aboutsummaryrefslogtreecommitdiffstats
AgeCommit message (Collapse)AuthorFilesLines
2014-07-19Fix SSL with HAProxy.Robert Collins2-0/+24
The current configuration of services is that if SSL is in use (signaled by stunnel.connect_ip) we bind to 127.0.0.1 - which is great, but it breaks simultaneous non-SSL due to there being no pass-through stunnel equivalent on all the nodes. As an interim measure, teach stunnel to connect to the ctlplane address instead. We will need this flexability in future anyway to deal with mixed-mode configurations, but we don't yet have an SSL only configuration. The change will permit SSL only by altering the Deployment object only - the SSL config object should now be flexible enough to run in either mode (but as yet on an all-one-way-or-the-other basis). Change-Id: Ibac3dec1fe7b573029482fdd9ad2d2f6223fbce0
2014-07-18Merge "Add corosync and pacemaker properties into overcloud template"Jenkins1-0/+11
2014-07-17Merge "make glance.host point to controller_virtual_ip"Jenkins1-1/+1
2014-07-17Merge "use ControlVirtualInterface for keepalived VRRP"Jenkins1-1/+1
2014-07-17Merge "add Horizon caches backend definition (memcached)"Jenkins1-0/+7
2014-07-11Merge "Use the right DSN for neutron agents."Jenkins1-1/+1
2014-07-10add Horizon caches backend definition (memcached)Giulio Fidente1-0/+7
This change adds into the overcloud-source template a structure name horizon.caches meant to define the Horizon caches backend. It defaults to using memcached and provides a list of the memcached nodes in horizon.caches.memcached.nodes Related to blueprint tripleo-icehouse-ha-production-configuration Change-Id: I728e05926f2de0e867fb8e8c74c63947da7d987a
2014-07-10make glance.host point to controller_virtual_ipGiulio Fidente1-1/+1
Previously glance.host was pointing to the local controller_host which would have requests to glance from other services to fail if the local glance daemon was unavailable. Change-Id: Ifd4f4b12cd51e23313826288797cc00ba3cd1754
2014-07-10use ControlVirtualInterface for keepalived VRRPGiulio Fidente1-1/+1
Change keepalived.keepalive_interface so that it uses the actual ControlVirtualInterface (bridge) for VRRP rather than the bridged interface (NeutronPublicInterface). Fixes the issue which caused keepalived to bring up the VIP on all control nodes. Change-Id: Ifc484d6a6086d9872210aa576f21d326f60b7d35
2014-07-09Merge "Make target to validate a template"Jenkins1-0/+4
2014-07-08Add corosync and pacemaker properties into overcloud templateJan Provaznik1-0/+11
Pacemaker will be used for managing ceilometer central agent, we need basic metadata to setup corosync and pacemaker. Related to: Ifa83d62c2132bcdcb40d0b7c80ce3adadc0b5587 Change-Id: I44909005d9bc653c3e7c2de1c12fe4ffecf6bede
2014-07-08Make target to validate a templateSteve Baker1-0/+4
This adds make targets to run heat template-validate against the generated templates. These targets assume that credentials to a valid heat endpoint have been sourced. The target validate-all will validate every template in generated_templates, but there is also a target created for each template, for example: make validate-overcloud.yaml This is a useful aid for Partial-Blueprint: tripleo-juno-remove-mergepy Change-Id: Id101402b8b2fa0bc6058c5bc4b7474f0f6a158ad
2014-07-07Specify the network for nodesRobert Collins3-0/+6
Without this, when there are multiple admin networks (e.g. a VLAN) Nova will refuse to guess and we'll fail to deploy. Change-Id: Id1dca43ef287fda2adcfdf5b5d30145b055dbe76
2014-07-03Make stack complete depend on all nodesClint Byrum2-3/+3
Previously the completion signal was just based on the first run of os-refresh-config. But in this case, we actually need to wait until it runs successfully with all hosts computed. That way we can know that services aren't in an unstable state while that configuration rolls out. Change-Id: I3b965c19c92b366df3069cb8e1daffa18252c884 Closes-Bug: #1337230
2014-07-02Merge "Enable multi-node rabbitmq cluster"Jenkins3-17/+17
2014-07-02Merge "Compute all hosts matrix once"Jenkins3-64/+26
2014-07-01Enable multi-node rabbitmq clusterJan Provaznik3-17/+17
This causes that: * rabbit.nodes is list of all control nodes * rabbit_hosts in OS config files points to all nodes in rabbitmq cluster * overcloud control nodes are joined into cluster This works both for single or multiple control nodes and it's needed for scaling out control nodes. rabbit.nodes property is very similar to generating list of all hosts, so it uses same StructuredConfig block. This block (and couple of references) is renamed to allNodesConfig to make it more general. Related to blueprint tripleo-icehouse-ha-production-configuration Change-Id: Ice1a34ba7a52c41c1bb0c63350438971c651e7b6
2014-06-30Merge "Add galera clustering properties"Jenkins1-0/+13
2014-06-30Compute all hosts matrix onceClint Byrum3-64/+26
Then feed in through separate deployments. This reduces the exponential growth of calculating the entire list for every server. Change-Id: Ib1187eabeb91b46e29ddcf5065056e43a69bb2a0
2014-06-30Merge "Haproxy configuration"Jenkins1-0/+39
2014-06-30Add galera clustering propertiesGregory Haynes1-0/+13
Adding nodes and cluster_name properties for mysql in order to enable galera clustering. Change-Id: I522b7324460469c59f49983ca3becd9ea914cdc0
2014-06-29Haproxy configurationDima Shulyak1-0/+39
Added several sections that are required for HAproxy configuration 1. haproxy.services - standard openstack services ports 2. haproxy.nodes - openstack controllers 3. haproxy.net_binds - virtual ips, that will also act as public endpoint input controller_nodes scales with OVERCLOUD_CONTROLSCALE > 1 Related change t-i-e I641fa90c4a34c26e5699cf7f5a6f9643792c7b16 Implements blueprint tripleo-haproxy-configuration Related to blueprint tripleo-icehouse-ha-production-configuration Change-Id: I9c70812ee1b3e8c8c072705fc5123da88ecc8f9f
2014-06-30Use the right DSN for neutron agents.Robert Collins1-1/+1
Since the wrong one is a bad idea :) Change-Id: I7ed40078f487459dee9055ef41f10a9b60a0e674
2014-06-27Merge "Set glance protocol and port as Heat configurable"Jenkins3-0/+34
2014-06-25Add parameters for setting up keystone keys/certs in undercloudJan Provaznik2-8/+16
This will allow us distribute identical keys/certs to all control nodes in HA mode. CAKey was removed because it's not required by keystone. Change-Id: I187492d5fac448e57f8cd687f9cb751520df5921
2014-06-20Merge "Add custom public IP support to the undercloud."Jenkins1-0/+19
2014-06-16Set glance protocol and port as Heat configurableRyan Moore3-0/+34
This change is to set the glance protocol and port as configurable via the Heat template. Presently the port is hard-coded in the elements nova.conf file, and the protocol is assumed as being the default (http). This change will allow the glance_api_servers to be set (in nova.conf) using the constituent parts: glance_protocol://glance_host:glance_port Change to nova.conf to read this value is: Idccc0d60c9f6b17a853c6de1bbea64bfc7e028b2 Default port value is set to the nova default(9292) which is currently hard-coded in the elements nova.conf file. Default protocol value is set to the nova default(http). Change-Id: I3c7218292797c62c36e2aaab4f325bf053ef140b
2014-06-16Merge "Use virtual ip for OS services"Jenkins1-4/+6
2014-06-11Merge "Add parameters for setting up keystone keys/certs"Jenkins1-0/+24
2014-06-10Merge "Remove the tuskar-source template"Jenkins3-27/+0
2014-06-09Use virtual ip for OS servicesJan Provaznik1-4/+6
VIP should be used when pointing an OS service to another OS service in config files (most typical is setting Keystone's host IP, but also Glance and Netron host needs to be set in Nova config file). Change-Id: Id91e6ef2747981f17a43afd279d4eebaad01fe4d
2014-06-09Replace nagios3 template with HOT rewriteClint Byrum1-103/+132
Rewrote template from scratch using HOT. Mail delivery does not work yet but it does produce Nagios. Change-Id: I347f8a008aa7db1145da0988053c791e6f2dbbc2
2014-06-06Merge "Add Controller scale param to merge.py"Jenkins1-2/+2
2014-06-04Setup SSL for CeilometerRob Parker1-0/+3
Establish the Public (SSL) port, 13777, and connect it to the internal port, 8777 Change-Id: I7bba7f8224b6e31fc4f5444eee679ca5a4ce4ebe
2014-06-04Remove the tuskar-source templateTomas Sedovic3-27/+0
There is no need for a tuskar-specific undercloud template. Tuskar is installed via elements just like any other undercloud service. This template is not being used in devtest and I'm not sure it ever has been. Change-Id: I531d927b1984873b32f440d33a130788670f7cd9
2014-06-04Merge "Add passthrough configuration glue."Jenkins1-0/+50
2014-06-04Merge "Fixes to swift-storage-source.yaml"Jenkins1-2/+19
2014-06-04Add custom public IP support to the undercloud.Robert Collins1-0/+19
Now we're trying to automate VLAN deployed underclouds, this suddenly becomes relevant. Change-Id: I800a0ceab7443d685551d7a919724f6cf45fd891
2014-06-03Add passthrough configuration glue.Nicholas Randon1-0/+50
This provides a means for users to pass configuration through to the machines they are deploying without us modelling that. Change-Id: Ia8d1564bd0f3e7b988497a84e00831619047cd94
2014-06-03Move to software-config for the undercloud.Nicholas Randon11-314/+291
Change the undercloud deployment to use software-config similar to that used by the overcloud. Change-Id: I81bced2062e461fe10301969d856d709c0b573c3
2014-06-03Merge "Sequence deploys - compute after control plane."Jenkins1-0/+1
2014-06-02Move bootstrap-host out from bootstackGregory Haynes2-3/+4
We have had a change of opinion and are moving bootstrap_host properties out of bootstack in order to prevent mysql / rabbit from depending on boot-stack. Change-Id: I85399019c5fc448e98362ef832988abc8d9d459d
2014-05-30Merge "ssl: Add support for a CA Certificate"Jenkins2-0/+7
2014-05-28Export new bootstack keys for cluster init.Robert Collins2-0/+38
These provide a single consistent interface for checking whether a given node is the bootstrap node, or not the bootstrap node for database initialisation etc. Change-Id: I7c5a09cb3477b61c4050e4a47a680ffc9aee97d8
2014-05-28Add Controller scale param to merge.pyGregory Haynes1-2/+2
We need a paremeter to attempt scaling of the Controller resources in merge.py. Change-Id: I4a79059e72850da4a5a3fe30dbb9df92a9dca212
2014-05-22Fixes to swift-storage-source.yamlEamonn O'Toole1-2/+19
We've found a couple of bugs in swift-storage-source.yaml which were exposed when we tried to use the template to build a second Swift storage node. These errors are: a. Error in swift-devices metadata description - indentation wasn't correct and a "-" was missing b. Keystone config data required by the swift-proxy element weren't defined c. The signal_transport property wasn't defined and set to NO_SIGNAL for SwiftStorage0Deploy (this meant that the completion condition for the resource was never satisfied) d. The user_data_format property for the SwiftStorage0 resource was not defined and set to SOFTWARE_CONFIG, which meant that the SwiftStorage servers never got their config data We've fixed the above errors. We've added an OS::Heat::StructuredConfig and corresponding OS::Heat::StructuredDeployment for the Keystone config data. Change-Id: I858ebf9eea4ed33987143277f4c986b4934555d1
2014-05-21Merge "Use vip address where controller0 was used for endpoints"Jenkins1-15/+15
2014-05-21Merge "Adding Swift proxy-server memcache metadata"Jenkins3-12/+56
2014-05-21Add parameters for setting up keystone keys/certsJan Provaznik1-0/+24
This will allow us distribute identical keys/certs to all control nodes in HA mode. Change-Id: Ie84f3897717c02e196a405746865996c0a929977
2014-05-20Use vip address where controller0 was used for endpointsDima Shulyak1-15/+15
This change is required to resolve scaling issue for OVERCLOUD_CONTROLSCALE > 1 Basicly change affected all the places where endpoints were configured to use controller0 ctlplane ip address Change-Id: I76eb9d2b81d3ef5e9fae408f2432515f4de13e12