Browse Source

Hiera optimization: use a new hiera hook

This patch optimizes how we deploy hiera by using a new
heat hook specifically designed to help compose hiera
within heat templates. As part of this change:

 - we update all the 'hiera' software configurations to set the group to hiera
   instead of os-apply-config.

 - The new format uses JSON instead of YAML. The hook actually writes
   out the hiera JSON directly so no conversion takes place. Arrays,
   Strings, Booleans all stay in their native formats. As such we can avoid
   having to do many of the awkward string and list conversions in t-h-t to
   support the previous YAML formatting.

 - The new hook prefers JSON over YAML so upgrading users will have the
   new files prefered. (we will post a cleanup routine for the old files
   soon but this isn't a new behavior, JSON is now simply prefered.)

 - A lot of services required edits to account for default settings that
   worked in YAML that no longer work correctly in the native JSON
   format. In almost all these cases I think the resulting codes looks
   cleaner and is more explicit with regards to what is getting
   configured in hiera on the actual nodes.

Depends-On: I6a383b1ad4ec29458569763bd3f56fd3f2bd726b
Closes-bug: #1596373

Change-Id: Ibe7e2044e200e2c947223286fdf4fd5bcf98c2e1
changes/57/384757/26
Dan Prince 5 years ago
parent
commit
7876851011
  1. 244
      puppet/all-nodes-config.yaml
  2. 58
      puppet/blockstorage-role.yaml
  3. 58
      puppet/cephstorage-role.yaml
  4. 70
      puppet/compute-role.yaml
  5. 92
      puppet/controller-role.yaml
  6. 59
      puppet/objectstorage-role.yaml
  7. 62
      puppet/role.role.j2.yaml
  8. 4
      puppet/services/aodh-api.yaml
  9. 4
      puppet/services/barbican-api.yaml
  10. 4
      puppet/services/ceilometer-api.yaml
  11. 53
      puppet/services/ceph-base.yaml
  12. 6
      puppet/services/cinder-api.yaml
  13. 2
      puppet/services/database/mysql.yaml
  14. 4
      puppet/services/database/redis-base.yaml
  15. 4
      puppet/services/gnocchi-api.yaml
  16. 2
      puppet/services/ironic-conductor.yaml
  17. 26
      puppet/services/keepalived.yaml
  18. 10
      puppet/services/keystone.yaml
  19. 8
      puppet/services/neutron-base.yaml
  20. 2
      puppet/services/neutron-metadata.yaml
  21. 18
      puppet/services/neutron-ovs-agent.yaml
  22. 48
      puppet/services/neutron-plugin-ml2.yaml
  23. 8
      puppet/services/nova-api.yaml
  24. 2
      puppet/services/nova-base.yaml
  25. 10
      puppet/services/nova-compute.yaml
  26. 2
      puppet/services/pacemaker/database/mysql.yaml
  27. 4
      puppet/services/panko-api.yaml

244
puppet/all-nodes-config.yaml

@ -71,140 +71,132 @@ resources:
allNodesConfigImpl:
type: OS::Heat::StructuredConfig
properties:
group: os-apply-config
group: hiera
config:
hiera:
datafiles:
bootstrap_node:
mapped_data:
bootstrap_nodeid: {get_input: bootstrap_nodeid}
bootstrap_nodeid_ip: {get_input: bootstrap_nodeid_ip}
all_nodes:
mapped_data:
map_merge:
- tripleo::profile::base::logging::fluentd::fluentd_sources: {get_param: logging_sources}
- tripleo::profile::base::logging::fluentd::fluentd_groups: {get_param: logging_groups}
- enabled_services: {get_param: enabled_services}
# This writes out a mapping of service_name_enabled: 'true'
# For any services not enabled, hiera foo_enabled will
# return nil, as it's undefined
- map_merge:
repeat:
template:
# Note this must be string 'true' due to
# https://bugs.launchpad.net/heat/+bug/1617203
SERVICE_enabled: 'true'
for_each:
SERVICE:
str_split: [',', {get_param: enabled_services}]
# Dynamically generate per-service network data
# This works as follows (outer->inner functions)
# yaql - filters services where no mapping exists in ServiceNetMap
# map_replace: substitute e.g heat_api_network with network name from ServiceNetMap
# map_merge/repeat: generate a per-service mapping
- yaql:
# This filters any entries where the value hasn't been substituted for
# a list, e.g it's still $service_network. This happens when there is
# no network defined for the service in the ServiceNetMap, which is OK
# as not all services have to be bound to a network, so we filter them
expression: dict($.data.map.items().where(isString($[1]) and not $[1].endsWith("_network")))
data:
map:
map_replace:
datafiles:
bootstrap_node:
bootstrap_nodeid: {get_input: bootstrap_nodeid}
bootstrap_nodeid_ip: {get_input: bootstrap_nodeid_ip}
all_nodes:
map_merge:
- tripleo::profile::base::logging::fluentd::fluentd_sources: {get_param: logging_sources}
- tripleo::profile::base::logging::fluentd::fluentd_groups: {get_param: logging_groups}
- enabled_services: {get_param: enabled_services}
# This writes out a mapping of service_name_enabled: 'true'
# For any services not enabled, hiera foo_enabled will
# return nil, as it's undefined
- map_merge:
repeat:
template:
# Note this must be string 'true' due to
# https://bugs.launchpad.net/heat/+bug/1617203
SERVICE_enabled: 'true'
for_each:
SERVICE:
str_split: [',', {get_param: enabled_services}]
# Dynamically generate per-service network data
# This works as follows (outer->inner functions)
# yaql - filters services where no mapping exists in ServiceNetMap
# map_replace: substitute e.g heat_api_network with network name from ServiceNetMap
# map_merge/repeat: generate a per-service mapping
- yaql:
# This filters any entries where the value hasn't been substituted for
# a list, e.g it's still $service_network. This happens when there is
# no network defined for the service in the ServiceNetMap, which is OK
# as not all services have to be bound to a network, so we filter them
expression: dict($.data.map.items().where(isString($[1]) and not $[1].endsWith("_network")))
data:
map:
map_replace:
- map_merge:
repeat:
template:
SERVICE_network: SERVICE_network
for_each:
SERVICE:
str_split: [',', {get_param: enabled_services}]
- values: {get_param: ServiceNetMap}
# Keystone doesn't provide separate entries for the public
# and admin endpoints, so we need to add them here manually
# like we do in the vip-config below
- keystone_admin_api_network: {get_param: [ServiceNetMap, keystone_admin_api_network]}
keystone_public_api_network: {get_param: [ServiceNetMap, keystone_public_api_network]}
# provides a mapping of service_name_ips to a list of IPs
- {get_param: service_ips}
- {get_param: service_node_names}
- {get_param: short_service_node_names}
- controller_node_ips:
list_join:
- ','
- {get_param: controller_ips}
controller_node_names:
list_join:
- ','
- {get_param: controller_names}
memcached_node_ips_v6:
repeat:
template: "inet6:[NAME]"
for_each:
NAME: {get_param: memcache_node_ips}
deploy_identifier: {get_param: DeployIdentifier}
update_identifier: {get_param: UpdateIdentifier}
stack_action: {get_param: StackAction}
vip_data:
map_merge:
# Dynamically generate per-service VIP data based on enabled_services
# This works as follows (outer->inner functions)
# yaql - filters services where no mapping exists in ServiceNetMap
# map_replace: substitute e.g internal_api with the IP from NetVipMap
# map_replace: substitute e.g heat_api_network with network name from ServiceNetMap
# map_merge/repeat: generate a per-service mapping
- yaql:
# This filters any entries where the value hasn't been substituted for
# a list, e.g it's still $service_network. This happens when there is
# no network defined for the service in the ServiceNetMap, which is OK
# as not all services have to be bound to a network, so we filter them
expression: dict($.data.map.items().where(isString($[1]) and not $[1].endsWith("_network")))
data:
map:
map_replace:
- map_replace:
- map_merge:
repeat:
template:
SERVICE_network: SERVICE_network
SERVICE_vip: SERVICE_network
for_each:
SERVICE:
str_split: [',', {get_param: enabled_services}]
- values: {get_param: ServiceNetMap}
# Keystone doesn't provide separate entries for the public
# and admin endpoints, so we need to add them here manually
# like we do in the vip-config below
- keystone_admin_api_network: {get_param: [ServiceNetMap, keystone_admin_api_network]}
keystone_public_api_network: {get_param: [ServiceNetMap, keystone_public_api_network]}
# provides a mapping of service_name_ips to a list of IPs
- {get_param: service_ips}
- {get_param: service_node_names}
- {get_param: short_service_node_names}
- controller_node_ips:
list_join:
- ','
- {get_param: controller_ips}
controller_node_names:
list_join:
- ','
- {get_param: controller_names}
memcached_node_ips_v6:
str_replace:
template: "['inet6:[SERVERS_LIST]']"
params:
SERVERS_LIST:
list_join:
- "]','inet6:["
- {get_param: memcache_node_ips}
deploy_identifier: {get_param: DeployIdentifier}
update_identifier: {get_param: UpdateIdentifier}
stack_action: {get_param: StackAction}
vip_data:
mapped_data:
map_merge:
# Dynamically generate per-service VIP data based on enabled_services
# This works as follows (outer->inner functions)
# yaql - filters services where no mapping exists in ServiceNetMap
# map_replace: substitute e.g internal_api with the IP from NetVipMap
# map_replace: substitute e.g heat_api_network with network name from ServiceNetMap
# map_merge/repeat: generate a per-service mapping
- yaql:
# This filters any entries where the value hasn't been substituted for
# a list, e.g it's still $service_network. This happens when there is
# no network defined for the service in the ServiceNetMap, which is OK
# as not all services have to be bound to a network, so we filter them
expression: dict($.data.map.items().where(isString($[1]) and not $[1].endsWith("_network")))
data:
map:
map_replace:
- map_replace:
- map_merge:
repeat:
template:
SERVICE_vip: SERVICE_network
for_each:
SERVICE:
str_split: [',', {get_param: enabled_services}]
- values: {get_param: ServiceNetMap}
- values: {get_param: NetVipMap}
- keystone_admin_api_vip:
get_param: [NetVipMap, {get_param: [ServiceNetMap, keystone_admin_api_network]}]
keystone_public_api_vip:
get_param: [NetVipMap, {get_param: [ServiceNetMap, keystone_public_api_network]}]
public_virtual_ip: {get_param: [NetVipMap, external]}
controller_virtual_ip: {get_param: [NetVipMap, ctlplane]}
internal_api_virtual_ip: {get_param: [NetVipMap, internal_api]}
storage_virtual_ip: {get_param: [NetVipMap, storage]}
storage_mgmt_virtual_ip: {get_param: [NetVipMap, storage_mgmt]}
redis_vip: {get_param: RedisVirtualIP}
# public_virtual_ip and controller_virtual_ip are needed in
# both HAproxy & keepalived.
tripleo::haproxy::public_virtual_ip: {get_param: [NetVipMap, external]}
tripleo::haproxy::controller_virtual_ip: {get_param: [NetVipMap, ctlplane]}
tripleo::keepalived::public_virtual_ip: {get_param: [NetVipMap, external]}
tripleo::keepalived::controller_virtual_ip: {get_param: [NetVipMap, ctlplane]}
tripleo::keepalived::internal_api_virtual_ip: {get_param: [NetVipMap, internal_api]}
tripleo::keepalived::storage_virtual_ip: {get_param: [NetVipMap, storage]}
tripleo::keepalived::storage_mgmt_virtual_ip: {get_param: [NetVipMap, storage_mgmt]}
tripleo::keepalived::redis_virtual_ip: {get_param: RedisVirtualIP}
tripleo::redis_notification::haproxy_monitor_ip: {get_param: [NetVipMap, ctlplane]}
cloud_name_external: {get_param: cloud_name_external}
cloud_name_internal_api: {get_param: cloud_name_internal_api}
cloud_name_storage: {get_param: cloud_name_storage}
cloud_name_storage_mgmt: {get_param: cloud_name_storage_mgmt}
cloud_name_ctlplane: {get_param: cloud_name_ctlplane}
# TLS parameters
certmonger_ca: {get_param: CertmongerCA}
enable_internal_tls: {get_param: EnableInternalTLS}
- values: {get_param: NetVipMap}
- keystone_admin_api_vip:
get_param: [NetVipMap, {get_param: [ServiceNetMap, keystone_admin_api_network]}]
keystone_public_api_vip:
get_param: [NetVipMap, {get_param: [ServiceNetMap, keystone_public_api_network]}]
public_virtual_ip: {get_param: [NetVipMap, external]}
controller_virtual_ip: {get_param: [NetVipMap, ctlplane]}
internal_api_virtual_ip: {get_param: [NetVipMap, internal_api]}
storage_virtual_ip: {get_param: [NetVipMap, storage]}
storage_mgmt_virtual_ip: {get_param: [NetVipMap, storage_mgmt]}
redis_vip: {get_param: RedisVirtualIP}
# public_virtual_ip and controller_virtual_ip are needed in
# both HAproxy & keepalived.
tripleo::haproxy::public_virtual_ip: {get_param: [NetVipMap, external]}
tripleo::haproxy::controller_virtual_ip: {get_param: [NetVipMap, ctlplane]}
tripleo::keepalived::public_virtual_ip: {get_param: [NetVipMap, external]}
tripleo::keepalived::controller_virtual_ip: {get_param: [NetVipMap, ctlplane]}
tripleo::keepalived::internal_api_virtual_ip: {get_param: [NetVipMap, internal_api]}
tripleo::keepalived::storage_virtual_ip: {get_param: [NetVipMap, storage]}
tripleo::keepalived::storage_mgmt_virtual_ip: {get_param: [NetVipMap, storage_mgmt]}
tripleo::keepalived::redis_virtual_ip: {get_param: RedisVirtualIP}
tripleo::redis_notification::haproxy_monitor_ip: {get_param: [NetVipMap, ctlplane]}
cloud_name_external: {get_param: cloud_name_external}
cloud_name_internal_api: {get_param: cloud_name_internal_api}
cloud_name_storage: {get_param: cloud_name_storage}
cloud_name_storage_mgmt: {get_param: cloud_name_storage_mgmt}
cloud_name_ctlplane: {get_param: cloud_name_ctlplane}
# TLS parameters
certmonger_ca: {get_param: CertmongerCA}
enable_internal_tls: {get_param: EnableInternalTLS}
outputs:
config_id:

58
puppet/blockstorage-role.yaml

@ -239,39 +239,33 @@ resources:
BlockStorageConfig:
type: OS::Heat::StructuredConfig
properties:
group: os-apply-config
group: hiera
config:
hiera:
hierarchy:
- '"%{::uuid}"'
- heat_config_%{::deploy_config_name}
- volume_extraconfig
- extraconfig
- service_names
- service_configs
- volume
- bootstrap_node # provided by allNodesConfig
- all_nodes # provided by allNodesConfig
- vip_data # provided by allNodesConfig
- '"%{::osfamily}"'
merge_behavior: deeper
datafiles:
service_names:
mapped_data:
service_names: {get_param: ServiceNames}
sensu::subscriptions: {get_param: MonitoringSubscriptions}
service_configs:
mapped_data:
map_replace:
- {get_param: ServiceConfigSettings}
- values: {get_attr: [NetIpMap, net_ip_map]}
volume_extraconfig:
mapped_data: {get_param: BlockStorageExtraConfig}
extraconfig:
mapped_data: {get_param: ExtraConfig}
volume:
mapped_data:
tripleo::packages::enable_upgrade: {get_input: enable_package_upgrade}
hierarchy:
- '"%{::uuid}"'
- heat_config_%{::deploy_config_name}
- volume_extraconfig
- extraconfig
- service_names
- service_configs
- volume
- bootstrap_node # provided by allNodesConfig
- all_nodes # provided by allNodesConfig
- vip_data # provided by allNodesConfig
- '"%{::osfamily}"'
merge_behavior: deeper
datafiles:
service_names:
service_names: {get_param: ServiceNames}
sensu::subscriptions: {get_param: MonitoringSubscriptions}
service_configs:
map_replace:
- {get_param: ServiceConfigSettings}
- values: {get_attr: [NetIpMap, net_ip_map]}
volume_extraconfig: {get_param: BlockStorageExtraConfig}
extraconfig: {get_param: ExtraConfig}
volume:
tripleo::packages::enable_upgrade: {get_input: enable_package_upgrade}
# Resource for site-specific injection of root certificate
NodeTLSCAData:

58
puppet/cephstorage-role.yaml

@ -244,39 +244,33 @@ resources:
CephStorageConfig:
type: OS::Heat::StructuredConfig
properties:
group: os-apply-config
group: hiera
config:
hiera:
hierarchy:
- '"%{::uuid}"'
- heat_config_%{::deploy_config_name}
- ceph_extraconfig
- extraconfig
- service_names
- service_configs
- ceph
- bootstrap_node # provided by allNodesConfig
- all_nodes # provided by allNodesConfig
- vip_data # provided by allNodesConfig
- '"%{::osfamily}"'
merge_behavior: deeper
datafiles:
service_names:
mapped_data:
service_names: {get_param: ServiceNames}
sensu::subscriptions: {get_param: MonitoringSubscriptions}
service_configs:
mapped_data:
map_replace:
- {get_param: ServiceConfigSettings}
- values: {get_attr: [NetIpMap, net_ip_map]}
ceph_extraconfig:
mapped_data: {get_param: CephStorageExtraConfig}
extraconfig:
mapped_data: {get_param: ExtraConfig}
ceph:
mapped_data:
tripleo::packages::enable_upgrade: {get_input: enable_package_upgrade}
hierarchy:
- '"%{::uuid}"'
- heat_config_%{::deploy_config_name}
- ceph_extraconfig
- extraconfig
- service_names
- service_configs
- ceph
- bootstrap_node # provided by allNodesConfig
- all_nodes # provided by allNodesConfig
- vip_data # provided by allNodesConfig
- '"%{::osfamily}"'
merge_behavior: deeper
datafiles:
service_names:
service_names: {get_param: ServiceNames}
sensu::subscriptions: {get_param: MonitoringSubscriptions}
service_configs:
map_replace:
- {get_param: ServiceConfigSettings}
- values: {get_attr: [NetIpMap, net_ip_map]}
ceph_extraconfig: {get_param: CephStorageExtraConfig}
extraconfig: {get_param: ExtraConfig}
ceph:
tripleo::packages::enable_upgrade: {get_input: enable_package_upgrade}
# Resource for site-specific injection of root certificate
NodeTLSCAData:

70
puppet/compute-role.yaml

@ -251,45 +251,39 @@ resources:
NovaComputeConfig:
type: OS::Heat::StructuredConfig
properties:
group: os-apply-config
group: hiera
config:
hiera:
hierarchy:
- '"%{::uuid}"'
- heat_config_%{::deploy_config_name}
- compute_extraconfig
- extraconfig
- service_names
- service_configs
- compute
- bootstrap_node # provided by allNodesConfig
- all_nodes # provided by allNodesConfig
- vip_data # provided by allNodesConfig
- '"%{::osfamily}"'
- neutron_bigswitch_data # Optionally provided by ComputeExtraConfigPre
- cisco_n1kv_data # Optionally provided by ComputeExtraConfigPre
- nova_nuage_data # Optionally provided by ComputeExtraConfigPre
- midonet_data # Optionally provided by AllNodesExtraConfig
- neutron_opencontrail_data # Optionally provided by ComputeExtraConfigPre
- cisco_aci_data # Optionally provided by ComputeExtraConfigPre
merge_behavior: deeper
datafiles:
service_names:
mapped_data:
service_names: {get_param: ServiceNames}
sensu::subscriptions: {get_param: MonitoringSubscriptions}
service_configs:
mapped_data:
map_replace:
- {get_param: ServiceConfigSettings}
- values: {get_attr: [NetIpMap, net_ip_map]}
compute_extraconfig:
mapped_data: {get_param: NovaComputeExtraConfig}
extraconfig:
mapped_data: {get_param: ExtraConfig}
compute:
mapped_data:
tripleo::packages::enable_upgrade: {get_input: enable_package_upgrade}
hierarchy:
- '"%{::uuid}"'
- heat_config_%{::deploy_config_name}
- compute_extraconfig
- extraconfig
- service_names
- service_configs
- compute
- bootstrap_node # provided by allNodesConfig
- all_nodes # provided by allNodesConfig
- vip_data # provided by allNodesConfig
- '"%{::osfamily}"'
- neutron_bigswitch_data # Optionally provided by ComputeExtraConfigPre
- cisco_n1kv_data # Optionally provided by ComputeExtraConfigPre
- nova_nuage_data # Optionally provided by ComputeExtraConfigPre
- midonet_data # Optionally provided by AllNodesExtraConfig
- neutron_opencontrail_data # Optionally provided by ComputeExtraConfigPre
- cisco_aci_data # Optionally provided by ComputeExtraConfigPre
merge_behavior: deeper
datafiles:
service_names:
service_names: {get_param: ServiceNames}
sensu::subscriptions: {get_param: MonitoringSubscriptions}
service_configs:
map_replace:
- {get_param: ServiceConfigSettings}
- values: {get_attr: [NetIpMap, net_ip_map]}
compute_extraconfig: {get_param: NovaComputeExtraConfig}
extraconfig: {get_param: ExtraConfig}
compute:
tripleo::packages::enable_upgrade: {get_input: enable_package_upgrade}
NovaComputeDeployment:
type: OS::TripleO::SoftwareDeployment

92
puppet/controller-role.yaml

@ -299,57 +299,51 @@ resources:
ControllerConfig:
type: OS::Heat::StructuredConfig
properties:
group: os-apply-config
group: hiera
config:
hiera:
hierarchy:
- '"%{::uuid}"'
- heat_config_%{::deploy_config_name}
- controller_extraconfig
- extraconfig
- service_configs
- service_names
- controller
- bootstrap_node # provided by BootstrapNodeConfig
- all_nodes # provided by allNodesConfig
- vip_data # provided by allNodesConfig
- '"%{::osfamily}"'
- cinder_dellsc_data # Optionally provided by ControllerExtraConfigPre
- cinder_netapp_data # Optionally provided by ControllerExtraConfigPre
- cinder_eqlx_data # Optionally provided by ControllerExtraConfigPre
- neutron_bigswitch_data # Optionally provided by ControllerExtraConfigPre
- neutron_cisco_data # Optionally provided by ControllerExtraConfigPre
- cisco_n1kv_data # Optionally provided by ControllerExtraConfigPre
- midonet_data #Optionally provided by AllNodesExtraConfig
- cisco_aci_data # Optionally provided by ControllerExtraConfigPre
merge_behavior: deeper
datafiles:
service_names:
mapped_data:
service_names: {get_param: ServiceNames}
sensu::subscriptions: {get_param: MonitoringSubscriptions}
service_configs:
mapped_data:
map_replace:
- {get_param: ServiceConfigSettings}
- values: {get_attr: [NetIpMap, net_ip_map]}
controller_extraconfig:
mapped_data:
map_merge:
- {get_param: controllerExtraConfig}
- {get_param: ControllerExtraConfig}
extraconfig:
mapped_data: {get_param: ExtraConfig}
controller:
mapped_data: # data supplied directly to this deployment configuration, etc
bootstack_nodeid: {get_input: bootstack_nodeid}
hierarchy:
- '"%{::uuid}"'
- heat_config_%{::deploy_config_name}
- controller_extraconfig
- extraconfig
- service_configs
- service_names
- controller
- bootstrap_node # provided by BootstrapNodeConfig
- all_nodes # provided by allNodesConfig
- vip_data # provided by allNodesConfig
- '"%{::osfamily}"'
- cinder_dellsc_data # Optionally provided by ControllerExtraConfigPre
- cinder_netapp_data # Optionally provided by ControllerExtraConfigPre
- cinder_eqlx_data # Optionally provided by ControllerExtraConfigPre
- neutron_bigswitch_data # Optionally provided by ControllerExtraConfigPre
- neutron_cisco_data # Optionally provided by ControllerExtraConfigPre
- cisco_n1kv_data # Optionally provided by ControllerExtraConfigPre
- midonet_data #Optionally provided by AllNodesExtraConfig
- cisco_aci_data # Optionally provided by ControllerExtraConfigPre
merge_behavior: deeper
datafiles:
service_names:
service_names: {get_param: ServiceNames}
sensu::subscriptions: {get_param: MonitoringSubscriptions}
service_configs:
map_replace:
- {get_param: ServiceConfigSettings}
- values: {get_attr: [NetIpMap, net_ip_map]}
controller_extraconfig:
map_merge:
- {get_param: controllerExtraConfig}
- {get_param: ControllerExtraConfig}
extraconfig: {get_param: ExtraConfig}
controller:
# data supplied directly to this deployment configuration, etc
bootstack_nodeid: {get_input: bootstack_nodeid}
# Pacemaker
enable_load_balancer: {get_input: enable_load_balancer}
# Pacemaker
enable_load_balancer: {get_input: enable_load_balancer}
# Misc
tripleo::haproxy::service_certificate: {get_attr: [NodeTLSData, deployed_ssl_certificate_path]}
tripleo::packages::enable_upgrade: {get_input: enable_package_upgrade}
# Misc
tripleo::haproxy::service_certificate: {get_attr: [NodeTLSData, deployed_ssl_certificate_path]}
tripleo::packages::enable_upgrade: {get_input: enable_package_upgrade}
# Hook for site-specific additional pre-deployment config, e.g extra hieradata
ControllerExtraConfigPre:

59
puppet/objectstorage-role.yaml

@ -228,40 +228,33 @@ resources:
SwiftStorageHieraConfig:
type: OS::Heat::StructuredConfig
properties:
group: os-apply-config
group: hiera
config:
hiera:
hierarchy:
- '"%{::uuid}"'
- heat_config_%{::deploy_config_name}
- object_extraconfig
- extraconfig
- service_names
- service_configs
- object
- bootstrap_node # provided by allNodesConfig
- all_nodes # provided by allNodesConfig
- vip_data # provided by allNodesConfig
- '"%{::osfamily}"'
merge_behavior: deeper
datafiles:
service_names:
mapped_data:
service_names: {get_param: ServiceNames}
sensu::subscriptions: {get_param: MonitoringSubscriptions}
service_configs:
mapped_data:
map_replace:
- {get_param: ServiceConfigSettings}
- values: {get_attr: [NetIpMap, net_ip_map]}
object_extraconfig:
mapped_data: {get_param: ObjectStorageExtraConfig}
extraconfig:
mapped_data: {get_param: ExtraConfig}
object:
mapped_data: # data supplied directly to this deployment configuration, etc
tripleo::packages::enable_upgrade: {get_input: enable_package_upgrade}
hierarchy:
- '"%{::uuid}"'
- heat_config_%{::deploy_config_name}
- object_extraconfig
- extraconfig
- service_names
- service_configs
- object
- bootstrap_node # provided by allNodesConfig
- all_nodes # provided by allNodesConfig
- vip_data # provided by allNodesConfig
- '"%{::osfamily}"'
merge_behavior: deeper
datafiles:
service_names:
service_names: {get_param: ServiceNames}
sensu::subscriptions: {get_param: MonitoringSubscriptions}
service_configs:
map_replace:
- {get_param: ServiceConfigSettings}
- values: {get_attr: [NetIpMap, net_ip_map]}
object_extraconfig: {get_param: ObjectStorageExtraConfig}
extraconfig: {get_param: ExtraConfig}
object:
tripleo::packages::enable_upgrade: {get_input: enable_package_upgrade}
SwiftStorageHieraDeploy:
type: OS::Heat::StructuredDeployment

62
puppet/role.role.j2.yaml

@ -250,41 +250,35 @@ resources:
{{role}}Config:
type: OS::Heat::StructuredConfig
properties:
group: os-apply-config
group: hiera
config:
hiera:
hierarchy:
- '"%{::uuid}"'
- heat_config_%{::deploy_config_name}
- {{role.lower()}}_extraconfig
- extraconfig
- service_names
- service_configs
- {{role.lower()}}
- bootstrap_node # provided by allNodesConfig
- all_nodes # provided by allNodesConfig
- vip_data # provided by allNodesConfig
- '"%{::osfamily}"'
merge_behavior: deeper
datafiles:
service_names:
mapped_data:
service_names: {get_param: ServiceNames}
sensu::subscriptions: {get_param: MonitoringSubscriptions}
service_configs:
mapped_data:
map_replace:
- {get_param: ServiceConfigSettings}
- values: {get_attr: [NetIpMap, net_ip_map]}
{{role.lower()}}_extraconfig:
mapped_data: {get_param: {{role}}ExtraConfig}
extraconfig:
mapped_data: {get_param: ExtraConfig}
{{role.lower()}}:
mapped_data:
tripleo::packages::enable_upgrade: {get_input: enable_package_upgrade}
tripleo::profile::base::logging::fluentd::fluentd_sources: {get_param: LoggingSources}
tripleo::profile::base::logging::fluentd::fluentd_groups: {get_param: LoggingGroups}
hierarchy:
- '"%{::uuid}"'
- heat_config_%{::deploy_config_name}
- {{role.lower()}}_extraconfig
- extraconfig
- service_names
- service_configs
- {{role.lower()}}
- bootstrap_node # provided by allNodesConfig
- all_nodes # provided by allNodesConfig
- vip_data # provided by allNodesConfig
- '"%{::osfamily}"'
merge_behavior: deeper
datafiles:
service_names:
service_names: {get_param: ServiceNames}
sensu::subscriptions: {get_param: MonitoringSubscriptions}
service_configs:
map_replace:
- {get_param: ServiceConfigSettings}
- values: {get_attr: [NetIpMap, net_ip_map]}
{{role.lower()}}_extraconfig: {get_param: {{role}}ExtraConfig}
extraconfig: {get_param: ExtraConfig}
{{role.lower()}}:
tripleo::packages::enable_upgrade: {get_input: enable_package_upgrade}
tripleo::profile::base::logging::fluentd::fluentd_sources: {get_param: LoggingSources}
tripleo::profile::base::logging::fluentd::fluentd_groups: {get_param: LoggingGroups}
# Resource for site-specific injection of root certificate
NodeTLSCAData:

4
puppet/services/aodh-api.yaml

@ -55,7 +55,7 @@ outputs:
aodh::wsgi::apache::servername:
str_replace:
template:
'"%{::fqdn_$NETWORK}"'
'%{::fqdn_$NETWORK}'
params:
$NETWORK: {get_param: [ServiceNetMap, AodhApiNetwork]}
aodh::api::service_name: 'httpd'
@ -68,7 +68,7 @@ outputs:
aodh::api::host:
str_replace:
template:
'"%{::fqdn_$NETWORK}"'
'%{::fqdn_$NETWORK}'
params:
$NETWORK: {get_param: [ServiceNetMap, AodhApiNetwork]}
# NOTE: bind IP is found in Heat replacing the network name with the

4
puppet/services/barbican-api.yaml

@ -24,7 +24,7 @@ parameters:
hidden: true
BarbicanWorkers:
description: Set the number of workers for barbican::wsgi::apache
default: '"%{::processorcount}"'
default: '%{::processorcount}'
type: string
Debug:
default: ''
@ -93,7 +93,7 @@ outputs:
barbican::wsgi::apache::servername:
str_replace:
template:
'"%{::fqdn_$NETWORK}"'
'%{::fqdn_$NETWORK}'
params:
$NETWORK: {get_param: [ServiceNetMap, BarbicanApiNetwork]}
barbican::db::database_connection:

4
puppet/services/ceilometer-api.yaml

@ -75,7 +75,7 @@ outputs:
ceilometer::api::host:
str_replace:
template:
'"%{::fqdn_$NETWORK}"'
'%{::fqdn_$NETWORK}'
params:
$NETWORK: {get_param: [ServiceNetMap, CeilometerApiNetwork]}
ceilometer::wsgi::apache::bind_host: {get_param: [ServiceNetMap, CeilometerApiNetwork]}
@ -83,7 +83,7 @@ outputs:
ceilometer::wsgi::apache::servername:
str_replace:
template:
'"%{::fqdn_$NETWORK}"'
'%{::fqdn_$NETWORK}'
params:
$NETWORK: {get_param: [ServiceNetMap, CeilometerApiNetwork]}
service_config_settings:

53
puppet/services/ceph-base.yaml

@ -119,36 +119,33 @@ outputs:
NETWORK: {get_param: [ServiceNetMap, CephMonNetwork]}
ceph::profile::params::public_addr: {get_param: [ServiceNetMap, CephMonNetwork]}
ceph::profile::params::client_keys:
str_replace:
template: "{
client.admin: {
secret: 'ADMIN_KEY',
mode: '0600',
cap_mon: 'allow *',
cap_osd: 'allow *',
map_replace:
- client.admin:
secret: {get_param: CephAdminKey}
mode: '0600'
cap_mon: 'allow *'
cap_osd: 'allow *'
cap_mds: 'allow *'
},
client.bootstrap-osd: {
secret: 'ADMIN_KEY',
keyring_path: '/var/lib/ceph/bootstrap-osd/ceph.keyring',
client.bootstrap-osd:
secret: {get_param: CephAdminKey}
keyring_path: '/var/lib/ceph/bootstrap-osd/ceph.keyring'
cap_mon: 'allow profile bootstrap-osd'
},
client.CLIENT_USER: {
secret: 'CLIENT_KEY',
mode: '0644',
cap_mon: 'allow r',
cap_osd: 'allow class-read object_prefix rbd_children, allow rwx pool=CINDER_POOL, allow rwx pool=CINDERBACKUP_POOL, allow rwx pool=NOVA_POOL, allow rwx pool=GLANCE_POOL, allow rwx pool=GNOCCHI_POOL'
}
}"
params:
CLIENT_USER: {get_param: CephClientUserName}
CLIENT_KEY: {get_param: CephClientKey}
ADMIN_KEY: {get_param: CephAdminKey}
NOVA_POOL: {get_param: NovaRbdPoolName}
CINDER_POOL: {get_param: CinderRbdPoolName}
CINDERBACKUP_POOL: {get_param: CinderBackupRbdPoolName}
GLANCE_POOL: {get_param: GlanceRbdPoolName}
GNOCCHI_POOL: {get_param: GnocchiRbdPoolName}
CEPH_CLIENT_KEY:
secret: {get_param: CephClientKey}
mode: '0644'
cap_mon: 'allow r'
cap_osd:
str_replace:
template: 'allow class-read object_prefix rbd_children, allow rwx pool=CINDER_POOL, allow rwx pool=CINDERBACKUP_POOL, allow rwx pool=NOVA_POOL, allow rwx pool=GLANCE_POOL, allow rwx pool=GNOCCHI_POOL'
params:
NOVA_POOL: {get_param: NovaRbdPoolName}
CINDER_POOL: {get_param: CinderRbdPoolName}
CINDERBACKUP_POOL: {get_param: CinderBackupRbdPoolName}
GLANCE_POOL: {get_param: GlanceRbdPoolName}
GNOCCHI_POOL: {get_param: GnocchiRbdPoolName}
- keys:
CEPH_CLIENT_KEY:
list_join: ['.', ['client', {get_param: CephClientUserName}]]
service_config_settings:
glance_api:
glance::api::show_multiple_locations: {if: [glance_multiple_locations, true, false]}

6
puppet/services/cinder-api.yaml

@ -42,7 +42,7 @@ parameters:
CinderWorkers:
type: string
description: Set the number of workers for cinder::wsgi::apache
default: '"%{::os_workers}"'
default: '%{::os_workers}'
EnableInternalTLS:
type: boolean
default: false
@ -101,7 +101,7 @@ outputs:
cinder::api::bind_host:
str_replace:
template:
'"%{::fqdn_$NETWORK}"'
'%{::fqdn_$NETWORK}'
params:
$NETWORK: {get_param: [ServiceNetMap, CinderApiNetwork]}
cinder::wsgi::apache::ssl: {get_param: EnableInternalTLS}
@ -115,7 +115,7 @@ outputs:
cinder::wsgi::apache::servername:
str_replace:
template:
'"%{::fqdn_$NETWORK}"'
'%{::fqdn_$NETWORK}'
params:
$NETWORK: {get_param: [ServiceNetMap, CinderApiNetwork]}
-

2
puppet/services/database/mysql.yaml

@ -87,7 +87,7 @@ outputs:
tripleo::profile::base::database::mysql::bind_address:
str_replace:
template:
'"%{::fqdn_$NETWORK}"'
'%{::fqdn_$NETWORK}'
params:
$NETWORK: {get_param: [ServiceNetMap, MysqlNetwork]}
step_config: |

4
puppet/services/database/redis-base.yaml

@ -39,6 +39,6 @@ outputs:
# internal_api_subnet - > IP/CIDR
redis::bind: {get_param: [ServiceNetMap, RedisNetwork]}
redis::port: 6379
redis::sentinel::master_name: '"%{hiera(\"bootstrap_nodeid\")}"'
redis::sentinel::redis_host: '"%{hiera(\"bootstrap_nodeid_ip\")}"'
redis::sentinel::master_name: "%{hiera('bootstrap_nodeid')}"
redis::sentinel::redis_host: "%{hiera('bootstrap_nodeid_ip')}"
redis::sentinel::notification_script: '/usr/local/bin/redis-notifications.sh'

4
puppet/services/gnocchi-api.yaml

@ -91,7 +91,7 @@ outputs:
gnocchi::wsgi::apache::servername:
str_replace:
template:
'"%{::fqdn_$NETWORK}"'
'%{::fqdn_$NETWORK}'
params:
$NETWORK: {get_param: [ServiceNetMap, GnocchiApiNetwork]}
tripleo::profile::base::gnocchi::api::gnocchi_backend: {get_param: GnocchiBackend}
@ -105,7 +105,7 @@ outputs:
gnocchi::api::host:
str_replace:
template:
'"%{::fqdn_$NETWORK}"'
'%{::fqdn_$NETWORK}'
params:
$NETWORK: {get_param: [ServiceNetMap, GnocchiApiNetwork]}

2
puppet/services/ironic-conductor.yaml

@ -68,7 +68,7 @@ outputs:
list_join:
- ''
- - 'http://'
- '%{hiera("ironic_conductor_http_host")}:'
- "%{hiera('ironic_conductor_http_host')}:"
- {get_param: IronicIPXEPort}
ironic::drivers::pxe::ipxe_enabled: {get_param: IronicIPXEEnabled}
ironic::glance_api_servers: {get_param: [EndpointMap, GlanceInternal, uri]}

26
puppet/services/keepalived.yaml

@ -1,4 +1,4 @@
heat_template_version: 2016-04-08
heat_template_version: 2016-10-14
description: >
Keepalived service configured with Puppet
@ -36,6 +36,11 @@ parameters:
default: 'overcloud-keepalived'
type: string
conditions:
control_iface_empty: {equals : [{get_param: ControlVirtualInterface}, '']}
public_iface_empty: {equals : [{get_param: PublicVirtualInterface}, '']}
outputs:
role_data:
description: Role data for the Keepalived role.
@ -43,10 +48,19 @@ outputs:
service_name: keepalived
monitoring_subscription: {get_param: MonitoringSubscriptionKeepalived}
config_settings:
tripleo::keepalived::control_virtual_interface: {get_param: ControlVirtualInterface}
tripleo::keepalived::public_virtual_interface: {get_param: PublicVirtualInterface}
tripleo.keepalived.firewall_rules:
'106 keepalived vrrp':
proto: vrrp
map_merge:
- tripleo.keepalived.firewall_rules:
'106 keepalived vrrp':
proto: vrrp
-
if:
- control_iface_empty
- {}
- tripleo::keepalived::control_virtual_interface: {get_param: ControlVirtualInterface}
-
if:
- public_iface_empty
- {}
- tripleo::keepalived::public_virtual_interface: {get_param: PublicVirtualInterface}
step_config: |
include ::tripleo::profile::base::keepalived

10
puppet/services/keystone.yaml

@ -89,7 +89,7 @@ parameters:
KeystoneWorkers:
type: string
description: Set the number of workers for keystone::wsgi::apache
default: '"%{::os_workers}"'
default: '%{::os_workers}'
MonitoringSubscriptionKeystone:
default: 'overcloud-keystone'
type: string
@ -195,13 +195,13 @@ outputs:
keystone::wsgi::apache::servername:
str_replace:
template:
'"%{::fqdn_$NETWORK}"'
'%{::fqdn_$NETWORK}'
params:
$NETWORK: {get_param: [ServiceNetMap, KeystonePublicApiNetwork]}
keystone::wsgi::apache::servername_admin:
str_replace:
template:
'"%{::fqdn_$NETWORK}"'
'%{::fqdn_$NETWORK}'
params:
$NETWORK: {get_param: [ServiceNetMap, KeystoneAdminApiNetwork]}
keystone::wsgi::apache::workers: {get_param: KeystoneWorkers}
@ -219,13 +219,13 @@ outputs:
keystone::admin_bind_host:
str_replace:
template:
'"%{::fqdn_$NETWORK}"'
'%{::fqdn_$NETWORK}'
params:
$NETWORK: {get_param: [ServiceNetMap, KeystoneAdminApiNetwork]}
keystone::public_bind_host:
str_replace:
template:
'"%{::fqdn_$NETWORK}"'
'%{::fqdn_$NETWORK}'
params:
$NETWORK: {get_param: [ServiceNetMap, KeystonePublicApiNetwork]}
# NOTE: bind IP is found in Heat replacing the network name with the

8
puppet/services/neutron-base.yaml

@ -84,16 +84,12 @@ outputs:
neutron::rabbit_port: {get_param: RabbitClientPort}
neutron::dhcp_agents_per_network: {get_param: NeutronDhcpAgentsPerNetwork}
neutron::core_plugin: {get_param: NeutronCorePlugin}
neutron::service_plugins:
str_replace:
template: PLUGINS
params:
PLUGINS: {get_param: NeutronServicePlugins}
neutron::service_plugins: {get_param: NeutronServicePlugins}
neutron::debug: {get_param: Debug}
neutron::purge_config: {get_param: EnableConfigPurge}
neutron::allow_overlapping_ips: true
neutron::rabbit_heartbeat_timeout_threshold: 60
neutron::host: '"%{::fqdn}"' #NOTE: extra quoting is needed
neutron::host: '%{::fqdn}'
neutron::db::database_db_max_retries: -1
neutron::db::database_max_retries: -1
neutron::global_physnet_mtu: {get_param: NeutronGlobalPhysnetMtu}

2
puppet/services/neutron-metadata.yaml

@ -72,6 +72,6 @@ outputs:
neutron::agents::metadata::auth_password: {get_param: NeutronPassword}
neutron::agents::metadata::auth_url: { get_param: [EndpointMap, KeystoneAdmin, uri_no_suffix] }
neutron::agents::metadata::auth_tenant: 'service'
neutron::agents::metadata::metadata_ip: '"%{hiera(\"nova_metadata_vip\")}"'
neutron::agents::metadata::metadata_ip: "%{hiera('nova_metadata_vip')}"
step_config: |
include tripleo::profile::base::neutron::metadata

18
puppet/services/neutron-ovs-agent.yaml

@ -94,21 +94,9 @@ outputs:
- neutron::agents::ml2::ovs::l2_population: {get_param: NeutronEnableL2Pop}
neutron::agents::ml2::ovs::enable_distributed_routing: {get_param: NeutronEnableDVR}
neutron::agents::ml2::ovs::arp_responder: {get_param: NeutronEnableARPResponder}
neutron::agents::ml2::ovs::bridge_mappings:
str_replace:
template: MAPPINGS
params:
MAPPINGS: {get_param: NeutronBridgeMappings}
neutron::agents::ml2::ovs::tunnel_types:
str_replace:
template: TYPES
params:
TYPES: {get_param: NeutronTunnelTypes}
neutron::agents::ml2::ovs::extensions:
str_replace:
template: AGENT_EXTENSIONS
params:
AGENT_EXTENSIONS: {get_param: NeutronAgentExtensions}
neutron::agents::ml2::ovs::bridge_mappings: {get_param: NeutronBridgeMappings}
neutron::agents::ml2::ovs::tunnel_types: {get_param: NeutronTunnelTypes}
neutron::agents::ml2::ovs::extensions: {get_param: NeutronAgentExtensions}
# NOTE: bind IP is found in Heat replacing the network name with the
# local node IP for the given network; replacement examples
# (eg. for internal_api):

48
puppet/services/neutron-plugin-ml2.yaml

@ -83,46 +83,14 @@ outputs:
config_settings:
map_merge:
- get_attr: [NeutronBase, role_data, config_settings]
- neutron::plugins::ml2::mechanism_drivers:
str_replace:
template: MECHANISMS
params:
MECHANISMS: {get_param: NeutronMechanismDrivers}
neutron::plugins::ml2::type_drivers:
str_replace:
template: DRIVERS
params:
DRIVERS: {get_param: NeutronTypeDrivers}
neutron::plugins::ml2::flat_networks:
str_replace:
template: NETWORKS
params:
NETWORKS: {get_param: NeutronFlatNetworks}
neutron::plugins::ml2::extension_drivers:
str_replace:
template: PLUGIN_EXTENSIONS
params:
PLUGIN_EXTENSIONS: {get_param: NeutronPluginExtensions}
neutron::plugins::ml2::network_vlan_ranges:
str_replace:
template: RANGES
params:
RANGES: {get_param: NeutronNetworkVLANRanges}
neutron::plugins::ml2::tunnel_id_ranges:
str_replace:
template: RANGES
params:
RANGES: {get_param: NeutronTunnelIdRanges}
neutron::plugins::ml2::vni_ranges:
str_replace:
template: RANGES
params:
RANGES: {get_param: NeutronVniRanges}
neutron::plugins::ml2::tenant_network_types:
str_replace:
template: TYPES
params:
TYPES: {get_param: NeutronNetworkType}
- neutron::plugins::ml2::mechanism_drivers: {get_param: NeutronMechanismDrivers}
neutron::plugins::ml2::type_drivers: {get_param: NeutronTypeDrivers}
neutron::plugins::ml2::flat_networks: {get_param: NeutronFlatNetworks}
neutron::plugins::ml2::extension_drivers: {get_param: NeutronPluginExtensions}
neutron::plugins::ml2::network_vlan_ranges: {get_param: NeutronNetworkVLANRanges}
neutron::plugins::ml2::tunnel_id_ranges: {get_param: NeutronTunnelIdRanges}
neutron::plugins::ml2::vni_ranges: {get_param: NeutronVniRanges}
neutron::plugins::ml2::tenant_network_types: {get_param: NeutronNetworkType}
neutron::plugins::ml2::supported_pci_vendor_devs: {get_param: NeutronSupportedPCIVendorDevs}
step_config: |

8
puppet/services/nova-api.yaml

@ -87,8 +87,8 @@ outputs:
map_merge:
- get_attr: [NovaBase, role_data, config_settings]
- get_attr: [ApacheServiceBase, role_data, config_settings]
- nova::cron::archive_deleted_rows::hour: '"*/12"'
nova::cron::archive_deleted_rows::destination: '"/dev/null"'
- nova::cron::archive_deleted_rows::hour: '*/12'
nova::cron::archive_deleted_rows::destination: '/dev/null'
tripleo.nova_api.firewall_rules:
'113 nova_api':
dport:
@ -108,7 +108,7 @@ outputs:
nova::api::api_bind_address:
str_replace:
template:
'"%{::fqdn_$NETWORK}"'
'%{::fqdn_$NETWORK}'
params:
$NETWORK: {get_param: [ServiceNetMap, NovaApiNetwork]}
nova::api::service_name: 'httpd'
@ -122,7 +122,7 @@ outputs:
nova::wsgi::apache::servername:
str_replace:
template:
'"%{::fqdn_$NETWORK}"'
'%{::fqdn_$NETWORK}'
params:
$NETWORK: {get_param: [ServiceNetMap, NovaApiNetwork]}
nova::api::neutron_metadata_proxy_shared_secret: {get_param: NeutronMetadataProxySharedSecret}

2
puppet/services/nova-base.yaml

@ -109,7 +109,7 @@ outputs:
nova::network::neutron::neutron_auth_url: {get_param: [EndpointMap, KeystoneV3Admin, uri]}
nova::rabbit_heartbeat_timeout_threshold: 60
nova::cinder_catalog_info: 'volumev2:cinderv2:internalURL'
nova::host: '"%{::fqdn}"' # NOTE: extra quoting is needed.
nova::host: '%{::fqdn}'
nova::notify_on_state_change: 'vm_and_task_state'
nova::notification_driver: messagingv2
nova::network::neutron::neutron_auth_type: 'v3password'

10
puppet/services/nova-compute.yaml

@ -52,7 +52,7 @@ parameters:
For different formats, refer to the nova.conf documentation for
pci_passthrough_whitelist configuration
type: json
default: ''
default: {}
NovaVcpuPinSet:
description: >
A list or range of physical CPU cores to reserve for virtual machine
@ -97,11 +97,7 @@ outputs:
map_merge:
- get_attr: [NovaBase, role_data, config_settings]
- nova::compute::libvirt::manage_libvirt_services: false
nova::compute::pci_passthrough:
str_replace:
template: "'JSON_PARAM'"
params:
JSON_PARAM: {get_param: NovaPCIPassthrough}
nova::compute::pci_passthrough: {get_param: NovaPCIPassthrough}
nova::compute::vcpu_pin_set: {get_param: NovaVcpuPinSet}
nova::compute::reserved_host_memory: {get_param: NovaReservedHostMemory}
# we manage migration in nova common puppet profile
@ -117,7 +113,7 @@ outputs:
- '.'
- - 'client'
- {get_param: CephClientUserName}
nova::compute::rbd::libvirt_rbd_secret_uuid: '"%{hiera(\"ceph::profile::params::fsid\")}"'
nova::compute::rbd::libvirt_rbd_secret_uuid: "%{hiera('ceph::profile::params::fsid')}"
nova::compute::instance_usage_audit: true
nova::compute::instance_usage_audit_period: 'hour'
nova::compute::rbd::ephemeral_storage: {get_param: NovaEnableRbdBackend}

2
puppet/services/pacemaker/database/mysql.yaml

@ -40,7 +40,7 @@ outputs:
- tripleo::profile::pacemaker::database::mysql::bind_address:
str_replace:
template:
'"%{::fqdn_$NETWORK}"'
'%{::fqdn_$NETWORK}'
params:
$NETWORK: {get_param: [ServiceNetMap, MysqlNetwork]}
# NOTE: bind IP is found in Heat replacing the network name with the

4
puppet/services/panko-api.yaml

@ -55,7 +55,7 @@ outputs:
panko::wsgi::apache::servername:
str_replace:
template:
'"%{::fqdn_$NETWORK}"'
'%{::fqdn_$NETWORK}'
params:
$NETWORK: {get_param: [ServiceNetMap, PankoApiNetwork]}
panko::api::service_name: 'httpd'
@ -68,7 +68,7 @@ outputs:
panko::api::host:
str_replace:
template:
'"%{::fqdn_$NETWORK}"'
'%{::fqdn_$NETWORK}'
params:
$NETWORK: {get_param: [ServiceNetMap, PankoApiNetwork]}
# NOTE: bind IP is found in Heat replacing the network name with the

Loading…
Cancel
Save