322 Commits

Author SHA1 Message Date
Martin Mágr
b76d7623ac QDR for metrics collection purposes
This patch adds composable new service (QDR) for containerized deployments.
Metrics QDR will run on each overcloud node in 'edge' mode. This basically
means that there is a possibility that there will be two QDRs running
on controllers in case that oslo messaging is deployed. This is a reason why
we need separate composable service for this use case.

Depends-On: If9e3658d304c3071f53ecb1c42796d2603875fcd
Depends-On: I68f39b6bda02ba3920f2ab1cf2df0bd54ad7453f
Depends-On: I73f988d05840eca44949f13f248f86d094a57c46
Change-Id: I1353020f874b348afd98e7ed3832033f85a5267f
2018-07-31 21:55:45 +00:00
Zuul
3e875145cd Merge "DnsServers using get_attr" 2018-07-25 00:53:28 +00:00
Zuul
7ce066eba3 Merge "EC2MetadatIp using get_attr" 2018-07-25 00:36:06 +00:00
Zuul
ad5d4d1db1 Merge "ControlPlaneDefaultRoute using get_attr" 2018-07-24 01:34:22 +00:00
Zuul
dfc09b6ff1 Merge "ControlPlaneSubnetCidr using get_attr" 2018-07-24 01:34:20 +00:00
Zuul
fcbf9e375c Merge "Add scenario010 for testing Octavia" 2018-07-20 23:41:45 +00:00
trown
879caaa9fa Add secondary DNS server to disable-unbound environment
The Cloudflare DNS we are using in the disable-unbound CI
environment for OpenShift works fine in CI, but my ISP seems to
block it. This makes reproducing that job locally difficult. I had
success with the secondary DNS from Cloudflare, so this patch just
adds that to the resolv.conf.

If we were going to keep this disable-unbound solution for a long
time it would probably be better to have this be a template and
allow user configuration. However, my understanding is that this
is a temporary solution, so investing in complicated patches to
wire in a configuration option that will go away seems like
wasted effort.

Change-Id: I7b93efcd76b651807dff3c18885b8d291feffd3e
2018-07-20 12:05:37 +00:00
Brent Eagles
ad7d6cf74a Add scenario010 for testing Octavia
This patch adds the scenario010, initially for testing Octavia.

Change-Id: I125c75e0a3389bfe8bf600fba5aa9c345ddcdeaa
2018-07-20 10:52:52 +02:00
Giulio Fidente
d348ebc34e Lower Ceph PGs count in scenario004
Each OSD can only host maximum 200 PGs, in scenario004 we create 9
pools to enable MDS/Manila and RGW so we need to lower the PGs
count further, compared to scenario001.

Also lowers the values in low-memory-usage.yaml environment file.

Change-Id: If95a0e3fe5aeef61f9712d8006e0f49c11a0c90f
Closes-Bug: 1781910
2018-07-16 16:14:41 +00:00
Harald Jensås
52ec1a018b DnsServers using get_attr
Nameservers are configured on the ctlplane subnets by the
undercloud installer, the nameservers are used early during
the deployment, prior to running os-net-config.

Remove the default DnsServer's in THT, replacing it with
an empty list and use get_attr to get the values for
DnsServers for the overcloud from the ctlplane subnet(s).

A conditinal is used in  puppet/role.role.j2.yaml so that
the parameter value is used whenever it is not [] (default)
to provide backwards compatibilityi and in case the user
want to use different DnsServers for the overcloud and
undercloud.

Partial: blueprint tripleo-routed-networks-templates
Change-Id: I5f33e06ca3f4b13cc355e02156edd9d8a1f773cd
2018-07-14 09:19:12 +02:00
Harald Jensås
19381ecffb EC2MetadatIp using get_attr
The route to metadata service is set up in host_routes
of ctlplane subnets by extraconf post deploy::
  extraconfig/post_deploy/undercloud_ctlplane_network.py

Use get_attr on the server resource to resolve attribute
value from the subnet(s) and pass it to the parameter
'EC2MetadatIp' used in the THT/network/config/* templates.

Changes the default for 'EC2MetadatIp' to ''.
Removes the comment that the value should be overriden in
parameters_defaults. It also removes the parameter from
network-environment templates.

A conditinal is used in  puppet/role.role.j2.yaml so that
the parameter value is used whenever it is not '' (the
default) to provide backwards compatibility in case the
user set a different value for this parameter in
network-environment.yaml.

When deploying a routed control plane the network config
templates would previously need to be updated to carry
'EC2MetadatIpLeafX' parameters for each leaf.  By getting
the value to pass from the server resource this change
reduces the required nic-config template customisation.
(Reduces the risk of user error.)

Partial: blueprint tripleo-routed-networks-templates
Change-Id: I9c019ec840a44ca8c5f98be55daea365bc6554ec
2018-07-14 09:18:58 +02:00
Harald Jensås
c649cf0545 ControlPlaneDefaultRoute using get_attr
Use get_attr on the server resource to resolve attribute
value from the subnet(s) and pass it to the parameter
'ControlPlaneDefaultRoute' used in the THT/network/config/*
templates.

Changes the default for 'ControlPlaneDefaultRoute' to ''
as well as the comment that the value should be overriden
in parameters_defaults. It also removes the parameter from
network-environment templates.

A conditinal is used in  puppet/role.role.j2.yaml so that
the parameter value is used whenever it is not '' (the
default) to provide backwards compatibility in case the
user set a different value (different from the one used in
undercloud.conf) for this parameter in
network-environment.yaml.

When deploying a routed control plane the network config
templates would previously need to be updated to carry
'ControlPlaneXDefaultRoute' parameters for each leaf. With
8 Leafs in addition to the network local to the undercloud
that is 8 parameters less to place in the configuration.
By getting the value to pass from the server resource this
change reduces the required nic-config template
customisation (reduces the risk of user error).

Partial: blueprint tripleo-routed-networks-templates
Change-Id: I5139249d55e9ac01761c270b8c0f31ef35595940
2018-07-14 09:11:39 +02:00
Harald Jensås
6ab86a3ebe ControlPlaneSubnetCidr using get_attr
Use get_attr on the server resource to resolve attribute
value from the subnet(s) and pass it to the parameter
'ControlPlaneSubnetCidr' used in the THT/network/config/*
templates.

As the value is now resolved from resource attributes,
this changes the default for 'ControlPlaneSubnetCidr' to ''
as well as the comment that these value should be overriden
in parameters_defaults. It also removes the parameter from
network-environment templates.

A conditinal is used in  puppet/role.role.j2.yaml so that
the parameter value is used whenever it is not '' (the
default) to provide backwards compatibility in case the user
set a different value (different from the one used in
undercloud.conf) for this parameter in
network-environment.yaml.

When deploying a routed control plane the network config
templates would previously need to be updated to carry
'ControlPlaneXSubnetCidr' parameter (in case the subnet
mask is not the same for all the routed network leafs).
With 8 Leafs in addition to the network local to the
undercloud that is 8 parameters less to place in the
configuration. By getting the value to pass from the
server resource this change reduces the required nic-config
template customisation (reduces the risk of user error).

Partial: blueprint tripleo-routed-networks-templates
Change-Id: I92ee0f9a2107cdf1ca5903d3756a235a79c36c73
2018-07-14 09:11:28 +02:00
Zuul
6118dec096 Merge "HA support for OpenShift" 2018-07-12 04:25:29 +00:00
Martin Mágr
c5b2d08c40 Disable sensu-client in CI
After CI scenario deployment is finished the container ends in unhealthy
state because sensu-client is not successfully connected to RabbitMQ.
We will need to implement default connection to overcloud RabbitMQ instance
for the service to have this service deployed in CI job.

Change-Id: I1aec0c71a945c06a6d914638b45cae074288a90d
Closes-Bug: #1781108
2018-07-11 16:33:21 +02:00
Flavio Percoco
99b8119d98 HA support for OpenShift
The OSA assisted HA deployment is not recommended for production
environments, besides it being limited. Therefore, we're relying on our
deployment of HAproxy + Keepalived to provide HA on top of OpenShift in
addition to adding more OpenShift nodes.

Depends-On: Ib573758b515264d1dda90cc9de61f4fa6659dc7d

Change-Id: I7ab677e4803e9df5f6641204cb0b6ccc5b1eb79f
2018-07-11 07:41:51 +02:00
Zuul
9b35006156 Merge "Update scenario003 to deploy separate messaging backends" 2018-07-05 07:06:59 +00:00
Martin André
4e30f51470 Update for openshift 3.9
This commit updates the openshift templates to deploy openshift 3.9
instead of 3.7.

Update the default playbook path to the one expected by
openshift-ansible 3.9.

Update the default openshift-ansible variables and move them in the
template where they belong. They can be overridden individually via the
OpenShiftGlobalVariables heat parameter.

Disable unbound on the openshift nodes in CI as it is listening on port
53 and is preventing openshift to start its own DNS service.

Co-Authored-By: Flavio Percoco <flavio@redhat.com>
Depends-On: I6f123cd71a23fb15aaa2005f7397fc98fdaf187a
Depends-On: I27ad9d168af575da8c4f5094152c94e2fa03987c
Change-Id: Ifc3d25fa590cfba1fa64ed0266c76c9342a7aa4f
2018-07-03 14:13:42 +02:00
Andrew Smith
139b552152 Update scenario003 to deploy separate messaging backends
This patch:
* Sets up amqp1/qdrouterd for RPC and rabbit/rabbitmq for Notify

Change-Id: Iabb447699910876d7c33a03efd2f35fc22618a0d
2018-06-25 11:48:33 -04:00
Derek Higgins
683de3683b Add scenario011 to install ironic in the overcloud
Depends-On: Ib3f183980ce3e383c0e6319ee373bd8438e8e6b8
Change-Id: Ice806c363950c7868f464c856c0594e5fc41b554
2018-06-25 12:09:38 +00:00
Zuul
b7dcbd8da7 Merge "Set Ceph pools rule_name to replicated_rule" 2018-06-15 12:03:25 +00:00
Zuul
d0f4e4879e Merge "Map OpenShift resources to services" 2018-06-15 11:36:19 +00:00
Zuul
c9d2ba055b Merge "Match Net:SoftwareConfig resource in scenario000 to other scenarios" 2018-06-12 11:54:41 +00:00
Giulio Fidente
dcf558628f Set Ceph pools rule_name to replicated_rule
By setting the value of rule_name explicitly, we prevent backward
incompatibility issues because the default which ceph-ansible uses
might fit a particular version of Ceph, not all.

Change-Id: I275c1ca53ea79eea607cbbb58aa21cae6d6be80b
Closes-Bug: 1776252
2018-06-11 18:57:02 +02:00
Martin André
b95d1c18d8 Map OpenShift resources to services
Also remove OS::Heat::None mappings for resources that are not part of
the deployed roles.

Depends-On: I85c4390519ace0149895285225f5a4ece453f1f8

Change-Id: I55e8b25a4fb0b4839be5d741acdceec5dad903ad
2018-06-11 11:31:12 +02:00
John Trowbridge
fd5339ac72 Match Net:SoftwareConfig resource in scenario000 to other scenarios
Change-Id: I070f9e95d1dc0c617da82ddaf1ba854be7624117
2018-06-07 23:25:53 +00:00
Martin André
b9caa67a62 Add docker service to OpenShift CI roles
This ensures the docker service on the openshift nodes is able to pull
from a local registry if configured this way.

Change-Id: Ifd48b2e6500b10d108985a4a9f1d73493d404134
Depends-On: I31494ff8524b90343e6e8c67bd08a354837ecc45
2018-06-07 10:45:26 +02:00
Zuul
d00ada6d2c Merge "Add OPNFV scenario environment" 2018-06-05 18:33:01 +00:00
michaeltchapman
f3f4e2856c Add OPNFV scenario environment
Add an OPNFV scenario environment that uses ODL for overcloud
networking and OVS for virthost networking.

Depends-On: I33602ac5521c4f059c1a0d08e3e828fb64d3c817
Depends-On: Ib7968c46a59f266c20628c36178d2235ad833915
Depends-On: I37405e41ec0f85249cef87c09c966cbe0f9baddf
Change-Id: If1f476bb933106456df3568978b4555dde190621
2018-06-04 10:46:30 -04:00
Zuul
9e8bbc1cb4 Merge "Remove deprecated NeutronExternalNetworkBridge from CI environments" 2018-05-31 14:26:17 +00:00
Zuul
719904b723 Merge "Fix 3node deployment" 2018-05-25 22:03:29 +00:00
Alex Schultz
0ef3058459 Fix 3node deployment
The keystone role needs to be on the same node as the mysql/haproxy node
due to a TLS requirement that the haproxy be on the 'primary' tagged
node. Since the keystone bootstrap stuff only runs on the primary node
as well, they need to be tied together.

Change-Id: Ifa7ed93993082466a2a6ddff56bee58b074be512
Closes-Bug: #1768142
2018-05-24 06:39:23 -06:00
Jiri Stransky
e9e2b4d104 Don't delete br-ex on upgrade in multinode jobs
The hook for os-net-config in multinode NIC config templates contains
a call to `ovs-vsctl del-br br-ex` to remove the bridge we got from
nodepool and initialize network config. We need to avoid executing
that again on upgrade, or the Ansible process running the upgrade gets
stuck.

Change-Id: Ie36342402426d74fd528e320d60adc951bf8c9ac
Closes-Bug: #1772040
2018-05-21 17:03:43 +02:00
Zuul
aed8a5e660 Merge "Deploy Designate in scenario003" 2018-05-16 02:06:12 +00:00
Carlos Camacho
44ef2a3ec1 Change template names to rocky
The new master branch should point now to rocky.

So, HOT templates should specify that they might contain features
for rocky release [1]

Also, this submission updates the yaml validation to use only latest
heat_version alias. There are cases in which we will need to set
the version for specific templates i.e. mixed versions, so there
is added a variable to assign specific templates to specific heat_version
aliases, avoiding the introductions of error by bulk replacing the
the old version in new releases.

[1]: https://docs.openstack.org/heat/latest/template_guide/hot_spec.html#rocky
Change-Id: Ib17526d9cc453516d99d4659ee5fa51a5aa7fb4b
2018-05-09 08:28:42 +02:00
Juan Antonio Osorio Robles
2d73097169 Add necessary tags in Controller role for multinode job
It was missing tags which were necessary for the role to get the
appropriate certificate [1]. So, without these tags, the certificate
wasn't persisted in the node, and the job would fail if TLS would be
enabled. This was discovered as part of the "Public TLS by default"
work.

[1] https://github.com/openstack/tripleo-heat-templates/blob/master/puppet/role.role.j2.yaml#L565

Change-Id: I46ee2ef837da51be4db30a8c059b82cb1a8c3606
2018-05-08 10:45:02 +00:00
Dan Sneddon
6141e35477 Remove deprecated NeutronExternalNetworkBridge from CI environments
This change removes the NeutronExternalNetworkBridge parameter from
the CI environment files, since the default value is now the same
as the value in the environment files, and it will be removed
entirely as it is deprecated.

Change-Id: Ia1b879f33fcd8d6eae149feb4dc1d362aa341cce
2018-04-30 17:23:33 -07:00
Zuul
822bd996b3 Merge "Support separate oslo.messaging services for RPC and Notification" 2018-04-25 04:43:46 +00:00
Ben Nemec
c590ef73f2 Deploy Designate in scenario003
bp designate-support

Change-Id: I5a2045022edb4983267271c6a81b8a73bcc8dee6
Depends-On: https://review.openstack.org/#/c/564049/
2018-04-24 19:03:23 +00:00
Andrew Smith
78bc457585 Support separate oslo.messaging services for RPC and Notification
This commit introduces oslo.messaging services in place of a single
rabbitmq server. This will enable the separation of rpc and
notifications for the continued use of a single backend (e.g.
rabbitmq server) or a dual backend for the messaging communications.

This patch:
* add oslo_messaging_rpc and oslo_messaging_notify services
* add puppet services for rpc and notification
  (rabbitmq and qdrouterd servers)
* add docker services to deploy rpc (rabbitmq or qdrouterd)
  and notify (rabbitmq or shared)
* retains rabbit parameters for core services
* update resource registries, service_net_map, roles, etc.
* update ci environment container scenarios
* add environment generator for messaging
* add release note

Depends-On: Ic2c1a58526febefc1703da5fec12ff68dcc0efa0
Depends-On: I154e2fe6f66b296b9b643627d57696e5178e1815
Depends-On: I03e99d35ed043cf11bea9b7462058bd80f4d99da
Needed-By: Ie181a92731e254b7f613ad25fee6cc37e985c315
Change-Id: I934561612d26befd88a9053262836b47bdf4efb0
2018-04-22 04:33:44 +00:00
Zuul
4948725c3d Merge "Add CACerts service to scenario003" 2018-04-19 23:55:06 +00:00
Juan Antonio Osorio Robles
fd75f65a6f Add CACerts service to scenario003
It was missed from https://review.openstack.org/#/c/560430/

Change-Id: Ic00b1219c74f223f554da9c2348bf08b74b63926
2018-04-18 15:57:43 +03:00
Giulio Fidente
cbecc1ee86 Rely on client defaults for the Ceph container image to use in CI
Removes hardcoded references to the Ceph container image to use
in CI to rely (and test) the tripleoclient default.

Change-Id: I7f028e31eb5e993aa6af9b7f2c19f64ed45224dd
2018-04-18 12:15:33 +02:00
Juan Antonio Osorio Robles
00c9ec85c9 Add CACerts service to all scenario environment files
This service is needed to install CA certificates for the overcloud. We
need it because the plan is to enable public TLS by default. And without
this it won't work.

Change-Id: I168e6a543f7143900fdb855ec29d8532fb9736ae
2018-04-11 16:49:51 +03:00
e534a7a213 Correctly set NeutronMl2PluginBase for OVN scenario
OVN configuration was not done when deployed with
scenario007 as default for NeutronMl2PluginBase was
used which is neutron-plugin-ml2.yaml. This patch
fixes this to use neutron-plugin-ml2-ovn.yaml which
correctly configures neutron for ovn metadata.

Change-Id: I7cadd0567951b85c1ba69d4b4843ee29b67e7a11
Closes-Bug: #1757134
2018-03-26 11:30:18 +05:30
Zuul
87bddc6608 Merge "Consume ceph-container project's new style of tags" 2018-03-24 01:31:12 +00:00
Zuul
45d6ce722e Merge "Fix network-isolation.yaml relative paths for ci" 2018-03-19 23:17:10 +00:00
John Fulton
09ff488f0d Consume ceph-container project's new style of tags
The ceph-container project is moving to a new style of tags for
Ceph. Update scenario001/004 to pull Ceph container images using
the new tags.

Change-Id: I2a6a7c5fb5148e951f85850c09be7cbb59fce0f8
2018-03-16 13:57:27 -04:00
Wes Hayutin
8dadaa165e A keystone only controller deployment
A very basic deployment to be used with free-ipa, and upgrade ci.
There may be other valuable uses for this deployment as well.

Tested-With: https://review.openstack.org/#/c/540114/

Co-Authored-By: Jiri Stransky <jistr@redhat.com>
Change-Id: I433297dcd597e49a2ffccc2e61118bbba69f883c
2018-03-11 12:56:51 +00:00
James Slagle
b6bfa5b7cb Fix network-isolation.yaml relative paths for ci
These relative paths were incorrect given where these environment files
live in the templates directory tree.

These environment files aren't actually used by ci as their equivalent
network-isolation-absolute.yaml versions are preferred. However, if we
fix these paths we could consider switching ci over to use these as it's
arguable more preferrable instead of the hardcoded packaged path.

Change-Id: Ib0e4779c4883776e25bf7eb5aee60a91ce28a73d
2018-03-06 10:45:25 -05:00