Age | Commit message (Collapse) | Author | Files | Lines |
|
Since the 'file' resource is included in the tags that puppet takes into
account, we already generate the fernet keys if it's enabled as a token
provider.
This merely adds the keys to the container. However, if fernet is not
the provider, we make this file addition optional.
Change-Id: Id92039b3bad9ecda169323e01de7bebae70f2ba0
|
|
|
|
Closes-bug: #1668928
Change-Id: I291df31be97c3d55cddb3924482aa5976a79c2b1
|
|
This implements a host_prep_tasks hook where we can specify Ansible
tasks to perform on the host before deploying containerized
services. The hook runs in a single step, the assumption is that we will
mostly use the hook for creating per-service directories on the host to
ensure we are able to mount them into the containers. (We cannot do this
operation via Puppet because all containerized services run their Puppet
within a config container, so Puppet doesn't have access to host's
filesystem.)
Change-Id: I7d8bac39e0cd422fd651eefe29f7d10941ab4a1a
|
|
Closes-bug: #1668930
Change-Id: If5dff4388b255373083e164a74aaacd529a94111
|
|
We don't use docker_image for anything. It is a remant of the
pre-composable docker templates and we can now remove it.
This patch removes references to the 'docker_image' section
from docker/post.yaml and all of the docker/services* templates.
Change-Id: I208c1ef1550ab39ab0ee47ab282f9b1937379810
|
|
This updates the docker/service README so that it
correctly documents the current requirements of the new
puppet_config interface.
Change-Id: I0f3e00ea3cce24152475abf6df34f4836e32c9c8
|
|
This is now required per the puppet_config interfaces for docker
services (per I208c1ef1550ab39ab0ee47ab282f9b1937379810)
Change-Id: Iab96919cb0a6b15942f3c19f8d28205261174edc
|
|
This patch makes the neutron-l3 docker service adhere
to the new puppet_config interface.
Change-Id: If5b73ec90637e878af55c8404d1eff8c18e857c3
|
|
|
|
|
|
This aligns the docker based services with the new composable upgrades
architecture we landed for ocata, and does a first-pass adding upgrade_tasks
for the services (these may change, atm we only disable the service on
the host).
To run the upgrade workflow you basically do two steps:
openstack overcloud deploy --templates \
-e environments/major-upgrade-composable-steps-docker.yaml
This will run the ansible upgrade steps we define via upgrade_tasks
then run the normal docker PostDeploySteps to bring up the containers.
For the puppet workflow there's then an operator driven step where
compute nodes (and potentially storage nodes) are upgrades in batches
and finally you do:
openstack overcloud deploy --templates \
-e environments/major-upgrade-converge-docker.yaml
In the puppet case this re-applies puppet to unpin the nova RPC API
so I guess it'll restart the nova containers this affects but otherwise
will be a no-op (we also disable the ansible steps at this point.
Depends-On: I9057d47eea15c8ba92ca34717b6b5965d4425ab1
Change-Id: Ia50169819cb959025866348b11337728f8ed5c9e
|
|
|
|
In cases where /var/log/httpd already exists, this exits with error
code 1.
$ sudo docker logs keystone-init-log
mkdir: cannot create directory '/var/log/httpd': File exists
Change-Id: I62bf08d9fc9e02d5f3016bd14bb0a090b76ac837
|
|
This updates kolla config to overwrite the stock
version with the puppet-nova generated mock.
Depends-On: Ie16a60c604ecf9f4012b0630f91e6ece2b6855db
Change-Id: I320f024adc88102ea24c0212702fe2dce826874f
Closes-bug: #440612
|
|
|
|
This approach removes the need for the yaql zip to build the
docker-puppet data by building the data in a puppet_config dict.
This allows a future change to make docker-puppet.py only accept dict
data.
Currently the step_config is left where it is and referenced inside
puppet_config, but feedback is welcome whether this is necessary or
desirable.
Change-Id: I4a4d7a6fd2735cb841174af305dbb62e0b3d3e8c
|
|
This allows to run a containerized neutron on the overcloud.
Co-Authored-By: Martin André <m.andre@redhat.com>
Depends-On: Iaf6536b1c4d0b2b118af92295136378cdfeee9d1
Change-Id: I86a12248d4f28f4dbe7708be928bcd8a45968d01
|
|
Otherwise the containerized nova running in the overcloud fails with
"Host 'overcloud-novacompute-0' is not mapped to any cell, Code: 400".
Co-Authored-By: Martin André <m.andre@redhat.com>
Change-Id: I9ff77f25bfd1f37167b0638a32fe5049951bc5b4
|
|
This change gives the option of docker-puppet.py data to be in a dict
as well as a list. This allows docker_puppet_tasks data to use the
same keys as the top level puppet config data.
If the yaql fu can be worked out to build the top level data,
docker-puppet.py can later drop the list format entirely.
Change-Id: I7e2294c6c898d2340421c93516296ccf120aa6d2
|
|
|
|
Neutron DB sync didn't have permission to read the config files, we now
run neutron-db-manage as root until we can find a more permanent
solution.
Change-Id: I502a8514adc523c7cac1da059be10480eef71cb9
Closes-Bug: #1667300
|
|
This patch sets the step correctly for docker_puppet_tasks.
This is now required in order to match the 'step' in some
puppet manifests explicitly so that things like keystone
initialization run correctly.
Closes-bug: #1667454
Change-Id: If2bdd0b1051125674f116f895832b48723d82b3a
|
|
|
|
Co-Authored-By: Dan Prince <dprince@redhat.com>
Co-Authored-By: Martin André <m.andre@redhat.com>
Change-Id: If0ee671acbf6a9931622003a859089d61e2050b3
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
Running swift in containers. Oh yeah.
Co-Authored-by: Dan Prince <dprince@redhat.com>
Change-Id: I2d96514fb7aa51dffe8fe293bc950e0e99df5e94
|
|
Co-Authored-By: Dan Prince <dprince@redhat.com>
Change-Id: I02cc769df5ec7afd608c502abc63fde8aa52be82
|
|
Change-Id: Ic3fd3bfd76d31ba515dbabdda7dfd06b9833a2ca
|
|
Change-Id: I055677a5ba62ee1c34a207fb83273f70558d21f1
|
|
Change-Id: I3d30e55716a464d423358ff23bdd184d34da765a
|
|
Change-Id: I09379b4959c38ae4e7b4e667b97e87d35c8e7e83
|
|
This patch adds docker services for Mistral API, Engine, and Executor.
NOTE: the Mistral API container for TripleO must be built with
openstack-tripleo-common installed in order for TripleO specific
actions to get installed for the undercloud.
Change-Id: I0075840d14eb43c50d80b87acd986b80cfd38d4a
|
|
This patch adds docker services for Neutron API(server), the
Neutron DHCP agent, and Neutron ML2 plugin configuration.
Co-Authored-By: Ian Main <imain@redhat.com>
Change-Id: If31e095cae533597cf0d73b4277425dfc3459564
|
|
This patch adds docker services for Nova for the Api, conductor,
scheduler, ironic, placement, and pass-thru configuration for metadata (it
simply enables metadata to be configured as part of the nova-api.
The nova-api DB initialization commands depend on a new heat-agent
feature (see patch below) to accommodate exit codes returned by
the new cells setup commands.
Change-Id: I39436783409ed752b08619b07b0a0c592bce0456
Depends-On: Ia6ca4b01982a0b33b26eca2a907d9d9f87c19922
|
|
This patch adds docker services for Heat API, API Cfn, and Engine.
Change-Id: I50caad9b9cf5482a8872cb0f2a67477b5e829ead
|
|
This patch adds docker services for Ironic API and Ironic
Conductor.
Change-Id: Icea5ae2ecd7e749ce95ed8444c3a5ef3e035bb4e
|
|
This patch adds a new (optional) section to the docker post.j2.yaml
that collects any 'docker_puppet_tasks' data from enabled
services and applies it on the primary role node (the
first node in the primary (first) role).
The use case for this is although we are generally only using
puppet for configuration there are several exceptions that we
desire to make use of today for parity with baremetal. This
includes things like database creation and keystone endpoint
initialization which we rely on configuration via hiera variables
controlled by the puppet services.
Change-Id: Ic14ef48f26de761b0d0eabd0e1c0eae52d90e68a
|
|
Depends-On: Icabdb30369c8ca15e77d169dc441bee8cfd3631f
Change-Id: Icec07f75f81953c4bf81ca21b4b02bc02e157562
Co-Authored-By: Martin André <m.andre@redhat.com>
Co-Authored-By: Ian Main <imain@redhat.com>
|
|
This patch implements a new docker deployment architecture that
should us to install docker services in a stepwise manner alongside
of baremetal puppet services. This works by using Yaql to select
docker specific services (docker/services/*.yaml) vs the puppet
specific ones and then applying the selected Json to relevant Heat
software deployments for docker and baremetal puppet in a stepwise
fashion.
Additionally the new architecture
leverages new composable services interfaces from Newton to
allow configuration of per-service container configuration
sets (directories that are bind mounted into kolla containers) by
using the Kolla containers themselves. It does this by spinning up
a throw away "configuration only" version of the container being
configured itself, then running the puppet apply in that container and
copying the generated config files into /var/lib/config-data. This
avoids having to install all of the OpenStack dependency packages
in the heat-agent-container itself (our previous approach) and should
allow us to configure a much wider variety of container config files
that would otherwise be impossible with the previous shared approach.
The new approach (combined) should allow us to configure containers in
both the undercloud and overcloud and incrementally add CI coverage to
services as we containerize them.
Co-Authored-By: Martin André <m.andre@redhat.com>
Co-Authored-By: Ian Main <imain@redhat.com>
Co-Authored-By: Flavio Percoco <flavio@redhat.com>
Change-Id: Ibcff99f03e6751fbf3197adefd5d344178b71fc2
|