39 +244,33 @@ resources:
   CephStorageConfig:
     type: OS::Heat::StructuredConfig
     properties:
-      group: os-apply-config
+      group: hiera
       config:
-        hiera:
-          hierarchy:
-            - '"%{::uuid}"'
-            - heat_config_%{::deploy_config_name}
-            - ceph_extraconfig
-            - extraconfig
-            - service_names
-            - service_configs
-            - ceph
-            - bootstrap_node # provided by allNodesConfig
-            - all_nodes # provided by allNodesConfig
-            - vip_data # provided by allNodesConfig
-            - '"%{::osfamily}"'
-          merge_behavior: deeper
-          datafiles:
-            service_names:
-              mapped_data:
-                service_names: {get_param: ServiceNames}
-                sensu::subscriptions: {get_param: MonitoringSubscriptions}
-            service_configs:
-              mapped_data:
-                map_replace:
-                  - {get_param: ServiceConfigSettings}
-                  - values: {get_attr: [NetIpMap, net_ip_map]}
-            ceph_extraconfig:
-              mapped_data: {get_param: CephStorageExtraConfig}
-            extraconfig:
-              mapped_data: {get_param: ExtraConfig}
-            ceph:
-              mapped_data:
-                tripleo::packages::enable_upgrade: {get_input: enable_package_upgrade}
+        hierarchy:
+          - '"%{::uuid}"'
+          - heat_config_%{::deploy_config_name}
+          - ceph_extraconfig
+          - extraconfig
+          - service_names
+          - service_configs
+          - ceph
+          - bootstrap_node # provided by allNodesConfig
+          - all_nodes # provided by allNodesConfig
+          - vip_data # provided by allNodesConfig
+          - '"%{::osfamily}"'
+        merge_behavior: deeper
+        datafiles:
+          service_names:
+            service_names: {get_param: ServiceNames}
+            sensu::subscriptions: {get_param: MonitoringSubscriptions}
+          service_configs:
+            map_replace:
+              - {get_param: ServiceConfigSettings}
+              - values: {get_attr: [NetIpMap, net_ip_map]}
+          ceph_extraconfig: {get_param: CephStorageExtraConfig}
+          extraconfig: {get_param: ExtraConfig}
+          ceph:
+            tripleo::packages::enable_upgrade: {get_input: enable_package_upgrade}
 
   # Resource for site-specific injection of root certificate
   NodeTLSCAData:
diff --git a/puppet/compute-role.yaml b/puppet/compute-role.yaml
index 070f19c..1346433 100644 (file)
--- a/puppet/compute-role.yaml
+++ b/puppet/compute-role.yaml
@@ -251,45 +251,39 @@ resources:
   NovaComputeConfig:
     type: OS::Heat::StructuredConfig
     properties:
-      group: os-apply-config
+      group: hiera
       config:
-        hiera:
-          hierarchy:
-            - '"%{::uuid}"'
-            - heat_config_%{::deploy_config_name}
-            - compute_extraconfig
-            - extraconfig
-            - service_names
-            - service_configs
-            - compute
-            - bootstrap_node # provided by allNodesConfig
-            - all_nodes # provided by allNodesConfig
-            - vip_data # provided by allNodesConfig
-            - '"%{::osfamily}"'
-            - neutron_bigswitch_data # Optionally provided by ComputeExtraConfigPre
-            - cisco_n1kv_data  # Optionally provided by ComputeExtraConfigPre
-            - nova_nuage_data  # Optionally provided by ComputeExtraConfigPre
-            - midonet_data # Optionally provided by AllNodesExtraConfig
-            - neutron_opencontrail_data  # Optionally provided by ComputeExtraConfigPre
-            - cisco_aci_data # Optionally provided by ComputeExtraConfigPre
-          merge_behavior: deeper
-          datafiles:
-            service_names:
-              mapped_data:
-                service_names: {get_param: ServiceNames}
-                sensu::subscriptions: {get_param: MonitoringSubscriptions}
-            service_configs:
-              mapped_data:
-                map_replace:
-                  - {get_param: ServiceConfigSettings}
-                  - values: {get_attr: [NetIpMap, net_ip_map]}
-            compute_extraconfig:
-              mapped_data: {get_param: NovaComputeExtraConfig}
-            extraconfig:
-              mapped_data: {get_param: ExtraConfig}
-            compute:
-              mapped_data:
-                tripleo::packages::enable_upgrade: {get_input: enable_package_upgrade}
+        hierarchy:
+          - '"%{::uuid}"'
+          - heat_config_%{::deploy_config_name}
+          - compute_extraconfig
+          - extraconfig
+          - service_names
+          - service_configs
+          - compute
+          - bootstrap_node # provided by allNodesConfig
+          - all_nodes # provided by allNodesConfig
+          - vip_data # provided by allNodesConfig
+          - '"%{::osfamily}"'
+          - neutron_bigswitch_data # Optionally provided by ComputeExtraConfigPre
+          - cisco_n1kv_data  # Optionally provided by ComputeExtraConfigPre
+          - nova_nuage_data  # Optionally provided by ComputeExtraConfigPre
+          - midonet_data # Optionally provided by AllNodesExtraConfig
+          - neutron_opencontrail_data  # Optionally provided by ComputeExtraConfigPre
+          - cisco_aci_data # Optionally provided by ComputeExtraConfigPre
+        merge_behavior: deeper
+        datafiles:
+          service_names:
+            service_names: {get_param: ServiceNames}
+            sensu::subscriptions: {get_param: MonitoringSubscriptions}
+          service_configs:
+            map_replace:
+              - {get_param: ServiceConfigSettings}
+              - values: {get_attr: [NetIpMap, net_ip_map]}
+          compute_extraconfig: {get_param: NovaComputeExtraConfig}
+          extraconfig: {get_param: ExtraConfig}
+          compute:
+            tripleo::packages::enable_upgrade: {get_input: enable_package_upgrade}
 
   NovaComputeDeployment:
     type: OS::TripleO::SoftwareDeployment
diff --git a/puppet/controller-role.yaml b/puppet/controller-role.yaml
index 3fc691a..09e10ea 100644 (file)
--- a/puppet/controller-role.yaml
+++ b/puppet/controller-role.yaml
@@ -299,57 +299,51 @@ resources:
   ControllerConfig:
     type: OS::Heat::StructuredConfig
     properties:
-      group: os-apply-config
+      group: hiera
       config:
-        hiera:
-          hierarchy:
-            - '"%{::uuid}"'
-            - heat_config_%{::deploy_config_name}
-            - controller_extraconfig
-            - extraconfig
-            - service_configs
-            - service_names
-            - controller
-            - bootstrap_node # provided by BootstrapNodeConfig
-            - all_nodes # provided by allNodesConfig
-            - vip_data # provided by allNodesConfig
-            - '"%{::osfamily}"'
-            - cinder_dellsc_data # Optionally provided by ControllerExtraConfigPre
-            - cinder_netapp_data # Optionally provided by ControllerExtraConfigPre
-            - cinder_eqlx_data # Optionally provided by ControllerExtraConfigPre
-            - neutron_bigswitch_data # Optionally provided by ControllerExtraConfigPre
-            - neutron_cisco_data # Optionally provided by ControllerExtraConfigPre
-            - cisco_n1kv_data # Optionally provided by ControllerExtraConfigPre
-            - midonet_data #Optionally provided by AllNodesExtraConfig
-            - cisco_aci_data # Optionally provided by ControllerExtraConfigPre
-          merge_behavior: deeper
-          datafiles:
-            service_names:
-              mapped_data:
-                service_names: {get_param: ServiceNames}
-                sensu::subscriptions: {get_param: MonitoringSubscriptions}
-            service_configs:
-              mapped_data:
-                map_replace:
-                  - {get_param: ServiceConfigSettings}
-                  - values: {get_attr: [NetIpMap, net_ip_map]}
-            controller_extraconfig:
-              mapped_data:
-                map_merge:
-                  - {get_param: controllerExtraConfig}
-                  - {get_param: ControllerExtraConfig}
-            extraconfig:
-              mapped_data: {get_param: ExtraConfig}
-            controller:
-              mapped_data: # data supplied directly to this deployment configuration, etc
-                bootstack_nodeid: {get_input: bootstack_nodeid}
+        hierarchy:
+          - '"%{::uuid}"'
+          - heat_config_%{::deploy_config_name}
+          - controller_extraconfig
+          - extraconfig
+          - service_configs
+          - service_names
+          - controller
+          - bootstrap_node # provided by BootstrapNodeConfig
+          - all_nodes # provided by allNodesConfig
+          - vip_data # provided by allNodesConfig
+          - '"%{::osfamily}"'
+          - cinder_dellsc_data # Optionally provided by ControllerExtraConfigPre
+          - cinder_netapp_data # Optionally provided by ControllerExtraConfigPre
+          - cinder_eqlx_data # Optionally provided by ControllerExtraConfigPre
+          - neutron_bigswitch_data # Optionally provided by ControllerExtraConfigPre
+          - neutron_cisco_data # Optionally provided by ControllerExtraConfigPre
+          - cisco_n1kv_data # Optionally provided by ControllerExtraConfigPre
+          - midonet_data #Optionally provided by AllNodesExtraConfig
+          - cisco_aci_data # Optionally provided by ControllerExtraConfigPre
+        merge_behavior: deeper
+        datafiles:
+          service_names:
+            service_names: {get_param: ServiceNames}
+            sensu::subscriptions: {get_param: MonitoringSubscriptions}
+          service_configs:
+            map_replace:
+              - {get_param: ServiceConfigSettings}
+              - values: {get_attr: [NetIpMap, net_ip_map]}
+          controller_extraconfig:
+            map_merge:
+              - {get_param: controllerExtraConfig}
+              - {get_param: ControllerExtraConfig}
+          extraconfig: {get_param: ExtraConfig}
+          controller:
+            # data supplied directly to this deployment configuration, etc
+            bootstack_nodeid: {get_input: bootstack_nodeid}
+            # Pacemaker
+            enable_load_balancer: {get_input: enable_load_balancer}
 
-                # Pacemaker
-                enable_load_balancer: {get_input: enable_load_balancer}
-
-                # Misc
-                tripleo::haproxy::service_certificate: {get_attr: [NodeTLSData, deployed_ssl_certificate_path]}
-                tripleo::packages::enable_upgrade: {get_input: enable_package_upgrade}
+            # Misc
+            tripleo::haproxy::service_certificate: {get_attr: [NodeTLSData, deployed_ssl_certificate_path]}
+            tripleo::packages::enable_upgrade: {get_input: enable_package_upgrade}
 
   # Hook for site-specific additional pre-deployment config, e.g extra hieradata
   ControllerExtraConfigPre:
diff --git a/puppet/objectstorage-role.yaml b/puppet/objectstorage-role.yaml
index be638c5..533cd2c 100644 (file)
--- a/puppet/objectstorage-role.yaml
+++ b/puppet/objectstorage-role.yaml
@@ -228,40 +228,33 @@ resources:
   SwiftStorageHieraConfig:
     type: OS::Heat::StructuredConfig
     properties:
-      group: os-apply-config
+      group: hiera
       config:
-        hiera:
-          hierarchy:
-            - '"%{::uuid}"'
-            - heat_config_%{::deploy_config_name}
-            - object_extraconfig
-            - extraconfig
-            - service_names
-            - service_configs
-            - object
-            - bootstrap_node # provided by allNodesConfig
-            - all_nodes # provided by allNodesConfig
-            - vip_data # provided by allNodesConfig
-            - '"%{::osfamily}"'
-          merge_behavior: deeper
-          datafiles:
-            service_names:
-              mapped_data:
-                service_names: {get_param: ServiceNames}
-                sensu::subscriptions: {get_param: MonitoringSubscriptions}
-            service_configs:
-              mapped_data:
-                map_replace:
-                  - {get_param: ServiceConfigSettings}
-                  - values: {get_attr: [NetIpMap, net_ip_map]}
-            object_extraconfig:
-              mapped_data: {get_param: ObjectStorageExtraConfig}
-            extraconfig:
-              mapped_data: {get_param: ExtraConfig}
-            object:
-              mapped_data: # data supplied directly to this deployment configuration, etc
-                tripleo::packages::enable_upgrade: {get_input: enable_package_upgrade}
-
+        hierarchy:
+          - '"%{::uuid}"'
+          - heat_config_%{::deploy_config_name}
+          - object_extraconfig
+          - extraconfig
+          - service_names
+          - service_configs
+          - object
+          - bootstrap_node # provided by allNodesConfig
+          - all_nodes # provided by allNodesConfig
+          - vip_data # provided by allNodesConfig
+          - '"%{::osfamily}"'
+        merge_behavior: deeper
+        datafiles:
+          service_names:
+            service_names: {get_param: ServiceNames}
+            sensu::subscriptions: {get_param: MonitoringSubscriptions}
+          service_configs:
+            map_replace:
+              - {get_param: ServiceConfigSettings}
+              - values: {get_attr: [NetIpMap, net_ip_map]}
+          object_extraconfig: {get_param: ObjectStorageExtraConfig}
+          extraconfig: {get_param: ExtraConfig}
+          object:
+            tripleo::packages::enable_upgrade: {get_input: enable_package_upgrade}
 
   SwiftStorageHieraDeploy:
     type: OS::Heat::StructuredDeployment
diff --git a/puppet/role.role.j2.yaml b/puppet/role.role.j2.yaml
index ad5e479..c2c322d 100644 (file)
--- a/puppet/role.role.j2.yaml
+++ b/puppet/role.role.j2.yaml
@@ -250,41 +250,35 @@ resources:
   {{role}}Config:
     type: OS::Heat::StructuredConfig
     properties:
-      group: os-apply-config
+      group: hiera
       config:
-        hiera:
-          hierarchy:
-            - '"%{::uuid}"'
-            - heat_config_%{::deploy_config_name}
-            - {{role.lower()}}_extraconfig
-            - extraconfig
-            - service_names
-            - service_configs
-            - {{role.lower()}}
-            - bootstrap_node # provided by allNodesConfig
-            - all_nodes # provided by allNodesConfig
-            - vip_data # provided by allNodesConfig
-            - '"%{::osfamily}"'
-          merge_behavior: deeper
-          datafiles:
-            service_names:
-              mapped_data:
-                service_names: {get_param: ServiceNames}
-                sensu::subscriptions: {get_param: MonitoringSubscriptions}
-            service_configs:
-              mapped_data:
-                map_replace:
-                  - {get_param: ServiceConfigSettings}
-                  - values: {get_attr: [NetIpMap, net_ip_map]}
-            {{role.lower()}}_extraconfig:
-              mapped_data: {get_param: {{role}}ExtraConfig}
-            extraconfig:
-              mapped_data: {get_param: ExtraConfig}
-            {{role.lower()}}:
-              mapped_data:
-                tripleo::packages::enable_upgrade: {get_input: enable_package_upgrade}
-                tripleo::profile::base::logging::fluentd::fluentd_sources: {get_param: LoggingSources}
-                tripleo::profile::base::logging::fluentd::fluentd_groups: {get_param: LoggingGroups}
+        hierarchy:
+          - '"%{::uuid}"'
+          - heat_config_%{::deploy_config_name}
+          - {{role.lower()}}_extraconfig
+          - extraconfig
+          - service_names
+          - service_configs
+          - {{role.lower()}}
+          - bootstrap_node # provided by allNodesConfig
+          - all_nodes # provided by allNodesConfig
+          - vip_data # provided by allNodesConfig
+          - '"%{::osfamily}"'
+        merge_behavior: deeper
+        datafiles:
+          service_names:
+            service_names: {get_param: ServiceNames}
+            sensu::subscriptions: {get_param: MonitoringSubscriptions}
+          service_configs:
+            map_replace:
+              - {get_param: ServiceConfigSettings}
+              - values: {get_attr: [NetIpMap, net_ip_map]}
+          {{role.lower()}}_extraconfig: {get_param: {{role}}ExtraConfig}
+          extraconfig: {get_param: ExtraConfig}
+          {{role.lower()}}:
+            tripleo::packages::enable_upgrade: {get_input: enable_package_upgrade}
+            tripleo::profile::base::logging::fluentd::fluentd_sources: {get_param: LoggingSources}
+            tripleo::profile::base::logging::fluentd::fluentd_groups: {get_param: LoggingGroups}
 
   # Resource for site-specific injection of root certificate
   NodeTLSCAData:
diff --git a/puppet/services/aodh-api.yaml b/puppet/services/aodh-api.yaml
index daed166..347a8c1 100644 (file)
--- a/puppet/services/aodh-api.yaml
+++ b/puppet/services/aodh-api.yaml
@@ -55,7 +55,7 @@ outputs:
             aodh::wsgi::apache::servername:
               str_replace:
                 template:
-                  '"%{::fqdn_$NETWORK}"'
+                  '%{::fqdn_$NETWORK}'
                 params:
                   $NETWORK: {get_param: [ServiceNetMap, AodhApiNetwork]}
             aodh::api::service_name: 'httpd'
@@ -68,7 +68,7 @@ outputs:
             aodh::api::host:
               str_replace:
                 template:
-                  '"%{::fqdn_$NETWORK}"'
+                  '%{::fqdn_$NETWORK}'
                 params:
                   $NETWORK: {get_param: [ServiceNetMap, AodhApiNetwork]}
             # NOTE: bind IP is found in Heat replacing the network name with the
diff --git a/puppet/services/barbican-api.yaml b/puppet/services/barbican-api.yaml
index b266674..1a5e913 100644 (file)
--- a/puppet/services/barbican-api.yaml
+++ b/puppet/services/barbican-api.yaml
@@ -24,7 +24,7 @@ parameters:
     hidden: true
   BarbicanWorkers:
     description: Set the number of workers for barbican::wsgi::apache
-    default: '"%{::processorcount}"'
+    default: '%{::processorcount}'
     type: string
   Debug:
     default: ''
@@ -93,7 +93,7 @@ outputs:
             barbican::wsgi::apache::servername:
               str_replace:
                 template:
-                  '"%{::fqdn_$NETWORK}"'
+                  '%{::fqdn_$NETWORK}'
                 params:
                   $NETWORK: {get_param: [ServiceNetMap, BarbicanApiNetwork]}
             barbican::db::database_connection:
diff --git a/puppet/services/ceilometer-api.yaml b/puppet/services/ceilometer-api.yaml
index 97b255a..2f34f24 100644 (file)
--- a/puppet/services/ceilometer-api.yaml
+++ b/puppet/services/ceilometer-api.yaml
@@ -75,7 +75,7 @@ outputs:
             ceilometer::api::host:
               str_replace:
                 template:
-                  '"%{::fqdn_$NETWORK}"'
+                  '%{::fqdn_$NETWORK}'
                 params:
                   $NETWORK: {get_param: [ServiceNetMap, CeilometerApiNetwork]}
             ceilometer::wsgi::apache::bind_host: {get_param: [ServiceNetMap, CeilometerApiNetwork]}
@@ -83,7 +83,7 @@ outputs:
             ceilometer::wsgi::apache::servername:
               str_replace:
                 template:
-                  '"%{::fqdn_$NETWORK}"'
+                  '%{::fqdn_$NETWORK}'
                 params:
                   $NETWORK: {get_param: [ServiceNetMap, CeilometerApiNetwork]}
       service_config_settings:
diff --git a/puppet/services/ceph-base.yaml b/puppet/services/ceph-base.yaml
index 786e9dd..8faf564 100644 (file)
--- a/puppet/services/ceph-base.yaml
+++ b/puppet/services/ceph-base.yaml
@@ -119,36 +119,33 @@ outputs:
               NETWORK: {get_param: [ServiceNetMap, CephMonNetwork]}
         ceph::profile::params::public_addr: {get_param: [ServiceNetMap, CephMonNetwork]}
         ceph::profile::params::client_keys:
-          str_replace:
-            template: "{
-              client.admin: {
-                secret: 'ADMIN_KEY',
-                mode: '0600',
-                cap_mon: 'allow *',
-                cap_osd: 'allow *',
+          map_replace:
+            - client.admin:
+                secret: {get_param: CephAdminKey}
+                mode: '0600'
+                cap_mon: 'allow *'
+                cap_osd: 'allow *'
                 cap_mds: 'allow *'
-              },
-              client.bootstrap-osd: {
-                secret: 'ADMIN_KEY',
-                keyring_path: '/var/lib/ceph/bootstrap-osd/ceph.keyring',
+              client.bootstrap-osd:
+                secret: {get_param: CephAdminKey}
+                keyring_path: '/var/lib/ceph/bootstrap-osd/ceph.keyring'
                 cap_mon: 'allow profile bootstrap-osd'
-              },
-              client.CLIENT_USER: {
-                secret: 'CLIENT_KEY',
-                mode: '0644',
-                cap_mon: 'allow r',
-                cap_osd: 'allow class-read object_prefix rbd_children, allow rwx pool=CINDER_POOL, allow rwx pool=CINDERBACKUP_POOL, allow rwx pool=NOVA_POOL, allow rwx pool=GLANCE_POOL, allow rwx pool=GNOCCHI_POOL'
-              }
-            }"
-            params:
-              CLIENT_USER: {get_param: CephClientUserName}
-              CLIENT_KEY: {get_param: CephClientKey}
-              ADMIN_KEY: {get_param: CephAdminKey}
-              NOVA_POOL: {get_param: NovaRbdPoolName}
-              CINDER_POOL: {get_param: CinderRbdPoolName}
-              CINDERBACKUP_POOL: {get_param: CinderBackupRbdPoolName}
-              GLANCE_POOL: {get_param: GlanceRbdPoolName}
-              GNOCCHI_POOL: {get_param: GnocchiRbdPoolName}
+              CEPH_CLIENT_KEY:
+                secret: {get_param: CephClientKey}
+                mode: '0644'
+                cap_mon: 'allow r'
+                cap_osd:
+                  str_replace:
+                    template: 'allow class-read object_prefix rbd_children, allow rwx pool=CINDER_POOL, allow rwx pool=CINDERBACKUP_POOL, allow rwx pool=NOVA_POOL, allow rwx pool=GLANCE_POOL, allow rwx pool=GNOCCHI_POOL'
+                    params:
+                      NOVA_POOL: {get_param: NovaRbdPoolName}
+                      CINDER_POOL: {get_param: CinderRbdPoolName}
+                      CINDERBACKUP_POOL: {get_param: CinderBackupRbdPoolName}
+                      GLANCE_POOL: {get_param: GlanceRbdPoolName}
+                      GNOCCHI_POOL: {get_param: GnocchiRbdPoolName}
+            - keys:
+                CEPH_CLIENT_KEY:
+                  list_join: ['.', ['client', {get_param: CephClientUserName}]]
       service_config_settings:
         glance_api:
           glance::api::show_multiple_locations: {if: [glance_multiple_locations, true, false]}
diff --git a/puppet/services/cinder-api.yaml b/puppet/services/cinder-api.yaml
index 803d8b8..8d57418 100644 (file)
--- a/puppet/services/cinder-api.yaml
+++ b/puppet/services/cinder-api.yaml
@@ -42,7 +42,7 @@ parameters:
   CinderWorkers:
     type: string
     description: Set the number of workers for cinder::wsgi::apache
-    default: '"%{::os_workers}"'
+    default: '%{::os_workers}'
   EnableInternalTLS:
     type: boolean
     default: false
@@ -101,7 +101,7 @@ outputs:
             cinder::api::bind_host:
               str_replace:
                 template:
-                  '"%{::fqdn_$NETWORK}"'
+                  '%{::fqdn_$NETWORK}'
                 params:
                   $NETWORK: {get_param: [ServiceNetMap, CinderApiNetwork]}
             cinder::wsgi::apache::ssl: {get_param: EnableInternalTLS}
@@ -115,7 +115,7 @@ outputs:
             cinder::wsgi::apache::servername:
               str_replace:
                 template:
-                  '"%{::fqdn_$NETWORK}"'
+                  '%{::fqdn_$NETWORK}'
                 params:
                   $NETWORK: {get_param: [ServiceNetMap, CinderApiNetwork]}
           -
diff --git a/puppet/services/database/mysql.yaml b/puppet/services/database/mysql.yaml
index 651bf4b..bed8f7d 100644 (file)
--- a/puppet/services/database/mysql.yaml
+++ b/puppet/services/database/mysql.yaml
@@ -87,7 +87,7 @@ outputs:
             tripleo::profile::base::database::mysql::bind_address:
               str_replace:
                 template:
-                  '"%{::fqdn_$NETWORK}"'
+                  '%{::fqdn_$NETWORK}'
                 params:
                   $NETWORK: {get_param: [ServiceNetMap, MysqlNetwork]}
       step_config: |
diff --git a/puppet/services/database/redis-base.yaml b/puppet/services/database/redis-base.yaml
index 4ed3c00..2fab0eb 100644 (file)
--- a/puppet/services/database/redis-base.yaml
+++ b/puppet/services/database/redis-base.yaml
@@ -39,6 +39,6 @@ outputs:
         # internal_api_subnet - > IP/CIDR
         redis::bind: {get_param: [ServiceNetMap, RedisNetwork]}
         redis::port: 6379
-        redis::sentinel::master_name: '"%{hiera(\"bootstrap_nodeid\")}"'
-        redis::sentinel::redis_host: '"%{hiera(\"bootstrap_nodeid_ip\")}"'
+        redis::sentinel::master_name: "%{hiera('bootstrap_nodeid')}"
+        redis::sentinel::redis_host: "%{hiera('bootstrap_nodeid_ip')}"
         redis::sentinel::notification_script: '/usr/local/bin/redis-notifications.sh'
diff --git a/puppet/services/gnocchi-api.yaml b/puppet/services/gnocchi-api.yaml
index ac15de4..d5f8e62 100644 (file)
--- a/puppet/services/gnocchi-api.yaml
+++ b/puppet/services/gnocchi-api.yaml
@@ -91,7 +91,7 @@ outputs:
             gnocchi::wsgi::apache::servername:
               str_replace:
                 template:
-                  '"%{::fqdn_$NETWORK}"'
+                  '%{::fqdn_$NETWORK}'
                 params:
                   $NETWORK: {get_param: [ServiceNetMap, GnocchiApiNetwork]}
             tripleo::profile::base::gnocchi::api::gnocchi_backend: {get_param: GnocchiBackend}
@@ -105,7 +105,7 @@ outputs:
             gnocchi::api::host:
               str_replace:
                 template:
-                  '"%{::fqdn_$NETWORK}"'
+                  '%{::fqdn_$NETWORK}'
                 params:
                   $NETWORK: {get_param: [ServiceNetMap, GnocchiApiNetwork]}
 
diff --git a/puppet/services/ironic-conductor.yaml b/puppet/services/ironic-conductor.yaml
index 4ac9fc3..f173aa6 100644 (file)
--- a/puppet/services/ironic-conductor.yaml
+++ b/puppet/services/ironic-conductor.yaml
@@ -68,7 +68,7 @@ outputs:
               list_join:
                 - ''
                 - - 'http://'
-                  - '%{hiera("ironic_conductor_http_host")}:'
+                  - "%{hiera('ironic_conductor_http_host')}:"
                   - {get_param: IronicIPXEPort}
             ironic::drivers::pxe::ipxe_enabled: {get_param: IronicIPXEEnabled}
             ironic::glance_api_servers: {get_param: [EndpointMap, GlanceInternal, uri]}
diff --git a/puppet/services/keepalived.yaml b/puppet/services/keepalived.yaml
index fb0d32b..6f2c44e 100644 (file)
--- a/puppet/services/keepalived.yaml
+++ b/puppet/services/keepalived.yaml
@@ -1,4 +1,4 @@
-heat_template_version: 2016-04-08
+heat_template_version: 2016-10-14
 
 description: >
   Keepalived service configured with Puppet
@@ -36,6 +36,11 @@ parameters:
     default: 'overcloud-keepalived'
     type: string
 
+conditions:
+
+  control_iface_empty: {equals : [{get_param: ControlVirtualInterface}, '']}
+  public_iface_empty: {equals : [{get_param: PublicVirtualInterface}, '']}
+
 outputs:
   role_data:
     description: Role data for the Keepalived role.
@@ -43,10 +48,19 @@ outputs:
       service_name: keepalived
       monitoring_subscription: {get_param: MonitoringSubscriptionKeepalived}
       config_settings:
-        tripleo::keepalived::control_virtual_interface: {get_param: ControlVirtualInterface}
-        tripleo::keepalived::public_virtual_interface: {get_param: PublicVirtualInterface}
-        tripleo.keepalived.firewall_rules:
-          '106 keepalived vrrp':
-            proto: vrrp
+        map_merge:
+        - tripleo.keepalived.firewall_rules:
+            '106 keepalived vrrp':
+              proto: vrrp
+        - 
+          if:
+          - control_iface_empty
+          - {}
+          - tripleo::keepalived::control_virtual_interface: {get_param: ControlVirtualInterface}
+        - 
+          if:
+          - public_iface_empty
+          - {}
+          - tripleo::keepalived::public_virtual_interface: {get_param: PublicVirtualInterface}
       step_config: |
         include ::tripleo::profile::base::keepalived
diff --git a/puppet/services/keystone.yaml b/puppet/services/keystone.yaml
index fe023a6..c2a282d 100644 (file)
--- a/puppet/services/keystone.yaml
+++ b/puppet/services/keystone.yaml
@@ -89,7 +89,7 @@ parameters:
   KeystoneWorkers:
     type: string
     description: Set the number of workers for keystone::wsgi::apache
-    default: '"%{::os_workers}"'
+    default: '%{::os_workers}'
   MonitoringSubscriptionKeystone:
     default: 'overcloud-keystone'
     type: string
@@ -195,13 +195,13 @@ outputs:
             keystone::wsgi::apache::servername:
               str_replace:
                 template:
-                  '"%{::fqdn_$NETWORK}"'
+                  '%{::fqdn_$NETWORK}'
                 params:
                   $NETWORK: {get_param: [ServiceNetMap, KeystonePublicApiNetwork]}
             keystone::wsgi::apache::servername_admin:
               str_replace:
                 template:
-                  '"%{::fqdn_$NETWORK}"'
+                  '%{::fqdn_$NETWORK}'
                 params:
                   $NETWORK: {get_param: [ServiceNetMap, KeystoneAdminApiNetwork]}
             keystone::wsgi::apache::workers: {get_param: KeystoneWorkers}
@@ -219,13 +219,13 @@ outputs:
             keystone::admin_bind_host:
               str_replace:
                 template:
-                  '"%{::fqdn_$NETWORK}"'
+                  '%{::fqdn_$NETWORK}'
                 params:
                   $NETWORK: {get_param: [ServiceNetMap, KeystoneAdminApiNetwork]}
             keystone::public_bind_host:
               str_replace:
                 template:
-                  '"%{::fqdn_$NETWORK}"'
+                  '%{::fqdn_$NETWORK}'
                 params:
                   $NETWORK: {get_param: [ServiceNetMap, KeystonePublicApiNetwork]}
             # NOTE: bind IP is found in Heat replacing the network name with the
diff --git a/puppet/services/neutron-base.yaml b/puppet/services/neutron-base.yaml
index 0b2cef0..3d03c31 100644 (file)
--- a/puppet/services/neutron-base.yaml
+++ b/puppet/services/neutron-base.yaml
@@ -84,16 +84,12 @@ outputs:
         neutron::rabbit_port: {get_param: RabbitClientPort}
         neutron::dhcp_agents_per_network: {get_param: NeutronDhcpAgentsPerNetwork}
         neutron::core_plugin: {get_param: NeutronCorePlugin}
-        neutron::service_plugins:
-          str_replace:
-            template: PLUGINS
-            params:
-              PLUGINS: {get_param: NeutronServicePlugins}
+        neutron::service_plugins: {get_param: NeutronServicePlugins}
         neutron::debug: {get_param: Debug}
         neutron::purge_config: {get_param: EnableConfigPurge}
         neutron::allow_overlapping_ips: true
         neutron::rabbit_heartbeat_timeout_threshold: 60
-        neutron::host: '"%{::fqdn}"'    #NOTE: extra quoting is needed
+        neutron::host: '%{::fqdn}'
         neutron::db::database_db_max_retries: -1
         neutron::db::database_max_retries: -1
         neutron::global_physnet_mtu: {get_param: NeutronGlobalPhysnetMtu}
diff --git a/puppet/services/neutron-metadata.yaml b/puppet/services/neutron-metadata.yaml
index 8be4c6d..c87de28 100644 (file)
--- a/puppet/services/neutron-metadata.yaml
+++ b/puppet/services/neutron-metadata.yaml
@@ -72,6 +72,6 @@ outputs:
             neutron::agents::metadata::auth_password: {get_param: NeutronPassword}
             neutron::agents::metadata::auth_url: { get_param: [EndpointMap, KeystoneAdmin, uri_no_suffix] }
             neutron::agents::metadata::auth_tenant: 'service'
-            neutron::agents::metadata::metadata_ip: '"%{hiera(\"nova_metadata_vip\")}"'
+            neutron::agents::metadata::metadata_ip: "%{hiera('nova_metadata_vip')}"
       step_config: |
         include tripleo::profile::base::neutron::metadata
diff --git a/puppet/services/neutron-ovs-agent.yaml b/puppet/services/neutron-ovs-agent.yaml
index cca0dee..e2b90b7 100644 (file)
--- a/puppet/services/neutron-ovs-agent.yaml
+++ b/puppet/services/neutron-ovs-agent.yaml
@@ -94,21 +94,9 @@ outputs:
           - neutron::agents::ml2::ovs::l2_population: {get_param: NeutronEnableL2Pop}
             neutron::agents::ml2::ovs::enable_distributed_routing: {get_param: NeutronEnableDVR}
             neutron::agents::ml2::ovs::arp_responder: {get_param: NeutronEnableARPResponder}
-            neutron::agents::ml2::ovs::bridge_mappings:
-              str_replace:
-                template: MAPPINGS
-                params:
-                  MAPPINGS: {get_param: NeutronBridgeMappings}
-            neutron::agents::ml2::ovs::tunnel_types:
-              str_replace:
-                template: TYPES
-                params:
-                  TYPES: {get_param: NeutronTunnelTypes}
-            neutron::agents::ml2::ovs::extensions:
-              str_replace:
-                template: AGENT_EXTENSIONS
-                params:
-                  AGENT_EXTENSIONS: {get_param: NeutronAgentExtensions}
+            neutron::agents::ml2::ovs::bridge_mappings: {get_param: NeutronBridgeMappings}
+            neutron::agents::ml2::ovs::tunnel_types: {get_param: NeutronTunnelTypes}
+            neutron::agents::ml2::ovs::extensions: {get_param: NeutronAgentExtensions}
             # NOTE: bind IP is found in Heat replacing the network name with the
             # local node IP for the given network; replacement examples
             # (eg. for internal_api):
diff --git a/puppet/services/neutron-plugin-ml2.yaml b/puppet/services/neutron-plugin-ml2.yaml
index 5dbae3d..88b5064 100644 (file)
--- a/puppet/services/neutron-plugin-ml2.yaml
+++ b/puppet/services/neutron-plugin-ml2.yaml
@@ -83,46 +83,14 @@ outputs:
       config_settings:
         map_merge:
           - get_attr: [NeutronBase, role_data, config_settings]
-          - neutron::plugins::ml2::mechanism_drivers:
-              str_replace:
-                template: MECHANISMS
-                params:
-                  MECHANISMS: {get_param: NeutronMechanismDrivers}
-            neutron::plugins::ml2::type_drivers:
-              str_replace:
-                template: DRIVERS
-                params:
-                  DRIVERS: {get_param: NeutronTypeDrivers}
-            neutron::plugins::ml2::flat_networks:
-              str_replace:
-                template: NETWORKS
-                params:
-                  NETWORKS: {get_param: NeutronFlatNetworks}
-            neutron::plugins::ml2::extension_drivers:
-              str_replace:
-                template: PLUGIN_EXTENSIONS
-                params:
-                  PLUGIN_EXTENSIONS: {get_param: NeutronPluginExtensions}
-            neutron::plugins::ml2::network_vlan_ranges:
-              str_replace:
-                template: RANGES
-                params:
-                  RANGES: {get_param: NeutronNetworkVLANRanges}
-            neutron::plugins::ml2::tunnel_id_ranges:
-              str_replace:
-                template: RANGES
-                params:
-                  RANGES: {get_param: NeutronTunnelIdRanges}
-            neutron::plugins::ml2::vni_ranges:
-              str_replace:
-                template: RANGES
-                params:
-                  RANGES: {get_param: NeutronVniRanges}
-            neutron::plugins::ml2::tenant_network_types:
-              str_replace:
-                template: TYPES
-                params:
-                  TYPES: {get_param: NeutronNetworkType}
+          - neutron::plugins::ml2::mechanism_drivers: {get_param: NeutronMechanismDrivers}
+            neutron::plugins::ml2::type_drivers: {get_param: NeutronTypeDrivers}
+            neutron::plugins::ml2::flat_networks: {get_param: NeutronFlatNetworks}
+            neutron::plugins::ml2::extension_drivers: {get_param: NeutronPluginExtensions}
+            neutron::plugins::ml2::network_vlan_ranges: {get_param: NeutronNetworkVLANRanges}
+            neutron::plugins::ml2::tunnel_id_ranges: {get_param: NeutronTunnelIdRanges}
+            neutron::plugins::ml2::vni_ranges: {get_param: NeutronVniRanges}
+            neutron::plugins::ml2::tenant_network_types: {get_param: NeutronNetworkType}
             neutron::plugins::ml2::supported_pci_vendor_devs: {get_param: NeutronSupportedPCIVendorDevs}
 
       step_config: |
diff --git a/puppet/services/nova-api.yaml b/puppet/services/nova-api.yaml
index 49bd84b..c4d5c6b 100644 (file)
--- a/puppet/services/nova-api.yaml
+++ b/puppet/services/nova-api.yaml
@@ -87,8 +87,8 @@ outputs:
         map_merge:
         - get_attr: [NovaBase, role_data, config_settings]
         - get_attr: [ApacheServiceBase, role_data, config_settings]
-        - nova::cron::archive_deleted_rows::hour: '"*/12"'
-          nova::cron::archive_deleted_rows::destination: '"/dev/null"'
+        - nova::cron::archive_deleted_rows::hour: '*/12'
+          nova::cron::archive_deleted_rows::destination: '/dev/null'
           tripleo.nova_api.firewall_rules:
             '113 nova_api':
               dport:
@@ -108,7 +108,7 @@ outputs:
           nova::api::api_bind_address:
             str_replace:
               template:
-                '"%{::fqdn_$NETWORK}"'
+                '%{::fqdn_$NETWORK}'
               params:
                 $NETWORK: {get_param: [ServiceNetMap, NovaApiNetwork]}
           nova::api::service_name: 'httpd'
@@ -122,7 +122,7 @@ outputs:
           nova::wsgi::apache::servername:
             str_replace:
               template:
-                '"%{::fqdn_$NETWORK}"'
+                '%{::fqdn_$NETWORK}'
               params:
                 $NETWORK: {get_param: [ServiceNetMap, NovaApiNetwork]}
           nova::api::neutron_metadata_proxy_shared_secret: {get_param: NeutronMetadataProxySharedSecret}
diff --git a/puppet/services/nova-base.yaml b/puppet/services/nova-base.yaml
index 74a95d2..20bf2e4 100644 (file)
--- a/puppet/services/nova-base.yaml
+++ b/puppet/services/nova-base.yaml
@@ -109,7 +109,7 @@ outputs:
           nova::network::neutron::neutron_auth_url: {get_param: [EndpointMap, KeystoneV3Admin, uri]}
           nova::rabbit_heartbeat_timeout_threshold: 60
           nova::cinder_catalog_info: 'volumev2:cinderv2:internalURL'
-          nova::host: '"%{::fqdn}"'    # NOTE: extra quoting is needed.
+          nova::host: '%{::fqdn}'
           nova::notify_on_state_change: 'vm_and_task_state'
           nova::notification_driver: messagingv2
           nova::network::neutron::neutron_auth_type: 'v3password'
diff --git a/puppet/services/nova-compute.yaml b/puppet/services/nova-compute.yaml
index f7f2510..908b676 100644 (file)
--- a/puppet/services/nova-compute.yaml
+++ b/puppet/services/nova-compute.yaml
@@ -52,7 +52,7 @@ parameters:
       For different formats, refer to the nova.conf documentation for
       pci_passthrough_whitelist configuration
     type: json
-    default: ''
+    default: {}
   NovaVcpuPinSet:
     description: >
       A list or range of physical CPU cores to reserve for virtual machine
@@ -97,11 +97,7 @@ outputs:
         map_merge:
           - get_attr: [NovaBase, role_data, config_settings]
           - nova::compute::libvirt::manage_libvirt_services: false
-            nova::compute::pci_passthrough:
-              str_replace:
-                template: "'JSON_PARAM'"
-                params:
-                  JSON_PARAM: {get_param: NovaPCIPassthrough}
+            nova::compute::pci_passthrough: {get_param: NovaPCIPassthrough}
             nova::compute::vcpu_pin_set: {get_param: NovaVcpuPinSet}
             nova::compute::reserved_host_memory: {get_param: NovaReservedHostMemory}
             # we manage migration in nova common puppet profile
@@ -117,7 +113,7 @@ outputs:
               - '.'
               - - 'client'
                 - {get_param: CephClientUserName}
-            nova::compute::rbd::libvirt_rbd_secret_uuid: '"%{hiera(\"ceph::profile::params::fsid\")}"'
+            nova::compute::rbd::libvirt_rbd_secret_uuid: "%{hiera('ceph::profile::params::fsid')}"
             nova::compute::instance_usage_audit: true
             nova::compute::instance_usage_audit_period: 'hour'
             nova::compute::rbd::ephemeral_storage: {get_param: NovaEnableRbdBackend}
diff --git a/puppet/services/pacemaker/database/mysql.yaml b/puppet/services/pacemaker/database/mysql.yaml
index 7deaf0c..ea3d8ab 100644 (file)
--- a/puppet/services/pacemaker/database/mysql.yaml
+++ b/puppet/services/pacemaker/database/mysql.yaml
@@ -40,7 +40,7 @@ outputs:
           - tripleo::profile::pacemaker::database::mysql::bind_address:
               str_replace:
                 template:
-                  '"%{::fqdn_$NETWORK}"'
+                  '%{::fqdn_$NETWORK}'
                 params:
                   $NETWORK: {get_param: [ServiceNetMap, MysqlNetwork]}
             # NOTE: bind IP is found in Heat replacing the network name with the
diff --git a/puppet/services/panko-api.yaml b/puppet/services/panko-api.yaml
index 63f631a..700edc7 100644 (file)
--- a/puppet/services/panko-api.yaml
+++ b/puppet/services/panko-api.yaml
@@ -55,7 +55,7 @@ outputs:
             panko::wsgi::apache::servername:
               str_replace:
                 template:
-                  '"%{::fqdn_$NETWORK}"'
+                  '%{::fqdn_$NETWORK}'
                 params:
                   $NETWORK: {get_param: [ServiceNetMap, PankoApiNetwork]}
             panko::api::service_name: 'httpd'
@@ -68,7 +68,7 @@ outputs:
             panko::api::host:
               str_replace:
                 template:
-                  '"%{::fqdn_$NETWORK}"'
+                  '%{::fqdn_$NETWORK}'
                 params:
                   $NETWORK: {get_param: [ServiceNetMap, PankoApiNetwork]}
             # NOTE: bind IP is found in Heat replacing the network name with the