summaryrefslogtreecommitdiffstats
path: root/puppet/manifests/overcloud_controller_pacemaker.pp
AgeCommit message (Collapse)AuthorFilesLines
2016-02-09puppet: run keystone in wsgiEmilien Macchi1-62/+57
For both HA & non-HA scenarios, switch puppet-keystone configuration to be run in a WSGI process instead of eventlet. WSGI is the way to go for scaling Keystone, moreover, eventlet won't be support in next OpenStack releases. Co-Authored-By: Dan Prince <dprince@redhat.com> Depends-On: I22a348c298ff44f616b2e898f4872eddea040239 Change-Id: I862b4a68f43347564ec3c0ddc4ec9e1d1c755cf2 Signed-off-by: Jason Guiditta <jguiditt@redhat.com>
2016-01-25Remove empty value for wsrep_notify_cmdJohn Trowbridge1-1/+0
This was being silently ignored by the mysql puppet module prior to this commit.[1] However, now that empty values are allowed, the overcloud deploy fails because the option --wsrep_notify_cmd requires an argument. This is not currently failing on master because we are pinned to an old puppet-mysql. We will need to remove that pin in order to get on a newer delorean repo though. Also, this is breaking stable/liberty HA job because we use the packaged OPM there. [1] https://github.com/puppetlabs/puppetlabs-mysql/commit/e30e0bc958761890ea4f06cdd3f1fc7242a00fe2 Change-Id: I9e07efe1650831e81e9a783428554578874aa765 Closes-Bug: 1537720
2016-01-22puppet: allow config of ad-hoc Neutron settingsDan Prince1-0/+1
Including ::neutron::config on the controller and compute roles will allow ad-hoc (non-puppet managed) settings to be made in all the various neutron config files using Hiera. Change-Id: Ifadc77cdcb60b7075d091d778cb92b0dd75bd949
2016-01-22puppet: allow config of ad-hoc Cinder settingsDan Prince1-0/+1
Including ::cinder::config on controller, and volume roles will allow ad-hoc (non-puppet managed) settings to be made in the cinder.conf using Hiera. Change-Id: I519aff02e3cfb7fbf57e89c7a139564df42f8967
2016-01-22puppet: allow config of ad-hoc Heat settingsDan Prince1-0/+1
Including ::heat::config on the controller roles will allow ad-hoc (non-puppet managed) settings to be made in the heat config file using Hiera. Change-Id: I80a39b798869ac330ea8a4d01699f5db47c93d47
2016-01-22puppet: allow config of ad-hoc Glance settingsDan Prince1-0/+1
Including ::glance::config on glance roles will allow ad-hoc (non-puppet managed) settings to be made in the glance config files using Hiera. Change-Id: I7c86ae0e8f1a0a2b46d526598964454cb80319a6
2016-01-22puppet: allow config of ad-hoc Ceph settingsDan Prince1-0/+3
Including ::ceph::conf on ceph roles will allow ad-hoc (non-puppet managed) settings to be made in the ceph.conf using Hiera. Change-Id: I656a0ecde465023d7afad9371aa3c5c270078a67
2016-01-14Enable keystone handling of X-Forwarded-Proto headerJuan Antonio Osorio Robles1-3/+2
If the X-Forwarded-Proto header is received by keystone, this option will make the service properly handle it. This is useful, for instance, if TLS is enabled for the admin endpoint. Change-Id: I31a1f51591e8423367e61eafc3af9b2d61278468
2016-01-12Merge "Sahara Integration"Jenkins1-0/+34
2016-01-08Sahara IntegrationEthan Gafford1-0/+34
Integration of OpenStack data processing service (sahara) with TripleO. - Deploys sahara in distributed mode (separate api and engine processes on each controller node) - Load balancing w/haproxy - RabbitMQ/MySQL supported per current TripleO standard - Minimal configurability at this time Change-Id: I77a6a69ed5691e3b1ba34e9ebb4d88c80019642c Partially-implements: blueprint sahara-integration Depends-On: I0f0a1dc2eaa57d8226bad8cfb250110296ab9614 Depends-On: Ib84cc59667616ec94e7edce2715cbd7dd944f4ae Depends-On: I9fe321fd4284f7bfd55bd2e69dcfe623ed6f8a2a
2016-01-08Switch for Keystone DB cron jobMartin Mágr1-1/+4
- Adds parameter to enable switching off token flush cron job. - Sets destination for deleted rows to /dev/null Change-Id: I9e8aed969e81595d8a1d0a5300da17da6ba15c03 Partial-bug: rhbz#1249106 Depends-On: I5e51562338f68b4ba1b2e942907e6f6a0ab7a61e
2016-01-07Merge "updating enable_ceph conditions for controller"Jenkins1-1/+1
2016-01-07Merge "Remove deleted Cinder rows"Jenkins1-5/+9
2016-01-07Merge "Add TimeZone parameter for all node types"Jenkins1-0/+2
2016-01-06Enable Dell Storage Center iscsi Backends in Cinderrajinir1-1/+22
Enables support for configuring Cinder with a Dell Storage Center iscsi storage backend. This change adds all relevant parameters for: - Dell Storage Center SC Series (iSCSI) Change-Id: I3b1a4346f494139ab123c7dc1a62f81d03c9e728
2016-01-06Merge "Enable Equallogic Backends in Cinder"Jenkins1-1/+22
2016-01-06Merge "Bump the pacemaker service op_params to 200s for start and stop"Jenkins1-8/+8
2016-01-06Remove deleted Cinder rowsMartin Mágr1-5/+9
Creates cron job running every 24 hours for "cinder-manage db purge" Partial-bug: rhbz#1249106 Change-Id: I9156e0bf1401eda49a7c9a2921dc3a8723af026d Depends-On: I677f2ef3d9ca81fff0f672c8e34b6e4278674a96
2016-01-06updating enable_ceph conditions for controllerDan Radez1-1/+1
- keeping enabled based on ceph node count being greater than 0 - adding enabled if ControllerEnableCephStorage is true Intention here is to be able to run ceph without having dedicated nodes for. Enabling Ceph alternativly from the ControllerEnableCeph parameter allows ceph to be colocated on the controllers without having to run any dedicated ceph nodes. Change-Id: I71062d37226c679156380c0f4e194b51cb586bcf Signed-off-by: Dan Radez <dradez@redhat.com>
2016-01-05Bump the pacemaker service op_params to 200s for start and stopmarios1-8/+8
Based on observed timeouts during updates bump the stop and start timeouts for pacemaker service resources (via op_params) to 200. This is based on the reasoning that the full timeout may be as long as two elapsed timeout intervals. After an initial timeout, the sigterm that follows is then allowed another DefaultTimeoutStopSec seconds. The 200s is produced by allowing this 2xDefaultTimeoutStopSec (@90s for systemd) and some scheduling delta. Many thanks to Michele Baldessari. Closes-Bug: 1531204 Change-Id: If6b43982c958f63bc78ad997400bf1279c23df7e
2016-01-05Add TimeZone parameter for all node typesNico Auv1-0/+2
Adds a TimeZone parameter for node types and the top level stack. Defaults to UTC. Change-Id: I98123d894ce429c34744233fe3e631cbdd7c12b5 Depends-On: Icf7c681f359e3e48b653ea4648db6a73b532d45e
2016-01-04Remove deleted Nova rowsMartin Mágr1-1/+6
Creates cron job running every twelve hours for "nova-manage db archive_deleted_rows" Partial-bug: rhbz#1249106 Depends-On: Ic674f4d39bc88f89abfeb0ce99a571c2534e57e4 Change-Id: I4740cc02aa9714f48798521fe9918ac3487db031
2015-12-21MidoNet heat templatesJaume Devesa1-3/+97
Deploy a TripleO overcloud with networking midonet. MidoNet is a monolithic plugin and quite changes on the puppet manifest must be done. Depends-On: I72f21036fda795b54312a7d39f04c30bbf16c41b Depends-On: I6f1ac659297b8cf6671e11ad23284f8f543568b0 Depends-On: Icea9bd96e4c80a26b9e813d383f84099c736d7bf Change-Id: I9692e2ef566ea37e0235a6059b1ae1ceeb9725ba
2015-12-17Merge "pacemaker: run neutron-server-start-wait-stop only at step 4"Jenkins1-9/+26
2015-12-15Wire Neutron ML2 plugin and OVS agent settings as arraysGiulio Fidente1-17/+10
Wires the following as arrays to the neutron module: - mechanism_drivers - flat_networks - tenant_network_types - tunnel_types - bridge_mappings Also updates the template version to use a Liberty feature which allows serialization of comma_delimited_list into JSON. Tidies up the manifests by removing the class declarations since config is passed by the puppet/controller+compute hiera mapped_data. Change-Id: Ie9f85fb827099f897ef750e267bc3ed3a864fe59 Co-Authored-By: Steven Hardy <shardy@redhat.com>
2015-12-10pacemaker: run neutron-server-start-wait-stop only at step 4Emilien Macchi1-9/+26
neutron-server-start-wait-stop is a dangerous Exec that is exposed to race conditions, because it does not have "onlyif" or "unless" statements. That means during a deployment, this exec can be run in the wrong order during Step 5 and/or 6, while it was supposed to be run at Step 4 only. If that happens, the exec will fail because puppet tries to start neutron-server while Pacemaker already started the resource. So in that case, systemd would returns 1 to Puppet which would return 6 to the overcloud deployment and the deployment would fail to finish correctly. This patch aims to prevent from this scenario by making sure we run the exec only during the step 4. Also, in order to secure it a bit more, we add 'unless' statement to this exec, so we would make sure the Puppet run would be idempotent and the Exec would run one successful time only. https://bugzilla.redhat.com/show_bug.cgi?id=1290582 Change-Id: I42813c5cff6c525c15c9c24baad4e355f88af672
2015-12-08Merge "Remove Ceilometer Alarm from the overcloud"Jenkins1-62/+0
2015-12-07Remove Ceilometer Alarm from the overcloudJohn Trowbridge1-62/+0
The Ceilometer alarm service is no longer available in Mitaka. It is replaced by Aodh. Aodh support is added in a follow-up to this patch. Partial-Bug: 1521922 Change-Id: I5babaab7029eaaccf3cc6f194b6c062fd62372cf Backport: none
2015-12-07Merge "Fix the wrong selinux context when glance uses nfs backend"Jenkins1-1/+2
2015-12-02Merge "Make enabling of controller services configurable."Jenkins1-127/+155
2015-11-26Merge "Make load balancer deployment optional via template param"Jenkins1-141/+149
2015-11-25Make enabling of controller services configurable.vinayrao1231-127/+155
Following parameters will be user configurable: 1. enable_dhcp_agent 2. enable_metadta_agent 3. enable_l3_agent 4. enable_ovs_agent This change was made as the Nuage plugin does not require these services to come up as a part of the installation. Now, a user can explicitly disable these services using a heat template. Change-Id: Ic132ecbb2e81a3746f304da1cecdc66d0342db72
2015-11-24Make load balancer deployment optional via template paramGiulio Fidente1-141/+149
Adds control over the load balancer deployment via template param. Change-Id: I5625083ff323a87712a5fd3f9a64dd66d2838468
2015-11-19Implement Advanced Firewalling supportEmilien Macchi1-0/+1
Consume puppet-tripleo to create/manage IPtables from Heat templates. This review put in place the logic to enable and setup firewall rules. A known set of rules are applied. More to come. Change-Id: Ib79c23fb27fe3fc03bf223e6922d896cb33dad22 Co-Authored-By: Yanis Guenane <yguenane@redhat.com> Depends-On: I144c60db2a568a94dce5b51257f1d10980173325
2015-11-17Merge "neutron: enable nova-event-callback by default"Jenkins1-0/+1
2015-11-17Merge "Pass ceph::pool arguments when calling class"Jenkins1-4/+2
2015-11-17neutron: enable nova-event-callback by defaultEmilien Macchi1-0/+1
* Add NovaApiVirtualIP string parameter. * Compute nova_url and nova_admin_auth_url parameters. * Configure in Hiera neutron::server::notifications::* parameters. * non-ha: include ::neutron::server::notifications * ha: include ::neutron::server::notifications and create orchestration * Set vif_plugging_is_fatal to True so we actually fail if Neutron is not able to create the VIF during Nova server creation workflow. Depends-On: I21dc10396e92906eab4651c318aa2ee62a8e03c7 Change-Id: I02e41f87404e0030d488476680af2f6d45af94ff
2015-11-16Merge "Bump further the stop/start timeout for pcmk/systemd services"Jenkins1-8/+8
2015-11-13Pass ceph::pool arguments when calling classGiulio Fidente1-4/+2
Pass the ceph::pool properties as arguments to the class call instead of setting them as class defaults. Ceph recommends max 32 PGs and min 4 PGs per OSD so this change also lowers the defaults to 32 which works with 1 OSD, suits well a scenario with 3 OSDs and is easy to customize in the static hiera if more than 8 OSDs are deployed. More info at: https://bugzilla.redhat.com/show_bug.cgi?id=1252546 Change-Id: Ifed11d1857900b2251dfdf69d6b6f168150e6330
2015-11-13Fix cinder error when CinderNfsMountOptions option is absentPierre Blanc1-1/+1
When I deploy director with NFS backend for cinder, sometimes I don't need nfs mount options. If I choose to omit this option, or if the option is defined to '', the deployment fails. This patch add just a default value for this option. Change-Id: Idf708aaecebd5c6db14f48ad2a53d6c2453be5ee Bugzilla: https://bugzilla.redhat.com/show_bug.cgi?id=1281870
2015-11-13Bump further the stop/start timeout for pcmk/systemd servicesGiulio Fidente1-8/+8
This bumps further up the stop/start timeout for the pcmk/systemd services so that it matches the 100s default set in future pcmk versions [1]. 1. https://github.com/ClusterLabs/pacemaker/commit/17d65e9f44061a4fa14a9cddd6edc403b2d6d2b3 Change-Id: I6fc18f1ad876c5a25723710a3b20d8ec9519dcba
2015-11-12Enable Equallogic Backends in Cinderrajinir1-1/+22
Enables support for configuring Cinder with a Dell Equallogic storage backend. This change adds all relevant parameters for: - Equallogic PS-Series (iSCSI) Change-Id: Ia0f71863cfb12f2cdda43dcf707a9a7145963001
2015-11-12Merge "Set default start/stop timeout for pcmk services to 95s"Jenkins1-8/+8
2015-11-11Merge "Allow customization of Ceph client user"Jenkins1-1/+1
2015-11-11Merge "Revert "Manage keystone initialization directly in t-h-t manifests""Jenkins1-21/+0
2015-11-10Merge "Allow customization of the Ceph pool names"Jenkins1-2/+2
2015-11-10Set default start/stop timeout for pcmk services to 95sGiulio Fidente1-8/+8
This change will increase the default start/stop timeout for all the non-ocf pcmk services to 95s to make sure it allows for at least 90s to the systemd script to complete the start/stop. More info at: https://bugzilla.redhat.com/show_bug.cgi?id=1275324 Change-Id: I04f691396a4118b456728a43d71d32ac9a556431
2015-11-09Fix the wrong selinux context when glance uses nfs backendPierre Blanc1-1/+2
We updated the pacemaker resource configuration of fs-varlibglanceimages-clone to mount nfs directory with a specified context. Details on : https://bugzilla.redhat.com/show_bug.cgi?id=1237150 Change-Id: Ia0dd471858f470ae3e82d25151ebe65b8cdbec4f
2015-11-05Allow customization of Ceph client userGiulio Fidente1-1/+1
Previously we enforced the Ceph user used by the OpenStack clients to be named 'openstack', this change allows for customization of such a name. Change-Id: Idef3e1ed4e8e21b645081869b8d6fad2329bdc60
2015-11-05Allow customization of the Ceph pool namesGiulio Fidente1-2/+2
This is useful in those scenarios were we want to use an external Ceph deployment with multiple overclouds. Change-Id: I1749d2a6547f6ce25843709e46a1447e8d42cfff