aboutsummaryrefslogtreecommitdiffstats
path: root/overcloud.yaml
AgeCommit message (Collapse)AuthorFilesLines
2016-09-02Generate composable service node_names listsSteven Hardy1-1/+2
Some puppet interfaces require a comma separated list of hostnames where a service is running, so generate it in a similar way to th service ips. Change-Id: Icdf5d993d089dc94035194bdbd52299fcbc793be Partially-Implements: blueprint custom-roles
2016-08-31Availability monitoring agents supportMartin Mágr1-1/+12
- adds possibility to install sensu-client on all nodes - each composable service has it's own subscription Co-Authored-By: Emilien Macchi <emilien@redhat.com> Co-Authored-By: Michele Baldessari <michele@redhat.com> Implements: blueprint tripleo-opstools-availability-monitoring Change-Id: I6a215763fd0f0015285b3573305d18d0f56c7770
2016-08-30Merge "Move ceph cluster config out of allNodesConfig"Jenkins1-1/+0
2016-08-30Mv Nova, Neutron, Horizon out of controller.yamlDan Prince1-1/+0
This patch moves the settings for Nova, Neutron, and Horizon out of controller.yaml. Also fixes the NovaPassword settings in nova-base.yaml so they don't use get_input. Also, creates a new apache.yaml base service to contain shared apache settings for several services which use Apache for WSGI. Co-Authored-By: Giulio Fidente <gfidente@redhat.com> Change-Id: I35d909bd5abc23976b5732a2b9af31cf1448838e Related-bug: #1604414
2016-08-30Move ceph cluster config out of allNodesConfigSteven Hardy1-1/+0
Pass the list of ceph nodes to the ceph_mon profile via the service template - this requires some fixup to the profile to handle the ipv6 case. Note this also aligns the ServiceNetMap keys so that the composable node_ips logic will generate the lists when the ceph_mon service is enabled. Change-Id: If8a5c65f17e677fe62243b3aa746fd642f72d2b0 Depends-On: I481dd2cd2cde7f1491080e6d9c7dcb7047c22de1 Partially-Implements: blueprint custom-roles
2016-08-29Merge "Add flag to assert that puppet manages the keystone endpoints"Jenkins1-0/+3
2016-08-29Add flag to assert that puppet manages the keystone endpointsJuan Antonio Osorio Robles1-0/+3
This will be read by the client and it will furtherly skip the post-config. Depends-On: I36e1c478e7c92be61da6a0d710e9025d4d354072 Depends-On: Ibbbe1e016e7e47ea5577de33c5a11d4088811616 Change-Id: Icfb650a1dff704cdcce7349dfb612298d38f2706
2016-08-28Create composable mapping between enabled services and role ipsSteven Hardy1-19/+4
Currently we have a hard-coded list of ips for various services that run on the controller, instead we can dynamically generate that list of per-service ips, initially only for the controller but this approach can be extended so it works for any role. Change-Id: I3c8a946e439539d239ad7281a1395414df0893eb Partially-Implements: blueprint custom-roles
2016-08-27Create hiera service_enabled keys for enabled servicesSteven Hardy1-0/+8
This adds a list of all enabled service_names in the enabled_services key, and also generates some boolean values e.g service_name_enabled, which is more convenient for some usage (such as haproxy where we need an easy way to set a flag saying if a given service is enabled) Partially-Implements: blueprint custom-roles Change-Id: I62273f403838893602816204d9bc50d516c0057f
2016-08-26Merge "Adds OpenDaylight composable service"Jenkins1-0/+7
2016-08-26Merge "Add deployment of CAs via hieradata"Jenkins1-0/+5
2016-08-26Merge "Enable usage of FQDNs for the endpoints"Jenkins1-1/+30
2016-08-26Adds OpenDaylight composable serviceTim Rozet1-0/+7
Introduces environment files for deploying OpenDaylight in two ways: - ODL only managing L2 as an ML2 plugin - ODL managing L2 and L3 DVR, by replacing NeutronL3Agent Two services are added. One to install ODL and configure OVS on the Controllers, and another service to only configure OVS on compute nodes. Paritally-Implements: blueprint opendaylight-integration Depends-On: I666dc0874f1d11a72a62d796f4f6d41f7aa87a3f Change-Id: Ide69e20cbf2ec6151953cb23e51478b770aca17f Signed-off-by: Tim Rozet <trozet@redhat.com>
2016-08-26Merge "SR-IOV nic agent changes in line with composable roles."Jenkins1-0/+1
2016-08-25Move Swift hiera settings into composable servicesDan Prince1-6/+0
This moves the swift local bind and hash prefix settings into the relevant swift-* composable services. Change-Id: I807ff14c4cc9afa39efee13849e0f8c22718f1c0
2016-08-25Merge "Move glance/heat hiera settings to services"Jenkins1-1/+0
2016-08-25Merge "Move network bind IPs out of compute.yaml"Jenkins1-3/+0
2016-08-25Move glance/heat hiera settings to servicesDan Prince1-1/+0
This patch removes the remaining bind IP, and password settings for Heat and Glance into the composable services. Change-Id: I17abcb2a08a1972cbcf8163f6608ac22ddfc15f7 Related-bug: #1604414
2016-08-25Merge "Allow a fixed IP to be allocated to RedisVirtualIP"Jenkins1-0/+7
2016-08-24Move network bind IPs out of compute.yamlDan Prince1-3/+0
This patch moves the local bind host hiera data out of compute.yaml and into composable services. Change-Id: Iae4ca707c429cc8f5ec4d1d514ae7da0bf557dfd
2016-08-24Enable usage of FQDNs for the endpointsJuan Antonio Osorio Robles1-1/+30
The endpoint map has the capability of using the cloud's name for the endpoint. This is broken, however, since this has the problem that we only take into account the overcloud's external endpoint name, which we then cannot use if we have network-isolation enabled, which is the most common use-case for real deployments. So this change proposes the following: * The external endpoint is still CloudName. * We can now set different (or the same if we want) names for the different VIPs of the network. * Using CLOUDNAME for the endpoint map will get a name for the appropriate network. bp tls-via-certmonger Change-Id: I3e7144653f0a1d783d87e6f638304b297f718929
2016-08-23Move RabbitMQ settings out of controller.yamlDan Prince1-1/+0
This moves the config settings out of controller.yaml for RabbitMQ and into puppet/services/rabbitmq.yaml. Related-Bug: #1604414 Change-Id: I6b3d71653fb91b89b85dae7df4088afff22b71ac
2016-08-23Move MySQL settings out of puppet/controller.yamlDan Prince1-9/+0
This moves the config settings out of controller.yaml for MySQL and into puppet/services/database/mysql.yaml. The top leve MysqlRootPassword is still maintained by default in overcloud.yaml so that users who upgrade won't get broken. New users may optionally specify the MysqlRootPassword as a parameter instead which will take priority over the top level generated parameter. We drop the top level MysqlClusterUniquePart because it is no longer used (I think it was a remnant from t-i-e). Related-Bug: #1604414 Change-Id: I06ebac0f4c87dabfccefb2e550a64650868c5b26
2016-08-22Add deployment of CAs via hieradataJuan Antonio Osorio Robles1-0/+5
This enables us to pass a map of CAs to deploy the CA certificates using puppet and hiera instead of the bash script we were using. It also gives us the feature that we will be able to deploy several CA certificates on the nodes instead of just one as was the case before. Change-Id: I9559487874b80aeb093cc2fa2cfa7c0479d5a8b2 Depends-On: I84273b4cd6576a63fa78dc93ad6b077dd2a780c7
2016-08-22SR-IOV nic agent changes in line with composable roles.Sanjay Upadhyay1-0/+1
This add sriov nic agent as composable service. Implements: blueprint tripleo-sriov Depends-On: I3385d831a339deec7d1315f74b501e76109db811 Co-Authored-By: Saravanan KR <skramaja@redhat.com> Change-Id: I8d920f50da9e4261a9fdf702f7760efaa04a5278
2016-08-18Add DefaultPasswords to composable servicesDan Prince1-0/+15
This patch adds a new DefaultPasswords parameter to composable services. This is needed to help provide access to top level password resources that overcloud.yaml currently manages (passwords for Rabbit, Mysql, etc.). Moving the RandomString resources into composable services would cause them to regenerate within the stack. With this approach we can leave them where they are while we deprecate the top level mechanism and move the code that uses the passwords into the composable services. Change-Id: I4f21603c58a169a093962594e860933306879e3f
2016-08-18Pass ServiceNetMap to servicesGiulio Fidente1-1/+5
This will be needed to pick the network where the service has to bind to from within the service template. Change-Id: I52652e1ad8c7b360efd2c7af199e35932aaaea8c
2016-08-18Merge "Add management network to list of networks to ping"Jenkins1-0/+1
2016-08-18Merge "Add tripleo-firewall composable service"Jenkins1-0/+5
2016-08-18Merge "Add tripleo-packages composable service"Jenkins1-0/+5
2016-08-18Merge "Rename NeutronServer to NeutronApi to align with ServiceNetMap"Jenkins1-1/+1
2016-08-17Add tripleo-firewall composable serviceDan Prince1-0/+5
This creates a new service to help manage the puppet-tripleo class that enables firewall features. Currently has no settings but this will keep our interfaces consistent. Change-Id: I5ac85fa1e460b19ee2b1a9280413aebefe300845
2016-08-17Add tripleo-packages composable serviceDan Prince1-0/+5
This creates a new service to help manage the puppet-tripleo class that enables and disables package installation features. NOTE: we can't move the upgrade setting into the new composable service yet due to coupling with the UpgradeDeployment resources. Change-Id: If35cf6a6f023e12ae8ebbc2d9929d244eb3ffa3a
2016-08-17Merge "Update Ironic composable services"Jenkins1-0/+3
2016-08-17Merge "Add cinder-backup service as role"Jenkins1-0/+1
2016-08-15Move neutron settings out of puppet/compute.yamlDan Prince1-3/+0
This finishes moving most of the config settings out of compute.yaml for Neutron and Rabbit. Also removes some other misc unused parameters. Change-Id: Ie340c33fb3434eb70e131ff6e252d0909aabd37c Related-Bug: #1604412
2016-08-15Move Nova settings out of puppet/compute.yamlDan Prince1-1/+0
This finishes moving most of the config settings out of compute.yaml for Nova and into the proper nova-* services. Only the bind port/VIP related Nova settings remain now and those will be dealt with in a follow up patch. Change-Id: I1c40e7d54c11dfff2aaa6438c7701e98da17ebe6 Related-Bug: #1604412
2016-08-12Rename NeutronServer to NeutronApi to align with ServiceNetMapSteven Hardy1-1/+1
The new composable service name conflicts with the existing ServiceNetMap naming, so align with NeutronApi since ServiceNetMap exists in current released versions. This is required so we can correctly generate the neutron_api_node_ips list (needed by puppet-tripleo) based on the service_name. Change-Id: Ic1d45cbaa77bc6ac9ca247c880a9845ca49905da Partially-Implements: blueprint custom-roles
2016-08-12Convert ServiceNetMap to a nested templateSteven Hardy1-108/+72
We introduce a new ServiceNetMap resource which enables some more flexible mappings between the services and their networks. Specifically this patch means: 1. ServiceNetMap no longer has to specify the entire list of all services, operators may if they wish, but a subset is now valid where you want to accept the defaults for some services (the defaults are now accessible via the ServiceNetMapDefaults parameter. 2. We can map some keys which don't fit a pattern that enables conversion from CamelCase to snake_case which is required for compatibility with the service_names in puppet/services* This should be backwards compatible, and in future when we remove internal dependency on the CamelCase names, we could also enable operators to specify e.g heat_api_network in ServiceNetMap which would be more consistent. Change-Id: Ib60198adf76bb69ffbafbfac739e356d153f6194 Partially-Implements: blueprint custom-roles
2016-08-12Merge "Convert EndpointMap to not require per-service VIP parameters"Jenkins1-18/+3
2016-08-11Update Ironic composable servicesDmitry Tantsur1-0/+3
* Add service for configuring Nova compute with Ironic * Fix authentication in Ironic APU * Provide a separate environment file for enabling Ironic Change-Id: I211e6d91eacd238b04a1aa37528d5a91523407d9 Partially-Implements: blueprint ironic-integration
2016-08-11Reinstate CloudDomain properties for Controller/Compute rolesSteven Hardy1-0/+2
These were removed in https://review.openstack.org/#/c/347050 but it turns out the defaults in the role templates is bad, as an empty string results in a malformed hosts file fqdn. So, partially revert that patch so we always pass the global CloudDomain from overcloud.yaml, accepting the default configured there, and remove the empty-string defaults in the role templates. Change-Id: I0ea4190a23488986a3ee9e887328e0e7a03fe3aa
2016-08-11Convert EndpointMap to not require per-service VIP parametersSteven Hardy1-18/+3
Currently we have a hard-coded set of per-service parameters, which will cause problems for custom roles and full composability. As a first step towards making this more configurable, remove the hard-coded per-service parameters from overcloud.yaml, and adjust the EndpointMap generation to instead accept two mappings, the ServiceNetMap and a mapping of networks to IPs (effectively this just moves the map lookup inside the endpoint map instead of inside overcloud.yaml) Change-Id: Ib522e89c36eed2115a6586dd5a6770907d9b33db Partially-Implements: blueprint custom-roles
2016-08-10Add cinder-backup service as roleErno Kuvaja1-0/+1
Tempest tests for cinder contain backup tests that fail unless cinder-backup service is started. This patch facilitates the service start upon the overcloud deployment. Original patch converted to composable role. Co-Authored-By: Giulio Fidente <gfidente@redhat.com> Depends-On: Ib1dfe52b83ab01819fc669312967950e75d8ddf1 Change-Id: I9ca97b3f1c26aac6d81b3525377e1f5fb962313f
2016-08-09Remove Compute role parameters from overcloud.yamlSteven Hardy1-96/+0
To enable custom-roles we need to pass these directly into th role template (where these are already defined with the same names). The remaining parameters which will be removed in subsequent patches, as some will require additional work to ensure backwards compatibility. Change-Id: I5a7e4f12aa7b9697086c1e19a4f7fcb24198c1d4 Partially-Implements: blueprint custom-roles
2016-08-09Merge "Move *Flavor parameters into per-role templates"Jenkins1-35/+0
2016-08-08Merge "Convert AllNodesConfig hosts config to a map"Jenkins1-5/+16
2016-08-08Merge "Add EnabledServices output to overcloud.yaml"Jenkins1-0/+8
2016-08-08Allow a fixed IP to be allocated to RedisVirtualIPGraeme Gillies1-0/+7
The overcloud stack now contains a parameter RedisVirtualFixedIPs which will allow people to specify the IP address they would like to be assigned as a vip used by Redis. This will allow people full control over what IPs are used as VIPs during a deployment. Change-Id: Ib24e62847c4ac43fcd2a09bc84b4a76e992add4b
2016-08-06Add Sahara services to ControllerServices listSteven Hardy1-0/+2
https://review.openstack.org/#/c/318840/ decomposed the Sahara services but they weren't added to the ControllerServices list, thus are now disabled. Since we shipped mitaka with sahara enabled by default, we should probably add them so the behavior is consistent when folks upgrade. This also fixes a couple of issues we missed when landing the initial service templates (partly because CI didn't test them). In order for each service to operate independently when used with Pacemaker, the roles needed to be separated. This commit also does this. Depends-On: Id61eb15b1e2366f5b73c6e7d47941651e40651b1 Change-Id: I0846b328e9d938275e373d58f0b99219b19b326c Closes-Bug: #1592284 Co-Authored-By: Brad P. Crochet <brad@redhat.com>