Age | Commit message (Collapse) | Author | Files | Lines |
|
Make core_plugin, type_drivers and service_plugins parameter in
neutron configurable through heat.
Also changing the type_drivers order to "vxlan,vlan,flat,gre"
Change-Id: Iba895ed5897bdaf7bb772ffc063c424abb6e1638
|
|
The staticweb middleware needs to be put after authentication
middlewares to ensure correct functionality as documented in
http://docs.openstack.org/developer/swift/middleware.html#staticweb
Without this Swift sends a HTML response even if the request was done
using a X-Auth-Token. This might result in a faulty handling of the response on
the client side; for example, "swift stat containername" would report an empty,
private container, while the container might actually be public readable with
data stored in it.
Closes-bug: 1494896
Change-Id: Id48840e0041f8d272e08def292fbedfaf76bbfbb
Co-Authored-By: Christian Schwede <cschwede@redhat.com>
|
|
We were calling nova_config resource to define it
but as of Ic060fc18c8f5d7dc8fcf1d7bd921623dc505a515
its now included as part of the nova::api class.
Closes-bug: #1498237
Change-Id: I948f26304536e2d692acf38d994d29167672168b
Depends-On: I2789e782a4fd673e09c6334b6d56819c68414c80
|
|
|
|
|
|
This is required for HA to work correctly.
Change-Id: I9faa8fd7bbbac67de5c468ab6fc4edb2260dffe7
Depends-On: https://github.com/redhat-openstack/puppet-pacemaker/pull/61
|
|
We don't have swap space enabled on overcloud-full deploys
as discussed at https://bugs.launchpad.net/tripleo/+bug/1491335
The default is 1.5 so configure Virtual ram to physical ram
allocation ratio to 1:1 so we don't allow overcommit.
Related-Bug: 1491335
Change-Id: I58cfe6dc68e8615a5519428412dec8c653bd6093
|
|
Currently mysql root user can connect in a passwordless way from :
* localhost
* 127.0.0.1
* ::1
* <HOSTNAME>
This patch ensures that the mysql root user can connect only from localhost.
Change-Id: If64fd383737c2fbeed4adbe8d98b1f92610956b2
|
|
|
|
|
|
Set up a cron job to flush keystone tokens periodically. The job runs
once a day near midnight per puppet-keystone defaults, and we pass
maxdelay 3600 which means each controller will wait a random delay of up
to 1 hour before running the task.
Change-Id: I351f0273c61106c182aa3945b7ad1ce8f5c7d12b
|
|
The dafault in nova.conf for default_floating_pool is set to nova
which is confusing given to make Tempest tests to pass one has to
create a public network with such a name.
Change-Id: I148222a9f276309ede062ee5292993898ff899d6
|
|
By default MongoDB enables a journaling system that prevents loss of
data in case of an unexpected shut-down. When journaling is enabled,
MongoDB will create the journal files before actually starting the
daemon[1].
The journaling feature is useful in production environment, but not
really on a CI-like system, where we only want to make sure MongoDB is
setup correctly and running, hence here we allow a user to
enable/disable MongoDB journaling.
[1] http://docs.mongodb.org/manual/core/journaling/
Change-Id: I0e4e65af9f650c10fdf5155ff709b4eb984cf4e1
Closes-bug: #1468246
|
|
Currently for both puppet and image-elements based deploys we set
the dhcp_agents_per_network in neutron.conf to 2 and there is no
control over that number (in the hieradata for the former and the
image element for the latter). This change adds the
NeutronDhcpAgentsPerNetwork parameter and also changes the default
to 3 when not explicitly set.
In the puppet case propagate this parameter in the hieradata for
the neutron class and in the non-puppet case expose a new item in
the neutron config to be consumed by the neutron image element
(that change will point here)
Change-Id: Id97c7796db7231b636f2001e28412452cf89562b
|
|
In the overcloud heat, heat.conf instance_user is set to heat-admin.
The consequence of this is that SSHing into heat created guest VMs will require
the user 'heat-admin'. I predict that this will result in user confusion as to
how to SSH into their VMs since they will be attempting default usernames
(centos, cloud-user etc) or the documented heat default user (ec2-user)
This change sets it to an empty string so that default usernames are used.
This change depends on the puppet-heat fix to allow empty string instance_user:
Depends-On: I9e8be0dd50709d271fc81683770c78380724e405
Change-Id: Id14bf3a4ac1b1c95797dae16c674b32a2da230f8
|
|
This value doesn't work, and the default of heat_stack_user is fine.
See https://github.com/openstack/puppet-heat/blob/989ffa65f4339bfd9612cff3b5ddcc4fd301f695/manifests/engine.pp#L22
Resolves: rhbz#1238844
Change-Id: I247121cb91d2b2a34f0f9f769fb411fcbfe6b571
|
|
Allows inclusion of additional arbitrary puppet classes by the
manifests if defined in the *_classes hieradata.
Example: to specify the Nova RAM allocation ratio there is a
param in nova::scheduler::filter but we do not include it
by default; if needed one can use:
nova::scheduler::filter::ram_allocation_ratio: 1.8
controller_classes:
- nova::scheduler::filter
Change-Id: I61d64d2498bed5c49376dee917d106598392db51
|
|
|
|
|
|
This moves the hard coded package name for mariadb into
the RedHat specific hieradata file. This was recently added
to controller.yaml in a1b3fa3e84185b6969a8acfda475fe7fc48bd5a1.
Also, resolves an issue where RedHat.yaml wasn't actually
getting deployed. This is something that should have happened
in 5009cc64322e9fb5723799eb9fbd79076a2dc5da.
Change-Id: Iaa30be3c53a7c54d31d47b997966b0106a202ea4
|
|
We will manage nodes membership using the clustercheck script and
marking all backends as backup, see change:
I7199c7e5d759a76f58c0f48b40e9d460a3163886
Related-Bug: 1467918
Change-Id: I56ebd2d8405ac35c707666d993b396f04aeb683e
|
|
|
|
Per Ceilometer commit 191f7bf9ccee33d8444f7dac5c09ceccce72ca29
(change ID: Ifd1861e3df46fad0e44ff9b5cbd58711bbc87c97) the
Swift Ceilometer middleware no longer exists so we need
to drop it in order to work with the latest upstream
package.
Change-Id: Iebaad0ba477001d663c6875b32d691bbfcda3d8d
|
|
We need to customize the default apache::ip param or the default
vhost configured will listen on ::80
Change-Id: I195a083f727da940841beb3a0c37dade02c6d1ca
|
|
Adds the horizon (httpd) service as pacemaker resource
Also adds a default for the horizon::django_session_engine [1]
which was previously unconfigured. Also adds a server-status.conf
for httpd/pacemaker [2]
[1] https://docs.djangoproject.com/en/dev/topics/http/sessions/#using-cached-sessions
[2] https://github.com/beekhof/osp-ha-deploy/blob/master/pcmk/horizon.scenario#L72
Change-Id: I320837dfecf3241355e8a3345d0ff271592da491
|
|
Change-Id: I16d259055fe4cd22541cd7abd7a26c71bbbaf292
|
|
Specify the MariaDB package name to meet new requirement from
puppetlabs-mysql introduce but latest commit[1][2]
[1]
https://github.com/puppetlabs/puppetlabs-mysql/commit/4bab65edcb98f82f87a4414840fe90ab81b6cea3
[2]
https://github.com/puppetlabs/puppetlabs-mysql/commit/29788fb4c492865b5246daef6cbefe99c4aa067d
Change-Id: I1b855934a88ceb4995ca1a44394db6b7a20c038d
|
|
Change-Id: If87cc4d55e8524246d2cd41a62805f84780006b2
|
|
This will change the way how RabbitMQ clients get to the servers,
they will not go through HAProxy anymore.
Change-Id: I522d7520b383a280505e0e7c8fecba9ac02d2c9b
|
|
|
|
This commit aims to support the creation of the galera cluster via
Pacemaker. With this commit in, three use-cases will be supported.
* Non HA setup / Non Pacemaker setup : The deployment will take place
as it is currently the case in f20puppet-nonha. Nothing changes.
* Non HA setup / Pacemaker setup : Even though it is a non ha setup,
galera cluster via pacemaker will be deployed with a cluster nbr of 1.
* HA setup / Non Pacemaker setup : N/A
* HA setup / Pacemaker setup : It is assumed that HA setup will
always be with pacemaker. So in this situation pacemaker will deploy a
cluster of 3 galera master nodes.
Depends-On: I7aed9acec11486e0f4f67e4d522727476c767d83
Change-Id: If0c37a86fa8b5aa6d452129bccf7341a3a3ba667
|
|
Use some optimized configuration settings for RabbitMQ when
clustered. Data is ported from Astapor.
Change-Id: If54aff5654dbe75e68197588be12cb3995c77ec7
|
|
|
|
This patch adds support for a new GlanceBackend setting
which can be set to one of swift, rbd, or file to control
which Glance backend is configured for use by default.
Change-Id: Id6a3fbc3477e85e8e2446e3dc13d424f9535d0ff
|
|
Install OpenStack Dashboad (Horizon) on the Overcloud Controller with
Puppet.
Co-Authored-By: Giulio Fidente <gfidente@redhat.com>
Depends-On: If9b12d373e407be8be8428d77145f131eb450e88
Change-Id: I254e895014f58a51dade3dcdc63eabbb5dc458ac
|
|
|
|
Depends-On: Ia1bbf53c674e34ba7c70249895b106ec0af3c249
Change-Id: Ifa9f579d26a3cba9f8705226984c7b987ae0ad1c
|
|
Add support for Redis configuration on the overcloud controller role.
Change-Id: I917ff1e7c0abf9d76b9939a97978e858268deac2
Depends-On: I80a6c284af9eceb6b669a03c5d93256261523331
|
|
|
|
This patch aims to configure MongoDB server on controller nodes with
Puppet.
It also create a default replicaset for Ceilometer, so MongoDB can be
highly available when multiple controllers are run.
Change-Id: I3c1ff06ebc3c9dac44fc790caaea711d0eba4bb7
|
|
Change-Id: Ia2e4eae619ca95c0f417f713676732eb4f01304b
Depends-On: I9563eec0a2266deb2ebef2e3d76ae89d39b2be29
|
|
The loadbalancer Puppet code moved to puppet-tripleo (lightweight)
composition layer.
This patch aims to use it and refactor the loadbalancer.pp file.
Co-Authored-By: Dan Prince <dprince@redhat.com>
Change-Id: I1765ac9b6cb01cb64d5d28dad646674ddca859e9
|
|
This reverts commit 4d470abc589c660cd55e4ced92de234fdf83d882
where we disabled swift (and the glance swift backend) due
to the fact that some of the Heat metadata wasn't showing up.
Change-Id: Ib0c01be5844aa79d74b7de02ba3d0657db5047ba
Closes-bug: 1418805
|
|
We have an issue where swift.devices metadata isn't showing
up on our controllers. This causes ringbuilding to fail
meaning swift-proxy won't startup.
This patch disables the swift-proxy and glance swift backend
until we can figure out exactly what caused this change.
Change-Id: I723a4b703d979d7475ac48f41c4c0ac91c306884
Partial-bug: 1418805
|
|
This patch updates puppet on the controller so that it
configures the Neutron dnsmasq options file data with
the value provided by the Heat NeutronDnsmasqOptions
parameter.
Properly configuring this setting can help resolve/tune
overcloud instance connectivity issues w/ SSH etc.
Change-Id: If47ab3d3002ebe19fc980ca5d37f84f4d8851f9b
|
|
This patch adds the ability to configure the Heat API and
Heat engine on controller nodes via puppet.
Change-Id: Ie81090bceed3e18199a36ebb11d1cbcaea83c410
|
|
This patch adds support for the Ceilometer controller
role including the Ceilometer:
-API
-central agent
-alarm notifier
-alarm evaluator
-collector
-expirer
In order to enable swift metering the swift::proxy ceilometer middleware
was added in.
Also, a minor adjustment to the existing ceilometer HA proxy setting
was made to accommodate ceilometer auth settings. (not exactly sure
why but this seems to be required)
Like upstream TripleO Ceilometer is currently using a MySQL database
backend. A follow on patch can support configuring MongoDB for use
with Ceilometer.
Change-Id: I4e171274bd7679d386d93492d13dfa7c5d37f6a8
|
|
Now that we have swift we can switch glance over
to make use of it.
Change-Id: I9513cb63079235337b684aa734af73a0f0cc0afd
|
|
This patch adds support for a Swift proxy and storage
node on the controller.
The implementation is fairly straightforward with the
exception of building the ring. I've followed an
upstream TripleO model here where we build the
actual ring on each node (rather than build once
and rsync). This works because Heat will always
know all the devices ahead of time. In the future
when we have Heat breakpoints it might be possible
to consider optimizing this by generating the ring
once and then rsyncing to all the nodes.
The ringbuilder logic is executed as a seperate
Heat software deployment. On the controller the ring
is executed in between the base service (mysql/rabbit)
and OpenStack service steps. This is to ensure the
ring exists before the Swift proxy is started.
Having the ringbuilder.pp logic as a separate software
config should allow us to reuse it for the Storage
node role.
It should also be noted that swift.zones support is
added here but we are missing an upstream Heat
template change in order for it to be wired
in properly. See: I0e0f5189da1575f2e1ed7fba4bbbe13a8fbf6221
Likewise we need to properly wire in SwiftRingBuild as well.
See: I01311ec3ca265b151f8740bf7dc57cdf0cf0df6f
The underlying puppet ringbuilder code is already wired
to support this change when it lands.
As is this works today and will provide a working Overcloud
Swift-proxy/storage node config. Will follow this up with
a related Swift storage node patch which should allow
puppet to be used for configuration on the storage nodes
as well...
Change-Id: Id1272f796e2507a7357309e8cd6a51ad9e0160af
|
|
This patch provides an alternate implementation of
the OS::TripleO::Controller::SoftwareConfig which uses Puppet
to drive the configuration. Using this it is possible
to create a fully functional overcloud controller instance
which has the controller node configured via Puppet
stackforge modules. Initially this includes only the
following services:
MySQL
RabbitMQ
Keepalived/HAProxy (HA is not yet fully supported however)
Nova
Neutron
Keystone
Glance (file backend)
Cinder
Using these services it is possible to run devtest_overcloud.sh
to completion. The idea is that we can quickly add more
services once we have CI in place.
In order to test this you'll want to build your images
with these elements:
os-net-config
heat-config-puppet
puppet-modules
hiera
None of the OpenStack specific TripleO elements
should be used with this approach (the nova/neutron
elements were NOT used to build the controller image).
Also, rather than use neutron-openvswitch-agent to configure
low level networking it is recommended that os-net-config
by configured directly via heat modeling rather than
parameter passing to init-neutron-ovs. This allows us to
configure the physical network while avoiding the coupling to
the neutron-openvswitch-element that our standard
parameter driven networking currently uses. (We still need
to move init-neutron-ovs so that it isn't coupled and/or deprecate
its use entirely because the heat drive stuff is more flexible.)
Packages may optionally be pre-installed via DIB using the
-p option (-p openstack-neutron,openstack-nova) etc.
Change-Id: If8462e4eacb08eced61a8b03fd7c3c4257e0b5b8
|