Age | Commit message (Collapse) | Author | Files | Lines |
|
The endpoint map has the capability of using the cloud's name for the
endpoint. This is broken, however, since this has the problem that we
only take into account the overcloud's external endpoint name, which
we then cannot use if we have network-isolation enabled, which is
the most common use-case for real deployments.
So this change proposes the following:
* The external endpoint is still CloudName.
* We can now set different (or the same if we want) names for the
different VIPs of the network.
* Using CLOUDNAME for the endpoint map will get a name for the
appropriate network.
bp tls-via-certmonger
Change-Id: I3e7144653f0a1d783d87e6f638304b297f718929
|
|
Currently we have a hard-coded set of per-service parameters, which
will cause problems for custom roles and full composability.
As a first step towards making this more configurable, remove the
hard-coded per-service parameters from overcloud.yaml, and adjust
the EndpointMap generation to instead accept two mappings, the
ServiceNetMap and a mapping of networks to IPs (effectively this
just moves the map lookup inside the endpoint map instead of
inside overcloud.yaml)
Change-Id: Ib522e89c36eed2115a6586dd5a6770907d9b33db
Partially-Implements: blueprint custom-roles
|
|
|
|
manila::keystone::auth assumes that two endpoints will be created;
one for each version of Manila. This is not consistent with what we
provide to the manifest. So we then add the needed endpoint to the
EndpointMap.
v2 is left as the default (not needing to specify a version when
getting the value from the endpoint map), and v1 was added as an
extra suffix.
Change-Id: Ie8754fbb21f50c2613a2c05a52d771f4d1aeb4bb
|
|
This adds the needed parts for the keystone endpoint of cinder v3
API.
Change-Id: Ic56446095e72b9e469a7b0e9ea5159fa31847381
|
|
Allows the installation and configuration of Manila.
Supports the generic driver only. This has a dependency on the
puppet-tripleo classes for manila where the puppet specific
config now lives.
The review at https://review.openstack.org/#/c/315658/ has been
merge into this one, as of v68, so manila lands as a composable
service. This was brought up on the mailing list at [1]
[1] http://lists.openstack.org/pipermail/openstack-dev/2016-May/096126.html
Co-Authored-By: Marios Andreou <marios@redhat.com>
Implements: blueprint composable-services-within-roles
Depends-On: I444916d60a67bf730bf4089323dba1c1429e2e71
Depends-On: I9eda4b3364e5c59342761a1ec71b0eb567c69cf1
Depends-On: I571b65a5402c1028418476a573ebeb9450ed00c9
Change-Id: I7acebac4354fca1f8d7ff6c343c1346bf29b81c6
|
|
|
|
While the endpoints do need brackets around IPv6 addresses these
are not wanted by some of the puppet classes so we must pass the
non bracketed version as well.
It will allow us to remove the need for the MysqlVirtualIP param
passed to the controller role thouh when hieradata/database.yaml
is emptied.
Change-Id: If264b02a134b96368035f032e05d02e84f6499ed
|
|
Note that this change is not enough yet to deploy bare metal instances,
it only deploys Ironic services themselves and makes sure they work.
Also it does not support HA for now.
Co-Authored-By: Dmitry Tantsur <dtansur@redhat.com>
Partially-implements: blueprint ironic-integration
Change-Id: I541be905022264e2d4828e7c46338f2e300df540
|
|
By passing the MysqlVirtualIP via the EndpointMap we won't need it
to be provided as a parameter to the services.
This follows what is already happening for the glance registry
service with I9186e56cd4746a60e65dc5ac12e6595ac56505f0.
Change-Id: Iad2ab389bf64d0fc8b06eb0e7d29b5370ff27dff
Co-Authored-By: Juan Antonio Osorio Robles <jaosorior@redhat.com>
|
|
|
|
Per the nova devs on [1], this is not necessary.
Change-Id: I11974432c995b22b3c98ef9ae2adc3508d9cc536
1: https://review.openstack.org/#/c/316241/1/manifests/keystone/auth.pp
|
|
Nova EC2 does not exist anymore since Mitaka, parameters are already
deprecated in Mitaka and send warnings to the Puppet catalog.
The service has been replaced by ec2api project, where Puppet OpenStack
team is currently writting a module.
In the meantime we add support in TripleO, this patch removes all
occurences of Nova EC2 configuration, which are useless and send
warnings for nothing.
Change-Id: Ief2d0e5c77b5ac58560606fee930fbd66c40ffc3
|
|
Change-Id: I8f98ce92fc387d2263fda738c1c8a209e3cbbb85
|
|
Change-Id: Iff287b9ea46100800e386efb98371be7ab48361f
|
|
This patch adds GlanceRegistry to the endpoint map. This
will make accessing Glance registry setings via the endpoint
map possible.
Change-Id: I9186e56cd4746a60e65dc5ac12e6595ac56505f0
|
|
* Deploy Gnocchi API.
* Storage backends: swift, rbd and file.
* Indexer backend default to mysql
* Configure Ceilometer to send metrics datas to Gnocchi
* Pacemaker config
Depends-On: Ic8778a3104e0ed0460423e4bf857682220dc5802
Depends-On: I7d2eb9405e0171fc54fa0b616122f69db5f51ce2
Co-Authored-By: Pradeep Kilambi <pkilambi@redhat.com>
Change-Id: Ifde17b1ab8fa2b30544633e455e1c7eb475705aa
|
|
The change in ab068a824ed51e78bf111387223e58e885ec5c84 is described as
temporary, so it would be better if it did not affect the EndpointMap
parameter (which is effectively a public interface, since it may be
overridden in an environment file). No configuration should end up with
different ports/protocols/hosts for Keystone v2 and v3, and somebody
customising them should not have to account for them separately. Nor
should things break when the need to distinguish between v2 and v3
endpoints goes away.
This change removes the KeystoneV3* keys from the EndpointMap input and
uses the Keystone* keys instead, so that any change to the internal
organisation becomes transparent to the user.
Change-Id: If4cdd9232f4dbc9f2af651bbdfe68f09dc26ed2e
|
|
Microversions since Nova API v2.1 are aimed to replace the v3 work. The
/v2.1 is backwards compatible with the legacy /v2 endpoint. What we
called in the past /v3 is now something defunct in-tree. The /v2.1 API
is based on the v3 work, but there are many things that differ, in
particular with the backwards-compat thing. We keep the /v2 path in
api-paste.ini for making sure an upgrade doesn't trample operators and
users but if you look in tree, that's redirecting to the v2.1
codepath (just not asking for microversions). In summary, we only need
one endpoint, ie. /v2.1.
Additional information at https://bugzilla.redhat.com/show_bug.cgi?id=1291291
Related-Bug: #1564372
Change-Id: I1654665663bc5a19c201f7d25407910654ac1308
Depends-On: I6d64b8bcd0f79f1f298ddc809e6d92fbc2985c45
|
|
|
|
Ceilometer Alarm is deprecated in Liberty by Aodh.
This patch:
* manage Aodh Keystone resources
* deploy Aodh API under WSGI, Notifier, Listener and Evaluator
* manage new parameters to customize Aodh deployment
* uses ceilometer DB for the upgrade path
* pacemaker config
* Add migration logic to remove pcs resources
Depends-On: I5333faa72e52d2aa2a622ac2d4b60825aadc52b5
Depends-On: Ib6c9c4c35da3fb55e0ca8e2d5a58ebaf4204d792
Co-Authored-By: Emilien Macchi <emilien@redhat.com>
Change-Id: Ib47a22884afb032ebc1655e1a4a06bfe70249134
|
|
We don't need an endpoint for the glance-registry service, that is
used by glance-api when needed and is not meant to be user-facing.
Change-Id: Ia6c9dd6164d3b91adbc937d70fa74d5fbbfb28a3
|
|
This just a revert to see if reverting this gets back to a normal CI run time.
This reverts commit f72aed85594f223b6f888e6d0af3c880ea581a66.
Change-Id: I04a0893f6cf69f547a4db26261005e580e1fc90b
|
|
This change adds a new set of network templates with IPv6 subnets
that can be used instead of the existing IPv4 networks. Each network
can use either the IPv4 or IPv6 template, and the Neutron subnet will
be created with the specified IP version.
The default addresses used for the IPv6 networks use the fd00::/8
prefix for the internal isolated networks (this range is reserved
for private use similar to 10.0.0.0/8), and 2001:db8:fd00:1000::/64
is used as an example default for the External network
(2001:db8::/32 are the documentation addresses [RFC3849]), but this
would ordinarily be a globally addressable subnet. These
parameters may be overridden in an environment file.
This change will require updates to the OpenStack Puppet
Modules to support IPv6 addresses in some of the hieradata values.
Many of the OPM modules already have IPv6 support to support IPv6
deployments in Packstack, but some OPM packages that apply only to
Instack/TripleO deployments need to be updated.
IPv6 addresses used in URLs need to be surrounded by brackets in
order to differentiate IP address from port number. This change
adds a new output to the network/ports resources for
ip_address_uri, which is an IP address with brackets in the case
of IPv6, and a raw IP address without brackets for IPv4 ports.
This change also updates some URLs which are constructed in Heat.
This has been tested and problems were found with Puppet not
accepting IPv6 addresses. This is addressed in the latest Puppet.
Additional changes were required to make this work with Ceph.
IPv6 tunnel endpoints with Open vSwitch are not yet supported
(although support is coming soon), so this review leaves the
Tenant network as an isolated IPv4 network for the time being.
Change-Id: Ie7a742bdf1db533edda2998a53d28528f80ef8e2
|
|
|
|
Ceilometer Alarm is deprecated in Liberty by Aodh.
This patch:
* manage Aodh Keystone resources
* deploy Aodh API under WSGI, Notifier, Listener and Evaluator
* manage new parameters to customize Aodh deployment
* uses ceilometer DB for the upgrade path
* pacemaker config
Depends-On: I9e34485285829884d9c954b804e3bdd5d6e31635
Depends-On: I891985da9248a88c6ce2df1dd186881f582605ee
Depends-On: Ied8ba5985f43a5c5b3be5b35a091aef6ed86572f
Co-Authored-By: Pradeep Kilambi <pkilambi@redhat.com>
Change-Id: I58d419173e80d2462accf7324c987c71420fd5f6
|
|
Nova v2.1 allows to use the same API as 2.0 but with microversions
support, which is the recommended way to discover the latest API
version supported in the cloud.
Change-Id: Id011de03d883001fd48dbbcfed53cb821607c7f3
|
|
Due to an incorrect rebase, d0dcb9401c868786df58f5801a431392b8e89df8
dropped the changes made in dd7602ad82100617126be26d80a6d3f67cb739ac to
add a vncproxy to the endpoint map. This change restores them.
Change-Id: Ifef7f955481405d5fe39ba48c8b1a79aa9c170f2
|
|
A stack is an extremely heavyweight abstraction in Heat. Particularly in
TripleO, every stack includes a copy of all the template and environment
data for all of the stacks in the tree, all of which must be stored anew
in the database.
The EndpointMap abstraction created no fewer than 30 nested stacks, none
of which contained any resources but which existed purely for the
purpose of abstracting out some intrinsic functions used to calculate
the endpoint URLs for the various services. This likely adds several GB
to the memory requirements of the undercloud, and can cause things to
slow to a crawl since all 30 nested stacks need to be queried whenever
we need data from any one of them.
This change eliminates the nested stacks and instead generates the
endpoint map statically. This can be done offline in less than 250ms,
allows the input data to be expressed in an even more human-readable
form, and reduces the runtime overhead of the endpoints map by a factor
of 31, all with no loss of functionality, compatibility or flexibility.
Since we don't run a setup script to generate the tarball, the
endpoint_map.yaml output is checked in to source control. The build
script offers a --check option that can be used to make sure that the
output file is up-to-date with the input data.
Change-Id: I2df8f5569d81c1bde417ff5b12b06b7f1e19c336
|
|
|
|
|
|
Our current nova-neutron configuration does not work with
the latest puppet-nova. In particular, this patch[1].
This commit adds keystone v3 endpoints to the map and gets the
nova::network::neutron configuration to use them.
[1] https://github.com/openstack/puppet-nova/commit/d09868a59c451932d67c66101b725182d7066a14
Change-Id: Ifb8c23c81c665c2732fa5cd757760668b06a449a
|
|
The commit daad3d4224f12d2c23c41a70cdf522e7c55536ba added a bunch of new
endpoints, but failed to use the new input data in calculating the
outputs: the GlanceRegistry ones use the Glance endpoints and the
Horizon one the Heat endpoint. This would cause anything querying these
endpoints from the endpoints map to get the wrong ports.
Change-Id: I8e1780b26e285187142be41b4f3aae3efe7eaaee
|
|
Right now our vncproxy settings are hard-coded to http and the
non-ssl port. This change adds a vncproxy entry to the endpoint
map and uses those values to configure the proxy correctly on
compute nodes. This is sufficient to get it working in my
environment with ssl enabled.
Change-Id: I9d69b088eef4700959b33c7e0eb44932949d7b71
|
|
Integration of OpenStack data processing service (sahara) with
TripleO.
- Deploys sahara in distributed mode (separate api and engine
processes on each controller node)
- Load balancing w/haproxy
- RabbitMQ/MySQL supported per current TripleO standard
- Minimal configurability at this time
Change-Id: I77a6a69ed5691e3b1ba34e9ebb4d88c80019642c
Partially-implements: blueprint sahara-integration
Depends-On: I0f0a1dc2eaa57d8226bad8cfb250110296ab9614
Depends-On: Ib84cc59667616ec94e7edce2715cbd7dd944f4ae
Depends-On: I9fe321fd4284f7bfd55bd2e69dcfe623ed6f8a2a
|
|
This aligns the parameter default values from python-tripleoclient
with tripleo-heat-templates. This is in preparation for removing
all the defaults from the client, and maintaining them only in the
templates.
Change-Id: I7b635a250f1ecc170e18d8e434f0118c6fcbb942
Co-Authored-By: James Slagle <jslagle@redhat.com>
|
|
We need to pass details of the Glance Registry and public Horizon
endpoints to the load balancers so add them to the EndpointMap
Change-Id: Ia6261223e7701734f47ce48471c86f690ba3dcd5
|
|
CloudName is the DNS name for the public VIP this means we will likely
want it available for use in the endpoint hostnames, rather than people
needing to copy and paste the same hostname
Change-Id: Ic6d708b083244442195eee890de91bbc7e133ec2
|
|
Because many of the service endpoints URLs use the same patterns for
generating the URLs it makes sense to use the same templates to reduce
the copy and paste.
In the process also adds support for explicitly specifying hostnames
for use in the endpoints. Note: DNS must be pre-configured. The
Heat templates do not directly configure DNS.
Change-Id: Ie3270909beca3d63f2d7e4bcb04c559380ddc54d
Co-Authored-By: Juan Antonio Osorio Robles <jaosorior@redhat.com>
|