summaryrefslogtreecommitdiffstats
path: root/puppet/services
AgeCommit message (Collapse)AuthorFilesLines
2017-03-09Pass hieradata for internal TLS for RabbitMQJuan Antonio Osorio Robles3-46/+119
As with other services, this passes the necessary hieradata to enable TLS for RabbitMQ. This will mean (once we set it via puppet-tripleo) that there will only be TLS connections, as the ssl_only option is being used. bp tls-via-certmonger Change-Id: I960bf747cd5e3040f99b28e2fc5873ca3a7472b5 Depends-On: Ic2a7f877745a0a490ddc9315123bd1180b03c514
2017-03-09Merge "sahara: configure keystone_authtoken parameters"Jenkins1-3/+5
2017-03-08sahara: configure keystone_authtoken parametersEmilien Macchi1-3/+5
Configure keystone_authtoken for Sahara service. Change-Id: I045b7d1d52851ab0d532a8524fcea95705e3db78 Partial-implement: blueprint keystone-v3
2017-03-08barbican: Use versionless keystone endpointsJuan Antonio Osorio Robles1-3/+3
This also moves the explicit usages of the Keystone V3 endpoint fromt he EndpointMap, as using the uri_no_suffix defeats that usage. Change-Id: I5f07a0cee07fa28b88c419e25e014094004b1bce Partial-Implement: blueprint keystone-v3
2017-03-07sshd template, rename hiera keySteven Hardy1-1/+1
This means we can remove the special BannerText hiera reference in the puppet-tripleo profile Change-Id: Id4c8b853fa0e9bcdffe2cf7cd1554a9be7451b25
2017-03-07Merge "Add docker composable service template"Jenkins1-0/+43
2017-03-07Merge "Adds upgrade tasks for OpenDaylight services"Jenkins2-0/+37
2017-03-06Merge "Cinder-api upgrade: use httpd instead of apachectl"Jenkins1-1/+1
2017-03-06Add docker composable service templateSteven Hardy1-0/+43
This uses a puppet-tripleo profile to configure and start docker in step1 of the deployment, which is before we attempt to deploy any containers (see docker/services/README.rst#docker-steps) This enables existing environments on upgrade to configure things correctly, without using the docker/firstboot/setup_docker_host.sh - the firstboot approach may still be needed for atomic, but for environments where we can run puppet on the host this integrates more cleanly with our existing architecture I think. Depends-On: Id8add1e8a0ecaedb7d8a7dc9ba3747c1ac3b8eea Change-Id: If4ffe21579bcb2770f4e5a96be7960b52927a27b
2017-03-06Merge "Make neutron dhcp agents per network conditional"Jenkins1-16/+23
2017-03-06Cinder-api upgrade: use httpd instead of apachectlJuan Antonio Osorio Robles1-1/+1
It doesn't work downstream, so the httpd command was recommended. Change-Id: I4807333b80dad10f16e5deb56cbfdda656cd1e50
2017-03-06Merge "ec2-api: Get FQDN from hiera instead of puppet fact"Jenkins1-2/+2
2017-03-04Merge "etcd: Get FQDN from hiera instead of puppet fact"Jenkins1-1/+1
2017-03-03etcd: Get FQDN from hiera instead of puppet factJuan Antonio Osorio Robles1-1/+1
The puppet facts will be removed soon and using the hiera value is adviced instead. Change-Id: I318f81abaac997370e950780993dc95cae088327
2017-03-03ec2-api: Get FQDN from hiera instead of puppet factJuan Antonio Osorio Robles1-2/+2
The puppet facts will be removed soon and using the hiera value is adviced instead. Change-Id: I3ba89dd9bd471c5723325efc9041ca6da937ccc5
2017-03-02Fix Panko API upgrade processEmilien Macchi1-1/+5
Upgrade process wasn't consistent and correct. Change-Id: Id1f810d33c2909957be9a2c96d18c96dee939953
2017-03-02Merge "Add upgrade task for panko api"Jenkins1-5/+14
2017-03-02Merge "Upgrades: fix up the rabbitmq HA mode like in new ocata deployments"Jenkins1-0/+29
2017-03-02Add upgrade task for panko apiPradeep Kilambi1-5/+14
Change-Id: Icc5fbf99301ae47344e1582767e1e7a4687f491b
2017-03-02Upgrades: fix up the rabbitmq HA mode like in new ocata deploymentsMichele Baldessari1-0/+29
In ocata we changed the rabbitmq ha policy to "ha-exactly" via the following changes: - tht: Iace6daf27a76cb8ef1050ada0de7ff1f530916c6 - puppet-tripleo: Ib62001c03e1e08f58cf0c6e0ba07a8879a584084 We took care of the upgrade path via I3a97505d2ae1ae27f3080ffe74c33fdabffd2420 With the move to the ansible-based composable upgrades we left this change out. And now an upgraded environment has the following policy: - Upgraded environment Attributes: set_policy="ha-all ^(?!amq\.).* {"ha-mode":"all"}" - New environment Attributes: set_policy="ha-all ^(?!amq\.).* {"ha-mode":"exactly","ha-params":2}" We need to add this pcs resource change to the our upgrade scripts. Change-Id: I3c4113c207e9d0c45be43df7c2379ac26cb60692 Closes-Bug: #1668600
2017-03-01Adds upgrade tasks for OpenDaylight servicesTim Rozet2-0/+37
Change-Id: I740b20b12acb3740886409bff86c4989f0a066f4 Signed-off-by: Tim Rozet <trozet@redhat.com>
2017-03-01Add mistral service support for composable upgradesSteven Hardy3-0/+57
Change-Id: I189edaf69c0e97a3399e6af939595f98322d7c03 Partially-Implements: blueprint overcloud-upgrades-per-service
2017-03-01upgrades/validation: only run validation when services existEmilien Macchi36-5/+270
During upgrades, validation test if a service is running before the upgrade process starts. In some cases, servies doesn't exist yet so we don't want to run the validation. This patch makes sure we check if the service is actually present on the system before validating it's running correctly. Also it makes sure that services are enabled before trying to stop them. It allows use-cases where we want to add new services during an upgrade. Also install new packages of services added in Ocata, so we can validate upgrades on scenarios jobs. Change-Id: Ib48fb6b1557be43956557cbde4cbe26b53a50bd8
2017-03-01Merge "Adding keystone parameters for Tacker"Jenkins1-3/+11
2017-03-01Merge "Add etcd composable upgrade steps"Jenkins1-0/+15
2017-03-01Merge "Put service stop at step1 and quiesce at step2."Jenkins49-55/+68
2017-03-01Merge "upgrades: fix ec2api conditional"Jenkins1-2/+2
2017-03-01Merge "mysqlclient: Use actual parameter in puppet to set bind-address"Jenkins1-1/+1
2017-03-01Merge "Adding keystone parameters for Congress"Jenkins1-3/+11
2017-02-28Put service stop at step1 and quiesce at step2.Sofer Athlan-Guyot49-55/+68
In the previous release[1], the services were stopped before the pacemaker services, so that they get a chance to send last message to the database/rabbitmq queue: Let's do the upgrade in the same order. [1] https://github.com/openstack/tripleo-heat-templates/blob/stable/newton/extraconfig/tasks/major_upgrade_controller_pacemaker_2.sh#L13-L71 Change-Id: I1c4045e8b9167396c9dfa4da99973102f1af1218
2017-02-28upgrades: fix ec2api conditionalEmilien Macchi1-2/+2
Rename ec2-api_enabled to ec2_api_enabled so we avoid this error: The conditional check 'ec2-api_enabled.rc == 0' failed. The error was: error while evaluating conditional (ec2-api_enabled.rc == 0): 'api_enabled' is undefined"} Change-Id: Id325fd7eba397155eac7fb6c7410f88486173ba1
2017-02-28Merge "Switch central and compute templates to use polling agent"Jenkins2-2/+4
2017-02-28Adding keystone parameters for TackerDan Radez1-3/+11
Change-Id: I256d2fcb6353d029750113c1fec59a89c82583ca
2017-02-28Make neutron dhcp agents per network conditionalBrent Eagles1-16/+23
While the heat templates specify a default value of 3, it rarely seems to have an effect as the tripleoclient is setting this according to the controller scale. This was fine before composable roles, but it is now invalid. While the client needs to be modified to no longer set this according to controller scale, the template should default to a sentinel value that will allow the puppet code to determine the proper value by the number of hosts that have the neutron dhcp agent deployed on them. Depends-On: I5533e42c5ba9f72cc70d80489a07e30ee2341198 Partial-bug: #1632721 Change-Id: I06628764c4769d91bbc42efe1c722702d6574d02
2017-02-28Merge "Add auditd upgrate steps"Jenkins1-0/+15
2017-02-28Merge "Add zaqar service for composable upgrade"Jenkins1-0/+15
2017-02-28Merge "Add upgrade support for Horizon"Jenkins1-0/+16
2017-02-28Merge "Add support for upgrading ec2-api"Jenkins1-0/+16
2017-02-28Adding keystone parameters for CongressDan Radez1-3/+11
Change-Id: Ic50aee9e635f62f06fa757fa3d88d9d8c5b28fcb
2017-02-28Merge "Configure SSL connection for MySQL client via client config file"Jenkins1-0/+4
2017-02-28mysqlclient: Use actual parameter in puppet to set bind-addressJuan Antonio Osorio Robles1-1/+1
It was using a hiera key, and fetching that from a hiera call in the puppet manfiest. But we can remove that if we set it via hiera from t-h-t. Change-Id: I5af5ccb88e644f4dd25503d8e7a93796695d3039
2017-02-28Merge "Deploy versionless keystone endpoints (for keystone only)"Jenkins1-0/+1
2017-02-28Add zaqar service for composable upgradeCarlos Camacho1-0/+15
Change-Id: I316e14317e0586e895dcb4e084aa54e7665f6a20
2017-02-28Add support for upgrading ec2-apiCarlos Camacho1-0/+16
Change-Id: I2703dd1a7e3eefa0ad6f7b74183101de6c1ad915
2017-02-28Add etcd composable upgrade stepsCarlos Camacho1-0/+15
Adding etcd upgrade tasks Change-Id: Ie891a1a03585b3aec1ed30c176b5fb6b67d7e4b7
2017-02-28Add auditd upgrate stepsCarlos Camacho1-0/+15
Add base upgrade steps for auditd Change-Id: Iaa56eb40ed80d20744cf8bab18504d700466d26e
2017-02-28Add upgrade support for HorizonEmilien Macchi1-0/+16
Change-Id: I91c3c93c1571288daa78b6d24b0aa9824a2bb5c4
2017-02-28Configure SSL connection for MySQL client via client config fileJuan Antonio Osorio Robles1-0/+4
This uses the mysql client configuration file to configure if SSL should be used for the connection if SSL in the internal network is enabled. Change-Id: Ifd1a06e0749a05a65f6314255843f572d2209067
2017-02-27Merge "Add VPP composable service"Jenkins1-0/+47
2017-02-27Merge "Make heat max_json_body_size configurable"Jenkins1-0/+5