Age | Commit message (Collapse) | Author | Files | Lines |
|
Glance registry is not required for the v2 of the API and there are
plans to deprecate it in the glance community.
Let's remove v1 support since it has been deprecated for a while in
Glance.
Depends-On: I77db1e1789fba0fb8ac014d6d1f8f5a8ae98ae84
Co-Authored: Flavio Percoco <flaper87@gmail.com>
Change-Id: I0cd722e8c5a43fd19336e23a7fada71c257a8e2d
|
|
Adds an environment file, template, and script that can be used to do
initial bootstrapping of deployed servers during NodeExtraConfig. It is
meant to install and configure the initial dependencies needed to apply
the rest of the OpenStack configuration via Heat.
Enabling yum repos and installing the initial python-heat-agent package
would still have to be manual steps when using this environment. But the
goal is to keep those manual steps to a minimum and automate as much as
possible in deployed-server-bootstrap.sh.
Along with setting EnablePackageInstall: True, this could eventually
replace bootstrap-overcloud-full.sh from tripleo-ci.
Partially-implements: blueprint split-stack-software-configuration
Change-Id: I6be94604a46382e6288df1b36b9de8fab58696cc
|
|
files/partitions
This submission:
- Fix an error in the AllNodesExtraConfig resource.
(Can't merge servers multiple times).
- Add environment files to deploy swap file/partition
without manual edit over the templates.
- If a swap partition is mounted without having it available
the deployment will fail, the fix checks that if the
partition is not created then the deployment continues.
- Removing empty extra lines in swap templates.
- Adjust description and remove unnecessary comments in
swap templates.
Closes-Bug: 1652184
Change-Id: I828bbbbd4c178956aac74af49f80fcd4f62fa16b
|
|
|
|
Somehow missed deleting this in previous patch. This file should be
removed as only neutron-opendaylight.yaml env file should be used.
Related-Bug: 1654586
Change-Id: Ibd56b032b86170fed947d8030cb0bd443581ee87
Signed-off-by: Tim Rozet <trozet@redhat.com>
|
|
Cinder configuration with HPELeftHandISCSIDriver
for VSA storage
Change-Id: Iaefbf38522069f6c636130e357f19a7fb7d54fe4
|
|
|
|
|
|
|
|
Deploying ODL without L3 DVR is no longer supported. This patch moves
the opendaylight-l3 env settings to be the new default for opendaylight
env file, while also removing any option to disable L3.
Closes-Bug: 1654586
Change-Id: Ia2488cb0b752fb4b33f03caa7a1d2469d20395f0
Signed-off-by: Tim Rozet <trozet@redhat.com>
|
|
In Newton, the ctlplane port on deployed-server was called
<hostname>-ctlplane-port. When this code was refactored in
I29fbc720c3d582cbb94385e65e4b64b101f7eac9, the -port suffix was dropped
in favor of <hostname>-<network> convention, and the port resource was
created directly in deployed-server.yaml instead of in a nested stack.
Both of those changes were backwards incompatible -- making it
impossible to upgrade to the new version of deployed-server.yaml without
the ctlplane port getting deleted/recreated, which causes a change in IP
address. The IP address change causes services to be misconfigured on
upgrade attempts.
Change-Id: I45991b60a151abf3c5e4d05a3aa7246b2d25ac5a
|
|
|
|
This change adds a CephMds service, disabled by default, on the
Controller role and an environment file to enable it.
Change-Id: If7cb46319038a80ed52f753a623989885e1b7da4
Depends-On: Iaecc3ff7acb851776c5057c42a5a513a70425d2c
Partial-Bug: #1644784
|
|
Introduce THT for networking-fujitsu. networking-fujitsu is a neutron ML2 plugin
which enables FUJITSU C-Fabric switch in OpenStack environment. This templates
deploy overcloud with C-Fabric switch.
Change-Id: Iee75a1a30552d8dc9f55f52d10b0dc2b623992ef
Implements: blueprint integration-networking-fujitsu
Depends-On: I37a502b43eb7d91bfe20625248ed117eae3ca535
Depends-On: I5eb2c2a9c50b5991d62f4b6d74b83351c86b02de
|
|
|
|
There was a comma after 'end' in ManagementAllocationPools that causes
a failure if using this parameter straight without modification.
Replaced comma with colon.
Closes-Bug: 1655204
Change-Id: Ic25606ea0b6637fcd33f1375f34a6486eda2af85
Signed-off-by: Kevin Jones <kevinjones@redhat.com>
|
|
|
|
|
|
The current environment files for OpenDaylight use
the opendaylight mechanism driver - changing it to
opendaylight_v2.
Also using the l3_odl_v2 as a service plugin
Depends-On: I2a1c5097614e47cc09e43bbc77305a0548d54baa
Change-Id: Iba6f52663ce4a5e4c070f58f079465fdd24ecc7c
|
|
There are change of ServiceNetMapDefaults in service_net_map.j2.yaml but
were not reproduce in update-from-keystone-admin-internal-api.yaml
environment. Tested in newton.
Closes-Bug: #1646862
Change-Id: I307dcaabbc6d583896090bf3f046b442007fbc42
Signed-off-by: Cyril Lopez <cylopez@redhat.com>
Co-Authored-By: Gregory Charot <gcharot@redhat.com>
|
|
Add a new roles data YAML file and environment to help
create the undercloud via t-h-t.
Partially-implements: blueprint heat-undercloud
Change-Id: I36df7fa86c2ff40026d59f02248af529a4a81861
|
|
* On top of the https://review.openstack.org/#/c/411204
* Added Kernel args and Tune-d configuration
* Added provision to provide different kernel args per role (applicable
for different types of compute roles only)
Implements: blueprint tuned-nfv-dpdk
Change-Id: I5c538428c376c9d2ebd1c364f0ee8503fd7d620e
|
|
Also removes from network-isolation env file the old RedisVioPort resource.
Change-Id: I09ea1fe441a9dbe71a0af36cb123a117f2f0055f
|
|
Previously we had to override the location of the manifest file
pushed on the controller nodes when deploying with Pacemaker, this is
not needed anymore with composable roles.
Change-Id: I1e010099263a325d06483f498c70582b008c31e2
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
This patch updates the endpoint map for Zaqar websockets
so that we use ws (or wss for SSL) instead of the http varients.
This should help resolve protocol issues when trying to make
connections to the websocket API.
Change-Id: Iea88d1e30299cb621424740a39d498defa371ca4
|
|
This switches to using overcloud-full as the OS image for
containerized compute. It includes the following changes:
- install docker, until this change lands
I1eab2a6de721c8f3c21c7df0019f2d4d1cc3775f
- agent image pull has been removed. This avoids a race between docker
starting and the current call to pull. This relies on "docker run"
to do the initial pull and leaves open the option of some other
prefetch mechanism to do the initial pull
- rely on unit Conflicts= to ensure heat-docker-agents and
os-collect-config do not run at the same time
- tweaks to host bind mounts
- removal of commands which only apply to atomic
Co-Authored-By: Martin André <m.andre@redhat.com>
Change-Id: I2e82634785834a877a4dbdbdcd788a9ac1c14a9d
|
|
Currently when the docker environments are invoked, every node has the
boot script run which replaces os-collect-config with the heat-agents
container. This should only be happening on Compute nodes currently,
and each role will be converted to heat-agents one at a time.
This change implements a role-specific NodeUserData resource and uses
that mechanism to run docker/firstboot/install_docker_agents.yaml only
on Compute nodes.
Change-Id: Id81811dbcaf0e661c3980aa25f3ca80db5ef0954
|
|
For some upgrade scenarios, e.g all-in-one deployments, it may
be possible to run the upgrade steps, then apply puppet in one
stack update, so reverse the order here. For normal deployments
the upgrade steps are mapped to OS::Heat::None so this will have
no effect.
Partially-Implements: blueprint overcloud-upgrades-per-service
Change-Id: I3c78751349a6ac2bc5dff82f67bffe13750ac21c
|
|
This allows us to take advantage of the composable roles hiera
settings to connect the plugin to the northd/ovndb API without
needing to hard-code the IP of the node running the service.
Change-Id: I2508d48f81c1819ae3521fff271c0bdc50724604
Depends-On: I9af7bd837c340c3df016fc7ad4238b2941ba7a95
Closes-Bug: #1634171
|
|
This patch swaps out the noop ctlplane port for a more
proper fake neutron port stack. This stack is a swap
in for the OS::Neutron::Port heat resource and can be
controlled via the DeployedServerPortMap parameter.
By relying on <hostname>-<network> naming conventions in the
map we can map IPs to specific servers without using the
Neutron API. This will allow us to inject IP information
into the Heat stack within the new t-h-t undercloud installer
which currently does not run a Neutron service.
Change-Id: I29fbc720c3d582cbb94385e65e4b64b101f7eac9
|
|
The new DeployedServer resource in Heat will provide a native resource
for Server resources that are not orchestrated via Nova. This will allow
associating SoftwareDeployment's with servers that have not been
launched with Nova with Heat directly.
With the new resource, all of the SoftwareConfigTransport methods are
available, including POLL_TEMP_URL. This patch also updates the
get-occ-config.sh script to configure the requests collector in
os-collect-config.conf on the deployed servers.
Change-Id: I4b80421088acca709fe3f92741c5c052be483131
Partially-implements: blueprint split-stack-software-configuration
Depends-On: I07b9a053ecd3ef4411b602bbc6ef985224834cf8
|
|
It's deprecated, to be removed in Ocata, and it's discouraged to set it
to anything but the default value ('') that means that routers are not
plugged directly into br-ex, but allows l2 agent to do the wiring.
There are known issues with setting it to br-ex (like wrong port
statuses): If533cf7c4c379be78f5a15073accaff7f65973ab
The only caveat to setting it to the default ('') value is that in that
case l2 agent should be configured with bridge mapping for physical
networks. Since we already configure bridge_mappings for the agent, we
should be safe to unset the option.
Now that it's the default, there is no reason to override it in example
environments.
This patch also changes the description for the parameter to make it
more clear that users are not expected to set it unless they know what
they are doing. Also, moved the parameter into deprecated section to
make it even more clear it's not something to touch in new deployments.
Change-Id: Iade7fbaf92c8c601227f4456a15ea3f13a907ee2
Related-Bug: #1563070
|
|
For usability and to reduce the number of environments that need to be
given when enabling TLS in the internal network, it's convenient to add
the enabling of TLS in the internal front-ends for HAProxy, instead of
doing that in a separate environment file.
bp tls-via-certmonger
Change-Id: Icef0c70b4b166ce2108315d5cf0763d4e8585ae1
|
|
|
|
This shows how we could wire in the upgrade steps using Ansible
as was previously proposed e.g in https://review.openstack.org/#/c/321416/
but it's more closely integrated with the new composable services
architecture.
It's also very similar to the approach taken by SpinalStack where
ansible snippets per-service were combined then run in a series of
steps using Ansible tags.
This patch just enables upgrade of keystone - we'll add support for
other patches in subsequent patches.
Partially-Implements: blueprint overcloud-upgrades-per-service
Change-Id: I39f5426cb9da0b40bec4a7a3a4a353f69319bdf9
|
|
|
|
|
|
|
|
|
|
DVR+HA routers are officially supported, so this patch can be reverted.
This reverts commit ce39dbac56123354576d2c31674e1b18535b0111.
Conflicts:
environments/neutron-ovs-dvr.yaml
Change-Id: Ifeceb0c3ba01e81403903401ebfe69b9e9d7d2f2
|
|
This patch drops use of the vip-hosts.yaml service which can
cause issues during deployment because puppet 'hosts' resources
overwrite the data in /etc/hosts. The only reason things seem to work
at all at the moment is because our hosts element in t-i-e runs
on each os-refresh-config iteration and re-adds the dropped hosts
entries.
To work around the issue we add a conditional which selectively
adds the extra hosts entries only if the AddVipsToEtcHosts is set
to true.
Closes-bug: 1645123
Change-Id: Ic6aaeb249a127df83894f32a704219683a6382b2
|
|
Until bug #1635409 is fixed, we can provide the full list of
services needed on the Compute role, plus CephOSD, in the
hyperconverged-ceph environment file, preserving the user
experience.
Change-Id: I42409bc098c740759b378969526e13efaf002d3c
Related-Bug: #1635409
|
|
This adds the necessary hieradata for enabling TLS for MySQL (which
happens to run on the internal network). It also adds a template so
this can be done via certmonger. As with other services, this will
fill the necessary specs for the certificate to be requested in a
hash that will be consumed in puppet-tripleo.
Note that this only enables that we can now use TLS, however, we still
need to configure the services (or limit the users the services use)
to only connect via SSL. But that will be done in another patch, as
there is some things that need to land before we can do this (changes
in puppetlabs-mysql and puppet-openstacklib).
Change-Id: I71e1d4e54f2be845f131bad7b8db83498e21c118
Depends-On: I7275e5afb3a6550cf2abbb9a8007dedb62ada4b4
|