summaryrefslogtreecommitdiffstats
AgeCommit message (Collapse)AuthorFilesLines
2017-08-12Pass monitor_address_block to ceph-ansible for mon_hostGiulio Fidente1-0/+1
The ip address which clients and other nodes use to connect to the monitors is derived from the monitor_interface parameter unless a monitor_address or monitor_address_block is given (to set mon_host into ceph.conf); this change adds setting for monitor_address_block to match the public_network so that clients attempt to connect to the mons on the appropriate network. Change-Id: I7187e739e9f777eab724fbc09e8b2c8ddedc552d Closes-Bug: #1709485
2017-08-12Merge "Consolidate puppet/docker deployments with one deploy steps workflow"Jenkins15-235/+9
2017-08-12Merge "Correct gnocchi-upgrade command quotes"Jenkins2-4/+14
2017-08-12Merge "Convert compute-role.yaml to role.role.j2.yaml"Jenkins8-757/+57
2017-08-12Merge "Convert controller-role.yaml to role.role.j2.yaml"Jenkins7-857/+177
2017-08-11Merge "TLS everywhere: Configure CA for mongodb"Jenkins1-0/+6
2017-08-11Merge "Add script to create tripleo-admin on deployed servers"Jenkins1-0/+60
2017-08-11Correct gnocchi-upgrade command quotesJose Luis Franco Arza2-4/+14
After merging commit 488796, single quotation marks were missed. This causes the upgrade to fail as the flag --sacks-number is considered a su command flag. Also mounts Ceph config data into the container which seems needed for the gnocchi-upgrade command when configured to use Ceph. Also move the gnocchi db sync to step 4, so ceph is ready. Add a retry loop to ceilometer-upgrade cmd so it doesnt fail while apache is restarted. Closes-Bug: #1709322 Change-Id: I62f3a5fa2d43a2cd579f72286661d503e9f08b90
2017-08-11Merge "openstack-heat-templates: fix deprecation path"Jenkins1-1/+1
2017-08-11Consolidate puppet/docker deployments with one deploy steps workflowSteven Hardy15-235/+9
If we consolidate these we can focus on one implementation (the new ansible based one used for docker-steps) Change-Id: Iec0ad2278d62040bf03613fc9556b199c6a80546 Depends-On: Ifa2afa915e0fee368fb2506c02de75bf5efe82d5
2017-08-11Convert compute-role.yaml to role.role.j2.yamlSteven Hardy8-757/+57
Add some special-casing for backwards compatibility, such that the Compute role can be rendered via j2 for support of composable networks. Change-Id: Ieee446583f77bb9423609d444c576788cf930121 Partially-Implements: blueprint composable-networks
2017-08-11Convert controller-role.yaml to role.role.j2.yamlSteven Hardy7-857/+177
Add deprecated role-specific parameters to role definition, in order to special-case some parameters for backwards compatibility, such that the Controller role can be rendered via j2 for support of composable networks. Co-Authored By: Dan Sneddon <dsneddon@redhat.com> Change-Id: I5983f03ae1b7f0b6add793914540b8ca405f9b2b Partially-Implements: blueprint composable-networks
2017-08-11TLS everywhere: Configure CA for mongodbJuan Antonio Osorio Robles1-0/+6
It wasn't being configured, thus making mongodb fail. Change-Id: If0d7513aacfa74493a9747440fb97f915a77db84 Closes-Bug: #1710162
2017-08-11Merge "Move HAProxy's public TLS logic from controller to service template"Jenkins4-6/+25
2017-08-11Merge "Set virsh secret with an init step when using Ceph"Jenkins3-4/+62
2017-08-11Merge "Keep dynamic network creation backward compatible."Jenkins2-3/+7
2017-08-11Move HAProxy's public TLS logic from controller to service templateJuan Antonio Osorio Robles4-6/+25
This de-couples public TLS from controllers to now run wherever HAProxy is deployed. Partially-Implements: blueprint composable-networks Change-Id: I9e84a25a363899acf103015527787bdd8248949f
2017-08-10Merge "Noop controller pre and post config resources."Jenkins1-0/+2
2017-08-10Merge "Fix cidr get_attr in custom networks"Jenkins13-14/+13
2017-08-10Merge "Create parameters for haproxy TLS certs and keys"Jenkins2-11/+55
2017-08-10Merge "Docker/TLS everywhere: Add telemetry and neutron services to environment"Jenkins1-4/+9
2017-08-09Merge "Addition of Nuage as mechanism driver for ML2"Jenkins6-7/+134
2017-08-09Set virsh secret with an init step when using CephGiulio Fidente3-4/+62
Run virsh secret-define and secret-set-value in an init step instead of relying on the puppet-nova exec. Co-Authored-By: Jiri Stransky <jistr@redhat.com> Change-Id: Ic950e290af1c66d34b40791defbdf4f8afaa11da Closes-Bug: #1709583
2017-08-09Merge "Use number for KeystoneCronTokenFlushMaxDelay instead of string"Jenkins1-2/+2
2017-08-09Merge "Don't curl metadata server in userdata example"Jenkins1-2/+1
2017-08-08Merge "MariaDB: create clustercheck user at container bootstrap"Jenkins1-1/+22
2017-08-08Fix cidr get_attr in custom networksGiulio Fidente13-14/+13
We were missing the square brackets around the list of arguments for get_attr when building the networks cidr output. This passed CI because Heat does not fail validation and Ceph (which is consuming the cidr output) is tested with a single network (ctlplane) which does not build the output using the same templates. Change-Id: I40bba0784a30295cb0d4eda1fbff20ebac85db99 Closes-Bug: #1709464
2017-08-08Docker/TLS everywhere: Add telemetry and neutron services to environmentJuan Antonio Osorio Robles1-4/+9
some resources were missing, so this syncs up what's working right now. bp tls-via-certmonger-containers Change-Id: Ic8fe20d0240f1ad8f18218d66634029d522d4d5a
2017-08-08Keep dynamic network creation backward compatible.Sofer Athlan-Guyot2-3/+7
We had an history mapping for InternalApi to InternalNetwork. If we remove it then heat will want to destroy InternalNetwork and create InternalApi which cannot work during upgrade. This adds compat name parameters to network_data.yaml. Closes-Bug: #1709105 Change-Id: I8ce6419a5e13a13ee6e991db5ca2196763f52d7a
2017-08-08Add script to create tripleo-admin on deployed serversJiri Stransky1-0/+60
When using deployed servers, we want to create a standard tripleo-admin user for Mistral's ssh tasks (e.g. running Ansible on overcloud). This script wraps the respective Mistral workflow. Change-Id: I2de698b4aae07f74569243a9e7c1c56eb578e700 Related-Bug: #1708180 Depends-On: Ibe8e54f7b38d8c6c8d944d2b13f0eed004c34c4c
2017-08-07Create parameters for haproxy TLS certs and keysJuan Antonio Osorio Robles2-11/+55
this removes the hardcoded paths for the haproxy certs and keys and will enable re-use. We'll use this in a further commit in the containterized TLS work. Change-Id: I602e5a569e2e7e60835deb80532abcedd7a1f63d
2017-08-07Use number for KeystoneCronTokenFlushMaxDelay instead of stringJuan Antonio Osorio Robles1-2/+2
Using a string results in an erroneous check in puppet-keystone, which sets up a zero where it shouldn't. So we change it to number to avoid that. Note that there will also be a puppet-keystone fix for this. Changing the value here assures that deployers only give valid values to this parameter. Change-Id: I00823e23358df91ce54f421c12636f05d4196e15 Closes-Bug: #1708584
2017-08-05Merge "Add Telemetry services to scenario002"Jenkins2-4/+17
2017-08-05Merge "Start redis service after upgrade"Jenkins1-0/+3
2017-08-04Merge "Stop and disable openstack-nova-compute service on compute nodes"Jenkins1-0/+3
2017-08-04Merge "Run gnocchi upgrade with sacks in docker template"Jenkins1-1/+9
2017-08-04Merge "Change the directory for haproxy certs/keys to be service-specific"Jenkins2-7/+11
2017-08-04Merge "Copy scheduler configuration from service/ironic to ↵Jenkins1-0/+2
services-docker/ironic"
2017-08-04Merge "Fix up multipath docker indentation"Jenkins1-5/+5
2017-08-04Change the directory for haproxy certs/keys to be service-specificJuan Antonio Osorio Robles2-7/+11
This moves the directories containing the certs/keys for haproxy one step further inside the hierarchy. This way we will be able to bind-mount this certificate into the container without bind-mounting any other certs/keys from other services. bp tls-via-certmonger-containers Depends-On: Iba3adb9464a755e67c6f87d1233b3affa8be565a Change-Id: I73df8d442b361cb5ef4e343b4ea2a198a5b95da9
2017-08-04Merge "Adds environment file for ODL + SRIOV"Jenkins2-0/+32
2017-08-04Merge "Changing the default port-binding configuration"Jenkins3-2/+55
2017-08-03Update EventPipelinePublisher param description to include zaqarPradeep Kilambi1-0/+2
Since we now support zaqar:// publisher, Enhance the description to indicate how to set the zaqar publisher. Change-Id: Ib7eba98d199fade2346620672e33b74686d4685b
2017-08-03Merge "Make UpgradeLevelNovaCompute parameters consistent"Jenkins3-3/+2
2017-08-03Merge "Add environment for setting a custom domain name"Jenkins4-4/+54
2017-08-03Addition of Nuage as mechanism driver for ML2lokesh-jain6-7/+134
Adding composable services for Nuage mechanism driver for ML2. This is separate from Nuage as the core plugin and intentional duplication of Nuage under puppet services. Parameters required for working of Nuage as mechanism driver are also added. Change-Id: I2b564610721152c4f4dab9da79442256ba8d0b33
2017-08-03Merge "Update capabilities map to match latest environments"Jenkins1-263/+239
2017-08-03Merge "Make many networking parameters consistent"Jenkins39-77/+67
2017-08-03Stop and disable openstack-nova-compute service on compute nodesMarius Cornea1-0/+3
This change stops and disables the openstack-nova-compute service on the compute nodes during the upgrade to the containers architecture. Closes-bug: 1708371 Change-Id: I9ca909d4e91d0a0e4de15572f727f959d9185c64
2017-08-03Merge "Fix CA file bind mounting in containers"Jenkins1-1/+5