Age | Commit message (Collapse) | Author | Files | Lines |
|
|
|
Convert NetApp Cinder back end to support composable roles via new
"CinderBackendNetApp" service.
Closes-Bug: #1680568
Change-Id: Ia3a78a48c32997c9d3cbe1629c2043cfc5249e1c
(cherry picked from commit c533a3219e47c5a6155e85e089b9f8acdb4a3dd6)
|
|
Following change I1393d65ffb20b1396ff068def237418958ed3289 the ctlplane
network will be 192.168.24 by default and not 192.0.2 anymore.
This change removes old references left to 192.0.2 network from the
overcloud templates.
(cherry picked from commit b5b6681a74e001448a836e7eea5e75fba859b88c)
Closes-Bug: #1682144
Change-Id: I49bd1ac8d594105665010bd898670b17e72fa763
|
|
It is using a trigger tripleo::profile::base::keystone::ldap_backend_enable in puppet-tripleo
who will call a define in puppet-keysone ldap_backend.pp.
Given the following environment:
parameter_defaults:
KeystoneLDAPDomainEnable: true
KeystoneLDAPBackendConfigs:
tripleoldap:
url: ldap://192.0.2.250
user: cn=openstack,ou=Users,dc=redhat,dc=example,dc=com
password: Secrete
suffix: dc=redhat,dc=example,dc=com
user_tree_dn: ou=Users,dc=redhat,dc=example,dc=com
user_filter: "(memberOf=cn=OSuser,ou=Groups,dc=redhat,dc=example,dc=com)"
user_objectclass: person
user_id_attribute: cn
user_allow_create: false
user_allow_update: false
user_allow_delete: false
ControllerExtraConfig:
nova::keystone::authtoken::auth_version: v3
cinder::keystone::authtoken::auth_version: v3
It would then create a domain called tripleoldap with an LDAP
configuration as defined by the hash. The parameters from the
hash are defined by the keystone::ldap_backend resource in
puppet-keystone.
More backends can be added as more entries to that hash.
This also enables multi-domain support for horizon.
Conflicts:
puppet/services/keystone.yaml
Closes-Bug: 1677603
Co-Authored-By: Juan Antonio Osorio Robles <jaosorior@redhat.com>
Depends-On: I1593c6a33ed1a0ea51feda9dfb6e1690eaeac5db
Change-Id: I6c815e4596d595bfa2a018127beaf21249a10643
Signed-off-by: Cyril Lopez <cylopez@redhat.com>
(cherry picked from commit 347f5434b3e3793b9fdf2a94f49ab7734c5d923b)
|
|
|
|
|
|
A new environment file to be used when using the deployed-server roles
data at deployed-server/deployed-server-roles-data.yaml. This ensures
the Pre and Post Puppet Tasks for the ControllerDeployedServer role are
mapped to the stacks that handle maintenance mode and resource restarts
for pacemaker on stack-update.
Change-Id: I1ca52dfb3a3b669e128ebb0a28d9e36a1807faad
Closes-Bug: #1665060
(cherry picked from commit f8cc35092d8d8c60eee12bd2a550ff5d60e28582)
|
|
Ceilometer Auth should be enabled even if ceilometer api
is not. Lets decouple these, this flag will be used in
puppet-tripleo where ceilometer::keystone::auth class
is initialized.
Change-Id: Iffebd40752eafb1d30b5962da8b5624fb9df7d48
Closes-bug: #1677354
(cherry picked from commit 0d04302abd19f98df3cd700f9cc4ec47273e5dac)
|
|
In Ocata and later, the port binding controller for ODL was changed by
default to be the pseudo agent controller, which requires a new feature
"host config" for OVS. This patch modifies the default to use
network-topology, which will work without any new host config features
implemented (previous way of port binding).
Closes-Bug: 1675211
Depends-On: I5004fdeb238dea81bc4f7e9437843a8a080d5b46
Change-Id: I6a6969d1d6b8d8b8ac31fecd57af85eb653245d2
Signed-off-by: Tim Rozet <trozet@redhat.com>
(cherry picked from commit 502b3459d9c2b32beba31b37814d7625cd007775)
|
|
The agent configuration was lost in newton during the puppet-tripleo and
THT role conversion. This change adds support for including the bigswitch
agent service for composable roles.
Change-Id: I46896389e48cdbe2864bf5b609a786f1c84ef908
Closes-Bug: #1673126
(cherry picked from commit 8eaa5f8e10a801be8fc45eeaaa479e7774d97997)
|
|
|
|
Bug #1611800 fixed an upgrade issue by enabling purging configs for
some services, but this causes issues such as longer updates and
restarting services in the minor update case, so only do this for
major upgrades, and default to false.
Conflicts: (don't exist on this branch)
environments/major-upgrade-composable-steps-docker.yaml
environments/major-upgrade-converge-docker.yaml
Related-Bug: #1611800
Closes-Bug: #1674858
Change-Id: Iff7d715f6730c5633f1146008504b4309ef3133d
(cherry picked from commit 947a7148e807e74daf9e30e4e8c891d5bdacc69f)
|
|
Adds default nic config mappings when using the deployed-server custom
roles data at deployed-server/deployed-server-roles-data.yaml.
Previously there were no default mappings as the hardcoded mapping for
the Controller role from overcloud-resource-registry-puppet.j2.yaml
would not be used since there is no Controller role when using
deployed-server.
The default mapping is net-config-static.yaml instead of
net-config-noop.yaml, since there is no requirement of a L2 domain for
dhcp between undercloud and overcloud nodes when using deployed-server.
The convenience mapping of ControllerDeployedServer to
net-config-static-bridge.yaml is also added so that out of the box the
roles with controller services will get the right bridge created.
The mappings can always be overridden in later environment files if
needed.
Change-Id: I581fec99b459a12512686e47b10b962756652eb3
Closes-Bug: #1670493
Depends-On: Ib681729cc2728ca4b0486c14166b6b702edfcaab
(cherry picked from commit cdbf1ca1918af649d1079ee07a9303059c9723ed)
|
|
into stable/ocata
|
|
stable/ocata
|
|
This package wasn't installed in the Newton image and we need to
install it during upgrade to be able to skip preupgrade validations.
Change-Id: If6ee7a3801756ac445ae35534803eab175ad8e40
Closes-Bug: 1667967
(cherry picked from commit 96618f85e6b92a4d1d2413e72adafab2abcbddc6)
|
|
Until we get bug #1635409 fixed we'll have to keep the two lists
in sync.
Change-Id: Ifd996bd4c95f901f242696b37e179073be6334d0
Related-Bug: #1635409
(cherry picked from commit 1a719a037df585a45e57316a2a20d6282fe5ba8b)
|
|
It's deprecated, to be removed in Ocata, and it's discouraged to set it
to anything but the default value ('') that means that routers are not
plugged directly into br-ex, but allows l2 agent to do the wiring.
There are known issues with setting it to br-ex (like wrong port
statuses): If533cf7c4c379be78f5a15073accaff7f65973ab
The only caveat to setting it to the default ('') value is that in that
case l2 agent should be configured with bridge mapping for physical
networks. Since we already configure bridge_mappings for the agent, we
should be safe to unset the option.
Now that it's the default, there is no reason to override it in example
environments.
This patch also changes the description for the parameter to make it
more clear that users are not expected to set it unless they know what
they are doing. Also, moved the parameter into deprecated section to
make it even more clear it's not something to touch in new deployments.
Change-Id: Iade7fbaf92c8c601227f4456a15ea3f13a907ee2
Related-Bug: #1563070
(cherry picked from commit 21d2afd4bf9f57fd0fb3709d87acb452f13912df)
|
|
Increase apache serverlimit and maxrequestworkers to 100
in low-memory-usage template.
We have been reaching the limit with all the OpenStack services that we run in WSGI.
Increasing the number will help us to promote packages in TripleO CI.
Change-Id: I3f71f279a8dfaee9db5f5d1091ad079d9170de1f
(cherry picked from commit 99f0b84983e8769bf975060fbf392cc1a8a28057)
|
|
This adds the UpgradeInitCommonCommand for newton..ocata common
UpgradeInit commands. This comes before the ansible upgrade steps
so we need to do things like remove the old newton hieradata and
install the ansible-pacemaker module and ansible heat-agent plugin
This defaults to '' and is set in the major-upgrade-composable-steps
and unset in the major-upgrade-converge environment files.
Change-Id: I0c7a32194c0069b63a501a913c17907b47c9cc16
(cherry picked from commit 01a91d37199f592aa4273e3847eb1f4f1d27da02)
|
|
|
|
|
|
This is a generic replacement for the previous pacemaker named
file that is designed to work with the new composable-steps upgrade.
Change-Id: If5016b910931364a621b280465420d0bf2617895
Partially-Implements: blueprint overcloud-upgrades-per-service
|
|
|
|
Co-Authored-By: Mathieu Bultel <mbultel@redhat.com>
Co-Authored-By: Oliver Walsh <owalsh@redhat.com>
Change-Id: Iafad800a6819d7e75fdaab60d328999d3d3c037f
Partially-Implements: blueprint overcloud-upgrades-per-service
Related-Bug: #1662344
|
|
|
|
Providing an empty 'parameter_defaults' is resulting in overriding
of all the previously populated 'parameters_defaults' as None.
Commenting the empty statement and cleaned-up emtpy line in j2
templating.
Change-Id: I75bac6b558ac16a08e0964599cecae5bf10edf8a
|
|
backend."
|
|
|
|
|
|
Depends-On: Ic74ccd5fa7b3b04ca810416e5160463252f17474
Implements: blueprint congress-service-integration
Change-Id: Ie60540c340c0eb71ff376aba65507a8bb3e909b6
Signed-off-by: Dan Radez <dradez@redhat.com>
|
|
Depends-On: Ide0e60f3b7a3733788af4337c1c39b4a956c876f
Depends-On: I3d6bbc05644e840395f87333ec80e3b844f69903
Depends-On: Idf6abcb7fe766546cb362ad4afe54f4bccd9c994
Implements: blueprint tacker-service-integration
Change-Id: Ibddc81561f6e6ba671bd01a9251c57d3ad67ba8c
Signed-off-by: Dan Radez <dradez@redhat.com>
|
|
|
|
In current setup some Contrail services belong to the wrong roles.
The Contrail control plane can be impacted if the Analytics database has
problems.
Change-Id: I0d57a2324c38b5b20cc687c6217a7a364941f7e6
Depends-On: Id0dd35b95c5fe9d0fcc1e16c4b7d6cc601f10818
Closes-Bug: #1659560
|
|
|
|
|
|
|
|
ScaleIO storage backend.
This change adds all relevant parameters for:
- Dell EMC ScaleIO Block Storage driver configuration
Closes-Bug: #1661316
Depends-On: I5534aab53b70de215336a076d25263c73b8d7b5b
Change-Id: I8927151adbce235595a5c62365e1f87a6503c462
|
|
Updated the heat templates for Cinder Dell EMC PS Series backend
to use composable services and rebranding of EQLX to Dell EMC PS Series
Closes-Bug: #1661313
Change-Id: Id9d6f172f3f79a31788b26c7776d738fda5a30fa
|
|
The collectd composable service permits an operator to configure
collectd metrics collection as part of the overcloud install.
Depends-on: I03cfbd96778a76125d18e2ca2f48d96e292608de
Change-Id: I143565329f5128f15cc39c9b62a6b242666383ab
|
|
Updated the heat templates for Cinder Dell EMC Storage Center
Backend to use composable services
Closes-Bug: #1661314
Change-Id: I454549c45da7388f0e42975c9f4637dde9ec51e3
|
|
This patch adds the Octavia services to the registry and controller role
(disabled by default). Also included is an example environment file for
enabling the services and required configuration. The API service
profile is also amended configure the load balancer service provider in
neutron to point to the octavia load balancer driver.
Change-Id: I7f3bba950f5b1574ba842a39e93a8ac2b1ccf7bb
Partially-implements: blueprint octavia-service-integration
|
|
Where the role has disabled upgrades, we need to skip both the ansible and
puppet steps. To do this we refactor the post.j2.yaml so that it can be
included in the upgrade template with an adjusted list of roles.
Note this requires https://review.openstack.org/#/c/425220/ - this
change will be required for local testing of this patch
(run mistral-db-mange populate after updating tripleo-common
and restart the mistral services, or update your repos and re-run
openstack undercloud install).
Partially-Implements: blueprint overcloud-upgrades-per-service
Change-Id: Ie7d0fa6fef3528bd93e6cde076b964ea8de3185a
|
|
This patch renames certain ovn plugin and controller configuration
parameters as well as adds some additional ml2 configuration parameters.
It also disables the need for the neutron metadata agent.
Co-authored-by: Numan Siddique <nusiddiq@redhat.com>
Change-Id: Idc9e7ef4a1b88013bca3eac3c136e4710e38a5c0
|
|
This parameter has been removed in neutron from the sriov conf
file, in Ocata. Removing the parameter from tripleo.
Closes-Bug: #1660929
Change-Id: Icd8a1f6c9049434fd86ceeb24881e1ed49f2bb17
|
|
|
|
|
|
This is meant to describe in the UI how to use the
manila-cephfsnative-config environment file to deploy Manila with
Ceph as backend using either a TripleO managed or an externally
managed Ceph cluster.
Also adds a puppet-ceph.yaml environment file meant to enable the
deployment of a Ceph cluster, given that storage-environment.yaml
is meant to be customized by the user instead.
Change-Id: Iefd7056a9bc079025e6ac4dd50edcd2e2635e1b0
|
|
This patch allows the management of the AuditD service and its associated
files (such as `audit.rules`)
This is achieved by means of the `puppet-auditd` puppet module.
Also places ssh banner capabilities map on top of patch
Change-Id: Ib8bb52dde88304cb58b051bced9779c97a314d0d
Depends-On: Ie31c063b674075e35e1bfa28d1fc07f3f897407b
|
|
|