Age | Commit message (Collapse) | Author | Files | Lines |
|
To let ceilometer access to keystone endpoints, use internalURL instead
of publicURL for security & performances reasons.
Ceilometer services (API, agents) will use internalURL endpoint to talk
to other services (keystone, neutron, etc).
Change-Id: I4cb843400f244cd34bbae4bc76371977780c7943
|
|
In nova.conf, set cinder/catalog_info to 'volumev2:cinderv2:internalURL'
instead of 'volumev2:cinderv2:publicURL'.
So Nova will use internal Cinder endpoint to reach volume API by
using internal network.
Depends-On: Id9e579ca31364d5207d0c1b892d0f7aa7f20f7a8
Change-Id: Ia34f0fe59f662c3ad29ca0178c01ef1570759d57
|
|
|
|
|
|
Change-Id: Ia2079fc3e350cc677811ebb970cd2b306d6e7040
|
|
|
|
|
|
Currently only Glance and Heat have their virtual IP passed to the
contrller directly.
This commit adds the same feature for :
* Ceilometer
* Cinder
* Nova
* Swift
Change-Id: I295d15d7a0aa33175a5530e3b155b0c61983b6ae
|
|
Together with [1] this change permits to parameterize the file
descriptor limit for RabbitMQ for both the Systemd startup script
and the Pacemaker resource agent.
1. https://github.com/puppetlabs/puppetlabs-rabbitmq/commit/20325325b977c508b151ef8036107dcfefdf990b
Closes-Bug: 1474586
Change-Id: I62d31e483641ccb5cf489df81146ecb31d0c423f
|
|
This commit aims to allow a deployer to specify where to send haproxy's
logs. It is backward compatible with what is already in place and send
the logs to the UNIX socket /dev/log
The value specified here will be written in the haproxy.cfg file with
the following behavior
HAProxySyslogAddress: 127.0.0.1 -> log 127.0.0.1 local0
HAProxySyslogAddress: ::1 -> log ::1 local0
HAProxySyslogAddress: /dev/log -> log /dev/log local0 (default)
Change-Id: I46c489a1f424e2219d129f332e64c64019aef850
Depends-On: If7f7c8154e544e5d8a49f79f642e1ad01644a66d
|
|
This patch allows the case where we're not running Ceph to host Persistent
storage (volumes) but just to host Ephemeral storage (VMs).
Before we were only allowing Ephemeral storage on Ceph when also
Persistent storage was using Ceph.
Change-Id: I03b775326e4424de413452f4453d4d88de0083bc
|
|
Change-Id: Ieb27729c6b33ffc849d07200ec0d42508214956e
Closes-Bug: #1399793
|
|
|
|
If horizon is running in production (DEBUG is False), it will answer
only to the IPs/hostnames specified in the ALLOWED_HOSTS variable in the
local_settings.py configuration file.
The puppet-horizon module offer the feature to customize that,
tripleo-heat-teamplates was missing the link between the top-level
parameter and the puppet parameter, hence this commit.
More info :
* https://docs.djangoproject.com/en/dev/ref/settings/#allowed-hosts
* https://github.com/openstack/puppet-horizon/blob/master/templates/local_settings.py.erb#L14-L24
Change-Id: I5faede8b74a0318e15baa761dc502b95b051ae0d
|
|
|
|
|
|
The httpd daemon will be started and managed by Pacemaker, it should
not be enabled by puppet. Ideally, it shouldn't be started either
but it seems it isn't possible with horizon and apache mod_wsgi [1].
1. https://bugzilla.redhat.com/show_bug.cgi?id=1247547
Change-Id: I8a1b23c4ea27ac86385314f6cfde8c49d0879969
Co-Authored-By: marios andreou (marios@redhat.com)
|
|
|
|
|
|
|
|
Previously the Registry service was reached using the local IP.
Change-Id: I8f2b7275cd39d8a5358d8ce69f4f7e5bc7758b62
|
|
|
|
|
|
In the current neutron-* services constraints chain, the ovs and
netns cleanup services are re-run after a neutron-server restart.
As discussed at [1] this may not be desirable leaving some neutron
services down and any tenant routers without IP.
This review introduces a second constraints chain so we now have:
neutron-server-->openvswitch-->dhcp-->l3-->metadata
and
ovs-cleanup-->netns-cleanup-->openvswitch
Instead of a single chain like
neutron-server-->ovs-cleanup-->netns-cleanup-->openvswitch-->
dhcp-->l3-->metadata
[1] https://bugzilla.redhat.com/show_bug.cgi?id=1266910#c12
Related-Bug: 1501378
Change-Id: I4096704257aff74ff5bd37d8d01d8a776c6c6a76
|
|
The removal of default MariaDB accounts was being triggered roughly at
the same time on all controllers, causing a race condition -- multiple
nodes found an account present and attempted deletion, but then only one
succeeded with the deletion, the others failed.
HA controller deletes the accounts only on bootstrap node now, which
fixes the issue.
Change-Id: Ieacd10a6ce26da50f6a37eaa3221d866c24353fa
|
|
By including ::ceilometer::config on controller & compute, we allow
anyone to trick ceilometer.conf with any parameter, using Hiera.
Change-Id: Ie6698d5e6900ecaaf7f19ed79e9c44b39ced0559
|
|
|
|
It's become apparent that some actions are required in the pre-deploy
phase for all nodes, for example applying common hieradata overrides,
or also as a place to hook in logic which must happen for all nodes
prior to their removal on scale down (such as unregistration from
a satellite server, which currently doesn't work via the
*NodesPostDeployment for scale-down usage).
So, add a new interface that enables ExtraConfig per-node (inside the
scaled unit, vs AllNodes which is used for the cluster-wide config
outside of the ResourceGroup)
Change-Id: Ic865908e97483753e58bc18e360ebe50557ab93c
|
|
This change updates yum_update.sh so that we set set a boolean
output when "managed" packages should get updated. The
output is named 'update_managed_packages' and for the
puppet implementation it is wired up so that it
directly sets tripleo::packages::enable_upgrade to
control whether packages are updated.
It also modifies yum_update.sh to build a yum update excludes list for
packages managed by puppet. The exclude lists are being
generated via puppet-tripleo as well via the new 'write_package_names'
function that is now wired into all the role manifests.
This change does not actually trigger the puppet apply. The fix for
Related-Bug: #1463092 will be used to trigger the puppet run when the
hiera changes. As a minor tweak to this logic we append the
UpdateIdentifier to the config_identifier so that we ensure
puppet gets executed on an update where other (non-related)
hiera changes also occur.
Co-Authored-By: Dan Prince <dprince@redhat.com>
Change-Id: I343c3959517eae38bbcd43648ed56f610272864d
|
|
This patch updates all of the overcloud manifests so that
we write out flat files containing lists of the Puppet
packages which were managed by each manifest.
The flat files all get written to
/var/lib/puppet-tripleo/installed-packages/ where they can
be easily parsed by external tools. Example format from
the flat files looks like (for the controller step 1):
cat /var/lib/puppet-tripleo/installed-packages/overcloud_controller1
keepalived
haproxy
Depends-On: If3e03b1983fed47082fac8ce63f975557dbc503c
Change-Id: Ia324a08711796aa664f9c0273a051f4f2e3e92c9
|
|
Also adds an environment file which can be passed to heat stack-create
to enable debugging.
Change-Id: I9758e2ca3de6a0bed6d20c37ea19e48f47220721
Depends-On: Ie92d1714a8d7e59d347474039be999bd3a2b542f
|
|
This enables support for the Cisco N1kv driver for the ML2 plugin.
It also configures the Nexus 1000v switch.
Co-Authored-By: Steven Hillman <sthillma@cisco.com>
Depends-On: I02dda0685c7df9013693db5eeacb2f47745d05b5
Depends-On: I3f14cdce9b9bf278aa9b107b2d313e1e82a20709
Change-Id: Idf23ed11a53509c00aa5fea4c87a515f42ad744f
|
|
|
|
Make core_plugin, type_drivers and service_plugins parameter in
neutron configurable through heat.
Also changing the type_drivers order to "vxlan,vlan,flat,gre"
Change-Id: Iba895ed5897bdaf7bb772ffc063c424abb6e1638
|
|
This change adds a CephStorageExtraConfigPre which can be used
to distribute hooks for the CephStorage nodes.
Change-Id: Id0023d8ffddb3ee5e855d5dcc32c76bc41ce4c63
|
|
It is currently not possible to specify settings per host and not per
type of host.
One of the example of the problematic that could cause is : What if
node0 have devices /dev/sdb and /dev/sdc while node1 have devices
/dev/sda and /dev/sdd, they is currently no way to specify that simply.
The idea here is to add a top priority file in the hiera lookup that
will match the UUID of the System Information section in the output of
the dmidecode command.
The file could be provided with the firstboot/rsync stack for example.
Change-Id: I3ab082c8ebd2567bd1d914fc0b924e19b1eff7d0
|
|
Shows one method of passing a map of data in to the pre_deploy extraconfig
interface, such that it could be used in combination with
https://review.openstack.org/#/c/215013/ to create a node uuid specific
hieradata file, or to perform some other non-puppet per-node configuration.
This would be used by specifying an environment file like:
resource_registry:
OS::TripleO::ControllerExtraConfigPre: puppet/extraconfig/pre_deploy/per_node.yaml
parameter_defaults:
NodeDataLookup: |
{"AB4114B1-9C9D-409A-BEFB-D88C151BF2C3": {"foo": "bar"},
"8CF1A7EA-7B4B-4433-AC83-17675514B1B8": {"foo2": "bar2"}}
Change-Id: I62e344669e0ca781dd93d3f7d2190b70299877c2
|
|
|
|
|
|
|
|
|
|
The collection of hostname to MAC mappings done in AllNodesPostDeploy
uses 'hostname -f' to get the FQDN for each node. This form
of the command causes a nameserver lookup for the domain name. A
timing issue has been seen where the hostname lookup fails due to
the nameserver not having the mapping yet. The solution is to
hardcode the domain to 'localdomain' as is done in a few other
patches--ie. see controller-puppet.yaml.
Change-Id: Ibea50fcc6b9f22ca163ff063e0dc9ca69dff5f34
|
|
|
|
The staticweb middleware needs to be put after authentication
middlewares to ensure correct functionality as documented in
http://docs.openstack.org/developer/swift/middleware.html#staticweb
Without this Swift sends a HTML response even if the request was done
using a X-Auth-Token. This might result in a faulty handling of the response on
the client side; for example, "swift stat containername" would report an empty,
private container, while the container might actually be public readable with
data stored in it.
Closes-bug: 1494896
Change-Id: Id48840e0041f8d272e08def292fbedfaf76bbfbb
Co-Authored-By: Christian Schwede <cschwede@redhat.com>
|
|
This patch adds settings for swift::storage::all so
that we set the recommended the incoming and outgoing
chmod permissions.
Depends-On: I627ab2255087b0ebc2d3ddc9cd4a7a7d254abb65
Change-Id: I2f14c9afe7b7135ad1bfecb9db0a39bfc3b4d03a
|
|
Updates the /puppet directory templates so that we drop the
'-puppet' from the filenames. This is redundant because
we already have puppet in the directory name and fixes
inconsistencies where we aren't using -puppet in
all the files within the puppet directory.
Depends-On: I71cb07b2f5305aaf9c43ab175cca976e844b8175
Change-Id: I70d6e048a566666f5d6e5c2407f8a6b4fd9f6f87
|
|
This is unused on compute nodes and does not need to be specified.
Further, nova::api is not even included in the compute puppet manifest,
so it had no effect anyway.
Change-Id: I7589bf544fb1ddad3cd371869756cb880c0bac37
|
|
We were calling nova_config resource to define it
but as of Ic060fc18c8f5d7dc8fcf1d7bd921623dc505a515
its now included as part of the nova::api class.
Closes-bug: #1498237
Change-Id: I948f26304536e2d692acf38d994d29167672168b
Depends-On: I2789e782a4fd673e09c6334b6d56819c68414c80
|
|
|
|
This patch updates all network configuration templates so that
we configure the ctlplane network interface with a static IP
instead of using DHCP.
The IP address used for the static IP is passed into each
nested stack network configuration template via the ControlPlaneIp
parameter.
Three new nested stack parameters called ControlPlaneSubnetCidr,
ControlPlaneDefaultRoute, and EC2MetadataIp have been added to help
configure the CIDR, default route, and EC2 metadata route on the ctlplane
statically. These parameters can be customized via the
parameter_defaults section in the heat environment.
A single new template called net-config-static-bridge.yaml has
been added to help migrate towards using the static
configuration templates when not using network isolation.
Depends-On: I257e1cba6dee16f73f75512d1284e1e3b9d4c831
Change-Id: Ib267e6dcf2d5ff77f7a82ee20a123965c2d07565
|