summaryrefslogtreecommitdiffstats
path: root/environments
AgeCommit message (Collapse)AuthorFilesLines
2017-08-18Merge "Add support for installing Ceph MDS via ceph-ansible"Jenkins1-0/+2
2017-08-18Merge "Remove iscsid from TLS everywhere docker environment"Jenkins1-1/+0
2017-08-17Merge "Enable TLS for containerized MySQL"Jenkins1-0/+1
2017-08-17Merge "Enable TLS for containerized haproxy"Jenkins1-0/+1
2017-08-17Remove iscsid from TLS everywhere docker environmentJuan Antonio Osorio Robles1-1/+0
Since nova-compute is not containerized with TLS yet, using containerized iscsid causes errors when trying to spawn a VM with a volume. Since the path is different in this case. I will re-add iscsid to this environment once nova-compute is containerized with TLS. bp tls-via-certmonger-containers Change-Id: Ida87b187e56ae852c5a4ef6f78cc04a0870fe3f4
2017-08-17Merge "Delete docker-centos-tripleoupstream.yaml"Jenkins1-124/+0
2017-08-16Add support for installing Ceph MDS via ceph-ansibleJohn Fulton1-0/+2
Based on puppet/services/ceph-mds.yaml. Nodes in the CephMds role will already be in the Ansible inventory but this change provides a way pass their parameters to ceph-ansible. Co-Authored-By: Giulio Fidente <gfidente@redhat.com> Change-Id: Ia3ef9e9a2b159dacea01e38762145ff2bcc7ba27
2017-08-16Merge "Consolidate deployment in major-upgrade-composable-steps"Jenkins1-1/+1
2017-08-15Merge "Make network-isolation-v6 environment rendered for all roles"Jenkins4-57/+66
2017-08-15Delete docker-centos-tripleoupstream.yamlSteve Baker1-124/+0
This file is generated and needs to be manually maintained. It would be better for users who want to deploy latest directly from docker hub to generate it locally by running: openstack overcloud container image prepare \ --namespace tripleoupstream \ --tag latest \ --env-file docker-centos-tripleoupstream.yaml The documentation and CI are being updated to use prepare. Change-Id: I86503f1076459ae9d84a34e649a6097cba10fa3c Closes-Bug: #1696598
2017-08-14Merge "Make containerized nova-api run with httpd"Jenkins1-6/+5
2017-08-14Enable TLS for containerized MySQLJuan Antonio Osorio Robles1-0/+1
Bind mounts and adds the appropriate permissions for the cert and key that's used for TLS. bp tls-via-certmonger-containers Change-Id: I7fae4083604c7dc89ca04141080a228ebfc44ac9
2017-08-14Enable TLS for containerized haproxyJuan Antonio Osorio Robles1-0/+1
This bind mounts the certificates if TLS is enabled in the internal network. It also disables the CRL usage since we can't restart haproxy at the rate that the CRL is updated. This will be addressed later and is a known limitation of using containerized haproxy (there's the same issue in the HA scenario). To address the different UID that the certs and keys will have, I added an extra step that changes the ownership of these files; though this only gets included if TLS in the internal network is enabled. bp tls-via-certmonger-containers Depends-On: I2078da7757ff3af1d05d36315fcebd54bb4ca3ec Change-Id: Ic6ca88ee7b6b256ae6182e60e07498a8a793d66a
2017-08-14Consolidate deployment in major-upgrade-composable-stepsJose Luis Franco Arza1-1/+1
After 483293 commit is merged, major-upgrade-composable-steps.yaml file is pointing to the wrong location deployment, which is now under common/ folder. Change-Id: Ic6784533d1c21b5b8fcb422bccd820af72e499d9
2017-08-12Merge "Consolidate puppet/docker deployments with one deploy steps workflow"Jenkins5-12/+3
2017-08-12Merge "Convert compute-role.yaml to role.role.j2.yaml"Jenkins1-1/+1
2017-08-11Merge "openstack-heat-templates: fix deprecation path"Jenkins1-1/+1
2017-08-11Consolidate puppet/docker deployments with one deploy steps workflowSteven Hardy5-12/+3
If we consolidate these we can focus on one implementation (the new ansible based one used for docker-steps) Change-Id: Iec0ad2278d62040bf03613fc9556b199c6a80546 Depends-On: Ifa2afa915e0fee368fb2506c02de75bf5efe82d5
2017-08-11Convert compute-role.yaml to role.role.j2.yamlSteven Hardy1-1/+1
Add some special-casing for backwards compatibility, such that the Compute role can be rendered via j2 for support of composable networks. Change-Id: Ieee446583f77bb9423609d444c576788cf930121 Partially-Implements: blueprint composable-networks
2017-08-11Make containerized nova-api run with httpdJuan Antonio Osorio Robles1-6/+5
The non-containerized version will run over httpd [1], and for the containerized TLS work, it is needed in the container version as well. [1] Iac35b7ddcd8a800901548c75ca8d5083ad17e4d3 bp tls-via-certmonger-containers Depends-On: I1c5f13039414f17312f91a5e0fd02019aa08e00e Change-Id: I2c39a2957fd95dd261b5b8c4df5e66e00a68d2f7
2017-08-10Merge "Noop controller pre and post config resources."Jenkins1-0/+2
2017-08-10Merge "Docker/TLS everywhere: Add telemetry and neutron services to environment"Jenkins1-4/+9
2017-08-09Merge "Addition of Nuage as mechanism driver for ML2"Jenkins2-7/+22
2017-08-09Make network-isolation-v6 environment rendered for all rolesMichele Baldessari4-57/+66
In change If3989f24f077738845d2edbee405bd9198e7b7db we moved to jinja2 templating to render the networks. This change aims at doing so for the IPv6 network isolation environment. Change-Id: Ieebcff3db3f5756a5d23080ea3d09ce78de69e21
2017-08-08Docker/TLS everywhere: Add telemetry and neutron services to environmentJuan Antonio Osorio Robles1-4/+9
some resources were missing, so this syncs up what's working right now. bp tls-via-certmonger-containers Change-Id: Ic8fe20d0240f1ad8f18218d66634029d522d4d5a
2017-08-04Merge "Copy scheduler configuration from service/ironic to ↵Jenkins1-0/+2
services-docker/ironic"
2017-08-04Merge "Adds environment file for ODL + SRIOV"Jenkins1-0/+28
2017-08-03Merge "Add environment for setting a custom domain name"Jenkins1-0/+35
2017-08-03Addition of Nuage as mechanism driver for ML2lokesh-jain2-7/+22
Adding composable services for Nuage mechanism driver for ML2. This is separate from Nuage as the core plugin and intentional duplication of Nuage under puppet services. Parameters required for working of Nuage as mechanism driver are also added. Change-Id: I2b564610721152c4f4dab9da79442256ba8d0b33
2017-08-03Merge "Update TLS-everywhere docker environment"Jenkins1-2/+5
2017-08-02Merge "Fix ceilometer agent compute service name"Jenkins1-1/+1
2017-08-02openstack-heat-templates: fix deprecation pathSébastien Han1-1/+1
The right file is external-ceph.yaml, not ceph-external.yaml. Change-Id: If21a4f183305f82916e1ef2aadb0706e7dab4657 Signed-off-by: Sébastien Han <seb@redhat.com>
2017-08-02Merge "Fix network-isolation.j2.yaml to ignore VIPs for disabled networks"Jenkins1-1/+1
2017-08-01Fix ceilometer agent compute service namePradeep Kilambi1-1/+1
Make sure this matches whats in roles_data.yaml Change-Id: Id41c457914f557af7c9ec195c4c6f98669523ac1
2017-08-01Merge "Generate MySQL client config if service requires database"Jenkins1-1/+0
2017-08-01Update TLS-everywhere docker environmentJuan Antonio Osorio Robles1-2/+5
Some resources have changed. So the environment needed syncing Change-Id: I9aa310ae80edfccd3ed28e67a431aad6e1ed8a7f
2017-07-31Merge "Fix creation of iptables rules for non-HA containerized HAproxy"Jenkins1-0/+1
2017-07-31Merge "Add 'ovn-controller' service"Jenkins3-9/+12
2017-07-31Copy scheduler configuration from service/ironic to services-docker/ironicDmitry Tantsur1-0/+2
That was missed back then. Without it bug 1697724 is not fixed for containers. Change-Id: Ie859f10129cbdeebd9ea4522510768cec99a1df3 Related-Bug: #1697724
2017-07-29Merge "add lbaasv2 to NeutronServicePlugins in octavia containers"Jenkins1-0/+5
2017-07-28Merge "Consistent hostname format env for split-stack"Jenkins3-15/+5
2017-07-27Add 'ovn-controller' serviceNuman Siddique3-9/+12
Presently the ovn-controller service (puppet/services/neutron-compute-plugin-ovn.yaml) is started only on compute nodes. But for the cases where the controller nodes provide the north/south traffic, we need ovn-controller service runninng in controller nodes as well. This patch - Renames the neutron-compute-plugin-ovn.yaml to ovn-controller.yaml which makes more sense and sets the service name as 'ovn-controller'. - Adds the service 'ovn-controller' to Controller and Compute roles. - Adds the missing 'upgrade_tasks' section in ovn-dbs.yaml and ovn-controller.yaml Depends-On: Ie3f09dc70a582f3d14de093043e232820f837bc3 Depends-On: Ide11569d81f5f28bafccc168b624be505174fc53 Change-Id: Ib7747406213d18fd65b86820c1f86ee7c39f7cf5
2017-07-27Generate MySQL client config if service requires databaseDamien Ciabrini1-1/+0
Services that access database have to read an extra MySQL configuration file /etc/my.cnf.d/tripleo.cnf which holds client-only settings, like client bind address and SSL configuration. The configuration file is thus used by containerized services, but also by non-containerized services that still run on the host. In order to generate that client configuration file appropriately both on the host and for containers, 1) the MySQLClient service must be included by the role; 2) every containerized service which uses the database must include the mysql::client profile in the docker-puppet config generation step. By including the mysql::client profile in each containerized service, we ensure that any change in configuration file will be reflected in the service's /var/lib/config-data/{service}, and that paunch will restart the service's container automatically. We now only rely on MySQLClient from puppet/services, to make it possible to generate /etc/my.cnf.d/tripleo.cnf on the host, and to set the hiera keys that drive the generation of that config file in containers via docker-puppet. We include a new YAML validation step to ensure that any service which depends on MySQL will initialize the mysql::client profile during the docker-puppet step. Change-Id: I0dab1dc9caef1e749f1c42cfefeba179caebc8d7
2017-07-27Add environment for setting a custom domain nameBen Nemec1-0/+35
Just setting CloudDomain won't make the domains used consistent. There are a number of CloudName parameters that must be set as well. This change adds a sample environment that includes all of those parameters so it is easy to set everything consistently. Also fixes the description of CloudNameCtlplane to reflect the actual use for that parameter. Change-Id: I56d1c1c5619f83c16c4e8350aa84fccc3d748425
2017-07-27Merge "Deploy Ceph in containers using ceph-ansible via external workflow"Jenkins1-0/+12
2017-07-27Merge "Adding Tuned Service"Jenkins1-0/+1
2017-07-26Merge "Fix enable-ceph sample environment"Jenkins2-0/+8
2017-07-26Deploy Ceph in containers using ceph-ansible via external workflowGiulio Fidente1-0/+12
Add docker profiles to deploy Ceph in containers via ceph-ansible. This is implemented by triggering a Mistral workflow during one of the overcloud deployment steps, as provided by [1]. Some new service-specific parameters are available to determine the workflow to execute and the ansible playbook to use. A new `CephAnsibleExtraConfig` parameter can be used to provide arbitrary config variables consumed by `ceph-ansible`. The pre-existing template params consumed up until the Pike release to drive `puppet-ceph` continue to work and are translated, when possible, into the equivalent `ceph-ansible` variable. A new environment file is added to enable use of ceph-ansible; the pre-existing puppet-ceph implementation remains unchanged and usable for non-containerized deployments. 1. https://review.openstack.org/#/c/463324/ Change-Id: I81d44a1e198c83a4ef8b109b4eb6c611555dcdc5
2017-07-26Adds environment file for ODL + SRIOVTim Rozet1-0/+28
Using the separate neutron-opendaylight and SRIOV env files do not work because sriov includes using OVS agent (which ODL does not want or need) and the default ODL env file has no Compute ML2 because it is not needed. Thus a new environment file is needed for deploying these 2 features in combination. Closes-Bug: 1696667 Change-Id: I6f7a9368aa521de928c269619278c30acda03799 Signed-off-by: Tim Rozet <trozet@redhat.com>
2017-07-26Merge "Ps Cinder: Added support for password less login"Jenkins1-0/+1