tripleo-heat-templates/overcloud-resource-registry-puppet.j2.yaml
Pradeep Kilambi 7a5d5a8e1b Add tls roles for undercloud
Co-Authored-By: Juan Antonio Osorio Robles <jaosorior@redhat.com>
Co-Authored-By: Dan Prince <dprince@redhat.com>
Co-Authored-By: Ian Main <imain@redhat.com>

Change-Id: Icca382db28e4ea57f3cbf24e9e794b428b824db5
2018-02-15 00:00:05 +00:00

358 lines
20 KiB
YAML

resource_registry:
OS::TripleO::SoftwareDeployment: OS::Heat::StructuredDeployment
OS::TripleO::PostDeploySteps: common/post.yaml
OS::TripleO::PostUpgradeSteps: common/post-upgrade.yaml
OS::TripleO::AllNodes::SoftwareConfig: puppet/all-nodes-config.yaml
OS::TripleO::AllNodesDeployment: OS::Heat::StructuredDeployments
OS::TripleO::Hosts::SoftwareConfig: hosts-config.yaml
OS::TripleO::Ssh::HostPubKey: extraconfig/tasks/ssh/host_public_key.yaml
OS::TripleO::Ssh::KnownHostsConfig: extraconfig/tasks/ssh/known_hosts_config.yaml
OS::TripleO::DefaultPasswords: default_passwords.yaml
OS::TripleO::RandomString: OS::Heat::RandomString
# Tasks (for internal TripleO usage)
OS::TripleO::Tasks::UpdateWorkflow: OS::Heat::None
OS::TripleO::Tasks::PackageUpdate: extraconfig/tasks/yum_update.yaml
{% for role in roles %}
OS::TripleO::{{role.name}}::PreNetworkConfig: OS::Heat::None
OS::TripleO::{{role.name}}PostDeploySteps: common/post.yaml
OS::TripleO::{{role.name}}: puppet/{{role.name.lower()}}-role.yaml
OS::TripleO::Tasks::{{role.name}}PreConfig: OS::Heat::None
OS::TripleO::Tasks::{{role.name}}PostConfig: OS::Heat::None
OS::TripleO::{{role.name}}ExtraConfigPre: puppet/extraconfig/pre_deploy/default.yaml
# Port assignments for the {{role.name}} role
{%- if role.name != 'ObjectStorage' %}
{%- for network in networks %}
OS::TripleO::{{role.name}}::Ports::{{network.name}}Port: network/ports/noop.yaml
{%- endfor %}
{%- else %}
# Note we have to special-case ObjectStorage for backwards compatibility
{%- for network in networks %}
OS::TripleO::ObjectStorage::Ports::{{network.name}}Port: network/ports/noop.yaml
{%- endfor %}
{%- endif %}
OS::TripleO::{{role.name}}::Net::SoftwareConfig: net-config-noop.yaml
{% endfor %}
# This resource registry entry will override the one generated by default
# in the jinja loop
OS::TripleO::Controller::Net::SoftwareConfig: net-config-bridge.yaml
OS::TripleO::ServiceServerMetadataHook: OS::Heat::None
OS::TripleO::Server: OS::Nova::Server
{% for role in roles %}
OS::TripleO::{{role.name}}Server: OS::TripleO::Server
{% endfor %}
# This creates the "heat-admin" user for all OS images by default
# To disable, replace with firstboot/userdata_default.yaml
OS::TripleO::NodeAdminUserData: firstboot/userdata_heat_admin.yaml
# Hooks for operator extra config
# NodeUserData == Cloud-init additional user-data, e.g cloud-config
# role::NodeUserData == Role specific cloud-init additional user-data
# ControllerExtraConfigPre == Controller configuration pre service deployment
# NodeExtraConfig == All nodes configuration pre service deployment
# NodeExtraConfigPost == All nodes configuration post service deployment
OS::TripleO::NodeUserData: firstboot/userdata_default.yaml
{% for role in roles %}
OS::TripleO::{{role.name}}::NodeUserData: firstboot/userdata_default.yaml
{% endfor %}
OS::TripleO::NodeTLSCAData: OS::Heat::None
OS::TripleO::NodeTLSData: OS::Heat::None
OS::TripleO::NodeExtraConfig: puppet/extraconfig/pre_deploy/default.yaml
OS::TripleO::NodeExtraConfigPost: extraconfig/post_deploy/default.yaml
# "AllNodes" Extra cluster config, runs on all nodes prior to the post_deploy
# phase, e.g when puppet is applied, but after the pre_deploy phase. Useful when
# configuration with knowledge of all nodes in the cluster is required vs single
# node configuration in the pre_deploy step.
# See extraconfig/all_nodes/* for examples
OS::TripleO::AllNodesExtraConfig: OS::Heat::None
# TripleO overcloud networks
OS::TripleO::Network: network/networks.yaml
{%- for network in networks %}
OS::TripleO::Network::{{network.name}}: OS::Heat::None
{%- endfor %}
OS::TripleO::Network::ExtraConfig: OS::Heat::None
OS::TripleO::Network::Ports::NetVipMap: network/ports/net_ip_map.yaml
OS::TripleO::Network::Ports::NetIpMap: network/ports/net_ip_map.yaml
OS::TripleO::Network::Ports::NetIpListMap: network/ports/net_ip_list_map.yaml
# Port assignments for the VIPs
{%- for network in networks if network.vip|default(false) %}
OS::TripleO::Network::Ports::{{network.name}}VipPort: network/ports/noop.yaml
{%- endfor %}
OS::TripleO::Network::Ports::RedisVipPort: network/ports/ctlplane_vip.yaml
OS::TripleO::Network::Ports::ControlPlaneVipPort: OS::Neutron::Port
# Service to network Mappings
OS::TripleO::ServiceNetMap: network/service_net_map.yaml
# Service Endpoint Mappings
OS::TripleO::EndpointMap: network/endpoints/endpoint_map.yaml
# validation resources
OS::TripleO::AllNodes::Validation: all-nodes-validation.yaml
# Upgrade resources
OS::TripleO::UpgradeConfig: puppet/upgrade_config.yaml
OS::TripleO::DeployedServerEnvironment: OS::Heat::None
OS::TripleO::DeploymentSteps: OS::Heat::StructuredDeploymentGroup
# services
OS::TripleO::Services: common/services.yaml
OS::TripleO::Services::Aide: OS::Heat::None
OS::TripleO::Services::Apache: puppet/services/apache.yaml
OS::TripleO::Services::CACerts: puppet/services/ca-certs.yaml
OS::TripleO::Services::CephMds: OS::Heat::None
OS::TripleO::Services::CephMgr: OS::Heat::None
OS::TripleO::Services::CephMon: OS::Heat::None
OS::TripleO::Services::CephRbdMirror: OS::Heat::None
OS::TripleO::Services::CephRgw: OS::Heat::None
OS::TripleO::Services::CephOSD: OS::Heat::None
OS::TripleO::Services::CephClient: OS::Heat::None
OS::TripleO::Services::CephNfs: OS::Heat::None
OS::TripleO::Services::CephExternal: OS::Heat::None
OS::TripleO::Services::CinderApi: puppet/services/cinder-api.yaml
OS::TripleO::Services::CinderBackup: OS::Heat::None
OS::TripleO::Services::CinderScheduler: puppet/services/cinder-scheduler.yaml
OS::TripleO::Services::CinderVolume: puppet/services/cinder-volume.yaml
# undercloud cinder services
OS::TripleO::Services::UndercloudCinderApi: OS::Heat::None
OS::TripleO::Services::UndercloudCinderScheduler: OS::Heat::None
OS::TripleO::Services::UndercloudCinderVolume: OS::Heat::None
OS::TripleO::Services::BlockStorageCinderVolume: puppet/services/cinder-volume.yaml
OS::TripleO::Services::Congress: OS::Heat::None
OS::TripleO::Services::Keystone: puppet/services/keystone.yaml
OS::TripleO::Services::GlanceApi: puppet/services/glance-api.yaml
OS::TripleO::Services::GlanceRegistry: puppet/services/disabled/glance-registry-disabled.yaml
OS::TripleO::Services::HeatApi: puppet/services/heat-api.yaml
OS::TripleO::Services::HeatApiCfn: puppet/services/heat-api-cfn.yaml
OS::TripleO::Services::HeatApiCloudwatch: puppet/services/disabled/heat-api-cloudwatch-disabled.yaml
OS::TripleO::Services::HeatEngine: puppet/services/heat-engine.yaml
OS::TripleO::Services::Kernel: puppet/services/kernel.yaml
OS::TripleO::Services::Kubernetes::Master: extraconfig/services/kubernetes-master.yaml
OS::TripleO::Services::Kubernetes::Worker: extraconfig/services/kubernetes-worker.yaml
OS::TripleO::Services::MySQL: puppet/services/database/mysql.yaml
OS::TripleO::Services::NeutronBgpVpnApi: OS::Heat::None
OS::TripleO::Services::NeutronBgpVpnBagpipe: OS::Heat::None
OS::TripleO::Services::NeutronSfcApi: OS::Heat::None
OS::TripleO::Services::NeutronDhcpAgent: puppet/services/neutron-dhcp.yaml
OS::TripleO::Services::NeutronL2gwApi: OS::Heat::None
OS::TripleO::Services::NeutronL3Agent: puppet/services/neutron-l3.yaml
OS::TripleO::Services::NeutronL2gwAgent: OS::Heat::None
OS::TripleO::Services::NeutronLbaasv2Agent: OS::Heat::None
OS::TripleO::Services::NeutronMetadataAgent: puppet/services/neutron-metadata.yaml
OS::TripleO::Services::OVNMetadataAgent: OS::Heat::None
# FIXME(shardy) the duplicate NeutronServer line can be removed when we've updated
# the multinode job ControllerServices after this patch merges
OS::TripleO::Services::NeutronServer: puppet/services/neutron-api.yaml
OS::TripleO::Services::NeutronApi: puppet/services/neutron-api.yaml
OS::TripleO::Services::NeutronCorePlugin: puppet/services/neutron-plugin-ml2.yaml
# can be the same as NeutronCorePlugin but some vendors install different
# things where VMs run
OS::TripleO::Services::ComputeNeutronCorePlugin: puppet/services/neutron-plugin-ml2.yaml
OS::TripleO::Services::ComputeNeutronCorePluginNuage: puppet/services/neutron-compute-plugin-nuage.yaml
# Neutron Core Plugin Vendors (these typically override NeutronCorePlugin)
OS::TripleO::Services::NeutronCorePluginML2OVN: puppet/services/neutron-plugin-ml2-ovn.yaml
OS::TripleO::Services::NeutronCorePluginPlumgrid: puppet/services/neutron-plugin-plumgrid.yaml
OS::TripleO::Services::NeutronCorePluginNuage: puppet/services/neutron-plugin-nuage.yaml
OS::TripleO::Services::NeutronCorePluginML2Nuage: puppet/services/neutron-plugin-ml2-nuage.yaml
OS::TripleO::Services::NeutronCorePluginNSX: puppet/services/neutron-plugin-nsx.yaml
OS::TripleO::Services::OVNDBs: OS::Heat::None
OS::TripleO::Services::OVNController: OS::Heat::None
OS::TripleO::Services::NeutronCorePluginMidonet: puppet/services/neutron-midonet.yaml
OS::TripleO::Services::NeutronCorePluginVTS: puppet/services/neutron-plugin-ml2-cisco-vts.yaml
OS::TripleO::Services::NeutronOvsAgent: puppet/services/neutron-ovs-agent.yaml
OS::TripleO::Services::NeutronLinuxbridgeAgent: OS::Heat::None
OS::TripleO::Services::ComputeNeutronOvsAgent: puppet/services/neutron-ovs-agent.yaml
OS::TripleO::Services::ComputeNeutronOvsDpdk: OS::Heat::None
OS::TripleO::Services::Pacemaker: OS::Heat::None
OS::TripleO::Services::PacemakerRemote: OS::Heat::None
OS::TripleO::Services::NeutronSriovAgent: OS::Heat::None
OS::TripleO::Services::NeutronSriovHostConfig: OS::Heat::None
OS::TripleO::Services::RabbitMQ: puppet/services/rabbitmq.yaml
OS::TripleO::Services::Qdr: OS::Heat::None
OS::TripleO::Services::HAproxy: puppet/services/haproxy.yaml
OS::TripleO::Services::HAProxyPublicTLS: OS::Heat::None
OS::TripleO::Services::HAProxyInternalTLS: OS::Heat::None
OS::TripleO::Services::Iscsid: puppet/services/iscsid.yaml
OS::TripleO::Services::Keepalived: puppet/services/keepalived.yaml
OS::TripleO::Services::Memcached: puppet/services/memcached.yaml
OS::TripleO::Services::SaharaApi: OS::Heat::None
OS::TripleO::Services::SaharaEngine: OS::Heat::None
OS::TripleO::Services::Tuned: puppet/services/tuned.yaml
OS::TripleO::Services::Securetty: OS::Heat::None
OS::TripleO::Services::Sshd: puppet/services/sshd.yaml
OS::TripleO::Services::Redis: puppet/services/database/redis.yaml
OS::TripleO::Services::NovaConductor: puppet/services/nova-conductor.yaml
OS::TripleO::Services::MongoDb: puppet/services/disabled/mongodb-disabled.yaml
OS::TripleO::Services::NovaApi: puppet/services/nova-api.yaml
OS::TripleO::Services::NovaPlacement: puppet/services/nova-placement.yaml
OS::TripleO::Services::NovaMetadata: puppet/services/nova-metadata.yaml
OS::TripleO::Services::NovaScheduler: puppet/services/nova-scheduler.yaml
OS::TripleO::Services::NovaConsoleauth: puppet/services/nova-consoleauth.yaml
OS::TripleO::Services::NovaVncProxy: puppet/services/nova-vnc-proxy.yaml
OS::TripleO::Services::NovaCompute: puppet/services/nova-compute.yaml
OS::TripleO::Services::NovaLibvirt: puppet/services/nova-libvirt.yaml
OS::TripleO::Services::NovaMigrationTarget: puppet/services/nova-migration-target.yaml
OS::TripleO::Services::Ntp: puppet/services/time/ntp.yaml
OS::TripleO::Services::ContainersLogrotateCrond: OS::Heat::None
OS::TripleO::Services::OpenShift::Master: OS::Heat::None
OS::TripleO::Services::OpenShift::Worker: OS::Heat::None
OS::TripleO::Services::SwiftProxy: puppet/services/swift-proxy.yaml
OS::TripleO::Services::SwiftDispersion: puppet/services/swift-dispersion.yaml
OS::TripleO::Services::ExternalSwiftProxy: OS::Heat::None
OS::TripleO::Services::SwiftStorage: puppet/services/swift-storage.yaml
OS::TripleO::Services::SwiftRingBuilder: puppet/services/swift-ringbuilder.yaml
OS::TripleO::Services::Snmp: puppet/services/snmp.yaml
OS::TripleO::Services::Tacker: OS::Heat::None
OS::TripleO::Services::Timezone: puppet/services/time/timezone.yaml
# Need these in Queens for FFU, Drop them in Rocky
OS::TripleO::Services::CeilometerApi: puppet/services/disabled/ceilometer-api-disabled.yaml
OS::TripleO::Services::CeilometerCollector: puppet/services/disabled/ceilometer-collector-disabled.yaml
OS::TripleO::Services::CeilometerExpirer: puppet/services/disabled/ceilometer-expirer-disabled.yaml
OS::TripleO::Services::CeilometerAgentCentral: puppet/services/ceilometer-agent-central.yaml
OS::TripleO::Services::CeilometerAgentNotification: puppet/services/ceilometer-agent-notification.yaml
OS::TripleO::Services::ComputeCeilometerAgent: puppet/services/ceilometer-agent-compute.yaml
OS::TripleO::Services::CeilometerAgentIpmi: puppet/services/ceilometer-agent-ipmi.yaml
OS::TripleO::Services::Horizon: puppet/services/horizon.yaml
# Undercloud Telemetry services
OS::TripleO::Services::UndercloudCeilometerAgentCentral: OS::Heat::None
OS::TripleO::Services::UndercloudCeilometerAgentNotification: OS::Heat::None
OS::TripleO::Services::UndercloudCeilometerAgentIpmi: OS::Heat::None
#Gnocchi services
OS::TripleO::Services::GnocchiApi: puppet/services/gnocchi-api.yaml
OS::TripleO::Services::GnocchiMetricd: puppet/services/gnocchi-metricd.yaml
OS::TripleO::Services::GnocchiStatsd: puppet/services/gnocchi-statsd.yaml
OS::TripleO::Services::UndercloudGnocchiApi: OS::Heat::None
OS::TripleO::Services::UndercloudGnocchiMetricd: OS::Heat::None
OS::TripleO::Services::UndercloudGnocchiStatsd: OS::Heat::None
# Redis
OS::TripleO::Services::UndercloudRedis: OS::Heat::None
# Undercloud HA services
OS::TripleO::Services::UndercloudHAProxy: OS::Heat::None
OS::TripleO::Services::UndercloudKeepalived: OS::Heat::None
# Services that are disabled by default (use relevant environment files):
OS::TripleO::Services::Fluentd: OS::Heat::None
OS::TripleO::Services::Ipsec: OS::Heat::None
OS::TripleO::Services::Rhsm: OS::Heat::None
OS::TripleO::Services::Collectd: OS::Heat::None
OS::TripleO::LoggingConfiguration: puppet/services/logging/fluentd-config.yaml
OS::TripleO::Services::ManilaApi: OS::Heat::None
OS::TripleO::Services::ManilaScheduler: OS::Heat::None
OS::TripleO::Services::ManilaShare: OS::Heat::None
OS::TripleO::Services::ManilaBackendIsilon: OS::Heat::None
OS::TripleO::Services::ManilaBackendNetapp: OS::Heat::None
OS::TripleO::Services::ManilaBackendUnity: OS::Heat::None
OS::TripleO::Services::ManilaBackendVMAX: OS::Heat::None
OS::TripleO::Services::ManilaBackendCephFs: OS::Heat::None
OS::TripleO::Services::ManilaBackendVNX: OS::Heat::None
OS::TripleO::Services::ComputeNeutronL3Agent: OS::Heat::None
OS::TripleO::Services::ComputeNeutronMetadataAgent: OS::Heat::None
OS::TripleO::Services::BarbicanApi: OS::Heat::None
OS::TripleO::Services::BarbicanBackendSimpleCrypto: OS::Heat::None
OS::TripleO::Services::BarbicanBackendDogtag: OS::Heat::None
OS::TripleO::Services::BarbicanBackendKmip: OS::Heat::None
OS::TripleO::Services::BarbicanBackendPkcs11Crypto: OS::Heat::None
OS::TripleO::Services::AodhApi: puppet/services/aodh-api.yaml
OS::TripleO::Services::AodhEvaluator: puppet/services/aodh-evaluator.yaml
OS::TripleO::Services::AodhNotifier: puppet/services/aodh-notifier.yaml
OS::TripleO::Services::AodhListener: puppet/services/aodh-listener.yaml
OS::TripleO::Services::UndercloudAodhApi: OS::Heat::None
OS::TripleO::Services::UndercloudAodhEvaluator: OS::Heat::None
OS::TripleO::Services::UndercloudAodhNotifier: OS::Heat::None
OS::TripleO::Services::UndercloudAodhListener: OS::Heat::None
OS::TripleO::Services::PankoApi: puppet/services/panko-api.yaml
OS::TripleO::Services::UndercloudPankoApi: OS::Heat::None
OS::TripleO::Services::MistralEngine: OS::Heat::None
OS::TripleO::Services::MistralApi: OS::Heat::None
OS::TripleO::Services::MistralExecutor: OS::Heat::None
OS::TripleO::Services::MistralEventEngine: OS::Heat::None
OS::TripleO::Services::IronicApi: OS::Heat::None
OS::TripleO::Services::IronicConductor: OS::Heat::None
OS::TripleO::Services::IronicInspector: OS::Heat::None
OS::TripleO::Services::IronicPxe: OS::Heat::None
OS::TripleO::Services::NovaIronic: OS::Heat::None
OS::TripleO::Services::TripleoPackages: puppet/services/tripleo-packages.yaml
OS::TripleO::Services::TripleoFirewall: puppet/services/tripleo-firewall.yaml
OS::TripleO::Services::OpenDaylightApi: OS::Heat::None
OS::TripleO::Services::OpenDaylightOvs: OS::Heat::None
OS::TripleO::Services::SensuClient: OS::Heat::None
OS::TripleO::Services::TLSProxyBase: OS::Heat::None
OS::TripleO::Services::Zaqar: OS::Heat::None
OS::TripleO::Services::NeutronML2FujitsuCfab: OS::Heat::None
OS::TripleO::Services::NeutronML2FujitsuFossw: OS::Heat::None
OS::TripleO::Services::CinderBackendDellPs: OS::Heat::None
OS::TripleO::Services::CinderBackendDellSc: OS::Heat::None
OS::TripleO::Services::CinderBackendDellEMCUnity: OS::Heat::None
OS::TripleO::Services::CinderBackendDellEMCVMAXISCSI: OS::Heat::None
OS::TripleO::Services::CinderBackendDellEMCVNX: OS::Heat::None
OS::TripleO::Services::CinderBackendNetApp: OS::Heat::None
OS::TripleO::Services::CinderBackendScaleIO: OS::Heat::None
OS::TripleO::Services::CinderBackendVRTSHyperScale: OS::Heat::None
OS::TripleO::Services::CinderHPELeftHandISCSI: OS::Heat::None
OS::TripleO::Services::Etcd: OS::Heat::None
OS::TripleO::Services::Ec2Api: OS::Heat::None
OS::TripleO::Services::AuditD: OS::Heat::None
OS::TripleO::Services::OctaviaApi: OS::Heat::None
OS::TripleO::Services::OctaviaHealthManager: OS::Heat::None
OS::TripleO::Services::OctaviaHousekeeping: OS::Heat::None
OS::TripleO::Services::OctaviaWorker: OS::Heat::None
OS::TripleO::Services::OctaviaDeploymentConfig: OS::Heat::None
OS::TripleO::Services::MySQLClient: puppet/services/database/mysql-client.yaml
OS::TripleO::Services::Vpp: OS::Heat::None
OS::TripleO::Services::NeutronVppAgent: OS::Heat::None
OS::TripleO::Services::Docker: OS::Heat::None
OS::TripleO::Services::DockerRegistry: OS::Heat::None
OS::TripleO::Services::CertmongerUser: OS::Heat::None
OS::TripleO::Services::Clustercheck: OS::Heat::None
OS::TripleO::Services::RsyslogSidecar: OS::Heat::None
OS::TripleO::Services::VRTSHyperScale: OS::Heat::None
OS::TripleO::Services::SkydiveAgent: OS::Heat::None
OS::TripleO::Services::SkydiveAnalyzer: OS::Heat::None
OS::TripleO::Services::LoginDefs: OS::Heat::None
OS::TripleO::Services::ComputeInstanceHA: OS::Heat::None
OS::TripleO::Services::Ptp: OS::Heat::None
# Logging
OS::TripleO::Services::Logging::BarbicanApi: docker/services/logging/files/barbican-api.yaml
OS::TripleO::Services::Logging::GlanceApi: docker/services/logging/files/glance-api.yaml
OS::TripleO::Services::Logging::HAProxy: docker/services/logging/files/haproxy.yaml
OS::TripleO::Services::Logging::HeatApi: docker/services/logging/files/heat-api.yaml
OS::TripleO::Services::Logging::HeatApiCfn: docker/services/logging/files/heat-api-cfn.yaml
OS::TripleO::Services::Logging::HeatEngine: docker/services/logging/files/heat-engine.yaml
OS::TripleO::Services::Logging::Keystone: docker/services/logging/files/keystone.yaml
OS::TripleO::Services::Logging::NeutronApi: docker/services/logging/files/neutron-api.yaml
OS::TripleO::Services::Logging::NeutronCommon: docker/services/logging/files/neutron-common.yaml
OS::TripleO::Services::Logging::NovaApi: docker/services/logging/files/nova-api.yaml
OS::TripleO::Services::Logging::NovaCommon: docker/services/logging/files/nova-common.yaml
OS::TripleO::Services::Logging::NovaLibvirt: OS::Heat::None
OS::TripleO::Services::Logging::NovaPlacement: docker/services/logging/files/nova-placement.yaml
OS::TripleO::Services::Logging::PankoApi: docker/services/logging/files/panko-api.yaml
parameter_defaults:
EnablePackageInstall: false
SoftwareConfigTransport: POLL_TEMP_URL
{% for role in roles %}
# Parameters generated for {{role.name}} Role
{{role.name}}Services: {{role.ServicesDefault|default([])}}
{% endfor %}