afb7b78e3a
This new role is used to register nodes as ipa-clients and
configure the services required in IPA using ansible, rather
than using novajoin. This is required on the standalone
environment, where there is no novajoin. It will also be the
implementation used when nova is removed from the undercloud
and for pre-provisioned nodes. The existing IpaClient
composable service will be removed in a future release.
This code replaces the server ipaclient-baremetal-ansible by using
a role from freeipa-ansible to register the nodes (controllers,
computes) as ipa-clients.
In external_tasks, the host entry is created and an otp is stored
as a host variable. In deploy_step_tasks, this otp is used to
register the node. The IPA configuration tasks are delegated to
http://opendev.org/x/tripleo-ipa roles.
Co-Authored-By: Grzegorz Grasza <xek@redhat.com>
Change-Id: I7dcd4608d3998596c2e4da19a8eca0d48e1fa841
(cherry picked from commit ae68c90b92)
290 lines
12 KiB
YAML
290 lines
12 KiB
YAML
#
|
|
# This environment generator is used to generate some sample composable role
|
|
# environment files.
|
|
#
|
|
environments:
|
|
-
|
|
name: standalone/standalone-tripleo
|
|
title: Standalone Environment (no undercloud)
|
|
description: |
|
|
A Heat environment that can be used to deploy a single node all-in-one
|
|
node via the 'overcloud tripleo deploy' command. This does not
|
|
require an Undercloud for the deployment and can be used to deploy
|
|
a single node on the local machine.
|
|
|
|
By default we only want the following OpenStack services to be enabled:
|
|
* Keystone
|
|
* Nova (and related)
|
|
* Neutron (and related)
|
|
* Glance
|
|
* Cinder
|
|
* Swift (single replica mode)
|
|
* Horizon
|
|
This file disables any other OpenStack services that would normally be
|
|
enabled.
|
|
|
|
openstack overcloud roles generate -o ~/roles_data.yaml Standalone
|
|
files:
|
|
deployment/swift/swift-storage-container-puppet.yaml:
|
|
parameters:
|
|
- SwiftReplicas
|
|
deployment/timesync/chrony-baremetal-ansible.yaml:
|
|
parameters:
|
|
- NtpServer
|
|
deployment/tripleo-packages/tripleo-packages-baremetal-puppet.yaml:
|
|
parameters:
|
|
- EnablePackageInstall
|
|
deployment/sshd/sshd-baremetal-puppet.yaml:
|
|
parameters:
|
|
- SshFirewallAllowAll
|
|
# TODO(aschultz): hack to pull in this config transport, not sure it is
|
|
# still neded.
|
|
puppet/controller-role.yaml:
|
|
parameters:
|
|
- SoftwareConfigTransport
|
|
- DnsServers
|
|
sample-env-generator/standalone.yaml:
|
|
parameters:
|
|
- AddVipsToEtcHosts
|
|
sample_values:
|
|
StackAction: CREATE
|
|
SoftwareConfigTransport: POLL_SERVER_HEAT
|
|
EnablePackageInstall: true
|
|
SwiftReplicas: 1
|
|
SshFirewallAllowAll: true
|
|
resource_registry:
|
|
# this network config is assumed by the tripleo deploy command
|
|
OS::TripleO::Network::Ports::RedisVipPort: ../../network/ports/noop.yaml
|
|
OS::TripleO::Network::Ports::OVNDBsVipPort: ../../network/ports/noop.yaml
|
|
OS::TripleO::Network::Ports::ControlPlaneVipPort: ../../deployed-server/deployed-neutron-port.yaml
|
|
OS::TripleO::Standalone::Net::SoftwareConfig: ../../net-config-standalone.yaml
|
|
|
|
# OVN
|
|
OS::TripleO::Services::OVNDBs: ../../deployment/ovn/ovn-dbs-container-puppet.yaml
|
|
|
|
OS::TripleO::Services::OpenStackClients: ../../deployment/clients/openstack-clients-baremetal-puppet.yaml
|
|
|
|
# Disable Docker
|
|
OS::TripleO::Services::Docker: OS::Heat::None
|
|
# Activate container image prepare
|
|
OS::TripleO::Services::ContainerImagePrepare: ../../deployment/container-image-prepare/container-image-prepare-baremetal-ansible.yaml
|
|
OS::TripleO::Services::Podman: ../../deployment/podman/podman-baremetal-ansible.yaml
|
|
OS::TripleO::Services::DockerRegistry: ../../deployment/image-serve/image-serve-baremetal-ansible.yaml
|
|
|
|
# Install tmpwatch
|
|
OS::TripleO::Services::Tmpwatch: ../../deployment/logrotate/tmpwatch-install.yaml
|
|
|
|
# Disable non-openstack services that are enabled by default
|
|
OS::TripleO::Services::HAproxy: OS::Heat::None
|
|
OS::TripleO::Services::Keepalived: OS::Heat::None
|
|
OS::TripleO::Services::Kubernetes::Master: OS::Heat::None
|
|
OS::TripleO::Services::Kubernetes::Worker: OS::Heat::None
|
|
|
|
# Aodh
|
|
OS::TripleO::Services::AodhApi: OS::Heat::None
|
|
OS::TripleO::Services::AodhEvaluator: OS::Heat::None
|
|
OS::TripleO::Services::AodhEvaluator: OS::Heat::None
|
|
OS::TripleO::Services::AodhListener: OS::Heat::None
|
|
OS::TripleO::Services::AodhNotifier: OS::Heat::None
|
|
# Barbican
|
|
OS::TripleO::Services::BarbicanApi: OS::Heat::None
|
|
OS::TripleO::Services::BarbicanBackendDogtag: OS::Heat::None
|
|
OS::TripleO::Services::BarbicanBackendKmip: OS::Heat::None
|
|
OS::TripleO::Services::BarbicanBackendPkcs11Crypto: OS::Heat::None
|
|
OS::TripleO::Services::BarbicanBackendSimpleCrypto: OS::Heat::None
|
|
# Ceilometer
|
|
OS::TripleO::Services::CeilometerAgentCentral: OS::Heat::None
|
|
OS::TripleO::Services::CeilometerAgentNotification: OS::Heat::None
|
|
OS::TripleO::Services::ComputeCeilometerAgent: OS::Heat::None
|
|
# Designate
|
|
OS::TripleO::Services::DesignateApi: OS::Heat::None
|
|
OS::TripleO::Services::DesignateCentral: OS::Heat::None
|
|
OS::TripleO::Services::DesignateMDNS: OS::Heat::None
|
|
OS::TripleO::Services::DesignateProducer: OS::Heat::None
|
|
OS::TripleO::Services::DesignateSink: OS::Heat::None
|
|
OS::TripleO::Services::DesignateWorker: OS::Heat::None
|
|
# Gnocchi
|
|
OS::TripleO::Services::GnocchiApi: OS::Heat::None
|
|
OS::TripleO::Services::GnocchiMetricd: OS::Heat::None
|
|
OS::TripleO::Services::GnocchiStatsd: OS::Heat::None
|
|
# Heat
|
|
OS::TripleO::Services::HeatApi: OS::Heat::None
|
|
OS::TripleO::Services::HeatApiCfn: OS::Heat::None
|
|
OS::TripleO::Services::HeatApiCloudwatch: OS::Heat::None
|
|
OS::TripleO::Services::HeatEngine: OS::Heat::None
|
|
# TLS
|
|
OS::TripleO::Services::IpaClient: OS::Heat::None
|
|
# Ironic
|
|
OS::TripleO::Services::IronicApi: OS::Heat::None
|
|
OS::TripleO::Services::IronicConductor: OS::Heat::None
|
|
OS::TripleO::Services::IronicInspector: OS::Heat::None
|
|
OS::TripleO::Services::IronicNeutronAgent: OS::Heat::None
|
|
OS::TripleO::Services::IronicPxe: OS::Heat::None
|
|
# Manila
|
|
OS::TripleO::Services::ManilaApi: OS::Heat::None
|
|
OS::TripleO::Services::ManilaBackendCephFs: OS::Heat::None
|
|
OS::TripleO::Services::ManilaBackendIsilon: OS::Heat::None
|
|
OS::TripleO::Services::ManilaBackendNetapp: OS::Heat::None
|
|
OS::TripleO::Services::ManilaBackendUnity: OS::Heat::None
|
|
OS::TripleO::Services::ManilaBackendVMAX: OS::Heat::None
|
|
OS::TripleO::Services::ManilaBackendVNX: OS::Heat::None
|
|
OS::TripleO::Services::ManilaScheduler: OS::Heat::None
|
|
OS::TripleO::Services::ManilaShare: OS::Heat::None
|
|
# Mistral
|
|
OS::TripleO::Services::MistralApi: OS::Heat::None
|
|
OS::TripleO::Services::MistralEngine: OS::Heat::None
|
|
OS::TripleO::Services::MistralEventEngine: OS::Heat::None
|
|
OS::TripleO::Services::MistralExecutor: OS::Heat::None
|
|
# Rear
|
|
OS::TripleO::Services::Rear: OS::Heat::None
|
|
# Panko
|
|
OS::TripleO::Services::PankoApi: OS::Heat::None
|
|
# Redis
|
|
OS::TripleO::Services::Redis: OS::Heat::None
|
|
# Rsyslog
|
|
OS::TripleO::Services::Rsyslog: ../../deployment/logging/rsyslog-baremetal-ansible.yaml
|
|
# Sahara
|
|
OS::TripleO::Services::SaharaApi: OS::Heat::None
|
|
OS::TripleO::Services::SaharaEngine: OS::Heat::None
|
|
# Zaqar
|
|
OS::TripleO::Services::Zaqar: OS::Heat::None
|
|
|
|
-
|
|
name: standalone/standalone-overcloud
|
|
title: Standalone Environment (via undercloud)
|
|
description: |
|
|
A Heat environment that can be used to deploy a single node all-in-one
|
|
node via an Undercloud using the normal Overcloud deployment process.
|
|
|
|
By default we only want the following OpenStack services to be enabled:
|
|
* Keystone
|
|
* Nova (and related)
|
|
* Neutron (and related)
|
|
* Glance
|
|
* Cinder
|
|
* Swift (single replica mode)
|
|
* Horizon
|
|
This file disables any other OpenStack services that would normally be
|
|
enabled.
|
|
|
|
openstack overcloud roles generate -o ~/roles_data.yaml Standalone
|
|
files:
|
|
deployment/swift/swift-storage-container-puppet.yaml:
|
|
parameters:
|
|
- SwiftReplicas
|
|
deployment/timesync/chrony-baremetal-ansible.yaml:
|
|
parameters:
|
|
- NtpServer
|
|
# TODO(aschultz): hack to pull in this config transport, not sure it is
|
|
# still neded.
|
|
puppet/controller-role.yaml:
|
|
parameters:
|
|
- DnsServers
|
|
sample-env-generator/standalone.yaml:
|
|
parameters:
|
|
- StandaloneHostnameFormat
|
|
- StandaloneCount
|
|
- OvercloudStandaloneFlavor
|
|
sample_values:
|
|
StandaloneCount: 1
|
|
OvercloudStandaloneFlavor: standalone
|
|
SwiftReplicas: 1
|
|
resource_registry:
|
|
OS::TripleO::Standalone::Net::SoftwareConfig: ../../net-config-bridge.yaml
|
|
|
|
OS::TripleO::Services::OpenStackClients: ../../deployment/clients/openstack-clients-baremetal-puppet.yaml
|
|
|
|
# Disable non-openstack services that are enabled by default
|
|
OS::TripleO::Services::Kubernetes::Master: OS::Heat::None
|
|
OS::TripleO::Services::Kubernetes::Worker: OS::Heat::None
|
|
|
|
# Aodh
|
|
OS::TripleO::Services::AodhApi: OS::Heat::None
|
|
OS::TripleO::Services::AodhEvaluator: OS::Heat::None
|
|
OS::TripleO::Services::AodhEvaluator: OS::Heat::None
|
|
OS::TripleO::Services::AodhListener: OS::Heat::None
|
|
OS::TripleO::Services::AodhNotifier: OS::Heat::None
|
|
# Barbican
|
|
OS::TripleO::Services::BarbicanApi: OS::Heat::None
|
|
OS::TripleO::Services::BarbicanBackendDogtag: OS::Heat::None
|
|
OS::TripleO::Services::BarbicanBackendKmip: OS::Heat::None
|
|
OS::TripleO::Services::BarbicanBackendPkcs11Crypto: OS::Heat::None
|
|
OS::TripleO::Services::BarbicanBackendSimpleCrypto: OS::Heat::None
|
|
# Ceilometer
|
|
OS::TripleO::Services::CeilometerAgentCentral: OS::Heat::None
|
|
OS::TripleO::Services::CeilometerAgentNotification: OS::Heat::None
|
|
OS::TripleO::Services::ComputeCeilometerAgent: OS::Heat::None
|
|
# Designate
|
|
OS::TripleO::Services::DesignateApi: OS::Heat::None
|
|
OS::TripleO::Services::DesignateCentral: OS::Heat::None
|
|
OS::TripleO::Services::DesignateMDNS: OS::Heat::None
|
|
OS::TripleO::Services::DesignateProducer: OS::Heat::None
|
|
OS::TripleO::Services::DesignateSink: OS::Heat::None
|
|
OS::TripleO::Services::DesignateWorker: OS::Heat::None
|
|
# Gnocchi
|
|
OS::TripleO::Services::GnocchiApi: OS::Heat::None
|
|
OS::TripleO::Services::GnocchiMetricd: OS::Heat::None
|
|
OS::TripleO::Services::GnocchiStatsd: OS::Heat::None
|
|
# Heat
|
|
OS::TripleO::Services::HeatApi: OS::Heat::None
|
|
OS::TripleO::Services::HeatApiCfn: OS::Heat::None
|
|
OS::TripleO::Services::HeatApiCloudwatch: OS::Heat::None
|
|
OS::TripleO::Services::HeatEngine: OS::Heat::None
|
|
# TLS
|
|
OS::TripleO::Services::IpaClient: OS::Heat::None
|
|
# Ironic
|
|
OS::TripleO::Services::IronicApi: OS::Heat::None
|
|
OS::TripleO::Services::IronicConductor: OS::Heat::None
|
|
OS::TripleO::Services::IronicInspector: OS::Heat::None
|
|
OS::TripleO::Services::IronicNeutronAgent: OS::Heat::None
|
|
OS::TripleO::Services::IronicPxe: OS::Heat::None
|
|
# Manila
|
|
OS::TripleO::Services::ManilaApi: OS::Heat::None
|
|
OS::TripleO::Services::ManilaBackendCephFs: OS::Heat::None
|
|
OS::TripleO::Services::ManilaBackendIsilon: OS::Heat::None
|
|
OS::TripleO::Services::ManilaBackendNetapp: OS::Heat::None
|
|
OS::TripleO::Services::ManilaBackendUnity: OS::Heat::None
|
|
OS::TripleO::Services::ManilaBackendVMAX: OS::Heat::None
|
|
OS::TripleO::Services::ManilaBackendVNX: OS::Heat::None
|
|
OS::TripleO::Services::ManilaScheduler: OS::Heat::None
|
|
OS::TripleO::Services::ManilaShare: OS::Heat::None
|
|
# Mistral
|
|
OS::TripleO::Services::MistralApi: OS::Heat::None
|
|
OS::TripleO::Services::MistralEngine: OS::Heat::None
|
|
OS::TripleO::Services::MistralEventEngine: OS::Heat::None
|
|
OS::TripleO::Services::MistralExecutor: OS::Heat::None
|
|
# Panko
|
|
OS::TripleO::Services::PankoApi: OS::Heat::None
|
|
# Sahara
|
|
OS::TripleO::Services::SaharaApi: OS::Heat::None
|
|
OS::TripleO::Services::SaharaEngine: OS::Heat::None
|
|
# Zaqar
|
|
OS::TripleO::Services::Zaqar: OS::Heat::None
|
|
|
|
# NOTE(aschultz): So because these are dynamic based on the roles used, we
|
|
# do not currently define these in any heat files. So we're defining them here
|
|
# so that the sample env generator can still provide these configuration items
|
|
# in the generated config files.
|
|
parameters:
|
|
# Dynamic vars based on roles
|
|
StandaloneCount:
|
|
default: 0
|
|
description: Number of Standalone nodes
|
|
type: number
|
|
StandaloneHostnameFormat:
|
|
type: string
|
|
description: >
|
|
Format for Standalone node hostnames
|
|
Note %index% is translated into the index of the node, e.g 0/1/2 etc
|
|
and %stackname% is replaced with the stack name e.g overcloud
|
|
default: "%stackname%-standalone-%index%"
|
|
OvercloudStandaloneFlavor:
|
|
default: standalone
|
|
description: Name of the flavor for Standalone nodes
|
|
type: string
|
|
AddVipsToEtcHosts:
|
|
default: false
|
|
description: >
|
|
Set to true to append per network Vips to /etc/hosts on each node.
|
|
type: string
|