Age | Commit message (Collapse) | Author | Files | Lines |
|
Reinstates the heat-admin user via template user-data, which
replaces the previous boothook injected user provided by the
(deprecated now removed) heat instance_user option.
This has some advantages over the heat.conf option, e.g it allows
for much easier customzation of the user configuration (additional
SSH keys, adding groups etc), and also in future if we support
deploying more than one overcloud you could specify a different
user per deployment.
Co-Authored-By: Dan Prince <dprince@redhat.com>
Change-Id: I2235b9690c01542d8a28ec1c1a4607de751aea29
Closes-Bug: #1229849
|
|
|
|
|
|
This change enables Keystone notifications and adds two parameters
to control the notification driver and format.
Change-Id: I23ac3c46ee9eb49523d3b8dab027ef21fc6e42df
|
|
|
|
This commit provides a way to configure some additional hieradata
for compute nodes. This is similar to the earlier added infra for
supporting Controller pre-deployment extraconfig.
Change-Id: I02dda0685c7df9013693db5eeacb2f47745d05b5
|
|
|
|
|
|
|
|
|
|
Set up a cron job to flush keystone tokens periodically. The job runs
once a day near midnight per puppet-keystone defaults, and we pass
maxdelay 3600 which means each controller will wait a random delay of up
to 1 hour before running the task.
Change-Id: I351f0273c61106c182aa3945b7ad1ce8f5c7d12b
|
|
|
|
|
|
|
|
|
|
The dafault in nova.conf for default_floating_pool is set to nova
which is confusing given to make Tempest tests to pass one has to
create a public network with such a name.
Change-Id: I148222a9f276309ede062ee5292993898ff899d6
|
|
|
|
|
|
|
|
Memcached is used by novnc to share the auth tokens.
Change-Id: I18415b6ae38b46e3c92e4ce84b858a014ef8398b
|
|
This patch moves most of the ::db::mysql parameter initialization
into a new database.yaml Hiera file. This cleans up the
controller manifests and allows us to define things in a single
location across the two implementations (HA and nonHA).
Change-Id: I895b753b329097a96a6c6f3a03a5fcebefe32dd4
|
|
On slow environments the start operation of some services can
take longer than 20s so we increase the default for start
operation to 90s, more info can be found at:
https://bugzilla.redhat.com/show_bug.cgi?id=1242052
Systemd defaults to 90s as well.
Change-Id: Ie4652bad518075be77937d47830f263034eda79c
|
|
|
|
|
|
This wires in use of a new puppet-tripleo class which
encapsulates the logic to enable/disable package
installation and upgrades.
By using the new class we can remove the global
Package provider declaration at the top of each
module.
Change-Id: I5c6e5fd8600031bd8fb6195649721607c560f9d5
Depends-on: Ie8fbc344149bc8c9977e127de77636903607617a
|
|
It was incorrectly assumed that Puppet variables assigned to a
defined class (as seen in cinder-netapp.yaml) would be applied to
any resources created with that type. This is not how Puppet works.
The full range of configuration parameters to cinder::backend::netapp
have been added back in. They are still pulling from Hiera like they
were intended before, but it needs to be a little more explicit for
Puppet to be happy.
Change-Id: I2e00eae829713b2dbb1e4a5f296b6d08d0c21100
|
|
|
|
|
|
|
|
Updates the default settings for Nova, Neutron, Cinder,
Ceilometer, and Heat services so we set the default rabbitmq
threshold to 60 seconds.
Change-Id: If537ae16968eb6b264b2ab071144f1eecab18b64
|
|
Change-Id: I7703013b62bd67869c268fb8689389ec0eeb5aad
|
|
|
|
|
|
By default Cinder will get the publicURL for Nova and Swift, which
is not reachable by the CinderStorage nodes.
Change-Id: I25b7900c9ab261e0f706257ffdf6844533b63b94
|
|
By default Nova will get the publicURL instead, which is not
reachable by the compute nodes.
Change-Id: I57b6a7a7eddb0ffaf6d2d152d932f390c48f908e
|
|
Adds support for global (ExtraConfig) and role-specific
(CephStorageExtraConfig) hiera overrides, similar to those added
for the Controller, NovaCompute, BlockStorage, ObjectStorage roles.
Change-Id: Idbe73b86a772491cd3c55ba69b5a95cc291d2598
|
|
Adds support for global (ExtraConfig) and role-specific
(ObjectStorageExtraConfig) hiera overrides, similar to those added
for the Controller, NovaCompute and BlockStorage roles.
Change-Id: I7dd0d8003017e2738366983cb5d8e08b3f3fa334
|
|
Adds support for global (ExtraConfig) and role-specific
(BlockStorageExtraConfig) hiera overrides, similar to those added
for the Controller and NovaCompute roles.
Change-Id: Iaf9665b53407e6a657f56d6516469f2c88bafbdd
|
|
Adds support for global (ExtraConfig) and role-specific
(NovaComputeExtraConfig) hiera overrides, similar to those added
for the controller.
For example, you can pass an environment file like:
parameters:
NovaComputeExtraConfig:
nova::scheduler::filter::ram_allocation_ratio: 1.8
compute_classes:
- ::nova::scheduler::filter
This passes a hiera value for ram_allocation_ratio and enables
a class via the include added in https://review.openstack.org/#/c/197908/
Note this also requires https://review.openstack.org/#/c/188772/
or 40-hiera-datafiles incorrectly quotes the list and the
compute_classes part won't work.
Change-Id: Ic33eed1b5e9c33c0d2f6075c65c8d9649b82c8b4
|
|
|
|
As a matter of fact it seems that the 1024 connections barrier
can easily be reached with modern hardware, see:
https://bugzilla.redhat.com/show_bug.cgi?id=1240824
Change-Id: I194a0dd725907350ca16ea3c41f3ed4f68a11bcf
|
|
Wires in the ControllerExtraConfig and ExtraConfig parameters so
that they may be used to specify overrides of the default hieradata.
Note if this is used to override values specified via parameters
rather than hard-coded values in puppet/hieradata caution should
be used as the overridden values will always take precendence
regardless of the parameter input, unless the parameter is provided
directly to the Deployment resource applying the manifiest (e.g
not the pattern currently employed in most of t-h-t)
Also note that ControllerExtraConfig takes precedence over the
deployment-wide ExtraConfig.
For example, here's how you would pass a value which disables the
heat-api-cfn service on all controllers. This would be put into an
environment file, then passed to the heat stack-create via an extra
-e option:
parameters:
controllerExtraConfig:
heat::api_cfn::enabled: false
Note the parameter capitalization is different in the top-level
overcloud-without-mergepy template for some reason.
Change-Id: I6d6e3e78460308134d95c01892bb242aba70e9ca
|
|
|
|
|
|
|
|
|
|
Currently we build the overcloud image with selinux-permissive element
in CI. However, even in environments where selinux-permissive element is
not used, it should be ensured that SELinux is set to permissive mode on
nodes with Ceph OSD [1].
We have no nice way to manage SELinux status via Puppet at the moment,
so i'm resorting to execs, but with proper "onlyif" guards.
[1] https://bugzilla.redhat.com/show_bug.cgi?id=1241422
Change-Id: I31bd685ad4800261fd317eef759bcfd285f2ba80
|
|
Currently the bootstrap of the neutron server happens with the use of a
start/sleep/stop pattern.
Since Pacemaker doesn't mind if the service is already started let
simply start the neutron server on the $pacemaker_master node and wait
for 5 sec.
Change-Id: I894dc3305f7d6685ebcc6828e690c718a63f32bd
Closes-Bug: #1473410
|
|
Change-Id: Ib945b07dd93f9bdc613f464211745094c4c72836
|
|
This adds the NeutronTunnelIdRanges and NeutronVniRanges parameters
which govern the GRE or VXLAN tunnel IDs (respectively) that are to
be made available for overcloud tenant networks.
These both default to "1:1000," to retain the current behaviour.
They are propagated to the hiera data for puppet deploys and there
is a separate change to support passing these into the config via
the neutron tripleo-image-element at
https://review.openstack.org/#/c/199592/
Change-Id: I967a8cae218a31e888abc438e9de5756ae627adb
Related-Bug: https://bugzilla.redhat.com/show_bug.cgi?id=1240631
|