apex-tripleo-heat-templates.git
7 years agoMerge "Disable systemd-networkd & systemd-resolved"
Jenkins [Fri, 14 Jul 2017 12:52:46 +0000 (12:52 +0000)]
Merge "Disable systemd-networkd & systemd-resolved"

7 years agoMerge "Move services.yaml to common directory"
Jenkins [Fri, 14 Jul 2017 10:50:17 +0000 (10:50 +0000)]
Merge "Move services.yaml to common directory"

7 years agoMerge "Remove special-case of memcache node ips for ipv6"
Jenkins [Fri, 14 Jul 2017 10:30:25 +0000 (10:30 +0000)]
Merge "Remove special-case of memcache node ips for ipv6"

7 years agoDisable systemd-networkd & systemd-resolved
Emilien Macchi [Fri, 14 Jul 2017 04:09:38 +0000 (21:09 -0700)]
Disable systemd-networkd & systemd-resolved

Latest commits in puppet-systemd enabled by default systemd-networkd and
systemd-resolved but we don't want to manage them for now in TripleO.
MySQL and MongoDB services were managing some systemd resources so now
we ensure that these 2 systemd services are disabled. In the future, we
might want and activate these services and revert that patch but for now
we want to disable them.

Change-Id: I42c6c9b643a71a0fbb1768bbae91e8bfa916ea00
Closes-Bug: #1704145

7 years agoMerge "Adds check for existing yum process during the legacy minor update"
Jenkins [Fri, 14 Jul 2017 00:33:58 +0000 (00:33 +0000)]
Merge "Adds check for existing yum process during the legacy minor update"

7 years agoRemove special-case of memcache node ips for ipv6
Steven Hardy [Thu, 6 Jul 2017 13:37:31 +0000 (14:37 +0100)]
Remove special-case of memcache node ips for ipv6

This should be handled in puppet-tripleo, as is done for some other
services e.g ceph.  This has also been identified as a possible
performance problem due to the nested get_attr calls.

Change-Id: I7e14f0219c28c023c4e8e1d4693f0bfa9674d801
Related-Bug: #1684272
Depends-On: Iccb9089db4b382db3adb9340f18f6d2364ca7f58

7 years agoMerge "Remove hardcoded enable_load_balancer from Controller role"
Jenkins [Thu, 13 Jul 2017 18:38:39 +0000 (18:38 +0000)]
Merge "Remove hardcoded enable_load_balancer from Controller role"

7 years agoMerge "Make NeutronEnableDVR parameter consistent"
Jenkins [Thu, 13 Jul 2017 18:38:02 +0000 (18:38 +0000)]
Merge "Make NeutronEnableDVR parameter consistent"

7 years agoMerge "Added OvS permission workaround for enabling DPDK"
Jenkins [Thu, 13 Jul 2017 18:33:29 +0000 (18:33 +0000)]
Merge "Added OvS permission workaround for enabling DPDK"

7 years agoMerge "Make Rabbit parameters consistent"
Jenkins [Thu, 13 Jul 2017 13:55:43 +0000 (13:55 +0000)]
Merge "Make Rabbit parameters consistent"

7 years agoMerge "Make CephValidationDelay/Retries default consistent"
Jenkins [Thu, 13 Jul 2017 13:55:35 +0000 (13:55 +0000)]
Merge "Make CephValidationDelay/Retries default consistent"

7 years agoMerge "Make *AdminStateUp parameters consistent"
Jenkins [Thu, 13 Jul 2017 13:40:25 +0000 (13:40 +0000)]
Merge "Make *AdminStateUp parameters consistent"

7 years agoAdds check for existing yum process during the legacy minor update
marios [Thu, 13 Jul 2017 13:11:13 +0000 (16:11 +0300)]
Adds check for existing yum process during the legacy minor update

Checks for an existing /var/run/yum.pid and exit 1 with an error
message saying why.

Change-Id: I374eeb4164a8007ae67fea2796eac109fffdef97
Closes-Bug: 1704131

7 years agoMove services.yaml to common directory
Steven Hardy [Thu, 13 Jul 2017 08:30:15 +0000 (09:30 +0100)]
Move services.yaml to common directory

This new directory has now been added to the RDO packaging so we
can move things common to both puppet/container architecture here,
starting with the recently combined services.yaml

Change-Id: If2ce27188c4c15002b3ad830e8d6eb9504d2f3d2

7 years agoMerge "Containerize Manila Share service"
Jenkins [Thu, 13 Jul 2017 11:29:20 +0000 (11:29 +0000)]
Merge "Containerize Manila Share service"

7 years agoMerge "Use ServerOsCollectConfigData value in output"
Jenkins [Thu, 13 Jul 2017 11:28:09 +0000 (11:28 +0000)]
Merge "Use ServerOsCollectConfigData value in output"

7 years agoMerge "Fix ironic-pxe startup issues"
Jenkins [Thu, 13 Jul 2017 06:19:07 +0000 (06:19 +0000)]
Merge "Fix ironic-pxe startup issues"

7 years agoMerge "Tolerate network errors in pingtest retry logic"
Jenkins [Thu, 13 Jul 2017 04:12:40 +0000 (04:12 +0000)]
Merge "Tolerate network errors in pingtest retry logic"

7 years agoMerge "Drop ComputeServices from environments/docker.yaml"
Jenkins [Thu, 13 Jul 2017 04:09:03 +0000 (04:09 +0000)]
Merge "Drop ComputeServices from environments/docker.yaml"

7 years agoMerge "Add support for running crontabs in containers"
Jenkins [Thu, 13 Jul 2017 04:08:40 +0000 (04:08 +0000)]
Merge "Add support for running crontabs in containers"

7 years agoMerge "Revert "Revert "Blacklist support for ExtraConfig"""
Jenkins [Thu, 13 Jul 2017 04:08:29 +0000 (04:08 +0000)]
Merge "Revert "Revert "Blacklist support for ExtraConfig"""

7 years agoMerge "Run rsync for Swift without xinetd"
Jenkins [Thu, 13 Jul 2017 04:07:57 +0000 (04:07 +0000)]
Merge "Run rsync for Swift without xinetd"

7 years agoMerge "Allow to set Notification Driver to 'noop'"
Jenkins [Thu, 13 Jul 2017 04:07:50 +0000 (04:07 +0000)]
Merge "Allow to set Notification Driver to 'noop'"

7 years agoMerge "Add DeployedServerEnvironmentOutput"
Jenkins [Thu, 13 Jul 2017 02:04:21 +0000 (02:04 +0000)]
Merge "Add DeployedServerEnvironmentOutput"

7 years agoMerge "Add missing tags in iscsid upgrade_tasks"
Jenkins [Thu, 13 Jul 2017 01:32:40 +0000 (01:32 +0000)]
Merge "Add missing tags in iscsid upgrade_tasks"

7 years agoMerge "Implement scenario006 with Ironic in overcloud"
Jenkins [Wed, 12 Jul 2017 21:15:24 +0000 (21:15 +0000)]
Merge "Implement scenario006 with Ironic in overcloud"

7 years agoMerge "Remove controller specific bootstack_nodeid"
Jenkins [Wed, 12 Jul 2017 19:39:13 +0000 (19:39 +0000)]
Merge "Remove controller specific bootstack_nodeid"

7 years agoMerge "Add dependency relationship between nested get_attr targets"
Jenkins [Wed, 12 Jul 2017 19:38:02 +0000 (19:38 +0000)]
Merge "Add dependency relationship between nested get_attr targets"

7 years agoFix ironic-pxe startup issues
Dan Prince [Fri, 7 Jul 2017 01:03:30 +0000 (21:03 -0400)]
Fix ironic-pxe startup issues

This patch updates the ironic-api docker service so that it
generates its config files in a unique config root. This
ensures that it doesn't have config files in the httpd
conf.d directory for both the API and PXE services thus
causing the API container to attempt to launch both of them.

This functionally fixes the Ironic API and PXE services with
docker so they once again can bring up an overcloud.

Change-Id: I537cd6a3337bf776ca38a279b7c130b6429eea04
Closes-bug: #1702799

7 years agoMerge "Bind mount needed cert for haproxy for HA too"
Jenkins [Wed, 12 Jul 2017 16:19:06 +0000 (16:19 +0000)]
Merge "Bind mount needed cert for haproxy for HA too"

7 years agoContainerize Manila Share service
Victoria Martinez de la Cruz [Wed, 7 Jun 2017 01:17:30 +0000 (22:17 -0300)]
Containerize Manila Share service

Change-Id: I797eea2f7788f65411964ccb852b5707e916416f
Partial-Bug: #1668922

7 years agoDrop ComputeServices from environments/docker.yaml
Dan Prince [Fri, 7 Jul 2017 20:05:43 +0000 (16:05 -0400)]
Drop ComputeServices from environments/docker.yaml

Change-Id: Ibfc568755764203b68aed524d6f334eeb7cd5da7
Closes-bug: #1703001

7 years agoAdd support for running crontabs in containers
Oliver Walsh [Thu, 29 Jun 2017 12:59:26 +0000 (13:59 +0100)]
Add support for running crontabs in containers

This change enables the puppet cron resource in docker-puppet.py and adds user
crontabs to the paths copied from the config containers.

Only the nova crontab is configured for now. Other services will require
similar changes to run their crontabs.

Partial-Bug: 1701254

Change-Id: I2d1d0f0d77908a132472cf4bc475f8bd526af504
Depends-On: Ie16fb4539481a3c192cff8220a97daa4c70467fc

7 years agoMerge "Remove ceilometer apache files on upgrade"
Jenkins [Wed, 12 Jul 2017 07:39:07 +0000 (07:39 +0000)]
Merge "Remove ceilometer apache files on upgrade"

7 years agoRun rsync for Swift without xinetd
Christian Schwede [Thu, 6 Jul 2017 18:42:40 +0000 (20:42 +0200)]
Run rsync for Swift without xinetd

The default in non-containerized environments is to run rsync within
xinetd for Red Hat-based deployments, however in an containerized
environment this is not really needed. Therefore run rsync directly
without being started by xinetd.

Change-Id: I08abd917eba08d1192437ddf96c71b06d099a3f8

7 years agoMerge "Switch from oslosphinx to openstackdocstheme"
Jenkins [Wed, 12 Jul 2017 03:14:53 +0000 (03:14 +0000)]
Merge "Switch from oslosphinx to openstackdocstheme"

7 years agoAllow to set Notification Driver to 'noop'
Emilien Macchi [Fri, 7 Jul 2017 18:35:28 +0000 (11:35 -0700)]
Allow to set Notification Driver to 'noop'

This patch does 2 things:
* Configure messagingv2 as default driver for Oslo Notifications sent on
  RPC.
* Allow users to choose between messagingv2 (default) and noop when we
  want to disable notifications (for example, when Telemetry is disabled).
* Deprecate KeystoneNotificationDriver in favor of NotificationDriver.

Change-Id: Ia547d7f4bfb51e7c45246b097b48fd86da231bd3
Related-Bug: #1701357

7 years agoAdd dependency relationship between nested get_attr targets
Zane Bitter [Tue, 11 Jul 2017 19:52:37 +0000 (15:52 -0400)]
Add dependency relationship between nested get_attr targets

Starting with Pike, Heat will do attribute resolution in a single pass. A
consequence of this is that when the result of a get_attr is passed to
another get_attr call, there must be a dependency relationship between the
resources so that the inner attribute is resolved first before we try to
determine which attributes are required from the resource in the outer
call.

There are two uses of nested dep_attr in the overcloud template. One (which
hopefully can be removed soon) is in the allNodesConfig resource. In this
case, the {{primary_role_name}}IpListMap already depends on the
ServiceNetMap.

The second is in the KeystoneAdminVip output. This patch makes the VipMap
depend on the ServiceNetMap so that attributes can be resolved in a single
pass in that case.

Change-Id: I438a79748b9b408ec1101271d96c60d84028b57e

7 years agoRemove hardcoded enable_load_balancer from Controller role
Steven Hardy [Thu, 6 Jul 2017 16:39:00 +0000 (17:39 +0100)]
Remove hardcoded enable_load_balancer from Controller role

This is associated with the haproxy service, so set the hieradata there
instead.  This is needed so we can render the controller role template
via j2, and also if anyone ever wants to run haproxy on some role other
then the Controller.

Change-Id: I82b992afe42f6da7788f6efca2366863c3bf68f7
Partially-Implements: blueprint composable-networks

7 years agoRemove controller specific bootstack_nodeid
Steven Hardy [Thu, 6 Jul 2017 16:31:25 +0000 (17:31 +0100)]
Remove controller specific bootstack_nodeid

This has been replaced for some time by bootstrap_nodeid which isn't
hard-coded to the Controller role.

Change-Id: I2c172de13646e5b88cb9930a93ca71fcc990e522
Depends-On: I0a9fced847caf344e5d26b452f1bd40afab8f029

7 years agoDon't confuse Heat with empty parameter_defaults
Jiri Stransky [Tue, 11 Jul 2017 12:33:57 +0000 (14:33 +0200)]
Don't confuse Heat with empty parameter_defaults

Apparently providing completely empty parameter_defaults in an
environment file can confuse Heat, and it seems like it doesn't try to
deploy any services on the overcloud in the multinode job. See the bug
for more details about the bug symptoms.

Change-Id: Ia9cb01b48087b78f66004263757590877219f743
Closes-Bug: #1703599

7 years agoRevert "Revert "Blacklist support for ExtraConfig""
James Slagle [Mon, 26 Jun 2017 13:48:34 +0000 (09:48 -0400)]
Revert "Revert "Blacklist support for ExtraConfig""

There is a Heat patch posted (via Depends-On) that resolves the issue
that caused this to be reverted. This reverts the revert and we need to
make sure all the upgrades jobs pass before we merge this patch.

This reverts commit 69936229f4def703cd44ab164d8d1989c9fa37cb.
Closes-Bug: #1699463
implements blueprint disable-deployments

Change-Id: Iedf680fddfbfc020d301bec8837a0cb98d481eb5

7 years agoMerge "Copy only generated puppet files into the container"
Jenkins [Mon, 10 Jul 2017 17:20:09 +0000 (17:20 +0000)]
Merge "Copy only generated puppet files into the container"

7 years agoUse ServerOsCollectConfigData value in output
James Slagle [Fri, 7 Jul 2017 11:45:26 +0000 (07:45 -0400)]
Use ServerOsCollectConfigData value in output

Just use the value from the ServerOsCollectConfigData resource in the
output instead of recalculating the value for each role via jinja.

Change-Id: I4e3bf4f25c9a8f677d5d177eb409594193a86405

7 years agoAdd DeployedServerEnvironmentOutput
James Slagle [Fri, 28 Apr 2017 20:01:14 +0000 (16:01 -0400)]
Add DeployedServerEnvironmentOutput

Add a new output, DeployedServerEnvionmentOutput, that can be used as
the contents of an environment file to input into a services only stack
when using split-stack. The parameter simplifies the manual steps needed
to deploy split-stack.

By default, the resource that generates the output is mapped to
OS::Heat::None.

implements blueprint split-stack-default
Change-Id: I6004cd3f56778f078a69a20e93a0eba0c574b3db

7 years agoMerge "Modify generic role template to support custom networks"
Jenkins [Mon, 10 Jul 2017 13:11:52 +0000 (13:11 +0000)]
Merge "Modify generic role template to support custom networks"

7 years agoBind mount needed cert for haproxy for HA too
Martin André [Mon, 10 Jul 2017 11:25:17 +0000 (13:25 +0200)]
Bind mount needed cert for haproxy for HA too

haproxy needs the deployed SSL cert file to function when TLS is
enabled.

It is also required for the docker-puppet haproxy container since the
haproxy puppet module uses a validate_cmd to check the generated config
file is valid that fails when the required SSL cert is not present.
There is no clean way to disable this feature [1] so we need to bind
mount the cert into the container.

This commit applies the same change that was applied in
Id2df144b678769def204961236624091d4e5c457 for the non-ha case.

[1] https://github.com/puppetlabs/puppetlabs-haproxy/blob/4753ea5b2506ee093e9b4c8af6e91201d476d426/manifests/config.pp#L53-L57

Change-Id: I93e1ee86197bcf271f18a62a27c2f350ed3966ea
Co-Authored-By: Damien Ciabrini <dciabrin@redhat.com>
7 years agoAdded OvS permission workaround for enabling DPDK
Saravanan KR [Tue, 27 Jun 2017 13:47:43 +0000 (19:17 +0530)]
Added OvS permission workaround for enabling DPDK

The vhost sockets sockets are created with qemu permission, but ovs
runs with root permission. In order to allow ovs to access vhost sockets
reducing the ovs group permission from root to qemu. This is a temprovary
workaround, until ovs fixes the permission issue. The script supports
both ovs2.6 and ovs2.7 versions.

Change-Id: I172956390c19fc9824bf7590cd48bfcf6201191b

7 years agoCopy only generated puppet files into the container
Martin André [Wed, 21 Jun 2017 14:02:55 +0000 (16:02 +0200)]
Copy only generated puppet files into the container

This solves a problem with bind-mounts when the containers are holding
files descriptors open.

At the same time this makes the template more robust to puppet changes
since new config files will be available in the containers without
needing to update the templates.

Partial-Bug: #1698323
Change-Id: Ia4ad6d77387e3dc354cd131c2f9756939fb8f736

7 years agoDisable network validation in multinode jobs
Ben Nemec [Fri, 30 Jun 2017 19:04:35 +0000 (14:04 -0500)]
Disable network validation in multinode jobs

Sometimes the infracloud gateway refuses to ping even though
everything else is working fine.  Since we have coverage of this
functionality in the OVB jobs it should be safe to turn it off
here so it stops spuriously failing our jobs.

We can't just set the resource to OS::Heat::None because there
are other resources with dependencies on it.  Instead, this adds
a noop version of the validation software config that always
returns true.

Change-Id: I8361bc8be442b45c3ef6bdccdc53598fcb1d9540
Partial-Bug: 1680167

7 years agoMerge "Add in roles data validation"
Jenkins [Sat, 8 Jul 2017 02:14:13 +0000 (02:14 +0000)]
Merge "Add in roles data validation"

7 years agoMerge "Rename CongressApi to Congress (docker)"
Jenkins [Fri, 7 Jul 2017 19:05:08 +0000 (19:05 +0000)]
Merge "Rename CongressApi to Congress (docker)"

7 years agoMerge "Create NIC templates for Neutron Networker composable role"
Jenkins [Fri, 7 Jul 2017 18:39:04 +0000 (18:39 +0000)]
Merge "Create NIC templates for Neutron Networker composable role"

7 years agoMerge "Add sample usage of StorageMgmt network for compute nodes"
Jenkins [Fri, 7 Jul 2017 18:22:23 +0000 (18:22 +0000)]
Merge "Add sample usage of StorageMgmt network for compute nodes"

7 years agoRemove ceilometer apache files on upgrade
Pradeep Kilambi [Wed, 24 May 2017 17:52:21 +0000 (13:52 -0400)]
Remove ceilometer apache files on upgrade

Ceilometer API runs under apache. Since this service is
deprecated and disabled in pike, we need to ensure the
apache files are removed during upgrade.

Change-Id: I0c0913e74396bd463f5a6da46f83512bab77b75e

7 years agoAdd in roles data validation
Alex Schultz [Fri, 9 Jun 2017 14:59:51 +0000 (08:59 -0600)]
Add in roles data validation

With the merging of Iad3e9b215c6f21ba761c8360bb7ed531e34520e6 the
roles_data.yaml should be generated with tripleoclient rather than
edited. This change adds in a pep8 task to verify that the appropriate
role files in roles/ have been modified to match how our default
roles_data.yaml is constructed.  Additionally this change adds a new tox
target called 'genrolesdata' that will all you to automatically generate
roles_data.yaml and roles_data_undercloud.yaml

Change-Id: I5eb15443a131a122d1a4abf6fc15a3ac3e15941b
Related-Blueprint: example-custom-role-environments

7 years agoRename CongressApi to Congress (docker)
Emilien Macchi [Thu, 22 Jun 2017 20:21:49 +0000 (16:21 -0400)]
Rename CongressApi to Congress (docker)

Before it was Congress, let's stay consistent and stop using CongressApi
in Docker service, because we release.

Change-Id: Id939b3d70e185da4279f3860812fa5dce27d64dd

7 years agoSwitch from oslosphinx to openstackdocstheme
Emilien Macchi [Tue, 27 Jun 2017 13:21:59 +0000 (09:21 -0400)]
Switch from oslosphinx to openstackdocstheme

As part of the docs migration work[0] for Pike we need to switch to use the
openstackdocstheme.

[0] https://review.openstack.org/#/c/472275/

Change-Id: Ib2b6afb7075c68fecf1fbeaf650a31a7494af49f

7 years agoMerge "Enable Neutron LBaaS Integration"
Jenkins [Thu, 6 Jul 2017 10:54:32 +0000 (10:54 +0000)]
Merge "Enable Neutron LBaaS Integration"

7 years agoMerge "Update cinder-netapp-config environment"
Jenkins [Wed, 5 Jul 2017 21:23:47 +0000 (21:23 +0000)]
Merge "Update cinder-netapp-config environment"

7 years agoMerge "Fix typo in roles/Networker.yaml"
Jenkins [Wed, 5 Jul 2017 20:28:55 +0000 (20:28 +0000)]
Merge "Fix typo in roles/Networker.yaml"

7 years agoModify generic role template to support custom networks
Steven Hardy [Thu, 1 Jun 2017 10:25:06 +0000 (11:25 +0100)]
Modify generic role template to support custom networks

Render all per-network resources and interfaces via j2 to enable
future support for custom networks via network_data.yaml

Note this doesn't enable custom networks for the built-in roles
as we skip j2 rendering for them, this will be resolved by converting
them to use the generic role template instead of the hard-coded
ones listed in the j2_excludes.yaml.

Depends-On: I18fa3829ff38ac200550d8e36bbe334c0005da22
Change-Id: I49565f9389f3ec9aef4861e23a3bed64a85501e6
Partially-Implements: blueprint composable-networks

7 years agoMerge "Adds docker OpenDaylight"
Jenkins [Wed, 5 Jul 2017 13:57:43 +0000 (13:57 +0000)]
Merge "Adds docker OpenDaylight"

7 years agoMerge "Update NovaCompute to consume CephClientKey"
Jenkins [Wed, 5 Jul 2017 13:40:07 +0000 (13:40 +0000)]
Merge "Update NovaCompute to consume CephClientKey"

7 years agoMerge "Bind mount needed cert for haproxy"
Jenkins [Wed, 5 Jul 2017 10:09:46 +0000 (10:09 +0000)]
Merge "Bind mount needed cert for haproxy"

7 years agoMerge "Allow volumes in puppet_config containers spec"
Jenkins [Wed, 5 Jul 2017 10:08:07 +0000 (10:08 +0000)]
Merge "Allow volumes in puppet_config containers spec"

7 years agoMerge "Convert role templates to consume roles_data map"
Jenkins [Wed, 5 Jul 2017 00:41:16 +0000 (00:41 +0000)]
Merge "Convert role templates to consume roles_data map"

7 years agoMerge "New environment file to configure containers."
Jenkins [Wed, 5 Jul 2017 00:35:31 +0000 (00:35 +0000)]
Merge "New environment file to configure containers."

7 years agoMerge "Updated from global requirements"
Jenkins [Tue, 4 Jul 2017 21:22:43 +0000 (21:22 +0000)]
Merge "Updated from global requirements"

7 years agoMerge "Install ansible-pacemaker on O->P upgrade"
Jenkins [Tue, 4 Jul 2017 21:21:37 +0000 (21:21 +0000)]
Merge "Install ansible-pacemaker on O->P upgrade"

7 years agoUpdated from global requirements
OpenStack Proposal Bot [Tue, 4 Jul 2017 17:59:34 +0000 (17:59 +0000)]
Updated from global requirements

Change-Id: I714ecad87a406bc237e3d4fdf88bc7e10555693c

7 years agoFix typo in roles/Networker.yaml
Steven Hardy [Tue, 4 Jul 2017 14:11:27 +0000 (15:11 +0100)]
Fix typo in roles/Networker.yaml

The captialization mismatch here means the role currently doesn't
work.

Change-Id: Iced5004f993f8c100268361d87580d922e47f983

7 years agoEnable Neutron LBaaS Integration
Ryan Hefner [Mon, 4 Apr 2016 17:49:19 +0000 (13:49 -0400)]
Enable Neutron LBaaS Integration

Allows the configuration of the Neutron LBaaS agent.

Implements: blueprint lbaasv2-service-integration
Change-Id: Iae2bf7faeea93d5275994b2ee10f9bf863ed6152
Depends-On: Ieeb21fafd340fdfbaddbe7633946fe0f05c640c9

7 years agoConvert role templates to consume roles_data map
Steven Hardy [Wed, 31 May 2017 10:22:49 +0000 (11:22 +0100)]
Convert role templates to consume roles_data map

Currently we only consume the name with a special-case
for the disable constraints boolean, but it will be more
flexible if we consume the whole roles_data mapping for
each role, so that e.g composable networks and other
per-role customizations can be expressed in these
templates

Partially-Implements: blueprint composable-networks
Depends-On: Id1249b78b3dd87e91d572ffa31b7a541f3cde2c7
Change-Id: I355534ec456479944f66106e957404a660d8f2d2

7 years agoMerge "Make ceilometer crontab removal idempotent"
Jenkins [Tue, 4 Jul 2017 04:35:00 +0000 (04:35 +0000)]
Merge "Make ceilometer crontab removal idempotent"

7 years agoAdds docker OpenDaylight
Tim Rozet [Mon, 22 May 2017 21:52:18 +0000 (17:52 -0400)]
Adds docker OpenDaylight

Depends-On: I020550ede0ef981582392cf6c48dd5cb5823a074
Depends-On: I610b07a3c2bcf1c3288f76112a08b81c50e06913
Depends-On: I3d378044b3da5309b60967a12df7800520a254dc
Depends-On: I9c32b41ef865a09587f3ebfe8b8a896031fbd285
Depends-On: Ib31bf29bc69f5c58e98b99c3e598b19c99efc77f

Change-Id: I36c7390ddb4192e55ee56006fd6e9c5f8704445c
Signed-off-by: Tim Rozet <trozet@redhat.com>
7 years agoUpdate NovaCompute to consume CephClientKey
Keith Schincke [Wed, 24 May 2017 15:55:23 +0000 (11:55 -0400)]
Update NovaCompute to consume CephClientKey

It is not necessary to get the Ceph key issueing a get-key to the Ceph
cluster; this change provides the libvirt key via parameter instead.

Change-Id: Iff3dbcb0f1b4d2373570e184e636a71553cea708

7 years agoMerge "Add ServerIdMap output"
Jenkins [Mon, 3 Jul 2017 12:16:29 +0000 (12:16 +0000)]
Merge "Add ServerIdMap output"

7 years agoMerge "adding --config-dir parameters to neutron containers"
Jenkins [Mon, 3 Jul 2017 09:47:32 +0000 (09:47 +0000)]
Merge "adding --config-dir parameters to neutron containers"

7 years agoMerge "Move glance::api::show_multiple_locations within GlanceApi"
Jenkins [Sun, 2 Jul 2017 15:16:58 +0000 (15:16 +0000)]
Merge "Move glance::api::show_multiple_locations within GlanceApi"

7 years agoadding --config-dir parameters to neutron containers
Or Idgar [Thu, 22 Jun 2017 14:57:03 +0000 (14:57 +0000)]
adding --config-dir parameters to neutron containers

Change-Id: I521e89994e9be6efd335c5809810d9188dc1742f
Closes-Bug: #1684908

7 years agoNew environment file to configure containers.
Ian Main [Thu, 29 Jun 2017 00:30:39 +0000 (20:30 -0400)]
New environment file to configure containers.

This is part of a larger series that changes the interface used
for configuring which containers are used.  This needs CI and
possibly quickstart updates to use this environment file so CI
will continue to pass.

Change-Id: I125137ba45f608cf84ea0a7146edd744a549d23b
Co-Authored-By: Dan Prince <dprince@redhat.com>
7 years agoMerge "Re-enable default for RoleParameters"
Jenkins [Fri, 30 Jun 2017 21:48:12 +0000 (21:48 +0000)]
Merge "Re-enable default for RoleParameters"

7 years agoMerge "Fix typo in config_volume"
Jenkins [Fri, 30 Jun 2017 21:40:38 +0000 (21:40 +0000)]
Merge "Fix typo in config_volume"

7 years agoMerge "Make NovaWorkers descriptions consistent"
Jenkins [Fri, 30 Jun 2017 19:52:41 +0000 (19:52 +0000)]
Merge "Make NovaWorkers descriptions consistent"

7 years agoMerge "cisco nexus: keep OVS on the Compute"
Jenkins [Fri, 30 Jun 2017 14:04:31 +0000 (14:04 +0000)]
Merge "cisco nexus: keep OVS on the Compute"

7 years agoMerge "Ensure boostrap_host_exec runs as root"
Jenkins [Fri, 30 Jun 2017 13:44:59 +0000 (13:44 +0000)]
Merge "Ensure boostrap_host_exec runs as root"

7 years agoMerge "scenario001: containerize services for CI"
Jenkins [Fri, 30 Jun 2017 13:43:35 +0000 (13:43 +0000)]
Merge "scenario001: containerize services for CI"

7 years agoMerge "Add a docker-ha.yaml environment file for containerized HA deployments"
Jenkins [Fri, 30 Jun 2017 11:18:43 +0000 (11:18 +0000)]
Merge "Add a docker-ha.yaml environment file for containerized HA deployments"

7 years agoTolerate network errors in pingtest retry logic
Oliver Walsh [Fri, 30 Jun 2017 10:51:06 +0000 (11:51 +0100)]
Tolerate network errors in pingtest retry logic

We use ping -w <deadline> -c <count>. This will ping every second until
<count> replies are received, or <deadline> is reached, or a network error occurs.

With the current retry logic a network error will result in a short tight loop
instead of waiting for the network to come up.

This change reduces the deadline to 10s, but sleeps 60s between retries.

Change-Id: Ib00cff6f843c04a00737b40e3ef3d1560d6e6d2d
Related-bug: #1680167

7 years agoMerge "Force mtime for tar used in container config md5sums"
Jenkins [Fri, 30 Jun 2017 08:36:53 +0000 (08:36 +0000)]
Merge "Force mtime for tar used in container config md5sums"

7 years agoMerge "Add stack_name/ctlplane_service_ips into post-upgrade.j2.yaml"
Jenkins [Fri, 30 Jun 2017 08:35:46 +0000 (08:35 +0000)]
Merge "Add stack_name/ctlplane_service_ips into post-upgrade.j2.yaml"

7 years agoEnsure boostrap_host_exec runs as root
Martin André [Wed, 28 Jun 2017 15:10:27 +0000 (17:10 +0200)]
Ensure boostrap_host_exec runs as root

This is necessary for accessing the bind mounted hieradata in the
container in order to determine if the node is the primary node.

With the new validation added to yaml-validate.py, we could spot
potential issues in sahara-api and keystone bootstrap tasks.

The keystone one is a false positive, as the image defaults to the root
user in order to be able to run apache. Still, it is better to be
consistent here and specify the root user nonetheless.

Change-Id: Ib0ff9748d5406f507261e506c19b96750b10e846
Closes-Bug: #1697917

7 years agoFix typo in config_volume
Sven Anderson [Tue, 20 Jun 2017 12:53:34 +0000 (14:53 +0200)]
Fix typo in config_volume

Change-Id: I6a53a56c534f24cb514d8aeb8cec3d7865b93448

7 years agoBind mount needed cert for haproxy
Martin André [Tue, 13 Jun 2017 13:35:16 +0000 (15:35 +0200)]
Bind mount needed cert for haproxy

haproxy needs the deployed SSL cert file to function when TLS is
enabled.

It is also required for the docker-puppet haproxy container since the
haproxy puppet module uses a validate_cmd to check the generated config
file is valid that fails when the required SSL cert is not present.
There is no clean way to disable this feature [1] so we need to bind
mount the cert into the container.

[1] https://github.com/puppetlabs/puppetlabs-haproxy/blob/4753ea5b2506ee093e9b4c8af6e91201d476d426/manifests/config.pp#L53-L57

Change-Id: Id2df144b678769def204961236624091d4e5c457

7 years agoAllow volumes in puppet_config containers spec
James Slagle [Tue, 27 Jun 2017 16:48:59 +0000 (12:48 -0400)]
Allow volumes in puppet_config containers spec

Mounting host volumes when running containers via puppet_config already
works and is supported with docker-puppet.py. However, the validation in
yaml-validate.py does not allow it. This patch makes it allowed by the
validation.

It is sometimes necessary since some puppet modules expect to make
persistent file system changes other than just configuration data under
/etc.

In particular, ironic inspector expects to configure a http and tftp
root director with an ipxe configuration. See:
https://github.com/openstack/puppet-ironic/blob/master/manifests/inspector.pp
These changes would be lost if the value for those directories are not
mounted as host volumes.

Change-Id: Ie51c653f4c666fbaaef0ea80990e2e61f4b1353b

7 years agoMerge "Add missing xinetd/rsync container for Swift"
Jenkins [Fri, 30 Jun 2017 04:12:32 +0000 (04:12 +0000)]
Merge "Add missing xinetd/rsync container for Swift"

7 years agoMerge "Add detach to docker-toool"
Jenkins [Fri, 30 Jun 2017 03:52:38 +0000 (03:52 +0000)]
Merge "Add detach to docker-toool"

7 years agoMerge "Add README to ci/environments directory"
Jenkins [Fri, 30 Jun 2017 03:00:31 +0000 (03:00 +0000)]
Merge "Add README to ci/environments directory"

7 years agoMerge "Add release note for generated sample environments"
Jenkins [Fri, 30 Jun 2017 01:08:40 +0000 (01:08 +0000)]
Merge "Add release note for generated sample environments"