| Age | Commit message (Collapse) | Author | Files | Lines |
|---|
|
|
|
|
|
|
|
|
|
As with other services, this passes the necessary hieradata to enable
TLS for RabbitMQ. This will mean (once we set it via puppet-tripleo)
that there will only be TLS connections, as the ssl_only option is being
used.
bp tls-via-certmonger
Change-Id: I960bf747cd5e3040f99b28e2fc5873ca3a7472b5
Depends-On: Ic2a7f877745a0a490ddc9315123bd1180b03c514
|
|
|
|
Configure keystone_authtoken for Sahara service.
Change-Id: I045b7d1d52851ab0d532a8524fcea95705e3db78
Partial-implement: blueprint keystone-v3
|
|
This also moves the explicit usages of the Keystone V3 endpoint fromt he
EndpointMap, as using the uri_no_suffix defeats that usage.
Change-Id: I5f07a0cee07fa28b88c419e25e014094004b1bce
Partial-Implement: blueprint keystone-v3
|
|
This means we can remove the special BannerText hiera reference
in the puppet-tripleo profile
Change-Id: Id4c8b853fa0e9bcdffe2cf7cd1554a9be7451b25
|
|
|
|
|
|
|
|
This uses a puppet-tripleo profile to configure and start docker
in step1 of the deployment, which is before we attempt to deploy
any containers (see docker/services/README.rst#docker-steps)
This enables existing environments on upgrade to configure things
correctly, without using the docker/firstboot/setup_docker_host.sh
- the firstboot approach may still be needed for atomic, but for
environments where we can run puppet on the host this integrates
more cleanly with our existing architecture I think.
Depends-On: Id8add1e8a0ecaedb7d8a7dc9ba3747c1ac3b8eea
Change-Id: If4ffe21579bcb2770f4e5a96be7960b52927a27b
|
|
|
|
|
|
Change-Id: I54a3cac11ae63c553f831a3f8eeca2cbe4cc88d3
Signed-off-by: Feng Pan <fpan@redhat.com>
|
|
It doesn't work downstream, so the httpd command was recommended.
Change-Id: I4807333b80dad10f16e5deb56cbfdda656cd1e50
|
|
|
|
The new hiera hook in I21639f6aadabf9e49f40d1bb0b1d0edcfc4dbc5e
was added to most of the tripleo-heat-templates in
Ibe7e2044e200e2c947223286fdf4fd5bcf98c2e1
The new hook is installed by default if you use tripleo-common
Ia1864933235152b7e899c4442534879f8e22240d and will be installed
as part of the Newton to Ocata upgrades workflow in
I0c7a32194c0069b63a501a913c17907b47c9cc16
In order to use the new hiera data as part of the upgrade we
need to remove the old hieradata which will break anyone still
defining and using it. This change updates the remaining vendor
plugin manifests to use the new hiera hook. The pre-requisite
is that the new hook is installed on their overcloud (as above
it comes if you follow the N..O upgrade)
Change-Id: Ic95154734cb21e6b941c7f1569295b413963831d
|
|
|
|
The puppet facts will be removed soon and using the hiera value is
adviced instead.
Change-Id: I318f81abaac997370e950780993dc95cae088327
|
|
The puppet facts will be removed soon and using the hiera value is
adviced instead.
Change-Id: I3ba89dd9bd471c5723325efc9041ca6da937ccc5
|
|
Upgrade process wasn't consistent and correct.
Change-Id: Id1f810d33c2909957be9a2c96d18c96dee939953
|
|
|
|
|
|
|
|
Change-Id: Icc5fbf99301ae47344e1582767e1e7a4687f491b
|
|
In ocata we changed the rabbitmq ha policy to "ha-exactly" via the
following changes:
- tht: Iace6daf27a76cb8ef1050ada0de7ff1f530916c6
- puppet-tripleo: Ib62001c03e1e08f58cf0c6e0ba07a8879a584084
We took care of the upgrade path via I3a97505d2ae1ae27f3080ffe74c33fdabffd2420
With the move to the ansible-based composable upgrades we left this change out.
And now an upgraded environment has the following policy:
- Upgraded environment
Attributes: set_policy="ha-all ^(?!amq\.).* {"ha-mode":"all"}"
- New environment
Attributes: set_policy="ha-all ^(?!amq\.).* {"ha-mode":"exactly","ha-params":2}"
We need to add this pcs resource change to the our upgrade scripts.
Change-Id: I3c4113c207e9d0c45be43df7c2379ac26cb60692
Closes-Bug: #1668600
|
|
Change-Id: I740b20b12acb3740886409bff86c4989f0a066f4
Signed-off-by: Tim Rozet <trozet@redhat.com>
|
|
Change-Id: I189edaf69c0e97a3399e6af939595f98322d7c03
Partially-Implements: blueprint overcloud-upgrades-per-service
|
|
During upgrades, validation test if a service is running before the
upgrade process starts.
In some cases, servies doesn't exist yet so we don't want to run the
validation.
This patch makes sure we check if the service is actually present on the
system before validating it's running correctly.
Also it makes sure that services are enabled before trying to stop them.
It allows use-cases where we want to add new services during an upgrade.
Also install new packages of services added in Ocata, so we can validate
upgrades on scenarios jobs.
Change-Id: Ib48fb6b1557be43956557cbde4cbe26b53a50bd8
|
|
|
|
|
|
|
|
Prior to https://review.openstack.org/#/c/271450/ os-net-config was
applied via os-refresh-config directly, which meant that even though
UpdateDeployment and NetworkDeployment can be created concurrently,
we'd always do the os-net-config step first.
However now that we apply both steps via scripts (which are both handled
via the same heat-config hook) we should add an explicit dependency to
ensure the network is always fully configured before attempting to run
any update. This should avoid the risk of e.g running an update on
initial deployment before the network connectivity to access yum repos
is in place.
Change-Id: Idff7a95afe7b49b6384b1d0c78e76522fb1f8eb7
Related-Bug: #1666227
|
|
|
|
|
|
|
|
In the previous release[1], the services were stopped before the
pacemaker services, so that they get a chance to send last message to
the database/rabbitmq queue:
Let's do the upgrade in the same order.
[1] https://github.com/openstack/tripleo-heat-templates/blob/stable/newton/extraconfig/tasks/major_upgrade_controller_pacemaker_2.sh#L13-L71
Change-Id: I1c4045e8b9167396c9dfa4da99973102f1af1218
|
|
Rename ec2-api_enabled to ec2_api_enabled so we avoid this error:
The conditional check 'ec2-api_enabled.rc == 0' failed.
The error was: error while evaluating conditional
(ec2-api_enabled.rc == 0): 'api_enabled' is undefined"}
Change-Id: Id325fd7eba397155eac7fb6c7410f88486173ba1
|
|
|
|
Change-Id: I256d2fcb6353d029750113c1fec59a89c82583ca
|
|
While the heat templates specify a default value of 3, it rarely seems
to have an effect as the tripleoclient is setting this according to the
controller scale. This was fine before composable roles, but it is now
invalid. While the client needs to be modified to no longer set this
according to controller scale, the template should default to a sentinel
value that will allow the puppet code to determine the proper value by
the number of hosts that have the neutron dhcp agent deployed on them.
Depends-On: I5533e42c5ba9f72cc70d80489a07e30ee2341198
Partial-bug: #1632721
Change-Id: I06628764c4769d91bbc42efe1c722702d6574d02
|
|
|
|
|
|
|
|
|
|
Change-Id: Ic50aee9e635f62f06fa757fa3d88d9d8c5b28fcb
|
|
|
|
It was using a hiera key, and fetching that from a hiera call in the
puppet manfiest. But we can remove that if we set it via hiera from
t-h-t.
Change-Id: I5af5ccb88e644f4dd25503d8e7a93796695d3039
|
Jenkins
Juan Antonio Osorio Robles
Emilien Macchi
Steven Hardy
Feng Pan
marios
Pradeep Kilambi
Michele Baldessari
Tim Rozet
Sofer Athlan-Guyot
Dan Radez
Brent Eagles