aboutsummaryrefslogtreecommitdiffstats
AgeCommit message (Collapse)AuthorFilesLines
2017-03-26Merge "Enables increasing mariadb open files for noha deployments"Jenkins1-0/+6
2017-03-26Merge "Remove unnecesary code to enable panko-api"Jenkins2-3/+0
2017-03-25Merge "Fixes missing firewall rules for neutron_ovs_dpdk_agent service"Jenkins2-1/+9
2017-03-25Merge "Install openstack-selinux for deployed-server"Jenkins3-2/+10
2017-03-25Merge "Fix usage of CinderNfsServers"Jenkins2-5/+7
2017-03-25Merge "Add missing metadata_settings from neutron-api profile"Jenkins1-4/+5
2017-03-25Merge "Rework container volumes as hostpath mounts"Jenkins4-3/+15
2017-03-25Merge "Fixes OpenDaylightProviderMappings hiera parsing"Jenkins2-5/+5
2017-03-24Merge "Clarify Kolla build overrides for tripleo"Jenkins1-1/+5
2017-03-24Rework container volumes as hostpath mountsBogdan Dobrelya4-3/+15
Also add upgrade_tasks to disable corresponding host services in order to not data race with containers Change-Id: I19c16aaa3e5a73436ca7aa7d06facf64feee2327 Signed-off-by: Bogdan Dobrelya <bdobreli@redhat.com>
2017-03-23Fixes OpenDaylightProviderMappings hiera parsingTim Rozet2-5/+5
The str_replace conversion used previously is no longer needed and breaks the hieradata value. Closes-Bug: 1675426 Change-Id: I7a052d1757efe36daf6ed47e55598ca3c2ee9055 Signed-off-by: Tim Rozet <trozet@redhat.com>
2017-03-23Merge "Keep existing data for containerized Libvirt"Jenkins2-3/+16
2017-03-23Add missing metadata_settings from neutron-api profileJuan Antonio Osorio Robles1-4/+5
This is needed for the TLS everywhere work. This will break on TLS-everywhere setups where neutron would be deployed in its own role. So we need to add the metadata_settings. bp tls-via-certmonger Change-Id: I7934a258e032d8eaa6f07c0e48b3fbdb1f8c6a06
2017-03-23Fix usage of CinderNfsServersChristian Schwede2-5/+7
This feature stopped working somewhere along the lines. In the past it was working with parameter_defaults like this: CinderNfsServers: '10.0.0.254:/srv/nfs/cinder' or CinderNfsServers: "[fd00:fd00:fd00:3000::1]:/srv/nfs/cinder" The problem was that the templating escaped these strings, and puppet-tripleo didn't receive a proper array, but a string. This patch fixes this. It accepts strings as above as well as comma-delimited lists of Nfs Servers. Closes-Bug: 1671153 Change-Id: I89439c1d969e92cb8e0503de561e22409deafdfc
2017-03-22Install openstack-selinux for deployed-serverJames Slagle3-2/+10
No other packages actually require openstack-selinux, so it must be explicity installed. Change-Id: Ic7b39ddfc4cfb28b8a08e9b02043211e4ca4a39a Closes-Bug: #1675170
2017-03-22Fixes missing firewall rules for neutron_ovs_dpdk_agent serviceTim Rozet2-1/+9
Firewall config was being inherited by the dpdk service, however since the firewall service name was the parent (neutron_ovs_agent) and technically that service was not enabled - the rules were never applied. This modifies the service name as it is inherited using map_replace. Closes-Bug: 1674689 Change-Id: I6676205b8fc1fd578cb2435ad97fe577a9e81d95 Signed-off-by: Tim Rozet <trozet@redhat.com>
2017-03-22Merge "Enables OpenDaylight clustering in HA deployments"Jenkins2-1/+7
2017-03-22Merge "Change kolla_config from required to optional in pep8."Jenkins1-3/+3
2017-03-21Merge "Keep existing data for containerized ironic-conductor"Jenkins2-12/+45
2017-03-21Merge "Cleanup docker services templates"Jenkins16-85/+40
2017-03-20Change kolla_config from required to optional in pep8.Ian Main1-3/+3
We've decided to use volumes for configuration wherever possible. This means moving away from kolla_config blocks in the templates. Update pep8 to reflect this. Change-Id: If1ec40d0e5a515eed35e0cd04711079294f358c3
2017-03-20Merge "Containerize panko api service"Jenkins3-1/+121
2017-03-20Merge "Don't try to run os-net-config from yum_update.sh"Jenkins1-11/+0
2017-03-20Merge "Bind redis-sentinel to its network"Jenkins1-0/+1
2017-03-20Enables OpenDaylight clustering in HA deploymentsTim Rozet2-1/+7
Port 2550 is required for inter-ODL communication when clustering. odl-jolokia feature is required to expose REST APIs from ODL for monitoring the cluster. Implements: blueprint opendaylight-ha Depends-On: Ic9a955a1c2afc040b2f9c6fb86573c04a60f9f31 Change-Id: Ie108ab75cce0cb7d89e72637c600e30fc241d186 Signed-off-by: Tim Rozet <trozet@redhat.com>
2017-03-20Merge "Fixes multiple issues with retry function in rhel-registration."Jenkins1-17/+31
2017-03-20Keep existing data for containerized ironic-conductorJiri Stransky2-12/+45
Use mounts instead of docker volumes, and preserve existing data when moving from baremetal to containerized ironic-conductor. We cannot keep the data in the same directory to avoid hard-linking errors in ironic, because of this issue: https://github.com/docker/docker/issues/7457 This means we need to copy the data over to a new location before we start the containers. Change-Id: If98460120212f887b06adf117c5d88b97682638e
2017-03-18Merge "Make sure PrePuppet runs before any Deployment_Step"Jenkins1-1/+1
2017-03-18Merge "Add certmonger-user profile"Jenkins7-0/+51
2017-03-17Merge "docker/keystone: add metadata_settings to output"Jenkins1-0/+2
2017-03-17Merge "Keep existing data for containerized Swift"Jenkins2-16/+26
2017-03-17Merge "Keep existing data for containerized RabbitMQ"Jenkins1-2/+7
2017-03-17Make sure PrePuppet runs before any Deployment_StepMichele Baldessari1-1/+1
We used to have this in mitaka: https://github.com/openstack/tripleo-heat-templates/blob/stable/mitaka/puppet/controller-post.yaml#L45 but we lost it along the way. The problem without this change is that we are open to the following race: 1) ControllerDeployment_Step1 is started and manages to do a successful "systemctl start pacemaker" 2) PrePuppet gets called and in the HA deployment calls pacemaker_maintenance_mode.sh 3) pacemaker_maintenance_mode.sh will set the maintenance-mode=true property because the pacemaker service is already up: https://github.com/openstack/tripleo-heat-templates/blob/master/extraconfig/tasks/pacemaker_maintenance_mode.sh#L8-L9 4) If the maintenance property is set to true at this stage, the creation of any resource will take place but they won't really start. Change-Id: Icb7495edd00385b2975dd42f63085d20292ef9a9 Closes-Bug: #1673795 Co-Authored-By: Jiri Stransky <jstransk@redhat.com>
2017-03-17Containerize panko api serviceFlavio Percoco3-1/+121
Co-Authored-By: Pradeep Kilambi <pkilambi@redhat.com> Closes-bug: #1668918 Change-Id: Ie1ebd25965bd2dbad2a22161da0022bad0b9e554
2017-03-17Merge "docker: Add metadata_settings to optional parameters for yaml validate"Jenkins1-1/+2
2017-03-17Merge "Keep existing data for containerized MongoDB"Jenkins1-1/+15
2017-03-17Merge "Explicitly configure credentials used by ironic to access other services"Jenkins1-4/+39
2017-03-17Bind redis-sentinel to its networkMichele Baldessari1-0/+1
We currently do not bind redis-sentinel to any IP: redis 21144 0.0 0.0 142908 5908 ? Ssl 07:43 0:11 /usr/bin/redis-sentinel *:26379 [sentinel] Let's bind it to the same network as redis. Change-Id: I8a782ae1db84eb614aa3995a1638a2f370e70d06 Partial-Bug: #1673715
2017-03-16Merge "Added release note for NeutronExternalNetworkBridge deprecation"Jenkins1-0/+10
2017-03-16Explicitly configure credentials used by ironic to access other servicesDmitry Tantsur1-4/+39
Using keystone_authtoken credentials for this purpose is deprecated, and also prevents ironic-conductor from being used as a separate role. Also remove neutron_url, it can be fetched from the catalog instead. Change-Id: I12822568cb4db31808aec5fd407d71fe4b7b09e0 Depends-On: I21180678bec911f1be36e3b174bae81af042938c Partial-Bug: #1661250
2017-03-16Merge "Keep existing data when moving to containerized MariaDB"Jenkins1-4/+21
2017-03-16docker/keystone: add metadata_settings to outputJuan Antonio Osorio Robles1-0/+2
This is used for the TLS-everywhere bits. It will be taken into account by a metadata hook that outputs relevant entries for the nova-metadata service; and subsequently kerberos principals will be created from these. Subsequent patches will add support for TLS in the internal network for the containerized keystone. Change-Id: Ic747ad9c8d6e76c8c16e347c1cdcabc899dd9f9a
2017-03-16docker: Add metadata_settings to optional parameters for yaml validateJuan Antonio Osorio Robles1-1/+2
This section will be needed for TLS-everywhere. So it should be added as optional in the yaml-validate. Change-Id: Ic6ea563b6c8e454cb51f640bb5aaa3adda82a5dd
2017-03-16Merge "etcd: secure EtcdInitialClusterToken parameter"Jenkins2-1/+7
2017-03-16Keep existing data for containerized LibvirtJiri Stransky2-3/+16
Use mounts instead of docker volumes to preserve existing data when moving from baremetal to containerized Libvirt. Change-Id: I2215d451a4ef4023741f0750ac1b45a94652026a
2017-03-16Keep existing data for containerized SwiftJiri Stransky2-16/+26
Use mounts instead of docker volumes to preserve existing data when moving from baremetal to containerized Swift. Change-Id: Ib7cbca2ef674a0245a67b69ee2c77f574d74c181
2017-03-16Merge "Add upgrade tasks for aodh containers"Jenkins4-0/+16
2017-03-15etcd: secure EtcdInitialClusterToken parameterEmilien Macchi2-1/+7
Secure EtcdInitialClusterToken parameter by: * removing the default value. * make it hidden. Change-Id: I938af697f9faaadb9c9aeb950e9410db24b1b961 Depends-On: I6e30cce469736e84a3c483fafa29d542b8347ba9 Closes-Bug: #1673266
2017-03-15Merge "Cleanup no longer used upgrade files"Jenkins13-1014/+0
2017-03-15Add upgrade tasks for aodh containersPradeep Kilambi4-0/+16
Change-Id: I936b31fd24c43e35092b3bfef4454a8da81d19c8