aboutsummaryrefslogtreecommitdiffstats
path: root/puppet
AgeCommit message (Collapse)AuthorFilesLines
2016-03-10compute: include VIR_MIGRATE_TUNNELLED when doing VM shared storageEmilien Macchi1-6/+28
This patch makes sure: * When doing shared storage Nova is configured with block_migration_flag and live_migration_flag = '(...),VIR_MIGRATE_TUNNELLED' flag for security improvements. * When not doing shared storage Nova is not configured with VIR_MIGRATE_TUNNELLED flag because it's not supported by Qemu yet. We need to make sure the value is unset otherwise live migration will fail when not running shared storage for VMs. Note: this patch will be backport to stable branches. In a further iteration, we'll probably use live_migration_tunnelled new Nova parameter which is a simplier way to manage this feature. Co-Authored-By: Kashyap Chamarthy <kchamart@redhat.com> Change-Id: I557c1624ee944a32b1831d504f7b189308cd1961
2016-03-10Merge "Enable predictable IPs on non-controllers"Jenkins4-0/+72
2016-03-10Support the deployment of Ceph over IPv6Giulio Fidente6-4/+69
To deploy Ceph on IPv6, we need to enable ms_bind_ipv6 in addition to passing the list of MON IPs in brackets. Change-Id: I3644b8fc06458e68574afa5573f07442f0a09190
2016-03-10Fix vncproxy_host for IPv6Javier Pena1-1/+8
https://review.openstack.org/268356 can cause issues in IPv6 environments. It generates the following Hiera data: nova::vncproxy::common::vncproxy_host: [2001:db8:fd00:1000::10] which fails due to the brackets. Making sure there are no brackets in nova_vncproxy_host makes it work for both the IP case and when using DNS names. Change-Id: Iafe18f042725eb9419d97cd674c4b9a1a895b187
2016-03-10Allow the vnc server to bind on IPv6 address on computesMarius Cornea3-2/+14
Currently the vnc server on the compute nodes binds on 0.0.0.0. which only works with IPv4 addresses, it breaks connectivity with IPv6 addressing. This fixes https://bugzilla.redhat.com/show_bug.cgi?id=1300678. Change-Id: Id642d224fb3c62f786453dc684634adca1c2c09d Co-Authored-By: Giulio Fidente <gfidente@redhat.com>
2016-03-10Surround MongoDB IPs with braces in the connection string if IPv6Giulio Fidente2-5/+26
Change-Id: I9ed917f32b3de95beb234ade4819a8b96affe3e9
2016-03-10Keystone domain for HeatMartin Mágr4-1/+37
This patch adds support for configuring Keystone domain for Heat via heat-keystone-setup-domain script. It should be reverted as soon as Keystone v3 is fully functional. This patch won't be fully functional without either python-keystoneclient fix [1] or workaround [2]. [1] https://bugs.launchpad.net/python-keystoneclient/+bug/1452298 [2] https://review.openstack.org/180563 Change-Id: Ie9cdd518b299c141f0fdbb3441a7761c27321a88 Co-Authored-By: Jiri Stransky <jistr@redhat.com> Depends-On: Ic541f11978908f9344e5590f3961f0d31c04bb0c
2016-03-10Merge "Updated the heat_template_version"Jenkins2-2/+2
2016-03-09Wire in HAProxy stats user and passwordBen Nemec1-0/+11
Change-Id: I26b7a1cd1b7b6520db1df49c60a86c2bb5bce1b0 Depends-On: I12e835964a0370de73e45ef0a8603656ecb02d0c Depends-On: I8a5844e89bd81a99d5101ab6bce7a8d79e069565
2016-03-09Enable predictable IPs on non-controllersBen Nemec4-0/+72
For the external loadbalancer work, we added the ability to specify fixed ips for controller nodes on all network isolation networks. In order to allow users full control over the placement and ip addresses of deployed nodes, we need to be able to do the same thing for the other node types. Change-Id: I3ea91768b2ea3a40287f2f3cdb823c23533cf290
2016-03-09Ensure access to Redis is password protectedGiulio Fidente1-1/+10
Depends-On: I1a8741b9e00775763911222cbe0af677b59e03a1 Change-Id: I373f97ada4e4101700a12b42dfb8ee4b2ff701f2
2016-03-09Remove forced rabbitmq::file_limit conversion to stringJiri Stransky1-8/+1
Combined with a fix in puppetlabs-rabbitmq, we can lift the forced conversion of rabbitmq::file_limit into a string in Hiera. See the referenced puppetlabs-rabbitmq pull request for explanation of the issue. Change-Id: I0ec720b5e06763e86ea93f59cfe05842b3d13269 Depends-On: https://github.com/puppetlabs/puppetlabs-rabbitmq/pull/401
2016-03-09Merge "Add Rabbit IPv6 only support"Jenkins3-2/+27
2016-03-09Merge "Add missing createUser line to /etc/snmp/snmpd.conf"Jenkins5-5/+5
2016-03-09Merge "Change the CinderISCSIHelper to lioadm"Jenkins2-2/+2
2016-03-09Add Rabbit IPv6 only supportMartin Mágr3-2/+27
Adds Rabbit environment variable required for IPv6 only support Change-Id: Iec209ca83a5b0708ac828c4afaf9d2222e597f24
2016-03-08Merge "Store events in Ceilometer"Jenkins1-0/+6
2016-03-08Merge "Set host in nova.conf for compute nodes"Jenkins1-0/+4
2016-03-08Change the CinderISCSIHelper to lioadmGiulio Fidente2-2/+2
Previously we used to always set CinderISCSIHelper to lioadm from the client. With [1] we aim at cleaning up the client from any default so this change move the actual default into the templates. 1. Iabc94ad1cce6f1744429aca9f866a59a698f5680 Change-Id: I662e4b0e3cf909ec2583d087ca1d246715caf0f7 Related-Bug: 1554564
2016-03-08Merge "Permits configuration of Cinder enabled_backend via hieradata"Jenkins5-3/+6
2016-03-08Increase default netdev_max_backlog to 10xGiulio Fidente1-0/+2
It has been observed that on large clouds the netdev backlog buffer might overflow. This change increases the default by ten times. The /proc/net/softnet_stat file contains a counter in the 2nd column that is incremented when the netdev backlog queue overflows. If this value is incrementing over time, then netdev_max_backlog needs to be increased [1]. [1]. https://bugzilla.redhat.com/show_bug.cgi?id=1283676 Change-Id: Iec12324fd3a24e8b608b1e1849c270cc24cb0e60
2016-03-08Fix typosSwapnil Kulkarni (coolsvap)3-4/+4
Multiple files in t-h-t were having small typos. Fixed in this patchset. . Change-Id: I82d7071747f47544990ed46e2be22931190406b3
2016-03-08Merge "Fixup the memcached servers string in nova.conf for v6"Jenkins2-1/+16
2016-03-08Store events in CeilometerRichard Su1-0/+6
Adds an option to toggle whether events are stored in Ceilometer. The default is false and remains unchanged. Change-Id: I9accb679b97cf7172c67f3cd5f218bdaee507c94 Related-Bug: rhbz#1312373
2016-03-07Merge "Move ordering constraints from httpd to openstack-core"Jenkins1-42/+57
2016-03-07Set host in nova.conf for compute nodesJames Slagle1-0/+4
In order for instance HA to function safely, nova-compute needs access to the name by which nova knows the current compute node. Since the names of the nova-compute and neutron ml2 agents must be the same for vif binding to work, it also sets the host value in neutron.conf. Change-Id: I7d07c57b7276815c72d08acaa86f673e43eb0498
2016-03-07Merge "Set /64 cidr_netmask for pcmk VIPs when IPv6"Jenkins1-6/+42
2016-03-07Merge "Fix rabbit_hosts list for glance-api for IPv6"Jenkins3-8/+3
2016-03-07Merge "Allow to enable IPv6 on Corosync"Jenkins2-2/+15
2016-03-07Merge "Use MysqlVirtualIPUri for nova_api and sahara database"Jenkins1-2/+2
2016-03-07Merge "Revert "Deploy Aodh services, replacing Ceilometer Alarm""Jenkins7-158/+1
2016-03-07Fixup the memcached servers string in nova.conf for v6marios2-1/+16
As discussed at https://bugzilla.redhat.com/show_bug.cgi?id=1299265 when providing a list of IPv6 addresses as the memcache_node_ips the resulting nova.conf entry can't be parsed properly. This adds a memcache_node_ips_v6 which has the required format like inet6:[ADDR1],inet6:[ADDR2],inet6:[ADDR3] Closes-Bug: 1536103 Change-Id: I7f95fa063cbba279c4c2e270841f0a279d2be2f6
2016-03-07Fixup swift device string to delimit the ipv6 address with []marios2-3/+3
The swift device string is formatted in the outputs of the controller template and swift-storage templates. For ipv6 we need to delimit the address with [] as discussed in https://bugzilla.redhat.com/show_bug.cgi?id=1296701#c0 Change-Id: Ie611d62c3668a65a7be52777a613d265682c6a8b Co-Authored-By: Jiri Stransky <jistr@redhat.com> Closes-Bug: 1534135
2016-03-04Revert "Deploy Aodh services, replacing Ceilometer Alarm"James Slagle7-158/+1
This just a revert to see if reverting this gets back to a normal CI run time. This reverts commit f72aed85594f223b6f888e6d0af3c880ea581a66. Change-Id: I04a0893f6cf69f547a4db26261005e580e1fc90b
2016-03-05Set /64 cidr_netmask for pcmk VIPs when IPv6Emilien Macchi1-6/+42
We'll use /32 for IPv4, the default pacemaker was already using. Change-Id: Iab584c3e50efc3ecc0ec87bb080bf2d5d802199d Co-Authored-By: Giulio Fidente <gfidente@redhat.com>
2016-03-05Allow to enable IPv6 on CorosyncEmilien Macchi2-2/+15
To enable IPv6 in Corosync, you'll need to set the --ipv6 parameter when building the cluster. To do so, we need to specify this parameter in puppet configuration when running ::pacemaker::corosync class. So we have now a new parameter: CorosyncIPv6 which is a boolean, False by default. If set to True, it will pass right options to enable IPv6 when building the Pacemaker cluster. Change-Id: I485f1399964ddd7a201ed19ec6580b8a136b3acd
2016-03-05Merge "Add IPv6 Support to Isolated Networks"Jenkins5-13/+65
2016-03-05Fix rabbit_hosts list for glance-api for IPv6Giulio Fidente3-8/+3
Previously we were always appending the :port suffix to the list of rabbitmq nodes but the syntax was invalid for IPv6. This change wires rabbit_hosts from the templates as it happens already for the other services. Port can be customized using rabbit_port. Change-Id: Iecc7a97d46d7de17e85398c57996c104c9125b0e
2016-03-05Use MysqlVirtualIPUri for nova_api and sahara databaseGiulio Fidente1-2/+2
Without this the nova_api and sahara database_connection string won't add brackets around the IP address, when IPv6, causing db sync to fail. Change-Id: I262e5de993ae59ad665edb043119aac2e09c6fdc
2016-03-04Merge "Allow for usage of pre-allocated IPs for the management network"Jenkins1-0/+2
2016-03-04Merge "Run keystone-manage bootstrap for HA deployment too"Jenkins1-3/+1
2016-03-04Run keystone-manage bootstrap for HA deployment tooJiri Stransky1-3/+1
This is necessary to keep creating the Default domain. Change-Id: Ib9911819e89f30270d4f7597639b33f30ad2e3a6 Closes-Bug: #1549867
2016-03-04Merge "Set notification driver for nova to send"Jenkins1-1/+1
2016-03-04Add IPv6 Support to Isolated NetworksDan Sneddon5-13/+65
This change adds a new set of network templates with IPv6 subnets that can be used instead of the existing IPv4 networks. Each network can use either the IPv4 or IPv6 template, and the Neutron subnet will be created with the specified IP version. The default addresses used for the IPv6 networks use the fd00::/8 prefix for the internal isolated networks (this range is reserved for private use similar to 10.0.0.0/8), and 2001:db8:fd00:1000::/64 is used as an example default for the External network (2001:db8::/32 are the documentation addresses [RFC3849]), but this would ordinarily be a globally addressable subnet. These parameters may be overridden in an environment file. This change will require updates to the OpenStack Puppet Modules to support IPv6 addresses in some of the hieradata values. Many of the OPM modules already have IPv6 support to support IPv6 deployments in Packstack, but some OPM packages that apply only to Instack/TripleO deployments need to be updated. IPv6 addresses used in URLs need to be surrounded by brackets in order to differentiate IP address from port number. This change adds a new output to the network/ports resources for ip_address_uri, which is an IP address with brackets in the case of IPv6, and a raw IP address without brackets for IPv4 ports. This change also updates some URLs which are constructed in Heat. This has been tested and problems were found with Puppet not accepting IPv6 addresses. This is addressed in the latest Puppet. Additional changes were required to make this work with Ceph. IPv6 tunnel endpoints with Open vSwitch are not yet supported (although support is coming soon), so this review leaves the Tenant network as an isolated IPv4 network for the time being. Change-Id: Ie7a742bdf1db533edda2998a53d28528f80ef8e2
2016-03-04Allow for usage of pre-allocated IPs for the management networkSteven Hardy1-0/+2
Id3d4f12235501ae77200430a2dc022f378dce336 added support for pre-allocated IPs on the other overlay networks, but because the patch adding the managment network (I0813a13f60a4f797be04b34258a2cffa9ea7e84f) was under review around the same time, we missed adding the from_pool capability to the ManagementNetwork. Change-Id: If99f37634d5da7e7fb7cfc31232e926bd5ff074a
2016-03-03Merge "Deploy Aodh services, replacing Ceilometer Alarm"Jenkins7-1/+158
2016-03-03Updated the heat_template_versionrajinir2-2/+2
Fixed the heat_template_version of these YAML files to the liberty release version according to HOT template specs. Change-Id: Ic5e0d843f7e164c59fb1737e52ef4cf6ad4df77f
2016-03-03Deploy Aodh services, replacing Ceilometer AlarmEmilien Macchi7-1/+158
Ceilometer Alarm is deprecated in Liberty by Aodh. This patch: * manage Aodh Keystone resources * deploy Aodh API under WSGI, Notifier, Listener and Evaluator * manage new parameters to customize Aodh deployment * uses ceilometer DB for the upgrade path * pacemaker config Depends-On: I9e34485285829884d9c954b804e3bdd5d6e31635 Depends-On: I891985da9248a88c6ce2df1dd186881f582605ee Depends-On: Ied8ba5985f43a5c5b3be5b35a091aef6ed86572f Co-Authored-By: Pradeep Kilambi <pkilambi@redhat.com> Change-Id: I58d419173e80d2462accf7324c987c71420fd5f6
2016-03-03Merge "Cisco nexus config template - obsolete parameter (replay count)."Jenkins1-2/+9
2016-03-02Merge "Use service tenant for ceilometer"Jenkins1-3/+1