From a263da138fe575fef0dddb6db21782740b435b0f Mon Sep 17 00:00:00 2001 From: ramishra Date: Sat, 12 Jun 2021 14:45:30 +0530 Subject: [PATCH] Use merge strategy for EndpointMap Now someone can override individual endpoints like below in an environment: parameter_merge_strategies: EndpointMap: merge parameter_defaults: EndpointMap: AodhPublic: protocol: http port: 9999 host: 121.21.2.1 Closes-Bug: #1897592 Change-Id: Ibf2e0d183dd51421c4feb7467c3c01fb416d2965 --- .../ssl/no-tls-endpoints-public-ip.yaml | 82 ---- .../ssl/tls-endpoints-public-dns.yaml | 53 +-- environments/ssl/tls-endpoints-public-ip.yaml | 55 +-- .../ssl/tls-everywhere-endpoints-dns.yaml | 3 + network/endpoints/build_endpoint_map.py | 308 --------------- network/endpoints/endpoint_data.yaml | 353 ------------------ network/endpoints/endpoint_map.yaml | 314 +--------------- overcloud-resource-registry-puppet.j2.yaml | 80 ++++ ...trategy-endpoint-map-83b8321c72421fd6.yaml | 11 + sample-env-generator/ssl.yaml | 206 +--------- tools/merge-new-params-nic-config-script.py | 2 - tools/yaml-validate.py | 66 ---- tox.ini | 1 - .../environment_generator.py | 4 + 14 files changed, 112 insertions(+), 1426 deletions(-) delete mode 100755 network/endpoints/build_endpoint_map.py delete mode 100644 network/endpoints/endpoint_data.yaml create mode 100644 releasenotes/notes/parameter-merge-strategy-endpoint-map-83b8321c72421fd6.yaml diff --git a/environments/ssl/no-tls-endpoints-public-ip.yaml b/environments/ssl/no-tls-endpoints-public-ip.yaml index b9bec2f0b7..cfade84769 100644 --- a/environments/ssl/no-tls-endpoints-public-ip.yaml +++ b/environments/ssl/no-tls-endpoints-public-ip.yaml @@ -12,85 +12,3 @@ parameter_defaults: # Whether to enable TLS on the public interface or not. # Type: boolean EnablePublicTLS: False - - # Mapping of service endpoint -> protocol. Typically set via parameter_defaults in the resource registry. - # Type: json - EndpointMap: - AodhAdmin: {protocol: http, port: '8042', host: IP_ADDRESS} - AodhInternal: {protocol: http, port: '8042', host: IP_ADDRESS} - AodhPublic: {protocol: http, port: '8042', host: IP_ADDRESS} - BarbicanAdmin: {protocol: http, port: '9311', host: IP_ADDRESS} - BarbicanInternal: {protocol: http, port: '9311', host: IP_ADDRESS} - BarbicanPublic: {protocol: http, port: '9311', host: IP_ADDRESS} - CephDashboardInternal: {protocol: http, port: '8444', host: IP_ADDRESS} - CephGrafanaInternal: {protocol: http, port: '3100', host: IP_ADDRESS} - CephRgwAdmin: {protocol: http, port: '8080', host: IP_ADDRESS} - CephRgwInternal: {protocol: http, port: '8080', host: IP_ADDRESS} - CephRgwPublic: {protocol: http, port: '8080', host: IP_ADDRESS} - CinderAdmin: {protocol: http, port: '8776', host: IP_ADDRESS} - CinderInternal: {protocol: http, port: '8776', host: IP_ADDRESS} - CinderPublic: {protocol: http, port: '8776', host: IP_ADDRESS} - DesignateAdmin: {protocol: 'http', port: '9001', host: IP_ADDRESS} - DesignateInternal: {protocol: 'http', port: '9001', host: IP_ADDRESS} - DesignatePublic: {protocol: 'http', port: '9001', host: IP_ADDRESS} - DockerRegistryInternal: {protocol: http, port: '8787', host: IP_ADDRESS} - GaneshaInternal: {protocol: nfs, port: '2049', host: IP_ADDRESS} - GlanceAdmin: {protocol: http, port: '9292', host: IP_ADDRESS} - GlanceInternal: {protocol: http, port: '9292', host: IP_ADDRESS} - GlancePublic: {protocol: http, port: '9292', host: IP_ADDRESS} - GnocchiAdmin: {protocol: http, port: '8041', host: IP_ADDRESS} - GnocchiInternal: {protocol: http, port: '8041', host: IP_ADDRESS} - GnocchiPublic: {protocol: http, port: '8041', host: IP_ADDRESS} - HeatAdmin: {protocol: http, port: '8004', host: IP_ADDRESS} - HeatInternal: {protocol: http, port: '8004', host: IP_ADDRESS} - HeatPublic: {protocol: http, port: '8004', host: IP_ADDRESS} - HeatCfnAdmin: {protocol: http, port: '8000', host: IP_ADDRESS} - HeatCfnInternal: {protocol: http, port: '8000', host: IP_ADDRESS} - HeatCfnPublic: {protocol: http, port: '8000', host: IP_ADDRESS} - HorizonPublic: {protocol: http, port: '80', host: IP_ADDRESS} - IronicAdmin: {protocol: http, port: '6385', host: IP_ADDRESS} - IronicInternal: {protocol: http, port: '6385', host: IP_ADDRESS} - IronicPublic: {protocol: http, port: '6385', host: IP_ADDRESS} - IronicInspectorAdmin: {protocol: http, port: '5050', host: IP_ADDRESS} - IronicInspectorInternal: {protocol: http, port: '5050', host: IP_ADDRESS} - IronicInspectorPublic: {protocol: http, port: '5050', host: IP_ADDRESS} - KeystoneAdmin: {protocol: http, port: '35357', host: IP_ADDRESS} - KeystoneInternal: {protocol: http, port: '5000', host: IP_ADDRESS} - KeystonePublic: {protocol: http, port: '5000', host: IP_ADDRESS} - ManilaAdmin: {protocol: http, port: '8786', host: IP_ADDRESS} - ManilaInternal: {protocol: http, port: '8786', host: IP_ADDRESS} - ManilaPublic: {protocol: http, port: '8786', host: IP_ADDRESS} - MetricsQdrPublic: {protocol: 'amqp', port: '5666', host: IP_ADDRESS} - MistralAdmin: {protocol: http, port: '8989', host: IP_ADDRESS} - MistralInternal: {protocol: http, port: '8989', host: IP_ADDRESS} - MistralPublic: {protocol: http, port: '8989', host: IP_ADDRESS} - MysqlInternal: {protocol: mysql+pymysql, port: '3306', host: IP_ADDRESS} - NeutronAdmin: {protocol: http, port: '9696', host: IP_ADDRESS} - NeutronInternal: {protocol: http, port: '9696', host: IP_ADDRESS} - NeutronPublic: {protocol: http, port: '9696', host: IP_ADDRESS} - NovaAdmin: {protocol: http, port: '8774', host: IP_ADDRESS} - NovaInternal: {protocol: http, port: '8774', host: IP_ADDRESS} - NovaPublic: {protocol: http, port: '8774', host: IP_ADDRESS} - NovajoinAdmin: {protocol: http, port: '9090', host: IP_ADDRESS} - NovajoinInternal: {protocol: http, port: '9090', host: IP_ADDRESS} - NovajoinPublic: {protocol: http, port: '9090', host: IP_ADDRESS} - NovaMetadataInternal: {protocol: http, port: '8775', host: IP_ADDRESS} - PlacementAdmin: {protocol: http, port: '8778', host: IP_ADDRESS} - PlacementInternal: {protocol: http, port: '8778', host: IP_ADDRESS} - PlacementPublic: {protocol: http, port: '8778', host: IP_ADDRESS} - NovaVNCProxyAdmin: {protocol: http, port: '6080', host: IP_ADDRESS} - NovaVNCProxyInternal: {protocol: http, port: '6080', host: IP_ADDRESS} - NovaVNCProxyPublic: {protocol: http, port: '6080', host: IP_ADDRESS} - OctaviaAdmin: {protocol: http, port: '9876', host: IP_ADDRESS} - OctaviaInternal: {protocol: http, port: '9876', host: IP_ADDRESS} - OctaviaPublic: {protocol: http, port: '9876', host: IP_ADDRESS} - SwiftAdmin: {protocol: http, port: '8080', host: IP_ADDRESS} - SwiftInternal: {protocol: http, port: '8080', host: IP_ADDRESS} - SwiftPublic: {protocol: http, port: '8080', host: IP_ADDRESS} - ZaqarAdmin: {protocol: http, port: '8888', host: IP_ADDRESS} - ZaqarInternal: {protocol: http, port: '8888', host: IP_ADDRESS} - ZaqarPublic: {protocol: http, port: '8888', host: IP_ADDRESS} - ZaqarWebSocketAdmin: {protocol: ws, port: '9000', host: IP_ADDRESS} - ZaqarWebSocketInternal: {protocol: ws, port: '9000', host: IP_ADDRESS} - ZaqarWebSocketPublic: {protocol: ws, port: '9000', host: IP_ADDRESS} - diff --git a/environments/ssl/tls-endpoints-public-dns.yaml b/environments/ssl/tls-endpoints-public-dns.yaml index 80cbe10888..d7bfc49c47 100644 --- a/environments/ssl/tls-endpoints-public-dns.yaml +++ b/environments/ssl/tls-endpoints-public-dns.yaml @@ -8,85 +8,38 @@ # description: | # Use this environment when deploying an SSL-enabled overcloud where the public # endpoint is a DNS name. +parameter_merge_strategies: + EndpointMap: merge + parameter_defaults: # Mapping of service endpoint -> protocol. Typically set via parameter_defaults in the resource registry. # Type: json EndpointMap: - AodhAdmin: {protocol: 'http', port: '8042', host: 'IP_ADDRESS'} - AodhInternal: {protocol: 'http', port: '8042', host: 'IP_ADDRESS'} AodhPublic: {protocol: 'https', port: '13042', host: 'CLOUDNAME'} - BarbicanAdmin: {protocol: 'http', port: '9311', host: 'IP_ADDRESS'} - BarbicanInternal: {protocol: 'http', port: '9311', host: 'IP_ADDRESS'} BarbicanPublic: {protocol: 'https', port: '13311', host: 'CLOUDNAME'} CephDashboardInternal: {protocol: 'https', port: '8444', host: 'CLOUDNAME'} CephGrafanaInternal: {protocol: 'https', port: '3100', host: 'CLOUDNAME'} - CephRgwAdmin: {protocol: 'http', port: '8080', host: 'IP_ADDRESS'} - CephRgwInternal: {protocol: 'http', port: '8080', host: 'IP_ADDRESS'} CephRgwPublic: {protocol: 'https', port: '13808', host: 'CLOUDNAME'} - CinderAdmin: {protocol: 'http', port: '8776', host: 'IP_ADDRESS'} - CinderInternal: {protocol: 'http', port: '8776', host: 'IP_ADDRESS'} CinderPublic: {protocol: 'https', port: '13776', host: 'CLOUDNAME'} - DesignateAdmin: {protocol: 'http', port: '9001', host: 'IP_ADDRESS'} - DesignateInternal: {protocol: 'http', port: '9001', host: 'IP_ADDRESS'} DesignatePublic: {protocol: 'https', port: '13001', host: 'CLOUDNAME'} DockerRegistryInternal: {protocol: 'https', port: '8787', host: 'CLOUDNAME'} - GaneshaInternal: {protocol: 'nfs', port: '2049', host: 'IP_ADDRESS'} - GlanceAdmin: {protocol: 'http', port: '9292', host: 'IP_ADDRESS'} - GlanceInternal: {protocol: 'http', port: '9292', host: 'IP_ADDRESS'} GlancePublic: {protocol: 'https', port: '13292', host: 'CLOUDNAME'} - GnocchiAdmin: {protocol: 'http', port: '8041', host: 'IP_ADDRESS'} - GnocchiInternal: {protocol: 'http', port: '8041', host: 'IP_ADDRESS'} GnocchiPublic: {protocol: 'https', port: '13041', host: 'CLOUDNAME'} - HeatAdmin: {protocol: 'http', port: '8004', host: 'IP_ADDRESS'} - HeatInternal: {protocol: 'http', port: '8004', host: 'IP_ADDRESS'} HeatPublic: {protocol: 'https', port: '13004', host: 'CLOUDNAME'} - HeatCfnAdmin: {protocol: 'http', port: '8000', host: 'IP_ADDRESS'} - HeatCfnInternal: {protocol: 'http', port: '8000', host: 'IP_ADDRESS'} HeatCfnPublic: {protocol: 'https', port: '13005', host: 'CLOUDNAME'} HorizonPublic: {protocol: 'https', port: '443', host: 'CLOUDNAME'} - IronicAdmin: {protocol: 'http', port: '6385', host: 'IP_ADDRESS'} - IronicInternal: {protocol: 'http', port: '6385', host: 'IP_ADDRESS'} IronicPublic: {protocol: 'https', port: '13385', host: 'CLOUDNAME'} - IronicInspectorAdmin: {protocol: 'http', port: '5050', host: 'IP_ADDRESS'} - IronicInspectorInternal: {protocol: 'http', port: '5050', host: 'IP_ADDRESS'} IronicInspectorPublic: {protocol: 'https', port: '13050', host: 'CLOUDNAME'} - KeystoneAdmin: {protocol: 'http', port: '35357', host: 'IP_ADDRESS'} - KeystoneInternal: {protocol: 'http', port: '5000', host: 'IP_ADDRESS'} KeystonePublic: {protocol: 'https', port: '13000', host: 'CLOUDNAME'} - ManilaAdmin: {protocol: 'http', port: '8786', host: 'IP_ADDRESS'} - ManilaInternal: {protocol: 'http', port: '8786', host: 'IP_ADDRESS'} ManilaPublic: {protocol: 'https', port: '13786', host: 'CLOUDNAME'} MetricsQdrPublic: {protocol: 'amqp', port: '5666', host: 'CLOUDNAME'} - MistralAdmin: {protocol: 'http', port: '8989', host: 'IP_ADDRESS'} - MistralInternal: {protocol: 'http', port: '8989', host: 'IP_ADDRESS'} MistralPublic: {protocol: 'https', port: '13989', host: 'CLOUDNAME'} - MysqlInternal: {protocol: 'mysql+pymysql', port: '3306', host: 'IP_ADDRESS'} - NeutronAdmin: {protocol: 'http', port: '9696', host: 'IP_ADDRESS'} - NeutronInternal: {protocol: 'http', port: '9696', host: 'IP_ADDRESS'} NeutronPublic: {protocol: 'https', port: '13696', host: 'CLOUDNAME'} - NovaAdmin: {protocol: 'http', port: '8774', host: 'IP_ADDRESS'} - NovaInternal: {protocol: 'http', port: '8774', host: 'IP_ADDRESS'} NovaPublic: {protocol: 'https', port: '13774', host: 'CLOUDNAME'} - NovajoinAdmin: {protocol: 'http', port: '9090', host: 'IP_ADDRESS'} - NovajoinInternal: {protocol: 'http', port: '9090', host: 'IP_ADDRESS'} NovajoinPublic: {protocol: 'https', port: '13090', host: 'CLOUDNAME'} - NovaMetadataInternal: {protocol: 'https', port: '8775', host: 'IP_ADDRESS'} - PlacementAdmin: {protocol: 'http', port: '8778', host: 'IP_ADDRESS'} - PlacementInternal: {protocol: 'http', port: '8778', host: 'IP_ADDRESS'} PlacementPublic: {protocol: 'https', port: '13778', host: 'CLOUDNAME'} - NovaVNCProxyAdmin: {protocol: 'http', port: '6080', host: 'IP_ADDRESS'} - NovaVNCProxyInternal: {protocol: 'http', port: '6080', host: 'IP_ADDRESS'} NovaVNCProxyPublic: {protocol: 'https', port: '13080', host: 'CLOUDNAME'} - OctaviaAdmin: {protocol: 'http', port: '9876', host: 'IP_ADDRESS'} - OctaviaInternal: {protocol: 'http', port: '9876', host: 'IP_ADDRESS'} OctaviaPublic: {protocol: 'https', port: '13876', host: 'CLOUDNAME'} - SwiftAdmin: {protocol: 'http', port: '8080', host: 'IP_ADDRESS'} - SwiftInternal: {protocol: 'http', port: '8080', host: 'IP_ADDRESS'} SwiftPublic: {protocol: 'https', port: '13808', host: 'CLOUDNAME'} - ZaqarAdmin: {protocol: 'http', port: '8888', host: 'IP_ADDRESS'} - ZaqarInternal: {protocol: 'http', port: '8888', host: 'IP_ADDRESS'} ZaqarPublic: {protocol: 'https', port: '13888', host: 'CLOUDNAME'} - ZaqarWebSocketAdmin: {protocol: 'ws', port: '9000', host: 'IP_ADDRESS'} - ZaqarWebSocketInternal: {protocol: 'ws', port: '9000', host: 'IP_ADDRESS'} ZaqarWebSocketPublic: {protocol: 'wss', port: '3000', host: 'CLOUDNAME'} - diff --git a/environments/ssl/tls-endpoints-public-ip.yaml b/environments/ssl/tls-endpoints-public-ip.yaml index 7a55278449..6609d95193 100644 --- a/environments/ssl/tls-endpoints-public-ip.yaml +++ b/environments/ssl/tls-endpoints-public-ip.yaml @@ -8,85 +8,38 @@ # description: | # Use this environment when deploying an SSL-enabled overcloud where the public # endpoint is an IP address. +parameter_merge_strategies: + EndpointMap: merge + parameter_defaults: # Mapping of service endpoint -> protocol. Typically set via parameter_defaults in the resource registry. # Type: json EndpointMap: - AodhAdmin: {protocol: 'http', port: '8042', host: 'IP_ADDRESS'} - AodhInternal: {protocol: 'http', port: '8042', host: 'IP_ADDRESS'} AodhPublic: {protocol: 'https', port: '13042', host: 'IP_ADDRESS'} - BarbicanAdmin: {protocol: 'http', port: '9311', host: 'IP_ADDRESS'} - BarbicanInternal: {protocol: 'http', port: '9311', host: 'IP_ADDRESS'} BarbicanPublic: {protocol: 'https', port: '13311', host: 'IP_ADDRESS'} + CephRgwPublic: {protocol: 'https', port: '13808', host: 'IP_ADDRESS'} CephDashboardInternal: {protocol: 'https', port: '8444', host: 'IP_ADDRESS'} CephGrafanaInternal: {protocol: 'https', port: '3100', host: 'IP_ADDRESS'} - CephRgwAdmin: {protocol: 'http', port: '8080', host: 'IP_ADDRESS'} - CephRgwInternal: {protocol: 'http', port: '8080', host: 'IP_ADDRESS'} - CephRgwPublic: {protocol: 'https', port: '13808', host: 'IP_ADDRESS'} - CinderAdmin: {protocol: 'http', port: '8776', host: 'IP_ADDRESS'} - CinderInternal: {protocol: 'http', port: '8776', host: 'IP_ADDRESS'} CinderPublic: {protocol: 'https', port: '13776', host: 'IP_ADDRESS'} - DesignateAdmin: {protocol: 'http', port: '9001', host: 'IP_ADDRESS'} - DesignateInternal: {protocol: 'http', port: '9001', host: 'IP_ADDRESS'} DesignatePublic: {protocol: 'https', port: '13001', host: 'IP_ADDRESS'} DockerRegistryInternal: {protocol: 'https', port: '8787', host: 'IP_ADDRESS'} - GaneshaInternal: {protocol: 'nfs', port: '2049', host: 'IP_ADDRESS'} - GlanceAdmin: {protocol: 'http', port: '9292', host: 'IP_ADDRESS'} - GlanceInternal: {protocol: 'http', port: '9292', host: 'IP_ADDRESS'} GlancePublic: {protocol: 'https', port: '13292', host: 'IP_ADDRESS'} - GnocchiAdmin: {protocol: 'http', port: '8041', host: 'IP_ADDRESS'} - GnocchiInternal: {protocol: 'http', port: '8041', host: 'IP_ADDRESS'} GnocchiPublic: {protocol: 'https', port: '13041', host: 'IP_ADDRESS'} - HeatAdmin: {protocol: 'http', port: '8004', host: 'IP_ADDRESS'} - HeatInternal: {protocol: 'http', port: '8004', host: 'IP_ADDRESS'} HeatPublic: {protocol: 'https', port: '13004', host: 'IP_ADDRESS'} - HeatCfnAdmin: {protocol: 'http', port: '8000', host: 'IP_ADDRESS'} - HeatCfnInternal: {protocol: 'http', port: '8000', host: 'IP_ADDRESS'} HeatCfnPublic: {protocol: 'https', port: '13005', host: 'IP_ADDRESS'} HorizonPublic: {protocol: 'https', port: '443', host: 'IP_ADDRESS'} - IronicAdmin: {protocol: 'http', port: '6385', host: 'IP_ADDRESS'} - IronicInternal: {protocol: 'http', port: '6385', host: 'IP_ADDRESS'} IronicPublic: {protocol: 'https', port: '13385', host: 'IP_ADDRESS'} - IronicInspectorAdmin: {protocol: 'http', port: '5050', host: 'IP_ADDRESS'} - IronicInspectorInternal: {protocol: 'http', port: '5050', host: 'IP_ADDRESS'} IronicInspectorPublic: {protocol: 'https', port: '13050', host: 'IP_ADDRESS'} - KeystoneAdmin: {protocol: 'http', port: '35357', host: 'IP_ADDRESS'} - KeystoneInternal: {protocol: 'http', port: '5000', host: 'IP_ADDRESS'} KeystonePublic: {protocol: 'https', port: '13000', host: 'IP_ADDRESS'} - ManilaAdmin: {protocol: 'http', port: '8786', host: 'IP_ADDRESS'} - ManilaInternal: {protocol: 'http', port: '8786', host: 'IP_ADDRESS'} ManilaPublic: {protocol: 'https', port: '13786', host: 'IP_ADDRESS'} - MetricsQdrPublic: {protocol: 'amqp', port: '5666', host: 'IP_ADDRESS'} - MistralAdmin: {protocol: 'http', port: '8989', host: 'IP_ADDRESS'} - MistralInternal: {protocol: 'http', port: '8989', host: 'IP_ADDRESS'} MistralPublic: {protocol: 'https', port: '13989', host: 'IP_ADDRESS'} - MysqlInternal: {protocol: 'mysql+pymysql', port: '3306', host: 'IP_ADDRESS'} - NeutronAdmin: {protocol: 'http', port: '9696', host: 'IP_ADDRESS'} - NeutronInternal: {protocol: 'http', port: '9696', host: 'IP_ADDRESS'} NeutronPublic: {protocol: 'https', port: '13696', host: 'IP_ADDRESS'} - NovaAdmin: {protocol: 'http', port: '8774', host: 'IP_ADDRESS'} - NovaInternal: {protocol: 'http', port: '8774', host: 'IP_ADDRESS'} NovaPublic: {protocol: 'https', port: '13774', host: 'IP_ADDRESS'} - NovajoinAdmin: {protocol: 'http', port: '9090', host: 'IP_ADDRESS'} - NovajoinInternal: {protocol: 'http', port: '9090', host: 'IP_ADDRESS'} NovajoinPublic: {protocol: 'https', port: '13090', host: 'IP_ADDRESS'} NovaMetadataInternal: {protocol: 'https', port: '8775', host: 'IP_ADDRESS'} - PlacementAdmin: {protocol: 'http', port: '8778', host: 'IP_ADDRESS'} - PlacementInternal: {protocol: 'http', port: '8778', host: 'IP_ADDRESS'} PlacementPublic: {protocol: 'https', port: '13778', host: 'IP_ADDRESS'} - NovaVNCProxyAdmin: {protocol: 'http', port: '6080', host: 'IP_ADDRESS'} - NovaVNCProxyInternal: {protocol: 'http', port: '6080', host: 'IP_ADDRESS'} NovaVNCProxyPublic: {protocol: 'https', port: '13080', host: 'IP_ADDRESS'} - OctaviaAdmin: {protocol: 'http', port: '9876', host: 'IP_ADDRESS'} - OctaviaInternal: {protocol: 'http', port: '9876', host: 'IP_ADDRESS'} OctaviaPublic: {protocol: 'https', port: '13876', host: 'IP_ADDRESS'} - SwiftAdmin: {protocol: 'http', port: '8080', host: 'IP_ADDRESS'} - SwiftInternal: {protocol: 'http', port: '8080', host: 'IP_ADDRESS'} SwiftPublic: {protocol: 'https', port: '13808', host: 'IP_ADDRESS'} - ZaqarAdmin: {protocol: 'http', port: '8888', host: 'IP_ADDRESS'} - ZaqarInternal: {protocol: 'http', port: '8888', host: 'IP_ADDRESS'} ZaqarPublic: {protocol: 'https', port: '13888', host: 'IP_ADDRESS'} - ZaqarWebSocketAdmin: {protocol: 'ws', port: '9000', host: 'IP_ADDRESS'} - ZaqarWebSocketInternal: {protocol: 'ws', port: '9000', host: 'IP_ADDRESS'} ZaqarWebSocketPublic: {protocol: 'wss', port: '3000', host: 'IP_ADDRESS'} - diff --git a/environments/ssl/tls-everywhere-endpoints-dns.yaml b/environments/ssl/tls-everywhere-endpoints-dns.yaml index 37c77fcfe8..4657b4b515 100644 --- a/environments/ssl/tls-everywhere-endpoints-dns.yaml +++ b/environments/ssl/tls-everywhere-endpoints-dns.yaml @@ -8,6 +8,9 @@ # description: | # Use this environment when deploying an overcloud where all the endpoints are # DNS names and there's TLS in all endpoint types. +parameter_merge_strategies: + EndpointMap: merge + parameter_defaults: # Mapping of service endpoint -> protocol. Typically set via parameter_defaults in the resource registry. # Type: json diff --git a/network/endpoints/build_endpoint_map.py b/network/endpoints/build_endpoint_map.py deleted file mode 100755 index 2d1c8ea14b..0000000000 --- a/network/endpoints/build_endpoint_map.py +++ /dev/null @@ -1,308 +0,0 @@ -#!/usr/bin/env python -# Licensed under the Apache License, Version 2.0 (the "License"); you may -# not use this file except in compliance with the License. You may obtain -# a copy of the License at -# -# http://www.apache.org/licenses/LICENSE-2.0 -# -# Unless required by applicable law or agreed to in writing, software -# distributed under the License is distributed on an "AS IS" BASIS, WITHOUT -# WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the -# License for the specific language governing permissions and limitations -# under the License. - -""" -Generate the endpoint_map.yaml template from data in the endpoint_data.yaml -file. - -By default the files in the same directory as this script are operated on, but -different files can be optionally specified on the command line. - -The --check option verifies that the current output file is up-to-date with the -latest data in the input file. The script exits with status code 2 if a -mismatch is detected. -""" -import collections -import copy -import itertools -import os -import sys -import yaml - - -__all__ = ['load_endpoint_data', 'generate_endpoint_map_template', - 'write_template', 'build_endpoint_map', 'check_up_to_date'] - -(IN_FILE, OUT_FILE) = ('endpoint_data.yaml', 'endpoint_map.yaml') - -SUBST = (SUBST_IP_ADDRESS, SUBST_CLOUDNAME) = ('IP_ADDRESS', 'CLOUDNAME') -PARAMS = (PARAM_CLOUD_ENDPOINTS, PARAM_ENDPOINTMAP, PARAM_NETIPMAP, - PARAM_SERVICENETMAP) = ( - 'CloudEndpoints', 'EndpointMap', 'NetIpMap', 'ServiceNetMap') -FIELDS = (F_PORT, F_PROTOCOL, F_HOST) = ('port', 'protocol', 'host') - -ENDPOINT_TYPES = frozenset(['Internal', 'Public', 'Admin']) - - -def get_file(default_fn, override=None, writable=False): - if override == '-': - if writable: - return sys.stdout - else: - return sys.stdin - - if override is not None: - filename = override - else: - filename = os.path.join(os.path.dirname(__file__), default_fn) - - return open(filename, 'w' if writable else 'r') - - -def load_endpoint_data(infile=None): - with get_file(IN_FILE, infile) as f: - return yaml.safe_load(f) - - -def net_param_name(endpoint_type_defn): - return endpoint_type_defn['net_param'] + 'Network' - - -def endpoint_map_default(config): - def map_item(ep_name, ep_type, svc): - values = collections.OrderedDict([ - (F_PROTOCOL, str(svc[ep_type].get(F_PROTOCOL, - svc.get(F_PROTOCOL, 'http')))), - (F_PORT, str(svc[ep_type].get(F_PORT, svc[F_PORT]))), - (F_HOST, SUBST_IP_ADDRESS), - ]) - return ep_name + ep_type, values - - return collections.OrderedDict(map_item(ep_name, ep_type, svc) - for ep_name, svc in sorted(config.items()) - for ep_type in sorted(set(svc) & - ENDPOINT_TYPES)) - - -def make_parameter(ptype, default, description=None): - param = collections.OrderedDict([('type', ptype), ('default', default)]) - if description is not None: - param['description'] = description - return param - - -def template_parameters(config): - params = collections.OrderedDict() - params[PARAM_NETIPMAP] = make_parameter('json', {}, 'The Net IP map') - params[PARAM_SERVICENETMAP] = make_parameter('json', {}, - 'The Service Net map') - params[PARAM_ENDPOINTMAP] = make_parameter('json', - endpoint_map_default(config), - 'Mapping of service endpoint ' - '-> protocol. Typically set ' - 'via parameter_defaults in the ' - 'resource registry.') - - params[PARAM_CLOUD_ENDPOINTS] = make_parameter( - 'json', - {}, - ('A map containing the DNS names for the different endpoints ' - '(external, internal_api, etc.)')) - return params - - -def template_output_definition(endpoint_name, - endpoint_variant, - endpoint_type, - net_param, - uri_suffix=None, - name_override=None): - def extract_field(field): - assert field in FIELDS - return {'get_param': ['EndpointMap', - endpoint_name + endpoint_type, - copy.copy(field)]} - - port = extract_field(F_PORT) - protocol = extract_field(F_PROTOCOL) - host_nobrackets = { - 'str_replace': collections.OrderedDict([ - ('template', extract_field(F_HOST)), - ('params', { - SUBST_IP_ADDRESS: {'get_param': - ['NetIpMap', - {'get_param': ['ServiceNetMap', - net_param]}]}, - SUBST_CLOUDNAME: {'get_param': - [PARAM_CLOUD_ENDPOINTS, - {'get_param': ['ServiceNetMap', - net_param]}]}, - }) - ]) - } - host = { - 'str_replace': collections.OrderedDict([ - ('template', extract_field(F_HOST)), - ('params', { - SUBST_IP_ADDRESS: {'get_param': - ['NetIpMap', - {'str_replace': - {'template': 'NETWORK_uri', - 'params': {'NETWORK': - {'get_param': ['ServiceNetMap', - net_param]}}}}]}, - SUBST_CLOUDNAME: {'get_param': - [PARAM_CLOUD_ENDPOINTS, - {'get_param': ['ServiceNetMap', - net_param]}]}, - }) - ]) - } - uri_no_path = { - 'make_url': collections.OrderedDict([ - ('scheme', protocol), - ('host', copy.deepcopy(host)), - ('port', port) - ]) - } - uri_with_path = copy.deepcopy(uri_no_path) - if uri_suffix is not None: - path, pc, suffix = uri_suffix.partition('%') - uri_with_path['make_url']['path'] = path - if pc: - uri_with_path = {'list_join': ['', [uri_with_path, pc + suffix]]} - - name = name_override if name_override is not None else (endpoint_name + - endpoint_variant + - endpoint_type) - - return name, { - 'host_nobrackets': host_nobrackets, - 'host': host, - 'port': extract_field('port'), - 'protocol': extract_field('protocol'), - 'uri': uri_with_path, - 'uri_no_suffix': uri_no_path, - } - - -def template_endpoint_items(config): - def get_svc_endpoints(ep_name, svc): - for ep_type in set(svc) & ENDPOINT_TYPES: - defn = svc[ep_type] - for variant, suffix in defn.get('uri_suffixes', - {'': None}).items(): - name_override = defn.get('names', {}).get(variant) - yield template_output_definition(ep_name, variant, ep_type, - net_param_name(defn), - suffix, - name_override) - return itertools.chain.from_iterable(sorted(get_svc_endpoints(ep_name, - svc)) - for (ep_name, - svc) in sorted(config.items())) - - -def generate_endpoint_map_template(config): - return collections.OrderedDict([ - ('heat_template_version', 'wallaby'), - ('description', 'A map of OpenStack endpoints. Since the endpoints ' - 'are URLs, we need to have brackets around IPv6 IP addresses. The ' - 'inputs to these parameters come from net_ip_uri_map, which will ' - 'include these brackets in IPv6 addresses.'), - ('parameters', template_parameters(config)), - ('outputs', { - 'endpoint_map': { - 'value': - collections.OrderedDict(template_endpoint_items(config)) - } - }), - ]) - - -autogen_warning = """### DO NOT MODIFY THIS FILE -### This file is automatically generated from endpoint_data.yaml -### by the script build_endpoint_map.py - -""" - - -class TemplateDumper(yaml.SafeDumper): - def represent_ordered_dict(self, data): - return self.represent_dict(data.items()) - - -TemplateDumper.add_representer(collections.OrderedDict, - TemplateDumper.represent_ordered_dict) - - -def write_template(template, filename=None): - with get_file(OUT_FILE, filename, writable=True) as f: - f.write(autogen_warning) - yaml.dump(template, f, TemplateDumper, width=68) - - -def read_template(template, filename=None): - with get_file(OUT_FILE, filename) as f: - return yaml.safe_load(f) - - -def build_endpoint_map(output_filename=None, input_filename=None): - if output_filename is not None and output_filename == input_filename: - raise Exception('Cannot read from and write to the same file') - config = load_endpoint_data(input_filename) - template = generate_endpoint_map_template(config) - write_template(template, output_filename) - - -def check_up_to_date(output_filename=None, input_filename=None): - if output_filename is not None and output_filename == input_filename: - raise Exception('Input and output filenames must be different') - config = load_endpoint_data(input_filename) - template = generate_endpoint_map_template(config) - existing_template = read_template(output_filename) - return existing_template == template - - -def get_options(): - import argparse - - parser = argparse.ArgumentParser( - usage="%(prog)s [-i INPUT_FILE] [-o OUTPUT_FILE] [--check]", - description=__doc__) - parser.add_argument('-i', '--input', dest='input_file', action='store', - default=None, - help='Specify a different endpoint data file') - parser.add_argument('-o', '--output', dest='output_file', action='store', - default=None, - help='Specify a different endpoint map template file') - parser.add_argument('-c', '--check', dest='check', action='store_true', - default=False, help='Check that the output file is ' - 'up to date with the data') - parser.add_argument('-d', '--debug', dest='debug', action='store_true', - default=False, help='Print stack traces on error') - - return parser.parse_args() - - -def main(): - args = get_options() - - try: - if args.check: - if not check_up_to_date(args.output_file, args.input_file): - print('EndpointMap template does not match input data. Please ' - 'run the build_endpoint_map.py tool to update the ' - 'template.', file=sys.stderr) - sys.exit(2) - else: - build_endpoint_map(args.output_file, args.input_file) - except Exception as exc: - if args.debug: - raise - print('%s: %s' % (type(exc).__name__, str(exc)), file=sys.stderr) - sys.exit(1) - - -if __name__ == '__main__': - main() diff --git a/network/endpoints/endpoint_data.yaml b/network/endpoints/endpoint_data.yaml deleted file mode 100644 index 6ec5d6cfaa..0000000000 --- a/network/endpoints/endpoint_data.yaml +++ /dev/null @@ -1,353 +0,0 @@ -# Data in this file is used to generate the endpoint_map.yaml template. -# Run the script build_endpoint_map.py to regenerate the file. - -Aodh: - Internal: - net_param: AodhApi - Public: - net_param: Public - Admin: - net_param: AodhApi - port: 8042 - -Barbican: - Internal: - net_param: BarbicanApi - Public: - net_param: Public - Admin: - net_param: BarbicanApi - port: 9311 - -Designate: - Internal: - net_param: DesignateApi - uri_suffixes: - '': /v2 - Public: - net_param: Public - uri_suffixes: - '': /v2 - Admin: - net_param: DesignateApi - uri_suffixes: - '': /v2 - port: 9001 - -Gnocchi: - Internal: - net_param: GnocchiApi - Public: - net_param: Public - Admin: - net_param: GnocchiApi - port: 8041 - -Cinder: - Internal: - net_param: CinderApi - uri_suffixes: - '': /v1/%(tenant_id)s - V2: /v2/%(tenant_id)s - V3: /v3/%(tenant_id)s - Public: - net_param: Public - uri_suffixes: - '': /v1/%(tenant_id)s - V2: /v2/%(tenant_id)s - V3: /v3/%(tenant_id)s - Admin: - net_param: CinderApi - uri_suffixes: - '': /v1/%(tenant_id)s - V2: /v2/%(tenant_id)s - V3: /v3/%(tenant_id)s - port: 8776 - -Glance: - Internal: - net_param: GlanceApi - Public: - net_param: Public - Admin: - net_param: GlanceApi - port: 9292 - -Mysql: - Internal: - net_param: Mysql - protocol: mysql+pymysql - port: 3306 - -Heat: - Internal: - net_param: HeatApi - uri_suffixes: - '': /v1/%(tenant_id)s - Public: - net_param: Public - uri_suffixes: - '': /v1/%(tenant_id)s - Admin: - net_param: HeatApi - uri_suffixes: - '': /v1/%(tenant_id)s - port: 8004 - -HeatCfn: - Internal: - net_param: HeatApi - uri_suffixes: - '': /v1 - Public: - net_param: Public - uri_suffixes: - '': /v1 - Admin: - net_param: HeatApi - uri_suffixes: - '': /v1 - port: 8000 - -Horizon: - Public: - net_param: Public - uri_suffixes: - '': /dashboard - port: 80 - -# TODO(ayoung): V3 is a temporary fix. Endpoints should be versionless. -# Required for https://bugs.launchpad.net/puppet-nova/+bug/1542486 -Keystone: - Internal: - net_param: KeystonePublicApi - uri_suffixes: - '': / - V3: /v3 - names: - EC2: KeystoneEC2 - Public: - net_param: Public - uri_suffixes: - '': / - V3: /v3 - Admin: - net_param: KeystoneAdminApi - uri_suffixes: - '': / - V3: /v3 - port: 35357 - port: 5000 - -Manila: - Internal: - net_param: ManilaApi - uri_suffixes: - '': /v2/%(tenant_id)s - V1: /v1/%(tenant_id)s - Public: - net_param: Public - uri_suffixes: - '': /v2/%(tenant_id)s - V1: /v1/%(tenant_id)s - Admin: - net_param: ManilaApi - uri_suffixes: - '': /v2/%(tenant_id)s - V1: /v1/%(tenant_id)s - port: 8786 - -MetricsQdr: - Public: - net_param: Public - port: 5666 - protocol: amqp - -Mistral: - Internal: - net_param: MistralApi - uri_suffixes: - '': /v2 - Public: - net_param: Public - uri_suffixes: - '': /v2 - Admin: - net_param: MistralApi - uri_suffixes: - '': /v2 - port: 8989 - -Neutron: - Internal: - net_param: NeutronApi - Public: - net_param: Public - Admin: - net_param: NeutronApi - port: 9696 - -Nova: - Internal: - net_param: NovaApi - uri_suffixes: - '': /v2.1 - Public: - net_param: Public - uri_suffixes: - '': /v2.1 - Admin: - net_param: NovaApi - uri_suffixes: - '': /v2.1 - port: 8774 - -Placement: - Internal: - net_param: Placement - uri_suffixes: - '': /placement - Public: - net_param: Public - uri_suffixes: - '': /placement - Admin: - net_param: Placement - uri_suffixes: - '': /placement - port: 8778 - -NovaVNCProxy: - Internal: - net_param: NovaApi - Public: - net_param: Public - Admin: - net_param: NovaApi - port: 6080 - -Swift: - Internal: - net_param: SwiftProxy - uri_suffixes: - '': /v1/AUTH_%(tenant_id)s - S3: - Public: - net_param: Public - uri_suffixes: - '': /v1/AUTH_%(tenant_id)s - S3: - Admin: - net_param: SwiftProxy - uri_suffixes: - '': - S3: - port: 8080 - -CephDashboard: - Internal: - net_param: CephDashboard - port: 8444 - -CephGrafana: - Internal: - net_param: CephGrafana - port: 3100 - -CephRgw: - Internal: - net_param: CephRgw - uri_suffixes: - '': /swift/v1/AUTH_%(project_id)s - Public: - net_param: Public - uri_suffixes: - '': /swift/v1/AUTH_%(project_id)s - Admin: - net_param: CephRgw - uri_suffixes: - '': /swift/v1/AUTH_%(project_id)s - port: 8080 - -Ironic: - Internal: - net_param: IronicApi - uri_suffixes: - '': /v1 - Public: - net_param: Public - uri_suffixes: - '': /v1 - Admin: - net_param: IronicApi - uri_suffixes: - '': /v1 - port: 6385 - -IronicInspector: - Internal: - net_param: IronicInspector - Public: - net_param: Public - Admin: - net_param: IronicInspector - port: 5050 - -Zaqar: - Internal: - net_param: ZaqarApi - Public: - net_param: Public - Admin: - net_param: ZaqarApi - port: 8888 - -ZaqarWebSocket: - Internal: - net_param: ZaqarApi - Public: - net_param: Public - Admin: - net_param: ZaqarApi - port: 9000 - protocol: ws - -Octavia: - Internal: - net_param: OctaviaApi - Public: - net_param: Public - Admin: - net_param: OctaviaApi - port: 9876 - -Ganesha: - Internal: - net_param: Ganesha - protocol: nfs - port: 2049 - -DockerRegistry: - Internal: - net_param: DockerRegistry - port: 8787 - -NovaMetadata: - Internal: - net_param: NovaMetadata - port: 8775 - -Novajoin: - Internal: - net_param: Novajoin - uri_suffixes: - '': /v1 - Public: - net_param: Public - uri_suffixes: - '': /v1 - Admin: - net_param: Novajoin - uri_suffixes: - '': /v1 - port: 9090 diff --git a/network/endpoints/endpoint_map.yaml b/network/endpoints/endpoint_map.yaml index f7f111a1fb..65acfa9e55 100644 --- a/network/endpoints/endpoint_map.yaml +++ b/network/endpoints/endpoint_map.yaml @@ -1,7 +1,3 @@ -### DO NOT MODIFY THIS FILE -### This file is automatically generated from endpoint_data.yaml -### by the script build_endpoint_map.py - heat_template_version: wallaby description: A map of OpenStack endpoints. Since the endpoints are URLs, we need to have brackets around IPv6 IP addresses. The inputs to these @@ -18,315 +14,7 @@ parameters: description: The Service Net map EndpointMap: type: json - default: - AodhAdmin: - protocol: http - port: '8042' - host: IP_ADDRESS - AodhInternal: - protocol: http - port: '8042' - host: IP_ADDRESS - AodhPublic: - protocol: http - port: '8042' - host: IP_ADDRESS - BarbicanAdmin: - protocol: http - port: '9311' - host: IP_ADDRESS - BarbicanInternal: - protocol: http - port: '9311' - host: IP_ADDRESS - BarbicanPublic: - protocol: http - port: '9311' - host: IP_ADDRESS - CephDashboardInternal: - protocol: http - port: '8444' - host: IP_ADDRESS - CephGrafanaInternal: - protocol: http - port: '3100' - host: IP_ADDRESS - CephRgwAdmin: - protocol: http - port: '8080' - host: IP_ADDRESS - CephRgwInternal: - protocol: http - port: '8080' - host: IP_ADDRESS - CephRgwPublic: - protocol: http - port: '8080' - host: IP_ADDRESS - CinderAdmin: - protocol: http - port: '8776' - host: IP_ADDRESS - CinderInternal: - protocol: http - port: '8776' - host: IP_ADDRESS - CinderPublic: - protocol: http - port: '8776' - host: IP_ADDRESS - DesignateAdmin: - protocol: http - port: '9001' - host: IP_ADDRESS - DesignateInternal: - protocol: http - port: '9001' - host: IP_ADDRESS - DesignatePublic: - protocol: http - port: '9001' - host: IP_ADDRESS - DockerRegistryInternal: - protocol: http - port: '8787' - host: IP_ADDRESS - GaneshaInternal: - protocol: nfs - port: '2049' - host: IP_ADDRESS - GlanceAdmin: - protocol: http - port: '9292' - host: IP_ADDRESS - GlanceInternal: - protocol: http - port: '9292' - host: IP_ADDRESS - GlancePublic: - protocol: http - port: '9292' - host: IP_ADDRESS - GnocchiAdmin: - protocol: http - port: '8041' - host: IP_ADDRESS - GnocchiInternal: - protocol: http - port: '8041' - host: IP_ADDRESS - GnocchiPublic: - protocol: http - port: '8041' - host: IP_ADDRESS - HeatAdmin: - protocol: http - port: '8004' - host: IP_ADDRESS - HeatInternal: - protocol: http - port: '8004' - host: IP_ADDRESS - HeatPublic: - protocol: http - port: '8004' - host: IP_ADDRESS - HeatCfnAdmin: - protocol: http - port: '8000' - host: IP_ADDRESS - HeatCfnInternal: - protocol: http - port: '8000' - host: IP_ADDRESS - HeatCfnPublic: - protocol: http - port: '8000' - host: IP_ADDRESS - HorizonPublic: - protocol: http - port: '80' - host: IP_ADDRESS - IronicAdmin: - protocol: http - port: '6385' - host: IP_ADDRESS - IronicInternal: - protocol: http - port: '6385' - host: IP_ADDRESS - IronicPublic: - protocol: http - port: '6385' - host: IP_ADDRESS - IronicInspectorAdmin: - protocol: http - port: '5050' - host: IP_ADDRESS - IronicInspectorInternal: - protocol: http - port: '5050' - host: IP_ADDRESS - IronicInspectorPublic: - protocol: http - port: '5050' - host: IP_ADDRESS - KeystoneAdmin: - protocol: http - port: '35357' - host: IP_ADDRESS - KeystoneInternal: - protocol: http - port: '5000' - host: IP_ADDRESS - KeystonePublic: - protocol: http - port: '5000' - host: IP_ADDRESS - ManilaAdmin: - protocol: http - port: '8786' - host: IP_ADDRESS - ManilaInternal: - protocol: http - port: '8786' - host: IP_ADDRESS - ManilaPublic: - protocol: http - port: '8786' - host: IP_ADDRESS - MetricsQdrPublic: - protocol: amqp - port: '5666' - host: IP_ADDRESS - MistralAdmin: - protocol: http - port: '8989' - host: IP_ADDRESS - MistralInternal: - protocol: http - port: '8989' - host: IP_ADDRESS - MistralPublic: - protocol: http - port: '8989' - host: IP_ADDRESS - MysqlInternal: - protocol: mysql+pymysql - port: '3306' - host: IP_ADDRESS - NeutronAdmin: - protocol: http - port: '9696' - host: IP_ADDRESS - NeutronInternal: - protocol: http - port: '9696' - host: IP_ADDRESS - NeutronPublic: - protocol: http - port: '9696' - host: IP_ADDRESS - NovaAdmin: - protocol: http - port: '8774' - host: IP_ADDRESS - NovaInternal: - protocol: http - port: '8774' - host: IP_ADDRESS - NovaPublic: - protocol: http - port: '8774' - host: IP_ADDRESS - NovaMetadataInternal: - protocol: http - port: '8775' - host: IP_ADDRESS - NovaVNCProxyAdmin: - protocol: http - port: '6080' - host: IP_ADDRESS - NovaVNCProxyInternal: - protocol: http - port: '6080' - host: IP_ADDRESS - NovaVNCProxyPublic: - protocol: http - port: '6080' - host: IP_ADDRESS - NovajoinAdmin: - protocol: http - port: '9090' - host: IP_ADDRESS - NovajoinInternal: - protocol: http - port: '9090' - host: IP_ADDRESS - NovajoinPublic: - protocol: http - port: '9090' - host: IP_ADDRESS - OctaviaAdmin: - protocol: http - port: '9876' - host: IP_ADDRESS - OctaviaInternal: - protocol: http - port: '9876' - host: IP_ADDRESS - OctaviaPublic: - protocol: http - port: '9876' - host: IP_ADDRESS - PlacementAdmin: - protocol: http - port: '8778' - host: IP_ADDRESS - PlacementInternal: - protocol: http - port: '8778' - host: IP_ADDRESS - PlacementPublic: - protocol: http - port: '8778' - host: IP_ADDRESS - SwiftAdmin: - protocol: http - port: '8080' - host: IP_ADDRESS - SwiftInternal: - protocol: http - port: '8080' - host: IP_ADDRESS - SwiftPublic: - protocol: http - port: '8080' - host: IP_ADDRESS - ZaqarAdmin: - protocol: http - port: '8888' - host: IP_ADDRESS - ZaqarInternal: - protocol: http - port: '8888' - host: IP_ADDRESS - ZaqarPublic: - protocol: http - port: '8888' - host: IP_ADDRESS - ZaqarWebSocketAdmin: - protocol: ws - port: '9000' - host: IP_ADDRESS - ZaqarWebSocketInternal: - protocol: ws - port: '9000' - host: IP_ADDRESS - ZaqarWebSocketPublic: - protocol: ws - port: '9000' - host: IP_ADDRESS + default: {} description: Mapping of service endpoint -> protocol. Typically set via parameter_defaults in the resource registry. CloudEndpoints: diff --git a/overcloud-resource-registry-puppet.j2.yaml b/overcloud-resource-registry-puppet.j2.yaml index db9fb3bd89..b633517583 100644 --- a/overcloud-resource-registry-puppet.j2.yaml +++ b/overcloud-resource-registry-puppet.j2.yaml @@ -354,6 +354,7 @@ resource_registry: parameter_merge_strategies: ServiceNetMap: merge VipSubnetMap: merge + EndpointMap: merge {% for role in roles %} {{role.name}}Parameters: merge {% endfor %} @@ -461,3 +462,82 @@ parameter_defaults: {%- endfor %} redis: internal_api_subnet ovn_dbs: internal_api_subnet + + EndpointMap: + AodhAdmin: {protocol: http, port: '8042', host: IP_ADDRESS} + AodhInternal: {protocol: http, port: '8042', host: IP_ADDRESS} + AodhPublic: {protocol: http, port: '8042', host: IP_ADDRESS} + BarbicanAdmin: {protocol: http, port: '9311', host: IP_ADDRESS} + BarbicanInternal: {protocol: http, port: '9311', host: IP_ADDRESS} + BarbicanPublic: {protocol: http, port: '9311', host: IP_ADDRESS} + CephDashboardInternal: {protocol: http, port: '8444', host: IP_ADDRESS} + CephGrafanaInternal: {protocol: http, port: '3100', host: IP_ADDRESS} + CephRgwAdmin: {protocol: http, port: '8080', host: IP_ADDRESS} + CephRgwInternal: {protocol: http, port: '8080', host: IP_ADDRESS} + CephRgwPublic: {protocol: http, port: '8080', host: IP_ADDRESS} + CinderAdmin: {protocol: http, port: '8776', host: IP_ADDRESS} + CinderInternal: {protocol: http, port: '8776', host: IP_ADDRESS} + CinderPublic: {protocol: http, port: '8776', host: IP_ADDRESS} + DesignateAdmin: {protocol: 'http', port: '9001', host: IP_ADDRESS} + DesignateInternal: {protocol: 'http', port: '9001', host: IP_ADDRESS} + DesignatePublic: {protocol: 'http', port: '9001', host: IP_ADDRESS} + DockerRegistryInternal: {protocol: http, port: '8787', host: IP_ADDRESS} + GaneshaInternal: {protocol: nfs, port: '2049', host: IP_ADDRESS} + GlanceAdmin: {protocol: http, port: '9292', host: IP_ADDRESS} + GlanceInternal: {protocol: http, port: '9292', host: IP_ADDRESS} + GlancePublic: {protocol: http, port: '9292', host: IP_ADDRESS} + GnocchiAdmin: {protocol: http, port: '8041', host: IP_ADDRESS} + GnocchiInternal: {protocol: http, port: '8041', host: IP_ADDRESS} + GnocchiPublic: {protocol: http, port: '8041', host: IP_ADDRESS} + HeatAdmin: {protocol: http, port: '8004', host: IP_ADDRESS} + HeatInternal: {protocol: http, port: '8004', host: IP_ADDRESS} + HeatPublic: {protocol: http, port: '8004', host: IP_ADDRESS} + HeatCfnAdmin: {protocol: http, port: '8000', host: IP_ADDRESS} + HeatCfnInternal: {protocol: http, port: '8000', host: IP_ADDRESS} + HeatCfnPublic: {protocol: http, port: '8000', host: IP_ADDRESS} + HorizonPublic: {protocol: http, port: '80', host: IP_ADDRESS} + IronicAdmin: {protocol: http, port: '6385', host: IP_ADDRESS} + IronicInternal: {protocol: http, port: '6385', host: IP_ADDRESS} + IronicPublic: {protocol: http, port: '6385', host: IP_ADDRESS} + IronicInspectorAdmin: {protocol: http, port: '5050', host: IP_ADDRESS} + IronicInspectorInternal: {protocol: http, port: '5050', host: IP_ADDRESS} + IronicInspectorPublic: {protocol: http, port: '5050', host: IP_ADDRESS} + KeystoneAdmin: {protocol: http, port: '35357', host: IP_ADDRESS} + KeystoneInternal: {protocol: http, port: '5000', host: IP_ADDRESS} + KeystonePublic: {protocol: http, port: '5000', host: IP_ADDRESS} + ManilaAdmin: {protocol: http, port: '8786', host: IP_ADDRESS} + ManilaInternal: {protocol: http, port: '8786', host: IP_ADDRESS} + ManilaPublic: {protocol: http, port: '8786', host: IP_ADDRESS} + MetricsQdrPublic: {protocol: 'amqp', port: '5666', host: IP_ADDRESS} + MistralAdmin: {protocol: http, port: '8989', host: IP_ADDRESS} + MistralInternal: {protocol: http, port: '8989', host: IP_ADDRESS} + MistralPublic: {protocol: http, port: '8989', host: IP_ADDRESS} + MysqlInternal: {protocol: mysql+pymysql, port: '3306', host: IP_ADDRESS} + NeutronAdmin: {protocol: http, port: '9696', host: IP_ADDRESS} + NeutronInternal: {protocol: http, port: '9696', host: IP_ADDRESS} + NeutronPublic: {protocol: http, port: '9696', host: IP_ADDRESS} + NovaAdmin: {protocol: http, port: '8774', host: IP_ADDRESS} + NovaInternal: {protocol: http, port: '8774', host: IP_ADDRESS} + NovaPublic: {protocol: http, port: '8774', host: IP_ADDRESS} + NovajoinAdmin: {protocol: http, port: '9090', host: IP_ADDRESS} + NovajoinInternal: {protocol: http, port: '9090', host: IP_ADDRESS} + NovajoinPublic: {protocol: http, port: '9090', host: IP_ADDRESS} + NovaMetadataInternal: {protocol: http, port: '8775', host: IP_ADDRESS} + PlacementAdmin: {protocol: http, port: '8778', host: IP_ADDRESS} + PlacementInternal: {protocol: http, port: '8778', host: IP_ADDRESS} + PlacementPublic: {protocol: http, port: '8778', host: IP_ADDRESS} + NovaVNCProxyAdmin: {protocol: http, port: '6080', host: IP_ADDRESS} + NovaVNCProxyInternal: {protocol: http, port: '6080', host: IP_ADDRESS} + NovaVNCProxyPublic: {protocol: http, port: '6080', host: IP_ADDRESS} + OctaviaAdmin: {protocol: http, port: '9876', host: IP_ADDRESS} + OctaviaInternal: {protocol: http, port: '9876', host: IP_ADDRESS} + OctaviaPublic: {protocol: http, port: '9876', host: IP_ADDRESS} + SwiftAdmin: {protocol: http, port: '8080', host: IP_ADDRESS} + SwiftInternal: {protocol: http, port: '8080', host: IP_ADDRESS} + SwiftPublic: {protocol: http, port: '8080', host: IP_ADDRESS} + ZaqarAdmin: {protocol: http, port: '8888', host: IP_ADDRESS} + ZaqarInternal: {protocol: http, port: '8888', host: IP_ADDRESS} + ZaqarPublic: {protocol: http, port: '8888', host: IP_ADDRESS} + ZaqarWebSocketAdmin: {protocol: ws, port: '9000', host: IP_ADDRESS} + ZaqarWebSocketInternal: {protocol: ws, port: '9000', host: IP_ADDRESS} + ZaqarWebSocketPublic: {protocol: ws, port: '9000', host: IP_ADDRESS} diff --git a/releasenotes/notes/parameter-merge-strategy-endpoint-map-83b8321c72421fd6.yaml b/releasenotes/notes/parameter-merge-strategy-endpoint-map-83b8321c72421fd6.yaml new file mode 100644 index 0000000000..99c525e86a --- /dev/null +++ b/releasenotes/notes/parameter-merge-strategy-endpoint-map-83b8321c72421fd6.yaml @@ -0,0 +1,11 @@ +--- +features: + - | + Users can now override or add individual entries to EndpointMap without + having to specify complete EndpointMap in parameter_defaults section + of an environment file. +upgrade: + - | + With the change to EndpointMap interface, existing environments where + it has been overridden have to specify 'merge' strategy in a new + 'parameter_merge_strategies' section. diff --git a/sample-env-generator/ssl.yaml b/sample-env-generator/ssl.yaml index 68482bc1a2..dd8805d061 100644 --- a/sample-env-generator/ssl.yaml +++ b/sample-env-generator/ssl.yaml @@ -111,6 +111,8 @@ environments: description: | Use this environment when deploying an SSL-enabled overcloud where the public endpoint is an IP address. + parameter_merge_strategies: + EndpointMap: merge files: network/endpoints/endpoint_map.yaml: parameters: @@ -123,82 +125,33 @@ environments: # two seemed like the most sane option. EndpointMap: |-2 - AodhAdmin: {protocol: 'http', port: '8042', host: 'IP_ADDRESS'} - AodhInternal: {protocol: 'http', port: '8042', host: 'IP_ADDRESS'} AodhPublic: {protocol: 'https', port: '13042', host: 'IP_ADDRESS'} - BarbicanAdmin: {protocol: 'http', port: '9311', host: 'IP_ADDRESS'} - BarbicanInternal: {protocol: 'http', port: '9311', host: 'IP_ADDRESS'} BarbicanPublic: {protocol: 'https', port: '13311', host: 'IP_ADDRESS'} CephDashboardInternal: {protocol: 'https', port: '8444', host: 'IP_ADDRESS'} CephGrafanaInternal: {protocol: 'https', port: '3100', host: 'IP_ADDRESS'} - CephRgwAdmin: {protocol: 'http', port: '8080', host: 'IP_ADDRESS'} - CephRgwInternal: {protocol: 'http', port: '8080', host: 'IP_ADDRESS'} CephRgwPublic: {protocol: 'https', port: '13808', host: 'IP_ADDRESS'} - CinderAdmin: {protocol: 'http', port: '8776', host: 'IP_ADDRESS'} - CinderInternal: {protocol: 'http', port: '8776', host: 'IP_ADDRESS'} CinderPublic: {protocol: 'https', port: '13776', host: 'IP_ADDRESS'} - DesignateAdmin: {protocol: 'http', port: '9001', host: 'IP_ADDRESS'} - DesignateInternal: {protocol: 'http', port: '9001', host: 'IP_ADDRESS'} DesignatePublic: {protocol: 'https', port: '13001', host: 'IP_ADDRESS'} DockerRegistryInternal: {protocol: 'https', port: '8787', host: 'IP_ADDRESS'} - GaneshaInternal: {protocol: 'nfs', port: '2049', host: 'IP_ADDRESS'} - GlanceAdmin: {protocol: 'http', port: '9292', host: 'IP_ADDRESS'} - GlanceInternal: {protocol: 'http', port: '9292', host: 'IP_ADDRESS'} GlancePublic: {protocol: 'https', port: '13292', host: 'IP_ADDRESS'} - GnocchiAdmin: {protocol: 'http', port: '8041', host: 'IP_ADDRESS'} - GnocchiInternal: {protocol: 'http', port: '8041', host: 'IP_ADDRESS'} GnocchiPublic: {protocol: 'https', port: '13041', host: 'IP_ADDRESS'} - HeatAdmin: {protocol: 'http', port: '8004', host: 'IP_ADDRESS'} - HeatInternal: {protocol: 'http', port: '8004', host: 'IP_ADDRESS'} HeatPublic: {protocol: 'https', port: '13004', host: 'IP_ADDRESS'} - HeatCfnAdmin: {protocol: 'http', port: '8000', host: 'IP_ADDRESS'} - HeatCfnInternal: {protocol: 'http', port: '8000', host: 'IP_ADDRESS'} HeatCfnPublic: {protocol: 'https', port: '13005', host: 'IP_ADDRESS'} HorizonPublic: {protocol: 'https', port: '443', host: 'IP_ADDRESS'} - IronicAdmin: {protocol: 'http', port: '6385', host: 'IP_ADDRESS'} - IronicInternal: {protocol: 'http', port: '6385', host: 'IP_ADDRESS'} IronicPublic: {protocol: 'https', port: '13385', host: 'IP_ADDRESS'} - IronicInspectorAdmin: {protocol: 'http', port: '5050', host: 'IP_ADDRESS'} - IronicInspectorInternal: {protocol: 'http', port: '5050', host: 'IP_ADDRESS'} IronicInspectorPublic: {protocol: 'https', port: '13050', host: 'IP_ADDRESS'} - KeystoneAdmin: {protocol: 'http', port: '35357', host: 'IP_ADDRESS'} - KeystoneInternal: {protocol: 'http', port: '5000', host: 'IP_ADDRESS'} KeystonePublic: {protocol: 'https', port: '13000', host: 'IP_ADDRESS'} - ManilaAdmin: {protocol: 'http', port: '8786', host: 'IP_ADDRESS'} - ManilaInternal: {protocol: 'http', port: '8786', host: 'IP_ADDRESS'} ManilaPublic: {protocol: 'https', port: '13786', host: 'IP_ADDRESS'} - MetricsQdrPublic: {protocol: 'amqp', port: '5666', host: 'IP_ADDRESS'} - MistralAdmin: {protocol: 'http', port: '8989', host: 'IP_ADDRESS'} - MistralInternal: {protocol: 'http', port: '8989', host: 'IP_ADDRESS'} MistralPublic: {protocol: 'https', port: '13989', host: 'IP_ADDRESS'} - MysqlInternal: {protocol: 'mysql+pymysql', port: '3306', host: 'IP_ADDRESS'} - NeutronAdmin: {protocol: 'http', port: '9696', host: 'IP_ADDRESS'} - NeutronInternal: {protocol: 'http', port: '9696', host: 'IP_ADDRESS'} NeutronPublic: {protocol: 'https', port: '13696', host: 'IP_ADDRESS'} - NovaAdmin: {protocol: 'http', port: '8774', host: 'IP_ADDRESS'} - NovaInternal: {protocol: 'http', port: '8774', host: 'IP_ADDRESS'} NovaPublic: {protocol: 'https', port: '13774', host: 'IP_ADDRESS'} - NovajoinAdmin: {protocol: 'http', port: '9090', host: 'IP_ADDRESS'} - NovajoinInternal: {protocol: 'http', port: '9090', host: 'IP_ADDRESS'} NovajoinPublic: {protocol: 'https', port: '13090', host: 'IP_ADDRESS'} NovaMetadataInternal: {protocol: 'https', port: '8775', host: 'IP_ADDRESS'} - PlacementAdmin: {protocol: 'http', port: '8778', host: 'IP_ADDRESS'} - PlacementInternal: {protocol: 'http', port: '8778', host: 'IP_ADDRESS'} PlacementPublic: {protocol: 'https', port: '13778', host: 'IP_ADDRESS'} - NovaVNCProxyAdmin: {protocol: 'http', port: '6080', host: 'IP_ADDRESS'} - NovaVNCProxyInternal: {protocol: 'http', port: '6080', host: 'IP_ADDRESS'} NovaVNCProxyPublic: {protocol: 'https', port: '13080', host: 'IP_ADDRESS'} - OctaviaAdmin: {protocol: 'http', port: '9876', host: 'IP_ADDRESS'} - OctaviaInternal: {protocol: 'http', port: '9876', host: 'IP_ADDRESS'} OctaviaPublic: {protocol: 'https', port: '13876', host: 'IP_ADDRESS'} - SwiftAdmin: {protocol: 'http', port: '8080', host: 'IP_ADDRESS'} - SwiftInternal: {protocol: 'http', port: '8080', host: 'IP_ADDRESS'} SwiftPublic: {protocol: 'https', port: '13808', host: 'IP_ADDRESS'} - ZaqarAdmin: {protocol: 'http', port: '8888', host: 'IP_ADDRESS'} - ZaqarInternal: {protocol: 'http', port: '8888', host: 'IP_ADDRESS'} ZaqarPublic: {protocol: 'https', port: '13888', host: 'IP_ADDRESS'} - ZaqarWebSocketAdmin: {protocol: 'ws', port: '9000', host: 'IP_ADDRESS'} - ZaqarWebSocketInternal: {protocol: 'ws', port: '9000', host: 'IP_ADDRESS'} ZaqarWebSocketPublic: {protocol: 'wss', port: '3000', host: 'IP_ADDRESS'} - name: ssl/tls-endpoints-public-dns @@ -206,6 +159,8 @@ environments: description: | Use this environment when deploying an SSL-enabled overcloud where the public endpoint is a DNS name. + parameter_merge_strategies: + EndpointMap: merge files: network/endpoints/endpoint_map.yaml: parameters: @@ -218,82 +173,33 @@ environments: # two seemed like the most sane option. EndpointMap: |-2 - AodhAdmin: {protocol: 'http', port: '8042', host: 'IP_ADDRESS'} - AodhInternal: {protocol: 'http', port: '8042', host: 'IP_ADDRESS'} AodhPublic: {protocol: 'https', port: '13042', host: 'CLOUDNAME'} - BarbicanAdmin: {protocol: 'http', port: '9311', host: 'IP_ADDRESS'} - BarbicanInternal: {protocol: 'http', port: '9311', host: 'IP_ADDRESS'} BarbicanPublic: {protocol: 'https', port: '13311', host: 'CLOUDNAME'} CephDashboardInternal: {protocol: 'https', port: '8444', host: 'CLOUDNAME'} CephGrafanaInternal: {protocol: 'https', port: '3100', host: 'CLOUDNAME'} - CephRgwAdmin: {protocol: 'http', port: '8080', host: 'IP_ADDRESS'} - CephRgwInternal: {protocol: 'http', port: '8080', host: 'IP_ADDRESS'} CephRgwPublic: {protocol: 'https', port: '13808', host: 'CLOUDNAME'} - CinderAdmin: {protocol: 'http', port: '8776', host: 'IP_ADDRESS'} - CinderInternal: {protocol: 'http', port: '8776', host: 'IP_ADDRESS'} CinderPublic: {protocol: 'https', port: '13776', host: 'CLOUDNAME'} - DesignateAdmin: {protocol: 'http', port: '9001', host: 'IP_ADDRESS'} - DesignateInternal: {protocol: 'http', port: '9001', host: 'IP_ADDRESS'} DesignatePublic: {protocol: 'https', port: '13001', host: 'CLOUDNAME'} DockerRegistryInternal: {protocol: 'https', port: '8787', host: 'CLOUDNAME'} - GaneshaInternal: {protocol: 'nfs', port: '2049', host: 'IP_ADDRESS'} - GlanceAdmin: {protocol: 'http', port: '9292', host: 'IP_ADDRESS'} - GlanceInternal: {protocol: 'http', port: '9292', host: 'IP_ADDRESS'} GlancePublic: {protocol: 'https', port: '13292', host: 'CLOUDNAME'} - GnocchiAdmin: {protocol: 'http', port: '8041', host: 'IP_ADDRESS'} - GnocchiInternal: {protocol: 'http', port: '8041', host: 'IP_ADDRESS'} GnocchiPublic: {protocol: 'https', port: '13041', host: 'CLOUDNAME'} - HeatAdmin: {protocol: 'http', port: '8004', host: 'IP_ADDRESS'} - HeatInternal: {protocol: 'http', port: '8004', host: 'IP_ADDRESS'} HeatPublic: {protocol: 'https', port: '13004', host: 'CLOUDNAME'} - HeatCfnAdmin: {protocol: 'http', port: '8000', host: 'IP_ADDRESS'} - HeatCfnInternal: {protocol: 'http', port: '8000', host: 'IP_ADDRESS'} HeatCfnPublic: {protocol: 'https', port: '13005', host: 'CLOUDNAME'} HorizonPublic: {protocol: 'https', port: '443', host: 'CLOUDNAME'} - IronicAdmin: {protocol: 'http', port: '6385', host: 'IP_ADDRESS'} - IronicInternal: {protocol: 'http', port: '6385', host: 'IP_ADDRESS'} IronicPublic: {protocol: 'https', port: '13385', host: 'CLOUDNAME'} - IronicInspectorAdmin: {protocol: 'http', port: '5050', host: 'IP_ADDRESS'} - IronicInspectorInternal: {protocol: 'http', port: '5050', host: 'IP_ADDRESS'} IronicInspectorPublic: {protocol: 'https', port: '13050', host: 'CLOUDNAME'} - KeystoneAdmin: {protocol: 'http', port: '35357', host: 'IP_ADDRESS'} - KeystoneInternal: {protocol: 'http', port: '5000', host: 'IP_ADDRESS'} KeystonePublic: {protocol: 'https', port: '13000', host: 'CLOUDNAME'} - ManilaAdmin: {protocol: 'http', port: '8786', host: 'IP_ADDRESS'} - ManilaInternal: {protocol: 'http', port: '8786', host: 'IP_ADDRESS'} ManilaPublic: {protocol: 'https', port: '13786', host: 'CLOUDNAME'} MetricsQdrPublic: {protocol: 'amqp', port: '5666', host: 'CLOUDNAME'} - MistralAdmin: {protocol: 'http', port: '8989', host: 'IP_ADDRESS'} - MistralInternal: {protocol: 'http', port: '8989', host: 'IP_ADDRESS'} MistralPublic: {protocol: 'https', port: '13989', host: 'CLOUDNAME'} - MysqlInternal: {protocol: 'mysql+pymysql', port: '3306', host: 'IP_ADDRESS'} - NeutronAdmin: {protocol: 'http', port: '9696', host: 'IP_ADDRESS'} - NeutronInternal: {protocol: 'http', port: '9696', host: 'IP_ADDRESS'} NeutronPublic: {protocol: 'https', port: '13696', host: 'CLOUDNAME'} - NovaAdmin: {protocol: 'http', port: '8774', host: 'IP_ADDRESS'} - NovaInternal: {protocol: 'http', port: '8774', host: 'IP_ADDRESS'} NovaPublic: {protocol: 'https', port: '13774', host: 'CLOUDNAME'} - NovajoinAdmin: {protocol: 'http', port: '9090', host: 'IP_ADDRESS'} - NovajoinInternal: {protocol: 'http', port: '9090', host: 'IP_ADDRESS'} NovajoinPublic: {protocol: 'https', port: '13090', host: 'CLOUDNAME'} - NovaMetadataInternal: {protocol: 'https', port: '8775', host: 'IP_ADDRESS'} - PlacementAdmin: {protocol: 'http', port: '8778', host: 'IP_ADDRESS'} - PlacementInternal: {protocol: 'http', port: '8778', host: 'IP_ADDRESS'} PlacementPublic: {protocol: 'https', port: '13778', host: 'CLOUDNAME'} - NovaVNCProxyAdmin: {protocol: 'http', port: '6080', host: 'IP_ADDRESS'} - NovaVNCProxyInternal: {protocol: 'http', port: '6080', host: 'IP_ADDRESS'} NovaVNCProxyPublic: {protocol: 'https', port: '13080', host: 'CLOUDNAME'} - OctaviaAdmin: {protocol: 'http', port: '9876', host: 'IP_ADDRESS'} - OctaviaInternal: {protocol: 'http', port: '9876', host: 'IP_ADDRESS'} OctaviaPublic: {protocol: 'https', port: '13876', host: 'CLOUDNAME'} - SwiftAdmin: {protocol: 'http', port: '8080', host: 'IP_ADDRESS'} - SwiftInternal: {protocol: 'http', port: '8080', host: 'IP_ADDRESS'} SwiftPublic: {protocol: 'https', port: '13808', host: 'CLOUDNAME'} - ZaqarAdmin: {protocol: 'http', port: '8888', host: 'IP_ADDRESS'} - ZaqarInternal: {protocol: 'http', port: '8888', host: 'IP_ADDRESS'} ZaqarPublic: {protocol: 'https', port: '13888', host: 'CLOUDNAME'} - ZaqarWebSocketAdmin: {protocol: 'ws', port: '9000', host: 'IP_ADDRESS'} - ZaqarWebSocketInternal: {protocol: 'ws', port: '9000', host: 'IP_ADDRESS'} ZaqarWebSocketPublic: {protocol: 'wss', port: '3000', host: 'CLOUDNAME'} - name: ssl/tls-everywhere-endpoints-dns @@ -301,6 +207,8 @@ environments: description: | Use this environment when deploying an overcloud where all the endpoints are DNS names and there's TLS in all endpoint types. + parameter_merge_strategies: + EndpointMap: merge files: network/endpoints/endpoint_map.yaml: parameters: @@ -390,105 +298,3 @@ environments: ZaqarWebSocketAdmin: {protocol: 'wss', port: '9000', host: 'CLOUDNAME'} ZaqarWebSocketInternal: {protocol: 'wss', port: '9000', host: 'CLOUDNAME'} ZaqarWebSocketPublic: {protocol: 'wss', port: '3000', host: 'CLOUDNAME'} - - - name: ssl/no-tls-endpoints-public-ip - title: Deploy All Endpoints without TLS and with IP addresses - description: | - Use this environment when deploying an overcloud where all the endpoints not - using TLS and are using IP addresses. - files: - network/endpoints/endpoint_map.yaml: - parameters: - - EndpointMap - deployment/haproxy/haproxy-container-puppet.yaml: - parameters: - - EnablePublicTLS - deployment/haproxy/haproxy-pacemaker-puppet.yaml: - parameters: - - EnablePublicTLS - sample_values: - EnablePublicTLS: false - # NOTE(bnemec): This is a bit odd, but it's the only way I've found that - # works. The |-2 tells YAML to strip two spaces off the indentation of - # the value, which because it's indented six spaces gets us to the four - # that we actually want. Note that zero is not a valid value here, so - # two seemed like the most sane option. - EndpointMap: |-2 - - AodhAdmin: {protocol: http, port: '8042', host: IP_ADDRESS} - AodhInternal: {protocol: http, port: '8042', host: IP_ADDRESS} - AodhPublic: {protocol: http, port: '8042', host: IP_ADDRESS} - BarbicanAdmin: {protocol: http, port: '9311', host: IP_ADDRESS} - BarbicanInternal: {protocol: http, port: '9311', host: IP_ADDRESS} - BarbicanPublic: {protocol: http, port: '9311', host: IP_ADDRESS} - CephDashboardInternal: {protocol: http, port: '8444', host: IP_ADDRESS} - CephGrafanaInternal: {protocol: http, port: '3100', host: IP_ADDRESS} - CephRgwAdmin: {protocol: http, port: '8080', host: IP_ADDRESS} - CephRgwInternal: {protocol: http, port: '8080', host: IP_ADDRESS} - CephRgwPublic: {protocol: http, port: '8080', host: IP_ADDRESS} - CinderAdmin: {protocol: http, port: '8776', host: IP_ADDRESS} - CinderInternal: {protocol: http, port: '8776', host: IP_ADDRESS} - CinderPublic: {protocol: http, port: '8776', host: IP_ADDRESS} - DesignateAdmin: {protocol: 'http', port: '9001', host: IP_ADDRESS} - DesignateInternal: {protocol: 'http', port: '9001', host: IP_ADDRESS} - DesignatePublic: {protocol: 'http', port: '9001', host: IP_ADDRESS} - DockerRegistryInternal: {protocol: http, port: '8787', host: IP_ADDRESS} - GaneshaInternal: {protocol: nfs, port: '2049', host: IP_ADDRESS} - GlanceAdmin: {protocol: http, port: '9292', host: IP_ADDRESS} - GlanceInternal: {protocol: http, port: '9292', host: IP_ADDRESS} - GlancePublic: {protocol: http, port: '9292', host: IP_ADDRESS} - GnocchiAdmin: {protocol: http, port: '8041', host: IP_ADDRESS} - GnocchiInternal: {protocol: http, port: '8041', host: IP_ADDRESS} - GnocchiPublic: {protocol: http, port: '8041', host: IP_ADDRESS} - HeatAdmin: {protocol: http, port: '8004', host: IP_ADDRESS} - HeatInternal: {protocol: http, port: '8004', host: IP_ADDRESS} - HeatPublic: {protocol: http, port: '8004', host: IP_ADDRESS} - HeatCfnAdmin: {protocol: http, port: '8000', host: IP_ADDRESS} - HeatCfnInternal: {protocol: http, port: '8000', host: IP_ADDRESS} - HeatCfnPublic: {protocol: http, port: '8000', host: IP_ADDRESS} - HorizonPublic: {protocol: http, port: '80', host: IP_ADDRESS} - IronicAdmin: {protocol: http, port: '6385', host: IP_ADDRESS} - IronicInternal: {protocol: http, port: '6385', host: IP_ADDRESS} - IronicPublic: {protocol: http, port: '6385', host: IP_ADDRESS} - IronicInspectorAdmin: {protocol: http, port: '5050', host: IP_ADDRESS} - IronicInspectorInternal: {protocol: http, port: '5050', host: IP_ADDRESS} - IronicInspectorPublic: {protocol: http, port: '5050', host: IP_ADDRESS} - KeystoneAdmin: {protocol: http, port: '35357', host: IP_ADDRESS} - KeystoneInternal: {protocol: http, port: '5000', host: IP_ADDRESS} - KeystonePublic: {protocol: http, port: '5000', host: IP_ADDRESS} - ManilaAdmin: {protocol: http, port: '8786', host: IP_ADDRESS} - ManilaInternal: {protocol: http, port: '8786', host: IP_ADDRESS} - ManilaPublic: {protocol: http, port: '8786', host: IP_ADDRESS} - MetricsQdrPublic: {protocol: 'amqp', port: '5666', host: IP_ADDRESS} - MistralAdmin: {protocol: http, port: '8989', host: IP_ADDRESS} - MistralInternal: {protocol: http, port: '8989', host: IP_ADDRESS} - MistralPublic: {protocol: http, port: '8989', host: IP_ADDRESS} - MysqlInternal: {protocol: mysql+pymysql, port: '3306', host: IP_ADDRESS} - NeutronAdmin: {protocol: http, port: '9696', host: IP_ADDRESS} - NeutronInternal: {protocol: http, port: '9696', host: IP_ADDRESS} - NeutronPublic: {protocol: http, port: '9696', host: IP_ADDRESS} - NovaAdmin: {protocol: http, port: '8774', host: IP_ADDRESS} - NovaInternal: {protocol: http, port: '8774', host: IP_ADDRESS} - NovaPublic: {protocol: http, port: '8774', host: IP_ADDRESS} - NovajoinAdmin: {protocol: http, port: '9090', host: IP_ADDRESS} - NovajoinInternal: {protocol: http, port: '9090', host: IP_ADDRESS} - NovajoinPublic: {protocol: http, port: '9090', host: IP_ADDRESS} - NovaMetadataInternal: {protocol: http, port: '8775', host: IP_ADDRESS} - PlacementAdmin: {protocol: http, port: '8778', host: IP_ADDRESS} - PlacementInternal: {protocol: http, port: '8778', host: IP_ADDRESS} - PlacementPublic: {protocol: http, port: '8778', host: IP_ADDRESS} - NovaVNCProxyAdmin: {protocol: http, port: '6080', host: IP_ADDRESS} - NovaVNCProxyInternal: {protocol: http, port: '6080', host: IP_ADDRESS} - NovaVNCProxyPublic: {protocol: http, port: '6080', host: IP_ADDRESS} - OctaviaAdmin: {protocol: http, port: '9876', host: IP_ADDRESS} - OctaviaInternal: {protocol: http, port: '9876', host: IP_ADDRESS} - OctaviaPublic: {protocol: http, port: '9876', host: IP_ADDRESS} - SwiftAdmin: {protocol: http, port: '8080', host: IP_ADDRESS} - SwiftInternal: {protocol: http, port: '8080', host: IP_ADDRESS} - SwiftPublic: {protocol: http, port: '8080', host: IP_ADDRESS} - ZaqarAdmin: {protocol: http, port: '8888', host: IP_ADDRESS} - ZaqarInternal: {protocol: http, port: '8888', host: IP_ADDRESS} - ZaqarPublic: {protocol: http, port: '8888', host: IP_ADDRESS} - ZaqarWebSocketAdmin: {protocol: ws, port: '9000', host: IP_ADDRESS} - ZaqarWebSocketInternal: {protocol: ws, port: '9000', host: IP_ADDRESS} - ZaqarWebSocketPublic: {protocol: ws, port: '9000', host: IP_ADDRESS} diff --git a/tools/merge-new-params-nic-config-script.py b/tools/merge-new-params-nic-config-script.py index e81d72bc27..c4cd6af410 100755 --- a/tools/merge-new-params-nic-config-script.py +++ b/tools/merge-new-params-nic-config-script.py @@ -148,8 +148,6 @@ def to_normal_yaml(filename): return out_str -# FIXME: Some of this duplicates code from build_endpoint_map.py, we should -# refactor to share the common code class TemplateDumper(yaml.SafeDumper): def represent_ordered_dict(self, data): return self.represent_dict(data.items()) diff --git a/tools/yaml-validate.py b/tools/yaml-validate.py index f0cf372319..7c492452e9 100755 --- a/tools/yaml-validate.py +++ b/tools/yaml-validate.py @@ -41,15 +41,6 @@ current_heat_template_version = valid_heat_template_versions[-1] required_params = ['EndpointMap', 'ServiceNetMap', 'RoleName', 'RoleParameters', 'ServiceData'] -# NOTE(bnemec): The duplication in this list is intentional. For the -# transition to generated environments we have two copies of these files, -# so they need to be listed twice. Once the deprecated version can be removed -# the duplicate entries can be as well. -envs_containing_endpoint_map = ['no-tls-endpoints-public-ip.yaml', - 'tls-endpoints-public-dns.yaml', - 'tls-endpoints-public-ip.yaml', - 'tls-everywhere-endpoints-dns.yaml'] -ENDPOINT_MAP_FILE = 'endpoint_map.yaml' OPTIONAL_SECTIONS = ['ansible_group_vars', 'cellv2_discovery', 'firewall_rules', @@ -305,29 +296,6 @@ def to_camel_case(string): s in string.split('_'))) -def get_base_endpoint_map(filename): - try: - with open(filename, 'r') as f: - tpl = yaml.load(f.read(), Loader=yaml.SafeLoader) - return tpl['parameters']['EndpointMap']['default'] - except Exception: - print(traceback.format_exc()) - return None - - -def get_endpoint_map_from_env(filename): - try: - with open(filename, 'r') as f: - tpl = yaml.load(f.read(), Loader=yaml.SafeLoader) - return { - 'file': filename, - 'map': tpl['parameter_defaults']['EndpointMap'] - } - except Exception: - print(traceback.format_exc()) - return None - - def compare_parameters(old_impl_path, new_impl_path): old_impl_params = [] new_impl_params = [] @@ -354,10 +322,6 @@ def compare_ceph_parameters(path): return 0 -def validate_endpoint_map(base_map, env_map): - return sorted(base_map.keys()) == sorted(env_map.keys()) - - def validate_role_name(filename): with open(filename, 'r') as f: tpl = yaml.load(f.read(), Loader=yaml.SafeLoader) @@ -1414,12 +1378,6 @@ for base_path in path_args: if failed: failed_files.append(file_path) exit_val |= failed - if f == ENDPOINT_MAP_FILE: - base_endpoint_map = get_base_endpoint_map(file_path) - if f in envs_containing_endpoint_map: - env_endpoint_map = get_endpoint_map_from_env(file_path) - if env_endpoint_map: - env_endpoint_maps.append(env_endpoint_map) elif os.path.isfile(base_path) and base_path.endswith('.yaml'): failed = validate(base_path, param_map) if failed: @@ -1429,30 +1387,6 @@ for base_path in path_args: print('Unexpected argument %s' % base_path) exit_usage() -if base_endpoint_map and \ - len(env_endpoint_maps) == len(envs_containing_endpoint_map): - for env_endpoint_map in env_endpoint_maps: - matches = validate_endpoint_map(base_endpoint_map, - env_endpoint_map['map']) - if not matches: - print("ERROR: %s needs to be updated to match changes in base " - "endpoint map" % env_endpoint_map['file']) - failed_files.append(env_endpoint_map['file']) - exit_val |= 1 - elif args.quiet < 1: - print("%s matches base endpoint map" % env_endpoint_map['file']) -else: - print("ERROR: Did not find expected number of environments containing the " - "EndpointMap parameter. If you meant to add or remove one of these " - "environments then you also need to update this tool.") - if not base_endpoint_map: - failed_files.append(ENDPOINT_MAP_FILE) - if len(env_endpoint_maps) != len(envs_containing_endpoint_map): - matched_files = set(os.path.basename(matched_env_file['file']) - for matched_env_file in env_endpoint_maps) - failed_files.extend(set(envs_containing_endpoint_map) - matched_files) - exit_val |= 1 - # Validate that duplicate parameters defined in multiple files all have the # same definition. mismatch_count = 0 diff --git a/tox.ini b/tox.ini index 837303998f..f25f7d5d9a 100644 --- a/tox.ini +++ b/tox.ini @@ -23,7 +23,6 @@ whitelist_externals = bash commands = python ./tools/process-templates.py - python ./network/endpoints/build_endpoint_map.py --check python ./tools/yaml-validate.py . bash -c ./tools/roles-data-validation.sh bash -c ./tools/check-up-to-date.sh diff --git a/tripleo_heat_templates/environment_generator.py b/tripleo_heat_templates/environment_generator.py index d2044d04a6..4a83d74649 100755 --- a/tripleo_heat_templates/environment_generator.py +++ b/tripleo_heat_templates/environment_generator.py @@ -198,6 +198,10 @@ def _generate_environment(input_env, output_path, parent_env=None): env_file.write(u'resource_registry:\n') for res, value in sorted(env.get('resource_registry', {}).items()): env_file.write(u' %s: %s\n' % (res, value)) + if env.get('parameter_merge_strategies'): + env_file.write(u'parameter_merge_strategies:\n') + for res, value in sorted(env.get('parameter_merge_strategies', {}).items()): + env_file.write(u' %s: %s\n' % (res, value)) print('Wrote sample environment "%s"' % target_file) for e in env.get('children', []):