| Age | Commit message (Collapse) | Author | Files | Lines |
|---|
|
Updates the /puppet directory templates so that we drop the
'-puppet' from the filenames. This is redundant because
we already have puppet in the directory name and fixes
inconsistencies where we aren't using -puppet in
all the files within the puppet directory.
Depends-On: I71cb07b2f5305aaf9c43ab175cca976e844b8175
Change-Id: I70d6e048a566666f5d6e5c2407f8a6b4fd9f6f87
|
|
This patch updates all network configuration templates so that
we configure the ctlplane network interface with a static IP
instead of using DHCP.
The IP address used for the static IP is passed into each
nested stack network configuration template via the ControlPlaneIp
parameter.
Three new nested stack parameters called ControlPlaneSubnetCidr,
ControlPlaneDefaultRoute, and EC2MetadataIp have been added to help
configure the CIDR, default route, and EC2 metadata route on the ctlplane
statically. These parameters can be customized via the
parameter_defaults section in the heat environment.
A single new template called net-config-static-bridge.yaml has
been added to help migrate towards using the static
configuration templates when not using network isolation.
Depends-On: I257e1cba6dee16f73f75512d1284e1e3b9d4c831
Change-Id: Ib267e6dcf2d5ff77f7a82ee20a123965c2d07565
|
|
|
|
When using network isolation you might want to selective
move one of the services back to the default ctlplane network
by simply using the ServiceNetMap parameter. This patch
adds ctlplane to the output parameters for both
the net_ip_map and net_ip_list_map nested stacks so that
this is possible.
As part of this patch we also split out the NetIpSubnetMap
into its own unique nested stack so that the Heat input
parameters for this stack are more clearly named.
Change-Id: Iaa2dcaebeac896404e87ec0c635688b2a59a9e0f
|
|
Reinstates the heat-admin user via template user-data, which
replaces the previous boothook injected user provided by the
(deprecated now removed) heat instance_user option.
This has some advantages over the heat.conf option, e.g it allows
for much easier customzation of the user configuration (additional
SSH keys, adding groups etc), and also in future if we support
deploying more than one overcloud you could specify a different
user per deployment.
Co-Authored-By: Dan Prince <dprince@redhat.com>
Change-Id: I2235b9690c01542d8a28ec1c1a4607de751aea29
Closes-Bug: #1229849
|
|
|
|
This wires in use of a new puppet-tripleo class which
encapsulates the logic to enable/disable package
installation and upgrades.
By using the new class we can remove the global
Package provider declaration at the top of each
module.
Change-Id: I5c6e5fd8600031bd8fb6195649721607c560f9d5
Depends-on: Ie8fbc344149bc8c9977e127de77636903607617a
|
|
Adds support for global (ExtraConfig) and role-specific
(BlockStorageExtraConfig) hiera overrides, similar to those added
for the Controller and NovaCompute roles.
Change-Id: Iaf9665b53407e6a657f56d6516469f2c88bafbdd
|
|
The *HostnameResolveNetwork services define the network against
which the hostnames in /etc/hosts should be resolved, defaults
to 'internal_api' for all except CephStorage for which it uses
'storage' as they do not have connectivity to 'internal_api'.
Closes-Bug: 1471179
Change-Id: Ia8971f8a63016966236e7975ac2d97921a314255
|
|
|
|
This patch updates the cinder block storage role
for Puppet so that it supports network isolation.
This includes using the (optional) isolated networks
for MySQL, Glance API, and iscsi network traffic.
Change-Id: Icdfbf5fce7380e6049babca0cd50ca2e4008c1b0
|
|
|
|
|
|
Currently, we use the heat default server names, which results in some
fairly unreadable hostnames due to the level of nesting in the templates.
e.g ov-sszdbj5rdne-0-bhseh65edxv6-Controller-zoqc6tlypbdp
Instead, we allow the user to specify a format string per role, defaulted
to a string which formats the name e.g <stackname>-controller-<index>
e.g overcloud-controller-0
Optionally additional hostname components (not replaced by heat) could be
added, such that deployment time customization of hostnames via firstboot
scripts (e.g cloud-init) may be possible.
Should anyone wish to maintain the old heat-generated names, they can pass
an empty string via these parameters, which heat will treat as if no "name"
property was provided to OS::Nova::Server.
Change-Id: I1730caa0c2256f970da22ab21fa3aa1549b3f90b
|
|
When you do a stack-update which affects, e.g ControllerDeployment
such that some value in hieradata is updated (for example changing
the "Debug" parameter to True), we only write the hieradata file and
don't reapply the manifests.
So we introduce a dependency on the deploy_stdout values from all
hieradata applying configs, such that the manifests will be re-applied
on update if the data is changed.
This requires https://review.openstack.org/#/c/190282/ so that
99-refresh-completed will return the derived config ID as part of the
deploy_stdout payload.
Closes-Bug: #1463092
Change-Id: I1175248c3236d0c42e37d062afce550efce8aadc
|
|
We want to make sure to be able to resolve the default domain
suffix (.localdomain) appended when no domain option is passed by
the dhcp server.
Change-Id: I33111e91b502f57da442e5745de2217bd6d2d882
|
|
This change adds config and deployment resources to trigger package
updates on nodes. The deployments are triggered by doing a stack-update
and setting one of the parameters to a unique value.
The intent is that rolling update will be controlled by setting
breakpoints on all of the UpdateDeployment resources inside the
role resource groups.
Change-Id: I56bbf944ecd6cbdbf116021b8a53f9f9111c134f
|
|
Currently we use NO_SIGNAL on both the NetworkConfig and subsequent config
deploying the data associated with the role. This means there is a risk that
should the NetworkConfig do anything interruptive (os-net-config can do
interface renaming based on discovery data for example) the role configuration
config could fail, and we'd never know until some later error occurs.
Additionally, we need to be sure that the heiradata deployed by each of the role
specicific configs is actually in-place before proceeding with any of the cluster
configuration - atm this works due to the inherent delays involved deploying to
bare-metal, but there's still a theoretical race if very fast deployment backends
(I'm thinking containers, e.g lxc backend to nova or something) were used instead.
Essentially, we should never be using NO_SIGNAL unless we want to ignore failure,
which AFAICT is not the case in this instance.
Change-Id: I0dbbcc87fb8df8e6bc4775c39fa616b0d0713464
|
|
|
|
This patch removes the custom config_id outputs and replaces
it with OS::stack_id which allows us to just call get_resource
in the parent stack.
The motivation for this change is we'll be adding more os-net-config
templates and it would be nice to take advantage of this newer
template feature.
Change-Id: I6fcb26024b94420779b86766e16d8a24210c4f8e
|
|
This patch updates the cinder block storage roles so that
they can optionally make use of isolated network
ports on the storage, storage management, and internal_api
networks.
-Multiple networks are created based upon settings in the heat
resource registry. These nets will either use the noop network (the
control plane pass-thru default) or create a custom Neutron port on
each of the configured networks.
-The ipaddress/subnet of each network is passed passed into the
NetworkConfig resource which drives os-net-config. This allows the
deployer to define a custom network template for static IPs, etc
on each of the networks.
-The ipaddress is exposed as an output parameter. By exposing
the individual addresses as outputs we allow Heat to construct
collections of ports for various services.
Change-Id: I4e18cd4763455f815a8f8b82c93a598c99cc3842
|
|
|
|
This patch bumps the HOT version for the overcloud
to Kilo 2015-04-30. We should have already done this
since we are making use of OS::stack_id (a kilo feature)
in some of the nested stacks. Also, this will give us access to
the new repeat function as well.
Change-Id: Ic534e5aeb03bd53296dc4d98c2ac5971464d7fe4
|
|
This will change the way how RabbitMQ clients get to the servers,
they will not go through HAProxy anymore.
Change-Id: I522d7520b383a280505e0e7c8fecba9ac02d2c9b
|
|
We need to stop using "unset" as the password for all databases. Ideally we
would add a "XxxxDSN" parameter (e.g. KeystoneDSN) but this wont work because
we don't know the VirtualIP to pass in.
Until we can come up with a better solution we should at least get rid of
the "unset" passwords.
Change-Id: I31f45912fa9c116ccdee010a2c5d91ea43a25671
Depends-On: I8ffe1eb481f615b0fbe127cd8107f1e70794c839
|
|
Remove references to the .novalocal domain part in the hosts file.
Change-Id: Idf14907adaf2f35440b6f28870fe18434eadd1be
Depends-On: Iadfdf4120c4d1c9b6976321753957fd4eecf301c
|
|
|
|
This change allows a different network config for each family of hosts. For
instance, the controller may have a different network configuration than a
block storage node. This change adds a declaration for each family in the
overcloud-resource-registry.yaml & overcloud-resource-registry-puppet.yaml.
Change-Id: I083df7ebbb535f97d8ddec2ac0e06281c55986cd
|
|
Currently all the OS::Nova::Server resource created don't pass any
user-data. It's possible to pass user-data as well as using heat
SoftwareConfig/SoftwareDeployment resources, and this can be useful
when you have simple "first boot" tasks which are possible either via
cloud-init, or via simple run-once scripts.
This enables passing such data by implementing a new provider resource
OS::TripleO::NodeUserData, which defaults to passing an empty mime
archive (thus it's a no-op). An example of non no-op usage is also
provided.
Change-Id: Id0caba69768630e3a10439ba1fc2547a609c0cfe
|
|
These appear in the Tuskar UI and CLI so are worth keeping
consistent with those of the controller/compute nodes
Change-Id: I7cdd3a67d6f190f43e279fad0c4bf5f409d1e161
|
|
It's very confusing for them to be different, especially in the case of
comparing Tuskar vs non-Tuskar deployments where the parameters are read
from different files.
Note: NeutronPhysicalBridge is named differently in the overcloud
template (HypervisorNeutronPhysicalBridge). This is the only parameter
checked that isn't named exactly the same, hopefully there aren't any
others.
(Checked controller, compute, ceph, cinder, and swift for both puppet
and non-puppet templates)
Change-Id: I48ce1eb40d2d080c589ce619c50eddff17efe882
|
|
|
|
This updates all of the puppet roles to use an optional
osfamily hieradata file which can be used to provide
distro specific settings.
Also, updates the controller role to make use of this
new file for setting the rabbitmq package_provider
parameter.
Change-Id: I46417db51b87b82bf276dfcef5647a90c37fb07d
|
|
Propagate the top-level Debug parameter wherever it makes sense.
Swift doesn't have this kind of debug setting, it only allows to
configure log levels, so we'll need a different approach there.
Change-Id: I15332315a2fbaeaf924cde4e748fb0e064a778b7
|
|
Change-Id: I1bb8ee15d361638d77c5df7f8c03561c34f4c88f
|
|
Currently Cinder iscsi backend is configured within the DEFAULT section.
Since we aim to support multibackend, this commit puts the iscsi backend
in its own section and enable it by default configuring it properly.
Also adds a parameter which can be used to disable the default backend.
Co-Authored-By: Giulio Fidente <gfidente@redhat.com>
Change-Id: I05fb44b59829c0afa8a6588956a48320f2f65159
|
|
This patch adds a new BlockStoreNodesPostDeployment resource
which can be used along with the environment file to
specify a nested stack which is guaranteed to execute
after all the BlockStore config deployments have executed.
This is really useful for Puppet in that Heat actually
controls where puppet executes in the deployment
process and we want to ensure puppet runs after
all hiera configuration data has be deployed to
the nodes. With the previous approach some of the
data would be there, but allNodes data would not be
guaranteed to be there in time.
As os-apply-config (tripleo-image-elements) have their
ordering controlled within the elements themselves an empty stubbed
in nested stack has been added so that we don't break that
implementation.
Change-Id: I29b3574e341eecd53b2867788f415bff153cfa9f
|
|
This cleans up the top level tree by moving all the puppet
related bits into the puppet directory. The only exception
is overcloud-resource-registry-puppet.yaml which is
the puppet environment file and is used externally.
Change-Id: Idb65a7143b0f29e5579d4e9d1642e4cda6f65d50
|
Dan Prince
Jenkins
Steven Hardy
Giulio Fidente
Steve Baker
Derek Higgins
Dan Sneddon
Jeff Peeler
Jiri Stransky
Yanis Guenane