aboutsummaryrefslogtreecommitdiffstats
path: root/puppet/services/heat-engine.yaml
AgeCommit message (Collapse)AuthorFilesLines
2017-02-17Make the DB URIs host-independent for all servicesMichele Baldessari1-2/+1
When fixing LP#1643487 we added ?bind_address to all DB URIs. Since this clashes with Cellsv2 due to the URIs becoming host dependent, we need a new approach to pass bind_address to pymysql that leaves the DB URIs host-independent. In change Iff8bd2d9ee85f7bb1445aa2e1b3cfbff1f397b18 we first create a /etc/my.cnf.d/tripleo.cnf file with a [tripleo] section with the correct bind-address option. In this change we make sure that the DB URIs will point to the added file and to the specific section containing the necessary bind-address option. We do introduce a new MySQLClient profile which will hold all this more client-specific configuration so that this change can fit better in the composable roles work. Also, in the future it might contain the necessary configuration for SSL for example. Note that in case the /etc/my.cnf.d/tripleo.cnf file does not exist (because it is created via the mysqlclient profile), things keep on working as usual and the bind-address option simply won't be set, which has no impact on hosts where there are no VIPs. Co-Authored-By: Damien Ciabrini <dciabrin@redhat.com> Change-Id: Ieac33efe38f32e949fd89545eb1cd8e0fe114a12 Related-Bug: #1643487 Closes-Bug: #1663181 Closes-Bug: #1664524 Depends-On: Iff8bd2d9ee85f7bb1445aa2e1b3cfbff1f397b18
2017-02-13Remove [heat,glance,ironic,cinder,keystone] db sync from ansiblemarios1-3/+0
These are handle by puppet as usual (puppet run comes after the ansible steps) so remove them from these remaining upgrade_tasks Change-Id: Ic341f31251622ccb11a5f7818b2edf7a82391560
2017-01-27Adds a pre-upgrade check that service is running (step0)marios1-0/+3
Adds a step0 for most services to check that the state is running before continuing with any of the other upgrades steps (these are tagged step0). You can skip this service check by overriding the SkipUpgradeConfigTags parameter as follows: parameter_defaults: SkipUpgradeConfigTags: validation Co-Authored-By: Steven Hardy <shardy@redhat.com> Change-Id: Ie276f153015f671b720b6ed5beaac1b921661909
2017-01-19Don't start all services during upgrade stepsSteven Hardy1-3/+0
Currently we start all OpenStack services in step6, but puppet already does this, and sometimes services require configuration to account for the new version after the yum update before they will start. So instead of reimplementing that configuration management in ansible, just defer starting the services until puppet has run which will happen right after the ansible upgrade steps complete. Note there are some DB sync operations etc that we may also be able to remove and let puppet do those steps, but I've left those in for now, as we know there are some actions during that phase e.g nova cells setup, which aren't yet handled by puppet. Change-Id: Idc8e253167a4bc74b086830cfabf28d4aab97d28
2017-01-13Add heat service support for composable upgradesSteven Hardy1-0/+10
Change-Id: Idbbff1e7b3947a8a381ddae172006d724a98a344 Partially-Implements: blueprint overcloud-upgrades-per-service
2017-01-06Heat engine settings required for UndercloudDan Prince1-0/+12
This patch adds several new heat engine setting that are required in order to configure a fully working Heat engine in the undercloud. New parameters have been added for the max resources and convergence settings. I've hard coded the max stack depth at 6 which matches our undercloud and should be fine as a default setting I think (would rarely need overridden). Change-Id: I335476f46b4bea4b9f3ac70a6312a7e906f43ba6
2017-01-05Merge "Configure Heat engine metadata URL's"Jenkins1-0/+17
2017-01-04Merge "DB connection: prevent src address from binding to a VIP"Jenkins1-0/+2
2017-01-04Configure Heat engine metadata URL'sDan Prince1-0/+17
Tried to use the heat-engine composable service in the Undercloud and I discovered that my software deployments (when spinning up an overcloud) weren't getting signals from my t-h-t configured undercloud heat. This patch resolves the issues by configuring the metadata URLs for Heat. Change-Id: I57c9e7010bfe4afc6e62fb4c3406716d11cdfa28 Closes-bug: #1653985
2017-01-03DB connection: prevent src address from binding to a VIPDamien Ciabrini1-0/+2
When a service connects to the database VIP from the node hosting this VIP, the resulting TCP socket has a src address which is by default bound to the VIP as well. If the VIP is failed over to another node while the socket's Send-Q is not empty, TCP keepalive won't engage and the service will become unavailable for a very long time (by default more than 10m). To prevent failover issues, DB connections should have the src address of their TCP socket bound to the IP of the network interface used for MySQL traffic. This is achieved by passing a new option to the database connection URIs. This option is available starting from PyMySQL 0.7.9-2. We use a new intermediate variable in hiera to hold the IP to be used as a source address for all DB connections. All services adapt their database URI accordingly. Moreover, a new YAML validation check is added to guarantee that new services will construct their database URI appropriately. Change-Id: Ic69de63acbfb992314ea30a3a9b17c0b5341c035 Closes-Bug: #1643487
2016-12-23Bump template version for all templates to "ocata"Steven Hardy1-1/+1
Heat now supports release name aliases, so we can replace the inconsistent mix of date related versions with one consistent version that aligns with the supported version of heat for this t-h-t branch. This should also help new users who sometimes copy/paste old templates and discover intrinsic functions in the t-h-t docs don't work because their template version is too old. Change-Id: Ib415e7290fea27447460baa280291492df197e54
2016-11-16Use keystone profile parameter to pass heat passwordJuan Antonio Osorio Robles1-1/+1
Instead of relying on an explicit hiera call to get the stack domain password, this uses the keystone parameter to introduce that value instead. Change-Id: I0e5124d57fdc519262fdec2dbeaaac85afaeebdf
2016-10-14Pass heat domain admin password to keystoneSteven Hardy1-0/+3
This is needed to create the user/domain/project in the keystone profile on whatever role is running the keystone service. Change-Id: I115ead005974080e0a35e3675d9b37828c8934b1 Closes-Bug: #1631130 Depends-On: Ib088a572b384b479f51d56555734d78ab840a1f3
2016-09-28Move db::mysql into service_config_settingsDan Prince1-7/+10
This patch movs the various db::mysql hiera settings into a 'mysql' specific service_config_settings section for each service so that these will only get applied on the MySQL service node. This follows a similar puppet-tripleo change where we create the actual databases for all services locally on the MySQL service node to avoid permission issues. Change-Id: Ic0692b1f7aa8409699630ef3924c4be98ca6ffb2 Closes-bug: #1620595 Depends-On: I05cc0afa9373429a3197c194c3e8f784ae96de5f Depends-On: I5e1ef2dc6de6f67d7c509e299855baec371f614d
2016-09-17Add fluentd client serviceLars Kellogg-Stedman1-0/+8
This implements support for installing fluentd agents as a composable service on the overcloud. Depends-On: I2e1abe4d8c8359e56ff626255ee50c9cacca1940 Implements: tripleo-opstools-centralized-logging Change-Id: I23b0e23881b742158fcfb6b8c145a3211d45086e
2016-08-31Availability monitoring agents supportMartin Mágr1-0/+4
- adds possibility to install sensu-client on all nodes - each composable service has it's own subscription Co-Authored-By: Emilien Macchi <emilien@redhat.com> Co-Authored-By: Michele Baldessari <michele@redhat.com> Implements: blueprint tripleo-opstools-availability-monitoring Change-Id: I6a215763fd0f0015285b3573305d18d0f56c7770
2016-08-30configure Heat with new authtoken parametersEmilien Macchi1-2/+0
Configure Heat with new authtoken parameters provided by puppet-heat module. Also move the authtoken parameters in heat-base, required by both heat-engine and heat-api. Depends-On: I7a9d10b0a8092b3d0c70708b57637098cfe2b56d Change-Id: Id5cd3e830f64263c8d39c7d2973c99d0380e772c
2016-08-25Move glance/heat hiera settings to servicesDan Prince1-1/+13
This patch removes the remaining bind IP, and password settings for Heat and Glance into the composable services. Change-Id: I17abcb2a08a1972cbcf8163f6608ac22ddfc15f7 Related-bug: #1604414
2016-08-18Add DefaultPasswords to composable servicesDan Prince1-0/+4
This patch adds a new DefaultPasswords parameter to composable services. This is needed to help provide access to top level password resources that overcloud.yaml currently manages (passwords for Rabbit, Mysql, etc.). Moving the RandomString resources into composable services would cause them to regenerate within the stack. With this approach we can leave them where they are while we deprecate the top level mechanism and move the code that uses the passwords into the composable services. Change-Id: I4f21603c58a169a093962594e860933306879e3f
2016-08-18Pass ServiceNetMap to servicesGiulio Fidente1-0/+9
This will be needed to pick the network where the service has to bind to from within the service template. Change-Id: I52652e1ad8c7b360efd2c7af199e35932aaaea8c
2016-08-11Convert EndpointMap to not require per-service VIP parametersSteven Hardy1-1/+1
Currently we have a hard-coded set of per-service parameters, which will cause problems for custom roles and full composability. As a first step towards making this more configurable, remove the hard-coded per-service parameters from overcloud.yaml, and adjust the EndpointMap generation to instead accept two mappings, the ServiceNetMap and a mapping of networks to IPs (effectively this just moves the map lookup inside the endpoint map instead of inside overcloud.yaml) Change-Id: Ib522e89c36eed2115a6586dd5a6770907d9b33db Partially-Implements: blueprint custom-roles
2016-07-29Merge "Convert service_name to underscore syntax"Jenkins1-1/+1
2016-07-28Convert service_name to underscore syntaxSteven Hardy1-1/+1
Currently we use hyphens, e.g cinder-api, but in overcloud.yaml we have a lot of references to services (e.g for AllNodesConfig) by underscore, e.g cinder_api. To enable dynamic generation of this data, we need the service name in underscore format. Change-Id: Ief13dfe5d8d7691dfe2534ad5c39d7eacbcb6f70
2016-07-27Migrate Puppet Hieradata to composable servicesEmilien Macchi1-0/+2
Migrate puppet/hieradata/*.yaml parameters to puppet/services/*.yaml except for some services that are not composable yet. Co-Authored-By: Juan Antonio Osorio Robles <jaosorior@redhat.com> Change-Id: I7e5f8b18ee9aa63a1dffc6facaf88315b07d5fd7
2016-07-22Merge "Move mysql::host param from MysqlInternal to MysqlNoBracketsInternal"Jenkins1-1/+1
2016-07-22Add 'service_name' to composable servicesDan Prince1-0/+1
This patch adds a new service_name section to each composable service. We now have an explicit unit test check to ensure that service_name exists in tools/yaml-validate.py. This patch also wires service_names into hieradata on each of the roles so that tools can access the deployed services locally during deployment and upgrades. Change-Id: I60861c5aa760534db3e314bba16a13b90ea72f0c
2016-07-21Move mysql::host param from MysqlInternal to MysqlNoBracketsInternalGiulio Fidente1-1/+1
The ::host parameter expects IPv6 addresses withouth brackets; this change aligns the remaining services to use MysqlNoBracketsInternal as it happens already for the others (eg. Keystone). Change-Id: Ia72d325447408b1cb5fea836034bbcd75d17ddf1
2016-07-09Move heat::db data within service templateGiulio Fidente1-0/+6
Change-Id: I3fada6c5b0265bc6536c89da0ef4b709ead13b7d
2016-05-31Cleanup hieradata to reduce Puppet warningsEmilien Macchi1-1/+0
Some puppet parameters were deprecated, some of them removed. This patch reduce the number of warnings to a few, and the rest of warnings are bugs that are in progress by Puppet OpenStack team. This patch is mostly some cleanup so we don't have useless warnings in Puppet catalog. Changes: * Update Ceilometer auth params * Update Neutron auth params * Update Heat auth params * Update Swift hash suffix param * Remove neutron::server::notifications::nova_url, useless. Change-Id: Ie32681a1fe32735f70ba372630da09f91227298c
2016-05-30Pass MysqlVirtualIP via EndpointMapGiulio Fidente1-7/+4
By passing the MysqlVirtualIP via the EndpointMap we won't need it to be provided as a parameter to the services. This follows what is already happening for the glance registry service with I9186e56cd4746a60e65dc5ac12e6595ac56505f0. Change-Id: Iad2ab389bf64d0fc8b06eb0e7d29b5370ff27dff Co-Authored-By: Juan Antonio Osorio Robles <jaosorior@redhat.com>
2016-05-19composable heat servicesBrad P. Crochet1-0/+62
Adds new puppet and puppet pacemaker specific services for Heat API, Heat API CFN, Heat API Cloudwatch, and Heat Engine. The Pacemaker templates extend the default heat services and swap in the pacemaker specific puppet-tripleo profile instead. Change-Id: I387b6bfd763d2d86cad68a3119b0edd0caa237b0 Partially-implements: blueprint composable-services-within-roles Depends-On: I194cbb6aa307c2331597147545cf10299cab132f Depends-On: I14dc923ac8ee8d5d538e7f4cf8138ccee8805b53