summaryrefslogtreecommitdiffstats
path: root/manifests
AgeCommit message (Collapse)AuthorFilesLines
2016-09-28Use FallbackResource instead of Rewrite for UIHonza Pokorny1-13/+7
The original configuration produced a 400 error for all requests. The new FallbackResource directive accomplishes our task in a more elegant fashion. Change-Id: Ib5d77d158e73acc63d5c0c85d6aa6d99d2176333 Closes-Bug: 1628484
2016-09-28Merge "Move db syncs into mysql base role"Jenkins16-54/+63
2016-09-27Move db syncs into mysql base roleDan Prince16-54/+63
This patch moves the various DB syncs into the MySQL role. Database creation needs to occur on the MySQL server to avoid permission issues. This patch also moves database creation to step 2 so we can guarantee that all per-service databases exist at this time. This avoids complex ordering needed during step 3 where services, on different hosts, can run their own db sync's in a distributed fashion. Change-Id: I05cc0afa9373429a3197c194c3e8f784ae96de5f Partial-bug: #1620595
2016-09-26Merge "Add pameter for gmcast.listen_addr configuration"Jenkins1-4/+9
2016-09-26Merge "Make mysql bind-address configurable"Jenkins2-5/+14
2016-09-26Merge "Move inclusion of ::manila::db::mysql in manila/api profile"Jenkins5-33/+77
2016-09-26Add pameter for gmcast.listen_addr configurationJuan Antonio Osorio Robles1-4/+9
having an actual name for that configuration will allow us to pass a more proper name via t-h-t. Change-Id: Iea4bd67074824e5dc6732fd7e408743e693d80b3
2016-09-26Merge "Fix Swift manifest for Puppet4 deployment"Jenkins2-2/+2
2016-09-24Make mysql bind-address configurableJuan Antonio Osorio Robles2-5/+14
It used to be hardcoded that the bind-address was always coming from the $::hostname fact. This is wrong, as it disregards where we have configured the mysql address. This commit actually makes it configurable, so we'll be able to set it via hieradata. On the other hand, we use the hiera key that we already set 'mysql_bind_host' as a default; if, for some reason, that's unavailable then we fall back to $::hostname. Related-Bug: #1627060 Change-Id: I316acfd514aac63b84890e20283c4ca611ccde8b
2016-09-23Merge "Add support for rabbit hosts to mistral"Jenkins1-1/+8
2016-09-23Merge "certmonger: improve orchestration for puppet4"Jenkins1-4/+6
2016-09-23Move inclusion of ::manila::db::mysql in manila/api profileGiulio Fidente5-33/+77
In puppet-manila it is the api service performing db sync, not scheduler. This change moves ::manila::db::mysql (which creates the empty database and users) in the tripleo manila/api profile. Also moves rabbit config into a general manila base profile as that would be needed by the scheduler service as well. Change-Id: I2b537f735b8d1be8f39e8c274be3872b193c1014
2016-09-23Add support for rabbit hosts to mistralBrad P. Crochet1-1/+8
The mistral puppet did not have support for configuring the rabbit hosts. This change adds that support. Change-Id: I6cb2cbf4a2abf494668d24b8c36b0d525643f0af
2016-09-21Merge "Manage tripleo-ui configuration files with puppet"Jenkins2-0/+110
2016-09-21Fix Swift manifest for Puppet4 deploymentEmilien Macchi2-2/+2
1) swift/ringbuilder: seed must be a String Because we use validate_re in puppet-swift and puppet4 requires the regex to be a string, not an integer. 2) Fix Swift package name In puppet4, we need the resource title, not the resource name. Change-Id: I50cea96d45e0eb46c19040d9a7105ab72c2dbef7
2016-09-21Merge "swift: normalize memcache servers IP addresses"Jenkins1-1/+1
2016-09-21Merge "Fix puppet-lint in composable contrail"Jenkins5-192/+215
2016-09-20Merge "Fixup manila-cephfs native backend defaults"Jenkins1-41/+7
2016-09-20certmonger: improve orchestration for puppet4Emilien Macchi1-4/+6
The extract-and-trust-ca actually needs /var/lib/certmonger/local/creds file to be created, which is created when certmonger is started, not when package is installed. This patch change the exec dependency to run it only when service is started. Also, since the service create the file, let's relax the Exec a little bit by allowing to retry 5 times after 1s break in case the Exec fails, for example if service takes more than 5 seconds to create this file. It will avoid us some race condition in the deployment. Change-Id: I4cf4a04bddb8f042e8e8f7e1d1b69f846c533e3b
2016-09-20swift: normalize memcache servers IP addressesEmilien Macchi1-1/+1
In the case of memcache servers are IPv6, make sure brackets set in the way we construct the list of memcache server + memcache port parameter. Also add unit-tests to test that the output is what we want in the configuration. Depends-On: I8d361ce9cfcfe6a3f8592b2b7991971a3c748c75 Closes-Bug: 1625335 Change-Id: I9fb8168d8fb56c9d8465d58a45fd8c6edfee6fdd
2016-09-20Fixup manila-cephfs native backend defaultsmarios1-41/+7
The puppet-tripleo side for manila-cephfs landed without specifying defaults for all class params [1] so when cephfs isn't enabled e.g. only generic, then you will get errors for those params. See review comments at [2] for reports of this. This will fixup the manila-cephfs puppet-tripleo side to be more in line with the tidy up adding netapp at [3]. The config is all moved tripleo-heat-templates side. The tht review for this is at https://review.openstack.org/#/c/358525/ and that will now depend on this review. [1] https://review.openstack.org/#/c/354047/ [2] https://review.openstack.org/#/c/354019/ [3] https://review.openstack.org/#/c/354014/ Change-Id: I918f6f23ae0bd3542bcfe1bf0c797d4e6aa8f4d9
2016-09-20Merge "Terminate Zaqar websocket endpoint in HAProxy"Jenkins1-0/+33
2016-09-20Terminate Zaqar websocket endpoint in HAProxyJuan Antonio Osorio Robles1-0/+33
Note that there was a need to modify different timeouts due to the nature of how websockets work. The source where the reasoning and value came from is listed as a comment in the code. Related-Bug: #1625448 Co-Authored-By: Brad P. Crochet <brad@redhat.com> Change-Id: I9de77d5f692c1c9d04e3c59c5de5312e63f81aed
2016-09-17Merge "Swift add_devices.pp IPv6 handling"Jenkins1-1/+4
2016-09-17Merge "Fix dependencies for HAProxy when certmonger is used"Jenkins2-4/+9
2016-09-17Merge "mysql: never add brackets to mysql_bind_host"Jenkins1-1/+1
2016-09-17Merge "Wait for MongoDB connections before creating replset"Jenkins1-0/+7
2016-09-16Wait for MongoDB connections before creating replsetJiri Stransky1-0/+7
Sometimes the mongodb_replset resource fails with: Could not evaluate: Can't find master host for replicaset tripleo. This issue is intermittent so the fix cannot be perfectly verified, but the assumption is that if we wait for MongoDB to be reachable on all nodes, it will assure that the members will appear to the puppet module as alive when creating or verifying the replset. If the validation fails, it should help us uncover which of the members was causing trouble. Change-Id: I0bcd0d063a7a766483426fdd5ea81cbe1dfaa348 Closes-Bug: #1624420
2016-09-16Swift add_devices.pp IPv6 handlingGabriele Cerami1-1/+4
Add brackets to IPv6 addresses before forming $object from $base Change-Id: I4568d538561a0102b69f331a122d4989333a3bfa Closes-Bug: #1623096
2016-09-16Merge "Add manila-netapp backend to manila class and tidy up generic"Jenkins1-81/+41
2016-09-16Add manila-netapp backend to manila class and tidy up genericmarios1-81/+41
This adds support for the manila-netapp backend. The backend specific config is set tht side. So this change also tidies up the manila generic config, which is unnecessarily being duplicated here ( see https://review.openstack.org/#/c/354019/ ) Change-Id: Ic6f8e8d27ca20b9badddea5d16550aa18bff8418
2016-09-16Manage tripleo-ui configuration files with puppetMartin André2-0/+110
This commit ensures the tripleo-ui configuration files are present and are matching the environment. Change-Id: I0deeffa9026b1f5cd36a9810aaee7832e31c3c93
2016-09-16mysql: never add brackets to mysql_bind_hostEmilien Macchi1-1/+1
Don't add brackets on mysql_bind_host parameter in Galera config. Having brackets from this parameter works with old version of Galera but not newest one. So let's remove them at all, so we can safely upgrade Galera in RDO. Change-Id: Ic904d4efda162f18ec8dffb91c2f383f54361f41 Closes-Bug: #1622755
2016-09-15Fix dependencies for HAProxy when certmonger is usedJuan Antonio Osorio Robles2-4/+9
Installing the undercloud with generate_service_certificate=True fails if HAProxy is not pre-installed. This is due to missing dependency setting on our puppet manifests. We need to specify that the PEM file needs to be written only if the haproxy user and group exist (which comes from the package) and that the haproxy frontend configuration needs to be notified if there are changes in the certificates. Change-Id: Iba3030e4489eb31f9c07ab49913687d8b595a91b Closes-Bug: #1623805
2016-09-15Fix wrong flag name for VNC Proxy in HAProxyJuan Antonio Osorio Robles1-2/+2
The name was wrong, and so fixing it will actually enable VNC Proxy when the service is enabled. Change-Id: I65e90479fd33844b4dcd70c19cec3cd838aeff69 Closes-Bug: #1623796
2016-09-14Merge "Add validations profile for tripleo"Jenkins1-0/+29
2016-09-13Merge "Enable X-Forwarded-Proto for manila"Jenkins1-0/+5
2016-09-12Add validations profile for tripleoTomas Sedovic1-0/+29
This adds the tripleo::profile::base::validations profile which sets up the `validations` user and installs the openstack-tripleo-validations package. Change-Id: Ib2b1ddcda3a41cb7263171d3024f05ba8bfd2f28
2016-09-12Fix puppet-lint in composable contrailCarlos Camacho5-192/+215
After landing this new service, there ase some puppet styles misalignments. These changes are in favor of start using puppet-lint 2.0.0 2016-09-12 08:55:07.952492 | manifests/network/contrail/analytics.pp:130:WARNING: optional parameter listed before required parameter 2016-09-12 08:55:07.952573 | manifests/network/contrail/config.pp:117:WARNING: optional parameter listed before required parameter 2016-09-12 08:55:07.952604 | manifests/network/contrail/config.pp:118:WARNING: optional parameter listed before required parameter 2016-09-12 08:55:07.952632 | manifests/network/contrail/config.pp:119:WARNING: optional parameter listed before required parameter 2016-09-12 08:55:07.952660 | manifests/network/contrail/config.pp:120:WARNING: optional parameter listed before required parameter 2016-09-12 08:55:07.952688 | manifests/network/contrail/control.pp:95:WARNING: optional parameter listed before required parameter 2016-09-12 08:55:07.952717 | manifests/network/contrail/control.pp:96:WARNING: optional parameter listed before required parameter 2016-09-12 08:55:07.952745 | manifests/network/contrail/control.pp:97:WARNING: optional parameter listed before required parameter 2016-09-12 08:55:07.952773 | manifests/network/contrail/database.pp:37:WARNING: optional parameter listed before required parameter 2016-09-12 08:55:07.952800 | manifests/network/contrail/webui.pp:80:WARNING: optional parameter listed before required parameter 2016-09-12 08:55:07.952828 | manifests/network/contrail/webui.pp:81:WARNING: optional parameter listed before required parameter 2016-09-12 08:55:07.952856 | manifests/network/contrail/webui.pp:82:WARNING: optional parameter listed before required parameter Change-Id: Id45d2daf49bfd081ceb074a2687306a7ac977da8
2016-09-12Enable X-Forwarded-Proto for manilaJuan Antonio Osorio Robles1-0/+5
This is necessary so the middleware in manila can set the protocol correctly in case we're terminating SSL in HAProxy. Depends-On: Ice78b0abceb6a956bb8c1dc6212ee1b56b62b43f Change-Id: Iedaabaf1379466c22e3b9bb2307e940459d26de7
2016-09-12Fill DNS name for haproxy certificatesJuan Antonio Osorio Robles1-0/+1
This sets the subject alt name field for the certificates we auto-generate, which will remove the security warnings we constantly see in the undercloud. This is the proper way to set certificates, since the usage of the CN as a replacement for the subjectAltName is being deprecated (very slowly). Change-Id: I475cbffd47425e850902838eec06bf461df2acd0 Closes-Bug: #1622446
2016-09-09Merge "Added Contrail Composable Services"Jenkins5-0/+751
2016-09-09Merge "Add Ceph RGW profile"Jenkins1-0/+63
2016-09-08Merge "Add class to write overcloud VIPs into /etc/hosts"Jenkins1-0/+39
2016-09-07gnocchi: move statsd and metricd at step5Emilien Macchi2-2/+6
Gnocchi statsd and metricd require Keystone resources to be in place when using Swift backend, because those services will try to access to Swift containers. To do so, we want to move the service start at step 5 instead of 4 and also require Keystone resource to be managed before starting the services. Change-Id: Ie5bc1481a8700c7cd080a76d0978146a84825767 Closes-Bug: #1621164
2016-09-07Merge "Manage Redis VIP when deploying with keepalived"Jenkins1-0/+18
2016-09-06Merge "Include heat base profile outside of step"Jenkins4-4/+8
2016-09-06Merge "Add Ceph RGW listener to HAProxy"Jenkins2-0/+23
2016-09-06Merge "Convert ringbuilder to build devices array"Jenkins1-4/+26
2016-09-06Add class to write overcloud VIPs into /etc/hostsJuan Antonio Osorio Robles1-0/+39
This will be useful to start using FQDNs instead of IPs if we don't have a DNS set-up. This will effectively grab a map of hosts to add and create them with puppet's host resource. Change-Id: I1bdb2701dfb3e7ef072e674c9882d3be5af7296c