335 Commits

Author SHA1 Message Date
Zuul
1842528f14 Merge "Store ODL logs to file" 2018-07-06 13:34:01 +00:00
Zuul
cf77ea0ae0 Merge "Add networking-ansible ML2 plugin support" 2018-07-05 17:44:05 +00:00
Janki Chhatbar
223b9428f1 Store ODL logs to file
ODL is configured to log to console and then access the logs
via docker logs. Older logs are being deleted too fast. So
moving back to logging to file which is default setting in ODL
THT.
https://github.com/openstack/tripleo-heat-templates/blob/
master/puppet/services/opendaylight-api.yaml#L60

Change-Id: I29724cfb23e13c8293d1b7b4341cbd409ae1b7a6
Closes-Bug: 1779629
2018-07-02 10:35:25 +00:00
rabi
6d5b9ab421 Add networking-ansible ML2 plugin support
Depends-On: https://review.openstack.org/577074
Depends-On: https://review.openstack.org/576093

Change-Id: Ib0c2395fbabc654378101527ca065b5c69d3222d
2018-07-02 13:22:04 +05:30
Alex Schultz
db181732c6 Add SELinux management to containerized undercloud
In instack-undercloud we manage the selinux configuration during the
deployment. This change exposes the configuration as a new tripleo
service for selinux so we can configure it.

Change-Id: I2109bf62e307df92b6bdb57600c58dd61482f46d
Partial-Bug: #1779005
2018-06-28 09:12:30 -06:00
Emilien Macchi
0e0147732c Implement TripleoValidations composable service
Implement a service that will deploy TripleO Validations package and
user by using Puppet like we did with instack-undercloud. This service
will be included on the undercloud but disabled by default. We'll keep
the same interface in undercloud.conf to enable it or not so no change
for the end user.

Change-Id: Ida09f92010e31d952edd82b42a7fc20451537d42
2018-06-13 11:35:49 -07:00
Zuul
096cef093c Merge "Manage public certificate with ansible" 2018-06-01 17:37:48 +00:00
Cédric Jeanneret
59b762658d Manage public certificate with ansible
This is basically a rewrite of the bash script pushed by
puppet/extraconfig/tls/tls-cert-inject.yaml

UpgradeImpact: NodeTLSData is not used anymore

Change-Id: Iaf7386207e5bd8b336759f51e4405fe15114123a
2018-05-31 14:50:00 +02:00
Alex Schultz
f8d0edac5f Drop old ceilometer services
These were needed for FFU to Queens so we should remove them for Rocky.

Change-Id: I0e24d19cd17d35644fa02e989fa9ef592195b9f1
2018-05-29 20:51:07 +00:00
Zuul
161156d750 Merge "NFV: Support for config-download to deploy node with kernel args" 2018-05-29 18:52:58 +00:00
Saravanan KR
a3e4a90636 NFV: Support for config-download to deploy node with kernel args
For NFV deployments, specific kernel args should be applied and
the nodes should be restarted before running the NetworkDeployment.
It is supported in the heat deployment via PreNetworkConfig. In the
config-download mechanism, ansible steps need to be improved
to handle the reboot and wait for the node.

Change-Id: I43b383ad0e04b8be6c321f8c5b05e628b2520141
2018-05-15 11:01:06 +05:30
Alex Schultz
64bc4a7683 Remove undercloud specific service definitions
Since we're aligning the overcloud/undercloud and we've switched to
containerization it, we should reuse the same heat services rather than
duplicating the services with the Undercloud definition.

Depends-On: Ic7dba7e548f85574cce2db23e3fec5c8ea761bb7
Change-Id: I497597a47533375f34a22a56e2e9a145d9393358
Related-Blueprint: containerized-undercloud
2018-05-09 21:33:20 +00:00
Hamdy Khader
afcf2c71e3 Add support for NVMeOF cinder backend
Change-Id: I2ee3b44fc4a7bede635b0bfcacd1dab8547d123a
2018-05-07 15:45:42 +03:00
Zuul
7eb4eafae6 Merge "Add an openshift-cns service" 2018-05-01 09:25:09 +00:00
Zuul
24b4c1ecbd Merge "Switch remaining env files to containers defaults" 2018-04-27 11:22:23 +00:00
Bogdan Dobrelya
041251d473 Switch remaining env files to containers defaults
Mark regular non-containerized services with FIXME
to be switched, once it is containerized

Do not mark yet an external/backend/plugin/host-config
related puppet services templates with that FIXME

Mark puppet/services/ceph- related templates as TODO
switch it to containerized ceph-ansible eventually, maybe.

Change-Id: Ib9fbad05eeb57dc641499fbf411cb5870da7a8e9
Signed-off-by: Bogdan Dobrelya <bdobreli@redhat.com>
2018-04-26 23:45:01 +00:00
James Slagle
f44e8d7bd2 Switch to config-download by default
Updates overcloud-resource-registry.j2.yaml to include the mappings from
enviornments/config-download-environment.yaml. This enables
config-download by default. The environment to explicitly enable
config-download is deprecated.

An environment at environments/disable-config-download.yaml is added
which can be used to disable config-download but is marked as
deprecated.

Change-Id: I8389a0c48e1aa610fdc6a8580516889340883034
implements: blueprint config-download-default
2018-04-25 09:42:13 -04:00
Zuul
cfc4126af2 Merge "No-op Mistral workflow resources for update/upgrade/ffwd" 2018-04-25 04:53:30 +00:00
Zuul
822bd996b3 Merge "Support separate oslo.messaging services for RPC and Notification" 2018-04-25 04:43:46 +00:00
Zuul
784145857d Merge "Add environment file for Mellanox SDN" 2018-04-23 17:11:52 +00:00
Jiri Stransky
19be98ba07 No-op Mistral workflow resources for update/upgrade/ffwd
So far we haven't been disabling workflows for update/upgrade. We
should disable them by default as they could have the potential to
disrupt the update/upgrade/ffwd procedure.

The main example of a thing we deploy via the workflow resources is
Ceph. We decided no-opping ceph-ansible for the main
update/upgrade/ffwd upgrade steps is the safest path forward and we'll
update/upgrade Ceph it after the main procedure is finished.


Change-Id: I34c7213ab7b70963ad2e50f7633b665fad70bde5
2018-04-23 10:47:58 +00:00
Andrew Smith
78bc457585 Support separate oslo.messaging services for RPC and Notification
This commit introduces oslo.messaging services in place of a single
rabbitmq server. This will enable the separation of rpc and
notifications for the continued use of a single backend (e.g.
rabbitmq server) or a dual backend for the messaging communications.

This patch:
* add oslo_messaging_rpc and oslo_messaging_notify services
* add puppet services for rpc and notification
  (rabbitmq and qdrouterd servers)
* add docker services to deploy rpc (rabbitmq or qdrouterd)
  and notify (rabbitmq or shared)
* retains rabbit parameters for core services
* update resource registries, service_net_map, roles, etc.
* update ci environment container scenarios
* add environment generator for messaging
* add release note

Depends-On: Ic2c1a58526febefc1703da5fec12ff68dcc0efa0
Depends-On: I154e2fe6f66b296b9b643627d57696e5178e1815
Depends-On: I03e99d35ed043cf11bea9b7462058bd80f4d99da
Needed-By: Ie181a92731e254b7f613ad25fee6cc37e985c315
Change-Id: I934561612d26befd88a9053262836b47bdf4efb0
2018-04-22 04:33:44 +00:00
Flavio Percoco
e200974421 Add an openshift-cns service
This service file allows for enabling CNS in an OpenShift deployment.
It works as a tagging service and the rest of the configs are applied in
the openshift-master service file.

Note that the disks used can be specified as follows:

parameter_defaults:
  OpenShiftGlusterDisks:
    - /dev/sdb

Or per-role like:

parameter_defaults:
  OpenShiftMasterParameters:
    OpenShiftGlusterDisks:
      - /dev/sdb
  OpenShiftWorkerParameters:
    OpenShiftGlusterDisks:
      - /dev/sdc

Change-Id: I92972d89ee7edf2ff211e88c6e0758628c3018a2
2018-04-20 17:27:14 +02:00
Hamdy Khader
e4c1531a42 Add environment file for Mellanox SDN
Depends-On: I805bdfc6f2bed8f998f73d3e17a4c2ab493f5717
Change-Id: I2a8f66b2f3b2f5e9eb3542bd7a1ab7bb4d1ba90d
2018-04-18 17:20:28 +03:00
Carlos Goncalves
9526cef547 Containerize Neutron LBaaS service plugin
Change-Id: I68e5ca5a78a2bd08082a494b636c6e2debb6bbae
2018-04-18 10:53:48 +02:00
Zuul
628cd0e390 Merge "Add Ironic Networking Baremetal Templates" 2018-04-18 05:52:20 +00:00
Emilien Macchi
d86025593b Handle undercloud upgrades via host_prep_tasks
Using host_prep_tasks interface to handle undercloud teardown before we
run the undercloud install.
The reason of not using upgrade_tasks is because the existing tasks were
created for the overcloud upgrade first and there are too much logic
right now so we can easily re-use the bits for the undercloud. In the
future, we'll probably use upgrade_tasks for both the undercloud and
overcloud but right now this is not possible and a simple way to move
forward was to implement these tasks that work fine for the undercloud
containerization case.

Workflow will be:
- Services will be stopped and disabled (except mariadb)
- Neutron DB will be renamed, then mariadb stopped & disabled
- Remove cron jobs
- All packages will be upgraded with yum update.

Change-Id: I36be7f398dcd91e332687c6222b3ccbb9cd74ad2
2018-04-12 18:14:28 -07:00
Harald Jensas
5203e43979 Add Ironic Networking Baremetal Templates
Ironic neutron agent will be installed on controller nodes, or
networker nodes, when environments/services/ironic.yaml or
environments/services-docker/ironic.yaml is used.

It should also be enabled on undercloud.

Also enables ``baremetal`` ML2 mechanism driver on undercloud.

Depends-On: Ic1f44414e187393d35e1382a42d384760d5757ef
Depends-On: I3c40f84052a41ed440758b971975c5c81ace4225
Change-Id: I0b4ef83a5383ff9726f6d69e0394fc544c381a7e
2018-04-12 23:59:34 +02:00
Zuul
0b45e404cb Merge "Update OS::TripleO::Services::ComputeNeutronCorePlugin for containers" 2018-04-12 18:11:44 +00:00
Zuul
95761ae6f1 Merge "Designate Integration" 2018-04-10 20:44:18 +00:00
Emilien Macchi
f35c417804 Update OS::TripleO::Services::ComputeNeutronCorePlugin for containers
Neutron ML2 plugin has been containerized, we need to switch
ComputeNeutronCorePlugin to use the containerized service in THT for the
Neutron ML2 plugin, otherwise Neutron will be configured on the host and
not in the container.

Change-Id: I744cde656cc827762b13995d05f8881d4da2b5b8
Closes-Bug: #1762504
2018-04-09 11:39:27 -07:00
Juan Antonio Osorio Robles
1877ef80be Default NodeTLSData to always attempt setting TLS cert
This is part of enabling TLS by default. It'll be needed in order to get
the certificate injection to work.

Needed-By: I3d3cad0eb1396e7bee146794b29badad302efdf3
Change-Id: I25e35ad1e4f12eb4cca7a0cd3e120e70e4a8c564
2018-04-09 07:46:45 +03:00
Juan Antonio Osorio Robles
7414edfee7 Default CertmongerUser to be defined for undercloud setup
In instack-undercloud we're defaulting the certmonger_user puppet setup
to be always included [1]. This is because we want it to setup the local
CA, even if it doesn't set up any certificates. We want the same for the
containerized undercloud.

[1] https://review.openstack.org/#/c/558768

Change-Id: I4ec27755de82b9ced9144c27089eba33b36cb17f
2018-04-09 07:46:41 +03:00
hanish gogada
8f24db876c Added Liquidio service definition in overcloud puppet registry
LiquidioCompute nodes use OS::TripleO::Services::LiquidioCompute
to apply necessary configuration. This service declaration is
currently missing in overcloud puppet service registry file.
Without this declaration, respective role can not be used.

Change-Id: I17af0945feb5be2450dbcd4f29f861d57d2db205
Closes-Bug: 1760544
2018-04-02 11:40:15 +05:30
Zuul
1e2cdd60aa Merge "Support SshKnownHostsDeployment with config-download" 2018-03-29 21:45:09 +00:00
Zuul
5f830340b1 Merge "Implement MasqueradeNetworks services" 2018-03-29 02:58:18 +00:00
Ben Nemec
c45d027c43 Designate Integration
Change-Id: I1ddefb7b6a6e1c7b0b76589b9f8f1b99776d39e8
Depends-On: I115090679bd2577cdc3998ab3cc97f9581e5e18a
bp designate-support
2018-03-27 15:45:39 +00:00
Emilien Macchi
04b898d0c1 Implement MasqueradeNetworks services
To port what has been done in instack-undercloud, we need a new service
to manage IPtables rules when we need to redirect network through the
undercloud via masquerading.
It was done in instack-undercloud via bash, it'll now be done in THT via
a service, disabled by default and that will be activated in CI when
deploying with a containerized undercloud.

Co-Authored-By: Thomas Herve <therve@redhat.com>
Depends-On: Ic9a2626e73d132c3be7ff14a1f4cdba0c16c5b53
Change-Id: I93ff9a3bebcec1bc7ee188f9ec00feafca2c5117
2018-03-27 17:22:02 +02:00
Jiri Stransky
d9e4d838aa Allow stacks to remove old update resources
Change I6c5eafe76eb53bc38d100a9ba132dd8fe6dd2d5f removed old
update-related resources, but it seems that we need to do such removal
in two steps to allow smooth transition for existing stacks: first
remove them from the stack, and only then completely remove the
mapping from resource registry. If we try to do both at the same time,
we get:

ERROR: The Resource Type (OS::TripleO::Tasks::UpdateWorkflow) could
not be found.

So we'll need to keep these resource registry entries around (even
though mapped to OS::Heat::None) for the Rocky cycle still. They can
be removed in S.

Change-Id: I866e659bd373dfb2816508165b7f3abb9580e2d0
Closes-Bug: #1758014
2018-03-22 12:03:38 +01:00
Zuul
e4af98144c Merge "Remove registry special casing which no longer has any effect" 2018-03-20 15:21:45 +00:00
Zuul
3eb0c62e47 Merge "Remove unused minor update code" 2018-03-19 12:34:21 +00:00
James Slagle
088d5c12f0 Support SshKnownHostsDeployment with config-download
Add support for the SshKnownHostsDeployment resources to
config-download. Since the deployment resources relied on Heat outputs,
they were not supported with the default handling from tripleo-common
that relies on the group_vars mechanism.

Instead, this patch refactors the templates to add the known hosts
entries as global_vars to deploy_steps_playbook.yaml, and then includes
the new tripleo-ssh-known-hosts role from tripleo-common to apply the
same configuration that the Heat deployment did.

Since these deployments no longer need to be triggered when including
config-download-environment.yaml, a mapping is added that can be
overridden to OS::Heat::None to disable the deployment resources when
using config-download.

The default behavior when not using config-download remains unchanged.

Closes-Bug: #1746336
Change-Id: Ia334fe6adc9a8ab228f75cb1d0c441c1344e2bd9
2018-03-19 07:50:06 -04:00
Zuul
7c466fb751 Merge "docker: add support for TripleO UI" 2018-03-17 11:38:01 +00:00
Zuul
e210a7a0e0 Merge "Add novajoin service" 2018-03-17 05:50:55 +00:00
Zuul
0da17202ec Merge "Add support for Dell EMC XtremIO Cinder ISCSI Backend" 2018-03-16 01:18:44 +00:00
Honza Pokorny
7cbe28b5ef docker: add support for TripleO UI
Co-Authored-By: Martin André <m.andre@redhat.com>
Co-Authored-By: Dan Prince <dprince@redhat.com>
Co-Authored-By: Emilien Macchi <emilien@redhat.com>
Partially-Implements: bp tripleo-ui-undercloud-container
Change-Id: I1109d19e586958ac4225107108ff90187da30edd
2018-03-15 23:43:17 +01:00
Zuul
e01a9a3de9 Merge "Remove the heat upgrade steps for Q upgrade workflow" 2018-03-15 22:02:59 +00:00
Jiri Stransky
a782462a1a Remove unused minor update code
Since Pike, minor updates are done via the composable services
framework. The old shell script approach hasn't been used/tested for 2
releases now, and should be dropped.

Also drop the UpdateWorkflow interface. Before we started doing
upgrades via Ansible, we used this pluggable resource interface to
perform oneshot operations like migrations to WSGI or AODH
services. Nowadays this interface is not referenced from anywhere and
we'd probably rather do similar operations via Ansible tasks.

Change-Id: I6c5eafe76eb53bc38d100a9ba132dd8fe6dd2d5f
2018-03-15 18:27:14 +01:00
Juan Antonio Osorio Robles
781e1b2b4c Add novajoin service
This adds the relevant templates to enable novajoin in a containerized
undercloud environment. Note that this is not meant for the overcloud
(yet), and since there are several limitations that need to be addressed
first. This is meant for the containerized undercloud.

Depends-On: Iea461f66b8f4e3b01a0498e566a2c3684144df80
Depends-On: Ia733b436d5ebd0710253c070ec47a655036e0751
Depends-On: I554125fd6b48e620370f9e3a6061bbdc1d55b0ae
Change-Id: I3aad8a90816e6fc443f20579f6ac7ad4f35eafcb
2018-03-14 13:55:16 +00:00
Chandan Kumar
38387ada75 Added t-h-t for tempest container
It adds a fake tempest service in order to make tempest
container available on undercloud.

Change-Id: If580292572ee5a11a41f68752a6ffe8a99f066e7
2018-03-12 06:42:15 +00:00