Jenkins [Tue, 18 Apr 2017 22:53:25 +0000 (22:53 +0000)]
Merge "SSH known_hosts config"
Jenkins [Tue, 18 Apr 2017 20:55:04 +0000 (20:55 +0000)]
Merge "Run token flush cron job hourly by default"
Jenkins [Tue, 18 Apr 2017 14:22:59 +0000 (14:22 +0000)]
Merge "Support for external swift proxy"
Jenkins [Tue, 18 Apr 2017 12:58:04 +0000 (12:58 +0000)]
Merge "Fix nova-compute service name in upgrade steps"
Jenkins [Tue, 18 Apr 2017 12:25:50 +0000 (12:25 +0000)]
Merge "Non-ha multinode environment for container upgrade job"
Jenkins [Tue, 18 Apr 2017 11:51:41 +0000 (11:51 +0000)]
Merge "Add RoleNetIpMap output to overcloud.j2.yaml"
Juan Antonio Osorio Robles [Wed, 12 Apr 2017 11:31:53 +0000 (14:31 +0300)]
Run token flush cron job hourly by default
Running this job once a day has proven problematic for large
deployments as seen in the bug report. Setting it to run hourly
would be an improvement to the current situation, as the flushes
wouldn't need to process as much data.
Note that this only affects people using UUID as the token provider.
Change-Id: I462e4da2bfdbcba0403ecde5d613386938e2283a
Related-Bug: #
1649616
Luca Lorenzetto [Fri, 14 Apr 2017 09:20:58 +0000 (11:20 +0200)]
Support for external swift proxy
Users may have an external swift proxy already available (i.e. radosgw
from already existing ceph, or hardware appliance implementing swift
proxy). With this change user may specify an environment file that
registers the specified urls as endpoint for the object-store service.
The internal swift proxy is left as unconfigured.
Change-Id: I5e6f0a50f26d4296565f0433f720bfb40c5d2109
Depends-On: Ia568c3a5723d8bd8c2c37dbba094fc8a83b9d67e
Dan Prince [Mon, 17 Apr 2017 01:38:33 +0000 (21:38 -0400)]
Revert "Use httpd in Zaqar docker service"
This reverts commit
57a26486128982c9887edd02eb8897045215b10a.
Change-Id: I1bbe16a1a7a382ae0c898bd19cd64d3d49aa84c7
Closes-bug: #
1683210
Jenkins [Fri, 14 Apr 2017 15:27:48 +0000 (15:27 +0000)]
Merge "Allow for update after RHEL registration"
Jenkins [Thu, 13 Apr 2017 21:28:14 +0000 (21:28 +0000)]
Merge "Add name and description fields to plan-environment.yaml"
Oliver Walsh [Fri, 24 Mar 2017 14:35:09 +0000 (14:35 +0000)]
SSH known_hosts config
Fetch the host public keys from each node, combine them all and write to the
system-wide ssh known hosts. The alternative of disabling host key
verification is vulnerable to a MITM attack.
Change-Id: Ib572b5910720b1991812256e68c975f7fbe2239c
Jenkins [Thu, 13 Apr 2017 17:29:59 +0000 (17:29 +0000)]
Merge "Add tags to roles"
Jenkins [Thu, 13 Apr 2017 15:46:27 +0000 (15:46 +0000)]
Merge "Use comma_delimited_list for token flush cron time settings"
Jenkins [Thu, 13 Apr 2017 14:00:15 +0000 (14:00 +0000)]
Merge "Do not log errors on non-existing container"
Jenkins [Thu, 13 Apr 2017 12:51:50 +0000 (12:51 +0000)]
Merge "Add Docker to services list in multinode CI environments"
Jiri Stransky [Thu, 13 Apr 2017 09:11:35 +0000 (11:11 +0200)]
Fix nova-compute service name in upgrade steps
Previously Ansible upgrade steps failed with: Could not find the
requested service nova-compute: cannot disable.
Change-Id: I14e8bc89aca0a3f7308d88488b431e23251cc043
Closes-Bug: #
1682373
Jenkins [Wed, 12 Apr 2017 20:09:14 +0000 (20:09 +0000)]
Merge "Update Dell EMC Cinder back end services"
Jenkins [Wed, 12 Apr 2017 18:04:48 +0000 (18:04 +0000)]
Merge "yum_update.sh - Use the yum parameter: check-update"
Jenkins [Wed, 12 Apr 2017 16:39:56 +0000 (16:39 +0000)]
Merge "Add upgrade tasks for gnocchi container services"
Jenkins [Wed, 12 Apr 2017 16:39:47 +0000 (16:39 +0000)]
Merge "Add IPv6 disable option"
Jenkins [Wed, 12 Apr 2017 16:39:40 +0000 (16:39 +0000)]
Merge "Use httpd in Zaqar docker service"
Jenkins [Wed, 12 Apr 2017 15:28:00 +0000 (15:28 +0000)]
Merge "Add composable role support for NetApp Cinder back end"
Ana Krivokapic [Tue, 28 Mar 2017 15:48:12 +0000 (17:48 +0200)]
Add name and description fields to plan-environment.yaml
Change-Id: I99b96343742ee5c40d8786e26b2336427e225c82
Implements: blueprint update-plan-environment-yaml
Jenkins [Wed, 12 Apr 2017 14:18:57 +0000 (14:18 +0000)]
Merge "Bind mount directories that contain the key/certs for keystone"
Jenkins [Wed, 12 Apr 2017 14:18:50 +0000 (14:18 +0000)]
Merge "docker/all: Bind-mount OpenSSL CA bundle"
Jenkins [Wed, 12 Apr 2017 14:17:36 +0000 (14:17 +0000)]
Merge "Change the directory for httpd certs/keys to be service-specific"
Alex Schultz [Wed, 29 Mar 2017 20:43:45 +0000 (14:43 -0600)]
Add tags to roles
Prior to Ocata, the Controller role was hardcoded for various lookups.
When we switched to having the primary role name being dynamically
pulled from the roles_data.yaml using the first role as the primary
role as part of I36df7fa86c2ff40026d59f02248af529a4a81861, it
introduced a regression for folks who had previously been using
a custom roles file without the Controller being listed first.
Instead of relying on the position of the role in the roles data, this
change adds the concepts of tags to the role data that can be used when
looking for specific functionality within the deployment process. If
no roles are specified with this the tags indicating a 'primary'
'controller', it will fall back to using the first role listed in the
roles data as the primary role.
Change-Id: Id3377e7d7dcc88ba9a61ca9ef1fb669949714f65
Closes-Bug: #
1677374
Jiri Stransky [Wed, 12 Apr 2017 11:55:59 +0000 (13:55 +0200)]
Non-ha multinode environment for container upgrade job
Non-working containers upgrade CI is caused by the fact that all
multinode jobs deploy pacemaker environments.
Currently we cannot upgrade Pacemakerized deployments
anyway (containerization of pacemakerized services is WIP), upgrades
have only been tested with non-Pacemaker deployments so far.
We need a new environment which will not try deploying in a
pacemakerized way. When pacemaker-managed services are containerized, we
can change the job to upgrade an HA deployment (or single-node "HA" at
least), and perhaps even get rid of the environment file introduced
here, and reuse multinode.yaml.
Change-Id: Ie635b1b3a0b91ed5305f38d3c76f6a961efc1d30
Closes-Bug: #
1682051
Juan Antonio Osorio Robles [Wed, 12 Apr 2017 11:30:27 +0000 (14:30 +0300)]
Use comma_delimited_list for token flush cron time settings
This allows us to better configure these parametes, e.g. we could set
the cron job to run more times per day, and not just one.
Change-Id: I0a151808804809c0742bcfa8ac876e22f5ce5570
Closes-Bug: #
1682097
Juan Antonio Osorio Robles [Fri, 24 Mar 2017 10:52:40 +0000 (12:52 +0200)]
Bind mount directories that contain the key/certs for keystone
This is only done when TLS-everywhere is enabled, and depends on those
directories being exclusive for services that run over httpd. Which is
the commit this is on top of.
Also, an environment file was added that's similar to
environments/docker.yaml. The difference is that this one will contain
the services that can run containerized with TLS-everywhere. This file
will be updated as more services get support for this.
bp tls-via-certmonger-containers
Change-Id: I87bf59f2c33de6cf2d4ce0679a5e0e22bc24bf78
Juan Antonio Osorio Robles [Tue, 11 Apr 2017 11:43:06 +0000 (11:43 +0000)]
docker/all: Bind-mount OpenSSL CA bundle
The containers also need to trust the CA's that the overcloud node
trusts, else we'll get SSL verification failures.
bp tls-via-certmonger-containers
Change-Id: I7d3412a6273777712db2c90522e365c413567c49
Jenkins [Wed, 12 Apr 2017 02:22:11 +0000 (02:22 +0000)]
Merge "Grouped all the Operational tools"
Jenkins [Tue, 11 Apr 2017 22:22:14 +0000 (22:22 +0000)]
Merge "Add missing name properties on deloyment resources"
Steven Hardy [Tue, 11 Apr 2017 15:26:39 +0000 (16:26 +0100)]
Add RoleNetIpMap output to overcloud.j2.yaml
To enable easier detection of the IPs associated with nodes (such
as to enable the tripleo-validations ansible inventory to work with
custom roles more easily) expose the data we already have about the
nodes/roles and the list of IPs for each network.
Change-Id: I5667a142f47fbff120c703bedadd8b6e163c9480
Dan Prince [Tue, 11 Apr 2017 13:14:38 +0000 (09:14 -0400)]
docker: use noop_resource for Nova_cell_v2
Per puppet-nova commit
2c743a6bff5b17a85d1e0500f3a9ecb21468204e
there is now a custom resource for Nova_cell_v2 configuration.
As this resource runs automatically regardless of our use
of puppet tags we need to explicitly disable it to be able to
generate Nova API configs for docker.
Change-Id: Id675dc124464acddc3fc5a88b017a351e93ba685
Closes-bug: #
1681841
Juan Antonio Osorio Robles [Fri, 24 Mar 2017 10:38:33 +0000 (12:38 +0200)]
Change the directory for httpd certs/keys to be service-specific
This moves the directories containing the certs/keys for httpd one step
further inside the hierarchy. This way we will be able to bind-mount
this certificate into the container without bind-mounting any other
certs/keys from other services.
bp tls-via-certmonger-containers
Change-Id: Ibe6e66ae4589b9eab7db330dd8b178e0f8775639
Depends-On: I0b71902358b754fa8bd7fdbb213479503c87aa46
Jenkins [Tue, 11 Apr 2017 11:03:13 +0000 (11:03 +0000)]
Merge "Decouple Swift ringbuilding logic"
Jiri Stransky [Tue, 11 Apr 2017 08:51:41 +0000 (10:51 +0200)]
Add Docker to services list in multinode CI environments
We need the service to be present to run jobs involving containers. Note
that this is effectively a no-op for the current CI jobs, as by default
the Docker service is mapped to OS::Heat::None. Docker will actually be
deployed only if environments/docker.yaml is included in the deploy
command.
Change-Id: I97a35e30e428ff64feeb411bf63dbb7aa54f9829
Martin André [Tue, 11 Apr 2017 07:29:52 +0000 (09:29 +0200)]
Do not log errors on non-existing container
This is cluttering up the logs with useless error messages, making it
more difficult than necessary to debug the CI job.
Change-Id: Icbdc4c74d99fea39b8722955dab56e5f538849aa
zshi [Thu, 6 Apr 2017 10:11:26 +0000 (18:11 +0800)]
Add IPv6 disable option
This will give user the ability to set these values,
if IPv6 is not to be used, it's recommended that it be
disabled to reduce the attack surface of the system.
Change-Id: Ib3142cce49b93a421ca142a59961ce49a77e66b1
Co-Authored-By: Luke Hinds <lhinds@redhat.com>
Signed-off-by: zshi <zshi@redhat.com>
Jenkins [Tue, 11 Apr 2017 07:09:54 +0000 (07:09 +0000)]
Merge "Replace references to the 192.0.2 network"
Jenkins [Mon, 10 Apr 2017 22:52:09 +0000 (22:52 +0000)]
Merge "Add BGPVPN services to scenario004"
Jenkins [Mon, 10 Apr 2017 18:10:37 +0000 (18:10 +0000)]
Merge "metadatahook: Use coalesce to handle null values"
Alan Bishop [Mon, 10 Apr 2017 16:37:13 +0000 (12:37 -0400)]
Update Dell EMC Cinder back end services
Add services for Dell EMC Cinder back ends to the resource registry
and to the Controller role (defaulting to OS::Heat::None).
Closes-Bug: #
1681497
Change-Id: I694fd7738abd3601851bdcd38e3633607ce6152c
Alan Bishop [Mon, 10 Apr 2017 15:11:58 +0000 (11:11 -0400)]
Add composable role support for NetApp Cinder back end
Convert NetApp Cinder back end to support composable roles via new
"CinderBackendNetApp" service.
Closes-Bug: #
1680568
Change-Id: Ia3a78a48c32997c9d3cbe1629c2043cfc5249e1c
Jenkins [Mon, 10 Apr 2017 15:09:28 +0000 (15:09 +0000)]
Merge "Remove yaql call when building logging_groups"
Pradeep Kilambi [Tue, 14 Mar 2017 19:15:46 +0000 (15:15 -0400)]
Add upgrade tasks for gnocchi container services
Change-Id: I43c35bbf959e5dcdd7e87a8f6a604d5fe5b4f2a9
Jenkins [Mon, 10 Apr 2017 12:25:56 +0000 (12:25 +0000)]
Merge "sensu: fix upgrade case when service is added"
Giulio Fidente [Fri, 7 Apr 2017 08:51:08 +0000 (10:51 +0200)]
Replace references to the 192.0.2 network
Following change I1393d65ffb20b1396ff068def237418958ed3289 the ctlplane
network will be 192.168.24 by default and not 192.0.2 anymore.
This change removes old references left to 192.0.2 network from the
overcloud templates.
Change-Id: I1986721d339887741038b6cd050a46171a4d8022
Jenkins [Mon, 10 Apr 2017 11:05:20 +0000 (11:05 +0000)]
Merge "Timeout early on pcs cluster status check0 during upgrade."
Juan Antonio Osorio Robles [Mon, 10 Apr 2017 10:53:13 +0000 (13:53 +0300)]
metadatahook: Use coalesce to handle null values
This uses the coalesce function to take null values into account, else
these resources will fail validation.
Change-Id: Iaf4218dd731826f80b76ff8f7a902adc8c865be5
Closes-Bug: #
1681332
Thomas Herve [Mon, 20 Mar 2017 17:07:37 +0000 (18:07 +0100)]
Remove yaql call when building logging_groups
yaql calls are fairly expensive. Let's try to not nest them when we can
avoid it.
Change-Id: I5e7dbc42be625bbfe7989867794a67ebae08687d
Christian Schwede [Mon, 20 Feb 2017 21:22:25 +0000 (21:22 +0000)]
Decouple Swift ringbuilding logic
This reverts commit
b323f8a16035549d84cdec4718380bde3d23d6c3 and uses
the new logic in puppet-tripleo (see Ifd6fa5b398d98e8998630ea0c9a2ce9867ceba2b
), basically doing the same.
Closes-Bug:
1665641
Change-Id: Ib5cb0578be2993af0a0b8675005d838640bdb139
Jenkins [Fri, 7 Apr 2017 22:36:25 +0000 (22:36 +0000)]
Merge "Avoid awk error in hosts-config.sh for large deployments"
Jenkins [Fri, 7 Apr 2017 21:36:45 +0000 (21:36 +0000)]
Merge "Prepare 7.0.0.0b1 (pike-1)"
Jenkins [Fri, 7 Apr 2017 21:35:39 +0000 (21:35 +0000)]
Merge "Update ceph-rgw acccepted roles to fix OSP upgrade"
Emilien Macchi [Fri, 7 Apr 2017 18:49:28 +0000 (14:49 -0400)]
Prepare 7.0.0.0b1 (pike-1)
Change-Id: I93de22a4aa2d90966c24349e765475576947f2e0
Jenkins [Fri, 7 Apr 2017 16:51:35 +0000 (16:51 +0000)]
Merge "Add Docker service to all roles"
Emilien Macchi [Fri, 7 Apr 2017 15:54:48 +0000 (11:54 -0400)]
sensu: fix upgrade case when service is added
When service is added during an upgrade, fix the ansible syntax
to use the right variable for return code.
Change-Id: I974699fb8b0dcbe5ffa6935c394df4ac8e7b21d4
Sofer Athlan-Guyot [Thu, 6 Apr 2017 14:55:08 +0000 (16:55 +0200)]
Timeout early on pcs cluster status check0 during upgrade.
There is a windows for the pcs cluster status to hang forever[1]. We
add a timeout during check0 to avoid this situation. 2 minutes should
be more than enought to get all the pcsd nodes to reply.
[1] https://bugzilla.redhat.com/show_bug.cgi?id=
1292858
Closes-Bug: #
1680477
Change-Id: Icb3dc76e031a3d4f26294f37d169f2f61d30973e
Jenkins [Fri, 7 Apr 2017 15:28:28 +0000 (15:28 +0000)]
Merge "Add password to authtoken section in congress.conf"
Jenkins [Fri, 7 Apr 2017 15:27:31 +0000 (15:27 +0000)]
Merge "Add support for "neutron" Ironic networking plugin"
Alex Schultz [Fri, 24 Mar 2017 16:33:48 +0000 (10:33 -0600)]
Allow for update after RHEL registration
Adds the ability to perform a yum update after performing the RHEL
registration.
Change-Id: Id84d156cd28413309981d5943242292a3a6fa807
Partial-Bug: #
1640894
Jiri Stransky [Thu, 6 Apr 2017 13:32:23 +0000 (15:32 +0200)]
Add Docker service to all roles
This will add the Docker service to all roles. Note that currently by
default the Docker service is mapped to OS::Heat::None by default. It
will only be deployed if environments/docker.yaml file is included in
the deployment.
Change-Id: I9d8348b7b6576b94c872781bc89fecb42075cde0
Related-Bug: #
1680395
Jenkins [Fri, 7 Apr 2017 10:09:42 +0000 (10:09 +0000)]
Merge "ovn: Add missing configurations required"
Steven Hardy [Fri, 7 Apr 2017 09:50:39 +0000 (10:50 +0100)]
Avoid awk error in hosts-config.sh for large deployments
This ports the fixes made to the legacy 51-hosts script, which this
script is derived from, to tht.
See related t-i-e patch Ibe0a9f6ec10d55750e3b0e16301236141f988d69
Change-Id: Ide922af93a5d185bd592e220327326f1d244c4e2
Closes-Bug: #
1674732
Tomofumi Hayashi [Fri, 7 Apr 2017 09:38:21 +0000 (18:38 +0900)]
Add password to authtoken section in congress.conf
Current puppet module miss password section hence congress is not
available due to missing password in congress.conf. This fix is to
add password.
Change-Id: I277c03ca93130a0337d5085f09c375fb0ac9331d
Signed-off-by: Tomofumi Hayashi <s1061123@gmail.com>
Carlos Camacho [Thu, 9 Mar 2017 10:22:39 +0000 (11:22 +0100)]
Add BGPVPN services to scenario004
This submission will enable the BGPVPN API
on scenario004.
This addition to scenario004 does not
provide any sanity check for the Neutron API
extension. At this stage is meant to
install the required packages and prerequisites,
configure the extension and
having the services started correctly.
In the README.rst file, this is displayed as
neutron-bgpvpn, so for further integrations
should be added as neutron-<extension_name>
for an easier reading.
Depends-On: I4d0617b0d7801426ea6827e70f5f31f10bbcc038
Depends-On: I2be0fab671ec1a804d029afc6dc27d19a193b064
Change-Id: I6c257417a9231c44e13535bc408d67d2a3cacbf8
Jenkins [Fri, 7 Apr 2017 08:26:38 +0000 (08:26 +0000)]
Merge "Fix conntrack proto sctp module"
Jenkins [Thu, 6 Apr 2017 23:54:13 +0000 (23:54 +0000)]
Merge "Adds Horizon secure cookie map."
Jenkins [Thu, 6 Apr 2017 23:18:12 +0000 (23:18 +0000)]
Merge "Fixing acronym for BGPVPN composable service"
Jenkins [Thu, 6 Apr 2017 23:17:17 +0000 (23:17 +0000)]
Merge "Add trigger to setup a LDAP backend as keystone domaine"
Jenkins [Thu, 6 Apr 2017 23:16:17 +0000 (23:16 +0000)]
Merge "Adds service for managing securetty"
Jenkins [Thu, 6 Apr 2017 20:16:29 +0000 (20:16 +0000)]
Merge "Use the local collector to bootstrap deployed servers"
Alex Schultz [Thu, 6 Apr 2017 19:30:09 +0000 (13:30 -0600)]
Fix conntrack proto sctp module
ip_conntrack_proto_sctp is the old name for the module and it is now
nf_conntrack_proto_sctp. In order for the kmod module to not keep trying
to modprobe the module, we need to use the correct name.
Change-Id: Ieaed235e71e9e6e41a46d9be0e02beb8f4341b1a
Closes-Bug: #
1680579
Jenkins [Thu, 6 Apr 2017 16:35:30 +0000 (16:35 +0000)]
Merge "Disable ceilometer API"
Jenkins [Thu, 6 Apr 2017 16:35:16 +0000 (16:35 +0000)]
Merge "Use kolla api to set ownership"
Jenkins [Thu, 6 Apr 2017 12:44:21 +0000 (12:44 +0000)]
Merge "Don't disable satellite repo after registration"
lhinds [Thu, 23 Mar 2017 13:41:42 +0000 (13:41 +0000)]
Adds service for managing securetty
This adds the ability to manage the securetty file.
By allowing management of securetty, operators can limit root
console access and improve security through hardening.
Change-Id: I0767c9529b40a721ebce1eadc2dea263e0a5d4d7
Partial-Bug: #
1665042
Depends-On: Ic4647fb823bd112648c5b8d102913baa8b4dac1c
Jenkins [Thu, 6 Apr 2017 10:50:37 +0000 (10:50 +0000)]
Merge "docker-puppet.py fail if any worker fails"
Jenkins [Thu, 6 Apr 2017 10:35:52 +0000 (10:35 +0000)]
Merge "Add manual ovs upgrade script for workaround ovs upgrade issue"
Jenkins [Thu, 6 Apr 2017 10:03:11 +0000 (10:03 +0000)]
Merge "Enforce upgrade_batch_tasks before upgrade_tasks order"
Jenkins [Thu, 6 Apr 2017 09:42:27 +0000 (09:42 +0000)]
Merge "add configurable timeouts for DB sync"
Jenkins [Thu, 6 Apr 2017 09:41:56 +0000 (09:41 +0000)]
Merge "Remove "Core" Service from the CI Environment file"
Jenkins [Thu, 6 Apr 2017 09:41:00 +0000 (09:41 +0000)]
Merge "Add network sysctl tweaks for security"
Jenkins [Thu, 6 Apr 2017 09:10:48 +0000 (09:10 +0000)]
Merge "Add monitoring agents deployment to CI"
Jenkins [Thu, 6 Apr 2017 08:10:28 +0000 (08:10 +0000)]
Merge "Ensure upgrade step orchestration accross roles."
Numan Siddique [Thu, 16 Feb 2017 04:32:57 +0000 (10:02 +0530)]
ovn: Add missing configurations required
This patch adds
- setting nova config param 'force_config_meta' to True
as metadata service is not supported by OVN yet.
- Add the necessary iptables rules to allow ovsdb-server
traffic for Northbound and Southboud databases.
- Update the release notes for OVN.
Change-Id: If1a2d07d66e493781b74aab2fc9b76a6d58f3842
Closes-bug: #
1670562
Cyril Lopez [Thu, 30 Mar 2017 13:48:14 +0000 (15:48 +0200)]
Add trigger to setup a LDAP backend as keystone domaine
It is using a trigger tripleo::profile::base::keystone::ldap_backend_enable in puppet-tripleo
who will call a define in puppet-keysone ldap_backend.pp.
Given the following environment:
parameter_defaults:
KeystoneLDAPDomainEnable: true
KeystoneLDAPBackendConfigs:
tripleoldap:
url: ldap://192.0.2.250
user: cn=openstack,ou=Users,dc=redhat,dc=example,dc=com
password: Secrete
suffix: dc=redhat,dc=example,dc=com
user_tree_dn: ou=Users,dc=redhat,dc=example,dc=com
user_filter: "(memberOf=cn=OSuser,ou=Groups,dc=redhat,dc=example,dc=com)"
user_objectclass: person
user_id_attribute: cn
user_allow_create: false
user_allow_update: false
user_allow_delete: false
ControllerExtraConfig:
nova::keystone::authtoken::auth_version: v3
cinder::keystone::authtoken::auth_version: v3
It would then create a domain called tripleoldap with an LDAP
configuration as defined by the hash. The parameters from the
hash are defined by the keystone::ldap_backend resource in
puppet-keystone.
More backends can be added as more entries to that hash.
This also enables multi-domain support for horizon.
Closes-Bug:
1677603
Co-Authored-By: Juan Antonio Osorio Robles <jaosorior@redhat.com>
Depends-On: I1593c6a33ed1a0ea51feda9dfb6e1690eaeac5db
Change-Id: I6c815e4596d595bfa2a018127beaf21249a10643
Signed-off-by: Cyril Lopez <cylopez@redhat.com>
Saravanan KR [Wed, 5 Apr 2017 11:59:52 +0000 (17:29 +0530)]
Remove "Core" Service from the CI Environment file
OS::TripleO::Services::Core is still referenced in the CI roles
enviornment file. Because of which CI is failing when service
template is modified. Removing the obsolete service.
Closes-Bug: #
1680043
Change-Id: I168452fa5c2e6d6d8fdf829b9b02996d9ca5532a
Jenkins [Thu, 6 Apr 2017 03:38:42 +0000 (03:38 +0000)]
Merge "Add logging agents deployment to CI"
Jenkins [Thu, 6 Apr 2017 02:10:20 +0000 (02:10 +0000)]
Merge "Add parameters for internal TLS for swift proxy"
Jenkins [Wed, 5 Apr 2017 22:27:34 +0000 (22:27 +0000)]
Merge "Ironic containers: chown /var/lib/ironic correctly"
Mike Bayer [Tue, 3 Jan 2017 16:55:56 +0000 (11:55 -0500)]
add configurable timeouts for DB sync
This patch integrates with the db_sync_timeout
parameter recently added to puppet-nova
and puppet-neutron in
I6b30a4d9e3ca25d9a473e4eb614a8769fa4567e7, which allow for the full
db_sync install to have more time than just Pupppet's
default of 300 seconds. Ultimately, similar timeouts
can be added for all other projects that feature
db sync phases, however Nova and Neutron are currently
the ones that are known to time out in some
environments.
Closes-bug: #
1661100
Change-Id: Ic47439a0a774e3d74e844d43b58956da8d1887da
Matthew Flusche [Mon, 27 Feb 2017 22:11:37 +0000 (22:11 +0000)]
yum_update.sh - Use the yum parameter: check-update
The current check tends to produce a false positive causing unnecessary
service restarts. yum check-update will exit with return code 100 if
updated packages are available.
Change-Id: I8bd89f2b24bafc6c991382b9eb484cfa9a2f8968
Dan Prince [Wed, 29 Mar 2017 02:29:30 +0000 (22:29 -0400)]
Ironic containers: chown /var/lib/ironic correctly
This updates the docker version of ironic-conductor.yaml so
that it sets permissions on the entire /var/lib/ironic
tree correctly. Since
1a4ece16cea40075fe7332ed048b9c289b3ff424
we bind mount in /var/lib/ironic from the host (created via
Ansible if it didn't already exist). This caused a subtle
permissions issue in that the Ironic conductor service
can no longer create sub-directories it needs to operate.
Change-Id: I1eb6b5ddad7cd89ee887e2e429ebe245aa7b80dc
Closes-bug:
1677086
Jenkins [Wed, 5 Apr 2017 16:08:48 +0000 (16:08 +0000)]
Merge "Add l2gw neutron service plugin support"
Jenkins [Wed, 5 Apr 2017 16:02:15 +0000 (16:02 +0000)]
Merge "Addition of firewall rules for Nuage"
Jenkins [Wed, 5 Apr 2017 14:23:49 +0000 (14:23 +0000)]
Merge "Disable core dump for setuid programs"
Code Review / apex-tripleo-heat-templates.git / log