summaryrefslogtreecommitdiffstats
AgeCommit message (Collapse)AuthorFilesLines
2017-07-14Adds network/cidr mapping into a new service propertyGiulio Fidente283-2/+1324
Makes it possible to resolve network subnets within a service template; the data is transported into a new property ServiceData wired into every service which hopefully is generic enough to be extended in the future and transport more data. Data can be consumed in service templates to set config values which need to know what is the subnet where a deamon operates (for example the Ceph Public vs Cluster network). Change-Id: I28e21c46f1ef609517175f7e7ee19e28d1c0cba2
2017-07-14Merge "Move services.yaml to common directory"Jenkins3-2/+1
2017-07-14Merge "Remove special-case of memcache node ips for ipv6"Jenkins2-9/+0
2017-07-14Merge "Adds check for existing yum process during the legacy minor update"Jenkins2-1/+15
2017-07-13Remove special-case of memcache node ips for ipv6Steven Hardy2-9/+0
This should be handled in puppet-tripleo, as is done for some other services e.g ceph. This has also been identified as a possible performance problem due to the nested get_attr calls. Change-Id: I7e14f0219c28c023c4e8e1d4693f0bfa9674d801 Related-Bug: #1684272 Depends-On: Iccb9089db4b382db3adb9340f18f6d2364ca7f58
2017-07-13Merge "Remove hardcoded enable_load_balancer from Controller role"Jenkins2-7/+5
2017-07-13Merge "Make NeutronEnableDVR parameter consistent"Jenkins1-2/+1
2017-07-13Merge "Added OvS permission workaround for enabling DPDK"Jenkins2-0/+32
2017-07-13Merge "Make Rabbit parameters consistent"Jenkins1-3/+3
2017-07-13Merge "Make CephValidationDelay/Retries default consistent"Jenkins2-2/+3
2017-07-13Merge "Make *AdminStateUp parameters consistent"Jenkins11-11/+11
2017-07-13Adds check for existing yum process during the legacy minor updatemarios2-1/+15
Checks for an existing /var/run/yum.pid and exit 1 with an error message saying why. Change-Id: I374eeb4164a8007ae67fea2796eac109fffdef97 Closes-Bug: 1704131
2017-07-13Move services.yaml to common directorySteven Hardy3-2/+1
This new directory has now been added to the RDO packaging so we can move things common to both puppet/container architecture here, starting with the recently combined services.yaml Change-Id: If2ce27188c4c15002b3ad830e8d6eb9504d2f3d2
2017-07-13Merge "Containerize Manila Share service"Jenkins2-0/+119
2017-07-13Merge "Use ServerOsCollectConfigData value in output"Jenkins1-4/+1
2017-07-13Merge "Fix ironic-pxe startup issues"Jenkins1-7/+7
2017-07-13Merge "Tolerate network errors in pingtest retry logic"Jenkins1-1/+2
2017-07-13Merge "Drop ComputeServices from environments/docker.yaml"Jenkins2-30/+0
2017-07-13Merge "Add support for running crontabs in containers"Jenkins3-5/+15
2017-07-13Merge "Revert "Revert "Blacklist support for ExtraConfig"""Jenkins11-7/+192
2017-07-13Merge "Run rsync for Swift without xinetd"Jenkins1-4/+4
2017-07-13Merge "Allow to set Notification Driver to 'noop'"Jenkins18-4/+119
2017-07-13Merge "Add DeployedServerEnvironmentOutput"Jenkins12-0/+348
2017-07-13Merge "Add missing tags in iscsid upgrade_tasks"Jenkins1-0/+2
2017-07-12Merge "Implement scenario006 with Ironic in overcloud"Jenkins1-0/+60
2017-07-12Merge "Remove controller specific bootstack_nodeid"Jenkins1-4/+0
2017-07-12Merge "Add dependency relationship between nested get_attr targets"Jenkins1-0/+9
2017-07-12Fix ironic-pxe startup issuesDan Prince1-7/+7
This patch updates the ironic-api docker service so that it generates its config files in a unique config root. This ensures that it doesn't have config files in the httpd conf.d directory for both the API and PXE services thus causing the API container to attempt to launch both of them. This functionally fixes the Ironic API and PXE services with docker so they once again can bring up an overcloud. Change-Id: I537cd6a3337bf776ca38a279b7c130b6429eea04 Closes-bug: #1702799
2017-07-12Merge "Bind mount needed cert for haproxy for HA too"Jenkins1-12/+26
2017-07-12Containerize Manila Share serviceVictoria Martinez de la Cruz2-0/+119
Change-Id: I797eea2f7788f65411964ccb852b5707e916416f Partial-Bug: #1668922
2017-07-12Drop ComputeServices from environments/docker.yamlDan Prince2-30/+0
Change-Id: Ibfc568755764203b68aed524d6f334eeb7cd5da7 Closes-bug: #1703001
2017-07-12Add support for running crontabs in containersOliver Walsh3-5/+15
This change enables the puppet cron resource in docker-puppet.py and adds user crontabs to the paths copied from the config containers. Only the nova crontab is configured for now. Other services will require similar changes to run their crontabs. Partial-Bug: 1701254 Change-Id: I2d1d0f0d77908a132472cf4bc475f8bd526af504 Depends-On: Ie16fb4539481a3c192cff8220a97daa4c70467fc
2017-07-12Merge "Remove ceilometer apache files on upgrade"Jenkins2-1/+42
2017-07-12Run rsync for Swift without xinetdChristian Schwede1-4/+4
The default in non-containerized environments is to run rsync within xinetd for Red Hat-based deployments, however in an containerized environment this is not really needed. Therefore run rsync directly without being started by xinetd. Change-Id: I08abd917eba08d1192437ddf96c71b06d099a3f8
2017-07-12Merge "Switch from oslosphinx to openstackdocstheme"Jenkins2-3/+8
2017-07-11Allow to set Notification Driver to 'noop'Emilien Macchi18-4/+119
This patch does 2 things: * Configure messagingv2 as default driver for Oslo Notifications sent on RPC. * Allow users to choose between messagingv2 (default) and noop when we want to disable notifications (for example, when Telemetry is disabled). * Deprecate KeystoneNotificationDriver in favor of NotificationDriver. Change-Id: Ia547d7f4bfb51e7c45246b097b48fd86da231bd3 Related-Bug: #1701357
2017-07-11Add dependency relationship between nested get_attr targetsZane Bitter1-0/+9
Starting with Pike, Heat will do attribute resolution in a single pass. A consequence of this is that when the result of a get_attr is passed to another get_attr call, there must be a dependency relationship between the resources so that the inner attribute is resolved first before we try to determine which attributes are required from the resource in the outer call. There are two uses of nested dep_attr in the overcloud template. One (which hopefully can be removed soon) is in the allNodesConfig resource. In this case, the {{primary_role_name}}IpListMap already depends on the ServiceNetMap. The second is in the KeystoneAdminVip output. This patch makes the VipMap depend on the ServiceNetMap so that attributes can be resolved in a single pass in that case. Change-Id: I438a79748b9b408ec1101271d96c60d84028b57e
2017-07-11Remove hardcoded enable_load_balancer from Controller roleSteven Hardy2-7/+5
This is associated with the haproxy service, so set the hieradata there instead. This is needed so we can render the controller role template via j2, and also if anyone ever wants to run haproxy on some role other then the Controller. Change-Id: I82b992afe42f6da7788f6efca2366863c3bf68f7 Partially-Implements: blueprint composable-networks
2017-07-11Remove controller specific bootstack_nodeidSteven Hardy1-4/+0
This has been replaced for some time by bootstrap_nodeid which isn't hard-coded to the Controller role. Change-Id: I2c172de13646e5b88cb9930a93ca71fcc990e522 Depends-On: I0a9fced847caf344e5d26b452f1bd40afab8f029
2017-07-11Don't confuse Heat with empty parameter_defaultsJiri Stransky1-0/+7
Apparently providing completely empty parameter_defaults in an environment file can confuse Heat, and it seems like it doesn't try to deploy any services on the overcloud in the multinode job. See the bug for more details about the bug symptoms. Change-Id: Ia9cb01b48087b78f66004263757590877219f743 Closes-Bug: #1703599
2017-07-10Revert "Revert "Blacklist support for ExtraConfig""James Slagle11-7/+192
There is a Heat patch posted (via Depends-On) that resolves the issue that caused this to be reverted. This reverts the revert and we need to make sure all the upgrades jobs pass before we merge this patch. This reverts commit 69936229f4def703cd44ab164d8d1989c9fa37cb. Closes-Bug: #1699463 implements blueprint disable-deployments Change-Id: Iedf680fddfbfc020d301bec8837a0cb98d481eb5
2017-07-10Merge "Copy only generated puppet files into the container"Jenkins72-214/+627
2017-07-10Use ServerOsCollectConfigData value in outputJames Slagle1-4/+1
Just use the value from the ServerOsCollectConfigData resource in the output instead of recalculating the value for each role via jinja. Change-Id: I4e3bf4f25c9a8f677d5d177eb409594193a86405
2017-07-10Add DeployedServerEnvironmentOutputJames Slagle12-0/+348
Add a new output, DeployedServerEnvionmentOutput, that can be used as the contents of an environment file to input into a services only stack when using split-stack. The parameter simplifies the manual steps needed to deploy split-stack. By default, the resource that generates the output is mapped to OS::Heat::None. implements blueprint split-stack-default Change-Id: I6004cd3f56778f078a69a20e93a0eba0c574b3db
2017-07-10Merge "Modify generic role template to support custom networks"Jenkins2-123/+38
2017-07-10Bind mount needed cert for haproxy for HA tooMartin André1-12/+26
haproxy needs the deployed SSL cert file to function when TLS is enabled. It is also required for the docker-puppet haproxy container since the haproxy puppet module uses a validate_cmd to check the generated config file is valid that fails when the required SSL cert is not present. There is no clean way to disable this feature [1] so we need to bind mount the cert into the container. This commit applies the same change that was applied in Id2df144b678769def204961236624091d4e5c457 for the non-ha case. [1] https://github.com/puppetlabs/puppetlabs-haproxy/blob/4753ea5b2506ee093e9b4c8af6e91201d476d426/manifests/config.pp#L53-L57 Change-Id: I93e1ee86197bcf271f18a62a27c2f350ed3966ea Co-Authored-By: Damien Ciabrini <dciabrin@redhat.com>
2017-07-10Added OvS permission workaround for enabling DPDKSaravanan KR2-0/+32
The vhost sockets sockets are created with qemu permission, but ovs runs with root permission. In order to allow ovs to access vhost sockets reducing the ovs group permission from root to qemu. This is a temprovary workaround, until ovs fixes the permission issue. The script supports both ovs2.6 and ovs2.7 versions. Change-Id: I172956390c19fc9824bf7590cd48bfcf6201191b
2017-07-10Copy only generated puppet files into the containerMartin André72-214/+627
This solves a problem with bind-mounts when the containers are holding files descriptors open. At the same time this makes the template more robust to puppet changes since new config files will be available in the containers without needing to update the templates. Partial-Bug: #1698323 Change-Id: Ia4ad6d77387e3dc354cd131c2f9756939fb8f736
2017-07-08Disable network validation in multinode jobsBen Nemec11-0/+73
Sometimes the infracloud gateway refuses to ping even though everything else is working fine. Since we have coverage of this functionality in the OVB jobs it should be safe to turn it off here so it stops spuriously failing our jobs. We can't just set the resource to OS::Heat::None because there are other resources with dependencies on it. Instead, this adds a noop version of the validation software config that always returns true. Change-Id: I8361bc8be442b45c3ef6bdccdc53598fcb1d9540 Partial-Bug: 1680167
2017-07-08Merge "Add in roles data validation"Jenkins12-3/+152