42 Commits

Author SHA1 Message Date
Rajesh Tailor
ce7d8e36de Move parameter to parameter_defaults section
The parameter PublicSSLCertificateAutogenerated was added in
resource_registry section in environment file in change
I299e6052e6a872c3907184b635d218a806d906e0, moving it to
parameter_defaults section.

Change-Id: Ib454a080c910e2cd2dae22a11d04794824dcb9ad
Closes-Bug: 1731480
2017-11-10 18:50:55 +05:30
Zuul
3bf720ee11 Merge "Remove deprecated Telemetry services from roles data" 2017-11-09 00:20:20 +00:00
Pradeep Kilambi
5ebbc81c2a Remove deprecated Telemetry services from roles data
Ceilometer API, Collector and Expirer are removed from upstream,
so lets clean these deprecated services.

Change-Id: Ifd28a3029cd39644833ab0e9fc66efb7b5b67c9d
2017-11-07 12:54:41 +00:00
Juan Antonio Osorio Robles
7c2eee2494 Tell HAProxy container template that the public cert was autogenerated
With the recent change to only mounting the certificate when it's used
[1]. The usecase of autogenerating the public certificate was missed.
This enables a flag to tell the template to mount it if we're
autogenerating the certificate.

[1] Id8ba09902d25689e642f922c43e71649977bf248

Change-Id: I299e6052e6a872c3907184b635d218a806d906e0
2017-11-03 14:11:41 +02:00
Jenkins
3f6db21211 Merge "Add Mistral event engine" 2017-10-13 12:50:20 +00:00
marios
4d21451666 Remove Heat Cloudwatch API during upgrade and disable by default
This adds a heat-api-cloudwatch-disabled.yaml and wires it up in
the resource registry. During the Ocata to Pike upgrade this service
will thus be stopped and disabled by default.

If you wish to keep the Heat Cloudwatch API then you should instead
use the provided heat-api-cloudwatch.yaml environment file.

Change-Id: I3f90a9799b90ca365f675f593371c1d3701fede6
Related-Bug: 1713531
2017-10-10 12:53:03 +03:00
Brad P. Crochet
95a7a27fcb Add Mistral event engine
Mistral has an event engine to trigger cron-type events. Let's use it.

Change-Id: I15b48bd7a501608b1fad64fea8d4f9822946dcb2
Depends-On: I71f556c96ed7c2bbafacab4b2f66874effbd8b73
2017-09-28 06:55:46 -04:00
Aneesh Puttur
edc02b3352 Fixed resource registry path in neutron-lbaasv2.yaml
Change-Id: Icb58d47a3911e83e2650b2c74b33eae522c84651
Closes-Bug: #1718451
2017-09-20 11:13:32 -04:00
Juan Antonio Osorio Robles
8cb4da7a1e Zaqar: Match service name with service-net-map
This is required for t-h-t to generate the appropriate hieradata.

Change-Id: I9b451eac4427a52ad8eec62ff89acc6c6d3ab799
Closes-Bug: #1712328
2017-08-22 15:36:25 +03:00
Andrew Toth
e1f7c0f30d Enable Neutron LBaaS Integration
Allows the configuration of the Neutron LBaaS agent.

Change-Id: I4c29ece765ec9147cef9b4d74d30e3c4483c48ab
Implements: blueprint lbaasv2-service-integration
2017-07-14 14:35:07 +00:00
Ryan Hefner
6a151ec697 Enable Neutron LBaaS Integration
Allows the configuration of the Neutron LBaaS agent.

Implements: blueprint lbaasv2-service-integration
Change-Id: Iae2bf7faeea93d5275994b2ee10f9bf863ed6152
Depends-On: Ieeb21fafd340fdfbaddbe7633946fe0f05c640c9
2017-07-04 13:53:03 +00:00
Dmitry Tantsur
f0807b535b Enable periodic task to discover cell hosts when ironic is used
Starting with the Ocata release, bare metal nodes are no longer get recognized
by nova automatically. To avoid forcing users into running nova manage command
each time they enroll a node, we will have to allow enable the periodic task
to do so.

Change-Id: I8b0afac54dc9bd51dbe2ae4f237e4de50459be0f
Closes-Bug: #1697724
2017-06-23 18:13:52 +02:00
Derek Higgins
87160b9335 Remove reference too puppet/services/ironic-pxe.yaml
The file doesn't exist. The pxe setup is part of
puppet/services/ironic-conductor.yaml

Change-Id: I3a6f038ed69ea44f0594064b6f9657ff1b72e1bb
Closes-Bug: #1697927
2017-06-14 13:08:51 +01:00
Bogdan Dobrelya
359fcdf849 Align optional services with optional services-docker
Add missing optional services for docker, if present in
non-docker optional services, and vice versa.

Fix issues with non containerized Mongo resources are
missing when deploying optional containerized zaqar service.

Add non containerized Ironix-Pxe resources to the optional
Ironic services, as it is done for the containerized Ironic.

Change-Id: I56675e015fa4bbd6d9809dbf7c21453939321410
Signed-off-by: Bogdan Dobrelya <bdobreli@redhat.com>
2017-05-25 18:31:00 +02:00
Juan Antonio Osorio Robles
9ede958714 Disable mongodb by default
It's not used by any service that we enable by default. So instead, I
added it to the environment that enables the services that use it.

Change-Id: Id2e6550fb7c319fc52469644ea022cf35757e0ce
2017-05-22 14:32:51 +03:00
Pradeep Kilambi
66b39c2c21 Deprecate Ceilometer Expirer
We dont need expirer unless we have collector and standard
storage enabled. Lets turn it off by default and make it
an optional service. In upgrade scenario, we will kill the
process and stop the expirer, unless explicitly enabled.

Change-Id: Icffb7d1bb2cf7bd61026be7d2dcfbd70cd3bcbda
2017-05-11 11:44:48 -04:00
Pradeep Kilambi
2cb2d8d77b Deprecate ceilometer collector
Ceilometer collector is deprecated in Pike release.
Do not deploy by default. Instead use the pipeline
yaml to configure the publisher directly.

Closes-bug: #1676961

Change-Id: Ic71360c6307086d5393cd37d38ab921de186a2e0
2017-04-25 16:38:01 -04:00
Giulio Fidente
b5b6681a74 Replace references to the 192.0.2 network
Following change I1393d65ffb20b1396ff068def237418958ed3289 the ctlplane
network will be 192.168.24 by default and not 192.0.2 anymore.

This change removes old references left to 192.0.2 network from the
overcloud templates.

Change-Id: I1986721d339887741038b6cd050a46171a4d8022
2017-04-10 14:05:50 +02:00
Jenkins
8dc8980358 Merge "Add trigger to setup a LDAP backend as keystone domaine" 2017-04-06 23:17:17 +00:00
Jenkins
799359847d Merge "Disable ceilometer API" 2017-04-06 16:35:30 +00:00
Cyril Lopez
347f5434b3 Add trigger to setup a LDAP backend as keystone domaine
It is using a trigger tripleo::profile::base::keystone::ldap_backend_enable in puppet-tripleo
who will call a define in puppet-keysone ldap_backend.pp.

Given the following environment:

parameter_defaults:
  KeystoneLDAPDomainEnable: true
  KeystoneLDAPBackendConfigs:
    tripleoldap:
      url: ldap://192.0.2.250
      user: cn=openstack,ou=Users,dc=redhat,dc=example,dc=com
      password: Secrete
      suffix: dc=redhat,dc=example,dc=com
      user_tree_dn: ou=Users,dc=redhat,dc=example,dc=com
      user_filter: "(memberOf=cn=OSuser,ou=Groups,dc=redhat,dc=example,dc=com)"
      user_objectclass: person
      user_id_attribute: cn
      user_allow_create: false
      user_allow_update: false
      user_allow_delete: false
  ControllerExtraConfig:
    nova::keystone::authtoken::auth_version: v3
    cinder::keystone::authtoken::auth_version: v3

It would then create a domain called tripleoldap with an LDAP
configuration as defined by the hash. The parameters from the
hash are defined by the keystone::ldap_backend resource in
puppet-keystone.

More backends can be added as more entries to that hash.

This also enables multi-domain support for horizon.

Closes-Bug: 1677603
Co-Authored-By: Juan Antonio Osorio Robles <jaosorior@redhat.com>
Depends-On: I1593c6a33ed1a0ea51feda9dfb6e1690eaeac5db
Change-Id: I6c815e4596d595bfa2a018127beaf21249a10643
Signed-off-by: Cyril Lopez <cylopez@redhat.com>
2017-04-06 07:10:57 +00:00
Jenkins
b20bdcee03 Merge "Qpid dispatch router composable role" 2017-04-03 14:54:19 +00:00
Pradeep Kilambi
0e8e8a920d Disable ceilometer API
Ceilometer API has been deprecated since Ocata. lets disable
it by default and add an env file to enable it if needed.

Closes-bug: #1676968

Change-Id: I571f5467466c29271e0235e8fde6bdae07c20daf
2017-04-03 07:50:01 -04:00
Pradeep Kilambi
0d04302abd Set auth flag so ceilometer auth is enabled
Ceilometer Auth should be enabled even if ceilometer api
is not. Lets decouple these, this flag will be used in
puppet-tripleo where ceilometer::keystone::auth class
is initialized.

Change-Id: Iffebd40752eafb1d30b5962da8b5624fb9df7d48
Closes-bug: #1677354
2017-03-31 21:45:22 +00:00
John Eckersberg
1ca3c2c4b0 Qpid dispatch router composable role
Note: since it replaces rabbitmq, in order to aim for the smallest
amount of changes the service_name is called 'rabbitmq' so all the
other services do not need additional logic to use qdr.

Depends-On: Idecbbabdd4f06a37ff0cfb34dc23732b1176a608
Change-Id: I27f01d2570fa32de91ffe1991dc873cdf2293dbc
2017-03-29 10:19:41 +02:00
Carlos Camacho
801ccd670a Remove unnecesary code to enable panko-api
We are already enabling panko-api by default
`34c46241cd/overcloud-resource-registry-puppet.j2.yaml (L226)`
so there is no need to have the environment file
or the resource in the ci environment template.

Change-Id: I6af6e2196a77320c8d3b5914d161a795b007151a
2017-03-13 09:35:48 +01:00
Feng Pan
0ea941a615 Add VPP composable service
Vector Packet Processing (VPP) is a high performance packet processing
stack that runs in user space in Linux. VPP is used as an alternative to
kernel networking stack for accelerated network data path. This patch
adds VPP as a composable service. Note that NIC binding related configs
for VPP are handled in os-net-config.

Depends-on: I70a68a204a8b9d533fc2fa4fc33c39c3b1c366bf

Change-Id: I5e4b1903dc87cb16259eeb05db585678acadbc6b
Implements: blueprint fdio-integration-tripleo
2017-02-26 16:43:26 -05:00
Brent Eagles
07876f2d90 Add registry and role service list entries for Octavia
This patch adds the Octavia services to the registry and controller role
(disabled by default). Also included is an example environment file for
enabling the services and required configuration. The API service
profile is also amended configure the load balancer service provider in
neutron to point to the octavia load balancer driver.

Change-Id: I7f3bba950f5b1574ba842a39e93a8ac2b1ccf7bb
Partially-implements: blueprint octavia-service-integration
2017-02-03 12:59:13 -03:30
Giulio Fidente
bdfc7c6f01 Add Ceph RBD mirror Pacemaker profile
This change adds a profile to deploy the Ceph RBD mirroring daemon
as a Pacemaker resource.

Change-Id: Ib07e5bca6a45f0c6c59a3acf07f4e3ae9d2f8948
Depends-On: Ic63dc5cffece38942d305f538f71dd58a5d50789
Closes-Bug: #1652177
2017-01-26 12:24:56 +00:00
Sven Anderson
e02c3c2962 Add ec2-api service
This change adds the ec2api service using the
tripleo::profile::base::nova::ec2api profile.

The deprecated nova-cert service is not supported, and therefore the
RegisterImage action is not supported either.

Change-Id: I2510fd4ed935d8423216fff9ce3adf2d69c9c804
Depends-On: If4b091e1ca02f43aa9c65392baf8ceea007b7cfb
2017-01-24 16:34:00 +00:00
Feng Pan
52573dace5 Adds etcd composable service
etcd is used by networking-vpp ML2 driver as the messaging mechanism. This
patch adds etcd service which can be used by other services.

Implements: blueprint fdio-integration-tripleo

Depends-on: Idaa3e3deddf9be3d278e90b569466c2717e2d517

Change-Id: I8ae1e2c9b0c3d6f448e1da712100938d011289f5
Signed-off-by: Feng Pan <fpan@redhat.com>
2017-01-19 00:00:39 -05:00
Pradeep Kilambi
8568de47d5 Add a environment file to disable ceilo api
Use the standard composable interface to disable
ceilo api instead of using a separate flag.

Closes-bug: #1656364

Change-Id: I67900f7e6816212831aea8ed18f323652857fbd3
2017-01-18 09:04:35 -05:00
Giulio Fidente
42c31dc6a0 Add support for the deployment of Ceph MDS
This change adds a CephMds service, disabled by default, on the
Controller role and an environment file to enable it.

Change-Id: If7cb46319038a80ed52f753a623989885e1b7da4
Depends-On: Iaecc3ff7acb851776c5057c42a5a513a70425d2c
Partial-Bug: #1644784
2017-01-10 17:30:16 +01:00
Jenkins
21303cd9fc Merge "Composable Zaqar services" 2016-12-02 12:08:37 +00:00
Pradeep Kilambi
a2e0aa4d1c Add panko api support to service templates
This integrates panko service api into tripleo heat templates.
By default, we will disable this service, an environment service
file is included to enable if needed.

Depends-On: I35f283bdf8dd0ed979c65633724f0464695130a4

Change-Id: I07da3030c6dc69cce7327b54091da15a0c58798e
2016-11-17 13:39:34 -05:00
Brad P. Crochet
20f8fd1c38 Composable Zaqar services
Adds new puppet and puppet pacemaker specific services for Zaqar.

The Pacemaker templates extend the default Zaqar services and swap in
the Pacemaker specific puppet-tripleo profile instead.

Change-Id: Ia5ca4fe317339dd05b0fa3d5abebca6ca5066bce
Depends-On: Ie215289a7be681a2b1aa5495d3f965c005d62f52
Depends-On: I0b077e85ba5fcd9fdfd33956cf33ce2403fcb088
Implements: blueprint composable-services-within-roles
2016-11-14 13:06:33 -05:00
Ade Lee
5f2f5422d7 Add Barbican to the overcloud
Co-Authored-By: Juan Antonio Osorio Robles <jaosorior@redhat.com>
Depends-On: If2804b469eb3ee08f3f194c7dd3290d23a245a7a
Depends-On: I091ecfbcb2e38fe77203244ac7a597aedcb558fb
Change-Id: Iacc504fc4fa2d06893917024ce2340d3fb80b626
2016-10-19 06:40:08 +00:00
Juan Antonio Osorio Robles
9bf37e06b5 Add HAProxy TLS handled by certmonger as composable service
This adds some basic pieces to get certmonger to manage the
certificates for HAProxy. The aim is to be flexible enough that we
will be able to manage both public and internal certificates.

This also adds a relevant environment to get the endpoints to have
TLS everywhere.

bp tls-via-certmonger

Depends-On: I89001ae32f46c9682aecc118753ef6cd647baa62
Change-Id: Ife5f8c2f07233295bc15b4c605acf3d9bd62f162
2016-09-29 17:15:13 +00:00
Sagi Shnaidman
59e2713994 Fix path to sahara templates
Fix path to sahara templates

Change-Id: I7e60ed1800923057efe24badf03d76761da3f498
2016-08-22 15:33:33 +03:00
Dan Prince
d8df132a72 Disable Sahara by default
Users who want Sahara enable now can simply include the
environments/services/sahara.yaml Heat environment.

Change-Id: I3df96b6e78ba3eddb62e79d854862a7e2d614c51
2016-08-19 13:37:59 +00:00
Dmitry Tantsur
71dc47ef66 Update Ironic composable services
* Add service for configuring Nova compute with Ironic
* Fix authentication in Ironic APU
* Provide a separate environment file for enabling Ironic

Change-Id: I211e6d91eacd238b04a1aa37528d5a91523407d9
Partially-Implements: blueprint ironic-integration
2016-08-11 17:39:09 +02:00
Carlos Camacho
2f52658a6b Disable mistral services by default.
Optional services should be disabled by default in the overcloud nodes.
This submission makes mistral disabled by default and allows to enable
it base on an environment file.

Depends-On: I942d419be951651e305d01460f394870c30a9878

Change-Id: I0dd245b75142834f71f3bd591b43c3f69d63217b
2016-08-06 10:38:54 +02:00