aboutsummaryrefslogtreecommitdiffstats
AgeCommit message (Collapse)AuthorFilesLines
2017-06-12Containerize multipathdDan Prince2-0/+90
Co-Authored-By: Jon Bernard <jobernar@redhat.com> Depends-On: I486de8b6ab2f4235bb4a21c3650f6b9e52a83b80 Change-Id: I6cf70fa05ad1c8aa6d9f837ddcd370eb26e45f97
2017-06-12Move iscsid to a containerDan Prince10-0/+120
This configures iscsid so that it runs as a container on relevant roles (undercloud, controller, compute, and volume). When the iscsid docker service is provision it will also run an ansible snippet that disables the iscsid.socket on the host OS thus disabling the hosts systemd from auto-starting iscsid as it normally does. Co-Authored-By: Jon Bernard <jobernar@redhat.com> Change-Id: I2ea741ad978f166e199d47ed1b52369e9b031f1f
2017-06-12Merge "Add support for autofencing to Pacemaker Remote."Jenkins1-0/+38
2017-06-12Generate HAproxy iptables rules for containerized HA deploymentsDamien Ciabrini1-10/+13
The containerized HAproxy service can only specify steps to be run in containers, i.e. it cannot runs the regular puppet steps on bare metal at the same time. A side effect is that the dedicated HAproxy iptables rules are no longer generated. Update the docker_config step to fix the creation of iptables rules for HAproxy and persist them on-disk as before. Co-Authored-By: Michele Baldessari <michele@acksyn.org> Closes-Bug: 1697387 Change-Id: Ib5a083ba3299a82645f1a0f9da0d482c6b89ee23
2017-06-12Merge "Don't mount all of config-data /etc, /etc/httpd"Jenkins19-21/+46
2017-06-12Pacemaker HA suport for OVN DB serversNuman Siddique4-0/+89
This patch adds the templates required to enable the OVN DB servers to be started in master/slave mode in the pacemaker cluster. For the OVN DBs base profile, ::tripleo::haproxy expects the parameter 'ovn_dbs_manage_lb' set to true in order for it to configure OVN DBs for load balancing (please see this commit [1]). So this patch sets 'ovn_dbs_manage_lb' to true. [1] - I9dc366002ef5919339961e5deebbf8aa815c73db Co-authored-by: Babu Shanmugam (babu.shanmugam@gmail.com) Depends-on: I94d3960e6c5406e3af309cc8c787ac0a6c9b1756 Change-Id: I60c55abfc523973aa926d8a12ec77f198d885916 Closes-bug: #1670564
2017-06-12Execute Swift ring up-/download in containerized environmentsChristian Schwede1-2/+13
This patch ensures that Swift rings are downloaded from the undercloud before a rebalance and uploaded afterwards. Depends-On: I51c5795b9893d797bd73e059910f17a98f04cdbe Change-Id: Ief012fed628957e4da63ff3314c4cf01d58b6b16
2017-06-12Add support for autofencing to Pacemaker Remote.Chris Jones1-0/+38
We now pass configuration for autofencing to Pacemaker Remote nodes. Change-Id: Ibb9c65a83cc909528024c538cf3bcc96390c555e Depends-On: I87c60bd56feac6dedc00a3c458b805aa9b71d9ce Closes-Bug: #1686115
2017-06-12Providing parameters specific to a workflow via plan-environmentSaravanan KR3-0/+61
Parameters which are not part of the heat environment template are required by the worflows like derive parameters. In order to seprate from the heat environment parameters, the workflow only parameters will be provided via plan-environement section, workflow_parameters. Implements: blueprint tripleo-derive-parameters Change-Id: I36d295223c28afff1e0996b4885b8a81c00842f0
2017-06-11Merge "Containerized collectd"Jenkins2-0/+96
2017-06-12Don't mount all of config-data /etc, /etc/httpdSteve Baker19-21/+46
This change modifies these mounts to be more specific mounts based on the files which puppet actually modifies. The result is something a bit more self-documenting, and allows for trying other techniques for populating /etc other than directly mounting config-data directories. Change-Id: Ied1eab99d43afcd34c00af25b7e36e7e55ff88e6
2017-06-11Remove pip install paunchMichele Baldessari1-4/+0
We now have python-paunch-1.1.1 [1] in the overcloud images so we do not need to pip install it any longer. [1] https://trunk.rdoproject.org/centos7-master-head/current/python-paunch-1.1.1-0.20170602043913.c8e22e5.el7.centos.noarch.rpm Change-Id: I1ede514a8aee7ac217fa75843e67fb6542e06f99
2017-06-09Fix rpms being installed via DeployArtifactURLsAlex Schultz2-2/+10
The deploy-artifacts.sh script is supposed to support installing rpms when provided by DeployArtifactUrls. The problem is that it uses yum to install which does not actually work unless the filename ends with .rpm. This change updates the script to rename the downloaded file to end with .rpm if it is an rpm so that it is properly installed. Change-Id: I048d2b4474f9efe424e98e3868f325704e9c352f Closes-Bug: #1697102
2017-06-09Merge "Revert "Add support to configure Num of Storage sacks""Jenkins2-12/+1
2017-06-09Remove duplicate docker/puppet services.yamlSteven Hardy7-115/+19
Move to one common services.yaml not only reduces the duplication, but it should improve performance for the docker/services.yaml case, because we were creating two ResourceChains with $many services which we know can be really slow (especially since we seem to be missing concurrent: true on one) Change-Id: I76f188438bfc6449b152c2861d99738e6eb3c61b
2017-06-09Configure credentials for ironic to access cinderDmitry Tantsur1-0/+6
Change-Id: Id896e01e24ecc2bfd7a983a3ff9756fefe4a4525 Depends-On: I097c494d3953b7d26d94aecc546ddef5225d1125
2017-06-09Add templates to configure Ironic inspectorDan Prince5-0/+160
Implements: blueprint ironic-inspector-composable-service Co-Authored-By: Dmitry Tantsur <dtantsur@redhat.com> Change-Id: I825516f9f5c2b0c03a3f497d6954022714aab988
2017-06-09Revert "Add support to configure Num of Storage sacks"Pradeep Kilambi2-12/+1
This reverts commit a915b150018bf306a5942782bf93c5faadcd7cde. The argument is renamed and causing promotions to fail. Change-Id: I7e1674cff75b606c20956edddf70eee2990fca78
2017-06-09Merge "Write md5sum for service config directories"Jenkins2-3/+59
2017-06-09Merge "Make container names consistent"Jenkins18-41/+41
2017-06-09Merge "Configure crl file for HAProxy"Jenkins1-0/+6
2017-06-09Merge "Configure CRL URI if TLS in the internal network is enabled"Jenkins1-0/+17
2017-06-09Merge "Containerize Tacker Services"Jenkins2-0/+136
2017-06-09Merge "Containerize Congress API service"Jenkins2-0/+137
2017-06-09Merge "Role Specific parameter for nova-compute service"Jenkins1-3/+23
2017-06-09Make container names consistentMartin André18-41/+41
This commit change the container names to consistently use the `_` char as a word separator and make the kolla external config file match the container name to make operators' life easier. Change-Id: Ibac9d76dde474b94c3cb86031ead0fd0327e126f
2017-06-09Merge "Modify libvirtd container command line when TLS is enabled"Jenkins1-1/+25
2017-06-09Merge "Run the nova-compute container as the nova user"Jenkins1-1/+1
2017-06-08Fix bug in docker-toool where values are sometimes empty.Ian Main1-0/+3
I was getting empty volumes from the json and it was creating bad docker command lines. Change-Id: Ie90fc1afa5711d6b029e98d621507b9cb70c1dbe
2017-06-08Change HorizonSecureCookies default to FalseBen Nemec2-1/+2
HorizonSecureCookies is incompatible with non-ssl deployments, which is our default deployment method. When SSL is in use, it can be turned on in the enable-tls.yaml file. This does mean that existing users won't automatically get this feature turned on as part of their upgrade because enable-tls.yaml is an environment that is intended to be copied and edited, but it's simple to add the parameter to the file for users who want that behavior after they upgrade to a version where it is available. Change-Id: If83d3d8709fc4e0c09569e8bf524721d332bf560 Closes-Bug: 1696861
2017-06-08Merge "Containerize Horizon"Jenkins2-0/+129
2017-06-08Run the nova-compute container as the nova userOliver Walsh1-1/+1
Change-Id: Ie6469d2fd2119952669f5c9fdaa41fb273185973 Depends-On: I91be1f1eacf8eed9017bbfef393ee2d66771e8d6 Closes-bug: #1693844
2017-06-08Merge "Use Deployment actions for blacklist"Jenkins6-29/+121
2017-06-08Merge "Standardize example role definitions"Jenkins16-187/+898
2017-06-08Containerized collectdMatthias Runge2-0/+96
Change-Id: I05126a108f5ab790e729d1f98399dca5801ebd69
2017-06-08Write md5sum for service config directoriesSteven Hardy2-3/+59
The configuration generated by docker-puppet may change on update, so checksum the combined files from the config-data directories, to enable detecting those that have changed and restarting the appropriate containers - we need to merge this checksum into the environment passed to the containters, as this will cause paunch to correctly restart containers when the configuration generated changes, even if the rest of the json definition provided by heat does not. Change-Id: I40d9080cf3ad708ef4ed91e46d2b2ae1138bb9c3
2017-06-08Merge "Add support to configure Num of Storage sacks"Jenkins2-1/+12
2017-06-08Fix typo in haproxy docker mappingMichele Baldessari1-1/+1
It is 'HAproxy' and not 'HAProxy'. This needs fixing so that the proper service is instantiated when a role includes the HAproxy service. Change-Id: Ibcbacff16c3561b75e29b48270d60b60c1eb1083
2017-06-08Merge "Fix the disable expirer to remove crontab"Jenkins2-16/+9
2017-06-08Containerize Cinder-volume for HADamien Ciabrini1-0/+170
This service allows configuring and deploying cinder-volume containers in a HA overcloud managed by pacemaker. The containers are managed and run by pacemaker. Pacemaker runs the standard Kolla image but overrides the initial command so that it explicitely calls cinder-volume. This way, we shield ourselves from any unexpected future change in Kolla. This container needs to use the 'docker_config' section to invoke puppet (as opposed to 'docker_puppet_tasks'), because due to the HA composability each resource creation needs to happen on the bootstrap node of that service and 'docker_puppet_tasks' will only run on the controller/primary role. Co-Authored-By: Michele Baldessari <michele@acksyn.org> Partial-Bug: #1668920 Depends-On: I95ad4dd89b47396bea672813d87de35e64c04b2d Change-Id: Ib6396219c3d9484c533f6f9995d565091a197bbb
2017-06-08Containerized Sensu clientMartin Mágr2-0/+134
Implements: blueprint container-healthchecks Depends-On: I9ccf1c4c948e6e347eb8e4d947edf77822a601cb Change-Id: Iff7758623974a69e2c043cf611f46ce11c36cc59
2017-06-08Containerize Tacker ServicesPradeep Kilambi2-0/+136
Closes-bug: #1668935 Change-Id: I83a02735eb445e831bc74ec786f2bb42cd2f87d6
2017-06-08Containerize Congress API servicePradeep Kilambi2-0/+137
Closes-bug: #1668929 Change-Id: I051edcf2980bb9c2521e21c410055690c012a0d1
2017-06-08Fix containerized SwiftRawDisks usageChristian Schwede1-1/+22
This patch partitions the defined devices and mounts them on the hostnode. It also disables the mount_check inside Swift because it is currently not possible to detect wether a given directory is a mounted device or not. This is just a workaround until a better solution has been implemented in Swift itself. Change-Id: I6e8e1328d7ffb18bb96ed1a940013dbb8b6b433e
2017-06-08Role Specific parameter for nova-compute serviceSaravanan KR1-3/+23
The parameters NovaVcpuPinSet, NovaReservedHostMemory and NovaPCIPassthrough are modified to support role-specific parameter inputs. Change-Id: I7c11e8fc2c933f424318e457cb1e96acb8df2ec7
2017-06-08Configure crl file for HAProxyJuan Antonio Osorio Robles1-0/+6
This will enable HAProxy to use CRLs for the nodes it's proxying. bp tls-via-certmonger Depends-On: I4f1edc551488aa5bf6033442c4fa1fb0d3f735cd Change-Id: I2558113bf83674ce22d99364b63c0c5be446bf77
2017-06-08Configure CRL URI if TLS in the internal network is enabledJuan Antonio Osorio Robles1-0/+17
This uses by default the URL for the CRL provided by FreeIPA (the default CA in TripleO). bp tls-via-certmonger Depends-On: I38e163e8ebb80ea5f79cfb8df44a71fdcd284e04 Change-Id: I87001388f300f3decb3b74bc037fff9d3b3ccdc2
2017-06-08Role Specific parameters for neutron-sriov-agent serviceSanjay Upadhyay1-3/+19
Merge the role specific parmaeter with the default parameter with the higher precendece given to role specific parameters. Use the merged settings for the hiera config settings. Change-Id: I7d12ea7a26ba5c22d7961c59fb63663fc2a6b4cd Signed-off-by: Sanjay Upadhyay <supadhya@redhat.com>
2017-06-08Merge "Mount /var/run/libvirt on ceilo agent compute"Jenkins1-0/+1
2017-06-08Merge "Add host logging for redis service template"Jenkins1-3/+14