aboutsummaryrefslogtreecommitdiffstats
AgeCommit message (Collapse)AuthorFilesLines
2017-07-04Convert role templates to consume roles_data mapSteven Hardy2-101/+113
Currently we only consume the name with a special-case for the disable constraints boolean, but it will be more flexible if we consume the whole roles_data mapping for each role, so that e.g composable networks and other per-role customizations can be expressed in these templates Partially-Implements: blueprint composable-networks Depends-On: Id1249b78b3dd87e91d572ffa31b7a541f3cde2c7 Change-Id: I355534ec456479944f66106e957404a660d8f2d2
2017-07-04Merge "Make ceilometer crontab removal idempotent"Jenkins1-0/+3
2017-07-03Adds docker OpenDaylightTim Rozet5-3/+138
Depends-On: I020550ede0ef981582392cf6c48dd5cb5823a074 Depends-On: I610b07a3c2bcf1c3288f76112a08b81c50e06913 Depends-On: I3d378044b3da5309b60967a12df7800520a254dc Depends-On: I9c32b41ef865a09587f3ebfe8b8a896031fbd285 Depends-On: Ib31bf29bc69f5c58e98b99c3e598b19c99efc77f Change-Id: I36c7390ddb4192e55ee56006fd6e9c5f8704445c Signed-off-by: Tim Rozet <trozet@redhat.com>
2017-07-03Update NovaCompute to consume CephClientKeyKeith Schincke1-6/+9
It is not necessary to get the Ceph key issueing a get-key to the Ceph cluster; this change provides the libvirt key via parameter instead. Change-Id: Iff3dbcb0f1b4d2373570e184e636a71553cea708
2017-07-03Merge "Add ServerIdMap output"Jenkins1-0/+18
2017-07-03Merge "adding --config-dir parameters to neutron containers"Jenkins4-4/+4
2017-07-03Add ComputeHCI role and related validationsGiulio Fidente2-3/+67
The ComputeHCI role is meant to be a copy of the Compute role except it hosts CephOSD and uses StorageMgmt. Change-Id: Ic8fc5e672361a652ef19199a941c87247ca6925d
2017-07-02Merge "Move glance::api::show_multiple_locations within GlanceApi"Jenkins3-48/+13
2017-07-02adding --config-dir parameters to neutron containersOr Idgar4-4/+4
Change-Id: I521e89994e9be6efd335c5809810d9188dc1742f Closes-Bug: #1684908
2017-06-30New environment file to configure containers.Ian Main1-0/+109
This is part of a larger series that changes the interface used for configuring which containers are used. This needs CI and possibly quickstart updates to use this environment file so CI will continue to pass. Change-Id: I125137ba45f608cf84ea0a7146edd744a549d23b Co-Authored-By: Dan Prince <dprince@redhat.com>
2017-06-30Merge "Re-enable default for RoleParameters"Jenkins5-0/+5
2017-06-30Merge "Fix typo in config_volume"Jenkins1-2/+2
2017-06-30Merge "Make NovaWorkers descriptions consistent"Jenkins4-4/+4
2017-06-30Merge "cisco nexus: keep OVS on the Compute"Jenkins1-1/+0
2017-06-30Merge "Ensure boostrap_host_exec runs as root"Jenkins3-0/+20
2017-06-30Merge "scenario001: containerize services for CI"Jenkins1-5/+7
2017-06-30Merge "Add a docker-ha.yaml environment file for containerized HA deployments"Jenkins5-0/+26
2017-06-30Tolerate network errors in pingtest retry logicOliver Walsh1-1/+2
We use ping -w <deadline> -c <count>. This will ping every second until <count> replies are received, or <deadline> is reached, or a network error occurs. With the current retry logic a network error will result in a short tight loop instead of waiting for the network to come up. This change reduces the deadline to 10s, but sleeps 60s between retries. Change-Id: Ib00cff6f843c04a00737b40e3ef3d1560d6e6d2d Related-bug: #1680167
2017-06-30Merge "Force mtime for tar used in container config md5sums"Jenkins1-1/+1
2017-06-30Merge "Add stack_name/ctlplane_service_ips into post-upgrade.j2.yaml"Jenkins1-2/+5
2017-06-30Ensure boostrap_host_exec runs as rootMartin André3-0/+20
This is necessary for accessing the bind mounted hieradata in the container in order to determine if the node is the primary node. With the new validation added to yaml-validate.py, we could spot potential issues in sahara-api and keystone bootstrap tasks. The keystone one is a false positive, as the image defaults to the root user in order to be able to run apache. Still, it is better to be consistent here and specify the root user nonetheless. Change-Id: Ib0ff9748d5406f507261e506c19b96750b10e846 Closes-Bug: #1697917
2017-06-30Fix typo in config_volumeSven Anderson1-2/+2
Change-Id: I6a53a56c534f24cb514d8aeb8cec3d7865b93448
2017-06-30Bind mount needed cert for haproxyMartin André1-0/+12
haproxy needs the deployed SSL cert file to function when TLS is enabled. It is also required for the docker-puppet haproxy container since the haproxy puppet module uses a validate_cmd to check the generated config file is valid that fails when the required SSL cert is not present. There is no clean way to disable this feature [1] so we need to bind mount the cert into the container. [1] https://github.com/puppetlabs/puppetlabs-haproxy/blob/4753ea5b2506ee093e9b4c8af6e91201d476d426/manifests/config.pp#L53-L57 Change-Id: Id2df144b678769def204961236624091d4e5c457
2017-06-30Allow volumes in puppet_config containers specJames Slagle1-1/+1
Mounting host volumes when running containers via puppet_config already works and is supported with docker-puppet.py. However, the validation in yaml-validate.py does not allow it. This patch makes it allowed by the validation. It is sometimes necessary since some puppet modules expect to make persistent file system changes other than just configuration data under /etc. In particular, ironic inspector expects to configure a http and tftp root director with an ipxe configuration. See: https://github.com/openstack/puppet-ironic/blob/master/manifests/inspector.pp These changes would be lost if the value for those directories are not mounted as host volumes. Change-Id: Ie51c653f4c666fbaaef0ea80990e2e61f4b1353b
2017-06-30Merge "Add missing xinetd/rsync container for Swift"Jenkins1-1/+21
2017-06-30Merge "Add detach to docker-toool"Jenkins1-6/+10
2017-06-30Merge "Add README to ci/environments directory"Jenkins1-0/+4
2017-06-30Merge "Add release note for generated sample environments"Jenkins1-0/+21
2017-06-30Merge "Remove ceilometer upgrade from other ceilometer containers"Jenkins2-28/+0
2017-06-29Merge "Add heat parameter for all of config_volume images"Jenkins79-216/+532
2017-06-29cisco nexus: keep OVS on the ComputeGonéri Le Bouder1-1/+0
The Cisco Nexus-UCSM environment relies on OVS for the communication with compute nodes. This is a partial revert of I4c98008107568b3b65decd7640e25c7d2b1ea9ff. Change-Id: I453d4bc83314a76fd779884fb2f8cd1731d2bcaa Related-Bug: #1687597
2017-06-29Add stack_name/ctlplane_service_ips into post-upgrade.j2.yamlSteven Hardy1-2/+5
Upgrades are broken because this was missed from I36a642fbc2076ad9e4a10ffc56d6d16f3ed6f27a and Ia619ab935c66081769e69c53d1ca41925d86abbb Change-Id: I96590e2219df64b94dfecd91d5e25231fc7e514b Related-Bug: #1700755
2017-06-29Force mtime for tar used in container config md5sumsSteven Hardy1-1/+1
The checksum is changing each run because the mtime is different, so force a specific date such that we only compare the directory contents. Change-Id: I5ed2b50176f902d7af12b96e650b67b736d59a4a
2017-06-29Make ceilometer crontab removal idempotentJiri Stransky1-0/+3
When we re-execute an upgrade and the crontab has already been removed, the crontab removal returns 1, saying "no crontab for ceilometer", and the upgrade fails. This change makes the removal idempotent. Change-Id: Ic955fb67bb2f7afde44291f7db3293c88f167566 Closes-Bug: #1701250
2017-06-29scenario001: containerize services for CIEmilien Macchi1-5/+7
Change-Id: I4308032891f0f9f5e93159f4a7ca29dada5850be
2017-06-29Merge "Enable nova-api to run over httpd again"Jenkins2-112/+111
2017-06-29Add missing tags in iscsid upgrade_tasksJiri Stransky1-0/+2
The stat resources weren't executed in step2, and Ansible failed on them being undefined. Change-Id: I93621dd80d97be597eff6b8913ae9d7b2810f837 Closes-Bug: #1701221
2017-06-29Install ansible-pacemaker on O->P upgradeJiri Stransky1-0/+2
This has been omitted in Ocata image, so we need to install this in O->P upgrade again. Change Ic8ce72133c47a4c90d581a0925213877b11a471e adds it to the image, so that we can stop installing it on P->Q upgrade, and start using it for minor updates too. Change-Id: I893792e8d82c716b2f3e7b8878b25ba89ea724f1 Co-Authored-By: Marius Cornea <mcornea@redhat.com> Partial-Bug: #1701208
2017-06-29Add ServerIdMap outputSteven Hardy1-0/+18
This exposes the nova server IDs for each role, and the bootstrap node so that we can add this data to the tripleo dynamic ansible inventory Change-Id: I2fc48eec77210805c0139fa4abcbf4dd721e7c37
2017-06-29Merge "Default docker-puppet.py logging to INFO"Jenkins3-11/+26
2017-06-28Merge "Disable swift middleware ceilometer pipeline by default"Jenkins2-12/+22
2017-06-28Make NeutronEnableDVR parameter consistentBen Nemec1-2/+1
Change-Id: I4bc74ccfa9bd143b203dd9ad97dacddf56949727 Partial-Bug: 1700664
2017-06-28Make Rabbit parameters consistentBen Nemec1-3/+3
The Qdr service appears to have hijacked these parameters for its own use. I don't think it should have done that in the first place, but at least the parameter descriptions need to be kept consistent with the other services. Partial-Bug: 1700664 Change-Id: I6d9a075a99f33e9deacaf5b10a6ea7b0a234b942
2017-06-28Make CephValidationDelay/Retries default consistentBen Nemec2-2/+3
Also fix one instance of ManagementIpSubnet that was missing a description. Change-Id: I7c5b31d9ef464cefee1dd6ae7ebb9c017cbbd894 Partial-Bug: 1700664
2017-06-28Remove ceilometer upgrade from other ceilometer containersPradeep Kilambi2-28/+0
Lets just run the ceilometer upgrade once in central agent container Change-Id: If5e5ca6122f8583c6221bc6b343e483e41f04d29 Closes-bug: #1700056
2017-06-28Enable nova-api to run over httpd againJuan Antonio Osorio Robles2-112/+111
This is needed for TLS everywhere. Change-Id: Iac35b7ddcd8a800901548c75ca8d5083ad17e4d3 Depends-On: I426bfdb9e6c852eb32d10a12e521bb8b47701c41
2017-06-28Default docker-puppet.py logging to INFODan Prince3-11/+26
If you want debug logging you can set the new DockerPuppetDebug heat parameter to 'True'. Change-Id: Iae7bb67379351ea15d61c331867d7005f07ba98e Closes-bug: 1700570
2017-06-28Disable swift middleware ceilometer pipeline by defaultPradeep Kilambi2-12/+22
This generates tons of unnecessary events when gnocchi uses swift backend. We end up filtering most of these anyway. So lets disable this so it doesn't put useless load. Also changing the default project to service as thats what gnocchi uses to authenticate with swift. Closes-bug: #1693339 Change-Id: I40f47d46fdb06f31a739b590bf653bca71e33f61
2017-06-28Add missing xinetd/rsync container for SwiftChristian Schwede1-1/+21
Swift object replication relies on the rsync server, which is run by xinetd. This patch adds the missing container and configuration. Note that xinetd needs bind to a privileged port (873) and has to be started as root therefore. Change-Id: I7655c9dd116c0130035d8a2fae81148171ae6448
2017-06-28Add heat parameter for all of config_volume imagesMartin André79-216/+532
This commit consistently defines a heat template parameter in the form of DockerXXXConfigImage where XXX represents the name of the config_volume that is used by docker-puppet. The goal is to mitigate hard to debug errors where the templates would set different defaults for the image docker-puppet.py uses to run, for the same config_volume name. This fixes a couple of inconsistencies on the way. Change-Id: I212020a76622a03521385a6cae4ce73e51ce5b6b Closes-Bug: #1699791