openstack
/
tripleo-heat-templates
Code Issues Proposed changes

Hiera optimization: use a new hiera hook 

This patch optimizes how we deploy hiera by using a new
heat hook specifically designed to help compose hiera
within heat templates. As part of this change:

 - we update all the 'hiera' software configurations to set the group to hiera
   instead of os-apply-config.

 - The new format uses JSON instead of YAML. The hook actually writes
   out the hiera JSON directly so no conversion takes place. Arrays,
   Strings, Booleans all stay in their native formats. As such we can avoid
   having to do many of the awkward string and list conversions in t-h-t to
   support the previous YAML formatting.

 - The new hook prefers JSON over YAML so upgrading users will have the
   new files prefered. (we will post a cleanup routine for the old files
   soon but this isn't a new behavior, JSON is now simply prefered.)

 - A lot of services required edits to account for default settings that
   worked in YAML that no longer work correctly in the native JSON
   format. In almost all these cases I think the resulting codes looks
   cleaner and is more explicit with regards to what is getting
   configured in hiera on the actual nodes.

Depends-On: I6a383b1ad4ec29458569763bd3f56fd3f2bd726b
Closes-bug: #1596373

Change-Id: Ibe7e2044e200e2c947223286fdf4fd5bcf98c2e1
This commit is contained in:
Dan Prince 2016-10-10 21:09:01 -04:00
parent 9cd0c5a50c
commit 7876851011
27 changed files with 389 additions and 475 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

244
puppet/all-nodes-config.yaml
View File

@ -71,140 +71,132 @@ resources:
allNodesConfigImpl: allNodesConfigImpl:
type: OS::Heat::StructuredConfig type: OS::Heat::StructuredConfig
properties: properties:
group: os-apply-config group: hiera
config: config:
hiera: datafiles:
datafiles: bootstrap_node:
bootstrap_node: bootstrap_nodeid: {get_input: bootstrap_nodeid}
mapped_data: bootstrap_nodeid_ip: {get_input: bootstrap_nodeid_ip}
bootstrap_nodeid: {get_input: bootstrap_nodeid} all_nodes:
bootstrap_nodeid_ip: {get_input: bootstrap_nodeid_ip} map_merge:
all_nodes: - tripleo::profile::base::logging::fluentd::fluentd_sources: {get_param: logging_sources}
mapped_data: - tripleo::profile::base::logging::fluentd::fluentd_groups: {get_param: logging_groups}
map_merge: - enabled_services: {get_param: enabled_services}
- tripleo::profile::base::logging::fluentd::fluentd_sources: {get_param: logging_sources} # This writes out a mapping of service_name_enabled: 'true'
- tripleo::profile::base::logging::fluentd::fluentd_groups: {get_param: logging_groups} # For any services not enabled, hiera foo_enabled will
- enabled_services: {get_param: enabled_services} # return nil, as it's undefined
# This writes out a mapping of service_name_enabled: 'true' - map_merge:
# For any services not enabled, hiera foo_enabled will repeat:
# return nil, as it's undefined template:
- map_merge: # Note this must be string 'true' due to
repeat: # https://bugs.launchpad.net/heat/+bug/1617203
template: SERVICE_enabled: 'true'
# Note this must be string 'true' due to for_each:
# https://bugs.launchpad.net/heat/+bug/1617203 SERVICE:
SERVICE_enabled: 'true' str_split: [',', {get_param: enabled_services}]
for_each: # Dynamically generate per-service network data
SERVICE: # This works as follows (outer->inner functions)
str_split: [',', {get_param: enabled_services}] # yaql - filters services where no mapping exists in ServiceNetMap
# Dynamically generate per-service network data # map_replace: substitute e.g heat_api_network with network name from ServiceNetMap
# This works as follows (outer->inner functions) # map_merge/repeat: generate a per-service mapping
# yaql - filters services where no mapping exists in ServiceNetMap - yaql:
# map_replace: substitute e.g heat_api_network with network name from ServiceNetMap # This filters any entries where the value hasn't been substituted for
# map_merge/repeat: generate a per-service mapping # a list, e.g it's still $service_network. This happens when there is
- yaql: # no network defined for the service in the ServiceNetMap, which is OK
# This filters any entries where the value hasn't been substituted for # as not all services have to be bound to a network, so we filter them
# a list, e.g it's still $service_network. This happens when there is expression: dict($.data.map.items().where(isString($[1]) and not $[1].endsWith("_network")))
# no network defined for the service in the ServiceNetMap, which is OK data:
# as not all services have to be bound to a network, so we filter them map:
expression: dict($.data.map.items().where(isString($[1]) and not $[1].endsWith("_network"))) map_replace:
data: - map_merge:
map: repeat:
map_replace: template:
SERVICE_network: SERVICE_network
for_each:
SERVICE:
str_split: [',', {get_param: enabled_services}]
- values: {get_param: ServiceNetMap}
# Keystone doesn't provide separate entries for the public
# and admin endpoints, so we need to add them here manually
# like we do in the vip-config below
- keystone_admin_api_network: {get_param: [ServiceNetMap, keystone_admin_api_network]}
keystone_public_api_network: {get_param: [ServiceNetMap, keystone_public_api_network]}
# provides a mapping of service_name_ips to a list of IPs
- {get_param: service_ips}
- {get_param: service_node_names}
- {get_param: short_service_node_names}
- controller_node_ips:
list_join:
- ','
- {get_param: controller_ips}
controller_node_names:
list_join:
- ','
- {get_param: controller_names}
memcached_node_ips_v6:
repeat:
template: "inet6:[NAME]"
for_each:
NAME: {get_param: memcache_node_ips}
deploy_identifier: {get_param: DeployIdentifier}
update_identifier: {get_param: UpdateIdentifier}
stack_action: {get_param: StackAction}
vip_data:
map_merge:
# Dynamically generate per-service VIP data based on enabled_services
# This works as follows (outer->inner functions)
# yaql - filters services where no mapping exists in ServiceNetMap
# map_replace: substitute e.g internal_api with the IP from NetVipMap
# map_replace: substitute e.g heat_api_network with network name from ServiceNetMap
# map_merge/repeat: generate a per-service mapping
- yaql:
# This filters any entries where the value hasn't been substituted for
# a list, e.g it's still $service_network. This happens when there is
# no network defined for the service in the ServiceNetMap, which is OK
# as not all services have to be bound to a network, so we filter them
expression: dict($.data.map.items().where(isString($[1]) and not $[1].endsWith("_network")))
data:
map:
map_replace:
- map_replace:
- map_merge: - map_merge:
repeat: repeat:
template: template:
SERVICE_network: SERVICE_network SERVICE_vip: SERVICE_network
for_each: for_each:
SERVICE: SERVICE:
str_split: [',', {get_param: enabled_services}] str_split: [',', {get_param: enabled_services}]
- values: {get_param: ServiceNetMap} - values: {get_param: ServiceNetMap}
# Keystone doesn't provide separate entries for the public - values: {get_param: NetVipMap}
# and admin endpoints, so we need to add them here manually - keystone_admin_api_vip:
# like we do in the vip-config below get_param: [NetVipMap, {get_param: [ServiceNetMap, keystone_admin_api_network]}]
- keystone_admin_api_network: {get_param: [ServiceNetMap, keystone_admin_api_network]} keystone_public_api_vip:
keystone_public_api_network: {get_param: [ServiceNetMap, keystone_public_api_network]} get_param: [NetVipMap, {get_param: [ServiceNetMap, keystone_public_api_network]}]
# provides a mapping of service_name_ips to a list of IPs public_virtual_ip: {get_param: [NetVipMap, external]}
- {get_param: service_ips} controller_virtual_ip: {get_param: [NetVipMap, ctlplane]}
- {get_param: service_node_names} internal_api_virtual_ip: {get_param: [NetVipMap, internal_api]}
- {get_param: short_service_node_names} storage_virtual_ip: {get_param: [NetVipMap, storage]}
- controller_node_ips: storage_mgmt_virtual_ip: {get_param: [NetVipMap, storage_mgmt]}
list_join: redis_vip: {get_param: RedisVirtualIP}
- ',' # public_virtual_ip and controller_virtual_ip are needed in
- {get_param: controller_ips} # both HAproxy & keepalived.
controller_node_names: tripleo::haproxy::public_virtual_ip: {get_param: [NetVipMap, external]}
list_join: tripleo::haproxy::controller_virtual_ip: {get_param: [NetVipMap, ctlplane]}
- ',' tripleo::keepalived::public_virtual_ip: {get_param: [NetVipMap, external]}
- {get_param: controller_names} tripleo::keepalived::controller_virtual_ip: {get_param: [NetVipMap, ctlplane]}
memcached_node_ips_v6: tripleo::keepalived::internal_api_virtual_ip: {get_param: [NetVipMap, internal_api]}
str_replace: tripleo::keepalived::storage_virtual_ip: {get_param: [NetVipMap, storage]}
template: "['inet6:[SERVERS_LIST]']" tripleo::keepalived::storage_mgmt_virtual_ip: {get_param: [NetVipMap, storage_mgmt]}
params: tripleo::keepalived::redis_virtual_ip: {get_param: RedisVirtualIP}
SERVERS_LIST: tripleo::redis_notification::haproxy_monitor_ip: {get_param: [NetVipMap, ctlplane]}
list_join: cloud_name_external: {get_param: cloud_name_external}
- "]','inet6:[" cloud_name_internal_api: {get_param: cloud_name_internal_api}
- {get_param: memcache_node_ips} cloud_name_storage: {get_param: cloud_name_storage}
cloud_name_storage_mgmt: {get_param: cloud_name_storage_mgmt}
deploy_identifier: {get_param: DeployIdentifier} cloud_name_ctlplane: {get_param: cloud_name_ctlplane}
update_identifier: {get_param: UpdateIdentifier} # TLS parameters
stack_action: {get_param: StackAction} certmonger_ca: {get_param: CertmongerCA}
vip_data: enable_internal_tls: {get_param: EnableInternalTLS}
mapped_data:
map_merge:
# Dynamically generate per-service VIP data based on enabled_services
# This works as follows (outer->inner functions)
# yaql - filters services where no mapping exists in ServiceNetMap
# map_replace: substitute e.g internal_api with the IP from NetVipMap
# map_replace: substitute e.g heat_api_network with network name from ServiceNetMap
# map_merge/repeat: generate a per-service mapping
- yaql:
# This filters any entries where the value hasn't been substituted for
# a list, e.g it's still $service_network. This happens when there is
# no network defined for the service in the ServiceNetMap, which is OK
# as not all services have to be bound to a network, so we filter them
expression: dict($.data.map.items().where(isString($[1]) and not $[1].endsWith("_network")))
data:
map:
map_replace:
- map_replace:
- map_merge:
repeat:
template:
SERVICE_vip: SERVICE_network
for_each:
SERVICE:
str_split: [',', {get_param: enabled_services}]
- values: {get_param: ServiceNetMap}
- values: {get_param: NetVipMap}
- keystone_admin_api_vip:
get_param: [NetVipMap, {get_param: [ServiceNetMap, keystone_admin_api_network]}]
keystone_public_api_vip:
get_param: [NetVipMap, {get_param: [ServiceNetMap, keystone_public_api_network]}]
public_virtual_ip: {get_param: [NetVipMap, external]}
controller_virtual_ip: {get_param: [NetVipMap, ctlplane]}
internal_api_virtual_ip: {get_param: [NetVipMap, internal_api]}
storage_virtual_ip: {get_param: [NetVipMap, storage]}
storage_mgmt_virtual_ip: {get_param: [NetVipMap, storage_mgmt]}
redis_vip: {get_param: RedisVirtualIP}
# public_virtual_ip and controller_virtual_ip are needed in
# both HAproxy & keepalived.
tripleo::haproxy::public_virtual_ip: {get_param: [NetVipMap, external]}
tripleo::haproxy::controller_virtual_ip: {get_param: [NetVipMap, ctlplane]}
tripleo::keepalived::public_virtual_ip: {get_param: [NetVipMap, external]}
tripleo::keepalived::controller_virtual_ip: {get_param: [NetVipMap, ctlplane]}
tripleo::keepalived::internal_api_virtual_ip: {get_param: [NetVipMap, internal_api]}
tripleo::keepalived::storage_virtual_ip: {get_param: [NetVipMap, storage]}
tripleo::keepalived::storage_mgmt_virtual_ip: {get_param: [NetVipMap, storage_mgmt]}
tripleo::keepalived::redis_virtual_ip: {get_param: RedisVirtualIP}
tripleo::redis_notification::haproxy_monitor_ip: {get_param: [NetVipMap, ctlplane]}
cloud_name_external: {get_param: cloud_name_external}
cloud_name_internal_api: {get_param: cloud_name_internal_api}
cloud_name_storage: {get_param: cloud_name_storage}
cloud_name_storage_mgmt: {get_param: cloud_name_storage_mgmt}
cloud_name_ctlplane: {get_param: cloud_name_ctlplane}
# TLS parameters
certmonger_ca: {get_param: CertmongerCA}
enable_internal_tls: {get_param: EnableInternalTLS}
outputs: outputs:
config_id: config_id:

58
puppet/blockstorage-role.yaml
View File

@ -239,39 +239,33 @@ resources:
BlockStorageConfig: BlockStorageConfig:
type: OS::Heat::StructuredConfig type: OS::Heat::StructuredConfig
properties: properties:
group: os-apply-config group: hiera
config: config:
hiera: hierarchy:
hierarchy: - '"%{::uuid}"'
- '"%{::uuid}"' - heat_config_%{::deploy_config_name}
- heat_config_%{::deploy_config_name} - volume_extraconfig
- volume_extraconfig - extraconfig
- extraconfig - service_names
- service_names - service_configs
- service_configs - volume
- volume - bootstrap_node # provided by allNodesConfig
- bootstrap_node # provided by allNodesConfig - all_nodes # provided by allNodesConfig
- all_nodes # provided by allNodesConfig - vip_data # provided by allNodesConfig
- vip_data # provided by allNodesConfig - '"%{::osfamily}"'
- '"%{::osfamily}"' merge_behavior: deeper
merge_behavior: deeper datafiles:
datafiles: service_names:
service_names: service_names: {get_param: ServiceNames}
mapped_data: sensu::subscriptions: {get_param: MonitoringSubscriptions}
service_names: {get_param: ServiceNames} service_configs:
sensu::subscriptions: {get_param: MonitoringSubscriptions} map_replace:
service_configs: - {get_param: ServiceConfigSettings}
mapped_data: - values: {get_attr: [NetIpMap, net_ip_map]}
map_replace: volume_extraconfig: {get_param: BlockStorageExtraConfig}
- {get_param: ServiceConfigSettings} extraconfig: {get_param: ExtraConfig}
- values: {get_attr: [NetIpMap, net_ip_map]} volume:
volume_extraconfig: tripleo::packages::enable_upgrade: {get_input: enable_package_upgrade}
mapped_data: {get_param: BlockStorageExtraConfig}
extraconfig:
mapped_data: {get_param: ExtraConfig}
volume:
mapped_data:
tripleo::packages::enable_upgrade: {get_input: enable_package_upgrade}
# Resource for site-specific injection of root certificate # Resource for site-specific injection of root certificate
NodeTLSCAData: NodeTLSCAData:

58
puppet/cephstorage-role.yaml
View File

@ -244,39 +244,33 @@ resources:
CephStorageConfig: CephStorageConfig:
type: OS::Heat::StructuredConfig type: OS::Heat::StructuredConfig
properties: properties:
group: os-apply-config group: hiera
config: config:
hiera: hierarchy:
hierarchy: - '"%{::uuid}"'
- '"%{::uuid}"' - heat_config_%{::deploy_config_name}
- heat_config_%{::deploy_config_name} - ceph_extraconfig
- ceph_extraconfig - extraconfig
- extraconfig - service_names
- service_names - service_configs
- service_configs - ceph
- ceph - bootstrap_node # provided by allNodesConfig
- bootstrap_node # provided by allNodesConfig - all_nodes # provided by allNodesConfig
- all_nodes # provided by allNodesConfig - vip_data # provided by allNodesConfig
- vip_data # provided by allNodesConfig - '"%{::osfamily}"'
- '"%{::osfamily}"' merge_behavior: deeper
merge_behavior: deeper datafiles:
datafiles: service_names:
service_names: service_names: {get_param: ServiceNames}
mapped_data: sensu::subscriptions: {get_param: MonitoringSubscriptions}
service_names: {get_param: ServiceNames} service_configs:
sensu::subscriptions: {get_param: MonitoringSubscriptions} map_replace:
service_configs: - {get_param: ServiceConfigSettings}
mapped_data: - values: {get_attr: [NetIpMap, net_ip_map]}
map_replace: ceph_extraconfig: {get_param: CephStorageExtraConfig}
- {get_param: ServiceConfigSettings} extraconfig: {get_param: ExtraConfig}
- values: {get_attr: [NetIpMap, net_ip_map]} ceph:
ceph_extraconfig: tripleo::packages::enable_upgrade: {get_input: enable_package_upgrade}
mapped_data: {get_param: CephStorageExtraConfig}
extraconfig:
mapped_data: {get_param: ExtraConfig}
ceph:
mapped_data:
tripleo::packages::enable_upgrade: {get_input: enable_package_upgrade}
# Resource for site-specific injection of root certificate # Resource for site-specific injection of root certificate
NodeTLSCAData: NodeTLSCAData:

70
puppet/compute-role.yaml
View File

@ -251,45 +251,39 @@ resources:
NovaComputeConfig: NovaComputeConfig:
type: OS::Heat::StructuredConfig type: OS::Heat::StructuredConfig
properties: properties:
group: os-apply-config group: hiera
config: config:
hiera: hierarchy:
hierarchy: - '"%{::uuid}"'
- '"%{::uuid}"' - heat_config_%{::deploy_config_name}
- heat_config_%{::deploy_config_name} - compute_extraconfig
- compute_extraconfig - extraconfig
- extraconfig - service_names
- service_names - service_configs
- service_configs - compute
- compute - bootstrap_node # provided by allNodesConfig
- bootstrap_node # provided by allNodesConfig - all_nodes # provided by allNodesConfig
- all_nodes # provided by allNodesConfig - vip_data # provided by allNodesConfig
- vip_data # provided by allNodesConfig - '"%{::osfamily}"'
- '"%{::osfamily}"' - neutron_bigswitch_data # Optionally provided by ComputeExtraConfigPre
- neutron_bigswitch_data # Optionally provided by ComputeExtraConfigPre - cisco_n1kv_data # Optionally provided by ComputeExtraConfigPre
- cisco_n1kv_data # Optionally provided by ComputeExtraConfigPre - nova_nuage_data # Optionally provided by ComputeExtraConfigPre
- nova_nuage_data # Optionally provided by ComputeExtraConfigPre - midonet_data # Optionally provided by AllNodesExtraConfig
- midonet_data # Optionally provided by AllNodesExtraConfig - neutron_opencontrail_data # Optionally provided by ComputeExtraConfigPre
- neutron_opencontrail_data # Optionally provided by ComputeExtraConfigPre - cisco_aci_data # Optionally provided by ComputeExtraConfigPre
- cisco_aci_data # Optionally provided by ComputeExtraConfigPre merge_behavior: deeper
merge_behavior: deeper datafiles:
datafiles: service_names:
service_names: service_names: {get_param: ServiceNames}
mapped_data: sensu::subscriptions: {get_param: MonitoringSubscriptions}
service_names: {get_param: ServiceNames} service_configs:
sensu::subscriptions: {get_param: MonitoringSubscriptions} map_replace:
service_configs: - {get_param: ServiceConfigSettings}
mapped_data: - values: {get_attr: [NetIpMap, net_ip_map]}
map_replace: compute_extraconfig: {get_param: NovaComputeExtraConfig}
- {get_param: ServiceConfigSettings} extraconfig: {get_param: ExtraConfig}
- values: {get_attr: [NetIpMap, net_ip_map]} compute:
compute_extraconfig: tripleo::packages::enable_upgrade: {get_input: enable_package_upgrade}
mapped_data: {get_param: NovaComputeExtraConfig}
extraconfig:
mapped_data: {get_param: ExtraConfig}
compute:
mapped_data:
tripleo::packages::enable_upgrade: {get_input: enable_package_upgrade}
NovaComputeDeployment: NovaComputeDeployment:
type: OS::TripleO::SoftwareDeployment type: OS::TripleO::SoftwareDeployment

92
puppet/controller-role.yaml
View File

@ -299,57 +299,51 @@ resources:
ControllerConfig: ControllerConfig:
type: OS::Heat::StructuredConfig type: OS::Heat::StructuredConfig
properties: properties:
group: os-apply-config group: hiera
config: config:
hiera: hierarchy:
hierarchy: - '"%{::uuid}"'
- '"%{::uuid}"' - heat_config_%{::deploy_config_name}
- heat_config_%{::deploy_config_name} - controller_extraconfig
- controller_extraconfig - extraconfig
- extraconfig - service_configs
- service_configs - service_names
- service_names - controller
- controller - bootstrap_node # provided by BootstrapNodeConfig
- bootstrap_node # provided by BootstrapNodeConfig - all_nodes # provided by allNodesConfig
- all_nodes # provided by allNodesConfig - vip_data # provided by allNodesConfig
- vip_data # provided by allNodesConfig - '"%{::osfamily}"'
- '"%{::osfamily}"' - cinder_dellsc_data # Optionally provided by ControllerExtraConfigPre
- cinder_dellsc_data # Optionally provided by ControllerExtraConfigPre - cinder_netapp_data # Optionally provided by ControllerExtraConfigPre
- cinder_netapp_data # Optionally provided by ControllerExtraConfigPre - cinder_eqlx_data # Optionally provided by ControllerExtraConfigPre
- cinder_eqlx_data # Optionally provided by ControllerExtraConfigPre - neutron_bigswitch_data # Optionally provided by ControllerExtraConfigPre
- neutron_bigswitch_data # Optionally provided by ControllerExtraConfigPre - neutron_cisco_data # Optionally provided by ControllerExtraConfigPre
- neutron_cisco_data # Optionally provided by ControllerExtraConfigPre - cisco_n1kv_data # Optionally provided by ControllerExtraConfigPre
- cisco_n1kv_data # Optionally provided by ControllerExtraConfigPre - midonet_data #Optionally provided by AllNodesExtraConfig
- midonet_data #Optionally provided by AllNodesExtraConfig - cisco_aci_data # Optionally provided by ControllerExtraConfigPre
- cisco_aci_data # Optionally provided by ControllerExtraConfigPre merge_behavior: deeper
merge_behavior: deeper datafiles:
datafiles: service_names:
service_names: service_names: {get_param: ServiceNames}
mapped_data: sensu::subscriptions: {get_param: MonitoringSubscriptions}
service_names: {get_param: ServiceNames} service_configs:
sensu::subscriptions: {get_param: MonitoringSubscriptions} map_replace:
service_configs: - {get_param: ServiceConfigSettings}
mapped_data: - values: {get_attr: [NetIpMap, net_ip_map]}
map_replace: controller_extraconfig:
- {get_param: ServiceConfigSettings} map_merge:
- values: {get_attr: [NetIpMap, net_ip_map]} - {get_param: controllerExtraConfig}
controller_extraconfig: - {get_param: ControllerExtraConfig}
mapped_data: extraconfig: {get_param: ExtraConfig}
map_merge: controller:
- {get_param: controllerExtraConfig} # data supplied directly to this deployment configuration, etc
- {get_param: ControllerExtraConfig} bootstack_nodeid: {get_input: bootstack_nodeid}
extraconfig: # Pacemaker
mapped_data: {get_param: ExtraConfig} enable_load_balancer: {get_input: enable_load_balancer}
controller:
mapped_data: # data supplied directly to this deployment configuration, etc
bootstack_nodeid: {get_input: bootstack_nodeid}
# Pacemaker # Misc
enable_load_balancer: {get_input: enable_load_balancer} tripleo::haproxy::service_certificate: {get_attr: [NodeTLSData, deployed_ssl_certificate_path]}
tripleo::packages::enable_upgrade: {get_input: enable_package_upgrade}
# Misc
tripleo::haproxy::service_certificate: {get_attr: [NodeTLSData, deployed_ssl_certificate_path]}
tripleo::packages::enable_upgrade: {get_input: enable_package_upgrade}
# Hook for site-specific additional pre-deployment config, e.g extra hieradata # Hook for site-specific additional pre-deployment config, e.g extra hieradata
ControllerExtraConfigPre: ControllerExtraConfigPre:

59
puppet/objectstorage-role.yaml
View File

@ -228,40 +228,33 @@ resources:
SwiftStorageHieraConfig: SwiftStorageHieraConfig:
type: OS::Heat::StructuredConfig type: OS::Heat::StructuredConfig
properties: properties:
group: os-apply-config group: hiera
config: config:
hiera: hierarchy:
hierarchy: - '"%{::uuid}"'
- '"%{::uuid}"' - heat_config_%{::deploy_config_name}
- heat_config_%{::deploy_config_name} - object_extraconfig
- object_extraconfig - extraconfig
- extraconfig - service_names
- service_names - service_configs
- service_configs - object
- object - bootstrap_node # provided by allNodesConfig
- bootstrap_node # provided by allNodesConfig - all_nodes # provided by allNodesConfig
- all_nodes # provided by allNodesConfig - vip_data # provided by allNodesConfig
- vip_data # provided by allNodesConfig - '"%{::osfamily}"'
- '"%{::osfamily}"' merge_behavior: deeper
merge_behavior: deeper datafiles:
datafiles: service_names:
service_names: service_names: {get_param: ServiceNames}
mapped_data: sensu::subscriptions: {get_param: MonitoringSubscriptions}
service_names: {get_param: ServiceNames} service_configs:
sensu::subscriptions: {get_param: MonitoringSubscriptions} map_replace:
service_configs: - {get_param: ServiceConfigSettings}
mapped_data: - values: {get_attr: [NetIpMap, net_ip_map]}
map_replace: object_extraconfig: {get_param: ObjectStorageExtraConfig}
- {get_param: ServiceConfigSettings} extraconfig: {get_param: ExtraConfig}
- values: {get_attr: [NetIpMap, net_ip_map]} object:
object_extraconfig: tripleo::packages::enable_upgrade: {get_input: enable_package_upgrade}
mapped_data: {get_param: ObjectStorageExtraConfig}
extraconfig:
mapped_data: {get_param: ExtraConfig}
object:
mapped_data: # data supplied directly to this deployment configuration, etc
tripleo::packages::enable_upgrade: {get_input: enable_package_upgrade}
SwiftStorageHieraDeploy: SwiftStorageHieraDeploy:
type: OS::Heat::StructuredDeployment type: OS::Heat::StructuredDeployment

62
puppet/role.role.j2.yaml
View File

@ -250,41 +250,35 @@ resources:
{{role}}Config: {{role}}Config:
type: OS::Heat::StructuredConfig type: OS::Heat::StructuredConfig
properties: properties:
group: os-apply-config group: hiera
config: config:
hiera: hierarchy:
hierarchy: - '"%{::uuid}"'
- '"%{::uuid}"' - heat_config_%{::deploy_config_name}
- heat_config_%{::deploy_config_name} - {{role.lower()}}_extraconfig
- {{role.lower()}}_extraconfig - extraconfig
- extraconfig - service_names
- service_names - service_configs
- service_configs - {{role.lower()}}
- {{role.lower()}} - bootstrap_node # provided by allNodesConfig
- bootstrap_node # provided by allNodesConfig - all_nodes # provided by allNodesConfig
- all_nodes # provided by allNodesConfig - vip_data # provided by allNodesConfig
- vip_data # provided by allNodesConfig - '"%{::osfamily}"'
- '"%{::osfamily}"' merge_behavior: deeper
merge_behavior: deeper datafiles:
datafiles: service_names:
service_names: service_names: {get_param: ServiceNames}
mapped_data: sensu::subscriptions: {get_param: MonitoringSubscriptions}
service_names: {get_param: ServiceNames} service_configs:
sensu::subscriptions: {get_param: MonitoringSubscriptions} map_replace:
service_configs: - {get_param: ServiceConfigSettings}
mapped_data: - values: {get_attr: [NetIpMap, net_ip_map]}
map_replace: {{role.lower()}}_extraconfig: {get_param: {{role}}ExtraConfig}
- {get_param: ServiceConfigSettings} extraconfig: {get_param: ExtraConfig}
- values: {get_attr: [NetIpMap, net_ip_map]} {{role.lower()}}:
{{role.lower()}}_extraconfig: tripleo::packages::enable_upgrade: {get_input: enable_package_upgrade}
mapped_data: {get_param: {{role}}ExtraConfig} tripleo::profile::base::logging::fluentd::fluentd_sources: {get_param: LoggingSources}
extraconfig: tripleo::profile::base::logging::fluentd::fluentd_groups: {get_param: LoggingGroups}
mapped_data: {get_param: ExtraConfig}
{{role.lower()}}:
mapped_data:
tripleo::packages::enable_upgrade: {get_input: enable_package_upgrade}
tripleo::profile::base::logging::fluentd::fluentd_sources: {get_param: LoggingSources}
tripleo::profile::base::logging::fluentd::fluentd_groups: {get_param: LoggingGroups}
# Resource for site-specific injection of root certificate # Resource for site-specific injection of root certificate
NodeTLSCAData: NodeTLSCAData:

4
puppet/services/aodh-api.yaml
View File

@ -55,7 +55,7 @@ outputs:
aodh::wsgi::apache::servername: aodh::wsgi::apache::servername:
str_replace: str_replace:
template: template:
'"%{::fqdn_$NETWORK}"' '%{::fqdn_$NETWORK}'
params: params:
$NETWORK: {get_param: [ServiceNetMap, AodhApiNetwork]} $NETWORK: {get_param: [ServiceNetMap, AodhApiNetwork]}
aodh::api::service_name: 'httpd' aodh::api::service_name: 'httpd'
@ -68,7 +68,7 @@ outputs:
aodh::api::host: aodh::api::host:
str_replace: str_replace:
template: template:
'"%{::fqdn_$NETWORK}"' '%{::fqdn_$NETWORK}'
params: params:
$NETWORK: {get_param: [ServiceNetMap, AodhApiNetwork]} $NETWORK: {get_param: [ServiceNetMap, AodhApiNetwork]}
# NOTE: bind IP is found in Heat replacing the network name with the # NOTE: bind IP is found in Heat replacing the network name with the

4
puppet/services/barbican-api.yaml
View File

@ -24,7 +24,7 @@ parameters:
hidden: true hidden: true
BarbicanWorkers: BarbicanWorkers:
description: Set the number of workers for barbican::wsgi::apache description: Set the number of workers for barbican::wsgi::apache
default: '"%{::processorcount}"' default: '%{::processorcount}'
type: string type: string
Debug: Debug:
default: '' default: ''
@ -93,7 +93,7 @@ outputs:
barbican::wsgi::apache::servername: barbican::wsgi::apache::servername:
str_replace: str_replace:
template: template:
'"%{::fqdn_$NETWORK}"' '%{::fqdn_$NETWORK}'
params: params:
$NETWORK: {get_param: [ServiceNetMap, BarbicanApiNetwork]} $NETWORK: {get_param: [ServiceNetMap, BarbicanApiNetwork]}
barbican::db::database_connection: barbican::db::database_connection:

4
puppet/services/ceilometer-api.yaml
View File

@ -75,7 +75,7 @@ outputs:
ceilometer::api::host: ceilometer::api::host:
str_replace: str_replace:
template: template:
'"%{::fqdn_$NETWORK}"' '%{::fqdn_$NETWORK}'
params: params:
$NETWORK: {get_param: [ServiceNetMap, CeilometerApiNetwork]} $NETWORK: {get_param: [ServiceNetMap, CeilometerApiNetwork]}
ceilometer::wsgi::apache::bind_host: {get_param: [ServiceNetMap, CeilometerApiNetwork]} ceilometer::wsgi::apache::bind_host: {get_param: [ServiceNetMap, CeilometerApiNetwork]}
@ -83,7 +83,7 @@ outputs:
ceilometer::wsgi::apache::servername: ceilometer::wsgi::apache::servername:
str_replace: str_replace:
template: template:
'"%{::fqdn_$NETWORK}"' '%{::fqdn_$NETWORK}'
params: params:
$NETWORK: {get_param: [ServiceNetMap, CeilometerApiNetwork]} $NETWORK: {get_param: [ServiceNetMap, CeilometerApiNetwork]}
service_config_settings: service_config_settings:

53
puppet/services/ceph-base.yaml
View File

@ -119,36 +119,33 @@ outputs:
NETWORK: {get_param: [ServiceNetMap, CephMonNetwork]} NETWORK: {get_param: [ServiceNetMap, CephMonNetwork]}
ceph::profile::params::public_addr: {get_param: [ServiceNetMap, CephMonNetwork]} ceph::profile::params::public_addr: {get_param: [ServiceNetMap, CephMonNetwork]}
ceph::profile::params::client_keys: ceph::profile::params::client_keys:
str_replace: map_replace:
template: "{ - client.admin:
client.admin: { secret: {get_param: CephAdminKey}
secret: 'ADMIN_KEY', mode: '0600'
mode: '0600', cap_mon: 'allow *'
cap_mon: 'allow *', cap_osd: 'allow *'
cap_osd: 'allow *',
cap_mds: 'allow *' cap_mds: 'allow *'
}, client.bootstrap-osd:
client.bootstrap-osd: { secret: {get_param: CephAdminKey}
secret: 'ADMIN_KEY', keyring_path: '/var/lib/ceph/bootstrap-osd/ceph.keyring'
keyring_path: '/var/lib/ceph/bootstrap-osd/ceph.keyring',
cap_mon: 'allow profile bootstrap-osd' cap_mon: 'allow profile bootstrap-osd'
}, CEPH_CLIENT_KEY:
client.CLIENT_USER: { secret: {get_param: CephClientKey}
secret: 'CLIENT_KEY', mode: '0644'
mode: '0644', cap_mon: 'allow r'
cap_mon: 'allow r', cap_osd:
cap_osd: 'allow class-read object_prefix rbd_children, allow rwx pool=CINDER_POOL, allow rwx pool=CINDERBACKUP_POOL, allow rwx pool=NOVA_POOL, allow rwx pool=GLANCE_POOL, allow rwx pool=GNOCCHI_POOL' str_replace:
} template: 'allow class-read object_prefix rbd_children, allow rwx pool=CINDER_POOL, allow rwx pool=CINDERBACKUP_POOL, allow rwx pool=NOVA_POOL, allow rwx pool=GLANCE_POOL, allow rwx pool=GNOCCHI_POOL'
}" params:
params: NOVA_POOL: {get_param: NovaRbdPoolName}
CLIENT_USER: {get_param: CephClientUserName} CINDER_POOL: {get_param: CinderRbdPoolName}
CLIENT_KEY: {get_param: CephClientKey} CINDERBACKUP_POOL: {get_param: CinderBackupRbdPoolName}
ADMIN_KEY: {get_param: CephAdminKey} GLANCE_POOL: {get_param: GlanceRbdPoolName}
NOVA_POOL: {get_param: NovaRbdPoolName} GNOCCHI_POOL: {get_param: GnocchiRbdPoolName}
CINDER_POOL: {get_param: CinderRbdPoolName} - keys:
CINDERBACKUP_POOL: {get_param: CinderBackupRbdPoolName} CEPH_CLIENT_KEY:
GLANCE_POOL: {get_param: GlanceRbdPoolName} list_join: ['.', ['client', {get_param: CephClientUserName}]]
GNOCCHI_POOL: {get_param: GnocchiRbdPoolName}
service_config_settings: service_config_settings:
glance_api: glance_api:
glance::api::show_multiple_locations: {if: [glance_multiple_locations, true, false]} glance::api::show_multiple_locations: {if: [glance_multiple_locations, true, false]}

6
puppet/services/cinder-api.yaml
View File

@ -42,7 +42,7 @@ parameters:
CinderWorkers: CinderWorkers:
type: string type: string
description: Set the number of workers for cinder::wsgi::apache description: Set the number of workers for cinder::wsgi::apache
default: '"%{::os_workers}"' default: '%{::os_workers}'
EnableInternalTLS: EnableInternalTLS:
type: boolean type: boolean
default: false default: false
@ -101,7 +101,7 @@ outputs:
cinder::api::bind_host: cinder::api::bind_host:
str_replace: str_replace:
template: template:
'"%{::fqdn_$NETWORK}"' '%{::fqdn_$NETWORK}'
params: params:
$NETWORK: {get_param: [ServiceNetMap, CinderApiNetwork]} $NETWORK: {get_param: [ServiceNetMap, CinderApiNetwork]}
cinder::wsgi::apache::ssl: {get_param: EnableInternalTLS} cinder::wsgi::apache::ssl: {get_param: EnableInternalTLS}
@ -115,7 +115,7 @@ outputs:
cinder::wsgi::apache::servername: cinder::wsgi::apache::servername:
str_replace: str_replace:
template: template:
'"%{::fqdn_$NETWORK}"' '%{::fqdn_$NETWORK}'
params: params:
$NETWORK: {get_param: [ServiceNetMap, CinderApiNetwork]} $NETWORK: {get_param: [ServiceNetMap, CinderApiNetwork]}
- -

2
puppet/services/database/mysql.yaml
View File

@ -87,7 +87,7 @@ outputs:
tripleo::profile::base::database::mysql::bind_address: tripleo::profile::base::database::mysql::bind_address:
str_replace: str_replace:
template: template:
'"%{::fqdn_$NETWORK}"' '%{::fqdn_$NETWORK}'
params: params:
$NETWORK: {get_param: [ServiceNetMap, MysqlNetwork]} $NETWORK: {get_param: [ServiceNetMap, MysqlNetwork]}
step_config: | step_config: |

4
puppet/services/database/redis-base.yaml
View File

@ -39,6 +39,6 @@ outputs:
# internal_api_subnet - > IP/CIDR # internal_api_subnet - > IP/CIDR
redis::bind: {get_param: [ServiceNetMap, RedisNetwork]} redis::bind: {get_param: [ServiceNetMap, RedisNetwork]}
redis::port: 6379 redis::port: 6379
redis::sentinel::master_name: '"%{hiera(\"bootstrap_nodeid\")}"' redis::sentinel::master_name: "%{hiera('bootstrap_nodeid')}"
redis::sentinel::redis_host: '"%{hiera(\"bootstrap_nodeid_ip\")}"' redis::sentinel::redis_host: "%{hiera('bootstrap_nodeid_ip')}"
redis::sentinel::notification_script: '/usr/local/bin/redis-notifications.sh' redis::sentinel::notification_script: '/usr/local/bin/redis-notifications.sh'

4
puppet/services/gnocchi-api.yaml
View File

@ -91,7 +91,7 @@ outputs:
gnocchi::wsgi::apache::servername: gnocchi::wsgi::apache::servername:
str_replace: str_replace:
template: template:
'"%{::fqdn_$NETWORK}"' '%{::fqdn_$NETWORK}'
params: params:
$NETWORK: {get_param: [ServiceNetMap, GnocchiApiNetwork]} $NETWORK: {get_param: [ServiceNetMap, GnocchiApiNetwork]}
tripleo::profile::base::gnocchi::api::gnocchi_backend: {get_param: GnocchiBackend} tripleo::profile::base::gnocchi::api::gnocchi_backend: {get_param: GnocchiBackend}
@ -105,7 +105,7 @@ outputs:
gnocchi::api::host: gnocchi::api::host:
str_replace: str_replace:
template: template:
'"%{::fqdn_$NETWORK}"' '%{::fqdn_$NETWORK}'
params: params:
$NETWORK: {get_param: [ServiceNetMap, GnocchiApiNetwork]} $NETWORK: {get_param: [ServiceNetMap, GnocchiApiNetwork]}

2
puppet/services/ironic-conductor.yaml
View File

@ -68,7 +68,7 @@ outputs:
list_join: list_join:
- '' - ''
- - 'http://' - - 'http://'
- '%{hiera("ironic_conductor_http_host")}:' - "%{hiera('ironic_conductor_http_host')}:"
- {get_param: IronicIPXEPort} - {get_param: IronicIPXEPort}
ironic::drivers::pxe::ipxe_enabled: {get_param: IronicIPXEEnabled} ironic::drivers::pxe::ipxe_enabled: {get_param: IronicIPXEEnabled}
ironic::glance_api_servers: {get_param: [EndpointMap, GlanceInternal, uri]} ironic::glance_api_servers: {get_param: [EndpointMap, GlanceInternal, uri]}

26
puppet/services/keepalived.yaml
View File

@ -1,4 +1,4 @@
heat_template_version: 2016-04-08 heat_template_version: 2016-10-14
description: > description: >
Keepalived service configured with Puppet Keepalived service configured with Puppet
@ -36,6 +36,11 @@ parameters:
default: 'overcloud-keepalived' default: 'overcloud-keepalived'
type: string type: string
conditions:
control_iface_empty: {equals : [{get_param: ControlVirtualInterface}, '']}
public_iface_empty: {equals : [{get_param: PublicVirtualInterface}, '']}
outputs: outputs:
role_data: role_data:
description: Role data for the Keepalived role. description: Role data for the Keepalived role.
@ -43,10 +48,19 @@ outputs:
service_name: keepalived service_name: keepalived
monitoring_subscription: {get_param: MonitoringSubscriptionKeepalived} monitoring_subscription: {get_param: MonitoringSubscriptionKeepalived}
config_settings: config_settings:
tripleo::keepalived::control_virtual_interface: {get_param: ControlVirtualInterface} map_merge:
tripleo::keepalived::public_virtual_interface: {get_param: PublicVirtualInterface} - tripleo.keepalived.firewall_rules:
tripleo.keepalived.firewall_rules: '106 keepalived vrrp':
'106 keepalived vrrp': proto: vrrp
proto: vrrp -
if:
- control_iface_empty
- {}
- tripleo::keepalived::control_virtual_interface: {get_param: ControlVirtualInterface}
-
if:
- public_iface_empty
- {}
- tripleo::keepalived::public_virtual_interface: {get_param: PublicVirtualInterface}
step_config: | step_config: |
include ::tripleo::profile::base::keepalived include ::tripleo::profile::base::keepalived

10
puppet/services/keystone.yaml
View File

@ -89,7 +89,7 @@ parameters:
KeystoneWorkers: KeystoneWorkers:
type: string type: string
description: Set the number of workers for keystone::wsgi::apache description: Set the number of workers for keystone::wsgi::apache
default: '"%{::os_workers}"' default: '%{::os_workers}'
MonitoringSubscriptionKeystone: MonitoringSubscriptionKeystone:
default: 'overcloud-keystone' default: 'overcloud-keystone'
type: string type: string
@ -195,13 +195,13 @@ outputs:
keystone::wsgi::apache::servername: keystone::wsgi::apache::servername:
str_replace: str_replace:
template: template:
'"%{::fqdn_$NETWORK}"' '%{::fqdn_$NETWORK}'
params: params:
$NETWORK: {get_param: [ServiceNetMap, KeystonePublicApiNetwork]} $NETWORK: {get_param: [ServiceNetMap, KeystonePublicApiNetwork]}
keystone::wsgi::apache::servername_admin: keystone::wsgi::apache::servername_admin:
str_replace: str_replace:
template: template:
'"%{::fqdn_$NETWORK}"' '%{::fqdn_$NETWORK}'
params: params:
$NETWORK: {get_param: [ServiceNetMap, KeystoneAdminApiNetwork]} $NETWORK: {get_param: [ServiceNetMap, KeystoneAdminApiNetwork]}
keystone::wsgi::apache::workers: {get_param: KeystoneWorkers} keystone::wsgi::apache::workers: {get_param: KeystoneWorkers}
@ -219,13 +219,13 @@ outputs:
keystone::admin_bind_host: keystone::admin_bind_host:
str_replace: str_replace:
template: template:
'"%{::fqdn_$NETWORK}"' '%{::fqdn_$NETWORK}'
params: params:
$NETWORK: {get_param: [ServiceNetMap, KeystoneAdminApiNetwork]} $NETWORK: {get_param: [ServiceNetMap, KeystoneAdminApiNetwork]}
keystone::public_bind_host: keystone::public_bind_host:
str_replace: str_replace:
template: template:
'"%{::fqdn_$NETWORK}"' '%{::fqdn_$NETWORK}'
params: params:
$NETWORK: {get_param: [ServiceNetMap, KeystonePublicApiNetwork]} $NETWORK: {get_param: [ServiceNetMap, KeystonePublicApiNetwork]}
# NOTE: bind IP is found in Heat replacing the network name with the # NOTE: bind IP is found in Heat replacing the network name with the

8
puppet/services/neutron-base.yaml
View File

@ -84,16 +84,12 @@ outputs:
neutron::rabbit_port: {get_param: RabbitClientPort} neutron::rabbit_port: {get_param: RabbitClientPort}
neutron::dhcp_agents_per_network: {get_param: NeutronDhcpAgentsPerNetwork} neutron::dhcp_agents_per_network: {get_param: NeutronDhcpAgentsPerNetwork}
neutron::core_plugin: {get_param: NeutronCorePlugin} neutron::core_plugin: {get_param: NeutronCorePlugin}
neutron::service_plugins: neutron::service_plugins: {get_param: NeutronServicePlugins}
str_replace:
template: PLUGINS
params:
PLUGINS: {get_param: NeutronServicePlugins}
neutron::debug: {get_param: Debug} neutron::debug: {get_param: Debug}
neutron::purge_config: {get_param: EnableConfigPurge} neutron::purge_config: {get_param: EnableConfigPurge}
neutron::allow_overlapping_ips: true neutron::allow_overlapping_ips: true
neutron::rabbit_heartbeat_timeout_threshold: 60 neutron::rabbit_heartbeat_timeout_threshold: 60
neutron::host: '"%{::fqdn}"' #NOTE: extra quoting is needed neutron::host: '%{::fqdn}'
neutron::db::database_db_max_retries: -1 neutron::db::database_db_max_retries: -1
neutron::db::database_max_retries: -1 neutron::db::database_max_retries: -1
neutron::global_physnet_mtu: {get_param: NeutronGlobalPhysnetMtu} neutron::global_physnet_mtu: {get_param: NeutronGlobalPhysnetMtu}

2
puppet/services/neutron-metadata.yaml
View File

@ -72,6 +72,6 @@ outputs:
neutron::agents::metadata::auth_password: {get_param: NeutronPassword} neutron::agents::metadata::auth_password: {get_param: NeutronPassword}
neutron::agents::metadata::auth_url: { get_param: [EndpointMap, KeystoneAdmin, uri_no_suffix] } neutron::agents::metadata::auth_url: { get_param: [EndpointMap, KeystoneAdmin, uri_no_suffix] }
neutron::agents::metadata::auth_tenant: 'service' neutron::agents::metadata::auth_tenant: 'service'
neutron::agents::metadata::metadata_ip: '"%{hiera(\"nova_metadata_vip\")}"' neutron::agents::metadata::metadata_ip: "%{hiera('nova_metadata_vip')}"
step_config: | step_config: |
include tripleo::profile::base::neutron::metadata include tripleo::profile::base::neutron::metadata

18
puppet/services/neutron-ovs-agent.yaml
View File

@ -94,21 +94,9 @@ outputs:
- neutron::agents::ml2::ovs::l2_population: {get_param: NeutronEnableL2Pop} - neutron::agents::ml2::ovs::l2_population: {get_param: NeutronEnableL2Pop}
neutron::agents::ml2::ovs::enable_distributed_routing: {get_param: NeutronEnableDVR} neutron::agents::ml2::ovs::enable_distributed_routing: {get_param: NeutronEnableDVR}
neutron::agents::ml2::ovs::arp_responder: {get_param: NeutronEnableARPResponder} neutron::agents::ml2::ovs::arp_responder: {get_param: NeutronEnableARPResponder}
neutron::agents::ml2::ovs::bridge_mappings: neutron::agents::ml2::ovs::bridge_mappings: {get_param: NeutronBridgeMappings}
str_replace: neutron::agents::ml2::ovs::tunnel_types: {get_param: NeutronTunnelTypes}
template: MAPPINGS neutron::agents::ml2::ovs::extensions: {get_param: NeutronAgentExtensions}
params:
MAPPINGS: {get_param: NeutronBridgeMappings}
neutron::agents::ml2::ovs::tunnel_types:
str_replace:
template: TYPES
params:
TYPES: {get_param: NeutronTunnelTypes}
neutron::agents::ml2::ovs::extensions:
str_replace:
template: AGENT_EXTENSIONS
params:
AGENT_EXTENSIONS: {get_param: NeutronAgentExtensions}
# NOTE: bind IP is found in Heat replacing the network name with the # NOTE: bind IP is found in Heat replacing the network name with the
# local node IP for the given network; replacement examples # local node IP for the given network; replacement examples
# (eg. for internal_api): # (eg. for internal_api):

48
puppet/services/neutron-plugin-ml2.yaml
View File

@ -83,46 +83,14 @@ outputs:
config_settings: config_settings:
map_merge: map_merge:
- get_attr: [NeutronBase, role_data, config_settings] - get_attr: [NeutronBase, role_data, config_settings]
- neutron::plugins::ml2::mechanism_drivers: - neutron::plugins::ml2::mechanism_drivers: {get_param: NeutronMechanismDrivers}
str_replace: neutron::plugins::ml2::type_drivers: {get_param: NeutronTypeDrivers}
template: MECHANISMS neutron::plugins::ml2::flat_networks: {get_param: NeutronFlatNetworks}
params: neutron::plugins::ml2::extension_drivers: {get_param: NeutronPluginExtensions}
MECHANISMS: {get_param: NeutronMechanismDrivers} neutron::plugins::ml2::network_vlan_ranges: {get_param: NeutronNetworkVLANRanges}
neutron::plugins::ml2::type_drivers: neutron::plugins::ml2::tunnel_id_ranges: {get_param: NeutronTunnelIdRanges}
str_replace: neutron::plugins::ml2::vni_ranges: {get_param: NeutronVniRanges}
template: DRIVERS neutron::plugins::ml2::tenant_network_types: {get_param: NeutronNetworkType}
params:
DRIVERS: {get_param: NeutronTypeDrivers}
neutron::plugins::ml2::flat_networks:
str_replace:
template: NETWORKS
params:
NETWORKS: {get_param: NeutronFlatNetworks}
neutron::plugins::ml2::extension_drivers:
str_replace:
template: PLUGIN_EXTENSIONS
params:
PLUGIN_EXTENSIONS: {get_param: NeutronPluginExtensions}
neutron::plugins::ml2::network_vlan_ranges:
str_replace:
template: RANGES
params:
RANGES: {get_param: NeutronNetworkVLANRanges}
neutron::plugins::ml2::tunnel_id_ranges:
str_replace:
template: RANGES
params:
RANGES: {get_param: NeutronTunnelIdRanges}
neutron::plugins::ml2::vni_ranges:
str_replace:
template: RANGES
params:
RANGES: {get_param: NeutronVniRanges}
neutron::plugins::ml2::tenant_network_types:
str_replace:
template: TYPES
params:
TYPES: {get_param: NeutronNetworkType}
neutron::plugins::ml2::supported_pci_vendor_devs: {get_param: NeutronSupportedPCIVendorDevs} neutron::plugins::ml2::supported_pci_vendor_devs: {get_param: NeutronSupportedPCIVendorDevs}
step_config: | step_config: |

8
puppet/services/nova-api.yaml
View File

@ -87,8 +87,8 @@ outputs:
map_merge: map_merge:
- get_attr: [NovaBase, role_data, config_settings] - get_attr: [NovaBase, role_data, config_settings]
- get_attr: [ApacheServiceBase, role_data, config_settings] - get_attr: [ApacheServiceBase, role_data, config_settings]
- nova::cron::archive_deleted_rows::hour: '"*/12"' - nova::cron::archive_deleted_rows::hour: '*/12'
nova::cron::archive_deleted_rows::destination: '"/dev/null"' nova::cron::archive_deleted_rows::destination: '/dev/null'
tripleo.nova_api.firewall_rules: tripleo.nova_api.firewall_rules:
'113 nova_api': '113 nova_api':
dport: dport:
@ -108,7 +108,7 @@ outputs:
nova::api::api_bind_address: nova::api::api_bind_address:
str_replace: str_replace:
template: template:
'"%{::fqdn_$NETWORK}"' '%{::fqdn_$NETWORK}'
params: params:
$NETWORK: {get_param: [ServiceNetMap, NovaApiNetwork]} $NETWORK: {get_param: [ServiceNetMap, NovaApiNetwork]}
nova::api::service_name: 'httpd' nova::api::service_name: 'httpd'
@ -122,7 +122,7 @@ outputs:
nova::wsgi::apache::servername: nova::wsgi::apache::servername:
str_replace: str_replace:
template: template:
'"%{::fqdn_$NETWORK}"' '%{::fqdn_$NETWORK}'
params: params:
$NETWORK: {get_param: [ServiceNetMap, NovaApiNetwork]} $NETWORK: {get_param: [ServiceNetMap, NovaApiNetwork]}
nova::api::neutron_metadata_proxy_shared_secret: {get_param: NeutronMetadataProxySharedSecret} nova::api::neutron_metadata_proxy_shared_secret: {get_param: NeutronMetadataProxySharedSecret}

2
puppet/services/nova-base.yaml
View File

@ -109,7 +109,7 @@ outputs:
nova::network::neutron::neutron_auth_url: {get_param: [EndpointMap, KeystoneV3Admin, uri]} nova::network::neutron::neutron_auth_url: {get_param: [EndpointMap, KeystoneV3Admin, uri]}
nova::rabbit_heartbeat_timeout_threshold: 60 nova::rabbit_heartbeat_timeout_threshold: 60
nova::cinder_catalog_info: 'volumev2:cinderv2:internalURL' nova::cinder_catalog_info: 'volumev2:cinderv2:internalURL'
nova::host: '"%{::fqdn}"' # NOTE: extra quoting is needed. nova::host: '%{::fqdn}'
nova::notify_on_state_change: 'vm_and_task_state' nova::notify_on_state_change: 'vm_and_task_state'
nova::notification_driver: messagingv2 nova::notification_driver: messagingv2
nova::network::neutron::neutron_auth_type: 'v3password' nova::network::neutron::neutron_auth_type: 'v3password'

10
puppet/services/nova-compute.yaml
View File

@ -52,7 +52,7 @@ parameters:
For different formats, refer to the nova.conf documentation for For different formats, refer to the nova.conf documentation for
pci_passthrough_whitelist configuration pci_passthrough_whitelist configuration
type: json type: json
default: '' default: {}
NovaVcpuPinSet: NovaVcpuPinSet:
description: > description: >
A list or range of physical CPU cores to reserve for virtual machine A list or range of physical CPU cores to reserve for virtual machine
@ -97,11 +97,7 @@ outputs:
map_merge: map_merge:
- get_attr: [NovaBase, role_data, config_settings] - get_attr: [NovaBase, role_data, config_settings]
- nova::compute::libvirt::manage_libvirt_services: false - nova::compute::libvirt::manage_libvirt_services: false
nova::compute::pci_passthrough: nova::compute::pci_passthrough: {get_param: NovaPCIPassthrough}
str_replace:
template: "'JSON_PARAM'"
params:
JSON_PARAM: {get_param: NovaPCIPassthrough}
nova::compute::vcpu_pin_set: {get_param: NovaVcpuPinSet} nova::compute::vcpu_pin_set: {get_param: NovaVcpuPinSet}
nova::compute::reserved_host_memory: {get_param: NovaReservedHostMemory} nova::compute::reserved_host_memory: {get_param: NovaReservedHostMemory}
# we manage migration in nova common puppet profile # we manage migration in nova common puppet profile
@ -117,7 +113,7 @@ outputs:
- '.' - '.'
- - 'client' - - 'client'
- {get_param: CephClientUserName} - {get_param: CephClientUserName}
nova::compute::rbd::libvirt_rbd_secret_uuid: '"%{hiera(\"ceph::profile::params::fsid\")}"' nova::compute::rbd::libvirt_rbd_secret_uuid: "%{hiera('ceph::profile::params::fsid')}"
nova::compute::instance_usage_audit: true nova::compute::instance_usage_audit: true
nova::compute::instance_usage_audit_period: 'hour' nova::compute::instance_usage_audit_period: 'hour'
nova::compute::rbd::ephemeral_storage: {get_param: NovaEnableRbdBackend} nova::compute::rbd::ephemeral_storage: {get_param: NovaEnableRbdBackend}

2
puppet/services/pacemaker/database/mysql.yaml
View File

@ -40,7 +40,7 @@ outputs:
- tripleo::profile::pacemaker::database::mysql::bind_address: - tripleo::profile::pacemaker::database::mysql::bind_address:
str_replace: str_replace:
template: template:
'"%{::fqdn_$NETWORK}"' '%{::fqdn_$NETWORK}'
params: params:
$NETWORK: {get_param: [ServiceNetMap, MysqlNetwork]} $NETWORK: {get_param: [ServiceNetMap, MysqlNetwork]}
# NOTE: bind IP is found in Heat replacing the network name with the # NOTE: bind IP is found in Heat replacing the network name with the

4
puppet/services/panko-api.yaml
View File

@ -55,7 +55,7 @@ outputs:
panko::wsgi::apache::servername: panko::wsgi::apache::servername:
str_replace: str_replace:
template: template:
'"%{::fqdn_$NETWORK}"' '%{::fqdn_$NETWORK}'
params: params:
$NETWORK: {get_param: [ServiceNetMap, PankoApiNetwork]} $NETWORK: {get_param: [ServiceNetMap, PankoApiNetwork]}
panko::api::service_name: 'httpd' panko::api::service_name: 'httpd'
@ -68,7 +68,7 @@ outputs:
panko::api::host: panko::api::host:
str_replace: str_replace:
template: template:
'"%{::fqdn_$NETWORK}"' '%{::fqdn_$NETWORK}'
params: params:
$NETWORK: {get_param: [ServiceNetMap, PankoApiNetwork]} $NETWORK: {get_param: [ServiceNetMap, PankoApiNetwork]}
# NOTE: bind IP is found in Heat replacing the network name with the # NOTE: bind IP is found in Heat replacing the network name with the