Steven Hardy [Mon, 30 Jan 2017 10:20:32 +0000 (10:20 +0000)]
Reduce number of steps for upgrades
We don't need all the steps currently enabled for either batched
or concurrent updates, so decrease them. In future we can perhaps
introspect the task tags during plan creation and set these
dynamically.
Change-Id: I0358886a332dfbecd03bc4a67086b08d25756c22
Partially-Implements: blueprint overcloud-upgrades-per-service
Steven Hardy [Mon, 30 Jan 2017 10:17:53 +0000 (10:17 +0000)]
Simplify/fix config enabled conditions for upgrades
We should enable each kind of upgrade per role, not per step
so rework the conditions, and also only apply it to the deployment
(to save the round-trip to the nodes applying an empty config)
but don't disable the *Config resources as the overhead of these
is small, and we reference the Step1 config in the outputs, even
if it's empty.
Change-Id: Iee2f1fb5b1d8b0b6001c6ab0f2a4ef2858cef281
Partially-Implements: blueprint overcloud-upgrades-per-service
Steven Hardy [Thu, 2 Feb 2017 12:03:03 +0000 (12:03 +0000)]
Disable puppet on upgrade for roles not upgrading
Where the role has disabled upgrades, we need to skip both the ansible and
puppet steps. To do this we refactor the post.j2.yaml so that it can be
included in the upgrade template with an adjusted list of roles.
Note this requires https://review.openstack.org/#/c/425220/ - this
change will be required for local testing of this patch
(run mistral-db-mange populate after updating tripleo-common
and restart the mistral services, or update your repos and re-run
openstack undercloud install).
Partially-Implements: blueprint overcloud-upgrades-per-service
Change-Id: Ie7d0fa6fef3528bd93e6cde076b964ea8de3185a
Jenkins [Fri, 3 Feb 2017 09:20:41 +0000 (09:20 +0000)]
Merge "Moving the validation for using the template alias version for all templates"
Jenkins [Fri, 3 Feb 2017 00:38:48 +0000 (00:38 +0000)]
Merge "Switch item notation to jinja format"
Emilien Macchi [Thu, 2 Feb 2017 21:10:15 +0000 (16:10 -0500)]
CI: enable debug on multinode and upgrade job
We're running TripleO CI jobs outside TripleO projects (nova, gnocchi,
etc), folks need more debug to be helpful.
Change-Id: I512ad89d9ac82ae62f9cbe7d0029fb1ac7445cc9
Marius Cornea [Thu, 2 Feb 2017 17:46:48 +0000 (18:46 +0100)]
Switch item notation to jinja format
This change fixes the item variable notation in
puppet/services/ceph-osd.yaml.
Change-Id: I4d105619e4ac913b4a711bf91fea5f6e3c9b4caa
Closes-Bug:
1661339
Jenkins [Thu, 2 Feb 2017 15:16:16 +0000 (15:16 +0000)]
Merge "Allow the override of pacemaker::corosync::settle_tries"
Jenkins [Thu, 2 Feb 2017 13:36:32 +0000 (13:36 +0000)]
Merge "Don't run yum_update.sh inside docker"
Jenkins [Thu, 2 Feb 2017 13:32:49 +0000 (13:32 +0000)]
Merge "Temporary UCSM mapping files should be opened with write mode"
Jenkins [Thu, 2 Feb 2017 13:31:41 +0000 (13:31 +0000)]
Merge "Use common directory in CI scenario for net-config"
Jenkins [Thu, 2 Feb 2017 10:34:11 +0000 (10:34 +0000)]
Merge "Don't run ceilometer-upgrade via upgrade_tasks"
Carlos Camacho [Thu, 2 Feb 2017 09:46:55 +0000 (10:46 +0100)]
Moving the validation for using the template alias version for all templates
Currently we are applying this validation for the services templates, this
submission moves it to run with all templates.
Also fixed those templates not using the alias name.
Change-Id: I3a2c0ce6adcc8061fdc51f73fdc6b9748c0fead9
Jenkins [Wed, 1 Feb 2017 23:35:02 +0000 (23:35 +0000)]
Merge "Add more explicit messagae to build_endpoint_map's check option"
Jenkins [Wed, 1 Feb 2017 23:26:52 +0000 (23:26 +0000)]
Merge "Add deployed server bootstrap for RHEL"
Jenkins [Wed, 1 Feb 2017 23:24:25 +0000 (23:24 +0000)]
Merge "Validate that endpoint_map.yaml is up to date in the gate"
Jenkins [Wed, 1 Feb 2017 22:04:54 +0000 (22:04 +0000)]
Merge "Add ability to toggle swift's ceilometer transport_url SSL"
Juan Antonio Osorio Robles [Wed, 1 Feb 2017 21:09:03 +0000 (23:09 +0200)]
Add more explicit messagae to build_endpoint_map's check option
This will hopefully help developers know what to do if their patch fails
this verification.
Change-Id: I01fe9ca30295c6264affdbdb773b039a744289ea
Zane Bitter [Wed, 1 Feb 2017 21:05:03 +0000 (16:05 -0500)]
Validate that endpoint_map.yaml is up to date in the gate
Change-Id: I72aa48c72c825151739cb478c58e9a6c841c9130
Steven Hardy [Wed, 1 Feb 2017 19:00:38 +0000 (19:00 +0000)]
Don't run ceilometer-upgrade via upgrade_tasks
This needs to be run by puppet or ansible runs it as root and the
later run by puppet fails due to permissions on the logfile.
Probably we need to remove the *sync calls for most services to
avoid similar issues, now that we're running puppet as part of the
pre-converge upgrade process but that will be done in another patch.
Change-Id: I808db2c175325a25058226842684558ea06fb5c5
Partially-Implements: blueprint overcloud-upgrades-per-service
Emilien Macchi [Wed, 1 Feb 2017 17:21:11 +0000 (12:21 -0500)]
Remove Gemfile and Rakefile
We are not running syntax and lint jobs in THT for master & newton,
let's remove useless files.
Change-Id: Ia572a0eb8872ab199bc68a51750dfc17ca5ee034
Emilien Macchi [Wed, 1 Feb 2017 13:57:58 +0000 (08:57 -0500)]
Disable the deprecation warnings as errors for puppet-syntax
Recently puppet4 started deprecating ruby 2.0 with the following
commit: https://github.com/puppetlabs/puppet/commit/
e9eda7ed56fddcf185fc155d7e0ae054ea327504
One way to work-around this (in the absence of a more recent ruby
version) is to not treat this deprecation warnings as fatal when
doing the puppet syntax check
Change-Id: Id49c5068ab4609e3da0417af4714e8cb8485f3d1
Closes-Bug: #
1660943
Juan Antonio Osorio Robles [Mon, 30 Jan 2017 18:48:27 +0000 (20:48 +0200)]
Add ability to toggle swift's ceilometer transport_url SSL
So, if RabbitClientUseSSL is set, this will enable TLS for the
swift's ceilometer message broker connection.
Change-Id: Ide70a509aefc9e7eb9d7cc5b3a60520fa42b4010
Depends-On: I8b7457b6233c4f88af2d7bc1b9304fcccb6edf61
Jenkins [Tue, 31 Jan 2017 12:51:19 +0000 (12:51 +0000)]
Merge "Configure DPDK options to isolate PMD cores and ovs process cores"
Jenkins [Tue, 31 Jan 2017 10:15:48 +0000 (10:15 +0000)]
Merge "docker: eliminate copy-json.py in favor of json-file"
Jenkins [Tue, 31 Jan 2017 09:48:48 +0000 (09:48 +0000)]
Merge "Removes deprecated neutron-opendaylight-l3 env file"
Mathieu Bultel [Tue, 31 Jan 2017 08:09:14 +0000 (09:09 +0100)]
Use common directory in CI scenario for net-config
The multinode_major_upgrade scenario is using an external
directory for net-config.
Moving this to the internal directory in tht common/
Change-Id: I41692d2ddb9fbd2002fd7910933ab4edff74f33e
Jenkins [Mon, 30 Jan 2017 21:07:38 +0000 (21:07 +0000)]
Merge "Add upgrade support for CephRGW service"
Jenkins [Mon, 30 Jan 2017 15:56:17 +0000 (15:56 +0000)]
Merge "multinode/upgrade: set heat::rpc_response_timeout to 600"
Dan Prince [Wed, 4 Jan 2017 02:57:14 +0000 (21:57 -0500)]
docker: eliminate copy-json.py in favor of json-file
This patch rewires how we configure the Kolla external config files
via Heat templates and uses a more simple json-file heat hook to
directly write out Kolla config files to disk.
By using a heat hook instead of a shell script we can avoid
Json conversion issues. Additionally, This generic json file hook will
be useful for other ad-hoc Json file configuration within the TripleO
docker architecture.
Co-Authored-By: Martin André <m.andre@redhat.com>
Change-Id: I8c72a4a9a7022f722bfe1cef3e18517605720cce
Depends-On: I2b372ac2e291339e436202c9fe58a681ed6a743f
Depends-On: Id3f779b11e23fd3122ef29b7ccbae116667d4520
Jenkins [Fri, 27 Jan 2017 22:04:18 +0000 (22:04 +0000)]
Merge "Add AuditD composable service"
Jenkins [Fri, 27 Jan 2017 19:22:15 +0000 (19:22 +0000)]
Merge "Pass parameters for TLS proxy in front of neutron server"
Emilien Macchi [Fri, 27 Jan 2017 19:14:53 +0000 (14:14 -0500)]
multinode/upgrade: set heat::rpc_response_timeout to 600
Continue the work done on https://review.openstack.org/#/c/423302/
Change-Id: I931534e0ec33e131809186f74068eb479d38a0f9
Jenkins [Fri, 27 Jan 2017 18:58:36 +0000 (18:58 +0000)]
Merge "Remove create-legacy-resource-types opts"
Jenkins [Fri, 27 Jan 2017 17:52:29 +0000 (17:52 +0000)]
Merge "Use os-net-config in multinode jobs"
Juan Antonio Osorio Robles [Wed, 25 Jan 2017 17:42:33 +0000 (19:42 +0200)]
Pass parameters for TLS proxy in front of neutron server
If TLS in the internal network is enabled, we run neutron-server
behind a TLS proxy (which is actually httpd's mod_proxy). This passes
the necessary hieradata.
bp tls-via-certmonger
Depends-On: I6dfbf49f45aef9f47e58b5c0dbedd2b4e239979e
Change-Id: I9252512dbf9cf2e3eec50c41bf10629d36070bbd
Emilien Macchi [Wed, 25 Jan 2017 15:35:20 +0000 (10:35 -0500)]
Use os-net-config in multinode jobs
Full credits to James Slagle, author of this code in TripleO CI:
https://review.openstack.org/#/c/409346
This patch adds a new template for configuring networking on the
Overcloud nodes using os-net-config in multinode jobs. Previously we
were not using os-net-config at all.
Also updates the multinode.yaml environment to use this network config
template.
The IP of each subnode is used when the vxlan tunnels are configured in
OVS, given that, each node needs its own unique network configuration.
To accomodate that, the templates makes use of the network_config_hook
function to influence run-os-net-config.sh
This patch is just the first step to totally switching to os-net-config
in multinode jobs. The devstack-gate code is still in use to bootstrap
the initial networking on the undercloud and subnodes. That will be
switched over in subsequent patches.
Change-Id: I6efa71eb23109d0b3b480061135c572ab89f5981
Co-Authorized-By: James Slagle <jslagle@redhat.com>
Implements: blueprint multinode-ci-os-net-config
Oliver Walsh [Thu, 26 Jan 2017 11:21:41 +0000 (11:21 +0000)]
Add support for Jinja2 includes
This replicates the behavior of the custom Jinja2 loader from tripleo-common to
allow template validation on the local filesystem using tox.
Change-Id: I27683ab31187c6334dc5b4b5363a3347874b9a90
Partially-Implements: blueprint overcloud-upgrades-per-service
Depends-On: Idc5c3f49c7a2fc7f3622c76da001992cc657384e
Steven Hardy [Wed, 18 Jan 2017 12:25:56 +0000 (12:25 +0000)]
Add AuditD composable service
This patch allows the management of the AuditD service and its associated
files (such as `audit.rules`)
This is achieved by means of the `puppet-auditd` puppet module.
Also places ssh banner capabilities map on top of patch
Change-Id: Ib8bb52dde88304cb58b051bced9779c97a314d0d
Depends-On: Ie31c063b674075e35e1bfa28d1fc07f3f897407b
Jenkins [Fri, 27 Jan 2017 12:58:03 +0000 (12:58 +0000)]
Merge "Adds a pre-upgrade check that service is running (step0)"
Jenkins [Fri, 27 Jan 2017 12:29:12 +0000 (12:29 +0000)]
Merge "Adds SSH Banner text into sshd_config"
marios [Fri, 23 Dec 2016 14:07:44 +0000 (16:07 +0200)]
Adds a pre-upgrade check that service is running (step0)
Adds a step0 for most services to check that the state is running
before continuing with any of the other upgrades steps (these are
tagged step0).
You can skip this service check by overriding the
SkipUpgradeConfigTags parameter as follows:
parameter_defaults:
SkipUpgradeConfigTags: validation
Co-Authored-By: Steven Hardy <shardy@redhat.com>
Change-Id: Ie276f153015f671b720b6ed5beaac1b921661909
Michele Baldessari [Fri, 27 Jan 2017 07:10:39 +0000 (08:10 +0100)]
Allow the override of pacemaker::corosync::settle_tries
When replacing a controller node, Exec['wait-for-settle'] needs to
timeout, which means that the command pcs cluster auth will be executed
360 times with 10 seconds in between. So that means waiting for an hour
for no reason. Let's allow to override the settle_tries counter so
an operator can shorten it accordingly.
Tested this by setting CorosyncSettleTries to 100 and I correctly get
proper hiera settings:
$ hiera pacemaker::corosync::settle_tries
100
And effectively we try a number of 100 times as opposed to the 360
default:
/Stage[main]/Pacemaker::Corosync/Exec[reauthenticate-across-all-nodes]/returns
(debug): Exec try 1/100
Change-Id: I5e21b4215cb0b8686d2059b3d71e2444a96719dc
Closes-Bug: #
1659741
Jenkins [Fri, 27 Jan 2017 04:50:01 +0000 (04:50 +0000)]
Merge "Allow to separate Horizon from Neutron"
Jenkins [Fri, 27 Jan 2017 01:07:31 +0000 (01:07 +0000)]
Merge "Add a release note for using deployed-servers (aka split-stack)"
Jenkins [Fri, 27 Jan 2017 01:07:24 +0000 (01:07 +0000)]
Merge "Add release note for composable upgrades"
Jenkins [Thu, 26 Jan 2017 22:27:14 +0000 (22:27 +0000)]
Merge "Add novajoin entries to the TLS-everywhere environment file"
Emilien Macchi [Thu, 26 Jan 2017 21:50:08 +0000 (16:50 -0500)]
Allow to separate Horizon from Neutron
Allow to deploy 2 different nodes with Neutron and another with Horizon.
Horizon will get the right hieradata to collect the mechanism driver and
configure the dashboard correctly.
Change-Id: I24621f6a7d053cff487984bab0d10a4a97204675
Closes-Bug:
1659662
Jenkins [Thu, 26 Jan 2017 20:06:58 +0000 (20:06 +0000)]
Merge "Add telemetry service support for composable upgrades"
James Slagle [Thu, 26 Jan 2017 20:06:46 +0000 (15:06 -0500)]
Add deployed server bootstrap for RHEL
This is similar to the bootstrap for CentOS, except we don't set SELinux
to permissive on RHEL.
Change-Id: I52b8fa017ee2821d2fa91e5ec806a55fcb92566d
Partially-implements: blueprint split-stack-software-configuration
Jenkins [Thu, 26 Jan 2017 20:05:23 +0000 (20:05 +0000)]
Merge "Do not try to update the 'ceph' metapackage from CephMon role"
Pradeep Kilambi [Mon, 23 Jan 2017 15:04:25 +0000 (10:04 -0500)]
Remove create-legacy-resource-types opts
This flag is quite old and doesnt work as expected anymore.
Let ceilometer upgrade create these reource types instead.
Change-Id: I71ea6e2fd9418095de658d709c14bb3006ca2753
Jenkins [Thu, 26 Jan 2017 18:39:13 +0000 (18:39 +0000)]
Merge "Conform CephExternal template to the new hiera hook"
Jenkins [Thu, 26 Jan 2017 18:37:56 +0000 (18:37 +0000)]
Merge "Add Ceph RBD mirror Pacemaker profile"
Jenkins [Thu, 26 Jan 2017 17:23:31 +0000 (17:23 +0000)]
Merge "ci: import multinode_major_upgrade.yaml from tripleo-ci"
Jenkins [Thu, 26 Jan 2017 17:19:02 +0000 (17:19 +0000)]
Merge "Allow dnsmasq_dns_servers to be configured for DHCP Agent"
Jenkins [Thu, 26 Jan 2017 16:55:07 +0000 (16:55 +0000)]
Merge "Use versionless keystone endpoint for barbican-related configurations"
Giulio Fidente [Fri, 20 Jan 2017 16:32:17 +0000 (17:32 +0100)]
Add upgrade support for CephRGW service
Implements minor upgrade of the ceph-radosgw service.
Change-Id: I4c064bf996ec6bb7eba41ab6384bd953a8ec920f
Partially-Implements: blueprint overcloud-upgrades-per-service
Steven Hardy [Thu, 26 Jan 2017 13:28:15 +0000 (13:28 +0000)]
Add release note for composable upgrades
Adds an initial release note for composable upgrades - I had to be
vague in the upgrades section as we're still working out some details
of the final upgrade workflow for all roles.
Change-Id: Iac0af86f3b56a07070a9d24b1255953f5fd07b34
Jenkins [Thu, 26 Jan 2017 14:09:28 +0000 (14:09 +0000)]
Merge "Set the correct default for gnocchi workers"
Giulio Fidente [Thu, 26 Jan 2017 12:31:38 +0000 (13:31 +0100)]
Do not try to update the 'ceph' metapackage from CephMon role
The 'ceph' metapackage is only provided by some repos so we should
not explicitly pull it.
Also adds a validation step to the CephMon and CephOSD roles to
stop upgrade if the Ceph cluster is in error state.
Change-Id: I5aa275677ada47a352a327b9be21927b852d16f3
Jenkins [Thu, 26 Jan 2017 13:33:26 +0000 (13:33 +0000)]
Merge "Add ironic service support for composable upgrades"
Jenkins [Thu, 26 Jan 2017 13:33:16 +0000 (13:33 +0000)]
Merge "Skip upgrade steps where no tasks are defined"
Jenkins [Thu, 26 Jan 2017 13:33:09 +0000 (13:33 +0000)]
Merge "Add upgrade support for ceph OSD service"
Jenkins [Thu, 26 Jan 2017 13:33:02 +0000 (13:33 +0000)]
Merge "Add upgrade support for ceph-mon service"
Emilien Macchi [Thu, 26 Jan 2017 13:30:10 +0000 (08:30 -0500)]
ci: import multinode_major_upgrade.yaml from tripleo-ci
So we can version it between releases like we do with scenarios.
Change-Id: I3e3aa5d4fa7e03d1f4483bf42fcff17386b58709
Jenkins [Thu, 26 Jan 2017 13:02:11 +0000 (13:02 +0000)]
Merge "Add support for batched upgrades to composable upgrades"
Giulio Fidente [Mon, 5 Dec 2016 15:44:23 +0000 (16:44 +0100)]
Add Ceph RBD mirror Pacemaker profile
This change adds a profile to deploy the Ceph RBD mirroring daemon
as a Pacemaker resource.
Change-Id: Ib07e5bca6a45f0c6c59a3acf07f4e3ae9d2f8948
Depends-On: Ic63dc5cffece38942d305f538f71dd58a5d50789
Closes-Bug: #
1652177
Jenkins [Thu, 26 Jan 2017 11:39:53 +0000 (11:39 +0000)]
Merge "Add snmp service support for composable upgrades"
Luke Hinds [Thu, 8 Dec 2016 13:12:53 +0000 (13:12 +0000)]
Adds SSH Banner text into sshd_config
Allow use of ooo template to populate banner text into /etc/issue
Change-Id: If5b2da9415f10652a0a64503b2da4b63d1018640
Depends-On: Ie9f8afdfa9930428f06c9669fedb460dc1064d5e
Closes-Bug: #
1640306
Steven Hardy [Mon, 23 Jan 2017 11:46:58 +0000 (11:46 +0000)]
Add SkipUpgradeConfigTags for upgrade config
It may be that we want ways to selectively disable certain tasks,
such as pre-flight validations that might fail when restarting an
upgrade from a failed state. This shows a way we might do that.
Depends-On: I18214f80be9f3ad6c2d385fc00f3b786d3e7dda3
Change-Id: Ibffaaf1de0baf47a0450daa5b7cbb57d38746556
Jenkins [Thu, 26 Jan 2017 01:07:26 +0000 (01:07 +0000)]
Merge "Add release notes for Ocata 6.0.0"
Jenkins [Wed, 25 Jan 2017 23:50:48 +0000 (23:50 +0000)]
Merge "Manage password_validator regex"
Jenkins [Wed, 25 Jan 2017 21:10:01 +0000 (21:10 +0000)]
Merge "Auto-set SwiftMountCheck and SwiftUseLocalDir settings"
Steven Hardy [Thu, 1 Dec 2016 10:06:34 +0000 (10:06 +0000)]
Add telemetry service support for composable upgrades
Change-Id: I62735676b45a881a7dac24171b26d88d6eb60d4a
Partially-Implements: blueprint overcloud-upgrades-per-service
Steven Hardy [Thu, 1 Dec 2016 10:06:11 +0000 (10:06 +0000)]
Add ironic service support for composable upgrades
Change-Id: Ie1fe7db081d69db4b99869057352367e8e01760c
Partially-Implements: blueprint overcloud-upgrades-per-service
Steven Hardy [Fri, 20 Jan 2017 16:51:36 +0000 (16:51 +0000)]
Skip upgrade steps where no tasks are defined
Use heat conditions to skip resources (conditionally create them)
when there are no tasks to deploy.
This requires the heat fix Iefae1fcea720bee4ed69ad1a5fe403d52d54433c
Partially-Implements: blueprint overcloud-upgrades-per-service
Change-Id: I2f43fb922d122ffade20e35738f0ba3bb56a4492
Steven Hardy [Fri, 20 Jan 2017 15:34:27 +0000 (15:34 +0000)]
Add upgrade support for ceph OSD service
This takes a subset of the logic from major_upgrade_ceph_storage.sh
and ports it into ansible tasks, which will be applied in a rolling
upgrade after the mon services are upgraded (in the step0 batch).
Change-Id: I6e87969add301e78bb665d7748e5f0df8eeae819
Partially-Implements: blueprint overcloud-upgrades-per-service
Steven Hardy [Fri, 20 Jan 2017 10:24:26 +0000 (10:24 +0000)]
Add upgrade support for ceph-mon service
Initial support for a rolling upgrade of ceph-mon services which
happens before the OpenStack services are upgraded.
Change-Id: Ifaebbe2ae884bd899cdc6f1c288274e5838792a6
Partially-Implements: blueprint overcloud-upgrades-per-service
Steven Hardy [Fri, 20 Jan 2017 10:45:19 +0000 (10:45 +0000)]
Add support for batched upgrades to composable upgrades
Some services (e.g ceph mon) require upgrading in batches (the old
upgrade architecture did the ceph mon upgrade one controller at a
time). This interface enables doing the same, and over time we
can probably move more services into this interface (e.g when
services support rolling upgrades) to reduce downtime.
Change-Id: If581f301a5493ef33ac1386bdc22f9fca4f2544e
Partially-Implements: blueprint overcloud-upgrades-per-service
Juan Antonio Osorio Robles [Wed, 7 Dec 2016 07:15:47 +0000 (09:15 +0200)]
Use versionless keystone endpoint for barbican-related configurations
castellan (the key manager interface used by nova and cinder) is no
longer tied to keystone v3 [1]. So now it's possible to use versionless
endpoints for keystone.
[1] I124c0ea2d9403d6b530b33f18896c4e7bf4eabb5
Change-Id: Id5d893a6a41077ab76ca59295593a27be5c3004c
Pradeep Kilambi [Wed, 25 Jan 2017 18:55:57 +0000 (13:55 -0500)]
Set the correct default for gnocchi workers
The current default is empty which overrides the puppet-gnocchi
os_workers calculated value. Instead default to the os_workers.
Change-Id: I9bf9a107c03172500f7c8c5e4353c20305c8e6b5
Juan Antonio Osorio Robles [Tue, 17 Jan 2017 23:02:35 +0000 (01:02 +0200)]
Add novajoin entries to the TLS-everywhere environment file
These metadata settings (the hardcoded metadata and the hook override)
are used by the novajoin service when it's deployed in the undercloud,
and will tell it to enroll the overcloud nodes and the services that are
specified by the metadata hook.
bp novajoin
bp tls-via-certmonger
Change-Id: Ia4645cc356688b7bcf82ed7765c0b74d53d64ed1
Jenkins [Wed, 25 Jan 2017 20:50:25 +0000 (20:50 +0000)]
Merge "Add Octavia API service definitions"
Jenkins [Wed, 25 Jan 2017 20:49:56 +0000 (20:49 +0000)]
Merge "Add ec2-api service"
Jenkins [Wed, 25 Jan 2017 20:49:40 +0000 (20:49 +0000)]
Merge "Add metadata settings for needed kerberos principals"
Jenkins [Wed, 25 Jan 2017 20:48:29 +0000 (20:48 +0000)]
Merge "Ignore systemctl return code in yum_update.sh"
James Slagle [Wed, 25 Jan 2017 20:35:37 +0000 (15:35 -0500)]
Add a release note for using deployed-servers (aka split-stack)
Change-Id: I9e926e66518ffd15c8a83355c87e8eae26742d5e
Giulio Fidente [Wed, 25 Jan 2017 17:02:11 +0000 (18:02 +0100)]
Conform CephExternal template to the new hiera hook
We missed to refactor CephExternal when migrating to the new
hiera hook. The old template would have pushed the value of
ceph::profile::params::client_keys as a string causing the
deployment to fail with:
Error while evaluating a Function Call, {...} is not a Hash
The new template emits that same data as a map, as it happened
for the other services in Ibe7e2044e200e2c947223286fdf4fd5bcf98c2e1
Change-Id: I3cf59b7d8343d7433047e9ccef310d287dbd47b5
Emilien Macchi [Mon, 23 Jan 2017 22:50:02 +0000 (17:50 -0500)]
Add release notes for Ocata 6.0.0
Change-Id: I0d56dfe012d97e8f7206e8777c1b72a6797c328d
Luke Hinds [Wed, 21 Dec 2016 13:57:47 +0000 (13:57 +0000)]
Manage password_validator regex
Horizon provides a password validation check, which OpenStack cloud
operators can use to enforce password complexity checks for users
within horizon.
A dictionary containing a regular expression can be used for
password validation with help text that is displayed if the password
does not pass validation.
HORIZON_CONFIG["password_validator"] = {
"regex": '.*',
"help_text": _("Your password does not meet the requirements."),
}
This change allows injection of the regex into horizons local_settings
file from a tripleo heat template
Change-Id: Ib6517c8f96148bea002b0e3442a26367b236928f
Depends-On: If82a80ed6a8e6e65aecc2a25ee6d60640ae03c9a
Closes-Bug: #
1640800
Steven Hardy [Thu, 1 Dec 2016 10:06:58 +0000 (10:06 +0000)]
Add snmp service support for composable upgrades
Change-Id: Ifa10b764ae7c67e089c0d2506a49e474135083bb
Partially-Implements: blueprint overcloud-upgrades-per-service
Jenkins [Wed, 25 Jan 2017 03:36:35 +0000 (03:36 +0000)]
Merge "Remove spurious for loop from post deploy j2"
Jenkins [Wed, 25 Jan 2017 02:29:44 +0000 (02:29 +0000)]
Merge "Add glance registry service to disable on upgrade"
Jenkins [Wed, 25 Jan 2017 02:29:10 +0000 (02:29 +0000)]
Merge "pacemaker remote profile support"
Steven Hardy [Tue, 24 Jan 2017 23:17:50 +0000 (23:17 +0000)]
Remove spurious for loop from post deploy j2
This nested for loop is wrong as it generates all steps for all
roles twice. This works because yaml parsing ignores the duplicate
resources, but it's a big waste of space in swift (this fix reduces
the rendered file size by over 2000 lines with the default roles!)
Change-Id: Ifaf860020839390147c92848d52b1a59e355dc50
Closes-Bug: #
1659139
Jenkins [Tue, 24 Jan 2017 23:13:12 +0000 (23:13 +0000)]
Merge "Pass parameters for TLS proxy in front of Glance-API"
Juan Antonio Osorio Robles [Thu, 15 Dec 2016 14:20:40 +0000 (16:20 +0200)]
Add metadata settings for needed kerberos principals
These are only used for TLS-everywhere, and fills up the kerberos
principals that will need to be created for the certs used by the
overcloud. With this, the metadata hook will format these principals
correctly and will further pass them on to the nova metadata service.
Where they can be used if there's a plugin enabled.
bp tls-via-certmonger
bp novajoin
Change-Id: I873094bb69200052febda629fda698a7a782c031
Jenkins [Tue, 24 Jan 2017 22:11:29 +0000 (22:11 +0000)]
Merge "Import multinode + pingtest from tripleo-ci"
Jenkins [Tue, 24 Jan 2017 22:11:22 +0000 (22:11 +0000)]
Merge "cinder-api: cleanup TODO"
Code Review / apex-tripleo-heat-templates.git / log