Age | Commit message (Collapse) | Author | Files | Lines |
|
Consume puppet-tripleo to create/manage IPtables from Heat templates.
This review put in place the logic to enable and setup firewall rules.
A known set of rules are applied. More to come.
Change-Id: Ib79c23fb27fe3fc03bf223e6922d896cb33dad22
Co-Authored-By: Yanis Guenane <yguenane@redhat.com>
Depends-On: I144c60db2a568a94dce5b51257f1d10980173325
|
|
|
|
Previously we enforced the Ceph user used by the OpenStack clients
to be named 'openstack', this change allows for customization
of such a name.
Change-Id: Idef3e1ed4e8e21b645081869b8d6fad2329bdc60
|
|
- https://docs.puppetlabs.com/puppet/3.8/reference/deprecated_language.html
- Temporary disablement of the pupppet-lint autoload layout check
failing for ringbuilder.pp. A fix for that will be part of an other patch.
Change-Id: I495825641ab12e7c5789c1405649c356c5bb8051
Signed-off-by: Gael Chamoulaud <gchamoul@redhat.com>
|
|
This patch allows the case where we're not running Ceph to host Persistent
storage (volumes) but just to host Ephemeral storage (VMs).
Before we were only allowing Ephemeral storage on Ceph when also
Persistent storage was using Ceph.
Change-Id: I03b775326e4424de413452f4453d4d88de0083bc
|
|
|
|
|
|
By including ::ceilometer::config on controller & compute, we allow
anyone to trick ceilometer.conf with any parameter, using Hiera.
Change-Id: Ie6698d5e6900ecaaf7f19ed79e9c44b39ced0559
|
|
This patch updates all of the overcloud manifests so that
we write out flat files containing lists of the Puppet
packages which were managed by each manifest.
The flat files all get written to
/var/lib/puppet-tripleo/installed-packages/ where they can
be easily parsed by external tools. Example format from
the flat files looks like (for the controller step 1):
cat /var/lib/puppet-tripleo/installed-packages/overcloud_controller1
keepalived
haproxy
Depends-On: If3e03b1983fed47082fac8ce63f975557dbc503c
Change-Id: Ia324a08711796aa664f9c0273a051f4f2e3e92c9
|
|
This enables support for the Cisco N1kv driver for the ML2 plugin.
It also configures the Nexus 1000v switch.
Co-Authored-By: Steven Hillman <sthillma@cisco.com>
Depends-On: I02dda0685c7df9013693db5eeacb2f47745d05b5
Depends-On: I3f14cdce9b9bf278aa9b107b2d313e1e82a20709
Change-Id: Idf23ed11a53509c00aa5fea4c87a515f42ad744f
|
|
|
|
This wires in use of a new puppet-tripleo class which
encapsulates the logic to enable/disable package
installation and upgrades.
By using the new class we can remove the global
Package provider declaration at the top of each
module.
Change-Id: I5c6e5fd8600031bd8fb6195649721607c560f9d5
Depends-on: Ie8fbc344149bc8c9977e127de77636903607617a
|
|
By default Nova will get the publicURL instead, which is not
reachable by the compute nodes.
Change-Id: I57b6a7a7eddb0ffaf6d2d152d932f390c48f908e
|
|
Adds support for NFS backend for Cinder, but remains disabled by
default.
Change-Id: I9ebef072ed115efe980fa4904ea80f02384522af
|
|
|
|
Allows inclusion of additional arbitrary puppet classes by the
manifests if defined in the *_classes hieradata.
Example: to specify the Nova RAM allocation ratio there is a
param in nova::scheduler::filter but we do not include it
by default; if needed one can use:
nova::scheduler::filter::ram_allocation_ratio: 1.8
controller_classes:
- nova::scheduler::filter
Change-Id: I61d64d2498bed5c49376dee917d106598392db51
|
|
This maps the template param to the actual class param which optionally
configures Ceph as a backend for the ephemeral storage or for the
persistent storage only. See I4ae0fd605c5a57aa23bea83b06530a50844d24a0
Change-Id: Ic7007da8317e98d450b1362864e65093a184cb25
|
|
The list of drivers loaded by the ML2 plugin does not have to
match the list of tenant_network_types, this will make ML2 load
the flat, gre, vxlan and vlan drivers so that the provider
networks can be of flat (default) and vlan type as well.
Change-Id: I0b74f86acf5c1ff644deb46c0a1d14129c1882d4
|
|
This will configure the sysctl settings via puppet instead of
sysctl image element.
Change-Id: Ieb129d4cbe4b6d4184172631499ecd638073564f
|
|
Passing the key explicitly into nova::compute::rbd means that Puppet
will not attempt to fetch the key using `ceph auth get-key <keyring>`,
having these effects:
* One reason for compute node to have access to the client.admin key is
gone (in current implementation it does have access to the key, but
this change is a step towards removing it).
* Ceph cluster doesn't have to be running at the time when Puppet runs
on compute node, meaning we don't have to serialize things more than
we do now.
Also adding the ComputeCephDeployment as a dependency of
ComputePostDeployment, otherwise the hiera file it creates might be
created *after* Puppet configuration happens on compute nodes, and the
values it provides would be missing during the Puppet run on the compute
nodes.
Change-Id: Id3166e6d5f01d18ec8a5033398bb511f4321a5e8
Depends-On: I70da06159c0d3c6fa204b5f7a468909ffab4d633
Partial-Bug: #1439949
|
|
|
|
A change [1] in puppet-ceph offers more flexibility but breaks
backwards so we had to update our composition layer as well; we gain
control of the cephx keyring in the template though.
1. Ie6adbd601388ab52c37037004bd0ceef9fc41942
Change-Id: Ia8196849afce2969daa608828cec81ebe3ac96e1
|
|
Compute nodes run libvirt, which automatically creates a default network
which has the same address space (192.168.122.*) as the libvirt default
network on the host machine where devtest is running. This overlap
causes that when a compute node wants to send a packet to the host
machine (192.168.122.1) it gets incorrectly routed through the compute
node's own virbr0 instead of br-ex. The current solution does not seem
to be enough because libvirt gets started and creates the default
network before Puppet is triggered on compute nodes. Making sure the
libvirt default network is destroyed on the compute node fixes the
issue.
We don't have any puppet modules in OPM that would deal with libvirt
networks and it's probably not worth exploring and adding one because of
this small issue (i don't expect another use case of managing libvirt
networks directly), so i'm using an exec with proper idempotency
check.
Change-Id: Icde12aa204ed1f7fa35b0525875ce07db34dc42c
Closes-Bug: #1436822
|
|
|
|
|
|
|
|
This commit aims to add support for Ceph as a cinder and a nova backend.
* Allows creation of Ceph pools from heat (Default: volumes, vms)
* Creates the proper ceph user and inject the keys
* Applies the proper configuration in cinder.conf and nova.conf
* Enable the backend out of the box
Co-Authored-By: Giulio Fidente <gfidente@redhat.com>
Change-Id: Ic17d7a665de81a8bab5e34035abe90eda4bc889f
|
|
Updates the puppet configuration for the Ceilometer auth agent
so that we do the join conversions in the Heat templates and
use only hiera for configuration of the ::ceilometer::agent::auth
class.
Change-Id: I932afafe21b2485a0581ac3910ac9d46161eee0d
|
|
Updates the puppet configuration for the Nova glance configs
so that we do the join conversions in the Heat templates and
use only hiera for configuration of the ::nova class.
Change-Id: Id12fb05470470558f1dccd45150bfce00a554466
|
|
Updates the puppet configuration for the Nova neutron configs
so that we do the join conversions in the Heat templates and
use only hiera for configuration of the ::nova::network::neutron
class. This updates the compute configuration to match what
we now do on the controller as well.
Change-Id: I2b352551777f64e0ceb119f48cc3b3ab1779f4d5
|
|
This cleans up the top level tree by moving all the puppet
related bits into the puppet directory. The only exception
is overcloud-resource-registry-puppet.yaml which is
the puppet environment file and is used externally.
Change-Id: Idb65a7143b0f29e5579d4e9d1642e4cda6f65d50
|