aboutsummaryrefslogtreecommitdiffstats
path: root/environments
AgeCommit message (Collapse)AuthorFilesLines
2017-09-08Disables QoS with OpenDaylight deploymentsItzik Brown4-1/+5
QoS is not fully supported and fails to load correctly with networking-odl. Therefore disabling it from Neutron extension drivers until we have it fully working. Change-Id: I89aa3628c1400305f9659f5c0c99942a7fa7d19e Closes-Bug: 1708131 (cherry picked from commit cfd0d185a93ac2922e233e268a32c3574bee37bf)
2017-09-07Merge "Add CephExternal role for ceph-ansible" into stable/pikeJenkins2-0/+31
2017-09-07Merge "Support HA for OVN DBs containers using pacemaker bundle" into ↵Jenkins1-0/+28
stable/pike
2017-09-07Add CephExternal role for ceph-ansibleGiulio Fidente2-0/+31
Previously it was only possible to configure the overcloud with an external Ceph cluster via puppet-ceph-external. This submission adds a CephExternal implementation which uses ceph-ansible. Change-Id: Id0d375f88e27e91e9d89f25a0cd7388b6e45df8b Depends-On: Ifc57c9cf6ca8017a2abc78d6320c0675ad49ca9f Closes-Bug: #1714271 (cherry picked from commit 01e55c314de74579196518d958bf5be30e390409)
2017-09-07Add support for deploying RGW with ceph-ansibleKeith Schincke1-0/+5
This patch allows usage of ceph-ansible to configure the RGW service in the overcloud. Still uses puppet-keystone to create the necessary user and endpoint in the catalog. Co-Authored-By: Giulio Fidente <gfidente@redhat.com> Change-Id: Iafa17bb64c54e40350b2ba7d76dea3d82fcab0e4 (cherry picked from commit 5b3cd1dcacff408bcb482bdea6cded8755a39ebb)
2017-09-07Merge "Containerized mongodb, disable by default, fix upgrade" into stable/pikeJenkins1-1/+0
2017-09-06Add param to configure snat mechanismJanki Chhatbar1-0/+1
Add a parameter to configure SNAT mechanism in OpenDayLight defaulting to conntrack for OVS and defaulting to controller mechanism for OVS-DPDK Change-Id: I48c6f07de55cb2574cc3a7e9653b812f875df726 Closes-Bug: #1710614 (cherry picked from commit 9a450a8e505b5d7ccef7e5e7675573da2a4cd42c)
2017-09-06Containerized mongodb, disable by default, fix upgradeSteve Baker1-1/+0
This change removes the entry to containerise docker by default because it should now be disabled since the change Id2e6550fb7c319fc52469644ea022cf35757e0ce. Removing the entry means the default mapping to mongodb-disabled.yaml takes effect. This change also modifies the upgrade_tasks so that the mongod service is only disabled when the service exists. There appears to be upgrade scenarios which fail because mongodb was never installed in the first place. Change-Id: Ie09ce2a52128eef157e4d768c1c4776fc49f2324 Closes-Bug: #1715031 (cherry picked from commit cb81cbe3b5f3887f5d690c590e52b728f74d43c3)
2017-09-05Add support for Dell EMC Isilon Manila backendrajinir2-0/+18
This change adds support for manila::backend::dellemc_isilon Change-Id: I92592e4b717d4b1812ccd810ec1daaedd181c3dd Implements: blueprint dellemc-isilon-manila (cherry picked from commit f6c9906d51fb3268b7a7d61d53181ab5d3c0d2ec)
2017-09-05Add support for Dell EMC VMAX Manila Backendrajinir2-0/+20
This change adds support for manila::backend::dellemc_vmax Change-Id: I92e189c8741c496ef6c27130f73829c327a99f1b Implements: blueprint dellemc-vmax-manila (cherry picked from commit 04daabdc8414e4435dc4cd3ccfea9a62b5631261)
2017-09-02Add support for Dell EMC VMAX ISCSI Backendrajinir1-0/+9
This change adds a new define for cinder::backend::dellemc_vmax_iscsi Change-Id: I7c685e0a3186da138964f17b487fb0c3533f58c7 Implements: blueprint dellemc-vmax-isci (cherry picked from commit c77189905525c6fe834e001f2231b9eab788cd01)
2017-09-02Convert enable-internal-tls.yaml to be generatedBen Nemec2-0/+40
All of the other SSL environments were converted, but this one was missed. That's an inconsistent user experience and should be cleaned up. This environment also exposed a bug in the tool where it did not include the parameter_defaults section key if all the parameters were marked static. Change-Id: I19bc422c22b9f60f781e696ce703b026dc317786 Closes-Bug: 1713761 (cherry picked from commit 7c06db3d1c384773c4abccbce450c259f75e5e4a)
2017-09-01Merge "Remove ipv6 specific network templates" into stable/pikeJenkins1-0/+60
2017-09-01Merge "Add storage backends env files for containerized deployment" into ↵Jenkins2-0/+52
stable/pike
2017-09-01Remove ipv6 specific network templatesDan Sneddon1-0/+60
This change renders the IPv6 versions of the isolated networks using j2. To allow for backward compatibility, there will be 2 versions of the network definitions, <network>.yaml and <network>_v6.yaml. If the ip_subnet contains an IPv6 address, or if ipv6: true is set on the network definition in network_data.yaml, then the <network>.yaml version will contain an IPv6 definition, otherwise the <network>.yaml will be IPv4, and the <network>_v6.yaml will be IPv6. In a future follow-up patch, we will probably only create the required versions of the networks, either IPv4, IPv6, not both. The ipv6_subnet, ipv6_allocation_pools, and ipv6_gateway settings in the network_data.yaml definition file are used for the <network>_v6.yaml network definition. Note that these subnet/cidr/gateway definitions only set the defaults, which can be overridden with parameters set in an environment file. Since the parameters for IP and subnet range are the same (e.g. InternalApiNetCidr applies to both IPv4/v6), only one version can be used at a time. If an operator wishes to use dual-stack IPv4/IPv6, then two different networks should be created, and both networks can be applied to a single interface. Note that the workflow for the operator is the same as before this change, but a new example template has been added to environments/network-environment-v6.yaml. Change-Id: I0e674e4b1e43786717ae6416571dde3a0e11a5cc Partially-Implements: blueprint composable-networks Closes-bug: 1714115 (cherry picked from commit dd299f08bd6b1df43760148d83ce9b6e09ba6572)
2017-09-01Add storage backends env files for containerized deploymentVictoria Martinez de la Cruz2-0/+52
A storage backend has to be selected when deploying manila, otherwise the manila-share service will fail to start. For this, we have some environment files specifying the configuration for different storage backends. We need a dockerized version for this environment files. In this patch set we add those environment files. Change-Id: I9886016b02bec26699af1f8165d7b0702dfe8b9b Partial-Bug: #1668922 (cherry picked from commit d7d54594410f60ea6ebf1301048d95f64c66f645)
2017-09-01Update generated ssl environmentsBen Nemec1-1/+0
These were edited manually and the input file was not updated, which is causing problems when trying to generate new/updated envs. Change-Id: Ia2e53e52361e35d94e2dedf9b8885498693bc2e0 Partial-Bug: 1713761 (cherry picked from commit 406b1982ba530abdd6c629780130851e8e335ae8)
2017-08-31Support HA for OVN DBs containers using pacemaker bundleNuman Siddique1-0/+28
ovn-dbs pacemaker bundle resources are created for supporting Master/Slave HA. puppet-tripleo already supports creating ovn-dbs bundle resources. The heat template added in this patch makes use of this. Closes-bug: #1699085 Change-Id: I23c2d312cfb144f9afc14f0982a92670dc29d74c (cherry picked from commit 444a39f5983e71e3222b6b7f8f523fce60aeece7)
2017-08-31Remove hard-coded image referenceJanki Chhatbar1-2/+0
This patch removes hard-coded reference to ODL related images. Logic is implemented in TripleO-common to render images based on the environment file specified. Change-Id: I9a11072f98e1245dc32d27d0b0e9bc6e9e19399f Partial-Bug: #1713685 (cherry picked from commit 21a6b66c8bb5377bc1391e3f582467de7f7b5562)
2017-08-31Merge "Add support for Dell EMC VNX Manila Backend" into stable/pikeJenkins2-0/+19
2017-08-31Merge "Add support for Dell EMC Unity Manila Backend" into stable/pikeJenkins2-0/+18
2017-08-30Add support for Dell EMC VNX Manila Backendrajinir2-0/+19
This change adds support for manila::backend::dellemc_vnx Change-Id: I5fa5c2d6956429d1b9c12a5af6d4a887ed0624d9 Implements: blueprint dellemc-vnx-manila (cherry picked from commit a3debcfa8b2cbb3acaba292e082b0a3b0ee8ef54)
2017-08-30Add support for Dell EMC Unity Manila Backendrajinir2-0/+18
This change adds support for manila::backend::dellemc_unity Change-Id: Idec67d190b12359e8e6f1c157577088fa84ef41d Implements: blueprint dellemc-unity-manila (cherry picked from commit c5ee7b7714c712807f33ca1645186d33103a2264)
2017-08-30container ovs-agent, ensure br-ex existsSteve Baker1-2/+2
Currently the container neutron-ovs-agent is stuck in a restart loop in many environments because the bridge br-ex is missing. This bridge is created by running the puppet class neutron::agents::ml2::ovs but limiting that run to tag neutron::plugins::ovs::bridge. The hiera neutron::agents::ml2::ovs::bridge_mappings should already exists to create the bridge with the required settings. This change should ensure br-ex exists after step 3. Since br-ex is created regardless of the chosen network config, environments/docker-network.yaml is not longer required. It can be deleted once there are no more references to it in CI and documentation. Change-Id: Ie425148b0ad0f38e149c5fa0a97d98ec35d0a5bb Closes-Bug: #1699261 Closes-Bug: #1691403 Closes-Bug: #1689556 (cherry picked from commit 76f130d6e8f7434433b2602af9794f1e9c742e1f)
2017-08-28Support deploying OVN as container servicesNuman Siddique1-0/+27
This patch adds the support to containerize OVN services for the base profile. OVN db servers do not support active-active mode yet. It does support master-slave mode supported through pacemaker, which will be supported in a later patch. Presently the tripleo container framework doesn't allow to start a container in only controller 0 (or bootstrap node). OVN db servers and ovn-northd are started on all the controllers, but only the OVN db servers running in the boot strap controller are configured to listen on the tcp ports 6641 and 6642. OVN neutron mechanism driver and ovn-controller's use the ovn_dbs_vip to connect to the OVN db servers. Haproxy configures all the controllers as back ends, but only OVN db servers running on controller 0 respond since only they are configured properly. The OVN containers running on other controller nodes do not interact any way, but are wasteful resources. This patch also adds the scenario007-multinode-containers CI template. Partial-bug: #1699085 Change-Id: I98b85191cc1fd8c2b166924044d704e79a4c4c8a (cherry picked from commit e7cd03d2f0fcd8e3069246ced94f1a83869b8bea)
2017-08-24Merge "Docker: Enable TLS in the internal network for libvirt"Jenkins1-0/+5
2017-08-23Docker: Enable TLS in the internal network for libvirtJuan Antonio Osorio Robles1-0/+5
Bind mounts the necessary certs and keys to enable live migrations using TLS. bp tls-via-certmonger-containers Depends-On: I26a7748b37059ea37f460d8c70ef684cc41b16d3 Change-Id: I81efa85d916823f740bf320c88a248403743a45b
2017-08-22Merge "Zaqar: Match service name with service-net-map"Jenkins1-1/+1
2017-08-22Zaqar: Match service name with service-net-mapJuan Antonio Osorio Robles1-1/+1
This is required for t-h-t to generate the appropriate hieradata. Change-Id: I9b451eac4427a52ad8eec62ff89acc6c6d3ab799 Closes-Bug: #1712328
2017-08-22Merge "Add nova metadata to TLS everywhere/docker services list"Jenkins1-3/+4
2017-08-22Merge "change sriovnicswitch to be first with openvswitch"Jenkins1-1/+1
2017-08-21Merge "Add logrotate with crond service"Jenkins3-0/+12
2017-08-21Merge "Let mds create manila key and fs"Jenkins1-1/+1
2017-08-21Add nova metadata to TLS everywhere/docker services listJuan Antonio Osorio Robles1-3/+4
This is working, so we add it to the list. bp tls-via-certmonger-containers Change-Id: Ib545d4e6c130b73b4921eb9b6325d2e8d6ff1e2c
2017-08-21TLS for containerized horizonJuan Antonio Osorio Robles1-0/+1
bind mount the certificates needed for TLS. bp tls-via-certmonger-containers Change-Id: Ib9b533249be37665b77396a76133cc42fd15ee2b
2017-08-21Merge "Enable TLS for containerized RabbitMQ"Jenkins1-0/+1
2017-08-21Add logrotate with crond serviceBogdan Dobrelya3-0/+12
Add a docker service template to provide containerized services logs rotation with a crond job. Add OS::TripleO::Services::LogrotateCrond to CI multinode-containers and to all environments among with generic services like Ntp or Kernel. Set it to OS::Heat::None for non containerized environments and only enable it to the environments/docker.yaml. Closes-bug: #1700912 Change-Id: Ic94373f0a0758e9959e1f896481780674437147d Signed-off-by: Bogdan Dobrelya <bdobreli@redhat.com>
2017-08-19Merge "Add support for Dell EMC Unity Cinder backend"Jenkins1-0/+14
2017-08-18Merge "Restore and split nova metadata docker service out of nova-api."Jenkins1-0/+1
2017-08-18Let mds create manila key and fsJan Provaznik1-1/+1
ceph-ansible will take care of setting up client keys both in ceph and on client side. It will also create filesystem for manila. To assure that manila manifest can work in future both with puppet and with ceph-ansible, creation of filesystem is moved to ceph-mds manifest and creation of manila key on ceph side is moved to ceph-base (so manila key is always created), manila key is added to ceph-external for external ceph deployments. Key creation is removed from manila.pp in patch I2b5567a39ac8737e80758b705818cc1807dc8bf1 Change-Id: I6308a317ffe0af244396aba5197c85e273e69f68 Related-To: Ia3ef9e9a2b159dacea01e38762145ff2bcc7ba27 Depends-On: I3f18bbe476c4f43fa4e162cc66c5df443122cd0c
2017-08-18Merge "TLS everywhere/docker: add nova services to environment"Jenkins1-0/+7
2017-08-18Enable TLS for containerized RabbitMQJuan Antonio Osorio Robles1-0/+1
Bind mounts and adds the appropriate permissions for the cert and key that's used for TLS. bp tls-via-certmonger-containers Depends-On: I62ff89362cfcc80e6e62fad09110918c36802813 Change-Id: I48325893a00690e2f5d6f1d685f903234545d5b8
2017-08-18Merge "Refactor setup_docker_host.sh as host_prep_tasks"Jenkins2-11/+0
2017-08-18Merge "Provide sample environment for composable roles"Jenkins3-0/+202
2017-08-18Merge "Add support for installing Ceph MDS via ceph-ansible"Jenkins1-0/+2
2017-08-18Merge "Remove iscsid from TLS everywhere docker environment"Jenkins1-1/+0
2017-08-18Restore and split nova metadata docker service out of nova-api.Oliver Walsh1-0/+1
I2c39a2957fd95dd261b5b8c4df5e66e00a68d2f7 changed nova api to http from eventlet, however we need to continue running the eventlet service as it is required for the nova metadata api. However this should be tied to the OS::TripleO::Services::NovaMetadata service, so duplicate the required config in nova-metadata.yaml. Change-Id: I398575d565d5527bcaa1c8b33b9de2e1e0f2f6fd Depends-On: Id3407e151566d16c6ae1e1ea8c1b021dac22e727 Closes-bug: #1711425
2017-08-17Merge "Enable TLS for containerized MySQL"Jenkins1-0/+1
2017-08-17Merge "Enable TLS for containerized haproxy"Jenkins1-0/+1
2017-08-17Refactor setup_docker_host.sh as host_prep_tasksJiri Stransky2-11/+0
Previously what we've been doing with setup_docker_host.sh can now be achieved with host_prep_tasks, and we can free up the NodeUserData interface for other use cases. Closes-Bug: #1711387 Change-Id: Iaac90efd03e37ceb02c312f9c15c1da7d4982510