aboutsummaryrefslogtreecommitdiffstats
path: root/puppet
AgeCommit message (Collapse)AuthorFilesLines
2016-09-17Set VNC URL parameters for nova-computeJuan Antonio Osorio Robles1-0/+3
These are needed so the computes can advertize the VNC URL correctly. Change-Id: Ic3eba9fe929ce396b584249eb84415de09ab1b62 Closes-Bug: #1623607
2016-09-17Merge "Add NetApp Manila driver integration and tidy up generic"Jenkins3-66/+205
2016-09-17Merge "Convert AllNodesExtraConfig to support composable roles"Jenkins2-28/+12
2016-09-16Merge "Expose parameter to enable combination alarms"Jenkins1-0/+6
2016-09-16Merge "Convert deploy steps to jinja2 loop"Jenkins2-644/+139
2016-09-16Merge "Set client protocol for glance registry client"Jenkins1-0/+1
2016-09-16Merge "Unset Keystone public_endpoint"Jenkins1-1/+0
2016-09-16Merge "Populate vnc_api_lib.ini on compute nodes with OpenContrail"Jenkins1-0/+12
2016-09-16Convert AllNodesExtraConfig to support composable rolesSteven Hardy2-28/+12
This adjusts the interface to OS::TripleO::AllNodesExtraConfig so it supports custom/composable/optional roles. Note this does break backwards compatibility, and I can't see any way to avoid that. I've converted the in-tree templates, and we'll have to document carefully and or provide a script (or automated conversion via mistral perhaps?) to allow folks to easily adjust any out of tree templates to the new format. Basically you just have to: 1. Remove all the *_servers parameters, replace with one "servers" json parameter 2. Replace references to e.g "controller_servers" with "servers, Controller" which does a path-based lookup into the json map provided by overcloud.yaml Change-Id: I5eebf853646b2f6300d6b542fcd4f43e82d3b413 Partially-Implements: blueprint custom-roles
2016-09-16Convert deploy steps to jinja2 loopSteven Hardy2-644/+139
Refactor so the post-deploy steps recently moved into puppet/post.yaml are generated by jinja2 instead of hard-coded Change-Id: I488e46aaa449c95571bd3d1de9513c3d0730baf3 Partially-Implements: blueprint custom-roles
2016-09-14Set client protocol for glance registry clientJuan Antonio Osorio Robles1-0/+1
To communicate to glance registry, glance API has several parameters that it uses to form the URI. Right now we are defaulting to http, when we enable TLS everywhere, this will break. So setting the value from the endpoint map should fix it. Closes-Bug: #1623477 Change-Id: Id86787cbaa6f87fdcf9c26111c228fd59fbba012
2016-09-14Expose parameter to enable combination alarmsPradeep Kilambi1-0/+6
The puppet-tripleo change for the same is merged I9220b7d020dc8ed45dd6ca83ea9647efd67ea648 Change-Id: Ic5309ada98c78a15aa3a47dd94acb9e68eb25295
2016-09-14Merge "Add support for deploying Ceph RGW role"Jenkins1-0/+77
2016-09-13Move role ResourceGroups inside the jinja2 loopSteven Hardy3-0/+15
This moves the now nearly identical group resources inside the loop there's a FIXME related to some deprecated compute parameters we'll need to work around. Change-Id: Iddd63c42754867125e65e7721ab9d9f46f4d6afb Partially-Implements: blueprint custom-roles
2016-09-13Merge "Enable proxy header parsing for Manila"Jenkins1-0/+1
2016-09-13Add NetApp Manila driver integration and tidy up genericmarios3-66/+205
Enables configuring a NetApp backend for the Manila service This was created based on the review at https://review.openstack.org/#/c/188138/ This makes the netapp and generic backends disabled by default in the services/manila-backend-*.yaml. A backend is then enabled via backend-specific environment files, which will set any config parameters and enable that backend. It is expected that multiple manila backend specific environment files might be specified simultaneously. Finally generic and manila config is split into separate service files rather than using manila-base for all the things. Co-Authored-By: Ryan Hefner <rhefner@redhat.com> Co-Authored-By: Ben Swartzlander <ben@swartzlander.org> Closes-Bug: 1618479 Depends-On: Ic6f8e8d27ca20b9badddea5d16550aa18bff8418 Change-Id: I35fce32d0f6a5cc1c3382c2d0e0d6028928fd943
2016-09-12Merge "De-bracket vncproxy_host in compute profile"Jenkins2-9/+2
2016-09-12Merge "Configure Keystone credentials"Jenkins1-0/+12
2016-09-12Merge "Add trunking plugin to list of default ML2 service plugins"Jenkins1-1/+1
2016-09-12Unset Keystone public_endpointAdam Young1-1/+0
The keystone public_endpoint value should be deduced from the calling request and not hardcoded, or it makes network isolation impossible. Change-Id: Ide6a65aa9393cb84591b0015ec5966cc01ffbcf8 Closes-Bug: 1381961
2016-09-12De-bracket vncproxy_host in compute profileBen Nemec2-9/+2
This is done in the vncproxy profile, but for some reason is not in the compute one. It causes hiera to explode when the brackets are left, so we need to do the bracket stripping here too. Also switches both places to just use the host_nobrackets version of the endpoint instead of stripping them with str_replace. Change-Id: I7ccd84b575fd652f6412fdb1869c31c79a7bf53b Closes-Bug: 1618623
2016-09-12Configure Keystone credentialsEmilien Macchi1-0/+12
Configure Keystone credentials by installing 2 keys with dynamic content generated by python-tripleoclient. Note: this is a first iteration of managing Keystone credentials. It has a few limitations: - keys are not exported to external storage. - keys are not rotated automatically. Change-Id: I45cf8821eadf528dfcdc8d74e6e0484597b0d2c0
2016-09-12Add explicit entry for ctlplane IP in /etc/hostsJuan Antonio Osorio Robles5-0/+35
There was currently no way of getting it and we can't asure that the primary IP will use it. So it's explicitly needed there. Change-Id: Idb3ca22ac136691b0bff6f94524d133a4fa10617
2016-09-12Merge "Fix service config files having wrong map_merge format"Jenkins3-3/+3
2016-09-12Merge "Make Nova VNC Proxy service name match service net map"Jenkins2-3/+3
2016-09-12Enable proxy header parsing for ManilaJuan Antonio Osorio Robles1-0/+1
This is necessary for when HAProxy is terminating TLS for manila, else we will have keystone discovery errors. This is the same we do for several other services, as manila uses the same middleware. Change-Id: Ice78b0abceb6a956bb8c1dc6212ee1b56b62b43f
2016-09-10Merge "Adjust MTU to compensate for VLAN tag issue"Jenkins1-2/+5
2016-09-10Add support for deploying Ceph RGW roleKeith Schincke1-0/+77
This patch add support for deploying Ceph RGW. Co-Authored-By: Giulio Fidente <gfidente@redhat.com> Change-Id: I88c8659a36c2435834e8646c75880b0adc52e964
2016-09-10Make Nova VNC Proxy service name match service net mapJuan Antonio Osorio Robles2-3/+3
If these names don't match then we cannot set the service's nodes, VIP and network. Change-Id: I8f1c0eaf62eee2704a5f2556a553032106db606b Closes-Bug: #1621368
2016-09-10Merge "Add support for configuring the OVS firewall driver"Jenkins1-0/+9
2016-09-09Merge "add composable services for Contrail"Jenkins6-0/+436
2016-09-09Adjust MTU to compensate for VLAN tag issueBrent Eagles1-2/+5
Some network configurations uncovered what appears to be an issue where a spurious 802.1q header is injected into tunnelled traffic. Adjusting the default value to accomodate the extra overhead should avoid this problem. Partial-Bug: #1621533 Change-Id: I9ebad2d6ad34d90fcb998497873059995cdef276
2016-09-09Merge "Generate VIP info for ctlplane VIP, not management"Jenkins2-5/+5
2016-09-09Merge "Move role deployment steps into puppet/post.yaml"Jenkins10-473/+796
2016-09-09Merge "Add keystone networks for the different endpoints"Jenkins1-0/+5
2016-09-09Move role deployment steps into puppet/post.yamlSteven Hardy10-473/+796
To enable steps to be aligned between roles, we need to define dependencies between the steps, which is only possible if we move the steps out of distinct nested stacks so we can use depends_on to serialized the steps for all roles. Note that we may be able to further refactor later to remove the per-role -config.yaml nested stacks as well. Change-Id: Ia2ea559e8eeb64763908f75705e3728ee90b5744 Partially-Implements: blueprint custom-roles
2016-09-09Merge "Add global_config_settings to services' output"Jenkins2-0/+7
2016-09-09Merge "Add service networks to hieradata"Jenkins1-0/+22
2016-09-09Generate VIP info for ctlplane VIP, not managementJuan Antonio Osorio Robles2-5/+5
The management network does not have a VIP, so it's been wrong to generate a cloud name and hieradata for this. Instead, the network that actually needs a name and a hosts entry is the ctlplane network, which actually has a VIP and there are services that use it. bp tls-via-certmonger Closes-Bug: #1621742 Change-Id: I163b2c7b5684da6dc290636f54eefe3f2b0c3e3f
2016-09-08Convert SwiftDevicesAndProxyConfig to composable formatSteven Hardy5-90/+19
Make use of the new composable per-service node_ips lists by adding a ServiceNetMap entry for SwiftStorage, then pass the data to construct the raw device list into puppet-tripleo instead of mangling it in t-h-t inside the role templates. This will allow running swift storage services on nodes other than the Controller and ObjectStorage roles, and is required to enable custom roles. Depends-On: I11deed1df712ecccf85d36a75b3bd2e9d226af36 Change-Id: I1bf5f8a9d34b1a5d64ab8656b386226b54ec1a27 Partially-Implements: blueprint custom-roles
2016-09-08Merge "Add base neutron service configuration"Jenkins1-8/+19
2016-09-08Populate vnc_api_lib.ini on compute nodes with OpenContrailJiri Stransky1-0/+12
This is setting sane defaults for vnc_api_lib.ini as requested from the field. The settings still can be overriden using NovaComputeExtraConfig if needed. Change-Id: I6a823c0b34f6ea21aa16939577ac0e1563483557 Closes-Bug: #1620647
2016-09-08Add support for configuring the OVS firewall driverBrent Eagles1-0/+9
This patch introduces a parameter to allow customizing the Neutron OpenvSwitch agent's firewall driver configuration. Closes-Bug: 1618507 Change-Id: I595c392f7a1afe2164bf562224d9eda9b3dfa982
2016-09-08Merge "Create entries for overcloud VIPs in /etc/hosts"Jenkins1-0/+56
2016-09-08Add keystone networks for the different endpointsJuan Antonio Osorio Robles1-0/+5
Keystone doesn't provide different flags to indicate that both of its endpoints are enabled. So currently we have to manually add its network to all-nodes-config. bp tls-via-certmogner Change-Id: Ibecd78706e84853107f698ba411a0c05e6f5be52
2016-09-07Merge "OVN heat templates"Jenkins2-0/+124
2016-09-07Fix service config files having wrong map_merge formatSaravanan KR3-3/+3
map_merge in heat templates should start with hypen for each map group, few templates are missing the hypen for the second map group, which is added in this patch Closes-Bug: #1621008 Change-Id: I307fdd7afc374cce46d6e378594f1b688b9fd4f6
2016-09-07Add base neutron service configurationBrent Eagles1-8/+19
Include the neutron-base service definition to align pull in common configurations. This might not be *absolutely* necessary as any required common configuration would likely already be added by and OVS agent service, etc. but it's better to be safe than sorry and it does keep things consistent across the Neutron services. Implements: blueprint tripleo-sriov Change-Id: I10a9d9b29760475e6cd75e4057051c75a52ffbb7
2016-09-07Create entries for overcloud VIPs in /etc/hostsJuan Antonio Osorio Robles1-0/+56
This will aid us in using FQDNs instead of IPs if DNS is not set. If the deployer already has DNS set up, they can easily disable this profile by adding the use-dns-for-vips.yaml environment file. bp tls-via-certmonger Change-Id: I8c1b3f253d0149d575171c208f9a1342a7b26450 Depends-On: I1bdb2701dfb3e7ef072e674c9882d3be5af7296c
2016-09-07Add VIP names to allNodesConfigJuan Antonio Osorio Robles1-0/+15
The nodes need to be aware of the fqdn's for the specific endpoints in the cloud. This could be either to set the entries in /etc/hosts or to select an appropriate hostname for a certificate to be generated. bp tls-via-certmonger Change-Id: I9b4645b937a344f46ec18a9a68c5afa2bc5206d0