summaryrefslogtreecommitdiffstats
AgeCommit message (Collapse)AuthorFilesLines
2017-01-26Add release note for composable upgradesSteven Hardy1-0/+14
Adds an initial release note for composable upgrades - I had to be vague in the upgrades section as we're still working out some details of the final upgrade workflow for all roles. Change-Id: Iac0af86f3b56a07070a9d24b1255953f5fd07b34
2017-01-26Merge "Add support for batched upgrades to composable upgrades"Jenkins4-5/+86
2017-01-26Merge "Add snmp service support for composable upgrades"Jenkins1-0/+4
2017-01-26Add SkipUpgradeConfigTags for upgrade configSteven Hardy2-0/+12
It may be that we want ways to selectively disable certain tasks, such as pre-flight validations that might fail when restarting an upgrade from a failed state. This shows a way we might do that. Depends-On: I18214f80be9f3ad6c2d385fc00f3b786d3e7dda3 Change-Id: Ibffaaf1de0baf47a0450daa5b7cbb57d38746556
2017-01-26Merge "Add release notes for Ocata 6.0.0"Jenkins1-0/+95
2017-01-25Merge "Manage password_validator regex"Jenkins3-0/+27
2017-01-25Merge "Auto-set SwiftMountCheck and SwiftUseLocalDir settings"Jenkins2-2/+23
2017-01-25Add support for batched upgrades to composable upgradesSteven Hardy4-5/+86
Some services (e.g ceph mon) require upgrading in batches (the old upgrade architecture did the ceph mon upgrade one controller at a time). This interface enables doing the same, and over time we can probably move more services into this interface (e.g when services support rolling upgrades) to reduce downtime. Change-Id: If581f301a5493ef33ac1386bdc22f9fca4f2544e Partially-Implements: blueprint overcloud-upgrades-per-service
2017-01-25Merge "Add Octavia API service definitions"Jenkins8-0/+424
2017-01-25Merge "Add ec2-api service"Jenkins12-0/+393
2017-01-25Merge "Add metadata settings for needed kerberos principals"Jenkins18-20/+175
2017-01-25Merge "Ignore systemctl return code in yum_update.sh"Jenkins1-1/+1
2017-01-25Add release notes for Ocata 6.0.0Emilien Macchi1-0/+95
Change-Id: I0d56dfe012d97e8f7206e8777c1b72a6797c328d
2017-01-25Manage password_validator regexLuke Hinds3-0/+27
Horizon provides a password validation check, which OpenStack cloud operators can use to enforce password complexity checks for users within horizon. A dictionary containing a regular expression can be used for password validation with help text that is displayed if the password does not pass validation. HORIZON_CONFIG["password_validator"] = { "regex": '.*', "help_text": _("Your password does not meet the requirements."), } This change allows injection of the regex into horizons local_settings file from a tripleo heat template Change-Id: Ib6517c8f96148bea002b0e3442a26367b236928f Depends-On: If82a80ed6a8e6e65aecc2a25ee6d60640ae03c9a Closes-Bug: #1640800
2017-01-25Add snmp service support for composable upgradesSteven Hardy1-0/+4
Change-Id: Ifa10b764ae7c67e089c0d2506a49e474135083bb Partially-Implements: blueprint overcloud-upgrades-per-service
2017-01-25Merge "Remove spurious for loop from post deploy j2"Jenkins1-7/+2
2017-01-25Merge "Add glance registry service to disable on upgrade"Jenkins2-0/+31
2017-01-25Merge "pacemaker remote profile support"Jenkins5-0/+66
2017-01-24Remove spurious for loop from post deploy j2Steven Hardy1-7/+2
This nested for loop is wrong as it generates all steps for all roles twice. This works because yaml parsing ignores the duplicate resources, but it's a big waste of space in swift (this fix reduces the rendered file size by over 2000 lines with the default roles!) Change-Id: Ifaf860020839390147c92848d52b1a59e355dc50 Closes-Bug: #1659139
2017-01-24Merge "Pass parameters for TLS proxy in front of Glance-API"Jenkins3-1/+36
2017-01-25Add metadata settings for needed kerberos principalsJuan Antonio Osorio Robles18-20/+175
These are only used for TLS-everywhere, and fills up the kerberos principals that will need to be created for the certs used by the overcloud. With this, the metadata hook will format these principals correctly and will further pass them on to the nova metadata service. Where they can be used if there's a plugin enabled. bp tls-via-certmonger bp novajoin Change-Id: I873094bb69200052febda629fda698a7a782c031
2017-01-24Merge "Import multinode + pingtest from tripleo-ci"Jenkins3-0/+266
2017-01-24Merge "cinder-api: cleanup TODO"Jenkins1-3/+0
2017-01-24Add glance registry service to disable on upgradeSteven Hardy2-0/+31
We've broken the upgrade job because anyone upgrading with the glance registry deployed (and defined in their *Services parameters) will try to deploy with the old glance-registry.yaml defined in heat. Instead we define a template which stops and disables the service on upgrade. Closes-Bug: #1659079 Change-Id: I03561954d794afae2be06811375d16611fa45973
2017-01-24Merge "Specify what to do if endpoint map environment don't match"Jenkins1-2/+2
2017-01-24Merge "Add disable_upgrade_deployment flag to roles_data.yaml"Jenkins2-1/+12
2017-01-24Import multinode + pingtest from tripleo-ciEmilien Macchi3-0/+266
* Import multinode-3nodes roles data * Import multinode * Import tenantvm_floatingip pingtest We are importing these files from tripleo-ci because they contain some informations that need to be versionned (TripleO services, data binding, etc), specific to TripleO versions. Change-Id: I9d4ab144f98e8bd46cad2c29411d1270f6469b91
2017-01-24cinder-api: cleanup TODOEmilien Macchi1-3/+0
Cleanup some TODO. Change-Id: I84e369a9797359fea124e00e2007ae745a96847a
2017-01-24Specify what to do if endpoint map environment don't matchJuan Antonio Osorio Robles1-2/+2
this attempts to make the error message more useful. This error message happens if the environment files containing endpoint map overrides haven't been updated to match the base endpoint map (or the defaults). Change-Id: If53d3a9d7848aed62ebb235afe8b14c18d1b284d
2017-01-24Pass parameters for TLS proxy in front of Glance-APIJuan Antonio Osorio Robles3-1/+36
If TLS in the internal network is enabled, we run glance-api beind a TLS proxy (which is actually httpd's mod_proxy). This passes the necessary hieradata. bp tls-via-certmonger Change-Id: I693213a1f35021b540202240e512d121cc1cd0eb Depends-On: Id35a846d43ecae8903a0d58306d9803d5ea00bee
2017-01-24Merge "scenario002: updating volume encryption provider"Jenkins1-1/+1
2017-01-24Add ec2-api serviceSven Anderson12-0/+393
This change adds the ec2api service using the tripleo::profile::base::nova::ec2api profile. The deprecated nova-cert service is not supported, and therefore the RegisterImage action is not supported either. Change-Id: I2510fd4ed935d8423216fff9ce3adf2d69c9c804 Depends-On: If4b091e1ca02f43aa9c65392baf8ceea007b7cfb
2017-01-24Merge "Add support for not using admin_token in Ceph/RGW"Jenkins1-4/+9
2017-01-24pacemaker remote profile supportMichele Baldessari5-0/+66
This adds a pacemaker_remote puppet service so that an operator can automatically deploy pacemaker-remote on nodes of his choice. Change-Id: I9678606b3de9b9f4c03014b33c1dd27fcba67513 Depends-On: I581552dfa64160e2f82f6a9b8f2ae521c3d6da8d Depends-On: I92953afcc7d536d387381f08164cae8b52f41605
2017-01-24scenario002: updating volume encryption providerEmilien Macchi1-1/+1
https://review.openstack.org/#/c/416672 made the new luks provider required. Let's use it. Closes-Bug: #1658755 Change-Id: Icc7c3c933af6621959ce3e6af99c73b4afd87509
2017-01-23Merge "Add THT for fossw ML2 plugin in networking-fujitsu"Jenkins5-0/+107
2017-01-23Merge "Allow for specifying the output_dir"Jenkins1-5/+28
2017-01-23Merge "Ignore hidden files in directories"Jenkins1-0/+12
2017-01-23Merge "Expose instance discovery method for compute agent"Jenkins1-1/+9
2017-01-23Allow for specifying the output_dirFlavio Percoco1-5/+28
Allow for passing the output_dir in the process-templates scripts so that it doesn't overwrites the templates in the src dir. This is a desired feature when running the script from a t-h-t installed system-wide. Change-Id: I47994d34f47a4084a11124bc9075cb2f457889ea
2017-01-23Ignore hidden files in directoriesFlavio Percoco1-0/+12
Don't walk through hidden files. This avoids going through the .git, .tox and other hidden directories that we don't care about. Change-Id: I34b83229775d221299c8b572a7049175debac99d
2017-01-20Merge "cinder: move glance params into base"Jenkins2-0/+3
2017-01-20Merge "Set manila default_share_type config option"Jenkins1-0/+1
2017-01-20Merge "Make ServiceNetMap support custom network names"Jenkins1-12/+52
2017-01-20Add support for not using admin_token in Ceph/RGWKeith Schincke1-4/+9
This patch adds support for using Keystone V3 authentication with Ceph/RGW. This removes the usage of the admin_token Change-Id: I3265b787ed1f059f86fdc80a91d0f7ed498c1e16 Depends-On: I42861afcac221478dcb68be13b6dbc2533a7f158
2017-01-20Merge "Add sahara service support for composable upgrades"Jenkins2-0/+11
2017-01-20Merge "Move nova placement hiera to nova-base"Jenkins2-4/+8
2017-01-20Merge "Add swift service support for composable upgrades"Jenkins2-0/+21
2017-01-20Add disable_upgrade_deployment flag to roles_data.yamlmarios2-1/+12
As part of the composable upgrades current plan is to disable the composable upgrades steps running on a particular role (e.g. all compute nodes) in favor of a later operator driven upgrades process as has previously been the case This adds the disable_upgrade_deployment flag to roles_data as a first step. Thanks to shardy for his help with this. Change-Id: Ice845742a043b34917e61f662885786c73e955fd
2017-01-20Set manila default_share_type config optionJan Provaznik1-0/+1
Manila default_share_type config option is by default unset. This option is used by manila when a user creates a new share and doesn't specify share type explicitly. Albeit it's not hard requirement to have this option set to run Manila service, it's convenient to set a default share type and also it seems to be a general community opinion that this option should be set. Note that setting this option does not create the share type itself (this still has to be done manually which is probably best because admins may want customize default type settings according to their needs). Change-Id: Iab60e42c7f347bbf074d60eb91dd4a1f6a94d3a6 Closes-Bug: #1654204