Browse Source

Hiera optimization: use a new hiera hook

This patch optimizes how we deploy hiera by using a new
heat hook specifically designed to help compose hiera
within heat templates. As part of this change:

 - we update all the 'hiera' software configurations to set the group to hiera
   instead of os-apply-config.

 - The new format uses JSON instead of YAML. The hook actually writes
   out the hiera JSON directly so no conversion takes place. Arrays,
   Strings, Booleans all stay in their native formats. As such we can avoid
   having to do many of the awkward string and list conversions in t-h-t to
   support the previous YAML formatting.

 - The new hook prefers JSON over YAML so upgrading users will have the
   new files prefered. (we will post a cleanup routine for the old files
   soon but this isn't a new behavior, JSON is now simply prefered.)

 - A lot of services required edits to account for default settings that
   worked in YAML that no longer work correctly in the native JSON
   format. In almost all these cases I think the resulting codes looks
   cleaner and is more explicit with regards to what is getting
   configured in hiera on the actual nodes.

Depends-On: I6a383b1ad4ec29458569763bd3f56fd3f2bd726b
Closes-bug: #1596373

Change-Id: Ibe7e2044e200e2c947223286fdf4fd5bcf98c2e1
tags/6.0.0.0b2
Dan Prince 2 years ago
parent
commit
7876851011

+ 118
- 126
puppet/all-nodes-config.yaml View File

@@ -71,140 +71,132 @@ resources:
71 71
   allNodesConfigImpl:
72 72
     type: OS::Heat::StructuredConfig
73 73
     properties:
74
-      group: os-apply-config
74
+      group: hiera
75 75
       config:
76
-        hiera:
77
-          datafiles:
78
-            bootstrap_node:
79
-              mapped_data:
80
-                bootstrap_nodeid: {get_input: bootstrap_nodeid}
81
-                bootstrap_nodeid_ip: {get_input: bootstrap_nodeid_ip}
82
-            all_nodes:
83
-              mapped_data:
84
-                map_merge:
85
-                  - tripleo::profile::base::logging::fluentd::fluentd_sources: {get_param: logging_sources}
86
-                  - tripleo::profile::base::logging::fluentd::fluentd_groups: {get_param: logging_groups}
87
-                  - enabled_services: {get_param: enabled_services}
88
-                  # This writes out a mapping of service_name_enabled: 'true'
89
-                  # For any services not enabled, hiera foo_enabled will
90
-                  # return nil, as it's undefined
91
-                  - map_merge:
92
-                      repeat:
93
-                        template:
94
-                          # Note this must be string 'true' due to
95
-                          # https://bugs.launchpad.net/heat/+bug/1617203
96
-                          SERVICE_enabled: 'true'
97
-                        for_each:
98
-                          SERVICE:
99
-                            str_split: [',', {get_param: enabled_services}]
100
-                  # Dynamically generate per-service network data
101
-                  # This works as follows (outer->inner functions)
102
-                  # yaql - filters services where no mapping exists in ServiceNetMap
103
-                  #   map_replace: substitute e.g heat_api_network with network name from ServiceNetMap
104
-                  #     map_merge/repeat: generate a per-service mapping
105
-                  - yaql:
106
-                      # This filters any entries where the value hasn't been substituted for
107
-                      # a list, e.g it's still $service_network.  This happens when there is
108
-                      # no network defined for the service in the ServiceNetMap, which is OK
109
-                      # as not all services have to be bound to a network, so we filter them
110
-                      expression: dict($.data.map.items().where(isString($[1]) and not $[1].endsWith("_network")))
111
-                      data:
112
-                        map:
113
-                          map_replace:
76
+        datafiles:
77
+          bootstrap_node:
78
+            bootstrap_nodeid: {get_input: bootstrap_nodeid}
79
+            bootstrap_nodeid_ip: {get_input: bootstrap_nodeid_ip}
80
+          all_nodes:
81
+           map_merge:
82
+              - tripleo::profile::base::logging::fluentd::fluentd_sources: {get_param: logging_sources}
83
+              - tripleo::profile::base::logging::fluentd::fluentd_groups: {get_param: logging_groups}
84
+              - enabled_services: {get_param: enabled_services}
85
+              # This writes out a mapping of service_name_enabled: 'true'
86
+              # For any services not enabled, hiera foo_enabled will
87
+              # return nil, as it's undefined
88
+              - map_merge:
89
+                  repeat:
90
+                    template:
91
+                      # Note this must be string 'true' due to
92
+                      # https://bugs.launchpad.net/heat/+bug/1617203
93
+                      SERVICE_enabled: 'true'
94
+                    for_each:
95
+                      SERVICE:
96
+                        str_split: [',', {get_param: enabled_services}]
97
+              # Dynamically generate per-service network data
98
+              # This works as follows (outer->inner functions)
99
+              # yaql - filters services where no mapping exists in ServiceNetMap
100
+              #   map_replace: substitute e.g heat_api_network with network name from ServiceNetMap
101
+              #     map_merge/repeat: generate a per-service mapping
102
+              - yaql:
103
+                  # This filters any entries where the value hasn't been substituted for
104
+                  # a list, e.g it's still $service_network.  This happens when there is
105
+                  # no network defined for the service in the ServiceNetMap, which is OK
106
+                  # as not all services have to be bound to a network, so we filter them
107
+                  expression: dict($.data.map.items().where(isString($[1]) and not $[1].endsWith("_network")))
108
+                  data:
109
+                    map:
110
+                      map_replace:
111
+                        - map_merge:
112
+                            repeat:
113
+                              template:
114
+                                SERVICE_network: SERVICE_network
115
+                              for_each:
116
+                                SERVICE:
117
+                                  str_split: [',', {get_param: enabled_services}]
118
+                        - values: {get_param: ServiceNetMap}
119
+              # Keystone doesn't provide separate entries for the public
120
+              # and admin endpoints, so we need to add them here manually
121
+              # like we do in the vip-config below
122
+              - keystone_admin_api_network: {get_param: [ServiceNetMap, keystone_admin_api_network]}
123
+                keystone_public_api_network: {get_param: [ServiceNetMap, keystone_public_api_network]}
124
+              # provides a mapping of service_name_ips to a list of IPs
125
+              - {get_param: service_ips}
126
+              - {get_param: service_node_names}
127
+              - {get_param: short_service_node_names}
128
+              - controller_node_ips:
129
+                  list_join:
130
+                  - ','
131
+                  - {get_param: controller_ips}
132
+                controller_node_names:
133
+                  list_join:
134
+                  - ','
135
+                  - {get_param: controller_names}
136
+                memcached_node_ips_v6:
137
+                  repeat:
138
+                    template: "inet6:[NAME]"
139
+                    for_each:
140
+                      NAME: {get_param: memcache_node_ips}
141
+                deploy_identifier: {get_param: DeployIdentifier}
142
+                update_identifier: {get_param: UpdateIdentifier}
143
+                stack_action: {get_param: StackAction}
144
+          vip_data:
145
+            map_merge:
146
+              # Dynamically generate per-service VIP data based on enabled_services
147
+              # This works as follows (outer->inner functions)
148
+              # yaql - filters services where no mapping exists in ServiceNetMap
149
+              #   map_replace: substitute e.g internal_api with the IP from NetVipMap
150
+              #     map_replace: substitute e.g heat_api_network with network name from ServiceNetMap
151
+              #       map_merge/repeat: generate a per-service mapping
152
+              - yaql:
153
+                  # This filters any entries where the value hasn't been substituted for
154
+                  # a list, e.g it's still $service_network.  This happens when there is
155
+                  # no network defined for the service in the ServiceNetMap, which is OK
156
+                  # as not all services have to be bound to a network, so we filter them
157
+                  expression: dict($.data.map.items().where(isString($[1]) and not $[1].endsWith("_network")))
158
+                  data:
159
+                    map:
160
+                      map_replace:
161
+                        - map_replace:
114 162
                             - map_merge:
115 163
                                 repeat:
116 164
                                   template:
117
-                                    SERVICE_network: SERVICE_network
165
+                                    SERVICE_vip: SERVICE_network
118 166
                                   for_each:
119 167
                                     SERVICE:
120 168
                                       str_split: [',', {get_param: enabled_services}]
121 169
                             - values: {get_param: ServiceNetMap}
122
-                  # Keystone doesn't provide separate entries for the public
123
-                  # and admin endpoints, so we need to add them here manually
124
-                  # like we do in the vip-config below
125
-                  - keystone_admin_api_network: {get_param: [ServiceNetMap, keystone_admin_api_network]}
126
-                    keystone_public_api_network: {get_param: [ServiceNetMap, keystone_public_api_network]}
127
-                  # provides a mapping of service_name_ips to a list of IPs
128
-                  - {get_param: service_ips}
129
-                  - {get_param: service_node_names}
130
-                  - {get_param: short_service_node_names}
131
-                  - controller_node_ips:
132
-                      list_join:
133
-                      - ','
134
-                      - {get_param: controller_ips}
135
-                    controller_node_names:
136
-                      list_join:
137
-                      - ','
138
-                      - {get_param: controller_names}
139
-                    memcached_node_ips_v6:
140
-                      str_replace:
141
-                        template: "['inet6:[SERVERS_LIST]']"
142
-                        params:
143
-                          SERVERS_LIST:
144
-                            list_join:
145
-                            - "]','inet6:["
146
-                            - {get_param: memcache_node_ips}
147
-
148
-                    deploy_identifier: {get_param: DeployIdentifier}
149
-                    update_identifier: {get_param: UpdateIdentifier}
150
-                    stack_action: {get_param: StackAction}
151
-            vip_data:
152
-              mapped_data:
153
-                map_merge:
154
-                  # Dynamically generate per-service VIP data based on enabled_services
155
-                  # This works as follows (outer->inner functions)
156
-                  # yaql - filters services where no mapping exists in ServiceNetMap
157
-                  #   map_replace: substitute e.g internal_api with the IP from NetVipMap
158
-                  #     map_replace: substitute e.g heat_api_network with network name from ServiceNetMap
159
-                  #       map_merge/repeat: generate a per-service mapping
160
-                  - yaql:
161
-                      # This filters any entries where the value hasn't been substituted for
162
-                      # a list, e.g it's still $service_network.  This happens when there is
163
-                      # no network defined for the service in the ServiceNetMap, which is OK
164
-                      # as not all services have to be bound to a network, so we filter them
165
-                      expression: dict($.data.map.items().where(isString($[1]) and not $[1].endsWith("_network")))
166
-                      data:
167
-                        map:
168
-                          map_replace:
169
-                            - map_replace:
170
-                                - map_merge:
171
-                                    repeat:
172
-                                      template:
173
-                                        SERVICE_vip: SERVICE_network
174
-                                      for_each:
175
-                                        SERVICE:
176
-                                          str_split: [',', {get_param: enabled_services}]
177
-                                - values: {get_param: ServiceNetMap}
178
-                            - values: {get_param: NetVipMap}
179
-                  - keystone_admin_api_vip:
180
-                      get_param: [NetVipMap, {get_param: [ServiceNetMap, keystone_admin_api_network]}]
181
-                    keystone_public_api_vip:
182
-                      get_param: [NetVipMap, {get_param: [ServiceNetMap, keystone_public_api_network]}]
183
-                    public_virtual_ip: {get_param: [NetVipMap, external]}
184
-                    controller_virtual_ip: {get_param: [NetVipMap, ctlplane]}
185
-                    internal_api_virtual_ip: {get_param: [NetVipMap, internal_api]}
186
-                    storage_virtual_ip: {get_param: [NetVipMap, storage]}
187
-                    storage_mgmt_virtual_ip: {get_param: [NetVipMap, storage_mgmt]}
188
-                    redis_vip: {get_param: RedisVirtualIP}
189
-                    # public_virtual_ip and controller_virtual_ip are needed in
190
-                    # both HAproxy & keepalived.
191
-                    tripleo::haproxy::public_virtual_ip: {get_param: [NetVipMap, external]}
192
-                    tripleo::haproxy::controller_virtual_ip: {get_param: [NetVipMap, ctlplane]}
193
-                    tripleo::keepalived::public_virtual_ip: {get_param: [NetVipMap, external]}
194
-                    tripleo::keepalived::controller_virtual_ip: {get_param: [NetVipMap, ctlplane]}
195
-                    tripleo::keepalived::internal_api_virtual_ip: {get_param: [NetVipMap, internal_api]}
196
-                    tripleo::keepalived::storage_virtual_ip: {get_param: [NetVipMap, storage]}
197
-                    tripleo::keepalived::storage_mgmt_virtual_ip: {get_param: [NetVipMap, storage_mgmt]}
198
-                    tripleo::keepalived::redis_virtual_ip: {get_param: RedisVirtualIP}
199
-                    tripleo::redis_notification::haproxy_monitor_ip: {get_param: [NetVipMap, ctlplane]}
200
-                    cloud_name_external: {get_param: cloud_name_external}
201
-                    cloud_name_internal_api: {get_param: cloud_name_internal_api}
202
-                    cloud_name_storage: {get_param: cloud_name_storage}
203
-                    cloud_name_storage_mgmt: {get_param: cloud_name_storage_mgmt}
204
-                    cloud_name_ctlplane: {get_param: cloud_name_ctlplane}
205
-                    # TLS parameters
206
-                    certmonger_ca: {get_param: CertmongerCA}
207
-                    enable_internal_tls: {get_param: EnableInternalTLS}
170
+                        - values: {get_param: NetVipMap}
171
+              - keystone_admin_api_vip:
172
+                  get_param: [NetVipMap, {get_param: [ServiceNetMap, keystone_admin_api_network]}]
173
+                keystone_public_api_vip:
174
+                  get_param: [NetVipMap, {get_param: [ServiceNetMap, keystone_public_api_network]}]
175
+                public_virtual_ip: {get_param: [NetVipMap, external]}
176
+                controller_virtual_ip: {get_param: [NetVipMap, ctlplane]}
177
+                internal_api_virtual_ip: {get_param: [NetVipMap, internal_api]}
178
+                storage_virtual_ip: {get_param: [NetVipMap, storage]}
179
+                storage_mgmt_virtual_ip: {get_param: [NetVipMap, storage_mgmt]}
180
+                redis_vip: {get_param: RedisVirtualIP}
181
+                # public_virtual_ip and controller_virtual_ip are needed in
182
+                # both HAproxy & keepalived.
183
+                tripleo::haproxy::public_virtual_ip: {get_param: [NetVipMap, external]}
184
+                tripleo::haproxy::controller_virtual_ip: {get_param: [NetVipMap, ctlplane]}
185
+                tripleo::keepalived::public_virtual_ip: {get_param: [NetVipMap, external]}
186
+                tripleo::keepalived::controller_virtual_ip: {get_param: [NetVipMap, ctlplane]}
187
+                tripleo::keepalived::internal_api_virtual_ip: {get_param: [NetVipMap, internal_api]}
188
+                tripleo::keepalived::storage_virtual_ip: {get_param: [NetVipMap, storage]}
189
+                tripleo::keepalived::storage_mgmt_virtual_ip: {get_param: [NetVipMap, storage_mgmt]}
190
+                tripleo::keepalived::redis_virtual_ip: {get_param: RedisVirtualIP}
191
+                tripleo::redis_notification::haproxy_monitor_ip: {get_param: [NetVipMap, ctlplane]}
192
+                cloud_name_external: {get_param: cloud_name_external}
193
+                cloud_name_internal_api: {get_param: cloud_name_internal_api}
194
+                cloud_name_storage: {get_param: cloud_name_storage}
195
+                cloud_name_storage_mgmt: {get_param: cloud_name_storage_mgmt}
196
+                cloud_name_ctlplane: {get_param: cloud_name_ctlplane}
197
+                # TLS parameters
198
+                certmonger_ca: {get_param: CertmongerCA}
199
+                enable_internal_tls: {get_param: EnableInternalTLS}
208 200
 
209 201
 outputs:
210 202
   config_id:

+ 26
- 32
puppet/blockstorage-role.yaml View File

@@ -239,39 +239,33 @@ resources:
239 239
   BlockStorageConfig:
240 240
     type: OS::Heat::StructuredConfig
241 241
     properties:
242
-      group: os-apply-config
242
+      group: hiera
243 243
       config:
244
-        hiera:
245
-          hierarchy:
246
-            - '"%{::uuid}"'
247
-            - heat_config_%{::deploy_config_name}
248
-            - volume_extraconfig
249
-            - extraconfig
250
-            - service_names
251
-            - service_configs
252
-            - volume
253
-            - bootstrap_node # provided by allNodesConfig
254
-            - all_nodes # provided by allNodesConfig
255
-            - vip_data # provided by allNodesConfig
256
-            - '"%{::osfamily}"'
257
-          merge_behavior: deeper
258
-          datafiles:
259
-            service_names:
260
-              mapped_data:
261
-                service_names: {get_param: ServiceNames}
262
-                sensu::subscriptions: {get_param: MonitoringSubscriptions}
263
-            service_configs:
264
-              mapped_data:
265
-                map_replace:
266
-                  - {get_param: ServiceConfigSettings}
267
-                  - values: {get_attr: [NetIpMap, net_ip_map]}
268
-            volume_extraconfig:
269
-              mapped_data: {get_param: BlockStorageExtraConfig}
270
-            extraconfig:
271
-              mapped_data: {get_param: ExtraConfig}
272
-            volume:
273
-              mapped_data:
274
-                tripleo::packages::enable_upgrade: {get_input: enable_package_upgrade}
244
+        hierarchy:
245
+          - '"%{::uuid}"'
246
+          - heat_config_%{::deploy_config_name}
247
+          - volume_extraconfig
248
+          - extraconfig
249
+          - service_names
250
+          - service_configs
251
+          - volume
252
+          - bootstrap_node # provided by allNodesConfig
253
+          - all_nodes # provided by allNodesConfig
254
+          - vip_data # provided by allNodesConfig
255
+          - '"%{::osfamily}"'
256
+        merge_behavior: deeper
257
+        datafiles:
258
+          service_names:
259
+            service_names: {get_param: ServiceNames}
260
+            sensu::subscriptions: {get_param: MonitoringSubscriptions}
261
+          service_configs:
262
+            map_replace:
263
+              - {get_param: ServiceConfigSettings}
264
+              - values: {get_attr: [NetIpMap, net_ip_map]}
265
+          volume_extraconfig: {get_param: BlockStorageExtraConfig}
266
+          extraconfig: {get_param: ExtraConfig}
267
+          volume:
268
+            tripleo::packages::enable_upgrade: {get_input: enable_package_upgrade}
275 269
 
276 270
   # Resource for site-specific injection of root certificate
277 271
   NodeTLSCAData:

+ 26
- 32
puppet/cephstorage-role.yaml View File

@@ -244,39 +244,33 @@ resources:
244 244
   CephStorageConfig:
245 245
     type: OS::Heat::StructuredConfig
246 246
     properties:
247
-      group: os-apply-config
247
+      group: hiera
248 248
       config:
249
-        hiera:
250
-          hierarchy:
251
-            - '"%{::uuid}"'
252
-            - heat_config_%{::deploy_config_name}
253
-            - ceph_extraconfig
254
-            - extraconfig
255
-            - service_names
256
-            - service_configs
257
-            - ceph
258
-            - bootstrap_node # provided by allNodesConfig
259
-            - all_nodes # provided by allNodesConfig
260
-            - vip_data # provided by allNodesConfig
261
-            - '"%{::osfamily}"'
262
-          merge_behavior: deeper
263
-          datafiles:
264
-            service_names:
265
-              mapped_data:
266
-                service_names: {get_param: ServiceNames}
267
-                sensu::subscriptions: {get_param: MonitoringSubscriptions}
268
-            service_configs:
269
-              mapped_data:
270
-                map_replace:
271
-                  - {get_param: ServiceConfigSettings}
272
-                  - values: {get_attr: [NetIpMap, net_ip_map]}
273
-            ceph_extraconfig:
274
-              mapped_data: {get_param: CephStorageExtraConfig}
275
-            extraconfig:
276
-              mapped_data: {get_param: ExtraConfig}
277
-            ceph:
278
-              mapped_data:
279
-                tripleo::packages::enable_upgrade: {get_input: enable_package_upgrade}
249
+        hierarchy:
250
+          - '"%{::uuid}"'
251
+          - heat_config_%{::deploy_config_name}
252
+          - ceph_extraconfig
253
+          - extraconfig
254
+          - service_names
255
+          - service_configs
256
+          - ceph
257
+          - bootstrap_node # provided by allNodesConfig
258
+          - all_nodes # provided by allNodesConfig
259
+          - vip_data # provided by allNodesConfig
260
+          - '"%{::osfamily}"'
261
+        merge_behavior: deeper
262
+        datafiles:
263
+          service_names:
264
+            service_names: {get_param: ServiceNames}
265
+            sensu::subscriptions: {get_param: MonitoringSubscriptions}
266
+          service_configs:
267
+            map_replace:
268
+              - {get_param: ServiceConfigSettings}
269
+              - values: {get_attr: [NetIpMap, net_ip_map]}
270
+          ceph_extraconfig: {get_param: CephStorageExtraConfig}
271
+          extraconfig: {get_param: ExtraConfig}
272
+          ceph:
273
+            tripleo::packages::enable_upgrade: {get_input: enable_package_upgrade}
280 274
 
281 275
   # Resource for site-specific injection of root certificate
282 276
   NodeTLSCAData:

+ 32
- 38
puppet/compute-role.yaml View File

@@ -251,45 +251,39 @@ resources:
251 251
   NovaComputeConfig:
252 252
     type: OS::Heat::StructuredConfig
253 253
     properties:
254
-      group: os-apply-config
254
+      group: hiera
255 255
       config:
256
-        hiera:
257
-          hierarchy:
258
-            - '"%{::uuid}"'
259
-            - heat_config_%{::deploy_config_name}
260
-            - compute_extraconfig
261
-            - extraconfig
262
-            - service_names
263
-            - service_configs
264
-            - compute
265
-            - bootstrap_node # provided by allNodesConfig
266
-            - all_nodes # provided by allNodesConfig
267
-            - vip_data # provided by allNodesConfig
268
-            - '"%{::osfamily}"'
269
-            - neutron_bigswitch_data # Optionally provided by ComputeExtraConfigPre
270
-            - cisco_n1kv_data  # Optionally provided by ComputeExtraConfigPre
271
-            - nova_nuage_data  # Optionally provided by ComputeExtraConfigPre
272
-            - midonet_data # Optionally provided by AllNodesExtraConfig
273
-            - neutron_opencontrail_data  # Optionally provided by ComputeExtraConfigPre
274
-            - cisco_aci_data # Optionally provided by ComputeExtraConfigPre
275
-          merge_behavior: deeper
276
-          datafiles:
277
-            service_names:
278
-              mapped_data:
279
-                service_names: {get_param: ServiceNames}
280
-                sensu::subscriptions: {get_param: MonitoringSubscriptions}
281
-            service_configs:
282
-              mapped_data:
283
-                map_replace:
284
-                  - {get_param: ServiceConfigSettings}
285
-                  - values: {get_attr: [NetIpMap, net_ip_map]}
286
-            compute_extraconfig:
287
-              mapped_data: {get_param: NovaComputeExtraConfig}
288
-            extraconfig:
289
-              mapped_data: {get_param: ExtraConfig}
290
-            compute:
291
-              mapped_data:
292
-                tripleo::packages::enable_upgrade: {get_input: enable_package_upgrade}
256
+        hierarchy:
257
+          - '"%{::uuid}"'
258
+          - heat_config_%{::deploy_config_name}
259
+          - compute_extraconfig
260
+          - extraconfig
261
+          - service_names
262
+          - service_configs
263
+          - compute
264
+          - bootstrap_node # provided by allNodesConfig
265
+          - all_nodes # provided by allNodesConfig
266
+          - vip_data # provided by allNodesConfig
267
+          - '"%{::osfamily}"'
268
+          - neutron_bigswitch_data # Optionally provided by ComputeExtraConfigPre
269
+          - cisco_n1kv_data  # Optionally provided by ComputeExtraConfigPre
270
+          - nova_nuage_data  # Optionally provided by ComputeExtraConfigPre
271
+          - midonet_data # Optionally provided by AllNodesExtraConfig
272
+          - neutron_opencontrail_data  # Optionally provided by ComputeExtraConfigPre
273
+          - cisco_aci_data # Optionally provided by ComputeExtraConfigPre
274
+        merge_behavior: deeper
275
+        datafiles:
276
+          service_names:
277
+            service_names: {get_param: ServiceNames}
278
+            sensu::subscriptions: {get_param: MonitoringSubscriptions}
279
+          service_configs:
280
+            map_replace:
281
+              - {get_param: ServiceConfigSettings}
282
+              - values: {get_attr: [NetIpMap, net_ip_map]}
283
+          compute_extraconfig: {get_param: NovaComputeExtraConfig}
284
+          extraconfig: {get_param: ExtraConfig}
285
+          compute:
286
+            tripleo::packages::enable_upgrade: {get_input: enable_package_upgrade}
293 287
 
294 288
   NovaComputeDeployment:
295 289
     type: OS::TripleO::SoftwareDeployment

+ 43
- 49
puppet/controller-role.yaml View File

@@ -299,57 +299,51 @@ resources:
299 299
   ControllerConfig:
300 300
     type: OS::Heat::StructuredConfig
301 301
     properties:
302
-      group: os-apply-config
302
+      group: hiera
303 303
       config:
304
-        hiera:
305
-          hierarchy:
306
-            - '"%{::uuid}"'
307
-            - heat_config_%{::deploy_config_name}
308
-            - controller_extraconfig
309
-            - extraconfig
310
-            - service_configs
311
-            - service_names
312
-            - controller
313
-            - bootstrap_node # provided by BootstrapNodeConfig
314
-            - all_nodes # provided by allNodesConfig
315
-            - vip_data # provided by allNodesConfig
316
-            - '"%{::osfamily}"'
317
-            - cinder_dellsc_data # Optionally provided by ControllerExtraConfigPre
318
-            - cinder_netapp_data # Optionally provided by ControllerExtraConfigPre
319
-            - cinder_eqlx_data # Optionally provided by ControllerExtraConfigPre
320
-            - neutron_bigswitch_data # Optionally provided by ControllerExtraConfigPre
321
-            - neutron_cisco_data # Optionally provided by ControllerExtraConfigPre
322
-            - cisco_n1kv_data # Optionally provided by ControllerExtraConfigPre
323
-            - midonet_data #Optionally provided by AllNodesExtraConfig
324
-            - cisco_aci_data # Optionally provided by ControllerExtraConfigPre
325
-          merge_behavior: deeper
326
-          datafiles:
327
-            service_names:
328
-              mapped_data:
329
-                service_names: {get_param: ServiceNames}
330
-                sensu::subscriptions: {get_param: MonitoringSubscriptions}
331
-            service_configs:
332
-              mapped_data:
333
-                map_replace:
334
-                  - {get_param: ServiceConfigSettings}
335
-                  - values: {get_attr: [NetIpMap, net_ip_map]}
336
-            controller_extraconfig:
337
-              mapped_data:
338
-                map_merge:
339
-                  - {get_param: controllerExtraConfig}
340
-                  - {get_param: ControllerExtraConfig}
341
-            extraconfig:
342
-              mapped_data: {get_param: ExtraConfig}
343
-            controller:
344
-              mapped_data: # data supplied directly to this deployment configuration, etc
345
-                bootstack_nodeid: {get_input: bootstack_nodeid}
304
+        hierarchy:
305
+          - '"%{::uuid}"'
306
+          - heat_config_%{::deploy_config_name}
307
+          - controller_extraconfig
308
+          - extraconfig
309
+          - service_configs
310
+          - service_names
311
+          - controller
312
+          - bootstrap_node # provided by BootstrapNodeConfig
313
+          - all_nodes # provided by allNodesConfig
314
+          - vip_data # provided by allNodesConfig
315
+          - '"%{::osfamily}"'
316
+          - cinder_dellsc_data # Optionally provided by ControllerExtraConfigPre
317
+          - cinder_netapp_data # Optionally provided by ControllerExtraConfigPre
318
+          - cinder_eqlx_data # Optionally provided by ControllerExtraConfigPre
319
+          - neutron_bigswitch_data # Optionally provided by ControllerExtraConfigPre
320
+          - neutron_cisco_data # Optionally provided by ControllerExtraConfigPre
321
+          - cisco_n1kv_data # Optionally provided by ControllerExtraConfigPre
322
+          - midonet_data #Optionally provided by AllNodesExtraConfig
323
+          - cisco_aci_data # Optionally provided by ControllerExtraConfigPre
324
+        merge_behavior: deeper
325
+        datafiles:
326
+          service_names:
327
+            service_names: {get_param: ServiceNames}
328
+            sensu::subscriptions: {get_param: MonitoringSubscriptions}
329
+          service_configs:
330
+            map_replace:
331
+              - {get_param: ServiceConfigSettings}
332
+              - values: {get_attr: [NetIpMap, net_ip_map]}
333
+          controller_extraconfig:
334
+            map_merge:
335
+              - {get_param: controllerExtraConfig}
336
+              - {get_param: ControllerExtraConfig}
337
+          extraconfig: {get_param: ExtraConfig}
338
+          controller:
339
+            # data supplied directly to this deployment configuration, etc
340
+            bootstack_nodeid: {get_input: bootstack_nodeid}
341
+            # Pacemaker
342
+            enable_load_balancer: {get_input: enable_load_balancer}
346 343
 
347
-                # Pacemaker
348
-                enable_load_balancer: {get_input: enable_load_balancer}
349
-
350
-                # Misc
351
-                tripleo::haproxy::service_certificate: {get_attr: [NodeTLSData, deployed_ssl_certificate_path]}
352
-                tripleo::packages::enable_upgrade: {get_input: enable_package_upgrade}
344
+            # Misc
345
+            tripleo::haproxy::service_certificate: {get_attr: [NodeTLSData, deployed_ssl_certificate_path]}
346
+            tripleo::packages::enable_upgrade: {get_input: enable_package_upgrade}
353 347
 
354 348
   # Hook for site-specific additional pre-deployment config, e.g extra hieradata
355 349
   ControllerExtraConfigPre:

+ 26
- 33
puppet/objectstorage-role.yaml View File

@@ -228,40 +228,33 @@ resources:
228 228
   SwiftStorageHieraConfig:
229 229
     type: OS::Heat::StructuredConfig
230 230
     properties:
231
-      group: os-apply-config
231
+      group: hiera
232 232
       config:
233
-        hiera:
234
-          hierarchy:
235
-            - '"%{::uuid}"'
236
-            - heat_config_%{::deploy_config_name}
237
-            - object_extraconfig
238
-            - extraconfig
239
-            - service_names
240
-            - service_configs
241
-            - object
242
-            - bootstrap_node # provided by allNodesConfig
243
-            - all_nodes # provided by allNodesConfig
244
-            - vip_data # provided by allNodesConfig
245
-            - '"%{::osfamily}"'
246
-          merge_behavior: deeper
247
-          datafiles:
248
-            service_names:
249
-              mapped_data:
250
-                service_names: {get_param: ServiceNames}
251
-                sensu::subscriptions: {get_param: MonitoringSubscriptions}
252
-            service_configs:
253
-              mapped_data:
254
-                map_replace:
255
-                  - {get_param: ServiceConfigSettings}
256
-                  - values: {get_attr: [NetIpMap, net_ip_map]}
257
-            object_extraconfig:
258
-              mapped_data: {get_param: ObjectStorageExtraConfig}
259
-            extraconfig:
260
-              mapped_data: {get_param: ExtraConfig}
261
-            object:
262
-              mapped_data: # data supplied directly to this deployment configuration, etc
263
-                tripleo::packages::enable_upgrade: {get_input: enable_package_upgrade}
264
-
233
+        hierarchy:
234
+          - '"%{::uuid}"'
235
+          - heat_config_%{::deploy_config_name}
236
+          - object_extraconfig
237
+          - extraconfig
238
+          - service_names
239
+          - service_configs
240
+          - object
241
+          - bootstrap_node # provided by allNodesConfig
242
+          - all_nodes # provided by allNodesConfig
243
+          - vip_data # provided by allNodesConfig
244
+          - '"%{::osfamily}"'
245
+        merge_behavior: deeper
246
+        datafiles:
247
+          service_names:
248
+            service_names: {get_param: ServiceNames}
249
+            sensu::subscriptions: {get_param: MonitoringSubscriptions}
250
+          service_configs:
251
+            map_replace:
252
+              - {get_param: ServiceConfigSettings}
253
+              - values: {get_attr: [NetIpMap, net_ip_map]}
254
+          object_extraconfig: {get_param: ObjectStorageExtraConfig}
255
+          extraconfig: {get_param: ExtraConfig}
256
+          object:
257
+            tripleo::packages::enable_upgrade: {get_input: enable_package_upgrade}
265 258
 
266 259
   SwiftStorageHieraDeploy:
267 260
     type: OS::Heat::StructuredDeployment

+ 28
- 34
puppet/role.role.j2.yaml View File

@@ -250,41 +250,35 @@ resources:
250 250
   {{role}}Config:
251 251
     type: OS::Heat::StructuredConfig
252 252
     properties:
253
-      group: os-apply-config
253
+      group: hiera
254 254
       config:
255
-        hiera:
256
-          hierarchy:
257
-            - '"%{::uuid}"'
258
-            - heat_config_%{::deploy_config_name}
259
-            - {{role.lower()}}_extraconfig
260
-            - extraconfig
261
-            - service_names
262
-            - service_configs
263
-            - {{role.lower()}}
264
-            - bootstrap_node # provided by allNodesConfig
265
-            - all_nodes # provided by allNodesConfig
266
-            - vip_data # provided by allNodesConfig
267
-            - '"%{::osfamily}"'
268
-          merge_behavior: deeper
269
-          datafiles:
270
-            service_names:
271
-              mapped_data:
272
-                service_names: {get_param: ServiceNames}
273
-                sensu::subscriptions: {get_param: MonitoringSubscriptions}
274
-            service_configs:
275
-              mapped_data:
276
-                map_replace:
277
-                  - {get_param: ServiceConfigSettings}
278
-                  - values: {get_attr: [NetIpMap, net_ip_map]}
279
-            {{role.lower()}}_extraconfig:
280
-              mapped_data: {get_param: {{role}}ExtraConfig}
281
-            extraconfig:
282
-              mapped_data: {get_param: ExtraConfig}
283
-            {{role.lower()}}:
284
-              mapped_data:
285
-                tripleo::packages::enable_upgrade: {get_input: enable_package_upgrade}
286
-                tripleo::profile::base::logging::fluentd::fluentd_sources: {get_param: LoggingSources}
287
-                tripleo::profile::base::logging::fluentd::fluentd_groups: {get_param: LoggingGroups}
255
+        hierarchy:
256
+          - '"%{::uuid}"'
257
+          - heat_config_%{::deploy_config_name}
258
+          - {{role.lower()}}_extraconfig
259
+          - extraconfig
260
+          - service_names
261
+          - service_configs
262
+          - {{role.lower()}}
263
+          - bootstrap_node # provided by allNodesConfig
264
+          - all_nodes # provided by allNodesConfig
265
+          - vip_data # provided by allNodesConfig
266
+          - '"%{::osfamily}"'
267
+        merge_behavior: deeper
268
+        datafiles:
269
+          service_names:
270
+            service_names: {get_param: ServiceNames}
271
+            sensu::subscriptions: {get_param: MonitoringSubscriptions}
272
+          service_configs:
273
+            map_replace:
274
+              - {get_param: ServiceConfigSettings}
275
+              - values: {get_attr: [NetIpMap, net_ip_map]}
276
+          {{role.lower()}}_extraconfig: {get_param: {{role}}ExtraConfig}
277
+          extraconfig: {get_param: ExtraConfig}
278
+          {{role.lower()}}:
279
+            tripleo::packages::enable_upgrade: {get_input: enable_package_upgrade}
280
+            tripleo::profile::base::logging::fluentd::fluentd_sources: {get_param: LoggingSources}
281
+            tripleo::profile::base::logging::fluentd::fluentd_groups: {get_param: LoggingGroups}
288 282
 
289 283
   # Resource for site-specific injection of root certificate
290 284
   NodeTLSCAData:

+ 2
- 2
puppet/services/aodh-api.yaml View File

@@ -55,7 +55,7 @@ outputs:
55 55
             aodh::wsgi::apache::servername:
56 56
               str_replace:
57 57
                 template:
58
-                  '"%{::fqdn_$NETWORK}"'
58
+                  '%{::fqdn_$NETWORK}'
59 59
                 params:
60 60
                   $NETWORK: {get_param: [ServiceNetMap, AodhApiNetwork]}
61 61
             aodh::api::service_name: 'httpd'
@@ -68,7 +68,7 @@ outputs:
68 68
             aodh::api::host:
69 69
               str_replace:
70 70
                 template:
71
-                  '"%{::fqdn_$NETWORK}"'
71
+                  '%{::fqdn_$NETWORK}'
72 72
                 params:
73 73
                   $NETWORK: {get_param: [ServiceNetMap, AodhApiNetwork]}
74 74
             # NOTE: bind IP is found in Heat replacing the network name with the

+ 2
- 2
puppet/services/barbican-api.yaml View File

@@ -24,7 +24,7 @@ parameters:
24 24
     hidden: true
25 25
   BarbicanWorkers:
26 26
     description: Set the number of workers for barbican::wsgi::apache
27
-    default: '"%{::processorcount}"'
27
+    default: '%{::processorcount}'
28 28
     type: string
29 29
   Debug:
30 30
     default: ''
@@ -93,7 +93,7 @@ outputs:
93 93
             barbican::wsgi::apache::servername:
94 94
               str_replace:
95 95
                 template:
96
-                  '"%{::fqdn_$NETWORK}"'
96
+                  '%{::fqdn_$NETWORK}'
97 97
                 params:
98 98
                   $NETWORK: {get_param: [ServiceNetMap, BarbicanApiNetwork]}
99 99
             barbican::db::database_connection:

+ 2
- 2
puppet/services/ceilometer-api.yaml View File

@@ -75,7 +75,7 @@ outputs:
75 75
             ceilometer::api::host:
76 76
               str_replace:
77 77
                 template:
78
-                  '"%{::fqdn_$NETWORK}"'
78
+                  '%{::fqdn_$NETWORK}'
79 79
                 params:
80 80
                   $NETWORK: {get_param: [ServiceNetMap, CeilometerApiNetwork]}
81 81
             ceilometer::wsgi::apache::bind_host: {get_param: [ServiceNetMap, CeilometerApiNetwork]}
@@ -83,7 +83,7 @@ outputs:
83 83
             ceilometer::wsgi::apache::servername:
84 84
               str_replace:
85 85
                 template:
86
-                  '"%{::fqdn_$NETWORK}"'
86
+                  '%{::fqdn_$NETWORK}'
87 87
                 params:
88 88
                   $NETWORK: {get_param: [ServiceNetMap, CeilometerApiNetwork]}
89 89
       service_config_settings:

+ 25
- 28
puppet/services/ceph-base.yaml View File

@@ -119,36 +119,33 @@ outputs:
119 119
               NETWORK: {get_param: [ServiceNetMap, CephMonNetwork]}
120 120
         ceph::profile::params::public_addr: {get_param: [ServiceNetMap, CephMonNetwork]}
121 121
         ceph::profile::params::client_keys:
122
-          str_replace:
123
-            template: "{
124
-              client.admin: {
125
-                secret: 'ADMIN_KEY',
126
-                mode: '0600',
127
-                cap_mon: 'allow *',
128
-                cap_osd: 'allow *',
122
+          map_replace:
123
+            - client.admin:
124
+                secret: {get_param: CephAdminKey}
125
+                mode: '0600'
126
+                cap_mon: 'allow *'
127
+                cap_osd: 'allow *'
129 128
                 cap_mds: 'allow *'
130
-              },
131
-              client.bootstrap-osd: {
132
-                secret: 'ADMIN_KEY',
133
-                keyring_path: '/var/lib/ceph/bootstrap-osd/ceph.keyring',
129
+              client.bootstrap-osd:
130
+                secret: {get_param: CephAdminKey}
131
+                keyring_path: '/var/lib/ceph/bootstrap-osd/ceph.keyring'
134 132
                 cap_mon: 'allow profile bootstrap-osd'
135
-              },
136
-              client.CLIENT_USER: {
137
-                secret: 'CLIENT_KEY',
138
-                mode: '0644',
139
-                cap_mon: 'allow r',
140
-                cap_osd: 'allow class-read object_prefix rbd_children, allow rwx pool=CINDER_POOL, allow rwx pool=CINDERBACKUP_POOL, allow rwx pool=NOVA_POOL, allow rwx pool=GLANCE_POOL, allow rwx pool=GNOCCHI_POOL'
141
-              }
142
-            }"
143
-            params:
144
-              CLIENT_USER: {get_param: CephClientUserName}
145
-              CLIENT_KEY: {get_param: CephClientKey}
146
-              ADMIN_KEY: {get_param: CephAdminKey}
147
-              NOVA_POOL: {get_param: NovaRbdPoolName}
148
-              CINDER_POOL: {get_param: CinderRbdPoolName}
149
-              CINDERBACKUP_POOL: {get_param: CinderBackupRbdPoolName}
150
-              GLANCE_POOL: {get_param: GlanceRbdPoolName}
151
-              GNOCCHI_POOL: {get_param: GnocchiRbdPoolName}
133
+              CEPH_CLIENT_KEY:
134
+                secret: {get_param: CephClientKey}
135
+                mode: '0644'
136
+                cap_mon: 'allow r'
137
+                cap_osd:
138
+                  str_replace:
139
+                    template: 'allow class-read object_prefix rbd_children, allow rwx pool=CINDER_POOL, allow rwx pool=CINDERBACKUP_POOL, allow rwx pool=NOVA_POOL, allow rwx pool=GLANCE_POOL, allow rwx pool=GNOCCHI_POOL'
140
+                    params:
141
+                      NOVA_POOL: {get_param: NovaRbdPoolName}
142
+                      CINDER_POOL: {get_param: CinderRbdPoolName}
143
+                      CINDERBACKUP_POOL: {get_param: CinderBackupRbdPoolName}
144
+                      GLANCE_POOL: {get_param: GlanceRbdPoolName}
145
+                      GNOCCHI_POOL: {get_param: GnocchiRbdPoolName}
146
+            - keys:
147
+                CEPH_CLIENT_KEY:
148
+                  list_join: ['.', ['client', {get_param: CephClientUserName}]]
152 149
       service_config_settings:
153 150
         glance_api:
154 151
           glance::api::show_multiple_locations: {if: [glance_multiple_locations, true, false]}

+ 3
- 3
puppet/services/cinder-api.yaml View File

@@ -42,7 +42,7 @@ parameters:
42 42
   CinderWorkers:
43 43
     type: string
44 44
     description: Set the number of workers for cinder::wsgi::apache
45
-    default: '"%{::os_workers}"'
45
+    default: '%{::os_workers}'
46 46
   EnableInternalTLS:
47 47
     type: boolean
48 48
     default: false
@@ -101,7 +101,7 @@ outputs:
101 101
             cinder::api::bind_host:
102 102
               str_replace:
103 103
                 template:
104
-                  '"%{::fqdn_$NETWORK}"'
104
+                  '%{::fqdn_$NETWORK}'
105 105
                 params:
106 106
                   $NETWORK: {get_param: [ServiceNetMap, CinderApiNetwork]}
107 107
             cinder::wsgi::apache::ssl: {get_param: EnableInternalTLS}
@@ -115,7 +115,7 @@ outputs:
115 115
             cinder::wsgi::apache::servername:
116 116
               str_replace:
117 117
                 template:
118
-                  '"%{::fqdn_$NETWORK}"'
118
+                  '%{::fqdn_$NETWORK}'
119 119
                 params:
120 120
                   $NETWORK: {get_param: [ServiceNetMap, CinderApiNetwork]}
121 121
           -

+ 1
- 1
puppet/services/database/mysql.yaml View File

@@ -87,7 +87,7 @@ outputs:
87 87
             tripleo::profile::base::database::mysql::bind_address:
88 88
               str_replace:
89 89
                 template:
90
-                  '"%{::fqdn_$NETWORK}"'
90
+                  '%{::fqdn_$NETWORK}'
91 91
                 params:
92 92
                   $NETWORK: {get_param: [ServiceNetMap, MysqlNetwork]}
93 93
       step_config: |

+ 2
- 2
puppet/services/database/redis-base.yaml View File

@@ -39,6 +39,6 @@ outputs:
39 39
         # internal_api_subnet - > IP/CIDR
40 40
         redis::bind: {get_param: [ServiceNetMap, RedisNetwork]}
41 41
         redis::port: 6379
42
-        redis::sentinel::master_name: '"%{hiera(\"bootstrap_nodeid\")}"'
43
-        redis::sentinel::redis_host: '"%{hiera(\"bootstrap_nodeid_ip\")}"'
42
+        redis::sentinel::master_name: "%{hiera('bootstrap_nodeid')}"
43
+        redis::sentinel::redis_host: "%{hiera('bootstrap_nodeid_ip')}"
44 44
         redis::sentinel::notification_script: '/usr/local/bin/redis-notifications.sh'

+ 2
- 2
puppet/services/gnocchi-api.yaml View File

@@ -91,7 +91,7 @@ outputs:
91 91
             gnocchi::wsgi::apache::servername:
92 92
               str_replace:
93 93
                 template:
94
-                  '"%{::fqdn_$NETWORK}"'
94
+                  '%{::fqdn_$NETWORK}'
95 95
                 params:
96 96
                   $NETWORK: {get_param: [ServiceNetMap, GnocchiApiNetwork]}
97 97
             tripleo::profile::base::gnocchi::api::gnocchi_backend: {get_param: GnocchiBackend}
@@ -105,7 +105,7 @@ outputs:
105 105
             gnocchi::api::host:
106 106
               str_replace:
107 107
                 template:
108
-                  '"%{::fqdn_$NETWORK}"'
108
+                  '%{::fqdn_$NETWORK}'
109 109
                 params:
110 110
                   $NETWORK: {get_param: [ServiceNetMap, GnocchiApiNetwork]}
111 111
 

+ 1
- 1
puppet/services/ironic-conductor.yaml View File

@@ -68,7 +68,7 @@ outputs:
68 68
               list_join:
69 69
                 - ''
70 70
                 - - 'http://'
71
-                  - '%{hiera("ironic_conductor_http_host")}:'
71
+                  - "%{hiera('ironic_conductor_http_host')}:"
72 72
                   - {get_param: IronicIPXEPort}
73 73
             ironic::drivers::pxe::ipxe_enabled: {get_param: IronicIPXEEnabled}
74 74
             ironic::glance_api_servers: {get_param: [EndpointMap, GlanceInternal, uri]}

+ 20
- 6
puppet/services/keepalived.yaml View File

@@ -1,4 +1,4 @@
1
-heat_template_version: 2016-04-08
1
+heat_template_version: 2016-10-14
2 2
 
3 3
 description: >
4 4
   Keepalived service configured with Puppet
@@ -36,6 +36,11 @@ parameters:
36 36
     default: 'overcloud-keepalived'
37 37
     type: string
38 38
 
39
+conditions:
40
+
41
+  control_iface_empty: {equals : [{get_param: ControlVirtualInterface}, '']}
42
+  public_iface_empty: {equals : [{get_param: PublicVirtualInterface}, '']}
43
+
39 44
 outputs:
40 45
   role_data:
41 46
     description: Role data for the Keepalived role.
@@ -43,10 +48,19 @@ outputs:
43 48
       service_name: keepalived
44 49
       monitoring_subscription: {get_param: MonitoringSubscriptionKeepalived}
45 50
       config_settings:
46
-        tripleo::keepalived::control_virtual_interface: {get_param: ControlVirtualInterface}
47
-        tripleo::keepalived::public_virtual_interface: {get_param: PublicVirtualInterface}
48
-        tripleo.keepalived.firewall_rules:
49
-          '106 keepalived vrrp':
50
-            proto: vrrp
51
+        map_merge:
52
+        - tripleo.keepalived.firewall_rules:
53
+            '106 keepalived vrrp':
54
+              proto: vrrp
55
+        - 
56
+          if:
57
+          - control_iface_empty
58
+          - {}
59
+          - tripleo::keepalived::control_virtual_interface: {get_param: ControlVirtualInterface}
60
+        - 
61
+          if:
62
+          - public_iface_empty
63
+          - {}
64
+          - tripleo::keepalived::public_virtual_interface: {get_param: PublicVirtualInterface}
51 65
       step_config: |
52 66
         include ::tripleo::profile::base::keepalived

+ 5
- 5
puppet/services/keystone.yaml View File

@@ -89,7 +89,7 @@ parameters:
89 89
   KeystoneWorkers:
90 90
     type: string
91 91
     description: Set the number of workers for keystone::wsgi::apache
92
-    default: '"%{::os_workers}"'
92
+    default: '%{::os_workers}'
93 93
   MonitoringSubscriptionKeystone:
94 94
     default: 'overcloud-keystone'
95 95
     type: string
@@ -195,13 +195,13 @@ outputs:
195 195
             keystone::wsgi::apache::servername:
196 196
               str_replace:
197 197
                 template:
198
-                  '"%{::fqdn_$NETWORK}"'
198
+                  '%{::fqdn_$NETWORK}'
199 199
                 params:
200 200
                   $NETWORK: {get_param: [ServiceNetMap, KeystonePublicApiNetwork]}
201 201
             keystone::wsgi::apache::servername_admin:
202 202
               str_replace:
203 203
                 template:
204
-                  '"%{::fqdn_$NETWORK}"'
204
+                  '%{::fqdn_$NETWORK}'
205 205
                 params:
206 206
                   $NETWORK: {get_param: [ServiceNetMap, KeystoneAdminApiNetwork]}
207 207
             keystone::wsgi::apache::workers: {get_param: KeystoneWorkers}
@@ -219,13 +219,13 @@ outputs:
219 219
             keystone::admin_bind_host:
220 220
               str_replace:
221 221
                 template:
222
-                  '"%{::fqdn_$NETWORK}"'
222
+                  '%{::fqdn_$NETWORK}'
223 223
                 params:
224 224
                   $NETWORK: {get_param: [ServiceNetMap, KeystoneAdminApiNetwork]}
225 225
             keystone::public_bind_host:
226 226
               str_replace:
227 227
                 template:
228
-                  '"%{::fqdn_$NETWORK}"'
228
+                  '%{::fqdn_$NETWORK}'
229 229
                 params:
230 230
                   $NETWORK: {get_param: [ServiceNetMap, KeystonePublicApiNetwork]}
231 231
             # NOTE: bind IP is found in Heat replacing the network name with the

+ 2
- 6
puppet/services/neutron-base.yaml View File

@@ -84,16 +84,12 @@ outputs:
84 84
         neutron::rabbit_port: {get_param: RabbitClientPort}
85 85
         neutron::dhcp_agents_per_network: {get_param: NeutronDhcpAgentsPerNetwork}
86 86
         neutron::core_plugin: {get_param: NeutronCorePlugin}
87
-        neutron::service_plugins:
88
-          str_replace:
89
-            template: PLUGINS
90
-            params:
91
-              PLUGINS: {get_param: NeutronServicePlugins}
87
+        neutron::service_plugins: {get_param: NeutronServicePlugins}
92 88
         neutron::debug: {get_param: Debug}
93 89
         neutron::purge_config: {get_param: EnableConfigPurge}
94 90
         neutron::allow_overlapping_ips: true
95 91
         neutron::rabbit_heartbeat_timeout_threshold: 60
96
-        neutron::host: '"%{::fqdn}"'    #NOTE: extra quoting is needed
92
+        neutron::host: '%{::fqdn}'
97 93
         neutron::db::database_db_max_retries: -1
98 94
         neutron::db::database_max_retries: -1
99 95
         neutron::global_physnet_mtu: {get_param: NeutronGlobalPhysnetMtu}

+ 1
- 1
puppet/services/neutron-metadata.yaml View File

@@ -72,6 +72,6 @@ outputs:
72 72
             neutron::agents::metadata::auth_password: {get_param: NeutronPassword}
73 73
             neutron::agents::metadata::auth_url: { get_param: [EndpointMap, KeystoneAdmin, uri_no_suffix] }
74 74
             neutron::agents::metadata::auth_tenant: 'service'
75
-            neutron::agents::metadata::metadata_ip: '"%{hiera(\"nova_metadata_vip\")}"'
75
+            neutron::agents::metadata::metadata_ip: "%{hiera('nova_metadata_vip')}"
76 76
       step_config: |
77 77
         include tripleo::profile::base::neutron::metadata

+ 3
- 15
puppet/services/neutron-ovs-agent.yaml View File

@@ -94,21 +94,9 @@ outputs:
94 94
           - neutron::agents::ml2::ovs::l2_population: {get_param: NeutronEnableL2Pop}
95 95
             neutron::agents::ml2::ovs::enable_distributed_routing: {get_param: NeutronEnableDVR}
96 96
             neutron::agents::ml2::ovs::arp_responder: {get_param: NeutronEnableARPResponder}
97
-            neutron::agents::ml2::ovs::bridge_mappings:
98
-              str_replace:
99
-                template: MAPPINGS
100
-                params:
101
-                  MAPPINGS: {get_param: NeutronBridgeMappings}
102
-            neutron::agents::ml2::ovs::tunnel_types:
103
-              str_replace:
104
-                template: TYPES
105
-                params:
106
-                  TYPES: {get_param: NeutronTunnelTypes}
107
-            neutron::agents::ml2::ovs::extensions:
108
-              str_replace:
109
-                template: AGENT_EXTENSIONS
110
-                params:
111
-                  AGENT_EXTENSIONS: {get_param: NeutronAgentExtensions}
97
+            neutron::agents::ml2::ovs::bridge_mappings: {get_param: NeutronBridgeMappings}
98
+            neutron::agents::ml2::ovs::tunnel_types: {get_param: NeutronTunnelTypes}
99
+            neutron::agents::ml2::ovs::extensions: {get_param: NeutronAgentExtensions}
112 100
             # NOTE: bind IP is found in Heat replacing the network name with the
113 101
             # local node IP for the given network; replacement examples
114 102
             # (eg. for internal_api):

+ 8
- 40
puppet/services/neutron-plugin-ml2.yaml View File

@@ -83,46 +83,14 @@ outputs:
83 83
       config_settings:
84 84
         map_merge:
85 85
           - get_attr: [NeutronBase, role_data, config_settings]
86
-          - neutron::plugins::ml2::mechanism_drivers:
87
-              str_replace:
88
-                template: MECHANISMS
89
-                params:
90
-                  MECHANISMS: {get_param: NeutronMechanismDrivers}
91
-            neutron::plugins::ml2::type_drivers:
92
-              str_replace:
93
-                template: DRIVERS
94
-                params:
95
-                  DRIVERS: {get_param: NeutronTypeDrivers}
96
-            neutron::plugins::ml2::flat_networks:
97
-              str_replace:
98
-                template: NETWORKS
99
-                params:
100
-                  NETWORKS: {get_param: NeutronFlatNetworks}
101
-            neutron::plugins::ml2::extension_drivers:
102
-              str_replace:
103
-                template: PLUGIN_EXTENSIONS
104
-                params:
105
-                  PLUGIN_EXTENSIONS: {get_param: NeutronPluginExtensions}
106
-            neutron::plugins::ml2::network_vlan_ranges:
107
-              str_replace:
108
-                template: RANGES
109
-                params:
110
-                  RANGES: {get_param: NeutronNetworkVLANRanges}
111
-            neutron::plugins::ml2::tunnel_id_ranges:
112
-              str_replace:
113
-                template: RANGES
114
-                params:
115
-                  RANGES: {get_param: NeutronTunnelIdRanges}
116
-            neutron::plugins::ml2::vni_ranges:
117
-              str_replace:
118
-                template: RANGES
119
-                params:
120
-                  RANGES: {get_param: NeutronVniRanges}
121
-            neutron::plugins::ml2::tenant_network_types:
122
-              str_replace:
123
-                template: TYPES
124
-                params:
125
-                  TYPES: {get_param: NeutronNetworkType}
86
+          - neutron::plugins::ml2::mechanism_drivers: {get_param: NeutronMechanismDrivers}
87
+            neutron::plugins::ml2::type_drivers: {get_param: NeutronTypeDrivers}
88
+            neutron::plugins::ml2::flat_networks: {get_param: NeutronFlatNetworks}
89
+            neutron::plugins::ml2::extension_drivers: {get_param: NeutronPluginExtensions}
90
+            neutron::plugins::ml2::network_vlan_ranges: {get_param: NeutronNetworkVLANRanges}
91
+            neutron::plugins::ml2::tunnel_id_ranges: {get_param: NeutronTunnelIdRanges}
92
+            neutron::plugins::ml2::vni_ranges: {get_param: NeutronVniRanges}
93
+            neutron::plugins::ml2::tenant_network_types: {get_param: NeutronNetworkType}
126 94
             neutron::plugins::ml2::supported_pci_vendor_devs: {get_param: NeutronSupportedPCIVendorDevs}
127 95
 
128 96
       step_config: |

+ 4
- 4
puppet/services/nova-api.yaml View File

@@ -87,8 +87,8 @@ outputs:
87 87
         map_merge:
88 88
         - get_attr: [NovaBase, role_data, config_settings]
89 89
         - get_attr: [ApacheServiceBase, role_data, config_settings]
90
-        - nova::cron::archive_deleted_rows::hour: '"*/12"'
91
-          nova::cron::archive_deleted_rows::destination: '"/dev/null"'
90
+        - nova::cron::archive_deleted_rows::hour: '*/12'
91
+          nova::cron::archive_deleted_rows::destination: '/dev/null'
92 92
           tripleo.nova_api.firewall_rules:
93 93
             '113 nova_api':
94 94
               dport:
@@ -108,7 +108,7 @@ outputs:
108 108
           nova::api::api_bind_address:
109 109
             str_replace:
110 110
               template:
111
-                '"%{::fqdn_$NETWORK}"'
111
+                '%{::fqdn_$NETWORK}'
112 112
               params:
113 113
                 $NETWORK: {get_param: [ServiceNetMap, NovaApiNetwork]}
114 114
           nova::api::service_name: 'httpd'
@@ -122,7 +122,7 @@ outputs:
122 122
           nova::wsgi::apache::servername:
123 123
             str_replace:
124 124
               template:
125
-                '"%{::fqdn_$NETWORK}"'
125
+                '%{::fqdn_$NETWORK}'
126 126
               params:
127 127
                 $NETWORK: {get_param: [ServiceNetMap, NovaApiNetwork]}
128 128
           nova::api::neutron_metadata_proxy_shared_secret: {get_param: NeutronMetadataProxySharedSecret}

+ 1
- 1
puppet/services/nova-base.yaml View File

@@ -109,7 +109,7 @@ outputs:
109 109
           nova::network::neutron::neutron_auth_url: {get_param: [EndpointMap, KeystoneV3Admin, uri]}
110 110
           nova::rabbit_heartbeat_timeout_threshold: 60
111 111
           nova::cinder_catalog_info: 'volumev2:cinderv2:internalURL'
112
-          nova::host: '"%{::fqdn}"'    # NOTE: extra quoting is needed.
112
+          nova::host: '%{::fqdn}'
113 113
           nova::notify_on_state_change: 'vm_and_task_state'
114 114
           nova::notification_driver: messagingv2
115 115
           nova::network::neutron::neutron_auth_type: 'v3password'

+ 3
- 7
puppet/services/nova-compute.yaml View File

@@ -52,7 +52,7 @@ parameters:
52 52
       For different formats, refer to the nova.conf documentation for
53 53
       pci_passthrough_whitelist configuration
54 54
     type: json
55
-    default: ''
55
+    default: {}
56 56
   NovaVcpuPinSet:
57 57
     description: >
58 58
       A list or range of physical CPU cores to reserve for virtual machine
@@ -97,11 +97,7 @@ outputs:
97 97
         map_merge:
98 98
           - get_attr: [NovaBase, role_data, config_settings]
99 99
           - nova::compute::libvirt::manage_libvirt_services: false
100
-            nova::compute::pci_passthrough:
101
-              str_replace:
102
-                template: "'JSON_PARAM'"
103
-                params:
104
-                  JSON_PARAM: {get_param: NovaPCIPassthrough}
100
+            nova::compute::pci_passthrough: {get_param: NovaPCIPassthrough}
105 101
             nova::compute::vcpu_pin_set: {get_param: NovaVcpuPinSet}
106 102
             nova::compute::reserved_host_memory: {get_param: NovaReservedHostMemory}
107 103
             # we manage migration in nova common puppet profile
@@ -117,7 +113,7 @@ outputs:
117 113
               - '.'
118 114
               - - 'client'
119 115
                 - {get_param: CephClientUserName}
120
-            nova::compute::rbd::libvirt_rbd_secret_uuid: '"%{hiera(\"ceph::profile::params::fsid\")}"'
116
+            nova::compute::rbd::libvirt_rbd_secret_uuid: "%{hiera('ceph::profile::params::fsid')}"
121 117
             nova::compute::instance_usage_audit: true
122 118
             nova::compute::instance_usage_audit_period: 'hour'
123 119
             nova::compute::rbd::ephemeral_storage: {get_param: NovaEnableRbdBackend}

+ 1
- 1
puppet/services/pacemaker/database/mysql.yaml View File

@@ -40,7 +40,7 @@ outputs:
40 40
           - tripleo::profile::pacemaker::database::mysql::bind_address:
41 41
               str_replace:
42 42
                 template:
43
-                  '"%{::fqdn_$NETWORK}"'
43
+                  '%{::fqdn_$NETWORK}'
44 44
                 params:
45 45
                   $NETWORK: {get_param: [ServiceNetMap, MysqlNetwork]}
46 46
             # NOTE: bind IP is found in Heat replacing the network name with the

+ 2
- 2
puppet/services/panko-api.yaml View File

@@ -55,7 +55,7 @@ outputs:
55 55
             panko::wsgi::apache::servername:
56 56
               str_replace:
57 57
                 template:
58
-                  '"%{::fqdn_$NETWORK}"'
58
+                  '%{::fqdn_$NETWORK}'
59 59
                 params:
60 60
                   $NETWORK: {get_param: [ServiceNetMap, PankoApiNetwork]}
61 61
             panko::api::service_name: 'httpd'
@@ -68,7 +68,7 @@ outputs:
68 68
             panko::api::host:
69 69
               str_replace:
70 70
                 template:
71
-                  '"%{::fqdn_$NETWORK}"'
71
+                  '%{::fqdn_$NETWORK}'
72 72
                 params:
73 73
                   $NETWORK: {get_param: [ServiceNetMap, PankoApiNetwork]}
74 74
             # NOTE: bind IP is found in Heat replacing the network name with the

Loading…
Cancel
Save