blob: 7e0006fee88de7ef19b03460d2894eee36157415 [file] [log] [blame]
{%- set default_params = {
'cacert_file': salt['grains.filter_by']({
'Debian': '/etc/ssl/certs/ca-certificates.crt',
'RedHat': '/etc/pki/tls/certs/ca-bundle.crt'
})}
%}
# TODO(vsaienko) add more drivers settings when they are templatized
{% set compute_driver_mapping = {
'vmwareapi.VMwareVCDriver': 'vmware',
} %}
{% set compute_bind_defaults = {
'vnc_address': '10.0.0.10',
'vnc_port': '6080',
'vnc_name': 'cloud.domain.com',
'vnc_protocol': 'http',
} %}
{%- if grains.os_family == "Debian" %}
{%- set pkgs_list = [ 'nova-common', 'nova-consoleproxy', 'novnc', 'nova-api', 'nova-conductor', 'nova-consoleauth', 'nova-doc', 'nova-scheduler', 'python-novaclient', 'python-memcache', 'gettext-base', 'python-pycadf'] %}
{%- set services_list = ['nova-conductor', 'nova-api', 'nova-consoleauth', 'nova-scheduler', 'nova-novncproxy'] %}
{%- if pillar.nova.controller is defined and pillar.nova.controller.get('version',{}) in ["juno", "kilo", "liberty", "mitaka"] %}
{%- do pkgs_list.append('nova-cert') %}
{%- do services_list.append('nova-cert') %}
{%- endif %}
{%- endif %}
{%- if grains.os_family == "RedHat" %}
{%- set pkgs_list = ['openstack-nova-novncproxy', 'python-nova', 'openstack-nova-api', 'openstack-nova-console', 'openstack-nova-scheduler', 'python-novaclient', 'openstack-nova-common', 'openstack-nova-conductor', 'python-pycadf'] %}
{%- set services_list = ['openstack-nova-conductor', 'openstack-nova-api', 'openstack-nova-consoleauth', 'openstack-nova-scheduler', 'openstack-nova-novncproxy'] %}
{%- if pillar.nova.controller is defined and pillar.nova.controller.get('version',{}) in ["juno", "kilo", "liberty", "mitaka", "newton", "ocata"] %}
{%- do pkgs_list.append('openstack-nova-cert') %}
{%- do services_list.append('openstack-nova-cert') %}
{%- endif %}
{%- endif %}
{% set controller = salt['grains.filter_by']({
'BaseDefaults': default_params,
'Debian': {
'pkgs': pkgs_list,
'services': services_list,
'debug': false,
'notification': false,
'cors': {},
'audit': {
'enabled': false
},
'logging': {
'app_name': 'nova',
'log_appender': false,
'log_handlers': {
'watchedfile': {
'enabled': true
}
}
},
'novncproxy': {
'tls': {
'enabled': false,
'server': {
'key_file': '/etc/pki/nova-novncproxy/server-key.pem',
'cert_file': '/etc/pki/nova-novncproxy/server-cert.pem',
}
},
'vencrypt': {
'tls': {
'enabled': false,
'key_file': '/etc/pki/nova-novncproxy/client-key.pem',
'cert_file': '/etc/pki/nova-novncproxy/client-cert.pem',
'ca_file': '/etc/pki/nova-novncproxy/ca-cert.pem',
}
}
},
},
'RedHat': {
'pkgs': pkgs_list,
'services': services_list,
'debug': false,
'notification': false,
'cors': {},
'audit': {
'enabled': false
},
'logging': {
'app_name': 'nova',
'log_appender': false,
'log_handlers': {
'watchedfile': {
'enabled': true
}
}
},
'novncproxy': {
'tls': {
'enabled': false,
'server': {
'key_file': '/etc/pki/nova-novncproxy/server-key.pem',
'cert_file': '/etc/pki/nova-novncproxy/server-cert.pem',
}
},
'vencrypt': {
'tls': {
'enabled': false,
'key_file': '/etc/pki/nova-novncproxy/client-key.pem',
'cert_file': '/etc/pki/nova-novncproxy/client-cert.pem',
'ca_file': '/etc/pki/nova-novncproxy/ca-cert.pem',
}
}
},
},
}, merge=pillar.nova.get('controller', {}), base='BaseDefaults') %}
{% set upgrade = pillar.get('nova', {}).get('upgrade', {}) %}
{% set pin_level = 'auto' %}
{% set upgrade_levels = salt['grains.filter_by']({
'Debian': {
'upgrade_levels': {
'compute': pin_level,
'cells': pin_level,
'intercell': pin_level,
'cert': pin_level,
'scheduler': pin_level,
'conductor': pin_level,
'console': pin_level,
'consoleauth': pin_level,
'network': pin_level,
'baseapi': pin_level,
},
},
'RedHat': {
'upgrade_levels': {
'compute': pin_level,
'cells': pin_level,
'intercell': pin_level,
'cert': pin_level,
'scheduler': pin_level,
'conductor': pin_level,
'console': pin_level,
'consoleauth': pin_level,
'network': pin_level,
'baseapi': pin_level,
},
},
}) %}
{% set client = salt['grains.filter_by']({
'Debian': {
'pkgs': ['python-novaclient']
},
'RedHat': {
'pkgs': ['python-novaclient']
},
}, merge=pillar.nova.get('client', {})) %}
{% set compute_network = salt['grains.filter_by']({
'default': {
'dpdk': {
'enabled': false,
},
'openvswitch': {
'vhost_socket_dir': {
'name': 'openvswitch-vhost',
'path': '/run/openvswitch-vhost',
},
},
'region': 'RegionOne',
},
}, merge=salt['pillar.get']('linux:network'), base='default') %}
{%- load_yaml as compute_defaults %}
BaseDefaults: {{ default_params }}
Debian:
pkgs:
- nova-common
- nova-compute-kvm
- python-novaclient
- pm-utils
- sysfsutils
- sg3-utils
- libvirt-bin
- python-memcache
- qemu-kvm
- python-guestfs
- gettext-base
services:
- nova-compute
libvirt_config: libvirtd.conf
{# Since Openstack Pike Libvirt 3.6 package is installed, it requires different file name for environment file #}
{%- if pillar.nova.compute is defined and pillar.nova.compute.version not in ["juno", "kilo", "liberty", "mitaka", "newton", "ocata"] %}
libvirt_bin: "/etc/default/libvirtd"
{%- else %}
libvirt_bin: "/etc/default/libvirt-bin"
{%- endif %}
libvirt_service: libvirt-bin
bind: compute_bind_defaults
debug: false
qemu:
vnc:
tls:
enabled: False
key_file: '/etc/pki/libvirt-vnc/server-key.pem'
cert_file: '/etc/pki/libvirt-vnc/server-cert.pem'
ca_file: '/etc/pki/libvirt-vnc/ca-cert.pem'
cert_dir: '/etc/pki/libvirt-vnc'
libvirt:
inject_partition: '-2'
inject_password: False
tls:
enabled: False
key_file: '/etc/pki/libvirt/private/serverkey.pem'
cert_file: '/etc/pki/libvirt/servercert.pem'
ca_file: '/etc/pki/CA/cacert.pem'
client:
key_file: '/etc/pki/libvirt/private/clientkey.pem'
cert_file: '/etc/pki/libvirt/clientcert.pem'
instances_path: "$state_path/instances"
notification: false
availability_zone:
aggregates: []
cpu_mode: host-passthrough
identity:
region: RegionOne
network: {{ compute_network }}
heal_instance_info_cache_interval: '60'
message_queue:
zmq_linger: 30
logging:
app_name: 'nova'
log_appender: false
log_handlers:
watchedfile:
enabled: true
RedHat:
pkgs:
- openstack-nova-compute
- python-novaclient
- python-nova
- sysfsutils
- sg3_utils
services:
- messagebus
- openstack-nova-compute
- libvirtd
libvirt_config: libvirt.conf
libvirt_bin: "/etc/sysconfig/libvirtd"
libvirt_service: libvirtd
bind: compute_bind_defaults
debug: false
qemu:
vnc:
tls:
enabled: False
key_file: '/etc/pki/libvirt-vnc/server-key.pem'
cert_file: '/etc/pki/libvirt-vnc/server-cert.pem'
ca_file: '/etc/pki/libvirt-vnc/ca-cert.pem'
cert_dir: '/etc/pki/libvirt-vnc'
libvirt:
inject_partition: '-2'
inject_password: False
tls:
enabled: False
key_file: '/etc/pki/libvirt/private/serverkey.pem'
cert_file: '/etc/pki/libvirt/servercert.pem'
ca_file: '/etc/pki/CA/cacert.pem'
client:
key_file: '/etc/pki/libvirt/private/clientkey.pem'
cert_file: '/etc/pki/libvirt/clientcert.pem'
notification: false
availability_zone:
identity:
region: RegionOne
network: {{ compute_network }}
heal_instance_info_cache_interval: '60'
message_queue:
zmq_linger: 30
logging:
app_name: 'nova'
log_appender: false
log_handlers:
watchedfile:
enabled: true
{%- endload %}
{% set compute = salt["grains.filter_by"](compute_defaults, merge=pillar.nova.get("compute", {}), base='BaseDefaults') %}
{%- if pillar.nova.get('upgrade',{}).get('upgrade_enabled',False) %}
{% do compute.update(upgrade_levels) %}
{% do controller.update(upgrade_levels) %}
{%- endif %}
{% set monitoring = salt['grains.filter_by']({
'default': {
'disk': {
'warn': '15%',
'crit': '5%',
},
'error_log_rate': {
'warn': 0.2,
},
'services_failed_warning_threshold_percent': 0.3,
'services_failed_critical_threshold_percent': 0.6,
'computes_failed_warning_threshold_percent': 0.25,
'computes_failed_critical_threshold_percent': 0.5,
'cpu_minor_threshold': 0.85,
'cpu_major_threshold': 0.95,
'ram_major_threshold': 0.85,
'ram_critical_threshold': 0.95,
'disk_major_threshold': 0.85,
'disk_critical_threshold': 0.95,
'endpoint_failed_major_threshold': 0.5,
},
}, grain='os_family', merge=salt['pillar.get']('nova:monitoring')) %}