aboutsummaryrefslogtreecommitdiffstats
path: root/puppet/manifests/overcloud_cephstorage.pp
AgeCommit message (Collapse)AuthorFilesLines
2016-08-17Add tripleo-firewall composable serviceDan Prince1-2/+0
This creates a new service to help manage the puppet-tripleo class that enables firewall features. Currently has no settings but this will keep our interfaces consistent. Change-Id: I5ac85fa1e460b19ee2b1a9280413aebefe300845
2016-08-17Add tripleo-packages composable serviceDan Prince1-1/+0
This creates a new service to help manage the puppet-tripleo class that enables and disables package installation features. NOTE: we can't move the upgrade setting into the new composable service yet due to coupling with the UpgradeDeployment resources. Change-Id: If35cf6a6f023e12ae8ebbc2d9929d244eb3ffa3a
2016-08-08Remove static hieradataEmilien Macchi1-1/+1
Static hieradata moved to composable services, we don't need the files anymore. It also cleanup how we construct Hieradata configuration by removing unused hiera files. Change-Id: I19f85b6c1b734473cf908ddaca29ad966f9f5405
2016-07-05Add kernel serviceEmilien Macchi1-8/+0
Add a new service that will load and configure kernel modules. Depends-On: If4f1047ff8c193a14b821d8b826f637872cf62bd Change-Id: I8f771712595d0f4826858b855985f65d3621c3f1
2016-07-04Switch Ceph Monitor/OSD/Client/External to composable rolesGiulio Fidente1-27/+1
Change-Id: I1921115cb6218c7554348636c404245c79937673 Depends-On: I7ac096feb9f5655003becd79d2eea355a047c90b Depends-On: I871ef420700e6d0ee5c1e444e019d58b3a9a45a6
2016-06-30Composable Timezone service - CephStorageCarlos Camacho1-2/+0
Add timezone as a composable service Change-Id: I1569b2ebdca8e67c0e92a5c0e3fadd12006cc02a Partially-implements: blueprint composable-services-within-roles
2016-06-29Configure BlockStorage services via resource chainsGiulio Fidente1-1/+3
Wires the steps into the BlockStorage role and ensures the installed-packages list is written on a per-step basis on all roles, as it happens on the controllers already. Change-Id: Iaec8ad3b2afbef6d586b7b46abaa1434cdb62f41
2016-06-21Composable roles within services - NTP - CephStorageCarlos Camacho1-4/+1
Add NTP as a composable service for CephStorage. Partially-implements: blueprint composable-services-within-roles Change-Id: Iee89b261b3c45f596ad84549e25d47b8ca1cfbdb
2016-05-26Configure CephStorage services via resource chainsGiulio Fidente1-31/+36
Also wires in the steps into the CephStorage role. Change-Id: Ib472f1279478ad7792349cc32bb3c5f510ba69fe
2016-03-10Support the deployment of Ceph over IPv6Giulio Fidente1-0/+8
To deploy Ceph on IPv6, we need to enable ms_bind_ipv6 in addition to passing the list of MON IPs in brackets. Change-Id: I3644b8fc06458e68574afa5573f07442f0a09190
2016-02-09Increase size of connection tracking tableJames Slagle1-0/+2
During high load, the default limit of the kernel connection tracking table (65536) is often too low, resuling in error messages such as: kernel: nf_conntrack: table full, dropping packet This patch increases the limit to 500,000. Since the nf_conntrack kernel module is not always loaded by default, it also adds a mechanism to load kernel modules via hieradata using the kmod puppet module. In order to express the needed dependency in puppet that kernel modules are loaded before sysctl settings are applied, the Exec resources tagged with 'kmod::load' are specified in a resource collector to express that that Exec resources with the tag should run before Sysctl resources. Depends-On: I59cc2280ebae315af38fb5008e6ee0073195ae51 Change-Id: Iffa0a77852729786b69945c1e72bc90ad57ce3bb
2016-01-22puppet: allow config of ad-hoc Ceph settingsDan Prince1-0/+1
Including ::ceph::conf on ceph roles will allow ad-hoc (non-puppet managed) settings to be made in the ceph.conf using Hiera. Change-Id: I656a0ecde465023d7afad9371aa3c5c270078a67
2016-01-05Add TimeZone parameter for all node typesNico Auv1-0/+2
Adds a TimeZone parameter for node types and the top level stack. Defaults to UTC. Change-Id: I98123d894ce429c34744233fe3e631cbdd7c12b5 Depends-On: Icf7c681f359e3e48b653ea4648db6a73b532d45e
2015-11-19Implement Advanced Firewalling supportEmilien Macchi1-0/+1
Consume puppet-tripleo to create/manage IPtables from Heat templates. This review put in place the logic to enable and setup firewall rules. A known set of rules are applied. More to come. Change-Id: Ib79c23fb27fe3fc03bf223e6922d896cb33dad22 Co-Authored-By: Yanis Guenane <yguenane@redhat.com> Depends-On: I144c60db2a568a94dce5b51257f1d10980173325
2015-11-05Make puppet manifests compliant with Puppet 4.xGael Chamoulaud1-4/+4
- https://docs.puppetlabs.com/puppet/3.8/reference/deprecated_language.html - Temporary disablement of the pupppet-lint autoload layout check failing for ringbuilder.pp. A fix for that will be part of an other patch. Change-Id: I495825641ab12e7c5789c1405649c356c5bb8051 Signed-off-by: Gael Chamoulaud <gchamoul@redhat.com>
2015-10-01Write package names out to flat filesDan Prince1-0/+1
This patch updates all of the overcloud manifests so that we write out flat files containing lists of the Puppet packages which were managed by each manifest. The flat files all get written to /var/lib/puppet-tripleo/installed-packages/ where they can be easily parsed by external tools. Example format from the flat files looks like (for the controller step 1): cat /var/lib/puppet-tripleo/installed-packages/overcloud_controller1 keepalived haproxy Depends-On: If3e03b1983fed47082fac8ce63f975557dbc503c Change-Id: Ia324a08711796aa664f9c0273a051f4f2e3e92c9
2015-07-24Merge "Ensure SELinux is permissive on Ceph OSDs"Jenkins1-1/+15
2015-07-20Puppet: wire in tripleo::packagesDan Prince1-10/+1
This wires in use of a new puppet-tripleo class which encapsulates the logic to enable/disable package installation and upgrades. By using the new class we can remove the global Package provider declaration at the top of each module. Change-Id: I5c6e5fd8600031bd8fb6195649721607c560f9d5 Depends-on: Ie8fbc344149bc8c9977e127de77636903607617a
2015-07-13Ensure SELinux is permissive on Ceph OSDsJiri Stransky1-0/+14
Currently we build the overcloud image with selinux-permissive element in CI. However, even in environments where selinux-permissive element is not used, it should be ensured that SELinux is set to permissive mode on nodes with Ceph OSD [1]. We have no nice way to manage SELinux status via Puppet at the moment, so i'm resorting to execs, but with proper "onlyif" guards. [1] https://bugzilla.redhat.com/show_bug.cgi?id=1241422 Change-Id: I31bd685ad4800261fd317eef759bcfd285f2ba80
2015-07-06Allow customization of included classes via hieradataGiulio Fidente1-1/+3
Allows inclusion of additional arbitrary puppet classes by the manifests if defined in the *_classes hieradata. Example: to specify the Nova RAM allocation ratio there is a param in nova::scheduler::filter but we do not include it by default; if needed one can use: nova::scheduler::filter::ram_allocation_ratio: 1.8 controller_classes: - nova::scheduler::filter Change-Id: I61d64d2498bed5c49376dee917d106598392db51
2015-05-20Move sysctl settings into hieradataGiulio Fidente1-0/+2
This will configure the sysctl settings via puppet instead of sysctl image element. Change-Id: Ieb129d4cbe4b6d4184172631499ecd638073564f
2015-03-27Restructure Ceph/Puppet params to reflect changes in puppet-cephGiulio Fidente1-3/+0
A change [1] in puppet-ceph offers more flexibility but breaks backwards so we had to update our composition layer as well; we gain control of the cephx keyring in the template though. 1. Ie6adbd601388ab52c37037004bd0ceef9fc41942 Change-Id: Ia8196849afce2969daa608828cec81ebe3ac96e1
2015-03-05Puppet: First support CephEmilien Macchi1-0/+35
This is a first implementation of Ceph support in TripleO with Puppet: * Install ceph-mon on controller node * Install ceph-osd on cephstorage node Co-Authored-By: Giulio Fidente <gfidente@redhat.com> Change-Id: I48488cbe950047fae5e746e458106d6edb9a6183