aboutsummaryrefslogtreecommitdiffstats
AgeCommit message (Collapse)AuthorFilesLines
2016-12-01Initial support for composable upgrades with Heat+AnsibleSteven Hardy13-3/+253
This shows how we could wire in the upgrade steps using Ansible as was previously proposed e.g in https://review.openstack.org/#/c/321416/ but it's more closely integrated with the new composable services architecture. It's also very similar to the approach taken by SpinalStack where ansible snippets per-service were combined then run in a series of steps using Ansible tags. This patch just enables upgrade of keystone - we'll add support for other patches in subsequent patches. Partially-Implements: blueprint overcloud-upgrades-per-service Change-Id: I39f5426cb9da0b40bec4a7a3a4a353f69319bdf9
2016-12-01Merge "Hiera optimization: use a new hiera hook"Jenkins27-475/+389
2016-12-01Merge "Fix puppet/services/README.rst step description"Jenkins1-6/+0
2016-12-01Use FQDN for rabbitmq's nodename env variableJuan Antonio Osorio Robles1-1/+7
Change-Id: Iee1afeced0b210a46b273aafc0d40e99d6ee6d4e
2016-12-01Use network-based fqdn entry from hiera instead of the custom factJuan Antonio Osorio Robles11-21/+21
This changes how we get the network-based FQDNs for the specific services, from using the custom fact, to the new hiera entries. Change-Id: Iae668a5d89fb7bee091db4a761aa6c91d369b276
2016-12-01Introduce network-based FQDNs via hieraJuan Antonio Osorio Robles6-0/+217
Currently, one can get the network-based FQDNs via a custom puppet fact. This is currently unreliable, as it's based on the ::hostname fact which we assume it's set correctly by nova. However, this is not necessarily the case (for instance, if you use pre-deployed services such as we do with the multinode-jobs). In these cases, the ::hostname fact will return something other than what we specified in nova, and effectively breaks the configurations in we relly too much on the network-based FQDN facts. By using hiera instead, we avoid this issue as we set those values to be exactly what we expect (as we set them in the OS::TripleO::Server resource. Change-Id: I6ce31237098f57bdc0adfd3c42feef0073c224fb
2016-11-30Hiera optimization: use a new hiera hookDan Prince27-475/+389
This patch optimizes how we deploy hiera by using a new heat hook specifically designed to help compose hiera within heat templates. As part of this change: - we update all the 'hiera' software configurations to set the group to hiera instead of os-apply-config. - The new format uses JSON instead of YAML. The hook actually writes out the hiera JSON directly so no conversion takes place. Arrays, Strings, Booleans all stay in their native formats. As such we can avoid having to do many of the awkward string and list conversions in t-h-t to support the previous YAML formatting. - The new hook prefers JSON over YAML so upgrading users will have the new files prefered. (we will post a cleanup routine for the old files soon but this isn't a new behavior, JSON is now simply prefered.) - A lot of services required edits to account for default settings that worked in YAML that no longer work correctly in the native JSON format. In almost all these cases I think the resulting codes looks cleaner and is more explicit with regards to what is getting configured in hiera on the actual nodes. Depends-On: I6a383b1ad4ec29458569763bd3f56fd3f2bd726b Closes-bug: #1596373 Change-Id: Ibe7e2044e200e2c947223286fdf4fd5bcf98c2e1
2016-11-30Make pep8 task run template generationDan Prince1-2/+4
This patch updates the pep8 task (which is executed in CI) so that it generates templates locally. This will give us extra CI coverage to ensure our generated templates produce valid YAML. Change-Id: I2287802d44c0ebe404d3fce30f04efcc3c6ab27f
2016-12-01Use transient hostname for deployed serversSteve Baker1-17/+2
The name output returned by this template is expected to be the short name rather than a FQDN. Generally 'hostnamectl --static' returns a FQDN and --transient will be the short name. This change switches to using --transient and also simplifies the script by dropping the unused outputs. Change-Id: I19eaf9f66668f7e68765bad4018c0c60314f3f8f
2016-11-30Deployed server: switch to apply-config hookDan Prince1-1/+1
This patch switches the deployed-server.yaml template to use apply-config instead of os-apply-config. The 'apply-config' hook is now installed via a package (no longer requires elements for installation) and supports more signalling options. This is required to support the undercloud installer which doesn't work with os-collect-config heat metadata. Change-Id: I7963fe4f38e8f04c9871fe651d39efec1aa17c41
2016-11-30Add local template generation tox taskDan Prince5-0/+150
This patch adds a local version of our template processing routine so that developers can more quickly view the templates that are actually getting generated. I've noticed multiple developers now do a full deployment with 'overcloud deploy' only to download the swift container with the generated templates. This simple task avoids that step by allowing developers to generate it locally. It also aims to preserve the ability to use t-h-t templates directly with Heat (instead of going through Mistral) should users wish to do that. The new undercloud heat installer requires the ability to generate templates without requiring Mistral and Swift to do so. Ideally the Mistral API workflow would use this same code so perhaps in the future we might modify that routine to: -download swift tarball containing the templates -run this local routine that lives in t-h-t -re-upload the tarball of templates to the swift container Change-Id: Ie664c9c5f455b7320a58a26f35bc403355408d9b
2016-11-30Configure /etc/hosts via os-collect-config scriptDan Prince3-7/+64
This patch moves the t-i-e element code for hosts configuration into a t-h-t shell script that gets driven by a os-collect-config script hook. This helps accomplish several goals: - moves us away from t-i-e - gives us better signal handling in the error case (where the previous element relied on 99-refresh-completed - Allows the t-h-t undercloud installer to more easily consume this since it doesn't rely on the old os-apply-config metadata (which that installer doesn't support). Change-Id: I73c3d4818ef531a3559fab272521f44519e2f486
2016-11-30Merge "Add Neutron network type and VLAN ranges to network-environment.yaml"Jenkins1-0/+5
2016-11-30Support multiple meter dispatchers in ceilometer configPradeep Kilambi1-3/+3
Currently we only support one dispatcher at a time. But ceilometer config supports dispatching data to multiple destinations at the same time. Update the param to support this. Change-Id: Ie7d854928513239a5903862623df12af1d02b642
2016-11-30Add Zaqar to scenario002Brad P. Crochet2-1/+9
Install Zaqar into the overcloud and create a queue with OS::Zaqar::Queue in order to test the Zaqar composable service. Change-Id: I9027d17fa3d75e6c3e23d6636642abadac8730ac Depends-On: Ia5ca4fe317339dd05b0fa3d5abebca6ca5066bce
2016-11-30Merge "Add Mistral to scenario003"Jenkins2-0/+25
2016-11-30Merge "get-occ-config.sh replace deprecated heat commands"Jenkins1-10/+10
2016-11-30Merge "Test encrypted volumes in scenario002"Jenkins2-0/+18
2016-11-30Merge "Apply os-net-config with a script instead of element"Jenkins35-1841/+2137
2016-11-30Make scenario template paths relativeBrad P. Crochet1-5/+5
To make local testing of scenario patches easier, this changes the paths to the templates under test to be relative to the scenarios. Change-Id: I12a45ee917c214a071f5de1e28f632dbf7d1fe9d
2016-11-30Add Mistral to scenario003Brad P. Crochet2-0/+25
Install Mistral into the test overcloud and create a workflow to verify the Mistral installation. This does not currently actually execute the workflow. It merely tests that it can be created. Change-Id: Ia03a605bcfd92498bf299d3042dca7c9932f5b63 Depends-On: Id5ff9cb498b5a47af38413d211ff0ed6ccd0015b
2016-11-30Merge "Disable all repos during rhel registration"Jenkins1-0/+1
2016-11-29Fix grammarEmilien Macchi1-1/+1
Fix English grammar error I did in a previous commit. Change-Id: I06209ab782240f05844793e56270135d48792f3d
2016-11-29Merge "Revert "Set NeutronL3HA to false when deploying DVR""Jenkins1-8/+0
2016-11-29Merge "Import TripleO CI environments from tripleo-ci"Jenkins8-0/+668
2016-11-29Test encrypted volumes in scenario002Juan Antonio Osorio Robles2-0/+18
This effectively adds barbican-api to the deployment in scenario002 and uses it to provide encrypted volumes for cinder that a nova instance boots from in the test. Change-Id: I132e346755fb49c9563247b4404be06b97f77872
2016-11-29Merge "Stop using puppet to configure VIPs in /etc/hosts"Jenkins7-98/+55
2016-11-28get-occ-config.sh replace deprecated heat commandsSteve Baker1-10/+10
The modern openstack equivalent heat commands require no awk and will be slightly more efficient. The roles variable is optionally populated by OVERCLOUD_ROLES so that a subset of roles can be specified. Change-Id: I6b66cb3bd81825fba726dd45b0db25896908f6dd
2016-11-28Apply os-net-config with a script instead of elementDan Prince35-1841/+2137
Wire in os-net-config via a normal script heat deployment, which has the following advantages: 1. Improved error path, currently o-a-c deployments don't report any errors, thus hang and eventually the deployment times out 2. It's far more hackable from a deployer perspective, e.g it's much easier to change the os-net-config options or include a mapping file 3. Reduces our dependencies on o-a-c (it's only os-net-config and hiera which requires it), although the script does currently still use oac to get the metadata IP. 4. May enable passing os-net-config yaml via a json parameter in future, reducing the need for resource_registry mappings (although we'll have to support that for backwards compatibility) The script used is based directly on 20-os-net-config (from t-i-e at cf94c5e, we can probably improve this now that we have an error path, but for this initial commit it's a straight copy other than the changes to replace o-a-c for rendering the json config file. Co-Authored-By: Steven Hardy <shardy@redhat.com> Change-Id: I0ed08332cfc49a579de2e83960f0d8047690b97a
2016-11-28Use correct type for SensuRedactVariables parameterMartin Mágr1-1/+1
The parameter type is invalid making it impossible to enable monitoring-environment. Change-Id: I835d1e82480edb0b6d082a7496d7ceebb1781728 Closes-Bug: #1641080 Closes-Bug: rhbz#1392473
2016-11-28Merge "Enable TLS in the internal networkf or Mysql"Jenkins4-39/+94
2016-11-28Merge "adding swift middleware that is typically enabled by default"Jenkins1-0/+5
2016-11-28Revert "Set NeutronL3HA to false when deploying DVR"John Schwarz1-8/+0
DVR+HA routers are officially supported, so this patch can be reverted. This reverts commit ce39dbac56123354576d2c31674e1b18535b0111. Conflicts: environments/neutron-ovs-dvr.yaml Change-Id: Ifeceb0c3ba01e81403903401ebfe69b9e9d7d2f2
2016-11-27Merge "Cleanup some inline comments in network/config"Jenkins10-46/+0
2016-11-27Stop using puppet to configure VIPs in /etc/hostsDan Prince7-98/+55
This patch drops use of the vip-hosts.yaml service which can cause issues during deployment because puppet 'hosts' resources overwrite the data in /etc/hosts. The only reason things seem to work at all at the moment is because our hosts element in t-i-e runs on each os-refresh-config iteration and re-adds the dropped hosts entries. To work around the issue we add a conditional which selectively adds the extra hosts entries only if the AddVipsToEtcHosts is set to true. Closes-bug: 1645123 Change-Id: Ic6aaeb249a127df83894f32a704219683a6382b2
2016-11-25Fix puppet/services/README.rst step descriptionSteven Hardy1-6/+0
We removed Step 6 in Iae33149e4a03cd64c5831e689be8189ad0cf034b but forgot to update the README. Similarly we made all roles use the same steps in Ia2ea559e8eeb64763908f75705e3728ee90b5744 so the comment is no longer true. Change-Id: If5482ebd22a2547ed2165199992840a0dcacb04c
2016-11-25Show team and repo badges on READMEFlavio Percoco1-0/+9
This patch adds the team's and repository's badges to the README file. The motivation behind this is to communicate the project status and features at first glance. For more information about this effort, please read this email thread: http://lists.openstack.org/pipermail/openstack-dev/2016-October/105562.html To see an example of how this would look like check: b'https://gist.github.com/8e6d63aff05dc9e2a946f9012a34b334\n' Change-Id: I0090c60b91624f6cc446bc020b1445b3919e0d40
2016-11-25Import TripleO CI environments from tripleo-ciEmilien Macchi8-0/+668
Import TripleO CI environments from tripleo-ci into THT for some reasons: 1) THT is branched while tripleo-ci is not. Having them here would allow to make scenarios able to evolve over the releases without adding more scenarios. 2) Help our developers to run TripleO CI scenarios themselves from THT by exposing the templates here. The whole discussion is here: http://lists.openstack.org/pipermail/openstack-dev/2016-November/107816.html Change-Id: I3527a64c0c8f56ca77115d32849fa23fe710112d
2016-11-25Provide full list of services for Compute role in HCI scenarioGiulio Fidente1-4/+22
Until bug #1635409 is fixed, we can provide the full list of services needed on the Compute role, plus CephOSD, in the hyperconverged-ceph environment file, preserving the user experience. Change-Id: I42409bc098c740759b378969526e13efaf002d3c Related-Bug: #1635409
2016-11-25Enable TLS in the internal networkf or MysqlJuan Antonio Osorio Robles4-39/+94
This adds the necessary hieradata for enabling TLS for MySQL (which happens to run on the internal network). It also adds a template so this can be done via certmonger. As with other services, this will fill the necessary specs for the certificate to be requested in a hash that will be consumed in puppet-tripleo. Note that this only enables that we can now use TLS, however, we still need to configure the services (or limit the users the services use) to only connect via SSL. But that will be done in another patch, as there is some things that need to land before we can do this (changes in puppetlabs-mysql and puppet-openstacklib). Change-Id: I71e1d4e54f2be845f131bad7b8db83498e21c118 Depends-On: I7275e5afb3a6550cf2abbb9a8007dedb62ada4b4
2016-11-24Merge "Increase reserved memory for computes when enabling DVR"Jenkins1-0/+13
2016-11-24Merge "Disable Neutron agents with OVN."Jenkins1-0/+3
2016-11-24Merge "Make Ceilometer notifications non-blocking"Jenkins1-0/+1
2016-11-24Merge "Remove conditional for neutron l3_ha"Jenkins1-28/+10
2016-11-24Merge "Run os-net-config before restarting cluster on update"Jenkins1-0/+11
2016-11-24Disable Neutron agents with OVN.Joe Talerico1-0/+3
OVN natively implements services that are provided by Neutron agents. This patch disables the Neutron DHCP agent as well as the OVS agent for compute nodes. Closes-bug: 1634580 Change-Id: I70631c2facbbf08257868e26e14af942ad7f2893
2016-11-24Merge "Explicitly set rabbit hosts so its not overridden during upgrade"Jenkins1-1/+7
2016-11-24Merge "Add panko api support to service templates"Jenkins12-0/+434
2016-11-23Merge "Add necessary parameters for encrypted volumes support"Jenkins1-0/+14
2016-11-23Run os-net-config before restarting cluster on updateBrent Eagles1-0/+11
Running os-net-config before restarting the cluster prevents changes to the interface files caused by changes to implementation from bouncing network interfaces after the cluster has restarted. Closes-Bug: #1644138 Change-Id: I65fb104465ff3d37ddc791634302994334136014