aboutsummaryrefslogtreecommitdiffstats
path: root/docker/services
AgeCommit message (Collapse)AuthorFilesLines
2017-06-12Docker service for Cinder VolumeDan Prince1-0/+163
Adds docker service for Cinder Volume Co-Authored-By: Jon Bernard <jobernar@redhat.com> Depends-On: Ic1585bae27c318bd6bafc287e905f2ed250cce0f Partial-bug: #1668920 Change-Id: Ifadb007897f3455b90de6800751a0d08991ebca2
2017-06-12Docker services for Cinder BackupDan Prince1-0/+132
Adds docker services for Cinder Backup Co-Authored-By: Gorka Eguileor <geguileo@redhat.com> Co-Authored-By: Jon Bernard <jobernar@redhat.com> Co-Authored-By: Martin André <m.andre@redhat.com> Co-Authored-By: Alan Bishop <abishop@redhat.com> Partial-bug: #1668920 Change-Id: I26fc31e59b28da017f0b028b74bde40aaac53ad5
2017-06-12Docker services for Cinder Api and SchedulerDan Prince2-0/+276
Adds docker services for Cinder API and Scheduler. Co-Authored-By: Gorka Eguileor <geguileo@redhat.com> Co-Authored-By: Jon Bernard <jobernar@redhat.com> Co-Authored-By: Martin André <m.andre@redhat.com> Co-Authored-By: Alan Bishop <abishop@redhat.com> Depends-On: Ic1585bae27c318bd6bafc287e905f2ed250cce0f Change-Id: I5cff9587626a3b2a147e03146d5268242d1c9658 Partial-bug: #1668920
2017-06-12Containerize multipathdDan Prince1-0/+89
Co-Authored-By: Jon Bernard <jobernar@redhat.com> Depends-On: I486de8b6ab2f4235bb4a21c3650f6b9e52a83b80 Change-Id: I6cf70fa05ad1c8aa6d9f837ddcd370eb26e45f97
2017-06-12Move iscsid to a containerDan Prince1-0/+109
This configures iscsid so that it runs as a container on relevant roles (undercloud, controller, compute, and volume). When the iscsid docker service is provision it will also run an ansible snippet that disables the iscsid.socket on the host OS thus disabling the hosts systemd from auto-starting iscsid as it normally does. Co-Authored-By: Jon Bernard <jobernar@redhat.com> Change-Id: I2ea741ad978f166e199d47ed1b52369e9b031f1f
2017-06-12Generate HAproxy iptables rules for containerized HA deploymentsDamien Ciabrini1-10/+13
The containerized HAproxy service can only specify steps to be run in containers, i.e. it cannot runs the regular puppet steps on bare metal at the same time. A side effect is that the dedicated HAproxy iptables rules are no longer generated. Update the docker_config step to fix the creation of iptables rules for HAproxy and persist them on-disk as before. Co-Authored-By: Michele Baldessari <michele@acksyn.org> Closes-Bug: 1697387 Change-Id: Ib5a083ba3299a82645f1a0f9da0d482c6b89ee23
2017-06-12Merge "Don't mount all of config-data /etc, /etc/httpd"Jenkins19-21/+46
2017-06-12Execute Swift ring up-/download in containerized environmentsChristian Schwede1-2/+13
This patch ensures that Swift rings are downloaded from the undercloud before a rebalance and uploaded afterwards. Depends-On: I51c5795b9893d797bd73e059910f17a98f04cdbe Change-Id: Ief012fed628957e4da63ff3314c4cf01d58b6b16
2017-06-11Merge "Containerized collectd"Jenkins1-0/+94
2017-06-12Don't mount all of config-data /etc, /etc/httpdSteve Baker19-21/+46
This change modifies these mounts to be more specific mounts based on the files which puppet actually modifies. The result is something a bit more self-documenting, and allows for trying other techniques for populating /etc other than directly mounting config-data directories. Change-Id: Ied1eab99d43afcd34c00af25b7e36e7e55ff88e6
2017-06-09Remove duplicate docker/puppet services.yamlSteven Hardy1-105/+0
Move to one common services.yaml not only reduces the duplication, but it should improve performance for the docker/services.yaml case, because we were creating two ResourceChains with $many services which we know can be really slow (especially since we seem to be missing concurrent: true on one) Change-Id: I76f188438bfc6449b152c2861d99738e6eb3c61b
2017-06-09Merge "Make container names consistent"Jenkins18-41/+41
2017-06-09Merge "Containerize Tacker Services"Jenkins1-0/+134
2017-06-09Merge "Containerize Congress API service"Jenkins1-0/+135
2017-06-09Make container names consistentMartin André18-41/+41
This commit change the container names to consistently use the `_` char as a word separator and make the kolla external config file match the container name to make operators' life easier. Change-Id: Ibac9d76dde474b94c3cb86031ead0fd0327e126f
2017-06-09Merge "Modify libvirtd container command line when TLS is enabled"Jenkins1-1/+25
2017-06-09Merge "Run the nova-compute container as the nova user"Jenkins1-1/+1
2017-06-08Merge "Containerize Horizon"Jenkins1-0/+128
2017-06-08Run the nova-compute container as the nova userOliver Walsh1-1/+1
Change-Id: Ie6469d2fd2119952669f5c9fdaa41fb273185973 Depends-On: I91be1f1eacf8eed9017bbfef393ee2d66771e8d6 Closes-bug: #1693844
2017-06-08Containerized collectdMatthias Runge1-0/+94
Change-Id: I05126a108f5ab790e729d1f98399dca5801ebd69
2017-06-08Containerize Cinder-volume for HADamien Ciabrini1-0/+170
This service allows configuring and deploying cinder-volume containers in a HA overcloud managed by pacemaker. The containers are managed and run by pacemaker. Pacemaker runs the standard Kolla image but overrides the initial command so that it explicitely calls cinder-volume. This way, we shield ourselves from any unexpected future change in Kolla. This container needs to use the 'docker_config' section to invoke puppet (as opposed to 'docker_puppet_tasks'), because due to the HA composability each resource creation needs to happen on the bootstrap node of that service and 'docker_puppet_tasks' will only run on the controller/primary role. Co-Authored-By: Michele Baldessari <michele@acksyn.org> Partial-Bug: #1668920 Depends-On: I95ad4dd89b47396bea672813d87de35e64c04b2d Change-Id: Ib6396219c3d9484c533f6f9995d565091a197bbb
2017-06-08Containerize Cinder-backup for HADamien Ciabrini1-0/+152
This service allows configuring and deploying cinder-backup containers in a HA overcloud managed by pacemaker. The containers are managed and run by pacemaker. Pacemaker runs the standard Kolla image but overrides the initial command so that it explicitely calls cinder-backup. This way, we shield ourselves from any unexpected future change in Kolla. This container needs to use the 'docker_config' section to invoke puppet (as opposed to 'docker_puppet_tasks'), because due to the HA composability each resource creation needs to happen on the bootstrap node of that service and 'docker_puppet_tasks' will only run on the controller/primary role. Co-Authored-By: Michele Baldessari <michele@acksyn.org> Partial-Bug: #1668920 Depends-On: If53495ff75d4832cc6be80dc0dc9bd540ab6583b Change-Id: Ieec823e10667592bd775bb2642f0c3790a83e85f
2017-06-08Containerized Sensu clientMartin Mágr1-0/+131
Implements: blueprint container-healthchecks Depends-On: I9ccf1c4c948e6e347eb8e4d947edf77822a601cb Change-Id: Iff7758623974a69e2c043cf611f46ce11c36cc59
2017-06-08Containerize Tacker ServicesPradeep Kilambi1-0/+134
Closes-bug: #1668935 Change-Id: I83a02735eb445e831bc74ec786f2bb42cd2f87d6
2017-06-08Containerize Congress API servicePradeep Kilambi1-0/+135
Closes-bug: #1668929 Change-Id: I051edcf2980bb9c2521e21c410055690c012a0d1
2017-06-08Fix containerized SwiftRawDisks usageChristian Schwede1-1/+22
This patch partitions the defined devices and mounts them on the hostnode. It also disables the mount_check inside Swift because it is currently not possible to detect wether a given directory is a mounted device or not. This is just a workaround until a better solution has been implemented in Swift itself. Change-Id: I6e8e1328d7ffb18bb96ed1a940013dbb8b6b433e
2017-06-08Merge "Mount /var/run/libvirt on ceilo agent compute"Jenkins1-0/+1
2017-06-08Modify libvirtd container command line when TLS is enabledOliver Walsh1-1/+25
Libvirtd needs the --listen arg to enable the TLS socket. Change-Id: I535165f0a2634728045491b2a37a56b1891b13fe Resolves-Bug: #1694958
2017-06-07Mount /var/run/libvirt on ceilo agent computePradeep Kilambi1-0/+1
Without this evidently agent logs IO errors. Change-Id: I3031212c582381ae6b6147a48101bf83a05caa8a
2017-06-07Add host logging for redis service templateSteven Hardy1-3/+14
This got missed in the patch which added host logging for most other services. Change-Id: I0be8a5bce6558ebaf5b4830138d1f6c31aec6394
2017-06-07Containerize Manila API serviceVictoria Martinez de la Cruz1-0/+112
Co-Authored-By: Martin André <m.andre@redhat.com> Partial-Bug: #1668922 Change-Id: I0c98f26b19caf755bbc80bd6a75fc17b5d191ae4
2017-06-07Merge "Map /etc/ssh/ssh_known_hosts to all containers"Jenkins1-0/+1
2017-06-07Merge "Stop/disable l3 agent in docker service upgrade_tasks"Jenkins1-0/+5
2017-06-07Map /etc/ssh/ssh_known_hosts to all containersOliver Walsh1-0/+1
This allows any ssh client spawned from a container to validate ssh host key. Change-Id: I86d95848e5f049e8af98107cd7027098d6cdee7c Closes-bug: #1693841
2017-06-07Stop/disable l3 agent in docker service upgrade_tasksSteven Hardy1-0/+5
This service is missing the task to stop/disable the service on the host prior to it being started in a container. Change-Id: I33d70d32c3b55e1f2738441f57c74b007e7bd766 Closes-Bug: #1695017
2017-06-07Merge "Fix upgrade tasks to use correct service name"Jenkins2-2/+2
2017-06-06Merge "Containerize HAProxy for the non-ha case"Jenkins1-0/+111
2017-06-06Fix upgrade tasks to use correct service namePradeep Kilambi2-2/+2
Change-Id: I149ca7cdd939ed7c1767a416bb9569ada163e820 Closes-bug: #1696089
2017-06-06Containerize HAProxy for the non-ha caseDamien Ciabrini1-0/+111
This change implements an initial container for haproxy in the non-HA case (aka when the container is not spawn by pacemaker). We tested this using a stock kolla haproxy container image and we were able to get haproxy running on a container with net=host correctly. Change-Id: I90253412a5e2cd8e56e74cce3548064c06d022b1 Co-Authored-By: Michele Baldessari <michele@acksyn.org> Depends-on: I51c482b70731f15fee4025bbce14e46a49a49938 Closes-Bug: #1668936
2017-06-04Merge "Containerize Redis for HA"Jenkins1-0/+140
2017-06-04Containerize Redis for HADamien1-0/+140
This service allows configuring and deploying Redis containers in a HA overcloud managed by pacemaker. The containers are managed and run by pacemaker. Inside there is pacemaker_remote which will invoke the resource agent managing galera. The resources themselves are created via puppet-pacemaker inside a short-lived container used for this purpose (mysql_init_bundle). This container needs to use the 'docker_config' section to invoke puppet (as opposed to 'docker_puppet_tasks'), because due to the HA composability each resource creation needs to happen on the bootstrap node of that service and 'docker_puppet_tasks' will only run on the controller/primary role. Co-Authored-By: Michele Baldessari <michele@acksyn.org> Closes-Bug: #1692924 Depends-On: Ia1131611d15670190b7b6654f72e6290bf7f8b9e Change-Id: Ie045954fcc86ef2b3e4562b6f012853177f03948
2017-06-03Merge "Containerize clustercheck galera monitor for HA deployments"Jenkins1-0/+103
2017-06-03Merge "Containerize HAProxy for HA"Jenkins1-0/+116
2017-06-03Merge "Containerize RabbitMQ for HA"Jenkins1-0/+159
2017-06-03Merge "Containerize MySQL for HA"Jenkins1-0/+180
2017-05-31Merge "Containerized nova-compute working with Deployed Server"Jenkins1-0/+21
2017-05-30Merge "docker bootstrap service commands"Jenkins11-28/+36
2017-05-29Containerized nova-compute working with Deployed ServerJiri Stransky1-0/+21
When using the Deployed Server feature, we rely on Puppet to install packages. But nova-compute/libvirt puppet is running in a container, so it cannot install anything on the host. We rely on virtlogd on the host, so we need to install it there some way. This patch uses host_prep_tasks for that, conditionally based on the EnablePackageInstall stack parameter value. Also multinode-container-upgrade.yaml env is copied as multinode-containers.yaml, to remove the naming confusion, as the environment file can be used for more than just upgrades. The old env file will be removed once we make the upgrade job use the new one (catch 22 type of issue). Change-Id: Ia9b3071daa15bc30792110e5f34cd859cc205fb8
2017-05-24Containerize RabbitMQ for HADan Prince1-0/+159
This service allows configuring and deploying RabbitMQ containers in a HA overcloud managed by pacemaker. The containers are managed and run by pacemaker. Inside there is pacemaker_remote which will invoke the resource agent managing galera. The resources themselves are created via puppet-pacemaker inside a short-lived container used for this purpose (mysql_init_bundle). This container needs to use the 'docker_config' section to invoke puppet (as opposed to 'docker_puppet_tasks'), because due to the HA composability each resource creation needs to happen on the bootstrap node of that service and 'docker_puppet_tasks' will only run on the controller/primary role. Co-Authored-By: Michele Baldessari <michele@acksyn.org> Co-Authored-By: John Eckersberg <jeckersb@redhat.com> Closes-Bug: #1692909 Depends-On: I0722e4a4d4716f477e8304cfa1aadd3eef7c2f31 Change-Id: I942737134385af775cade40c2d69516d4fe31a99
2017-05-24Containerize MySQL for HADamien Ciabrini1-0/+180
This service allows configuring and deploying MySQL/galera containers in a HA overcloud managed by pacemaker. The containers are managed and run by pacemaker. Inside there is pacemaker_remote which will invoke the resource agent managing galera. The resources themselves are created via puppet-pacemaker inside a short-lived container used for this purpose (mysql_init_bundle). This container needs to use the 'docker_config' section to invoke puppet (as opposed to 'docker_puppet_tasks'), because due to the HA composability each resource creation needs to happen on the bootstrap node of that service and 'docker_puppet_tasks' will only run on the controller/primary role. Co-Authored-By: Michele Baldessari <michele@acksyn.org> Closes-Bug: #1692842 Depends-On: I3b4d8ad2eec70080419882d5d822f78ebd3721ae Change-Id: I790dbc30b3de1c1a3fe76d3d8f060e4d7f95e2e7