summaryrefslogtreecommitdiffstats
path: root/puppet
AgeCommit message (Collapse)AuthorFilesLines
2016-09-08Add keystone networks for the different endpointsJuan Antonio Osorio Robles1-0/+5
Keystone doesn't provide different flags to indicate that both of its endpoints are enabled. So currently we have to manually add its network to all-nodes-config. bp tls-via-certmogner Change-Id: Ibecd78706e84853107f698ba411a0c05e6f5be52
2016-09-06Add service networks to hieradataJuan Antonio Osorio Robles1-0/+22
This adds a mapping of which service is on which network. This information can be used to fetch a certificate depending on the network (since they use different hostnames). Change-Id: I176245da591bea28aeabf3d2b552f24456c98c43
2016-09-06Merge "Move VIP-related data to AllNodesConfig"Jenkins3-74/+52
2016-09-05Merge "Ironic: update default enabled drivers"Jenkins1-1/+1
2016-09-05Merge "Ironic: configure disk erasing during cleaning"Jenkins1-0/+7
2016-09-05Merge "Ironic: enable iPXE by default and make it configurable"Jenkins1-0/+23
2016-09-05Merge "Add default for DeployIdentifier in nested templates"Jenkins6-0/+6
2016-09-05Move VIP-related data to AllNodesConfigJuan Antonio Osorio Robles3-74/+52
This makes it easier to access the VIP data for other node types and de-ties this from the controller role. Change-Id: I71125576ec93889fed134b92fb59f7e7dc9920c4
2016-09-04Ironic: update default enabled driversDmitry Tantsur1-1/+1
The goal is to have only production drivers available out of box. Remove agent_ipmitool as it required additional configuration of swift temporary URLs. Add pxe_ilo and pxe_drac as they work out of box. This brings the default enabled drivers list closer to one of undercloud. Note that pxe_ssh is not enabled as it's not a production driver. Change-Id: Ic7d2190e2d39a795b024c2999e22ee47b3045cf1 Partially-Implements: blueprint ironic-integration
2016-09-03Remove mangling swift memcached list (now in puppet-tripleo)Steven Hardy2-24/+0
Moved this list manipulation to puppet-tripleo where it can easily reference the memcached_node_ips array instead of hard-coded output from the Controller. Depends-On: Ic8872e5e51732874ca5b93bff5efd3e7ed75bc31 Change-Id: I523a802c8d22be7602728ebe8966d9e2ee109cde Partially-Implements: blueprint custom-roles
2016-09-03Composable per-service VIP hieradataSteven Hardy1-39/+54
Change-Id: Iaf78a5eac223aeb50133fcc6fab043ee746d73fd Partially-Implements: blueprint custom-roles
2016-09-03Remove hard-coded per-service rabbitmq hieradataSteven Hardy1-23/+0
To avoid the hard-coded references which won't work with composable roles, we instead default to the rabbitmq_node_ips list in the per-service puppet-tripleo profiles. Change-Id: I76b7e06781fdd5d969503b6d73423bb3f5f7a41f Depends-On: Ie53c93456529420588eb1927703ea91b54095d87 Partially-Implements: blueprint custom-roles
2016-09-03Merge "Generate composable service node_names lists"Jenkins1-10/+3
2016-09-03Merge "Mv pacemaker and firewall out of controller"Jenkins3-76/+67
2016-09-02Mv pacemaker and firewall out of controllerDan Prince3-76/+67
This patch moves settings for pacemaker and the tripleo firewall out of controller.yaml. Related bug: #1604414 Change-Id: I0164717bfd79cdea3de8eb7a64771028bea201ac
2016-09-02Merge "Ironic: enabled_services moved from ironic to ironic::conductor manifest"Jenkins1-1/+1
2016-09-02Merge "Move snmp settings into composable services"Jenkins3-17/+2
2016-09-02Generate composable service node_names listsSteven Hardy1-10/+3
Some puppet interfaces require a comma separated list of hostnames where a service is running, so generate it in a similar way to th service ips. Change-Id: Icdf5d993d089dc94035194bdbd52299fcbc793be Partially-Implements: blueprint custom-roles
2016-09-02Merge "Remove repeated apache-related hieradata"Jenkins1-13/+0
2016-09-02Move snmp settings into composable servicesDan Prince3-17/+2
Provides snmp_readonly_user_* parameters to the base::snmp class and removes them from the role templates. Related-bug: #1604414 Co-Authored-By: Giulio Fidente <gfidente@redhat.com> Change-Id: I35b1ff23baff0c25e742562e1103a3882f7bf767
2016-09-02Ironic: configure disk erasing during cleaningDmitry Tantsur1-0/+7
Cleaning is run before the first and between every deployments to ensure that the node is in a clean state (hence its name). The most important part of it is wiping the hard drive. This change allows tuning this action. A new option IronicCleaningDiskErase accepts the following options: * full - for full cleaning with removing the data via ATA secure erase or shred * metadata - for cleaning only partitioning table. The third option "none" is suppored by Puppet but is not advertised here as disabling disk wiping completely is known to cause bugs. Note that the upstream Ironic default is a bit unfortunate: it enabled both processes. We set the default to "full" which has the same effect, but is faster. Change-Id: I46632f71f7ab63daac243acefa5166c58ca05da0 Partially-Implements: blueprint ironic-integration
2016-09-02Ironic: enable iPXE by default and make it configurableDmitry Tantsur1-0/+23
Introduce two new options: IronicIPXEEnabled (true by default) and IronicIPXEPort (8088 by default). Also copy UEFI configuration from instack-undercloud. Change-Id: I4e037c1ea9c8663efb4d472469d0d2640e265710 Depends-On: Icb9633134114041bbd497e7652482dd5d34c9327 Partially-Implements: blueprint ironic-integration
2016-09-02Ironic: enabled_services moved from ironic to ironic::conductor manifestDmitry Tantsur1-1/+1
Change-Id: I30003e4500ccf681121bca7f0a8ffddb05f61660 Partially-Implements: blueprint ironic-integration
2016-09-02Merge "Availability monitoring agents support"Jenkins101-3/+426
2016-09-01Merge "Ironic: service catalog entries should not have a suffix"Jenkins1-3/+3
2016-09-01Merge "Pass cinder_iscsi_address without brackets"Jenkins1-5/+1
2016-09-01Add default for DeployIdentifier in nested templatesSteven Hardy6-0/+6
Until we fix the bug where at validation time heat doesn't know if a parent passes a value into the nested template, this may be a workaround for validation failing where no default is found. Change-Id: I02b0764ac29700cd29584e356ac0cfebcda09a36 Closes-Bug: #1619352
2016-09-01Ironic: service catalog entries should not have a suffixDmitry Tantsur1-3/+3
Our OSC plugin does not play well with it - see bug 1619229. This also matches undercloud configuration. Change-Id: I5db441d321e7628a1f3f9a5bbd75a872d0719e26 Partially-Implements: blueprint ironic-integration
2016-09-01Merge "Modify sriov_numvfs config from puppet-neutron to tripleo"Jenkins1-1/+1
2016-09-01Merge "Last round of modern authtoken update"Jenkins4-15/+15
2016-08-31Pass cinder_iscsi_address without bracketsGiulio Fidente1-5/+1
We shoult never emit in hieradata: key: [ipv6] as it will cause hiera parsing errors. This can only be addressed in the puppet module. Change-Id: I0b13b6691647769e41d9af8be4112e6341827e6c Depends-On: I787becce343b38e6c27c9a1b937b47c0aefb034d Closes-Bug: 1618930
2016-08-31Merge "apache: Remove product informations"Jenkins1-0/+2
2016-08-31Last round of modern authtoken updateEmilien Macchi4-15/+15
It updates Glance, Neutron and Swift to deploy authtoken with modern pattern. Change-Id: Icfaf011ea4a23bc47d2fb45e8768f8238532dab3
2016-08-31Remove repeated apache-related hieradataJuan Antonio Osorio Robles1-13/+0
This is already set in the apache profile, so we shouldn't be setting it in horizon. Change-Id: I21bd2c6770f871b2940c03d4a2b1cff7d4616346
2016-08-31Availability monitoring agents supportMartin Mágr101-3/+426
- adds possibility to install sensu-client on all nodes - each composable service has it's own subscription Co-Authored-By: Emilien Macchi <emilien@redhat.com> Co-Authored-By: Michele Baldessari <michele@redhat.com> Implements: blueprint tripleo-opstools-availability-monitoring Change-Id: I6a215763fd0f0015285b3573305d18d0f56c7770
2016-08-31Merge "Fix Ironic service bind IPs"Jenkins2-11/+22
2016-08-31Merge "configure Heat with new authtoken parameters"Jenkins2-4/+8
2016-08-30Merge "Move ceph cluster config out of allNodesConfig"Jenkins2-20/+2
2016-08-30Merge "Added DPDK environment file and nic configs samples"Jenkins1-2/+4
2016-08-30apache: Remove product informationsDimitri Savineau1-0/+2
By default, the httpd version and the OS type is described in the HTTP header 'Server'. Server: Apache/2.4.6 (Red Hat Enterprise Linux) This patch allows to remove the specific informations related to the httpd server and the OS. Change-Id: Ib608919102bc6b2c7619a522ae1262729dc7a91e
2016-08-30Merge "Add NeutronGlobalPhysnetMtu to neutron-base.yaml"Jenkins1-0/+10
2016-08-30Merge "Mv Nova, Neutron, Horizon out of controller.yaml"Jenkins12-161/+230
2016-08-30Merge "Customize the reservation of memory for host processes"Jenkins1-5/+8
2016-08-30Add NeutronGlobalPhysnetMtu to neutron-base.yamlDan Prince1-0/+10
This adds an option to configure the global_physnet_mtu in neutron.conf. This controls the base MTU for the physical network which is used as a basis for the new auto calculated overlay network MTU's. For flat and VLAN tenant networks there has been a subtle breakage in TripleO in that users of those network types may now need to manually set NeutronGlobalPhysnetMtu to something less than the physical network to imitate the previous behavior of the now removed NeutronTenantMtu setting (removed in git 2a64b67cef74fff86ce6b56b15431b859515844d). Previously users of say a vlan tenant network in TripleO would automatically get the tenant network set to 1400. Change-Id: I25c2435feb373e11e4fc3a2821db0c96211468e0
2016-08-30configure Heat with new authtoken parametersEmilien Macchi2-4/+8
Configure Heat with new authtoken parameters provided by puppet-heat module. Also move the authtoken parameters in heat-base, required by both heat-engine and heat-api. Depends-On: I7a9d10b0a8092b3d0c70708b57637098cfe2b56d Change-Id: Id5cd3e830f64263c8d39c7d2973c99d0380e772c
2016-08-30Mv Nova, Neutron, Horizon out of controller.yamlDan Prince12-161/+230
This patch moves the settings for Nova, Neutron, and Horizon out of controller.yaml. Also fixes the NovaPassword settings in nova-base.yaml so they don't use get_input. Also, creates a new apache.yaml base service to contain shared apache settings for several services which use Apache for WSGI. Co-Authored-By: Giulio Fidente <gfidente@redhat.com> Change-Id: I35d909bd5abc23976b5732a2b9af31cf1448838e Related-bug: #1604414
2016-08-30Move ceph cluster config out of allNodesConfigSteven Hardy2-20/+2
Pass the list of ceph nodes to the ceph_mon profile via the service template - this requires some fixup to the profile to handle the ipv6 case. Note this also aligns the ServiceNetMap keys so that the composable node_ips logic will generate the lists when the ceph_mon service is enabled. Change-Id: If8a5c65f17e677fe62243b3aa746fd642f72d2b0 Depends-On: I481dd2cd2cde7f1491080e6d9c7dcb7047c22de1 Partially-Implements: blueprint custom-roles
2016-08-30Merge "Conditionally expose haproxy endpoints"Jenkins1-20/+20
2016-08-30Added DPDK environment file and nic configs samplesSaravanan KR1-2/+4
Added an environment file to configure DPDK with OVS by overriding ComputeNeutronOvsAgent. Also added nic configs for configuring DPDK bridge and bond with numbered nic format. Implements: blueprint tripleo-ovs-dpdk Co-Authored-By: Vijay Chundury <vchundur@redhat.com> Change-Id: I82b6f66394a8928f8524706c939508edd08afa9b
2016-08-30Customize the reservation of memory for host processeskarthik s1-5/+8
Allows the operator to alter the memory reservation for host processes Implements: blueprint tripleo-ovs-dpdk Change-Id: If7a099cde2e8854a14a75c1304620cc444eefcf2 Signed-off-by: karthik s <ksundara@redhat.com>