RETIRED, Heat templates for deploying OpenStack

Go to file

Takashi Kajinami a3dd023773 Define frontend firewall rules separately This change ensures that firewall rules for haproxy endpoints are enabled properly even when haproxy and api services are running in different nodes. With this change, firewall rule for ssl endpoints are removed from base firewall rules because these ports are used by haproxy and not used by api services. Also, the adhoc implementation to run firewall configurations first is refactored by the new host_firewall_tasks key. This allows us to implement tasks to configure firewall in the corresponding resource template. Closes-Bug: #1961799 Depends-on: https://review.opendev.org/831547 Change-Id: I07ceab077f9a900f7e2e35af8acd3e7a337ed01a		2022-04-28 04:23:41 +00:00
baremetal-samples	Add sample baremetal_deployment.yaml	2021-07-15 16:52:09 -04:00
ci	Have Ceph log to a file for scenario 001/004	2022-03-17 07:01:53 +00:00
common	Define frontend firewall rules separately	2022-04-28 04:23:41 +00:00
container_config_scripts	Use consistent indent in .sh files	2022-03-09 08:38:02 +09:00
deployed-server	fix typo in readme	2021-07-09 07:30:35 -05:00
deployment	Define frontend firewall rules separately	2022-04-28 04:23:41 +00:00
doc	Add doc/requirements	2021-01-05 09:49:46 +01:00
environments	Merge "Nova: Disable instance usage audit by default"	2022-04-13 18:58:53 +00:00
extraconfig	Fix IPv6 router on UC re-install	2021-12-21 10:46:36 +01:00
firstboot	Merge "Add nvidia firstboot yaml to tripleo-heat-template"	2022-03-24 05:42:20 +00:00
network	Remove support for the novajoin service	2022-03-13 23:34:42 +09:00
network-data-samples	Update network-data v2 samples for ipv6	2021-09-21 17:03:26 +05:30
plan-samples	Fix plan-samples README.rst	2021-03-04 13:42:01 +05:30
puppet	Merge "Remove support for networking-bigswitch"	2022-03-07 13:05:33 +00:00
releasenotes	Merge "Nova: Disable instance usage audit by default"	2022-04-13 18:58:53 +00:00
roles	Add HostnameFormatDefault for Ceph related roles	2022-03-16 15:48:21 +01:00
sample-env-generator	Cleanup usage of StackAction parameter	2022-03-29 09:57:04 +05:30
scripts	Pass OS_CLOUD env when migrating to heat ephemeral.	2022-01-17 16:43:09 +01:00
tools	Define frontend firewall rules separately	2022-04-28 04:23:41 +00:00
tripleo_heat_templates	Update dervice_pci script to handle pci address formats	2022-01-24 13:20:26 +00:00
zuul.d	Move zuul jobs layout to centos9 only for master branch	2022-02-14 11:00:12 +00:00
.ansible-lint	Remove duplicate keys from yaml files	2021-03-29 13:56:31 +00:00
.gitignore	Update .gitignore	2022-03-15 09:29:38 -04:00
.gitreview	OpenDev Migration Patch	2019-04-19 19:34:55 +00:00
.stestr.conf	Switch to stestr	2022-04-08 19:43:56 +05:30
LICENSE	Add license file	2014-01-20 11:58:20 +01:00
README.rst	Merge "README: Remove OVN row"	2022-01-28 07:21:39 +00:00
babel.cfg	Add release configuration.	2013-10-22 17:49:35 +01:00
bindep.txt	Fixed tox executions	2021-03-26 15:37:07 +00:00
config-download-software.yaml	Use 'wallaby' heat_template_version	2021-03-31 17:35:12 +05:30
config-download-structured.yaml	Use 'wallaby' heat_template_version	2021-03-31 17:35:12 +05:30
j2_excludes.yaml	Remove ipv6 specific network templates	2017-08-31 13:12:17 -07:00
network_data.yaml	Add note indicating only Controllers use network VIPs	2021-05-11 15:09:50 -07:00
network_data_dashboard.yaml	Add note indicating only Controllers use network VIPs	2021-05-11 15:09:50 -07:00
network_data_default.yaml	Add network-v2 default files + vip data examples	2021-06-07 13:22:40 +02:00
network_data_ganesha.yaml	Add note indicating only Controllers use network VIPs	2021-05-11 15:09:50 -07:00
network_data_routed.yaml	Add note indicating only Controllers use network VIPs	2021-05-11 15:09:50 -07:00
network_data_subnets_routed.yaml	Add note indicating only Controllers use network VIPs	2021-05-11 15:09:50 -07:00
network_data_undercloud.yaml	Add network data for the undercloud	2019-01-21 19:35:37 +01:00
overcloud-resource-registry-puppet.j2.yaml	Merge "Remove support for the novajoin service"	2022-03-15 00:56:03 +00:00
overcloud.j2.yaml	Define frontend firewall rules separately	2022-04-28 04:23:41 +00:00
requirements.txt	Remove six library	2021-10-06 07:01:42 +00:00
roles_data.yaml	Add HostnameFormatDefault for Ceph related roles	2022-03-16 15:48:21 +01:00
roles_data_undercloud.yaml	Drop services not used for undercloud role	2022-03-08 09:59:30 +00:00
setup.cfg	Add support for py39	2021-03-24 09:40:57 +00:00
setup.py	Disable auto discovery	2022-03-28 15:10:10 +05:30
test-ansible-requirements.txt	Change tests to run on ansible-core 2.11	2021-08-08 09:12:53 +00:00
test-requirements.txt	Switch to stestr	2022-04-08 19:43:56 +05:30
tox.ini	Switch to stestr	2022-04-08 19:43:56 +05:30
vip_data_default.yaml	Add network-v2 default files + vip data examples	2021-06-07 13:22:40 +02:00

README.rst

Team and repository tags

tripleo-heat-templates

Heat templates to deploy OpenStack using OpenStack.

Free software: Apache License (2.0)
Documentation: https://docs.openstack.org/tripleo-docs/latest/
Source: https://opendev.org/openstack/tripleo-heat-templates
Bugs: https://bugs.launchpad.net/tripleo
Release notes: https://docs.openstack.org/releasenotes/tripleo-heat-templates/

Features

The ability to deploy a multi-node, role based OpenStack deployment using OpenStack Heat. Notable features include:

Choice of deployment/configuration tooling: puppet, (soon) docker

Role based deployment: roles for the controller, compute, ceph, swift, and cinder storage

physical network configuration: support for isolated networks, bonding, and standard ctlplane networking

Directories

A description of the directory layout in TripleO Heat Templates.

environments: contains heat environment files that can be used with -e

on the command like to enable features, etc.

extraconfig: templates used to enable 'extra' functionality. Includes

functionality for distro specific registration and upgrades.

firstboot: example first_boot scripts that can be used when initially

creating instances.

network: heat templates to help create isolated networks and ports

puppet: templates mostly driven by configuration with puppet. To use these

templates you can use the overcloud-resource-registry-puppet.yaml.

validation-scripts: validation scripts useful to all deployment

configurations

roles: example roles that can be used with the tripleoclient to generate

a roles_data.yaml for a deployment See the roles/README.rst for additional details.

Service testing matrix

The configuration for the CI scenarios will be defined in tripleo-heat-templates/ci/ and should be executed according to the following table:

-	scn000	scn001	scn002	scn003	scn004	scn006	scn007	scn009	scn010	scn013	non-ha	ovh-ha
keystone	X	X	X	X	X	X	X		X	X	X	X
glance		rbd	swift	file	rgw	file	file		rbd	file	file	file
cinder		rbd	iscsi
heat		X	X
ironic						X
mysql	X	X	X	X	X	X	X		X	X	X	X
neutron		ovn	ovn	ovn	ovn	ovn	ovs		ovn	ovn	ovn	ovn
neutron-bgpvpn					wip
neutron-l2gw					wip
om-rpc		rabbit	rabbit	amqp1	rabbit	rabbit	rabbit		rabbit	rabbit	rabbit	rabbit
om-notify		rabbit	rabbit	rabbit	rabbit	rabbit	rabbit		rabbit	rabbit	rabbit	rabbit
redis		X	X
haproxy		X	X	X	X	X	X		X	X	X	X
memcached		X	X	X	X	X	X		X	X	X	X
pacemaker		X	X	X	X	X	X		X	X	X	X
nova		qemu	qemu	qemu	qemu	ironic	qemu		qemu	qemu	qemu	qemu
placement		X	X	X	X	X	X		X	X	X	X
ntp	X	X	X	X	X	X	X	X	X	X	X	X
snmp	X	X	X	X	X	X	X	X	X	X	X	X
timezone	X	X	X	X	X	X	X	X	X	X	X	X
swift			X
aodh		X	X
ceilometer		X	X
gnocchi		rbd	swift
barbican			X
cephrgw					X
cephmds					X
manila					X
collectd		X
designate				X
octavia									X	X
rear		X
Extra Firewall				X