aboutsummaryrefslogtreecommitdiffstats
path: root/puppet/services
AgeCommit message (Collapse)AuthorFilesLines
2017-03-27Fix usage of CinderNfsServersChristian Schwede1-5/+1
This feature stopped working somewhere along the lines. In the past it was working with parameter_defaults like this: CinderNfsServers: '10.0.0.254:/srv/nfs/cinder' or CinderNfsServers: "[fd00:fd00:fd00:3000::1]:/srv/nfs/cinder" The problem was that the templating escaped these strings, and puppet-tripleo didn't receive a proper array, but a string. This patch fixes this. It accepts strings as above as well as comma-delimited lists of Nfs Servers. Closes-Bug: 1671153 Change-Id: I89439c1d969e92cb8e0503de561e22409deafdfc (cherry picked from commit 9445b0e0972696e7de1c0a702f456571d12fa964)
2017-03-27Merge "etcd: secure EtcdInitialClusterToken parameter" into stable/ocataJenkins1-1/+1
2017-03-26Merge "Deploy versionless keystone endpoints (for keystone only)" into ↵Jenkins1-0/+1
stable/ocata
2017-03-26Fixes missing firewall rules for neutron_ovs_dpdk_agent serviceTim Rozet1-1/+4
Firewall config was being inherited by the dpdk service, however since the firewall service name was the parent (neutron_ovs_agent) and technically that service was not enabled - the rules were never applied. This modifies the service name as it is inherited using map_replace. Closes-Bug: 1674689 Change-Id: I6676205b8fc1fd578cb2435ad97fe577a9e81d95 Signed-off-by: Tim Rozet <trozet@redhat.com> (cherry picked from commit 48a38a19347a18d4d35fb22de82136359aae5cb7)
2017-03-26Enables increasing mariadb open files for noha deploymentsTim Rozet1-0/+6
There is currently an issue where the max open files limit is hit with MariaDB in noha deployments, because it is defaulted to 1024 by system limits. In HA deployments the limit is bumped to 16384. This patch introduces a flag to be able to increase the limit to 16384 for noHA deployments. In the future we should change this to be an integer, and let the operator decide the setting. Since this setting is set in a different path for HA, we would need to implement a change that allows setting both (ha and nonha) via the same integer param. Depends-On: Ia0907b2ab6062a93fb9363e39c86535a490fbaf6 Closes-Bug: #1648181 Related-Bug: #1524809 Change-Id: I95393fc798b833a8575afbff03ef74a839565c5e Signed-off-by: Tim Rozet <trozet@redhat.com> (cherry picked from commit 900ddfb27f0dd2afd8345d89a78b624f647b255d)
2017-03-25Merge "Explicitly configure credentials used by ironic to access other ↵Jenkins1-4/+39
services" into stable/ocata
2017-03-25Fixes OpenDaylightProviderMappings hiera parsingTim Rozet1-5/+1
The str_replace conversion used previously is no longer needed and breaks the hieradata value. Closes-Bug: 1675426 Change-Id: I7a052d1757efe36daf6ed47e55598ca3c2ee9055 Signed-off-by: Tim Rozet <trozet@redhat.com> (cherry picked from commit ae10ae4a5a21bb58c183aa50f237ffa2d6f14280)
2017-03-22etcd: secure EtcdInitialClusterToken parameterEmilien Macchi1-1/+1
Secure EtcdInitialClusterToken parameter by: * removing the default value. * make it hidden. Change-Id: I938af697f9faaadb9c9aeb950e9410db24b1b961 Depends-On: I6e30cce469736e84a3c483fafa29d542b8347ba9 Closes-Bug: #1673266 (cherry picked from commit 55d17ca118d27f16b57424774265f5b3db7b7b52)
2017-03-22Deploy versionless keystone endpoints (for keystone only)Juan Antonio Osorio Robles1-0/+1
The default is to deploy v2.0 endpoints, but this is not the recommended approach. we should instead be using versionless endpoints Change-Id: Icbfae1c2ff2b7312646fd8e817dd8209220a0d96 Related-Bug: #1667679 (cherry picked from commit 40a50031f37df0f0cde53e3f3c15ffe407fbdcbd)
2017-03-21Explicitly configure credentials used by ironic to access other servicesDmitry Tantsur1-4/+39
Using keystone_authtoken credentials for this purpose is deprecated, and also prevents ironic-conductor from being used as a separate role. Also remove neutron_url, it can be fetched from the catalog instead. Change-Id: I12822568cb4db31808aec5fd407d71fe4b7b09e0 Depends-On: I21180678bec911f1be36e3b174bae81af042938c Partial-Bug: #1661250 (cherry picked from commit 91d7d8c46858d42e6cf2354a3be6af6c5bb9c02e)
2017-03-16Upgrades: wait for galera to be settledMichele Baldessari1-2/+4
We also need to wait for the galera resource to settle down before we proceed starting up with the other services. Note that before merging this, we need to land the following change in ansible-pacemaker: https://review.gerrithub.io/#/c/351387/ D-O is needed for upgrades to work against stable/* branches. Depends-On: I712abe71f97c22ee3d55d9db2f641096f8a7350c Change-Id: Id71c9cb41cfd4c17685c922db2683e28ab7588fd Closes-Bug: #1668372 (cherry picked from commit 841d30549bd27a8b5669955196e14085025dafad)
2017-03-08Adds upgrade tasks for OpenDaylight servicesTim Rozet2-0/+37
Change-Id: I740b20b12acb3740886409bff86c4989f0a066f4 Signed-off-by: Tim Rozet <trozet@redhat.com> (cherry picked from commit 20d7901ab24e93e0224cc1c8b0cde3eb80122818)
2017-03-06Make neutron dhcp agents per network conditionalBrent Eagles1-16/+23
While the heat templates specify a default value of 3, it rarely seems to have an effect as the tripleoclient is setting this according to the controller scale. This was fine before composable roles, but it is now invalid. While the client needs to be modified to no longer set this according to controller scale, the template should default to a sentinel value that will allow the puppet code to determine the proper value by the number of hosts that have the neutron dhcp agent deployed on them. Depends-On: I5533e42c5ba9f72cc70d80489a07e30ee2341198 Partial-bug: #1632721 Change-Id: I06628764c4769d91bbc42efe1c722702d6574d02 (cherry picked from commit 3c5345fc75da1e289929ef5caf08a0f75f904bb4)
2017-03-04Merge "Adding keystone parameters for Congress" into stable/ocataJenkins1-3/+11
2017-03-03Merge "Fix Panko API upgrade process" into stable/ocataJenkins1-1/+5
2017-03-03Merge "Add upgrade task for panko api" into stable/ocataJenkins1-5/+14
2017-03-03Fix Panko API upgrade processEmilien Macchi1-1/+5
Upgrade process wasn't consistent and correct. Change-Id: Id1f810d33c2909957be9a2c96d18c96dee939953 (cherry picked from commit 480baa3ce1c344b3279d5fe3292238c996bc856f)
2017-03-03Install nova-placement package on upgradeSteven Hardy1-0/+5
This doesn't exist in newton images, so install it via the ansible tasks during step3 (when all other packages are updated). Change-Id: I08fb7855b910ccc5a8ab2d73f1de15b695784abd Closes-Bug: #1664265 (cherry picked from commit e6ed8a75eb8bebd22eef469bedeea7beae28037d)
2017-03-03Add upgrade task for panko apiPradeep Kilambi1-5/+14
Change-Id: Icc5fbf99301ae47344e1582767e1e7a4687f491b (cherry picked from commit 7273a3de0296f6f75d4d549f72645ca916d967de)
2017-03-02Merge "upgrades/validation: only run validation when services exist" into ↵Jenkins36-5/+270
stable/ocata
2017-03-02Merge "Add mistral service support for composable upgrades" into stable/ocataJenkins3-0/+57
2017-03-02Upgrades: fix up the rabbitmq HA mode like in new ocata deploymentsMichele Baldessari1-0/+29
In ocata we changed the rabbitmq ha policy to "ha-exactly" via the following changes: - tht: Iace6daf27a76cb8ef1050ada0de7ff1f530916c6 - puppet-tripleo: Ib62001c03e1e08f58cf0c6e0ba07a8879a584084 We took care of the upgrade path via I3a97505d2ae1ae27f3080ffe74c33fdabffd2420 With the move to the ansible-based composable upgrades we left this change out. And now an upgraded environment has the following policy: - Upgraded environment Attributes: set_policy="ha-all ^(?!amq\.).* {"ha-mode":"all"}" - New environment Attributes: set_policy="ha-all ^(?!amq\.).* {"ha-mode":"exactly","ha-params":2}" We need to add this pcs resource change to the our upgrade scripts. Change-Id: I3c4113c207e9d0c45be43df7c2379ac26cb60692 Closes-Bug: #1668600 (cherry picked from commit 41514d0cd603194fecb327f96995c60a9fe6e67a)
2017-03-02Add mistral service support for composable upgradesSteven Hardy3-0/+57
Change-Id: I189edaf69c0e97a3399e6af939595f98322d7c03 Partially-Implements: blueprint overcloud-upgrades-per-service (cherry picked from commit dedef90750827fd7b413eac32223f929c8ac5555)
2017-03-02upgrades/validation: only run validation when services existEmilien Macchi36-5/+270
During upgrades, validation test if a service is running before the upgrade process starts. In some cases, servies doesn't exist yet so we don't want to run the validation. This patch makes sure we check if the service is actually present on the system before validating it's running correctly. Also it makes sure that services are enabled before trying to stop them. It allows use-cases where we want to add new services during an upgrade. Also install new packages of services added in Ocata, so we can validate upgrades on scenarios jobs. Change-Id: Ib48fb6b1557be43956557cbde4cbe26b53a50bd8 (cherry picked from commit 7c84a9b390c469e716e5802eef078d2df3902c6a)
2017-03-02Merge "neutron: don't set external_network_bridge option by default" into ↵Jenkins2-10/+28
stable/ocata
2017-03-02Merge "Put service stop at step1 and quiesce at step2." into stable/ocataJenkins49-55/+68
2017-03-01Merge "Add etcd composable upgrade steps" into stable/ocataJenkins1-0/+15
2017-03-01Put service stop at step1 and quiesce at step2.Sofer Athlan-Guyot49-55/+68
In the previous release[1], the services were stopped before the pacemaker services, so that they get a chance to send last message to the database/rabbitmq queue: Let's do the upgrade in the same order. [1] https://github.com/openstack/tripleo-heat-templates/blob/stable/newton/extraconfig/tasks/major_upgrade_controller_pacemaker_2.sh#L13-L71 Change-Id: I1c4045e8b9167396c9dfa4da99973102f1af1218 (cherry picked from commit fb7821378242e595184a38e1e0cb7e9978c0f806)
2017-03-01Merge "Adding upgrade_tasks to tacker" into stable/ocataJenkins1-0/+7
2017-03-01Merge "Adding upgrade steps to congress service" into stable/ocataJenkins1-0/+8
2017-03-01Merge "Add upgrade support for Horizon" into stable/ocataJenkins1-0/+16
2017-03-01Merge "Add zaqar service for composable upgrade" into stable/ocataJenkins1-0/+15
2017-03-01Adding upgrade_tasks to tackerDan Radez1-0/+7
Change-Id: I0d7e151a931d02068dea80d7cf57b99736e689e6 (cherry picked from commit 077c2eeb40bf1e9d5ad011c4c6036614d03886b6)
2017-03-01Adding upgrade steps to congress serviceDan Radez1-0/+8
Change-Id: I79169baf4c59e9325355992288de2e9ad8088e3b (cherry picked from commit bbe274862de5bfb317b9d44684556cb200c17f08)
2017-03-01Add upgrade support for HorizonEmilien Macchi1-0/+16
Change-Id: I91c3c93c1571288daa78b6d24b0aa9824a2bb5c4 (cherry picked from commit db02313b2869aac0d0ddd41129eb9bebed1a24ad)
2017-03-01Add etcd composable upgrade stepsCarlos Camacho1-0/+15
Adding etcd upgrade tasks Change-Id: Ie891a1a03585b3aec1ed30c176b5fb6b67d7e4b7 (cherry picked from commit 489761e848ad4be0eb67bc405968ef2870b81f05)
2017-03-01Merge "upgrades: fix ec2api conditional" into stable/ocataJenkins1-2/+2
2017-03-01Merge "Add support for upgrading ec2-api" into stable/ocataJenkins1-0/+16
2017-03-01Merge "Add auditd upgrate steps" into stable/ocataJenkins1-0/+15
2017-02-28upgrades: fix ec2api conditionalEmilien Macchi1-2/+2
Rename ec2-api_enabled to ec2_api_enabled so we avoid this error: The conditional check 'ec2-api_enabled.rc == 0' failed. The error was: error while evaluating conditional (ec2-api_enabled.rc == 0): 'api_enabled' is undefined"} Change-Id: Id325fd7eba397155eac7fb6c7410f88486173ba1 (cherry picked from commit d54532679edce04a5bdc3159489b77baf90b14ca)
2017-03-01Adding keystone parameters for CongressDan Radez1-3/+11
Change-Id: Ic50aee9e635f62f06fa757fa3d88d9d8c5b28fcb (cherry picked from commit 242fd3072dd31effa4305567163469ec83e7a532)
2017-02-28Adding keystone parameters for TackerDan Radez1-3/+11
Change-Id: I256d2fcb6353d029750113c1fec59a89c82583ca (cherry picked from commit a9c64bd39d28cc073a7f2d19a17466d29be6cc0f)
2017-02-28Add auditd upgrate stepsCarlos Camacho1-0/+15
Add base upgrade steps for auditd Change-Id: Iaa56eb40ed80d20744cf8bab18504d700466d26e (cherry picked from commit 5838d6f765a1ca9535b5d57c1299439040a5def2)
2017-02-28Add zaqar service for composable upgradeCarlos Camacho1-0/+15
Change-Id: I316e14317e0586e895dcb4e084aa54e7665f6a20 (cherry picked from commit 2cebb99729005a31fbe24a957d2db84397f1952a)
2017-02-28Add support for upgrading ec2-apiCarlos Camacho1-0/+16
Change-Id: I2703dd1a7e3eefa0ad6f7b74183101de6c1ad915 (cherry picked from commit b6214b0c5b92c85dbfa45007295db70888b509ab)
2017-02-28Merge "Install openstack-panko-api on upgrade" into stable/ocataJenkins1-0/+6
2017-02-27Add OpenDaylightConnectionProtocol parameter to opendaylight-api serviceFeng Pan1-0/+5
OpenDaylightConnectionProtocol is currently only set in opendaylight-ovs service, it needs to be set in opendaylight-api when Opendaylight is deployed with another vswitch like VPP. Closes-Bug: #1665442 Change-Id: Ib20cacd5b15586f96c880ed5a371e7e3c85a7a8c Signed-off-by: Feng Pan <fpan@redhat.com> (cherry picked from commit 1157bdbbeb1e48c1e6697341fcc64887e791d505)
2017-02-27Update the Nova Endpoint information for CinderRhys Oxenham1-1/+2
This patch updates the Cinder service to reference the correct catalogue entries for Nova as configured by TripleO. The default settings as set by TripleO do not match our catalogue entries, and when Cinder attempts to callback to Nova in certain events (such as a Cinder volume retype) it can raise an EndpointNotFound error. Out of the box we have settings in /etc/cinder/cinder.conf like: nova_catalog_info = compute:Compute Service:internalURL With the format as "<service_type>:<service_name>:<endpoint_type>" Yet our catalogue has no mention of 'Compute Service'. This patch also fixes the reference for the adminURL also. Related-Bug: #1668281 Change-Id: I888ee07ef02d82578867e33608901c06e6478472 Co-Authored-By: Greg Charot <gcharot@redhat.com> (cherry picked from commit 09d8c1278604cc2aec42b7284c01cf7eb8b074b6)
2017-02-27Install openstack-panko-api on upgradeMarius Cornea1-0/+6
This doesn't exist in newton images, so install it via the ansible tasks during step3 (when all other packages are updated). Change-Id: I700a711473d10a50fad6b1797453a74c0cdff54b Closes-Bug: 1667965 (cherry picked from commit 63cb515c602d8a231a086b1db098c129ed81eaff)
2017-02-26Merge "Adding the ip_conntrack_proto_sctp kernel module" into stable/ocataJenkins1-0/+1