Age | Commit message (Collapse) | Author | Files | Lines |
|
When a service connects to the database VIP from the node hosting this
VIP, the resulting TCP socket has a src address which is by default
bound to the VIP as well. If the VIP is failed over to another node
while the socket's Send-Q is not empty, TCP keepalive won't engage and
the service will become unavailable for a very long time (by default
more than 10m).
To prevent failover issues, DB connections should have the src address
of their TCP socket bound to the IP of the network interface used for
MySQL traffic. This is achieved by passing a new option to the
database connection URIs. This option is available starting from
PyMySQL 0.7.9-2.
We use a new intermediate variable in hiera to hold the IP to be used
as a source address for all DB connections. All services adapt their
database URI accordingly.
Moreover, a new YAML validation check is added to guarantee that new
services will construct their database URI appropriately.
Change-Id: Ic69de63acbfb992314ea30a3a9b17c0b5341c035
Closes-Bug: #1643487
|
|
The glance-api and glance-registry services are currently coupled
in that some of the hiera settings in the API are required for
the registry to run correctly (the backend settings).
This patch moves some of the common settings into glance-base and
then updates the glance-api and glance-registry services to
supply that service.
Change-Id: Ie3d7e24c7fd475e3f6ad542c1654eb7dbd9d9b35
Closes-bug: #1628582
|
|
This patch movs the various db::mysql hiera settings into a
'mysql' specific service_config_settings section for each
service so that these will only get applied on the MySQL service
node. This follows a similar puppet-tripleo change where we
create the actual databases for all services locally on
the MySQL service node to avoid permission issues.
Change-Id: Ic0692b1f7aa8409699630ef3924c4be98ca6ffb2
Closes-bug: #1620595
Depends-On: I05cc0afa9373429a3197c194c3e8f784ae96de5f
Depends-On: I5e1ef2dc6de6f67d7c509e299855baec371f614d
|
|
This patch changes the default value and type of the Glance worker
configuration to allow it to be unset and allow a system dependent
default to be used (e.g. processorcount or some derivative value). The
previous default of 0 would result in a single self contained process,
which while suitable for debugging and testing is not appropriate for
production deployments.
Partial-Bug: #1626126
Change-Id: I58a6a72a581e7083e1dc4e5ca568fdd3fdd6cdf1
|
|
This implements support for installing fluentd agents as a composable
service on the overcloud.
Depends-On: I2e1abe4d8c8359e56ff626255ee50c9cacca1940
Implements: tripleo-opstools-centralized-logging
Change-Id: I23b0e23881b742158fcfb6b8c145a3211d45086e
|
|
|
|
It updates Glance, Neutron and Swift to deploy authtoken with modern
pattern.
Change-Id: Icfaf011ea4a23bc47d2fb45e8768f8238532dab3
|
|
- adds possibility to install sensu-client on all nodes
- each composable service has it's own subscription
Co-Authored-By: Emilien Macchi <emilien@redhat.com>
Co-Authored-By: Michele Baldessari <michele@redhat.com>
Implements: blueprint tripleo-opstools-availability-monitoring
Change-Id: I6a215763fd0f0015285b3573305d18d0f56c7770
|
|
This patch removes the remaining bind IP, and password
settings for Heat and Glance into the composable services.
Change-Id: I17abcb2a08a1972cbcf8163f6608ac22ddfc15f7
Related-bug: #1604414
|
|
This patch adds a new DefaultPasswords parameter to
composable services. This is needed to help provide
access to top level password resources that overcloud.yaml
currently manages (passwords for Rabbit, Mysql, etc.).
Moving the RandomString resources into composable services
would cause them to regenerate within the stack. With this
approach we can leave them where they are while we deprecate
the top level mechanism and move the code that uses the
passwords into the composable services.
Change-Id: I4f21603c58a169a093962594e860933306879e3f
|
|
This will be needed to pick the network where the service has
to bind to from within the service template.
Change-Id: I52652e1ad8c7b360efd2c7af199e35932aaaea8c
|
|
Currently we have a hard-coded set of per-service parameters, which
will cause problems for custom roles and full composability.
As a first step towards making this more configurable, remove the
hard-coded per-service parameters from overcloud.yaml, and adjust
the EndpointMap generation to instead accept two mappings, the
ServiceNetMap and a mapping of networks to IPs (effectively this
just moves the map lookup inside the endpoint map instead of
inside overcloud.yaml)
Change-Id: Ib522e89c36eed2115a6586dd5a6770907d9b33db
Partially-Implements: blueprint custom-roles
|
|
This is the THT part that brings us the next generation architecture
as described in the following spec:
https://review.openstack.org/#/c/299628/
Blueprint:
https://blueprints.launchpad.net/tripleo/+spec/ha-lightweight-architecture
So far we tested deployment + tripleo.sh --overcloud-pingtest and
failover + tripleo.sh --overcloud-pingtest
Note that many of the Pacemaker template files become redundant with
this change, but to simplify the process of getting this change landed,
those templates will not be removed until a future commit.
Depends-On: I5e7585c08675d8a4bd071523b94210d325d79b59
Change-Id: I00bccb2563c006f80baed623b64f1e17af20dd4e
Implements: blueprint ha-lightweight-architecture
Co-Author: cmsj@tenshu.net
|
|
|
|
Currently we use hyphens, e.g cinder-api, but in overcloud.yaml
we have a lot of references to services (e.g for AllNodesConfig)
by underscore, e.g cinder_api. To enable dynamic generation of
this data, we need the service name in underscore format.
Change-Id: Ief13dfe5d8d7691dfe2534ad5c39d7eacbcb6f70
|
|
Migrate puppet/hieradata/*.yaml parameters to puppet/services/*.yaml
except for some services that are not composable yet.
Co-Authored-By: Juan Antonio Osorio Robles <jaosorior@redhat.com>
Change-Id: I7e5f8b18ee9aa63a1dffc6facaf88315b07d5fd7
|
|
Split out the firewall rules in puppet/hieradata/controller.yaml
into the composable services
Depends-On: Id370362ab57347b75b1ab25afda877885b047263
Change-Id: Icaecab100d3f278035fbbb3facb9bf6c62c76c03
|
|
|
|
This patch adds a new service_name section to each composable
service. We now have an explicit unit test check to ensure that
service_name exists in tools/yaml-validate.py.
This patch also wires service_names into hieradata on each
of the roles so that tools can access the deployed services locally
during deployment and upgrades.
Change-Id: I60861c5aa760534db3e314bba16a13b90ea72f0c
|
|
The ::host parameter expects IPv6 addresses withouth brackets; this
change aligns the remaining services to use MysqlNoBracketsInternal
as it happens already for the others (eg. Keystone).
Change-Id: Ia72d325447408b1cb5fea836034bbcd75d17ddf1
|
|
Change-Id: I405bc9895160cc867f933e6b0d56546d460d2e3a
|
|
By passing the MysqlVirtualIP via the EndpointMap we won't need it
to be provided as a parameter to the services.
This follows what is already happening for the glance registry
service with I9186e56cd4746a60e65dc5ac12e6595ac56505f0.
Change-Id: Iad2ab389bf64d0fc8b06eb0e7d29b5370ff27dff
Co-Authored-By: Juan Antonio Osorio Robles <jaosorior@redhat.com>
|
|
Adds new puppet and puppet pacemaker specific services for
Glance API and Glance Registry.
The Pacemaker templates extend the default glance services and
swap in the pacemaker specific puppet-tripleo profile instead.
In the case of pacemaker glance-registry there is no separate
puppet manifest so only the configuration parameters are maintained
there. (Due to the way the pacemaker glance constraints are written
the pacemaker varients of this service can't be split out...)
Depends-On: Ifc388f7058ccfff2818f531bcbc00c7179874bbc
Change-Id: I00a8c916129af43cda225754eb10370289bb4b41
|