diff options
-rw-r--r-- | all-nodes-validation.yaml | 6 | ||||
-rwxr-xr-x | docker/firstboot/setup_docker_host.sh | 24 | ||||
-rw-r--r-- | docker/services/README.rst | 37 | ||||
-rw-r--r-- | docker/services/nova-scheduler.yaml | 14 | ||||
-rw-r--r-- | environments/docker.yaml | 3 | ||||
-rw-r--r-- | puppet/services/keystone.yaml | 2 | ||||
-rw-r--r-- | puppet/services/swift-proxy.yaml | 4 | ||||
-rw-r--r-- | puppet/services/vpp.yaml | 12 | ||||
-rw-r--r-- | validation-scripts/all-nodes.sh | 18 |
9 files changed, 74 insertions, 46 deletions
diff --git a/all-nodes-validation.yaml b/all-nodes-validation.yaml index 65d01d0f..eea3e40a 100644 --- a/all-nodes-validation.yaml +++ b/all-nodes-validation.yaml @@ -10,6 +10,10 @@ parameters: default: '' description: A string containing a space separated list of IP addresses used to ping test each available network interface. type: string + ValidateFqdn: + default: false + description: Optional validation to ensure FQDN as set by Nova matches the name set in /etc/hosts. + type: boolean resources: AllNodesValidationsImpl: @@ -19,6 +23,8 @@ resources: inputs: - name: ping_test_ips default: {get_param: PingTestIps} + - name: validate_fqdn + default: {get_param: ValidateFqdn} config: {get_file: ./validation-scripts/all-nodes.sh} outputs: diff --git a/docker/firstboot/setup_docker_host.sh b/docker/firstboot/setup_docker_host.sh index b2287e91..8b4c6a03 100755 --- a/docker/firstboot/setup_docker_host.sh +++ b/docker/firstboot/setup_docker_host.sh @@ -1,26 +1,8 @@ #!/bin/bash set -eux -# TODO This would be better in puppet +# This file contains setup steps that can't be or have not yet been moved to +# puppet -# TODO remove this when built image includes docker -if [ ! -f "/usr/bin/docker" ]; then - yum -y install docker -fi - -# NOTE(mandre) $docker_namespace_is_registry is not a bash variable but is -# a place holder for text replacement done via heat -if [ "$docker_namespace_is_registry" = "True" ]; then - /usr/bin/systemctl stop docker.service - # if namespace is used with local registry, trim all namespacing - trim_var=$docker_registry - registry_host="${trim_var%%/*}" - /bin/sed -i -r "s/^[# ]*INSECURE_REGISTRY *=.+$/INSECURE_REGISTRY='--insecure-registry $registry_host'/" /etc/sysconfig/docker -fi - -# enable and start docker -/usr/bin/systemctl enable docker.service -/usr/bin/systemctl start docker.service - -# Disable libvirtd +# Disable libvirtd since it conflicts with nova_libvirt container /usr/bin/systemctl disable libvirtd.service /usr/bin/systemctl stop libvirtd.service diff --git a/docker/services/README.rst b/docker/services/README.rst index 881a2a37..71b0d3d4 100644 --- a/docker/services/README.rst +++ b/docker/services/README.rst @@ -65,20 +65,29 @@ are re-asserted when applying latter ones. below and the related docker-cmd hook documentation in the heat-agents project. - * puppet_tags: Puppet resource tag names that are used to generate config - files with puppet. Only the named config resources are used to generate - a config file. Any service that specifies tags will have the default - tags of 'file,concat,file_line' appended to the setting. - Example: keystone_config - - * config_volume: The name of the volume (directory) where config files - will be generated for this service. Use this as the location to - bind mount into the running Kolla container for configuration. - - * config_image: The name of the docker image that will be used for - generating configuration files. This is often the same value as - 'docker_image' above but some containers share a common set of - config files which are generated in a common base container. + * puppet_config: This section is a nested set of key value pairs + that drive the creation of config files using puppet. + Required parameters include: + + * puppet_tags: Puppet resource tag names that are used to generate config + files with puppet. Only the named config resources are used to generate + a config file. Any service that specifies tags will have the default + tags of 'file,concat,file_line' appended to the setting. + Example: keystone_config + + * config_volume: The name of the volume (directory) where config files + will be generated for this service. Use this as the location to + bind mount into the running Kolla container for configuration. + + * config_image: The name of the docker image that will be used for + generating configuration files. This is often the same container + that the runtime service uses. Some services share a common set of + config files which are generated in a common base container. + + * step_config: This setting controls the manifest that is used to + create docker config files via puppet. The puppet tags below are + used along with this manifest to generate a config directory for + this container. * docker_puppet_tasks: This section provides data to drive the docker-puppet.py tool directly. The task is executed only once diff --git a/docker/services/nova-scheduler.yaml b/docker/services/nova-scheduler.yaml index c24d5b26..ad556e0c 100644 --- a/docker/services/nova-scheduler.yaml +++ b/docker/services/nova-scheduler.yaml @@ -55,13 +55,13 @@ outputs: - '/' - [ {get_param: DockerNamespace}, {get_param: DockerNovaSchedulerImage} ] puppet_config: - config_volume: nova - puppet_tags: nova_config - step_config: *step_config - config_image: - list_join: - - '/' - - [ {get_param: DockerNamespace}, {get_param: DockerNovaBaseImage} ] + config_volume: nova + puppet_tags: nova_config + step_config: *step_config + config_image: + list_join: + - '/' + - [ {get_param: DockerNamespace}, {get_param: DockerNovaBaseImage} ] kolla_config: /var/lib/kolla/config_files/nova_scheduler.json: command: /usr/bin/nova-scheduler diff --git a/environments/docker.yaml b/environments/docker.yaml index 3696f908..8a977f26 100644 --- a/environments/docker.yaml +++ b/environments/docker.yaml @@ -3,6 +3,8 @@ resource_registry: # e.g atomic, but it has been replaced with OS::TripleO::Services::Docker # OS::TripleO::NodeUserData: ../docker/firstboot/setup_docker_host.yaml OS::TripleO::Services::Docker: ../puppet/services/docker.yaml + # The compute node still needs extra initialization steps + OS::TripleO::Compute::NodeUserData: ../docker/firstboot/setup_docker_host.yaml #NOTE (dprince) add roles to be docker enabled as we support them OS::TripleO::Services::NovaLibvirt: ../docker/services/nova-libvirt.yaml @@ -55,3 +57,4 @@ parameter_defaults: - OS::TripleO::Services::NovaCompute - OS::TripleO::Services::NovaLibvirt - OS::TripleO::Services::ComputeNeutronOvsAgent + - OS::TripleO::Services::Docker diff --git a/puppet/services/keystone.yaml b/puppet/services/keystone.yaml index f40c8d99..f9a15391 100644 --- a/puppet/services/keystone.yaml +++ b/puppet/services/keystone.yaml @@ -232,7 +232,7 @@ outputs: keystone::cron::token_flush::maxdelay: 3600 keystone::roles::admin::service_tenant: 'service' keystone::roles::admin::admin_tenant: 'admin' - keystone::cron::token_flush::destination: '/dev/null' + keystone::cron::token_flush::destination: '/var/log/keystone/keystone-tokenflush.log' keystone::config::keystone_config: ec2/driver: value: 'keystone.contrib.ec2.backends.sql.Ec2' diff --git a/puppet/services/swift-proxy.yaml b/puppet/services/swift-proxy.yaml index 9b0d2de1..0c3cc1ec 100644 --- a/puppet/services/swift-proxy.yaml +++ b/puppet/services/swift-proxy.yaml @@ -31,9 +31,9 @@ parameters: description: Timeout for requests going from swift-proxy to swift a/c/o services. type: number SwiftWorkers: - default: 0 + default: auto description: Number of workers for Swift service. - type: number + type: string KeystoneRegion: type: string default: 'regionOne' diff --git a/puppet/services/vpp.yaml b/puppet/services/vpp.yaml index 59866d39..7c8f8a28 100644 --- a/puppet/services/vpp.yaml +++ b/puppet/services/vpp.yaml @@ -42,6 +42,16 @@ outputs: step_config: | include ::tripleo::profile::base::vpp upgrade_tasks: + - name: Check if vpp is deployed + command: systemctl is-enabled vpp + tags: common + ignore_errors: True + register: vpp_enabled + - name: "PreUpgrade step0,validation: Check service vpp is running" + shell: /usr/bin/systemctl show 'vpp' --property ActiveState | grep '\bactive\b' + when: vpp_enabled.rc == 0 + tags: step0,validation - name: Stop vpp service - tags: step2 + tags: step1 + when: vpp_enabled.rc == 0 service: name=vpp state=stopped diff --git a/validation-scripts/all-nodes.sh b/validation-scripts/all-nodes.sh index 0b8b3523..f1f4cc11 100644 --- a/validation-scripts/all-nodes.sh +++ b/validation-scripts/all-nodes.sh @@ -67,5 +67,23 @@ function ping_default_gateways() { echo "SUCCESS" } +# Verify the FQDN from the nova/ironic deployment matches +# FQDN in the heat templates. +function fqdn_check() { + HOSTNAME=$(hostname) + SHORT_NAME=$(hostname -s) + FQDN_FROM_HOSTS=$(awk '$3 == "'${SHORT_NAME}'"{print $2}' /etc/hosts) + echo -n "Checking hostname vs /etc/hosts entry..." + if [[ $HOSTNAME != $FQDN_FROM_HOSTS ]]; then + echo "FAILURE" + echo -e "System hostname: ${HOSTNAME}\nEntry from /etc/hosts: ${FQDN_FROM_HOSTS}\n" + exit 1 + fi + echo "SUCCESS" +} + ping_controller_ips "$ping_test_ips" ping_default_gateways +if [[ $validate_fqdn == "True" ]];then + fqdn_check +fi |