Commit Graph

295 Commits

Author SHA1 Message Date
Eduardo Gonzalez
9170cda73e Add designate dashboard to horizon
This change [0] reverted designate dashboard change because
designate was not finished, we forgot to enable again.

[0] https://review.openstack.org/#/c/408714/

Change-Id: Ibaf7e5a5dc8cbef619d86a0f2b240d384984e8bd
2017-07-05 16:03:38 +01:00
jangseon ryu
89787a74f5 Removing deplicated option from global.yml file.
The external_ceph_cephx_enabled option is duplicated
in the global.yml. So one of them was deleted.

Change-Id: I2eff2f1d00b3344f90488bfe0477fe800bcaa85f
Closes-Bug: #1702395
Signed-off-by: jangseon ryu <jangseon.ryu@navercorp.com>
2017-07-05 04:48:44 +00:00
Jenkins
8f3f675b84 Merge "Enable zun ui when zun enabled" 2017-07-04 15:00:30 +00:00
Jenkins
0a343d1cf0 Merge "Comment designate options at globals.yml" 2017-06-30 09:37:50 +00:00
caoyuan
870836bb19 Enable zun ui when zun enabled
Depends-On: Ie0e02253bd706cad6a568e1574aa4c4bd83744e5

Change-Id: I10e64ea5a104109a7ced3712b29b3b526c55f7f1
Closes-Bug: #1677922
2017-06-29 15:39:27 +08:00
Mark Goddard
2e4359069e Barbican simple_crypto plugin broken - invalid key
When using the simple_crypto plugin, barbican expects the
[simple_crypto_plugin] kek config value to be a base64-encoded 32 byte
value. However, kolla-ansible is providing a standard autogenerated
password.

There are two relevant variables in kolla-ansible -
barbican_crypto_password (a standard password) and barbican_crypto_key
(a HMAC-SHA256 key). There is no use of barbican_crypto_key other than
when it is generated. barbican_crypto_password is used to set the
[simple_crypto_plugin] kek config value but causes an error when the
simple_crypto plugin is used as the value is not in the expected format.
Using barbican_crypto_key instead resolves the error. Clearly there is a
naming issue here and we should be using barbican_crypto_key instead of
barbican_crypto_password.

This change removes the barbican_crypto_password variable and uses
barbican_crypto_key instead.

Change-Id: I63e2b381c260265e5901ee88ca0a649d96952bda
Closes-Bug: #1699014
Related-Bug: #1683216
Co-Authored-By: Stig Telfer <stig@stackhpc.com>
2017-06-21 17:07:17 +01:00
Jenkins
f07515afe8 Merge "Add vhost to outward rabbitmq for Murano" 2017-06-16 11:28:33 +00:00
Paul Bourke
aff43f73e3 Add vhost to outward rabbitmq for Murano
Change-Id: I09654f29b59e0327ee1a7961e0990e4c6927e8fc
Closes-Bug: #1620374
2017-06-15 14:19:33 +01:00
Dan Ardelean
58ce2b54ea Add Hyper-V role
Implement an ansible role that adds Hyper-V as a compute node for
OpenStack using Kolla.

This will install and configure the Nova Compute service, the
Hyper-V Neutron agent and FreeRDP-WebConnect.
https://docs.openstack.org/ocata/config-reference/compute/hypervisor-hyper-v.html

Change-Id: I601835b0769c5ff173a980a05a752391ae8cc82f
Implements: blueprint hyperv-ansible-role
Co-Authored-By: Alessandro Pilotti <apilotti@cloudbasesolutions.com>
2017-06-15 16:12:31 +03:00
Paul Bourke
d8fe3ea780 Add a new 'outward' rabbitmq instance
Certain services such as Murano and trove require access to a rabbitmq
instance from tenant networks. [0]

Exposing the internal rabbitmq to end users is a security hole, hence
there are two options, 1) use vhosts in the existing rabbitmq, or two a
separate rabbitmq instances. Given the importance of rabbitmq to the
OpenStack deployment, we have decided to go with a separate instance.
Refer to [1] for more detail on the various options.

This change makes the rabbitmq role generic so that it can be reused, in
this case to start 'outward_rabbitmq'. It needs to be exposed via
haproxy both for network isolation and also because this is what Murano
configuration requires.

Follow on patches will be added to add a vhost in this outward instance
for Murano and other services which require access.

Based on the original work by bdaca[2]

[0] http://murano.readthedocs.io/en/stable-liberty/intro/architecture.html
[1] http://lists.openstack.org/pipermail/openstack-dev/2016-December/109091.html
[2] https://review.openstack.org/#/c/374525

Change-Id: Ib2bcc7ed4bf4f883a7cd1dfad3db89201e3cfd8d
Partial-Bug: #1620374
Depends-On: I020eb6219f89a310451becde41f6f1c7f54baadd
Co-Authored-By: Bartłomiej Daca <bartek.daca@gmail.com>
2017-06-15 11:12:22 +00:00
Jenkins
b62e1d9574 Merge "Add the ceph keyring files related task condition" 2017-06-12 09:32:10 +00:00
Mathieu Rohon
43900bc8b6 Add skydive service
This patch introduces the ansible materials to deploy
the skydive service, that can be used to monitor and
troubleshoot networking in an openstack deployment.

Implements: blueprint skydive-service

Co-Authored-By: Nicolas Bouron <nicolas.bouron@gmail.com>
Signed-off-by: Mathieu Rohon <mathieu.rohon@gmail.com>

Change-Id: I53051a1b0c85380416288e17040a398b6efb62c0
2017-06-06 09:09:10 +02:00
Eduardo Gonzalez
ab4b1ff785 Support OSprofile usage
OSprofile allows user/devs trace OpenStack requests.

Implements: blueprint enable-osprofiler
Co-Authored-By: Bertrand Lallau <bertrand.lallau@gmail.com>
Change-Id: I82ea85d726011ef6cbf99380f395452d6d7f8053
2017-06-02 22:41:33 +02:00
Jenkins
f1b7366e78 Merge "Add copy ceph keyring files conditions in cinder" 2017-05-23 11:23:15 +00:00
Jenkins
2286330829 Merge "Add VMware DataStore support to glance" 2017-05-23 10:57:03 +00:00
shaofeng_cheng
c6d2070511 Add VMware DataStore support to glance
Add configure the VMware Storage Backend in glance-api.
Because of the following document was not updated:
https://docs.openstack.org/developer/glance/configuring.html#configuring-the-vmware-storage-backend

So,see code:
https://github.com/openstack/glance_store/blob/master/glance_store/_drivers/vmware_datastore.py
https://github.com/openstack/glance_store/blob/master/glance_store/backend.py

Partially-implements: blueprint kolla-ansible-support-vsphere

Change-Id: Icb73ec501aabd938eb23257518ce0650a329bef3
2017-05-22 16:55:14 +08:00
shaofeng_cheng
12621ef8f1 Add the ceph keyring files related task condition
If used external ceph for nova,the ceph storage not enable cephx.
So ceph keyring file not does not exist.
Task throw error of check ceph keyring files.

Change-Id: I6257c107b94abf4d363e854229aaab8301d1d694
Closes-Bug: #1684522
2017-04-21 10:06:04 +08:00
shaofeng_cheng
3a67e5727b Add copy ceph keyring files conditions in cinder
If used external ceph for cinder,the ceph storage not enable cephx.
So ceph keyring file not does not exist.
Task throw warning of copy over ceph keyring files.

Change-Id: Ibb3cd536c982ad9dede3c2a0ecfc02cdf6e4c1b9
Closes-Bug: #1684461
2017-04-21 09:58:50 +08:00
Eduardo Gonzalez
17b965356e Comment designate options at globals.yml
Designate options are uncommented in globals while in group_vars/all
are uncommented too.

This change comment designate options to maintain similar style
in globals.yml with other services.

TrivialFix

Change-Id: Iab36590e2eaa60580f438fe73dd5237b43b70ee9
2017-04-19 14:19:39 +01:00
Jenkins
5be2a8d6a0 Merge "Fix ceph role set target_max_bytes for cache pools" 2017-04-17 11:37:05 +00:00
Jeffrey Zhang
fb9ab70e6f Add barbican_crypto_password key in passwords.yml file
Change-Id: Ib966858f0422521e8896404ad458ea23143083e0
Closes-Bug: #1683216
2017-04-17 10:28:29 +08:00
shaofeng_cheng
cd103b187b Fix ceph role set target_max_bytes for cache pools
Ceph is not able to determine the size of a cache pool automatically,
so the configuration on the absolute size is required here
otherwise the flush/evict will not work.
see
http://docs.ceph.com/docs/master/rados/operations/cache-tiering/

Change-Id: I4d4abb50787093a292e1ee6eb790c10ecf5ccb94
Closes-Bug: #1654375
2017-04-14 18:11:33 +08:00
Jenkins
f9e7e8e893 Merge "Split Openvswitch into own role" 2017-04-13 14:39:16 +00:00
Marcus G K Williams
9badc4de21 Split Openvswitch into own role
Creates Openvswitch role and splits
openvswitch from Neutron role to enable
third party networking solutions that use
Openvswitch or customize Openvswitch.
For example Openvswitch with dpdk or
OpenDaylight.

Change-Id: I5a41c42c5ec0a5e6999b2570ddac0f5efc3102ee
Co-Authored-By: Mauricio Lima <mauriciolimab@gmail.com>
Partially-Implements: blueprint opendaylight-support
2017-04-11 16:15:35 -07:00
Paul Bourke (pbourke)
93ff74e4d3 Revert "Remove useless variable glance_backend_file"
Turns out this variable is not so useless...! In
I2c167bae6f34a102cd7fe66401d7defe13bf2bf7 we need to determine if a file
based backend is in use in order to determine how many api servers to
start. Without this variable these kind of checks would all need to be
updated every time a new shared storage backend is added.

This reverts commit 867c3bda39.

Change-Id: I335acc12b68b577b33d6cb28675225c40e6231cd
2017-04-06 15:36:10 +01:00
Jenkins
bed0357931 Merge "Remove useless variable glance_backend_file" 2017-03-30 15:11:22 +00:00
jimmygc
867c3bda39 Remove useless variable glance_backend_file
When glance_backend_ceph is not enabled, glance uses file as
backend store by default. Since glance_backend_file is useless
and not overriding glance backend when glance_backend_ceph is
enabled. I think it is good to remove it.

Change-Id: I94cbd8661e43ab296478470ed57d0effc5622ee5
2017-03-30 16:16:47 +08:00
root
2364bee3cc Add zun ansible role
Change-Id: I13cf03d6a97fb94dd7cb309e99a417ad101dc21a
Co-Authored-By: Mauricio Lima <mauriciolimab@gmail.com>
Partially-implements: bp add-zun-ansible-role
2017-03-30 04:15:17 -04:00
Jenkins
e2d60f5264 Merge "Fix can't find /usr/lib/libCryptoki2_64.so in barbican" 2017-03-22 14:11:11 +00:00
zhubingbing
6d0e31f232
Fix can't find /usr/lib/libCryptoki2_64.so in barbican
Link https://docs.openstack.org/project-install-guide/key-manager/newton/barbican-backend.html#simple-crypto-plugin

Change-Id: I351738c2a98090c56ac69e477fbe5ddec4cc5b26
Closes-Bug: #1672001
2017-03-22 20:43:14 +08:00
Thomas O'Neill
94dec80705 Add neutron-bgp-dragent playbooks and sensible defaults.
Depends-On: If7f5c80eb10a1c418785d9c659ae18bfecfcfe33
Change-Id: I9c54f01193b4e12338e71cd1f0a4635dcbfa43fe
Implements: blueprint neutron-bgp-dragent
2017-03-16 10:03:17 +00:00
Paul Bourke
b03906dd8b Enable horizon_backend_database if murano is enabled
Change-Id: I0eed4024b4ca86e458d92bd9703fb4a02feee947
Closes-Bug: #1666618
2017-03-14 14:19:40 +00:00
Eduardo Gonzalez
34b3bcf89d Set empty openstack_release option
globals.yml have the highest var precedence in Ansible vars
as is added in kolla-ansible as -e @globals.yml
Setting openstack_release: "auto" causes error while
deploying/pulling as this var override the fact set in site.yml.

Value in globals.yml should be a real kolla version
(3.0.0, 4.0.0, etc)
Value in group_vars/all works fine with auto.

Change-Id: If99f7b4b1507909c6c2628b6d6fc6ce2519c9a24
Closes-Bug: #1671143
2017-03-08 18:58:35 +00:00
Jeffrey Zhang
d06efcecc5 Fix booting from volume failure
Booting from volume require cinder's ceph client secret now. Move cinder
before nova in site.yml, because nova depends on cinder ceph client key
now.

Change-Id: I01c9ed80843d98305b8963894c4917c21a35d3ac
Closes-Bug: #1670676
2017-03-08 21:16:06 +08:00
caoyuan
c734f53277 Add the missing option for gloabols.yml
- collectd
- remove the unnecessary space

Change-Id: I98c60d29f50bb105ca52cc0060bfcd2b3701e6db
2017-02-15 15:49:14 +08:00
Jenkins
aaba647633 Merge "Change Barbican default secret store to pkcs11" 2017-02-15 05:02:50 +00:00
zhuzeyu
84ff7c2a18 Fix the path error in globals.yml
Change-Id: I963ac5512c711f639dc7ad6c7b1f217589373b0a
2017-02-10 12:04:02 +08:00
Duong Ha-Quang
f45fe3243f Change Barbican default secret store to pkcs11
Change-Id: I758eedb8569ce5ddbfb44f7dc79d622891997e84
Closes-Bug: #1625340
2017-02-09 13:40:13 +07:00
caowei
d467161399 Load freezer dashboard
Change-Id: Ib7354920de24dbab9481553bad6521e2f5e93fae
Depends-On: I8a70c7e95cdd6517816060e148d3fdc4857182f4
Closes-Bug: #1661953
2017-02-05 21:24:34 +08:00
Jenkins
4938e80b81 Merge "Enable tacker_horizon when enable_tacker is yes" 2017-02-05 12:57:50 +00:00
Jenkins
6856a6f804 Merge "Integrate designate with neutron" 2017-02-05 02:36:21 +00:00
qiankun.zhang
138ff1656d Enable tacker_horizon when enable_tacker is yes
Depends-On: Ic63c88436b03c14ef767ee102625e697250c00e0
Change-Id: I0220cdb13686deda8b7a3a622530cd72fbe80dad
Closes-Bug: #1647894
2017-02-04 01:54:36 +00:00
Eduardo Gonzalez
e516ea5099 Integrate designate with neutron
Integrate designate service with neutron to allow instances
and floatingip resolve designate dns.
MDNS service need to be reachable from nova instances
in order to resolve DNS queries.
Added new dns_interface to make this configurable.
Add designate guide.

Closes-Bug: #1661330

Change-Id: I5a2ac5cf2a9aa0977ae42d53dd64699623ddf3ed
2017-02-03 11:06:59 +00:00
Jeffrey Zhang
facfabf3bb Implement nova placement service
Closes-Bug: #1660987
Depends-On: I30efc20e6d918e08860584c017455e6d5fa91a35
Change-Id: If0a79b6013f28871dc9f13c510c919078f3304d5
2017-02-02 05:18:13 +00:00
Jenkins
2157d9787a Merge "Add freezer ansible role" 2017-01-27 12:12:52 +00:00
caowei
9c82ed8071 Add freezer ansible role
Co-Authored-By: caoyuan <cao.yuan@99cloud.net>
Co-Authored-By: zhubingbing <zhubingbing10@gmail.com>

Change-Id: I419f7ceb219ea9643cfd225c130018f967ddd860
Partially-implements: bp freezer-ansible-role
2017-01-27 11:19:13 +00:00
Jenkins
7ee53a563a Merge "Add chrony ansible role" 2017-01-26 12:03:27 +00:00
Jenkins
f2f30b4a5e Merge "Ansible config for nova-serialproxy console" 2017-01-24 16:40:40 +00:00
Jenkins
1da30ce395 Merge "Allow cinder-volume to be configured to use HNAS nfs" 2017-01-24 13:08:38 +00:00
Jenkins
13538f1fdf Merge "Add the missing option into globals.yml" 2017-01-24 12:40:53 +00:00