Age | Commit message (Collapse) | Author | Files | Lines |
|
This is complete as far as it goes but it isn't enough to make running
a scaled out control plane actually work. Specifically, the constructs
to point at API hosts based on looking up a network address aren't
suirtable for scaled out - we need to be using the virtual IP or DNS
round robin or other such resilient configurations, but that is
largely / entirely orthogonal to making the template be ready for
scaling.
Change-Id: Ib9e6db5e7d5db84e4746afdabea046d2b8702bbb
|
|
This uses the new merge feature earlier in this series.
Exporting COMPUTESCALE before running make will build a different
template. Note that since Make doesn't depend on variable values, you
need to delete overcloud.yaml between building with different scales.
Change-Id: If05b99ae3596bcc794e3a899ab1443aeb14ec754
|
|
We can allow multiple later when we have better tools for such things.
Change-Id: Ie902843c28f8a7258b207745653184784e3e9665
Partial-Bug: #1184486
|
|
|
|
Some overclouds will want physical networks to be accessible by VMs,
and this is a component of that.
Change-Id: I5f65c040526f785b4e976f87980d94588b3fb63c
|
|
This alternate wait condition handle is used to make updates wait for
signals from all parties to signal they're ready.
This change will not work until the following Change Id lands in Heat:
Ibfadc6f9c436ce3d0f468a4e5560233f762038dd
Change-Id: Id11b5c79df5f41e49f1bf3c860e414204a242293
|
|
Change-Id: I205bb2c0bb7c9b956fd3e0d6b266bdf5afb48864
|
|
This is the first step towards preserving state on stack updates when the image
id has changed.
I chose REPLACE as the default value because that is the current behaviour and
we can override it from the command line.
Change-Id: I64eab51892922ab51a89a9f389457fd1ed979fb2
|
|
merge.py seems to look for OpenStack::ImageBuilder::Elements
But we use Openstack::ImageBuilder::Elements in our templates.
Change-Id: I94ee367cf77c3f2929ee23d2dcdd28622849c89e
|
|
We have seen situations where nova-compute is not ready when notcompute
has run its waitcondition. That leads to errors while we fail to boot
instances until there is at least one nova compute available.
We also update nova-compute-instance.yaml so that it continues to work
stand-alone.
Change-Id: Iadea7a34e2cd4576cc78659b99c12e1041af5b45
|
|
o Adds the required swift metadata (in swift-source.yaml).
o Sets up glance to use the swift backend on the overcloud.
o Sets up glance to use the file backend on the undercloud and seed,
i.e. maintain the Status quo.
Change-Id: I4a70ffbf9c51f1fea5cfc84d8718d3d30d36b3f2
|
|
Currently KeystoneURL reports back the noncompute instance IP, not the proper
API endpoint for the Keystone service.
Change-Id: If121620ec549d33f81522465f72e501b7723dd7d
|
|
The other *_server_url parameters are not prefixed with heat_ and this
is already in the heat namespace.
Change-Id: I24effcfedccb7b69b4e4d022db6676da51083401
|
|
|
|
Having the KeystoneURL accessible in Heat allows the user to access the
overcloud services using the service catalog.
Change-Id: Ie6ef1aadf2f027d0b0793fea59385832c9f0c25f
|
|
All these sections are in alphabetical order except this one.
Change-Id: Id0586b5ba11e3c00e36397c7e2cd46e0c8cae292
|
|
This is arguably more important than passwords as it allow rooting
keystone :).
Change-Id: I12d8ae0f096480112a82d7598eedae64a6fbd861
|
|
Nova defaults to trying to allocate floating ips from a neutron
network called 'nova' but we called our external one ext-net (which
various Neutron documentation uses), so we need to override it or the
nova floating-ips extension isn't usable [without explicitly setting a
pool in the API calls].
Partial-Bug: #1239450
Change-Id: I1ef78642bdc1f19d25422961350e4f02a8f6c16f
|
|
I'm having a minor OCD moment.
Change-Id: I49cdf078d24a38dcdb1f2801764dbcbd6dd10ccf
|
|
The intent here is that the undercloud default route will be discard,
but the router kept for access to the metadata service, and this
specified route will be used for all other traffic.
Change-Id: Idf3f8252c4d4be30839d9d08ad7d4ce49538f04e
|
|
In the CD overcloud we need to use a VLAN for public traffic.
Change-Id: I8d674e1ae58063d9be338023819f174d1bc028e4
|
|
This is already supported by the ovs agent, but we didn't need it for
the emulated overclouds. Now we're working on bare metal, it's needed
for some deployments.
Change-Id: Ibb41c40d371e4c153a84fd09c370b158add75b81
|
|
Not all machines use eth0 :).
Change-Id: I2d0cfd8df46e7eda1b7db2ea5c8e84d3e970c862
|
|
Change-Id: I3a84cf52cc46f0c338319a046d77edb2a9b29c45
|
|
Without this we need horrible hacks to detect whether the cloud is
ready to use.
Change-Id: Ic5c5fd16c6c283d3d339e1f1238d3349d0b93f7c
|
|
This prevents secret values being returned for stack-show.
Change-Id: I82eff26fda31511b66c6371f6ded2a5fb559f3fb
Fixes-Bug: #1226730
|
|
Some references to first_private_address were missed and some of the
Fn::Select calls were only half-completed.
Change-Id: I92a4e5e67784e5d64ec6e44ddcac55762cde81eb
|
|
The OpenStack native OS::Nova::Server gives us the full list of
networks rather than AWS::EC2::Instance's contrived view of 'private'
and 'public'. We know we want ctlplane, and use Fn::Select to choose
that network directly. The outer Fn::Select is meant to choose the
first network every time, which may not always be correct, but is at
this point.
Change-Id: Iae54ab8d9ac8d84f4f6e2f86ac1b66aacb687473
|
|
Update the PrivateIp attribute to first_private_address as a result of
the change to the OS::Nova::Server type.
Change-Id: Id90f8c7c4e0217e1f94d3e5134744a810390e7b7
|
|
So that it can be a snowflake! (unique).
Change-Id: Ic823620ace7df5636cd9ff16dcd7476654692e6c
|
|
No longer needed, less globals == win.
Change-Id: I2872e5a8775a09b2e857ef082f3b86109785a126
|
|
Another service converted to match the keystone model of unique
accounts per service.
Change-Id: I62fce289a7032138be3aca8c74df499c2b1fde28
|
|
The in-instance scripts are about to require this.
Change-Id: I0260da5502639acc60b2791e9f957952f7ab5956
|
|
The instance config is about to require this.
Change-Id: Ia778a7f5926b54758e73a4ee0940ef42fe5be6a9
|
|
Change-Id: I4745627508e8b6b687fc17527cdd3c41d09b0d80
|
|
The in-instance scripts are being fixed to not confuse the admin
password with the neutron service password.
Change-Id: I341574bb838a9563120791b9ac014d75274a96aa
|
|
We use the admin password in in-instance scripts that configure e.g.
nagios from the cloud metadata, but production clouds will all have
unique passwords - it has to be a parameter.
Change-Id: I1f6c697ce27580fd669c7623e7fcea4c96ec62d0
|
|
Because unique is good for auth secrets.
Change-Id: Iaadc102d11d68d7fc059e62bd992de7ee6f2c818
|
|
The file was using the old 0.0.0.0 method from heat-localip, but it was
missed when converting the other templates to a split Metadata approach
to enable a machine to know its own IP.
Change-Id: I0b117de12416a52950b1c7079f659df8649d67f9
|
|
Previously we could not feed the IP of an instance into its own
Metadata because of circular dependency problems. 0.0.0.0 was used
with the heat-localip element to work around this problem. This
caused problems though, as heat-localip would edit the source local
heat metadata, which would make cfn-hup and/or os-collect-config think
that the Metadata had changed, causing it to restart everything every
time we query the Metadata, which was about every five minutes.
Now we can just query this inert LaunchConfiguration resource to get
its' Metadata once it is ready. This resource will only change when
legitimate things are changed in the stack, and so we won't restart
everything every five minutes anymore. Note that when the native Heat
DSL lands, the OS::Heat::SoftwareConfig resource is meant for exactly
this purpose.
After this is merged we no longer need the heat-localip element.
Fixes bug #1202322
Change-Id: Id06323ba43203570eeebfa5b3d03fa56c16c0c10
|
|
Os-collect-config is meant to replace cfn-hup from heat-cfntools. It
allows pulling from multiple metadata sources and runs continuously.
Fixes bug #1211289
Change-Id: Ia4e9127fb79048bd1022b32a37272f8463a774ae
|
|
In nova-compute-instance.yaml, we need to use resource names that are
unique within the entire set of resources that may be merged or
included. However, we need the instance resource name to _match_ the
one in overcloud-source.yaml so that its own access policies can
function.
Without this change we will not have unique users and Metadata access
keys/policies for compute and controller.
Change-Id: Iebde7e6adede4984f4f693cf2d57b6fadb8be558
|
|
Also change default to '' as null is not technically allowed as a
string default in cloudformation (Heat accidentally allows this).
Os-apply-config, via pystache, will still treat this as false for
the purposes of checking if it is set or not.
Change-Id: Ia02dbcf619bdc92647f1d21157fa4a8e3f749de3
|
|
The overcloud control plane needs to bring up an ovs bridge for the
ovs plugin hot-plugging and floating ip logic to work. The previous
in-instance script didn't migrate IP address and route information. We
can do that by using the core ovs script we wrote for baremetal setups
- triggered by setting the physical interface parameter.
Change-Id: I6d6b09140ee751371607c0963dc76cc5b95f7674
|
|
This is supplied to neutron etc via API calls - having it in Heat
leads to having redundancy, confusion and tricky scripts. Incubator
now has scripts to configure this and instances won't consult these
keys.
Change-Id: Ia45d9bf5bb326ec88f9f4a48c5520570cf5b6d72
|
|
These values were missed in the initial overcloud-source.yaml.
nova.metadata-proxy is required to allow vms to communicate with the
EC2-style metadata service.
quantum.ovs.fixed_range constraints DHCP allocation for the undercloud,
but in the overcloud we do not want this constraint because the individual
subnets we define will do that. quantum.ovs.ovs_range configures the
range of ips that can be assigned to the tenant subnets.
Change-Id: If7191fa8baf1209ae33b9e8200f52ea0ade97810
|
|
Previously these would have to be set for overcloud at runtime, but we
have good sane defaults now, and for nova-compute-instance we are able
to feed them in using the appropriate references with Fn::GetAtt.
Change-Id: Idfff2885bf2afa58b2dec84f06639198e411eae2
|
|
Change-Id: Ie9d45ea5e26e38e8782e7a3d0a626e36090f5388
|