Browse Source

Merge "Make nova ephemeral storage backend configurable per-role" into stable/rocky

tags/9.4.1
Zuul 1 month ago
parent
commit
d3d527644e

+ 16
- 7
docker/services/nova-libvirt.yaml View File

@@ -58,8 +58,10 @@ parameters:
58 58
     type: number
59 59
   NovaEnableRbdBackend:
60 60
     default: false
61
-    description: Whether to enable or not the Rbd backend for Nova
61
+    description: Whether to enable the Rbd backend for Nova ephemeral storage.
62 62
     type: boolean
63
+    tags:
64
+      - role_specific
63 65
   CinderEnableRbdBackend:
64 66
     default: false
65 67
     description: Whether to enable or not the Rbd backend for Cinder
@@ -148,12 +150,19 @@ conditions:
148 150
 
149 151
   need_libvirt_secret:
150 152
     or:
151
-    - equals:
152
-      - {get_param: NovaEnableRbdBackend}
153
-      - true
154
-    - equals:
155
-      - {get_param: CinderEnableRbdBackend}
156
-      - true
153
+      - equals:
154
+        - {get_param: [RoleParameters, NovaEnableRbdBackend]}
155
+        - true
156
+      - and:
157
+        - equals:
158
+          - {get_param: [RoleParameters, NovaEnableRbdBackend]}
159
+          - ''
160
+        - equals:
161
+          - {get_param: NovaEnableRbdBackend}
162
+          - true
163
+      - equals:
164
+        - {get_param: CinderEnableRbdBackend}
165
+        - true
157 166
 
158 167
   use_tls_for_vnc:
159 168
     and:

+ 3
- 1
docker/services/octavia/octavia-deployment-config.yaml View File

@@ -69,8 +69,10 @@ parameters:
69 69
       provides a convenient way to e.g. debug load balancing services.
70 70
   NovaEnableRbdBackend:
71 71
     default: false
72
-    description: Whether to enable or not the Rbd backend for Nova
72
+    description: Whether to enable the Rbd backend for Nova ephemeral storage.
73 73
     type: boolean
74
+    tags:
75
+      - role_specific
74 76
   OctaviaControlNetwork:
75 77
     description: The name for the neutron network used for the amphora
76 78
                  control network

+ 18
- 0
environments/ceph-ansible/ceph-ansible-per-role.yaml View File

@@ -0,0 +1,18 @@
1
+resource_registry:
2
+  OS::TripleO::Services::CephMgr: ../../docker/services/ceph-ansible/ceph-mgr.yaml
3
+  OS::TripleO::Services::CephMon: ../../docker/services/ceph-ansible/ceph-mon.yaml
4
+  OS::TripleO::Services::CephOSD: ../../docker/services/ceph-ansible/ceph-osd.yaml
5
+  OS::TripleO::Services::CephClient: ../../docker/services/ceph-ansible/ceph-client.yaml
6
+
7
+parameter_defaults:
8
+  # Ensure that if user overrides CephAnsiblePlaybook via some env
9
+  # file, we go back to default when they stop passing their env file.
10
+  CephAnsiblePlaybook: ['default']
11
+
12
+  CinderEnableIscsiBackend: false
13
+  CinderEnableRbdBackend: true
14
+  CinderBackupBackend: ceph
15
+  GlanceBackend: rbd
16
+  GnocchiBackend: rbd
17
+  GlanceShowMultipleLocations: true
18
+  # NovaEnableRbdBackend can be set on individual roles to choose RBD or local ephemeral storage

+ 25
- 9
puppet/services/glance-api.yaml View File

@@ -129,7 +129,15 @@ parameters:
129 129
     type: string
130 130
   NovaEnableRbdBackend:
131 131
     default: false
132
-    description: Whether to enable or not the Rbd backend for Nova
132
+    description: Whether to enable the Rbd backend for Nova ephemeral storage.
133
+    type: boolean
134
+    tags:
135
+      - role_specific
136
+  GlanceShowMultipleLocations:
137
+    default: false
138
+    description: |
139
+      Whether to show multiple image locations e.g for copy-on-write support on
140
+      RBD or Netapp backends. Potential security risk, see glance.conf for more information.
133 141
     type: boolean
134 142
   GlanceImageImportPlugins:
135 143
     default: []
@@ -208,18 +216,26 @@ parameters:
208 216
 conditions:
209 217
 
210 218
   rbd_backend_enabled: {equals: [{get_param: GlanceBackend}, rbd]}
219
+  enable_image_conversion:
220
+    and:
221
+      - equals: [{get_param: GlanceBackend}, rbd]
222
+      - equals: [{get_param: NovaEnableRbdBackend}, true]
211 223
   use_tls_proxy: {equals : [{get_param: EnableInternalTLS}, true]}
212 224
   glance_workers_unset: {equals : [{get_param: GlanceWorkers}, '']}
213 225
   service_debug_unset: {equals : [{get_param: GlanceDebug}, '']}
214 226
   cinder_backend_enabled: {equals: [{get_param: GlanceBackend}, cinder]}
215 227
   glance_multiple_locations:
216
-    and:
217
-    - equals:
218
-      - get_param: GlanceBackend
219
-      - rbd
220
-    - equals:
221
-      - get_param: NovaEnableRbdBackend
222
-      - true
228
+    or:
229
+    - {equals : [{get_param: GlanceShowMultipleLocations}, true]}
230
+    - and:
231
+      # Keep this for compat, but ignore NovaEnableRbdBackend if it's a role param
232
+      - equals:
233
+        - get_param: GlanceBackend
234
+        - rbd
235
+      - equals:
236
+        - get_param: NovaEnableRbdBackend
237
+        - true
238
+
223 239
 
224 240
 resources:
225 241
 
@@ -283,7 +299,7 @@ outputs:
283 299
             glance::api::node_staging_uri: {get_param: GlanceNodeStagingUri}
284 300
             glance::api::image_import_plugins:
285 301
               if:
286
-              - rbd_backend_enabled
302
+              - enable_image_conversion
287 303
               - list_concat_unique:
288 304
                 - {get_param: GlanceImageImportPlugins}
289 305
                 - ['image_conversion']

+ 9
- 2
puppet/services/nova-compute.yaml View File

@@ -95,8 +95,10 @@ parameters:
95 95
     type: boolean
96 96
   NovaEnableRbdBackend:
97 97
     default: false
98
-    description: Whether to enable or not the Rbd backend for Nova
98
+    description: Whether to enable the Rbd backend for Nova ephemeral storage.
99 99
     type: boolean
100
+    tags:
101
+      - role_specific
100 102
   NovaComputeLibvirtVifDriver:
101 103
     default: ''
102 104
     description: Libvirt VIF driver configuration for the network
@@ -246,7 +248,10 @@ conditions:
246 248
         - equals: [{get_param: NovaNfsEnabled}, true]
247 249
         - equals: [{get_param: [RoleParameters, NovaNfsEnabled]}, '']
248 250
       - equals: [{get_param: [RoleParameters, NovaNfsEnabled]}, true]
249
-      - equals: [{get_param: NovaEnableRbdBackend}, true]
251
+      - equals: [{get_param: [RoleParameters, NovaEnableRbdBackend]}, true]
252
+      - and:
253
+        - equals: [{get_param: [RoleParameters, NovaEnableRbdBackend]}, '']
254
+        - equals: [{get_param: NovaEnableRbdBackend}, true]
250 255
 
251 256
 resources:
252 257
   NovaBase:
@@ -285,6 +290,7 @@ resources:
285 290
               nfs_vers: NovaNfsVersion
286 291
               nova::compute::libvirt::mem_stats_period_seconds: NovaLibvirtMemStatsPeriodSeconds
287 292
               resume_guests_state_on_host_boot: NovaResumeGuestsStateOnHostBoot
293
+              nova::compute::rbd::ephemeral_storage: NovaEnableRbdBackend
288 294
             - values: {get_param: [RoleParameters]}
289 295
           - values:
290 296
               NovaVcpuPinSet: {get_param: NovaVcpuPinSet}
@@ -302,6 +308,7 @@ resources:
302 308
               NovaNfsOptions: {get_param: NovaNfsOptions}
303 309
               NovaNfsVersion: {get_param: NovaNfsVersion}
304 310
               NovaLibvirtMemStatsPeriodSeconds: {get_param: NovaLibvirtMemStatsPeriodSeconds}
311
+              NovaEnableRbdBackend: {get_param: NovaEnableRbdBackend}
305 312
 
306 313
 outputs:
307 314
   role_data:

+ 62
- 0
roles/ComputeLocalEphemeral.yaml View File

@@ -0,0 +1,62 @@
1
+###############################################################################
2
+# Role: ComputeLocalEphemeral                                                 #
3
+###############################################################################
4
+- name: ComputeLocalEphemeral
5
+  description: |
6
+    Per-role compute storage backend - basic Compute Node with local ephemeral disks
7
+  CountDefault: 0
8
+  networks:
9
+    - InternalApi
10
+    - Tenant
11
+    - Storage
12
+  HostnameFormatDefault: '%stackname%-novacompute-local-%index%'
13
+  RoleParametersDefault:
14
+    TunedProfileName: "virtual-host"
15
+    NovaEnableRbdBackend: false
16
+  ServicesDefault:
17
+    - OS::TripleO::Services::Aide
18
+    - OS::TripleO::Services::AuditD
19
+    - OS::TripleO::Services::CACerts
20
+    - OS::TripleO::Services::CephClient
21
+    - OS::TripleO::Services::CephExternal
22
+    - OS::TripleO::Services::CertmongerUser
23
+    - OS::TripleO::Services::Collectd
24
+    - OS::TripleO::Services::ComputeCeilometerAgent
25
+    - OS::TripleO::Services::ComputeNeutronCorePlugin
26
+    - OS::TripleO::Services::ComputeNeutronL3Agent
27
+    - OS::TripleO::Services::ComputeNeutronMetadataAgent
28
+    - OS::TripleO::Services::ComputeNeutronOvsAgent
29
+    - OS::TripleO::Services::Docker
30
+    - OS::TripleO::Services::Fluentd
31
+    - OS::TripleO::Services::IpaClient
32
+    - OS::TripleO::Services::Ipsec
33
+    - OS::TripleO::Services::Iscsid
34
+    - OS::TripleO::Services::Kernel
35
+    - OS::TripleO::Services::LoginDefs
36
+    - OS::TripleO::Services::MetricsQdr
37
+    - OS::TripleO::Services::MySQLClient
38
+    - OS::TripleO::Services::NeutronBgpVpnBagpipe
39
+    - OS::TripleO::Services::NeutronLinuxbridgeAgent
40
+    - OS::TripleO::Services::NeutronVppAgent
41
+    - OS::TripleO::Services::NovaCompute
42
+    - OS::TripleO::Services::NovaLibvirt
43
+    - OS::TripleO::Services::NovaLibvirtGuests
44
+    - OS::TripleO::Services::NovaMigrationTarget
45
+    - OS::TripleO::Services::Ntp
46
+    - OS::TripleO::Services::ContainersLogrotateCrond
47
+    - OS::TripleO::Services::OpenDaylightOvs
48
+    - OS::TripleO::Services::Rhsm
49
+    - OS::TripleO::Services::RsyslogSidecar
50
+    - OS::TripleO::Services::Securetty
51
+    - OS::TripleO::Services::SensuClient
52
+    - OS::TripleO::Services::SkydiveAgent
53
+    - OS::TripleO::Services::Snmp
54
+    - OS::TripleO::Services::Sshd
55
+    - OS::TripleO::Services::Timezone
56
+    - OS::TripleO::Services::TripleoFirewall
57
+    - OS::TripleO::Services::TripleoPackages
58
+    - OS::TripleO::Services::Tuned
59
+    - OS::TripleO::Services::Vpp
60
+    - OS::TripleO::Services::OVNController
61
+    - OS::TripleO::Services::OVNMetadataAgent
62
+    - OS::TripleO::Services::Ptp

+ 62
- 0
roles/ComputeRBDEphemeral.yaml View File

@@ -0,0 +1,62 @@
1
+###############################################################################
2
+# Role: ComputeRBDEphemeral                                                   #
3
+###############################################################################
4
+- name: ComputeRBDEphemeral
5
+  description: |
6
+    Per-role compute storage backend - basic Compute Node with RBD ephemeral disks
7
+  CountDefault: 0
8
+  networks:
9
+    - InternalApi
10
+    - Tenant
11
+    - Storage
12
+  HostnameFormatDefault: '%stackname%-novacompute-rbd-%index%'
13
+  RoleParametersDefault:
14
+    TunedProfileName: "virtual-host"
15
+    NovaEnableRbdBackend: true
16
+  ServicesDefault:
17
+    - OS::TripleO::Services::Aide
18
+    - OS::TripleO::Services::AuditD
19
+    - OS::TripleO::Services::CACerts
20
+    - OS::TripleO::Services::CephClient
21
+    - OS::TripleO::Services::CephExternal
22
+    - OS::TripleO::Services::CertmongerUser
23
+    - OS::TripleO::Services::Collectd
24
+    - OS::TripleO::Services::ComputeCeilometerAgent
25
+    - OS::TripleO::Services::ComputeNeutronCorePlugin
26
+    - OS::TripleO::Services::ComputeNeutronL3Agent
27
+    - OS::TripleO::Services::ComputeNeutronMetadataAgent
28
+    - OS::TripleO::Services::ComputeNeutronOvsAgent
29
+    - OS::TripleO::Services::Docker
30
+    - OS::TripleO::Services::Fluentd
31
+    - OS::TripleO::Services::IpaClient
32
+    - OS::TripleO::Services::Ipsec
33
+    - OS::TripleO::Services::Iscsid
34
+    - OS::TripleO::Services::Kernel
35
+    - OS::TripleO::Services::LoginDefs
36
+    - OS::TripleO::Services::MetricsQdr
37
+    - OS::TripleO::Services::MySQLClient
38
+    - OS::TripleO::Services::NeutronBgpVpnBagpipe
39
+    - OS::TripleO::Services::NeutronLinuxbridgeAgent
40
+    - OS::TripleO::Services::NeutronVppAgent
41
+    - OS::TripleO::Services::NovaCompute
42
+    - OS::TripleO::Services::NovaLibvirt
43
+    - OS::TripleO::Services::NovaLibvirtGuests
44
+    - OS::TripleO::Services::NovaMigrationTarget
45
+    - OS::TripleO::Services::Ntp
46
+    - OS::TripleO::Services::ContainersLogrotateCrond
47
+    - OS::TripleO::Services::OpenDaylightOvs
48
+    - OS::TripleO::Services::Rhsm
49
+    - OS::TripleO::Services::RsyslogSidecar
50
+    - OS::TripleO::Services::Securetty
51
+    - OS::TripleO::Services::SensuClient
52
+    - OS::TripleO::Services::SkydiveAgent
53
+    - OS::TripleO::Services::Snmp
54
+    - OS::TripleO::Services::Sshd
55
+    - OS::TripleO::Services::Timezone
56
+    - OS::TripleO::Services::TripleoFirewall
57
+    - OS::TripleO::Services::TripleoPackages
58
+    - OS::TripleO::Services::Tuned
59
+    - OS::TripleO::Services::Vpp
60
+    - OS::TripleO::Services::OVNController
61
+    - OS::TripleO::Services::OVNMetadataAgent
62
+    - OS::TripleO::Services::Ptp

+ 5
- 1
tools/yaml-validate.py View File

@@ -453,7 +453,7 @@ def validate_controller_no_ceph_role(filename, tpl):
453 453
                 return 1
454 454
     return 0
455 455
 
456
-def validate_with_compute_role_services(role_filename, role_tpl, exclude_service):
456
+def validate_with_compute_role_services(role_filename, role_tpl, exclude_service=()):
457 457
     cmpt_filename = os.path.join(os.path.dirname(role_filename),
458 458
                                  './Compute.yaml')
459 459
     cmpt_tpl = yaml.load(open(cmpt_filename).read())
@@ -1111,6 +1111,10 @@ def validate(filename, param_map):
1111 1111
         if filename == './roles/Compute.yaml':
1112 1112
             retval |= validate_multiarch_compute_roles(filename, tpl)
1113 1113
 
1114
+        if filename in ('./roles/ComputeLocalEphemeral.yaml',
1115
+                        './roles/ComputeRBDEphemeral.yaml'):
1116
+            retval |= validate_with_compute_role_services(filename, tpl)
1117
+
1114 1118
         # NOTE(hjensas): The routed network data example is very different ...
1115 1119
         # We need to develop a more advanced validator, probably using a schema
1116 1120
         # definition instead.

Loading…
Cancel
Save