aboutsummaryrefslogtreecommitdiffstats
diff options
context:
space:
mode:
-rw-r--r--manifests/haproxy.pp6
-rw-r--r--manifests/profile/base/aodh/api.pp2
-rw-r--r--manifests/profile/base/database/mongodb.pp11
-rw-r--r--manifests/profile/base/etcd.pp7
-rw-r--r--manifests/profile/base/heat/api.pp2
-rw-r--r--manifests/profile/base/heat/api_cfn.pp2
-rw-r--r--manifests/profile/base/heat/api_cloudwatch.pp2
-rw-r--r--manifests/profile/base/horizon.pp2
-rw-r--r--releasenotes/notes/add-tunnel-timeout-for-haproxy-ui-0705dfd671f9f487.yaml6
-rw-r--r--releasenotes/notes/fix-horizon-configuration-during-updates-aecfab9a4aa8770b.yaml6
-rw-r--r--releasenotes/notes/restrict-mongodb-memory-c19d69638b63feb4.yaml6
-rw-r--r--spec/classes/tripleo_profile_base_aodh_api_spec.rb8
-rw-r--r--spec/classes/tripleo_profile_base_horizon_spec.rb57
-rw-r--r--spec/fixtures/hieradata/default.yaml1
14 files changed, 102 insertions, 16 deletions
diff --git a/manifests/haproxy.pp b/manifests/haproxy.pp
index 92edd71..ca83407 100644
--- a/manifests/haproxy.pp
+++ b/manifests/haproxy.pp
@@ -1595,6 +1595,12 @@ class tripleo::haproxy (
server_names => $controller_hosts_names_real,
mode => 'http',
public_ssl_port => $ports[ui_ssl_port],
+ listen_options => {
+ # NOTE(dtrainor): in addition to the zaqar_ws endpoint, the HTTPS
+ # (443/tcp) endpoint that answers for the UI must also use a long-lived
+ # tunnel timeout for the same reasons mentioned above.
+ 'timeout' => ['tunnel 3600s'],
+ },
}
}
if $contrail_config {
diff --git a/manifests/profile/base/aodh/api.pp b/manifests/profile/base/aodh/api.pp
index 0834536..22fc000 100644
--- a/manifests/profile/base/aodh/api.pp
+++ b/manifests/profile/base/aodh/api.pp
@@ -66,7 +66,7 @@ class tripleo::profile::base::aodh::api (
}
- if $step >= 4 {
+ if $step >= 3 {
include ::aodh::api
class { '::aodh::wsgi::apache':
ssl_cert => $tls_certfile,
diff --git a/manifests/profile/base/database/mongodb.pp b/manifests/profile/base/database/mongodb.pp
index 8967f5b..4740d67 100644
--- a/manifests/profile/base/database/mongodb.pp
+++ b/manifests/profile/base/database/mongodb.pp
@@ -30,10 +30,15 @@
# for more details.
# Defaults to hiera('step')
#
+# [*memory_limit*]
+# (Optional) Limit amount of memory mongodb can use
+# Defaults to 20G
+#
class tripleo::profile::base::database::mongodb (
$mongodb_replset,
$bootstrap_node = downcase(hiera('bootstrap_nodeid')),
$step = hiera('step'),
+ $memory_limit = '20G',
) {
if $step >= 2 {
@@ -56,5 +61,11 @@ class tripleo::profile::base::database::mongodb (
}
}
+ # Limit memory utilization
+ ::systemd::service_limits { 'mongod.service':
+ limits => {
+ 'MemoryLimit' => $memory_limit
+ }
+ }
}
}
diff --git a/manifests/profile/base/etcd.pp b/manifests/profile/base/etcd.pp
index 505e29f..fc4771f 100644
--- a/manifests/profile/base/etcd.pp
+++ b/manifests/profile/base/etcd.pp
@@ -47,19 +47,12 @@ class tripleo::profile::base::etcd (
$step = hiera('step'),
) {
if $step >= 1 {
- if count($nodes) > 1 {
- $cluster_enabled = true
- } else {
- $cluster_enabled = false
- }
-
class {'::etcd':
listen_client_urls => "http://${bind_ip}:${client_port}",
advertise_client_urls => "http://${bind_ip}:${client_port}",
listen_peer_urls => "http://${bind_ip}:${peer_port}",
initial_advertise_peer_urls => "http://${bind_ip}:${peer_port}",
initial_cluster => regsubst($nodes, '.+', "\\0=http://\\0:${peer_port}"),
- cluster_enabled => $cluster_enabled,
proxy => 'off',
}
}
diff --git a/manifests/profile/base/heat/api.pp b/manifests/profile/base/heat/api.pp
index f35735b..8e2da7e 100644
--- a/manifests/profile/base/heat/api.pp
+++ b/manifests/profile/base/heat/api.pp
@@ -63,7 +63,7 @@ class tripleo::profile::base::heat::api (
$tls_keyfile = undef
}
- if $step >= 4 {
+ if $step >= 3 {
include ::heat::api
class { '::heat::wsgi::apache_api':
ssl_cert => $tls_certfile,
diff --git a/manifests/profile/base/heat/api_cfn.pp b/manifests/profile/base/heat/api_cfn.pp
index 2545dbc..02eb82a 100644
--- a/manifests/profile/base/heat/api_cfn.pp
+++ b/manifests/profile/base/heat/api_cfn.pp
@@ -63,7 +63,7 @@ class tripleo::profile::base::heat::api_cfn (
$tls_keyfile = undef
}
- if $step >= 4 {
+ if $step >= 3 {
include ::heat::api_cfn
class { '::heat::wsgi::apache_api_cfn':
diff --git a/manifests/profile/base/heat/api_cloudwatch.pp b/manifests/profile/base/heat/api_cloudwatch.pp
index 872de8d..558d247 100644
--- a/manifests/profile/base/heat/api_cloudwatch.pp
+++ b/manifests/profile/base/heat/api_cloudwatch.pp
@@ -63,7 +63,7 @@ class tripleo::profile::base::heat::api_cloudwatch (
$tls_keyfile = undef
}
- if $step >= 4 {
+ if $step >= 3 {
include ::heat::api_cloudwatch
class { '::heat::wsgi::apache_api_cloudwatch':
diff --git a/manifests/profile/base/horizon.pp b/manifests/profile/base/horizon.pp
index 278c25c..10eaaa6 100644
--- a/manifests/profile/base/horizon.pp
+++ b/manifests/profile/base/horizon.pp
@@ -31,7 +31,7 @@ class tripleo::profile::base::horizon (
$step = hiera('step'),
$neutron_options = hiera('horizon::neutron_options', {}),
) {
- if $step >= 4 {
+ if $step >= 3 {
# Horizon
include ::apache::mod::remoteip
include ::apache::mod::status
diff --git a/releasenotes/notes/add-tunnel-timeout-for-haproxy-ui-0705dfd671f9f487.yaml b/releasenotes/notes/add-tunnel-timeout-for-haproxy-ui-0705dfd671f9f487.yaml
new file mode 100644
index 0000000..a1a04c1
--- /dev/null
+++ b/releasenotes/notes/add-tunnel-timeout-for-haproxy-ui-0705dfd671f9f487.yaml
@@ -0,0 +1,6 @@
+---
+fixes:
+ - |
+ Add a tunnel timeout to the HAProxy tripleo-ui configuration to ensure
+ Zaqar WebSocket tunnels persist longer than two minutes
+ https://bugs.launchpad.net/tripleo/+bug/1672826
diff --git a/releasenotes/notes/fix-horizon-configuration-during-updates-aecfab9a4aa8770b.yaml b/releasenotes/notes/fix-horizon-configuration-during-updates-aecfab9a4aa8770b.yaml
new file mode 100644
index 0000000..5c200dd
--- /dev/null
+++ b/releasenotes/notes/fix-horizon-configuration-during-updates-aecfab9a4aa8770b.yaml
@@ -0,0 +1,6 @@
+---
+fixes:
+ - |
+ Fixes horizon getting temporarily deconfigured during a stack update due
+ to the apache configuration occuring in step 3 but the horizon
+ configuration not occuring until step 4.
diff --git a/releasenotes/notes/restrict-mongodb-memory-c19d69638b63feb4.yaml b/releasenotes/notes/restrict-mongodb-memory-c19d69638b63feb4.yaml
new file mode 100644
index 0000000..1186bb9
--- /dev/null
+++ b/releasenotes/notes/restrict-mongodb-memory-c19d69638b63feb4.yaml
@@ -0,0 +1,6 @@
+---
+fixes:
+ - Add a way for mongodb to limit amount of memory it comsumes
+ with systemd. A new param memory_limit has been added to
+ tripleo::profile::base::database::mongodb class with
+ default limit of 20G.
diff --git a/spec/classes/tripleo_profile_base_aodh_api_spec.rb b/spec/classes/tripleo_profile_base_aodh_api_spec.rb
index f2a26bf..a82cf49 100644
--- a/spec/classes/tripleo_profile_base_aodh_api_spec.rb
+++ b/spec/classes/tripleo_profile_base_aodh_api_spec.rb
@@ -22,8 +22,8 @@ describe 'tripleo::profile::base::aodh::api' do
"class { '::tripleo::profile::base::aodh': step => #{params[:step]}, oslomsg_rpc_hosts => ['localhost.localdomain'] }"
end
- context 'with step less than 4' do
- let(:params) { { :step => 3 } }
+ context 'with step less than 3' do
+ let(:params) { { :step => 2 } }
it 'should do nothing' do
is_expected.to contain_class('tripleo::profile::base::aodh::api')
@@ -33,9 +33,9 @@ describe 'tripleo::profile::base::aodh::api' do
end
end
- context 'with step 4' do
+ context 'with step 3' do
let(:params) { {
- :step => 4,
+ :step => 3,
} }
it 'should trigger complete configuration' do
diff --git a/spec/classes/tripleo_profile_base_horizon_spec.rb b/spec/classes/tripleo_profile_base_horizon_spec.rb
new file mode 100644
index 0000000..fb076b8
--- /dev/null
+++ b/spec/classes/tripleo_profile_base_horizon_spec.rb
@@ -0,0 +1,57 @@
+#
+# Copyright (C) 2017 Red Hat, Inc.
+#
+# Licensed under the Apache License, Version 2.0 (the "License"); you may
+# not use this file except in compliance with the License. You may obtain
+# a copy of the License at
+#
+# http://www.apache.org/licenses/LICENSE-2.0
+#
+# Unless required by applicable law or agreed to in writing, software
+# distributed under the License is distributed on an "AS IS" BASIS, WITHOUT
+# WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the
+# License for the specific language governing permissions and limitations
+# under the License.
+#
+
+require 'spec_helper'
+
+describe 'tripleo::profile::base::horizon' do
+ shared_examples_for 'tripleo::profile::base::horizon' do
+ let(:pre_condition) do
+ "class { '::tripleo::profile::base::aodh': step => #{params[:step]}, oslomsg_rpc_hosts => ['localhost.localdomain'] }"
+ end
+
+ context 'with step less than 3' do
+ let(:params) { { :step => 2 } }
+
+ it 'should do nothing' do
+ is_expected.to contain_class('tripleo::profile::base::horizon')
+ is_expected.to_not contain_class('horizon')
+ end
+ end
+
+ context 'with step 3' do
+ let(:params) { {
+ :step => 3,
+ } }
+
+ it 'should trigger complete configuration' do
+ is_expected.to contain_class('horizon')
+ is_expected.to contain_class('apache::mod::remoteip')
+ is_expected.to contain_class('apache::mod::status')
+ end
+ end
+ end
+
+
+ on_supported_os.each do |os, facts|
+ context "on #{os}" do
+ let(:facts) do
+ facts.merge({ :hostname => 'node.example.com' })
+ end
+
+ it_behaves_like 'tripleo::profile::base::horizon'
+ end
+ end
+end
diff --git a/spec/fixtures/hieradata/default.yaml b/spec/fixtures/hieradata/default.yaml
index eadb444..9634e5d 100644
--- a/spec/fixtures/hieradata/default.yaml
+++ b/spec/fixtures/hieradata/default.yaml
@@ -39,3 +39,4 @@ memcached_node_ips:
- '127.0.0.1'
# octavia related items
octavia::rabbit_password: 'password'
+horizon::secret_key: 'secrete'