Giulio Fidente [Mon, 17 Jul 2017 08:15:13 +0000 (10:15 +0200)]
Handles {controller,NovaCompute}ExtraConfig deprecation in ovecloud.j2
We missed to parse and merge {controller,NovaCompute}ExtraConfig data
in change [1].
Also fixes whitespaces handling in docker-steps.j2 and
puppet-steps.j2 previously updated by [2].
1. Id37de5864138edd5476c097a8a1f0763faeaf768
2. I36a642fbc2076ad9e4a10ffc56d6d16f3ed6f27a
Change-Id: Ia9983bc991eb79e479855993c1c8819ddfb52e38
Giulio Fidente [Fri, 14 Jul 2017 11:38:47 +0000 (13:38 +0200)]
Add role_merged_configs into workflow executions environmentxi
Merges per-role config settings into merged_config_settings which
is wired into the workflow executions environment.
Useful to consume role config settings from within a workflow.
Change-Id: Id37de5864138edd5476c097a8a1f0763faeaf768
Giulio Fidente [Thu, 22 Jun 2017 15:25:03 +0000 (17:25 +0200)]
Adds network/cidr mapping into a new service property
Makes it possible to resolve network subnets within a service
template; the data is transported into a new property ServiceData
wired into every service which hopefully is generic enough to
be extended in the future and transport more data.
Data can be consumed in service templates to set config values
which need to know what is the subnet where a deamon operates (for
example the Ceph Public vs Cluster network).
Change-Id: I28e21c46f1ef609517175f7e7ee19e28d1c0cba2
Jenkins [Fri, 14 Jul 2017 10:50:17 +0000 (10:50 +0000)]
Merge "Move services.yaml to common directory"
Jenkins [Fri, 14 Jul 2017 10:30:25 +0000 (10:30 +0000)]
Merge "Remove special-case of memcache node ips for ipv6"
Jenkins [Fri, 14 Jul 2017 00:33:58 +0000 (00:33 +0000)]
Merge "Adds check for existing yum process during the legacy minor update"
Steven Hardy [Thu, 6 Jul 2017 13:37:31 +0000 (14:37 +0100)]
Remove special-case of memcache node ips for ipv6
This should be handled in puppet-tripleo, as is done for some other
services e.g ceph. This has also been identified as a possible
performance problem due to the nested get_attr calls.
Change-Id: I7e14f0219c28c023c4e8e1d4693f0bfa9674d801
Related-Bug: #
1684272
Depends-On: Iccb9089db4b382db3adb9340f18f6d2364ca7f58
Jenkins [Thu, 13 Jul 2017 18:38:39 +0000 (18:38 +0000)]
Merge "Remove hardcoded enable_load_balancer from Controller role"
Jenkins [Thu, 13 Jul 2017 18:38:02 +0000 (18:38 +0000)]
Merge "Make NeutronEnableDVR parameter consistent"
Jenkins [Thu, 13 Jul 2017 18:33:29 +0000 (18:33 +0000)]
Merge "Added OvS permission workaround for enabling DPDK"
Jenkins [Thu, 13 Jul 2017 13:55:43 +0000 (13:55 +0000)]
Merge "Make Rabbit parameters consistent"
Jenkins [Thu, 13 Jul 2017 13:55:35 +0000 (13:55 +0000)]
Merge "Make CephValidationDelay/Retries default consistent"
Jenkins [Thu, 13 Jul 2017 13:40:25 +0000 (13:40 +0000)]
Merge "Make *AdminStateUp parameters consistent"
marios [Thu, 13 Jul 2017 13:11:13 +0000 (16:11 +0300)]
Adds check for existing yum process during the legacy minor update
Checks for an existing /var/run/yum.pid and exit 1 with an error
message saying why.
Change-Id: I374eeb4164a8007ae67fea2796eac109fffdef97
Closes-Bug:
1704131
Steven Hardy [Thu, 13 Jul 2017 08:30:15 +0000 (09:30 +0100)]
Move services.yaml to common directory
This new directory has now been added to the RDO packaging so we
can move things common to both puppet/container architecture here,
starting with the recently combined services.yaml
Change-Id: If2ce27188c4c15002b3ad830e8d6eb9504d2f3d2
Jenkins [Thu, 13 Jul 2017 11:29:20 +0000 (11:29 +0000)]
Merge "Containerize Manila Share service"
Jenkins [Thu, 13 Jul 2017 11:28:09 +0000 (11:28 +0000)]
Merge "Use ServerOsCollectConfigData value in output"
Jenkins [Thu, 13 Jul 2017 06:19:07 +0000 (06:19 +0000)]
Merge "Fix ironic-pxe startup issues"
Jenkins [Thu, 13 Jul 2017 04:12:40 +0000 (04:12 +0000)]
Merge "Tolerate network errors in pingtest retry logic"
Jenkins [Thu, 13 Jul 2017 04:09:03 +0000 (04:09 +0000)]
Merge "Drop ComputeServices from environments/docker.yaml"
Jenkins [Thu, 13 Jul 2017 04:08:40 +0000 (04:08 +0000)]
Merge "Add support for running crontabs in containers"
Jenkins [Thu, 13 Jul 2017 04:08:29 +0000 (04:08 +0000)]
Merge "Revert "Revert "Blacklist support for ExtraConfig"""
Jenkins [Thu, 13 Jul 2017 04:07:57 +0000 (04:07 +0000)]
Merge "Run rsync for Swift without xinetd"
Jenkins [Thu, 13 Jul 2017 04:07:50 +0000 (04:07 +0000)]
Merge "Allow to set Notification Driver to 'noop'"
Jenkins [Thu, 13 Jul 2017 02:04:21 +0000 (02:04 +0000)]
Merge "Add DeployedServerEnvironmentOutput"
Jenkins [Thu, 13 Jul 2017 01:32:40 +0000 (01:32 +0000)]
Merge "Add missing tags in iscsid upgrade_tasks"
Jenkins [Wed, 12 Jul 2017 21:15:24 +0000 (21:15 +0000)]
Merge "Implement scenario006 with Ironic in overcloud"
Jenkins [Wed, 12 Jul 2017 19:39:13 +0000 (19:39 +0000)]
Merge "Remove controller specific bootstack_nodeid"
Jenkins [Wed, 12 Jul 2017 19:38:02 +0000 (19:38 +0000)]
Merge "Add dependency relationship between nested get_attr targets"
Dan Prince [Fri, 7 Jul 2017 01:03:30 +0000 (21:03 -0400)]
Fix ironic-pxe startup issues
This patch updates the ironic-api docker service so that it
generates its config files in a unique config root. This
ensures that it doesn't have config files in the httpd
conf.d directory for both the API and PXE services thus
causing the API container to attempt to launch both of them.
This functionally fixes the Ironic API and PXE services with
docker so they once again can bring up an overcloud.
Change-Id: I537cd6a3337bf776ca38a279b7c130b6429eea04
Closes-bug: #
1702799
Jenkins [Wed, 12 Jul 2017 16:19:06 +0000 (16:19 +0000)]
Merge "Bind mount needed cert for haproxy for HA too"
Victoria Martinez de la Cruz [Wed, 7 Jun 2017 01:17:30 +0000 (22:17 -0300)]
Containerize Manila Share service
Change-Id: I797eea2f7788f65411964ccb852b5707e916416f
Partial-Bug: #
1668922
Dan Prince [Fri, 7 Jul 2017 20:05:43 +0000 (16:05 -0400)]
Drop ComputeServices from environments/docker.yaml
Change-Id: Ibfc568755764203b68aed524d6f334eeb7cd5da7
Closes-bug: #
1703001
Oliver Walsh [Thu, 29 Jun 2017 12:59:26 +0000 (13:59 +0100)]
Add support for running crontabs in containers
This change enables the puppet cron resource in docker-puppet.py and adds user
crontabs to the paths copied from the config containers.
Only the nova crontab is configured for now. Other services will require
similar changes to run their crontabs.
Partial-Bug:
1701254
Change-Id: I2d1d0f0d77908a132472cf4bc475f8bd526af504
Depends-On: Ie16fb4539481a3c192cff8220a97daa4c70467fc
Jenkins [Wed, 12 Jul 2017 07:39:07 +0000 (07:39 +0000)]
Merge "Remove ceilometer apache files on upgrade"
Christian Schwede [Thu, 6 Jul 2017 18:42:40 +0000 (20:42 +0200)]
Run rsync for Swift without xinetd
The default in non-containerized environments is to run rsync within
xinetd for Red Hat-based deployments, however in an containerized
environment this is not really needed. Therefore run rsync directly
without being started by xinetd.
Change-Id: I08abd917eba08d1192437ddf96c71b06d099a3f8
Jenkins [Wed, 12 Jul 2017 03:14:53 +0000 (03:14 +0000)]
Merge "Switch from oslosphinx to openstackdocstheme"
Emilien Macchi [Fri, 7 Jul 2017 18:35:28 +0000 (11:35 -0700)]
Allow to set Notification Driver to 'noop'
This patch does 2 things:
* Configure messagingv2 as default driver for Oslo Notifications sent on
RPC.
* Allow users to choose between messagingv2 (default) and noop when we
want to disable notifications (for example, when Telemetry is disabled).
* Deprecate KeystoneNotificationDriver in favor of NotificationDriver.
Change-Id: Ia547d7f4bfb51e7c45246b097b48fd86da231bd3
Related-Bug: #
1701357
Zane Bitter [Tue, 11 Jul 2017 19:52:37 +0000 (15:52 -0400)]
Add dependency relationship between nested get_attr targets
Starting with Pike, Heat will do attribute resolution in a single pass. A
consequence of this is that when the result of a get_attr is passed to
another get_attr call, there must be a dependency relationship between the
resources so that the inner attribute is resolved first before we try to
determine which attributes are required from the resource in the outer
call.
There are two uses of nested dep_attr in the overcloud template. One (which
hopefully can be removed soon) is in the allNodesConfig resource. In this
case, the {{primary_role_name}}IpListMap already depends on the
ServiceNetMap.
The second is in the KeystoneAdminVip output. This patch makes the VipMap
depend on the ServiceNetMap so that attributes can be resolved in a single
pass in that case.
Change-Id: I438a79748b9b408ec1101271d96c60d84028b57e
Steven Hardy [Thu, 6 Jul 2017 16:39:00 +0000 (17:39 +0100)]
Remove hardcoded enable_load_balancer from Controller role
This is associated with the haproxy service, so set the hieradata there
instead. This is needed so we can render the controller role template
via j2, and also if anyone ever wants to run haproxy on some role other
then the Controller.
Change-Id: I82b992afe42f6da7788f6efca2366863c3bf68f7
Partially-Implements: blueprint composable-networks
Steven Hardy [Thu, 6 Jul 2017 16:31:25 +0000 (17:31 +0100)]
Remove controller specific bootstack_nodeid
This has been replaced for some time by bootstrap_nodeid which isn't
hard-coded to the Controller role.
Change-Id: I2c172de13646e5b88cb9930a93ca71fcc990e522
Depends-On: I0a9fced847caf344e5d26b452f1bd40afab8f029
Jiri Stransky [Tue, 11 Jul 2017 12:33:57 +0000 (14:33 +0200)]
Don't confuse Heat with empty parameter_defaults
Apparently providing completely empty parameter_defaults in an
environment file can confuse Heat, and it seems like it doesn't try to
deploy any services on the overcloud in the multinode job. See the bug
for more details about the bug symptoms.
Change-Id: Ia9cb01b48087b78f66004263757590877219f743
Closes-Bug: #
1703599
James Slagle [Mon, 26 Jun 2017 13:48:34 +0000 (09:48 -0400)]
Revert "Revert "Blacklist support for ExtraConfig""
There is a Heat patch posted (via Depends-On) that resolves the issue
that caused this to be reverted. This reverts the revert and we need to
make sure all the upgrades jobs pass before we merge this patch.
This reverts commit
69936229f4def703cd44ab164d8d1989c9fa37cb.
Closes-Bug: #
1699463
implements blueprint disable-deployments
Change-Id: Iedf680fddfbfc020d301bec8837a0cb98d481eb5
Jenkins [Mon, 10 Jul 2017 17:20:09 +0000 (17:20 +0000)]
Merge "Copy only generated puppet files into the container"
James Slagle [Fri, 7 Jul 2017 11:45:26 +0000 (07:45 -0400)]
Use ServerOsCollectConfigData value in output
Just use the value from the ServerOsCollectConfigData resource in the
output instead of recalculating the value for each role via jinja.
Change-Id: I4e3bf4f25c9a8f677d5d177eb409594193a86405
James Slagle [Fri, 28 Apr 2017 20:01:14 +0000 (16:01 -0400)]
Add DeployedServerEnvironmentOutput
Add a new output, DeployedServerEnvionmentOutput, that can be used as
the contents of an environment file to input into a services only stack
when using split-stack. The parameter simplifies the manual steps needed
to deploy split-stack.
By default, the resource that generates the output is mapped to
OS::Heat::None.
implements blueprint split-stack-default
Change-Id: I6004cd3f56778f078a69a20e93a0eba0c574b3db
Jenkins [Mon, 10 Jul 2017 13:11:52 +0000 (13:11 +0000)]
Merge "Modify generic role template to support custom networks"
Martin André [Mon, 10 Jul 2017 11:25:17 +0000 (13:25 +0200)]
Bind mount needed cert for haproxy for HA too
haproxy needs the deployed SSL cert file to function when TLS is
enabled.
It is also required for the docker-puppet haproxy container since the
haproxy puppet module uses a validate_cmd to check the generated config
file is valid that fails when the required SSL cert is not present.
There is no clean way to disable this feature [1] so we need to bind
mount the cert into the container.
This commit applies the same change that was applied in
Id2df144b678769def204961236624091d4e5c457 for the non-ha case.
[1] https://github.com/puppetlabs/puppetlabs-haproxy/blob/
4753ea5b2506ee093e9b4c8af6e91201d476d426/manifests/config.pp#L53-L57
Change-Id: I93e1ee86197bcf271f18a62a27c2f350ed3966ea
Co-Authored-By: Damien Ciabrini <dciabrin@redhat.com>
Saravanan KR [Tue, 27 Jun 2017 13:47:43 +0000 (19:17 +0530)]
Added OvS permission workaround for enabling DPDK
The vhost sockets sockets are created with qemu permission, but ovs
runs with root permission. In order to allow ovs to access vhost sockets
reducing the ovs group permission from root to qemu. This is a temprovary
workaround, until ovs fixes the permission issue. The script supports
both ovs2.6 and ovs2.7 versions.
Change-Id: I172956390c19fc9824bf7590cd48bfcf6201191b
Martin André [Wed, 21 Jun 2017 14:02:55 +0000 (16:02 +0200)]
Copy only generated puppet files into the container
This solves a problem with bind-mounts when the containers are holding
files descriptors open.
At the same time this makes the template more robust to puppet changes
since new config files will be available in the containers without
needing to update the templates.
Partial-Bug: #
1698323
Change-Id: Ia4ad6d77387e3dc354cd131c2f9756939fb8f736
Ben Nemec [Fri, 30 Jun 2017 19:04:35 +0000 (14:04 -0500)]
Disable network validation in multinode jobs
Sometimes the infracloud gateway refuses to ping even though
everything else is working fine. Since we have coverage of this
functionality in the OVB jobs it should be safe to turn it off
here so it stops spuriously failing our jobs.
We can't just set the resource to OS::Heat::None because there
are other resources with dependencies on it. Instead, this adds
a noop version of the validation software config that always
returns true.
Change-Id: I8361bc8be442b45c3ef6bdccdc53598fcb1d9540
Partial-Bug:
1680167
Jenkins [Sat, 8 Jul 2017 02:14:13 +0000 (02:14 +0000)]
Merge "Add in roles data validation"
Jenkins [Fri, 7 Jul 2017 19:05:08 +0000 (19:05 +0000)]
Merge "Rename CongressApi to Congress (docker)"
Jenkins [Fri, 7 Jul 2017 18:39:04 +0000 (18:39 +0000)]
Merge "Create NIC templates for Neutron Networker composable role"
Jenkins [Fri, 7 Jul 2017 18:22:23 +0000 (18:22 +0000)]
Merge "Add sample usage of StorageMgmt network for compute nodes"
Pradeep Kilambi [Wed, 24 May 2017 17:52:21 +0000 (13:52 -0400)]
Remove ceilometer apache files on upgrade
Ceilometer API runs under apache. Since this service is
deprecated and disabled in pike, we need to ensure the
apache files are removed during upgrade.
Change-Id: I0c0913e74396bd463f5a6da46f83512bab77b75e
Alex Schultz [Fri, 9 Jun 2017 14:59:51 +0000 (08:59 -0600)]
Add in roles data validation
With the merging of Iad3e9b215c6f21ba761c8360bb7ed531e34520e6 the
roles_data.yaml should be generated with tripleoclient rather than
edited. This change adds in a pep8 task to verify that the appropriate
role files in roles/ have been modified to match how our default
roles_data.yaml is constructed. Additionally this change adds a new tox
target called 'genrolesdata' that will all you to automatically generate
roles_data.yaml and roles_data_undercloud.yaml
Change-Id: I5eb15443a131a122d1a4abf6fc15a3ac3e15941b
Related-Blueprint: example-custom-role-environments
Emilien Macchi [Thu, 22 Jun 2017 20:21:49 +0000 (16:21 -0400)]
Rename CongressApi to Congress (docker)
Before it was Congress, let's stay consistent and stop using CongressApi
in Docker service, because we release.
Change-Id: Id939b3d70e185da4279f3860812fa5dce27d64dd
Emilien Macchi [Tue, 27 Jun 2017 13:21:59 +0000 (09:21 -0400)]
Switch from oslosphinx to openstackdocstheme
As part of the docs migration work[0] for Pike we need to switch to use the
openstackdocstheme.
[0] https://review.openstack.org/#/c/472275/
Change-Id: Ib2b6afb7075c68fecf1fbeaf650a31a7494af49f
Jenkins [Thu, 6 Jul 2017 10:54:32 +0000 (10:54 +0000)]
Merge "Enable Neutron LBaaS Integration"
Jenkins [Wed, 5 Jul 2017 21:23:47 +0000 (21:23 +0000)]
Merge "Update cinder-netapp-config environment"
Jenkins [Wed, 5 Jul 2017 20:28:55 +0000 (20:28 +0000)]
Merge "Fix typo in roles/Networker.yaml"
Steven Hardy [Thu, 1 Jun 2017 10:25:06 +0000 (11:25 +0100)]
Modify generic role template to support custom networks
Render all per-network resources and interfaces via j2 to enable
future support for custom networks via network_data.yaml
Note this doesn't enable custom networks for the built-in roles
as we skip j2 rendering for them, this will be resolved by converting
them to use the generic role template instead of the hard-coded
ones listed in the j2_excludes.yaml.
Depends-On: I18fa3829ff38ac200550d8e36bbe334c0005da22
Change-Id: I49565f9389f3ec9aef4861e23a3bed64a85501e6
Partially-Implements: blueprint composable-networks
Jenkins [Wed, 5 Jul 2017 13:57:43 +0000 (13:57 +0000)]
Merge "Adds docker OpenDaylight"
Jenkins [Wed, 5 Jul 2017 13:40:07 +0000 (13:40 +0000)]
Merge "Update NovaCompute to consume CephClientKey"
Jenkins [Wed, 5 Jul 2017 10:09:46 +0000 (10:09 +0000)]
Merge "Bind mount needed cert for haproxy"
Jenkins [Wed, 5 Jul 2017 10:08:07 +0000 (10:08 +0000)]
Merge "Allow volumes in puppet_config containers spec"
Jenkins [Wed, 5 Jul 2017 00:41:16 +0000 (00:41 +0000)]
Merge "Convert role templates to consume roles_data map"
Jenkins [Wed, 5 Jul 2017 00:35:31 +0000 (00:35 +0000)]
Merge "New environment file to configure containers."
Jenkins [Tue, 4 Jul 2017 21:22:43 +0000 (21:22 +0000)]
Merge "Updated from global requirements"
Jenkins [Tue, 4 Jul 2017 21:21:37 +0000 (21:21 +0000)]
Merge "Install ansible-pacemaker on O->P upgrade"
OpenStack Proposal Bot [Tue, 4 Jul 2017 17:59:34 +0000 (17:59 +0000)]
Updated from global requirements
Change-Id: I714ecad87a406bc237e3d4fdf88bc7e10555693c
Steven Hardy [Tue, 4 Jul 2017 14:11:27 +0000 (15:11 +0100)]
Fix typo in roles/Networker.yaml
The captialization mismatch here means the role currently doesn't
work.
Change-Id: Iced5004f993f8c100268361d87580d922e47f983
Ryan Hefner [Mon, 4 Apr 2016 17:49:19 +0000 (13:49 -0400)]
Enable Neutron LBaaS Integration
Allows the configuration of the Neutron LBaaS agent.
Implements: blueprint lbaasv2-service-integration
Change-Id: Iae2bf7faeea93d5275994b2ee10f9bf863ed6152
Depends-On: Ieeb21fafd340fdfbaddbe7633946fe0f05c640c9
Steven Hardy [Wed, 31 May 2017 10:22:49 +0000 (11:22 +0100)]
Convert role templates to consume roles_data map
Currently we only consume the name with a special-case
for the disable constraints boolean, but it will be more
flexible if we consume the whole roles_data mapping for
each role, so that e.g composable networks and other
per-role customizations can be expressed in these
templates
Partially-Implements: blueprint composable-networks
Depends-On: Id1249b78b3dd87e91d572ffa31b7a541f3cde2c7
Change-Id: I355534ec456479944f66106e957404a660d8f2d2
Jenkins [Tue, 4 Jul 2017 04:35:00 +0000 (04:35 +0000)]
Merge "Make ceilometer crontab removal idempotent"
Tim Rozet [Mon, 22 May 2017 21:52:18 +0000 (17:52 -0400)]
Adds docker OpenDaylight
Depends-On: I020550ede0ef981582392cf6c48dd5cb5823a074
Depends-On: I610b07a3c2bcf1c3288f76112a08b81c50e06913
Depends-On: I3d378044b3da5309b60967a12df7800520a254dc
Depends-On: I9c32b41ef865a09587f3ebfe8b8a896031fbd285
Depends-On: Ib31bf29bc69f5c58e98b99c3e598b19c99efc77f
Change-Id: I36c7390ddb4192e55ee56006fd6e9c5f8704445c
Signed-off-by: Tim Rozet <trozet@redhat.com>
Keith Schincke [Wed, 24 May 2017 15:55:23 +0000 (11:55 -0400)]
Update NovaCompute to consume CephClientKey
It is not necessary to get the Ceph key issueing a get-key to the Ceph
cluster; this change provides the libvirt key via parameter instead.
Change-Id: Iff3dbcb0f1b4d2373570e184e636a71553cea708
Jenkins [Mon, 3 Jul 2017 12:16:29 +0000 (12:16 +0000)]
Merge "Add ServerIdMap output"
Jenkins [Mon, 3 Jul 2017 09:47:32 +0000 (09:47 +0000)]
Merge "adding --config-dir parameters to neutron containers"
Jenkins [Sun, 2 Jul 2017 15:16:58 +0000 (15:16 +0000)]
Merge "Move glance::api::show_multiple_locations within GlanceApi"
Or Idgar [Thu, 22 Jun 2017 14:57:03 +0000 (14:57 +0000)]
adding --config-dir parameters to neutron containers
Change-Id: I521e89994e9be6efd335c5809810d9188dc1742f
Closes-Bug: #
1684908
Ian Main [Thu, 29 Jun 2017 00:30:39 +0000 (20:30 -0400)]
New environment file to configure containers.
This is part of a larger series that changes the interface used
for configuring which containers are used. This needs CI and
possibly quickstart updates to use this environment file so CI
will continue to pass.
Change-Id: I125137ba45f608cf84ea0a7146edd744a549d23b
Co-Authored-By: Dan Prince <dprince@redhat.com>
Jenkins [Fri, 30 Jun 2017 21:48:12 +0000 (21:48 +0000)]
Merge "Re-enable default for RoleParameters"
Jenkins [Fri, 30 Jun 2017 21:40:38 +0000 (21:40 +0000)]
Merge "Fix typo in config_volume"
Jenkins [Fri, 30 Jun 2017 19:52:41 +0000 (19:52 +0000)]
Merge "Make NovaWorkers descriptions consistent"
Jenkins [Fri, 30 Jun 2017 14:04:31 +0000 (14:04 +0000)]
Merge "cisco nexus: keep OVS on the Compute"
Jenkins [Fri, 30 Jun 2017 13:44:59 +0000 (13:44 +0000)]
Merge "Ensure boostrap_host_exec runs as root"
Jenkins [Fri, 30 Jun 2017 13:43:35 +0000 (13:43 +0000)]
Merge "scenario001: containerize services for CI"
Jenkins [Fri, 30 Jun 2017 11:18:43 +0000 (11:18 +0000)]
Merge "Add a docker-ha.yaml environment file for containerized HA deployments"
Oliver Walsh [Fri, 30 Jun 2017 10:51:06 +0000 (11:51 +0100)]
Tolerate network errors in pingtest retry logic
We use ping -w <deadline> -c <count>. This will ping every second until
<count> replies are received, or <deadline> is reached, or a network error occurs.
With the current retry logic a network error will result in a short tight loop
instead of waiting for the network to come up.
This change reduces the deadline to 10s, but sleeps 60s between retries.
Change-Id: Ib00cff6f843c04a00737b40e3ef3d1560d6e6d2d
Related-bug: #
1680167
Jenkins [Fri, 30 Jun 2017 08:36:53 +0000 (08:36 +0000)]
Merge "Force mtime for tar used in container config md5sums"
Jenkins [Fri, 30 Jun 2017 08:35:46 +0000 (08:35 +0000)]
Merge "Add stack_name/ctlplane_service_ips into post-upgrade.j2.yaml"
Martin André [Wed, 28 Jun 2017 15:10:27 +0000 (17:10 +0200)]
Ensure boostrap_host_exec runs as root
This is necessary for accessing the bind mounted hieradata in the
container in order to determine if the node is the primary node.
With the new validation added to yaml-validate.py, we could spot
potential issues in sahara-api and keystone bootstrap tasks.
The keystone one is a false positive, as the image defaults to the root
user in order to be able to run apache. Still, it is better to be
consistent here and specify the root user nonetheless.
Change-Id: Ib0ff9748d5406f507261e506c19b96750b10e846
Closes-Bug: #
1697917
Sven Anderson [Tue, 20 Jun 2017 12:53:34 +0000 (14:53 +0200)]
Fix typo in config_volume
Change-Id: I6a53a56c534f24cb514d8aeb8cec3d7865b93448
Martin André [Tue, 13 Jun 2017 13:35:16 +0000 (15:35 +0200)]
Bind mount needed cert for haproxy
haproxy needs the deployed SSL cert file to function when TLS is
enabled.
It is also required for the docker-puppet haproxy container since the
haproxy puppet module uses a validate_cmd to check the generated config
file is valid that fails when the required SSL cert is not present.
There is no clean way to disable this feature [1] so we need to bind
mount the cert into the container.
[1] https://github.com/puppetlabs/puppetlabs-haproxy/blob/
4753ea5b2506ee093e9b4c8af6e91201d476d426/manifests/config.pp#L53-L57
Change-Id: Id2df144b678769def204961236624091d4e5c457
James Slagle [Tue, 27 Jun 2017 16:48:59 +0000 (12:48 -0400)]
Allow volumes in puppet_config containers spec
Mounting host volumes when running containers via puppet_config already
works and is supported with docker-puppet.py. However, the validation in
yaml-validate.py does not allow it. This patch makes it allowed by the
validation.
It is sometimes necessary since some puppet modules expect to make
persistent file system changes other than just configuration data under
/etc.
In particular, ironic inspector expects to configure a http and tftp
root director with an ipxe configuration. See:
https://github.com/openstack/puppet-ironic/blob/master/manifests/inspector.pp
These changes would be lost if the value for those directories are not
mounted as host volumes.
Change-Id: Ie51c653f4c666fbaaef0ea80990e2e61f4b1353b
Jenkins [Fri, 30 Jun 2017 04:12:32 +0000 (04:12 +0000)]
Merge "Add missing xinetd/rsync container for Swift"
Jenkins [Fri, 30 Jun 2017 03:52:38 +0000 (03:52 +0000)]
Merge "Add detach to docker-toool"
Jenkins [Fri, 30 Jun 2017 03:00:31 +0000 (03:00 +0000)]
Merge "Add README to ci/environments directory"