From e5e657f491152255058201072b3198d3a7101525 Mon Sep 17 00:00:00 2001 From: John Ward Date: Wed, 14 Nov 2018 15:44:35 -0600 Subject: [PATCH] Update for network isolation --- playbooks/deploy-osp.yml | 24 +- ...network_data.yaml => network_data.yaml.j2} | 0 .../nic-configs/ceph-storage.yaml.j2 | 192 ++++++++++++ .../13/overcloud/nic-configs/compute.yaml.j2 | 186 ++++++++++++ .../overcloud/nic-configs/controller.yaml.j2 | 197 ++++++++++++ playbooks/osp/13/overcloud/node-info.yaml.j2 | 8 + .../osp/13/overcloud/overcloud-deploy.sh.j2 | 11 +- .../osp/13/overcloud/roles/role_data.yaml.j2 | 283 ++++++++++++++++++ 8 files changed, 897 insertions(+), 4 deletions(-) rename playbooks/osp/13/overcloud/{network_data.yaml => network_data.yaml.j2} (100%) create mode 100644 playbooks/osp/13/overcloud/nic-configs/ceph-storage.yaml.j2 create mode 100644 playbooks/osp/13/overcloud/nic-configs/compute.yaml.j2 create mode 100644 playbooks/osp/13/overcloud/nic-configs/controller.yaml.j2 create mode 100644 playbooks/osp/13/overcloud/roles/role_data.yaml.j2 diff --git a/playbooks/deploy-osp.yml b/playbooks/deploy-osp.yml index a3c14e2..3eecff1 100644 --- a/playbooks/deploy-osp.yml +++ b/playbooks/deploy-osp.yml @@ -72,6 +72,8 @@ - logs - scripts - templates + - templates/nic-configs + - templates/roles - name: Upgrading all packages, 3-4 minutes yum: @@ -175,20 +177,29 @@ group: "stack" mode: "{{ item.mode }}" with_items: + - src: "osp/{{ redhat_osp_version }}/overcloud/roles/role_data.yaml.j2" + dest: "/home/stack/templates/roles/role_data.yaml" + mode: "0644" - src: "osp/{{ redhat_osp_version }}/overcloud/node-info.yaml.j2" dest: "/home/stack/templates/node-info.yaml" mode: "0644" - src: "osp/{{ redhat_osp_version }}/overcloud/ansible-osp-registration.yml.j2" dest: "/home/stack/ansible-osp-registration.yml" mode: "0644" + - src: "osp/{{ redhat_osp_version }}/overcloud/network_data.yaml.j2" + dest: "/home/stack/templates/network_data.yaml" + mode: "0644" + - src: "osp/{{ redhat_osp_version }}/overcloud/environment-rhel-registration.yaml.j2" + dest: "/home/stack/templates/rhel-registration/environment-rhel-registration.yaml" + mode: "0644" - src: "osp/{{ redhat_osp_version }}/overcloud/overcloud-deploy.sh.j2" dest: "/home/stack/scripts/overcloud-deploy.sh" mode: "0744" - src: "osp/{{ redhat_osp_version }}/overcloud/ceph-custom-config.yaml.j2" dest: "/home/stack/templates/ceph-custom-config.yaml" mode: "0644" - - src: "osp/{{ redhat_osp_version }}/overcloud/manila-cephfsnative-config.yaml.j2" - dest: "/home/stack/templates/manila-cephfsnative-config.yaml" + - src: "osp/{{ redhat_osp_version }}/overcloud/manila-{{ manila_backend | default('cephfsnative') }}-config.yaml.j2" + dest: "/home/stack/templates/manila-{{ manila_backend | default('cephfsnative') }}-config.yaml" mode: "0644" - src: "osp/{{ redhat_osp_version }}/overcloud/storage-environment.yaml.j2" dest: "/home/stack/templates/storage-environment.yaml" @@ -196,6 +207,15 @@ - src: "osp/{{ redhat_osp_version }}/overcloud/configure-barbican.yaml.j2" dest: "/home/stack/templates/configure-barbican.yaml" mode: "0644" + - src: "osp/{{ redhat_osp_version }}/overcloud/nic-configs/controller.yaml.j2" + dest: "/home/stack/templates/nic-configs/controller.yaml" + mode: "0644" + - src: "osp/{{ redhat_osp_version }}/overcloud/nic-configs/compute.yaml.j2" + dest: "/home/stack/templates/nic-configs/compute.yaml" + mode: "0644" + - src: "osp/{{ redhat_osp_version }}/overcloud/nic-configs/ceph-storage.yaml.j2" + dest: "/home/stack/templates/nic-configs/ceph-storage.yaml" + mode: "0644" - name: Introspect servers shell: | diff --git a/playbooks/osp/13/overcloud/network_data.yaml b/playbooks/osp/13/overcloud/network_data.yaml.j2 similarity index 100% rename from playbooks/osp/13/overcloud/network_data.yaml rename to playbooks/osp/13/overcloud/network_data.yaml.j2 diff --git a/playbooks/osp/13/overcloud/nic-configs/ceph-storage.yaml.j2 b/playbooks/osp/13/overcloud/nic-configs/ceph-storage.yaml.j2 new file mode 100644 index 0000000..a4e4361 --- /dev/null +++ b/playbooks/osp/13/overcloud/nic-configs/ceph-storage.yaml.j2 @@ -0,0 +1,192 @@ +heat_template_version: queens +description: > + Software Config to drive os-net-config with 2 bonded nics on a bridge with VLANs attached for the compute role. +parameters: + ControlPlaneIp: + default: '' + description: IP address/subnet on the ctlplane network + type: string + ExternalIpSubnet: + default: '' + description: IP address/subnet on the external network + type: string + InternalApiIpSubnet: + default: '' + description: IP address/subnet on the internal_api network + type: string + StorageIpSubnet: + default: '' + description: IP address/subnet on the storage network + type: string + StorageMgmtIpSubnet: + default: '' + description: IP address/subnet on the storage_mgmt network + type: string + TenantIpSubnet: + default: '' + description: IP address/subnet on the tenant network + type: string + ManagementIpSubnet: # Only populated when including environments/network-management.yaml + default: '' + description: IP address/subnet on the management network + type: string + BondInterfaceOvsOptions: + default: '' + description: 'The ovs_options or bonding_options string for the bond + interface. Set things like lacp=active and/or bond_mode=balance-slb + for OVS bonds or like mode=4 for Linux bonds using this option.' + type: string + constraints: + - allowed_pattern: ^((?!balance.tcp).)*$ + description: 'The balance-tcp bond mode is known to cause packet loss and + should not be used in BondInterfaceOvsOptions.' + ExternalNetworkVlanID: + default: 10 + description: Vlan ID for the external network traffic. + type: number + InternalApiNetworkVlanID: + default: 20 + description: Vlan ID for the internal_api network traffic. + type: number + StorageNetworkVlanID: + default: 30 + description: Vlan ID for the storage network traffic. + type: number + StorageMgmtNetworkVlanID: + default: 40 + description: Vlan ID for the storage mgmt network traffic. + type: number + TenantNetworkVlanID: + default: 50 + description: Vlan ID for the tenant network traffic. + type: number + ManagementNetworkVlanID: + default: 60 + description: Vlan ID for the management network traffic. + type: number + ControlPlaneSubnetCidr: # Override this via parameter_defaults + default: '24' + description: The subnet CIDR of the control plane network. + type: string + ControlPlaneDefaultRoute: # Override this via parameter_defaults + description: The default route of the control plane network. + type: string + ExternalInterfaceDefaultRoute: # Not used by default in this template + default: 10.0.0.1 + description: The default route of the external network. + type: string + ManagementInterfaceDefaultRoute: # Commented out by default in this template + default: unset + description: The default route of the management network. + type: string + DnsServers: # Override this via parameter_defaults + default: [] + description: A list of DNS servers (2 max for some implementations) that will be added to resolv.conf. + type: comma_delimited_list +resources: + OsNetConfigImpl: + type: OS::Heat::SoftwareConfig + properties: + group: script + config: + str_replace: + template: + get_file: /usr/share/openstack-tripleo-heat-templates/network/scripts/run-os-net-config.sh + params: + $network_config: + network_config: + - type: interface + name: eth0 + use_dhcp: false + addresses: + - ip_netmask: + list_join: + - / + - - get_param: ControlPlaneIp + - get_param: ControlPlaneSubnetCidr + routes: + - default: true + next_hop: + get_param: ControlPlaneDefaultRoute + - ip_netmask: 169.254.169.254/32 + next_hop: + get_param: ControlPlaneDefaultRoute + dns_servers: + get_param: DnsServers + - type: ovs_bridge + name: bridge_name + members: + - type: linux_bond + name: bond0 + mtu: 9000 + bonding_options: + get_param: BondInterfaceOvsOptions + members: + - type: interface + name: eth1 + mtu: 9000 + - type: interface + name: eth2 + mtu: 9000 + - type: vlan + device: bond0 + mtu: 1500 + vlan_id: + get_param: ManagementNetworkVlanID + use_dhcp: false + addresses: + - ip_netmask: + get_param: ManagementIpSubnet + routes: + - ip_netmask: ManagementNetCidr + next_hop: + get_param: ManagementInterfaceDefaultRoute + - type: vlan + device: bond0 + mtu: 1500 + vlan_id: + get_param: InternalApiNetworkVlanID + use_dhcp: false + addresses: + - ip_netmask: + get_param: InternalApiIpSubnet + - type: vlan + device: bond0 + mtu: 1500 + vlan_id: + get_param: StorageNetworkVlanID + use_dhcp: false + addresses: + - ip_netmask: + get_param: StorageIpSubnet + - type: vlan + device: bond1 + mtu: 1500 + vlan_id: + get_param: StorageMgmtNetworkVlanID + use_dhcp: false + addresses: + - ip_netmask: + get_param: StorageMgmtIpSubnet + - type: ovs_bridge + name: br-storage + members: + - type: linux_bond + name: bond1 + mtu: 9000 + bonding_options: + get_param: BondInterfaceOvsOptions + members: + - type: interface + name: eth3 + mtu: 9000 + - type: interface + name: eth4 + mtu: 9000 + + +outputs: + OS::stack_id: + description: The OsNetConfigImpl resource. + value: + get_resource: OsNetConfigImpl diff --git a/playbooks/osp/13/overcloud/nic-configs/compute.yaml.j2 b/playbooks/osp/13/overcloud/nic-configs/compute.yaml.j2 new file mode 100644 index 0000000..53c020a --- /dev/null +++ b/playbooks/osp/13/overcloud/nic-configs/compute.yaml.j2 @@ -0,0 +1,186 @@ +heat_template_version: queens +description: > + Software Config to drive os-net-config with 2 bonded nics on a bridge with VLANs attached for the compute role. +parameters: + ControlPlaneIp: + default: '' + description: IP address/subnet on the ctlplane network + type: string + ExternalIpSubnet: + default: '' + description: IP address/subnet on the external network + type: string + InternalApiIpSubnet: + default: '' + description: IP address/subnet on the internal_api network + type: string + StorageIpSubnet: + default: '' + description: IP address/subnet on the storage network + type: string + StorageMgmtIpSubnet: + default: '' + description: IP address/subnet on the storage_mgmt network + type: string + TenantIpSubnet: + default: '' + description: IP address/subnet on the tenant network + type: string + ManagementIpSubnet: # Only populated when including environments/network-management.yaml + default: '' + description: IP address/subnet on the management network + type: string + BondInterfaceOvsOptions: + default: '' + description: 'The ovs_options or bonding_options string for the bond + interface. Set things like lacp=active and/or bond_mode=balance-slb + for OVS bonds or like mode=4 for Linux bonds using this option.' + type: string + constraints: + - allowed_pattern: ^((?!balance.tcp).)*$ + description: 'The balance-tcp bond mode is known to cause packet loss and + should not be used in BondInterfaceOvsOptions.' + ExternalNetworkVlanID: + default: 10 + description: Vlan ID for the external network traffic. + type: number + InternalApiNetworkVlanID: + default: 20 + description: Vlan ID for the internal_api network traffic. + type: number + StorageNetworkVlanID: + default: 30 + description: Vlan ID for the storage network traffic. + type: number + StorageMgmtNetworkVlanID: + default: 40 + description: Vlan ID for the storage mgmt network traffic. + type: number + TenantNetworkVlanID: + default: 50 + description: Vlan ID for the tenant network traffic. + type: number + ManagementNetworkVlanID: + default: 60 + description: Vlan ID for the management network traffic. + type: number + ControlPlaneSubnetCidr: # Override this via parameter_defaults + default: '24' + description: The subnet CIDR of the control plane network. + type: string + ControlPlaneDefaultRoute: # Override this via parameter_defaults + description: The default route of the control plane network. + type: string + ExternalInterfaceDefaultRoute: # Not used by default in this template + default: 10.0.0.1 + description: The default route of the external network. + type: string + ManagementInterfaceDefaultRoute: # Commented out by default in this template + default: unset + description: The default route of the management network. + type: string + DnsServers: # Override this via parameter_defaults + default: [] + description: A list of DNS servers (2 max for some implementations) that will be added to resolv.conf. + type: comma_delimited_list +resources: + OsNetConfigImpl: + type: OS::Heat::SoftwareConfig + properties: + group: script + config: + str_replace: + template: + get_file: /usr/share/openstack-tripleo-heat-templates/network/scripts/run-os-net-config.sh + params: + $network_config: + network_config: + - type: interface + name: eth0 + use_dhcp: false + addresses: + - ip_netmask: + list_join: + - / + - - get_param: ControlPlaneIp + - get_param: ControlPlaneSubnetCidr + routes: + - default: true + next_hop: + get_param: ControlPlaneDefaultRoute + - ip_netmask: 169.254.169.254/32 + next_hop: + get_param: ControlPlaneDefaultRoute + dns_servers: + get_param: DnsServers + - type: ovs_bridge + name: bridge_name + members: + - type: linux_bond + name: bond0 + mtu: 9000 + bonding_options: + get_param: BondInterfaceOvsOptions + members: + - type: interface + name: eth1 + mtu: 9000 + - type: interface + name: eth2 + mtu: 9000 + - type: vlan + device: bond0 + mtu: 1500 + vlan_id: + get_param: ManagementNetworkVlanID + use_dhcp: false + addresses: + - ip_netmask: + get_param: ManagementIpSubnet + routes: + - ip_netmask: ManagementNetCidr + next_hop: + get_param: ManagementInterfaceDefaultRoute + - type: vlan + device: bond0 + mtu: 1500 + vlan_id: + get_param: ExternalNetworkVlanID + use_dhcp: false + dns_servers: + get_param: DnsServers + addresses: + - ip_netmask: + get_param: ExternalIpSubnet + - type: vlan + device: bond0 + mtu: 1500 + vlan_id: + get_param: InternalApiNetworkVlanID + use_dhcp: false + addresses: + - ip_netmask: + get_param: InternalApiIpSubnet + - type: vlan + device: bond0 + mtu: 1500 + vlan_id: + get_param: StorageNetworkVlanID + use_dhcp: false + addresses: + - ip_netmask: + get_param: StorageIpSubnet + - type: vlan + device: bond0 + mtu: 9000 + vlan_id: + get_param: TenantNetworkVlanID + use_dhcp: false + addresses: + - ip_netmask: + get_param: TenantIpSubnet +outputs: + OS::stack_id: + description: The OsNetConfigImpl resource. + value: + get_resource: OsNetConfigImpl diff --git a/playbooks/osp/13/overcloud/nic-configs/controller.yaml.j2 b/playbooks/osp/13/overcloud/nic-configs/controller.yaml.j2 new file mode 100644 index 0000000..7c3768c --- /dev/null +++ b/playbooks/osp/13/overcloud/nic-configs/controller.yaml.j2 @@ -0,0 +1,197 @@ +heat_template_version: queens +description: > + Software Config to drive os-net-config with 2 bonded nics on a bridge with VLANs attached for the compute role. +parameters: + ControlPlaneIp: + default: '' + description: IP address/subnet on the ctlplane network + type: string + ExternalIpSubnet: + default: '' + description: IP address/subnet on the external network + type: string + InternalApiIpSubnet: + default: '' + description: IP address/subnet on the internal_api network + type: string + StorageIpSubnet: + default: '' + description: IP address/subnet on the storage network + type: string + StorageMgmtIpSubnet: + default: '' + description: IP address/subnet on the storage_mgmt network + type: string + TenantIpSubnet: + default: '' + description: IP address/subnet on the tenant network + type: string + ManagementIpSubnet: # Only populated when including environments/network-management.yaml + default: '' + description: IP address/subnet on the management network + type: string + BondInterfaceOvsOptions: + default: '' + description: 'The ovs_options or bonding_options string for the bond + interface. Set things like lacp=active and/or bond_mode=balance-slb + for OVS bonds or like mode=4 for Linux bonds using this option.' + type: string + constraints: + - allowed_pattern: ^((?!balance.tcp).)*$ + description: 'The balance-tcp bond mode is known to cause packet loss and + should not be used in BondInterfaceOvsOptions.' + ExternalNetworkVlanID: + default: 10 + description: Vlan ID for the external network traffic. + type: number + InternalApiNetworkVlanID: + default: 20 + description: Vlan ID for the internal_api network traffic. + type: number + StorageNetworkVlanID: + default: 30 + description: Vlan ID for the storage network traffic. + type: number + StorageMgmtNetworkVlanID: + default: 40 + description: Vlan ID for the storage mgmt network traffic. + type: number + TenantNetworkVlanID: + default: 50 + description: Vlan ID for the tenant network traffic. + type: number + ManagementNetworkVlanID: + default: 60 + description: Vlan ID for the management network traffic. + type: number + ControlPlaneSubnetCidr: # Override this via parameter_defaults + default: '24' + description: The subnet CIDR of the control plane network. + type: string + ControlPlaneDefaultRoute: # Override this via parameter_defaults + description: The default route of the control plane network. + type: string + ExternalInterfaceDefaultRoute: # Not used by default in this template + default: 10.0.0.1 + description: The default route of the external network. + type: string + ManagementInterfaceDefaultRoute: # Commented out by default in this template + default: unset + description: The default route of the management network. + type: string + DnsServers: # Override this via parameter_defaults + default: [] + description: A list of DNS servers (2 max for some implementations) that will be added to resolv.conf. + type: comma_delimited_list +resources: + OsNetConfigImpl: + type: OS::Heat::SoftwareConfig + properties: + group: script + config: + str_replace: + template: + get_file: /usr/share/openstack-tripleo-heat-templates/network/scripts/run-os-net-config.sh + params: + $network_config: + network_config: + - type: interface + name: eth0 + use_dhcp: false + addresses: + - ip_netmask: + list_join: + - / + - - get_param: ControlPlaneIp + - get_param: ControlPlaneSubnetCidr + routes: + - default: true + next_hop: + get_param: ControlPlaneDefaultRoute + - ip_netmask: 169.254.169.254/32 + next_hop: + get_param: ControlPlaneDefaultRoute + - type: ovs_bridge + name: bridge_name + members: + - type: linux_bond + name: bond0 + mtu: 9000 + bonding_options: + get_param: BondInterfaceOvsOptions + members: + - type: interface + name: eth1 + mtu: 9000 + - type: interface + name: eth2 + mtu: 9000 + - type: vlan + device: bond0 + mtu: 1500 + vlan_id: + get_param: InternalApiNetworkVlanID + use_dhcp: false + addresses: + - ip_netmask: + get_param: InternalApiIpSubnet + - type: vlan + device: bond0 + mtu: 1500 + vlan_id: + get_param: ManagementNetworkVlanID + use_dhcp: false + addresses: + - ip_netmask: + get_param: ManagementIpSubnet + routes: + - ip_netmask: ManagementNetCidr + next_hop: + get_param: ManagementInterfaceDefaultRoute + - type: vlan + device: bond0 + mtu: 1500 + vlan_id: + get_param: ExternalNetworkVlanID + use_dhcp: false + dns_servers: + get_param: DnsServers + addresses: + - ip_netmask: + get_param: ExternalIpSubnet + routes: + - ip_netmask: 192.168.237.0/24 + next_hop: + get_param: ExternalInterfaceDefaultRoute + - type: vlan + device: bond0 + mtu: 1500 + vlan_id: + get_param: StorageNetworkVlanID + use_dhcp: false + addresses: + - ip_netmask: + get_param: StorageIpSubnet + - type: vlan + device: bond0 + mtu: 1500 + vlan_id: + get_param: StorageMgmtNetworkVlanID + use_dhcp: false + addresses: + - ip_netmask: + get_param: StorageMgmtIpSubnet + - type: vlan + device: bond0 + mtu: 9000 + vlan_id: + get_param: TenantNetworkVlanID + use_dhcp: false + addresses: + - ip_netmask: + get_param: TenantIpSubnet +outputs: + OS::stack_id: + description: The OsNetConfigImpl resource. + value: + get_resource: OsNetConfigImpl diff --git a/playbooks/osp/13/overcloud/node-info.yaml.j2 b/playbooks/osp/13/overcloud/node-info.yaml.j2 index ffba562..e9eaef8 100644 --- a/playbooks/osp/13/overcloud/node-info.yaml.j2 +++ b/playbooks/osp/13/overcloud/node-info.yaml.j2 @@ -1,4 +1,12 @@ +resource_registry: + OS::TripleO::Compute::Net::SoftwareConfig: /home/stack/templates/nic-configs/compute.yaml + OS::TripleO::Controller::Net::SoftwareConfig: /home/stack/templates/nic-configs/controller.yaml +{% if enable_ceph_storage | bool %} + OS::TripleO::CephStorage::Net::SoftwareConfig: /home/stack/templates/nic-configs/ceph-storage.yaml +{% endif %} + parameter_defaults: + ControlPlaneDefaultRoute: 192.168.24.1 OvercloudControllerFlavor: control OvercloudComputeFlavor: compute OvercloudCephStorageFlavor: ceph-storage diff --git a/playbooks/osp/13/overcloud/overcloud-deploy.sh.j2 b/playbooks/osp/13/overcloud/overcloud-deploy.sh.j2 index f5e36b3..21557ec 100644 --- a/playbooks/osp/13/overcloud/overcloud-deploy.sh.j2 +++ b/playbooks/osp/13/overcloud/overcloud-deploy.sh.j2 @@ -6,8 +6,15 @@ set -evx # overcloud deploy script generated by osp-mnaio source /home/stack/stackrc openstack overcloud deploy --templates \ + -n /home/stack/templates/network_data.yaml \ + -r /home/stack/templates/roles/role_data.yaml \ -e /home/stack/templates/node-info.yaml \ -e /home/stack/templates/undercloud_ssl_camap.yaml \ + -e /usr/share/openstack-tripleo-heat-templates/environments/network-isolation.yaml \ +{% if redhat_overcloud_register | bool %} + -e /home/stack/templates/rhel-registration/environment-rhel-registration.yaml \ + -e /home/stack/templates/rhel-registration/rhel-registration-resource-registry.yaml \ +{% endif %} {% if enable_ceph_storage | bool %} -e /usr/share/openstack-tripleo-heat-templates/environments/ceph-ansible/ceph-ansible.yaml \ -e /home/stack/templates/ceph-custom-config.yaml \ @@ -23,9 +30,9 @@ openstack overcloud deploy --templates \ -e /usr/share/openstack-tripleo-heat-templates/environments/services/sahara.yaml \ {% endif %} {% if enable_manila | bool %} - -e /usr/share/openstack-tripleo-heat-templates/environments/manila-cephfsnative-config.yaml \ + -e /usr/share/openstack-tripleo-heat-templates/environments/manila-{{ manila_backend | default('cephfsnative') }}-config.yaml \ -e /usr/share/openstack-tripleo-heat-templates/environments/services/ceph-mds.yaml \ - -e /home/stack/templates/manila-cephfsnative-config.yaml \ + -e /home/stack/templates/manila-{{ manila_backend | default('cephfsnative') }}-config.yaml \ {% endif %} {% if enable_barbican | bool %} -e /usr/share/openstack-tripleo-heat-templates/environments/services/barbican.yaml \ diff --git a/playbooks/osp/13/overcloud/roles/role_data.yaml.j2 b/playbooks/osp/13/overcloud/roles/role_data.yaml.j2 new file mode 100644 index 0000000..7e533eb --- /dev/null +++ b/playbooks/osp/13/overcloud/roles/role_data.yaml.j2 @@ -0,0 +1,283 @@ +- name: Controller + description: | + Controller role that has all the controler services loaded and handles + Database, Messaging and Network functions. + CountDefault: 1 + tags: + - primary + - controller + networks: + - External + - InternalApi + - Storage + - StorageMgmt +{% if enable_manila | bool %} + - StorageNFS +{% endif %} + - Tenant + - Management + # For systems with both IPv4 and IPv6, you may specify a gateway network for + # each, such as ['ControlPlane', 'External'] + default_route_networks: ['ControlPlane'] + HostnameFormatDefault: '%stackname%-controller-%index%' + # Deprecated & backward-compatible values (FIXME: Make parameters consistent) + # Set uses_deprecated_params to True if any deprecated params are used. + uses_deprecated_params: True + deprecated_param_extraconfig: 'controllerExtraConfig' + deprecated_param_flavor: 'OvercloudControlFlavor' + deprecated_param_image: 'controllerImage' + deprecated_nic_config_name: 'controller.yaml' + ServicesDefault: + - OS::TripleO::Services::Aide + - OS::TripleO::Services::AodhApi + - OS::TripleO::Services::AodhEvaluator + - OS::TripleO::Services::AodhListener + - OS::TripleO::Services::AodhNotifier + - OS::TripleO::Services::AuditD + - OS::TripleO::Services::BarbicanApi + - OS::TripleO::Services::BarbicanBackendSimpleCrypto + - OS::TripleO::Services::BarbicanBackendDogtag + - OS::TripleO::Services::BarbicanBackendKmip + - OS::TripleO::Services::BarbicanBackendPkcs11Crypto + - OS::TripleO::Services::CACerts + - OS::TripleO::Services::CeilometerApi + - OS::TripleO::Services::CeilometerCollector + - OS::TripleO::Services::CeilometerExpirer + - OS::TripleO::Services::CeilometerAgentCentral + - OS::TripleO::Services::CeilometerAgentNotification + - OS::TripleO::Services::CephExternal + - OS::TripleO::Services::CephMds + - OS::TripleO::Services::CephMgr + - OS::TripleO::Services::CephMon + - OS::TripleO::Services::CephRbdMirror + - OS::TripleO::Services::CephRgw +{% if enable_manila | bool %} + - OS::TripleO::Services::CephNfs +{% endif %} + - OS::TripleO::Services::CertmongerUser + - OS::TripleO::Services::CinderApi + - OS::TripleO::Services::CinderBackendDellPs + - OS::TripleO::Services::CinderBackendDellSc + - OS::TripleO::Services::CinderBackendDellEMCUnity + - OS::TripleO::Services::CinderBackendDellEMCVMAXISCSI + - OS::TripleO::Services::CinderBackendDellEMCVNX + - OS::TripleO::Services::CinderBackendDellEMCXTREMIOISCSI + - OS::TripleO::Services::CinderBackendNetApp + - OS::TripleO::Services::CinderBackendScaleIO + - OS::TripleO::Services::CinderBackendVRTSHyperScale + - OS::TripleO::Services::CinderBackup + - OS::TripleO::Services::CinderHPELeftHandISCSI + - OS::TripleO::Services::CinderScheduler + - OS::TripleO::Services::CinderVolume + - OS::TripleO::Services::Clustercheck + - OS::TripleO::Services::Collectd + - OS::TripleO::Services::Congress + - OS::TripleO::Services::Docker + - OS::TripleO::Services::Ec2Api + - OS::TripleO::Services::Etcd + - OS::TripleO::Services::ExternalSwiftProxy + - OS::TripleO::Services::Fluentd + - OS::TripleO::Services::GlanceApi + - OS::TripleO::Services::GlanceRegistry + - OS::TripleO::Services::GnocchiApi + - OS::TripleO::Services::GnocchiMetricd + - OS::TripleO::Services::GnocchiStatsd + - OS::TripleO::Services::HAproxy + - OS::TripleO::Services::HeatApi + - OS::TripleO::Services::HeatApiCloudwatch + - OS::TripleO::Services::HeatApiCfn + - OS::TripleO::Services::HeatEngine + - OS::TripleO::Services::Horizon + - OS::TripleO::Services::Ipsec + - OS::TripleO::Services::IronicApi + - OS::TripleO::Services::IronicConductor + - OS::TripleO::Services::IronicPxe + - OS::TripleO::Services::Iscsid + - OS::TripleO::Services::Keepalived + - OS::TripleO::Services::Kernel + - OS::TripleO::Services::Keystone + - OS::TripleO::Services::LoginDefs + - OS::TripleO::Services::ManilaApi + - OS::TripleO::Services::ManilaBackendCephFs + - OS::TripleO::Services::ManilaBackendIsilon + - OS::TripleO::Services::ManilaBackendNetapp + - OS::TripleO::Services::ManilaBackendUnity + - OS::TripleO::Services::ManilaBackendVNX + - OS::TripleO::Services::ManilaBackendVMAX + - OS::TripleO::Services::ManilaScheduler + - OS::TripleO::Services::ManilaShare + - OS::TripleO::Services::Memcached + - OS::TripleO::Services::MistralApi + - OS::TripleO::Services::MistralEngine + - OS::TripleO::Services::MistralExecutor + - OS::TripleO::Services::MistralEventEngine + - OS::TripleO::Services::MongoDb + - OS::TripleO::Services::MySQL + - OS::TripleO::Services::MySQLClient + - OS::TripleO::Services::NeutronApi + - OS::TripleO::Services::NeutronBgpVpnApi + - OS::TripleO::Services::NeutronSfcApi + - OS::TripleO::Services::NeutronCorePlugin + - OS::TripleO::Services::NeutronDhcpAgent + - OS::TripleO::Services::NeutronL2gwAgent + - OS::TripleO::Services::NeutronL2gwApi + - OS::TripleO::Services::NeutronL3Agent + - OS::TripleO::Services::NeutronLbaasv2Agent + - OS::TripleO::Services::NeutronLbaasv2Api + - OS::TripleO::Services::NeutronLinuxbridgeAgent + - OS::TripleO::Services::NeutronMetadataAgent + - OS::TripleO::Services::NeutronML2FujitsuCfab + - OS::TripleO::Services::NeutronML2FujitsuFossw + - OS::TripleO::Services::NeutronOvsAgent + - OS::TripleO::Services::NeutronVppAgent + - OS::TripleO::Services::NovaApi + - OS::TripleO::Services::NovaConductor + - OS::TripleO::Services::NovaConsoleauth + - OS::TripleO::Services::NovaIronic + - OS::TripleO::Services::NovaMetadata + - OS::TripleO::Services::NovaPlacement + - OS::TripleO::Services::NovaScheduler + - OS::TripleO::Services::NovaVncProxy + - OS::TripleO::Services::Ntp + - OS::TripleO::Services::ContainersLogrotateCrond + - OS::TripleO::Services::OctaviaApi + - OS::TripleO::Services::OctaviaDeploymentConfig + - OS::TripleO::Services::OctaviaHealthManager + - OS::TripleO::Services::OctaviaHousekeeping + - OS::TripleO::Services::OctaviaWorker + - OS::TripleO::Services::OpenDaylightApi + - OS::TripleO::Services::OpenDaylightOvs + - OS::TripleO::Services::OVNDBs + - OS::TripleO::Services::OVNController + - OS::TripleO::Services::Pacemaker + - OS::TripleO::Services::PankoApi + - OS::TripleO::Services::RabbitMQ + - OS::TripleO::Services::Redis + - OS::TripleO::Services::Rhsm + - OS::TripleO::Services::RsyslogSidecar + - OS::TripleO::Services::SaharaApi + - OS::TripleO::Services::SaharaEngine + - OS::TripleO::Services::Securetty + - OS::TripleO::Services::SensuClient + - OS::TripleO::Services::SkydiveAgent + - OS::TripleO::Services::SkydiveAnalyzer + - OS::TripleO::Services::Snmp + - OS::TripleO::Services::Sshd + - OS::TripleO::Services::SwiftProxy + - OS::TripleO::Services::SwiftDispersion + - OS::TripleO::Services::SwiftRingBuilder + - OS::TripleO::Services::SwiftStorage + - OS::TripleO::Services::Tacker + - OS::TripleO::Services::Timezone + - OS::TripleO::Services::TripleoFirewall + - OS::TripleO::Services::TripleoPackages + - OS::TripleO::Services::Tuned + - OS::TripleO::Services::Vpp + - OS::TripleO::Services::Zaqar + - OS::TripleO::Services::Ptp +############################################################################### +# Role: Compute # +############################################################################### +- name: Compute + description: | + Basic Compute Node role + CountDefault: 1 + networks: + - InternalApi + - Tenant + - Storage + - Management + HostnameFormatDefault: '%stackname%-compute-%index%' + # Deprecated & backward-compatible values (FIXME: Make parameters consistent) + # Set uses_deprecated_params to True if any deprecated params are used. + uses_deprecated_params: True + deprecated_param_image: 'NovaImage' + deprecated_param_extraconfig: 'NovaComputeExtraConfig' + deprecated_param_metadata: 'NovaComputeServerMetadata' + deprecated_param_scheduler_hints: 'NovaComputeSchedulerHints' + deprecated_param_ips: 'NovaComputeIPs' + deprecated_server_resource_name: 'NovaCompute' + deprecated_nic_config_name: 'compute.yaml' + disable_upgrade_deployment: True + ServicesDefault: + - OS::TripleO::Services::Aide + - OS::TripleO::Services::AuditD + - OS::TripleO::Services::CACerts + - OS::TripleO::Services::CephClient + - OS::TripleO::Services::CephExternal + - OS::TripleO::Services::CertmongerUser + - OS::TripleO::Services::Collectd + - OS::TripleO::Services::ComputeCeilometerAgent + - OS::TripleO::Services::ComputeNeutronCorePlugin + - OS::TripleO::Services::ComputeNeutronL3Agent + - OS::TripleO::Services::ComputeNeutronMetadataAgent + - OS::TripleO::Services::ComputeNeutronOvsAgent + - OS::TripleO::Services::Docker + - OS::TripleO::Services::Fluentd + - OS::TripleO::Services::Ipsec + - OS::TripleO::Services::Iscsid + - OS::TripleO::Services::Kernel + - OS::TripleO::Services::LoginDefs + - OS::TripleO::Services::MySQLClient + - OS::TripleO::Services::NeutronBgpVpnBagpipe + - OS::TripleO::Services::NeutronLinuxbridgeAgent + - OS::TripleO::Services::NeutronVppAgent + - OS::TripleO::Services::NovaCompute + - OS::TripleO::Services::NovaLibvirt + - OS::TripleO::Services::NovaMigrationTarget + - OS::TripleO::Services::Ntp + - OS::TripleO::Services::ContainersLogrotateCrond + - OS::TripleO::Services::OpenDaylightOvs + - OS::TripleO::Services::Rhsm + - OS::TripleO::Services::RsyslogSidecar + - OS::TripleO::Services::Securetty + - OS::TripleO::Services::SensuClient + - OS::TripleO::Services::SkydiveAgent + - OS::TripleO::Services::Snmp + - OS::TripleO::Services::Sshd + - OS::TripleO::Services::Timezone + - OS::TripleO::Services::TripleoFirewall + - OS::TripleO::Services::TripleoPackages + - OS::TripleO::Services::Tuned + - OS::TripleO::Services::Vpp + - OS::TripleO::Services::OVNController + - OS::TripleO::Services::OVNMetadataAgent + - OS::TripleO::Services::Ptp +############################################################################### +# Role: CephStorage # +############################################################################### +- name: CephStorage + description: | + Ceph OSD Storage node role + networks: + - Storage + - StorageMgmt + - Management + uses_deprecated_params: False + deprecated_nic_config_name: 'ceph-storage.yaml' + ServicesDefault: + - OS::TripleO::Services::Aide + - OS::TripleO::Services::AuditD + - OS::TripleO::Services::CACerts + - OS::TripleO::Services::CephOSD + - OS::TripleO::Services::CertmongerUser + - OS::TripleO::Services::Collectd + - OS::TripleO::Services::Docker + - OS::TripleO::Services::Fluentd + - OS::TripleO::Services::Ipsec + - OS::TripleO::Services::Kernel + - OS::TripleO::Services::LoginDefs + - OS::TripleO::Services::MySQLClient + - OS::TripleO::Services::Ntp + - OS::TripleO::Services::ContainersLogrotateCrond + - OS::TripleO::Services::Rhsm + - OS::TripleO::Services::RsyslogSidecar + - OS::TripleO::Services::Securetty + - OS::TripleO::Services::SensuClient + - OS::TripleO::Services::Snmp + - OS::TripleO::Services::Sshd + - OS::TripleO::Services::Timezone + - OS::TripleO::Services::TripleoFirewall + - OS::TripleO::Services::TripleoPackages + - OS::TripleO::Services::Tuned + - OS::TripleO::Services::Ptp