summaryrefslogtreecommitdiffstats
path: root/puppet
AgeCommit message (Collapse)AuthorFilesLines
2017-02-20Adding upgrade steps to congress serviceDan Radez1-0/+8
Change-Id: I79169baf4c59e9325355992288de2e9ad8088e3b
2017-02-20Merge "Generate Pre/Post Puppet Tasks for all roles"Jenkins1-11/+7
2017-02-20Merge "Make the DB URIs host-independent for all services"Jenkins21-38/+52
2017-02-17Make the DB URIs host-independent for all servicesMichele Baldessari21-38/+52
When fixing LP#1643487 we added ?bind_address to all DB URIs. Since this clashes with Cellsv2 due to the URIs becoming host dependent, we need a new approach to pass bind_address to pymysql that leaves the DB URIs host-independent. In change Iff8bd2d9ee85f7bb1445aa2e1b3cfbff1f397b18 we first create a /etc/my.cnf.d/tripleo.cnf file with a [tripleo] section with the correct bind-address option. In this change we make sure that the DB URIs will point to the added file and to the specific section containing the necessary bind-address option. We do introduce a new MySQLClient profile which will hold all this more client-specific configuration so that this change can fit better in the composable roles work. Also, in the future it might contain the necessary configuration for SSL for example. Note that in case the /etc/my.cnf.d/tripleo.cnf file does not exist (because it is created via the mysqlclient profile), things keep on working as usual and the bind-address option simply won't be set, which has no impact on hosts where there are no VIPs. Co-Authored-By: Damien Ciabrini <dciabrin@redhat.com> Change-Id: Ieac33efe38f32e949fd89545eb1cd8e0fe114a12 Related-Bug: #1643487 Closes-Bug: #1663181 Closes-Bug: #1664524 Depends-On: Iff8bd2d9ee85f7bb1445aa2e1b3cfbff1f397b18
2017-02-17Generate Pre/Post Puppet Tasks for all rolesJames Slagle1-11/+7
We need to generate the Pre and Post Puppet Tasks for all roles, not just the Controller role. Otherwise, you have to have a role specifically named Controller that is running your pacemaker services, or pacemaker won't be properly handled on stack-updates. When using deployed-server's it's actually not possible to have a role called Controller, since we need to use all custom roles so that we can set disable_contraints on each role. Further, it is not possible to redefine the Controller role since puppet/controller-role.yaml is listed in the excludes file. Change-Id: I737b24db90932e292b50b122640f66385f2d1c23 Partial-Bug: #1665060
2017-02-17Install nova-placement package on upgradeSteven Hardy1-0/+5
This doesn't exist in newton images, so install it via the ansible tasks during step3 (when all other packages are updated). Change-Id: I08fb7855b910ccc5a8ab2d73f1de15b695784abd Closes-Bug: #1664265
2017-02-17Merge "Apply puppet in non-controller script in step."Jenkins1-0/+1
2017-02-17Merge "docker: new hybrid deployment architecture and configuration"Jenkins2-7/+3
2017-02-17Merge "Add Newton to Ocata UpgradeInitCommonCommand"Jenkins6-1/+54
2017-02-17Merge "Automatically backup and restore Swift rings from the undercloud"Jenkins1-0/+18
2017-02-16Merge "Configuring a default ntp server."Jenkins1-2/+4
2017-02-16Merge "Remove unused nova_url from neutron config"Jenkins1-2/+0
2017-02-16Merge "Remove deprecated metering_secret"Jenkins1-1/+0
2017-02-16Merge "OVN bridge mappings for tripleo"Jenkins1-0/+11
2017-02-16Add Newton to Ocata UpgradeInitCommonCommandmarios6-1/+54
This adds the UpgradeInitCommonCommand for newton..ocata common UpgradeInit commands. This comes before the ansible upgrade steps so we need to do things like remove the old newton hieradata and install the ansible-pacemaker module and ansible heat-agent plugin This defaults to '' and is set in the major-upgrade-composable-steps and unset in the major-upgrade-converge environment files. Change-Id: I0c7a32194c0069b63a501a913c17907b47c9cc16
2017-02-15Merge "Add nova service support for composable upgrades"Jenkins9-5/+161
2017-02-15docker: new hybrid deployment architecture and configurationDan Prince2-7/+3
This patch implements a new docker deployment architecture that should us to install docker services in a stepwise manner alongside of baremetal puppet services. This works by using Yaql to select docker specific services (docker/services/*.yaml) vs the puppet specific ones and then applying the selected Json to relevant Heat software deployments for docker and baremetal puppet in a stepwise fashion. Additionally the new architecture leverages new composable services interfaces from Newton to allow configuration of per-service container configuration sets (directories that are bind mounted into kolla containers) by using the Kolla containers themselves. It does this by spinning up a throw away "configuration only" version of the container being configured itself, then running the puppet apply in that container and copying the generated config files into /var/lib/config-data. This avoids having to install all of the OpenStack dependency packages in the heat-agent-container itself (our previous approach) and should allow us to configure a much wider variety of container config files that would otherwise be impossible with the previous shared approach. The new approach (combined) should allow us to configure containers in both the undercloud and overcloud and incrementally add CI coverage to services as we containerize them. Co-Authored-By: Martin André <m.andre@redhat.com> Co-Authored-By: Ian Main <imain@redhat.com> Co-Authored-By: Flavio Percoco <flavio@redhat.com> Change-Id: Ibcff99f03e6751fbf3197adefd5d344178b71fc2
2017-02-15Apply puppet in non-controller script in step.Sofer Athlan-Guyot1-0/+1
We want to apply a puppet manifest for the non-controller role, but we need to apply it in stages. By loading the proper hieradata we get the needed step configuration. Change-Id: I07bfeee7b7d9a9b8c2c20e5d5c9ed735d0bfc842 Closes-Bug: #1664304
2017-02-15Merge "OVN plugin configuration fixes"Jenkins2-10/+23
2017-02-14Add nova service support for composable upgradesSteven Hardy9-5/+161
Co-Authored-By: Mathieu Bultel <mbultel@redhat.com> Co-Authored-By: Oliver Walsh <owalsh@redhat.com> Change-Id: Iafad800a6819d7e75fdaab60d328999d3d3c037f Partially-Implements: blueprint overcloud-upgrades-per-service Related-Bug: #1662344
2017-02-14Merge "Reduce memcached memory configuration"Jenkins1-0/+7
2017-02-14Merge "Add upgrade tasks for opstools services"Jenkins3-0/+27
2017-02-14OVN bridge mappings for tripleoBabu Shanmugam1-0/+11
This patch adds an additional configuration setting for OVN bridge mappings Co-authored-by: Numan Siddique <nusiddiq@redhat.com> Change-Id: I99f2c0c8e633e63273e2469d95fbabbbc665c87c Depends-On: Ia6d66fa954571328c0ac3542af17303def382c1a
2017-02-14Add upgrade tasks for opstools servicesMartin Mágr3-0/+27
This patch adds upgrade tasks for sensu-client, fluentd and collectd Change-Id: I3a8096159664b1934b34f6c79b8afb4a3dc645c8
2017-02-14Configuring a default ntp server.Carlos Camacho1-2/+4
Adding a default NTP server by default will keep all Pacemaker and non-Pacemaker deployments aligned with the same server by default. Also useful for keeping time diff controlled for Keystone and Ceph. Change-Id: I8a26bae15cbfb83e3abd6b9ef9d12b57467e6258
2017-02-14Use Keystone internal endpoint instead of admin for nova-ironicGiulio Fidente1-4/+4
As per I1213a83ef8693c1cca1d20de974f7949a801d9f1 this moves to using KeystoneInternal for the nova-ironic template and updates some deprecated hiera keys. Change-Id: Ib1103c00ddb7d6d624f4911147197d8355a3a6dd
2017-02-14Use Keystone internal endpoint instead of admin for servicesJuan Antonio Osorio Robles23-24/+24
The admin endpoint is listening on the ctlplane network by default; services should ideally be using the internal api network for this kind of traffic, as the ctlplane network is mostly for provisioning. On the other hand, the admin endpoint shouldn't be as relevant with services switching to keystone v3. Change-Id: I1213a83ef8693c1cca1d20de974f7949a801d9f1
2017-02-14Merge "Configure the placement API's interface to use the internal endpoint"Jenkins1-0/+6
2017-02-13Merge "Enables support for configuring Cinder with Dell EMC ScaleIO storage ↵Jenkins1-0/+111
backend."
2017-02-13Merge "nova-placement: support upgrade"Jenkins1-0/+4
2017-02-13Merge "placement: switch service to use NovaPlacementNetwork"Jenkins1-2/+2
2017-02-13Merge "Remove [heat,glance,ironic,cinder,keystone] db sync from ansible"Jenkins5-15/+0
2017-02-13Merge "Fix Neutron region in nova.conf"Jenkins1-0/+1
2017-02-13nova-placement: support upgradeEmilien Macchi1-0/+4
Upgrade nova-placement service with Ansible. Change-Id: I43cac37afbc8b39708389895d9f7350b6bd4bcfd
2017-02-13Remove [heat,glance,ironic,cinder,keystone] db sync from ansiblemarios5-15/+0
These are handle by puppet as usual (puppet run comes after the ansible steps) so remove them from these remaining upgrade_tasks Change-Id: Ic341f31251622ccb11a5f7818b2edf7a82391560
2017-02-13Remove the ansible neutron-api db sync as for other servicesmarios1-3/+0
In line with other service we leave the db sync to puppet unless needed for some workaround/upgrade related reason. Change-Id: I9ae463cda19ffdd66f9ccbae40e85551841ab938
2017-02-13Configure the placement API's interface to use the internal endpointJuan Antonio Osorio Robles1-0/+6
Due to the keystoneauth library's defaults, it uses the public interface currently. This is not desirable in most cases (specially when using network isolation); so we set it to use the internal one. Change-Id: Ic222a2b734f4d512349fd8556aa2864b13a1eb07 Depends-On: I1c7fd3a32d04e2fafb3820d1c1f221f45c613c83 Closes-Bug: #1663187
2017-02-12Merge "adding Congress Support"Jenkins1-0/+90
2017-02-12Reduce memcached memory configurationAlex Schultz1-0/+7
Previously the memcached configuration was set to use the defaults which would be 95% of the avaiable ram in the system. This can lead to memory contention issues if memcache is heavily utilized. This change reduces the default to 50% and exposes the ability to tune this configuration. Change-Id: Ie8a48ff4cf509e93d7c1487813d5feed5e5131a4 Closes-Bug: #1662941
2017-02-12Merge "Adds cluster status check_and_fail before running upgrade (step0)"Jenkins1-0/+3
2017-02-12placement: switch service to use NovaPlacementNetworkEmilien Macchi1-2/+2
... instead of using NovaApiNetwork. Change-Id: I34043c68c24b05bac98f864bc2ac2fc4743617ab
2017-02-12Fix Neutron region in nova.confEmilien Macchi1-0/+1
Default in puppet-neutron is 'RegionOne', so let's override it with the right parameter in TripleO. Change-Id: I3f1693b91178027c8e05288aeba72b7d6bd042be
2017-02-12Merge "Dump and run puppet for role which are disable_upgrade_deployment true"Jenkins1-0/+28
2017-02-10Merge "Remove gnocchi db sync from the ansible upgrade step"Jenkins1-3/+0
2017-02-10Merge "Remove unused SR-IOV parameter NeutronSupportedPCIVendorDevs"Jenkins1-7/+0
2017-02-10Remove gnocchi db sync from the ansible upgrade stepMathieu Bultel1-3/+0
Since gnocchi db sync for upgrade is made by puppet we need to remove it from ansible tasks Change-Id: I4a26513c3e3d0dcf77c007ea865364e38da3a94a
2017-02-10Adds cluster status check_and_fail before running upgrade (step0)marios1-0/+3
This depends on a change in the pacemaker_cluster resource https://review.gerrithub.io/#/c/307078/ Change-Id: Iaf50e27607b159173190912604198b6a471fe35f
2017-02-10Merge "Add pacemaker composable upgrade steps"Jenkins1-0/+15
2017-02-10Merge "Remove aodh db sync from ansible upgrade"Jenkins1-3/+0
2017-02-10Dump and run puppet for role which are disable_upgrade_deployment trueMathieu Bultel1-0/+28
We wants to run puppet on each role which has the flag disable_upgrade_deployment to true. It will run after the upgrade of the role and before running the whole converge step. Change-Id: Ia85be688d070dfb5b8337e8ef3c4bc439fb6052e