openstack
/
tripleo-heat-templates
Code Issues Proposed changes
RETIRED, Heat templates for deploying OpenStack
5,867 Commits 3 Branches 28 Tags 318 MiB
Go to file
Emilien Macchi 69565d7431 Restrict SNMP to internal network 
Add a parameter, SnmpdIpSubnet, which can be an IP/MASK that will be
used to secure with IPtables the source network authorized to reach
SNMP service on the host.
If SnmpdIpSubnet is left empty (default) the parameter will be set to
SnmpdNetwork.

Also change the IPtables id, 127 was used by Horizon, so let's switch
SNMP to 124. No impact on users.

Change-Id: I46fce28926cb5a881f7384948480266712ae75e3
Closes-Bug: #1749324
(cherry picked from commit 43155ed146)
 		2018-02-20 05:33:05 +00:00
ci Add bond-network-templates for OVB public bond CI 2018-02-02 11:07:31 -05:00
common Pass blacklisted_{ip_addresses,hostnames} to major_upgrade_steps 2018-01-25 17:55:06 +01:00
deployed-server Merge "Add support for Dell EMC VNX Cinder Backend" into stable/pike 2018-02-18 06:18:09 +00:00
docker Merge "swift_rsync: don't bind mount /run" into stable/pike 2018-02-20 05:06:09 +00:00
environments Merge "Adding new config parameters for Cisco UCSM ML2 driver" into stable/pike 2018-02-19 20:45:26 +00:00
extraconfig Check for yum lock befor all yum* operations. 2017-12-21 07:37:29 +00:00
firstboot Case insentitive MAC address matching in OsNetConfigMappings 2017-12-22 05:10:18 +00:00
network Restrict SNMP to internal network 2018-02-20 05:33:05 +00:00
plan-samples Workflow input parameter update in plan-environment 2017-07-05 07:57:43 -04:00
puppet Restrict SNMP to internal network 2018-02-20 05:33:05 +00:00
releasenotes Restrict SNMP to internal network 2018-02-20 05:33:05 +00:00
roles Merge "Add support for Dell EMC VNX Cinder Backend" into stable/pike 2018-02-18 06:18:09 +00:00
sample-env-generator Fix the paths for the enable-internal-tls.yaml file in the ssl/ dir 2018-02-05 10:47:59 +00:00
scripts Avoid awk error in hosts-config.sh for large deployments 2017-04-07 10:50:39 +01:00
tools Avoid tox_install.sh for constraints support 2017-12-02 17:10:33 +00:00
tripleo_heat_templates Merge "Revert "Fixing bug in "test_environment_generator.py""" into stable/pike 2017-12-29 07:18:00 +00:00
validation-scripts Tolerate network errors in pingtest retry logic 2017-06-30 11:56:55 +01:00
zuul.d Remove RH1 OVB jobs from configuration 2018-01-22 22:38:23 +02:00
.gitignore Sample environment generator 2017-06-12 15:02:50 -05:00
.gitreview Update .gitreview for stable/pike 2017-08-24 21:05:07 +00:00
.testr.conf Sample environment generator 2017-06-12 15:02:50 -05:00
LICENSE Add license file 2014-01-20 11:58:20 +01:00
MANIFEST.in Add release configuration. 2013-10-22 17:49:35 +01:00
README.rst README: Fix CI coverage layout 2017-08-16 10:28:29 -07:00
all-nodes-validation.yaml Update the template_version alias for all the templates to pike. 2017-05-19 09:58:07 +02:00
babel.cfg Add release configuration. 2013-10-22 17:49:35 +01:00
bindep.txt Add in roles data validation 2017-07-07 09:51:40 -06:00
bootstrap-config.yaml Update the template_version alias for all the templates to pike. 2017-05-19 09:58:07 +02:00
capabilities-map.yaml Merge "Add support for Dell EMC VNX Cinder Backend" into stable/pike 2018-02-18 06:18:09 +00:00
default_passwords.yaml Update the template_version alias for all the templates to pike. 2017-05-19 09:58:07 +02:00
hosts-config.yaml Update the template_version alias for all the templates to pike. 2017-05-19 09:58:07 +02:00
j2_excludes.yaml Remove ipv6 specific network templates 2017-09-01 17:59:24 +00:00
net-config-bond.yaml Render IP map and host maps according to network_data.yaml 2017-08-16 13:30:54 +01:00
net-config-bridge.yaml Render IP map and host maps according to network_data.yaml 2017-08-16 13:30:54 +01:00
net-config-linux-bridge.yaml Render IP map and host maps according to network_data.yaml 2017-08-16 13:30:54 +01:00
net-config-noop.yaml Render IP map and host maps according to network_data.yaml 2017-08-16 13:30:54 +01:00
net-config-static-bridge-with-external-dhcp.yaml Render IP map and host maps according to network_data.yaml 2017-08-16 13:30:54 +01:00
net-config-static-bridge.yaml Render IP map and host maps according to network_data.yaml 2017-08-16 13:30:54 +01:00
net-config-static.yaml Render IP map and host maps according to network_data.yaml 2017-08-16 13:30:54 +01:00
net-config-undercloud.yaml Render IP map and host maps according to network_data.yaml 2017-08-16 13:30:54 +01:00
network_data.yaml Revert "Fixes heat resource name for Internal API Network" 2017-10-12 15:56:08 -04:00
overcloud-resource-registry-puppet.j2.yaml Merge "Add support for Dell EMC VNX Cinder Backend" into stable/pike 2018-02-18 06:18:09 +00:00
overcloud.j2.yaml Workflow execution blacklist support 2018-01-18 09:43:19 +00:00
plan-environment.yaml Add name and description fields to plan-environment.yaml 2017-04-12 17:25:40 +02:00
requirements.txt Add in roles data validation 2017-07-07 09:51:40 -06:00
roles_data.yaml Merge "Add support for Dell EMC VNX Cinder Backend" into stable/pike 2018-02-18 06:18:09 +00:00
roles_data_undercloud.yaml Add logrotate with crond service 2017-08-21 08:56:29 +02:00
setup.cfg Drop deprecated templates/Makefile/merge.py 2015-11-25 15:00:13 -05:00
setup.py Updated from global requirements 2017-03-28 13:03:01 +00:00
test-requirements.txt Updated from global requirements 2017-09-01 13:02:52 +00:00
tox.ini Avoid tox_install.sh for constraints support 2017-12-02 17:10:33 +00:00

README.rst

Team and repository tags

image

tripleo-heat-templates

Heat templates to deploy OpenStack using OpenStack.

Features

The ability to deploy a multi-node, role based OpenStack deployment using OpenStack Heat. Notable features include:

  • Choice of deployment/configuration tooling: puppet, (soon) docker
  • Role based deployment: roles for the controller, compute, ceph, swift, and cinder storage
  • physical network configuration: support for isolated networks, bonding, and standard ctlplane networking

Directories

A description of the directory layout in TripleO Heat Templates.

  • environments: contains heat environment files that can be used with -e

    on the command like to enable features, etc.

  • extraconfig: templates used to enable 'extra' functionality. Includes

    functionality for distro specific registration and upgrades.

  • firstboot: example first_boot scripts that can be used when initially

    creating instances.

  • network: heat templates to help create isolated networks and ports
  • puppet: templates mostly driven by configuration with puppet. To use these

    templates you can use the overcloud-resource-registry-puppet.yaml.

  • validation-scripts: validation scripts useful to all deployment

    configurations

  • roles: example roles that can be used with the tripleoclient to generate

    a roles_data.yaml for a deployment See the roles/README.rst for additional details.

Service testing matrix

The configuration for the CI scenarios will be defined in tripleo-heat-templates/ci/ and should be executed according to the following table:

+----------------+-------------+-------------+-------------+-------------+-----------------++-------------+ | - | scenario001 | scenario002 | scenario003 | scenario004 | multinode-nonha | scenario007 | +================+=============+=============+=============+=============+=================+==============+ | keystone | X | X | X | X | X | X | +----------------+-------------+-------------+-------------+-------------+-----------------+--------------+ | glance | rbd | swift | file | swift + rbd | swift | file | +----------------+-------------+-------------+-------------+-------------+-----------------+--------------+ | cinder | rbd | iscsi | | | iscsi | | +----------------+-------------+-------------+-------------+-------------+-----------------+--------------+ | heat | X | X | X | X | X | X | +----------------+-------------+-------------+-------------+-------------+-----------------+--------------+ | mysql | X | X | X | X | X | X | +----------------+-------------+-------------+-------------+-------------+-----------------+--------------+ | neutron | ovs | ovs | ovs | ovs | X | ovn | +----------------+-------------+-------------+-------------+-------------+-----------------+--------------+ | neutron-bgpvpn | | | | X | | | +----------------+-------------+-------------+-------------+-------------+-----------------+--------------+ | ovn | | | | | | X | +----------------+-------------+-------------+-------------+-------------+-----------------+--------------+ | neutron-l2gw | | | | X | | | +----------------+-------------+-------------+-------------+-------------+-----------------+--------------+ | rabbitmq | X | X | X | X | X | X | +----------------+-------------+-------------+-------------+-------------+-----------------+--------------+ | mongodb | X | X | | | | | +----------------+-------------+-------------+-------------+-------------+-----------------+--------------+ | redis | X | | | | | | +----------------+-------------+-------------+-------------+-------------+-----------------+--------------+ | haproxy | X | X | X | X | X | X | +----------------+-------------+-------------+-------------+-------------+-----------------+--------------+ | keepalived | X | X | X | X | X | X | +----------------+-------------+-------------+-------------+-------------+-----------------+--------------+ | memcached | X | X | X | X | X | X | +----------------+-------------+-------------+-------------+-------------+-----------------+--------------+ | pacemaker | X | X | X | X | X | X | +----------------+-------------+-------------+-------------+-------------+-----------------+--------------+ | nova | qemu | qemu | qemu | qemu | X | qemu | +----------------+-------------+-------------+-------------+-------------+-----------------+--------------+ | ntp | X | X | X | X | X | X | +----------------+-------------+-------------+-------------+-------------+-----------------+--------------+ | snmp | X | X | X | X | X | X | +----------------+-------------+-------------+-------------+-------------+-----------------+--------------+ | timezone | X | X | X | X | X | X | +----------------+-------------+-------------+-------------+-------------+-----------------+--------------+ | sahara | | | X | | | X | +----------------+-------------+-------------+-------------+-------------+-----------------+--------------+ | mistral | | | X | | | X | +----------------+-------------+-------------+-------------+-------------+-----------------+--------------+ | swift | | X | | | X | | +----------------+-------------+-------------+-------------+-------------+-----------------+--------------+ | aodh | X | X | | | | | +----------------+-------------+-------------+-------------+-------------+-----------------+--------------+ | ceilometer | X | X | | | | | +----------------+-------------+-------------+-------------+-------------+-----------------+--------------+ | gnocchi | rbd | swift | | | | | +----------------+-------------+-------------+-------------+-------------+-----------------+--------------+ | panko | X | X | | | | | +----------------+-------------+-------------+-------------+-------------+-----------------+--------------+ | barbican | | X | | | | | +----------------+-------------+-------------+-------------+-------------+-----------------+--------------+ | zaqar | | X | | | | | +----------------+-------------+-------------+-------------+-------------+-----------------+--------------+ | ec2api | | X | | | | | +----------------+-------------+-------------+-------------+-------------+-----------------+--------------+ | cephrgw | | X | | X | | | +----------------+-------------+-------------+-------------+-------------+-----------------+--------------+ | tacker | X | | | | | | +----------------+-------------+-------------+-------------+-------------+-----------------+--------------+ | congress | X | | | | | | +----------------+-------------+-------------+-------------+-------------+-----------------+--------------+ | cephmds | | | | X | | | +----------------+-------------+-------------+-------------+-------------+-----------------+--------------+ | manila | | | | X | | | +----------------+-------------+-------------+-------------+-------------+-----------------+--------------+ | collectd | X | | | | | | +----------------+-------------+-------------+-------------+-------------+-----------------+--------------+ | fluentd | X | | | | | | +----------------+-------------+-------------+-------------+-------------+-----------------+--------------+ | sensu-client | X | | | | | | +----------------+-------------+-------------+-------------+-------------+-----------------+--------------+