3891 Commits

Author SHA1 Message Date
Jenkins
5e7928431e Merge "puppet/loadbalancer: use puppet-tripleo" 2015-03-18 15:50:09 +00:00
Yanis Guenane
fae3cb2568 controller-puppet: Honor MysqlRootPassword
Currently the MysqlRootPassword parameter is retrieved from the
templates but not honored, preventing a user to specify it.
This commit fixes that.

Change-Id: Ib6842736a37aea3cc16f1a7c75fc877408682bf7
2015-03-18 15:54:45 +01:00
Jenkins
29327cd090 Merge "Make heat auth_encryption_key random" 2015-03-16 19:02:42 +00:00
Emilien Macchi
285e53d135 puppet/loadbalancer: use puppet-tripleo
The loadbalancer Puppet code moved to puppet-tripleo (lightweight)
composition layer.

This patch aims to use it and refactor the loadbalancer.pp file.

Co-Authored-By: Dan Prince <dprince@redhat.com>

Change-Id: I1765ac9b6cb01cb64d5d28dad646674ddca859e9
2015-03-13 15:58:59 -04:00
Steven Hardy
b05137d61a Make heat auth_encryption_key random
Currently we have a hard-coded default for auth_encryption_key,
which isn't ideal as it's used as a salt for the DB encryption.

Instead, reference an OS::Heat::RandomString resource so we create
a random key for each deployment.

Change-Id: Ic76b89db17603c114d98d28c01f75cc287fb2e90
2015-03-13 06:08:56 -04:00
Dan Prince
dc5d2373c6 puppet: tidy up the Nova ceilo auth configs
Updates the puppet configuration for the Ceilometer auth agent
so that we do the join conversions in the Heat templates and
use only hiera for configuration of the ::ceilometer::agent::auth
class.

Change-Id: I932afafe21b2485a0581ac3910ac9d46161eee0d
2015-03-12 21:07:02 -04:00
Dan Prince
c392dffb9d puppet: tidy up the Nova glance API server config
Updates the puppet configuration for the Nova glance configs
so that we do the join conversions in the Heat templates and
use only hiera for configuration of the ::nova class.

Change-Id: Id12fb05470470558f1dccd45150bfce00a554466
2015-03-12 17:42:31 -04:00
Dan Prince
788bafd901 puppet: tidy up the compute nova neutron config
Updates the puppet configuration for the Nova neutron configs
so that we do the join conversions in the Heat templates and
use only hiera for configuration of the ::nova::network::neutron
class. This updates the compute configuration to match what
we now do on the controller as well.

Change-Id: I2b352551777f64e0ceb119f48cc3b3ab1779f4d5
2015-03-12 17:29:07 -04:00
Yanis Guenane
4bc4171a15 Use Cinder multibackend by default
Currently Cinder iscsi backend is configured within the DEFAULT section.
Since we aim to support multibackend, this commit puts the iscsi backend
in its own section and enable it by default configuring it properly.
Also adds a parameter which can be used to disable the default backend.

Co-Authored-By: Giulio Fidente <gfidente@redhat.com>

Change-Id: I05fb44b59829c0afa8a6588956a48320f2f65159
2015-03-12 07:05:51 -04:00
Jenkins
8772095c42 Merge "Puppet: Configure neutron_api_class on controller" 2015-03-12 10:28:26 +00:00
Jiri Stransky
10c2cfab45 Puppet: Configure neutron_api_class on controller
We're already configuring Neutron in Overcloud, but the controller
is still configured to use the default Nova neutron_api_class for
default configuration for networking, which means it used Nova Network
and not Neutron. This causes some of the Nova API is_neutron
checks to behave incorrectly.

This patch updates the controller to use nova::network::neutron (like
we already do on the overcloud_compute.pp role). As part of the change
several of the compute specific hiera settings for the
nova::network::neutron class have been moved to common.yaml.

Change-Id: Id2d5a5a0aa1ca087de714880ef1ea98484b06849
2015-03-11 16:54:55 -04:00
Jenkins
925bd3864f Merge "puppet: add ordering for Neutron agents" 2015-03-11 19:07:18 +00:00
Emilien Macchi
dcce501eaa puppet: add ordering for Neutron agents
Before starting the Neutron agents, we need to make sure neutron-server
is running so we don't have a race when starting the services.
This patch adds some orchestration to do it.

Change-Id: I24db069d6af1fadd302b0924f769db3f58f65685
2015-03-10 19:03:40 -04:00
Yanis Guenane
3bb5a23da2 Include cinder::glance into the ctrl manifest
Include ::cinder::glance into the controller manifest to have proper
(upstream) default value for cinder's glance related parameters.

Change-Id: I9ac83b9e997d3c2502b08b642d4e41dba36ddf67
2015-03-09 17:16:12 +01:00
Emilien Macchi
83a9562b37 Puppet: define swift_store_auth_address in hiera
This patch updates the glance::backend::swift implementation to
use only hiera variables instead of a mix of hiera, and inline
class variables.

Nothing was functionally wrong with the previous approach but now
that we can compose more freely using the SoftwareDeployment defining
all the variables in Hiera makes sense and is cleaner.

Change-Id: I6d319841488d2ed94e088a5ac21e41dcd964ed1a
Co-Authored-By: Dan Prince <dprince@redhat.com>
2015-03-06 22:11:55 -05:00
Dan Prince
67fc92c5e4 puppet: set heat-user using class parameter
The puppet-heat module just added a new class
parameter to help manage instance_user today in
I44fef59d3ed1f7851d8504855a7ae0d5460fdc84. This
actually broke us because we were setting it manually
via heat_config (puppet doesn't allow two settings).

Change-Id: Ib25e8de8ca3849701d506a5d0c956a6f3317ac8a
Closes-bug: #1429328
2015-03-06 22:09:05 -05:00
Emilien Macchi
44a22fc61e Puppet: First support Ceph
This is a first implementation of Ceph support in TripleO with Puppet:

* Install ceph-mon on controller node
* Install ceph-osd on cephstorage node

Co-Authored-By: Giulio Fidente <gfidente@redhat.com>

Change-Id: I48488cbe950047fae5e746e458106d6edb9a6183
2015-03-05 20:45:10 +00:00
Dan Prince
3ced063b49 BlockStore: Exec puppet after all configuration
This patch adds a new BlockStoreNodesPostDeployment resource
which can be used along with the environment file to
specify a nested stack which is guaranteed to execute
after all the BlockStore config deployments have executed.

This is really useful for Puppet in that Heat actually
controls where puppet executes in the deployment
process and we want to ensure puppet runs after
all hiera configuration data has be deployed to
the nodes. With the previous approach some of the
data would be there, but allNodes data would not be
guaranteed to be there in time.

As os-apply-config (tripleo-image-elements) have their
ordering controlled within the elements themselves an empty stubbed
in nested stack has been added so that we don't break that
implementation.

Change-Id: I29b3574e341eecd53b2867788f415bff153cfa9f
2015-02-23 20:45:03 -05:00
Dan Prince
66aaf72d35 ObjectStore: Exec puppet after all configuration
This patch adds a new ObjectStoreNodesPostDeployment resource
which can be used along with the environment file to
specify a nested stack which is guaranteed to execute
after all the ObjectStore config deployments have executed.

This is really useful for Puppet in that Heat actually
controls where puppet executes in the deployment
process and we want to ensure puppet runs after
all hiera configuration data has be deployed to
the nodes. With the previous approach some of the
data would be there, but allNodes data would not be
guaranteed to be there in time.

As os-apply-config (tripleo-image-elements) have their
ordering controlled within the elements themselves an empty stubbed
in nested stack has been added so that we don't break that
implementation.

Change-Id: I778b87a17d5e6824233fdf9957c76549c36b3f78
2015-02-23 20:45:03 -05:00
Dan Prince
b11ac7e6b6 Compute: Exec puppet after all configuration
This patch adds a new ComputeNodesPostDeployment resource
which can be used along with the environment file to
specify a nested stack which is guaranteed to execute
after all the Compute config deployments have executed.

This is really useful for Puppet in that Heat actually
controls where puppet executes in the deployment
process and we want to ensure puppet runs after
all hiera configuration data has be deployed to
the nodes. With the previous approach some of the
data would be there, but allNodes data would not be
guaranteed to be there in time.

As os-apply-config (tripleo-image-elements) have their
ordering controlled within the elements themselves an empty stubbed
in nested stack has been added so that we don't break that
implementation.

Change-Id: I80bccd692e45393f8250607073d1fe7beb0d7396
2015-02-23 20:45:01 -05:00
Dan Prince
62ab434139 Split out BootstrapNode SoftwareConfig
This patch splits out the BootstrapNode config
such that alternate implementation (puppet for example)
can implement their own SoftwareConfig's via a nested stack.

This is controlled by the standard overcloud heat environment.

For os-apply-config deployments the implementation should work the
same as before.

For puppet deployments the implementation uses hiera metadata
to configure bootstrap_nodeid.

Change-Id: I691a9d7c474866038a5d47beab295899b5479d03
2015-02-19 10:36:13 -08:00
Giulio Fidente
112a42f34d Puppet/RabbitMQ: support clustering
Allow to install & configure RabbitMQ in cluster with Puppet on
the controller node.

Change-Id: Iebbf55c75b8c80453c7313bb41faf42c7fdf7159
2015-02-13 11:24:44 -05:00
Dan Prince
b639d3c7c2 Split out allNodesConfig SoftwareConfig
This patch splits out the allNodesConfig config
such that alternate implementation (puppet for example)
can implement their own SoftwareConfig's via a nested stack.

This is controlled by the standard overcloud heat environment.

For os-apply-config deployments the implementation should work the
same as before.

For puppet deployments the implementation uses hiera metadata
to configure rabbit_nodes. The puppet deployment doesn't support
hosts, or freeform sysctl metadata yet so those are the same
for now as well.

Change-Id: I34ae30b1f37aca8b39586f7e350511462d66f694
2015-02-13 06:11:12 -05:00
Dan Prince
f98f2bdf4d Revert "puppet: disable swift proxy and glance backend"
This reverts commit 4d470abc589c660cd55e4ced92de234fdf83d882
where we disabled swift (and the glance swift backend) due
to the fact that some of the Heat metadata wasn't showing up.

Change-Id: Ib0c01be5844aa79d74b7de02ba3d0657db5047ba
Closes-bug: 1418805
2015-02-12 22:19:24 -05:00
Dan Prince
3f108ff4bd Split out SwiftDevicesAndProxy SoftwareConfig
This patch splits out the SwiftDevicesAndProxy config
such that alternate implementation (puppet for example)
can implement their own SoftwareConfig's via a nested stack.

This is controlled by the standard overcloud heat environment.

For os-apply-config deployments the implementation should work the
same as before.

For puppet deployments the implementation uses hiera metadata
to configure swift devices.

Partial-bug: 1418805

Change-Id: Ibf6038460f36279ad51a04947589d4a03a553f66
2015-02-12 22:19:24 -05:00
Dan Prince
d25bd1f12e Controller: Exec puppet after all configuration
This patch adds a new ControllerNodesPostDeployment resource
which can be used along with the environment file to
specify a nested stack which is guaranteed to execute
after all the Controller config (HA, or other) have
executed.

This is really useful for Puppet in that Heat actually
controls where puppet executes in the deployment
process and we want to ensure puppet runs after
all hiera configuration data has be deployed to
the nodes. With the previous approach some of the
data would be there, but most of the HA data which
actually gets composed outside of the controller-puppet.yaml
nested stack would not be guaranteed to be there in time.

As os-apply-config (tripleo-image-elements) have their
ordering controlled within the elements themselves an empty stubbed
in nested stack has been added so that we don't break that
implementation.

Partial-bug: 1418805

Change-Id: Icd6b2c9c1f9b057c28649ee3bdce0039f3fd8422
2015-02-12 22:19:22 -05:00
Dan Prince
6b5ac01d2e Move all puppet templates into puppet directory.
This cleans up the top level tree by moving all the puppet
related bits into the puppet directory. The only exception
is overcloud-resource-registry-puppet.yaml which is
the puppet environment file and is used externally.

Change-Id: Idb65a7143b0f29e5579d4e9d1642e4cda6f65d50
2015-02-12 14:34:16 -05:00
Dan Prince
d5eee576cc puppet: only enable Ntp if ntp::servers is set
Not all installations have an NtpServer configured and if
they don't the ntp service will fail to startup correctly.

This patch makes it so that ntp is only enabled if
the ntp::servers array is greater than 0.

Change-Id: I8417f87ad2a3c1237ebb00ee1232b5313cd45d46
2015-02-06 08:42:59 -05:00
Dan Prince
4d470abc58 puppet: disable swift proxy and glance backend
We have an issue where swift.devices metadata isn't showing
up on our controllers. This causes ringbuilding to fail
meaning swift-proxy won't startup.

This patch disables the swift-proxy and glance swift backend
until we can figure out exactly what caused this change.

Change-Id: I723a4b703d979d7475ac48f41c4c0ac91c306884
Partial-bug: 1418805
2015-02-06 08:39:05 -05:00
Dan Prince
f8a9c530e0 puppet: Add EnablePackageInstall option
This adds an option which enables package installation via
Yum when Puppet executes. Users might want to disable Yum
installation of packages via puppet when using pre-installed
images.

The option is off by default: meaning that Puppet will no
longer install packages by default. Users will need to
enable the EnablePackageInstall in order to get
the previous behavior.

The intent is to use the default_parameters section
of the Heat environment to allow users to cleanly enable this
features without wiring it into the top level. This is because
the new parameter is Puppet specific and doesn't really apply to
other implementations. Kilo Heat already has support for
default_parameters and so does python-heatclient.

NOTE: most TripleO users do not yet have the heatclient
features because setup-clienttools in tripleo-incubator only installs
releases via pip. It is for these reasons the default_parameters
section in overcloud-resource-registry-puppet.yaml is commented out
for now.

Change-Id: I3af71b801b87d080b367d9e4a1fb44c1bfea6e87
2015-02-05 10:12:48 -05:00
Dan Prince
6ba5a41062 Puppet: SNMP support for undercloud ceilometer
This configures an snmp agent for the undercloud
ceilometer 'hardware' metering. This rely's on the
razorsedge/puppet-snmp which we are adding in
 I8ae104de7382767c3448a493cd37ff2994cf4f52.

Change-Id: If2b6b63279b9b0402c5136ff1635e10acad1de7e
2015-02-04 09:33:13 -05:00
Dan Prince
a5be320a86 Puppet: wire in neutron_dnsmasq_options
This patch updates puppet on the controller so that it
configures the Neutron dnsmasq options file data with
the value provided by the Heat NeutronDnsmasqOptions
parameter.

Properly configuring this setting can help resolve/tune
overcloud instance connectivity issues w/ SSH etc.

Change-Id: If47ab3d3002ebe19fc980ca5d37f84f4d8851f9b
2015-02-04 09:33:13 -05:00
Dan Prince
1e2a7a1581 Puppet: Heat API and Engine
This patch adds the ability to configure the Heat API and
Heat engine on controller nodes via puppet.

Change-Id: Ie81090bceed3e18199a36ebb11d1cbcaea83c410
2015-02-04 09:33:13 -05:00
Dan Prince
dd80103568 Puppet: Ntp support
This patch adds NTP support to all roles.

As part of this change overcloud-without-mergepy.yaml has
also been updated so that it passes the NtpServer parameters into
the Swift and Cinder storage node templates so that Ntp can
also be configured on those machines as well.

NOTE: The puppet support here uses the puppetlabs-ntp modules
which we add in Ib10ccbfdb3140b19f40049707548c6655d250e1c.

Change-Id: If2ef236fa42a714e84c6944eee5fe4daddf3fedf
2015-02-04 09:33:13 -05:00
Dan Prince
a536d3c888 Puppet: Ceilometer controller support
This patch adds support for the Ceilometer controller
role including the Ceilometer:

 -API
 -central agent
 -alarm notifier
 -alarm evaluator
 -collector
 -expirer

In order to enable swift metering the swift::proxy ceilometer middleware
was added in.

Also, a minor adjustment to the existing ceilometer HA proxy setting
was made to accommodate ceilometer auth settings. (not exactly sure
why but this seems to be required)

Like upstream TripleO Ceilometer is currently using a MySQL database
backend. A follow on patch can support configuring MongoDB for use
with Ceilometer.

Change-Id: I4e171274bd7679d386d93492d13dfa7c5d37f6a8
2015-02-03 19:10:18 +00:00
Dan Prince
8633aca4ed Puppet: Cinder common block storage support
This patch implements the required changes to configure
common Cinder block storage nodes via Puppet.

Change-Id: Iac8b4679a00f58d5faac4a1d08b7a830f0360ba5
2015-01-27 09:07:19 -05:00
Dan Prince
e6a88fcc66 Puppet: Switch glance to use a swift backend
Now that we have swift we can switch glance over
to make use of it.

Change-Id: I9513cb63079235337b684aa734af73a0f0cc0afd
2015-01-27 09:07:19 -05:00
Dan Prince
82de366b75 Puppet: Swift Storage node support
This patch implements the required changes to configure
swift storage nodes via Puppet. Similar to the overcloud
we generate the rings on each node (with the same seed).

Change-Id: I677c85b09b6e656b3ac1f938a4bd6bc7daae1755
2015-01-27 09:07:19 -05:00
Dan Prince
65d64b6a52 Puppet: Swift Overcloud Proxy/Storage support
This patch adds support for a Swift proxy and storage
node on the controller.

The implementation is fairly straightforward with the
exception of building the ring. I've followed an
upstream TripleO model here where we build the
actual ring on each node (rather than build once
and rsync). This works because Heat will always
know all the devices ahead of time. In the future
when we have Heat breakpoints it might be possible
to consider optimizing this by generating the ring
once and then rsyncing to all the nodes.

The ringbuilder logic is executed as a seperate
Heat software deployment. On the controller the ring
is executed in between the base service (mysql/rabbit)
and OpenStack service steps. This is to ensure the
ring exists before the Swift proxy is started.
Having the ringbuilder.pp logic as a separate software
config should allow us to reuse it for the Storage
node role.

It should also be noted that swift.zones support is
added here but we are missing an upstream Heat
template change in order for it to be wired
in properly. See: I0e0f5189da1575f2e1ed7fba4bbbe13a8fbf6221

Likewise we need to properly wire in SwiftRingBuild as well.
See: I01311ec3ca265b151f8740bf7dc57cdf0cf0df6f
The underlying puppet ringbuilder code is already wired
to support this change when it lands.

As is this works today and will provide a working Overcloud
Swift-proxy/storage node config. Will follow this up with
a related Swift storage node patch which should allow
puppet to be used for configuration on the storage nodes
as well...

Change-Id: Id1272f796e2507a7357309e8cd6a51ad9e0160af
2015-01-27 09:07:19 -05:00
Dan Prince
9cf11371ac Puppet: overcloud controller config
This patch provides an alternate implementation of
the OS::TripleO::Controller::SoftwareConfig which uses Puppet
to drive the configuration. Using this it is possible
to create a fully functional overcloud controller instance
which has the controller node configured via Puppet
stackforge modules. Initially this includes only the
following services:

  MySQL
  RabbitMQ
  Keepalived/HAProxy (HA is not yet fully supported however)
  Nova
  Neutron
  Keystone
  Glance (file backend)
  Cinder

Using these services it is possible to run devtest_overcloud.sh
to completion. The idea is that we can quickly add more
services once we have CI in place.

In order to test this you'll want to build your images
with these elements:

   os-net-config
   heat-config-puppet
   puppet-modules
   hiera

None of the OpenStack specific TripleO elements
should be used with this approach (the nova/neutron
elements were NOT used to build the controller image).

Also, rather than use neutron-openvswitch-agent to configure
low level networking it is recommended that os-net-config
by configured directly via heat modeling rather than
parameter passing to init-neutron-ovs. This allows us to
configure the physical network while avoiding the coupling to
the neutron-openvswitch-element that our standard
parameter driven networking currently uses. (We still need
to move init-neutron-ovs so that it isn't coupled and/or deprecate
its use entirely because the heat drive stuff is more flexible.)

Packages may optionally be pre-installed via DIB using the
-p option (-p openstack-neutron,openstack-nova) etc.

Change-Id: If8462e4eacb08eced61a8b03fd7c3c4257e0b5b8
2015-01-08 09:52:50 -05:00
Dan Prince
6812f6f644 Puppet: overcloud compute config
This patch provides an alternate implementation of
the OS::TripleO::Compute::SoftwareConfig which uses Puppet
to drive the configuration. Using this it is possible
to create a fully functional overcloud compute instance
which has the compute node configured via Puppet
stackforge modules.  This includes all the Nova, Neutron,
and Ceilometer configuration required to make things work.

In order to test this you'll want to build your images
with these elements:

 os-net-config
 heat-config-puppet
 puppet-modules
 hiera

None of the OpenStack specific TripleO elements
should be used with this approach (the nova/neutron/ceilometer
elements were NOT used to build the compute image).

Also, rather than use neutron-openvswitch-agent to configure
low level networking it is recommended that os-net-config
by configured directly via heat modeling rather than
parameter passing to init-neutron-ovs. This allows us to
configure the physical network while avoiding the coupling to
the neutron-openvswitch-element that our standard
parameter driven networking currently uses. (We still need
to move init-neutron-ovs so that it isn't coupled and/or deprecate
its use entirely because the heat drive stuff is more flexible.)

Packages may optionally be pre-installed via DIB using the
-p option (-p openstack-neutron,openstack-nova).

Change-Id: Ic36be25d70f0a94ca07ffda6e0005669b81c1ac7
2015-01-05 13:53:24 -05:00