Age | Commit message (Collapse) | Author | Files | Lines |
|
|
|
|
|
This patch allows the management of the AuditD service and its associated
files (such as `audit.rules`)
This is achieved by means of the `puppet-auditd` puppet module.
Also places ssh banner capabilities map on top of patch
Change-Id: Ib8bb52dde88304cb58b051bced9779c97a314d0d
Depends-On: Ie31c063b674075e35e1bfa28d1fc07f3f897407b
|
|
|
|
|
|
This is similar to the bootstrap for CentOS, except we don't set SELinux
to permissive on RHEL.
Change-Id: I52b8fa017ee2821d2fa91e5ec806a55fcb92566d
Partially-implements: blueprint split-stack-software-configuration
|
|
This change adds a profile to deploy the Ceph RBD mirroring daemon
as a Pacemaker resource.
Change-Id: Ib07e5bca6a45f0c6c59a3acf07f4e3ae9d2f8948
Depends-On: Ic63dc5cffece38942d305f538f71dd58a5d50789
Closes-Bug: #1652177
|
|
Allow use of ooo template to populate banner text into /etc/issue
Change-Id: If5b2da9415f10652a0a64503b2da4b63d1018640
Depends-On: Ie9f8afdfa9930428f06c9669fedb460dc1064d5e
Closes-Bug: #1640306
|
|
|
|
These metadata settings (the hardcoded metadata and the hook override)
are used by the novajoin service when it's deployed in the undercloud,
and will tell it to enroll the overcloud nodes and the services that are
specified by the metadata hook.
bp novajoin
bp tls-via-certmonger
Change-Id: Ia4645cc356688b7bcf82ed7765c0b74d53d64ed1
|
|
|
|
|
|
Horizon provides a password validation check, which OpenStack cloud
operators can use to enforce password complexity checks for users
within horizon.
A dictionary containing a regular expression can be used for
password validation with help text that is displayed if the password
does not pass validation.
HORIZON_CONFIG["password_validator"] = {
"regex": '.*',
"help_text": _("Your password does not meet the requirements."),
}
This change allows injection of the regex into horizons local_settings
file from a tripleo heat template
Change-Id: Ib6517c8f96148bea002b0e3442a26367b236928f
Depends-On: If82a80ed6a8e6e65aecc2a25ee6d60640ae03c9a
Closes-Bug: #1640800
|
|
|
|
If TLS in the internal network is enabled, we run glance-api beind a
TLS proxy (which is actually httpd's mod_proxy). This passes the
necessary hieradata.
bp tls-via-certmonger
Change-Id: I693213a1f35021b540202240e512d121cc1cd0eb
Depends-On: Id35a846d43ecae8903a0d58306d9803d5ea00bee
|
|
This change adds the ec2api service using the
tripleo::profile::base::nova::ec2api profile.
The deprecated nova-cert service is not supported, and therefore the
RegisterImage action is not supported either.
Change-Id: I2510fd4ed935d8423216fff9ce3adf2d69c9c804
Depends-On: If4b091e1ca02f43aa9c65392baf8ceea007b7cfb
|
|
This adds a pacemaker_remote puppet service so that an operator
can automatically deploy pacemaker-remote on nodes of his choice.
Change-Id: I9678606b3de9b9f4c03014b33c1dd27fcba67513
Depends-On: I581552dfa64160e2f82f6a9b8f2ae521c3d6da8d
Depends-On: I92953afcc7d536d387381f08164cae8b52f41605
|
|
|
|
|
|
Introduce THT for fossw ML2 plugin in networking-fujitsu.
networking-fujitsu is a neutron ML2 plugin which enables several
FUJITSU switch products in OpenStack environment. This templates
deploy overcloud with FOS switch.
Change-Id: I977dbecbf9f6f9725f7fb5ca4745b537a73975ff
Implements: blueprint integration-fossw-networking-fujitsu
Depends-On: I044c5812bbc5cd3de4bc33556cffbe5bad8e64cf
Depends-On: I79df6b6a27d95f0c0e2c87207ab80235a4efccfc
|
|
etcd is used by networking-vpp ML2 driver as the messaging mechanism. This
patch adds etcd service which can be used by other services.
Implements: blueprint fdio-integration-tripleo
Depends-on: Idaa3e3deddf9be3d278e90b569466c2717e2d517
Change-Id: I8ae1e2c9b0c3d6f448e1da712100938d011289f5
Signed-off-by: Feng Pan <fpan@redhat.com>
|
|
|
|
Introduce basic configuration support for Octavia API service.
Change-Id: I8816725ed65039af4b7d45392a2823395e81e51c
Depends-On: I77783029797be4fb488c6e743c51d228eba9c474
Partially-Implements: blueprint octavia-service-integration
|
|
|
|
Use the standard composable interface to disable
ceilo api instead of using a separate flag.
Closes-bug: #1656364
Change-Id: I67900f7e6816212831aea8ed18f323652857fbd3
|
|
|
|
|
|
|
|
This patch adds the new OS::TripleO::DeployedServer::Bootstrap
entry to this template as OS::Heat::None.
This fixes the undercloud t-h-t installer.
Change-Id: I211fff6dd81cb1a6425dbae4b81d4e9e8819fc52
|
|
|
|
|
|
Add support to deploy Nova Placement API service in TripleO.
Change-Id: Ie41ebc362a0695c8f55419e231100c63007405ed
|
|
The mechanism to pass config files to the neutron-ovs-agent container
was overly complex and not at all justified. This commit removes a few
useless parameters and aligns the neutron-ovs-agents with the rest of
the containers.
Change-Id: Ib9a5985ac9d098731c2fb798d6c9e03cba4b87dd
|
|
|
|
files/partitions"
|
|
Allow user to configure rbd_default_features parameter in
ceph.conf / [client] section. Operators deploying newer
Ceph clients that must use older Ceph servers need to be
able to easily set this option for backwards compatibility.
Change-Id: I685c95c47282894bb6309168c537de877dbccc66
Depends-On: I477640c5db2cc84622da7734fb54cfe7740bd137
Related-Bug: 1633552
|
|
Glance registry is not required for the v2 of the API and there are
plans to deprecate it in the glance community.
Let's remove v1 support since it has been deprecated for a while in
Glance.
Depends-On: I77db1e1789fba0fb8ac014d6d1f8f5a8ae98ae84
Co-Authored: Flavio Percoco <flaper87@gmail.com>
Change-Id: I0cd722e8c5a43fd19336e23a7fada71c257a8e2d
|
|
Adds an environment file, template, and script that can be used to do
initial bootstrapping of deployed servers during NodeExtraConfig. It is
meant to install and configure the initial dependencies needed to apply
the rest of the OpenStack configuration via Heat.
Enabling yum repos and installing the initial python-heat-agent package
would still have to be manual steps when using this environment. But the
goal is to keep those manual steps to a minimum and automate as much as
possible in deployed-server-bootstrap.sh.
Along with setting EnablePackageInstall: True, this could eventually
replace bootstrap-overcloud-full.sh from tripleo-ci.
Partially-implements: blueprint split-stack-software-configuration
Change-Id: I6be94604a46382e6288df1b36b9de8fab58696cc
|
|
files/partitions
This submission:
- Fix an error in the AllNodesExtraConfig resource.
(Can't merge servers multiple times).
- Add environment files to deploy swap file/partition
without manual edit over the templates.
- If a swap partition is mounted without having it available
the deployment will fail, the fix checks that if the
partition is not created then the deployment continues.
- Removing empty extra lines in swap templates.
- Adjust description and remove unnecessary comments in
swap templates.
Closes-Bug: 1652184
Change-Id: I828bbbbd4c178956aac74af49f80fcd4f62fa16b
|
|
|
|
Somehow missed deleting this in previous patch. This file should be
removed as only neutron-opendaylight.yaml env file should be used.
Related-Bug: 1654586
Change-Id: Ibd56b032b86170fed947d8030cb0bd443581ee87
Signed-off-by: Tim Rozet <trozet@redhat.com>
|
|
Cinder configuration with HPELeftHandISCSIDriver
for VSA storage
Change-Id: Iaefbf38522069f6c636130e357f19a7fb7d54fe4
|
|
|
|
|
|
|
|
Deploying ODL without L3 DVR is no longer supported. This patch moves
the opendaylight-l3 env settings to be the new default for opendaylight
env file, while also removing any option to disable L3.
Closes-Bug: 1654586
Change-Id: Ia2488cb0b752fb4b33f03caa7a1d2469d20395f0
Signed-off-by: Tim Rozet <trozet@redhat.com>
|
|
In Newton, the ctlplane port on deployed-server was called
<hostname>-ctlplane-port. When this code was refactored in
I29fbc720c3d582cbb94385e65e4b64b101f7eac9, the -port suffix was dropped
in favor of <hostname>-<network> convention, and the port resource was
created directly in deployed-server.yaml instead of in a nested stack.
Both of those changes were backwards incompatible -- making it
impossible to upgrade to the new version of deployed-server.yaml without
the ctlplane port getting deleted/recreated, which causes a change in IP
address. The IP address change causes services to be misconfigured on
upgrade attempts.
Change-Id: I45991b60a151abf3c5e4d05a3aa7246b2d25ac5a
|
|
|
|
This change adds a CephMds service, disabled by default, on the
Controller role and an environment file to enable it.
Change-Id: If7cb46319038a80ed52f753a623989885e1b7da4
Depends-On: Iaecc3ff7acb851776c5057c42a5a513a70425d2c
Partial-Bug: #1644784
|
|
Introduce THT for networking-fujitsu. networking-fujitsu is a neutron ML2 plugin
which enables FUJITSU C-Fabric switch in OpenStack environment. This templates
deploy overcloud with C-Fabric switch.
Change-Id: Iee75a1a30552d8dc9f55f52d10b0dc2b623992ef
Implements: blueprint integration-networking-fujitsu
Depends-On: I37a502b43eb7d91bfe20625248ed117eae3ca535
Depends-On: I5eb2c2a9c50b5991d62f4b6d74b83351c86b02de
|