diff options
| -rw-r--r-- | extraconfig/pre_deploy/rhel-registration/scripts/rhel-registration | 2 | ||||
| -rw-r--r-- | extraconfig/tasks/swift-ring-deploy.yaml | 31 | ||||
| -rw-r--r-- | extraconfig/tasks/swift-ring-update.yaml | 42 | ||||
| -rwxr-xr-x | extraconfig/tasks/yum_update.sh | 18 | ||||
| -rw-r--r-- | overcloud-resource-registry-puppet.j2.yaml | 3 | ||||
| -rw-r--r-- | puppet/major_upgrade_steps.j2.yaml | 3 | ||||
| -rw-r--r-- | puppet/puppet-steps.j2 | 18 | ||||
| -rw-r--r-- | puppet/services/ceph-rgw.yaml | 2 | ||||
| -rw-r--r-- | puppet/services/database/mongodb.yaml | 5 | ||||
| -rw-r--r-- | puppet/services/keystone.yaml | 10 | ||||
| -rw-r--r-- | puppet/services/nova-compute.yaml | 8 | ||||
| -rw-r--r-- | puppet/services/swift-ringbuilder.yaml | 10 | ||||
| -rw-r--r-- | releasenotes/notes/restrict-mongodb-memory-de7bf6754d7234d9.yaml | 3 | ||||
| -rw-r--r-- | releasenotes/notes/sriov-pci-passthrough-8f28719b889bdaf7.yaml | 4 |
14 files changed, 52 insertions, 107 deletions
diff --git a/extraconfig/pre_deploy/rhel-registration/scripts/rhel-registration b/extraconfig/pre_deploy/rhel-registration/scripts/rhel-registration index bff8b23b..0d0fa3f1 100644 --- a/extraconfig/pre_deploy/rhel-registration/scripts/rhel-registration +++ b/extraconfig/pre_deploy/rhel-registration/scripts/rhel-registration @@ -227,7 +227,7 @@ case "${REG_METHOD:-}" in if [ -z "${REG_AUTO_ATTACH:-}" -a -z "${REG_ACTIVATION_KEY:-}" ]; then retry subscription-manager attach $attach_opts fi - retry subscription-manager repos --disable '*' + retry subscription-manager repos --disable='*' retry subscription-manager $repos ;; satellite) diff --git a/extraconfig/tasks/swift-ring-deploy.yaml b/extraconfig/tasks/swift-ring-deploy.yaml deleted file mode 100644 index d17f78ae..00000000 --- a/extraconfig/tasks/swift-ring-deploy.yaml +++ /dev/null @@ -1,31 +0,0 @@ -heat_template_version: ocata - -parameters: - servers: - type: json - SwiftRingGetTempurl: - default: '' - description: A temporary Swift URL to download rings from. - type: string - -resources: - SwiftRingDeployConfig: - type: OS::Heat::SoftwareConfig - properties: - group: script - inputs: - - name: swift_ring_get_tempurl - config: | - #!/bin/sh - pushd / - curl --insecure --silent "${swift_ring_get_tempurl}" | tar xz || true - popd - - SwiftRingDeploy: - type: OS::Heat::SoftwareDeployments - properties: - name: SwiftRingDeploy - config: {get_resource: SwiftRingDeployConfig} - servers: {get_param: servers} - input_values: - swift_ring_get_tempurl: {get_param: SwiftRingGetTempurl} diff --git a/extraconfig/tasks/swift-ring-update.yaml b/extraconfig/tasks/swift-ring-update.yaml deleted file mode 100644 index 440c6883..00000000 --- a/extraconfig/tasks/swift-ring-update.yaml +++ /dev/null @@ -1,42 +0,0 @@ -heat_template_version: ocata - -parameters: - servers: - type: json - SwiftRingPutTempurl: - default: '' - description: A temporary Swift URL to upload rings to. - type: string - -resources: - SwiftRingUpdateConfig: - type: OS::Heat::SoftwareConfig - properties: - group: script - inputs: - - name: swift_ring_put_tempurl - config: | - #!/bin/sh - TMP_DATA=$(mktemp -d) - function cleanup { - rm -Rf "$TMP_DATA" - } - trap cleanup EXIT - # sanity check in case rings are not consistent within cluster - swift-recon --md5 | grep -q "doesn't match" && exit 1 - pushd ${TMP_DATA} - tar -cvzf swift-rings.tar.gz /etc/swift/*.builder /etc/swift/*.ring.gz /etc/swift/backups/* - resp=`curl --insecure --silent -X PUT "${swift_ring_put_tempurl}" --write-out "%{http_code}" --data-binary @swift-rings.tar.gz` - popd - if [ "$resp" != "201" ]; then - exit 1 - fi - - SwiftRingUpdate: - type: OS::Heat::SoftwareDeployments - properties: - name: SwiftRingUpdate - config: {get_resource: SwiftRingUpdateConfig} - servers: {get_param: servers} - input_values: - swift_ring_put_tempurl: {get_param: SwiftRingPutTempurl} diff --git a/extraconfig/tasks/yum_update.sh b/extraconfig/tasks/yum_update.sh index ad368278..f7e2769b 100755 --- a/extraconfig/tasks/yum_update.sh +++ b/extraconfig/tasks/yum_update.sh @@ -40,9 +40,17 @@ touch "$timestamp_file" command_arguments=${command_arguments:-} -list_updates=$(yum list updates) - -if [[ "$list_updates" == "" ]]; then +# yum check-update exits 100 if updates are available +set +e +check_update=$(yum check-update 2>&1) +check_update_exit=$? +set -e + +if [[ "$check_update_exit" == "1" ]]; then + echo "Failed to check for package updates" + echo "$check_update" + exit 1 +elif [[ "$check_update_exit" != "100" ]]; then echo "No packages require updating" exit 0 fi @@ -52,6 +60,10 @@ if hiera -c /etc/puppet/hiera.yaml service_names | grep -q pacemaker; then pacemaker_status=$(systemctl is-active pacemaker) fi +# TODO: FIXME: remove this in Pike. +# Hack around mod_ssl update and puppet https://bugs.launchpad.net/tripleo/+bug/1682448 +touch /etc/httpd/conf.d/ssl.conf + # Fix the redis/rabbit resource start/stop timeouts. See https://bugs.launchpad.net/tripleo/+bug/1633455 # and https://bugs.launchpad.net/tripleo/+bug/1634851 if [[ "$pacemaker_status" == "active" && \ diff --git a/overcloud-resource-registry-puppet.j2.yaml b/overcloud-resource-registry-puppet.j2.yaml index 1360d0be..5c277491 100644 --- a/overcloud-resource-registry-puppet.j2.yaml +++ b/overcloud-resource-registry-puppet.j2.yaml @@ -11,9 +11,6 @@ resource_registry: OS::TripleO::Tasks::UpdateWorkflow: OS::Heat::None OS::TripleO::Tasks::PackageUpdate: extraconfig/tasks/yum_update.yaml - OS::TripleO::Tasks::SwiftRingDeploy: extraconfig/tasks/swift-ring-deploy.yaml - OS::TripleO::Tasks::SwiftRingUpdate: extraconfig/tasks/swift-ring-update.yaml - {% for role in roles %} OS::TripleO::{{role.name}}::PreNetworkConfig: OS::Heat::None OS::TripleO::{{role.name}}PostDeploySteps: puppet/post.yaml diff --git a/puppet/major_upgrade_steps.j2.yaml b/puppet/major_upgrade_steps.j2.yaml index c0a0778c..28092773 100644 --- a/puppet/major_upgrade_steps.j2.yaml +++ b/puppet/major_upgrade_steps.j2.yaml @@ -51,10 +51,11 @@ resources: - " crudini --set /etc/nova/nova.conf placement project_domain_name Default\n\n" - " crudini --set /etc/nova/nova.conf placement user_domain_name Default\n\n" - " crudini --set /etc/nova/nova.conf placement project_name service\n\n" + - " crudini --set /etc/nova/nova.conf placement os_interface internal\n\n" - str_replace: template: | crudini --set /etc/nova/nova.conf placement password 'SERVICE_PASSWORD' - crudini --set /etc/nova/nova.conf placement region_name 'REGION_NAME' + crudini --set /etc/nova/nova.conf placement os_region_name 'REGION_NAME' crudini --set /etc/nova/nova.conf placement auth_url 'AUTH_URL' params: SERVICE_PASSWORD: { get_param: NovaPassword } diff --git a/puppet/puppet-steps.j2 b/puppet/puppet-steps.j2 index 9d5623f0..ed362e4e 100644 --- a/puppet/puppet-steps.j2 +++ b/puppet/puppet-steps.j2 @@ -30,13 +30,6 @@ input_values: update_identifier: {get_param: DeployIdentifier} - {% if role.name in ['Controller', 'ObjectStorage'] %} - {{role.name}}SwiftRingDeploy: - type: OS::TripleO::Tasks::SwiftRingDeploy - properties: - servers: {get_param: [servers, {{role.name}}]} - {% endif %} - # Step through a series of configuration steps {% for step in range(1, 6) %} {{role.name}}Deployment_Step{{step}}: @@ -90,15 +83,4 @@ servers: {get_param: [servers, {{role.name}}]} input_values: update_identifier: {get_param: DeployIdentifier} - - {% if role.name in ['Controller', 'ObjectStorage'] %} - {{role.name}}SwiftRingUpdate: - type: OS::TripleO::Tasks::SwiftRingUpdate - depends_on: - {% for dep in roles %} - - {{dep.name}}Deployment_Step5 - {% endfor %} - properties: - servers: {get_param: [servers, {{role.name}}]} - {% endif %} {% endfor %} diff --git a/puppet/services/ceph-rgw.yaml b/puppet/services/ceph-rgw.yaml index 01531971..49856115 100644 --- a/puppet/services/ceph-rgw.yaml +++ b/puppet/services/ceph-rgw.yaml @@ -73,7 +73,7 @@ outputs: ceph::rgw::keystone::auth::internal_url: {get_param: [EndpointMap, CephRgwInternal, uri]} ceph::rgw::keystone::auth::admin_url: {get_param: [EndpointMap, CephRgwAdmin, uri]} ceph::rgw::keystone::auth::region: {get_param: KeystoneRegion} - ceph::rgw::keystone::auth::roles: [ 'admin', 'member', '_member_' ] + ceph::rgw::keystone::auth::roles: [ 'admin', 'Member', '_member_' ] ceph::rgw::keystone::auth::tenant: service ceph::rgw::keystone::auth::user: swift ceph::rgw::keystone::auth::password: {get_param: SwiftPassword} diff --git a/puppet/services/database/mongodb.yaml b/puppet/services/database/mongodb.yaml index 63ec4446..50597216 100644 --- a/puppet/services/database/mongodb.yaml +++ b/puppet/services/database/mongodb.yaml @@ -19,6 +19,10 @@ parameters: description: Mapping of service endpoint -> protocol. Typically set via parameter_defaults in the resource registry. type: json + MongodbMemoryLimit: + default: '20G' + description: Limit the amount of memory mongodb uses with systemd. + type: string MongoDbLoggingSource: type: json description: Fluentd logging configuration for mongodb. @@ -49,6 +53,7 @@ outputs: map_merge: - get_attr: [MongoDbBase, role_data, config_settings] - tripleo::profile::base::database::mongodb::mongodb_replset: {get_attr: [MongoDbBase, aux_parameters, rplset_name]} + tripleo::profile::base::database::mongodb::memory_limit: {get_param: MongodbMemoryLimit} mongodb::server::service_manage: True tripleo.mongodb.firewall_rules: '101 mongodb_config': diff --git a/puppet/services/keystone.yaml b/puppet/services/keystone.yaml index f69c087b..f79f86d8 100644 --- a/puppet/services/keystone.yaml +++ b/puppet/services/keystone.yaml @@ -119,27 +119,27 @@ parameters: Cron to purge expired tokens - Ensure default: 'present' KeystoneCronTokenFlushMinute: - type: string + type: comma_delimited_list description: > Cron to purge expired tokens - Minute default: '1' KeystoneCronTokenFlushHour: - type: string + type: comma_delimited_list description: > Cron to purge expired tokens - Hour default: '0' KeystoneCronTokenFlushMonthday: - type: string + type: comma_delimited_list description: > Cron to purge expired tokens - Month Day default: '*' KeystoneCronTokenFlushMonth: - type: string + type: comma_delimited_list description: > Cron to purge expired tokens - Month default: '*' KeystoneCronTokenFlushWeekday: - type: string + type: comma_delimited_list description: > Cron to purge expired tokens - Week Day default: '*' diff --git a/puppet/services/nova-compute.yaml b/puppet/services/nova-compute.yaml index d208bede..a9737eb6 100644 --- a/puppet/services/nova-compute.yaml +++ b/puppet/services/nova-compute.yaml @@ -52,7 +52,7 @@ parameters: For different formats, refer to the nova.conf documentation for pci_passthrough_whitelist configuration type: json - default: {} + default: '' NovaVcpuPinSet: description: > A list or range of physical CPU cores to reserve for virtual machine @@ -101,7 +101,11 @@ outputs: map_merge: - get_attr: [NovaBase, role_data, config_settings] - nova::compute::libvirt::manage_libvirt_services: false - nova::compute::pci_passthrough: {get_param: NovaPCIPassthrough} + nova::compute::pci_passthrough: + str_replace: + template: "JSON_PARAM" + params: + JSON_PARAM: {get_param: NovaPCIPassthrough} nova::compute::vcpu_pin_set: {get_param: NovaVcpuPinSet} nova::compute::reserved_host_memory: {get_param: NovaReservedHostMemory} # we manage migration in nova common puppet profile diff --git a/puppet/services/swift-ringbuilder.yaml b/puppet/services/swift-ringbuilder.yaml index 2e3c818f..f62d5e18 100644 --- a/puppet/services/swift-ringbuilder.yaml +++ b/puppet/services/swift-ringbuilder.yaml @@ -42,6 +42,14 @@ parameters: default: true description: 'Use a local directory for Swift storage services when building rings' type: boolean + SwiftRingGetTempurl: + default: '' + description: A temporary Swift URL to download rings from. + type: string + SwiftRingPutTempurl: + default: '' + description: A temporary Swift URL to upload rings to. + type: string conditions: swift_use_local_dir: @@ -59,6 +67,8 @@ outputs: value: service_name: swift_ringbuilder config_settings: + tripleo::profile::base::swift::ringbuilder::swift_ring_get_tempurl: {get_param: SwiftRingGetTempurl} + tripleo::profile::base::swift::ringbuilder::swift_ring_put_tempurl: {get_param: SwiftRingPutTempurl} tripleo::profile::base::swift::ringbuilder::build_ring: {get_param: SwiftRingBuild} tripleo::profile::base::swift::ringbuilder::replicas: {get_param: SwiftReplicas} tripleo::profile::base::swift::ringbuilder::part_power: {get_param: SwiftPartPower} diff --git a/releasenotes/notes/restrict-mongodb-memory-de7bf6754d7234d9.yaml b/releasenotes/notes/restrict-mongodb-memory-de7bf6754d7234d9.yaml new file mode 100644 index 00000000..86622bc1 --- /dev/null +++ b/releasenotes/notes/restrict-mongodb-memory-de7bf6754d7234d9.yaml @@ -0,0 +1,3 @@ +--- +fixes: + - Add knobs to limit memory comsumed by mongodb with systemd diff --git a/releasenotes/notes/sriov-pci-passthrough-8f28719b889bdaf7.yaml b/releasenotes/notes/sriov-pci-passthrough-8f28719b889bdaf7.yaml new file mode 100644 index 00000000..20146b0a --- /dev/null +++ b/releasenotes/notes/sriov-pci-passthrough-8f28719b889bdaf7.yaml @@ -0,0 +1,4 @@ +--- +fixes: + - The ``pci_passthrough`` hiera value should be passed as a string + (`bug 1675036 <https://bugs.launchpad.net/tripleo/+bug/1675036>`__). |