Heat templates for deploying OpenStack
You can not select more than 25 topics Topics must start with a letter or number, can include dashes ('-') and can be up to 35 characters long.
 
 
 
tripleo-heat-templates/puppet/services
Jenkins d01de0e985 Merge "Handle upgrading cinder-volume under pacemaker" 5 years ago
..
database Merge "TLS everywhere: configure mongodb's TLS settings" 5 years ago
disabled ceilometer-expirer: remove the crontab during upgrade 5 years ago
logging Update the template_version alias for all the templates to pike. 5 years ago
metrics Update the template_version alias for all the templates to pike. 5 years ago
monitoring Update the template_version alias for all the templates to pike. 5 years ago
network Update the template_version alias for all the templates to pike. 5 years ago
pacemaker Handle upgrading cinder-volume under pacemaker 5 years ago
releasenotes/notes upgrades: deploy mod_ssl when upgrading apache 6 years ago
time Update the template_version alias for all the templates to pike. 5 years ago
README.rst Update the services README documentation 5 years ago
aodh-api.yaml Update the template_version alias for all the templates to pike. 5 years ago
aodh-base.yaml Add role specific information to the service template 5 years ago
aodh-evaluator.yaml Update the template_version alias for all the templates to pike. 5 years ago
aodh-listener.yaml Update the template_version alias for all the templates to pike. 5 years ago
aodh-notifier.yaml Update the template_version alias for all the templates to pike. 5 years ago
apache.yaml Update the template_version alias for all the templates to pike. 5 years ago
auditd.yaml Update the template_version alias for all the templates to pike. 5 years ago
barbican-api.yaml Add role specific information to the service template 5 years ago
ca-certs.yaml Update the template_version alias for all the templates to pike. 5 years ago
ceilometer-agent-central.yaml Update the template_version alias for all the templates to pike. 5 years ago
ceilometer-agent-compute.yaml Update the template_version alias for all the templates to pike. 5 years ago
ceilometer-agent-ipmi.yaml Update the template_version alias for all the templates to pike. 5 years ago
ceilometer-agent-notification.yaml Update the template_version alias for all the templates to pike. 5 years ago
ceilometer-api.yaml Update the template_version alias for all the templates to pike. 5 years ago
ceilometer-base.yaml Update the template_version alias for all the templates to pike. 5 years ago
ceilometer-collector.yaml Add role specific information to the service template 5 years ago
ceilometer-expirer.yaml Update the template_version alias for all the templates to pike. 5 years ago
ceph-base.yaml Merge "Remove osd_pool_default_min_size to allow Ceph cluster to do the right thing by default" 5 years ago
ceph-client.yaml Update the template_version alias for all the templates to pike. 5 years ago
ceph-external.yaml Update the template_version alias for all the templates to pike. 5 years ago
ceph-mds.yaml Update the template_version alias for all the templates to pike. 5 years ago
ceph-mon.yaml Merge "Remove osd_pool_default_min_size to allow Ceph cluster to do the right thing by default" 5 years ago
ceph-osd.yaml Update the template_version alias for all the templates to pike. 5 years ago
ceph-rgw.yaml Update the template_version alias for all the templates to pike. 5 years ago
certmonger-user.yaml Update the template_version alias for all the templates to pike. 5 years ago
cinder-api.yaml Update the template_version alias for all the templates to pike. 5 years ago
cinder-backend-dellps.yaml Update the template_version alias for all the templates to pike. 5 years ago
cinder-backend-dellsc.yaml Merge "Dell SC: Add secondary DSM support" 5 years ago
cinder-backend-netapp.yaml Update the template_version alias for all the templates to pike. 5 years ago
cinder-backend-pure.yaml Update the template_version alias for all the templates to pike. 5 years ago
cinder-backend-scaleio.yaml Update the template_version alias for all the templates to pike. 5 years ago
cinder-backup.yaml Update the template_version alias for all the templates to pike. 5 years ago
cinder-base.yaml Add role specific information to the service template 5 years ago
cinder-hpelefthand-iscsi.yaml Update the template_version alias for all the templates to pike. 5 years ago
cinder-scheduler.yaml Update the template_version alias for all the templates to pike. 5 years ago
cinder-volume.yaml Update the template_version alias for all the templates to pike. 5 years ago
congress.yaml Add role specific information to the service template 5 years ago
docker.yaml Update the template_version alias for all the templates to pike. 5 years ago
ec2-api.yaml Add role specific information to the service template 5 years ago
etcd.yaml Update the template_version alias for all the templates to pike. 5 years ago
external-swift-proxy.yaml Update the template_version alias for all the templates to pike. 5 years ago
glance-api.yaml Add role specific information to the service template 5 years ago
gnocchi-api.yaml Update the template_version alias for all the templates to pike. 5 years ago
gnocchi-base.yaml Add role specific information to the service template 5 years ago
gnocchi-metricd.yaml Update the template_version alias for all the templates to pike. 5 years ago
gnocchi-statsd.yaml Update the template_version alias for all the templates to pike. 5 years ago
haproxy-internal-tls-certmonger.yaml Update the template_version alias for all the templates to pike. 5 years ago
haproxy-public-tls-certmonger.yaml Update the template_version alias for all the templates to pike. 5 years ago
haproxy.yaml Add role specific information to the service template 5 years ago
heat-api-cfn.yaml Update the template_version alias for all the templates to pike. 5 years ago
heat-api-cloudwatch.yaml Update the template_version alias for all the templates to pike. 5 years ago
heat-api.yaml Update the template_version alias for all the templates to pike. 5 years ago
heat-base.yaml Update the template_version alias for all the templates to pike. 5 years ago
heat-engine.yaml Add role specific information to the service template 5 years ago
horizon.yaml Merge "Open ports 443 and 80 on haproxy's firewall when horizon is standalone" 5 years ago
ironic-api.yaml Update the template_version alias for all the templates to pike. 5 years ago
ironic-base.yaml Add role specific information to the service template 5 years ago
ironic-conductor.yaml Merge "Support Redfish hardware in the overcloud Ironic" 5 years ago
keepalived.yaml Update the template_version alias for all the templates to pike. 5 years ago
kernel.yaml Enable arp_accept for all interfaces 5 years ago
keystone.yaml Add role specific information to the service template 5 years ago
manila-api.yaml Update the template_version alias for all the templates to pike. 5 years ago
manila-backend-cephfs.yaml Update the template_version alias for all the templates to pike. 5 years ago
manila-backend-generic.yaml Update the template_version alias for all the templates to pike. 5 years ago
manila-backend-netapp.yaml Update the template_version alias for all the templates to pike. 5 years ago
manila-base.yaml Add role specific information to the service template 5 years ago
manila-scheduler.yaml Update the template_version alias for all the templates to pike. 5 years ago
manila-share.yaml Update the template_version alias for all the templates to pike. 5 years ago
memcached.yaml Update the template_version alias for all the templates to pike. 5 years ago
mistral-api.yaml Merge "Enable mistral to run under mod_wsgi" 5 years ago
mistral-base.yaml Add role specific information to the service template 5 years ago
mistral-engine.yaml Update the template_version alias for all the templates to pike. 5 years ago
mistral-executor.yaml Update the template_version alias for all the templates to pike. 5 years ago
neutron-api.yaml neutron: set enable_dvr = False if NeutronEnableDVR is false 5 years ago
neutron-base.yaml Update the template_version alias for all the templates to pike. 5 years ago
neutron-bgpvpn-api.yaml Update the template_version alias for all the templates to pike. 5 years ago
neutron-bigswitch-agent.yaml Update the template_version alias for all the templates to pike. 5 years ago
neutron-compute-plugin-midonet.yaml Update the template_version alias for all the templates to pike. 5 years ago
neutron-compute-plugin-nuage.yaml Update the template_version alias for all the templates to pike. 5 years ago
neutron-compute-plugin-ovn.yaml Update the template_version alias for all the templates to pike. 5 years ago
neutron-compute-plugin-plumgrid.yaml Update the template_version alias for all the templates to pike. 5 years ago
neutron-dhcp.yaml Update the template_version alias for all the templates to pike. 5 years ago
neutron-l2gw-agent.yaml Add l2gw neutron agent support 5 years ago
neutron-l2gw-api.yaml Update the template_version alias for all the templates to pike. 5 years ago
neutron-l3-compute-dvr.yaml Update the template_version alias for all the templates to pike. 5 years ago
neutron-l3.yaml Update the template_version alias for all the templates to pike. 5 years ago
neutron-metadata.yaml Update the template_version alias for all the templates to pike. 5 years ago
neutron-midonet.yaml Update the template_version alias for all the templates to pike. 5 years ago
neutron-ovs-agent.yaml Update the template_version alias for all the templates to pike. 5 years ago
neutron-ovs-dpdk-agent.yaml Merge "Role Specific paramaeter support for neutron-ovs-dpdk-agent service" 5 years ago
neutron-plugin-ml2-fujitsu-cfab.yaml Update the template_version alias for all the templates to pike. 5 years ago
neutron-plugin-ml2-fujitsu-fossw.yaml Update the template_version alias for all the templates to pike. 5 years ago
neutron-plugin-ml2-odl.yaml Update the template_version alias for all the templates to pike. 5 years ago
neutron-plugin-ml2-ovn.yaml Update the template_version alias for all the templates to pike. 5 years ago
neutron-plugin-ml2.yaml Update the template_version alias for all the templates to pike. 5 years ago
neutron-plugin-nsx.yaml Update the template_version alias for all the templates to pike. 5 years ago
neutron-plugin-nuage.yaml Update the template_version alias for all the templates to pike. 5 years ago
neutron-plugin-plumgrid.yaml Add role specific information to the service template 5 years ago
neutron-sriov-agent.yaml Update the template_version alias for all the templates to pike. 5 years ago
neutron-vpp-agent.yaml Update the template_version alias for all the templates to pike. 5 years ago
nova-api.yaml Update the template_version alias for all the templates to pike. 5 years ago
nova-base.yaml Add role specific information to the service template 5 years ago
nova-compute.yaml Increase default for NovaReservedHostMemory to 4096 5 years ago
nova-conductor.yaml Update the template_version alias for all the templates to pike. 5 years ago
nova-consoleauth.yaml Update the template_version alias for all the templates to pike. 5 years ago
nova-ironic.yaml Update the template_version alias for all the templates to pike. 5 years ago
nova-libvirt.yaml Update the template_version alias for all the templates to pike. 5 years ago
nova-metadata.yaml Update the template_version alias for all the templates to pike. 5 years ago
nova-placement.yaml Update the template_version alias for all the templates to pike. 5 years ago
nova-scheduler.yaml Update the template_version alias for all the templates to pike. 5 years ago
nova-vnc-proxy.yaml Update the template_version alias for all the templates to pike. 5 years ago
octavia-api.yaml Add role specific information to the service template 5 years ago
octavia-base.yaml Update the template_version alias for all the templates to pike. 5 years ago
octavia-health-manager.yaml Update the template_version alias for all the templates to pike. 5 years ago
octavia-housekeeping.yaml Update the template_version alias for all the templates to pike. 5 years ago
octavia-worker.yaml Update the template_version alias for all the templates to pike. 5 years ago
opendaylight-api.yaml Update the template_version alias for all the templates to pike. 5 years ago
opendaylight-ovs.yaml Update the template_version alias for all the templates to pike. 5 years ago
openvswitch-upgrade.yaml Update the template_version alias for all the templates to pike. 5 years ago
ovn-dbs.yaml Update the template_version alias for all the templates to pike. 5 years ago
pacemaker.yaml Update the template_version alias for all the templates to pike. 5 years ago
pacemaker_remote.yaml Update the template_version alias for all the templates to pike. 5 years ago
panko-api.yaml Update the template_version alias for all the templates to pike. 5 years ago
panko-base.yaml Add role specific information to the service template 5 years ago
qdr.yaml Update the template_version alias for all the templates to pike. 5 years ago
rabbitmq.yaml Update the template_version alias for all the templates to pike. 5 years ago
sahara-api.yaml Update the template_version alias for all the templates to pike. 5 years ago
sahara-base.yaml Add role specific information to the service template 5 years ago
sahara-engine.yaml Update the template_version alias for all the templates to pike. 5 years ago
securetty.yaml Update the template_version alias for all the templates to pike. 5 years ago
services.yaml Update the template_version alias for all the templates to pike. 5 years ago
snmp.yaml Update the template_version alias for all the templates to pike. 5 years ago
sshd.yaml Update the template_version alias for all the templates to pike. 5 years ago
swift-base.yaml Update the template_version alias for all the templates to pike. 5 years ago
swift-proxy.yaml Add ignore_projects to filter gnocchi events 5 years ago
swift-ringbuilder.yaml Update the template_version alias for all the templates to pike. 5 years ago
swift-storage.yaml Update the template_version alias for all the templates to pike. 5 years ago
tacker.yaml Add role specific information to the service template 5 years ago
tripleo-firewall.yaml Update the template_version alias for all the templates to pike. 5 years ago
tripleo-packages.yaml Update the template_version alias for all the templates to pike. 5 years ago
vpp.yaml Update the template_version alias for all the templates to pike. 5 years ago
zaqar.yaml Update the template_version alias for all the templates to pike. 5 years ago

README.rst

services

A TripleO nested stack Heat template that encapsulates generic configuration data to configure a specific service. This generally includes everything needed to configure the service excluding the local bind ports which are still managed in the per-node role templates directly (controller.yaml, compute.yaml, etc.). All other (global) service settings go into the puppet/service templates.

Input Parameters

Each service may define its own input parameters and defaults. Operators will use the parameter_defaults section of any Heat environment to set per service parameters.

Apart from sevice specific inputs, there are few default parameters for all the services. Following are the list of default parameters:

  • ServiceNetMap: Mapping of service_name -> network name. Default mappings for service to network names are defined in ../network/service_net_map.j2.yaml, which may be overridden via ServiceNetMap values added to a user environment file via parameter_defaults.

  • EndpointMap: Mapping of service endpoint -> protocol. Contains a mapping of endpoint data generated for all services, based on the data included in ../network/endpoints/endpoint_data.yaml.

  • DefaultPasswords: Mapping of service -> default password. Used to pass some passwords from the parent templates, this is a legacy interface and should not be used by new services.

  • RoleName: Name of the role on which this service is deployed. A service can be deployed in multiple roles. This is an internal parameter (should not be set via environment file), which is fetched from the name attribute of the roles_data.yaml template.

  • RoleParameters: Parameter specific to a role on which the service is applied. Using the format "<RoleName>Parameters" in the parameter_defaults of user environment file, parameters can be provided for a specific role. For example, in order to provide a parameter specific to "Compute" role, below is the format:

    parameter_defaults:
      ComputeParameters:
        Param1: value

Config Settings

Each service may define three ways in which to output variables to configure Hiera settings on the nodes.

  • config_settings: the hiera keys will be pushed on all roles of which the service is a part of.
  • global_config_settings: the hiera keys will be distributed to all roles
  • service_config_settings: Takes an extra key to wire in values that are defined for a service that need to be consumed by some other service. For example: service_config_settings: haproxy: foo: bar This will set the hiera key 'foo' on all roles where haproxy is included.

Deployment Steps

Each service may define an output variable which returns a puppet manifest snippet that will run at each of the following steps. Earlier manifests are re-asserted when applying latter ones.

  • config_settings: Custom hiera settings for this service.

  • global_config_settings: Additional hiera settings distributed to all roles.

  • step_config: A puppet manifest that is used to step through the deployment sequence. Each sequence is given a "step" (via hiera('step') that provides information for when puppet classes should activate themselves.

    Steps correlate to the following:

    1. Load Balancer configuration
    2. Core Services (Database/Rabbit/NTP/etc.)
    3. Early Openstack Service setup (Ringbuilder, etc.)
    4. General OpenStack Services
    5. Service activation (Pacemaker)

Batch Upgrade Steps

Each service template may optionally define a upgrade_batch_tasks key, which is a list of ansible tasks to be performed during the upgrade process.

Similar to the step_config, we allow a series of steps for the per-service upgrade sequence, defined as ansible tasks with a tag e.g "step1" for the first step, "step2" for the second, etc (currently only two steps are supported, but more may be added when required as additional services get converted to batched upgrades).

Note that each step is performed in batches, then we move on to the next step which is also performed in batches (we don't perform all steps on one node, then move on to the next one which means you can sequence rolling upgrades of dependent services via the step value).

The tasks performed at each step is service specific, but note that all batch upgrade steps are performed before the upgrade_tasks described below. This means that all services that support rolling upgrades can be upgraded without downtime during upgrade_batch_tasks, then any remaining services are stopped and upgraded during upgrade_tasks

The default batch size is 1, but this can be overridden for each role via the upgrade_batch_size option in roles_data.yaml

Upgrade Steps

Each service template may optionally define a upgrade_tasks key, which is a list of ansible tasks to be performed during the upgrade process.

Similar to the step_config, we allow a series of steps for the per-service upgrade sequence, defined as ansible tasks with a tag e.g "step1" for the first step, "step2" for the second, etc.

Steps/tages correlate to the following:

  1. Stop all control-plane services.

  2. Quiesce the control-plane, e.g disable LoadBalancer, stop pacemaker cluster: this will stop the following resource:

    • ocata:
      • galera
      • rabbit
      • redis
      • haproxy
      • vips
      • cinder-volumes
      • cinder-backup
      • manilla-share
      • rbd-mirror

    The exact order is controlled by the cluster constraints.

  3. Perform a package update and install new packages: A general upgrade is done, and only new package should go into service ansible tasks.

  4. Start services needed for migration tasks (e.g DB)

  5. Perform any migration tasks, e.g DB sync commands

Note that the services are not started in the upgrade tasks - we instead re-run puppet which does any reconfiguration required for the new version, then starts the services.

Nova Server Metadata Settings

One can use the hook of type OS::TripleO::ServiceServerMetadataHook to pass entries to the nova instances' metadata. It is, however, disabled by default. In order to overwrite it one needs to define it in the resource registry. An implementation of this hook needs to conform to the following:

  • It needs to define an input called RoleData of json type. This gets as input the contents of the role_data for each role's ServiceChain.
  • This needs to define an output called metadata which will be given to the Nova Server resource as the instance's metadata.