aboutsummaryrefslogtreecommitdiffstats
path: root/environments
AgeCommit message (Collapse)AuthorFilesLines
2017-08-21TLS for containerized horizonJuan Antonio Osorio Robles1-0/+1
bind mount the certificates needed for TLS. bp tls-via-certmonger-containers Change-Id: Ib9b533249be37665b77396a76133cc42fd15ee2b
2017-08-21Merge "Enable TLS for containerized RabbitMQ"Jenkins1-0/+1
2017-08-19Merge "Add support for Dell EMC Unity Cinder backend"Jenkins1-0/+14
2017-08-18Merge "Restore and split nova metadata docker service out of nova-api."Jenkins1-0/+1
2017-08-18Merge "TLS everywhere/docker: add nova services to environment"Jenkins1-0/+7
2017-08-18Enable TLS for containerized RabbitMQJuan Antonio Osorio Robles1-0/+1
Bind mounts and adds the appropriate permissions for the cert and key that's used for TLS. bp tls-via-certmonger-containers Depends-On: I62ff89362cfcc80e6e62fad09110918c36802813 Change-Id: I48325893a00690e2f5d6f1d685f903234545d5b8
2017-08-18Merge "Refactor setup_docker_host.sh as host_prep_tasks"Jenkins2-11/+0
2017-08-18Merge "Provide sample environment for composable roles"Jenkins3-0/+202
2017-08-18Merge "Add support for installing Ceph MDS via ceph-ansible"Jenkins1-0/+2
2017-08-18Merge "Remove iscsid from TLS everywhere docker environment"Jenkins1-1/+0
2017-08-18Restore and split nova metadata docker service out of nova-api.Oliver Walsh1-0/+1
I2c39a2957fd95dd261b5b8c4df5e66e00a68d2f7 changed nova api to http from eventlet, however we need to continue running the eventlet service as it is required for the nova metadata api. However this should be tied to the OS::TripleO::Services::NovaMetadata service, so duplicate the required config in nova-metadata.yaml. Change-Id: I398575d565d5527bcaa1c8b33b9de2e1e0f2f6fd Depends-On: Id3407e151566d16c6ae1e1ea8c1b021dac22e727 Closes-bug: #1711425
2017-08-17Merge "Enable TLS for containerized MySQL"Jenkins1-0/+1
2017-08-17Merge "Enable TLS for containerized haproxy"Jenkins1-0/+1
2017-08-17Refactor setup_docker_host.sh as host_prep_tasksJiri Stransky2-11/+0
Previously what we've been doing with setup_docker_host.sh can now be achieved with host_prep_tasks, and we can free up the NodeUserData interface for other use cases. Closes-Bug: #1711387 Change-Id: Iaac90efd03e37ceb02c312f9c15c1da7d4982510
2017-08-17Provide sample environment for composable rolesAlex Schultz3-0/+202
Creating a sample environment generator configuration to generate basic environment files for the following architectures: * Monolithic HA (3 Controller, 3 Compute, 1 Ceph) * Monolithic Non-HA (1 Controller, 1 Compute, 1 Ceph) * Standalone (3 Controller, 3 Database, 3 Messaging, 2 Networker, 1 Compute, 1 Ceph) Change-Id: Id0b967d3b2356f38a51e1028b2dccc122d59888c Related-Blueprint: example-custom-role-environments
2017-08-17Add support for Dell EMC Unity Cinder backendrajinir1-0/+14
This change adds a new define for cinder::backend::dellemc_unity. Change-Id: I7f9dbb707cf9b5c90ec2f31dcff82cd578805b80 Implements: blueprint dellemc-unity-cinder
2017-08-17TLS everywhere/docker: add nova services to environmentJuan Antonio Osorio Robles1-0/+7
Most nova services are working with TLS everywhere, so they can be added to the environment. The compute and libvirt services are still pending. bp tls-via-certmonger-containers Change-Id: I80745fff5fbd9a6ccd701c1d154b38ad41b0cc3c
2017-08-17Remove iscsid from TLS everywhere docker environmentJuan Antonio Osorio Robles1-1/+0
Since nova-compute is not containerized with TLS yet, using containerized iscsid causes errors when trying to spawn a VM with a volume. Since the path is different in this case. I will re-add iscsid to this environment once nova-compute is containerized with TLS. bp tls-via-certmonger-containers Change-Id: Ida87b187e56ae852c5a4ef6f78cc04a0870fe3f4
2017-08-17Merge "Delete docker-centos-tripleoupstream.yaml"Jenkins1-124/+0
2017-08-16Add support for installing Ceph MDS via ceph-ansibleJohn Fulton1-0/+2
Based on puppet/services/ceph-mds.yaml. Nodes in the CephMds role will already be in the Ansible inventory but this change provides a way pass their parameters to ceph-ansible. Co-Authored-By: Giulio Fidente <gfidente@redhat.com> Change-Id: Ia3ef9e9a2b159dacea01e38762145ff2bcc7ba27
2017-08-16Merge "Consolidate deployment in major-upgrade-composable-steps"Jenkins1-1/+1
2017-08-15Merge "Make network-isolation-v6 environment rendered for all roles"Jenkins4-57/+66
2017-08-15Delete docker-centos-tripleoupstream.yamlSteve Baker1-124/+0
This file is generated and needs to be manually maintained. It would be better for users who want to deploy latest directly from docker hub to generate it locally by running: openstack overcloud container image prepare \ --namespace tripleoupstream \ --tag latest \ --env-file docker-centos-tripleoupstream.yaml The documentation and CI are being updated to use prepare. Change-Id: I86503f1076459ae9d84a34e649a6097cba10fa3c Closes-Bug: #1696598
2017-08-14Merge "Make containerized nova-api run with httpd"Jenkins1-6/+5
2017-08-14Enable TLS for containerized MySQLJuan Antonio Osorio Robles1-0/+1
Bind mounts and adds the appropriate permissions for the cert and key that's used for TLS. bp tls-via-certmonger-containers Change-Id: I7fae4083604c7dc89ca04141080a228ebfc44ac9
2017-08-14Enable TLS for containerized haproxyJuan Antonio Osorio Robles1-0/+1
This bind mounts the certificates if TLS is enabled in the internal network. It also disables the CRL usage since we can't restart haproxy at the rate that the CRL is updated. This will be addressed later and is a known limitation of using containerized haproxy (there's the same issue in the HA scenario). To address the different UID that the certs and keys will have, I added an extra step that changes the ownership of these files; though this only gets included if TLS in the internal network is enabled. bp tls-via-certmonger-containers Depends-On: I2078da7757ff3af1d05d36315fcebd54bb4ca3ec Change-Id: Ic6ca88ee7b6b256ae6182e60e07498a8a793d66a
2017-08-14Consolidate deployment in major-upgrade-composable-stepsJose Luis Franco Arza1-1/+1
After 483293 commit is merged, major-upgrade-composable-steps.yaml file is pointing to the wrong location deployment, which is now under common/ folder. Change-Id: Ic6784533d1c21b5b8fcb422bccd820af72e499d9
2017-08-12Merge "Consolidate puppet/docker deployments with one deploy steps workflow"Jenkins5-12/+3
2017-08-12Merge "Convert compute-role.yaml to role.role.j2.yaml"Jenkins1-1/+1
2017-08-11Merge "openstack-heat-templates: fix deprecation path"Jenkins1-1/+1
2017-08-11Consolidate puppet/docker deployments with one deploy steps workflowSteven Hardy5-12/+3
If we consolidate these we can focus on one implementation (the new ansible based one used for docker-steps) Change-Id: Iec0ad2278d62040bf03613fc9556b199c6a80546 Depends-On: Ifa2afa915e0fee368fb2506c02de75bf5efe82d5
2017-08-11Convert compute-role.yaml to role.role.j2.yamlSteven Hardy1-1/+1
Add some special-casing for backwards compatibility, such that the Compute role can be rendered via j2 for support of composable networks. Change-Id: Ieee446583f77bb9423609d444c576788cf930121 Partially-Implements: blueprint composable-networks
2017-08-11Make containerized nova-api run with httpdJuan Antonio Osorio Robles1-6/+5
The non-containerized version will run over httpd [1], and for the containerized TLS work, it is needed in the container version as well. [1] Iac35b7ddcd8a800901548c75ca8d5083ad17e4d3 bp tls-via-certmonger-containers Depends-On: I1c5f13039414f17312f91a5e0fd02019aa08e00e Change-Id: I2c39a2957fd95dd261b5b8c4df5e66e00a68d2f7
2017-08-10Merge "Noop controller pre and post config resources."Jenkins1-0/+2
2017-08-10Merge "Docker/TLS everywhere: Add telemetry and neutron services to environment"Jenkins1-4/+9
2017-08-09Merge "Addition of Nuage as mechanism driver for ML2"Jenkins2-7/+22
2017-08-09Make network-isolation-v6 environment rendered for all rolesMichele Baldessari4-57/+66
In change If3989f24f077738845d2edbee405bd9198e7b7db we moved to jinja2 templating to render the networks. This change aims at doing so for the IPv6 network isolation environment. Change-Id: Ieebcff3db3f5756a5d23080ea3d09ce78de69e21
2017-08-08Docker/TLS everywhere: Add telemetry and neutron services to environmentJuan Antonio Osorio Robles1-4/+9
some resources were missing, so this syncs up what's working right now. bp tls-via-certmonger-containers Change-Id: Ic8fe20d0240f1ad8f18218d66634029d522d4d5a
2017-08-04Merge "Copy scheduler configuration from service/ironic to ↵Jenkins1-0/+2
services-docker/ironic"
2017-08-04Merge "Adds environment file for ODL + SRIOV"Jenkins1-0/+28
2017-08-03Merge "Add environment for setting a custom domain name"Jenkins1-0/+35
2017-08-03Addition of Nuage as mechanism driver for ML2lokesh-jain2-7/+22
Adding composable services for Nuage mechanism driver for ML2. This is separate from Nuage as the core plugin and intentional duplication of Nuage under puppet services. Parameters required for working of Nuage as mechanism driver are also added. Change-Id: I2b564610721152c4f4dab9da79442256ba8d0b33
2017-08-03Merge "Update TLS-everywhere docker environment"Jenkins1-2/+5
2017-08-02Merge "Fix ceilometer agent compute service name"Jenkins1-1/+1
2017-08-02openstack-heat-templates: fix deprecation pathSébastien Han1-1/+1
The right file is external-ceph.yaml, not ceph-external.yaml. Change-Id: If21a4f183305f82916e1ef2aadb0706e7dab4657 Signed-off-by: Sébastien Han <seb@redhat.com>
2017-08-02Merge "Fix network-isolation.j2.yaml to ignore VIPs for disabled networks"Jenkins1-1/+1
2017-08-01Fix ceilometer agent compute service namePradeep Kilambi1-1/+1
Make sure this matches whats in roles_data.yaml Change-Id: Id41c457914f557af7c9ec195c4c6f98669523ac1
2017-08-01Merge "Generate MySQL client config if service requires database"Jenkins1-1/+0
2017-08-01Update TLS-everywhere docker environmentJuan Antonio Osorio Robles1-2/+5
Some resources have changed. So the environment needed syncing Change-Id: I9aa310ae80edfccd3ed28e67a431aad6e1ed8a7f
2017-07-31Merge "Fix creation of iptables rules for non-HA containerized HAproxy"Jenkins1-0/+1