aboutsummaryrefslogtreecommitdiffstats
AgeCommit message (Collapse)AuthorFilesLines
2017-08-09Merge "Use number for KeystoneCronTokenFlushMaxDelay instead of string"Jenkins1-2/+2
2017-08-09Merge "Don't curl metadata server in userdata example"Jenkins1-2/+1
2017-08-08Merge "MariaDB: create clustercheck user at container bootstrap"Jenkins1-1/+22
2017-08-08Make HA container bundle work on remote nodesMichele Baldessari1-0/+13
Right now when we deploy an HA bundle on a pacemaker remote node, the deploy will fail due to the fact that the bundle includes tripleo::profile::base::pacemaker which makes a call to hiera('hacluster_pwd') which will fail on pcmk remote nodes. While we could noop the profile on pcmk nodes, it's much simpler to just make sure this hiera key exists on pcmk remote nodes. Also make sure that pacemaker::corosync::manage_fw is set to false on remote nodes, otherwise the mere inclusion of the pacemaker profile will cause iptables-save to run in a container and thus failing. Change-Id: I09b3e54a470cc2d600a701d23463962501c5c9d6
2017-08-08Fix cidr get_attr in custom networksGiulio Fidente13-14/+13
We were missing the square brackets around the list of arguments for get_attr when building the networks cidr output. This passed CI because Heat does not fail validation and Ceph (which is consuming the cidr output) is tested with a single network (ctlplane) which does not build the output using the same templates. Change-Id: I40bba0784a30295cb0d4eda1fbff20ebac85db99 Closes-Bug: #1709464
2017-08-08Docker/TLS everywhere: Add telemetry and neutron services to environmentJuan Antonio Osorio Robles1-4/+9
some resources were missing, so this syncs up what's working right now. bp tls-via-certmonger-containers Change-Id: Ic8fe20d0240f1ad8f18218d66634029d522d4d5a
2017-08-08Keep dynamic network creation backward compatible.Sofer Athlan-Guyot2-3/+7
We had an history mapping for InternalApi to InternalNetwork. If we remove it then heat will want to destroy InternalNetwork and create InternalApi which cannot work during upgrade. This adds compat name parameters to network_data.yaml. Closes-Bug: #1709105 Change-Id: I8ce6419a5e13a13ee6e991db5ca2196763f52d7a
2017-08-08Add script to create tripleo-admin on deployed serversJiri Stransky1-0/+60
When using deployed servers, we want to create a standard tripleo-admin user for Mistral's ssh tasks (e.g. running Ansible on overcloud). This script wraps the respective Mistral workflow. Change-Id: I2de698b4aae07f74569243a9e7c1c56eb578e700 Related-Bug: #1708180 Depends-On: Ibe8e54f7b38d8c6c8d944d2b13f0eed004c34c4c
2017-08-07Create parameters for haproxy TLS certs and keysJuan Antonio Osorio Robles2-11/+55
this removes the hardcoded paths for the haproxy certs and keys and will enable re-use. We'll use this in a further commit in the containterized TLS work. Change-Id: I602e5a569e2e7e60835deb80532abcedd7a1f63d
2017-08-07Use number for KeystoneCronTokenFlushMaxDelay instead of stringJuan Antonio Osorio Robles1-2/+2
Using a string results in an erroneous check in puppet-keystone, which sets up a zero where it shouldn't. So we change it to number to avoid that. Note that there will also be a puppet-keystone fix for this. Changing the value here assures that deployers only give valid values to this parameter. Change-Id: I00823e23358df91ce54f421c12636f05d4196e15 Closes-Bug: #1708584
2017-08-05Merge "Add Telemetry services to scenario002"Jenkins2-4/+17
2017-08-05Merge "Start redis service after upgrade"Jenkins1-0/+3
2017-08-04Merge "Stop and disable openstack-nova-compute service on compute nodes"Jenkins1-0/+3
2017-08-04Merge "Run gnocchi upgrade with sacks in docker template"Jenkins1-1/+9
2017-08-04Merge "Change the directory for haproxy certs/keys to be service-specific"Jenkins2-7/+11
2017-08-04Merge "Copy scheduler configuration from service/ironic to ↵Jenkins1-0/+2
services-docker/ironic"
2017-08-04Merge "Fix up multipath docker indentation"Jenkins1-5/+5
2017-08-04Change the directory for haproxy certs/keys to be service-specificJuan Antonio Osorio Robles2-7/+11
This moves the directories containing the certs/keys for haproxy one step further inside the hierarchy. This way we will be able to bind-mount this certificate into the container without bind-mounting any other certs/keys from other services. bp tls-via-certmonger-containers Depends-On: Iba3adb9464a755e67c6f87d1233b3affa8be565a Change-Id: I73df8d442b361cb5ef4e343b4ea2a198a5b95da9
2017-08-04Merge "Adds environment file for ODL + SRIOV"Jenkins2-0/+32
2017-08-04Merge "Changing the default port-binding configuration"Jenkins3-2/+55
2017-08-03Update EventPipelinePublisher param description to include zaqarPradeep Kilambi1-0/+2
Since we now support zaqar:// publisher, Enhance the description to indicate how to set the zaqar publisher. Change-Id: Ib7eba98d199fade2346620672e33b74686d4685b
2017-08-03Merge "Make UpgradeLevelNovaCompute parameters consistent"Jenkins3-3/+2
2017-08-03Merge "Add environment for setting a custom domain name"Jenkins4-4/+54
2017-08-03Addition of Nuage as mechanism driver for ML2lokesh-jain6-7/+134
Adding composable services for Nuage mechanism driver for ML2. This is separate from Nuage as the core plugin and intentional duplication of Nuage under puppet services. Parameters required for working of Nuage as mechanism driver are also added. Change-Id: I2b564610721152c4f4dab9da79442256ba8d0b33
2017-08-03Merge "Update capabilities map to match latest environments"Jenkins1-263/+239
2017-08-03Merge "Make many networking parameters consistent"Jenkins39-77/+67
2017-08-03Stop and disable openstack-nova-compute service on compute nodesMarius Cornea1-0/+3
This change stops and disables the openstack-nova-compute service on the compute nodes during the upgrade to the containers architecture. Closes-bug: 1708371 Change-Id: I9ca909d4e91d0a0e4de15572f727f959d9185c64
2017-08-03Merge "Fix CA file bind mounting in containers"Jenkins1-1/+5
2017-08-03Merge "Render isolated network templates using jinja2"Jenkins7-17/+337
2017-08-03Merge "Make RoleParameters and key_name descriptions consistent"Jenkins12-12/+12
2017-08-03Merge "Set redis password hiera value in compute agent"Jenkins1-0/+5
2017-08-03Merge "Cinder volume/backup containers shouldn't mount two paths at same point"Jenkins2-2/+0
2017-08-03Merge "Update TLS-everywhere docker environment"Jenkins1-2/+5
2017-08-03Merge "Fix keystone, cinder, heat-api cron containers"Jenkins3-1/+7
2017-08-02Make UpgradeLevelNovaCompute parameters consistentBen Nemec3-3/+2
There is logic in nova-base.yaml that depends on the default for this parameter being '', and the nova-compute service only needs it set to auto during upgrade. That will be done by [1] anyway, so it doesn't matter what the default is. It's also not clear to me that the nova-compute task is even needed now that we're post-Ocata, but that's not a change I feel comfortable making. 1: https://github.com/openstack/tripleo-heat-templates/blob/master/environments/major-upgrade-composable-steps.yaml Change-Id: Iccfcb5b68e406db1b942375803cfedbb929b4307 Partial-Bug: 1700664
2017-08-02Make many networking parameters consistentBen Nemec39-77/+67
These are mostly the low hanging fruit that only required a few minor changes to fix. There are more that require a lot of changes or might be more controversial that will be done later. Change-Id: I55cebc92ef37a3bb167f5fae0debe77339395e62 Partial-Bug: 1700664
2017-08-02Make RoleParameters and key_name descriptions consistentBen Nemec12-12/+12
The key_name default is ignored because the parameter is used in some mutually exclusive environments where the default doesn't need to be the same. Change-Id: I77c1a1159fae38d03b0e59b80ae6bee491d734d7 Partial-Bug: 1700664
2017-08-02Merge "Fix ceilometer agent compute service name"Jenkins1-1/+1
2017-08-02Add Telemetry services to scenario002Pradeep Kilambi2-4/+17
We need to test gnocchi with swift backend. So adding telemetry to scenario002 job to cover that. Change-Id: I284de61bbefac9e9b37390650016643ffe38b5cc
2017-08-02Start redis service after upgradePradeep Kilambi1-0/+3
We install redis if its not already there, but we should also ensure redis service is started in the next step 4. related to issues we're seeing in I284de61bbefac9e9b37390650016643ffe38b5cc Change-Id: Ic01db53ea8669f14e87f6987045b2be5a3480024
2017-08-02openstack-heat-templates: fix deprecation pathSébastien Han1-1/+1
The right file is external-ceph.yaml, not ceph-external.yaml. Change-Id: If21a4f183305f82916e1ef2aadb0706e7dab4657 Signed-off-by: Sébastien Han <seb@redhat.com>
2017-08-02Update capabilities map to match latest environmentsJiri Tomasek1-263/+239
This change updates capabilities-map.yaml to properly map existing environments Closes-Bug: 1708159 Change-Id: I4104b6b59b3e9b19a06cdc233dae4f68fe033580
2017-08-02Fix up multipath docker indentationMichele Baldessari1-5/+5
Deploying a multipathd container gives the following error: failed: [localhost] (item={'key': u'config_files', 'value': [{u'dest': u'/', u'merge': True, u'source': u'/var/lib/kolla/config_files/src-iscsid/*', u'preserve_properties': True}]}) => {\"checksum\": \"72ad81489381571c5043b7613f6828b06ae364bd\", \"failed\": true, \"item\": {\"key\": \"config_files\", \"value\": [{\"dest\": \"/\", \"merge\": true, \"preserve_properties\": true, \"source\": \"/var/lib/kolla/config_files/src-iscsid/*\"}]}, \"msg\": \"Destination directory does not exist\"} The reason is the wrong indentation of the config_files key in the multipath docker service. Change-Id: I0e1fbb9eb188a903994b9e5da90ab4a6fb81f00a Closes-Bug: #1708129
2017-08-02Merge "Fix iscsid role data's section"Jenkins1-1/+1
2017-08-02Cinder volume/backup containers shouldn't mount two paths at same pointJohn Fulton2-2/+0
Docker refuses to start the container because config_files/src-ceph:ro is mounted at both /etc/ceph and config-data/puppet-generated/ceph. The mount to /var/lib/config-data/puppet-generated/ceph should have been removed in commit ed0b77ff93a1a1e071d32f6a758e04c6d0b041ef. Change-Id: I411b4764a54fc21e97e4c41a5fef00c7e6e2b64d Closes-Bug: #1707956
2017-08-02Merge "Fix network-isolation.j2.yaml to ignore VIPs for disabled networks"Jenkins1-1/+1
2017-08-02Merge "Remove empty metadata_settings from iscsid and multipathd templates"Jenkins2-2/+0
2017-08-02Merge "Adds stop and disable for libvirtd on upgrade to containers"Jenkins1-0/+4
2017-08-01Set redis password hiera value in compute agentPradeep Kilambi1-0/+5
Without this config defaults to undef in containers Change-Id: Id47f365364e7b0d399de92995871b136550cd625
2017-08-01Fix ceilometer agent compute service namePradeep Kilambi1-1/+1
Make sure this matches whats in roles_data.yaml Change-Id: Id41c457914f557af7c9ec195c4c6f98669523ac1