9171 Commits

Author SHA1 Message Date
Zuul
0ec13316a5 Merge "Add Distributed Compute roles" 2019-01-10 15:48:51 +00:00
Zuul
6cbb1a797a Merge "Ensure /var/lib/iscsi actually exists before mounting it" 2019-01-10 14:38:57 +00:00
Zuul
b0409666a0 Merge "Rework the generated openshift-ansible playbook" 2019-01-10 13:37:28 +00:00
Zuul
eb5b6952c2 Merge "Fall back public_virtual_ip to ctlplane if External net not present" 2019-01-10 08:32:00 +00:00
Zuul
0435f6cc23 Merge "Only add internal_api_virtual_ip if InternalApi in network_data" 2019-01-10 08:31:58 +00:00
Martin André
bb1a1209ac Rework the generated openshift-ansible playbook
The `prerequisites.yml` playbook should only be explicitly run on
initial deployment to prepare the nodes. It is already included in the
scaleup playbooks for the new nodes so there is no need to include it
again. Re-running the `prerequisites.yml` playbook reconfigures the
container runtime and may cause outage, it is supposed to be run only
once.

Make update and upgrade playbooks exclusive. There is no need to run
both of them.

Add comments to clarify the intent for each playbooks.

Change-Id: I30278360fcc1ffa9bd7ce7cb77d023629fb6fa47
Closes-Bug: #1804790
2019-01-10 09:02:34 +01:00
Zuul
f1ce0b106b Merge "Flatten Keystone service configuration" 2019-01-10 05:37:26 +00:00
Zuul
909338f74a Merge "Fix scenario003-standalone remove extra cinder/horizon/swift" 2019-01-09 22:34:28 +00:00
Zuul
8197d776bc Merge "modify assignment spelling" 2019-01-09 22:34:25 +00:00
Zuul
829cde2f35 Merge "Add horizon WebSSO support for OpenID Connect" 2019-01-09 22:26:48 +00:00
Zuul
8f4a2607d8 Merge "Make NetCidrMapValue contain list of cidrs in each net" 2019-01-09 20:02:14 +00:00
Zuul
738eb1aa7c Merge "Let the operator manage openshift updates and upgrades" 2019-01-09 14:59:00 +00:00
Zuul
34daecbff7 Merge "docker-puppet.py: only create docker-puppet.sh when it doesn't exist" 2019-01-09 14:16:50 +00:00
Marios Andreou
832a895087 Fix scenario003-standalone remove extra cinder/horizon/swift
As tracked by ci squad in [1] the scenario3 standalone has some
extra services cinder/horizon/swift removed here.

[1] https://tree.taiga.io/project/tripleo-ci-board/task/544

Change-Id: Ibb09de39cf2769a8516e4245d4a41150c97f6e0c
2019-01-09 14:36:33 +02:00
Nathan Kinder
78ee893158 Add horizon WebSSO support for OpenID Connect
This adds support for configuring horizon for WebSSO when keystone
federation with OpenID Connect is enabled.  This patch just exposes
some new parameters to use puppet-horizon for configuration.  The
sample environment file for OpenID Connect federation is also updated
to use the new parameters.  Some of the sample defaults were updated
to more closely match the URLs that horizon expects.

Change-Id: I7c3ee6b54cc0c9653742c3ce1de60b2851d1fe68
2019-01-09 11:55:34 +00:00
Zuul
5dc292d198 Merge "Configure undercloud timezone" 2019-01-09 11:49:48 +00:00
Harald Jensås
a017ecac9f Fall back public_virtual_ip to ctlplane if External net not present
public_virtual_ip previously required the External network to be
present in networks data. Add a conditional to use the VIP on the
ctlplane if the External network is not in networks data.

Closes-Bug: #1774401
Change-Id: Ie6c3d7124d11ee89788b432da39df16f031fcf12
2019-01-09 11:49:14 +01:00
Harald Jensås
868c7685f1 Only add internal_api_virtual_ip if InternalApi in network_data
Add's a conditional to only include internal_api_virtual_ip if
InternalApi network is defined in custom networks.

According to code comment internal_api_virtual_ip is only used
by Contrail.

Change-Id: Ifd8f59bd03c9bab1283e580a64957f201eb8f335
Closes-Bug: #1772124
2019-01-09 11:49:07 +01:00
Cédric Jeanneret
a15509f999 Ensure /var/lib/iscsi actually exists before mounting it
Change I803ed2ba9ff52f9a02c550a28d21cc9102568c8e adds this directory
as bind-mount for many services, but there is no guarantee this directory
actually exists on the node.

This might break the deploy, as it will prevent the iscsi container to
start as expected when using podman.

Although this directory is managed by a package (iscsi-initiator-utils),
this one isn't always present (i.e. on undercloud, or deployed servers,
or standalone).

Related-Bug: #1810338
Change-Id: I8fc52b2a872fd77b342a0f20e4602b21d9e33fed
2019-01-09 06:43:17 +01:00
Zuul
919aedcdf3 Merge "Fix scenario002-standalone missing aodh/ceilo/heat/gnocchi services" 2019-01-09 05:38:35 +00:00
Zuul
9ac9e0c3c3 Merge "Add standalone scenario jobs into the gate as well as check" 2019-01-09 04:09:59 +00:00
Emilien Macchi
d8ee4b9e73 docker-puppet.py: only create docker-puppet.sh when it doesn't exist
In docker-puppet.py, we only create docker-puppet.sh script if it
doesn't exist yet. It's not useful to re-create it and it can be
dangerous to regenerate the script while docker-puppet.py is running,
since we bind mount the script to the containers.
It's possible that during a multi-process task, the script changes and
then the entrypoint fails to run correctly if the interpreter is not
present in the script.

This patch makes sure that we create the script only when needed, and
also that we remove it before running docker-puppet.py, which will be
useful when doing clean deployments or upgrades.

Context: https://github.com/containers/libpod/issues/1844
Change-Id: I0ac69adb47f59a9ca82764b5537532014a782913
2019-01-08 21:55:10 -05:00
Zuul
d71c8b4aaa Merge "Do not dereference .stdout if dmidecode is missing" 2019-01-08 22:32:07 +00:00
Marios Andreou
1bd0bf02a3 Add standalone scenario jobs into the gate as well as check
Since they are voting we need to add them in gate too

Change-Id: If43962653ff7474ac2617bde6992ccbcd09e2153
2019-01-08 22:00:45 +00:00
Zuul
a815f16d60 Merge "Reno only - Check for available networks for a role" 2019-01-08 20:13:40 +00:00
Zuul
7f2441dcb1 Merge "update datatype for "OctaviaFlavorId"" 2019-01-08 20:13:37 +00:00
Zuul
ec79c41d50 Merge "Fix example in releasenotes/notes/composable-network-subnets" 2019-01-08 18:11:05 +00:00
Marios Andreou
884ceb1035 Fix scenario002-standalone missing aodh/ceilo/heat/gnocchi services
As tracked by ci squad at [1] scenario2 standalone is missing some
services and has extra horizon compared to the multinode being
replaced

[1] https://tree.taiga.io/project/tripleo-ci-board/task/543

Change-Id: I034dd365f6fd20060f9ad49c4e81b3c534efbe4b
2019-01-08 19:08:48 +02:00
Juan Antonio Osorio Robles
40ba776463 Flatten Keystone service configuration
This change combines the previous puppet and docker files
into a single file that performs the docker service installation
and configuration. With this patch the baremetal version of
keystone has been removed.

Related-Blueprint: services-yaml-flattening
Change-Id: I6140b02ad1ab6d88990e173dcf556977f065b3c5
2019-01-08 10:13:43 -05:00
Zuul
4fbd9960db Merge "Update hacking version" 2019-01-08 14:44:31 +00:00
Zuul
d442624344 Merge "Explicitly set KVM machine_type for migration compatibility" 2019-01-08 14:44:28 +00:00
Zuul
ee2d5946ae Merge "Fix scenario001-standalone missing aodh/ceilo/heat/gnocchi services" 2019-01-08 14:06:01 +00:00
Tony Breeds
f9b5401c1f Do not dereference .stdout if dmidecode is missing
In 459b2664d99befa452e1946a4e4cf400183dd9e3 (Handle missing or bad
dmidecode) we accept return values of 0, 1 or 2 from command modules
that call 'dmidecode'.  However we then unconditionally look at the
stdout key in the result object.  When the dmidecode binary is missing
the result dictionary from the command module doesn't contain a stdout
key (resulting in something like):

---
fatal: [overcloud-novacomputeppc64le-1]: FAILED! => {"msg": "The task includes an option with an undefined variable. The error was: 'dict object' has no attribute 'stdout'\n\nThe error appears to have been in '/var/lib/mistral/overcloud/ceph-ansible/nodes_uuid_playbook.yml': line 14, column 7, but may\nbe elsewhere in the file depending on the exact syntax problem.\n\nThe offending line appears to be:\n\n      failed_when: machine_uuid.rc not in [0, 1, 2]\n    - name: generate host vars from nodes data\n      ^ here\n"}
---

This change just adds a default('') filter to the lookup so a missing
key will fallback to an empty dictionary

Closes-Bug: 1790447
Change-Id: I7db180674c3696508a7f449e2e825e7083a00f6e
2019-01-09 00:21:22 +11:00
Harald Jensås
991e0fc0c0 Reno only - Check for available networks for a role
Since change: I07822ec0cba7eed352c0010eb893b5e5a522e95c
resources are no longer created for networks that are not
defined in roles data. While this is an improvement we
need to communicate this change.

There is tribal knowledge and documentation that failed
reflect the requirement to add networks to roles data
since the introduction of composable networks in Pike.

Prior to Pike adding a network to a role was achived by
overriding the resource_registry entry to not use the
noop.yaml fake port (fall back to ctlplane) template.
i.e to add External network to compute role the
following was commonly added to network-environment.yaml

  OS::TripleO::Compute::Ports::ExternalPort:
    ../network/ports/external.yaml

NOTE: Current OVN-DVR and ODL doc's downstream uses the
      resource_registry override, whitout also adding
      the network to roles data.

Related-Bug: #1800811
Change-Id: I6c03c7a2bd6f369bf35a9e479a97302c9a455197
2019-01-08 13:20:30 +01:00
Zuul
2ef84d2210 Merge "Replace tripleo-scenario002-multinode with scenario002-standalone" 2019-01-08 10:37:55 +00:00
Zuul
9174ae0f13 Merge "Use templating for nova cell transport-url" 2019-01-08 09:30:51 +00:00
Harald Jensås
f3b7f150e6 Fix example in releasenotes/notes/composable-network-subnets
An indentation mistake in the example used in release notes.

Change-Id: I6ca061b0b827b848d63bb0df7ac50b4957eca612
2019-01-08 09:30:16 +01:00
Zuul
941cf073c7 Merge "Add default to network.mtu in j2 in nic configs" 2019-01-08 07:13:17 +00:00
Zuul
008b951de5 Merge "docker-puppet.py: move entrypoint mount to latest in order" 2019-01-08 06:53:32 +00:00
Zuul
8f5fb5144d Merge "flatten sshd service configuration" 2019-01-08 06:50:55 +00:00
Zuul
37251b2da9 Merge "Bind mount /var/lib/iscsi in containers using iSCSI" 2019-01-08 03:44:36 +00:00
Zuul
e9de300da2 Merge "flatten time service configuration" 2019-01-08 03:37:03 +00:00
Zuul
2ed0c19976 Merge "Remove deprecated workflow resource registry entries" 2019-01-07 23:05:57 +00:00
Zuul
694a071c0d Merge "Fix bind mount for glance-api's service directory" 2019-01-07 23:05:55 +00:00
Zuul
3b5a32c463 Merge "Fix scenario004-standalone - remove cinder/fluentd/horizon/redis" 2019-01-07 23:05:53 +00:00
Alex Schultz
3f69b76531 Configure undercloud timezone
Add timezone service to the undercloud role so that it is properly
configured when we install the undercloud.

Change-Id: I4814cfb52f57d8260cda61adb6ac20609f435846
Depends-On: https://review.openstack.org/#/c/628015/
Closes-Bug: #1784068
2019-01-07 15:42:43 -07:00
Emilien Macchi
b1d34c98bc docker-puppet.py: move entrypoint mount to latest in order
Put the entrypoint bind as the last one so to be sure it is accessible.
See https://github.com/containers/libpod/issues/1844#issuecomment-451442611

Change-Id: I5a9dbbee5fde81c3f7ecc41a557f15d54d6e070a
2019-01-07 22:01:33 +00:00
Zuul
2e37e7e22f Merge "Bind mount docker-puppet.py in RO without SElinux labelling" 2019-01-07 21:25:12 +00:00
Harald Jensås
cf333d3a07 Add default to network.mtu in j2 in nic configs
Previously all networks was rendered for all roles, and
thus the default set in network/network.j2#L83 would
propgate to the nic config for any role. Since we now
only include properties for network's in role.networks
when passing parameters puppet/role.role.j2.yaml this
default may not propagate to the nic config and can
cause problems if merge-new-params-nic-config-script.py
was used to add new parameters with a role missmatch.

(i.e Updating the Compute roles NIC config file while
specifying the Controller role in  merge-new-params
tool would add the parameter with no default which
causes Property {{network.name}}Mtu not assigned
error when deploying.

Change-Id: I3031977a0daabb093cb8f61bcfc22b68e8e35bed
2019-01-07 22:09:27 +01:00
James Slagle
f555e4b422 Add Distributed Compute roles
Adds new roles for DistributedCompute and DistributedComputeHCI. These
roles closely match the existing Compute roles but also include the
CinderVolume service.

implements split-controlplane

Change-Id: Ia7f5ba93a9fc31b4653e6cbd9b3e5d8f00d26a27
2019-01-07 16:07:43 -05:00