This change combines the previous puppet and docker files into a single
file that performs the docker service installation and configuration.
With this patch the baremetal version of cinder services has been removed.
Change-Id: I88f047a8ee9c3eed80e4c48ed9cabdb3035d518b
Related-Blueprint: services-yaml-flattening
Added support for setting the Barbican option
always_set_cka_sensitive. The option defaults to true as
needed by Safenet HSMs. It is set to false in the ATOS
and Thales HSM environments.
Change-Id: If3fa975e8243dfe30ef67ec81db891943a94a9d5
Story: 2004734
This change combines the previous puppet and docker files into a single
file that performs the docker service installation and configuration.
With this patch the baremetal version of sahara services has been removed.
Change-Id: I5a555155c881e0e92acc3ebba7b844abdd686e6e
Related-Blueprint: services-yaml-flattening
This change combines the previous puppet and docker files into a single
file that performs the docker service installation and configuration
for all heat services.
With this patch the baremetal version of each heat service has been removed.
Change-Id: I5d639135b19b8fabfaa8beac54ae0dfc48f070f9
Related-Blueprint: services-yaml-flattening
This changes moves docker services from puppet to deployment directory.
Change-Id: I11a34708ee91f5b5928d7c647c83e95ca1b01cae
Related-Blueprint: services-yaml-flattening
This adds support for configuring horizon for WebSSO when keystone
federation with OpenID Connect is enabled. This patch just exposes
some new parameters to use puppet-horizon for configuration. The
sample environment file for OpenID Connect federation is also updated
to use the new parameters. Some of the sample defaults were updated
to more closely match the URLs that horizon expects.
Change-Id: I7c3ee6b54cc0c9653742c3ce1de60b2851d1fe68
This change combines the previous puppet and docker files
into a single file that performs the docker service installation
and configuration. With this patch the baremetal version of
keystone has been removed.
Related-Blueprint: services-yaml-flattening
Change-Id: I6140b02ad1ab6d88990e173dcf556977f065b3c5
Change I68e064d23ec5d43f59146d974cae604d2c5fdb52 makes
NetCidrMapValue a list of ip networks.
The designate service configures the dns backend security
to contol from wich addresses updates are allowed. We
should use the list of cidr's associated with the
DesignateApiNetwork to allow all nodes in the network to
remotely control the nameserver.
Partial: blueprint tripleo-routed-networks-templates
Change-Id: I5c5cd51c8f127e8879c5528883c3abd261f4a5b3
Change I68e064d23ec5d43f59146d974cae604d2c5fdb52 makes
NetCidrMapValue a list of ip networks.
Pass the list of cidr's from the ApacheNetwork entry in
the cidr map to 'apache::mod::remoteip::proxy_ips:'.
Partial: blueprint tripleo-routed-networks-templates
Change-Id: Ieb6aff9889136f0ccbec32e36b46140aa7826019
Prior to routed networks we only had one subnet per network.
With routed networks each network can have multiple subnets.
The NetCidrMapValue should contain a list storing the cidr
of each subnet for each network.
Ceph:
list_join is used to make a comma separated list of
cidrs for public_network, monitor_address_block,
cluster_network and radosgw_address_block.
Partial: blueprint tripleo-routed-networks-templates
Depends-On: Ia8e219b30d4f8b199b882e95fe2834252a92c15a
Depends-On: I1ace0a02e6aa2610559fee0d8576e6f1bc98d699
Change-Id: I68e064d23ec5d43f59146d974cae604d2c5fdb52
MongoDB support was stopped in Pike, it is not used anywhere now.
Therefore, in Stein are removing it to clean things up.
Change-Id: I4ec8f35b1dd71c25cfb41cc54105ac743ef67745
Currently, heat templates will expect “OctaviaFlavorId” value to
"number". But, if a user specifies alphanum value, the deployment
fails. Hence, updating datatype of "OctaviaFlavorId" to "string"
Closes-Bug: #1810415
Change-Id: I9f1c8c5df61f3070a3df404e9f726ed40f138431
Many services currently set an `is_bootstrap_node` fact, meaning they
override each other's results when the fact is being set. As long as
the fact doesn't belong into a particular step but it's executed on
every step, nothing bad happens, as the correct is_bootstrap_node
setting directly precedes any service upgrade tasks. However, we
intend to put the fact setting into step 0 in change
Ib04b051e8f4275e06be0cafa81e2111c9cced9b7 and at that point the name
collision would break upgrades (only one service would "win" in
setting the is_bootstrap_node fact).
This patch changes the is_bootstrap_node facts in upgrade_tasks to use
per-service naming.
Note that fast_forward_upgrade_tasks use their own is_boostrap_node
logic. We've uncovered some weirdness there while looking into the
is_boostrap_node issue, but the fix is not a low hanging fruit and
likely we'll be completely redoing the FFU tasks for Q->T
upgrade. So the FFU tasks are left alone for now.
Change-Id: I9c585d3cb282b7e4eb0bacb3cf6909e04a9a495e
Closes-Bug: #1810408
This will be the parameter controlling the ports
for the Keystone WSGI vhost in Apache when this [1]
rework is done.
This is to make sure Keystone is still deployed
with both ports in TripleO until it's moved over.
[1] https://review.openstack.org/#/c/619257/
Change-Id: I1c69b27adf450489290a9f8b64f533de1cb28d8b
Some parameters have been deprecated in puppet-manila
Whereas we are picking up deprecated parameters, it's good
that we fix this already here as well.
Change-Id: I29df069bd90eacdd01c9c600cfaebce22fe15731
Depends-On: I745a170ac4458a3f13efc255fc37540a11b54274
Partial-Bug: #1802393
Change: I11e38f82eb9040f77412fe8ad200fcc48031e2f8 introduced mtu
property for composable networks. This change set the MTU of the
Tenant network as the global_physnet_mtu for neutron, unless the
NeutronGlobalPhysnetMtu is overridden. The default MTU used if
no MTU is defined for the Tenant network is 1500. (The same
default was previously used for the NeutronGlobalPhysnetMtu
parameter.)
Change-Id: I5e60d52ad571e1cdb3b82cd1d9947e33fa682bf8
Adds support for the Thales and ATOS client software.
Change-Id: I79f8608431fecc58c8bdeba2de4a692a7ee388e9
Co-Authored-By: Douglas Mendizabal <dmendiza@redhat.com>
Currently when nova launches a guest instance, libvirt uses
current default KVM/QEMU machine type for guest.
If compute node is running on RHEL-7.3.0, then the guest will
be given rhel-7.3.0 machine type. If in future, deployment has
added additional compute nodes which uses a newer RHEL version,
the guests launched on those compute nodes will get a newer
machine type. eg. rhel-7.4.0
It is now impossible to migrate guests from RHEL-7.4 based compute
nodes to a RHEL-7.3 based compute nodes, since RHEL-7.3 won't
know about RHEL-7.4 machine type.
To deal with this problem, the proposed change will explicitly
set machine type across all compute nodes during deployment.
Now even if additional compute nodes are added to deployment with
newer OS version, instances spawned on those will get the default
machine type explicitly set during initial deployment,
allowing migrating instances from higher machine type compute
nodes to lower machine type compute nodes.
Closes-Bug: 1806529
Change-Id: Ib57bfbb94e2acdfb3bb3a828ee3b085bf68d3b4c
This change realigns the sshd baremetal puppet service yaml config
files into a common hierachy as with the rest of this blueprint.
This change also removes container functionality, since this was a
temporary measure to proxy live-migration connections from
non-containerized to containerized compute nodes during upgrade.
Change-Id: I87e112a0f1973fa3b0e959777e00071c2bbf7c9c
Related-Blueprint: services-yaml-flattening
This change combines the previous puppet and docker files into a single
file that performs the docker service installation and configuration.
Depends-On: https://review.rdoproject.org/r/#/c/16994/
Change-Id: If051277041d23641c92a1f370f08a521a4bb7a12
Related-Blueprint: services-yaml-flattening