Browse Source

Add panko api support to service templates

This integrates panko service api into tripleo heat templates.
By default, we will disable this service, an environment service
file is included to enable if needed.

Depends-On: I35f283bdf8dd0ed979c65633724f0464695130a4

Change-Id: I07da3030c6dc69cce7327b54091da15a0c58798e
changes/39/396439/4
Pradeep Kilambi 6 years ago
parent
commit
a2e0aa4d1c
  1. 2
      environments/services/panko.yaml
  2. 3
      environments/tls-endpoints-public-dns.yaml
  3. 3
      environments/tls-endpoints-public-ip.yaml
  4. 3
      environments/tls-everywhere-endpoints-dns.yaml
  5. 9
      network/endpoints/endpoint_data.yaml
  6. 246
      network/endpoints/endpoint_map.yaml
  7. 1
      network/service_net_map.j2.yaml
  8. 1
      overcloud-resource-registry-puppet.j2.yaml
  9. 7
      puppet/services/ceilometer-base.yaml
  10. 84
      puppet/services/panko-api.yaml
  11. 74
      puppet/services/panko-base.yaml
  12. 1
      roles_data.yaml

2
environments/services/panko.yaml

@ -0,0 +1,2 @@
resource_registry:
OS::TripleO::Services::PankoApi: ../../puppet/services/panko-api.yaml

3
environments/tls-endpoints-public-dns.yaml

@ -53,6 +53,9 @@ parameter_defaults:
NovaVNCProxyAdmin: {protocol: 'http', port: '6080', host: 'IP_ADDRESS'}
NovaVNCProxyInternal: {protocol: 'http', port: '6080', host: 'IP_ADDRESS'}
NovaVNCProxyPublic: {protocol: 'https', port: '13080', host: 'CLOUDNAME'}
PankoAdmin: {protocol: 'http', port: '8779', host: 'IP_ADDRESS'}
PankoInternal: {protocol: 'http', port: '8779', host: 'IP_ADDRESS'}
PankoPublic: {protocol: 'https', port: '13779', host: 'CLOUDNAME'}
SaharaAdmin: {protocol: 'http', port: '8386', host: 'IP_ADDRESS'}
SaharaInternal: {protocol: 'http', port: '8386', host: 'IP_ADDRESS'}
SaharaPublic: {protocol: 'https', port: '13386', host: 'CLOUDNAME'}

3
environments/tls-endpoints-public-ip.yaml

@ -53,6 +53,9 @@ parameter_defaults:
NovaVNCProxyAdmin: {protocol: 'http', port: '6080', host: 'IP_ADDRESS'}
NovaVNCProxyInternal: {protocol: 'http', port: '6080', host: 'IP_ADDRESS'}
NovaVNCProxyPublic: {protocol: 'https', port: '13080', host: 'IP_ADDRESS'}
PankoAdmin: {protocol: 'http', port: '8779', host: 'IP_ADDRESS'}
PankoInternal: {protocol: 'http', port: '8779', host: 'IP_ADDRESS'}
PankoPublic: {protocol: 'https', port: '13779', host: 'IP_ADDRESS'}
SaharaAdmin: {protocol: 'http', port: '8386', host: 'IP_ADDRESS'}
SaharaInternal: {protocol: 'http', port: '8386', host: 'IP_ADDRESS'}
SaharaPublic: {protocol: 'https', port: '13386', host: 'IP_ADDRESS'}

3
environments/tls-everywhere-endpoints-dns.yaml

@ -50,6 +50,9 @@ parameter_defaults:
NovaVNCProxyAdmin: {protocol: 'https', port: '6080', host: 'CLOUDNAME'}
NovaVNCProxyInternal: {protocol: 'https', port: '6080', host: 'CLOUDNAME'}
NovaVNCProxyPublic: {protocol: 'https', port: '13080', host: 'CLOUDNAME'}
PankoAdmin: {protocol: 'https', port: '8779', host: 'CLOUDNAME'}
PankoInternal: {protocol: 'https', port: '8779', host: 'CLOUDNAME'}
PankoPublic: {protocol: 'https', port: '13779', host: 'CLOUDNAME'}
SaharaAdmin: {protocol: 'https', port: '8386', host: 'CLOUDNAME'}
SaharaInternal: {protocol: 'https', port: '8386', host: 'CLOUDNAME'}
SaharaPublic: {protocol: 'https', port: '13386', host: 'CLOUDNAME'}

9
network/endpoints/endpoint_data.yaml

@ -37,6 +37,15 @@ Gnocchi:
net_param: GnocchiApi
port: 8041
Panko:
Internal:
net_param: PankoApi
Public:
net_param: Public
Admin:
net_param: PankoApi
port: 8779
Cinder:
Internal:
net_param: CinderApi

246
network/endpoints/endpoint_map.yaml

@ -70,6 +70,9 @@ parameters:
NovaVNCProxyAdmin: {protocol: http, port: '6080', host: IP_ADDRESS}
NovaVNCProxyInternal: {protocol: http, port: '6080', host: IP_ADDRESS}
NovaVNCProxyPublic: {protocol: http, port: '6080', host: IP_ADDRESS}
PankoAdmin: {protocol: http, port: '8779', host: IP_ADDRESS}
PankoInternal: {protocol: http, port: '8779', host: IP_ADDRESS}
PankoPublic: {protocol: http, port: '8779', host: IP_ADDRESS}
SaharaAdmin: {protocol: http, port: '8386', host: IP_ADDRESS}
SaharaInternal: {protocol: http, port: '8386', host: IP_ADDRESS}
SaharaPublic: {protocol: http, port: '8386', host: IP_ADDRESS}
@ -5311,6 +5314,249 @@ outputs:
template: NETWORK_uri
- ':'
- get_param: [EndpointMap, NovaVNCProxyPublic, port]
PankoAdmin:
host:
str_replace:
template:
get_param: [EndpointMap, PankoAdmin, host]
params:
CLOUDNAME:
get_param:
- CloudEndpoints
- get_param: [ServiceNetMap, PankoApiNetwork]
IP_ADDRESS:
get_param:
- NetIpMap
- str_replace:
params:
NETWORK:
get_param: [ServiceNetMap, PankoApiNetwork]
template: NETWORK_uri
host_nobrackets:
str_replace:
template:
get_param: [EndpointMap, PankoAdmin, host]
params:
CLOUDNAME:
get_param:
- CloudEndpoints
- get_param: [ServiceNetMap, PankoApiNetwork]
IP_ADDRESS:
get_param:
- NetIpMap
- get_param: [ServiceNetMap, PankoApiNetwork]
port:
get_param: [EndpointMap, PankoAdmin, port]
protocol:
get_param: [EndpointMap, PankoAdmin, protocol]
uri:
list_join:
- ''
- - get_param: [EndpointMap, PankoAdmin, protocol]
- ://
- str_replace:
template:
get_param: [EndpointMap, PankoAdmin, host]
params:
CLOUDNAME:
get_param:
- CloudEndpoints
- get_param: [ServiceNetMap, PankoApiNetwork]
IP_ADDRESS:
get_param:
- NetIpMap
- str_replace:
params:
NETWORK:
get_param: [ServiceNetMap, PankoApiNetwork]
template: NETWORK_uri
- ':'
- get_param: [EndpointMap, PankoAdmin, port]
uri_no_suffix:
list_join:
- ''
- - get_param: [EndpointMap, PankoAdmin, protocol]
- ://
- str_replace:
template:
get_param: [EndpointMap, PankoAdmin, host]
params:
CLOUDNAME:
get_param:
- CloudEndpoints
- get_param: [ServiceNetMap, PankoApiNetwork]
IP_ADDRESS:
get_param:
- NetIpMap
- str_replace:
params:
NETWORK:
get_param: [ServiceNetMap, PankoApiNetwork]
template: NETWORK_uri
- ':'
- get_param: [EndpointMap, PankoAdmin, port]
PankoInternal:
host:
str_replace:
template:
get_param: [EndpointMap, PankoInternal, host]
params:
CLOUDNAME:
get_param:
- CloudEndpoints
- get_param: [ServiceNetMap, PankoApiNetwork]
IP_ADDRESS:
get_param:
- NetIpMap
- str_replace:
params:
NETWORK:
get_param: [ServiceNetMap, PankoApiNetwork]
template: NETWORK_uri
host_nobrackets:
str_replace:
template:
get_param: [EndpointMap, PankoInternal, host]
params:
CLOUDNAME:
get_param:
- CloudEndpoints
- get_param: [ServiceNetMap, PankoApiNetwork]
IP_ADDRESS:
get_param:
- NetIpMap
- get_param: [ServiceNetMap, PankoApiNetwork]
port:
get_param: [EndpointMap, PankoInternal, port]
protocol:
get_param: [EndpointMap, PankoInternal, protocol]
uri:
list_join:
- ''
- - get_param: [EndpointMap, PankoInternal, protocol]
- ://
- str_replace:
template:
get_param: [EndpointMap, PankoInternal, host]
params:
CLOUDNAME:
get_param:
- CloudEndpoints
- get_param: [ServiceNetMap, PankoApiNetwork]
IP_ADDRESS:
get_param:
- NetIpMap
- str_replace:
params:
NETWORK:
get_param: [ServiceNetMap, PankoApiNetwork]
template: NETWORK_uri
- ':'
- get_param: [EndpointMap, PankoInternal, port]
uri_no_suffix:
list_join:
- ''
- - get_param: [EndpointMap, PankoInternal, protocol]
- ://
- str_replace:
template:
get_param: [EndpointMap, PankoInternal, host]
params:
CLOUDNAME:
get_param:
- CloudEndpoints
- get_param: [ServiceNetMap, PankoApiNetwork]
IP_ADDRESS:
get_param:
- NetIpMap
- str_replace:
params:
NETWORK:
get_param: [ServiceNetMap, PankoApiNetwork]
template: NETWORK_uri
- ':'
- get_param: [EndpointMap, PankoInternal, port]
PankoPublic:
host:
str_replace:
template:
get_param: [EndpointMap, PankoPublic, host]
params:
CLOUDNAME:
get_param:
- CloudEndpoints
- get_param: [ServiceNetMap, PublicNetwork]
IP_ADDRESS:
get_param:
- NetIpMap
- str_replace:
params:
NETWORK:
get_param: [ServiceNetMap, PublicNetwork]
template: NETWORK_uri
host_nobrackets:
str_replace:
template:
get_param: [EndpointMap, PankoPublic, host]
params:
CLOUDNAME:
get_param:
- CloudEndpoints
- get_param: [ServiceNetMap, PublicNetwork]
IP_ADDRESS:
get_param:
- NetIpMap
- get_param: [ServiceNetMap, PublicNetwork]
port:
get_param: [EndpointMap, PankoPublic, port]
protocol:
get_param: [EndpointMap, PankoPublic, protocol]
uri:
list_join:
- ''
- - get_param: [EndpointMap, PankoPublic, protocol]
- ://
- str_replace:
template:
get_param: [EndpointMap, PankoPublic, host]
params:
CLOUDNAME:
get_param:
- CloudEndpoints
- get_param: [ServiceNetMap, PublicNetwork]
IP_ADDRESS:
get_param:
- NetIpMap
- str_replace:
params:
NETWORK:
get_param: [ServiceNetMap, PublicNetwork]
template: NETWORK_uri
- ':'
- get_param: [EndpointMap, PankoPublic, port]
uri_no_suffix:
list_join:
- ''
- - get_param: [EndpointMap, PankoPublic, protocol]
- ://
- str_replace:
template:
get_param: [EndpointMap, PankoPublic, host]
params:
CLOUDNAME:
get_param:
- CloudEndpoints
- get_param: [ServiceNetMap, PublicNetwork]
IP_ADDRESS:
get_param:
- NetIpMap
- str_replace:
params:
NETWORK:
get_param: [ServiceNetMap, PublicNetwork]
template: NETWORK_uri
- ':'
- get_param: [EndpointMap, PankoPublic, port]
SaharaAdmin:
host:
str_replace:

1
network/service_net_map.j2.yaml

@ -25,6 +25,7 @@ parameters:
NeutronTenantNetwork: tenant
CeilometerApiNetwork: internal_api
AodhApiNetwork: internal_api
PankoApiNetwork: internal_api
BarbicanApiNetwork: internal_api
GnocchiApiNetwork: internal_api
MongodbNetwork: internal_api

1
overcloud-resource-registry-puppet.j2.yaml

@ -197,6 +197,7 @@ resource_registry:
OS::TripleO::Services::AodhEvaluator: puppet/services/aodh-evaluator.yaml
OS::TripleO::Services::AodhNotifier: puppet/services/aodh-notifier.yaml
OS::TripleO::Services::AodhListener: puppet/services/aodh-listener.yaml
OS::TripleO::Services::PankoApi: OS::Heat::None
OS::TripleO::Services::MistralEngine: OS::Heat::None
OS::TripleO::Services::MistralApi: OS::Heat::None
OS::TripleO::Services::MistralExecutor: OS::Heat::None

7
puppet/services/ceilometer-base.yaml

@ -36,6 +36,12 @@ parameters:
type: string
constraints:
- allowed_values: ['gnocchi', 'database']
CeilometerEventDispatcher:
default: ['gnocchi']
description: Comma-separated list of Dispatchers to process events data
type: comma_delimited_list
constraints:
- allowed_values: ['panko', 'gnocchi', 'database']
CeilometerWorkers:
default: 0
description: Number of workers for Ceilometer service.
@ -102,6 +108,7 @@ outputs:
ceilometer::agent::auth::auth_tenant_name: 'service'
ceilometer::agent::auth::auth_endpoint_type: 'internalURL'
ceilometer::collector::meter_dispatcher: {get_param: CeilometerMeterDispatcher}
ceilometer::collector::event_dispatcher: {get_param: CeilometerEventDispatcher}
ceilometer::dispatcher::gnocchi::url: {get_param: [EndpointMap, GnocchiInternal, uri]}
ceilometer::dispatcher::gnocchi::filter_project: 'service'
ceilometer::dispatcher::gnocchi::archive_policy: 'low'

84
puppet/services/panko-api.yaml

@ -0,0 +1,84 @@
heat_template_version: 2016-04-08
description: >
OpenStack Panko API service configured with Puppet
parameters:
ServiceNetMap:
default: {}
description: Mapping of service_name -> network name. Typically set
via parameter_defaults in the resource registry. This
mapping overrides those in ServiceNetMapDefaults.
type: json
DefaultPasswords:
default: {}
type: json
EndpointMap:
default: {}
description: Mapping of service endpoint -> protocol. Typically set
via parameter_defaults in the resource registry.
type: json
MonitoringSubscriptionPankoApi:
default: 'overcloud-ceilometer-panko-api'
type: string
EnableInternalTLS:
type: boolean
default: false
resources:
PankoBase:
type: ./panko-base.yaml
properties:
ServiceNetMap: {get_param: ServiceNetMap}
DefaultPasswords: {get_param: DefaultPasswords}
EndpointMap: {get_param: EndpointMap}
ApacheServiceBase:
type: ./apache.yaml
properties:
ServiceNetMap: {get_param: ServiceNetMap}
DefaultPasswords: {get_param: DefaultPasswords}
EndpointMap: {get_param: EndpointMap}
EnableInternalTLS: {get_param: EnableInternalTLS}
outputs:
role_data:
description: Role data for the Panko API service.
value:
service_name: panko_api
monitoring_subscription: {get_param: MonitoringSubscriptionPankoApi}
config_settings:
map_merge:
- get_attr: [PankoBase, role_data, config_settings]
- get_attr: [ApacheServiceBase, role_data, config_settings]
- panko::wsgi::apache::ssl: {get_param: EnableInternalTLS}
panko::wsgi::apache::servername:
str_replace:
template:
'"%{::fqdn_$NETWORK}"'
params:
$NETWORK: {get_param: [ServiceNetMap, PankoApiNetwork]}
panko::api::service_name: 'httpd'
panko::api::enable_proxy_headers_parsing: true
tripleo.panko_api.firewall_rules:
'140 panko-api':
dport:
- 8779
- 13779
panko::api::host:
str_replace:
template:
'"%{::fqdn_$NETWORK}"'
params:
$NETWORK: {get_param: [ServiceNetMap, PankoApiNetwork]}
# NOTE: bind IP is found in Heat replacing the network name with the
# local node IP for the given network; replacement examples
# (eg. for internal_api):
# internal_api -> IP
# internal_api_uri -> [IP]
# internal_api_subnet - > IP/CIDR
panko::wsgi::apache::bind_host: {get_param: [ServiceNetMap, PankoApiNetwork]}
service_config_settings:
get_attr: [PankoBase, role_data, service_config_settings]
step_config: |
include tripleo::profile::base::panko::api

74
puppet/services/panko-base.yaml

@ -0,0 +1,74 @@
heat_template_version: 2016-04-08
description: >
OpenStack Panko service configured with Puppet
parameters:
ServiceNetMap:
default: {}
description: Mapping of service_name -> network name. Typically set
via parameter_defaults in the resource registry. This
mapping overrides those in ServiceNetMapDefaults.
type: json
DefaultPasswords:
default: {}
type: json
EndpointMap:
default: {}
description: Mapping of service endpoint -> protocol. Typically set
via parameter_defaults in the resource registry.
type: json
PankoPassword:
description: The password for the panko services.
type: string
hidden: true
Debug:
default: ''
description: Set to True to enable debugging on all services.
type: string
KeystoneRegion:
type: string
default: 'regionOne'
description: Keystone region for endpoint
outputs:
role_data:
description: Role data for the Panko role.
value:
service_name: panko_base
config_settings:
panko_redis_password: {get_param: RedisPassword}
panko::db::database_connection:
list_join:
- ''
- - {get_param: [EndpointMap, MysqlInternal, protocol]}
- '://panko:'
- {get_param: PankoPassword}
- '@'
- {get_param: [EndpointMap, MysqlInternal, host]}
- '/panko'
panko::debug: {get_param: Debug}
panko::auth::auth_url: {get_param: [EndpointMap, KeystoneInternal, uri_no_suffix] }
panko::keystone::authtoken::project_name: 'service'
panko::keystone::authtoken::password: {get_param: PankoPassword}
panko::keystone::authtoken::auth_uri: {get_param: [EndpointMap, KeystoneInternal, uri] }
panko::keystone::authtoken::auth_url: { get_param: [EndpointMap, KeystoneAdmin, uri_no_suffix] }
panko::auth::auth_password: {get_param: PankoPassword}
panko::auth::auth_region: 'regionOne'
panko::auth::auth_tenant_name: 'service'
service_config_settings:
keystone:
panko::keystone::auth::public_url: {get_param: [EndpointMap, PankoPublic, uri]}
panko::keystone::auth::internal_url: {get_param: [EndpointMap, PankoInternal, uri]}
panko::keystone::auth::admin_url: {get_param: [EndpointMap, PankoAdmin, uri]}
panko::keystone::auth::password: {get_param: PankoPassword}
panko::keystone::auth::region: {get_param: KeystoneRegion}
panko::keystone::auth::tenant: 'service'
mysql:
panko::db::mysql::user: panko
panko::db::mysql::password: {get_param: PankoPassword}
panko::db::mysql::host: {get_param: [EndpointMap, MysqlInternal, host_nobrackets]}
panko::db::mysql::dbname: panko
panko::db::mysql::allowed_hosts:
- '%'
- "%{hiera('mysql_bind_host')}"

1
roles_data.yaml

@ -96,6 +96,7 @@
- OS::TripleO::Services::FluentdClient
- OS::TripleO::Services::VipHosts
- OS::TripleO::Services::BarbicanApi
- OS::TripleO::Services::PankoApi
- name: Compute
CountDefault: 1

Loading…
Cancel
Save