Tim Rozet [Tue, 20 Dec 2016 18:55:35 +0000 (13:55 -0500)]
Adds missing OpenDaylight username/password from ODL OVS service
ODL username and password are already present in the OpenDaylightApi
service. However, when moving the OpenDaylightApi service to its own
custom role, the Controller/Compute nodes no longer have access to these
hiera values. This patch adds them also to the OpenDaylightOvs service.
Closes-Bug:
1651499
Depends-On: I418643810ee6b8a2c17a4754c83453140ebe39c7
Change-Id: I169fdad4c94bd6dfc1fe7cde3d6b19b36d916af7
Signed-off-by: Tim Rozet <trozet@redhat.com>
Jenkins [Tue, 20 Dec 2016 14:57:47 +0000 (14:57 +0000)]
Merge "Expose param to enable legacy ceilometer api"
Jenkins [Tue, 20 Dec 2016 14:46:54 +0000 (14:46 +0000)]
Merge "Move UpgradeInitCommand to role templates"
Jenkins [Tue, 20 Dec 2016 14:45:57 +0000 (14:45 +0000)]
Merge "Run upgrade steps before post-deploy config"
Jenkins [Mon, 19 Dec 2016 23:32:48 +0000 (23:32 +0000)]
Merge "Remove unused attr from templates"
Jenkins [Mon, 19 Dec 2016 23:32:12 +0000 (23:32 +0000)]
Merge "Revert "Switch mistral to use authtoken configuration""
Ben Nemec [Mon, 19 Dec 2016 20:34:46 +0000 (20:34 +0000)]
Revert "Switch mistral to use authtoken configuration"
It turns out the puppet-mistral change this depends on broke
introspection, so we need to back it out for now.
This reverts commit
ed029e5bf279945e82bff8766af4093856a7ac6a.
Change-Id: I828478267935cdc68aa24de8c9dc2d12fcadb631
Jenkins [Mon, 19 Dec 2016 18:46:25 +0000 (18:46 +0000)]
Merge "Switch mistral to use authtoken configuration"
Jenkins [Mon, 19 Dec 2016 15:05:02 +0000 (15:05 +0000)]
Merge "Add a type for the ControlVirtualIP resource"
Jenkins [Mon, 19 Dec 2016 13:20:47 +0000 (13:20 +0000)]
Merge "Correction to SRIOV THT Examples"
Steven Hardy [Wed, 14 Dec 2016 14:09:36 +0000 (14:09 +0000)]
Move UpgradeInitCommand to role templates
We can't run this during the upgrade steps, because there are things
which need to happen before any role configuration happens, e.g
installing the new hiera heat-config hook, which must be done before
e.g "ControllerDeployment" runs or the stack update hangs.
Partially-Implements: blueprint overcloud-upgrades-per-service
Change-Id: I365b57513590662c3f78a33dc625747f457c48c5
Steven Hardy [Fri, 2 Dec 2016 13:58:24 +0000 (13:58 +0000)]
Run upgrade steps before post-deploy config
For some upgrade scenarios, e.g all-in-one deployments, it may
be possible to run the upgrade steps, then apply puppet in one
stack update, so reverse the order here. For normal deployments
the upgrade steps are mapped to OS::Heat::None so this will have
no effect.
Partially-Implements: blueprint overcloud-upgrades-per-service
Change-Id: I3c78751349a6ac2bc5dff82f67bffe13750ac21c
Jenkins [Mon, 19 Dec 2016 08:54:27 +0000 (08:54 +0000)]
Merge "Set rabbitmq's port and IP via the config file and not the env file"
Jenkins [Mon, 19 Dec 2016 07:45:05 +0000 (07:45 +0000)]
Merge "Introduce role-specific nova-server-metadata"
Jenkins [Mon, 19 Dec 2016 07:41:31 +0000 (07:41 +0000)]
Merge "Enable SECURE_PROXY_SSL_HEADER option for horizon"
Jenkins [Sat, 17 Dec 2016 22:47:00 +0000 (22:47 +0000)]
Merge "Use hostname -s instead of hostnamectl --transient"
Juan Antonio Osorio Robles [Wed, 14 Dec 2016 06:08:43 +0000 (08:08 +0200)]
Introduce role-specific nova-server-metadata
We could already pass metadata to the nova server instances (on
creation) via the ServerMetadata parameter, however, there was no
way of doing this per-role. This introduces that by adding a
{{role}}ServerMetadata parameter for each role. This parameter gets
merged with the ServerMetadata parameter and allows this
functionality.
Note that both default to {}, and so does the result of merging those
parameters with their default values. So nothing changes for the
default settings.
Change-Id: I334edcc51ce7ee82fc13b6cf4c0d74ccb7db099c
Dan Prince [Thu, 15 Dec 2016 15:23:12 +0000 (10:23 -0500)]
Add ZaqarApiNetwork to the service net map
Without this Zaqar API will fail to run due to a missing bind
IP address in the config file.
Change-Id: Icd0a6e85b7455e89f37f05399146d5e743359da8
Closes-bug: #
1650307
Jenkins [Thu, 15 Dec 2016 05:59:48 +0000 (05:59 +0000)]
Merge "Deployed server: switch to apply-config hook"
Dan Prince [Wed, 14 Dec 2016 20:48:07 +0000 (15:48 -0500)]
Use hostname -s instead of hostnamectl --transient
This patch updates the deployed-server interface to use a
simple hostname -s. The previous hostnamectl --transient
can pick up extra domain name configuration in some cases
that can cause very odd hostname generation if used
with the tripleo-heat-template host file generation.
This would actually break the new undercloud t-h-t installer
in that some of the /etc/hosts entries would be invalid
(no IP address) due to substring replacements failing in
a variety of odd hostname situations. Simplifying the
hostname of deployed servers to just the short version seems
the most sensable way to avoid all this.
Change-Id: Ia7e636d021f948ea5234475cef02f666d8ce6999
Juan Antonio Osorio Robles [Wed, 14 Dec 2016 12:01:32 +0000 (14:01 +0200)]
Set rabbitmq's port and IP via the config file and not the env file
The RabbitMQ's puppet manifest configures the node's IP and port through
environment variables. While this would usually be fine, it doesn't
allow us to use TLS-only, since it will always try to start a TCP
listener. So, by setting these values through the config file, when
setting ssl_only for rabbitmq, they will effectively be discarded and
thus allow us to use an SSL listener on the same port.
Change-Id: I33d051a8c740baf69b99517378e1f9b0f3cc1681
Juan Antonio Osorio Robles [Fri, 9 Dec 2016 07:28:05 +0000 (09:28 +0200)]
Enable SECURE_PROXY_SSL_HEADER option for horizon
This reads makes Django take the X-Forwarded-Proto header into account
when forming URLs.
Change-Id: Ice64de9a11d7819ae7f380279ff356342d9b6673
Depends-On: Ifed7d4c3409419c01c5b20c707221c1fc76ea09e
Jenkins [Tue, 13 Dec 2016 14:36:20 +0000 (14:36 +0000)]
Merge "Don't rely on lsb_release for hosts template write"
Jenkins [Tue, 13 Dec 2016 14:35:29 +0000 (14:35 +0000)]
Merge "docker: don't use custom run-os-net-config"
Jenkins [Mon, 12 Dec 2016 09:22:00 +0000 (09:22 +0000)]
Merge "Add FreeIPA enrollment template"
Dan Prince [Sun, 11 Dec 2016 19:44:35 +0000 (14:44 -0500)]
Add a type for the ControlVirtualIP resource
This patch adds a new type called:
OS::TripleO::Network::Ports::ControlPlaneVipPort
This defaults to a normal OS::Neutron::Port object but can
be mocked out for some implementations like when installing
the undercloud where neutron doesn't exist.
Change-Id: Iebf2428432a98a9d789b206ce973599adbc0af8f
Alex Schultz [Sat, 10 Dec 2016 22:58:20 +0000 (15:58 -0700)]
Switch mistral to use authtoken configuration
The upstream puppet module is adding the proper keystone authtoken
middleware support. This change updates THT to use the keystone
authtoken class rather than the deprecated settings. This also allows
for proper keystone v3 integration.
Change-Id: Iaf82716122a25e3e0785de1250d24edaaa5e4d04
Depends-On: I71969ef09018f9daa5f81c4f3bcbdb0b0974446c
Jenkins [Sat, 10 Dec 2016 00:19:36 +0000 (00:19 +0000)]
Merge "Add NIC config for compute role for DVR with multiple NICs"
Pradeep Kilambi [Fri, 9 Dec 2016 16:35:24 +0000 (11:35 -0500)]
Expose param to enable legacy ceilometer api
Change-Id: I75815a4bcbf421597abb86226238b74a9afffc0d
Depends-On: Iffb8c2cfed53d8b29e777c35cee44921194239e9
Juan Antonio Osorio Robles [Wed, 7 Dec 2016 10:12:25 +0000 (12:12 +0200)]
Add FreeIPA enrollment template
This is based on previous work [1] and it's what I've been using to
test the TLS-everywhere work.
This introduces a template that will run on every node to enroll
them to FreeIPA and acquire a ticket (authenticate) in order to be
able to request certificates.
Enrollment is done via the ipa-client-install command and it does
the following:
* Get FreeIPA's CA certificate and trust it.
* Authenticate to FreeIPA using an OTP and get a kerberos keytab.
* Set up several configurations that are needed for FreeIPA (sssd,
kerberos, certmonger)
The keytab is then used to authenticate and get an actual TGT
(Ticket-Granting-Ticket) from Kerberos
The previous implementation used a PreConfig hook, however, here it
was modified to use NodeTLSCAData. This has the advantage that it
runs on every node as opposed to the PreConfig hook where we had to
specify the role type so it's a usability improvement. And, on the
other hand, this does set up necessary things for the usage of
FreeIPA as a CA, such as getting the certificate and enrolling to the
CA.
[1] https://github.com/JAORMX/freeipa-tripleo-incubator
bp tls-via-certmonger
Change-Id: Iac94b3b047dca1bcabd464ea8eed6f1220c844f1
Steve Baker [Tue, 6 Dec 2016 23:06:44 +0000 (23:06 +0000)]
Don't rely on lsb_release for hosts template write
This is problematic for the containerised heat-agents, lsb_release has
to be bind-mounted in, and atomic host doesn't even have lsb_release
installed.
Instead just write to every /etc/cloud/templates/hosts.*.tmpl file.
Change-Id: If2aab7e9b1e03aa657baf1c33aa4392ef7044075
Steve Baker [Tue, 6 Dec 2016 03:27:04 +0000 (16:27 +1300)]
docker: don't use custom run-os-net-config
The script run-os-net-config[1] copies in ifcfg-* from the host before
running os-net-config. Apparently it was done this way because the
other scripts in /etc/sysconfig/network-scripts/ differed between host
and agent container. This should be less of an issue now that host and
heat-agents run centos-7 (even when the host is atomic)
tripleo-heat-templates recently changed to running os-net-config in a
deployment script instead of an os-refresh-config script [2]. This
means that our current run-os-net-config approach is currently
resulting in os-net-config being executed twice.
Another issue with run-os-net-config is that it copies ifcfg-* from
host to container, but not back again. This means that rebooting the
server will result in unconfigured interfaces until os-net-config is
somehow run again.
This change bind mounts /etc/sysconfig/network-scripts/ from the host
and uses the conventional approach to running os-refresh-config.
This may fix the issue where compute nodes are losing network
connectivity, so
Closes-Bug: #
1646897
[1] http://git.openstack.org/cgit/openstack/tripleo-common/tree/heat_docker_agent/run-os-net-config
[2] I0ed08332cfc49a579de2e83960f0d8047690b97a
Change-Id: I763fc8d8e3eb10ac64d33e46c92888d211003e72
Jenkins [Thu, 8 Dec 2016 16:25:08 +0000 (16:25 +0000)]
Merge "Enable haproxy internal TLS through enable-internal-tls.yaml"
Sanjay Upadhyay [Thu, 8 Dec 2016 09:24:10 +0000 (14:54 +0530)]
Correction to SRIOV THT Examples
example for
- NeutronSriovNumVFs
- NeutronPhysicalDevMappings
as given, causes parsing error.
Change-Id: I71fb42f10dac70afa02244cd6629b3439f418d63
Closes-Bug: #
1648351
Jenkins [Thu, 8 Dec 2016 02:59:31 +0000 (02:59 +0000)]
Merge "Make get-occ-config.sh support custom roles"
Jenkins [Wed, 7 Dec 2016 16:23:33 +0000 (16:23 +0000)]
Merge "neutron: don't set router_delete_namespaces"
Juan Antonio Osorio Robles [Wed, 7 Dec 2016 07:03:18 +0000 (09:03 +0200)]
Enable haproxy internal TLS through enable-internal-tls.yaml
For usability and to reduce the number of environments that need to be
given when enabling TLS in the internal network, it's convenient to add
the enabling of TLS in the internal front-ends for HAProxy, instead of
doing that in a separate environment file.
bp tls-via-certmonger
Change-Id: Icef0c70b4b166ce2108315d5cf0763d4e8585ae1
Pradeep Kilambi [Wed, 7 Dec 2016 00:42:39 +0000 (19:42 -0500)]
Remove unused attr from templates
Change-Id: I299f8f33b0bac40d331084df37f690dc2a279677
Ihar Hrachyshka [Tue, 6 Dec 2016 22:02:18 +0000 (22:02 +0000)]
neutron: don't set router_delete_namespaces
It's no longer available in Neutron (removed in Mitaka). See:
I2a879213c3b095a007a4531f430a33cea9fdf1bd
Change-Id: I044c648eb8c4933667b8ea2c9159a30e5ebb7df3
Chris Jones [Tue, 6 Dec 2016 13:31:42 +0000 (14:31 +0100)]
Fix SwiftStorage role.
We now fetch the name argument from the correctly named SwiftStorage
object.
Change-Id: I885505eadfc778ab57793c97af4d1c6739ec9614
Closes-Bug: #
1647716
Jenkins [Mon, 5 Dec 2016 14:28:37 +0000 (14:28 +0000)]
Merge "Support multiple meter dispatchers in ceilometer config"
Jenkins [Mon, 5 Dec 2016 14:28:29 +0000 (14:28 +0000)]
Merge "Move nodes' fqdns to a map to remove clutter"
Jenkins [Mon, 5 Dec 2016 14:14:48 +0000 (14:14 +0000)]
Merge "Use transient hostname for deployed servers"
Jenkins [Mon, 5 Dec 2016 14:12:37 +0000 (14:12 +0000)]
Merge "Fix bug when using multiple DeployArtifactURLs"
Jenkins [Fri, 2 Dec 2016 19:49:48 +0000 (19:49 +0000)]
Merge "No longer hard coding to a specifc network interface name."
Dan Sneddon [Fri, 2 Dec 2016 18:12:17 +0000 (10:12 -0800)]
Add NIC config for compute role for DVR with multiple NICs
This change adds a NIC config to the multiple-nics sample NIC
config templates for a compute node running DVR. In order for
DVR to work on the compute nodes, they must share an external
bridge with the controllers. All of the other sample NIC
configs already have an external bridge (defaults to 'br-ex'),
but the multiple-nics compute role does not, so now the
compute-dvr.yaml NIC template will demonstrate DVR with
multiple NICs.
Change-Id: I80fe2e5842a67984e1d4d8aa295c7607c4f340ad
Jenkins [Fri, 2 Dec 2016 18:07:32 +0000 (18:07 +0000)]
Merge "Revert "Use FQDN for rabbitmq's nodename env variable""
Jenkins [Fri, 2 Dec 2016 18:06:33 +0000 (18:06 +0000)]
Merge "Add zaqar to the controller's list of services in roles_data.yaml"
Christian Schwede [Thu, 1 Dec 2016 14:15:22 +0000 (15:15 +0100)]
Fix bug when using multiple DeployArtifactURLs
The script tries to download all artifact URLs with a single
request, instead of downloading each URL on its own if
multiple DeployArtifactURLs were given.
Change-Id: I6a8be699aff7023a67702bb1d3ddc2273984cd08
Ben Nemec [Fri, 2 Dec 2016 15:45:21 +0000 (15:45 +0000)]
Revert "Use FQDN for rabbitmq's nodename env variable"
This seems to have broken the updates job, causing it to fail
with following error:
Can't set long node name!\nPlease check your configuration\n
Related-Bug:
1646873
This reverts commit
3e9fcfd09320ace07bc1bd4cb57feb98cd057332.
Change-Id: I72ba891cd9cd8c4f1bc204144f46aaabbdfd3647
Jenkins [Fri, 2 Dec 2016 14:34:41 +0000 (14:34 +0000)]
Merge "scenario001: deploy Cinder with RBD backend"
Juan Antonio Osorio Robles [Fri, 2 Dec 2016 12:14:33 +0000 (14:14 +0200)]
Add zaqar to the controller's list of services in roles_data.yaml
Change-Id: Iecafa7878fec20c707e94bdaca55f1489f3e338a
Jenkins [Fri, 2 Dec 2016 12:09:12 +0000 (12:09 +0000)]
Merge "Add Zaqar to scenario002"
Jenkins [Fri, 2 Dec 2016 12:08:37 +0000 (12:08 +0000)]
Merge "Composable Zaqar services"
Juan Antonio Osorio Robles [Fri, 2 Dec 2016 08:33:16 +0000 (10:33 +0200)]
Move nodes' fqdns to a map to remove clutter
There were several instances where the short-names/FQDNs where being
gotten in the same way in the role's templates. So this introduces a
mapping to get these values in order to reduce clutter.
Change-Id: Ie7df360bb69d56655f3e0fcbbf4d297db39b7a26
Jenkins [Fri, 2 Dec 2016 09:41:28 +0000 (09:41 +0000)]
Merge "Use FQDN for rabbitmq's nodename env variable"
Jenkins [Fri, 2 Dec 2016 09:40:36 +0000 (09:40 +0000)]
Merge "Use network-based fqdn entry from hiera instead of the custom fact"
Jenkins [Fri, 2 Dec 2016 00:06:06 +0000 (00:06 +0000)]
Merge "scenario001: deploy Ceph"
Jenkins [Fri, 2 Dec 2016 00:05:20 +0000 (00:05 +0000)]
Merge "Implement scenario004 with Ceph Rados Gateway scenario"
Jenkins [Thu, 1 Dec 2016 23:10:07 +0000 (23:10 +0000)]
Merge "scenario003: configure Keystone tokens with Fernet provider"
James Slagle [Wed, 12 Oct 2016 20:06:00 +0000 (16:06 -0400)]
Make get-occ-config.sh support custom roles
Updates the get-occ-config.sh script used with the deployed-server
environment to support custom roles. Any custom role name, and a
corresponding set of hosts (ip addresses or hostnames) can now be passed
to the script and it will query for the proper nested stack uuid's and
configure os-collect-config appropriately on the respective nodes.
Change-Id: I8fc39e6d18cd70ff881e2a284234b26261018d67
Emilien Macchi [Thu, 1 Dec 2016 17:37:04 +0000 (12:37 -0500)]
scenario001: deploy Cinder with RBD backend
Improve scenario001 with Cinder + RBD coverage.
Also remove Barbican bits, we don't deploy Barbican in scenario001, but
002.
Change-Id: Ib9cadbefcb3ddcdb4812f47ff5496e74b2bd888d
Jenkins [Thu, 1 Dec 2016 19:59:51 +0000 (19:59 +0000)]
Merge "ceph-rgw: add missing user parameter"
Jenkins [Thu, 1 Dec 2016 19:56:23 +0000 (19:56 +0000)]
Merge "scenario001/pingtest: remove gnocchi_res_alarm"
Emilien Macchi [Thu, 1 Dec 2016 18:35:44 +0000 (13:35 -0500)]
scenario003: configure Keystone tokens with Fernet provider
Improve scenario003 to configure Keystone tokens with Fernet provider.
Scenario001 and scenario002 will still deploy uuid for now.
Change-Id: I8c671d0371b2c3590b58b9623bb0df0b0c625a5b
Emilien Macchi [Tue, 29 Nov 2016 22:47:36 +0000 (17:47 -0500)]
Implement scenario004 with Ceph Rados Gateway scenario
Like Puppet OpenStack CI, implement scenario004 with Ceph RGW scenario,
where Glance uses it as a image storage backend.
Change-Id: If055ca225c456a738c5726ef1e76a4a4f9c566a8
Emilien Macchi [Thu, 1 Dec 2016 15:00:18 +0000 (10:00 -0500)]
ceph-rgw: add missing user parameter
'user' is required or puppet-ceph will complain that the Keystone_user
has no title:
Evaluation Error: Missing title. The title expression resulted in undef
at /etc/puppet/modules/ceph/manifests/rgw/keystone/auth.pp
The value is set to Swift, as we use the same credentials as Swift
service.
Closes-Bug: #
1642524
Change-Id: Ib4a7c07086b0b3354c8e589612f330ecdffdc637
Jenkins [Thu, 1 Dec 2016 16:47:37 +0000 (16:47 +0000)]
Merge "Initial support for composable upgrades with Heat+Ansible"
Jenkins [Thu, 1 Dec 2016 16:47:31 +0000 (16:47 +0000)]
Merge "Introduce network-based FQDNs via hiera"
Jenkins [Thu, 1 Dec 2016 16:46:56 +0000 (16:46 +0000)]
Merge "Make pep8 task run template generation"
Jenkins [Thu, 1 Dec 2016 16:46:17 +0000 (16:46 +0000)]
Merge "Add local template generation tox task"
Emilien Macchi [Tue, 29 Nov 2016 22:56:59 +0000 (17:56 -0500)]
scenario001: deploy Ceph
Add Ceph to scenario001 and use it as a backend for Nova, Glance and
Gnocchi.
Change-Id: I29065d4b2ac39db40984873fda550d7adbe904fe
Emilien Macchi [Thu, 1 Dec 2016 14:49:04 +0000 (09:49 -0500)]
scenario001/pingtest: remove gnocchi_res_alarm
The resource is failing and it prevents us to add more coverage. Until
we figure what's wrong with it, let's disable it.
Change-Id: If89775bf67d686327d0d27222e0c9179be74a668
Jenkins [Thu, 1 Dec 2016 15:59:40 +0000 (15:59 +0000)]
Merge "Make scenario template paths relative"
Jenkins [Thu, 1 Dec 2016 14:43:26 +0000 (14:43 +0000)]
Merge "Configure /etc/hosts via os-collect-config script"
Jenkins [Thu, 1 Dec 2016 14:28:59 +0000 (14:28 +0000)]
Merge "Show team and repo badges on README"
Steven Hardy [Thu, 1 Dec 2016 10:00:57 +0000 (10:00 +0000)]
Initial support for composable upgrades with Heat+Ansible
This shows how we could wire in the upgrade steps using Ansible
as was previously proposed e.g in https://review.openstack.org/#/c/321416/
but it's more closely integrated with the new composable services
architecture.
It's also very similar to the approach taken by SpinalStack where
ansible snippets per-service were combined then run in a series of
steps using Ansible tags.
This patch just enables upgrade of keystone - we'll add support for
other patches in subsequent patches.
Partially-Implements: blueprint overcloud-upgrades-per-service
Change-Id: I39f5426cb9da0b40bec4a7a3a4a353f69319bdf9
Jenkins [Thu, 1 Dec 2016 13:01:14 +0000 (13:01 +0000)]
Merge "Hiera optimization: use a new hiera hook"
Jenkins [Thu, 1 Dec 2016 12:17:02 +0000 (12:17 +0000)]
Merge "Fix puppet/services/README.rst step description"
Juan Antonio Osorio Robles [Mon, 28 Nov 2016 08:15:32 +0000 (10:15 +0200)]
Use FQDN for rabbitmq's nodename env variable
Change-Id: Iee1afeced0b210a46b273aafc0d40e99d6ee6d4e
Juan Antonio Osorio Robles [Mon, 28 Nov 2016 11:07:12 +0000 (13:07 +0200)]
Use network-based fqdn entry from hiera instead of the custom fact
This changes how we get the network-based FQDNs for the specific
services, from using the custom fact, to the new hiera entries.
Change-Id: Iae668a5d89fb7bee091db4a761aa6c91d369b276
Juan Antonio Osorio Robles [Mon, 28 Nov 2016 10:58:25 +0000 (12:58 +0200)]
Introduce network-based FQDNs via hiera
Currently, one can get the network-based FQDNs via a custom puppet
fact. This is currently unreliable, as it's based on the ::hostname
fact which we assume it's set correctly by nova. However, this is not
necessarily the case (for instance, if you use pre-deployed services
such as we do with the multinode-jobs). In these cases, the
::hostname fact will return something other than what we specified in
nova, and effectively breaks the configurations in we relly too much
on the network-based FQDN facts.
By using hiera instead, we avoid this issue as we set those values to
be exactly what we expect (as we set them in the OS::TripleO::Server
resource.
Change-Id: I6ce31237098f57bdc0adfd3c42feef0073c224fb
Dan Prince [Tue, 11 Oct 2016 01:09:01 +0000 (21:09 -0400)]
Hiera optimization: use a new hiera hook
This patch optimizes how we deploy hiera by using a new
heat hook specifically designed to help compose hiera
within heat templates. As part of this change:
- we update all the 'hiera' software configurations to set the group to hiera
instead of os-apply-config.
- The new format uses JSON instead of YAML. The hook actually writes
out the hiera JSON directly so no conversion takes place. Arrays,
Strings, Booleans all stay in their native formats. As such we can avoid
having to do many of the awkward string and list conversions in t-h-t to
support the previous YAML formatting.
- The new hook prefers JSON over YAML so upgrading users will have the
new files prefered. (we will post a cleanup routine for the old files
soon but this isn't a new behavior, JSON is now simply prefered.)
- A lot of services required edits to account for default settings that
worked in YAML that no longer work correctly in the native JSON
format. In almost all these cases I think the resulting codes looks
cleaner and is more explicit with regards to what is getting
configured in hiera on the actual nodes.
Depends-On: I6a383b1ad4ec29458569763bd3f56fd3f2bd726b
Closes-bug: #
1596373
Change-Id: Ibe7e2044e200e2c947223286fdf4fd5bcf98c2e1
Dan Prince [Mon, 7 Nov 2016 12:59:03 +0000 (07:59 -0500)]
Make pep8 task run template generation
This patch updates the pep8 task (which is executed in CI) so
that it generates templates locally. This will give us extra
CI coverage to ensure our generated templates produce valid
YAML.
Change-Id: I2287802d44c0ebe404d3fce30f04efcc3c6ab27f
Steve Baker [Wed, 30 Nov 2016 20:20:02 +0000 (20:20 +0000)]
Use transient hostname for deployed servers
The name output returned by this template is expected to be the short
name rather than a FQDN. Generally 'hostnamectl --static' returns a
FQDN and --transient will be the short name.
This change switches to using --transient and also simplifies the
script by dropping the unused outputs.
Change-Id: I19eaf9f66668f7e68765bad4018c0c60314f3f8f
Dan Prince [Thu, 10 Nov 2016 12:35:36 +0000 (07:35 -0500)]
Deployed server: switch to apply-config hook
This patch switches the deployed-server.yaml template to use
apply-config instead of os-apply-config. The 'apply-config' hook
is now installed via a package (no longer requires elements for
installation) and supports more signalling options.
This is required to support the undercloud installer which doesn't work
with os-collect-config heat metadata.
Change-Id: I7963fe4f38e8f04c9871fe651d39efec1aa17c41
Dan Prince [Mon, 7 Nov 2016 12:45:15 +0000 (07:45 -0500)]
Add local template generation tox task
This patch adds a local version of our template processing
routine so that developers can more quickly view the templates
that are actually getting generated. I've noticed multiple developers
now do a full deployment with 'overcloud deploy' only to download
the swift container with the generated templates. This simple task
avoids that step by allowing developers to generate it locally.
It also aims to preserve the ability to use t-h-t templates directly
with Heat (instead of going through Mistral) should users wish to do that.
The new undercloud heat installer requires the ability to generate
templates without requiring Mistral and Swift to do so.
Ideally the Mistral API workflow would use this same code
so perhaps in the future we might modify that routine to:
-download swift tarball containing the templates
-run this local routine that lives in t-h-t
-re-upload the tarball of templates to the swift container
Change-Id: Ie664c9c5f455b7320a58a26f35bc403355408d9b
Dan Prince [Mon, 21 Nov 2016 13:43:01 +0000 (08:43 -0500)]
Configure /etc/hosts via os-collect-config script
This patch moves the t-i-e element code for hosts configuration
into a t-h-t shell script that gets driven by a os-collect-config
script hook.
This helps accomplish several goals:
- moves us away from t-i-e
- gives us better signal handling in the error case (where the
previous element relied on 99-refresh-completed
- Allows the t-h-t undercloud installer to more easily consume this
since it doesn't rely on the old os-apply-config metadata (which
that installer doesn't support).
Change-Id: I73c3d4818ef531a3559fab272521f44519e2f486
Jenkins [Wed, 30 Nov 2016 19:15:02 +0000 (19:15 +0000)]
Merge "Add Neutron network type and VLAN ranges to network-environment.yaml"
Pradeep Kilambi [Wed, 30 Nov 2016 17:54:50 +0000 (12:54 -0500)]
Support multiple meter dispatchers in ceilometer config
Currently we only support one dispatcher at a time. But ceilometer
config supports dispatching data to multiple destinations at the
same time. Update the param to support this.
Change-Id: Ie7d854928513239a5903862623df12af1d02b642
Brad P. Crochet [Wed, 30 Nov 2016 12:06:33 +0000 (07:06 -0500)]
Add Zaqar to scenario002
Install Zaqar into the overcloud and create a queue with
OS::Zaqar::Queue in order to test the Zaqar composable service.
Change-Id: I9027d17fa3d75e6c3e23d6636642abadac8730ac
Depends-On: Ia5ca4fe317339dd05b0fa3d5abebca6ca5066bce
Jenkins [Wed, 30 Nov 2016 16:16:28 +0000 (16:16 +0000)]
Merge "Add Mistral to scenario003"
Jenkins [Wed, 30 Nov 2016 16:11:52 +0000 (16:11 +0000)]
Merge "get-occ-config.sh replace deprecated heat commands"
Jenkins [Wed, 30 Nov 2016 16:00:39 +0000 (16:00 +0000)]
Merge "Test encrypted volumes in scenario002"
Jenkins [Wed, 30 Nov 2016 15:58:54 +0000 (15:58 +0000)]
Merge "Apply os-net-config with a script instead of element"
Brad P. Crochet [Wed, 30 Nov 2016 15:42:51 +0000 (10:42 -0500)]
Make scenario template paths relative
To make local testing of scenario patches easier, this changes the paths
to the templates under test to be relative to the scenarios.
Change-Id: I12a45ee917c214a071f5de1e28f632dbf7d1fe9d
Brad P. Crochet [Wed, 30 Nov 2016 12:24:00 +0000 (07:24 -0500)]
Add Mistral to scenario003
Install Mistral into the test overcloud and create a workflow to
verify the Mistral installation. This does not currently actually
execute the workflow. It merely tests that it can be created.
Change-Id: Ia03a605bcfd92498bf299d3042dca7c9932f5b63
Depends-On: Id5ff9cb498b5a47af38413d211ff0ed6ccd0015b
Jenkins [Wed, 30 Nov 2016 11:26:12 +0000 (11:26 +0000)]
Merge "Disable all repos during rhel registration"
Emilien Macchi [Tue, 29 Nov 2016 22:28:07 +0000 (17:28 -0500)]
Fix grammar
Fix English grammar error I did in a previous commit.
Change-Id: I06209ab782240f05844793e56270135d48792f3d
Jenkins [Tue, 29 Nov 2016 17:22:25 +0000 (17:22 +0000)]
Merge "Revert "Set NeutronL3HA to false when deploying DVR""
Code Review / apex-tripleo-heat-templates.git / log