aboutsummaryrefslogtreecommitdiffstats
path: root/puppet/services/nova-base.yaml
AgeCommit message (Collapse)AuthorFilesLines
2017-10-09Fix cold/live migration network configOliver Walsh1-1/+2
Cold migration network is determined by the value of my_ip in nova.conf. If this isn't set then the network with the default gateway will be used. This patch sets my_ip and the whitelisted IP for cold migation over SSH to the NovaApiNetwork. Until https://bugs.launchpad.net/nova/+bug/1671288 is fixed we cannot control the network used for live migration over SSH. It is determined by hostname resolution. This patch sets the whitelisted IP for live migration over SSH to the hostname resolution network for the role - which is typically the same as NovaApiNetwork. (NB The puppet manifest will remove duplicates). Live migration over TLS is not affected. It can control the network used so it configurable via NovaLibvirtNetwork. Change-Id: Ica3f79d6d0cfae446e276172146f3a9407f2971f Depends-On: Id22a6c990f424b9f3ca6159088540ea207460ffd (cherry picked from commit 23331889a577b82b625610a80ecd44e164fe6cf1)
2017-07-21Make various password descriptions consistentBen Nemec1-1/+1
Since these are obviously global parameters they shouldn't specify what will be using them because they are used in multiple places. Change-Id: I5054c2d67dffe802e37f8391dd7bad4721e29831 Partial-Bug: 1700664
2017-07-14Adds network/cidr mapping into a new service propertyGiulio Fidente1-0/+4
Makes it possible to resolve network subnets within a service template; the data is transported into a new property ServiceData wired into every service which hopefully is generic enough to be extended in the future and transport more data. Data can be consumed in service templates to set config values which need to know what is the subnet where a deamon operates (for example the Ceph Public vs Cluster network). Change-Id: I28e21c46f1ef609517175f7e7ee19e28d1c0cba2
2017-07-11Allow to set Notification Driver to 'noop'Emilien Macchi1-1/+7
This patch does 2 things: * Configure messagingv2 as default driver for Oslo Notifications sent on RPC. * Allow users to choose between messagingv2 (default) and noop when we want to disable notifications (for example, when Telemetry is disabled). * Deprecate KeystoneNotificationDriver in favor of NotificationDriver. Change-Id: Ia547d7f4bfb51e7c45246b097b48fd86da231bd3 Related-Bug: #1701357
2017-06-07Ability to enable/disable debug mode per OpenStack serviceEmilien Macchi1-1/+10
Add ServiceDebug parameters for each services that will allow operators to enable/disable Debug for specific services. We keep the Debug parameters for backward compatibility. Operators want to enable Debug everywhere: Debug: true Operators want to disable Debug everywhere: Debug: false Operators want to disable Debug everywhere except Glance: GlanceDebug: true Operators want to enable Debug everywhere except Glance: Debug: true GlanceDebug: false New parameters: AodhDebug, BarbicanDebug, CeilometerDebug, CinderDebug, CongressDebug, GlanceDebug, GnocchiDebug, HeatDebug, HorizonDebug, IronicDebug, KeystoneDebug, ManilaDebug, MistralDebug, NeutronDebug, NovaDebug, OctaviaDebug, PankoDebug, SaharaDebug, TackerDebug, ZaqarDebug. Note: for backward compatibility in Horizon, HorizonDebug is set to false, so we maintain previous behavior. Change-Id: Icbf4a38afcdbd8471d1afc11743df9705451db52 Implement-blueprint: composable-debug Closes-Bug: #1634567
2017-05-15Add role specific information to the service templateSaravanan KR1-0/+8
When a service is enabled on multiple roles, the parameters for the service will be global. This change enables an option to provide role specific parameter to services and other templates. Two new parameters - RoleName and RoleParameters, are added to the service template. RoleName provides the role name of on which the current instance of the service is being applied on. RoleParameters provides the list of parameters which are configured specific to the role in the environment file, like below: parameters_default: # Default value for applied to all roles NovaReservedHostMemory: 2048 ComputeDpdkParameters: # Applied only to ComputeDpdk role NovaReservedHostMemory: 4096 In above sample, the cluster contains 2 roles - Compute, ComputeDpdk. The values of ComputeDpdkParameters will be passed on to the templates as RoleParameters while creating the stack for ComputeDpdk role. The parameter which supports role specific configuration, should find the parameter first in in the RoleParameters list, if not found, then the default (for all roles) should be used. Implements: blueprint tripleo-derive-parameters Change-Id: I72376a803ec6b2ed93903cc0c95a6ffce718b6dc
2017-05-05Use the make_url function to build URLsZane Bitter1-37/+37
Change-Id: I2b23d92c85d5ecc889a7ee597b90e930bde9028e Depends-On: I72f84e737b042ecfaabf5639c6164d46a072b423
2017-04-05add configurable timeouts for DB syncMike Bayer1-0/+6
This patch integrates with the db_sync_timeout parameter recently added to puppet-nova and puppet-neutron in I6b30a4d9e3ca25d9a473e4eb614a8769fa4567e7, which allow for the full db_sync install to have more time than just Pupppet's default of 300 seconds. Ultimately, similar timeouts can be added for all other projects that feature db sync phases, however Nova and Neutron are currently the ones that are known to time out in some environments. Closes-bug: #1661100 Change-Id: Ic47439a0a774e3d74e844d43b58956da8d1887da
2017-03-30Merge "[N->O] Fix wrong database connection for cell0 during upgrade."Jenkins1-0/+10
2017-03-23[N->O] Fix wrong database connection for cell0 during upgrade.Sofer Athlan-Guyot1-0/+10
During upgrade the cell0 database has the connection pointing to mysql+pymysql://nova:c2cdagE8PyAbnpers3AD88Hge@10.0.0.19/nova_cell0?bind_address=10.0.0.20 where 10.0.0.20 was the ip of the bootstrap node. This makes the nova-api fails on 2/3 node at the end of the major-upgrade-composable-steps.yaml step. We do have the right value in the hiera database so make sure we use it for cell0 creation and not the nova.conf file which hasn't been updated yet. Change-Id: I09775206cb8fc5e15934f7e4475506a7fe17271e Closes-Bug: #1675359
2017-03-22Only set EnableConfigPurge on major upgradesSteven Hardy1-3/+3
Bug #1611800 fixed an upgrade issue by enabling purging configs for some services, but this causes issues such as longer updates and restarting services in the minor update case, so only do this for major upgrades, and default to false. Related-Bug: #1611800 Closes-Bug: #1674858 Change-Id: Iff7d715f6730c5633f1146008504b4309ef3133d
2017-02-17Make the DB URIs host-independent for all servicesMichele Baldessari1-0/+3
When fixing LP#1643487 we added ?bind_address to all DB URIs. Since this clashes with Cellsv2 due to the URIs becoming host dependent, we need a new approach to pass bind_address to pymysql that leaves the DB URIs host-independent. In change Iff8bd2d9ee85f7bb1445aa2e1b3cfbff1f397b18 we first create a /etc/my.cnf.d/tripleo.cnf file with a [tripleo] section with the correct bind-address option. In this change we make sure that the DB URIs will point to the added file and to the specific section containing the necessary bind-address option. We do introduce a new MySQLClient profile which will hold all this more client-specific configuration so that this change can fit better in the composable roles work. Also, in the future it might contain the necessary configuration for SSL for example. Note that in case the /etc/my.cnf.d/tripleo.cnf file does not exist (because it is created via the mysqlclient profile), things keep on working as usual and the bind-address option simply won't be set, which has no impact on hosts where there are no VIPs. Co-Authored-By: Damien Ciabrini <dciabrin@redhat.com> Change-Id: Ieac33efe38f32e949fd89545eb1cd8e0fe114a12 Related-Bug: #1643487 Closes-Bug: #1663181 Closes-Bug: #1664524 Depends-On: Iff8bd2d9ee85f7bb1445aa2e1b3cfbff1f397b18
2017-02-15Merge "Add nova service support for composable upgrades"Jenkins1-1/+0
2017-02-14Add nova service support for composable upgradesSteven Hardy1-1/+0
Co-Authored-By: Mathieu Bultel <mbultel@redhat.com> Co-Authored-By: Oliver Walsh <owalsh@redhat.com> Change-Id: Iafad800a6819d7e75fdaab60d328999d3d3c037f Partially-Implements: blueprint overcloud-upgrades-per-service Related-Bug: #1662344
2017-02-14Use Keystone internal endpoint instead of admin for servicesJuan Antonio Osorio Robles1-1/+1
The admin endpoint is listening on the ctlplane network by default; services should ideally be using the internal api network for this kind of traffic, as the ctlplane network is mostly for provisioning. On the other hand, the admin endpoint shouldn't be as relevant with services switching to keystone v3. Change-Id: I1213a83ef8693c1cca1d20de974f7949a801d9f1
2017-02-14Merge "Configure the placement API's interface to use the internal endpoint"Jenkins1-0/+6
2017-02-13Configure the placement API's interface to use the internal endpointJuan Antonio Osorio Robles1-0/+6
Due to the keystoneauth library's defaults, it uses the public interface currently. This is not desirable in most cases (specially when using network isolation); so we set it to use the internal one. Change-Id: Ic222a2b734f4d512349fd8556aa2864b13a1eb07 Depends-On: I1c7fd3a32d04e2fafb3820d1c1f221f45c613c83 Closes-Bug: #1663187
2017-02-12Fix Neutron region in nova.confEmilien Macchi1-0/+1
Default in puppet-neutron is 'RegionOne', so let's override it with the right parameter in TripleO. Change-Id: I3f1693b91178027c8e05288aeba72b7d6bd042be
2017-02-07Stop setting bind_address on nova db uri.Oliver Walsh1-6/+0
This reverts the changes in https://review.openstack.org/414629 for nova as they are incompatible with cell_v2. This is a temporary fix for HA while a long-term solution is developed. Change-Id: I79d30a2d76a354999152c0c997ea77f104c51027 Related-bug: #1643487 Closes-bug: #1662344
2017-01-20Merge "Move nova placement hiera to nova-base"Jenkins1-0/+8
2017-01-20Merge "Revert "Revert "Specify cell0 db creation"""Jenkins1-0/+4
2017-01-20Move nova placement hiera to nova-baseEmilien Macchi1-0/+8
Nova placement hiera parameters need to be common across all nova services because they are used to more than one place. This patch moves them to nova-base, so nova-compute and other services that need it will be able to run correctly. Change-Id: Ibccc55fc9d045487fb7e47bd1c2ebe9cf788765e Depends-On: Iada8e9fcccec7dbfe7ac0ec0f9ec6eac1581290e
2017-01-19Enabling until_complete to be configured dynamicallyCarlos Camacho1-0/+6
Adding to THT the cabability of configuring until_complete in the archive job. This will be a boolean flag to clean all the deleted instances. Will run in batches of max_rows until empty. Change-Id: I087bc66729fef4f33122a7633c154d5a66613d6f Depends-On: I927b75adb0fc3251f3734d41f4393590294c1c9b Closes-Bug: 1650680
2017-01-19Merge "Configure cron parameters for Cinder Heat Keystone and Nova"Jenkins1-1/+51
2017-01-18Revert "Revert "Specify cell0 db creation""Dan Prince1-0/+4
This reverts commit 34f3ab689616517888422582357d0d4a38e0925d. Creating the cells database doesn't hurt anything and will fix issues using the new Docker nova services for development (these packages are more recent and require cells). Change-Id: I85b0e80ca208ef3ca3dfadfe6e98d83ec009a31d
2017-01-17Nova Placement API composable serviceEmilien Macchi1-0/+11
Add support to deploy Nova Placement API service in TripleO. Change-Id: Ie41ebc362a0695c8f55419e231100c63007405ed
2017-01-16Configure cron parameters for Cinder Heat Keystone and NovaCarlos Camacho1-1/+51
Change-Id: I1b2c0025e363d0387ddc0514decd3bc2dc80f9ae Closes-Bug: 1650680
2017-01-13Merge "Revert "Specify cell0 db creation""Jenkins1-4/+0
2017-01-13Revert "Specify cell0 db creation"Alex Schultz1-4/+0
This reverts commit 4e3b085a59e7af49d1025986fd80796be338f5fd. Change-Id: Id9b3610af7167572b292ba330c3f0aad660fedc4 Related-Bug: #1656276
2017-01-04Merge "DB connection: prevent src address from binding to a VIP"Jenkins1-0/+4
2017-01-03Specify cell0 db creationAlex Schultz1-0/+4
This change pulls the hard coded value out of puppet-tripleo to later allow people to skip the cell0 creation if they want a more complex cell v2 setup for nova. Change-Id: I08119d781ef60750cc19753bc03190e413159925 Related-Bug: #1649341
2017-01-03Merge "Bump template version for all templates to "ocata""Jenkins1-1/+1
2017-01-03DB connection: prevent src address from binding to a VIPDamien Ciabrini1-0/+4
When a service connects to the database VIP from the node hosting this VIP, the resulting TCP socket has a src address which is by default bound to the VIP as well. If the VIP is failed over to another node while the socket's Send-Q is not empty, TCP keepalive won't engage and the service will become unavailable for a very long time (by default more than 10m). To prevent failover issues, DB connections should have the src address of their TCP socket bound to the IP of the network interface used for MySQL traffic. This is achieved by passing a new option to the database connection URIs. This option is available starting from PyMySQL 0.7.9-2. We use a new intermediate variable in hiera to hold the IP to be used as a source address for all DB connections. All services adapt their database URI accordingly. Moreover, a new YAML validation check is added to guarantee that new services will construct their database URI appropriately. Change-Id: Ic69de63acbfb992314ea30a3a9b17c0b5341c035 Closes-Bug: #1643487
2016-12-23Bump template version for all templates to "ocata"Steven Hardy1-1/+1
Heat now supports release name aliases, so we can replace the inconsistent mix of date related versions with one consistent version that aligns with the supported version of heat for this t-h-t branch. This should also help new users who sometimes copy/paste old templates and discover intrinsic functions in the t-h-t docs don't work because their template version is too old. Change-Id: Ib415e7290fea27447460baa280291492df197e54
2016-12-22Pass nova rabbit information to mysqlAlex Schultz1-0/+6
The cell v2 setup requires the transport url for nova. We need to provide mysql with the rabbit connection information so that it can it when setting up the cell information. Change-Id: I43ba77cd4c8da7c6dc117ab0bd53e5cd330dc3de Related-Bug: #1649341
2016-11-30Hiera optimization: use a new hiera hookDan Prince1-1/+1
This patch optimizes how we deploy hiera by using a new heat hook specifically designed to help compose hiera within heat templates. As part of this change: - we update all the 'hiera' software configurations to set the group to hiera instead of os-apply-config. - The new format uses JSON instead of YAML. The hook actually writes out the hiera JSON directly so no conversion takes place. Arrays, Strings, Booleans all stay in their native formats. As such we can avoid having to do many of the awkward string and list conversions in t-h-t to support the previous YAML formatting. - The new hook prefers JSON over YAML so upgrading users will have the new files prefered. (we will post a cleanup routine for the old files soon but this isn't a new behavior, JSON is now simply prefered.) - A lot of services required edits to account for default settings that worked in YAML that no longer work correctly in the native JSON format. In almost all these cases I think the resulting codes looks cleaner and is more explicit with regards to what is getting configured in hiera on the actual nodes. Depends-On: I6a383b1ad4ec29458569763bd3f56fd3f2bd726b Closes-bug: #1596373 Change-Id: Ibe7e2044e200e2c947223286fdf4fd5bcf98c2e1
2016-11-15Nova base cleanups for hiera json hookDan Prince1-43/+51
This patch resolves an issue with nova-base.yaml that prevents it from working with the new heat hiera agent hook (which uses Json instead of Yaml). It updates the service so that we only set the upgrade level if it is not an empty string. Partial-bug: #1596373 Change-Id: I595f2e16c33a6f935c7ca8935fec445d19c7b8f3
2016-09-28Move db::mysql into service_config_settingsDan Prince1-26/+0
This patch movs the various db::mysql hiera settings into a 'mysql' specific service_config_settings section for each service so that these will only get applied on the MySQL service node. This follows a similar puppet-tripleo change where we create the actual databases for all services locally on the MySQL service node to avoid permission issues. Change-Id: Ic0692b1f7aa8409699630ef3924c4be98ca6ffb2 Closes-bug: #1620595 Depends-On: I05cc0afa9373429a3197c194c3e8f784ae96de5f Depends-On: I5e1ef2dc6de6f67d7c509e299855baec371f614d
2016-08-30Mv Nova, Neutron, Horizon out of controller.yamlDan Prince1-2/+2
This patch moves the settings for Nova, Neutron, and Horizon out of controller.yaml. Also fixes the NovaPassword settings in nova-base.yaml so they don't use get_input. Also, creates a new apache.yaml base service to contain shared apache settings for several services which use Apache for WSGI. Co-Authored-By: Giulio Fidente <gfidente@redhat.com> Change-Id: I35d909bd5abc23976b5732a2b9af31cf1448838e Related-bug: #1604414
2016-08-18Add DefaultPasswords to composable servicesDan Prince1-0/+3
This patch adds a new DefaultPasswords parameter to composable services. This is needed to help provide access to top level password resources that overcloud.yaml currently manages (passwords for Rabbit, Mysql, etc.). Moving the RandomString resources into composable services would cause them to regenerate within the stack. With this approach we can leave them where they are while we deprecate the top level mechanism and move the code that uses the passwords into the composable services. Change-Id: I4f21603c58a169a093962594e860933306879e3f
2016-08-18Pass ServiceNetMap to servicesGiulio Fidente1-0/+6
This will be needed to pick the network where the service has to bind to from within the service template. Change-Id: I52652e1ad8c7b360efd2c7af199e35932aaaea8c
2016-08-15Move Nova settings out of puppet/compute.yamlDan Prince1-1/+17
This finishes moving most of the config settings out of compute.yaml for Nova and into the proper nova-* services. Only the bind port/VIP related Nova settings remain now and those will be dealt with in a follow up patch. Change-Id: I1c40e7d54c11dfff2aaa6438c7701e98da17ebe6 Related-Bug: #1604412
2016-08-12Merge "Add parameter for enabling purging configuration files"Jenkins1-0/+7
2016-08-11Convert EndpointMap to not require per-service VIP parametersSteven Hardy1-4/+4
Currently we have a hard-coded set of per-service parameters, which will cause problems for custom roles and full composability. As a first step towards making this more configurable, remove the hard-coded per-service parameters from overcloud.yaml, and adjust the EndpointMap generation to instead accept two mappings, the ServiceNetMap and a mapping of networks to IPs (effectively this just moves the map lookup inside the endpoint map instead of inside overcloud.yaml) Change-Id: Ib522e89c36eed2115a6586dd5a6770907d9b33db Partially-Implements: blueprint custom-roles
2016-08-10Add parameter for enabling purging configuration filesBrent Eagles1-0/+7
This patch adds a parameter, EnableConfigPurge, to the base nova and neutron service files. The value is passed to their respective puppet modules to control whether resources not managed by puppet are purged from the config files. The default value is set to true. Change-Id: I32732dc2ed7a7b3187e8727592cb4add0c6b9cf6 Closes-Bug: #1611800
2016-08-09Move neutron-related options for nova to base profileJuan Antonio Osorio Robles1-0/+7
Change-Id: I21c09b2b0bad7736f3c84c55bf14ef7986c2d108
2016-08-09Move nova's kestone::auth parameters to API profileJuan Antonio Osorio Robles1-1/+0
In the move to composable services, these parameters are not necessary in the controller, but in the profile itself. They are not yet in use but will be used to populate the keystone endpoint. Change-Id: I42e30243b631c10d9454da444afdb50e551bbb2c
2016-08-04Next generation HA architecture workMichele Baldessari1-0/+2
This is the THT part that brings us the next generation architecture as described in the following spec: https://review.openstack.org/#/c/299628/ Blueprint: https://blueprints.launchpad.net/tripleo/+spec/ha-lightweight-architecture So far we tested deployment + tripleo.sh --overcloud-pingtest and failover + tripleo.sh --overcloud-pingtest Note that many of the Pacemaker template files become redundant with this change, but to simplify the process of getting this change landed, those templates will not be removed until a future commit. Depends-On: I5e7585c08675d8a4bd071523b94210d325d79b59 Change-Id: I00bccb2563c006f80baed623b64f1e17af20dd4e Implements: blueprint ha-lightweight-architecture Co-Author: cmsj@tenshu.net
2016-07-29Merge "Convert service_name to underscore syntax"Jenkins1-1/+1
2016-07-28Convert service_name to underscore syntaxSteven Hardy1-1/+1
Currently we use hyphens, e.g cinder-api, but in overcloud.yaml we have a lot of references to services (e.g for AllNodesConfig) by underscore, e.g cinder_api. To enable dynamic generation of this data, we need the service name in underscore format. Change-Id: Ief13dfe5d8d7691dfe2534ad5c39d7eacbcb6f70