Age | Commit message (Collapse) | Author | Files | Lines |
|
This configures iscsid so that it runs as a container on
relevant roles (undercloud, controller, compute, and volume).
When the iscsid docker service is provision it will also run
an ansible snippet that disables the iscsid.socket on the host
OS thus disabling the hosts systemd from auto-starting iscsid
as it normally does.
Co-Authored-By: Jon Bernard <jobernar@redhat.com>
Change-Id: I2ea741ad978f166e199d47ed1b52369e9b031f1f
|
|
The containerized HAproxy service can only specify steps to be run in
containers, i.e. it cannot runs the regular puppet steps on bare metal
at the same time. A side effect is that the dedicated HAproxy iptables
rules are no longer generated.
Update the docker_config step to fix the creation of iptables rules
for HAproxy and persist them on-disk as before.
Co-Authored-By: Michele Baldessari <michele@acksyn.org>
Closes-Bug: 1697387
Change-Id: Ib5a083ba3299a82645f1a0f9da0d482c6b89ee23
|
|
|
|
This patch ensures that Swift rings are downloaded from the undercloud
before a rebalance and uploaded afterwards.
Depends-On: I51c5795b9893d797bd73e059910f17a98f04cdbe
Change-Id: Ief012fed628957e4da63ff3314c4cf01d58b6b16
|
|
|
|
This change modifies these mounts to be more specific mounts based on
the files which puppet actually modifies.
The result is something a bit more self-documenting, and allows for
trying other techniques for populating /etc other than directly mounting
config-data directories.
Change-Id: Ied1eab99d43afcd34c00af25b7e36e7e55ff88e6
|
|
We now have python-paunch-1.1.1 [1] in the overcloud images so we do not
need to pip install it any longer.
[1] https://trunk.rdoproject.org/centos7-master-head/current/python-paunch-1.1.1-0.20170602043913.c8e22e5.el7.centos.noarch.rpm
Change-Id: I1ede514a8aee7ac217fa75843e67fb6542e06f99
|
|
Move to one common services.yaml not only reduces the duplication, but it
should improve performance for the docker/services.yaml case, because we were
creating two ResourceChains with $many services which we know can be really
slow (especially since we seem to be missing concurrent: true on one)
Change-Id: I76f188438bfc6449b152c2861d99738e6eb3c61b
|
|
|
|
|
|
|
|
|
|
This commit change the container names to consistently use the `_` char
as a word separator and make the kolla external config file match the
container name to make operators' life easier.
Change-Id: Ibac9d76dde474b94c3cb86031ead0fd0327e126f
|
|
|
|
|
|
I was getting empty volumes from the json and it was creating bad
docker command lines.
Change-Id: Ie90fc1afa5711d6b029e98d621507b9cb70c1dbe
|
|
|
|
Change-Id: Ie6469d2fd2119952669f5c9fdaa41fb273185973
Depends-On: I91be1f1eacf8eed9017bbfef393ee2d66771e8d6
Closes-bug: #1693844
|
|
Change-Id: I05126a108f5ab790e729d1f98399dca5801ebd69
|
|
The configuration generated by docker-puppet may change on update,
so checksum the combined files from the config-data directories,
to enable detecting those that have changed and restarting the
appropriate containers - we need to merge this checksum into
the environment passed to the containters, as this will cause
paunch to correctly restart containers when the configuration
generated changes, even if the rest of the json definition
provided by heat does not.
Change-Id: I40d9080cf3ad708ef4ed91e46d2b2ae1138bb9c3
|
|
This service allows configuring and deploying cinder-volume
containers in a HA overcloud managed by pacemaker.
The containers are managed and run by pacemaker. Pacemaker runs the
standard Kolla image but overrides the initial command so that
it explicitely calls cinder-volume. This way, we shield ourselves
from any unexpected future change in Kolla.
This container needs to use the 'docker_config' section to invoke
puppet (as opposed to 'docker_puppet_tasks'), because due to the HA
composability each resource creation needs to happen on the bootstrap
node of that service and 'docker_puppet_tasks' will only run on the
controller/primary role.
Co-Authored-By: Michele Baldessari <michele@acksyn.org>
Partial-Bug: #1668920
Depends-On: I95ad4dd89b47396bea672813d87de35e64c04b2d
Change-Id: Ib6396219c3d9484c533f6f9995d565091a197bbb
|
|
Implements: blueprint container-healthchecks
Depends-On: I9ccf1c4c948e6e347eb8e4d947edf77822a601cb
Change-Id: Iff7758623974a69e2c043cf611f46ce11c36cc59
|
|
Closes-bug: #1668935
Change-Id: I83a02735eb445e831bc74ec786f2bb42cd2f87d6
|
|
Closes-bug: #1668929
Change-Id: I051edcf2980bb9c2521e21c410055690c012a0d1
|
|
This patch partitions the defined devices and mounts them on the
hostnode.
It also disables the mount_check inside Swift because it is currently
not possible to detect wether a given directory is a mounted device or
not. This is just a workaround until a better solution has been
implemented in Swift itself.
Change-Id: I6e8e1328d7ffb18bb96ed1a940013dbb8b6b433e
|
|
|
|
Libvirtd needs the --listen arg to enable the TLS socket.
Change-Id: I535165f0a2634728045491b2a37a56b1891b13fe
Resolves-Bug: #1694958
|
|
Without this evidently agent logs IO errors.
Change-Id: I3031212c582381ae6b6147a48101bf83a05caa8a
|
|
This got missed in the patch which added host logging for most
other services.
Change-Id: I0be8a5bce6558ebaf5b4830138d1f6c31aec6394
|
|
Co-Authored-By: Martin André <m.andre@redhat.com>
Partial-Bug: #1668922
Change-Id: I0c98f26b19caf755bbc80bd6a75fc17b5d191ae4
|
|
|
|
|
|
|
|
|
|
This allows any ssh client spawned from a container to validate ssh host key.
Change-Id: I86d95848e5f049e8af98107cd7027098d6cdee7c
Closes-bug: #1693841
|
|
Works around the issue encountered in 1696283.
Change-Id: I1947d9d1e3cabc5dfe25ee1af994d684425bdbf7
Resolves-Bug: #1696283
|
|
This service is missing the task to stop/disable the service on
the host prior to it being started in a container.
Change-Id: I33d70d32c3b55e1f2738441f57c74b007e7bd766
Closes-Bug: #1695017
|
|
|
|
|
|
Change-Id: I149ca7cdd939ed7c1767a416bb9569ada163e820
Closes-bug: #1696089
|
|
Replace the multiple SoftwareDeployment resources with a common
playbook that runs on all roles, consuming the configuration data
written via the HostPrepAnsible tasks.
This hopefully simplifies things, and will enable re-running the
deploy steps for minor updates (we'll need some way to detect
a container should be replaced, but that will be done via a
follow-up patch).
Change-Id: I674a4d9d2c77d1f6fbdb0996f6c9321848e32662
|
|
This change implements an initial container for haproxy in the non-HA
case (aka when the container is not spawn by pacemaker).
We tested this using a stock kolla haproxy container image and we were
able to get haproxy running on a container with net=host correctly.
Change-Id: I90253412a5e2cd8e56e74cce3548064c06d022b1
Co-Authored-By: Michele Baldessari <michele@acksyn.org>
Depends-on: I51c482b70731f15fee4025bbce14e46a49a49938
Closes-Bug: #1668936
|
|
|
|
This service allows configuring and deploying Redis containers
in a HA overcloud managed by pacemaker.
The containers are managed and run by pacemaker. Inside there is
pacemaker_remote which will invoke the resource agent managing galera.
The resources themselves are created via puppet-pacemaker inside a
short-lived container used for this purpose (mysql_init_bundle).
This container needs to use the 'docker_config' section to invoke
puppet (as opposed to 'docker_puppet_tasks'), because due to the HA
composability each resource creation needs to happen on the bootstrap
node of that service and 'docker_puppet_tasks' will only run on the
controller/primary role.
Co-Authored-By: Michele Baldessari <michele@acksyn.org>
Closes-Bug: #1692924
Depends-On: Ia1131611d15670190b7b6654f72e6290bf7f8b9e
Change-Id: Ie045954fcc86ef2b3e4562b6f012853177f03948
|
|
|
|
|
|
|
|
|
|
|
|
|