From 63fb0c74fcb0adf4cd3b0b2b5d30e34e29a58796 Mon Sep 17 00:00:00 2001 From: Tomas Sedovic Date: Fri, 27 Oct 2017 17:27:51 +0200 Subject: Remove the extra roles The `openstack-stack` role is now under `openshift_openstack` and the `openstack-create-cinder-registry` one will be added there, later. --- roles/openstack-stack/templates/heat_stack.yaml.j2 | 888 --------------------- 1 file changed, 888 deletions(-) delete mode 100644 roles/openstack-stack/templates/heat_stack.yaml.j2 (limited to 'roles/openstack-stack/templates/heat_stack.yaml.j2') diff --git a/roles/openstack-stack/templates/heat_stack.yaml.j2 b/roles/openstack-stack/templates/heat_stack.yaml.j2 deleted file mode 100644 index 2359842a5..000000000 --- a/roles/openstack-stack/templates/heat_stack.yaml.j2 +++ /dev/null @@ -1,888 +0,0 @@ -heat_template_version: 2016-10-14 - -description: OpenShift cluster - -parameters: - -outputs: - - etcd_names: - description: Name of the etcds - value: { get_attr: [ etcd, name ] } - - etcd_ips: - description: IPs of the etcds - value: { get_attr: [ etcd, private_ip ] } - - etcd_floating_ips: - description: Floating IPs of the etcds - value: { get_attr: [ etcd, floating_ip ] } - - master_names: - description: Name of the masters - value: { get_attr: [ masters, name ] } - - master_ips: - description: IPs of the masters - value: { get_attr: [ masters, private_ip ] } - - master_floating_ips: - description: Floating IPs of the masters - value: { get_attr: [ masters, floating_ip ] } - - node_names: - description: Name of the nodes - value: { get_attr: [ compute_nodes, name ] } - - node_ips: - description: IPs of the nodes - value: { get_attr: [ compute_nodes, private_ip ] } - - node_floating_ips: - description: Floating IPs of the nodes - value: { get_attr: [ compute_nodes, floating_ip ] } - - infra_names: - description: Name of the nodes - value: { get_attr: [ infra_nodes, name ] } - - infra_ips: - description: IPs of the nodes - value: { get_attr: [ infra_nodes, private_ip ] } - - infra_floating_ips: - description: Floating IPs of the nodes - value: { get_attr: [ infra_nodes, floating_ip ] } - -{% if num_dns|int > 0 %} - dns_name: - description: Name of the DNS - value: - get_attr: - - dns - - name - - dns_floating_ips: - description: Floating IPs of the DNS - value: { get_attr: [ dns, floating_ip ] } - - dns_private_ips: - description: Private IPs of the DNS - value: { get_attr: [ dns, private_ip ] } -{% endif %} - -conditions: - no_floating: {% if provider_network or use_bastion|bool %}true{% else %}false{% endif %} - -resources: - -{% if not provider_network %} - net: - type: OS::Neutron::Net - properties: - name: - str_replace: - template: openshift-ansible-cluster_id-net - params: - cluster_id: {{ stack_name }} - - subnet: - type: OS::Neutron::Subnet - properties: - name: - str_replace: - template: openshift-ansible-cluster_id-subnet - params: - cluster_id: {{ stack_name }} - network: { get_resource: net } - cidr: - str_replace: - template: subnet_24_prefix.0/24 - params: - subnet_24_prefix: {{ subnet_prefix }} - allocation_pools: - - start: - str_replace: - template: subnet_24_prefix.3 - params: - subnet_24_prefix: {{ subnet_prefix }} - end: - str_replace: - template: subnet_24_prefix.254 - params: - subnet_24_prefix: {{ subnet_prefix }} - dns_nameservers: -{% for nameserver in dns_nameservers %} - - {{ nameserver }} -{% endfor %} - -{% if openshift_use_flannel|default(False)|bool %} - data_net: - type: OS::Neutron::Net - properties: - name: openshift-ansible-{{ stack_name }}-data-net - port_security_enabled: false - - data_subnet: - type: OS::Neutron::Subnet - properties: - name: openshift-ansible-{{ stack_name }}-data-subnet - network: { get_resource: data_net } - cidr: {{ osm_cluster_network_cidr|default('10.128.0.0/14') }} - gateway_ip: null -{% endif %} - - router: - type: OS::Neutron::Router - properties: - name: - str_replace: - template: openshift-ansible-cluster_id-router - params: - cluster_id: {{ stack_name }} - external_gateway_info: - network: {{ external_network }} - - interface: - type: OS::Neutron::RouterInterface - properties: - router_id: { get_resource: router } - subnet_id: { get_resource: subnet } - -{% endif %} - -# keypair: -# type: OS::Nova::KeyPair -# properties: -# name: -# str_replace: -# template: openshift-ansible-cluster_id-keypair -# params: -# cluster_id: {{ stack_name }} -# public_key: {{ ssh_public_key }} - - common-secgrp: - type: OS::Neutron::SecurityGroup - properties: - name: - str_replace: - template: openshift-ansible-cluster_id-common-secgrp - params: - cluster_id: {{ stack_name }} - description: - str_replace: - template: Basic ssh/icmp security group for cluster_id OpenShift cluster - params: - cluster_id: {{ stack_name }} - rules: - - direction: ingress - protocol: tcp - port_range_min: 22 - port_range_max: 22 - remote_ip_prefix: {{ ssh_ingress_cidr }} -{% if use_bastion|bool %} - - direction: ingress - protocol: tcp - port_range_min: 22 - port_range_max: 22 - remote_ip_prefix: {{ bastion_ingress_cidr }} -{% endif %} - - direction: ingress - protocol: icmp - remote_ip_prefix: {{ ssh_ingress_cidr }} - -{% if openstack_flat_secgrp|default(False)|bool %} - flat-secgrp: - type: OS::Neutron::SecurityGroup - properties: - name: - str_replace: - template: openshift-ansible-cluster_id-flat-secgrp - params: - cluster_id: {{ stack_name }} - description: - str_replace: - template: Security group for cluster_id OpenShift cluster - params: - cluster_id: {{ stack_name }} - rules: - - direction: ingress - protocol: tcp - port_range_min: 4001 - port_range_max: 4001 - - direction: ingress - protocol: tcp - port_range_min: {{ openshift_master_api_port|default(8443) }} - port_range_max: {{ openshift_master_api_port|default(8443) }} - - direction: ingress - protocol: tcp - port_range_min: {{ openshift_master_console_port|default(8443) }} - port_range_max: {{ openshift_master_console_port|default(8443) }} - - direction: ingress - protocol: tcp - port_range_min: 8053 - port_range_max: 8053 - - direction: ingress - protocol: udp - port_range_min: 8053 - port_range_max: 8053 - - direction: ingress - protocol: tcp - port_range_min: 24224 - port_range_max: 24224 - - direction: ingress - protocol: udp - port_range_min: 24224 - port_range_max: 24224 - - direction: ingress - protocol: tcp - port_range_min: 2224 - port_range_max: 2224 - - direction: ingress - protocol: udp - port_range_min: 5404 - port_range_max: 5405 - - direction: ingress - protocol: tcp - port_range_min: 9090 - port_range_max: 9090 - - direction: ingress - protocol: tcp - port_range_min: 2379 - port_range_max: 2380 - remote_mode: remote_group_id - - direction: ingress - protocol: tcp - port_range_min: 10250 - port_range_max: 10250 - remote_mode: remote_group_id - - direction: ingress - protocol: udp - port_range_min: 10250 - port_range_max: 10250 - remote_mode: remote_group_id - - direction: ingress - protocol: tcp - port_range_min: 10255 - port_range_max: 10255 - remote_mode: remote_group_id - - direction: ingress - protocol: udp - port_range_min: 10255 - port_range_max: 10255 - remote_mode: remote_group_id - - direction: ingress - protocol: udp - port_range_min: 4789 - port_range_max: 4789 - remote_mode: remote_group_id - - direction: ingress - protocol: tcp - port_range_min: 30000 - port_range_max: 32767 - remote_ip_prefix: {{ node_ingress_cidr }} - - direction: ingress - protocol: tcp - port_range_min: 30000 - port_range_max: 32767 - remote_ip_prefix: "{{ openstack_subnet_prefix }}.0/24" -{% else %} - master-secgrp: - type: OS::Neutron::SecurityGroup - properties: - name: - str_replace: - template: openshift-ansible-cluster_id-master-secgrp - params: - cluster_id: {{ stack_name }} - description: - str_replace: - template: Security group for cluster_id OpenShift cluster master - params: - cluster_id: {{ stack_name }} - rules: - - direction: ingress - protocol: tcp - port_range_min: 4001 - port_range_max: 4001 - - direction: ingress - protocol: tcp - port_range_min: {{ openshift_master_api_port|default(8443) }} - port_range_max: {{ openshift_master_api_port|default(8443) }} - - direction: ingress - protocol: tcp - port_range_min: {{ openshift_master_console_port|default(8443) }} - port_range_max: {{ openshift_master_console_port|default(8443) }} - - direction: ingress - protocol: tcp - port_range_min: 8053 - port_range_max: 8053 - - direction: ingress - protocol: udp - port_range_min: 8053 - port_range_max: 8053 - - direction: ingress - protocol: tcp - port_range_min: 24224 - port_range_max: 24224 - - direction: ingress - protocol: udp - port_range_min: 24224 - port_range_max: 24224 - - direction: ingress - protocol: tcp - port_range_min: 2224 - port_range_max: 2224 - - direction: ingress - protocol: udp - port_range_min: 5404 - port_range_max: 5405 - - direction: ingress - protocol: tcp - port_range_min: 9090 - port_range_max: 9090 -{% if openshift_use_flannel|default(False)|bool %} - - direction: ingress - protocol: tcp - port_range_min: 2379 - port_range_max: 2379 -{% endif %} - - etcd-secgrp: - type: OS::Neutron::SecurityGroup - properties: - name: - str_replace: - template: openshift-ansible-cluster_id-etcd-secgrp - params: - cluster_id: {{ stack_name }} - description: - str_replace: - template: Security group for cluster_id etcd cluster - params: - cluster_id: {{ stack_name }} - rules: - - direction: ingress - protocol: tcp - port_range_min: 2379 - port_range_max: 2379 - remote_mode: remote_group_id - remote_group_id: { get_resource: master-secgrp } - - direction: ingress - protocol: tcp - port_range_min: 2380 - port_range_max: 2380 - remote_mode: remote_group_id - - node-secgrp: - type: OS::Neutron::SecurityGroup - properties: - name: - str_replace: - template: openshift-ansible-cluster_id-node-secgrp - params: - cluster_id: {{ stack_name }} - description: - str_replace: - template: Security group for cluster_id OpenShift cluster nodes - params: - cluster_id: {{ stack_name }} - rules: - - direction: ingress - protocol: tcp - port_range_min: 10250 - port_range_max: 10250 - remote_mode: remote_group_id - - direction: ingress - protocol: tcp - port_range_min: 10255 - port_range_max: 10255 - remote_mode: remote_group_id - - direction: ingress - protocol: udp - port_range_min: 10255 - port_range_max: 10255 - remote_mode: remote_group_id - - direction: ingress - protocol: udp - port_range_min: 4789 - port_range_max: 4789 - remote_mode: remote_group_id - - direction: ingress - protocol: tcp - port_range_min: 30000 - port_range_max: 32767 - remote_ip_prefix: {{ node_ingress_cidr }} - - direction: ingress - protocol: tcp - port_range_min: 30000 - port_range_max: 32767 - remote_ip_prefix: "{{ openstack_subnet_prefix }}.0/24" -{% endif %} - - infra-secgrp: - type: OS::Neutron::SecurityGroup - properties: - name: - str_replace: - template: openshift-ansible-cluster_id-infra-secgrp - params: - cluster_id: {{ stack_name }} - description: - str_replace: - template: Security group for cluster_id OpenShift infrastructure cluster nodes - params: - cluster_id: {{ stack_name }} - rules: - - direction: ingress - protocol: tcp - port_range_min: 80 - port_range_max: 80 - - direction: ingress - protocol: tcp - port_range_min: 443 - port_range_max: 443 - -{% if num_dns|int > 0 %} - dns-secgrp: - type: OS::Neutron::SecurityGroup - properties: - name: - str_replace: - template: openshift-ansible-cluster_id-dns-secgrp - params: - cluster_id: {{ stack_name }} - description: - str_replace: - template: Security group for cluster_id cluster DNS - params: - cluster_id: {{ stack_name }} - rules: - - direction: ingress - protocol: udp - port_range_min: 53 - port_range_max: 53 - remote_ip_prefix: {{ node_ingress_cidr }} - - direction: ingress - protocol: udp - port_range_min: 53 - port_range_max: 53 - remote_ip_prefix: "{{ openstack_subnet_prefix }}.0/24" - - direction: ingress - protocol: tcp - port_range_min: 53 - port_range_max: 53 - remote_ip_prefix: {{ node_ingress_cidr }} - - direction: ingress - protocol: tcp - port_range_min: 53 - port_range_max: 53 - remote_ip_prefix: "{{ openstack_subnet_prefix }}.0/24" -{% endif %} - -{% if num_masters|int > 1 or ui_ssh_tunnel|bool %} - lb-secgrp: - type: OS::Neutron::SecurityGroup - properties: - name: openshift-ansible-{{ stack_name }}-lb-secgrp - description: Security group for {{ stack_name }} cluster Load Balancer - rules: - - direction: ingress - protocol: tcp - port_range_min: {{ openshift_master_api_port | default(8443) }} - port_range_max: {{ openshift_master_api_port | default(8443) }} - remote_ip_prefix: {{ lb_ingress_cidr | default(bastion_ingress_cidr) }} -{% if ui_ssh_tunnel|bool %} - - direction: ingress - protocol: tcp - port_range_min: {{ openshift_master_api_port | default(8443) }} - port_range_max: {{ openshift_master_api_port | default(8443) }} - remote_ip_prefix: {{ ssh_ingress_cidr }} -{% endif %} -{% if openshift_master_console_port is defined and openshift_master_console_port != openshift_master_api_port %} - - direction: ingress - protocol: tcp - port_range_min: {{ openshift_master_console_port | default(8443) }} - port_range_max: {{ openshift_master_console_port | default(8443) }} - remote_ip_prefix: {{ lb_ingress_cidr | default(bastion_ingress_cidr) }} -{% endif %} -{% endif %} - - etcd: - type: OS::Heat::ResourceGroup - properties: - count: {{ num_etcd }} - resource_def: - type: server.yaml - properties: - name: - str_replace: - template: k8s_type-%index%.cluster_id - params: - cluster_id: {{ stack_name }} - k8s_type: {{ etcd_hostname | default('etcd') }} - cluster_env: {{ public_dns_domain }} - cluster_id: {{ stack_name }} - group: - str_replace: - template: k8s_type.cluster_id - params: - k8s_type: etcds - cluster_id: {{ stack_name }} - type: etcd - image: {{ openstack_etcd_image | default(openstack_image) }} - flavor: {{ etcd_flavor }} - key_name: {{ ssh_public_key }} -{% if provider_network %} - net: {{ provider_network }} - net_name: {{ provider_network }} -{% else %} - net: { get_resource: net } - subnet: { get_resource: subnet } - net_name: - str_replace: - template: openshift-ansible-cluster_id-net - params: - cluster_id: {{ stack_name }} -{% endif %} - secgrp: - - { get_resource: {% if openstack_flat_secgrp|default(False)|bool %}flat-secgrp{% else %}etcd-secgrp{% endif %} } - - { get_resource: common-secgrp } - floating_network: - if: - - no_floating - - null - - {{ external_network }} -{% if use_bastion|bool or provider_network %} - attach_float_net: false -{% endif %} - volume_size: {{ etcd_volume_size }} -{% if not provider_network %} - depends_on: - - interface -{% endif %} - -{% if master_server_group_policies|length > 0 %} - master_server_group: - type: OS::Nova::ServerGroup - properties: - name: master_server_group - policies: {{ master_server_group_policies }} -{% endif %} -{% if infra_server_group_policies|length > 0 %} - infra_server_group: - type: OS::Nova::ServerGroup - properties: - name: infra_server_group - policies: {{ infra_server_group_policies }} -{% endif %} -{% if num_masters|int > 1 %} - loadbalancer: - type: OS::Heat::ResourceGroup - properties: - count: 1 - resource_def: - type: server.yaml - properties: - name: - str_replace: - template: k8s_type-%index%.cluster_id - params: - cluster_id: {{ stack_name }} - k8s_type: {{ lb_hostname | default('lb') }} - cluster_env: {{ public_dns_domain }} - cluster_id: {{ stack_name }} - group: - str_replace: - template: k8s_type.cluster_id - params: - k8s_type: lb - cluster_id: {{ stack_name }} - type: lb - image: {{ openstack_lb_image | default(openstack_image) }} - flavor: {{ lb_flavor }} - key_name: {{ ssh_public_key }} -{% if provider_network %} - net: {{ provider_network }} - net_name: {{ provider_network }} -{% else %} - net: { get_resource: net } - subnet: { get_resource: subnet } - net_name: - str_replace: - template: openshift-ansible-cluster_id-net - params: - cluster_id: {{ stack_name }} -{% endif %} - secgrp: - - { get_resource: lb-secgrp } - - { get_resource: common-secgrp } -{% if not provider_network %} - floating_network: {{ external_network }} -{% endif %} - volume_size: {{ lb_volume_size }} -{% if not provider_network %} - depends_on: - - interface -{% endif %} -{% endif %} - - masters: - type: OS::Heat::ResourceGroup - properties: - count: {{ num_masters }} - resource_def: - type: server.yaml - properties: - name: - str_replace: - template: k8s_type-%index%.cluster_id - params: - cluster_id: {{ stack_name }} - k8s_type: {{ master_hostname | default('master')}} - cluster_env: {{ public_dns_domain }} - cluster_id: {{ stack_name }} - group: - str_replace: - template: k8s_type.cluster_id - params: - k8s_type: masters - cluster_id: {{ stack_name }} - type: master - image: {{ openstack_master_image | default(openstack_image) }} - flavor: {{ master_flavor }} - key_name: {{ ssh_public_key }} -{% if provider_network %} - net: {{ provider_network }} - net_name: {{ provider_network }} -{% else %} - net: { get_resource: net } - subnet: { get_resource: subnet } - net_name: - str_replace: - template: openshift-ansible-cluster_id-net - params: - cluster_id: {{ stack_name }} -{% if openshift_use_flannel|default(False)|bool %} - attach_data_net: true - data_net: { get_resource: data_net } - data_subnet: { get_resource: data_subnet } -{% endif %} -{% endif %} - secgrp: -{% if openstack_flat_secgrp|default(False)|bool %} - - { get_resource: flat-secgrp } -{% else %} - - { get_resource: master-secgrp } - - { get_resource: node-secgrp } -{% if num_etcd|int == 0 %} - - { get_resource: etcd-secgrp } -{% endif %} -{% endif %} - - { get_resource: common-secgrp } - floating_network: - if: - - no_floating - - null - - {{ external_network }} -{% if use_bastion|bool or provider_network %} - attach_float_net: false -{% endif %} - volume_size: {{ master_volume_size }} -{% if master_server_group_policies|length > 0 %} - scheduler_hints: - group: { get_resource: master_server_group } -{% endif %} -{% if not provider_network %} - depends_on: - - interface -{% endif %} - - compute_nodes: - type: OS::Heat::ResourceGroup - properties: - count: {{ num_nodes }} - removal_policies: - - resource_list: {{ nodes_to_remove }} - resource_def: - type: server.yaml - properties: - name: - str_replace: - template: sub_type_k8s_type-%index%.cluster_id - params: - cluster_id: {{ stack_name }} - sub_type_k8s_type: {{ node_hostname | default('app-node') }} - cluster_env: {{ public_dns_domain }} - cluster_id: {{ stack_name }} - group: - str_replace: - template: k8s_type.cluster_id - params: - k8s_type: nodes - cluster_id: {{ stack_name }} - type: node - subtype: app - node_labels: -{% for k, v in openshift_cluster_node_labels.app.iteritems() %} - {{ k|e }}: {{ v|e }} -{% endfor %} - image: {{ openstack_node_image | default(openstack_image) }} - flavor: {{ node_flavor }} - key_name: {{ ssh_public_key }} -{% if provider_network %} - net: {{ provider_network }} - net_name: {{ provider_network }} -{% else %} - net: { get_resource: net } - subnet: { get_resource: subnet } - net_name: - str_replace: - template: openshift-ansible-cluster_id-net - params: - cluster_id: {{ stack_name }} -{% if openshift_use_flannel|default(False)|bool %} - attach_data_net: true - data_net: { get_resource: data_net } - data_subnet: { get_resource: data_subnet } -{% endif %} -{% endif %} - secgrp: - - { get_resource: {% if openstack_flat_secgrp|default(False)|bool %}flat-secgrp{% else %}node-secgrp{% endif %} } - - { get_resource: common-secgrp } - floating_network: - if: - - no_floating - - null - - {{ external_network }} -{% if use_bastion|bool or provider_network %} - attach_float_net: false -{% endif %} - volume_size: {{ node_volume_size }} -{% if not provider_network %} - depends_on: - - interface -{% endif %} - - infra_nodes: - type: OS::Heat::ResourceGroup - properties: - count: {{ num_infra }} - resource_def: - type: server.yaml - properties: - name: - str_replace: - template: sub_type_k8s_type-%index%.cluster_id - params: - cluster_id: {{ stack_name }} - sub_type_k8s_type: {{ infra_hostname | default('infranode') }} - cluster_env: {{ public_dns_domain }} - cluster_id: {{ stack_name }} - group: - str_replace: - template: k8s_type.cluster_id - params: - k8s_type: infra - cluster_id: {{ stack_name }} - type: node - subtype: infra - node_labels: -{% for k, v in openshift_cluster_node_labels.infra.iteritems() %} - {{ k|e }}: {{ v|e }} -{% endfor %} - image: {{ openstack_infra_image | default(openstack_image) }} - flavor: {{ infra_flavor }} - key_name: {{ ssh_public_key }} -{% if provider_network %} - net: {{ provider_network }} - net_name: {{ provider_network }} -{% else %} - net: { get_resource: net } - subnet: { get_resource: subnet } - net_name: - str_replace: - template: openshift-ansible-cluster_id-net - params: - cluster_id: {{ stack_name }} -{% if openshift_use_flannel|default(False)|bool %} - attach_data_net: true - data_net: { get_resource: data_net } - data_subnet: { get_resource: data_subnet } -{% endif %} -{% endif %} - secgrp: -# TODO(bogdando) filter only required node rules into infra-secgrp -{% if openstack_flat_secgrp|default(False)|bool %} - - { get_resource: flat-secgrp } -{% else %} - - { get_resource: node-secgrp } -{% endif %} -{% if ui_ssh_tunnel|bool and num_masters|int < 2 %} - - { get_resource: lb-secgrp } -{% endif %} - - { get_resource: infra-secgrp } - - { get_resource: common-secgrp } -{% if not provider_network %} - floating_network: {{ external_network }} -{% endif %} - volume_size: {{ infra_volume_size }} -{% if infra_server_group_policies|length > 0 %} - scheduler_hints: - group: { get_resource: infra_server_group } -{% endif %} -{% if not provider_network %} - depends_on: - - interface -{% endif %} - -{% if num_dns|int > 0 %} - dns: - type: OS::Heat::ResourceGroup - properties: - count: {{ num_dns }} - resource_def: - type: server.yaml - properties: - name: - str_replace: - template: k8s_type-%index%.cluster_id - params: - cluster_id: {{ stack_name }} - k8s_type: {{ dns_hostname | default('dns') }} - cluster_env: {{ public_dns_domain }} - cluster_id: {{ stack_name }} - group: - str_replace: - template: k8s_type.cluster_id - params: - k8s_type: dns - cluster_id: {{ stack_name }} - type: dns - image: {{ openstack_dns_image | default(openstack_image) }} - flavor: {{ dns_flavor }} - key_name: {{ ssh_public_key }} -{% if provider_network %} - net: {{ provider_network }} - net_name: {{ provider_network }} -{% else %} - net: { get_resource: net } - subnet: { get_resource: subnet } - net_name: - str_replace: - template: openshift-ansible-cluster_id-net - params: - cluster_id: {{ stack_name }} -{% endif %} - secgrp: - - { get_resource: dns-secgrp } - - { get_resource: common-secgrp } -{% if not provider_network %} - floating_network: {{ external_network }} -{% endif %} - volume_size: {{ dns_volume_size }} -{% if not provider_network %} - depends_on: - - interface -{% endif %} -{% endif %} -- cgit v1.2.3