aboutsummaryrefslogtreecommitdiffstats
AgeCommit message (Collapse)AuthorFilesLines
2017-07-29Merge "add lbaasv2 to NeutronServicePlugins in octavia containers"Jenkins1-0/+5
2017-07-28Merge "Also log docker-puppet.py puppet output to console"Jenkins1-1/+1
2017-07-28Merge "Enable Zaqar API SSL"Jenkins2-1/+20
2017-07-28Also log docker-puppet.py puppet output to consoleBogdan Dobrelya1-1/+1
Running puppet apply with --logdest syslog results in all the output being redirected to syslog. You get no error messages. In the case where this fails, the subsequent debug task shows nothing useful as there was no stdout/stderr. Also pass --logdest console to docker-puppet's puppet apply so that we get the output for the debug task. Related-Bug: #1707030 Change-Id: I67df5eee9916237420ca646a16e188f26c828c0e Signed-off-by: Bogdan Dobrelya <bdobreli@redhat.com>
2017-07-28Merge "Consistent hostname format env for split-stack"Jenkins3-15/+5
2017-07-27Changing the default port-binding configurationItzik Brown3-2/+55
networking-odl no longer supports the network-topology port binding controller and instead now relies on a pseudo-agent binding controller. This means that each OVS node must be configured with host configuration in OVSDB about which VIF types, network types, functions, etc that this OVS node supports. The end result is this affects where nova and neutron will schedule instances. Changes Include: - Modifying default port binding controller to use pseudo agent - Adds necessary per role parameters to be able to configure host config on a per role basis to allow for heterogenous compute node configurations. Change-Id: I50458abf6a8a6bf724ad97accb6444d9c497d287 Closes-Bug: 1674995 Signed-off-by: Tim Rozet <trozet@redhat.com>
2017-07-27Add 'ovn-controller' serviceNuman Siddique12-15/+54
Presently the ovn-controller service (puppet/services/neutron-compute-plugin-ovn.yaml) is started only on compute nodes. But for the cases where the controller nodes provide the north/south traffic, we need ovn-controller service runninng in controller nodes as well. This patch - Renames the neutron-compute-plugin-ovn.yaml to ovn-controller.yaml which makes more sense and sets the service name as 'ovn-controller'. - Adds the service 'ovn-controller' to Controller and Compute roles. - Adds the missing 'upgrade_tasks' section in ovn-dbs.yaml and ovn-controller.yaml Depends-On: Ie3f09dc70a582f3d14de093043e232820f837bc3 Depends-On: Ide11569d81f5f28bafccc168b624be505174fc53 Change-Id: Ib7747406213d18fd65b86820c1f86ee7c39f7cf5
2017-07-27Also log puppet output to consoleJames Slagle1-1/+1
Running puppet apply with --logdest syslog results in all the output being redirected to syslog. You get no error messages. In the case where this ansible task fails, the subsequent debug task shows nothing useful as there was no stdout/stderr. Also pass --logdest console to puppet apply so that we get the output for the debug task. My local testing showed that when specifying logdest twice, both values were honored, and the output went to syslog and the console. Change-Id: Id5212b3ed27b6299e33e81ecf71ead554f9bdd29 Closes-Bug: #1707030
2017-07-27Generate MySQL client config if service requires databaseDamien Ciabrini44-116/+359
Services that access database have to read an extra MySQL configuration file /etc/my.cnf.d/tripleo.cnf which holds client-only settings, like client bind address and SSL configuration. The configuration file is thus used by containerized services, but also by non-containerized services that still run on the host. In order to generate that client configuration file appropriately both on the host and for containers, 1) the MySQLClient service must be included by the role; 2) every containerized service which uses the database must include the mysql::client profile in the docker-puppet config generation step. By including the mysql::client profile in each containerized service, we ensure that any change in configuration file will be reflected in the service's /var/lib/config-data/{service}, and that paunch will restart the service's container automatically. We now only rely on MySQLClient from puppet/services, to make it possible to generate /etc/my.cnf.d/tripleo.cnf on the host, and to set the hiera keys that drive the generation of that config file in containers via docker-puppet. We include a new YAML validation step to ensure that any service which depends on MySQL will initialize the mysql::client profile during the docker-puppet step. Change-Id: I0dab1dc9caef1e749f1c42cfefeba179caebc8d7
2017-07-27Fix iscsid role data's sectionDamien Ciabrini1-1/+1
The iscsid service definition has a typo, config_setting should read config_settings Change-Id: I12605dba61fd5f6ce80c3ab78e883ed5ebf3ca62
2017-07-27Add environment for setting a custom domain nameBen Nemec4-4/+54
Just setting CloudDomain won't make the domains used consistent. There are a number of CloudName parameters that must be set as well. This change adds a sample environment that includes all of those parameters so it is easy to set everything consistently. Also fixes the description of CloudNameCtlplane to reflect the actual use for that parameter. Change-Id: I56d1c1c5619f83c16c4e8350aa84fccc3d748425
2017-07-27Merge "Add PCI to nova compute container for passthrough support"Jenkins1-0/+2
2017-07-27Merge "Enable libvirtd_config puppet tag in nova-libvirtd docker service"Jenkins1-1/+1
2017-07-27Enable Zaqar API SSLThomas Herve2-1/+20
This sets the SSL flag in the docker service and expose the parameter in the docker service. Depends-On: I4c68a662c2433398249f770ac50ba0791449fe71 Change-Id: Ic3df2b9ab7432ffbed5434943e04085a781774a0
2017-07-27Merge "Deploy Ceph in containers using ceph-ansible via external workflow"Jenkins7-0/+453
2017-07-27Merge "Make collectd run as root inside the container"Jenkins1-1/+3
2017-07-27Merge "Adding Tuned Service"Jenkins19-3/+75
2017-07-26Merge "aodh: add gnocchi_external_project_owner config"Jenkins1-0/+5
2017-07-26Merge "Fix enable-ceph sample environment"Jenkins3-0/+12
2017-07-26Deploy Ceph in containers using ceph-ansible via external workflowGiulio Fidente7-0/+453
Add docker profiles to deploy Ceph in containers via ceph-ansible. This is implemented by triggering a Mistral workflow during one of the overcloud deployment steps, as provided by [1]. Some new service-specific parameters are available to determine the workflow to execute and the ansible playbook to use. A new `CephAnsibleExtraConfig` parameter can be used to provide arbitrary config variables consumed by `ceph-ansible`. The pre-existing template params consumed up until the Pike release to drive `puppet-ceph` continue to work and are translated, when possible, into the equivalent `ceph-ansible` variable. A new environment file is added to enable use of ceph-ansible; the pre-existing puppet-ceph implementation remains unchanged and usable for non-containerized deployments. 1. https://review.openstack.org/#/c/463324/ Change-Id: I81d44a1e198c83a4ef8b109b4eb6c611555dcdc5
2017-07-26Merge "Provides Ceph config into OpenStack clients"Jenkins7-20/+59
2017-07-26Adds environment file for ODL + SRIOVTim Rozet2-0/+32
Using the separate neutron-opendaylight and SRIOV env files do not work because sriov includes using OVS agent (which ODL does not want or need) and the default ODL env file has no Compute ML2 because it is not needed. Thus a new environment file is needed for deploying these 2 features in combination. Closes-Bug: 1696667 Change-Id: I6f7a9368aa521de928c269619278c30acda03799 Signed-off-by: Tim Rozet <trozet@redhat.com>
2017-07-26Render isolated network templates using jinja2Dan Sneddon7-17/+337
This change adds templates that are used to create network and port definition templates for each network that is defined in network_data.yaml. In order to render the templates, additional fields have been added to the network_data.yaml file. If this optional data is present, it will be used to populate the default parameter values in the network template. The only required parameters in the network_data.yaml file is the network name. If the network will have IPv6 addresses, then ipv6: true must be set on the network. The existing networks have been modeled in the network_data.yaml, but until these templates are removed from the j2_excludes.yaml file they will not be generated on the fly. Any additional networks will have templates generated. This change also removes an unnecessary conditional from the networks.j2.yaml file, since InternalApiNetwork doesn't need to be reformatted as InternalNetwork (it's only used in this one file). A follow-up patch will remove the existing network definitions so all networks are created dynamically. Change-Id: If074f87494a46305c990a0ea332c7b576d3c6ed8 Depends-On: Iab8aca2f1fcaba0c8f109717a4b3068f629c9aab Partially-Implements: blueprint composable-networks
2017-07-26Merge "Stop Heat WSGI services on docker upgrade"Jenkins3-5/+39
2017-07-26Merge "Ps Cinder: Added support for password less login"Jenkins3-0/+9
2017-07-26Fix enable-ceph sample environmentBen Nemec3-0/+12
The necessary resource registry entries were missing from this env and the old environment was not deprecated. Change-Id: I6a9b148514fc5da1f96b9fd7fe09f564c2f82419
2017-07-26Merge "Replace outdated instruction with link to upstream doc"Jenkins1-57/+2
2017-07-26Merge "Add parameters for Veritas HyperScale distributed setup."Jenkins2-2/+45
2017-07-26Merge "Open up firewall for the control-ports in the bundles"Jenkins3-1/+26
2017-07-26Merge "Add NodeTLSData to generic role.role.j2.yaml"Jenkins1-2/+29
2017-07-26Merge "Make various password descriptions consistent"Jenkins17-22/+18
2017-07-26Merge "Stop also openstack-swift-object-expirer when upgrading swift services"Jenkins2-0/+2
2017-07-26Noop controller pre and post config resources.Marius Cornea1-0/+2
This change sets the ControllerPreConfig and ControllerPostConfig resources to OS::Heat::None in order to avoid setting the cluster to maintenance mode while upgrading to the docker architecture. Closes-Bug: 1706594 Change-Id: Ibd69670d1617b73a8621b8fd4243041891a96747
2017-07-26Merge "Contrail network realignement + DPDK enablement"Jenkins29-2823/+847
2017-07-26Merge "Add keystone cron container to run token_flush"Jenkins1-0/+26
2017-07-26Merge "nova_api_cron docker fix: add /var/spool/cron/nova"Jenkins1-4/+20
2017-07-26Merge "Add containerized manila-share to CI"Jenkins1-2/+1
2017-07-26Fix creation of iptables rules for non-HA containerized HAproxyDamien Ciabrini2-2/+39
The introduction of I90253412a5e2cd8e56e74cce3548064c06d022b1 broke the HAproxy service due to some HAproxy-specific iptables rules being executed during the puppet config step. Ensure that no iptables call is performed during the generation of configuration files. Move those calls to step 1, as implemented in the pacemaker-based HAproxy service (Ib5a083ba3299a82645f1a0f9da0d482c6b89ee23). Depends-On: I2d6274d061039a9793ad162ed8e750bd87bf71e9 Closes-Bug: #1697921 Change-Id: Ica3a432ff4a9e7a46df22cddba9ad96e1390b665
2017-07-25Add NodeTLSData to generic role.role.j2.yamlSteven Hardy1-2/+29
This is currently included in the controller-role template, so we need to add it to the generic role.role.j2.yaml in order to convert the controller-role template to be rendered via j2 Change-Id: I01bf01c8a31e4cc26f202dd1774845ec33f50bcd Partially-Implements: blueprint composable-networks
2017-07-26Don't curl metadata server in userdata exampleSteve Baker1-2/+1
The metadata server is switched off in I45ae6d0e3726cc71c7dc35a9a47da8b7a0bab9cb, so this example has been updated to use os-apply-config to fetch the ssh key instead. Change-Id: I82b05f9b35ffc6ea2cee9a64d5702c0404cd47de
2017-07-25Merge "Add cinder cron container to run db purge"Jenkins1-0/+26
2017-07-25Provides Ceph config into OpenStack clientsGiulio Fidente7-20/+59
Given ceph-ansible or puppet-ceph will have created the Ceph config files and keyrings in /etc/ceph on baremetal, this change copies into the OpenStack containers the necessary files for the services to be able to connect to the Ceph cluster. Change-Id: Ibc9964902637429209d4e1c1563b462c60090365
2017-07-25Enable libvirtd_config puppet tag in nova-libvirtd docker serviceOliver Walsh1-1/+1
Required now that https://review.openstack.org/480289 has merged Change-Id: I17f6c9b5a6e2120a53bae296042ece492210597a Related-Bug: #1696504
2017-07-25Merge "Add heat api container to run cron purge_deleted"Jenkins1-0/+25
2017-07-25Adding Tuned ServiceJoe Talerico19-3/+75
Allow the user to set a specific Tuned profile on a given host. Defaults to throughput-performance Change-Id: I0c66193d2733b7a82ad44b1cd0d2187dd732065a
2017-07-25Contrail network realignement + DPDK enablementMichael Henkel29-2823/+847
This patch moves Contrail roles communication from public/external to internal_api network for OpenStack API. It also adds the option to enable dpdk. Monolithic firstboot script is broken down into small pre-network and per-node extraconfig scripts Change-Id: I296a3bf60cef6fa950fd71d6e68effe367d1e66b Closes-Bug: 1698422
2017-07-25Merge "Fall back to non-containerized cinder-backup and cinder-volume for HA"Jenkins1-2/+3
2017-07-25add lbaasv2 to NeutronServicePlugins in octavia containersOr Idgar1-0/+5
without lbaasv2 neutron will not be able to load the plugin and communicate with octavia. Change-Id: If44b93703d3c408ae075d73ed695c3edc58fba18
2017-07-25Merge "Modifying Cisco templates to support composable roles"Jenkins1-50/+14
2017-07-25Merge "Increase default RabbitMQ/Erlang TCP timeout from 5 to 15 seconds"Jenkins1-1/+1