summaryrefslogtreecommitdiffstats
path: root/extraconfig
AgeCommit message (Collapse)AuthorFilesLines
2017-10-19Support for Satellite Capsule in rhel-registrationEmilien Macchi1-9/+8
For deployments running on RHEL with Satellite 6 (or beyond) with Capsule (Katello API enabled), the Katello API is available on 8443 port, so the previous API ping didn't work for this case. Capsule is now supported since we just check if katello-ca-consumer-latest rpm is available to tell that Satellite version is 6 or beyond. Closes-Bug: #1716777 Change-Id: If76763b367917fc15f609ad144679750602826eb (cherry picked from commit ad3ea5bb7a2ee2cb1ae6b1d21b2f0b5a177c9fc6)
2017-09-07Maintain ceph-osd package only on nodes hosting CephOSD serviceAlan Bishop2-0/+65
The ceph-osd package is only required on nodes hosting the CephOSD service, but the package's presence on other nodes may interfere with software updates. That's because some distros distribute Ceph software in different channels, and not all nodes have access to the ceph-osd channel. There are two parts to the fix, and the first is an enhancement to the yum update process. The process detects when the ceph-osd package is not required, and removes the package from the node. The second part takes ceph-osd out of the default list of packages needed by puppet-ceph. The ceph-osd package is listed only on the nodes hosting the CephOSD service. Closes-Bug: #1713292 Change-Id: I7a581518ed25cf5f264abfaabfcf2041363a065b (cherry picked from commit 5a89ea21f2add98119a10464b020a98999d31c41)
2017-08-31Remove puppet run and workarounds from tripleo_upgrade_node.shmarios1-45/+1
For bug 1708115 and the O..P upgrade, and for the upgrade of 'non-controlers' we are now generating ansible playbooks from collected service upgrade_tasks and these are executed instead of the legacy tripleo_upgrade_node.sh. To clarify, by 'non-controllers' it is meant any node for which the corresponding roles_data.yaml role has the disable_upgrade_deployment flag set True. As a first pass, I am removing the workarounds from the script but keeping its delivery mechanism for now in case it is needed still. We can either update here to remove it or keep it until next cycle The most important part for now is that we no longer 'manually' run puppet here. Instead the post_deploy_steps are also collected into a playbook and will be executed after the upgrade_tasks (see the bug for discussion of the mechanism and related reviews) Change-Id: Ib017b0ab435ca9558cf8659d434489cdf01df955 Related-Bug: 1708115 (cherry picked from commit 4c5b9c5c967105536106fa4a7e1ec2352b14b08c)
2017-08-17Workaround for RHEL registration as "localhost"James Slagle1-0/+14
Workaround systems getting registered as "localhost" during RHEL registration if they don't have a fqdn set by first rm'ing the /etc/rhsm/facts directory. When the directory does not exist, the katello-rshm-consumer which runs when installing the katello-ca-consumer will not set the hostname.override fact to "localhost". Change-Id: Ia29aa9c775f715f9745bb7e1e4022cc395a7d092 Partial-Bug: #1711435
2017-08-16Merge "Render VIPs dynamically based on network_data.yaml"Jenkins1-14/+30
2017-08-14Don't unregister on system/resource deleteJames Slagle1-17/+18
Don't unregister systems from the portal/satellite when deleting from Heat. There are several reasons why it's compelling to fix this behavior. See https://bugs.launchpad.net/tripleo/+bug/1710144 for full information. The previous behavior can be triggered by setting the DeleteOnRHELUnregistration parameter to "true". Closes-Bug: #1710144 Change-Id: I909a6f7a049dc23fc27f2231a4893d428f06a1f1
2017-08-14Fix Heat condition for RHEL registration yum updateJames Slagle1-2/+5
There were 2 problems with this condition making the rhel-registration.yal template broken: "conditions" should be "condition" The condition should refer to just a condition name defined in the "conditions:" section of the template. Change-Id: I14d5c72cf86423808e81f1d8406098d5fd635e66 Closes-Bug: #1709916
2017-08-04Merge "Stop and disable openstack-nova-compute service on compute nodes"Jenkins1-0/+3
2017-08-04Render VIPs dynamically based on network_data.yamlDan Sneddon1-14/+30
This change modifies the templates to dynamically define the VIPs based on network_data.yaml. If a network is defined and marked with "vip: true" in network_data.yaml, it will be included in the overcloud.yaml which defines the deployment-level resources. This should make it possible to create custom networks and use them for services which use high-availability through VIPs. Also, extraconfig/nova_metadata/krb-service-pricipals.yaml was modified to dynamically produce the FQDN map for VIPs on isolated networks, to match overcloud.j2.yaml. Depends-On: If074f87494a46305c990a0ea332c7b576d3c6ed8 Depends-On: Iab8aca2f1fcaba0c8f109717a4b3068f629c9aab Partially-implements: blueprint composable-networks Closes-bug: 1667104 Change-Id: I71339a6ac41133e95dbc3f93abb7a9fdeb0f2da0
2017-08-03Merge "Add environment for setting a custom domain name"Jenkins1-2/+2
2017-08-03Stop and disable openstack-nova-compute service on compute nodesMarius Cornea1-0/+3
This change stops and disables the openstack-nova-compute service on the compute nodes during the upgrade to the containers architecture. Closes-bug: 1708371 Change-Id: I9ca909d4e91d0a0e4de15572f727f959d9185c64
2017-08-02Make RoleParameters and key_name descriptions consistentBen Nemec3-3/+3
The key_name default is ignored because the parameter is used in some mutually exclusive environments where the default doesn't need to be the same. Change-Id: I77c1a1159fae38d03b0e59b80ae6bee491d734d7 Partial-Bug: 1700664
2017-08-01Adds stop and disable for libvirtd on upgrade to containersmarios1-0/+4
Adds this into the tripleo_upgrade_node.sh executed by the operator for the major upgrade see the bug for more info Change-Id: Ic54b48b149594e8ea08e95152111bcdaf7b252b7 Closes-Bug: 1707926
2017-07-31Enable Dpdk after rebooting with Hugepages for OvS2.7Saravanan KR1-35/+53
With OvS2.7, DPDK is initialized immediately after setting dpdk-init flag. DPDK requires hugepages configuration to be available on kernel args with a reboot. This patch reboots the node after applying the kernel args. And once the node is rebooted, DPDK will be enabled and then the deployment continues. Change-Id: Ide442e09c2bea56a38399247de588e63b4272326
2017-07-27Add environment for setting a custom domain nameBen Nemec1-2/+2
Just setting CloudDomain won't make the domains used consistent. There are a number of CloudName parameters that must be set as well. This change adds a sample environment that includes all of those parameters so it is easy to set everything consistently. Also fixes the description of CloudNameCtlplane to reflect the actual use for that parameter. Change-Id: I56d1c1c5619f83c16c4e8350aa84fccc3d748425
2017-07-25Contrail network realignement + DPDK enablementMichael Henkel3-0/+373
This patch moves Contrail roles communication from public/external to internal_api network for OpenStack API. It also adds the option to enable dpdk. Monolithic firstboot script is broken down into small pre-network and per-node extraconfig scripts Change-Id: I296a3bf60cef6fa950fd71d6e68effe367d1e66b Closes-Bug: 1698422
2017-07-24Merge "Set name property on missing deployments"Jenkins3-0/+3
2017-07-22Merge "Make Deploy/UpdateIdentifier definition semi-consistent"Jenkins1-0/+3
2017-07-21Merge "Add a new role for ComputeOvsDpdk and clean-up parameters"Jenkins1-31/+11
2017-07-21Make Deploy/UpdateIdentifier definition semi-consistentBen Nemec1-0/+3
It seems UpdateIdentifier is an overloaded parameter - it is used both to trigger package updates in the minor update case as well as to trigger the upgrade steps during a major upgrade. I'm not sure it's appropriate to change either of the descriptions as a result, so for the moment that is added to the exclusion list. Change-Id: Ied36cf259f6a6e5c8cfa7a01722fb7fda6900976 Partial-Bug: 1700664
2017-07-18Merge "Ensure yum cache is ready before update"Jenkins1-0/+3
2017-07-17Set name property on missing deploymentsJames Slagle3-0/+3
To be consistent with all other SoftwareDeployment's in tripleo-heat-templates, this sets the name property on the deployments where it was missing. Change-Id: I8bc062d2af93acead240bd5e473ea385b2bf6cf2
2017-07-14Add a new role for ComputeOvsDpdk and clean-up parametersSaravanan KR1-31/+11
A new role ComputeOvsDpdk has been added to avoid manual roles_data creation. And cleaned-up the DPDK parameters inline with the refactored code. Change-Id: I16dac69609c98194c2504ff067258fa14363d4f1
2017-07-14Merge "Adds check for existing yum process during the legacy minor update"Jenkins2-1/+15
2017-07-13Merge "Added OvS permission workaround for enabling DPDK"Jenkins1-0/+26
2017-07-13Adds check for existing yum process during the legacy minor updatemarios2-1/+15
Checks for an existing /var/run/yum.pid and exit 1 with an error message saying why. Change-Id: I374eeb4164a8007ae67fea2796eac109fffdef97 Closes-Bug: 1704131
2017-07-13Ensure yum cache is ready before updateLukas Bezdicka1-0/+3
To workaround yum bug with libnss we need to make yum cache before running update. In fact we should have done this regardless of the bug. Change-Id: I5b2355fb8abe3c8d4b9ce9c62b9ffdba8c1e8d9d Resolves: rhbz#1458841 Closes-Bug: #1703830
2017-07-10Revert "Revert "Blacklist support for ExtraConfig""James Slagle5-7/+96
There is a Heat patch posted (via Depends-On) that resolves the issue that caused this to be reverted. This reverts the revert and we need to make sure all the upgrades jobs pass before we merge this patch. This reverts commit 69936229f4def703cd44ab164d8d1989c9fa37cb. Closes-Bug: #1699463 implements blueprint disable-deployments Change-Id: Iedf680fddfbfc020d301bec8837a0cb98d481eb5
2017-07-10Added OvS permission workaround for enabling DPDKSaravanan KR1-0/+26
The vhost sockets sockets are created with qemu permission, but ovs runs with root permission. In order to allow ovs to access vhost sockets reducing the ovs group permission from root to qemu. This is a temprovary workaround, until ovs fixes the permission issue. The script supports both ovs2.6 and ovs2.7 versions. Change-Id: I172956390c19fc9824bf7590cd48bfcf6201191b
2017-06-23Adds service for OVS and enables ODL DPDK deploymentsTim Rozet2-22/+90
In order to deploy OpenDaylight with DPDK we need to copy the DPDK config for OVS done in the neutron-ovs-dpdk service template, without enabling OVS agent for compute nodes. To do this correctly, we should inherit and openvswitch service which is a common place to set OVS configuration and parameters. Note: vswitch::dpdk config will be called in prenetwork setup with ovs_dpdk_config.yaml so there is no need to include that in the step config for neutron-ovs-dpdk-agent service or opendaylight-ovs-dpdk. Changes Include: - Creates a common openvswitch service template, which in the future will migrate to be its own service. - Renames and fixes OVS DPDK configuration heat parameters in the openvswitch template. - neutron-ovs-dpdk-agent now inherits the common openvswitch template. - Adds opendaylight-ovs-dpdk template which also inherits common ovs template. - Uses OVS DPDK config script to allow configuring OVS DPDK in prenetwork config (before os-net-config runs). This has an issue where hieradata is not present yet, so we have to redefine the heat parameters and pass them via bash. In the future this should be corrected. - Adds opendaylight-dpdk environment file used to deploy an ODL + DPDK deployment. - Updates neutron-ovs-dpdk environment file. Closes-Bug: 1656097 Partial-Bug: 1656096 Depends-On: I3227189691df85f265cf84bd4115d8d4c9f979f3 Change-Id: Ie80e38c2a9605d85cdf867a31b6888bfcae69e29 Signed-off-by: Tim Rozet <trozet@redhat.com>
2017-06-23Enable DPDK on boot using PreNetworkConfigSaravanan KR1-2/+95
DPDK has to be enabled on openvswitch on the boot before configuring the network as when the network uses DPDK ports OvS should be ready to handle DPDK. Enabled DPDK via PreNetworkConfig by checking if ServiceNames contains DPDK service. Implements: blueprint ovs-2-6-dpdk Closes-Bug: #1654975 Depends-On: I83a540336c01a696780621fb2b39486a6abf0917 Change-Id: I7af4534d91e67c94ba559b78b9ac6a001e639db3
2017-06-22Merge "Revert "Blacklist support for ExtraConfig""Jenkins5-96/+7
2017-06-22Revert "Blacklist support for ExtraConfig"Alex Schultz5-96/+7
This reverts commit d6c0979eb3de79b8c3a79ea5798498f0241eb32d. This seems to be causing issues in Heat in upgrades. Change-Id: I379fb2133358ba9c3c989c98a2dd399ad064f706 Related-Bug: #1699463
2017-06-19Merge "Blacklist support for ExtraConfig"Jenkins5-7/+96
2017-06-16Blacklist support for ExtraConfigJames Slagle5-7/+96
Commit I46941e54a476c7cc8645cd1aff391c9c6c5434de added support for blacklisting servers from triggered Heat deployments. This commit adds that functionality to the remaining Deployments in tripleo-heat-templates for the ExtraConfig interfaces. Since we can not (should not) change the interface to ExtraConfig, Heat conditions are used on the actual <role>ExtraConfigPre and NodeExtraConfig resources instead of using the actions approach on Deployments. Change-Id: I38fdb50d1d966a6c3651980c52298317fa3bece4
2017-06-15Ignore case for bootstrap node checksAlex Schultz2-2/+2
The bootstrap_nodeid can have capital letters while the hostname may not. In puppet we use downcase for this comparison, so let's follow a similar pattern for scripts from THT. Change-Id: I8a0bec4a6f3ed0b4f2289cbe7023344fb284edf7 Closes-Bug: #16998201
2017-06-15Merge "Modify PreNetworkConfig config inline with role-specific parameters"Jenkins3-4/+99
2017-06-13Modify PreNetworkConfig config inline with role-specific parametersSaravanan KR3-4/+99
Existing host_config_and_reboot.role.j2.yaml is done in ocata to configure kernel args. This can be enhanced with use of role-specific parameters, which is done in the current patch. The earlier method is deprecated and will be removed in Q releae. Implements: blueprint ovs-2-6-dpdk Change-Id: Ib864f065527167a49a0f60812d7ad4ad12c836d1
2017-06-12Moving *postconfig where it was *postpuppetCarlos Camacho1-4/+4
We need to ensure that the pacemaker cluster restarts in the end of the deployment. Due to the resources renaming we added the postconfig resource not in the end of the deployment as it was *postpuppet. Closes-bug: 1695904 Change-Id: Ic6978fcff591635223b354831cd6cbe0802316cf
2017-06-07Don't create networks if neutron is not enabledFlavio Percoco1-45/+49
With the composable undercloud installer, it's possible to disable services. The extraconfig script assumes both, neutron and nova, are installed and fails if they aren't. This patch checks if those services are available before. Change-Id: Idcc2b9809fcfa92649a0a1f45175ce417dc0e608
2017-05-19Update the template_version alias for all the templates to pike.Carlos Camacho18-18/+18
Master is now the development branch for pike changing the release alias name. Change-Id: I938e4a983e361aefcaa0bd9a4226c296c5823127
2017-05-06Merge "Use the make_url function to build URLs"Jenkins1-11/+11
2017-05-05Merge "Fix up pacemaker_status test in yum_update.sh"Jenkins1-2/+2
2017-05-05Use the make_url function to build URLsZane Bitter1-11/+11
Change-Id: I2b23d92c85d5ecc889a7ee597b90e930bde9028e Depends-On: I72f84e737b042ecfaabf5639c6164d46a072b423
2017-05-04Merge "[N->O] Add openstack-nova-migration to compute nodes."Jenkins1-0/+1
2017-05-04Fix up pacemaker_status test in yum_update.shMichele Baldessari1-2/+2
In change I2aae4e2fdfec526c835f8967b54e1db3757bca17 we did the following: -pacemaker_status=$(systemctl is-active pacemaker || :) +pacemaker_status="" +if hiera -c /etc/puppet/hiera.yaml service_names | grep -q pacemaker; then + pacemaker_status=$(systemctl is-active pacemaker) +fi we did that so due to LP#1668266: we did not want systemctl is-active to fail on non pacemaker nodes. The problem with the above hiera check is that it will match on pacemaker_remote nodes as well. We cannot piggyback the pacemaker_enabled hiera key because that is true on all nodes. So let's make the test check only for pacemaker service without matching pacemaker remote. Tested with: 1) Test on a controller node with pacemaker service enabled [root@overcloud-controller-0 ~]# hiera -c /etc/puppet/hiera.yaml -a service_names |grep '\bpacemaker\b' "pacemaker", [root@overcloud-controller-0 ~]# echo $? 0 2) Test on a compute node without pacemaker: [root@overcloud-novacompute-0 puppet]# hiera -c /etc/puppet/hiera.yaml service_names |grep '\bpacemaker\b' [root@overcloud-novacompute-0 puppet]# echo $? 1 3) Test on a node with pacemaker_remote in the service_names key: [root@overcloud-novacompute-0 puppet]# hiera -c /etc/puppet/hiera.yaml service_names |grep '\bpacemaker\b' [root@overcloud-novacompute-0 puppet]# echo $? 1 [root@overcloud-novacompute-0 puppet]# hiera -c /etc/puppet/hiera.yaml service_names |grep '\bpacemaker_remote\b' "pacemaker_remote"] [root@overcloud-novacompute-0 puppet]# echo $? 0 Change-Id: I54c5756ba6dea791aef89a79bc0b538ba02ae48a Closes-Bug: #1688214
2017-05-04Merge "Initial VIP ipv6 minor update code"Jenkins2-5/+74
2017-05-03[N->O] Add openstack-nova-migration to compute nodes.Sofer Athlan-Guyot1-0/+1
This add openstack-nova-migration on the compute during the upgrade. Closes-Bug: #1687081 Depends-on: Iab022bdfb655e3c52fecebf416e75c9e981072ab Depends-on: I02dc8934521340f42ac44a7d16889f6d79620c33 Change-Id: I3db2a3188e538eeaef61769d38f0166545444cfe
2017-05-02Merge "Fix for the resource ControllerPostPuppetMaintenanceModeDeployment"Jenkins3-10/+15
2017-05-02Initial VIP ipv6 minor update codeMichele Baldessari2-5/+74
To test this change we deployed a stock master with ipv6 which created a bunch of ipv6 with /64 netmask: [root@overcloud-controller-0 ~]# pcs resource show ip-fd00.fd00.fd00.2000..18 Resource: ip-fd00.fd00.fd00.2000..18 (class=ocf provider=heartbeat type=IPaddr2) Attributes: ip=fd00:fd00:fd00:2000::18 cidr_netmask=64 Operations: start interval=0s timeout=20s (ip-fd00.fd00.fd00.2000..18-start-interval-0s) stop interval=0s timeout=20s (ip-fd00.fd00.fd00.2000..18-stop-interval-0s) monitor interval=10s timeout=20s (ip-fd00.fd00.fd00.2000..18-monitor-interval-10s) Then we update the THT folder with this patch and upload the new scripts on the undercloud via: openstack overcloud deploy --update-plan-only .... Then we kick off the minor update workflow: openstack overcloud update stack -i overcloud Once the controller-0 node (bootstrap node for pacemaker) is completed we have the correct VIP configuration: [root@overcloud-controller-0 heat-config-script]# pcs resource show ip-fd00.fd00.fd00.2000..18 Resource: ip-fd00.fd00.fd00.2000..18 (class=ocf provider=heartbeat type=IPaddr2) Attributes: ip=fd00:fd00:fd00:2000::18 cidr_netmask=128 nic=vlan20 lvs_ipv6_addrlabel=true lvs_ipv6_addrlabel_value=99 Operations: start interval=0s timeout=20s (ip-fd00.fd00.fd00.2000..18-start-interval-0s) stop interval=0s timeout=20s (ip-fd00.fd00.fd00.2000..18-stop-interval-0s) monitor interval=10s timeout=20s (ip-fd00.fd00.fd00.2000..18-monitor-interval-10s) Also verified that running the script a second time does not alter the (already fixed) VIPs. Co-Authored-By: Damien Ciabrini <dciabrin@redhat.com> Change-Id: I765cd5c9b57134dff61f67ce726bf88af90f8090