Age | Commit message (Collapse) | Author | Files | Lines |
|
There have been some requests to enable this, and although it's not
something we should enable by default, this shows how you can use
the generic NodeUserData interface to have cloud-init do it.
To use this you create an environment file like:
resource_registry:
OS::TripleO::NodeUserData: path/to/userdata_root_password.yaml
parameter_defaults:
NodeRootPassword: insecure_changeme
Obviously this isn't that secure, and thus isn't intended for
production environments, but it may be useful for debugging and
as a further example showing how to configure things via cloud-init.
Change-Id: If87a1e1dbfaf31b84cc0667c9a60bbd3c757d8cd
|
|
|
|
|
|
For cache monitoring technology feature to work, nova config
libvirt settings should have the perf events enabled for
nova to emit these so telemetry can capture them.
Depends-On: Ia27e6831f3f6e9cdeaacb650039be5c81b90cb40
Change-Id: I92c318008b965a6527acbce85b41a545eda7ee18
|
|
This change pulls the hard coded value out of puppet-tripleo to later
allow people to skip the cell0 creation if they want a more complex cell
v2 setup for nova.
Change-Id: I08119d781ef60750cc19753bc03190e413159925
Related-Bug: #1649341
|
|
|
|
|
|
|
|
|
|
When a service connects to the database VIP from the node hosting this
VIP, the resulting TCP socket has a src address which is by default
bound to the VIP as well. If the VIP is failed over to another node
while the socket's Send-Q is not empty, TCP keepalive won't engage and
the service will become unavailable for a very long time (by default
more than 10m).
To prevent failover issues, DB connections should have the src address
of their TCP socket bound to the IP of the network interface used for
MySQL traffic. This is achieved by passing a new option to the
database connection URIs. This option is available starting from
PyMySQL 0.7.9-2.
We use a new intermediate variable in hiera to hold the IP to be used
as a source address for all DB connections. All services adapt their
database URI accordingly.
Moreover, a new YAML validation check is added to guarantee that new
services will construct their database URI appropriately.
Change-Id: Ic69de63acbfb992314ea30a3a9b17c0b5341c035
Closes-Bug: #1643487
|
|
|
|
|
|
|
|
Heat now supports release name aliases, so we can replace
the inconsistent mix of date related versions with one consistent
version that aligns with the supported version of heat for this
t-h-t branch.
This should also help new users who sometimes copy/paste old templates
and discover intrinsic functions in the t-h-t docs don't work because
their template version is too old.
Change-Id: Ib415e7290fea27447460baa280291492df197e54
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
The cell v2 setup requires the transport url for nova. We need to
provide mysql with the rabbit connection information so that it can it
when setting up the cell information.
Change-Id: I43ba77cd4c8da7c6dc117ab0bd53e5cd330dc3de
Related-Bug: #1649341
|
|
|
|
run-os-net-config.sh only allows for limited customization of the
network configuration in config.json. Namely, it only customizes the
bridge_name and interface_name.
This will likely not be sufficient for all use cases. This patch adds a
generic network_config_hook bash function that will be called if it is
defined. The function is an entry point for deployers to write custom
code to further influence run-os-net-config.sh.
A possible alternative approach would be to pass the server resource
into the NetworkConfig template. That would allow running arbitrary
SoftwareDeployments on the server before NetworkDeployment is executed.
However, the interface of NetworkDeployment is likely still not as
flexible as this approach as the inputs are hardcoded in the role
template files (role.role.j2.yaml), which are not meant to be modified
by deployers.
The immediate use case for this work is using os-net-config in our
multinode CI jobs where we need to create vxlan tunnels between the
nodes and we need to know the local private IP of each node for the
tunnel endpoint. As the IP is different for each node, it's not a
parameter we could specify in the templates.
Change-Id: I26d0ebdaba6fcd3fe885e41ed234eb79a2405228
Implements: blueprint multinode-ci-os-net-config
|
|
|
|
|
|
Currently the description of CI matrix is defined
in tripleo-ci, but the services for each scenario
lives now in THT. This submission moves this table
to the repo in which the configuration is defined.
Change-Id: I9ef1acefc6e1f347528a48edcb4d997a9628fcf6
|
|
This enables the deployer to dynamically add nova metadata to the
servers based on the output of service profiles that implement the
metadata_settings key in the role_data output for the profiles.
One can set an implementation via the OS::TripleO::ServerMetadataHook
resource, which currently is set as OS::Heat::None. So, because of
the default implementation, if left untouched it actually does
nothing.
Currently, besides the list, which is metadata_settings, this hook also
takes the name of the node that it's setting the metadata for.
This is useful for nova vendordata plugins that can parse said metadata.
Change-Id: I8a937f711f0b90156fbb6c4632760435ef846474
|
|
|
|
|
|
|
|
In order to call commands that need to be run on a single node, we
create a new per-service variable that will contain the first node of
each role containing the service.
Change-Id: I03e8685f939e8ae1fcd8b16883b559615042505d
Partial-Bug: #1615983
|
|
|
|
|
|
|
|
|
|
ODL username and password are already present in the OpenDaylightApi
service. However, when moving the OpenDaylightApi service to its own
custom role, the Controller/Compute nodes no longer have access to these
hiera values. This patch adds them also to the OpenDaylightOvs service.
Closes-Bug: 1651499
Depends-On: I418643810ee6b8a2c17a4754c83453140ebe39c7
Change-Id: I169fdad4c94bd6dfc1fe7cde3d6b19b36d916af7
Signed-off-by: Tim Rozet <trozet@redhat.com>
|
|
Depends-On: Ice921f0fdd4bec6de50e62c39c447ee40dc0e8f5
Change-Id: I4109ac83c32ee2365695611009579a8b117134ff
|
|
Depends-On: I53b156505e08625d56ed6a302cf5b5c30e8e288c
Change-Id: Id9791d8a19a74c1f0855e794170f66542f88a548
|
|
Since we have aodh enabled for alarms, we should set the
notifier to the default queue alarm.all.
Closes-bug: #1590473
Change-Id: Ibcb5076424ac2ddcd18ff717d82da1aec4c035cb
|
|
This patch updates the endpoint map for Zaqar websockets
so that we use ws (or wss for SSL) instead of the http varients.
This should help resolve protocol issues when trying to make
connections to the websocket API.
Change-Id: Iea88d1e30299cb621424740a39d498defa371ca4
|
|
|
|
|
|
|
|
In the freeipa-enroll.yaml, it can be the case that the node has been
enrolled (via a cloud-init script); in this case, the OTP and the
FreeIPA server are optional. However, we still need to get a kerberos
ticket, which is the last step of this script, since this ticket is what
certmonger will use to request the certificates in subsequent steps.
Change-Id: I7e9d6a747cdcbe81c9a74a17db5e91aa9d459f65
|
|
|
|
|
|
It turns out the puppet-mistral change this depends on broke
introspection, so we need to back it out for now.
This reverts commit ed029e5bf279945e82bff8766af4093856a7ac6a.
Change-Id: I828478267935cdc68aa24de8c9dc2d12fcadb631
|