aboutsummaryrefslogtreecommitdiffstats
AgeCommit message (Collapse)AuthorFilesLines
2017-05-24Containerize MySQL for HADamien Ciabrini1-0/+180
This service allows configuring and deploying MySQL/galera containers in a HA overcloud managed by pacemaker. The containers are managed and run by pacemaker. Inside there is pacemaker_remote which will invoke the resource agent managing galera. The resources themselves are created via puppet-pacemaker inside a short-lived container used for this purpose (mysql_init_bundle). This container needs to use the 'docker_config' section to invoke puppet (as opposed to 'docker_puppet_tasks'), because due to the HA composability each resource creation needs to happen on the bootstrap node of that service and 'docker_puppet_tasks' will only run on the controller/primary role. Co-Authored-By: Michele Baldessari <michele@acksyn.org> Closes-Bug: #1692842 Depends-On: I3b4d8ad2eec70080419882d5d822f78ebd3721ae Change-Id: I790dbc30b3de1c1a3fe76d3d8f060e4d7f95e2e7
2017-05-24Containerize HAProxy for HADamien Ciabrini1-0/+116
This service allows configuring and deploying HAProxy containers in a HA overcloud managed by pacemaker. The containers are managed and run by pacemaker. Pacemaker runs the standard Kolla image but overrides the initial command so that it explicitely calls HAProxy. This way, we shield ourselves from any unexpected future change in Kolla. This container needs to use the 'docker_config' section to invoke puppet (as opposed to 'docker_puppet_tasks'), because due to the HA composability each resource creation needs to happen on the bootstrap node of that service and 'docker_puppet_tasks' will only run on the controller/primary role. Co-Authored-By: Michele Baldessari <michele@acksyn.org> Closes-Bug: #1692908 Depends-On: Ifcf890a88ef003d3ab754cb677cbf34ba8db9312 Change-Id: I2f679bfe195733f4507e9b9e920b678e1370bb82
2017-05-24Remove duplicate PreConfig definitionJiri Stransky1-7/+0
We had two exactly the same definitions of PreConfig in docker_steps.j2.yaml. We should remove one of them. I chose to remove the first definition, as the 2nd definition is amended by change I674a4d9d2c77d1f6fbdb0996f6c9321848e32662, so we'll avoid a conflict. Change-Id: If65e30daefcf6552e085c7648c6691b7068834d4
2017-05-24Fix race condition between docker-puppet and container stepsJiri Stransky1-0/+1
GenerateConfigDeployment wasn't anchored with dependencies anywhere. If it took too long to complete and step 1 of containers creation already started executing, problems happened. This is now fixed by adding the required dependency relationship. Change-Id: Ie7dfd2a965e704ba278d4c2fad67f14a3a62799e Closes-Bug: #1692503
2017-05-24Merge "Role Specific paramaeter support for neutron-ovs-dpdk-agent service"Jenkins1-9/+32
2017-05-23Containerize clustercheck galera monitor for HA deploymentsDamien Ciabrini1-0/+103
In HA overcloud deployments, HAProxy makes use of a helper service called "clustercheck", to check whether galera nodes are available for serving traffic. This change implements a dedicated service for clustercheck, which was originally part of the pacemaker mysql service. The service is configured by tripleo and the container's lifecycle is managed by docker, like other containerized services. Closes-Bug: #1692969 Change-Id: I8a5b30429f8ec3e484256a62a29ab7dee33ab291 Co-Authored-By: Michele Baldessari <michele@acksyn.org> Depends-on: I1aabe34fa6a9c8c705a4405f275b66502c313cf2
2017-05-23Merge "Remove osd_pool_default_min_size to allow Ceph cluster to do the ↵Jenkins6-2/+21
right thing by default"
2017-05-23Merge "docker/TLS-everywhere: Add metadata_settings output to templates"Jenkins5-0/+10
2017-05-23Example environment file to use Neutron BGPVPN driver with ODLRicardo Noriega1-0/+12
Service_provider is configured to point to networking-odl Change-Id: Icdb1c1414b237a9409e8e7dc55bb3c01da41841c Signed-off-by: Ricardo Noriega <rnoriega@redhat.com>
2017-05-23Merge "Example environment file to use L2GW Neutron Driver with ODL"Jenkins1-0/+18
2017-05-23Merge "Disable mongodb by default"Jenkins5-1/+49
2017-05-23Merge "Updated from global requirements"Jenkins1-1/+1
2017-05-23Merge "Use disabled suffix for disabled service names"Jenkins4-6/+6
2017-05-22Remove osd_pool_default_min_size to allow Ceph cluster to do the right thing ↵Keith Schincke6-2/+21
by default The default value is 0 which has the minimum number be caluclated based on the replica count from osd_pool_defaut_size. The default replica count is 3 and the calculated min_size is 2. If the replica count is 1 then the min_size is 1. ie: min_size = replica - (replica/2) Add CephPoolDefaultSize parameter to ceph-mon.yaml. This parameter defaults to 3 but can be overriden. See puppet-ceph-devel.yaml for an example Change-Id: Ie9bdd9b16bcb9f11107ece614b010e87d3ae98a9
2017-05-22docker bootstrap service commandsDan Prince11-28/+36
This patch guards db syncs and initialization code from executing on multiple nodes at the same time by using the new bootstrap_host_exec script. This helper script checks to make sure the container is executing on the "bootstrap host" for the specified service (arg 0) and then if it matches runs the specified command. Depends-On: If25f217bbb592edab4e1dde53ca99ed93c0e146c Depends-On: Ic1585bae27c318bd6bafc287e905f2ed250cce0f Change-Id: I0c864ca093ea476248b619d8c88477ef0b64e2eb Closes-Bug: 1688380
2017-05-22Updated from global requirementsOpenStack Proposal Bot1-1/+1
Change-Id: I468f654fa75b22aef398e2cba9c3625eb8f0767c
2017-05-22docker/TLS-everywhere: Add metadata_settings output to templatesJuan Antonio Osorio Robles5-0/+10
This is needed since it's what writes the service metadata to the nova server in order to create the kerberos principals. It worked in a base controller since the keystone template does have this. But if we would deploy these services on a separate role, it would break. So this output is needed. bp tls-via-certmonger-containers Change-Id: I3ee8c65d356dcd092a3fbf79041e5c69ef23b721
2017-05-22Example environment file to use L2GW Neutron Driver with ODLRicardo Noriega1-0/+18
Agent service is disabled and service_provider is configured to point to networking-odl Change-Id: I570d15a092cff66666a74e95dee69f6531a58b22 Signed-off-by: Ricardo Noriega <rnoriega@redhat.com>
2017-05-22Merge "Re-Add ceilometer expirer to roles_data"Jenkins1-0/+3
2017-05-22Merge "Add Neutron L2 Gateway service to scenario 004"Jenkins2-1/+8
2017-05-22Disable mongodb by defaultJuan Antonio Osorio Robles5-1/+49
It's not used by any service that we enable by default. So instead, I added it to the environment that enables the services that use it. Change-Id: Id2e6550fb7c319fc52469644ea022cf35757e0ce
2017-05-22Use disabled suffix for disabled service namesJuan Antonio Osorio Robles4-6/+6
This changes both the service names and the file names for disabled services, adding the 'disabled' suffix to them. This comes with the reasoning that, if a service requires a disabled service, and checks for the name in the "service_names" hiera entry, it will appear as if the service was enabled, when it's actually not. So changing the name and using this convention prevents that issue. Change-Id: I308d6680a4d9b526f22ba0d7d20e5db638aadb9a
2017-05-22Modify vhost user socket directory's default value in environment fileSaravanan KR2-1/+7
From ocata, the vhost socket directory requires a different set of permissions from the default directory (/var/run/openvswitch). Modifying the directory to a new agreed directory which will be created in puppet. Closes-Bug: #1687993 Depends-On: I255f98c40869e7508ed01a03a96294284ecdc6a8 Change-Id: I77250ca84c9da2fb5a8381e6f60234f8a05cbf12
2017-05-22Merge "TLS everywhere: configure mongodb's TLS settings"Jenkins1-0/+37
2017-05-22Re-Add ceilometer expirer to roles_dataJuan Antonio Osorio Robles1-0/+3
Even though this service was disabled by default in Pike[1], we still want the entry in roles_data since it will actually disable the service on upgrade. A comment was added so we remember to remove it in Queens. [1] Icffb7d1bb2cf7bd61026be7d2dcfbd70cd3bcbda Change-Id: I2012d7494207bf3239f589bf80b8048abf72428f
2017-05-22Add Neutron L2 Gateway service to scenario 004Carlos Camacho2-1/+8
This submission installs the Neutron L2 Gateway service in the scenario 004. This is only to check that the service is installed correctly no sanity check is running yet. Change-Id: I421802e9aa1a9f192860a6d72b4bb7c729666c3a
2017-05-21Change database sync timeout from 300 to 900 in low-memory-usage environment ↵Or Idgar2-0/+8
file. During a deployment on lower spec systems, the "db sync" can take longer than five minutes. The solution is to increase the default value of DatabaseSyncTimeout from 300 to 900 by using the environment file "low-memory-usage.yaml". Change-Id: I6463dbdd4dfe1d6f2dd283211cc496fe3a628fb0 Closes-bug: #1689318
2017-05-20Merge "Open ports 443 and 80 on haproxy's firewall when horizon is standalone"Jenkins1-0/+7
2017-05-20Merge "Comment parameters for registry in docker.yaml"Jenkins1-4/+4
2017-05-20Merge "Support Redfish hardware in the overcloud Ironic"Jenkins2-1/+21
2017-05-20Merge "Add IronicInspector settings to the network map"Jenkins6-0/+265
2017-05-20Merge "Dell SC: Add secondary DSM support"Jenkins2-3/+23
2017-05-20Merge "Consolidate writing json configs with HostPrepTasks"Jenkins2-98/+56
2017-05-20Merge "Add missing release note for cadf environment"Jenkins1-0/+7
2017-05-20Merge "Update the template_version alias for all the templates to pike."Jenkins321-321/+321
2017-05-19Merge "Make sure that manila share is created after share type"Jenkins1-0/+2
2017-05-19Merge "Add containerized neutron-metadata agent"Jenkins2-0/+111
2017-05-19Add RoleNetHostnameMap outputSteven Hardy1-1/+13
This exposes a list of hostnames similar to the RoleNetIpMap, this will be consumed by the dynamic inventory ref https://review.openstack.org/465558 Change-Id: I61efac5634e9b6fbb820e693c71a0adae5fa8b6a
2017-05-19Role Specific paramaeter support for neutron-ovs-dpdk-agent serviceSaravanan KR1-9/+32
Merge the role specific parmaeter with the default parameter with the higher precendece given to role specific parameters. Use the merged settings to the hiera config settings. Change-Id: I500558dfbf4ac4ddcf850064e654c4fab03d141b
2017-05-19Update the template_version alias for all the templates to pike.Carlos Camacho321-321/+321
Master is now the development branch for pike changing the release alias name. Change-Id: I938e4a983e361aefcaa0bd9a4226c296c5823127
2017-05-19Make sure that manila share is created after share typeJan Provaznik1-0/+2
The pingtest template creates both default share type and a share which should use this type. Explicit reference of the share type should assure that the share is always created when share type exists. Change-Id: I756e6a8e477de8d0e46302dda26265ae482dd2e5 Closes-Bug: #1691853
2017-05-19Merge "Add l2gw neutron agent support"Jenkins6-6/+124
2017-05-18Merge "neutron: set enable_dvr = False if NeutronEnableDVR is false"Jenkins2-0/+7
2017-05-18Merge "Enable splay for os-collect-config"Jenkins6-0/+60
2017-05-18neutron: set enable_dvr = False if NeutronEnableDVR is falseIhar Hrachyshka2-0/+7
This will make neutron-server stop advertising dvr extension if the cloud is not configured to support this flavor of Neutron routers. Change-Id: I38c8208edff07f7887887918729beb7710068078 Related-Bug: #1450067
2017-05-18Add containerized neutron-metadata agentBrent Eagles2-0/+111
This patch adds support for running the neutron metadata agent in a container. Change-Id: I53c62516c95d62f5ced70818d4eb4c2c341df0d7 Partial-Bug: #1668922
2017-05-18Merge "TLS-everywhere: Configure CA for apache"Jenkins1-0/+6
2017-05-18Merge "Default snmp to less verbose logging"Jenkins2-0/+11
2017-05-18Comment parameters for registry in docker.yamlSteven Hardy1-4/+4
These duplicate the defaults in puppet/services/docker.yaml and break things if you include an environment file (e.g that generated by quickstart containers-default-parameters.yaml) before the docker.yaml. Instead it's probably more helpful to include the commented lines showing how to enable use of a local docker registry. Change-Id: I3896fa2ea7caa603186f0af04f6d8382d50dd97a Closes-Bug: #1691524
2017-05-18Add l2gw neutron agent supportPeng Liu6-6/+124
L2 Gateway (L2GW) is an API framework for OpenStack that offers bridging two or more networks together to make them look at a single broadcast domain. This patch implements the l2gw agent which is one of the backend of the l2 gateway service plugin. Change-Id: I1ae8132ceff9410be7bd82caddf0d14251e720bf Depends-On: If1501c153b1b170b9550cb7e5a23be463fba1fe9 Partially-Implements: blueprint l2gw-service-integration Signed-off-by: Peng Liu <pliu@redhat.com>