Merge "Generate MySQL client config if service requires database"

diff --git a/ci/environments/scenario007-multinode.yaml b/ci/environments/scenario007-multinode.yaml
index 6db00ef..dd73f47 100644 (file)
--- a/ci/environments/scenario007-multinode.yaml
+++ b/ci/environments/scenario007-multinode.yaml
@@ -16,7 +16,8 @@ resource_registry:
   OS::TripleO::Services::NeutronDhcpAgent: OS::Heat::None
   OS::TripleO::Services::ComputeNeutronOvsAgent: OS::Heat::None
   OS::TripleO::Services::NeutronCorePlugin: OS::TripleO::Services::NeutronCorePluginML2OVN
-  OS::TripleO::Services::ComputeNeutronCorePlugin: ../../puppet/services/neutron-compute-plugin-ovn.yaml
+  OS::TripleO::Services::ComputeNeutronCorePlugin: OS::Heat::None
+  OS::TripleO::Services::OVNController: ../../puppet/services/ovn-controller.yaml
   OS::TripleO::Services::OVNDBs: ../../puppet/services/ovn-dbs.yaml
 
 parameter_defaults:
@@ -34,7 +35,7 @@ parameter_defaults:
     - OS::TripleO::Services::NeutronServer
     - OS::TripleO::Services::NeutronCorePlugin
     - OS::TripleO::Services::OVNDBs
-    - OS::TripleO::Services::ComputeNeutronCorePlugin
+    - OS::TripleO::Services::OVNController
     - OS::TripleO::Services::RabbitMQ
     - OS::TripleO::Services::HAproxy
     - OS::TripleO::Services::Keepalived

diff --git a/docker/deploy-steps-playbook.yaml b/docker/deploy-steps-playbook.yaml
index cd7d5b5..b884e0e 100644 (file)
--- a/docker/deploy-steps-playbook.yaml
+++ b/docker/deploy-steps-playbook.yaml
@@ -10,7 +10,7 @@
       command: >-
         puppet apply
         --modulepath=/etc/puppet/modules:/opt/stack/puppet-modules:/usr/share/openstack-puppet/modules
-        --logdest syslog --color=false
+        --logdest syslog --logdest console --color=false
         /var/lib/tripleo-config/puppet_step_config.pp
       changed_when: false
       check_mode: no

diff --git a/docker/docker-puppet.py b/docker/docker-puppet.py
index 36c6388..fadd12d 100755 (executable)
--- a/docker/docker-puppet.py
+++ b/docker/docker-puppet.py
@@ -211,7 +211,7 @@ def mp_puppet_config((config_volume, puppet_tags, manifest, config_image, volume
         sync
 
         FACTER_hostname=$HOSTNAME FACTER_uuid=docker /usr/bin/puppet apply \
-        --color=false --logdest syslog $TAGS /etc/config.pp
+        --color=false --logdest syslog --logdest console $TAGS /etc/config.pp
 
         # Disables archiving
         if [ -z "$NO_ARCHIVE" ]; then

diff --git a/docker/services/cinder-api.yaml b/docker/services/cinder-api.yaml
index f5b4a66..48faaf9 100644 (file)
--- a/docker/services/cinder-api.yaml
+++ b/docker/services/cinder-api.yaml
@@ -172,6 +172,8 @@ outputs:
             environment:
               - KOLLA_CONFIG_STRATEGY=COPY_ALWAYS
 
+      metadata_settings:
+        get_attr: [CinderBase, role_data, metadata_settings]
       host_prep_tasks:
         - name: create persistent logs directory
           file:

diff --git a/docker/services/haproxy.yaml b/docker/services/haproxy.yaml
index f080dcb..2f0584e 100644 (file)
--- a/docker/services/haproxy.yaml
+++ b/docker/services/haproxy.yaml
@@ -85,6 +85,7 @@ outputs:
         map_merge:
           - get_attr: [HAProxyBase, role_data, config_settings]
           - tripleo::haproxy::haproxy_daemon: false
+            tripleo::haproxy::haproxy_service_manage: false
       step_config: &step_config
         get_attr: [HAProxyBase, role_data, step_config]
       service_config_settings: {get_attr: [HAProxyBase, role_data, service_config_settings]}
@@ -92,7 +93,8 @@ outputs:
       puppet_config:
         config_volume: haproxy
         puppet_tags: haproxy_config
-        step_config: *step_config
+        step_config:
+          "class {'::tripleo::profile::base::haproxy': manage_firewall => false}"
         config_image: {get_param: DockerHAProxyConfigImage}
         volumes: &deployed_cert_mount
           - list_join:
@@ -110,10 +112,44 @@ outputs:
               preserve_properties: true
       docker_config:
         step_1:
+          haproxy_firewall:
+            detach: false
+            image: {get_param: DockerHAProxyImage}
+            net: host
+            user: root
+            privileged: true
+            command:
+              - '/bin/bash'
+              - '-c'
+              - str_replace:
+                  template:
+                    list_join:
+                      - '; '
+                      - - "cp -a /tmp/puppet-etc/* /etc/puppet; echo '{\"step\": 1}' > /etc/puppet/hieradata/docker.json"
+                        - "FACTER_uuid=docker puppet apply --tags TAGS -v -e 'CONFIG'"
+                  params:
+                    TAGS: 'tripleo::firewall::rule'
+                    CONFIG: *step_config
+            volumes:
+              list_concat:
+                - {get_attr: [ContainersCommon, volumes]}
+                - *deployed_cert_mount
+                -
+                  - /var/lib/kolla/config_files/haproxy.json:/var/lib/kolla/config_files/config.json:ro
+                  - /var/lib/config-data/puppet-generated/haproxy/:/var/lib/kolla/config_files/src:ro
+                  # puppet saves iptables rules in /etc/sysconfig
+                  - /etc/sysconfig:/etc/sysconfig:rw
+                  # saving rules require accessing /usr/libexec/iptables/iptables.init, just bind-mount
+                  # the necessary bit and prevent systemd to try to reload the service in the container
+                  - /usr/libexec/iptables:/usr/libexec/iptables:ro
+                  - /usr/libexec/initscripts/legacy-actions:/usr/libexec/initscripts/legacy-actions:ro
+                  - /etc/puppet:/tmp/puppet-etc:ro
+                  - /usr/share/openstack-puppet/modules:/usr/share/openstack-puppet/modules:ro
+            environment:
+              - KOLLA_CONFIG_STRATEGY=COPY_ALWAYS
           haproxy:
             image: {get_param: DockerHAProxyImage}
             net: host
-            privileged: false
             restart: always
             volumes:
               list_concat:

diff --git a/docker/services/nova-api.yaml b/docker/services/nova-api.yaml
index 800549b..da46104 100644 (file)
--- a/docker/services/nova-api.yaml
+++ b/docker/services/nova-api.yaml
@@ -199,6 +199,8 @@ outputs:
             volumes: *nova_api_bootstrap_volumes
             user: root
             command: "/usr/bin/bootstrap_host_exec nova_api su nova -s /bin/bash -c '/usr/bin/nova-manage cell_v2 discover_hosts'"
+      metadata_settings:
+        get_attr: [NovaApiBase, role_data, metadata_settings]
       host_prep_tasks:
         - name: create persistent logs directory
           file:

diff --git a/docker/services/nova-placement.yaml b/docker/services/nova-placement.yaml
index 01b86e0..d784ace 100644 (file)
--- a/docker/services/nova-placement.yaml
+++ b/docker/services/nova-placement.yaml
@@ -106,6 +106,8 @@ outputs:
                   - /var/log/containers/nova:/var/log/nova
             environment:
               - KOLLA_CONFIG_STRATEGY=COPY_ALWAYS
+      metadata_settings:
+        get_attr: [NovaPlacementBase, role_data, metadata_settings]
       host_prep_tasks:
         - name: create persistent logs directory
           file:

diff --git a/docker/services/zaqar.yaml b/docker/services/zaqar.yaml
index 8902f0d..072c675 100644 (file)
--- a/docker/services/zaqar.yaml
+++ b/docker/services/zaqar.yaml
@@ -40,9 +40,13 @@ parameters:
     default: {}
     description: Parameters specific to the role
     type: json
+  EnableInternalTLS:
+    type: boolean
+    default: false
 
 conditions:
   zaqar_management_store_sqlalchemy: {equals : [{get_param: ZaqarManagementStore}, 'sqlalchemy']}
+  internal_tls_enabled: {get_param: EnableInternalTLS}
 
 resources:
 
@@ -61,6 +65,7 @@ resources:
       DefaultPasswords: {get_param: DefaultPasswords}
       RoleName: {get_param: RoleName}
       RoleParameters: {get_param: RoleParameters}
+      EnableInternalTLS: {get_param: EnableInternalTLS}
 
 outputs:
   role_data:
@@ -143,6 +148,16 @@ outputs:
                       - /var/lib/kolla/config_files/zaqar.json:/var/lib/kolla/config_files/config.json:ro
                       - /var/lib/config-data/puppet-generated/zaqar/:/var/lib/kolla/config_files/src:ro
                       - /var/log/containers/zaqar:/var/log/zaqar
+                      -
+                        if:
+                          - internal_tls_enabled
+                          - /etc/pki/tls/certs/httpd:/etc/pki/tls/certs/httpd:ro
+                          - ''
+                      -
+                        if:
+                          - internal_tls_enabled
+                          - /etc/pki/tls/private/httpd:/etc/pki/tls/private/httpd:ro
+                          - ''
                 environment:
                   - KOLLA_CONFIG_STRATEGY=COPY_ALWAYS
               zaqar_websocket:
@@ -168,3 +183,5 @@ outputs:
         - name: Stop and disable zaqar service
           tags: step2
           service: name=httpd state=stopped enabled=no
+      metadata_settings:
+        get_attr: [ZaqarBase, role_data, metadata_settings]

diff --git a/environments/docker.yaml b/environments/docker.yaml
index 34285ef..0972da6 100644 (file)
--- a/environments/docker.yaml
+++ b/environments/docker.yaml
@@ -32,6 +32,7 @@ resource_registry:
   OS::TripleO::Services::NeutronOvsAgent: ../docker/services/neutron-ovs-agent.yaml
   OS::TripleO::Services::NeutronDhcpAgent: ../docker/services/neutron-dhcp.yaml
   OS::TripleO::Services::NeutronL3Agent: ../docker/services/neutron-l3.yaml
+  OS::TripleO::Services::HAproxy: ../docker/services/haproxy.yaml
   OS::TripleO::Services::MySQL: ../docker/services/database/mysql.yaml
   OS::TripleO::Services::RabbitMQ: ../docker/services/rabbitmq.yaml
   OS::TripleO::Services::MongoDb: ../docker/services/database/mongodb.yaml

diff --git a/environments/hyperconverged-ceph.yaml b/environments/hyperconverged-ceph.yaml
index d1970d6..834c4f1 100644 (file)
--- a/environments/hyperconverged-ceph.yaml
+++ b/environments/hyperconverged-ceph.yaml
@@ -39,3 +39,4 @@ parameter_defaults:
     - OS::TripleO::Services::MySQLClient
     - OS::TripleO::Services::Docker
     - OS::TripleO::Services::Iscsid
+    - OS::TripleO::Services::OVNController

diff --git a/environments/neutron-ml2-ovn-ha.yaml b/environments/neutron-ml2-ovn-ha.yaml
index c592d57..a9f732b 100644 (file)
--- a/environments/neutron-ml2-ovn-ha.yaml
+++ b/environments/neutron-ml2-ovn-ha.yaml
@@ -2,14 +2,15 @@
 # extensions, configured via puppet
 resource_registry:
   OS::TripleO::Services::NeutronCorePlugin: OS::TripleO::Services::NeutronCorePluginML2OVN
-  OS::TripleO::Services::ComputeNeutronCorePlugin: ../puppet/services/neutron-compute-plugin-ovn.yaml
+  OS::TripleO::Services::OVNController: ../puppet/services/ovn-controller.yaml
   OS::TripleO::Services::OVNDBs: ../puppet/services/pacemaker/ovn-dbs.yaml
 # Disabling Neutron services that overlap with OVN
-  OS::TripleO::Services::NeutronL3Agent: OS::Heat::None
   OS::TripleO::Services::NeutronOvsAgent: OS::Heat::None
+  OS::TripleO::Services::ComputeNeutronOvsAgent: OS::Heat::None
+  OS::TripleO::Services::NeutronL3Agent: OS::Heat::None
   OS::TripleO::Services::NeutronMetadataAgent: OS::Heat::None
   OS::TripleO::Services::NeutronDhcpAgent: OS::Heat::None
-  OS::TripleO::Services::ComputeNeutronOvsAgent: OS::Heat::None
+  OS::TripleO::Services::ComputeNeutronCorePlugin: OS::Heat::None
 
 parameter_defaults:
   NeutronMechanismDrivers: ovn

diff --git a/environments/neutron-ml2-ovn.yaml b/environments/neutron-ml2-ovn.yaml
index 7483bdb..7322b05 100644 (file)
--- a/environments/neutron-ml2-ovn.yaml
+++ b/environments/neutron-ml2-ovn.yaml
@@ -1,15 +1,16 @@
 # A Heat environment file which can be used to enable OVN
 # extensions, configured via puppet
 resource_registry:
-  OS::TripleO::Services::NeutronL3Agent: OS::Heat::None
-  OS::TripleO::Services::NeutronOvsAgent: OS::Heat::None
-  OS::TripleO::Services::NeutronMetadataAgent: OS::Heat::None
   OS::TripleO::Services::NeutronCorePlugin: OS::TripleO::Services::NeutronCorePluginML2OVN
-  OS::TripleO::Services::ComputeNeutronCorePlugin: ../puppet/services/neutron-compute-plugin-ovn.yaml
+  OS::TripleO::Services::OVNController: ../puppet/services/ovn-controller.yaml
+  OS::TripleO::Services::OVNDBs: ../puppet/services/ovn-dbs.yaml
 # Disabling Neutron services that overlap with OVN
-  OS::TripleO::Services::NeutronDhcpAgent: OS::Heat::None
+  OS::TripleO::Services::NeutronOvsAgent: OS::Heat::None
   OS::TripleO::Services::ComputeNeutronOvsAgent: OS::Heat::None
-  OS::TripleO::Services::OVNDBs: ../puppet/services/ovn-dbs.yaml
+  OS::TripleO::Services::NeutronDhcpAgent: OS::Heat::None
+  OS::TripleO::Services::NeutronL3Agent: OS::Heat::None
+  OS::TripleO::Services::NeutronMetadataAgent: OS::Heat::None
+  OS::TripleO::Services::ComputeNeutronCorePlugin: OS::Heat::None
 
 parameter_defaults:
   NeutronMechanismDrivers: ovn

diff --git a/environments/overcloud-baremetal.j2.yaml b/environments/overcloud-baremetal.j2.yaml
index 8d7bc8d..93191a7 100644 (file)
--- a/environments/overcloud-baremetal.j2.yaml
+++ b/environments/overcloud-baremetal.j2.yaml
@@ -11,10 +11,3 @@ parameter_defaults:
 {% for role in roles %}
   {{role.name}}Services: []
 {% endfor %}
-
-  # Consistent Hostname format
-  ControllerHostnameFormat: overcloud-controller-%index%
-  ComputeHostnameFormat: overcloud-novacompute-%index%
-  ObjectStorageHostnameFormat: overcloud-objectstorage-%index%
-  CephStorageHostnameFormat: overcloud-cephstorage-%index%
-  BlockStorageHostnameFormat: overcloud-blockstorage-%index%

diff --git a/environments/overcloud-services.yaml b/environments/overcloud-services.yaml
index 1d01cb3..ac1c69f 100644 (file)
--- a/environments/overcloud-services.yaml
+++ b/environments/overcloud-services.yaml
@@ -1,10 +1,2 @@
 resource_registry:
   OS::TripleO::DeployedServerEnvironment: ../deployed-server/deployed-server-environment-output.yaml
-
-parameter_defaults:
-  # Consistent Hostname format
-  ControllerDeployedServerHostnameFormat: overcloud-controller-%index%
-  ComputeDeployedServerHostnameFormat: overcloud-novacompute-%index%
-  ObjectStorageDeployedServerHostnameFormat: overcloud-objectstorage-%index%
-  CephStorageDeployedServerHostnameFormat: overcloud-cephstorage-%index%
-  BlockStorageDeployedServerHostnameFormat: overcloud-blockstorage-%index%

diff --git a/environments/services-docker/octavia.yaml b/environments/services-docker/octavia.yaml
index b677a4f..f0c671f 100644 (file)
--- a/environments/services-docker/octavia.yaml
+++ b/environments/services-docker/octavia.yaml
@@ -3,3 +3,8 @@ resource_registry:
   OS::TripleO::Services::OctaviaHousekeeping: ../../docker/services/octavia-housekeeping.yaml
   OS::TripleO::Services::OctaviaHealthManager: ../../docker/services/octavia-health-manager.yaml
   OS::TripleO::Services::OctaviaWorker: ../../docker/services/octavia-worker.yaml
+
+parameter_defaults:
+    NeutronServicePlugins: "qos,router,trunk,lbaasv2"
+    NeutronEnableForceMetadata: true
+

diff --git a/environments/split-stack-consistent-hostname-format.j2.yaml b/environments/split-stack-consistent-hostname-format.j2.yaml
new file mode 100644 (file)
index 0000000..8345c10
--- /dev/null
+++ b/environments/split-stack-consistent-hostname-format.j2.yaml
@@ -0,0 +1,5 @@
+parameter_defaults:
+  # Consistent Hostname format
+{% for role in roles %}
+  {{role.name}}HostnameFormat: overcloud-{{role.name.lower()}}-%index%
+{% endfor %}

diff --git a/extraconfig/pre_network/host_config_and_reboot.yaml b/extraconfig/pre_network/host_config_and_reboot.yaml
index 2f5fcdf..5c7cc27 100644 (file)
--- a/extraconfig/pre_network/host_config_and_reboot.yaml
+++ b/extraconfig/pre_network/host_config_and_reboot.yaml
@@ -55,6 +55,21 @@ parameters:
       - allowed_pattern: "[0-9,-]*"
     type: string
     default: ""
+  deployment_actions:
+    default: ['CREATE', 'UPDATE']
+    type: comma_delimited_list
+    description: >
+      List of stack actions that will trigger any deployments in this
+      templates. The actions will be an empty list of the server is in the
+      toplevel DeploymentServerBlacklist parameter's value.
+  EnableDpdkDeploymentActions:
+    default: ['CREATE']
+    type: comma_delimited_list
+    description: >
+      Exposing the DPDK deployment action, it may be required to run DPDK
+      config during an upgrade. By default DPDK will be enabled during the
+      CREATE action only. But on cases when it requires for certain migration,
+      it may be required to run it for UPDATE action too.
   # DEPRECATED: the following options are deprecated and are currently maintained
   # for backwards compatibility. They will be removed in the Queens cycle.
   HostCpusList:
@@ -79,13 +94,6 @@ parameters:
     default: ''
     description: Memory allocated for each socket
     type: string
-  deployment_actions:
-    default: ['CREATE', 'UPDATE']
-    type: comma_delimited_list
-    description: >
-      List of stack actions that will trigger any deployments in this
-      templates. The actions will be an empty list of the server is in the
-      toplevel DeploymentServerBlacklist parameter's value.
 
 conditions:
   is_host_config_required: {not: {equals: [{get_param: [RoleParameters, KernelArgs]}, ""]}}
@@ -159,6 +167,40 @@ resources:
         _TUNED_PROFILE_NAME_: {get_param: [RoleParameters, TunedProfileName]}
         _TUNED_CORES_: {get_param: [RoleParameters, IsolCpusList]}
 
+  RebootConfig:
+    type: OS::Heat::SoftwareConfig
+    condition: is_reboot_config_required
+    properties:
+      group: script
+      config: |
+        #!/bin/bash
+        # Stop os-collect-config to avoid any race collecting another
+        # deployment before reboot happens
+        systemctl stop os-collect-config.service
+        /sbin/reboot
+
+  RebootDeployment:
+    type: OS::Heat::SoftwareDeployment
+    depends_on: HostParametersDeployment
+    condition: is_reboot_config_required
+    properties:
+      name: RebootDeployment
+      server:  {get_param: server}
+      config: {get_resource: RebootConfig}
+      actions:
+        if:
+          - deployment_actions_empty
+          - []
+          - ['CREATE'] # Only do this on CREATE
+      signal_transport: NO_SIGNAL
+
+  # With OvS2.7 (which is default with pike), ovs-vswitchd will start dpdk
+  # immediately after setting dpdk-init (behaviour change from ovs2.6).
+  # Starting of DPDK require the huge page configuration to be enabled. So
+  # reboot will happen before DPDK config and we don't need an explicity
+  # restart after dpdk-init as true because of the behavior change.
+  # TODO(skramaja): Dependency is that till the service file workaround, is
+  # maintained, restart of ovs is required.
   EnableDpdkConfig:
     type: OS::Heat::SoftwareConfig
     condition: is_dpdk_config_required
@@ -194,6 +236,8 @@ resources:
               sed -i 's/start_daemon \"\$OVS_VSWITCHD_PRIORITY\"/umask 0002 \&\& start_daemon \"$OVS_VSWITCHD_PRIORITY\"/' $ovs_ctl_path
             fi
 
+            systemctl daemon-reload
+            systemctl restart openvswitch
 
             # DO NOT use --detailed-exitcodes
             puppet apply --logdest console \
@@ -215,6 +259,7 @@ resources:
   EnableDpdkDeployment:
     type: OS::Heat::SoftwareDeployment
     condition: is_dpdk_config_required
+    depends_on: RebootDeployment
     properties:
       name: EnableDpdkDeployment
       server:  {get_param: server}
@@ -223,34 +268,7 @@ resources:
         if:
           - deployment_actions_empty
           - []
-          - ['CREATE'] # Only do this on CREATE
-
-  RebootConfig:
-    type: OS::Heat::SoftwareConfig
-    condition: is_reboot_config_required
-    properties:
-      group: script
-      config: |
-        #!/bin/bash
-        # Stop os-collect-config to avoid any race collecting another
-        # deployment before reboot happens
-        systemctl stop os-collect-config.service
-        /sbin/reboot
-
-  RebootDeployment:
-    type: OS::Heat::SoftwareDeployment
-    depends_on: HostParametersDeployment
-    condition: is_reboot_config_required
-    properties:
-      name: RebootDeployment
-      server:  {get_param: server}
-      config: {get_resource: RebootConfig}
-      actions:
-        if:
-          - deployment_actions_empty
-          - []
-          - ['CREATE'] # Only do this on CREATE
-      signal_transport: NO_SIGNAL
+          - {get_param: EnableDpdkDeploymentActions}
 
 outputs:
   result:

diff --git a/overcloud-resource-registry-puppet.j2.yaml b/overcloud-resource-registry-puppet.j2.yaml
index 2dcc7f0..0d3b875 100644 (file)
--- a/overcloud-resource-registry-puppet.j2.yaml
+++ b/overcloud-resource-registry-puppet.j2.yaml
@@ -156,6 +156,7 @@ resource_registry:
   OS::TripleO::Services::NeutronCorePluginNuage: puppet/services/neutron-plugin-nuage.yaml
   OS::TripleO::Services::NeutronCorePluginNSX: puppet/services/neutron-plugin-nsx.yaml
   OS::TripleO::Services::OVNDBs: OS::Heat::None
+  OS::TripleO::Services::OVNController: OS::Heat::None
 
   OS::TripleO::Services::NeutronCorePluginMidonet: puppet/services/neutron-midonet.yaml
   OS::TripleO::Services::NeutronOvsAgent: puppet/services/neutron-ovs-agent.yaml

diff --git a/puppet/services/neutron-compute-plugin-ovn.yaml b/puppet/services/ovn-controller.yaml
similarity index 73%
rename from puppet/services/neutron-compute-plugin-ovn.yaml
rename to puppet/services/ovn-controller.yaml
index dfd87ed..fbc5559 100644 (file)
--- a/puppet/services/neutron-compute-plugin-ovn.yaml
+++ b/puppet/services/ovn-controller.yaml
@@ -1,7 +1,7 @@
 heat_template_version: pike
 
 description: >
-  OpenStack Neutron Compute OVN agent
+  OpenStack OVN Controller agent
 
 parameters:
   EndpointMap:
@@ -52,16 +52,16 @@ parameters:
 
 outputs:
   role_data:
-    description: Role data for the Neutron Compute OVN agent
+    description: Role data for the OVN Controller agent
     value:
-      service_name: neutron_compute_plugin_ovn
+      service_name: ovn_controller
       config_settings:
         ovn::southbound::port: {get_param: OVNSouthboundServerPort}
         ovn::controller::ovn_encap_type: {get_param: OVNTunnelEncapType}
         ovn::controller::ovn_encap_ip: {get_param: [ServiceNetMap, NeutronApiNetwork]}
         ovn::controller::ovn_bridge_mappings: {get_param: NeutronBridgeMappings}
         nova::compute::force_config_drive: true
-        tripleo.neutron_compute_plugin_ovn.firewall_rules:
+        tripleo.ovn_controller.firewall_rules:
           '118 neutron vxlan networks':
                 proto: 'udp'
                 dport: 4789
@@ -70,3 +70,17 @@ outputs:
             dport: 6081
       step_config: |
         include ::tripleo::profile::base::neutron::agents::ovn
+      upgrade_tasks:
+        - name: Check if ovn_controller is deployed
+          command: systemctl is-enabled ovn-controller
+          tags: common
+          ignore_errors: True
+          register: ovn_controller_enabled
+        - name: "PreUpgrade step0,validation: Check service ovn-controller is running"
+          shell: /usr/bin/systemctl show 'ovn-controller' --property ActiveState | grep '\bactive\b'
+          when: ovn_controller_enabled.rc == 0
+          tags: step0,validation
+        - name: Stop ovn-controller service
+          tags: step1
+          when: ovn_controller_enabled.rc == 0
+          service: name=ovn-controller state=stopped

diff --git a/puppet/services/ovn-dbs.yaml b/puppet/services/ovn-dbs.yaml
index f6f3e3c..2b98008 100644 (file)
--- a/puppet/services/ovn-dbs.yaml
+++ b/puppet/services/ovn-dbs.yaml
@@ -57,3 +57,17 @@ outputs:
                 - {get_param: OVNSouthboundServerPort}
       step_config: |
         include ::tripleo::profile::base::neutron::ovn_northd
+      upgrade_tasks:
+        - name: Check if ovn_northd is deployed
+          command: systemctl is-enabled ovn-northd
+          tags: common
+          ignore_errors: True
+          register: ovn_northd_enabled
+        - name: "PreUpgrade step0,validation: Check service ovn-northd is running"
+          shell: /usr/bin/systemctl show 'ovn-northd' --property ActiveState | grep '\bactive\b'
+          when: ovn_northd_enabled.rc == 0
+          tags: step0,validation
+        - name: Stop ovn-northd service
+          tags: step1
+          when: ovn_northd_enabled.rc == 0
+          service: name=ovn-northd state=stopped

diff --git a/puppet/services/zaqar.yaml b/puppet/services/zaqar.yaml
index 2185742..4a1ad17 100644 (file)
--- a/puppet/services/zaqar.yaml
+++ b/puppet/services/zaqar.yaml
@@ -105,7 +105,7 @@ outputs:
               - {get_param: ZaqarDebug }
             zaqar::server::service_name: 'httpd'
             zaqar::transport::websocket::bind: {get_param: [EndpointMap, ZaqarInternal, host]}
-            zaqar::wsgi::apache::ssl: false
+            zaqar::wsgi::apache::ssl: {get_param: EnableInternalTLS}
             zaqar::wsgi::apache::bind_host: {get_param: [ServiceNetMap, ZaqarApiNetwork]}
             zaqar::message_pipeline: 'zaqar.notification.notifier'
             zaqar::unreliable: true
@@ -178,6 +178,8 @@ outputs:
             - {}
       step_config: |
         include ::tripleo::profile::base::zaqar
+      metadata_settings:
+        get_attr: [ApacheServiceBase, role_data, metadata_settings]
       upgrade_tasks:
         yaql:
           expression: $.data.apache_upgrade + $.data.zaqar_upgrade

diff --git a/releasenotes/notes/ovs-2-7-support-for-dpdk-fe665cf9c6b0a750.yaml b/releasenotes/notes/ovs-2-7-support-for-dpdk-fe665cf9c6b0a750.yaml
new file mode 100644 (file)
index 0000000..23f482a
--- /dev/null
+++ b/releasenotes/notes/ovs-2-7-support-for-dpdk-fe665cf9c6b0a750.yaml
@@ -0,0 +1,5 @@
+---
+features:
+  - Added support for DPDK with OvS2.7, which requires huge page
+    configuration (with reboot) to be available before enabling DPDK.
+

diff --git a/roles/Compute.yaml b/roles/Compute.yaml
index ec9e369..56daa86 100644 (file)
--- a/roles/Compute.yaml
+++ b/roles/Compute.yaml
@@ -45,3 +45,4 @@
     - OS::TripleO::Services::TripleoPackages
     - OS::TripleO::Services::Tuned
     - OS::TripleO::Services::Vpp
+    - OS::TripleO::Services::OVNController

diff --git a/roles/ComputeHCI.yaml b/roles/ComputeHCI.yaml
index a1342dc..0e8a90b 100644 (file)
--- a/roles/ComputeHCI.yaml
+++ b/roles/ComputeHCI.yaml
@@ -45,3 +45,4 @@
     - OS::TripleO::Services::TripleoPackages
     - OS::TripleO::Services::Tuned
     - OS::TripleO::Services::Vpp
+    - OS::TripleO::Services::OVNController

diff --git a/roles/Controller.yaml b/roles/Controller.yaml
index c97f7a7..d702a63 100644 (file)
--- a/roles/Controller.yaml
+++ b/roles/Controller.yaml
@@ -109,6 +109,7 @@
     - OS::TripleO::Services::OpenDaylightApi
     - OS::TripleO::Services::OpenDaylightOvs
     - OS::TripleO::Services::OVNDBs
+    - OS::TripleO::Services::OVNController
     - OS::TripleO::Services::Pacemaker
     - OS::TripleO::Services::PankoApi
     - OS::TripleO::Services::RabbitMQ

diff --git a/roles/ControllerOpenstack.yaml b/roles/ControllerOpenstack.yaml
index 398736a..10d76dd 100644 (file)
--- a/roles/ControllerOpenstack.yaml
+++ b/roles/ControllerOpenstack.yaml
@@ -86,6 +86,7 @@
     - OS::TripleO::Services::OpenDaylightApi
     - OS::TripleO::Services::OpenDaylightOvs
     - OS::TripleO::Services::OVNDBs
+    - OS::TripleO::Services::OVNController
     - OS::TripleO::Services::Pacemaker
     - OS::TripleO::Services::PankoApi
     - OS::TripleO::Services::Redis

diff --git a/roles_data.yaml b/roles_data.yaml
index 5918718..0d6c803 100644 (file)
--- a/roles_data.yaml
+++ b/roles_data.yaml
@@ -112,6 +112,7 @@
     - OS::TripleO::Services::OpenDaylightApi
     - OS::TripleO::Services::OpenDaylightOvs
     - OS::TripleO::Services::OVNDBs
+    - OS::TripleO::Services::OVNController
     - OS::TripleO::Services::Pacemaker
     - OS::TripleO::Services::PankoApi
     - OS::TripleO::Services::RabbitMQ
@@ -179,6 +180,7 @@
     - OS::TripleO::Services::TripleoPackages
     - OS::TripleO::Services::Tuned
     - OS::TripleO::Services::Vpp
+    - OS::TripleO::Services::OVNController
 ###############################################################################
 # Role: BlockStorage                                                          #
 ###############################################################################