| Age | Commit message (Collapse) | Author | Files | Lines |
|---|
|
|
|
|
|
Adds new puppet and puppet pacemaker specific services for
Keystone.
The puppet manifests for keystone now live in puppet-tripleo.
Hiera settings are driven by the nested stack heat templates
and used to control puppet-keystone and puppet-tripleo
directly.
The Pacemaker template extends the default keystone service and
swaps in the pacemaker specific puppet-tripleo profile instead.
Change-Id: I8b30438a27e9d5ec4e7d335e0bd1a931a20b03a2
Depends-On: I2faf5a78db802549053ec41678bf83bf28108189
|
|
This patch wires in a new for Mitaka Heat feature
that allows us to dynamically include a set of nested
stacks representing individual services via a Heat resource chain.
Follow on patches will use this interface to decompose the controller
role into isolated services.
Co-Authored-By: Steve Hardy <shardy@redhat.com>
Depends-On: If510abe260ea7852dfe2d1f7f92b529979483068
Change-Id: I84c97a76159704c2d6c963bc4b26e365764b1366
|
|
The endpoint map contains, not only the hosts and protocols that
the resulting services will use, but also the ports. This
information is useful, and the aim of this patch is to make it
available for the tripleoclient to use it.
Change-Id: I4cc5bbf2e7200f78cd90b93659c326a9200278d7
|
|
Change-Id: Ibf37bfd6150d212fadcc4d2e2e2d0a89cdd76c91
|
|
|
|
* Add MemcachedIPv6 parameter
* If MemcachedIPv6 is set at True, configure Horizon with Memcached IPv6
addresses.
This patch is required to make Horizon working when running IPv6
networks.
Change-Id: I752e727bfb9040b29f5d755f565fa6b54b9511c8
|
|
Ceilometer Alarm is deprecated in Liberty by Aodh.
This patch:
* manage Aodh Keystone resources
* deploy Aodh API under WSGI, Notifier, Listener and Evaluator
* manage new parameters to customize Aodh deployment
* uses ceilometer DB for the upgrade path
* pacemaker config
* Add migration logic to remove pcs resources
Depends-On: I5333faa72e52d2aa2a622ac2d4b60825aadc52b5
Depends-On: Ib6c9c4c35da3fb55e0ca8e2d5a58ebaf4204d792
Co-Authored-By: Emilien Macchi <emilien@redhat.com>
Change-Id: Ib47a22884afb032ebc1655e1a4a06bfe70249134
|
|
We don't need an endpoint for the glance-registry service, that is
used by glance-api when needed and is not meant to be user-facing.
Change-Id: Ia6c9dd6164d3b91adbc937d70fa74d5fbbfb28a3
|
|
Since the password is now autogenerated from the tripleoclient,
there is no need to keep the default value here.
Change-Id: If41cb56134966456f8590da04f392faffe5c62a1
Closes-Bug: #1557688
|
|
|
|
|
|
|
|
Currently the vnc server on the compute nodes binds on 0.0.0.0.
which only works with IPv4 addresses, it breaks connectivity with
IPv6 addressing.
This fixes https://bugzilla.redhat.com/show_bug.cgi?id=1300678.
Change-Id: Id642d224fb3c62f786453dc684634adca1c2c09d
Co-Authored-By: Giulio Fidente <gfidente@redhat.com>
|
|
This patch adds support for configuring Keystone domain for Heat
via heat-keystone-setup-domain script. It should be reverted
as soon as Keystone v3 is fully functional.
This patch won't be fully functional without either python-keystoneclient
fix [1] or workaround [2].
[1] https://bugs.launchpad.net/python-keystoneclient/+bug/1452298
[2] https://review.openstack.org/180563
Change-Id: Ie9cdd518b299c141f0fdbb3441a7761c27321a88
Co-Authored-By: Jiri Stransky <jistr@redhat.com>
Depends-On: Ic541f11978908f9344e5590f3961f0d31c04bb0c
|
|
For the external loadbalancer work, we added the ability to specify
fixed ips for controller nodes on all network isolation networks.
In order to allow users full control over the placement and ip
addresses of deployed nodes, we need to be able to do the same thing
for the other node types.
Change-Id: I3ea91768b2ea3a40287f2f3cdb823c23533cf290
|
|
Depends-On: I1a8741b9e00775763911222cbe0af677b59e03a1
Change-Id: I373f97ada4e4101700a12b42dfb8ee4b2ff701f2
|
|
|
|
Adds Rabbit environment variable required for IPv6 only support
Change-Id: Iec209ca83a5b0708ac828c4afaf9d2222e597f24
|
|
Previously we used to always set CinderISCSIHelper to lioadm from
the client. With [1] we aim at cleaning up the client from any
default so this change move the actual default into the templates.
1. Iabc94ad1cce6f1744429aca9f866a59a698f5680
Change-Id: I662e4b0e3cf909ec2583d087ca1d246715caf0f7
Related-Bug: 1554564
|
|
|
|
|
|
This just a revert to see if reverting this gets back to a normal CI run time.
This reverts commit f72aed85594f223b6f888e6d0af3c880ea581a66.
Change-Id: I04a0893f6cf69f547a4db26261005e580e1fc90b
|
|
To enable IPv6 in Corosync, you'll need to set the --ipv6 parameter when
building the cluster.
To do so, we need to specify this parameter in puppet configuration when
running ::pacemaker::corosync class.
So we have now a new parameter: CorosyncIPv6 which is a boolean, False
by default. If set to True, it will pass right options to enable IPv6
when building the Pacemaker cluster.
Change-Id: I485f1399964ddd7a201ed19ec6580b8a136b3acd
|
|
AllNodesExtraConfig should really only run after the validation
deployments are done, which validate that basic networking is
functioning.
In particular, creating a swap file during AllNodesExtraConfig while the
validation deployments are still running might cause temporary network
outages which could fail the validations.
Change-Id: Ia2a10318de47854a9b8932d72243ce0a85603556
Partial-Bug: #1553243
|
|
This change adds a new set of network templates with IPv6 subnets
that can be used instead of the existing IPv4 networks. Each network
can use either the IPv4 or IPv6 template, and the Neutron subnet will
be created with the specified IP version.
The default addresses used for the IPv6 networks use the fd00::/8
prefix for the internal isolated networks (this range is reserved
for private use similar to 10.0.0.0/8), and 2001:db8:fd00:1000::/64
is used as an example default for the External network
(2001:db8::/32 are the documentation addresses [RFC3849]), but this
would ordinarily be a globally addressable subnet. These
parameters may be overridden in an environment file.
This change will require updates to the OpenStack Puppet
Modules to support IPv6 addresses in some of the hieradata values.
Many of the OPM modules already have IPv6 support to support IPv6
deployments in Packstack, but some OPM packages that apply only to
Instack/TripleO deployments need to be updated.
IPv6 addresses used in URLs need to be surrounded by brackets in
order to differentiate IP address from port number. This change
adds a new output to the network/ports resources for
ip_address_uri, which is an IP address with brackets in the case
of IPv6, and a raw IP address without brackets for IPv4 ports.
This change also updates some URLs which are constructed in Heat.
This has been tested and problems were found with Puppet not
accepting IPv6 addresses. This is addressed in the latest Puppet.
Additional changes were required to make this work with Ceph.
IPv6 tunnel endpoints with Open vSwitch are not yet supported
(although support is coming soon), so this review leaves the
Tenant network as an isolated IPv4 network for the time being.
Change-Id: Ie7a742bdf1db533edda2998a53d28528f80ef8e2
|
|
Ceilometer Alarm is deprecated in Liberty by Aodh.
This patch:
* manage Aodh Keystone resources
* deploy Aodh API under WSGI, Notifier, Listener and Evaluator
* manage new parameters to customize Aodh deployment
* uses ceilometer DB for the upgrade path
* pacemaker config
Depends-On: I9e34485285829884d9c954b804e3bdd5d6e31635
Depends-On: I891985da9248a88c6ce2df1dd186881f582605ee
Depends-On: Ied8ba5985f43a5c5b3be5b35a091aef6ed86572f
Co-Authored-By: Pradeep Kilambi <pkilambi@redhat.com>
Change-Id: I58d419173e80d2462accf7324c987c71420fd5f6
|
|
Change-Id: I7226070aa87416e79f25625647f8e3076c9e2c9a
|
|
|
|
|
|
This change adds the TripleO Heat Parameters and Puppet hieradata
to support setting the MTU for Neutron tenant networks. A new
parameter, NeutronTenantMtu is introduced, and this gets used for
the NeutronDnsmasqOptions and in Puppet hieradata.
NeutronTenantMtu is also used in the Puppet hieradata for both the
compute and control nodes. Two values are set:
nova::compute::network_device_mtu
which sets /etc/nova/nova.conf: network_device_mtu = <NeutronTenantMtu>
neutron::network_device_mtu
which sets in /etc/neutron/neutron.conf:
network_device_mtu = <NeutronTenantMtu>
finally, the NeutronDnsmasqOptions parameter becomes a str_format
that maps the NeutronTenantMtu onto the DHCP options,
so a default of 'dhcp-option-force=26,%MTU%' would be formatted to
'dhcp-option-force=26,1300' if NeutronTenantMtu were 1300.
This will set dnsmasq to serve an MTU via DHCP that matches the
NeutronTenantMtu:
/etc/neutron/dnsmasq-neutron.conf:dhcp-option-force=26,1300
Typically, you would change all three of these settings to use small
or jumbo frames in VMs. When using tunneling, NeutronTenantMtu
should be set at least 50 bytes smaller than the physical network
MTU in order to make room for tunneling overhead.
Note that this change does not support setting the MTU on veth
interfaces if veth patches are used to br-int instead of OVS
patches.
Change-Id: I38840e082ee01dc3b6fc78e1dd97f53fa4e63039
|
|
|
|
We get false negatives from Tempest when the Cinder LVM backing
file runs out space. This change increases its default size to 10G,
matching devstack [1]
1. https://github.com/openstack-dev/devstack/blob/master/stackrc#L649
Change-Id: Ia334ea481e17c1d35aa67c33729cac6570f48199
|
|
Adds three top-level params to allow the deployer pick a predefined IP
for the InternalApi, Storage and StorageMgmt VIPs. We had this already
for the External network (PublicVirtualFixedIPs) and the ctlplane
network (ControlFixedIPs).
Change-Id: I1509e1888774ffa72445ed681dd8107eec703d64
|
|
|
|
|
|
In prior commit, added default for Sahara password in order to
avoid circular dependency. Removing this default now in order
to force password per other service definitions.
Change-Id: I91f98039e520804b25aaededefa25e80992ba6b5
Partially-implements: bp sahara-integration
|
|
|
|
Currently the value of the CloudName param gets written into the
/etc/hosts file on each controller, but it turns out this is an
invalid configuration. CloudName is supposed to be the DNS name
of the overcloud, and the IP being written is (at least in my case)
the internal API VIP. This breaks in cases such as SSL because
the services are not listening on an SSL port on the internal API
network, so if a service tries to talk to another service using a
CloudName-defined public endpoint it ends up pointed at a
non-existent internal address:port.
Since by definition CloudName is supposed to be resolvable by the
configured DNS server, we should not need an explicit hosts entry
as well. Thus, this patch removes that from the file.
Change-Id: I919b42a219d95296f46852dd3266a54d968cf66b
|
|
|
|
|
|
Integration of OpenStack data processing service (sahara) with
TripleO.
- Deploys sahara in distributed mode (separate api and engine
processes on each controller node)
- Load balancing w/haproxy
- RabbitMQ/MySQL supported per current TripleO standard
- Minimal configurability at this time
Change-Id: I77a6a69ed5691e3b1ba34e9ebb4d88c80019642c
Partially-implements: blueprint sahara-integration
Depends-On: I0f0a1dc2eaa57d8226bad8cfb250110296ab9614
Depends-On: Ib84cc59667616ec94e7edce2715cbd7dd944f4ae
Depends-On: I9fe321fd4284f7bfd55bd2e69dcfe623ed6f8a2a
|
|
This patch enables the port security ML2 extension driver by default. It
should have no impact on users that do not explicitly modify the port
security property on a port.
Change-Id: I1413428a1c0329acf0276bf6032684e5e7f8e177
Closes-Bug: #1531970
|
|
|
|
This change adds support for setting the configuration options required
to enable the quality of service feature in Neutron. The default values
will enable the feature.
Closes-Bug: #1524052
Depends-On: Iefc289a6eee13b9c66f8131c258af982f232df4b
Change-Id: I1abf7d37d39e6927e482b56de4ee3d3d7c313a1c
|
|
|
|
Adds a TimeZone parameter for node types and the top level
stack. Defaults to UTC.
Change-Id: I98123d894ce429c34744233fe3e631cbdd7c12b5
Depends-On: Icf7c681f359e3e48b653ea4648db6a73b532d45e
|
|
|
|
|
Jenkins
Dan Prince
Juan Antonio Osorio Robles
Pradeep Kilambi
Emilien Macchi
Giulio Fidente
Marius Cornea
Martin Mágr
Ben Nemec
James Slagle
Dan Sneddon
Jiri Stransky
Ethan Gafford
Brent Eagles
Nico Auv