Age | Commit message (Collapse) | Author | Files | Lines |
|
Heat API and CFN API both need to have teh keystone::auth*::tenant
parameters configured.
Change-Id: Ibdc3d693f5a63362add3fc71064fc01bb4593403
|
|
In the move to composable services, these parameters are not
necessary in the controller, but in the profile itself. They are not
yet in use but will be used to populate the keystone endpoint.
Change-Id: Ib9b0e474f875a4b2ffbda11c01cb882149997b0c
|
|
In the move to composable services, these parameters are not
necessary in the controller, but in the profile itself. They are not
yet in use but will be used to populate the keystone endpoint.
Change-Id: Ia0866d893c2f3258b0e00efcb8894c7643980173
|
|
|
|
https://review.openstack.org/#/c/318840/ decomposed the Sahara services
but they weren't added to the ControllerServices list, thus are now disabled.
Since we shipped mitaka with sahara enabled by default, we should probably add
them so the behavior is consistent when folks upgrade.
This also fixes a couple of issues we missed when landing the initial service
templates (partly because CI didn't test them).
In order for each service to operate independently when used with Pacemaker,
the roles needed to be separated. This commit also does this.
Depends-On: Id61eb15b1e2366f5b73c6e7d47941651e40651b1
Change-Id: I0846b328e9d938275e373d58f0b99219b19b326c
Closes-Bug: #1592284
Co-Authored-By: Brad P. Crochet <brad@redhat.com>
|
|
|
|
Puppet OpenStack modules are moving to a new class to configure Keystone
authtoken parameters, so we can more easily enable Keystone v3 from a
single interface. It's consistent across all modules and does support
both Keystone v2 and v3 parameters.
This patch updates Cinder now, but more will follow when we'll add
support to all modules.
Change-Id: I5aa3f2b03672c14c0dbeac222f421ab94221ecf7
|
|
Implements: blueprint composable-services-within-roles
Depends-On: Ie48a123cc5bc402aee635a5daf118b158c6f3b6a
Closes-Bug: #1601850
Change-Id: Ifcfe0e3937fa8577635d803d46c3dfc2e873e553
|
|
|
|
These interfaces have all been deprecated by keystone, and we don't
offer any parameter interface to select PKI token format anyway,
so remove these to align with keystone reccomendations.
The keystone.conf.sample says these values may be silently ignored or
removed, so it seems reasonable to do the same here (parameter_defaults
should be ignored from old stacks).
Change-Id: Ic88d584863a98ed49fc335825fbfba7a52b0f14e
Depends-On: I8232262b928c91dcde7bea2f23fa2a7c2660719e
|
|
This patch adds support for conditionally enabling DVR by deploying the
L3 and metadata agents on the compute node and setting the proper
configuration values throughout.
Implements: blueprint neutron-dvr-support
Change-Id: I24099795e76ecd520c990ba49d3511288dec7a12
|
|
This is the THT part that brings us the next generation architecture
as described in the following spec:
https://review.openstack.org/#/c/299628/
Blueprint:
https://blueprints.launchpad.net/tripleo/+spec/ha-lightweight-architecture
So far we tested deployment + tripleo.sh --overcloud-pingtest and
failover + tripleo.sh --overcloud-pingtest
Note that many of the Pacemaker template files become redundant with
this change, but to simplify the process of getting this change landed,
those templates will not be removed until a future commit.
Depends-On: I5e7585c08675d8a4bd071523b94210d325d79b59
Change-Id: I00bccb2563c006f80baed623b64f1e17af20dd4e
Implements: blueprint ha-lightweight-architecture
Co-Author: cmsj@tenshu.net
|
|
|
|
|
|
In a few places we hard-code the config values to regionOne, but
there is a parameter available to set this.
Change-Id: I9f5138103deb45f7432ee44e03a08dcf54c2990d
|
|
Allows the installation and configuration of Manila.
Supports the generic driver only. This has a dependency on the
puppet-tripleo classes for manila where the puppet specific
config now lives.
The review at https://review.openstack.org/#/c/315658/ has been
merge into this one, as of v68, so manila lands as a composable
service. This was brought up on the mailing list at [1]
[1] http://lists.openstack.org/pipermail/openstack-dev/2016-May/096126.html
Co-Authored-By: Marios Andreou <marios@redhat.com>
Implements: blueprint composable-services-within-roles
Depends-On: I444916d60a67bf730bf4089323dba1c1429e2e71
Depends-On: I9eda4b3364e5c59342761a1ec71b0eb567c69cf1
Depends-On: I571b65a5402c1028418476a573ebeb9450ed00c9
Change-Id: I7acebac4354fca1f8d7ff6c343c1346bf29b81c6
|
|
|
|
|
|
The http_proxy_to_wsgi middleware was recently added to glance as
default in the pipeline [1].
We already enable this middleware for nova, cinder and heat.
[1] I481d88020b6e8420ce4b9072dd30ec82fe3fb4f7
Change-Id: I4a8f7fc079ca93c50aa0ef7b0548dc64f6c5cfa0
Depends-On: I51fbc6050dfbdc72f7ee56a2d17dd5223a208a17
|
|
The http_proxy_to_wsgi middleware was recently added to keystone as
default in the pipeline [1]. So this takes it into use instead of the
non-standard option we were using before, which will be deprecated.
We already enable this middleware for nova, cinder and heat.
[1] Iad628a863e55cbf20c89ef23ebc7527ba8e1a835
Depends-On: I0fec98a6e1d9c8be4d8b8df382b78ba2815790f9
Change-Id: I8c1b84adc828a2b8c9ea11c4e2b8349427b1b206
|
|
Part of composable roles work, move hieradata/ceph into the ceph-base
profile directly.
Also add a comment in all hieradata files to stop adding more data and
use composable services.
Change-Id: I97cc22a253b547be6b99312b6072f53b428aae2c
|
|
|
|
|
|
|
|
|
|
Change-Id: I28021f27a5adc8433df8abdadf0b571b20674fa6
Partial-Bug: 1607407
|
|
Currently we use hyphens, e.g cinder-api, but in overcloud.yaml
we have a lot of references to services (e.g for AllNodesConfig)
by underscore, e.g cinder_api. To enable dynamic generation of
this data, we need the service name in underscore format.
Change-Id: Ief13dfe5d8d7691dfe2534ad5c39d7eacbcb6f70
|
|
|
|
Change-Id: Iacd94294b8a66bc082bb2b3e8d3364ec1bf053b8
Depends-On: I16a786ce167c57848551c7245f4344c382c55b3d
|
|
Migrate puppet/hieradata/*.yaml parameters to puppet/services/*.yaml
except for some services that are not composable yet.
Co-Authored-By: Juan Antonio Osorio Robles <jaosorior@redhat.com>
Change-Id: I7e5f8b18ee9aa63a1dffc6facaf88315b07d5fd7
|
|
To enable use of the service_names lists in overcloud.yaml we need
to strip any null/None values or list processing becomes cumbersome.
These happen because we're currently disabling some services via
OS::Heat::None in the resource_registry, it may be possible to remove
when we've got a fully composable approach to generating the
*Services lists.
Change-Id: I8ef53b4279d93850c207c73aab0d75095a2497a2
Partially-Implements: blueprint custom-roles
|
|
|
|
|
|
|
|
|
|
|
|
Change-Id: Ie8d1678e6e32271ff31ea9dd7fcf7ef9e8956b86
|
|
Split out the firewall rules in puppet/hieradata/controller.yaml
into the composable services
Depends-On: Id370362ab57347b75b1ab25afda877885b047263
Change-Id: Icaecab100d3f278035fbbb3facb9bf6c62c76c03
|
|
Removes from the templates the old CephCluster configuration and
deployment which before roles was distributing the shared settings
for the Ceph cluster configuration.
Change-Id: Ia704f5d7add85e52dd477f4bc758aa0a02e4b39b
|
|
This moves the ringbuilder puppet code to puppet-tripleo
and migrates to the composable services format.
Closes-Bug: #1601857
Change-Id: I0ea2230072d3ff61a4047ffff1f4187951370f67
Depends-On: I427f0b5ee93a0870d43419009178e0690ac66bd6
|
|
|
|
|
|
|
|
|
|
Change-Id: I86752248e59a2e98f8ff9b2c5998839f9ade4779
|
|
This patch adds a new service_name section to each composable
service. We now have an explicit unit test check to ensure that
service_name exists in tools/yaml-validate.py.
This patch also wires service_names into hieradata on each
of the roles so that tools can access the deployed services locally
during deployment and upgrades.
Change-Id: I60861c5aa760534db3e314bba16a13b90ea72f0c
|
|
|
|
puppet-neutron takes this variable as boolean. Although it doesn't
change the behavior in master (because the variable is used directly as
config), in mitaka it is used as a conditional and should be properly
fixed.
Also a fix is needed in python-tripleoclient because it is hard coded to
be True there based on number of controllers being greater than 1.
Therefore we shoudl remove that logic from tripleoclient and implement
it in THT. In order to do that the pacemaker version of the variable is
defaulted to true.
Partial-Bug: 1605379
Change-Id: I0b797dbe188382e2dc32506913aaa60a0a21bd68
Signed-off-by: Tim Rozet <trozet@redhat.com>
|
|
In I7d07c57b7276815c72d08acaa86f673e43eb0498 we set this for compute
nodes, but we also need it for controllers. Otherwise when a
controller reboots it may come back up with a different host value,
which seems to break networking for anything that was created before
the reboot. In my case, it changes from the short hostname (without
domain name) to the fqdn. Since we set it to fqdn for the compute
nodes, let's do the same for controllers.
This moves all of the host setting to the base yaml of the nova
and neutron profiles.
Change-Id: Ieb793b9e9fd2dfc98584691412f9991aa99e0b47
Closes-Bug: 1604907
|
|
The ::host parameter expects IPv6 addresses withouth brackets; this
change aligns the remaining services to use MysqlNoBracketsInternal
as it happens already for the others (eg. Keystone).
Change-Id: Ia72d325447408b1cb5fea836034bbcd75d17ddf1
|