Age | Commit message (Collapse) | Author | Files | Lines |
|
Add two new parameters: EnableFencing and FencingConfig.
FencingConfig is a json with an expected structure documented in the
templates. It gets passed further to puppet-tripleo, which configures
the fencing devices.
Fencing is configured and enabled in the last step after all pacemaker
resources and constraints have been created, which should be a more
stable approach than the other way round.
Change-Id: Ifd432bfd2443b6d13e7efa006d4120bb0eaa2554
Depends-On: I819fc8c126ec47cd207c59b3dcf92ff699649c5a
Depends-On: I8b7adff6f05f864115071c51810b41efad887584
|
|
We do not want to delay Redis vip start to promotion of Redis master,
HAProxy will take care of the validating the backends.
We do not need to force colocation of Redis vip with Redis master.
We do not want to restart the Ceilometer central agent when the vip
moves this can instead cause unwanted cascading restarts due to other
constraints in between services.
More details can be read on the BZ at:
https://bugzilla.redhat.com/show_bug.cgi?id=1236374
Change-Id: I594984cd23db7de57746c3e1018181d61b020f46
|
|
|
|
|
|
|
|
|
|
|
|
The Heat contraints group was missing the initial
dependency on Keystone, causing Pacemaker to Heat before or
in parallel to Keystone.
Given Systemd can define dependencies in the unit files, this was
additionally causing an unmanaged start of Keystone making
cluster initialization to fail (with Keystone start timeout blocking
all the depending resources).
Also moves Keystone -> Ceilomter constraint on top of Ceilometer
constraints group for clarity.
Logs and more infos at [1]
1. https://bugzilla.redhat.com/show_bug.cgi?id=1235703
Change-Id: I9505fd46c5bf278afc8ff919c7e768e2de194cb8
|
|
|
|
|
|
Change-Id: I154c90e6d019807758332e3aefe5dde9d79db6ac
Related-Bug: 1456701
Depends-On: I7199c7e5d759a76f58c0f48b40e9d460a3163886
|
|
Change-Id: I42462a6de2bf70ef71899833c3f27633f0f59493
Closes-Bug: 1468549
Closes-Bug: https://bugzilla.redhat.com/show_bug.cgi?id=1235454
|
|
This moves the hard coded package name for mariadb into
the RedHat specific hieradata file. This was recently added
to controller.yaml in a1b3fa3e84185b6969a8acfda475fe7fc48bd5a1.
Also, resolves an issue where RedHat.yaml wasn't actually
getting deployed. This is something that should have happened
in 5009cc64322e9fb5723799eb9fbd79076a2dc5da.
Change-Id: Iaa30be3c53a7c54d31d47b997966b0106a202ea4
|
|
|
|
This will increase the mongodb_conn_validator timeout from 60 secs
(the default) to 600 secs; it should take much less in normal
circumstances to start mongod but nodes might not be starting it all
at the same time so we use a larger timeframe for the availablity
checks.
Change-Id: I0ee210be94b33d1c08d67f287aa745743a6649d3
|
|
We will manage nodes membership using the clustercheck script and
marking all backends as backup, see change:
I7199c7e5d759a76f58c0f48b40e9d460a3163886
Related-Bug: 1467918
Change-Id: I56ebd2d8405ac35c707666d993b396f04aeb683e
|
|
Neutron will populate the database with some data as soon as the
neutron-server service is started; we want this to happen from a
single node before normal Pacemaker initialization.
Change-Id: I422972502fbb10ddae3201464bbd6885749de31e
Closes-Bug: 1467904
Closes-Bug: https://bugzilla.redhat.com/show_bug.cgi?id=1233061
|
|
|
|
|
|
|
|
|
|
Change-Id: I8a56e7b067044bace5def63ea6170ed817f48acd
Closes-Bug: 1467437
Closes-Bug: https://bugzilla.redhat.com/show_bug.cgi?id=1233283
|
|
|
|
This patch updates the cinder block storage role
for Puppet so that it supports network isolation.
This includes using the (optional) isolated networks
for MySQL, Glance API, and iscsi network traffic.
Change-Id: Icdfbf5fce7380e6049babca0cd50ca2e4008c1b0
|
|
Per Ceilometer commit 191f7bf9ccee33d8444f7dac5c09ceccce72ca29
(change ID: Ifd1861e3df46fad0e44ff9b5cbd58711bbc87c97) the
Swift Ceilometer middleware no longer exists so we need
to drop it in order to work with the latest upstream
package.
Change-Id: Iebaad0ba477001d663c6875b32d691bbfcda3d8d
|
|
Redis balancing is controlled by static hieradata [1] we don't
need to override it into manifest.
1. https://github.com/openstack/tripleo-heat-templates/blob/master/puppet/hieradata/controller.yaml#L111
Change-Id: Ie2a5a4cbee0a55f2572f182b18c036efc299dbef
|
|
|
|
|
|
We need to customize the default apache::ip param or the default
vhost configured will listen on ::80
Change-Id: I195a083f727da940841beb3a0c37dade02c6d1ca
|
|
We have to set it to true as the default is false which means the
redis vip can't be reached. This was manifested as a problem with
ceilometer agent reaching the coordination url like [1].
Co-Authored-By: Giulio Fidente <gfidente@redhat.com>
[1] https://bugzilla.redhat.com/attachment.cgi?id=1040023
Closes-Bug: https://bugzilla.redhat.com/show_bug.cgi?id=1232797
Change-Id: I1cd63308d0ac1d17542e1a2a909ee1a9680ed4b3
|
|
By default the nova vncproxy binds to 0.0.0.0, which will fail in
a loadbalanced environment. This makes it bind to its network.
Change-Id: I08776a8f6c72b63d73433b147c130fbc9a7110b0
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
Currently, we use the heat default server names, which results in some
fairly unreadable hostnames due to the level of nesting in the templates.
e.g ov-sszdbj5rdne-0-bhseh65edxv6-Controller-zoqc6tlypbdp
Instead, we allow the user to specify a format string per role, defaulted
to a string which formats the name e.g <stackname>-controller-<index>
e.g overcloud-controller-0
Optionally additional hostname components (not replaced by heat) could be
added, such that deployment time customization of hostnames via firstboot
scripts (e.g cloud-init) may be possible.
Should anyone wish to maintain the old heat-generated names, they can pass
an empty string via these parameters, which heat will treat as if no "name"
property was provided to OS::Nova::Server.
Change-Id: I1730caa0c2256f970da22ab21fa3aa1549b3f90b
|
|
When you do a stack-update which affects, e.g ControllerDeployment
such that some value in hieradata is updated (for example changing
the "Debug" parameter to True), we only write the hieradata file and
don't reapply the manifests.
So we introduce a dependency on the deploy_stdout values from all
hieradata applying configs, such that the manifests will be re-applied
on update if the data is changed.
This requires https://review.openstack.org/#/c/190282/ so that
99-refresh-completed will return the derived config ID as part of the
deploy_stdout payload.
Closes-Bug: #1463092
Change-Id: I1175248c3236d0c42e37d062afce550efce8aadc
|
|
|
|
We want to make sure to be able to resolve the default domain
suffix (.localdomain) appended when no domain option is passed by
the dhcp server.
Change-Id: I33111e91b502f57da442e5745de2217bd6d2d882
|
|
The redis_vip should come from a Neutron Port as its cidr depends
on the Neutron Network configuration. This change adds 2 new files
and modifies 1 in the network/ports directory:
- noop.yaml - Passes through the ctlplane Controller IP (modified)
- ctlplane_vip.yaml - Creates a new VIP on the control plane
- vip.yaml - Creates a VIP on the named network (for isolated nets)
Also, changes to overcloud-without-mergepy.yaml create the
Redis Virtual IP. The standard resource registry was modified to
use noop.yaml for the new Redis VIP. The Puppet resource registry
was modified to use ctlplane_vip.yaml by default, but can be made
to use vip.yaml when network isolation is used by using an
environment file. vip.yaml will place the VIP according to the
ServiceNetMap, which can also be overridden.
We use this new VIP port definition to assign a VIP to Redis,
but follow-up patches will assign VIPs to the rest of the
services in a similar fashion.
Co-Authored-By: Dan Sneddon <dsneddon@redhat.com>
Change-Id: I2cb44ea7a057c4064d0e1999702623618ee3390c
|
|
The Redis bind host should be set from [1] template.
1. https://github.com/openstack/tripleo-heat-templates/blob/master/puppet/controller-puppet.yaml#L985
Change-Id: I8713db1a7ad739692817921248edcc6b0e819ade
|
|
Adds the horizon (httpd) service as pacemaker resource
Also adds a default for the horizon::django_session_engine [1]
which was previously unconfigured. Also adds a server-status.conf
for httpd/pacemaker [2]
[1] https://docs.djangoproject.com/en/dev/topics/http/sessions/#using-cached-sessions
[2] https://github.com/beekhof/osp-ha-deploy/blob/master/pcmk/horizon.scenario#L72
Change-Id: I320837dfecf3241355e8a3345d0ff271592da491
|
|
This patch renames the NeutronLocalIp option to be called
NeutronTenantNetwork. This is more consistent with
all of the other ServiceNetMap settings which end in
'Network' and initial end user feedback found the
old name a bit cryptic as well.
This is the network for neutron tenant traffic so lets
just name it that.
Change-Id: Id49afe75c372887453413c092190a5775aa3e1ee
|
|
This patch makes it possible to configure the isolated network
for the Nova vnc proxy client.
Change-Id: I462dfaea94e5fe9cb260ba91a42433a250f07984
|
|
This patch updates the Puppet Swift storage role
so that it supports network isolation. By default
all traffic still flows on the ctlplane network
but if network isolation is enabled then network
traffic will flow over the configured storage_mgmt
network interface.
This patch also fixes a few critical issues with
the swift storage role that prevented it from
working:
- oac_data for the swift devices was overriding the
data provided in the swift_devices_and_proxy
hieradata file.
- the role was missing declarations to load hieradata
files for swift_devices_and_proxy and all_nodes
- The required snmpd settings were not getting set
correctly in the 'object' hiera data file.
With all of these changes the Swift storage role
works correctly with and without network isolation.
Change-Id: I541abb2604380f603bba91ad88e54783ee450a8f
|