3891 Commits

Author SHA1 Message Date
Rabi Mishra
b450b3aa39 Set hierdata for swift server workers conditionally
If not set, it would use the default os_workers fact instead of 'auto'
and limit the number of worker processes.

Change-Id: I69f51bb38f1307cf4b750e5ffb394eb215df1d9e
2018-10-23 15:29:02 +00:00
Alan Bishop
dc2d0de810 Add parameters for cinder storage availability zones
Add CinderStorageAvailabilityZone parameter that configures
cinder's DEFAULT/storage_availability_zone. The default value
of 'nova' matches cinder's own default value.

Add several CinderXXXAvailabilityZone parameters, where XXX is
any of the cinder volume service's storage backends. The
parameters are optional, and when set they override the
"backend_availability_zone" for the corresponding backend.

Implements: blueprint split-controlplane-cinder-volume-az
Depends-On: Ic407b747474b567858ad36beabc8a7d8c5022343
Change-Id: Idb035bf112cbab41547bd89935df4c175bf665f4
2018-10-23 09:18:53 -04:00
Zuul
83a2d262b6 Merge "Dell EMC Sc: Add support for excluded_domain_ips" 2018-10-23 06:30:15 +00:00
Zuul
61c63e779e Merge "Support for libvirt volume multipath" 2018-10-23 06:14:51 +00:00
Zuul
df431ad344 Merge "Implements: liquidio-containerization" 2018-10-23 04:07:49 +00:00
rajinir
983920efba Support for libvirt volume multipath
Adds support for libvirt volume_use_multipath the ability to
use multipath connection of the iSCSI or FC volume.
Volumes can be connected in the LibVirt as multipath devices.
Adds new parameter NovaLibvirtVolumeUseMultipath.

Change-Id: I18a030a445de652fbc492029afec6558a9661857
2018-10-22 09:20:00 +01:00
Zuul
3b68405f5a Merge "Name unnamed tasks" 2018-10-20 08:01:49 +00:00
Zuul
319da5f77e Merge "Add nova file_backed_memory and memory_backing_dir support for qemu.conf" 2018-10-19 18:55:40 +00:00
Zuul
2027b1af8c Merge "Use nova_api DB for [placement_database] -> connection" 2018-10-19 02:29:06 +00:00
Zuul
43b4393475 Merge "Revert "Convert *tasks from bootstrap_nodeid to short_bootstrap_node_name"" 2018-10-19 01:53:23 +00:00
Marios Andreou
3cbaadd09c Revert "Convert *tasks from bootstrap_nodeid to short_bootstrap_node_name"
This reverts commit 52c1641e2c3ad5caeb70fc8a09f29eba6fe5b53d due to the related bug below

Change-Id: I3f6d8adae1918d1d55fdecc09fed5e4b45ee46b9
Related-Bug: 1798525
2018-10-18 07:20:45 +00:00
Zuul
84754fb794 Merge "Remove artificial constrains around notification drivers" 2018-10-17 21:20:04 +00:00
Juan Badia Payno
69626cc3a6 Added all keystone log files to fluentd
Add all the keystone log files to fluentd, so
fluentd is aware of all the keystone log files

Added the new parameters to the exclusion ones

Depends-On: Ifd5fbf6509addf4a564ff83c4551525c9a139ff4
Depends-On: Id1d58637967ffb0e9bd0a83c3cbca699432f5378
Change-Id: I48c957496f7fb36d2128c545d5bcd1499e9e9bf6
2018-10-17 15:29:36 +02:00
Zuul
58f6604f47 Merge "Remove unused tls-cert-inject.yaml template" 2018-10-17 11:56:50 +00:00
Zuul
2b10c2d54c Merge "Convert *tasks from bootstrap_nodeid to short_bootstrap_node_name" 2018-10-17 11:56:48 +00:00
Zuul
50eb9cfc90 Merge "Exposing NeutronDhcpOvsIntegrationBridge" 2018-10-17 07:43:10 +00:00
Michele Baldessari
f5ba55bd84 Remove artificial constrains around notification drivers
According to
https://docs.openstack.org/newton/config-reference/config-format.html we
can have a list of notification drivers like:
driver = messaging
driver = log

Let's not impose extra limitation in THT as folks might want special
notifications setups.

Change-Id: I873574944af237e1ff998f0e9b9b261c53c46f54
Closes-Bug: #1795026
2018-10-16 07:14:55 +00:00
Steve Baker
8fe38fb7ed Standardize path to prepare log file
This change makes the default ContainerImagePrepareLogFile be
/var/log/tripleo-container-image-prepare.log for both undercloud and
overcloud deploy.

Previously, undercloud prepare logged to $HOME/install-undercloud.log
and overcloud prepare logged to
$(pwd)/tripleo-container-image-prepare.log.

With this change, both will be logged to
/var/log/tripleo-container-image-prepare.log

Depends-On: Id4b776de808ea329a299430078c6f3efdb604e02
Change-Id: Icd3c5d612a9c42d1d3d8e374f10eb56d5737d516
Closes-Bug: #1789871
2018-10-14 12:53:44 +00:00
Carlos Goncalves
66f9c304db Add metadata_settings to Octavia and Glance APIs
Internal TLS works fine if one deploys the API services in the
controller. Once one moves the service away from the controller, the
appropriate service principals won't be created.

Closes-Bug: #1795923
Change-Id: I6e8555fbc90fa0369aae37a7ad19eafc7b4a198a
2018-10-13 11:18:14 +00:00
Zuul
cac9d17663 Merge "Remove references to logging_source" 2018-10-13 09:06:39 +00:00
Zuul
e57af5bd92 Merge "Add nova-scheduler worker support" 2018-10-12 23:06:15 +00:00
Zuul
f122c5f3be Merge "Add provision to specify java arguments to ODL" 2018-10-12 15:58:29 +00:00
Steven Hardy
52c1641e2c Convert *tasks from bootstrap_nodeid to short_bootstrap_node_name
The current approach has several disadvantages:
- Requires shelling out to the hiera CLI, and is coupled to the puppet hieradata
- The bootstrap_nodeid is only unique per Role, not per service, so if you
  deploy a service spanning more than one role it will evaluate true for
  every role, not only once.

Instead lets use the per-service short_bootstrap_node_name, which is
available directly via the ansible inventory now ref
https://review.openstack.org/#/c/605046/

This is the first part of a cleanup for inconsistent handling of
bootstrap node evaluation, triggered by bug #1792613

Change-Id: Iefe4a37e8ced6f4e9018ae0da00e2349390d4927
Partial-Bug: #1792613
Depends-On: Idcee177b21e85cff9e0bf10f4c43c71eff9364ec
2018-10-12 11:12:25 +01:00
Steven Hardy
b278f6c476 Remove unused tls-cert-inject.yaml template
This is no longer handled as the TLS handling tasks were converted
to ansible, and in the context of this series we need to remove it
because it references bootstrap_nodeid

Partial-Bug: #1792613
Change-Id: Ib32177b116f148f007574847320566e32240cf96
2018-10-12 11:12:25 +01:00
Zuul
77e4ee3a8e Merge "Add posibilities to set tunnel_csum in ovs agent" 2018-10-11 15:54:59 +00:00
Ben Nemec
db478c1a05 Set correct project name for designate-neutron integration
The puppet module defaults to 'services', but we actually call it
'service'.

Change-Id: I4342558b6113d84a0735aebc65e136ae750ede81
2018-10-11 15:15:16 +00:00
Ben Nemec
f0b415d2f9 Add /v2 suffix to Designate uris
Neutron integration requires the versioned endpoint.  The Keystone
catalog value still needs to be unversioned though or Tempest
explodes.

Change-Id: I705208e3ef8a9e2e86b82b721bc87a45b6f4e36d
2018-10-11 15:15:16 +00:00
Zuul
cab8cd5556 Merge "Tag container image prepare tasks to allow running them for updates/upgrades" 2018-10-10 16:30:37 +00:00
Martin Schuppert
f290a92533 Use nova_api DB for [placement_database] -> connection
With OOO we configure a separate DB for placement for the undercloud and
overcloud since the beginning.
But the placement_database config options were reverted with
https://review.openstack.org/#/c/442762/1 , which means so far even if
the config option was set, it was not used. With rocky the options were
introduced again which is not a problem on a fresh installed env, but on
upgrades from queens to rocky.
We should use the same DB for both fresh deployments on and upgrades to
rocky before we switch to the new DB as part of the extraction of placement.

Closes-Bug: #1797119

Change-Id: I6eb8cb62d337fa4f6e6542391de251519e246923
2018-10-10 16:00:29 +02:00
Alex Schultz
88b7347fd6 Add nova-scheduler worker support
Rocky added nova-scheduler worker support so we need to be able to
configure (and tune it) as necessary.

Change-Id: Idd702e01b67a2f25eb621d1251e8457ea376f51b
Closes-Bug: #1796933
2018-10-09 11:00:51 -06:00
hanish gogada
a800ee0c11 Implements: liquidio-containerization
Modified heat templates to add support for containerization for
Liquidio compute service. Fixed a issue in the ProviderMappings
in Liquidio heat templates.

Depends-On: Ice2baafae2fb1011e16d83c83b5c85f721f6d679
Change-Id: Id4c754f402091e17a974972408919332aa06cd11
2018-10-09 12:10:02 +05:30
sunnyve
973395d4a6 Exposing NeutronDhcpOvsIntegrationBridge
Using this, users can assign already available parameter
ovs_integration_bridge in dhcp_agent.ini

Change-Id: I45cc0032ebaaab7022e8a692ecd63045fe08eea2
2018-10-08 16:58:02 -04:00
Zuul
535fce237c Merge "Use valid_interfaces instead of os_interface for placement" 2018-10-08 19:49:28 +00:00
Zuul
7fd52ebcc4 Merge "ironic: enable noop management interface by default" 2018-10-08 16:13:50 +00:00
Juan Antonio Osorio Robles
cb3c72f37d Remove references to logging_source
This has been unused for a while, and even deprecation was scheduled
(although the patch never merged [1]). So, in order to stop folks
getting confused with this, it's being removed.

[1] https://review.openstack.org/#/c/543871/

Change-Id: Iada64874432146ef311682f26af5990469790ed2
2018-10-08 13:43:47 +03:00
Janki Chhatbar
865e8b574c Add provision to specify java arguments to ODL
Java options like heap size configuration needs
tweaking for large scale deployments. Allow
customizing those values from TripleO.

puppet-opendaylight will configure these values
in ODL. Corresponding puppet-opendaylight patch is
https://git.opendaylight.org/gerrit/#/c/68491

Change-Id: I99e08314dedfcc71a776423ac3c6c282237cc0c2
Closes-Bug: #1794073
2018-10-08 10:32:36 +05:30
Zuul
6adc2f3f85 Merge "Add config option for ODL IPv6 deployment" 2018-10-07 23:11:50 +00:00
Zuul
474b252358 Merge "ceilometer: Use new archive policies" 2018-10-07 09:06:33 +00:00
Michele Baldessari
c2139a7db2 Fix TLS when using a containerized undercloud
Since we moved to containerized UC, TLS Everywhere deployments are broken.
Namely we miss two things:

A. The NAT iptables rule for the nova metadata service to be reachable
B. The setting 'service_metadata_proxy=false' needs to be set for nova
   metadata otherwise the curl calls to setup ipa will fail with the
   following:
[root@overcloud-controller-0 log]# curl http://169.254.169.254/openstack/2016-10-06
<html>
 <head>
  <title>400 Bad Request</title>
 </head>
 <body>
  <h1>400 Bad Request</h1>
  X-Instance-ID header is missing from request.<br /><br />
 </body>
</html>

A. Is fixed by adding a conditional iptables rule that is only triggered
   when deploying an undercloud (where we set MetadataNATRule to true)

B. Is fixed by setting NeutronMetadataProxySharedSecret to '' on the
   undercloud and then setting the corresponding hiera keys only when
   the parameter != ''. We tried alternative simpler approaches like
   setting NeutronMetadataProxySharedSecret to null but that will break
   heat as the parameter is required and setting it to null breaks heat
   validation (we also tried to make the parameter optional with a
   default: '', but that broke as well)

While we're at it we also remove the neutron metadata service from the
undercloud as it is not needed.

Tested by deploying an undercloud with this change and observing:
A.
Chain PREROUTING (policy ACCEPT 106 packets, 6698 bytes)
 pkts bytes target     prot opt in     out     source               destination
    0     0 REDIRECT   tcp  --  br-ctlplane *       0.0.0.0/0            169.254.169.254      multiport dports 80 state NEW /* 999 undercloud nat ipv4 */ redir ports 8775

B.
grep -ir ^service_metadata_proxy /var/lib/config-data/puppet-generated/nova/etc/nova/nova.conf
service_metadata_proxy=False

Also a deployment of a TLS overcloud was successful.

Change-Id: Id48df6db012fb433f9a0e618d0269196f4cfc2c6
Co-Authored-By: Martin Schuppert <mschuppe@redhat.com>
Closes-Bug: #1795722
2018-10-06 13:25:18 +00:00
Janki Chhatbar
53b2cc0b56 Add config option for ODL IPv6 deployment
Add a flag to specify which IP version to
deploy ODL on via Puppet-ODL.

Change-Id: Idd257cf4666b853eb4c52861f9f400b6dbdeeadb
Closes-Bug: #1783196
2018-10-05 07:49:51 +00:00
Juan Antonio Osorio Robles
f4b4a33860 Use valid_interfaces instead of os_interface for placement
os_interface is deprecated, we should switch.

Change-Id: I911576df939e6bc957f6c4422792d66a540129b6
2018-10-04 16:01:02 +03:00
Juan Antonio Osorio Robles
f2e72352b1 Fix placement region setting
We were using a deprecated interfce to set this value. This uses the
correct one.

Closes-Bug: #1793665
Change-Id: Ib7717911aba3267f855ac6682b0144bfe92034fb
2018-10-04 15:58:50 +03:00
Zuul
5c3ed37336 Merge "Configure http/https on OVN Metadata service to talk to Nova" 2018-10-03 19:30:17 +00:00
Jiri Stransky
580fb660df Tag container image prepare tasks to allow running them for updates/upgrades
Updates/upgrades workflow must not run during `upgrade prepare` or
`upgrade run`, but during `upgrade run` we need to have the images
available. So the intention is to run `external-upgrade run --tags
container_image_prepare` between `upgrade prepare` and `upgrade run`.

The situation is analogical for `update` and `external-update`
commands.

Change-Id: I49de9a41c62204ab7cd835fec6dab8d59b054948
Closes-Bug: #1795881
2018-10-03 14:51:46 +02:00
James Slagle
538c894317 Name unnamed tasks
These tasks had an empty name field, which breaks ansible's
--start-at-task functionality with a traceback, as it's not valid to
have unnamed tasks.

Change-Id: I2386da62a87bfc290070fce13c2d35290565478a
2018-10-03 07:47:20 -04:00
Zuul
ef1056d8e3 Merge "docker-puppet.py: used dedicated hiera entry, not uuid" 2018-10-02 18:52:05 +00:00
Zuul
714706ff6e Merge "Don't configure BIND to listen on localhost" 2018-10-02 18:52:03 +00:00
Zuul
9d149f33e5 Merge "Pass parameters for TLS proxy in front of Octavia-API" 2018-10-02 16:28:14 +00:00
Emilien Macchi
7bebdefda8 Introduce OS::TripleO::Services::Podman
Podman service will be in charge of installing, configuring, upgrading
and updating podman in TripleO.

For now, the service is disabled by default but included in all roles.
In the cycle, we'll make it the default.

Note: when Podman will be able to run in TripleO without Docker,
we'll do like https://review.openstack.org/#/c/586679/ and make it as
a generic service that can be switched to either podman or docker.
But for now, we need podman & docker working side by side.

Depends-On: Ie9f5d3b6380caa6824ca940ca48ed0fcf6308608
Change-Id: If9e311df2fc7b808982ee54224cc0ea27e21c830
2018-10-02 01:47:46 +00:00
Steve Baker
6bbc3b51df docker-puppet.py: used dedicated hiera entry, not uuid
Currently it is not possible to do per-node customization inside
docker-puppet.py because it overrides the fact 'uuid'.

This change adds a dedicated docker_puppet entry in hiera.yaml so that
docker-puppet.py needs to do nothing special for
/etc/puppet/hieradata/docker_puppet.json to be included in the hiera
merge.

Change-Id: Icf37dcd63e0152ee15e9f0079b45e31a4f8d9fbb
Depends-On: https://review.openstack.org/#/c/605478/
Closes-Bug: #1761624
2018-10-01 12:21:46 -04:00