aboutsummaryrefslogtreecommitdiffstats
path: root/manifests
AgeCommit message (Collapse)AuthorFilesLines
2016-07-22Merge "Remove unused redis_vip parameter"Jenkins1-4/+0
2016-07-22Generate HAProxy certificates in base profileJuan Antonio Osorio Robles1-2/+48
This gives the option to generate the service certificate(s) that HAProxy will use. This will be used for both the overcloud and the undercloud. bp tls-via-certmonger Change-Id: I3d0b729d0bad5252c1ae8852109c3a70c0c6ba7d
2016-07-21Merge "Deploy Keystone and Gnocchi API with new Apache profile"Jenkins2-0/+2
2016-07-21Merge "Include gnocchi config on non-bootstrap nodes"Jenkins1-2/+4
2016-07-21Merge "deploy composable firewall rules for HAproxy"Jenkins1-0/+12
2016-07-21Merge "Ensure the Heat Domain parameters before starting heat-engine pcmk ↵Jenkins1-0/+10
service"
2016-07-21Merge "Add class to use certmonger's local CA"Jenkins1-0/+37
2016-07-21Deploy Keystone and Gnocchi API with new Apache profileEmilien Macchi2-0/+2
Deploy Keystone and Gnocchi API with the new Apache/Pacemaker profile. Change-Id: Id28c618133e53e28dfac7e3e9cf9f5f5a6b2421a
2016-07-21Remove unused redis_vip parameterGiulio Fidente1-4/+0
Change-Id: I6ba962c682dc2ab8c6ee5238e0c176d9ae05d696
2016-07-21Merge "nova/api: purge archive_deleted_rows via cron"Jenkins1-0/+6
2016-07-21Add class to use certmonger's local CAJuan Antonio Osorio Robles1-0/+37
This class extracts the certificate and adds it to the trusted certs. bp tls-via-certmonger Change-Id: I6dc1e0469cd7dbbb51659c8f29975d25b2941ec3
2016-07-20Include gnocchi config on non-bootstrap nodesBen Nemec1-2/+4
Change I67a15dc83a754fb6f5fe25c64ae9e7d29c58fcec removed the gnocchi configuration completely from non-bootstrap nodes. This changes it so the configuration is included on all nodes, but the db sync is only included on bootstrap. Change-Id: If402becc900c175f5b3bb95c3413276e5a04b4f7 Closes-Bug: 1604708
2016-07-20Implement Apache pacemaker profileEmilien Macchi2-0/+51
Deploy Apache with Pacemaker in a new profile. Change-Id: I9ae6cee2bfb0f8974d41d700454cfde2df06c2d1
2016-07-20Ensure the Heat Domain parameters before starting heat-engine pcmk servicemarios1-0/+10
Heat needs stack_user_domain_id or stack_user_domain_name config options set in the heat.conf before starting. The domain itself doesn't need to exist until a stack is actually created, but the value needs to be there. This patch ensures that the heat domain parameters are configured before starting the heat-engine service with Pacemaker at step3 and 4, and at step5, Pacemaker will start the services and Puppet will create the domains. (note: commit message copied from https://review.openstack.org/#/c/331652/ to mitaka tht, which came first) Change-Id: I58fa53357265c1607d2df1b04cc2296083212ab7 Closes-Bug: 1599232
2016-07-20Merge "Make ::tripleo::profile::base classes work with multiple nodes"Jenkins29-185/+217
2016-07-20Merge "make sure we start nova-compute after nova-conductor"Jenkins2-0/+8
2016-07-20Merge "openstack-core resource does not have interleave=true"Jenkins1-1/+1
2016-07-19Only sync the gnocchi db on the pacemaker masterJames Slagle1-6/+1
The gnocchi db sync is being run from multiple controllers causing errors in CI. See the bug for more details. Change-Id: I67a15dc83a754fb6f5fe25c64ae9e7d29c58fcec Closes-Bug: #1604624
2016-07-18Make ::tripleo::profile::base classes work with multiple nodesMichele Baldessari29-185/+217
In the Next Generation HA architecture a number of active/active services will be run via systemd. In order for this to work we need to make sure that the sync_db operation only takes place on the bootstrap node, just like it is done today for the pacemaker profiles. We do this by removing sync_db as a parameter and instead set it to true or false depending if the hostname matches the bootstrap_node as it is done today in the pacemaker role. Note that we call hiera('bootstrap_nodeid', undef) because if a profile is included on a non controller node that variable will be undefined. The following testing was done: - HA puppet-pacemaker.yaml scenario with three computes - NonHA with one controller - NonHA with three controllers Fixes-Bug: 1600149 Co-Author: cmsj@tenshu.net Change-Id: I04a7b9e3c18627ea512000a34357acb7f27d6e0e Implements: blueprint ha-lightweight-architecture
2016-07-18Add principal to certmonger's haproxy helperJuan Antonio Osorio Robles1-0/+5
The principal is needed for kerberos-based solutions like FreeIPA. bp tls-via-certmonger Change-Id: Ie27848f522d11135b061aef766de2b696c77fcb9
2016-07-18nova/api: purge archive_deleted_rows via cronEmilien Macchi1-0/+6
The code was in THT before but now in the Nova API profile. Change-Id: I7035f7998c11dc5508dae8c1a750b93c2944b2d4
2016-07-15Merge "Add MySQL profiles"Jenkins2-0/+269
2016-07-15Merge "Add resource for requesting certificates for HAProxy"Jenkins1-0/+70
2016-07-15openstack-core resource does not have interleave=trueMichele Baldessari1-1/+1
The dummy openstack-core resource was meant to replace keystone so that restarting keystone would not restart the whole cloud. When this resource was introduced the paramter interleave=true was mistakenly left out. This causes a simple promote operation on the galera resource to restart openstack-core and its children. Change-Id: Ic590005a9419be87e6e6ea131b0ac0630c5afc19 Closes-Bug: 1603381
2016-07-14Merge "Add Mistral profiles"Jenkins5-0/+177
2016-07-14Add Mistral profilesBrad P. Crochet5-0/+177
Add Mistral profiles for non-ha and ha scenarios Change-Id: I1a072326091fd3b0c21d2f78041e3532b67c60eb Implements: blueprint refactor-puppet-manifests Depends-On: I6ce61054384c15876c498ba8cf582f88d9f7f54c
2016-07-14Merge "Add base certmonger class"Jenkins1-0/+37
2016-07-14Merge "Implement Pacemaker service profile"Jenkins1-0/+93
2016-07-13Add MySQL profilesEmilien Macchi2-0/+269
Add MySQL profiles, for non-ha and ha scenarios. Change-Id: I7ddae28a6affd55c5bffc15d72226a18c708850e Closes-Bug: #1601853
2016-07-13Add resource for requesting certificates for HAProxyJuan Antonio Osorio Robles1-0/+70
This resource will be used in both the overcloud and the undercloud, and can be called in several instances (for public-facing or internal-facing certificates). bp tls-via-certmonger Change-Id: I0410fe0dbbed97d16909e911f7318d78a5bd7d7b
2016-07-13Add base certmonger classJuan Antonio Osorio Robles1-0/+37
This base class just executes the main certmonger include (which gets the package and starts the service) and configures the global CA, as well as some options for the certificates that it will be issuing. bp tls-via-certmonger Change-Id: Ib748946130209bf9ccf6670b6f3fbbe0424400ec
2016-07-13Merge "Drop the neutron dnsmasq config file options"Jenkins1-13/+0
2016-07-12Merge "Move gnocchi clustercheck to step 2"Jenkins1-4/+7
2016-07-12Merge "profile/nova/compute: add iscsi bits"Jenkins1-0/+11
2016-07-12Implement Pacemaker service profileEmilien Macchi1-0/+93
Change-Id: I46215f82480854b5e04aef1ac1609dd99455181b Closes-Bug: #1601970
2016-07-12Move gnocchi clustercheck to step 2Carlos Camacho1-4/+7
As not having guarantee of being installed on same node, the dbsync will be on step 3 and the clustercheck on 2. Change-Id: Id728aae79442c45ab48fe0914c065f1807e8890d
2016-07-12Merge "Composable Horizon service - puppet-tripleo"Jenkins1-0/+50
2016-07-11Merge "Add ironic inspector as a terminated HAProxy endpoint"Jenkins1-0/+20
2016-07-11Composable Horizon service - puppet-tripleoCarlos Camacho1-0/+50
Change-Id: Iff6508972edfd5f330b239719bc5eb14d3f71944 Implements: blueprint refactor-puppet-manifests
2016-07-09Merge "Split Sahara pacemaker roles into separate services"Jenkins5-35/+104
2016-07-08Merge "Add new nuage agent profile."Jenkins1-0/+62
2016-07-08Merge "Fix Ceilometer profiles"Jenkins4-54/+40
2016-07-08Add new nuage agent profile.Dan Prince1-0/+62
The Nuage agent will also get used on compute nodes. Change-Id: Ic842ebdc183918ec9a24f83ae39adfba27bc799c
2016-07-08Add new midonet_agent profile.Dan Prince2-8/+57
We include this from the midonet profile (which is for the controller). Agent will also get used on compute nodes as well. Change-Id: I2393fc3c360f5f5786411f64dbcd06f380376093
2016-07-08Use include for base neutron profileDan Prince2-9/+2
Simplify the base neutron profile so that we always include the neutron and neutron::config classes at step 3. In doing so we can now simplify the pacemaker version to use a simple include which will avoid duplicate class errors. Change-Id: I95b9188607ab6c599ad4cde6faa1deb081618f3e
2016-07-08Split Sahara pacemaker roles into separate servicesBrad P. Crochet5-35/+104
In order for each service to operate independently when used with Pacemaker, the roles needed to be separated. This also drops all pacemaker constraints, as they do not make much sense in the composable realm. Change-Id: Id61eb15b1e2366f5b73c6e7d47941651e40651b1 Partial-Bug: #1592284
2016-07-06Fix Ceilometer profilesPradeep Kilambi4-54/+40
* Configure ceilometer to default mongodb backend. * remove useless sync_db parameter in pacemaker class. * Remove duplicated resource for ceilometer central agent service with pcmk. * Remove pacemaker delay resource dependency, the resource does not exist anymore. Change-Id: Ie337bfe770c5b22158dc307eb36e39c2b93b95a9
2016-07-06make sure we start nova-compute after nova-conductorEmilien Macchi2-0/+8
When nova-compute and nova-conductor are collocated, we need to make sure nova-conductor starts before nova-compute otherwise nova-compute will just fail to start. Change-Id: Icc3ed768af2a08e2db78d9c9278d309a62d26850
2016-07-06deploy composable firewall rules for HAproxyEmilien Macchi1-0/+12
Deploy composable iptables rules for HAproxy. Note: we can't use Hiera here because we have some logic in puppet-tripelo that select the services that we actually deploy. Using this code in the Define will easily create IPtables rules that we actually need. Some other services will be able to create IPtables rules in Hiera (in THT), but not HAproxy now. Change-Id: If03b18992c68461e97789c0318078a0b243c84fe
2016-07-06Merge "Add non-pcmk Trove API/Conductor/Taskmanager profiles"Jenkins3-0/+117