summaryrefslogtreecommitdiffstats
path: root/network
AgeCommit message (Collapse)AuthorFilesLines
2016-09-30Make keystone api network hiera composableSteven Hardy1-2/+25
These hard-coded references to the Controller role mean that things won't work if the keystone service is moved to any other role, so we need to generate the lists dynamically based on the enabled services for each role. Change-Id: I5f1250a8a1a38cb3909feeb7d4c1000fd0fabd14 Closes-Bug: #1629096
2016-09-29Merge "Add gateway_ip in OS::Neutron::Subnet"Jenkins11-1/+24
2016-09-23Add FixedIPs parameter to from_service.yamlBen Nemec2-0/+12
Without this, deployments using the from_service.yaml port for service VIPs will fail with: "Property error: : resources.RedisVirtualIP.properties: : Unknown Property FixedIPs" Change-Id: Ie0d3b940a87741c56fe022c9e50da0d3ae9b583b Closes-Bug: 1627189
2016-09-16Fix _from_pool_v6.yaml str_splitGiulio Fidente6-6/+6
Previously [1] we updated from_pool_v6 to use str_split but mistakenly copy/pasting lines referencing an attribute which isn't created in these templates. 1. I282dbc025500b1628d4f08a49b54a2adefd38b5f Closes-Bug: 1624412 Change-Id: I409ff5b36eab2a791db4d352dea5b68096c2dc21
2016-09-14Merge "Add support for deploying Ceph RGW role"Jenkins3-0/+265
2016-09-10Add support for deploying Ceph RGW roleKeith Schincke3-0/+265
This patch add support for deploying Ceph RGW. Co-Authored-By: Giulio Fidente <gfidente@redhat.com> Change-Id: I88c8659a36c2435834e8646c75880b0adc52e964
2016-09-10Add Heat's Cfn and Cloudwatch networks to ServiceNetMapJuan Antonio Osorio Robles1-0/+2
these are needed if we want to be able to generate which nodes the service and which VIP are they binding to. Change-Id: I9d40459406f15db3ad9229c75392c4d959d44b3b Closes-Bug: #1621371
2016-09-08Convert SwiftDevicesAndProxyConfig to composable formatSteven Hardy1-1/+2
Make use of the new composable per-service node_ips lists by adding a ServiceNetMap entry for SwiftStorage, then pass the data to construct the raw device list into puppet-tripleo instead of mangling it in t-h-t inside the role templates. This will allow running swift storage services on nodes other than the Controller and ObjectStorage roles, and is required to enable custom roles. Depends-On: I11deed1df712ecccf85d36a75b3bd2e9d226af36 Change-Id: I1bf5f8a9d34b1a5d64ab8656b386226b54ec1a27 Partially-Implements: blueprint custom-roles
2016-09-06Merge "Add constraint to prohibit balance-tcp from BondInterfaceOvsOptions"Jenkins7-0/+35
2016-09-03Create NetIpListMap for all rolesSteven Hardy1-6/+12
This allows us to create $service_node_ips and $service_node_names hiera entries for services not deployed on the Controller role. Co-Authored-By: Thomas Herve <therve@redhat.com> Change-Id: I688618dda05ff908293c32b9d8518697d57e9eb0 Partially-Implements: blueprint custom-roles
2016-09-02Generate composable service node_names listsSteven Hardy1-0/+13
Some puppet interfaces require a comma separated list of hostnames where a service is running, so generate it in a similar way to th service ips. Change-Id: Icdf5d993d089dc94035194bdbd52299fcbc793be Partially-Implements: blueprint custom-roles
2016-08-31Merge "Fix Ironic service bind IPs"Jenkins1-1/+2
2016-08-30Merge "Move ceph cluster config out of allNodesConfig"Jenkins1-1/+2
2016-08-30Merge "Added DPDK environment file and nic configs samples"Jenkins1-0/+192
2016-08-30Mv Nova, Neutron, Horizon out of controller.yamlDan Prince1-0/+1
This patch moves the settings for Nova, Neutron, and Horizon out of controller.yaml. Also fixes the NovaPassword settings in nova-base.yaml so they don't use get_input. Also, creates a new apache.yaml base service to contain shared apache settings for several services which use Apache for WSGI. Co-Authored-By: Giulio Fidente <gfidente@redhat.com> Change-Id: I35d909bd5abc23976b5732a2b9af31cf1448838e Related-bug: #1604414
2016-08-30Move ceph cluster config out of allNodesConfigSteven Hardy1-1/+2
Pass the list of ceph nodes to the ceph_mon profile via the service template - this requires some fixup to the profile to handle the ipv6 case. Note this also aligns the ServiceNetMap keys so that the composable node_ips logic will generate the lists when the ceph_mon service is enabled. Change-Id: If8a5c65f17e677fe62243b3aa746fd642f72d2b0 Depends-On: I481dd2cd2cde7f1491080e6d9c7dcb7047c22de1 Partially-Implements: blueprint custom-roles
2016-08-30Added DPDK environment file and nic configs samplesSaravanan KR1-0/+192
Added an environment file to configure DPDK with OVS by overriding ComputeNeutronOvsAgent. Also added nic configs for configuring DPDK bridge and bond with numbered nic format. Implements: blueprint tripleo-ovs-dpdk Co-Authored-By: Vijay Chundury <vchundur@redhat.com> Change-Id: I82b6f66394a8928f8524706c939508edd08afa9b
2016-08-29Fix Ironic service bind IPsDan Prince1-1/+2
This patch removes the get_input's in the service templates and instead uses our new bind IP string replacement mechanism to correctly set the local bind IPs for the Ironic API. It also avoids using MysqlNetwork to set Ironic my_ip. This patch adds a new IronicNetwork setting which is used to control which network Ironic will use for its PXE network traffic. Change-Id: Ic848ec77b0106279c5d963504798c05110aa1440
2016-08-28Create composable mapping between enabled services and role ipsSteven Hardy1-1/+36
Currently we have a hard-coded list of ips for various services that run on the controller, instead we can dynamically generate that list of per-service ips, initially only for the controller but this approach can be extended so it works for any role. Change-Id: I3c8a946e439539d239ad7281a1395414df0893eb Partially-Implements: blueprint custom-roles
2016-08-26Merge "Adds OpenDaylight composable service"Jenkins1-0/+1
2016-08-26Merge "Enable usage of FQDNs for the endpoints"Jenkins2-266/+1044
2016-08-26Adds OpenDaylight composable serviceTim Rozet1-0/+1
Introduces environment files for deploying OpenDaylight in two ways: - ODL only managing L2 as an ML2 plugin - ODL managing L2 and L3 DVR, by replacing NeutronL3Agent Two services are added. One to install ODL and configure OVS on the Controllers, and another service to only configure OVS on compute nodes. Paritally-Implements: blueprint opendaylight-integration Depends-On: I666dc0874f1d11a72a62d796f4f6d41f7aa87a3f Change-Id: Ide69e20cbf2ec6151953cb23e51478b770aca17f Signed-off-by: Tim Rozet <trozet@redhat.com>
2016-08-25Add constraint to prohibit balance-tcp from BondInterfaceOvsOptionsBrent Eagles7-0/+35
This patch adds an allowed_pattern contraint that uses a negative lookahead assertion to only allow options strings that do not contain the 'balance-tcp' option. Change-Id: Icf8874e4e585f9a42d38091f8b38c3685f403cf1 Partial-Bug: #1612786
2016-08-25Merge "Updates and fixes to NIC config template routes"Jenkins26-43/+730
2016-08-24Enable usage of FQDNs for the endpointsJuan Antonio Osorio Robles2-266/+1044
The endpoint map has the capability of using the cloud's name for the endpoint. This is broken, however, since this has the problem that we only take into account the overcloud's external endpoint name, which we then cannot use if we have network-isolation enabled, which is the most common use-case for real deployments. So this change proposes the following: * The external endpoint is still CloudName. * We can now set different (or the same if we want) names for the different VIPs of the network. * Using CLOUDNAME for the endpoint map will get a name for the appropriate network. bp tls-via-certmonger Change-Id: I3e7144653f0a1d783d87e6f638304b297f718929
2016-08-16Remove deprecated net_ip_uri_map outputGiulio Fidente3-45/+10
Takes the net_ip_uri_map value from the *_uri values emitted by net_ip_map instead. Also removes TenantIp and TenantIpUri from net_vip_map_external templates as there won't be any VIP on the tenant network. Change-Id: Icdac3d58162891f5ca3d5c20f14fcdff1781996f
2016-08-16Remove deprecated net_ip_subnet_map outputGiulio Fidente1-18/+0
Change-Id: I83ca923140d7f8ca3101e851e88ca3107a99555a
2016-08-12Convert ServiceNetMap to a nested templateSteven Hardy1-0/+92
We introduce a new ServiceNetMap resource which enables some more flexible mappings between the services and their networks. Specifically this patch means: 1. ServiceNetMap no longer has to specify the entire list of all services, operators may if they wish, but a subset is now valid where you want to accept the defaults for some services (the defaults are now accessible via the ServiceNetMapDefaults parameter. 2. We can map some keys which don't fit a pattern that enables conversion from CamelCase to snake_case which is required for compatibility with the service_names in puppet/services* This should be backwards compatible, and in future when we remove internal dependency on the CamelCase names, we could also enable operators to specify e.g heat_api_network in ServiceNetMap which would be more consistent. Change-Id: Ib60198adf76bb69ffbafbfac739e356d153f6194 Partially-Implements: blueprint custom-roles
2016-08-11Convert EndpointMap to not require per-service VIP parametersSteven Hardy3-319/+2259
Currently we have a hard-coded set of per-service parameters, which will cause problems for custom roles and full composability. As a first step towards making this more configurable, remove the hard-coded per-service parameters from overcloud.yaml, and adjust the EndpointMap generation to instead accept two mappings, the ServiceNetMap and a mapping of networks to IPs (effectively this just moves the map lookup inside the endpoint map instead of inside overcloud.yaml) Change-Id: Ib522e89c36eed2115a6586dd5a6770907d9b33db Partially-Implements: blueprint custom-roles
2016-08-11Merge "Add hieradata for Manila v1 and v2 endpoints"Jenkins2-0/+120
2016-08-11Merge "Add support for cinder v3 endpoint"Jenkins2-1/+121
2016-08-11Add hieradata for Manila v1 and v2 endpointsJuan Antonio Osorio Robles2-1/+121
manila::keystone::auth assumes that two endpoints will be created; one for each version of Manila. This is not consistent with what we provide to the manifest. So we then add the needed endpoint to the EndpointMap. v2 is left as the default (not needing to specify a version when getting the value from the endpoint map), and v1 was added as an extra suffix. Change-Id: Ie8754fbb21f50c2613a2c05a52d771f4d1aeb4bb
2016-08-10Add support for cinder v3 endpointJuan Antonio Osorio Robles2-1/+121
This adds the needed parts for the keystone endpoint of cinder v3 API. Change-Id: Ic56446095e72b9e469a7b0e9ea5159fa31847381
2016-08-09Allow map_replace substitution of network namesSteven Hardy1-0/+21
To allow per-node data such as bind_ip's to move into the composable services templates, we do a value substitution on the config settings hiera map, where e.g internal_api will be replaced with the NetIpMap IP assigned to that. To enable subnet/uri lookup via the same method, we add all the subnet/uri mappings to the main net_ip_map output. Change-Id: I7850d4dc8bf4db5f7ac6a6b53c1d900b561b4580
2016-08-08Updates and fixes to NIC config template routesDan Sneddon26-43/+730
This change adds the ManagementInterfaceDefaultRoute parameter for setting the Management network as the default route in some deployments. Notes were added to indicate that if the Management network is used as the default gateway, then the default route on the control plane should be commented out. The sample network-environment.yaml was modified to include the ManagementInterfaceDefaultRoute, but this is commented out like the rest of the Management network parameters. This change also adds the ControlPlaneDefaultRoute and ExternalInterfaceDefaultRoute to all templates, so that if the networks are customized, the NIC configs can be modified without having to modify the parameters section of the template. The default for the ExternalInterfaceDefaultRoute is '10.0.0.1', and the default for ManagementInterfaceDefaultRoute is set to 'unset'. This change also converts the single-nic-linux-bridge-vlans from DHCP to static IPs on the Control Plane Interface, bringing these templates in line with the rest of the NIC config templates. The parameters needed to be updated in these templates as well. The controller-v6.yaml templates had a default value of "10.0.0.1" for the ExternalInterfaceDefaultRoute. This was confusing, and is now undefined. This change also sets a default gateway on the Control Plane in controller-no-external.yaml templates. Change-Id: I8ea6733fe46902e1baeff4ccfbcd42ecc5a1825f
2016-08-02Enable Manila integration - as a composable controller serviceRyan Hefner2-0/+136
Allows the installation and configuration of Manila. Supports the generic driver only. This has a dependency on the puppet-tripleo classes for manila where the puppet specific config now lives. The review at https://review.openstack.org/#/c/315658/ has been merge into this one, as of v68, so manila lands as a composable service. This was brought up on the mailing list at [1] [1] http://lists.openstack.org/pipermail/openstack-dev/2016-May/096126.html Co-Authored-By: Marios Andreou <marios@redhat.com> Implements: blueprint composable-services-within-roles Depends-On: I444916d60a67bf730bf4089323dba1c1429e2e71 Depends-On: I9eda4b3364e5c59342761a1ec71b0eb567c69cf1 Depends-On: I571b65a5402c1028418476a573ebeb9450ed00c9 Change-Id: I7acebac4354fca1f8d7ff6c343c1346bf29b81c6
2016-07-25Merge "Remove tenant_id from nova v2.1 endpoint"Jenkins2-6/+6
2016-07-08Pass MysqlVirtualIP without brackets to EndpointMapGiulio Fidente2-0/+47
While the endpoints do need brackets around IPv6 addresses these are not wanted by some of the puppet classes so we must pass the non bracketed version as well. It will allow us to remove the need for the MysqlVirtualIP param passed to the controller role thouh when hieradata/database.yaml is emptied. Change-Id: If264b02a134b96368035f032e05d02e84f6499ed
2016-06-30Merge "Basic support for deploying Ironic in overcloud"Jenkins2-0/+136
2016-06-29Basic support for deploying Ironic in overcloudImre Farkas2-0/+136
Note that this change is not enough yet to deploy bare metal instances, it only deploys Ironic services themselves and makes sure they work. Also it does not support HA for now. Co-Authored-By: Dmitry Tantsur <dtansur@redhat.com> Partially-implements: blueprint ironic-integration Change-Id: I541be905022264e2d4828e7c46338f2e300df540
2016-06-25Convert noop NetworkExtraConfig to OS::Heat::NoneSteven Hardy1-3/+0
This avoids creating an empty nested stack. Change-Id: Icce0bfab005a69fce42f58956dcc81acea805e74
2016-06-24Merge "Add network ExtraConfig hook"Jenkins2-0/+6
2016-06-20Add IPv6 support for the management networkMarius Cornea2-0/+121
This change introduces the ability to use IPv6 addressing for the management network by passing the network-management-v6.yaml environment file. It also adjusts the network-management.yaml environment file to point to the right network config templates. Change-Id: I7f797c49f03b2623a08e033bdf45772edff0f08f
2016-06-14Add gateway_ip in OS::Neutron::SubnetDimitri Savineau11-1/+24
This patch allows to : - disable the gateway ip for non routable network - use the first ip in the subnet - set the correct gateway on the external network Change-Id: Idc816c782856e93ecd339b3aca2a7f53c1564b1d Closes-bug: #1588379 Depends-On: I8ea6733fe46902e1baeff4ccfbcd42ecc5a1825f
2016-05-30Pass MysqlVirtualIP via EndpointMapGiulio Fidente2-1/+42
By passing the MysqlVirtualIP via the EndpointMap we won't need it to be provided as a parameter to the services. This follows what is already happening for the glance registry service with I9186e56cd4746a60e65dc5ac12e6595ac56505f0. Change-Id: Iad2ab389bf64d0fc8b06eb0e7d29b5370ff27dff Co-Authored-By: Juan Antonio Osorio Robles <jaosorior@redhat.com>
2016-05-24Merge "Dump IPs configuration as hieradata"Jenkins2-48/+40
2016-05-23Update management_from_pool template version to 2015-10-15Giulio Fidente1-1/+1
The str_split function was added after the 2015-04-30 release so it wasn't working as intended. Change-Id: Ib8827879182e6ea3bd2227b0cfa77f70aabb0ac6 Closes-Bug: 1575622
2016-05-19Merge "add heat-api-cfn to endpoint map"Jenkins2-0/+135
2016-05-18Dump IPs configuration as hieradataGiulio Fidente2-48/+40
This might be useful if we switch to %{hiera()} calls to lookup the bind address from within a service. Also gets rid of NetIpSubnetMap and provides same output from NetIpMap instead. Change-Id: I328a417d1f1fff9c31e9ad7b2b5083ac19bc7329
2016-05-16Remove tenant_id from nova v2.1 endpointBen Nemec2-6/+6
Per the nova devs on [1], this is not necessary. Change-Id: I11974432c995b22b3c98ef9ae2adc3508d9cc536 1: https://review.openstack.org/#/c/316241/1/manifests/keystone/auth.pp