aboutsummaryrefslogtreecommitdiffstats
path: root/puppet/services
AgeCommit message (Collapse)AuthorFilesLines
2017-07-27Changing the default port-binding configurationItzik Brown2-2/+46
networking-odl no longer supports the network-topology port binding controller and instead now relies on a pseudo-agent binding controller. This means that each OVS node must be configured with host configuration in OVSDB about which VIF types, network types, functions, etc that this OVS node supports. The end result is this affects where nova and neutron will schedule instances. Changes Include: - Modifying default port binding controller to use pseudo agent - Adds necessary per role parameters to be able to configure host config on a per role basis to allow for heterogenous compute node configurations. Change-Id: I50458abf6a8a6bf724ad97accb6444d9c497d287 Closes-Bug: 1674995 Signed-off-by: Tim Rozet <trozet@redhat.com>
2017-07-27Add 'ovn-controller' serviceNuman Siddique2-4/+32
Presently the ovn-controller service (puppet/services/neutron-compute-plugin-ovn.yaml) is started only on compute nodes. But for the cases where the controller nodes provide the north/south traffic, we need ovn-controller service runninng in controller nodes as well. This patch - Renames the neutron-compute-plugin-ovn.yaml to ovn-controller.yaml which makes more sense and sets the service name as 'ovn-controller'. - Adds the service 'ovn-controller' to Controller and Compute roles. - Adds the missing 'upgrade_tasks' section in ovn-dbs.yaml and ovn-controller.yaml Depends-On: Ie3f09dc70a582f3d14de093043e232820f837bc3 Depends-On: Ide11569d81f5f28bafccc168b624be505174fc53 Change-Id: Ib7747406213d18fd65b86820c1f86ee7c39f7cf5
2017-07-27Fix iscsid role data's sectionDamien Ciabrini1-1/+1
The iscsid service definition has a typo, config_setting should read config_settings Change-Id: I12605dba61fd5f6ce80c3ab78e883ed5ebf3ca62
2017-07-27Enable Zaqar API SSLThomas Herve1-1/+3
This sets the SSL flag in the docker service and expose the parameter in the docker service. Depends-On: I4c68a662c2433398249f770ac50ba0791449fe71 Change-Id: Ic3df2b9ab7432ffbed5434943e04085a781774a0
2017-07-27Merge "Adding Tuned Service"Jenkins1-0/+50
2017-07-26Merge "aodh: add gnocchi_external_project_owner config"Jenkins1-0/+5
2017-07-26Merge "Stop Heat WSGI services on docker upgrade"Jenkins1-1/+1
2017-07-26Merge "Ps Cinder: Added support for password less login"Jenkins1-0/+4
2017-07-26Merge "Add parameters for Veritas HyperScale distributed setup."Jenkins1-2/+38
2017-07-26Merge "Make various password descriptions consistent"Jenkins14-15/+16
2017-07-26Merge "Stop also openstack-swift-object-expirer when upgrading swift services"Jenkins1-0/+1
2017-07-25Adding Tuned ServiceJoe Talerico1-0/+50
Allow the user to set a specific Tuned profile on a given host. Defaults to throughput-performance Change-Id: I0c66193d2733b7a82ad44b1cd0d2187dd732065a
2017-07-25Contrail network realignement + DPDK enablementMichael Henkel10-107/+213
This patch moves Contrail roles communication from public/external to internal_api network for OpenStack API. It also adds the option to enable dpdk. Monolithic firstboot script is broken down into small pre-network and per-node extraconfig scripts Change-Id: I296a3bf60cef6fa950fd71d6e68effe367d1e66b Closes-Bug: 1698422
2017-07-25Merge "Increase default RabbitMQ/Erlang TCP timeout from 5 to 15 seconds"Jenkins1-1/+1
2017-07-25Merge "Add metadata_settings in Heat APIs"Jenkins3-0/+6
2017-07-24Merge "Revert "Disable systemd-networkd & systemd-resolved""Jenkins2-8/+0
2017-07-24Add parameters for Veritas HyperScale distributed setup.abhishek.kane1-2/+38
Add more parameters to Veritas Hyperscale's composable service, which will be relevant in distributed setup. Change-Id: Ib1b90edbf17ea7f14bdbed4857241fca86b87a18 Signed-off-by: abhishek.kane <abhishek.kane@veritas.com>
2017-07-24Merge "Add support for nova live/cold-migration with containers"Jenkins3-12/+84
2017-07-24Merge "Remove non-containerized pacemaker resources on upgrade"Jenkins1-18/+1
2017-07-24Add metadata_settings in Heat APIsThomas Herve3-0/+6
We don't expose metadata_settings in Heat services, so SSL shouldn't work. Change-Id: I411085d9b249e54a2462de5efe4abf8f0865c0c2
2017-07-24Merge "Refactor iscsi initiator-name reset into separate service"Jenkins1-0/+41
2017-07-24Merge "Support configurable Zaqar backends"Jenkins1-14/+65
2017-07-24Support configurable Zaqar backendsDan Prince1-14/+65
This patch adds parameters to configure alternative version of the Zaqar messaging and management backends. The intent is to make use of these settings in the containers undercloud to use swift/mysql backends as a default thus avoiding the dependency on MongoDB. Change-Id: Ifd6a561737184c9322192ffc9a412c77d6eac3e9 Depends-On: Ie6a56b9163950cee2c0341afa0c0ddce665f3704 Depends-On: I3598e39c0a3cdf80b96e728d9aa8a7e6505e0690
2017-07-23Add support for nova live/cold-migration with containersOliver Walsh3-12/+84
Updates hieradata for changes in https://review.openstack.org/471950. Creates a new service - NovaMigrationTarget. On baremetal this just configures live/cold-migration. On docker is includes a container running a second sshd services on an alternative port. Configures /var/lib/nova/.ssh/config and mounts in nova-compute and libvirtd containers. Change-Id: Ic4b810ff71085b73ccd08c66a3739f94e6c0c427 Implements: blueprint tripleo-cold-migration Depends-On: I6c04cebd1cf066c79c5b4335011733d32ac208dc Depends-On: I063a84a8e6da64ae3b09125cfa42e48df69adc12
2017-07-22Merge "Add composable services for the Veritas HyperScale."Jenkins2-0/+126
2017-07-22Merge "Revert "Use optimal (instead of default) tunables for Ceph on upgrade""Jenkins1-2/+2
2017-07-22Merge "Make EnablePackageInstall and Debug descriptions consistent"Jenkins7-2/+7
2017-07-22Merge "Fix description of NeutronNetworkVLANRanges"Jenkins1-2/+2
2017-07-21Make various password descriptions consistentBen Nemec14-15/+16
Since these are obviously global parameters they shouldn't specify what will be using them because they are used in multiple places. Change-Id: I5054c2d67dffe802e37f8391dd7bad4721e29831 Partial-Bug: 1700664
2017-07-21Make EnablePackageInstall and Debug descriptions consistentBen Nemec7-2/+7
Change-Id: I3ea7c0c7ea049043668e68c6e637fd2aaf992622 Partial-Bug: 1700664
2017-07-21Revert "Disable systemd-networkd & systemd-resolved"Emilien Macchi2-8/+0
https://github.com/camptocamp/puppet-systemd/pull/32 is disabling by default the services so we don't have to control them via TripleO. This reverts commit d24874c7b2625e25630534a86864a93050f661d3. Change-Id: I4044f0b28b636c7a022912f6f24707bce22c8b98 Related-Bug: #1704160
2017-07-21Merge "Remove DockerNamespace references"Jenkins1-8/+11
2017-07-21Merge "Switch MonitoringRabbitUseSSL to boolean"Jenkins1-1/+1
2017-07-21Merge "Exposing the ability to enable/disable the repository"Jenkins1-0/+5
2017-07-21Merge "Add nova::compute::rbd setting into nova-libvirt profile"Jenkins1-0/+18
2017-07-20Remove DockerNamespace referencesIan Main1-8/+11
This patch removes more of the DockerNamespace references as part of the cleanup/reorg of the container configuration patches. This also adds a centos-rdo environment file for use with the new interface. This file was generated with the command "openstack overcloud container image prepare" Depends-On: I729fa00175cb36b02b882d729aae5ff06d0e3fbc Depends-On: I292162d66880278de09f7acbdbf02e2312c5bb2b Co-Authored-By: Dan Prince <dprince@redhat.com> Change-Id: Ice7b57c25248634240a6dd6e14e6d411e7806326
2017-07-20Revert "Use optimal (instead of default) tunables for Ceph on upgrade"Giulio Fidente1-2/+2
This reverts commit 5e9f855f7c96950ca29a0f85086441c57ae7aed5. The above would have fixed the issue but is only possible if the OSDs are upgraded first. We probably need to disable flag warnings completely instead. [1] 1. http://docs.ceph.com/docs/master/rados/operations/crush-map/#warning-when-tunables-are-non-optimal Change-Id: I429e9f7f220a844b5ca61734287e514c96ea5e6c
2017-07-20Fix description of NeutronNetworkVLANRangesBen Nemec1-2/+2
This claimed that all vlans were allowed, when in fact it is only the first 1000. Change-Id: Id5681be51bc908274a8b9cf18d43e116ba150e7f
2017-07-20Switch MonitoringRabbitUseSSL to booleanAlex Schultz1-1/+1
The puppet-sensu module recently added type checking so rabbitmq_ssl needs to be a boolean and not a string. Change-Id: I69b5a7528c8728310766abdc27ad11c93c4722d5 Closes-Bug: #1705481
2017-07-20Remove non-containerized pacemaker resources on upgrademarios1-18/+1
Adds upgrade_tasks to remove the pacemaker resources using the ansible-pacemaker module. Resources are disabled and removed in step2 (called only on bootstrap node) and then the cluster stop is moved to step3 The existing systemd/service call is kept but only to disable services after they are disabled/deleted from the cluster. Related-Bug: 1701485 Co-Authored-By: Damien Ciabrini <dciabrin@redhat.com> Change-Id: Ia597d240ea5834c50a8f6c4fac0b6ed417b8535c
2017-07-19Merge "Fixing a bug when setting a password for ODL controller"Jenkins1-0/+2
2017-07-19Merge "Use optimal (instead of default) tunables for Ceph on upgrade"Jenkins1-2/+2
2017-07-19Increase default RabbitMQ/Erlang TCP timeout from 5 to 15 secondsJohn Eckersberg1-1/+1
This should be greater than the default value of corosync_token_timeout, which is 10 seconds. That way, if an entire cluster node is unavailable, appropriate fencing measures can occur. With the current settings, it is possible for brief network interruptions, greater than 5 seconds, but less than 10 seconds, to occur. This can cause the RabbitMQ cluster to fail in subtle ways, but no corrective action taken by pacemaker. Change-Id: I735d43616c5c623c4398d924713012f595b2e5f9
2017-07-19Stop Heat WSGI services on docker upgradeThomas Herve1-1/+1
As we made the migration to HTTPd during the same cycle, we didn't include stopping the WSGI services before the upgrades. This handles the case, and fixes an issue with the puppet upgrade as well. Change-Id: I54ba6214d4bf052c0d840d5bbce2b524d82b7017 Closes-Bug: #1699443
2017-07-19Add nova::compute::rbd setting into nova-libvirt profileGiulio Fidente1-0/+18
Some of the tasks carried by nova::compute::rbd class apply to the compute service, others to the libvirt service so it needs to be included in both. Change-Id: I28557deb13b75922932cd3e86c3467a541c988d0
2017-07-18aodh: add gnocchi_external_project_owner configMehdi Abaakouk1-0/+5
gnocchi_external_project_owner is to configure who creates resources and metrics in Gnocchi (usually Ceilometer). So Aodh can create the right rbac rules. So the project name is 'service' for tripleo. We can't use the default set because puppet always uses 'services' and not 'service'. Change-Id: I6f7acc3a4cab29bc566d7becdc93ba3393f5c8fe
2017-07-18Ps Cinder: Added support for password less loginrajinir1-0/+4
Added missing san_private_key parameter used for password less SSH authentication. Change-Id: I6d7544b525055318aa567f9cbbe318d82bafacf0 Depends-On: 70db86d3366f85edf563aa73c533931a21cfab4d
2017-07-18Merge "Ensure yum cache is ready before update"Jenkins1-0/+2
2017-07-18Stop also openstack-swift-object-expirer when upgrading swift servicesCarlos Camacho1-0/+1
openstack-swift-object-expirer is not stopped when running the upgrade tasks so forth when changing to containers the service is still running after upgrading to docker. This service is added by default here: https://review.openstack.org/#/c/404149 But it wasnt stopped when running the upgrade tasks. Related also to this RHBZ#1470005 Change-Id: I8d5f195095d702057c3b2741127e7338d7451aad Closes-Bug: 1699444
2017-07-18Use optimal (instead of default) tunables for Ceph on upgradeGiulio Fidente1-2/+2
With the default setting, after the majority of the monitors have been upgraded the cluster will go in WARN state because of legacy tunables. This changes the tunables we set after each monitor is upgraded from 'default' to 'optimal' [1]. 1. http://docs.ceph.com/docs/master/rados/operations/crush-map/#warning-when-tunables-are-non-optimal Change-Id: I0f16c29cc200d762f0c4acfd87ba7d1adb5c1eeb Closes-Bug: #1704959