11 files changed, 91 insertions, 5 deletions

diff --git a/environments/neutron-opendaylight.yaml b/environments/neutron-opendaylight.yaml
index ed7292b7..4644725d 100644
--- a/environments/neutron-opendaylight.yaml
+++ b/environments/neutron-opendaylight.yaml
@@ -3,6 +3,7 @@ resource_registry:
   OS::TripleO::Services::NeutronOvsAgent: OS::Heat::None
   OS::TripleO::Services::ComputeNeutronOvsAgent: OS::Heat::None
   OS::TripleO::Services::ComputeNeutronCorePlugin: OS::Heat::None
+  OS::TripleO::Services::NeutronCorePlugin: ../puppet/services/neutron-plugin-ml2-odl.yaml
   OS::TripleO::Services::OpenDaylightApi: ../puppet/services/opendaylight-api.yaml
   OS::TripleO::Services::OpenDaylightOvs: ../puppet/services/opendaylight-ovs.yaml
   OS::TripleO::Services::NeutronL3Agent: OS::Heat::None
diff --git a/environments/services/disable-ceilometer-api.yaml b/environments/services/disable-ceilometer-api.yaml
index 94cd8d5d..fb1ea6a7 100644
--- a/environments/services/disable-ceilometer-api.yaml
+++ b/environments/services/disable-ceilometer-api.yaml
@@ -1,2 +1,5 @@
 resource_registry:
   OS::TripleO::Services::CeilometerApi: OS::Heat::None
+
+parameter_defaults:
+  CeilometerApiEndpoint: false
diff --git a/extraconfig/tasks/pacemaker_common_functions.sh b/extraconfig/tasks/pacemaker_common_functions.sh
index aae4a2de..4480f74d 100755
--- a/extraconfig/tasks/pacemaker_common_functions.sh
+++ b/extraconfig/tasks/pacemaker_common_functions.sh
@@ -299,9 +299,10 @@ function systemctl_swift {
 }
 
 # Special-case OVS for https://bugs.launchpad.net/tripleo/+bug/1635205
+# Update condition and add --notriggerun for +bug/1669714
 function special_case_ovs_upgrade_if_needed {
-    if [[ -n $(rpm -q --scripts openvswitch | awk '/postuninstall/,/*/' | grep "systemctl.*try-restart") ]]; then
-        echo "Manual upgrade of openvswitch - restart in postun detected"
+    if rpm -qa | grep "^openvswitch-2.5.0-14" || rpm -q --scripts openvswitch | awk '/postuninstall/,/*/' | grep "systemctl.*try-restart" ; then
+        echo "Manual upgrade of openvswitch - ovs-2.5.0-14 or restart in postun detected"
         rm -rf OVS_UPGRADE
         mkdir OVS_UPGRADE && pushd OVS_UPGRADE
         echo "Attempting to downloading latest openvswitch with yumdownloader"
@@ -310,8 +311,8 @@ function special_case_ovs_upgrade_if_needed {
             if rpm -U --test $pkg 2>&1 | grep "already installed" ; then
                 echo "Looks like newer version of $pkg is already installed, skipping"
             else
-                echo "Updating $pkg with nopostun option"
-                rpm -U --replacepkgs --nopostun $pkg
+                echo "Updating $pkg with --nopostun --notriggerun"
+                rpm -U --replacepkgs --nopostun --notriggerun $pkg
             fi
         done
         popd
diff --git a/extraconfig/tasks/tripleo_upgrade_node.sh b/extraconfig/tasks/tripleo_upgrade_node.sh
index 24211ab0..a5a312dc 100644
--- a/extraconfig/tasks/tripleo_upgrade_node.sh
+++ b/extraconfig/tasks/tripleo_upgrade_node.sh
@@ -28,12 +28,15 @@ SCRIPT_NAME=$(basename $0)
 $(declare -f log_debug)
 $(declare -f manage_systemd_service)
 $(declare -f systemctl_swift)
+$(declare -f special_case_ovs_upgrade_if_needed)
 
 # pin nova messaging +-1 for the nova-compute service
 if [[ -n \$NOVA_COMPUTE ]]; then
     crudini  --set /etc/nova/nova.conf upgrade_levels compute auto
 fi
 
+special_case_ovs_upgrade_if_needed
+
 if [[ -n \$SWIFT_STORAGE ]]; then
     systemctl_swift stop
 fi
diff --git a/extraconfig/tasks/yum_update.sh b/extraconfig/tasks/yum_update.sh
index d3d38114..ad368278 100755
--- a/extraconfig/tasks/yum_update.sh
+++ b/extraconfig/tasks/yum_update.sh
@@ -70,6 +70,9 @@ if [[ "$pacemaker_status" == "active" && \
     fi
 fi
 
+# special case https://bugs.launchpad.net/tripleo/+bug/1635205 +bug/1669714
+special_case_ovs_upgrade_if_needed
+
 if [[ "$pacemaker_status" == "active" ]] ; then
     echo "Pacemaker running, stopping cluster node and doing full package update"
     node_count=$(pcs status xml | grep -o "<nodes_configured.*/>" | grep -o 'number="[0-9]*"' | grep -o "[0-9]*")
diff --git a/puppet/services/ceilometer-base.yaml b/puppet/services/ceilometer-base.yaml
index a6fd304c..185ffdc3 100644
--- a/puppet/services/ceilometer-base.yaml
+++ b/puppet/services/ceilometer-base.yaml
@@ -76,6 +76,11 @@ parameters:
     default: 5672
     description: Set rabbit subscriber port, change this if using SSL
     type: number
+  CeilometerApiEndpoint:
+    default: true
+    description: Whether to create or skip API endpoint. Set this to
+        false, if you choose to disable Ceilometer API service.
+    type: boolean
 
 outputs:
   role_data:
@@ -83,6 +88,7 @@ outputs:
     value:
       service_name: ceilometer_base
       config_settings:
+        ceilometer_auth_enabled: true
         ceilometer::debug: {get_param: Debug}
         ceilometer::db::database_connection:
           list_join:
@@ -133,6 +139,7 @@ outputs:
           ceilometer::keystone::auth::password: {get_param: CeilometerPassword}
           ceilometer::keystone::auth::region: {get_param: KeystoneRegion}
           ceilometer::keystone::auth::tenant: 'service'
+          ceilometer::keystone::auth::configure_endpoint: {get_param: CeilometerApiEndpoint}
         mysql:
           ceilometer::db::mysql::password: {get_param: CeilometerPassword}
           ceilometer::db::mysql::user: ceilometer
diff --git a/puppet/services/ec2-api.yaml b/puppet/services/ec2-api.yaml
index eef2a76f..d1adefe5 100644
--- a/puppet/services/ec2-api.yaml
+++ b/puppet/services/ec2-api.yaml
@@ -98,6 +98,11 @@ outputs:
                 - {get_param: [EndpointMap, MysqlInternal, host]}
                 - '/ec2_api'
                 - '?read_default_file=/etc/my.cnf.d/tripleo.cnf&read_default_group=tripleo'
+          ec2api::api::keystone_ec2_tokens_url:
+            list_join:
+              - ''
+              - - {get_param: [EndpointMap, KeystoneV3Internal, uri]}
+                - '/ec2tokens'
         -
           if:
           - nova_workers_zero
diff --git a/puppet/services/neutron-plugin-ml2-odl.yaml b/puppet/services/neutron-plugin-ml2-odl.yaml
new file mode 100644
index 00000000..acacadfa
--- /dev/null
+++ b/puppet/services/neutron-plugin-ml2-odl.yaml
@@ -0,0 +1,45 @@
+heat_template_version: ocata
+
+description: >
+  OpenStack Neutron ML2/OpenDaylight plugin configured with Puppet
+
+parameters:
+  ServiceNetMap:
+    default: {}
+    description: Mapping of service_name -> network name. Typically set
+                 via parameter_defaults in the resource registry.  This
+                 mapping overrides those in ServiceNetMapDefaults.
+    type: json
+  DefaultPasswords:
+    default: {}
+    type: json
+  EndpointMap:
+    default: {}
+    description: Mapping of service endpoint -> protocol. Typically set
+                 via parameter_defaults in the resource registry.
+    type: json
+  OpenDaylightPortBindingController:
+    description: OpenDaylight port binding controller
+    type: string
+    default: 'network-topology'
+
+resources:
+
+  NeutronMl2Base:
+    type: ./neutron-plugin-ml2.yaml
+    properties:
+      ServiceNetMap: {get_param: ServiceNetMap}
+      DefaultPasswords: {get_param: DefaultPasswords}
+      EndpointMap: {get_param: EndpointMap}
+
+outputs:
+  role_data:
+    description: Role data for the Neutron ML2/ODL plugin.
+    value:
+      service_name: neutron_plugin_ml2_odl
+      config_settings:
+        map_merge:
+          - get_attr: [NeutronMl2Base, role_data, config_settings]
+          - neutron::plugins::ml2::opendaylight::port_binding_controller: {get_param: OpenDaylightPortBindingController}
+      step_config: |
+        include ::tripleo::profile::base::neutron::plugins::ml2
diff --git a/puppet/services/pacemaker.yaml b/puppet/services/pacemaker.yaml
index 762d0092..28fcbd6f 100644
--- a/puppet/services/pacemaker.yaml
+++ b/puppet/services/pacemaker.yaml
@@ -87,10 +87,16 @@ parameters:
         \[(?<pid>[^ ]*)\]
         (?<host>[^ ]*)
         (?<message>.*)$/
+
+  EnableLoadBalancer:
+    default: true
+    description: Whether to deploy a LoadBalancer on the Controller
+    type: boolean
+
   PacemakerResources:
     type: comma_delimited_list
     description: List of resources managed by pacemaker
-    default: ['rabbitmq','haproxy','galera']
+    default: ['rabbitmq', 'galera']
 
 outputs:
   role_data:
@@ -147,3 +153,9 @@ outputs:
             resource: "{{ item }}"
             max_wait: 500
           with_items: {get_param: PacemakerResources}
+        - name: Check pacemaker haproxy resource
+          tags: step4
+          pacemaker_is_active:
+            resource: haproxy
+            max_wait: 500
+          when: {get_param: EnableLoadBalancer}
diff --git a/puppet/services/tacker.yaml b/puppet/services/tacker.yaml
index d6c0ef9a..c14e061b 100644
--- a/puppet/services/tacker.yaml
+++ b/puppet/services/tacker.yaml
@@ -98,6 +98,7 @@ outputs:
       service_config_settings:
         keystone:
           tacker::keystone::auth::tenant: 'service'
+          tacker::keystone::auth::region: {get_param: KeystoneRegion}
           tacker::keystone::auth::password: {get_param: TackerPassword}
           tacker::keystone::auth::public_url: {get_param: [EndpointMap, TackerPublic, uri]}
           tacker::keystone::auth::internal_url: {get_param: [EndpointMap, TackerInternal, uri]}
diff --git a/releasenotes/notes/set-ceilometer-auth-flag-382f68ddb2cbcb6b.yaml b/releasenotes/notes/set-ceilometer-auth-flag-382f68ddb2cbcb6b.yaml
new file mode 100644
index 00000000..07407f20
--- /dev/null
+++ b/releasenotes/notes/set-ceilometer-auth-flag-382f68ddb2cbcb6b.yaml
@@ -0,0 +1,5 @@
+---
+fixes:
+  - We need ceilometer user in cases where ceilometer API is disabled.
+    This is to ensure other ceilometer services can still authenticate
+    with keystone.