The /var/lib/docker-puppet is deprecated and can now be found under
/var/lib/container-puppet. We don't have Docker anymore so we try to avoid
confusion in the directories. The directory still exists but a readme
file points to the right directory.
Change-Id: Ie3d05d18e2471d25c0c4ddaba4feece840b34196
This change combines the previous puppet and docker files into a single
file that performs the docker service installation and configuration.
With this patch the baremetal version of database service Redis
has been removed.
Change-Id: I530ee8196e1d4b81ae4886b234e1a530cf34becf
Related-Blueprint: services-yaml-flattening
Congress doesn't seem to be used anywhere, we never had a bug report or
any sign of somebody out there actually using it.
Let's remove its support in TripleO, to reduce the codebase.
Change-Id: Idca6b12f1c0ca3bc15bedf6469d4063a4dac31fa
This change combines the previous puppet and docker files into a single
file that performs the docker service installation and configuration.
With this patch the baremetal version of database service MySQL Server
has been removed.
Change-Id: I407bd8d8fe9bde53609e4316b12eb0b7151552ca
Related-Blueprint: services-yaml-flattening
Allow Neutron DHCP agent to use broadcast in DHCP replies by
enabling this parameter NeutronDhcpServerBroadcastReply
Change-Id: I09859ea39e7fc348b7ff6626d24eb9d058d642d2
Closes-Bug: 1818035
manila now [1] supports configuring an octal value for the
rwx permissions mode of the cephfs volumes and snapshots
and groups of these that back manila shares, snapshots,
and groups.
Expose this parameter in the backend manifests for manila
with cephfs.
[1] https://review.openstack.org/#/c/614332
Depends-on: https://review.openstack.org/638773
Change-Id: I0e3f841523dc0cc213100296bc352ac88eb1ff74
Adds functionality whether to enable / disable KSM on compute nodes.
Especially in NFV use case one wants to disable the service and as there
is in general little benefit in overcloud nodes, KSM is disabled per
default, but can be enabled using the new NovaComputeEnableKsm role
parameter.
Change-Id: I1b8dba2e2a9ff4f5ad73a4fbc3251b5dc96fd38e
OVN controller/metadata use ovn_dbs_vip hiera key to configure
the central ovn DB. This key is not available on split control
plane or multi cell setup and therefore installation fails.
With this change a new entry gets created in the EndpointMap
named OvnDbInternal. This can then be exported for an overcloud
stack and can be used as an input for the cell stack.
The information from the EndpointMap is used for ovn-metadata
and ovn-controller as the ovn_db_host information in puppet-tripleo
Change-Id: I0d9eb663405d1113ea84e3c12651a3f0dbdfc75d
Closes-Bug: #1817524
Docker is deprecated in Stein and will be removed in Train.
It is being replaced by Podman and Buildah.
blueprint podman-support
Change-Id: Id9ec9cbe9f879c2f437b234742118763d6d0f535
It's not easy to find which services are deprecated, so let's create a
directory: deployment/deprecated and put the services in there.
This patch:
- creates the directory and a README
- moves already deprecated services into that directory
- update all references to these services to point to the right files
Change-Id: Id6c927d9c0db024875032f04228047d029c0696d
With this change we add an ansible variable called
'tripleo_minor_update' set to true only during the update_steps_playbook
which get run during a minor update.
Then inside common/deploy-steps-tasks when starting containers with
paunch we export this 'tripleo_minor_update' ansible variable and
push it inside the 'TRIPLEO_MINOR_UPDATE' environment variable.
Inside change Id1d671506d3ec827bc311b47d9363952e1239ce3 we will then
use the env variable and export it to the restart_bundles in order
to detect if we're inside a minor update workflow (as opposed to
a redeploy - aka stack update). The testing that has been done is
described in the above change.
Co-Authored-By: Damien Ciabrini <dciabrin@redhat.com>
Change-Id: Ib3562adbd83f7162c2aeb450329b7cc4ab200fc2
This reverts commit 2a8719960103d2619e908290d80235e6079c334d.
BootParams takes care of the kernel args configuration and
reboot via ansible. But Enabling of OVS-DPDK (EnableDpdkDeployment)
is still handled as part of the PreNetworkConfig (host_config_and_reboot).
It can be cleaned-up to remove unused bits, but not the entire stack.
Change-Id: Ifeb029ddaeb2bc60f43abdb8bdb02a4c911ace30
host-config-and-reboot interface was deprecated in Queens in favor of:
OS::TripleO::Services::BootParams: extraconfig/pre_network/boot-params-service.yaml
and doesn't work with config-download, which has been the default since
Rocky.
Let's remove these files.
Change-Id: I85a781cecb7224881b827ff442376c706f1c771b
During upgrade we need to provides hiera variable that will override
the cluster member definition.
Change-Id: I4272797a40ee61842fe29b2e177d432c27fb47c3
Implements: blueprint upgrades-with-os
This is used in order to point where podman must push its logs.
Two scripts are using it:
- docker-puppet.py
- paunch (near future - see https://review.openstack.org/#/c/635438/)
This will allow to get the stdout for all containers, even when they
are removed before we can actually run "podman logs container_name".
Related-Bug: #1814897
Change-Id: Idc220047d56ce0eb41ac43903877177c4f7b75c2
Enable the RabbitMQ managment plugin. RabbitMQ managment
will listen on localhost (127.0.0.1) only.
NOTE: This depend on this upstream change:
https://github.com/voxpupuli/puppet-rabbitmq/pull/777
Also to optimize for performance:
- Disables message rates in the management plugin.
- Raises the collect_statistics_interval from 5000ms to
30000ms.
Related-Bug: #1815675
Change-Id: I5e73660e23fef15d1cae4c89d8b45b2456b0a110
We stopped managing this service with the switch containers. This change
starts the removal and deprecated the TripleO management of the service.
Change-Id: Idc35bdfad126f21280444ebffaa5017e73ba8368
This addresses a possible bug when using FreeIPA to do TLS
everywhere.
It is possible that the IPA server is not on the ctlplane.
In this case, when the nodes start up, the registration of the node
with IPA will fail, resulting in failed certificate issuance requests
later on.
We introduce a composable service to run in host_prep_tasks.
This will always run once the networks have been set up. If the
instance has already been enrolled (by cloud-init or in an update),
then the script executed by the service will just exit.
In this iteration, we simply execute the code that the cloud-init
would have done. In later releases, we will execute all the code
performed by novajoin-server here in ansible - and deprecate the
novajoin server.
Change-Id: I31f64c3cbd1d151e3c2a436cc3e2ec5316535087
Co-Authored-By: Juan Antonio Osorio Robles <jaosorior@redhat.com>
Resolves: rhbz#1661635
Closes-Bug: #1815924
This patch switches the default mechanism driver for neutron from
openvswitch to OVN.
It will also flip scenario007 job to run with ML2/OVS.
Depends-On: I74ffb6b7f912e1fce6ce428cd23a7283c91b8b96
Depends-On: I99ba2fd6a85b4895b577719a7541b7cbf1fdb85c
Depends-On: Ib60de9b0df451273d1d81ba049b46b5214e09080
Depends-On: Iaed7304adf40a87a0f14b7a95339f8416140e947
Change-Id: Iab52cdf5d0f7a392c4f17c884493b5c5beb1d89f
Co-Authored-By: Kamil Sambor <ksambor@redhat.com>
Set to false by default for backward compatibility, we can set it to
True and it'll add --debug when running the tripleo container image
prepare command, useful to have more verbosity.
Change-Id: I7d0b4035de748bf2453321d3ab09d09fd45abf8d
manila-api can be deployed in two ways:
- Using the service-provided eventlet based server
- Behind any popular web server as a wsgi process
[1] adds support to the kolla image to install necessary
packages and write configuration files to enable deploying
manila-api with Apache/mod-wsgi/
[2] and [3] add support to puppet-{manila,tripleo} to
honor httpd options like other API services.
So, switch the manila-api docker/service to running
httpd, and add necessary configuration options.
Honor the "EnableInternalTLS" option to allow running
manila-api with TLS.
[1] https://review.openstack.org/#/c/590061/
[2] https://review.openstack.org/#/c/591869/
[3] https://review.openstack.org/#/c/592188/
Depends-On: https://review.openstack.org/#/c/592188/
Change-Id: Ic88a2f08e013a49e3da45a2bfc82c62ba284526a
Adds a new GlobalConfigExtraMapData parameter that can be used to inject
global_config_settings hieradata into the deployment. Any values generated
in the stack will override those passed in by the parameter value.
This will be used for the distributed compute node when deploying with separate
stacks and data from the control plane stack needs to be injected into the
compute stack.
Change-Id: Id3e52e272bae67ee4036c81b3d7640255e0349ae
The NodeDataLookup parameter should be valid JSON and we should
help the user by adding type checking for this early in the
deployment so that the user doesn't experience the related bug.
Change-Id: Id9d2208f1cbaba9234d7657420cd7efcad3507a0
Related-Bug: #1784967
Related-Bug: #1814070
'overcloud update abort' command had been dropped since few
releases. However, users can still use heat commands to cancel
an update which is not recommended.
Undercloud now uses heat convergence architecture and stack check
has not been migrated to convergence yet.
let's add heat policy to disable both on undercloud.
Change-Id: Ib5e2dab1e94810ac02e5d64859d2e84f749f3994
The resulting user home directory is mounted into the mistral-executor
container. A later change in tripleo-common will populate
.ssh/authorized_users with the generated private key so that
mistral-executor can manage the undercloud host via ansible localhost ssh.
Change-Id: I4c8ee04534636622581eb386c01790d6610e7f58
Partial-Bug: #1813832
Depends-On: Id89cc920e165c2103707609fd37639c3032cc8ea
This change combines the previous puppet and docker files into a single
file that performs the docker service installation and configuration.
With this patch the baremetal version of haproxy services has been removed.
Change-Id: Id55ae44a7b1b5f08b40170f7406e14973fa93639
Related-Blueprint: services-yaml-flattening
