summaryrefslogtreecommitdiffstats
AgeCommit message (Collapse)AuthorFilesLines
2015-02-04Puppet: wire in neutron_dnsmasq_optionsDan Prince2-0/+9
This patch updates puppet on the controller so that it configures the Neutron dnsmasq options file data with the value provided by the Heat NeutronDnsmasqOptions parameter. Properly configuring this setting can help resolve/tune overcloud instance connectivity issues w/ SSH etc. Change-Id: If47ab3d3002ebe19fc980ca5d37f84f4d8851f9b
2015-02-04Puppet: correct neutron metadata agents nova ipDan Prince1-0/+1
This updates the controller config for the Neutron metadata agent so that it configures the correct nova_metadata_ip in /etc/neutron/metadata_agent.ini. Change-Id: I4d6658ba54e582673938fa14a8c7de287dcd6662 Closes-bug: #1416781
2015-02-04Puppet: move LB configs onto LB resourcesDan Prince1-19/+35
This moves the loadbalancer composition class parameters into the loadbalancer specific software deployment. This keeps the resource contained and seperate from the rest of the OS hiera data configs. Change-Id: I8af48b479348e431a8e563917e1345ca4b895a60
2015-02-04Puppet: Heat API and EngineDan Prince3-6/+35
This patch adds the ability to configure the Heat API and Heat engine on controller nodes via puppet. Change-Id: Ie81090bceed3e18199a36ebb11d1cbcaea83c410
2015-02-04Puppet: Ntp supportDan Prince9-4/+41
This patch adds NTP support to all roles. As part of this change overcloud-without-mergepy.yaml has also been updated so that it passes the NtpServer parameters into the Swift and Cinder storage node templates so that Ntp can also be configured on those machines as well. NOTE: The puppet support here uses the puppetlabs-ntp modules which we add in Ib10ccbfdb3140b19f40049707548c6655d250e1c. Change-Id: If2ef236fa42a714e84c6944eee5fe4daddf3fedf
2015-02-03Puppet: Ceilometer controller supportDan Prince6-5/+49
This patch adds support for the Ceilometer controller role including the Ceilometer: -API -central agent -alarm notifier -alarm evaluator -collector -expirer In order to enable swift metering the swift::proxy ceilometer middleware was added in. Also, a minor adjustment to the existing ceilometer HA proxy setting was made to accommodate ceilometer auth settings. (not exactly sure why but this seems to be required) Like upstream TripleO Ceilometer is currently using a MySQL database backend. A follow on patch can support configuring MongoDB for use with Ceilometer. Change-Id: I4e171274bd7679d386d93492d13dfa7c5d37f6a8
2015-01-27Remove unused cinder params from -without-mergepyDan Prince3-23/+0
Cinder block storage nodes shouldn't need to know the AdminPassword and CinderPassword values. There are no services which require Keystone related passwords on the block storage nodes. Change-Id: I4aa89347c60ec6258bd66725a895f6fd2b4844f6
2015-01-27Puppet: Cinder common block storage supportDan Prince4-1/+204
This patch implements the required changes to configure common Cinder block storage nodes via Puppet. Change-Id: Iac8b4679a00f58d5faac4a1d08b7a830f0360ba5
2015-01-27Swift: set default replicas to 3Dan Prince6-6/+6
Our existing default (replicas == 1) means that no data (or copies) is being replicated in a multi-node Swift environment. This seems like a bad production default setting and could easily slip by if not set. Setting it to 3 shouldn't hurt anything and seems to follow suit with what several production installers (based around Puppet) actually use. If using an installation with less than 3 swift nodes I believe swift will do its best, and still work fine. FWIW I noticed this when testing a multi-node Puppet swift installation and was surprised when I didn't see any *data files getting replicated across the storage cluster. Change-Id: I44bdfff7aae6bdf845b79ca1f8f450c22113caed
2015-01-27Remove unused swift params from -without-mergepyDan Prince3-56/+0
In doing the Puppet version of the Swift role I noticed 4 parameters which we apply to storage nodes which should not be required. This patch drops the following parameters from the swift-storage and swift-storage-puppet nested stacks which should not be required. 1) ControllerIP: There is no reason a storage node should need the IP address of the controller. The swift proxy would need this information in order to be able to contact keystone. This swift-proxy is not installed on storage nodes so we can drop the parameter here. 2) NeutronEnableTunnelling: There is no reason for Neutron to be installed on Swift storage nodes. No need to create an OVS bridge either. 3) NeutronNetworkType: Similar to above. No neutron requirements exist here so this parameter is not required. 4) Password: This only applies to the the swift-proxy which is currently part of our controller role. Storage nodes shouldn't need the keystone service-password for any reason. Change-Id: Icbf05363475c388fc722277da3d3d00a7355b19a
2015-01-27Puppet: Switch glance to use a swift backendDan Prince3-1/+10
Now that we have swift we can switch glance over to make use of it. Change-Id: I9513cb63079235337b684aa734af73a0f0cc0afd
2015-01-27Puppet: Swift Storage node supportDan Prince3-1/+207
This patch implements the required changes to configure swift storage nodes via Puppet. Similar to the overcloud we generate the rings on each node (with the same seed). Change-Id: I677c85b09b6e656b3ac1f938a4bd6bc7daae1755
2015-01-27Puppet: Swift Overcloud Proxy/Storage supportDan Prince6-3/+201
This patch adds support for a Swift proxy and storage node on the controller. The implementation is fairly straightforward with the exception of building the ring. I've followed an upstream TripleO model here where we build the actual ring on each node (rather than build once and rsync). This works because Heat will always know all the devices ahead of time. In the future when we have Heat breakpoints it might be possible to consider optimizing this by generating the ring once and then rsyncing to all the nodes. The ringbuilder logic is executed as a seperate Heat software deployment. On the controller the ring is executed in between the base service (mysql/rabbit) and OpenStack service steps. This is to ensure the ring exists before the Swift proxy is started. Having the ringbuilder.pp logic as a separate software config should allow us to reuse it for the Storage node role. It should also be noted that swift.zones support is added here but we are missing an upstream Heat template change in order for it to be wired in properly. See: I0e0f5189da1575f2e1ed7fba4bbbe13a8fbf6221 Likewise we need to properly wire in SwiftRingBuild as well. See: I01311ec3ca265b151f8740bf7dc57cdf0cf0df6f The underlying puppet ringbuilder code is already wired to support this change when it lands. As is this works today and will provide a working Overcloud Swift-proxy/storage node config. Will follow this up with a related Swift storage node patch which should allow puppet to be used for configuration on the storage nodes as well... Change-Id: Id1272f796e2507a7357309e8cd6a51ad9e0160af
2015-01-27Compute: consolidated nested stackDan Prince6-197/+463
In I250dc1a8c02626cf7d1a5d2ce92706504ec0c7de we split out just the Controller software config in an effort to provide hooks for alternate implementations (puppet). This sort of worked but caused quirky ordering issues with signal handling. It also causes problems for Tuskar which would prefer to think of these nested stacks and not have us split out just the software configs like this. This patch moves all the compute related stuff for our two implementations: compute.yaml: is used by os-apply-config (uses the tripleo-image-elements) compute-puppet.yaml: uses stackforge puppet-* modules for configuration By duplicating the entire compute in this manner we make it much easier to create dependencies and implement proper signal handling. The only (temporary) downside is the duplication of parameters most of which will eventually go away when we move using the global parameters via Heat environment files instead. Change-Id: I49175d1843520abc80fefe9528442e5dda151f5d
2015-01-27Controller: consolidated nested stackDan Prince6-489/+1001
In I228216a0b55ff2d384b281d9ad2a61b93d58dab9 we split out just the Controller software config in an effort to provide hooks for alternate implementations (puppet). This sort of worked but caused quirky ordering issues with signal handling. It also causes problems for Tuskar which would prefer to think of these nested stacks and not have us split out just the software configs like this. This patch moves all the controller related stuff for our two implementations: controller.yaml: is used by os-apply-config (uses the tripleo-image-elements) controller-puppet.yaml: uses stackforge puppet-* modules for configuration By duplicating the entire controller in this manner we make it much easier to create dependencies and implement proper signal handling. The only (temporary) downside is the duplication of parameters most of which will eventually go away when we move towards using the global parameters via Heat environment files instead. Change-Id: Iaf3c889d7c8815f862308cd8e15ce1010059f5c6
2015-01-27Merge "Add parameter to manage usage of Neutron l3_ha option"Jenkins9-1/+31
2015-01-19Merge "Remove invalid NTP configuration in templates"Jenkins5-5/+5
2015-01-09Merge "Add SwiftMountCheck to overcloud-without-mergepy"Jenkins3-0/+13
2015-01-09Merge "Add SwiftMinPartHours to overcloud-without-mergepy"Jenkins3-0/+18
2015-01-09Add parameter to manage usage of Neutron l3_ha optionGiulio Fidente9-1/+31
This change will allow for the enablement of Neutron routers HA via the new NeutronL3HA parameter. Change-Id: Ia5f7c0b4e89159456482e840c50d166ec5f25d4c Implements: blueprint tripleo-icehouse-ha-production-configuration
2015-01-09Add SwiftMountCheck to overcloud-without-mergepyDan Prince3-0/+13
This was added in I36fece56bafa9fe9c4883b572687b3fc819eeae1 and is missing from overcloud-without-mergepy. Change-Id: I5c2566cc77247574f8d687eaab8094de481a8c67
2015-01-09Add SwiftMinPartHours to overcloud-without-mergepyDan Prince3-0/+18
This was added in Icc5e431a7e2884b3ca3a255b6fd901619bc98460 and is missing from overcloud-without-mergepy. Change-Id: I1273b646c04783712fd3f8baccafead11817689c
2015-01-09Merge "Default BlockStorageCount to 0 for without-mergepy jobs"Jenkins1-1/+1
2015-01-08Default BlockStorageCount to 0 for without-mergepy jobsGiulio Fidente1-1/+1
We have never created these additional storage nodes by default with the old templates; we agreed on adding a job for this in CI [1] so we will override the default value in the specific CI job. 1. https://github.com/openstack-infra/tripleo-ci/blob/master/docs/wanted_ci_jobs.csv Change-Id: Iaec38807bc209fc28d83e3d6922269e803110053
2015-01-08Remove invalid NTP configuration in templatesNicholas Randon5-5/+5
Currently the all templates have an invalid setting for NTP setup for the fudge setting. This should be removed from the templates which will remove the warning seen in syslog. ntpd[...]: inappropriate address xxx.xxx.xxx.xxx for the fudge command, line ignored Partial-Bug: 1408379 Relates-To: Ib9931b84925d9ceb32f18e9adc5be64402fbf61e Change-Id: I56a03dc0a899a8c515f2a05d678d7e80e9b7b93c
2015-01-08Puppet: overcloud controller configDan Prince6-1/+867
This patch provides an alternate implementation of the OS::TripleO::Controller::SoftwareConfig which uses Puppet to drive the configuration. Using this it is possible to create a fully functional overcloud controller instance which has the controller node configured via Puppet stackforge modules. Initially this includes only the following services: MySQL RabbitMQ Keepalived/HAProxy (HA is not yet fully supported however) Nova Neutron Keystone Glance (file backend) Cinder Using these services it is possible to run devtest_overcloud.sh to completion. The idea is that we can quickly add more services once we have CI in place. In order to test this you'll want to build your images with these elements: os-net-config heat-config-puppet puppet-modules hiera None of the OpenStack specific TripleO elements should be used with this approach (the nova/neutron elements were NOT used to build the controller image). Also, rather than use neutron-openvswitch-agent to configure low level networking it is recommended that os-net-config by configured directly via heat modeling rather than parameter passing to init-neutron-ovs. This allows us to configure the physical network while avoiding the coupling to the neutron-openvswitch-element that our standard parameter driven networking currently uses. (We still need to move init-neutron-ovs so that it isn't coupled and/or deprecate its use entirely because the heat drive stuff is more flexible.) Packages may optionally be pre-installed via DIB using the -p option (-p openstack-neutron,openstack-nova) etc. Change-Id: If8462e4eacb08eced61a8b03fd7c3c4257e0b5b8
2015-01-08Merge "Controller: Drive os-net-config via software conf"Jenkins1-0/+13
2015-01-08Merge "Controller: Split out software config"Jenkins3-262/+344
2015-01-08Merge "Bring back (abandoned) support for Cinder/NFS"Jenkins4-101/+39
2015-01-08Merge "Allow setting Neutron tunnel type in no mergepy"Jenkins1-0/+2
2015-01-08Merge "Don't store Ceilo DB credentials on compute node"Jenkins6-20/+0
2015-01-08Merge "Puppet: overcloud compute config"Jenkins7-0/+209
2015-01-07Merge "Drop the MysqlClusterUniquePart validation"Jenkins1-2/+3
2015-01-07Merge "Pass Horizon port through to controller nodes"Jenkins1-0/+5
2015-01-05Allow setting Neutron tunnel type in no mergepyBen Nemec1-0/+2
The Neutron tunnel type settings were missing from the Controller section of the without-mergepy template, which made it impossible to configure any tunnel other than gre. Change-Id: Ia2579ed39a16d2b9826ce8406cb97fc116e3d595
2015-01-05Controller: Drive os-net-config via software confDan Prince1-0/+13
This example extends the controller software configuration so that heat metadata is used to model the os-net-config YAML (ultimately JSON) directly. The existing os-net-config element already supports this format. Configuring the physical network layer in this manner would supplant the ever growing list of Heat parameters that we have and is something that could be automatically generated via tuskar. The default is to use net-config-noop.yaml which will pass no config metadata into the os-net-config element which will essentially disable it in favor of using parameters w/ init-neutron-ovs. Change-Id: Ifba60454ee11222173a9762882e767a836a4545c
2015-01-05Controller: Split out software configDan Prince3-262/+344
This is a step towards supporting pluggable software configurations in the heat templates. By moving controller-config out of controller.yaml we make it possible to define alternate implementations by changing the OS::TripleO::ControllerConfig value in the overcloud-resource-registry.yaml heat environment file. Change-Id: I228216a0b55ff2d384b281d9ad2a61b93d58dab9
2015-01-05Puppet: overcloud compute configDan Prince7-0/+209
This patch provides an alternate implementation of the OS::TripleO::Compute::SoftwareConfig which uses Puppet to drive the configuration. Using this it is possible to create a fully functional overcloud compute instance which has the compute node configured via Puppet stackforge modules. This includes all the Nova, Neutron, and Ceilometer configuration required to make things work. In order to test this you'll want to build your images with these elements: os-net-config heat-config-puppet puppet-modules hiera None of the OpenStack specific TripleO elements should be used with this approach (the nova/neutron/ceilometer elements were NOT used to build the compute image). Also, rather than use neutron-openvswitch-agent to configure low level networking it is recommended that os-net-config by configured directly via heat modeling rather than parameter passing to init-neutron-ovs. This allows us to configure the physical network while avoiding the coupling to the neutron-openvswitch-element that our standard parameter driven networking currently uses. (We still need to move init-neutron-ovs so that it isn't coupled and/or deprecate its use entirely because the heat drive stuff is more flexible.) Packages may optionally be pre-installed via DIB using the -p option (-p openstack-neutron,openstack-nova). Change-Id: Ic36be25d70f0a94ca07ffda6e0005669b81c1ac7
2015-01-02Drop the MysqlClusterUniquePart validationDan Prince1-2/+3
Trying to use overcloud-without-mergepy currently fails with a validation error around MysqlClusterUniquePart. This works around the issue by temporarily dropping the validation. Change-Id: If93945a2c3396b07b592d08efb1f66e11d6194dd Partial-bug: #1405446
2014-12-23Pass Horizon port through to controller nodesJonathan Brownell1-0/+5
The Horizon port may vary based on SSL enablement, and needs to be known by the nodes for the purpose of iptables rules, etc. Change-Id: Iec475a6c245a5bfe8b1d63ff72b6d0299861615c
2014-12-23Merge "Don't store Neutron DB credentials on compute node"Jenkins5-19/+0
2014-12-23Merge "Don't store Nova DB credentials on compute nodes"Jenkins6-22/+2
2014-12-19Compute: drive NW configuration via software confDan Prince5-0/+113
This example extends the compute software configuration so that heat metadata is used to model the os-net-config YAML (ultimately JSON) directly. The existing os-net-config element already supports this format. Configuring the physical network layer in this manner would supplant the ever growing list of Heat parameters that we have and is something that could be automatically generated via tuskar. The default is to use net-config-noop.yaml which will pass no config metadata into the os-net-config element which will essentially disable it in favor of using parameters w/ init-neutron-ovs. Change-Id: I30f325b1751caaef5624537e63ee27c2e418d5c8
2014-12-19Merge "Set default network interfaces to nic1"Jenkins7-9/+9
2014-12-17Set more aggressive keepalive timingsGiulio Fidente2-0/+8
We want to customize the default kernel keepalive timings and make them more aggressive to workaround lack of hearbeat support in the Oslo RabbitMQ client, see: https://bugs.launchpad.net/oslo.messaging/+bug/856764/comments/19 and https://bugs.launchpad.net/oslo.messaging/+bug/856764/comments/70 Change-Id: Ieac08f595086acb8dd336e33efc705ee0b8a3a87 Closes-Bug: 1301431 Closes-Bug: 1385240 Closes-Bug: 1385234
2014-12-11Bring back (abandoned) support for Cinder/NFSGiulio Fidente4-101/+39
We used to have a YAML file providing a test setup for Cinder/NFS which could be used via a special Makefile target; this was not used in CI anymore though and overtime things broke. This change aims at bringing that functionality back and also make it easier to use it via a number of changes: * delete unmaintained nfs-server-source (not working due to changes in the elements) * delete (unneeded) block-storage-nfs * remove the hidden block-storage-with-nfs target from Makefile * add a some nfs-source which supports newer elements and newer template language as well * improve existing comments in Makefile documeting how to use it Change-Id: I96144ee2f4ca33bd7467f09ad960ea268c1250bf
2014-12-09Merge "Remove default flavor from every template"Jenkins11-15/+18
2014-12-09Merge "bump up the number of sesson limit for rabbitmq"Jenkins2-0/+2
2014-12-08Don't store Ceilo DB credentials on compute nodeDan Prince6-20/+0
This patch removes all references to the Ceilometer DSN parameter in the overcloud compute templates. These credentials are not required in order to run the required Ceilometer service/agents. Change-Id: I421ce4fca87ac87dd65ab8bbb20e7ea9be8d9c5d
2014-12-08Don't store Neutron DB credentials on compute nodeDan Prince5-19/+0
This patch removes all references to the Neutron DSN parameter in the overcloud compute templates. These credentials are not required in order to run the required Neutron services. Change-Id: I0691f43bd2ce85bec0d68ab979136414f0610c61