summaryrefslogtreecommitdiffstats
diff options
context:
space:
mode:
-rw-r--r--ci/environments/scenario001-multinode-containers.yaml1
-rw-r--r--ci/environments/scenario001-multinode.yaml1
-rw-r--r--ci/environments/scenario002-multinode-containers.yaml8
-rw-r--r--ci/environments/scenario007-multinode-containers.yaml82
-rw-r--r--docker/services/barbican-api.yaml154
-rw-r--r--docker/services/ovn-controller.yaml105
-rw-r--r--docker/services/ovn-dbs.yaml202
-rw-r--r--environments/services-docker/neutron-ovn.yaml27
-rwxr-xr-xnetwork/scripts/run-os-net-config.sh7
-rw-r--r--puppet/services/ceilometer-base.yaml8
-rw-r--r--puppet/services/pacemaker/manila-share.yaml3
-rw-r--r--releasenotes/notes/add-hostgroup-default-for-host-parameter-02e3d48de1f69765.yaml9
-rw-r--r--releasenotes/notes/containarise-barbican-1253606411d497ff.yaml4
-rw-r--r--releasenotes/notes/ovn-container-support-3ab333fff6e90dc4.yaml4
-rw-r--r--releasenotes/source/conf.py4
15 files changed, 606 insertions, 13 deletions
diff --git a/ci/environments/scenario001-multinode-containers.yaml b/ci/environments/scenario001-multinode-containers.yaml
index fec958ba..0cdbef13 100644
--- a/ci/environments/scenario001-multinode-containers.yaml
+++ b/ci/environments/scenario001-multinode-containers.yaml
@@ -73,6 +73,7 @@ parameter_defaults:
- OS::TripleO::Services::CeilometerAgentCentral
- OS::TripleO::Services::CeilometerAgentIpmi
- OS::TripleO::Services::CeilometerAgentNotification
+ - OS::TripleO::Services::ComputeCeilometerAgent
- OS::TripleO::Services::GnocchiApi
- OS::TripleO::Services::GnocchiMetricd
- OS::TripleO::Services::GnocchiStatsd
diff --git a/ci/environments/scenario001-multinode.yaml b/ci/environments/scenario001-multinode.yaml
index 54eef744..bab08a30 100644
--- a/ci/environments/scenario001-multinode.yaml
+++ b/ci/environments/scenario001-multinode.yaml
@@ -70,6 +70,7 @@ parameter_defaults:
- OS::TripleO::Services::CeilometerAgentCentral
- OS::TripleO::Services::CeilometerAgentIpmi
- OS::TripleO::Services::CeilometerAgentNotification
+ - OS::TripleO::Services::ComputeCeilometerAgent
- OS::TripleO::Services::GnocchiApi
- OS::TripleO::Services::GnocchiMetricd
- OS::TripleO::Services::GnocchiStatsd
diff --git a/ci/environments/scenario002-multinode-containers.yaml b/ci/environments/scenario002-multinode-containers.yaml
index 584c1e5e..43acf6dc 100644
--- a/ci/environments/scenario002-multinode-containers.yaml
+++ b/ci/environments/scenario002-multinode-containers.yaml
@@ -6,12 +6,8 @@
resource_registry:
OS::TripleO::Controller::Net::SoftwareConfig: ../common/net-config-multinode.yaml
OS::TripleO::Compute::Net::SoftwareConfig: ../common/net-config-multinode.yaml
- # TODO: Barbican is not yet containerized: https://review.openstack.org/#/c/474327
- # OS::TripleO::Services::BarbicanApi: ../../docker/services/barbican-api.yaml
- OS::TripleO::Services::BarbicanApi: ../../puppet/services/barbican-api.yaml
- # TODO: Zaqar doesn't work when containerized
- # https://bugs.launchpad.net/tripleo/+bug/1710959
- OS::TripleO::Services::Zaqar: ../../puppet/services/zaqar-api.yaml
+ OS::TripleO::Services::BarbicanApi: ../../docker/services/barbican-api.yaml
+ OS::TripleO::Services::Zaqar: ../../docker/services/zaqar.yaml
OS::TripleO::Services::Ec2Api: ../../docker/services/ec2-api.yaml
# NOTE: This is needed because of upgrades from Ocata to Pike. We
# deploy the initial environment with Ocata templates, and
diff --git a/ci/environments/scenario007-multinode-containers.yaml b/ci/environments/scenario007-multinode-containers.yaml
new file mode 100644
index 00000000..8e1e6b6c
--- /dev/null
+++ b/ci/environments/scenario007-multinode-containers.yaml
@@ -0,0 +1,82 @@
+resource_registry:
+ OS::TripleO::Controller::Net::SoftwareConfig: ../common/net-config-multinode-os-net-config.yaml
+ OS::TripleO::Compute::Net::SoftwareConfig: ../common/net-config-multinode-os-net-config.yaml
+ # NOTE: This is needed because of upgrades from Ocata to Pike. We
+ # deploy the initial environment with Ocata templates, and
+ # overcloud-resource-registry.yaml there doesn't have this Docker
+ # mapping at all. After we stop CI'ing Ocata->Pike upgrade, we can
+ # remove this.
+ OS::TripleO::Services::Docker: OS::Heat::None
+ OS::TripleO::Services::OVNController: ../../docker/services/ovn-controller.yaml
+ OS::TripleO::Services::OVNDBs: ../../docker/services/ovn-dbs.yaml
+ # Some infra instances don't pass the ping test but are otherwise working.
+ # Since the OVB jobs also test this functionality we can shut it off here.
+ OS::TripleO::AllNodes::Validation: ../common/all-nodes-validation-disabled.yaml
+ OS::TripleO::Services::NovaMigrationTarget: OS::Heat::None
+parameter_defaults:
+ ControllerServices:
+ - OS::TripleO::Services::Docker
+ - OS::TripleO::Services::Kernel
+ - OS::TripleO::Services::Keystone
+ - OS::TripleO::Services::GlanceApi
+ - OS::TripleO::Services::HeatApi
+ - OS::TripleO::Services::HeatApiCfn
+ - OS::TripleO::Services::HeatApiCloudwatch
+ - OS::TripleO::Services::HeatEngine
+ - OS::TripleO::Services::MySQL
+ - OS::TripleO::Services::MySQLClient
+ - OS::TripleO::Services::NeutronServer
+ - OS::TripleO::Services::NeutronCorePlugin
+ - OS::TripleO::Services::OVNDBs
+ - OS::TripleO::Services::OVNController
+ - OS::TripleO::Services::RabbitMQ
+ - OS::TripleO::Services::HAproxy
+ - OS::TripleO::Services::Keepalived
+ - OS::TripleO::Services::Memcached
+ - OS::TripleO::Services::Pacemaker
+ - OS::TripleO::Services::NovaConductor
+ - OS::TripleO::Services::NovaApi
+ - OS::TripleO::Services::NovaPlacement
+ - OS::TripleO::Services::NovaMetadata
+ - OS::TripleO::Services::NovaScheduler
+ - OS::TripleO::Services::Ntp
+ - OS::TripleO::Services::Snmp
+ - OS::TripleO::Services::Timezone
+ - OS::TripleO::Services::NovaCompute
+ - OS::TripleO::Services::NovaLibvirt
+ - OS::TripleO::Services::NovaMigrationTarget
+ - OS::TripleO::Services::TripleoPackages
+ - OS::TripleO::Services::TripleoFirewall
+ - OS::TripleO::Services::Sshd
+ - OS::TripleO::Services::Iscsid
+ ControllerExtraConfig:
+ nova::compute::libvirt::services::libvirt_virt_type: qemu
+ nova::compute::libvirt::libvirt_virt_type: qemu
+ # Required for Centos 7.3 and Qemu 2.6.0
+ nova::compute::libvirt::libvirt_cpu_mode: 'none'
+ # For OVN.
+ NeutronMechanismDrivers: ovn
+ OVNVifType: ovs
+ OVNNeutronSyncMode: log
+ OVNQosDriver: ovn-qos
+ OVNTunnelEncapType: geneve
+ NeutronEnableDHCPAgent: false
+ NeutronTypeDrivers: 'geneve,vlan,flat,vxlan'
+ NeutronNetworkType: 'geneve'
+ NeutronServicePlugins: 'qos,networking_ovn.l3.l3_ovn.OVNL3RouterPlugin'
+ NeutronVniRanges: ['1:65536', ]
+ OVNBridgeMappings: 'datacentre:br-ex'
+ Debug: true
+ BannerText: |
+ ******************************************************************
+ * This system is for the use of authorized users only. Usage of *
+ * this system may be monitored and recorded by system personnel. *
+ * Anyone using this system expressly consents to such monitoring *
+ * and is advised that if such monitoring reveals possible *
+ * evidence of criminal activity, system personnel may provide *
+ * the evidence from such monitoring to law enforcement officials.*
+ ******************************************************************
+ # we don't deploy Swift so we switch to file backend.
+ GlanceBackend: 'file'
+ IronicCleaningDiskErase: 'metadata'
+ NotificationDriver: 'noop'
diff --git a/docker/services/barbican-api.yaml b/docker/services/barbican-api.yaml
new file mode 100644
index 00000000..b1bf7da8
--- /dev/null
+++ b/docker/services/barbican-api.yaml
@@ -0,0 +1,154 @@
+heat_template_version: pike
+
+description: >
+ OpenStack containerized Barbican API service
+
+parameters:
+ DockerBarbicanApiImage:
+ description: image
+ type: string
+ DockerBarbicanConfigImage:
+ description: The container image to use for the barbican config_volume
+ type: string
+ EndpointMap:
+ default: {}
+ description: Mapping of service endpoint -> protocol. Typically set
+ via parameter_defaults in the resource registry.
+ type: json
+ ServiceData:
+ default: {}
+ description: Dictionary packing service data
+ type: json
+ ServiceNetMap:
+ default: {}
+ description: Mapping of service_name -> network name. Typically set
+ via parameter_defaults in the resource registry. This
+ mapping overrides those in ServiceNetMapDefaults.
+ type: json
+ DefaultPasswords:
+ default: {}
+ type: json
+ RoleName:
+ default: ''
+ description: Role name on which the service is applied
+ type: string
+ RoleParameters:
+ default: {}
+ description: Parameters specific to the role
+ type: json
+ EnableInternalTLS:
+ type: boolean
+ default: false
+
+conditions:
+
+ internal_tls_enabled: {equals: [{get_param: EnableInternalTLS}, true]}
+
+resources:
+
+ ContainersCommon:
+ type: ./containers-common.yaml
+
+ MySQLClient:
+ type: ../../puppet/services/database/mysql-client.yaml
+
+ BarbicanApiBase:
+ type: ../../puppet/services/barbican-api.yaml
+ properties:
+ EndpointMap: {get_param: EndpointMap}
+ ServiceData: {get_param: ServiceData}
+ ServiceNetMap: {get_param: ServiceNetMap}
+ DefaultPasswords: {get_param: DefaultPasswords}
+ RoleName: {get_param: RoleName}
+ RoleParameters: {get_param: RoleParameters}
+
+outputs:
+ role_data:
+ description: Role data for the Barbican API role.
+ value:
+ service_name: {get_attr: [BarbicanApiBase, role_data, service_name]}
+ config_settings:
+ map_merge:
+ - get_attr: [BarbicanApiBase, role_data, config_settings]
+ - apache::default_vhost: false
+ step_config: &step_config
+ list_join:
+ - "\n"
+ - - {get_attr: [BarbicanApiBase, role_data, step_config]}
+ - {get_attr: [MySQLClient, role_data, step_config]}
+ service_config_settings: {get_attr: [BarbicanApiBase, role_data, service_config_settings]}
+ # BEGIN DOCKER SETTINGS
+ puppet_config:
+ config_volume: barbican
+ puppet_tags: barbican_api_paste_ini,barbican_config
+ step_config: *step_config
+ config_image: {get_param: DockerBarbicanConfigImage}
+ kolla_config:
+ /var/lib/kolla/config_files/barbican_api.json:
+ command: /usr/sbin/httpd -DFOREGROUND
+ config_files:
+ - source: "/var/lib/kolla/config_files/src/*"
+ dest: "/"
+ merge: true
+ preserve_properties: true
+ docker_config:
+ # db sync runs before permissions set by kolla_config
+ step_2:
+ barbican_init_logs:
+ image: &barbican_api_image {get_param: DockerBarbicanApiImage}
+ privileged: false
+ user: root
+ volumes:
+ - /var/log/containers/barbican:/var/log/barbican
+ command: ['/bin/bash', '-c', 'chown -R barbican:barbican /var/log/barbican']
+ step_3:
+ barbican_api_db_sync:
+ start_order: 0
+ image: *barbican_api_image
+ net: host
+ detach: false
+ user: root
+ volumes: &barbican_api_volumes
+ list_concat:
+ - {get_attr: [ContainersCommon, volumes]}
+ -
+ - /var/lib/config-data/barbican/etc/barbican/:/etc/barbican/:ro
+ - /var/log/containers/barbican:/var/log/barbican
+ command: "/usr/bin/bootstrap_host_exec barbican_api su barbican -s /bin/bash -c '/usr/bin/barbican-manage db upgrade'"
+ step_4:
+ barbican_api:
+ image: *barbican_api_image
+ net: host
+ privileged: false
+ restart: always
+ user: root
+ volumes:
+ list_concat:
+ - {get_attr: [ContainersCommon, volumes]}
+ -
+ - /var/lib/kolla/config_files/barbican_api.json:/var/lib/kolla/config_files/config.json:ro
+ - /var/log/containers/barbican:/var/log/barbican
+ - /var/lib/config-data/puppet-generated/barbican/:/var/lib/kolla/config_files/src:ro
+ -
+ if:
+ - internal_tls_enabled
+ - /etc/pki/tls/certs/httpd:/etc/pki/tls/certs/httpd:ro
+ - ''
+ -
+ if:
+ - internal_tls_enabled
+ - /etc/pki/tls/private/httpd:/etc/pki/tls/private/httpd:ro
+ - ''
+ environment:
+ - KOLLA_CONFIG_STRATEGY=COPY_ALWAYS
+ host_prep_tasks:
+ - name: create persistent logs directory
+ file:
+ path: /var/log/containers/barbican
+ state: directory
+ upgrade_tasks:
+ - name: Stop and disable barbican_api service
+ tags: step2
+ service: name=openstack-barbican-api state=stopped enabled=no
+ metadata_settings:
+ get_attr: [BarbicanApiBase, role_data, metadata_settings] \ No newline at end of file
diff --git a/docker/services/ovn-controller.yaml b/docker/services/ovn-controller.yaml
new file mode 100644
index 00000000..c5c365e2
--- /dev/null
+++ b/docker/services/ovn-controller.yaml
@@ -0,0 +1,105 @@
+heat_template_version: pike
+
+description: >
+ OpenStack containerized Ovn Controller agent.
+
+parameters:
+ EndpointMap:
+ default: {}
+ description: Mapping of service endpoint -> protocol. Typically set
+ via parameter_defaults in the resource registry.
+ type: json
+ ServiceNetMap:
+ default: {}
+ description: Mapping of service_name -> network name. Typically set
+ via parameter_defaults in the resource registry. This
+ mapping overrides those in ServiceNetMapDefaults.
+ type: json
+ ServiceData:
+ default: {}
+ description: Dictionary packing service data
+ type: json
+ DockerOvnControllerImage:
+ description: image
+ type: string
+ DockerOvnControllerConfigImage:
+ description: The container image to use for the ovn_controller config_volume
+ type: string
+ DefaultPasswords:
+ default: {}
+ type: json
+ RoleName:
+ default: ''
+ description: Role name on which the service is applied
+ type: string
+ RoleParameters:
+ default: {}
+ description: Parameters specific to the role
+ type: json
+
+resources:
+
+ ContainersCommon:
+ type: ./containers-common.yaml
+
+ OvnControllerBase:
+ type: ../../puppet/services/ovn-controller.yaml
+ properties:
+ EndpointMap: {get_param: EndpointMap}
+ ServiceData: {get_param: ServiceData}
+ ServiceNetMap: {get_param: ServiceNetMap}
+ DefaultPasswords: {get_param: DefaultPasswords}
+ RoleName: {get_param: RoleName}
+ RoleParameters: {get_param: RoleParameters}
+
+outputs:
+ role_data:
+ description: Role data for the Ovn Controller agent.
+ value:
+ service_name: {get_attr: [OvnControllerBase, role_data, service_name]}
+ config_settings:
+ map_merge:
+ - get_attr: [OvnControllerBase, role_data, config_settings]
+ step_config: &step_config
+ get_attr: [OvnControllerBase, role_data, step_config]
+ service_config_settings: {get_attr: [OvnControllerBase, role_data, service_config_settings]}
+ # BEGIN DOCKER SETTINGS
+ puppet_config:
+ puppet_tags: vs_config
+ config_volume: ovn_controller
+ step_config: *step_config
+ config_image: {get_param: DockerOvnControllerConfigImage}
+ # We need to mount /run for puppet_config step. This is because
+ # puppet-vswitch runs the commands "ovs-vsctl set open_vswitch . external_ids:..."
+ # to configure the required parameters in ovs db which will be read
+ # by ovn-controller. And ovs-vsctl talks to the ovsdb-server (hosting conf.db)
+ # on the unix domain socket - /run/openvswitch/db.sock
+ volumes:
+ - /lib/modules:/lib/modules:ro
+ - /run/openvswitch:/run/openvswitch
+ kolla_config:
+ /var/lib/kolla/config_files/ovn_controller.json:
+ command: /usr/bin/ovn-controller --pidfile --log-file unix:/run/openvswitch/db.sock
+ permissions:
+ - path: /var/log/openvswitch
+ owner: root:root
+ recurse: true
+ docker_config:
+ step_4:
+ ovn_controller:
+ image: {get_param: DockerOvnControllerImage}
+ net: host
+ privileged: true
+ user: root
+ restart: always
+ volumes:
+ - /var/lib/kolla/config_files/ovn_controller.json:/var/lib/kolla/config_files/config.json:ro
+ - /lib/modules:/lib/modules:ro
+ - /run/openvswitch:/run/openvswitch
+ - /var/log/containers/openvswitch:/var/log/openvswitch
+ environment:
+ - KOLLA_CONFIG_STRATEGY=COPY_ALWAYS
+ upgrade_tasks:
+ - name: Stop and disable ovn-controller service
+ tags: step2
+ service: name=ovn-controller state=stopped enabled=no
diff --git a/docker/services/ovn-dbs.yaml b/docker/services/ovn-dbs.yaml
new file mode 100644
index 00000000..f6ac62ed
--- /dev/null
+++ b/docker/services/ovn-dbs.yaml
@@ -0,0 +1,202 @@
+heat_template_version: pike
+
+description: >
+ OpenStack containerized Ovn DBs service
+
+parameters:
+ DockerOvnNbDbImage:
+ description: image
+ type: string
+ DockerOvnSbDbImage:
+ description: image
+ type: string
+ DockerOvnNorthdImage:
+ description: image
+ type: string
+ EndpointMap:
+ default: {}
+ description: Mapping of service endpoint -> protocol. Typically set
+ via parameter_defaults in the resource registry.
+ type: json
+ ServiceData:
+ default: {}
+ description: Dictionary packing service data
+ type: json
+ ServiceNetMap:
+ default: {}
+ description: Mapping of service_name -> network name. Typically set
+ via parameter_defaults in the resource registry. This
+ mapping overrides those in ServiceNetMapDefaults.
+ type: json
+ DefaultPasswords:
+ default: {}
+ type: json
+ RoleName:
+ default: ''
+ description: Role name on which the service is applied
+ type: string
+ RoleParameters:
+ default: {}
+ description: Parameters specific to the role
+ type: json
+
+resources:
+
+ ContainersCommon:
+ type: ./containers-common.yaml
+
+ OVNDbsBase:
+ type: ../../puppet/services/ovn-dbs.yaml
+ properties:
+ EndpointMap: {get_param: EndpointMap}
+ ServiceData: {get_param: ServiceData}
+ ServiceNetMap: {get_param: ServiceNetMap}
+ DefaultPasswords: {get_param: DefaultPasswords}
+ RoleName: {get_param: RoleName}
+ RoleParameters: {get_param: RoleParameters}
+
+outputs:
+ role_data:
+ description: Role data for the OVN Dbs role.
+ value:
+ service_name: {get_attr: [OVNDbsBase, role_data, service_name]}
+ config_settings:
+ map_merge:
+ - get_attr: [OVNDbsBase, role_data, config_settings]
+ step_config: &step_config
+ get_attr: [OVNDbsBase, role_data, step_config]
+ # BEGIN DOCKER SETTINGS
+ # puppet_config is not required for this service since we configure
+ # the NB and SB DB servers to listen on the proper IP address/port
+ # in the docker_config section.
+ # puppet_config is defined to satisfy the pep8 validations.
+ puppet_config:
+ config_volume: ''
+ config_image: ''
+ step_config: *step_config
+ kolla_config:
+ /var/lib/kolla/config_files/ovn_north_db_server.json:
+ command:
+ list_join:
+ - ' '
+ - - '/usr/sbin/ovsdb-server'
+ - '/var/lib/openvswitch/ovnnb.db'
+ - '--pidfile=/run/openvswitch/ovnnb_db.pid'
+ - '-vconsole:emer -vsyslog:err -vfile:info'
+ - '--remote=punix:/run/openvswitch/ovnnb_db.sock'
+ - '--unixctl=/run/openvswitch/ovnnb_db.ctl'
+ - '--remote=db:OVN_Northbound,NB_Global,connections'
+ - '--private-key=db:OVN_Northbound,SSL,private_key'
+ - '--certificate=db:OVN_Northbound,SSL,certificate'
+ - '--ca-cert=db:OVN_Northbound,SSL,ca_cert'
+ - '--log-file=/var/log/openvswitch/ovsdb-server-nb.log'
+ permissions:
+ - path: /var/log/openvswitch
+ owner: root:root
+ recurse: true
+ /var/lib/kolla/config_files/ovn_south_db_server.json:
+ command:
+ list_join:
+ - ' '
+ - - '/usr/sbin/ovsdb-server'
+ - '/var/lib/openvswitch/ovnsb.db'
+ - '--pidfile=/run/openvswitch/ovnsb_db.pid'
+ - '-vconsole:emer -vsyslog:err -vfile:info'
+ - '--remote=punix:/run/openvswitch/ovnsb_db.sock'
+ - '--unixctl=/run/openvswitch/ovnsb_db.ctl'
+ - '--remote=db:OVN_Southbound,SB_Global,connections'
+ - '--private-key=db:OVN_Southbound,SSL,private_key'
+ - '--certificate=db:OVN_Southbound,SSL,certificate'
+ - '--ca-cert=db:OVN_Southbound,SSL,ca_cert'
+ - '--log-file=/var/log/openvswitch/ovsdb-server-sb.log'
+ permissions:
+ - path: /var/log/openvswitch
+ owner: root:root
+ recurse: true
+ /var/lib/kolla/config_files/ovn_northd.json:
+ command:
+ list_join:
+ - ' '
+ - - '/usr/bin/ovn-northd -vconsole:emer -vsyslog:err -vfile:info'
+ - '--ovnnb-db=unix:/run/openvswitch/ovnnb_db.sock'
+ - '--ovnsb-db=unix:/run/openvswitch/ovnsb_db.sock'
+ - '--log-file=/var/log/openvswitch/ovn-northd.log'
+ - '--pidfile=/run/openvswitch/ovn-northd.pid'
+ permissions:
+ - path: /var/log/openvswitch
+ owner: root:root
+ recurse: true
+ docker_config:
+ step_4:
+ ovn_north_db_server:
+ start_order: 0
+ image: {get_param: DockerOvnNbDbImage}
+ net: host
+ privileged: false
+ restart: always
+ volumes:
+ list_concat:
+ - {get_attr: [ContainersCommon, volumes]}
+ -
+ - /var/lib/kolla/config_files/ovn_north_db_server.json:/var/lib/kolla/config_files/config.json:ro
+ - /lib/modules:/lib/modules:ro
+ - /var/lib/openvswitch/ovn:/var/lib/openvswitch
+ - /var/lib/openvswitch/ovn:/run/openvswitch
+ - /var/log/containers/openvswitch:/var/log/openvswitch
+ environment:
+ - KOLLA_CONFIG_STRATEGY=COPY_ALWAYS
+ ovn_south_db_server:
+ start_order: 0
+ image: {get_param: DockerOvnSbDbImage}
+ net: host
+ privileged: false
+ restart: always
+ volumes:
+ list_concat:
+ - {get_attr: [ContainersCommon, volumes]}
+ -
+ - /var/lib/kolla/config_files/ovn_south_db_server.json:/var/lib/kolla/config_files/config.json:ro
+ - /lib/modules:/lib/modules:ro
+ - /var/lib/openvswitch/ovn:/var/lib/openvswitch
+ - /var/lib/openvswitch/ovn:/run/openvswitch
+ - /var/log/containers/openvswitch:/var/log/openvswitch
+ environment:
+ - KOLLA_CONFIG_STRATEGY=COPY_ALWAYS
+ configure_ovn_north_db_server:
+ start_order: 1
+ action: exec
+ user: root
+ command: ['ovn_north_db_server', '/bin/bash', '-c', 'DBS_LISTEN_IP=`hiera ovn::northd::dbs_listen_ip -c /etc/puppet/hiera.yaml`; NB_DB_PORT=`hiera ovn::northbound::port -c /etc/puppet/hiera.yaml`; /usr/bin/bootstrap_host_exec ovn_dbs ovn-nbctl set-connection ptcp:$NB_DB_PORT:$DBS_LISTEN_IP']
+ configure_ovn_south_db_server:
+ start_order: 1
+ action: exec
+ user: root
+ command: ['ovn_south_db_server', '/bin/bash', '-c', 'DBS_LISTEN_IP=`hiera ovn::northd::dbs_listen_ip -c /etc/puppet/hiera.yaml`; SB_DB_PORT=`hiera ovn::southbound::port -c /etc/puppet/hiera.yaml`; /usr/bin/bootstrap_host_exec ovn_dbs ovn-sbctl set-connection ptcp:$SB_DB_PORT:$DBS_LISTEN_IP']
+ ovn_northd:
+ start_order: 2
+ image: {get_param: DockerOvnNorthdImage}
+ net: host
+ privileged: false
+ restart: always
+ volumes:
+ list_concat:
+ - {get_attr: [ContainersCommon, volumes]}
+ -
+ - /var/lib/kolla/config_files/ovn_northd.json:/var/lib/kolla/config_files/config.json:ro
+ - /lib/modules:/lib/modules:ro
+ - /var/lib/openvswitch/ovn:/run/openvswitch
+ - /var/log/containers/openvswitch:/var/log/openvswitch
+ environment:
+ - KOLLA_CONFIG_STRATEGY=COPY_ALWAYS
+ host_prep_tasks:
+ - name: create persistent directories
+ file:
+ path: "{{ item }}"
+ state: directory
+ with_items:
+ - /var/log/containers/openvswitch
+ - /var/lib/openvswitch/ovn
+ upgrade_tasks:
+ - name: Stop and disable ovn-northd service
+ tags: step2
+ service: name=ovn-northd state=stopped enabled=no
diff --git a/environments/services-docker/neutron-ovn.yaml b/environments/services-docker/neutron-ovn.yaml
new file mode 100644
index 00000000..8c8a56c9
--- /dev/null
+++ b/environments/services-docker/neutron-ovn.yaml
@@ -0,0 +1,27 @@
+# A Heat environment that can be used to deploy OVN services with non HA OVN DB servers.
+resource_registry:
+ OS::TripleO::Docker::NeutronMl2PluginBase: ../../puppet/services/neutron-plugin-ml2-ovn.yaml
+ OS::TripleO::Services::OVNController: ../../docker/services/ovn-controller.yaml
+ OS::TripleO::Services::OVNDBs: ../../docker/services/ovn-dbs.yaml
+# Disabling Neutron services that overlap with OVN
+ OS::TripleO::Services::NeutronOvsAgent: OS::Heat::None
+ OS::TripleO::Services::ComputeNeutronOvsAgent: OS::Heat::None
+ OS::TripleO::Services::NeutronL3Agent: OS::Heat::None
+ OS::TripleO::Services::NeutronMetadataAgent: OS::Heat::None
+ OS::TripleO::Services::NeutronDhcpAgent: OS::Heat::None
+ OS::TripleO::Services::ComputeNeutronCorePlugin: OS::Heat::None
+
+
+parameter_defaults:
+ NeutronMechanismDrivers: ovn
+ OVNVifType: ovs
+ OVNNeutronSyncMode: log
+ OVNQosDriver: ovn-qos
+ OVNTunnelEncapType: geneve
+ NeutronEnableDHCPAgent: false
+ NeutronTypeDrivers: 'geneve,vxlan,vlan,flat'
+ NeutronNetworkType: 'geneve'
+ NeutronServicePlugins: 'qos,ovn-router'
+ NeutronVniRanges: ['1:65536', ]
+ DockerNeutronApiImage: 'tripleoupstream/centos-binary-neutron-server-ovn:latest'
+ DockerNeutronConfigImage: 'tripleoupstream/centos-binary-neutron-server-ovn:latest'
diff --git a/network/scripts/run-os-net-config.sh b/network/scripts/run-os-net-config.sh
index 864da24b..d121fcf1 100755
--- a/network/scripts/run-os-net-config.sh
+++ b/network/scripts/run-os-net-config.sh
@@ -75,12 +75,13 @@ EOF_CAT
if [ "$mac_addr_type" != "0" ]; then
echo "Device has generated MAC, skipping."
else
- ip link set dev $iface up &>/dev/null
- HAS_LINK="$(cat /sys/class/net/${iface}/carrier)"
+ HAS_LINK="$(cat /sys/class/net/${iface}/carrier || echo 0)"
TRIES=10
while [ "$HAS_LINK" == "0" -a $TRIES -gt 0 ]; do
- HAS_LINK="$(cat /sys/class/net/${iface}/carrier)"
+ # Need to set the link up on each iteration
+ ip link set dev $iface up &>/dev/null
+ HAS_LINK="$(cat /sys/class/net/${iface}/carrier || echo 0)"
if [ "$HAS_LINK" == "1" ]; then
break
else
diff --git a/puppet/services/ceilometer-base.yaml b/puppet/services/ceilometer-base.yaml
index 5cc020a9..cdba2d3f 100644
--- a/puppet/services/ceilometer-base.yaml
+++ b/puppet/services/ceilometer-base.yaml
@@ -47,7 +47,7 @@ parameters:
description: Whether to manage event_pipeline.yaml.
type: boolean
EventPipelinePublishers:
- default: ['gnocchi://']
+ default: ['gnocchi://', 'panko://']
description: >
A list of publishers to put in event_pipeline.yaml. When the
collector is used, override this with notifier:// publisher.
@@ -115,6 +115,10 @@ parameters:
description: Driver or drivers to handle sending notifications.
constraints:
- allowed_values: [ 'messagingv2', 'noop' ]
+ GnocchiArchivePolicy:
+ default: 'low'
+ type: string
+ description: archive policy to use with gnocchi backend
conditions:
service_debug_unset: {equals : [{get_param: CeilometerDebug}, '']}
@@ -149,7 +153,7 @@ outputs:
ceilometer::agent::auth::auth_endpoint_type: 'internalURL'
ceilometer::dispatcher::gnocchi::url: {get_param: [EndpointMap, GnocchiInternal, uri]}
ceilometer::dispatcher::gnocchi::filter_project: 'service'
- ceilometer::dispatcher::gnocchi::archive_policy: 'low'
+ ceilometer::dispatcher::gnocchi::archive_policy: {get_param: GnocchiArchivePolicy}
ceilometer::dispatcher::gnocchi::resources_definition_file: 'gnocchi_resources.yaml'
ceilometer::notification_driver: {get_param: NotificationDriver}
ceilometer::rabbit_userid: {get_param: RabbitUserName}
diff --git a/puppet/services/pacemaker/manila-share.yaml b/puppet/services/pacemaker/manila-share.yaml
index 61bf4580..8a282014 100644
--- a/puppet/services/pacemaker/manila-share.yaml
+++ b/puppet/services/pacemaker/manila-share.yaml
@@ -52,5 +52,8 @@ outputs:
config_settings:
map_merge:
- get_attr: [ManilaShareBase, role_data, config_settings]
+ - manila::share::manage_service: false
+ manila::share::enabled: false
+ manila::host: hostgroup
step_config: |
include ::tripleo::profile::pacemaker::manila
diff --git a/releasenotes/notes/add-hostgroup-default-for-host-parameter-02e3d48de1f69765.yaml b/releasenotes/notes/add-hostgroup-default-for-host-parameter-02e3d48de1f69765.yaml
new file mode 100644
index 00000000..ff0904b8
--- /dev/null
+++ b/releasenotes/notes/add-hostgroup-default-for-host-parameter-02e3d48de1f69765.yaml
@@ -0,0 +1,9 @@
+---
+fixes:
+ - Set "host" parameter in manila.conf to 'hostgroup' when running
+ manila share service under pacemaker. This labels instances of
+ the service on different nodes with the same "host" as cinder does
+ in this circumstance so that the instances are considered by
+ OpenStack to provide the same service and manila share is able to
+ maintain management of shares on the backend after failover and
+ failback.
diff --git a/releasenotes/notes/containarise-barbican-1253606411d497ff.yaml b/releasenotes/notes/containarise-barbican-1253606411d497ff.yaml
new file mode 100644
index 00000000..85292231
--- /dev/null
+++ b/releasenotes/notes/containarise-barbican-1253606411d497ff.yaml
@@ -0,0 +1,4 @@
+---
+features:
+ - |
+ Barbican API added to containarised overcloud deployment
diff --git a/releasenotes/notes/ovn-container-support-3ab333fff6e90dc4.yaml b/releasenotes/notes/ovn-container-support-3ab333fff6e90dc4.yaml
new file mode 100644
index 00000000..25fd2fbe
--- /dev/null
+++ b/releasenotes/notes/ovn-container-support-3ab333fff6e90dc4.yaml
@@ -0,0 +1,4 @@
+---
+features:
+ - Support containerized ovn-controller
+ - Support containerized OVN Dbs without HA
diff --git a/releasenotes/source/conf.py b/releasenotes/source/conf.py
index 9d46018a..1e0bf00a 100644
--- a/releasenotes/source/conf.py
+++ b/releasenotes/source/conf.py
@@ -52,9 +52,9 @@ copyright = u'2017, TripleO Developers'
# built documents.
#
# The full version, including alpha/beta/rc tags.
-release = '7.0.0.0rc1'
+release = ''
# The short X.Y version.
-version = '7.0.0'
+version = ''
# The full version, including alpha/beta/rc tags.