| Age | Commit message (Collapse) | Author | Files | Lines |
|---|
|
Despite passing bind-address for MariaDB in overcloud_controller.pp
correctly, it was always trying to bind on 0.0.0.0. The problem is
caused by Galera's config file (we install Galera into the image even
though we don't use it yet). Galera's default config file contains
override of the bind-address value to 0.0.0.0, and the setting from
galera.cnf took precendence over what was in server.cnf.
The mariadb-galera-server package assumes that the main config happens
in galera.cnf and it ships an almost empty server.cnf. We now have an
EnableGalera param, when it's set to true the mysql module will manage
galera.cnf instead of server.cnf, overriding the default values from
galera.cnf and fixing the issue.
Change-Id: I7c2fd41d41dcf5eb4ee8b1dbd74d60cc2cabeed9
Closes-Bug: #1442256
|
|
|
|
Passing the key explicitly into nova::compute::rbd means that Puppet
will not attempt to fetch the key using `ceph auth get-key <keyring>`,
having these effects:
* One reason for compute node to have access to the client.admin key is
gone (in current implementation it does have access to the key, but
this change is a step towards removing it).
* Ceph cluster doesn't have to be running at the time when Puppet runs
on compute node, meaning we don't have to serialize things more than
we do now.
Also adding the ComputeCephDeployment as a dependency of
ComputePostDeployment, otherwise the hiera file it creates might be
created *after* Puppet configuration happens on compute nodes, and the
values it provides would be missing during the Puppet run on the compute
nodes.
Change-Id: Id3166e6d5f01d18ec8a5033398bb511f4321a5e8
Depends-On: I70da06159c0d3c6fa204b5f7a468909ffab4d633
Partial-Bug: #1439949
|
|
Change-Id: Id193f8c13e3ad3e05bd884be5ba65621b9369d0e
|
|
|
|
|
|
This should have been removed with change
I1bb8ee15d361638d77c5df7f8c03561c34f4c88f
Change-Id: I20d4099aabe5ae9f89db45fd3db585067cab01f5
|
|
|
|
Ceph will not be supported in the (already) deprecated with-mergepy
templates.
Change-Id: If6482b4ac03899ea552442edf01ebfeb4fb97a7a
|
|
When trying out Ceph functionally the CephClusterFSID parameter
must be a UUID.
Additionally, the MonKey and AdminKey parameters should be
generated via ceph-authtool (or equivalently generated) to
ensure they work properly with the Ceph configuration.
Change-Id: I0c327843ef225d330d1c668f53324973c78d3505
|
|
Currently it is possible to know what is the hostname of the boostrap
nodeid but not its IP. Since depending on the use case the use of the IP
might be needed, a way to have access to this information should be
provided.
Change-Id: I9d0a7ee7de2088ddb87e0d8a8ae2b3ac75b0e78d
|
|
|
|
|
|
This updates all of the puppet roles to use an optional
osfamily hieradata file which can be used to provide
distro specific settings.
Also, updates the controller role to make use of this
new file for setting the rabbitmq package_provider
parameter.
Change-Id: I46417db51b87b82bf276dfcef5647a90c37fb07d
|
|
Propagate the top-level Debug parameter wherever it makes sense.
Swift doesn't have this kind of debug setting, it only allows to
configure log levels, so we'll need a different approach there.
Change-Id: I15332315a2fbaeaf924cde4e748fb0e064a778b7
|
|
|
|
|
|
|
|
|
|
|
|
|
|
Currently tripleo::loadbalancer allow a controller to have only itself
as a backend for a service, no matter the number of controller nodes.
This patch fixes that using all controller nodes available.
Change-Id: Ic8fc022b84850c669b19d37da7f275d9c811e694
Depends-On: I2a46c250bc3325eef9c3128cac2ab45c88b1ae75
|
|
This resolves a formatting issue with the Cinder enabled_backends
config file setting. Previously we would potentially construct
an array with an undef value at the end if iscsi was enabled
but ceph was not (this is the case for our current CI job).
When an array formatted like ['tripleo_iscsi', undef] is then
passed to join() in puppet-cinder to construct a string it leaves
us with an extra ',' on the end of the string. This causes
problems in that cinder-volume loads an extra (system default)
cinder volume process which is not expected.
Because Fedora uses LIO as a default it was causing about half
of our CI runs to fail if the tgtadm cinder-volume process
wasn't being chosen by the scheduler.
Closes-bug: #1437708
Change-Id: I3383012cb43792f334fdf789dc13147a3cb5ad63
|
|
A change [1] in puppet-ceph offers more flexibility but breaks
backwards so we had to update our composition layer as well; we gain
control of the cephx keyring in the template though.
1. Ie6adbd601388ab52c37037004bd0ceef9fc41942
Change-Id: Ia8196849afce2969daa608828cec81ebe3ac96e1
|
|
Compute nodes run libvirt, which automatically creates a default network
which has the same address space (192.168.122.*) as the libvirt default
network on the host machine where devtest is running. This overlap
causes that when a compute node wants to send a packet to the host
machine (192.168.122.1) it gets incorrectly routed through the compute
node's own virbr0 instead of br-ex. The current solution does not seem
to be enough because libvirt gets started and creates the default
network before Puppet is triggered on compute nodes. Making sure the
libvirt default network is destroyed on the compute node fixes the
issue.
We don't have any puppet modules in OPM that would deal with libvirt
networks and it's probably not worth exploring and adding one because of
this small issue (i don't expect another use case of managing libvirt
networks directly), so i'm using an exec with proper idempotency
check.
Change-Id: Icde12aa204ed1f7fa35b0525875ce07db34dc42c
Closes-Bug: #1436822
|
|
We need a list of hosts where MongoDB is supposed to run (as a list of
IP addresses, not names) to implement MongoDB support in overcloud.
Change-Id: I4b80f13be7e50630314d0642fa32b7763b6a2921
|
|
* Create hiera file 'all_nodes' instead of 'rabbit' -- we'll want
allNodesConfig to create keys for more services (e.g. mongo_node_ips)
and it's not necessary to create a separate hiera file for each.
* Rename rabbit_nodes to mongo_node_names -- we'll have more node lists,
some services will need hostnames, some services will need IPs, some
might need both, so we shouldn't have ambiguity in the hiera key
names.
Change-Id: If80f9c9b2849ae893e1ab78f1c4d246a2468665c
|
|
Purpose of this change is to enable on the server
side the ha-mode policy for all queues when nodes
are clustered.
Change-Id: I16e3d375aabac9dbcdc198c71069086951e40fc0
|
|
With this change we wire the NeutronL3HA parameter to the puppet
class, where needed.
Change-Id: I37b3850f71885a93859b5e51925df379616fc6ab
|
|
Change-Id: I1bb8ee15d361638d77c5df7f8c03561c34f4c88f
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
This patch updates the puppet modules to use new identity_uri
and auth_uri settings instead of the old 'auth_host' parameters
for keystone auth_token middleware. This avoids some deprecation
warnings in our puppet logs.
Change-Id: I805b28d4135b13eef7082fda78956816c985c323
|
|
The upcoming heat hook/breakpoint features will enable stepped deployments
via setting stop points via the resource_registry.
For this to work, we need hard dependencies between each step of the
puppet deployments, because the current "soft" dependencies caused by the
name property only influences the hook script application ordering, not
the graph traversed by heat during deployment.
Since removing the name: puppet_n completely removes some useful self-
documenting context, move this to a resource naming convention, which
should also be useful for heat hooks/breakpoints, as they are expected
to support globbed specification of each step.
Related heat patch (not yet landed, but this is not dependent on it):
https://review.openstack.org/#/c/146123/
Change-Id: I05b02a46d4e80c08a308d033c33d4901c8f6c94e
|
|
This commit aims to add support for Ceph as a cinder and a nova backend.
* Allows creation of Ceph pools from heat (Default: volumes, vms)
* Creates the proper ceph user and inject the keys
* Applies the proper configuration in cinder.conf and nova.conf
* Enable the backend out of the box
Co-Authored-By: Giulio Fidente <gfidente@redhat.com>
Change-Id: Ic17d7a665de81a8bab5e34035abe90eda4bc889f
|
|
|
|
Currently the MysqlRootPassword parameter is retrieved from the
templates but not honored, preventing a user to specify it.
This commit fixes that.
Change-Id: Ib6842736a37aea3cc16f1a7c75fc877408682bf7
|
|
|
|
The loadbalancer Puppet code moved to puppet-tripleo (lightweight)
composition layer.
This patch aims to use it and refactor the loadbalancer.pp file.
Co-Authored-By: Dan Prince <dprince@redhat.com>
Change-Id: I1765ac9b6cb01cb64d5d28dad646674ddca859e9
|
|
Currently we have a hard-coded default for auth_encryption_key,
which isn't ideal as it's used as a salt for the DB encryption.
Instead, reference an OS::Heat::RandomString resource so we create
a random key for each deployment.
Change-Id: Ic76b89db17603c114d98d28c01f75cc287fb2e90
|
|
Updates the puppet configuration for the Ceilometer auth agent
so that we do the join conversions in the Heat templates and
use only hiera for configuration of the ::ceilometer::agent::auth
class.
Change-Id: I932afafe21b2485a0581ac3910ac9d46161eee0d
|
|
Updates the puppet configuration for the Nova glance configs
so that we do the join conversions in the Heat templates and
use only hiera for configuration of the ::nova class.
Change-Id: Id12fb05470470558f1dccd45150bfce00a554466
|
|
Updates the puppet configuration for the Nova neutron configs
so that we do the join conversions in the Heat templates and
use only hiera for configuration of the ::nova::network::neutron
class. This updates the compute configuration to match what
we now do on the controller as well.
Change-Id: I2b352551777f64e0ceb119f48cc3b3ab1779f4d5
|
|
Currently Cinder iscsi backend is configured within the DEFAULT section.
Since we aim to support multibackend, this commit puts the iscsi backend
in its own section and enable it by default configuring it properly.
Also adds a parameter which can be used to disable the default backend.
Co-Authored-By: Giulio Fidente <gfidente@redhat.com>
Change-Id: I05fb44b59829c0afa8a6588956a48320f2f65159
|
|
|
Jiri Stransky
Jenkins
Giulio Fidente
Dan Prince
Yanis Guenane
Emilien Macchi
Steven Hardy