summaryrefslogtreecommitdiffstats
path: root/puppet
AgeCommit message (Collapse)AuthorFilesLines
2016-09-19Merge "Set VNC URL parameters for nova-compute"Jenkins1-0/+3
2016-09-19Use osd_pool_default_* puppet parameters when creating the poolsGiulio Fidente1-3/+6
While it is possible to override the pg_num, pgp_num and size for each pool, the defaults are hardcoded. This patch uses as default the values given via ceph::profile::params::osd_pool_default_* parameters, if any. Closes-Bug: 1623590 Change-Id: Iecde772e7f72fd9abedb54cff4b8f2605df8fedd
2016-09-17Merge "Add fluentd client service"Jenkins61-0/+632
2016-09-17Merge "Move rabbit's clustering port away from the ephemeral port range"Jenkins1-3/+3
2016-09-17Set VNC URL parameters for nova-computeJuan Antonio Osorio Robles1-0/+3
These are needed so the computes can advertize the VNC URL correctly. Change-Id: Ic3eba9fe929ce396b584249eb84415de09ab1b62 Closes-Bug: #1623607
2016-09-17Merge "Add mongo config settings in collector service templates"Jenkins1-1/+10
2016-09-17Merge "Add NetApp Manila driver integration and tidy up generic"Jenkins3-66/+205
2016-09-17Merge "Convert AllNodesExtraConfig to support composable roles"Jenkins2-28/+12
2016-09-17Add fluentd client serviceLars Kellogg-Stedman61-0/+632
This implements support for installing fluentd agents as a composable service on the overcloud. Depends-On: I2e1abe4d8c8359e56ff626255ee50c9cacca1940 Implements: tripleo-opstools-centralized-logging Change-Id: I23b0e23881b742158fcfb6b8c145a3211d45086e
2016-09-16Merge "Expose parameter to enable combination alarms"Jenkins1-0/+6
2016-09-16Move rabbit's clustering port away from the ephemeral port rangeMichele Baldessari1-3/+3
Currently RabbitMQ cluster uses a predefined port 35672 for clustering. This port belongs to so-called ephemeral ports range. Ephemeral ports are the ports kernel assings to application if it doesn't specify which port to open. So there is a small chance that this application being started before RabbitMQ itself could grab this port. While rather unlikely we did see this happen. Selinux change should already be in place. On my Centos 7 we have: rabbitmq_port_t tcp 25672 corenet_tcp_bind_rabbitmq_port(rabbitmq_t) corenet_tcp_connect_rabbitmq_port(rabbitmq_t) First noted via: https://bugzilla.redhat.com/show_bug.cgi?id=1357522 Closes-Bug: #1623818 Depends-On: I0bcd0d063a7a766483426fdd5ea81cbe1dfaa348 Change-Id: I995bd96c2a17614e954ea5bbae4d58998ef420dc
2016-09-16Add mongo config settings in collector service templatesPradeep Kilambi1-1/+10
In scenario where mongo and collector are on separate nodes like as indicated in the bug, collector should be able to access mongo replset and other hiera data. Closes-bug: #1620468 Depends-On: I0bcd0d063a7a766483426fdd5ea81cbe1dfaa348 Change-Id: Iadf4c78fb03da183d19e93c30f78817a3cfed425
2016-09-16Merge "Convert deploy steps to jinja2 loop"Jenkins2-644/+139
2016-09-16Merge "Set client protocol for glance registry client"Jenkins1-0/+1
2016-09-16Merge "Unset Keystone public_endpoint"Jenkins1-1/+0
2016-09-16Merge "Populate vnc_api_lib.ini on compute nodes with OpenContrail"Jenkins1-0/+12
2016-09-16Convert AllNodesExtraConfig to support composable rolesSteven Hardy2-28/+12
This adjusts the interface to OS::TripleO::AllNodesExtraConfig so it supports custom/composable/optional roles. Note this does break backwards compatibility, and I can't see any way to avoid that. I've converted the in-tree templates, and we'll have to document carefully and or provide a script (or automated conversion via mistral perhaps?) to allow folks to easily adjust any out of tree templates to the new format. Basically you just have to: 1. Remove all the *_servers parameters, replace with one "servers" json parameter 2. Replace references to e.g "controller_servers" with "servers, Controller" which does a path-based lookup into the json map provided by overcloud.yaml Change-Id: I5eebf853646b2f6300d6b542fcd4f43e82d3b413 Partially-Implements: blueprint custom-roles
2016-09-16Convert deploy steps to jinja2 loopSteven Hardy2-644/+139
Refactor so the post-deploy steps recently moved into puppet/post.yaml are generated by jinja2 instead of hard-coded Change-Id: I488e46aaa449c95571bd3d1de9513c3d0730baf3 Partially-Implements: blueprint custom-roles
2016-09-14Set client protocol for glance registry clientJuan Antonio Osorio Robles1-0/+1
To communicate to glance registry, glance API has several parameters that it uses to form the URI. Right now we are defaulting to http, when we enable TLS everywhere, this will break. So setting the value from the endpoint map should fix it. Closes-Bug: #1623477 Change-Id: Id86787cbaa6f87fdcf9c26111c228fd59fbba012
2016-09-14Expose parameter to enable combination alarmsPradeep Kilambi1-0/+6
The puppet-tripleo change for the same is merged I9220b7d020dc8ed45dd6ca83ea9647efd67ea648 Change-Id: Ic5309ada98c78a15aa3a47dd94acb9e68eb25295
2016-09-14Merge "Add support for deploying Ceph RGW role"Jenkins1-0/+77
2016-09-13Move role ResourceGroups inside the jinja2 loopSteven Hardy3-0/+15
This moves the now nearly identical group resources inside the loop there's a FIXME related to some deprecated compute parameters we'll need to work around. Change-Id: Iddd63c42754867125e65e7721ab9d9f46f4d6afb Partially-Implements: blueprint custom-roles
2016-09-13Merge "Enable proxy header parsing for Manila"Jenkins1-0/+1
2016-09-13Add NetApp Manila driver integration and tidy up genericmarios3-66/+205
Enables configuring a NetApp backend for the Manila service This was created based on the review at https://review.openstack.org/#/c/188138/ This makes the netapp and generic backends disabled by default in the services/manila-backend-*.yaml. A backend is then enabled via backend-specific environment files, which will set any config parameters and enable that backend. It is expected that multiple manila backend specific environment files might be specified simultaneously. Finally generic and manila config is split into separate service files rather than using manila-base for all the things. Co-Authored-By: Ryan Hefner <rhefner@redhat.com> Co-Authored-By: Ben Swartzlander <ben@swartzlander.org> Closes-Bug: 1618479 Depends-On: Ic6f8e8d27ca20b9badddea5d16550aa18bff8418 Change-Id: I35fce32d0f6a5cc1c3382c2d0e0d6028928fd943
2016-09-12Merge "De-bracket vncproxy_host in compute profile"Jenkins2-9/+2
2016-09-12Merge "Configure Keystone credentials"Jenkins1-0/+12
2016-09-12Merge "Add trunking plugin to list of default ML2 service plugins"Jenkins1-1/+1
2016-09-12Unset Keystone public_endpointAdam Young1-1/+0
The keystone public_endpoint value should be deduced from the calling request and not hardcoded, or it makes network isolation impossible. Change-Id: Ide6a65aa9393cb84591b0015ec5966cc01ffbcf8 Closes-Bug: 1381961
2016-09-12De-bracket vncproxy_host in compute profileBen Nemec2-9/+2
This is done in the vncproxy profile, but for some reason is not in the compute one. It causes hiera to explode when the brackets are left, so we need to do the bracket stripping here too. Also switches both places to just use the host_nobrackets version of the endpoint instead of stripping them with str_replace. Change-Id: I7ccd84b575fd652f6412fdb1869c31c79a7bf53b Closes-Bug: 1618623
2016-09-12Configure Keystone credentialsEmilien Macchi1-0/+12
Configure Keystone credentials by installing 2 keys with dynamic content generated by python-tripleoclient. Note: this is a first iteration of managing Keystone credentials. It has a few limitations: - keys are not exported to external storage. - keys are not rotated automatically. Change-Id: I45cf8821eadf528dfcdc8d74e6e0484597b0d2c0
2016-09-12Add explicit entry for ctlplane IP in /etc/hostsJuan Antonio Osorio Robles5-0/+35
There was currently no way of getting it and we can't asure that the primary IP will use it. So it's explicitly needed there. Change-Id: Idb3ca22ac136691b0bff6f94524d133a4fa10617
2016-09-12Merge "Fix service config files having wrong map_merge format"Jenkins3-3/+3
2016-09-12Merge "Make Nova VNC Proxy service name match service net map"Jenkins2-3/+3
2016-09-12Enable proxy header parsing for ManilaJuan Antonio Osorio Robles1-0/+1
This is necessary for when HAProxy is terminating TLS for manila, else we will have keystone discovery errors. This is the same we do for several other services, as manila uses the same middleware. Change-Id: Ice78b0abceb6a956bb8c1dc6212ee1b56b62b43f
2016-09-10Merge "Adjust MTU to compensate for VLAN tag issue"Jenkins1-2/+5
2016-09-10Add support for deploying Ceph RGW roleKeith Schincke1-0/+77
This patch add support for deploying Ceph RGW. Co-Authored-By: Giulio Fidente <gfidente@redhat.com> Change-Id: I88c8659a36c2435834e8646c75880b0adc52e964
2016-09-10Make Nova VNC Proxy service name match service net mapJuan Antonio Osorio Robles2-3/+3
If these names don't match then we cannot set the service's nodes, VIP and network. Change-Id: I8f1c0eaf62eee2704a5f2556a553032106db606b Closes-Bug: #1621368
2016-09-10Merge "Add support for configuring the OVS firewall driver"Jenkins1-0/+9
2016-09-09Merge "add composable services for Contrail"Jenkins6-0/+436
2016-09-09Adjust MTU to compensate for VLAN tag issueBrent Eagles1-2/+5
Some network configurations uncovered what appears to be an issue where a spurious 802.1q header is injected into tunnelled traffic. Adjusting the default value to accomodate the extra overhead should avoid this problem. Partial-Bug: #1621533 Change-Id: I9ebad2d6ad34d90fcb998497873059995cdef276
2016-09-09Merge "Generate VIP info for ctlplane VIP, not management"Jenkins2-5/+5
2016-09-09Merge "Move role deployment steps into puppet/post.yaml"Jenkins10-473/+796
2016-09-09Merge "Add keystone networks for the different endpoints"Jenkins1-0/+5
2016-09-09Move role deployment steps into puppet/post.yamlSteven Hardy10-473/+796
To enable steps to be aligned between roles, we need to define dependencies between the steps, which is only possible if we move the steps out of distinct nested stacks so we can use depends_on to serialized the steps for all roles. Note that we may be able to further refactor later to remove the per-role -config.yaml nested stacks as well. Change-Id: Ia2ea559e8eeb64763908f75705e3728ee90b5744 Partially-Implements: blueprint custom-roles
2016-09-09Merge "Add global_config_settings to services' output"Jenkins2-0/+7
2016-09-09Merge "Add service networks to hieradata"Jenkins1-0/+22
2016-09-09Generate VIP info for ctlplane VIP, not managementJuan Antonio Osorio Robles2-5/+5
The management network does not have a VIP, so it's been wrong to generate a cloud name and hieradata for this. Instead, the network that actually needs a name and a hosts entry is the ctlplane network, which actually has a VIP and there are services that use it. bp tls-via-certmonger Closes-Bug: #1621742 Change-Id: I163b2c7b5684da6dc290636f54eefe3f2b0c3e3f
2016-09-08Convert SwiftDevicesAndProxyConfig to composable formatSteven Hardy5-90/+19
Make use of the new composable per-service node_ips lists by adding a ServiceNetMap entry for SwiftStorage, then pass the data to construct the raw device list into puppet-tripleo instead of mangling it in t-h-t inside the role templates. This will allow running swift storage services on nodes other than the Controller and ObjectStorage roles, and is required to enable custom roles. Depends-On: I11deed1df712ecccf85d36a75b3bd2e9d226af36 Change-Id: I1bf5f8a9d34b1a5d64ab8656b386226b54ec1a27 Partially-Implements: blueprint custom-roles
2016-09-08Merge "Add base neutron service configuration"Jenkins1-8/+19
2016-09-08Populate vnc_api_lib.ini on compute nodes with OpenContrailJiri Stransky1-0/+12
This is setting sane defaults for vnc_api_lib.ini as requested from the field. The settings still can be overriden using NovaComputeExtraConfig if needed. Change-Id: I6a823c0b34f6ea21aa16939577ac0e1563483557 Closes-Bug: #1620647