apex-tripleo-heat-templates.git
7 years agoMerge "Modify PreNetworkConfig config inline with role-specific parameters"
Jenkins [Thu, 15 Jun 2017 13:05:27 +0000 (13:05 +0000)]
Merge "Modify PreNetworkConfig config inline with role-specific parameters"

7 years agoMerge "Fix race conditions between containers"
Jenkins [Thu, 15 Jun 2017 00:30:13 +0000 (00:30 +0000)]
Merge "Fix race conditions between containers"

7 years agoMerge "Containerize Manila Scheduler service"
Jenkins [Thu, 15 Jun 2017 00:15:32 +0000 (00:15 +0000)]
Merge "Containerize Manila Scheduler service"

7 years agoMerge "Update Panko api port"
Jenkins [Wed, 14 Jun 2017 21:55:59 +0000 (21:55 +0000)]
Merge "Update Panko api port"

7 years agoMerge "Role Specific parameters for neutron-sriov-agent service"
Jenkins [Wed, 14 Jun 2017 21:16:01 +0000 (21:16 +0000)]
Merge "Role Specific parameters for neutron-sriov-agent service"

7 years agoMerge "Sample environment generator"
Jenkins [Wed, 14 Jun 2017 21:15:53 +0000 (21:15 +0000)]
Merge "Sample environment generator"

7 years agoMerge "Add Nova Consoleauth service to containerized deployment"
Jenkins [Wed, 14 Jun 2017 17:34:47 +0000 (17:34 +0000)]
Merge "Add Nova Consoleauth service to containerized deployment"

7 years agoMerge "Add Nova Vncproxy service to containerized deployment"
Jenkins [Wed, 14 Jun 2017 16:45:32 +0000 (16:45 +0000)]
Merge "Add Nova Vncproxy service to containerized deployment"

7 years agoMerge "Enable heat/puppet to manage the fernet keys and make it configurable"
Jenkins [Wed, 14 Jun 2017 16:26:57 +0000 (16:26 +0000)]
Merge "Enable heat/puppet to manage the fernet keys and make it configurable"

7 years agoMerge "Use KeystoneFernetKeys instead of individual parameters"
Jenkins [Wed, 14 Jun 2017 16:24:11 +0000 (16:24 +0000)]
Merge "Use KeystoneFernetKeys instead of individual parameters"

7 years agoUpdate Panko api port
Pradeep Kilambi [Thu, 8 Jun 2017 12:18:27 +0000 (08:18 -0400)]
Update Panko api port

The current port conflicts with trove. This is updated in puppet
module. See related change: https://review.openstack.org/#/c/471551/

Change-Id: Iefacb98320eef0bca782055e3da5d243993828d7

7 years agoMerge "Fix network names when using network isolation"
Jenkins [Wed, 14 Jun 2017 15:07:26 +0000 (15:07 +0000)]
Merge "Fix network names when using network isolation"

7 years agoMerge "Dell SC: Add exclude_domain_ip option"
Jenkins [Wed, 14 Jun 2017 15:06:30 +0000 (15:06 +0000)]
Merge "Dell SC: Add exclude_domain_ip option"

7 years agoMerge "Docker service for Cinder Volume"
Jenkins [Wed, 14 Jun 2017 15:06:08 +0000 (15:06 +0000)]
Merge "Docker service for Cinder Volume"

7 years agoFix race conditions between containers
Jiri Stransky [Wed, 14 Jun 2017 13:24:46 +0000 (15:24 +0200)]
Fix race conditions between containers

In many occasions we had log directory initialization containers
without `detach: false`, which didn't guarantee that they'll finish
before the container depending on them will start using the log
directory.

This is now fixed by moving the initialization container one global
step earlier, so that we can keep the concurrency when creating the
log dirs. (Using `detach: false` makes paunch handle just one
container at a time, and as such it can have negative performance
impact.)

For services which have their container(s) starting in step_1,
initialization cannot be moved to an earlier step, so the solution
here was to just add `detach: false`.

As a minor related change, cinder DB sync container now mounts the log
directory from host to put cinder-manage.log into the expected
location.

Change-Id: I1340de4f68dd32c2412d9385cf3a8ca202b48556

7 years agoMerge "Docker services for Cinder Backup"
Jenkins [Wed, 14 Jun 2017 13:49:46 +0000 (13:49 +0000)]
Merge "Docker services for Cinder Backup"

7 years agoMerge "Add fqdn_external"
Jenkins [Wed, 14 Jun 2017 10:47:52 +0000 (10:47 +0000)]
Merge "Add fqdn_external"

7 years agoMerge "Generate HAproxy iptables rules for containerized HA deployments"
Jenkins [Wed, 14 Jun 2017 10:27:47 +0000 (10:27 +0000)]
Merge "Generate HAproxy iptables rules for containerized HA deployments"

7 years agoMerge "Replace NO_ARCHIVE block with single call to rsync"
Jenkins [Wed, 14 Jun 2017 10:18:45 +0000 (10:18 +0000)]
Merge "Replace NO_ARCHIVE block with single call to rsync"

7 years agoMerge "Docker services for Cinder Api and Scheduler"
Jenkins [Wed, 14 Jun 2017 10:18:37 +0000 (10:18 +0000)]
Merge "Docker services for Cinder Api and Scheduler"

7 years agoFix network names when using network isolation
Michele Baldessari [Wed, 14 Jun 2017 08:07:48 +0000 (10:07 +0200)]
Fix network names when using network isolation

When we merged If3989f24f077738845d2edbee405bd9198e7b7db we correctly
used name_lower for most things but we left out the the
OS::TripleO::Network resource which would cause errors like the
following:

Could not fetch contents for file:///tmp/tripleoclient-LdqQGJ/tripleo-heat-templates/network/internalapi.yaml

The reason is that the network filename is called internal_api.yaml.

Change-Id: I40f268668ed948e5d41ed0ff5a8fc954cef7b17c
Closes-Bug: #1697883

7 years agoEnable heat/puppet to manage the fernet keys and make it configurable
Juan Antonio Osorio Robles [Mon, 12 Jun 2017 12:24:32 +0000 (15:24 +0300)]
Enable heat/puppet to manage the fernet keys and make it configurable

With the addition of the KeystoneFernetKeys parameter, it's now possible
to do fernet key rotations using mistral, by modifying the
KeystoneFernetKeys variable in mistral; subsequently a rotation could
happen when doing a stack update.

So this re-enables the managing of the key files by puppet. However,
this is left configurable, as folks might want to manage those files
out-of-band.

bp keystone-fernet-rotation
Change-Id: Ic82fb8b8a76481a6e588047acf33a036cf444d7d

7 years agoUse KeystoneFernetKeys instead of individual parameters
Juan Antonio Osorio Robles [Mon, 12 Jun 2017 12:17:28 +0000 (15:17 +0300)]
Use KeystoneFernetKeys instead of individual parameters

This uses the newly introduced dict with the keys and paths instead of
the individual keys. Having the advantage that rotation will be
possible on stack update, as we no longer have a limit on how many keys
we can pass (as we did with the individual parameters).

bp keystone-fernet-rotation
Change-Id: I7d224595b731d9f3390fce5a9d002282b2b4b8f2
Depends-On: I63ae158fa8cb33ac857dcf9434e9fbef07ecb68d

7 years agoMerge "Add support for Cinder "NAS secure" driver params"
Jenkins [Wed, 14 Jun 2017 03:37:30 +0000 (03:37 +0000)]
Merge "Add support for Cinder "NAS secure" driver params"

7 years agoReplace NO_ARCHIVE block with single call to rsync
Steve Baker [Thu, 18 May 2017 04:03:29 +0000 (04:03 +0000)]
Replace NO_ARCHIVE block with single call to rsync

Also attempts to move the workaround for bug #1696283 to before the
puppet apply call.

Closes-Bug: #1696622
Change-Id: I3a195466a5039e7641e843c11e5436440bfc5a01

7 years agoMerge "Execute Swift ring up-/download in containerized environments"
Jenkins [Wed, 14 Jun 2017 01:04:01 +0000 (01:04 +0000)]
Merge "Execute Swift ring up-/download in containerized environments"

7 years agoMerge "Containerize Sahara"
Jenkins [Wed, 14 Jun 2017 01:00:28 +0000 (01:00 +0000)]
Merge "Containerize Sahara"

7 years agoMerge "Containerized Sensu client"
Jenkins [Wed, 14 Jun 2017 01:00:16 +0000 (01:00 +0000)]
Merge "Containerized Sensu client"

7 years agoMerge "Containerize multipathd"
Jenkins [Wed, 14 Jun 2017 01:00:09 +0000 (01:00 +0000)]
Merge "Containerize multipathd"

7 years agoMerge "Move iscsid to a container"
Jenkins [Wed, 14 Jun 2017 01:00:01 +0000 (01:00 +0000)]
Merge "Move iscsid to a container"

7 years agoMerge "Change HorizonSecureCookies default to False"
Jenkins [Tue, 13 Jun 2017 21:32:04 +0000 (21:32 +0000)]
Merge "Change HorizonSecureCookies default to False"

7 years agoMerge "Add support to configure Num of Storage sacks"
Jenkins [Tue, 13 Jun 2017 18:10:18 +0000 (18:10 +0000)]
Merge "Add support to configure Num of Storage sacks"

7 years agoMerge "Fix IronicInspectorAdmin to be https"
Jenkins [Tue, 13 Jun 2017 18:10:11 +0000 (18:10 +0000)]
Merge "Fix IronicInspectorAdmin to be https"

7 years agoMerge "Make network-isolation environment rendered for all roles"
Jenkins [Tue, 13 Jun 2017 18:09:55 +0000 (18:09 +0000)]
Merge "Make network-isolation environment rendered for all roles"

7 years agoMerge "Fix bug in docker-toool where values are sometimes empty."
Jenkins [Tue, 13 Jun 2017 18:09:31 +0000 (18:09 +0000)]
Merge "Fix bug in docker-toool where values are sometimes empty."

7 years agoMerge "Configure credentials for ironic to access cinder"
Jenkins [Tue, 13 Jun 2017 18:09:15 +0000 (18:09 +0000)]
Merge "Configure credentials for ironic to access cinder"

7 years agoAdd fqdn_external
Alex Schultz [Tue, 13 Jun 2017 15:39:11 +0000 (09:39 -0600)]
Add fqdn_external

In newton, we used to construct the fqdn_$NETWORK in puppet-tripleo for
external, internal_api, storage, storage_mgmt, tenant, management, and
ctrlplane. When this was moved into THT, we accidently dropped external
which leads to deployment failures if a service is moved to the external
network and the configuration consumes the fqdn_external hiera key.
Specifically this is reproduced if the MysqlNetwork is switch to to
exernal, then the deployment fails because the bind address which is set
to use fqdn_external is blank.

Change-Id: I01ad0c14cb3dc38aad7528345c928b86628433c1
Closes-Bug: #1697722

7 years agoAdd Nova Vncproxy service to containerized deployment
Sven Anderson [Wed, 31 May 2017 16:32:16 +0000 (18:32 +0200)]
Add Nova Vncproxy service to containerized deployment

Depends-On: I037858a445742de58bd2f8d879f2b1272b07f481
Change-Id: Ifd138ea553a45a637a1a9fe3d0e946f8be51e119

7 years agoAdd Nova Consoleauth service to containerized deployment
Sven Anderson [Wed, 31 May 2017 15:27:26 +0000 (17:27 +0200)]
Add Nova Consoleauth service to containerized deployment

Depends-On: I037858a445742de58bd2f8d879f2b1272b07f481
Change-Id: I808a5513decab1bd2cce949d05fd1acb17612a42

7 years agoMerge "Unblock CI by reverting to non-containerized HAProxy"
Jenkins [Tue, 13 Jun 2017 13:22:01 +0000 (13:22 +0000)]
Merge "Unblock CI by reverting to non-containerized HAProxy"

7 years agoMerge "Remove deprecated multinode-container-upgrade.yaml"
Jenkins [Tue, 13 Jun 2017 11:14:06 +0000 (11:14 +0000)]
Merge "Remove deprecated multinode-container-upgrade.yaml"

7 years agoMake network-isolation environment rendered for all roles
Steven Hardy [Thu, 8 Dec 2016 17:15:46 +0000 (17:15 +0000)]
Make network-isolation environment rendered for all roles

Currently there's some hard-coded references to roles here, rendering
from the roles_data.yaml is a step towards making the use of isolated
networks for custom roles easier.

Partial-Bug: #1633090
Depends-On: Ib681729cc2728ca4b0486c14166b6b702edfcaab
Change-Id: If3989f24f077738845d2edbee405bd9198e7b7db

7 years agoUnblock CI by reverting to non-containerized HAProxy
Jiri Stransky [Tue, 13 Jun 2017 09:01:29 +0000 (11:01 +0200)]
Unblock CI by reverting to non-containerized HAProxy

In change I90253412a5e2cd8e56e74cce3548064c06d022b1 we merged
containerized HAProxy setup, but because of a typo in resource
registry, CI kept using the non-containerized variant and it went
unnoticed that the containerized HAProxy doesn't work yet.

We merged a resource registry fix in
Ibcbacff16c3561b75e29b48270d60b60c1eb1083 and it brought down the CI,
which now used the non-working HAProxy.

After putting in the missing haproxy container image to tripleo-common
in I41c1064bbf5f26c8819de6d241dd0903add1bbaa we got further, but the
CI still fails on HAProxy related problem, so we should revert back to
using non-containerized HAProxy for the time being.

Change-Id: If73bf28288de10812f430619115814494618860f
Closes-Bug: #1697645

7 years agoModify PreNetworkConfig config inline with role-specific parameters
Saravanan KR [Fri, 17 Mar 2017 16:15:54 +0000 (21:45 +0530)]
Modify PreNetworkConfig config inline with role-specific parameters

Existing host_config_and_reboot.role.j2.yaml is done in ocata to
configure kernel args. This can be enhanced with use of role-specific
parameters, which is done in the current patch. The earlier method is
deprecated and will be removed in Q releae.
Implements: blueprint ovs-2-6-dpdk

Change-Id: Ib864f065527167a49a0f60812d7ad4ad12c836d1

7 years agoAdd support to configure Num of Storage sacks
Pradeep Kilambi [Fri, 9 Jun 2017 12:52:06 +0000 (08:52 -0400)]
Add support to configure Num of Storage sacks

Gnocchi 4 supports storage sacks during upgrade. lets make this
configurable if we want to use more metricd workers.

Change-Id: Ibb2ee885e59d43c1ae20887ec1026786d58c6b9e

7 years agoMerge "Fix typo in haproxy docker mapping"
Jenkins [Mon, 12 Jun 2017 22:28:25 +0000 (22:28 +0000)]
Merge "Fix typo in haproxy docker mapping"

7 years agoMerge "Moving *postconfig where it was *postpuppet"
Jenkins [Mon, 12 Jun 2017 22:21:44 +0000 (22:21 +0000)]
Merge "Moving *postconfig where it was *postpuppet"

7 years agoFix IronicInspectorAdmin to be https
Alex Schultz [Fri, 19 May 2017 22:54:28 +0000 (16:54 -0600)]
Fix IronicInspectorAdmin to be https

As noted in the original patch review
I5e743f789ab7dd731bc7ad26226a92a4e71f95a1 the IronicInspectorAdmin
should be https.

Change-Id: I6e37427da679775f02ff0c5fe55cfee51c122e3d

7 years agoSample environment generator
Ben Nemec [Tue, 31 May 2016 16:36:23 +0000 (11:36 -0500)]
Sample environment generator

This is a tool to automate the generation of our sample environment
files.  It takes a yaml file as input, and based on the environments
defined in that file generates a number of sample environment files
from the parameters in the Heat templates.  A tox genconfig target
is added that mirrors how the other OpenStack services generate
their sample config files.

A description of the available options for the input file is
provided in a README file in the sample-env-generator directory.

In this commit only a single sample config is provided as a basic
example of how the tool works, but subsequent commits will add
more generated sample configs.

Change-Id: I855f33a61bba5337d844555a7c41b633b3327f7a
bp: environment-generator

7 years agoMerge "Providing parameters specific to a workflow via plan-environment"
Jenkins [Mon, 12 Jun 2017 19:26:41 +0000 (19:26 +0000)]
Merge "Providing parameters specific to a workflow via plan-environment"

7 years agoMerge "Remove pip install paunch"
Jenkins [Mon, 12 Jun 2017 18:07:24 +0000 (18:07 +0000)]
Merge "Remove pip install paunch"

7 years agoMerge "Fix containerized SwiftRawDisks usage"
Jenkins [Mon, 12 Jun 2017 18:06:31 +0000 (18:06 +0000)]
Merge "Fix containerized SwiftRawDisks usage"

7 years agoMerge "Containerize Manila API service"
Jenkins [Mon, 12 Jun 2017 17:40:15 +0000 (17:40 +0000)]
Merge "Containerize Manila API service"

7 years agoMoving *postconfig where it was *postpuppet
Carlos Camacho [Thu, 8 Jun 2017 21:18:44 +0000 (23:18 +0200)]
Moving *postconfig where it was *postpuppet

We need to ensure that the pacemaker cluster restarts
in the end of the deployment.

Due to the resources renaming we added the
postconfig resource not in the end of the
deployment as it was *postpuppet.

Closes-bug: 1695904

Change-Id: Ic6978fcff591635223b354831cd6cbe0802316cf

7 years agoContainerize Manila Scheduler service
Victoria Martinez de la Cruz [Tue, 11 Apr 2017 16:43:55 +0000 (16:43 +0000)]
Containerize Manila Scheduler service

Change-Id: Ifa8d023acdc42c9ae9a4b2f7652177e6ccb9f649
Depends-On: If44e958a9aa989e44c8c39e50715e92a4257bf1a
Co-Authored-By: Martin André <m.andre@redhat.com>
Co-Authored-By: Dan Prince <dprince@redhat.com>
Partial-Bug: #1668922

7 years agoAdd support for Cinder "NAS secure" driver params
Alan Bishop [Thu, 4 May 2017 16:31:56 +0000 (12:31 -0400)]
Add support for Cinder "NAS secure" driver params

Add new parameters that control the NAS security settings in Cinder's
NFS and NetApp back end drivers. The settings are disabled by default.

Partial-Bug: #1688332
Depends-On: I76e2ce10acf7b671be6a2785829ebb3012b79308
Change-Id: I306a8378dc1685132f7ea3ed91d345eaae70046f

7 years agoRemove deprecated multinode-container-upgrade.yaml
Jiri Stransky [Tue, 30 May 2017 12:22:57 +0000 (14:22 +0200)]
Remove deprecated multinode-container-upgrade.yaml

This has been renamed to multinode-containers.yaml to reflect that the
scenario isn't upgrade-specific.

Change-Id: I151792700475643a4088d98eb5e1bd7248e260cd
Depends-On: Ib04e2ccb330d73df464ad97a20908f20426a4249

7 years agoContainerize Sahara
Dan Prince [Thu, 4 May 2017 17:17:35 +0000 (13:17 -0400)]
Containerize Sahara

Depends-On: I9abe867dfbdc81d14a1b3b3f1529240b5e522be5

Co-Authored-By: Martin André <m.andre@redhat.com>
Co-Authored-By: Ian Main <imain@redhat.com>
Co-Authored-By: Luigi Toscano <ltoscano@redhat.com>
Co-Authored-By: Telles Nobrega <tenobreg@redhat.com>
Change-Id: Id8e3b7e86fa05e0e71cc33414ceae78bab4e29b2
Closes-bug: #1668927

7 years agoDocker service for Cinder Volume
Dan Prince [Mon, 22 May 2017 01:56:48 +0000 (21:56 -0400)]
Docker service for Cinder Volume

Adds docker service for Cinder Volume

Co-Authored-By: Jon Bernard <jobernar@redhat.com>
Depends-On: Ic1585bae27c318bd6bafc287e905f2ed250cce0f

Partial-bug: #1668920

Change-Id: Ifadb007897f3455b90de6800751a0d08991ebca2

7 years agoDocker services for Cinder Backup
Dan Prince [Tue, 18 Apr 2017 19:49:01 +0000 (15:49 -0400)]
Docker services for Cinder Backup

Adds docker services for Cinder Backup

Co-Authored-By: Gorka Eguileor <geguileo@redhat.com>
Co-Authored-By: Jon Bernard <jobernar@redhat.com>
Co-Authored-By: Martin André <m.andre@redhat.com>
Co-Authored-By: Alan Bishop <abishop@redhat.com>
Partial-bug: #1668920

Change-Id: I26fc31e59b28da017f0b028b74bde40aaac53ad5

7 years agoDocker services for Cinder Api and Scheduler
Dan Prince [Sat, 15 Apr 2017 15:08:09 +0000 (11:08 -0400)]
Docker services for Cinder Api and Scheduler

Adds docker services for Cinder API and Scheduler.

Co-Authored-By: Gorka Eguileor <geguileo@redhat.com>
Co-Authored-By: Jon Bernard <jobernar@redhat.com>
Co-Authored-By: Martin André <m.andre@redhat.com>
Co-Authored-By: Alan Bishop <abishop@redhat.com>
Depends-On: Ic1585bae27c318bd6bafc287e905f2ed250cce0f

Change-Id: I5cff9587626a3b2a147e03146d5268242d1c9658
Partial-bug: #1668920

7 years agoContainerize multipathd
Dan Prince [Thu, 18 May 2017 14:29:50 +0000 (10:29 -0400)]
Containerize multipathd

Co-Authored-By: Jon Bernard <jobernar@redhat.com>
Depends-On: I486de8b6ab2f4235bb4a21c3650f6b9e52a83b80
Change-Id: I6cf70fa05ad1c8aa6d9f837ddcd370eb26e45f97

7 years agoMove iscsid to a container
Dan Prince [Thu, 4 May 2017 12:52:38 +0000 (08:52 -0400)]
Move iscsid to a container

This configures iscsid so that it runs as a container on
relevant roles (undercloud, controller, compute, and volume).
When the iscsid docker service is provision it will also run
an ansible snippet that disables the iscsid.socket on the host
OS thus disabling the hosts systemd from auto-starting iscsid
as it normally does.

Co-Authored-By: Jon Bernard <jobernar@redhat.com>
Change-Id: I2ea741ad978f166e199d47ed1b52369e9b031f1f

7 years agoMerge "Add support for autofencing to Pacemaker Remote."
Jenkins [Mon, 12 Jun 2017 13:48:45 +0000 (13:48 +0000)]
Merge "Add support for autofencing to Pacemaker Remote."

7 years agoGenerate HAproxy iptables rules for containerized HA deployments
Damien Ciabrini [Mon, 12 Jun 2017 13:37:15 +0000 (15:37 +0200)]
Generate HAproxy iptables rules for containerized HA deployments

The containerized HAproxy service can only specify steps to be run in
containers, i.e. it cannot runs the regular puppet steps on bare metal
at the same time. A side effect is that the dedicated HAproxy iptables
rules are no longer generated.

Update the docker_config step to fix the creation of iptables rules
for HAproxy and persist them on-disk as before.

Co-Authored-By: Michele Baldessari <michele@acksyn.org>
Closes-Bug: 1697387

Change-Id: Ib5a083ba3299a82645f1a0f9da0d482c6b89ee23

7 years agoMerge "Don't mount all of config-data /etc, /etc/httpd"
Jenkins [Mon, 12 Jun 2017 09:55:57 +0000 (09:55 +0000)]
Merge "Don't mount all of config-data /etc, /etc/httpd"

7 years agoExecute Swift ring up-/download in containerized environments
Christian Schwede [Thu, 8 Jun 2017 18:13:56 +0000 (20:13 +0200)]
Execute Swift ring up-/download in containerized environments

This patch ensures that Swift rings are downloaded from the undercloud
before a rebalance and uploaded afterwards.

Depends-On: I51c5795b9893d797bd73e059910f17a98f04cdbe
Change-Id: Ief012fed628957e4da63ff3314c4cf01d58b6b16

7 years agoAdd support for autofencing to Pacemaker Remote.
Chris Jones [Tue, 25 Apr 2017 15:03:10 +0000 (16:03 +0100)]
Add support for autofencing to Pacemaker Remote.

We now pass configuration for autofencing to Pacemaker Remote nodes.

Change-Id: Ibb9c65a83cc909528024c538cf3bcc96390c555e
Depends-On: I87c60bd56feac6dedc00a3c458b805aa9b71d9ce
Closes-Bug: #1686115

7 years agoProviding parameters specific to a workflow via plan-environment
Saravanan KR [Wed, 5 Apr 2017 11:56:32 +0000 (17:26 +0530)]
Providing parameters specific to a workflow via plan-environment

Parameters which are not part of the heat environment template
are required by the worflows like derive parameters. In order to
seprate from the heat environment parameters, the workflow only
parameters will be provided via plan-environement section,
workflow_parameters.
Implements: blueprint tripleo-derive-parameters

Change-Id: I36d295223c28afff1e0996b4885b8a81c00842f0

7 years agoMerge "Containerized collectd"
Jenkins [Sun, 11 Jun 2017 22:45:13 +0000 (22:45 +0000)]
Merge "Containerized collectd"

7 years agoDon't mount all of config-data /etc, /etc/httpd
Steve Baker [Wed, 24 May 2017 23:54:55 +0000 (23:54 +0000)]
Don't mount all of config-data /etc, /etc/httpd

This change modifies these mounts to be more specific mounts based on
the files which puppet actually modifies.

The result is something a bit more self-documenting, and allows for
trying other techniques for populating /etc other than directly mounting
config-data directories.

Change-Id: Ied1eab99d43afcd34c00af25b7e36e7e55ff88e6

7 years agoRemove pip install paunch
Michele Baldessari [Sun, 11 Jun 2017 18:20:07 +0000 (20:20 +0200)]
Remove pip install paunch

We now have python-paunch-1.1.1 [1] in the overcloud images so we do not
need to pip install it any longer.

[1] https://trunk.rdoproject.org/centos7-master-head/current/python-paunch-1.1.1-0.20170602043913.c8e22e5.el7.centos.noarch.rpm

Change-Id: I1ede514a8aee7ac217fa75843e67fb6542e06f99

7 years agoMerge "Revert "Add support to configure Num of Storage sacks""
Jenkins [Fri, 9 Jun 2017 17:46:38 +0000 (17:46 +0000)]
Merge "Revert "Add support to configure Num of Storage sacks""

7 years agoConfigure credentials for ironic to access cinder
Dmitry Tantsur [Fri, 9 Jun 2017 15:08:04 +0000 (17:08 +0200)]
Configure credentials for ironic to access cinder

Change-Id: Id896e01e24ecc2bfd7a983a3ff9756fefe4a4525
Depends-On: I097c494d3953b7d26d94aecc546ddef5225d1125

7 years agoRevert "Add support to configure Num of Storage sacks"
Pradeep Kilambi [Fri, 9 Jun 2017 13:12:40 +0000 (13:12 +0000)]
Revert "Add support to configure Num of Storage sacks"

This reverts commit a915b150018bf306a5942782bf93c5faadcd7cde.

The argument is renamed and causing promotions to fail.

Change-Id: I7e1674cff75b606c20956edddf70eee2990fca78

7 years agoMerge "Write md5sum for service config directories"
Jenkins [Fri, 9 Jun 2017 13:12:38 +0000 (13:12 +0000)]
Merge "Write md5sum for service config directories"

7 years agoMerge "Make container names consistent"
Jenkins [Fri, 9 Jun 2017 11:28:49 +0000 (11:28 +0000)]
Merge "Make container names consistent"

7 years agoMerge "Configure crl file for HAProxy"
Jenkins [Fri, 9 Jun 2017 10:55:13 +0000 (10:55 +0000)]
Merge "Configure crl file for HAProxy"

7 years agoMerge "Configure CRL URI if TLS in the internal network is enabled"
Jenkins [Fri, 9 Jun 2017 10:55:06 +0000 (10:55 +0000)]
Merge "Configure CRL URI if TLS in the internal network is enabled"

7 years agoMerge "Containerize Tacker Services"
Jenkins [Fri, 9 Jun 2017 09:25:13 +0000 (09:25 +0000)]
Merge "Containerize Tacker Services"

7 years agoMerge "Containerize Congress API service"
Jenkins [Fri, 9 Jun 2017 09:25:05 +0000 (09:25 +0000)]
Merge "Containerize Congress API service"

7 years agoMerge "Role Specific parameter for nova-compute service"
Jenkins [Fri, 9 Jun 2017 08:48:10 +0000 (08:48 +0000)]
Merge "Role Specific parameter for nova-compute service"

7 years agoMake container names consistent
Martin André [Wed, 7 Jun 2017 13:35:55 +0000 (15:35 +0200)]
Make container names consistent

This commit change the container names to consistently use the `_` char
as a word separator and make the kolla external config file match the
container name to make operators' life easier.

Change-Id: Ibac9d76dde474b94c3cb86031ead0fd0327e126f

7 years agoMerge "Modify libvirtd container command line when TLS is enabled"
Jenkins [Fri, 9 Jun 2017 04:56:20 +0000 (04:56 +0000)]
Merge "Modify libvirtd container command line when TLS is enabled"

7 years agoMerge "Run the nova-compute container as the nova user"
Jenkins [Fri, 9 Jun 2017 04:35:38 +0000 (04:35 +0000)]
Merge "Run the nova-compute container as the nova user"

7 years agoFix bug in docker-toool where values are sometimes empty.
Ian Main [Thu, 8 Jun 2017 22:56:55 +0000 (18:56 -0400)]
Fix bug in docker-toool where values are sometimes empty.

I was getting empty volumes from the json and it was creating bad
docker command lines.

Change-Id: Ie90fc1afa5711d6b029e98d621507b9cb70c1dbe

7 years agoChange HorizonSecureCookies default to False
Ben Nemec [Thu, 8 Jun 2017 21:28:34 +0000 (16:28 -0500)]
Change HorizonSecureCookies default to False

HorizonSecureCookies is incompatible with non-ssl deployments, which
is our default deployment method.  When SSL is in use, it can be
turned on in the enable-tls.yaml file.  This does mean that
existing users won't automatically get this feature turned on as
part of their upgrade because enable-tls.yaml is an environment that
is intended to be copied and edited, but it's simple to add the
parameter to the file for users who want that behavior after they
upgrade to a version where it is available.

Change-Id: If83d3d8709fc4e0c09569e8bf524721d332bf560
Closes-Bug: 1696861

7 years agoMerge "Containerize Horizon"
Jenkins [Thu, 8 Jun 2017 20:30:50 +0000 (20:30 +0000)]
Merge "Containerize Horizon"

7 years agoRun the nova-compute container as the nova user
Oliver Walsh [Fri, 26 May 2017 16:27:11 +0000 (17:27 +0100)]
Run the nova-compute container as the nova user

Change-Id: Ie6469d2fd2119952669f5c9fdaa41fb273185973
Depends-On: I91be1f1eacf8eed9017bbfef393ee2d66771e8d6
Closes-bug: #1693844

7 years agoMerge "Use Deployment actions for blacklist"
Jenkins [Thu, 8 Jun 2017 19:53:26 +0000 (19:53 +0000)]
Merge "Use Deployment actions for blacklist"

7 years agoMerge "Standardize example role definitions"
Jenkins [Thu, 8 Jun 2017 18:10:24 +0000 (18:10 +0000)]
Merge "Standardize example role definitions"

7 years agoContainerized collectd
Matthias Runge [Wed, 31 May 2017 12:57:33 +0000 (14:57 +0200)]
Containerized collectd

Change-Id: I05126a108f5ab790e729d1f98399dca5801ebd69

7 years agoWrite md5sum for service config directories
Steven Hardy [Fri, 19 May 2017 15:38:56 +0000 (16:38 +0100)]
Write md5sum for service config directories

The configuration generated by docker-puppet may change on update,
so checksum the combined files from the config-data directories,
to enable detecting those that have changed and restarting the
appropriate containers - we need to merge this checksum into
the environment passed to the containters, as this will cause
paunch to correctly restart containers when the configuration
generated changes, even if the rest of the json definition
provided by heat does not.

Change-Id: I40d9080cf3ad708ef4ed91e46d2b2ae1138bb9c3

7 years agoMerge "Add support to configure Num of Storage sacks"
Jenkins [Thu, 8 Jun 2017 14:58:55 +0000 (14:58 +0000)]
Merge "Add support to configure Num of Storage sacks"

7 years agoFix typo in haproxy docker mapping
Michele Baldessari [Thu, 8 Jun 2017 14:53:19 +0000 (16:53 +0200)]
Fix typo in haproxy docker mapping

It is 'HAproxy' and not 'HAProxy'. This needs fixing so that the
proper service is instantiated when a role includes the HAproxy
service.

Change-Id: Ibcbacff16c3561b75e29b48270d60b60c1eb1083

7 years agoMerge "Fix the disable expirer to remove crontab"
Jenkins [Thu, 8 Jun 2017 14:13:21 +0000 (14:13 +0000)]
Merge "Fix the disable expirer to remove crontab"

7 years agoContainerized Sensu client
Martin Mágr [Thu, 11 May 2017 21:36:25 +0000 (23:36 +0200)]
Containerized Sensu client

Implements: blueprint container-healthchecks
Depends-On: I9ccf1c4c948e6e347eb8e4d947edf77822a601cb
Change-Id: Iff7758623974a69e2c043cf611f46ce11c36cc59

7 years agoContainerize Tacker Services
Pradeep Kilambi [Fri, 19 May 2017 14:36:11 +0000 (10:36 -0400)]
Containerize Tacker Services

Closes-bug: #1668935

Change-Id: I83a02735eb445e831bc74ec786f2bb42cd2f87d6

7 years agoContainerize Congress API service
Pradeep Kilambi [Wed, 17 May 2017 20:18:17 +0000 (16:18 -0400)]
Containerize Congress API service

Closes-bug: #1668929

Change-Id: I051edcf2980bb9c2521e21c410055690c012a0d1

7 years agoFix containerized SwiftRawDisks usage
Christian Schwede [Fri, 19 May 2017 22:03:16 +0000 (00:03 +0200)]
Fix containerized SwiftRawDisks usage

This patch partitions the defined devices and mounts them on the
hostnode.

It also disables the mount_check inside Swift because it is currently
not possible to detect wether a given directory is a mounted device or
not. This is just a workaround until a better solution has been
implemented in Swift itself.

Change-Id: I6e8e1328d7ffb18bb96ed1a940013dbb8b6b433e