apex-tripleo-heat-templates.git
8 years agoAllow map_replace substitution of network names
Steven Hardy [Thu, 21 Jul 2016 15:24:09 +0000 (16:24 +0100)]
Allow map_replace substitution of network names

To allow per-node data such as bind_ip's to move into the
composable services templates, we do a value substitution
on the config settings hiera map, where e.g internal_api
will be replaced with the NetIpMap IP assigned to that.

To enable subnet/uri lookup via the same method, we add
all the subnet/uri mappings to the main net_ip_map output.

Change-Id: I7850d4dc8bf4db5f7ac6a6b53c1d900b561b4580

8 years agoMerge "Remove outdated Neutron auth options"
Jenkins [Tue, 9 Aug 2016 12:43:09 +0000 (12:43 +0000)]
Merge "Remove outdated Neutron auth options"

8 years agoMerge "Remove static hieradata"
Jenkins [Tue, 9 Aug 2016 12:39:18 +0000 (12:39 +0000)]
Merge "Remove static hieradata"

8 years agoMerge "Move neutron-related options for nova to base profile"
Jenkins [Tue, 9 Aug 2016 12:30:44 +0000 (12:30 +0000)]
Merge "Move neutron-related options for nova to base profile"

8 years agoMerge "Move nova's kestone::auth parameters to API profile"
Jenkins [Tue, 9 Aug 2016 09:35:24 +0000 (09:35 +0000)]
Merge "Move nova's kestone::auth parameters to API profile"

8 years agoMerge "Move setting of Glance's keystone region to API profile"
Jenkins [Tue, 9 Aug 2016 09:25:08 +0000 (09:25 +0000)]
Merge "Move setting of Glance's keystone region to API profile"

8 years agoMerge "Configure project name for keystone::auth resource in heat"
Jenkins [Tue, 9 Aug 2016 09:25:02 +0000 (09:25 +0000)]
Merge "Configure project name for keystone::auth resource in heat"

8 years agoMerge "Move cinder's kestone::auth parameters to API profile"
Jenkins [Tue, 9 Aug 2016 09:24:55 +0000 (09:24 +0000)]
Merge "Move cinder's kestone::auth parameters to API profile"

8 years agoMerge "Move neutron's kestone::auth parameters to server profile"
Jenkins [Tue, 9 Aug 2016 08:28:17 +0000 (08:28 +0000)]
Merge "Move neutron's kestone::auth parameters to server profile"

8 years agoMove neutron-related options for nova to base profile
Juan Antonio Osorio Robles [Mon, 8 Aug 2016 13:01:01 +0000 (16:01 +0300)]
Move neutron-related options for nova to base profile

Change-Id: I21c09b2b0bad7736f3c84c55bf14ef7986c2d108

8 years agoMove nova's kestone::auth parameters to API profile
Juan Antonio Osorio Robles [Mon, 8 Aug 2016 10:47:01 +0000 (13:47 +0300)]
Move nova's kestone::auth parameters to API profile

In the move to composable services, these parameters are not
necessary in the controller, but in the profile itself. They are not
yet in use but will be used to populate the keystone endpoint.

Change-Id: I42e30243b631c10d9454da444afdb50e551bbb2c

8 years agoMerge "Move *Flavor parameters into per-role templates"
Jenkins [Tue, 9 Aug 2016 02:45:31 +0000 (02:45 +0000)]
Merge "Move *Flavor parameters into per-role templates"

8 years agoMerge "Support arbitrary attributes for the Ceph pools"
Jenkins [Mon, 8 Aug 2016 20:18:02 +0000 (20:18 +0000)]
Merge "Support arbitrary attributes for the Ceph pools"

8 years agoMerge "Make deployed-server OS::Neutron::Port optional"
Jenkins [Mon, 8 Aug 2016 19:56:53 +0000 (19:56 +0000)]
Merge "Make deployed-server OS::Neutron::Port optional"

8 years agoRemove static hieradata
Emilien Macchi [Thu, 4 Aug 2016 20:10:40 +0000 (16:10 -0400)]
Remove static hieradata

Static hieradata moved to composable services, we don't need the files
anymore. It also cleanup how we construct Hieradata configuration by
removing unused hiera files.

Change-Id: I19f85b6c1b734473cf908ddaca29ad966f9f5405

8 years agoSupport arbitrary attributes for the Ceph pools
Giulio Fidente [Mon, 25 Jul 2016 13:11:40 +0000 (15:11 +0200)]
Support arbitrary attributes for the Ceph pools

This change adds a CephPools parameter which can be used to
provide custom settings for any Ceph pool.

It also removes our custom setting for the default pg_num,
pgp_num and size so that these are used for the managed
pools (and can be overridden) but aren't enforced globally.

Change-Id: Idcf28bec46beabb1b590fc8e78b43e58d8e35717
Closes-Bug: 1517969
Depends-On: I38978f0f3119e4ab7dd45021e598253cb066cb5a

8 years agoMerge "Set Coordination url for central agent"
Jenkins [Mon, 8 Aug 2016 14:45:04 +0000 (14:45 +0000)]
Merge "Set Coordination url for central agent"

8 years agoMove setting of Glance's keystone region to API profile
Juan Antonio Osorio Robles [Mon, 8 Aug 2016 10:34:15 +0000 (13:34 +0300)]
Move setting of Glance's keystone region to API profile

This is not necessary in the controller.yaml and is more appropriate
in the profile.

Change-Id: Ie2badbd87eabb8404acff77e9aa5d091fbdd1499

8 years agoConfigure project name for keystone::auth resource in heat
Juan Antonio Osorio Robles [Mon, 8 Aug 2016 13:55:11 +0000 (16:55 +0300)]
Configure project name for keystone::auth resource in heat

Heat API and CFN API both need to have teh keystone::auth*::tenant
parameters configured.

Change-Id: Ibdc3d693f5a63362add3fc71064fc01bb4593403

8 years agoMove cinder's kestone::auth parameters to API profile
Juan Antonio Osorio Robles [Mon, 8 Aug 2016 10:31:17 +0000 (13:31 +0300)]
Move cinder's kestone::auth parameters to API profile

In the move to composable services, these parameters are not
necessary in the controller, but in the profile itself. They are not
yet in use but will be used to populate the keystone endpoint.

Change-Id: Ib9b0e474f875a4b2ffbda11c01cb882149997b0c

8 years agoMove neutron's kestone::auth parameters to server profile
Juan Antonio Osorio Robles [Mon, 8 Aug 2016 10:21:49 +0000 (13:21 +0300)]
Move neutron's kestone::auth parameters to server profile

In the move to composable services, these parameters are not
necessary in the controller, but in the profile itself. They are not
yet in use but will be used to populate the keystone endpoint.

Change-Id: Ia0866d893c2f3258b0e00efcb8894c7643980173

8 years agoMerge "Update cinder-api with new authtoken parameters"
Jenkins [Mon, 8 Aug 2016 13:54:36 +0000 (13:54 +0000)]
Merge "Update cinder-api with new authtoken parameters"

8 years agoRemove outdated Neutron auth options
Sergey Kolekonov [Mon, 8 Aug 2016 13:08:11 +0000 (16:08 +0300)]
Remove outdated Neutron auth options

Currently Keystone auth plugins should be used to perform authorization.
admin_* parameters as well as identity_uri are deprecated and not needed

Change-Id: I3018932a106df562e94067e037b3bc862be97b51

8 years agoMerge "Convert AllNodesConfig hosts config to a map"
Jenkins [Mon, 8 Aug 2016 12:55:28 +0000 (12:55 +0000)]
Merge "Convert AllNodesConfig hosts config to a map"

8 years agoMerge "Add EnabledServices output to overcloud.yaml"
Jenkins [Mon, 8 Aug 2016 12:51:26 +0000 (12:51 +0000)]
Merge "Add EnabledServices output to overcloud.yaml"

8 years agoMake deployed-server OS::Neutron::Port optional
Dan Prince [Sat, 6 Aug 2016 15:08:05 +0000 (11:08 -0400)]
Make deployed-server OS::Neutron::Port optional

This patch makes it possible to set
OS::TripleO::DeployedServer::ControlPlanePort: OS::Heat::None
in your resource_registry and thereby avoid the creation of
a neutron port for the deployed server. This is useful if
you are bootstrapping things in an environment without
Neutron.

Also, includes a new deployed-server-noop-ctlplane.yaml
environment file.

Change-Id: I2990dc816698e0f6e3193a8fc7c9c6767c6e50e5

8 years agoAdd Sahara services to ControllerServices list
Steven Hardy [Thu, 30 Jun 2016 16:50:28 +0000 (17:50 +0100)]
Add Sahara services to ControllerServices list

https://review.openstack.org/#/c/318840/ decomposed the Sahara services
but they weren't added to the ControllerServices list, thus are now disabled.

Since we shipped mitaka with sahara enabled by default, we should probably add
them so the behavior is consistent when folks upgrade.

This also fixes a couple of issues we missed when landing the initial service
templates (partly because CI didn't test them).

In order for each service to operate independently when used with Pacemaker,
the roles needed to be separated. This commit also does this.

Depends-On: Id61eb15b1e2366f5b73c6e7d47941651e40651b1
Change-Id: I0846b328e9d938275e373d58f0b99219b19b326c
Closes-Bug: #1592284
Co-Authored-By: Brad P. Crochet <brad@redhat.com>
8 years agoMerge "Remove keystone PKI related parameters"
Jenkins [Fri, 5 Aug 2016 23:18:07 +0000 (23:18 +0000)]
Merge "Remove keystone PKI related parameters"

8 years agoUpdate cinder-api with new authtoken parameters
Emilien Macchi [Fri, 5 Aug 2016 13:50:30 +0000 (09:50 -0400)]
Update cinder-api with new authtoken parameters

Puppet OpenStack modules are moving to a new class to configure Keystone
authtoken parameters, so we can more easily enable Keystone v3 from a
single interface. It's consistent across all modules and does support
both Keystone v2 and v3 parameters.

This patch updates Cinder now, but more will follow when we'll add
support to all modules.

Change-Id: I5aa3f2b03672c14c0dbeac222f421ab94221ecf7

8 years agoAdd Aodh composable roles
Pradeep Kilambi [Thu, 23 Jun 2016 19:54:06 +0000 (15:54 -0400)]
Add Aodh composable roles

Implements: blueprint composable-services-within-roles
Depends-On: Ie48a123cc5bc402aee635a5daf118b158c6f3b6a
Closes-Bug: #1601850

Change-Id: Ifcfe0e3937fa8577635d803d46c3dfc2e873e553

8 years agoMerge "Add environment file to enable DVR"
Jenkins [Fri, 5 Aug 2016 21:02:25 +0000 (21:02 +0000)]
Merge "Add environment file to enable DVR"

8 years agoRemove keystone PKI related parameters
Steven Hardy [Wed, 3 Aug 2016 12:39:39 +0000 (13:39 +0100)]
Remove keystone PKI related parameters

These interfaces have all been deprecated by keystone, and we don't
offer any parameter interface to select PKI token format anyway,
so remove these to align with keystone reccomendations.

The keystone.conf.sample says these values may be silently ignored or
removed, so it seems reasonable to do the same here (parameter_defaults
should be ignored from old stacks).

Change-Id: Ic88d584863a98ed49fc335825fbfba7a52b0f14e
Depends-On: I8232262b928c91dcde7bea2f23fa2a7c2660719e

8 years agoMerge "Move *Image parameters into role templates"
Jenkins [Fri, 5 Aug 2016 10:47:48 +0000 (10:47 +0000)]
Merge "Move *Image parameters into role templates"

8 years agoMerge "Remove KeyName parameter from overcloud template"
Jenkins [Fri, 5 Aug 2016 10:46:14 +0000 (10:46 +0000)]
Merge "Remove KeyName parameter from overcloud template"

8 years agoMerge "Move per-role *SchedulerHints parameters into role templates"
Jenkins [Fri, 5 Aug 2016 04:51:07 +0000 (04:51 +0000)]
Merge "Move per-role *SchedulerHints parameters into role templates"

8 years agoMerge "Next generation HA architecture work"
Jenkins [Thu, 4 Aug 2016 23:57:07 +0000 (23:57 +0000)]
Merge "Next generation HA architecture work"

8 years agoMerge "Remove some properties from overcloud.yaml Controller group"
Jenkins [Thu, 4 Aug 2016 21:41:56 +0000 (21:41 +0000)]
Merge "Remove some properties from overcloud.yaml Controller group"

8 years agoSet Coordination url for central agent
Pradeep Kilambi [Wed, 3 Aug 2016 14:58:00 +0000 (10:58 -0400)]
Set Coordination url for central agent

Use the redis_vip value from hiera.

Change-Id: I3b354012c8c054633497a6d80ff325f55e7b7142

8 years agoAdd environment file to enable DVR
Brent Eagles [Tue, 21 Jun 2016 13:38:27 +0000 (11:08 -0230)]
Add environment file to enable DVR

This patch adds support for conditionally enabling DVR by deploying the
L3 and metadata agents on the compute node and setting the proper
configuration values throughout.

Implements: blueprint neutron-dvr-support
Change-Id: I24099795e76ecd520c990ba49d3511288dec7a12

8 years agoNext generation HA architecture work
Michele Baldessari [Fri, 29 Jul 2016 09:46:40 +0000 (11:46 +0200)]
Next generation HA architecture work

This is the THT part that brings us the next generation architecture
as described in the following spec:
https://review.openstack.org/#/c/299628/

Blueprint:
https://blueprints.launchpad.net/tripleo/+spec/ha-lightweight-architecture

So far we tested deployment + tripleo.sh --overcloud-pingtest and
failover + tripleo.sh --overcloud-pingtest

Note that many of the Pacemaker template files become redundant with
this change, but to simplify the process of getting this change landed,
those templates will not be removed until a future commit.

Depends-On: I5e7585c08675d8a4bd071523b94210d325d79b59

Change-Id: I00bccb2563c006f80baed623b64f1e17af20dd4e
Implements: blueprint ha-lightweight-architecture
Co-Author: cmsj@tenshu.net

8 years agoMerge "Replace hard-coded regionOne with parameter references"
Jenkins [Thu, 4 Aug 2016 09:46:47 +0000 (09:46 +0000)]
Merge "Replace hard-coded regionOne with parameter references"

8 years agoMerge "Enable Manila integration - as a composable controller service"
Jenkins [Wed, 3 Aug 2016 16:16:24 +0000 (16:16 +0000)]
Merge "Enable Manila integration - as a composable controller service"

8 years agoReplace hard-coded regionOne with parameter references
Steven Hardy [Wed, 3 Aug 2016 14:01:57 +0000 (15:01 +0100)]
Replace hard-coded regionOne with parameter references

In a few places we hard-code the config values to regionOne, but
there is a parameter available to set this.

Change-Id: I9f5138103deb45f7432ee44e03a08dcf54c2990d

8 years agoEnable Manila integration - as a composable controller service
Ryan Hefner [Tue, 10 Nov 2015 18:56:54 +0000 (13:56 -0500)]
Enable Manila integration - as a composable controller service

Allows the installation and configuration of Manila.
Supports the generic driver only. This has a dependency on the
puppet-tripleo classes for manila where the puppet specific
config now lives.

The review at https://review.openstack.org/#/c/315658/ has been
merge into this one, as of v68, so manila lands as a composable
service. This was brought up on the mailing list at [1]

[1] http://lists.openstack.org/pipermail/openstack-dev/2016-May/096126.html

Co-Authored-By: Marios Andreou <marios@redhat.com>
Implements: blueprint composable-services-within-roles
Depends-On: I444916d60a67bf730bf4089323dba1c1429e2e71
Depends-On: I9eda4b3364e5c59342761a1ec71b0eb567c69cf1
Depends-On: I571b65a5402c1028418476a573ebeb9450ed00c9
Change-Id: I7acebac4354fca1f8d7ff6c343c1346bf29b81c6

8 years agoMerge "Enable glance to use the SSL middleware"
Jenkins [Mon, 1 Aug 2016 17:09:27 +0000 (17:09 +0000)]
Merge "Enable glance to use the SSL middleware"

8 years agoMerge "Enable keystone to use the SSL middleware"
Jenkins [Mon, 1 Aug 2016 17:00:21 +0000 (17:00 +0000)]
Merge "Enable keystone to use the SSL middleware"

8 years agoMerge "Update heat-agents setup files"
Jenkins [Mon, 1 Aug 2016 09:22:05 +0000 (09:22 +0000)]
Merge "Update heat-agents setup files"

8 years agoMerge "move hieradata/ceph into ceph-base service"
Jenkins [Mon, 1 Aug 2016 09:20:32 +0000 (09:20 +0000)]
Merge "move hieradata/ceph into ceph-base service"

8 years agoMerge "Add default value for `RoleData`"
Jenkins [Mon, 1 Aug 2016 09:05:08 +0000 (09:05 +0000)]
Merge "Add default value for `RoleData`"

8 years agoRemove usage of ::nova class in THT
Emilien Macchi [Mon, 6 Jun 2016 15:21:40 +0000 (11:21 -0400)]
Remove usage of ::nova class in THT

The ::nova class definition is now done in puppet-tripleo.

Depends-On: Ie4e72e765f6a8ade48d4b2b766f067872554d1a2
Change-Id: Ic394e50aa2e288f12d7287a68ea5f691fb7ef07c

8 years agoEnable glance to use the SSL middleware
Juan Antonio Osorio Robles [Wed, 13 Jul 2016 08:48:04 +0000 (11:48 +0300)]
Enable glance to use the SSL middleware

The http_proxy_to_wsgi middleware was recently added to glance as
default in the pipeline [1].

We already enable this middleware for nova, cinder and heat.

[1] I481d88020b6e8420ce4b9072dd30ec82fe3fb4f7

Change-Id: I4a8f7fc079ca93c50aa0ef7b0548dc64f6c5cfa0
Depends-On: I51fbc6050dfbdc72f7ee56a2d17dd5223a208a17

8 years agoEnable keystone to use the SSL middleware
Juan Antonio Osorio Robles [Wed, 13 Jul 2016 08:27:01 +0000 (11:27 +0300)]
Enable keystone to use the SSL middleware

The http_proxy_to_wsgi middleware was recently added to keystone as
default in the pipeline [1]. So this takes it into use instead of the
non-standard option we were using before, which will be deprecated.

We already enable this middleware for nova, cinder and heat.

[1] Iad628a863e55cbf20c89ef23ebc7527ba8e1a835

Depends-On: I0fec98a6e1d9c8be4d8b8df382b78ba2815790f9
Change-Id: I8c1b84adc828a2b8c9ea11c4e2b8349427b1b206

8 years agomove hieradata/ceph into ceph-base service
Emilien Macchi [Thu, 28 Jul 2016 17:23:39 +0000 (13:23 -0400)]
move hieradata/ceph into ceph-base service

Part of composable roles work, move hieradata/ceph into the ceph-base
profile directly.
Also add a comment in all hieradata files to stop adding more data and
use composable services.

Change-Id: I97cc22a253b547be6b99312b6072f53b428aae2c

8 years agoMerge "Move constraints to their respective services"
Jenkins [Fri, 29 Jul 2016 20:06:49 +0000 (20:06 +0000)]
Merge "Move constraints to their respective services"

8 years agoMerge "Stop passing charset=utf8 for neutron database connection option"
Jenkins [Fri, 29 Jul 2016 14:43:58 +0000 (14:43 +0000)]
Merge "Stop passing charset=utf8 for neutron database connection option"

8 years agoConvert AllNodesConfig hosts config to a map
Steven Hardy [Thu, 28 Jul 2016 11:09:15 +0000 (12:09 +0100)]
Convert AllNodesConfig hosts config to a map

Currently we have hard-coded parameters for each role, but to enable
custom roles, we need to pass a generic hosts list that can be joined
for all enabled roles.

Change-Id: I0606f462ff61c3a541342b63fee7d46ebfd1f4e0
Partially-Implements: blueprint custom-roles

8 years agoAdd EnabledServices output to overcloud.yaml
Steven Hardy [Thu, 28 Jul 2016 09:36:17 +0000 (10:36 +0100)]
Add EnabledServices output to overcloud.yaml

This is essentially the same data as defined in the *Services parameter,
but it shows what's enabled for all roles in the format output from the
service templates, so is useful for debugging, and possibly for things
like conditional endpoint generation in future.

Change-Id: Ia4b1694e419533b05d2757d2925471cae75fb5b6

8 years agoMerge "Filter null/None service names"
Jenkins [Fri, 29 Jul 2016 13:00:43 +0000 (13:00 +0000)]
Merge "Filter null/None service names"

8 years agoUpdate heat-agents setup files
Flavio Percoco [Mon, 25 Jul 2016 14:16:55 +0000 (16:16 +0200)]
Update heat-agents setup files

This patch moves the image pull step out of the service heat-agent
service script to ease the service init process and to make it more
reliable. By doing this outside of the service script, it's possible to
know when the `firstboot` script failed and report back.

It also updates the firstboot yaml file to point to the
`tripleoupstream` org.

Co-Authored-By: Flavio Percoco <flavio@redhat.com>
Co-Authored-By: Martin André <m.andre@redhat.com>
Change-Id: I2f0b8092ec69320ee370e1d7d20b8c15c95a1d0d

8 years agoAdd default value for `RoleData`
Flavio Percoco [Mon, 25 Jul 2016 14:31:02 +0000 (16:31 +0200)]
Add default value for `RoleData`

This just adds a default value for `RoleData` in
docker/compute-post.yaml

Change-Id: I96a01dc22e03980b93b32f0f9990f35b83ecfb24

8 years agoMove constraints to their respective services
Michele Baldessari [Fri, 29 Jul 2016 10:08:32 +0000 (12:08 +0200)]
Move constraints to their respective services

The openstack-core-then-httpd constraint needs to live in the apache
pacemaker manifest and not in the main controller manifest file.
The same goes for those specific vsm/cisco neutron resources.

Change-Id: Ifce6c253db004a98f8feb51b84a2f1731253f178
Depends-On: I2041d4d163f051427b62eec07b8345ad7006cc1d

8 years agoMerge "We don't need to set a default for the CephX keys and cluster FSID"
Jenkins [Fri, 29 Jul 2016 10:20:46 +0000 (10:20 +0000)]
Merge "We don't need to set a default for the CephX keys and cluster FSID"

8 years agoMerge "Convert service_name to underscore syntax"
Jenkins [Fri, 29 Jul 2016 08:52:05 +0000 (08:52 +0000)]
Merge "Convert service_name to underscore syntax"

8 years agoMerge "Move nova constraints from controller manifest to each service"
Jenkins [Fri, 29 Jul 2016 08:46:48 +0000 (08:46 +0000)]
Merge "Move nova constraints from controller manifest to each service"

8 years agoWe don't need to set a default for the CephX keys and cluster FSID
Giulio Fidente [Thu, 28 Jul 2016 15:03:33 +0000 (17:03 +0200)]
We don't need to set a default for the CephX keys and cluster FSID

Change-Id: I28021f27a5adc8433df8abdadf0b571b20674fa6
Partial-Bug: 1607407

8 years agoConvert service_name to underscore syntax
Steven Hardy [Thu, 28 Jul 2016 09:30:10 +0000 (10:30 +0100)]
Convert service_name to underscore syntax

Currently we use hyphens, e.g cinder-api, but in overcloud.yaml
we have a lot of references to services (e.g for AllNodesConfig)
by underscore, e.g cinder_api.  To enable dynamic generation of
this data, we need the service name in underscore format.

Change-Id: Ief13dfe5d8d7691dfe2534ad5c39d7eacbcb6f70

8 years agoMerge "Allow to manually disable post-puppet restarts"
Jenkins [Thu, 28 Jul 2016 13:59:11 +0000 (13:59 +0000)]
Merge "Allow to manually disable post-puppet restarts"

8 years agoMerge "Create role for the fake openstack-core resource"
Jenkins [Thu, 28 Jul 2016 13:26:17 +0000 (13:26 +0000)]
Merge "Create role for the fake openstack-core resource"

8 years agoMove nova constraints from controller manifest to each service
Michele Baldessari [Tue, 26 Jul 2016 12:24:16 +0000 (14:24 +0200)]
Move nova constraints from controller manifest to each service

Currently we are still creating all the pacemaker constraints for nova
in the main overcloud_controller_pacemaker.pp manifest file.

Let's move those to each role where they belong. Note that given
that a constraint depends on two separate pacemaker resources it is a
bit arbitrary in which file they end up being (the one of the first
resource or the second one).

Depends-On: I96a3a313d15fac820b020feae0568437c2cbade3

Change-Id: I4f15485b1f355b3b38fc6c16552f204aa8bba7bc

8 years agoCreate role for the fake openstack-core resource
Giulio Fidente [Tue, 26 Jul 2016 12:30:04 +0000 (14:30 +0200)]
Create role for the fake openstack-core resource

Change-Id: Iacd94294b8a66bc082bb2b3e8d3364ec1bf053b8
Depends-On: I16a786ce167c57848551c7245f4344c382c55b3d

8 years agoMigrate Puppet Hieradata to composable services
Emilien Macchi [Wed, 13 Jul 2016 15:29:43 +0000 (11:29 -0400)]
Migrate Puppet Hieradata to composable services

Migrate puppet/hieradata/*.yaml parameters to puppet/services/*.yaml
except for some services that are not composable yet.

Co-Authored-By: Juan Antonio Osorio Robles <jaosorior@redhat.com>
Change-Id: I7e5f8b18ee9aa63a1dffc6facaf88315b07d5fd7

8 years agoMove *Flavor parameters into per-role templates
Steven Hardy [Tue, 26 Jul 2016 11:27:44 +0000 (12:27 +0100)]
Move *Flavor parameters into per-role templates

We have some inconsistent naming here, but move them with their
current names for backwards compatibility, we can address the
deprecation of the inconsistent names at a future time.

This is required to enable jinja templating of roles in overcloud.yaml

Change-Id: I2ea673d9bc52967f9b7c25555059b964abf66966
Partially-Implements: blueprint custom-roles

8 years agoMove *Image parameters into role templates
Steven Hardy [Tue, 26 Jul 2016 11:17:32 +0000 (12:17 +0100)]
Move *Image parameters into role templates

We've got some inconsistent naming here, but I'm not attempting to
fix that yet, only move the current parameters inside each role template.

This should be backwards compatible because the parameter names
don't change, but also enable progress on custom-roles.  We can
figure out a strategy for deprecating these and aligning per-role
parameter naming in a subsequent patch.

Also moves ImageUpdatePolicy, which wasn't consistently passed to
all roles anyway, and aligns the default image and constraints
for each role.

Change-Id: I85ec979934df220acbab9f7c3a6055f23e3bfc29
Partially-Implements: blueprint custom-roles

8 years agoRemove KeyName parameter from overcloud template
Steven Hardy [Tue, 26 Jul 2016 10:58:56 +0000 (11:58 +0100)]
Remove KeyName parameter from overcloud template

This is already defined in all the per-role templates and is passed
via parameter_defaults:

Change-Id: Ifde54d3d29a3f0754f0f05740d6b6030aa871d38
Partially-Implements: blueprint custom-roles

8 years agoMove per-role *SchedulerHints parameters into role templates
Steven Hardy [Tue, 26 Jul 2016 07:03:28 +0000 (08:03 +0100)]
Move per-role *SchedulerHints parameters into role templates

To enable custom roles, move these into the role templates where
they can be passed via parameter defaults.  Because the Compute
role uses an inconsistent NovaCompute naming, these parameters
cannot be generated in overcloud.yaml, so moving them enables
backwards compatibility to be maintained when we move to a
fully jinja generated overcloud (e.g including the role
ResourceGroup resources)

Change-Id: I3f9b2275f2b1daeb8b83f09548a089dadcfe9eee
Partially-Implements: blueprint custom-roles

8 years agoRemove some properties from overcloud.yaml Controller group
Steven Hardy [Mon, 25 Jul 2016 22:01:21 +0000 (23:01 +0100)]
Remove some properties from overcloud.yaml Controller group

Remove those parameters which simply shadow parameters defined in
puppet/controller.yaml, these can be passed via parameter_defaults,
which is the default.  The remaining properties are more tricky so
will be handled via subsequent patches.

Partially-Implements: blueprint custom-roles
Change-Id: I9bbbd12631de8cb1ad83e265f6ddc9e942dff9ab

8 years agoFilter null/None service names
Steven Hardy [Wed, 27 Jul 2016 10:51:30 +0000 (11:51 +0100)]
Filter null/None service names

To enable use of the service_names lists in overcloud.yaml we need
to strip any null/None values or list processing becomes cumbersome.

These happen because we're currently disabling some services via
OS::Heat::None in the resource_registry, it may be possible to remove
when we've got a fully composable approach to generating the
*Services lists.

Change-Id: I8ef53b4279d93850c207c73aab0d75095a2497a2
Partially-Implements: blueprint custom-roles

8 years agoForce a tty for sudo in get-occ-config.sh
James Slagle [Tue, 26 Jul 2016 11:41:00 +0000 (07:41 -0400)]
Force a tty for sudo in get-occ-config.sh

This script will sometimes fail with "you must have a tty to run sudo"
depending on how it was executed. Add -tt to the $SSH_OPTIONS to always
force a tty.

Change-Id: Ic1144b9ba90d4af35db826a78e637da965569841
Closes-Bug: #1606544

8 years agoMerge "Set MDS/OSD firewall ports from ceph-osd template"
Jenkins [Tue, 26 Jul 2016 11:11:18 +0000 (11:11 +0000)]
Merge "Set MDS/OSD firewall ports from ceph-osd template"

8 years agoMerge "Cleanup templates from the shared CephCluster config"
Jenkins [Tue, 26 Jul 2016 10:44:30 +0000 (10:44 +0000)]
Merge "Cleanup templates from the shared CephCluster config"

8 years agoMerge "Composable firewall rules"
Jenkins [Mon, 25 Jul 2016 21:08:06 +0000 (21:08 +0000)]
Merge "Composable firewall rules"

8 years agoMerge "Convert Swift ringbuilder to composable services format"
Jenkins [Mon, 25 Jul 2016 15:58:33 +0000 (15:58 +0000)]
Merge "Convert Swift ringbuilder to composable services format"

8 years agoMerge "Explicitly set nova and neutron host on controllers"
Jenkins [Mon, 25 Jul 2016 14:58:10 +0000 (14:58 +0000)]
Merge "Explicitly set nova and neutron host on controllers"

8 years agoMerge "Remove tenant_id from nova v2.1 endpoint"
Jenkins [Mon, 25 Jul 2016 13:34:03 +0000 (13:34 +0000)]
Merge "Remove tenant_id from nova v2.1 endpoint"

8 years agoSet MDS/OSD firewall ports from ceph-osd template
Giulio Fidente [Mon, 25 Jul 2016 13:27:56 +0000 (15:27 +0200)]
Set MDS/OSD firewall ports from ceph-osd template

Change-Id: Ie8d1678e6e32271ff31ea9dd7fcf7ef9e8956b86

8 years agoComposable firewall rules
Dan Prince [Wed, 20 Jul 2016 14:48:23 +0000 (10:48 -0400)]
Composable firewall rules

Split out the firewall rules in puppet/hieradata/controller.yaml
into the composable services

Depends-On: Id370362ab57347b75b1ab25afda877885b047263
Change-Id: Icaecab100d3f278035fbbb3facb9bf6c62c76c03

8 years agoCleanup templates from the shared CephCluster config
Giulio Fidente [Thu, 21 Jul 2016 09:16:59 +0000 (11:16 +0200)]
Cleanup templates from the shared CephCluster config

Removes from the templates the old CephCluster configuration and
deployment which before roles was distributing the shared settings
for the Ceph cluster configuration.

Change-Id: Ia704f5d7add85e52dd477f4bc758aa0a02e4b39b

8 years agoConvert Swift ringbuilder to composable services format
Steven Hardy [Wed, 6 Jul 2016 12:51:21 +0000 (13:51 +0100)]
Convert Swift ringbuilder to composable services format

This moves the ringbuilder puppet code to puppet-tripleo
and migrates to the composable services format.

Closes-Bug: #1601857
Change-Id: I0ea2230072d3ff61a4047ffff1f4187951370f67
Depends-On: I427f0b5ee93a0870d43419009178e0690ac66bd6

8 years agoMerge "Move nova::db data within service template"
Jenkins [Mon, 25 Jul 2016 08:12:49 +0000 (08:12 +0000)]
Merge "Move nova::db data within service template"

8 years agoMerge "Fixes type and description for NeutronL3HA"
Jenkins [Sat, 23 Jul 2016 12:09:47 +0000 (12:09 +0000)]
Merge "Fixes type and description for NeutronL3HA"

8 years agoMerge "Remove unused redis_vip parameter"
Jenkins [Fri, 22 Jul 2016 16:07:45 +0000 (16:07 +0000)]
Merge "Remove unused redis_vip parameter"

8 years agoMerge "Move mysql::host param from MysqlInternal to MysqlNoBracketsInternal"
Jenkins [Fri, 22 Jul 2016 14:03:33 +0000 (14:03 +0000)]
Merge "Move mysql::host param from MysqlInternal to MysqlNoBracketsInternal"

8 years agoMove nova::db data within service template
Giulio Fidente [Wed, 29 Jun 2016 15:30:08 +0000 (17:30 +0200)]
Move nova::db data within service template

Change-Id: I86752248e59a2e98f8ff9b2c5998839f9ade4779

8 years agoAdd 'service_name' to composable services
Dan Prince [Tue, 19 Jul 2016 20:08:22 +0000 (16:08 -0400)]
Add 'service_name' to composable services

This patch adds a new service_name section to each composable
service. We now have an explicit unit test check to ensure that
service_name exists in tools/yaml-validate.py.

This patch also wires service_names into hieradata on each
of the roles so that tools can access the deployed services locally
during deployment and upgrades.

Change-Id: I60861c5aa760534db3e314bba16a13b90ea72f0c

8 years agoMerge "Deploy Horizon with composable apache service"
Jenkins [Thu, 21 Jul 2016 20:59:34 +0000 (20:59 +0000)]
Merge "Deploy Horizon with composable apache service"

8 years agoFixes type and description for NeutronL3HA
Tim Rozet [Thu, 21 Jul 2016 20:10:37 +0000 (16:10 -0400)]
Fixes type and description for NeutronL3HA

puppet-neutron takes this variable as boolean.  Although it doesn't
change the behavior in master (because the variable is used directly as
config), in mitaka it is used as a conditional and should be properly
fixed.

Also a fix is needed in python-tripleoclient because it is hard coded to
be True there based on number of controllers being greater than 1.
Therefore we shoudl remove that logic from tripleoclient and implement
it in THT.  In order to do that the pacemaker version of the variable is
defaulted to true.

Partial-Bug: 1605379

Change-Id: I0b797dbe188382e2dc32506913aaa60a0a21bd68
Signed-off-by: Tim Rozet <trozet@redhat.com>
8 years agoExplicitly set nova and neutron host on controllers
Ben Nemec [Tue, 12 Apr 2016 20:44:49 +0000 (15:44 -0500)]
Explicitly set nova and neutron host on controllers

In I7d07c57b7276815c72d08acaa86f673e43eb0498 we set this for compute
nodes, but we also need it for controllers.  Otherwise when a
controller reboots it may come back up with a different host value,
which seems to break networking for anything that was created before
the reboot.  In my case, it changes from the short hostname (without
domain name) to the fqdn.  Since we set it to fqdn for the compute
nodes, let's do the same for controllers.

This moves all of the host setting to the base yaml of the nova
and neutron profiles.

Change-Id: Ieb793b9e9fd2dfc98584691412f9991aa99e0b47
Closes-Bug: 1604907

8 years agoMove mysql::host param from MysqlInternal to MysqlNoBracketsInternal
Giulio Fidente [Thu, 21 Jul 2016 16:43:55 +0000 (18:43 +0200)]
Move mysql::host param from MysqlInternal to MysqlNoBracketsInternal

The ::host parameter expects IPv6 addresses withouth brackets; this
change aligns the remaining services to use MysqlNoBracketsInternal
as it happens already for the others (eg. Keystone).

Change-Id: Ia72d325447408b1cb5fea836034bbcd75d17ddf1

8 years agoMerge "Remove ::nova::cron::archive_deleted_rows"
Jenkins [Thu, 21 Jul 2016 14:05:26 +0000 (14:05 +0000)]
Merge "Remove ::nova::cron::archive_deleted_rows"

8 years agoDeploy Horizon with composable apache service
Emilien Macchi [Wed, 20 Jul 2016 20:17:05 +0000 (16:17 -0400)]
Deploy Horizon with composable apache service

Deploy Horizon with composable apache service and don't include:
::tripleo::profile::pacemaker::apache

Because it's already included in the profiles in puppet-tripleo.

Change-Id: I5382d5cc95ba10805019142a9a223dbd4a4b8074
Depends-On: Id28c618133e53e28dfac7e3e9cf9f5f5a6b2421a