diff options
24 files changed, 199 insertions, 64 deletions
diff --git a/ci/environments/scenario002-multinode.yaml b/ci/environments/scenario002-multinode.yaml index e3ecf745..ed0f7e25 100644 --- a/ci/environments/scenario002-multinode.yaml +++ b/ci/environments/scenario002-multinode.yaml @@ -8,6 +8,7 @@ resource_registry: OS::TripleO::Services::HAproxy: ../../puppet/services/pacemaker/haproxy.yaml OS::TripleO::Services::Pacemaker: ../../puppet/services/pacemaker.yaml OS::TripleO::Services::MySQL: ../../puppet/services/pacemaker/database/mysql.yaml + OS::TripleO::Services::MongoDb: ../../puppet/services/database/mongodb.yaml OS::TripleO::Services::CinderBackup: ../../puppet/services/pacemaker/cinder-backup.yaml OS::TripleO::Services::CinderVolume: ../../puppet/services/pacemaker/cinder-volume.yaml OS::TripleO::Services::Keepalived: OS::Heat::None diff --git a/docker/docker-steps.j2 b/docker/docker-steps.j2 index e24afcf9..86811b86 100644 --- a/docker/docker-steps.j2 +++ b/docker/docker-steps.j2 @@ -102,13 +102,6 @@ resources: servers: {get_param: [servers, {{role.name}}]} config: {get_resource: {{role.name}}ArtifactsConfig} - {{role.name}}PreConfig: - type: OS::TripleO::Tasks::{{role.name}}PreConfig - properties: - servers: {get_param: [servers, {{role.name}}]} - input_values: - update_identifier: {get_param: DeployIdentifier} - {{role.name}}HostPrepConfig: type: OS::Heat::SoftwareConfig properties: @@ -277,6 +270,7 @@ resources: {%- endfor %} - {{role.name}}PreConfig - {{role.name}}HostPrepDeployment + - {{role.name}}GenerateConfigDeployment {% else %} depends_on: {% for dep in roles %} diff --git a/docker/services/aodh-api.yaml b/docker/services/aodh-api.yaml index 8a02d8fd..f802e4e6 100644 --- a/docker/services/aodh-api.yaml +++ b/docker/services/aodh-api.yaml @@ -100,13 +100,14 @@ outputs: net: host privileged: false detach: false + user: root volumes: list_concat: - {get_attr: [ContainersCommon, volumes]} - - /var/lib/config-data/aodh/etc/aodh/:/etc/aodh/:ro - /var/log/containers/aodh:/var/log/aodh - command: /usr/bin/aodh-dbsync + command: "/usr/bin/bootstrap_host_exec aodh_api su aodh -s /bin/bash -c /usr/bin/aodh-dbsync" step_4: aodh_api: image: *aodh_image diff --git a/docker/services/containers-common.yaml b/docker/services/containers-common.yaml index a4ebe549..a9912a1f 100644 --- a/docker/services/containers-common.yaml +++ b/docker/services/containers-common.yaml @@ -9,6 +9,8 @@ outputs: value: - /etc/hosts:/etc/hosts:ro - /etc/localtime:/etc/localtime:ro + # required for bootstrap_host_exec + - /etc/puppet:/etc/puppet:ro # OpenSSL trusted CAs - /etc/pki/ca-trust/extracted:/etc/pki/ca-trust/extracted:ro - /etc/pki/tls/certs/ca-bundle.crt:/etc/pki/tls/certs/ca-bundle.crt:ro diff --git a/docker/services/glance-api.yaml b/docker/services/glance-api.yaml index 07710c7a..df8186da 100644 --- a/docker/services/glance-api.yaml +++ b/docker/services/glance-api.yaml @@ -100,6 +100,7 @@ outputs: net: host privileged: false detach: false + user: root volumes: &glance_volumes list_concat: - {get_attr: [ContainersCommon, volumes]} @@ -110,6 +111,7 @@ outputs: environment: - KOLLA_BOOTSTRAP=True - KOLLA_CONFIG_STRATEGY=COPY_ALWAYS + command: "/usr/bin/bootstrap_host_exec glance_api su glance -s /bin/bash -c '/usr/local/bin/kolla_start'" step_4: map_merge: - glance_api: diff --git a/docker/services/gnocchi-api.yaml b/docker/services/gnocchi-api.yaml index 9b474731..e59d6095 100644 --- a/docker/services/gnocchi-api.yaml +++ b/docker/services/gnocchi-api.yaml @@ -100,13 +100,14 @@ outputs: net: host detach: false privileged: false + user: root volumes: list_concat: - {get_attr: [ContainersCommon, volumes]} - - /var/lib/config-data/gnocchi/etc/gnocchi/:/etc/gnocchi/:ro - /var/log/containers/gnocchi:/var/log/gnocchi - command: ["/usr/bin/gnocchi-upgrade", "--skip-storage"] + command: "/usr/bin/bootstrap_host_exec gnocchi_api su gnocchi -s /bin/bash -c '/usr/bin/gnocchi-upgrade --skip-storage'" step_4: gnocchi_api: image: *gnocchi_image diff --git a/docker/services/heat-engine.yaml b/docker/services/heat-engine.yaml index 8c554a50..0adad538 100644 --- a/docker/services/heat-engine.yaml +++ b/docker/services/heat-engine.yaml @@ -94,13 +94,14 @@ outputs: net: host privileged: false detach: false + user: root volumes: list_concat: - {get_attr: [ContainersCommon, volumes]} - - /var/lib/config-data/heat/etc/heat/:/etc/heat/:ro - /var/log/containers/heat:/var/log/heat - command: ['heat-manage', 'db_sync'] + command: "/usr/bin/bootstrap_host_exec heat_engine su heat -s /bin/bash -c 'heat-manage db_sync'" step_4: heat_engine: image: *heat_engine_image diff --git a/docker/services/ironic-api.yaml b/docker/services/ironic-api.yaml index 300aa0bd..c8978aa2 100644 --- a/docker/services/ironic-api.yaml +++ b/docker/services/ironic-api.yaml @@ -100,13 +100,14 @@ outputs: net: host privileged: false detach: false + user: root volumes: list_concat: - {get_attr: [ContainersCommon, volumes]} - - /var/lib/config-data/ironic/etc/:/etc/:ro - /var/log/containers/ironic:/var/log/ironic - command: ['ironic-dbsync', '--config-file', '/etc/ironic/ironic.conf'] + command: "/usr/bin/bootstrap_host_exec ironic_api su ironic -s /bin/bash -c 'ironic-dbsync --config-file /etc/ironic/ironic.conf'" step_4: ironic_api: start_order: 10 diff --git a/docker/services/keystone.yaml b/docker/services/keystone.yaml index ca643749..772859ee 100644 --- a/docker/services/keystone.yaml +++ b/docker/services/keystone.yaml @@ -131,8 +131,9 @@ outputs: environment: - KOLLA_BOOTSTRAP=True - KOLLA_CONFIG_STRATEGY=COPY_ALWAYS + command: ['/usr/bin/bootstrap_host_exec', 'keystone', '/usr/local/bin/kolla_start'] keystone: - start_order: 1 + start_order: 2 image: *keystone_image net: host privileged: false @@ -141,10 +142,10 @@ outputs: environment: - KOLLA_CONFIG_STRATEGY=COPY_ALWAYS keystone_bootstrap: - start_order: 2 + start_order: 3 action: exec command: - [ 'keystone', 'keystone-manage', 'bootstrap', '--bootstrap-password', {get_param: AdminPassword} ] + [ 'keystone', '/usr/bin/bootstrap_host_exec', 'keystone' ,'keystone-manage', 'bootstrap', '--bootstrap-password', {get_param: AdminPassword} ] docker_puppet_tasks: # Keystone endpoint creation occurs only on single node step_3: diff --git a/docker/services/mistral-api.yaml b/docker/services/mistral-api.yaml index 3b256fdd..5586d41b 100644 --- a/docker/services/mistral-api.yaml +++ b/docker/services/mistral-api.yaml @@ -100,19 +100,21 @@ outputs: net: host privileged: false detach: false + user: root volumes: list_concat: - {get_attr: [ContainersCommon, volumes]} - - /var/lib/config-data/mistral/etc/:/etc/:ro - /var/log/containers/mistral:/var/log/mistral - command: ['mistral-db-manage', '--config-file', '/etc/mistral/mistral.conf', 'upgrade', 'head'] + command: "/usr/bin/bootstrap_host_exec mistral_api su mistral -s /bin/bash -c 'mistral-db-manage --config-file /etc/mistral/mistral.conf upgrade head'" mistral_db_populate: start_order: 2 image: *mistral_image net: host privileged: false detach: false + user: root volumes: list_concat: - {get_attr: [ContainersCommon, volumes]} @@ -121,7 +123,7 @@ outputs: - /var/log/containers/mistral:/var/log/mistral # NOTE: dprince this requires that we install openstack-tripleo-common into # the Mistral API image so that we get tripleo* actions - command: ['mistral-db-manage', '--config-file', '/etc/mistral/mistral.conf', 'populate'] + command: "/usr/bin/bootstrap_host_exec mistral_api su mistral -s /bin/bash -c 'mistral-db-manage --config-file /etc/mistral/mistral.conf populate'" step_4: mistral_api: start_order: 15 diff --git a/docker/services/neutron-api.yaml b/docker/services/neutron-api.yaml index 9517e4b1..7ce47a14 100644 --- a/docker/services/neutron-api.yaml +++ b/docker/services/neutron-api.yaml @@ -110,8 +110,6 @@ outputs: net: host privileged: false detach: false - # FIXME: we should make config file permissions right - # and run as neutron user user: root volumes: list_concat: @@ -120,7 +118,10 @@ outputs: - /var/lib/config-data/neutron/etc/neutron:/etc/neutron:ro - /var/lib/config-data/neutron/usr/share/neutron:/usr/share/neutron:ro - /var/log/containers/neutron:/var/log/neutron - command: ['neutron-db-manage', 'upgrade', 'heads'] + command: ['/usr/bin/bootstrap_host_exec', 'neutron_api', 'neutron-db-manage', 'upgrade', 'heads'] + # FIXME: we should make config file permissions right + # and run as neutron user + #command: "/usr/bin/bootstrap_host_exec neutron_api su neutron -s /bin/bash -c 'neutron-db-manage upgrade heads'" step_4: map_merge: - neutron_api: diff --git a/docker/services/nova-api.yaml b/docker/services/nova-api.yaml index d571b21b..2375dada 100644 --- a/docker/services/nova-api.yaml +++ b/docker/services/nova-api.yaml @@ -103,6 +103,7 @@ outputs: image: *nova_api_image net: host detach: false + user: root volumes: &nova_api_volumes list_concat: - {get_attr: [ContainersCommon, volumes]} @@ -110,7 +111,7 @@ outputs: - /var/lib/kolla/config_files/nova_api.json:/var/lib/kolla/config_files/config.json:ro - /var/lib/config-data/nova/etc/nova/:/etc/nova/:ro - /var/log/containers/nova:/var/log/nova - command: ['/usr/bin/nova-manage', 'api_db', 'sync'] + command: "/usr/bin/bootstrap_host_exec nova_api su nova -s /bin/bash -c '/usr/bin/nova-manage api_db sync'" # FIXME: we probably want to wait on the 'cell_v2 update' in order for this # to be capable of upgrading a baremetal setup. This is to ensure the name # of the cell is 'default' @@ -119,11 +120,9 @@ outputs: image: *nova_api_image net: host detach: false + user: root volumes: *nova_api_volumes - command: - - '/usr/bin/nova-manage' - - 'cell_v2' - - 'map_cell0' + command: "/usr/bin/bootstrap_host_exec nova_api su nova -s /bin/bash -c '/usr/bin/nova-manage cell_v2 map_cell0'" nova_api_create_default_cell: start_order: 3 image: *nova_api_image @@ -134,18 +133,16 @@ outputs: # this idempotent (if the resource already exists a conflict # is raised) exit_codes: [0,2] - command: - - '/usr/bin/nova-manage' - - 'cell_v2' - - 'create_cell' - - '--name="default"' + user: root + command: "/usr/bin/bootstrap_host_exec nova_api su nova -s /bin/bash -c '/usr/bin/nova-manage cell_v2 create_cell --name=default'" nova_db_sync: start_order: 4 image: *nova_api_image net: host detach: false volumes: *nova_api_volumes - command: ['/usr/bin/nova-manage', 'db', 'sync'] + user: root + command: "/usr/bin/bootstrap_host_exec nova_api su nova -s /bin/bash -c '/usr/bin/nova-manage db sync'" step_4: nova_api: start_order: 2 @@ -164,10 +161,8 @@ outputs: net: host detach: false volumes: *nova_api_volumes - command: - - '/usr/bin/nova-manage' - - 'cell_v2' - - 'discover_hosts' + user: root + command: "/usr/bin/bootstrap_host_exec nova_api su nova -s /bin/bash -c '/usr/bin/nova-manage cell_v2 discover_hosts'" host_prep_tasks: - name: create persistent logs directory file: diff --git a/docker/services/panko-api.yaml b/docker/services/panko-api.yaml index 46cfa5ab..b9e6e93a 100644 --- a/docker/services/panko-api.yaml +++ b/docker/services/panko-api.yaml @@ -101,13 +101,14 @@ outputs: net: host detach: false privileged: false + user: root volumes: list_concat: - {get_attr: [ContainersCommon, volumes]} - - /var/lib/config-data/panko/etc/panko:/etc/panko:ro - /var/log/containers/panko:/var/log/panko - command: /usr/bin/panko-dbsync + command: "/usr/bin/bootstrap_host_exec panko_api su panko -s /bin/bash -c '/usr/bin/panko-dbsync'" step_4: panko_api: start_order: 2 diff --git a/environments/disable-telemetry.yaml b/environments/disable-telemetry.yaml new file mode 100644 index 00000000..6249c286 --- /dev/null +++ b/environments/disable-telemetry.yaml @@ -0,0 +1,20 @@ +# This heat environment can be used to disable all of the telemetry services. +# It is most useful in a resource constrained environment or one in which +# telemetry is not needed. + +resource_registry: + OS::TripleO::Services::CeilometerApi: OS::Heat::None + OS::TripleO::Services::CeilometerCollector: OS::Heat::None + OS::TripleO::Services::CeilometerExpirer: OS::Heat::None + OS::TripleO::Services::CeilometerAgentCentral: OS::Heat::None + OS::TripleO::Services::CeilometerAgentNotification: OS::Heat::None + OS::TripleO::Services::CeilometerAgentIpmi: OS::Heat::None + OS::TripleO::Services::ComputeCeilometerAgent: OS::Heat::None + OS::TripleO::Services::GnocchiApi: OS::Heat::None + OS::TripleO::Services::GnocchiMetricd: OS::Heat::None + OS::TripleO::Services::GnocchiStatsd: OS::Heat::None + OS::TripleO::Services::AodhApi: OS::Heat::None + OS::TripleO::Services::AodhEvaluator: OS::Heat::None + OS::TripleO::Services::AodhNotifier: OS::Heat::None + OS::TripleO::Services::AodhListener: OS::Heat::None + OS::TripleO::Services::PankoApi: OS::Heat::None diff --git a/environments/low-memory-usage.yaml b/environments/low-memory-usage.yaml index 3a606336..547dc31d 100644 --- a/environments/low-memory-usage.yaml +++ b/environments/low-memory-usage.yaml @@ -16,3 +16,5 @@ parameter_defaults: ControllerExtraConfig: 'nova::network::neutron::neutron_url_timeout': '60' + + DatabaseSyncTimeout: 900 diff --git a/environments/services-docker/zaqar.yaml b/environments/services-docker/zaqar.yaml index ca0b3b15..08033d91 100644 --- a/environments/services-docker/zaqar.yaml +++ b/environments/services-docker/zaqar.yaml @@ -1,2 +1,3 @@ resource_registry: OS::TripleO::Services::Zaqar: ../../docker/services/zaqar.yaml + OS::TripleO::Services::MongoDb: ../../docker/services/database/mongodb.yaml diff --git a/environments/services/ironic.yaml b/environments/services/ironic.yaml index 8359f4a7..b1317382 100644 --- a/environments/services/ironic.yaml +++ b/environments/services/ironic.yaml @@ -1,4 +1,5 @@ resource_registry: OS::TripleO::Services::IronicApi: ../../puppet/services/ironic-api.yaml OS::TripleO::Services::IronicConductor: ../../puppet/services/ironic-conductor.yaml + OS::TripleO::Services::IronicPxe: ../../puppet/services/ironic-pxe.yaml OS::TripleO::Services::NovaIronic: ../../puppet/services/nova-ironic.yaml diff --git a/overcloud.j2.yaml b/overcloud.j2.yaml index e1c70dc7..cd9369f0 100644 --- a/overcloud.j2.yaml +++ b/overcloud.j2.yaml @@ -293,6 +293,14 @@ resources: RoleName: {{role.name}} RoleParameters: {get_param: {{role.name}}Parameters} + # Lookup of role_data via heat outputs is slow, so workaround this by caching + # the value in an OS::Heat::Value resource + {{role.name}}ServiceChainRoleData: + type: OS::Heat::Value + properties: + type: json + value: {get_attr: [{{role.name}}ServiceChain, role_data]} + # Filter any null/None service_names which may be present due to mapping # of services to OS::Heat::None {{role.name}}ServiceNames: @@ -303,7 +311,7 @@ resources: value: yaql: expression: coalesce($.data, []).where($ != null) - data: {get_attr: [{{role.name}}ServiceChain, role_data, service_names]} + data: {get_attr: [{{role.name}}ServiceChainRoleData, value, service_names]} {{role.name}}HostsDeployment: type: OS::Heat::StructuredDeployments @@ -365,7 +373,13 @@ resources: EnabledServices: {get_attr: [{{role.name}}ServiceNames, value]} ServiceNetMap: {get_attr: [ServiceNetMap, service_net_map_lower]} ServiceHostnameList: {get_attr: [{{role.name}}, hostname]} - NetworkHostnameMap: + NetworkHostnameMap: {get_attr: [{{role.name}}NetworkHostnameMap, value]} + + {{role.name}}NetworkHostnameMap: + type: OS::Heat::Value + properties: + type: json + value: # Note (shardy) this somewhat complex yaql may be replaced # with a map_deep_merge function in ocata. It merges the # list of maps, but appends to colliding lists so we can @@ -403,7 +417,7 @@ resources: {% endif %} ServiceConfigSettings: map_merge: - - get_attr: [{{role.name}}ServiceChain, role_data, config_settings] + - get_attr: [{{role.name}}ServiceChainRoleData, value, config_settings] {% for r in roles %} - get_attr: [{{r.name}}ServiceChain, role_data, global_config_settings] {% endfor %} @@ -423,8 +437,8 @@ resources: {% endfor %} services: {get_attr: [{{role.name}}ServiceNames, value]} ServiceNames: {get_attr: [{{role.name}}ServiceNames, value]} - MonitoringSubscriptions: {get_attr: [{{role.name}}ServiceChain, role_data, monitoring_subscriptions]} - ServiceMetadataSettings: {get_attr: [{{role.name}}ServiceChain, role_data, service_metadata_settings]} + MonitoringSubscriptions: {get_attr: [{{role.name}}ServiceChainRoleData, value, monitoring_subscriptions]} + ServiceMetadataSettings: {get_attr: [{{role.name}}ServiceChainRoleData, value, service_metadata_settings]} {% endfor %} hostsConfig: @@ -465,7 +479,7 @@ resources: data: groups: {% for role in roles %} - - {get_attr: [{{role.name}}ServiceChain, role_data, logging_groups]} + - {get_attr: [{{role.name}}ServiceChainRoleData, value, logging_groups]} {% endfor %} logging_sources: yaql: @@ -474,7 +488,7 @@ resources: data: sources: {% for role in roles %} - - {get_attr: [{{role.name}}ServiceChain, role_data, logging_sources]} + - {get_attr: [{{role.name}}ServiceChainRoleData, value, logging_sources]} {% endfor %} controller_ips: {get_attr: [{{primary_role_name}}, ip_address]} controller_names: {get_attr: [{{primary_role_name}}, hostname]} @@ -686,7 +700,7 @@ resources: EndpointMap: {get_attr: [EndpointMap, endpoint_map]} role_data: {% for role in roles %} - {{role.name}}: {get_attr: [{{role.name}}ServiceChain, role_data]} + {{role.name}}: {get_attr: [{{role.name}}ServiceChainRoleData, value]} {% endfor %} outputs: @@ -725,7 +739,7 @@ outputs: description: The configuration data associated with each role value: {% for role in roles %} - {{role.name}}: {get_attr: [{{role.name}}ServiceChain, role_data]} + {{role.name}}: {get_attr: [{{role.name}}ServiceChainRoleData, value]} {% endfor %} RoleNetIpMap: description: Mapping of each network to a list of IPs for each role @@ -733,3 +747,9 @@ outputs: {% for role in roles %} {{role.name}}: {get_attr: [{{role.name}}IpListMap, net_ip_map]} {% endfor %} + RoleNetHostnameMap: + description: Mapping of each network to a list of hostnames for each role + value: +{% for role in roles %} + {{role.name}}: {get_attr: [{{role.name}}NetworkHostnameMap, value]} +{% endfor %} diff --git a/puppet/services/disabled/ceilometer-expirer-disabled.yaml b/puppet/services/disabled/ceilometer-expirer-disabled.yaml index e6d8ee6e..9b7b47ef 100644 --- a/puppet/services/disabled/ceilometer-expirer-disabled.yaml +++ b/puppet/services/disabled/ceilometer-expirer-disabled.yaml @@ -27,12 +27,24 @@ parameters: via parameter_defaults in the resource registry. type: json +resources: + CeilometerServiceBase: + type: ../ceilometer-base.yaml + properties: + ServiceNetMap: {get_param: ServiceNetMap} + DefaultPasswords: {get_param: DefaultPasswords} + EndpointMap: {get_param: EndpointMap} + RoleName: {get_param: RoleName} + RoleParameters: {get_param: RoleParameters} + outputs: role_data: - description: Role data for the disabled Ceilometer Expirer role. + description: Role data for the disabling Ceilometer Expirer role. value: service_name: ceilometer_expirer_disabled - upgrade_tasks: - - name: Stop and disable ceilometer_expirer service on upgrade - tags: step1 - service: name=openstack-ceilometer-expirer state=stopped enabled=no + config_settings: + map_merge: + - get_attr: [CeilometerServiceBase, role_data, config_settings] + - ceilometer::expirer::enable_cron: false + step_config: | + include ::tripleo::profile::base::ceilometer::expirer diff --git a/puppet/services/mistral-api.yaml b/puppet/services/mistral-api.yaml index 00406736..b865ec1f 100644 --- a/puppet/services/mistral-api.yaml +++ b/puppet/services/mistral-api.yaml @@ -36,8 +36,21 @@ parameters: e.g. { mistral-context_is_admin: { key: context_is_admin, value: 'role:admin' } } default: {} type: json + EnableInternalTLS: + type: boolean + default: false + +conditions: + mistral_workers_zero: {equals : [{get_param: MistralWorkers}, 0]} resources: + ApacheServiceBase: + type: ./apache.yaml + properties: + ServiceNetMap: {get_param: ServiceNetMap} + DefaultPasswords: {get_param: DefaultPasswords} + EndpointMap: {get_param: EndpointMap} + EnableInternalTLS: {get_param: EnableInternalTLS} MistralBase: type: ./mistral-base.yaml properties: @@ -57,12 +70,25 @@ outputs: - get_attr: [MistralBase, role_data, config_settings] - mistral::api::api_workers: {get_param: MistralWorkers} mistral::api::bind_host: {get_param: [ServiceNetMap, MistralApiNetwork]} + mistral::wsgi::apache::ssl: {get_param: EnableInternalTLS} mistral::policy::policies: {get_param: MistralApiPolicies} tripleo.mistral_api.firewall_rules: '133 mistral': dport: - 8989 - 13989 + mistral::api::service_name: 'httpd' + mistral::wsgi::apache::bind_host: {get_param: [ServiceNetMap, MistralApiNetwork]} + mistral::wsgi::apache::servername: + str_replace: + template: + "%{hiera('fqdn_$NETWORK')}" + params: + $NETWORK: {get_param: [ServiceNetMap, MistralApiNetwork]} + - if: + - mistral_workers_zero + - {} + - mistral::wsgi::apache::workers: {get_param: MistralWorkers} service_config_settings: get_attr: [MistralBase, role_data, service_config_settings] step_config: | @@ -79,10 +105,16 @@ outputs: grep '\bactive\b' when: mistral_api_enabled.rc == 0 tags: step0,validation - - name: Stop mistral_api service + - name: check for mistral_api running under apache (post upgrade) + tags: step1 + shell: "httpd -t -D DUMP_VHOSTS | grep -q mistral_api_wsgi" + register: mistral_api_apache + ignore_errors: true + - name: Stop mistral_api service (running under httpd) tags: step1 - service: name=openstack-mistral-api state=stopped - - name: Install openstack-mistral-api package if it was disabled - tags: step3 - yum: name=openstack-mistral-api state=latest - when: mistral_api_enabled.rc != 0 + service: name=httpd state=stopped + when: mistral_api_apache.rc == 0 + - name: Stop and disable mistral_api service (pre-upgrade not under httpd) + tags: step1 + when: mistral_api_enabled.rc == 0 + service: name=openstack-mistral-api state=stopped enabled=no diff --git a/puppet/services/neutron-ovs-dpdk-agent.yaml b/puppet/services/neutron-ovs-dpdk-agent.yaml index 8f3f7b27..fec9e2a1 100644 --- a/puppet/services/neutron-ovs-dpdk-agent.yaml +++ b/puppet/services/neutron-ovs-dpdk-agent.yaml @@ -27,20 +27,23 @@ parameters: via parameter_defaults in the resource registry. type: json HostCpusList: + default: "'0'" description: List of cores to be used for host process type: string constraints: - allowed_pattern: "'[0-9,-]+'" NeutronDpdkCoreList: + default: "''" description: List of cores to be used for DPDK Poll Mode Driver type: string constraints: - - allowed_pattern: "'[0-9,-]+'" + - allowed_pattern: "'[0-9,-]*'" NeutronDpdkMemoryChannels: + default: "" description: Number of memory channels to be used for DPDK type: string constraints: - - allowed_pattern: "[0-9]+" + - allowed_pattern: "[0-9]*" NeutronDpdkSocketMemory: default: "" description: Memory allocated for each socket @@ -75,6 +78,32 @@ resources: OpenVswitchUpgrade: type: ./openvswitch-upgrade.yaml + # Merging role-specific parameters (RoleParameters) with the default parameters. + # RoleParameters will have the precedence over the default parameters. + RoleParametersValue: + type: OS::Heat::Value + properties: + type: json + value: + map_replace: + - map_replace: + - neutron::agents::ml2::ovs::datapath_type: NeutronDatapathType + neutron::agents::ml2::ovs::vhostuser_socket_dir: NeutronVhostuserSocketDir + vswitch::dpdk::driver_type: NeutronDpdkDriverType + vswitch::dpdk::host_core_list: HostCpusList + vswitch::dpdk::pmd_core_list: NeutronDpdkCoreList + vswitch::dpdk::memory_channels: NeutronDpdkMemoryChannels + vswitch::dpdk::socket_mem: NeutronDpdkSocketMemory + - values: {get_param: [RoleParameters]} + - values: + NeutronDatapathType: {get_param: NeutronDatapathType} + NeutronVhostuserSocketDir: {get_param: NeutronVhostuserSocketDir} + NeutronDpdkDriverType: {get_param: NeutronDpdkDriverType} + HostCpusList: {get_param: HostCpusList} + NeutronDpdkCoreList: {get_param: NeutronDpdkCoreList} + NeutronDpdkMemoryChannels: {get_param: NeutronDpdkMemoryChannels} + NeutronDpdkSocketMemory: {get_param: NeutronDpdkSocketMemory} + outputs: role_data: description: Role data for the Neutron OVS DPDK Agent service. @@ -87,13 +116,7 @@ outputs: - keys: tripleo.neutron_ovs_agent.firewall_rules: tripleo.neutron_ovs_dpdk_agent.firewall_rules - neutron::agents::ml2::ovs::enable_dpdk: true - neutron::agents::ml2::ovs::datapath_type: {get_param: NeutronDatapathType} - neutron::agents::ml2::ovs::vhostuser_socket_dir: {get_param: NeutronVhostuserSocketDir} - vswitch::dpdk::host_core_list: {get_param: HostCpusList} - vswitch::dpdk::pmd_core_list: {get_param: NeutronDpdkCoreList} - vswitch::dpdk::memory_channels: {get_param: NeutronDpdkMemoryChannels} - vswitch::dpdk::socket_mem: {get_param: NeutronDpdkSocketMemory} - vswitch::dpdk::driver_type: {get_param: NeutronDpdkDriverType} + - get_attr: [RoleParametersValue, value] step_config: {get_attr: [NeutronOvsAgent, role_data, step_config]} upgrade_tasks: get_attr: [OpenVswitchUpgrade, role_data, upgrade_tasks] diff --git a/puppet/services/swift-proxy.yaml b/puppet/services/swift-proxy.yaml index f3b7ee4a..9a304edb 100644 --- a/puppet/services/swift-proxy.yaml +++ b/puppet/services/swift-proxy.yaml @@ -61,6 +61,10 @@ parameters: description: Set to False to disable the swift proxy ceilometer pipeline. default: True type: boolean + SwiftCeilometerIgnoreProjects: + default: ['services'] + description: Comma-seperated list of project names to ignore. + type: comma_delimited_list RabbitClientPort: default: 5672 description: Set rabbit subscriber port, change this if using SSL @@ -116,6 +120,10 @@ outputs: swift::proxy::workers: {get_param: SwiftWorkers} swift::proxy::ceilometer::rabbit_user: {get_param: RabbitUserName} swift::proxy::ceilometer::rabbit_password: {get_param: RabbitPassword} + swift::proxy::ceilometer::auth_uri: {get_param: [EndpointMap, KeystoneInternal, uri]} + swift::proxy::ceilometer::auth_url: {get_param: [EndpointMap, KeystoneInternal, uri_no_suffix]} + swift::proxy::ceilometer::password: {get_param: SwiftPassword} + swift::proxy::ceilometer::ignore_projects: {get_param: SwiftCeilometerIgnoreProjects} swift::proxy::staticweb::url_base: {get_param: [EndpointMap, SwiftPublic, uri_no_suffix]} swift::proxy::ceilometer::nonblocking_notify: true tripleo::profile::base::swift::proxy::rabbit_port: {get_param: RabbitClientPort} diff --git a/releasenotes/notes/change-db-sync-timeout-57abe3e48d741842.yaml b/releasenotes/notes/change-db-sync-timeout-57abe3e48d741842.yaml new file mode 100644 index 00000000..46f3b855 --- /dev/null +++ b/releasenotes/notes/change-db-sync-timeout-57abe3e48d741842.yaml @@ -0,0 +1,6 @@ +--- +fixes: + - | + During a deployment on lower spec systems, the "db sync" can take longer + than five minutes. value of DatabaseSyncTimeout has change from 300 + to 900 at the environment file "low-memory-usage.yaml". diff --git a/releasenotes/notes/mistral-mod-wsgi-24d41a6f427237ff.yaml b/releasenotes/notes/mistral-mod-wsgi-24d41a6f427237ff.yaml new file mode 100644 index 00000000..ae6401fb --- /dev/null +++ b/releasenotes/notes/mistral-mod-wsgi-24d41a6f427237ff.yaml @@ -0,0 +1,7 @@ +--- +features: + - Move Mistral API to use mod_wsgi under Apache. +upgrade: + - Mistral API systemd service will be stopped and + disabled. + |