aboutsummaryrefslogtreecommitdiffstats
path: root/puppet
AgeCommit message (Collapse)AuthorFilesLines
2015-09-03Add NodeAdminUserData interface for "heat-admin" userSteven Hardy5-5/+90
Reinstates the heat-admin user via template user-data, which replaces the previous boothook injected user provided by the (deprecated now removed) heat instance_user option. This has some advantages over the heat.conf option, e.g it allows for much easier customzation of the user configuration (additional SSH keys, adding groups etc), and also in future if we support deploying more than one overcloud you could specify a different user per deployment. Co-Authored-By: Dan Prince <dprince@redhat.com> Change-Id: I2235b9690c01542d8a28ec1c1a4607de751aea29 Closes-Bug: #1229849
2015-08-31Merge "Enable Keystone notifications"Jenkins3-0/+20
2015-08-18Merge "Wire in Compute pre-deployment extraconfig"Jenkins1-1/+12
2015-08-18Enable Keystone notificationsGiulio Fidente3-0/+20
This change enables Keystone notifications and adds two parameters to control the notification driver and format. Change-Id: I23ac3c46ee9eb49523d3b8dab027ef21fc6e42df
2015-08-06Merge "Drive DB initialization via Hiera"Jenkins4-102/+75
2015-08-03Wire in Compute pre-deployment extraconfigShiva Prasad Rao1-1/+12
This commit provides a way to configure some additional hieradata for compute nodes. This is similar to the earlier added infra for supporting Controller pre-deployment extraconfig. Change-Id: I02dda0685c7df9013693db5eeacb2f47745d05b5
2015-07-28Merge "Keystone token flushing"Jenkins3-0/+9
2015-07-24Merge "Set rabbitmq heatbeat timeout threshold to 60"Jenkins1-0/+6
2015-07-24Merge "Ensure SELinux is permissive on Ceph OSDs"Jenkins4-2/+46
2015-07-24Merge "Set heat::instance_user to empty string"Jenkins2-1/+1
2015-07-24Keystone token flushingJiri Stransky3-0/+9
Set up a cron job to flush keystone tokens periodically. The job runs once a day near midnight per puppet-keystone defaults, and we pass maxdelay 3600 which means each controller will wait a random delay of up to 1 hour before running the task. Change-Id: I351f0273c61106c182aa3945b7ad1ce8f5c7d12b
2015-07-24Merge "NFS backend for Cinder"Jenkins5-2/+84
2015-07-24Merge "Use 'public' instead of 'nova' as default floating pool name"Jenkins4-0/+9
2015-07-23Merge "Wire in hieradata overrides via ExtraConfig for CephStorage"Jenkins1-0/+18
2015-07-23Merge "Wire in hieradata overrides via ExtraConfig for ObjectStorage"Jenkins1-0/+18
2015-07-23Use 'public' instead of 'nova' as default floating pool nameGiulio Fidente4-0/+9
The dafault in nova.conf for default_floating_pool is set to nova which is confusing given to make Tempest tests to pass one has to create a public network with such a name. Change-Id: I148222a9f276309ede062ee5292993898ff899d6
2015-07-23Merge "Provide list of memcached servers to Nova"Jenkins2-2/+6
2015-07-22Merge "Wire in hieradata overrides via ExtraConfig for BlockStorage"Jenkins1-34/+13
2015-07-22Merge "Wire in hieradata overrides via ExtraConfig for NovaCompute"Jenkins1-34/+8
2015-07-22Provide list of memcached servers to NovaGiulio Fidente2-2/+6
Memcached is used by novnc to share the auth tokens. Change-Id: I18415b6ae38b46e3c92e4ce84b858a014ef8398b
2015-07-21Drive DB initialization via HieraDan Prince4-102/+75
This patch moves most of the ::db::mysql parameter initialization into a new database.yaml Hiera file. This cleans up the controller manifests and allows us to define things in a single location across the two implementations (HA and nonHA). Change-Id: I895b753b329097a96a6c6f3a03a5fcebefe32dd4
2015-07-21Increase default start timeout for Pacemaker from 20s to 90sGiulio Fidente1-5/+12
On slow environments the start operation of some services can take longer than 20s so we increase the default for start operation to 90s, more info can be found at: https://bugzilla.redhat.com/show_bug.cgi?id=1242052 Systemd defaults to 90s as well. Change-Id: Ie4652bad518075be77937d47830f263034eda79c
2015-07-21Merge "Puppet: wire in tripleo::packages"Jenkins12-75/+12
2015-07-21Merge "Fix Puppet Configuring NetApp Cinder Backend"Jenkins3-9/+47
2015-07-20Puppet: wire in tripleo::packagesDan Prince12-75/+12
This wires in use of a new puppet-tripleo class which encapsulates the logic to enable/disable package installation and upgrades. By using the new class we can remove the global Package provider declaration at the top of each module. Change-Id: I5c6e5fd8600031bd8fb6195649721607c560f9d5 Depends-on: Ie8fbc344149bc8c9977e127de77636903607617a
2015-07-20Fix Puppet Configuring NetApp Cinder BackendRyan Hefner3-9/+47
It was incorrectly assumed that Puppet variables assigned to a defined class (as seen in cinder-netapp.yaml) would be applied to any resources created with that type. This is not how Puppet works. The full range of configuration parameters to cinder::backend::netapp have been added back in. They are still pulling from Hiera like they were intended before, but it needs to be a little more explicit for Puppet to be happy. Change-Id: I2e00eae829713b2dbb1e4a5f296b6d08d0c21100
2015-07-20Merge "Ensure compute nodes use internalURL as catalog_info"Jenkins2-0/+5
2015-07-20Merge "Allow overlapping IPs in Neutron"Jenkins1-0/+1
2015-07-19Merge "Ensure CinderStorage nodes use internalURL as catalog_info"Jenkins2-0/+7
2015-07-18Set rabbitmq heatbeat timeout threshold to 60Dan Prince1-0/+6
Updates the default settings for Nova, Neutron, Cinder, Ceilometer, and Heat services so we set the default rabbitmq threshold to 60 seconds. Change-Id: If537ae16968eb6b264b2ab071144f1eecab18b64
2015-07-17Allow overlapping IPs in NeutronJiri Stransky1-0/+1
Change-Id: I7703013b62bd67869c268fb8689389ec0eeb5aad
2015-07-17Merge "Increase default max_connections for MySQL from 1024 to 4096"Jenkins1-1/+1
2015-07-17Merge "Enable hieradata ExtraConfig overrides for Controller"Jenkins1-36/+9
2015-07-17Ensure CinderStorage nodes use internalURL as catalog_infoGiulio Fidente2-0/+7
By default Cinder will get the publicURL for Nova and Swift, which is not reachable by the CinderStorage nodes. Change-Id: I25b7900c9ab261e0f706257ffdf6844533b63b94
2015-07-17Ensure compute nodes use internalURL as catalog_infoGiulio Fidente2-0/+5
By default Nova will get the publicURL instead, which is not reachable by the compute nodes. Change-Id: I57b6a7a7eddb0ffaf6d2d152d932f390c48f908e
2015-07-16Wire in hieradata overrides via ExtraConfig for CephStorageSteven Hardy1-0/+18
Adds support for global (ExtraConfig) and role-specific (CephStorageExtraConfig) hiera overrides, similar to those added for the Controller, NovaCompute, BlockStorage, ObjectStorage roles. Change-Id: Idbe73b86a772491cd3c55ba69b5a95cc291d2598
2015-07-16Wire in hieradata overrides via ExtraConfig for ObjectStorageSteven Hardy1-0/+18
Adds support for global (ExtraConfig) and role-specific (ObjectStorageExtraConfig) hiera overrides, similar to those added for the Controller, NovaCompute and BlockStorage roles. Change-Id: I7dd0d8003017e2738366983cb5d8e08b3f3fa334
2015-07-16Wire in hieradata overrides via ExtraConfig for BlockStorageSteven Hardy1-34/+13
Adds support for global (ExtraConfig) and role-specific (BlockStorageExtraConfig) hiera overrides, similar to those added for the Controller and NovaCompute roles. Change-Id: Iaf9665b53407e6a657f56d6516469f2c88bafbdd
2015-07-16Wire in hieradata overrides via ExtraConfig for NovaComputeSteven Hardy1-34/+8
Adds support for global (ExtraConfig) and role-specific (NovaComputeExtraConfig) hiera overrides, similar to those added for the controller. For example, you can pass an environment file like: parameters: NovaComputeExtraConfig: nova::scheduler::filter::ram_allocation_ratio: 1.8 compute_classes: - ::nova::scheduler::filter This passes a hiera value for ram_allocation_ratio and enables a class via the include added in https://review.openstack.org/#/c/197908/ Note this also requires https://review.openstack.org/#/c/188772/ or 40-hiera-datafiles incorrectly quotes the list and the compute_classes part won't work. Change-Id: Ic33eed1b5e9c33c0d2f6075c65c8d9649b82c8b4
2015-07-16Merge "Provide manage_service to neutron::agents::ml2::ovs"Jenkins1-1/+1
2015-07-16Increase default max_connections for MySQL from 1024 to 4096Giulio Fidente1-1/+1
As a matter of fact it seems that the 1024 connections barrier can easily be reached with modern hardware, see: https://bugzilla.redhat.com/show_bug.cgi?id=1240824 Change-Id: I194a0dd725907350ca16ea3c41f3ed4f68a11bcf
2015-07-15Enable hieradata ExtraConfig overrides for ControllerSteven Hardy1-36/+9
Wires in the ControllerExtraConfig and ExtraConfig parameters so that they may be used to specify overrides of the default hieradata. Note if this is used to override values specified via parameters rather than hard-coded values in puppet/hieradata caution should be used as the overridden values will always take precendence regardless of the parameter input, unless the parameter is provided directly to the Deployment resource applying the manifiest (e.g not the pattern currently employed in most of t-h-t) Also note that ControllerExtraConfig takes precedence over the deployment-wide ExtraConfig. For example, here's how you would pass a value which disables the heat-api-cfn service on all controllers. This would be put into an environment file, then passed to the heat stack-create via an extra -e option: parameters: controllerExtraConfig: heat::api_cfn::enabled: false Note the parameter capitalization is different in the top-level overcloud-without-mergepy template for some reason. Change-Id: I6d6e3e78460308134d95c01892bb242aba70e9ca
2015-07-15Merge "Adds the NeutronTunnelIdRanges and NeutronVniRanges parameters"Jenkins3-5/+61
2015-07-15Merge "Configure Heat's ec2 auth uri correctly"Jenkins1-0/+7
2015-07-15Merge "Allow a user to disable MongoDB journaling"Jenkins2-0/+7
2015-07-15Merge "Removes the NeutronScale resource from controller pcmk manifest"Jenkins1-22/+2
2015-07-13Ensure SELinux is permissive on Ceph OSDsJiri Stransky4-1/+45
Currently we build the overcloud image with selinux-permissive element in CI. However, even in environments where selinux-permissive element is not used, it should be ensured that SELinux is set to permissive mode on nodes with Ceph OSD [1]. We have no nice way to manage SELinux status via Puppet at the moment, so i'm resorting to execs, but with proper "onlyif" guards. [1] https://bugzilla.redhat.com/show_bug.cgi?id=1241422 Change-Id: I31bd685ad4800261fd317eef759bcfd285f2ba80
2015-07-13neutron-server: Remove start/sleep/stop patternYanis Guenane1-6/+1
Currently the bootstrap of the neutron server happens with the use of a start/sleep/stop pattern. Since Pacemaker doesn't mind if the service is already started let simply start the neutron server on the $pacemaker_master node and wait for 5 sec. Change-Id: I894dc3305f7d6685ebcc6828e690c718a63f32bd Closes-Bug: #1473410
2015-07-13Provide manage_service to neutron::agents::ml2::ovsGiulio Fidente1-1/+1
Change-Id: Ib945b07dd93f9bdc613f464211745094c4c72836
2015-07-13Adds the NeutronTunnelIdRanges and NeutronVniRanges parametersmarios3-5/+61
This adds the NeutronTunnelIdRanges and NeutronVniRanges parameters which govern the GRE or VXLAN tunnel IDs (respectively) that are to be made available for overcloud tenant networks. These both default to "1:1000," to retain the current behaviour. They are propagated to the hiera data for puppet deploys and there is a separate change to support passing these into the config via the neutron tripleo-image-element at https://review.openstack.org/#/c/199592/ Change-Id: I967a8cae218a31e888abc438e9de5756ae627adb Related-Bug: https://bugzilla.redhat.com/show_bug.cgi?id=1240631