| Age | Commit message (Collapse) | Author | Files | Lines |
|---|
|
|
|
panko is enabled by default, we might as well make it
the default dispatcher along with gnocchi.
Closes-bug: #1676900
Change-Id: Icb6c98ed0810724e4445d78f3d34d8b71db826ae
(cherry picked from commit 568573b9b054c3804d9d1be2ce6ec2668ca2dbfb)
|
|
stable/ocata
|
|
In [1] we removed the previously used special case upgrade code.
However we have since discovered that for openvswitch 2.5.0-14
the special case is still required with an extra flag to prevent
the restart. This adds the upgrade code back into the minor
update and 'manual upgrade' scripts for compute/swift. The
review at If998704b3c4199bbae8a1d068c31a71763f5c8a2 is adding
this logic for the ansible upgrade steps.
Related-Bug: 1669714
[1] https://review.openstack.org/#/q/59e5f9597eb37f69045e470eb457b878728477d7
Change-Id: I3e5899e2d831b89745b2f37e61ff69dbf83ff595
(cherry picked from commit 25983882c2f7a8e8f8fb83bd967a67d008a556a4)
|
|
stable/ocata
|
|
|
|
During upgrade the cell0 database has the connection pointing to
mysql+pymysql://nova:c2cdagE8PyAbnpers3AD88Hge@10.0.0.19/nova_cell0?bind_address=10.0.0.20
where 10.0.0.20 was the ip of the bootstrap node. This makes the
nova-api fails on 2/3 node at the end of the
major-upgrade-composable-steps.yaml step.
We do have the right value in the hiera database so make sure we use
it for cell0 creation and not the nova.conf file which hasn't been
updated yet.
Change-Id: I09775206cb8fc5e15934f7e4475506a7fe17271e
Closes-Bug: #1675359
(cherry picked from commit c9c3813b6a0811a262068d0aab28d0bd535be3e1)
|
|
|
|
stable/ocata
|
|
This change ensures that that openstack-nova-compute is
stopped and disabled during the upgrade process.
Closes-Bug: 1675814
Change-Id: Ifd2557b11e4317f1e76e459e8de4162116578eff
(cherry picked from commit 276aca7a8145570301e566a8fb3253f57601d171)
|
|
Attempt to check galera's cluster status fails when galera service
is not running on the same node.
Change-Id: I27fb0841d85cd0dc86e92ac2e21eedf5f8f863ab
Closes-Bug: #1677574
(cherry picked from commit d39c952fd3150d24c9e01c15806181715d0760f8 )
|
|
into stable/ocata
|
|
|
|
|
|
stable/ocata
|
|
|
|
|
|
This patch again removes hard coded role references to
the overcloud.yaml template that was added in
fd15a091f7ab6927833275df17b96ecacc2b1827. This
breaks the composable undercloud work (undercloud-containers ci job as
well).
Change-Id: Ie30b2573dc4d2b45ebc0afc0e0d73bfdf41e4d4b
Closes-bug: #1676528
(cherry picked from commit f7f1a8a6d8cfd4c78ffd256497b32daa5908641e)
|
|
stable/ocata
|
|
Bug #1611800 fixed an upgrade issue by enabling purging configs for
some services, but this causes issues such as longer updates and
restarting services in the minor update case, so only do this for
major upgrades, and default to false.
Conflicts: (don't exist on this branch)
environments/major-upgrade-composable-steps-docker.yaml
environments/major-upgrade-converge-docker.yaml
Related-Bug: #1611800
Closes-Bug: #1674858
Change-Id: Iff7d715f6730c5633f1146008504b4309ef3133d
(cherry picked from commit 947a7148e807e74daf9e30e4e8c891d5bdacc69f)
|
|
A side-effect of running map_cell_and_hosts is that a default cell is created
(unless host mappings already exists).
As we are explicitly creating the default cell we need to run discover_hosts
to create the host mappings.
Change-Id: I1a28e9b85a7c43561700faf692248c5fc06b8ad8
Closes-Bug: #1675418
(cherry picked from commit ab4adb9fb1b1ba003a8045ce4c3879f88ea243b3)
|
|
Adds default nic config mappings when using the deployed-server custom
roles data at deployed-server/deployed-server-roles-data.yaml.
Previously there were no default mappings as the hardcoded mapping for
the Controller role from overcloud-resource-registry-puppet.j2.yaml
would not be used since there is no Controller role when using
deployed-server.
The default mapping is net-config-static.yaml instead of
net-config-noop.yaml, since there is no requirement of a L2 domain for
dhcp between undercloud and overcloud nodes when using deployed-server.
The convenience mapping of ControllerDeployedServer to
net-config-static-bridge.yaml is also added so that out of the box the
roles with controller services will get the right bridge created.
The mappings can always be overridden in later environment files if
needed.
Change-Id: I581fec99b459a12512686e47b10b962756652eb3
Closes-Bug: #1670493
Depends-On: Ib681729cc2728ca4b0486c14166b6b702edfcaab
(cherry picked from commit cdbf1ca1918af649d1079ee07a9303059c9723ed)
|
|
|
|
|
|
We should sort the results by resource_name when listing resources in
the ResourceGroup stack in get-occ-config.sh, as the order is not
guaranteed. We want the order to always be numerical ascending by
resource_name (which are just integers starting at 0).
Change-Id: Iccef81e4dfd9586e0030f20bdde131d1a885eb19
Closes-Bug: #1665458
(cherry picked from commit c5e5d21a61808f7c09b85a2750a905bb57b54be1)
|
|
|
|
When the firewall is enabled with ipv6, the default rules set is
taken as not ipv6 firewall was present for Newton. This make
communication impossible until puppet is run again.
This ensures that no rules are loaded when the firewall is enabled.
This mimic this patch[1]
[1] https://github.com/openstack/tripleo-heat-templates/commit/ae8aac36143d5dadb08af0d275f513678909dcc7
Change-Id: Id878b5caae666a799c89c8466ce46b9ecb86d9f7
Closes-Bug: #1675782
(cherry picked from commit 670399a2caeecd9259bea454e9518ab6c92cff49)
|
|
The restart of openstack-nova-compute takes place before crudini set
the password, user_domain and project_name get set.
Change-Id: I57b54d5f59d5803d7ad4e399d598f699785a5825
Closes-Bug: #1675739
Co-Authored-By: Oliver Walsh <owalsh@redhat.com>
(cherry picked from commit bfd485406d8f3847b1969579ebbdaa912c592a4a)
|
|
This feature stopped working somewhere along the lines. In the past it
was working with parameter_defaults like this:
CinderNfsServers: '10.0.0.254:/srv/nfs/cinder'
or
CinderNfsServers: "[fd00:fd00:fd00:3000::1]:/srv/nfs/cinder"
The problem was that the templating escaped these strings, and
puppet-tripleo didn't receive a proper array, but a string.
This patch fixes this. It accepts strings as above as well as
comma-delimited lists of Nfs Servers.
Closes-Bug: 1671153
Change-Id: I89439c1d969e92cb8e0503de561e22409deafdfc
(cherry picked from commit 9445b0e0972696e7de1c0a702f456571d12fa964)
|
|
|
|
No other packages actually require openstack-selinux, so it must be
explicity installed.
Change-Id: Ic7b39ddfc4cfb28b8a08e9b02043211e4ca4a39a
Closes-Bug: #1675170
(cherry picked from commit 583a60248f47428542a560a869aab04933512d94)
|
|
stable/ocata
|
|
Firewall config was being inherited by the dpdk service, however
since the firewall service name was the parent (neutron_ovs_agent)
and technically that service was not enabled - the rules were never
applied. This modifies the service name as it is inherited using
map_replace.
Closes-Bug: 1674689
Change-Id: I6676205b8fc1fd578cb2435ad97fe577a9e81d95
Signed-off-by: Tim Rozet <trozet@redhat.com>
(cherry picked from commit 48a38a19347a18d4d35fb22de82136359aae5cb7)
|
|
There is currently an issue where the max open files limit is hit with
MariaDB in noha deployments, because it is defaulted to 1024 by system
limits. In HA deployments the limit is bumped to 16384. This patch
introduces a flag to be able to increase the limit to 16384 for noHA
deployments.
In the future we should change this to be an integer, and let the
operator decide the setting. Since this setting is set in a different
path for HA, we would need to implement a change that allows setting
both (ha and nonha) via the same integer param.
Depends-On: Ia0907b2ab6062a93fb9363e39c86535a490fbaf6
Closes-Bug: #1648181
Related-Bug: #1524809
Change-Id: I95393fc798b833a8575afbff03ef74a839565c5e
Signed-off-by: Tim Rozet <trozet@redhat.com>
(cherry picked from commit 900ddfb27f0dd2afd8345d89a78b624f647b255d)
|
|
services" into stable/ocata
|
|
|
|
The str_replace conversion used previously is no longer needed and
breaks the hieradata value.
Closes-Bug: 1675426
Change-Id: I7a052d1757efe36daf6ed47e55598ca3c2ee9055
Signed-off-by: Tim Rozet <trozet@redhat.com>
(cherry picked from commit ae10ae4a5a21bb58c183aa50f237ffa2d6f14280)
|
|
|
|
Secure EtcdInitialClusterToken parameter by:
* removing the default value.
* make it hidden.
Change-Id: I938af697f9faaadb9c9aeb950e9410db24b1b961
Depends-On: I6e30cce469736e84a3c483fafa29d542b8347ba9
Closes-Bug: #1673266
(cherry picked from commit 55d17ca118d27f16b57424774265f5b3db7b7b52)
|
|
|
|
The default is to deploy v2.0 endpoints, but this is not the recommended
approach. we should instead be using versionless endpoints
Change-Id: Icbfae1c2ff2b7312646fd8e817dd8209220a0d96
Related-Bug: #1667679
(cherry picked from commit 40a50031f37df0f0cde53e3f3c15ffe407fbdcbd)
|
|
Bindep is an automation tool used by openstack-infra to bootstrap a
worker with default packages. This is not needed, since we depend on
puppet to automate this step.
Change-Id: I759614ed0cf1fab5433956ed459419e564590398
Signed-off-by: Paul Belanger <pabelanger@redhat.com>
(cherry picked from commit 209d8f5eac9273372aa44988436ae7f12596cd0d)
|
|
The UpdateDeployment already depends on NetworkDeployment.
We should not run os-net-config unconditionally before update.
Closes-Bug: #1666227
Change-Id: I48cbf5de00d47c6fdad71ff24c00e9db05cec5d5
(cherry picked from commit b19d6306ea582dc31ebfd609475d9ac4e641e278)
|
|
Using keystone_authtoken credentials for this purpose is deprecated, and also
prevents ironic-conductor from being used as a separate role.
Also remove neutron_url, it can be fetched from the catalog instead.
Change-Id: I12822568cb4db31808aec5fd407d71fe4b7b09e0
Depends-On: I21180678bec911f1be36e3b174bae81af042938c
Partial-Bug: #1661250
(cherry picked from commit 91d7d8c46858d42e6cf2354a3be6af6c5bb9c02e)
|
|
stable/ocata
|
|
There were multiple issues in retry() in rhel-registration:
- There was no need for it to be recursive (local variables
got overwritten)
- There was no delay between multiple attempts, leading to faster but
more frequent failures.
- The max number of attempts was set too low for some environements.
With this patch, rhel-registration now works more reliably with slow-links
for portal registration and does not attempt to DDos the portal or your
satellite server.
Closes-Bug: #1674358
Change-Id: I594d3c94867b45a7a58766dbcc66edead78d6a4e
(cherry picked from commit 038eae089130bc3a814897c0e282223de16f4658)
|
|
When replacing the controller node with resource id 0,
AllNodesValidation will fail because there is an hardcoded reference
to resource.0. With this commit the id for validation is extracted
dynamically with yaql query, picking the first available.
Thanks to Steven Hardy for pointing to the right direction.
Change-Id: I8f2bfacbc005d948bd31ebd51c3d3df3182d5a3c
Closes-Bug: #1673439
|
|
We used to have this in mitaka:
https://github.com/openstack/tripleo-heat-templates/blob/stable/mitaka/puppet/controller-post.yaml#L45
but we lost it along the way. The problem without this change is that we
are open to the following race:
1) ControllerDeployment_Step1 is started and manages to do a successful
"systemctl start pacemaker"
2) PrePuppet gets called and in the HA deployment calls
pacemaker_maintenance_mode.sh
3) pacemaker_maintenance_mode.sh will set the maintenance-mode=true
property because the pacemaker service is already up:
https://github.com/openstack/tripleo-heat-templates/blob/master/extraconfig/tasks/pacemaker_maintenance_mode.sh#L8-L9
4) If the maintenance property is set to true at this stage, the
creation of any resource will take place but they won't really
start.
Note that this is not a straight cherry pick from commit
bae48e60b3cb9b5f21490997ca39c1e0e23fd195 because in ocata only
ControllerPrePuppet exists and not {{role.name}}PrePuppet like in
pike.
Change-Id: Icb7495edd00385b2975dd42f63085d20292ef9a9
Closes-Bug: #1673795
Co-Authored-By: Jiri Stransky <jstransk@redhat.com>
|
|
Removes some of the no longer used scripts and templates used by
the upgrades workflow in previous versions.
Closes-Bug: 1673447
Change-Id: I7831d20eae6ab9668a919b451301fe669e2b1346
(cherry picked from commit 521a8973229484d52c03e9ed04782c5dc493c1b0)
|
|
We also need to wait for the galera resource to settle down
before we proceed starting up with the other services.
Note that before merging this, we need to land the following
change in ansible-pacemaker:
https://review.gerrithub.io/#/c/351387/
D-O is needed for upgrades to work against stable/* branches.
Depends-On: I712abe71f97c22ee3d55d9db2f641096f8a7350c
Change-Id: Id71c9cb41cfd4c17685c922db2683e28ab7588fd
Closes-Bug: #1668372
(cherry picked from commit 841d30549bd27a8b5669955196e14085025dafad)
|
Jenkins
Pradeep Kilambi
marios
Sofer Athlan-Guyot
Marius Cornea
Yurii Prokulevych
Dan Prince
Steven Hardy
Oliver Walsh
James Slagle
Christian Schwede
Tim Rozet
Emilien Macchi
Juan Antonio Osorio Robles
Paul Belanger
Lukas Bezdicka
Dmitry Tantsur
Vincent S. Cojot
Luca Lorenzetto
Michele Baldessari