Age | Commit message (Collapse) | Author | Files | Lines |
|
Installing the undercloud with generate_service_certificate=True
fails if HAProxy is not pre-installed. This is due to missing
dependency setting on our puppet manifests. We need to specify that
the PEM file needs to be written only if the haproxy user and group
exist (which comes from the package) and that the haproxy frontend
configuration needs to be notified if there are changes in the
certificates.
Change-Id: Iba3030e4489eb31f9c07ab49913687d8b595a91b
Closes-Bug: #1623805
|
|
|
|
|
|
|
|
|
|
This adds the tripleo::profile::base::validations profile which sets up
the `validations` user and installs the openstack-tripleo-validations
package.
Change-Id: Ib2b1ddcda3a41cb7263171d3024f05ba8bfd2f28
|
|
This fact was being retrieving the value of the hostname for the management
network. We should instead be using a value set explicitly in t-h-t.
Depends-On: Idb3ca22ac136691b0bff6f94524d133a4fa10617
Change-Id: I6fcf7c7853071a9f3377aec475308bc8d10d5b33
Related-Bug: #1621742
|
|
This is necessary so the middleware in manila can set the protocol
correctly in case we're terminating SSL in HAProxy.
Depends-On: Ice78b0abceb6a956bb8c1dc6212ee1b56b62b43f
Change-Id: Iedaabaf1379466c22e3b9bb2307e940459d26de7
|
|
This sets the subject alt name field for the certificates we
auto-generate, which will remove the security warnings we constantly
see in the undercloud. This is the proper way to set certificates,
since the usage of the CN as a replacement for the subjectAltName is
being deprecated (very slowly).
Change-Id: I475cbffd47425e850902838eec06bf461df2acd0
Closes-Bug: #1622446
|
|
|
|
|
|
|
|
Gnocchi statsd and metricd require Keystone resources to be in place
when using Swift backend, because those services will try to access to
Swift containers.
To do so, we want to move the service start at step 5 instead of 4 and
also require Keystone resource to be managed before starting the
services.
Change-Id: Ie5bc1481a8700c7cd080a76d0978146a84825767
Closes-Bug: #1621164
|
|
|
|
|
|
|
|
|
|
This will be useful to start using FQDNs instead of IPs if we don't
have a DNS set-up. This will effectively grab a map of hosts to add
and create them with puppet's host resource.
Change-Id: I1bdb2701dfb3e7ef072e674c9882d3be5af7296c
|
|
|
|
|
|
|
|
|
|
We don't really expose a management network, but a ctlplane one. So
when someone requests the ctlplane fqdn, we'll give the management
one. Since that's what we actually fill in the hosts.
Change-Id: Iede5a06d73206f98f283729f1879484f09d4012a
|
|
This will make it easier to use and consume from t-h-t, making their
use more dynamic. This is still safe to do, since these are not used
by anything yet.
Change-Id: I4d603938c568320d4ae1cc7a396070ad4ac62132
|
|
|
|
Configure drac, ilo and ssh drivers out of box.
Remove deprecated ironic::drivers::deploy.
This change brings the default driver list closer to one of undercloud.
Change-Id: I8b9a136a0ff22916d7c468bbb0df7248bc35a5c2
Partially-Implements: blueprint ironic-integration
|
|
|
|
|
|
|
|
Extra settings that need to be applied for plumgrid where compute
nodes are running.
Change-Id: Ided5483f0f36f0efd5a09112832d07f028a2a7f9
|
|
Previously we weren't creating Redis VIP in keepalived, causing Redis to
be unusable in non-HA deployments.
Change-Id: I0bb37f6fb3eed022288b2dcfc7a88e8ff88a7ace
Related-Bug: #1618510
|
|
Currently we have some hard-coded mangling in t-h-t but we
instead need to build the array based on the nodes running swift
storage, combined with the SwiftRawDisks parameter.
This will enable running SwiftStorage on nodes other than Controller
and SwiftStorage roles, and is required for custom-roles due to
the hard-coded stuff in the role templates and overcloud.yaml
Change-Id: I11deed1df712ecccf85d36a75b3bd2e9d226af36
Partially-Implements: blueprint custom-roles
|
|
|
|
Instead of hard-coded yaml aliases in t-h-t, make each service
profile that requires rabbit default to the list of rabbit ips.
Note this could still be extended in future to e.g enable per
service rabbit clusters, but the default is to lookup the
hiera which should be logically equivalent to current t-h-t.
Change-Id: Ie53c93456529420588eb1927703ea91b54095d87
Partially-Implements: blueprint custom-roles
|
|
This is the first tag for newton and OpenStack Infra will create a
tarball from it.
Change-Id: I7a98743bbbd1879426790a9821cadfa7ecbd5d22
|
|
|
|
|
|
Instead of mangling this list in t-h-t, generate the list derived
from memcached_node_ips, which is now always set when memcached
is deployed, regardless of the role.
Note the port default is hard-coded as this is already hard-coded
(in two places) in t-h-t, but we can override it if this changes
in future.
We need this to remove the swift specific stuff out of overcloud.yaml
to enable custom-roles.
Change-Id: Ic8872e5e51732874ca5b93bff5efd3e7ed75bc31
Partially-Implements: blueprint custom-roles
|
|
|
|
This patch adds tripleo::profile::base::ceph::rgw
Co-Authored-By: Giulio Fidente <gfidente@redhat.com>
Change-Id: Ib69b8171321284bb64e348d45b7eea2f00f8d506
|
|
Change-Id: I787becce343b38e6c27c9a1b937b47c0aefb034d
Related-Bug: 1618930
|
|
Update neutron parameter to lookup the right variable in Hiera.
Change-Id: I7b93e8d308f2ff2fb3a2083af75140dfa62b3ad8
|
|
|
|
Shares the same (ssl)port with Swift Proxy
Change-Id: I2e1de1a3fa6ad62895a1e972e43858f23c08bbea
|
|
Change-Id: I5c620ba717f782b39c599aff24b4ac56fb695a04
|
|
changed parameter order
for tripleo heat templates see https://review.openstack.org/#/c/346799/
Implements: blueprint contrail-services
Change-Id: I8de63b6e21f8fdf3c2fd13bf5475cce4a85311d6
|
|
Change-Id: Icb9633134114041bbd497e7652482dd5d34c9327
Depends-On: I8b83eff694316755e4dd2dbcde7b569472893bc5
Partially-Implements: blueprint ironic-integration
|
|
|
|
|
|
Write restart flag file for services managed by Pacemaker into
/var/lib/tripleo/pacemaker-restarts directory. The name of the file must
match the name of the clone resource defined in pacemaker. The
post-puppet restart script will restart each service having a restart
flag file and remove those files.
This approach focuses on $pacemaker_master only (we don't want to
restart the pacemaker services 3 times when we have 3 controllers), so
it relies on the assumption that we're making the matching config
changes across the pacemaker nodes.
Change-Id: I6369ab0c82dbf3c8f21043f8aa9ab810744ddc12
|