aboutsummaryrefslogtreecommitdiffstats
path: root/environments
AgeCommit message (Collapse)AuthorFilesLines
2016-10-20Generate internal TLS hieradata for apache servicesJuan Antonio Osorio Robles1-0/+4
This adds an environment file that can be used to enable TLS in the internal endpoints via certmonger if used. This will include a nested stack that will create the hash that will be used to create the certmonger certificates. When setting up a service over apache via puppet, we used to disable explicitly ssl (which sets modd_ssl-related fields for that vhost). We now make this depend on the EnableInternalTLS flag. This has only been done for keystone, but more services will be added as the puppet code lands bp tls-via-certmonger Depends-On: I303f6cf47859284785c0cdc65284a7eb89a4e039 Change-Id: I12e794f2d4076be9505dabfe456c1ca6cfbd359c
2016-10-13Merge "Add flag for internal TLS"Jenkins1-0/+2
2016-10-13Merge "Add HAProxy TLS handled by certmonger as composable service"Jenkins3-0/+60
2016-10-10Merge "Remove unneeded *_enable_backend hiera from Manila backends"Jenkins3-3/+0
2016-10-07Add new environment for debugWes Hayutin1-0/+5
Introduce a new environment template that enables the Debug parameter. By default the value is set to "true". Change-Id: Ieac59de42ffef6afa5d8f10ef1925c32c7dc8551
2016-10-07Merge "Renames OpenDaylight to OpenDaylightApi and splits out OVS configuration"Jenkins2-2/+2
2016-10-07Remove unneeded *_enable_backend hiera from Manila backendsGiulio Fidente3-3/+0
Depends-On: I04e28a95e8d69a24cd3df109bf1802bfcbd941db Change-Id: I4ada033155e5fde0add08ec9aa8f6af7c31d53f3
2016-10-07Merge "Ceilometer Wsgi Mitaka->Newton upgrades"Jenkins1-0/+7
2016-10-07Ceilometer Wsgi Mitaka->Newton upgradesPradeep Kilambi1-0/+7
In Newton, ceilometer api is changed to run under apache wsgi instead of eventlet. This will require upgrades for mitaka deployments to switch to wsgi. Closes-Bug: 1631297 Change-Id: If9d6987cd0a8fc5d3f9de518ba422d97d5149732
2016-10-06Re-enable ManageFirewall by default.Dan Prince1-2/+0
This default setting got lots in the composable roles/services patches. Re-enable the ManageFirewall setting by default per what we did in git commit 73c76b867ddc8a23a30b9a3cac4031189d4178c6. We also fix a typo in neutron-api.yaml so that the firewall rules matches to service_name. (otherwise it won't get loaded). Also, drops the environments/manage-firewall.yaml which is no longer needed if we enable firewall management by default. Change-Id: Ie198e4efd190131d0722085b10ef77da9005bc1b Closes-bug: 1629934
2016-10-06Merge "Set proper ceph config path for manila"Jenkins1-1/+1
2016-10-05Set proper ceph config path for manilaTom Barron1-1/+1
When deploying manila with cephfs backend, /etc/manila/manila.conf should define cephfs_conf_path = /etc/ceph/ceph.conf in the cephfs native backend since this is the conventional path that ceph operators expect and since we document that path upstream. Change-Id: I4abf5c33b675b1102413a84d64f4ce23b07b4485 Closes-Bug: 1630777
2016-10-05Merge "Adds Environment File for Removing Sahara during M/N upgrade"Jenkins2-0/+10
2016-10-05Renames OpenDaylight to OpenDaylightApi and splits out OVS configurationTim Rozet2-2/+2
This patch modifies the service name to be more appropriately called "OpenDaylightApi" along side the "OpenDaylightOvs" service used to configure OpenVSwitch. It also splits out the OVS configuration for controller nodes into the composable OpenDaylightOvs service. Related-Bug: #1629408 Change-Id: I15221401acdfb2a9ef81107b54a8005348f8372f Signed-off-by: Tim Rozet <trozet@redhat.com>
2016-10-05Merge "Fixing resources path in OpenDaylight"Jenkins2-4/+4
2016-10-05Adds Environment File for Removing Sahara during M/N upgrademarios2-0/+10
The default path if the operator does nothing is to keep the sahara services on mitaka to newton upgrades. If the operator wishes to remove sahara services then they need to specify the provided major-upgrade-remove-sahara.yaml environment file in the stack upgrade commands. The existing migration to ha arch already removes the constraints and pcs resource for sahara api/engine so we just need to stop it from starting again if we want to remove it. This adds a KeepSaharaServiceOnUpgrade parameter to determine if Sahara is disabled from starting up after the controllers are upgraded (defaults true). Finally it is worth noting that we default the sahara services as 'on' during converge here in the resource_registry of the converge environment file; any subsequent stack updates where the deployment contains sahara services will need to include the -e /environments/services/sahara.yaml environment file. Related-Bug: 1630247 Change-Id: I59536cae3260e3df52589289b4f63e9ea0129407
2016-10-04Merge "Use netapp_host_type instead of netapp_eseries_host_type"Jenkins1-1/+1
2016-10-03Merge "Fixed NoneType issue when monitoring-environment.yaml"Jenkins1-1/+1
2016-09-30Fixed NoneType issue when monitoring-environment.yamlJuan Badia Payno1-1/+1
When you tried to use the environemnt/monitoring-environment.yaml as a part of the deployment on the overcloud you hit the following error and it stops the deploy of the overcloud. *** Deploying templates in the directory /home/stack/tripleo-heat-templates 'NoneType' object does not support item assignment *** Closes-Bug: #1629323 Change-Id: I8cf2e7d8f3a4e79cc71a1566ec17d0a977c38d60 Signed-off-by: Juan Badia Payno <jbadiapa@redhat.com>
2016-09-30Fixed NoneType issue when logging-environment.yaml is usedJuan Badia Payno1-1/+1
When you tried to use the environemnt/logging-environemnt.yaml as a part of the deployment on the overcloud you hit the following error and it stops the deploy of the overcloud. *** Deploying templates in the directory /home/stack/tripleo-heat-templates 'NoneType' object does not support item assignment *** Closes-Bug: #1629315 Change-Id: I55e5c7f20ddf30f3e48247b734f6fa47f5de3750 Signed-off-by: Juan Badia Payno <jbadiapa@redhat.com>
2016-09-30Add flag for internal TLSJuan Antonio Osorio Robles1-0/+2
This sets up a flag that tells the profiles to use TLS (this will happen in the internal network). bp tls-via-certmonger Change-Id: If47febb5b38b1c65f60f9de87a34cb31936a7c0d
2016-09-29Add HAProxy TLS handled by certmonger as composable serviceJuan Antonio Osorio Robles3-0/+60
This adds some basic pieces to get certmonger to manage the certificates for HAProxy. The aim is to be flexible enough that we will be able to manage both public and internal certificates. This also adds a relevant environment to get the endpoints to have TLS everywhere. bp tls-via-certmonger Depends-On: I89001ae32f46c9682aecc118753ef6cd647baa62 Change-Id: Ife5f8c2f07233295bc15b4c605acf3d9bd62f162
2016-09-29Use netapp_host_type instead of netapp_eseries_host_typeGiulio Fidente1-1/+1
This patch deprecates netapp_eseries_host_type in favor of netapp_host_type. Change-Id: I113c770ca2e4dc54526d4262bacae48e223c54f4 Closes-Bug: 1579161
2016-09-27Merge "Add metricd workers support in gnocchi"Jenkins1-0/+1
2016-09-27Merge "Activate StorageMgmtPort on computes in HCI environment"Jenkins1-5/+4
2016-09-27Merge "Add integration with Manila CephFS Native driver"Jenkins1-0/+18
2016-09-26Add metricd workers support in gnocchiCarlos Camacho1-0/+1
Depending on the environment, gnocchi workers uses several controller resources RAM/CPU, this option makes it configurable. Also, configured to 1 in environments/low-memory-usage.yaml which will reduce the service footprint in i.e. CI Change-Id: Ia008b32151f4d8fec586cf89994ac836751b7cce Closes-bug: #1626473
2016-09-25Fixing resources path in OpenDaylightItzik Brown2-4/+4
Fixing the path to the resources: OS::TripleO::Services::OpenDaylight OS::TripleO::Services::OpenDaylightOvs Change-Id: Ibdd2149fffe64a17ab25921c3f311a2b4b7242c7
2016-09-23Add integration with Manila CephFS Native driverErno Kuvaja1-0/+18
Enables configuring CephFS Native backend for Manila. This change is based on the usage of environments like in review https://review.openstack.org/#/c/354019 for Netapp driver. Co-Authored-By: Marios Andreou <marios@redhat.com> Change-Id: If013d796bcdfe48b2c995bcab462c89c360b7367 Depends-On: I918f6f23ae0bd3542bcfe1bf0c797d4e6aa8f4d9 Depends-On: I2b537f735b8d1be8f39e8c274be3872b193c1014
2016-09-23Activate StorageMgmtPort on computes in HCI environmentGiulio Fidente1-5/+4
Change-Id: If4d3b186d1d943ca6fad46427fb3b35699cdfc90
2016-09-22No-op Puppet for upgrades/migrations according to composable rolesJiri Stransky3-15/+3
Our previous no-ops stopped working because the Puppet run resources moved under a different entry in resource registry. This is now fixed to follow the latest way. Change-Id: Ia5598385ddca185bfbf10e2d3babb53f6f77d1ac Closes-Bug: #1626452
2016-09-21Provide for RAM-constrained environmentsJiri Stransky1-0/+14
We hit problems in environments which don't have a lot of RAM (e.g. dev envs, could be also CI) that Apache ate too much memory due to too many worker processes being spawned. This commit allows customizing the Apache MaxRequestWorkers and ServerLimit directives via Heat parameters. The default stays 256 as that's the default in the Puppet module, to be suited for production environments with powerful machines. Also low-memory-usage.yaml environment file is added, which can be used to make dev/test/CI overclouds less memory hungry, where the limits are now set to 32. Change-Id: Ibcf1d9c3326df8bb5b380066166c4ae3c4bf8d96 Co-Authored-By: Carlos Camacho <ccamacho@redhat.com> Closes-Bug: #1619205
2016-09-17Merge "Add fluentd client service"Jenkins1-0/+29
2016-09-17Merge "Add NetApp Manila driver integration and tidy up generic"Jenkins2-7/+36
2016-09-17Add fluentd client serviceLars Kellogg-Stedman1-0/+29
This implements support for installing fluentd agents as a composable service on the overcloud. Depends-On: I2e1abe4d8c8359e56ff626255ee50c9cacca1940 Implements: tripleo-opstools-centralized-logging Change-Id: I23b0e23881b742158fcfb6b8c145a3211d45086e
2016-09-16Merge "Add hyperconverged-ceph environment to include CephOSD on computes"Jenkins1-0/+12
2016-09-13Add NetApp Manila driver integration and tidy up genericmarios2-7/+36
Enables configuring a NetApp backend for the Manila service This was created based on the review at https://review.openstack.org/#/c/188138/ This makes the netapp and generic backends disabled by default in the services/manila-backend-*.yaml. A backend is then enabled via backend-specific environment files, which will set any config parameters and enable that backend. It is expected that multiple manila backend specific environment files might be specified simultaneously. Finally generic and manila config is split into separate service files rather than using manila-base for all the things. Co-Authored-By: Ryan Hefner <rhefner@redhat.com> Co-Authored-By: Ben Swartzlander <ben@swartzlander.org> Closes-Bug: 1618479 Depends-On: Ic6f8e8d27ca20b9badddea5d16550aa18bff8418 Change-Id: I35fce32d0f6a5cc1c3382c2d0e0d6028928fd943
2016-09-10Add support for deploying Ceph RGW roleKeith Schincke3-0/+11
This patch add support for deploying Ceph RGW. Co-Authored-By: Giulio Fidente <gfidente@redhat.com> Change-Id: I88c8659a36c2435834e8646c75880b0adc52e964
2016-09-08Merge "Create entries for overcloud VIPs in /etc/hosts"Jenkins1-0/+5
2016-09-07Merge "OVN heat templates"Jenkins1-0/+18
2016-09-07Create entries for overcloud VIPs in /etc/hostsJuan Antonio Osorio Robles1-0/+5
This will aid us in using FQDNs instead of IPs if DNS is not set. If the deployer already has DNS set up, they can easily disable this profile by adding the use-dns-for-vips.yaml environment file. bp tls-via-certmonger Change-Id: I8c1b3f253d0149d575171c208f9a1342a7b26450 Depends-On: I1bdb2701dfb3e7ef072e674c9882d3be5af7296c
2016-09-06Merge "Update OpenContrail loadbalancer plugin value"Jenkins1-1/+1
2016-09-06Merge "Add missing reference to ExternalPort for DVR"Jenkins1-0/+7
2016-09-06Update OpenContrail loadbalancer plugin valueEmilien Macchi1-1/+1
Update OpenContrail loadbalancer plugin value to match with Newton changes. Closes-Bug: #1620657 Change-Id: I48f1884b95e590c0588c52419ec152bd08bc3992
2016-09-06Merge "Added environment file for SR-IOV deployment"Jenkins1-0/+22
2016-09-03Merge "Set NeutronL3HA to false when deploying DVR"Jenkins1-0/+8
2016-09-01OVN heat templatesBabu Shanmugam1-0/+18
Installs and configures OVN databases and process and also configures the neutron plugin for OVN. Implements: blueprint tripleo-ovn Change-Id: Ic3e415bb0587dd85b71f6c14a96f6b2c86a7b30f
2016-09-01Added environment file for SR-IOV deploymentkarthik s1-0/+22
Change-Id: I9afb1d57d08504346f669239ab3d9cce100c7655 Implements: blueprint tripleo-sriov Signed-off-by: karthik s <ksundara@redhat.com>
2016-08-31Add missing reference to ExternalPort for DVRBrent Eagles1-0/+7
Neutron DVR requires the OS::TripleO::Compute::Ports::ExternalPort to be set to a valid port on the external network. Change-Id: I46b96dba3e264e0e79f7f0cea83b0f66775d6d2a Closes-Bug: 1618611
2016-08-31Availability monitoring agents supportMartin Mágr1-0/+30
- adds possibility to install sensu-client on all nodes - each composable service has it's own subscription Co-Authored-By: Emilien Macchi <emilien@redhat.com> Co-Authored-By: Michele Baldessari <michele@redhat.com> Implements: blueprint tripleo-opstools-availability-monitoring Change-Id: I6a215763fd0f0015285b3573305d18d0f56c7770