Age | Commit message (Collapse) | Author | Files | Lines |
|
We don't expose metadata_settings in Heat services, so SSL shouldn't
work.
Change-Id: I411085d9b249e54a2462de5efe4abf8f0865c0c2
|
|
|
|
|
|
This patch adds parameters to configure alternative version
of the Zaqar messaging and management backends.
The intent is to make use of these settings in the
containers undercloud to use swift/mysql backends as a default
thus avoiding the dependency on MongoDB.
Change-Id: Ifd6a561737184c9322192ffc9a412c77d6eac3e9
Depends-On: Ie6a56b9163950cee2c0341afa0c0ddce665f3704
Depends-On: I3598e39c0a3cdf80b96e728d9aa8a7e6505e0690
|
|
Updates hieradata for changes in https://review.openstack.org/471950.
Creates a new service - NovaMigrationTarget. On baremetal this just configures
live/cold-migration. On docker is includes a container running a second sshd
services on an alternative port.
Configures /var/lib/nova/.ssh/config and mounts in nova-compute and libvirtd
containers.
Change-Id: Ic4b810ff71085b73ccd08c66a3739f94e6c0c427
Implements: blueprint tripleo-cold-migration
Depends-On: I6c04cebd1cf066c79c5b4335011733d32ac208dc
Depends-On: I063a84a8e6da64ae3b09125cfa42e48df69adc12
|
|
|
|
|
|
|
|
|
|
Since these are obviously global parameters they shouldn't specify
what will be using them because they are used in multiple places.
Change-Id: I5054c2d67dffe802e37f8391dd7bad4721e29831
Partial-Bug: 1700664
|
|
Change-Id: I3ea7c0c7ea049043668e68c6e637fd2aaf992622
Partial-Bug: 1700664
|
|
https://github.com/camptocamp/puppet-systemd/pull/32 is disabling by default the services so we don't have to control them via TripleO.
This reverts commit d24874c7b2625e25630534a86864a93050f661d3.
Change-Id: I4044f0b28b636c7a022912f6f24707bce22c8b98
Related-Bug: #1704160
|
|
|
|
|
|
|
|
|
|
This patch removes more of the DockerNamespace references as part
of the cleanup/reorg of the container configuration patches.
This also adds a centos-rdo environment file for use with
the new interface. This file was generated with the command
"openstack overcloud container image prepare"
Depends-On: I729fa00175cb36b02b882d729aae5ff06d0e3fbc
Depends-On: I292162d66880278de09f7acbdbf02e2312c5bb2b
Co-Authored-By: Dan Prince <dprince@redhat.com>
Change-Id: Ice7b57c25248634240a6dd6e14e6d411e7806326
|
|
This reverts commit 5e9f855f7c96950ca29a0f85086441c57ae7aed5.
The above would have fixed the issue but is only possible if the OSDs
are upgraded first. We probably need to disable flag warnings
completely instead. [1]
1. http://docs.ceph.com/docs/master/rados/operations/crush-map/#warning-when-tunables-are-non-optimal
Change-Id: I429e9f7f220a844b5ca61734287e514c96ea5e6c
|
|
This claimed that all vlans were allowed, when in fact it is only
the first 1000.
Change-Id: Id5681be51bc908274a8b9cf18d43e116ba150e7f
|
|
The puppet-sensu module recently added type checking so rabbitmq_ssl
needs to be a boolean and not a string.
Change-Id: I69b5a7528c8728310766abdc27ad11c93c4722d5
Closes-Bug: #1705481
|
|
Adds upgrade_tasks to remove the pacemaker resources using the
ansible-pacemaker module.
Resources are disabled and removed in step2 (called only on
bootstrap node) and then the cluster stop is moved to step3
The existing systemd/service call is kept but only to disable
services after they are disabled/deleted from the cluster.
Related-Bug: 1701485
Co-Authored-By: Damien Ciabrini <dciabrin@redhat.com>
Change-Id: Ia597d240ea5834c50a8f6c4fac0b6ed417b8535c
|
|
|
|
|
|
This should be greater than the default value of
corosync_token_timeout, which is 10 seconds. That way, if an entire
cluster node is unavailable, appropriate fencing measures can occur.
With the current settings, it is possible for brief network
interruptions, greater than 5 seconds, but less than 10 seconds, to
occur. This can cause the RabbitMQ cluster to fail in subtle ways,
but no corrective action taken by pacemaker.
Change-Id: I735d43616c5c623c4398d924713012f595b2e5f9
|
|
As we made the migration to HTTPd during the same cycle, we didn't
include stopping the WSGI services before the upgrades. This handles the
case, and fixes an issue with the puppet upgrade as well.
Change-Id: I54ba6214d4bf052c0d840d5bbce2b524d82b7017
Closes-Bug: #1699443
|
|
Some of the tasks carried by nova::compute::rbd class apply to the
compute service, others to the libvirt service so it needs to be
included in both.
Change-Id: I28557deb13b75922932cd3e86c3467a541c988d0
|
|
gnocchi_external_project_owner is to configure who creates resources and
metrics in Gnocchi (usually Ceilometer). So Aodh can create the right rbac rules.
So the project name is 'service' for tripleo. We can't use the default
set because puppet always uses 'services' and not 'service'.
Change-Id: I6f7acc3a4cab29bc566d7becdc93ba3393f5c8fe
|
|
Added missing san_private_key parameter used for password less SSH
authentication.
Change-Id: I6d7544b525055318aa567f9cbbe318d82bafacf0
Depends-On: 70db86d3366f85edf563aa73c533931a21cfab4d
|
|
|
|
openstack-swift-object-expirer is not stopped when
running the upgrade tasks so forth when changing to
containers the service is still running after upgrading
to docker.
This service is added by default here: https://review.openstack.org/#/c/404149
But it wasnt stopped when running the upgrade tasks.
Related also to this RHBZ#1470005
Change-Id: I8d5f195095d702057c3b2741127e7338d7451aad
Closes-Bug: 1699444
|
|
With the default setting, after the majority of the monitors have
been upgraded the cluster will go in WARN state because of legacy
tunables. This changes the tunables we set after each monitor is
upgraded from 'default' to 'optimal' [1].
1. http://docs.ceph.com/docs/master/rados/operations/crush-map/#warning-when-tunables-are-non-optimal
Change-Id: I0f16c29cc200d762f0c4acfd87ba7d1adb5c1eeb
Closes-Bug: #1704959
|
|
|
|
This currently assumes nova-compute and iscsid run in the same context which
isn't true for a containerized deployment
Change-Id: I11232fc412adcc18087928c281ba82546388376e
Depends-On: I91f1ce7625c351745dbadd84b565d55598ea5b59
Depends-On: I0cbb1081ad00b2202c9d913e0e1759c2b95612a5
|
|
Add a composable service for each of:
- the Veritas HyperScale's Cinder backend.
- installing the Veritas HyperScale controller packages.
Change-Id: I99ee827825ec2a6a3c695de1ca1c1015859fe398
Depends-On: I316b22f4f7f9f68fe5c46075dc348a70e437fb1d
Depends-On: I9168bffa5c73a205d1bb84b831b06081c40af549
Signed-off-by: abhishek.kane <abhishek.kane@veritas.com>
|
|
|
|
Makes it possible to resolve network subnets within a service
template; the data is transported into a new property ServiceData
wired into every service which hopefully is generic enough to
be extended in the future and transport more data.
Data can be consumed in service templates to set config values
which need to know what is the subnet where a deamon operates (for
example the Ceph Public vs Cluster network).
Change-Id: I28e21c46f1ef609517175f7e7ee19e28d1c0cba2
|
|
Latest commits in puppet-systemd enabled by default systemd-networkd and
systemd-resolved but we don't want to manage them for now in TripleO.
MySQL and MongoDB services were managing some systemd resources so now
we ensure that these 2 systemd services are disabled. In the future, we
might want and activate these services and revert that patch but for now
we want to disable them.
Change-Id: I42c6c9b643a71a0fbb1768bbae91e8bfa916ea00
Closes-Bug: #1704145
|
|
|
|
|
|
|
|
|
|
To workaround yum bug with libnss we need to make yum cache
before running update. In fact we should have done this
regardless of the bug.
Change-Id: I5b2355fb8abe3c8d4b9ce9c62b9ffdba8c1e8d9d
Resolves: rhbz#1458841
Closes-Bug: #1703830
|
|
KeystoneRegion value for all endpoints is set as 'regionOne',
it should be same in the configuration file.
In case of Cinder as glance backend the os_region_name should be
"regionOne" instead of "RegionOne".
Currently CI is not failing because cinder backend scenario is not yet added.
But this would definitely fail if os_region_name=RegionOne.
Change-Id: I26811a404a20ea3c55f5b272f86d9269d0f6acec
Closes-Bug: 1704060
|
|
|
|
This patch does 2 things:
* Configure messagingv2 as default driver for Oslo Notifications sent on
RPC.
* Allow users to choose between messagingv2 (default) and noop when we
want to disable notifications (for example, when Telemetry is disabled).
* Deprecate KeystoneNotificationDriver in favor of NotificationDriver.
Change-Id: Ia547d7f4bfb51e7c45246b097b48fd86da231bd3
Related-Bug: #1701357
|
|
This is associated with the haproxy service, so set the hieradata there
instead. This is needed so we can render the controller role template
via j2, and also if anyone ever wants to run haproxy on some role other
then the Controller.
Change-Id: I82b992afe42f6da7788f6efca2366863c3bf68f7
Partially-Implements: blueprint composable-networks
|
|
Change-Id: I301f73801e95e607ed28992e68528f17843a0b6c
Closes-Bug: #1702435
|
|
Ceilometer API runs under apache. Since this service is
deprecated and disabled in pike, we need to ensure the
apache files are removed during upgrade.
Change-Id: I0c0913e74396bd463f5a6da46f83512bab77b75e
|
|
|
|
|