summaryrefslogtreecommitdiffstats
AgeCommit message (Collapse)AuthorFilesLines
2014-09-15Parameterize network type and tunnel typesJames Slagle3-3/+31
Remove the hardcoding of gre as the Neutron tenant network type for the Overcloud. This will enable the ability to deploy an Overcloud that uses vxlan instead of gre tunnels. A new parameter, NeutronTunnelTypes, is added to allow configuring the tunnel_types parameter in the Neutron ML2 configuration. This change is required by https://review.openstack.org/#/c/92913 Change-Id: I2c2e2153a61349e58ada28c87aa2338c9f00e7bd
2014-09-12Merge "Fix spelling of controller0_VLANPort"Jenkins1-1/+1
2014-09-10Merge "Add specific pass-through config for each role"Jenkins3-3/+56
2014-09-08Merge "Update overcloud examples for ExtraConfig"Jenkins2-4/+4
2014-09-05Update overcloud examples for ExtraConfigDan Prince2-4/+4
The existing examples for the overcloud ExtraConfig options use an ironic setting that would likely never apply (Ironic isn't for the overcloud). This patch modifies the default section setting to use the Nova force_config_drive option instead as a config example. Change-Id: Ieb893552fe9466b90b9d9a831a676d114efb6db1
2014-09-05Undercloud params for compute driver and managerDan Prince6-4/+45
Add undercloud template parameters for NovaComputeDriver, NovaComputeManager, and NovaSchedulerHostManager. The motivation here is to be able to test configure Nova to use the new (in-tree) Ironic compute driver (which used to live in Ironic). NOTE: The initial Nova in-tree Ironic driver won't have its own ClusteredComputeManager (compute_manager). Even so I've gone ahead and added a parameter for NovaComputeManager so we can modify this accordingly in the future without making hard coded template changes. Change-Id: Ib48a6b6d8a6cff157bdf3948bd0330e9b29dd46a
2014-09-04Fix spelling of controller0_VLANPortJames Polley1-1/+1
Prior to this change, using these templates fails as controller0_VLANPort is defined, but we attempt to use controller0VLANPort instead. Change-Id: Ieb2eece4e7d48177acae0bef916192d8e6a4a4a3
2014-09-02Merge "Make turning debug on globally easy."Jenkins4-0/+25
2014-09-02Merge "Change | to > in templates."Jenkins2-8/+8
2014-09-01Merge "Remove unused Neutron values"Jenkins2-14/+0
2014-09-01Add specific pass-through config for each roleNicholas Randon3-3/+56
Supplement ExtraConfig with specific versions - ControllerExtraConfig and NovaComputeExtraConfig. This allows the user to specify different configurations for each role. Change-Id: Ieaee80e414130504a5e40e878a5a4ca1c196ca2b
2014-08-30Change | to > in templates.Robert Collins2-8/+8
Clint pointed out that | prevents things rendering properly on arbitrarily wide screens. For most things that makes sense but it doesn't for the JSON examples IMO so I didn't alter those. Change-Id: Ifb7dcc265c225b000bd5d26500212d41ea0233c8
2014-08-29Merge "Expose public_interface_tag support."Jenkins6-3/+110
2014-08-29Remove unused Neutron valuesJames Slagle2-14/+0
These Neutron parameters are not actually needed or used on a Swift Storage instance. neutron-openvswitch-agent does not even need to be present on a Swift node. Change-Id: I5d61cc1d22a719b186e6d89baaf25f119e0416d7
2014-08-28Expose public_interface_tag support.Robert Collins6-3/+110
Proper VLAN support requires adding the IP address to a new device, rather than br-ex/br-ctlplane. This is added in the tripleo-image-elements change https://review.openstack.org/103449 (I3f77f72ac623792e844dbb4d501b6ab269141f8e) and here we just expose it with appropriate glue to get the IP address from Neutron. With this we can now describe a VLAN public interface scenario to the undercloud and overcloud control planes. Change-Id: I4d2194fc813aebb0708d6fddf4f05bae5f091fd8
2014-08-28Make turning debug on globally easy.Robert Collins4-0/+25
We can obviously use passthrough for this, but I rather suspect that OMFG something is broken get me debug will be a common phrase. Change-Id: I62539630a4737bbbe6883ed71929f38c819ceed4
2014-08-26Merge "Make Swift replica count configurable."Jenkins3-1/+11
2014-08-26Merge "Permit specifying VLAN mappings to overclouds."Jenkins1-1/+10
2014-08-25Merge "Fixup network configuration for ext-net"Jenkins1-8/+19
2014-08-25MySQL connections via HAProxy should not timeoutKiall Mac Innes1-0/+3
With the default 60 second timeout, many services will periodically log "MySQL has gone away" as HAProxy has closed the connection. Change-Id: Ied67344fbabcd77def4483be37a4706190ab28a0
2014-08-25Merge "Set vnc to use controller virtual_ip"Jenkins3-0/+5
2014-08-25Merge "Make signal_transport a parameter"Jenkins3-0/+23
2014-08-22Set vnc to use controller virtual_ipRyan Moore3-0/+5
The address for the vnc proxy is incorrectly configured in the nova configuration file. The correct IP address is the Public Virtual IP address of the controller node as created by: I9649ee74ebaf62b6b929b28243a07c789a08867c The nova image_element nova.conf already has: novncproxy_base_url=http://{{nova.public_ip}}:6080/vnc_auto.html but nothing was setting nova.public_ip - until now Closes-Bug: #1332554 Change-Id: I41214834511680170393dd4325b510f549373141
2014-08-20Merge "Remove hardcoded version."Jenkins1-1/+0
2014-08-20Remove hardcoded version.Robert Collins1-1/+0
We use semantic versioning, not pbr's pre-version facility. This line causes local package builds to have the wrong version, and pbr will in future detect this and error. Change-Id: Ia625d31e87d137e867badcdeac1f33630257bb8c
2014-08-19Merge "Set the MySQL root password"Jenkins2-0/+10
2014-08-18Make signal_transport a parameterClint Byrum3-0/+23
There may be times where an update needs to change this without changing the template, such as when updates will be done by something other than Heat (i.e. Ansible). Change-Id: I89d1153acab697b64468f841b3f2d17c169da649
2014-08-18Merge "Fix bash env var conditionals in merge.py call to be consistent"Jenkins0-0/+0
2014-08-18Merge "Make BlockStorage deployment dependent on controller0AllNodes"Jenkins1-0/+1
2014-08-18Merge "Ensure glance.host and glance.cinder are set for BlockStorage nodes"Jenkins1-0/+3
2014-08-18Merge "Rename NovaCompute resources suffix to be consistent with controller"Jenkins2-9/+9
2014-08-17Ensure glance.host and glance.cinder are set for BlockStorage nodesGiulio Fidente1-0/+3
Change-Id: I03056681b795a2078a678dcb0cd29002310e5843 Related-bug: 1351110
2014-08-17Make BlockStorage deployment dependent on controller0AllNodesGiulio Fidente1-0/+1
As per the NovaCompute nodes, this change makes deployment of BlockStorage nodes dependent on controller0AllNodes. Change-Id: I4bc4d33d42463a0abadc2bfd4e48b1a4e554d396
2014-08-15Merge "Use VIP for rabbit/keystone and mysql in block-storage.yaml"Jenkins1-3/+3
2014-08-15Merge "Remove unneeded neutron config parts from block-storage.yaml"Jenkins1-16/+0
2014-08-15Merge "Add strict dependencies to the undercloud template"Jenkins4-6/+9
2014-08-14Replace occurrences of list_join with Fn::JoinGiulio Fidente1-6/+6
When change I6730ffe1e27d952d563c16a9480298fbef9f61fe got merged we introduced some occurrences of list_join which should have been migrated to Fn::Join (change I039f57ab39c1fcfc319a7a34265ba4fabf4ccd08) This caused overcloud CI jobs to fail with: Property error : allNodesConfig: config Items to join must be strings This change fixes this by replacing newly introduced occurrences of list_join with Fn::Join Change-Id: Ibac193781d31d6f81e955e7b9381e13cfdd0ab1d
2014-08-14Use VIP for rabbit/keystone and mysql in block-storage.yamlGiulio Fidente1-3/+3
Previously BlockStorage nodes were using the controller ip instead of the virtual ip to reach rabbit, keystone and mysql. Change-Id: I23f87511e59d4d3527403b1a81c1b3df65c6a904
2014-08-14Remove unneeded neutron config parts from block-storage.yamlGiulio Fidente1-16/+0
Some of the keys defined in block-storage.yaml for neutron and passed to the BlockStorage nodes were related to neutron, but BlockStorage nodes do not route instances traffic so do not need to be deployed with the OVS agent. Change-Id: Icc7d5ea0d91370ccdf7cb4742d052fea004bae44
2014-08-14Merge "Add BlockStorage and SwiftStorage nodes into hosts"Jenkins1-0/+24
2014-08-14Merge "Fix BLOCKSTORAGESCALE and SWIFTSTORAGESCALE in Makefile"Jenkins1-2/+2
2014-08-14Add strict dependencies to the undercloud templateNicholas Randon4-6/+9
Currently there is very weak ordering of StructuredDeployments during heat stack creation on the undercloud. This can cause the deployment which sends the completion signal back to Heat to happen before all others have completed, which in turn leads Heat to state the stack is ready while ORC is still configuring services The only workaround to this is to wait an unknown amount of time after the heat stack completes before the system is usable. This patch prevents the completion signal from being returned early, by ensuring these are strictly ordered: undercloudIronicDeployment (if used) undercloudNovaDeployment undercloudPassthroughDeployment undercloudDeployment Note: The reference numbering for the undercloud has been removed. Change-Id: I98499dd54bb907d29cf355fe83b5c285a7375e97
2014-08-14Set the MySQL root passwordTherese McHale2-0/+10
Set the MySQL root password to a random string for the undercloud and overcloud Change-Id: I6d38ca82c77a4aa8f58089c50aa5bf320ec0ecc6
2014-08-14Permit specifying VLAN mappings to overclouds.Robert Collins1-1/+10
To use a VLAN based public network we need the ext-net network to be a VLAN with a segmentation id - but we can't do this unless we also have the datacentre physical network marked as allowing vlans. We could make this strictly opt-in, but as this doesn't affect the switch configuration (and thus actual machine capabilities) having it on by default seems reasonable. OTOH we can't force it on, because high security environments may well want a defense in depth setup where neutron admins cannot configure VLANs that they are not meant to have access too (consider that the cloud machine admins may be separate to the folk running the services on top of them...) Change-Id: I9687751753f810896c6d065750910da40132c9fa
2014-08-14Fixup network configuration for ext-netRobert Collins1-8/+19
We currently make the external network a single-node gre network but this is not at all correct for HA environments - we need a provider network, which means having a bridge mapping, a flat network specified, and then because we run the same ovs config everywhere we need br-ex on the hypervisors too. This is entirely reasonable since DVR will require this as well (and solve lots of scaling issues...). Change-Id: I8b63ab51e7e20b235430fad8d786d8da005d84a1
2014-08-13Merge "Make removing nodes from scaled items possible."Jenkins3-8/+384
2014-08-13Make Swift replica count configurable.Robert Collins3-1/+11
Using 1 is thoroughly non-HA :) This is the HOT version of this patch. Change-Id: Ic96bcdc03dacb9650520bd9ac1ce3805c6dac2fa implements: blueprint tripleo-icehouse-ha-production-configuration
2014-08-13Switch to heat_template_version: 2013-05-23Steve Baker13-67/+67
To support underclouds and seeds running older than the very latest heat. 2013-05-23 lacks function list_join, so this change reverts to using the equivalent function Fn::Join. Change-Id: I039f57ab39c1fcfc319a7a34265ba4fabf4ccd08 Closes-Bug: #1354305
2014-08-13Change overcloud to use VIP for MySQLJulia Kreger3-12/+70
This change sets applications to utilize the VIP address for database connectivity and sets HAProxy in between the applications and MySQL. Depends upon tripleo-image-elements changes: Ia6f26305f8e744e4ff938dff85de1193183ecd8f Iac1274cc52014f25887d696261b32146afc926dd I5af70abb96021146c098f788db349808d806a348 Related to blueprint tripleo-icehouse-ha-production-configuration Change-Id: Ia9d6ed2771f756d2a97ae5df7ed737a062a59cf2
2014-08-12Move cacert property out of "stunnel" and into a new "ssl" groupJonathan Brownell1-0/+3
The CA certificate is currently passed via ssl-source.yaml as "stunnel.cacert", but this value is not currently used by stunnel since we have no use case for client cert authentication. This change proposes that it also be exposed as "ssl.ca_certificate", which is consistent with the overall SSL direction being driven by the PKI spec: I32473fe797a4c1e28d14c3b82c8892c7c59a4e55 This new CA certificate value will be installed as a trusted CA on all cloud nodes that issue SSL-secured connection requests to OpenStack or other infrastructure (MySQL, RabbitMQ) services. Change-Id: Ibacd7c98980520e11c0df89632013f2ba2dbe370