Age | Commit message (Collapse) | Author | Files | Lines |
|
The current configuration of services is that if SSL is in use (signaled by
stunnel.connect_ip) we bind to 127.0.0.1 - which is great, but it breaks
simultaneous non-SSL due to there being no pass-through stunnel equivalent on
all the nodes. As an interim measure, teach stunnel to connect to the ctlplane
address instead. We will need this flexability in future anyway to deal with
mixed-mode configurations, but we don't yet have an SSL only configuration.
The change will permit SSL only by altering the Deployment object only - the
SSL config object should now be flexible enough to run in either mode (but as
yet on an all-one-way-or-the-other basis).
Change-Id: Ibac3dec1fe7b573029482fdd9ad2d2f6223fbce0
|
|
|
|
|
|
|
|
|
|
|
|
This change adds into the overcloud-source template a structure
name horizon.caches meant to define the Horizon caches backend.
It defaults to using memcached and provides a list of the
memcached nodes in horizon.caches.memcached.nodes
Related to blueprint tripleo-icehouse-ha-production-configuration
Change-Id: I728e05926f2de0e867fb8e8c74c63947da7d987a
|
|
Previously glance.host was pointing to the local controller_host
which would have requests to glance from other services to fail
if the local glance daemon was unavailable.
Change-Id: Ifd4f4b12cd51e23313826288797cc00ba3cd1754
|
|
Change keepalived.keepalive_interface so that it uses the actual
ControlVirtualInterface (bridge) for VRRP rather than the bridged
interface (NeutronPublicInterface).
Fixes the issue which caused keepalived to bring up the VIP on
all control nodes.
Change-Id: Ifc484d6a6086d9872210aa576f21d326f60b7d35
|
|
|
|
Pacemaker will be used for managing ceilometer central agent,
we need basic metadata to setup corosync and pacemaker.
Related to: Ifa83d62c2132bcdcb40d0b7c80ce3adadc0b5587
Change-Id: I44909005d9bc653c3e7c2de1c12fe4ffecf6bede
|
|
This adds make targets to run heat template-validate against the
generated templates.
These targets assume that credentials to a valid heat endpoint
have been sourced.
The target validate-all will validate every template in
generated_templates, but there is also a target created for each
template, for example:
make validate-overcloud.yaml
This is a useful aid for
Partial-Blueprint: tripleo-juno-remove-mergepy
Change-Id: Id101402b8b2fa0bc6058c5bc4b7474f0f6a158ad
|
|
Without this, when there are multiple admin networks (e.g. a VLAN)
Nova will refuse to guess and we'll fail to deploy.
Change-Id: Id1dca43ef287fda2adcfdf5b5d30145b055dbe76
|
|
Previously the completion signal was just based on the first run of
os-refresh-config. But in this case, we actually need to wait until it
runs successfully with all hosts computed. That way we can know that
services aren't in an unstable state while that configuration rolls out.
Change-Id: I3b965c19c92b366df3069cb8e1daffa18252c884
Closes-Bug: #1337230
|
|
|
|
|
|
This causes that:
* rabbit.nodes is list of all control nodes
* rabbit_hosts in OS config files points to all nodes in
rabbitmq cluster
* overcloud control nodes are joined into cluster
This works both for single or multiple control nodes and it's needed
for scaling out control nodes.
rabbit.nodes property is very similar to generating list of all hosts,
so it uses same StructuredConfig block. This block (and couple of references)
is renamed to allNodesConfig to make it more general.
Related to blueprint tripleo-icehouse-ha-production-configuration
Change-Id: Ice1a34ba7a52c41c1bb0c63350438971c651e7b6
|
|
|
|
Then feed in through separate deployments. This reduces the exponential
growth of calculating the entire list for every server.
Change-Id: Ib1187eabeb91b46e29ddcf5065056e43a69bb2a0
|
|
|
|
Adding nodes and cluster_name properties for mysql in order to enable
galera clustering.
Change-Id: I522b7324460469c59f49983ca3becd9ea914cdc0
|
|
Added several sections that are required for HAproxy configuration
1. haproxy.services - standard openstack services ports
2. haproxy.nodes - openstack controllers
3. haproxy.net_binds - virtual ips, that will also act as public endpoint
input controller_nodes scales with OVERCLOUD_CONTROLSCALE > 1
Related change t-i-e I641fa90c4a34c26e5699cf7f5a6f9643792c7b16
Implements blueprint tripleo-haproxy-configuration
Related to blueprint tripleo-icehouse-ha-production-configuration
Change-Id: I9c70812ee1b3e8c8c072705fc5123da88ecc8f9f
|
|
Since the wrong one is a bad idea :)
Change-Id: I7ed40078f487459dee9055ef41f10a9b60a0e674
|
|
|
|
This will allow us distribute identical keys/certs to all
control nodes in HA mode.
CAKey was removed because it's not required by keystone.
Change-Id: I187492d5fac448e57f8cd687f9cb751520df5921
|
|
|
|
This change is to set the glance protocol and port as
configurable via the Heat template. Presently the port is
hard-coded in the elements nova.conf file, and the protocol
is assumed as being the default (http).
This change will allow the glance_api_servers
to be set (in nova.conf) using the constituent parts:
glance_protocol://glance_host:glance_port
Change to nova.conf to read this value is:
Idccc0d60c9f6b17a853c6de1bbea64bfc7e028b2
Default port value is set to the nova default(9292) which is
currently hard-coded in the elements nova.conf file.
Default protocol value is set to the nova default(http).
Change-Id: I3c7218292797c62c36e2aaab4f325bf053ef140b
|
|
|
|
|
|
|
|
VIP should be used when pointing an OS service to
another OS service in config files (most typical is
setting Keystone's host IP, but also Glance and Netron
host needs to be set in Nova config file).
Change-Id: Id91e6ef2747981f17a43afd279d4eebaad01fe4d
|
|
Rewrote template from scratch using HOT. Mail delivery does not work yet
but it does produce Nagios.
Change-Id: I347f8a008aa7db1145da0988053c791e6f2dbbc2
|
|
|
|
Establish the Public (SSL) port, 13777, and connect it to the internal port, 8777
Change-Id: I7bba7f8224b6e31fc4f5444eee679ca5a4ce4ebe
|
|
There is no need for a tuskar-specific undercloud template. Tuskar is
installed via elements just like any other undercloud service.
This template is not being used in devtest and I'm not sure it ever has
been.
Change-Id: I531d927b1984873b32f440d33a130788670f7cd9
|
|
|
|
|
|
Now we're trying to automate VLAN deployed underclouds, this
suddenly becomes relevant.
Change-Id: I800a0ceab7443d685551d7a919724f6cf45fd891
|
|
This provides a means for users to pass configuration through to the
machines they are deploying without us modelling that.
Change-Id: Ia8d1564bd0f3e7b988497a84e00831619047cd94
|
|
Change the undercloud deployment to use software-config similar to
that used by the overcloud.
Change-Id: I81bced2062e461fe10301969d856d709c0b573c3
|
|
|
|
We have had a change of opinion and are moving bootstrap_host properties
out of bootstack in order to prevent mysql / rabbit from depending on
boot-stack.
Change-Id: I85399019c5fc448e98362ef832988abc8d9d459d
|
|
|
|
These provide a single consistent interface for checking whether
a given node is the bootstrap node, or not the bootstrap node
for database initialisation etc.
Change-Id: I7c5a09cb3477b61c4050e4a47a680ffc9aee97d8
|
|
We need a paremeter to attempt scaling of the Controller resources in
merge.py.
Change-Id: I4a79059e72850da4a5a3fe30dbb9df92a9dca212
|
|
We've found a couple of bugs in swift-storage-source.yaml which
were exposed when we tried to use the template to build a second
Swift storage node. These errors are:
a. Error in swift-devices metadata description - indentation
wasn't correct and a "-" was missing
b. Keystone config data required by the swift-proxy element
weren't defined
c. The signal_transport property wasn't defined and set to
NO_SIGNAL for SwiftStorage0Deploy (this meant that the
completion condition for the resource was never satisfied)
d. The user_data_format property for the SwiftStorage0
resource was not defined and set to SOFTWARE_CONFIG, which
meant that the SwiftStorage servers never got their config data
We've fixed the above errors. We've added an
OS::Heat::StructuredConfig and corresponding
OS::Heat::StructuredDeployment for the Keystone config data.
Change-Id: I858ebf9eea4ed33987143277f4c986b4934555d1
|
|
|
|
|
|
This will allow us distribute identical keys/certs to all
control nodes in HA mode.
Change-Id: Ie84f3897717c02e196a405746865996c0a929977
|
|
This change is required to resolve scaling issue for
OVERCLOUD_CONTROLSCALE > 1
Basicly change affected all the places where endpoints
were configured to use controller0 ctlplane ip address
Change-Id: I76eb9d2b81d3ef5e9fae408f2432515f4de13e12
|