tripleo-heat-templates/puppet/services
Juan Antonio Osorio Robles 645757cbd6 Disable live migration over TLS
Due to the fact that it doesn't use a separate CA (or sub CA) for
libvirtd, and that proper SASL is not being used. We are disabling this
option since it doesn't meet the appropriate security requirements.
We'll look into adding this back once these issues get fixed.

Change-Id: I6a5e4db1b6dd6bc8b7e73e53b614b070d15b8a23
Closes-Bug: #1730370
2017-11-07 10:14:45 +02:00
..
database mysql: Only set certificate specs if TLS everywhere is enabled 2017-11-01 18:17:33 +02:00
disabled Remove Heat Cloudwatch API during upgrade and disable by default 2017-10-10 12:53:03 +03:00
logging Adds network/cidr mapping into a new service property 2017-07-14 13:44:04 +02:00
metrics Adds network/cidr mapping into a new service property 2017-07-14 13:44:04 +02:00
monitoring Allow Sensu to connect to RabbitMQ cluster 2017-09-27 19:08:46 +00:00
network Make many networking parameters consistent 2017-08-02 16:20:08 -05:00
pacemaker Correct template names from ocata to pike. 2017-10-10 12:45:02 +02:00
releasenotes/notes upgrades: deploy mod_ssl when upgrading apache 2017-04-26 20:08:26 +00:00
time Adds network/cidr mapping into a new service property 2017-07-14 13:44:04 +02:00
aodh-api.yaml Use list_concat in place of yaql 2017-08-30 15:43:16 +02:00
aodh-base.yaml Ensure Debug is a boolean 2017-09-27 13:22:07 -04:00
aodh-evaluator.yaml Adds network/cidr mapping into a new service property 2017-07-14 13:44:04 +02:00
aodh-listener.yaml Adds network/cidr mapping into a new service property 2017-07-14 13:44:04 +02:00
aodh-notifier.yaml Adds network/cidr mapping into a new service property 2017-07-14 13:44:04 +02:00
apache.yaml Adds network/cidr mapping into a new service property 2017-07-14 13:44:04 +02:00
auditd.yaml Adds network/cidr mapping into a new service property 2017-07-14 13:44:04 +02:00
barbican-api.yaml update cinder kmgr parameter for Queens 2017-10-23 16:59:10 +00:00
ca-certs.yaml Adds network/cidr mapping into a new service property 2017-07-14 13:44:04 +02:00
ceilometer-agent-central.yaml Adds network/cidr mapping into a new service property 2017-07-14 13:44:04 +02:00
ceilometer-agent-compute.yaml Set redis password hiera value in compute agent 2017-08-01 21:26:24 +00:00
ceilometer-agent-ipmi.yaml Adds network/cidr mapping into a new service property 2017-07-14 13:44:04 +02:00
ceilometer-agent-notification.yaml Adds network/cidr mapping into a new service property 2017-07-14 13:44:04 +02:00
ceilometer-api.yaml Use list_concat in place of yaql 2017-08-30 15:43:16 +02:00
ceilometer-base.yaml Ensure Debug is a boolean 2017-09-27 13:22:07 -04:00
ceilometer-collector.yaml Adds network/cidr mapping into a new service property 2017-07-14 13:44:04 +02:00
ceilometer-expirer.yaml Adds network/cidr mapping into a new service property 2017-07-14 13:44:04 +02:00
ceph-base.yaml Maintain ceph-osd package only on nodes hosting CephOSD service 2017-09-05 22:55:29 +00:00
ceph-client.yaml Adds network/cidr mapping into a new service property 2017-07-14 13:44:04 +02:00
ceph-external.yaml Let mds create manila key and fs 2017-08-18 16:22:10 +02:00
ceph-mds.yaml Let mds create manila key and fs 2017-08-18 16:22:10 +02:00
ceph-mon.yaml Default Ceph pg_num and pgp_num to 128 2017-09-21 21:21:11 +02:00
ceph-osd.yaml Adds network/cidr mapping into a new service property 2017-07-14 13:44:04 +02:00
ceph-rgw.yaml Make various password descriptions consistent 2017-07-21 18:39:28 +00:00
certmonger-user.yaml Adds network/cidr mapping into a new service property 2017-07-14 13:44:04 +02:00
cinder-api.yaml Use list_concat in place of yaql 2017-08-30 15:43:16 +02:00
cinder-backend-dellemc-unity.yaml Add support for Dell EMC Unity Cinder backend 2017-08-17 08:36:14 +00:00
cinder-backend-dellemc-vmax-iscsi.yaml Add support for Dell EMC VMAX ISCSI Backend 2017-08-30 04:41:47 +00:00
cinder-backend-dellps.yaml Merge "Ps Cinder: Added support for password less login" 2017-07-26 13:47:14 +00:00
cinder-backend-dellsc.yaml Adds network/cidr mapping into a new service property 2017-07-14 13:44:04 +02:00
cinder-backend-netapp.yaml Adds network/cidr mapping into a new service property 2017-07-14 13:44:04 +02:00
cinder-backend-pure.yaml Adds network/cidr mapping into a new service property 2017-07-14 13:44:04 +02:00
cinder-backend-scaleio.yaml Adds network/cidr mapping into a new service property 2017-07-14 13:44:04 +02:00
cinder-backend-veritas-hyperscale.yaml Correct template names from ocata to pike. 2017-10-10 12:45:02 +02:00
cinder-backup.yaml Adds network/cidr mapping into a new service property 2017-07-14 13:44:04 +02:00
cinder-base.yaml cinder: switch CinderCronDbPurgeUser to 'cinder' 2017-11-02 05:19:16 +00:00
cinder-hpelefthand-iscsi.yaml Adds network/cidr mapping into a new service property 2017-07-14 13:44:04 +02:00
cinder-scheduler.yaml Adds network/cidr mapping into a new service property 2017-07-14 13:44:04 +02:00
cinder-volume.yaml Adds network/cidr mapping into a new service property 2017-07-14 13:44:04 +02:00
congress.yaml Ensure Debug is a boolean 2017-09-27 13:22:07 -04:00
docker.yaml Accept multiple registries in DockerInsecureRegistryAddress 2017-08-10 18:21:12 +02:00
ec2-api.yaml Make EnablePackageInstall and Debug descriptions consistent 2017-07-21 18:38:58 +00:00
etcd.yaml Adds network/cidr mapping into a new service property 2017-07-14 13:44:04 +02:00
external-swift-proxy.yaml Make various password descriptions consistent 2017-07-21 18:39:28 +00:00
glance-api.yaml Enable Cinder as a backend for Glance 2017-10-12 08:11:52 -04:00
gnocchi-api.yaml Use list_concat in place of yaql 2017-08-30 15:43:16 +02:00
gnocchi-base.yaml Ensure Debug is a boolean 2017-09-27 13:22:07 -04:00
gnocchi-metricd.yaml Set metric procssing delay for metricd 2017-10-25 18:12:29 +00:00
gnocchi-statsd.yaml Adds network/cidr mapping into a new service property 2017-07-14 13:44:04 +02:00
haproxy-internal-tls-certmonger.yaml TLS everywhere/haproxy: Remove empty postsave command 2017-08-18 15:07:12 +03:00
haproxy-public-tls-certmonger.yaml Use DeployedSSLCertificatePath for public TLS via certmonger 2017-09-05 09:40:52 +00:00
haproxy.yaml Move HAProxy's public TLS logic from controller to service template 2017-08-11 04:07:38 +00:00
heat-api-cfn.yaml Merge "Stop Heat WSGI services on docker upgrade" 2017-07-26 13:47:21 +00:00
heat-api-cloudwatch.yaml Add metadata_settings in Heat APIs 2017-07-24 13:30:08 +02:00
heat-api.yaml Add metadata_settings in Heat APIs 2017-07-24 13:30:08 +02:00
heat-base.yaml Ensure Debug is a boolean 2017-09-27 13:22:07 -04:00
heat-engine.yaml Merge "Use conditional to set heat-engine workers" 2017-09-26 19:27:02 +00:00
horizon.yaml Ensure Debug is a boolean 2017-09-27 13:22:07 -04:00
ironic-api.yaml Adds network/cidr mapping into a new service property 2017-07-14 13:44:04 +02:00
ironic-base.yaml Ensure Debug is a boolean 2017-09-27 13:22:07 -04:00
ironic-conductor.yaml Adds network/cidr mapping into a new service property 2017-07-14 13:44:04 +02:00
ironic-inspector.yaml Correct template names from ocata to pike. 2017-10-10 12:45:02 +02:00
iscsid.yaml Fix iscsid role data's section 2017-07-27 12:47:18 -04:00
keepalived.yaml Adds network/cidr mapping into a new service property 2017-07-14 13:44:04 +02:00
kernel.yaml Bump fs.inotify.max_user_instances for scale 2017-09-25 09:24:34 -04:00
keystone.yaml Ensure Debug is a boolean 2017-09-27 13:22:07 -04:00
manila-api.yaml Adds network/cidr mapping into a new service property 2017-07-14 13:44:04 +02:00
manila-backend-cephfs.yaml Let mds create manila key and fs 2017-08-18 16:22:10 +02:00
manila-backend-generic.yaml Adds network/cidr mapping into a new service property 2017-07-14 13:44:04 +02:00
manila-backend-isilon.yaml Add support for Dell EMC Isilon Manila backend 2017-08-30 04:42:09 +00:00
manila-backend-netapp.yaml Adds network/cidr mapping into a new service property 2017-07-14 13:44:04 +02:00
manila-backend-unity.yaml Add support for Dell EMC Unity Manila Backend 2017-08-22 11:40:23 -05:00
manila-backend-vmax.yaml Add support for Dell EMC VMAX Manila Backend 2017-08-30 04:42:01 +00:00
manila-backend-vnx.yaml Add support for Dell EMC VNX Manila Backend 2017-08-22 11:40:23 -05:00
manila-base.yaml Ensure Debug is a boolean 2017-09-27 13:22:07 -04:00
manila-scheduler.yaml manila: set "neutron_admin_auth_url" correctly 2017-08-24 16:33:49 -04:00
manila-share.yaml Adds network/cidr mapping into a new service property 2017-07-14 13:44:04 +02:00
memcached.yaml Make memcached logs verbosity configurable 2017-10-30 10:42:02 +02:00
mistral-api.yaml Adds network/cidr mapping into a new service property 2017-07-14 13:44:04 +02:00
mistral-base.yaml Increase the Mistral RPC timeout 2017-11-01 09:18:02 -04:00
mistral-engine.yaml Adds network/cidr mapping into a new service property 2017-07-14 13:44:04 +02:00
mistral-event-engine.yaml Add Mistral event engine 2017-09-28 06:55:46 -04:00
mistral-executor.yaml Adds network/cidr mapping into a new service property 2017-07-14 13:44:04 +02:00
neutron-api.yaml Make various password descriptions consistent 2017-07-21 18:39:28 +00:00
neutron-base.yaml Ensure Debug is a boolean 2017-09-27 13:22:07 -04:00
neutron-bgpvpn-api.yaml Adds network/cidr mapping into a new service property 2017-07-14 13:44:04 +02:00
neutron-bgpvpn-bagpipe.yaml Add Bagpipe driver composable service 2017-09-01 11:56:47 +02:00
neutron-bigswitch-agent.yaml Adds network/cidr mapping into a new service property 2017-07-14 13:44:04 +02:00
neutron-compute-plugin-midonet.yaml Adds network/cidr mapping into a new service property 2017-07-14 13:44:04 +02:00
neutron-compute-plugin-nuage.yaml Drop extraconfig for nova-nuage 2017-08-16 07:46:00 -04:00
neutron-compute-plugin-plumgrid.yaml Adds network/cidr mapping into a new service property 2017-07-14 13:44:04 +02:00
neutron-dhcp.yaml Add Neutron DHCP Agent Interface Driver configuration option 2017-09-26 11:00:31 +02:00
neutron-l2gw-agent.yaml Adds network/cidr mapping into a new service property 2017-07-14 13:44:04 +02:00
neutron-l2gw-api.yaml Adds network/cidr mapping into a new service property 2017-07-14 13:44:04 +02:00
neutron-l3-compute-dvr.yaml Ensure Debug is a boolean 2017-09-27 13:22:07 -04:00
neutron-l3.yaml Ensure Debug is a boolean 2017-09-27 13:22:07 -04:00
neutron-lbaas.yaml Enable neutron-lbaasv2 UI in Horizon 2017-10-23 07:12:27 +02:00
neutron-linuxbridge-agent.yaml Correct template names from ocata to pike. 2017-10-10 12:45:02 +02:00
neutron-metadata.yaml Enable TLS for nova-metadata 2017-08-17 18:14:58 +00:00
neutron-midonet.yaml Adds network/cidr mapping into a new service property 2017-07-14 13:44:04 +02:00
neutron-ovs-agent.yaml Use list_concat in place of yaql 2017-08-30 15:43:16 +02:00
neutron-ovs-dpdk-agent.yaml Adds network/cidr mapping into a new service property 2017-07-14 13:44:04 +02:00
neutron-plugin-ml2-fujitsu-cfab.yaml Adds network/cidr mapping into a new service property 2017-07-14 13:44:04 +02:00
neutron-plugin-ml2-fujitsu-fossw.yaml Adds network/cidr mapping into a new service property 2017-07-14 13:44:04 +02:00
neutron-plugin-ml2-nuage.yaml Make nova patching parameters configurable in Nuage 2017-09-01 11:04:40 -04:00
neutron-plugin-ml2-odl.yaml Changing the default port-binding configuration 2017-07-27 16:20:51 -04:00
neutron-plugin-ml2-ovn.yaml Adds network/cidr mapping into a new service property 2017-07-14 13:44:04 +02:00
neutron-plugin-ml2.yaml Add NeutronOverlayIPVersion parameter to neutron-plugins-ml2 service 2017-08-15 11:07:14 -04:00
neutron-plugin-nsx.yaml Change to boolean for boolean type params 2017-09-08 16:26:08 +00:00
neutron-plugin-nuage.yaml Adds network/cidr mapping into a new service property 2017-07-14 13:44:04 +02:00
neutron-plugin-plumgrid.yaml Adds network/cidr mapping into a new service property 2017-07-14 13:44:04 +02:00
neutron-sfc-api.yaml Add networking-sfc support 2017-10-10 13:33:32 +00:00
neutron-sriov-agent.yaml Add Neutron SR-IOV agent container 2017-09-06 22:18:24 -02:30
neutron-sriov-host-config.yaml Add Neutron SR-IOV agent container 2017-09-06 22:18:24 -02:30
neutron-vpp-agent.yaml Adds network/cidr mapping into a new service property 2017-07-14 13:44:04 +02:00
nova-api.yaml Don't open unused nova ports in iptables 2017-10-23 10:10:30 -04:00
nova-base.yaml Switch cinder_catalog_info from v2 to v3 2017-10-23 17:06:31 +05:30
nova-compute.yaml Fix nova-cpu/collectd hieradata 2017-11-01 18:22:16 -07:00
nova-conductor.yaml Make UpgradeLevelNovaCompute parameters consistent 2017-08-02 16:20:12 -05:00
nova-consoleauth.yaml Adds network/cidr mapping into a new service property 2017-07-14 13:44:04 +02:00
nova-ironic.yaml Adds network/cidr mapping into a new service property 2017-07-14 13:44:04 +02:00
nova-libvirt.yaml Disable live migration over TLS 2017-11-07 10:14:45 +02:00
nova-metadata.yaml Enable TLS for nova-metadata 2017-08-17 18:14:58 +00:00
nova-migration-target.yaml Correct template names from ocata to pike. 2017-10-10 12:45:02 +02:00
nova-placement.yaml nova-placement: switch auth_uri to keystone versionless endpoint 2017-10-24 16:28:07 +00:00
nova-scheduler.yaml Adds network/cidr mapping into a new service property 2017-07-14 13:44:04 +02:00
nova-vnc-proxy.yaml Adds network/cidr mapping into a new service property 2017-07-14 13:44:04 +02:00
octavia-api.yaml Adds network/cidr mapping into a new service property 2017-07-14 13:44:04 +02:00
octavia-base.yaml Ensure Debug is a boolean 2017-09-27 13:22:07 -04:00
octavia-health-manager.yaml Adds network/cidr mapping into a new service property 2017-07-14 13:44:04 +02:00
octavia-housekeeping.yaml Adds network/cidr mapping into a new service property 2017-07-14 13:44:04 +02:00
octavia-worker.yaml Adds network/cidr mapping into a new service property 2017-07-14 13:44:04 +02:00
opendaylight-api.yaml Fixes OpenDaylight updating port status 2017-09-06 16:41:05 -04:00
opendaylight-ovs.yaml Use list_concat in place of yaql 2017-08-30 15:43:16 +02:00
openvswitch.yaml Allow upgrade tasks to run when looping through steps 2017-09-01 18:40:24 +02:00
ovn-controller.yaml ovn: Provide the option to configure the integration bridge 2017-09-28 16:50:09 +05:30
ovn-dbs.yaml Add 'ovn-controller' service 2017-07-27 18:22:03 +00:00
pacemaker_remote.yaml Make HA container bundle work on remote nodes 2017-08-08 22:49:47 +02:00
pacemaker.yaml Adds pacemaker update_tasks for Pike minor update workflow 2017-10-05 14:35:26 +00:00
panko-api.yaml Use list_concat in place of yaql 2017-08-30 15:43:16 +02:00
panko-base.yaml Ensure Debug is a boolean 2017-09-27 13:22:07 -04:00
qdr.yaml Adds network/cidr mapping into a new service property 2017-07-14 13:44:04 +02:00
rabbitmq.yaml Switch RabbitFDLimit to a Puppet integer 2017-10-14 14:52:48 -07:00
README.rst Rename service_workflow_tasks into workflow_tasks 2017-09-13 17:15:17 +02:00
sahara-api.yaml Adds network/cidr mapping into a new service property 2017-07-14 13:44:04 +02:00
sahara-base.yaml Ensure Debug is a boolean 2017-09-27 13:22:07 -04:00
sahara-engine.yaml Adds network/cidr mapping into a new service property 2017-07-14 13:44:04 +02:00
securetty.yaml Adds network/cidr mapping into a new service property 2017-07-14 13:44:04 +02:00
snmp.yaml Adds network/cidr mapping into a new service property 2017-07-14 13:44:04 +02:00
sshd.yaml Adds network/cidr mapping into a new service property 2017-07-14 13:44:04 +02:00
swift-base.yaml Adds network/cidr mapping into a new service property 2017-07-14 13:44:04 +02:00
swift-dispersion.yaml Add Swift dispersion profile 2017-08-25 13:11:59 +02:00
swift-proxy.yaml Ensure Debug is a boolean 2017-09-27 13:22:07 -04:00
swift-ringbuilder.yaml Adds network/cidr mapping into a new service property 2017-07-14 13:44:04 +02:00
swift-storage.yaml Ensure Debug is a boolean 2017-09-27 13:22:07 -04:00
tacker.yaml Ensure Debug is a boolean 2017-09-27 13:22:07 -04:00
tripleo-firewall.yaml Adds network/cidr mapping into a new service property 2017-07-14 13:44:04 +02:00
tripleo-packages.yaml Merge "Special treatment for os-net-config upgrade." 2017-10-09 11:49:20 +00:00
tuned.yaml Correct template names from ocata to pike. 2017-10-10 12:45:02 +02:00
veritas-hyperscale-controller.yaml Correct template names from ocata to pike. 2017-10-10 12:45:02 +02:00
vpp.yaml Adds network/cidr mapping into a new service property 2017-07-14 13:44:04 +02:00
zaqar-api.yaml Ensure Debug is a boolean 2017-09-27 13:22:07 -04:00

services

A TripleO nested stack Heat template that encapsulates generic configuration data to configure a specific service. This generally includes everything needed to configure the service excluding the local bind ports which are still managed in the per-node role templates directly (controller.yaml, compute.yaml, etc.). All other (global) service settings go into the puppet/service templates.

Input Parameters

Each service may define its own input parameters and defaults. Operators will use the parameter_defaults section of any Heat environment to set per service parameters.

Apart from sevice specific inputs, there are few default parameters for all the services. Following are the list of default parameters:

  • ServiceNetMap: Mapping of service_name -> network name. Default mappings for service to network names are defined in ../network/service_net_map.j2.yaml, which may be overridden via ServiceNetMap values added to a user environment file via parameter_defaults.

  • EndpointMap: Mapping of service endpoint -> protocol. Contains a mapping of endpoint data generated for all services, based on the data included in ../network/endpoints/endpoint_data.yaml.

  • DefaultPasswords: Mapping of service -> default password. Used to pass some passwords from the parent templates, this is a legacy interface and should not be used by new services.

  • RoleName: Name of the role on which this service is deployed. A service can be deployed in multiple roles. This is an internal parameter (should not be set via environment file), which is fetched from the name attribute of the roles_data.yaml template.

  • RoleParameters: Parameter specific to a role on which the service is applied. Using the format "<RoleName>Parameters" in the parameter_defaults of user environment file, parameters can be provided for a specific role. For example, in order to provide a parameter specific to "Compute" role, below is the format:

    parameter_defaults:
      ComputeParameters:
        Param1: value

Config Settings

Each service may define three ways in which to output variables to configure Hiera settings on the nodes.

  • config_settings: the hiera keys will be pushed on all roles of which the service is a part of.
  • global_config_settings: the hiera keys will be distributed to all roles
  • service_config_settings: Takes an extra key to wire in values that are defined for a service that need to be consumed by some other service. For example: service_config_settings: haproxy: foo: bar This will set the hiera key 'foo' on all roles where haproxy is included.

Deployment Steps

Each service may define an output variable which returns a puppet manifest snippet that will run at each of the following steps. Earlier manifests are re-asserted when applying latter ones.

  • config_settings: Custom hiera settings for this service.

  • global_config_settings: Additional hiera settings distributed to all roles.

  • step_config: A puppet manifest that is used to step through the deployment sequence. Each sequence is given a "step" (via hiera('step') that provides information for when puppet classes should activate themselves.

    Steps correlate to the following:

    1. Load Balancer configuration
    2. Core Services (Database/Rabbit/NTP/etc.)
    3. Early Openstack Service setup (Ringbuilder, etc.)
    4. General OpenStack Services
    5. Service activation (Pacemaker)

It is also possible to use Mistral actions or workflows together with a deployment step, these are executed before the main configuration run. To describe actions or workflows from within a service use:

  • workflow_tasks: One or more workflow task properties

which expects a map where the key is the step and the value a list of dictionaries descrbing each a workflow task, for example:

workflow_tasks:
  step2:
    - name: echo
      action: std.echo output=Hello
  step3:
    - name: external
      workflow: my-pre-existing-workflow-name
      input:
        workflow_param1: value
        workflow_param2: value

The Heat guide for the OS::Mistral::Workflow task property has more details about the expected dictionary.

Batch Upgrade Steps

Each service template may optionally define a upgrade_batch_tasks key, which is a list of ansible tasks to be performed during the upgrade process.

Similar to the step_config, we allow a series of steps for the per-service upgrade sequence, defined as ansible tasks with a tag e.g "step1" for the first step, "step2" for the second, etc (currently only two steps are supported, but more may be added when required as additional services get converted to batched upgrades).

Note that each step is performed in batches, then we move on to the next step which is also performed in batches (we don't perform all steps on one node, then move on to the next one which means you can sequence rolling upgrades of dependent services via the step value).

The tasks performed at each step is service specific, but note that all batch upgrade steps are performed before the upgrade_tasks described below. This means that all services that support rolling upgrades can be upgraded without downtime during upgrade_batch_tasks, then any remaining services are stopped and upgraded during upgrade_tasks

The default batch size is 1, but this can be overridden for each role via the upgrade_batch_size option in roles_data.yaml

Upgrade Steps

Each service template may optionally define a upgrade_tasks key, which is a list of ansible tasks to be performed during the upgrade process.

Similar to the step_config, we allow a series of steps for the per-service upgrade sequence, defined as ansible tasks with a tag e.g "step1" for the first step, "step2" for the second, etc.

Steps/tags correlate to the following:

  1. Stop all control-plane services.

  2. Quiesce the control-plane, e.g disable LoadBalancer, stop pacemaker cluster: this will stop the following resource:

    • ocata:
      • galera
      • rabbit
      • redis
      • haproxy
      • vips
      • cinder-volumes
      • cinder-backup
      • manilla-share
      • rbd-mirror

    The exact order is controlled by the cluster constraints.

  3. Perform a package update and install new packages: A general upgrade is done, and only new package should go into service ansible tasks.

  4. Start services needed for migration tasks (e.g DB)

  5. Perform any migration tasks, e.g DB sync commands

Note that the services are not started in the upgrade tasks - we instead re-run puppet which does any reconfiguration required for the new version, then starts the services.

Update Steps

Each service template may optionally define a update_tasks key, which is a list of ansible tasks to be performed during the minor update process.

Similar to the upgrade_tasks, we allow a series of steps for the per-service update sequence, but note update_task selects the steps via a conditional referencing the step variable e.g when: step == 2, which is different to the tags based approach used for upgrade_tasks (the two may be aligned in future).

Nova Server Metadata Settings

One can use the hook of type OS::TripleO::ServiceServerMetadataHook to pass entries to the nova instances' metadata. It is, however, disabled by default. In order to overwrite it one needs to define it in the resource registry. An implementation of this hook needs to conform to the following:

  • It needs to define an input called RoleData of json type. This gets as input the contents of the role_data for each role's ServiceChain.
  • This needs to define an output called metadata which will be given to the Nova Server resource as the instance's metadata.