diff options
| -rw-r--r-- | capabilities-map.yaml | 7 | ||||
| -rw-r--r-- | ci/environments/scenario002-multinode-containers.yaml | 5 | ||||
| -rw-r--r-- | common/deploy-steps.j2 | 17 | ||||
| -rw-r--r-- | docker/services/nova-metadata.yaml | 66 | ||||
| -rw-r--r-- | environments/cinder-dellemc-unity-config.yaml | 14 | ||||
| -rw-r--r-- | environments/docker-services-tls-everywhere.yaml | 7 | ||||
| -rw-r--r-- | environments/docker.yaml | 1 | ||||
| -rw-r--r-- | extraconfig/pre_deploy/rhel-registration/scripts/rhel-registration | 14 | ||||
| -rw-r--r-- | overcloud-resource-registry-puppet.j2.yaml | 1 | ||||
| -rw-r--r-- | puppet/services/cinder-backend-dellemc-unity.yaml | 85 | ||||
| -rw-r--r-- | puppet/services/horizon.yaml | 16 | ||||
| -rw-r--r-- | releasenotes/notes/unity_cinder_e9872898724a11e7.yaml | 4 | ||||
| -rw-r--r-- | releasenotes/notes/workaround-unset-fqdn-for-rhel-reg-be9c4620146096be.yaml | 8 | ||||
| -rw-r--r-- | roles/Controller.yaml | 1 | ||||
| -rw-r--r-- | roles_data.yaml | 1 |
15 files changed, 241 insertions, 6 deletions
diff --git a/capabilities-map.yaml b/capabilities-map.yaml index fdf2ad63..91daa689 100644 --- a/capabilities-map.yaml +++ b/capabilities-map.yaml @@ -312,6 +312,13 @@ topics: Enables a Cinder Dell EMC Storage Center ISCSI backend requires: - overcloud-resource-registry-puppet.yaml + - file: environments/cinder-dellemc-unity-config.yaml + title: Cinder Dell EMC Unity backend + description: > + Enables a Cinder Dell EMC Unity backend, + configured via puppet + requires: + - overcloud-resource-registry-puppet.yaml - file: environments/cinder-hpelefthand-config.yaml title: Cinder HPELeftHandISCSI backend description: > diff --git a/ci/environments/scenario002-multinode-containers.yaml b/ci/environments/scenario002-multinode-containers.yaml index d300f773..fe06ef66 100644 --- a/ci/environments/scenario002-multinode-containers.yaml +++ b/ci/environments/scenario002-multinode-containers.yaml @@ -8,7 +8,10 @@ resource_registry: OS::TripleO::Compute::Net::SoftwareConfig: ../common/net-config-multinode.yaml # TODO: Barbican is not yet containerized: https://review.openstack.org/#/c/474327 # OS::TripleO::Services::BarbicanApi: ../../docker/services/barbican-api.yaml - OS::TripleO::Services::Zaqar: ../../docker/services/zaqar.yaml + OS::TripleO::Services::BarbicanApi: ../../puppet/services/barbican-api.yaml + # TODO: Zaqar doesn't work when containerized + # https://bugs.launchpad.net/tripleo/+bug/1710959 + OS::TripleO::Services::Zaqar: ../../puppet/services/zaqar.yaml OS::TripleO::Services::Ec2Api: ../../docker/services/ec2-api.yaml # NOTE: This is needed because of upgrades from Ocata to Pike. We # deploy the initial environment with Ocata templates, and diff --git a/common/deploy-steps.j2 b/common/deploy-steps.j2 index b36bb97a..8d17c223 100644 --- a/common/deploy-steps.j2 +++ b/common/deploy-steps.j2 @@ -11,6 +11,7 @@ # primary role is: {{primary_role_name}} {% set deploy_steps_max = 6 -%} {% set update_steps_max = 6 -%} +{% set upgrade_steps_max = 6 -%} heat_template_version: pike @@ -337,4 +338,20 @@ outputs: with_sequence: count={{deploy_steps_max-1}} loop_control: loop_var: step + upgrade_steps_tasks: | +{%- for role in roles %} + - include: {{role.name}}/upgrade_tasks.yaml + when: role_name == '{{role.name}}' +{%- endfor %} + upgrade_steps_playbook: | + - hosts: overcloud + tasks: + - include: upgrade_steps_tasks.yaml + with_sequence: count={{upgrade_steps_max-1}} + loop_control: + loop_var: step + - include: deploy_steps_tasks.yaml + with_sequence: count={{deploy_steps_max-1}} + loop_control: + loop_var: step diff --git a/docker/services/nova-metadata.yaml b/docker/services/nova-metadata.yaml index 0a8a74cd..53ae7910 100644 --- a/docker/services/nova-metadata.yaml +++ b/docker/services/nova-metadata.yaml @@ -4,6 +4,12 @@ description: > OpenStack containerized Nova Metadata service parameters: + DockerNovaMetadataImage: + description: image + type: string + DockerNovaConfigImage: + description: The container image to use for the nova config_volume + type: string EndpointMap: default: {} description: Mapping of service endpoint -> protocol. Typically set @@ -33,6 +39,9 @@ parameters: resources: + ContainersCommon: + type: ./containers-common.yaml + NovaMetadataBase: type: ../../puppet/services/nova-metadata.yaml properties: @@ -56,9 +65,56 @@ outputs: service_config_settings: {get_attr: [NovaMetadataBase, role_data, service_config_settings]} # BEGIN DOCKER SETTINGS puppet_config: - config_volume: '' - puppet_tags: '' + config_volume: nova + puppet_tags: nova_config step_config: *step_config - config_image: '' - kolla_config: {} - docker_config: {} + config_image: {get_param: DockerNovaConfigImage} + kolla_config: + /var/lib/kolla/config_files/nova_metadata.json: + command: /usr/bin/nova-api-metadata + config_files: + - source: "/var/lib/kolla/config_files/src/*" + dest: "/" + merge: true + preserve_properties: true + permissions: + - path: /var/log/nova + owner: nova:nova + recurse: true + docker_config: + step_2: + nova_init_logs: + image: &nova_metadata_image {get_param: DockerNovaMetadataImage} + privileged: false + user: root + volumes: + - /var/log/containers/nova:/var/log/nova + command: ['/bin/bash', '-c', 'chown -R nova:nova /var/log/nova'] + step_4: + nova_metadata: + start_order: 2 + image: *nova_metadata_image + net: host + user: nova + privileged: true + restart: always + volumes: + list_concat: + - {get_attr: [ContainersCommon, volumes]} + - + - /var/lib/kolla/config_files/nova_metadata.json:/var/lib/kolla/config_files/config.json:ro + - /var/lib/config-data/puppet-generated/nova/:/var/lib/kolla/config_files/src:ro + - /var/log/containers/nova:/var/log/nova + environment: + - KOLLA_CONFIG_STRATEGY=COPY_ALWAYS + metadata_settings: + get_attr: [NovaMetadataBase, role_data, metadata_settings] + host_prep_tasks: + - name: create persistent logs directory + file: + path: /var/log/containers/nova + state: directory + upgrade_tasks: + - name: Stop and disable nova_api service + tags: step2 + service: name=openstack-nova-api state=stopped enabled=no diff --git a/environments/cinder-dellemc-unity-config.yaml b/environments/cinder-dellemc-unity-config.yaml new file mode 100644 index 00000000..c67c91cb --- /dev/null +++ b/environments/cinder-dellemc-unity-config.yaml @@ -0,0 +1,14 @@ +# A Heat environment file which can be used to enable a +# Cinder Dell EMC Unity backend, configured via puppet +resource_registry: + OS::TripleO::Services::CinderBackendDellEMCUnity: ../puppet/services/cinder-backend-dellemc-unity.yaml + +parameter_defaults: + CinderEnableDellEMCUnityBackend: true + CinderDellEMCUnityBackendName: 'tripleo_dellemc_unity' + CinderDellEMCUnitySanIp: '' + CinderDellEMCUnitySanLogin: 'Admin' + CinderDellEMCUnitySanPassword: '' + CinderDellEMCUnityStorageProtocol: 'iSCSI' + CinderDellEMCUnityIoPorts: '' + CinderDellEMCUnityStoragePoolNames: '' diff --git a/environments/docker-services-tls-everywhere.yaml b/environments/docker-services-tls-everywhere.yaml index 1062e4f7..e977dff2 100644 --- a/environments/docker-services-tls-everywhere.yaml +++ b/environments/docker-services-tls-everywhere.yaml @@ -30,6 +30,13 @@ resource_registry: OS::TripleO::Services::NeutronMetadataAgent: ../docker/services/neutron-metadata.yaml OS::TripleO::Services::NeutronOvsAgent: ../docker/services/neutron-ovs-agent.yaml OS::TripleO::Services::NeutronServer: ../docker/services/neutron-api.yaml + OS::TripleO::Services::NovaApi: ../docker/services/nova-api.yaml + OS::TripleO::Services::NovaConductor: ../docker/services/nova-conductor.yaml + OS::TripleO::Services::NovaConsoleauth: ../docker/services/nova-consoleauth.yaml + OS::TripleO::Services::NovaMigrationTarget: ../docker/services/nova-migration-target.yaml + OS::TripleO::Services::NovaPlacement: ../docker/services/nova-placement.yaml + OS::TripleO::Services::NovaScheduler: ../docker/services/nova-scheduler.yaml + OS::TripleO::Services::NovaVncProxy: ../docker/services/nova-vnc-proxy.yaml OS::TripleO::Services::PankoApi: ../docker/services/panko-api.yaml OS::TripleO::Services::Redis: ../docker/services/database/redis.yaml OS::TripleO::Services::SwiftProxy: ../docker/services/swift-proxy.yaml diff --git a/environments/docker.yaml b/environments/docker.yaml index ebaf2694..a47e0d4d 100644 --- a/environments/docker.yaml +++ b/environments/docker.yaml @@ -16,6 +16,7 @@ resource_registry: OS::TripleO::Services::NovaPlacement: ../docker/services/nova-placement.yaml OS::TripleO::Services::NovaConductor: ../docker/services/nova-conductor.yaml OS::TripleO::Services::NovaConsoleauth: ../docker/services/nova-consoleauth.yaml + OS::TripleO::Services::NovaMetadata: ../docker/services/nova-metadata.yaml OS::TripleO::Services::NovaMigrationTarget: ../docker/services/nova-migration-target.yaml OS::TripleO::Services::NovaScheduler: ../docker/services/nova-scheduler.yaml OS::TripleO::Services::NovaVncProxy: ../docker/services/nova-vnc-proxy.yaml diff --git a/extraconfig/pre_deploy/rhel-registration/scripts/rhel-registration b/extraconfig/pre_deploy/rhel-registration/scripts/rhel-registration index d14ed73f..487857ef 100644 --- a/extraconfig/pre_deploy/rhel-registration/scripts/rhel-registration +++ b/extraconfig/pre_deploy/rhel-registration/scripts/rhel-registration @@ -235,11 +235,25 @@ case "${REG_METHOD:-}" in if [ "$satellite_version" = "6" ]; then repos="$repos --enable ${satellite_repo}" curl --retry ${retry_max_count} --retry-delay 10 --max-time 30 -L -k -O "$REG_SAT_URL/pub/katello-ca-consumer-latest.noarch.rpm" + + # https://bugs.launchpad.net/tripleo/+bug/1711435 + # Delete the /etc/rhsm/facts directory entirely so that the + # %post script from katello-ca-consumer does not override the + # hostname with $(hostname -f) if there is no fqdn set + fqdn=$(hostname -f) + if [ "$fqdn" = "localhost" -o "$fqdn" = "localhost.localdomain" ]; then + rm -rf /etc/rhsm/facts + fi + rpm -Uvh katello-ca-consumer-latest.noarch.rpm || true retry subscription-manager register $opts retry subscription-manager $repos retry yum install -y katello-agent || true # needed for errata reporting to satellite6 katello-package-upload + + # https://bugs.launchpad.net/tripleo/+bug/1711435 + # recreate the facts dir just in case we rm'd it earlier + mkdir -p /etc/rhsm/facts else pushd /usr/share/rhn/ curl --retry ${retry_max_count} --retry-delay 10 --max-time 30 -k -O $REG_SAT_URL/pub/RHN-ORG-TRUSTED-SSL-CERT diff --git a/overcloud-resource-registry-puppet.j2.yaml b/overcloud-resource-registry-puppet.j2.yaml index 2a9f9d76..7bcc6d80 100644 --- a/overcloud-resource-registry-puppet.j2.yaml +++ b/overcloud-resource-registry-puppet.j2.yaml @@ -263,6 +263,7 @@ resource_registry: OS::TripleO::Services::NeutronML2FujitsuFossw: OS::Heat::None OS::TripleO::Services::CinderBackendDellPs: OS::Heat::None OS::TripleO::Services::CinderBackendDellSc: OS::Heat::None + OS::TripleO::Services::CinderBackendDellEMCUnity: OS::Heat::None OS::TripleO::Services::CinderBackendNetApp: OS::Heat::None OS::TripleO::Services::CinderBackendScaleIO: OS::Heat::None OS::TripleO::Services::CinderBackendVRTSHyperScale: OS::Heat::None diff --git a/puppet/services/cinder-backend-dellemc-unity.yaml b/puppet/services/cinder-backend-dellemc-unity.yaml new file mode 100644 index 00000000..c8b8bd8f --- /dev/null +++ b/puppet/services/cinder-backend-dellemc-unity.yaml @@ -0,0 +1,85 @@ +# Copyright (c) 2016-2017 Dell Inc, or its subsidiaries. +# +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. +heat_template_version: pike + +description: > + Openstack Cinder Dell EMC Unity backend + +parameters: + CinderEnableDellEMCUnityBackend: + type: boolean + default: true + CinderDellEMCUnityBackendName: + type: string + default: 'tripleo_dellemc_unity' + CinderDellEMCUnitySanIp: + type: string + CinderDellEMCUnitySanLogin: + type: string + default: 'Admin' + CinderDellEMCUnitySanPassword: + type: string + hidden: true + CinderDellEMCUnityStorageProtocol: + type: string + default: 'iSCSI' + CinderDellEMCUnityIoPorts: + type: string + default: '' + CinderDellEMCUnityStoragePoolNames: + type: string + default: '' + ServiceData: + default: {} + description: Dictionary packing service data + type: json + ServiceNetMap: + default: {} + description: Mapping of service_name -> network name. Typically set + via parameter_defaults in the resource registry. This + mapping overrides those in ServiceNetMapDefaults. + type: json + DefaultPasswords: + default: {} + type: json + RoleName: + default: '' + description: Role name on which the service is applied + type: string + RoleParameters: + default: {} + description: Parameters specific to the role + type: json + EndpointMap: + default: {} + type: json + description: Mapping of service endpoint -> protocol. Typically set + via parameter_defaults in the resource registry. + +outputs: + role_data: + description: Role data for the Cinder Dell EMC Storage Center backend. + value: + service_name: cinder_backend_dellemc_unity + config_settings: + tripleo::profile::base::cinder::volume::cinder_enable_dellemc_unity_backend: {get_param: CinderEnableDellEMCUnityBackend} + cinder::backend::dellemc_unity::volume_backend_name: {get_param: CinderDellEMCUnityBackendName} + cinder::backend::dellemc_unity::san_ip: {get_param: CinderDellEMCUnitySanIp} + cinder::backend::dellemc_unity::san_login: {get_param: CinderDellEMCUnitySanLogin} + cinder::backend::dellemc_unity::san_password: {get_param: CinderDellEMCUnitySanPassword} + cinder::backend::dellemc_unity::storage_protocol: {get_param: CinderDellEMCUnityStorageProtocol} + cinder::backend::dellemc_unity::unity_io_ports: {get_param: CinderDellEMCUnityIoPorts} + cinder::backend::dellemc_unity::unity_storage_pool_names: {get_param: CinderDellEMCUnityStoragePoolNames} + step_config: | + include ::tripleo::profile::base::cinder::volume diff --git a/puppet/services/horizon.yaml b/puppet/services/horizon.yaml index 63ab92eb..642a0f09 100644 --- a/puppet/services/horizon.yaml +++ b/puppet/services/horizon.yaml @@ -67,6 +67,14 @@ parameters: MonitoringSubscriptionHorizon: default: 'overcloud-horizon' type: string + EnableInternalTLS: + type: boolean + default: false + InternalTLSCAFile: + default: '/etc/ipa/ca.crt' + type: string + description: Specifies the default CA cert to use if TLS is used for + services in the internal network. conditions: @@ -109,6 +117,14 @@ outputs: - {get_param: [DefaultPasswords, horizon_secret]} horizon::secure_cookies: {get_param: [HorizonSecureCookies]} memcached_ipv6: {get_param: MemcachedIPv6} + horizon::servername: + str_replace: + template: + "%{hiera('fqdn_$NETWORK')}" + params: + $NETWORK: {get_param: [ServiceNetMap, HorizonNetwork]} + horizon::listen_ssl: {get_param: EnableInternalTLS} + horizon::horizon_ca: {get_param: InternalTLSCAFile} - if: - debug_unset diff --git a/releasenotes/notes/unity_cinder_e9872898724a11e7.yaml b/releasenotes/notes/unity_cinder_e9872898724a11e7.yaml new file mode 100644 index 00000000..f2edb9f7 --- /dev/null +++ b/releasenotes/notes/unity_cinder_e9872898724a11e7.yaml @@ -0,0 +1,4 @@ +--- +features: + - | + Add support for Dell EMC Unity cinder driver diff --git a/releasenotes/notes/workaround-unset-fqdn-for-rhel-reg-be9c4620146096be.yaml b/releasenotes/notes/workaround-unset-fqdn-for-rhel-reg-be9c4620146096be.yaml new file mode 100644 index 00000000..04b21fba --- /dev/null +++ b/releasenotes/notes/workaround-unset-fqdn-for-rhel-reg-be9c4620146096be.yaml @@ -0,0 +1,8 @@ +--- +fixes: + - Workaround systems getting registered as "localhost" during + RHEL registration if they don't have a fqdn set by first + rm'ing the /etc/rhsm/facts directory. When the directory does not + exist, the katello-rshm-consumer which runs when installing + the katello-ca-consumer will not set the hostname.override fact to + "localhost". See https://bugs.launchpad.net/tripleo/+bug/1711435 diff --git a/roles/Controller.yaml b/roles/Controller.yaml index 224d1356..3d9173c4 100644 --- a/roles/Controller.yaml +++ b/roles/Controller.yaml @@ -44,6 +44,7 @@ - OS::TripleO::Services::CinderApi - OS::TripleO::Services::CinderBackendDellPs - OS::TripleO::Services::CinderBackendDellSc + - OS::TripleO::Services::CinderBackendDellEMCUnity - OS::TripleO::Services::CinderBackendNetApp - OS::TripleO::Services::CinderBackendScaleIO - OS::TripleO::Services::CinderBackendVRTSHyperScale diff --git a/roles_data.yaml b/roles_data.yaml index 8f670994..bde656f8 100644 --- a/roles_data.yaml +++ b/roles_data.yaml @@ -47,6 +47,7 @@ - OS::TripleO::Services::CinderApi - OS::TripleO::Services::CinderBackendDellPs - OS::TripleO::Services::CinderBackendDellSc + - OS::TripleO::Services::CinderBackendDellEMCUnity - OS::TripleO::Services::CinderBackendNetApp - OS::TripleO::Services::CinderBackendScaleIO - OS::TripleO::Services::CinderBackendVRTSHyperScale |