openstack
/
tripleo-heat-templates
Code Issues Proposed changes
tripleo-heat-templates/puppet/services
History
Emilien Macchi 7322d60610 Enable firewalling by default on compute nodes 
- Move VXLAN and VRRP rules from Neutron Server to the right services.
- Enable Firewall by default on Compute nodes.

Change-Id: I99d172dcedaf6be297aad184cc51fe9f292a57e1
 		2016-10-06 12:07:35 -04:00
..
database Bind MySQL address to hostname appropriate to its network 2016-09-26 10:37:58 +03:00
logging restore missing fluentd client functionality 2016-10-05 13:39:06 -04:00
monitoring Availability monitoring agents support 2016-08-31 09:22:59 -04:00
network add composable services for Contrail 2016-09-05 20:44:30 +02:00
pacemaker Include redis/mongo hiera when using pacemaker 2016-10-04 10:04:44 -04:00
time Fix NTP servers hieradata 2016-09-27 16:11:10 +02:00
README.rst Add global_config_settings to services' output 2016-08-26 11:11:47 +02:00
aodh-api.yaml Move db::mysql into service_config_settings 2016-09-28 07:01:49 -04:00
aodh-base.yaml telemetry: remove coordination_url hiera settings 2016-09-30 09:48:56 -04:00
aodh-evaluator.yaml Availability monitoring agents support 2016-08-31 09:22:59 -04:00
aodh-listener.yaml Availability monitoring agents support 2016-08-31 09:22:59 -04:00
aodh-notifier.yaml Availability monitoring agents support 2016-08-31 09:22:59 -04:00
apache.yaml Provide for RAM-constrained environments 2016-09-21 15:14:20 +02:00
ca-certs.yaml Add deployment of CAs via hieradata 2016-08-22 18:10:26 +03:00
ceilometer-agent-central.yaml telemetry: remove coordination_url hiera settings 2016-09-30 09:48:56 -04:00
ceilometer-agent-compute.yaml Availability monitoring agents support 2016-08-31 09:22:59 -04:00
ceilometer-agent-notification.yaml Add fluentd client service 2016-09-17 01:31:12 +00:00
ceilometer-api.yaml Move db::mysql into service_config_settings 2016-09-28 07:01:49 -04:00
ceilometer-base.yaml Move db::mysql into service_config_settings 2016-09-28 07:01:49 -04:00
ceilometer-collector.yaml Move db::mysql into service_config_settings 2016-09-28 07:01:49 -04:00
ceilometer-expirer.yaml Availability monitoring agents support 2016-08-31 09:22:59 -04:00
ceph-base.yaml Move ceph cluster config out of allNodesConfig 2016-08-30 12:51:50 +02:00
ceph-client.yaml Availability monitoring agents support 2016-08-31 09:22:59 -04:00
ceph-external.yaml Availability monitoring agents support 2016-08-31 09:22:59 -04:00
ceph-mon.yaml Use osd_pool_default_* puppet parameters when creating the pools 2016-09-19 11:52:14 +02:00
ceph-osd.yaml Availability monitoring agents support 2016-08-31 09:22:59 -04:00
ceph-rgw.yaml Move keystone::auth into service_config_settings 2016-09-23 07:43:21 -04:00
cinder-api.yaml Move db::mysql into service_config_settings 2016-09-28 07:01:49 -04:00
cinder-backup.yaml Availability monitoring agents support 2016-08-31 09:22:59 -04:00
cinder-base.yaml Cinder volume service is not managed by Pacemaker on BlockStorage 2016-09-29 17:57:40 +02:00
cinder-scheduler.yaml Add fluentd client service 2016-09-17 01:31:12 +00:00
cinder-volume.yaml Add fluentd client service 2016-09-17 01:31:12 +00:00
glance-api.yaml Move db::mysql into service_config_settings 2016-09-28 07:01:49 -04:00
glance-registry.yaml Move db::mysql into service_config_settings 2016-09-28 07:01:49 -04:00
gnocchi-api.yaml Move db::mysql into service_config_settings 2016-09-28 07:01:49 -04:00
gnocchi-base.yaml telemetry: remove coordination_url hiera settings 2016-09-30 09:48:56 -04:00
gnocchi-metricd.yaml Add metricd workers support in gnocchi 2016-09-26 09:28:20 +02:00
gnocchi-statsd.yaml Availability monitoring agents support 2016-08-31 09:22:59 -04:00
haproxy.yaml Merge "Cleanup haproxy service from explicit services enablement" 2016-09-06 15:33:52 +00:00
heat-api-cfn.yaml Move keystone::auth into service_config_settings 2016-09-23 07:43:21 -04:00
heat-api-cloudwatch.yaml Add fluentd client service 2016-09-17 01:31:12 +00:00
heat-api.yaml Move keystone::auth into service_config_settings 2016-09-23 07:43:21 -04:00
heat-base.yaml configure Heat with new authtoken parameters 2016-08-30 13:03:10 +00:00
heat-engine.yaml Move db::mysql into service_config_settings 2016-09-28 07:01:49 -04:00
horizon.yaml Merge "Remove repeated apache-related hieradata" 2016-09-02 12:19:45 +00:00
ironic-api.yaml Move db::mysql into service_config_settings 2016-09-28 07:01:49 -04:00
ironic-base.yaml Move db::mysql into service_config_settings 2016-09-28 07:01:49 -04:00
ironic-conductor.yaml Ironic: update default enabled drivers 2016-09-04 17:48:17 +02:00
keepalived.yaml Enable firewalling by default on compute nodes 2016-10-06 12:07:35 -04:00
kernel.yaml Add DefaultPasswords to composable services 2016-08-18 12:45:30 -04:00
keystone.yaml Move db::mysql into service_config_settings 2016-09-28 07:01:49 -04:00
manila-api.yaml Move db::mysql into service_config_settings 2016-09-28 07:01:49 -04:00
manila-backend-cephfs.yaml Set proper ceph config path for manila 2016-10-05 17:55:09 -04:00
manila-backend-generic.yaml Add NetApp Manila driver integration and tidy up generic 2016-09-13 14:28:43 +03:00
manila-backend-netapp.yaml Add NetApp Manila driver integration and tidy up generic 2016-09-13 14:28:43 +03:00
manila-base.yaml Move db::mysql into service_config_settings 2016-09-28 07:01:49 -04:00
manila-scheduler.yaml Move db::mysql into service_config_settings 2016-09-28 07:01:49 -04:00
manila-share.yaml Availability monitoring agents support 2016-08-31 09:22:59 -04:00
memcached.yaml Availability monitoring agents support 2016-08-31 09:22:59 -04:00
neutron-api.yaml Enable firewalling by default on compute nodes 2016-10-06 12:07:35 -04:00
neutron-base.yaml Adjust MTU to compensate for VLAN tag issue 2016-09-09 18:46:36 -02:30
neutron-compute-plugin-midonet.yaml Add DefaultPasswords to composable services 2016-08-18 12:45:30 -04:00
neutron-compute-plugin-nuage.yaml Add DefaultPasswords to composable services 2016-08-18 12:45:30 -04:00
neutron-compute-plugin-opencontrail.yaml Add DefaultPasswords to composable services 2016-08-18 12:45:30 -04:00
neutron-compute-plugin-ovn.yaml OVN heat templates 2016-09-01 16:06:38 -04:00
neutron-compute-plugin-plumgrid.yaml Add DefaultPasswords to composable services 2016-08-18 12:45:30 -04:00
neutron-dhcp.yaml Add fluentd client service 2016-09-17 01:31:12 +00:00
neutron-l3-compute-dvr.yaml Add fluentd client service 2016-09-17 01:31:12 +00:00
neutron-l3.yaml Enable firewalling by default on compute nodes 2016-10-06 12:07:35 -04:00
neutron-metadata.yaml Neutron metadata agent worker count fix 2016-09-22 12:46:37 -02:30
neutron-midonet.yaml Availability monitoring agents support 2016-08-31 09:22:59 -04:00
neutron-ovs-agent.yaml Enable firewalling by default on compute nodes 2016-10-06 12:07:35 -04:00
neutron-ovs-dpdk-agent.yaml Fix service config files having wrong map_merge format 2016-09-07 16:21:28 +05:30
neutron-plugin-ml2-ovn.yaml OVN heat templates 2016-09-01 16:06:38 -04:00
neutron-plugin-ml2.yaml Add trunking plugin to list of default ML2 service plugins 2016-08-30 15:27:33 -02:30
neutron-plugin-nuage.yaml Add DefaultPasswords to composable services 2016-08-18 12:45:30 -04:00
neutron-plugin-opencontrail.yaml Add DefaultPasswords to composable services 2016-08-18 12:45:30 -04:00
neutron-plugin-plumgrid.yaml Add DefaultPasswords to composable services 2016-08-18 12:45:30 -04:00
neutron-sriov-agent.yaml Add base neutron service configuration 2016-09-07 15:28:11 +05:30
nova-api.yaml Move db::mysql into service_config_settings 2016-09-28 07:01:49 -04:00
nova-base.yaml Move db::mysql into service_config_settings 2016-09-28 07:01:49 -04:00
nova-compute.yaml Merge "Set VNC URL parameters for nova-compute" 2016-09-19 15:57:19 +00:00
nova-conductor.yaml Add fluentd client service 2016-09-17 01:31:12 +00:00
nova-consoleauth.yaml Add fluentd client service 2016-09-17 01:31:12 +00:00
nova-ironic.yaml Add DefaultPasswords to composable services 2016-08-18 12:45:30 -04:00
nova-libvirt.yaml Availability monitoring agents support 2016-08-31 09:22:59 -04:00
nova-metadata.yaml Add nova-metadata template 2016-09-20 13:25:53 +03:00
nova-scheduler.yaml Add fluentd client service 2016-09-17 01:31:12 +00:00
nova-vnc-proxy.yaml Add fluentd client service 2016-09-17 01:31:12 +00:00
opendaylight-api.yaml Cleanup haproxy service from explicit services enablement 2016-08-30 13:55:47 +02:00
opendaylight-ovs.yaml Adds OpenDaylight composable service 2016-08-26 09:35:25 -04:00
pacemaker.yaml Add fluentd client service 2016-09-17 01:31:12 +00:00
rabbitmq.yaml Merge "Balance Rabbitmq Queue Master Location on queue declaration with min-masters strategy" 2016-10-03 09:50:23 +00:00
sahara-api.yaml Move db::mysql into service_config_settings 2016-09-28 07:01:49 -04:00
sahara-base.yaml Move db::mysql into service_config_settings 2016-09-28 07:01:49 -04:00
sahara-engine.yaml Add fluentd client service 2016-09-17 01:31:12 +00:00
services.yaml restore missing fluentd client functionality 2016-10-05 13:39:06 -04:00
snmp.yaml Move snmp settings into composable services 2016-09-02 07:14:05 -04:00
swift-base.yaml Move Swift hiera settings into composable services 2016-08-25 20:27:11 -04:00
swift-proxy.yaml Move keystone::auth into service_config_settings 2016-09-23 07:43:21 -04:00
swift-ringbuilder.yaml Convert SwiftDevicesAndProxyConfig to composable format 2016-09-08 20:19:37 +00:00
swift-storage.yaml Convert SwiftDevicesAndProxyConfig to composable format 2016-09-08 20:19:37 +00:00
tripleo-firewall.yaml Re-enable ManageFirewall by default. 2016-10-06 15:08:53 +00:00
tripleo-packages.yaml Add DefaultPasswords to composable services 2016-08-18 12:45:30 -04:00
vip-hosts.yaml Generate VIP info for ctlplane VIP, not management 2016-09-09 08:43:24 +03:00

README.rst

services

A TripleO nested stack Heat template that encapsulates generic configuration data to configure a specific service. This generally includes everything needed to configure the service excluding the local bind ports which are still managed in the per-node role templates directly (controller.yaml, compute.yaml, etc.). All other (global) service settings go into the puppet/service templates.

Input Parameters

Each service may define its own input parameters and defaults. Operators will use the parameter_defaults section of any Heat environment to set per service parameters.

Config Settings

Each service may define a config_settings output variable which returns Hiera settings to be configured.

Steps

Each service may define an output variable which returns a puppet manifest snippet that will run at each of the following steps. Earlier manifests are re-asserted when applying latter ones.

  • config_settings: Custom hiera settings for this service.

  • global_config_settings: Additional hiera settings distributed to all roles.

  • step_config: A puppet manifest that is used to step through the deployment sequence. Each sequence is given a "step" (via hiera('step') that provides information for when puppet classes should activate themselves.

    Steps correlate to the following:

    1. Load Balancer configuration
    2. Core Services (Database/Rabbit/NTP/etc.)
    3. Early Openstack Service setup (Ringbuilder, etc.)
    4. General OpenStack Services
    5. Service activation (Pacemaker)
    6. Fencing (Pacemaker)

Note: Not all roles currently support all steps:

  • ObjectStorage role only supports steps 2, 3 and 4