Browse Source

Designate Integration

Change-Id: I1ddefb7b6a6e1c7b0b76589b9f8f1b99776d39e8
Depends-On: I115090679bd2577cdc3998ab3cc97f9581e5e18a
bp designate-support
changes/98/518998/10
Ben Nemec 4 years ago
parent
commit
c45d027c43
  1. 3
      environments/ssl/tls-endpoints-public-dns.yaml
  2. 3
      environments/ssl/tls-endpoints-public-ip.yaml
  3. 3
      environments/ssl/tls-everywhere-endpoints-dns.yaml
  4. 3
      environments/tls-endpoints-public-dns.yaml
  5. 3
      environments/tls-endpoints-public-ip.yaml
  6. 3
      environments/tls-everywhere-endpoints-dns.yaml
  7. 9
      network/endpoints/endpoint_data.yaml
  8. 246
      network/endpoints/endpoint_map.yaml
  9. 1
      network/service_net_map.j2.yaml
  10. 6
      overcloud-resource-registry-puppet.j2.yaml
  11. 111
      puppet/services/designate-api.yaml
  12. 92
      puppet/services/designate-base.yaml
  13. 100
      puppet/services/designate-central.yaml
  14. 100
      puppet/services/designate-mdns.yaml
  15. 77
      puppet/services/designate-producer.yaml
  16. 77
      puppet/services/designate-sink.yaml
  17. 83
      puppet/services/designate-worker.yaml
  18. 6
      roles/Controller.yaml
  19. 6
      roles/ControllerAllNovaStandalone.yaml
  20. 6
      roles/ControllerNoCeph.yaml
  21. 6
      roles/ControllerOpenstack.yaml
  22. 6
      roles_data.yaml
  23. 9
      sample-env-generator/ssl.yaml

3
environments/ssl/tls-endpoints-public-dns.yaml

@ -30,6 +30,9 @@ parameter_defaults:
CongressAdmin: {protocol: 'http', port: '1789', host: 'IP_ADDRESS'}
CongressInternal: {protocol: 'http', port: '1789', host: 'IP_ADDRESS'}
CongressPublic: {protocol: 'https', port: '13789', host: 'CLOUDNAME'}
DesignateAdmin: {protocol: 'http', port: '9001', host: 'IP_ADDRESS'}
DesignateInternal: {protocol: 'http', port: '9001', host: 'IP_ADDRESS'}
DesignatePublic: {protocol: 'https', port: '13001', host: 'CLOUDNAME'}
DockerRegistryInternal: {protocol: 'https', port: '8787', host: 'CLOUDNAME'}
Ec2ApiAdmin: {protocol: 'http', port: '8788', host: 'IP_ADDRESS'}
Ec2ApiInternal: {protocol: 'http', port: '8788', host: 'IP_ADDRESS'}

3
environments/ssl/tls-endpoints-public-ip.yaml

@ -30,6 +30,9 @@ parameter_defaults:
CongressAdmin: {protocol: 'http', port: '1789', host: 'IP_ADDRESS'}
CongressInternal: {protocol: 'http', port: '1789', host: 'IP_ADDRESS'}
CongressPublic: {protocol: 'https', port: '13789', host: 'IP_ADDRESS'}
DesignateAdmin: {protocol: 'http', port: '9001', host: 'IP_ADDRESS'}
DesignateInternal: {protocol: 'http', port: '9001', host: 'IP_ADDRESS'}
DesignatePublic: {protocol: 'https', port: '13001', host: 'IP_ADDRESS'}
DockerRegistryInternal: {protocol: 'https', port: '8787', host: 'IP_ADDRESS'}
Ec2ApiAdmin: {protocol: 'http', port: '8788', host: 'IP_ADDRESS'}
Ec2ApiInternal: {protocol: 'http', port: '8788', host: 'IP_ADDRESS'}

3
environments/ssl/tls-everywhere-endpoints-dns.yaml

@ -30,6 +30,9 @@ parameter_defaults:
CongressAdmin: {protocol: 'https', port: '1789', host: 'CLOUDNAME'}
CongressInternal: {protocol: 'https', port: '1789', host: 'CLOUDNAME'}
CongressPublic: {protocol: 'https', port: '13789', host: 'CLOUDNAME'}
DesignateAdmin: {protocol: 'https', port: '9001', host: 'CLOUDNAME'}
DesignateInternal: {protocol: 'https', port: '9001', host: 'CLOUDNAME'}
DesignatePublic: {protocol: 'https', port: '13001', host: 'CLOUDNAME'}
DockerRegistryInternal: {protocol: 'https', port: '8787', host: 'CLOUDNAME'}
Ec2ApiAdmin: {protocol: 'https', port: '8788', host: 'CLOUDNAME'}
Ec2ApiInternal: {protocol: 'https', port: '8788', host: 'CLOUDNAME'}

3
environments/tls-endpoints-public-dns.yaml

@ -24,6 +24,9 @@ parameter_defaults:
CongressAdmin: {protocol: 'http', port: '1789', host: 'IP_ADDRESS'}
CongressInternal: {protocol: 'http', port: '1789', host: 'IP_ADDRESS'}
CongressPublic: {protocol: 'https', port: '13789', host: 'CLOUDNAME'}
DesignateAdmin: {protocol: 'http', port: '9001', host: 'IP_ADDRESS'}
DesignateInternal: {protocol: 'http', port: '9001', host: 'IP_ADDRESS'}
DesignatePublic: {protocol: 'https', port: '13001', host: 'CLOUDNAME'}
DockerRegistryInternal: {protocol: 'https', port: '8787', host: 'CLOUDNAME'}
Ec2ApiAdmin: {protocol: 'http', port: '8788', host: 'IP_ADDRESS'}
Ec2ApiInternal: {protocol: 'http', port: '8788', host: 'IP_ADDRESS'}

3
environments/tls-endpoints-public-ip.yaml

@ -24,6 +24,9 @@ parameter_defaults:
CongressAdmin: {protocol: 'http', port: '1789', host: 'IP_ADDRESS'}
CongressInternal: {protocol: 'http', port: '1789', host: 'IP_ADDRESS'}
CongressPublic: {protocol: 'https', port: '13789', host: 'IP_ADDRESS'}
DesignateAdmin: {protocol: 'http', port: '9001', host: 'IP_ADDRESS'}
DesignateInternal: {protocol: 'http', port: '9001', host: 'IP_ADDRESS'}
DesignatePublic: {protocol: 'https', port: '13001', host: 'IP_ADDRESS'}
DockerRegistryInternal: {protocol: 'https', port: '8787', host: 'IP_ADDRESS'}
Ec2ApiAdmin: {protocol: 'http', port: '8788', host: 'IP_ADDRESS'}
Ec2ApiInternal: {protocol: 'http', port: '8788', host: 'IP_ADDRESS'}

3
environments/tls-everywhere-endpoints-dns.yaml

@ -20,6 +20,9 @@ parameter_defaults:
CongressAdmin: {protocol: 'https', port: '1789', host: 'CLOUDNAME'}
CongressInternal: {protocol: 'https', port: '1789', host: 'CLOUDNAME'}
CongressPublic: {protocol: 'https', port: '13789', host: 'CLOUDNAME'}
DesignateAdmin: {protocol: 'https', port: '9001', host: 'CLOUDNAME'}
DesignateInternal: {protocol: 'https', port: '9001', host: 'CLOUDNAME'}
DesignatePublic: {protocol: 'https', port: '13001', host: 'CLOUDNAME'}
DockerRegistryInternal: {protocol: 'https', port: '8787', host: 'CLOUDNAME'}
Ec2ApiAdmin: {protocol: 'https', port: '8788', host: 'CLOUDNAME'}
Ec2ApiInternal: {protocol: 'https', port: '8788', host: 'CLOUDNAME'}

9
network/endpoints/endpoint_data.yaml

@ -28,6 +28,15 @@ Ceilometer:
net_param: CeilometerApi
port: 8777
Designate:
Internal:
net_param: DesignateApi
Public:
net_param: Public
Admin:
net_param: DesignateApi
port: 9001
Ec2Api:
Internal:
net_param: Ec2Api

246
network/endpoints/endpoint_map.yaml

@ -37,6 +37,9 @@ parameters:
CongressAdmin: {protocol: http, port: '1789', host: IP_ADDRESS}
CongressInternal: {protocol: http, port: '1789', host: IP_ADDRESS}
CongressPublic: {protocol: http, port: '1789', host: IP_ADDRESS}
DesignateAdmin: {protocol: http, port: '9001', host: IP_ADDRESS}
DesignateInternal: {protocol: http, port: '9001', host: IP_ADDRESS}
DesignatePublic: {protocol: http, port: '9001', host: IP_ADDRESS}
DockerRegistryInternal: {protocol: http, port: '8787', host: IP_ADDRESS}
Ec2ApiAdmin: {protocol: http, port: '8788', host: IP_ADDRESS}
Ec2ApiInternal: {protocol: http, port: '8788', host: IP_ADDRESS}
@ -2107,6 +2110,249 @@ outputs:
template: NETWORK_uri
port:
get_param: [EndpointMap, CongressPublic, port]
DesignateAdmin:
host:
str_replace:
template:
get_param: [EndpointMap, DesignateAdmin, host]
params:
CLOUDNAME:
get_param:
- CloudEndpoints
- get_param: [ServiceNetMap, DesignateApiNetwork]
IP_ADDRESS:
get_param:
- NetIpMap
- str_replace:
params:
NETWORK:
get_param: [ServiceNetMap, DesignateApiNetwork]
template: NETWORK_uri
host_nobrackets:
str_replace:
template:
get_param: [EndpointMap, DesignateAdmin, host]
params:
CLOUDNAME:
get_param:
- CloudEndpoints
- get_param: [ServiceNetMap, DesignateApiNetwork]
IP_ADDRESS:
get_param:
- NetIpMap
- get_param: [ServiceNetMap, DesignateApiNetwork]
port:
get_param: [EndpointMap, DesignateAdmin, port]
protocol:
get_param: [EndpointMap, DesignateAdmin, protocol]
uri:
make_url:
scheme:
get_param: [EndpointMap, DesignateAdmin, protocol]
host:
str_replace:
template:
get_param: [EndpointMap, DesignateAdmin, host]
params:
CLOUDNAME:
get_param:
- CloudEndpoints
- get_param: [ServiceNetMap, DesignateApiNetwork]
IP_ADDRESS:
get_param:
- NetIpMap
- str_replace:
params:
NETWORK:
get_param: [ServiceNetMap, DesignateApiNetwork]
template: NETWORK_uri
port:
get_param: [EndpointMap, DesignateAdmin, port]
uri_no_suffix:
make_url:
scheme:
get_param: [EndpointMap, DesignateAdmin, protocol]
host:
str_replace:
template:
get_param: [EndpointMap, DesignateAdmin, host]
params:
CLOUDNAME:
get_param:
- CloudEndpoints
- get_param: [ServiceNetMap, DesignateApiNetwork]
IP_ADDRESS:
get_param:
- NetIpMap
- str_replace:
params:
NETWORK:
get_param: [ServiceNetMap, DesignateApiNetwork]
template: NETWORK_uri
port:
get_param: [EndpointMap, DesignateAdmin, port]
DesignateInternal:
host:
str_replace:
template:
get_param: [EndpointMap, DesignateInternal, host]
params:
CLOUDNAME:
get_param:
- CloudEndpoints
- get_param: [ServiceNetMap, DesignateApiNetwork]
IP_ADDRESS:
get_param:
- NetIpMap
- str_replace:
params:
NETWORK:
get_param: [ServiceNetMap, DesignateApiNetwork]
template: NETWORK_uri
host_nobrackets:
str_replace:
template:
get_param: [EndpointMap, DesignateInternal, host]
params:
CLOUDNAME:
get_param:
- CloudEndpoints
- get_param: [ServiceNetMap, DesignateApiNetwork]
IP_ADDRESS:
get_param:
- NetIpMap
- get_param: [ServiceNetMap, DesignateApiNetwork]
port:
get_param: [EndpointMap, DesignateInternal, port]
protocol:
get_param: [EndpointMap, DesignateInternal, protocol]
uri:
make_url:
scheme:
get_param: [EndpointMap, DesignateInternal, protocol]
host:
str_replace:
template:
get_param: [EndpointMap, DesignateInternal, host]
params:
CLOUDNAME:
get_param:
- CloudEndpoints
- get_param: [ServiceNetMap, DesignateApiNetwork]
IP_ADDRESS:
get_param:
- NetIpMap
- str_replace:
params:
NETWORK:
get_param: [ServiceNetMap, DesignateApiNetwork]
template: NETWORK_uri
port:
get_param: [EndpointMap, DesignateInternal, port]
uri_no_suffix:
make_url:
scheme:
get_param: [EndpointMap, DesignateInternal, protocol]
host:
str_replace:
template:
get_param: [EndpointMap, DesignateInternal, host]
params:
CLOUDNAME:
get_param:
- CloudEndpoints
- get_param: [ServiceNetMap, DesignateApiNetwork]
IP_ADDRESS:
get_param:
- NetIpMap
- str_replace:
params:
NETWORK:
get_param: [ServiceNetMap, DesignateApiNetwork]
template: NETWORK_uri
port:
get_param: [EndpointMap, DesignateInternal, port]
DesignatePublic:
host:
str_replace:
template:
get_param: [EndpointMap, DesignatePublic, host]
params:
CLOUDNAME:
get_param:
- CloudEndpoints
- get_param: [ServiceNetMap, PublicNetwork]
IP_ADDRESS:
get_param:
- NetIpMap
- str_replace:
params:
NETWORK:
get_param: [ServiceNetMap, PublicNetwork]
template: NETWORK_uri
host_nobrackets:
str_replace:
template:
get_param: [EndpointMap, DesignatePublic, host]
params:
CLOUDNAME:
get_param:
- CloudEndpoints
- get_param: [ServiceNetMap, PublicNetwork]
IP_ADDRESS:
get_param:
- NetIpMap
- get_param: [ServiceNetMap, PublicNetwork]
port:
get_param: [EndpointMap, DesignatePublic, port]
protocol:
get_param: [EndpointMap, DesignatePublic, protocol]
uri:
make_url:
scheme:
get_param: [EndpointMap, DesignatePublic, protocol]
host:
str_replace:
template:
get_param: [EndpointMap, DesignatePublic, host]
params:
CLOUDNAME:
get_param:
- CloudEndpoints
- get_param: [ServiceNetMap, PublicNetwork]
IP_ADDRESS:
get_param:
- NetIpMap
- str_replace:
params:
NETWORK:
get_param: [ServiceNetMap, PublicNetwork]
template: NETWORK_uri
port:
get_param: [EndpointMap, DesignatePublic, port]
uri_no_suffix:
make_url:
scheme:
get_param: [EndpointMap, DesignatePublic, protocol]
host:
str_replace:
template:
get_param: [EndpointMap, DesignatePublic, host]
params:
CLOUDNAME:
get_param:
- CloudEndpoints
- get_param: [ServiceNetMap, PublicNetwork]
IP_ADDRESS:
get_param:
- NetIpMap
- str_replace:
params:
NETWORK:
get_param: [ServiceNetMap, PublicNetwork]
template: NETWORK_uri
port:
get_param: [EndpointMap, DesignatePublic, port]
DockerRegistryInternal:
host:
str_replace:

1
network/service_net_map.j2.yaml

@ -78,6 +78,7 @@ parameters:
DockerRegistryNetwork: ctlplane
PacemakerRemoteNetwork: internal_api
TripleoUINetwork: internal_api
DesignateApiNetwork: internal_api
# We special-case the default ResolveNetwork for the CephStorage role
# for backwards compatibility, all other roles default to internal_api
CephStorageHostnameResolveNetwork: storage

6
overcloud-resource-registry-puppet.j2.yaml

@ -318,6 +318,12 @@ resource_registry:
OS::TripleO::Services::LoginDefs: OS::Heat::None
OS::TripleO::Services::ComputeInstanceHA: OS::Heat::None
OS::TripleO::Services::Ptp: OS::Heat::None
OS::TripleO::Services::DesignateApi: OS::Heat::None
OS::TripleO::Services::DesignateCentral: OS::Heat::None
OS::TripleO::Services::DesignateProducer: OS::Heat::None
OS::TripleO::Services::DesignateWorker: OS::Heat::None
OS::TripleO::Services::DesignateMDNS: OS::Heat::None
OS::TripleO::Services::DesignateSink: OS::Heat::None
# Default Neutron ML2 puppet plugin to use when NeutronCorePlugin is set to ML2
OS::TripleO::Docker::NeutronMl2PluginBase: puppet/services/neutron-plugin-ml2.yaml

111
puppet/services/designate-api.yaml

@ -0,0 +1,111 @@
heat_template_version: queens
description: >
OpenStack Designate API service.
parameters:
ServiceData:
default: {}
description: Dictionary packing service data
type: json
ServiceNetMap:
default: {}
description: Mapping of service_name -> network name. Typically set
via parameter_defaults in the resource registry. This
mapping overrides those in ServiceNetMapDefaults.
type: json
DefaultPasswords:
default: {}
type: json
RoleName:
default: ''
description: Role name on which the service is applied
type: string
RoleParameters:
default: {}
description: Parameters specific to the role
type: json
EndpointMap:
default: {}
description: Mapping of service endpoint -> protocol. Typically set
via parameter_defaults in the resource registry.
type: json
DesignatePassword:
description: The password for the Designate's database account.
type: string
hidden: true
KeystoneRegion:
type: string
default: 'regionOne'
description: Keystone region for endpoint
MonitoringSubscriptionDesignateApi:
default: 'overcloud-designate-api'
type: string
DesignateApiLoggingSource:
type: json
default:
tag: openstack.designate.api
path: /var/log/designate/api.log
DesignateWorkers:
default: 0
description: Number of workers for Designate services.
type: number
conditions:
designate_workers_zero: {equals : [{get_param: DesignateWorkers}, 0]}
resources:
DesignateBase:
type: ./designate-base.yaml
properties:
ServiceData: {get_param: ServiceData}
ServiceNetMap: {get_param: ServiceNetMap}
DefaultPasswords: {get_param: DefaultPasswords}
EndpointMap: {get_param: EndpointMap}
RoleName: {get_param: RoleName}
RoleParameters: {get_param: RoleParameters}
outputs:
role_data:
description: Role data for the Designate API service.
value:
service_name: designate_api
monitoring_subscription: {get_param: MonitoringSubscriptionDesignateApi}
logging_source: {get_param: DesignateApiLoggingSource}
logging_groups:
- designate
config_settings:
map_merge:
- get_attr: [DesignateBase, role_data, config_settings]
- designate::keystone::authtoken::auth_uri: {get_param: [EndpointMap, KeystoneInternal, uri] }
designate::keystone::authtoken::auth_url: {get_param: [EndpointMap, KeystoneInternal, uri_no_suffix]}
designate::keystone::authtoken::project_name: 'service'
designate::keystone::authtoken::password: {get_param: DesignatePassword}
tripleo::profile::base::designate::api::listen_ip:
str_replace:
template:
"%{hiera('$NETWORK')}"
params:
$NETWORK: {get_param: [ServiceNetMap, DesignateApiNetwork]}
tripleo::profile::base::designate::api::listen_port: 9001
tripleo.designate_api.firewall_rules:
'139 designate api':
dport:
- 9001
- 13001
-
if:
- designate_workers_zero
- {}
- designate::api::workers: {get_param: DesignateWorkers}
step_config: |
include tripleo::profile::base::designate::api
service_config_settings:
keystone:
designate::keystone::auth::tenant: 'service'
designate::keystone::auth::public_url: {get_param: [EndpointMap, DesignatePublic, uri]}
designate::keystone::auth::internal_url: { get_param: [ EndpointMap, DesignateInternal, uri ] }
designate::keystone::auth::admin_url: { get_param: [ EndpointMap, DesignateAdmin, uri ] }
designate::keystone::auth::password: {get_param: DesignatePassword}
designate::keystone::auth::region: {get_param: KeystoneRegion}

92
puppet/services/designate-base.yaml

@ -0,0 +1,92 @@
heat_template_version: queens
description: >
OpenStack Designate base service. Shared for all Designate services
parameters:
ServiceData:
default: {}
description: Dictionary packing service data
type: json
ServiceNetMap:
default: {}
description: Mapping of service_name -> network name. Typically set
via parameter_defaults in the resource registry. This
mapping overrides those in ServiceNetMapDefaults.
type: json
DefaultPasswords:
default: {}
type: json
RoleName:
default: ''
description: Role name on which the service is applied
type: string
RoleParameters:
default: {}
description: Parameters specific to the role
type: json
EndpointMap:
default: {}
description: Mapping of service endpoint -> protocol. Typically set
via parameter_defaults in the resource registry.
type: json
Debug:
type: boolean
default: false
description: Set to True to enable debugging on all services.
DesignateDebug:
default: ''
description: Set to True to enable debugging Designate services.
type: string
EnableConfigPurge:
type: boolean
default: false
description: >
Remove configuration that is not generated by TripleO. Used to avoid
configuration remnants after upgrades.
RabbitPassword:
description: The password for RabbitMQ
type: string
hidden: true
RabbitUserName:
default: guest
description: The username for RabbitMQ
type: string
RabbitClientUseSSL:
default: false
description: >
Rabbit client subscriber parameter to specify
an SSL connection to the RabbitMQ host.
type: string
RabbitClientPort:
default: 5672
description: Set rabbit subscriber port, change this if using SSL
type: number
NotificationDriver:
type: string
default: 'messagingv2'
description: Driver or drivers to handle sending notifications.
constraints:
- allowed_values: [ 'messagingv2', 'noop' ]
conditions:
service_debug_unset: {equals : [{get_param: DesignateDebug}, '']}
outputs:
role_data:
description: Base role data for Designate services
value:
service_name: designate_base
config_settings:
designate::debug:
if:
- service_debug_unset
- {get_param: Debug }
- {get_param: DesignateDebug }
designate::purge_config: {get_param: EnableConfigPurge}
designate::notification_driver: {get_param: NotificationDriver}
designate::rabbit_use_ssl: {get_param: RabbitClientUseSSL}
designate::rabbit_userid: {get_param: RabbitUserName}
designate::rabbit_password: {get_param: RabbitPassword}
designate::rabbit_port: {get_param: RabbitClientPort}

100
puppet/services/designate-central.yaml

@ -0,0 +1,100 @@
heat_template_version: queens
description: >
OpenStack Designate Central service configured with Puppet
parameters:
ServiceData:
default: {}
description: Dictionary packing service data
type: json
ServiceNetMap:
default: {}
description: Mapping of service_name -> network name. Typically set
via parameter_defaults in the resource registry. This
mapping overrides those in ServiceNetMapDefaults.
type: json
DefaultPasswords:
default: {}
type: json
RoleName:
default: ''
description: Role name on which the service is applied
type: string
RoleParameters:
default: {}
description: Parameters specific to the role
type: json
EndpointMap:
default: {}
description: Mapping of service endpoint -> protocol. Typically set
via parameter_defaults in the resource registry.
type: json
MonitoringSubscriptionDesignateCentral:
default: 'overcloud-designate-central'
type: string
DesignateCentralLoggingSource:
type: json
default:
tag: openstack.designate.central
path: /var/log/designate/designate-central.log
DesignateWorkers:
default: 0
description: Number of workers for Designate services.
type: number
DesignatePassword:
description: The password for the Designate's database account.
type: string
hidden: true
conditions:
designate_workers_zero: {equals : [{get_param: DesignateWorkers}, 0]}
resources:
DesignateBase:
type: ./designate-base.yaml
properties:
ServiceData: {get_param: ServiceData}
ServiceNetMap: {get_param: ServiceNetMap}
DefaultPasswords: {get_param: DefaultPasswords}
EndpointMap: {get_param: EndpointMap}
RoleName: {get_param: RoleName}
RoleParameters: {get_param: RoleParameters}
outputs:
role_data:
description: Role data for the Designate Central service.
value:
service_name: designate_central
monitoring_subscription: {get_param: MonitoringSubscriptionDesignateCentral}
logging_source: {get_param: DesignateCentralLoggingSource}
logging_groups:
- designate
config_settings:
map_merge:
- get_attr: [DesignateBase, role_data, config_settings]
- designate::db::database_connection:
make_url:
scheme: {get_param: [EndpointMap, MysqlInternal, protocol]}
username: designate
password: {get_param: DesignatePassword}
host: {get_param: [EndpointMap, MysqlInternal, host]}
path: /designate
query:
read_default_file: /etc/my.cnf.d/tripleo.cnf
read_default_group: tripleo
-
if:
- designate_workers_zero
- {}
- designate::central::workers: {get_param: DesignateWorkers}
step_config: |
include tripleo::profile::base::designate::central
service_config_settings:
mysql:
designate::db::mysql::password: {get_param: DesignatePassword}
designate::db::mysql::user: designate
designate::db::mysql::host: {get_param: [EndpointMap, MysqlInternal, host_nobrackets]}
designate::db::mysql::dbname: designate
designate::db::mysql::allowed_hosts:
- '%'
- "%{hiera('mysql_bind_host')}"

100
puppet/services/designate-mdns.yaml

@ -0,0 +1,100 @@
heat_template_version: queens
description: >
OpenStack Designate MiniDNS service configured with Puppet
parameters:
ServiceData:
default: {}
description: Dictionary packing service data
type: json
ServiceNetMap:
default: {}
description: Mapping of service_name -> network name. Typically set
via parameter_defaults in the resource registry. This
mapping overrides those in ServiceNetMapDefaults.
type: json
DefaultPasswords:
default: {}
type: json
RoleName:
default: ''
description: Role name on which the service is applied
type: string
RoleParameters:
default: {}
description: Parameters specific to the role
type: json
EndpointMap:
default: {}
description: Mapping of service endpoint -> protocol. Typically set
via parameter_defaults in the resource registry.
type: json
MonitoringSubscriptionDesignateMiniDNS:
default: 'overcloud-designate-mdns'
type: string
DesignateMiniDNSLoggingSource:
type: json
default:
tag: openstack.designate.mdns
path: /var/log/designate/designate-mdns.log
DesignateWorkers:
default: 0
description: Number of workers for Designate services.
type: number
DesignatePassword:
description: The password for the Designate's database account.
type: string
hidden: true
conditions:
designate_workers_zero: {equals : [{get_param: DesignateWorkers}, 0]}
resources:
DesignateBase:
type: ./designate-base.yaml
properties:
ServiceData: {get_param: ServiceData}
ServiceNetMap: {get_param: ServiceNetMap}
DefaultPasswords: {get_param: DefaultPasswords}
EndpointMap: {get_param: EndpointMap}
RoleName: {get_param: RoleName}
RoleParameters: {get_param: RoleParameters}
outputs:
role_data:
description: Role data for the Designate MiniDNS service.
value:
service_name: designate_mdns
monitoring_subscription: {get_param: MonitoringSubscriptionDesignateMiniDNS}
logging_source: {get_param: DesignateMiniDNSLoggingSource}
logging_groups:
- designate
config_settings:
map_merge:
- get_attr: [DesignateBase, role_data, config_settings]
- designate::db::database_connection:
make_url:
scheme: {get_param: [EndpointMap, MysqlInternal, protocol]}
username: designate
password: {get_param: DesignatePassword}
host: {get_param: [EndpointMap, MysqlInternal, host]}
path: /designate
query:
read_default_file: /etc/my.cnf.d/tripleo.cnf
read_default_group: tripleo
-
if:
- designate_workers_zero
- {}
- designate::mdns::workers: {get_param: DesignateWorkers}
step_config: |
include tripleo::profile::base::designate::mdns
service_config_settings:
mysql:
designate::db::mysql::password: {get_param: DesignatePassword}
designate::db::mysql::user: designate
designate::db::mysql::host: {get_param: [EndpointMap, MysqlInternal, host_nobrackets]}
designate::db::mysql::dbname: designate
designate::db::mysql::allowed_hosts:
- '%'
- "%{hiera('mysql_bind_host')}"

77
puppet/services/designate-producer.yaml

@ -0,0 +1,77 @@
heat_template_version: queens
description: >
OpenStack Designate Producer service configured with Puppet
parameters:
ServiceData:
default: {}
description: Dictionary packing service data
type: json
ServiceNetMap:
default: {}
description: Mapping of service_name -> network name. Typically set
via parameter_defaults in the resource registry. This
mapping overrides those in ServiceNetMapDefaults.
type: json
DefaultPasswords:
default: {}
type: json
RoleName:
default: ''
description: Role name on which the service is applied
type: string
RoleParameters:
default: {}
description: Parameters specific to the role
type: json
EndpointMap:
default: {}
description: Mapping of service endpoint -> protocol. Typically set
via parameter_defaults in the resource registry.
type: json
MonitoringSubscriptionDesignateProducer:
default: 'overcloud-designate-producer'
type: string
DesignateProducerLoggingSource:
type: json
default:
tag: openstack.designate.producer
path: /var/log/designate/designate-producer.log
DesignateWorkers:
default: 0
description: Number of workers for Designate services.
type: number
conditions:
designate_workers_zero: {equals : [{get_param: DesignateWorkers}, 0]}
resources:
DesignateBase:
type: ./designate-base.yaml
properties:
ServiceData: {get_param: ServiceData}
ServiceNetMap: {get_param: ServiceNetMap}
DefaultPasswords: {get_param: DefaultPasswords}
EndpointMap: {get_param: EndpointMap}
RoleName: {get_param: RoleName}
RoleParameters: {get_param: RoleParameters}
outputs:
role_data:
description: Role data for the Designate Producer service.
value:
service_name: designate_producer
monitoring_subscription: {get_param: MonitoringSubscriptionDesignateProducer}
logging_source: {get_param: DesignateProducerLoggingSource}
logging_groups:
- designate
config_settings:
map_merge:
- get_attr: [DesignateBase, role_data, config_settings]
-
if:
- designate_workers_zero
- {}
- designate::producer::workers: {get_param: DesignateWorkers}
step_config: |
include tripleo::profile::base::designate::producer

77
puppet/services/designate-sink.yaml

@ -0,0 +1,77 @@
heat_template_version: queens
description: >
OpenStack Designate Sink service configured with Puppet
parameters:
ServiceData:
default: {}
description: Dictionary packing service data
type: json
ServiceNetMap:
default: {}
description: Mapping of service_name -> network name. Typically set
via parameter_defaults in the resource registry. This
mapping overrides those in ServiceNetMapDefaults.
type: json
DefaultPasswords:
default: {}
type: json
RoleName:
default: ''
description: Role name on which the service is applied
type: string
RoleParameters:
default: {}
description: Parameters specific to the role
type: json
EndpointMap:
default: {}
description: Mapping of service endpoint -> protocol. Typically set
via parameter_defaults in the resource registry.
type: json
MonitoringSubscriptionDesignateSink:
default: 'overcloud-designate-sink'
type: string
DesignateSinkLoggingSource:
type: json
default:
tag: openstack.designate.sink
path: /var/log/designate/designate-sink.log
DesignateWorkers:
default: 0
description: Number of workers for Designate services.
type: number
conditions:
designate_workers_zero: {equals : [{get_param: DesignateWorkers}, 0]}
resources:
DesignateBase:
type: ./designate-base.yaml
properties:
ServiceData: {get_param: ServiceData}
ServiceNetMap: {get_param: ServiceNetMap}
DefaultPasswords: {get_param: DefaultPasswords}
EndpointMap: {get_param: EndpointMap}
RoleName: {get_param: RoleName}
RoleParameters: {get_param: RoleParameters}
outputs:
role_data:
description: Role data for the Designate Sink service.
value:
service_name: designate_sink
monitoring_subscription: {get_param: MonitoringSubscriptionDesignateSink}
logging_source: {get_param: DesignateSinkLoggingSource}
logging_groups:
- designate
config_settings:
map_merge:
- get_attr: [DesignateBase, role_data, config_settings]
-
if:
- designate_workers_zero
- {}
- designate::sink::workers: {get_param: DesignateWorkers}
step_config: |
include tripleo::profile::base::designate::sink

83
puppet/services/designate-worker.yaml

@ -0,0 +1,83 @@
heat_template_version: queens
description: >
OpenStack Designate Worker service configured with Puppet
parameters:
ServiceData:
default: {}
description: Dictionary packing service data
type: json
ServiceNetMap:
default: {}
description: Mapping of service_name -> network name. Typically set
via parameter_defaults in the resource registry. This
mapping overrides those in ServiceNetMapDefaults.
type: json
DefaultPasswords:
default: {}
type: json
RoleName:
default: ''
description: Role name on which the service is applied
type: string
RoleParameters:
default: {}
description: Parameters specific to the role
type: json
EndpointMap:
default: {}
description: Mapping of service endpoint -> protocol. Typically set
via parameter_defaults in the resource registry.
type: json
MonitoringSubscriptionDesignateWorker:
default: 'overcloud-designate-worker'
type: string
DesignateWorkerLoggingSource:
type: json
default:
tag: openstack.designate.worker
path: /var/log/designate/designate-worker.log
DesignateWorkers:
default: 0
description: Number of workers for Designate services.
type: number
conditions:
designate_workers_zero: {equals : [{get_param: DesignateWorkers}, 0]}
resources:
DesignateBase:
type: ./designate-base.yaml
properties:
ServiceData: {get_param: ServiceData}
ServiceNetMap: {get_param: ServiceNetMap}
DefaultPasswords: {get_param: DefaultPasswords}
EndpointMap: {get_param: EndpointMap}
RoleName: {get_param: RoleName}
RoleParameters: {get_param: RoleParameters}
outputs:
role_data:
description: Role data for the Designate Worker service.
value:
service_name: designate_worker
monitoring_subscription: {get_param: MonitoringSubscriptionDesignateWorker}
logging_source: {get_param: DesignateWorkerLoggingSource}
logging_groups:
- designate
config_settings:
map_merge:
- get_attr: [DesignateBase, role_data, config_settings]
-
if:
- designate_workers_zero
- {}
- designate::worker::workers: {get_param: DesignateWorkers}
designate::worker::worker_notify: true
tripleo.bind.firewall_rules:
'140 bind':
dport:
- 53
- 953
step_config: |
include tripleo::profile::base::designate::worker

6
roles/Controller.yaml

@ -68,6 +68,12 @@
- OS::TripleO::Services::Clustercheck
- OS::TripleO::Services::Collectd
- OS::TripleO::Services::Congress
- OS::TripleO::Services::DesignateApi
- OS::TripleO::Services::DesignateCentral
- OS::TripleO::Services::DesignateProducer
- OS::TripleO::Services::DesignateWorker
- OS::TripleO::Services::DesignateMDNS
- OS::TripleO::Services::DesignateSink
- OS::TripleO::Services::Docker
- OS::TripleO::Services::Ec2Api
- OS::TripleO::Services::Etcd

6
roles/ControllerAllNovaStandalone.yaml

@ -45,6 +45,12 @@
- OS::TripleO::Services::CinderVolume
- OS::TripleO::Services::Collectd
- OS::TripleO::Services::Congress
- OS::TripleO::Services::DesignateApi
- OS::TripleO::Services::DesignateCentral
- OS::TripleO::Services::DesignateProducer
- OS::TripleO::Services::DesignateWorker
- OS::TripleO::Services::DesignateMDNS
- OS::TripleO::Services::DesignateSink
- OS::TripleO::Services::Docker
- OS::TripleO::Services::Etcd
- OS::TripleO::Services::Fluentd

6
roles/ControllerNoCeph.yaml

@ -61,6 +61,12 @@
- OS::TripleO::Services::Clustercheck
- OS::TripleO::Services::Collectd
- OS::TripleO::Services::Congress
- OS::TripleO::Services::DesignateApi
- OS::TripleO::Services::DesignateCentral
- OS::TripleO::Services::DesignateProducer
- OS::TripleO::Services::DesignateWorker
- OS::TripleO::Services::DesignateMDNS
- OS::TripleO::Services::DesignateSink
- OS::TripleO::Services::Docker
- OS::TripleO::Services::Ec2Api
- OS::TripleO::Services::Etcd

6
roles/ControllerOpenstack.yaml

@ -49,6 +49,12 @@
- OS::TripleO::Services::CinderVolume
- OS::TripleO::Services::Collectd
- OS::TripleO::Services::Congress
- OS::TripleO::Services::DesignateApi
- OS::TripleO::Services::DesignateCentral
- OS::TripleO::Services::DesignateProducer
- OS::TripleO::Services::DesignateWorker
- OS::TripleO::Services::DesignateMDNS
- OS::TripleO::Services::DesignateSink
- OS::TripleO::Services::Docker
- OS::TripleO::Services::Ec2Api
- OS::TripleO::Services::Etcd

6
roles_data.yaml

@ -71,6 +71,12 @@
- OS::TripleO::Services::Clustercheck
- OS::TripleO::Services::Collectd
- OS::TripleO::Services::Congress
- OS::TripleO::Services::DesignateApi
- OS::TripleO::Services::DesignateCentral
- OS::TripleO::Services::DesignateProducer
- OS::TripleO::Services::DesignateWorker
- OS::TripleO::Services::DesignateMDNS
- OS::TripleO::Services::DesignateSink
- OS::TripleO::Services::Docker
- OS::TripleO::Services::Ec2Api
- OS::TripleO::Services::Etcd

9
sample-env-generator/ssl.yaml

@ -125,6 +125,9 @@ environments:
CongressAdmin: {protocol: 'http', port: '1789', host: 'IP_ADDRESS'}
CongressInternal: {protocol: 'http', port: '1789', host: 'IP_ADDRESS'}
CongressPublic: {protocol: 'https', port: '13789', host: 'IP_ADDRESS'}
DesignateAdmin: {protocol: 'http', port: '9001', host: 'IP_ADDRESS'}
DesignateInternal: {protocol: 'http', port: '9001', host: 'IP_ADDRESS'}
DesignatePublic: {protocol: 'https', port: '13001', host: 'IP_ADDRESS'}
DockerRegistryInternal: {protocol: 'https', port: '8787', host: 'IP_ADDRESS'}
Ec2ApiAdmin: {protocol: 'http', port: '8788', host: 'IP_ADDRESS'}
Ec2ApiInternal: {protocol: 'http', port: '8788', host: 'IP_ADDRESS'}
@ -238,6 +241,9 @@ environments:
CongressAdmin: {protocol: 'http', port: '1789', host: 'IP_ADDRESS'}
CongressInternal: {protocol: 'http', port: '1789', host: 'IP_ADDRESS'}
CongressPublic: {protocol: 'https', port: '13789', host: 'CLOUDNAME'}
DesignateAdmin: {protocol: 'http', port: '9001', host: 'IP_ADDRESS'}
DesignateInternal: {protocol: 'http', port: '9001', host: 'IP_ADDRESS'}
DesignatePublic: {protocol: 'https', port: '13001', host: 'CLOUDNAME'}
DockerRegistryInternal: {protocol: 'https', port: '8787', host: 'CLOUDNAME'}
Ec2ApiAdmin: {protocol: 'http', port: '8788', host: 'IP_ADDRESS'}
Ec2ApiInternal: {protocol: 'http', port: '8788', host: 'IP_ADDRESS'}
@ -351,6 +357,9 @@ environments:
CongressAdmin: {protocol: 'https', port: '1789', host: 'CLOUDNAME'}
CongressInternal: {protocol: 'https', port: '1789', host: 'CLOUDNAME'}
CongressPublic: {protocol: 'https', port: '13789', host: 'CLOUDNAME'}
DesignateAdmin: {protocol: 'https', port: '9001', host: 'CLOUDNAME'}
DesignateInternal: {protocol: 'https', port: '9001', host: 'CLOUDNAME'}
DesignatePublic: {protocol: 'https', port: '13001', host: 'CLOUDNAME'}
DockerRegistryInternal: {protocol: 'https', port: '8787', host: 'CLOUDNAME'}
Ec2ApiAdmin: {protocol: 'https', port: '8788', host: 'CLOUDNAME'}
Ec2ApiInternal: {protocol: 'https', port: '8788', host: 'CLOUDNAME'}

Loading…
Cancel
Save