aboutsummaryrefslogtreecommitdiffstats
path: root/puppet/services
AgeCommit message (Collapse)AuthorFilesLines
2017-01-25Merge "Add metadata settings for needed kerberos principals"Jenkins17-20/+91
2017-01-25Conform CephExternal template to the new hiera hookGiulio Fidente1-17/+17
We missed to refactor CephExternal when migrating to the new hiera hook. The old template would have pushed the value of ceph::profile::params::client_keys as a string causing the deployment to fail with: Error while evaluating a Function Call, {...} is not a Hash The new template emits that same data as a map, as it happened for the other services in Ibe7e2044e200e2c947223286fdf4fd5bcf98c2e1 Change-Id: I3cf59b7d8343d7433047e9ccef310d287dbd47b5
2017-01-25Manage password_validator regexLuke Hinds1-0/+10
Horizon provides a password validation check, which OpenStack cloud operators can use to enforce password complexity checks for users within horizon. A dictionary containing a regular expression can be used for password validation with help text that is displayed if the password does not pass validation. HORIZON_CONFIG["password_validator"] = { "regex": '.*', "help_text": _("Your password does not meet the requirements."), } This change allows injection of the regex into horizons local_settings file from a tripleo heat template Change-Id: Ib6517c8f96148bea002b0e3442a26367b236928f Depends-On: If82a80ed6a8e6e65aecc2a25ee6d60640ae03c9a Closes-Bug: #1640800
2017-01-25Add snmp service support for composable upgradesSteven Hardy1-0/+4
Change-Id: Ifa10b764ae7c67e089c0d2506a49e474135083bb Partially-Implements: blueprint overcloud-upgrades-per-service
2017-01-25Merge "Add glance registry service to disable on upgrade"Jenkins1-0/+30
2017-01-25Merge "pacemaker remote profile support"Jenkins2-0/+63
2017-01-24Merge "Pass parameters for TLS proxy in front of Glance-API"Jenkins1-1/+33
2017-01-25Add metadata settings for needed kerberos principalsJuan Antonio Osorio Robles17-20/+91
These are only used for TLS-everywhere, and fills up the kerberos principals that will need to be created for the certs used by the overcloud. With this, the metadata hook will format these principals correctly and will further pass them on to the nova metadata service. Where they can be used if there's a plugin enabled. bp tls-via-certmonger bp novajoin Change-Id: I873094bb69200052febda629fda698a7a782c031
2017-01-24Add glance registry service to disable on upgradeSteven Hardy1-0/+30
We've broken the upgrade job because anyone upgrading with the glance registry deployed (and defined in their *Services parameters) will try to deploy with the old glance-registry.yaml defined in heat. Instead we define a template which stops and disables the service on upgrade. Closes-Bug: #1659079 Change-Id: I03561954d794afae2be06811375d16611fa45973
2017-01-24cinder-api: cleanup TODOEmilien Macchi1-3/+0
Cleanup some TODO. Change-Id: I84e369a9797359fea124e00e2007ae745a96847a
2017-01-24Pass parameters for TLS proxy in front of Glance-APIJuan Antonio Osorio Robles1-1/+33
If TLS in the internal network is enabled, we run glance-api beind a TLS proxy (which is actually httpd's mod_proxy). This passes the necessary hieradata. bp tls-via-certmonger Change-Id: I693213a1f35021b540202240e512d121cc1cd0eb Depends-On: Id35a846d43ecae8903a0d58306d9803d5ea00bee
2017-01-24Add ec2-api serviceSven Anderson1-0/+118
This change adds the ec2api service using the tripleo::profile::base::nova::ec2api profile. The deprecated nova-cert service is not supported, and therefore the RegisterImage action is not supported either. Change-Id: I2510fd4ed935d8423216fff9ce3adf2d69c9c804 Depends-On: If4b091e1ca02f43aa9c65392baf8ceea007b7cfb
2017-01-24Merge "Add support for not using admin_token in Ceph/RGW"Jenkins1-4/+9
2017-01-24pacemaker remote profile supportMichele Baldessari2-0/+63
This adds a pacemaker_remote puppet service so that an operator can automatically deploy pacemaker-remote on nodes of his choice. Change-Id: I9678606b3de9b9f4c03014b33c1dd27fcba67513 Depends-On: I581552dfa64160e2f82f6a9b8f2ae521c3d6da8d Depends-On: I92953afcc7d536d387381f08164cae8b52f41605
2017-01-23Merge "Add THT for fossw ML2 plugin in networking-fujitsu"Jenkins1-0/+78
2017-01-23Merge "Expose instance discovery method for compute agent"Jenkins1-1/+9
2017-01-20Merge "cinder: move glance params into base"Jenkins2-0/+3
2017-01-20Merge "Set manila default_share_type config option"Jenkins1-0/+1
2017-01-20Add support for not using admin_token in Ceph/RGWKeith Schincke1-4/+9
This patch adds support for using Keystone V3 authentication with Ceph/RGW. This removes the usage of the admin_token Change-Id: I3265b787ed1f059f86fdc80a91d0f7ed498c1e16 Depends-On: I42861afcac221478dcb68be13b6dbc2533a7f158
2017-01-20Merge "Add sahara service support for composable upgrades"Jenkins2-0/+11
2017-01-20Merge "Move nova placement hiera to nova-base"Jenkins2-4/+8
2017-01-20Merge "Add swift service support for composable upgrades"Jenkins2-0/+21
2017-01-20Set manila default_share_type config optionJan Provaznik1-0/+1
Manila default_share_type config option is by default unset. This option is used by manila when a user creates a new share and doesn't specify share type explicitly. Albeit it's not hard requirement to have this option set to run Manila service, it's convenient to set a default share type and also it seems to be a general community opinion that this option should be set. Note that setting this option does not create the share type itself (this still has to be done manually which is probably best because admins may want customize default type settings according to their needs). Change-Id: Iab60e42c7f347bbf074d60eb91dd4a1f6a94d3a6 Closes-Bug: #1654204
2017-01-20Merge "Force epmd listening to a specific address"Jenkins1-0/+1
2017-01-20Merge "Swift proxy align *-quotas with puppet-swift syntax"Jenkins1-2/+2
2017-01-20Merge "Revert "Revert "Specify cell0 db creation"""Jenkins1-0/+4
2017-01-20Merge "Added support for pass-through iSER configuration"Jenkins1-0/+5
2017-01-20Move nova placement hiera to nova-baseEmilien Macchi2-4/+8
Nova placement hiera parameters need to be common across all nova services because they are used to more than one place. This patch moves them to nova-base, so nova-compute and other services that need it will be able to run correctly. Change-Id: Ibccc55fc9d045487fb7e47bd1c2ebe9cf788765e Depends-On: Iada8e9fcccec7dbfe7ac0ec0f9ec6eac1581290e
2017-01-19cinder: move glance params into baseEmilien Macchi2-0/+3
glance params are also used by cinder-volume. This patch aims to cinder::glance in common roles for cinder, so we can split cinder and cinder volume. Change-Id: Id81c029318016068481dd614ed62cc4bfaf0f3e8
2017-01-19Allow dnsmasq_dns_servers to be configured for DHCP AgentFeng Pan1-0/+5
Closes-Bug: 1657901 Change-Id: I1491fed0ec79f9cdc5bb04555fdefcf1d29f29c9 Signed-off-by: Feng Pan <fpan@redhat.com>
2017-01-19Merge "Adds etcd composable service"Jenkins1-0/+58
2017-01-19Merge "Enabling until_complete to be configured dynamically"Jenkins1-0/+6
2017-01-19Merge "Deploy NTP with puppet-tripleo profile"Jenkins1-1/+1
2017-01-19Enabling until_complete to be configured dynamicallyCarlos Camacho1-0/+6
Adding to THT the cabability of configuring until_complete in the archive job. This will be a boolean flag to clean all the deleted instances. Will run in batches of max_rows until empty. Change-Id: I087bc66729fef4f33122a7633c154d5a66613d6f Depends-On: I927b75adb0fc3251f3734d41f4393590294c1c9b Closes-Bug: 1650680
2017-01-19Merge "Don't start all services during upgrade steps"Jenkins14-46/+0
2017-01-19Merge "Disable glance registry during upgrade"Jenkins1-0/+3
2017-01-19Merge "Configure cron parameters for Cinder Heat Keystone and Nova"Jenkins4-5/+220
2017-01-19Add THT for fossw ML2 plugin in networking-fujitsuKoki Sanagi1-0/+78
Introduce THT for fossw ML2 plugin in networking-fujitsu. networking-fujitsu is a neutron ML2 plugin which enables several FUJITSU switch products in OpenStack environment. This templates deploy overcloud with FOS switch. Change-Id: I977dbecbf9f6f9725f7fb5ca4745b537a73975ff Implements: blueprint integration-fossw-networking-fujitsu Depends-On: I044c5812bbc5cd3de4bc33556cffbe5bad8e64cf Depends-On: I79df6b6a27d95f0c0e2c87207ab80235a4efccfc
2017-01-19Add sahara service support for composable upgradesSteven Hardy2-0/+11
Change-Id: Icf8e215935bdf299cb792abb29bb5d58c5c312c5 Partially-Implements: blueprint overcloud-upgrades-per-service
2017-01-19Add swift service support for composable upgradesSteven Hardy2-0/+21
Co-Authored-By: Sofer Athlan-Guyot <sathlang@redhat.com> Partially-Implements: blueprint overcloud-upgrades-per-service Closes-Bug: #1655651 Change-Id: I83134f51d152f3b97f9a570bbd9a67c753982810
2017-01-19Swift proxy align *-quotas with puppet-swift syntaxSteven Hardy1-2/+2
puppet-swift has hard-coded sections which expect these to be *_quotas, without matching the pipeline to the sections swift proxy fails to start. Change-Id: I3ee94a9bc4b046051e5d814e82a69f759bea1296 Closes-Bug: #1657167
2017-01-19Don't start all services during upgrade stepsSteven Hardy14-46/+0
Currently we start all OpenStack services in step6, but puppet already does this, and sometimes services require configuration to account for the new version after the yum update before they will start. So instead of reimplementing that configuration management in ansible, just defer starting the services until puppet has run which will happen right after the ansible upgrade steps complete. Note there are some DB sync operations etc that we may also be able to remove and let puppet do those steps, but I've left those in for now, as we know there are some actions during that phase e.g nova cells setup, which aren't yet handled by puppet. Change-Id: Idc8e253167a4bc74b086830cfabf28d4aab97d28
2017-01-19Disable glance registry during upgradeSteven Hardy1-0/+3
Change-Id: I447ce74cca93fcae87ca608ecc8eeb2721fecefb
2017-01-19Deploy NTP with puppet-tripleo profileEmilien Macchi1-1/+1
Deploy NTP by using puppet-tripleo profile, so we can re-use the bits on the undercloud. Depends-On: If3cf7d9690001b051465ea25cf8a8c3bc6f7c33a Change-Id: I8c13fbc9267ff28065f0de97424a4eac78c370fb
2017-01-19Adds etcd composable serviceFeng Pan1-0/+58
etcd is used by networking-vpp ML2 driver as the messaging mechanism. This patch adds etcd service which can be used by other services. Implements: blueprint fdio-integration-tripleo Depends-on: Idaa3e3deddf9be3d278e90b569466c2717e2d517 Change-Id: I8ae1e2c9b0c3d6f448e1da712100938d011289f5 Signed-off-by: Feng Pan <fpan@redhat.com>
2017-01-18Expose instance discovery method for compute agentPradeep Kilambi1-1/+9
Change-Id: Ia3c514ab75ec48bf350653ceef50e4d966219a87
2017-01-18Remove CeilometerStoreEvents parameterPradeep Kilambi1-5/+0
This is removed upstream, so lets not set it anymore. Closes-Bug: #1657555 Change-Id: I6ca9f51d27d7ca49980a4b3dea4128c7bdc20a0f
2017-01-18Add Octavia API service definitionsBrent Eagles2-0/+159
Introduce basic configuration support for Octavia API service. Change-Id: I8816725ed65039af4b7d45392a2823395e81e51c Depends-On: I77783029797be4fb488c6e743c51d228eba9c474 Partially-Implements: blueprint octavia-service-integration
2017-01-18Merge "Add a environment file to disable ceilo api"Jenkins1-5/+0
2017-01-18Revert "Revert "Specify cell0 db creation""Dan Prince1-0/+4
This reverts commit 34f3ab689616517888422582357d0d4a38e0925d. Creating the cells database doesn't hurt anything and will fix issues using the new Docker nova services for development (these packages are more recent and require cells). Change-Id: I85b0e80ca208ef3ca3dfadfe6e98d83ec009a31d