| Age | Commit message (Collapse) | Author | Files | Lines |
|---|
|
Co-Authored-By: Jon Bernard <jobernar@redhat.com>
Depends-On: I486de8b6ab2f4235bb4a21c3650f6b9e52a83b80
Change-Id: I6cf70fa05ad1c8aa6d9f837ddcd370eb26e45f97
|
|
This configures iscsid so that it runs as a container on
relevant roles (undercloud, controller, compute, and volume).
When the iscsid docker service is provision it will also run
an ansible snippet that disables the iscsid.socket on the host
OS thus disabling the hosts systemd from auto-starting iscsid
as it normally does.
Co-Authored-By: Jon Bernard <jobernar@redhat.com>
Change-Id: I2ea741ad978f166e199d47ed1b52369e9b031f1f
|
|
|
|
The containerized HAproxy service can only specify steps to be run in
containers, i.e. it cannot runs the regular puppet steps on bare metal
at the same time. A side effect is that the dedicated HAproxy iptables
rules are no longer generated.
Update the docker_config step to fix the creation of iptables rules
for HAproxy and persist them on-disk as before.
Co-Authored-By: Michele Baldessari <michele@acksyn.org>
Closes-Bug: 1697387
Change-Id: Ib5a083ba3299a82645f1a0f9da0d482c6b89ee23
|
|
|
|
This patch ensures that Swift rings are downloaded from the undercloud
before a rebalance and uploaded afterwards.
Depends-On: I51c5795b9893d797bd73e059910f17a98f04cdbe
Change-Id: Ief012fed628957e4da63ff3314c4cf01d58b6b16
|
|
We now pass configuration for autofencing to Pacemaker Remote nodes.
Change-Id: Ibb9c65a83cc909528024c538cf3bcc96390c555e
Depends-On: I87c60bd56feac6dedc00a3c458b805aa9b71d9ce
Closes-Bug: #1686115
|
|
Parameters which are not part of the heat environment template
are required by the worflows like derive parameters. In order to
seprate from the heat environment parameters, the workflow only
parameters will be provided via plan-environement section,
workflow_parameters.
Implements: blueprint tripleo-derive-parameters
Change-Id: I36d295223c28afff1e0996b4885b8a81c00842f0
|
|
|
|
This change modifies these mounts to be more specific mounts based on
the files which puppet actually modifies.
The result is something a bit more self-documenting, and allows for
trying other techniques for populating /etc other than directly mounting
config-data directories.
Change-Id: Ied1eab99d43afcd34c00af25b7e36e7e55ff88e6
|
|
We now have python-paunch-1.1.1 [1] in the overcloud images so we do not
need to pip install it any longer.
[1] https://trunk.rdoproject.org/centos7-master-head/current/python-paunch-1.1.1-0.20170602043913.c8e22e5.el7.centos.noarch.rpm
Change-Id: I1ede514a8aee7ac217fa75843e67fb6542e06f99
|
|
|
|
Change-Id: Id896e01e24ecc2bfd7a983a3ff9756fefe4a4525
Depends-On: I097c494d3953b7d26d94aecc546ddef5225d1125
|
|
This reverts commit a915b150018bf306a5942782bf93c5faadcd7cde.
The argument is renamed and causing promotions to fail.
Change-Id: I7e1674cff75b606c20956edddf70eee2990fca78
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
This commit change the container names to consistently use the `_` char
as a word separator and make the kolla external config file match the
container name to make operators' life easier.
Change-Id: Ibac9d76dde474b94c3cb86031ead0fd0327e126f
|
|
|
|
|
|
I was getting empty volumes from the json and it was creating bad
docker command lines.
Change-Id: Ie90fc1afa5711d6b029e98d621507b9cb70c1dbe
|
|
HorizonSecureCookies is incompatible with non-ssl deployments, which
is our default deployment method. When SSL is in use, it can be
turned on in the enable-tls.yaml file. This does mean that
existing users won't automatically get this feature turned on as
part of their upgrade because enable-tls.yaml is an environment that
is intended to be copied and edited, but it's simple to add the
parameter to the file for users who want that behavior after they
upgrade to a version where it is available.
Change-Id: If83d3d8709fc4e0c09569e8bf524721d332bf560
Closes-Bug: 1696861
|
|
|
|
Change-Id: Ie6469d2fd2119952669f5c9fdaa41fb273185973
Depends-On: I91be1f1eacf8eed9017bbfef393ee2d66771e8d6
Closes-bug: #1693844
|
|
|
|
|
|
Change-Id: I05126a108f5ab790e729d1f98399dca5801ebd69
|
|
The configuration generated by docker-puppet may change on update,
so checksum the combined files from the config-data directories,
to enable detecting those that have changed and restarting the
appropriate containers - we need to merge this checksum into
the environment passed to the containters, as this will cause
paunch to correctly restart containers when the configuration
generated changes, even if the rest of the json definition
provided by heat does not.
Change-Id: I40d9080cf3ad708ef4ed91e46d2b2ae1138bb9c3
|
|
|
|
It is 'HAproxy' and not 'HAProxy'. This needs fixing so that the
proper service is instantiated when a role includes the HAproxy
service.
Change-Id: Ibcbacff16c3561b75e29b48270d60b60c1eb1083
|
|
|
|
Implements: blueprint container-healthchecks
Depends-On: I9ccf1c4c948e6e347eb8e4d947edf77822a601cb
Change-Id: Iff7758623974a69e2c043cf611f46ce11c36cc59
|
|
Closes-bug: #1668935
Change-Id: I83a02735eb445e831bc74ec786f2bb42cd2f87d6
|
|
Closes-bug: #1668929
Change-Id: I051edcf2980bb9c2521e21c410055690c012a0d1
|
|
This patch partitions the defined devices and mounts them on the
hostnode.
It also disables the mount_check inside Swift because it is currently
not possible to detect wether a given directory is a mounted device or
not. This is just a workaround until a better solution has been
implemented in Swift itself.
Change-Id: I6e8e1328d7ffb18bb96ed1a940013dbb8b6b433e
|
|
The parameters NovaVcpuPinSet, NovaReservedHostMemory and
NovaPCIPassthrough are modified to support role-specific
parameter inputs.
Change-Id: I7c11e8fc2c933f424318e457cb1e96acb8df2ec7
|
|
This will enable HAProxy to use CRLs for the nodes it's proxying.
bp tls-via-certmonger
Depends-On: I4f1edc551488aa5bf6033442c4fa1fb0d3f735cd
Change-Id: I2558113bf83674ce22d99364b63c0c5be446bf77
|
|
This uses by default the URL for the CRL provided by FreeIPA (the
default CA in TripleO).
bp tls-via-certmonger
Depends-On: I38e163e8ebb80ea5f79cfb8df44a71fdcd284e04
Change-Id: I87001388f300f3decb3b74bc037fff9d3b3ccdc2
|
|
|
|
|
|
Libvirtd needs the --listen arg to enable the TLS socket.
Change-Id: I535165f0a2634728045491b2a37a56b1891b13fe
Resolves-Bug: #1694958
|
|
|
|
This option allows users to exclude some fault domains.
Otherwise all domains are returned.
Change-Id: Iefd1a44c8fe217aee5845bba35def571317bb123
Closes-Bug: #1681490
Depends-On: I6eb2bcc7db003a5eebd3924e3e4eb44e35f60483
|
|
As we create new standard roles, we should include them from a single
location for ease of use and to reduce the duplication of the role
definitions elsewhere. This change adds a roles folder to the THT that
can be used with the new roles commands in python-tripleoclient by the
end user to generate a roles_data.yaml from a standard set of roles.
Depends-On: I326bae5bdee088e03aa89128d253612ef89e5c0c
Change-Id: Iad3e9b215c6f21ba761c8360bb7ed531e34520e6
Related-Blueprint: example-custom-role-environments
|
|
Without this evidently agent logs IO errors.
Change-Id: I3031212c582381ae6b6147a48101bf83a05caa8a
|
|
This got missed in the patch which added host logging for most
other services.
Change-Id: I0be8a5bce6558ebaf5b4830138d1f6c31aec6394
|
Dan Prince
Jenkins
Damien Ciabrini
Christian Schwede
Chris Jones
Saravanan KR
Steve Baker
Michele Baldessari
Dmitry Tantsur
Pradeep Kilambi
Martin André
Ian Main
Ben Nemec
Oliver Walsh
Matthias Runge
Steven Hardy
Martin Mágr
Juan Antonio Osorio Robles
rajinir
Alex Schultz