321e605a0a
This change adds a new set of network templates with IPv6 subnets that can be used instead of the existing IPv4 networks. Each network can use either the IPv4 or IPv6 template, and the Neutron subnet will be created with the specified IP version. The default addresses used for the IPv6 networks use the fd00::/8 prefix for the internal isolated networks (this range is reserved for private use similar to 10.0.0.0/8), and 2001:db8:fd00:1000::/64 is used as an example default for the External network (2001:db8::/32 are the documentation addresses [RFC3849]), but this would ordinarily be a globally addressable subnet. These parameters may be overridden in an environment file. This change will require updates to the OpenStack Puppet Modules to support IPv6 addresses in some of the hieradata values. Many of the OPM modules already have IPv6 support to support IPv6 deployments in Packstack, but some OPM packages that apply only to Instack/TripleO deployments need to be updated. IPv6 addresses used in URLs need to be surrounded by brackets in order to differentiate IP address from port number. This change adds a new output to the network/ports resources for ip_address_uri, which is an IP address with brackets in the case of IPv6, and a raw IP address without brackets for IPv4 ports. This change also updates some URLs which are constructed in Heat. This has been tested and problems were found with Puppet not accepting IPv6 addresses. This is addressed in the latest Puppet. Additional changes were required to make this work with Ceph. IPv6 tunnel endpoints with Open vSwitch are not yet supported (although support is coming soon), so this review leaves the Tenant network as an isolated IPv4 network for the time being. Change-Id: Ie7a742bdf1db533edda2998a53d28528f80ef8e2
437 lines
16 KiB
YAML
437 lines
16 KiB
YAML
heat_template_version: 2015-04-30
|
|
description: 'OpenStack cinder storage configured by Puppet'
|
|
parameters:
|
|
Image:
|
|
default: overcloud-cinder-volume
|
|
type: string
|
|
CinderEnableIscsiBackend:
|
|
default: true
|
|
description: Whether to enable or not the Iscsi backend for Cinder
|
|
type: boolean
|
|
CinderISCSIHelper:
|
|
default: tgtadm
|
|
description: The iSCSI helper to use with cinder.
|
|
type: string
|
|
CinderLVMLoopDeviceSize:
|
|
default: 10280
|
|
description: The size of the loopback file used by the cinder LVM driver.
|
|
type: number
|
|
CinderPassword:
|
|
description: The password for the cinder service and db account, used by cinder-api.
|
|
type: string
|
|
hidden: true
|
|
Debug:
|
|
default: ''
|
|
description: Set to True to enable debugging on all services.
|
|
type: string
|
|
VirtualIP: # deprecated. Use per service VIPs instead.
|
|
default: ''
|
|
type: string
|
|
ExtraConfig:
|
|
default: {}
|
|
description: |
|
|
Additional hiera configuration to inject into the cluster. Note
|
|
that BlockStorageExtraConfig takes precedence over ExtraConfig.
|
|
type: json
|
|
BlockStorageExtraConfig:
|
|
default: {}
|
|
description: |
|
|
Role specific additional hiera configuration to inject into the cluster.
|
|
type: json
|
|
Flavor:
|
|
description: Flavor for block storage nodes to request when deploying.
|
|
type: string
|
|
constraints:
|
|
- custom_constraint: nova.flavor
|
|
KeyName:
|
|
default: default
|
|
description: Name of an existing Nova key pair to enable SSH access to the instances
|
|
type: string
|
|
RabbitPassword:
|
|
default: 'guest'
|
|
type: string
|
|
hidden: true
|
|
RabbitUserName:
|
|
default: 'guest'
|
|
type: string
|
|
RabbitClientUseSSL:
|
|
default: false
|
|
description: >
|
|
Rabbit client subscriber parameter to specify
|
|
an SSL connection to the RabbitMQ host.
|
|
type: string
|
|
RabbitClientPort:
|
|
default: 5672
|
|
description: Set rabbit subscriber port, change this if using SSL
|
|
type: number
|
|
SnmpdReadonlyUserName:
|
|
default: ro_snmp_user
|
|
description: The user name for SNMPd with readonly rights running on all Overcloud nodes
|
|
type: string
|
|
SnmpdReadonlyUserPassword:
|
|
description: The user password for SNMPd with readonly rights running on all Overcloud nodes
|
|
type: string
|
|
hidden: true
|
|
NtpServer:
|
|
default: ''
|
|
description: Comma-separated list of ntp servers
|
|
type: comma_delimited_list
|
|
EnablePackageInstall:
|
|
default: 'false'
|
|
description: Set to true to enable package installation via Puppet
|
|
type: boolean
|
|
UpdateIdentifier:
|
|
default: ''
|
|
type: string
|
|
description: >
|
|
Setting to a previously unused value during stack-update will trigger
|
|
package update on all nodes
|
|
Hostname:
|
|
type: string
|
|
default: '' # Defaults to Heat created hostname
|
|
HostnameMap:
|
|
type: json
|
|
default: {}
|
|
description: Optional mapping to override hostnames
|
|
ServiceNetMap:
|
|
default: {}
|
|
description: Mapping of service_name -> network name. Typically set
|
|
via parameter_defaults in the resource registry.
|
|
type: json
|
|
EndpointMap:
|
|
default: {}
|
|
description: Mapping of service endpoint -> protocol. Typically set
|
|
via parameter_defaults in the resource registry.
|
|
type: json
|
|
TimeZone:
|
|
default: 'UTC'
|
|
description: The timezone to be set on Cinder nodes.
|
|
type: string
|
|
GlanceApiVirtualIP:
|
|
type: string
|
|
default: ''
|
|
MysqlVirtualIPUri:
|
|
type: string
|
|
default: ''
|
|
NetworkDeploymentActions:
|
|
type: comma_delimited_list
|
|
description: >
|
|
Heat action when to apply network configuration changes
|
|
default: ['CREATE']
|
|
SoftwareConfigTransport:
|
|
default: POLL_SERVER_CFN
|
|
description: |
|
|
How the server should receive the metadata required for software configuration.
|
|
type: string
|
|
constraints:
|
|
- allowed_values: [POLL_SERVER_CFN, POLL_SERVER_HEAT, POLL_TEMP_URL, ZAQAR_MESSAGE]
|
|
CloudDomain:
|
|
default: ''
|
|
type: string
|
|
description: >
|
|
The DNS domain used for the hosts. This should match the dhcp_domain
|
|
configured in the Undercloud neutron. Defaults to localdomain.
|
|
ServerMetadata:
|
|
default: {}
|
|
description: >
|
|
Extra properties or metadata passed to Nova for the created nodes in
|
|
the overcloud. It's accessible via the Nova metadata API.
|
|
type: json
|
|
SchedulerHints:
|
|
type: json
|
|
description: Optional scheduler hints to pass to nova
|
|
default: {}
|
|
|
|
|
|
resources:
|
|
BlockStorage:
|
|
type: OS::Nova::Server
|
|
properties:
|
|
image:
|
|
{get_param: Image}
|
|
flavor: {get_param: Flavor}
|
|
key_name: {get_param: KeyName}
|
|
networks:
|
|
- network: ctlplane
|
|
user_data_format: SOFTWARE_CONFIG
|
|
user_data: {get_resource: UserData}
|
|
name:
|
|
str_replace:
|
|
template: {get_param: Hostname}
|
|
params: {get_param: HostnameMap}
|
|
software_config_transport: {get_param: SoftwareConfigTransport}
|
|
metadata: {get_param: ServerMetadata}
|
|
scheduler_hints: {get_param: SchedulerHints}
|
|
|
|
# Combine the NodeAdminUserData and NodeUserData mime archives
|
|
UserData:
|
|
type: OS::Heat::MultipartMime
|
|
properties:
|
|
parts:
|
|
- config: {get_resource: NodeAdminUserData}
|
|
type: multipart
|
|
- config: {get_resource: NodeUserData}
|
|
type: multipart
|
|
|
|
# Creates the "heat-admin" user if configured via the environment
|
|
# Should return a OS::Heat::MultipartMime reference via OS::stack_id
|
|
NodeAdminUserData:
|
|
type: OS::TripleO::NodeAdminUserData
|
|
|
|
# For optional operator additional userdata
|
|
# Should return a OS::Heat::MultipartMime reference via OS::stack_id
|
|
NodeUserData:
|
|
type: OS::TripleO::NodeUserData
|
|
|
|
ExternalPort:
|
|
type: OS::TripleO::BlockStorage::Ports::ExternalPort
|
|
properties:
|
|
ControlPlaneIP: {get_attr: [BlockStorage, networks, ctlplane, 0]}
|
|
|
|
InternalApiPort:
|
|
type: OS::TripleO::BlockStorage::Ports::InternalApiPort
|
|
properties:
|
|
ControlPlaneIP: {get_attr: [BlockStorage, networks, ctlplane, 0]}
|
|
|
|
StoragePort:
|
|
type: OS::TripleO::BlockStorage::Ports::StoragePort
|
|
properties:
|
|
ControlPlaneIP: {get_attr: [BlockStorage, networks, ctlplane, 0]}
|
|
|
|
StorageMgmtPort:
|
|
type: OS::TripleO::BlockStorage::Ports::StorageMgmtPort
|
|
properties:
|
|
ControlPlaneIP: {get_attr: [BlockStorage, networks, ctlplane, 0]}
|
|
|
|
TenantPort:
|
|
type: OS::TripleO::BlockStorage::Ports::TenantPort
|
|
properties:
|
|
ControlPlaneIP: {get_attr: [BlockStorage, networks, ctlplane, 0]}
|
|
|
|
ManagementPort:
|
|
type: OS::TripleO::BlockStorage::Ports::ManagementPort
|
|
properties:
|
|
ControlPlaneIP: {get_attr: [BlockStorage, networks, ctlplane, 0]}
|
|
|
|
NetworkConfig:
|
|
type: OS::TripleO::BlockStorage::Net::SoftwareConfig
|
|
properties:
|
|
ControlPlaneIp: {get_attr: [BlockStorage, networks, ctlplane, 0]}
|
|
ExternalIpSubnet: {get_attr: [ExternalPort, ip_subnet]}
|
|
InternalApiIpSubnet: {get_attr: [InternalApiPort, ip_subnet]}
|
|
StorageIpSubnet: {get_attr: [StoragePort, ip_subnet]}
|
|
StorageMgmtIpSubnet: {get_attr: [StorageMgmtPort, ip_subnet]}
|
|
TenantIpSubnet: {get_attr: [TenantPort, ip_subnet]}
|
|
ManagementIpSubnet: {get_attr: [ManagementPort, ip_subnet]}
|
|
|
|
NetIpMap:
|
|
type: OS::TripleO::Network::Ports::NetIpMap
|
|
properties:
|
|
ControlPlaneIp: {get_attr: [BlockStorage, networks, ctlplane, 0]}
|
|
ExternalIp: {get_attr: [ExternalPort, ip_address]}
|
|
ExternalIpUri: {get_attr: [ExternalPort, ip_address_uri]}
|
|
InternalApiIp: {get_attr: [InternalApiPort, ip_address]}
|
|
InternalApiIpUri: {get_attr: [InternalApiPort, ip_address_uri]}
|
|
StorageIp: {get_attr: [StoragePort, ip_address]}
|
|
StorageIpUri: {get_attr: [StoragePort, ip_address_uri]}
|
|
StorageMgmtIp: {get_attr: [StorageMgmtPort, ip_address]}
|
|
StorageMgmtIpUri: {get_attr: [StorageMgmtPort, ip_address_uri]}
|
|
TenantIp: {get_attr: [TenantPort, ip_address]}
|
|
TenantIpUri: {get_attr: [TenantPort, ip_address_uri]}
|
|
ManagementIp: {get_attr: [ManagementPort, ip_address]}
|
|
ManagementIpUri: {get_attr: [ManagementPort, ip_address_uri]}
|
|
|
|
NetworkDeployment:
|
|
type: OS::TripleO::SoftwareDeployment
|
|
properties:
|
|
name: NetworkDeployment
|
|
config: {get_resource: NetworkConfig}
|
|
server: {get_resource: BlockStorage}
|
|
actions: {get_param: NetworkDeploymentActions}
|
|
|
|
BlockStorageDeployment:
|
|
type: OS::Heat::StructuredDeployment
|
|
depends_on: NetworkDeployment
|
|
properties:
|
|
name: BlockStorageDeployment
|
|
server: {get_resource: BlockStorage}
|
|
config: {get_resource: BlockStorageConfig}
|
|
input_values:
|
|
debug: {get_param: Debug}
|
|
cinder_dsn: {list_join: ['', ['mysql+pymysql://cinder:', {get_param: CinderPassword}, '@', {get_param: MysqlVirtualIPUri} , '/cinder']]}
|
|
snmpd_readonly_user_name: {get_param: SnmpdReadonlyUserName}
|
|
snmpd_readonly_user_password: {get_param: SnmpdReadonlyUserPassword}
|
|
cinder_lvm_loop_device_size:
|
|
str_replace:
|
|
template: sizeM
|
|
params:
|
|
size: {get_param: CinderLVMLoopDeviceSize}
|
|
cinder_enable_iscsi_backend: {get_param: CinderEnableIscsiBackend}
|
|
cinder_iscsi_helper: {get_param: CinderISCSIHelper}
|
|
cinder_iscsi_ip_address: {get_attr: [NetIpMap, net_ip_map, {get_param: [ServiceNetMap, CinderIscsiNetwork]}]}
|
|
glance_api_servers: {get_param: [EndpointMap, GlanceInternal, uri]}
|
|
rabbit_username: {get_param: RabbitUserName}
|
|
rabbit_password: {get_param: RabbitPassword}
|
|
rabbit_client_use_ssl: {get_param: RabbitClientUseSSL}
|
|
rabbit_client_port: {get_param: RabbitClientPort}
|
|
ntp_servers: {get_param: NtpServer}
|
|
timezone: {get_param: TimeZone}
|
|
enable_package_install: {get_param: EnablePackageInstall}
|
|
enable_package_upgrade: {get_attr: [UpdateDeployment, update_managed_packages]}
|
|
|
|
# Map heat metadata into hiera datafiles
|
|
BlockStorageConfig:
|
|
type: OS::Heat::StructuredConfig
|
|
properties:
|
|
group: os-apply-config
|
|
config:
|
|
hiera:
|
|
hierarchy:
|
|
- '"%{::uuid}"'
|
|
- heat_config_%{::deploy_config_name}
|
|
- volume_extraconfig
|
|
- extraconfig
|
|
- volume
|
|
- all_nodes # provided by allNodesConfig
|
|
- '"%{::osfamily}"'
|
|
- common
|
|
datafiles:
|
|
common:
|
|
raw_data: {get_file: hieradata/common.yaml}
|
|
volume_extraconfig:
|
|
mapped_data: {get_param: BlockStorageExtraConfig}
|
|
extraconfig:
|
|
mapped_data: {get_param: ExtraConfig}
|
|
volume:
|
|
raw_data: {get_file: hieradata/volume.yaml}
|
|
mapped_data:
|
|
# Cinder
|
|
cinder::debug: {get_input: debug}
|
|
cinder::setup_test_volume::size: {get_input: cinder_lvm_loop_device_size}
|
|
cinder_iscsi_helper: {get_input: cinder_iscsi_helper}
|
|
cinder::database_connection: {get_input: cinder_dsn}
|
|
cinder::rabbit_userid: {get_input: rabbit_username}
|
|
cinder::rabbit_password: {get_input: rabbit_password}
|
|
cinder::rabbit_use_ssl: {get_input: rabbit_client_use_ssl}
|
|
cinder::rabbit_port: {get_input: rabbit_client_port}
|
|
cinder_enable_iscsi_backend: {get_input: cinder_enable_iscsi_backend}
|
|
cinder_iscsi_ip_address: {get_input: cinder_iscsi_ip_address}
|
|
cinder::glance::glance_api_servers: {get_input: glance_api_servers}
|
|
ntp::servers: {get_input: ntp_servers}
|
|
timezone::timezone: {get_input: timezone}
|
|
tripleo::packages::enable_install: {get_input: enable_package_install}
|
|
tripleo::packages::enable_upgrade: {get_input: enable_package_upgrade}
|
|
snmpd_readonly_user_name: {get_input: snmpd_readonly_user_name}
|
|
snmpd_readonly_user_password: {get_input: snmpd_readonly_user_password}
|
|
|
|
# Resource for site-specific injection of root certificate
|
|
NodeTLSCAData:
|
|
depends_on: BlockStorageDeployment
|
|
type: OS::TripleO::NodeTLSCAData
|
|
properties:
|
|
server: {get_resource: BlockStorage}
|
|
|
|
# Hook for site-specific additional pre-deployment config,
|
|
# applying to all nodes, e.g node registration/unregistration
|
|
NodeExtraConfig:
|
|
depends_on: NodeTLSCAData
|
|
type: OS::TripleO::NodeExtraConfig
|
|
properties:
|
|
server: {get_resource: BlockStorage}
|
|
|
|
UpdateConfig:
|
|
type: OS::TripleO::Tasks::PackageUpdate
|
|
|
|
UpdateDeployment:
|
|
type: OS::Heat::SoftwareDeployment
|
|
properties:
|
|
name: UpdateDeployment
|
|
config: {get_resource: UpdateConfig}
|
|
server: {get_resource: BlockStorage}
|
|
input_values:
|
|
update_identifier:
|
|
get_param: UpdateIdentifier
|
|
|
|
outputs:
|
|
hosts_entry:
|
|
value:
|
|
str_replace:
|
|
template: |
|
|
PRIMARYIP PRIMARYHOST.DOMAIN PRIMARYHOST
|
|
EXTERNALIP EXTERNALHOST
|
|
INTERNAL_APIIP INTERNAL_APIHOST
|
|
STORAGEIP STORAGEHOST
|
|
STORAGE_MGMTIP STORAGE_MGMTHOST
|
|
TENANTIP TENANTHOST
|
|
MANAGEMENTIP MANAGEMENTHOST
|
|
params:
|
|
PRIMARYIP: {get_attr: [NetIpMap, net_ip_map, {get_param: [ServiceNetMap, BlockStorageHostnameResolveNetwork]}]}
|
|
DOMAIN: {get_param: CloudDomain}
|
|
PRIMARYHOST: {get_attr: [BlockStorage, name]}
|
|
EXTERNALIP: {get_attr: [ExternalPort, ip_address]}
|
|
EXTERNALHOST:
|
|
list_join:
|
|
- '-'
|
|
- - {get_attr: [BlockStorage, name]}
|
|
- external
|
|
INTERNAL_APIIP: {get_attr: [InternalApiPort, ip_address]}
|
|
INTERNAL_APIHOST:
|
|
list_join:
|
|
- '-'
|
|
- - {get_attr: [BlockStorage, name]}
|
|
- internalapi
|
|
STORAGEIP: {get_attr: [StoragePort, ip_address]}
|
|
STORAGEHOST:
|
|
list_join:
|
|
- '-'
|
|
- - {get_attr: [BlockStorage, name]}
|
|
- storage
|
|
STORAGE_MGMTIP: {get_attr: [StorageMgmtPort, ip_address]}
|
|
STORAGE_MGMTHOST:
|
|
list_join:
|
|
- '-'
|
|
- - {get_attr: [BlockStorage, name]}
|
|
- storagemgmt
|
|
TENANTIP: {get_attr: [TenantPort, ip_address]}
|
|
TENANTHOST:
|
|
list_join:
|
|
- '-'
|
|
- - {get_attr: [BlockStorage, name]}
|
|
- tenant
|
|
MANAGEMENTIP: {get_attr: [ManagementPort, ip_address]}
|
|
MANAGEMENTHOST:
|
|
list_join:
|
|
- '-'
|
|
- - {get_attr: [BlockStorage, name]}
|
|
- management
|
|
nova_server_resource:
|
|
description: Heat resource handle for the block storage server
|
|
value:
|
|
{get_resource: BlockStorage}
|
|
external_ip_address:
|
|
description: IP address of the server in the external network
|
|
value: {get_attr: [ExternalPort, ip_address]}
|
|
internal_api_ip_address:
|
|
description: IP address of the server in the internal_api network
|
|
value: {get_attr: [InternalApiPort, ip_address]}
|
|
storage_ip_address:
|
|
description: IP address of the server in the storage network
|
|
value: {get_attr: [StoragePort, ip_address]}
|
|
storage_mgmt_ip_address:
|
|
description: IP address of the server in the storage_mgmt network
|
|
value: {get_attr: [StorageMgmtPort, ip_address]}
|
|
tenant_ip_address:
|
|
description: IP address of the server in the tenant network
|
|
value: {get_attr: [TenantPort, ip_address]}
|
|
management_ip_address:
|
|
description: IP address of the server in the management network
|
|
value: {get_attr: [ManagementPort, ip_address]}
|
|
config_identifier:
|
|
description: identifier which changes if the node configuration may need re-applying
|
|
value:
|
|
list_join:
|
|
- ''
|
|
- - {get_attr: [BlockStorageDeployment, deploy_stdout]}
|
|
- {get_attr: [NodeTLSCAData, deploy_stdout]}
|
|
- {get_param: UpdateIdentifier}
|