openstack/tripleo-heat-templates
Code Issues Proposed changes

Merge "flatten sshd service configuration"

Browse Source
This commit is contained in:
Zuul 2019-01-08 06:50:54 +00:00 committed by Gerrit Code Review
commit 8f5fb5144d
6 changed files with 3 additions and 79 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

0
puppet/services/sshd.yaml → deployment/sshd/sshd-baremetal-puppet.yaml
View File

2
docker/services/nova-migration-target.yaml
View File

@ -71,7 +71,7 @@ resources:
type: ./containers-common.yaml type: ./containers-common.yaml
SshdBase: SshdBase:
type: ../../puppet/services/sshd.yaml type: ../../deployment/sshd/sshd-baremetal-puppet.yaml
properties: properties:
EndpointMap: {get_param: EndpointMap} EndpointMap: {get_param: EndpointMap}
ServiceNetMap: {get_param: ServiceNetMap} ServiceNetMap: {get_param: ServiceNetMap}

72
docker/services/sshd.yaml
View File

@ -1,72 +0,0 @@
heat_template_version: rocky
description: >
Configure sshd_config
parameters:
ServiceData:
default: {}
description: Dictionary packing service data
type: json
ServiceNetMap:
default: {}
description: Mapping of service_name -> network name. Typically set
via parameter_defaults in the resource registry. This
mapping overrides those in ServiceNetMapDefaults.
type: json
DefaultPasswords:
default: {}
type: json
RoleName:
default: ''
description: Role name on which the service is applied
type: string
RoleParameters:
default: {}
description: Parameters specific to the role
type: json
EndpointMap:
default: {}
description: Mapping of service endpoint -> protocol. Typically set
via parameter_defaults in the resource registry.
type: json
MigrationSshPort:
default: 2022
description: Target port for migration over ssh
type: number
conditions:
# During Ocata->Pike upgrade initially configure the ssh service on port 22
# to proxy migration commands to the containerized sshd on port 2022.
# When the upgrade converges we can switch migrations over to port 2022.
enable_migration_proxy:
equals:
- {get_param: MigrationSshPort}
- 22
resources:
SshdBase:
type: ../../puppet/services/sshd.yaml
properties:
EndpointMap: {get_param: EndpointMap}
ServiceNetMap: {get_param: ServiceNetMap}
DefaultPasswords: {get_param: DefaultPasswords}
RoleName: {get_param: RoleName}
RoleParameters: {get_param: RoleParameters}
outputs:
role_data:
description: Role data for the ssh
value:
service_name: sshd
config_settings: {get_attr: [SshdBase, role_data, config_settings]}
step_config:
list_join:
- "\n"
- - get_attr: [SshdBase, role_data, step_config]
- if:
- enable_migration_proxy
- |
include tripleo::profile::base::nova::migration::proxy
- ''

2
environments/baremetal-services.yaml
View File

@ -51,7 +51,7 @@ resource_registry:
OS::TripleO::Services::Qdr: OS::Heat::None OS::TripleO::Services::Qdr: OS::Heat::None
OS::TripleO::Services::RabbitMQ: ../puppet/services/rabbitmq.yaml OS::TripleO::Services::RabbitMQ: ../puppet/services/rabbitmq.yaml
OS::TripleO::Services::Redis: ../puppet/services/database/redis.yaml OS::TripleO::Services::Redis: ../puppet/services/database/redis.yaml
OS::TripleO::Services::Sshd: ../puppet/services/sshd.yaml OS::TripleO::Services::Sshd: ../deployment/sshd/sshd-baremetal-puppet.yaml
OS::TripleO::Services::SwiftDispersion: ../puppet/services/swift-dispersion.yaml OS::TripleO::Services::SwiftDispersion: ../puppet/services/swift-dispersion.yaml
OS::TripleO::Services::SwiftProxy: ../puppet/services/swift-proxy.yaml OS::TripleO::Services::SwiftProxy: ../puppet/services/swift-proxy.yaml
OS::TripleO::Services::SwiftRingBuilder: ../puppet/services/swift-ringbuilder.yaml OS::TripleO::Services::SwiftRingBuilder: ../puppet/services/swift-ringbuilder.yaml

2
overcloud-resource-registry-puppet.j2.yaml
View File

@ -189,7 +189,7 @@ resource_registry:
OS::TripleO::Services::Tuned: deployment/tuned/tuned-baremetal-puppet.yaml OS::TripleO::Services::Tuned: deployment/tuned/tuned-baremetal-puppet.yaml
OS::TripleO::Services::Securetty: OS::Heat::None OS::TripleO::Services::Securetty: OS::Heat::None
OS::TripleO::Services::SELinux: OS::Heat::None OS::TripleO::Services::SELinux: OS::Heat::None
OS::TripleO::Services::Sshd: docker/services/sshd.yaml OS::TripleO::Services::Sshd: deployment/sshd/sshd-baremetal-puppet.yaml
OS::TripleO::Services::Redis: docker/services/database/redis.yaml OS::TripleO::Services::Redis: docker/services/database/redis.yaml
OS::TripleO::Services::NovaApi: docker/services/nova-api.yaml OS::TripleO::Services::NovaApi: docker/services/nova-api.yaml
OS::TripleO::Services::NovaCompute: docker/services/nova-compute.yaml OS::TripleO::Services::NovaCompute: docker/services/nova-compute.yaml

4
tools/yaml-validate.py
View File

@ -228,8 +228,6 @@ PREFERRED_CAMEL_CASE = {
# If a filename is not found in the overrides then the top level directory is # If a filename is not found in the overrides then the top level directory is
# used to determine which validation method to use. # used to determine which validation method to use.
VALIDATE_PUPPET_OVERRIDE = { VALIDATE_PUPPET_OVERRIDE = {
# docker/service/sshd.yaml is a variation of the puppet sshd service
'./docker/services/sshd.yaml': True,
# docker/services/messaging/*.yaml provide oslo_messaging services # docker/services/messaging/*.yaml provide oslo_messaging services
'./docker/services/messaging/notify-rabbitmq-shared.yaml': False, './docker/services/messaging/notify-rabbitmq-shared.yaml': False,
'./docker/services/messaging/notify-rabbitmq.yaml': False, './docker/services/messaging/notify-rabbitmq.yaml': False,
@ -248,8 +246,6 @@ VALIDATE_PUPPET_OVERRIDE = {
} }
VALIDATE_DOCKER_OVERRIDE = { VALIDATE_DOCKER_OVERRIDE = {
# docker/service/sshd.yaml is a variation of the puppet sshd service
'./docker/services/sshd.yaml': False,
# docker/services/messaging/notify-rabbitmq-shared.yaml does not # docker/services/messaging/notify-rabbitmq-shared.yaml does not
# deploy container # deploy container
'./docker/services/messaging/notify-rabbitmq-shared.yaml': False, './docker/services/messaging/notify-rabbitmq-shared.yaml': False,