Merge "flatten database service Redis"

This commit is contained in:
Zuul 2019-03-05 02:25:08 +00:00 committed by Gerrit Code Review
commit 47f04b1e67
18 changed files with 84 additions and 221 deletions

View File

@ -14,7 +14,7 @@ resource_registry:
OS::TripleO::Services::Pacemaker: ../../puppet/services/pacemaker.yaml
OS::TripleO::Services::PacemakerRemote: ../../puppet/services/pacemaker_remote.yaml
OS::TripleO::Services::Clustercheck: ../../docker/services/pacemaker/clustercheck.yaml
OS::TripleO::Services::Redis: ../../docker/services/pacemaker/database/redis.yaml
OS::TripleO::Services::Redis: ../../deployment/database/redis-pacemaker-puppet.yaml
OS::TripleO::Services::MySQL: ../../deployment/database/mysql-pacemaker-puppet.yaml
OS::TripleO::Services::CinderBackup: ../../deployment/cinder/cinder-backup-pacemaker-puppet.yaml
OS::TripleO::Services::CinderVolume: ../../deployment/cinder/cinder-volume-pacemaker-puppet.yaml

View File

@ -22,7 +22,7 @@ resource_registry:
OS::TripleO::Services::MetricsQdr: ../../deployment/metrics/qdr-container-puppet.yaml
OS::TripleO::Services::OsloMessagingRpc: ../../deployment/rabbitmq/rabbitmq-messaging-rpc-container-puppet.yaml
OS::TripleO::Services::OsloMessagingNotify: ../../deployment/rabbitmq/rabbitmq-messaging-notify-shared-puppet.yaml
OS::TripleO::Services::Redis: ../../docker/services/database/redis.yaml
OS::TripleO::Services::Redis: ../../deployment/database/redis-container-puppet.yaml
OS::TripleO::Services::CinderBackup: ../../deployment/cinder/cinder-backup-container-puppet.yaml
OS::TripleO::Services::CinderVolume: ../../deployment/cinder/cinder-volume-container-puppet.yaml
#Needs to run scenario001

View File

@ -7,7 +7,7 @@ resource_registry:
OS::TripleO::Services::PankoApi: ../../deployment/deprecated/panko/panko-api-container-puppet.yaml
OS::TripleO::Services::OsloMessagingRpc: ../../deployment/rabbitmq/rabbitmq-messaging-rpc-pacemaker-puppet.yaml
OS::TripleO::Services::OsloMessagingNotify: ../../deployment/rabbitmq/rabbitmq-messaging-notify-shared-puppet.yaml
OS::TripleO::Services::Redis: ../../docker/services/pacemaker/database/redis.yaml
OS::TripleO::Services::Redis: ../../deployment/database/redis-pacemaker-puppet.yaml
OS::TripleO::Services::HAproxy: ../../deployment/haproxy/haproxy-pacemaker-puppet.yaml
OS::TripleO::Services::Pacemaker: ../../puppet/services/pacemaker.yaml
OS::TripleO::Services::PacemakerRemote: ../../puppet/services/pacemaker_remote.yaml

View File

@ -19,7 +19,7 @@ resource_registry:
OS::TripleO::Services::PankoApi: ../../deployment/deprecated/panko/panko-api-container-puppet.yaml
OS::TripleO::Services::OsloMessagingRpc: ../../deployment/rabbitmq/rabbitmq-messaging-rpc-container-puppet.yaml
OS::TripleO::Services::OsloMessagingNotify: ../../deployment/rabbitmq/rabbitmq-messaging-notify-shared-puppet.yaml
OS::TripleO::Services::Redis: ../../docker/services/database/redis.yaml
OS::TripleO::Services::Redis: ../../deployment/database/redis-container-puppet.yaml
OS::TripleO::Services::CinderBackup: ../../deployment/cinder/cinder-backup-container-puppet.yaml
OS::TripleO::Services::CinderVolume: ../../deployment/cinder/cinder-volume-container-puppet.yaml
OS::TripleO::Services::BarbicanBackendSimpleCrypto: ../../deployment/barbican/barbican-backend-simple-crypto-puppet.yaml

View File

@ -27,7 +27,7 @@ resource_registry:
OS::TripleO::Services::Pacemaker: ../../puppet/services/pacemaker.yaml
OS::TripleO::Services::PacemakerRemote: ../../puppet/services/pacemaker_remote.yaml
OS::TripleO::Services::Clustercheck: ../../docker/services/pacemaker/clustercheck.yaml
OS::TripleO::Services::Redis: ../../docker/services/pacemaker/database/redis.yaml
OS::TripleO::Services::Redis: ../../deployment/database/redis-pacemaker-puppet.yaml
OS::TripleO::Services::MySQL: ../../deployment/database/mysql-pacemaker-puppet.yaml
OS::TripleO::Services::Keepalived: OS::Heat::None
# Some infra instances don't pass the ping test but are otherwise working.

View File

@ -47,10 +47,10 @@ conditions:
resources:
ContainersCommon:
type: ../containers-common.yaml
type: ../../docker/services/containers-common.yaml
RedisBase:
type: ../../../puppet/services/database/redis.yaml
type: ./redis-base-puppet.yaml
properties:
EndpointMap: {get_param: EndpointMap}
ServiceData: {get_param: ServiceData}
@ -61,13 +61,49 @@ outputs:
role_data:
description: Role data for the Redis API role.
value:
service_name: {get_attr: [RedisBase, role_data, service_name]}
service_name: redis
config_settings:
map_merge:
- {get_attr: [RedisBase, role_data, config_settings]}
- redis::daemonize: false
tripleo::stunnel::manage_service: false
tripleo::stunnel::foreground: 'yes'
- tripleo::redis::firewall_rules:
'108 redis':
dport:
- 6379
- 26379
tripleo::profile::base::database::redis::tls_proxy_bind_ip:
str_replace:
template:
"%{hiera('$NETWORK')}"
params:
$NETWORK: {get_param: [ServiceNetMap, RedisNetwork]}
tripleo::profile::base::database::redis::tls_proxy_fqdn:
str_replace:
template:
"%{hiera('fqdn_$NETWORK')}"
params:
$NETWORK: {get_param: [ServiceNetMap, RedisNetwork]}
tripleo::profile::base::database::redis::tls_proxy_port: 6379
- if:
- internal_tls_enabled
- tripleo::redis::service_certificate: '/etc/pki/tls/certs/redis.crt'
redis_certificate_specs:
service_certificate: '/etc/pki/tls/certs/redis.crt'
service_key: '/etc/pki/tls/private/redis.key'
hostname:
str_replace:
template: "%{hiera('cloud_name_NETWORK')}"
params:
NETWORK: {get_param: [ServiceNetMap, RedisNetwork]}
principal:
str_replace:
template: "redis/%{hiera('cloud_name_NETWORK')}"
params:
NETWORK: {get_param: [ServiceNetMap, RedisNetwork]}
postsave_cmd: "/usr/bin/certmonger-redis-refresh.sh"
- {}
service_config_settings: {get_attr: [RedisBase, role_data, service_config_settings]}
# BEGIN DOCKER SETTINGS
puppet_config:
@ -77,7 +113,10 @@ outputs:
# https://github.com/arioch/puppet-redis/commit/1c004143223e660cbd433422ff8194508aab9763
puppet_tags: 'exec'
step_config:
get_attr: [RedisBase, role_data, step_config]
list_join:
- "\n"
- - include ::tripleo::profile::base::database::redis
- {get_attr: [RedisBase, role_data, step_config]}
config_image: {get_param: DockerRedisConfigImage}
kolla_config:
/var/lib/kolla/config_files/redis.json:
@ -155,6 +194,13 @@ outputs:
- {}
metadata_settings:
get_attr: [RedisBase, role_data, metadata_settings]
if:
- internal_tls_enabled
-
- service: redis
network: {get_param: [ServiceNetMap, RabbitmqNetwork]}
type: vip
- null
host_prep_tasks:
- name: create persistent directories
file:

View File

@ -73,10 +73,10 @@ conditions:
resources:
ContainersCommon:
type: ../../containers-common.yaml
type: ../../docker/services/containers-common.yaml
RedisBase:
type: ../../../../puppet/services/database/redis.yaml
type: ./redis-container-puppet.yaml
properties:
EndpointMap: {get_param: EndpointMap}
ServiceData: {get_param: ServiceData}
@ -89,7 +89,7 @@ outputs:
role_data:
description: Role data for the Redis API role.
value:
service_name: {get_attr: [RedisBase, role_data, service_name]}
service_name: redis
config_settings:
map_merge:
- {get_attr: [RedisBase, role_data, config_settings]}
@ -126,6 +126,19 @@ outputs:
params:
$NETWORK: {get_param: [ServiceNetMap, RedisNetwork]}
tripleo::profile::pacemaker::database::redis_bundle::tls_proxy_port: 6379
tripleo::profile::pacemaker::database::redis::tls_proxy_bind_ip:
str_replace:
template:
"%{hiera('$NETWORK')}"
params:
$NETWORK: {get_param: [ServiceNetMap, RedisNetwork]}
tripleo::profile::pacemaker::database::redis::tls_proxy_fqdn:
str_replace:
template:
"%{hiera('fqdn_$NETWORK')}"
params:
$NETWORK: {get_param: [ServiceNetMap, RedisNetwork]}
tripleo::profile::pacemaker::database::redis::tls_proxy_port: 6379
- if:
- internal_tls_enabled
- redis::extra_config_file: "/etc/redis-tls.conf"
@ -145,7 +158,8 @@ outputs:
# /etc/redis.conf
# https://github.com/arioch/puppet-redis/commit/1c004143223e660cbd433422ff8194508aab9763
puppet_tags: 'exec'
step_config: 'include ::tripleo::profile::pacemaker::database::redis_bundle'
step_config: |
include ::tripleo::profile::pacemaker::database::redis_bundle
config_image: &redis_config_image {get_param: DockerRedisConfigImage}
kolla_config:
/var/lib/kolla/config_files/redis.json:

View File

@ -50,7 +50,7 @@ resource_registry:
OS::TripleO::Services::PankoApi: ../deployment/deprecated/panko/panko-api-container-puppet.yaml
OS::TripleO::Services::Qdr: OS::Heat::None
OS::TripleO::Services::RabbitMQ: ../deployment/rabbitmq/rabbitmq-container-puppet.yaml
OS::TripleO::Services::Redis: ../puppet/services/database/redis.yaml
OS::TripleO::Services::Redis: ../deployment/database/redis-container-puppet.yaml
OS::TripleO::Services::Sshd: ../deployment/sshd/sshd-baremetal-puppet.yaml
OS::TripleO::Services::SwiftDispersion: ../deployment/swift/swift-dispersion-baremetal-puppet.yaml
OS::TripleO::Services::SwiftProxy: ../deployment/swift/swift-proxy-container-puppet.yaml

View File

@ -20,4 +20,4 @@ resource_registry:
OS::TripleO::Services::MySQL: ../deployment/database/mysql-pacemaker-puppet.yaml
OS::TripleO::Services::OsloMessagingRpc: ../deployment/rabbitmq/rabbitmq-messaging-rpc-pacemaker-puppet.yaml
OS::TripleO::Services::OsloMessagingNotify: ../deployment/rabbitmq/rabbitmq-messaging-notify-shared-puppet.yaml
OS::TripleO::Services::Redis: ../docker/services/pacemaker/database/redis.yaml
OS::TripleO::Services::Redis: ../deployment/database/redis-pacemaker-puppet.yaml

View File

@ -4,7 +4,7 @@ resource_registry:
OS::TripleO::Services::CinderVolume: ../deployment/cinder/cinder-volume-container-puppet.yaml
OS::TripleO::Services::RabbitMQ: ../deployment/rabbitmq/rabbitmq-container-puppet.yaml
OS::TripleO::Services::HAproxy: ../deployment/haproxy/haproxy-container-puppet.yaml
OS::TripleO::Services::Redis: ../docker/services/database/redis.yaml
OS::TripleO::Services::Redis: ../deployment/database/redis-container-puppet.yaml
OS::TripleO::Services::MySQL: ../deployment/database/mysql-container-puppet.yaml
OS::TripleO::Services::Keepalived: ../docker/services/keepalived.yaml
OS::TripleO::Services::Pacemaker: OS::Heat::None

View File

@ -2,4 +2,4 @@ resource_registry:
OS::TripleO::Services::UndercloudGnocchiApi: ../../puppet/services/gnocchi-api.yaml
OS::TripleO::Services::UndercloudGnocchiMetricd: ../../puppet/services/gnocchi-metricd.yaml
OS::TripleO::Services::UndercloudGnocchiStatsd: ../../puppet/services/gnocchi-statsd.yaml
OS::TripleO::Services::UndercloudRedis: ../../puppet/services/database/redis.yaml
OS::TripleO::Services::UndercloudRedis: ../../deployment/database/redis-container-puppet.yaml

View File

@ -4,4 +4,4 @@ resource_registry:
OS::TripleO::Services::GnocchiApi: ../../docker/services/gnocchi-api.yaml
OS::TripleO::Services::GnocchiMetricd: ../../docker/services/gnocchi-metricd.yaml
OS::TripleO::Services::GnocchiStatsd: ../../docker/services/gnocchi-statsd.yaml
OS::TripleO::Services::Redis: ../../docker/services/database/redis.yaml
OS::TripleO::Services::Redis: ../../deployment/database/redis-container-puppet.yaml

View File

@ -1,3 +1,3 @@
resource_registry:
OS::TripleO::Services::Zaqar: ../../deployment/zaqar/zaqar-container-puppet.yaml
OS::TripleO::Services::Redis : ../../docker/services/database/redis.yaml
OS::TripleO::Services::Redis : ../../deployment/database/redis-container-puppet.yaml

View File

@ -191,7 +191,7 @@ resource_registry:
OS::TripleO::Services::Securetty: OS::Heat::None
OS::TripleO::Services::SELinux: OS::Heat::None
OS::TripleO::Services::Sshd: deployment/sshd/sshd-baremetal-puppet.yaml
OS::TripleO::Services::Redis: docker/services/database/redis.yaml
OS::TripleO::Services::Redis: deployment/database/redis-container-puppet.yaml
OS::TripleO::Services::NovaApi: deployment/nova/nova-api-container-puppet.yaml
OS::TripleO::Services::NovaCompute: deployment/nova/nova-compute-container-puppet.yaml
OS::TripleO::Services::NovaConductor: deployment/nova/nova-conductor-container-puppet.yaml

View File

@ -1,107 +0,0 @@
heat_template_version: rocky
description: >
OpenStack Redis service configured with Puppet
parameters:
ServiceData:
default: {}
description: Dictionary packing service data
type: json
ServiceNetMap:
default: {}
description: Mapping of service_name -> network name. Typically set
via parameter_defaults in the resource registry. This
mapping overrides those in ServiceNetMapDefaults.
type: json
DefaultPasswords:
default: {}
type: json
RoleName:
default: ''
description: Role name on which the service is applied
type: string
RoleParameters:
default: {}
description: Parameters specific to the role
type: json
EndpointMap:
default: {}
description: Mapping of service endpoint -> protocol. Typically set
via parameter_defaults in the resource registry.
type: json
EnableInternalTLS:
type: boolean
default: false
conditions:
use_tls_proxy: {equals : [{get_param: EnableInternalTLS}, true]}
resources:
RedisBase:
type: ./redis-base.yaml
properties:
ServiceData: {get_param: ServiceData}
ServiceNetMap: {get_param: ServiceNetMap}
DefaultPasswords: {get_param: DefaultPasswords}
EndpointMap: {get_param: EndpointMap}
RoleName: {get_param: RoleName}
RoleParameters: {get_param: RoleParameters}
EnableInternalTLS: {get_param: EnableInternalTLS}
outputs:
role_data:
description: Role data for the redis role.
value:
service_name: redis
config_settings:
map_merge:
- get_attr: [RedisBase, role_data, config_settings]
- tripleo::redis::firewall_rules:
'108 redis':
dport:
- 6379
- 26379
tripleo::profile::base::database::redis::tls_proxy_bind_ip:
str_replace:
template:
"%{hiera('$NETWORK')}"
params:
$NETWORK: {get_param: [ServiceNetMap, RedisNetwork]}
tripleo::profile::base::database::redis::tls_proxy_fqdn:
str_replace:
template:
"%{hiera('fqdn_$NETWORK')}"
params:
$NETWORK: {get_param: [ServiceNetMap, RedisNetwork]}
tripleo::profile::base::database::redis::tls_proxy_port: 6379
- if:
- use_tls_proxy
- tripleo::redis::service_certificate: '/etc/pki/tls/certs/redis.crt'
redis_certificate_specs:
service_certificate: '/etc/pki/tls/certs/redis.crt'
service_key: '/etc/pki/tls/private/redis.key'
hostname:
str_replace:
template: "%{hiera('cloud_name_NETWORK')}"
params:
NETWORK: {get_param: [ServiceNetMap, RedisNetwork]}
principal:
str_replace:
template: "redis/%{hiera('cloud_name_NETWORK')}"
params:
NETWORK: {get_param: [ServiceNetMap, RedisNetwork]}
postsave_cmd: "/usr/bin/certmonger-redis-refresh.sh"
- {}
step_config: |
include ::tripleo::profile::base::database::redis
metadata_settings:
if:
- use_tls_proxy
-
- service: redis
network: {get_param: [ServiceNetMap, RabbitmqNetwork]}
type: vip
- null
upgrade_tasks: []

View File

@ -1,94 +0,0 @@
heat_template_version: rocky
description: >
OpenStack Redis service configured with Puppet
parameters:
ServiceData:
default: {}
description: Dictionary packing service data
type: json
ServiceNetMap:
default: {}
description: Mapping of service_name -> network name. Typically set
via parameter_defaults in the resource registry. This
mapping overrides those in ServiceNetMapDefaults.
type: json
DefaultPasswords:
default: {}
type: json
RoleName:
default: ''
description: Role name on which the service is applied
type: string
RoleParameters:
default: {}
description: Parameters specific to the role
type: json
EndpointMap:
default: {}
description: Mapping of service endpoint -> protocol. Typically set
via parameter_defaults in the resource registry.
type: json
EnableInternalTLS:
type: boolean
default: false
RedisIPv6:
default: false
description: Enable IPv6 in Redis
type: boolean
conditions:
use_tls_proxy: {equals : [{get_param: EnableInternalTLS}, true]}
redis_ipv6: {get_param: RedisIPv6}
resources:
RedisBase:
type: ../../database/redis.yaml
properties:
ServiceData: {get_param: ServiceData}
ServiceNetMap: {get_param: ServiceNetMap}
DefaultPasswords: {get_param: DefaultPasswords}
EndpointMap: {get_param: EndpointMap}
RoleName: {get_param: RoleName}
RoleParameters: {get_param: RoleParameters}
outputs:
role_data:
description: Role data for the Redis pacemaker role.
value:
service_name: redis
config_settings:
map_merge:
- get_attr: [RedisBase, role_data, config_settings]
- redis::service_manage: false
redis::notify_service: false
redis::managed_by_cluster_manager: true
tripleo::profile::pacemaker::database::redis::tls_proxy_bind_ip:
str_replace:
template:
"%{hiera('$NETWORK')}"
params:
$NETWORK: {get_param: [ServiceNetMap, RedisNetwork]}
tripleo::profile::pacemaker::database::redis::tls_proxy_fqdn:
str_replace:
template:
"%{hiera('fqdn_$NETWORK')}"
params:
$NETWORK: {get_param: [ServiceNetMap, RedisNetwork]}
tripleo::profile::pacemaker::database::redis::tls_proxy_port: 6379
- if:
- use_tls_proxy
- redis::extra_config_file: "/etc/redis-tls.conf"
tripleo::profile::pacemaker::database::redis::extra_config_file: "/etc/redis-tls.conf"
tripleo::profile::pacemaker::database::redis::tls_tunnel_base_port: 6660
tripleo::profile::pacemaker::database::redis::tls_tunnel_local_name:
if:
- redis_ipv6
- '::1'
- '127.0.0.1'
- {}
step_config: |
include ::tripleo::profile::pacemaker::database::redis
metadata_settings:
get_attr: [RedisBase, role_data, metadata_settings]

View File

@ -0,0 +1,4 @@
---
upgrade:
- |
Installing Redis services on baremetal is no longer supported.