aboutsummaryrefslogtreecommitdiffstats
AgeCommit message (Collapse)AuthorFilesLines
2017-03-25Merge "Fix usage of CinderNfsServers"Jenkins2-5/+7
2017-03-25Merge "Add missing metadata_settings from neutron-api profile"Jenkins1-4/+5
2017-03-25Merge "Rework container volumes as hostpath mounts"Jenkins4-3/+15
2017-03-25Merge "Fixes OpenDaylightProviderMappings hiera parsing"Jenkins2-5/+5
2017-03-24Merge "Clarify Kolla build overrides for tripleo"Jenkins1-1/+5
2017-03-24Rework container volumes as hostpath mountsBogdan Dobrelya4-3/+15
Also add upgrade_tasks to disable corresponding host services in order to not data race with containers Change-Id: I19c16aaa3e5a73436ca7aa7d06facf64feee2327 Signed-off-by: Bogdan Dobrelya <bdobreli@redhat.com>
2017-03-23Fixes OpenDaylightProviderMappings hiera parsingTim Rozet2-5/+5
The str_replace conversion used previously is no longer needed and breaks the hieradata value. Closes-Bug: 1675426 Change-Id: I7a052d1757efe36daf6ed47e55598ca3c2ee9055 Signed-off-by: Tim Rozet <trozet@redhat.com>
2017-03-23Merge "Keep existing data for containerized Libvirt"Jenkins2-3/+16
2017-03-23Add missing metadata_settings from neutron-api profileJuan Antonio Osorio Robles1-4/+5
This is needed for the TLS everywhere work. This will break on TLS-everywhere setups where neutron would be deployed in its own role. So we need to add the metadata_settings. bp tls-via-certmonger Change-Id: I7934a258e032d8eaa6f07c0e48b3fbdb1f8c6a06
2017-03-23Fix usage of CinderNfsServersChristian Schwede2-5/+7
This feature stopped working somewhere along the lines. In the past it was working with parameter_defaults like this: CinderNfsServers: '10.0.0.254:/srv/nfs/cinder' or CinderNfsServers: "[fd00:fd00:fd00:3000::1]:/srv/nfs/cinder" The problem was that the templating escaped these strings, and puppet-tripleo didn't receive a proper array, but a string. This patch fixes this. It accepts strings as above as well as comma-delimited lists of Nfs Servers. Closes-Bug: 1671153 Change-Id: I89439c1d969e92cb8e0503de561e22409deafdfc
2017-03-22Merge "Enables OpenDaylight clustering in HA deployments"Jenkins2-1/+7
2017-03-22Merge "Change kolla_config from required to optional in pep8."Jenkins1-3/+3
2017-03-21Merge "Keep existing data for containerized ironic-conductor"Jenkins2-12/+45
2017-03-21Merge "Cleanup docker services templates"Jenkins16-85/+40
2017-03-20Change kolla_config from required to optional in pep8.Ian Main1-3/+3
We've decided to use volumes for configuration wherever possible. This means moving away from kolla_config blocks in the templates. Update pep8 to reflect this. Change-Id: If1ec40d0e5a515eed35e0cd04711079294f358c3
2017-03-20Merge "Containerize panko api service"Jenkins3-1/+121
2017-03-20Merge "Don't try to run os-net-config from yum_update.sh"Jenkins1-11/+0
2017-03-20Merge "Bind redis-sentinel to its network"Jenkins1-0/+1
2017-03-20Enables OpenDaylight clustering in HA deploymentsTim Rozet2-1/+7
Port 2550 is required for inter-ODL communication when clustering. odl-jolokia feature is required to expose REST APIs from ODL for monitoring the cluster. Implements: blueprint opendaylight-ha Depends-On: Ic9a955a1c2afc040b2f9c6fb86573c04a60f9f31 Change-Id: Ie108ab75cce0cb7d89e72637c600e30fc241d186 Signed-off-by: Tim Rozet <trozet@redhat.com>
2017-03-20Merge "Fixes multiple issues with retry function in rhel-registration."Jenkins1-17/+31
2017-03-20Keep existing data for containerized ironic-conductorJiri Stransky2-12/+45
Use mounts instead of docker volumes, and preserve existing data when moving from baremetal to containerized ironic-conductor. We cannot keep the data in the same directory to avoid hard-linking errors in ironic, because of this issue: https://github.com/docker/docker/issues/7457 This means we need to copy the data over to a new location before we start the containers. Change-Id: If98460120212f887b06adf117c5d88b97682638e
2017-03-18Merge "Make sure PrePuppet runs before any Deployment_Step"Jenkins1-1/+1
2017-03-18Merge "Add certmonger-user profile"Jenkins7-0/+51
2017-03-17Merge "docker/keystone: add metadata_settings to output"Jenkins1-0/+2
2017-03-17Merge "Keep existing data for containerized Swift"Jenkins2-16/+26
2017-03-17Merge "Keep existing data for containerized RabbitMQ"Jenkins1-2/+7
2017-03-17Make sure PrePuppet runs before any Deployment_StepMichele Baldessari1-1/+1
We used to have this in mitaka: https://github.com/openstack/tripleo-heat-templates/blob/stable/mitaka/puppet/controller-post.yaml#L45 but we lost it along the way. The problem without this change is that we are open to the following race: 1) ControllerDeployment_Step1 is started and manages to do a successful "systemctl start pacemaker" 2) PrePuppet gets called and in the HA deployment calls pacemaker_maintenance_mode.sh 3) pacemaker_maintenance_mode.sh will set the maintenance-mode=true property because the pacemaker service is already up: https://github.com/openstack/tripleo-heat-templates/blob/master/extraconfig/tasks/pacemaker_maintenance_mode.sh#L8-L9 4) If the maintenance property is set to true at this stage, the creation of any resource will take place but they won't really start. Change-Id: Icb7495edd00385b2975dd42f63085d20292ef9a9 Closes-Bug: #1673795 Co-Authored-By: Jiri Stransky <jstransk@redhat.com>
2017-03-17Containerize panko api serviceFlavio Percoco3-1/+121
Co-Authored-By: Pradeep Kilambi <pkilambi@redhat.com> Closes-bug: #1668918 Change-Id: Ie1ebd25965bd2dbad2a22161da0022bad0b9e554
2017-03-17Merge "docker: Add metadata_settings to optional parameters for yaml validate"Jenkins1-1/+2
2017-03-17Merge "Keep existing data for containerized MongoDB"Jenkins1-1/+15
2017-03-17Merge "Explicitly configure credentials used by ironic to access other services"Jenkins1-4/+39
2017-03-17Bind redis-sentinel to its networkMichele Baldessari1-0/+1
We currently do not bind redis-sentinel to any IP: redis 21144 0.0 0.0 142908 5908 ? Ssl 07:43 0:11 /usr/bin/redis-sentinel *:26379 [sentinel] Let's bind it to the same network as redis. Change-Id: I8a782ae1db84eb614aa3995a1638a2f370e70d06 Partial-Bug: #1673715
2017-03-16Merge "Added release note for NeutronExternalNetworkBridge deprecation"Jenkins1-0/+10
2017-03-16Explicitly configure credentials used by ironic to access other servicesDmitry Tantsur1-4/+39
Using keystone_authtoken credentials for this purpose is deprecated, and also prevents ironic-conductor from being used as a separate role. Also remove neutron_url, it can be fetched from the catalog instead. Change-Id: I12822568cb4db31808aec5fd407d71fe4b7b09e0 Depends-On: I21180678bec911f1be36e3b174bae81af042938c Partial-Bug: #1661250
2017-03-16Merge "Keep existing data when moving to containerized MariaDB"Jenkins1-4/+21
2017-03-16docker/keystone: add metadata_settings to outputJuan Antonio Osorio Robles1-0/+2
This is used for the TLS-everywhere bits. It will be taken into account by a metadata hook that outputs relevant entries for the nova-metadata service; and subsequently kerberos principals will be created from these. Subsequent patches will add support for TLS in the internal network for the containerized keystone. Change-Id: Ic747ad9c8d6e76c8c16e347c1cdcabc899dd9f9a
2017-03-16docker: Add metadata_settings to optional parameters for yaml validateJuan Antonio Osorio Robles1-1/+2
This section will be needed for TLS-everywhere. So it should be added as optional in the yaml-validate. Change-Id: Ic6ea563b6c8e454cb51f640bb5aaa3adda82a5dd
2017-03-16Merge "etcd: secure EtcdInitialClusterToken parameter"Jenkins2-1/+7
2017-03-16Keep existing data for containerized LibvirtJiri Stransky2-3/+16
Use mounts instead of docker volumes to preserve existing data when moving from baremetal to containerized Libvirt. Change-Id: I2215d451a4ef4023741f0750ac1b45a94652026a
2017-03-16Keep existing data for containerized SwiftJiri Stransky2-16/+26
Use mounts instead of docker volumes to preserve existing data when moving from baremetal to containerized Swift. Change-Id: Ib7cbca2ef674a0245a67b69ee2c77f574d74c181
2017-03-16Merge "Add upgrade tasks for aodh containers"Jenkins4-0/+16
2017-03-15etcd: secure EtcdInitialClusterToken parameterEmilien Macchi2-1/+7
Secure EtcdInitialClusterToken parameter by: * removing the default value. * make it hidden. Change-Id: I938af697f9faaadb9c9aeb950e9410db24b1b961 Depends-On: I6e30cce469736e84a3c483fafa29d542b8347ba9 Closes-Bug: #1673266
2017-03-15Merge "Cleanup no longer used upgrade files"Jenkins13-1014/+0
2017-03-15Add upgrade tasks for aodh containersPradeep Kilambi4-0/+16
Change-Id: I936b31fd24c43e35092b3bfef4454a8da81d19c8
2017-03-15Cleanup no longer used upgrade filesmarios13-1014/+0
Removes some of the no longer used scripts and templates used by the upgrades workflow in previous versions. Change-Id: I7831d20eae6ab9668a919b451301fe669e2b1346
2017-03-14Switch keystone default provider to fernetJuan Antonio Osorio Robles2-1/+7
UUID is to be deprecated, and we should be using fernet. Change-Id: I61b999e65ba5eb771776344d38eb90fc52d49d56
2017-03-14keystone/containers: Add support for fernet keysJuan Antonio Osorio Robles1-0/+19
Since the 'file' resource is included in the tags that puppet takes into account, we already generate the fernet keys if it's enabled as a token provider. This merely adds the keys to the container. However, if fernet is not the provider, we make this file addition optional. Change-Id: Id92039b3bad9ecda169323e01de7bebae70f2ba0
2017-03-14Merge "Update properties being set for octavia rabbit properties"Jenkins1-3/+3
2017-03-14Keep existing data for containerized RabbitMQJiri Stransky1-2/+7
Use mounts instead of docker volumes to preserve existing data when moving from baremetal to containerized RabbitMQ. Change-Id: I8de6610d13d2d878ffba12eb742880eed694eb3e
2017-03-14Keep existing data for containerized MongoDBJiri Stransky1-1/+15
We used named Docker volume for MongoDB storage, which meant that when moving from bare metal to containerized, we lost data and reinitialized the storage from scratch. With this commit we keep the data by mounting the original data into the container. We also need make sure that file ownership is correct according to the uid/gid used within MongoDB container image. Change-Id: I86ef2cb37a068b767462d6d50fe451389b7cbb58