aboutsummaryrefslogtreecommitdiffstats
AgeCommit message (Collapse)AuthorFilesLines
2017-07-13Move services.yaml to common directorySteven Hardy3-2/+1
This new directory has now been added to the RDO packaging so we can move things common to both puppet/container architecture here, starting with the recently combined services.yaml Change-Id: If2ce27188c4c15002b3ad830e8d6eb9504d2f3d2
2017-07-13Merge "Containerize Manila Share service"Jenkins2-0/+119
2017-07-13Merge "Use ServerOsCollectConfigData value in output"Jenkins1-4/+1
2017-07-13Ensure yum cache is ready before updateLukas Bezdicka2-0/+5
To workaround yum bug with libnss we need to make yum cache before running update. In fact we should have done this regardless of the bug. Change-Id: I5b2355fb8abe3c8d4b9ce9c62b9ffdba8c1e8d9d Resolves: rhbz#1458841 Closes-Bug: #1703830
2017-07-13Corrected wrong os_region_name in glance-api conf filePranaliD1-0/+1
KeystoneRegion value for all endpoints is set as 'regionOne', it should be same in the configuration file. In case of Cinder as glance backend the os_region_name should be "regionOne" instead of "RegionOne". Currently CI is not failing because cinder backend scenario is not yet added. But this would definitely fail if os_region_name=RegionOne. Change-Id: I26811a404a20ea3c55f5b272f86d9269d0f6acec Closes-Bug: 1704060
2017-07-13Merge "Fix ironic-pxe startup issues"Jenkins1-7/+7
2017-07-13Merge "Tolerate network errors in pingtest retry logic"Jenkins1-1/+2
2017-07-13Merge "Drop ComputeServices from environments/docker.yaml"Jenkins2-30/+0
2017-07-13Merge "Add support for running crontabs in containers"Jenkins3-5/+15
2017-07-13Merge "Revert "Revert "Blacklist support for ExtraConfig"""Jenkins11-7/+192
2017-07-13Merge "Run rsync for Swift without xinetd"Jenkins1-4/+4
2017-07-13Merge "Allow to set Notification Driver to 'noop'"Jenkins18-4/+119
2017-07-13Merge "Add DeployedServerEnvironmentOutput"Jenkins12-0/+348
2017-07-13Merge "Add missing tags in iscsid upgrade_tasks"Jenkins1-0/+2
2017-07-12Merge "Implement scenario006 with Ironic in overcloud"Jenkins1-0/+60
2017-07-12Merge "Remove controller specific bootstack_nodeid"Jenkins1-4/+0
2017-07-12Merge "Add dependency relationship between nested get_attr targets"Jenkins1-0/+9
2017-07-12Fix ironic-pxe startup issuesDan Prince1-7/+7
This patch updates the ironic-api docker service so that it generates its config files in a unique config root. This ensures that it doesn't have config files in the httpd conf.d directory for both the API and PXE services thus causing the API container to attempt to launch both of them. This functionally fixes the Ironic API and PXE services with docker so they once again can bring up an overcloud. Change-Id: I537cd6a3337bf776ca38a279b7c130b6429eea04 Closes-bug: #1702799
2017-07-12Merge "Bind mount needed cert for haproxy for HA too"Jenkins1-12/+26
2017-07-12Containerize Manila Share serviceVictoria Martinez de la Cruz2-0/+119
Change-Id: I797eea2f7788f65411964ccb852b5707e916416f Partial-Bug: #1668922
2017-07-12Drop ComputeServices from environments/docker.yamlDan Prince2-30/+0
Change-Id: Ibfc568755764203b68aed524d6f334eeb7cd5da7 Closes-bug: #1703001
2017-07-12Add support for running crontabs in containersOliver Walsh3-5/+15
This change enables the puppet cron resource in docker-puppet.py and adds user crontabs to the paths copied from the config containers. Only the nova crontab is configured for now. Other services will require similar changes to run their crontabs. Partial-Bug: 1701254 Change-Id: I2d1d0f0d77908a132472cf4bc475f8bd526af504 Depends-On: Ie16fb4539481a3c192cff8220a97daa4c70467fc
2017-07-12Merge "Remove ceilometer apache files on upgrade"Jenkins2-1/+42
2017-07-12Run rsync for Swift without xinetdChristian Schwede1-4/+4
The default in non-containerized environments is to run rsync within xinetd for Red Hat-based deployments, however in an containerized environment this is not really needed. Therefore run rsync directly without being started by xinetd. Change-Id: I08abd917eba08d1192437ddf96c71b06d099a3f8
2017-07-12Merge "Switch from oslosphinx to openstackdocstheme"Jenkins2-3/+8
2017-07-11Allow to set Notification Driver to 'noop'Emilien Macchi18-4/+119
This patch does 2 things: * Configure messagingv2 as default driver for Oslo Notifications sent on RPC. * Allow users to choose between messagingv2 (default) and noop when we want to disable notifications (for example, when Telemetry is disabled). * Deprecate KeystoneNotificationDriver in favor of NotificationDriver. Change-Id: Ia547d7f4bfb51e7c45246b097b48fd86da231bd3 Related-Bug: #1701357
2017-07-11Add dependency relationship between nested get_attr targetsZane Bitter1-0/+9
Starting with Pike, Heat will do attribute resolution in a single pass. A consequence of this is that when the result of a get_attr is passed to another get_attr call, there must be a dependency relationship between the resources so that the inner attribute is resolved first before we try to determine which attributes are required from the resource in the outer call. There are two uses of nested dep_attr in the overcloud template. One (which hopefully can be removed soon) is in the allNodesConfig resource. In this case, the {{primary_role_name}}IpListMap already depends on the ServiceNetMap. The second is in the KeystoneAdminVip output. This patch makes the VipMap depend on the ServiceNetMap so that attributes can be resolved in a single pass in that case. Change-Id: I438a79748b9b408ec1101271d96c60d84028b57e
2017-07-11Remove hardcoded enable_load_balancer from Controller roleSteven Hardy2-7/+5
This is associated with the haproxy service, so set the hieradata there instead. This is needed so we can render the controller role template via j2, and also if anyone ever wants to run haproxy on some role other then the Controller. Change-Id: I82b992afe42f6da7788f6efca2366863c3bf68f7 Partially-Implements: blueprint composable-networks
2017-07-11Remove controller specific bootstack_nodeidSteven Hardy1-4/+0
This has been replaced for some time by bootstrap_nodeid which isn't hard-coded to the Controller role. Change-Id: I2c172de13646e5b88cb9930a93ca71fcc990e522 Depends-On: I0a9fced847caf344e5d26b452f1bd40afab8f029
2017-07-11Add PCI to nova compute container for passthrough supportBrent Eagles1-0/+2
Nova's whitelist mechanism requires access to the PCI related directories in the filesystem to service PCI passthrough requests. Change-Id: Icfad1d116662798701228b142e224513f7dd22e2
2017-07-11Allow modprobing from cinder-volume containerJiri Stransky1-0/+1
When using LVM/iSCSI backend, cinder-volume tries to modprobe configfs module. We need the modules dir bind mounted for this to succeed. Co-Authored-By: Gorka Eguileor <geguileo@redhat.com> Change-Id: I7bfeaa66915e663726acdf3458db80821fbd3d6b Closes-Bug: #1701321
2017-07-11LVM in cinder-volume container without udevJiri Stransky1-2/+8
Disabling udev usage from LVM seems to be the only observed working way of running containerized cinder-volume with local LVM backend. I didn't come across reports that not using udev would have negative impact on the functionality. Additional info at https://groups.google.com/forum/#!topic/docker-user/n4Xtvsb4RAw Change-Id: I491795deab0c37d1bad3b50524481e0b76529667 Depends-On: I1bf395a6228dba66fa6bf9b8bcc9f3ac3d922a49 Closes-Bug: #1700982
2017-07-11Don't confuse Heat with empty parameter_defaultsJiri Stransky1-0/+7
Apparently providing completely empty parameter_defaults in an environment file can confuse Heat, and it seems like it doesn't try to deploy any services on the overcloud in the multinode job. See the bug for more details about the bug symptoms. Change-Id: Ia9cb01b48087b78f66004263757590877219f743 Closes-Bug: #1703599
2017-07-10Fixing a bug when setting a password for ODL controllerItzik Brown2-0/+7
Change-Id: I301f73801e95e607ed28992e68528f17843a0b6c Closes-Bug: #1702435
2017-07-10Revert "Revert "Blacklist support for ExtraConfig""James Slagle11-7/+192
There is a Heat patch posted (via Depends-On) that resolves the issue that caused this to be reverted. This reverts the revert and we need to make sure all the upgrades jobs pass before we merge this patch. This reverts commit 69936229f4def703cd44ab164d8d1989c9fa37cb. Closes-Bug: #1699463 implements blueprint disable-deployments Change-Id: Iedf680fddfbfc020d301bec8837a0cb98d481eb5
2017-07-10Merge "Copy only generated puppet files into the container"Jenkins72-214/+627
2017-07-10Replace outdated instruction with link to upstream docMartin André1-57/+2
Beside it's historical value, the instruction in the README-containers file served no purpose and confused users. Link to upstream documentation instead. Change-Id: I86753a613f3d405fc919bb3cc5bd94f29449184d
2017-07-10Use ServerOsCollectConfigData value in outputJames Slagle1-4/+1
Just use the value from the ServerOsCollectConfigData resource in the output instead of recalculating the value for each role via jinja. Change-Id: I4e3bf4f25c9a8f677d5d177eb409594193a86405
2017-07-10Add DeployedServerEnvironmentOutputJames Slagle12-0/+348
Add a new output, DeployedServerEnvionmentOutput, that can be used as the contents of an environment file to input into a services only stack when using split-stack. The parameter simplifies the manual steps needed to deploy split-stack. By default, the resource that generates the output is mapped to OS::Heat::None. implements blueprint split-stack-default Change-Id: I6004cd3f56778f078a69a20e93a0eba0c574b3db
2017-07-10Merge "Modify generic role template to support custom networks"Jenkins2-123/+38
2017-07-10Bind mount needed cert for haproxy for HA tooMartin André1-12/+26
haproxy needs the deployed SSL cert file to function when TLS is enabled. It is also required for the docker-puppet haproxy container since the haproxy puppet module uses a validate_cmd to check the generated config file is valid that fails when the required SSL cert is not present. There is no clean way to disable this feature [1] so we need to bind mount the cert into the container. This commit applies the same change that was applied in Id2df144b678769def204961236624091d4e5c457 for the non-ha case. [1] https://github.com/puppetlabs/puppetlabs-haproxy/blob/4753ea5b2506ee093e9b4c8af6e91201d476d426/manifests/config.pp#L53-L57 Change-Id: I93e1ee86197bcf271f18a62a27c2f350ed3966ea Co-Authored-By: Damien Ciabrini <dciabrin@redhat.com>
2017-07-10Added OvS permission workaround for enabling DPDKSaravanan KR2-0/+32
The vhost sockets sockets are created with qemu permission, but ovs runs with root permission. In order to allow ovs to access vhost sockets reducing the ovs group permission from root to qemu. This is a temprovary workaround, until ovs fixes the permission issue. The script supports both ovs2.6 and ovs2.7 versions. Change-Id: I172956390c19fc9824bf7590cd48bfcf6201191b
2017-07-10Copy only generated puppet files into the containerMartin André72-214/+627
This solves a problem with bind-mounts when the containers are holding files descriptors open. At the same time this makes the template more robust to puppet changes since new config files will be available in the containers without needing to update the templates. Partial-Bug: #1698323 Change-Id: Ia4ad6d77387e3dc354cd131c2f9756939fb8f736
2017-07-08Disable network validation in multinode jobsBen Nemec11-0/+73
Sometimes the infracloud gateway refuses to ping even though everything else is working fine. Since we have coverage of this functionality in the OVB jobs it should be safe to turn it off here so it stops spuriously failing our jobs. We can't just set the resource to OS::Heat::None because there are other resources with dependencies on it. Instead, this adds a noop version of the validation software config that always returns true. Change-Id: I8361bc8be442b45c3ef6bdccdc53598fcb1d9540 Partial-Bug: 1680167
2017-07-08Merge "Add in roles data validation"Jenkins12-3/+152
2017-07-07Merge "Rename CongressApi to Congress (docker)"Jenkins3-7/+7
2017-07-07Merge "Create NIC templates for Neutron Networker composable role"Jenkins4-0/+645
2017-07-07Merge "Add sample usage of StorageMgmt network for compute nodes"Jenkins4-24/+39
2017-07-07Remove ceilometer apache files on upgradePradeep Kilambi2-1/+42
Ceilometer API runs under apache. Since this service is deprecated and disabled in pike, we need to ensure the apache files are removed during upgrade. Change-Id: I0c0913e74396bd463f5a6da46f83512bab77b75e
2017-07-07Add in roles data validationAlex Schultz12-3/+152
With the merging of Iad3e9b215c6f21ba761c8360bb7ed531e34520e6 the roles_data.yaml should be generated with tripleoclient rather than edited. This change adds in a pep8 task to verify that the appropriate role files in roles/ have been modified to match how our default roles_data.yaml is constructed. Additionally this change adds a new tox target called 'genrolesdata' that will all you to automatically generate roles_data.yaml and roles_data_undercloud.yaml Change-Id: I5eb15443a131a122d1a4abf6fc15a3ac3e15941b Related-Blueprint: example-custom-role-environments