summaryrefslogtreecommitdiffstats
AgeCommit message (Collapse)AuthorFilesLines
2017-02-06Remove precheck on services which run on httpd for upgradeMathieu Bultel2-6/+0
Those services is not handle with systemctl Change-Id: Ia57dffd42a11070696fda14f1e91de2993e63479
2017-02-06Merge "Provide a default value for Ironic cleaning_network configuration"Jenkins2-0/+19
2017-02-03Merge "Disable batch upgrade deployments for disabled roles"Jenkins1-43/+44
2017-02-03Merge "Reduce number of steps for upgrades"Jenkins3-14/+16
2017-02-03Merge "Simplify/fix config enabled conditions for upgrades"Jenkins1-12/+6
2017-02-03Merge "Configure VNC Server listen address through t-h-t"Jenkins2-0/+2
2017-02-03Merge "net-config-multinode: make controlplane int idempotent"Jenkins1-1/+3
2017-02-03net-config-multinode: make controlplane int idempotentEmilien Macchi1-1/+3
When doing a stack-update, it will try to create the control plane interface again. Add this conditional so the interface is not created if already exist. Note: this code has been taken from tripleo-ci and is consistent with how multinode jobs are currently tested. Co-Authored-By: James Slagle <jslagle@redhat.com> Co-Authored-By: Steven Hardy <shardy@redhat.com> Co-Authored-By: Mathieu Bultel <mbultel@redhat.com> Change-Id: I773fdf5359cead6961b595e3c8192b02406452b7 Related-Bug: #1661412
2017-02-03Provide a default value for Ironic cleaning_network configurationDmitry Tantsur2-0/+19
Ironic will soon refuse to start when at least some value is not provided. Unfortunately, we do not create any overcloud[*] networks during deployment. Fortunately, Ironic does not validate this value until actual cleaning. So, this change sets it to "provisioning", which is what people often use. An update will follow to the documentation to recommend this name: http://tripleo.org/advanced_deployment/baremetal_overcloud.html#configuring-cleaning A new parameter is created for this value, with a reminded to change it to an actual UUID later on. While a pre-defined name will work in a simplest case, in a real multi-tenant deployment a network name conflict is possible. Using a UUID is safer in this regard. [*] networks created in overcloud neutron Change-Id: I1b7dc2ff70d3b76f19a183a60e88cf72f6d2a318 Closes-Bug: #1661082
2017-02-03Disable batch upgrade deployments for disabled rolesSteven Hardy1-43/+44
Currently we don't correctly disable the batch_upgrade_tasks, so rework the loops to ensure we only create the batch deployments for roles which enabled upgrades. Note this modifies some loop whitespace too which cleans up the rendered output and makes it a bit more readable/compact. Change-Id: I1c257dcc351e99efa54f9cae4b3009287908756e Partially-Renders: blueprint overcloud-upgrades-per-service
2017-02-03Reduce number of steps for upgradesSteven Hardy3-14/+16
We don't need all the steps currently enabled for either batched or concurrent updates, so decrease them. In future we can perhaps introspect the task tags during plan creation and set these dynamically. Change-Id: I0358886a332dfbecd03bc4a67086b08d25756c22 Partially-Implements: blueprint overcloud-upgrades-per-service
2017-02-03Simplify/fix config enabled conditions for upgradesSteven Hardy1-12/+6
We should enable each kind of upgrade per role, not per step so rework the conditions, and also only apply it to the deployment (to save the round-trip to the nodes applying an empty config) but don't disable the *Config resources as the overhead of these is small, and we reference the Step1 config in the outputs, even if it's empty. Change-Id: Iee2f1fb5b1d8b0b6001c6ab0f2a4ef2858cef281 Partially-Implements: blueprint overcloud-upgrades-per-service
2017-02-03Disable puppet on upgrade for roles not upgradingSteven Hardy8-116/+136
Where the role has disabled upgrades, we need to skip both the ansible and puppet steps. To do this we refactor the post.j2.yaml so that it can be included in the upgrade template with an adjusted list of roles. Note this requires https://review.openstack.org/#/c/425220/ - this change will be required for local testing of this patch (run mistral-db-mange populate after updating tripleo-common and restart the mistral services, or update your repos and re-run openstack undercloud install). Partially-Implements: blueprint overcloud-upgrades-per-service Change-Id: Ie7d0fa6fef3528bd93e6cde076b964ea8de3185a
2017-02-03Merge "Moving the validation for using the template alias version for all ↵Jenkins3-6/+9
templates"
2017-02-03Merge "Switch item notation to jinja format"Jenkins1-2/+2
2017-02-02CI: enable debug on multinode and upgrade jobEmilien Macchi2-0/+2
We're running TripleO CI jobs outside TripleO projects (nova, gnocchi, etc), folks need more debug to be helpful. Change-Id: I512ad89d9ac82ae62f9cbe7d0029fb1ac7445cc9
2017-02-02Switch item notation to jinja formatMarius Cornea1-2/+2
This change fixes the item variable notation in puppet/services/ceph-osd.yaml. Change-Id: I4d105619e4ac913b4a711bf91fea5f6e3c9b4caa Closes-Bug: 1661339
2017-02-02Merge "Allow the override of pacemaker::corosync::settle_tries"Jenkins1-0/+7
2017-02-02Merge "Don't run yum_update.sh inside docker"Jenkins1-0/+5
2017-02-02Merge "Temporary UCSM mapping files should be opened with write mode"Jenkins1-2/+6
2017-02-02Merge "Use common directory in CI scenario for net-config"Jenkins1-2/+2
2017-02-02Merge "Don't run ceilometer-upgrade via upgrade_tasks"Jenkins1-3/+0
2017-02-02Moving the validation for using the template alias version for all templatesCarlos Camacho3-6/+9
Currently we are applying this validation for the services templates, this submission moves it to run with all templates. Also fixed those templates not using the alias name. Change-Id: I3a2c0ce6adcc8061fdc51f73fdc6b9748c0fead9
2017-02-01Merge "Add more explicit messagae to build_endpoint_map's check option"Jenkins1-2/+3
2017-02-01Merge "Add deployed server bootstrap for RHEL"Jenkins3-0/+42
2017-02-01Merge "Validate that endpoint_map.yaml is up to date in the gate"Jenkins1-0/+1
2017-02-01Merge "Add ability to toggle swift's ceilometer transport_url SSL"Jenkins1-0/+7
2017-02-01Add more explicit messagae to build_endpoint_map's check optionJuan Antonio Osorio Robles1-2/+3
This will hopefully help developers know what to do if their patch fails this verification. Change-Id: I01fe9ca30295c6264affdbdb773b039a744289ea
2017-02-01Validate that endpoint_map.yaml is up to date in the gateZane Bitter1-0/+1
Change-Id: I72aa48c72c825151739cb478c58e9a6c841c9130
2017-02-01Configure VNC Server listen address through t-h-tJuan Antonio Osorio Robles2-0/+2
This adds an entry for libvirt (which is used by the VNC server) on which we can tell it via t-h-t on which IP address to listen on. Change-Id: Ie377c09734e9f6170daa519aed69c53fc67c366b Related-Bug: #1660099
2017-02-01Don't run ceilometer-upgrade via upgrade_tasksSteven Hardy1-3/+0
This needs to be run by puppet or ansible runs it as root and the later run by puppet fails due to permissions on the logfile. Probably we need to remove the *sync calls for most services to avoid similar issues, now that we're running puppet as part of the pre-converge upgrade process but that will be done in another patch. Change-Id: I808db2c175325a25058226842684558ea06fb5c5 Partially-Implements: blueprint overcloud-upgrades-per-service
2017-02-01Remove Gemfile and RakefileEmilien Macchi2-31/+0
We are not running syntax and lint jobs in THT for master & newton, let's remove useless files. Change-Id: Ia572a0eb8872ab199bc68a51750dfc17ca5ee034
2017-02-01Disable the deprecation warnings as errors for puppet-syntaxEmilien Macchi1-0/+1
Recently puppet4 started deprecating ruby 2.0 with the following commit: https://github.com/puppetlabs/puppet/commit/e9eda7ed56fddcf185fc155d7e0ae054ea327504 One way to work-around this (in the absence of a more recent ruby version) is to not treat this deprecation warnings as fatal when doing the puppet syntax check Change-Id: Id49c5068ab4609e3da0417af4714e8cb8485f3d1 Closes-Bug: #1660943
2017-01-31Add ability to toggle swift's ceilometer transport_url SSLJuan Antonio Osorio Robles1-0/+7
So, if RabbitClientUseSSL is set, this will enable TLS for the swift's ceilometer message broker connection. Change-Id: Ide70a509aefc9e7eb9d7cc5b3a60520fa42b4010 Depends-On: I8b7457b6233c4f88af2d7bc1b9304fcccb6edf61
2017-01-31Merge "Configure DPDK options to isolate PMD cores and ovs process cores"Jenkins1-1/+7
2017-01-31Merge "docker: eliminate copy-json.py in favor of json-file"Jenkins7-107/+54
2017-01-31Merge "Removes deprecated neutron-opendaylight-l3 env file"Jenkins1-14/+0
2017-01-31Use common directory in CI scenario for net-configMathieu Bultel1-2/+2
The multinode_major_upgrade scenario is using an external directory for net-config. Moving this to the internal directory in tht common/ Change-Id: I41692d2ddb9fbd2002fd7910933ab4edff74f33e
2017-01-30Merge "Add upgrade support for CephRGW service"Jenkins1-0/+11
2017-01-30Merge "multinode/upgrade: set heat::rpc_response_timeout to 600"Jenkins1-0/+1
2017-01-29docker: eliminate copy-json.py in favor of json-fileDan Prince7-107/+54
This patch rewires how we configure the Kolla external config files via Heat templates and uses a more simple json-file heat hook to directly write out Kolla config files to disk. By using a heat hook instead of a shell script we can avoid Json conversion issues. Additionally, This generic json file hook will be useful for other ad-hoc Json file configuration within the TripleO docker architecture. Co-Authored-By: Martin André <m.andre@redhat.com> Change-Id: I8c72a4a9a7022f722bfe1cef3e18517605720cce Depends-On: I2b372ac2e291339e436202c9fe58a681ed6a743f Depends-On: Id3f779b11e23fd3122ef29b7ccbae116667d4520
2017-01-27Merge "Add AuditD composable service"Jenkins6-0/+184
2017-01-27Merge "Pass parameters for TLS proxy in front of neutron server"Jenkins1-1/+32
2017-01-27multinode/upgrade: set heat::rpc_response_timeout to 600Emilien Macchi1-0/+1
Continue the work done on https://review.openstack.org/#/c/423302/ Change-Id: I931534e0ec33e131809186f74068eb479d38a0f9
2017-01-27Merge "Remove create-legacy-resource-types opts"Jenkins1-1/+1
2017-01-27Merge "Use os-net-config in multinode jobs"Jenkins6-10/+124
2017-01-27Pass parameters for TLS proxy in front of neutron serverJuan Antonio Osorio Robles1-1/+32
If TLS in the internal network is enabled, we run neutron-server behind a TLS proxy (which is actually httpd's mod_proxy). This passes the necessary hieradata. bp tls-via-certmonger Depends-On: I6dfbf49f45aef9f47e58b5c0dbedd2b4e239979e Change-Id: I9252512dbf9cf2e3eec50c41bf10629d36070bbd
2017-01-27Use os-net-config in multinode jobsEmilien Macchi6-10/+124
Full credits to James Slagle, author of this code in TripleO CI: https://review.openstack.org/#/c/409346 This patch adds a new template for configuring networking on the Overcloud nodes using os-net-config in multinode jobs. Previously we were not using os-net-config at all. Also updates the multinode.yaml environment to use this network config template. The IP of each subnode is used when the vxlan tunnels are configured in OVS, given that, each node needs its own unique network configuration. To accomodate that, the templates makes use of the network_config_hook function to influence run-os-net-config.sh This patch is just the first step to totally switching to os-net-config in multinode jobs. The devstack-gate code is still in use to bootstrap the initial networking on the undercloud and subnodes. That will be switched over in subsequent patches. Change-Id: I6efa71eb23109d0b3b480061135c572ab89f5981 Co-Authorized-By: James Slagle <jslagle@redhat.com> Implements: blueprint multinode-ci-os-net-config
2017-01-27Add support for Jinja2 includesOliver Walsh1-1/+8
This replicates the behavior of the custom Jinja2 loader from tripleo-common to allow template validation on the local filesystem using tox. Change-Id: I27683ab31187c6334dc5b4b5363a3347874b9a90 Partially-Implements: blueprint overcloud-upgrades-per-service Depends-On: Idc5c3f49c7a2fc7f3622c76da001992cc657384e
2017-01-27Add AuditD composable serviceSteven Hardy6-0/+184
This patch allows the management of the AuditD service and its associated files (such as `audit.rules`) This is achieved by means of the `puppet-auditd` puppet module. Also places ssh banner capabilities map on top of patch Change-Id: Ib8bb52dde88304cb58b051bced9779c97a314d0d Depends-On: Ie31c063b674075e35e1bfa28d1fc07f3f897407b