Age | Commit message (Collapse) | Author | Files | Lines |
|
This change pulls in rspec-puppet-facts to provide the basic default
facts for puppet-tripleo rspec tests. rspec-puppet-facts provides an
easy to use interface to allow for the same set of tests to be executed
with multiple sets of operating system facts. In most cases this
includes defaults for Debian/RedHat based systems. In puppet-tripleo's
case this is just RHEL/CentOS. We are removing the Fedora listing from
the metadata.json as we only support RHEL and CentOS for tripleo.
This change also updates the existing rspec tests to leverage
rspec-puppet-facts to be more consistent with how facts are defined.
Change-Id: I0ddc71799d74ee95b9828aea6a8dcb4abb4e4e62
|
|
In the case of memcache servers are IPv6, make sure brackets set in the
way we construct the list of memcache server + memcache port parameter.
Also add unit-tests to test that the output is what we want in the
configuration.
Depends-On: I8d361ce9cfcfe6a3f8592b2b7991971a3c748c75
Closes-Bug: 1625335
Change-Id: I9fb8168d8fb56c9d8465d58a45fd8c6edfee6fdd
|
|
This patch shall create VFs via the PCI SYS interface.
Default value : $::os_service_default
Sample Format : ['eth0:4','eth2:128']
For values as in sample format, the sriov_numvfs config files
for eth0 and eth2 will have the values 4 and 128 respectively
The SR-IOV numvfs configuration shall be persisted in /sbin/ifup-local
so that, during the bootup of the compute nodes, the numvfs
configuration will be restored.
Change-Id: I7450b904475bdf46498d9af633416b3eba12f761
Implements: blueprint tripleo-sriov
Signed-off-by: karthik s <ksundara@redhat.com>
|
|
Adds a class to configure SELinux. The code is taken from
puppet-openstack-cloud:
https://github.com/redhat-cip/puppet-openstack-cloud
This allows to share the same code for usage by both the Undercloud and
Overcloud.
Co-Authored By: Emilien Macchi <emilien@redhat.com>
Co-Authored By: Yanis Guenane <yguenane@redhat.com>
blueprint undercloud-elements
Change-Id: If214005df733d41c2fa4e197df247d8a14baaa14
|
|
The port parameter to puppetlabs-firewall is actually deprecated[1].
This adds support for using the new parameter names dport and sport. The
port parameter is still retained in puppet-tripleo for backwards
compatibily for anyone using that interface. It is marked deprecated in
the documentation, however no deprecation warning is needed because
there is already a warning from from puppetlabs-firewall.
blueprint undercloud-elements
Change-Id: I0598007f90018f80a3266193bb24dbf112de49b7
|
|
Specifying a destination cidr is already supported by
puppetlabs-firewall, we just need to pass through the parameter in
rule.pp in puppet-tripleo.
This will allow creating iptables rules that forward network traffic for
a given cidr via puppet-tripleo.
Change-Id: I23582a55cd97248be52f45e14de7e813ff499ff7
|
|
Change the workflow to be:
Upgrade all packages before any services that is notified & managed by
Puppet.
It also disable the Exec timeout so we rely on Heat timeout and not on
the 300s that are the default in Puppet [1]
Example: we upgrade and OpenStack config will change (obviously).
Puppet catalog will contain 3 important things:
* config resources
* service resources
* package-upgrade Exec resource
with that patch, what will happen:
* puppet will update config first or second and notify
services
* puppet will run package-upgrade first or second but before
the package-upgrade Exec resource
* at the very end, puppet will restart services
That way, we avoid complications with Puppet dependency cycle issues.
[1] https://docs.puppetlabs.com/references/latest/type.html#exec-attribute-timeout
Closes-Bug: 1536349
Change-Id: I07310bdfc5b07b03ac9fa5f8c13e87eaa2bfef4d
|
|
This updates tripleo::packages so that when enable_upgrade
is used it will:
1) upgrade puppet managed packages (will trigger puppet dependencies)
2) then upgrade all packages via exec
3) then restart services
NOTE: the intention here is that the Exec['update-packages'] will
always execute if enable_upgrade is set. It is not idempotent
in this regard because I think we always want to execute it
if enable_upgrade is set.
Change-Id: I02f7cf07792765359f19fdf357024d9e48690e42
Related-bug: #1522943
|
|
Switch to locp/cassandra module since it has much more options than
midonet/puppet-cassandra and it is already defined on the
openstack-puppet-modules packages in RHEL. More info:
https://bugzilla.redhat.com/show_bug.cgi?id=1285718
Depends-On: I72f21036fda795b54312a7d39f04c30bbf16c41b
Change-Id: Icea9bd96e4c80a26b9e813d383f84099c736d7bf
|
|
Change-Id: Ie2f3e29005570805fbf2ca75a930fab746f5f299
Related-bug: #1517805
Signed-off-by: Gael Chamoulaud <gchamoul@redhat.com>
|
|
|
|
Change-Id: I10c0d35b473026a5e1ede265099f73c803402adc
Related-bug: #1517805
Signed-off-by: Gael Chamoulaud <gchamoul@redhat.com>
|
|
Provide TripleO overcloud manifests to deploy MidoNet and the cluster
services that needs to run.
Change-Id: I24f852e74fc4652d4609e1a71897e813448055fe
|
|
Currently firewalling is implemented in tripleo/init.pp this commit
moves it to its own scope tripleo/firewall.pp.
This is done so that in tripleo-heat-templates we can have a simple and
generic `include tripleo::firewall` in every manifest - unconditional.
The rest of the behavior will all be managed by hiera.
If a user wants to enable firewalling:
```
tripleo::firewall::manage_firewall: true
```
If a user wants to specify firewall rules:
```
tripleo::firewall::firewall_rules:
'103 mongod':
port: 27017
```
Change-Id: I144c60db2a568a94dce5b51257f1d10980173325
|
|
* Provide a Define function which will allow to manage IPtables rules.
* Manage rules in 'pre' and 'post' Puppet stages, it allows to create
rules before and after regular Puppet stages (ie: to make sure no rule
exists *before* and everything is blocked *after* regular Puppet
stages)
Change-Id: I84fc79096f6fc3db76a61d012d8cb62dd12bdd89
|