| Age | Commit message (Collapse) | Author | Files | Lines |
|---|
|
We introduce a new ServiceNetMap resource which enables some more flexible
mappings between the services and their networks.
Specifically this patch means:
1. ServiceNetMap no longer has to specify the entire list of all services,
operators may if they wish, but a subset is now valid where you want to
accept the defaults for some services (the defaults are now accessible via
the ServiceNetMapDefaults parameter.
2. We can map some keys which don't fit a pattern that enables conversion
from CamelCase to snake_case which is required for compatibility with the
service_names in puppet/services*
This should be backwards compatible, and in future when we remove internal
dependency on the CamelCase names, we could also enable operators to
specify e.g heat_api_network in ServiceNetMap which would be more consistent.
Change-Id: Ib60198adf76bb69ffbafbfac739e356d153f6194
Partially-Implements: blueprint custom-roles
|
|
|
|
|
|
|
|
|
|
These were removed in https://review.openstack.org/#/c/347050
but it turns out the defaults in the role templates is bad, as
an empty string results in a malformed hosts file fqdn.
So, partially revert that patch so we always pass the global
CloudDomain from overcloud.yaml, accepting the default configured
there, and remove the empty-string defaults in the role templates.
Change-Id: I0ea4190a23488986a3ee9e887328e0e7a03fe3aa
|
|
Currently we have a hard-coded set of per-service parameters, which
will cause problems for custom roles and full composability.
As a first step towards making this more configurable, remove the
hard-coded per-service parameters from overcloud.yaml, and adjust
the EndpointMap generation to instead accept two mappings, the
ServiceNetMap and a mapping of networks to IPs (effectively this
just moves the map lookup inside the endpoint map instead of
inside overcloud.yaml)
Change-Id: Ib522e89c36eed2115a6586dd5a6770907d9b33db
Partially-Implements: blueprint custom-roles
|
|
|
|
To enable composable generation of this switch the key names
to align with the service_name of each service.
Note that this should depend on I423b544df174254ac511b906b0c570e701678022
and previously passed CI with that defined, but because we now run
gate validation jobs on puppet-tripleo it's impossible to land, so
this now contains both old and new hiera keys temporarily, which will
be removed when the puppet-tripleo patch lands.
Change-Id: I7febf28bf409e25e8e5961ab551b6d56bb11e0c6
Partially-Implements: blueprint custom-roles
|
|
|
|
manila::keystone::auth assumes that two endpoints will be created;
one for each version of Manila. This is not consistent with what we
provide to the manifest. So we then add the needed endpoint to the
EndpointMap.
v2 is left as the default (not needing to specify a version when
getting the value from the endpoint map), and v1 was added as an
extra suffix.
Change-Id: Ie8754fbb21f50c2613a2c05a52d771f4d1aeb4bb
|
|
This adds the needed parts for the keystone endpoint of cinder v3
API.
Change-Id: Ic56446095e72b9e469a7b0e9ea5159fa31847381
|
|
This patch adds a parameter, EnableConfigPurge, to the base nova and
neutron service files. The value is passed to their respective puppet
modules to control whether resources not managed by puppet are purged
from the config files. The default value is set to true.
Change-Id: I32732dc2ed7a7b3187e8727592cb4add0c6b9cf6
Closes-Bug: #1611800
|
|
To allow per-node data such as bind_ip's to move into the
composable services templates, we do a value substitution
on the config settings hiera map, where e.g internal_api
will be replaced with the NetIpMap IP assigned to that.
To enable subnet/uri lookup via the same method, we add
all the subnet/uri mappings to the main net_ip_map output.
Change-Id: I7850d4dc8bf4db5f7ac6a6b53c1d900b561b4580
|
|
In the move to composable services, these parameters are not
necessary in the controller, but in the profile itself. They are not
yet in use but will be used to populate the keystone endpoint.
Change-Id: Iab3ab05e16872d94d3b3ab4827e2f87f4970aee3
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
Change-Id: I21c09b2b0bad7736f3c84c55bf14ef7986c2d108
|
|
In the move to composable services, these parameters are not
necessary in the controller, but in the profile itself. They are not
yet in use but will be used to populate the keystone endpoint.
Change-Id: I42e30243b631c10d9454da444afdb50e551bbb2c
|
|
|
|
|
|
Static hieradata moved to composable services, we don't need the files
anymore. It also cleanup how we construct Hieradata configuration by
removing unused hiera files.
Change-Id: I19f85b6c1b734473cf908ddaca29ad966f9f5405
|
|
This change adds a CephPools parameter which can be used to
provide custom settings for any Ceph pool.
It also removes our custom setting for the default pg_num,
pgp_num and size so that these are used for the managed
pools (and can be overridden) but aren't enforced globally.
Change-Id: Idcf28bec46beabb1b590fc8e78b43e58d8e35717
Closes-Bug: 1517969
Depends-On: I38978f0f3119e4ab7dd45021e598253cb066cb5a
|
|
|
|
This is not necessary in the controller.yaml and is more appropriate
in the profile.
Change-Id: Ie2badbd87eabb8404acff77e9aa5d091fbdd1499
|
|
Heat API and CFN API both need to have teh keystone::auth*::tenant
parameters configured.
Change-Id: Ibdc3d693f5a63362add3fc71064fc01bb4593403
|
|
In the move to composable services, these parameters are not
necessary in the controller, but in the profile itself. They are not
yet in use but will be used to populate the keystone endpoint.
Change-Id: Ib9b0e474f875a4b2ffbda11c01cb882149997b0c
|
|
In the move to composable services, these parameters are not
necessary in the controller, but in the profile itself. They are not
yet in use but will be used to populate the keystone endpoint.
Change-Id: Ia0866d893c2f3258b0e00efcb8894c7643980173
|
|
|
|
Currently Keystone auth plugins should be used to perform authorization.
admin_* parameters as well as identity_uri are deprecated and not needed
Change-Id: I3018932a106df562e94067e037b3bc862be97b51
|
|
|
|
https://review.openstack.org/#/c/318840/ decomposed the Sahara services
but they weren't added to the ControllerServices list, thus are now disabled.
Since we shipped mitaka with sahara enabled by default, we should probably add
them so the behavior is consistent when folks upgrade.
This also fixes a couple of issues we missed when landing the initial service
templates (partly because CI didn't test them).
In order for each service to operate independently when used with Pacemaker,
the roles needed to be separated. This commit also does this.
Depends-On: Id61eb15b1e2366f5b73c6e7d47941651e40651b1
Change-Id: I0846b328e9d938275e373d58f0b99219b19b326c
Closes-Bug: #1592284
Co-Authored-By: Brad P. Crochet <brad@redhat.com>
|
|
|
|
Puppet OpenStack modules are moving to a new class to configure Keystone
authtoken parameters, so we can more easily enable Keystone v3 from a
single interface. It's consistent across all modules and does support
both Keystone v2 and v3 parameters.
This patch updates Cinder now, but more will follow when we'll add
support to all modules.
Change-Id: I5aa3f2b03672c14c0dbeac222f421ab94221ecf7
|
|
Implements: blueprint composable-services-within-roles
Depends-On: Ie48a123cc5bc402aee635a5daf118b158c6f3b6a
Closes-Bug: #1601850
Change-Id: Ifcfe0e3937fa8577635d803d46c3dfc2e873e553
|
|
|
|
These interfaces have all been deprecated by keystone, and we don't
offer any parameter interface to select PKI token format anyway,
so remove these to align with keystone reccomendations.
The keystone.conf.sample says these values may be silently ignored or
removed, so it seems reasonable to do the same here (parameter_defaults
should be ignored from old stacks).
Change-Id: Ic88d584863a98ed49fc335825fbfba7a52b0f14e
Depends-On: I8232262b928c91dcde7bea2f23fa2a7c2660719e
|
|
|
|
|
|
Use the redis_vip value from hiera.
Change-Id: I3b354012c8c054633497a6d80ff325f55e7b7142
|
|
This patch adds support for conditionally enabling DVR by deploying the
L3 and metadata agents on the compute node and setting the proper
configuration values throughout.
Implements: blueprint neutron-dvr-support
Change-Id: I24099795e76ecd520c990ba49d3511288dec7a12
|
|
This is the THT part that brings us the next generation architecture
as described in the following spec:
https://review.openstack.org/#/c/299628/
Blueprint:
https://blueprints.launchpad.net/tripleo/+spec/ha-lightweight-architecture
So far we tested deployment + tripleo.sh --overcloud-pingtest and
failover + tripleo.sh --overcloud-pingtest
Note that many of the Pacemaker template files become redundant with
this change, but to simplify the process of getting this change landed,
those templates will not be removed until a future commit.
Depends-On: I5e7585c08675d8a4bd071523b94210d325d79b59
Change-Id: I00bccb2563c006f80baed623b64f1e17af20dd4e
Implements: blueprint ha-lightweight-architecture
Co-Author: cmsj@tenshu.net
|
|
|
|
|
Steven Hardy
Jenkins
Juan Antonio Osorio Robles
Brent Eagles
Emilien Macchi
Giulio Fidente
Sergey Kolekonov
Pradeep Kilambi
Michele Baldessari