Age | Commit message (Collapse) | Author | Files | Lines |
|
|
|
This will hopefully help developers know what to do if their patch fails
this verification.
Change-Id: I01fe9ca30295c6264affdbdb773b039a744289ea
|
|
Change-Id: I72aa48c72c825151739cb478c58e9a6c841c9130
|
|
This adds an entry for libvirt (which is used by the VNC server) on
which we can tell it via t-h-t on which IP address to listen on.
Change-Id: Ie377c09734e9f6170daa519aed69c53fc67c366b
Related-Bug: #1660099
|
|
novajoin will do this once it's enabled in CI.
Change-Id: I9f19d833f306930704b09de0c4d425461f1f3f63
|
|
This needs to be run by puppet or ansible runs it as root and the
later run by puppet fails due to permissions on the logfile.
Probably we need to remove the *sync calls for most services to
avoid similar issues, now that we're running puppet as part of the
pre-converge upgrade process but that will be done in another patch.
Change-Id: I808db2c175325a25058226842684558ea06fb5c5
Partially-Implements: blueprint overcloud-upgrades-per-service
|
|
We are not running syntax and lint jobs in THT for master & newton,
let's remove useless files.
Change-Id: Ia572a0eb8872ab199bc68a51750dfc17ca5ee034
|
|
Recently puppet4 started deprecating ruby 2.0 with the following
commit: https://github.com/puppetlabs/puppet/commit/e9eda7ed56fddcf185fc155d7e0ae054ea327504
One way to work-around this (in the absence of a more recent ruby
version) is to not treat this deprecation warnings as fatal when
doing the puppet syntax check
Change-Id: Id49c5068ab4609e3da0417af4714e8cb8485f3d1
Closes-Bug: #1660943
|
|
So, if RabbitClientUseSSL is set, this will enable TLS for the
swift's ceilometer message broker connection.
Change-Id: Ide70a509aefc9e7eb9d7cc5b3a60520fa42b4010
Depends-On: I8b7457b6233c4f88af2d7bc1b9304fcccb6edf61
|
|
|
|
|
|
|
|
The multinode_major_upgrade scenario is using an external
directory for net-config.
Moving this to the internal directory in tht common/
Change-Id: I41692d2ddb9fbd2002fd7910933ab4edff74f33e
|
|
|
|
Initial service definition files for Octavia backend services.
Change-Id: I1ae2bc0387dff5218f731f1860277dc1ad2b9528
Partially-implements: blueprint octavia-service-integration
Depends-On: Ic6f945cdf36744382a4a63fcc374d5562964ca68
Depends-On: I1dd1873b646e8569ed0a85c5ee7eb3bec3a8b1fa
|
|
|
|
This patch rewires how we configure the Kolla external config files
via Heat templates and uses a more simple json-file heat hook to
directly write out Kolla config files to disk.
By using a heat hook instead of a shell script we can avoid
Json conversion issues. Additionally, This generic json file hook will
be useful for other ad-hoc Json file configuration within the TripleO
docker architecture.
Co-Authored-By: Martin André <m.andre@redhat.com>
Change-Id: I8c72a4a9a7022f722bfe1cef3e18517605720cce
Depends-On: I2b372ac2e291339e436202c9fe58a681ed6a743f
Depends-On: Id3f779b11e23fd3122ef29b7ccbae116667d4520
|
|
|
|
|
|
Continue the work done on https://review.openstack.org/#/c/423302/
Change-Id: I931534e0ec33e131809186f74068eb479d38a0f9
|
|
|
|
|
|
If TLS in the internal network is enabled, we run neutron-server
behind a TLS proxy (which is actually httpd's mod_proxy). This passes
the necessary hieradata.
bp tls-via-certmonger
Depends-On: I6dfbf49f45aef9f47e58b5c0dbedd2b4e239979e
Change-Id: I9252512dbf9cf2e3eec50c41bf10629d36070bbd
|
|
Full credits to James Slagle, author of this code in TripleO CI:
https://review.openstack.org/#/c/409346
This patch adds a new template for configuring networking on the
Overcloud nodes using os-net-config in multinode jobs. Previously we
were not using os-net-config at all.
Also updates the multinode.yaml environment to use this network config
template.
The IP of each subnode is used when the vxlan tunnels are configured in
OVS, given that, each node needs its own unique network configuration.
To accomodate that, the templates makes use of the network_config_hook
function to influence run-os-net-config.sh
This patch is just the first step to totally switching to os-net-config
in multinode jobs. The devstack-gate code is still in use to bootstrap
the initial networking on the undercloud and subnodes. That will be
switched over in subsequent patches.
Change-Id: I6efa71eb23109d0b3b480061135c572ab89f5981
Co-Authorized-By: James Slagle <jslagle@redhat.com>
Implements: blueprint multinode-ci-os-net-config
|
|
This replicates the behavior of the custom Jinja2 loader from tripleo-common to
allow template validation on the local filesystem using tox.
Change-Id: I27683ab31187c6334dc5b4b5363a3347874b9a90
Partially-Implements: blueprint overcloud-upgrades-per-service
Depends-On: Idc5c3f49c7a2fc7f3622c76da001992cc657384e
|
|
This patch allows the management of the AuditD service and its associated
files (such as `audit.rules`)
This is achieved by means of the `puppet-auditd` puppet module.
Also places ssh banner capabilities map on top of patch
Change-Id: Ib8bb52dde88304cb58b051bced9779c97a314d0d
Depends-On: Ie31c063b674075e35e1bfa28d1fc07f3f897407b
|
|
|
|
|
|
Adds a step0 for most services to check that the state is running
before continuing with any of the other upgrades steps (these are
tagged step0).
You can skip this service check by overriding the
SkipUpgradeConfigTags parameter as follows:
parameter_defaults:
SkipUpgradeConfigTags: validation
Co-Authored-By: Steven Hardy <shardy@redhat.com>
Change-Id: Ie276f153015f671b720b6ed5beaac1b921661909
|
|
When replacing a controller node, Exec['wait-for-settle'] needs to
timeout, which means that the command pcs cluster auth will be executed
360 times with 10 seconds in between. So that means waiting for an hour
for no reason. Let's allow to override the settle_tries counter so
an operator can shorten it accordingly.
Tested this by setting CorosyncSettleTries to 100 and I correctly get
proper hiera settings:
$ hiera pacemaker::corosync::settle_tries
100
And effectively we try a number of 100 times as opposed to the 360
default:
/Stage[main]/Pacemaker::Corosync/Exec[reauthenticate-across-all-nodes]/returns
(debug): Exec try 1/100
Change-Id: I5e21b4215cb0b8686d2059b3d71e2444a96719dc
Closes-Bug: #1659741
|
|
|
|
|
|
|
|
|
|
Allow to deploy 2 different nodes with Neutron and another with Horizon.
Horizon will get the right hieradata to collect the mechanism driver and
configure the dashboard correctly.
Change-Id: I24621f6a7d053cff487984bab0d10a4a97204675
Closes-Bug: 1659662
|
|
|
|
This is similar to the bootstrap for CentOS, except we don't set SELinux
to permissive on RHEL.
Change-Id: I52b8fa017ee2821d2fa91e5ec806a55fcb92566d
Partially-implements: blueprint split-stack-software-configuration
|
|
|
|
This flag is quite old and doesnt work as expected anymore.
Let ceilometer upgrade create these reource types instead.
Change-Id: I71ea6e2fd9418095de658d709c14bb3006ca2753
|
|
|
|
|
|
|
|
|
|
|
|
Implements minor upgrade of the ceph-radosgw service.
Change-Id: I4c064bf996ec6bb7eba41ab6384bd953a8ec920f
Partially-Implements: blueprint overcloud-upgrades-per-service
|
|
Adds an initial release note for composable upgrades - I had to be
vague in the upgrades section as we're still working out some details
of the final upgrade workflow for all roles.
Change-Id: Iac0af86f3b56a07070a9d24b1255953f5fd07b34
|
|
|
|
The 'ceph' metapackage is only provided by some repos so we should
not explicitly pull it.
Also adds a validation step to the CephMon and CephOSD roles to
stop upgrade if the Ceph cluster is in error state.
Change-Id: I5aa275677ada47a352a327b9be21927b852d16f3
|
|
|
|
|