aboutsummaryrefslogtreecommitdiffstats
AgeCommit message (Collapse)AuthorFilesLines
2017-01-30Merge "multinode/upgrade: set heat::rpc_response_timeout to 600"Jenkins1-0/+1
2017-01-29docker: eliminate copy-json.py in favor of json-fileDan Prince7-107/+54
This patch rewires how we configure the Kolla external config files via Heat templates and uses a more simple json-file heat hook to directly write out Kolla config files to disk. By using a heat hook instead of a shell script we can avoid Json conversion issues. Additionally, This generic json file hook will be useful for other ad-hoc Json file configuration within the TripleO docker architecture. Co-Authored-By: Martin André <m.andre@redhat.com> Change-Id: I8c72a4a9a7022f722bfe1cef3e18517605720cce Depends-On: I2b372ac2e291339e436202c9fe58a681ed6a743f Depends-On: Id3f779b11e23fd3122ef29b7ccbae116667d4520
2017-01-27Merge "Add AuditD composable service"Jenkins6-0/+184
2017-01-27Merge "Pass parameters for TLS proxy in front of neutron server"Jenkins1-1/+32
2017-01-27multinode/upgrade: set heat::rpc_response_timeout to 600Emilien Macchi1-0/+1
Continue the work done on https://review.openstack.org/#/c/423302/ Change-Id: I931534e0ec33e131809186f74068eb479d38a0f9
2017-01-27Merge "Remove create-legacy-resource-types opts"Jenkins1-1/+1
2017-01-27Merge "Use os-net-config in multinode jobs"Jenkins6-10/+124
2017-01-27Pass parameters for TLS proxy in front of neutron serverJuan Antonio Osorio Robles1-1/+32
If TLS in the internal network is enabled, we run neutron-server behind a TLS proxy (which is actually httpd's mod_proxy). This passes the necessary hieradata. bp tls-via-certmonger Depends-On: I6dfbf49f45aef9f47e58b5c0dbedd2b4e239979e Change-Id: I9252512dbf9cf2e3eec50c41bf10629d36070bbd
2017-01-27Use os-net-config in multinode jobsEmilien Macchi6-10/+124
Full credits to James Slagle, author of this code in TripleO CI: https://review.openstack.org/#/c/409346 This patch adds a new template for configuring networking on the Overcloud nodes using os-net-config in multinode jobs. Previously we were not using os-net-config at all. Also updates the multinode.yaml environment to use this network config template. The IP of each subnode is used when the vxlan tunnels are configured in OVS, given that, each node needs its own unique network configuration. To accomodate that, the templates makes use of the network_config_hook function to influence run-os-net-config.sh This patch is just the first step to totally switching to os-net-config in multinode jobs. The devstack-gate code is still in use to bootstrap the initial networking on the undercloud and subnodes. That will be switched over in subsequent patches. Change-Id: I6efa71eb23109d0b3b480061135c572ab89f5981 Co-Authorized-By: James Slagle <jslagle@redhat.com> Implements: blueprint multinode-ci-os-net-config
2017-01-27Add support for Jinja2 includesOliver Walsh1-1/+8
This replicates the behavior of the custom Jinja2 loader from tripleo-common to allow template validation on the local filesystem using tox. Change-Id: I27683ab31187c6334dc5b4b5363a3347874b9a90 Partially-Implements: blueprint overcloud-upgrades-per-service Depends-On: Idc5c3f49c7a2fc7f3622c76da001992cc657384e
2017-01-27Add AuditD composable serviceSteven Hardy6-0/+184
This patch allows the management of the AuditD service and its associated files (such as `audit.rules`) This is achieved by means of the `puppet-auditd` puppet module. Also places ssh banner capabilities map on top of patch Change-Id: Ib8bb52dde88304cb58b051bced9779c97a314d0d Depends-On: Ie31c063b674075e35e1bfa28d1fc07f3f897407b
2017-01-27Merge "Adds a pre-upgrade check that service is running (step0)"Jenkins30-1/+92
2017-01-27Merge "Adds SSH Banner text into sshd_config"Jenkins5-0/+63
2017-01-27Adds a pre-upgrade check that service is running (step0)marios30-1/+92
Adds a step0 for most services to check that the state is running before continuing with any of the other upgrades steps (these are tagged step0). You can skip this service check by overriding the SkipUpgradeConfigTags parameter as follows: parameter_defaults: SkipUpgradeConfigTags: validation Co-Authored-By: Steven Hardy <shardy@redhat.com> Change-Id: Ie276f153015f671b720b6ed5beaac1b921661909
2017-01-27Allow the override of pacemaker::corosync::settle_triesMichele Baldessari1-0/+7
When replacing a controller node, Exec['wait-for-settle'] needs to timeout, which means that the command pcs cluster auth will be executed 360 times with 10 seconds in between. So that means waiting for an hour for no reason. Let's allow to override the settle_tries counter so an operator can shorten it accordingly. Tested this by setting CorosyncSettleTries to 100 and I correctly get proper hiera settings: $ hiera pacemaker::corosync::settle_tries 100 And effectively we try a number of 100 times as opposed to the 360 default: /Stage[main]/Pacemaker::Corosync/Exec[reauthenticate-across-all-nodes]/returns (debug): Exec try 1/100 Change-Id: I5e21b4215cb0b8686d2059b3d71e2444a96719dc Closes-Bug: #1659741
2017-01-27Merge "Allow to separate Horizon from Neutron"Jenkins1-0/+3
2017-01-27Merge "Add a release note for using deployed-servers (aka split-stack)"Jenkins1-0/+8
2017-01-27Merge "Add release note for composable upgrades"Jenkins1-0/+14
2017-01-26Merge "Add novajoin entries to the TLS-everywhere environment file"Jenkins1-0/+9
2017-01-26Allow to separate Horizon from NeutronEmilien Macchi1-0/+3
Allow to deploy 2 different nodes with Neutron and another with Horizon. Horizon will get the right hieradata to collect the mechanism driver and configure the dashboard correctly. Change-Id: I24621f6a7d053cff487984bab0d10a4a97204675 Closes-Bug: 1659662
2017-01-26Merge "Add telemetry service support for composable upgrades"Jenkins13-0/+64
2017-01-26Add deployed server bootstrap for RHELJames Slagle3-0/+42
This is similar to the bootstrap for CentOS, except we don't set SELinux to permissive on RHEL. Change-Id: I52b8fa017ee2821d2fa91e5ec806a55fcb92566d Partially-implements: blueprint split-stack-software-configuration
2017-01-26Merge "Do not try to update the 'ceph' metapackage from CephMon role"Jenkins2-1/+7
2017-01-26Remove create-legacy-resource-types optsPradeep Kilambi1-1/+1
This flag is quite old and doesnt work as expected anymore. Let ceilometer upgrade create these reource types instead. Change-Id: I71ea6e2fd9418095de658d709c14bb3006ca2753
2017-01-26Merge "Conform CephExternal template to the new hiera hook"Jenkins1-17/+17
2017-01-26Merge "Add Ceph RBD mirror Pacemaker profile"Jenkins4-0/+51
2017-01-26Merge "ci: import multinode_major_upgrade.yaml from tripleo-ci"Jenkins1-0/+46
2017-01-26Merge "Allow dnsmasq_dns_servers to be configured for DHCP Agent"Jenkins1-0/+5
2017-01-26Merge "Use versionless keystone endpoint for barbican-related configurations"Jenkins1-2/+2
2017-01-26Add upgrade support for CephRGW serviceGiulio Fidente1-0/+11
Implements minor upgrade of the ceph-radosgw service. Change-Id: I4c064bf996ec6bb7eba41ab6384bd953a8ec920f Partially-Implements: blueprint overcloud-upgrades-per-service
2017-01-26Add release note for composable upgradesSteven Hardy1-0/+14
Adds an initial release note for composable upgrades - I had to be vague in the upgrades section as we're still working out some details of the final upgrade workflow for all roles. Change-Id: Iac0af86f3b56a07070a9d24b1255953f5fd07b34
2017-01-26Merge "Set the correct default for gnocchi workers"Jenkins1-1/+1
2017-01-26Do not try to update the 'ceph' metapackage from CephMon roleGiulio Fidente2-1/+7
The 'ceph' metapackage is only provided by some repos so we should not explicitly pull it. Also adds a validation step to the CephMon and CephOSD roles to stop upgrade if the Ceph cluster is in error state. Change-Id: I5aa275677ada47a352a327b9be21927b852d16f3
2017-01-26Merge "Add ironic service support for composable upgrades"Jenkins2-0/+11
2017-01-26Merge "Skip upgrade steps where no tasks are defined"Jenkins1-0/+21
2017-01-26Merge "Add upgrade support for ceph OSD service"Jenkins1-0/+41
2017-01-26Merge "Add upgrade support for ceph-mon service"Jenkins1-0/+21
2017-01-26ci: import multinode_major_upgrade.yaml from tripleo-ciEmilien Macchi1-0/+46
So we can version it between releases like we do with scenarios. Change-Id: I3e3aa5d4fa7e03d1f4483bf42fcff17386b58709
2017-01-26Merge "Add support for batched upgrades to composable upgrades"Jenkins4-5/+86
2017-01-26Add Ceph RBD mirror Pacemaker profileGiulio Fidente4-0/+51
This change adds a profile to deploy the Ceph RBD mirroring daemon as a Pacemaker resource. Change-Id: Ib07e5bca6a45f0c6c59a3acf07f4e3ae9d2f8948 Depends-On: Ic63dc5cffece38942d305f538f71dd58a5d50789 Closes-Bug: #1652177
2017-01-26Merge "Add snmp service support for composable upgrades"Jenkins1-0/+4
2017-01-26Adds SSH Banner text into sshd_configLuke Hinds5-0/+63
Allow use of ooo template to populate banner text into /etc/issue Change-Id: If5b2da9415f10652a0a64503b2da4b63d1018640 Depends-On: Ie9f8afdfa9930428f06c9669fedb460dc1064d5e Closes-Bug: #1640306
2017-01-26Add SkipUpgradeConfigTags for upgrade configSteven Hardy2-0/+12
It may be that we want ways to selectively disable certain tasks, such as pre-flight validations that might fail when restarting an upgrade from a failed state. This shows a way we might do that. Depends-On: I18214f80be9f3ad6c2d385fc00f3b786d3e7dda3 Change-Id: Ibffaaf1de0baf47a0450daa5b7cbb57d38746556
2017-01-26Merge "Add release notes for Ocata 6.0.0"Jenkins1-0/+95
2017-01-25Merge "Manage password_validator regex"Jenkins3-0/+27
2017-01-25Merge "Auto-set SwiftMountCheck and SwiftUseLocalDir settings"Jenkins2-2/+23
2017-01-25Add telemetry service support for composable upgradesSteven Hardy13-0/+64
Change-Id: I62735676b45a881a7dac24171b26d88d6eb60d4a Partially-Implements: blueprint overcloud-upgrades-per-service
2017-01-25Add ironic service support for composable upgradesSteven Hardy2-0/+11
Change-Id: Ie1fe7db081d69db4b99869057352367e8e01760c Partially-Implements: blueprint overcloud-upgrades-per-service
2017-01-25Skip upgrade steps where no tasks are definedSteven Hardy1-0/+21
Use heat conditions to skip resources (conditionally create them) when there are no tasks to deploy. This requires the heat fix Iefae1fcea720bee4ed69ad1a5fe403d52d54433c Partially-Implements: blueprint overcloud-upgrades-per-service Change-Id: I2f43fb922d122ffade20e35738f0ba3bb56a4492
2017-01-25Add upgrade support for ceph OSD serviceSteven Hardy1-0/+41
This takes a subset of the logic from major_upgrade_ceph_storage.sh and ports it into ansible tasks, which will be applied in a rolling upgrade after the mon services are upgraded (in the step0 batch). Change-Id: I6e87969add301e78bb665d7748e5f0df8eeae819 Partially-Implements: blueprint overcloud-upgrades-per-service