Updating tripleo-heat-templates¶
This section will describe the changes needed for tripleo-heat-templates.
Folder structure convention for tripleo-heat-templates¶
Services should be defined in the services folder, depending on the service purpose.
puppet
services ---> To host all services.
<service type> ---> Folder to store a specific type services (If time, will store time based services like: NTP, timezone, Chrony among others).
<service name>.yaml ---> Heat template defining per-service configuration.
<service name>-base.yaml ---> Heat template defining common service configuration.
Note
No puppet manifests may be defined in the THT repository, they should go to the puppet-tripleo repository instead.
Note
The use of a base heat template (<service>-base.yaml) is necessary in cases where a given ‘service’ (e.g. “heat”) is comprised of a number of individual component services (e.g. heat-api, heat-engine) which need to share some of the base configuration (such as rabbit credentials). Using a base template in those cases means we don’t need to duplicate that configuration. Refer to: https://review.opendev.org/#/c/313577/ for further details. Also, refer to Duplicated parameters for an use-case description.
Changes list¶
The list of changes in THT are:
If there is any configuration of the given feature/service in any of the
tripleo-heat-templates/puppet/manifests/*.pp
files, then this will need to be removed and migrated to the puppet-tripleo repository.Create a service type specific folder in the root services folder (
deployment/time
).Create a heat template for the service inside the deployment/time folder (
deployment/time/ntp-baremetal-puppet.yaml
).Optionally, create a common heat template to reuse common configuration data, which is referenced from each per-service heat template.
Step 1 - Updating puppet references¶
Remove all puppet references for the composable service from the current manifests (*.pp). All the puppet logic will live in the puppet-tripleo repository based on a configuration step, so it is mandatory to remove all the puppet references from tripleo-heat-templates.
The updated .pp files for the NTP example were:
puppet/manifests/overcloud_cephstorage.pp
puppet/manifests/overcloud_compute.pp
puppet/manifests/overcloud_controller.pp
puppet/manifests/overcloud_controller_pacemaker.pp
puppet/manifests/overcloud_object.pp
puppet/manifests/overcloud_volume.pp
Step 2 - overcloud-resource-registry-puppet.j2.yaml resource registry changes¶
The resource OS::TripleO::Services::Timesync
must be defined in the resource
registry (overcloud-resource-registry-puppet.j2.yaml
)
Create a new resource type alias which references the per-service heat template file, as described above.
By updating the resource registry we are forcing to use a nested template to configure our resources. In the example case the created resource (OS::TripleO::Services::Timesync), will point to the corresponding service yaml file (deployment/time/ntp-baremetal-puppet.yaml).
Step 3 - roles_data.yaml initial changes¶
The default roles are defined here. They are then iterated and the respective values of each section are rendered into the overcloud.j2.yaml.
Mandatory services should be added to the roles’ ServicesDefault value, which defines all the services enabled by default in the role(s).
From roles_data.yaml
find:
- name: Controller
CountDefault: 1
ServicesDefault:
- OS::TripleO::Services::CACerts
- OS::TripleO::Services::CertmongerUser
- OS::TripleO::Services::CephMds
- OS::TripleO::Services::Keystone
- OS::TripleO::Services::GlanceApi
- OS::TripleO::Services::GlanceRegistry
...
- OS::TripleO::Services::Timesync ---> New service deployed in the controller overcloud
Update this section with your new service to be deployed to the controllers in the overcloud.
These values will be used by the controller roles’ ServiceChain resource as follows:
{% for role in roles %}
# Resources generated for {{role.name}} Role
{{role.name}}ServiceChain:
type: OS::TripleO::Services
properties:
Services:
get_param: {{role.name}}Services
ServiceNetMap: {get_attr: [ServiceNetMap, service_net_map]}
EndpointMap: {get_attr: [EndpointMap, endpoint_map]}
...
{% endfor %}
THT changes for all the different roles are covered in:
https://review.opendev.org/#/c/310421/ (tripleo-heat-templates controller)
https://review.opendev.org/#/c/330916/ (tripleo-heat-templates compute)
https://review.opendev.org/#/c/330921/ (tripleo-heat-templates cephstorage)
https://review.opendev.org/#/c/330923/ (tripleo-heat-templates objectstorage)
Note
In the case of the controller services, they are defined as part of the roles’ ServiceChain resource. If it is needed to add optional services, they need to be appended to the current services list defined by the default value of the role’s ServicesDefault parameter.
Step 4 - Create the services yaml files¶
Create: deployment/time/ntp-baremetal-puppet.yaml
This file will have all the configuration details for the service to be configured.
heat_template_version: rocky
description: >
NTP service deployment using puppet, this YAML file
creates the interface between the HOT template
and the puppet manifest that actually installs
and configure NTP.
parameters:
EndpointMap:
default: {}
description: Mapping of service endpoint -> protocol. Typically set
via parameter_defaults in the resource registry.
type: json
NtpServers:
default: ['0.pool.ntp.org', '1.pool.ntp.org']
description: NTP servers
type: comma_delimited_list
NtpInterfaces:
default: ['0.0.0.0']
description: Listening interfaces
type: comma_delimited_list
outputs:
role_data:
description: Role ntp using composable services.
value:
config_settings:
ntp::ntpservers: {get_param: NtpServers}
ntp::ntpinterfaces: {get_param: NtpInterfaces}
step_config: |
include ::tripleo::profile::base::time::ntp
Note
All role-specific parameters have to be tagged:
ExampleParameter:
description: This is an example.
type: json
default: {}
tags:
- role_specific
Note
It is required for all service templates to accept the EndpointMap parameter, all other parameters are optional and may be defined per-service. Care should be taken to avoid naming collisions between service parameters, e.g via using the service name as a prefix, “Ntp” in this example.
Service templates should output a role_data value, which is a mapping containing “config_settings” which is a mapping of hiera key/value pairs required to configure the service, and “step_config”, which is a puppet manifest fragment that references the puppet-tripleo profile that configures the service.
If it is needed, the templates can be decomposed to remove duplicated parameters among different deployment environments (i.e. using pacemaker). To do this see section Duplicated parameters.
If your service has configuration that affects another service and should only be run on nodes (roles) that contain that service, you can use “service_config_settings”. You then have to specify the hieradata inside this section by using the name of the service as the key. So, if you want to output hieradata related to your service, on nodes that deploy keystone, you would do this:
role_data:
...
step_config:
...
...
service_config_settings:
keystone:
# Here goes the hieradata
This is useful for things such as creating the keystone endpoints for your service, since one usually wants these commands to only be run on the keystone node.