apex-tripleo-heat-templates.git
7 years agohorizon: switch keystone_url to use uri_no_suffix
Emilien Macchi [Fri, 10 Mar 2017 17:25:40 +0000 (12:25 -0500)]
horizon: switch keystone_url to use uri_no_suffix

Switch Horizon to use keystone_url with keystone versionless endpoint.

Change-Id: I7a22136937d414b2c3713894e04b0f093247ad33
Partial-implement: blueprint keystone-v3

7 years agoRemove docker_image sections (unused)
Dan Prince [Mon, 6 Mar 2017 18:58:10 +0000 (13:58 -0500)]
Remove docker_image sections (unused)

We don't use docker_image for anything. It is a remant of the
pre-composable docker templates and we can now remove it.

This patch removes references to the 'docker_image' section
from docker/post.yaml and all of the docker/services* templates.

Change-Id: I208c1ef1550ab39ab0ee47ab282f9b1937379810

7 years agoMerge "Pass hieradata for internal TLS for RabbitMQ"
Jenkins [Thu, 9 Mar 2017 22:56:55 +0000 (22:56 +0000)]
Merge "Pass hieradata for internal TLS for RabbitMQ"

7 years agoMerge "FQDN validation"
Jenkins [Thu, 9 Mar 2017 21:44:21 +0000 (21:44 +0000)]
Merge "FQDN validation"

7 years agoMerge "Keystone token flush cron job should log to a file"
Jenkins [Thu, 9 Mar 2017 21:44:13 +0000 (21:44 +0000)]
Merge "Keystone token flush cron job should log to a file"

7 years agoUpdate docs per new puppet_config interface
Dan Prince [Tue, 7 Mar 2017 19:12:37 +0000 (14:12 -0500)]
Update docs per new puppet_config interface

This updates the docker/service README so that it
correctly documents the current requirements of the new
puppet_config interface.

Change-Id: I0f3e00ea3cce24152475abf6df34f4836e32c9c8

7 years agoMerge "Move nova-scheduler data into puppet_config"
Jenkins [Thu, 9 Mar 2017 13:35:55 +0000 (13:35 +0000)]
Merge "Move nova-scheduler data into puppet_config"

7 years agoMerge "Add validation for VPP upgrade tasks"
Jenkins [Thu, 9 Mar 2017 13:13:40 +0000 (13:13 +0000)]
Merge "Add validation for VPP upgrade tasks"

7 years agoMerge "Enable Docker service for Compute role"
Jenkins [Thu, 9 Mar 2017 11:51:28 +0000 (11:51 +0000)]
Merge "Enable Docker service for Compute role"

7 years agoMerge "Set number of Swift proxy server workers to auto"
Jenkins [Thu, 9 Mar 2017 11:28:55 +0000 (11:28 +0000)]
Merge "Set number of Swift proxy server workers to auto"

7 years agoPass hieradata for internal TLS for RabbitMQ
Juan Antonio Osorio Robles [Fri, 9 Dec 2016 13:22:42 +0000 (15:22 +0200)]
Pass hieradata for internal TLS for RabbitMQ

As with other services, this passes the necessary hieradata to enable
TLS for RabbitMQ. This will mean (once we set it via puppet-tripleo)
that there will only be TLS connections, as the ssl_only option is being
used.

bp tls-via-certmonger

Change-Id: I960bf747cd5e3040f99b28e2fc5873ca3a7472b5
Depends-On: Ic2a7f877745a0a490ddc9315123bd1180b03c514

7 years agoMerge "sahara: configure keystone_authtoken parameters"
Jenkins [Thu, 9 Mar 2017 10:20:48 +0000 (10:20 +0000)]
Merge "sahara: configure keystone_authtoken parameters"

7 years agoMerge "barbican: Use versionless keystone endpoints"
Jenkins [Thu, 9 Mar 2017 09:57:24 +0000 (09:57 +0000)]
Merge "barbican: Use versionless keystone endpoints"

7 years agosahara: configure keystone_authtoken parameters
Emilien Macchi [Tue, 7 Mar 2017 17:06:10 +0000 (12:06 -0500)]
sahara: configure keystone_authtoken parameters

Configure keystone_authtoken for Sahara service.

Change-Id: I045b7d1d52851ab0d532a8524fcea95705e3db78
Partial-implement: blueprint keystone-v3

7 years agoMerge "Remove the openvswitch special case upgrade code"
Jenkins [Wed, 8 Mar 2017 09:51:16 +0000 (09:51 +0000)]
Merge "Remove the openvswitch special case upgrade code"

7 years agobarbican: Use versionless keystone endpoints
Juan Antonio Osorio Robles [Wed, 8 Mar 2017 08:17:11 +0000 (10:17 +0200)]
barbican: Use versionless keystone endpoints

This also moves the explicit usages of the Keystone V3 endpoint fromt he
EndpointMap, as using the uri_no_suffix defeats that usage.

Change-Id: I5f07a0cee07fa28b88c419e25e014094004b1bce
Partial-Implement: blueprint keystone-v3

7 years agoMove nova-scheduler data into puppet_config
Dan Prince [Tue, 7 Mar 2017 18:17:29 +0000 (13:17 -0500)]
Move nova-scheduler data into puppet_config

This is now required per the puppet_config interfaces for docker
services (per I208c1ef1550ab39ab0ee47ab282f9b1937379810)

Change-Id: Iab96919cb0a6b15942f3c19f8d28205261174edc

7 years agoEnable Docker service for Compute role
Martin André [Tue, 7 Mar 2017 15:06:30 +0000 (16:06 +0100)]
Enable Docker service for Compute role

A recent commit [1] change how docker is installed and configured on
the overcloud nodes, from a cloud-init script to a proper puppet
profile in puppet-tripleo but forgot to enable the docker service on
the compute nodes.

[1] Ia50169819cb959025866348b11337728f8ed5c9e

Change-Id: I202723d0e48f110e5b0dbfe3dcf6646da9f37948

7 years agoMerge "sshd template, rename hiera key"
Jenkins [Tue, 7 Mar 2017 23:56:18 +0000 (23:56 +0000)]
Merge "sshd template, rename hiera key"

7 years agoAdd puppet_config to docker neutron-l3 service
Dan Prince [Mon, 6 Mar 2017 21:34:13 +0000 (16:34 -0500)]
Add puppet_config to docker neutron-l3 service

This patch makes the neutron-l3 docker service adhere
to the new puppet_config interface.

Change-Id: If5b73ec90637e878af55c8404d1eff8c18e857c3

7 years agoMerge "Enable keystone cadf notifications"
Jenkins [Tue, 7 Mar 2017 16:40:53 +0000 (16:40 +0000)]
Merge "Enable keystone cadf notifications"

7 years agosshd template, rename hiera key
Steven Hardy [Tue, 7 Mar 2017 11:43:00 +0000 (11:43 +0000)]
sshd template, rename hiera key

This means we can remove the special BannerText hiera reference
in the puppet-tripleo profile

Change-Id: Id4c8b853fa0e9bcdffe2cf7cd1554a9be7451b25

7 years agoMerge "Enable composable upgrades for docker service templates"
Jenkins [Tue, 7 Mar 2017 10:08:20 +0000 (10:08 +0000)]
Merge "Enable composable upgrades for docker service templates"

7 years agoMerge "Add docker composable service template"
Jenkins [Tue, 7 Mar 2017 10:06:09 +0000 (10:06 +0000)]
Merge "Add docker composable service template"

7 years agoMerge "Adds upgrade tasks for OpenDaylight services"
Jenkins [Tue, 7 Mar 2017 03:39:38 +0000 (03:39 +0000)]
Merge "Adds upgrade tasks for OpenDaylight services"

7 years agoMerge "Overwrite nova placement with stub for docker"
Jenkins [Tue, 7 Mar 2017 00:29:31 +0000 (00:29 +0000)]
Merge "Overwrite nova placement with stub for docker"

7 years agoMerge "Fix a typo"
Jenkins [Mon, 6 Mar 2017 21:11:53 +0000 (21:11 +0000)]
Merge "Fix a typo"

7 years agoMerge "Cinder-api upgrade: use httpd instead of apachectl"
Jenkins [Mon, 6 Mar 2017 18:46:22 +0000 (18:46 +0000)]
Merge "Cinder-api upgrade: use httpd instead of apachectl"

7 years agoEnable keystone cadf notifications
Yolanda Robla [Mon, 6 Mar 2017 17:09:19 +0000 (18:09 +0100)]
Enable keystone cadf notifications

It will allow to configure keystone event notifications
using CADF, as documented on:
https://docs.openstack.org/developer/keystone/event_notifications.html

CADF events provide auditing capabilities for compliance with
security.

Change-Id: Id16b264c295b9e3adbf960366ff8328ba8dcd485

7 years agoEnable composable upgrades for docker service templates
Steven Hardy [Wed, 1 Mar 2017 13:57:13 +0000 (13:57 +0000)]
Enable composable upgrades for docker service templates

This aligns the docker based services with the new composable upgrades
architecture we landed for ocata, and does a first-pass adding upgrade_tasks
for the services (these may change, atm we only disable the service on
the host).

To run the upgrade workflow you basically do two steps:

openstack overcloud deploy --templates \
  -e environments/major-upgrade-composable-steps-docker.yaml

This will run the ansible upgrade steps we define via upgrade_tasks
then run the normal docker PostDeploySteps to bring up the containers.

For the puppet workflow there's then an operator driven step where
compute nodes (and potentially storage nodes) are upgrades in batches
and finally you do:

openstack overcloud deploy --templates \
  -e environments/major-upgrade-converge-docker.yaml

In the puppet case this re-applies puppet to unpin the nova RPC API
so I guess it'll restart the nova containers this affects but otherwise
will be a no-op (we also disable the ansible steps at this point.

Depends-On: I9057d47eea15c8ba92ca34717b6b5965d4425ab1
Change-Id: Ia50169819cb959025866348b11337728f8ed5c9e

7 years agoAdd docker composable service template
Steven Hardy [Thu, 2 Mar 2017 12:08:39 +0000 (12:08 +0000)]
Add docker composable service template

This uses a puppet-tripleo profile to configure and start docker
in step1 of the deployment, which is before we attempt to deploy
any containers (see docker/services/README.rst#docker-steps)

This enables existing environments on upgrade to configure things
correctly, without using the docker/firstboot/setup_docker_host.sh
- the firstboot approach may still be needed for atomic, but for
environments where we can run puppet on the host this integrates
more cleanly with our existing architecture I think.

Depends-On: Id8add1e8a0ecaedb7d8a7dc9ba3747c1ac3b8eea
Change-Id: If4ffe21579bcb2770f4e5a96be7960b52927a27b

7 years agoMerge "Make neutron dhcp agents per network conditional"
Jenkins [Mon, 6 Mar 2017 14:42:57 +0000 (14:42 +0000)]
Merge "Make neutron dhcp agents per network conditional"

7 years agoMerge "Use the new hiera hook in all remaining templates"
Jenkins [Mon, 6 Mar 2017 14:04:46 +0000 (14:04 +0000)]
Merge "Use the new hiera hook in all remaining templates"

7 years agoAdd validation for VPP upgrade tasks
Feng Pan [Tue, 28 Feb 2017 12:58:39 +0000 (07:58 -0500)]
Add validation for VPP upgrade tasks

Change-Id: I54a3cac11ae63c553f831a3f8eeca2cbe4cc88d3
Signed-off-by: Feng Pan <fpan@redhat.com>
7 years agoCinder-api upgrade: use httpd instead of apachectl
Juan Antonio Osorio Robles [Mon, 6 Mar 2017 12:21:10 +0000 (14:21 +0200)]
Cinder-api upgrade: use httpd instead of apachectl

It doesn't work downstream, so the httpd command was recommended.

Change-Id: I4807333b80dad10f16e5deb56cbfdda656cd1e50

7 years agoMerge "ec2-api: Get FQDN from hiera instead of puppet fact"
Jenkins [Mon, 6 Mar 2017 12:18:57 +0000 (12:18 +0000)]
Merge "ec2-api: Get FQDN from hiera instead of puppet fact"

7 years agoMerge "Removes old environment file references"
Jenkins [Mon, 6 Mar 2017 11:53:03 +0000 (11:53 +0000)]
Merge "Removes old environment file references"

7 years agoMerge "Put docker puppet config in puppet_config dict"
Jenkins [Mon, 6 Mar 2017 10:32:52 +0000 (10:32 +0000)]
Merge "Put docker puppet config in puppet_config dict"

7 years agoUse the new hiera hook in all remaining templates
marios [Mon, 6 Mar 2017 08:33:01 +0000 (10:33 +0200)]
Use the new hiera hook in all remaining templates

The new hiera hook in I21639f6aadabf9e49f40d1bb0b1d0edcfc4dbc5e
was added to most of the tripleo-heat-templates in
Ibe7e2044e200e2c947223286fdf4fd5bcf98c2e1

The new hook is installed by default if you use tripleo-common
Ia1864933235152b7e899c4442534879f8e22240d and will be installed
as part of the Newton to Ocata upgrades workflow in
I0c7a32194c0069b63a501a913c17907b47c9cc16

In order to use the new hiera data as part of the upgrade we
need to remove the old hieradata which will break anyone still
defining and using it. This change updates the remaining vendor
plugin manifests to use the new hiera hook. The pre-requisite
is that the new hook is installed on their overcloud (as above
it comes if you follow the N..O upgrade)

Change-Id: Ic95154734cb21e6b941c7f1569295b413963831d

7 years agoMerge "etcd: Get FQDN from hiera instead of puppet fact"
Jenkins [Sat, 4 Mar 2017 11:32:20 +0000 (11:32 +0000)]
Merge "etcd: Get FQDN from hiera instead of puppet fact"

7 years agoMerge "Fix httpd dir create to not error if exists"
Jenkins [Fri, 3 Mar 2017 22:09:43 +0000 (22:09 +0000)]
Merge "Fix httpd dir create to not error if exists"

7 years agoMerge "Fix Panko API upgrade process"
Jenkins [Fri, 3 Mar 2017 15:04:51 +0000 (15:04 +0000)]
Merge "Fix Panko API upgrade process"

7 years agoRemoves old environment file references
Christopher Brown [Fri, 3 Mar 2017 14:00:53 +0000 (14:00 +0000)]
Removes old environment file references

ODL-l3 env file was removed in commit 7163746
manage-firewall was removed in commit 2064ab8 as this was enabled
by default

Change-Id: I8ed8d4ed5bf709f2ac581adfaacc24a7582f13bd

7 years agoFix httpd dir create to not error if exists
Pradeep Kilambi [Thu, 2 Mar 2017 16:53:26 +0000 (11:53 -0500)]
Fix httpd dir create to not error if exists

In cases where /var/log/httpd already exists, this exits with error
code 1.

$ sudo docker logs keystone-init-log
mkdir: cannot create directory '/var/log/httpd': File exists

Change-Id: I62bf08d9fc9e02d5f3016bd14bb0a090b76ac837

7 years agoMerge "Enable IronicPxe in the undercloud"
Jenkins [Fri, 3 Mar 2017 12:53:46 +0000 (12:53 +0000)]
Merge "Enable IronicPxe in the undercloud"

7 years agoMerge "Removes opencontrail reference"
Jenkins [Fri, 3 Mar 2017 11:48:34 +0000 (11:48 +0000)]
Merge "Removes opencontrail reference"

7 years agoetcd: Get FQDN from hiera instead of puppet fact
Juan Antonio Osorio Robles [Fri, 3 Mar 2017 09:08:38 +0000 (11:08 +0200)]
etcd: Get FQDN from hiera instead of puppet fact

The puppet facts will be removed soon and using the hiera value is
adviced instead.

Change-Id: I318f81abaac997370e950780993dc95cae088327

7 years agoec2-api: Get FQDN from hiera instead of puppet fact
Juan Antonio Osorio Robles [Fri, 3 Mar 2017 09:07:08 +0000 (11:07 +0200)]
ec2-api: Get FQDN from hiera instead of puppet fact

The puppet facts will be removed soon and using the hiera value is
adviced instead.

Change-Id: I3ba89dd9bd471c5723325efc9041ca6da937ccc5

7 years agoRemove the openvswitch special case upgrade code
marios [Wed, 22 Feb 2017 15:29:45 +0000 (17:29 +0200)]
Remove the openvswitch special case upgrade code

Removed from the tripleo_upgrade_node.sh (major upgrade) & yum_update.sh
(minor update). The workaround is no longer needed and in fact has the
opposite effect killing connectitivity to the node. The 'normal' yum
update on nodes delivers the latest openvswitch 2.6.1 with no drama.

Also adds a 'complete' message, some extra debug echo for logs
and removes the python-zaqarclient install no longer needed

Closes-Bug: 1669714
Change-Id: Icd1517bcade36781fa0da21d045ffd9ec68efc38

7 years agoFix Panko API upgrade process
Emilien Macchi [Fri, 3 Mar 2017 03:24:52 +0000 (22:24 -0500)]
Fix Panko API upgrade process

Upgrade process wasn't consistent and correct.

Change-Id: Id1f810d33c2909957be9a2c96d18c96dee939953

7 years agoMerge "Make UpdateDeployment depend on NetworkDeployment"
Jenkins [Thu, 2 Mar 2017 23:31:43 +0000 (23:31 +0000)]
Merge "Make UpdateDeployment depend on NetworkDeployment"

7 years agoOverwrite nova placement with stub for docker
Dan Prince [Thu, 2 Mar 2017 17:41:30 +0000 (12:41 -0500)]
Overwrite nova placement with stub for docker

This updates kolla config to overwrite the stock
version with the puppet-nova generated mock.

Depends-On: Ie16a60c604ecf9f4012b0630f91e6ece2b6855db

Change-Id: I320f024adc88102ea24c0212702fe2dce826874f
Closes-bug: #440612

7 years agoEnable IronicPxe in the undercloud
Dan Prince [Thu, 2 Mar 2017 20:11:10 +0000 (15:11 -0500)]
Enable IronicPxe in the undercloud

This enables the IronicPxe services which are split out
into separate templates for the containerized undercloud.

Change-Id: I0ec3cefec9b47ef3c59de6972541ef9b560aacb7

7 years agoMerge "Add plan-environment.yaml"
Jenkins [Thu, 2 Mar 2017 18:47:35 +0000 (18:47 +0000)]
Merge "Add plan-environment.yaml"

7 years agoRemoves opencontrail reference
Christopher Brown [Thu, 2 Mar 2017 16:21:55 +0000 (16:21 +0000)]
Removes opencontrail reference

The opencontrail environment file was removed in commit da91bb6
so this is no longer required

Change-Id: I835dc665ede7fdb50d5be2c3251b8acf20c3ce37

7 years agoMerge "Add upgrade task for panko api"
Jenkins [Thu, 2 Mar 2017 14:01:32 +0000 (14:01 +0000)]
Merge "Add upgrade task for panko api"

7 years agoMerge "Upgrades: fix up the rabbitmq HA mode like in new ocata deployments"
Jenkins [Thu, 2 Mar 2017 12:21:15 +0000 (12:21 +0000)]
Merge "Upgrades: fix up the rabbitmq HA mode like in new ocata deployments"

7 years agoAdd upgrade task for panko api
Pradeep Kilambi [Sun, 26 Feb 2017 23:34:33 +0000 (18:34 -0500)]
Add upgrade task for panko api

Change-Id: Icc5fbf99301ae47344e1582767e1e7a4687f491b

7 years agoMerge "Add mistral service support for composable upgrades"
Jenkins [Thu, 2 Mar 2017 09:49:44 +0000 (09:49 +0000)]
Merge "Add mistral service support for composable upgrades"

7 years agoMerge "upgrades/validation: only run validation when services exist"
Jenkins [Thu, 2 Mar 2017 09:49:37 +0000 (09:49 +0000)]
Merge "upgrades/validation: only run validation when services exist"

7 years agoUpgrades: fix up the rabbitmq HA mode like in new ocata deployments
Michele Baldessari [Tue, 28 Feb 2017 15:37:07 +0000 (16:37 +0100)]
Upgrades: fix up the rabbitmq HA mode like in new ocata deployments

In ocata we changed the rabbitmq ha policy to "ha-exactly" via the
following changes:
- tht: Iace6daf27a76cb8ef1050ada0de7ff1f530916c6
- puppet-tripleo: Ib62001c03e1e08f58cf0c6e0ba07a8879a584084

We took care of the upgrade path via I3a97505d2ae1ae27f3080ffe74c33fdabffd2420

With the move to the ansible-based composable upgrades we left this change out.
And now an upgraded environment has the following policy:
- Upgraded environment
Attributes: set_policy="ha-all ^(?!amq\.).* {"ha-mode":"all"}"

- New environment
Attributes: set_policy="ha-all ^(?!amq\.).* {"ha-mode":"exactly","ha-params":2}"

We need to add this pcs resource change to the our upgrade scripts.

Change-Id: I3c4113c207e9d0c45be43df7c2379ac26cb60692
Closes-Bug: #1668600

7 years agoMerge "Containerize neutron-l3 agent"
Jenkins [Wed, 1 Mar 2017 23:18:08 +0000 (23:18 +0000)]
Merge "Containerize neutron-l3 agent"

7 years agoPut docker puppet config in puppet_config dict
Steve Baker [Wed, 1 Mar 2017 03:09:31 +0000 (03:09 +0000)]
Put docker puppet config in puppet_config dict

This approach removes the need for the yaql zip to build the
docker-puppet data by building the data in a puppet_config dict.

This allows a future change to make docker-puppet.py only accept dict
data.

Currently the step_config is left where it is and referenced inside
puppet_config, but feedback is welcome whether this is necessary or
desirable.

Change-Id: I4a4d7a6fd2735cb841174af305dbb62e0b3d3e8c

7 years agoAdds upgrade tasks for OpenDaylight services
Tim Rozet [Mon, 27 Feb 2017 20:19:56 +0000 (15:19 -0500)]
Adds upgrade tasks for OpenDaylight services

Change-Id: I740b20b12acb3740886409bff86c4989f0a066f4
Signed-off-by: Tim Rozet <trozet@redhat.com>
7 years agoMerge "Associate unmapped hosts with cell mappings"
Jenkins [Wed, 1 Mar 2017 19:54:00 +0000 (19:54 +0000)]
Merge "Associate unmapped hosts with cell mappings"

7 years agoAdd mistral service support for composable upgrades
Steven Hardy [Thu, 1 Dec 2016 10:04:58 +0000 (10:04 +0000)]
Add mistral service support for composable upgrades

Change-Id: I189edaf69c0e97a3399e6af939595f98322d7c03
Partially-Implements: blueprint overcloud-upgrades-per-service

7 years agoupgrades/validation: only run validation when services exist
Emilien Macchi [Mon, 27 Feb 2017 18:04:08 +0000 (13:04 -0500)]
upgrades/validation: only run validation when services exist

During upgrades, validation test if a service is running before the
upgrade process starts.
In some cases, servies doesn't exist yet so we don't want to run the
validation.

This patch makes sure we check if the service is actually present on the
system before validating it's running correctly.

Also it makes sure that services are enabled before trying to stop them.
It allows use-cases where we want to add new services during an upgrade.
Also install new packages of services added in Ocata, so we can validate
upgrades on scenarios jobs.

Change-Id: Ib48fb6b1557be43956557cbde4cbe26b53a50bd8

7 years agoContainerize neutron-l3 agent
John Trowbridge [Mon, 27 Feb 2017 15:01:00 +0000 (10:01 -0500)]
Containerize neutron-l3 agent

This allows to run a containerized neutron on the overcloud.

Co-Authored-By: Martin André <m.andre@redhat.com>
Depends-On: Iaf6536b1c4d0b2b118af92295136378cdfeee9d1
Change-Id: I86a12248d4f28f4dbe7708be928bcd8a45968d01

7 years agoAssociate unmapped hosts with cell mappings
John Trowbridge [Mon, 27 Feb 2017 15:00:25 +0000 (10:00 -0500)]
Associate unmapped hosts with cell mappings

Otherwise the containerized nova running in the overcloud fails with
"Host 'overcloud-novacompute-0' is not mapped to any cell, Code: 400".

Co-Authored-By: Martin André <m.andre@redhat.com>
Change-Id: I9ff77f25bfd1f37167b0638a32fe5049951bc5b4

7 years agoMerge "Disable exit on error for pacemaker commands for update flow"
Jenkins [Wed, 1 Mar 2017 14:42:02 +0000 (14:42 +0000)]
Merge "Disable exit on error for pacemaker commands for update flow"

7 years agoMerge "Switch to dict format for docker_puppet_tasks"
Jenkins [Wed, 1 Mar 2017 11:56:31 +0000 (11:56 +0000)]
Merge "Switch to dict format for docker_puppet_tasks"

7 years agoAdd plan-environment.yaml
Ana Krivokapic [Fri, 6 Jan 2017 13:58:33 +0000 (14:58 +0100)]
Add plan-environment.yaml

This file is needed for plan import and export features. We want to enable the
user to store the selection of environment options, so that it can be
re-imported, and it does not have to be perfmed manually multiple times.

The plan create workflow will look into the Swift
container for this file, and import its contents into the Mistral
environment. Conversely, plan export will create this file from the Mistral
environment contents, so that it can later be re-imported.

For more information, see the related blueprint, and the spec at
https://specs.openstack.org/openstack/tripleo-specs/specs/ocata/gui-plan-import-export.html

Partially implements: blueprint enhance-plan-creation-with-plan-environment

Change-Id: I95e3e3a25104623d6fcf38e99403cebbd591b92d

7 years agoMerge "Adding keystone parameters for Tacker"
Jenkins [Wed, 1 Mar 2017 11:06:04 +0000 (11:06 +0000)]
Merge "Adding keystone parameters for Tacker"

7 years agoMerge "Add etcd composable upgrade steps"
Jenkins [Wed, 1 Mar 2017 11:05:52 +0000 (11:05 +0000)]
Merge "Add etcd composable upgrade steps"

7 years agoMerge "Align hyperconverged-ceph.yaml environment and adds some validation"
Jenkins [Wed, 1 Mar 2017 11:05:45 +0000 (11:05 +0000)]
Merge "Align hyperconverged-ceph.yaml environment and adds some validation"

7 years agoMerge "Put service stop at step1 and quiesce at step2."
Jenkins [Wed, 1 Mar 2017 10:09:53 +0000 (10:09 +0000)]
Merge "Put service stop at step1 and quiesce at step2."

7 years agoMake UpdateDeployment depend on NetworkDeployment
Steven Hardy [Wed, 1 Mar 2017 09:51:20 +0000 (09:51 +0000)]
Make UpdateDeployment depend on NetworkDeployment

Prior to https://review.openstack.org/#/c/271450/ os-net-config was
applied via os-refresh-config directly, which meant that even though
UpdateDeployment and NetworkDeployment can be created concurrently,
we'd always do the os-net-config step first.

However now that we apply both steps via scripts (which are both handled
via the same heat-config hook) we should add an explicit dependency to
ensure the network is always fully configured before attempting to run
any update.  This should avoid the risk of e.g running an update on
initial deployment before the network connectivity to access yum repos
is in place.

Change-Id: Idff7a95afe7b49b6384b1d0c78e76522fb1f8eb7
Related-Bug: #1666227

7 years agoMerge "Use --disable= in subscription-manager to avoid shell expansion."
Jenkins [Wed, 1 Mar 2017 05:28:41 +0000 (05:28 +0000)]
Merge "Use --disable= in subscription-manager to avoid shell expansion."

7 years agoMerge "upgrades: fix ec2api conditional"
Jenkins [Wed, 1 Mar 2017 03:56:03 +0000 (03:56 +0000)]
Merge "upgrades: fix ec2api conditional"

7 years agoSwitch to dict format for docker_puppet_tasks
Steve Baker [Tue, 28 Feb 2017 23:34:51 +0000 (23:34 +0000)]
Switch to dict format for docker_puppet_tasks

This change gives the option of docker-puppet.py data to be in a dict
as well as a list. This allows docker_puppet_tasks data to use the
same keys as the top level puppet config data.

If the yaql fu can be worked out to build the top level data,
docker-puppet.py can later drop the list format entirely.

Change-Id: I7e2294c6c898d2340421c93516296ccf120aa6d2

7 years agoMerge "mysqlclient: Use actual parameter in puppet to set bind-address"
Jenkins [Wed, 1 Mar 2017 01:06:57 +0000 (01:06 +0000)]
Merge "mysqlclient: Use actual parameter in puppet to set bind-address"

7 years agoMerge "Adding keystone parameters for Congress"
Jenkins [Wed, 1 Mar 2017 01:06:09 +0000 (01:06 +0000)]
Merge "Adding keystone parameters for Congress"

7 years agoUse --disable= in subscription-manager to avoid shell expansion.
Vincent S. Cojot [Thu, 23 Feb 2017 14:38:24 +0000 (09:38 -0500)]
Use --disable= in subscription-manager to avoid shell expansion.

In extraconfig/pre_deploy/rhel-registration/scripts/rhel-registration,
there's a line that says:

   retry subscription-manager repos --disable '*'

I believe this is broken and will result in shell expansion being made.
The proper line should be:

   retry subscription-manager repos --disable='*'

This regression came from commit 2b06ed8adce2bcc18480b71c0f20a0ec2d21de19.
(Also see https://review.openstack.org/#/c/381233 )

This patch fixes the regression while preserving functionality
of the above change.

Closes-Bug: 1667316

Change-Id: I54f0db3f1f596f6356f7445cdc61737f20f14318
Signed-off-by: Vincent S. Cojot <vincent@cojot.name>
7 years agoDisable exit on error for pacemaker commands for update flow
Saravanan KR [Mon, 27 Feb 2017 13:46:03 +0000 (19:16 +0530)]
Disable exit on error for pacemaker commands for update flow

Package update fails on compute node, when yum_update checks for
pacemaker status via systemctl command. Because exit on error (-e)
option has been enabled recently, this issue is happening. Fixing
by, executing the command only on nodes where pacemaker is enabled.
Closes-Bug: #1668266

Change-Id: I2aae4e2fdfec526c835f8967b54e1db3757bca17

7 years agoPut service stop at step1 and quiesce at step2.
Sofer Athlan-Guyot [Fri, 24 Feb 2017 21:31:29 +0000 (22:31 +0100)]
Put service stop at step1 and quiesce at step2.

In the previous release[1], the services were stopped before the
pacemaker services, so that they get a chance to send last message to
the database/rabbitmq queue:

Let's do the upgrade in the same order.

[1] https://github.com/openstack/tripleo-heat-templates/blob/stable/newton/extraconfig/tasks/major_upgrade_controller_pacemaker_2.sh#L13-L71

Change-Id: I1c4045e8b9167396c9dfa4da99973102f1af1218

7 years agoupgrades: fix ec2api conditional
Emilien Macchi [Tue, 28 Feb 2017 16:09:41 +0000 (11:09 -0500)]
upgrades: fix ec2api conditional

Rename ec2-api_enabled to ec2_api_enabled so we avoid this error:
The conditional check 'ec2-api_enabled.rc == 0' failed.
The error was: error while evaluating conditional
(ec2-api_enabled.rc == 0): 'api_enabled' is undefined"}

Change-Id: Id325fd7eba397155eac7fb6c7410f88486173ba1

7 years agoAlign hyperconverged-ceph.yaml environment and adds some validation
Giulio Fidente [Tue, 28 Feb 2017 17:55:55 +0000 (18:55 +0100)]
Align hyperconverged-ceph.yaml environment and adds some validation

Until bug #1635409 is fixed we'll have to keep the default list
of services deployed by hyperconverged-ceph.yaml in sync with the
ServicesDefault list provided in roles_data.yaml

This change adds some logic in the templates validation script to
ensure that is preserved with future updates.

Change-Id: Ib767f9a24c3541b16f96bd6b6455cf797113fbd8

7 years agoMerge "Switch central and compute templates to use polling agent"
Jenkins [Tue, 28 Feb 2017 16:09:58 +0000 (16:09 +0000)]
Merge "Switch central and compute templates to use polling agent"

7 years agoAdding keystone parameters for Tacker
Dan Radez [Mon, 27 Feb 2017 17:56:58 +0000 (12:56 -0500)]
Adding keystone parameters for Tacker

Change-Id: I256d2fcb6353d029750113c1fec59a89c82583ca

7 years agoMake neutron dhcp agents per network conditional
Brent Eagles [Mon, 27 Feb 2017 15:12:20 +0000 (11:42 -0330)]
Make neutron dhcp agents per network conditional

While the heat templates specify a default value of 3, it rarely seems
to have an effect as the tripleoclient is setting this according to the
controller scale. This was fine before composable roles, but it is now
invalid. While the client needs to be modified to no longer set this
according to controller scale, the template should default to a sentinel
value that will allow the puppet code to determine the proper value by
the number of hosts that have the neutron dhcp agent deployed on them.

Depends-On: I5533e42c5ba9f72cc70d80489a07e30ee2341198
Partial-bug: #1632721
Change-Id: I06628764c4769d91bbc42efe1c722702d6574d02

7 years agoMerge "Add auditd upgrate steps"
Jenkins [Tue, 28 Feb 2017 15:23:21 +0000 (15:23 +0000)]
Merge "Add auditd upgrate steps"

7 years agoMerge "Add zaqar service for composable upgrade"
Jenkins [Tue, 28 Feb 2017 15:23:14 +0000 (15:23 +0000)]
Merge "Add zaqar service for composable upgrade"

7 years agoMerge "Add upgrade support for Horizon"
Jenkins [Tue, 28 Feb 2017 15:18:41 +0000 (15:18 +0000)]
Merge "Add upgrade support for Horizon"

7 years agoMerge "Add support for upgrading ec2-api"
Jenkins [Tue, 28 Feb 2017 14:32:40 +0000 (14:32 +0000)]
Merge "Add support for upgrading ec2-api"

7 years agoAdding keystone parameters for Congress
Dan Radez [Mon, 27 Feb 2017 17:06:33 +0000 (12:06 -0500)]
Adding keystone parameters for Congress

Change-Id: Ic50aee9e635f62f06fa757fa3d88d9d8c5b28fcb

7 years agoMerge "Configure SSL connection for MySQL client via client config file"
Jenkins [Tue, 28 Feb 2017 13:47:56 +0000 (13:47 +0000)]
Merge "Configure SSL connection for MySQL client via client config file"

7 years agomysqlclient: Use actual parameter in puppet to set bind-address
Juan Antonio Osorio Robles [Tue, 28 Feb 2017 12:48:38 +0000 (14:48 +0200)]
mysqlclient: Use actual parameter in puppet to set bind-address

It was using a hiera key, and fetching that from a hiera call in the
puppet manfiest. But we can remove that if we set it via hiera from
t-h-t.

Change-Id: I5af5ccb88e644f4dd25503d8e7a93796695d3039

7 years agoMerge "Write out a json file containing container startup info and create tool to...
Jenkins [Tue, 28 Feb 2017 10:58:16 +0000 (10:58 +0000)]
Merge "Write out a json file containing container startup info and create tool to use it."

7 years agoMerge "Deploy versionless keystone endpoints (for keystone only)"
Jenkins [Tue, 28 Feb 2017 10:39:58 +0000 (10:39 +0000)]
Merge "Deploy versionless keystone endpoints (for keystone only)"

7 years agoAdd zaqar service for composable upgrade
Carlos Camacho [Mon, 20 Feb 2017 09:45:13 +0000 (10:45 +0100)]
Add zaqar service for composable upgrade

Change-Id: I316e14317e0586e895dcb4e084aa54e7665f6a20