Age | Commit message (Collapse) | Author | Files | Lines |
|
This allows us to better configure these parametes, e.g. we could set
the cron job to run more times per day, and not just one.
Change-Id: I0a151808804809c0742bcfa8ac876e22f5ce5570
Closes-Bug: #1682097
|
|
This is only done when TLS-everywhere is enabled, and depends on those
directories being exclusive for services that run over httpd. Which is
the commit this is on top of.
Also, an environment file was added that's similar to
environments/docker.yaml. The difference is that this one will contain
the services that can run containerized with TLS-everywhere. This file
will be updated as more services get support for this.
bp tls-via-certmonger-containers
Change-Id: I87bf59f2c33de6cf2d4ce0679a5e0e22bc24bf78
|
|
The containers also need to trust the CA's that the overcloud node
trusts, else we'll get SSL verification failures.
bp tls-via-certmonger-containers
Change-Id: I7d3412a6273777712db2c90522e365c413567c49
|
|
|
|
|
|
We pass the short hostname to docker-puppet.py. In order to satisfy the
factor FQDN check for the short hostname we need to run the container
with --net=host in some cases.
Change-Id: I2929f122f23ee33e8ea5d4c5006d2bbb8b928b67
Closes-bug: #1681903
|
|
To enable easier detection of the IPs associated with nodes (such
as to enable the tripleo-validations ansible inventory to work with
custom roles more easily) expose the data we already have about the
nodes/roles and the list of IPs for each network.
Change-Id: I5667a142f47fbff120c703bedadd8b6e163c9480
|
|
Per puppet-nova commit 2c743a6bff5b17a85d1e0500f3a9ecb21468204e
there is now a custom resource for Nova_cell_v2 configuration.
As this resource runs automatically regardless of our use
of puppet tags we need to explicitly disable it to be able to
generate Nova API configs for docker.
Change-Id: Id675dc124464acddc3fc5a88b017a351e93ba685
Closes-bug: #1681841
|
|
This moves the directories containing the certs/keys for httpd one step
further inside the hierarchy. This way we will be able to bind-mount
this certificate into the container without bind-mounting any other
certs/keys from other services.
bp tls-via-certmonger-containers
Change-Id: Ibe6e66ae4589b9eab7db330dd8b178e0f8775639
Depends-On: I0b71902358b754fa8bd7fdbb213479503c87aa46
|
|
|
|
We need the service to be present to run jobs involving containers. Note
that this is effectively a no-op for the current CI jobs, as by default
the Docker service is mapped to OS::Heat::None. Docker will actually be
deployed only if environments/docker.yaml is included in the deploy
command.
Change-Id: I97a35e30e428ff64feeb411bf63dbb7aa54f9829
|
|
This is cluttering up the logs with useless error messages, making it
more difficult than necessary to debug the CI job.
Change-Id: Icbdc4c74d99fea39b8722955dab56e5f538849aa
|
|
This will give user the ability to set these values,
if IPv6 is not to be used, it's recommended that it be
disabled to reduce the attack surface of the system.
Change-Id: Ib3142cce49b93a421ca142a59961ce49a77e66b1
Co-Authored-By: Luke Hinds <lhinds@redhat.com>
Signed-off-by: zshi <zshi@redhat.com>
|
|
|
|
|
|
|
|
Add services for Dell EMC Cinder back ends to the resource registry
and to the Controller role (defaulting to OS::Heat::None).
Closes-Bug: #1681497
Change-Id: I694fd7738abd3601851bdcd38e3633607ce6152c
|
|
Convert NetApp Cinder back end to support composable roles via new
"CinderBackendNetApp" service.
Closes-Bug: #1680568
Change-Id: Ia3a78a48c32997c9d3cbe1629c2043cfc5249e1c
|
|
|
|
Change-Id: I43c35bbf959e5dcdd7e87a8f6a604d5fe5b4f2a9
|
|
|
|
Following change I1393d65ffb20b1396ff068def237418958ed3289 the ctlplane
network will be 192.168.24 by default and not 192.0.2 anymore.
This change removes old references left to 192.0.2 network from the
overcloud templates.
Change-Id: I1986721d339887741038b6cd050a46171a4d8022
|
|
|
|
This uses the coalesce function to take null values into account, else
these resources will fail validation.
Change-Id: Iaf4218dd731826f80b76ff8f7a902adc8c865be5
Closes-Bug: #1681332
|
|
yaql calls are fairly expensive. Let's try to not nest them when we can
avoid it.
Change-Id: I5e7dbc42be625bbfe7989867794a67ebae08687d
|
|
This reverts commit b323f8a16035549d84cdec4718380bde3d23d6c3 and uses
the new logic in puppet-tripleo (see Ifd6fa5b398d98e8998630ea0c9a2ce9867ceba2b
), basically doing the same.
Closes-Bug: 1665641
Change-Id: Ib5cb0578be2993af0a0b8675005d838640bdb139
|
|
bp secure-etcd
Depends-on: I0759deef7cbcf13b9056350e92f01afd33e9c649
Change-Id: I049e35f3158435a0a82ca666911f2337b38e30ce
Signed-off-by: Feng Pan <fpan@redhat.com>
|
|
|
|
|
|
|
|
Change-Id: I93de22a4aa2d90966c24349e765475576947f2e0
|
|
Using an empty string to signal that the default value in the puppet module
is to be used no longer seems to work, resulting in the puppet specified
defaults being overridden by empty string values. The impact on
configuration will differ depending on the actual configuration item, the
puppet code and the service, so it is just safer to omit the hieradata if
the user has not explicitly set a value.
Change-Id: Iefbc8f8669680e4f9d01db6b49543bfbe9b7661b
Closes-Bug: #1669452
|
|
|
|
This change adds two files which demonstrate manipulation of the
VIP IP addresses without using an external load balancer. This
allows the configuration of DNS, or allows for continuity when
replacing an existing environment.
The fixed IPs for the virtual IPs are set using the new parameters,
and this change also adds a RedisVirtualFixedIPs parameter for
setting the Redis VIP.
Partial-Bug: https://bugs.launchpad.net/tripleo/+bug/1604946
Change-Id: I4e926f1c6b30d4009d24a307bc21e07e1731b387
|
|
When service is added during an upgrade, fix the ansible syntax
to use the right variable for return code.
Change-Id: I974699fb8b0dcbe5ffa6935c394df4ac8e7b21d4
|
|
There is a windows for the pcs cluster status to hang forever[1]. We
add a timeout during check0 to avoid this situation. 2 minutes should
be more than enought to get all the pcsd nodes to reply.
[1] https://bugzilla.redhat.com/show_bug.cgi?id=1292858
Closes-Bug: #1680477
Change-Id: Icb3dc76e031a3d4f26294f37d169f2f61d30973e
|
|
|
|
|
|
Adds the ability to perform a yum update after performing the RHEL
registration.
Change-Id: Id84d156cd28413309981d5943242292a3a6fa807
Partial-Bug: #1640894
|
|
This will add the Docker service to all roles. Note that currently by
default the Docker service is mapped to OS::Heat::None by default. It
will only be deployed if environments/docker.yaml file is included in
the deployment.
Change-Id: I9d8348b7b6576b94c872781bc89fecb42075cde0
Related-Bug: #1680395
|
|
|
|
This ports the fixes made to the legacy 51-hosts script, which this
script is derived from, to tht.
See related t-i-e patch Ibe0a9f6ec10d55750e3b0e16301236141f988d69
Change-Id: Ide922af93a5d185bd592e220327326f1d244c4e2
Closes-Bug: #1674732
|
|
Current puppet module miss password section hence congress is not
available due to missing password in congress.conf. This fix is to
add password.
Change-Id: I277c03ca93130a0337d5085f09c375fb0ac9331d
Signed-off-by: Tomofumi Hayashi <s1061123@gmail.com>
|
|
This submission will enable the BGPVPN API
on scenario004.
This addition to scenario004 does not
provide any sanity check for the Neutron API
extension. At this stage is meant to
install the required packages and prerequisites,
configure the extension and
having the services started correctly.
In the README.rst file, this is displayed as
neutron-bgpvpn, so for further integrations
should be added as neutron-<extension_name>
for an easier reading.
Depends-On: I4d0617b0d7801426ea6827e70f5f31f10bbcc038
Depends-On: I2be0fab671ec1a804d029afc6dc27d19a193b064
Change-Id: I6c257417a9231c44e13535bc408d67d2a3cacbf8
|
|
|
|
1.As mentioned in [1], we should avoid using
six.iteritems to achieve iterators. We can
use dict.items instead, as it will return
iterators in PY3 as well. And dict.items/keys
will more readable. 2.In py2, the performance
about list should be negligible, see the link [2].
[1] https://wiki.openstack.org/wiki/Python3
[2] http://lists.openstack.org/pipermail/openstack-dev/2015-June/066391.html
Change-Id: I7c8f540eced0731f4dfb1dfd045828b5a9bb6c67
|
|
|
|
|
|
|
|
|