diff options
-rw-r--r-- | ci/environments/scenario001-multinode-containers.yaml | 1 | ||||
-rw-r--r-- | ci/environments/scenario001-multinode.yaml | 1 | ||||
-rw-r--r-- | ci/environments/scenario002-multinode-containers.yaml | 8 | ||||
-rw-r--r-- | ci/environments/scenario007-multinode-containers.yaml | 82 | ||||
-rw-r--r-- | docker/services/barbican-api.yaml | 154 | ||||
-rw-r--r-- | docker/services/ovn-controller.yaml | 105 | ||||
-rw-r--r-- | docker/services/ovn-dbs.yaml | 202 | ||||
-rw-r--r-- | environments/services-docker/neutron-ovn.yaml | 27 | ||||
-rwxr-xr-x | network/scripts/run-os-net-config.sh | 7 | ||||
-rw-r--r-- | puppet/services/ceilometer-base.yaml | 8 | ||||
-rw-r--r-- | puppet/services/pacemaker/manila-share.yaml | 3 | ||||
-rw-r--r-- | releasenotes/notes/add-hostgroup-default-for-host-parameter-02e3d48de1f69765.yaml | 9 | ||||
-rw-r--r-- | releasenotes/notes/containarise-barbican-1253606411d497ff.yaml | 4 | ||||
-rw-r--r-- | releasenotes/notes/ovn-container-support-3ab333fff6e90dc4.yaml | 4 | ||||
-rw-r--r-- | releasenotes/source/conf.py | 4 |
15 files changed, 606 insertions, 13 deletions
diff --git a/ci/environments/scenario001-multinode-containers.yaml b/ci/environments/scenario001-multinode-containers.yaml index fec958ba..0cdbef13 100644 --- a/ci/environments/scenario001-multinode-containers.yaml +++ b/ci/environments/scenario001-multinode-containers.yaml @@ -73,6 +73,7 @@ parameter_defaults: - OS::TripleO::Services::CeilometerAgentCentral - OS::TripleO::Services::CeilometerAgentIpmi - OS::TripleO::Services::CeilometerAgentNotification + - OS::TripleO::Services::ComputeCeilometerAgent - OS::TripleO::Services::GnocchiApi - OS::TripleO::Services::GnocchiMetricd - OS::TripleO::Services::GnocchiStatsd diff --git a/ci/environments/scenario001-multinode.yaml b/ci/environments/scenario001-multinode.yaml index 54eef744..bab08a30 100644 --- a/ci/environments/scenario001-multinode.yaml +++ b/ci/environments/scenario001-multinode.yaml @@ -70,6 +70,7 @@ parameter_defaults: - OS::TripleO::Services::CeilometerAgentCentral - OS::TripleO::Services::CeilometerAgentIpmi - OS::TripleO::Services::CeilometerAgentNotification + - OS::TripleO::Services::ComputeCeilometerAgent - OS::TripleO::Services::GnocchiApi - OS::TripleO::Services::GnocchiMetricd - OS::TripleO::Services::GnocchiStatsd diff --git a/ci/environments/scenario002-multinode-containers.yaml b/ci/environments/scenario002-multinode-containers.yaml index 584c1e5e..43acf6dc 100644 --- a/ci/environments/scenario002-multinode-containers.yaml +++ b/ci/environments/scenario002-multinode-containers.yaml @@ -6,12 +6,8 @@ resource_registry: OS::TripleO::Controller::Net::SoftwareConfig: ../common/net-config-multinode.yaml OS::TripleO::Compute::Net::SoftwareConfig: ../common/net-config-multinode.yaml - # TODO: Barbican is not yet containerized: https://review.openstack.org/#/c/474327 - # OS::TripleO::Services::BarbicanApi: ../../docker/services/barbican-api.yaml - OS::TripleO::Services::BarbicanApi: ../../puppet/services/barbican-api.yaml - # TODO: Zaqar doesn't work when containerized - # https://bugs.launchpad.net/tripleo/+bug/1710959 - OS::TripleO::Services::Zaqar: ../../puppet/services/zaqar-api.yaml + OS::TripleO::Services::BarbicanApi: ../../docker/services/barbican-api.yaml + OS::TripleO::Services::Zaqar: ../../docker/services/zaqar.yaml OS::TripleO::Services::Ec2Api: ../../docker/services/ec2-api.yaml # NOTE: This is needed because of upgrades from Ocata to Pike. We # deploy the initial environment with Ocata templates, and diff --git a/ci/environments/scenario007-multinode-containers.yaml b/ci/environments/scenario007-multinode-containers.yaml new file mode 100644 index 00000000..8e1e6b6c --- /dev/null +++ b/ci/environments/scenario007-multinode-containers.yaml @@ -0,0 +1,82 @@ +resource_registry: + OS::TripleO::Controller::Net::SoftwareConfig: ../common/net-config-multinode-os-net-config.yaml + OS::TripleO::Compute::Net::SoftwareConfig: ../common/net-config-multinode-os-net-config.yaml + # NOTE: This is needed because of upgrades from Ocata to Pike. We + # deploy the initial environment with Ocata templates, and + # overcloud-resource-registry.yaml there doesn't have this Docker + # mapping at all. After we stop CI'ing Ocata->Pike upgrade, we can + # remove this. + OS::TripleO::Services::Docker: OS::Heat::None + OS::TripleO::Services::OVNController: ../../docker/services/ovn-controller.yaml + OS::TripleO::Services::OVNDBs: ../../docker/services/ovn-dbs.yaml + # Some infra instances don't pass the ping test but are otherwise working. + # Since the OVB jobs also test this functionality we can shut it off here. + OS::TripleO::AllNodes::Validation: ../common/all-nodes-validation-disabled.yaml + OS::TripleO::Services::NovaMigrationTarget: OS::Heat::None +parameter_defaults: + ControllerServices: + - OS::TripleO::Services::Docker + - OS::TripleO::Services::Kernel + - OS::TripleO::Services::Keystone + - OS::TripleO::Services::GlanceApi + - OS::TripleO::Services::HeatApi + - OS::TripleO::Services::HeatApiCfn + - OS::TripleO::Services::HeatApiCloudwatch + - OS::TripleO::Services::HeatEngine + - OS::TripleO::Services::MySQL + - OS::TripleO::Services::MySQLClient + - OS::TripleO::Services::NeutronServer + - OS::TripleO::Services::NeutronCorePlugin + - OS::TripleO::Services::OVNDBs + - OS::TripleO::Services::OVNController + - OS::TripleO::Services::RabbitMQ + - OS::TripleO::Services::HAproxy + - OS::TripleO::Services::Keepalived + - OS::TripleO::Services::Memcached + - OS::TripleO::Services::Pacemaker + - OS::TripleO::Services::NovaConductor + - OS::TripleO::Services::NovaApi + - OS::TripleO::Services::NovaPlacement + - OS::TripleO::Services::NovaMetadata + - OS::TripleO::Services::NovaScheduler + - OS::TripleO::Services::Ntp + - OS::TripleO::Services::Snmp + - OS::TripleO::Services::Timezone + - OS::TripleO::Services::NovaCompute + - OS::TripleO::Services::NovaLibvirt + - OS::TripleO::Services::NovaMigrationTarget + - OS::TripleO::Services::TripleoPackages + - OS::TripleO::Services::TripleoFirewall + - OS::TripleO::Services::Sshd + - OS::TripleO::Services::Iscsid + ControllerExtraConfig: + nova::compute::libvirt::services::libvirt_virt_type: qemu + nova::compute::libvirt::libvirt_virt_type: qemu + # Required for Centos 7.3 and Qemu 2.6.0 + nova::compute::libvirt::libvirt_cpu_mode: 'none' + # For OVN. + NeutronMechanismDrivers: ovn + OVNVifType: ovs + OVNNeutronSyncMode: log + OVNQosDriver: ovn-qos + OVNTunnelEncapType: geneve + NeutronEnableDHCPAgent: false + NeutronTypeDrivers: 'geneve,vlan,flat,vxlan' + NeutronNetworkType: 'geneve' + NeutronServicePlugins: 'qos,networking_ovn.l3.l3_ovn.OVNL3RouterPlugin' + NeutronVniRanges: ['1:65536', ] + OVNBridgeMappings: 'datacentre:br-ex' + Debug: true + BannerText: | + ****************************************************************** + * This system is for the use of authorized users only. Usage of * + * this system may be monitored and recorded by system personnel. * + * Anyone using this system expressly consents to such monitoring * + * and is advised that if such monitoring reveals possible * + * evidence of criminal activity, system personnel may provide * + * the evidence from such monitoring to law enforcement officials.* + ****************************************************************** + # we don't deploy Swift so we switch to file backend. + GlanceBackend: 'file' + IronicCleaningDiskErase: 'metadata' + NotificationDriver: 'noop' diff --git a/docker/services/barbican-api.yaml b/docker/services/barbican-api.yaml new file mode 100644 index 00000000..b1bf7da8 --- /dev/null +++ b/docker/services/barbican-api.yaml @@ -0,0 +1,154 @@ +heat_template_version: pike + +description: > + OpenStack containerized Barbican API service + +parameters: + DockerBarbicanApiImage: + description: image + type: string + DockerBarbicanConfigImage: + description: The container image to use for the barbican config_volume + type: string + EndpointMap: + default: {} + description: Mapping of service endpoint -> protocol. Typically set + via parameter_defaults in the resource registry. + type: json + ServiceData: + default: {} + description: Dictionary packing service data + type: json + ServiceNetMap: + default: {} + description: Mapping of service_name -> network name. Typically set + via parameter_defaults in the resource registry. This + mapping overrides those in ServiceNetMapDefaults. + type: json + DefaultPasswords: + default: {} + type: json + RoleName: + default: '' + description: Role name on which the service is applied + type: string + RoleParameters: + default: {} + description: Parameters specific to the role + type: json + EnableInternalTLS: + type: boolean + default: false + +conditions: + + internal_tls_enabled: {equals: [{get_param: EnableInternalTLS}, true]} + +resources: + + ContainersCommon: + type: ./containers-common.yaml + + MySQLClient: + type: ../../puppet/services/database/mysql-client.yaml + + BarbicanApiBase: + type: ../../puppet/services/barbican-api.yaml + properties: + EndpointMap: {get_param: EndpointMap} + ServiceData: {get_param: ServiceData} + ServiceNetMap: {get_param: ServiceNetMap} + DefaultPasswords: {get_param: DefaultPasswords} + RoleName: {get_param: RoleName} + RoleParameters: {get_param: RoleParameters} + +outputs: + role_data: + description: Role data for the Barbican API role. + value: + service_name: {get_attr: [BarbicanApiBase, role_data, service_name]} + config_settings: + map_merge: + - get_attr: [BarbicanApiBase, role_data, config_settings] + - apache::default_vhost: false + step_config: &step_config + list_join: + - "\n" + - - {get_attr: [BarbicanApiBase, role_data, step_config]} + - {get_attr: [MySQLClient, role_data, step_config]} + service_config_settings: {get_attr: [BarbicanApiBase, role_data, service_config_settings]} + # BEGIN DOCKER SETTINGS + puppet_config: + config_volume: barbican + puppet_tags: barbican_api_paste_ini,barbican_config + step_config: *step_config + config_image: {get_param: DockerBarbicanConfigImage} + kolla_config: + /var/lib/kolla/config_files/barbican_api.json: + command: /usr/sbin/httpd -DFOREGROUND + config_files: + - source: "/var/lib/kolla/config_files/src/*" + dest: "/" + merge: true + preserve_properties: true + docker_config: + # db sync runs before permissions set by kolla_config + step_2: + barbican_init_logs: + image: &barbican_api_image {get_param: DockerBarbicanApiImage} + privileged: false + user: root + volumes: + - /var/log/containers/barbican:/var/log/barbican + command: ['/bin/bash', '-c', 'chown -R barbican:barbican /var/log/barbican'] + step_3: + barbican_api_db_sync: + start_order: 0 + image: *barbican_api_image + net: host + detach: false + user: root + volumes: &barbican_api_volumes + list_concat: + - {get_attr: [ContainersCommon, volumes]} + - + - /var/lib/config-data/barbican/etc/barbican/:/etc/barbican/:ro + - /var/log/containers/barbican:/var/log/barbican + command: "/usr/bin/bootstrap_host_exec barbican_api su barbican -s /bin/bash -c '/usr/bin/barbican-manage db upgrade'" + step_4: + barbican_api: + image: *barbican_api_image + net: host + privileged: false + restart: always + user: root + volumes: + list_concat: + - {get_attr: [ContainersCommon, volumes]} + - + - /var/lib/kolla/config_files/barbican_api.json:/var/lib/kolla/config_files/config.json:ro + - /var/log/containers/barbican:/var/log/barbican + - /var/lib/config-data/puppet-generated/barbican/:/var/lib/kolla/config_files/src:ro + - + if: + - internal_tls_enabled + - /etc/pki/tls/certs/httpd:/etc/pki/tls/certs/httpd:ro + - '' + - + if: + - internal_tls_enabled + - /etc/pki/tls/private/httpd:/etc/pki/tls/private/httpd:ro + - '' + environment: + - KOLLA_CONFIG_STRATEGY=COPY_ALWAYS + host_prep_tasks: + - name: create persistent logs directory + file: + path: /var/log/containers/barbican + state: directory + upgrade_tasks: + - name: Stop and disable barbican_api service + tags: step2 + service: name=openstack-barbican-api state=stopped enabled=no + metadata_settings: + get_attr: [BarbicanApiBase, role_data, metadata_settings]
\ No newline at end of file diff --git a/docker/services/ovn-controller.yaml b/docker/services/ovn-controller.yaml new file mode 100644 index 00000000..c5c365e2 --- /dev/null +++ b/docker/services/ovn-controller.yaml @@ -0,0 +1,105 @@ +heat_template_version: pike + +description: > + OpenStack containerized Ovn Controller agent. + +parameters: + EndpointMap: + default: {} + description: Mapping of service endpoint -> protocol. Typically set + via parameter_defaults in the resource registry. + type: json + ServiceNetMap: + default: {} + description: Mapping of service_name -> network name. Typically set + via parameter_defaults in the resource registry. This + mapping overrides those in ServiceNetMapDefaults. + type: json + ServiceData: + default: {} + description: Dictionary packing service data + type: json + DockerOvnControllerImage: + description: image + type: string + DockerOvnControllerConfigImage: + description: The container image to use for the ovn_controller config_volume + type: string + DefaultPasswords: + default: {} + type: json + RoleName: + default: '' + description: Role name on which the service is applied + type: string + RoleParameters: + default: {} + description: Parameters specific to the role + type: json + +resources: + + ContainersCommon: + type: ./containers-common.yaml + + OvnControllerBase: + type: ../../puppet/services/ovn-controller.yaml + properties: + EndpointMap: {get_param: EndpointMap} + ServiceData: {get_param: ServiceData} + ServiceNetMap: {get_param: ServiceNetMap} + DefaultPasswords: {get_param: DefaultPasswords} + RoleName: {get_param: RoleName} + RoleParameters: {get_param: RoleParameters} + +outputs: + role_data: + description: Role data for the Ovn Controller agent. + value: + service_name: {get_attr: [OvnControllerBase, role_data, service_name]} + config_settings: + map_merge: + - get_attr: [OvnControllerBase, role_data, config_settings] + step_config: &step_config + get_attr: [OvnControllerBase, role_data, step_config] + service_config_settings: {get_attr: [OvnControllerBase, role_data, service_config_settings]} + # BEGIN DOCKER SETTINGS + puppet_config: + puppet_tags: vs_config + config_volume: ovn_controller + step_config: *step_config + config_image: {get_param: DockerOvnControllerConfigImage} + # We need to mount /run for puppet_config step. This is because + # puppet-vswitch runs the commands "ovs-vsctl set open_vswitch . external_ids:..." + # to configure the required parameters in ovs db which will be read + # by ovn-controller. And ovs-vsctl talks to the ovsdb-server (hosting conf.db) + # on the unix domain socket - /run/openvswitch/db.sock + volumes: + - /lib/modules:/lib/modules:ro + - /run/openvswitch:/run/openvswitch + kolla_config: + /var/lib/kolla/config_files/ovn_controller.json: + command: /usr/bin/ovn-controller --pidfile --log-file unix:/run/openvswitch/db.sock + permissions: + - path: /var/log/openvswitch + owner: root:root + recurse: true + docker_config: + step_4: + ovn_controller: + image: {get_param: DockerOvnControllerImage} + net: host + privileged: true + user: root + restart: always + volumes: + - /var/lib/kolla/config_files/ovn_controller.json:/var/lib/kolla/config_files/config.json:ro + - /lib/modules:/lib/modules:ro + - /run/openvswitch:/run/openvswitch + - /var/log/containers/openvswitch:/var/log/openvswitch + environment: + - KOLLA_CONFIG_STRATEGY=COPY_ALWAYS + upgrade_tasks: + - name: Stop and disable ovn-controller service + tags: step2 + service: name=ovn-controller state=stopped enabled=no diff --git a/docker/services/ovn-dbs.yaml b/docker/services/ovn-dbs.yaml new file mode 100644 index 00000000..f6ac62ed --- /dev/null +++ b/docker/services/ovn-dbs.yaml @@ -0,0 +1,202 @@ +heat_template_version: pike + +description: > + OpenStack containerized Ovn DBs service + +parameters: + DockerOvnNbDbImage: + description: image + type: string + DockerOvnSbDbImage: + description: image + type: string + DockerOvnNorthdImage: + description: image + type: string + EndpointMap: + default: {} + description: Mapping of service endpoint -> protocol. Typically set + via parameter_defaults in the resource registry. + type: json + ServiceData: + default: {} + description: Dictionary packing service data + type: json + ServiceNetMap: + default: {} + description: Mapping of service_name -> network name. Typically set + via parameter_defaults in the resource registry. This + mapping overrides those in ServiceNetMapDefaults. + type: json + DefaultPasswords: + default: {} + type: json + RoleName: + default: '' + description: Role name on which the service is applied + type: string + RoleParameters: + default: {} + description: Parameters specific to the role + type: json + +resources: + + ContainersCommon: + type: ./containers-common.yaml + + OVNDbsBase: + type: ../../puppet/services/ovn-dbs.yaml + properties: + EndpointMap: {get_param: EndpointMap} + ServiceData: {get_param: ServiceData} + ServiceNetMap: {get_param: ServiceNetMap} + DefaultPasswords: {get_param: DefaultPasswords} + RoleName: {get_param: RoleName} + RoleParameters: {get_param: RoleParameters} + +outputs: + role_data: + description: Role data for the OVN Dbs role. + value: + service_name: {get_attr: [OVNDbsBase, role_data, service_name]} + config_settings: + map_merge: + - get_attr: [OVNDbsBase, role_data, config_settings] + step_config: &step_config + get_attr: [OVNDbsBase, role_data, step_config] + # BEGIN DOCKER SETTINGS + # puppet_config is not required for this service since we configure + # the NB and SB DB servers to listen on the proper IP address/port + # in the docker_config section. + # puppet_config is defined to satisfy the pep8 validations. + puppet_config: + config_volume: '' + config_image: '' + step_config: *step_config + kolla_config: + /var/lib/kolla/config_files/ovn_north_db_server.json: + command: + list_join: + - ' ' + - - '/usr/sbin/ovsdb-server' + - '/var/lib/openvswitch/ovnnb.db' + - '--pidfile=/run/openvswitch/ovnnb_db.pid' + - '-vconsole:emer -vsyslog:err -vfile:info' + - '--remote=punix:/run/openvswitch/ovnnb_db.sock' + - '--unixctl=/run/openvswitch/ovnnb_db.ctl' + - '--remote=db:OVN_Northbound,NB_Global,connections' + - '--private-key=db:OVN_Northbound,SSL,private_key' + - '--certificate=db:OVN_Northbound,SSL,certificate' + - '--ca-cert=db:OVN_Northbound,SSL,ca_cert' + - '--log-file=/var/log/openvswitch/ovsdb-server-nb.log' + permissions: + - path: /var/log/openvswitch + owner: root:root + recurse: true + /var/lib/kolla/config_files/ovn_south_db_server.json: + command: + list_join: + - ' ' + - - '/usr/sbin/ovsdb-server' + - '/var/lib/openvswitch/ovnsb.db' + - '--pidfile=/run/openvswitch/ovnsb_db.pid' + - '-vconsole:emer -vsyslog:err -vfile:info' + - '--remote=punix:/run/openvswitch/ovnsb_db.sock' + - '--unixctl=/run/openvswitch/ovnsb_db.ctl' + - '--remote=db:OVN_Southbound,SB_Global,connections' + - '--private-key=db:OVN_Southbound,SSL,private_key' + - '--certificate=db:OVN_Southbound,SSL,certificate' + - '--ca-cert=db:OVN_Southbound,SSL,ca_cert' + - '--log-file=/var/log/openvswitch/ovsdb-server-sb.log' + permissions: + - path: /var/log/openvswitch + owner: root:root + recurse: true + /var/lib/kolla/config_files/ovn_northd.json: + command: + list_join: + - ' ' + - - '/usr/bin/ovn-northd -vconsole:emer -vsyslog:err -vfile:info' + - '--ovnnb-db=unix:/run/openvswitch/ovnnb_db.sock' + - '--ovnsb-db=unix:/run/openvswitch/ovnsb_db.sock' + - '--log-file=/var/log/openvswitch/ovn-northd.log' + - '--pidfile=/run/openvswitch/ovn-northd.pid' + permissions: + - path: /var/log/openvswitch + owner: root:root + recurse: true + docker_config: + step_4: + ovn_north_db_server: + start_order: 0 + image: {get_param: DockerOvnNbDbImage} + net: host + privileged: false + restart: always + volumes: + list_concat: + - {get_attr: [ContainersCommon, volumes]} + - + - /var/lib/kolla/config_files/ovn_north_db_server.json:/var/lib/kolla/config_files/config.json:ro + - /lib/modules:/lib/modules:ro + - /var/lib/openvswitch/ovn:/var/lib/openvswitch + - /var/lib/openvswitch/ovn:/run/openvswitch + - /var/log/containers/openvswitch:/var/log/openvswitch + environment: + - KOLLA_CONFIG_STRATEGY=COPY_ALWAYS + ovn_south_db_server: + start_order: 0 + image: {get_param: DockerOvnSbDbImage} + net: host + privileged: false + restart: always + volumes: + list_concat: + - {get_attr: [ContainersCommon, volumes]} + - + - /var/lib/kolla/config_files/ovn_south_db_server.json:/var/lib/kolla/config_files/config.json:ro + - /lib/modules:/lib/modules:ro + - /var/lib/openvswitch/ovn:/var/lib/openvswitch + - /var/lib/openvswitch/ovn:/run/openvswitch + - /var/log/containers/openvswitch:/var/log/openvswitch + environment: + - KOLLA_CONFIG_STRATEGY=COPY_ALWAYS + configure_ovn_north_db_server: + start_order: 1 + action: exec + user: root + command: ['ovn_north_db_server', '/bin/bash', '-c', 'DBS_LISTEN_IP=`hiera ovn::northd::dbs_listen_ip -c /etc/puppet/hiera.yaml`; NB_DB_PORT=`hiera ovn::northbound::port -c /etc/puppet/hiera.yaml`; /usr/bin/bootstrap_host_exec ovn_dbs ovn-nbctl set-connection ptcp:$NB_DB_PORT:$DBS_LISTEN_IP'] + configure_ovn_south_db_server: + start_order: 1 + action: exec + user: root + command: ['ovn_south_db_server', '/bin/bash', '-c', 'DBS_LISTEN_IP=`hiera ovn::northd::dbs_listen_ip -c /etc/puppet/hiera.yaml`; SB_DB_PORT=`hiera ovn::southbound::port -c /etc/puppet/hiera.yaml`; /usr/bin/bootstrap_host_exec ovn_dbs ovn-sbctl set-connection ptcp:$SB_DB_PORT:$DBS_LISTEN_IP'] + ovn_northd: + start_order: 2 + image: {get_param: DockerOvnNorthdImage} + net: host + privileged: false + restart: always + volumes: + list_concat: + - {get_attr: [ContainersCommon, volumes]} + - + - /var/lib/kolla/config_files/ovn_northd.json:/var/lib/kolla/config_files/config.json:ro + - /lib/modules:/lib/modules:ro + - /var/lib/openvswitch/ovn:/run/openvswitch + - /var/log/containers/openvswitch:/var/log/openvswitch + environment: + - KOLLA_CONFIG_STRATEGY=COPY_ALWAYS + host_prep_tasks: + - name: create persistent directories + file: + path: "{{ item }}" + state: directory + with_items: + - /var/log/containers/openvswitch + - /var/lib/openvswitch/ovn + upgrade_tasks: + - name: Stop and disable ovn-northd service + tags: step2 + service: name=ovn-northd state=stopped enabled=no diff --git a/environments/services-docker/neutron-ovn.yaml b/environments/services-docker/neutron-ovn.yaml new file mode 100644 index 00000000..8c8a56c9 --- /dev/null +++ b/environments/services-docker/neutron-ovn.yaml @@ -0,0 +1,27 @@ +# A Heat environment that can be used to deploy OVN services with non HA OVN DB servers. +resource_registry: + OS::TripleO::Docker::NeutronMl2PluginBase: ../../puppet/services/neutron-plugin-ml2-ovn.yaml + OS::TripleO::Services::OVNController: ../../docker/services/ovn-controller.yaml + OS::TripleO::Services::OVNDBs: ../../docker/services/ovn-dbs.yaml +# Disabling Neutron services that overlap with OVN + OS::TripleO::Services::NeutronOvsAgent: OS::Heat::None + OS::TripleO::Services::ComputeNeutronOvsAgent: OS::Heat::None + OS::TripleO::Services::NeutronL3Agent: OS::Heat::None + OS::TripleO::Services::NeutronMetadataAgent: OS::Heat::None + OS::TripleO::Services::NeutronDhcpAgent: OS::Heat::None + OS::TripleO::Services::ComputeNeutronCorePlugin: OS::Heat::None + + +parameter_defaults: + NeutronMechanismDrivers: ovn + OVNVifType: ovs + OVNNeutronSyncMode: log + OVNQosDriver: ovn-qos + OVNTunnelEncapType: geneve + NeutronEnableDHCPAgent: false + NeutronTypeDrivers: 'geneve,vxlan,vlan,flat' + NeutronNetworkType: 'geneve' + NeutronServicePlugins: 'qos,ovn-router' + NeutronVniRanges: ['1:65536', ] + DockerNeutronApiImage: 'tripleoupstream/centos-binary-neutron-server-ovn:latest' + DockerNeutronConfigImage: 'tripleoupstream/centos-binary-neutron-server-ovn:latest' diff --git a/network/scripts/run-os-net-config.sh b/network/scripts/run-os-net-config.sh index 864da24b..d121fcf1 100755 --- a/network/scripts/run-os-net-config.sh +++ b/network/scripts/run-os-net-config.sh @@ -75,12 +75,13 @@ EOF_CAT if [ "$mac_addr_type" != "0" ]; then echo "Device has generated MAC, skipping." else - ip link set dev $iface up &>/dev/null - HAS_LINK="$(cat /sys/class/net/${iface}/carrier)" + HAS_LINK="$(cat /sys/class/net/${iface}/carrier || echo 0)" TRIES=10 while [ "$HAS_LINK" == "0" -a $TRIES -gt 0 ]; do - HAS_LINK="$(cat /sys/class/net/${iface}/carrier)" + # Need to set the link up on each iteration + ip link set dev $iface up &>/dev/null + HAS_LINK="$(cat /sys/class/net/${iface}/carrier || echo 0)" if [ "$HAS_LINK" == "1" ]; then break else diff --git a/puppet/services/ceilometer-base.yaml b/puppet/services/ceilometer-base.yaml index 5cc020a9..cdba2d3f 100644 --- a/puppet/services/ceilometer-base.yaml +++ b/puppet/services/ceilometer-base.yaml @@ -47,7 +47,7 @@ parameters: description: Whether to manage event_pipeline.yaml. type: boolean EventPipelinePublishers: - default: ['gnocchi://'] + default: ['gnocchi://', 'panko://'] description: > A list of publishers to put in event_pipeline.yaml. When the collector is used, override this with notifier:// publisher. @@ -115,6 +115,10 @@ parameters: description: Driver or drivers to handle sending notifications. constraints: - allowed_values: [ 'messagingv2', 'noop' ] + GnocchiArchivePolicy: + default: 'low' + type: string + description: archive policy to use with gnocchi backend conditions: service_debug_unset: {equals : [{get_param: CeilometerDebug}, '']} @@ -149,7 +153,7 @@ outputs: ceilometer::agent::auth::auth_endpoint_type: 'internalURL' ceilometer::dispatcher::gnocchi::url: {get_param: [EndpointMap, GnocchiInternal, uri]} ceilometer::dispatcher::gnocchi::filter_project: 'service' - ceilometer::dispatcher::gnocchi::archive_policy: 'low' + ceilometer::dispatcher::gnocchi::archive_policy: {get_param: GnocchiArchivePolicy} ceilometer::dispatcher::gnocchi::resources_definition_file: 'gnocchi_resources.yaml' ceilometer::notification_driver: {get_param: NotificationDriver} ceilometer::rabbit_userid: {get_param: RabbitUserName} diff --git a/puppet/services/pacemaker/manila-share.yaml b/puppet/services/pacemaker/manila-share.yaml index 61bf4580..8a282014 100644 --- a/puppet/services/pacemaker/manila-share.yaml +++ b/puppet/services/pacemaker/manila-share.yaml @@ -52,5 +52,8 @@ outputs: config_settings: map_merge: - get_attr: [ManilaShareBase, role_data, config_settings] + - manila::share::manage_service: false + manila::share::enabled: false + manila::host: hostgroup step_config: | include ::tripleo::profile::pacemaker::manila diff --git a/releasenotes/notes/add-hostgroup-default-for-host-parameter-02e3d48de1f69765.yaml b/releasenotes/notes/add-hostgroup-default-for-host-parameter-02e3d48de1f69765.yaml new file mode 100644 index 00000000..ff0904b8 --- /dev/null +++ b/releasenotes/notes/add-hostgroup-default-for-host-parameter-02e3d48de1f69765.yaml @@ -0,0 +1,9 @@ +--- +fixes: + - Set "host" parameter in manila.conf to 'hostgroup' when running + manila share service under pacemaker. This labels instances of + the service on different nodes with the same "host" as cinder does + in this circumstance so that the instances are considered by + OpenStack to provide the same service and manila share is able to + maintain management of shares on the backend after failover and + failback. diff --git a/releasenotes/notes/containarise-barbican-1253606411d497ff.yaml b/releasenotes/notes/containarise-barbican-1253606411d497ff.yaml new file mode 100644 index 00000000..85292231 --- /dev/null +++ b/releasenotes/notes/containarise-barbican-1253606411d497ff.yaml @@ -0,0 +1,4 @@ +--- +features: + - | + Barbican API added to containarised overcloud deployment diff --git a/releasenotes/notes/ovn-container-support-3ab333fff6e90dc4.yaml b/releasenotes/notes/ovn-container-support-3ab333fff6e90dc4.yaml new file mode 100644 index 00000000..25fd2fbe --- /dev/null +++ b/releasenotes/notes/ovn-container-support-3ab333fff6e90dc4.yaml @@ -0,0 +1,4 @@ +--- +features: + - Support containerized ovn-controller + - Support containerized OVN Dbs without HA diff --git a/releasenotes/source/conf.py b/releasenotes/source/conf.py index 9d46018a..1e0bf00a 100644 --- a/releasenotes/source/conf.py +++ b/releasenotes/source/conf.py @@ -52,9 +52,9 @@ copyright = u'2017, TripleO Developers' # built documents. # # The full version, including alpha/beta/rc tags. -release = '7.0.0.0rc1' +release = '' # The short X.Y version. -version = '7.0.0' +version = '' # The full version, including alpha/beta/rc tags. |