aboutsummaryrefslogtreecommitdiffstats
path: root/puppet/services
AgeCommit message (Collapse)AuthorFilesLines
2017-07-19Increase default RabbitMQ/Erlang TCP timeout from 5 to 15 secondsJohn Eckersberg1-1/+1
This should be greater than the default value of corosync_token_timeout, which is 10 seconds. That way, if an entire cluster node is unavailable, appropriate fencing measures can occur. With the current settings, it is possible for brief network interruptions, greater than 5 seconds, but less than 10 seconds, to occur. This can cause the RabbitMQ cluster to fail in subtle ways, but no corrective action taken by pacemaker. Change-Id: I735d43616c5c623c4398d924713012f595b2e5f9
2017-07-19Stop Heat WSGI services on docker upgradeThomas Herve1-1/+1
As we made the migration to HTTPd during the same cycle, we didn't include stopping the WSGI services before the upgrades. This handles the case, and fixes an issue with the puppet upgrade as well. Change-Id: I54ba6214d4bf052c0d840d5bbce2b524d82b7017 Closes-Bug: #1699443
2017-07-19Add nova::compute::rbd setting into nova-libvirt profileGiulio Fidente1-0/+18
Some of the tasks carried by nova::compute::rbd class apply to the compute service, others to the libvirt service so it needs to be included in both. Change-Id: I28557deb13b75922932cd3e86c3467a541c988d0
2017-07-18aodh: add gnocchi_external_project_owner configMehdi Abaakouk1-0/+5
gnocchi_external_project_owner is to configure who creates resources and metrics in Gnocchi (usually Ceilometer). So Aodh can create the right rbac rules. So the project name is 'service' for tripleo. We can't use the default set because puppet always uses 'services' and not 'service'. Change-Id: I6f7acc3a4cab29bc566d7becdc93ba3393f5c8fe
2017-07-18Ps Cinder: Added support for password less loginrajinir1-0/+4
Added missing san_private_key parameter used for password less SSH authentication. Change-Id: I6d7544b525055318aa567f9cbbe318d82bafacf0 Depends-On: 70db86d3366f85edf563aa73c533931a21cfab4d
2017-07-18Merge "Ensure yum cache is ready before update"Jenkins1-0/+2
2017-07-18Stop also openstack-swift-object-expirer when upgrading swift servicesCarlos Camacho1-0/+1
openstack-swift-object-expirer is not stopped when running the upgrade tasks so forth when changing to containers the service is still running after upgrading to docker. This service is added by default here: https://review.openstack.org/#/c/404149 But it wasnt stopped when running the upgrade tasks. Related also to this RHBZ#1470005 Change-Id: I8d5f195095d702057c3b2741127e7338d7451aad Closes-Bug: 1699444
2017-07-18Use optimal (instead of default) tunables for Ceph on upgradeGiulio Fidente1-2/+2
With the default setting, after the majority of the monitors have been upgraded the cluster will go in WARN state because of legacy tunables. This changes the tunables we set after each monitor is upgraded from 'default' to 'optimal' [1]. 1. http://docs.ceph.com/docs/master/rados/operations/crush-map/#warning-when-tunables-are-non-optimal Change-Id: I0f16c29cc200d762f0c4acfd87ba7d1adb5c1eeb Closes-Bug: #1704959
2017-07-18Merge "Corrected wrong os_region_name in glance-api conf file"Jenkins1-0/+1
2017-07-17Refactor iscsi initiator-name reset into separate serviceOliver Walsh1-0/+41
This currently assumes nova-compute and iscsid run in the same context which isn't true for a containerized deployment Change-Id: I11232fc412adcc18087928c281ba82546388376e Depends-On: I91f1ce7625c351745dbadd84b565d55598ea5b59 Depends-On: I0cbb1081ad00b2202c9d913e0e1759c2b95612a5
2017-07-17Add composable services for the Veritas HyperScale.abhishek.kane2-0/+126
Add a composable service for each of: - the Veritas HyperScale's Cinder backend. - installing the Veritas HyperScale controller packages. Change-Id: I99ee827825ec2a6a3c695de1ca1c1015859fe398 Depends-On: I316b22f4f7f9f68fe5c46075dc348a70e437fb1d Depends-On: I9168bffa5c73a205d1bb84b831b06081c40af549 Signed-off-by: abhishek.kane <abhishek.kane@veritas.com>
2017-07-14Merge "Adds network/cidr mapping into a new service property"Jenkins184-0/+851
2017-07-14Adds network/cidr mapping into a new service propertyGiulio Fidente184-0/+851
Makes it possible to resolve network subnets within a service template; the data is transported into a new property ServiceData wired into every service which hopefully is generic enough to be extended in the future and transport more data. Data can be consumed in service templates to set config values which need to know what is the subnet where a deamon operates (for example the Ceph Public vs Cluster network). Change-Id: I28e21c46f1ef609517175f7e7ee19e28d1c0cba2
2017-07-14Disable systemd-networkd & systemd-resolvedEmilien Macchi2-0/+8
Latest commits in puppet-systemd enabled by default systemd-networkd and systemd-resolved but we don't want to manage them for now in TripleO. MySQL and MongoDB services were managing some systemd resources so now we ensure that these 2 systemd services are disabled. In the future, we might want and activate these services and revert that patch but for now we want to disable them. Change-Id: I42c6c9b643a71a0fbb1768bbae91e8bfa916ea00 Closes-Bug: #1704145
2017-07-13Merge "Remove hardcoded enable_load_balancer from Controller role"Jenkins1-0/+5
2017-07-13Merge "Make NeutronEnableDVR parameter consistent"Jenkins1-2/+1
2017-07-13Merge "Make Rabbit parameters consistent"Jenkins1-3/+3
2017-07-13Merge "Make CephValidationDelay/Retries default consistent"Jenkins1-2/+2
2017-07-13Ensure yum cache is ready before updateLukas Bezdicka1-0/+2
To workaround yum bug with libnss we need to make yum cache before running update. In fact we should have done this regardless of the bug. Change-Id: I5b2355fb8abe3c8d4b9ce9c62b9ffdba8c1e8d9d Resolves: rhbz#1458841 Closes-Bug: #1703830
2017-07-13Corrected wrong os_region_name in glance-api conf filePranaliD1-0/+1
KeystoneRegion value for all endpoints is set as 'regionOne', it should be same in the configuration file. In case of Cinder as glance backend the os_region_name should be "regionOne" instead of "RegionOne". Currently CI is not failing because cinder backend scenario is not yet added. But this would definitely fail if os_region_name=RegionOne. Change-Id: I26811a404a20ea3c55f5b272f86d9269d0f6acec Closes-Bug: 1704060
2017-07-13Merge "Allow to set Notification Driver to 'noop'"Jenkins15-3/+106
2017-07-11Allow to set Notification Driver to 'noop'Emilien Macchi15-3/+106
This patch does 2 things: * Configure messagingv2 as default driver for Oslo Notifications sent on RPC. * Allow users to choose between messagingv2 (default) and noop when we want to disable notifications (for example, when Telemetry is disabled). * Deprecate KeystoneNotificationDriver in favor of NotificationDriver. Change-Id: Ia547d7f4bfb51e7c45246b097b48fd86da231bd3 Related-Bug: #1701357
2017-07-11Remove hardcoded enable_load_balancer from Controller roleSteven Hardy1-0/+5
This is associated with the haproxy service, so set the hieradata there instead. This is needed so we can render the controller role template via j2, and also if anyone ever wants to run haproxy on some role other then the Controller. Change-Id: I82b992afe42f6da7788f6efca2366863c3bf68f7 Partially-Implements: blueprint composable-networks
2017-07-10Fixing a bug when setting a password for ODL controllerItzik Brown1-0/+2
Change-Id: I301f73801e95e607ed28992e68528f17843a0b6c Closes-Bug: #1702435
2017-07-07Remove ceilometer apache files on upgradePradeep Kilambi1-0/+41
Ceilometer API runs under apache. Since this service is deprecated and disabled in pike, we need to ensure the apache files are removed during upgrade. Change-Id: I0c0913e74396bd463f5a6da46f83512bab77b75e
2017-07-06Merge "Enable Neutron LBaaS Integration"Jenkins1-0/+70
2017-07-05Merge "Update NovaCompute to consume CephClientKey"Jenkins1-6/+9
2017-07-04Enable Neutron LBaaS IntegrationRyan Hefner1-0/+70
Allows the configuration of the Neutron LBaaS agent. Implements: blueprint lbaasv2-service-integration Change-Id: Iae2bf7faeea93d5275994b2ee10f9bf863ed6152 Depends-On: Ieeb21fafd340fdfbaddbe7633946fe0f05c640c9
2017-07-04Merge "Make ceilometer crontab removal idempotent"Jenkins1-0/+3
2017-07-03Update NovaCompute to consume CephClientKeyKeith Schincke1-6/+9
It is not necessary to get the Ceph key issueing a get-key to the Ceph cluster; this change provides the libvirt key via parameter instead. Change-Id: Iff3dbcb0f1b4d2373570e184e636a71553cea708
2017-07-02Merge "Move glance::api::show_multiple_locations within GlanceApi"Jenkins3-48/+13
2017-06-30Merge "Make NovaWorkers descriptions consistent"Jenkins4-4/+4
2017-06-29Make ceilometer crontab removal idempotentJiri Stransky1-0/+3
When we re-execute an upgrade and the crontab has already been removed, the crontab removal returns 1, saying "no crontab for ceilometer", and the upgrade fails. This change makes the removal idempotent. Change-Id: Ic955fb67bb2f7afde44291f7db3293c88f167566 Closes-Bug: #1701250
2017-06-29Merge "Enable nova-api to run over httpd again"Jenkins1-112/+108
2017-06-28Make NeutronEnableDVR parameter consistentBen Nemec1-2/+1
Change-Id: I4bc74ccfa9bd143b203dd9ad97dacddf56949727 Partial-Bug: 1700664
2017-06-28Make Rabbit parameters consistentBen Nemec1-3/+3
The Qdr service appears to have hijacked these parameters for its own use. I don't think it should have done that in the first place, but at least the parameter descriptions need to be kept consistent with the other services. Partial-Bug: 1700664 Change-Id: I6d9a075a99f33e9deacaf5b10a6ea7b0a234b942
2017-06-28Make CephValidationDelay/Retries default consistentBen Nemec1-2/+2
Also fix one instance of ManagementIpSubnet that was missing a description. Change-Id: I7c5b31d9ef464cefee1dd6ae7ebb9c017cbbd894 Partial-Bug: 1700664
2017-06-28Enable nova-api to run over httpd againJuan Antonio Osorio Robles1-112/+108
This is needed for TLS everywhere. Change-Id: Iac35b7ddcd8a800901548c75ca8d5083ad17e4d3 Depends-On: I426bfdb9e6c852eb32d10a12e521bb8b47701c41
2017-06-28Disable swift middleware ceilometer pipeline by defaultPradeep Kilambi1-12/+17
This generates tons of unnecessary events when gnocchi uses swift backend. We end up filtering most of these anyway. So lets disable this so it doesn't put useless load. Also changing the default project to service as thats what gnocchi uses to authenticate with swift. Closes-bug: #1693339 Change-Id: I40f47d46fdb06f31a739b590bf653bca71e33f61
2017-06-27Exposing the ability to enable/disable the repositoryItzik Brown1-0/+5
The opendaylight-puppet module is exposing the manage_repositories variable to add or not the RPM repository for OpenDaylight. Adding this option to the Tripleo Heat templates. Change-Id: I4b5a32baa3fa8c85d72dce9d537eed4c73d42589 Closes-bug: #1679456
2017-06-27Merge "Adds service for OVS and enables ODL DPDK deployments"Jenkins5-109/+220
2017-06-27Make NovaWorkers descriptions consistentBen Nemec4-4/+4
Partial-Bug: 1700664 Change-Id: I12ee7ab825069c1741438499f8df835014afc37f
2017-06-27Merge "Add flag to enable/disable the HAProxy stats interface"Jenkins1-0/+5
2017-06-26Allows use of Mistral workflows during deployment stepsGiulio Fidente1-0/+24
Introduces a general mechanism meant to allow for the execution of workflows during the deployment steps. Services can define workflow actions to be triggered during a step in the newly added service_workflow_tasks section. The syntax is: service_workflow_tasks: step2: - name: my_action_name action: std.echo input: output: 'hello world' Implements: blueprint tripleo-ceph-ansible Depends-On: If02799e7457ca017cc119317dfb2db7198a3559f Depends-On: Ibc5707f9f06266fe84ad1dd91dcb984157871d30 Change-Id: I36a642fbc2076ad9e4a10ffc56d6d16f3ed6f27a
2017-06-26Add flag to enable/disable the HAProxy stats interfaceJuan Antonio Osorio Robles1-0/+5
This was made configurable in a recent commit [1] So this flag makes it easier for deployers to use that functionality. [1] Ic68266eaf39d6803f7c3e299095578bbcfd63b88 Change-Id: Iffff20dcda53bc7237586dd240e581bcb0282844
2017-06-23Enable periodic task to discover cell hosts when ironic is usedDmitry Tantsur1-0/+9
Starting with the Ocata release, bare metal nodes are no longer get recognized by nova automatically. To avoid forcing users into running nova manage command each time they enroll a node, we will have to allow enable the periodic task to do so. Change-Id: I8b0afac54dc9bd51dbe2ae4f237e4de50459be0f Closes-Bug: #1697724
2017-06-23Adds service for OVS and enables ODL DPDK deploymentsTim Rozet5-109/+220
In order to deploy OpenDaylight with DPDK we need to copy the DPDK config for OVS done in the neutron-ovs-dpdk service template, without enabling OVS agent for compute nodes. To do this correctly, we should inherit and openvswitch service which is a common place to set OVS configuration and parameters. Note: vswitch::dpdk config will be called in prenetwork setup with ovs_dpdk_config.yaml so there is no need to include that in the step config for neutron-ovs-dpdk-agent service or opendaylight-ovs-dpdk. Changes Include: - Creates a common openvswitch service template, which in the future will migrate to be its own service. - Renames and fixes OVS DPDK configuration heat parameters in the openvswitch template. - neutron-ovs-dpdk-agent now inherits the common openvswitch template. - Adds opendaylight-ovs-dpdk template which also inherits common ovs template. - Uses OVS DPDK config script to allow configuring OVS DPDK in prenetwork config (before os-net-config runs). This has an issue where hieradata is not present yet, so we have to redefine the heat parameters and pass them via bash. In the future this should be corrected. - Adds opendaylight-dpdk environment file used to deploy an ODL + DPDK deployment. - Updates neutron-ovs-dpdk environment file. Closes-Bug: 1656097 Partial-Bug: 1656096 Depends-On: I3227189691df85f265cf84bd4115d8d4c9f979f3 Change-Id: Ie80e38c2a9605d85cdf867a31b6888bfcae69e29 Signed-off-by: Tim Rozet <trozet@redhat.com>
2017-06-22Merge "Remove add_listen: false from Horizon hieradata"Jenkins1-1/+0
2017-06-22Merge "Deploy ironic-api with WSGI"Jenkins1-2/+29
2017-06-21Merge "Add node's FQDN to mysql certificate request and CA file"Jenkins2-0/+20