diff options
78 files changed, 632 insertions, 73 deletions
diff --git a/ci/environments/multinode-3nodes.yaml b/ci/environments/multinode-3nodes.yaml index 03065c6a..d6e2376a 100644 --- a/ci/environments/multinode-3nodes.yaml +++ b/ci/environments/multinode-3nodes.yaml @@ -55,6 +55,7 @@ - OS::TripleO::Services::TripleoFirewall - OS::TripleO::Services::NovaCompute - OS::TripleO::Services::NovaLibvirt + - OS::TripleO::Services::MySQLClient - name: Controller CountDefault: 1 diff --git a/ci/environments/multinode.yaml b/ci/environments/multinode.yaml index d89a4942..c946ec8a 100644 --- a/ci/environments/multinode.yaml +++ b/ci/environments/multinode.yaml @@ -1,6 +1,15 @@ resource_registry: OS::TripleO::Controller::Net::SoftwareConfig: ../common/net-config-multinode-os-net-config.yaml OS::TripleO::Compute::Net::SoftwareConfig: ../common/net-config-multinode-os-net-config.yaml + OS::TripleO::Services::RabbitMQ: ../../puppet/services/pacemaker/rabbitmq.yaml + OS::TripleO::Services::HAproxy: ../../puppet/services/pacemaker/haproxy.yaml + OS::TripleO::Services::Pacemaker: ../../puppet/services/pacemaker.yaml + OS::TripleO::Services::MySQL: ../../puppet/services/pacemaker/database/mysql.yaml + OS::TripleO::Services::CinderVolume: ../../puppet/services/pacemaker/cinder-volume.yaml + OS::TripleO::Services::Keepalived: OS::Heat::None + OS::TripleO::Tasks::ControllerPrePuppet: ../../extraconfig/tasks/pre_puppet_pacemaker.yaml + OS::TripleO::Tasks::ControllerPostPuppet: ../../extraconfig/tasks/post_puppet_pacemaker.yaml + OS::TripleO::Tasks::ControllerPostPuppetRestart: ../../extraconfig/tasks/post_puppet_pacemaker_restart.yaml parameter_defaults: ControllerServices: diff --git a/ci/environments/multinode_major_upgrade.yaml b/ci/environments/multinode_major_upgrade.yaml index 6af267bf..2251cc0c 100644 --- a/ci/environments/multinode_major_upgrade.yaml +++ b/ci/environments/multinode_major_upgrade.yaml @@ -1,6 +1,15 @@ resource_registry: OS::TripleO::Controller::Net::SoftwareConfig: ../common/net-config-multinode.yaml OS::TripleO::Compute::Net::SoftwareConfig: ../common/net-config-multinode.yaml + OS::TripleO::Services::RabbitMQ: ../../puppet/services/pacemaker/rabbitmq.yaml + OS::TripleO::Services::HAproxy: ../../puppet/services/pacemaker/haproxy.yaml + OS::TripleO::Services::Pacemaker: ../../puppet/services/pacemaker.yaml + OS::TripleO::Services::MySQL: ../../puppet/services/pacemaker/database/mysql.yaml + OS::TripleO::Services::CinderVolume: ../../puppet/services/pacemaker/cinder-volume.yaml + OS::TripleO::Services::Keepalived: OS::Heat::None + OS::TripleO::Tasks::ControllerPrePuppet: ../../extraconfig/tasks/pre_puppet_pacemaker.yaml + OS::TripleO::Tasks::ControllerPostPuppet: ../../extraconfig/tasks/post_puppet_pacemaker.yaml + OS::TripleO::Tasks::ControllerPostPuppetRestart: ../../extraconfig/tasks/post_puppet_pacemaker_restart.yaml parameter_defaults: ControllerServices: @@ -45,6 +54,7 @@ parameter_defaults: - OS::TripleO::Services::NovaCompute - OS::TripleO::Services::NovaLibvirt - OS::TripleO::Services::Pacemaker + - OS::TripleO::Services::Horizon ControllerExtraConfig: nova::compute::libvirt::services::libvirt_virt_type: qemu nova::compute::libvirt::libvirt_virt_type: qemu diff --git a/ci/environments/scenario001-multinode.yaml b/ci/environments/scenario001-multinode.yaml index e09ca705..a6f35711 100644 --- a/ci/environments/scenario001-multinode.yaml +++ b/ci/environments/scenario001-multinode.yaml @@ -1,13 +1,24 @@ resource_registry: OS::TripleO::Controller::Net::SoftwareConfig: ../common/net-config-multinode.yaml OS::TripleO::Compute::Net::SoftwareConfig: ../common/net-config-multinode.yaml - OS::TripleO::Services::CephMon: /usr/share/openstack-tripleo-heat-templates/puppet/services/ceph-mon.yaml - OS::TripleO::Services::CephOSD: /usr/share/openstack-tripleo-heat-templates/puppet/services/ceph-osd.yaml - OS::TripleO::Services::CephClient: /usr/share/openstack-tripleo-heat-templates/puppet/services/ceph-client.yaml - OS::TripleO::Services::PankoApi: /usr/share/openstack-tripleo-heat-templates/puppet/services/panko-api.yaml - OS::TripleO::Services::Collectd: /usr/share/openstack-tripleo-heat-templates/puppet/services/metrics/collectd.yaml - OS::TripleO::Services::Tacker: /usr/share/openstack-tripleo-heat-templates/puppet/services/tacker.yaml - OS::TripleO::Services::Congress: /usr/share/openstack-tripleo-heat-templates/puppet/services/congress.yaml + OS::TripleO::Services::CephMon: ../../puppet/services/ceph-mon.yaml + OS::TripleO::Services::CephOSD: ../../puppet/services/ceph-osd.yaml + OS::TripleO::Services::CephClient: ../../puppet/services/ceph-client.yaml + OS::TripleO::Services::PankoApi: ../../puppet/services/panko-api.yaml + OS::TripleO::Services::Collectd: ../../puppet/services/metrics/collectd.yaml + OS::TripleO::Services::Tacker: ../../puppet/services/tacker.yaml + OS::TripleO::Services::Congress: ../../puppet/services/congress.yaml + OS::TripleO::Services::RabbitMQ: ../../puppet/services/pacemaker/rabbitmq.yaml + OS::TripleO::Services::HAproxy: ../../puppet/services/pacemaker/haproxy.yaml + OS::TripleO::Services::Pacemaker: ../../puppet/services/pacemaker.yaml + OS::TripleO::Services::Redis: ../../puppet/services/pacemaker/database/redis.yaml + OS::TripleO::Services::MySQL: ../../puppet/services/pacemaker/database/mysql.yaml + OS::TripleO::Services::CinderBackup: ../../puppet/services/pacemaker/cinder-backup.yaml + OS::TripleO::Services::CinderVolume: ../../puppet/services/pacemaker/cinder-volume.yaml + OS::TripleO::Services::Keepalived: OS::Heat::None + OS::TripleO::Tasks::ControllerPrePuppet: ../../extraconfig/tasks/pre_puppet_pacemaker.yaml + OS::TripleO::Tasks::ControllerPostPuppet: ../../extraconfig/tasks/post_puppet_pacemaker.yaml + OS::TripleO::Tasks::ControllerPostPuppetRestart: ../../extraconfig/tasks/post_puppet_pacemaker_restart.yaml parameter_defaults: ControllerServices: diff --git a/ci/environments/scenario002-multinode.yaml b/ci/environments/scenario002-multinode.yaml index 3207d133..cbcfa9b3 100644 --- a/ci/environments/scenario002-multinode.yaml +++ b/ci/environments/scenario002-multinode.yaml @@ -4,6 +4,16 @@ resource_registry: OS::TripleO::Services::BarbicanApi: ../../puppet/services/barbican-api.yaml OS::TripleO::Services::Zaqar: ../../puppet/services/zaqar.yaml OS::TripleO::Services::Ec2Api: ../../puppet/services/ec2-api.yaml + OS::TripleO::Services::RabbitMQ: ../../puppet/services/pacemaker/rabbitmq.yaml + OS::TripleO::Services::HAproxy: ../../puppet/services/pacemaker/haproxy.yaml + OS::TripleO::Services::Pacemaker: ../../puppet/services/pacemaker.yaml + OS::TripleO::Services::MySQL: ../../puppet/services/pacemaker/database/mysql.yaml + OS::TripleO::Services::CinderBackup: ../../puppet/services/pacemaker/cinder-backup.yaml + OS::TripleO::Services::CinderVolume: ../../puppet/services/pacemaker/cinder-volume.yaml + OS::TripleO::Services::Keepalived: OS::Heat::None + OS::TripleO::Tasks::ControllerPrePuppet: ../../extraconfig/tasks/pre_puppet_pacemaker.yaml + OS::TripleO::Tasks::ControllerPostPuppet: ../../extraconfig/tasks/post_puppet_pacemaker.yaml + OS::TripleO::Tasks::ControllerPostPuppetRestart: ../../extraconfig/tasks/post_puppet_pacemaker_restart.yaml parameter_defaults: ControllerServices: diff --git a/ci/environments/scenario003-multinode.yaml b/ci/environments/scenario003-multinode.yaml index 1dc8b13d..6e926f74 100644 --- a/ci/environments/scenario003-multinode.yaml +++ b/ci/environments/scenario003-multinode.yaml @@ -6,6 +6,14 @@ resource_registry: OS::TripleO::Services::MistralApi: ../../puppet/services/mistral-api.yaml OS::TripleO::Services::MistralEngine: ../../puppet/services/mistral-engine.yaml OS::TripleO::Services::MistralExecutor: ../../puppet/services/mistral-executor.yaml + OS::TripleO::Services::RabbitMQ: ../../puppet/services/pacemaker/rabbitmq.yaml + OS::TripleO::Services::HAproxy: ../../puppet/services/pacemaker/haproxy.yaml + OS::TripleO::Services::Pacemaker: ../../puppet/services/pacemaker.yaml + OS::TripleO::Services::MySQL: ../../puppet/services/pacemaker/database/mysql.yaml + OS::TripleO::Services::Keepalived: OS::Heat::None + OS::TripleO::Tasks::ControllerPrePuppet: ../../extraconfig/tasks/pre_puppet_pacemaker.yaml + OS::TripleO::Tasks::ControllerPostPuppet: ../../extraconfig/tasks/post_puppet_pacemaker.yaml + OS::TripleO::Tasks::ControllerPostPuppetRestart: ../../extraconfig/tasks/post_puppet_pacemaker_restart.yaml parameter_defaults: ControllerServices: diff --git a/docker/docker-toool b/docker/docker-toool new file mode 100755 index 00000000..36aba4a7 --- /dev/null +++ b/docker/docker-toool @@ -0,0 +1,189 @@ +#!/usr/bin/env python +# Licensed under the Apache License, Version 2.0 (the "License"); you may +# not use this file except in compliance with the License. You may obtain +# a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, WITHOUT +# WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the +# License for the specific language governing permissions and limitations +# under the License. + +import argparse +import os +import shutil +import sys +import json + +docker_cmd = '/bin/docker' + +# Tool to start docker containers as configured via +# tripleo-heat-templates. +# +# This tool reads data from a json file generated from heat when the +# TripleO stack is run. All the configuration data used to start the +# containerized services is in this file. +# +# By default this tool lists all the containers that are started and +# their start order. +# +# If you wish to see the command line used to start a given container, +# specify it by name using the --container argument. --run can then be +# used with this to actually execute docker to run the container.\n +# +# Other options listed allow you to modify this command line for +# debugging purposes. For example: +# +# docker-toool -c swift-proxy -r -e /bin/bash -u root -i -n test +# +# will run the swift proxy container as user root, executing /bin/bash, +# +# named 'test', and will run interactively (eg -ti). + + +def parse_opts(argv): + parser = argparse.ArgumentParser("Tool to start docker containers via " + "TripleO configurations") + parser.add_argument('-f', '--config', + help="""File to use as docker startup configuration data.""", + default='/var/lib/docker-container-startup-configs.json') + parser.add_argument('-r', '--run', + action='store_true', + help="""Run the container as specified with --container.""", + default=False) + parser.add_argument('-e', '--command', + help="""Override the command used to run the container.""", + default='') + parser.add_argument('-c', '--container', + help="""Specify a container to run or show the command for.""", + default='') + parser.add_argument('-u', '--user', + help="""User to run container as.""", + default='') + parser.add_argument('-n', '--name', + help="""Name of container.""", + default='') + parser.add_argument('-i', '--interactive', + action='store_true', + help="""Start docker container interactively (-ti).""", + default=False) + opts = parser.parse_args(argv[1:]) + + return opts + +def docker_arg_map(key, value): + value = str(value).encode('ascii', 'ignore') + return { + 'environment': "--env=%s" % value, + # 'image': value, + 'net': "--net=%s" % value, + 'pid': "--pid=%s" % value, + 'privileged': "--privileged=%s" % value.lower(), + #'restart': "--restart=%s" % "false", + 'user': "--user=%s" % value, + 'volumes': "--volume=%s" % value, + 'volumes_from': "--volumes-from=%s" % value, + }.get(key, None) + +def run_docker_container(opts, container_name): + container_found = False + + with open(opts.config) as f: + json_data = json.load(f) + + for step in (json_data or []): + if step is None: + continue + for container in (json_data[step] or []): + if container == container_name: + print('container found: %s' % container) + container_found = True + # A few positional arguments: + command = '' + image = '' + + cmd = [ + docker_cmd, + 'run', + '--name', + opts.name or container + ] + for container_data in (json_data[step][container] or []): + if container_data == "environment": + for env in (json_data[step][container][container_data] or []): + arg = docker_arg_map("environment", env) + if arg: + cmd.append(arg) + elif container_data == "volumes": + for volume in (json_data[step][container][container_data] or []): + arg = docker_arg_map("volumes", volume) + if arg: + cmd.append(arg) + elif container_data == "volumes_from": + for volume in (json_data[step][container][container_data] or []): + arg = docker_arg_map("volumes_from", volume) + if arg: + cmd.append(arg) + elif container_data == 'command': + command = json_data[step][container][container_data] + elif container_data == 'image': + image = json_data[step][container][container_data] + else: + # Only add a restart if we're not interactive + if container_data == 'restart': + if opts.interactive: + continue + if container_data == 'user': + if opts.user: + continue + arg = docker_arg_map(container_data, + json_data[step][container][container_data]) + if arg: + cmd.append(arg) + + if opts.user: + cmd.append('--user') + cmd.append(opts.user) + if opts.interactive: + cmd.append('-ti') + # May as well remove it when we're done too + cmd.append('--rm') + cmd.append(image) + if opts.command: + cmd.append(opts.command) + elif command: + cmd.extend(command) + + print ' '.join(cmd) + + if opts.run: + os.execl(docker_cmd, *cmd) + + if not container_found: + print("Container '%s' not found!" % container_name) + +def list_docker_containers(opts): + print opts + with open(opts.config) as f: + json_data = json.load(f) + + for step in (json_data or []): + if step is None: + continue + print step + for container in (json_data[step] or []): + print('\tcontainer: %s' % container) + for container_data in (json_data[step][container] or []): + #print('\t\tcontainer_data: %s' % container_data) + if container_data == "start_order": + print('\t\tstart_order: %s' % json_data[step][container][container_data]) + +opts = parse_opts(sys.argv) + +if opts.container: + run_docker_container(opts, opts.container) +else: + list_docker_containers(opts) + diff --git a/docker/post.j2.yaml b/docker/post.j2.yaml index e1154a62..65d0c4ee 100644 --- a/docker/post.j2.yaml +++ b/docker/post.j2.yaml @@ -189,6 +189,24 @@ resources: docker_config: {get_param: [role_data, {{role.name}}, docker_config]} docker_image: {get_param: [role_data, {{role.name}}, docker_image]} + # Here we are dumping all the docker container startup configuration data + # so that we can have access to how they are started outside of heat + # and docker-cmd. This lets us create command line tools to start and + # test these containers. + {{role.name}}DockerConfigJsonStartupData: + type: OS::Heat::StructuredConfig + properties: + group: json-file + config: + /var/lib/docker-container-startup-configs.json: + {get_attr: [{{role.name}}DockerConfig, value]} + + {{role.name}}DockerConfigJsonStartupDataDeployment: + type: OS::Heat::SoftwareDeploymentGroup + properties: + config: {get_resource: {{role.name}}DockerConfigJsonStartupData} + servers: {get_param: [servers, {{role.name}}]} + {{role.name}}KollaJsonConfig: type: OS::Heat::StructuredConfig properties: diff --git a/environments/docker.yaml b/environments/docker.yaml index ca3715b4..88ea9521 100644 --- a/environments/docker.yaml +++ b/environments/docker.yaml @@ -1,5 +1,5 @@ resource_registry: - OS::TripleO::Compute::NodeUserData: ../docker/firstboot/setup_docker_host.yaml + OS::TripleO::NodeUserData: ../docker/firstboot/setup_docker_host.yaml #NOTE (dprince) add roles to be docker enabled as we support them OS::TripleO::Services::NovaLibvirt: ../docker/services/nova-libvirt.yaml diff --git a/environments/hyperconverged-ceph.yaml b/environments/hyperconverged-ceph.yaml index 3738072c..f59b0414 100644 --- a/environments/hyperconverged-ceph.yaml +++ b/environments/hyperconverged-ceph.yaml @@ -29,3 +29,5 @@ parameter_defaults: - OS::TripleO::Services::AuditD - OS::TripleO::Services::Collectd - OS::TripleO::Services::CephOSD + - OS::TripleO::Services::Vpp + - OS::TripleO::Services::MySQLClient diff --git a/environments/major-upgrade-composable-steps.yaml b/environments/major-upgrade-composable-steps.yaml index 9e3cddba..9ecc2251 100644 --- a/environments/major-upgrade-composable-steps.yaml +++ b/environments/major-upgrade-composable-steps.yaml @@ -7,9 +7,9 @@ parameter_defaults: # Newton to Ocata, we need to remove old hiera hook data and # install ansible heat agents and ansible-pacemaker set -eu + yum install -y openstack-heat-agents yum install -y python-heat-agent-* yum install -y ansible-pacemaker rm -f /usr/libexec/os-apply-config/templates/etc/puppet/hiera.yaml rm -f /usr/libexec/os-refresh-config/configure.d/40-hiera-datafiles rm -f /etc/puppet/hieradata/*.yaml - diff --git a/environments/services/vpp.yaml b/environments/services/vpp.yaml new file mode 100644 index 00000000..9bad70f8 --- /dev/null +++ b/environments/services/vpp.yaml @@ -0,0 +1,9 @@ +resource_registry: + OS::TripleO::Services::Vpp: ../../puppet/services/vpp.yaml + +#parameter_defaults: + #VPP main thread core pinning + #VppCpuMainCore: '1' + + #List of cores for VPP worker thread pinning + #VppCpuCorelistWorkers: ['3','4'] diff --git a/environments/undercloud.yaml b/environments/undercloud.yaml index 0fd01920..2540fbe5 100644 --- a/environments/undercloud.yaml +++ b/environments/undercloud.yaml @@ -16,3 +16,4 @@ parameter_defaults: NeutronDhcpAgentsPerNetwork: 2 HeatConvergenceEngine: false HeatMaxResourcesPerStack: -1 + HeatMaxJsonBodySize: 2097152 diff --git a/extraconfig/pre_deploy/rhel-registration/environment-rhel-registration.yaml b/extraconfig/pre_deploy/rhel-registration/environment-rhel-registration.yaml index c388358a..24557517 100644 --- a/extraconfig/pre_deploy/rhel-registration/environment-rhel-registration.yaml +++ b/extraconfig/pre_deploy/rhel-registration/environment-rhel-registration.yaml @@ -21,3 +21,7 @@ parameter_defaults: rhel_reg_type: "" rhel_reg_method: "" rhel_reg_sat_repo: "rhel-7-server-satellite-tools-6.1-rpms" + rhel_reg_http_proxy_host: "" + rhel_reg_http_proxy_port: "" + rhel_reg_http_proxy_username: "" + rhel_reg_http_proxy_password: "" diff --git a/extraconfig/pre_deploy/rhel-registration/rhel-registration.yaml b/extraconfig/pre_deploy/rhel-registration/rhel-registration.yaml index fdf2e957..e8316c53 100644 --- a/extraconfig/pre_deploy/rhel-registration/rhel-registration.yaml +++ b/extraconfig/pre_deploy/rhel-registration/rhel-registration.yaml @@ -45,6 +45,14 @@ parameters: type: string rhel_reg_sat_repo: type: string + rhel_reg_http_proxy_host: + type: string + rhel_reg_http_proxy_port: + type: string + rhel_reg_http_proxy_username: + type: string + rhel_reg_http_proxy_password: + type: string resources: @@ -71,6 +79,10 @@ resources: - name: REG_TYPE - name: REG_METHOD - name: REG_SAT_REPO + - name: REG_HTTP_PROXY_HOST + - name: REG_HTTP_PROXY_PORT + - name: REG_HTTP_PROXY_USERNAME + - name: REG_HTTP_PROXY_PASSWORD config: {get_file: scripts/rhel-registration} RHELRegistrationDeployment: @@ -99,6 +111,10 @@ resources: REG_TYPE: {get_param: rhel_reg_type} REG_METHOD: {get_param: rhel_reg_method} REG_SAT_REPO: {get_param: rhel_reg_sat_repo} + REG_HTTP_PROXY_HOST: {get_param: rhel_reg_http_proxy_host} + REG_HTTP_PROXY_PORT: {get_param: rhel_reg_http_proxy_port} + REG_HTTP_PROXY_USERNAME: {get_param: rhel_reg_http_proxy_username} + REG_HTTP_PROXY_PASSWORD: {get_param: rhel_reg_http_proxy_password} RHELUnregistration: type: OS::Heat::SoftwareConfig diff --git a/extraconfig/pre_deploy/rhel-registration/scripts/rhel-registration b/extraconfig/pre_deploy/rhel-registration/scripts/rhel-registration index 2650a967..6f83cc4b 100644 --- a/extraconfig/pre_deploy/rhel-registration/scripts/rhel-registration +++ b/extraconfig/pre_deploy/rhel-registration/scripts/rhel-registration @@ -13,10 +13,18 @@ fi retryCount=0 opts= +config_opts= attach_opts= sat5_opts= repos="repos --enable rhel-7-server-rpms" satellite_repo=${REG_SAT_REPO} +proxy_host= +proxy_port= +proxy_url= +proxy_username= +proxy_password= + +# process variables.. if [ -n "${REG_AUTO_ATTACH:-}" ]; then opts="$opts --auto-attach" @@ -97,6 +105,57 @@ if [ -n "${REG_TYPE:-}" ]; then opts="$opts --type=$REG_TYPE" fi +# Proxy settings (host and port) +if [ -n "${REG_HTTP_PROXY_HOST:-}" ]; then + proxy_host="${REG_HTTP_PROXY_HOST}" +fi + +if [ -n "${REG_HTTP_PROXY_PORT:-}" ]; then + proxy_port="${REG_HTTP_PROXY_PORT}" +fi + +# Proxy settings (user and password) +if [ -n "${REG_HTTP_PROXY_USERNAME:-}" ]; then + proxy_username="${REG_HTTP_PROXY_USERNAME}" +fi + +if [ -n "${REG_HTTP_PROXY_PASSWORD:-}" ]; then + proxy_password="${REG_HTTP_PROXY_PASSWORD}" +fi + +# Sanity Checks for proxy host/port/user/password +if [ -n "${REG_HTTP_PROXY_HOST:-}" ]; then + if [ -n "${REG_HTTP_PROXY_PORT:-}" ]; then + # Good both values are not empty + proxy_url="http://${proxy_host}:${proxy_port}" + config_opts="--server.proxy_hostname=${proxy_host} --server.proxy_port=${proxy_port}" + sat5_opts="${sat5_opts} --proxy_hostname=${proxy_url}" + echo "RHSM Proxy set to: ${proxy_url}" + if [ -n "${REG_HTTP_PROXY_USERNAME:-}" ]; then + if [ -n "${REG_HTTP_PROXY_PASSWORD:-}" ]; then + config_opts="${config_opts} --server.proxy_user=${proxy_username} --server.proxy_password=${proxy_password}" + sat5_opts="${sat5_opts} --proxyUser=${proxy_username} --proxyPassword=${proxy_password}" + else + echo "Warning: REG_HTTP_PROXY_PASSWORD cannot be null with non-empty REG_HTTP_PROXY_USERNAME! Skipping..." + proxy_username= ; proxy_password= + fi + else + if [ -n "${REG_HTTP_PROXY_PASSWORD:-}" ]; then + echo "Warning: REG_HTTP_PROXY_USERNAME cannot be null with non-empty REG_HTTP_PROXY_PASSWORD! Skipping..." + proxy_username= ; proxy_password= + fi + fi + else + echo "Warning: REG_HTTP_PROXY_PORT cannot be null with non-empty REG_HTTP_PROXY_HOST! Skipping..." + proxy_host= ; proxy_port= ; proxy_url= ; proxy_username= ; proxy_password= + fi +else + if [ -n "${REG_HTTP_PROXY_PORT:-}" ]; then + echo "Warning: REG_HTTP_PROXY_HOST cannot be null with non-empty REG_HTTP_PROXY_PORT! Skipping..." + proxy_host= ; proxy_port= ; proxy_url= ; proxy_username= ; proxy_password= + fi +fi + function retry() { if [[ $retryCount < 3 ]]; then $@ @@ -127,13 +186,34 @@ function detect_satellite_version { fi } +if [ "x${proxy_url}" != "x" ];then + # Config subscription-manager for proxy + subscription-manager config ${config_opts} + + # Config yum for proxy.. + sed -i -e '/^proxy=/d' /etc/yum.conf + echo "proxy=${proxy_url}" >> /etc/yum.conf + + # Handle optional username/password + if [ -n "${proxy_username}" ]; then + sed -i -e '/^proxy_username=/d' /etc/yum.conf + echo "proxy_username=${proxy_username}" >> /etc/yum.conf + fi + + if [ -n "${proxy_password}" ]; then + sed -i -e '/^proxy_password=/d' /etc/yum.conf + echo "proxy_password=${proxy_password}" >> /etc/yum.conf + fi + +fi + case "${REG_METHOD:-}" in portal) retry subscription-manager register $opts if [ -z "${REG_AUTO_ATTACH:-}" -a -z "${REG_ACTIVATION_KEY:-}" ]; then retry subscription-manager attach $attach_opts fi - retry subscription-manager repos --disable '*' + retry subscription-manager repos --disable='*' retry subscription-manager $repos ;; satellite) diff --git a/overcloud-resource-registry-puppet.j2.yaml b/overcloud-resource-registry-puppet.j2.yaml index 1360d0be..b811a5a3 100644 --- a/overcloud-resource-registry-puppet.j2.yaml +++ b/overcloud-resource-registry-puppet.j2.yaml @@ -248,6 +248,7 @@ resource_registry: OS::TripleO::Services::OctaviaHousekeeping: OS::Heat::None OS::TripleO::Services::OctaviaWorker: OS::Heat::None OS::TripleO::Services::MySQLClient: puppet/services/database/mysql-client.yaml + OS::TripleO::Services::Vpp: OS::Heat::None parameter_defaults: EnablePackageInstall: false diff --git a/overcloud.j2.yaml b/overcloud.j2.yaml index e9447b94..e99f770f 100644 --- a/overcloud.j2.yaml +++ b/overcloud.j2.yaml @@ -243,6 +243,12 @@ resources: NetIpMap: {get_attr: [VipMap, net_ip_map]} ServiceNetMap: {get_attr: [ServiceNetMap, service_net_map]} + EndpointMapData: + type: OS::Heat::Value + properties: + type: json + value: {get_attr: [EndpointMap, endpoint_map]} + # Jinja loop for Role in roles_data.yaml {% for role in roles %} # Resources generated for {{role.name}} Role @@ -634,7 +640,7 @@ outputs: value: true KeystoneURL: description: URL for the Overcloud Keystone service - value: {get_attr: [EndpointMap, endpoint_map, KeystonePublic, uri]} + value: {get_attr: [EndpointMapData, value, KeystonePublic, uri]} KeystoneAdminVip: description: Keystone Admin VIP endpoint value: {get_attr: [VipMap, net_ip_map, {get_attr: [ServiceNetMap, service_net_map, KeystoneAdminApiNetwork]}]} @@ -643,7 +649,7 @@ outputs: Mapping of the resources with the needed info for their endpoints. This includes the protocol used, the IP, port and also a full representation of the URI. - value: {get_attr: [EndpointMap, endpoint_map]} + value: {get_attr: [EndpointMapData, value]} HostsEntry: description: | The content that should be appended to your /etc/hosts if you want to get diff --git a/puppet/services/README.rst b/puppet/services/README.rst index 223c3ed0..f19b6cca 100644 --- a/puppet/services/README.rst +++ b/puppet/services/README.rst @@ -100,9 +100,22 @@ step, "step2" for the second, etc. Steps/tages correlate to the following: - 1) Quiesce the control-plane, e.g disable LoadBalancer, stop pacemaker cluster - - 2) Stop all control-plane services, ready for upgrade + 1) Stop all control-plane services. + + 2) Quiesce the control-plane, e.g disable LoadBalancer, stop + pacemaker cluster: this will stop the following resource: + - ocata: + - galera + - rabbit + - redis + - haproxy + - vips + - cinder-volumes + - cinder-backup + - manilla-share + - rbd-mirror + + The exact order is controlled by the cluster constraints. 3) Perform a package update and install new packages: A general upgrade is done, and only new package should go into service diff --git a/puppet/services/aodh-api.yaml b/puppet/services/aodh-api.yaml index 4bd9fc47..d7c87b61 100644 --- a/puppet/services/aodh-api.yaml +++ b/puppet/services/aodh-api.yaml @@ -87,5 +87,5 @@ outputs: get_attr: [ApacheServiceBase, role_data, metadata_settings] upgrade_tasks: - name: Stop aodh_api service (running under httpd) - tags: step2 + tags: step1 service: name=httpd state=stopped diff --git a/puppet/services/aodh-evaluator.yaml b/puppet/services/aodh-evaluator.yaml index 56dbb558..900eb687 100644 --- a/puppet/services/aodh-evaluator.yaml +++ b/puppet/services/aodh-evaluator.yaml @@ -45,5 +45,5 @@ outputs: shell: /usr/bin/systemctl show 'openstack-aodh-evaluator' --property ActiveState | grep '\bactive\b' tags: step0,validation - name: Stop aodh_evaluator service - tags: step2 + tags: step1 service: name=openstack-aodh-evaluator state=stopped diff --git a/puppet/services/aodh-listener.yaml b/puppet/services/aodh-listener.yaml index 76db0ca8..c5dc4731 100644 --- a/puppet/services/aodh-listener.yaml +++ b/puppet/services/aodh-listener.yaml @@ -45,5 +45,5 @@ outputs: shell: /usr/bin/systemctl show 'openstack-aodh-listener' --property ActiveState | grep '\bactive\b' tags: step0,validation - name: Stop aodh_listener service - tags: step2 + tags: step1 service: name=openstack-aodh-listener state=stopped diff --git a/puppet/services/aodh-notifier.yaml b/puppet/services/aodh-notifier.yaml index 30c67635..3a225752 100644 --- a/puppet/services/aodh-notifier.yaml +++ b/puppet/services/aodh-notifier.yaml @@ -45,5 +45,5 @@ outputs: shell: /usr/bin/systemctl show 'openstack-aodh-notifier' --property ActiveState | grep '\bactive\b' tags: step0,validation - name: Stop aodh_notifier service - tags: step2 + tags: step1 service: name=openstack-aodh-notifier state=stopped diff --git a/puppet/services/auditd.yaml b/puppet/services/auditd.yaml index 639631e1..a0535ae7 100644 --- a/puppet/services/auditd.yaml +++ b/puppet/services/auditd.yaml @@ -32,3 +32,18 @@ outputs: auditd::rules: {get_param: AuditdRules} step_config: | include ::tripleo::profile::base::auditd + upgrade_tasks: + - name: Check if auditd is deployed + command: systemctl is-enabled auditd + tags: step0,validation + ignore_errors: True + register: auditd_enabled + - name: "PreUpgrade step0,validation: Check if auditd is running" + shell: > + /usr/bin/systemctl show 'auditd' --property ActiveState | + grep '\bactive\b' + when: auditd_enabled.rc == 0 + tags: step0,validation + - name: Stop auditd service + tags: step2 + service: name=auditd state=stopped diff --git a/puppet/services/ceilometer-agent-central.yaml b/puppet/services/ceilometer-agent-central.yaml index cf8a8a8e..e611e020 100644 --- a/puppet/services/ceilometer-agent-central.yaml +++ b/puppet/services/ceilometer-agent-central.yaml @@ -52,12 +52,13 @@ outputs: map_merge: - get_attr: [CeilometerServiceBase, role_data, config_settings] - ceilometer_redis_password: {get_param: RedisPassword} + central_namespace: true step_config: | - include ::tripleo::profile::base::ceilometer::agent::central + include ::tripleo::profile::base::ceilometer::agent::polling upgrade_tasks: - name: "PreUpgrade step0,validation: Check service openstack-ceilometer-central is running" shell: /usr/bin/systemctl show 'openstack-ceilometer-central' --property ActiveState | grep '\bactive\b' tags: step0,validation - name: Stop ceilometer_agent_central service - tags: step2 + tags: step1 service: name=openstack-ceilometer-central state=stopped diff --git a/puppet/services/ceilometer-agent-compute.yaml b/puppet/services/ceilometer-agent-compute.yaml index 00042914..75c7cb36 100644 --- a/puppet/services/ceilometer-agent-compute.yaml +++ b/puppet/services/ceilometer-agent-compute.yaml @@ -46,12 +46,13 @@ outputs: map_merge: - get_attr: [CeilometerServiceBase, role_data, config_settings] - ceilometer::agent::compute::instance_discovery_method: {get_param: InstanceDiscoveryMethod} + compute_namespace: true step_config: | - include ::tripleo::profile::base::ceilometer::agent::compute + include ::tripleo::profile::base::ceilometer::agent::polling upgrade_tasks: - name: "PreUpgrade step0,validation: Check service openstack-ceilometer-compute is running" shell: /usr/bin/systemctl show 'openstack-ceilometer-compute' --property ActiveState | grep '\bactive\b' tags: step0,validation - name: Stop ceilometer_agent_compute service - tags: step2 + tags: step1 service: name=openstack-ceilometer-compute state=stopped diff --git a/puppet/services/ceilometer-agent-notification.yaml b/puppet/services/ceilometer-agent-notification.yaml index 760acd65..429fe222 100644 --- a/puppet/services/ceilometer-agent-notification.yaml +++ b/puppet/services/ceilometer-agent-notification.yaml @@ -54,5 +54,5 @@ outputs: shell: /usr/bin/systemctl show 'openstack-ceilometer-notification' --property ActiveState | grep '\bactive\b' tags: step0,validation - name: Stop ceilometer_agent_notification service - tags: step2 + tags: step1 service: name=openstack-ceilometer-notification state=stopped diff --git a/puppet/services/ceilometer-api.yaml b/puppet/services/ceilometer-api.yaml index 741f8da1..f5ee9d40 100644 --- a/puppet/services/ceilometer-api.yaml +++ b/puppet/services/ceilometer-api.yaml @@ -94,5 +94,5 @@ outputs: get_attr: [ApacheServiceBase, role_data, metadata_settings] upgrade_tasks: - name: Stop ceilometer_api service (running under httpd) - tags: step2 + tags: step1 service: name=httpd state=stopped diff --git a/puppet/services/ceilometer-collector.yaml b/puppet/services/ceilometer-collector.yaml index a219f9eb..3dc3340e 100644 --- a/puppet/services/ceilometer-collector.yaml +++ b/puppet/services/ceilometer-collector.yaml @@ -64,5 +64,5 @@ outputs: shell: /usr/bin/systemctl show 'openstack-ceilometer-collector' --property ActiveState | grep '\bactive\b' tags: step0,validation - name: Stop ceilometer_collector service - tags: step2 + tags: step1 service: name=openstack-ceilometer-collector state=stopped diff --git a/puppet/services/cinder-api.yaml b/puppet/services/cinder-api.yaml index 8c5a07ac..52c46568 100644 --- a/puppet/services/cinder-api.yaml +++ b/puppet/services/cinder-api.yaml @@ -86,7 +86,8 @@ outputs: cinder::keystone::authtoken::project_name: 'service' cinder::api::enable_proxy_headers_parsing: true - cinder::api::nova_catalog_info: 'compute:Compute Service:internalURL' + cinder::api::nova_catalog_info: 'compute:nova:internalURL' + cinder::api::nova_catalog_admin_info: 'compute:nova:adminURL' # TODO(emilien) move it to puppet-cinder cinder::config: DEFAULT/swift_catalog_info: @@ -153,14 +154,14 @@ outputs: shell: /usr/bin/systemctl show 'openstack-cinder-api' --property ActiveState | grep '\bactive\b' tags: step0,validation - name: check for cinder running under apache (post upgrade) - tags: step2 + tags: step1 shell: "apachectl -t -D DUMP_VHOSTS | grep -q cinder" register: cinder_apache ignore_errors: true - name: Stop cinder_api service (running under httpd) - tags: step2 + tags: step1 service: name=httpd state=stopped when: "cinder_apache.rc == 0" - name: Stop and disable cinder_api service (pre-upgrade not under httpd) - tags: step2 + tags: step1 service: name=openstack-cinder-api state=stopped enabled=no diff --git a/puppet/services/cinder-scheduler.yaml b/puppet/services/cinder-scheduler.yaml index f102810e..63a4f169 100644 --- a/puppet/services/cinder-scheduler.yaml +++ b/puppet/services/cinder-scheduler.yaml @@ -56,5 +56,5 @@ outputs: shell: /usr/bin/systemctl show 'openstack-cinder-scheduler' --property ActiveState | grep '\bactive\b' tags: step0,validation - name: Stop cinder_scheduler service - tags: step2 + tags: step1 service: name=openstack-cinder-scheduler state=stopped diff --git a/puppet/services/cinder-volume.yaml b/puppet/services/cinder-volume.yaml index 3a06afb8..74efaade 100644 --- a/puppet/services/cinder-volume.yaml +++ b/puppet/services/cinder-volume.yaml @@ -120,5 +120,5 @@ outputs: shell: /usr/bin/systemctl show 'openstack-cinder-volume' --property ActiveState | grep '\bactive\b' tags: step0,validation - name: Stop cinder_volume service - tags: step2 + tags: step1 service: name=openstack-cinder-volume state=stopped diff --git a/puppet/services/congress.yaml b/puppet/services/congress.yaml index 6855a838..a878b52c 100644 --- a/puppet/services/congress.yaml +++ b/puppet/services/congress.yaml @@ -65,9 +65,6 @@ outputs: - {get_param: [EndpointMap, MysqlInternal, host]} - '/congress' - '?read_default_file=/etc/my.cnf.d/tripleo.cnf&read_default_group=tripleo' - congress::keystone::auth::tenant: 'service' - congress::keystone::auth::password: {get_param: CongressPassword} - congress::keystone::authtoken::auth_uri: {get_param: [EndpointMap, KeystoneInternal, uri]} congress::debug: {get_param: Debug} congress::rpc_backend: rabbit congress::rabbit_userid: {get_param: RabbitUserName} @@ -76,6 +73,10 @@ outputs: congress::rabbit_port: {get_param: RabbitClientPort} congress::server::bind_host: {get_param: [ServiceNetMap, CongressApiNetwork]} + congress::keystone::authtoken::project_name: 'service' + congress::keystone::authtoken::auth_url: {get_param: [EndpointMap, KeystoneAdmin, uri_no_suffix]} + congress::keystone::authtoken::auth_uri: {get_param: [EndpointMap, KeystoneInternal, uri]} + congress::db::mysql::password: {get_param: CongressPassword} congress::db::mysql::user: congress congress::db::mysql::host: {get_param: [EndpointMap, MysqlInternal, host_nobrackets]} @@ -84,6 +85,13 @@ outputs: - '%' - {get_param: [EndpointMap, MysqlInternal, host_nobrackets]} + service_config_settings: + keystone: + congress::keystone::auth::tenant: 'service' + congress::keystone::auth::password: {get_param: CongressPassword} + congress::keystone::auth::public_url: {get_param: [EndpointMap, CongressPublic, uri]} + congress::keystone::auth::internal_url: {get_param: [EndpointMap, CongressInternal, uri]} + congress::keystone::auth::admin_url: {get_param: [EndpointMap, CongressAdmin, uri]} step_config: | include ::tripleo::profile::base::congress @@ -93,5 +101,5 @@ outputs: shell: /usr/bin/systemctl show 'openstack-congress-server' --property ActiveState | grep '\bactive\b' tags: step0,validation - name: Stop congress service - tags: step2 + tags: step1 service: name=openstack-congress-server state=stopped diff --git a/puppet/services/database/mysql-client.yaml b/puppet/services/database/mysql-client.yaml index 1415391c..78456e28 100644 --- a/puppet/services/database/mysql-client.yaml +++ b/puppet/services/database/mysql-client.yaml @@ -18,6 +18,9 @@ parameters: description: Mapping of service endpoint -> protocol. Typically set via parameter_defaults in the resource registry. type: json + EnableInternalTLS: + type: boolean + default: false outputs: role_data: @@ -25,6 +28,7 @@ outputs: value: service_name: mysql_client config_settings: - tripleo::profile::base:database::mysql::client_bind_address: {get_param: [ServiceNetMap, MysqlNetwork]} + tripleo::profile::base::database::mysql::client::mysql_client_bind_address: {get_param: [ServiceNetMap, MysqlNetwork]} + tripleo::profile::base::database::mysql::client::enable_ssl: {get_param: EnableInternalTLS} step_config: | include ::tripleo::profile::base::database::mysql::client diff --git a/puppet/services/disabled/glance-registry.yaml b/puppet/services/disabled/glance-registry.yaml index 4d22bddc..7bf4a1fd 100644 --- a/puppet/services/disabled/glance-registry.yaml +++ b/puppet/services/disabled/glance-registry.yaml @@ -26,5 +26,5 @@ outputs: service_name: glance_registry upgrade_tasks: - name: Stop and disable glance_registry service on upgrade - tags: step2 + tags: step1 service: name=openstack-glance-registry state=stopped enabled=no diff --git a/puppet/services/ec2-api.yaml b/puppet/services/ec2-api.yaml index bb10140e..090e0c4d 100644 --- a/puppet/services/ec2-api.yaml +++ b/puppet/services/ec2-api.yaml @@ -115,3 +115,19 @@ outputs: ec2api::db::mysql::allowed_hosts: - '%' - "%{hiera('mysql_bind_host')}" + upgrade_tasks: + - name: Check if ec2-api is deployed + command: systemctl is-enabled openstack-ec2-api + tags: step0,validation + ignore_errors: True + register: ec2_api_enabled + - name: "PreUpgrade step0,validation: Check if openstack-ec2-api is running" + shell: > + /usr/bin/systemctl show 'openstack-ec2-api' --property ActiveState | + grep '\bactive\b' + when: ec2_api_enabled.rc == 0 + tags: step0,validation + - name: Stop openstack-ec2-api service + tags: step1 + service: name=openstack-ec2-api state=stopped + diff --git a/puppet/services/glance-api.yaml b/puppet/services/glance-api.yaml index d26d96aa..89f2ee84 100644 --- a/puppet/services/glance-api.yaml +++ b/puppet/services/glance-api.yaml @@ -141,8 +141,8 @@ outputs: shell: /usr/bin/systemctl show 'openstack-glance-api' --property ActiveState | grep '\bactive\b' tags: step0,validation - name: Stop glance_api service - tags: step2 + tags: step1 service: name=openstack-glance-api state=stopped - name: Stop and disable glance registry (removed for Ocata) - tags: step2 + tags: step1 service: name=openstack-glance-registry state=stopped enabled=no diff --git a/puppet/services/gnocchi-api.yaml b/puppet/services/gnocchi-api.yaml index 22c0967e..08a939a6 100644 --- a/puppet/services/gnocchi-api.yaml +++ b/puppet/services/gnocchi-api.yaml @@ -129,5 +129,5 @@ outputs: get_attr: [ApacheServiceBase, role_data, metadata_settings] upgrade_tasks: - name: Stop gnocchi_api service (running under httpd) - tags: step2 + tags: step1 service: name=httpd state=stopped diff --git a/puppet/services/gnocchi-metricd.yaml b/puppet/services/gnocchi-metricd.yaml index 1337b0cb..14fca137 100644 --- a/puppet/services/gnocchi-metricd.yaml +++ b/puppet/services/gnocchi-metricd.yaml @@ -51,5 +51,5 @@ outputs: shell: /usr/bin/systemctl show 'openstack-gnocchi-metricd' --property ActiveState | grep '\bactive\b' tags: step0,validation - name: Stop gnocchi_metricd service - tags: step2 + tags: step1 service: name=openstack-gnocchi-metricd state=stopped diff --git a/puppet/services/gnocchi-statsd.yaml b/puppet/services/gnocchi-statsd.yaml index 41222a79..5f24bc5d 100644 --- a/puppet/services/gnocchi-statsd.yaml +++ b/puppet/services/gnocchi-statsd.yaml @@ -50,5 +50,5 @@ outputs: shell: /usr/bin/systemctl show 'openstack-gnocchi-statsd' --property ActiveState | grep '\bactive\b' tags: step0,validation - name: Stop gnocchi_statsd service - tags: step2 + tags: step1 service: name=openstack-gnocchi-statsd state=stopped diff --git a/puppet/services/haproxy.yaml b/puppet/services/haproxy.yaml index 358698dd..7c7df34f 100644 --- a/puppet/services/haproxy.yaml +++ b/puppet/services/haproxy.yaml @@ -82,7 +82,7 @@ outputs: shell: /usr/bin/systemctl show 'haproxy' --property ActiveState | grep '\bactive\b' tags: step0,validation - name: Stop haproxy service - tags: step1 + tags: step2 service: name=haproxy state=stopped - name: Start haproxy service tags: step4 # Needed at step 4 for mysql diff --git a/puppet/services/heat-api-cfn.yaml b/puppet/services/heat-api-cfn.yaml index 3ae4cc70..7908baae 100644 --- a/puppet/services/heat-api-cfn.yaml +++ b/puppet/services/heat-api-cfn.yaml @@ -89,5 +89,5 @@ outputs: shell: /usr/bin/systemctl show 'openstack-heat-api-cfn' --property ActiveState | grep '\bactive\b' tags: step0,validation - name: Stop heat_api_cfn service - tags: step2 + tags: step1 service: name=openstack-heat-api-cfn state=stopped diff --git a/puppet/services/heat-api-cloudwatch.yaml b/puppet/services/heat-api-cloudwatch.yaml index 56183535..bc21fd3b 100644 --- a/puppet/services/heat-api-cloudwatch.yaml +++ b/puppet/services/heat-api-cloudwatch.yaml @@ -71,5 +71,5 @@ outputs: shell: /usr/bin/systemctl show 'openstack-heat-api-cloudwatch' --property ActiveState | grep '\bactive\b' tags: step0,validation - name: Stop heat_api_cloudwatch service - tags: step2 + tags: step1 service: name=openstack-heat-api-cloudwatch state=stopped diff --git a/puppet/services/heat-api.yaml b/puppet/services/heat-api.yaml index 38c5b479..7eb4739c 100644 --- a/puppet/services/heat-api.yaml +++ b/puppet/services/heat-api.yaml @@ -89,5 +89,5 @@ outputs: shell: /usr/bin/systemctl show 'openstack-heat-api' --property ActiveState | grep '\bactive\b' tags: step0,validation - name: Stop heat_api service - tags: step2 + tags: step1 service: name=openstack-heat-api state=stopped diff --git a/puppet/services/heat-base.yaml b/puppet/services/heat-base.yaml index b4d314f4..e83a9edd 100644 --- a/puppet/services/heat-base.yaml +++ b/puppet/services/heat-base.yaml @@ -99,6 +99,10 @@ parameters: description: > Cron to purge db entries marked as deleted and older than $age - Log destination default: '/dev/null' + HeatMaxJsonBodySize: + default: 1048576 + description: Maximum raw byte size of the Heat API JSON request body. + type: number outputs: role_data: @@ -142,6 +146,7 @@ outputs: heat::cron::purge_deleted::age: {get_param: HeatCronPurgeDeletedAge} heat::cron::purge_deleted::age_type: {get_param: HeatCronPurgeDeletedAgeType} heat::cron::purge_deleted::destination: {get_param: HeatCronPurgeDeletedDestination} + heat::max_json_body_size: {get_param: HeatMaxJsonBodySize} service_config_settings: keystone: tripleo::profile::base::keystone::heat_admin_domain: 'heat_stack' diff --git a/puppet/services/heat-engine.yaml b/puppet/services/heat-engine.yaml index 7787d0a7..41974323 100644 --- a/puppet/services/heat-engine.yaml +++ b/puppet/services/heat-engine.yaml @@ -141,5 +141,5 @@ outputs: shell: /usr/bin/systemctl show 'openstack-heat-engine' --property ActiveState | grep '\bactive\b' tags: step0,validation - name: Stop heat_engine service - tags: step2 + tags: step1 service: name=openstack-heat-engine state=stopped diff --git a/puppet/services/horizon.yaml b/puppet/services/horizon.yaml index 2111021b..9fa72a3b 100644 --- a/puppet/services/horizon.yaml +++ b/puppet/services/horizon.yaml @@ -96,3 +96,19 @@ outputs: - horizon::django_debug: {get_param: Debug} step_config: | include ::tripleo::profile::base::horizon + # Ansible tasks to handle upgrade + upgrade_tasks: + - name: Check if httpd is deployed + command: systemctl is-enabled httpd + tags: step0,validation + ignore_errors: True + register: httpd_enabled + - name: "PreUpgrade step0,validation: Check if httpd is running" + shell: > + /usr/bin/systemctl show 'httpd' --property ActiveState | + grep '\bactive\b' + when: httpd_enabled.rc == 0 + tags: step0,validation + - name: Stop Horizon (under httpd) + tags: step1 + service: name=httpd state=stopped diff --git a/puppet/services/ironic-api.yaml b/puppet/services/ironic-api.yaml index a84df538..7aab6f8d 100644 --- a/puppet/services/ironic-api.yaml +++ b/puppet/services/ironic-api.yaml @@ -88,5 +88,5 @@ outputs: - "%{hiera('mysql_bind_host')}" upgrade_tasks: - name: Stop ironic_api service - tags: step2 + tags: step1 service: name=openstack-ironic-api state=stopped diff --git a/puppet/services/ironic-conductor.yaml b/puppet/services/ironic-conductor.yaml index 739db13c..f9547bef 100644 --- a/puppet/services/ironic-conductor.yaml +++ b/puppet/services/ironic-conductor.yaml @@ -109,5 +109,5 @@ outputs: include ::tripleo::profile::base::ironic::conductor upgrade_tasks: - name: Stop ironic_conductor service - tags: step2 + tags: step1 service: name=openstack-ironic-conductor state=stopped diff --git a/puppet/services/keystone.yaml b/puppet/services/keystone.yaml index 9c4cc60f..f40c8d99 100644 --- a/puppet/services/keystone.yaml +++ b/puppet/services/keystone.yaml @@ -226,6 +226,7 @@ outputs: keystone::endpoint::internal_url: {get_param: [EndpointMap, KeystoneInternal, uri_no_suffix]} keystone::endpoint::admin_url: {get_param: [EndpointMap, KeystoneAdmin, uri_no_suffix]} keystone::endpoint::region: {get_param: KeystoneRegion} + keystone::endpoint::version: '' keystone_enable_db_purge: {get_param: KeystoneEnableDBPurge} keystone::rabbit_heartbeat_timeout_threshold: 60 keystone::cron::token_flush::maxdelay: 3600 @@ -307,7 +308,7 @@ outputs: # Ansible tasks to handle upgrade upgrade_tasks: - name: Stop keystone service (running under httpd) - tags: step2 + tags: step1 service: name=httpd state=stopped metadata_settings: get_attr: [ApacheServiceBase, role_data, metadata_settings] diff --git a/puppet/services/logging/fluentd-client.yaml b/puppet/services/logging/fluentd-client.yaml index 94c63d33..490ccbee 100644 --- a/puppet/services/logging/fluentd-client.yaml +++ b/puppet/services/logging/fluentd-client.yaml @@ -69,5 +69,5 @@ outputs: grep '\bactive\b' tags: step0,validation - name: Stop fluentd service - tags: step2 + tags: step1 service: name=fluentd state=stopped diff --git a/puppet/services/metrics/collectd.yaml b/puppet/services/metrics/collectd.yaml index a3e3b842..da596656 100644 --- a/puppet/services/metrics/collectd.yaml +++ b/puppet/services/metrics/collectd.yaml @@ -116,5 +116,5 @@ outputs: grep '\bactive\b' tags: step0,validation - name: Stop collectd service - tags: step2 + tags: step1 service: name=collectd state=stopped diff --git a/puppet/services/monitoring/sensu-client.yaml b/puppet/services/monitoring/sensu-client.yaml index d74a68a2..c0826549 100644 --- a/puppet/services/monitoring/sensu-client.yaml +++ b/puppet/services/monitoring/sensu-client.yaml @@ -69,5 +69,5 @@ outputs: grep '\bactive\b' tags: step0,validation - name: Stop sensu-client service - tags: step2 + tags: step1 service: name=sensu-client state=stopped diff --git a/puppet/services/neutron-api.yaml b/puppet/services/neutron-api.yaml index 4d671e15..cb6317d2 100644 --- a/puppet/services/neutron-api.yaml +++ b/puppet/services/neutron-api.yaml @@ -193,5 +193,5 @@ outputs: shell: /usr/bin/systemctl show 'neutron-server' --property ActiveState | grep '\bactive\b' tags: step0,validation - name: Stop neutron_api service - tags: step2 + tags: step1 service: name=neutron-server state=stopped diff --git a/puppet/services/neutron-dhcp.yaml b/puppet/services/neutron-dhcp.yaml index 062edaa4..b31933f6 100644 --- a/puppet/services/neutron-dhcp.yaml +++ b/puppet/services/neutron-dhcp.yaml @@ -84,5 +84,5 @@ outputs: shell: /usr/bin/systemctl show 'neutron-dhcp-agent' --property ActiveState | grep '\bactive\b' tags: step0,validation - name: Stop neutron_dhcp service - tags: step2 + tags: step1 service: name=neutron-dhcp-agent state=stopped diff --git a/puppet/services/neutron-l3.yaml b/puppet/services/neutron-l3.yaml index 4fa49275..572c89a5 100644 --- a/puppet/services/neutron-l3.yaml +++ b/puppet/services/neutron-l3.yaml @@ -89,5 +89,5 @@ outputs: shell: /usr/bin/systemctl show 'neutron-l3-agent' --property ActiveState | grep '\bactive\b' tags: step0,validation - name: Stop neutron_l3 service - tags: step2 + tags: step1 service: name=neutron-l3-agent state=stopped diff --git a/puppet/services/neutron-metadata.yaml b/puppet/services/neutron-metadata.yaml index 6f5debdd..f936ecdb 100644 --- a/puppet/services/neutron-metadata.yaml +++ b/puppet/services/neutron-metadata.yaml @@ -80,5 +80,5 @@ outputs: shell: /usr/bin/systemctl show 'neutron-metadata-agent' --property ActiveState | grep '\bactive\b' tags: step0,validation - name: Stop neutron_metadata service - tags: step2 + tags: step1 service: name=neutron-metadata-agent state=stopped diff --git a/puppet/services/neutron-ovs-agent.yaml b/puppet/services/neutron-ovs-agent.yaml index c27bb909..25bd5b53 100644 --- a/puppet/services/neutron-ovs-agent.yaml +++ b/puppet/services/neutron-ovs-agent.yaml @@ -125,5 +125,5 @@ outputs: shell: /usr/bin/systemctl show 'neutron-openvswitch-agent' --property ActiveState | grep '\bactive\b' tags: step0,validation - name: Stop neutron_ovs_agent service - tags: step2 + tags: step1 service: name=neutron-openvswitch-agent state=stopped diff --git a/puppet/services/nova-compute.yaml b/puppet/services/nova-compute.yaml index 9923e833..d208bede 100644 --- a/puppet/services/nova-compute.yaml +++ b/puppet/services/nova-compute.yaml @@ -152,7 +152,7 @@ outputs: collectd::plugins::virt::connection: "qemu:///system" upgrade_tasks: - name: Stop nova-compute service - tags: step2 + tags: step1 service: name=openstack-nova-compute state=stopped # If not already set by puppet (e.g a pre-ocata version), set the # upgrade_level for compute to "auto" diff --git a/puppet/services/nova-conductor.yaml b/puppet/services/nova-conductor.yaml index a19d0f8d..4574cae8 100644 --- a/puppet/services/nova-conductor.yaml +++ b/puppet/services/nova-conductor.yaml @@ -67,12 +67,12 @@ outputs: include tripleo::profile::base::nova::conductor upgrade_tasks: - name: Stop nova_conductor service - tags: step2 + tags: step1 service: name=openstack-nova-conductor state=stopped # If not already set by puppet (e.g a pre-ocata version), set the # upgrade_level for compute to "auto" - name: Set compute upgrade level to auto - tags: step2 + tags: step1 ini_file: str_replace: template: "dest=/etc/nova/nova.conf section=upgrade_levels option=compute value=LEVEL" diff --git a/puppet/services/nova-consoleauth.yaml b/puppet/services/nova-consoleauth.yaml index b5a1312a..82f329bc 100644 --- a/puppet/services/nova-consoleauth.yaml +++ b/puppet/services/nova-consoleauth.yaml @@ -50,5 +50,5 @@ outputs: include tripleo::profile::base::nova::consoleauth upgrade_tasks: - name: Stop nova_consoleauth service - tags: step2 + tags: step1 service: name=openstack-nova-consoleauth state=stopped diff --git a/puppet/services/nova-placement.yaml b/puppet/services/nova-placement.yaml index 3ae19a67..b59e2fc6 100644 --- a/puppet/services/nova-placement.yaml +++ b/puppet/services/nova-placement.yaml @@ -124,7 +124,7 @@ outputs: - "%{hiera('mysql_bind_host')}" upgrade_tasks: - name: Stop nova_placement service (running under httpd) - tags: step2 + tags: step1 service: name=httpd state=stopped # The nova placement API isn't installed in newton images, so install # it on upgrade diff --git a/puppet/services/nova-scheduler.yaml b/puppet/services/nova-scheduler.yaml index e08bf182..e4b6bb43 100644 --- a/puppet/services/nova-scheduler.yaml +++ b/puppet/services/nova-scheduler.yaml @@ -65,5 +65,5 @@ outputs: include tripleo::profile::base::nova::scheduler upgrade_tasks: - name: Stop nova_scheduler service - tags: step2 + tags: step1 service: name=openstack-nova-scheduler state=stopped diff --git a/puppet/services/nova-vnc-proxy.yaml b/puppet/services/nova-vnc-proxy.yaml index f6cf9649..42335ade 100644 --- a/puppet/services/nova-vnc-proxy.yaml +++ b/puppet/services/nova-vnc-proxy.yaml @@ -66,5 +66,5 @@ outputs: include tripleo::profile::base::nova::vncproxy upgrade_tasks: - name: Stop nova_vnc_proxy service - tags: step2 + tags: step1 service: name=openstack-nova-consoleauth state=stopped diff --git a/puppet/services/opendaylight-api.yaml b/puppet/services/opendaylight-api.yaml index 0ed9d206..1e7aa479 100644 --- a/puppet/services/opendaylight-api.yaml +++ b/puppet/services/opendaylight-api.yaml @@ -17,6 +17,10 @@ parameters: type: string description: The password for the opendaylight server. hidden: true + OpenDaylightConnectionProtocol: + description: L7 protocol used for REST access + type: string + default: 'http' OpenDaylightEnableDHCP: description: Knob to enable/disable ODL DHCP Server type: boolean @@ -55,6 +59,7 @@ outputs: opendaylight::extra_features: {get_param: OpenDaylightFeatures} opendaylight::enable_dhcp: {get_param: OpenDaylightEnableDHCP} opendaylight::odl_bind_ip: {get_param: [ServiceNetMap, OpendaylightApiNetwork]} + opendaylight::nb_connection_protocol: {get_param: OpenDayLightConnectionProtocol} tripleo.opendaylight_api.firewall_rules: '137 opendaylight api': dport: diff --git a/puppet/services/pacemaker.yaml b/puppet/services/pacemaker.yaml index 9398d6b5..5be58c18 100644 --- a/puppet/services/pacemaker.yaml +++ b/puppet/services/pacemaker.yaml @@ -136,7 +136,7 @@ outputs: tags: step0,validation pacemaker_cluster: state=online check_and_fail=true - name: Stop pacemaker cluster - tags: step1 + tags: step2 pacemaker_cluster: state=offline - name: Start pacemaker cluster tags: step4 diff --git a/puppet/services/panko-api.yaml b/puppet/services/panko-api.yaml index 4b74ad45..fc127a27 100644 --- a/puppet/services/panko-api.yaml +++ b/puppet/services/panko-api.yaml @@ -84,3 +84,9 @@ outputs: include tripleo::profile::base::panko::api metadata_settings: get_attr: [ApacheServiceBase, role_data, metadata_settings] + upgrade_tasks: + # The panko API isn't installed in newton images, so install + # it on upgrade + - name: Install openstack-panko-api packages on upgrade + tags: step3 + yum: name=openstack-panko-api state=latest diff --git a/puppet/services/sahara-api.yaml b/puppet/services/sahara-api.yaml index 8573ea81..96b3d6e3 100644 --- a/puppet/services/sahara-api.yaml +++ b/puppet/services/sahara-api.yaml @@ -92,5 +92,5 @@ outputs: - "%{hiera('mysql_bind_host')}" upgrade_tasks: - name: Stop sahara_api service - tags: step2 + tags: step1 service: name=openstack-sahara-api state=stopped diff --git a/puppet/services/sahara-engine.yaml b/puppet/services/sahara-engine.yaml index 176514ec..c0b6b3e6 100644 --- a/puppet/services/sahara-engine.yaml +++ b/puppet/services/sahara-engine.yaml @@ -51,5 +51,5 @@ outputs: include ::tripleo::profile::base::sahara::engine upgrade_tasks: - name: Stop sahara_engine service - tags: step2 + tags: step1 service: name=openstack-sahara-engine state=stopped diff --git a/puppet/services/snmp.yaml b/puppet/services/snmp.yaml index fd6ed818..80c29f95 100644 --- a/puppet/services/snmp.yaml +++ b/puppet/services/snmp.yaml @@ -45,5 +45,5 @@ outputs: include ::tripleo::profile::base::snmp upgrade_tasks: - name: Stop snmp service - tags: step2 + tags: step1 service: name=snmpd state=stopped diff --git a/puppet/services/swift-proxy.yaml b/puppet/services/swift-proxy.yaml index c941b598..9b0d2de1 100644 --- a/puppet/services/swift-proxy.yaml +++ b/puppet/services/swift-proxy.yaml @@ -167,5 +167,5 @@ outputs: - ResellerAdmin upgrade_tasks: - name: Stop swift_proxy service - tags: step2 + tags: step1 service: name=openstack-swift-proxy state=stopped diff --git a/puppet/services/swift-storage.yaml b/puppet/services/swift-storage.yaml index 247b23ff..261aadeb 100644 --- a/puppet/services/swift-storage.yaml +++ b/puppet/services/swift-storage.yaml @@ -103,7 +103,7 @@ outputs: include ::tripleo::profile::base::swift::storage upgrade_tasks: - name: Stop swift storage services - tags: step2 + tags: step1 service: name={{ item }} state=stopped with_items: - openstack-swift-account-auditor diff --git a/puppet/services/tacker.yaml b/puppet/services/tacker.yaml index 6ceb9f19..a690a317 100644 --- a/puppet/services/tacker.yaml +++ b/puppet/services/tacker.yaml @@ -93,5 +93,5 @@ outputs: shell: /usr/bin/systemctl show 'openstack-tacker-server' --property ActiveState | grep '\bactive\b' tags: step0,validation - name: Stop tacker service - tags: step2 + tags: step1 service: name=openstack-tacker-server state=stopped diff --git a/puppet/services/vpp.yaml b/puppet/services/vpp.yaml new file mode 100644 index 00000000..59866d39 --- /dev/null +++ b/puppet/services/vpp.yaml @@ -0,0 +1,47 @@ +heat_template_version: ocata + +description: > + Vpp service configured with Puppet + +parameters: + ServiceNetMap: + default: {} + description: Mapping of service_name -> network name. Typically set + via parameter_defaults in the resource registry. This + mapping overrides those in ServiceNetMapDefaults. + type: json + DefaultPasswords: + default: {} + type: json + EndpointMap: + default: {} + description: Mapping of service endpoint -> protocol. Typically set + via parameter_defaults in the resource registry. + type: json + VppCpuMainCore: + default: '' + description: VPP main thread core pinning. + type: string + VppCpuCorelistWorkers: + default: '' + description: List of cores for VPP worker thread pinning + type: string + MonitoringSubscriptionVpp: + default: 'overcloud-vpp' + type: string + +outputs: + role_data: + description: Role data for the Vpp role. + value: + service_name: vpp + monitoring_subscription: {get_param: MonitoringSubscriptionVpp} + config_settings: + fdio::vpp_cpu_main_core: {get_param: VppCpuMainCore} + fdio::vpp_cpu_corelist_workers: {get_param: VppCpuCorelistWorkers} + step_config: | + include ::tripleo::profile::base::vpp + upgrade_tasks: + - name: Stop vpp service + tags: step2 + service: name=vpp state=stopped diff --git a/puppet/services/zaqar.yaml b/puppet/services/zaqar.yaml index cb860fa8..bc3a51c2 100644 --- a/puppet/services/zaqar.yaml +++ b/puppet/services/zaqar.yaml @@ -64,3 +64,18 @@ outputs: step_config: | include ::tripleo::profile::base::zaqar + upgrade_tasks: + - name: Check if zaqar is deployed + command: systemctl is-enabled openstack-zaqar + tags: step0,validation + ignore_errors: True + register: zaqar_enabled + - name: "PreUpgrade step0,validation: Check if openstack-zaqar is running" + shell: > + /usr/bin/systemctl show 'openstack-zaqar' --property ActiveState | + grep '\bactive\b' + when: zaqar_enabled.rc == 0 + tags: step0,validation + - name: Stop zaqar service + tags: step1 + service: name=openstack-zaqar state=stopped diff --git a/releasenotes/notes/vpp-84d35e51ff62a58c.yaml b/releasenotes/notes/vpp-84d35e51ff62a58c.yaml new file mode 100644 index 00000000..b78df17d --- /dev/null +++ b/releasenotes/notes/vpp-84d35e51ff62a58c.yaml @@ -0,0 +1,6 @@ +--- +features: + - Add the ability to deploy VPP. Vector Packet Processing (VPP) is a high + performance packet processing stack that runs in user space in Linux. + VPP is used as an alternative to kernel networking stack for + accelerated network data path. diff --git a/roles_data.yaml b/roles_data.yaml index 9e3b0a18..95b25d98 100644 --- a/roles_data.yaml +++ b/roles_data.yaml @@ -125,6 +125,7 @@ - OS::TripleO::Services::OctaviaHealthManager - OS::TripleO::Services::OctaviaHousekeeping - OS::TripleO::Services::OctaviaWorker + - OS::TripleO::Services::Vpp - name: Compute CountDefault: 1 @@ -154,6 +155,8 @@ - OS::TripleO::Services::FluentdClient - OS::TripleO::Services::AuditD - OS::TripleO::Services::Collectd + - OS::TripleO::Services::Vpp + - OS::TripleO::Services::MySQLClient - name: BlockStorage ServicesDefault: @@ -170,6 +173,7 @@ - OS::TripleO::Services::FluentdClient - OS::TripleO::Services::AuditD - OS::TripleO::Services::Collectd + - OS::TripleO::Services::MySQLClient - name: ObjectStorage disable_upgrade_deployment: True @@ -188,6 +192,7 @@ - OS::TripleO::Services::FluentdClient - OS::TripleO::Services::AuditD - OS::TripleO::Services::Collectd + - OS::TripleO::Services::MySQLClient - name: CephStorage ServicesDefault: @@ -204,3 +209,4 @@ - OS::TripleO::Services::FluentdClient - OS::TripleO::Services::AuditD - OS::TripleO::Services::Collectd + - OS::TripleO::Services::MySQLClient diff --git a/tools/yaml-validate.py b/tools/yaml-validate.py index 1d0dba02..32987cb2 100755 --- a/tools/yaml-validate.py +++ b/tools/yaml-validate.py @@ -54,6 +54,21 @@ def validate_endpoint_map(base_map, env_map): return sorted(base_map.keys()) == sorted(env_map.keys()) +def validate_hci_compute_services_default(env_filename, env_tpl): + env_services_list = env_tpl['parameter_defaults']['ComputeServices'] + env_services_list.remove('OS::TripleO::Services::CephOSD') + roles_filename = os.path.join(os.path.dirname(env_filename), + '../roles_data.yaml') + roles_tpl = yaml.load(open(roles_filename).read()) + for role in roles_tpl: + if role['name'] == 'Compute': + roles_services_list = role['ServicesDefault'] + if sorted(env_services_list) != sorted(roles_services_list): + print('ERROR: ComputeServices in %s is different ' + 'from ServicesDefault in roles_data.yaml' % env_filename) + return 1 + return 0 + def validate_mysql_connection(settings): no_op = lambda *args: False error_status = [0] @@ -143,6 +158,9 @@ def validate(filename): filename != './puppet/services/services.yaml'): retval = validate_service(filename, tpl) + if filename.endswith('hyperconverged-ceph.yaml'): + retval = validate_hci_compute_services_default(filename, tpl) + except Exception: print(traceback.format_exc()) return 1 |