Age | Commit message (Collapse) | Author | Files | Lines |
|
The glance database should be created as part of the glance-api service
installation and not the registry. Move the db_sync param to the
glance-api class call.
Change-Id: Ib9f511219e8cb9a7322745b6bd7c4f9c9cc0c198
|
|
|
|
|
|
|
|
|
|
|
|
Add the option to add the section of ml2_odl
to ml2_conf.ini when opendaylight_v2 mechanism driver is used
Change-Id: I2a1c5097614e47cc09e43bbc77305a0548d54baa
|
|
Configure Nova with new Oslo Messaging parameters for RabbitMQ.
Note: parameters are renamed to be standard, so it will help a future
transition to another backend in TripleO.
Change-Id: Ia67a4dbe5b2bd12c45308a5581f96d0457b8e018
|
|
We need to run the basic cell v2 setup for nova as it is required for
Ocata.
Change-Id: I693239ff5026f58a65eb6278b1a8fcb97af4f561
Depends-On: I43ba77cd4c8da7c6dc117ab0bd53e5cd330dc3de
Depends-On: I9462ef16fd64a577c3f950bd121f0bd28670fabc
Closes-Bug: #1649341
|
|
|
|
|
|
|
|
Enable ml2.pp to call networking-fujitsu manifest in puppet-neutron
for fossw ML2 plugin setting.
Change-Id: I044c5812bbc5cd3de4bc33556cffbe5bad8e64cf
Implements: blueprint integration-fossw-networking-fujitsu
Depends-On: I79df6b6a27d95f0c0e2c87207ab80235a4efccfc
|
|
|
|
|
|
|
|
A puppet manifest to allow the toggle of 'Banner' in sshd_config
and enable population of an SSH login banner needed for security
compliance such as DISA STIG
If `Bannertext` is set as a parameter, the `Banner` key within
sshd_config is toggled to `/etc/issue` and the content is copied
into the `/etc/issue` file
Change-Id: Ie9f8afdfa9930428f06c9669fedb460dc1064d5e
Closes-Bug: #1640306
|
|
Removes including Neutron services in the OpenDaylight API service.
This was breaking custom roles when splitting up OpenDaylight and Neutron
into different roles. Also, references to "controller" are removed
because with custom roles OpenDaylight could be isolated to any role
type. The 'bootstrap_nodeid' still works with any role, and only
resolves to the first node in the series of nodes for that role type.
Partial-Bug: 1651499
Change-Id: I418643810ee6b8a2c17a4754c83453140ebe39c7
Signed-off-by: Tim Rozet <trozet@redhat.com>
|
|
This is useful to customize the libvirt/qemu.conf limits when deploying
a large overcloud or one with many Ceph OSDs.
Change-Id: I258afd3ee6633e4b2ebc45aa8611be652476be0c
Depends-On: I5fa423a4b212d14f6e9ff6a270931b569558b54e
|
|
This is the glue between the collectd composable service in
tripleo-heat-templates and the puppet-collectd module.
Change-Id: I7e899e3af870b04dcd45503bd322278997fa53d0
|
|
Enable ml2.pp to call networking-fujitsu manifest in puppet-neutron.
The implementation in puppet-neutron is in progress separately.
Change-Id: I5eb2c2a9c50b5991d62f4b6d74b83351c86b02de
Implements: blueprint integration-networking-fujitsu
Depends-On: I37a502b43eb7d91bfe20625248ed117eae3ca535
|
|
This patch updates the swift proxy so that it only depends
on ceilometer if the ceilometer_api_enabled all-nodes-data hiera
setting has been set.
Also removes a parameter dependency where the
tripleo::profile::base::swift::proxy class was referencing
a puppet-ceilometer value from hiera (which can
also cause ceilometer dependencies).
Depends-On: Ief5399d7ea4d26e96ce54903a69d660fa4fe3ce9
Change-Id: I8d9f69f5e9160543b372bd9886800f16f625fdc6
Closes-bug: #1648736
|
|
Ceilometer api is deprectaed in Ocata. Lets disable by default.
This can still be enabled by setting enable_legacy_ceilometer_api
param.
Change-Id: Iffb8c2cfed53d8b29e777c35cee44921194239e9
|
|
Cinder Backend configuration support for
HPELeftHandISCSIDriver for VSA storage
Change-Id: Ia7e5f3d436283f7949b0eb8f109b3dc0309af4f5
|
|
|
|
Currently we chose the pacemaker cluster node by simply taking
hiera('controller_node_names'). We should instead use the
pacemaker_short_node_names array which is built dynamically
from all the nodes that include the pacemaker service.
Change-Id: I0a3e4acaab11e078da5eeb2ef2adde5387785927
|
|
Instead of checking for glance_registry_enabled, we should be checking
for glance_api_enabled. The glance-api v1 depends on the registry, which
means the database will be created but glance-api v2 doesn't which means
that not deploying the registry would result in the glance database not
being created. On the other hand, glance-registry is never deployed
without glance-api
Change-Id: Ief25dafb65f7a043fbb3d16f1d7ef834c9947a93
|
|
This change adds rspec testing for the cinder profiles with in
puppet-tripleo. Additionally while testing, it was found that the
backends may incorrectly have an extra , included in the settings
for cinder volume when running puppet 3. This change includes a fix
the cinder volume backends to make sure we are not improperly
configuring it with a trailing comma.
Change-Id: Ibdfee330413b6f9aecdf42a5508c21126fc05973
|
|
|
|
|
|
|
|
|
|
This sets the cluster_nodes configuration in RabbitMQ to use FQDNs
instead of IP addresses. Note that in HA, RabbitMQ is already
configured using FQDNs.
Change-Id: I2b1cec25ff25f4afd72a28246c2cda9c58d7b61e
|
|
This replaces the services' IP-based RabbitMQ configuration and uses
FQDNs instead.
Change-Id: I2be81aecacf50839a029533247981f5edf59cb7f
|
|
|
|
This optionally enables TLS for Panko API in the internal network.
If internal TLS is enabled, each node that is serving the Panko API
service will use certmonger to request its certificate.
bp tls-via-certmonger
Change-Id: Ie9be7ce19601435b1b83b4ba58d9c7e8d53f23ba
|
|
this adds the necessary code in the manfiest to configure TLS
if internal TLS is enabled. this also adds the capability of
auto-generating the certificate via certmonger.
bp tls-via-certmonger
Change-Id: I7275e5afb3a6550cf2abbb9a8007dedb62ada4b4
|
|
|
|
|
|
The normalize_ip_for_uri handles ipv6 bracketing correctly. Rather
than continue to do it manually, this change updates the ceilometer
collector profile to leverage the normalize_ip_for_uri function to
properly escape ipv6 addresses.
Change-Id: Ifaf6568785235db55f8dc593d83e534216413d31
Closes-Bug: #1629380
|
|
This allows us to use the composable services interfaces to handle
providing the IP address for northd, and will be more flexible in
the event folks want to deploy northd/ovndb on a different node to
the neutron plugin.
This also adds ovn_northd to the haproxy configuration so we can access
it via the ovn_northd_vip in other service profiles. Note we need
to ensure the haproxy config only hits the bootstrap node as northd
won't be running on the other nodes.
Change-Id: I9af7bd837c340c3df016fc7ad4238b2941ba7a95
Partial-Bug: #1634171
|
|
|
|
|
|
This is currently calculated in t-h-t but has a hard-coded reference
to the ControllerCount which is incompatible with custom-roles.
So instead calculate the setting based on the number of neutron API
services running (on any role, not just Controller), combined with
whether DVR is enabled (equivalent to current t-h-t logic).
To avoid breaking the NeutronL3HA parameter in t-h-t we maintain an
optional parameter to override the calculated value.
Change-Id: I01c50973eec8138ec61304f2982d5026142f267c
Partial-Bug: #1629187
|
|
Previously the ctrl plane VIP would default to 'br-ex' which in non-vlan
deployments ends up being the wrong interface. The public VIP interface
was also defaulted to 'br-ex' which would be incorrect for vlan based
deployments. Since a user has already given the nic template (and in
most cases the subnet that corresponds to the nic) the installer should
be able to figure out which interface the public/control vip should be
on.
These changes enable that type of auto-detection, unless a user
explicitly overrides the heat parameters for ControlVirtualInterface and
PublicVirtualInterface. Also removes calling keepalived from haproxy
now that the services are composed separately on the Controller role.
Partial-Bug: 1606632
Change-Id: I05105fce85be8ace986db351cdca2916f405ed04
Signed-off-by: Tim Rozet <trozet@redhat.com>
|
|
combination alarms are completely removed in Ocata.
Remove this from tripleo.
Change-Id: Icdf81d2f489db33533a1a0979cba3b5a652535d5
|
|
Change-Id: I035c26e0f50e4b3fc0f6085fa5a4bf524e4852b7
|
|
These are now passed via the heat profiles in t-h-t (via
heat-base.yaml and heat-engine.yaml) and use the actual names of
keystone parameters instead.
Change-Id: Id0f5dd03b6757df989339c93b58a5b7eac3402a2
Depends-On: I0e5124d57fdc519262fdec2dbeaaac85afaeebdf
|
|
Change-Id: I35f283bdf8dd0ed979c65633724f0464695130a4
|
|
This optionally enables TLS for Barbican API in the internal network.
If internal TLS is enabled, each node that is serving the Barbican API
service will use certmonger to request its certificate.
bp tls-via-certmonger
Change-Id: I1c1d3dab9bba7bec6296a55747e9ade242c47bd9
|