summaryrefslogtreecommitdiffstats
path: root/puppet/manifests/overcloud_compute.pp
AgeCommit message (Collapse)AuthorFilesLines
2015-11-19Implement Advanced Firewalling supportEmilien Macchi1-0/+1
Consume puppet-tripleo to create/manage IPtables from Heat templates. This review put in place the logic to enable and setup firewall rules. A known set of rules are applied. More to come. Change-Id: Ib79c23fb27fe3fc03bf223e6922d896cb33dad22 Co-Authored-By: Yanis Guenane <yguenane@redhat.com> Depends-On: I144c60db2a568a94dce5b51257f1d10980173325
2015-11-11Merge "Allow customization of Ceph client user"Jenkins1-1/+2
2015-11-05Allow customization of Ceph client userGiulio Fidente1-1/+2
Previously we enforced the Ceph user used by the OpenStack clients to be named 'openstack', this change allows for customization of such a name. Change-Id: Idef3e1ed4e8e21b645081869b8d6fad2329bdc60
2015-11-05Make puppet manifests compliant with Puppet 4.xGael Chamoulaud1-13/+13
- https://docs.puppetlabs.com/puppet/3.8/reference/deprecated_language.html - Temporary disablement of the pupppet-lint autoload layout check failing for ringbuilder.pp. A fix for that will be part of an other patch. Change-Id: I495825641ab12e7c5789c1405649c356c5bb8051 Signed-off-by: Gael Chamoulaud <gchamoul@redhat.com>
2015-10-12Puppet / Compute: allow to run Ephemeral only storage with RBDEmilien Macchi1-2/+3
This patch allows the case where we're not running Ceph to host Persistent storage (volumes) but just to host Ephemeral storage (VMs). Before we were only allowing Ephemeral storage on Ceph when also Persistent storage was using Ceph. Change-Id: I03b775326e4424de413452f4453d4d88de0083bc
2015-10-08Merge "puppet: allow to configure any ceilometer param with Hiera"Jenkins1-0/+1
2015-10-07Merge "Enable Cisco N1KV driver"Jenkins1-0/+8
2015-10-02puppet: allow to configure any ceilometer param with HieraEmilien Macchi1-0/+1
By including ::ceilometer::config on controller & compute, we allow anyone to trick ceilometer.conf with any parameter, using Hiera. Change-Id: Ie6698d5e6900ecaaf7f19ed79e9c44b39ced0559
2015-10-01Write package names out to flat filesDan Prince1-0/+1
This patch updates all of the overcloud manifests so that we write out flat files containing lists of the Puppet packages which were managed by each manifest. The flat files all get written to /var/lib/puppet-tripleo/installed-packages/ where they can be easily parsed by external tools. Example format from the flat files looks like (for the controller step 1): cat /var/lib/puppet-tripleo/installed-packages/overcloud_controller1 keepalived haproxy Depends-On: If3e03b1983fed47082fac8ce63f975557dbc503c Change-Id: Ia324a08711796aa664f9c0273a051f4f2e3e92c9
2015-09-30Enable Cisco N1KV driverShiva Prasad Rao1-0/+8
This enables support for the Cisco N1kv driver for the ML2 plugin. It also configures the Nexus 1000v switch. Co-Authored-By: Steven Hillman <sthillma@cisco.com> Depends-On: I02dda0685c7df9013693db5eeacb2f47745d05b5 Depends-On: I3f14cdce9b9bf278aa9b107b2d313e1e82a20709 Change-Id: Idf23ed11a53509c00aa5fea4c87a515f42ad744f
2015-07-24Merge "NFS backend for Cinder"Jenkins1-0/+11
2015-07-20Puppet: wire in tripleo::packagesDan Prince1-10/+1
This wires in use of a new puppet-tripleo class which encapsulates the logic to enable/disable package installation and upgrades. By using the new class we can remove the global Package provider declaration at the top of each module. Change-Id: I5c6e5fd8600031bd8fb6195649721607c560f9d5 Depends-on: Ie8fbc344149bc8c9977e127de77636903607617a
2015-07-17Ensure compute nodes use internalURL as catalog_infoGiulio Fidente1-0/+1
By default Nova will get the publicURL instead, which is not reachable by the compute nodes. Change-Id: I57b6a7a7eddb0ffaf6d2d152d932f390c48f908e
2015-07-07NFS backend for CinderJiri Stransky1-0/+11
Adds support for NFS backend for Cinder, but remains disabled by default. Change-Id: I9ebef072ed115efe980fa4904ea80f02384522af
2015-07-07Merge "Allow customization of included classes via hieradata"Jenkins1-0/+2
2015-07-06Allow customization of included classes via hieradataGiulio Fidente1-0/+2
Allows inclusion of additional arbitrary puppet classes by the manifests if defined in the *_classes hieradata. Example: to specify the Nova RAM allocation ratio there is a param in nova::scheduler::filter but we do not include it by default; if needed one can use: nova::scheduler::filter::ram_allocation_ratio: 1.8 controller_classes: - nova::scheduler::filter Change-Id: I61d64d2498bed5c49376dee917d106598392db51
2015-07-02Map NovaEnableRbdBackend to ephemeral_storage from nova::compute::rbdGiulio Fidente1-1/+1
This maps the template param to the actual class param which optionally configures Ceph as a backend for the ephemeral storage or for the persistent storage only. See I4ae0fd605c5a57aa23bea83b06530a50844d24a0 Change-Id: Ic7007da8317e98d450b1362864e65093a184cb25
2015-06-05Fix list of type_drivers for ML2 pluginGiulio Fidente1-1/+0
The list of drivers loaded by the ML2 plugin does not have to match the list of tenant_network_types, this will make ML2 load the flat, gre, vxlan and vlan drivers so that the provider networks can be of flat (default) and vlan type as well. Change-Id: I0b74f86acf5c1ff644deb46c0a1d14129c1882d4
2015-05-20Move sysctl settings into hieradataGiulio Fidente1-0/+2
This will configure the sysctl settings via puppet instead of sysctl image element. Change-Id: Ieb129d4cbe4b6d4184172631499ecd638073564f
2015-04-09Pass in libvirt_rbd_secret_key for nova computeJiri Stransky1-1/+5
Passing the key explicitly into nova::compute::rbd means that Puppet will not attempt to fetch the key using `ceph auth get-key <keyring>`, having these effects: * One reason for compute node to have access to the client.admin key is gone (in current implementation it does have access to the key, but this change is a step towards removing it). * Ceph cluster doesn't have to be running at the time when Puppet runs on compute node, meaning we don't have to serialize things more than we do now. Also adding the ComputeCephDeployment as a dependency of ComputePostDeployment, otherwise the hiera file it creates might be created *after* Puppet configuration happens on compute nodes, and the values it provides would be missing during the Puppet run on the compute nodes. Change-Id: Id3166e6d5f01d18ec8a5033398bb511f4321a5e8 Depends-On: I70da06159c0d3c6fa204b5f7a468909ffab4d633 Partial-Bug: #1439949
2015-04-02Merge "Restructure Ceph/Puppet params to reflect changes in puppet-ceph"Jenkins1-6/+0
2015-03-27Restructure Ceph/Puppet params to reflect changes in puppet-cephGiulio Fidente1-6/+0
A change [1] in puppet-ceph offers more flexibility but breaks backwards so we had to update our composition layer as well; we gain control of the cephx keyring in the template though. 1. Ie6adbd601388ab52c37037004bd0ceef9fc41942 Change-Id: Ia8196849afce2969daa608828cec81ebe3ac96e1
2015-03-26puppet+devtest: make compute nodes reachableJiri Stransky1-0/+7
Compute nodes run libvirt, which automatically creates a default network which has the same address space (192.168.122.*) as the libvirt default network on the host machine where devtest is running. This overlap causes that when a compute node wants to send a packet to the host machine (192.168.122.1) it gets incorrectly routed through the compute node's own virbr0 instead of br-ex. The current solution does not seem to be enough because libvirt gets started and creates the default network before Puppet is triggered on compute nodes. Making sure the libvirt default network is destroyed on the compute node fixes the issue. We don't have any puppet modules in OPM that would deal with libvirt networks and it's probably not worth exploring and adding one because of this small issue (i don't expect another use case of managing libvirt networks directly), so i'm using an exec with proper idempotency check. Change-Id: Icde12aa204ed1f7fa35b0525875ce07db34dc42c Closes-Bug: #1436822
2015-03-19Merge "puppet: tidy up the Nova ceilo auth configs"Jenkins1-4/+1
2015-03-19Merge "puppet: tidy up the Nova glance API server config"Jenkins1-4/+1
2015-03-19Merge "puppet: tidy up the compute nova neutron config"Jenkins1-6/+1
2015-03-18Add support for Ceph as a Cinder and Nova backendYanis Guenane1-0/+12
This commit aims to add support for Ceph as a cinder and a nova backend. * Allows creation of Ceph pools from heat (Default: volumes, vms) * Creates the proper ceph user and inject the keys * Applies the proper configuration in cinder.conf and nova.conf * Enable the backend out of the box Co-Authored-By: Giulio Fidente <gfidente@redhat.com> Change-Id: Ic17d7a665de81a8bab5e34035abe90eda4bc889f
2015-03-12puppet: tidy up the Nova ceilo auth configsDan Prince1-4/+1
Updates the puppet configuration for the Ceilometer auth agent so that we do the join conversions in the Heat templates and use only hiera for configuration of the ::ceilometer::agent::auth class. Change-Id: I932afafe21b2485a0581ac3910ac9d46161eee0d
2015-03-12puppet: tidy up the Nova glance API server configDan Prince1-4/+1
Updates the puppet configuration for the Nova glance configs so that we do the join conversions in the Heat templates and use only hiera for configuration of the ::nova class. Change-Id: Id12fb05470470558f1dccd45150bfce00a554466
2015-03-12puppet: tidy up the compute nova neutron configDan Prince1-6/+1
Updates the puppet configuration for the Nova neutron configs so that we do the join conversions in the Heat templates and use only hiera for configuration of the ::nova::network::neutron class. This updates the compute configuration to match what we now do on the controller as well. Change-Id: I2b352551777f64e0ceb119f48cc3b3ab1779f4d5
2015-02-12Move all puppet templates into puppet directory.Dan Prince1-0/+83
This cleans up the top level tree by moving all the puppet related bits into the puppet directory. The only exception is overcloud-resource-registry-puppet.yaml which is the puppet environment file and is used externally. Change-Id: Idb65a7143b0f29e5579d4e9d1642e4cda6f65d50