Age | Commit message (Collapse) | Author | Files | Lines |
|
If the message broker is using TLS, we enable it for these
notifications.
Change-Id: I4f37e77ae12e9582fab7d326ebd4c70127c5445f
Depends-On: If23d1f0d20264faaddc2e5ad54863483fa43ed41
|
|
|
|
|
|
|
|
|
|
It is not entirely clear to someone writing their
own templates how to distribute hiera keys to different
roles. Let's clear this up with a more extensive description.
Change-Id: I02224389c2de90bc5534bce764e5e9d3bb23538f
|
|
These are currently commented out because we were waiting for
I7612189be49c9c07f64753c1be4b72aa8524d06d to enable these in the
ci upgrades job.
Change-Id: I07bc0c2af0b227416470e23ad42f3a9aae430271
|
|
|
|
|
|
Change-Id: I79169baf4c59e9325355992288de2e9ad8088e3b
|
|
If the service is running then the rpm upgrade will attempt to restart.
Ensuring the service is stopped before upgrade should resolve this.
Change-Id: I4179cb773616721640490d26082eacac45f92dff
Closes-Bug: 1665717
|
|
|
|
Change-Id: I0d7e151a931d02068dea80d7cf57b99736e689e6
|
|
When fixing LP#1643487 we added ?bind_address to all DB URIs.
Since this clashes with Cellsv2 due to the URIs becoming host
dependent, we need a new approach to pass bind_address to pymysql
that leaves the DB URIs host-independent.
In change Iff8bd2d9ee85f7bb1445aa2e1b3cfbff1f397b18 we first create a
/etc/my.cnf.d/tripleo.cnf file with a [tripleo] section with the correct
bind-address option.
In this change we make sure that the DB URIs will point to the added
file and to the specific section containing the necessary bind-address
option. We do introduce a new MySQLClient profile which will hold all
this more client-specific configuration so that this change can fit
better in the composable roles work. Also, in the future it might
contain the necessary configuration for SSL for example.
Note that in case the /etc/my.cnf.d/tripleo.cnf file does not exist
(because it is created via the mysqlclient profile), things keep on
working as usual and the bind-address option simply won't be set, which
has no impact on hosts where there are no VIPs.
Co-Authored-By: Damien Ciabrini <dciabrin@redhat.com>
Change-Id: Ieac33efe38f32e949fd89545eb1cd8e0fe114a12
Related-Bug: #1643487
Closes-Bug: #1663181
Closes-Bug: #1664524
Depends-On: Iff8bd2d9ee85f7bb1445aa2e1b3cfbff1f397b18
|
|
This doesn't exist in newton images, so install it via the
ansible tasks during step3 (when all other packages are updated).
Change-Id: I08fb7855b910ccc5a8ab2d73f1de15b695784abd
Closes-Bug: #1664265
|
|
|
|
|
|
|
|
|
|
|
|
|
|
This patch implements a new docker deployment architecture that
should us to install docker services in a stepwise manner alongside
of baremetal puppet services. This works by using Yaql to select
docker specific services (docker/services/*.yaml) vs the puppet
specific ones and then applying the selected Json to relevant Heat
software deployments for docker and baremetal puppet in a stepwise
fashion.
Additionally the new architecture
leverages new composable services interfaces from Newton to
allow configuration of per-service container configuration
sets (directories that are bind mounted into kolla containers) by
using the Kolla containers themselves. It does this by spinning up
a throw away "configuration only" version of the container being
configured itself, then running the puppet apply in that container and
copying the generated config files into /var/lib/config-data. This
avoids having to install all of the OpenStack dependency packages
in the heat-agent-container itself (our previous approach) and should
allow us to configure a much wider variety of container config files
that would otherwise be impossible with the previous shared approach.
The new approach (combined) should allow us to configure containers in
both the undercloud and overcloud and incrementally add CI coverage to
services as we containerize them.
Co-Authored-By: Martin André <m.andre@redhat.com>
Co-Authored-By: Ian Main <imain@redhat.com>
Co-Authored-By: Flavio Percoco <flavio@redhat.com>
Change-Id: Ibcff99f03e6751fbf3197adefd5d344178b71fc2
|
|
|
|
Co-Authored-By: Mathieu Bultel <mbultel@redhat.com>
Co-Authored-By: Oliver Walsh <owalsh@redhat.com>
Change-Id: Iafad800a6819d7e75fdaab60d328999d3d3c037f
Partially-Implements: blueprint overcloud-upgrades-per-service
Related-Bug: #1662344
|
|
|
|
|
|
This patch adds an additional configuration setting for OVN bridge mappings
Co-authored-by: Numan Siddique <nusiddiq@redhat.com>
Change-Id: I99f2c0c8e633e63273e2469d95fbabbbc665c87c
Depends-On: Ia6d66fa954571328c0ac3542af17303def382c1a
|
|
This patch adds upgrade tasks for sensu-client, fluentd and collectd
Change-Id: I3a8096159664b1934b34f6c79b8afb4a3dc645c8
|
|
Adding a default NTP server by default will
keep all Pacemaker and non-Pacemaker deployments
aligned with the same server by default.
Also useful for keeping time diff controlled for
Keystone and Ceph.
Change-Id: I8a26bae15cbfb83e3abd6b9ef9d12b57467e6258
|
|
As per I1213a83ef8693c1cca1d20de974f7949a801d9f1 this moves to
using KeystoneInternal for the nova-ironic template and updates
some deprecated hiera keys.
Change-Id: Ib1103c00ddb7d6d624f4911147197d8355a3a6dd
|
|
The admin endpoint is listening on the ctlplane network by default;
services should ideally be using the internal api network for this kind
of traffic, as the ctlplane network is mostly for provisioning. On the
other hand, the admin endpoint shouldn't be as relevant with services
switching to keystone v3.
Change-Id: I1213a83ef8693c1cca1d20de974f7949a801d9f1
|
|
|
|
backend."
|
|
|
|
|
|
|
|
Without this the Nova Placement API fails when
isolated from Nova API or when used in a docker
container.
Change-Id: I7d3c823cca1978ae5ad8dc37357e9c5b2ad5bfc5
Depends-On: I7b38ab6ba5cae41689ac500d97dec4d09c73d387
|
|
|
|
Upgrade nova-placement service with Ansible.
Change-Id: I43cac37afbc8b39708389895d9f7350b6bd4bcfd
|
|
These are handle by puppet as usual (puppet run comes after the
ansible steps) so remove them from these remaining upgrade_tasks
Change-Id: Ic341f31251622ccb11a5f7818b2edf7a82391560
|
|
In line with other service we leave the db sync to puppet unless
needed for some workaround/upgrade related reason.
Change-Id: I9ae463cda19ffdd66f9ccbae40e85551841ab938
|
|
Due to the keystoneauth library's defaults, it uses the public interface
currently. This is not desirable in most cases (specially when using
network isolation); so we set it to use the internal one.
Change-Id: Ic222a2b734f4d512349fd8556aa2864b13a1eb07
Depends-On: I1c7fd3a32d04e2fafb3820d1c1f221f45c613c83
Closes-Bug: #1663187
|
|
|
|
Previously the memcached configuration was set to use the defaults which
would be 95% of the avaiable ram in the system. This can lead to memory
contention issues if memcache is heavily utilized. This change reduces
the default to 50% and exposes the ability to tune this configuration.
Change-Id: Ie8a48ff4cf509e93d7c1487813d5feed5e5131a4
Closes-Bug: #1662941
|
|
|
|
... instead of using NovaApiNetwork.
Change-Id: I34043c68c24b05bac98f864bc2ac2fc4743617ab
|
|
Default in puppet-neutron is 'RegionOne', so let's override it with the
right parameter in TripleO.
Change-Id: I3f1693b91178027c8e05288aeba72b7d6bd042be
|
|
|
|
|
|
Since gnocchi db sync for upgrade is made by puppet
we need to remove it from ansible tasks
Change-Id: I4a26513c3e3d0dcf77c007ea865364e38da3a94a
|