Age | Commit message (Collapse) | Author | Files | Lines |
|
This claimed that all vlans were allowed, when in fact it is only
the first 1000.
Change-Id: Id5681be51bc908274a8b9cf18d43e116ba150e7f
|
|
The puppet-sensu module recently added type checking so rabbitmq_ssl
needs to be a boolean and not a string.
Change-Id: I69b5a7528c8728310766abdc27ad11c93c4722d5
Closes-Bug: #1705481
|
|
This is so that Mistral does not try to resolve the occurrences
of {{ or <% as jinja/jaql in the environment data.
Change-Id: Id654c336d072a6248570274401857756c6f6e706
|
|
Adds upgrade_tasks to remove the pacemaker resources using the
ansible-pacemaker module.
Resources are disabled and removed in step2 (called only on
bootstrap node) and then the cluster stop is moved to step3
The existing systemd/service call is kept but only to disable
services after they are disabled/deleted from the cluster.
Related-Bug: 1701485
Co-Authored-By: Damien Ciabrini <dciabrin@redhat.com>
Change-Id: Ia597d240ea5834c50a8f6c4fac0b6ed417b8535c
|
|
|
|
|
|
This should be greater than the default value of
corosync_token_timeout, which is 10 seconds. That way, if an entire
cluster node is unavailable, appropriate fencing measures can occur.
With the current settings, it is possible for brief network
interruptions, greater than 5 seconds, but less than 10 seconds, to
occur. This can cause the RabbitMQ cluster to fail in subtle ways,
but no corrective action taken by pacemaker.
Change-Id: I735d43616c5c623c4398d924713012f595b2e5f9
|
|
As we made the migration to HTTPd during the same cycle, we didn't
include stopping the WSGI services before the upgrades. This handles the
case, and fixes an issue with the puppet upgrade as well.
Change-Id: I54ba6214d4bf052c0d840d5bbce2b524d82b7017
Closes-Bug: #1699443
|
|
Some of the tasks carried by nova::compute::rbd class apply to the
compute service, others to the libvirt service so it needs to be
included in both.
Change-Id: I28557deb13b75922932cd3e86c3467a541c988d0
|
|
gnocchi_external_project_owner is to configure who creates resources and
metrics in Gnocchi (usually Ceilometer). So Aodh can create the right rbac rules.
So the project name is 'service' for tripleo. We can't use the default
set because puppet always uses 'services' and not 'service'.
Change-Id: I6f7acc3a4cab29bc566d7becdc93ba3393f5c8fe
|
|
Added missing san_private_key parameter used for password less SSH
authentication.
Change-Id: I6d7544b525055318aa567f9cbbe318d82bafacf0
Depends-On: 70db86d3366f85edf563aa73c533931a21cfab4d
|
|
|
|
openstack-swift-object-expirer is not stopped when
running the upgrade tasks so forth when changing to
containers the service is still running after upgrading
to docker.
This service is added by default here: https://review.openstack.org/#/c/404149
But it wasnt stopped when running the upgrade tasks.
Related also to this RHBZ#1470005
Change-Id: I8d5f195095d702057c3b2741127e7338d7451aad
Closes-Bug: 1699444
|
|
With the default setting, after the majority of the monitors have
been upgraded the cluster will go in WARN state because of legacy
tunables. This changes the tunables we set after each monitor is
upgraded from 'default' to 'optimal' [1].
1. http://docs.ceph.com/docs/master/rados/operations/crush-map/#warning-when-tunables-are-non-optimal
Change-Id: I0f16c29cc200d762f0c4acfd87ba7d1adb5c1eeb
Closes-Bug: #1704959
|
|
|
|
|
|
To be consistent with all other SoftwareDeployment's in
tripleo-heat-templates, this sets the name property on
the deployments where it was missing.
Change-Id: I8bc062d2af93acead240bd5e473ea385b2bf6cf2
|
|
This currently assumes nova-compute and iscsid run in the same context which
isn't true for a containerized deployment
Change-Id: I11232fc412adcc18087928c281ba82546388376e
Depends-On: I91f1ce7625c351745dbadd84b565d55598ea5b59
Depends-On: I0cbb1081ad00b2202c9d913e0e1759c2b95612a5
|
|
We missed to parse and merge {controller,NovaCompute}ExtraConfig data
in change [1].
Also fixes whitespaces handling in docker-steps.j2 and
puppet-steps.j2 previously updated by [2].
1. Id37de5864138edd5476c097a8a1f0763faeaf768
2. I36a642fbc2076ad9e4a10ffc56d6d16f3ed6f27a
Change-Id: Ia9983bc991eb79e479855993c1c8819ddfb52e38
|
|
|
|
Add a composable service for each of:
- the Veritas HyperScale's Cinder backend.
- installing the Veritas HyperScale controller packages.
Change-Id: I99ee827825ec2a6a3c695de1ca1c1015859fe398
Depends-On: I316b22f4f7f9f68fe5c46075dc348a70e437fb1d
Depends-On: I9168bffa5c73a205d1bb84b831b06081c40af549
Signed-off-by: abhishek.kane <abhishek.kane@veritas.com>
|
|
|
|
|
|
Merges per-role config settings into merged_config_settings which
is wired into the workflow executions environment.
Useful to consume role config settings from within a workflow.
Change-Id: Id37de5864138edd5476c097a8a1f0763faeaf768
|
|
|
|
Makes it possible to resolve network subnets within a service
template; the data is transported into a new property ServiceData
wired into every service which hopefully is generic enough to
be extended in the future and transport more data.
Data can be consumed in service templates to set config values
which need to know what is the subnet where a deamon operates (for
example the Ceph Public vs Cluster network).
Change-Id: I28e21c46f1ef609517175f7e7ee19e28d1c0cba2
|
|
Latest commits in puppet-systemd enabled by default systemd-networkd and
systemd-resolved but we don't want to manage them for now in TripleO.
MySQL and MongoDB services were managing some systemd resources so now
we ensure that these 2 systemd services are disabled. In the future, we
might want and activate these services and revert that patch but for now
we want to disable them.
Change-Id: I42c6c9b643a71a0fbb1768bbae91e8bfa916ea00
Closes-Bug: #1704145
|
|
To enable backwards compatibility with rendering the controler-role
template add this deprecated parameter for all roles - we should
remove this in a future release after the tripleoclient warnings re
deprecated parameters are available.
Change-Id: Icce93a4109191609848ca216c946a32663753b93
|
|
This should be handled in puppet-tripleo, as is done for some other
services e.g ceph. This has also been identified as a possible
performance problem due to the nested get_attr calls.
Change-Id: I7e14f0219c28c023c4e8e1d4693f0bfa9674d801
Related-Bug: #1684272
Depends-On: Iccb9089db4b382db3adb9340f18f6d2364ca7f58
|
|
|
|
|
|
|
|
|
|
To workaround yum bug with libnss we need to make yum cache
before running update. In fact we should have done this
regardless of the bug.
Change-Id: I5b2355fb8abe3c8d4b9ce9c62b9ffdba8c1e8d9d
Resolves: rhbz#1458841
Closes-Bug: #1703830
|
|
KeystoneRegion value for all endpoints is set as 'regionOne',
it should be same in the configuration file.
In case of Cinder as glance backend the os_region_name should be
"regionOne" instead of "RegionOne".
Currently CI is not failing because cinder backend scenario is not yet added.
But this would definitely fail if os_region_name=RegionOne.
Change-Id: I26811a404a20ea3c55f5b272f86d9269d0f6acec
Closes-Bug: 1704060
|
|
|
|
|
|
|
|
|
|
|
|
This patch does 2 things:
* Configure messagingv2 as default driver for Oslo Notifications sent on
RPC.
* Allow users to choose between messagingv2 (default) and noop when we
want to disable notifications (for example, when Telemetry is disabled).
* Deprecate KeystoneNotificationDriver in favor of NotificationDriver.
Change-Id: Ia547d7f4bfb51e7c45246b097b48fd86da231bd3
Related-Bug: #1701357
|
|
This is associated with the haproxy service, so set the hieradata there
instead. This is needed so we can render the controller role template
via j2, and also if anyone ever wants to run haproxy on some role other
then the Controller.
Change-Id: I82b992afe42f6da7788f6efca2366863c3bf68f7
Partially-Implements: blueprint composable-networks
|
|
This has been replaced for some time by bootstrap_nodeid which isn't
hard-coded to the Controller role.
Change-Id: I2c172de13646e5b88cb9930a93ca71fcc990e522
Depends-On: I0a9fced847caf344e5d26b452f1bd40afab8f029
|
|
Change-Id: I301f73801e95e607ed28992e68528f17843a0b6c
Closes-Bug: #1702435
|
|
There is a Heat patch posted (via Depends-On) that resolves the issue
that caused this to be reverted. This reverts the revert and we need to
make sure all the upgrades jobs pass before we merge this patch.
This reverts commit 69936229f4def703cd44ab164d8d1989c9fa37cb.
Closes-Bug: #1699463
implements blueprint disable-deployments
Change-Id: Iedf680fddfbfc020d301bec8837a0cb98d481eb5
|
|
Add a new output, DeployedServerEnvionmentOutput, that can be used as
the contents of an environment file to input into a services only stack
when using split-stack. The parameter simplifies the manual steps needed
to deploy split-stack.
By default, the resource that generates the output is mapped to
OS::Heat::None.
implements blueprint split-stack-default
Change-Id: I6004cd3f56778f078a69a20e93a0eba0c574b3db
|
|
|
|
Ceilometer API runs under apache. Since this service is
deprecated and disabled in pike, we need to ensure the
apache files are removed during upgrade.
Change-Id: I0c0913e74396bd463f5a6da46f83512bab77b75e
|
|
|
|
Render all per-network resources and interfaces via j2 to enable
future support for custom networks via network_data.yaml
Note this doesn't enable custom networks for the built-in roles
as we skip j2 rendering for them, this will be resolved by converting
them to use the generic role template instead of the hard-coded
ones listed in the j2_excludes.yaml.
Depends-On: I18fa3829ff38ac200550d8e36bbe334c0005da22
Change-Id: I49565f9389f3ec9aef4861e23a3bed64a85501e6
Partially-Implements: blueprint composable-networks
|