25 Commits

Author SHA1 Message Date
Sofer Athlan-Guyot
fb78213782 Put service stop at step1 and quiesce at step2.
In the previous release[1], the services were stopped before the
pacemaker services, so that they get a chance to send last message to
the database/rabbitmq queue:

Let's do the upgrade in the same order.

[1] https://github.com/openstack/tripleo-heat-templates/blob/stable/newton/extraconfig/tasks/major_upgrade_controller_pacemaker_2.sh#L13-L71

Change-Id: I1c4045e8b9167396c9dfa4da99973102f1af1218
2017-02-28 19:20:13 +01:00
Mathieu Bultel
76e89a5546 Remove aodh db sync from ansible upgrade
The db sync won't be run by ansible but by puppet
as part of the converge step

Change-Id: Ie868a92ece020e5749a401e0897be5ab80f13559
2017-02-10 06:58:02 +00:00
Mathieu Bultel
7a14359fbc Remove precheck on services which run on httpd for upgrade
Those services is not handle with systemctl

Change-Id: Ia57dffd42a11070696fda14f1e91de2993e63479
2017-02-06 16:39:54 +01:00
marios
d14c56e1b6 Adds a pre-upgrade check that service is running (step0)
Adds a step0 for most services to check that the state is running
before continuing with any of the other upgrades steps (these are
tagged step0).

You can skip this service check by overriding the
SkipUpgradeConfigTags parameter as follows:

parameter_defaults:
  SkipUpgradeConfigTags: validation

Co-Authored-By: Steven Hardy <shardy@redhat.com>
Change-Id: Ie276f153015f671b720b6ed5beaac1b921661909
2017-01-27 11:20:15 +02:00
Steven Hardy
5750df8829 Add telemetry service support for composable upgrades
Change-Id: I62735676b45a881a7dac24171b26d88d6eb60d4a
Partially-Implements: blueprint overcloud-upgrades-per-service
2017-01-25 21:04:18 +00:00
Juan Antonio Osorio Robles
80086fd342 Add metadata settings for needed kerberos principals
These are only used for TLS-everywhere, and fills up the kerberos
principals that will need to be created for the certs used by the
overcloud. With this, the metadata hook will format these principals
correctly and will further pass them on to the nova metadata service.
Where they can be used if there's a plugin enabled.

bp tls-via-certmonger
bp novajoin

Change-Id: I873094bb69200052febda629fda698a7a782c031
2017-01-25 00:33:11 +02:00
Jenkins
6b8c34b27a Merge "Bump template version for all templates to "ocata"" 2017-01-03 10:31:44 +00:00
Steven Hardy
3c6ec654b4 Bump template version for all templates to "ocata"
Heat now supports release name aliases, so we can replace
the inconsistent mix of date related versions with one consistent
version that aligns with the supported version of heat for this
t-h-t branch.

This should also help new users who sometimes copy/paste old templates
and discover intrinsic functions in the t-h-t docs don't work because
their template version is too old.

Change-Id: Ib415e7290fea27447460baa280291492df197e54
2016-12-23 11:43:39 +00:00
Pradeep Kilambi
02944999b7 Set aodh wsgi display name
Depends-On: I53b156505e08625d56ed6a302cf5b5c30e8e288c

Change-Id: Id9791d8a19a74c1f0855e794170f66542f88a548
2016-12-20 11:09:49 -05:00
Juan Antonio Osorio Robles
b4cd2ed1ee Use network-based fqdn entry from hiera instead of the custom fact
This changes how we get the network-based FQDNs for the specific
services, from using the custom fact, to the new hiera entries.

Change-Id: Iae668a5d89fb7bee091db4a761aa6c91d369b276
2016-12-01 11:18:23 +02:00
Dan Prince
7876851011 Hiera optimization: use a new hiera hook
This patch optimizes how we deploy hiera by using a new
heat hook specifically designed to help compose hiera
within heat templates. As part of this change:

 - we update all the 'hiera' software configurations to set the group to hiera
   instead of os-apply-config.

 - The new format uses JSON instead of YAML. The hook actually writes
   out the hiera JSON directly so no conversion takes place. Arrays,
   Strings, Booleans all stay in their native formats. As such we can avoid
   having to do many of the awkward string and list conversions in t-h-t to
   support the previous YAML formatting.

 - The new hook prefers JSON over YAML so upgrading users will have the
   new files prefered. (we will post a cleanup routine for the old files
   soon but this isn't a new behavior, JSON is now simply prefered.)

 - A lot of services required edits to account for default settings that
   worked in YAML that no longer work correctly in the native JSON
   format. In almost all these cases I think the resulting codes looks
   cleaner and is more explicit with regards to what is getting
   configured in hiera on the actual nodes.

Depends-On: I6a383b1ad4ec29458569763bd3f56fd3f2bd726b
Closes-bug: #1596373

Change-Id: Ibe7e2044e200e2c947223286fdf4fd5bcf98c2e1
2016-11-30 22:16:13 -05:00
Pradeep Kilambi
ea22134c72 Remove Combination alarms support
combination alarms are completely removed in Ocata.
Remove this from tripleo.

Change-Id: Iec2e26ebdaa108ddbb2cf45fc4b6c68023fb6ce0
2016-11-16 16:09:48 -05:00
Juan Antonio Osorio Robles
eb114773ac Enable internal TLS for aodh
This adds the necessary hieradata for enabling TLS in the internal
network for aodh.

bp tls-via-certmonger

Change-Id: I2ea160e3ac0775404d6ed302f475268d3a3031ef
Depends-On: I50ef0c8fbecb19d6597a28290daa61a91f3b13fc
2016-10-20 12:22:51 +03:00
Juan Antonio Osorio Robles
81576e9dd9 Enable proxy headers parsing for Aodh
http_proxy_to_wsgi middleware was recently added to Aodh [1] and
in order to take it into use, we need to enable it via hiera.

[1] If2ada8a94c8e1ceacd4509605b4cd766a78f71d5
Depends-On: I0981e152700ed4511b797011ebe18e857c1fed71
Related-Bug: #1590608

Change-Id: Ie9605ae1e5437f488802b03ca23a325866f0ceb5
2016-10-13 11:43:35 +03:00
Dan Prince
7ba5525207 Move db::mysql into service_config_settings
This patch movs the various db::mysql hiera settings into a
'mysql' specific service_config_settings section for each
service so that these will only get applied on the MySQL service
node. This follows a similar puppet-tripleo change where we
create the actual databases for all services locally on
the MySQL service node to avoid permission issues.

Change-Id: Ic0692b1f7aa8409699630ef3924c4be98ca6ffb2
Closes-bug: #1620595
Depends-On: I05cc0afa9373429a3197c194c3e8f784ae96de5f
Depends-On: I5e1ef2dc6de6f67d7c509e299855baec371f614d
2016-09-28 07:01:49 -04:00
Dan Prince
9d67d7b3b1 Move keystone::auth into service_config_settings
This patch moves the keystone::auth settings for all
services into the new service_config_settings section. This
is important because we execute the keystone commands via
puppet only on the role containing the keystone service
and without these settings it will fail.

Note that yaql merging/filtering is used here to ensure that
service_config_settings is optional in service templates,
and also that we'll only deploy hieradata for a given
service on a node running the service (the key in
the service_config_settings map must match the service_name
in the service template for this to work).

e.g the following will result in only deploying keystone: 123
in hiera on the role running the "keystone" service,
regardless of which service template defines it.

  service_config_settings:
    keystone:
      keystone: 123

Co-Authored-By: Steven Hardy <shardy@redhat.com>
Change-Id: I0c2fce037a1a38772f998d582a816b4b703f8265
Closes-bug: 1620829
2016-09-23 07:43:21 -04:00
Juan Antonio Osorio Robles
2fc2770529 Make apache-based services use network-dependent servername
Currently the servername is incorrectly set for the services running
over apache. It currently takes the default value which is just the
regular FQDN, when the services actually might be running on
different IPs that require alternative FQDNs.

This fixes that by filling that value from a fact in hiera that's
dependant on the service's network.

Closes-Bug: #1625677
Change-Id: Ib7ea5fd2d18a376eaa2f5a3fa5687cb9b719a8e2
2016-09-21 09:31:33 +00:00
Pradeep Kilambi
3d58b8c7c2 Expose parameter to enable combination alarms
The puppet-tripleo change for the same is merged
I9220b7d020dc8ed45dd6ca83ea9647efd67ea648

Change-Id: Ic5309ada98c78a15aa3a47dd94acb9e68eb25295
2016-09-14 12:15:25 +00:00
Martin Mágr
25ad7b8e1e Availability monitoring agents support
- adds possibility to install sensu-client on all nodes
- each composable service has it's own subscription

Co-Authored-By: Emilien Macchi <emilien@redhat.com>
Co-Authored-By: Michele Baldessari <michele@redhat.com>
Implements: blueprint tripleo-opstools-availability-monitoring
Change-Id: I6a215763fd0f0015285b3573305d18d0f56c7770
2016-08-31 09:22:59 -04:00
Dan Prince
e3cb92a5db Mv Nova, Neutron, Horizon out of controller.yaml
This patch moves the settings for Nova, Neutron, and Horizon
out of controller.yaml.

Also fixes the NovaPassword settings in nova-base.yaml
so they don't use get_input.

Also, creates a new apache.yaml base service to contain shared
apache settings for several services which use Apache for WSGI.

Co-Authored-By: Giulio Fidente <gfidente@redhat.com>

Change-Id: I35d909bd5abc23976b5732a2b9af31cf1448838e
Related-bug: #1604414
2016-08-30 08:59:07 -04:00
Dan Prince
dd9c8d6e9c Mv ceilo, aodh, and gnocchi out of controller.yaml
This patch moves the remaining hiera settings for
Ceilometer, Aodh, and Gnocchi out of controller.yaml
and into the respective composable services.

Change-Id: I01377aa5c121ecbb4a96b4f0525924c7bbf12198
Related-bug: #1604414
2016-08-25 20:27:11 -04:00
Emilien Macchi
b5a54bf985 Update authtoken parameters to match recent changes
Update authtoken parameters for:
- Aodh
- Ironic
- Manila
- Nova
- Ceilometer

Change-Id: Ie123b8da1a7af2e406aadca4775de9e8c4e6e1f5
2016-08-24 22:29:45 -04:00
Dan Prince
3b62761d2f Add DefaultPasswords to composable services
This patch adds a new DefaultPasswords parameter to
composable services. This is needed to help provide
access to top level password resources that overcloud.yaml
currently manages (passwords for Rabbit, Mysql, etc.).

Moving the RandomString resources into composable services
would cause them to regenerate within the stack. With this
approach we can leave them where they are while we deprecate
the top level mechanism and move the code that uses the
passwords into the composable services.

Change-Id: I4f21603c58a169a093962594e860933306879e3f
2016-08-18 12:45:30 -04:00
Giulio Fidente
885b37c80e Pass ServiceNetMap to services
This will be needed to pick the network where the service has
to bind to from within the service template.

Change-Id: I52652e1ad8c7b360efd2c7af199e35932aaaea8c
2016-08-18 12:36:18 -04:00
Pradeep Kilambi
7c502ce91d Add Aodh composable roles
Implements: blueprint composable-services-within-roles
Depends-On: Ie48a123cc5bc402aee635a5daf118b158c6f3b6a
Closes-Bug: #1601850

Change-Id: Ifcfe0e3937fa8577635d803d46c3dfc2e873e553
2016-08-05 17:06:08 -04:00