Jenkins [Mon, 12 Oct 2015 14:10:01 +0000 (14:10 +0000)]
Merge "Allow one to specify horizon ALLOWED_HOSTS"
Yanis Guenane [Tue, 8 Sep 2015 11:01:48 +0000 (13:01 +0200)]
Allow one to specify horizon ALLOWED_HOSTS
If horizon is running in production (DEBUG is False), it will answer
only to the IPs/hostnames specified in the ALLOWED_HOSTS variable in the
local_settings.py configuration file.
The puppet-horizon module offer the feature to customize that,
tripleo-heat-teamplates was missing the link between the top-level
parameter and the puppet parameter, hence this commit.
More info :
* https://docs.djangoproject.com/en/dev/ref/settings/#allowed-hosts
* https://github.com/openstack/puppet-horizon/blob/master/templates/local_settings.py.erb#L14-L24
Change-Id: I5faede8b74a0318e15baa761dc502b95b051ae0d
Jenkins [Mon, 12 Oct 2015 08:10:26 +0000 (08:10 +0000)]
Merge "Allow enabling debug mode for config management (Puppet)"
Jenkins [Mon, 12 Oct 2015 08:04:59 +0000 (08:04 +0000)]
Merge "Move RHEL (un)registration to NodeExtraConfig"
Jenkins [Mon, 12 Oct 2015 08:02:58 +0000 (08:02 +0000)]
Merge "Ensure httpd is not enabled by puppet on system boot"
Jenkins [Fri, 9 Oct 2015 19:09:01 +0000 (19:09 +0000)]
Merge "Docker compute role configured via Puppet"
Giulio Fidente [Fri, 9 Oct 2015 11:31:14 +0000 (13:31 +0200)]
Ensure httpd is not enabled by puppet on system boot
The httpd daemon will be started and managed by Pacemaker, it should
not be enabled by puppet. Ideally, it shouldn't be started either
but it seems it isn't possible with horizon and apache mod_wsgi [1].
1. https://bugzilla.redhat.com/show_bug.cgi?id=
1247547
Change-Id: I8a1b23c4ea27ac86385314f6cfde8c49d0879969
Co-Authored-By: marios andreou (marios@redhat.com)
Jenkins [Fri, 9 Oct 2015 11:26:03 +0000 (11:26 +0000)]
Merge "Fix MariaDB account removal race condition"
Jenkins [Fri, 9 Oct 2015 09:18:57 +0000 (09:18 +0000)]
Merge "Rework pacemaker constraints from ovs and netns cleanup agents"
Jenkins [Fri, 9 Oct 2015 08:56:59 +0000 (08:56 +0000)]
Merge "Wire in NodeExtraConfig interface"
Jenkins [Fri, 9 Oct 2015 08:37:27 +0000 (08:37 +0000)]
Merge "Ensure Glance API reaches Registry using the service VIP"
Jenkins [Fri, 9 Oct 2015 08:32:55 +0000 (08:32 +0000)]
Merge "Update README.rst"
Dan Prince [Fri, 2 Oct 2015 22:09:10 +0000 (18:09 -0400)]
Update README.rst
This commit renames and updates the rather outdated README
for this project.
Change-Id: Ibd1531dc14a2c04d8d91a3339c1df47a41c94790
Giulio Fidente [Thu, 8 Oct 2015 11:32:55 +0000 (13:32 +0200)]
Ensure Glance API reaches Registry using the service VIP
Previously the Registry service was reached using the local IP.
Change-Id: I8f2b7275cd39d8a5358d8ce69f4f7e5bc7758b62
Dan Prince [Wed, 5 Aug 2015 12:55:57 +0000 (08:55 -0400)]
Docker compute role configured via Puppet
This change adds a containerized version of the overcloud compute node for
TripleO. Configuration files are generated via OpenStack Puppet modules
which are then used to externally configure kolla containers for
each OpenStack service.
See the README-containers.md file for more information on how to set this up.
This uses AtomicOS as a base operating system and requires that we bootstrap
the image with a container which contains the required os-collect-config agent
hooks to support running puppet, shell scripts, and docker compose.
Change-Id: Ic8331f52b20a041803a9d74cdf0eb81266d4e03c
Co-Authored-By: Ian Main <imain@redhat.com>
Co-Authored-By: Ryan Hallisey <rhallise@redhat.com>
Jenkins [Thu, 8 Oct 2015 09:03:49 +0000 (09:03 +0000)]
Merge "puppet: allow to configure any ceilometer param with Hiera"
Jenkins [Wed, 7 Oct 2015 22:03:10 +0000 (22:03 +0000)]
Merge "Move os-apply-config templates into a directory"
Jenkins [Wed, 7 Oct 2015 22:03:03 +0000 (22:03 +0000)]
Merge "Drop stale base, nagios, debian-mirror templates"
Jenkins [Wed, 7 Oct 2015 22:01:31 +0000 (22:01 +0000)]
Merge "Drop examples"
Jenkins [Wed, 7 Oct 2015 07:23:17 +0000 (07:23 +0000)]
Merge "Enable Cisco N1KV driver"
marios [Wed, 30 Sep 2015 10:47:58 +0000 (13:47 +0300)]
Rework pacemaker constraints from ovs and netns cleanup agents
In the current neutron-* services constraints chain, the ovs and
netns cleanup services are re-run after a neutron-server restart.
As discussed at [1] this may not be desirable leaving some neutron
services down and any tenant routers without IP.
This review introduces a second constraints chain so we now have:
neutron-server-->openvswitch-->dhcp-->l3-->metadata
and
ovs-cleanup-->netns-cleanup-->openvswitch
Instead of a single chain like
neutron-server-->ovs-cleanup-->netns-cleanup-->openvswitch-->
dhcp-->l3-->metadata
[1] https://bugzilla.redhat.com/show_bug.cgi?id=
1266910#c12
Related-Bug:
1501378
Change-Id: I4096704257aff74ff5bd37d8d01d8a776c6c6a76
Jiri Stransky [Fri, 2 Oct 2015 12:49:25 +0000 (14:49 +0200)]
Fix MariaDB account removal race condition
The removal of default MariaDB accounts was being triggered roughly at
the same time on all controllers, causing a race condition -- multiple
nodes found an account present and attempted deletion, but then only one
succeeded with the deletion, the others failed.
HA controller deletes the accounts only on bootstrap node now, which
fixes the issue.
Change-Id: Ieacd10a6ce26da50f6a37eaa3221d866c24353fa
Dan Prince [Fri, 2 Oct 2015 21:52:05 +0000 (17:52 -0400)]
Move os-apply-config templates into a directory
This patch moves all of the os-apply-config (tripleo-image-elements)
specific templates into a common directory. This matches what
we do for puppet and should help new users more easily
understand the project layout.
Change-Id: I7dce2a770d56795f3ea22c8a464595c4a0c60832
Dan Prince [Fri, 2 Oct 2015 21:32:23 +0000 (17:32 -0400)]
Drop stale base, nagios, debian-mirror templates
This patch removes a couple (top-level) templates that
are no longer used.
Change-Id: I71ba379b0d026e04fbcd45aaa2a0b587ba457c8c
Dan Prince [Fri, 2 Oct 2015 21:13:51 +0000 (17:13 -0400)]
Drop examples
This patch removes the examples directory which hasn't been
maintained for some time. The best examples for heat templates
now live in the heat-templates project.
Change-Id: Ia875cb8910418409d2335b5fb18c6df00b876e8c
Emilien Macchi [Fri, 2 Oct 2015 16:17:33 +0000 (12:17 -0400)]
puppet: allow to configure any ceilometer param with Hiera
By including ::ceilometer::config on controller & compute, we allow
anyone to trick ceilometer.conf with any parameter, using Hiera.
Change-Id: Ie6698d5e6900ecaaf7f19ed79e9c44b39ced0559
Jenkins [Thu, 1 Oct 2015 17:41:22 +0000 (17:41 +0000)]
Merge "Deprecate the undercloud templates."
Jenkins [Thu, 1 Oct 2015 14:59:04 +0000 (14:59 +0000)]
Merge "Add DnsServers param to network config templates"
Jenkins [Thu, 1 Oct 2015 14:46:02 +0000 (14:46 +0000)]
Merge "swift::storage::all deprecation cleanup"
Dan Prince [Thu, 1 Oct 2015 13:50:44 +0000 (09:50 -0400)]
Deprecate the undercloud templates.
This patch moves the undercloud templates into the deprecated
directory. The Makefile still builds the resulting templates
at the top level so users should not be broken by this
change.
Change-Id: Ibcb87fe31a6894552a5e445b5495e69fdcc2d382
Steven Hardy [Thu, 1 Oct 2015 09:26:16 +0000 (10:26 +0100)]
Move RHEL (un)registration to NodeExtraConfig
Currently, we have a problem because the unregistration happens in the
"post deploy" phase, which works fine when the top-level stack is being
deleted, but not when the ResourceGroup of servers is being scaled down,
because then the normal "post deploy" update ordering is respected and
we try to unregister after the corresponding server has been deleted.
So, instead, register/unregister each node inside the unit of scale,
e.g the role template being scaled down, which is possible via the new
NodesExtraConfig interface, which means unregistration will take
place at the right time both on stack delete and on scale-down.
Change-Id: I8f117a49fd128f268659525dd03ad46ba3daa1bc
Steven Hardy [Thu, 24 Sep 2015 10:52:06 +0000 (11:52 +0100)]
Wire in NodeExtraConfig interface
It's become apparent that some actions are required in the pre-deploy
phase for all nodes, for example applying common hieradata overrides,
or also as a place to hook in logic which must happen for all nodes
prior to their removal on scale down (such as unregistration from
a satellite server, which currently doesn't work via the
*NodesPostDeployment for scale-down usage).
So, add a new interface that enables ExtraConfig per-node (inside the
scaled unit, vs AllNodes which is used for the cluster-wide config
outside of the ResourceGroup)
Change-Id: Ic865908e97483753e58bc18e360ebe50557ab93c
Steve Baker [Mon, 21 Sep 2015 01:05:45 +0000 (13:05 +1200)]
Make package upgrade pacemaker-aware
This change adds alternative logic for handling package updates
on a pacemaker managed node.
"yum list updates" is now run and this script exits early if
there are no packages to update.
If the pacemaker service is not running then the previous puppet
logic remains, so a package update is performed which excludes packages
managed by puppet, and a flag is set to indicate that puppet should
perform an ensure=>latest on all packages it manages.
However if the pacemaker service is running, the following occurs:
- pcs cluster stop is run for this node
- a full yum update is performed
- pcs cluster start is run for this node
- pcs status is run until the hostname for this node appears in the
Online list
This means that puppet is not involved in the package update process when
the node is managed by pacemaker.
Change-Id: I5ad118552d053dbda280978751167d9fd9da9874
Steve Baker [Thu, 1 Oct 2015 02:37:17 +0000 (15:37 +1300)]
Ensure present/latest for puppet driven package updates
This change updates yum_update.sh so that we set set a boolean
output when "managed" packages should get updated. The
output is named 'update_managed_packages' and for the
puppet implementation it is wired up so that it
directly sets tripleo::packages::enable_upgrade to
control whether packages are updated.
It also modifies yum_update.sh to build a yum update excludes list for
packages managed by puppet. The exclude lists are being
generated via puppet-tripleo as well via the new 'write_package_names'
function that is now wired into all the role manifests.
This change does not actually trigger the puppet apply. The fix for
Related-Bug: #
1463092 will be used to trigger the puppet run when the
hiera changes. As a minor tweak to this logic we append the
UpdateIdentifier to the config_identifier so that we ensure
puppet gets executed on an update where other (non-related)
hiera changes also occur.
Co-Authored-By: Dan Prince <dprince@redhat.com>
Change-Id: I343c3959517eae38bbcd43648ed56f610272864d
Dan Prince [Mon, 22 Jun 2015 20:19:33 +0000 (16:19 -0400)]
Write package names out to flat files
This patch updates all of the overcloud manifests so that
we write out flat files containing lists of the Puppet
packages which were managed by each manifest.
The flat files all get written to
/var/lib/puppet-tripleo/installed-packages/ where they can
be easily parsed by external tools. Example format from
the flat files looks like (for the controller step 1):
cat /var/lib/puppet-tripleo/installed-packages/overcloud_controller1
keepalived
haproxy
Depends-On: If3e03b1983fed47082fac8ce63f975557dbc503c
Change-Id: Ia324a08711796aa664f9c0273a051f4f2e3e92c9
Dan Prince [Wed, 23 Sep 2015 20:29:00 +0000 (16:29 -0400)]
Add DnsServers param to network config templates
This patch adds a new optional DnsServers parameter
which can be used to provide a custom list of DNS
resolvers which will be configured in resolv.conf.
Change-Id: I2bb7259ebc09d786dc56da18694c862f802091b1
Depends-On: I9edecfdd4e1d0f39883b72be554cd92c5685881d
Jiri Stransky [Thu, 16 Jul 2015 08:43:18 +0000 (10:43 +0200)]
Allow enabling debug mode for config management (Puppet)
Also adds an environment file which can be passed to heat stack-create
to enable debugging.
Change-Id: I9758e2ca3de6a0bed6d20c37ea19e48f47220721
Depends-On: Ie92d1714a8d7e59d347474039be999bd3a2b542f
Shiva Prasad Rao [Tue, 14 Jul 2015 02:37:12 +0000 (19:37 -0700)]
Enable Cisco N1KV driver
This enables support for the Cisco N1kv driver for the ML2 plugin.
It also configures the Nexus 1000v switch.
Co-Authored-By: Steven Hillman <sthillma@cisco.com>
Depends-On: I02dda0685c7df9013693db5eeacb2f47745d05b5
Depends-On: I3f14cdce9b9bf278aa9b107b2d313e1e82a20709
Change-Id: Idf23ed11a53509c00aa5fea4c87a515f42ad744f
Jenkins [Mon, 28 Sep 2015 17:40:43 +0000 (17:40 +0000)]
Merge "Adding core_plugin, type_drivers and service_plugins parameters"
Shiva Prasad Rao [Thu, 20 Aug 2015 20:35:59 +0000 (16:35 -0400)]
Adding core_plugin, type_drivers and service_plugins parameters
Make core_plugin, type_drivers and service_plugins parameter in
neutron configurable through heat.
Also changing the type_drivers order to "vxlan,vlan,flat,gre"
Change-Id: Iba895ed5897bdaf7bb772ffc063c424abb6e1638
Giulio Fidente [Fri, 25 Sep 2015 18:02:36 +0000 (20:02 +0200)]
Add CephStorageExtraConfigPre resource
This change adds a CephStorageExtraConfigPre which can be used
to distribute hooks for the CephStorage nodes.
Change-Id: Id0023d8ffddb3ee5e855d5dcc32c76bc41ce4c63
Yanis Guenane [Thu, 20 Aug 2015 08:24:57 +0000 (10:24 +0200)]
Allow a user to set specific setting per host
It is currently not possible to specify settings per host and not per
type of host.
One of the example of the problematic that could cause is : What if
node0 have devices /dev/sdb and /dev/sdc while node1 have devices
/dev/sda and /dev/sdd, they is currently no way to specify that simply.
The idea here is to add a top priority file in the hiera lookup that
will match the UUID of the System Information section in the output of
the dmidecode command.
The file could be provided with the firstboot/rsync stack for example.
Change-Id: I3ab082c8ebd2567bd1d914fc0b924e19b1eff7d0
Steven Hardy [Thu, 20 Aug 2015 12:30:00 +0000 (13:30 +0100)]
Example of passing per-node config data in pre_deploy config
Shows one method of passing a map of data in to the pre_deploy extraconfig
interface, such that it could be used in combination with
https://review.openstack.org/#/c/215013/ to create a node uuid specific
hieradata file, or to perform some other non-puppet per-node configuration.
This would be used by specifying an environment file like:
resource_registry:
OS::TripleO::ControllerExtraConfigPre: puppet/extraconfig/pre_deploy/per_node.yaml
parameter_defaults:
NodeDataLookup: |
{"
AB4114B1-9C9D-409A-BEFB-
D88C151BF2C3": {"foo": "bar"},
"
8CF1A7EA-7B4B-4433-AC83-
17675514B1B8": {"foo2": "bar2"}}
Change-Id: I62e344669e0ca781dd93d3f7d2190b70299877c2
Jenkins [Fri, 25 Sep 2015 14:58:42 +0000 (14:58 +0000)]
Merge "Rename -puppet.yaml templates."
Jenkins [Wed, 23 Sep 2015 17:29:56 +0000 (17:29 +0000)]
Merge "Remove nameserver lookup dependency from Cisco ML2 CollectMacConfig."
Jenkins [Wed, 23 Sep 2015 13:23:25 +0000 (13:23 +0000)]
Merge "Add redis ordering with ceilometer-central"
Jenkins [Wed, 23 Sep 2015 13:11:55 +0000 (13:11 +0000)]
Merge "Re-add constranits between nova-api and nova-novncproxy"
tiswanso [Tue, 22 Sep 2015 20:57:20 +0000 (16:57 -0400)]
Remove nameserver lookup dependency from Cisco ML2 CollectMacConfig.
The collection of hostname to MAC mappings done in AllNodesPostDeploy
uses 'hostname -f' to get the FQDN for each node. This form
of the command causes a nameserver lookup for the domain name. A
timing issue has been seen where the hostname lookup fails due to
the nameserver not having the mapping yet. The solution is to
hardcode the domain to 'localdomain' as is done in a few other
patches--ie. see controller-puppet.yaml.
Change-Id: Ibea50fcc6b9f22ca163ff063e0dc9ca69dff5f34
Jenkins [Wed, 23 Sep 2015 00:06:15 +0000 (00:06 +0000)]
Merge "Remove default_floating_pool in compute.yaml"
Emilien Macchi [Fri, 11 Sep 2015 18:51:02 +0000 (14:51 -0400)]
Put staticweb middleware after keystoneauth in proxy pipeline
The staticweb middleware needs to be put after authentication
middlewares to ensure correct functionality as documented in
http://docs.openstack.org/developer/swift/middleware.html#staticweb
Without this Swift sends a HTML response even if the request was done
using a X-Auth-Token. This might result in a faulty handling of the response on
the client side; for example, "swift stat containername" would report an empty,
private container, while the container might actually be public readable with
data stored in it.
Closes-bug:
1494896
Change-Id: Id48840e0041f8d272e08def292fbedfaf76bbfbb
Co-Authored-By: Christian Schwede <cschwede@redhat.com>
Dan Prince [Tue, 22 Sep 2015 13:42:42 +0000 (09:42 -0400)]
swift::storage::all deprecation cleanup
This patch adds settings for swift::storage::all so
that we set the recommended the incoming and outgoing
chmod permissions.
Depends-On: I627ab2255087b0ebc2d3ddc9cd4a7a7d254abb65
Change-Id: I2f14c9afe7b7135ad1bfecb9db0a39bfc3b4d03a
Dan Prince [Sun, 19 Jul 2015 21:47:53 +0000 (17:47 -0400)]
Rename -puppet.yaml templates.
Updates the /puppet directory templates so that we drop the
'-puppet' from the filenames. This is redundant because
we already have puppet in the directory name and fixes
inconsistencies where we aren't using -puppet in
all the files within the puppet directory.
Depends-On: I71cb07b2f5305aaf9c43ab175cca976e844b8175
Change-Id: I70d6e048a566666f5d6e5c2407f8a6b4fd9f6f87
James Slagle [Tue, 22 Sep 2015 11:31:25 +0000 (07:31 -0400)]
Remove default_floating_pool in compute.yaml
This is unused on compute nodes and does not need to be specified.
Further, nova::api is not even included in the compute puppet manifest,
so it had no effect anyway.
Change-Id: I7589bf544fb1ddad3cd371869756cb880c0bac37
Derek Higgins [Mon, 21 Sep 2015 23:06:34 +0000 (00:06 +0100)]
Pass default_floating_pool into nova::api class
We were calling nova_config resource to define it
but as of Ic060fc18c8f5d7dc8fcf1d7bd921623dc505a515
its now included as part of the nova::api class.
Closes-bug: #
1498237
Change-Id: I948f26304536e2d692acf38d994d29167672168b
Depends-On: I2789e782a4fd673e09c6334b6d56819c68414c80
Jenkins [Mon, 21 Sep 2015 19:24:28 +0000 (19:24 +0000)]
Merge "Configure ctlplane network with a static IP"
Dan Prince [Mon, 27 Jul 2015 11:35:49 +0000 (07:35 -0400)]
Configure ctlplane network with a static IP
This patch updates all network configuration templates so that
we configure the ctlplane network interface with a static IP
instead of using DHCP.
The IP address used for the static IP is passed into each
nested stack network configuration template via the ControlPlaneIp
parameter.
Three new nested stack parameters called ControlPlaneSubnetCidr,
ControlPlaneDefaultRoute, and EC2MetadataIp have been added to help
configure the CIDR, default route, and EC2 metadata route on the ctlplane
statically. These parameters can be customized via the
parameter_defaults section in the heat environment.
A single new template called net-config-static-bridge.yaml has
been added to help migrate towards using the static
configuration templates when not using network isolation.
Depends-On: I257e1cba6dee16f73f75512d1284e1e3b9d4c831
Change-Id: Ib267e6dcf2d5ff77f7a82ee20a123965c2d07565
tiswanso [Mon, 14 Sep 2015 19:46:29 +0000 (15:46 -0400)]
Support new form of servers config for ML2 cisco nexus allnodes config.
The puppet-neutron changes to remove the usage of ERB templates require
changing the format of the 'servers' hash/dictionary to include a key
for use with puppet's create_resources directly from hiera data.
Depends-On: I401371c9e5176de7ce19d4d4e878e9f2e69aab80
Change-Id: I950b7fb019dd8dd072592618b968a19df5c9c884
Steven Hardy [Thu, 10 Sep 2015 14:17:16 +0000 (10:17 -0400)]
Port Cisco Nexus/UCSM ExtraConfig to AllNodes
Switch the implemention from a pre_deploy ExtraConfig to an
AllNodesExtraConfig, so we can collect the mac->hostname mapping
for all nodes, then calculate a NexusConfig based on that and
a provided mapping of switch ports to mac address.
The same conversion is also done to the NetworkUCSMHostList:
The port mappings are provided via parameter_defaults like:
parameter_defaults:
NetworkNexusConfig: {
"bxb-tor-1": {
"username": "admin",
"ssh_port": 22,
"password": "lab",
"ip_address": "10.86.7.204",
"nve_src_intf": 0,
"physnet": "datacentre",
"servers": {
"fa:16:3e:fa:be:ef": "1/11",
"fa:16:3e:fa:5e:cf": "1/23",
"fa:16:3e:fa:12:34": "2/34"
}
}
}
NetworkUCSMHostList: 'fa:16:3e:fa:be:ef:profile1'
This results in an entry like this appended to
/etc/puppet/hieradata/neutron_cisco_data.yaml:
neutron::plugins::ml2::cisco::nexus::nexus_config:\
{"bxb-tor-1": {"username": "admin", "nve_src_intf": 0, "ssh_port": 22,
"servers": {"overcloud-compute02": "2/34", "overcloud-compute01": "1/23",
"overcloud-control01": "1/11"}, "password": "lab", "ip_address": "10.86.7.204",
"physnet": "datacentre"}}
neutron::plugins::ml2::cisco::ucsm::ucsm_host_list: overcloud-control01:profile1
Co-Authored-By: Rob Pothier <rpothier@cisco.com>
Co-Authored-By: Tim Swanson <tiswanso@cisco.com>
Change-Id: I372c3ffb6bd85b7239fcb9f3fc4fa51cd4a39332
Steven Hardy [Wed, 19 Aug 2015 18:06:46 +0000 (19:06 +0100)]
Add "AllNodes" ExtraConfig interface
Adds hook to enable additional "AllNodes" config to be performed prior
to applying puppet - this is useful when you need to build
configuration data which requires knowledge of all nodes in a cluster,
or of the entire deployment.
As an example, there is a sample config template which collects the
hostname and mac addresses for all nodes in the deployment then writes
the data to all Controller nodes. Something similar to this may be
required to enable creation of the nexus_config in
https://review.openstack.org/#/c/198754/
There's also another, simpler, example which shows how you could share
the output of an OS::Heat::RandomString between nodes.
Change-Id: I8342a238f50142d8c7426f2b96f4ef1635775509
Jenkins [Thu, 17 Sep 2015 12:39:12 +0000 (12:39 +0000)]
Merge "Big Switch Neutron ML2 plugin integration"
Jenkins [Thu, 17 Sep 2015 12:22:56 +0000 (12:22 +0000)]
Merge "network validation to ping test each interface"
Jenkins [Thu, 17 Sep 2015 12:09:31 +0000 (12:09 +0000)]
Merge "Add YAML sanity check"
Jenkins [Wed, 16 Sep 2015 15:41:31 +0000 (15:41 +0000)]
Merge "Set pacemaker default resource-stickiness"
Jiri Stransky [Fri, 14 Aug 2015 13:30:36 +0000 (15:30 +0200)]
Big Switch Neutron ML2 plugin integration
Add support for Big Switch Neutron ML2 plugin. Makes sure that the
package is present and sets up the [restproxy] section in ml2_conf.ini.
This also adds support for setting the ovs_use_veth option in
l3_agent.ini. There is no support for this in puppet-neutron l3 class
and it probably doesn't make sense adding it there, because this setting
isn't relevant for all l3 agent drivers, it's specific to
OVSInterfaceDriver. The ovs_use_veth option is also added to
dhcp_agent.ini.
Change-Id: I99635e25b2099dacce68154fe14693d6f06ac19f
Jenkins [Wed, 16 Sep 2015 09:20:43 +0000 (09:20 +0000)]
Merge "Enable Cisco Nexus and UCSM plugins"
Jenkins [Wed, 16 Sep 2015 08:33:52 +0000 (08:33 +0000)]
Merge "Add 4 pacemaker constraints for keystone"
Jenkins [Tue, 15 Sep 2015 22:21:00 +0000 (22:21 +0000)]
Merge "Ensure mysql root can only connect from localhost"
Robert Pothier [Wed, 9 Sep 2015 15:08:37 +0000 (11:08 -0400)]
Enable Cisco Nexus and UCSM plugins
This enables support for the Cisco UCS Manager and Cisco
Nexus plugins
Change-Id: I1bc28a4768d5d6857a0504ca1f77dd71259570b8
Ben Nemec [Tue, 15 Sep 2015 19:07:45 +0000 (14:07 -0500)]
Add YAML sanity check
Adds a "validate" tox env for basic sanity checking of templates.
Currently it just validates that all of the .yaml files are in fact
valid YAML. In the future we might want to add more, but this
seemed like a reasonable start.
Change-Id: I8091bbad0003b150e23dae5de4f465053c982229
Jenkins [Tue, 15 Sep 2015 19:04:19 +0000 (19:04 +0000)]
Merge "switch to vxlan by default"
Jenkins [Tue, 15 Sep 2015 14:15:10 +0000 (14:15 +0000)]
Merge "Consume the NeutronMechanismDrivers from the hiera data"
Jenkins [Fri, 11 Sep 2015 01:18:44 +0000 (01:18 +0000)]
Merge "Set NetValueSpecs parameter types to Json"
Jenkins [Thu, 10 Sep 2015 18:16:36 +0000 (18:16 +0000)]
Merge "Set the nova scheduler ram_allocation_ration to 1.0"
Jenkins [Wed, 9 Sep 2015 11:59:04 +0000 (11:59 +0000)]
Merge "Don't add 'host' parameter to cinder.conf"
Dan Prince [Tue, 8 Sep 2015 18:48:58 +0000 (14:48 -0400)]
Set NetValueSpecs parameter types to Json
The latest Heat API is a bit more strict in validating
the datatypes for the OS::Neutron::Net value_specs.
This patch converts the default parameter types for
these from string to json.
Change-Id: Iaad6ee6417d3ae55c52ffe2f4e6ed79124161923
Closes-bug: #
1493502
Jenkins [Tue, 8 Sep 2015 13:03:38 +0000 (13:03 +0000)]
Merge "Add NodeAdminUserData interface for "heat-admin" user"
Derek Higgins [Mon, 7 Sep 2015 15:17:02 +0000 (16:17 +0100)]
Don't add 'host' parameter to cinder.conf
As of I54a75652efd5e91464b84adf84004400b343c3a5 for rdb
this is being done by the cinder puppet module.
Change-Id: I109e139fcbb859a0d9ed99054656be94975d33b5
Dan Prince [Fri, 24 Jul 2015 20:00:54 +0000 (16:00 -0400)]
Set default KeystoneAdminApiNetwork to ctlplane
Moves the default KeystoneAdminApiNetwork setting to the ctlplane
so that the undercloud will always have easy access to be able
to configure endpoints.
Change-Id: I1f6aba62b98820b678cce1ca16e72a0c3d045720
Dan Prince [Fri, 24 Jul 2015 02:19:25 +0000 (22:19 -0400)]
Keystone network isolation fixes
This patch adds explicit nested stack parameters to
help manage use of the Keystone Admin API vs. the
Keystone Public API.
We also add a new output parameter specifically for the Keystone admin
API VIP. This can be useful when configuring keystone endpoints
with network isolation.
Change-Id: I2bd3e61570151e2faeee14ee09b03ad0b3208cc1
Jenkins [Sat, 5 Sep 2015 11:24:58 +0000 (11:24 +0000)]
Merge "Support for using external Ceph clusters"
Dan Prince [Thu, 23 Jul 2015 20:20:56 +0000 (16:20 -0400)]
Allow 'ctlplane' to be used within Net IP Maps
When using network isolation you might want to selective
move one of the services back to the default ctlplane network
by simply using the ServiceNetMap parameter. This patch
adds ctlplane to the output parameters for both
the net_ip_map and net_ip_list_map nested stacks so that
this is possible.
As part of this patch we also split out the NetIpSubnetMap
into its own unique nested stack so that the Heat input
parameters for this stack are more clearly named.
Change-Id: Iaa2dcaebeac896404e87ec0c635688b2a59a9e0f
Steven Hardy [Thu, 3 Sep 2015 09:38:59 +0000 (10:38 +0100)]
Add NodeAdminUserData interface for "heat-admin" user
Reinstates the heat-admin user via template user-data, which
replaces the previous boothook injected user provided by the
(deprecated now removed) heat instance_user option.
This has some advantages over the heat.conf option, e.g it allows
for much easier customzation of the user configuration (additional
SSH keys, adding groups etc), and also in future if we support
deploying more than one overcloud you could specify a different
user per deployment.
Co-Authored-By: Dan Prince <dprince@redhat.com>
Change-Id: I2235b9690c01542d8a28ec1c1a4607de751aea29
Closes-Bug: #
1229849
Jiri Stransky [Wed, 2 Sep 2015 16:09:13 +0000 (18:09 +0200)]
Add redis ordering with ceilometer-central
This is another missing constraint. The `require-all=false` part is good
to have, otherwise Ceilometer (and transitively Heat) would switch to
A/P mode. However, at the moment `require-all=false` isn't a recognized
parameter on Fedora, hence the logic fork based on $::operatingsystem.
Change-Id: I2657087192a05b2d8f0ab04ec60631d35331bf6c
Jiri Stransky [Mon, 31 Aug 2015 14:34:22 +0000 (16:34 +0200)]
Set pacemaker default resource-stickiness
This is required for HA to work correctly.
Change-Id: I9faa8fd7bbbac67de5c468ab6fc4edb2260dffe7
Depends-On: https://github.com/redhat-openstack/puppet-pacemaker/pull/61
Jiri Stransky [Wed, 2 Sep 2015 11:40:32 +0000 (13:40 +0200)]
Re-add constranits between nova-api and nova-novncproxy
This can probably only be merged when we move CI forward from Fedora 21
to Fedora 22.
Change-Id: I3a3db4b179cc19756f75003dacd2bb4cd957f0de
Emilien Macchi [Mon, 31 Aug 2015 16:35:20 +0000 (12:35 -0400)]
Set the nova scheduler ram_allocation_ration to 1.0
We don't have swap space enabled on overcloud-full deploys
as discussed at https://bugs.launchpad.net/tripleo/+bug/
1491335
The default is 1.5 so configure Virtual ram to physical ram
allocation ratio to 1:1 so we don't allow overcommit.
Related-Bug:
1491335
Change-Id: I58cfe6dc68e8615a5519428412dec8c653bd6093
Jenkins [Mon, 31 Aug 2015 19:36:39 +0000 (19:36 +0000)]
Merge "Enable Keystone notifications"
Jiri Stransky [Mon, 31 Aug 2015 14:30:01 +0000 (16:30 +0200)]
Add 4 pacemaker constraints for keystone
These were missing and are required for a correct deployment.
Change-Id: I49a61d0ab2f750f2620927a40f798d11b241b2c0
marios [Wed, 19 Aug 2015 14:41:38 +0000 (17:41 +0300)]
Consume the NeutronMechanismDrivers from the hiera data
This is passed from the heat templates as hiera data (defaulting
to 'openvswitch') but never effected, meaning we get the puppet
module default.
Change-Id: I3f14cdce9b9bf278aa9b107b2d313e1e82a20709
Closes-Bug:
1488176
Mike Burns [Fri, 21 Aug 2015 16:50:37 +0000 (12:50 -0400)]
switch to vxlan by default
VXLAN has better performance (20-25% better)
NICs with VXLAN offload are more common
Change-Id: If57c79a1309ae178b3e82d54bb101dde584c86cc
Related: rhbz#
1244864
Jenkins [Tue, 18 Aug 2015 19:14:03 +0000 (19:14 +0000)]
Merge "Wire in Compute pre-deployment extraconfig"
Giulio Fidente [Mon, 10 Aug 2015 22:06:17 +0000 (00:06 +0200)]
Enable Keystone notifications
This change enables Keystone notifications and adds two parameters
to control the notification driver and format.
Change-Id: I23ac3c46ee9eb49523d3b8dab027ef21fc6e42df
Dan Sneddon [Mon, 17 Aug 2015 21:08:08 +0000 (14:08 -0700)]
Remove hardcoded bridge name in bonded compute NIC config
This change removes a hardcoded value for the bond name in the NIC
config for the compute node in the bond-with-vlan NIC config
templates. When this hardcoded value of "br-bond" is used, then the
Neutron bridge mappings must be set to set to datacentre:br-bond in
order for VLAN mode networking to recognize the bridge. By using the
input value for bridge_name we will ensure that the controller and
compute nodes have the same bridge name (defaults to "br-ex"), and
that the defaults will work with VLAN mode.
Change-Id: I28654ab93e3c10a8597c8b877f3f2f6b3eca887c
Dan Prince [Wed, 1 Jul 2015 20:44:15 +0000 (16:44 -0400)]
Support for using external Ceph clusters
This patch adds support for using an externally managed Ceph
cluster with the TripleO Heat templates.
For an externally managed Ceph cluster we initially
only deploy the Ceph client tools, install the 'openstack' user
keyring, and generate the ceph.conf. This matches what we do
for managed Ceph installations and is a good first start.
No other Ceph related services are installed or managed.
To enable use of a Ceph external cluster simply add
the custom Heat environment file environments/puppet-ceph-external.yaml
to your heat stack create/update command and make sure to
set the required CephClientKey, CephExternalMonHost, and CephClusterFSID
variables.
Change-Id: I0a8b213ce9dfa2fc4e62ae1e7631466e5179fc2b
Jenkins [Thu, 6 Aug 2015 17:13:07 +0000 (17:13 +0000)]
Merge "Drive DB initialization via Hiera"
Jenkins [Thu, 6 Aug 2015 17:11:47 +0000 (17:11 +0000)]
Merge "Add a default setting for BondInterfaceOvsOptions"
Yanis Guenane [Tue, 4 Aug 2015 11:05:38 +0000 (13:05 +0200)]
Ensure mysql root can only connect from localhost
Currently mysql root user can connect in a passwordless way from :
* localhost
* 127.0.0.1
* ::1
* <HOSTNAME>
This patch ensures that the mysql root user can connect only from localhost.
Change-Id: If64fd383737c2fbeed4adbe8d98b1f92610956b2
Shiva Prasad Rao [Mon, 3 Aug 2015 21:07:49 +0000 (14:07 -0700)]
Wire in Compute pre-deployment extraconfig
This commit provides a way to configure some additional hieradata
for compute nodes. This is similar to the earlier added infra for
supporting Controller pre-deployment extraconfig.
Change-Id: I02dda0685c7df9013693db5eeacb2f47745d05b5
Jiri Stransky [Thu, 30 Jul 2015 12:30:38 +0000 (14:30 +0200)]
Provide a sample storage environment file
Meant to help users configure their storage parameters by copying this
file out, amending it and passing it to `heat stack-create` or
`openstack overcloud deploy`.
Defaults to using Ceph as a backend for Cinder, Glance and also Nova
ephemeral storage.
Change-Id: Ia8f5ef175439394aacdea98cfd66416bcb9bfe3a
Jenkins [Wed, 29 Jul 2015 20:37:50 +0000 (20:37 +0000)]
Merge "RHEL registration shouldn't use attach with activation key"
Code Review / apex-tripleo-heat-templates.git / log