Age | Commit message (Collapse) | Author | Files | Lines |
|
|
|
|
|
|
|
|
|
|
|
Depends-On: Icf45cf2aece398b836c87ddffde5d3056e96dc4d
Change-Id: I3577dc38a0b52092ee5e98a381eb52c3d2768c10
Signed-off-by: Thiago da Silva <thiago@redhat.com>
|
|
|
|
|
|
After deploying a fresh installed Overcloud or updating the stack
the haproxy configuration is updated correctly but no change in the
HA proxy stats happens.
This submission will add the missing resources to run pre and post
puppet tasks.
Closes-bug: 1640175
Change-Id: I2f08704daeee502c618256695a30ce244a1d7ba5
|
|
We do not encode the chars like [] possibly found in the artifacts
URL, so curl tries to glob against IPv6 addresses in brackets. This
change adds --globoff to the curl options so that IPv6 addresses in
brackets are not misinterpreted.
Closes-Bug: 1640148
Change-Id: Ic86ba1e5fb674bc15b4bcc6bd3ea9e943c4fbf8e
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
manila-share also needs the db configuration so the db-sync works
correctly when manila-api is running on a non-controller node.
Change-Id: Ib8a6f10ef6a650275fc011e51acfc4b5c7c99164
Closes-Bug: 1633077
|
|
Because manila-share is a pacemaker-managed service, it has to be
on the controller node. If you deploy the api services to a
different node, then manila-share loses access to the authtoken
hieradata generated by manila-api. Adding it explicitly to the
manila-share config allows this setup to deploy sanely.
Note that I'm having a different problem with manila db-syncs in
this setup, so there's likely another patch required to get it
fully working.
Change-Id: Iac782fa67ea912d24b9905dd8bbafb8ff28dd669
Partial-Bug: 1633077
|
|
The param is now managed in puppet-tripleo like other services.
Change-Id: I306aa6ac6e2cfc0d4602e15e11564a6be096a121
Depends-On: Ibc0ed642931dd3ada7ee594bb8c70a1c3462206d
|
|
|
|
In some scenarios we reach the kernel.pid_max value, this change
adds a parameter to the Kernel service for configuration of the
sysctl key and defaults it to 1048576.
Change-Id: Id8f3e6b7ed9846022898d7158fe9180418847085
Closes-Bug: #1639191
|
|
- Remove vncproxy firewall rules from nova-api service
- Add vncproxy firewall rules to nova-vncproxy service
- Add console port range firewall rules to nova-libvirt service
Change-Id: I421ae21c130cac6f25e7c0869b941ba77441172c
|
|
Some ports are missing to support live-migration. This patch adds them.
Documented here:
https://access.redhat.com/documentation/en/red-hat-openstack-platform/9/paged/migrating-instances/chapter-1-how-to-migrate-a-live-instance
Change-Id: I72634a9940c11602522322235e51bf27cb664e57
|
|
|
|
The hardcoded list should be configurable, and defaulted
to their current value.
Change-Id: I517aa61f21c6f4d0975b10a7aa85177c543487e0
Closes-bug: 1560098
|
|
The update configuration is generated into ceph.yaml and into
{rolename}.yaml. We should ensure puppet hiera is looking for
these files.
Change-Id: I261d16bc365b3d19adc502385edcc509a53ffc2a
Closes-Bug: #1638346
Resolves: rhbz#1388977
|
|
We want CephExternal to work without referencing CephBase which
instead defines common settings for hosted Ceph deployments.
This change fixes a reference to CephBase which was mistakenly
introduced with fix for bug #1632285.
Change-Id: Id27e935f91ad76a6877b3aa7588f54d6140aa41f
Closes-Bug: #1635014
|
|
currently udp port 8125 is blocked by default. This can cause issues
when sending statsd data.
Change-Id: Icb5569c4e3dc981e9a8accf32eedd3370552cb34
|
|
|
|
|
|
The interface for this moved to init.pp, the one we currently
use now only outputs a warning, it doesn't actually set anything.
Change-Id: Idc40cf0dc4ff0f598e0918e0de8b3233b524cdd5
Closes-Bug: 1638254
|
|
This adds the necessary hieradata for enabling TLS in the internal
network for Nova API.
bp tls-via-certmonger
Depends-On: I88380a1ed8fd597a1a80488cbc6ce357f133bd70
Change-Id: I45197f98e5b65d6b2ec364676870db4ce582ffe9
|
|
|
|
|
|
|
|
The Ceilometer middleware is in the wrong place; actually any middleware
should be deployed after catch_errors to catch any errors that would
otherwise crash the proxy service. Additionally the ceilometer
middleware should be deployed after any authentication middleware.
Closes-Bug: 1637471
Co-Authored-By: Thiago da Silva <thiago@redhat.com>
Change-Id: I710ff2f51271a78582fa502e7eecfa687800c664
|
|
A default TripleO installation uses a local directory named "d1" to be
used by Swift. With SwiftRawDisks set it is highly unlikely that that an
operator wants to use this any longer, because it affects system
perforamce and might result in an overfilled the system disk. In this
case d1 should be no longer when building rings.
This patch makes it possible to disable the d1 device usage in the ring
building process by using a new option "SwiftUseLocalDir". This is set
by default to true, not changing the default behavior. If set to false,
the d1 device won't be used when building rings.
Closes-Bug: 1634051
Change-Id: Ia9ad38e3ffa533e170f4cedd0518d830e9b2fa69
|
|
With this, we can clean it from puppet-tripleo.
Change-Id: I13638cd1af52537bef8540f0d5fa5f5f7decd392
Depends-On: Ic1967a6f4f60a273965811516f33121115d518b4
|
|
|
|
|
|
Using the SwiftRawDisks parameter neither created the XFS filesystem nor
mounted the device, requiring manual intervention by an operaror.
Partial-Bug: 1634051
Change-Id: I2da0f12635a37c1f339a3be59a7d00f352adf283
|
|
|
|
|
|
|
|
|
|
Horizon allowed hosts should name the IP addresses/
DNS names (short/long) the Horizon node is listening to.
Allowed hosts is used for header checks and is a security
mechanism.
Change-Id: I81c96357f969a1a436eecd35eb178579159bc719
|
|
|
|
|
|
We lost ability to store Glance images in NFS mounts as we moved to NG
HA architecture. This patch re-adds that ability, but the parameter
interface changes because the semantics change as well. (Pacemaker
allowed for different mounts than just NFS so the parameters were more
generic, although we only ever tested and documented NFS usage.)
Change-Id: Ic5197e09846bbf75d780dcc74da1717dcf8301d0
Related-Bug: #1635606
|