Age | Commit message (Collapse) | Author | Files | Lines |
|
Currently this is disabled via a conditional in the keepalived
profile in puppet-tripleo, but this will be incompatible with
the planned composable upgrades implementation. Instead we should
disable the service template by mapping to OS::Heat::None, and
ensure the haproxy manifest uses the t-h-t generated hiera value
keepalived_enabled instead of hard-coding a hiera override in the
haproxy template.
Change-Id: I85a8b1cca7268506de22adfb3a8ce7faa4f157ef
Partial-Bug: #1642936
Depends-On: I90faf51881bd05920067c1e1d82baf5d7586af23
|
|
This integrates panko service api into tripleo heat templates.
By default, we will disable this service, an environment service
file is included to enable if needed.
Depends-On: I35f283bdf8dd0ed979c65633724f0464695130a4
Change-Id: I07da3030c6dc69cce7327b54091da15a0c58798e
|
|
Adds new puppet and puppet pacemaker specific services for Zaqar.
The Pacemaker templates extend the default Zaqar services and swap in
the Pacemaker specific puppet-tripleo profile instead.
Change-Id: Ia5ca4fe317339dd05b0fa3d5abebca6ca5066bce
Depends-On: Ie215289a7be681a2b1aa5495d3f965c005d62f52
Depends-On: I0b077e85ba5fcd9fdfd33956cf33ce2403fcb088
Implements: blueprint composable-services-within-roles
|
|
|
|
|
|
We are noticing several tests failing in our low memory environment
because of timeout in neutron requests.
As an example the test
tempest.api.compute.servers.test_server_actions.ServerActionsTestJSON
fails because it requests to plug a vif, and send request to neutron,
which responds in more than neutron_url_timeout, and since the option
vif_plugging_is_fatal is set to True as default, the test fails.
Shortly thereafter, checking in neutron log you can see the request,
returning with the proper status, after more than neutron_url_timeout,
however, it's already too late once nova already marked the instance
with error status, and so the test fails.
Closes-Bug: #1641135
Change-Id: If0991c114f199490ac0deb71eb569a42d4711359
|
|
This patch adds an example increased value for NovaReservedHostMemory
and some documentation around tuning this value when DVR is enabled.
Closes-Bug: #1630583
Change-Id: I2718d72d307a1c90061606e5f36c96f964cd2fb5
|
|
The capitalization of OS::Tripleo is wrong compared to all other services
so correct this for avoidance of confusion when folks write custom roles_data
files or pass custom service lists via *Services parameters.
Change-Id: Ib73c80871b45586edb5774e90280ff89fc0d9895
Closes-Bug: 1640871
|
|
Change-Id: Ibabf09a8b6f35c9b086efeffcf7db89ab8d6b63b
|
|
|
|
The command-line options for Neutron network settings have been
deprecated in favor of setting parameter defaults in environment
files. This update includes the most common settings which were
previously set using CLI options in the sample
network-environment.yaml. This should also make it possible to
deploy in virtual environments without editing any files, since
the network-environment.yaml will include sane defaults.
Change-Id: Ieae59dfec287b9e5424a2e560de9f7b1bd598536
|
|
|
|
|
|
Updated plugin name for configuring Nuage.
Nuage plugin name changed after Liberty release
and needs to be updated at all instances.
Updated neutron-nuage-config.yaml file to reflect
the change.
Change-Id: I7cce9a07b909ab59bf249439eec0833afce5cca6
Closes-Bug: #1635033
|
|
|
|
|
|
|
|
We lost ability to store Glance images in NFS mounts as we moved to NG
HA architecture. This patch re-adds that ability, but the parameter
interface changes because the semantics change as well. (Pacemaker
allowed for different mounts than just NFS so the parameters were more
generic, although we only ever tested and documented NFS usage.)
Change-Id: Ic5197e09846bbf75d780dcc74da1717dcf8301d0
Related-Bug: #1635606
|
|
|
|
Adds new puppet specific services for Mistral
API and Mistral Engine.
This submission enables the mistral service by default in the
overcloud, a following submission will disable it and make it
optional by enabling it on demand based in an environment file.
Depends-On: Iae42ffa37c4c9b1e070b7c3753e04c45bb97703f
Depends-On: I942d419be951651e305d01460f394870c30a9878
Depends-On: I6cb2cbf4a2abf494668d24b8c36b0d525643f0af
Implements: blueprint composable-services-within-roles
Co-Authored-By: Carlos Camacho <ccamacho@redhat.com>
Change-Id: Id5ff9cb498b5a47af38413d211ff0ed6ccd0015b
|
|
|
|
Change-Id: Ib945e570556e8e10e5bb07faa57270958c9eda99
|
|
This adds an environment file that can be used to enable TLS in
the internal endpoints via certmonger if used. This will include
a nested stack that will create the hash that will be used to
create the certmonger certificates.
When setting up a service over apache via puppet, we used to disable
explicitly ssl (which sets modd_ssl-related fields for that vhost).
We now make this depend on the EnableInternalTLS flag. This has only
been done for keystone, but more services will be added as the
puppet code lands
bp tls-via-certmonger
Depends-On: I303f6cf47859284785c0cdc65284a7eb89a4e039
Change-Id: I12e794f2d4076be9505dabfe456c1ca6cfbd359c
|
|
Co-Authored-By: Juan Antonio Osorio Robles <jaosorior@redhat.com>
Depends-On: If2804b469eb3ee08f3f194c7dd3290d23a245a7a
Depends-On: I091ecfbcb2e38fe77203244ac7a597aedcb558fb
Change-Id: Iacc504fc4fa2d06893917024ce2340d3fb80b626
|
|
EnableOpenDaylightOnController was not very composable. Removing this
parameter to make the service truly composable. Also fixes missing
local_ip setting for OVS, required for VXLAN or GRE tenant networks.
Closes-Bug: 1633625
Depends-On: Ia55c05e12d5d434111a13e1ed795da530e3ff4a5
Change-Id: I0e07e1631793311334d1436ee8fdf9af2802ba70
Signed-off-by: Tim Rozet <trozet@redhat.com>
|
|
This is not needed with ODL and actually triggers deployments to fail
due to missing ODL username/password info on compute nodes.
Depends-On: Ifd906db4e6062ac271c2147fe1149b1009d06ae2
Closes-Bug: 1633630
Change-Id: Ib88e8ef91c393d30c44b86a932103f5a294bc547
Signed-off-by: Tim Rozet <trozet@redhat.com>
|
|
|
|
|
|
- Custom config has to contain OpenStack auth information,
so it has to be generated for user during deployment.
This patch maintains the ability to provide a custom
configuration for the Sensu client.
Change-Id: If449642c4bbad683421e1f461b8721e655db0c45
|
|
|
|
Introduce a new environment template that enables the Debug parameter.
By default the value is set to "true".
Change-Id: Ieac59de42ffef6afa5d8f10ef1925c32c7dc8551
|
|
|
|
Depends-On: I04e28a95e8d69a24cd3df109bf1802bfcbd941db
Change-Id: I4ada033155e5fde0add08ec9aa8f6af7c31d53f3
|
|
|
|
In Newton, ceilometer api is changed to run under apache wsgi
instead of eventlet. This will require upgrades for mitaka
deployments to switch to wsgi.
Closes-Bug: 1631297
Change-Id: If9d6987cd0a8fc5d3f9de518ba422d97d5149732
|
|
This default setting got lots in the composable roles/services patches.
Re-enable the ManageFirewall setting by default per what we did in
git commit 73c76b867ddc8a23a30b9a3cac4031189d4178c6.
We also fix a typo in neutron-api.yaml so that the firewall rules
matches to service_name. (otherwise it won't get loaded).
Also, drops the environments/manage-firewall.yaml which is
no longer needed if we enable firewall management by default.
Change-Id: Ie198e4efd190131d0722085b10ef77da9005bc1b
Closes-bug: 1629934
|
|
|
|
When deploying manila with cephfs backend,
/etc/manila/manila.conf should define
cephfs_conf_path = /etc/ceph/ceph.conf
in the cephfs native backend since this is
the conventional path that ceph operators expect
and since we document that path upstream.
Change-Id: I4abf5c33b675b1102413a84d64f4ce23b07b4485
Closes-Bug: 1630777
|
|
|
|
This patch modifies the service name to be more appropriately called
"OpenDaylightApi" along side the "OpenDaylightOvs" service used to
configure OpenVSwitch. It also splits out the OVS configuration for
controller nodes into the composable OpenDaylightOvs service.
Related-Bug: #1629408
Change-Id: I15221401acdfb2a9ef81107b54a8005348f8372f
Signed-off-by: Tim Rozet <trozet@redhat.com>
|
|
|
|
The default path if the operator does nothing is to keep the
sahara services on mitaka to newton upgrades.
If the operator wishes to remove sahara services then they
need to specify the provided major-upgrade-remove-sahara.yaml
environment file in the stack upgrade commands.
The existing migration to ha arch already removes the constraints
and pcs resource for sahara api/engine so we just need to stop
it from starting again if we want to remove it.
This adds a KeepSaharaServiceOnUpgrade parameter to determine if
Sahara is disabled from starting up after the controllers are
upgraded (defaults true).
Finally it is worth noting that we default the sahara services
as 'on' during converge here in the resource_registry of the
converge environment file; any subsequent stack updates where
the deployment contains sahara services will need to
include the -e /environments/services/sahara.yaml environment
file.
Related-Bug: 1630247
Change-Id: I59536cae3260e3df52589289b4f63e9ea0129407
|
|
|
|
|
|
When you tried to use the environemnt/monitoring-environment.yaml
as a part of the deployment on the overcloud you hit the
following error and it stops the deploy of the overcloud.
***
Deploying templates in the directory /home/stack/tripleo-heat-templates
'NoneType' object does not support item assignment
***
Closes-Bug: #1629323
Change-Id: I8cf2e7d8f3a4e79cc71a1566ec17d0a977c38d60
Signed-off-by: Juan Badia Payno <jbadiapa@redhat.com>
|
|
When you tried to use the environemnt/logging-environemnt.yaml
as a part of the deployment on the overcloud you hit the
following error and it stops the deploy of the overcloud.
***
Deploying templates in the directory /home/stack/tripleo-heat-templates
'NoneType' object does not support item assignment
***
Closes-Bug: #1629315
Change-Id: I55e5c7f20ddf30f3e48247b734f6fa47f5de3750
Signed-off-by: Juan Badia Payno <jbadiapa@redhat.com>
|
|
This sets up a flag that tells the profiles to use TLS (this will happen
in the internal network).
bp tls-via-certmonger
Change-Id: If47febb5b38b1c65f60f9de87a34cb31936a7c0d
|
|
This adds some basic pieces to get certmonger to manage the
certificates for HAProxy. The aim is to be flexible enough that we
will be able to manage both public and internal certificates.
This also adds a relevant environment to get the endpoints to have
TLS everywhere.
bp tls-via-certmonger
Depends-On: I89001ae32f46c9682aecc118753ef6cd647baa62
Change-Id: Ife5f8c2f07233295bc15b4c605acf3d9bd62f162
|
|
This patch deprecates netapp_eseries_host_type in favor of netapp_host_type.
Change-Id: I113c770ca2e4dc54526d4262bacae48e223c54f4
Closes-Bug: 1579161
|
|
|