Juan Antonio Osorio Robles [Wed, 22 Jun 2016 05:59:16 +0000 (08:59 +0300)]
Add ironic inspector as a terminated HAProxy endpoint
This is needed for the undercloud, as it's in HAProxy where we make
the SSL terminations.
Change-Id: Ie4d652b4e5a95849c2fa32a5ce5ecec09ccb6bd9
Related-Bug: #
1595047
Jenkins [Wed, 22 Jun 2016 05:14:44 +0000 (05:14 +0000)]
Merge "Implement Libvirt profile"
Jenkins [Tue, 21 Jun 2016 21:09:52 +0000 (21:09 +0000)]
Merge "Add Neutron opencontrail plugin profiles"
Jenkins [Tue, 21 Jun 2016 16:46:20 +0000 (16:46 +0000)]
Merge "Add ceilometer profiles"
Emilien Macchi [Tue, 14 Jun 2016 21:20:55 +0000 (17:20 -0400)]
Implement Libvirt profile
Deploy bits when running nova-compute + libvirt.
Note: some work will be done in puppet-nova to decouple nova-compute
from libvirt in nova::compute::libvirt class.
Change-Id: I754bfa89ba78a70b4b866598fb1163f4e14807c9
Implements: blueprint refactor-puppet-manifests
Jenkins [Tue, 21 Jun 2016 13:19:15 +0000 (13:19 +0000)]
Merge "Add fact to get the fqdn for a host in the different networks"
Dan Prince [Thu, 9 Jun 2016 19:36:17 +0000 (15:36 -0400)]
Add Neutron opencontrail plugin profiles
Change-Id: Ie5ac07e6dd447216f17481ea4acf3bc204926bc8
Jenkins [Tue, 21 Jun 2016 08:43:30 +0000 (08:43 +0000)]
Merge "Add pacemaker nuage profile."
Pradeep Kilambi [Tue, 12 Apr 2016 14:49:43 +0000 (10:49 -0400)]
Add ceilometer profiles
Implements: blueprint refactor-puppet-manifests
Change-Id: I4b5e93a108e80e91af26ffee454130ee18c0042e
Jenkins [Mon, 20 Jun 2016 18:09:19 +0000 (18:09 +0000)]
Merge "Deploy nova::db classes in api profile"
Jenkins [Mon, 20 Jun 2016 18:04:45 +0000 (18:04 +0000)]
Merge "nova/api: include ::nova::network::neutron"
Juan Antonio Osorio Robles [Tue, 14 Jun 2016 07:20:40 +0000 (10:20 +0300)]
Add fact to get the fqdn for a host in the different networks
This will be useful for getting a certificate for a specific
hostname via certmonger.
bp tls-via-certmonger
Change-Id: I3d563061154533f4dc3a0ee48394afbfa954282a
Emilien Macchi [Sat, 18 Jun 2016 17:57:21 +0000 (13:57 -0400)]
keystone: fix a race condition in bootstrap
Before, we had bootstrap_master set to 'undef' by default that was
used to whether or not run keystone bootstrap exec during deployment.
Setting the value to undef was a mistake, because enable_bootstrap in
puppet-keystone is set to true by default, so bootstrap was running
on all controllers at step 4 for HA scenario, while we want it to run on
a single controller (pacemaker_master) at step 4, like we do for
db-sync.
This patch:
* removes bootstrap_master.
* re-use sync_db to whether or not run keystone bootstrap.
so it will only run on a single node when database is ready and
db-sync done (orchestration dones by anchors in puppet-keystone).
Change-Id: I1042862f7c346d1c358b908c33eae0f33afd5e9f
Steven Hardy [Tue, 24 May 2016 17:34:18 +0000 (18:34 +0100)]
Add puppet profile for snmp
Breaks out the snmp configuration from t-h-t to a composable profile
Change-Id: I7e6ab28a99b759594187e8571af6e22d836ae7bf
Partially-Implements: blueprint refactor-puppet-manifests
Emilien Macchi [Mon, 6 Jun 2016 16:26:23 +0000 (12:26 -0400)]
Deploy nova::db classes in api profile
Move nova::db classes from THT to puppet-tripleo in Nova API profile.
Implements: blueprint refactor-puppet-manifests
Change-Id: I4fc3cb822822adc1c58b2cfa2de8584a73fa6427
Emilien Macchi [Tue, 14 Jun 2016 15:31:51 +0000 (11:31 -0400)]
nova/api: include ::nova::network::neutron
It was included in THT before, but it's now in nova/api role.
It will also be added in nova/compute role later.
Change-Id: I6b5857d3d4740c0bf3f748719f30a05f1c62cb59
Jenkins [Wed, 15 Jun 2016 00:35:35 +0000 (00:35 +0000)]
Merge "add plumgrid neutron profile"
Sven Anderson [Wed, 8 Jun 2016 16:34:53 +0000 (18:34 +0200)]
Implement Nova Compute profile
Implements: blueprint refactor-puppet-manifests
Change-Id: I57f729daf675674ce37b49e17652c575715fbe23
Emilien Macchi [Mon, 6 Jun 2016 20:17:51 +0000 (16:17 -0400)]
Implement Nova vncproxy profile
Change-Id: I5bc2a77b5832706bd9167cf40e5a7e0f95d7b346
Implements: blueprint refactor-puppet-manifests
Emilien Macchi [Mon, 6 Jun 2016 19:37:08 +0000 (15:37 -0400)]
Implement Nova Consoleauth profile
Change-Id: I955b4fc07dc07d8adc32411848e3e131d77a5123
Implements: blueprint refactor-puppet-manifests
Emilien Macchi [Mon, 6 Jun 2016 18:50:12 +0000 (14:50 -0400)]
Implement Nova Scheduler profile
Change-Id: I5e1c90e3c6dc556f872ced73744c5c74caaa3635
Implements: blueprint refactor-puppet-manifests
Emilien Macchi [Mon, 6 Jun 2016 14:15:19 +0000 (10:15 -0400)]
Implement Nova API profile
Change-Id: I1dde63a5a7d1624494a7157a9679f88f4cb780e0
Implements: blueprint refactor-puppet-manifests
Pradeep Kilambi [Tue, 12 Apr 2016 15:53:18 +0000 (11:53 -0400)]
Add mongodb profiles
Implements: blueprint refactor-puppet-manifests
Co-Authored-By: Carlos Camacho <ccamacho@redhat.com>
Co-Authored-By: Juan Antonio Osorio Robles <jaosorior@redhat.com>
Change-Id: Idb1e78ebec7682fe68ca5902a22cfb6030498091
Dan Prince [Fri, 10 Jun 2016 18:14:57 +0000 (14:14 -0400)]
Pacemaker: only create DB on pacemaker master
This fixes a bug introduced in
72fb6727951af2cf5b16e686b3a36f5f3a7c71c7
where non-master nodes would try to create the database (and potentially
fail due to a race).
Change-Id: Ic0c7b05618b69caca0d4019b5153163f2405bbe5
Jenkins [Fri, 10 Jun 2016 14:32:32 +0000 (14:32 +0000)]
Merge "Import ::nova class from THT"
Jenkins [Fri, 10 Jun 2016 12:35:52 +0000 (12:35 +0000)]
Merge "Make neutron server/ml2 profiles match t-h-t"
Jenkins [Fri, 10 Jun 2016 07:13:43 +0000 (07:13 +0000)]
Merge "Enable bulk delete in swift for gnocchi"
Emilien Macchi [Mon, 6 Jun 2016 15:18:48 +0000 (11:18 -0400)]
Import ::nova class from THT
Import ::nova class with memcached parameter computed from Hiera, that
was previously in THT, now in nova-base role.
Use step 3 for ::nova since we need it for database resources.
Also make sure nova base profile is included for conductor role and any
nova pacemaker role.
Change-Id: I45244861082edae616f2b82334e7678cefa97bc7
Implements: blueprint refactor-puppet-manifests
Jenkins [Thu, 9 Jun 2016 22:09:42 +0000 (22:09 +0000)]
Merge "Include neutron in step 3"
Qasim Sarfraz [Tue, 17 May 2016 05:41:49 +0000 (10:41 +0500)]
add plumgrid neutron profile
Change-Id: I8536782d433f97a9b619e54a1eb1ea0edb8fdaf0
Implements: blueprint refactor-puppet-manifests
Dan Prince [Thu, 9 Jun 2016 13:20:40 +0000 (09:20 -0400)]
Add pacemaker nuage profile.
The pacemaker version of nuage has its DB sync at a different
step so we need a separate profile to ensure plugin.ini exists.
Change-Id: Ia4a297008b259a8e238bd1ad511e82f4e5ab6d63
Dan Prince [Mon, 6 Jun 2016 19:48:29 +0000 (15:48 -0400)]
Make neutron server/ml2 profiles match t-h-t
This patch brings the neutron profiles and the
associated steps in line with what already happens in
t-h-t. Specifically:
-we want to create the db $step >= 2 and $sync_db
-we want to make sure plugin.ini exists before the neutron dbsync
-we want to make sure the db sync runs before neutron::server starts
when using pacemaker
-split the neutron server profiles. They are quite different across
pacemaker and base.
Change-Id: I52815f45a04bf3e39940b9cb116261730580a3e2
Pradeep Kilambi [Wed, 8 Jun 2016 16:16:15 +0000 (12:16 -0400)]
Enable bulk delete in swift for gnocchi
Closes-bug: #
1590495
Change-Id: I912c09584d9b4cae530a247c91b6fd331943a8c5
Emilien Macchi [Mon, 6 Jun 2016 13:00:07 +0000 (09:00 -0400)]
Remove loadbalancer profile
We don't need loadbalancer profile anymore, we now have haproxy &
keepalived profiles that replace it.
Change-Id: I5bf57f88a85fa8180392e9dde7ab39f4eda63113
Juan Antonio Osorio Robles [Mon, 6 Jun 2016 07:05:31 +0000 (10:05 +0300)]
Include neutron in step 3
neutron::server requires the neutron's init.pp to be ran beforehand
because init.pp installs the 'neutron' package. Else the relationship
with neutron::policy will fail [1].So to address this, we move
neutron's init.pp to be ran on step 3 if db_sync is enabled.
[1] https://github.com/openstack/puppet-neutron/blob/master/manifests/server.pp#L498
Change-Id: I8eb497c2b483e11d1f640a7ba9fae5a9d5bcef4d
Jenkins [Mon, 6 Jun 2016 13:49:23 +0000 (13:49 +0000)]
Merge "Drop duplicate neutron pacemaker constraint"
Jenkins [Mon, 6 Jun 2016 13:34:57 +0000 (13:34 +0000)]
Merge "Deprecate loabalancer profiles"
Jenkins [Mon, 6 Jun 2016 12:26:31 +0000 (12:26 +0000)]
Merge "Implement Nova conductor profile"
Jenkins [Mon, 6 Jun 2016 12:25:35 +0000 (12:25 +0000)]
Merge "Implement Nova base profile"
Jenkins [Mon, 6 Jun 2016 12:23:08 +0000 (12:23 +0000)]
Merge "Adds the puppet-tripleo manifests for manila"
Dan Prince [Fri, 3 Jun 2016 18:56:40 +0000 (14:56 -0400)]
Drop duplicate neutron pacemaker constraint
Drop a duplicate keystone-to-neutron-server-constraint constraint
for the neutron server profile.
Change-Id: I928f9f9f3cf665ac80696f66e1d64ceb02129b8e
Emilien Macchi [Tue, 31 May 2016 20:22:25 +0000 (16:22 -0400)]
Deprecate loabalancer profiles
Deprecate loadbalancer profiles so we have a profile for HAproxy and
another for keepalived.
Once THT uses the new profiles, we'll remove loadbalancer profiles here.
Change-Id: I8aa9045fc80205485abab723968b26084f60bf71
Emilien Macchi [Wed, 1 Jun 2016 20:01:48 +0000 (16:01 -0400)]
Implement Nova conductor profile
Create nova-conductor profile, part of composable services.
Implements: blueprint refactor-puppet-manifests
Change-Id: Iaaf3a3c2528d9747e41f360a1fe55f95ed37b2d1
Emilien Macchi [Wed, 1 Jun 2016 19:35:05 +0000 (15:35 -0400)]
Implement Nova base profile
This patch implements the base for Nova profiles.
It's a first iteration to deploy Nova using composable roles.
Implements: blueprint refactor-puppet-manifests
Change-Id: I8253e4b61484047948e222e68408e417d2787fb7
Jenkins [Fri, 3 Jun 2016 19:48:00 +0000 (19:48 +0000)]
Merge "Composable roles within services - Redis"
Emilien Macchi [Tue, 31 May 2016 12:54:36 +0000 (08:54 -0400)]
Remove tripleo::loadbalancer
The split has been done on both undercloud & overcloud, they now use
tripleo::haproxy and tripleo::keepalived. We can move forward with
removing tripleo::loadbalancer and tripleo::loadbalancer::endpoint, not
used anymore.
Simplify tripleo::profile::base::loadbalancer to just include
tripleo::haproxy and rely on Hiera for parameters.
Change-Id: Ieeb1e94117ae9cb8b11320306de3a9b236bd989a
Emilien Macchi [Wed, 1 Jun 2016 14:40:43 +0000 (10:40 -0400)]
loadbalancer: remove controller_host
controller_host was deprecated and is not used anymore anywhere.
Let's drop it.
Also make controller_hosts really required, by not setting a default
paramter, so Puppet catalog will fail if no value is given.
Change-Id: Iad760115f925e848e4b72009db5177f88ceb4ad8
Jenkins [Thu, 2 Jun 2016 16:13:48 +0000 (16:13 +0000)]
Merge "Add Cinder API/Scheduler/Volume roles"
Pradeep Kilambi [Tue, 12 Apr 2016 16:01:19 +0000 (12:01 -0400)]
Composable roles within services - Redis
Implements: blueprint refactor-puppet-manifests
Co-Authored-By: Carlos Camacho <ccamacho@redhat.com>
Change-Id: I60493a3aa64e5136b763e8e2084d728f5f812f8a
Giulio Fidente [Thu, 28 Apr 2016 20:32:55 +0000 (15:32 -0500)]
Add Cinder API/Scheduler/Volume roles
Includes both the base and the pacemaker roles.
Change-Id: I3c6d5226eed5f0f852b0ad9476c7cd9a959fda69
Giulio Fidente [Wed, 1 Jun 2016 20:09:18 +0000 (22:09 +0200)]
Apply RabbitMQ rabbitmq_* static hiera in nonha with single controller
We were not consuming the rabbitmq_* static hiera settings when
deploying without pcmk and with a single controller.
Change-Id: I1506093e3d4365e2617521737c8f53edfb022133
Jenkins [Thu, 2 Jun 2016 12:18:41 +0000 (12:18 +0000)]
Merge "Add Sahara profiles"
marios [Fri, 6 May 2016 12:10:42 +0000 (15:10 +0300)]
Adds the puppet-tripleo manifests for manila
The tripleo-heat-templates side that uses this is at
https://review.openstack.org/#/c/188137/
Change-Id: I444916d60a67bf730bf4089323dba1c1429e2e71
Implements: blueprint refactor-puppet-manifests
Jenkins [Tue, 31 May 2016 12:26:15 +0000 (12:26 +0000)]
Merge "Update profiles for loadbalancer split"
Steven Hardy [Tue, 24 May 2016 16:27:18 +0000 (17:27 +0100)]
Add puppet profile for swift proxy
Breaks out the swift proxy configuration from t-h-t to a
composable profile
Change-Id: I6bd72284911f3f449157a6fc00b76682dd53bd8c
Partially-Implements: blueprint refactor-puppet-manifests
Emilien Macchi [Wed, 25 May 2016 20:24:51 +0000 (16:24 -0400)]
Update profiles for loadbalancer split
Update loadbalancer (nonha and ha) and midonet profiles to consume new
tripleo::haproxy class.
Keep it backward compatible with old interface until we update THT by
using stdlib function: pick. So we first try to get new parameters
otherwise we fallback to the old interface.
Change-Id: I46ed8348dc990d9aa0d896e1abea3b30a8292634
Emilien Macchi [Mon, 30 May 2016 15:56:14 +0000 (11:56 -0400)]
glance: known_stores -> stores
known_stores is deprecated in favor of stores.
This patch aims to update it.
Change-Id: Iaf83b847fbe9e8a78c6bf7f534c955eae357d95f
Jenkins [Mon, 30 May 2016 12:26:47 +0000 (12:26 +0000)]
Merge "Remove cinder resource for setting SSL middleware"
Juan Antonio Osorio Robles [Fri, 27 May 2016 11:01:54 +0000 (14:01 +0300)]
Remove cinder resource for setting SSL middleware
Now that cinder enables http_proxy_to_wsgi by default[1], we no
longer need to add it ourselves. So this is now safe to remove.
[1] If5aab9cc25a2e7c66a0bb13b5f7488a667b30309
Depends-On: I6141b6caf9b04ee73fae3ae2b94b3001b21b9999
Change-Id: I3581d11519b664863f47c5aeeec6efcc4182a5fc
Brad P. Crochet [Thu, 19 May 2016 01:25:56 +0000 (21:25 -0400)]
Add Sahara profiles
Add Sahara profiles for non-ha & ha scenarios.
Implements: blueprint refactor-puppet-manifests
Change-Id: I0c8bd68f9a98626e9d67ef713c72c9dd05b7cc12
Emilien Macchi [Wed, 25 May 2016 19:37:01 +0000 (15:37 -0400)]
Explode loadbalancer role in 2 sub-roles
Split loadbalancer role into 2 sub-roles:
- HAproxy
- Keepalived
Change-Id: I84dfa9d409d390c6f549d62cb3634931e4cb432c
Emilien Macchi [Wed, 25 May 2016 19:51:39 +0000 (15:51 -0400)]
loadbalancer: make sure controller_* are array-typed
Make sure controller_hosts_real and controller_hosts_names_real become
array-types anyway, so we don't need to add brackets in Hiera lookups
(example on both undercloud & overcloud where we do [hiera('controller_host')]).
Change-Id: I2fe899482acfd51919262bc7a6a1c9f450e173f4
Jenkins [Thu, 26 May 2016 14:11:18 +0000 (14:11 +0000)]
Merge "Add lookup_hiera_hash function"
Jenkins [Thu, 26 May 2016 07:39:02 +0000 (07:39 +0000)]
Merge "Add Heat profiles"
Giulio Fidente [Mon, 23 May 2016 19:09:21 +0000 (21:09 +0200)]
Add lookup_hiera_hash function
The lookup_hiera_hash function is meant to lookup for the value
of a given key from a given Hiera hash. In the manifests this is
possible by saving the value of the hash in a variable first but
when driving lookups from the Heat templates we can't do it.
Change-Id: Ie31bb70314db44a0a18e86090cc74aa4df5de169
Brad P. Crochet [Fri, 20 May 2016 12:16:03 +0000 (08:16 -0400)]
Change default CloudFormation ssl port to 13005
The current default of 13800 is a bit out of line with the other Heat
SSL ports. This makes it a more sane default of 13005.
Change-Id: Ic9aa71bfc80ca5fdb3b3c48dc55be7b98cf22ada
Jenkins [Fri, 20 May 2016 09:57:49 +0000 (09:57 +0000)]
Merge "Adds the base and pacemaker profile for the memcached service"
Jenkins [Thu, 19 May 2016 20:09:17 +0000 (20:09 +0000)]
Merge "Add loadbalancer profile for ha & non-ha"
Brad P. Crochet [Thu, 5 May 2016 11:52:47 +0000 (07:52 -0400)]
Add Heat profiles
Add Heat profiles for non-ha & ha scenarios.
Implements: blueprint refactor-puppet-manifests
Change-Id: I194cbb6aa307c2331597147545cf10299cab132f
marios [Thu, 5 May 2016 09:50:48 +0000 (12:50 +0300)]
Adds the base and pacemaker profile for the memcached service
Implements: blueprint refactor-puppet-manifests
This is the puppet-tripleo side for the memcached as a composable
service. The related tht review that uses this is at
I8802c2a0cf1e5fa1a6d1fab5e87f6014bea2f517
Change-Id: Icd504aef7dda144582c286c56c925a78566af72c
Emilien Macchi [Thu, 5 May 2016 15:41:21 +0000 (11:41 -0400)]
Add loadbalancer profile for ha & non-ha
The profile contains Puppet classes to deploy loadbalancer services
(HAproxy & Keepalived) for ha & non-ha scenarios.
A future iteration will split HAproxy & keepalived, but for now, we just
want to move out the code from THT to puppet-tripleo.
Change-Id: I9b106dcc1a4d446ab5dea8430ed295e6ec209cbd
Implements: blueprint refactor-puppet-manifests
Jenkins [Wed, 18 May 2016 15:29:00 +0000 (15:29 +0000)]
Merge "Composable role for RabbitMQ"
Jenkins [Wed, 18 May 2016 09:52:16 +0000 (09:52 +0000)]
Merge "Remove manage_service and enabled from TripleO manifests"
Emilien Macchi [Mon, 2 May 2016 20:42:21 +0000 (16:42 -0400)]
Composable role for RabbitMQ
Add RabbitMQ composable role, and keep the same logic that we had in
THT.
Implements: blueprint refactor-puppet-manifests
Change-Id: I961bdbe1cc6dd1d4a315de616439f9fc77d793ae
Emilien Macchi [Sat, 14 May 2016 09:22:02 +0000 (11:22 +0200)]
Remove Nova EC2 HAproxy endpoint
THT does not deploy Nova EC2 anymore, so we don't need the HAproxy
endpoint anymore.
Change-Id: Ia888fe7e14c736ef3678d9a7cf69a2deb9233342
Depends-On: Ief2d0e5c77b5ac58560606fee930fbd66c40ffc3
Alex Schultz [Fri, 13 May 2016 16:10:18 +0000 (10:10 -0600)]
Update keystone service name for signing keys
Since keystone is being run under apache, the signing keys should notify
apache and not the keystone service. The keystone service is actually
disabled, so if the keys get updated nothing happens.
Change-Id: Idfebeabf03d010956569c32b24437245e2b93c2a
Related-Bug: #
1581591
Jenkins [Wed, 11 May 2016 10:49:10 +0000 (10:49 +0000)]
Merge "Add the neutron-dnsmasq.conf to neutron profile"
Dan Prince [Wed, 11 May 2016 01:49:00 +0000 (21:49 -0400)]
Add the neutron-dnsmasq.conf to neutron profile
This was in the initial neutron profile patches but got removed
mid-way (see patch 16 comments here:
Ida781badbcd63bbcb481a2170638aefe262b717b). The file is in fact
required in order to get the ping test properly passing with TripleO.
Change-Id: Ibbfd79421f871e41f870745a593cca65e8c0e58a
Emilien Macchi [Tue, 10 May 2016 12:56:55 +0000 (08:56 -0400)]
keystone: drop usage of step 6
* Manage roles & endpoints at step 5
* Set correct orchestration for Pacemaker resources within a single
step.
Change-Id: I079e65f535af069312b602e8ff58be80ab2f2226
Jenkins [Tue, 10 May 2016 13:49:13 +0000 (13:49 +0000)]
Merge "Add tripleo::selinux"
Giulio Fidente [Fri, 6 May 2016 17:38:29 +0000 (19:38 +0200)]
Remove manage_service and enabled from TripleO manifests
These can be controlled via the specific Pacemaker role template.
Depends-On: I91a4267f0fc230f63df3333747d28463c7ae55fe
Change-Id: I8ef7bb94e048b998712b3534ceb51a7d10d016e9
Jenkins [Sat, 7 May 2016 23:17:33 +0000 (23:17 +0000)]
Merge "Add neutron profiles"
Jenkins [Fri, 6 May 2016 13:13:16 +0000 (13:13 +0000)]
Merge "add metadata.json file"
Jenkins [Fri, 6 May 2016 03:10:21 +0000 (03:10 +0000)]
Merge "Add dport/sport parameter to firewall rule"
Emilien Macchi [Thu, 5 May 2016 17:13:36 +0000 (13:13 -0400)]
add metadata.json file
This file will be useful to contain the release tag so we can
automatically generate tarballs in OpenStack Infra.
No requirements have been set, on purpose, because we won't use
puppetlabs forge to install the module.
Change-Id: Iada2ba5ff37760537cd15630333d2e80550fc031
James Slagle [Fri, 22 Apr 2016 13:30:38 +0000 (09:30 -0400)]
Add tripleo::selinux
Adds a class to configure SELinux. The code is taken from
puppet-openstack-cloud:
https://github.com/redhat-cip/puppet-openstack-cloud
This allows to share the same code for usage by both the Undercloud and
Overcloud.
Co-Authored By: Emilien Macchi <emilien@redhat.com>
Co-Authored By: Yanis Guenane <yguenane@redhat.com>
blueprint undercloud-elements
Change-Id: If214005df733d41c2fa4e197df247d8a14baaa14
James Slagle [Wed, 20 Apr 2016 14:11:36 +0000 (10:11 -0400)]
Add dport/sport parameter to firewall rule
The port parameter to puppetlabs-firewall is actually deprecated[1].
This adds support for using the new parameter names dport and sport. The
port parameter is still retained in puppet-tripleo for backwards
compatibily for anyone using that interface. It is marked deprecated in
the documentation, however no deprecation warning is needed because
there is already a warning from from puppetlabs-firewall.
blueprint undercloud-elements
Change-Id: I0598007f90018f80a3266193bb24dbf112de49b7
Michael Chapman [Wed, 16 Mar 2016 13:35:35 +0000 (00:35 +1100)]
Add neutron profiles
Implements: blueprint refactor-puppet-manifests
Add neutron profiles for both pacemaker and non-ha.
HA profiles are designed such that they include the base
profiles, disabling features as needed, while the base
profile can be used independently.
Co-Authored-By: Dan Prince <dprince@redhat.com>
Change-Id: Ida781badbcd63bbcb481a2170638aefe262b717b
Giulio Fidente [Wed, 4 May 2016 13:16:54 +0000 (15:16 +0200)]
Create dbs in step 3 for the roles
Before the roles we could make the create db operation depend on a
'galera-ready' resource [1]. We can't do it anymore from the role so
we need to do create in step 3, when we do sync as well.
1. https://github.com/openstack/tripleo-heat-templates/blob/master/puppet/manifests/overcloud_controller_pacemaker.pp#L382
Change-Id: Id065a9180f1f1a41ab225ec5f755498ec7d9a827
Giulio Fidente [Thu, 28 Apr 2016 21:59:14 +0000 (16:59 -0500)]
Noop start/stop/restart action for Glance and Keystone in the roles
Change-Id: I1d95746cb990292462106c191987147eba30ee61
Giulio Fidente [Fri, 22 Apr 2016 14:45:56 +0000 (16:45 +0200)]
Move databases creation and sync with the role
This change moves the database creation and sync with the role
profile, so that it's only executed when the role is enabled and
by the role itself.
It also calls the non-pacemaker profiles out of the 'step'
conditional because the non-pacemaker profiles know how to deal with
'step' already.
Change-Id: I6c752cb53090e7ef8e0319bade462f2453ed7660
Related-Bug:
1572952
Giulio Fidente [Fri, 22 Apr 2016 14:00:49 +0000 (16:00 +0200)]
Add aodh and gnocchi to schema profiles
Change-Id: Ifb0cc7769ef99e4c7142c8f955f0ca721d61e9b5
Jenkins [Fri, 22 Apr 2016 13:55:57 +0000 (13:55 +0000)]
Merge "Add steps to database profiles"
Jenkins [Thu, 21 Apr 2016 14:53:30 +0000 (14:53 +0000)]
Merge "Enable HAProxy forwardfor option for Horizon."
Jenkins [Thu, 21 Apr 2016 14:50:02 +0000 (14:50 +0000)]
Merge "Add destination parameter to firewall rule"
Jenkins [Wed, 20 Apr 2016 22:16:35 +0000 (22:16 +0000)]
Merge "Add Glance profiles"
James Slagle [Wed, 20 Apr 2016 13:03:03 +0000 (09:03 -0400)]
Add destination parameter to firewall rule
Specifying a destination cidr is already supported by
puppetlabs-firewall, we just need to pass through the parameter in
rule.pp in puppet-tripleo.
This will allow creating iptables rules that forward network traffic for
a given cidr via puppet-tripleo.
Change-Id: I23582a55cd97248be52f45e14de7e813ff499ff7
Michael Chapman [Tue, 19 Apr 2016 15:10:13 +0000 (01:10 +1000)]
Add steps to database profiles
Database schema profiles were missing step information, causing
schemas to be created too early.
Change-Id: Ic381804ce5f1aa257ece75d2e079f4b02f446344
Emilien Macchi [Tue, 1 Mar 2016 01:04:34 +0000 (20:04 -0500)]
IPv6 dual-stack support
TL;DR:
If keystone_public_api_vip and/or public_virtual_ip is an array of IPs,
HAproxy will be configured to listen on all IPs that are given in the
arrays.
It allows to specify an array for keystone_public_api_vip and/or
public_virtual_ip where one IP is v4 and another one is v6.
HAproxy will configured to listen on both and redirect the traffic to
the IPv6 network (Dual-Stack).
Implementation & background:
HAproxy requires binding options as an hash where each IP contains an
array of binding options.
TripleO does not support Puppet Parser [1] (yet) so we can't manipulate
data iterations inside the manifests.
This patch creates a custom function, called list_to_hash.
Example:
keystone_vips = ['192.168.0.1:5000', '192.168.0.2:5000']
$keystone_bind_opts = ['transparent']
Using this function:
$keystone_vips_hash = list_to_hash($keystone_vips,
$keystone_bind_opts)
Would return:
$keystone_vips_hash = {
'192.168.0.1:5000' => ['transparent'],
'192.168.0.2:5000' => ['transparent'],
}
This function will help us in loadbalancer.pp to construct binding
options in dynamic way.
It's backward compatible, so you don't have to give an array.
But if you do, multiple binding will be configured in HAproxy and you'll
also be able to deploy IPv6 Dual-Stack.
[1] https://docs.puppetlabs.com/puppet/latest/reference/lang_iteration.html
Change-Id: I003b6d7d171652654745861d4231882f9e0d373e
Jenkins [Mon, 18 Apr 2016 20:27:12 +0000 (20:27 +0000)]
Merge "Disable ip_nonlocal_bind (rely on the HAProxy 'transparent' option)"
Code Review / apex-puppet-tripleo.git / log