flatten the octavia service configurations
This change combines the previous puppet and docker files into a single file that performs the containerized service installation and configuration for the octavia services. With this patch the baremetal version of each respective octavia service has been removed. Related-Blueprint: services-yaml-flattening Change-Id: Icf2856fd261b49a4da1f197c7190c9a18d21e30f
This commit is contained in:
parent
e7db158840
commit
ebc9dd98e0
@ -12,11 +12,11 @@ resource_registry:
|
|||||||
OS::TripleO::Services::MySQL: ../../deployment/database/mysql-pacemaker-puppet.yaml
|
OS::TripleO::Services::MySQL: ../../deployment/database/mysql-pacemaker-puppet.yaml
|
||||||
OS::TripleO::Services::Keepalived: OS::Heat::None
|
OS::TripleO::Services::Keepalived: OS::Heat::None
|
||||||
OS::TripleO::AllNodes::Validation: ../common/all-nodes-validation-disabled.yaml
|
OS::TripleO::AllNodes::Validation: ../common/all-nodes-validation-disabled.yaml
|
||||||
OS::TripleO::Services::OctaviaApi: ../../docker/services/octavia-api.yaml
|
OS::TripleO::Services::OctaviaApi: ../../deployment/octavia/octavia-api-container-puppet.yaml
|
||||||
OS::TripleO::Services::OctaviaHousekeeping: ../../docker/services/octavia-housekeeping.yaml
|
OS::TripleO::Services::OctaviaHousekeeping: ../../deployment/octavia/octavia-housekeeping-container-puppet.yaml
|
||||||
OS::TripleO::Services::OctaviaHealthManager: ../../docker/services/octavia-health-manager.yaml
|
OS::TripleO::Services::OctaviaHealthManager: ../../deployment/octavia/octavia-health-manager-container-puppet.yaml
|
||||||
OS::TripleO::Services::OctaviaWorker: ../../docker/services/octavia-worker.yaml
|
OS::TripleO::Services::OctaviaWorker: ../../deployment/octavia/octavia-worker-container-puppet.yaml
|
||||||
OS::TripleO::Services::OctaviaDeploymentConfig: ../../docker/services/octavia/octavia-deployment-config.yaml
|
OS::TripleO::Services::OctaviaDeploymentConfig: ../../deployment/octavia/octavia-deployment-config.yaml
|
||||||
OS::TripleO::Services::CinderApi: OS::Heat::None
|
OS::TripleO::Services::CinderApi: OS::Heat::None
|
||||||
OS::TripleO::Services::CinderBackup: OS::Heat::None
|
OS::TripleO::Services::CinderBackup: OS::Heat::None
|
||||||
OS::TripleO::Services::CinderScheduler: OS::Heat::None
|
OS::TripleO::Services::CinderScheduler: OS::Heat::None
|
||||||
|
@ -44,22 +44,58 @@ parameters:
|
|||||||
EnableInternalTLS:
|
EnableInternalTLS:
|
||||||
type: boolean
|
type: boolean
|
||||||
default: false
|
default: false
|
||||||
|
OctaviaUserName:
|
||||||
|
description: The username for the Octavia database and keystone accounts.
|
||||||
|
type: string
|
||||||
|
default: 'octavia'
|
||||||
|
OctaviaPassword:
|
||||||
|
description: The password for the Octavia database and keystone accounts.
|
||||||
|
type: string
|
||||||
|
hidden: true
|
||||||
|
OctaviaProjectName:
|
||||||
|
description: The project name for the keystone Octavia account.
|
||||||
|
type: string
|
||||||
|
default: 'service'
|
||||||
|
KeystoneRegion:
|
||||||
|
type: string
|
||||||
|
default: 'regionOne'
|
||||||
|
description: Keystone region for endpoint
|
||||||
|
MonitoringSubscriptionOctaviaApi:
|
||||||
|
default: 'overcloud-octavia-api'
|
||||||
|
type: string
|
||||||
|
OctaviaApiPolicies:
|
||||||
|
description: |
|
||||||
|
A hash of policies to configure for Octavia API.
|
||||||
|
e.g. { octavia-context_is_admin: { key: context_is_admin, value: 'role:admin' } }
|
||||||
|
default: {}
|
||||||
|
type: json
|
||||||
|
|
||||||
conditions:
|
conditions:
|
||||||
|
|
||||||
internal_tls_enabled: {equals: [{get_param: EnableInternalTLS}, true]}
|
internal_tls_enabled: {equals: [{get_param: EnableInternalTLS}, true]}
|
||||||
|
use_tls_proxy: {equals : [{get_param: EnableInternalTLS}, true]}
|
||||||
|
|
||||||
resources:
|
resources:
|
||||||
|
|
||||||
ContainersCommon:
|
ContainersCommon:
|
||||||
type: ./containers-common.yaml
|
type: ../../docker/services/containers-common.yaml
|
||||||
|
|
||||||
MySQLClient:
|
MySQLClient:
|
||||||
type: ../../deployment/database/mysql-client.yaml
|
type: ../database/mysql-client.yaml
|
||||||
|
|
||||||
OctaviaApiPuppetBase:
|
TLSProxyBase:
|
||||||
type: ../../puppet/services/octavia-api.yaml
|
type: OS::TripleO::Services::TLSProxyBase
|
||||||
|
properties:
|
||||||
|
ServiceData: {get_param: ServiceData}
|
||||||
|
ServiceNetMap: {get_param: ServiceNetMap}
|
||||||
|
DefaultPasswords: {get_param: DefaultPasswords}
|
||||||
|
EndpointMap: {get_param: EndpointMap}
|
||||||
|
RoleName: {get_param: RoleName}
|
||||||
|
RoleParameters: {get_param: RoleParameters}
|
||||||
|
EnableInternalTLS: {get_param: EnableInternalTLS}
|
||||||
|
|
||||||
|
OctaviaBase:
|
||||||
|
type: ./octavia-base.yaml
|
||||||
properties:
|
properties:
|
||||||
EndpointMap: {get_param: EndpointMap}
|
EndpointMap: {get_param: EndpointMap}
|
||||||
ServiceData: {get_param: ServiceData}
|
ServiceData: {get_param: ServiceData}
|
||||||
@ -68,8 +104,8 @@ resources:
|
|||||||
RoleName: {get_param: RoleName}
|
RoleName: {get_param: RoleName}
|
||||||
RoleParameters: {get_param: RoleParameters}
|
RoleParameters: {get_param: RoleParameters}
|
||||||
|
|
||||||
OctaviaFlavor:
|
OctaviaWorker: # provides Nova flavor
|
||||||
type: ../../puppet/services/octavia-worker.yaml
|
type: ./octavia-worker-container-puppet.yaml
|
||||||
properties:
|
properties:
|
||||||
EndpointMap: {get_param: EndpointMap}
|
EndpointMap: {get_param: EndpointMap}
|
||||||
ServiceData: {get_param: ServiceData}
|
ServiceData: {get_param: ServiceData}
|
||||||
@ -82,19 +118,76 @@ outputs:
|
|||||||
role_data:
|
role_data:
|
||||||
description: Role data for the Octavia API role.
|
description: Role data for the Octavia API role.
|
||||||
value:
|
value:
|
||||||
service_name: {get_attr: [OctaviaApiPuppetBase, role_data, service_name]}
|
service_name: octavia_api
|
||||||
|
monitoring_subscription: {get_param: MonitoringSubscriptionOctaviaApi}
|
||||||
config_settings:
|
config_settings:
|
||||||
map_merge:
|
map_merge:
|
||||||
- {get_attr: [OctaviaApiPuppetBase, role_data, config_settings]}
|
- {get_attr: [OctaviaBase, role_data, config_settings]}
|
||||||
- {get_attr: [OctaviaFlavor, role_data, config_settings]}
|
- {get_attr: [OctaviaWorker, role_data, config_settings]}
|
||||||
|
- get_attr: [TLSProxyBase, role_data, config_settings]
|
||||||
|
- octavia::keystone::authtoken::www_authenticate_uri: {get_param: [EndpointMap, KeystoneInternal, uri] }
|
||||||
|
octavia::keystone::authtoken::auth_uri: {get_param: [EndpointMap, KeystoneInternal, uri] }
|
||||||
|
octavia::policy::policies: {get_param: OctaviaApiPolicies}
|
||||||
|
octavia::keystone::authtoken::auth_url: {get_param: [EndpointMap, KeystoneInternal, uri_no_suffix]}
|
||||||
|
octavia::keystone::authtoken::project_name: {get_param: OctaviaProjectName}
|
||||||
|
octavia::keystone::authtoken::password: {get_param: OctaviaPassword}
|
||||||
|
octavia::api::sync_db: true
|
||||||
|
tripleo::octavia_api::firewall_rules:
|
||||||
|
'120 octavia api':
|
||||||
|
dport:
|
||||||
|
- 9876
|
||||||
|
- 13876
|
||||||
|
# NOTE: bind IP is found in hiera replacing the network name with the local node IP
|
||||||
|
# for the given network; replacement examples (eg. for internal_api):
|
||||||
|
# internal_api -> IP
|
||||||
|
# internal_api_uri -> [IP]
|
||||||
|
# internal_api_subnet - > IP/CIDR
|
||||||
|
tripleo::profile::base::octavia::api::tls_proxy_bind_ip:
|
||||||
|
str_replace:
|
||||||
|
template:
|
||||||
|
"%{hiera('$NETWORK')}"
|
||||||
|
params:
|
||||||
|
$NETWORK: {get_param: [ServiceNetMap, OctaviaApiNetwork]}
|
||||||
|
tripleo::profile::base::octavia::api::tls_proxy_fqdn:
|
||||||
|
str_replace:
|
||||||
|
template:
|
||||||
|
"%{hiera('fqdn_$NETWORK')}"
|
||||||
|
params:
|
||||||
|
$NETWORK: {get_param: [ServiceNetMap, OctaviaApiNetwork]}
|
||||||
|
tripleo::profile::base::octavia::api::tls_proxy_port:
|
||||||
|
get_param: [EndpointMap, OctaviaInternal, port]
|
||||||
|
# Bind to localhost if internal TLS is enabled, since we put a TLS
|
||||||
|
# proxy in front.
|
||||||
|
octavia::api::host:
|
||||||
|
if:
|
||||||
|
- use_tls_proxy
|
||||||
|
- '127.0.0.1'
|
||||||
|
- str_replace:
|
||||||
|
template:
|
||||||
|
"%{hiera('$NETWORK')}"
|
||||||
|
params:
|
||||||
|
$NETWORK: {get_param: [ServiceNetMap, OctaviaApiNetwork]}
|
||||||
service_config_settings:
|
service_config_settings:
|
||||||
map_merge:
|
fluentd:
|
||||||
- get_attr: [OctaviaApiPuppetBase, role_data, service_config_settings]
|
tripleo_fluentd_groups_octavia_api:
|
||||||
- fluentd:
|
- octavia
|
||||||
tripleo_fluentd_groups_octavia_api:
|
tripleo_fluentd_sources_octavia_api:
|
||||||
- octavia
|
- {get_param: OctaviaApiLoggingSource}
|
||||||
tripleo_fluentd_sources_octavia_api:
|
keystone:
|
||||||
- {get_param: OctaviaApiLoggingSource}
|
octavia::keystone::auth::tenant: {get_param: OctaviaProjectName}
|
||||||
|
octavia::keystone::auth::public_url: {get_param: [EndpointMap, OctaviaPublic, uri]}
|
||||||
|
octavia::keystone::auth::internal_url: { get_param: [ EndpointMap, OctaviaInternal, uri ] }
|
||||||
|
octavia::keystone::auth::admin_url: { get_param: [ EndpointMap, OctaviaAdmin, uri ] }
|
||||||
|
octavia::keystone::auth::password: {get_param: OctaviaPassword}
|
||||||
|
octavia::keystone::auth::region: {get_param: KeystoneRegion}
|
||||||
|
mysql:
|
||||||
|
octavia::db::mysql::password: {get_param: OctaviaPassword}
|
||||||
|
octavia::db::mysql::user: {get_param: OctaviaUserName}
|
||||||
|
octavia::db::mysql::host: {get_param: [EndpointMap, MysqlInternal, host_nobrackets]}
|
||||||
|
octavia::db::mysql::dbname: octavia
|
||||||
|
octavia::db::mysql::allowed_hosts:
|
||||||
|
- '%'
|
||||||
|
- "%{hiera('mysql_bind_host')}"
|
||||||
# BEGIN DOCKER SETTINGS #
|
# BEGIN DOCKER SETTINGS #
|
||||||
puppet_config:
|
puppet_config:
|
||||||
config_volume: octavia
|
config_volume: octavia
|
||||||
@ -102,7 +195,7 @@ outputs:
|
|||||||
step_config:
|
step_config:
|
||||||
list_join:
|
list_join:
|
||||||
- "\n"
|
- "\n"
|
||||||
- - {get_attr: [OctaviaApiPuppetBase, role_data, step_config]}
|
- - "include tripleo::profile::base::octavia::api"
|
||||||
- {get_attr: [MySQLClient, role_data, step_config]}
|
- {get_attr: [MySQLClient, role_data, step_config]}
|
||||||
config_image: {get_param: DockerOctaviaConfigImage}
|
config_image: {get_param: DockerOctaviaConfigImage}
|
||||||
kolla_config:
|
kolla_config:
|
||||||
@ -133,7 +226,7 @@ outputs:
|
|||||||
config_volume: octavia
|
config_volume: octavia
|
||||||
puppet_tags: nova_flavor
|
puppet_tags: nova_flavor
|
||||||
step_config:
|
step_config:
|
||||||
get_attr: [OctaviaFlavor, role_data, step_config]
|
get_attr: [OctaviaWorker, role_data, step_config]
|
||||||
config_image: {get_param: DockerOctaviaConfigImage}
|
config_image: {get_param: DockerOctaviaConfigImage}
|
||||||
volumes:
|
volumes:
|
||||||
- /var/lib/config-data/puppet-generated/nova/etc/nova:/etc/nova:ro
|
- /var/lib/config-data/puppet-generated/nova/etc/nova:/etc/nova:ro
|
||||||
@ -229,7 +322,7 @@ outputs:
|
|||||||
ignore_errors: true
|
ignore_errors: true
|
||||||
upgrade_tasks: []
|
upgrade_tasks: []
|
||||||
metadata_settings:
|
metadata_settings:
|
||||||
get_attr: [OctaviaApiPuppetBase, role_data, metadata_settings]
|
get_attr: [TLSProxyBase, role_data, metadata_settings]
|
||||||
post_upgrade_tasks:
|
post_upgrade_tasks:
|
||||||
- when: step|int == 1
|
- when: step|int == 1
|
||||||
import_role:
|
import_role:
|
215
deployment/octavia/octavia-base.yaml
Normal file
215
deployment/octavia/octavia-base.yaml
Normal file
@ -0,0 +1,215 @@
|
|||||||
|
heat_template_version: rocky
|
||||||
|
|
||||||
|
description: >
|
||||||
|
OpenStack Octavia base service. Shared for all Octavia services
|
||||||
|
|
||||||
|
parameters:
|
||||||
|
ServiceData:
|
||||||
|
default: {}
|
||||||
|
description: Dictionary packing service data
|
||||||
|
type: json
|
||||||
|
ServiceNetMap:
|
||||||
|
default: {}
|
||||||
|
description: Mapping of service_name -> network name. Typically set
|
||||||
|
via parameter_defaults in the resource registry. This
|
||||||
|
mapping overrides those in ServiceNetMapDefaults.
|
||||||
|
type: json
|
||||||
|
DefaultPasswords:
|
||||||
|
default: {}
|
||||||
|
type: json
|
||||||
|
RoleName:
|
||||||
|
default: ''
|
||||||
|
description: Role name on which the service is applied
|
||||||
|
type: string
|
||||||
|
RoleParameters:
|
||||||
|
default: {}
|
||||||
|
description: Parameters specific to the role
|
||||||
|
type: json
|
||||||
|
EndpointMap:
|
||||||
|
default: {}
|
||||||
|
description: Mapping of service endpoint -> protocol. Typically set
|
||||||
|
via parameter_defaults in the resource registry.
|
||||||
|
type: json
|
||||||
|
Debug:
|
||||||
|
type: boolean
|
||||||
|
default: false
|
||||||
|
description: Set to True to enable debugging on all services.
|
||||||
|
OctaviaDebug:
|
||||||
|
default: ''
|
||||||
|
description: Set to True to enable debugging Octavia services.
|
||||||
|
type: string
|
||||||
|
constraints:
|
||||||
|
- allowed_values: [ '', 'true', 'True', 'TRUE', 'false', 'False', 'FALSE']
|
||||||
|
EnableConfigPurge:
|
||||||
|
type: boolean
|
||||||
|
default: false
|
||||||
|
description: >
|
||||||
|
Remove configuration that is not generated by TripleO. Used to avoid
|
||||||
|
configuration remnants after upgrades.
|
||||||
|
RpcPort:
|
||||||
|
default: 5672
|
||||||
|
description: The network port for messaging backend
|
||||||
|
type: number
|
||||||
|
RpcUserName:
|
||||||
|
default: guest
|
||||||
|
description: The username for messaging backend
|
||||||
|
type: string
|
||||||
|
RpcPassword:
|
||||||
|
description: The password for messaging backend
|
||||||
|
type: string
|
||||||
|
hidden: true
|
||||||
|
RpcUseSSL:
|
||||||
|
default: false
|
||||||
|
description: >
|
||||||
|
Messaging client subscriber parameter to specify
|
||||||
|
an SSL connection to the messaging host.
|
||||||
|
type: string
|
||||||
|
NotificationDriver:
|
||||||
|
type: string
|
||||||
|
default: 'messagingv2'
|
||||||
|
description: Driver or drivers to handle sending notifications.
|
||||||
|
OctaviaUserName:
|
||||||
|
description: The username for the Octavia database and keystone accounts.
|
||||||
|
type: string
|
||||||
|
default: 'octavia'
|
||||||
|
OctaviaPassword:
|
||||||
|
description: The password for the Octavia database and keystone accounts.
|
||||||
|
type: string
|
||||||
|
hidden: true
|
||||||
|
OctaviaProjectName:
|
||||||
|
description: The project name for the keystone Octavia account.
|
||||||
|
type: string
|
||||||
|
default: 'service'
|
||||||
|
OctaviaCaCertFile:
|
||||||
|
type: string
|
||||||
|
default: '/etc/octavia/certs/ca_01.pem'
|
||||||
|
description: Octavia CA certificate file path.
|
||||||
|
OctaviaCaCert:
|
||||||
|
type: string
|
||||||
|
default: ''
|
||||||
|
description: Octavia CA certificate data. If provided, this will create
|
||||||
|
or update a file on the host with the path provided in
|
||||||
|
OctaviaCaCertFile with the certificate data.
|
||||||
|
OctaviaCaKeyFile:
|
||||||
|
type: string
|
||||||
|
default: '/etc/octavia/certs/private/cakey.pem'
|
||||||
|
description: Octavia CA private key file path.
|
||||||
|
OctaviaCaKey:
|
||||||
|
type: string
|
||||||
|
default: ''
|
||||||
|
description: The private key for the certificate provided in OctaviaCaCert.
|
||||||
|
If provided, this will create or update a file on the host
|
||||||
|
with the path provided in OctaviaCaKeyFile with the key
|
||||||
|
data.
|
||||||
|
OctaviaCaKeyPassphrase:
|
||||||
|
description: CA private key passphrase.
|
||||||
|
type: string
|
||||||
|
hidden: true
|
||||||
|
OctaviaAmphoraImageTag:
|
||||||
|
default: 'amphora-image'
|
||||||
|
description: Glance image tag for identifying the amphora image.
|
||||||
|
type: string
|
||||||
|
OctaviaAmphoraNetworkList:
|
||||||
|
default: []
|
||||||
|
description: List of networks to attach to amphorae.
|
||||||
|
type: comma_delimited_list
|
||||||
|
OctaviaAmphoraSshKeyName:
|
||||||
|
type: string
|
||||||
|
default: 'octavia-ssh-key'
|
||||||
|
description: SSH key name.
|
||||||
|
OctaviaLoadBalancerTopology:
|
||||||
|
default: ''
|
||||||
|
description: Load balancer topology configuration.
|
||||||
|
type: string
|
||||||
|
OctaviaFlavorId:
|
||||||
|
default: '65'
|
||||||
|
description: Nova flavor ID to be used when creating the nova flavor for
|
||||||
|
amphora.
|
||||||
|
type: string
|
||||||
|
OctaviaTimeoutClientData:
|
||||||
|
default: 50000
|
||||||
|
description: Frontend client inactivity timeout.
|
||||||
|
type: number
|
||||||
|
OctaviaTimeoutMemberConnect:
|
||||||
|
default: 5000
|
||||||
|
description: Backend member connection timeout.
|
||||||
|
type: number
|
||||||
|
OctaviaTimeoutMemberData:
|
||||||
|
default: 50000
|
||||||
|
description: Backend member inactivity timeout.
|
||||||
|
type: number
|
||||||
|
OctaviaTimeoutTcpInspect:
|
||||||
|
default: 0
|
||||||
|
description: Time to wait for TCP packets for content inspection.
|
||||||
|
type: number
|
||||||
|
|
||||||
|
conditions:
|
||||||
|
service_debug_unset: {equals : [{get_param: OctaviaDebug}, '']}
|
||||||
|
octavia_ca_cert_unset: {equals: [{get_param: OctaviaCaCert}, '']}
|
||||||
|
octavia_ca_key_unset: {equals: [{get_param: OctaviaCaKey}, '']}
|
||||||
|
octavia_topology_unset: {equals : [{get_param: OctaviaLoadBalancerTopology}, ""]}
|
||||||
|
|
||||||
|
outputs:
|
||||||
|
role_data:
|
||||||
|
description: Base role data for Octavia services
|
||||||
|
value:
|
||||||
|
service_name: octavia_base
|
||||||
|
config_settings:
|
||||||
|
map_merge:
|
||||||
|
- octavia::logging::debug:
|
||||||
|
if:
|
||||||
|
- service_debug_unset
|
||||||
|
- {get_param: Debug }
|
||||||
|
- {get_param: OctaviaDebug }
|
||||||
|
octavia::purge_config: {get_param: EnableConfigPurge}
|
||||||
|
octavia::notification_driver: {get_param: NotificationDriver}
|
||||||
|
octavia::db::database_connection:
|
||||||
|
make_url:
|
||||||
|
scheme: {get_param: [EndpointMap, MysqlInternal, protocol]}
|
||||||
|
username: {get_param: OctaviaUserName}
|
||||||
|
password: {get_param: OctaviaPassword}
|
||||||
|
host: {get_param: [EndpointMap, MysqlInternal, host]}
|
||||||
|
path: /octavia
|
||||||
|
query:
|
||||||
|
read_default_file: /etc/my.cnf.d/tripleo.cnf
|
||||||
|
read_default_group: tripleo
|
||||||
|
# TODO(ansmith): remove once p-t-o switches to oslo params
|
||||||
|
octavia::rabbit_use_ssl: {get_param: RpcUseSSL}
|
||||||
|
octavia::rabbit_userid: {get_param: RpcUserName}
|
||||||
|
octavia::rabbit_password: {get_param: RpcPassword}
|
||||||
|
octavia::rabbit_port: {get_param: RpcPort}
|
||||||
|
octavia::service_auth::auth_url: {get_param: [EndpointMap, KeystonePublic, uri]}
|
||||||
|
octavia::service_auth::auth_type: 'password'
|
||||||
|
octavia::service_auth::username: {get_param: OctaviaUserName}
|
||||||
|
octavia::service_auth::password: {get_param: OctaviaPassword}
|
||||||
|
octavia::service_auth::project_name: {get_param: OctaviaProjectName}
|
||||||
|
octavia::service_auth::project_domain_name: 'Default'
|
||||||
|
octavia::service_auth::user_domain_name: 'Default'
|
||||||
|
octavia::service_auth::auth_type: 'password'
|
||||||
|
octavia::certificates::ca_certificate: {get_param: OctaviaCaCertFile}
|
||||||
|
octavia::certificates::ca_private_key: {get_param: OctaviaCaKeyFile}
|
||||||
|
octavia::certificates::ca_private_key_passphrase: {get_param: OctaviaCaKeyPassphrase}
|
||||||
|
octavia::controller::amp_boot_network_list: {get_param: OctaviaAmphoraNetworkList}
|
||||||
|
octavia::controller::amp_flavor_id: {get_param: OctaviaFlavorId}
|
||||||
|
octavia::controller::amp_image_tag: {get_param: OctaviaAmphoraImageTag}
|
||||||
|
octavia::controller::amp_ssh_key_name: {get_param: OctaviaAmphoraSshKeyName}
|
||||||
|
octavia::controller::enable_ssh_access: true
|
||||||
|
octavia::controller::timeout_client_data: {get_param: OctaviaTimeoutClientData}
|
||||||
|
octavia::controller::timeout_member_connect: {get_param: OctaviaTimeoutMemberConnect}
|
||||||
|
octavia::controller::timeout_member_data: {get_param: OctaviaTimeoutMemberData}
|
||||||
|
octavia::controller::timeout_tcp_inspect: {get_param: OctaviaTimeoutTcpInspect}
|
||||||
|
-
|
||||||
|
if:
|
||||||
|
- octavia_topology_unset
|
||||||
|
- {}
|
||||||
|
- octavia::controller::loadbalancer_topology: {get_param: OctaviaLoadBalancerTopology}
|
||||||
|
-
|
||||||
|
if:
|
||||||
|
- octavia_ca_cert_unset
|
||||||
|
- {}
|
||||||
|
- octavia::certificates::ca_certificate_data: {get_param: OctaviaCaCert}
|
||||||
|
-
|
||||||
|
if:
|
||||||
|
- octavia_ca_key_unset
|
||||||
|
- {}
|
||||||
|
- octavia::certificates::ca_private_key_data: {get_param: OctaviaCaKey}
|
@ -45,17 +45,37 @@ parameters:
|
|||||||
default: false
|
default: false
|
||||||
description: Remove package if the service is being disabled during upgrade
|
description: Remove package if the service is being disabled during upgrade
|
||||||
type: boolean
|
type: boolean
|
||||||
|
MonitoringSubscriptionOctaviaHealthManager:
|
||||||
|
default: 'overcloud-octavia-health-manager'
|
||||||
|
type: string
|
||||||
|
OctaviaHeartbeatKey:
|
||||||
|
type: string
|
||||||
|
description: Key to identify heartbeat messages for amphorae.
|
||||||
|
hidden: true
|
||||||
|
OctaviaMgmtPortDevName:
|
||||||
|
type: string
|
||||||
|
default: "o-hm0"
|
||||||
|
description: Name of the octavia management network interface using
|
||||||
|
for communication between octavia worker/health-manager
|
||||||
|
with the amphora machine.
|
||||||
|
OctaviaEventStreamerDriver:
|
||||||
|
type: string
|
||||||
|
default: "noop_event_streamer"
|
||||||
|
description: Name of the event streamer driver to use for syncing Octavia
|
||||||
|
and Neutron LBaaS databases. It is highly recommended to
|
||||||
|
disable if one doesn't need to sync the database or is running
|
||||||
|
Octavia in standalone mode by setting to noop_event_streamer.
|
||||||
|
|
||||||
resources:
|
resources:
|
||||||
|
|
||||||
ContainersCommon:
|
ContainersCommon:
|
||||||
type: ./containers-common.yaml
|
type: ../../docker/services/containers-common.yaml
|
||||||
|
|
||||||
MySQLClient:
|
MySQLClient:
|
||||||
type: ../../deployment/database/mysql-client.yaml
|
type: ../database/mysql-client.yaml
|
||||||
|
|
||||||
OctaviaHealthManagerPuppetBase:
|
OctaviaBase:
|
||||||
type: ../../puppet/services/octavia-health-manager.yaml
|
type: ./octavia-base.yaml
|
||||||
properties:
|
properties:
|
||||||
EndpointMap: {get_param: EndpointMap}
|
EndpointMap: {get_param: EndpointMap}
|
||||||
ServiceData: {get_param: ServiceData}
|
ServiceData: {get_param: ServiceData}
|
||||||
@ -68,16 +88,24 @@ outputs:
|
|||||||
role_data:
|
role_data:
|
||||||
description: Role data for the Octavia health-manager role.
|
description: Role data for the Octavia health-manager role.
|
||||||
value:
|
value:
|
||||||
service_name: {get_attr: [OctaviaHealthManagerPuppetBase, role_data, service_name]}
|
service_name: octavia_health_manager
|
||||||
config_settings: {get_attr: [OctaviaHealthManagerPuppetBase, role_data, config_settings]}
|
monitoring_subscription: {get_param: MonitoringSubscriptionOctaviaHealthManager}
|
||||||
service_config_settings:
|
config_settings:
|
||||||
map_merge:
|
map_merge:
|
||||||
- get_attr: [OctaviaHealthManagerPuppetBase, role_data, service_config_settings]
|
- get_attr: [OctaviaBase, role_data, config_settings]
|
||||||
- fluentd:
|
- octavia::health_manager::heartbeat_key: {get_param: OctaviaHeartbeatKey}
|
||||||
tripleo_fluentd_groups_octavia_health_manager:
|
octavia::health_manager::event_streamer_driver: {get_param: OctaviaEventStreamerDriver}
|
||||||
- octavia
|
tripleo::octavia_health_manager::firewall_rules:
|
||||||
tripleo_fluentd_sources_octavia_health_manager:
|
'200 octavia health manager interface':
|
||||||
- {get_param: OctaviaHealthManagerLoggingSource}
|
proto: udp
|
||||||
|
dport: 5555
|
||||||
|
iniface: {get_param: OctaviaMgmtPortDevName}
|
||||||
|
service_config_settings:
|
||||||
|
fluentd:
|
||||||
|
tripleo_fluentd_groups_octavia_health_manager:
|
||||||
|
- octavia
|
||||||
|
tripleo_fluentd_sources_octavia_health_manager:
|
||||||
|
- {get_param: OctaviaHealthManagerLoggingSource}
|
||||||
# BEGIN DOCKER SETTINGS #
|
# BEGIN DOCKER SETTINGS #
|
||||||
puppet_config:
|
puppet_config:
|
||||||
config_volume: octavia
|
config_volume: octavia
|
||||||
@ -85,7 +113,7 @@ outputs:
|
|||||||
step_config:
|
step_config:
|
||||||
list_join:
|
list_join:
|
||||||
- "\n"
|
- "\n"
|
||||||
- - {get_attr: [OctaviaHealthManagerPuppetBase, role_data, step_config]}
|
- - "include tripleo::profile::base::octavia::health_manager"
|
||||||
- {get_attr: [MySQLClient, role_data, step_config]}
|
- {get_attr: [MySQLClient, role_data, step_config]}
|
||||||
config_image: {get_param: DockerOctaviaConfigImage}
|
config_image: {get_param: DockerOctaviaConfigImage}
|
||||||
kolla_config:
|
kolla_config:
|
@ -41,17 +41,30 @@ parameters:
|
|||||||
default: {}
|
default: {}
|
||||||
description: Parameters specific to the role
|
description: Parameters specific to the role
|
||||||
type: json
|
type: json
|
||||||
|
OctaviaAmphoraExpiryAge:
|
||||||
|
default: 0
|
||||||
|
description: The interval in seconds after which an unused Amphora will
|
||||||
|
be considered expired and cleaned up. If left to 0, the
|
||||||
|
configuration will not be set and the system will use
|
||||||
|
the service defaults.
|
||||||
|
type: number
|
||||||
|
MonitoringSubscriptionOctaviaHousekeeping:
|
||||||
|
default: 'overcloud-octavia-housekeeping'
|
||||||
|
type: string
|
||||||
|
|
||||||
|
conditions:
|
||||||
|
amphora_expiry_is_zero: {equals: [{get_param: OctaviaAmphoraExpiryAge}, 0]}
|
||||||
|
|
||||||
resources:
|
resources:
|
||||||
|
|
||||||
ContainersCommon:
|
ContainersCommon:
|
||||||
type: ./containers-common.yaml
|
type: ../../docker/services/containers-common.yaml
|
||||||
|
|
||||||
MySQLClient:
|
MySQLClient:
|
||||||
type: ../../deployment/database/mysql-client.yaml
|
type: ../database/mysql-client.yaml
|
||||||
|
|
||||||
OctaviaHousekeepingPuppetBase:
|
OctaviaBase:
|
||||||
type: ../../puppet/services/octavia-housekeeping.yaml
|
type: ./octavia-base.yaml
|
||||||
properties:
|
properties:
|
||||||
EndpointMap: {get_param: EndpointMap}
|
EndpointMap: {get_param: EndpointMap}
|
||||||
ServiceData: {get_param: ServiceData}
|
ServiceData: {get_param: ServiceData}
|
||||||
@ -64,16 +77,22 @@ outputs:
|
|||||||
role_data:
|
role_data:
|
||||||
description: Role data for the Octavia housekeeping role.
|
description: Role data for the Octavia housekeeping role.
|
||||||
value:
|
value:
|
||||||
service_name: {get_attr: [OctaviaHousekeepingPuppetBase, role_data, service_name]}
|
service_name: octavia_housekeeping
|
||||||
config_settings: {get_attr: [OctaviaHousekeepingPuppetBase, role_data, config_settings]}
|
monitoring_subscription: {get_param: MonitoringSubscriptionOctaviaHousekeeping}
|
||||||
service_config_settings:
|
config_settings:
|
||||||
map_merge:
|
map_merge:
|
||||||
- get_attr: [OctaviaHousekeepingPuppetBase, role_data, service_config_settings]
|
- get_attr: [OctaviaBase, role_data, config_settings]
|
||||||
- fluentd:
|
-
|
||||||
tripleo_fluentd_groups_octavia_housekeeping:
|
if:
|
||||||
- octavia
|
- amphora_expiry_is_zero
|
||||||
tripleo_fluentd_sources_octavia_housekeeping:
|
- {}
|
||||||
- {get_param: OctaviaHousekeepingLoggingSource}
|
- octavia::housekeeping::amphora_expiry_age: {get_param: OctaviaAmphoraExpiryAge}
|
||||||
|
service_config_settings:
|
||||||
|
fluentd:
|
||||||
|
tripleo_fluentd_groups_octavia_housekeeping:
|
||||||
|
- octavia
|
||||||
|
tripleo_fluentd_sources_octavia_housekeeping:
|
||||||
|
- {get_param: OctaviaHousekeepingLoggingSource}
|
||||||
# BEGIN DOCKER SETTINGS #
|
# BEGIN DOCKER SETTINGS #
|
||||||
puppet_config:
|
puppet_config:
|
||||||
config_volume: octavia
|
config_volume: octavia
|
||||||
@ -81,7 +100,7 @@ outputs:
|
|||||||
step_config:
|
step_config:
|
||||||
list_join:
|
list_join:
|
||||||
- "\n"
|
- "\n"
|
||||||
- - {get_attr: [OctaviaHousekeepingPuppetBase, role_data, step_config]}
|
- - "include tripleo::profile::base::octavia::housekeeping"
|
||||||
- {get_attr: [MySQLClient, role_data, step_config]}
|
- {get_attr: [MySQLClient, role_data, step_config]}
|
||||||
config_image: {get_param: DockerOctaviaConfigImage}
|
config_image: {get_param: DockerOctaviaConfigImage}
|
||||||
kolla_config:
|
kolla_config:
|
@ -45,17 +45,52 @@ parameters:
|
|||||||
default: 'false'
|
default: 'false'
|
||||||
description: Set to true to enable package installation at deploy time
|
description: Set to true to enable package installation at deploy time
|
||||||
type: boolean
|
type: boolean
|
||||||
|
MonitoringSubscriptionOctaviaWorker:
|
||||||
|
default: 'overcloud-octavia-worker'
|
||||||
|
type: string
|
||||||
|
OctaviaFlavorProperties:
|
||||||
|
default:
|
||||||
|
ram : '1024'
|
||||||
|
disk : '3'
|
||||||
|
vcpus : '1'
|
||||||
|
description: Dictionary describing the nova flavor for amphora.
|
||||||
|
type: json
|
||||||
|
OctaviaManageNovaFlavor:
|
||||||
|
default: true
|
||||||
|
description: Configure the nova flavor for the amphora.
|
||||||
|
type: boolean
|
||||||
|
OctaviaClientCertFile:
|
||||||
|
default: '/etc/octavia/certs/client.pem'
|
||||||
|
description: client certificate for amphoras
|
||||||
|
type: string
|
||||||
|
OctaviaClientCert:
|
||||||
|
default: ''
|
||||||
|
description: Client certificate data. If provided, this will create or update
|
||||||
|
a file on the host with the path provided in OctaviaClientCertFile
|
||||||
|
with the certificate data.
|
||||||
|
type: string
|
||||||
|
OctaviaProjectName:
|
||||||
|
description: The project name for the keystone Octavia account.
|
||||||
|
type: string
|
||||||
|
default: 'service'
|
||||||
|
RpcPort:
|
||||||
|
default: 5672
|
||||||
|
description: The network port for messaging backend
|
||||||
|
type: number
|
||||||
|
|
||||||
|
conditions:
|
||||||
|
octavia_client_cert_unset: {equals: [{get_param: OctaviaClientCert}, ""]}
|
||||||
|
|
||||||
resources:
|
resources:
|
||||||
|
|
||||||
ContainersCommon:
|
ContainersCommon:
|
||||||
type: ./containers-common.yaml
|
type: ../../docker/services/containers-common.yaml
|
||||||
|
|
||||||
MySQLClient:
|
MySQLClient:
|
||||||
type: ../../deployment/database/mysql-client.yaml
|
type: ../database/mysql-client.yaml
|
||||||
|
|
||||||
OctaviaWorkerPuppetBase:
|
OctaviaBase:
|
||||||
type: ../../puppet/services/octavia-worker.yaml
|
type: ./octavia-base.yaml
|
||||||
properties:
|
properties:
|
||||||
EndpointMap: {get_param: EndpointMap}
|
EndpointMap: {get_param: EndpointMap}
|
||||||
ServiceData: {get_param: ServiceData}
|
ServiceData: {get_param: ServiceData}
|
||||||
@ -68,16 +103,15 @@ outputs:
|
|||||||
role_data:
|
role_data:
|
||||||
description: Role data for the Octavia worker role.
|
description: Role data for the Octavia worker role.
|
||||||
value:
|
value:
|
||||||
service_name: {get_attr: [OctaviaWorkerPuppetBase, role_data, service_name]}
|
service_name: octavia_worker
|
||||||
config_settings: {get_attr: [OctaviaWorkerPuppetBase, role_data, config_settings]}
|
monitoring_subscription: {get_param: MonitoringSubscriptionOctaviaWorker}
|
||||||
|
config_settings: {get_attr: [OctaviaBase, role_data, config_settings]}
|
||||||
service_config_settings:
|
service_config_settings:
|
||||||
map_merge:
|
fluentd:
|
||||||
- get_attr: [OctaviaWorkerPuppetBase, role_data, service_config_settings]
|
tripleo_fluentd_groups_octavia_worker:
|
||||||
- fluentd:
|
- octavia
|
||||||
tripleo_fluentd_groups_octavia_worker:
|
tripleo_fluentd_sources_octavia_worker:
|
||||||
- octavia
|
- {get_param: OctaviaWorkerLoggingSource}
|
||||||
tripleo_fluentd_sources_octavia_worker:
|
|
||||||
- {get_param: OctaviaWorkerLoggingSource}
|
|
||||||
# BEGIN DOCKER SETTINGS #
|
# BEGIN DOCKER SETTINGS #
|
||||||
puppet_config:
|
puppet_config:
|
||||||
config_volume: octavia
|
config_volume: octavia
|
||||||
@ -86,7 +120,7 @@ outputs:
|
|||||||
list_join:
|
list_join:
|
||||||
- "\n"
|
- "\n"
|
||||||
- - "['nova_flavor'].each |String $val| { noop_resource($val) }"
|
- - "['nova_flavor'].each |String $val| { noop_resource($val) }"
|
||||||
- {get_attr: [OctaviaWorkerPuppetBase, role_data, step_config]}
|
- "include tripleo::profile::base::octavia::worker"
|
||||||
- {get_attr: [MySQLClient, role_data, step_config]}
|
- {get_attr: [MySQLClient, role_data, step_config]}
|
||||||
config_image: {get_param: DockerOctaviaConfigImage}
|
config_image: {get_param: DockerOctaviaConfigImage}
|
||||||
kolla_config:
|
kolla_config:
|
||||||
@ -130,7 +164,7 @@ outputs:
|
|||||||
- yaql:
|
- yaql:
|
||||||
expression: str($.data.port)
|
expression: str($.data.port)
|
||||||
data:
|
data:
|
||||||
port: {get_attr: [OctaviaWorkerPuppetBase, role_data, config_settings, 'octavia::rabbit_port']}
|
port: {get_param: RpcPort}
|
||||||
volumes:
|
volumes:
|
||||||
list_concat:
|
list_concat:
|
||||||
- {get_attr: [ContainersCommon, volumes]}
|
- {get_attr: [ContainersCommon, volumes]}
|
@ -1,9 +1,9 @@
|
|||||||
resource_registry:
|
resource_registry:
|
||||||
OS::TripleO::Services::OctaviaApi: ../../puppet/services/octavia-api.yaml
|
OS::TripleO::Services::OctaviaApi: ../../deployment/octavia/octavia-api-container-puppet.yaml
|
||||||
OS::TripleO::Services::OctaviaHousekeeping: ../../puppet/services/octavia-housekeeping.yaml
|
OS::TripleO::Services::OctaviaHousekeeping: ../../deployment/octavia/octavia-housekeeping-container-puppet.yaml
|
||||||
OS::TripleO::Services::OctaviaHealthManager: ../../puppet/services/octavia-health-manager.yaml
|
OS::TripleO::Services::OctaviaHealthManager: ../../deployment/octavia/octavia-health-manager-container-puppet.yaml
|
||||||
OS::TripleO::Services::OctaviaWorker: ../../puppet/services/octavia-worker.yaml
|
OS::TripleO::Services::OctaviaWorker: ../../deployment/octavia/octavia-worker-container-puppet.yaml
|
||||||
OS::TripleO::Services::OctaviaDeploymentConfig: ../../puppet/services/octavia/octavia-deployment-config.yaml
|
OS::TripleO::Services::OctaviaDeploymentConfig: ../../deployment/octavia/octavia-deployment-config.yaml
|
||||||
|
|
||||||
parameter_defaults:
|
parameter_defaults:
|
||||||
NeutronEnableForceMetadata: true
|
NeutronEnableForceMetadata: true
|
||||||
|
@ -1,9 +1,9 @@
|
|||||||
resource_registry:
|
resource_registry:
|
||||||
OS::TripleO::Services::OctaviaApi: ../../docker/services/octavia-api.yaml
|
OS::TripleO::Services::OctaviaApi: ../../deployment/octavia/octavia-api-container-puppet.yaml
|
||||||
OS::TripleO::Services::OctaviaHousekeeping: ../../docker/services/octavia-housekeeping.yaml
|
OS::TripleO::Services::OctaviaHousekeeping: ../../deployment/octavia/octavia-housekeeping-container-puppet.yaml
|
||||||
OS::TripleO::Services::OctaviaHealthManager: ../../docker/services/octavia-health-manager.yaml
|
OS::TripleO::Services::OctaviaHealthManager: ../../deployment/octavia/octavia-health-manager-container-puppet.yaml
|
||||||
OS::TripleO::Services::OctaviaWorker: ../../docker/services/octavia-worker.yaml
|
OS::TripleO::Services::OctaviaWorker: ../../deployment/octavia/octavia-worker-container-puppet.yaml
|
||||||
OS::TripleO::Services::OctaviaDeploymentConfig: ../../docker/services/octavia/octavia-deployment-config.yaml
|
OS::TripleO::Services::OctaviaDeploymentConfig: ../../deployment/octavia/octavia-deployment-config.yaml
|
||||||
|
|
||||||
parameter_defaults:
|
parameter_defaults:
|
||||||
NeutronEnableForceMetadata: true
|
NeutronEnableForceMetadata: true
|
||||||
|
@ -1,180 +0,0 @@
|
|||||||
heat_template_version: rocky
|
|
||||||
|
|
||||||
description: >
|
|
||||||
OpenStack Octavia API service.
|
|
||||||
|
|
||||||
parameters:
|
|
||||||
ServiceData:
|
|
||||||
default: {}
|
|
||||||
description: Dictionary packing service data
|
|
||||||
type: json
|
|
||||||
ServiceNetMap:
|
|
||||||
default: {}
|
|
||||||
description: Mapping of service_name -> network name. Typically set
|
|
||||||
via parameter_defaults in the resource registry. This
|
|
||||||
mapping overrides those in ServiceNetMapDefaults.
|
|
||||||
type: json
|
|
||||||
DefaultPasswords:
|
|
||||||
default: {}
|
|
||||||
type: json
|
|
||||||
RoleName:
|
|
||||||
default: ''
|
|
||||||
description: Role name on which the service is applied
|
|
||||||
type: string
|
|
||||||
RoleParameters:
|
|
||||||
default: {}
|
|
||||||
description: Parameters specific to the role
|
|
||||||
type: json
|
|
||||||
EndpointMap:
|
|
||||||
default: {}
|
|
||||||
description: Mapping of service endpoint -> protocol. Typically set
|
|
||||||
via parameter_defaults in the resource registry.
|
|
||||||
type: json
|
|
||||||
OctaviaUserName:
|
|
||||||
description: The username for the Octavia database and keystone accounts.
|
|
||||||
type: string
|
|
||||||
default: 'octavia'
|
|
||||||
OctaviaPassword:
|
|
||||||
description: The password for the Octavia database and keystone accounts.
|
|
||||||
type: string
|
|
||||||
hidden: true
|
|
||||||
OctaviaProjectName:
|
|
||||||
description: The project name for the keystone Octavia account.
|
|
||||||
type: string
|
|
||||||
default: 'service'
|
|
||||||
KeystoneRegion:
|
|
||||||
type: string
|
|
||||||
default: 'regionOne'
|
|
||||||
description: Keystone region for endpoint
|
|
||||||
MonitoringSubscriptionOctaviaApi:
|
|
||||||
default: 'overcloud-octavia-api'
|
|
||||||
type: string
|
|
||||||
OctaviaApiLoggingSource:
|
|
||||||
type: json
|
|
||||||
default:
|
|
||||||
tag: openstack.octavia.api
|
|
||||||
path: /var/log/octavia/api.log
|
|
||||||
OctaviaApiPolicies:
|
|
||||||
description: |
|
|
||||||
A hash of policies to configure for Octavia API.
|
|
||||||
e.g. { octavia-context_is_admin: { key: context_is_admin, value: 'role:admin' } }
|
|
||||||
default: {}
|
|
||||||
type: json
|
|
||||||
EnableInternalTLS:
|
|
||||||
type: boolean
|
|
||||||
default: false
|
|
||||||
|
|
||||||
conditions:
|
|
||||||
use_tls_proxy: {equals : [{get_param: EnableInternalTLS}, true]}
|
|
||||||
|
|
||||||
resources:
|
|
||||||
|
|
||||||
TLSProxyBase:
|
|
||||||
type: OS::TripleO::Services::TLSProxyBase
|
|
||||||
properties:
|
|
||||||
ServiceData: {get_param: ServiceData}
|
|
||||||
ServiceNetMap: {get_param: ServiceNetMap}
|
|
||||||
DefaultPasswords: {get_param: DefaultPasswords}
|
|
||||||
EndpointMap: {get_param: EndpointMap}
|
|
||||||
RoleName: {get_param: RoleName}
|
|
||||||
RoleParameters: {get_param: RoleParameters}
|
|
||||||
EnableInternalTLS: {get_param: EnableInternalTLS}
|
|
||||||
|
|
||||||
OctaviaBase:
|
|
||||||
type: ./octavia-base.yaml
|
|
||||||
properties:
|
|
||||||
ServiceData: {get_param: ServiceData}
|
|
||||||
ServiceNetMap: {get_param: ServiceNetMap}
|
|
||||||
DefaultPasswords: {get_param: DefaultPasswords}
|
|
||||||
EndpointMap: {get_param: EndpointMap}
|
|
||||||
RoleName: {get_param: RoleName}
|
|
||||||
RoleParameters: {get_param: RoleParameters}
|
|
||||||
|
|
||||||
OctaviaController:
|
|
||||||
type: ./octavia-controller.yaml
|
|
||||||
properties:
|
|
||||||
ServiceData: {get_param: ServiceData}
|
|
||||||
ServiceNetMap: {get_param: ServiceNetMap}
|
|
||||||
DefaultPasswords: {get_param: DefaultPasswords}
|
|
||||||
EndpointMap: {get_param: EndpointMap}
|
|
||||||
RoleName: {get_param: RoleName}
|
|
||||||
RoleParameters: {get_param: RoleParameters}
|
|
||||||
|
|
||||||
outputs:
|
|
||||||
role_data:
|
|
||||||
description: Role data for the Octavia API service.
|
|
||||||
value:
|
|
||||||
service_name: octavia_api
|
|
||||||
monitoring_subscription: {get_param: MonitoringSubscriptionOctaviaApi}
|
|
||||||
config_settings:
|
|
||||||
map_merge:
|
|
||||||
- get_attr: [OctaviaBase, role_data, config_settings]
|
|
||||||
- get_attr: [OctaviaController, role_data, config_settings]
|
|
||||||
- get_attr: [TLSProxyBase, role_data, config_settings]
|
|
||||||
- octavia::keystone::authtoken::www_authenticate_uri: {get_param: [EndpointMap, KeystoneInternal, uri] }
|
|
||||||
octavia::keystone::authtoken::auth_uri: {get_param: [EndpointMap, KeystoneInternal, uri] }
|
|
||||||
octavia::policy::policies: {get_param: OctaviaApiPolicies}
|
|
||||||
octavia::keystone::authtoken::auth_url: {get_param: [EndpointMap, KeystoneInternal, uri_no_suffix]}
|
|
||||||
octavia::keystone::authtoken::project_name: {get_param: OctaviaProjectName}
|
|
||||||
octavia::keystone::authtoken::password: {get_param: OctaviaPassword}
|
|
||||||
octavia::api::sync_db: true
|
|
||||||
tripleo::octavia_api::firewall_rules:
|
|
||||||
'120 octavia api':
|
|
||||||
dport:
|
|
||||||
- 9876
|
|
||||||
- 13876
|
|
||||||
# NOTE: bind IP is found in hiera replacing the network name with the local node IP
|
|
||||||
# for the given network; replacement examples (eg. for internal_api):
|
|
||||||
# internal_api -> IP
|
|
||||||
# internal_api_uri -> [IP]
|
|
||||||
# internal_api_subnet - > IP/CIDR
|
|
||||||
tripleo::profile::base::octavia::api::tls_proxy_bind_ip:
|
|
||||||
str_replace:
|
|
||||||
template:
|
|
||||||
"%{hiera('$NETWORK')}"
|
|
||||||
params:
|
|
||||||
$NETWORK: {get_param: [ServiceNetMap, OctaviaApiNetwork]}
|
|
||||||
tripleo::profile::base::octavia::api::tls_proxy_fqdn:
|
|
||||||
str_replace:
|
|
||||||
template:
|
|
||||||
"%{hiera('fqdn_$NETWORK')}"
|
|
||||||
params:
|
|
||||||
$NETWORK: {get_param: [ServiceNetMap, OctaviaApiNetwork]}
|
|
||||||
tripleo::profile::base::octavia::api::tls_proxy_port:
|
|
||||||
get_param: [EndpointMap, OctaviaInternal, port]
|
|
||||||
# Bind to localhost if internal TLS is enabled, since we put a TLS
|
|
||||||
# proxy in front.
|
|
||||||
octavia::api::host:
|
|
||||||
if:
|
|
||||||
- use_tls_proxy
|
|
||||||
- '127.0.0.1'
|
|
||||||
- str_replace:
|
|
||||||
template:
|
|
||||||
"%{hiera('$NETWORK')}"
|
|
||||||
params:
|
|
||||||
$NETWORK: {get_param: [ServiceNetMap, OctaviaApiNetwork]}
|
|
||||||
step_config: |
|
|
||||||
include tripleo::profile::base::octavia::api
|
|
||||||
service_config_settings:
|
|
||||||
fluentd:
|
|
||||||
tripleo_fluentd_groups_octavia_api:
|
|
||||||
- octavia
|
|
||||||
tripleo_fluentd_sources_octavia_api:
|
|
||||||
- {get_param: OctaviaApiLoggingSource}
|
|
||||||
keystone:
|
|
||||||
octavia::keystone::auth::tenant: {get_param: OctaviaProjectName}
|
|
||||||
octavia::keystone::auth::public_url: {get_param: [EndpointMap, OctaviaPublic, uri]}
|
|
||||||
octavia::keystone::auth::internal_url: { get_param: [ EndpointMap, OctaviaInternal, uri ] }
|
|
||||||
octavia::keystone::auth::admin_url: { get_param: [ EndpointMap, OctaviaAdmin, uri ] }
|
|
||||||
octavia::keystone::auth::password: {get_param: OctaviaPassword}
|
|
||||||
octavia::keystone::auth::region: {get_param: KeystoneRegion}
|
|
||||||
mysql:
|
|
||||||
octavia::db::mysql::password: {get_param: OctaviaPassword}
|
|
||||||
octavia::db::mysql::user: {get_param: OctaviaUserName}
|
|
||||||
octavia::db::mysql::host: {get_param: [EndpointMap, MysqlInternal, host_nobrackets]}
|
|
||||||
octavia::db::mysql::dbname: octavia
|
|
||||||
octavia::db::mysql::allowed_hosts:
|
|
||||||
- '%'
|
|
||||||
- "%{hiera('mysql_bind_host')}"
|
|
||||||
metadata_settings:
|
|
||||||
get_attr: [TLSProxyBase, role_data, metadata_settings]
|
|
@ -1,164 +0,0 @@
|
|||||||
heat_template_version: rocky
|
|
||||||
|
|
||||||
description: >
|
|
||||||
OpenStack Octavia base service. Shared for all Octavia services
|
|
||||||
|
|
||||||
parameters:
|
|
||||||
ServiceData:
|
|
||||||
default: {}
|
|
||||||
description: Dictionary packing service data
|
|
||||||
type: json
|
|
||||||
ServiceNetMap:
|
|
||||||
default: {}
|
|
||||||
description: Mapping of service_name -> network name. Typically set
|
|
||||||
via parameter_defaults in the resource registry. This
|
|
||||||
mapping overrides those in ServiceNetMapDefaults.
|
|
||||||
type: json
|
|
||||||
DefaultPasswords:
|
|
||||||
default: {}
|
|
||||||
type: json
|
|
||||||
RoleName:
|
|
||||||
default: ''
|
|
||||||
description: Role name on which the service is applied
|
|
||||||
type: string
|
|
||||||
RoleParameters:
|
|
||||||
default: {}
|
|
||||||
description: Parameters specific to the role
|
|
||||||
type: json
|
|
||||||
EndpointMap:
|
|
||||||
default: {}
|
|
||||||
description: Mapping of service endpoint -> protocol. Typically set
|
|
||||||
via parameter_defaults in the resource registry.
|
|
||||||
type: json
|
|
||||||
Debug:
|
|
||||||
type: boolean
|
|
||||||
default: false
|
|
||||||
description: Set to True to enable debugging on all services.
|
|
||||||
OctaviaDebug:
|
|
||||||
default: ''
|
|
||||||
description: Set to True to enable debugging Octavia services.
|
|
||||||
type: string
|
|
||||||
constraints:
|
|
||||||
- allowed_values: [ '', 'true', 'True', 'TRUE', 'false', 'False', 'FALSE']
|
|
||||||
EnableConfigPurge:
|
|
||||||
type: boolean
|
|
||||||
default: false
|
|
||||||
description: >
|
|
||||||
Remove configuration that is not generated by TripleO. Used to avoid
|
|
||||||
configuration remnants after upgrades.
|
|
||||||
RpcPort:
|
|
||||||
default: 5672
|
|
||||||
description: The network port for messaging backend
|
|
||||||
type: number
|
|
||||||
RpcUserName:
|
|
||||||
default: guest
|
|
||||||
description: The username for messaging backend
|
|
||||||
type: string
|
|
||||||
RpcPassword:
|
|
||||||
description: The password for messaging backend
|
|
||||||
type: string
|
|
||||||
hidden: true
|
|
||||||
RpcUseSSL:
|
|
||||||
default: false
|
|
||||||
description: >
|
|
||||||
Messaging client subscriber parameter to specify
|
|
||||||
an SSL connection to the messaging host.
|
|
||||||
type: string
|
|
||||||
NotificationDriver:
|
|
||||||
type: string
|
|
||||||
default: 'messagingv2'
|
|
||||||
description: Driver or drivers to handle sending notifications.
|
|
||||||
OctaviaUserName:
|
|
||||||
description: The username for the Octavia database and keystone accounts.
|
|
||||||
type: string
|
|
||||||
default: 'octavia'
|
|
||||||
OctaviaPassword:
|
|
||||||
description: The password for the Octavia database and keystone accounts.
|
|
||||||
type: string
|
|
||||||
hidden: true
|
|
||||||
OctaviaProjectName:
|
|
||||||
description: The project name for the keystone Octavia account.
|
|
||||||
type: string
|
|
||||||
default: 'service'
|
|
||||||
OctaviaCaCertFile:
|
|
||||||
type: string
|
|
||||||
default: '/etc/octavia/certs/ca_01.pem'
|
|
||||||
description: Octavia CA certificate file path.
|
|
||||||
OctaviaCaCert:
|
|
||||||
type: string
|
|
||||||
default: ''
|
|
||||||
description: Octavia CA certificate data. If provided, this will create
|
|
||||||
or update a file on the host with the path provided in
|
|
||||||
OctaviaCaCertFile with the certificate data.
|
|
||||||
OctaviaCaKeyFile:
|
|
||||||
type: string
|
|
||||||
default: '/etc/octavia/certs/private/cakey.pem'
|
|
||||||
description: Octavia CA private key file path.
|
|
||||||
OctaviaCaKey:
|
|
||||||
type: string
|
|
||||||
default: ''
|
|
||||||
description: The private key for the certificate provided in OctaviaCaCert.
|
|
||||||
If provided, this will create or update a file on the host
|
|
||||||
with the path provided in OctaviaCaKeyFile with the key
|
|
||||||
data.
|
|
||||||
OctaviaCaKeyPassphrase:
|
|
||||||
description: CA private key passphrase.
|
|
||||||
type: string
|
|
||||||
hidden: true
|
|
||||||
|
|
||||||
conditions:
|
|
||||||
service_debug_unset: {equals : [{get_param: OctaviaDebug}, '']}
|
|
||||||
octavia_ca_cert_unset: {equals: [{get_param: OctaviaCaCert}, '']}
|
|
||||||
octavia_ca_key_unset: {equals: [{get_param: OctaviaCaKey}, '']}
|
|
||||||
|
|
||||||
outputs:
|
|
||||||
role_data:
|
|
||||||
description: Base role data for Octavia services
|
|
||||||
value:
|
|
||||||
service_name: octavia_base
|
|
||||||
config_settings:
|
|
||||||
|
|
||||||
map_merge:
|
|
||||||
- octavia::logging::debug:
|
|
||||||
if:
|
|
||||||
- service_debug_unset
|
|
||||||
- {get_param: Debug }
|
|
||||||
- {get_param: OctaviaDebug }
|
|
||||||
octavia::purge_config: {get_param: EnableConfigPurge}
|
|
||||||
octavia::notification_driver: {get_param: NotificationDriver}
|
|
||||||
octavia::db::database_connection:
|
|
||||||
make_url:
|
|
||||||
scheme: {get_param: [EndpointMap, MysqlInternal, protocol]}
|
|
||||||
username: {get_param: OctaviaUserName}
|
|
||||||
password: {get_param: OctaviaPassword}
|
|
||||||
host: {get_param: [EndpointMap, MysqlInternal, host]}
|
|
||||||
path: /octavia
|
|
||||||
query:
|
|
||||||
read_default_file: /etc/my.cnf.d/tripleo.cnf
|
|
||||||
read_default_group: tripleo
|
|
||||||
# TODO(ansmith): remove once p-t-o switches to oslo params
|
|
||||||
octavia::rabbit_use_ssl: {get_param: RpcUseSSL}
|
|
||||||
octavia::rabbit_userid: {get_param: RpcUserName}
|
|
||||||
octavia::rabbit_password: {get_param: RpcPassword}
|
|
||||||
octavia::rabbit_port: {get_param: RpcPort}
|
|
||||||
octavia::service_auth::auth_url: {get_param: [EndpointMap, KeystonePublic, uri]}
|
|
||||||
octavia::service_auth::auth_type: 'password'
|
|
||||||
octavia::service_auth::username: {get_param: OctaviaUserName}
|
|
||||||
octavia::service_auth::password: {get_param: OctaviaPassword}
|
|
||||||
octavia::service_auth::project_name: {get_param: OctaviaProjectName}
|
|
||||||
octavia::service_auth::project_domain_name: 'Default'
|
|
||||||
octavia::service_auth::user_domain_name: 'Default'
|
|
||||||
octavia::service_auth::auth_type: 'password'
|
|
||||||
octavia::certificates::ca_certificate: {get_param: OctaviaCaCertFile}
|
|
||||||
octavia::certificates::ca_private_key: {get_param: OctaviaCaKeyFile}
|
|
||||||
octavia::certificates::ca_private_key_passphrase: {get_param: OctaviaCaKeyPassphrase}
|
|
||||||
-
|
|
||||||
if:
|
|
||||||
- octavia_ca_cert_unset
|
|
||||||
- {}
|
|
||||||
- octavia::certificates::ca_certificate_data: {get_param: OctaviaCaCert}
|
|
||||||
-
|
|
||||||
if:
|
|
||||||
- octavia_ca_key_unset
|
|
||||||
- {}
|
|
||||||
- octavia::certificates::ca_private_key_data: {get_param: OctaviaCaKey}
|
|
@ -1,108 +0,0 @@
|
|||||||
heat_template_version: rocky
|
|
||||||
|
|
||||||
description: >
|
|
||||||
OpenStack Octavia Worker service.
|
|
||||||
|
|
||||||
parameters:
|
|
||||||
ServiceData:
|
|
||||||
default: {}
|
|
||||||
description: Dictionary packing service data
|
|
||||||
type: json
|
|
||||||
ServiceNetMap:
|
|
||||||
default: {}
|
|
||||||
description: Mapping of service_name -> network name. Typically set
|
|
||||||
via parameter_defaults in the resource registry. This
|
|
||||||
mapping overrides those in ServiceNetMapDefaults.
|
|
||||||
type: json
|
|
||||||
DefaultPasswords:
|
|
||||||
default: {}
|
|
||||||
type: json
|
|
||||||
RoleName:
|
|
||||||
default: ''
|
|
||||||
description: Role name on which the service is applied
|
|
||||||
type: string
|
|
||||||
RoleParameters:
|
|
||||||
default: {}
|
|
||||||
description: Parameters specific to the role
|
|
||||||
type: json
|
|
||||||
EndpointMap:
|
|
||||||
default: {}
|
|
||||||
description: Mapping of service endpoint -> protocol. Typically set
|
|
||||||
via parameter_defaults in the resource registry.
|
|
||||||
type: json
|
|
||||||
OctaviaAmphoraImageTag:
|
|
||||||
default: 'amphora-image'
|
|
||||||
description: Glance image tag for identifying the amphora image.
|
|
||||||
type: string
|
|
||||||
OctaviaAmphoraNetworkList:
|
|
||||||
default: []
|
|
||||||
description: List of networks to attach to amphorae.
|
|
||||||
type: comma_delimited_list
|
|
||||||
OctaviaAmphoraSshKeyName:
|
|
||||||
type: string
|
|
||||||
default: 'octavia-ssh-key'
|
|
||||||
description: SSH key name.
|
|
||||||
OctaviaLoadBalancerTopology:
|
|
||||||
default: ''
|
|
||||||
description: Load balancer topology configuration.
|
|
||||||
type: string
|
|
||||||
OctaviaFlavorId:
|
|
||||||
default: '65'
|
|
||||||
description: Nova flavor ID to be used when creating the nova flavor for
|
|
||||||
amphora.
|
|
||||||
type: string
|
|
||||||
OctaviaTimeoutClientData:
|
|
||||||
default: 50000
|
|
||||||
description: Frontend client inactivity timeout.
|
|
||||||
type: number
|
|
||||||
OctaviaTimeoutMemberConnect:
|
|
||||||
default: 5000
|
|
||||||
description: Backend member connection timeout.
|
|
||||||
type: number
|
|
||||||
OctaviaTimeoutMemberData:
|
|
||||||
default: 50000
|
|
||||||
description: Backend member inactivity timeout.
|
|
||||||
type: number
|
|
||||||
OctaviaTimeoutTcpInspect:
|
|
||||||
default: 0
|
|
||||||
description: Time to wait for TCP packets for content inspection.
|
|
||||||
type: number
|
|
||||||
|
|
||||||
conditions:
|
|
||||||
octavia_topology_unset: {equals : [{get_param: OctaviaLoadBalancerTopology}, ""]}
|
|
||||||
|
|
||||||
resources:
|
|
||||||
|
|
||||||
OctaviaBase:
|
|
||||||
type: ./octavia-base.yaml
|
|
||||||
properties:
|
|
||||||
ServiceData: {get_param: ServiceData}
|
|
||||||
ServiceNetMap: {get_param: ServiceNetMap}
|
|
||||||
DefaultPasswords: {get_param: DefaultPasswords}
|
|
||||||
EndpointMap: {get_param: EndpointMap}
|
|
||||||
RoleName: {get_param: RoleName}
|
|
||||||
RoleParameters: {get_param: RoleParameters}
|
|
||||||
|
|
||||||
outputs:
|
|
||||||
role_data:
|
|
||||||
description: Role data for Octavia controller services.
|
|
||||||
value:
|
|
||||||
service_name: octavia_controller
|
|
||||||
config_settings:
|
|
||||||
map_merge:
|
|
||||||
- get_attr: [OctaviaBase, role_data, config_settings]
|
|
||||||
- octavia::controller::amp_boot_network_list: {get_param: OctaviaAmphoraNetworkList}
|
|
||||||
octavia::controller::amp_flavor_id: {get_param: OctaviaFlavorId}
|
|
||||||
octavia::controller::amp_image_tag: {get_param: OctaviaAmphoraImageTag}
|
|
||||||
octavia::controller::amp_ssh_key_name: {get_param: OctaviaAmphoraSshKeyName}
|
|
||||||
octavia::controller::enable_ssh_access: true
|
|
||||||
octavia::controller::timeout_client_data: {get_param: OctaviaTimeoutClientData}
|
|
||||||
octavia::controller::timeout_member_connect: {get_param: OctaviaTimeoutMemberConnect}
|
|
||||||
octavia::controller::timeout_member_data: {get_param: OctaviaTimeoutMemberData}
|
|
||||||
octavia::controller::timeout_tcp_inspect: {get_param: OctaviaTimeoutTcpInspect}
|
|
||||||
-
|
|
||||||
if:
|
|
||||||
- octavia_topology_unset
|
|
||||||
- {}
|
|
||||||
- octavia::controller::loadbalancer_topology: {get_param: OctaviaLoadBalancerTopology}
|
|
||||||
|
|
@ -1,105 +0,0 @@
|
|||||||
heat_template_version: rocky
|
|
||||||
|
|
||||||
description: >
|
|
||||||
OpenStack Octavia Health Manager service.
|
|
||||||
|
|
||||||
parameters:
|
|
||||||
ServiceData:
|
|
||||||
default: {}
|
|
||||||
description: Dictionary packing service data
|
|
||||||
type: json
|
|
||||||
ServiceNetMap:
|
|
||||||
default: {}
|
|
||||||
description: Mapping of service_name -> network name. Typically set
|
|
||||||
via parameter_defaults in the resource registry. This
|
|
||||||
mapping overrides those in ServiceNetMapDefaults.
|
|
||||||
type: json
|
|
||||||
DefaultPasswords:
|
|
||||||
default: {}
|
|
||||||
type: json
|
|
||||||
RoleName:
|
|
||||||
default: ''
|
|
||||||
description: Role name on which the service is applied
|
|
||||||
type: string
|
|
||||||
RoleParameters:
|
|
||||||
default: {}
|
|
||||||
description: Parameters specific to the role
|
|
||||||
type: json
|
|
||||||
EndpointMap:
|
|
||||||
default: {}
|
|
||||||
description: Mapping of service endpoint -> protocol. Typically set
|
|
||||||
via parameter_defaults in the resource registry.
|
|
||||||
type: json
|
|
||||||
MonitoringSubscriptionOctaviaHealthManager:
|
|
||||||
default: 'overcloud-octavia-health-manager'
|
|
||||||
type: string
|
|
||||||
OctaviaHealthManagerLoggingSource:
|
|
||||||
type: json
|
|
||||||
default:
|
|
||||||
tag: openstack.octavia.health-manager
|
|
||||||
path: /var/log/octavia/health-manager.log
|
|
||||||
OctaviaHeartbeatKey:
|
|
||||||
type: string
|
|
||||||
description: Key to identify heartbeat messages for amphorae.
|
|
||||||
hidden: true
|
|
||||||
OctaviaMgmtPortDevName:
|
|
||||||
type: string
|
|
||||||
default: "o-hm0"
|
|
||||||
description: Name of the octavia management network interface using
|
|
||||||
for communication between octavia worker/health-manager
|
|
||||||
with the amphora machine.
|
|
||||||
OctaviaEventStreamerDriver:
|
|
||||||
type: string
|
|
||||||
default: "noop_event_streamer"
|
|
||||||
description: Name of the event streamer driver to use for syncing Octavia
|
|
||||||
and Neutron LBaaS databases. It is highly recommended to
|
|
||||||
disable if one doesn't need to sync the database or is running
|
|
||||||
Octavia in standalone mode by setting to noop_event_streamer.
|
|
||||||
|
|
||||||
resources:
|
|
||||||
|
|
||||||
OctaviaBase:
|
|
||||||
type: ./octavia-base.yaml
|
|
||||||
properties:
|
|
||||||
ServiceData: {get_param: ServiceData}
|
|
||||||
ServiceNetMap: {get_param: ServiceNetMap}
|
|
||||||
DefaultPasswords: {get_param: DefaultPasswords}
|
|
||||||
EndpointMap: {get_param: EndpointMap}
|
|
||||||
RoleName: {get_param: RoleName}
|
|
||||||
RoleParameters: {get_param: RoleParameters}
|
|
||||||
|
|
||||||
OctaviaController:
|
|
||||||
type: ./octavia-controller.yaml
|
|
||||||
properties:
|
|
||||||
ServiceData: {get_param: ServiceData}
|
|
||||||
ServiceNetMap: {get_param: ServiceNetMap}
|
|
||||||
DefaultPasswords: {get_param: DefaultPasswords}
|
|
||||||
EndpointMap: {get_param: EndpointMap}
|
|
||||||
RoleName: {get_param: RoleName}
|
|
||||||
RoleParameters: {get_param: RoleParameters}
|
|
||||||
|
|
||||||
outputs:
|
|
||||||
role_data:
|
|
||||||
description: Role data for the Octavia Health Manager service.
|
|
||||||
value:
|
|
||||||
service_name: octavia_health_manager
|
|
||||||
monitoring_subscription: {get_param: MonitoringSubscriptionOctaviaHealthManager}
|
|
||||||
config_settings:
|
|
||||||
map_merge:
|
|
||||||
- get_attr: [OctaviaBase, role_data, config_settings]
|
|
||||||
- get_attr: [OctaviaController, role_data, config_settings]
|
|
||||||
- octavia::health_manager::heartbeat_key: {get_param: OctaviaHeartbeatKey}
|
|
||||||
octavia::health_manager::event_streamer_driver: {get_param: OctaviaEventStreamerDriver}
|
|
||||||
tripleo::octavia_health_manager::firewall_rules:
|
|
||||||
'200 octavia health manager interface':
|
|
||||||
proto: udp
|
|
||||||
dport: 5555
|
|
||||||
iniface: {get_param: OctaviaMgmtPortDevName}
|
|
||||||
service_config_settings:
|
|
||||||
fluentd:
|
|
||||||
tripleo_fluentd_groups_octavia_health_manager:
|
|
||||||
- octavia
|
|
||||||
tripleo_fluentd_sources_octavia_health_manager:
|
|
||||||
- {get_param: OctaviaHealthManagerLoggingSource}
|
|
||||||
step_config: |
|
|
||||||
include tripleo::profile::base::octavia::health_manager
|
|
@ -1,97 +0,0 @@
|
|||||||
heat_template_version: rocky
|
|
||||||
|
|
||||||
description: >
|
|
||||||
OpenStack Octavia Housekeeping service.
|
|
||||||
|
|
||||||
parameters:
|
|
||||||
ServiceData:
|
|
||||||
default: {}
|
|
||||||
description: Dictionary packing service data
|
|
||||||
type: json
|
|
||||||
ServiceNetMap:
|
|
||||||
default: {}
|
|
||||||
description: Mapping of service_name -> network name. Typically set
|
|
||||||
via parameter_defaults in the resource registry. This
|
|
||||||
mapping overrides those in ServiceNetMapDefaults.
|
|
||||||
type: json
|
|
||||||
DefaultPasswords:
|
|
||||||
default: {}
|
|
||||||
type: json
|
|
||||||
RoleName:
|
|
||||||
default: ''
|
|
||||||
description: Role name on which the service is applied
|
|
||||||
type: string
|
|
||||||
RoleParameters:
|
|
||||||
default: {}
|
|
||||||
description: Parameters specific to the role
|
|
||||||
type: json
|
|
||||||
EndpointMap:
|
|
||||||
default: {}
|
|
||||||
description: Mapping of service endpoint -> protocol. Typically set
|
|
||||||
via parameter_defaults in the resource registry.
|
|
||||||
type: json
|
|
||||||
OctaviaAmphoraExpiryAge:
|
|
||||||
default: 0
|
|
||||||
description: The interval in seconds after which an unused Amphora will
|
|
||||||
be considered expired and cleaned up. If left to 0, the
|
|
||||||
configuration will not be set and the system will use
|
|
||||||
the service defaults.
|
|
||||||
type: number
|
|
||||||
MonitoringSubscriptionOctaviaHousekeeping:
|
|
||||||
default: 'overcloud-octavia-housekeeping'
|
|
||||||
type: string
|
|
||||||
OctaviaHousekeepingLoggingSource:
|
|
||||||
type: json
|
|
||||||
default:
|
|
||||||
tag: openstack.octavia.housekeeping
|
|
||||||
path: /var/log/octavia/housekeeping.log
|
|
||||||
|
|
||||||
conditions:
|
|
||||||
amphora_expiry_is_zero: {equals: [{get_param: OctaviaAmphoraExpiryAge}, 0]}
|
|
||||||
|
|
||||||
|
|
||||||
resources:
|
|
||||||
|
|
||||||
OctaviaBase:
|
|
||||||
type: ./octavia-base.yaml
|
|
||||||
properties:
|
|
||||||
ServiceData: {get_param: ServiceData}
|
|
||||||
ServiceNetMap: {get_param: ServiceNetMap}
|
|
||||||
DefaultPasswords: {get_param: DefaultPasswords}
|
|
||||||
EndpointMap: {get_param: EndpointMap}
|
|
||||||
RoleName: {get_param: RoleName}
|
|
||||||
RoleParameters: {get_param: RoleParameters}
|
|
||||||
|
|
||||||
OctaviaController:
|
|
||||||
type: ./octavia-controller.yaml
|
|
||||||
properties:
|
|
||||||
ServiceData: {get_param: ServiceData}
|
|
||||||
ServiceNetMap: {get_param: ServiceNetMap}
|
|
||||||
DefaultPasswords: {get_param: DefaultPasswords}
|
|
||||||
EndpointMap: {get_param: EndpointMap}
|
|
||||||
RoleName: {get_param: RoleName}
|
|
||||||
RoleParameters: {get_param: RoleParameters}
|
|
||||||
|
|
||||||
outputs:
|
|
||||||
role_data:
|
|
||||||
description: Role data for the Octavia Housekeeping service.
|
|
||||||
value:
|
|
||||||
service_name: octavia_housekeeping
|
|
||||||
monitoring_subscription: {get_param: MonitoringSubscriptionOctaviaHousekeeping}
|
|
||||||
config_settings:
|
|
||||||
map_merge:
|
|
||||||
- get_attr: [OctaviaBase, role_data, config_settings]
|
|
||||||
- get_attr: [OctaviaController, role_data, config_settings]
|
|
||||||
-
|
|
||||||
if:
|
|
||||||
- amphora_expiry_is_zero
|
|
||||||
- {}
|
|
||||||
- octavia::housekeeping::amphora_expiry_age: {get_param: OctaviaAmphoraExpiryAge}
|
|
||||||
service_config_settings:
|
|
||||||
fluentd:
|
|
||||||
tripleo_fluentd_groups_octavia_housekeeping:
|
|
||||||
- octavia
|
|
||||||
tripleo_fluentd_sources_octavia_housekeeping:
|
|
||||||
- {get_param: OctaviaHousekeepingLoggingSource}
|
|
||||||
step_config: |
|
|
||||||
include tripleo::profile::base::octavia::housekeeping
|
|
@ -1,121 +0,0 @@
|
|||||||
heat_template_version: rocky
|
|
||||||
|
|
||||||
description: >
|
|
||||||
OpenStack Octavia Worker service.
|
|
||||||
|
|
||||||
parameters:
|
|
||||||
ServiceData:
|
|
||||||
default: {}
|
|
||||||
description: Dictionary packing service data
|
|
||||||
type: json
|
|
||||||
ServiceNetMap:
|
|
||||||
default: {}
|
|
||||||
description: Mapping of service_name -> network name. Typically set
|
|
||||||
via parameter_defaults in the resource registry. This
|
|
||||||
mapping overrides those in ServiceNetMapDefaults.
|
|
||||||
type: json
|
|
||||||
DefaultPasswords:
|
|
||||||
default: {}
|
|
||||||
type: json
|
|
||||||
RoleName:
|
|
||||||
default: ''
|
|
||||||
description: Role name on which the service is applied
|
|
||||||
type: string
|
|
||||||
RoleParameters:
|
|
||||||
default: {}
|
|
||||||
description: Parameters specific to the role
|
|
||||||
type: json
|
|
||||||
EndpointMap:
|
|
||||||
default: {}
|
|
||||||
description: Mapping of service endpoint -> protocol. Typically set
|
|
||||||
via parameter_defaults in the resource registry.
|
|
||||||
type: json
|
|
||||||
MonitoringSubscriptionOctaviaWorker:
|
|
||||||
default: 'overcloud-octavia-worker'
|
|
||||||
type: string
|
|
||||||
OctaviaWorkerLoggingSource:
|
|
||||||
type: json
|
|
||||||
default:
|
|
||||||
tag: openstack.octavia.worker
|
|
||||||
path: /var/log/octavia/worker.log
|
|
||||||
OctaviaFlavorProperties:
|
|
||||||
default:
|
|
||||||
ram : '1024'
|
|
||||||
disk : '3'
|
|
||||||
vcpus : '1'
|
|
||||||
description: Dictionary describing the nova flavor for amphora.
|
|
||||||
type: json
|
|
||||||
OctaviaManageNovaFlavor:
|
|
||||||
default: true
|
|
||||||
description: Configure the nova flavor for the amphora.
|
|
||||||
type: boolean
|
|
||||||
OctaviaClientCertFile:
|
|
||||||
default: '/etc/octavia/certs/client.pem'
|
|
||||||
description: client certificate for amphoras
|
|
||||||
type: string
|
|
||||||
OctaviaClientCert:
|
|
||||||
default: ''
|
|
||||||
description: Client certificate data. If provided, this will create or update
|
|
||||||
a file on the host with the path provided in OctaviaClientCertFile
|
|
||||||
with the certificate data.
|
|
||||||
type: string
|
|
||||||
OctaviaProjectName:
|
|
||||||
description: The project name for the keystone Octavia account.
|
|
||||||
type: string
|
|
||||||
default: 'service'
|
|
||||||
|
|
||||||
conditions:
|
|
||||||
octavia_client_cert_unset: {equals: [{get_param: OctaviaClientCert}, ""]}
|
|
||||||
|
|
||||||
resources:
|
|
||||||
|
|
||||||
OctaviaBase:
|
|
||||||
type: ./octavia-base.yaml
|
|
||||||
properties:
|
|
||||||
ServiceData: {get_param: ServiceData}
|
|
||||||
ServiceNetMap: {get_param: ServiceNetMap}
|
|
||||||
DefaultPasswords: {get_param: DefaultPasswords}
|
|
||||||
EndpointMap: {get_param: EndpointMap}
|
|
||||||
RoleName: {get_param: RoleName}
|
|
||||||
RoleParameters: {get_param: RoleParameters}
|
|
||||||
|
|
||||||
OctaviaController:
|
|
||||||
type: ./octavia-controller.yaml
|
|
||||||
properties:
|
|
||||||
ServiceData: {get_param: ServiceData}
|
|
||||||
ServiceNetMap: {get_param: ServiceNetMap}
|
|
||||||
DefaultPasswords: {get_param: DefaultPasswords}
|
|
||||||
EndpointMap: {get_param: EndpointMap}
|
|
||||||
RoleName: {get_param: RoleName}
|
|
||||||
RoleParameters: {get_param: RoleParameters}
|
|
||||||
|
|
||||||
outputs:
|
|
||||||
role_data:
|
|
||||||
description: Role data for the Octavia Worker service.
|
|
||||||
value:
|
|
||||||
service_name: octavia_worker
|
|
||||||
monitoring_subscription: {get_param: MonitoringSubscriptionOctaviaWorker}
|
|
||||||
config_settings:
|
|
||||||
map_merge:
|
|
||||||
- get_attr: [OctaviaBase, role_data, config_settings]
|
|
||||||
- get_attr: [OctaviaController, role_data, config_settings]
|
|
||||||
- octavia::worker::amp_project_name: {get_param: OctaviaProjectName}
|
|
||||||
octavia::worker::nova_flavor_config: {get_param: OctaviaFlavorProperties}
|
|
||||||
octavia::worker::manage_nova_flavor: {get_param: OctaviaManageNovaFlavor}
|
|
||||||
octavia::worker::nova_flavor_config: {get_param: OctaviaFlavorProperties}
|
|
||||||
octavia::certificates::client_cert: {get_param: OctaviaClientCertFile}
|
|
||||||
-
|
|
||||||
if:
|
|
||||||
- octavia_client_cert_unset
|
|
||||||
- {}
|
|
||||||
- octavia::certificates::client_cert_data: {get_param: OctaviaClientCert}
|
|
||||||
|
|
||||||
service_config_settings:
|
|
||||||
fluentd:
|
|
||||||
tripleo_fluentd_groups_octavia_worker:
|
|
||||||
- octavia
|
|
||||||
tripleo_fluentd_sources_octavia_worker:
|
|
||||||
- {get_param: OctaviaWorkerLoggingSource}
|
|
||||||
step_config: |
|
|
||||||
include tripleo::profile::base::octavia::worker
|
|
||||||
|
|
@ -259,7 +259,7 @@ CONFIG_RESOURCE_TYPES = [
|
|||||||
]
|
]
|
||||||
|
|
||||||
WORKFLOW_TASKS_EXCLUSIONS = [
|
WORKFLOW_TASKS_EXCLUSIONS = [
|
||||||
'./docker/services/octavia/octavia-deployment-config.yaml',
|
'./deployment/octavia/octavia-deployment-config.yaml',
|
||||||
'./docker/services/ceph-ansible/ceph-external.yaml',
|
'./docker/services/ceph-ansible/ceph-external.yaml',
|
||||||
'./docker/services/ceph-ansible/ceph-osd.yaml',
|
'./docker/services/ceph-ansible/ceph-osd.yaml',
|
||||||
'./docker/services/ceph-ansible/ceph-rbdmirror.yaml',
|
'./docker/services/ceph-ansible/ceph-rbdmirror.yaml',
|
||||||
|
Loading…
Reference in New Issue
Block a user