From 1b3bda28c8b4fa68d8960744ead1e8b148c1ba2e Mon Sep 17 00:00:00 2001 From: Kevin Fenzi Date: Wed, 12 Dec 2018 21:28:42 +0000 Subject: [PATCH] Update undercloud role to reflect last few weeks of changes. * Nuke federation stuff, we are doing it manually. * update deploy for what we currently are using * drop cinder-dellps-config in favor of custom storage * Update nodes for ppc and ip changes and dropping fed-cloud-14/node14 --- roles/undercloud/files/configure-federation | 786 ------------------ .../files/openstack-overcloud-deploy.sh | 15 +- .../undercloud/files/templates/node-info.yaml | 8 +- .../templates/cinder-dellps-config.yaml | 32 - .../undercloud/templates/custom-storage.yaml | 45 + roles/undercloud/templates/fed_variables | 44 - roles/undercloud/templates/nodes.json | 36 +- 7 files changed, 78 insertions(+), 888 deletions(-) delete mode 100755 roles/undercloud/files/configure-federation delete mode 100644 roles/undercloud/templates/cinder-dellps-config.yaml create mode 100644 roles/undercloud/templates/custom-storage.yaml delete mode 100644 roles/undercloud/templates/fed_variables diff --git a/roles/undercloud/files/configure-federation b/roles/undercloud/files/configure-federation deleted file mode 100755 index 2d29a6fb73..0000000000 --- a/roles/undercloud/files/configure-federation +++ /dev/null @@ -1,786 +0,0 @@ -#!/bin/sh - -prog_name=`basename $0` -action= -dry_run=0 -verbose=0 - -base_dir=$(pwd) -stage_dir="${base_dir}/fed_deployment" - -mellon_root="/v3" -mellon_endpoint="mellon" -mellon_app_name="v3" - -overcloud_deploy_script="overcloud_deploy.sh" -overcloudrc_file="./overcloudrc" - -function cmd_template { - local status=0 - local cmd="$1" - if [ $verbose -ne 0 -o $dry_run -ne 0 ]; then - echo $cmd - fi - if [ $dry_run -ne 0 ]; then - return $status - fi - - $cmd - status=$? - if [ $status -ne 0 ]; then - (>&2 echo -e "ERROR cmd \"$cmd\" failed\nstatus = $status") - fi - return $status -} - -function cmds_template { - local return_status=0 - declare -a cmds=( - "date" - "ls xxx" - "head $0" - ) - - if [ $dry_run -ne 0 ]; then - for cmd in "${cmds[@]}"; do - echo $cmd - done - else - for cmd in "${cmds[@]}"; do - if [ $verbose -ne 0 ]; then - echo $cmd - fi - $cmd - status=$? - if [ $status -ne 0 ]; then - (>&2 echo -e "ERROR cmd \"$cmd\" failed\nstatus = $status") - return_status=$status - fi - done - fi - return $return_status -} - -function show_variables { - echo "base_dir: $base_dir" - echo "stage_dir: $stage_dir" - echo "config_tar_filename: $config_tar_filename" - echo "config_tar_pathname: $config_tar_pathname" - echo "overcloud_deploy_script: $overcloud_deploy_script" - echo "overcloudrc_file: $overcloudrc_file" - - echo "puppet_override_apache_pathname: $puppet_override_apache_pathname" - echo "puppet_override_keystone_pathname: $puppet_override_keystone_pathname" - - echo - - echo "FED_RHSSO_URL: $FED_RHSSO_URL" - echo "FED_RHSSO_ADMIN_PASSWORD: $FED_RHSSO_ADMIN_PASSWORD" - echo "FED_RHSSO_REALM: $FED_RHSSO_REALM" - - echo - - echo "FED_KEYSTONE_HOST: $FED_KEYSTONE_HOST" - echo "FED_KEYSTONE_HTTPS_PORT: $FED_KEYSTONE_HTTPS_PORT" - echo "mellon_http_url: $mellon_http_url" - echo "mellon_root: $mellon_root" - echo "mellon_endpoint: $mellon_endpoint" - echo "mellon_app_name: $mellon_app_name" - echo "mellon_endpoint_path: $mellon_endpoint_path" - echo "mellon_entity_id: $mellon_entity_id" - - echo - - echo "FED_OPENSTACK_IDP_NAME: $FED_OPENSTACK_IDP_NAME" - echo "openstack_mapping_pathname: $openstack_mapping_pathname" - echo "FED_OPENSTACK_MAPPING_NAME: $FED_OPENSTACK_MAPPING_NAME" - - echo - - echo "idp_metadata_filename: $idp_metadata_filename" - echo "mellon_httpd_config_filename: $mellon_httpd_config_filename" -} - -function initialize { - local return_status=0 - declare -a cmds=( - "mkdir -p $stage_dir" - ) - - if [ $dry_run -ne 0 ]; then - for cmd in "${cmds[@]}"; do - echo $cmd - done - else - for cmd in "${cmds[@]}"; do - if [ $verbose -ne 0 ]; then - echo $cmd - fi - $cmd - status=$? - if [ $status -ne 0 ]; then - (>&2 echo -e "ERROR cmd \"$cmd\" failed\nstatus = $status") - return_status=$status - fi - done - fi - return $return_status -} - -function copy_helper_to_controller { - local status=0 - local controller=${1:-"controller-0"} - local cmd="scp configure-federation fed_variables heat-admin@${controller}:/home/heat-admin" - if [ $verbose -ne 0 -o $dry_run -ne 0 ]; then - echo $cmd - fi - if [ $dry_run -ne 0 ]; then - return $status - fi - - $cmd - status=$? - if [ $status -ne 0 ]; then - (>&2 echo -e "ERROR cmd \"$cmd\" failed\nstatus = $status") - fi - return $status -} - -function install_mod_auth_mellon { - local status=0 - local cmd="sudo yum -y install mod_auth_mellon" - - if [ $verbose -ne 0 -o $dry_run -ne 0 ]; then - echo $cmd - fi - if [ $dry_run -ne 0 ]; then - return $status - fi - - $cmd - status=$? - if [ $status -ne 0 ]; then - (>&2 echo -e "ERROR cmd \"$cmd\" failed\nstatus = $status") - fi - return $status -} - -function create_ipa_service_account { - # Note, after setting up the service account it can be tested - # by performing a user search like this: - # ldapsearch -H $ldap_url -x -D "$service_dn" -w "$FED_IPA_RHSSO_SERVICE_PASSWD" -b "cn=users,cn=accounts,$FED_IPA_BASE_DN" - - local status=0 - local ldap_url="ldaps://$FED_IPA_HOST" - local dir_mgr_dn="cn=Directory Manager" - local service_name="rhsso" - local service_dn="uid=$service_name,cn=sysaccounts,cn=etc,$FED_IPA_BASE_DN" - local cmd="ldapmodify -H \"$ldap_url\" -x -D \"$dir_mgr_dn\" -w \"$FED_IPA_ADMIN_PASSWD\"" - - read -r -d '' contents <&2 echo -e "ERROR cmd \"$cmd\" failed\nstatus = $status") - fi - - return $status -} - - - -function client_install { - local status=0 - local cmd_client_install="sudo yum -y install keycloak-httpd-client-install" - local cmd="sudo keycloak-httpd-client-install \ - --client-originate-method registration \ - --mellon-https-port $FED_KEYSTONE_HTTPS_PORT \ - --mellon-hostname $FED_KEYSTONE_HOST \ - --mellon-root $mellon_root \ - --keycloak-server-url $FED_RHSSO_URL \ - --keycloak-admin-password $FED_RHSSO_ADMIN_PASSWORD \ - --app-name $mellon_app_name \ - --keycloak-realm $FED_RHSSO_REALM \ - -l "/v3/auth/OS-FEDERATION/websso/mapped" \ - -l "/v3/auth/OS-FEDERATION/identity_providers/rhsso/protocols/mapped/websso" \ - -l "/v3/OS-FEDERATION/identity_providers/rhsso/protocols/mapped/auth" -" - if [ $verbose -ne 0 -o $dry_run -ne 0 ]; then - echo $cmd_client_install - echo $cmd - fi - if [ $dry_run -ne 0 ]; then - return $status - fi - - $cmd_client_install - status=$? - if [ $status -ne 0 ]; then - (>&2 echo -e "ERROR cmd \"$cmd_client_install\" failed\nstatus = $status") - else - $cmd - status=$? - if [ $status -ne 0 ]; then - (>&2 echo -e "ERROR cmd \"$cmd\" failed\nstatus = $status") - fi - fi - return $status -} - -function create_sp_archive { - # Note, we put the exclude patterns in a file because it is - # insanely difficult to put --exclude patttern in the $cmd shell - # variable and get the final quoting correct. - - local status=0 - local cmd="tar -cvzf $config_tar_pathname --exclude-from $stage_dir/tar_excludes /etc/httpd/saml2 /etc/httpd/conf.d/$mellon_httpd_config_filename" - if [ $verbose -ne 0 -o $dry_run -ne 0 ]; then - echo $cmd - fi - if [ $dry_run -ne 0 ]; then - return $status - fi - - cat <<'EOF' > $stage_dir/tar_excludes -*.orig -*~ -EOF - - $cmd - status=$? - if [ $status -ne 0 ]; then - (>&2 echo -e "ERROR cmd \"$cmd\" failed\nstatus = $status") - fi - return $status -} - -function fetch_sp_archive { - local return_status=0 - declare -a cmds=( - "scp heat-admin@controller-0:/home/heat-admin/fed_deployment/$config_tar_filename $stage_dir" - "tar -C $stage_dir -xvf $config_tar_pathname" - ) - - if [ $dry_run -ne 0 ]; then - for cmd in "${cmds[@]}"; do - echo $cmd - done - else - for cmd in "${cmds[@]}"; do - if [ $verbose -ne 0 ]; then - echo $cmd - fi - $cmd - status=$? - if [ $status -ne 0 ]; then - (>&2 echo -e "ERROR cmd \"$cmd\" failed\nstatus = $status") - return_status=$status - fi - done - fi - return $return_status -} - -function deploy_mellon_configuration { - local status=0 - local cmd="upload-swift-artifacts -f $config_tar_pathname" - if [ $verbose -ne 0 -o $dry_run -ne 0 ]; then - echo $cmd - fi - if [ $dry_run -ne 0 ]; then - return $status - fi - - $cmd - status=$? - if [ $status -ne 0 ]; then - (>&2 echo -e "ERROR cmd \"$cmd\" failed\nstatus = $status") - fi - return $status -} - -function idp_entity_id { - local metadata_file=${1:-$idp_metadata_filename} - - # Extract the entitID from the metadata file, should really be parsed - # with an XML xpath but a simple string match is probably OK - - entity_id=`sed -rne 's/^.*entityID="([^"]*)".*$/\1/p' ${metadata_file}` - status=$? - if [ $status -ne 0 -o "$entity_id"x = "x" ]; then - (>&2 echo -e "ERROR search for entityID in ${metadata_file} failed\nstatus = $status") - return 1 - fi - echo $entity_id - return 0 -} - -function append_deploy_script { - local status=0 - local deploy_script=$1 - local extra_line=$2 - local count - - count=$(grep -c -e "$extra_line" $deploy_script) - if [ $count -eq 1 ]; then - echo -e "SKIP appending:\n$extra_line" - echo "already present in $deploy_script" - return $status - elif [ $count -gt 1 ]; then - status=1 - (>&2 echo -e "ERROR multiple copies of line in ${deploy_script}\nstatus = $status\nline=$extra_line") - return $status - fi - - if [ $verbose -ne 0 -o $dry_run -ne 0 ]; then - echo "appending $deploy_script with:" - echo -e $extra_line - fi - if [ $dry_run -ne 0 ]; then - return $status - fi - - # insert line after last -e line already in script - # - # This is not easy with sed, we'll use tac and awk instead. Here - # is how this works: The logic is easier if you insert before the - # first line rather than trying to find the last line and insert - # after it. We use tac to reverse the lines in the file. Then the - # awk script looks for the candidate line. If found it outputs the - # line we're adding, sets a flag (p) to indicate it's already been - # printed. The "; 1" pattern always output the input line. Then we - # run the output through tac again to set things back in the - # original order. - - local tmp_file=$(mktemp) - - tac $deploy_script | awk "!p && /^-e/{print \"${extra_line} \\\\\"; p=1}; 1" | tac > $tmp_file - - count=$(grep -c -e "${extra_line}" $tmp_file) - if [ $count -ne 1 ]; then - status=1 - fi - if [ $status -ne 0 ]; then - rm $tmp_file - (>&2 echo -e "ERROR failed to append ${deploy_script}\nstatus = $status\nline=$extra_line") - else - mv $tmp_file $deploy_script - fi - - - return $status -} - -function puppet_override_apache { - local status=0 - local pathname=${1:-$puppet_override_apache_pathname} - local deploy_cmd="-e $pathname" - - read -r -d '' contents <<'EOF' -parameter_defaults: - ControllerExtraConfig: - apache::purge_configs: false -EOF - - if [ $verbose -ne 0 -o $dry_run -ne 0 ]; then - echo "writing pathname = $pathname with contents" - echo -e "$contents" - fi - if [ $dry_run -ne 0 ]; then - return $status - fi - - echo -e "$contents" > $pathname - status=$? - if [ $status -ne 0 ]; then - (>&2 echo -e "ERROR failed to write ${pathname}\nstatus = $status") - fi - - append_deploy_script $overcloud_deploy_script "$deploy_cmd" - status=$? - - return $status -} - -function puppet_override_keystone { - local status=0 - local pathname=${1:-$puppet_override_keystone_pathname} - local deploy_cmd="-e $pathname" - - read -r -d '' contents < $pathname - status=$? - if [ $status -ne 0 ]; then - (>&2 echo -e "ERROR failed to write ${pathname}\nstatus = $status") - fi - - append_deploy_script $overcloud_deploy_script "$deploy_cmd" - status=$? - - return $status -} - -function create_federated_resources { - # follow example in Keystone federation documentation - # http://docs.openstack.org/developer/keystone/federation/federated_identity.html#create-keystone-groups-and-assign-roles - local return_status=0 - declare -a cmds=( - "openstack domain create federated_domain" - "openstack project create --domain federated_domain federated_project" - "openstack group create federated_users --domain federated_domain" - "openstack role add --group federated_users --group-domain federated_domain --domain federated_domain _member_" - "openstack role add --group federated_users --project federated_project Member" - ) - - if [ $dry_run -ne 0 ]; then - for cmd in "${cmds[@]}"; do - echo $cmd - done - else - for cmd in "${cmds[@]}"; do - if [ $verbose -ne 0 ]; then - echo $cmd - fi - $cmd - status=$? - if [ $status -ne 0 ]; then - (>&2 echo -e "ERROR cmd \"$cmd\" failed\nstatus = $status") - return_status=$status - fi - done - fi - return $return_status -} - -function create_mapping { - # Matches documentation - # http://docs.openstack.org/developer/keystone/federation/federated_identity.html#create-keystone-groups-and-assign-roles - local status=0 - local pathname=${1:-$openstack_mapping_pathname} - - read -r -d '' contents <<'EOF' -[ - { - "local": [ - { - "user": { - "name": "{0}" - }, - "group": { - "domain": { - "name": "federated_domain" - }, - "name": "federated_users" - } - } - ], - "remote": [ - { - "type": "MELLON_NAME_ID" - }, - { - "type": "MELLON_groups", - "any_one_of": ["openstack-users"] - } - ] - } -] -EOF - - if [ $verbose -ne 0 -o $dry_run -ne 0 ]; then - echo "writing pathname = $pathname with contents" - echo -e "$contents" - fi - if [ $dry_run -ne 0 ]; then - return $status - fi - - - echo -e "$contents" > $pathname - status=$? - if [ $status -ne 0 ]; then - (>&2 echo -e "ERROR failed to write ${pathname}\nstatus = $status") - fi - - return $status -} - -function create_v3_rcfile { - local status=0 - local input_file=${1:-$overcloudrc_file} - local output_file="${input_file}.v3" - - source $input_file - #clear the old environment - NEW_OS_AUTH_URL=`echo $OS_AUTH_URL | sed 's!v2.0!v3!'` - - read -r -d '' contents < $output_file - status=$? - if [ $status -ne 0 ]; then - (>&2 echo -e "ERROR failed to write ${output_file}\nstatus = $status") - fi - - return $status -} - -function openstack_create_idp { - local status=0 - local metadata_file="$stage_dir/etc/httpd/saml2/$idp_metadata_filename" - local entity_id - entity_id=$(idp_entity_id $metadata_file) - status=$? - if [ $status -ne 0 ]; then - return $status - fi - - local cmd="openstack identity provider create --remote-id $entity_id $FED_OPENSTACK_IDP_NAME" - - if [ $verbose -ne 0 -o $dry_run -ne 0 ]; then - echo $cmd - fi - if [ $dry_run -ne 0 ]; then - return $status - fi - - $cmd - status=$? - if [ $status -ne 0 ]; then - (>&2 echo -e "ERROR cmd \"$cmd\" failed\nstatus = $status") - fi - return $status -} - -function openstack_create_mapping { - local status=0 - local mapping_file=${1:-$openstack_mapping_pathname} - local mapping_name=${2:-$FED_OPENSTACK_MAPPING_NAME} - cmd="openstack mapping create --rules $mapping_file $mapping_name" - - if [ $verbose -ne 0 -o $dry_run -ne 0 ]; then - echo $cmd - fi - if [ $dry_run -ne 0 ]; then - return $status - fi - - $cmd - status=$? - if [ $status -ne 0 ]; then - (>&2 echo -e "ERROR cmd \"$cmd\" failed\nstatus = $status") - fi - return $status -} - -function openstack_create_protocol { - local status=0 - local idp_name=${1:-$FED_OPENSTACK_IDP_NAME} - local mapping_name=${2:-$FED_OPENSTACK_MAPPING_NAME} - cmd="openstack federation protocol create --identity-provider $idp_name --mapping $mapping_name mapped" - - if [ $verbose -ne 0 -o $dry_run -ne 0 ]; then - echo $cmd - fi - if [ $dry_run -ne 0 ]; then - return $status - fi - - $cmd - status=$? - if [ $status -ne 0 ]; then - (>&2 echo -e "ERROR cmd \"$cmd\" failed\nstatus = $status") - fi - return $status -} - -function usage { -cat <&2; exit 1;; - (*) break;; - esac - shift -done -#----------------------------------------------------------------------------- -source ./fed_variables - - -# Strip leading and trailing space and slash from these variables -mellon_root=`echo ${mellon_root} | perl -pe 's!^[ /]*(.*?)[ /]*$!\1!'` -mellon_endpoint=`echo ${mellon_endpoint} | perl -pe 's!^[ /]*(.*?)[ /]*$!\1!'` - -mellon_root="/${mellon_root}" - -mellon_endpoint_path="${mellon_root}/${mellon_endpoint}" -mellon_http_url="https://${FED_KEYSTONE_HOST}:${FED_KEYSTONE_HTTPS_PORT}" -mellon_entity_id="${mellon_http_url}${mellon_endpoint_path}/metadata" - -openstack_mapping_pathname="${stage_dir}/mapping_${FED_OPENSTACK_IDP_NAME}_saml2.json" -idp_metadata_filename="${mellon_app_name}_keycloak_${FED_RHSSO_REALM}_idp_metadata.xml" -mellon_httpd_config_filename="${mellon_app_name}_mellon_keycloak_${FED_RHSSO_REALM}.conf" -config_tar_filename="rhsso_config.tar.gz" -config_tar_pathname="${stage_dir}/${config_tar_filename}" -puppet_override_apache_pathname="${stage_dir}/puppet_override_apache.yaml" -puppet_override_keystone_pathname="${stage_dir}/puppet_override_keystone.yaml" - -#----------------------------------------------------------------------------- - -if [ $# -lt 1 ]; then - echo "ERROR: no action specified" - exit 1 -fi -action="$1"; shift - -if [ $dry_run -ne 0 ]; then - echo "Dry Run Enabled!" -fi - -case $action in - show-var*) - show_variables ;; - initialize) - initialize ;; - copy-helper-to-controller) - copy_helper_to_controller "$1" ;; - install-mod-auth-mellon) - install_mod_auth_mellon ;; - create-ipa-service-account) - create_ipa_service_account ;; - client-install) - client_install ;; - create-sp-archive) - create_sp_archive ;; - fetch-sp-archive) - fetch_sp_archive ;; - deploy-mellon-configuration) - deploy_mellon_configuration ;; - create-v3-rcfile) - create_v3_rcfile "$1" ;; - puppet-override-apache) - puppet_override_apache "$1" ;; - puppet-override-keystone) - puppet_override_keystone "$1" ;; - create-federated-resources) - create_federated_resources ;; - create-mapping) - create_mapping "$1" ;; - openstack-create-idp) - openstack_create_idp "$1" ;; - openstack-create-mapping) - openstack_create_mapping "$1" "$2" ;; - openstack-create-protocol) - openstack_create_protocol "$1" "$2" ;; - *) - echo "unknown action: $action" - usage - exit 1 - ;; -esac diff --git a/roles/undercloud/files/openstack-overcloud-deploy.sh b/roles/undercloud/files/openstack-overcloud-deploy.sh index 952fda3e45..19da04d38b 100755 --- a/roles/undercloud/files/openstack-overcloud-deploy.sh +++ b/roles/undercloud/files/openstack-overcloud-deploy.sh @@ -1,13 +1,18 @@ -#!/bin/bash +!/bin/bash openstack overcloud deploy --templates \ -e /home/stack/templates/node-info.yaml\ -e /home/stack/templates/overcloud_images.yaml \ -r /home/stack/templates/roles_data.yaml \ --ntp-server cloud-noc01.cloud.fedoraproject.org \ - --config-download \ - -e /usr/share/openstack-tripleo-heat-templates/environments/config-download-environment.yaml \ + -e /home/stack/templates/custom-storage.yaml \ --overcloud-ssh-user heat-admin \ --overcloud-ssh-key ~/.ssh/id_rsa \ - -e /home/stack/templates/cinder-dellps-config.yaml \ - -e /home/stack/templates/rhel-registration/environment-rhel-registration.yaml + -e /home/stack/templates/custom_domain.yaml \ + --timeout 1800 \ + --validation-errors-nonfatal + +# --config-download \ +# -e /usr/share/openstack-tripleo-heat-templates/environments/config-download-environment.yaml \ +# -e /home/stack/templates/rhel-registration/environment-rhel-registration.yaml \ +# -e /home/stack/templates/rhel-registration/rhel-registration-resource-registry.yaml \ diff --git a/roles/undercloud/files/templates/node-info.yaml b/roles/undercloud/files/templates/node-info.yaml index f276c8d430..58e925cd27 100644 --- a/roles/undercloud/files/templates/node-info.yaml +++ b/roles/undercloud/files/templates/node-info.yaml @@ -1,7 +1,9 @@ parameter_defaults: OvercloudControllerFlavor: control OvercloudComputeFlavor: compute -# OvercloudCephStorageFlavor: ceph-storage + OvercloudComputePPC64LEFlavor: computeppc64le + ComputePPC64LECount: 1 + OvercloudCephStorageFlavor: ceph-storage ControllerCount: 3 - ComputeCount: 8 -# CephStorageCount: 0 + ComputeCount: 10 + CephStorageCount: 0 diff --git a/roles/undercloud/templates/cinder-dellps-config.yaml b/roles/undercloud/templates/cinder-dellps-config.yaml deleted file mode 100644 index 7a4519fb6e..0000000000 --- a/roles/undercloud/templates/cinder-dellps-config.yaml +++ /dev/null @@ -1,32 +0,0 @@ - Copyright (c) 2016-2017 Dell Inc, or its subsidiaries. -# -# Licensed under the Apache License, Version 2.0 (the "License"); -# you may not use this file except in compliance with the License. -# You may obtain a copy of the License at -# -# http://www.apache.org/licenses/LICENSE-2.0 -# -# Unless required by applicable law or agreed to in writing, software -# distributed under the License is distributed on an "AS IS" BASIS, -# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -# See the License for the specific language governing permissions and -# limitations under the License. -# -# A Heat environment file which can be used to enable a -# a Cinder Dell EMC PS Series backend, configured via puppet -resource_registry: - OS::TripleO::Services::CinderBackendDellPs: ../puppet/services/cinder-backend-dellps.yaml - -parameter_defaults: - CinderEnableDellPsBackend: true - CinderDellPsBackendName: 'fed-cloud-eql02' - CinderDellPsSanIp: '172.24.0.102' - CinderDellPsSanLogin: '{{ san02_login }}' - CinderDellPsSanPassword: '{{ san02_pass }}' - CinderDellPsSanPrivateKey: '' - CinderDellPsSanThinProvision: true - CinderDellPsGroupname: 'cloud-equallogics' - CinderDellPsPool: 'default' - CinderDellPsChapLogin: '' - CinderDellPsChapPassword: '' - CinderDellPsUseChap: false diff --git a/roles/undercloud/templates/custom-storage.yaml b/roles/undercloud/templates/custom-storage.yaml new file mode 100644 index 0000000000..39719fe72f --- /dev/null +++ b/roles/undercloud/templates/custom-storage.yaml @@ -0,0 +1,45 @@ +parameter_defaults: + CinderEnableIscsiBackend: false + CinderEnableRbdBackend: false + CinderEnableNfsBackend: false + NovaEnableRbdBackend: false + GlanceBackend: file + ControllerExtraConfig: + cinder::config::cinder_config: + fed-cloud-eql01/volume_driver: + value: cinder.volume.drivers.dell_emc.ps.PSSeriesISCSIDriver + fed-cloud-eql01/eqlx_pool: + value: default + fed-cloud-eql01/eqlx_group_name: + value: cloud-equallogics + fed-cloud-eql01/volume_backend_name: + value: fed-cloud-eql01 + fed-cloud-eql01/san_ip: + value: 192.168.20.31 + fed-cloud-eql01/san_login: + value: "{{ san01_login }}" + fed-cloud-eql01/san_password: + value: "{{ san01_pass }}" + fed-cloud-eql01/san_thin_provision: + value: True + fed-cloud-eql01/use_chap_auth: + value: False + fed-cloud-eql02/volume_driver: + value: cinder.volume.drivers.dell_emc.ps.PSSeriesISCSIDriver + fed-cloud-eql02/eqlx_pool: + value: default + fed-cloud-eql02/eqlx_group_name: + value: fedora-equallogics + fed-cloud-eql02/volume_backend_name: + value: fed-cloud-eql02 + fed-cloud-eql02/san_ip: + value: 192.168.20.30 + fed-cloud-eql02/san_login: + value: "{{ san02_login }}" + fed-cloud-eql02/san_password: + value: "{{ san02_pass }}" + fed-cloud-eql02/san_thin_provision: + value: True + fed-cloud-eql02/use_chap_auth: + value: False + cinder_user_enabled_backends: ['fed-cloud-eql01','fed-cloud-eql02'] diff --git a/roles/undercloud/templates/fed_variables b/roles/undercloud/templates/fed_variables deleted file mode 100644 index da00b31e12..0000000000 --- a/roles/undercloud/templates/fed_variables +++ /dev/null @@ -1,44 +0,0 @@ -# FQDN of IPA server -FED_IPA_HOST="jdennis-ipa.example.com" - -# Base DN of IPA server -FED_IPA_BASE_DN="dc=example,dc=com" - -# IPA administrator password -FED_IPA_ADMIN_PASSWD="FreeIPA4All" - -# Password used by RH-SSO service to authenticate to IPA -# when RH-SSO obtains user/group information from IPA as part of -# RH-SSO's User Federation. -FED_IPA_RHSSO_SERVICE_PASSWD="rhsso-passwd" - -# RH-SSO server IP address -FED_RHSSO_IP_ADDR="10.16.18.217" - -# RH-SSO server FQDN -FED_RHSSO_FQDN="jdennis-rhsso-7" - -# URL used to access the RH-SSO server -FED_RHSSO_URL="https://$FED_RHSSO_FQDN" - -# Administrator password for RH-SSO server -FED_RHSSO_ADMIN_PASSWORD=FreeIPA4All - -# Name of the RH-SSO realm -FED_RHSSO_REALM="openstack" - -# Host name of the mellon server -# Note, this is identical to the Keystone server since Keystone is -# being front by Apache which is protecting it's resources with mellon. -FED_KEYSTONE_HOST="overcloud.localdomain" - -# Port number mellon is running on the FED_KEYSTONE_HOST -# Note, this is identical to the Keystone server port -FED_KEYSTONE_HTTPS_PORT=13000 - -# Name assigned in Openstack to our IdP -FED_OPENSTACK_IDP_NAME="rhsso" - -# Name of our Keystone mapping rules -FED_OPENSTACK_MAPPING_NAME="${FED_OPENSTACK_IDP_NAME}_mapping" - diff --git a/roles/undercloud/templates/nodes.json b/roles/undercloud/templates/nodes.json index a9ca8c54ec..bc39947834 100644 --- a/roles/undercloud/templates/nodes.json +++ b/roles/undercloud/templates/nodes.json @@ -166,7 +166,7 @@ "pm_type":"idrac", "pm_user":"{{ undercloud_pm_username }}", "pm_password":"{{ undercloud_pm_password }}", - "pm_addr":"192.168.20.22" + "pm_addr":"192.168.20.26" }, { "mac":[ @@ -182,20 +182,20 @@ "pm_password":"{{ undercloud_pm_password }}", "pm_addr":"192.168.20.23" }, - { - "mac":[ - "B8:2A:72:FC:C5:2C" - ], - "name":"node14", - "cpu":"32", - "memory":"64216", - "disk":"558", - "arch":"x86_64", - "pm_type":"idrac", - "pm_user":"{{ undercloud_pm_username }}", - "pm_password":"{{ undercloud_pm_password }}", - "pm_addr":"192.168.20.24" - }, +# { +# "mac":[ +# "B8:2A:72:FC:C5:2C" +# ], +# "name":"node14", +# "cpu":"32", +# "memory":"64216", +# "disk":"558", +# "arch":"x86_64", +# "pm_type":"idrac", +# "pm_user":"{{ undercloud_pm_username }}", +# "pm_password":"{{ undercloud_pm_password }}", +# "pm_addr":"192.168.20.24" +# }, { "mac":[ "40:F2:E9:A5:59:ED" @@ -206,9 +206,9 @@ "disk":"558", "arch":"ppc64le", "pm_type":"ipmi", - "pm_user":"IPMI", - "pm_password":"{{ undercloud_pm_password }}", - "pm_addr":"192.168.20.25" + "pm_user":"admin", + "pm_password":"{{ undercloud_ppc_pm_password }}", + "pm_addr":"192.168.20.27" } ] }