aboutsummaryrefslogtreecommitdiffstats
AgeCommit message (Collapse)AuthorFilesLines
2016-07-29Enable keystone to use the SSL middlewareJuan Antonio Osorio Robles1-2/+1
The http_proxy_to_wsgi middleware was recently added to keystone as default in the pipeline [1]. So this takes it into use instead of the non-standard option we were using before, which will be deprecated. We already enable this middleware for nova, cinder and heat. [1] Iad628a863e55cbf20c89ef23ebc7527ba8e1a835 Depends-On: I0fec98a6e1d9c8be4d8b8df382b78ba2815790f9 Change-Id: I8c1b84adc828a2b8c9ea11c4e2b8349427b1b206
2016-07-29move hieradata/ceph into ceph-base serviceEmilien Macchi8-12/+17
Part of composable roles work, move hieradata/ceph into the ceph-base profile directly. Also add a comment in all hieradata files to stop adding more data and use composable services. Change-Id: I97cc22a253b547be6b99312b6072f53b428aae2c
2016-07-29Merge "Move constraints to their respective services"Jenkins1-36/+0
2016-07-29Merge "Stop passing charset=utf8 for neutron database connection option"Jenkins2-2/+2
2016-07-29Convert AllNodesConfig hosts config to a mapSteven Hardy2-29/+18
Currently we have hard-coded parameters for each role, but to enable custom roles, we need to pass a generic hosts list that can be joined for all enabled roles. Change-Id: I0606f462ff61c3a541342b63fee7d46ebfd1f4e0 Partially-Implements: blueprint custom-roles
2016-07-29Add EnabledServices output to overcloud.yamlSteven Hardy1-0/+8
This is essentially the same data as defined in the *Services parameter, but it shows what's enabled for all roles in the format output from the service templates, so is useful for debugging, and possibly for things like conditional endpoint generation in future. Change-Id: Ia4b1694e419533b05d2757d2925471cae75fb5b6
2016-07-29Merge "Filter null/None service names"Jenkins1-2/+7
2016-07-29Update heat-agents setup filesFlavio Percoco2-30/+31
This patch moves the image pull step out of the service heat-agent service script to ease the service init process and to make it more reliable. By doing this outside of the service script, it's possible to know when the `firstboot` script failed and report back. It also updates the firstboot yaml file to point to the `tripleoupstream` org. Co-Authored-By: Flavio Percoco <flavio@redhat.com> Co-Authored-By: Martin André <m.andre@redhat.com> Change-Id: I2f0b8092ec69320ee370e1d7d20b8c15c95a1d0d
2016-07-29Add default value for `RoleData`Flavio Percoco1-0/+3
This just adds a default value for `RoleData` in docker/compute-post.yaml Change-Id: I96a01dc22e03980b93b32f0f9990f35b83ecfb24
2016-07-29Move constraints to their respective servicesMichele Baldessari1-36/+0
The openstack-core-then-httpd constraint needs to live in the apache pacemaker manifest and not in the main controller manifest file. The same goes for those specific vsm/cisco neutron resources. Change-Id: Ifce6c253db004a98f8feb51b84a2f1731253f178 Depends-On: I2041d4d163f051427b62eec07b8345ad7006cc1d
2016-07-29Merge "We don't need to set a default for the CephX keys and cluster FSID"Jenkins3-6/+0
2016-07-29Merge "Convert service_name to underscore syntax"Jenkins95-95/+96
2016-07-29Merge "Move nova constraints from controller manifest to each service"Jenkins1-82/+0
2016-07-28We don't need to set a default for the CephX keys and cluster FSIDGiulio Fidente3-6/+0
Change-Id: I28021f27a5adc8433df8abdadf0b571b20674fa6 Partial-Bug: 1607407
2016-07-28Convert service_name to underscore syntaxSteven Hardy95-95/+96
Currently we use hyphens, e.g cinder-api, but in overcloud.yaml we have a lot of references to services (e.g for AllNodesConfig) by underscore, e.g cinder_api. To enable dynamic generation of this data, we need the service name in underscore format. Change-Id: Ief13dfe5d8d7691dfe2534ad5c39d7eacbcb6f70
2016-07-28Merge "Allow to manually disable post-puppet restarts"Jenkins4-13/+34
2016-07-28Merge "Create role for the fake openstack-core resource"Jenkins4-0/+23
2016-07-27Move nova constraints from controller manifest to each serviceMichele Baldessari1-82/+0
Currently we are still creating all the pacemaker constraints for nova in the main overcloud_controller_pacemaker.pp manifest file. Let's move those to each role where they belong. Note that given that a constraint depends on two separate pacemaker resources it is a bit arbitrary in which file they end up being (the one of the first resource or the second one). Depends-On: I96a3a313d15fac820b020feae0568437c2cbade3 Change-Id: I4f15485b1f355b3b38fc6c16552f204aa8bba7bc
2016-07-27Create role for the fake openstack-core resourceGiulio Fidente4-0/+23
Change-Id: Iacd94294b8a66bc082bb2b3e8d3364ec1bf053b8 Depends-On: I16a786ce167c57848551c7245f4344c382c55b3d
2016-07-27Migrate Puppet Hieradata to composable servicesEmilien Macchi42-302/+242
Migrate puppet/hieradata/*.yaml parameters to puppet/services/*.yaml except for some services that are not composable yet. Co-Authored-By: Juan Antonio Osorio Robles <jaosorior@redhat.com> Change-Id: I7e5f8b18ee9aa63a1dffc6facaf88315b07d5fd7
2016-07-27Move *Flavor parameters into per-role templatesSteven Hardy6-44/+14
We have some inconsistent naming here, but move them with their current names for backwards compatibility, we can address the deprecation of the inconsistent names at a future time. This is required to enable jinja templating of roles in overcloud.yaml Change-Id: I2ea673d9bc52967f9b7c25555059b964abf66966 Partially-Implements: blueprint custom-roles
2016-07-27Move *Image parameters into role templatesSteven Hardy6-45/+19
We've got some inconsistent naming here, but I'm not attempting to fix that yet, only move the current parameters inside each role template. This should be backwards compatible because the parameter names don't change, but also enable progress on custom-roles. We can figure out a strategy for deprecating these and aligning per-role parameter naming in a subsequent patch. Also moves ImageUpdatePolicy, which wasn't consistently passed to all roles anyway, and aligns the default image and constraints for each role. Change-Id: I85ec979934df220acbab9f7c3a6055f23e3bfc29 Partially-Implements: blueprint custom-roles
2016-07-27Remove KeyName parameter from overcloud templateSteven Hardy1-10/+0
This is already defined in all the per-role templates and is passed via parameter_defaults: Change-Id: Ifde54d3d29a3f0754f0f05740d6b6030aa871d38 Partially-Implements: blueprint custom-roles
2016-07-27Move per-role *SchedulerHints parameters into role templatesSteven Hardy6-35/+10
To enable custom roles, move these into the role templates where they can be passed via parameter defaults. Because the Compute role uses an inconsistent NovaCompute naming, these parameters cannot be generated in overcloud.yaml, so moving them enables backwards compatibility to be maintained when we move to a fully jinja generated overcloud (e.g including the role ResourceGroup resources) Change-Id: I3f9b2275f2b1daeb8b83f09548a089dadcfe9eee Partially-Implements: blueprint custom-roles
2016-07-27Remove some properties from overcloud.yaml Controller groupSteven Hardy1-127/+1
Remove those parameters which simply shadow parameters defined in puppet/controller.yaml, these can be passed via parameter_defaults, which is the default. The remaining properties are more tricky so will be handled via subsequent patches. Partially-Implements: blueprint custom-roles Change-Id: I9bbbd12631de8cb1ad83e265f6ddc9e942dff9ab
2016-07-27Filter null/None service namesSteven Hardy1-2/+7
To enable use of the service_names lists in overcloud.yaml we need to strip any null/None values or list processing becomes cumbersome. These happen because we're currently disabling some services via OS::Heat::None in the resource_registry, it may be possible to remove when we've got a fully composable approach to generating the *Services lists. Change-Id: I8ef53b4279d93850c207c73aab0d75095a2497a2 Partially-Implements: blueprint custom-roles
2016-07-26Force a tty for sudo in get-occ-config.shJames Slagle1-1/+1
This script will sometimes fail with "you must have a tty to run sudo" depending on how it was executed. Add -tt to the $SSH_OPTIONS to always force a tty. Change-Id: Ic1144b9ba90d4af35db826a78e637da965569841 Closes-Bug: #1606544
2016-07-26Merge "Set MDS/OSD firewall ports from ceph-osd template"Jenkins2-3/+7
2016-07-26Merge "Cleanup templates from the shared CephCluster config"Jenkins4-62/+16
2016-07-25Merge "Composable firewall rules"Jenkins28-124/+159
2016-07-25Merge "Convert Swift ringbuilder to composable services format"Jenkins10-169/+44
2016-07-25Merge "Explicitly set nova and neutron host on controllers"Jenkins3-4/+3
2016-07-25Merge "Remove tenant_id from nova v2.1 endpoint"Jenkins2-6/+6
2016-07-25Set MDS/OSD firewall ports from ceph-osd templateGiulio Fidente2-3/+7
Change-Id: Ie8d1678e6e32271ff31ea9dd7fcf7ef9e8956b86
2016-07-25Composable firewall rulesDan Prince28-124/+159
Split out the firewall rules in puppet/hieradata/controller.yaml into the composable services Depends-On: Id370362ab57347b75b1ab25afda877885b047263 Change-Id: Icaecab100d3f278035fbbb3facb9bf6c62c76c03
2016-07-25Cleanup templates from the shared CephCluster configGiulio Fidente4-62/+16
Removes from the templates the old CephCluster configuration and deployment which before roles was distributing the shared settings for the Ceph cluster configuration. Change-Id: Ia704f5d7add85e52dd477f4bc758aa0a02e4b39b
2016-07-25Convert Swift ringbuilder to composable services formatSteven Hardy10-169/+44
This moves the ringbuilder puppet code to puppet-tripleo and migrates to the composable services format. Closes-Bug: #1601857 Change-Id: I0ea2230072d3ff61a4047ffff1f4187951370f67 Depends-On: I427f0b5ee93a0870d43419009178e0690ac66bd6
2016-07-25Merge "Move nova::db data within service template"Jenkins10-37/+55
2016-07-23Merge "Fixes type and description for NeutronL3HA"Jenkins2-3/+8
2016-07-22Merge "Remove unused redis_vip parameter"Jenkins1-2/+1
2016-07-22Merge "Move mysql::host param from MysqlInternal to MysqlNoBracketsInternal"Jenkins7-7/+7
2016-07-22Move nova::db data within service templateGiulio Fidente10-37/+55
Change-Id: I86752248e59a2e98f8ff9b2c5998839f9ade4779
2016-07-22Add 'service_name' to composable servicesDan Prince123-3/+185
This patch adds a new service_name section to each composable service. We now have an explicit unit test check to ensure that service_name exists in tools/yaml-validate.py. This patch also wires service_names into hieradata on each of the roles so that tools can access the deployed services locally during deployment and upgrades. Change-Id: I60861c5aa760534db3e314bba16a13b90ea72f0c
2016-07-21Merge "Deploy Horizon with composable apache service"Jenkins3-5/+29
2016-07-21Fixes type and description for NeutronL3HATim Rozet2-3/+8
puppet-neutron takes this variable as boolean. Although it doesn't change the behavior in master (because the variable is used directly as config), in mitaka it is used as a conditional and should be properly fixed. Also a fix is needed in python-tripleoclient because it is hard coded to be True there based on number of controllers being greater than 1. Therefore we shoudl remove that logic from tripleoclient and implement it in THT. In order to do that the pacemaker version of the variable is defaulted to true. Partial-Bug: 1605379 Change-Id: I0b797dbe188382e2dc32506913aaa60a0a21bd68 Signed-off-by: Tim Rozet <trozet@redhat.com>
2016-07-21Explicitly set nova and neutron host on controllersBen Nemec3-4/+3
In I7d07c57b7276815c72d08acaa86f673e43eb0498 we set this for compute nodes, but we also need it for controllers. Otherwise when a controller reboots it may come back up with a different host value, which seems to break networking for anything that was created before the reboot. In my case, it changes from the short hostname (without domain name) to the fqdn. Since we set it to fqdn for the compute nodes, let's do the same for controllers. This moves all of the host setting to the base yaml of the nova and neutron profiles. Change-Id: Ieb793b9e9fd2dfc98584691412f9991aa99e0b47 Closes-Bug: 1604907
2016-07-21Move mysql::host param from MysqlInternal to MysqlNoBracketsInternalGiulio Fidente7-7/+7
The ::host parameter expects IPv6 addresses withouth brackets; this change aligns the remaining services to use MysqlNoBracketsInternal as it happens already for the others (eg. Keystone). Change-Id: Ia72d325447408b1cb5fea836034bbcd75d17ddf1
2016-07-21Merge "Remove ::nova::cron::archive_deleted_rows"Jenkins4-16/+3
2016-07-21Deploy Horizon with composable apache serviceEmilien Macchi3-5/+29
Deploy Horizon with composable apache service and don't include: ::tripleo::profile::pacemaker::apache Because it's already included in the profiles in puppet-tripleo. Change-Id: I5382d5cc95ba10805019142a9a223dbd4a4b8074 Depends-On: Id28c618133e53e28dfac7e3e9cf9f5f5a6b2421a
2016-07-21Merge "Include new apache pacemaker profile"Jenkins1-8/+4