Hiera optimization: use a new hiera hook
This patch optimizes how we deploy hiera by using a new heat hook specifically designed to help compose hiera within heat templates. As part of this change: - we update all the 'hiera' software configurations to set the group to hiera instead of os-apply-config. - The new format uses JSON instead of YAML. The hook actually writes out the hiera JSON directly so no conversion takes place. Arrays, Strings, Booleans all stay in their native formats. As such we can avoid having to do many of the awkward string and list conversions in t-h-t to support the previous YAML formatting. - The new hook prefers JSON over YAML so upgrading users will have the new files prefered. (we will post a cleanup routine for the old files soon but this isn't a new behavior, JSON is now simply prefered.) - A lot of services required edits to account for default settings that worked in YAML that no longer work correctly in the native JSON format. In almost all these cases I think the resulting codes looks cleaner and is more explicit with regards to what is getting configured in hiera on the actual nodes. Depends-On: I6a383b1ad4ec29458569763bd3f56fd3f2bd726b Closes-bug: #1596373 Change-Id: Ibe7e2044e200e2c947223286fdf4fd5bcf98c2e1
This commit is contained in:
parent
9cd0c5a50c
commit
7876851011
@ -71,140 +71,132 @@ resources:
|
||||
allNodesConfigImpl:
|
||||
type: OS::Heat::StructuredConfig
|
||||
properties:
|
||||
group: os-apply-config
|
||||
group: hiera
|
||||
config:
|
||||
hiera:
|
||||
datafiles:
|
||||
bootstrap_node:
|
||||
mapped_data:
|
||||
bootstrap_nodeid: {get_input: bootstrap_nodeid}
|
||||
bootstrap_nodeid_ip: {get_input: bootstrap_nodeid_ip}
|
||||
all_nodes:
|
||||
mapped_data:
|
||||
map_merge:
|
||||
- tripleo::profile::base::logging::fluentd::fluentd_sources: {get_param: logging_sources}
|
||||
- tripleo::profile::base::logging::fluentd::fluentd_groups: {get_param: logging_groups}
|
||||
- enabled_services: {get_param: enabled_services}
|
||||
# This writes out a mapping of service_name_enabled: 'true'
|
||||
# For any services not enabled, hiera foo_enabled will
|
||||
# return nil, as it's undefined
|
||||
- map_merge:
|
||||
repeat:
|
||||
template:
|
||||
# Note this must be string 'true' due to
|
||||
# https://bugs.launchpad.net/heat/+bug/1617203
|
||||
SERVICE_enabled: 'true'
|
||||
for_each:
|
||||
SERVICE:
|
||||
str_split: [',', {get_param: enabled_services}]
|
||||
# Dynamically generate per-service network data
|
||||
# This works as follows (outer->inner functions)
|
||||
# yaql - filters services where no mapping exists in ServiceNetMap
|
||||
# map_replace: substitute e.g heat_api_network with network name from ServiceNetMap
|
||||
# map_merge/repeat: generate a per-service mapping
|
||||
- yaql:
|
||||
# This filters any entries where the value hasn't been substituted for
|
||||
# a list, e.g it's still $service_network. This happens when there is
|
||||
# no network defined for the service in the ServiceNetMap, which is OK
|
||||
# as not all services have to be bound to a network, so we filter them
|
||||
expression: dict($.data.map.items().where(isString($[1]) and not $[1].endsWith("_network")))
|
||||
data:
|
||||
map:
|
||||
map_replace:
|
||||
datafiles:
|
||||
bootstrap_node:
|
||||
bootstrap_nodeid: {get_input: bootstrap_nodeid}
|
||||
bootstrap_nodeid_ip: {get_input: bootstrap_nodeid_ip}
|
||||
all_nodes:
|
||||
map_merge:
|
||||
- tripleo::profile::base::logging::fluentd::fluentd_sources: {get_param: logging_sources}
|
||||
- tripleo::profile::base::logging::fluentd::fluentd_groups: {get_param: logging_groups}
|
||||
- enabled_services: {get_param: enabled_services}
|
||||
# This writes out a mapping of service_name_enabled: 'true'
|
||||
# For any services not enabled, hiera foo_enabled will
|
||||
# return nil, as it's undefined
|
||||
- map_merge:
|
||||
repeat:
|
||||
template:
|
||||
# Note this must be string 'true' due to
|
||||
# https://bugs.launchpad.net/heat/+bug/1617203
|
||||
SERVICE_enabled: 'true'
|
||||
for_each:
|
||||
SERVICE:
|
||||
str_split: [',', {get_param: enabled_services}]
|
||||
# Dynamically generate per-service network data
|
||||
# This works as follows (outer->inner functions)
|
||||
# yaql - filters services where no mapping exists in ServiceNetMap
|
||||
# map_replace: substitute e.g heat_api_network with network name from ServiceNetMap
|
||||
# map_merge/repeat: generate a per-service mapping
|
||||
- yaql:
|
||||
# This filters any entries where the value hasn't been substituted for
|
||||
# a list, e.g it's still $service_network. This happens when there is
|
||||
# no network defined for the service in the ServiceNetMap, which is OK
|
||||
# as not all services have to be bound to a network, so we filter them
|
||||
expression: dict($.data.map.items().where(isString($[1]) and not $[1].endsWith("_network")))
|
||||
data:
|
||||
map:
|
||||
map_replace:
|
||||
- map_merge:
|
||||
repeat:
|
||||
template:
|
||||
SERVICE_network: SERVICE_network
|
||||
for_each:
|
||||
SERVICE:
|
||||
str_split: [',', {get_param: enabled_services}]
|
||||
- values: {get_param: ServiceNetMap}
|
||||
# Keystone doesn't provide separate entries for the public
|
||||
# and admin endpoints, so we need to add them here manually
|
||||
# like we do in the vip-config below
|
||||
- keystone_admin_api_network: {get_param: [ServiceNetMap, keystone_admin_api_network]}
|
||||
keystone_public_api_network: {get_param: [ServiceNetMap, keystone_public_api_network]}
|
||||
# provides a mapping of service_name_ips to a list of IPs
|
||||
- {get_param: service_ips}
|
||||
- {get_param: service_node_names}
|
||||
- {get_param: short_service_node_names}
|
||||
- controller_node_ips:
|
||||
list_join:
|
||||
- ','
|
||||
- {get_param: controller_ips}
|
||||
controller_node_names:
|
||||
list_join:
|
||||
- ','
|
||||
- {get_param: controller_names}
|
||||
memcached_node_ips_v6:
|
||||
repeat:
|
||||
template: "inet6:[NAME]"
|
||||
for_each:
|
||||
NAME: {get_param: memcache_node_ips}
|
||||
deploy_identifier: {get_param: DeployIdentifier}
|
||||
update_identifier: {get_param: UpdateIdentifier}
|
||||
stack_action: {get_param: StackAction}
|
||||
vip_data:
|
||||
map_merge:
|
||||
# Dynamically generate per-service VIP data based on enabled_services
|
||||
# This works as follows (outer->inner functions)
|
||||
# yaql - filters services where no mapping exists in ServiceNetMap
|
||||
# map_replace: substitute e.g internal_api with the IP from NetVipMap
|
||||
# map_replace: substitute e.g heat_api_network with network name from ServiceNetMap
|
||||
# map_merge/repeat: generate a per-service mapping
|
||||
- yaql:
|
||||
# This filters any entries where the value hasn't been substituted for
|
||||
# a list, e.g it's still $service_network. This happens when there is
|
||||
# no network defined for the service in the ServiceNetMap, which is OK
|
||||
# as not all services have to be bound to a network, so we filter them
|
||||
expression: dict($.data.map.items().where(isString($[1]) and not $[1].endsWith("_network")))
|
||||
data:
|
||||
map:
|
||||
map_replace:
|
||||
- map_replace:
|
||||
- map_merge:
|
||||
repeat:
|
||||
template:
|
||||
SERVICE_network: SERVICE_network
|
||||
SERVICE_vip: SERVICE_network
|
||||
for_each:
|
||||
SERVICE:
|
||||
str_split: [',', {get_param: enabled_services}]
|
||||
- values: {get_param: ServiceNetMap}
|
||||
# Keystone doesn't provide separate entries for the public
|
||||
# and admin endpoints, so we need to add them here manually
|
||||
# like we do in the vip-config below
|
||||
- keystone_admin_api_network: {get_param: [ServiceNetMap, keystone_admin_api_network]}
|
||||
keystone_public_api_network: {get_param: [ServiceNetMap, keystone_public_api_network]}
|
||||
# provides a mapping of service_name_ips to a list of IPs
|
||||
- {get_param: service_ips}
|
||||
- {get_param: service_node_names}
|
||||
- {get_param: short_service_node_names}
|
||||
- controller_node_ips:
|
||||
list_join:
|
||||
- ','
|
||||
- {get_param: controller_ips}
|
||||
controller_node_names:
|
||||
list_join:
|
||||
- ','
|
||||
- {get_param: controller_names}
|
||||
memcached_node_ips_v6:
|
||||
str_replace:
|
||||
template: "['inet6:[SERVERS_LIST]']"
|
||||
params:
|
||||
SERVERS_LIST:
|
||||
list_join:
|
||||
- "]','inet6:["
|
||||
- {get_param: memcache_node_ips}
|
||||
|
||||
deploy_identifier: {get_param: DeployIdentifier}
|
||||
update_identifier: {get_param: UpdateIdentifier}
|
||||
stack_action: {get_param: StackAction}
|
||||
vip_data:
|
||||
mapped_data:
|
||||
map_merge:
|
||||
# Dynamically generate per-service VIP data based on enabled_services
|
||||
# This works as follows (outer->inner functions)
|
||||
# yaql - filters services where no mapping exists in ServiceNetMap
|
||||
# map_replace: substitute e.g internal_api with the IP from NetVipMap
|
||||
# map_replace: substitute e.g heat_api_network with network name from ServiceNetMap
|
||||
# map_merge/repeat: generate a per-service mapping
|
||||
- yaql:
|
||||
# This filters any entries where the value hasn't been substituted for
|
||||
# a list, e.g it's still $service_network. This happens when there is
|
||||
# no network defined for the service in the ServiceNetMap, which is OK
|
||||
# as not all services have to be bound to a network, so we filter them
|
||||
expression: dict($.data.map.items().where(isString($[1]) and not $[1].endsWith("_network")))
|
||||
data:
|
||||
map:
|
||||
map_replace:
|
||||
- map_replace:
|
||||
- map_merge:
|
||||
repeat:
|
||||
template:
|
||||
SERVICE_vip: SERVICE_network
|
||||
for_each:
|
||||
SERVICE:
|
||||
str_split: [',', {get_param: enabled_services}]
|
||||
- values: {get_param: ServiceNetMap}
|
||||
- values: {get_param: NetVipMap}
|
||||
- keystone_admin_api_vip:
|
||||
get_param: [NetVipMap, {get_param: [ServiceNetMap, keystone_admin_api_network]}]
|
||||
keystone_public_api_vip:
|
||||
get_param: [NetVipMap, {get_param: [ServiceNetMap, keystone_public_api_network]}]
|
||||
public_virtual_ip: {get_param: [NetVipMap, external]}
|
||||
controller_virtual_ip: {get_param: [NetVipMap, ctlplane]}
|
||||
internal_api_virtual_ip: {get_param: [NetVipMap, internal_api]}
|
||||
storage_virtual_ip: {get_param: [NetVipMap, storage]}
|
||||
storage_mgmt_virtual_ip: {get_param: [NetVipMap, storage_mgmt]}
|
||||
redis_vip: {get_param: RedisVirtualIP}
|
||||
# public_virtual_ip and controller_virtual_ip are needed in
|
||||
# both HAproxy & keepalived.
|
||||
tripleo::haproxy::public_virtual_ip: {get_param: [NetVipMap, external]}
|
||||
tripleo::haproxy::controller_virtual_ip: {get_param: [NetVipMap, ctlplane]}
|
||||
tripleo::keepalived::public_virtual_ip: {get_param: [NetVipMap, external]}
|
||||
tripleo::keepalived::controller_virtual_ip: {get_param: [NetVipMap, ctlplane]}
|
||||
tripleo::keepalived::internal_api_virtual_ip: {get_param: [NetVipMap, internal_api]}
|
||||
tripleo::keepalived::storage_virtual_ip: {get_param: [NetVipMap, storage]}
|
||||
tripleo::keepalived::storage_mgmt_virtual_ip: {get_param: [NetVipMap, storage_mgmt]}
|
||||
tripleo::keepalived::redis_virtual_ip: {get_param: RedisVirtualIP}
|
||||
tripleo::redis_notification::haproxy_monitor_ip: {get_param: [NetVipMap, ctlplane]}
|
||||
cloud_name_external: {get_param: cloud_name_external}
|
||||
cloud_name_internal_api: {get_param: cloud_name_internal_api}
|
||||
cloud_name_storage: {get_param: cloud_name_storage}
|
||||
cloud_name_storage_mgmt: {get_param: cloud_name_storage_mgmt}
|
||||
cloud_name_ctlplane: {get_param: cloud_name_ctlplane}
|
||||
# TLS parameters
|
||||
certmonger_ca: {get_param: CertmongerCA}
|
||||
enable_internal_tls: {get_param: EnableInternalTLS}
|
||||
- values: {get_param: NetVipMap}
|
||||
- keystone_admin_api_vip:
|
||||
get_param: [NetVipMap, {get_param: [ServiceNetMap, keystone_admin_api_network]}]
|
||||
keystone_public_api_vip:
|
||||
get_param: [NetVipMap, {get_param: [ServiceNetMap, keystone_public_api_network]}]
|
||||
public_virtual_ip: {get_param: [NetVipMap, external]}
|
||||
controller_virtual_ip: {get_param: [NetVipMap, ctlplane]}
|
||||
internal_api_virtual_ip: {get_param: [NetVipMap, internal_api]}
|
||||
storage_virtual_ip: {get_param: [NetVipMap, storage]}
|
||||
storage_mgmt_virtual_ip: {get_param: [NetVipMap, storage_mgmt]}
|
||||
redis_vip: {get_param: RedisVirtualIP}
|
||||
# public_virtual_ip and controller_virtual_ip are needed in
|
||||
# both HAproxy & keepalived.
|
||||
tripleo::haproxy::public_virtual_ip: {get_param: [NetVipMap, external]}
|
||||
tripleo::haproxy::controller_virtual_ip: {get_param: [NetVipMap, ctlplane]}
|
||||
tripleo::keepalived::public_virtual_ip: {get_param: [NetVipMap, external]}
|
||||
tripleo::keepalived::controller_virtual_ip: {get_param: [NetVipMap, ctlplane]}
|
||||
tripleo::keepalived::internal_api_virtual_ip: {get_param: [NetVipMap, internal_api]}
|
||||
tripleo::keepalived::storage_virtual_ip: {get_param: [NetVipMap, storage]}
|
||||
tripleo::keepalived::storage_mgmt_virtual_ip: {get_param: [NetVipMap, storage_mgmt]}
|
||||
tripleo::keepalived::redis_virtual_ip: {get_param: RedisVirtualIP}
|
||||
tripleo::redis_notification::haproxy_monitor_ip: {get_param: [NetVipMap, ctlplane]}
|
||||
cloud_name_external: {get_param: cloud_name_external}
|
||||
cloud_name_internal_api: {get_param: cloud_name_internal_api}
|
||||
cloud_name_storage: {get_param: cloud_name_storage}
|
||||
cloud_name_storage_mgmt: {get_param: cloud_name_storage_mgmt}
|
||||
cloud_name_ctlplane: {get_param: cloud_name_ctlplane}
|
||||
# TLS parameters
|
||||
certmonger_ca: {get_param: CertmongerCA}
|
||||
enable_internal_tls: {get_param: EnableInternalTLS}
|
||||
|
||||
outputs:
|
||||
config_id:
|
||||
|
@ -239,39 +239,33 @@ resources:
|
||||
BlockStorageConfig:
|
||||
type: OS::Heat::StructuredConfig
|
||||
properties:
|
||||
group: os-apply-config
|
||||
group: hiera
|
||||
config:
|
||||
hiera:
|
||||
hierarchy:
|
||||
- '"%{::uuid}"'
|
||||
- heat_config_%{::deploy_config_name}
|
||||
- volume_extraconfig
|
||||
- extraconfig
|
||||
- service_names
|
||||
- service_configs
|
||||
- volume
|
||||
- bootstrap_node # provided by allNodesConfig
|
||||
- all_nodes # provided by allNodesConfig
|
||||
- vip_data # provided by allNodesConfig
|
||||
- '"%{::osfamily}"'
|
||||
merge_behavior: deeper
|
||||
datafiles:
|
||||
service_names:
|
||||
mapped_data:
|
||||
service_names: {get_param: ServiceNames}
|
||||
sensu::subscriptions: {get_param: MonitoringSubscriptions}
|
||||
service_configs:
|
||||
mapped_data:
|
||||
map_replace:
|
||||
- {get_param: ServiceConfigSettings}
|
||||
- values: {get_attr: [NetIpMap, net_ip_map]}
|
||||
volume_extraconfig:
|
||||
mapped_data: {get_param: BlockStorageExtraConfig}
|
||||
extraconfig:
|
||||
mapped_data: {get_param: ExtraConfig}
|
||||
volume:
|
||||
mapped_data:
|
||||
tripleo::packages::enable_upgrade: {get_input: enable_package_upgrade}
|
||||
hierarchy:
|
||||
- '"%{::uuid}"'
|
||||
- heat_config_%{::deploy_config_name}
|
||||
- volume_extraconfig
|
||||
- extraconfig
|
||||
- service_names
|
||||
- service_configs
|
||||
- volume
|
||||
- bootstrap_node # provided by allNodesConfig
|
||||
- all_nodes # provided by allNodesConfig
|
||||
- vip_data # provided by allNodesConfig
|
||||
- '"%{::osfamily}"'
|
||||
merge_behavior: deeper
|
||||
datafiles:
|
||||
service_names:
|
||||
service_names: {get_param: ServiceNames}
|
||||
sensu::subscriptions: {get_param: MonitoringSubscriptions}
|
||||
service_configs:
|
||||
map_replace:
|
||||
- {get_param: ServiceConfigSettings}
|
||||
- values: {get_attr: [NetIpMap, net_ip_map]}
|
||||
volume_extraconfig: {get_param: BlockStorageExtraConfig}
|
||||
extraconfig: {get_param: ExtraConfig}
|
||||
volume:
|
||||
tripleo::packages::enable_upgrade: {get_input: enable_package_upgrade}
|
||||
|
||||
# Resource for site-specific injection of root certificate
|
||||
NodeTLSCAData:
|
||||
|
@ -244,39 +244,33 @@ resources:
|
||||
CephStorageConfig:
|
||||
type: OS::Heat::StructuredConfig
|
||||
properties:
|
||||
group: os-apply-config
|
||||
group: hiera
|
||||
config:
|
||||
hiera:
|
||||
hierarchy:
|
||||
- '"%{::uuid}"'
|
||||
- heat_config_%{::deploy_config_name}
|
||||
- ceph_extraconfig
|
||||
- extraconfig
|
||||
- service_names
|
||||
- service_configs
|
||||
- ceph
|
||||
- bootstrap_node # provided by allNodesConfig
|
||||
- all_nodes # provided by allNodesConfig
|
||||
- vip_data # provided by allNodesConfig
|
||||
- '"%{::osfamily}"'
|
||||
merge_behavior: deeper
|
||||
datafiles:
|
||||
service_names:
|
||||
mapped_data:
|
||||
service_names: {get_param: ServiceNames}
|
||||
sensu::subscriptions: {get_param: MonitoringSubscriptions}
|
||||
service_configs:
|
||||
mapped_data:
|
||||
map_replace:
|
||||
- {get_param: ServiceConfigSettings}
|
||||
- values: {get_attr: [NetIpMap, net_ip_map]}
|
||||
ceph_extraconfig:
|
||||
mapped_data: {get_param: CephStorageExtraConfig}
|
||||
extraconfig:
|
||||
mapped_data: {get_param: ExtraConfig}
|
||||
ceph:
|
||||
mapped_data:
|
||||
tripleo::packages::enable_upgrade: {get_input: enable_package_upgrade}
|
||||
hierarchy:
|
||||
- '"%{::uuid}"'
|
||||
- heat_config_%{::deploy_config_name}
|
||||
- ceph_extraconfig
|
||||
- extraconfig
|
||||
- service_names
|
||||
- service_configs
|
||||
- ceph
|
||||
- bootstrap_node # provided by allNodesConfig
|
||||
- all_nodes # provided by allNodesConfig
|
||||
- vip_data # provided by allNodesConfig
|
||||
- '"%{::osfamily}"'
|
||||
merge_behavior: deeper
|
||||
datafiles:
|
||||
service_names:
|
||||
service_names: {get_param: ServiceNames}
|
||||
sensu::subscriptions: {get_param: MonitoringSubscriptions}
|
||||
service_configs:
|
||||
map_replace:
|
||||
- {get_param: ServiceConfigSettings}
|
||||
- values: {get_attr: [NetIpMap, net_ip_map]}
|
||||
ceph_extraconfig: {get_param: CephStorageExtraConfig}
|
||||
extraconfig: {get_param: ExtraConfig}
|
||||
ceph:
|
||||
tripleo::packages::enable_upgrade: {get_input: enable_package_upgrade}
|
||||
|
||||
# Resource for site-specific injection of root certificate
|
||||
NodeTLSCAData:
|
||||
|
@ -251,45 +251,39 @@ resources:
|
||||
NovaComputeConfig:
|
||||
type: OS::Heat::StructuredConfig
|
||||
properties:
|
||||
group: os-apply-config
|
||||
group: hiera
|
||||
config:
|
||||
hiera:
|
||||
hierarchy:
|
||||
- '"%{::uuid}"'
|
||||
- heat_config_%{::deploy_config_name}
|
||||
- compute_extraconfig
|
||||
- extraconfig
|
||||
- service_names
|
||||
- service_configs
|
||||
- compute
|
||||
- bootstrap_node # provided by allNodesConfig
|
||||
- all_nodes # provided by allNodesConfig
|
||||
- vip_data # provided by allNodesConfig
|
||||
- '"%{::osfamily}"'
|
||||
- neutron_bigswitch_data # Optionally provided by ComputeExtraConfigPre
|
||||
- cisco_n1kv_data # Optionally provided by ComputeExtraConfigPre
|
||||
- nova_nuage_data # Optionally provided by ComputeExtraConfigPre
|
||||
- midonet_data # Optionally provided by AllNodesExtraConfig
|
||||
- neutron_opencontrail_data # Optionally provided by ComputeExtraConfigPre
|
||||
- cisco_aci_data # Optionally provided by ComputeExtraConfigPre
|
||||
merge_behavior: deeper
|
||||
datafiles:
|
||||
service_names:
|
||||
mapped_data:
|
||||
service_names: {get_param: ServiceNames}
|
||||
sensu::subscriptions: {get_param: MonitoringSubscriptions}
|
||||
service_configs:
|
||||
mapped_data:
|
||||
map_replace:
|
||||
- {get_param: ServiceConfigSettings}
|
||||
- values: {get_attr: [NetIpMap, net_ip_map]}
|
||||
compute_extraconfig:
|
||||
mapped_data: {get_param: NovaComputeExtraConfig}
|
||||
extraconfig:
|
||||
mapped_data: {get_param: ExtraConfig}
|
||||
compute:
|
||||
mapped_data:
|
||||
tripleo::packages::enable_upgrade: {get_input: enable_package_upgrade}
|
||||
hierarchy:
|
||||
- '"%{::uuid}"'
|
||||
- heat_config_%{::deploy_config_name}
|
||||
- compute_extraconfig
|
||||
- extraconfig
|
||||
- service_names
|
||||
- service_configs
|
||||
- compute
|
||||
- bootstrap_node # provided by allNodesConfig
|
||||
- all_nodes # provided by allNodesConfig
|
||||
- vip_data # provided by allNodesConfig
|
||||
- '"%{::osfamily}"'
|
||||
- neutron_bigswitch_data # Optionally provided by ComputeExtraConfigPre
|
||||
- cisco_n1kv_data # Optionally provided by ComputeExtraConfigPre
|
||||
- nova_nuage_data # Optionally provided by ComputeExtraConfigPre
|
||||
- midonet_data # Optionally provided by AllNodesExtraConfig
|
||||
- neutron_opencontrail_data # Optionally provided by ComputeExtraConfigPre
|
||||
- cisco_aci_data # Optionally provided by ComputeExtraConfigPre
|
||||
merge_behavior: deeper
|
||||
datafiles:
|
||||
service_names:
|
||||
service_names: {get_param: ServiceNames}
|
||||
sensu::subscriptions: {get_param: MonitoringSubscriptions}
|
||||
service_configs:
|
||||
map_replace:
|
||||
- {get_param: ServiceConfigSettings}
|
||||
- values: {get_attr: [NetIpMap, net_ip_map]}
|
||||
compute_extraconfig: {get_param: NovaComputeExtraConfig}
|
||||
extraconfig: {get_param: ExtraConfig}
|
||||
compute:
|
||||
tripleo::packages::enable_upgrade: {get_input: enable_package_upgrade}
|
||||
|
||||
NovaComputeDeployment:
|
||||
type: OS::TripleO::SoftwareDeployment
|
||||
|
@ -299,57 +299,51 @@ resources:
|
||||
ControllerConfig:
|
||||
type: OS::Heat::StructuredConfig
|
||||
properties:
|
||||
group: os-apply-config
|
||||
group: hiera
|
||||
config:
|
||||
hiera:
|
||||
hierarchy:
|
||||
- '"%{::uuid}"'
|
||||
- heat_config_%{::deploy_config_name}
|
||||
- controller_extraconfig
|
||||
- extraconfig
|
||||
- service_configs
|
||||
- service_names
|
||||
- controller
|
||||
- bootstrap_node # provided by BootstrapNodeConfig
|
||||
- all_nodes # provided by allNodesConfig
|
||||
- vip_data # provided by allNodesConfig
|
||||
- '"%{::osfamily}"'
|
||||
- cinder_dellsc_data # Optionally provided by ControllerExtraConfigPre
|
||||
- cinder_netapp_data # Optionally provided by ControllerExtraConfigPre
|
||||
- cinder_eqlx_data # Optionally provided by ControllerExtraConfigPre
|
||||
- neutron_bigswitch_data # Optionally provided by ControllerExtraConfigPre
|
||||
- neutron_cisco_data # Optionally provided by ControllerExtraConfigPre
|
||||
- cisco_n1kv_data # Optionally provided by ControllerExtraConfigPre
|
||||
- midonet_data #Optionally provided by AllNodesExtraConfig
|
||||
- cisco_aci_data # Optionally provided by ControllerExtraConfigPre
|
||||
merge_behavior: deeper
|
||||
datafiles:
|
||||
service_names:
|
||||
mapped_data:
|
||||
service_names: {get_param: ServiceNames}
|
||||
sensu::subscriptions: {get_param: MonitoringSubscriptions}
|
||||
service_configs:
|
||||
mapped_data:
|
||||
map_replace:
|
||||
- {get_param: ServiceConfigSettings}
|
||||
- values: {get_attr: [NetIpMap, net_ip_map]}
|
||||
controller_extraconfig:
|
||||
mapped_data:
|
||||
map_merge:
|
||||
- {get_param: controllerExtraConfig}
|
||||
- {get_param: ControllerExtraConfig}
|
||||
extraconfig:
|
||||
mapped_data: {get_param: ExtraConfig}
|
||||
controller:
|
||||
mapped_data: # data supplied directly to this deployment configuration, etc
|
||||
bootstack_nodeid: {get_input: bootstack_nodeid}
|
||||
hierarchy:
|
||||
- '"%{::uuid}"'
|
||||
- heat_config_%{::deploy_config_name}
|
||||
- controller_extraconfig
|
||||
- extraconfig
|
||||
- service_configs
|
||||
- service_names
|
||||
- controller
|
||||
- bootstrap_node # provided by BootstrapNodeConfig
|
||||
- all_nodes # provided by allNodesConfig
|
||||
- vip_data # provided by allNodesConfig
|
||||
- '"%{::osfamily}"'
|
||||
- cinder_dellsc_data # Optionally provided by ControllerExtraConfigPre
|
||||
- cinder_netapp_data # Optionally provided by ControllerExtraConfigPre
|
||||
- cinder_eqlx_data # Optionally provided by ControllerExtraConfigPre
|
||||
- neutron_bigswitch_data # Optionally provided by ControllerExtraConfigPre
|
||||
- neutron_cisco_data # Optionally provided by ControllerExtraConfigPre
|
||||
- cisco_n1kv_data # Optionally provided by ControllerExtraConfigPre
|
||||
- midonet_data #Optionally provided by AllNodesExtraConfig
|
||||
- cisco_aci_data # Optionally provided by ControllerExtraConfigPre
|
||||
merge_behavior: deeper
|
||||
datafiles:
|
||||
service_names:
|
||||
service_names: {get_param: ServiceNames}
|
||||
sensu::subscriptions: {get_param: MonitoringSubscriptions}
|
||||
service_configs:
|
||||
map_replace:
|
||||
- {get_param: ServiceConfigSettings}
|
||||
- values: {get_attr: [NetIpMap, net_ip_map]}
|
||||
controller_extraconfig:
|
||||
map_merge:
|
||||
- {get_param: controllerExtraConfig}
|
||||
- {get_param: ControllerExtraConfig}
|
||||
extraconfig: {get_param: ExtraConfig}
|
||||
controller:
|
||||
# data supplied directly to this deployment configuration, etc
|
||||
bootstack_nodeid: {get_input: bootstack_nodeid}
|
||||
# Pacemaker
|
||||
enable_load_balancer: {get_input: enable_load_balancer}
|
||||
|
||||
# Pacemaker
|
||||
enable_load_balancer: {get_input: enable_load_balancer}
|
||||
|
||||
# Misc
|
||||
tripleo::haproxy::service_certificate: {get_attr: [NodeTLSData, deployed_ssl_certificate_path]}
|
||||
tripleo::packages::enable_upgrade: {get_input: enable_package_upgrade}
|
||||
# Misc
|
||||
tripleo::haproxy::service_certificate: {get_attr: [NodeTLSData, deployed_ssl_certificate_path]}
|
||||
tripleo::packages::enable_upgrade: {get_input: enable_package_upgrade}
|
||||
|
||||
# Hook for site-specific additional pre-deployment config, e.g extra hieradata
|
||||
ControllerExtraConfigPre:
|
||||
|
@ -228,40 +228,33 @@ resources:
|
||||
SwiftStorageHieraConfig:
|
||||
type: OS::Heat::StructuredConfig
|
||||
properties:
|
||||
group: os-apply-config
|
||||
group: hiera
|
||||
config:
|
||||
hiera:
|
||||
hierarchy:
|
||||
- '"%{::uuid}"'
|
||||
- heat_config_%{::deploy_config_name}
|
||||
- object_extraconfig
|
||||
- extraconfig
|
||||
- service_names
|
||||
- service_configs
|
||||
- object
|
||||
- bootstrap_node # provided by allNodesConfig
|
||||
- all_nodes # provided by allNodesConfig
|
||||
- vip_data # provided by allNodesConfig
|
||||
- '"%{::osfamily}"'
|
||||
merge_behavior: deeper
|
||||
datafiles:
|
||||
service_names:
|
||||
mapped_data:
|
||||
service_names: {get_param: ServiceNames}
|
||||
sensu::subscriptions: {get_param: MonitoringSubscriptions}
|
||||
service_configs:
|
||||
mapped_data:
|
||||
map_replace:
|
||||
- {get_param: ServiceConfigSettings}
|
||||
- values: {get_attr: [NetIpMap, net_ip_map]}
|
||||
object_extraconfig:
|
||||
mapped_data: {get_param: ObjectStorageExtraConfig}
|
||||
extraconfig:
|
||||
mapped_data: {get_param: ExtraConfig}
|
||||
object:
|
||||
mapped_data: # data supplied directly to this deployment configuration, etc
|
||||
tripleo::packages::enable_upgrade: {get_input: enable_package_upgrade}
|
||||
|
||||
hierarchy:
|
||||
- '"%{::uuid}"'
|
||||
- heat_config_%{::deploy_config_name}
|
||||
- object_extraconfig
|
||||
- extraconfig
|
||||
- service_names
|
||||
- service_configs
|
||||
- object
|
||||
- bootstrap_node # provided by allNodesConfig
|
||||
- all_nodes # provided by allNodesConfig
|
||||
- vip_data # provided by allNodesConfig
|
||||
- '"%{::osfamily}"'
|
||||
merge_behavior: deeper
|
||||
datafiles:
|
||||
service_names:
|
||||
service_names: {get_param: ServiceNames}
|
||||
sensu::subscriptions: {get_param: MonitoringSubscriptions}
|
||||
service_configs:
|
||||
map_replace:
|
||||
- {get_param: ServiceConfigSettings}
|
||||
- values: {get_attr: [NetIpMap, net_ip_map]}
|
||||
object_extraconfig: {get_param: ObjectStorageExtraConfig}
|
||||
extraconfig: {get_param: ExtraConfig}
|
||||
object:
|
||||
tripleo::packages::enable_upgrade: {get_input: enable_package_upgrade}
|
||||
|
||||
SwiftStorageHieraDeploy:
|
||||
type: OS::Heat::StructuredDeployment
|
||||
|
@ -250,41 +250,35 @@ resources:
|
||||
{{role}}Config:
|
||||
type: OS::Heat::StructuredConfig
|
||||
properties:
|
||||
group: os-apply-config
|
||||
group: hiera
|
||||
config:
|
||||
hiera:
|
||||
hierarchy:
|
||||
- '"%{::uuid}"'
|
||||
- heat_config_%{::deploy_config_name}
|
||||
- {{role.lower()}}_extraconfig
|
||||
- extraconfig
|
||||
- service_names
|
||||
- service_configs
|
||||
- {{role.lower()}}
|
||||
- bootstrap_node # provided by allNodesConfig
|
||||
- all_nodes # provided by allNodesConfig
|
||||
- vip_data # provided by allNodesConfig
|
||||
- '"%{::osfamily}"'
|
||||
merge_behavior: deeper
|
||||
datafiles:
|
||||
service_names:
|
||||
mapped_data:
|
||||
service_names: {get_param: ServiceNames}
|
||||
sensu::subscriptions: {get_param: MonitoringSubscriptions}
|
||||
service_configs:
|
||||
mapped_data:
|
||||
map_replace:
|
||||
- {get_param: ServiceConfigSettings}
|
||||
- values: {get_attr: [NetIpMap, net_ip_map]}
|
||||
{{role.lower()}}_extraconfig:
|
||||
mapped_data: {get_param: {{role}}ExtraConfig}
|
||||
extraconfig:
|
||||
mapped_data: {get_param: ExtraConfig}
|
||||
{{role.lower()}}:
|
||||
mapped_data:
|
||||
tripleo::packages::enable_upgrade: {get_input: enable_package_upgrade}
|
||||
tripleo::profile::base::logging::fluentd::fluentd_sources: {get_param: LoggingSources}
|
||||
tripleo::profile::base::logging::fluentd::fluentd_groups: {get_param: LoggingGroups}
|
||||
hierarchy:
|
||||
- '"%{::uuid}"'
|
||||
- heat_config_%{::deploy_config_name}
|
||||
- {{role.lower()}}_extraconfig
|
||||
- extraconfig
|
||||
- service_names
|
||||
- service_configs
|
||||
- {{role.lower()}}
|
||||
- bootstrap_node # provided by allNodesConfig
|
||||
- all_nodes # provided by allNodesConfig
|
||||
- vip_data # provided by allNodesConfig
|
||||
- '"%{::osfamily}"'
|
||||
merge_behavior: deeper
|
||||
datafiles:
|
||||
service_names:
|
||||
service_names: {get_param: ServiceNames}
|
||||
sensu::subscriptions: {get_param: MonitoringSubscriptions}
|
||||
service_configs:
|
||||
map_replace:
|
||||
- {get_param: ServiceConfigSettings}
|
||||
- values: {get_attr: [NetIpMap, net_ip_map]}
|
||||
{{role.lower()}}_extraconfig: {get_param: {{role}}ExtraConfig}
|
||||
extraconfig: {get_param: ExtraConfig}
|
||||
{{role.lower()}}:
|
||||
tripleo::packages::enable_upgrade: {get_input: enable_package_upgrade}
|
||||
tripleo::profile::base::logging::fluentd::fluentd_sources: {get_param: LoggingSources}
|
||||
tripleo::profile::base::logging::fluentd::fluentd_groups: {get_param: LoggingGroups}
|
||||
|
||||
# Resource for site-specific injection of root certificate
|
||||
NodeTLSCAData:
|
||||
|
@ -55,7 +55,7 @@ outputs:
|
||||
aodh::wsgi::apache::servername:
|
||||
str_replace:
|
||||
template:
|
||||
'"%{::fqdn_$NETWORK}"'
|
||||
'%{::fqdn_$NETWORK}'
|
||||
params:
|
||||
$NETWORK: {get_param: [ServiceNetMap, AodhApiNetwork]}
|
||||
aodh::api::service_name: 'httpd'
|
||||
@ -68,7 +68,7 @@ outputs:
|
||||
aodh::api::host:
|
||||
str_replace:
|
||||
template:
|
||||
'"%{::fqdn_$NETWORK}"'
|
||||
'%{::fqdn_$NETWORK}'
|
||||
params:
|
||||
$NETWORK: {get_param: [ServiceNetMap, AodhApiNetwork]}
|
||||
# NOTE: bind IP is found in Heat replacing the network name with the
|
||||
|
@ -24,7 +24,7 @@ parameters:
|
||||
hidden: true
|
||||
BarbicanWorkers:
|
||||
description: Set the number of workers for barbican::wsgi::apache
|
||||
default: '"%{::processorcount}"'
|
||||
default: '%{::processorcount}'
|
||||
type: string
|
||||
Debug:
|
||||
default: ''
|
||||
@ -93,7 +93,7 @@ outputs:
|
||||
barbican::wsgi::apache::servername:
|
||||
str_replace:
|
||||
template:
|
||||
'"%{::fqdn_$NETWORK}"'
|
||||
'%{::fqdn_$NETWORK}'
|
||||
params:
|
||||
$NETWORK: {get_param: [ServiceNetMap, BarbicanApiNetwork]}
|
||||
barbican::db::database_connection:
|
||||
|
@ -75,7 +75,7 @@ outputs:
|
||||
ceilometer::api::host:
|
||||
str_replace:
|
||||
template:
|
||||
'"%{::fqdn_$NETWORK}"'
|
||||
'%{::fqdn_$NETWORK}'
|
||||
params:
|
||||
$NETWORK: {get_param: [ServiceNetMap, CeilometerApiNetwork]}
|
||||
ceilometer::wsgi::apache::bind_host: {get_param: [ServiceNetMap, CeilometerApiNetwork]}
|
||||
@ -83,7 +83,7 @@ outputs:
|
||||
ceilometer::wsgi::apache::servername:
|
||||
str_replace:
|
||||
template:
|
||||
'"%{::fqdn_$NETWORK}"'
|
||||
'%{::fqdn_$NETWORK}'
|
||||
params:
|
||||
$NETWORK: {get_param: [ServiceNetMap, CeilometerApiNetwork]}
|
||||
service_config_settings:
|
||||
|
@ -119,36 +119,33 @@ outputs:
|
||||
NETWORK: {get_param: [ServiceNetMap, CephMonNetwork]}
|
||||
ceph::profile::params::public_addr: {get_param: [ServiceNetMap, CephMonNetwork]}
|
||||
ceph::profile::params::client_keys:
|
||||
str_replace:
|
||||
template: "{
|
||||
client.admin: {
|
||||
secret: 'ADMIN_KEY',
|
||||
mode: '0600',
|
||||
cap_mon: 'allow *',
|
||||
cap_osd: 'allow *',
|
||||
map_replace:
|
||||
- client.admin:
|
||||
secret: {get_param: CephAdminKey}
|
||||
mode: '0600'
|
||||
cap_mon: 'allow *'
|
||||
cap_osd: 'allow *'
|
||||
cap_mds: 'allow *'
|
||||
},
|
||||
client.bootstrap-osd: {
|
||||
secret: 'ADMIN_KEY',
|
||||
keyring_path: '/var/lib/ceph/bootstrap-osd/ceph.keyring',
|
||||
client.bootstrap-osd:
|
||||
secret: {get_param: CephAdminKey}
|
||||
keyring_path: '/var/lib/ceph/bootstrap-osd/ceph.keyring'
|
||||
cap_mon: 'allow profile bootstrap-osd'
|
||||
},
|
||||
client.CLIENT_USER: {
|
||||
secret: 'CLIENT_KEY',
|
||||
mode: '0644',
|
||||
cap_mon: 'allow r',
|
||||
cap_osd: 'allow class-read object_prefix rbd_children, allow rwx pool=CINDER_POOL, allow rwx pool=CINDERBACKUP_POOL, allow rwx pool=NOVA_POOL, allow rwx pool=GLANCE_POOL, allow rwx pool=GNOCCHI_POOL'
|
||||
}
|
||||
}"
|
||||
params:
|
||||
CLIENT_USER: {get_param: CephClientUserName}
|
||||
CLIENT_KEY: {get_param: CephClientKey}
|
||||
ADMIN_KEY: {get_param: CephAdminKey}
|
||||
NOVA_POOL: {get_param: NovaRbdPoolName}
|
||||
CINDER_POOL: {get_param: CinderRbdPoolName}
|
||||
CINDERBACKUP_POOL: {get_param: CinderBackupRbdPoolName}
|
||||
GLANCE_POOL: {get_param: GlanceRbdPoolName}
|
||||
GNOCCHI_POOL: {get_param: GnocchiRbdPoolName}
|
||||
CEPH_CLIENT_KEY:
|
||||
secret: {get_param: CephClientKey}
|
||||
mode: '0644'
|
||||
cap_mon: 'allow r'
|
||||
cap_osd:
|
||||
str_replace:
|
||||
template: 'allow class-read object_prefix rbd_children, allow rwx pool=CINDER_POOL, allow rwx pool=CINDERBACKUP_POOL, allow rwx pool=NOVA_POOL, allow rwx pool=GLANCE_POOL, allow rwx pool=GNOCCHI_POOL'
|
||||
params:
|
||||
NOVA_POOL: {get_param: NovaRbdPoolName}
|
||||
CINDER_POOL: {get_param: CinderRbdPoolName}
|
||||
CINDERBACKUP_POOL: {get_param: CinderBackupRbdPoolName}
|
||||
GLANCE_POOL: {get_param: GlanceRbdPoolName}
|
||||
GNOCCHI_POOL: {get_param: GnocchiRbdPoolName}
|
||||
- keys:
|
||||
CEPH_CLIENT_KEY:
|
||||
list_join: ['.', ['client', {get_param: CephClientUserName}]]
|
||||
service_config_settings:
|
||||
glance_api:
|
||||
glance::api::show_multiple_locations: {if: [glance_multiple_locations, true, false]}
|
||||
|
@ -42,7 +42,7 @@ parameters:
|
||||
CinderWorkers:
|
||||
type: string
|
||||
description: Set the number of workers for cinder::wsgi::apache
|
||||
default: '"%{::os_workers}"'
|
||||
default: '%{::os_workers}'
|
||||
EnableInternalTLS:
|
||||
type: boolean
|
||||
default: false
|
||||
@ -101,7 +101,7 @@ outputs:
|
||||
cinder::api::bind_host:
|
||||
str_replace:
|
||||
template:
|
||||
'"%{::fqdn_$NETWORK}"'
|
||||
'%{::fqdn_$NETWORK}'
|
||||
params:
|
||||
$NETWORK: {get_param: [ServiceNetMap, CinderApiNetwork]}
|
||||
cinder::wsgi::apache::ssl: {get_param: EnableInternalTLS}
|
||||
@ -115,7 +115,7 @@ outputs:
|
||||
cinder::wsgi::apache::servername:
|
||||
str_replace:
|
||||
template:
|
||||
'"%{::fqdn_$NETWORK}"'
|
||||
'%{::fqdn_$NETWORK}'
|
||||
params:
|
||||
$NETWORK: {get_param: [ServiceNetMap, CinderApiNetwork]}
|
||||
-
|
||||
|
@ -87,7 +87,7 @@ outputs:
|
||||
tripleo::profile::base::database::mysql::bind_address:
|
||||
str_replace:
|
||||
template:
|
||||
'"%{::fqdn_$NETWORK}"'
|
||||
'%{::fqdn_$NETWORK}'
|
||||
params:
|
||||
$NETWORK: {get_param: [ServiceNetMap, MysqlNetwork]}
|
||||
step_config: |
|
||||
|
@ -39,6 +39,6 @@ outputs:
|
||||
# internal_api_subnet - > IP/CIDR
|
||||
redis::bind: {get_param: [ServiceNetMap, RedisNetwork]}
|
||||
redis::port: 6379
|
||||
redis::sentinel::master_name: '"%{hiera(\"bootstrap_nodeid\")}"'
|
||||
redis::sentinel::redis_host: '"%{hiera(\"bootstrap_nodeid_ip\")}"'
|
||||
redis::sentinel::master_name: "%{hiera('bootstrap_nodeid')}"
|
||||
redis::sentinel::redis_host: "%{hiera('bootstrap_nodeid_ip')}"
|
||||
redis::sentinel::notification_script: '/usr/local/bin/redis-notifications.sh'
|
||||
|
@ -91,7 +91,7 @@ outputs:
|
||||
gnocchi::wsgi::apache::servername:
|
||||
str_replace:
|
||||
template:
|
||||
'"%{::fqdn_$NETWORK}"'
|
||||
'%{::fqdn_$NETWORK}'
|
||||
params:
|
||||
$NETWORK: {get_param: [ServiceNetMap, GnocchiApiNetwork]}
|
||||
tripleo::profile::base::gnocchi::api::gnocchi_backend: {get_param: GnocchiBackend}
|
||||
@ -105,7 +105,7 @@ outputs:
|
||||
gnocchi::api::host:
|
||||
str_replace:
|
||||
template:
|
||||
'"%{::fqdn_$NETWORK}"'
|
||||
'%{::fqdn_$NETWORK}'
|
||||
params:
|
||||
$NETWORK: {get_param: [ServiceNetMap, GnocchiApiNetwork]}
|
||||
|
||||
|
@ -68,7 +68,7 @@ outputs:
|
||||
list_join:
|
||||
- ''
|
||||
- - 'http://'
|
||||
- '%{hiera("ironic_conductor_http_host")}:'
|
||||
- "%{hiera('ironic_conductor_http_host')}:"
|
||||
- {get_param: IronicIPXEPort}
|
||||
ironic::drivers::pxe::ipxe_enabled: {get_param: IronicIPXEEnabled}
|
||||
ironic::glance_api_servers: {get_param: [EndpointMap, GlanceInternal, uri]}
|
||||
|
@ -1,4 +1,4 @@
|
||||
heat_template_version: 2016-04-08
|
||||
heat_template_version: 2016-10-14
|
||||
|
||||
description: >
|
||||
Keepalived service configured with Puppet
|
||||
@ -36,6 +36,11 @@ parameters:
|
||||
default: 'overcloud-keepalived'
|
||||
type: string
|
||||
|
||||
conditions:
|
||||
|
||||
control_iface_empty: {equals : [{get_param: ControlVirtualInterface}, '']}
|
||||
public_iface_empty: {equals : [{get_param: PublicVirtualInterface}, '']}
|
||||
|
||||
outputs:
|
||||
role_data:
|
||||
description: Role data for the Keepalived role.
|
||||
@ -43,10 +48,19 @@ outputs:
|
||||
service_name: keepalived
|
||||
monitoring_subscription: {get_param: MonitoringSubscriptionKeepalived}
|
||||
config_settings:
|
||||
tripleo::keepalived::control_virtual_interface: {get_param: ControlVirtualInterface}
|
||||
tripleo::keepalived::public_virtual_interface: {get_param: PublicVirtualInterface}
|
||||
tripleo.keepalived.firewall_rules:
|
||||
'106 keepalived vrrp':
|
||||
proto: vrrp
|
||||
map_merge:
|
||||
- tripleo.keepalived.firewall_rules:
|
||||
'106 keepalived vrrp':
|
||||
proto: vrrp
|
||||
-
|
||||
if:
|
||||
- control_iface_empty
|
||||
- {}
|
||||
- tripleo::keepalived::control_virtual_interface: {get_param: ControlVirtualInterface}
|
||||
-
|
||||
if:
|
||||
- public_iface_empty
|
||||
- {}
|
||||
- tripleo::keepalived::public_virtual_interface: {get_param: PublicVirtualInterface}
|
||||
step_config: |
|
||||
include ::tripleo::profile::base::keepalived
|
||||
|
@ -89,7 +89,7 @@ parameters:
|
||||
KeystoneWorkers:
|
||||
type: string
|
||||
description: Set the number of workers for keystone::wsgi::apache
|
||||
default: '"%{::os_workers}"'
|
||||
default: '%{::os_workers}'
|
||||
MonitoringSubscriptionKeystone:
|
||||
default: 'overcloud-keystone'
|
||||
type: string
|
||||
@ -195,13 +195,13 @@ outputs:
|
||||
keystone::wsgi::apache::servername:
|
||||
str_replace:
|
||||
template:
|
||||
'"%{::fqdn_$NETWORK}"'
|
||||
'%{::fqdn_$NETWORK}'
|
||||
params:
|
||||
$NETWORK: {get_param: [ServiceNetMap, KeystonePublicApiNetwork]}
|
||||
keystone::wsgi::apache::servername_admin:
|
||||
str_replace:
|
||||
template:
|
||||
'"%{::fqdn_$NETWORK}"'
|
||||
'%{::fqdn_$NETWORK}'
|
||||
params:
|
||||
$NETWORK: {get_param: [ServiceNetMap, KeystoneAdminApiNetwork]}
|
||||
keystone::wsgi::apache::workers: {get_param: KeystoneWorkers}
|
||||
@ -219,13 +219,13 @@ outputs:
|
||||
keystone::admin_bind_host:
|
||||
str_replace:
|
||||
template:
|
||||
'"%{::fqdn_$NETWORK}"'
|
||||
'%{::fqdn_$NETWORK}'
|
||||
params:
|
||||
$NETWORK: {get_param: [ServiceNetMap, KeystoneAdminApiNetwork]}
|
||||
keystone::public_bind_host:
|
||||
str_replace:
|
||||
template:
|
||||
'"%{::fqdn_$NETWORK}"'
|
||||
'%{::fqdn_$NETWORK}'
|
||||
params:
|
||||
$NETWORK: {get_param: [ServiceNetMap, KeystonePublicApiNetwork]}
|
||||
# NOTE: bind IP is found in Heat replacing the network name with the
|
||||
|
@ -84,16 +84,12 @@ outputs:
|
||||
neutron::rabbit_port: {get_param: RabbitClientPort}
|
||||
neutron::dhcp_agents_per_network: {get_param: NeutronDhcpAgentsPerNetwork}
|
||||
neutron::core_plugin: {get_param: NeutronCorePlugin}
|
||||
neutron::service_plugins:
|
||||
str_replace:
|
||||
template: PLUGINS
|
||||
params:
|
||||
PLUGINS: {get_param: NeutronServicePlugins}
|
||||
neutron::service_plugins: {get_param: NeutronServicePlugins}
|
||||
neutron::debug: {get_param: Debug}
|
||||
neutron::purge_config: {get_param: EnableConfigPurge}
|
||||
neutron::allow_overlapping_ips: true
|
||||
neutron::rabbit_heartbeat_timeout_threshold: 60
|
||||
neutron::host: '"%{::fqdn}"' #NOTE: extra quoting is needed
|
||||
neutron::host: '%{::fqdn}'
|
||||
neutron::db::database_db_max_retries: -1
|
||||
neutron::db::database_max_retries: -1
|
||||
neutron::global_physnet_mtu: {get_param: NeutronGlobalPhysnetMtu}
|
||||
|
@ -72,6 +72,6 @@ outputs:
|
||||
neutron::agents::metadata::auth_password: {get_param: NeutronPassword}
|
||||
neutron::agents::metadata::auth_url: { get_param: [EndpointMap, KeystoneAdmin, uri_no_suffix] }
|
||||
neutron::agents::metadata::auth_tenant: 'service'
|
||||
neutron::agents::metadata::metadata_ip: '"%{hiera(\"nova_metadata_vip\")}"'
|
||||
neutron::agents::metadata::metadata_ip: "%{hiera('nova_metadata_vip')}"
|
||||
step_config: |
|
||||
include tripleo::profile::base::neutron::metadata
|
||||
|
@ -94,21 +94,9 @@ outputs:
|
||||
- neutron::agents::ml2::ovs::l2_population: {get_param: NeutronEnableL2Pop}
|
||||
neutron::agents::ml2::ovs::enable_distributed_routing: {get_param: NeutronEnableDVR}
|
||||
neutron::agents::ml2::ovs::arp_responder: {get_param: NeutronEnableARPResponder}
|
||||
neutron::agents::ml2::ovs::bridge_mappings:
|
||||
str_replace:
|
||||
template: MAPPINGS
|
||||
params:
|
||||
MAPPINGS: {get_param: NeutronBridgeMappings}
|
||||
neutron::agents::ml2::ovs::tunnel_types:
|
||||
str_replace:
|
||||
template: TYPES
|
||||
params:
|
||||
TYPES: {get_param: NeutronTunnelTypes}
|
||||
neutron::agents::ml2::ovs::extensions:
|
||||
str_replace:
|
||||
template: AGENT_EXTENSIONS
|
||||
params:
|
||||
AGENT_EXTENSIONS: {get_param: NeutronAgentExtensions}
|
||||
neutron::agents::ml2::ovs::bridge_mappings: {get_param: NeutronBridgeMappings}
|
||||
neutron::agents::ml2::ovs::tunnel_types: {get_param: NeutronTunnelTypes}
|
||||
neutron::agents::ml2::ovs::extensions: {get_param: NeutronAgentExtensions}
|
||||
# NOTE: bind IP is found in Heat replacing the network name with the
|
||||
# local node IP for the given network; replacement examples
|
||||
# (eg. for internal_api):
|
||||
|
@ -83,46 +83,14 @@ outputs:
|
||||
config_settings:
|
||||
map_merge:
|
||||
- get_attr: [NeutronBase, role_data, config_settings]
|
||||
- neutron::plugins::ml2::mechanism_drivers:
|
||||
str_replace:
|
||||
template: MECHANISMS
|
||||
params:
|
||||
MECHANISMS: {get_param: NeutronMechanismDrivers}
|
||||
neutron::plugins::ml2::type_drivers:
|
||||
str_replace:
|
||||
template: DRIVERS
|
||||
params:
|
||||
DRIVERS: {get_param: NeutronTypeDrivers}
|
||||
neutron::plugins::ml2::flat_networks:
|
||||
str_replace:
|
||||
template: NETWORKS
|
||||
params:
|
||||
NETWORKS: {get_param: NeutronFlatNetworks}
|
||||
neutron::plugins::ml2::extension_drivers:
|
||||
str_replace:
|
||||
template: PLUGIN_EXTENSIONS
|
||||
params:
|
||||
PLUGIN_EXTENSIONS: {get_param: NeutronPluginExtensions}
|
||||
neutron::plugins::ml2::network_vlan_ranges:
|
||||
str_replace:
|
||||
template: RANGES
|
||||
params:
|
||||
RANGES: {get_param: NeutronNetworkVLANRanges}
|
||||
neutron::plugins::ml2::tunnel_id_ranges:
|
||||
str_replace:
|
||||
template: RANGES
|
||||
params:
|
||||
RANGES: {get_param: NeutronTunnelIdRanges}
|
||||
neutron::plugins::ml2::vni_ranges:
|
||||
str_replace:
|
||||
template: RANGES
|
||||
params:
|
||||
RANGES: {get_param: NeutronVniRanges}
|
||||
neutron::plugins::ml2::tenant_network_types:
|
||||
str_replace:
|
||||
template: TYPES
|
||||
params:
|
||||
TYPES: {get_param: NeutronNetworkType}
|
||||
- neutron::plugins::ml2::mechanism_drivers: {get_param: NeutronMechanismDrivers}
|
||||
neutron::plugins::ml2::type_drivers: {get_param: NeutronTypeDrivers}
|
||||
neutron::plugins::ml2::flat_networks: {get_param: NeutronFlatNetworks}
|
||||
neutron::plugins::ml2::extension_drivers: {get_param: NeutronPluginExtensions}
|
||||
neutron::plugins::ml2::network_vlan_ranges: {get_param: NeutronNetworkVLANRanges}
|
||||
neutron::plugins::ml2::tunnel_id_ranges: {get_param: NeutronTunnelIdRanges}
|
||||
neutron::plugins::ml2::vni_ranges: {get_param: NeutronVniRanges}
|
||||
neutron::plugins::ml2::tenant_network_types: {get_param: NeutronNetworkType}
|
||||
neutron::plugins::ml2::supported_pci_vendor_devs: {get_param: NeutronSupportedPCIVendorDevs}
|
||||
|
||||
step_config: |
|
||||
|
@ -87,8 +87,8 @@ outputs:
|
||||
map_merge:
|
||||
- get_attr: [NovaBase, role_data, config_settings]
|
||||
- get_attr: [ApacheServiceBase, role_data, config_settings]
|
||||
- nova::cron::archive_deleted_rows::hour: '"*/12"'
|
||||
nova::cron::archive_deleted_rows::destination: '"/dev/null"'
|
||||
- nova::cron::archive_deleted_rows::hour: '*/12'
|
||||
nova::cron::archive_deleted_rows::destination: '/dev/null'
|
||||
tripleo.nova_api.firewall_rules:
|
||||
'113 nova_api':
|
||||
dport:
|
||||
@ -108,7 +108,7 @@ outputs:
|
||||
nova::api::api_bind_address:
|
||||
str_replace:
|
||||
template:
|
||||
'"%{::fqdn_$NETWORK}"'
|
||||
'%{::fqdn_$NETWORK}'
|
||||
params:
|
||||
$NETWORK: {get_param: [ServiceNetMap, NovaApiNetwork]}
|
||||
nova::api::service_name: 'httpd'
|
||||
@ -122,7 +122,7 @@ outputs:
|
||||
nova::wsgi::apache::servername:
|
||||
str_replace:
|
||||
template:
|
||||
'"%{::fqdn_$NETWORK}"'
|
||||
'%{::fqdn_$NETWORK}'
|
||||
params:
|
||||
$NETWORK: {get_param: [ServiceNetMap, NovaApiNetwork]}
|
||||
nova::api::neutron_metadata_proxy_shared_secret: {get_param: NeutronMetadataProxySharedSecret}
|
||||
|
@ -109,7 +109,7 @@ outputs:
|
||||
nova::network::neutron::neutron_auth_url: {get_param: [EndpointMap, KeystoneV3Admin, uri]}
|
||||
nova::rabbit_heartbeat_timeout_threshold: 60
|
||||
nova::cinder_catalog_info: 'volumev2:cinderv2:internalURL'
|
||||
nova::host: '"%{::fqdn}"' # NOTE: extra quoting is needed.
|
||||
nova::host: '%{::fqdn}'
|
||||
nova::notify_on_state_change: 'vm_and_task_state'
|
||||
nova::notification_driver: messagingv2
|
||||
nova::network::neutron::neutron_auth_type: 'v3password'
|
||||
|
@ -52,7 +52,7 @@ parameters:
|
||||
For different formats, refer to the nova.conf documentation for
|
||||
pci_passthrough_whitelist configuration
|
||||
type: json
|
||||
default: ''
|
||||
default: {}
|
||||
NovaVcpuPinSet:
|
||||
description: >
|
||||
A list or range of physical CPU cores to reserve for virtual machine
|
||||
@ -97,11 +97,7 @@ outputs:
|
||||
map_merge:
|
||||
- get_attr: [NovaBase, role_data, config_settings]
|
||||
- nova::compute::libvirt::manage_libvirt_services: false
|
||||
nova::compute::pci_passthrough:
|
||||
str_replace:
|
||||
template: "'JSON_PARAM'"
|
||||
params:
|
||||
JSON_PARAM: {get_param: NovaPCIPassthrough}
|
||||
nova::compute::pci_passthrough: {get_param: NovaPCIPassthrough}
|
||||
nova::compute::vcpu_pin_set: {get_param: NovaVcpuPinSet}
|
||||
nova::compute::reserved_host_memory: {get_param: NovaReservedHostMemory}
|
||||
# we manage migration in nova common puppet profile
|
||||
@ -117,7 +113,7 @@ outputs:
|
||||
- '.'
|
||||
- - 'client'
|
||||
- {get_param: CephClientUserName}
|
||||
nova::compute::rbd::libvirt_rbd_secret_uuid: '"%{hiera(\"ceph::profile::params::fsid\")}"'
|
||||
nova::compute::rbd::libvirt_rbd_secret_uuid: "%{hiera('ceph::profile::params::fsid')}"
|
||||
nova::compute::instance_usage_audit: true
|
||||
nova::compute::instance_usage_audit_period: 'hour'
|
||||
nova::compute::rbd::ephemeral_storage: {get_param: NovaEnableRbdBackend}
|
||||
|
@ -40,7 +40,7 @@ outputs:
|
||||
- tripleo::profile::pacemaker::database::mysql::bind_address:
|
||||
str_replace:
|
||||
template:
|
||||
'"%{::fqdn_$NETWORK}"'
|
||||
'%{::fqdn_$NETWORK}'
|
||||
params:
|
||||
$NETWORK: {get_param: [ServiceNetMap, MysqlNetwork]}
|
||||
# NOTE: bind IP is found in Heat replacing the network name with the
|
||||
|
@ -55,7 +55,7 @@ outputs:
|
||||
panko::wsgi::apache::servername:
|
||||
str_replace:
|
||||
template:
|
||||
'"%{::fqdn_$NETWORK}"'
|
||||
'%{::fqdn_$NETWORK}'
|
||||
params:
|
||||
$NETWORK: {get_param: [ServiceNetMap, PankoApiNetwork]}
|
||||
panko::api::service_name: 'httpd'
|
||||
@ -68,7 +68,7 @@ outputs:
|
||||
panko::api::host:
|
||||
str_replace:
|
||||
template:
|
||||
'"%{::fqdn_$NETWORK}"'
|
||||
'%{::fqdn_$NETWORK}'
|
||||
params:
|
||||
$NETWORK: {get_param: [ServiceNetMap, PankoApiNetwork]}
|
||||
# NOTE: bind IP is found in Heat replacing the network name with the
|
||||
|
Loading…
Reference in New Issue
Block a user