summaryrefslogtreecommitdiffstats
AgeCommit message (Collapse)AuthorFilesLines
2016-10-13Prefill Sensu client custom configMartin Mágr2-26/+27
- Custom config has to contain OpenStack auth information, so it has to be generated for user during deployment. This patch maintains the ability to provide a custom configuration for the Sensu client. Change-Id: If449642c4bbad683421e1f461b8721e655db0c45
2016-10-07Merge "Ceilometer Wsgi Mitaka->Newton upgrades"Jenkins4-16/+173
2016-10-07Merge "Serialize AllNodesDeployment and UpdateWorkflow"Jenkins1-0/+4
2016-10-07Ceilometer Wsgi Mitaka->Newton upgradesPradeep Kilambi4-16/+173
In Newton, ceilometer api is changed to run under apache wsgi instead of eventlet. This will require upgrades for mitaka deployments to switch to wsgi. Closes-Bug: 1631297 Change-Id: If9d6987cd0a8fc5d3f9de518ba422d97d5149732
2016-10-07Serialize AllNodesDeployment and UpdateWorkflowSteven Hardy1-0/+4
Otherwise there may be a race between updating the hiera and running the UpdateWorkflow Change-Id: I22cd893e0db3df6d39504fbd61d7d9024cebb1c5 Related-Bug: 1631297
2016-10-07Merge "Specify the Ceph packages to be installed"Jenkins1-0/+6
2016-10-06Merge "Add Select per-network hostnames for service_node_names to ↵Jenkins1-0/+45
role.role.j2.yaml"
2016-10-06Specify the Ceph packages to be installedJohn Fulton1-0/+6
The puppet-ceph module defaults to 'ceph' but that is a metapacakge which isn't provided in all repos. Depends-On: I13462219522386f8740b0d70916a44f3474115e4 Change-Id: Ie55d22301dd22102d471e6002dfcaad4bfadd5f6 Related-Bug: 1629933
2016-10-06Enable firewalling by default on compute nodesEmilien Macchi5-8/+13
- Move VXLAN and VRRP rules from Neutron Server to the right services. - Enable Firewall by default on Compute nodes. Change-Id: I99d172dcedaf6be297aad184cc51fe9f292a57e1
2016-10-06Re-enable ManageFirewall by default.Dan Prince4-6/+6
This default setting got lots in the composable roles/services patches. Re-enable the ManageFirewall setting by default per what we did in git commit 73c76b867ddc8a23a30b9a3cac4031189d4178c6. We also fix a typo in neutron-api.yaml so that the firewall rules matches to service_name. (otherwise it won't get loaded). Also, drops the environments/manage-firewall.yaml which is no longer needed if we enable firewall management by default. Change-Id: Ie198e4efd190131d0722085b10ef77da9005bc1b Closes-bug: 1629934
2016-10-06Add Select per-network hostnames for service_node_names to role.role.j2.yamlCarlos Camacho1-0/+45
This will wire up the per-network hostnames in the generic role. Needs to land after https://review.openstack.org/#/c/378764 Partial-Bug: #1626976 Change-Id: I595f35cce03d9f416a1768aa5c349a1bb20b0e19
2016-10-06Merge "restore missing fluentd client functionality"Jenkins9-44/+26
2016-10-06Merge "Add generic template for custom roles."Jenkins2-0/+417
2016-10-06Merge "Set proper ceph config path for manila"Jenkins2-2/+2
2016-10-06Merge "Select per-network hostnames for service_node_names"Jenkins8-1/+271
2016-10-06Merge "Fix OpendaylightApiNetwork key naming"Jenkins1-1/+9
2016-10-06Add generic template for custom roles.Carlos Camacho2-0/+417
This submission creates a generic template file to deploy custom roles. Also adds a file to specify an exclusion role list in order to avoid not to generate the template for those roles. Partial-Bug: #1626976 Depends-On: I6d7247bbb8702eb0ab9bdf133b5ab1c6e8349d98 Change-Id: I3e11c089023b793a5063d9e1714527a3fe2b7458
2016-10-05Set proper ceph config path for manilaTom Barron2-2/+2
When deploying manila with cephfs backend, /etc/manila/manila.conf should define cephfs_conf_path = /etc/ceph/ceph.conf in the cephfs native backend since this is the conventional path that ceph operators expect and since we document that path upstream. Change-Id: I4abf5c33b675b1102413a84d64f4ce23b07b4485 Closes-Bug: 1630777
2016-10-05Merge "Open tripleo-heat-templates for Ocata"Jenkins0-0/+0
2016-10-05Merge "Adds Environment File for Removing Sahara during M/N upgrade"Jenkins5-4/+28
2016-10-05restore missing fluentd client functionalityLars Kellogg-Stedman9-44/+26
in the great rebase following the JINJA ALL THE THINGS changes we lost critical functionality in the fluentd client service. This review restores the missing features. Change-Id: I7c23f16f81e75f3da6a24587b2eb8385b3e920a4 Closes-bug: 1630692
2016-10-05Fix OpendaylightApiNetwork key namingSteven Hardy1-1/+9
This captialization won't work with the CamelCase to snake_case conversion we do, as the required name is opendaylight_api_network Adds some clarification to the ServiceNetMap description to hopefully avoid future confusion. Change-Id: Ife04ee2185e81009ebef55ad521aef799251e002 Closes-Bug: #1629408
2016-10-05Merge "Fixing resources path in OpenDaylight"Jenkins2-4/+4
2016-10-05Open tripleo-heat-templates for OcataJohn Trowbridge0-0/+0
To avoid pushing an artificial alpha tag, following PBR semver keyword bumps major version. See http://docs.openstack.org/developer/pbr/#version Change-Id: Ic47869c96217269806daac9c3c888603e4e5d00a Sem-Ver: api-break
2016-10-05Adds Environment File for Removing Sahara during M/N upgrademarios5-4/+28
The default path if the operator does nothing is to keep the sahara services on mitaka to newton upgrades. If the operator wishes to remove sahara services then they need to specify the provided major-upgrade-remove-sahara.yaml environment file in the stack upgrade commands. The existing migration to ha arch already removes the constraints and pcs resource for sahara api/engine so we just need to stop it from starting again if we want to remove it. This adds a KeepSaharaServiceOnUpgrade parameter to determine if Sahara is disabled from starting up after the controllers are upgraded (defaults true). Finally it is worth noting that we default the sahara services as 'on' during converge here in the resource_registry of the converge environment file; any subsequent stack updates where the deployment contains sahara services will need to include the -e /environments/services/sahara.yaml environment file. Related-Bug: 1630247 Change-Id: I59536cae3260e3df52589289b4f63e9ea0129407
2016-10-05Select per-network hostnames for service_node_namesSteven Hardy8-1/+271
Co-Authored-By: Juan Antonio Osorio Robles <jaosorior@redhat.com> Depends-On: Ic6fec1057439ed9122d44ef294be890d3ff8a8ee Change-Id: I754c4a41d8a294a4c7c18bd282ae014efd4b9b16 Closes-Bug: #1628521
2016-10-05j2 template per-role ServiceNetMapDefaultsSteven Hardy1-5/+6
The *HostnameResolveNetwork should default to a sane value for all roles, including those specified by the user. We choose internal_api by default (maintaining the existing special-case for the CephStorage role which uses the storage network), but users can of course override the default with a network of their choice. Change-Id: Ib240f56c1db5842b953fa510316e75fd53f24735 Closes-Bug: #1629827
2016-10-05Merge "Move the main template files for defalut services to new syntax ↵Jenkins6-1/+1
generation"
2016-10-04Merge "j2 template role config templates"Jenkins5-183/+7
2016-10-04Move the main template files for defalut services to new syntax generationCarlos Camacho6-1/+1
When generating these templates, we should create them with the "-role" appended as they will be generated from a role.role.j2.yaml file. i.e. role.role.j2.yaml will generate <service>-role.yaml config.role.j2.yaml will generate <service>-config.yaml Partial-Bug: #1626976 Change-Id: I614dc462fd7fc088b67634d489d8e7b68e7d4ab1
2016-10-04Include redis/mongo hiera when using pacemakerDan Prince2-2/+2
This patch updates the pacemaker composable service templates for mongo and redis to extend the proper base (redis.yaml and mongo.yaml) templates instead of the -base.yaml versions. This was causing some missing hiera settings for these services which caused symptoms like missing firewall rules for these services. Change-Id: I3f94acbf4d1baadbb151b1c4d34b4a0ab28ad5e5 Partial-bug: #1629934
2016-10-04Merge "Use netapp_host_type instead of netapp_eseries_host_type"Jenkins2-5/+15
2016-10-04Merge "Make keystone api network hiera composable"Jenkins3-24/+25
2016-10-04Merge "Set ceph osd max object name and namespace len on upgrade when on ext4"Jenkins1-0/+10
2016-10-03Merge "reload HAProxy config in HA setups when certificate is updated"Jenkins1-4/+2
2016-10-03Merge "Update $service to $resource this variable does not exist in the context"Jenkins1-1/+1
2016-10-03Merge "Cinder volume service is not managed by Pacemaker on BlockStorage"Jenkins4-2/+3
2016-10-03Merge "Change the rabbitmq ha policies during an M/N Upgrade"Jenkins2-1/+24
2016-10-03Update $service to $resource this variable does not exist in the contextMathieu Bultel1-1/+1
heat failed due to a: service: unbound variable In the context $service is never set. Change-Id: If82ee4562612f2617b676732956396278ee40a88 Closes-Bug: #1629903
2016-10-03reload HAProxy config in HA setups when certificate is updatedJuan Antonio Osorio Robles1-4/+2
When updating a certificate for HAProxy, we only do a reload of the configuration on non-HA setups. This means that if we try the same in an HA setup, the cloud will still serve the old certificate and that leads to several issues, such as serving a revoked or even a compromised certificate for some time, or just SSL issues that the certificate doesn't match. This enables a reload for HA cases too. Change-Id: Ib8ca2fe91be345ef4324fc8265c45df8108add7a Closes-Bug: #1629886
2016-10-03Merge "Fixed NoneType issue when monitoring-environment.yaml"Jenkins1-1/+1
2016-10-03Merge "Balance Rabbitmq Queue Master Location on queue declaration with ↵Jenkins1-0/+1
min-masters strategy"
2016-10-03Merge "Change rabbitmq queues HA mode from ha-all to ha-exactly"Jenkins1-0/+9
2016-10-03Change the rabbitmq ha policies during an M/N UpgradeMichele Baldessari2-1/+24
This takes care of the M->N upgrade path when changing the ha rabbitmq policy. Partial-Bug: #1628998 Change-Id: I2468a096b5d7042bc801a742a7a85fb1521c1c02
2016-10-03Merge "Fixed NoneType issue when logging-environment.yaml is used"Jenkins1-1/+1
2016-10-01Change rabbitmq queues HA mode from ha-all to ha-exactlyMichele Baldessari1-0/+9
It turns out that reducing number of rabbitmq queues in cluster significantly improves performance of cluster especially in the case of failover recovery time. Right now the cluster uses ha-all mode for rabbitmq queues. It is best to change this to "ha-exactly" mode and reduce the number of queue copies to ceil(N/2) where N is number of controllers in the cluster - so in typical scenario of 3 controller It would be 2 by default. It does not make much sense to keep the copies of queues over whole cluster since if the quorum of nodes is lost then the rest of cluster nodes will be stopped anyway. We let the user override this with a parameter. I.e. for a 3 node controlplane cluster we will go from this: pcs resource show rabbitmq Resource: rabbitmq (class=ocf provider=heartbeat type=rabbitmq-cluster) Attributes: set_policy="ha-all ^(?!amq\.).* {"ha-mode":"all"}" To this: pcs resource show rabbitmq Resource: rabbitmq (class=ocf provider=heartbeat type=rabbitmq-cluster) Attributes: set_policy="ha-all ^(?!amq\.).* {"ha-mode":"exactly","ha-params":2}" According to Marin Krcmarik's testing recovery time from failure was reduced significantly. Partial-Bug: #1628998 Change-Id: Iace6daf27a76cb8ef1050ada0de7ff1f530916c6
2016-09-30Merge "telemetry: remove coordination_url hiera settings"Jenkins3-25/+1
2016-09-30Merge "Telemetry: add redis_password hiera parameter"Jenkins3-0/+3
2016-09-30Merge "Replace per role manifests with a common role manifest"Jenkins10-101/+37
2016-09-30Make keystone api network hiera composableSteven Hardy3-24/+25
These hard-coded references to the Controller role mean that things won't work if the keystone service is moved to any other role, so we need to generate the lists dynamically based on the enabled services for each role. Change-Id: I5f1250a8a1a38cb3909feeb7d4c1000fd0fabd14 Closes-Bug: #1629096