Age | Commit message (Collapse) | Author | Files | Lines |
|
Implements: blueprint composable-services-within-roles
Depends-On: Ie48a123cc5bc402aee635a5daf118b158c6f3b6a
Closes-Bug: #1601850
Change-Id: Ifcfe0e3937fa8577635d803d46c3dfc2e873e553
|
|
We've got some inconsistent naming here, but I'm not attempting to
fix that yet, only move the current parameters inside each role template.
This should be backwards compatible because the parameter names
don't change, but also enable progress on custom-roles. We can
figure out a strategy for deprecating these and aligning per-role
parameter naming in a subsequent patch.
Also moves ImageUpdatePolicy, which wasn't consistently passed to
all roles anyway, and aligns the default image and constraints
for each role.
Change-Id: I85ec979934df220acbab9f7c3a6055f23e3bfc29
Partially-Implements: blueprint custom-roles
|
|
To enable custom roles, move these into the role templates where
they can be passed via parameter defaults. Because the Compute
role uses an inconsistent NovaCompute naming, these parameters
cannot be generated in overcloud.yaml, so moving them enables
backwards compatibility to be maintained when we move to a
fully jinja generated overcloud (e.g including the role
ResourceGroup resources)
Change-Id: I3f9b2275f2b1daeb8b83f09548a089dadcfe9eee
Partially-Implements: blueprint custom-roles
|
|
This patch adds a new service_name section to each composable
service. We now have an explicit unit test check to ensure that
service_name exists in tools/yaml-validate.py.
This patch also wires service_names into hieradata on each
of the roles so that tools can access the deployed services locally
during deployment and upgrades.
Change-Id: I60861c5aa760534db3e314bba16a13b90ea72f0c
|
|
Due to a recent change introduced in puppet ceilometer[1]
ceilometer auth type defaults to password type and v2
auth_url doesnt work with domain. This fixes the url to
not include suffix.
[1] https://review.openstack.org/#/c/320454/
Change-Id: If672b78b8ce9addf831f5b72a702447e1422f30e
|
|
Implement the service for ceilometer agent compute.
Change-Id: I5ab3887832588ce26e2d258d05f725d87d2c103d
|
|
|
|
|
|
Create a new resource registry entry for a Neutron "compute plugin".
For ML2 this may be the same os the NeutronComputePlugin but patches
for other vendors will follow that require extra bits on nodes
where VMs will be created.
This patch removes the ML2 code from the compute role and instead
uses the existing composable services.
NOTE: we are able to remove the puppet resource chain to force OVS to
get restarted due to puppet-neutron commit:
Idb1332dd498bb3065720f2ccaf68e6b0e9fa80c3 which should resolve that
issue.
Co-Authored-By: Emilien Macchi <emilien@redhat.com>
Depends-On: I95b9188607ab6c599ad4cde6faa1deb081618f3e
Change-Id: I2496372ca6e6ba9f52e9a8bb6e8dc731c125af13
|
|
This patch provides a set of templates that enables
tripleo-heat-templates to be used with a set of already deployed,
installed, and running servers. In this method, Nova and Ironic are not
used to deploy any servers.
This approach is attractive for POC deployments where dedicated
provisioning networks are not available, or other server install methods
are dictated for various reasons.
There are also assumptions that currently have to be made about the software
installed on the already deployed servers. Effectively, they must match the
standard TripleO overcloud-full image.
Co-Authored-By: Steve Hardy <shardy@redhat.com>
Change-Id: I4ab1531f69c73457653f1cca3fe30cc32a04c129
|
|
|
|
|
|
|
|
Since Mitaka, Neutron and Nova do the right thing for MTU, correctly
calculating and applying MTU per network, considering its network type
and underlying physical network MTU (1500 by default). Neutron now also
correctly advertise proper MTU to instances through DHCP and RA
mechanisms. With that, there is no reason to have those MTU hacks in
deployment tools. Actually, they not only do no good, but break some
setups (Jumbo frame aware infrastructure), or at least make them
non-optimal (lowering instance MTU to 1400 when it's not needed, or when
tunnel overhead does not require 100 bytes).
Note that Neutron still has a set of configuration options to allow for
custom physical network MTUs (global_physnet_mtu, path_mtu,
physical_network_mtus). Those options define underlying infrastructure
though, not tenant MTUs. To support Jumbo frames, TripleO should allow
to set those options. That said, it's not the immediate goal of the
patch, and hence such an effort would require a separate patch.
Mitaka+ documentation on MTU configuration for Neutron:
http://docs.openstack.org/mitaka/networking-guide/adv-config-mtu.html
Change-Id: I540ba5dc69d0506f71b59746efcce94c73f9317f
|
|
This change uses the new os-refresh-config --timeout argument to set a
kill timeout for stalled os-refresh-config runs.
4 hours is a reasonable conservative value since it matches the stack
timeout - but it can be set shorter in the future based on actual run
times.
Change-Id: I433f558515df24736263ec0d50de08ad8f78498f
Closes-Bug: #1595722
DependsOn: Ibcbb2090aed126abec8dac49efa53ecbdb2b9b2c
|
|
The ConfigCommand parameter overrides the server resource metadata to
specify what command os-collect-config runs whenever any configuration
data changes.
The default is already 'os-refresh-config' so this change has no
effect but it allows a future change to specify an
os-refresh-config --timeout argument to fix bug #1595722.
Change-Id: I8dd35b6724d8c00e5495faca84ee8fee77641b82
Partial-Bug: #1595722
|
|
We added NodeConfigIdentifiers to trigger config to be re-applied on
update, but then later added DeployIdentifier which forces config to
*always* be applied on update, so we can simplify things by just
referencing the DeployIdentifier directly.
Change-Id: I79212def1936740825b714419dcb4952bc586a39
|
|
This is a first iteration of implementing libvirt and nova compute as
composable services.
Note: some parameters are still in puppet/compute.yaml -- we'll move
them later in a next iteration.
Implements: blueprint composable-services-within-roles
Depends-On: I0b765f8cb08633005c1fc5a5a2a8e5658ff44302
Change-Id: I752198cdf231ef13062ba96c3877e5defd618c3a
|
|
Add timezone as a composable service
Change-Id: I6e0e9cef3703cd186eab15d76e611d00c1da4a4e
Partially-implements: blueprint composable-services-within-roles
|
|
Change-Id: I7265b0781acefd4a0de687b0465144e57bcc079f
Partially-Implements: blueprint composable-services-within-roles
|
|
Add NTP as a composable service for compute nodes.
Partially-implements: blueprint composable-services-within-roles
Change-Id: I53958a660830211dee731e0129f4ff018c0cd853
|
|
This patch removes a variety of unused Neutron parameters.
Most of these parameters stem from the old days of
tripleo-image-elements and are either no longer used
with or were never completely implemented to begin with.
Partially-implements: blueprint composable-services-within-roles
Change-Id: I478d282640affa89e38004e465458e79bd2d153b
|
|
|
|
Some puppet parameters were deprecated, some of them removed.
This patch reduce the number of warnings to a few, and the rest of
warnings are bugs that are in progress by Puppet OpenStack team.
This patch is mostly some cleanup so we don't have useless warnings in
Puppet catalog.
Changes:
* Update Ceilometer auth params
* Update Neutron auth params
* Update Heat auth params
* Update Swift hash suffix param
* Remove neutron::server::notifications::nova_url, useless.
Change-Id: Ie32681a1fe32735f70ba372630da09f91227298c
|
|
Use the new interface in puppet-nova to configure this parameter.
Depends-On: I3498076b292e9dff88b9ad9d5c65c99a2a98cd7f
Change-Id: Id9f253e942f6373f77acc9239d79f62103b39904
|
|
This patch wires a Heat feature to configure
services via a Heat resource chain.
Additional patches will be able to configure
compute services using composable services.
Change-Id: Ib4fd8bffde51902aa19f9673a389600fc467fc45
|
|
This might be useful if we switch to %{hiera()} calls to lookup
the bind address from within a service.
Also gets rid of NetIpSubnetMap and provides same output from
NetIpMap instead.
Change-Id: I328a417d1f1fff9c31e9ad7b2b5083ac19bc7329
|
|
This change configures the hiera merge behavior to 'deeper' [1],
which is useful to merge values when the same hiera key is found
in multiple datafiles.
The hiera default 'native' only picks the value from the key with
the highest priority in the hierarchy.
1. https://docs.puppetlabs.com/hiera/1/lookup_types.html#deep-merging-in-hiera--120
Change-Id: I88c764d9af510ffbbad9fcaa4b747655e38255c2
|
|
Right now, the service-related IPs assosiated with the machine are
registered in the /etc/hosts with different hostnames. This is fine,
except if you need to register that hostname in a third party service
(such as FreeIPA), since the current configuration is not assigning a
domain to those IP addresses. So the current implementation requires
DNS to be properly working, which is not ideal for testing purposes.
Since the current hostnames are not currently being used; it's still
trivial to change this mapping and the format of them. instead of
having entries such as:
<INTERNAL IP> <node>-internalapi
<STORAGE IP> <node>-storage
...
in /etc/hosts; This changes the format to:
<INTERNAL IP> <node>.internalapi.<domain> <node>.internalapi
<STORAGE IP> <node>.storage.<domain> <node>.storage
...
So the network (external, internal, storage, etc...) is now
represented as a subdomain. For simplicity, the format without the
domain is still available through an alias.
Change-Id: I6502959a974546e5de757935acea15df6326acda
|
|
Since the password is now autogenerated from the tripleoclient,
there is no need to keep the default value here.
Change-Id: If41cb56134966456f8590da04f392faffe5c62a1
Closes-Bug: #1557688
|
|
|
|
https://review.openstack.org/268356 can cause issues in IPv6
environments. It generates the following Hiera data:
nova::vncproxy::common::vncproxy_host: [2001:db8:fd00:1000::10]
which fails due to the brackets. Making sure there are no brackets
in nova_vncproxy_host makes it work for both the IP case and when
using DNS names.
Change-Id: Iafe18f042725eb9419d97cd674c4b9a1a895b187
|
|
Currently the vnc server on the compute nodes binds on 0.0.0.0.
which only works with IPv4 addresses, it breaks connectivity with
IPv6 addressing.
This fixes https://bugzilla.redhat.com/show_bug.cgi?id=1300678.
Change-Id: Id642d224fb3c62f786453dc684634adca1c2c09d
Co-Authored-By: Giulio Fidente <gfidente@redhat.com>
|
|
For the external loadbalancer work, we added the ability to specify
fixed ips for controller nodes on all network isolation networks.
In order to allow users full control over the placement and ip
addresses of deployed nodes, we need to be able to do the same thing
for the other node types.
Change-Id: I3ea91768b2ea3a40287f2f3cdb823c23533cf290
|
|
This change adds a new set of network templates with IPv6 subnets
that can be used instead of the existing IPv4 networks. Each network
can use either the IPv4 or IPv6 template, and the Neutron subnet will
be created with the specified IP version.
The default addresses used for the IPv6 networks use the fd00::/8
prefix for the internal isolated networks (this range is reserved
for private use similar to 10.0.0.0/8), and 2001:db8:fd00:1000::/64
is used as an example default for the External network
(2001:db8::/32 are the documentation addresses [RFC3849]), but this
would ordinarily be a globally addressable subnet. These
parameters may be overridden in an environment file.
This change will require updates to the OpenStack Puppet
Modules to support IPv6 addresses in some of the hieradata values.
Many of the OPM modules already have IPv6 support to support IPv6
deployments in Packstack, but some OPM packages that apply only to
Instack/TripleO deployments need to be updated.
IPv6 addresses used in URLs need to be surrounded by brackets in
order to differentiate IP address from port number. This change
adds a new output to the network/ports resources for
ip_address_uri, which is an IP address with brackets in the case
of IPv6, and a raw IP address without brackets for IPv4 ports.
This change also updates some URLs which are constructed in Heat.
This has been tested and problems were found with Puppet not
accepting IPv6 addresses. This is addressed in the latest Puppet.
Additional changes were required to make this work with Ceph.
IPv6 tunnel endpoints with Open vSwitch are not yet supported
(although support is coming soon), so this review leaves the
Tenant network as an isolated IPv4 network for the time being.
Change-Id: Ie7a742bdf1db533edda2998a53d28528f80ef8e2
|
|
|
|
|
|
|
|
|
|
Populates /etc/hosts with an entry for each IP address the node
is on, which will be useful to migrate services configuration from
using IPs into using hostnames.
This is how the lines look like on a host which doesn't have all ports:
172.16.2.6 overcloud-novacompute-0.localdomain overcloud-novacompute-0
192.0.2.9 overcloud-novacompute-0-external
172.16.2.6 overcloud-novacompute-0-internalapi
172.16.1.6 overcloud-novacompute-0-storage
192.0.2.9 overcloud-novacompute-0-storagemgmt
172.16.0.4 overcloud-novacompute-0-tenant
192.0.2.9 overcloud-novacompute-0-management
the network against which the default (or primary) name is resolved
can be configured (for computes) via ComputeHostnameResolveNetwork
Change-Id: Id480207c68e5d68967d67e2091cd081c17ab5dd7
|
|
During upgrades, we only run Puppet on the whole deployment to converge
the state, after the upgrade workflow itself has been fully
completed. That is an opportunity to utilize Puppet to make sure Nova
Compute RPC doesn't remain pinned to the older version.
Change-Id: I6ebc813a80dfd9dfbbb213c38724487e044507b8
|
|
|
|
|
|
|
|
Our current nova-neutron configuration does not work with
the latest puppet-nova. In particular, this patch[1].
This commit adds keystone v3 endpoints to the map and gets the
nova::network::neutron configuration to use them.
[1] https://github.com/openstack/puppet-nova/commit/d09868a59c451932d67c66101b725182d7066a14
Change-Id: Ifb8c23c81c665c2732fa5cd757760668b06a449a
|
|
This change adds extra config yaml files for big switch agent
and big switch lldp.
This change is mainly for compute nodes. The changes related
to controller nodes are landed at e78e1c8d9b5a7ebf327987b22091bff3ed42d1c1
This change also removes the neutron_enable_bigswitch_ml2 flag. Instead,
User needs to specify NeutronMechanismDrivers: bsn_ml2 in environment file.
Previous discussion about this change can be found at an abandoned
review request https://review.openstack.org/#/c/271940/
Depends-On: Iefcfe698691234490504b6747ced7bb9147118de
Change-Id: I81341a4b123dc4a8312a9a00f4b663c7cca63d7c
|
|
This commit ensures we are not using any deprecated parameters for
nova::network::neutron and are using the right variable names.
Change-Id: Ic1b41e2cdbb6b180496822cc363c433e9388aa02
|
|
This change adds the TripleO Heat Parameters and Puppet hieradata
to support setting the MTU for Neutron tenant networks. A new
parameter, NeutronTenantMtu is introduced, and this gets used for
the NeutronDnsmasqOptions and in Puppet hieradata.
NeutronTenantMtu is also used in the Puppet hieradata for both the
compute and control nodes. Two values are set:
nova::compute::network_device_mtu
which sets /etc/nova/nova.conf: network_device_mtu = <NeutronTenantMtu>
neutron::network_device_mtu
which sets in /etc/neutron/neutron.conf:
network_device_mtu = <NeutronTenantMtu>
finally, the NeutronDnsmasqOptions parameter becomes a str_format
that maps the NeutronTenantMtu onto the DHCP options,
so a default of 'dhcp-option-force=26,%MTU%' would be formatted to
'dhcp-option-force=26,1300' if NeutronTenantMtu were 1300.
This will set dnsmasq to serve an MTU via DHCP that matches the
NeutronTenantMtu:
/etc/neutron/dnsmasq-neutron.conf:dhcp-option-force=26,1300
Typically, you would change all three of these settings to use small
or jumbo frames in VMs. When using tunneling, NeutronTenantMtu
should be set at least 50 bytes smaller than the physical network
MTU in order to make room for tunneling overhead.
Note that this change does not support setting the MTU on veth
interfaces if veth patches are used to br-int instead of OVS
patches.
Change-Id: I38840e082ee01dc3b6fc78e1dd97f53fa4e63039
|
|
Some operators desire more granular control of hostnames than is
currently possible via the *HostnameFormat parameters, in particular
mapping nodes to explicit IDs (such as inventory references) is not
easily possible.
So, add a HostnameMap parameter, which is optional and allows
explicit overriding of the default hostnames.
E.g pass an environment like this:
parameter_defaults:
HostnameMap:
overcloud-controller-0: overcloud-controller-prod-123-0
overcloud-controller-1: overcloud-controller-prod-456-0
overcloud-controller-2: overcloud-controller-prod-789-0
Note this is mapping is global (for all roles), because we
expect the keys to be unique given that they include the
role name and index by default.
Note that this depends on a fix for heat bug #1539737
Change-Id: Ib4d3d40e9523903ebccc06c3e14b2d71d924afa3
Depends-On: Ib934f443a8b8e4f75335a9d8b992e7f86791aa45
|
|
|