Age | Commit message (Collapse) | Author | Files | Lines |
|
|
|
1. Move keystone resources management at step 4.
2. Move nova-compute startup at step 5.
That way, we make sure nova-compute will start when all Keystone
resources are ready.
Change-Id: I6e153e11b8519254d2a67b9142bf774a25bce69d
Closes-Bug: #1663273
|
|
Cleanup patch once the THT patch is merged.
Change-Id: Iba439a4758a4728197d7620b764a4f0f2648ee0f
Depends-On: I09b73476762593642a0e011f83f0233de68f2c33
|
|
'https://github.com/midonet/puppet-midonet' doesn't exist anymore, we
need to migrate to 'https://github.com/openstack/puppet-midonet' but
tests will fail.
We need to work with Midokura to get them fixed. In the meantime, let's
disable it.
Change-Id: Id39bc5a8cd229df3e9b597a0a0f3eada838f4953
|
|
|
|
|
|
On compute nodes, instead of binding vnc server on 0.0.0.0, use the IP
address provided by libvirt's t-h-t profile (hiera).
Co-Authored-By: Juan Antonio Osorio Robles <jaosorior@redhat.com>
Depends-On: Ie377c09734e9f6170daa519aed69c53fc67c366b
Change-Id: If6b116b238a52144aad5e76c9edc7df6aa15313c
Closes-Bug: #1660099
|
|
It was suggested by Nova team to not deploying Nova API in WSGI with
Apache in production.
It's causing some issues that we didn't catch until now (see in the bug
report). Until we figure out what was wrong, let's disable it so we can
move forward in the upgrade process.
Related-Bug: 1661360
Co-Authored-By: Juan Antonio Osorio Robles <jaosorior@redhat.com>
Change-Id: Ia87b5bdea79e500ed41c30beb9aa9d6be302e3ac
|
|
|
|
Add support to enable the UI to use paths via mod_proxy to access API
endpoints instead of connecting to each endpoint directly on a port
other than where the UI is served from. This is necessary to prevent
certificate acceptance errors from non-Chrome browsers which take
exception to connections made to other ports on the same hostname, using
one SSL certificate.
This change extends the UI's Apache configuration to create one
mod_proxy location for each of the API endpoints that UI calls upon.
These mod_proxy (using ProxyPass, ProxyPassReverse) endpoints are
configured using new heira variables provided in the dependent commit.
Additionally, this change modifies the default UI configuration file to
include endpoint URLs formatted to use the new endpoint paths that are
created.
Removed puppet variables which were previously used to generate the
contents of the tripleo_ui_config.js template, since they are no longer
used to generate this file, replaced with the new endpoint URLs
formatted to use the new endpoint paths that are created.
Change-Id: I55e375ad462fa98e181277ec0bd88658e620e8ad
Implements: blueprint proxy-undercloud-api-services
Depends-On: Ib20f4b0891563ae90ec80675635a64c39bd2fdb7
|
|
This reverts commit 3f7e74ab24bb43f9ad7e24e0efd4206ac6a3dd4e.
After identifying how to workaround the performance issues on the
undercloud, let's put this back in. Enabling innodb_file_per_table is
important for operators to be able to better manage their databases.
Change-Id: I435de381a0f0e3ef221e498f442335cdce3fb818
Depends-On: I77507c638237072e38d9888aff3da884aeff0b59
Closes-Bug: #1660722
|
|
|
|
|
|
|
|
|
|
|
|
This reverts commit 621ea892a299d2029348db2b56fea1338bd41c48.
We're getting performance problems on SATA disks.
Change-Id: I30312fd5ca3405694d57e6a4ff98b490de388b92
Closes-Bug: #1661396
Related-Bug: #1660722
|
|
6.2.0 will be Ocata RC1.
Change-Id: Ie26ab89ea9c90f6c5d01697459855fd8c32b075f
|
|
|
|
InnoDB uses a single file by default which can grow to be
tens/hundreds of gigabytes, and is not shrinkable even
if data is deleted from the database.
Best practices are that innodb_file_per_table is set to ON
which instead stores each database table in its own file, each of
which is also shrinkable by the InnoDB engine.
Closes-Bug: #1660722
Change-Id: I59ee53f6462a2eeddad72b1d75c77a69322d5de4
|
|
There are some style nits in the recently merged contrail puppet manifests.
Change-Id: Ice5935105e0323cb55e0d018190e6471ade7324a
|
|
These parameters are being deprecated, so we should be using the
transport_url format instead.
Change-Id: I8b7457b6233c4f88af2d7bc1b9304fcccb6edf61
|
|
|
|
Fixes a test failure caused by Ic38d4f9f9a8e69ffcee6ccc4bba9a9ab0f161d0e
which pulls in a class with a required parameter.
Change-Id: I0740290bff0ea7c4af6e3420775ac3e72871d372
|
|
|
|
|
|
|
|
This was wrongly set to service_name while it should have been
server_service_name.
Change-Id: Ia802857cc585bb9b057a02f6a13c16981baa5b76
|
|
|
|
|
|
Since the commit this depends on sets it up via hieradata, the
conditionals here are no longer needed.
bp tls-via-certmonger
Depends-On: I9252512dbf9cf2e3eec50c41bf10629d36070bbd
Change-Id: I37275e42763e103b81878b6af07c750a524c5697
|
|
it's not required in Ocata, let's configure the basic setup for cells.
note: it also cleanup old code that is not valid anymore.
Change-Id: Iac5b2fbe1b03ec7ad4cb8cab2c7694547be6957d
|
|
In current setup some Contrail services belong to the wrong roles.
The Contrail control plane can be impacted if the Analytics database has problems.
Furthermore contrail tripleo puppet modules are being refactored to conform to the
new interface of the puppet-contrail modules.
Closes-Bug: 1659560
Change-Id: Id0dd35b95c5fe9d0fcc1e16c4b7d6cc601f10818
|
|
This patch allows the management of the AuditD service and its associated
files (such as `audit.rules`)
This is achieved by means of the `puppet-auditd` puppet module.
Closes-Bug: #1640302
Co-Authored-By: Luke Hinds (lhinds@redhat.com)
Change-Id: Ie31c063b674075e35e1bfa28d1fc07f3f897407b
|
|
Via bug https://bugs.launchpad.net/tripleo/+bug/1657108 we need
to zero out the default rules in /etc/sysconfig/ip{6}tables in
the image.
We have done this for ipv4, but when we will do it for ipv6 we
will also need to make sure we add a rule for dhcpv6 traffic
as it is shipped in the iptables rpm. (See
https://bugzilla.redhat.com/show_bug.cgi?id=1169036 for more info)
With this change we correctly get the rule present (aka the first
ACCEPT line. The second line is due to the stock ip6tables rule
I had in my testing):
[root@overcloud-controller-0 ~]# iptables -nvL |grep 546
[root@overcloud-controller-0 ~]# ip6tables -nvL |grep 546
0 0 ACCEPT udp * * ::/0 fe80::/64 multiport dports 546 /* 004 accept ipv6 dhcpv6 ipv6 */ state NEW
0 0 ACCEPT udp * * ::/0 fe80::/64 udp dpt:546 state NEW
Change-Id: If22080054b2b1fa7acfd101e8c34d2707e8e7864
Partial-Bug: #1657108
|
|
|
|
|
|
|
|
|
|
Requiring the neutron mechanism driver from hiera is too rigid, if
Neutron is not deployed in the catalog.
Be more flexible so catalog won't fail if the value is not set in Hiera.
Change-Id: I1475687c4dc53c77e763f42a440355a7c8d014bc
Partial-Bug: #1659662
|
|
Follow up patch for I63da4f48da14534fd76265764569e76300534472
to support composable HA for the Ceph rbdmirror daemon.
Change-Id: I3767bee4b1c7849fa85e71bcc57534b393d2d415
|
|
This uses the tls_proxy resource added in a previous commit [1] in
front of the neutron server when internal TLS is enabled. Right
now values are passed quite manually, but a subsequent commit will use
t-h-t to pass the appropriate hieradata, and then we'll be able to
clean it up from here.
Note that the proxy is only deployed when internal TLS is enabled.
[1] I82243fd3acfe4f23aab373116b78e1daf9d08467
bp tls-via-certmonger
Change-Id: I6dfbf49f45aef9f47e58b5c0dbedd2b4e239979e
|
|
|
|
|
|
Change-Id: Ic74ccd5fa7b3b04ca810416e5160463252f17474
Signed-off-by: Dan Radez <dradez@redhat.com>
|
|
Depends-On: I91b9959a6f71b4e6885e55a568116cc28cf16ddd
Change-Id: I1a152dd0a7e7949ee8d91a6f63425dba2406fcaf
|
|
Bring change of I53151d4f555d5d161a3e53ce5f022e3bf3b2ffbd into
puppet-tripleo.
Change-Id: I1227956a0389497eedc00e4ec817f52be608dc75
Related-Bug: #1643655
|
|
|
|
|
|
|