-# NOTE: This is an environment specific for containers upgrade
-# CI. Mainly we deploy non-pacemakerized overcloud, as at the time
-# being containerization of services managed by pacemaker is not
-# complete, so we deploy and upgrade the non-HA services for now.
-
resource_registry:
OS::TripleO::Controller::Net::SoftwareConfig: ../common/net-config-multinode-os-net-config.yaml
OS::TripleO::Compute::Net::SoftwareConfig: ../common/net-config-multinode-os-net-config.yaml
-
+ OS::TripleO::Services::RabbitMQ: ../../docker/services/pacemaker/rabbitmq.yaml
+ OS::TripleO::Services::HAproxy: ../../docker/services/pacemaker/haproxy.yaml
+ OS::TripleO::Services::Pacemaker: ../../puppet/services/pacemaker.yaml
+ OS::TripleO::Services::PacemakerRemote: ../../puppet/services/pacemaker_remote.yaml
+ OS::TripleO::Services::Clustercheck: ../../docker/services/pacemaker/clustercheck.yaml
+ OS::TripleO::Services::MySQL: ../../docker/services/pacemaker/database/mysql.yaml
+ # TODO(mandre) use the containerized service once we've reintroduced cinder
+ # OS::TripleO::Services::CinderVolume: ../../docker/services/pacemaker/cinder-volume.yaml
+ OS::TripleO::Services::CinderVolume: ../../puppet/services/pacemaker/cinder-volume.yaml
+ OS::TripleO::Services::Keepalived: OS::Heat::None
+ OS::TripleO::Tasks::ControllerPreConfig: OS::Heat::None
+ OS::TripleO::Tasks::ControllerPostConfig: OS::Heat::None
+ OS::TripleO::Tasks::ControllerPostPuppetRestart: ../../extraconfig/tasks/post_puppet_pacemaker_restart.yaml
# Some infra instances don't pass the ping test but are otherwise working.
# Since the OVB jobs also test this functionality we can shut it off here.
OS::TripleO::AllNodes::Validation: ../common/all-nodes-validation-disabled.yaml
- OS::TripleO::Services::NovaMigrationTarget: OS::Heat::None
parameter_defaults:
ControllerServices:
- OS::TripleO::Services::ContainersLogrotateCrond
- OS::TripleO::Services::Snmp
- OS::TripleO::Services::Timezone
- - OS::TripleO::Services::TripleoPackages
- OS::TripleO::Services::NovaCompute
- OS::TripleO::Services::NovaLibvirt
+ - OS::TripleO::Services::Horizon
+ - OS::TripleO::Services::TripleoFirewall
- OS::TripleO::Services::NovaMigrationTarget
- OS::TripleO::Services::Sshd
- OS::TripleO::Services::Iscsid
-# NOTE: This is an environment specific for containers CI. Mainly we
-# deploy non-pacemakerized overcloud. Once we are able to deploy and
-# upgrade pacemakerized and containerized overcloud, we should remove
-# this file and use normal CI multinode environments/scenarios.
-
resource_registry:
OS::TripleO::Controller::Net::SoftwareConfig: ../common/net-config-multinode.yaml
OS::TripleO::Compute::Net::SoftwareConfig: ../common/net-config-multinode.yaml
- # TODO deploy ceph with ceph-ansible: https://review.openstack.org/#/c/465066/
OS::TripleO::Services::CephMon: ../../docker/services/ceph-ansible/ceph-mon.yaml
OS::TripleO::Services::CephOSD: ../../docker/services/ceph-ansible/ceph-osd.yaml
OS::TripleO::Services::CephClient: ../../docker/services/ceph-ansible/ceph-client.yaml
OS::TripleO::Services::PankoApi: ../../docker/services/panko-api.yaml
OS::TripleO::Services::Collectd: ../../docker/services/collectd.yaml
+ # TODO(mandre) fix the tacker service - https://bugs.launchpad.net/tripleo/+bug/1714270
+ # OS::TripleO::Services::Tacker: ../../docker/services/tacker.yaml
+ OS::TripleO::Services::Tacker: ../../puppet/services/tacker.yaml
OS::TripleO::Services::Congress: ../../docker/services/congress.yaml
+ OS::TripleO::Services::RabbitMQ: ../../docker/services/pacemaker/rabbitmq.yaml
+ OS::TripleO::Services::HAproxy: ../../docker/services/pacemaker/haproxy.yaml
+ OS::TripleO::Services::Pacemaker: ../../puppet/services/pacemaker.yaml
+ OS::TripleO::Services::PacemakerRemote: ../../puppet/services/pacemaker_remote.yaml
+ OS::TripleO::Services::Clustercheck: ../../docker/services/pacemaker/clustercheck.yaml
+ OS::TripleO::Services::Redis: ../../docker/services/pacemaker/database/redis.yaml
+ OS::TripleO::Services::MySQL: ../../docker/services/pacemaker/database/mysql.yaml
+ # TODO(mandre) use the containerized service once we've reintroduced cinder
+ # OS::TripleO::Services::CinderBackup: ../../docker/services/pacemaker/cinder-backup.yaml
+ # OS::TripleO::Services::CinderVolume: ../../docker/services/pacemaker/cinder-volume.yaml
+ OS::TripleO::Services::CinderBackup: ../../puppet/services/pacemaker/cinder-backup.yaml
+ OS::TripleO::Services::CinderVolume: ../../puppet/services/pacemaker/cinder-volume.yaml
+ OS::TripleO::Services::Keepalived: OS::Heat::None
+ OS::TripleO::Tasks::ControllerPreConfig: OS::Heat::None
+ OS::TripleO::Tasks::ControllerPostConfig: OS::Heat::None
+ OS::TripleO::Tasks::ControllerPostPuppetRestart: ../../extraconfig/tasks/post_puppet_pacemaker_restart.yaml
# FIXME(mandre) fluentd container image missing from tripleomaster registry
# https://bugs.launchpad.net/tripleo/+bug/1721723
# OS::TripleO::Services::FluentdClient: ../../docker/services/fluentd-client.yaml
- OS::TripleO::Services::FluentdClient: ../../puppet/services/logging/fluentd-client.yaml
+ # FIXME(mandre/bandini) mixing BM fluentd and containers is problematic
+ # https://bugs.launchpad.net/tripleo/+bug/1726891
+ # OS::TripleO::Services::FluentdClient: ../../puppet/services/logging/fluentd-client.yaml
OS::TripleO::Services::SensuClient: ../../docker/services/sensu-client.yaml
# Some infra instances don't pass the ping test but are otherwise working.
# Since the OVB jobs also test this functionality we can shut it off here.
OS::TripleO::AllNodes::Validation: ../common/all-nodes-validation-disabled.yaml
- OS::TripleO::Services::NovaMigrationTarget: OS::Heat::None
parameter_defaults:
ControllerServices:
- OS::TripleO::Services::CinderScheduler
- OS::TripleO::Services::CinderVolume
- OS::TripleO::Services::Collectd
+ - OS::TripleO::Services::Tacker
- OS::TripleO::Services::Congress
- OS::TripleO::Services::TripleoPackages
- OS::TripleO::Services::TripleoFirewall
- - OS::TripleO::Services::FluentdClient
+ # FIXME(mandre/bandini) mixing BM fluentd and containers is problematic
+ # https://bugs.launchpad.net/tripleo/+bug/1726891
+ #- OS::TripleO::Services::FluentdClient
- OS::TripleO::Services::SensuClient
- OS::TripleO::Services::Iscsid
# This makes the job twice as fast
ceilometer::agent::polling::polling_interval: 15
Debug: true
- #NOTE(gfidente): not great but we need this to deploy on ext4
- #http://docs.ceph.com/docs/jewel/rados/configuration/filesystem-recommendations/
CephAnsibleDisksConfig:
devices:
- /dev/loop3
journal_size: 512
osd_scenario: collocated
+ CephPoolDefaultPgNum: 32
+ CephPoolDefaultSize: 1
CephAnsibleExtraConfig:
- ceph_conf_overrides:
- global:
- osd_pool_default_size: 1
- osd_pool_default_pg_num: 32
- osd_max_object_name_len: 256
- osd_max_object_namespace_len: 64
centos_package_dependencies: []
CephAnsibleSkipTags: ''
#NOTE: These ID's and keys should be regenerated for
CephMonKey: 'AQC+Ox1VmEr3BxAALZejqeHj50Nj6wJDvs96OQ=='
CephAdminKey: 'AQDLOh1VgEp6FRAAFzT7Zw+Y9V6JJExQAsRnRQ=='
CephClientKey: 'AQC+vYNXgDAgAhAAc8UoYt+OTz5uhV7ItLdwUw=='
- CephPoolDefaultSize: 1
- DockerCephDaemonImage: ceph/daemon:tag-stable-3.0-jewel-centos-7
NovaEnableRbdBackend: true
CinderEnableRbdBackend: true
CinderBackupBackend: ceph
-# NOTE: This is an environment specific for containers CI. Mainly we
-# deploy non-pacemakerized overcloud. Once we are able to deploy and
-# upgrade pacemakerized and containerized overcloud, we should remove
-# this file and use normal CI multinode environments/scenarios.
-
resource_registry:
OS::TripleO::Controller::Net::SoftwareConfig: ../common/net-config-multinode.yaml
OS::TripleO::Compute::Net::SoftwareConfig: ../common/net-config-multinode.yaml
OS::TripleO::Services::BarbicanApi: ../../docker/services/barbican-api.yaml
OS::TripleO::Services::Zaqar: ../../docker/services/zaqar.yaml
OS::TripleO::Services::Ec2Api: ../../docker/services/ec2-api.yaml
+ OS::TripleO::Services::RabbitMQ: ../../docker/services/pacemaker/rabbitmq.yaml
+ OS::TripleO::Services::Redis: ../../docker/services/pacemaker/database/redis.yaml
+ OS::TripleO::Services::HAproxy: ../../docker/services/pacemaker/haproxy.yaml
+ OS::TripleO::Services::Pacemaker: ../../puppet/services/pacemaker.yaml
+ OS::TripleO::Services::PacemakerRemote: ../../puppet/services/pacemaker_remote.yaml
+ OS::TripleO::Services::Clustercheck: ../../docker/services/pacemaker/clustercheck.yaml
+ OS::TripleO::Services::MySQL: ../../docker/services/pacemaker/database/mysql.yaml
+ # TODO(mandre) use the containerized service once we've reintroduced cinder
+ # OS::TripleO::Services::CinderBackup: ../../docker/services/pacemaker/cinder-backup.yaml
+ # OS::TripleO::Services::CinderVolume: ../../docker/services/pacemaker/cinder-volume.yaml
+ OS::TripleO::Services::CinderBackup: ../../puppet/services/pacemaker/cinder-backup.yaml
+ OS::TripleO::Services::CinderVolume: ../../puppet/services/pacemaker/cinder-volume.yaml
+ OS::TripleO::Services::Keepalived: OS::Heat::None
+ OS::TripleO::Tasks::ControllerPreConfig: OS::Heat::None
+ OS::TripleO::Tasks::ControllerPostConfig: OS::Heat::None
+ OS::TripleO::Tasks::ControllerPostPuppetRestart: ../../extraconfig/tasks/post_puppet_pacemaker_restart.yaml
# Some infra instances don't pass the ping test but are otherwise working.
# Since the OVB jobs also test this functionality we can shut it off here.
OS::TripleO::AllNodes::Validation: ../common/all-nodes-validation-disabled.yaml
- OS::TripleO::Services::NovaMigrationTarget: OS::Heat::None
parameter_defaults:
ControllerServices:
- OS::TripleO::Services::TripleoFirewall
- OS::TripleO::Services::Sshd
- OS::TripleO::Services::Iscsid
+ - OS::TripleO::Services::Redis
+ - OS::TripleO::Services::AodhApi
+ - OS::TripleO::Services::AodhEvaluator
+ - OS::TripleO::Services::AodhNotifier
+ - OS::TripleO::Services::AodhListener
+ - OS::TripleO::Services::CeilometerAgentCentral
+ - OS::TripleO::Services::CeilometerAgentIpmi
+ - OS::TripleO::Services::CeilometerAgentNotification
+ - OS::TripleO::Services::GnocchiApi
+ - OS::TripleO::Services::GnocchiMetricd
+ - OS::TripleO::Services::GnocchiStatsd
+ - OS::TripleO::Services::PankoApi
ControllerExtraConfig:
nova::compute::libvirt::services::libvirt_virt_type: qemu
nova::compute::libvirt::libvirt_virt_type: qemu
-# NOTE: This is an environment specific for containers CI. Mainly we
-# deploy non-pacemakerized overcloud. Once we are able to deploy and
-# upgrade pacemakerized and containerized overcloud, we should remove
-# this file and use normal CI multinode environments/scenarios.
-
resource_registry:
OS::TripleO::Controller::Net::SoftwareConfig: ../common/net-config-multinode.yaml
OS::TripleO::Compute::Net::SoftwareConfig: ../common/net-config-multinode.yaml
OS::TripleO::Services::MistralApi: ../../docker/services/mistral-api.yaml
OS::TripleO::Services::MistralEngine: ../../docker/services/mistral-engine.yaml
OS::TripleO::Services::MistralExecutor: ../../docker/services/mistral-executor.yaml
+ OS::TripleO::Services::RabbitMQ: ../../docker/services/pacemaker/rabbitmq.yaml
+ OS::TripleO::Services::HAproxy: ../../docker/services/pacemaker/haproxy.yaml
+ OS::TripleO::Services::Pacemaker: ../../puppet/services/pacemaker.yaml
+ OS::TripleO::Services::PacemakerRemote: ../../puppet/services/pacemaker_remote.yaml
+ OS::TripleO::Services::Clustercheck: ../../docker/services/pacemaker/clustercheck.yaml
+ OS::TripleO::Services::MySQL: ../../docker/services/pacemaker/database/mysql.yaml
+ OS::TripleO::Services::Keepalived: OS::Heat::None
+ OS::TripleO::Tasks::ControllerPreConfig: OS::Heat::None
+ OS::TripleO::Tasks::ControllerPostConfig: OS::Heat::None
+ OS::TripleO::Tasks::ControllerPostPuppetRestart: ../../extraconfig/tasks/post_puppet_pacemaker_restart.yaml
# Some infra instances don't pass the ping test but are otherwise working.
# Since the OVB jobs also test this functionality we can shut it off here.
OS::TripleO::AllNodes::Validation: ../common/all-nodes-validation-disabled.yaml
- OS::TripleO::Services::NovaMigrationTarget: OS::Heat::None
parameter_defaults:
ControllerServices:
- OS::TripleO::Services::Snmp
- OS::TripleO::Services::Timezone
- OS::TripleO::Services::NovaCompute
+ - OS::TripleO::Services::NovaMigrationTarget
- OS::TripleO::Services::NovaLibvirt
- OS::TripleO::Services::SaharaApi
- OS::TripleO::Services::SaharaEngine
resource_registry:
OS::TripleO::Controller::Net::SoftwareConfig: ../common/net-config-multinode.yaml
OS::TripleO::Compute::Net::SoftwareConfig: ../common/net-config-multinode.yaml
- # TODO deploy ceph with ceph-ansible: https://review.openstack.org/#/c/465066/
- OS::TripleO::Services::CephMds: ../../puppet/services/ceph-mds.yaml
- OS::TripleO::Services::CephMon: ../../puppet/services/ceph-mon.yaml
- OS::TripleO::Services::CephOSD: ../../puppet/services/ceph-osd.yaml
- OS::TripleO::Services::CephRgw: ../../puppet/services/ceph-rgw.yaml
+ OS::TripleO::Services::CephMon: ../../docker/services/ceph-ansible/ceph-mon.yaml
+ OS::TripleO::Services::CephOSD: ../../docker/services/ceph-ansible/ceph-osd.yaml
+ OS::TripleO::Services::CephMds: ../../docker/services/ceph-ansible/ceph-mds.yaml
+ OS::TripleO::Services::CephRgw: ../../docker/services/ceph-ansible/ceph-rgw.yaml
+ OS::TripleO::Services::CephClient: ../../docker/services/ceph-ansible/ceph-client.yaml
OS::TripleO::Services::SwiftProxy: OS::Heat::None
OS::TripleO::Services::SwiftStorage: OS::Heat::None
OS::TripleO::Services::SwiftRingBuilder: OS::Heat::None
nova::compute::libvirt::services::libvirt_virt_type: qemu
nova::compute::libvirt::libvirt_virt_type: qemu
Debug: true
- #NOTE(gfidente): not great but we need this to deploy on ext4
- #http://docs.ceph.com/docs/jewel/rados/configuration/filesystem-recommendations/
- ExtraConfig:
- ceph::profile::params::osd_max_object_name_len: 256
- ceph::profile::params::osd_max_object_namespace_len: 64
- #NOTE(gfidente): necessary when deploying a single OSD
- ceph::profile::params::osd_pool_default_pg_num: 32
- ceph::profile::params::osd_pool_default_pgp_num: 32
+ CephAnsibleDisksConfig:
+ devices:
+ - /dev/loop3
+ journal_size: 512
+ journal_collocation: true
+ osd_scenario: collocated
+ CephPoolDefaultPgNum: 32
+ CephPoolDefaultSize: 1
+ CephAnsibleExtraConfig:
+ centos_package_dependencies: []
+ CephAnsibleSkipTags: ''
#NOTE: These ID's and keys should be regenerated for
# a production deployment. What is here is suitable for
# developer and CI testing only.
CephMonKey: 'AQC+Ox1VmEr3BxAALZejqeHj50Nj6wJDvs96OQ=='
CephAdminKey: 'AQDLOh1VgEp6FRAAFzT7Zw+Y9V6JJExQAsRnRQ=='
CephClientKey: 'AQC+vYNXgDAgAhAAc8UoYt+OTz5uhV7ItLdwUw=='
- CephPoolDefaultSize: 1
+ NovaEnableRbdBackend: true
+ CinderEnableRbdBackend: true
+ CinderBackupBackend: ceph
+ GlanceBackend: rbd
+ GnocchiBackend: rbd
+ CinderEnableIscsiBackend: false
SwiftCeilometerPipelineEnabled: false
# TODO: in Queens, re-add bgp-vpn and l2gw services when
# containerized.
command: >-
puppet apply {{ host_puppet_config_debug|default('') }}
--modulepath=/etc/puppet/modules:/opt/stack/puppet-modules:/usr/share/openstack-puppet/modules
+ --detailed-exitcodes
--logdest syslog --logdest console --color=false
/var/lib/tripleo-config/puppet_step_config.pp
- changed_when: false
+ changed_when: outputs.rc == 2
check_mode: no
register: outputs
failed_when: false
no_log: true
- debug: var=(outputs.stderr|default('')).split('\n')|union(outputs.stdout_lines|default([]))
when: outputs is defined
- failed_when: outputs|failed
+ failed_when: outputs.rc not in [0, 2]
######################################
# Generate config via docker-puppet.py
######################################
touch /tmp/the_origin_of_time
sync
+ set +e
FACTER_hostname=$HOSTNAME FACTER_uuid=docker /usr/bin/puppet apply \
- --color=false --logdest syslog --logdest console $TAGS /etc/config.pp
+ --detailed-exitcodes --color=false --logdest syslog --logdest console $TAGS /etc/config.pp
+ rc=$?
+ set -e
+ if [ $rc -ne 2 -a $rc -ne 0 ]; then
+ exit $rc
+ fi
# Disables archiving
if [ -z "$NO_ARCHIVE" ]; then
subproc = subprocess.Popen(dcmd, stdout=subprocess.PIPE,
stderr=subprocess.PIPE, env=env)
cmd_stdout, cmd_stderr = subproc.communicate()
- if subproc.returncode != 0:
+ # puppet with --detailed-exitcodes will return 0 for success and no changes
+ # and 2 for success and resource changes. Other numbers are failures
+ if subproc.returncode not in [0, 2]:
log.error('Failed running docker-puppet.py for %s' % config_volume)
if cmd_stdout:
log.error(cmd_stdout)
config_volumes = [pm[0] for pm in process_map]
success = True
for returncode, config_volume in zip(returncodes, config_volumes):
- if returncode != 0:
+ if returncode not in [0, 2]:
log.error('ERROR configuring %s' % config_volume)
success = False
step_4:
cinder_volume:
image: *cinder_volume_image
+ ipc: host
net: host
privileged: true
restart: always
- path: /var/log/horizon/
owner: apache:apache
recurse: true
+ # NOTE The upstream Kolla Dockerfile sets /etc/openstack-dashboard/ ownership to
+ # horizon:horizon - the policy.json files need read permissions for the apache user
+ # FIXME We should consider whether this should be fixed in the Kolla Dockerfile instead
+ - path: /etc/openstack-dashboard/
+ owner: apache:apache
+ recurse: true
# FIXME Apache tries to write a .lock file there
- path: /usr/share/openstack-dashboard/openstack_dashboard/local/
owner: apache:apache
step_4:
nova_compute:
image: &nova_compute_image {get_param: DockerNovaComputeImage}
+ ipc: host
net: host
privileged: true
user: nova
- /dev:/dev
- /lib/modules:/lib/modules:ro
- /run:/run
- - /var/lib/nova:/var/lib/nova
+ - /var/lib/nova:/var/lib/nova:shared
- /var/lib/libvirt:/var/lib/libvirt
- /var/log/containers/nova:/var/log/nova
- /sys/class/net:/sys/class/net
- /var/lib/config-data/puppet-generated/iscsid/:/var/lib/kolla/config_files/src-iscsid:ro
- /run:/run
- /dev:/dev
- - /var/lib/nova/:/var/lib/nova
+ - /var/lib/nova/:/var/lib/nova:shared
- /var/log/containers/nova:/var/log/nova
environment:
- KOLLA_CONFIG_STRATEGY=COPY_ALWAYS
- /dev:/dev
- /run:/run
- /sys/fs/cgroup:/sys/fs/cgroup
- - /var/lib/nova:/var/lib/nova
+ - /var/lib/nova:/var/lib/nova:shared
- /var/run/libvirt:/var/run/libvirt
- /var/lib/libvirt:/var/lib/libvirt
- /etc/libvirt/qemu:/etc/libvirt/qemu:ro
- /dev:/dev
- /run:/run
- /sys/fs/cgroup:/sys/fs/cgroup
- - /var/lib/nova:/var/lib/nova
+ - /var/lib/nova:/var/lib/nova:shared
- /etc/libvirt:/etc/libvirt
- /var/run/libvirt:/var/run/libvirt
- /var/lib/libvirt:/var/lib/libvirt
- /var/lib/config-data/puppet-generated/nova_libvirt/:/var/lib/kolla/config_files/src:ro
- /etc/ssh/:/host-ssh/:ro
- /run:/run
- - /var/lib/nova:/var/lib/nova
+ - /var/lib/nova:/var/lib/nova:shared
environment:
- KOLLA_CONFIG_STRATEGY=COPY_ALWAYS
resource_registry:
- OS::TripleO::Tasks::ControllerDeployedServerPreConfig: ../extraconfig/tasks/pre_puppet_pacemaker.yaml
- OS::TripleO::Tasks::ControllerDeployedServerPostConfig: ../extraconfig/tasks/post_puppet_pacemaker.yaml
+ OS::TripleO::Tasks::ControllerDeployedServerPreConfig: OS::Heat::None
+ OS::TripleO::Tasks::ControllerDeployedServerPostConfig: OS::Heat::None
OS::TripleO::Tasks::ControllerDeployedServerPostPuppetRestart: ../extraconfig/tasks/post_puppet_pacemaker_restart.yaml
default: '%{::os_workers}'
description: Number of workers for Gnocchi MetricD
type: string
+ MetricProcessingDelay:
+ default: 30
+ description: Delay between processing metrics.
+ type: number
resources:
GnocchiServiceBase:
map_merge:
- get_attr: [GnocchiServiceBase, role_data, config_settings]
- gnocchi::metricd::workers: {get_param: GnocchiMetricdWorkers}
+ gnocchi::metricd::metric_processing_delay: {get_param: MetricProcessingDelay}
step_config: |
include ::tripleo::profile::base::gnocchi::metricd
upgrade_tasks:
- 13778
nova::keystone::authtoken::project_name: 'service'
nova::keystone::authtoken::password: {get_param: NovaPassword}
- nova::keystone::authtoken::auth_uri: {get_param: [EndpointMap, KeystoneInternal, uri] }
+ nova::keystone::authtoken::auth_uri: {get_param: [EndpointMap, KeystoneInternal, uri_no_suffix] }
nova::keystone::authtoken::auth_url: {get_param: [EndpointMap, KeystoneAdmin, uri_no_suffix]}
nova::wsgi::apache_placement::api_port: '8778'
nova::wsgi::apache_placement::ssl: {get_param: EnableInternalTLS}