Age | Commit message (Collapse) | Author | Files | Lines |
|
Change-Id: I3fada6c5b0265bc6536c89da0ef4b709ead13b7d
|
|
Change-Id: I2aaf30289cc792e8860ca9c962d80baf7e804cbf
|
|
Change-Id: I405bc9895160cc867f933e6b0d56546d460d2e3a
|
|
Change-Id: I934aff4960588a3957b7a7bcc90385ae48d34d1e
|
|
|
|
|
|
|
|
This commit adds the epmd port 4369 to the firewall configuration for
the service rabbit. This is necessary for having HA setups working,
since without this port the rabbitmq cloned resource starts only on one
node and the others are not able to complete the rabbit cluster
creation.
Change-Id: Iae042dd60a578e158b75539dc3998fc40185b343
|
|
Gnocchi 2.1 introduces a change where legacy resource types
needed by ceilometer are not created by default. Instead a
new flag is exposed to create these. We should use this by
default. Note that this is an optional flag and is only
needed if you want to create legacy resource types.
Change-Id: I95ccccb40ce4a8319d0776c4d62c2890cf1fd970
Closes-bug: #1592449
|
|
This is a first iteration of implementing libvirt and nova compute as
composable services.
Note: some parameters are still in puppet/compute.yaml -- we'll move
them later in a next iteration.
Implements: blueprint composable-services-within-roles
Depends-On: I0b765f8cb08633005c1fc5a5a2a8e5658ff44302
Change-Id: I752198cdf231ef13062ba96c3877e5defd618c3a
|
|
|
|
Note that this change is not enough yet to deploy bare metal instances,
it only deploys Ironic services themselves and makes sure they work.
Also it does not support HA for now.
Co-Authored-By: Dmitry Tantsur <dtansur@redhat.com>
Partially-implements: blueprint ironic-integration
Change-Id: I541be905022264e2d4828e7c46338f2e300df540
|
|
Change-Id: I469f2bd429eba23b2010b7380e794c67b18e7a47
Depends-On: I1aa46086f69e7c3efd2782da62fd18ade8343fde
Partial-Bug: 1595518
|
|
|
|
Currently aodh uses ceilometer backend, instead
change it to use its own mysql db.
Change-Id: Idaa879af4e6946e804111d581402e620beb89885
|
|
Both with and without SSL.
Change-Id: I3163cbac8cb37e03ae298fa02e85bdaa66157471
|
|
This is required to allow ha deployments with ManageFirewall: True
These are the ports documented in [1].
1: https://access.redhat.com/documentation/en-US/Red_Hat_Enterprise_Linux/6/html-single/Configuring_the_Red_Hat_High_Availability_Add-On_with_Pacemaker/index.html#s1-firewalls-HAAR
Change-Id: I446cc0ed863df15e28fa8ec1f5e2a06c5c03af8c
Closes-Bug: 1594470
|
|
This has been removed by the puppet-firewall module in favor of
explicit dport and sport params. I believe in every case we are
intending to set dport, so that's what this change does.
Change-Id: I35c9efca691f865f2e2562ee81a7195d48d27d7a
|
|
Implement NovaCompute service using nova-base for common parameters.
Depends-On: I57f729daf675674ce37b49e17652c575715fbe23
Implements: blueprint composable-services-within-roles
Change-Id: I4494a94a3813d255b9f2d5a18874efd6a63737df
|
|
Implement NovaConsoleauth service using nova-base for common
meters.
Depends-On: I955b4fc07dc07d8adc32411848e3e131d77a5123
Implements: blueprint composable-services-within-roles
Change-Id: I7248f9c0a7a575675a2c2551ca9f8f51290a6656
|
|
Implement NovaScheduler service using nova-base for common parameters.
Depends-On: I5e1c90e3c6dc556f872ced73744c5c74caaa3635
Change-Id: Ie50716a09c53d656835b16991128c94b35cf1ed2
Implements: blueprint composable-services-within-roles
|
|
|
|
Implement NovaConductor service using nova-base for common parameters.
* Move rabbitmq parameters from controller.yaml to nova-base service, as
an example. More parameters will move in the future.
* Move nova-conductor bits from monolithic manifests to the new service
using new profiles from puppet-tripleo.
Depends-On: Iaaf3a3c2528d9747e41f360a1fe55f95ed37b2d1
Implements: blueprint composable-services-within-roles
Change-Id: I178f092b74ae12f2cb6f006db7cb00e4d6bddfd8
|
|
Uses a shared cinder-base resource to do the database
and messaging configuration for all three services.
Depends-On: I3c6d5226eed5f0f852b0ad9476c7cd9a959fda69
Change-Id: I47c5fd190efca5f02e73fd22aba6cda573daf5cc
|
|
|
|
|
|
|
|
Nova is using http_proxy_to_wsgi middleware[1][2]. This parses the
headers provided by the proxy, and helps us properly use TLS for
keystone discovery. There was an option introduced in this middleware
to have it disabled by default, and this change enables it.
[1] Ia78f73e96585ab33a379a0b0be6d9682f7fbd810
[2] I808469f24066d382decf55b9dad5312d6e068da7
Change-Id: I3918f24c0c87cb626a28645b46e3df6360d5f924
|
|
Recently the 'host' parameter was added to the neutron manifest. So we
no longer need to manually add it to the configuration.
Change-Id: I6cb73c6d5da8b99680dec97e03ac4805451835fb
Depends-On: I81b86208826e99beccafd2871ce2afd45394e37f
|
|
Recently the 'host' parameter was added to the nova manifest. So we
no longer need to manually add it to the configuration.
Change-Id: I6f3dc50ea8737e5e7cd859685a9308edff976f31
Depends-On: Icce3ebc401442651942f8de3eabffadaad812377
|
|
|
|
Some puppet parameters were deprecated, some of them removed.
This patch reduce the number of warnings to a few, and the rest of
warnings are bugs that are in progress by Puppet OpenStack team.
This patch is mostly some cleanup so we don't have useless warnings in
Puppet catalog.
Changes:
* Update Ceilometer auth params
* Update Neutron auth params
* Update Heat auth params
* Update Swift hash suffix param
* Remove neutron::server::notifications::nova_url, useless.
Change-Id: Ie32681a1fe32735f70ba372630da09f91227298c
|
|
The default journal size is 5 gigs. This change stops us
overwriting it with 1 gig that is too small for production.
The config value is used by ceph only when it creates the
journal so this does not affect upgrades.
Change-Id: I4bfd2ab47e131d8fcdd5dc75a5a56cfae8b22d5a
|
|
In puppet-tripleo, we split loadbalancer.pp in 2 classes to be more
composable: haproxy & keepalived.
This patch is just updating all hiera parameters related to HAproxy &
keepalived.
Depends-On: I46ed8348dc990d9aa0d896e1abea3b30a8292634
Change-Id: Ibf56184cd10af1d0dcae773c02b0f31a6204badf
|
|
Cinder is using http_proxy_to_wsgi middleware. This parses the
headers provided by the proxy, and helps us properly use TLS for
keystone discovery. There was an option introduced in this middleware
to have it disabled by default, and this change enables it.
Change-Id: Ia33b3fa04d71eab10effd0b33eb2c194282cd15b
|
|
In Fedora/RHEL land we carry a patch that sets the loopback_users
config explicitely to []. Since this patch diverges from upstream
and sometimes gets dropped by mistake during rebases, let's set
this value explicitely in our config files, instead of relying
on a patch that is distro-specific.
The patch is here:
http://pkgs.fedoraproject.org/cgit/rpms/rabbitmq-server.git/tree/rabbitmq-server-0004-Allow-guest-login-from-non-loopback-connections.patch
Change-Id: If9ca05b38a8bd2a6834c08336a816bbd0ae1ea94
|
|
Nova EC2 does not exist anymore since Mitaka, parameters are already
deprecated in Mitaka and send warnings to the Puppet catalog.
The service has been replaced by ec2api project, where Puppet OpenStack
team is currently writting a module.
In the meantime we add support in TripleO, this patch removes all
occurences of Nova EC2 configuration, which are useless and send
warnings for nothing.
Change-Id: Ief2d0e5c77b5ac58560606fee930fbd66c40ffc3
|
|
Adds new puppet and puppet pacemaker specific services for
the Neutron DHCP agent.
Depends-On: Ibbfd79421f871e41f870745a593cca65e8c0e58a
Partially-implements: blueprint composable-services-within-roles
Change-Id: Ia61295943e67efe354a51a26fe4540f288ff6ede
|
|
Puppet-nova recently changed the default neutron auth setting
in I3416ae594e972e40ff0336779258a887987e46b1 to 'password'.
This single setting seems to break the tripleo upgrades job.
Setting it here manually for now and following up in puppet-nova.
Closes-bug: #1580076
Change-Id: I3f38a3e1ef3378a272a51ecbc1e8a801c8d3608a
|
|
This commit passes the necessary hieradata in order to create
the endpoints, users and roles of the services in keystone via
puppet.
Change-Id: I2470dfa4661be7ba8218f6035fffa05f547214f0
|
|
Horizon's backends (httpd) see IP address of the haproxy in the logs instead
of the client address.
This patch allows to:
- Install the remoteip httpd module [1].
- Use the X-Forwarded-For HTTP header and override the haproxy address.
- Configure the Horizon's logs with the client address via httpd logformat.
[1] https://httpd.apache.org/docs/2.4/mod/mod_remoteip.html
[2] https://httpd.apache.org/docs/2.4/mod/mod_log_config.html#logformat
Change-Id: Ib2f215913065426848b48f6293f33a75aff3d328
Depends-On: I54f0f5549d64768dacca71539c71a28cc99d9d95
|
|
* Deploy Gnocchi API.
* Storage backends: swift, rbd and file.
* Indexer backend default to mysql
* Configure Ceilometer to send metrics datas to Gnocchi
* Pacemaker config
Depends-On: Ic8778a3104e0ed0460423e4bf857682220dc5802
Depends-On: I7d2eb9405e0171fc54fa0b616122f69db5f51ce2
Co-Authored-By: Pradeep Kilambi <pkilambi@redhat.com>
Change-Id: Ifde17b1ab8fa2b30544633e455e1c7eb475705aa
|
|
This might prevent dropping members from corosync cluster on high load
environments. Symptoms of this problem happening can sometimes be found
in corosync log:
dub 05 17:23:45 overcloud-controller-0 corosync[14152]: [MAIN ] Corosync
main process was not scheduled for 3691.8391 ms (threshold is 1320.0000
ms). Consider token timeout increase.
The default in the Puppet manifest is 1 second, which matches the
corosync default, and we override it with hiera to 10 seconds.
Change-Id: I5ea850ada657e5eecafa3e8b28613a0ac48e78f3
|
|
Microversions since Nova API v2.1 are aimed to replace the v3 work. The
/v2.1 is backwards compatible with the legacy /v2 endpoint. What we
called in the past /v3 is now something defunct in-tree. The /v2.1 API
is based on the v3 work, but there are many things that differ, in
particular with the backwards-compat thing. We keep the /v2 path in
api-paste.ini for making sure an upgrade doesn't trample operators and
users but if you look in tree, that's redirecting to the v2.1
codepath (just not asking for microversions). In summary, we only need
one endpoint, ie. /v2.1.
Additional information at https://bugzilla.redhat.com/show_bug.cgi?id=1291291
Related-Bug: #1564372
Change-Id: I1654665663bc5a19c201f7d25407910654ac1308
Depends-On: I6d64b8bcd0f79f1f298ddc809e6d92fbc2985c45
|
|
|
|
The static setting for the glance/rbd user name was overriding
any customization provided via template param because it was
up in the hierarchy for the controller nodes.
More at: https://bugzilla.redhat.com/show_bug.cgi?id=1308889
Change-Id: I3d112de7eeffd524fb1308d5976a28f04aa5ff23
|
|
Ceilometer Alarm is deprecated in Liberty by Aodh.
This patch:
* manage Aodh Keystone resources
* deploy Aodh API under WSGI, Notifier, Listener and Evaluator
* manage new parameters to customize Aodh deployment
* uses ceilometer DB for the upgrade path
* pacemaker config
* Add migration logic to remove pcs resources
Depends-On: I5333faa72e52d2aa2a622ac2d4b60825aadc52b5
Depends-On: Ib6c9c4c35da3fb55e0ca8e2d5a58ebaf4204d792
Co-Authored-By: Emilien Macchi <emilien@redhat.com>
Change-Id: Ib47a22884afb032ebc1655e1a4a06bfe70249134
|
|
|
|
Currently the vnc server on the compute nodes binds on 0.0.0.0.
which only works with IPv4 addresses, it breaks connectivity with
IPv6 addressing.
This fixes https://bugzilla.redhat.com/show_bug.cgi?id=1300678.
Change-Id: Id642d224fb3c62f786453dc684634adca1c2c09d
Co-Authored-By: Giulio Fidente <gfidente@redhat.com>
|
|
This patch adds support for configuring Keystone domain for Heat
via heat-keystone-setup-domain script. It should be reverted
as soon as Keystone v3 is fully functional.
This patch won't be fully functional without either python-keystoneclient
fix [1] or workaround [2].
[1] https://bugs.launchpad.net/python-keystoneclient/+bug/1452298
[2] https://review.openstack.org/180563
Change-Id: Ie9cdd518b299c141f0fdbb3441a7761c27321a88
Co-Authored-By: Jiri Stransky <jistr@redhat.com>
Depends-On: Ic541f11978908f9344e5590f3961f0d31c04bb0c
|