aboutsummaryrefslogtreecommitdiffstats
AgeCommit message (Collapse)AuthorFilesLines
2014-07-22Merge "Remove extra list"Jenkins1-1/+1
2014-07-22Merge "Define and bind a public virtual IP"Jenkins1-1/+70
2014-07-22Define and bind a public virtual IPJames Polley1-1/+70
Prior to this change our heat templates define one virtual IP, which all the services are bound to. We wish to be able to segregate these endpoints: some need to be accessible to "the public"; some are only intended to be accessed within the cloud; some are only for admin use. This change adds a second VIP which we can use for binding only the endpoints that are intended to be publicly accessible, leaving the older VIP to be used for internal end points. Haproxy is told to also listen on that new VIP so that we can expose selected services via the new VIP, and keepalived is in charge of assigning the VIP to control plane nodes. This change has a proposed split of services between control-only and control+public interfaces. Assuming our yaml parsers (in merge.py and Heat) understand YAML anchors/aliases, and assuming I've got the syntax right, this should get expanded so that all the control+public services get their config defined from the same block without needing to repeat it for each service. (AFAICT both merge.py and heat use pyyaml, which does support aliases/anchors) The default is left at binding to only the controlplane interface, so that new services added to this map will default to being internal-only This patchset partially completes a spec which will one day live at https://blueprints.launchpad.net/tripleo/+specs/tripleo-juno-virtual-public-ips but for now can bee seen in Id9addc65f0d2ed519ce4b3edbd561ed660a2786e Implements: blueprint tripleo-juno-virtual-public-ips Change-Id: I9649ee74ebaf62b6b929b28243a07c789a08867c Co-Authored-By: Robert Collins <rbtcollins@hp.com> Partial-Bug #1325114
2014-07-22Merge "expose glance_port,protocol as glance.port,protocol"Jenkins1-0/+2
2014-07-22Merge "merge.py use a class to represent template syntax"Jenkins1-52/+73
2014-07-19Fix SSL with HAProxy.Robert Collins2-0/+24
The current configuration of services is that if SSL is in use (signaled by stunnel.connect_ip) we bind to 127.0.0.1 - which is great, but it breaks simultaneous non-SSL due to there being no pass-through stunnel equivalent on all the nodes. As an interim measure, teach stunnel to connect to the ctlplane address instead. We will need this flexability in future anyway to deal with mixed-mode configurations, but we don't yet have an SSL only configuration. The change will permit SSL only by altering the Deployment object only - the SSL config object should now be flexible enough to run in either mode (but as yet on an all-one-way-or-the-other basis). Change-Id: Ibac3dec1fe7b573029482fdd9ad2d2f6223fbce0
2014-07-18Merge "make keystone.host point to controller_virtual_ip"Jenkins1-1/+1
2014-07-18Merge "Add corosync and pacemaker properties into overcloud template"Jenkins1-0/+11
2014-07-18merge.py use a class to represent template syntaxSteve Baker1-52/+73
Defining cfn template syntax as class attributes will make it easier to port merge.py to HOT just by setting lang to a different class. Change-Id: I2547333d727bf91cd3159790f0f20f4d10195a9c Partial-Blueprint: tripleo-juno-remove-mergepy
2014-07-17Merge "make glance.host point to controller_virtual_ip"Jenkins1-1/+1
2014-07-17Merge "use ControlVirtualInterface for keepalived VRRP"Jenkins1-1/+1
2014-07-17Merge "add Horizon caches backend definition (memcached)"Jenkins1-0/+7
2014-07-17Remove extra listJames Slagle1-1/+1
We are using "ctlplane" as the first parameter to Fn::Select here, so the second parameter must be a map, not a list. Fixes the following error: ERROR: Property error : BlockStorage0Deployment: input_values Index to "Fn::Select" must be an integer Change-Id: I34153543f8c3152df449e1b42e1f76a78a7d6ba3
2014-07-11Remove ImageBuilder::Elements from templatesTomas Sedovic2-9/+0
We're not using this metadata for anything. Change-Id: I9d27c76dfa7223cbd16b9afe967696644137b8d6
2014-07-11expose glance_port,protocol as glance.port,protocolRyan Moore1-0/+2
These values are available in metadata with underscores but they are accessed by nova with dots. Make them available with dots. Required by: Idccc0d60c9f6b17a853c6de1bbea64bfc7e028b2 Change-Id: I5fe952f850339465de128e56e45c9bbda011ce7f
2014-07-11Merge "Use the right DSN for neutron agents."Jenkins1-1/+1
2014-07-10add Horizon caches backend definition (memcached)Giulio Fidente1-0/+7
This change adds into the overcloud-source template a structure name horizon.caches meant to define the Horizon caches backend. It defaults to using memcached and provides a list of the memcached nodes in horizon.caches.memcached.nodes Related to blueprint tripleo-icehouse-ha-production-configuration Change-Id: I728e05926f2de0e867fb8e8c74c63947da7d987a
2014-07-10make glance.host point to controller_virtual_ipGiulio Fidente1-1/+1
Previously glance.host was pointing to the local controller_host which would have requests to glance from other services to fail if the local glance daemon was unavailable. Change-Id: Ifd4f4b12cd51e23313826288797cc00ba3cd1754
2014-07-10make keystone.host point to controller_virtual_ipGiulio Fidente1-1/+1
Previously keystone.host was pointing to the local controller_host which would have caused all local services to become unavailable if keystone was to go down. Closes-Bug: #1339986 Change-Id: I9b73595d3e0ae6e872aa6b7e0f93354ff04f2956
2014-07-10use ControlVirtualInterface for keepalived VRRPGiulio Fidente1-1/+1
Change keepalived.keepalive_interface so that it uses the actual ControlVirtualInterface (bridge) for VRRP rather than the bridged interface (NeutronPublicInterface). Fixes the issue which caused keepalived to bring up the VIP on all control nodes. Change-Id: Ifc484d6a6086d9872210aa576f21d326f60b7d35
2014-07-09Merge "Make target to validate a template"Jenkins1-0/+4
2014-07-08Add corosync and pacemaker properties into overcloud templateJan Provaznik1-0/+11
Pacemaker will be used for managing ceilometer central agent, we need basic metadata to setup corosync and pacemaker. Related to: Ifa83d62c2132bcdcb40d0b7c80ce3adadc0b5587 Change-Id: I44909005d9bc653c3e7c2de1c12fe4ffecf6bede
2014-07-08Make target to validate a templateSteve Baker1-0/+4
This adds make targets to run heat template-validate against the generated templates. These targets assume that credentials to a valid heat endpoint have been sourced. The target validate-all will validate every template in generated_templates, but there is also a target created for each template, for example: make validate-overcloud.yaml This is a useful aid for Partial-Blueprint: tripleo-juno-remove-mergepy Change-Id: Id101402b8b2fa0bc6058c5bc4b7474f0f6a158ad
2014-07-07Specify the network for nodesRobert Collins3-0/+6
Without this, when there are multiple admin networks (e.g. a VLAN) Nova will refuse to guess and we'll fail to deploy. Change-Id: Id1dca43ef287fda2adcfdf5b5d30145b055dbe76
2014-07-03Make stack complete depend on all nodesClint Byrum2-3/+3
Previously the completion signal was just based on the first run of os-refresh-config. But in this case, we actually need to wait until it runs successfully with all hosts computed. That way we can know that services aren't in an unstable state while that configuration rolls out. Change-Id: I3b965c19c92b366df3069cb8e1daffa18252c884 Closes-Bug: #1337230
2014-07-02Merge "Enable multi-node rabbitmq cluster"Jenkins3-17/+17
2014-07-02Merge "Compute all hosts matrix once"Jenkins3-64/+26
2014-07-01Enable multi-node rabbitmq clusterJan Provaznik3-17/+17
This causes that: * rabbit.nodes is list of all control nodes * rabbit_hosts in OS config files points to all nodes in rabbitmq cluster * overcloud control nodes are joined into cluster This works both for single or multiple control nodes and it's needed for scaling out control nodes. rabbit.nodes property is very similar to generating list of all hosts, so it uses same StructuredConfig block. This block (and couple of references) is renamed to allNodesConfig to make it more general. Related to blueprint tripleo-icehouse-ha-production-configuration Change-Id: Ice1a34ba7a52c41c1bb0c63350438971c651e7b6
2014-06-30Merge "Add galera clustering properties"Jenkins1-0/+13
2014-06-30Compute all hosts matrix onceClint Byrum3-64/+26
Then feed in through separate deployments. This reduces the exponential growth of calculating the entire list for every server. Change-Id: Ib1187eabeb91b46e29ddcf5065056e43a69bb2a0
2014-06-30Merge "Haproxy configuration"Jenkins1-0/+39
2014-06-30Add galera clustering propertiesGregory Haynes1-0/+13
Adding nodes and cluster_name properties for mysql in order to enable galera clustering. Change-Id: I522b7324460469c59f49983ca3becd9ea914cdc0
2014-06-29Haproxy configurationDima Shulyak1-0/+39
Added several sections that are required for HAproxy configuration 1. haproxy.services - standard openstack services ports 2. haproxy.nodes - openstack controllers 3. haproxy.net_binds - virtual ips, that will also act as public endpoint input controller_nodes scales with OVERCLOUD_CONTROLSCALE > 1 Related change t-i-e I641fa90c4a34c26e5699cf7f5a6f9643792c7b16 Implements blueprint tripleo-haproxy-configuration Related to blueprint tripleo-icehouse-ha-production-configuration Change-Id: I9c70812ee1b3e8c8c072705fc5123da88ecc8f9f
2014-06-30Use the right DSN for neutron agents.Robert Collins1-1/+1
Since the wrong one is a bad idea :) Change-Id: I7ed40078f487459dee9055ef41f10a9b60a0e674
2014-06-27Merge "Set glance protocol and port as Heat configurable"Jenkins3-0/+34
2014-06-25Add parameters for setting up keystone keys/certs in undercloudJan Provaznik2-8/+16
This will allow us distribute identical keys/certs to all control nodes in HA mode. CAKey was removed because it's not required by keystone. Change-Id: I187492d5fac448e57f8cd687f9cb751520df5921
2014-06-20Merge "Add custom public IP support to the undercloud."Jenkins1-0/+19
2014-06-16Set glance protocol and port as Heat configurableRyan Moore3-0/+34
This change is to set the glance protocol and port as configurable via the Heat template. Presently the port is hard-coded in the elements nova.conf file, and the protocol is assumed as being the default (http). This change will allow the glance_api_servers to be set (in nova.conf) using the constituent parts: glance_protocol://glance_host:glance_port Change to nova.conf to read this value is: Idccc0d60c9f6b17a853c6de1bbea64bfc7e028b2 Default port value is set to the nova default(9292) which is currently hard-coded in the elements nova.conf file. Default protocol value is set to the nova default(http). Change-Id: I3c7218292797c62c36e2aaab4f325bf053ef140b
2014-06-16Merge "Use virtual ip for OS services"Jenkins1-4/+6
2014-06-11Merge "Add parameters for setting up keystone keys/certs"Jenkins1-0/+24
2014-06-10Merge "Remove the tuskar-source template"Jenkins3-27/+0
2014-06-09Use virtual ip for OS servicesJan Provaznik1-4/+6
VIP should be used when pointing an OS service to another OS service in config files (most typical is setting Keystone's host IP, but also Glance and Netron host needs to be set in Nova config file). Change-Id: Id91e6ef2747981f17a43afd279d4eebaad01fe4d
2014-06-09Replace nagios3 template with HOT rewriteClint Byrum1-103/+132
Rewrote template from scratch using HOT. Mail delivery does not work yet but it does produce Nagios. Change-Id: I347f8a008aa7db1145da0988053c791e6f2dbbc2
2014-06-06Merge "Add Controller scale param to merge.py"Jenkins1-2/+2
2014-06-04Setup SSL for CeilometerRob Parker1-0/+3
Establish the Public (SSL) port, 13777, and connect it to the internal port, 8777 Change-Id: I7bba7f8224b6e31fc4f5444eee679ca5a4ce4ebe
2014-06-04Remove the tuskar-source templateTomas Sedovic3-27/+0
There is no need for a tuskar-specific undercloud template. Tuskar is installed via elements just like any other undercloud service. This template is not being used in devtest and I'm not sure it ever has been. Change-Id: I531d927b1984873b32f440d33a130788670f7cd9
2014-06-04Merge "Add passthrough configuration glue."Jenkins1-0/+50
2014-06-04Merge "Fixes to swift-storage-source.yaml"Jenkins1-2/+19
2014-06-04Add custom public IP support to the undercloud.Robert Collins1-0/+19
Now we're trying to automate VLAN deployed underclouds, this suddenly becomes relevant. Change-Id: I800a0ceab7443d685551d7a919724f6cf45fd891
2014-06-03Add passthrough configuration glue.Nicholas Randon1-0/+50
This provides a means for users to pass configuration through to the machines they are deploying without us modelling that. Change-Id: Ia8d1564bd0f3e7b988497a84e00831619047cd94