aboutsummaryrefslogtreecommitdiffstats
path: root/docker/services
AgeCommit message (Collapse)AuthorFilesLines
2017-03-14keystone/containers: Add support for fernet keysJuan Antonio Osorio Robles1-0/+19
Since the 'file' resource is included in the tags that puppet takes into account, we already generate the fernet keys if it's enabled as a token provider. This merely adds the keys to the container. However, if fernet is not the provider, we make this file addition optional. Change-Id: Id92039b3bad9ecda169323e01de7bebae70f2ba0
2017-03-14Merge "Tasks hook for preparing BM host for deploying containerized services"Jenkins1-0/+5
2017-03-13Containerize gnocchi servicesPradeep Kilambi3-0/+274
Closes-bug: #1668928 Change-Id: I291df31be97c3d55cddb3924482aa5976a79c2b1
2017-03-13Tasks hook for preparing BM host for deploying containerized servicesJiri Stransky1-0/+5
This implements a host_prep_tasks hook where we can specify Ansible tasks to perform on the host before deploying containerized services. The hook runs in a single step, the assumption is that we will mostly use the hook for creating per-service directories on the host to ensure we are able to mount them into the containers. (We cannot do this operation via Puppet because all containerized services run their Puppet within a config container, so Puppet doesn't have access to host's filesystem.) Change-Id: I7d8bac39e0cd422fd651eefe29f7d10941ab4a1a
2017-03-10Containerize Aodh alarm servicesPradeep Kilambi4-0/+359
Closes-bug: #1668930 Change-Id: If5dff4388b255373083e164a74aaacd529a94111
2017-03-10Remove docker_image sections (unused)Dan Prince34-160/+124
We don't use docker_image for anything. It is a remant of the pre-composable docker templates and we can now remove it. This patch removes references to the 'docker_image' section from docker/post.yaml and all of the docker/services* templates. Change-Id: I208c1ef1550ab39ab0ee47ab282f9b1937379810
2017-03-09Update docs per new puppet_config interfaceDan Prince1-14/+23
This updates the docker/service README so that it correctly documents the current requirements of the new puppet_config interface. Change-Id: I0f3e00ea3cce24152475abf6df34f4836e32c9c8
2017-03-08Move nova-scheduler data into puppet_configDan Prince1-7/+7
This is now required per the puppet_config interfaces for docker services (per I208c1ef1550ab39ab0ee47ab282f9b1937379810) Change-Id: Iab96919cb0a6b15942f3c19f8d28205261174edc
2017-03-07Add puppet_config to docker neutron-l3 serviceDan Prince1-7/+11
This patch makes the neutron-l3 docker service adhere to the new puppet_config interface. Change-Id: If5b73ec90637e878af55c8404d1eff8c18e857c3
2017-03-07Merge "Enable composable upgrades for docker service templates"Jenkins25-2/+121
2017-03-07Merge "Overwrite nova placement with stub for docker"Jenkins1-0/+6
2017-03-06Enable composable upgrades for docker service templatesSteven Hardy25-2/+121
This aligns the docker based services with the new composable upgrades architecture we landed for ocata, and does a first-pass adding upgrade_tasks for the services (these may change, atm we only disable the service on the host). To run the upgrade workflow you basically do two steps: openstack overcloud deploy --templates \ -e environments/major-upgrade-composable-steps-docker.yaml This will run the ansible upgrade steps we define via upgrade_tasks then run the normal docker PostDeploySteps to bring up the containers. For the puppet workflow there's then an operator driven step where compute nodes (and potentially storage nodes) are upgrades in batches and finally you do: openstack overcloud deploy --templates \ -e environments/major-upgrade-converge-docker.yaml In the puppet case this re-applies puppet to unpin the nova RPC API so I guess it'll restart the nova containers this affects but otherwise will be a no-op (we also disable the ansible steps at this point. Depends-On: I9057d47eea15c8ba92ca34717b6b5965d4425ab1 Change-Id: Ia50169819cb959025866348b11337728f8ed5c9e
2017-03-06Merge "Put docker puppet config in puppet_config dict"Jenkins32-170/+257
2017-03-03Fix httpd dir create to not error if existsPradeep Kilambi1-1/+1
In cases where /var/log/httpd already exists, this exits with error code 1. $ sudo docker logs keystone-init-log mkdir: cannot create directory '/var/log/httpd': File exists Change-Id: I62bf08d9fc9e02d5f3016bd14bb0a090b76ac837
2017-03-02Overwrite nova placement with stub for dockerDan Prince1-0/+6
This updates kolla config to overwrite the stock version with the puppet-nova generated mock. Depends-On: Ie16a60c604ecf9f4012b0630f91e6ece2b6855db Change-Id: I320f024adc88102ea24c0212702fe2dce826874f Closes-bug: #440612
2017-03-01Merge "Containerize neutron-l3 agent"Jenkins1-0/+88
2017-03-01Put docker puppet config in puppet_config dictSteve Baker32-170/+257
This approach removes the need for the yaql zip to build the docker-puppet data by building the data in a puppet_config dict. This allows a future change to make docker-puppet.py only accept dict data. Currently the step_config is left where it is and referenced inside puppet_config, but feedback is welcome whether this is necessary or desirable. Change-Id: I4a4d7a6fd2735cb841174af305dbb62e0b3d3e8c
2017-03-01Containerize neutron-l3 agentJohn Trowbridge1-0/+88
This allows to run a containerized neutron on the overcloud. Co-Authored-By: Martin André <m.andre@redhat.com> Depends-On: Iaf6536b1c4d0b2b118af92295136378cdfeee9d1 Change-Id: I86a12248d4f28f4dbe7708be928bcd8a45968d01
2017-03-01Associate unmapped hosts with cell mappingsJohn Trowbridge1-0/+10
Otherwise the containerized nova running in the overcloud fails with "Host 'overcloud-novacompute-0' is not mapped to any cell, Code: 400". Co-Authored-By: Martin André <m.andre@redhat.com> Change-Id: I9ff77f25bfd1f37167b0638a32fe5049951bc5b4
2017-03-01Switch to dict format for docker_puppet_tasksSteve Baker3-17/+22
This change gives the option of docker-puppet.py data to be in a dict as well as a list. This allows docker_puppet_tasks data to use the same keys as the top level puppet config data. If the yaql fu can be worked out to build the top level data, docker-puppet.py can later drop the list format entirely. Change-Id: I7e2294c6c898d2340421c93516296ccf120aa6d2
2017-02-24Merge "Containers: workaround for neutron DB sync"Jenkins1-0/+3
2017-02-24Containers: workaround for neutron DB syncJiri Stransky1-0/+3
Neutron DB sync didn't have permission to read the config files, we now run neutron-db-manage as root until we can find a more permanent solution. Change-Id: I502a8514adc523c7cac1da059be10480eef71cb9 Closes-Bug: #1667300
2017-02-23Add step to docker_puppet_tasksDan Prince1-1/+1
This patch sets the step correctly for docker_puppet_tasks. This is now required in order to match the 'step' in some puppet manifests explicitly so that things like keystone initialization run correctly. Closes-bug: #1667454 Change-Id: If2bdd0b1051125674f116f895832b48723d82b3a
2017-02-23Merge "Add docker mysql service"Jenkins1-0/+130
2017-02-23Add docker mysql serviceFlavio Percoco1-0/+130
Co-Authored-By: Dan Prince <dprince@redhat.com> Co-Authored-By: Martin André <m.andre@redhat.com> Change-Id: If0ee671acbf6a9931622003a859089d61e2050b3
2017-02-22Merge "Containerized Swift Services."Jenkins3-0/+499
2017-02-22Merge "Containerized MongoDB"Jenkins1-0/+98
2017-02-22Merge "Add docker Glance API service"Jenkins1-0/+96
2017-02-22Merge "Add docker keystone service"Jenkins1-0/+153
2017-02-22Merge "Add docker rabbitmq service"Jenkins1-0/+119
2017-02-22Merge "Add docker mistral services"Jenkins3-0/+293
2017-02-22Merge "Add docker zaqar service"Jenkins1-0/+99
2017-02-22Merge "Add docker heat services"Jenkins3-0/+272
2017-02-22Merge "Add docker nova services"Jenkins8-2/+547
2017-02-22Merge "Add docker memcached service"Jenkins1-0/+69
2017-02-22Merge "Add docker neutron services"Jenkins3-0/+253
2017-02-22Containerized Swift Services.Ian Main3-0/+499
Running swift in containers. Oh yeah. Co-Authored-by: Dan Prince <dprince@redhat.com> Change-Id: I2d96514fb7aa51dffe8fe293bc950e0e99df5e94
2017-02-22Add docker Glance API serviceDan Prince1-0/+96
Co-Authored-By: Dan Prince <dprince@redhat.com> Change-Id: I02cc769df5ec7afd608c502abc63fde8aa52be82
2017-02-22Containerized MongoDBFlavio Percoco1-0/+98
Change-Id: Ic3fd3bfd76d31ba515dbabdda7dfd06b9833a2ca
2017-02-20Add docker memcached serviceDan Prince1-0/+69
Change-Id: I055677a5ba62ee1c34a207fb83273f70558d21f1
2017-02-20Add docker rabbitmq serviceDan Prince1-0/+119
Change-Id: I3d30e55716a464d423358ff23bdd184d34da765a
2017-02-20Add docker zaqar serviceDan Prince1-0/+99
Change-Id: I09379b4959c38ae4e7b4e667b97e87d35c8e7e83
2017-02-20Add docker mistral servicesDan Prince3-0/+293
This patch adds docker services for Mistral API, Engine, and Executor. NOTE: the Mistral API container for TripleO must be built with openstack-tripleo-common installed in order for TripleO specific actions to get installed for the undercloud. Change-Id: I0075840d14eb43c50d80b87acd986b80cfd38d4a
2017-02-20Add docker neutron servicesDan Prince3-0/+253
This patch adds docker services for Neutron API(server), the Neutron DHCP agent, and Neutron ML2 plugin configuration. Co-Authored-By: Ian Main <imain@redhat.com> Change-Id: If31e095cae533597cf0d73b4277425dfc3459564
2017-02-20Add docker nova servicesDan Prince8-2/+547
This patch adds docker services for Nova for the Api, conductor, scheduler, ironic, placement, and pass-thru configuration for metadata (it simply enables metadata to be configured as part of the nova-api. The nova-api DB initialization commands depend on a new heat-agent feature (see patch below) to accommodate exit codes returned by the new cells setup commands. Change-Id: I39436783409ed752b08619b07b0a0c592bce0456 Depends-On: Ia6ca4b01982a0b33b26eca2a907d9d9f87c19922
2017-02-20Add docker heat servicesDan Prince3-0/+272
This patch adds docker services for Heat API, API Cfn, and Engine. Change-Id: I50caad9b9cf5482a8872cb0f2a67477b5e829ead
2017-02-15Add docker ironic servicesDan Prince3-0/+341
This patch adds docker services for Ironic API and Ironic Conductor. Change-Id: Icea5ae2ecd7e749ce95ed8444c3a5ef3e035bb4e
2017-02-15Add docker_puppet_tasks initialization on primary nodeDan Prince2-0/+9
This patch adds a new (optional) section to the docker post.j2.yaml that collects any 'docker_puppet_tasks' data from enabled services and applies it on the primary role node (the first node in the primary (first) role). The use case for this is although we are generally only using puppet for configuration there are several exceptions that we desire to make use of today for parity with baremetal. This includes things like database creation and keystone endpoint initialization which we rely on configuration via hiera variables controlled by the puppet services. Change-Id: Ic14ef48f26de761b0d0eabd0e1c0eae52d90e68a
2017-02-15Add docker keystone serviceDan Prince1-0/+153
Depends-On: Icabdb30369c8ca15e77d169dc441bee8cfd3631f Change-Id: Icec07f75f81953c4bf81ca21b4b02bc02e157562 Co-Authored-By: Martin André <m.andre@redhat.com> Co-Authored-By: Ian Main <imain@redhat.com>
2017-02-15docker: new hybrid deployment architecture and configurationDan Prince5-99/+154
This patch implements a new docker deployment architecture that should us to install docker services in a stepwise manner alongside of baremetal puppet services. This works by using Yaql to select docker specific services (docker/services/*.yaml) vs the puppet specific ones and then applying the selected Json to relevant Heat software deployments for docker and baremetal puppet in a stepwise fashion. Additionally the new architecture leverages new composable services interfaces from Newton to allow configuration of per-service container configuration sets (directories that are bind mounted into kolla containers) by using the Kolla containers themselves. It does this by spinning up a throw away "configuration only" version of the container being configured itself, then running the puppet apply in that container and copying the generated config files into /var/lib/config-data. This avoids having to install all of the OpenStack dependency packages in the heat-agent-container itself (our previous approach) and should allow us to configure a much wider variety of container config files that would otherwise be impossible with the previous shared approach. The new approach (combined) should allow us to configure containers in both the undercloud and overcloud and incrementally add CI coverage to services as we containerize them. Co-Authored-By: Martin André <m.andre@redhat.com> Co-Authored-By: Ian Main <imain@redhat.com> Co-Authored-By: Flavio Percoco <flavio@redhat.com> Change-Id: Ibcff99f03e6751fbf3197adefd5d344178b71fc2