61 Commits

Author SHA1 Message Date
Ricardo Noriega
b67ad0695e Add BGPVPN composable service
This project aims at supporting inter-connection between L3VPNs
 and Neutron resources, i.e. Networks, Routers and Ports.

Partially-Implements: blueprint bgpvpn-service-integration

Depends-On:I7c1686693a29cc1985f009bd7a3c268c0e211876
Change-Id: I576c9ac2b443dbb6886824b3da457dcc4f87b442
Signed-off-by: Ricardo Noriega <rnoriega@redhat.com>
2017-03-10 11:35:48 +01:00
Steven Hardy
fb748ba307 Enable composable upgrades for docker service templates
This aligns the docker based services with the new composable upgrades
architecture we landed for ocata, and does a first-pass adding upgrade_tasks
for the services (these may change, atm we only disable the service on
the host).

To run the upgrade workflow you basically do two steps:

openstack overcloud deploy --templates \
  -e environments/major-upgrade-composable-steps-docker.yaml

This will run the ansible upgrade steps we define via upgrade_tasks
then run the normal docker PostDeploySteps to bring up the containers.

For the puppet workflow there's then an operator driven step where
compute nodes (and potentially storage nodes) are upgrades in batches
and finally you do:

openstack overcloud deploy --templates \
  -e environments/major-upgrade-converge-docker.yaml

In the puppet case this re-applies puppet to unpin the nova RPC API
so I guess it'll restart the nova containers this affects but otherwise
will be a no-op (we also disable the ansible steps at this point.

Depends-On: I9057d47eea15c8ba92ca34717b6b5965d4425ab1
Change-Id: Ia50169819cb959025866348b11337728f8ed5c9e
2017-03-06 15:53:46 +00:00
Juan Antonio Osorio Robles
9a4b972737 Configure SSL connection for MySQL client via client config file
This uses the mysql client configuration file to configure if SSL should
be used for the connection if SSL in the internal network is enabled.

Change-Id: Ifd1a06e0749a05a65f6314255843f572d2209067
2017-02-28 07:48:52 +02:00
Feng Pan
0ea941a615 Add VPP composable service
Vector Packet Processing (VPP) is a high performance packet processing
stack that runs in user space in Linux. VPP is used as an alternative to
kernel networking stack for accelerated network data path. This patch
adds VPP as a composable service. Note that NIC binding related configs
for VPP are handled in os-net-config.

Depends-on: I70a68a204a8b9d533fc2fa4fc33c39c3b1c366bf

Change-Id: I5e4b1903dc87cb16259eeb05db585678acadbc6b
Implements: blueprint fdio-integration-tripleo
2017-02-26 16:43:26 -05:00
marios
f3772c6b0a Re-add the disable_upgrade_deployment note in roles_data.yaml
This was accidentally removed in
If581f301a5493ef33ac1386bdc22f9fca4f2544e looks like

Change-Id: I0e2c4fe664daca5c50921673db067701195c501f
2017-02-22 13:00:43 +02:00
Michele Baldessari
90431683b5 Make the DB URIs host-independent for all services
When fixing LP#1643487 we added ?bind_address to all DB URIs.
Since this clashes with Cellsv2 due to the URIs becoming host
dependent, we need a new approach to pass bind_address to pymysql
that leaves the DB URIs host-independent.

In change Iff8bd2d9ee85f7bb1445aa2e1b3cfbff1f397b18 we first create a
/etc/my.cnf.d/tripleo.cnf file with a [tripleo] section with the correct
bind-address option.

In this change we make sure that the DB URIs will point to the added
file and to the specific section containing the necessary bind-address
option. We do introduce a new MySQLClient profile which will hold all
this more client-specific configuration so that this change can fit
better in the composable roles work. Also, in the future it might
contain the necessary configuration for SSL for example.

Note that in case the /etc/my.cnf.d/tripleo.cnf file does not exist
(because it is created via the mysqlclient profile), things keep on
working as usual and the bind-address option simply won't be set, which
has no impact on hosts where there are no VIPs.

Co-Authored-By: Damien Ciabrini <dciabrin@redhat.com>

Change-Id: Ieac33efe38f32e949fd89545eb1cd8e0fe114a12
Related-Bug: #1643487
Closes-Bug: #1663181
Closes-Bug: #1664524
Depends-On: Iff8bd2d9ee85f7bb1445aa2e1b3cfbff1f397b18
2017-02-17 17:22:42 +01:00
Jenkins
e6a88afa04 Merge "adding Congress Support" 2017-02-12 23:29:42 +00:00
Dan Radez
f666228678 adding Congress Support
Depends-On: Ic74ccd5fa7b3b04ca810416e5160463252f17474

Implements: blueprint congress-service-integration

Change-Id: Ie60540c340c0eb71ff376aba65507a8bb3e909b6
Signed-off-by: Dan Radez <dradez@redhat.com>
2017-02-10 09:59:38 -05:00
marios
ed220aecf5 Delivers upgrade scripts where upgrade steps are disabled
This delivers a /root/tripleo_upgrade_node.sh to those nodes
that have the disable_upgrade_deployment flag set to true.
They will later be upgraded manually by the operator who will
invoke the script delivered here using upgrade-non-controller.sh

We can also deliver any service specific upgrade configuration,
such as configuring nova-compute to use the placement API as this
is required in order for placement to be configured and installed
during the subsequent upgrade steps for controller services.

This removes the compute and swift specific upgrade scripts as
they are now merged into the common
tripleo_upgrade_node.sh - removing any hard coded
reference to a particular role name (compute/objectstorage) and
only relying on the disable_upgrade_deployment is roles_data.yaml

Change-Id: I4531a4038b78087ef4a1a62c35f1328822427817
Co-Authored-By: Mathieu Bultel <mbultel@redhat.com>
2017-02-10 10:26:43 +00:00
Dan Radez
b49b443ea7 Adding Tacker Support
Depends-On: Ide0e60f3b7a3733788af4337c1c39b4a956c876f
Depends-On: I3d6bbc05644e840395f87333ec80e3b844f69903
Depends-On: Idf6abcb7fe766546cb362ad4afe54f4bccd9c994

Implements: blueprint tacker-service-integration

Change-Id: Ibddc81561f6e6ba671bd01a9251c57d3ad67ba8c
Signed-off-by: Dan Radez <dradez@redhat.com>
2017-02-09 20:23:36 +00:00
Jenkins
76b53b3e2c Merge "implement a collectd composable service" 2017-02-08 06:58:48 +00:00
Lars Kellogg-Stedman
490c19bb38 implement a collectd composable service
The collectd composable service permits an operator to configure
collectd metrics collection as part of the overcloud install.

Depends-on: I03cfbd96778a76125d18e2ca2f48d96e292608de
Change-Id: I143565329f5128f15cc39c9b62a6b242666383ab
2017-02-07 11:54:14 +00:00
Brent Eagles
07876f2d90 Add registry and role service list entries for Octavia
This patch adds the Octavia services to the registry and controller role
(disabled by default). Also included is an example environment file for
enabling the services and required configuration. The API service
profile is also amended configure the load balancer service provider in
neutron to point to the octavia load balancer driver.

Change-Id: I7f3bba950f5b1574ba842a39e93a8ac2b1ccf7bb
Partially-implements: blueprint octavia-service-integration
2017-02-03 12:59:13 -03:30
Steven Hardy
afdc138987 Add AuditD composable service
This patch allows the management of the AuditD service and its associated
files (such as `audit.rules`)

This is achieved by means of the `puppet-auditd` puppet module.

Also places ssh banner capabilities map on top of patch

Change-Id: Ib8bb52dde88304cb58b051bced9779c97a314d0d
Depends-On: Ie31c063b674075e35e1bfa28d1fc07f3f897407b
2017-01-27 13:23:18 +00:00
Jenkins
ef741fab9b Merge "Adds SSH Banner text into sshd_config" 2017-01-27 12:29:12 +00:00
Jenkins
47b30fdff5 Merge "Add Ceph RBD mirror Pacemaker profile" 2017-01-26 18:37:56 +00:00
Giulio Fidente
bdfc7c6f01 Add Ceph RBD mirror Pacemaker profile
This change adds a profile to deploy the Ceph RBD mirroring daemon
as a Pacemaker resource.

Change-Id: Ib07e5bca6a45f0c6c59a3acf07f4e3ae9d2f8948
Depends-On: Ic63dc5cffece38942d305f538f71dd58a5d50789
Closes-Bug: #1652177
2017-01-26 12:24:56 +00:00
Luke Hinds
73f58792f9 Adds SSH Banner text into sshd_config
Allow use of ooo template to populate banner text into /etc/issue

Change-Id: If5b2da9415f10652a0a64503b2da4b63d1018640
Depends-On: Ie9f8afdfa9930428f06c9669fedb460dc1064d5e
Closes-Bug: #1640306
2017-01-26 11:04:01 +00:00
Steven Hardy
1cdc514871 Add support for batched upgrades to composable upgrades
Some services (e.g ceph mon) require upgrading in batches (the old
upgrade architecture did the ceph mon upgrade one controller at a
time).  This interface enables doing the same, and over time we
can probably move more services into this interface (e.g when
services support rolling upgrades) to reduce downtime.

Change-Id: If581f301a5493ef33ac1386bdc22f9fca4f2544e
Partially-Implements: blueprint overcloud-upgrades-per-service
2017-01-25 21:03:01 +00:00
Jenkins
8ab1918f02 Merge "Add ec2-api service" 2017-01-25 20:49:56 +00:00
Jenkins
76c35757c9 Merge "Add disable_upgrade_deployment flag to roles_data.yaml" 2017-01-24 20:44:49 +00:00
Sven Anderson
e02c3c2962 Add ec2-api service
This change adds the ec2api service using the
tripleo::profile::base::nova::ec2api profile.

The deprecated nova-cert service is not supported, and therefore the
RegisterImage action is not supported either.

Change-Id: I2510fd4ed935d8423216fff9ce3adf2d69c9c804
Depends-On: If4b091e1ca02f43aa9c65392baf8ceea007b7cfb
2017-01-24 16:34:00 +00:00
Jenkins
0311972532 Merge "Add THT for fossw ML2 plugin in networking-fujitsu" 2017-01-23 19:27:55 +00:00
marios
67f94130d3 Add disable_upgrade_deployment flag to roles_data.yaml
As part of the composable upgrades current plan is to disable
the composable upgrades steps running on a particular role
(e.g. all compute nodes) in favor of a later operator driven
upgrades process as has previously been the case

This adds the disable_upgrade_deployment flag to roles_data as
a first step. Thanks to shardy for his help with this.

Change-Id: Ice845742a043b34917e61f662885786c73e955fd
2017-01-20 11:19:28 +00:00
Koki Sanagi
e56b191779 Add THT for fossw ML2 plugin in networking-fujitsu
Introduce THT for fossw ML2 plugin in networking-fujitsu.
networking-fujitsu is a neutron ML2 plugin which enables several
FUJITSU switch products in OpenStack environment. This templates
deploy overcloud with FOS switch.

Change-Id: I977dbecbf9f6f9725f7fb5ca4745b537a73975ff
Implements: blueprint integration-fossw-networking-fujitsu
Depends-On: I044c5812bbc5cd3de4bc33556cffbe5bad8e64cf
Depends-On: I79df6b6a27d95f0c0e2c87207ab80235a4efccfc
2017-01-19 12:55:47 -05:00
Feng Pan
52573dace5 Adds etcd composable service
etcd is used by networking-vpp ML2 driver as the messaging mechanism. This
patch adds etcd service which can be used by other services.

Implements: blueprint fdio-integration-tripleo

Depends-on: Idaa3e3deddf9be3d278e90b569466c2717e2d517

Change-Id: I8ae1e2c9b0c3d6f448e1da712100938d011289f5
Signed-off-by: Feng Pan <fpan@redhat.com>
2017-01-19 00:00:39 -05:00
Jenkins
97488b8ba3 Merge "Remove Glance Registry service" 2017-01-18 00:05:11 +00:00
Jenkins
d14584261a Merge "Nova Placement API composable service" 2017-01-17 23:42:54 +00:00
Emilien Macchi
26ae162564 Nova Placement API composable service
Add support to deploy Nova Placement API service in TripleO.

Change-Id: Ie41ebc362a0695c8f55419e231100c63007405ed
2017-01-17 16:23:16 +00:00
Emilien Macchi
4ccb27ab81 Remove Glance Registry service
Glance registry is not required for the v2 of the API and there are
plans to deprecate it in the glance community.

Let's remove v1 support since it has been deprecated for a while in
Glance.

Depends-On: I77db1e1789fba0fb8ac014d6d1f8f5a8ae98ae84
Co-Authored: Flavio Percoco <flaper87@gmail.com>
Change-Id: I0cd722e8c5a43fd19336e23a7fada71c257a8e2d
2017-01-16 17:04:19 -05:00
chinthagovardhan
ca8face667 HPELeftHandISCSIDriver support for Cinder
Cinder configuration with HPELeftHandISCSIDriver
for VSA storage

Change-Id: Iaefbf38522069f6c636130e357f19a7fb7d54fe4
2017-01-13 16:48:59 +00:00
Jenkins
a99c5410c3 Merge "Add THT for networking-fujitsu" 2017-01-13 16:14:07 +00:00
Jenkins
94a5b6ba38 Merge "Remove unused pacemaker profiles" 2017-01-11 18:56:44 +00:00
Giulio Fidente
42c31dc6a0 Add support for the deployment of Ceph MDS
This change adds a CephMds service, disabled by default, on the
Controller role and an environment file to enable it.

Change-Id: If7cb46319038a80ed52f753a623989885e1b7da4
Depends-On: Iaecc3ff7acb851776c5057c42a5a513a70425d2c
Partial-Bug: #1644784
2017-01-10 17:30:16 +01:00
Koki Sanagi
4183f665f6 Add THT for networking-fujitsu
Introduce THT for networking-fujitsu. networking-fujitsu is a neutron ML2 plugin
which enables FUJITSU C-Fabric switch in OpenStack environment. This templates
deploy overcloud with C-Fabric switch.

Change-Id: Iee75a1a30552d8dc9f55f52d10b0dc2b623992ef
Implements: blueprint integration-networking-fujitsu
Depends-On: I37a502b43eb7d91bfe20625248ed117eae3ca535
Depends-On: I5eb2c2a9c50b5991d62f4b6d74b83351c86b02de
2017-01-10 10:54:02 -05:00
Dan Prince
b1fe2e8d60 Template and role support for the undercloud
Add a new roles data YAML file and environment to help
create the undercloud via t-h-t.

Partially-implements: blueprint heat-undercloud

Change-Id: I36df7fa86c2ff40026d59f02248af529a4a81861
2017-01-06 20:01:14 -05:00
Michele Baldessari
d9986387f5 Remove unused pacemaker profiles
With change I80c8559bb2d915385bcc20ae71fe144ddd6591c1 we removed
all the unused puppet-tripleo pacemaker profiles. With this change
we remove the corresponding puppet profiles from tripleo-heat-templates.

We can also remove any trace of the fake ::Core service as it was
introduced via Iacd94294b8a66bc082bb2b3e8d3364ec1bf053b8
for the fake openstack-core pacemaker resource during the Mitaka cycle
and became unused in Newton.

Change-Id: I48cd2b6a4593d673d5883b45feae088392e7e713
2017-01-06 09:41:18 +01:00
James Slagle
bd985f85a3 Add custom roles data for deployed-server
Adds a custom roles data file for use when using the deployed-server
templates.  The file takes care of setting disable_constraints: True, so
that deployers don't have to do things like create fake images in
glance.

Also adds a comment to roles_data.yaml documenting disable_constraints.

Partially-implements: blueprint split-stack-software-configuration
Change-Id: I7c26c0c2851e0d6bcea42d7af7f4295a1944ec9f
2017-01-04 14:22:07 -05:00
Steven Hardy
d169989598 Split OVN northd and ml2 plugin
This allows us to take advantage of the composable roles hiera
settings to connect the plugin to the northd/ovndb API without
needing to hard-code the IP of the node running the service.

Change-Id: I2508d48f81c1819ae3521fff271c0bdc50724604
Depends-On: I9af7bd837c340c3df016fc7ad4238b2941ba7a95
Closes-Bug: #1634171
2016-12-19 12:30:21 +05:30
Juan Antonio Osorio Robles
41b062a0a7 Add zaqar to the controller's list of services in roles_data.yaml
Change-Id: Iecafa7878fec20c707e94bdaca55f1489f3e338a
2016-12-02 14:14:33 +02:00
Dan Prince
933f1afefd Stop using puppet to configure VIPs in /etc/hosts
This patch drops use of the vip-hosts.yaml service which can
cause issues during deployment because puppet 'hosts' resources
overwrite the data in /etc/hosts. The only reason things seem to work
at all at the moment is because our hosts element in t-i-e runs
on each os-refresh-config iteration and re-adds the dropped hosts
entries.

To work around the issue we add a conditional which selectively
adds the extra hosts entries only if the AddVipsToEtcHosts is set
to true.

Closes-bug: 1645123

Change-Id: Ic6aaeb249a127df83894f32a704219683a6382b2
2016-11-27 13:20:33 -05:00
Jenkins
9c28b0f819 Merge "Add panko api support to service templates" 2016-11-24 06:45:11 +00:00
Pradeep Kilambi
a2e0aa4d1c Add panko api support to service templates
This integrates panko service api into tripleo heat templates.
By default, we will disable this service, an environment service
file is included to enable if needed.

Depends-On: I35f283bdf8dd0ed979c65633724f0464695130a4

Change-Id: I07da3030c6dc69cce7327b54091da15a0c58798e
2016-11-17 13:39:34 -05:00
Steven Hardy
548bf8ada5 Fix inconsistent Manila service naming
The capitalization of OS::Tripleo is wrong compared to all other services
so correct this for avoidance of confusion when folks write custom roles_data
files or pass custom service lists via *Services parameters.

Change-Id: Ib73c80871b45586edb5774e90280ff89fc0d9895
Closes-Bug: 1640871
2016-11-10 17:06:47 +00:00
Jenkins
189f37ff9b Merge "Add SNMP role to the CephStorage nodes" 2016-11-08 15:08:47 +00:00
Giulio Fidente
178b647166 Add SNMP role to the CephStorage nodes
Previously the CephStorage nodes were missing the SNMP role.

Change-Id: I1356a3ff8da51da4d79b28312f9e3821652b6291
2016-10-31 16:42:31 +01:00
Ade Lee
5f2f5422d7 Add Barbican to the overcloud
Co-Authored-By: Juan Antonio Osorio Robles <jaosorior@redhat.com>
Depends-On: If2804b469eb3ee08f3f194c7dd3290d23a245a7a
Depends-On: I091ecfbcb2e38fe77203244ac7a597aedcb558fb
Change-Id: Iacc504fc4fa2d06893917024ce2340d3fb80b626
2016-10-19 06:40:08 +00:00
Tim Rozet
78500bc2e6 Renames OpenDaylight to OpenDaylightApi and splits out OVS configuration
This patch modifies the service name to be more appropriately called
"OpenDaylightApi" along side the "OpenDaylightOvs" service used to
configure OpenVSwitch.  It also splits out the OVS configuration for
controller nodes into the composable OpenDaylightOvs service.

Related-Bug: #1629408

Change-Id: I15221401acdfb2a9ef81107b54a8005348f8372f
Signed-off-by: Tim Rozet <trozet@redhat.com>
2016-10-05 12:06:59 -04:00
Giulio Fidente
7822c9756a Cinder volume service is not managed by Pacemaker on BlockStorage
We do not want cinder-volume to be managed by Pacemaker on
BlockStorage nodes, where Pacemaker is not running at all.

This change adds a new BlockStorageCinderVolume service name
which can (and is, by default) mapped to the non Pacemaker
implementation of the service.

The error was:
Could not find dependency Exec[wait-for-settle] for
Pacemaker::Resource::Systemd[openstack-cinder-volume]

Also moves cinder::host setting into the Pacemaker specific service
definition because we only want to set a shared host= string when
the service is managed by Pacemaker.

Closes-Bug: #1628912
Change-Id: I2f7e82db4fdfd5f161e44d65d17893c3e19a89c9
2016-09-29 17:57:40 +02:00
Jenkins
9df19caa5c Merge "Add integration with Manila CephFS Native driver" 2016-09-27 01:11:53 +00:00