summaryrefslogtreecommitdiffstats
AgeCommit message (Collapse)AuthorFilesLines
2017-08-22Merge "Add nova metadata to TLS everywhere/docker services list"Jenkins1-3/+4
2017-08-22Merge "change sriovnicswitch to be first with openvswitch"Jenkins1-1/+1
2017-08-21Merge "TLS everywhere/haproxy: Remove empty postsave command"Jenkins2-2/+0
2017-08-21Merge "Add logrotate with crond service"Jenkins22-0/+118
2017-08-21Merge "Let mds create manila key and fs"Jenkins9-16/+51
2017-08-21Add nova metadata to TLS everywhere/docker services listJuan Antonio Osorio Robles1-3/+4
This is working, so we add it to the list. bp tls-via-certmonger-containers Change-Id: Ib545d4e6c130b73b4921eb9b6325d2e8d6ff1e2c
2017-08-21TLS for containerized horizonJuan Antonio Osorio Robles2-0/+18
bind mount the certificates needed for TLS. bp tls-via-certmonger-containers Change-Id: Ib9b533249be37665b77396a76133cc42fd15ee2b
2017-08-21Merge "Enable TLS for containerized RabbitMQ"Jenkins2-0/+52
2017-08-21Add logrotate with crond serviceBogdan Dobrelya22-0/+118
Add a docker service template to provide containerized services logs rotation with a crond job. Add OS::TripleO::Services::LogrotateCrond to CI multinode-containers and to all environments among with generic services like Ntp or Kernel. Set it to OS::Heat::None for non containerized environments and only enable it to the environments/docker.yaml. Closes-bug: #1700912 Change-Id: Ic94373f0a0758e9959e1f896481780674437147d Signed-off-by: Bogdan Dobrelya <bdobreli@redhat.com>
2017-08-19Merge "Add certmonger user profile to all overcloud roles"Jenkins6-0/+7
2017-08-19Merge "Mount ceph config on gnocchi statsd"Jenkins1-0/+9
2017-08-19Merge "Swith to the appropriate ceph-ansible playbook on upgrade"Jenkins1-1/+19
2017-08-19Merge "Extend VNC port range"Jenkins1-1/+1
2017-08-19Merge "Prepare reno for TripleO Pike RC1"Jenkins1-1/+1
2017-08-19Merge "Convert scenario001-multinode-containers job to ceph-ansible"Jenkins2-6/+21
2017-08-19Merge "ci: don't deploy swift on basic multinode job"Jenkins3-9/+3
2017-08-19Merge "Enable TLS for nova-metadata"Jenkins2-1/+52
2017-08-19Merge "Add params needed for the ceph-ansible switch to containers playbook"Jenkins1-0/+1
2017-08-19Merge "Tag the ha containers with 'pcmklatest' at deploy time"Jenkins7-18/+221
2017-08-19Merge "Add support for Dell EMC Unity Cinder backend"Jenkins7-0/+113
2017-08-18Merge "scenario002/multinode: do not run containerized Zaqar"Jenkins1-1/+3
2017-08-18Merge "scenario002/container: run Barbican non-containerized"Jenkins1-0/+1
2017-08-18Merge "Workaround for RHEL registration as "localhost""Jenkins2-0/+22
2017-08-18Mount ceph config on gnocchi statsdPradeep Kilambi1-0/+9
gnocchi-statsd needs access to ceph config. lets mount the ceph config files so it doesnt throw conf_read_file errors. Change-Id: I1426d580c8d8d60e986ca859f89eeb8799ab6bd2
2017-08-18Prepare reno for TripleO Pike RC1Emilien Macchi1-1/+1
Change-Id: Ied1d57cd187ffe480912a3820587952aa88936c3
2017-08-18Merge "Also write an upgrade_tasks_playbook"Jenkins1-0/+17
2017-08-18Merge "Enable listening on TLS for the internal network for horizon"Jenkins1-0/+16
2017-08-18ci: don't deploy swift on basic multinode jobEmilien Macchi3-9/+3
Swift is already deployed on scenario002, and we want to keep basic multinode as basic as possible with only the minimum so it runs faster and we can use it for early tests in our CI. Change-Id: I6d2f434305d7ca0d704a9454b758670c39a0af4a
2017-08-18Merge "Restore and split nova metadata docker service out of nova-api."Jenkins2-5/+62
2017-08-18Let mds create manila key and fsJan Provaznik9-16/+51
ceph-ansible will take care of setting up client keys both in ceph and on client side. It will also create filesystem for manila. To assure that manila manifest can work in future both with puppet and with ceph-ansible, creation of filesystem is moved to ceph-mds manifest and creation of manila key on ceph side is moved to ceph-base (so manila key is always created), manila key is added to ceph-external for external ceph deployments. Key creation is removed from manila.pp in patch I2b5567a39ac8737e80758b705818cc1807dc8bf1 Change-Id: I6308a317ffe0af244396aba5197c85e273e69f68 Related-To: Ia3ef9e9a2b159dacea01e38762145ff2bcc7ba27 Depends-On: I3f18bbe476c4f43fa4e162cc66c5df443122cd0c
2017-08-18Merge "TLS everywhere/docker: add nova services to environment"Jenkins1-0/+7
2017-08-18Tag the ha containers with 'pcmklatest' at deploy timeMichele Baldessari7-18/+221
We need to tag the HA containers with a special tag so that the RA definition never changes. We do this step in THT as opposed to puppet because we need to guarantee that all images are tagged on all nodes *before* step 2 where the bundle gets created. NB: Getting the image name without the tag will require some more yaql work to get all the cases right. Right now this works only if we enforce that the image has a ':tag' at the end of the name. So far this is always the case. If things change we will need to amend this code. Co-Authored-By: Damien Ciabrini <dciabrin@redhat.com> Co-Authored-By: Sofer Athlan-Guyot <sathlang@redhat.com> Change-Id: I362e6cf26fba77d3f949b7d2fc4b35a3eab9087e
2017-08-18Enable TLS for containerized RabbitMQJuan Antonio Osorio Robles2-0/+52
Bind mounts and adds the appropriate permissions for the cert and key that's used for TLS. bp tls-via-certmonger-containers Depends-On: I62ff89362cfcc80e6e62fad09110918c36802813 Change-Id: I48325893a00690e2f5d6f1d685f903234545d5b8
2017-08-18TLS everywhere/haproxy: Remove empty postsave commandJuan Antonio Osorio Robles2-2/+0
This is addressed by the patch this depends on. bp tls-via-certmonger Depends-On: I62ff89362cfcc80e6e62fad09110918c36802813 Change-Id: Ibecc461b0c9af02500f590a1f7469d7e4ff20d95
2017-08-18Convert scenario001-multinode-containers job to ceph-ansibleGiulio Fidente2-6/+21
Updates ci/environments/scenario001-multinode-containers.yaml to use ceph-ansible instead of puppet-ceph. Change-Id: Idbd02a3c7404daecdc6e2c45ea6d3478bf70552c Depends-On: Ifa4937624ed14a3ece48dd92ba4f69b5e4928e77
2017-08-18Merge "Refactor setup_docker_host.sh as host_prep_tasks"Jenkins5-41/+13
2017-08-18Merge "Provide sample environment for composable roles"Jenkins4-0/+376
2017-08-18Merge "Containerize Manila Share for HA"Jenkins1-0/+142
2017-08-18Enable listening on TLS for the internal network for horizonJuan Antonio Osorio Robles1-0/+16
This sets the flag that tells the horizon manifest to use TLS for the configuration. bp tls-via-certmonger Depends-On: I7f2e11eb60c7b075e8a59f28682ecc50eeb95c3e Change-Id: I13d59e7663538884b34b5a910b741de8721abbb9
2017-08-18Merge "Add support for installing Ceph MDS via ceph-ansible"Jenkins3-0/+103
2017-08-18Merge "Make cinder-manage db sync run on only one controller during upgrade"Jenkins1-7/+13
2017-08-18Merge "Remove iscsid from TLS everywhere docker environment"Jenkins1-1/+0
2017-08-18Restore and split nova metadata docker service out of nova-api.Oliver Walsh2-5/+62
I2c39a2957fd95dd261b5b8c4df5e66e00a68d2f7 changed nova api to http from eventlet, however we need to continue running the eventlet service as it is required for the nova metadata api. However this should be tied to the OS::TripleO::Services::NovaMetadata service, so duplicate the required config in nova-metadata.yaml. Change-Id: I398575d565d5527bcaa1c8b33b9de2e1e0f2f6fd Depends-On: Id3407e151566d16c6ae1e1ea8c1b021dac22e727 Closes-bug: #1711425
2017-08-17Merge "Mount NFS volume to docker container."Jenkins1-0/+11
2017-08-17Merge "Enable TLS configuration for containerized RabbitMQ"Jenkins1-0/+15
2017-08-17Workaround for RHEL registration as "localhost"James Slagle2-0/+22
Workaround systems getting registered as "localhost" during RHEL registration if they don't have a fqdn set by first rm'ing the /etc/rhsm/facts directory. When the directory does not exist, the katello-rshm-consumer which runs when installing the katello-ca-consumer will not set the hostname.override fact to "localhost". Change-Id: Ia29aa9c775f715f9745bb7e1e4022cc395a7d092 Partial-Bug: #1711435
2017-08-17Enable TLS for nova-metadataJuan Antonio Osorio Robles2-1/+52
This also tells the neutron metadata agent to use TLS for contacting nova-metadata. bp tls-via-certmonger Depends-On: I97ac2da29be468c75713fe2fae7e6d84cae8f67c Depends-On: I9df395dc699090bd73265d10395e155e9b8adb26 Change-Id: I9a8c54f6e052852b8f9d06a42da87773f4da3a15
2017-08-17Add certmonger user profile to all overcloud rolesJuan Antonio Osorio Robles6-0/+7
This is needed for TLS everywhere, else the certs won't be requested. Change-Id: I9849e009843683a75fefa6e9f4b8213bcff3a889 Closes-Bug: #1711424
2017-08-17Merge "Enable TLS for containerized MySQL"Jenkins2-9/+61
2017-08-17Merge "Enable TLS for containerized haproxy"Jenkins2-8/+58