path: root/puppet
AgeCommit message (Collapse)AuthorFilesLines
2017-09-29Update Opendaylight features for fdio scenariosFeng Pan3-0/+42
Use new features string for ODL nitrogen/oxygen versions Change-Id: Ie8b284f64bd6491c389129d8afdaeae8a399b607 Signed-off-by: Feng Pan <fpan@redhat.com> (cherry picked from commit ccec1c70f61cca2cf3249ec29ad2c6ab576c1d96)
2017-09-27Fix BgpVpn spelling and syntaxTim Rozet1-1/+1
Change-Id: If39072c687dcfb3fcb5c2dab33ecc3755b3396df Signed-off-by: Tim Rozet <trozet@redhat.com> (cherry picked from commit 678fa1e37bb30710406048e0a95cf44f60963452)
2017-09-23Fixes missing keystone authtoken pw for TackerTim Rozet1-0/+1
Closes-Bug: 1718997 Change-Id: I2b347cbc4595e6651b0d4be032cb862fde72e15f Signed-off-by: Tim Rozet <trozet@redhat.com> (cherry picked from commit dc8bb353e2fe5e86390adde8eeb4c6a87f00a7ae)
2017-08-14Merge "Adds Doctor DS driver to Congress"Tim Rozet1-0/+10
2017-08-11Adds Doctor DS driver to CongressCarlos Goncalves1-0/+10
Include the Doctor data source driver to the list of drivers to load. JIRA: APEX-498 Change-Id: I0749ed6e0d27bd4c9a5bb19657579d400501d09e Signed-off-by: Carlos Goncalves <carlos.goncalves@neclab.eu>
2017-08-10Add support for os-odl-fdio-dvr scenariosFeng Pan2-0/+65
Change-Id: I6a83c9e2deeb0df9a3ab09a707c9c64aa84da55e Signed-off-by: Feng Pan <fpan@redhat.com>
2017-08-08Adds networking-sfc supportTim Rozet1-0/+51
Enables deployment of service function chaining via the networking-sfc project. Implements: blueprint networking-sfc-support Depends-On: Icd433ddc6ae7de19a09f9e33b410a362c317138a Change-Id: I230b31dc9ed0ecc5046064628ba2f2505e589522 Signed-off-by: Tim Rozet <trozet@redhat.com>
2017-08-01Add Barometer service as a Compute role.jhinman11-0/+57
Change-Id: I397d2557639c87ab8afacd076a5b9fd7c056dce7 Signed-off-by: jhinman1 <john.hinman@intel.com>
2017-08-01Merge "Correcting keystone authtoken params for congress"Tim Rozet1-2/+5
2017-07-31Correcting keystone authtoken params for congressDan Radez1-2/+5
JIRA: APEX-495 Change-Id: Ibada3c58e2ba870defef356363dbf54d02c8a965 Signed-off-by: Dan Radez <dradez@redhat.com>
2017-07-30Add VPP and Honeycomb services (#104)Feng Pan8-3/+186
- Add VPP and honeycomb service - Add NeutronOverlayIPVersion setting for IPv6 vxlan tunnel endpoint Change-Id: If11092e6581445a70e63c8f6c48518698b3cc8fc Signed-off-by: Feng Pan <fpan@redhat.com>
2017-07-12Enables OpenDaylight clustering in HA deploymentsTim Rozet1-1/+2
Port 2550 is required for inter-ODL communication when clustering. odl-jolokia feature is required to expose REST APIs from ODL for monitoring the cluster. Implements: blueprint opendaylight-ha Depends-On: Ic9a955a1c2afc040b2f9c6fb86573c04a60f9f31 Change-Id: Ie108ab75cce0cb7d89e72637c600e30fc241d186 Signed-off-by: Tim Rozet <trozet@redhat.com>
2017-07-12Add BGPVPN composable serviceRicardo Noriega1-0/+34
Depends-On: I4af82d456c9d999667f2ef4d16e8f6822463d331 Change-Id: Id28df6ed307976fbb20fa1300f7349b743d96569 Signed-off-by: Ricardo Noriega <rnoriega@redhat.com>
2017-06-29Disable swift middleware ceilometer pipeline by defaultPradeep Kilambi1-11/+17
This generates tons of unnecessary events when gnocchi uses swift backend. We end up filtering most of these anyway. So lets disable this so it doesn't put useless load. Also changing the default project to service as thats what gnocchi uses to authenticate with swift. Closes-bug: #1693339 Change-Id: I40f47d46fdb06f31a739b590bf653bca71e33f61 (cherry picked from commit 142b5a28896d788a7112ae8bd2885e6c7dfcc832)
2017-06-24Enable periodic task to discover cell hosts when ironic is usedDmitry Tantsur1-0/+9
Starting with the Ocata release, bare metal nodes are no longer get recognized by nova automatically. To avoid forcing users into running nova manage command each time they enroll a node, we will have to allow enable the periodic task to do so. Change-Id: I8b0afac54dc9bd51dbe2ae4f237e4de50459be0f Closes-Bug: #1697724 (cherry picked from commit f0807b535b0cff5eac82fdaa9719650f79839c15)
2017-06-19Add parameter Ec2ApiExternalNetwork for VPCsSven Anderson1-0/+15
Change-Id: I26652afe0f513ec354c05570e7fa0e5b4b0ab669 Related-Bug: #1676491 (cherry picked from commit 773505222f2022e829d3aa3dbb8200af0ac952e3)
2017-06-17Merge "Add support for Cinder "NAS secure" driver params" into stable/ocataJenkins2-0/+24
2017-06-16Merge "Add support for autofencing to Pacemaker Remote." into stable/ocataJenkins1-0/+38
2017-06-16Merge "Add ignore_projects to filter gnocchi events" into stable/ocataJenkins1-0/+8
2017-06-16Merge "Dell SC: Add exclude_domain_ip option" into stable/ocataJenkins1-0/+4
2017-06-16Add support for Cinder "NAS secure" driver paramsAlan Bishop2-0/+24
Add new parameters that control the NAS security settings in Cinder's NFS and NetApp back end drivers. The settings are disabled by default. Partial-Bug: #1688332 Depends-On: I76e2ce10acf7b671be6a2785829ebb3012b79308 Change-Id: I306a8378dc1685132f7ea3ed91d345eaae70046f (cherry picked from commit 4a48ad89a16b79ac57475a3cb4427b9b60dcd3e3)
2017-06-15Merge "Add fqdn_external" into stable/ocataJenkins6-0/+6
2017-06-15Add ignore_projects to filter gnocchi eventsPradeep Kilambi1-0/+8
Without this, ceilometer db gets hammered with gnocchi swift events. Keystone creds are required so middleware can query for id. Related change: I5c0f4f1a2c7fe7eb39ea6441970e9ac0946a4ec1 Change-Id: I9a7a80252703e470a69dc10352e7ece45ab23150 (cherry picked from commit 37447494de7380409f4461835a2b1882ead37985)
2017-06-15Dell SC: Add exclude_domain_ip optionrajinir1-0/+4
This option allows users to exclude some fault domains. Otherwise all domains are returned. Change-Id: Iefd1a44c8fe217aee5845bba35def571317bb123 Closes-Bug: #1681490 Depends-On: I6eb2bcc7db003a5eebd3924e3e4eb44e35f60483 (cherry picked from commit e0bc8d6813d7cd0ecbef1dfe17d9d3cfec4225d7)
2017-06-14Merge "Dell SC: Add secondary DSM support" into stable/ocataJenkins1-0/+16
2017-06-14Add fqdn_externalAlex Schultz6-0/+6
In newton, we used to construct the fqdn_$NETWORK in puppet-tripleo for external, internal_api, storage, storage_mgmt, tenant, management, and ctrlplane. When this was moved into THT, we accidently dropped external which leads to deployment failures if a service is moved to the external network and the configuration consumes the fqdn_external hiera key. Specifically this is reproduced if the MysqlNetwork is switch to to exernal, then the deployment fails because the bind address which is set to use fqdn_external is blank. Change-Id: I01ad0c14cb3dc38aad7528345c928b86628433c1 Closes-Bug: #1697722 (cherry picked from commit 426de202880c890360bd446907aca44ca1e73a03)
2017-06-13Moving *postconfig where it was *postpuppetCarlos Camacho1-11/+16
We need to ensure that the pacemaker cluster restarts in the end of the deployment. Due to the resources renaming we added the postconfig resource not in the end of the deployment as it was *postpuppet. Closes-bug: 1695904 Change-Id: Ic6978fcff591635223b354831cd6cbe0802316cf
2017-06-13Add support for autofencing to Pacemaker Remote.Chris Jones1-0/+38
We now pass configuration for autofencing to Pacemaker Remote nodes. Change-Id: Ibb9c65a83cc909528024c538cf3bcc96390c555e Depends-On: I87c60bd56feac6dedc00a3c458b805aa9b71d9ce Closes-Bug: #1686115 (cherry picked from commit 05953542a6b688ee549671a46cecb5951b6c3fee)
2017-06-07Expose metric delay processing metricPradeep Kilambi1-0/+5
For performance reasons we might want to tweak this param lets expose this via tripleo. The puppet changes were added in this patch I5de5283d1b14e0bba63d6d9a440611914ba86ca4 Change-Id: I72f1fe3a47060fe37602a70b8a74fba72209127c (cherry picked from commit e33e76684c9b60b9ce50ad7996529ed49dddd9d9)
2017-06-06Fix the constraints for THT params NeutronDpdkCoreList and HostCpusListKarthik S1-2/+2
This fix needs to be backported to ocata. Conflicts: puppet/services/neutron-ovs-dpdk-agent.yaml Signed-off-by: Karthik S <ksundara@redhat.com> Closes-Bug: #1694703 Change-Id: I5938761efa4f56e576f41929e0bc12df246ac81a (cherry picked from commit 61480182f8a6f27ab7e1e73b9dd79e17a4927f0f)
2017-06-05Merge "Restrict nova migration ssh tunnel" into stable/ocataJenkins1-0/+5
2017-06-02Handle upgrading cinder-volume under pacemakerAlan Bishop1-0/+15
Add upgrade tasks for cinder-volume when it's controlled by pacemaker: o Stop the service before the entire pacemaker cluster is stopped. This ensures the service is stopped before infrastructure services (e.g. rabbitmq) go away. o Migrate the cinder DB prior to restarting the service. This covers the situation when puppet-cinder (who otherwise would handle the db sync) isn't managing the service. o Start the service after the rest of the pacemaker cluster has been started. Closes-Bug: #1691851 Change-Id: I5874ab862964fadb68320d5c4de39b20f53dc25c (cherry picked from commit c4e3bbe039135f32f0e198365e704b3dbfd00290)
2017-05-31Restrict nova migration ssh tunnelOliver Walsh1-0/+5
Specify the allowed networks for migration ssh tunneling. bp tripleo-cold-migration Change-Id: Iab022bdfb655e3c52fecebf416e75c9e981072ab Depends-on: Idb56acd1e1ecb5a5fd4d942969be428cc9cbe293 (cherry picked from commit 3d8af2fcf8e2d41600fa10584120a8117e7ef40c)
2017-05-30Enable arp_accept for all interfacesIhar Hrachyshka1-0/+2
OpenStack heavily relies on gratuitous ARP updates when moving floating IP addresses between devices. When a floating IP moves, Neutron L3 agent issues a burst of gratuitous ARP packets that should update any existing ARP table entries on all nodes that belong to the same network segment. Due to locktime kernel behavior, some gratuitous ARP packets may be ignored [1], rendering ARP table entries broken for some time. Due to a kernel bug [2], the time may be as long as hours, depending on other traffic flowing to the node. With the current EL7 kernel, the only way to make sure that nodes honor all sent gratuitous ARP updates is to set arp_accept to 1; this will disable locktime mechanism for the packets sent by Neutron L3 agent, and will make sure ARP tables are always updated. [1] https://patchwork.ozlabs.org/patch/762732/ [2] https://bugzilla.redhat.com/show_bug.cgi?id=1450203 Conflicts: puppet/services/kernel.yaml Related-Bug: #1690165 Change-Id: I863b240e0ab4c4d5bb844f91b607fd0937d5cedf (cherry picked from commit 804fd3427eeb31a2846ee096dbdac924ec39bcbc)
2017-05-22Dell SC: Add secondary DSM supportrajinir1-0/+16
Adds support for a secondary DSM in case the primary becomes unavailable. Change-Id: I0887e15a7e1c90a4f333bef6cdbb5d43ba0cd838 Closes-Bug: #1681492 Depends-On: I331466e4f254b2b8ff7891b796e78cd30c2c87f7 (cherry picked from commit 69be0c2ae7131af20385b4f11a8190ed9fba32c7)
2017-05-22Merge "Timeout early on pcs cluster status check0 during upgrade." into ↵Jenkins1-0/+2
2017-05-20Merge "Addition of firewall rules for Nuage" into stable/ocataJenkins2-6/+11
2017-05-20Merge "Disable Manila CephFS snapshots by default" into stable/ocataJenkins1-1/+1
2017-05-17Timeout early on pcs cluster status check0 during upgrade.Sofer Athlan-Guyot1-0/+2
There is a windows for the pcs cluster status to hang forever[1]. We add a timeout during check0 to avoid this situation. 2 minutes should be more than enought to get all the pcsd nodes to reply. [1] https://bugzilla.redhat.com/show_bug.cgi?id=1292858 Closes-Bug: #1680477 Change-Id: Icb3dc76e031a3d4f26294f37d169f2f61d30973e (cherry picked from commit 0ea21f51a8128e536404ffd87f741443c9287593)
2017-05-08Fix for the resource ControllerPostPuppetMaintenanceModeDeploymentCarlos Camacho1-1/+1
Depends-On: If88f403c85b79bd896a24c7816486709bd67706f Closes-Bug:1686619 Change-Id: I7c32ca39a456de9833d30c31d41fcb727d2b0a34 (cherry picked from commit 77b4bd53dae1882ae3094597e674218b7773eda9)
2017-05-08Merge pre|post puppet resources into pre|post config.Jenkins1-19/+2
The [Pre|Post]Puppet resources were renamed in https://review.openstack.org/#/c/365763. This was intended for having a pre/post deployment steps using an agnostic name instead of being attached to a technology. The renaming was unintentionally reverted in https://review.openstack.org/#/c/393644/ and https://review.openstack.org/#/c/434451. This submission merge both resources into one, and remove the old pre|post hooks. Change-Id: Ic9d97f172efd2db74255363679b60f1d2dc4e064 Closes-bug: #1669756 (cherry picked from commit 258c6ce52d0c8467f34693722a883d96345802b2)
2017-05-03Addition of firewall rules for Nuagelokesh-jain2-6/+11
Added VxLAN and metadata agent firewall rules to neutron-compute-plugin for Nuage. Removed a deprecated parameter 'OSControllerIp' as well. Change-Id: If10c300db48c66b9ebeaf74b5f5fee9132e75366 (cherry picked from commit d5309c9443cbfe50ba5e7c15f025393a58b0804c)
2017-04-28Merge "Change the default for rabbitmq back to ha-mode: all" into stable/ocataJenkins2-33/+4
2017-04-28Merge "upgrades: deploy mod_ssl when upgrading apache" into stable/ocataJenkins9-67/+116
2017-04-27Merge "Cinder-api upgrade: use httpd instead of apachectl" into stable/ocataJenkins1-1/+1
2017-04-27upgrades: deploy mod_ssl when upgrading apacheSofer Athlan-Guyot9-67/+116
1) When Apache is upgraded, install mod_ssl rpm. See https://bugs.launchpad.net/tripleo/+bug/1682448 to understand why we need mod_ssl. 2) All services that run Apache for API will use the snippet from Apache service to deploy mod_ssl, so we don't duplicate the code in all services. It's using the same mechanism as ovs upgrade to compile upgrade_tasks between both services. Change-Id: Ia2f6fea45c2c09790c49baab19b1efcab25e9a84 Closes-Bug: #1686503 (cherry picked from commit a6041608ca68aad4298ed9e8febafc442a250a55)
2017-04-26Cinder-api upgrade: use httpd instead of apachectlSofer Athlan-Guyot1-1/+1
It doesn't work downstream, so the httpd command was recommended. Change-Id: I4807333b80dad10f16e5deb56cbfdda656cd1e50 (cherry picked from commit 0b05d7fd9b0e8811755499642647919eaf64cc39)
2017-04-26Change the default for rabbitmq back to ha-mode: allMichele Baldessari2-33/+4
In change Ib62001c03e1e08f58cf0c6e0ba07a8879a584084 we switched the rabbitmq queues HA mode from ha-all to ha-exactly. While this gives us a nice performance boost with rabbitmq, it makes rabbit less resilient to network glitches as we painfully found out via https://bugzilla.redhat.com/show_bug.cgi?id=1441635. This is the THT part of the change that changes the default to ha-mode: all. NB: not clean cherry-pick due to the added metadata_settings line in master Closes-Bug: #1686337 Co-Authored-By: Damien Ciabrini <dciabrin@redhat.com> Co-Authored-By: John Eckersberg <jeckersb@redhat.com> Change-Id: I7afcf2b3c8deb13fc2134e4cae9c06a44e775384 Depends-On: I9a90e71094b8d8d58b5be0a45a2979701b0ac21c (cherry picked from commit 90fc4b2e27ef6f612a82dfc5e08884629d0fe0bf)
2017-04-26Increase documentation about parametersJuan Badia Payno1-1/+3
CollectdServer, CollectdServerPort, CollectdSecurityLevel, CollectdUsername, CollectdPassword Change-Id: I43a0aca6f620f2570bdfd88531e70611867337b0 (cherry picked from commit f209f0aa48d277ecb8300ef33225f6ce6e24a4ae)
2017-04-25Merge "SSHD Service extensions" into stable/ocataJenkins1-1/+30