summaryrefslogtreecommitdiffstats
path: root/manifests
AgeCommit message (Collapse)AuthorFilesLines
2016-09-24Make mysql bind-address configurableJuan Antonio Osorio Robles2-5/+14
It used to be hardcoded that the bind-address was always coming from the $::hostname fact. This is wrong, as it disregards where we have configured the mysql address. This commit actually makes it configurable, so we'll be able to set it via hieradata. On the other hand, we use the hiera key that we already set 'mysql_bind_host' as a default; if, for some reason, that's unavailable then we fall back to $::hostname. Related-Bug: #1627060 Change-Id: I316acfd514aac63b84890e20283c4ca611ccde8b
2016-09-20Merge "Terminate Zaqar websocket endpoint in HAProxy"Jenkins1-0/+33
2016-09-20Terminate Zaqar websocket endpoint in HAProxyJuan Antonio Osorio Robles1-0/+33
Note that there was a need to modify different timeouts due to the nature of how websockets work. The source where the reasoning and value came from is listed as a comment in the code. Related-Bug: #1625448 Co-Authored-By: Brad P. Crochet <brad@redhat.com> Change-Id: I9de77d5f692c1c9d04e3c59c5de5312e63f81aed
2016-09-17Merge "Swift add_devices.pp IPv6 handling"Jenkins1-1/+4
2016-09-17Merge "Fix dependencies for HAProxy when certmonger is used"Jenkins2-4/+9
2016-09-17Merge "mysql: never add brackets to mysql_bind_host"Jenkins1-1/+1
2016-09-17Merge "Wait for MongoDB connections before creating replset"Jenkins1-0/+7
2016-09-16Wait for MongoDB connections before creating replsetJiri Stransky1-0/+7
Sometimes the mongodb_replset resource fails with: Could not evaluate: Can't find master host for replicaset tripleo. This issue is intermittent so the fix cannot be perfectly verified, but the assumption is that if we wait for MongoDB to be reachable on all nodes, it will assure that the members will appear to the puppet module as alive when creating or verifying the replset. If the validation fails, it should help us uncover which of the members was causing trouble. Change-Id: I0bcd0d063a7a766483426fdd5ea81cbe1dfaa348 Closes-Bug: #1624420
2016-09-16Swift add_devices.pp IPv6 handlingGabriele Cerami1-1/+4
Add brackets to IPv6 addresses before forming $object from $base Change-Id: I4568d538561a0102b69f331a122d4989333a3bfa Closes-Bug: #1623096
2016-09-16Merge "Add manila-netapp backend to manila class and tidy up generic"Jenkins1-81/+41
2016-09-16Add manila-netapp backend to manila class and tidy up genericmarios1-81/+41
This adds support for the manila-netapp backend. The backend specific config is set tht side. So this change also tidies up the manila generic config, which is unnecessarily being duplicated here ( see https://review.openstack.org/#/c/354019/ ) Change-Id: Ic6f8e8d27ca20b9badddea5d16550aa18bff8418
2016-09-16mysql: never add brackets to mysql_bind_hostEmilien Macchi1-1/+1
Don't add brackets on mysql_bind_host parameter in Galera config. Having brackets from this parameter works with old version of Galera but not newest one. So let's remove them at all, so we can safely upgrade Galera in RDO. Change-Id: Ic904d4efda162f18ec8dffb91c2f383f54361f41 Closes-Bug: #1622755
2016-09-15Fix dependencies for HAProxy when certmonger is usedJuan Antonio Osorio Robles2-4/+9
Installing the undercloud with generate_service_certificate=True fails if HAProxy is not pre-installed. This is due to missing dependency setting on our puppet manifests. We need to specify that the PEM file needs to be written only if the haproxy user and group exist (which comes from the package) and that the haproxy frontend configuration needs to be notified if there are changes in the certificates. Change-Id: Iba3030e4489eb31f9c07ab49913687d8b595a91b Closes-Bug: #1623805
2016-09-15Fix wrong flag name for VNC Proxy in HAProxyJuan Antonio Osorio Robles1-2/+2
The name was wrong, and so fixing it will actually enable VNC Proxy when the service is enabled. Change-Id: I65e90479fd33844b4dcd70c19cec3cd838aeff69 Closes-Bug: #1623796
2016-09-14Merge "Add validations profile for tripleo"Jenkins1-0/+29
2016-09-13Merge "Enable X-Forwarded-Proto for manila"Jenkins1-0/+5
2016-09-12Add validations profile for tripleoTomas Sedovic1-0/+29
This adds the tripleo::profile::base::validations profile which sets up the `validations` user and installs the openstack-tripleo-validations package. Change-Id: Ib2b1ddcda3a41cb7263171d3024f05ba8bfd2f28
2016-09-12Enable X-Forwarded-Proto for manilaJuan Antonio Osorio Robles1-0/+5
This is necessary so the middleware in manila can set the protocol correctly in case we're terminating SSL in HAProxy. Depends-On: Ice78b0abceb6a956bb8c1dc6212ee1b56b62b43f Change-Id: Iedaabaf1379466c22e3b9bb2307e940459d26de7
2016-09-12Fill DNS name for haproxy certificatesJuan Antonio Osorio Robles1-0/+1
This sets the subject alt name field for the certificates we auto-generate, which will remove the security warnings we constantly see in the undercloud. This is the proper way to set certificates, since the usage of the CN as a replacement for the subjectAltName is being deprecated (very slowly). Change-Id: I475cbffd47425e850902838eec06bf461df2acd0 Closes-Bug: #1622446
2016-09-09Merge "Added Contrail Composable Services"Jenkins5-0/+751
2016-09-09Merge "Add Ceph RGW profile"Jenkins1-0/+63
2016-09-08Merge "Add class to write overcloud VIPs into /etc/hosts"Jenkins1-0/+39
2016-09-07gnocchi: move statsd and metricd at step5Emilien Macchi2-2/+6
Gnocchi statsd and metricd require Keystone resources to be in place when using Swift backend, because those services will try to access to Swift containers. To do so, we want to move the service start at step 5 instead of 4 and also require Keystone resource to be managed before starting the services. Change-Id: Ie5bc1481a8700c7cd080a76d0978146a84825767 Closes-Bug: #1621164
2016-09-07Merge "Manage Redis VIP when deploying with keepalived"Jenkins1-0/+18
2016-09-06Merge "Include heat base profile outside of step"Jenkins4-4/+8
2016-09-06Merge "Add Ceph RGW listener to HAProxy"Jenkins2-0/+23
2016-09-06Merge "Convert ringbuilder to build devices array"Jenkins1-4/+26
2016-09-06Add class to write overcloud VIPs into /etc/hostsJuan Antonio Osorio Robles1-0/+39
This will be useful to start using FQDNs instead of IPs if we don't have a DNS set-up. This will effectively grab a map of hosts to add and create them with puppet's host resource. Change-Id: I1bdb2701dfb3e7ef072e674c9882d3be5af7296c
2016-09-05Merge "Ironic: update included drivers"Jenkins1-3/+7
2016-09-05Merge "Ironic: manage PXE environment for conductors"Jenkins1-0/+8
2016-09-05Merge "updates to fluentd support"Jenkins2-39/+180
2016-09-04Ironic: update included driversDmitry Tantsur1-3/+7
Configure drac, ilo and ssh drivers out of box. Remove deprecated ironic::drivers::deploy. This change brings the default driver list closer to one of undercloud. Change-Id: I8b9a136a0ff22916d7c468bbb0df7248bc35a5c2 Partially-Implements: blueprint ironic-integration
2016-09-03Merge "Make service profiles default to rabbitmq_node_ips"Jenkins11-11/+85
2016-09-02Merge "Plumgrid helper"Jenkins1-0/+45
2016-09-02Merge "Opencontrail vrouter profile"Jenkins1-0/+40
2016-09-02Plumgrid helperDan Prince1-0/+45
Extra settings that need to be applied for plumgrid where compute nodes are running. Change-Id: Ided5483f0f36f0efd5a09112832d07f028a2a7f9
2016-09-02Manage Redis VIP when deploying with keepalivedJiri Stransky1-0/+18
Previously we weren't creating Redis VIP in keepalived, causing Redis to be unusable in non-HA deployments. Change-Id: I0bb37f6fb3eed022288b2dcfc7a88e8ff88a7ace Related-Bug: #1618510
2016-09-02Convert ringbuilder to build devices arraySteven Hardy1-4/+26
Currently we have some hard-coded mangling in t-h-t but we instead need to build the array based on the nodes running swift storage, combined with the SwiftRawDisks parameter. This will enable running SwiftStorage on nodes other than Controller and SwiftStorage roles, and is required for custom-roles due to the hard-coded stuff in the role templates and overcloud.yaml Change-Id: I11deed1df712ecccf85d36a75b3bd2e9d226af36 Partially-Implements: blueprint custom-roles
2016-09-02Merge "Create memcache_servers list in swift proxy profile"Jenkins1-1/+14
2016-09-02Make service profiles default to rabbitmq_node_ipsSteven Hardy11-11/+85
Instead of hard-coded yaml aliases in t-h-t, make each service profile that requires rabbit default to the list of rabbit ips. Note this could still be extended in future to e.g enable per service rabbit clusters, but the default is to lookup the hiera which should be logically equivalent to current t-h-t. Change-Id: Ie53c93456529420588eb1927703ea91b54095d87 Partially-Implements: blueprint custom-roles
2016-09-01Merge "midonet: update neutron parameter"Jenkins1-2/+2
2016-09-01Merge "Write restart flags to restart services only when necessary"Jenkins9-0/+83
2016-09-01Create memcache_servers list in swift proxy profileSteven Hardy1-1/+14
Instead of mangling this list in t-h-t, generate the list derived from memcached_node_ips, which is now always set when memcached is deployed, regardless of the role. Note the port default is hard-coded as this is already hard-coded (in two places) in t-h-t, but we can override it if this changes in future. We need this to remove the swift specific stuff out of overcloud.yaml to enable custom-roles. Change-Id: Ic8872e5e51732874ca5b93bff5efd3e7ed75bc31 Partially-Implements: blueprint custom-roles
2016-09-01Merge "Default haproxy listeners activation on hiera service _enabled"Jenkins1-54/+54
2016-09-01Add Ceph RGW profileKeith Schincke1-0/+63
This patch adds tripleo::profile::base::ceph::rgw Co-Authored-By: Giulio Fidente <gfidente@redhat.com> Change-Id: Ib69b8171321284bb64e348d45b7eea2f00f8d506
2016-09-01Ensure iscsi_ip_address is in brackets if IPv6Giulio Fidente1-1/+4
Change-Id: I787becce343b38e6c27c9a1b937b47c0aefb034d Related-Bug: 1618930
2016-08-31midonet: update neutron parameterEmilien Macchi1-2/+2
Update neutron parameter to lookup the right variable in Hiera. Change-Id: I7b93e8d308f2ff2fb3a2083af75140dfa62b3ad8
2016-08-31Merge "Reload HAProxy on refresh"Jenkins1-0/+14
2016-08-31Add Ceph RGW listener to HAProxyGiulio Fidente2-0/+23
Shares the same (ssl)port with Swift Proxy Change-Id: I2e1de1a3fa6ad62895a1e972e43858f23c08bbea
2016-08-31Default haproxy listeners activation on hiera service _enabledGiulio Fidente1-54/+54
Change-Id: I5c620ba717f782b39c599aff24b4ac56fb695a04
">: "Device ID for interface cgnapt_vnf.cgnapt_provider-xe1-port", "value": { "get_attr": [ "cgnapt_vnf.cgnapt_provider-xe1-port", "device_id" ] } }, "cgnapt_vnf.cgnapt_provider-xe1-port-mac_address": { "description": "MAC Address for interface cgnapt_vnf.cgnapt_provider-xe1-port", "value": { "get_attr": [ "cgnapt_vnf.cgnapt_provider-xe1-port", "mac_address" ] } }, "cgnapt_vnf.cgnapt_provider-xe1-port-network_id": { "description": "Network ID for interface cgnapt_vnf.cgnapt_provider-xe1-port", "value": { "get_attr": [ "cgnapt_vnf.cgnapt_provider-xe1-port", "network_id" ] } }, "cgnapt_vnf.cgnapt_provider-xe1-port-subnet_id": { "description": "Address for interface cgnapt_vnf.cgnapt_provider-xe1-port", "value": { "get_attr": [ "cgnapt_vnf.cgnapt_provider-xe1-port", "fixed_ips", 0, "subnet_id" ] } }, "cgnapt_provider-flavor": { "description": "Flavor cgnapt_provider-flavor ID", "value": { "get_resource": "cgnapt_provider-flavor" } }, "cgnapt_provider-mgmt-subnet": { "description": "subnet cgnapt_provider-mgmt-subnet ID", "value": { "get_resource": "cgnapt_provider-mgmt-subnet" } }, "cgnapt_provider-mgmt-subnet-cidr": { "description": "subnet cgnapt_provider-mgmt-subnet cidr", "value": { "get_attr": [ "cgnapt_provider-mgmt-subnet", "cidr" ] } }, "cgnapt_provider-mgmt-subnet-gateway_ip": { "description": "subnet cgnapt_provider-mgmt-subnet gateway_ip", "value": { "get_attr": [ "cgnapt_provider-mgmt-subnet", "gateway_ip" ] } }, "cgnapt_provider-secgroup": { "description": "ID of Security Group", "value": { "get_resource": "cgnapt_provider-secgroup" } }, "cgnapt_provider-xe0-subnet": { "description": "subnet cgnapt_provider-xe0-subnet ID", "value": { "get_resource": "cgnapt_provider-xe0-subnet" } }, "cgnapt_provider-xe0-subnet-cidr": { "description": "subnet cgnapt_provider-xe0-subnet cidr", "value": { "get_attr": [ "cgnapt_provider-xe0-subnet", "cidr" ] } }, "cgnapt_provider-xe0-subnet-gateway_ip": { "description": "subnet cgnapt_provider-xe0-subnet gateway_ip", "value": { "get_attr": [ "cgnapt_provider-xe0-subnet", "gateway_ip" ] } }, "cgnapt_provider-xe1-subnet": { "description": "subnet cgnapt_provider-xe1-subnet ID", "value": { "get_resource": "cgnapt_provider-xe1-subnet" } }, "cgnapt_provider-xe1-subnet-cidr": { "description": "subnet cgnapt_provider-xe1-subnet cidr", "value": { "get_attr": [ "cgnapt_provider-xe1-subnet", "cidr" ] } }, "cgnapt_provider-xe1-subnet-gateway_ip": { "description": "subnet cgnapt_provider-xe1-subnet gateway_ip", "value": { "get_attr": [ "cgnapt_provider-xe1-subnet", "gateway_ip" ] } } }, "resources": { "cgnapt_vnf.cgnapt_provider": { "depends_on": [ "cgnapt_provider-flavor", "cgnapt_provider-key", "cgnapt_vnf.cgnapt_provider-mgmt-port", "cgnapt_vnf.cgnapt_provider-xe0-port", "cgnapt_vnf.cgnapt_provider-xe1-port" ], "properties": { "admin_user": "ubuntu", "config_drive": true, "flavor": { "get_resource": "cgnapt_provider-flavor" }, "image": "yardstick-samplevnfs", "key_name": { "get_resource": "cgnapt_provider-key" }, "name": "cgnapt_vnf.cgnapt_provider", "networks": [ { "port": { "get_resource": "cgnapt_vnf.cgnapt_provider-mgmt-port" } }, { "port": { "get_resource": "cgnapt_vnf.cgnapt_provider-xe0-port" } }, { "port": { "get_resource": "cgnapt_vnf.cgnapt_provider-xe1-port" } } ], "scheduler_hints": { "different_host": [] } }, "type": "OS::Nova::Server" }, "cgnapt_vnf.cgnapt_provider-fip": { "depends_on": [ "cgnapt_vnf.cgnapt_provider-mgmt-port", "cgnapt_provider-mgmt-router-if0", "cgnapt_provider-secgroup" ], "properties": { "pool": "yardstick-public" }, "type": "OS::Nova::FloatingIP" }, "cgnapt_vnf.cgnapt_provider-fip-assoc": { "depends_on": [ "cgnapt_vnf.cgnapt_provider-mgmt-port" ], "properties": { "floatingip_id": { "get_resource": "cgnapt_vnf.cgnapt_provider-fip" }, "port_id": { "get_resource": "cgnapt_vnf.cgnapt_provider-mgmt-port" } }, "type": "OS::Neutron::FloatingIPAssociation" }, "cgnapt_vnf.cgnapt_provider-mgmt-port": { "depends_on": [ "cgnapt_provider-mgmt-subnet", "cgnapt_provider-secgroup" ], "properties": { "binding:vnic_type": "normal", "fixed_ips": [ { "subnet": { "get_resource": "cgnapt_provider-mgmt-subnet" } } ], "name": "cgnapt_vnf.cgnapt_provider-mgmt-port", "network_id": { "get_resource": "cgnapt_provider-mgmt" }, "replacement_policy": "AUTO", "security_groups": [ "cgnapt_provider-secgroup" ] }, "type": "OS::Neutron::Port" }, "cgnapt_vnf.cgnapt_provider-xe0-port": { "depends_on": [ "cgnapt_provider-xe0-subnet" ], "properties": { "binding:vnic_type": "normal", "fixed_ips": [ { "subnet": { "get_resource": "cgnapt_provider-xe0-subnet" } } ], "name": "cgnapt_vnf.cgnapt_provider-xe0-port", "network_id": { "get_resource": "cgnapt_provider-xe0" }, "replacement_policy": "AUTO" }, "type": "OS::Neutron::Port" }, "cgnapt_vnf.cgnapt_provider-xe1-port": { "depends_on": [ "cgnapt_provider-xe1-subnet" ], "properties": { "binding:vnic_type": "normal", "fixed_ips": [ { "subnet": { "get_resource": "cgnapt_provider-xe1-subnet" } } ], "name": "cgnapt_vnf.cgnapt_provider-xe1-port", "network_id": { "get_resource": "cgnapt_provider-xe1" }, "replacement_policy": "AUTO" }, "type": "OS::Neutron::Port" }, "cgnapt_provider-flavor": { "properties": { "disk": 6, "ephemeral": 0, "extra_specs": { "hw:cpu_cores": 10, "hw:cpu_sockets": 1, "hw:cpu_threads": 1 }, "flavorid": "cgnapt_provider-flavor", "is_public": true, "name": "cgnapt_provider-flavor", "ram": 20480, "rxtx_factor": 1.0, "swap": 0, "vcpus": 10 }, "type": "OS::Nova::Flavor" }, "cgnapt_provider-key": { "properties": { "name": "cgnapt_provider-key", "public_key": "ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAABAQC4/LMV8dMasxxb6qcfc7LspMZM8zwIm+4jPZdwcEBEdx+LO7T/HUpyeqjwKmH+0dE3YFQfoEH5rkJR+vxGSAFeMABR37JsymD1u/1w3HoTyI9t1XjsEXwrWApcOrlrEZSJRb2qedbGF9FQcV/pNJYhMG6YV6zVnd5gBxKoJuEunWMopxeK6NXsmpDGJsEkNR+uzKzc+1LuOG+6cDG44PiidxlVrX86LFkUBuZ7Wtzdu8fnYYyUbGDk9nLIuEynqg5WbMF8ScLca/r6KP/4QdUKR+U1+VCo7ylFzLPaFmeaHis0H/Xe09+MXX/4sdXJCwUOFH7JCoyxZUPAp2JrLk5L\n" }, "type": "OS::Nova::KeyPair" }, "cgnapt_provider-mgmt": { "properties": { "name": "cgnapt_provider-mgmt" }, "type": "OS::Neutron::Net" }, "cgnapt_provider-mgmt-router": { "depends_on": [ "cgnapt_provider-mgmt-subnet" ], "properties": { "external_gateway_info": { "network": "yardstick-public" }, "name": "cgnapt_provider-mgmt-router" }, "type": "OS::Neutron::Router" }, "cgnapt_provider-mgmt-router-if0": { "depends_on": [ "cgnapt_provider-mgmt-router", "cgnapt_provider-mgmt-subnet" ], "properties": { "router_id": { "get_resource": "cgnapt_provider-mgmt-router" }, "subnet_id": { "get_resource": "cgnapt_provider-mgmt-subnet" } }, "type": "OS::Neutron::RouterInterface" }, "cgnapt_provider-mgmt-subnet": { "depends_on": "cgnapt_provider-mgmt", "properties": { "cidr": "10.0.1.0/24", "enable_dhcp": "true", "name": "cgnapt_provider-mgmt-subnet", "network_id": { "get_resource": "cgnapt_provider-mgmt" } }, "type": "OS::Neutron::Subnet" }, "cgnapt_provider-secgroup": { "properties": { "description": "Group allowing icmp and upd/tcp on all ports", "name": "cgnapt_provider-secgroup", "rules": [ { "port_range_max": "65535", "port_range_min": "1", "protocol": "tcp", "remote_ip_prefix": "0.0.0.0/0" }, { "port_range_max": "65535", "port_range_min": "1", "protocol": "udp", "remote_ip_prefix": "0.0.0.0/0" }, { "protocol": "icmp", "remote_ip_prefix": "0.0.0.0/0" } ] }, "type": "OS::Neutron::SecurityGroup" }, "cgnapt_provider-xe0": { "properties": { "name": "cgnapt_provider-xe0", "network_type": "flat", "physical_network": "phystenant1", "port_security_enabled": false }, "type": "OS::Neutron::ProviderNet" }, "cgnapt_provider-xe0-subnet": { "depends_on": "cgnapt_provider-xe0", "properties": { "cidr": "10.0.2.0/24", "enable_dhcp": "true", "gateway_ip": null, "name": "cgnapt_provider-xe0-subnet", "network_id": { "get_resource": "cgnapt_provider-xe0" } }, "type": "OS::Neutron::Subnet" }, "cgnapt_provider-xe1": { "properties": { "name": "cgnapt_provider-xe1", "network_type": "flat", "physical_network": "phystenant2", "port_security_enabled": false }, "type": "OS::Neutron::ProviderNet" }, "cgnapt_provider-xe1-subnet": { "depends_on": "cgnapt_provider-xe1", "properties": { "cidr": "10.0.3.0/24", "enable_dhcp": "true", "gateway_ip": null, "name": "cgnapt_provider-xe1-subnet", "network_id": { "get_resource": "cgnapt_provider-xe1" } }, "type": "OS::Neutron::Subnet" } } }