summaryrefslogtreecommitdiffstats
path: root/extraconfig
AgeCommit message (Collapse)AuthorFilesLines
2017-02-28Merge "Adds http proxy support for registering RHEL overcloud nodes"Jenkins3-0/+100
2017-02-24Merge "Adding definition of backup_flags"Jenkins1-0/+1
2017-02-24Adding definition of backup_flagsLuca Lorenzetto1-0/+1
During the upgrade from M to N i encountered an error in a step requiring the upgrade of mysql version. The variable backup_flags is undefined at that point. Change-Id: Ic6681c40934b27a03d00a75007d7f12d6d540de3 Closes-Bug: #1667731
2017-02-22Adds http proxy support for registering RHEL overcloud nodesVincent S. Cojot3-0/+100
It is quite common in large entreprises that direct HTTP/HTTPS to the outside world is denied from nodes/systems but reaching out through a proxy is allowed. This change adds support for an HTTP proxy when RHEL overcloud nodes reach out to either the RHSM portal or to a satellite server. This allows the overcloud nodes to download updates even in locked-down environments. The following variables are settable through templates: rhel_reg_http_proxy_host: rhel_reg_http_proxy_port: rhel_reg_http_proxy_username: rhel_reg_http_proxy_password: Note the following restrictions: - If setting rhel_reg_http_proxy_host, then rhel_reg_http_proxy_port cannot be empty. - If setting rhel_reg_http_proxy_port, then rhel_reg_http_proxy_host cannot be empty. - If setting rhel_reg_http_proxy_username, then rhel_reg_http_proxy_password cannot be empty. - If setting rhel_reg_http_proxy_password, then rhel_reg_http_proxy_username cannot be empty. - If setting either rhel_reg_http_proxy_username or rhel_reg_http_proxy_password, then rhel_reg_http_proxy_host AND rhel_reg_http_proxy_port cannot be empty Change-Id: I003ad5449bd99c01376781ec0ce9074eca3e2704
2017-02-21Add checks in ansible upgrade tasks for CephMon and CephOSDGiulio Fidente1-4/+0
Adds two checks, one for the CephMon and one for the CephOSD upgrade tasks borrowed from ceph-ansible. Change-Id: I0a0e60d277240130c6bd76a74ccc13354b87a30a Co-Authored-By: Sebastien Han <seb@redhat.com>
2017-02-17Merge "Add explicit swift check to tripleo_upgrade_node.sh"Jenkins1-4/+11
2017-02-17Merge "Apply puppet in non-controller script in step."Jenkins2-3/+35
2017-02-17Merge "Automatically backup and restore Swift rings from the undercloud"Jenkins2-0/+73
2017-02-15Add explicit swift check to tripleo_upgrade_node.shmarios1-4/+11
And change the conditional to use hiera instead. Change-Id: Icf91dd91c0ab04e7919172fcfd130183bfd427b4
2017-02-15Apply puppet in non-controller script in step.Sofer Athlan-Guyot2-3/+35
We want to apply a puppet manifest for the non-controller role, but we need to apply it in stages. By loading the proper hieradata we get the needed step configuration. Change-Id: I07bfeee7b7d9a9b8c2c20e5d5c9ed735d0bfc842 Closes-Bug: #1664304
2017-02-12Merge "Dump and run puppet for role which are disable_upgrade_deployment true"Jenkins1-0/+3
2017-02-10Dump and run puppet for role which are disable_upgrade_deployment trueMathieu Bultel1-0/+3
We wants to run puppet on each role which has the flag disable_upgrade_deployment to true. It will run after the upgrade of the role and before running the whole converge step. Change-Id: Ia85be688d070dfb5b8337e8ef3c4bc439fb6052e
2017-02-10Remove legacy major upgrade scripts for Ceph and BlockStorageGiulio Fidente4-246/+1
We do not need the upgrade scripts used to migrate Ceph from hammer to jewel. This submission removes that and the legacy upgrade scripts used for the BlockStorage role. Change-Id: I2674216dd9b5b849de6a2624ee1115420a254182
2017-02-10Delivers upgrade scripts where upgrade steps are disabledmarios4-173/+51
This delivers a /root/tripleo_upgrade_node.sh to those nodes that have the disable_upgrade_deployment flag set to true. They will later be upgraded manually by the operator who will invoke the script delivered here using upgrade-non-controller.sh We can also deliver any service specific upgrade configuration, such as configuring nova-compute to use the placement API as this is required in order for placement to be configured and installed during the subsequent upgrade steps for controller services. This removes the compute and swift specific upgrade scripts as they are now merged into the common tripleo_upgrade_node.sh - removing any hard coded reference to a particular role name (compute/objectstorage) and only relying on the disable_upgrade_deployment is roles_data.yaml Change-Id: I4531a4038b78087ef4a1a62c35f1328822427817 Co-Authored-By: Mathieu Bultel <mbultel@redhat.com>
2017-02-06Automatically backup and restore Swift rings from the undercloudChristian Schwede2-0/+73
Swift rings created or updated on the overcloud nodes will now be stored on the undercloud at the end of the deployment. An additional consistency check is executed before storing them, ensuring all rings within the cluster are identical. These rings will be retrieved (before Puppet runs) by every node when an UPDATE is executed, and by doing this will be in a consistent state across the cluster. This makes it possible to add, remove or replace nodes in an existing cluster without manual operator interaction. Closes-Bug: 1609421 Depends-On: Ic3da38cffdd993c768bdb137c17d625dff1aa372 Change-Id: I758179182265da5160c06bb95f4c6258dc0edcd6
2017-02-02Merge "Don't run yum_update.sh inside docker"Jenkins1-0/+5
2017-01-25Merge "Add metadata settings for needed kerberos principals"Jenkins1-0/+84
2017-01-25Merge "Ignore systemctl return code in yum_update.sh"Jenkins1-1/+1
2017-01-25Add metadata settings for needed kerberos principalsJuan Antonio Osorio Robles1-0/+84
These are only used for TLS-everywhere, and fills up the kerberos principals that will need to be created for the certs used by the overcloud. With this, the metadata hook will format these principals correctly and will further pass them on to the nova metadata service. Where they can be used if there's a plugin enabled. bp tls-via-certmonger bp novajoin Change-Id: I873094bb69200052febda629fda698a7a782c031
2017-01-19Merge "Remove redundant CLI arguments for neutron-db-manage"Jenkins1-1/+1
2017-01-19Ignore systemctl return code in yum_update.shLukas Bezdicka1-1/+1
We only need to know if pacemaker service is in active state. Change-Id: Id5e16f2bbbe51b8a0c250eb5d35e89e61a7b3383 Resolves: rhbz#1414779 Closes-Bug: #1656980
2017-01-18Merge "Bump missing template names to ocata"Jenkins2-2/+2
2017-01-18Merge "Remove Glance Registry service"Jenkins2-2/+1
2017-01-17Bump missing template names to ocataCarlos Camacho2-2/+2
Update pending templates to use the release name alias. Change-Id: I39f9be212d3e9f3bec6f45d9757eca7a3b0ccc06
2017-01-16Remove Glance Registry serviceEmilien Macchi2-2/+1
Glance registry is not required for the v2 of the API and there are plans to deprecate it in the glance community. Let's remove v1 support since it has been deprecated for a while in Glance. Depends-On: I77db1e1789fba0fb8ac014d6d1f8f5a8ae98ae84 Co-Authored: Flavio Percoco <flaper87@gmail.com> Change-Id: I0cd722e8c5a43fd19336e23a7fada71c257a8e2d
2017-01-16Fix for AllNodesExtraConfig and fix environment files to create swap ↵Carlos Camacho2-16/+9
files/partitions This submission: - Fix an error in the AllNodesExtraConfig resource. (Can't merge servers multiple times). - Add environment files to deploy swap file/partition without manual edit over the templates. - If a swap partition is mounted without having it available the deployment will fail, the fix checks that if the partition is not created then the deployment continues. - Removing empty extra lines in swap templates. - Adjust description and remove unnecessary comments in swap templates. Closes-Bug: 1652184 Change-Id: I828bbbbd4c178956aac74af49f80fcd4f62fa16b
2017-01-11Merge "Add retry to RHEL registration"Jenkins1-13/+30
2017-01-10Add retry to RHEL registrationCharles Llewellyn1-13/+30
Occasionally we can see transient network outages when attempting to register with the Redhat Portal or Satellite server. This causes deployment or scaleout operations to fail. These outages are minimal and retrying often resolves the issue. This becomes more prevelant during testing as we deploy infrastructure far more frequently. Change-Id: If23785fbe2eea4643918b2e68915bbc13c1b1112
2017-01-09Merge "Configure Kernel Args and Tuned and then reboot for Compute"Jenkins2-0/+158
2017-01-06Template and role support for the undercloudDan Prince2-0/+219
Add a new roles data YAML file and environment to help create the undercloud via t-h-t. Partially-implements: blueprint heat-undercloud Change-Id: I36df7fa86c2ff40026d59f02248af529a4a81861
2017-01-06Configure Kernel Args and Tuned and then reboot for ComputeSaravanan KR2-0/+158
* On top of the https://review.openstack.org/#/c/411204 * Added Kernel args and Tune-d configuration * Added provision to provide different kernel args per role (applicable for different types of compute roles only) Implements: blueprint tuned-nfv-dpdk Change-Id: I5c538428c376c9d2ebd1c364f0ee8503fd7d620e
2017-01-04Merge "Add pre-network hook and example showing config-then-reboot"Jenkins1-0/+48
2016-12-23Bump template version for all templates to "ocata"Steven Hardy17-17/+17
Heat now supports release name aliases, so we can replace the inconsistent mix of date related versions with one consistent version that aligns with the supported version of heat for this t-h-t branch. This should also help new users who sometimes copy/paste old templates and discover intrinsic functions in the t-h-t docs don't work because their template version is too old. Change-Id: Ib415e7290fea27447460baa280291492df197e54
2016-12-21Merge "Use df instead of findmnt in cephstorage upgrade scripts"Jenkins1-1/+1
2016-12-15Don't run yum_update.sh inside dockerSteve Baker1-0/+5
For now, don't run anything in yum_update.sh when it is run from inside the heat-agents container. A mechanism for doing a yum update on the host can be worked out later, but for now a yum update should never be run inside a container. Change-Id: I73d37578f8b2dc9c3029b968b1ef74ef4894100a
2016-12-15Add pre-network hook and example showing config-then-rebootSteven Hardy1-0/+48
There are some requirements for early configuration that involves e.g setting kernel parameters then rebooting. Currently this can be done via cloud-init, e.g firstboot templates, but there's been discussion around enabling a SoftwareDeployment approach instead. The main advantage of doing it this way is there's an error path if something goes wrong with the config (except triggering the reboot as we have to use NO_SIGNAL for that). Change-Id: Ia54ee654f755631b8062eb5c209a60c6f9161500
2016-12-14Make the openvswitch 2.4->2.5 upgrade more robustmarios10-80/+57
In I9b1f0eaa0d36a28e20b507bec6a4e9b3af1781ae and I11fcf688982ceda5eef7afc8904afae44300c2d9 we added a manual step for upgrading openvswitch in order to specify the --nopostun as discussed in the bug below. This change adds a minor update to make this workaround more robust. It removes any existing rpms that may be around from an earlier run, and also checks that the rpms installed are at least newer than the version we are on. This also refactors the code into a common definition in the pacemaker_common_functions.sh which is included even for the heredocs generating upgrade scripts during init. Thanks Sofer Athlan-Guyot and Jirka Stransky for help with that. Change-Id: Idc863de7b5a8c116c990ee8c1472cfe377836d37 Related-Bug: 1635205
2016-12-12Use df instead of findmnt in cephstorage upgrade scriptsGiulio Fidente1-1/+1
There are scenarios in which findmnt will return a list of all mounted filesystems, which causes the upgrade script to fail in recognizing if the Ceph OSD is backed by ext4. Change-Id: Iadebdc32b523c05216202b782ceb54bec4389413 Closes-Bug: #1649407
2016-12-06Remove redundant CLI arguments for neutron-db-manageIhar Hrachyshka1-1/+1
neutron.conf is found by the virtue of oslo.config auto-discovery mechanism; and plugin.ini is no longer needed since Juno because now schema does not depend on plugin used. While at it, switched head -> heads to reflect recent changes in neutron with multiple alembic branches. The old format still works, but 'heads' is slightly more encouraged. Change-Id: I614a6d43087fa231f0d582bab10a82480aaefda5 Related: Icc4de9824ef95781a1d060534973c2bbf8e03059
2016-11-30Merge "Disable all repos during rhel registration"Jenkins1-0/+1
2016-11-24Merge "Run os-net-config before restarting cluster on update"Jenkins1-0/+11
2016-11-23Run os-net-config before restarting cluster on updateBrent Eagles1-0/+11
Running os-net-config before restarting the cluster prevents changes to the interface files caused by changes to implementation from bouncing network interfaces after the cluster has restarted. Closes-Bug: #1644138 Change-Id: I65fb104465ff3d37ddc791634302994334136014
2016-11-23Explicitly set rabbit hosts so its not overridden during upgradePradeep Kilambi1-1/+7
During ceilometer pre upgrade, rabbit host config gets overridden in ceilometer conf as its setting to defaults. This explicitly sets the host info in standalone manifest. Closes-Bug: #1644278 Change-Id: I862ea7165c5d42ba1f9a19111a8be8934c0ef883
2016-11-22Fix ovs 2.4 to 2.5 upgrade - minor update non controllersmarios1-14/+13
In I9b1f0eaa0d36a28e20b507bec6a4e9b3af1781ae and I11fcf688982ceda5eef7afc8904afae44300c2d9 we landed a workaround for the openvswitch 2.4 to 2.5 upgrade discussed in the bug below. Unfortunately testing has revealed a problem with the minor update case specifically for non controllers. It seems we would exit before the ovs workaround has had a chance to execute. This moves the block up a few lines to avoid this condition. As with the other two reviews noted here, this will need to go into newton and then mitaka too. Change-Id: If905de82d96302334ebe02de9c43f00faed9b72b Related-Bug: 1635205
2016-11-16Merge "Fix up Newton->Ocata rabbitmq ha policy"Jenkins2-1/+21
2016-11-16Merge "Replace ceilometer-dbsync by ceilometer-upgrade"Jenkins1-1/+1
2016-11-15Replace ceilometer-dbsync by ceilometer-upgradeSteven Hardy1-1/+1
https://review.openstack.org/#/c/388688/ has removed ceilometer-dbsync so ceilometer-upgrade must be used instead. Additionally, ceilometer-dbsync enabled option --skip-gnocchi-resource-types and ceilometer-upgrade doesn't, so i'm setting it by default to ensure backwards compatibility. Note this is based on the corresponding fix to puppet-ceilometer ref https://review.openstack.org/#/c/396570 Change-Id: Ic0a15c75d1cd3e3f70eeafd9ba09d50c58cc1293 Closes-Bug: #1641076
2016-11-15Fix external Load Balancer deploymentMichele Baldessari1-2/+1
Deployments using external LB will file like this: deploy_stderr: | + RESTART_FOLDER=/var/lib/tripleo/pacemaker-restarts + [[ -d /var/lib/tripleo/pacemaker-restarts ]] ++ systemctl is-active haproxy + haproxy_status=unknown deploy_status_code: 3 openstack software deployment show 4f339ca4-7600-4ca0-b0ef-f798bc47b6cf The reason is that via https://review.openstack.org/#/c/393644/ we introducted the haproxy restart like this: haproxy_status=$(systemctl is-active haproxy) if [ "$haproxy_status" = "active" ]; then systemctl reload haproxy fi The problem is that if haproxy is not running/installed systemctl is-active can fail and the script will terminate with an error return code. Let's just move the call inside the if so the script does not fail in case haproxy is not there. The snippet before the change (on a system without haproxy installed): [root@mrg-09 tmp]# ./test.sh ++ systemctl is-active haproxy + haproxy_status=unknown [root@mrg-09 tmp]# echo $? 3 After this change: [root@mrg-09 tmp]# ./test.sh ++ systemctl is-active haproxy + '[' unknown = active ']' [root@mrg-09 tmp]# echo $? 0 Change-Id: I837c63a9dbcde8c922f843c442974fa79cf1eede Closes-Bug: #1641904
2016-11-14Fix up Newton->Ocata rabbitmq ha policyMichele Baldessari2-1/+21
In ocata we changed the ha policy to "ha-exactly" via the following changes: - tht: Iace6daf27a76cb8ef1050ada0de7ff1f530916c6 - puppet-tripleo: Ib62001c03e1e08f58cf0c6e0ba07a8879a584084 We initially also took care of changing this policy (which is set in the pacemaker resource agent) for the M/N upgrade path: I2468a096b5d7042bc801a742a7a85fb1521c1c02 In the end we decided against changing the policy in Newton as well (it was only for ocata) as it was too close to the release date and we took the safer path. This patch does two things: 1) It renames the upgrade function to "newton_ocata" since that is the only upgrade path we need to take care of 2) It reinstates the actual upgrade function which was mistakenly removed via an unrelated change in the ceilometer upgrade path: If9d6987cd0a8fc5d3f9de518ba422d97d5149732 Closes-Bug: #1628998 Change-Id: I3a97505d2ae1ae27f3080ffe74c33fdabffd2420
2016-11-10Merge "Fix race during major-upgrade-pacemaker step"Jenkins8-263/+315