aboutsummaryrefslogtreecommitdiffstats
AgeCommit message (Collapse)AuthorFilesLines
2016-10-24Enables auto-detection for VIP interfacesTim Rozet2-17/+9
Previously the ctrl plane VIP would default to 'br-ex' which in non-vlan deployments ends up being the wrong interface. The public VIP interface was also defaulted to 'br-ex' which would be incorrect for vlan based deployments. Since a user has already given the nic template (and in most cases the subnet that corresponds to the nic) the installer should be able to figure out which interface the public/control vip should be on. These changes enable that type of auto-detection, unless a user explicitly overrides the heat parameters for ControlVirtualInterface and PublicVirtualInterface. Also, incorrect parameters from haproxy service are removed. Depends-On: I05105fce85be8ace986db351cdca2916f405ed04 Closes-Bug: 1606632 Change-Id: I3c1c39824ec32ced304a782edc6ef49c0769c108 Signed-off-by: Tim Rozet <trozet@redhat.com>
2016-10-22Fix the rabbitmq/redis pacemaker resource timeouts on updatesMichele Baldessari1-0/+19
With the following two changes we increased the timeout for redis and rabbit for both starting and stopping to 200s: https://review.openstack.org/386618 newton (merged) https://review.openstack.org/385555 master (merged) We want to also fix that on minor updates on all our supported releases upstream and downstream (newton, mitaka, liberty, kilo). This way we can guarantee that we have a uniform timeout for sart and stop for rabbit and redis across all our releases. Change-Id: If59bf3386832ee78d3a654f01077aff2e8be76e8 Closes-Bug: #1634851
2016-10-21Merge "Composable Mistral services"Jenkins11-0/+498
2016-10-21Merge "Prefill Sensu client custom config"Jenkins2-26/+27
2016-10-21Merge "Clarify horizon allowed hosts setting"Jenkins1-1/+2
2016-10-21Merge "Use correct password for keystone bootstrap"Jenkins1-0/+1
2016-10-21Clarify horizon allowed hosts settingMatthias Runge1-1/+2
Horizon allowed hosts should name the IP addresses/ DNS names (short/long) the Horizon node is listening to. Allowed hosts is used for header checks and is a security mechanism. Change-Id: I81c96357f969a1a436eecd35eb178579159bc719
2016-10-21Merge "Add special case handling for OVS upgrade in updates and upgrades"Jenkins6-0/+86
2016-10-21Merge "Use ::os_workers fact instead of ::processorcount"Jenkins2-2/+2
2016-10-21Merge "Add parameters to run cinder over httpd"Jenkins1-1/+29
2016-10-21Merge "Add missing Ceph endpoints from tls-everywhere environment"Jenkins1-0/+3
2016-10-21Merge "Include ceilometer in swift proxy pipeline"Jenkins1-0/+12
2016-10-21Merge "Removes EnableODL heat parameter and fixes missing local_ip param"Jenkins4-7/+1
2016-10-21Use ::os_workers fact instead of ::processorcountJuan Antonio Osorio Robles2-2/+2
Change-Id: Ib25849565c617f32357ef545957f58454b2a53f8
2016-10-21Composable Mistral servicesBrad P. Crochet11-0/+498
Adds new puppet specific services for Mistral API and Mistral Engine. This submission enables the mistral service by default in the overcloud, a following submission will disable it and make it optional by enabling it on demand based in an environment file. Depends-On: Iae42ffa37c4c9b1e070b7c3753e04c45bb97703f Depends-On: I942d419be951651e305d01460f394870c30a9878 Depends-On: I6cb2cbf4a2abf494668d24b8c36b0d525643f0af Implements: blueprint composable-services-within-roles Co-Authored-By: Carlos Camacho <ccamacho@redhat.com> Change-Id: Id5ff9cb498b5a47af38413d211ff0ed6ccd0015b
2016-10-21Merge "Generate internal TLS hieradata for apache services"Jenkins5-20/+104
2016-10-21Add missing Ceph endpoints from tls-everywhere environmentJuan Antonio Osorio Robles1-0/+3
Change-Id: Ib945e570556e8e10e5bb07faa57270958c9eda99
2016-10-21Merge "Bind mount files to run DiD in latest atomic host"Jenkins1-1/+22
2016-10-21Merge "Have docker start script honor configuration"Jenkins1-1/+3
2016-10-20Open port 16509 for libvirt for live migrationJames Slagle1-0/+4
Port 16509 should be opened for tcp traffic to enable live migration. See Also: http://docs.openstack.org/admin-guide/compute-configuring-migrations.html Previously, we were not enabling any iptables rules on the Compute Roles, so this is a regression. Change-Id: Ie4abf53dc2a8171af48d02e34a1a3ad43f27cfb3 Closes-Bug: #1635427
2016-10-20Include ceilometer in swift proxy pipelinePradeep Kilambi1-0/+12
new ceilometermiddleware is available and integrated into puppet-swift. Lets leverage it and include it in the swift proxy pipeline. The correcponding puppet triple change for this is Ie49f4a750368ff174b23b8d6baa743d0956d727e Closes-Bug: #1631108 Change-Id: I82da0240d60d1eed54f1c0927e6157bb63025a19
2016-10-20Merge "Disables Neutron ML2 config on Compute for OpenDaylight"Jenkins2-0/+2
2016-10-20Add special case handling for OVS upgrade in updates and upgradesmarios6-0/+86
This adds a special case handling for the opensvswitch package as discussed at the related bug below. This is added/handled here for both the minor update and the major mitaka...newton upgrade. Change-Id: I9b1f0eaa0d36a28e20b507bec6a4e9b3af1781ae Closes-Bug: 1635205
2016-10-20Generate internal TLS hieradata for apache servicesJuan Antonio Osorio Robles5-20/+104
This adds an environment file that can be used to enable TLS in the internal endpoints via certmonger if used. This will include a nested stack that will create the hash that will be used to create the certmonger certificates. When setting up a service over apache via puppet, we used to disable explicitly ssl (which sets modd_ssl-related fields for that vhost). We now make this depend on the EnableInternalTLS flag. This has only been done for keystone, but more services will be added as the puppet code lands bp tls-via-certmonger Depends-On: I303f6cf47859284785c0cdc65284a7eb89a4e039 Change-Id: I12e794f2d4076be9505dabfe456c1ca6cfbd359c
2016-10-19Bind mount files to run DiD in latest atomic hostMartin André1-1/+22
The /usr/bin/docker is a shell script in latest atomic host, pointing to either docker-latest or docker-current binary. Bind mount the required files from atomic host to be able to run docker in docker inside heat-agents container. Co-Authored-By: Flavio Percoco <flavio@redhat.com> Change-Id: I97e29f65beb3a3f89c1b42c339e2e89f0fc1d519
2016-10-19Have docker start script honor configurationMartin André1-1/+3
The test was always evaluate as true which resulted in insecure_registry line being set even when DockerNamespaceIsRegistry was set to false. Change-Id: Iacb73a4908a6a27082b94fe919734e644ed47b19
2016-10-18Merge "Set nova service_name via t-h-t"Jenkins1-0/+1
2016-10-18Merge "Fix api_extensions_path in neutron-opencontrail environment"Jenkins1-1/+1
2016-10-18Merge "Enable proxy headers parsing for Neutron"Jenkins1-0/+1
2016-10-18Merge "Add apache workers to nova-api conditional"Jenkins1-1/+1
2016-10-18Add parameters to run cinder over httpdJuan Antonio Osorio Robles1-1/+29
This adds the necessary hieradata to run cinder over httpd instead of eventlet. Change-Id: Ic1967a6f4f60a273965811516f33121115d518b4
2016-10-18Merge "Ensure all HostsDeployments finish before puppet"Jenkins1-1/+4
2016-10-18Fix api_extensions_path in neutron-opencontrail environmentCyril Lopez1-1/+1
There is a missing repositiry for LBaaS in api_extensions_path in neutron-opencontrail. This patch is working in my lab : tripleo liberty and opencontrail 3.0.2 Closes-Bug: #1634120 Change-Id: Ie06612faf226d0e5e75f3f8a9b560118cba5ff4c Signed-off-by: Cyril Lopez <cylopez@redhat.com>
2016-10-17Add apache workers to nova-api conditionalSteven Hardy1-1/+1
Without this httpd fails to start on deployments where the worker count isn't explicitly overridden via a parameter. Change-Id: Ie7b31bc6e022a0166af126c866994bdd019718df Closes-Bug: #1634213
2016-10-17Removes EnableODL heat parameter and fixes missing local_ip paramTim Rozet4-7/+1
EnableOpenDaylightOnController was not very composable. Removing this parameter to make the service truly composable. Also fixes missing local_ip setting for OVS, required for VXLAN or GRE tenant networks. Closes-Bug: 1633625 Depends-On: Ia55c05e12d5d434111a13e1ed795da530e3ff4a5 Change-Id: I0e07e1631793311334d1436ee8fdf9af2802ba70 Signed-off-by: Tim Rozet <trozet@redhat.com>
2016-10-17Set nova service_name via t-h-tJuan Antonio Osorio Robles1-0/+1
with the move to use httpd instead of eventlet, We now add this parameter in t-h-t to be able to clean it up from the puppet-tripleo manifest. Change-Id: Ic229182cc5c887b57f6182c3db1bac8bed330f7c Depends-On: I4603b81d30a704b07eef461b3cdbfe164614b04f
2016-10-17Enable proxy headers parsing for NeutronJuan Antonio Osorio Robles1-0/+1
http_proxy_to_wsgi middleware was recently added to Neutron [1] and in order to take it into use, we need to enable it via hiera. [1] Ice9ee8f4e04050271d59858f92034c230325718b Depends-On: I99bc9486fdd85857ce73c413e17400320bd6ec5b Related-Bug: #1590608 Change-Id: I10c065e726f2708e09acfc04dac3cae34a534d23
2016-10-17glance_multiple_locations when NovaEnableRbdBackend=trueAttila Fazekas1-1/+1
glance_multiple_locations does not needed when the NovaEnableRbdBackend=false, but it is neede when both the image and the instance storage is rbd and the show_image_direct_url is enabled. The condition introduced in Ia7e0558e4f318640981abb44d188e3479b5eae69 Change-Id: Ia8a8cd9aeda69e9a7db6f95dcf418f56e29cae00 Closes-Bug: 1632285
2016-10-15Disables Neutron ML2 config on Compute for OpenDaylightTim Rozet2-0/+2
This is not needed with ODL and actually triggers deployments to fail due to missing ODL username/password info on compute nodes. Depends-On: Ifd906db4e6062ac271c2147fe1149b1009d06ae2 Closes-Bug: 1633630 Change-Id: Ib88e8ef91c393d30c44b86a932103f5a294bc547 Signed-off-by: Tim Rozet <trozet@redhat.com>
2016-10-14Merge "Modify the constraint to allow single quote for DPDK core list param"Jenkins1-1/+1
2016-10-14Merge "Move trunk service plugin to the proper list"Jenkins2-2/+2
2016-10-14Merge "Pass heat domain admin password to keystone"Jenkins1-0/+3
2016-10-14Merge "Fixes missing provider mappings for OpenDaylight"Jenkins1-0/+10
2016-10-14Ensure all HostsDeployments finish before puppetDan Prince1-1/+4
This makes sure that the Host settings for all deployments are finished before starting the AllNodesDeployments which execute puppet. Change-Id: Ibe604472255ce905ca2c1dca2a9b07a6f8f40e47 Related-bug: #1633565
2016-10-14heat-api-cfn endpoint is created to RegionOne instead of regionOneLuca Lorenzetto1-1/+1
When deploying, heat-api-cfn is assigned to RegionOne. This leads to a bad user experience when logging into horizon, because if RegionOne is selected by default, the users finds all menus empty (no computing, or anything else). Thanks to trown for finding out the issue. Closes-Bug: 1633524 Change-Id: Ic108280f6b0875ffec10be6f696669962fb82e6b
2016-10-14Merge "Add contrail services to the resource registry"Jenkins1-0/+5
2016-10-14Fixes missing provider mappings for OpenDaylightTim Rozet1-0/+10
Provider mappings were not parameterized, and this is traditionally required for VLAN provider networks. In ODL Boron with new netvirt, this value is required to be set in order to use external networks. Closes-Bug: #1627898 Change-Id: I8001a4077fc7c4af458033043ea438c32c9772b0 Signed-off-by: Tim Rozet <trozet@redhat.com>
2016-10-14Pass heat domain admin password to keystoneSteven Hardy1-0/+3
This is needed to create the user/domain/project in the keystone profile on whatever role is running the keystone service. Change-Id: I115ead005974080e0a35e3675d9b37828c8934b1 Closes-Bug: #1631130 Depends-On: Ib088a572b384b479f51d56555734d78ab840a1f3
2016-10-14Modify the constraint to allow single quote for DPDK core list paramSaravanan KR1-1/+1
DPDK core list has to be give a string. For multiple cores, it be given as "'1,2'". But the constraint does not allow ' (single quote) to be set in the string. Modifying the constraint pattern. Closes-Bug: #1633433 Change-Id: Ide2194d9ef5c10e276fa1a634919dfb286e483d6
2016-10-14Merge "Fix default Swift ring partition power"Jenkins1-2/+2