summaryrefslogtreecommitdiffstats
path: root/environments
AgeCommit message (Collapse)AuthorFilesLines
2016-03-05Allow to enable IPv6 on CorosyncEmilien Macchi1-0/+2
To enable IPv6 in Corosync, you'll need to set the --ipv6 parameter when building the cluster. To do so, we need to specify this parameter in puppet configuration when running ::pacemaker::corosync class. So we have now a new parameter: CorosyncIPv6 which is a boolean, False by default. If set to True, it will pass right options to enable IPv6 when building the Pacemaker cluster. Change-Id: I485f1399964ddd7a201ed19ec6580b8a136b3acd
2016-03-05Add IPv6 versions of the Controller NIC configsDan Sneddon6-12/+52
This change adds Controller NIC configs for the sample NIC config templates that are compatible with IPv6 on the External network. These controller-v6.yaml templates include a default route for IPv6 on the External network, and a default route for IPv4 on the Control Plane. The Heat parameters ExternalNetworkDefaultRoute and ControlPlaneDefaultRoute are used to set these values. Change-Id: Ifed8cb359eae1d9d623d3eb2fe40ea8a0d1d889a
2016-03-04Add IPv6 Support to Isolated NetworksDan Sneddon1-0/+49
This change adds a new set of network templates with IPv6 subnets that can be used instead of the existing IPv4 networks. Each network can use either the IPv4 or IPv6 template, and the Neutron subnet will be created with the specified IP version. The default addresses used for the IPv6 networks use the fd00::/8 prefix for the internal isolated networks (this range is reserved for private use similar to 10.0.0.0/8), and 2001:db8:fd00:1000::/64 is used as an example default for the External network (2001:db8::/32 are the documentation addresses [RFC3849]), but this would ordinarily be a globally addressable subnet. These parameters may be overridden in an environment file. This change will require updates to the OpenStack Puppet Modules to support IPv6 addresses in some of the hieradata values. Many of the OPM modules already have IPv6 support to support IPv6 deployments in Packstack, but some OPM packages that apply only to Instack/TripleO deployments need to be updated. IPv6 addresses used in URLs need to be surrounded by brackets in order to differentiate IP address from port number. This change adds a new output to the network/ports resources for ip_address_uri, which is an IP address with brackets in the case of IPv6, and a raw IP address without brackets for IPv4 ports. This change also updates some URLs which are constructed in Heat. This has been tested and problems were found with Puppet not accepting IPv6 addresses. This is addressed in the latest Puppet. Additional changes were required to make this work with Ceph. IPv6 tunnel endpoints with Open vSwitch are not yet supported (although support is coming soon), so this review leaves the Tenant network as an isolated IPv4 network for the time being. Change-Id: Ie7a742bdf1db533edda2998a53d28528f80ef8e2
2016-03-04Allow for usage of pre-allocated IPs for the management networkSteven Hardy1-0/+3
Id3d4f12235501ae77200430a2dc022f378dce336 added support for pre-allocated IPs on the other overlay networks, but because the patch adding the managment network (I0813a13f60a4f797be04b34258a2cffa9ea7e84f) was under review around the same time, we missed adding the from_pool capability to the ManagementNetwork. Change-Id: If99f37634d5da7e7fb7cfc31232e926bd5ff074a
2016-03-03Deploy Aodh services, replacing Ceilometer AlarmEmilien Macchi1-0/+3
Ceilometer Alarm is deprecated in Liberty by Aodh. This patch: * manage Aodh Keystone resources * deploy Aodh API under WSGI, Notifier, Listener and Evaluator * manage new parameters to customize Aodh deployment * uses ceilometer DB for the upgrade path * pacemaker config Depends-On: I9e34485285829884d9c954b804e3bdd5d6e31635 Depends-On: I891985da9248a88c6ce2df1dd186881f582605ee Depends-On: Ied8ba5985f43a5c5b3be5b35a091aef6ed86572f Co-Authored-By: Pradeep Kilambi <pkilambi@redhat.com> Change-Id: I58d419173e80d2462accf7324c987c71420fd5f6
2016-02-29Merge "OpenContrail heat templates"Jenkins1-0/+22
2016-02-29Merge "Change the default value for NetworkNexusVxlanGlobalConfig"Jenkins1-1/+1
2016-02-26Merge "Nova RPC unpinning"Jenkins1-0/+2
2016-02-26Merge "Add a sample network-environment.yaml file to environments"Jenkins1-0/+50
2016-02-25Merge "Add UpgradeLevelNovaCompute parameter"Jenkins1-0/+3
2016-02-25Merge "Introduce update/upgrade workflow"Jenkins1-2/+7
2016-02-25Merge "Add resources for major upgrade in Pacemaker scenario"Jenkins1-0/+3
2016-02-24Add a sample network-environment.yaml file to environmentsDan Sneddon1-0/+50
This change adds a sample network-environment.yaml file to the environments. This sample includes pointers to NIC config files, as well as default network subnets and allocation pools. This is meant to be a demonstration of the default settings for a virtual deployment. In a real deployment, the operator would customize the settings here and point to custom NIC config templates. Change-Id: I0288c0680effea06b5f805a0d955e8bbf6152ba6
2016-02-24Nova RPC unpinningJiri Stransky1-0/+2
During upgrades, we only run Puppet on the whole deployment to converge the state, after the upgrade workflow itself has been fully completed. That is an opportunity to utilize Puppet to make sure Nova Compute RPC doesn't remain pinned to the older version. Change-Id: I6ebc813a80dfd9dfbbb213c38724487e044507b8
2016-02-24Change the default value for NetworkNexusVxlanGlobalConfigEugene Bagdasaryan1-1/+1
This parameter leads to the nonoperational state in Nexus Vxlan topology when set to True, when VNIs created but the nve peers do not get discovered on the Nexus. It is time consuming process to debug the configuration and find out that this parameter should be changed to False. To prevent future problems for the future deployment we want to default this parameter to False. Change-Id: I685ad7d212af0d9e568acbf1ccf1607d120c195e
2016-02-24Merge "Allow vncproxy to work with ssl enabled"Jenkins1-0/+3
2016-02-23Add UpgradeLevelNovaCompute parameterJiri Stransky1-0/+3
This parameter can be used for pinning (and later unpinning) the Nova Compute RPC version. Change-Id: I2f181f3b01f0b8059566d01db0152a12bbbd1c3e
2016-02-23Introduce update/upgrade workflowJiri Stransky1-2/+7
Change-Id: I7226070aa87416e79f25625647f8e3076c9e2c9a
2016-02-23Add resources for major upgrade in Pacemaker scenarioDerek Higgins1-0/+3
Add Heat software deployments to be used to upgrade major versions of OpenStack on the controller nodes. All controller services are taken down while the upgrade is in progress. The new updated yum repositories should be configured by another process e.g. the deployment artifacts transfer via Swift. Change-Id: Ia0a04e4a11d67e7a5acc53c1f8a8f01ed5ca8675 Co-Authored-By: Giulio Fidente <gfidente@redhat.com> Co-Authored-By: Jiri Stransky <jistr@redhat.com>
2016-02-22Add extra config yaml files for big switch agents.xinwu1-0/+4
This change adds extra config yaml files for big switch agent and big switch lldp. This change is mainly for compute nodes. The changes related to controller nodes are landed at e78e1c8d9b5a7ebf327987b22091bff3ed42d1c1 This change also removes the neutron_enable_bigswitch_ml2 flag. Instead, User needs to specify NeutronMechanismDrivers: bsn_ml2 in environment file. Previous discussion about this change can be found at an abandoned review request https://review.openstack.org/#/c/271940/ Depends-On: Iefcfe698691234490504b6747ced7bb9147118de Change-Id: I81341a4b123dc4a8312a9a00f4b663c7cca63d7c
2016-02-12Minor fixes to allow local docker registry usageJeff Peeler1-1/+1
Changed the heat-docker-agents namespace to use the namespacing specified in the environment file, which reduces modifications required on the user when using a local registry. Changed the start agents script to handle using a local registry both with a namespace and without. Change-Id: I16cc96b7ecddeeda07de45f50ffc6a880dabbba6
2016-02-09Merge "Create linux bridge vlans environments"Jenkins1-0/+23
2016-01-21Merge "Add update yaml backward compatibe with PublicVirtualIP on ctlplane"Jenkins2-0/+5
2016-01-21OpenContrail heat templatesNicolas Hicher1-0/+22
Deploy a TripleO overcloud with OpenContrail Vrouter plugin configured to interact with an existing OpenContrail Server Manager. OpenContrail is an Apache 2.0-licensed project that is built using standards-based protocols and provides all the necessary components for network virtualization–SDN controller, virtual router, analytics engine, and published northbound APIs. It has an extensive REST API to configure and gather operational and analytics data from the system. Co-Authored-By: Jiri Stransky <jistr@redhat.com> Change-Id: I699a7c4ea09d024fe4d70c6a507c524f0a7aafd5
2016-01-20Create linux bridge vlans environmentsJaume Devesa1-0/+23
Define environments to create VLANs attached to a single physical nic as 'single-nic-vlans' does, but using linux_bridge instead of ovs_bridge Change-Id: I8c6fe9ec7028178f783e7d9c0a1cc67a1517eb3d
2016-01-15Allow vncproxy to work with ssl enabledBen Nemec1-0/+3
Right now our vncproxy settings are hard-coded to http and the non-ssl port. This change adds a vncproxy entry to the endpoint map and uses those values to configure the proxy correctly on compute nodes. This is sufficient to get it working in my environment with ssl enabled. Change-Id: I9d69b088eef4700959b33c7e0eb44932949d7b71
2016-01-07Merge "updating enable_ceph conditions for controller"Jenkins1-2/+3
2016-01-06Enable Dell Storage Center iscsi Backends in Cinderrajinir1-0/+17
Enables support for configuring Cinder with a Dell Storage Center iscsi storage backend. This change adds all relevant parameters for: - Dell Storage Center SC Series (iSCSI) Change-Id: I3b1a4346f494139ab123c7dc1a62f81d03c9e728
2016-01-06Merge "Enable Equallogic Backends in Cinder"Jenkins1-0/+17
2016-01-06updating enable_ceph conditions for controllerDan Radez1-2/+3
- keeping enabled based on ceph node count being greater than 0 - adding enabled if ControllerEnableCephStorage is true Intention here is to be able to run ceph without having dedicated nodes for. Enabling Ceph alternativly from the ControllerEnableCeph parameter allows ceph to be colocated on the controllers without having to run any dedicated ceph nodes. Change-Id: I71062d37226c679156380c0f4e194b51cb586bcf Signed-off-by: Dan Radez <dradez@redhat.com>
2016-01-04Network Isolation support for containerized computeRyan Hallisey3-1/+6
The template will all neutron-agents to be configured so that it can run the network isolation templates on the containerized compute node. Co-Authored-By: Dan Prince <dpince@redhat.com> Change-Id: I7837ed7ed3e807ec5c1276904893695918bef293
2015-12-29Merge "Enable TLS in loadbalancer if cert path is detected"Jenkins1-0/+32
2015-12-23Merge "Add all isolated networks to all nodes."Jenkins1-0/+11
2015-12-23Merge "Add Management Network For System Administration."Jenkins2-0/+34
2015-12-22Merge "Add sample environment file to document usage of predictable IPs"Jenkins1-0/+20
2015-12-22Merge "MidoNet heat templates"Jenkins1-0/+20
2015-12-21MidoNet heat templatesJaume Devesa1-0/+20
Deploy a TripleO overcloud with networking midonet. MidoNet is a monolithic plugin and quite changes on the puppet manifest must be done. Depends-On: I72f21036fda795b54312a7d39f04c30bbf16c41b Depends-On: I6f1ac659297b8cf6671e11ad23284f8f543568b0 Depends-On: Icea9bd96e4c80a26b9e813d383f84099c736d7bf Change-Id: I9692e2ef566ea37e0235a6059b1ae1ceeb9725ba
2015-12-18Add all isolated networks to all nodes.Dan Sneddon1-0/+11
This change allows every overcloud node to optionally participate in any of the isolated networks. The optional networks are not enabled by default, but allow additional flexibility. Since the new networks are not enabled by default, the standared deployment is unchanged. This change was originally requested for OpenDaylight support. There are several use cases for using non-standard networks. For instance, one example might be adding the Internal API network to the Ceph nodes, in order to use that network for administrative functions. Another example would be adding the Storage Management network to the compute nodes, in order to use it for backup. Without this change, any deviation from the standard set of roles that use a network is a custom change to the Heat templates, which makes upgrades much more difficult. Change-Id: Ia386c964aa0ef79e457821d8d96ebb8ac2847231
2015-12-18Add Management Network For System Administration.Dan Sneddon2-0/+34
This change adds a system management network to all overcloud nodes. The purpose of this network is for system administration, for access to infrastructure services like DNS or NTP, or for monitoring. This allows the management network to be placed on a bond for redundancy, or for the system management network to be an out-of-band network with no routing in or out. The management network might also be configured as a default route instead of the provisioning 'ctlplane' network. This change does not enable the management network by default. An environment file named network-management.yaml may be included to enable the network and ports for each role. The included NIC config templates have been updated with a block that may be uncommented when the management network is enabled. This change also contains some minor cleanup to the NIC templates, particularly the multiple nic templates. Change-Id: I0813a13f60a4f797be04b34258a2cffa9ea7e84f
2015-12-18Merge "Allow for usage of pre-allocated IPs for the controller nodes"Jenkins2-9/+36
2015-12-15Merge "Pacemaker maintenance mode for the duration of Puppet run on update"Jenkins1-0/+2
2015-12-15Add update yaml backward compatibe with PublicVirtualIP on ctlplaneGiulio Fidente2-0/+5
In previous releases, when not using network isolation, we used to create two different VIPs for the ControlVirtualIP and the PublicVirtualIP both on the ctlplane network. Later we moved into a configuration with a single VIP instead so we need a compatibility yaml for those updating from old versions which preserves both the IPs; one of the two is deleted otherwise. Also updates README.md with a short description of the use case. Change-Id: Iae08b938a255bf563d3df2fdc0748944a9868f8e
2015-12-15Add sample environment file to document usage of predictable IPsGiulio Fidente1-0/+20
This change adds a sample environment file which documents how to assign to controllers a predictable IP on each network. Change-Id: I5be21428c66c82488af8e0240c1614ac3b9b55f0
2015-12-15Allow for usage of pre-allocated IPs for the controller nodesGiulio Fidente2-9/+36
This change adds a new *_from_pool.yaml meant to return an IP from a list instead of allocating a Neutron port, useful to pick an IP from a pre-defined list and making it possible to configure, for example an external balancer in advance (or dns), with the future IPs of the controller nodes. The list of IPs is provided via parameter_defaults (in the ControllerIPs struct) using ControllerIPs param. Also some additional VipPort types are created for the *VirtualIP resources. The VIPs were previously created using the same port resource used by the nodes, but when deploying with an external balancer we want the VIP resource to be nooped instead. Change-Id: Id3d4f12235501ae77200430a2dc022f378dce336
2015-12-14Pacemaker maintenance mode for the duration of Puppet run on updateSteven Hardy1-0/+2
This enables pacemaker maintenantce mode when running Puppet on stack update. Puppet can try to restart some overcloud services, which pacemaker tries to prevent, and this can result in a failed Puppet run. At the end of the puppet run, certain pacemaker resources are restarted in an additional SoftwareDeployment to make sure that any config changes have been fully applied. This is only done on stack updates (when UpdateIdentifier is set to something), because the assumption is that on stack create services already come up with the correct config. (Change I9556085424fa3008d7f596578b58e7c33a336f75 has been squashed into this one.) Change-Id: I4d40358c511fc1f95b78a859e943082aaea17899 Co-Authored-By: Jiri Stransky <jistr@redhat.com> Co-Authored-By: James Slagle <jslagle@redhat.com>
2015-12-08Enable TLS in loadbalancer if cert path is detectedJuan Antonio Osorio Robles1-0/+32
If there is a value for the certificate path (which should only happen if the environment for enabling TLS is used) then the loadbalancer will detect it and configure it's front ends correctly. On the other hand a proper override for the example environment was given, since this will be needed because we want to pass the hosts and protocols correctly so the tripleoclient will catch it and pass it to os-cloud-config Change-Id: Ifba51495f0c99398291cfd29d10c04ec33b8fc34 Depends-On: Ie2428093b270ab8bc19fcb2130bb16a41ca0ce09
2015-12-07Change for configuring use_forwarded_for value for NuageLokesh Jain1-0/+1
Added a parameter to Nuage ExtraConfig template for setting use_forwarded_for value required by Nuage metadata agent Change-Id: I02c15311272126c5e530f118fbfb4a8f6e11a620
2015-11-30Changes for configuring NuageLokesh Jain2-0/+22
Added ExtraConfig templates and environment files for Nuage specific parameters. Modified overcloud_compute.pp and overcloud_controller.pp to conditionally include Nuage plugin and agents. Change-Id: I95510c753b0a262c73566481f9e94279970f4a4f
2015-11-26Merge "Make load balancer deployment optional via template param"Jenkins1-0/+1
2015-11-26Merge "Add net_vip_map_external to be used for an external balancer"Jenkins1-0/+13