aboutsummaryrefslogtreecommitdiffstats
AgeCommit message (Collapse)AuthorFilesLines
2017-02-15Add docker_puppet_tasks initialization on primary nodeDan Prince4-5/+79
This patch adds a new (optional) section to the docker post.j2.yaml that collects any 'docker_puppet_tasks' data from enabled services and applies it on the primary role node (the first node in the primary (first) role). The use case for this is although we are generally only using puppet for configuration there are several exceptions that we desire to make use of today for parity with baremetal. This includes things like database creation and keystone endpoint initialization which we rely on configuration via hiera variables controlled by the puppet services. Change-Id: Ic14ef48f26de761b0d0eabd0e1c0eae52d90e68a
2017-02-15Add docker keystone serviceDan Prince1-0/+153
Depends-On: Icabdb30369c8ca15e77d169dc441bee8cfd3631f Change-Id: Icec07f75f81953c4bf81ca21b4b02bc02e157562 Co-Authored-By: Martin André <m.andre@redhat.com> Co-Authored-By: Ian Main <imain@redhat.com>
2017-02-15docker: new hybrid deployment architecture and configurationDan Prince16-320/+577
This patch implements a new docker deployment architecture that should us to install docker services in a stepwise manner alongside of baremetal puppet services. This works by using Yaql to select docker specific services (docker/services/*.yaml) vs the puppet specific ones and then applying the selected Json to relevant Heat software deployments for docker and baremetal puppet in a stepwise fashion. Additionally the new architecture leverages new composable services interfaces from Newton to allow configuration of per-service container configuration sets (directories that are bind mounted into kolla containers) by using the Kolla containers themselves. It does this by spinning up a throw away "configuration only" version of the container being configured itself, then running the puppet apply in that container and copying the generated config files into /var/lib/config-data. This avoids having to install all of the OpenStack dependency packages in the heat-agent-container itself (our previous approach) and should allow us to configure a much wider variety of container config files that would otherwise be impossible with the previous shared approach. The new approach (combined) should allow us to configure containers in both the undercloud and overcloud and incrementally add CI coverage to services as we containerize them. Co-Authored-By: Martin André <m.andre@redhat.com> Co-Authored-By: Ian Main <imain@redhat.com> Co-Authored-By: Flavio Percoco <flavio@redhat.com> Change-Id: Ibcff99f03e6751fbf3197adefd5d344178b71fc2
2017-02-15Add explicit swift check to tripleo_upgrade_node.shmarios1-4/+11
And change the conditional to use hiera instead. Change-Id: Icf91dd91c0ab04e7919172fcfd130183bfd427b4
2017-02-15Apply puppet in non-controller script in step.Sofer Athlan-Guyot3-3/+36
We want to apply a puppet manifest for the non-controller role, but we need to apply it in stages. By loading the proper hieradata we get the needed step configuration. Change-Id: I07bfeee7b7d9a9b8c2c20e5d5c9ed735d0bfc842 Closes-Bug: #1664304
2017-02-15Merge "Containers: Add required EndpointMap parameter"Jenkins1-1/+5
2017-02-15Setup FreeIPA to serve DNS in the setup scriptJuan Antonio Osorio Robles1-1/+3
This is needed for the overcloud nodes to automatically get their domain and to autodiscover the FreeIPA server. Change-Id: I4c055e4b4086b02fa706380f01911f499966dfc1
2017-02-15Merge "OVN plugin configuration fixes"Jenkins3-13/+28
2017-02-15Declare variables for freeipa_setup.sh scriptJuan Antonio Osorio Robles1-0/+9
These were assumed to be always passed, but as the script gets different cases (novajoin vs pre-defined service principals) we might get "unbound variable" errors when used outside of CI. Exporting these variables beforehand prevents that. Change-Id: I195321354df167c09cfc87c5b9f86c6dc5026d75
2017-02-15Merge "Add Ceph RGW to capabilities map"Jenkins1-0/+10
2017-02-14Add nova service support for composable upgradesSteven Hardy10-5/+163
Co-Authored-By: Mathieu Bultel <mbultel@redhat.com> Co-Authored-By: Oliver Walsh <owalsh@redhat.com> Change-Id: Iafad800a6819d7e75fdaab60d328999d3d3c037f Partially-Implements: blueprint overcloud-upgrades-per-service Related-Bug: #1662344
2017-02-14Merge "Reduce memcached memory configuration"Jenkins2-0/+14
2017-02-14Merge "Add upgrade tasks for opstools services"Jenkins3-0/+27
2017-02-14Merge "Describe use of Manila/CephFS in capabilites_map"Jenkins2-10/+41
2017-02-14Release notes ha composableMichele Baldessari1-0/+12
Add some release notes about the composable ha work Change-Id: I8975c3f597d1affbe6e52d4e16a2aad527006264
2017-02-14OVN bridge mappings for tripleoBabu Shanmugam1-0/+11
This patch adds an additional configuration setting for OVN bridge mappings Co-authored-by: Numan Siddique <nusiddiq@redhat.com> Change-Id: I99f2c0c8e633e63273e2469d95fbabbbc665c87c Depends-On: Ia6d66fa954571328c0ac3542af17303def382c1a
2017-02-14Add upgrade tasks for opstools servicesMartin Mágr3-0/+27
This patch adds upgrade tasks for sensu-client, fluentd and collectd Change-Id: I3a8096159664b1934b34f6c79b8afb4a3dc645c8
2017-02-14Containers: Add required EndpointMap parameterJiri Stransky1-1/+5
This parameter is passed in by the parent overcloud.yaml template, so we have to listen accept it in docker/post.j2.yaml, otherwise the deployment fails. Change-Id: Ia3fdcfa01d52006a6e9fd0bb02c7379411f3d900 Closes-Bug: #1664569
2017-02-14Merge "Add release note for services endpoint change"Jenkins1-0/+9
2017-02-14Merge "Use Keystone internal endpoint instead of admin for nova-ironic"Jenkins1-4/+4
2017-02-14Merge "Use Keystone internal endpoint instead of admin for services"Jenkins23-24/+24
2017-02-14Configuring a default ntp server.Carlos Camacho2-2/+10
Adding a default NTP server by default will keep all Pacemaker and non-Pacemaker deployments aligned with the same server by default. Also useful for keeping time diff controlled for Keystone and Ceph. Change-Id: I8a26bae15cbfb83e3abd6b9ef9d12b57467e6258
2017-02-14Add Ceph RGW to capabilities mapGiulio Fidente1-0/+10
This will provide an option in the UI to deploy Ceph RGW as a replacement for Swift. Change-Id: If2281edce49d2981f891c95ebb507e3a4b9e438e
2017-02-14Merge "Fix empty parameter_default error in environment file"Jenkins1-3/+3
2017-02-14Deploy Manila with CephMDS in scenario004Giulio Fidente3-8/+43
Adds the Manila and CephMDS services into scenario004 and a few resources in the pingtest to test the Manila deployment. Also adds Pacemaker to scenario004 which is needed for ManilaShare. Co-Authored-By: jprovazn@redhat.com Depends-On: Ia2ece0163a3c25eb28bc0b471cd1797d52fe4e3c Change-Id: I70515c5b9ce2668a684649ecd40421b69078ee83 Related-Bug: #1644784
2017-02-14Updated from global requirementsOpenStack Proposal Bot1-1/+1
Change-Id: Ic4cfdedfc0a60ebfd2391d03112f68e7a11629ce
2017-02-14Fix empty parameter_default error in environment fileSaravanan KR1-3/+3
Providing an empty 'parameter_defaults' is resulting in overriding of all the previously populated 'parameters_defaults' as None. Commenting the empty statement and cleaned-up emtpy line in j2 templating. Change-Id: I75bac6b558ac16a08e0964599cecae5bf10edf8a
2017-02-14Add release note for services endpoint changeEmilien Macchi1-0/+9
Add reno for: - I1213a83ef8693c1cca1d20de974f7949a801d9f1 - Ib1103c00ddb7d6d624f4911147197d8355a3a6dd Change-Id: Iecbbab5aeeade46b5cc238bc5542396e78db751c
2017-02-14Use Keystone internal endpoint instead of admin for nova-ironicGiulio Fidente1-4/+4
As per I1213a83ef8693c1cca1d20de974f7949a801d9f1 this moves to using KeystoneInternal for the nova-ironic template and updates some deprecated hiera keys. Change-Id: Ib1103c00ddb7d6d624f4911147197d8355a3a6dd
2017-02-14Use Keystone internal endpoint instead of admin for servicesJuan Antonio Osorio Robles23-24/+24
The admin endpoint is listening on the ctlplane network by default; services should ideally be using the internal api network for this kind of traffic, as the ctlplane network is mostly for provisioning. On the other hand, the admin endpoint shouldn't be as relevant with services switching to keystone v3. Change-Id: I1213a83ef8693c1cca1d20de974f7949a801d9f1
2017-02-14Merge "Configure the placement API's interface to use the internal endpoint"Jenkins1-0/+6
2017-02-13Adds 'trunk' to ODL env service pluginsTim Rozet1-1/+1
Trunk ports are now supported in ODL: I2656ea175174239b0f70d8daa36896c9e9c9cd5a Change-Id: Ie333f3e97f60f073e651e45c0639beda36bba447 Signed-off-by: Tim Rozet <trozet@redhat.com>
2017-02-13Merge "Remove duplicated release notes"Jenkins1-2/+0
2017-02-13Merge "Add missing TripleO services to ci/multinode"Jenkins4-0/+8
2017-02-13Merge "Enables support for configuring Cinder with Dell EMC ScaleIO storage ↵Jenkins3-0/+151
backend."
2017-02-13Remove duplicated release notesEmilien Macchi1-2/+0
Change-Id: I8c2e0af3ad4e47b12f4ecf2d5762df95e66fa34d
2017-02-13Merge "Added further security functionality in release notes."Jenkins1-7/+17
2017-02-13Merge "nova-placement: support upgrade"Jenkins1-0/+4
2017-02-13Merge "placement: switch service to use NovaPlacementNetwork"Jenkins1-2/+2
2017-02-13Merge "Remove [heat,glance,ironic,cinder,keystone] db sync from ansible"Jenkins5-15/+0
2017-02-13Add missing TripleO services to ci/multinodeEmilien Macchi4-0/+8
Add: - OS::TripleO::Services::TripleoPackages - OS::TripleO::Services::TripleoFirewall to the CI environments, so we can test Firewalling and also TripleO packages upgrades. Change-Id: I5d39c7a332a4c376fb4d6ee9463d27f481b6a0d0
2017-02-13Configure authtoken in nova-placement api serviceDan Prince1-0/+4
Without this the Nova Placement API fails when isolated from Nova API or when used in a docker container. Change-Id: I7d3c823cca1978ae5ad8dc37357e9c5b2ad5bfc5 Depends-On: I7b38ab6ba5cae41689ac500d97dec4d09c73d387
2017-02-13Merge "Add missing release notes for Ocata"Jenkins1-0/+22
2017-02-13Merge "Fix Neutron region in nova.conf"Jenkins1-0/+1
2017-02-13nova-placement: support upgradeEmilien Macchi1-0/+4
Upgrade nova-placement service with Ansible. Change-Id: I43cac37afbc8b39708389895d9f7350b6bd4bcfd
2017-02-13Merge "Remove the ansible neutron-api db sync as for other services"Jenkins1-3/+0
2017-02-13Remove [heat,glance,ironic,cinder,keystone] db sync from ansiblemarios5-15/+0
These are handle by puppet as usual (puppet run comes after the ansible steps) so remove them from these remaining upgrade_tasks Change-Id: Ic341f31251622ccb11a5f7818b2edf7a82391560
2017-02-13Merge "FreeIPA: don't preprovision service principals if novajoin is enabled"Jenkins1-7/+12
2017-02-13Remove the ansible neutron-api db sync as for other servicesmarios1-3/+0
In line with other service we leave the db sync to puppet unless needed for some workaround/upgrade related reason. Change-Id: I9ae463cda19ffdd66f9ccbae40e85551841ab938
2017-02-13Configure the placement API's interface to use the internal endpointJuan Antonio Osorio Robles1-0/+6
Due to the keystoneauth library's defaults, it uses the public interface currently. This is not desirable in most cases (specially when using network isolation); so we set it to use the internal one. Change-Id: Ic222a2b734f4d512349fd8556aa2864b13a1eb07 Depends-On: I1c7fd3a32d04e2fafb3820d1c1f221f45c613c83 Closes-Bug: #1663187