| Age | Commit message (Collapse) | Author | Files | Lines |
|---|
|
It is not necessary to get the Ceph key issueing a get-key to the Ceph
cluster; this change provides the libvirt key via parameter instead.
Change-Id: Iff3dbcb0f1b4d2373570e184e636a71553cea708
|
|
|
|
|
|
When we re-execute an upgrade and the crontab has already been
removed, the crontab removal returns 1, saying "no crontab for
ceilometer", and the upgrade fails. This change makes the removal
idempotent.
Change-Id: Ic955fb67bb2f7afde44291f7db3293c88f167566
Closes-Bug: #1701250
|
|
|
|
Change-Id: I4bc74ccfa9bd143b203dd9ad97dacddf56949727
Partial-Bug: 1700664
|
|
The Qdr service appears to have hijacked these parameters for its
own use. I don't think it should have done that in the first place,
but at least the parameter descriptions need to be kept consistent
with the other services.
Partial-Bug: 1700664
Change-Id: I6d9a075a99f33e9deacaf5b10a6ea7b0a234b942
|
|
Also fix one instance of ManagementIpSubnet that was missing a
description.
Change-Id: I7c5b31d9ef464cefee1dd6ae7ebb9c017cbbd894
Partial-Bug: 1700664
|
|
This is needed for TLS everywhere.
Change-Id: Iac35b7ddcd8a800901548c75ca8d5083ad17e4d3
Depends-On: I426bfdb9e6c852eb32d10a12e521bb8b47701c41
|
|
This generates tons of unnecessary events when gnocchi uses swift backend.
We end up filtering most of these anyway. So lets disable this so it
doesn't put useless load. Also changing the default project to service as
thats what gnocchi uses to authenticate with swift.
Closes-bug: #1693339
Change-Id: I40f47d46fdb06f31a739b590bf653bca71e33f61
|
|
The opendaylight-puppet module is exposing the manage_repositories variable
to add or not the RPM repository for OpenDaylight.
Adding this option to the Tripleo Heat templates.
Change-Id: I4b5a32baa3fa8c85d72dce9d537eed4c73d42589
Closes-bug: #1679456
|
|
|
|
Partial-Bug: 1700664
Change-Id: I12ee7ab825069c1741438499f8df835014afc37f
|
|
|
|
Introduces a general mechanism meant to allow for the execution
of workflows during the deployment steps.
Services can define workflow actions to be triggered during a step
in the newly added service_workflow_tasks section. The syntax is:
service_workflow_tasks:
step2:
- name: my_action_name
action: std.echo
input:
output: 'hello world'
Implements: blueprint tripleo-ceph-ansible
Depends-On: If02799e7457ca017cc119317dfb2db7198a3559f
Depends-On: Ibc5707f9f06266fe84ad1dd91dcb984157871d30
Change-Id: I36a642fbc2076ad9e4a10ffc56d6d16f3ed6f27a
|
|
This was made configurable in a recent commit [1] So this flag makes it
easier for deployers to use that functionality.
[1] Ic68266eaf39d6803f7c3e299095578bbcfd63b88
Change-Id: Iffff20dcda53bc7237586dd240e581bcb0282844
|
|
Starting with the Ocata release, bare metal nodes are no longer get recognized
by nova automatically. To avoid forcing users into running nova manage command
each time they enroll a node, we will have to allow enable the periodic task
to do so.
Change-Id: I8b0afac54dc9bd51dbe2ae4f237e4de50459be0f
Closes-Bug: #1697724
|
|
In order to deploy OpenDaylight with DPDK we need to copy the DPDK
config for OVS done in the neutron-ovs-dpdk service template, without
enabling OVS agent for compute nodes. To do this correctly, we should
inherit and openvswitch service which is a common place to set OVS
configuration and parameters. Note: vswitch::dpdk config will be called
in prenetwork setup with ovs_dpdk_config.yaml so there is no need to
include that in the step config for neutron-ovs-dpdk-agent service or
opendaylight-ovs-dpdk.
Changes Include:
- Creates a common openvswitch service template, which in the future
will migrate to be its own service.
- Renames and fixes OVS DPDK configuration heat parameters in the
openvswitch template.
- neutron-ovs-dpdk-agent now inherits the common openvswitch template.
- Adds opendaylight-ovs-dpdk template which also inherits common ovs
template.
- Uses OVS DPDK config script to allow configuring OVS DPDK in
prenetwork config (before os-net-config runs). This has an issue
where hieradata is not present yet, so we have to redefine the heat
parameters and pass them via bash. In the future this should be
corrected.
- Adds opendaylight-dpdk environment file used to deploy an ODL + DPDK
deployment.
- Updates neutron-ovs-dpdk environment file.
Closes-Bug: 1656097
Partial-Bug: 1656096
Depends-On: I3227189691df85f265cf84bd4115d8d4c9f979f3
Change-Id: Ie80e38c2a9605d85cdf867a31b6888bfcae69e29
Signed-off-by: Tim Rozet <trozet@redhat.com>
|
|
|
|
|
|
|
|
Change-Id: Ifa985f29fbd589f58cb2fc75b5f442f7651fb2bf
Depends-On: I952c86db88dcd611722a3feaea88f618eee17620
|
|
Previously we were setting glance::api::show_multiple_locations
from the CephBase resource but this seems unnecessary as the
GlanceApi resource can consume the parameters needed to set
the value.
Change-Id: I0a7d8cb19a86b96d6196dad453970b4e56c5fe7e
|
|
Change-Id: Id7188ee8a4b05f0aa3c76c4da581e8c4f1b85d86
|
|
I'm not sure why this was here, but without a Listen directive in
Apache's ports.conf Horizon is inaccessible. Removing this allows
Horizon to work again.
Change-Id: Ic221e15f188cf50b485e995035cb96f5d5960a72
Closes-Bug: 1696439
|
|
This will add the node's FQDN to the mysql certificate request
besides the VIP's FQDN which we already use. This is needed for
adding TLS to the replication traffic. The CA file was also added
as hieradata, since the path will be needed for the TLS
configuration.
bp tls-via-certmonger
Change-Id: I9252303b92a2805ba83f86a85770db2551a014d3
|
|
|
|
|
|
|
|
|
|
This will set the max_active_keys setting in keystone.conf, and
furtherly we'll read this value from tripleo-common to do purging of
keys if necessary.
bp keystone-fernet-rotation
Change-Id: I9c6b0708c2c03ad9918222599f8b6aad397d8089
|
|
The bootstrap_nodeid can have capital letters while the hostname may
not. In puppet we use downcase for this comparison, so let's follow a
similar pattern for scripts from THT.
Change-Id: I8a0bec4a6f3ed0b4f2289cbe7023344fb284edf7
Closes-Bug: #16998201
|
|
|
|
|
|
|
|
|
|
The current port conflicts with trove. This is updated in puppet
module. See related change: https://review.openstack.org/#/c/471551/
Change-Id: Iefacb98320eef0bca782055e3da5d243993828d7
|
|
|
|
With the addition of the KeystoneFernetKeys parameter, it's now possible
to do fernet key rotations using mistral, by modifying the
KeystoneFernetKeys variable in mistral; subsequently a rotation could
happen when doing a stack update.
So this re-enables the managing of the key files by puppet. However,
this is left configurable, as folks might want to manage those files
out-of-band.
bp keystone-fernet-rotation
Change-Id: Ic82fb8b8a76481a6e588047acf33a036cf444d7d
|
|
This uses the newly introduced dict with the keys and paths instead of
the individual keys. Having the advantage that rotation will be
possible on stack update, as we no longer have a limit on how many keys
we can pass (as we did with the individual parameters).
bp keystone-fernet-rotation
Change-Id: I7d224595b731d9f3390fce5a9d002282b2b4b8f2
Depends-On: I63ae158fa8cb33ac857dcf9434e9fbef07ecb68d
|
|
|
|
|
|
|
|
|
|
Gnocchi 4 supports storage sacks during upgrade. lets make this
configurable if we want to use more metricd workers.
Change-Id: Ibb2ee885e59d43c1ae20887ec1026786d58c6b9e
|
|
Add new parameters that control the NAS security settings in Cinder's
NFS and NetApp back end drivers. The settings are disabled by default.
Partial-Bug: #1688332
Depends-On: I76e2ce10acf7b671be6a2785829ebb3012b79308
Change-Id: I306a8378dc1685132f7ea3ed91d345eaae70046f
|
|
This patch adds the templates required to enable the OVN DB servers
to be started in master/slave mode in the pacemaker cluster.
For the OVN DBs base profile, ::tripleo::haproxy expects the parameter
'ovn_dbs_manage_lb' set to true in order for it to configure OVN DBs
for load balancing (please see this commit [1]). So this patch sets
'ovn_dbs_manage_lb' to true.
[1] - I9dc366002ef5919339961e5deebbf8aa815c73db
Co-authored-by: Babu Shanmugam (babu.shanmugam@gmail.com)
Depends-on: I94d3960e6c5406e3af309cc8c787ac0a6c9b1756
Change-Id: I60c55abfc523973aa926d8a12ec77f198d885916
Closes-bug: #1670564
|
|
We now pass configuration for autofencing to Pacemaker Remote nodes.
Change-Id: Ibb9c65a83cc909528024c538cf3bcc96390c555e
Depends-On: I87c60bd56feac6dedc00a3c458b805aa9b71d9ce
Closes-Bug: #1686115
|
|
|
|
Move to one common services.yaml not only reduces the duplication, but it
should improve performance for the docker/services.yaml case, because we were
creating two ResourceChains with $many services which we know can be really
slow (especially since we seem to be missing concurrent: true on one)
Change-Id: I76f188438bfc6449b152c2861d99738e6eb3c61b
|
Keith Schincke
Jenkins
Jiri Stransky
Ben Nemec
Juan Antonio Osorio Robles
Pradeep Kilambi
Itzik Brown
Giulio Fidente
Dmitry Tantsur
Tim Rozet
Alex Schultz
Alan Bishop
Numan Siddique
Chris Jones
Steven Hardy