aboutsummaryrefslogtreecommitdiffstats
AgeCommit message (Collapse)AuthorFilesLines
2016-03-21Remove unused user resource.Sofer Athlan-Guyot1-3/+0
The user is created by installation of of the pacemaker package, so it's not required to add it to the resource catalog. This paves the way to merge the refeactoring of the puppet-pacemaker module[1]. It brings a lot of changes, one of them is an idempotent handling of the hacluster user's password. Removing it here prevents duplicate resource error durring puppet run. [1] https://review.openstack.org/#/c/294182/ Change-Id: I56849d9fc00bd3ce342d5c440cfe7c5b6d26b5bf
2016-03-20Deploy Aodh services, replacing Ceilometer AlarmPradeep Kilambi13-3/+328
Ceilometer Alarm is deprecated in Liberty by Aodh. This patch: * manage Aodh Keystone resources * deploy Aodh API under WSGI, Notifier, Listener and Evaluator * manage new parameters to customize Aodh deployment * uses ceilometer DB for the upgrade path * pacemaker config * Add migration logic to remove pcs resources Depends-On: I5333faa72e52d2aa2a622ac2d4b60825aadc52b5 Depends-On: Ib6c9c4c35da3fb55e0ca8e2d5a58ebaf4204d792 Co-Authored-By: Emilien Macchi <emilien@redhat.com> Change-Id: Ib47a22884afb032ebc1655e1a4a06bfe70249134
2016-03-18Comment out the ManagementPort in external-loadbalancer-vip.yamlMarius Cornea1-3/+4
The Management network is optional and disabled by default. This change preserves backward compatibility and fixes https://bugzilla.redhat.com/show_bug.cgi?id=1317594 Change-Id: I73cf51154c9ee7c05938e2cadf0c5ac107840bad
2016-03-18PLUMgrid Neutron integrationQasim Sarfraz6-3/+176
Enable PLUMgrid neutron liberty plugin in a TripleO overcloud environment. Change-Id: I07025f67ec3f3399aac4dcd10cc37e857772548b Signed-off-by: Qasim Sarfraz <qasims@plumgrid.com>
2016-03-18Remove GlanceRegistry from EndpointMapGiulio Fidente4-131/+0
We don't need an endpoint for the glance-registry service, that is used by glance-api when needed and is not meant to be user-facing. Change-Id: Ia6c9dd6164d3b91adbc937d70fa74d5fbbfb28a3
2016-03-18Merge "Remove default for the RabbitMQ password"Jenkins4-5/+0
2016-03-18Remove default for the RabbitMQ passwordJuan Antonio Osorio Robles4-5/+0
Since the password is now autogenerated from the tripleoclient, there is no need to keep the default value here. Change-Id: If41cb56134966456f8590da04f392faffe5c62a1 Closes-Bug: #1557688
2016-03-17Merge "Remove forced rabbitmq::file_limit conversion to string"Jenkins1-8/+1
2016-03-16Merge "compute: use live_migration_tunnelled"Jenkins1-19/+4
2016-03-15Merge "Install mongodb client package"Jenkins2-1/+2
2016-03-15Merge "Fix typos"Jenkins11-16/+16
2016-03-15Merge "Ensure access to Redis is password protected"Jenkins2-1/+15
2016-03-14compute: use live_migration_tunnelledEmilien Macchi1-19/+4
In a previous patch [1], we added support for VIR_MIGRATE_TUNNELLED when doing VM shared storage. In Nova Mitaka [2] [3], we have now a parameter called 'live_migration_tunnelled' to whether or not use tunnelled migration. It replaces 'block_migration_flag' and 'live_migration_flag' that are both deprecated. [1] https://review.openstack.org/#/c/286584/ [2] https://review.openstack.org/#/c/263436/ [3] https://review.openstack.org/#/c/263434/ Change-Id: I8b199b6e72c80b2df7b679e0a20e39f8400d0478
2016-03-14Merge "compute: include VIR_MIGRATE_TUNNELLED when doing VM shared storage"Jenkins1-6/+28
2016-03-14Merge "Keystone domain for Heat"Jenkins5-2/+38
2016-03-11Add database directory mount for openvswitchdbIan Main1-0/+1
openvswitchdb creates a db.conf file in /etc/openvswitch. This just maps it to the host so we don't lose data. Change-Id: Ic773ba94522f108a765a09849e2f442ef3ca3bcf
2016-03-11Merge "Pass public_addr to ceph::profile::params instead of ceph::mon"Jenkins1-1/+1
2016-03-11Merge "Remove unused Neutron Agents container"Jenkins3-41/+10
2016-03-11Merge "Parameterize the heat-docker-agents image"Jenkins1-0/+1
2016-03-11Merge "Allow the containerized compute node to spawn larger VMs"Jenkins1-0/+19
2016-03-11Merge "Upgrades: quiet yum upgrade on cinder nodes"Jenkins1-1/+1
2016-03-10compute: include VIR_MIGRATE_TUNNELLED when doing VM shared storageEmilien Macchi1-6/+28
This patch makes sure: * When doing shared storage Nova is configured with block_migration_flag and live_migration_flag = '(...),VIR_MIGRATE_TUNNELLED' flag for security improvements. * When not doing shared storage Nova is not configured with VIR_MIGRATE_TUNNELLED flag because it's not supported by Qemu yet. We need to make sure the value is unset otherwise live migration will fail when not running shared storage for VMs. Note: this patch will be backport to stable branches. In a further iteration, we'll probably use live_migration_tunnelled new Nova parameter which is a simplier way to manage this feature. Co-Authored-By: Kashyap Chamarthy <kchamart@redhat.com> Change-Id: I557c1624ee944a32b1831d504f7b189308cd1961
2016-03-10Merge "Enable predictable IPs on non-controllers"Jenkins6-0/+151
2016-03-10Merge "Support the deployment of Ceph over IPv6"Jenkins7-4/+71
2016-03-10Merge "Fix vncproxy_host for IPv6"Jenkins1-1/+8
2016-03-10Merge "Allow the vnc server to bind on IPv6 address on computes"Jenkins4-2/+15
2016-03-10Merge "Surround MongoDB IPs with braces in the connection string if IPv6"Jenkins2-5/+26
2016-03-10Merge "Upgrades: initialization command/snippet"Jenkins2-1/+53
2016-03-10Merge "Add a ceph-storage node upgrade script for the upgrade workflow"Jenkins2-4/+50
2016-03-10Support the deployment of Ceph over IPv6Giulio Fidente7-4/+71
To deploy Ceph on IPv6, we need to enable ms_bind_ipv6 in addition to passing the list of MON IPs in brackets. Change-Id: I3644b8fc06458e68574afa5573f07442f0a09190
2016-03-10Fix vncproxy_host for IPv6Javier Pena1-1/+8
https://review.openstack.org/268356 can cause issues in IPv6 environments. It generates the following Hiera data: nova::vncproxy::common::vncproxy_host: [2001:db8:fd00:1000::10] which fails due to the brackets. Making sure there are no brackets in nova_vncproxy_host makes it work for both the IP case and when using DNS names. Change-Id: Iafe18f042725eb9419d97cd674c4b9a1a895b187
2016-03-10Allow the vnc server to bind on IPv6 address on computesMarius Cornea4-2/+15
Currently the vnc server on the compute nodes binds on 0.0.0.0. which only works with IPv4 addresses, it breaks connectivity with IPv6 addressing. This fixes https://bugzilla.redhat.com/show_bug.cgi?id=1300678. Change-Id: Id642d224fb3c62f786453dc684634adca1c2c09d Co-Authored-By: Giulio Fidente <gfidente@redhat.com>
2016-03-10Surround MongoDB IPs with braces in the connection string if IPv6Giulio Fidente2-5/+26
Change-Id: I9ed917f32b3de95beb234ade4819a8b96affe3e9
2016-03-10Merge "Upgrades: object storage node upgrade fix"Jenkins1-3/+4
2016-03-10Upgrades: quiet yum upgrade on cinder nodesJiri Stransky1-1/+1
Yum update on cinder nodes should be quiet, as it is on controllers, because results of these updates are sent to Heat. I mistakenly left this out in the first patch because i used one of the standalone node upgrade scripts as a copy/paste base for the cinder node upgrade script. Change-Id: Id13190dc4d242317829c7994088183f52d21461d
2016-03-10Keystone domain for HeatMartin Mágr5-2/+38
This patch adds support for configuring Keystone domain for Heat via heat-keystone-setup-domain script. It should be reverted as soon as Keystone v3 is fully functional. This patch won't be fully functional without either python-keystoneclient fix [1] or workaround [2]. [1] https://bugs.launchpad.net/python-keystoneclient/+bug/1452298 [2] https://review.openstack.org/180563 Change-Id: Ie9cdd518b299c141f0fdbb3441a7761c27321a88 Co-Authored-By: Jiri Stransky <jistr@redhat.com> Depends-On: Ic541f11978908f9344e5590f3961f0d31c04bb0c
2016-03-10Merge "Upgrade of Cinder block storage nodes"Jenkins2-1/+23
2016-03-10Merge "Updated the heat_template_version"Jenkins2-2/+2
2016-03-10Merge "Fixup systemctl_swift stop/start during the controller upgrade"Jenkins1-4/+17
2016-03-09Wire in HAProxy stats user and passwordBen Nemec1-0/+11
Change-Id: I26b7a1cd1b7b6520db1df49c60a86c2bb5bce1b0 Depends-On: I12e835964a0370de73e45ef0a8603656ecb02d0c Depends-On: I8a5844e89bd81a99d5101ab6bce7a8d79e069565
2016-03-09Enable predictable IPs on non-controllersBen Nemec6-0/+151
For the external loadbalancer work, we added the ability to specify fixed ips for controller nodes on all network isolation networks. In order to allow users full control over the placement and ip addresses of deployed nodes, we need to be able to do the same thing for the other node types. Change-Id: I3ea91768b2ea3a40287f2f3cdb823c23533cf290
2016-03-09Remove unused Neutron Agents containerRyan Hallisey3-41/+10
The Neutron Agents is currently not used. Refactor the heat templates to accommodate for this change. Change-Id: Ice3c5ce723fa16cfb66c2b0afbe51d7b282c3210
2016-03-09Allow the containerized compute node to spawn larger VMsRyan Hallisey1-0/+19
Atomic's root partition & logical volume defaults to 3G. In order to launch larger VMs, we need to enlarge the root logical volume and scale down the docker_pool logical volume. We are allocating 80% of the disk space for vm data and the remaining 20% for docker images. Change-Id: If3fff78f476de23c7c51741a49bae227f2cdfe3e Co-authored-by: Ian Main <imain@redhat.com> Co-authored-by: Jeff Peeler <jpeeler@redhat.com>
2016-03-09Ensure access to Redis is password protectedGiulio Fidente2-1/+15
Depends-On: I1a8741b9e00775763911222cbe0af677b59e03a1 Change-Id: I373f97ada4e4101700a12b42dfb8ee4b2ff701f2
2016-03-09Remove forced rabbitmq::file_limit conversion to stringJiri Stransky1-8/+1
Combined with a fix in puppetlabs-rabbitmq, we can lift the forced conversion of rabbitmq::file_limit into a string in Hiera. See the referenced puppetlabs-rabbitmq pull request for explanation of the issue. Change-Id: I0ec720b5e06763e86ea93f59cfe05842b3d13269 Depends-On: https://github.com/puppetlabs/puppetlabs-rabbitmq/pull/401
2016-03-09Merge "Add Rabbit IPv6 only support"Jenkins5-2/+34
2016-03-09Upgrades: object storage node upgrade fixJiri Stransky1-3/+4
The variables in the heredoc should be escaped because they should evaluate only when the inner script runs, not when the outer "writer" script runs. Python-zaqarclient is installed for os-collect-config to work, as we do on the other node types. Swift-proxy is removed from list of services to stop/start, as swift-proxy isn't supposed to run on the swift storage nodes. Change-Id: I8426b859d11378ebdc3da94dcc090133dab0c628
2016-03-09Fixup systemctl_swift stop/start during the controller upgrademarios1-4/+17
During the controller upgrade in major_upgrade_controller_pacemaker_1.sh we use systemctl to stop all swift services and then start them again in _pacemaker_2.sh In the case of stand-alone swift nodes the deployer may have used the ControllerEnableSwiftStorage: false so that only the swift-proxy service is left on controllers (wrt swift). The systemctl_swift function used during upgrades is changed to factor this in. Change-Id: Ib22005123429f250324df389855d0dccd2343feb
2016-03-09Upgrades: initialization command/snippetJiri Stransky2-1/+53
This allows to run a command or a script snippet on all overcloud nodes at the beginning of the upgrade. The intended use is to switch to a new set of repositories on the overcloud. This is done differently in different contexts (e.g. upstream vs. downstream), but generally it should be simple enough to not warrant creation of switchable "UpgradeInit" resource in the resource registry, and a string command/snippet parameter should suffice. Change-Id: I72271170d3f53a5179b3212ec9bae9a6204e29e6
2016-03-09Merge "Add missing createUser line to /etc/snmp/snmpd.conf"Jenkins5-5/+5