flatten the octavia service configurations

This change combines the previous puppet and docker files into a single
file that performs the containerized service installation and configuration
for the octavia services.

With this patch the baremetal version of each respective octavia service
has been removed.

Related-Blueprint: services-yaml-flattening

Change-Id: Icf2856fd261b49a4da1f197c7190c9a18d21e30f
This commit is contained in:
Dan Prince 2019-02-22 15:17:21 -05:00
parent e7db158840
commit ebc9dd98e0
16 changed files with 468 additions and 854 deletions

View File

@ -12,11 +12,11 @@ resource_registry:
OS::TripleO::Services::MySQL: ../../deployment/database/mysql-pacemaker-puppet.yaml
OS::TripleO::Services::Keepalived: OS::Heat::None
OS::TripleO::AllNodes::Validation: ../common/all-nodes-validation-disabled.yaml
OS::TripleO::Services::OctaviaApi: ../../docker/services/octavia-api.yaml
OS::TripleO::Services::OctaviaHousekeeping: ../../docker/services/octavia-housekeeping.yaml
OS::TripleO::Services::OctaviaHealthManager: ../../docker/services/octavia-health-manager.yaml
OS::TripleO::Services::OctaviaWorker: ../../docker/services/octavia-worker.yaml
OS::TripleO::Services::OctaviaDeploymentConfig: ../../docker/services/octavia/octavia-deployment-config.yaml
OS::TripleO::Services::OctaviaApi: ../../deployment/octavia/octavia-api-container-puppet.yaml
OS::TripleO::Services::OctaviaHousekeeping: ../../deployment/octavia/octavia-housekeeping-container-puppet.yaml
OS::TripleO::Services::OctaviaHealthManager: ../../deployment/octavia/octavia-health-manager-container-puppet.yaml
OS::TripleO::Services::OctaviaWorker: ../../deployment/octavia/octavia-worker-container-puppet.yaml
OS::TripleO::Services::OctaviaDeploymentConfig: ../../deployment/octavia/octavia-deployment-config.yaml
OS::TripleO::Services::CinderApi: OS::Heat::None
OS::TripleO::Services::CinderBackup: OS::Heat::None
OS::TripleO::Services::CinderScheduler: OS::Heat::None

View File

@ -44,22 +44,58 @@ parameters:
EnableInternalTLS:
type: boolean
default: false
OctaviaUserName:
description: The username for the Octavia database and keystone accounts.
type: string
default: 'octavia'
OctaviaPassword:
description: The password for the Octavia database and keystone accounts.
type: string
hidden: true
OctaviaProjectName:
description: The project name for the keystone Octavia account.
type: string
default: 'service'
KeystoneRegion:
type: string
default: 'regionOne'
description: Keystone region for endpoint
MonitoringSubscriptionOctaviaApi:
default: 'overcloud-octavia-api'
type: string
OctaviaApiPolicies:
description: |
A hash of policies to configure for Octavia API.
e.g. { octavia-context_is_admin: { key: context_is_admin, value: 'role:admin' } }
default: {}
type: json
conditions:
internal_tls_enabled: {equals: [{get_param: EnableInternalTLS}, true]}
use_tls_proxy: {equals : [{get_param: EnableInternalTLS}, true]}
resources:
ContainersCommon:
type: ./containers-common.yaml
type: ../../docker/services/containers-common.yaml
MySQLClient:
type: ../../deployment/database/mysql-client.yaml
type: ../database/mysql-client.yaml
OctaviaApiPuppetBase:
type: ../../puppet/services/octavia-api.yaml
TLSProxyBase:
type: OS::TripleO::Services::TLSProxyBase
properties:
ServiceData: {get_param: ServiceData}
ServiceNetMap: {get_param: ServiceNetMap}
DefaultPasswords: {get_param: DefaultPasswords}
EndpointMap: {get_param: EndpointMap}
RoleName: {get_param: RoleName}
RoleParameters: {get_param: RoleParameters}
EnableInternalTLS: {get_param: EnableInternalTLS}
OctaviaBase:
type: ./octavia-base.yaml
properties:
EndpointMap: {get_param: EndpointMap}
ServiceData: {get_param: ServiceData}
@ -68,8 +104,8 @@ resources:
RoleName: {get_param: RoleName}
RoleParameters: {get_param: RoleParameters}
OctaviaFlavor:
type: ../../puppet/services/octavia-worker.yaml
OctaviaWorker: # provides Nova flavor
type: ./octavia-worker-container-puppet.yaml
properties:
EndpointMap: {get_param: EndpointMap}
ServiceData: {get_param: ServiceData}
@ -82,19 +118,76 @@ outputs:
role_data:
description: Role data for the Octavia API role.
value:
service_name: {get_attr: [OctaviaApiPuppetBase, role_data, service_name]}
service_name: octavia_api
monitoring_subscription: {get_param: MonitoringSubscriptionOctaviaApi}
config_settings:
map_merge:
- {get_attr: [OctaviaApiPuppetBase, role_data, config_settings]}
- {get_attr: [OctaviaFlavor, role_data, config_settings]}
- {get_attr: [OctaviaBase, role_data, config_settings]}
- {get_attr: [OctaviaWorker, role_data, config_settings]}
- get_attr: [TLSProxyBase, role_data, config_settings]
- octavia::keystone::authtoken::www_authenticate_uri: {get_param: [EndpointMap, KeystoneInternal, uri] }
octavia::keystone::authtoken::auth_uri: {get_param: [EndpointMap, KeystoneInternal, uri] }
octavia::policy::policies: {get_param: OctaviaApiPolicies}
octavia::keystone::authtoken::auth_url: {get_param: [EndpointMap, KeystoneInternal, uri_no_suffix]}
octavia::keystone::authtoken::project_name: {get_param: OctaviaProjectName}
octavia::keystone::authtoken::password: {get_param: OctaviaPassword}
octavia::api::sync_db: true
tripleo::octavia_api::firewall_rules:
'120 octavia api':
dport:
- 9876
- 13876
# NOTE: bind IP is found in hiera replacing the network name with the local node IP
# for the given network; replacement examples (eg. for internal_api):
# internal_api -> IP
# internal_api_uri -> [IP]
# internal_api_subnet - > IP/CIDR
tripleo::profile::base::octavia::api::tls_proxy_bind_ip:
str_replace:
template:
"%{hiera('$NETWORK')}"
params:
$NETWORK: {get_param: [ServiceNetMap, OctaviaApiNetwork]}
tripleo::profile::base::octavia::api::tls_proxy_fqdn:
str_replace:
template:
"%{hiera('fqdn_$NETWORK')}"
params:
$NETWORK: {get_param: [ServiceNetMap, OctaviaApiNetwork]}
tripleo::profile::base::octavia::api::tls_proxy_port:
get_param: [EndpointMap, OctaviaInternal, port]
# Bind to localhost if internal TLS is enabled, since we put a TLS
# proxy in front.
octavia::api::host:
if:
- use_tls_proxy
- '127.0.0.1'
- str_replace:
template:
"%{hiera('$NETWORK')}"
params:
$NETWORK: {get_param: [ServiceNetMap, OctaviaApiNetwork]}
service_config_settings:
map_merge:
- get_attr: [OctaviaApiPuppetBase, role_data, service_config_settings]
- fluentd:
tripleo_fluentd_groups_octavia_api:
- octavia
tripleo_fluentd_sources_octavia_api:
- {get_param: OctaviaApiLoggingSource}
fluentd:
tripleo_fluentd_groups_octavia_api:
- octavia
tripleo_fluentd_sources_octavia_api:
- {get_param: OctaviaApiLoggingSource}
keystone:
octavia::keystone::auth::tenant: {get_param: OctaviaProjectName}
octavia::keystone::auth::public_url: {get_param: [EndpointMap, OctaviaPublic, uri]}
octavia::keystone::auth::internal_url: { get_param: [ EndpointMap, OctaviaInternal, uri ] }
octavia::keystone::auth::admin_url: { get_param: [ EndpointMap, OctaviaAdmin, uri ] }
octavia::keystone::auth::password: {get_param: OctaviaPassword}
octavia::keystone::auth::region: {get_param: KeystoneRegion}
mysql:
octavia::db::mysql::password: {get_param: OctaviaPassword}
octavia::db::mysql::user: {get_param: OctaviaUserName}
octavia::db::mysql::host: {get_param: [EndpointMap, MysqlInternal, host_nobrackets]}
octavia::db::mysql::dbname: octavia
octavia::db::mysql::allowed_hosts:
- '%'
- "%{hiera('mysql_bind_host')}"
# BEGIN DOCKER SETTINGS #
puppet_config:
config_volume: octavia
@ -102,7 +195,7 @@ outputs:
step_config:
list_join:
- "\n"
- - {get_attr: [OctaviaApiPuppetBase, role_data, step_config]}
- - "include tripleo::profile::base::octavia::api"
- {get_attr: [MySQLClient, role_data, step_config]}
config_image: {get_param: DockerOctaviaConfigImage}
kolla_config:
@ -133,7 +226,7 @@ outputs:
config_volume: octavia
puppet_tags: nova_flavor
step_config:
get_attr: [OctaviaFlavor, role_data, step_config]
get_attr: [OctaviaWorker, role_data, step_config]
config_image: {get_param: DockerOctaviaConfigImage}
volumes:
- /var/lib/config-data/puppet-generated/nova/etc/nova:/etc/nova:ro
@ -229,7 +322,7 @@ outputs:
ignore_errors: true
upgrade_tasks: []
metadata_settings:
get_attr: [OctaviaApiPuppetBase, role_data, metadata_settings]
get_attr: [TLSProxyBase, role_data, metadata_settings]
post_upgrade_tasks:
- when: step|int == 1
import_role:

View File

@ -0,0 +1,215 @@
heat_template_version: rocky
description: >
OpenStack Octavia base service. Shared for all Octavia services
parameters:
ServiceData:
default: {}
description: Dictionary packing service data
type: json
ServiceNetMap:
default: {}
description: Mapping of service_name -> network name. Typically set
via parameter_defaults in the resource registry. This
mapping overrides those in ServiceNetMapDefaults.
type: json
DefaultPasswords:
default: {}
type: json
RoleName:
default: ''
description: Role name on which the service is applied
type: string
RoleParameters:
default: {}
description: Parameters specific to the role
type: json
EndpointMap:
default: {}
description: Mapping of service endpoint -> protocol. Typically set
via parameter_defaults in the resource registry.
type: json
Debug:
type: boolean
default: false
description: Set to True to enable debugging on all services.
OctaviaDebug:
default: ''
description: Set to True to enable debugging Octavia services.
type: string
constraints:
- allowed_values: [ '', 'true', 'True', 'TRUE', 'false', 'False', 'FALSE']
EnableConfigPurge:
type: boolean
default: false
description: >
Remove configuration that is not generated by TripleO. Used to avoid
configuration remnants after upgrades.
RpcPort:
default: 5672
description: The network port for messaging backend
type: number
RpcUserName:
default: guest
description: The username for messaging backend
type: string
RpcPassword:
description: The password for messaging backend
type: string
hidden: true
RpcUseSSL:
default: false
description: >
Messaging client subscriber parameter to specify
an SSL connection to the messaging host.
type: string
NotificationDriver:
type: string
default: 'messagingv2'
description: Driver or drivers to handle sending notifications.
OctaviaUserName:
description: The username for the Octavia database and keystone accounts.
type: string
default: 'octavia'
OctaviaPassword:
description: The password for the Octavia database and keystone accounts.
type: string
hidden: true
OctaviaProjectName:
description: The project name for the keystone Octavia account.
type: string
default: 'service'
OctaviaCaCertFile:
type: string
default: '/etc/octavia/certs/ca_01.pem'
description: Octavia CA certificate file path.
OctaviaCaCert:
type: string
default: ''
description: Octavia CA certificate data. If provided, this will create
or update a file on the host with the path provided in
OctaviaCaCertFile with the certificate data.
OctaviaCaKeyFile:
type: string
default: '/etc/octavia/certs/private/cakey.pem'
description: Octavia CA private key file path.
OctaviaCaKey:
type: string
default: ''
description: The private key for the certificate provided in OctaviaCaCert.
If provided, this will create or update a file on the host
with the path provided in OctaviaCaKeyFile with the key
data.
OctaviaCaKeyPassphrase:
description: CA private key passphrase.
type: string
hidden: true
OctaviaAmphoraImageTag:
default: 'amphora-image'
description: Glance image tag for identifying the amphora image.
type: string
OctaviaAmphoraNetworkList:
default: []
description: List of networks to attach to amphorae.
type: comma_delimited_list
OctaviaAmphoraSshKeyName:
type: string
default: 'octavia-ssh-key'
description: SSH key name.
OctaviaLoadBalancerTopology:
default: ''
description: Load balancer topology configuration.
type: string
OctaviaFlavorId:
default: '65'
description: Nova flavor ID to be used when creating the nova flavor for
amphora.
type: string
OctaviaTimeoutClientData:
default: 50000
description: Frontend client inactivity timeout.
type: number
OctaviaTimeoutMemberConnect:
default: 5000
description: Backend member connection timeout.
type: number
OctaviaTimeoutMemberData:
default: 50000
description: Backend member inactivity timeout.
type: number
OctaviaTimeoutTcpInspect:
default: 0
description: Time to wait for TCP packets for content inspection.
type: number
conditions:
service_debug_unset: {equals : [{get_param: OctaviaDebug}, '']}
octavia_ca_cert_unset: {equals: [{get_param: OctaviaCaCert}, '']}
octavia_ca_key_unset: {equals: [{get_param: OctaviaCaKey}, '']}
octavia_topology_unset: {equals : [{get_param: OctaviaLoadBalancerTopology}, ""]}
outputs:
role_data:
description: Base role data for Octavia services
value:
service_name: octavia_base
config_settings:
map_merge:
- octavia::logging::debug:
if:
- service_debug_unset
- {get_param: Debug }
- {get_param: OctaviaDebug }
octavia::purge_config: {get_param: EnableConfigPurge}
octavia::notification_driver: {get_param: NotificationDriver}
octavia::db::database_connection:
make_url:
scheme: {get_param: [EndpointMap, MysqlInternal, protocol]}
username: {get_param: OctaviaUserName}
password: {get_param: OctaviaPassword}
host: {get_param: [EndpointMap, MysqlInternal, host]}
path: /octavia
query:
read_default_file: /etc/my.cnf.d/tripleo.cnf
read_default_group: tripleo
# TODO(ansmith): remove once p-t-o switches to oslo params
octavia::rabbit_use_ssl: {get_param: RpcUseSSL}
octavia::rabbit_userid: {get_param: RpcUserName}
octavia::rabbit_password: {get_param: RpcPassword}
octavia::rabbit_port: {get_param: RpcPort}
octavia::service_auth::auth_url: {get_param: [EndpointMap, KeystonePublic, uri]}
octavia::service_auth::auth_type: 'password'
octavia::service_auth::username: {get_param: OctaviaUserName}
octavia::service_auth::password: {get_param: OctaviaPassword}
octavia::service_auth::project_name: {get_param: OctaviaProjectName}
octavia::service_auth::project_domain_name: 'Default'
octavia::service_auth::user_domain_name: 'Default'
octavia::service_auth::auth_type: 'password'
octavia::certificates::ca_certificate: {get_param: OctaviaCaCertFile}
octavia::certificates::ca_private_key: {get_param: OctaviaCaKeyFile}
octavia::certificates::ca_private_key_passphrase: {get_param: OctaviaCaKeyPassphrase}
octavia::controller::amp_boot_network_list: {get_param: OctaviaAmphoraNetworkList}
octavia::controller::amp_flavor_id: {get_param: OctaviaFlavorId}
octavia::controller::amp_image_tag: {get_param: OctaviaAmphoraImageTag}
octavia::controller::amp_ssh_key_name: {get_param: OctaviaAmphoraSshKeyName}
octavia::controller::enable_ssh_access: true
octavia::controller::timeout_client_data: {get_param: OctaviaTimeoutClientData}
octavia::controller::timeout_member_connect: {get_param: OctaviaTimeoutMemberConnect}
octavia::controller::timeout_member_data: {get_param: OctaviaTimeoutMemberData}
octavia::controller::timeout_tcp_inspect: {get_param: OctaviaTimeoutTcpInspect}
-
if:
- octavia_topology_unset
- {}
- octavia::controller::loadbalancer_topology: {get_param: OctaviaLoadBalancerTopology}
-
if:
- octavia_ca_cert_unset
- {}
- octavia::certificates::ca_certificate_data: {get_param: OctaviaCaCert}
-
if:
- octavia_ca_key_unset
- {}
- octavia::certificates::ca_private_key_data: {get_param: OctaviaCaKey}

View File

@ -45,17 +45,37 @@ parameters:
default: false
description: Remove package if the service is being disabled during upgrade
type: boolean
MonitoringSubscriptionOctaviaHealthManager:
default: 'overcloud-octavia-health-manager'
type: string
OctaviaHeartbeatKey:
type: string
description: Key to identify heartbeat messages for amphorae.
hidden: true
OctaviaMgmtPortDevName:
type: string
default: "o-hm0"
description: Name of the octavia management network interface using
for communication between octavia worker/health-manager
with the amphora machine.
OctaviaEventStreamerDriver:
type: string
default: "noop_event_streamer"
description: Name of the event streamer driver to use for syncing Octavia
and Neutron LBaaS databases. It is highly recommended to
disable if one doesn't need to sync the database or is running
Octavia in standalone mode by setting to noop_event_streamer.
resources:
ContainersCommon:
type: ./containers-common.yaml
type: ../../docker/services/containers-common.yaml
MySQLClient:
type: ../../deployment/database/mysql-client.yaml
type: ../database/mysql-client.yaml
OctaviaHealthManagerPuppetBase:
type: ../../puppet/services/octavia-health-manager.yaml
OctaviaBase:
type: ./octavia-base.yaml
properties:
EndpointMap: {get_param: EndpointMap}
ServiceData: {get_param: ServiceData}
@ -68,16 +88,24 @@ outputs:
role_data:
description: Role data for the Octavia health-manager role.
value:
service_name: {get_attr: [OctaviaHealthManagerPuppetBase, role_data, service_name]}
config_settings: {get_attr: [OctaviaHealthManagerPuppetBase, role_data, config_settings]}
service_config_settings:
service_name: octavia_health_manager
monitoring_subscription: {get_param: MonitoringSubscriptionOctaviaHealthManager}
config_settings:
map_merge:
- get_attr: [OctaviaHealthManagerPuppetBase, role_data, service_config_settings]
- fluentd:
tripleo_fluentd_groups_octavia_health_manager:
- octavia
tripleo_fluentd_sources_octavia_health_manager:
- {get_param: OctaviaHealthManagerLoggingSource}
- get_attr: [OctaviaBase, role_data, config_settings]
- octavia::health_manager::heartbeat_key: {get_param: OctaviaHeartbeatKey}
octavia::health_manager::event_streamer_driver: {get_param: OctaviaEventStreamerDriver}
tripleo::octavia_health_manager::firewall_rules:
'200 octavia health manager interface':
proto: udp
dport: 5555
iniface: {get_param: OctaviaMgmtPortDevName}
service_config_settings:
fluentd:
tripleo_fluentd_groups_octavia_health_manager:
- octavia
tripleo_fluentd_sources_octavia_health_manager:
- {get_param: OctaviaHealthManagerLoggingSource}
# BEGIN DOCKER SETTINGS #
puppet_config:
config_volume: octavia
@ -85,7 +113,7 @@ outputs:
step_config:
list_join:
- "\n"
- - {get_attr: [OctaviaHealthManagerPuppetBase, role_data, step_config]}
- - "include tripleo::profile::base::octavia::health_manager"
- {get_attr: [MySQLClient, role_data, step_config]}
config_image: {get_param: DockerOctaviaConfigImage}
kolla_config:

View File

@ -41,17 +41,30 @@ parameters:
default: {}
description: Parameters specific to the role
type: json
OctaviaAmphoraExpiryAge:
default: 0
description: The interval in seconds after which an unused Amphora will
be considered expired and cleaned up. If left to 0, the
configuration will not be set and the system will use
the service defaults.
type: number
MonitoringSubscriptionOctaviaHousekeeping:
default: 'overcloud-octavia-housekeeping'
type: string
conditions:
amphora_expiry_is_zero: {equals: [{get_param: OctaviaAmphoraExpiryAge}, 0]}
resources:
ContainersCommon:
type: ./containers-common.yaml
type: ../../docker/services/containers-common.yaml
MySQLClient:
type: ../../deployment/database/mysql-client.yaml
type: ../database/mysql-client.yaml
OctaviaHousekeepingPuppetBase:
type: ../../puppet/services/octavia-housekeeping.yaml
OctaviaBase:
type: ./octavia-base.yaml
properties:
EndpointMap: {get_param: EndpointMap}
ServiceData: {get_param: ServiceData}
@ -64,16 +77,22 @@ outputs:
role_data:
description: Role data for the Octavia housekeeping role.
value:
service_name: {get_attr: [OctaviaHousekeepingPuppetBase, role_data, service_name]}
config_settings: {get_attr: [OctaviaHousekeepingPuppetBase, role_data, config_settings]}
service_config_settings:
service_name: octavia_housekeeping
monitoring_subscription: {get_param: MonitoringSubscriptionOctaviaHousekeeping}
config_settings:
map_merge:
- get_attr: [OctaviaHousekeepingPuppetBase, role_data, service_config_settings]
- fluentd:
tripleo_fluentd_groups_octavia_housekeeping:
- octavia
tripleo_fluentd_sources_octavia_housekeeping:
- {get_param: OctaviaHousekeepingLoggingSource}
- get_attr: [OctaviaBase, role_data, config_settings]
-
if:
- amphora_expiry_is_zero
- {}
- octavia::housekeeping::amphora_expiry_age: {get_param: OctaviaAmphoraExpiryAge}
service_config_settings:
fluentd:
tripleo_fluentd_groups_octavia_housekeeping:
- octavia
tripleo_fluentd_sources_octavia_housekeeping:
- {get_param: OctaviaHousekeepingLoggingSource}
# BEGIN DOCKER SETTINGS #
puppet_config:
config_volume: octavia
@ -81,7 +100,7 @@ outputs:
step_config:
list_join:
- "\n"
- - {get_attr: [OctaviaHousekeepingPuppetBase, role_data, step_config]}
- - "include tripleo::profile::base::octavia::housekeeping"
- {get_attr: [MySQLClient, role_data, step_config]}
config_image: {get_param: DockerOctaviaConfigImage}
kolla_config:

View File

@ -45,17 +45,52 @@ parameters:
default: 'false'
description: Set to true to enable package installation at deploy time
type: boolean
MonitoringSubscriptionOctaviaWorker:
default: 'overcloud-octavia-worker'
type: string
OctaviaFlavorProperties:
default:
ram : '1024'
disk : '3'
vcpus : '1'
description: Dictionary describing the nova flavor for amphora.
type: json
OctaviaManageNovaFlavor:
default: true
description: Configure the nova flavor for the amphora.
type: boolean
OctaviaClientCertFile:
default: '/etc/octavia/certs/client.pem'
description: client certificate for amphoras
type: string
OctaviaClientCert:
default: ''
description: Client certificate data. If provided, this will create or update
a file on the host with the path provided in OctaviaClientCertFile
with the certificate data.
type: string
OctaviaProjectName:
description: The project name for the keystone Octavia account.
type: string
default: 'service'
RpcPort:
default: 5672
description: The network port for messaging backend
type: number
conditions:
octavia_client_cert_unset: {equals: [{get_param: OctaviaClientCert}, ""]}
resources:
ContainersCommon:
type: ./containers-common.yaml
type: ../../docker/services/containers-common.yaml
MySQLClient:
type: ../../deployment/database/mysql-client.yaml
type: ../database/mysql-client.yaml
OctaviaWorkerPuppetBase:
type: ../../puppet/services/octavia-worker.yaml
OctaviaBase:
type: ./octavia-base.yaml
properties:
EndpointMap: {get_param: EndpointMap}
ServiceData: {get_param: ServiceData}
@ -68,16 +103,15 @@ outputs:
role_data:
description: Role data for the Octavia worker role.
value:
service_name: {get_attr: [OctaviaWorkerPuppetBase, role_data, service_name]}
config_settings: {get_attr: [OctaviaWorkerPuppetBase, role_data, config_settings]}
service_name: octavia_worker
monitoring_subscription: {get_param: MonitoringSubscriptionOctaviaWorker}
config_settings: {get_attr: [OctaviaBase, role_data, config_settings]}
service_config_settings:
map_merge:
- get_attr: [OctaviaWorkerPuppetBase, role_data, service_config_settings]
- fluentd:
tripleo_fluentd_groups_octavia_worker:
- octavia
tripleo_fluentd_sources_octavia_worker:
- {get_param: OctaviaWorkerLoggingSource}
fluentd:
tripleo_fluentd_groups_octavia_worker:
- octavia
tripleo_fluentd_sources_octavia_worker:
- {get_param: OctaviaWorkerLoggingSource}
# BEGIN DOCKER SETTINGS #
puppet_config:
config_volume: octavia
@ -86,7 +120,7 @@ outputs:
list_join:
- "\n"
- - "['nova_flavor'].each |String $val| { noop_resource($val) }"
- {get_attr: [OctaviaWorkerPuppetBase, role_data, step_config]}
- "include tripleo::profile::base::octavia::worker"
- {get_attr: [MySQLClient, role_data, step_config]}
config_image: {get_param: DockerOctaviaConfigImage}
kolla_config:
@ -130,7 +164,7 @@ outputs:
- yaql:
expression: str($.data.port)
data:
port: {get_attr: [OctaviaWorkerPuppetBase, role_data, config_settings, 'octavia::rabbit_port']}
port: {get_param: RpcPort}
volumes:
list_concat:
- {get_attr: [ContainersCommon, volumes]}

View File

@ -1,9 +1,9 @@
resource_registry:
OS::TripleO::Services::OctaviaApi: ../../puppet/services/octavia-api.yaml
OS::TripleO::Services::OctaviaHousekeeping: ../../puppet/services/octavia-housekeeping.yaml
OS::TripleO::Services::OctaviaHealthManager: ../../puppet/services/octavia-health-manager.yaml
OS::TripleO::Services::OctaviaWorker: ../../puppet/services/octavia-worker.yaml
OS::TripleO::Services::OctaviaDeploymentConfig: ../../puppet/services/octavia/octavia-deployment-config.yaml
OS::TripleO::Services::OctaviaApi: ../../deployment/octavia/octavia-api-container-puppet.yaml
OS::TripleO::Services::OctaviaHousekeeping: ../../deployment/octavia/octavia-housekeeping-container-puppet.yaml
OS::TripleO::Services::OctaviaHealthManager: ../../deployment/octavia/octavia-health-manager-container-puppet.yaml
OS::TripleO::Services::OctaviaWorker: ../../deployment/octavia/octavia-worker-container-puppet.yaml
OS::TripleO::Services::OctaviaDeploymentConfig: ../../deployment/octavia/octavia-deployment-config.yaml
parameter_defaults:
NeutronEnableForceMetadata: true

View File

@ -1,9 +1,9 @@
resource_registry:
OS::TripleO::Services::OctaviaApi: ../../docker/services/octavia-api.yaml
OS::TripleO::Services::OctaviaHousekeeping: ../../docker/services/octavia-housekeeping.yaml
OS::TripleO::Services::OctaviaHealthManager: ../../docker/services/octavia-health-manager.yaml
OS::TripleO::Services::OctaviaWorker: ../../docker/services/octavia-worker.yaml
OS::TripleO::Services::OctaviaDeploymentConfig: ../../docker/services/octavia/octavia-deployment-config.yaml
OS::TripleO::Services::OctaviaApi: ../../deployment/octavia/octavia-api-container-puppet.yaml
OS::TripleO::Services::OctaviaHousekeeping: ../../deployment/octavia/octavia-housekeeping-container-puppet.yaml
OS::TripleO::Services::OctaviaHealthManager: ../../deployment/octavia/octavia-health-manager-container-puppet.yaml
OS::TripleO::Services::OctaviaWorker: ../../deployment/octavia/octavia-worker-container-puppet.yaml
OS::TripleO::Services::OctaviaDeploymentConfig: ../../deployment/octavia/octavia-deployment-config.yaml
parameter_defaults:
NeutronEnableForceMetadata: true

View File

@ -1,180 +0,0 @@
heat_template_version: rocky
description: >
OpenStack Octavia API service.
parameters:
ServiceData:
default: {}
description: Dictionary packing service data
type: json
ServiceNetMap:
default: {}
description: Mapping of service_name -> network name. Typically set
via parameter_defaults in the resource registry. This
mapping overrides those in ServiceNetMapDefaults.
type: json
DefaultPasswords:
default: {}
type: json
RoleName:
default: ''
description: Role name on which the service is applied
type: string
RoleParameters:
default: {}
description: Parameters specific to the role
type: json
EndpointMap:
default: {}
description: Mapping of service endpoint -> protocol. Typically set
via parameter_defaults in the resource registry.
type: json
OctaviaUserName:
description: The username for the Octavia database and keystone accounts.
type: string
default: 'octavia'
OctaviaPassword:
description: The password for the Octavia database and keystone accounts.
type: string
hidden: true
OctaviaProjectName:
description: The project name for the keystone Octavia account.
type: string
default: 'service'
KeystoneRegion:
type: string
default: 'regionOne'
description: Keystone region for endpoint
MonitoringSubscriptionOctaviaApi:
default: 'overcloud-octavia-api'
type: string
OctaviaApiLoggingSource:
type: json
default:
tag: openstack.octavia.api
path: /var/log/octavia/api.log
OctaviaApiPolicies:
description: |
A hash of policies to configure for Octavia API.
e.g. { octavia-context_is_admin: { key: context_is_admin, value: 'role:admin' } }
default: {}
type: json
EnableInternalTLS:
type: boolean
default: false
conditions:
use_tls_proxy: {equals : [{get_param: EnableInternalTLS}, true]}
resources:
TLSProxyBase:
type: OS::TripleO::Services::TLSProxyBase
properties:
ServiceData: {get_param: ServiceData}
ServiceNetMap: {get_param: ServiceNetMap}
DefaultPasswords: {get_param: DefaultPasswords}
EndpointMap: {get_param: EndpointMap}
RoleName: {get_param: RoleName}
RoleParameters: {get_param: RoleParameters}
EnableInternalTLS: {get_param: EnableInternalTLS}
OctaviaBase:
type: ./octavia-base.yaml
properties:
ServiceData: {get_param: ServiceData}
ServiceNetMap: {get_param: ServiceNetMap}
DefaultPasswords: {get_param: DefaultPasswords}
EndpointMap: {get_param: EndpointMap}
RoleName: {get_param: RoleName}
RoleParameters: {get_param: RoleParameters}
OctaviaController:
type: ./octavia-controller.yaml
properties:
ServiceData: {get_param: ServiceData}
ServiceNetMap: {get_param: ServiceNetMap}
DefaultPasswords: {get_param: DefaultPasswords}
EndpointMap: {get_param: EndpointMap}
RoleName: {get_param: RoleName}
RoleParameters: {get_param: RoleParameters}
outputs:
role_data:
description: Role data for the Octavia API service.
value:
service_name: octavia_api
monitoring_subscription: {get_param: MonitoringSubscriptionOctaviaApi}
config_settings:
map_merge:
- get_attr: [OctaviaBase, role_data, config_settings]
- get_attr: [OctaviaController, role_data, config_settings]
- get_attr: [TLSProxyBase, role_data, config_settings]
- octavia::keystone::authtoken::www_authenticate_uri: {get_param: [EndpointMap, KeystoneInternal, uri] }
octavia::keystone::authtoken::auth_uri: {get_param: [EndpointMap, KeystoneInternal, uri] }
octavia::policy::policies: {get_param: OctaviaApiPolicies}
octavia::keystone::authtoken::auth_url: {get_param: [EndpointMap, KeystoneInternal, uri_no_suffix]}
octavia::keystone::authtoken::project_name: {get_param: OctaviaProjectName}
octavia::keystone::authtoken::password: {get_param: OctaviaPassword}
octavia::api::sync_db: true
tripleo::octavia_api::firewall_rules:
'120 octavia api':
dport:
- 9876
- 13876
# NOTE: bind IP is found in hiera replacing the network name with the local node IP
# for the given network; replacement examples (eg. for internal_api):
# internal_api -> IP
# internal_api_uri -> [IP]
# internal_api_subnet - > IP/CIDR
tripleo::profile::base::octavia::api::tls_proxy_bind_ip:
str_replace:
template:
"%{hiera('$NETWORK')}"
params:
$NETWORK: {get_param: [ServiceNetMap, OctaviaApiNetwork]}
tripleo::profile::base::octavia::api::tls_proxy_fqdn:
str_replace:
template:
"%{hiera('fqdn_$NETWORK')}"
params:
$NETWORK: {get_param: [ServiceNetMap, OctaviaApiNetwork]}
tripleo::profile::base::octavia::api::tls_proxy_port:
get_param: [EndpointMap, OctaviaInternal, port]
# Bind to localhost if internal TLS is enabled, since we put a TLS
# proxy in front.
octavia::api::host:
if:
- use_tls_proxy
- '127.0.0.1'
- str_replace:
template:
"%{hiera('$NETWORK')}"
params:
$NETWORK: {get_param: [ServiceNetMap, OctaviaApiNetwork]}
step_config: |
include tripleo::profile::base::octavia::api
service_config_settings:
fluentd:
tripleo_fluentd_groups_octavia_api:
- octavia
tripleo_fluentd_sources_octavia_api:
- {get_param: OctaviaApiLoggingSource}
keystone:
octavia::keystone::auth::tenant: {get_param: OctaviaProjectName}
octavia::keystone::auth::public_url: {get_param: [EndpointMap, OctaviaPublic, uri]}
octavia::keystone::auth::internal_url: { get_param: [ EndpointMap, OctaviaInternal, uri ] }
octavia::keystone::auth::admin_url: { get_param: [ EndpointMap, OctaviaAdmin, uri ] }
octavia::keystone::auth::password: {get_param: OctaviaPassword}
octavia::keystone::auth::region: {get_param: KeystoneRegion}
mysql:
octavia::db::mysql::password: {get_param: OctaviaPassword}
octavia::db::mysql::user: {get_param: OctaviaUserName}
octavia::db::mysql::host: {get_param: [EndpointMap, MysqlInternal, host_nobrackets]}
octavia::db::mysql::dbname: octavia
octavia::db::mysql::allowed_hosts:
- '%'
- "%{hiera('mysql_bind_host')}"
metadata_settings:
get_attr: [TLSProxyBase, role_data, metadata_settings]

View File

@ -1,164 +0,0 @@
heat_template_version: rocky
description: >
OpenStack Octavia base service. Shared for all Octavia services
parameters:
ServiceData:
default: {}
description: Dictionary packing service data
type: json
ServiceNetMap:
default: {}
description: Mapping of service_name -> network name. Typically set
via parameter_defaults in the resource registry. This
mapping overrides those in ServiceNetMapDefaults.
type: json
DefaultPasswords:
default: {}
type: json
RoleName:
default: ''
description: Role name on which the service is applied
type: string
RoleParameters:
default: {}
description: Parameters specific to the role
type: json
EndpointMap:
default: {}
description: Mapping of service endpoint -> protocol. Typically set
via parameter_defaults in the resource registry.
type: json
Debug:
type: boolean
default: false
description: Set to True to enable debugging on all services.
OctaviaDebug:
default: ''
description: Set to True to enable debugging Octavia services.
type: string
constraints:
- allowed_values: [ '', 'true', 'True', 'TRUE', 'false', 'False', 'FALSE']
EnableConfigPurge:
type: boolean
default: false
description: >
Remove configuration that is not generated by TripleO. Used to avoid
configuration remnants after upgrades.
RpcPort:
default: 5672
description: The network port for messaging backend
type: number
RpcUserName:
default: guest
description: The username for messaging backend
type: string
RpcPassword:
description: The password for messaging backend
type: string
hidden: true
RpcUseSSL:
default: false
description: >
Messaging client subscriber parameter to specify
an SSL connection to the messaging host.
type: string
NotificationDriver:
type: string
default: 'messagingv2'
description: Driver or drivers to handle sending notifications.
OctaviaUserName:
description: The username for the Octavia database and keystone accounts.
type: string
default: 'octavia'
OctaviaPassword:
description: The password for the Octavia database and keystone accounts.
type: string
hidden: true
OctaviaProjectName:
description: The project name for the keystone Octavia account.
type: string
default: 'service'
OctaviaCaCertFile:
type: string
default: '/etc/octavia/certs/ca_01.pem'
description: Octavia CA certificate file path.
OctaviaCaCert:
type: string
default: ''
description: Octavia CA certificate data. If provided, this will create
or update a file on the host with the path provided in
OctaviaCaCertFile with the certificate data.
OctaviaCaKeyFile:
type: string
default: '/etc/octavia/certs/private/cakey.pem'
description: Octavia CA private key file path.
OctaviaCaKey:
type: string
default: ''
description: The private key for the certificate provided in OctaviaCaCert.
If provided, this will create or update a file on the host
with the path provided in OctaviaCaKeyFile with the key
data.
OctaviaCaKeyPassphrase:
description: CA private key passphrase.
type: string
hidden: true
conditions:
service_debug_unset: {equals : [{get_param: OctaviaDebug}, '']}
octavia_ca_cert_unset: {equals: [{get_param: OctaviaCaCert}, '']}
octavia_ca_key_unset: {equals: [{get_param: OctaviaCaKey}, '']}
outputs:
role_data:
description: Base role data for Octavia services
value:
service_name: octavia_base
config_settings:
map_merge:
- octavia::logging::debug:
if:
- service_debug_unset
- {get_param: Debug }
- {get_param: OctaviaDebug }
octavia::purge_config: {get_param: EnableConfigPurge}
octavia::notification_driver: {get_param: NotificationDriver}
octavia::db::database_connection:
make_url:
scheme: {get_param: [EndpointMap, MysqlInternal, protocol]}
username: {get_param: OctaviaUserName}
password: {get_param: OctaviaPassword}
host: {get_param: [EndpointMap, MysqlInternal, host]}
path: /octavia
query:
read_default_file: /etc/my.cnf.d/tripleo.cnf
read_default_group: tripleo
# TODO(ansmith): remove once p-t-o switches to oslo params
octavia::rabbit_use_ssl: {get_param: RpcUseSSL}
octavia::rabbit_userid: {get_param: RpcUserName}
octavia::rabbit_password: {get_param: RpcPassword}
octavia::rabbit_port: {get_param: RpcPort}
octavia::service_auth::auth_url: {get_param: [EndpointMap, KeystonePublic, uri]}
octavia::service_auth::auth_type: 'password'
octavia::service_auth::username: {get_param: OctaviaUserName}
octavia::service_auth::password: {get_param: OctaviaPassword}
octavia::service_auth::project_name: {get_param: OctaviaProjectName}
octavia::service_auth::project_domain_name: 'Default'
octavia::service_auth::user_domain_name: 'Default'
octavia::service_auth::auth_type: 'password'
octavia::certificates::ca_certificate: {get_param: OctaviaCaCertFile}
octavia::certificates::ca_private_key: {get_param: OctaviaCaKeyFile}
octavia::certificates::ca_private_key_passphrase: {get_param: OctaviaCaKeyPassphrase}
-
if:
- octavia_ca_cert_unset
- {}
- octavia::certificates::ca_certificate_data: {get_param: OctaviaCaCert}
-
if:
- octavia_ca_key_unset
- {}
- octavia::certificates::ca_private_key_data: {get_param: OctaviaCaKey}

View File

@ -1,108 +0,0 @@
heat_template_version: rocky
description: >
OpenStack Octavia Worker service.
parameters:
ServiceData:
default: {}
description: Dictionary packing service data
type: json
ServiceNetMap:
default: {}
description: Mapping of service_name -> network name. Typically set
via parameter_defaults in the resource registry. This
mapping overrides those in ServiceNetMapDefaults.
type: json
DefaultPasswords:
default: {}
type: json
RoleName:
default: ''
description: Role name on which the service is applied
type: string
RoleParameters:
default: {}
description: Parameters specific to the role
type: json
EndpointMap:
default: {}
description: Mapping of service endpoint -> protocol. Typically set
via parameter_defaults in the resource registry.
type: json
OctaviaAmphoraImageTag:
default: 'amphora-image'
description: Glance image tag for identifying the amphora image.
type: string
OctaviaAmphoraNetworkList:
default: []
description: List of networks to attach to amphorae.
type: comma_delimited_list
OctaviaAmphoraSshKeyName:
type: string
default: 'octavia-ssh-key'
description: SSH key name.
OctaviaLoadBalancerTopology:
default: ''
description: Load balancer topology configuration.
type: string
OctaviaFlavorId:
default: '65'
description: Nova flavor ID to be used when creating the nova flavor for
amphora.
type: string
OctaviaTimeoutClientData:
default: 50000
description: Frontend client inactivity timeout.
type: number
OctaviaTimeoutMemberConnect:
default: 5000
description: Backend member connection timeout.
type: number
OctaviaTimeoutMemberData:
default: 50000
description: Backend member inactivity timeout.
type: number
OctaviaTimeoutTcpInspect:
default: 0
description: Time to wait for TCP packets for content inspection.
type: number
conditions:
octavia_topology_unset: {equals : [{get_param: OctaviaLoadBalancerTopology}, ""]}
resources:
OctaviaBase:
type: ./octavia-base.yaml
properties:
ServiceData: {get_param: ServiceData}
ServiceNetMap: {get_param: ServiceNetMap}
DefaultPasswords: {get_param: DefaultPasswords}
EndpointMap: {get_param: EndpointMap}
RoleName: {get_param: RoleName}
RoleParameters: {get_param: RoleParameters}
outputs:
role_data:
description: Role data for Octavia controller services.
value:
service_name: octavia_controller
config_settings:
map_merge:
- get_attr: [OctaviaBase, role_data, config_settings]
- octavia::controller::amp_boot_network_list: {get_param: OctaviaAmphoraNetworkList}
octavia::controller::amp_flavor_id: {get_param: OctaviaFlavorId}
octavia::controller::amp_image_tag: {get_param: OctaviaAmphoraImageTag}
octavia::controller::amp_ssh_key_name: {get_param: OctaviaAmphoraSshKeyName}
octavia::controller::enable_ssh_access: true
octavia::controller::timeout_client_data: {get_param: OctaviaTimeoutClientData}
octavia::controller::timeout_member_connect: {get_param: OctaviaTimeoutMemberConnect}
octavia::controller::timeout_member_data: {get_param: OctaviaTimeoutMemberData}
octavia::controller::timeout_tcp_inspect: {get_param: OctaviaTimeoutTcpInspect}
-
if:
- octavia_topology_unset
- {}
- octavia::controller::loadbalancer_topology: {get_param: OctaviaLoadBalancerTopology}

View File

@ -1,105 +0,0 @@
heat_template_version: rocky
description: >
OpenStack Octavia Health Manager service.
parameters:
ServiceData:
default: {}
description: Dictionary packing service data
type: json
ServiceNetMap:
default: {}
description: Mapping of service_name -> network name. Typically set
via parameter_defaults in the resource registry. This
mapping overrides those in ServiceNetMapDefaults.
type: json
DefaultPasswords:
default: {}
type: json
RoleName:
default: ''
description: Role name on which the service is applied
type: string
RoleParameters:
default: {}
description: Parameters specific to the role
type: json
EndpointMap:
default: {}
description: Mapping of service endpoint -> protocol. Typically set
via parameter_defaults in the resource registry.
type: json
MonitoringSubscriptionOctaviaHealthManager:
default: 'overcloud-octavia-health-manager'
type: string
OctaviaHealthManagerLoggingSource:
type: json
default:
tag: openstack.octavia.health-manager
path: /var/log/octavia/health-manager.log
OctaviaHeartbeatKey:
type: string
description: Key to identify heartbeat messages for amphorae.
hidden: true
OctaviaMgmtPortDevName:
type: string
default: "o-hm0"
description: Name of the octavia management network interface using
for communication between octavia worker/health-manager
with the amphora machine.
OctaviaEventStreamerDriver:
type: string
default: "noop_event_streamer"
description: Name of the event streamer driver to use for syncing Octavia
and Neutron LBaaS databases. It is highly recommended to
disable if one doesn't need to sync the database or is running
Octavia in standalone mode by setting to noop_event_streamer.
resources:
OctaviaBase:
type: ./octavia-base.yaml
properties:
ServiceData: {get_param: ServiceData}
ServiceNetMap: {get_param: ServiceNetMap}
DefaultPasswords: {get_param: DefaultPasswords}
EndpointMap: {get_param: EndpointMap}
RoleName: {get_param: RoleName}
RoleParameters: {get_param: RoleParameters}
OctaviaController:
type: ./octavia-controller.yaml
properties:
ServiceData: {get_param: ServiceData}
ServiceNetMap: {get_param: ServiceNetMap}
DefaultPasswords: {get_param: DefaultPasswords}
EndpointMap: {get_param: EndpointMap}
RoleName: {get_param: RoleName}
RoleParameters: {get_param: RoleParameters}
outputs:
role_data:
description: Role data for the Octavia Health Manager service.
value:
service_name: octavia_health_manager
monitoring_subscription: {get_param: MonitoringSubscriptionOctaviaHealthManager}
config_settings:
map_merge:
- get_attr: [OctaviaBase, role_data, config_settings]
- get_attr: [OctaviaController, role_data, config_settings]
- octavia::health_manager::heartbeat_key: {get_param: OctaviaHeartbeatKey}
octavia::health_manager::event_streamer_driver: {get_param: OctaviaEventStreamerDriver}
tripleo::octavia_health_manager::firewall_rules:
'200 octavia health manager interface':
proto: udp
dport: 5555
iniface: {get_param: OctaviaMgmtPortDevName}
service_config_settings:
fluentd:
tripleo_fluentd_groups_octavia_health_manager:
- octavia
tripleo_fluentd_sources_octavia_health_manager:
- {get_param: OctaviaHealthManagerLoggingSource}
step_config: |
include tripleo::profile::base::octavia::health_manager

View File

@ -1,97 +0,0 @@
heat_template_version: rocky
description: >
OpenStack Octavia Housekeeping service.
parameters:
ServiceData:
default: {}
description: Dictionary packing service data
type: json
ServiceNetMap:
default: {}
description: Mapping of service_name -> network name. Typically set
via parameter_defaults in the resource registry. This
mapping overrides those in ServiceNetMapDefaults.
type: json
DefaultPasswords:
default: {}
type: json
RoleName:
default: ''
description: Role name on which the service is applied
type: string
RoleParameters:
default: {}
description: Parameters specific to the role
type: json
EndpointMap:
default: {}
description: Mapping of service endpoint -> protocol. Typically set
via parameter_defaults in the resource registry.
type: json
OctaviaAmphoraExpiryAge:
default: 0
description: The interval in seconds after which an unused Amphora will
be considered expired and cleaned up. If left to 0, the
configuration will not be set and the system will use
the service defaults.
type: number
MonitoringSubscriptionOctaviaHousekeeping:
default: 'overcloud-octavia-housekeeping'
type: string
OctaviaHousekeepingLoggingSource:
type: json
default:
tag: openstack.octavia.housekeeping
path: /var/log/octavia/housekeeping.log
conditions:
amphora_expiry_is_zero: {equals: [{get_param: OctaviaAmphoraExpiryAge}, 0]}
resources:
OctaviaBase:
type: ./octavia-base.yaml
properties:
ServiceData: {get_param: ServiceData}
ServiceNetMap: {get_param: ServiceNetMap}
DefaultPasswords: {get_param: DefaultPasswords}
EndpointMap: {get_param: EndpointMap}
RoleName: {get_param: RoleName}
RoleParameters: {get_param: RoleParameters}
OctaviaController:
type: ./octavia-controller.yaml
properties:
ServiceData: {get_param: ServiceData}
ServiceNetMap: {get_param: ServiceNetMap}
DefaultPasswords: {get_param: DefaultPasswords}
EndpointMap: {get_param: EndpointMap}
RoleName: {get_param: RoleName}
RoleParameters: {get_param: RoleParameters}
outputs:
role_data:
description: Role data for the Octavia Housekeeping service.
value:
service_name: octavia_housekeeping
monitoring_subscription: {get_param: MonitoringSubscriptionOctaviaHousekeeping}
config_settings:
map_merge:
- get_attr: [OctaviaBase, role_data, config_settings]
- get_attr: [OctaviaController, role_data, config_settings]
-
if:
- amphora_expiry_is_zero
- {}
- octavia::housekeeping::amphora_expiry_age: {get_param: OctaviaAmphoraExpiryAge}
service_config_settings:
fluentd:
tripleo_fluentd_groups_octavia_housekeeping:
- octavia
tripleo_fluentd_sources_octavia_housekeeping:
- {get_param: OctaviaHousekeepingLoggingSource}
step_config: |
include tripleo::profile::base::octavia::housekeeping

View File

@ -1,121 +0,0 @@
heat_template_version: rocky
description: >
OpenStack Octavia Worker service.
parameters:
ServiceData:
default: {}
description: Dictionary packing service data
type: json
ServiceNetMap:
default: {}
description: Mapping of service_name -> network name. Typically set
via parameter_defaults in the resource registry. This
mapping overrides those in ServiceNetMapDefaults.
type: json
DefaultPasswords:
default: {}
type: json
RoleName:
default: ''
description: Role name on which the service is applied
type: string
RoleParameters:
default: {}
description: Parameters specific to the role
type: json
EndpointMap:
default: {}
description: Mapping of service endpoint -> protocol. Typically set
via parameter_defaults in the resource registry.
type: json
MonitoringSubscriptionOctaviaWorker:
default: 'overcloud-octavia-worker'
type: string
OctaviaWorkerLoggingSource:
type: json
default:
tag: openstack.octavia.worker
path: /var/log/octavia/worker.log
OctaviaFlavorProperties:
default:
ram : '1024'
disk : '3'
vcpus : '1'
description: Dictionary describing the nova flavor for amphora.
type: json
OctaviaManageNovaFlavor:
default: true
description: Configure the nova flavor for the amphora.
type: boolean
OctaviaClientCertFile:
default: '/etc/octavia/certs/client.pem'
description: client certificate for amphoras
type: string
OctaviaClientCert:
default: ''
description: Client certificate data. If provided, this will create or update
a file on the host with the path provided in OctaviaClientCertFile
with the certificate data.
type: string
OctaviaProjectName:
description: The project name for the keystone Octavia account.
type: string
default: 'service'
conditions:
octavia_client_cert_unset: {equals: [{get_param: OctaviaClientCert}, ""]}
resources:
OctaviaBase:
type: ./octavia-base.yaml
properties:
ServiceData: {get_param: ServiceData}
ServiceNetMap: {get_param: ServiceNetMap}
DefaultPasswords: {get_param: DefaultPasswords}
EndpointMap: {get_param: EndpointMap}
RoleName: {get_param: RoleName}
RoleParameters: {get_param: RoleParameters}
OctaviaController:
type: ./octavia-controller.yaml
properties:
ServiceData: {get_param: ServiceData}
ServiceNetMap: {get_param: ServiceNetMap}
DefaultPasswords: {get_param: DefaultPasswords}
EndpointMap: {get_param: EndpointMap}
RoleName: {get_param: RoleName}
RoleParameters: {get_param: RoleParameters}
outputs:
role_data:
description: Role data for the Octavia Worker service.
value:
service_name: octavia_worker
monitoring_subscription: {get_param: MonitoringSubscriptionOctaviaWorker}
config_settings:
map_merge:
- get_attr: [OctaviaBase, role_data, config_settings]
- get_attr: [OctaviaController, role_data, config_settings]
- octavia::worker::amp_project_name: {get_param: OctaviaProjectName}
octavia::worker::nova_flavor_config: {get_param: OctaviaFlavorProperties}
octavia::worker::manage_nova_flavor: {get_param: OctaviaManageNovaFlavor}
octavia::worker::nova_flavor_config: {get_param: OctaviaFlavorProperties}
octavia::certificates::client_cert: {get_param: OctaviaClientCertFile}
-
if:
- octavia_client_cert_unset
- {}
- octavia::certificates::client_cert_data: {get_param: OctaviaClientCert}
service_config_settings:
fluentd:
tripleo_fluentd_groups_octavia_worker:
- octavia
tripleo_fluentd_sources_octavia_worker:
- {get_param: OctaviaWorkerLoggingSource}
step_config: |
include tripleo::profile::base::octavia::worker

View File

@ -259,7 +259,7 @@ CONFIG_RESOURCE_TYPES = [
]
WORKFLOW_TASKS_EXCLUSIONS = [
'./docker/services/octavia/octavia-deployment-config.yaml',
'./deployment/octavia/octavia-deployment-config.yaml',
'./docker/services/ceph-ansible/ceph-external.yaml',
'./docker/services/ceph-ansible/ceph-osd.yaml',
'./docker/services/ceph-ansible/ceph-rbdmirror.yaml',