aboutsummaryrefslogtreecommitdiffstats
path: root/puppet/services/glance-registry.yaml
AgeCommit message (Collapse)AuthorFilesLines
2017-01-03DB connection: prevent src address from binding to a VIPDamien Ciabrini1-0/+2
When a service connects to the database VIP from the node hosting this VIP, the resulting TCP socket has a src address which is by default bound to the VIP as well. If the VIP is failed over to another node while the socket's Send-Q is not empty, TCP keepalive won't engage and the service will become unavailable for a very long time (by default more than 10m). To prevent failover issues, DB connections should have the src address of their TCP socket bound to the IP of the network interface used for MySQL traffic. This is achieved by passing a new option to the database connection URIs. This option is available starting from PyMySQL 0.7.9-2. We use a new intermediate variable in hiera to hold the IP to be used as a source address for all DB connections. All services adapt their database URI accordingly. Moreover, a new YAML validation check is added to guarantee that new services will construct their database URI appropriately. Change-Id: Ic69de63acbfb992314ea30a3a9b17c0b5341c035 Closes-Bug: #1643487
2016-10-12Allow Glance API and Registry to be splitDan Prince1-37/+39
The glance-api and glance-registry services are currently coupled in that some of the hiera settings in the API are required for the registry to run correctly (the backend settings). This patch moves some of the common settings into glance-base and then updates the glance-api and glance-registry services to supply that service. Change-Id: Ie3d7e24c7fd475e3f6ad542c1654eb7dbd9d9b35 Closes-bug: #1628582
2016-09-28Move db::mysql into service_config_settingsDan Prince1-6/+9
This patch movs the various db::mysql hiera settings into a 'mysql' specific service_config_settings section for each service so that these will only get applied on the MySQL service node. This follows a similar puppet-tripleo change where we create the actual databases for all services locally on the MySQL service node to avoid permission issues. Change-Id: Ic0692b1f7aa8409699630ef3924c4be98ca6ffb2 Closes-bug: #1620595 Depends-On: I05cc0afa9373429a3197c194c3e8f784ae96de5f Depends-On: I5e1ef2dc6de6f67d7c509e299855baec371f614d
2016-09-21Glance worker count fixJoe Talerico1-3/+10
This patch changes the default value and type of the Glance worker configuration to allow it to be unset and allow a system dependent default to be used (e.g. processorcount or some derivative value). The previous default of 0 would result in a single self contained process, which while suitable for debugging and testing is not appropriate for production deployments. Partial-Bug: #1626126 Change-Id: I58a6a72a581e7083e1dc4e5ca568fdd3fdd6cdf1
2016-09-17Add fluentd client serviceLars Kellogg-Stedman1-0/+8
This implements support for installing fluentd agents as a composable service on the overcloud. Depends-On: I2e1abe4d8c8359e56ff626255ee50c9cacca1940 Implements: tripleo-opstools-centralized-logging Change-Id: I23b0e23881b742158fcfb6b8c145a3211d45086e
2016-09-02Merge "Availability monitoring agents support"Jenkins1-1/+4
2016-08-31Last round of modern authtoken updateEmilien Macchi1-4/+4
It updates Glance, Neutron and Swift to deploy authtoken with modern pattern. Change-Id: Icfaf011ea4a23bc47d2fb45e8768f8238532dab3
2016-08-31Availability monitoring agents supportMartin Mágr1-1/+4
- adds possibility to install sensu-client on all nodes - each composable service has it's own subscription Co-Authored-By: Emilien Macchi <emilien@redhat.com> Co-Authored-By: Michele Baldessari <michele@redhat.com> Implements: blueprint tripleo-opstools-availability-monitoring Change-Id: I6a215763fd0f0015285b3573305d18d0f56c7770
2016-08-25Move glance/heat hiera settings to servicesDan Prince1-0/+7
This patch removes the remaining bind IP, and password settings for Heat and Glance into the composable services. Change-Id: I17abcb2a08a1972cbcf8163f6608ac22ddfc15f7 Related-bug: #1604414
2016-08-18Add DefaultPasswords to composable servicesDan Prince1-0/+3
This patch adds a new DefaultPasswords parameter to composable services. This is needed to help provide access to top level password resources that overcloud.yaml currently manages (passwords for Rabbit, Mysql, etc.). Moving the RandomString resources into composable services would cause them to regenerate within the stack. With this approach we can leave them where they are while we deprecate the top level mechanism and move the code that uses the passwords into the composable services. Change-Id: I4f21603c58a169a093962594e860933306879e3f
2016-08-18Pass ServiceNetMap to servicesGiulio Fidente1-0/+6
This will be needed to pick the network where the service has to bind to from within the service template. Change-Id: I52652e1ad8c7b360efd2c7af199e35932aaaea8c
2016-08-11Convert EndpointMap to not require per-service VIP parametersSteven Hardy1-1/+1
Currently we have a hard-coded set of per-service parameters, which will cause problems for custom roles and full composability. As a first step towards making this more configurable, remove the hard-coded per-service parameters from overcloud.yaml, and adjust the EndpointMap generation to instead accept two mappings, the ServiceNetMap and a mapping of networks to IPs (effectively this just moves the map lookup inside the endpoint map instead of inside overcloud.yaml) Change-Id: Ib522e89c36eed2115a6586dd5a6770907d9b33db Partially-Implements: blueprint custom-roles
2016-08-04Next generation HA architecture workMichele Baldessari1-0/+2
This is the THT part that brings us the next generation architecture as described in the following spec: https://review.openstack.org/#/c/299628/ Blueprint: https://blueprints.launchpad.net/tripleo/+spec/ha-lightweight-architecture So far we tested deployment + tripleo.sh --overcloud-pingtest and failover + tripleo.sh --overcloud-pingtest Note that many of the Pacemaker template files become redundant with this change, but to simplify the process of getting this change landed, those templates will not be removed until a future commit. Depends-On: I5e7585c08675d8a4bd071523b94210d325d79b59 Change-Id: I00bccb2563c006f80baed623b64f1e17af20dd4e Implements: blueprint ha-lightweight-architecture Co-Author: cmsj@tenshu.net
2016-07-29Merge "Convert service_name to underscore syntax"Jenkins1-1/+1
2016-07-28Convert service_name to underscore syntaxSteven Hardy1-1/+1
Currently we use hyphens, e.g cinder-api, but in overcloud.yaml we have a lot of references to services (e.g for AllNodesConfig) by underscore, e.g cinder_api. To enable dynamic generation of this data, we need the service name in underscore format. Change-Id: Ief13dfe5d8d7691dfe2534ad5c39d7eacbcb6f70
2016-07-27Migrate Puppet Hieradata to composable servicesEmilien Macchi1-0/+2
Migrate puppet/hieradata/*.yaml parameters to puppet/services/*.yaml except for some services that are not composable yet. Co-Authored-By: Juan Antonio Osorio Robles <jaosorior@redhat.com> Change-Id: I7e5f8b18ee9aa63a1dffc6facaf88315b07d5fd7
2016-07-25Composable firewall rulesDan Prince1-0/+4
Split out the firewall rules in puppet/hieradata/controller.yaml into the composable services Depends-On: Id370362ab57347b75b1ab25afda877885b047263 Change-Id: Icaecab100d3f278035fbbb3facb9bf6c62c76c03
2016-07-22Merge "Move mysql::host param from MysqlInternal to MysqlNoBracketsInternal"Jenkins1-1/+1
2016-07-22Add 'service_name' to composable servicesDan Prince1-0/+1
This patch adds a new service_name section to each composable service. We now have an explicit unit test check to ensure that service_name exists in tools/yaml-validate.py. This patch also wires service_names into hieradata on each of the roles so that tools can access the deployed services locally during deployment and upgrades. Change-Id: I60861c5aa760534db3e314bba16a13b90ea72f0c
2016-07-21Move mysql::host param from MysqlInternal to MysqlNoBracketsInternalGiulio Fidente1-1/+1
The ::host parameter expects IPv6 addresses withouth brackets; this change aligns the remaining services to use MysqlNoBracketsInternal as it happens already for the others (eg. Keystone). Change-Id: Ia72d325447408b1cb5fea836034bbcd75d17ddf1
2016-07-09Move glance::db data within service templateGiulio Fidente1-0/+7
Change-Id: I405bc9895160cc867f933e6b0d56546d460d2e3a
2016-05-30Pass MysqlVirtualIP via EndpointMapGiulio Fidente1-7/+4
By passing the MysqlVirtualIP via the EndpointMap we won't need it to be provided as a parameter to the services. This follows what is already happening for the glance registry service with I9186e56cd4746a60e65dc5ac12e6595ac56505f0. Change-Id: Iad2ab389bf64d0fc8b06eb0e7d29b5370ff27dff Co-Authored-By: Juan Antonio Osorio Robles <jaosorior@redhat.com>
2016-04-21composable glance servicesDan Prince1-0/+48
Adds new puppet and puppet pacemaker specific services for Glance API and Glance Registry. The Pacemaker templates extend the default glance services and swap in the pacemaker specific puppet-tripleo profile instead. In the case of pacemaker glance-registry there is no separate puppet manifest so only the configuration parameters are maintained there. (Due to the way the pacemaker glance constraints are written the pacemaker varients of this service can't be split out...) Depends-On: Ifc388f7058ccfff2818f531bcbc00c7179874bbc Change-Id: I00a8c916129af43cda225754eb10370289bb4b41