Age | Commit message (Collapse) | Author | Files | Lines |
|
This will aid us in using FQDNs instead of IPs if DNS is not set. If
the deployer already has DNS set up, they can easily disable this
profile by adding the use-dns-for-vips.yaml environment file.
bp tls-via-certmonger
Change-Id: I8c1b3f253d0149d575171c208f9a1342a7b26450
Depends-On: I1bdb2701dfb3e7ef072e674c9882d3be5af7296c
|
|
The nodes need to be aware of the fqdn's for the specific endpoints
in the cloud. This could be either to set the entries in /etc/hosts
or to select an appropriate hostname for a certificate to be
generated.
bp tls-via-certmonger
Change-Id: I9b4645b937a344f46ec18a9a68c5afa2bc5206d0
|
|
Move Redis VIP from controller-only to all nodes so that we don't assume
where Redis is deployed.
Change-Id: I55f8d48e3e077951fbcc88158dd6f21a2fe5f457
Related-Bug: #1618510
Partially-Implements: blueprint custom-roles
|
|
This makes it easier to access the VIP data for other node types and
de-ties this from the controller role.
Change-Id: I71125576ec93889fed134b92fb59f7e7dc9920c4
|
|
Moved this list manipulation to puppet-tripleo where it can easily
reference the memcached_node_ips array instead of hard-coded output
from the Controller.
Depends-On: Ic8872e5e51732874ca5b93bff5efd3e7ed75bc31
Change-Id: I523a802c8d22be7602728ebe8966d9e2ee109cde
Partially-Implements: blueprint custom-roles
|
|
Change-Id: Iaf78a5eac223aeb50133fcc6fab043ee746d73fd
Partially-Implements: blueprint custom-roles
|
|
This allows us to create $service_node_ips and $service_node_names
hiera entries for services not deployed on the Controller role.
Co-Authored-By: Thomas Herve <therve@redhat.com>
Change-Id: I688618dda05ff908293c32b9d8518697d57e9eb0
Partially-Implements: blueprint custom-roles
|
|
To avoid the hard-coded references which won't work with
composable roles, we instead default to the rabbitmq_node_ips
list in the per-service puppet-tripleo profiles.
Change-Id: I76b7e06781fdd5d969503b6d73423bb3f5f7a41f
Depends-On: Ie53c93456529420588eb1927703ea91b54095d87
Partially-Implements: blueprint custom-roles
|
|
|
|
|
|
|
|
This patch moves settings for pacemaker and the tripleo firewall
out of controller.yaml.
Related bug: #1604414
Change-Id: I0164717bfd79cdea3de8eb7a64771028bea201ac
|
|
Some puppet interfaces require a comma separated list of hostnames
where a service is running, so generate it in a similar way to th
service ips.
Change-Id: Icdf5d993d089dc94035194bdbd52299fcbc793be
Partially-Implements: blueprint custom-roles
|
|
- adds possibility to install sensu-client on all nodes
- each composable service has it's own subscription
Co-Authored-By: Emilien Macchi <emilien@redhat.com>
Co-Authored-By: Michele Baldessari <michele@redhat.com>
Implements: blueprint tripleo-opstools-availability-monitoring
Change-Id: I6a215763fd0f0015285b3573305d18d0f56c7770
|
|
|
|
This patch moves the settings for Nova, Neutron, and Horizon
out of controller.yaml.
Also fixes the NovaPassword settings in nova-base.yaml
so they don't use get_input.
Also, creates a new apache.yaml base service to contain shared
apache settings for several services which use Apache for WSGI.
Co-Authored-By: Giulio Fidente <gfidente@redhat.com>
Change-Id: I35d909bd5abc23976b5732a2b9af31cf1448838e
Related-bug: #1604414
|
|
The CloudName's default value only included the shortname which is
not a very good practice. This now sets localdomain as the default
domain there.
Change-Id: Ic46b34d94a602aa948b873062015286cf49f7c3c
|
|
Pass the list of ceph nodes to the ceph_mon profile via
the service template - this requires some fixup to the
profile to handle the ipv6 case.
Note this also aligns the ServiceNetMap keys so that the
composable node_ips logic will generate the lists when
the ceph_mon service is enabled.
Change-Id: If8a5c65f17e677fe62243b3aa746fd642f72d2b0
Depends-On: I481dd2cd2cde7f1491080e6d9c7dcb7047c22de1
Partially-Implements: blueprint custom-roles
|
|
|
|
This will be read by the client and it will furtherly skip the post-config.
Depends-On: I36e1c478e7c92be61da6a0d710e9025d4d354072
Depends-On: Ibbbe1e016e7e47ea5577de33c5a11d4088811616
Change-Id: Icfb650a1dff704cdcce7349dfb612298d38f2706
|
|
Currently we have a hard-coded list of ips for various services that
run on the controller, instead we can dynamically generate that list
of per-service ips, initially only for the controller but this approach
can be extended so it works for any role.
Change-Id: I3c8a946e439539d239ad7281a1395414df0893eb
Partially-Implements: blueprint custom-roles
|
|
This adds a list of all enabled service_names in the
enabled_services key, and also generates some boolean
values e.g service_name_enabled, which is more convenient
for some usage (such as haproxy where we need an easy way to
set a flag saying if a given service is enabled)
Partially-Implements: blueprint custom-roles
Change-Id: I62273f403838893602816204d9bc50d516c0057f
|
|
|
|
|
|
|
|
Introduces environment files for deploying OpenDaylight in two ways:
- ODL only managing L2 as an ML2 plugin
- ODL managing L2 and L3 DVR, by replacing NeutronL3Agent
Two services are added. One to install ODL and configure OVS on the
Controllers, and another service to only configure OVS on compute nodes.
Paritally-Implements: blueprint opendaylight-integration
Depends-On: I666dc0874f1d11a72a62d796f4f6d41f7aa87a3f
Change-Id: Ide69e20cbf2ec6151953cb23e51478b770aca17f
Signed-off-by: Tim Rozet <trozet@redhat.com>
|
|
|
|
This moves the swift local bind and hash prefix settings
into the relevant swift-* composable services.
Change-Id: I807ff14c4cc9afa39efee13849e0f8c22718f1c0
|
|
|
|
|
|
This patch removes the remaining bind IP, and password
settings for Heat and Glance into the composable services.
Change-Id: I17abcb2a08a1972cbcf8163f6608ac22ddfc15f7
Related-bug: #1604414
|
|
|
|
This patch moves the local bind host hiera data out
of compute.yaml and into composable services.
Change-Id: Iae4ca707c429cc8f5ec4d1d514ae7da0bf557dfd
|
|
The endpoint map has the capability of using the cloud's name for the
endpoint. This is broken, however, since this has the problem that we
only take into account the overcloud's external endpoint name, which
we then cannot use if we have network-isolation enabled, which is
the most common use-case for real deployments.
So this change proposes the following:
* The external endpoint is still CloudName.
* We can now set different (or the same if we want) names for the
different VIPs of the network.
* Using CLOUDNAME for the endpoint map will get a name for the
appropriate network.
bp tls-via-certmonger
Change-Id: I3e7144653f0a1d783d87e6f638304b297f718929
|
|
This moves the config settings out of controller.yaml for RabbitMQ
and into puppet/services/rabbitmq.yaml.
Related-Bug: #1604414
Change-Id: I6b3d71653fb91b89b85dae7df4088afff22b71ac
|
|
This moves the config settings out of controller.yaml for MySQL
and into puppet/services/database/mysql.yaml.
The top leve MysqlRootPassword is still maintained by default
in overcloud.yaml so that users who upgrade won't get
broken. New users may optionally specify the MysqlRootPassword
as a parameter instead which will take priority over the top
level generated parameter.
We drop the top level MysqlClusterUniquePart because it is no
longer used (I think it was a remnant from t-i-e).
Related-Bug: #1604414
Change-Id: I06ebac0f4c87dabfccefb2e550a64650868c5b26
|
|
This enables us to pass a map of CAs to deploy the CA certificates
using puppet and hiera instead of the bash script we were using. It
also gives us the feature that we will be able to deploy several CA
certificates on the nodes instead of just one as was the case before.
Change-Id: I9559487874b80aeb093cc2fa2cfa7c0479d5a8b2
Depends-On: I84273b4cd6576a63fa78dc93ad6b077dd2a780c7
|
|
This add sriov nic agent as composable service.
Implements: blueprint tripleo-sriov
Depends-On: I3385d831a339deec7d1315f74b501e76109db811
Co-Authored-By: Saravanan KR <skramaja@redhat.com>
Change-Id: I8d920f50da9e4261a9fdf702f7760efaa04a5278
|
|
This patch adds a new DefaultPasswords parameter to
composable services. This is needed to help provide
access to top level password resources that overcloud.yaml
currently manages (passwords for Rabbit, Mysql, etc.).
Moving the RandomString resources into composable services
would cause them to regenerate within the stack. With this
approach we can leave them where they are while we deprecate
the top level mechanism and move the code that uses the
passwords into the composable services.
Change-Id: I4f21603c58a169a093962594e860933306879e3f
|
|
This will be needed to pick the network where the service has
to bind to from within the service template.
Change-Id: I52652e1ad8c7b360efd2c7af199e35932aaaea8c
|
|
|
|
|
|
|
|
|
|
This creates a new service to help manage the puppet-tripleo
class that enables firewall features. Currently has no settings
but this will keep our interfaces consistent.
Change-Id: I5ac85fa1e460b19ee2b1a9280413aebefe300845
|
|
This creates a new service to help manage the puppet-tripleo
class that enables and disables package installation features.
NOTE: we can't move the upgrade setting into the new composable
service yet due to coupling with the UpgradeDeployment resources.
Change-Id: If35cf6a6f023e12ae8ebbc2d9929d244eb3ffa3a
|
|
|
|
|
|
This finishes moving most of the config settings out of
compute.yaml for Neutron and Rabbit. Also removes some
other misc unused parameters.
Change-Id: Ie340c33fb3434eb70e131ff6e252d0909aabd37c
Related-Bug: #1604412
|
|
This finishes moving most of the config settings out of
compute.yaml for Nova and into the proper nova-* services.
Only the bind port/VIP related Nova settings remain now and those
will be dealt with in a follow up patch.
Change-Id: I1c40e7d54c11dfff2aaa6438c7701e98da17ebe6
Related-Bug: #1604412
|