aboutsummaryrefslogtreecommitdiffstats
path: root/environments
AgeCommit message (Collapse)AuthorFilesLines
2017-04-21Merge "Add composable role support for NetApp Cinder back end" into stable/ocataJenkins1-1/+1
2017-04-12Add composable role support for NetApp Cinder back endAlan Bishop1-1/+1
Convert NetApp Cinder back end to support composable roles via new "CinderBackendNetApp" service. Closes-Bug: #1680568 Change-Id: Ia3a78a48c32997c9d3cbe1629c2043cfc5249e1c (cherry picked from commit c533a3219e47c5a6155e85e089b9f8acdb4a3dd6)
2017-04-12Replace references to the 192.0.2 networkGiulio Fidente8-10/+13
Following change I1393d65ffb20b1396ff068def237418958ed3289 the ctlplane network will be 192.168.24 by default and not 192.0.2 anymore. This change removes old references left to 192.0.2 network from the overcloud templates. (cherry picked from commit b5b6681a74e001448a836e7eea5e75fba859b88c) Closes-Bug: #1682144 Change-Id: I49bd1ac8d594105665010bd898670b17e72fa763
2017-04-07Add trigger to setup a LDAP backend as keystone domaineCyril Lopez1-0/+18
It is using a trigger tripleo::profile::base::keystone::ldap_backend_enable in puppet-tripleo who will call a define in puppet-keysone ldap_backend.pp. Given the following environment: parameter_defaults: KeystoneLDAPDomainEnable: true KeystoneLDAPBackendConfigs: tripleoldap: url: ldap://192.0.2.250 user: cn=openstack,ou=Users,dc=redhat,dc=example,dc=com password: Secrete suffix: dc=redhat,dc=example,dc=com user_tree_dn: ou=Users,dc=redhat,dc=example,dc=com user_filter: "(memberOf=cn=OSuser,ou=Groups,dc=redhat,dc=example,dc=com)" user_objectclass: person user_id_attribute: cn user_allow_create: false user_allow_update: false user_allow_delete: false ControllerExtraConfig: nova::keystone::authtoken::auth_version: v3 cinder::keystone::authtoken::auth_version: v3 It would then create a domain called tripleoldap with an LDAP configuration as defined by the hash. The parameters from the hash are defined by the keystone::ldap_backend resource in puppet-keystone. More backends can be added as more entries to that hash. This also enables multi-domain support for horizon. Conflicts: puppet/services/keystone.yaml Closes-Bug: 1677603 Co-Authored-By: Juan Antonio Osorio Robles <jaosorior@redhat.com> Depends-On: I1593c6a33ed1a0ea51feda9dfb6e1690eaeac5db Change-Id: I6c815e4596d595bfa2a018127beaf21249a10643 Signed-off-by: Cyril Lopez <cylopez@redhat.com> (cherry picked from commit 347f5434b3e3793b9fdf2a94f49ab7734c5d923b)
2017-04-06Merge "Add environment for deployed-server with pacemaker" into stable/ocataJenkins1-0/+4
2017-04-06Merge "Fixes port binding controller for OpenDaylight" into stable/ocataJenkins1-0/+1
2017-04-05Add environment for deployed-server with pacemakerJames Slagle1-0/+4
A new environment file to be used when using the deployed-server roles data at deployed-server/deployed-server-roles-data.yaml. This ensures the Pre and Post Puppet Tasks for the ControllerDeployedServer role are mapped to the stacks that handle maintenance mode and resource restarts for pacemaker on stack-update. Change-Id: I1ca52dfb3a3b669e128ebb0a28d9e36a1807faad Closes-Bug: #1665060 (cherry picked from commit f8cc35092d8d8c60eee12bd2a550ff5d60e28582)
2017-04-04Set auth flag so ceilometer auth is enabledPradeep Kilambi1-0/+3
Ceilometer Auth should be enabled even if ceilometer api is not. Lets decouple these, this flag will be used in puppet-tripleo where ceilometer::keystone::auth class is initialized. Change-Id: Iffebd40752eafb1d30b5962da8b5624fb9df7d48 Closes-bug: #1677354 (cherry picked from commit 0d04302abd19f98df3cd700f9cc4ec47273e5dac)
2017-04-03Fixes port binding controller for OpenDaylightTim Rozet1-0/+1
In Ocata and later, the port binding controller for ODL was changed by default to be the pseudo agent controller, which requires a new feature "host config" for OVS. This patch modifies the default to use network-topology, which will work without any new host config features implemented (previous way of port binding). Closes-Bug: 1675211 Depends-On: I5004fdeb238dea81bc4f7e9437843a8a080d5b46 Change-Id: I6a6969d1d6b8d8b8ac31fecd57af85eb653245d2 Signed-off-by: Tim Rozet <trozet@redhat.com> (cherry picked from commit 502b3459d9c2b32beba31b37814d7625cd007775)
2017-03-31Re-Add bigswitch agent supportAlex Schultz1-1/+12
The agent configuration was lost in newton during the puppet-tripleo and THT role conversion. This change adds support for including the bigswitch agent service for composable roles. Change-Id: I46896389e48cdbe2864bf5b609a786f1c84ef908 Closes-Bug: #1673126 (cherry picked from commit 8eaa5f8e10a801be8fc45eeaaa479e7774d97997)
2017-03-30Merge "Nic config mappings for deployed-server" into stable/ocataJenkins2-4/+11
2017-03-28Only set EnableConfigPurge on major upgradesSteven Hardy2-0/+2
Bug #1611800 fixed an upgrade issue by enabling purging configs for some services, but this causes issues such as longer updates and restarting services in the minor update case, so only do this for major upgrades, and default to false. Conflicts: (don't exist on this branch) environments/major-upgrade-composable-steps-docker.yaml environments/major-upgrade-converge-docker.yaml Related-Bug: #1611800 Closes-Bug: #1674858 Change-Id: Iff7d715f6730c5633f1146008504b4309ef3133d (cherry picked from commit 947a7148e807e74daf9e30e4e8c891d5bdacc69f)
2017-03-28Nic config mappings for deployed-serverJames Slagle2-4/+11
Adds default nic config mappings when using the deployed-server custom roles data at deployed-server/deployed-server-roles-data.yaml. Previously there were no default mappings as the hardcoded mapping for the Controller role from overcloud-resource-registry-puppet.j2.yaml would not be used since there is no Controller role when using deployed-server. The default mapping is net-config-static.yaml instead of net-config-noop.yaml, since there is no requirement of a L2 domain for dhcp between undercloud and overcloud nodes when using deployed-server. The convenience mapping of ControllerDeployedServer to net-config-static-bridge.yaml is also added so that out of the box the roles with controller services will get the right bridge created. The mappings can always be overridden in later environment files if needed. Change-Id: I581fec99b459a12512686e47b10b962756652eb3 Closes-Bug: #1670493 Depends-On: Ib681729cc2728ca4b0486c14166b6b702edfcaab (cherry picked from commit cdbf1ca1918af649d1079ee07a9303059c9723ed)
2017-03-02Merge "Align HCI environment file with list of services from roles_data" ↵Jenkins1-0/+3
into stable/ocata
2017-03-02Merge "neutron: don't set external_network_bridge option by default" into ↵Jenkins8-40/+0
stable/ocata
2017-02-27Install openstack-heat-agents on upgradeMarius Cornea1-1/+1
This package wasn't installed in the Newton image and we need to install it during upgrade to be able to skip preupgrade validations. Change-Id: If6ee7a3801756ac445ae35534803eab175ad8e40 Closes-Bug: 1667967 (cherry picked from commit 96618f85e6b92a4d1d2413e72adafab2abcbddc6)
2017-02-24Align HCI environment file with list of services from roles_dataGiulio Fidente1-0/+3
Until we get bug #1635409 fixed we'll have to keep the two lists in sync. Change-Id: Ifd996bd4c95f901f242696b37e179073be6334d0 Related-Bug: #1635409 (cherry picked from commit 1a719a037df585a45e57316a2a20d6282fe5ba8b)
2017-02-23neutron: don't set external_network_bridge option by defaultIhar Hrachyshka8-40/+0
It's deprecated, to be removed in Ocata, and it's discouraged to set it to anything but the default value ('') that means that routers are not plugged directly into br-ex, but allows l2 agent to do the wiring. There are known issues with setting it to br-ex (like wrong port statuses): If533cf7c4c379be78f5a15073accaff7f65973ab The only caveat to setting it to the default ('') value is that in that case l2 agent should be configured with bridge mapping for physical networks. Since we already configure bridge_mappings for the agent, we should be safe to unset the option. Now that it's the default, there is no reason to override it in example environments. This patch also changes the description for the parameter to make it more clear that users are not expected to set it unless they know what they are doing. Also, moved the parameter into deprecated section to make it even more clear it's not something to touch in new deployments. Change-Id: Iade7fbaf92c8c601227f4456a15ea3f13a907ee2 Related-Bug: #1563070 (cherry picked from commit 21d2afd4bf9f57fd0fb3709d87acb452f13912df)
2017-02-21Increase apache ServerLimit and workers to 100Sagi Shnaidman1-2/+2
Increase apache serverlimit and maxrequestworkers to 100 in low-memory-usage template. We have been reaching the limit with all the OpenStack services that we run in WSGI. Increasing the number will help us to promote packages in TripleO CI. Change-Id: I3f71f279a8dfaee9db5f5d1091ad079d9170de1f (cherry picked from commit 99f0b84983e8769bf975060fbf392cc1a8a28057)
2017-02-17Add Newton to Ocata UpgradeInitCommonCommandmarios2-0/+12
This adds the UpgradeInitCommonCommand for newton..ocata common UpgradeInit commands. This comes before the ansible upgrade steps so we need to do things like remove the old newton hieradata and install the ansible-pacemaker module and ansible heat-agent plugin This defaults to '' and is set in the major-upgrade-composable-steps and unset in the major-upgrade-converge environment files. Change-Id: I0c7a32194c0069b63a501a913c17907b47c9cc16 (cherry picked from commit 01a91d37199f592aa4273e3847eb1f4f1d27da02)
2017-02-16Merge "Add major-upgrade-converge environment."Jenkins1-0/+6
2017-02-15Merge "Add nova service support for composable upgrades"Jenkins1-0/+2
2017-02-15Add major-upgrade-converge environment.Steven Hardy1-0/+6
This is a generic replacement for the previous pacemaker named file that is designed to work with the new composable-steps upgrade. Change-Id: If5016b910931364a621b280465420d0bf2617895 Partially-Implements: blueprint overcloud-upgrades-per-service
2017-02-15Merge "OVN plugin configuration fixes"Jenkins1-3/+5
2017-02-14Add nova service support for composable upgradesSteven Hardy1-0/+2
Co-Authored-By: Mathieu Bultel <mbultel@redhat.com> Co-Authored-By: Oliver Walsh <owalsh@redhat.com> Change-Id: Iafad800a6819d7e75fdaab60d328999d3d3c037f Partially-Implements: blueprint overcloud-upgrades-per-service Related-Bug: #1662344
2017-02-14Merge "Describe use of Manila/CephFS in capabilites_map"Jenkins1-0/+12
2017-02-14Fix empty parameter_default error in environment fileSaravanan KR1-3/+3
Providing an empty 'parameter_defaults' is resulting in overriding of all the previously populated 'parameters_defaults' as None. Commenting the empty statement and cleaned-up emtpy line in j2 templating. Change-Id: I75bac6b558ac16a08e0964599cecae5bf10edf8a
2017-02-13Merge "Enables support for configuring Cinder with Dell EMC ScaleIO storage ↵Jenkins1-0/+35
backend."
2017-02-12Merge "adding Congress Support"Jenkins4-0/+11
2017-02-10Merge "Remove unused SR-IOV parameter NeutronSupportedPCIVendorDevs"Jenkins1-3/+0
2017-02-10adding Congress SupportDan Radez4-0/+11
Depends-On: Ic74ccd5fa7b3b04ca810416e5160463252f17474 Implements: blueprint congress-service-integration Change-Id: Ie60540c340c0eb71ff376aba65507a8bb3e909b6 Signed-off-by: Dan Radez <dradez@redhat.com>
2017-02-09Adding Tacker SupportDan Radez4-0/+11
Depends-On: Ide0e60f3b7a3733788af4337c1c39b4a956c876f Depends-On: I3d6bbc05644e840395f87333ec80e3b844f69903 Depends-On: Idf6abcb7fe766546cb362ad4afe54f4bccd9c994 Implements: blueprint tacker-service-integration Change-Id: Ibddc81561f6e6ba671bd01a9251c57d3ad67ba8c Signed-off-by: Dan Radez <dradez@redhat.com>
2017-02-09Merge "Re-organizes Contrail services to the correct roles"Jenkins8-25/+574
2017-02-08Re-organizes Contrail services to the correct rolesMichael Henkel8-25/+574
In current setup some Contrail services belong to the wrong roles. The Contrail control plane can be impacted if the Analytics database has problems. Change-Id: I0d57a2324c38b5b20cc687c6217a7a364941f7e6 Depends-On: Id0dd35b95c5fe9d0fcc1e16c4b7d6cc601f10818 Closes-Bug: #1659560
2017-02-08Merge "Composable service support for Cinder Dell EMC Storage Center"Jenkins1-2/+2
2017-02-08Merge "implement a collectd composable service"Jenkins1-0/+23
2017-02-07Merge "Add registry and role service list entries for Octavia"Jenkins1-0/+9
2017-02-07Enables support for configuring Cinder with Dell EMCrajinir1-0/+35
ScaleIO storage backend. This change adds all relevant parameters for: - Dell EMC ScaleIO Block Storage driver configuration Closes-Bug: #1661316 Depends-On: I5534aab53b70de215336a076d25263c73b8d7b5b Change-Id: I8927151adbce235595a5c62365e1f87a6503c462
2017-02-07Composable services support for Cinder Dell EMC PS Seriesrajinir2-17/+31
Updated the heat templates for Cinder Dell EMC PS Series backend to use composable services and rebranding of EQLX to Dell EMC PS Series Closes-Bug: #1661313 Change-Id: Id9d6f172f3f79a31788b26c7776d738fda5a30fa
2017-02-07implement a collectd composable serviceLars Kellogg-Stedman1-0/+23
The collectd composable service permits an operator to configure collectd metrics collection as part of the overcloud install. Depends-on: I03cfbd96778a76125d18e2ca2f48d96e292608de Change-Id: I143565329f5128f15cc39c9b62a6b242666383ab
2017-02-03Composable service support for Cinder Dell EMC Storage Centerrajinir1-2/+2
Updated the heat templates for Cinder Dell EMC Storage Center Backend to use composable services Closes-Bug: #1661314 Change-Id: I454549c45da7388f0e42975c9f4637dde9ec51e3
2017-02-03Add registry and role service list entries for OctaviaBrent Eagles1-0/+9
This patch adds the Octavia services to the registry and controller role (disabled by default). Also included is an example environment file for enabling the services and required configuration. The API service profile is also amended configure the load balancer service provider in neutron to point to the octavia load balancer driver. Change-Id: I7f3bba950f5b1574ba842a39e93a8ac2b1ccf7bb Partially-implements: blueprint octavia-service-integration
2017-02-03Disable puppet on upgrade for roles not upgradingSteven Hardy2-9/+2
Where the role has disabled upgrades, we need to skip both the ansible and puppet steps. To do this we refactor the post.j2.yaml so that it can be included in the upgrade template with an adjusted list of roles. Note this requires https://review.openstack.org/#/c/425220/ - this change will be required for local testing of this patch (run mistral-db-mange populate after updating tripleo-common and restart the mistral services, or update your repos and re-run openstack undercloud install). Partially-Implements: blueprint overcloud-upgrades-per-service Change-Id: Ie7d0fa6fef3528bd93e6cde076b964ea8de3185a
2017-02-02OVN plugin configuration fixesBabu Shanmugam1-3/+5
This patch renames certain ovn plugin and controller configuration parameters as well as adds some additional ml2 configuration parameters. It also disables the need for the neutron metadata agent. Co-authored-by: Numan Siddique <nusiddiq@redhat.com> Change-Id: Idc9e7ef4a1b88013bca3eac3c136e4710e38a5c0
2017-02-02Remove unused SR-IOV parameter NeutronSupportedPCIVendorDevsSaravanan KR1-3/+0
This parameter has been removed in neutron from the sriov conf file, in Ocata. Removing the parameter from tripleo. Closes-Bug: #1660929 Change-Id: Icd8a1f6c9049434fd86ceeb24881e1ed49f2bb17
2017-02-01Merge "Add deployed server bootstrap for RHEL"Jenkins1-0/+7
2017-01-31Merge "Removes deprecated neutron-opendaylight-l3 env file"Jenkins1-14/+0
2017-01-30Describe use of Manila/CephFS in capabilites_mapGiulio Fidente1-0/+12
This is meant to describe in the UI how to use the manila-cephfsnative-config environment file to deploy Manila with Ceph as backend using either a TripleO managed or an externally managed Ceph cluster. Also adds a puppet-ceph.yaml environment file meant to enable the deployment of a Ceph cluster, given that storage-environment.yaml is meant to be customized by the user instead. Change-Id: Iefd7056a9bc079025e6ac4dd50edcd2e2635e1b0
2017-01-27Add AuditD composable serviceSteven Hardy1-0/+119
This patch allows the management of the AuditD service and its associated files (such as `audit.rules`) This is achieved by means of the `puppet-auditd` puppet module. Also places ssh banner capabilities map on top of patch Change-Id: Ib8bb52dde88304cb58b051bced9779c97a314d0d Depends-On: Ie31c063b674075e35e1bfa28d1fc07f3f897407b
2017-01-27Merge "Adds SSH Banner text into sshd_config"Jenkins1-0/+13