Age | Commit message (Collapse) | Author | Files | Lines |
|
This commit adds the epmd port 4369 to the firewall configuration for
the service rabbit. This is necessary for having HA setups working,
since without this port the rabbitmq cloned resource starts only on one
node and the others are not able to complete the rabbit cluster
creation.
Change-Id: Iae042dd60a578e158b75539dc3998fc40185b343
|
|
|
|
Note that this change is not enough yet to deploy bare metal instances,
it only deploys Ironic services themselves and makes sure they work.
Also it does not support HA for now.
Co-Authored-By: Dmitry Tantsur <dtansur@redhat.com>
Partially-implements: blueprint ironic-integration
Change-Id: I541be905022264e2d4828e7c46338f2e300df540
|
|
|
|
Currently aodh uses ceilometer backend, instead
change it to use its own mysql db.
Change-Id: Idaa879af4e6946e804111d581402e620beb89885
|
|
Both with and without SSL.
Change-Id: I3163cbac8cb37e03ae298fa02e85bdaa66157471
|
|
This is required to allow ha deployments with ManageFirewall: True
These are the ports documented in [1].
1: https://access.redhat.com/documentation/en-US/Red_Hat_Enterprise_Linux/6/html-single/Configuring_the_Red_Hat_High_Availability_Add-On_with_Pacemaker/index.html#s1-firewalls-HAAR
Change-Id: I446cc0ed863df15e28fa8ec1f5e2a06c5c03af8c
Closes-Bug: 1594470
|
|
This has been removed by the puppet-firewall module in favor of
explicit dport and sport params. I believe in every case we are
intending to set dport, so that's what this change does.
Change-Id: I35c9efca691f865f2e2562ee81a7195d48d27d7a
|
|
Implement NovaCompute service using nova-base for common parameters.
Depends-On: I57f729daf675674ce37b49e17652c575715fbe23
Implements: blueprint composable-services-within-roles
Change-Id: I4494a94a3813d255b9f2d5a18874efd6a63737df
|
|
Implement NovaConsoleauth service using nova-base for common
meters.
Depends-On: I955b4fc07dc07d8adc32411848e3e131d77a5123
Implements: blueprint composable-services-within-roles
Change-Id: I7248f9c0a7a575675a2c2551ca9f8f51290a6656
|
|
Implement NovaScheduler service using nova-base for common parameters.
Depends-On: I5e1c90e3c6dc556f872ced73744c5c74caaa3635
Change-Id: Ie50716a09c53d656835b16991128c94b35cf1ed2
Implements: blueprint composable-services-within-roles
|
|
|
|
Implement NovaConductor service using nova-base for common parameters.
* Move rabbitmq parameters from controller.yaml to nova-base service, as
an example. More parameters will move in the future.
* Move nova-conductor bits from monolithic manifests to the new service
using new profiles from puppet-tripleo.
Depends-On: Iaaf3a3c2528d9747e41f360a1fe55f95ed37b2d1
Implements: blueprint composable-services-within-roles
Change-Id: I178f092b74ae12f2cb6f006db7cb00e4d6bddfd8
|
|
Uses a shared cinder-base resource to do the database
and messaging configuration for all three services.
Depends-On: I3c6d5226eed5f0f852b0ad9476c7cd9a959fda69
Change-Id: I47c5fd190efca5f02e73fd22aba6cda573daf5cc
|
|
|
|
|
|
|
|
Nova is using http_proxy_to_wsgi middleware[1][2]. This parses the
headers provided by the proxy, and helps us properly use TLS for
keystone discovery. There was an option introduced in this middleware
to have it disabled by default, and this change enables it.
[1] Ia78f73e96585ab33a379a0b0be6d9682f7fbd810
[2] I808469f24066d382decf55b9dad5312d6e068da7
Change-Id: I3918f24c0c87cb626a28645b46e3df6360d5f924
|
|
Recently the 'host' parameter was added to the neutron manifest. So we
no longer need to manually add it to the configuration.
Change-Id: I6cb73c6d5da8b99680dec97e03ac4805451835fb
Depends-On: I81b86208826e99beccafd2871ce2afd45394e37f
|
|
Recently the 'host' parameter was added to the nova manifest. So we
no longer need to manually add it to the configuration.
Change-Id: I6f3dc50ea8737e5e7cd859685a9308edff976f31
Depends-On: Icce3ebc401442651942f8de3eabffadaad812377
|
|
|
|
Some puppet parameters were deprecated, some of them removed.
This patch reduce the number of warnings to a few, and the rest of
warnings are bugs that are in progress by Puppet OpenStack team.
This patch is mostly some cleanup so we don't have useless warnings in
Puppet catalog.
Changes:
* Update Ceilometer auth params
* Update Neutron auth params
* Update Heat auth params
* Update Swift hash suffix param
* Remove neutron::server::notifications::nova_url, useless.
Change-Id: Ie32681a1fe32735f70ba372630da09f91227298c
|
|
The default journal size is 5 gigs. This change stops us
overwriting it with 1 gig that is too small for production.
The config value is used by ceph only when it creates the
journal so this does not affect upgrades.
Change-Id: I4bfd2ab47e131d8fcdd5dc75a5a56cfae8b22d5a
|
|
In puppet-tripleo, we split loadbalancer.pp in 2 classes to be more
composable: haproxy & keepalived.
This patch is just updating all hiera parameters related to HAproxy &
keepalived.
Depends-On: I46ed8348dc990d9aa0d896e1abea3b30a8292634
Change-Id: Ibf56184cd10af1d0dcae773c02b0f31a6204badf
|
|
Cinder is using http_proxy_to_wsgi middleware. This parses the
headers provided by the proxy, and helps us properly use TLS for
keystone discovery. There was an option introduced in this middleware
to have it disabled by default, and this change enables it.
Change-Id: Ia33b3fa04d71eab10effd0b33eb2c194282cd15b
|
|
In Fedora/RHEL land we carry a patch that sets the loopback_users
config explicitely to []. Since this patch diverges from upstream
and sometimes gets dropped by mistake during rebases, let's set
this value explicitely in our config files, instead of relying
on a patch that is distro-specific.
The patch is here:
http://pkgs.fedoraproject.org/cgit/rpms/rabbitmq-server.git/tree/rabbitmq-server-0004-Allow-guest-login-from-non-loopback-connections.patch
Change-Id: If9ca05b38a8bd2a6834c08336a816bbd0ae1ea94
|
|
Nova EC2 does not exist anymore since Mitaka, parameters are already
deprecated in Mitaka and send warnings to the Puppet catalog.
The service has been replaced by ec2api project, where Puppet OpenStack
team is currently writting a module.
In the meantime we add support in TripleO, this patch removes all
occurences of Nova EC2 configuration, which are useless and send
warnings for nothing.
Change-Id: Ief2d0e5c77b5ac58560606fee930fbd66c40ffc3
|
|
Adds new puppet and puppet pacemaker specific services for
the Neutron DHCP agent.
Depends-On: Ibbfd79421f871e41f870745a593cca65e8c0e58a
Partially-implements: blueprint composable-services-within-roles
Change-Id: Ia61295943e67efe354a51a26fe4540f288ff6ede
|
|
Puppet-nova recently changed the default neutron auth setting
in I3416ae594e972e40ff0336779258a887987e46b1 to 'password'.
This single setting seems to break the tripleo upgrades job.
Setting it here manually for now and following up in puppet-nova.
Closes-bug: #1580076
Change-Id: I3f38a3e1ef3378a272a51ecbc1e8a801c8d3608a
|
|
This commit passes the necessary hieradata in order to create
the endpoints, users and roles of the services in keystone via
puppet.
Change-Id: I2470dfa4661be7ba8218f6035fffa05f547214f0
|
|
Horizon's backends (httpd) see IP address of the haproxy in the logs instead
of the client address.
This patch allows to:
- Install the remoteip httpd module [1].
- Use the X-Forwarded-For HTTP header and override the haproxy address.
- Configure the Horizon's logs with the client address via httpd logformat.
[1] https://httpd.apache.org/docs/2.4/mod/mod_remoteip.html
[2] https://httpd.apache.org/docs/2.4/mod/mod_log_config.html#logformat
Change-Id: Ib2f215913065426848b48f6293f33a75aff3d328
Depends-On: I54f0f5549d64768dacca71539c71a28cc99d9d95
|
|
* Deploy Gnocchi API.
* Storage backends: swift, rbd and file.
* Indexer backend default to mysql
* Configure Ceilometer to send metrics datas to Gnocchi
* Pacemaker config
Depends-On: Ic8778a3104e0ed0460423e4bf857682220dc5802
Depends-On: I7d2eb9405e0171fc54fa0b616122f69db5f51ce2
Co-Authored-By: Pradeep Kilambi <pkilambi@redhat.com>
Change-Id: Ifde17b1ab8fa2b30544633e455e1c7eb475705aa
|
|
This might prevent dropping members from corosync cluster on high load
environments. Symptoms of this problem happening can sometimes be found
in corosync log:
dub 05 17:23:45 overcloud-controller-0 corosync[14152]: [MAIN ] Corosync
main process was not scheduled for 3691.8391 ms (threshold is 1320.0000
ms). Consider token timeout increase.
The default in the Puppet manifest is 1 second, which matches the
corosync default, and we override it with hiera to 10 seconds.
Change-Id: I5ea850ada657e5eecafa3e8b28613a0ac48e78f3
|
|
Microversions since Nova API v2.1 are aimed to replace the v3 work. The
/v2.1 is backwards compatible with the legacy /v2 endpoint. What we
called in the past /v3 is now something defunct in-tree. The /v2.1 API
is based on the v3 work, but there are many things that differ, in
particular with the backwards-compat thing. We keep the /v2 path in
api-paste.ini for making sure an upgrade doesn't trample operators and
users but if you look in tree, that's redirecting to the v2.1
codepath (just not asking for microversions). In summary, we only need
one endpoint, ie. /v2.1.
Additional information at https://bugzilla.redhat.com/show_bug.cgi?id=1291291
Related-Bug: #1564372
Change-Id: I1654665663bc5a19c201f7d25407910654ac1308
Depends-On: I6d64b8bcd0f79f1f298ddc809e6d92fbc2985c45
|
|
|
|
The static setting for the glance/rbd user name was overriding
any customization provided via template param because it was
up in the hierarchy for the controller nodes.
More at: https://bugzilla.redhat.com/show_bug.cgi?id=1308889
Change-Id: I3d112de7eeffd524fb1308d5976a28f04aa5ff23
|
|
Ceilometer Alarm is deprecated in Liberty by Aodh.
This patch:
* manage Aodh Keystone resources
* deploy Aodh API under WSGI, Notifier, Listener and Evaluator
* manage new parameters to customize Aodh deployment
* uses ceilometer DB for the upgrade path
* pacemaker config
* Add migration logic to remove pcs resources
Depends-On: I5333faa72e52d2aa2a622ac2d4b60825aadc52b5
Depends-On: Ib6c9c4c35da3fb55e0ca8e2d5a58ebaf4204d792
Co-Authored-By: Emilien Macchi <emilien@redhat.com>
Change-Id: Ib47a22884afb032ebc1655e1a4a06bfe70249134
|
|
|
|
Currently the vnc server on the compute nodes binds on 0.0.0.0.
which only works with IPv4 addresses, it breaks connectivity with
IPv6 addressing.
This fixes https://bugzilla.redhat.com/show_bug.cgi?id=1300678.
Change-Id: Id642d224fb3c62f786453dc684634adca1c2c09d
Co-Authored-By: Giulio Fidente <gfidente@redhat.com>
|
|
This patch adds support for configuring Keystone domain for Heat
via heat-keystone-setup-domain script. It should be reverted
as soon as Keystone v3 is fully functional.
This patch won't be fully functional without either python-keystoneclient
fix [1] or workaround [2].
[1] https://bugs.launchpad.net/python-keystoneclient/+bug/1452298
[2] https://review.openstack.org/180563
Change-Id: Ie9cdd518b299c141f0fdbb3441a7761c27321a88
Co-Authored-By: Jiri Stransky <jistr@redhat.com>
Depends-On: Ic541f11978908f9344e5590f3961f0d31c04bb0c
|
|
|
|
It has been observed that on large clouds the netdev backlog
buffer might overflow. This change increases the default by ten
times.
The /proc/net/softnet_stat file contains a counter in the 2nd
column that is incremented when the netdev backlog queue overflows.
If this value is incrementing over time, then netdev_max_backlog
needs to be increased [1].
[1]. https://bugzilla.redhat.com/show_bug.cgi?id=1283676
Change-Id: Iec12324fd3a24e8b608b1e1849c270cc24cb0e60
|
|
This just a revert to see if reverting this gets back to a normal CI run time.
This reverts commit f72aed85594f223b6f888e6d0af3c880ea581a66.
Change-Id: I04a0893f6cf69f547a4db26261005e580e1fc90b
|
|
|
|
Ceilometer Alarm is deprecated in Liberty by Aodh.
This patch:
* manage Aodh Keystone resources
* deploy Aodh API under WSGI, Notifier, Listener and Evaluator
* manage new parameters to customize Aodh deployment
* uses ceilometer DB for the upgrade path
* pacemaker config
Depends-On: I9e34485285829884d9c954b804e3bdd5d6e31635
Depends-On: I891985da9248a88c6ce2df1dd186881f582605ee
Depends-On: Ied8ba5985f43a5c5b3be5b35a091aef6ed86572f
Co-Authored-By: Pradeep Kilambi <pkilambi@redhat.com>
Change-Id: I58d419173e80d2462accf7324c987c71420fd5f6
|
|
|
|
|
|
Currently since nova compute is not configured to
send notifications to ceilometer, tempest tests
fail on tempest.api.telemetry.test_telemetry_notification_api.
Change-Id: I763b7d246ae3f5955b6f555c8fd107d2cac89787
|
|
Configures all services to send notifications to rabbit. The puppet
modules are not consistent regarding how this is done - some expose
notification config as a top-level param, others you need to set it
through a *_config structure, and cinder provides a separate class
dedicated to enabling ceilometer notifications.
Change-Id: I23e2ddad3c59a06cfbfe5d896a16e6bad2abd943
|
|
It is currently possible to provide arbitrary config settings for
Cinder using the "cinder::config::cinder_config:" hiera key. To add
a backend though particular one has to edit the list of enabled
backends in Cinder too which isn't possible. This change will make
it possible using a user-customizable array of backends to be enabled.
Change-Id: Ic664c1c2b0f7b1b4b6be8b5064a38650694d4857
|