| Age | Commit message (Collapse) | Author | Files | Lines |
|---|
|
Change-Id: I6ba962c682dc2ab8c6ee5238e0c176d9ae05d696
|
|
|
|
This class extracts the certificate and adds it to the trusted certs.
bp tls-via-certmonger
Change-Id: I6dc1e0469cd7dbbb51659c8f29975d25b2941ec3
|
|
Change I67a15dc83a754fb6f5fe25c64ae9e7d29c58fcec removed the
gnocchi configuration completely from non-bootstrap nodes. This
changes it so the configuration is included on all nodes, but the
db sync is only included on bootstrap.
Change-Id: If402becc900c175f5b3bb95c3413276e5a04b4f7
Closes-Bug: 1604708
|
|
Deploy Apache with Pacemaker in a new profile.
Change-Id: I9ae6cee2bfb0f8974d41d700454cfde2df06c2d1
|
|
Currently if we manually restart the cluster saometimes gnocchi statsd
doesnt comeup as galera is not up yet. This should tie the metrics to
core and follow the order.
Closes-bug: #1604860
Change-Id: I5ec29622938336410b91785ca49b410bcdd30cdd
|
|
Heat needs stack_user_domain_id or stack_user_domain_name config
options set in the heat.conf before starting. The domain itself
doesn't need to exist until a stack is actually created, but the
value needs to be there. This patch ensures that the heat domain
parameters are configured before starting the heat-engine service
with Pacemaker at step3 and 4, and at step5, Pacemaker will start
the services and Puppet will create the domains.
(note: commit message copied from
https://review.openstack.org/#/c/331652/ to mitaka tht, which came
first)
Change-Id: I58fa53357265c1607d2df1b04cc2296083212ab7
Closes-Bug: 1599232
|
|
|
|
|
|
Configures a nova-compute instance to use Ironic.
Change-Id: I4f817aba542cfaa386b3c0617feae90c61579b43
Partially-Implements: blueprint ironic-integration
|
|
Including ::ironic runs ironic-dbsync by default, so we end up with
ironic-dbsync run before the database is created. This patch fixes it.
Change-Id: I6fef1de18e52b68caaf4cbd55c0408b98b5c26e0
Partially-Implements: blueprint ironic-integration
|
|
|
|
The gnocchi db sync is being run from multiple controllers causing errors in
CI. See the bug for more details.
Change-Id: I67a15dc83a754fb6f5fe25c64ae9e7d29c58fcec
Closes-Bug: #1604624
|
|
In the Next Generation HA architecture a number of active/active services
will be run via systemd. In order for this to work we need to make sure that
the sync_db operation only takes place on the bootstrap node, just like it is
done today for the pacemaker profiles.
We do this by removing sync_db as a parameter and instead set it to true
or false depending if the hostname matches the bootstrap_node as it is done
today in the pacemaker role.
Note that we call hiera('bootstrap_nodeid', undef) because if a profile
is included on a non controller node that variable will be undefined.
The following testing was done:
- HA puppet-pacemaker.yaml scenario with three computes
- NonHA with one controller
- NonHA with three controllers
Fixes-Bug: 1600149
Co-Author: cmsj@tenshu.net
Change-Id: I04a7b9e3c18627ea512000a34357acb7f27d6e0e
Implements: blueprint ha-lightweight-architecture
|
|
The principal is needed for kerberos-based solutions like FreeIPA.
bp tls-via-certmonger
Change-Id: Ie27848f522d11135b061aef766de2b696c77fcb9
|
|
The code was in THT before but now in the Nova API profile.
Change-Id: I7035f7998c11dc5508dae8c1a750b93c2944b2d4
|
|
|
|
|
|
The dummy openstack-core resource was meant to replace keystone so that
restarting keystone would not restart the whole cloud. When this
resource was introduced the paramter interleave=true was mistakenly left
out.
This causes a simple promote operation on the galera resource to restart
openstack-core and its children.
Change-Id: Ic590005a9419be87e6e6ea131b0ac0630c5afc19
Closes-Bug: 1603381
|
|
|
|
Add Mistral profiles for non-ha and ha scenarios
Change-Id: I1a072326091fd3b0c21d2f78041e3532b67c60eb
Implements: blueprint refactor-puppet-manifests
Depends-On: I6ce61054384c15876c498ba8cf582f88d9f7f54c
|
|
I think this will need refinement in future, but for now this is
just a copy of what we have in t-h-t
Change-Id: I427f0b5ee93a0870d43419009178e0690ac66bd6
Partially-Implements: blueprint refactor-puppet-manifests
|
|
|
|
|
|
Add MySQL profiles, for non-ha and ha scenarios.
Change-Id: I7ddae28a6affd55c5bffc15d72226a18c708850e
Closes-Bug: #1601853
|
|
This resource will be used in both the overcloud and the undercloud,
and can be called in several instances (for public-facing or
internal-facing certificates).
bp tls-via-certmonger
Change-Id: I0410fe0dbbed97d16909e911f7318d78a5bd7d7b
|
|
This base class just executes the main certmonger include (which gets
the package and starts the service) and configures the global CA, as
well as some options for the certificates that it will be issuing.
bp tls-via-certmonger
Change-Id: Ib748946130209bf9ccf6670b6f3fbbe0424400ec
|
|
|
|
|
|
|
|
Change-Id: I46215f82480854b5e04aef1ac1609dd99455181b
Closes-Bug: #1601970
|
|
As not having guarantee of being installed on same node, the dbsync
will be on step 3 and the clustercheck on 2.
Change-Id: Id728aae79442c45ab48fe0914c065f1807e8890d
|
|
|
|
|
|
Change-Id: Iff6508972edfd5f330b239719bc5eb14d3f71944
Implements: blueprint refactor-puppet-manifests
|
|
When both the Ceph Monitor and OSD roles are deployed on the same
node, we need the OSD configuration to happen *after* the Monitor
configuration is finished.
Change-Id: Id2ea099a0aaba344004870e82108da288cba2cb7
|
|
|
|
|
|
|
|
The Nuage agent will also get used on compute nodes.
Change-Id: Ic842ebdc183918ec9a24f83ae39adfba27bc799c
|
|
We include this from the midonet profile (which is for the controller).
Agent will also get used on compute nodes as well.
Change-Id: I2393fc3c360f5f5786411f64dbcd06f380376093
|
|
Simplify the base neutron profile so that we always include
the neutron and neutron::config classes at step 3. In doing so
we can now simplify the pacemaker version to use a simple include
which will avoid duplicate class errors.
Change-Id: I95b9188607ab6c599ad4cde6faa1deb081618f3e
|
|
In order for each service to operate independently when used with Pacemaker,
the roles needed to be separated.
This also drops all pacemaker constraints, as they do not make much sense
in the composable realm.
Change-Id: Id61eb15b1e2366f5b73c6e7d47941651e40651b1
Partial-Bug: #1592284
|
|
* Configure ceilometer to default mongodb backend.
* remove useless sync_db parameter in pacemaker class.
* Remove duplicated resource for ceilometer central agent service with
pcmk.
* Remove pacemaker delay resource dependency, the resource does not
exist anymore.
Change-Id: Ie337bfe770c5b22158dc307eb36e39c2b93b95a9
|
|
When nova-compute and nova-conductor are collocated, we need to make
sure nova-conductor starts before nova-compute otherwise nova-compute
will just fail to start.
Change-Id: Icc3ed768af2a08e2db78d9c9278d309a62d26850
|
|
Deploy composable iptables rules for HAproxy.
Note: we can't use Hiera here because we have some logic in
puppet-tripelo that select the services that we actually deploy.
Using this code in the Define will easily create IPtables rules that we
actually need. Some other services will be able to create IPtables rules
in Hiera (in THT), but not HAproxy now.
Change-Id: If03b18992c68461e97789c0318078a0b243c84fe
|
|
|
|
|
|
|
|
|
Giulio Fidente
Jenkins
Juan Antonio Osorio Robles
Ben Nemec
Emilien Macchi
Pradeep Kilambi
marios
Dmitry Tantsur
James Slagle
Michele Baldessari
Brad P. Crochet
Steven Hardy
Carlos Camacho
Dan Prince