| Age | Commit message (Collapse) | Author | Files | Lines |
|---|
|
This might prevent dropping members from corosync cluster on high load
environments. Symptoms of this problem happening can sometimes be found
in corosync log:
dub 05 17:23:45 overcloud-controller-0 corosync[14152]: [MAIN ] Corosync
main process was not scheduled for 3691.8391 ms (threshold is 1320.0000
ms). Consider token timeout increase.
The default in the Puppet manifest is 1 second, which matches the
corosync default, and we override it with hiera to 10 seconds.
Change-Id: I5ea850ada657e5eecafa3e8b28613a0ac48e78f3
|
|
The generated galera config has to include additional settings for
galera to be active on MariaDB 10.1.
wsrep_on must be explicitely set to ON. On MariaDB 5.5, this was
implicitely set as soon as wsrep_provider was specified.
a valid wsrep_cluster_address must be configured in addition to
wsrep_on, otherwise recovery command mysqld_safe --wsrep-recover
cannot retrieve replication state, and cluster cannot be bootstrapped.
These explicit settings are backward compatible with MariaDB 5.5 since
the two variables exist in both versions of MariaDB.
Change-Id: I4ab4f4eeb8679899f194399ba8695155e9a2f4a5
Closes-Bug: 1563751
|
|
|
|
Some options in neutron.conf are used bu OVS agent, like logging &
messaging.
During the upgrade process, you need to restart the agent if these
options change.
We could patch puppet-neutron to add a notify, but the community won't
like it because Neutron OVS agent is not able to restart gracefully
until [1] got merged. Until that, we can fix it in TripleO, where we
suppose Puppet runs happenning during bootstraps and upgrades.
Later, we'll drop this code from here and move it in puppet-neutron.
[1] https://review.openstack.org/#/c/297211
Change-Id: I02b17b66e93331ddfb1a7abd8adff672bc7a32d6
Closes-Bug: #1563437
|
|
|
|
|
|
We need to reload/restart services on updates/upgrades to apply any
config changes, but restarting services managed from Pacemaker from
Puppet causes problems.
For now we no-op the restart and rely on the catch-all restart after
Puppet phase.
In the future we should have a service provider for pacemaker resources
that will be using pcs. We still might have to restart services outside
Puppet due to cluster-wide orchestration issues, but we might be able to
do the restarts selectively rather than restart everything.
We also no-op the start/stop commands to be safe, as it also doesn't
make sense for Puppet to try start and stop those services when it
doesn't have knowledge about Pacemaker.
Change-Id: I95e21e10471cd7575f28c095c48150325f1414b3
Closes-Bug: #1562922
|
|
This patch wires in ringbuilder.pp so that it is always
asserted like the other manifests and it fixes the misaligned
step sequencing in calling our overcloud controller manifests.
Previously it was called as a separate software deployment outside of
the hiera step sequence. This made things confusing in
controller-post.yaml since the deployment names didn't align
with the step hiera variables after step 3. Now that we call it
just like the other modules it should make gradually moving this
code to puppet-tripleo more straightforward as well.
Change-Id: Ibd4f51f65da475bb20a6b08d7bda673f330a5464
|
|
|
|
|
|
|
|
* Add MemcachedIPv6 parameter
* If MemcachedIPv6 is set at True, configure Horizon with Memcached IPv6
addresses.
This patch is required to make Horizon working when running IPv6
networks.
Change-Id: I752e727bfb9040b29f5d755f565fa6b54b9511c8
|
|
Full context is described here:
https://review.openstack.org/#/c/270110/
The patch that was supposed to fix [1] was not fixing non-ha scenario.
[1] https://launchpad.net/bugs/1536103
This patch aims to fix it.
Change-Id: Iaf4608de1894ce03f35925939e83230abb9f5207
Closes-Bug: #1560063
|
|
The user is created by installation of of the pacemaker package, so it's
not required to add it to the resource catalog.
This paves the way to merge the refeactoring of the puppet-pacemaker
module[1]. It brings a lot of changes, one of them is an idempotent
handling of the hacluster user's password. Removing it here prevents
duplicate resource error durring puppet run.
[1] https://review.openstack.org/#/c/294182/
Change-Id: I56849d9fc00bd3ce342d5c440cfe7c5b6d26b5bf
|
|
Ceilometer Alarm is deprecated in Liberty by Aodh.
This patch:
* manage Aodh Keystone resources
* deploy Aodh API under WSGI, Notifier, Listener and Evaluator
* manage new parameters to customize Aodh deployment
* uses ceilometer DB for the upgrade path
* pacemaker config
* Add migration logic to remove pcs resources
Depends-On: I5333faa72e52d2aa2a622ac2d4b60825aadc52b5
Depends-On: Ib6c9c4c35da3fb55e0ca8e2d5a58ebaf4204d792
Co-Authored-By: Emilien Macchi <emilien@redhat.com>
Change-Id: Ib47a22884afb032ebc1655e1a4a06bfe70249134
|
|
Enable PLUMgrid neutron liberty plugin in a TripleO overcloud environment.
Change-Id: I07025f67ec3f3399aac4dcd10cc37e857772548b
Signed-off-by: Qasim Sarfraz <qasims@plumgrid.com>
|
|
|
|
|
|
|
|
In a previous patch [1], we added support for VIR_MIGRATE_TUNNELLED when
doing VM shared storage.
In Nova Mitaka [2] [3], we have now a parameter called
'live_migration_tunnelled' to whether or not use tunnelled migration.
It replaces 'block_migration_flag' and 'live_migration_flag' that are
both deprecated.
[1] https://review.openstack.org/#/c/286584/
[2] https://review.openstack.org/#/c/263436/
[3] https://review.openstack.org/#/c/263434/
Change-Id: I8b199b6e72c80b2df7b679e0a20e39f8400d0478
|
|
|
|
|
|
This patch makes sure:
* When doing shared storage
Nova is configured with block_migration_flag and live_migration_flag = '(...),VIR_MIGRATE_TUNNELLED'
flag for security improvements.
* When not doing shared storage
Nova is not configured with VIR_MIGRATE_TUNNELLED flag because it's not
supported by Qemu yet. We need to make sure the value is unset otherwise
live migration will fail when not running shared storage for VMs.
Note: this patch will be backport to stable branches. In a further
iteration, we'll probably use live_migration_tunnelled new Nova
parameter which is a simplier way to manage this feature.
Co-Authored-By: Kashyap Chamarthy <kchamart@redhat.com>
Change-Id: I557c1624ee944a32b1831d504f7b189308cd1961
|
|
To deploy Ceph on IPv6, we need to enable ms_bind_ipv6 in addition
to passing the list of MON IPs in brackets.
Change-Id: I3644b8fc06458e68574afa5573f07442f0a09190
|
|
Currently the vnc server on the compute nodes binds on 0.0.0.0.
which only works with IPv4 addresses, it breaks connectivity with
IPv6 addressing.
This fixes https://bugzilla.redhat.com/show_bug.cgi?id=1300678.
Change-Id: Id642d224fb3c62f786453dc684634adca1c2c09d
Co-Authored-By: Giulio Fidente <gfidente@redhat.com>
|
|
Change-Id: I9ed917f32b3de95beb234ade4819a8b96affe3e9
|
|
This patch adds support for configuring Keystone domain for Heat
via heat-keystone-setup-domain script. It should be reverted
as soon as Keystone v3 is fully functional.
This patch won't be fully functional without either python-keystoneclient
fix [1] or workaround [2].
[1] https://bugs.launchpad.net/python-keystoneclient/+bug/1452298
[2] https://review.openstack.org/180563
Change-Id: Ie9cdd518b299c141f0fdbb3441a7761c27321a88
Co-Authored-By: Jiri Stransky <jistr@redhat.com>
Depends-On: Ic541f11978908f9344e5590f3961f0d31c04bb0c
|
|
|
|
|
|
Adds Rabbit environment variable required for IPv6 only support
Change-Id: Iec209ca83a5b0708ac828c4afaf9d2222e597f24
|
|
|
|
|
|
Multiple files in t-h-t were having small typos.
Fixed in this patchset.
.
Change-Id: I82d7071747f47544990ed46e2be22931190406b3
|
|
|
|
|
|
In order for instance HA to function safely, nova-compute needs access
to the name by which nova knows the current compute node.
Since the names of the nova-compute and neutron ml2 agents must be the
same for vif binding to work, it also sets the host value in
neutron.conf.
Change-Id: I7d07c57b7276815c72d08acaa86f673e43eb0498
|
|
|
|
|
|
|
|
As discussed at https://bugzilla.redhat.com/show_bug.cgi?id=1299265
when providing a list of IPv6 addresses as the memcache_node_ips
the resulting nova.conf entry can't be parsed properly.
This adds a memcache_node_ips_v6 which has the required format like
inet6:[ADDR1],inet6:[ADDR2],inet6:[ADDR3]
Closes-Bug: 1536103
Change-Id: I7f95fa063cbba279c4c2e270841f0a279d2be2f6
|
|
This just a revert to see if reverting this gets back to a normal CI run time.
This reverts commit f72aed85594f223b6f888e6d0af3c880ea581a66.
Change-Id: I04a0893f6cf69f547a4db26261005e580e1fc90b
|
|
We'll use /32 for IPv4, the default pacemaker was already using.
Change-Id: Iab584c3e50efc3ecc0ec87bb080bf2d5d802199d
Co-Authored-By: Giulio Fidente <gfidente@redhat.com>
|
|
To enable IPv6 in Corosync, you'll need to set the --ipv6 parameter when
building the cluster.
To do so, we need to specify this parameter in puppet configuration when
running ::pacemaker::corosync class.
So we have now a new parameter: CorosyncIPv6 which is a boolean, False
by default. If set to True, it will pass right options to enable IPv6
when building the Pacemaker cluster.
Change-Id: I485f1399964ddd7a201ed19ec6580b8a136b3acd
|
|
Previously we were always appending the :port suffix to the list
of rabbitmq nodes but the syntax was invalid for IPv6.
This change wires rabbit_hosts from the templates as it happens
already for the other services. Port can be customized using
rabbit_port.
Change-Id: Iecc7a97d46d7de17e85398c57996c104c9125b0e
|
|
This is necessary to keep creating the Default domain.
Change-Id: Ib9911819e89f30270d4f7597639b33f30ad2e3a6
Closes-Bug: #1549867
|
|
Ceilometer Alarm is deprecated in Liberty by Aodh.
This patch:
* manage Aodh Keystone resources
* deploy Aodh API under WSGI, Notifier, Listener and Evaluator
* manage new parameters to customize Aodh deployment
* uses ceilometer DB for the upgrade path
* pacemaker config
Depends-On: I9e34485285829884d9c954b804e3bdd5d6e31635
Depends-On: I891985da9248a88c6ce2df1dd186881f582605ee
Depends-On: Ied8ba5985f43a5c5b3be5b35a091aef6ed86572f
Co-Authored-By: Pradeep Kilambi <pkilambi@redhat.com>
Change-Id: I58d419173e80d2462accf7324c987c71420fd5f6
|
|
|
|
With the move of keystone under wsgi and httpd, all openstack services received an
ordering constraint on the 'httpd' service (which now exposes keystone and horizon).
Since this is not only a layering violation, but it also removes the ability to
restart keystone (httpd) without having to restart all dependent services, we introduce
a dummy 'openstack-core' service which all other services depend on and we make also
keystone (httpd) depend on it.
The previous constraint ordering graph can be found here:
http://acksyn.org/files/tripleo/wsgi-2016-02-24-cib.pdf
Whereas after this change we have the following ordering graph:
http://acksyn.org/files/tripleo/wsgi-openstack-core.pdf
Once this is agreed upon, we can start working on fixing the upgrade path
from Liberty.
This fixes RHBZ#1290121
Closes bug: 1537885
Change-Id: Ie26908ac9bfc0b84b6b65ae3bda711236b03d9d4
|
|
Because Overcloud Keystone resources are not managed by puppet-keystone
but by os-cloud-config, we need to let os-cloud-config managing keystone
bootstrap otherwise the Exec will fail since some data is already in
place.
Later, when Keystone resources will be managed by Puppet, drop this
parameter, because puppet-keystone is able to manage the boostrap
itself.
Change-Id: I027deaae5cf90c27a6b5e9d236ae61145cab3c3f
Closes-Bug: #1551501
|
|
Adds missing configuration which allows overcloud nodes to be
polled by undercloud node.
One would have expected the snmp::snmpv3_user call to create the
missing configuration line. But as noted in this bug, it does not:
https://github.com/razorsedge/puppet-snmp/issues/9
Fixes BZ: https://bugzilla.redhat.com/show_bug.cgi?id=1223278
Change-Id: Ieb2d612a27a938b45056bd37176f44cb55543d75
Closes-Bug: 1532700
|
Jiri Stransky
Damien Ciabrini
Jenkins
Emilien Macchi
Dan Prince
Sofer Athlan-Guyot
Pradeep Kilambi
Qasim Sarfraz
Giulio Fidente
Marius Cornea
Martin Mágr
Swapnil Kulkarni (coolsvap)
James Slagle
marios
Michele Baldessari
Richard Su