aboutsummaryrefslogtreecommitdiffstats
path: root/spec/classes
AgeCommit message (Collapse)AuthorFilesLines
2016-09-21Add in rspec-puppet-facts supportAlex Schultz9-173/+128
This change pulls in rspec-puppet-facts to provide the basic default facts for puppet-tripleo rspec tests. rspec-puppet-facts provides an easy to use interface to allow for the same set of tests to be executed with multiple sets of operating system facts. In most cases this includes defaults for Debian/RedHat based systems. In puppet-tripleo's case this is just RHEL/CentOS. We are removing the Fedora listing from the metadata.json as we only support RHEL and CentOS for tripleo. This change also updates the existing rspec tests to leverage rspec-puppet-facts to be more consistent with how facts are defined. Change-Id: I0ddc71799d74ee95b9828aea6a8dcb4abb4e4e62
2016-09-20swift: normalize memcache servers IP addressesEmilien Macchi1-0/+89
In the case of memcache servers are IPv6, make sure brackets set in the way we construct the list of memcache server + memcache port parameter. Also add unit-tests to test that the output is what we want in the configuration. Depends-On: I8d361ce9cfcfe6a3f8592b2b7991971a3c748c75 Closes-Bug: 1625335 Change-Id: I9fb8168d8fb56c9d8465d58a45fd8c6edfee6fdd
2016-08-29Configure the numvfs for SRIOV interfaceskarthik s1-0/+39
This patch shall create VFs via the PCI SYS interface. Default value : $::os_service_default Sample Format : ['eth0:4','eth2:128'] For values as in sample format, the sriov_numvfs config files for eth0 and eth2 will have the values 4 and 128 respectively The SR-IOV numvfs configuration shall be persisted in /sbin/ifup-local so that, during the bootup of the compute nodes, the numvfs configuration will be restored. Change-Id: I7450b904475bdf46498d9af633416b3eba12f761 Implements: blueprint tripleo-sriov Signed-off-by: karthik s <ksundara@redhat.com>
2016-05-05Add tripleo::selinuxJames Slagle1-0/+106
Adds a class to configure SELinux. The code is taken from puppet-openstack-cloud: https://github.com/redhat-cip/puppet-openstack-cloud This allows to share the same code for usage by both the Undercloud and Overcloud. Co-Authored By: Emilien Macchi <emilien@redhat.com> Co-Authored By: Yanis Guenane <yguenane@redhat.com> blueprint undercloud-elements Change-Id: If214005df733d41c2fa4e197df247d8a14baaa14
2016-05-05Add dport/sport parameter to firewall ruleJames Slagle1-2/+16
The port parameter to puppetlabs-firewall is actually deprecated[1]. This adds support for using the new parameter names dport and sport. The port parameter is still retained in puppet-tripleo for backwards compatibily for anyone using that interface. It is marked deprecated in the documentation, however no deprecation warning is needed because there is already a warning from from puppetlabs-firewall. blueprint undercloud-elements Change-Id: I0598007f90018f80a3266193bb24dbf112de49b7
2016-04-20Add destination parameter to firewall ruleJames Slagle1-1/+6
Specifying a destination cidr is already supported by puppetlabs-firewall, we just need to pass through the parameter in rule.pp in puppet-tripleo. This will allow creating iptables rules that forward network traffic for a given cidr via puppet-tripleo. Change-Id: I23582a55cd97248be52f45e14de7e813ff499ff7
2016-01-20packages: secure upgrade workflow from dependency cyclesEmilien Macchi1-5/+1
Change the workflow to be: Upgrade all packages before any services that is notified & managed by Puppet. It also disable the Exec timeout so we rely on Heat timeout and not on the 300s that are the default in Puppet [1] Example: we upgrade and OpenStack config will change (obviously). Puppet catalog will contain 3 important things: * config resources * service resources * package-upgrade Exec resource with that patch, what will happen: * puppet will update config first or second and notify services * puppet will run package-upgrade first or second but before the package-upgrade Exec resource * at the very end, puppet will restart services That way, we avoid complications with Puppet dependency cycle issues. [1] https://docs.puppetlabs.com/references/latest/type.html#exec-attribute-timeout Closes-Bug: 1536349 Change-Id: I07310bdfc5b07b03ac9fa5f8c13e87eaa2bfef4d
2015-12-23Upgrade all packages after puppet managed onesDan Prince1-0/+52
This updates tripleo::packages so that when enable_upgrade is used it will: 1) upgrade puppet managed packages (will trigger puppet dependencies) 2) then upgrade all packages via exec 3) then restart services NOTE: the intention here is that the Exec['update-packages'] will always execute if enable_upgrade is set. It is not idempotent in this regard because I think we always want to execute it if enable_upgrade is set. Change-Id: I02f7cf07792765359f19fdf357024d9e48690e42 Related-bug: #1522943
2015-12-14Modify cassandra dependencyJaume Devesa1-7/+16
Switch to locp/cassandra module since it has much more options than midonet/puppet-cassandra and it is already defined on the openstack-puppet-modules packages in RHEL. More info: https://bugzilla.redhat.com/show_bug.cgi?id=1285718 Depends-On: I72f21036fda795b54312a7d39f04c30bbf16c41b Change-Id: Icea9bd96e4c80a26b9e813d383f84099c736d7bf
2015-12-08Fix unit tests failing against Puppet 4.3.xGael Chamoulaud1-0/+1
Change-Id: Ie2f3e29005570805fbf2ca75a930fab746f5f299 Related-bug: #1517805 Signed-off-by: Gael Chamoulaud <gchamoul@redhat.com>
2015-11-30Merge "Fix unit tests failing against Puppet 4.3.0"Jenkins1-1/+4
2015-11-25Fix unit tests failing against Puppet 4.3.0Gael Chamoulaud1-1/+4
Change-Id: I10c0d35b473026a5e1ede265099f73c803402adc Related-bug: #1517805 Signed-off-by: Gael Chamoulaud <gchamoul@redhat.com>
2015-11-23MidoNet services manifestsJaume Devesa4-0/+293
Provide TripleO overcloud manifests to deploy MidoNet and the cluster services that needs to run. Change-Id: I24f852e74fc4652d4609e1a71897e813448055fe
2015-07-15Implement firewalling in tripleo::firewallYanis Guenane2-91/+114
Currently firewalling is implemented in tripleo/init.pp this commit moves it to its own scope tripleo/firewall.pp. This is done so that in tripleo-heat-templates we can have a simple and generic `include tripleo::firewall` in every manifest - unconditional. The rest of the behavior will all be managed by hiera. If a user wants to enable firewalling: ``` tripleo::firewall::manage_firewall: true ``` If a user wants to specify firewall rules: ``` tripleo::firewall::firewall_rules: '103 mongod': port: 27017 ``` Change-Id: I144c60db2a568a94dce5b51257f1d10980173325
2015-06-12Implement Advanced Firewalling supportEmilien Macchi1-0/+114
* Provide a Define function which will allow to manage IPtables rules. * Manage rules in 'pre' and 'post' Puppet stages, it allows to create rules before and after regular Puppet stages (ie: to make sure no rule exists *before* and everything is blocked *after* regular Puppet stages) Change-Id: I84fc79096f6fc3db76a61d012d8cb62dd12bdd89