3860 Commits

Author SHA1 Message Date
Zuul
8f5fb5144d Merge "flatten sshd service configuration" 2019-01-08 06:50:55 +00:00
Zuul
e9de300da2 Merge "flatten time service configuration" 2019-01-08 03:37:03 +00:00
Zuul
845bc3e845 Merge "Remove MongoDB" 2019-01-07 18:39:49 +00:00
Zuul
9292982060 Merge "Prevent service bootstrap node facts from colliding with each other" 2019-01-07 10:40:28 +00:00
Zuul
5488e61c35 Merge "Update auth parameters" 2019-01-05 02:47:11 +00:00
Zuul
df10ea7afa Merge "Add template code to configure hsm backends for barbican" 2019-01-05 02:47:09 +00:00
Zuul
0e68a0e30f Merge "L3 routed networks - subnet fixed_ips (3/3)" 2019-01-04 20:38:01 +00:00
Emilien Macchi
be07f991b6 Remove MongoDB
MongoDB support was stopped in Pike, it is not used anywhere now.
Therefore, in Stein are removing it to clean things up.

Change-Id: I4ec8f35b1dd71c25cfb41cc54105ac743ef67745
2019-01-04 15:17:00 +00:00
Zuul
6a81b393c9 Merge "Move [neutron] auth_url to KeystoneV3Internal" 2019-01-04 11:14:51 +00:00
Zuul
2346d52362 Merge "Flatten Zaqar service configuration" 2019-01-03 19:03:17 +00:00
Zuul
98ac59b933 Merge "Introduce container_cli hiera key" 2019-01-03 19:03:14 +00:00
Zuul
08a36109eb Merge "Add missing role_specific tag for NUMA aware vswitches params" 2019-01-03 19:03:12 +00:00
Harald Jensås
2f2d8183e6 L3 routed networks - subnet fixed_ips (3/3)
When using neutron routed networks we need to specify
either the subnet or a ip address in the fixed-ips-request
when creating neutron ports.

a) For the Vip's:

Adds VipSubnetMap and VipSubnetMapDefaults parameters in
service_net_map.yaml. The two maps are merged, so that the
operator can override the subnet where VIP port should be
hosted. For example:

parameter_defaults:
  VipSubnetMap:
    ctlplane: ctlplane-leaf1
    InternalApi: internal_api_leaf1
    Storage: storage_leaf1
    redis: internal_api_leaf1

b) For overcloud node ports:

Enrich 'networks' in roles defenition to include both
network and subnet data. Changes the list to a map
instead of a list of strings. New schema:

- name: <role_name>
  networks:
    <network_name>
      subnet: <subnet_name>

For backward compatibility a conditional is used to check
if the data is a map or not. In either case the internal
list of role networks is created as '_role_networks' in
the jinja2 templates.

When the data is a map, and the map contains the 'subnet'
key the subnet specified in roles_data.yaml is used as
the subnet in the fixed-ips-reqest when ports are created.
If subnet is not set (or role.networks is not a map) the
default will be {{network.name_lower}}_subnet.

Also, since the fixed_ips request passed to Vip ports are no
longer [] by default, the conditinal has been updated to
test for 'ip_address' entries in the request.

Partial: blueprint tripleo-routed-networks-templates
Depends-On: I773a38fd903fe287132151a4d178326a46890969
Change-Id: I77edc82723d00bfece6752b5dd2c79137db93443
2019-01-03 19:07:20 +01:00
Jiri Stransky
54fb81ecd9 Prevent service bootstrap node facts from colliding with each other
Many services currently set an `is_bootstrap_node` fact, meaning they
override each other's results when the fact is being set. As long as
the fact doesn't belong into a particular step but it's executed on
every step, nothing bad happens, as the correct is_bootstrap_node
setting directly precedes any service upgrade tasks. However, we
intend to put the fact setting into step 0 in change
Ib04b051e8f4275e06be0cafa81e2111c9cced9b7 and at that point the name
collision would break upgrades (only one service would "win" in
setting the is_bootstrap_node fact).

This patch changes the is_bootstrap_node facts in upgrade_tasks to use
per-service naming.

Note that fast_forward_upgrade_tasks use their own is_boostrap_node
logic. We've uncovered some weirdness there while looking into the
is_boostrap_node issue, but the fix is not a low hanging fruit and
likely we'll be completely redoing the FFU tasks for Q->T
upgrade. So the FFU tasks are left alone for now.

Change-Id: I9c585d3cb282b7e4eb0bacb3cf6909e04a9a495e
Closes-Bug: #1810408
2019-01-03 17:27:27 +01:00
Zuul
697cefb95e Merge "Add keystone::wsgi::apache::api_port" 2019-01-03 09:55:01 +00:00
Zuul
3619ca4d00 Merge "CiscoNexus: Update and Remove deprecated vars" 2019-01-03 07:47:55 +00:00
Zuul
9f27a86ab0 Merge "Disable deprecated parameter ControllerEnableSwiftStorage" 2019-01-03 05:46:14 +00:00
Zuul
4fe86d2f41 Merge "Fix Octavia hieradata keys" 2019-01-03 05:46:11 +00:00
Zuul
ea7b1134ac Merge "Include cpu plugin in default collect plugins" 2019-01-03 05:43:12 +00:00
Zuul
0f62b10039 Merge "Run collectd socket cleanup on container start" 2019-01-02 20:11:23 +00:00
Zuul
18d77c1704 Merge "Use mtu of Tenant network to control neutron global_physnet_mtu" 2018-12-30 18:03:01 +00:00
Zuul
98f869e340 Merge "Add MTU to neutron networks and nic-config templates" 2018-12-30 16:29:16 +00:00
Tobias Urdin
105ae9db35 Add keystone::wsgi::apache::api_port
This will be the parameter controlling the ports
for the Keystone WSGI vhost in Apache when this [1]
rework is done.

This is to make sure Keystone is still deployed
with both ports in TripleO until it's moved over.

[1] https://review.openstack.org/#/c/619257/

Change-Id: I1c69b27adf450489290a9f8b64f533de1cb28d8b
2018-12-30 01:56:40 +01:00
Zuul
0b5de70375 Merge "flatten snmp service configuration" 2018-12-30 00:34:39 +00:00
Victoria Martinez de la Cruz
cd86676615 Update auth parameters
Some parameters have been deprecated in puppet-manila
Whereas we are picking up deprecated parameters, it's good
that we fix this already here as well.

Change-Id: I29df069bd90eacdd01c9c600cfaebce22fe15731
Depends-On: I745a170ac4458a3f13efc255fc37540a11b54274
Partial-Bug: #1802393
2018-12-26 21:56:16 -03:00
Harald Jensås
bbfce240fc Use mtu of Tenant network to control neutron global_physnet_mtu
Change: I11e38f82eb9040f77412fe8ad200fcc48031e2f8 introduced mtu
property for composable networks. This change set the MTU of the
Tenant network as the global_physnet_mtu for neutron, unless the
NeutronGlobalPhysnetMtu is overridden. The default MTU used if
no MTU is defined for the Tenant network is 1500. (The same
default was previously used for the NeutronGlobalPhysnetMtu
parameter.)

Change-Id: I5e60d52ad571e1cdb3b82cd1d9947e33fa682bf8
2018-12-22 17:06:45 +01:00
Harald Jensås
e644e3dda9 Add MTU to neutron networks and nic-config templates
Neutron has support[1] to set the guaranteed MTU for
networks and network segments so that this is exposed
to plug-ins. In interest of supporting the use of
plug-ins to configure network devices in the future
this change adds MTU property on neutron networks.

The new (optional) property 'mtu' in the network
defenitions in 'network_data.yaml' is used to control
the MTU settings. By default the mtu is '1500'.

We already configure the MTU on the ctlplane neutron
networks, this adds the MTU to composable networks.

Also update the nic-config sample templates to include
mtu settings. A heat value resource is added to
nic-config templates to get the required minimum
viable MTU value for bridges, bonds and member
interfaces to ensure the MTU is large enough to allow
the largest configured MTU to traverse the path.

Closes-Bug: #1790537
Change-Id: I11e38f82eb9040f77412fe8ad200fcc48031e2f8
2018-12-22 17:03:09 +01:00
Ade Lee
17e0087e43 Add template code to configure hsm backends for barbican
Adds support for the Thales and ATOS client software.

Change-Id: I79f8608431fecc58c8bdeba2de4a692a7ee388e9
Co-Authored-By: Douglas Mendizabal <dmendiza@redhat.com>
2018-12-20 12:54:55 -06:00
Zuul
795dfcfdce Merge "Replace confusing usage of update_identifier" 2018-12-20 01:51:14 +00:00
Zuul
d074cff144 Merge "Fix issue with when statement in docker-registry.yaml." 2018-12-19 23:57:33 +00:00
David J Peacock
67e74a676c flatten sshd service configuration
This change realigns the sshd baremetal puppet service yaml config
files into a common hierachy as with the rest of this blueprint.

This change also removes container functionality, since this was a
temporary measure to proxy live-migration connections from
non-containerized to containerized compute nodes during upgrade.

Change-Id: I87e112a0f1973fa3b0e959777e00071c2bbf7c9c
Related-Blueprint: services-yaml-flattening
2018-12-19 13:04:08 -05:00
Zuul
06e6cca300 Merge "flatten tripleo-firewall service configuration" 2018-12-19 05:18:25 +00:00
Zuul
7b42be32ba Merge "flatten tuned service configuration" 2018-12-19 05:18:24 +00:00
David J Peacock
cd331e44be flatten time service configuration
This change combines the previous puppet and docker files into a single
file that performs the docker service installation and configuration.

Change-Id: I6a9123627d754a153ab6cb68a33778a57846aeb7
Related-Blueprint: services-yaml-flattening
2018-12-18 10:41:15 -05:00
Jose Luis Franco Arza
8b72e4dac0 Fix issue with when statement in docker-registry.yaml.
The when statement was duplicated in the docker-registry
service, plus the equals operator was wrong.

Closes-Bug:#1808974
Change-Id: I1650acfd67b87be18ab03385ce35cccdf708f046
2018-12-18 13:56:09 +01:00
Rajesh Tailor
90717bdca6 Add missing role_specific tag for NUMA aware vswitches params
Change I318ba9c262f64c0d416a017ed836ae0729acedb4 expose NUMA
aware vswitches configuration parameter, which are role-specific.

The proposed patch adds role_specific tag for those parameters
which is missed in original patch.

Change-Id: I96fd7dfc5468bf1dbdc665b3d848b40223ee9454
2018-12-18 15:28:17 +05:30
Zuul
15d34de247 Merge "Move podman into deployment directory" 2018-12-18 05:58:50 +00:00
Zuul
9f4e2dc2cf Merge "flatten memcached service configuration" 2018-12-18 02:40:07 +00:00
Zuul
454eff05fe Merge "Flatten Ironic services configuration" 2018-12-18 02:40:05 +00:00
Zuul
dc178ca82c Merge "Fix misnaming of service in firewall rule" 2018-12-17 18:01:55 +00:00
Zuul
be9deb3575 Merge "Flatten Glance service configuration" 2018-12-17 18:01:53 +00:00
Zuul
13c59407b9 Merge "Perform docker reconfiguration on upgrade_tasks." 2018-12-17 18:01:50 +00:00
Zuul
7b3439b506 Merge "Fix horizon's iptables rules for haproxy when split off a separate role" 2018-12-17 13:01:56 +00:00
Emilien Macchi
7fe1730a38 Move podman into deployment directory
This changes moves podman service from puppet to deployment directory.

Change-Id: I31b8299b43158347f4f1f61f1e1fdf38b0a2102f
Related-Blueprint: services-yaml-flattening
2018-12-17 11:37:19 +00:00
Zuul
beb8ae7dd5 Merge "Correct file modes for rpmlint failures" 2018-12-15 19:06:38 +00:00
Zuul
cc4e903951 Merge "Add support for cinder NFS snapshots" 2018-12-15 05:07:25 +00:00
Zuul
f632a652de Merge "Enable support for openidc federation in keystone" 2018-12-15 04:23:11 +00:00
Zuul
e8f5104440 Merge "Flatten Keepalived service configuration" 2018-12-14 21:59:41 +00:00
Jill Rouleau
971d97bf99 Correct file modes for rpmlint failures
Numerous files have incorrect modes set. Correct these so that executables
have 755 and yaml files are 644 to address rpmlint errors.

Change-Id: I8db36209b41a492f6b85e3469994de884bf556e8
2018-12-14 13:21:28 -07:00
David J Peacock
bcc3335424 flatten tripleo-firewall service configuration
This change combines the previous puppet and docker files into a single
file that performs the docker service installation and configuration.

Depends-On: https://review.rdoproject.org/r/#/c/16994/
Change-Id: I9556a07d72fabfbd5f6f35eaf3d7a1bd88ef7470
Related-Blueprint: services-yaml-flattening
2018-12-14 13:16:34 -05:00