summaryrefslogtreecommitdiffstats
path: root/puppet/compute.yaml
AgeCommit message (Collapse)AuthorFilesLines
2016-07-12Merge "Composable Neutron Core Compute Plugin"Jenkins1-175/+0
2016-07-12Merge "Use already Deployed/Installed servers"Jenkins1-1/+1
2016-07-12Composable Neutron Core Compute PluginDan Prince1-175/+0
Create a new resource registry entry for a Neutron "compute plugin". For ML2 this may be the same os the NeutronComputePlugin but patches for other vendors will follow that require extra bits on nodes where VMs will be created. This patch removes the ML2 code from the compute role and instead uses the existing composable services. NOTE: we are able to remove the puppet resource chain to force OVS to get restarted due to puppet-neutron commit: Idb1332dd498bb3065720f2ccaf68e6b0e9fa80c3 which should resolve that issue. Co-Authored-By: Emilien Macchi <emilien@redhat.com> Depends-On: I95b9188607ab6c599ad4cde6faa1deb081618f3e Change-Id: I2496372ca6e6ba9f52e9a8bb6e8dc731c125af13
2016-07-11Use already Deployed/Installed serversJames Slagle1-1/+1
This patch provides a set of templates that enables tripleo-heat-templates to be used with a set of already deployed, installed, and running servers. In this method, Nova and Ironic are not used to deploy any servers. This approach is attractive for POC deployments where dedicated provisioning networks are not available, or other server install methods are dictated for various reasons. There are also assumptions that currently have to be made about the software installed on the already deployed servers. Effectively, they must match the standard TripleO overcloud-full image. Co-Authored-By: Steve Hardy <shardy@redhat.com> Change-Id: I4ab1531f69c73457653f1cca3fe30cc32a04c129
2016-07-11Merge "neutron: remove tenant MTU configuration options"Jenkins1-12/+0
2016-07-11Merge "Set os-refresh-config timeout to 4 hours"Jenkins1-1/+1
2016-07-11Merge "Template param for what command occ runs"Jenkins1-0/+7
2016-07-05neutron: remove tenant MTU configuration optionsIhar Hrachyshka1-12/+0
Since Mitaka, Neutron and Nova do the right thing for MTU, correctly calculating and applying MTU per network, considering its network type and underlying physical network MTU (1500 by default). Neutron now also correctly advertise proper MTU to instances through DHCP and RA mechanisms. With that, there is no reason to have those MTU hacks in deployment tools. Actually, they not only do no good, but break some setups (Jumbo frame aware infrastructure), or at least make them non-optimal (lowering instance MTU to 1400 when it's not needed, or when tunnel overhead does not require 100 bytes). Note that Neutron still has a set of configuration options to allow for custom physical network MTUs (global_physnet_mtu, path_mtu, physical_network_mtus). Those options define underlying infrastructure though, not tenant MTUs. To support Jumbo frames, TripleO should allow to set those options. That said, it's not the immediate goal of the patch, and hence such an effort would require a separate patch. Mitaka+ documentation on MTU configuration for Neutron: http://docs.openstack.org/mitaka/networking-guide/adv-config-mtu.html Change-Id: I540ba5dc69d0506f71b59746efcce94c73f9317f
2016-07-05Set os-refresh-config timeout to 4 hoursSteve Baker1-1/+1
This change uses the new os-refresh-config --timeout argument to set a kill timeout for stalled os-refresh-config runs. 4 hours is a reasonable conservative value since it matches the stack timeout - but it can be set shorter in the future based on actual run times. Change-Id: I433f558515df24736263ec0d50de08ad8f78498f Closes-Bug: #1595722 DependsOn: Ibcbb2090aed126abec8dac49efa53ecbdb2b9b2c
2016-07-05Template param for what command occ runsSteve Baker1-0/+7
The ConfigCommand parameter overrides the server resource metadata to specify what command os-collect-config runs whenever any configuration data changes. The default is already 'os-refresh-config' so this change has no effect but it allows a future change to specify an os-refresh-config --timeout argument to fix bug #1595722. Change-Id: I8dd35b6724d8c00e5495faca84ee8fee77641b82 Partial-Bug: #1595722
2016-07-04Replace NodeConfigIdentifiers with DeployIdentifierSteven Hardy1-9/+0
We added NodeConfigIdentifiers to trigger config to be re-applied on update, but then later added DeployIdentifier which forces config to *always* be applied on update, so we can simplify things by just referencing the DeployIdentifier directly. Change-Id: I79212def1936740825b714419dcb4952bc586a39
2016-06-30First iteration of libvirt and nova-compute as a composable servicesEmilien Macchi1-0/+4
This is a first iteration of implementing libvirt and nova compute as composable services. Note: some parameters are still in puppet/compute.yaml -- we'll move them later in a next iteration. Implements: blueprint composable-services-within-roles Depends-On: I0b765f8cb08633005c1fc5a5a2a8e5658ff44302 Change-Id: I752198cdf231ef13062ba96c3877e5defd618c3a
2016-06-30Composable Timezone service - ComputeCarlos Camacho1-6/+0
Add timezone as a composable service Change-Id: I6e0e9cef3703cd186eab15d76e611d00c1da4a4e Partially-implements: blueprint composable-services-within-roles
2016-06-29Convert SNMP configuration to composable services formatSteven Hardy1-12/+0
Change-Id: I7265b0781acefd4a0de687b0465144e57bcc079f Partially-Implements: blueprint composable-services-within-roles
2016-06-21Composable roles within services - NTP - ComputeCarlos Camacho1-6/+0
Add NTP as a composable service for compute nodes. Partially-implements: blueprint composable-services-within-roles Change-Id: I53958a660830211dee731e0129f4ff018c0cd853
2016-06-09Remove unused Neutron parameters from rolesDan Prince1-16/+0
This patch removes a variety of unused Neutron parameters. Most of these parameters stem from the old days of tripleo-image-elements and are either no longer used with or were never completely implemented to begin with. Partially-implements: blueprint composable-services-within-roles Change-Id: I478d282640affa89e38004e465458e79bd2d153b
2016-06-01Merge "compute: use new param for live_migration_tunnelled"Jenkins1-0/+6
2016-05-31Cleanup hieradata to reduce Puppet warningsEmilien Macchi1-1/+1
Some puppet parameters were deprecated, some of them removed. This patch reduce the number of warnings to a few, and the rest of warnings are bugs that are in progress by Puppet OpenStack team. This patch is mostly some cleanup so we don't have useless warnings in Puppet catalog. Changes: * Update Ceilometer auth params * Update Neutron auth params * Update Heat auth params * Update Swift hash suffix param * Remove neutron::server::notifications::nova_url, useless. Change-Id: Ie32681a1fe32735f70ba372630da09f91227298c
2016-05-30compute: use new param for live_migration_tunnelledEmilien Macchi1-0/+6
Use the new interface in puppet-nova to configure this parameter. Depends-On: I3498076b292e9dff88b9ad9d5c65c99a2a98cd7f Change-Id: Id9f253e942f6373f77acc9239d79f62103b39904
2016-05-27Configure ComputeServices via resource chainsCarlos Camacho1-0/+6
This patch wires a Heat feature to configure services via a Heat resource chain. Additional patches will be able to configure compute services using composable services. Change-Id: Ib4fd8bffde51902aa19f9673a389600fc467fc45
2016-05-18Dump IPs configuration as hieradataGiulio Fidente1-0/+12
This might be useful if we switch to %{hiera()} calls to lookup the bind address from within a service. Also gets rid of NetIpSubnetMap and provides same output from NetIpMap instead. Change-Id: I328a417d1f1fff9c31e9ad7b2b5083ac19bc7329
2016-04-21Use 'deeper' hiera_hash merge behavior for all rolesGiulio Fidente1-0/+1
This change configures the hiera merge behavior to 'deeper' [1], which is useful to merge values when the same hiera key is found in multiple datafiles. The hiera default 'native' only picks the value from the key with the highest priority in the hierarchy. 1. https://docs.puppetlabs.com/hiera/1/lookup_types.html#deep-merging-in-hiera--120 Change-Id: I88c764d9af510ffbbad9fcaa4b747655e38255c2
2016-04-04Change /etc/hosts format and add domainJuan Antonio Osorio Robles1-12/+12
Right now, the service-related IPs assosiated with the machine are registered in the /etc/hosts with different hostnames. This is fine, except if you need to register that hostname in a third party service (such as FreeIPA), since the current configuration is not assigning a domain to those IP addresses. So the current implementation requires DNS to be properly working, which is not ideal for testing purposes. Since the current hostnames are not currently being used; it's still trivial to change this mapping and the format of them. instead of having entries such as: <INTERNAL IP> <node>-internalapi <STORAGE IP> <node>-storage ... in /etc/hosts; This changes the format to: <INTERNAL IP> <node>.internalapi.<domain> <node>.internalapi <STORAGE IP> <node>.storage.<domain> <node>.storage ... So the network (external, internal, storage, etc...) is now represented as a subdomain. For simplicity, the format without the domain is still available through an alias. Change-Id: I6502959a974546e5de757935acea15df6326acda
2016-03-18Remove default for the RabbitMQ passwordJuan Antonio Osorio Robles1-1/+0
Since the password is now autogenerated from the tripleoclient, there is no need to keep the default value here. Change-Id: If41cb56134966456f8590da04f392faffe5c62a1 Closes-Bug: #1557688
2016-03-10Merge "Enable predictable IPs on non-controllers"Jenkins1-0/+18
2016-03-10Fix vncproxy_host for IPv6Javier Pena1-1/+8
https://review.openstack.org/268356 can cause issues in IPv6 environments. It generates the following Hiera data: nova::vncproxy::common::vncproxy_host: [2001:db8:fd00:1000::10] which fails due to the brackets. Making sure there are no brackets in nova_vncproxy_host makes it work for both the IP case and when using DNS names. Change-Id: Iafe18f042725eb9419d97cd674c4b9a1a895b187
2016-03-10Allow the vnc server to bind on IPv6 address on computesMarius Cornea1-0/+6
Currently the vnc server on the compute nodes binds on 0.0.0.0. which only works with IPv4 addresses, it breaks connectivity with IPv6 addressing. This fixes https://bugzilla.redhat.com/show_bug.cgi?id=1300678. Change-Id: Id642d224fb3c62f786453dc684634adca1c2c09d Co-Authored-By: Giulio Fidente <gfidente@redhat.com>
2016-03-09Enable predictable IPs on non-controllersBen Nemec1-0/+18
For the external loadbalancer work, we added the ability to specify fixed ips for controller nodes on all network isolation networks. In order to allow users full control over the placement and ip addresses of deployed nodes, we need to be able to do the same thing for the other node types. Change-Id: I3ea91768b2ea3a40287f2f3cdb823c23533cf290
2016-03-04Add IPv6 Support to Isolated NetworksDan Sneddon1-0/+6
This change adds a new set of network templates with IPv6 subnets that can be used instead of the existing IPv4 networks. Each network can use either the IPv4 or IPv6 template, and the Neutron subnet will be created with the specified IP version. The default addresses used for the IPv6 networks use the fd00::/8 prefix for the internal isolated networks (this range is reserved for private use similar to 10.0.0.0/8), and 2001:db8:fd00:1000::/64 is used as an example default for the External network (2001:db8::/32 are the documentation addresses [RFC3849]), but this would ordinarily be a globally addressable subnet. These parameters may be overridden in an environment file. This change will require updates to the OpenStack Puppet Modules to support IPv6 addresses in some of the hieradata values. Many of the OPM modules already have IPv6 support to support IPv6 deployments in Packstack, but some OPM packages that apply only to Instack/TripleO deployments need to be updated. IPv6 addresses used in URLs need to be surrounded by brackets in order to differentiate IP address from port number. This change adds a new output to the network/ports resources for ip_address_uri, which is an IP address with brackets in the case of IPv6, and a raw IP address without brackets for IPv4 ports. This change also updates some URLs which are constructed in Heat. This has been tested and problems were found with Puppet not accepting IPv6 addresses. This is addressed in the latest Puppet. Additional changes were required to make this work with Ceph. IPv6 tunnel endpoints with Open vSwitch are not yet supported (although support is coming soon), so this review leaves the Tenant network as an isolated IPv4 network for the time being. Change-Id: Ie7a742bdf1db533edda2998a53d28528f80ef8e2
2016-03-02Merge "Add HostnameMap to allow granular control of hostnames"Jenkins1-1/+8
2016-02-29Merge "OpenContrail heat templates"Jenkins1-0/+1
2016-02-26Merge "Emits a different hostname for each network the node is on"Jenkins1-3/+46
2016-02-26Merge "Nova RPC unpinning"Jenkins1-0/+6
2016-02-24Emits a different hostname for each network the node is onGiulio Fidente1-3/+46
Populates /etc/hosts with an entry for each IP address the node is on, which will be useful to migrate services configuration from using IPs into using hostnames. This is how the lines look like on a host which doesn't have all ports: 172.16.2.6 overcloud-novacompute-0.localdomain overcloud-novacompute-0 192.0.2.9 overcloud-novacompute-0-external 172.16.2.6 overcloud-novacompute-0-internalapi 172.16.1.6 overcloud-novacompute-0-storage 192.0.2.9 overcloud-novacompute-0-storagemgmt 172.16.0.4 overcloud-novacompute-0-tenant 192.0.2.9 overcloud-novacompute-0-management the network against which the default (or primary) name is resolved can be configured (for computes) via ComputeHostnameResolveNetwork Change-Id: Id480207c68e5d68967d67e2091cd081c17ab5dd7
2016-02-24Nova RPC unpinningJiri Stransky1-0/+6
During upgrades, we only run Puppet on the whole deployment to converge the state, after the upgrade workflow itself has been fully completed. That is an opportunity to utilize Puppet to make sure Nova Compute RPC doesn't remain pinned to the older version. Change-Id: I6ebc813a80dfd9dfbbb213c38724487e044507b8
2016-02-24Merge "Nova Neutron configuration now uses keystone v3 endpoint"Jenkins1-1/+1
2016-02-24Merge "Update nova::network::neutron variables to drop deprecated parameters"Jenkins1-3/+3
2016-02-24Merge "Allow vncproxy to work with ssl enabled"Jenkins1-0/+6
2016-02-23Nova Neutron configuration now uses keystone v3 endpointDavid Moreau Simard1-1/+1
Our current nova-neutron configuration does not work with the latest puppet-nova. In particular, this patch[1]. This commit adds keystone v3 endpoints to the map and gets the nova::network::neutron configuration to use them. [1] https://github.com/openstack/puppet-nova/commit/d09868a59c451932d67c66101b725182d7066a14 Change-Id: Ifb8c23c81c665c2732fa5cd757760668b06a449a
2016-02-22Add extra config yaml files for big switch agents.xinwu1-0/+1
This change adds extra config yaml files for big switch agent and big switch lldp. This change is mainly for compute nodes. The changes related to controller nodes are landed at e78e1c8d9b5a7ebf327987b22091bff3ed42d1c1 This change also removes the neutron_enable_bigswitch_ml2 flag. Instead, User needs to specify NeutronMechanismDrivers: bsn_ml2 in environment file. Previous discussion about this change can be found at an abandoned review request https://review.openstack.org/#/c/271940/ Depends-On: Iefcfe698691234490504b6747ced7bb9147118de Change-Id: I81341a4b123dc4a8312a9a00f4b663c7cca63d7c
2016-02-22Update nova::network::neutron variables to drop deprecated parametersDavid Moreau Simard1-3/+3
This commit ensures we are not using any deprecated parameters for nova::network::neutron and are using the right variable names. Change-Id: Ic1b41e2cdbb6b180496822cc363c433e9388aa02
2016-02-17Add TripleO Heat Template Parameters for Neutron Tenant MTUDan Sneddon1-0/+12
This change adds the TripleO Heat Parameters and Puppet hieradata to support setting the MTU for Neutron tenant networks. A new parameter, NeutronTenantMtu is introduced, and this gets used for the NeutronDnsmasqOptions and in Puppet hieradata. NeutronTenantMtu is also used in the Puppet hieradata for both the compute and control nodes. Two values are set: nova::compute::network_device_mtu which sets /etc/nova/nova.conf: network_device_mtu = <NeutronTenantMtu> neutron::network_device_mtu which sets in /etc/neutron/neutron.conf: network_device_mtu = <NeutronTenantMtu> finally, the NeutronDnsmasqOptions parameter becomes a str_format that maps the NeutronTenantMtu onto the DHCP options, so a default of 'dhcp-option-force=26,%MTU%' would be formatted to 'dhcp-option-force=26,1300' if NeutronTenantMtu were 1300. This will set dnsmasq to serve an MTU via DHCP that matches the NeutronTenantMtu: /etc/neutron/dnsmasq-neutron.conf:dhcp-option-force=26,1300 Typically, you would change all three of these settings to use small or jumbo frames in VMs. When using tunneling, NeutronTenantMtu should be set at least 50 bytes smaller than the physical network MTU in order to make room for tunneling overhead. Note that this change does not support setting the MTU on veth interfaces if veth patches are used to br-int instead of OVS patches. Change-Id: I38840e082ee01dc3b6fc78e1dd97f53fa4e63039
2016-02-03Add HostnameMap to allow granular control of hostnamesSteven Hardy1-1/+8
Some operators desire more granular control of hostnames than is currently possible via the *HostnameFormat parameters, in particular mapping nodes to explicit IDs (such as inventory references) is not easily possible. So, add a HostnameMap parameter, which is optional and allows explicit overriding of the default hostnames. E.g pass an environment like this: parameter_defaults: HostnameMap: overcloud-controller-0: overcloud-controller-prod-123-0 overcloud-controller-1: overcloud-controller-prod-456-0 overcloud-controller-2: overcloud-controller-prod-789-0 Note this is mapping is global (for all roles), because we expect the keys to be unique given that they include the role name and index by default. Note that this depends on a fix for heat bug #1539737 Change-Id: Ib4d3d40e9523903ebccc06c3e14b2d71d924afa3 Depends-On: Ib934f443a8b8e4f75335a9d8b992e7f86791aa45
2016-01-22Merge "Update VNI and TunnelID ranges."Jenkins1-2/+2
2016-01-21OpenContrail heat templatesNicolas Hicher1-0/+1
Deploy a TripleO overcloud with OpenContrail Vrouter plugin configured to interact with an existing OpenContrail Server Manager. OpenContrail is an Apache 2.0-licensed project that is built using standards-based protocols and provides all the necessary components for network virtualization–SDN controller, virtual router, analytics engine, and published northbound APIs. It has an extensive REST API to configure and gather operational and analytics data from the system. Co-Authored-By: Jiri Stransky <jistr@redhat.com> Change-Id: I699a7c4ea09d024fe4d70c6a507c524f0a7aafd5
2016-01-19Merge "Fix tunnel_types hieradata on compute nodes"Jenkins1-1/+1
2016-01-18Fix tunnel_types hieradata on compute nodesBen Nemec1-1/+1
There was a missing : in the hieradata for the compute nodes that caused tunnel_types to not be configured. This also made it impossible to boot instances on tunneled networks because the port binding always failed. Change-Id: Icc2a45aa9514ce62497f91e6abe9261d1c1374ed Partial-Bug: 1534349
2016-01-18Merge "Set the name property for all deployment resources"Jenkins1-0/+3
2016-01-15Allow vncproxy to work with ssl enabledBen Nemec1-0/+6
Right now our vncproxy settings are hard-coded to http and the non-ssl port. This change adds a vncproxy entry to the endpoint map and uses those values to configure the proxy correctly on compute nodes. This is sufficient to get it working in my environment with ssl enabled. Change-Id: I9d69b088eef4700959b33c7e0eb44932949d7b71
2016-01-07Merge "Add TimeZone parameter for all node types"Jenkins1-0/+6