3024 Commits

Author SHA1 Message Date
Zuul
c32ba879a1 Merge "Enable barbican keystone listener" 2018-01-06 09:35:14 +00:00
Zuul
f9d9919e5d Merge "Remove _member_ role from the keystone accepted roles" 2018-01-06 06:38:34 +00:00
Zuul
3de239d41b Merge "puppet apply: add --summarize" 2018-01-06 04:13:18 +00:00
Zuul
072f0ff28b Merge "Add MinPoll and MaxPoll options to NTP module" 2018-01-06 04:12:14 +00:00
Emilien Macchi
eb324768d0 puppet apply: add --summarize
... so we can know how long take resources configuration in Puppet
catalogs, and more easily debug why we have timeouts.

Change-Id: If3fae8837140caae91120e46b4880146ffe22afc
2018-01-04 09:37:46 -08:00
Zuul
9d9a9302b1 Merge "Add support for DVR in OVN based environments" 2017-12-30 09:53:10 +00:00
Emilien Macchi
c54b1b6169 heat-base: remove default policy rules
... the rule:context_is_admin is now managed in policy-in-code, in Heat:
https://git.openstack.org/cgit/openstack/heat/tree/heat/policies/base.py#n25

Furthermore, the policy.json file management was removed with:
https://review.rdoproject.org/r/#/c/11102/

Change-Id: Ibb2b7fa8750070fb338d04482a473a2bb3a2ea80
2017-12-29 21:42:23 +00:00
Keith Schincke
45e96e5fa5 Remove _member_ role from the keystone accepted roles
As per the development mailing list: Keystone removed _member_ role management

Change-Id: I4f553431d1c38ca8d2c18a213d07f957c388d914
2017-12-27 13:37:40 -05:00
Mike Fedosin
30154ed638 Add MinPoll and MaxPoll options to NTP module
These options specify the minimum and maximum poll intervals
for NTP messages, in seconds to the power of two.

The maximum poll interval defaults to 10 (1,024 s), but can be
increased by the MaxPoll option to an upper limit of 17 (36.4 h).
The minimum poll interval defaults to 6 (64 s), but can be decreased
by the MinPoll option to a lower limit of 4 (16 s).

Change-Id: Ib2929be86e8cb31c00d166abe750354188302415
Closes-bug: #1736170
2017-12-27 16:12:52 +01:00
Zuul
bacacf79e2 Merge "Add docker-registry service" 2017-12-27 13:11:56 +00:00
Dan Prince
cec41586f7 Add docker-registry service
This is required for the containerized undercloud.

Change-Id: I542a19c084f37aaafd72378857af4f379f335a39
2017-12-27 01:41:50 +00:00
waleed mousa
4fbc8962fc Adds environment file for ODL OVS Hardware Offload
Change-Id: I0bf2bbe486d3897fe18f2bbbd493d745499a51f9
2017-12-27 01:27:48 +00:00
Zuul
e6db8c4ad0 Merge "Allow to increase docker daemon verbosity" 2017-12-26 15:55:56 +00:00
Zuul
8809cd0ad4 Merge "Update templates alias to queens" 2017-12-23 07:20:34 +00:00
Mike Fedosin
5ef76cc16c Allow to increase docker daemon verbosity
This patch exposes puppet_tripleo's docker_options
in the tripleo-heat-templates.

Change-Id: I1b48b2a25dfa5afc3d2e4e4c8f0593e03ead3907
Closes-bug: #1715134
2017-12-21 20:52:21 +01:00
Ade Lee
02d452a097 Enable barbican keystone listener
The barbican keystone listener has been added to the same pod
as the barbican api.  Need to set some barbican config to enable it.

Also set a specific topic for barbican_notifications so that
we do not compete with other services.

Change-Id: I5f7e4d2367b9776a1b7e74d1727472e1f81f509a
2017-12-21 14:33:00 -05:00
Zuul
91cf79d74f Merge "nova: Add VerifyGlanceSignatures compute param" 2017-12-21 17:31:13 +00:00
Daniel Alvarez
e9a1122b3b Add support for DVR in OVN based environments
This patch adds the ability to configure DVR in
networking-ovn setups.

Depends-On: I565a5b9918eaf9df1d315c653f76dc4136953ca9

Change-Id: I14d3411f62b411010ea4bd270746436fe3e3cd3a
Signed-off-by: Daniel Alvarez <dalvarez@redhat.com>
2017-12-21 13:06:46 +01:00
Zuul
8a608f34d8 Merge "Manila network plugin address family support" 2017-12-21 02:26:27 +00:00
Lee Yarwood
80e9bb33a9 nova: Add VerifyGlanceSignatures compute param
This controls image signature verification during instance creation on
the compute host.

Change-Id: I0d80cbd38eb4e3d110443f6b9a8a7c7643c43453
2017-12-20 10:07:06 +00:00
Carlos Camacho
b13728cac3 Update templates alias to queens
There are still some templates with the wrong
alias name. This patch updates them with the
correct version.

Change-Id: I43549ac98f3736029d4aaad1ead745caf40f9299
2017-12-20 10:27:23 +01:00
Tom Barron
d8b1d64add Manila network plugin address family support
Set NetworkPluginIpv6Enabled if IPv6 networks
have been enabled.  Currently this parameter and
NetworkPluginIPv4Enabled are mutually exclusive so
set the latter false as well.  Default is IPv4
with NetworkPluginIPv4Enabled.

Depends-On: Ic7e5b5351e429755ba48613ab89d1b7e7d6e2d34
Change-Id: Ia895d7190f0fb8e97c87b3178461d9fc26393b9b
2017-12-19 17:10:07 -05:00
Zuul
ec0f4130ea Merge "Enable queueing to use barbican workers for key generation" 2017-12-19 20:52:31 +00:00
Zuul
eb0b4d1534 Merge "undercloud: set default_resource_class to 'baremetal'" 2017-12-19 20:52:25 +00:00
Zuul
bcad34bc53 Merge "Improve comment re nova live_migration_tunnelled setting" 2017-12-19 20:37:31 +00:00
dongwenjuan
13afaf0db2 fix the description of CongressDebug
Change-Id: I7287e5425b44e922b07f6a8d9ad211ad61ac3910
Signed-off-by: dongwenjuan <dong.wenjuan@zte.com.cn>
2017-12-19 10:30:46 +08:00
Zuul
76eb52cd34 Merge "Add ovs hardware Offload support to ovs mechansim driver" 2017-12-18 17:44:07 +00:00
Zuul
541b39ea8a Merge "Passes NodeDataLookup to ceph-ansible workflow" 2017-12-18 16:30:35 +00:00
Zuul
7061751f1a Merge "Cleanup dead code" 2017-12-18 12:46:33 +00:00
Moshe Levi
f3f1437cb2 Add ovs hardware Offload support to ovs mechansim driver
Depends-On: I3c0d24a31f0a1cac2cb8c5da8125051d4348eed6
Depends-On  I578f956f2a8c6ee29a9d1ff38ee51765bcab05c1
Implements: blueprint tripleo-ovs-hw-offload

Change-Id: I7e20ab2111e7d71380da844a15835b5fac1125d9
2017-12-18 06:57:47 -05:00
Oliver Walsh
4e6eeb1625 Improve comment re nova live_migration_tunnelled setting
Change-Id: Ie565cb16bb69f0eb98bcfabfb95f67c71f492bd1
2017-12-18 10:27:18 +00:00
Zuul
0ffd379393 Merge "Add NovaSchedulerMaxAttempts parameter" 2017-12-16 03:11:29 +00:00
Zuul
1f6e93ea29 Merge "Disable SSH key access to amphora" 2017-12-15 21:43:33 +00:00
Zuul
5d94201c0c Merge "Add auth_type to service_auth configuration" 2017-12-15 21:42:47 +00:00
Ade Lee
58736c0c74 Enable queueing to use barbican workers for key generation
The barbican-worker has been added to the same pod as the
barbican-api process.

Change-Id: I63d25e2878852f2bf5942cc0a39d8de801c01af4
2017-12-15 15:20:23 -05:00
Zuul
465ec1d909 Merge "Implements: Heat template for integrating Cavium SmartNIC LiquidIO" 2017-12-15 10:52:02 +00:00
Zuul
236ed65ab1 Merge "Add a tag to all the role specific parameters" 2017-12-15 06:12:01 +00:00
Zuul
0d77ce6615 Merge "Revert "Add upgrade task to run gnocchi upgrade"" 2017-12-14 03:22:21 +00:00
Zuul
5c4a5d2adb Merge "Set restrictive file permissions on Ceph keyrings for non-containerized deployment" 2017-12-13 19:27:58 +00:00
Mehdi Abaakouk (sileht)
11e2cf07c5 Revert "Add upgrade task to run gnocchi upgrade"
This reverts commit 60925faefc58d76adf3914f96c636ca2a5b8c783.

The issue still occurs with this.

Also gnocchi-upgrade should have already run in step4: a327583643/manifests/profile/base/gnocchi/api.pp (L92)

Change-Id: I8ce02ab1425e891b6608363250910bf1f57914fc
2017-12-13 14:53:39 +00:00
Giulio Fidente
1971e7b049 Passes NodeDataLookup to ceph-ansible workflow
Per-node customizations were only dumped as hieradata, so the
ceph-ansible workflow could not consume them.
This change passes the structure to the mistral workflow so that it
can consume the data and populate the inventory accordingly.

Change-Id: Ie7a9f10f0c821b8c642494a4d3933b2901f39d40
Depends-On: Ia23825aea938f6f9bcf536e35cad562a1b96c93b
Closes-Bug: #1736707
2017-12-13 14:38:02 +01:00
Janki Chhatbar
e8ab069d1c Cleanup dead code
Remove parameter to configure ODL DHCP services as it is recommended
to not use it and is disabled from ODL side.

Change-Id: I695b558a9a68dde92557d86967906172815623a5
2017-12-13 17:08:06 +05:30
Zuul
3b626beca3 Merge "Add glance config for barbican" 2017-12-13 06:58:30 +00:00
Brent Eagles
bb9e7a4382 Disable SSH key access to amphora
We are not configuring SSH access for amphora yet so we disable it.

Depends-On: Ic6cf523809e390df0263e26d5879c06986688cfa
Change-Id: I7ec1ef980026f498a6b7adb5267ce5b7fe6cc8d1
2017-12-12 16:01:53 -03:30
Brent Eagles
7ab4bd40f8 Add auth_type to service_auth configuration
This patch sets the auth_type to 'password' as is required by Octavia.
It also changes the auth_url endpoint to contain the suffix.

Depends-On: I712db2e7310ba32cb68a7266c6b563ab3f4ab8cf
Change-Id: I19b3d457301aa28efeff26d5513c89cbbb24d521
2017-12-12 15:41:43 -03:30
hanish gogada
b97fa08eb5 Implements: Heat template for integrating Cavium SmartNIC LiquidIO
Contains Tripleo Heat templates to deploy Liquidio Compute nodes.
Creates a New role ComputeLiquidio, which contains Cavium SmartNIC.

Depends-On: Idfd094d344d7419557139dbcee98e42307eb465b
Change-Id: I777ae696e54da70d6bb8311d372742435638a172
2017-12-12 15:42:52 +05:30
Zuul
efc96a7b05 Merge "Add Instance HA support" 2017-12-11 23:21:31 +00:00
Ade Lee
1e3792470f Add glance config for barbican
Configure glance to use barbican as a key manager
when barbican is enabled for image signing.

Change-Id: I2cad0b81eeab07785dfd4bb66e582d359504b0aa
2017-12-11 10:17:00 -05:00
Michele Baldessari
c56cdc8dda Add Instance HA support
This adds support for an Instance HA deployment option which evacuates
VMs after a compute node failure. To enable this feature just add
-e environments/compute-instanceha.yaml and make sure the compute nodes
have the OS::TripleO::Services::ComputeInstanceHA and the
OS::TripleO::Services::PacemakerRemote services added to it.

Testing has been done as follows:
1) Deploy an overcloud with Instance HA
2) Create a VM on the overcloud
3) Crash a compute node
4) Observe that the nova evacuate resource agent initiates the nova
   evacuation:
Nov 29 10:39:49 localhost NovaEvacuate(nova-evacuate)[32253]: NOTICE: Initiating evacuation of overcloud-novacompute-0.localdomain with fence_evacuate
Nov 29 10:39:57 localhost NovaEvacuate(nova-evacuate)[32253]: NOTICE: Completed evacuation of overcloud-novacompute-0.localdomain
5) Observe the VM having been started on the functional compute node

A documentation patch will follow explaining the whole mechanism more
in detail.

blueprint instance-ha

Depends-On: I4d1908242e9513a225d2b1da06ed4ee769ee10f7
Change-Id: If6c7d6c56eca96bd64ac5936036d119bd9ec6226
2017-12-10 09:08:01 +01:00
Dan Prince
07bc933d0d Add DockerDebug
Implement a mechanism to enable docker service debug logging.
If DockerDebug is unset defaults to the normal Debug parameter
setting.

Change-Id: I4f4627c7d8e90121c1262b2518b02989f5aaed18
2017-12-09 08:14:36 -05:00