Age | Commit message (Collapse) | Author | Files | Lines |
|
We introduce a new ServiceNetMap resource which enables some more flexible
mappings between the services and their networks.
Specifically this patch means:
1. ServiceNetMap no longer has to specify the entire list of all services,
operators may if they wish, but a subset is now valid where you want to
accept the defaults for some services (the defaults are now accessible via
the ServiceNetMapDefaults parameter.
2. We can map some keys which don't fit a pattern that enables conversion
from CamelCase to snake_case which is required for compatibility with the
service_names in puppet/services*
This should be backwards compatible, and in future when we remove internal
dependency on the CamelCase names, we could also enable operators to
specify e.g heat_api_network in ServiceNetMap which would be more consistent.
Change-Id: Ib60198adf76bb69ffbafbfac739e356d153f6194
Partially-Implements: blueprint custom-roles
|
|
Currently we have a hard-coded set of per-service parameters, which
will cause problems for custom roles and full composability.
As a first step towards making this more configurable, remove the
hard-coded per-service parameters from overcloud.yaml, and adjust
the EndpointMap generation to instead accept two mappings, the
ServiceNetMap and a mapping of networks to IPs (effectively this
just moves the map lookup inside the endpoint map instead of
inside overcloud.yaml)
Change-Id: Ib522e89c36eed2115a6586dd5a6770907d9b33db
Partially-Implements: blueprint custom-roles
|
|
|
|
|
|
manila::keystone::auth assumes that two endpoints will be created;
one for each version of Manila. This is not consistent with what we
provide to the manifest. So we then add the needed endpoint to the
EndpointMap.
v2 is left as the default (not needing to specify a version when
getting the value from the endpoint map), and v1 was added as an
extra suffix.
Change-Id: Ie8754fbb21f50c2613a2c05a52d771f4d1aeb4bb
|
|
This adds the needed parts for the keystone endpoint of cinder v3
API.
Change-Id: Ic56446095e72b9e469a7b0e9ea5159fa31847381
|
|
To allow per-node data such as bind_ip's to move into the
composable services templates, we do a value substitution
on the config settings hiera map, where e.g internal_api
will be replaced with the NetIpMap IP assigned to that.
To enable subnet/uri lookup via the same method, we add
all the subnet/uri mappings to the main net_ip_map output.
Change-Id: I7850d4dc8bf4db5f7ac6a6b53c1d900b561b4580
|
|
This change adds the ManagementInterfaceDefaultRoute parameter
for setting the Management network as the default route in some
deployments. Notes were added to indicate that if the Management
network is used as the default gateway, then the default route
on the control plane should be commented out.
The sample network-environment.yaml was modified to include the
ManagementInterfaceDefaultRoute, but this is commented out like
the rest of the Management network parameters.
This change also adds the ControlPlaneDefaultRoute and
ExternalInterfaceDefaultRoute to all templates, so that if the
networks are customized, the NIC configs can be modified without
having to modify the parameters section of the template. The
default for the ExternalInterfaceDefaultRoute is '10.0.0.1', and
the default for ManagementInterfaceDefaultRoute is set to 'unset'.
This change also converts the single-nic-linux-bridge-vlans from
DHCP to static IPs on the Control Plane Interface, bringing these
templates in line with the rest of the NIC config templates. The
parameters needed to be updated in these templates as well.
The controller-v6.yaml templates had a default value of "10.0.0.1"
for the ExternalInterfaceDefaultRoute. This was confusing, and is
now undefined.
This change also sets a default gateway on the Control Plane in
controller-no-external.yaml templates.
Change-Id: I8ea6733fe46902e1baeff4ccfbcd42ecc5a1825f
|
|
Allows the installation and configuration of Manila.
Supports the generic driver only. This has a dependency on the
puppet-tripleo classes for manila where the puppet specific
config now lives.
The review at https://review.openstack.org/#/c/315658/ has been
merge into this one, as of v68, so manila lands as a composable
service. This was brought up on the mailing list at [1]
[1] http://lists.openstack.org/pipermail/openstack-dev/2016-May/096126.html
Co-Authored-By: Marios Andreou <marios@redhat.com>
Implements: blueprint composable-services-within-roles
Depends-On: I444916d60a67bf730bf4089323dba1c1429e2e71
Depends-On: I9eda4b3364e5c59342761a1ec71b0eb567c69cf1
Depends-On: I571b65a5402c1028418476a573ebeb9450ed00c9
Change-Id: I7acebac4354fca1f8d7ff6c343c1346bf29b81c6
|
|
|
|
While the endpoints do need brackets around IPv6 addresses these
are not wanted by some of the puppet classes so we must pass the
non bracketed version as well.
It will allow us to remove the need for the MysqlVirtualIP param
passed to the controller role thouh when hieradata/database.yaml
is emptied.
Change-Id: If264b02a134b96368035f032e05d02e84f6499ed
|
|
|
|
Note that this change is not enough yet to deploy bare metal instances,
it only deploys Ironic services themselves and makes sure they work.
Also it does not support HA for now.
Co-Authored-By: Dmitry Tantsur <dtansur@redhat.com>
Partially-implements: blueprint ironic-integration
Change-Id: I541be905022264e2d4828e7c46338f2e300df540
|
|
This avoids creating an empty nested stack.
Change-Id: Icce0bfab005a69fce42f58956dcc81acea805e74
|
|
|
|
This change introduces the ability to use IPv6 addressing for the
management network by passing the network-management-v6.yaml
environment file. It also adjusts the network-management.yaml
environment file to point to the right network config templates.
Change-Id: I7f797c49f03b2623a08e033bdf45772edff0f08f
|
|
This patch allows to :
- disable the gateway ip for non routable network
- use the first ip in the subnet
- set the correct gateway on the external network
Change-Id: Idc816c782856e93ecd339b3aca2a7f53c1564b1d
Closes-bug: #1588379
Depends-On: I8ea6733fe46902e1baeff4ccfbcd42ecc5a1825f
|
|
By passing the MysqlVirtualIP via the EndpointMap we won't need it
to be provided as a parameter to the services.
This follows what is already happening for the glance registry
service with I9186e56cd4746a60e65dc5ac12e6595ac56505f0.
Change-Id: Iad2ab389bf64d0fc8b06eb0e7d29b5370ff27dff
Co-Authored-By: Juan Antonio Osorio Robles <jaosorior@redhat.com>
|
|
|
|
The str_split function was added after the 2015-04-30 release so
it wasn't working as intended.
Change-Id: Ib8827879182e6ea3bd2227b0cfa77f70aabb0ac6
Closes-Bug: 1575622
|
|
|
|
This might be useful if we switch to %{hiera()} calls to lookup
the bind address from within a service.
Also gets rid of NetIpSubnetMap and provides same output from
NetIpMap instead.
Change-Id: I328a417d1f1fff9c31e9ad7b2b5083ac19bc7329
|
|
Per the nova devs on [1], this is not necessary.
Change-Id: I11974432c995b22b3c98ef9ae2adc3508d9cc536
1: https://review.openstack.org/#/c/316241/1/manifests/keystone/auth.pp
|
|
Nova EC2 does not exist anymore since Mitaka, parameters are already
deprecated in Mitaka and send warnings to the Puppet catalog.
The service has been replaced by ec2api project, where Puppet OpenStack
team is currently writting a module.
In the meantime we add support in TripleO, this patch removes all
occurences of Nova EC2 configuration, which are useless and send
warnings for nothing.
Change-Id: Ief2d0e5c77b5ac58560606fee930fbd66c40ffc3
|
|
Change-Id: I8f98ce92fc387d2263fda738c1c8a209e3cbbb85
|
|
Change-Id: I282dbc025500b1628d4f08a49b54a2adefd38b5f
|
|
Change-Id: Iff287b9ea46100800e386efb98371be7ab48361f
|
|
The ManagementNetValueSpecs param type is currently set to string.
This change sets the param to the correct type of json, allowing the
network value specs to correctly parse.
Example Management Network value spec:
{'provider:physical_network': 'management', 'provider:network_type': 'flat'}
Change-Id: I5b12c7251690368d79a4d00725a9d6e0d5e75af8
Closes-Bug: #1573649
|
|
For some reason the controller-no-external.yaml template is configured
for DHCP on the control plane interface. We switched to static control
plane IPs before the controller-no-external.yaml was created (IIRC), so
I'm not sure how that happened. This change brings the
controller-no-external.yaml in line with the rest of the bonded NIC
templates.
Change-Id: I2ac929e241707db72a0beabf9d5cd7fc14b90f76
|
|
This patch adds GlanceRegistry to the endpoint map. This
will make accessing Glance registry setings via the endpoint
map possible.
Change-Id: I9186e56cd4746a60e65dc5ac12e6595ac56505f0
|
|
* Deploy Gnocchi API.
* Storage backends: swift, rbd and file.
* Indexer backend default to mysql
* Configure Ceilometer to send metrics datas to Gnocchi
* Pacemaker config
Depends-On: Ic8778a3104e0ed0460423e4bf857682220dc5802
Depends-On: I7d2eb9405e0171fc54fa0b616122f69db5f51ce2
Co-Authored-By: Pradeep Kilambi <pkilambi@redhat.com>
Change-Id: Ifde17b1ab8fa2b30544633e455e1c7eb475705aa
|
|
The change in ab068a824ed51e78bf111387223e58e885ec5c84 is described as
temporary, so it would be better if it did not affect the EndpointMap
parameter (which is effectively a public interface, since it may be
overridden in an environment file). No configuration should end up with
different ports/protocols/hosts for Keystone v2 and v3, and somebody
customising them should not have to account for them separately. Nor
should things break when the need to distinguish between v2 and v3
endpoints goes away.
This change removes the KeystoneV3* keys from the EndpointMap input and
uses the Keystone* keys instead, so that any change to the internal
organisation becomes transparent to the user.
Change-Id: If4cdd9232f4dbc9f2af651bbdfe68f09dc26ed2e
|
|
Removes the old noop nested stack template for networks and
instead uses OS::Heat::None instead. This should avoid a few
extra resource checks on create and update.
Change-Id: Ia3d7f62dbda2705ffc3d9edcddebcd3ece3cc9d2
|
|
Adds a post-network hook to execute some tasks before nodes deployment.
This hook is execute one time (not for each node) during network step.
It can be useful to execute scripts or templates before creating nodes.
For example, we can use this hook for :
- Deploy stuff used during the deployment of nodes.
- Deploying network, backup, monitoring infrastructure.
Change-Id: I3e999d73b55c5c27f70f722ec63ec8f2150bb5aa
|
|
Microversions since Nova API v2.1 are aimed to replace the v3 work. The
/v2.1 is backwards compatible with the legacy /v2 endpoint. What we
called in the past /v3 is now something defunct in-tree. The /v2.1 API
is based on the v3 work, but there are many things that differ, in
particular with the backwards-compat thing. We keep the /v2 path in
api-paste.ini for making sure an upgrade doesn't trample operators and
users but if you look in tree, that's redirecting to the v2.1
codepath (just not asking for microversions). In summary, we only need
one endpoint, ie. /v2.1.
Additional information at https://bugzilla.redhat.com/show_bug.cgi?id=1291291
Related-Bug: #1564372
Change-Id: I1654665663bc5a19c201f7d25407910654ac1308
Depends-On: I6d64b8bcd0f79f1f298ddc809e6d92fbc2985c45
|
|
|
|
Ceilometer Alarm is deprecated in Liberty by Aodh.
This patch:
* manage Aodh Keystone resources
* deploy Aodh API under WSGI, Notifier, Listener and Evaluator
* manage new parameters to customize Aodh deployment
* uses ceilometer DB for the upgrade path
* pacemaker config
* Add migration logic to remove pcs resources
Depends-On: I5333faa72e52d2aa2a622ac2d4b60825aadc52b5
Depends-On: Ib6c9c4c35da3fb55e0ca8e2d5a58ebaf4204d792
Co-Authored-By: Emilien Macchi <emilien@redhat.com>
Change-Id: Ib47a22884afb032ebc1655e1a4a06bfe70249134
|
|
We don't need an endpoint for the glance-registry service, that is
used by glance-api when needed and is not meant to be user-facing.
Change-Id: Ia6c9dd6164d3b91adbc937d70fa74d5fbbfb28a3
|
|
|
|
This change modifies the network isolation templates that allow for
fixed IP addresses on the controllers' IPs and VIPs, and makes them
compatible with IPv6 addresses.
The latest version of the patchset creates an from_service_v6.yaml
in order to properly handle service VIPs on IPv6 networks.
Note that since OVS is not currently compatible with IPv6 tunnel
endpoints, this patch does not yet enable IPv6 for the Tenant
network by default.
Change-Id: If881b000c6000ec13b54c0ee39f1c8940f079ae3
Co-Authored-By: Giulio Fidente <gfidente@redhat.com>
|
|
Multiple files in t-h-t were having small typos.
Fixed in this patchset.
.
Change-Id: I82d7071747f47544990ed46e2be22931190406b3
|
|
|
|
|
|
This just a revert to see if reverting this gets back to a normal CI run time.
This reverts commit f72aed85594f223b6f888e6d0af3c880ea581a66.
Change-Id: I04a0893f6cf69f547a4db26261005e580e1fc90b
|
|
Use of slaac does not permit stati assignment of IPs to a Neutron
port, so we default to dhcpv6-stateful instead.
Change-Id: Id7f104be60ae05785a3d0a33516d7875a4698ed1
|
|
This change adds Controller NIC configs for the sample NIC config
templates that are compatible with IPv6 on the External network.
These controller-v6.yaml templates include a default route for IPv6
on the External network, and a default route for IPv4 on the Control
Plane. The Heat parameters ExternalNetworkDefaultRoute and
ControlPlaneDefaultRoute are used to set these values.
Change-Id: Ifed8cb359eae1d9d623d3eb2fe40ea8a0d1d889a
|
|
This change adds a new set of network templates with IPv6 subnets
that can be used instead of the existing IPv4 networks. Each network
can use either the IPv4 or IPv6 template, and the Neutron subnet will
be created with the specified IP version.
The default addresses used for the IPv6 networks use the fd00::/8
prefix for the internal isolated networks (this range is reserved
for private use similar to 10.0.0.0/8), and 2001:db8:fd00:1000::/64
is used as an example default for the External network
(2001:db8::/32 are the documentation addresses [RFC3849]), but this
would ordinarily be a globally addressable subnet. These
parameters may be overridden in an environment file.
This change will require updates to the OpenStack Puppet
Modules to support IPv6 addresses in some of the hieradata values.
Many of the OPM modules already have IPv6 support to support IPv6
deployments in Packstack, but some OPM packages that apply only to
Instack/TripleO deployments need to be updated.
IPv6 addresses used in URLs need to be surrounded by brackets in
order to differentiate IP address from port number. This change
adds a new output to the network/ports resources for
ip_address_uri, which is an IP address with brackets in the case
of IPv6, and a raw IP address without brackets for IPv4 ports.
This change also updates some URLs which are constructed in Heat.
This has been tested and problems were found with Puppet not
accepting IPv6 addresses. This is addressed in the latest Puppet.
Additional changes were required to make this work with Ceph.
IPv6 tunnel endpoints with Open vSwitch are not yet supported
(although support is coming soon), so this review leaves the
Tenant network as an isolated IPv4 network for the time being.
Change-Id: Ie7a742bdf1db533edda2998a53d28528f80ef8e2
|
|
Id3d4f12235501ae77200430a2dc022f378dce336 added support for pre-allocated
IPs on the other overlay networks, but because the patch adding the
managment network (I0813a13f60a4f797be04b34258a2cffa9ea7e84f) was
under review around the same time, we missed adding the from_pool
capability to the ManagementNetwork.
Change-Id: If99f37634d5da7e7fb7cfc31232e926bd5ff074a
|
|
|
|
Ceilometer Alarm is deprecated in Liberty by Aodh.
This patch:
* manage Aodh Keystone resources
* deploy Aodh API under WSGI, Notifier, Listener and Evaluator
* manage new parameters to customize Aodh deployment
* uses ceilometer DB for the upgrade path
* pacemaker config
Depends-On: I9e34485285829884d9c954b804e3bdd5d6e31635
Depends-On: I891985da9248a88c6ce2df1dd186881f582605ee
Depends-On: Ied8ba5985f43a5c5b3be5b35a091aef6ed86572f
Co-Authored-By: Pradeep Kilambi <pkilambi@redhat.com>
Change-Id: I58d419173e80d2462accf7324c987c71420fd5f6
|