| Age | Commit message (Collapse) | Author | Files | Lines |
|---|
|
|
|
When we merged If3989f24f077738845d2edbee405bd9198e7b7db we correctly
used name_lower for most things but we left out the the
OS::TripleO::Network resource which would cause errors like the
following:
Could not fetch contents for file:///tmp/tripleoclient-LdqQGJ/tripleo-heat-templates/network/internalapi.yaml
The reason is that the network filename is called internal_api.yaml.
Change-Id: I40f268668ed948e5d41ed0ff5a8fc954cef7b17c
Closes-Bug: #1697883
|
|
With the addition of the KeystoneFernetKeys parameter, it's now possible
to do fernet key rotations using mistral, by modifying the
KeystoneFernetKeys variable in mistral; subsequently a rotation could
happen when doing a stack update.
So this re-enables the managing of the key files by puppet. However,
this is left configurable, as folks might want to manage those files
out-of-band.
bp keystone-fernet-rotation
Change-Id: Ic82fb8b8a76481a6e588047acf33a036cf444d7d
|
|
This uses the newly introduced dict with the keys and paths instead of
the individual keys. Having the advantage that rotation will be
possible on stack update, as we no longer have a limit on how many keys
we can pass (as we did with the individual parameters).
bp keystone-fernet-rotation
Change-Id: I7d224595b731d9f3390fce5a9d002282b2b4b8f2
Depends-On: I63ae158fa8cb33ac857dcf9434e9fbef07ecb68d
|
|
|
|
Also attempts to move the workaround for bug #1696283 to before the
puppet apply call.
Closes-Bug: #1696622
Change-Id: I3a195466a5039e7641e843c11e5436440bfc5a01
|
|
|
|
|
|
|
|
|
|
|
|
|
|
Depends-On: I3e865f2e9b6935eb3dfa4b4579c803f0127848ae
Change-Id: I09327a63d238a130b6ac0f2361f80e2b244b4b52
|
|
|
|
|
|
|
|
|
|
|
|
In newton, we used to construct the fqdn_$NETWORK in puppet-tripleo for
external, internal_api, storage, storage_mgmt, tenant, management, and
ctrlplane. When this was moved into THT, we accidently dropped external
which leads to deployment failures if a service is moved to the external
network and the configuration consumes the fqdn_external hiera key.
Specifically this is reproduced if the MysqlNetwork is switch to to
exernal, then the deployment fails because the bind address which is set
to use fqdn_external is blank.
Change-Id: I01ad0c14cb3dc38aad7528345c928b86628433c1
Closes-Bug: #1697722
|
|
This service generates the /etc/my.cnf.d/tripleo.cnf file which is
being used to configured MySQL clients (e.g. client bind address,
client SSL configuration...)
We generate the config file in this service and let containerized MySQL clients
mount /var/lib/config-data/mysql_client/etc/my.cnf.d/tripleo.cnf it in their
own container. This way, when this MySQLClient service is updated, the other
containers will automatically pick the updated configuration at next restart.
Partial-Bug: #1692317
Change-Id: Idc56d27fb9645ad3b07df8ef08b7e2ce29e6d499
|
|
Depends-On: I037858a445742de58bd2f8d879f2b1272b07f481
Change-Id: Ifd138ea553a45a637a1a9fe3d0e946f8be51e119
|
|
Depends-On: I037858a445742de58bd2f8d879f2b1272b07f481
Change-Id: I808a5513decab1bd2cce949d05fd1acb17612a42
|
|
This will allow the services running in the containers to trust the CA.
bp tls-via-certmonger-containers
Change-Id: Ib7eb682da64473a651b34243c92ab76009964aba
|
|
|
|
|
|
Set up the LVM storage only if we're using iSCSI backend.
Change-Id: I62e8f9cc38b201aebd1799e05ffc1398d13a9aa0
|
|
Currently there's some hard-coded references to roles here, rendering
from the roles_data.yaml is a step towards making the use of isolated
networks for custom roles easier.
Partial-Bug: #1633090
Depends-On: Ib681729cc2728ca4b0486c14166b6b702edfcaab
Change-Id: If3989f24f077738845d2edbee405bd9198e7b7db
|
|
In change I90253412a5e2cd8e56e74cce3548064c06d022b1 we merged
containerized HAProxy setup, but because of a typo in resource
registry, CI kept using the non-containerized variant and it went
unnoticed that the containerized HAProxy doesn't work yet.
We merged a resource registry fix in
Ibcbacff16c3561b75e29b48270d60b60c1eb1083 and it brought down the CI,
which now used the non-working HAProxy.
After putting in the missing haproxy container image to tripleo-common
in I41c1064bbf5f26c8819de6d241dd0903add1bbaa we got further, but the
CI still fails on HAProxy related problem, so we should revert back to
using non-containerized HAProxy for the time being.
Change-Id: If73bf28288de10812f430619115814494618860f
Closes-Bug: #1697645
|
|
Existing host_config_and_reboot.role.j2.yaml is done in ocata to
configure kernel args. This can be enhanced with use of role-specific
parameters, which is done in the current patch. The earlier method is
deprecated and will be removed in Q releae.
Implements: blueprint ovs-2-6-dpdk
Change-Id: Ib864f065527167a49a0f60812d7ad4ad12c836d1
|
|
Gnocchi 4 supports storage sacks during upgrade. lets make this
configurable if we want to use more metricd workers.
Change-Id: Ibb2ee885e59d43c1ae20887ec1026786d58c6b9e
|
|
|
|
|
|
As noted in the original patch review
I5e743f789ab7dd731bc7ad26226a92a4e71f95a1 the IronicInspectorAdmin
should be https.
Change-Id: I6e37427da679775f02ff0c5fe55cfee51c122e3d
|
|
Fix a bug that prevented these working. A unit test and
documentation for the nested environment functionality is also
included.
Change-Id: I2d4aeb584eb624178d601cfd6bc0a6473cb5289f
|
|
Starts converting storage-related sample environments to the tool,
and adds a few new ones for demonstration purposes.
This has required the addition of a new category of parameter
overrides in the tool. There are some parameters that are part of
the public API of roles that should not normally be included in a
sample environment for that role. Examples are EndpointMap and
ServiceNetMap. Those are both passed into most (all?) roles, but
their template defaults are not useful (both default to {}).
Unless we are explicitly creating a sample environment that
overrides those defaults we don't want them included.
Parameters such as RoleName and RoleParameters are similar. We
can't change them because they are part of the composable roles
interface and that would break any existing custom roles, but we
don't really want them included normally either. It's possible
these could be made completely private, but there have been some
very preliminary discussions about generating role samples that
might actually want to set them.
In order to avoid issues with editing the unit test file in editors
that strip trailing whitespace, the minor formatting bug where
params like EndpointMap had a trailing space after the name has
also been fixed.
Change-Id: If11f30c734bfbc17d463a9890c736d7477186fb9
|
|
Change-Id: I34d3a9356b119d549acd6fe4f0c8713b0bfa5957
|
|
We're not going to want to list every single sample environment in
a single file, so let's also take a directory and just read every
yaml file in it. This commit adds support for that as well as
some initial environments to demonstrate its use.
Change-Id: If2c608f2a61fc5e16784ab594d23f1fa335e1d3c
|
|
This is a tool to automate the generation of our sample environment
files. It takes a yaml file as input, and based on the environments
defined in that file generates a number of sample environment files
from the parameters in the Heat templates. A tox genconfig target
is added that mirrors how the other OpenStack services generate
their sample config files.
A description of the available options for the input file is
provided in a README file in the sample-env-generator directory.
In this commit only a single sample config is provided as a basic
example of how the tool works, but subsequent commits will add
more generated sample configs.
Change-Id: I855f33a61bba5337d844555a7c41b633b3327f7a
bp: environment-generator
|
|
|
|
|
|
|
|
|
|
We need to ensure that the pacemaker cluster restarts
in the end of the deployment.
Due to the resources renaming we added the
postconfig resource not in the end of the
deployment as it was *postpuppet.
Closes-bug: 1695904
Change-Id: Ic6978fcff591635223b354831cd6cbe0802316cf
|
|
Change-Id: Ifa8d023acdc42c9ae9a4b2f7652177e6ccb9f649
Depends-On: If44e958a9aa989e44c8c39e50715e92a4257bf1a
Co-Authored-By: Martin André <m.andre@redhat.com>
Co-Authored-By: Dan Prince <dprince@redhat.com>
Partial-Bug: #1668922
|
|
Add new parameters that control the NAS security settings in Cinder's
NFS and NetApp back end drivers. The settings are disabled by default.
Partial-Bug: #1688332
Depends-On: I76e2ce10acf7b671be6a2785829ebb3012b79308
Change-Id: I306a8378dc1685132f7ea3ed91d345eaae70046f
|
|
This has been renamed to multinode-containers.yaml to reflect that the
scenario isn't upgrade-specific.
Change-Id: I151792700475643a4088d98eb5e1bd7248e260cd
Depends-On: Ib04e2ccb330d73df464ad97a20908f20426a4249
|
|
Depends-On: I9abe867dfbdc81d14a1b3b3f1529240b5e522be5
Co-Authored-By: Martin André <m.andre@redhat.com>
Co-Authored-By: Ian Main <imain@redhat.com>
Co-Authored-By: Luigi Toscano <ltoscano@redhat.com>
Co-Authored-By: Telles Nobrega <tenobreg@redhat.com>
Change-Id: Id8e3b7e86fa05e0e71cc33414ceae78bab4e29b2
Closes-bug: #1668927
|
|
Adds docker service for Cinder Volume
Co-Authored-By: Jon Bernard <jobernar@redhat.com>
Depends-On: Ic1585bae27c318bd6bafc287e905f2ed250cce0f
Partial-bug: #1668920
Change-Id: Ifadb007897f3455b90de6800751a0d08991ebca2
|
|
Adds docker services for Cinder Backup
Co-Authored-By: Gorka Eguileor <geguileo@redhat.com>
Co-Authored-By: Jon Bernard <jobernar@redhat.com>
Co-Authored-By: Martin André <m.andre@redhat.com>
Co-Authored-By: Alan Bishop <abishop@redhat.com>
Partial-bug: #1668920
Change-Id: I26fc31e59b28da017f0b028b74bde40aaac53ad5
|
|
Adds docker services for Cinder API and Scheduler.
Co-Authored-By: Gorka Eguileor <geguileo@redhat.com>
Co-Authored-By: Jon Bernard <jobernar@redhat.com>
Co-Authored-By: Martin André <m.andre@redhat.com>
Co-Authored-By: Alan Bishop <abishop@redhat.com>
Depends-On: Ic1585bae27c318bd6bafc287e905f2ed250cce0f
Change-Id: I5cff9587626a3b2a147e03146d5268242d1c9658
Partial-bug: #1668920
|
Jenkins
Michele Baldessari
Juan Antonio Osorio Robles
Steve Baker
Pradeep Kilambi
Alex Schultz
Damien Ciabrini
Sven Anderson
Jiri Stransky
Steven Hardy
Saravanan KR
Ben Nemec
Carlos Camacho
Victoria Martinez de la Cruz
Alan Bishop
Dan Prince