Age | Commit message (Collapse) | Author | Files | Lines |
|
Those services is not handle with systemctl
Change-Id: Ia57dffd42a11070696fda14f1e91de2993e63479
|
|
|
|
|
|
|
|
|
|
|
|
|
|
When doing a stack-update, it will try to create the control plane
interface again.
Add this conditional so the interface is not created if already exist.
Note: this code has been taken from tripleo-ci and is consistent with
how multinode jobs are currently tested.
Co-Authored-By: James Slagle <jslagle@redhat.com>
Co-Authored-By: Steven Hardy <shardy@redhat.com>
Co-Authored-By: Mathieu Bultel <mbultel@redhat.com>
Change-Id: I773fdf5359cead6961b595e3c8192b02406452b7
Related-Bug: #1661412
|
|
Ironic will soon refuse to start when at least some value is not provided.
Unfortunately, we do not create any overcloud[*] networks during deployment.
Fortunately, Ironic does not validate this value until actual cleaning. So,
this change sets it to "provisioning", which is what people often use.
An update will follow to the documentation to recommend this name:
http://tripleo.org/advanced_deployment/baremetal_overcloud.html#configuring-cleaning
A new parameter is created for this value, with a reminded to change it to
an actual UUID later on. While a pre-defined name will work in a simplest case,
in a real multi-tenant deployment a network name conflict is possible.
Using a UUID is safer in this regard.
[*] networks created in overcloud neutron
Change-Id: I1b7dc2ff70d3b76f19a183a60e88cf72f6d2a318
Closes-Bug: #1661082
|
|
Currently we don't correctly disable the batch_upgrade_tasks, so
rework the loops to ensure we only create the batch deployments
for roles which enabled upgrades.
Note this modifies some loop whitespace too which cleans up the
rendered output and makes it a bit more readable/compact.
Change-Id: I1c257dcc351e99efa54f9cae4b3009287908756e
Partially-Renders: blueprint overcloud-upgrades-per-service
|
|
We don't need all the steps currently enabled for either batched
or concurrent updates, so decrease them. In future we can perhaps
introspect the task tags during plan creation and set these
dynamically.
Change-Id: I0358886a332dfbecd03bc4a67086b08d25756c22
Partially-Implements: blueprint overcloud-upgrades-per-service
|
|
We should enable each kind of upgrade per role, not per step
so rework the conditions, and also only apply it to the deployment
(to save the round-trip to the nodes applying an empty config)
but don't disable the *Config resources as the overhead of these
is small, and we reference the Step1 config in the outputs, even
if it's empty.
Change-Id: Iee2f1fb5b1d8b0b6001c6ab0f2a4ef2858cef281
Partially-Implements: blueprint overcloud-upgrades-per-service
|
|
Where the role has disabled upgrades, we need to skip both the ansible and
puppet steps. To do this we refactor the post.j2.yaml so that it can be
included in the upgrade template with an adjusted list of roles.
Note this requires https://review.openstack.org/#/c/425220/ - this
change will be required for local testing of this patch
(run mistral-db-mange populate after updating tripleo-common
and restart the mistral services, or update your repos and re-run
openstack undercloud install).
Partially-Implements: blueprint overcloud-upgrades-per-service
Change-Id: Ie7d0fa6fef3528bd93e6cde076b964ea8de3185a
|
|
templates"
|
|
|
|
We're running TripleO CI jobs outside TripleO projects (nova, gnocchi,
etc), folks need more debug to be helpful.
Change-Id: I512ad89d9ac82ae62f9cbe7d0029fb1ac7445cc9
|
|
This change fixes the item variable notation in
puppet/services/ceph-osd.yaml.
Change-Id: I4d105619e4ac913b4a711bf91fea5f6e3c9b4caa
Closes-Bug: 1661339
|
|
|
|
|
|
|
|
|
|
|
|
Currently we are applying this validation for the services templates, this
submission moves it to run with all templates.
Also fixed those templates not using the alias name.
Change-Id: I3a2c0ce6adcc8061fdc51f73fdc6b9748c0fead9
|
|
|
|
|
|
|
|
|
|
This will hopefully help developers know what to do if their patch fails
this verification.
Change-Id: I01fe9ca30295c6264affdbdb773b039a744289ea
|
|
Change-Id: I72aa48c72c825151739cb478c58e9a6c841c9130
|
|
This adds an entry for libvirt (which is used by the VNC server) on
which we can tell it via t-h-t on which IP address to listen on.
Change-Id: Ie377c09734e9f6170daa519aed69c53fc67c366b
Related-Bug: #1660099
|
|
This needs to be run by puppet or ansible runs it as root and the
later run by puppet fails due to permissions on the logfile.
Probably we need to remove the *sync calls for most services to
avoid similar issues, now that we're running puppet as part of the
pre-converge upgrade process but that will be done in another patch.
Change-Id: I808db2c175325a25058226842684558ea06fb5c5
Partially-Implements: blueprint overcloud-upgrades-per-service
|
|
We are not running syntax and lint jobs in THT for master & newton,
let's remove useless files.
Change-Id: Ia572a0eb8872ab199bc68a51750dfc17ca5ee034
|
|
Recently puppet4 started deprecating ruby 2.0 with the following
commit: https://github.com/puppetlabs/puppet/commit/e9eda7ed56fddcf185fc155d7e0ae054ea327504
One way to work-around this (in the absence of a more recent ruby
version) is to not treat this deprecation warnings as fatal when
doing the puppet syntax check
Change-Id: Id49c5068ab4609e3da0417af4714e8cb8485f3d1
Closes-Bug: #1660943
|
|
So, if RabbitClientUseSSL is set, this will enable TLS for the
swift's ceilometer message broker connection.
Change-Id: Ide70a509aefc9e7eb9d7cc5b3a60520fa42b4010
Depends-On: I8b7457b6233c4f88af2d7bc1b9304fcccb6edf61
|
|
|
|
|
|
|
|
The multinode_major_upgrade scenario is using an external
directory for net-config.
Moving this to the internal directory in tht common/
Change-Id: I41692d2ddb9fbd2002fd7910933ab4edff74f33e
|
|
|
|
|
|
This patch rewires how we configure the Kolla external config files
via Heat templates and uses a more simple json-file heat hook to
directly write out Kolla config files to disk.
By using a heat hook instead of a shell script we can avoid
Json conversion issues. Additionally, This generic json file hook will
be useful for other ad-hoc Json file configuration within the TripleO
docker architecture.
Co-Authored-By: Martin André <m.andre@redhat.com>
Change-Id: I8c72a4a9a7022f722bfe1cef3e18517605720cce
Depends-On: I2b372ac2e291339e436202c9fe58a681ed6a743f
Depends-On: Id3f779b11e23fd3122ef29b7ccbae116667d4520
|
|
|
|
|
|
Continue the work done on https://review.openstack.org/#/c/423302/
Change-Id: I931534e0ec33e131809186f74068eb479d38a0f9
|
|
|
|
|
|
If TLS in the internal network is enabled, we run neutron-server
behind a TLS proxy (which is actually httpd's mod_proxy). This passes
the necessary hieradata.
bp tls-via-certmonger
Depends-On: I6dfbf49f45aef9f47e58b5c0dbedd2b4e239979e
Change-Id: I9252512dbf9cf2e3eec50c41bf10629d36070bbd
|
|
Full credits to James Slagle, author of this code in TripleO CI:
https://review.openstack.org/#/c/409346
This patch adds a new template for configuring networking on the
Overcloud nodes using os-net-config in multinode jobs. Previously we
were not using os-net-config at all.
Also updates the multinode.yaml environment to use this network config
template.
The IP of each subnode is used when the vxlan tunnels are configured in
OVS, given that, each node needs its own unique network configuration.
To accomodate that, the templates makes use of the network_config_hook
function to influence run-os-net-config.sh
This patch is just the first step to totally switching to os-net-config
in multinode jobs. The devstack-gate code is still in use to bootstrap
the initial networking on the undercloud and subnodes. That will be
switched over in subsequent patches.
Change-Id: I6efa71eb23109d0b3b480061135c572ab89f5981
Co-Authorized-By: James Slagle <jslagle@redhat.com>
Implements: blueprint multinode-ci-os-net-config
|
|
This replicates the behavior of the custom Jinja2 loader from tripleo-common to
allow template validation on the local filesystem using tox.
Change-Id: I27683ab31187c6334dc5b4b5363a3347874b9a90
Partially-Implements: blueprint overcloud-upgrades-per-service
Depends-On: Idc5c3f49c7a2fc7f3622c76da001992cc657384e
|
|
This patch allows the management of the AuditD service and its associated
files (such as `audit.rules`)
This is achieved by means of the `puppet-auditd` puppet module.
Also places ssh banner capabilities map on top of patch
Change-Id: Ib8bb52dde88304cb58b051bced9779c97a314d0d
Depends-On: Ie31c063b674075e35e1bfa28d1fc07f3f897407b
|