Age | Commit message (Collapse) | Author | Files | Lines |
|
|
|
This patch updates the tripleo::firewall class so that it will
support loading firewall rules defined in composable services
via the following hiera keys (for nova-api for example):
tripleo.nova_api.firewall_rules
This patch relies on a new 'service_names' hiera array that should be
provided on all TripleO overcloud nodes.
Depends-On: I60861c5aa760534db3e314bba16a13b90ea72f0c
Change-Id: Id370362ab57347b75b1ab25afda877885b047263
|
|
|
|
service"
|
|
|
|
Deploy Keystone and Gnocchi API with the new Apache/Pacemaker profile.
Change-Id: Id28c618133e53e28dfac7e3e9cf9f5f5a6b2421a
|
|
Change-Id: I6ba962c682dc2ab8c6ee5238e0c176d9ae05d696
|
|
|
|
|
|
This class extracts the certificate and adds it to the trusted certs.
bp tls-via-certmonger
Change-Id: I6dc1e0469cd7dbbb51659c8f29975d25b2941ec3
|
|
Change I67a15dc83a754fb6f5fe25c64ae9e7d29c58fcec removed the
gnocchi configuration completely from non-bootstrap nodes. This
changes it so the configuration is included on all nodes, but the
db sync is only included on bootstrap.
Change-Id: If402becc900c175f5b3bb95c3413276e5a04b4f7
Closes-Bug: 1604708
|
|
Deploy Apache with Pacemaker in a new profile.
Change-Id: I9ae6cee2bfb0f8974d41d700454cfde2df06c2d1
|
|
Not used anymore anywhere.
Change-Id: Iae0709cca8faa62698bed977e0e364eb8f88f4f7
|
|
Currently if we manually restart the cluster saometimes gnocchi statsd
doesnt comeup as galera is not up yet. This should tie the metrics to
core and follow the order.
Closes-bug: #1604860
Change-Id: I5ec29622938336410b91785ca49b410bcdd30cdd
|
|
Heat needs stack_user_domain_id or stack_user_domain_name config
options set in the heat.conf before starting. The domain itself
doesn't need to exist until a stack is actually created, but the
value needs to be there. This patch ensures that the heat domain
parameters are configured before starting the heat-engine service
with Pacemaker at step3 and 4, and at step5, Pacemaker will start
the services and Puppet will create the domains.
(note: commit message copied from
https://review.openstack.org/#/c/331652/ to mitaka tht, which came
first)
Change-Id: I58fa53357265c1607d2df1b04cc2296083212ab7
Closes-Bug: 1599232
|
|
|
|
|
|
Configures a nova-compute instance to use Ironic.
Change-Id: I4f817aba542cfaa386b3c0617feae90c61579b43
Partially-Implements: blueprint ironic-integration
|
|
Including ::ironic runs ironic-dbsync by default, so we end up with
ironic-dbsync run before the database is created. This patch fixes it.
Change-Id: I6fef1de18e52b68caaf4cbd55c0408b98b5c26e0
Partially-Implements: blueprint ironic-integration
|
|
|
|
The gnocchi db sync is being run from multiple controllers causing errors in
CI. See the bug for more details.
Change-Id: I67a15dc83a754fb6f5fe25c64ae9e7d29c58fcec
Closes-Bug: #1604624
|
|
In the Next Generation HA architecture a number of active/active services
will be run via systemd. In order for this to work we need to make sure that
the sync_db operation only takes place on the bootstrap node, just like it is
done today for the pacemaker profiles.
We do this by removing sync_db as a parameter and instead set it to true
or false depending if the hostname matches the bootstrap_node as it is done
today in the pacemaker role.
Note that we call hiera('bootstrap_nodeid', undef) because if a profile
is included on a non controller node that variable will be undefined.
The following testing was done:
- HA puppet-pacemaker.yaml scenario with three computes
- NonHA with one controller
- NonHA with three controllers
Fixes-Bug: 1600149
Co-Author: cmsj@tenshu.net
Change-Id: I04a7b9e3c18627ea512000a34357acb7f27d6e0e
Implements: blueprint ha-lightweight-architecture
|
|
The principal is needed for kerberos-based solutions like FreeIPA.
bp tls-via-certmonger
Change-Id: Ie27848f522d11135b061aef766de2b696c77fcb9
|
|
The code was in THT before but now in the Nova API profile.
Change-Id: I7035f7998c11dc5508dae8c1a750b93c2944b2d4
|
|
|
|
|
|
The dummy openstack-core resource was meant to replace keystone so that
restarting keystone would not restart the whole cloud. When this
resource was introduced the paramter interleave=true was mistakenly left
out.
This causes a simple promote operation on the galera resource to restart
openstack-core and its children.
Change-Id: Ic590005a9419be87e6e6ea131b0ac0630c5afc19
Closes-Bug: 1603381
|
|
|
|
Add Mistral profiles for non-ha and ha scenarios
Change-Id: I1a072326091fd3b0c21d2f78041e3532b67c60eb
Implements: blueprint refactor-puppet-manifests
Depends-On: I6ce61054384c15876c498ba8cf582f88d9f7f54c
|
|
I think this will need refinement in future, but for now this is
just a copy of what we have in t-h-t
Change-Id: I427f0b5ee93a0870d43419009178e0690ac66bd6
Partially-Implements: blueprint refactor-puppet-manifests
|
|
|
|
|
|
|
|
Add MySQL profiles, for non-ha and ha scenarios.
Change-Id: I7ddae28a6affd55c5bffc15d72226a18c708850e
Closes-Bug: #1601853
|
|
This resource will be used in both the overcloud and the undercloud,
and can be called in several instances (for public-facing or
internal-facing certificates).
bp tls-via-certmonger
Change-Id: I0410fe0dbbed97d16909e911f7318d78a5bd7d7b
|
|
This base class just executes the main certmonger include (which gets
the package and starts the service) and configures the global CA, as
well as some options for the certificates that it will be issuing.
bp tls-via-certmonger
Change-Id: Ib748946130209bf9ccf6670b6f3fbbe0424400ec
|
|
|
|
|
|
|
|
Change-Id: I46215f82480854b5e04aef1ac1609dd99455181b
Closes-Bug: #1601970
|
|
As not having guarantee of being installed on same node, the dbsync
will be on step 3 and the clustercheck on 2.
Change-Id: Id728aae79442c45ab48fe0914c065f1807e8890d
|
|
|
|
|
|
Change-Id: Iff6508972edfd5f330b239719bc5eb14d3f71944
Implements: blueprint refactor-puppet-manifests
|
|
When both the Ceph Monitor and OSD roles are deployed on the same
node, we need the OSD configuration to happen *after* the Monitor
configuration is finished.
Change-Id: Id2ea099a0aaba344004870e82108da288cba2cb7
|
|
When Facter.value(:domain) is nil the facts fqdn_<network> are failing
with :
Could not retrieve fact='fqdn_external', resolution='<anonymous>': undefined method `empty?' for nil:NilClass
Change-Id: I3e7fa983d4cf91c6ab25f9aa4c353b364f44826e
Closes-bug: 1595125
|
|
|
|
|
|
|
|
The Nuage agent will also get used on compute nodes.
Change-Id: Ic842ebdc183918ec9a24f83ae39adfba27bc799c
|