summaryrefslogtreecommitdiffstats
path: root/puppet/services
AgeCommit message (Collapse)AuthorFilesLines
2017-03-02Upgrades: fix up the rabbitmq HA mode like in new ocata deploymentsMichele Baldessari1-0/+29
In ocata we changed the rabbitmq ha policy to "ha-exactly" via the following changes: - tht: Iace6daf27a76cb8ef1050ada0de7ff1f530916c6 - puppet-tripleo: Ib62001c03e1e08f58cf0c6e0ba07a8879a584084 We took care of the upgrade path via I3a97505d2ae1ae27f3080ffe74c33fdabffd2420 With the move to the ansible-based composable upgrades we left this change out. And now an upgraded environment has the following policy: - Upgraded environment Attributes: set_policy="ha-all ^(?!amq\.).* {"ha-mode":"all"}" - New environment Attributes: set_policy="ha-all ^(?!amq\.).* {"ha-mode":"exactly","ha-params":2}" We need to add this pcs resource change to the our upgrade scripts. Change-Id: I3c4113c207e9d0c45be43df7c2379ac26cb60692 Closes-Bug: #1668600
2017-03-01Merge "Adding keystone parameters for Tacker"Jenkins1-3/+11
2017-03-01Merge "Add etcd composable upgrade steps"Jenkins1-0/+15
2017-03-01Merge "Put service stop at step1 and quiesce at step2."Jenkins49-55/+68
2017-03-01Merge "upgrades: fix ec2api conditional"Jenkins1-2/+2
2017-03-01Merge "mysqlclient: Use actual parameter in puppet to set bind-address"Jenkins1-1/+1
2017-03-01Merge "Adding keystone parameters for Congress"Jenkins1-3/+11
2017-02-28Put service stop at step1 and quiesce at step2.Sofer Athlan-Guyot49-55/+68
In the previous release[1], the services were stopped before the pacemaker services, so that they get a chance to send last message to the database/rabbitmq queue: Let's do the upgrade in the same order. [1] https://github.com/openstack/tripleo-heat-templates/blob/stable/newton/extraconfig/tasks/major_upgrade_controller_pacemaker_2.sh#L13-L71 Change-Id: I1c4045e8b9167396c9dfa4da99973102f1af1218
2017-02-28upgrades: fix ec2api conditionalEmilien Macchi1-2/+2
Rename ec2-api_enabled to ec2_api_enabled so we avoid this error: The conditional check 'ec2-api_enabled.rc == 0' failed. The error was: error while evaluating conditional (ec2-api_enabled.rc == 0): 'api_enabled' is undefined"} Change-Id: Id325fd7eba397155eac7fb6c7410f88486173ba1
2017-02-28Merge "Switch central and compute templates to use polling agent"Jenkins2-2/+4
2017-02-28Adding keystone parameters for TackerDan Radez1-3/+11
Change-Id: I256d2fcb6353d029750113c1fec59a89c82583ca
2017-02-28Merge "Add auditd upgrate steps"Jenkins1-0/+15
2017-02-28Merge "Add zaqar service for composable upgrade"Jenkins1-0/+15
2017-02-28Merge "Add upgrade support for Horizon"Jenkins1-0/+16
2017-02-28Merge "Add support for upgrading ec2-api"Jenkins1-0/+16
2017-02-28Adding keystone parameters for CongressDan Radez1-3/+11
Change-Id: Ic50aee9e635f62f06fa757fa3d88d9d8c5b28fcb
2017-02-28Merge "Configure SSL connection for MySQL client via client config file"Jenkins1-0/+4
2017-02-28mysqlclient: Use actual parameter in puppet to set bind-addressJuan Antonio Osorio Robles1-1/+1
It was using a hiera key, and fetching that from a hiera call in the puppet manfiest. But we can remove that if we set it via hiera from t-h-t. Change-Id: I5af5ccb88e644f4dd25503d8e7a93796695d3039
2017-02-28Merge "Deploy versionless keystone endpoints (for keystone only)"Jenkins1-0/+1
2017-02-28Add zaqar service for composable upgradeCarlos Camacho1-0/+15
Change-Id: I316e14317e0586e895dcb4e084aa54e7665f6a20
2017-02-28Add support for upgrading ec2-apiCarlos Camacho1-0/+16
Change-Id: I2703dd1a7e3eefa0ad6f7b74183101de6c1ad915
2017-02-28Add etcd composable upgrade stepsCarlos Camacho1-0/+15
Adding etcd upgrade tasks Change-Id: Ie891a1a03585b3aec1ed30c176b5fb6b67d7e4b7
2017-02-28Add auditd upgrate stepsCarlos Camacho1-0/+15
Add base upgrade steps for auditd Change-Id: Iaa56eb40ed80d20744cf8bab18504d700466d26e
2017-02-28Add upgrade support for HorizonEmilien Macchi1-0/+16
Change-Id: I91c3c93c1571288daa78b6d24b0aa9824a2bb5c4
2017-02-28Configure SSL connection for MySQL client via client config fileJuan Antonio Osorio Robles1-0/+4
This uses the mysql client configuration file to configure if SSL should be used for the connection if SSL in the internal network is enabled. Change-Id: Ifd1a06e0749a05a65f6314255843f572d2209067
2017-02-27Merge "Add VPP composable service"Jenkins1-0/+47
2017-02-27Merge "Make heat max_json_body_size configurable"Jenkins1-0/+5
2017-02-27Deploy versionless keystone endpoints (for keystone only)Juan Antonio Osorio Robles1-0/+1
The default is to deploy v2.0 endpoints, but this is not the recommended approach. we should instead be using versionless endpoints Change-Id: Icbfae1c2ff2b7312646fd8e817dd8209220a0d96 Related-Bug: #1667679
2017-02-27Merge "Add OpenDaylightConnectionProtocol parameter to opendaylight-api service"Jenkins1-0/+5
2017-02-27Merge "Update the Nova Endpoint information for Cinder"Jenkins1-1/+2
2017-02-26Add VPP composable serviceFeng Pan1-0/+47
Vector Packet Processing (VPP) is a high performance packet processing stack that runs in user space in Linux. VPP is used as an alternative to kernel networking stack for accelerated network data path. This patch adds VPP as a composable service. Note that NIC binding related configs for VPP are handled in os-net-config. Depends-on: I70a68a204a8b9d533fc2fa4fc33c39c3b1c366bf Change-Id: I5e4b1903dc87cb16259eeb05db585678acadbc6b Implements: blueprint fdio-integration-tripleo
2017-02-25Install openstack-panko-api on upgradeMarius Cornea1-0/+6
This doesn't exist in newton images, so install it via the ansible tasks during step3 (when all other packages are updated). Change-Id: I700a711473d10a50fad6b1797453a74c0cdff54b Closes-Bug: 1667965
2017-02-25Switch central and compute templates to use polling agentPradeep Kilambi2-2/+4
Ceilometer central and compute agent classes are deprecated. Instead polling agent should be used with relevant namespaces. Change-Id: Ida247fe29500ff02b76602c785a3f42fa4291227 Depends-On: I1ee50124bf8936e12414f984e1bcd4545d92e953
2017-02-24Merge "Upgrade nova-api/scheduler/conductor packages at step3 not step2."Jenkins4-11/+4
2017-02-24Merge "Add checks in ansible upgrade tasks for CephMon and CephOSD"Jenkins3-19/+78
2017-02-24Upgrade nova-api/scheduler/conductor packages at step3 not step2.Sofer Athlan-Guyot4-11/+4
The nova-api, nova-scheduler nova-conductor packages are updated during step2. The package upgrade trigger a restart of the service which fails and is constantly retried by systemd: Feb 24 12:34:24 centos-7-2-node-rax-iad-7463943-440549 systemd[1]: Failed to start OpenStack Nova Scheduler Server. Feb 24 12:34:24 centos-7-2-node-rax-iad-7463943-440549 systemd[1]: Unit openstack-nova-scheduler.service entered failed state. Feb 24 12:34:24 centos-7-2-node-rax-iad-7463943-440549 systemd[1]: openstack-nova-scheduler.service failed. Feb 24 12:34:24 centos-7-2-node-rax-iad-7463943-440549 systemd[1]: openstack-nova-scheduler.service holdoff time over, scheduling restart. We eventually reach timeout. We use https://github.com/openstack/tripleo-heat-templates/blob/master/puppet/services/tripleo-packages.yaml#L44-L46 to upgrade existing packages. Add a note to the README.rst to make people aware of the general upgrade done at step3 and limit its usage to new package for individual service. Change-Id: I13b51bcfe0c98034944613f7e1c3f0168cd4de76 Closes-Bug: #1667728
2017-02-24Make heat max_json_body_size configurableDan Prince1-0/+5
We need to bump this a bit for the overcloud containers jobs. This patch makes it configurable and increases the size for the undercloud. Related-bug: #1667697 Change-Id: I79319f051747b381f5fa36f8a7fc7f31020bc245
2017-02-24Merge "Enable TLS for swift-proxy's ceilometer notifications"Jenkins1-0/+1
2017-02-23Merge "Remove forgotten sahara dbsync from step5 upgrades tasks"Jenkins1-3/+0
2017-02-23Merge "Adding the ip_conntrack_proto_sctp kernel module"Jenkins1-0/+1
2017-02-23Merge "Increase ansible-pacemaker default service start timeout"Jenkins1-1/+1
2017-02-23Enable TLS for swift-proxy's ceilometer notificationsJuan Antonio Osorio Robles1-0/+1
If the message broker is using TLS, we enable it for these notifications. Change-Id: I4f37e77ae12e9582fab7d326ebd4c70127c5445f Depends-On: If23d1f0d20264faaddc2e5ad54863483fa43ed41
2017-02-23Increase ansible-pacemaker default service start timeoutmarios1-1/+1
We are passing 200 but in some environments this has been seen to expire by a few seconds. Change-Id: I5c2270559339ea9ee0043b7a2e519e26d4d9d78a Closes-Bug: 1666604
2017-02-23Remove forgotten sahara dbsync from step5 upgrades tasksmarios1-3/+0
I suspect this was forgotten from the initial commits where we were doing the dbsync in ansible Change-Id: Ie337bfba4e61cf3d546d0b79b611b84211ac9d9d
2017-02-23Merge "neutron: don't set external_network_bridge option by default"Jenkins2-10/+28
2017-02-23Adding the ip_conntrack_proto_sctp kernel moduleItzik Brown1-0/+1
When using conntrack there is a need to load the ip_conntrack_proto_sctp module for SCTP to work. Closes-bug: 1664192 Change-Id: Ic58f5327401c3ab2215acd8b9ce699f555e8c5e4
2017-02-22Update the Nova Endpoint information for CinderRhys Oxenham1-1/+2
This patch updates the Cinder service to reference the correct catalogue entries for Nova as configured by TripleO. The default settings as set by TripleO do not match our catalogue entries, and when Cinder attempts to callback to Nova in certain events (such as a Cinder volume retype) it can raise an EndpointNotFound error. Out of the box we have settings in /etc/cinder/cinder.conf like: nova_catalog_info = compute:Compute Service:internalURL With the format as "<service_type>:<service_name>:<endpoint_type>" Yet our catalogue has no mention of 'Compute Service'. This patch also fixes the reference for the adminURL also. Change-Id: I888ee07ef02d82578867e33608901c06e6478472 Co-Authored-By: Greg Charot <gcharot@redhat.com>
2017-02-22Merge "Configure authtoken in nova-placement api service"Jenkins1-0/+4
2017-02-22Merge "Add step0,validation checks for heat services"Jenkins4-4/+4
2017-02-22Merge "Adding upgrade steps to congress service"Jenkins1-0/+8