openstack/tripleo-heat-templates
Code Issues Proposed changes

Add Aodh composable roles

Browse Source 
Implements: blueprint composable-services-within-roles
Depends-On: Ie48a123cc5bc402aee635a5daf118b158c6f3b6a
Closes-Bug: #1601850

Change-Id: Ifcfe0e3937fa8577635d803d46c3dfc2e873e553
This commit is contained in:
Pradeep Kilambi 2016-06-23 15:54:06 -04:00
parent 3af055c2c6
commit 7c502ce91d
17 changed files with 224 additions and 212 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

4
overcloud-resource-registry-puppet.yaml
View File

@ -199,6 +199,10 @@ resource_registry:
OS::Tripleo::Services::ManilaShare: OS::Heat::None
OS::TripleO::Services::ComputeNeutronL3Agent: OS::Heat::None
OS::TripleO::Services::ComputeNeutronMetadataAgent: OS::Heat::None
OS::TripleO::Services::AodhApi: puppet/services/aodh-api.yaml
OS::TripleO::Services::AodhEvaluator: puppet/services/aodh-evaluator.yaml
OS::TripleO::Services::AodhNotifier: puppet/services/aodh-notifier.yaml
OS::TripleO::Services::AodhListener: puppet/services/aodh-listener.yaml
parameter_defaults:
EnablePackageInstall: false

4
overcloud.yaml
View File

@ -284,6 +284,10 @@ parameters:
- OS::Tripleo::Services::ManilaApi
- OS::Tripleo::Services::ManilaScheduler
- OS::Tripleo::Services::ManilaShare
- OS::TripleO::Services::AodhApi
- OS::TripleO::Services::AodhEvaluator
- OS::TripleO::Services::AodhNotifier
- OS::TripleO::Services::AodhListener
description: A list of service resources (configured in the Heat
resource_registry) which represent nested stacks
for each service that should get installed on the Controllers.

3
puppet/ceph-storage.yaml
View File

@ -256,7 +256,6 @@ resources:
- ceph
- all_nodes # provided by allNodesConfig
- '"%{::osfamily}"'
- common
- network
merge_behavior: deeper
datafiles:
@ -265,8 +264,6 @@ resources:
service_names: {get_param: ServiceNames}
service_configs:
mapped_data: {get_param: ServiceConfigSettings}
common:
raw_data: {get_file: hieradata/common.yaml}
network:
mapped_data:
net_ip_map: {get_attr: [NetIpMap, net_ip_map]}

3
puppet/cinder-storage.yaml
View File

@ -263,7 +263,6 @@ resources:
- volume
- all_nodes # provided by allNodesConfig
- '"%{::osfamily}"'
- common
- network
merge_behavior: deeper
datafiles:
@ -272,8 +271,6 @@ resources:
service_names: {get_param: ServiceNames}
service_configs:
mapped_data: {get_param: ServiceConfigSettings}
common:
raw_data: {get_file: hieradata/common.yaml}
network:
mapped_data:
net_ip_map: {get_attr: [NetIpMap, net_ip_map]}

3
puppet/compute.yaml
View File

@ -370,7 +370,6 @@ resources:
- ceph
- all_nodes # provided by allNodesConfig
- '"%{::osfamily}"'
- common
- network
- neutron_bigswitch_data # Optionally provided by ComputeExtraConfigPre
- cisco_n1kv_data # Optionally provided by ComputeExtraConfigPre
@ -388,8 +387,6 @@ resources:
mapped_data: {get_param: NovaComputeExtraConfig}
extraconfig:
mapped_data: {get_param: ExtraConfig}
common:
raw_data: {get_file: hieradata/common.yaml}
network:
mapped_data:
net_ip_map: {get_attr: [NetIpMap, net_ip_map]}

45
puppet/controller.yaml
View File

@ -525,7 +525,6 @@ resources:
neutron_admin_url: { get_param: [ EndpointMap, NeutronAdmin, uri ] }
neutron_auth_url: { get_param: [ EndpointMap, KeystoneV3Admin, uri ] }
nova_internal_url: { get_param: [ EndpointMap, NovaInternal, uri ] }
aodh_password: {get_param: AodhPassword}
aodh_internal_url: { get_param: [ EndpointMap, AodhInternal, uri ] }
aodh_public_url: { get_param: [ EndpointMap, AodhPublic, uri ] }
aodh_admin_url: { get_param: [ EndpointMap, AodhAdmin, uri ] }
@ -537,15 +536,6 @@ resources:
- '@'
- {get_param: RedisVirtualIPUri}
- ':6379/'
aodh_dsn:
list_join:
- ''
- - {get_param: [EndpointMap, MysqlInternal, protocol]}
- '://aodh:'
- {get_param: AodhPassword}
- '@'
- {get_param: [EndpointMap, MysqlInternal, host]}
- '/aodh'
gnocchi_internal_url: {get_param: [EndpointMap, GnocchiInternal, uri]}
gnocchi_public_url: { get_param: [ EndpointMap, GnocchiPublic, uri ] }
gnocchi_admin_url: { get_param: [ EndpointMap, GnocchiAdmin, uri ] }
@ -628,7 +618,6 @@ resources:
- service_configs
- service_names
- controller
- database
- object
- swift_devices_and_proxy # provided by SwiftDevicesAndProxyConfig
- ceph_cluster # provided by CephClusterConfig
@ -637,7 +626,6 @@ resources:
- all_nodes # provided by allNodesConfig
- vip_data # provided by vip-config
- '"%{::osfamily}"'
- common
- network
- cinder_dellsc_data # Optionally provided by ControllerExtraConfigPre
- cinder_netapp_data # Optionally provided by ControllerExtraConfigPre
@ -660,8 +648,6 @@ resources:
- {get_param: ControllerExtraConfig}
extraconfig:
mapped_data: {get_param: ExtraConfig}
common:
raw_data: {get_file: hieradata/common.yaml}
network:
mapped_data:
net_ip_map: {get_attr: [NetIpMap, net_ip_map]}
@ -673,8 +659,6 @@ resources:
ceph::profile::params::cluster_network: {get_input: ceph_cluster_network}
ceph::profile::params::public_network: {get_input: ceph_public_network}
ceph::profile::params::public_addr: {get_input: ceph_public_ip}
database:
raw_data: {get_file: hieradata/database.yaml}
object:
raw_data: {get_file: hieradata/object.yaml}
controller:
@ -751,36 +735,15 @@ resources:
neutron::keystone::auth::password: {get_input: neutron_password }
neutron::keystone::auth::region: {get_input: keystone_region}
# Aodh
aodh::api::host: {get_input: aodh_api_network}
aodh::wsgi::apache::bind_host: {get_input: aodh_api_network}
# Ceilometer
ceilometer::api::host: {get_input: ceilometer_api_network}
snmpd_readonly_user_name: {get_input: snmpd_readonly_user_name}
snmpd_readonly_user_password: {get_input: snmpd_readonly_user_password}
# Aodh
aodh_mysql_conn_string: {get_input: aodh_dsn}
aodh::rabbit_userid: {get_input: rabbit_username}
aodh::rabbit_password: {get_input: rabbit_password}
aodh::rabbit_use_ssl: {get_input: rabbit_client_use_ssl}
aodh::rabbit_port: {get_input: rabbit_client_port}
aodh::debug: {get_input: debug}
aodh::wsgi::apache::ssl: false
aodh::wsgi::apache::bind_host: {get_input: aodh_api_network}
aodh::api::service_name: 'httpd'
aodh::api::host: {get_input: aodh_api_network}
aodh::api::keystone_password: {get_input: aodh_password}
aodh::api::keystone_auth_uri: {get_input: keystone_auth_uri}
aodh::api::keystone_identity_uri: {get_input: keystone_identity_uri}
aodh::auth::auth_url: {get_input: keystone_auth_uri}
aodh::auth::auth_password: {get_input: aodh_password}
aodh::db::mysql::password: {get_input: aodh_password}
# for a migration path from ceilometer-alarm to aodh, we use the same database & coordination
aodh::evaluator::coordination_url: {get_input: ceilometer_coordination_url}
aodh::keystone::auth::public_url: {get_input: aodh_public_url }
aodh::keystone::auth::internal_url: {get_input: aodh_internal_url }
aodh::keystone::auth::admin_url: {get_input: aodh_admin_url }
aodh::keystone::auth::password: {get_input: aodh_password }
aodh::keystone::auth::region: {get_input: keystone_region}
# Gnocchi
gnocchi::wsgi::apache::bind_host: {get_input: gnocchi_api_network}
gnocchi::api::host: {get_input: gnocchi_api_network}

5
puppet/hieradata/common.yaml
View File

@ -1,5 +0,0 @@
# Do not add hieradata in this file, and use composable services.
# TODO(emilien) move it to composable aodh roles later
aodh::auth::auth_region: 'regionOne'
aodh::auth::auth_tenant_name: 'service'

13
puppet/hieradata/controller.yaml
View File

@ -1,16 +1,3 @@
# Do not add hieradata in this file, and use composable services.
# TODO(emilien) move it to composable aodh roles later
aodh::api::keystone_tenant: 'service'
aodh::keystone::auth::tenant: 'service'
# TODO(emilien) move it to composable roles later
# Already WIP with https://review.openstack.org/330785
# and https://review.openstack.org/338527
tripleo::firewall::firewall_rules:
'128 aodh':
dport:
- 8042
- 13042
controller_classes: []

10
puppet/hieradata/database.yaml
View File

@ -1,10 +0,0 @@
# Do not add hieradata in this file, and use composable services.
# Aodh
# TODO(emilien) move it to composable aodh roles later
aodh::db::mysql::user: aodh
aodh::db::mysql::host: "%{hiera('mysql_virtual_ip')}"
aodh::db::mysql::dbname: aodh
aodh::db::mysql::allowed_hosts:
- '%'
- "%{hiera('mysql_bind_host')}"

21
puppet/manifests/overcloud_controller.pp
View File

@ -16,29 +16,8 @@
include ::tripleo::packages
include ::tripleo::firewall
if hiera('step') >= 2 {
# FIXME: this should only occur on the bootstrap host (ditto for db syncs)
# Create all the database schemas
include ::aodh::db::mysql
} #END STEP 2
if hiera('step') >= 4 {
# Aodh
class { '::aodh' :
database_connection => hiera('aodh_mysql_conn_string'),
}
include ::aodh::db::sync
include ::aodh::auth
include ::aodh::api
include ::aodh::wsgi::apache
include ::aodh::evaluator
include ::aodh::notifier
include ::aodh::listener
include ::aodh::client
hiera_include('controller_classes')
} #END STEP 4
$package_manifest_name = join(['/var/lib/tripleo/installed-packages/overcloud_controller', hiera('step')])

110
puppet/manifests/overcloud_controller_pacemaker.pp
View File

@ -13,16 +13,6 @@
# License for the specific language governing permissions and limitations
# under the License.
# TODO(jistr): use pcs resource provider instead of just no-ops
Service <|
tag == 'aodh-service'
|> {
hasrestart => true,
restart => '/bin/true',
start => '/bin/true',
stop => '/bin/true',
}
include ::tripleo::packages
include ::tripleo::firewall
@ -34,109 +24,9 @@ if $::hostname == downcase(hiera('bootstrap_nodeid')) {
$sync_db = false
}
if hiera('step') >= 2 {
if $pacemaker_master {
class { '::aodh::db::mysql':
require => Exec['galera-ready'],
}
}
} #END STEP 2
if hiera('step') >= 4 or ( hiera('step') >= 3 and $sync_db ) {
# Aodh
class { '::aodh' :
database_connection => hiera('aodh_mysql_conn_string'),
}
include ::aodh::config
include ::aodh::auth
include ::aodh::client
include ::aodh::wsgi::apache
class { '::aodh::api':
manage_service => false,
enabled => false,
service_name => 'httpd',
}
class { '::aodh::evaluator':
manage_service => false,
enabled => false,
}
class { '::aodh::notifier':
manage_service => false,
enabled => false,
}
class { '::aodh::listener':
manage_service => false,
enabled => false,
}
hiera_include('controller_classes')
} #END STEP 4
if hiera('step') >= 5 {
if $pacemaker_master {
# Fedora doesn't know `require-all` parameter for constraints yet
if $::operatingsystem == 'Fedora' {
$redis_aodh_constraint_params = undef
} else {
$redis_aodh_constraint_params = 'require-all=false'
}
pacemaker::constraint::base { 'redis-then-aodh-evaluator-constraint':
constraint_type => 'order',
first_resource => 'redis-master',
second_resource => "${::aodh::params::evaluator_service_name}-clone",
first_action => 'promote',
second_action => 'start',
constraint_params => $redis_aodh_constraint_params,
require => [Pacemaker::Resource::Ocf['redis'],
Pacemaker::Resource::Service[$::aodh::params::evaluator_service_name]],
}
# Aodh
pacemaker::resource::service { $::aodh::params::evaluator_service_name :
clone_params => 'interleave=true',
}
pacemaker::resource::service { $::aodh::params::notifier_service_name :
clone_params => 'interleave=true',
}
pacemaker::resource::service { $::aodh::params::listener_service_name :
clone_params => 'interleave=true',
}
pacemaker::constraint::base { 'aodh-evaluator-then-aodh-notifier-constraint':
constraint_type => 'order',
first_resource => "${::aodh::params::evaluator_service_name}-clone",
second_resource => "${::aodh::params::notifier_service_name}-clone",
first_action => 'start',
second_action => 'start',
require => [Pacemaker::Resource::Service[$::aodh::params::evaluator_service_name],
Pacemaker::Resource::Service[$::aodh::params::notifier_service_name]],
}
pacemaker::constraint::colocation { 'aodh-notifier-with-aodh-evaluator-colocation':
source => "${::aodh::params::notifier_service_name}-clone",
target => "${::aodh::params::evaluator_service_name}-clone",
score => 'INFINITY',
require => [Pacemaker::Resource::Service[$::aodh::params::evaluator_service_name],
Pacemaker::Resource::Service[$::aodh::params::notifier_service_name]],
}
pacemaker::constraint::base { 'aodh-evaluator-then-aodh-listener-constraint':
constraint_type => 'order',
first_resource => "${::aodh::params::evaluator_service_name}-clone",
second_resource => "${::aodh::params::listener_service_name}-clone",
first_action => 'start',
second_action => 'start',
require => [Pacemaker::Resource::Service[$::aodh::params::evaluator_service_name],
Pacemaker::Resource::Service[$::aodh::params::listener_service_name]],
}
pacemaker::constraint::colocation { 'aodh-listener-with-aodh-evaluator-colocation':
source => "${::aodh::params::listener_service_name}-clone",
target => "${::aodh::params::evaluator_service_name}-clone",
score => 'INFINITY',
require => [Pacemaker::Resource::Service[$::aodh::params::evaluator_service_name],
Pacemaker::Resource::Service[$::aodh::params::listener_service_name]],
}
}
} #END STEP 5
$package_manifest_name = join(['/var/lib/tripleo/installed-packages/overcloud_controller_pacemaker', hiera('step')])
package_manifest{$package_manifest_name: ensure => present}

37
puppet/services/aodh-api.yaml Normal file
View File

@ -0,0 +1,37 @@
heat_template_version: 2016-04-08
description: >
OpenStack Aodh API service configured with Puppet
parameters:
EndpointMap:
default: {}
description: Mapping of service endpoint -> protocol. Typically set
via parameter_defaults in the resource registry.
type: json
resources:
AodhBase:
type: ./aodh-base.yaml
properties:
EndpointMap: {get_param: EndpointMap}
outputs:
role_data:
description: Role data for the Aodh API service.
value:
service_name: aodh_api
config_settings:
map_merge:
- get_attr: [AodhBase, role_data, config_settings]
- aodh::wsgi::apache::ssl: false
aodh::api::service_name: 'httpd'
aodh::api::keystone_tenant: 'service'
- tripleo.aodh_api.firewall_rules:
'128 aodh-api':
dport:
- 8042
- 13042
step_config: |
include tripleo::profile::base::aodh::api

94
puppet/services/aodh-base.yaml Normal file
View File

@ -0,0 +1,94 @@
heat_template_version: 2016-04-08
description: >
OpenStack Aodh service configured with Puppet
parameters:
EndpointMap:
default: {}
description: Mapping of service endpoint -> protocol. Typically set
via parameter_defaults in the resource registry.
type: json
AodhPassword:
description: The password for the aodh services.
type: string
hidden: true
RedisPassword:
description: The password for the redis service account.
type: string
hidden: true
RabbitPassword:
description: The password for RabbitMQ
type: string
hidden: true
RabbitUserName:
default: guest
description: The username for RabbitMQ
type: string
RabbitClientUseSSL:
default: false
description: >
Rabbit client subscriber parameter to specify
an SSL connection to the RabbitMQ host.
type: string
RabbitClientPort:
default: 5672
description: Set rabbit subscriber port, change this if using SSL
type: number
Debug:
default: ''
description: Set to True to enable debugging on all services.
type: string
KeystoneRegion:
type: string
default: 'regionOne'
description: Keystone region for endpoint
outputs:
role_data:
description: Role data for the Aodh role.
value:
service_name: aodh_base
config_settings:
aodh::evaluator::coordination_url:
list_join:
- ''
- - 'redis://:'
- {get_param: RedisPassword}
- '@'
- "%{hiera('redis_vip')}"
- ':6379/'
aodh::db::database_connection:
list_join:
- ''
- - {get_param: [EndpointMap, MysqlInternal, protocol]}
- '://aodh:'
- {get_param: AodhPassword}
- '@'
- {get_param: [EndpointMap, MysqlInternal, host]}
- '/aodh'
aodh::debug: {get_param: Debug}
aodh::auth::auth_url: {get_param: [EndpointMap, KeystoneInternal, uri] }
aodh::rabbit_userid: {get_param: RabbitUserName}
aodh::rabbit_password: {get_param: RabbitPassword}
aodh::rabbit_use_ssl: {get_param: RabbitClientUseSSL}
aodh::rabbit_port: {get_param: RabbitClientPort}
aodh::api::keystone_password: {get_param: AodhPassword}
aodh::api::keystone_auth_uri: {get_param: [EndpointMap, KeystoneInternal, uri] }
aodh::api::keystone_identity_uri: { get_param: [EndpointMap, KeystoneAdmin, uri_no_suffix] }
aodh::auth::auth_password: {get_param: AodhPassword}
aodh::keystone::auth::public_url: {get_param: [EndpointMap, AodhPublic, uri]}
aodh::keystone::auth::internal_url: {get_param: [EndpointMap, AodhInternal, uri]}
aodh::keystone::auth::admin_url: {get_param: [EndpointMap, AodhAdmin, uri]}
aodh::keystone::auth::password: {get_param: AodhPassword}
aodh::keystone::auth::region: {get_param: KeystoneRegion}
aodh::keystone::auth::tenant: 'service'
aodh::db::mysql::user: aodh
aodh::db::mysql::password: {get_param: AodhPassword}
aodh::db::mysql::host: {get_param: [EndpointMap, MysqlNoBracketsInternal, host]}
aodh::db::mysql::dbname: aodh
aodh::db::mysql::allowed_hosts:
- '%'
- "%{hiera('mysql_bind_host')}"
aodh::auth::auth_region: 'regionOne'
aodh::auth::auth_tenant_name: 'service'

27
puppet/services/aodh-evaluator.yaml Normal file
View File

@ -0,0 +1,27 @@
heat_template_version: 2016-04-08
description: >
OpenStack Aodh Evaluator service configured with Puppet
parameters:
EndpointMap:
default: {}
description: Mapping of service endpoint -> protocol. Typically set
via parameter_defaults in the resource registry.
type: json
resources:
AodhBase:
type: ./aodh-base.yaml
properties:
EndpointMap: {get_param: EndpointMap}
outputs:
role_data:
description: Role data for the Aodh Evaluator service.
value:
service_name: aodh_evaluator
config_settings:
get_attr: [AodhBase, role_data, config_settings]
step_config: |
include tripleo::profile::base::aodh::evaluator

27
puppet/services/aodh-listener.yaml Normal file
View File

@ -0,0 +1,27 @@
heat_template_version: 2016-04-08
description: >
OpenStack Aodh Listener service configured with Puppet
parameters:
EndpointMap:
default: {}
description: Mapping of service endpoint -> protocol. Typically set
via parameter_defaults in the resource registry.
type: json
resources:
AodhBase:
type: ./aodh-base.yaml
properties:
EndpointMap: {get_param: EndpointMap}
outputs:
role_data:
description: Role data for the Aodh Listener service.
value:
service_name: aodh_listener
config_settings:
get_attr: [AodhBase, role_data, config_settings]
step_config: |
include tripleo::profile::base::aodh::listener

27
puppet/services/aodh-notifier.yaml Normal file
View File

@ -0,0 +1,27 @@
heat_template_version: 2016-04-08
description: >
OpenStack Aodh Notifier service configured with Puppet
parameters:
EndpointMap:
default: {}
description: Mapping of service endpoint -> protocol. Typically set
via parameter_defaults in the resource registry.
type: json
resources:
AodhBase:
type: ./aodh-base.yaml
properties:
EndpointMap: {get_param: EndpointMap}
outputs:
role_data:
description: Role data for the Aodh Notifier service.
value:
service_name: aodh_notifier
config_settings:
get_attr: [AodhBase, role_data, config_settings]
step_config: |
include tripleo::profile::base::aodh::notifier

3
puppet/swift-storage.yaml
View File

@ -250,7 +250,6 @@ resources:
- swift_devices_and_proxy # provided by SwiftDevicesAndProxyConfig
- all_nodes # provided by allNodesConfig
- '"%{::osfamily}"'
- common
- network
merge_behavior: deeper
datafiles:
@ -259,8 +258,6 @@ resources:
service_names: {get_param: ServiceNames}
service_configs:
mapped_data: {get_param: ServiceConfigSettings}
common:
raw_data: {get_file: hieradata/common.yaml}
network:
mapped_data:
net_ip_map: {get_attr: [NetIpMap, net_ip_map]}