105 Commits

Author SHA1 Message Date
Zuul
9604728016 Merge "Fix Redis TLS setup and its HA deployment" 2018-02-13 23:34:49 +00:00
Lars Kellogg-Stedman
b20bce1bf0 logging: use service_config_settings for fluentd
The initial fluentd client implementation predates the introduction of
service_config_settings, and necessitated some invasive changes to
what is now common/serivces.yaml. This commit modifies existing
services to use the service_config_settings based configuration
mechanism supported by more recent versions of the fluentd support in
puppet-tripleo.

Partial-bug: #1715187
Depends-On: I3149902401d68d6fd236073a73a20f982d4b952a
Depends-On: I2b057190ec0e4e75ee4ee47ebe0164c2644e5ab7
Depends-On: Ie7df4b8b94cb0ae38096ab95800f211ef1cd8455
Change-Id: I28028ffa00df2da8e0478a551d3de89c3ee46e1f
2018-02-07 16:37:00 +01:00
Damien Ciabrini
91db2020df Fix Redis TLS setup and its HA deployment
This patch reverts the revert of Redis TLS [1,2], and update the
pacemaker redis template to configure Redis to encrypt the
replication traffic between Redis nodes.

[1] a3769c03175cb36f0066c173477749a26f767566
[2] ebc8414cd0c18426ff80d9d65c964e91a7fe447f

Depends-On: I6cc818973fab25b4cd6f7a0d040aaa05a35c5bb1
Change-Id: I7f7be4bba6d41c04385f074857c82507cc8c2617
Closes-Bug: #1737707
2018-02-05 14:05:12 +00:00
marios
dec003def8 Convert tags to when statements for Q major upgrade workflow
This converts "tags: stepN" to "when: step|int == N" for the direct
execution as an ansible playbook, with a loop variable 'step'.
The tasks all include the explicit cast |int.

This also adds a set_fact task for handling of the package removal
with the UpgradeRemovePackages parameter (no change to the interface)

The yaml-validate also now checks for duplicate 'when:' statements

Q upgrade spec @ Ibde21e6efae3a7d311bee526d63c5692c4e27b28
Related Blueprint: major-upgrade-workflow
[0]: 394a92f761/tripleo_common/utils/config.py (L141)
Change-Id: I6adc5619a28099f4e241351b63377f1e96933810
2018-01-08 13:57:47 +02:00
Michele Baldessari
c56cdc8dda Add Instance HA support
This adds support for an Instance HA deployment option which evacuates
VMs after a compute node failure. To enable this feature just add
-e environments/compute-instanceha.yaml and make sure the compute nodes
have the OS::TripleO::Services::ComputeInstanceHA and the
OS::TripleO::Services::PacemakerRemote services added to it.

Testing has been done as follows:
1) Deploy an overcloud with Instance HA
2) Create a VM on the overcloud
3) Crash a compute node
4) Observe that the nova evacuate resource agent initiates the nova
   evacuation:
Nov 29 10:39:49 localhost NovaEvacuate(nova-evacuate)[32253]: NOTICE: Initiating evacuation of overcloud-novacompute-0.localdomain with fence_evacuate
Nov 29 10:39:57 localhost NovaEvacuate(nova-evacuate)[32253]: NOTICE: Completed evacuation of overcloud-novacompute-0.localdomain
5) Observe the VM having been started on the functional compute node

A documentation patch will follow explaining the whole mechanism more
in detail.

blueprint instance-ha

Depends-On: I4d1908242e9513a225d2b1da06ed4ee769ee10f7
Change-Id: If6c7d6c56eca96bd64ac5936036d119bd9ec6226
2017-12-10 09:08:01 +01:00
Pradeep Kilambi
a3769c0317 Redis replication does not work with TLS
Lets revert the tls support until we know it works.

Revert "TLS proxy for redis"

This reverts commit c2a93cf4c5d9d6b5ee0536380751a7a9540927cc.

Closes-bug: #1735259

Change-Id: I8157ce04617c094978175f3e4b3071bdf76362fe
2017-11-29 17:46:59 -05:00
Carlos Camacho
927495fe3d Change template names to queens
The new master branch should point now to queens instead of pike.

So, HOT templates should specify that they might contain features
for queens release [1]

[1]: https://docs.openstack.org/heat/latest/template_guide/hot_spec.html#queens

Change-Id: I7654d1c59db0c4508a9d7045f452612d22493004
2017-11-23 10:15:32 +01:00
Carlos Camacho
4014ed4e00 Correct template names from ocata to pike.
There are still some HOT templates pointing to ocata and
they should be pointing to pike.

This patch needs to be backported to stable/pike.

Change-Id: I42cc7e6d97e1f9d043d3cf82fc164448558d47bd
2017-10-10 12:45:02 +02:00
marios
2e182bffee Adds post_upgrade_tasks for any service post-upgrade ansible tasks
This adds a new config/deployment per role that will come after any
post deploy steps. It drives the same ansible config as the
upgrade_tasks but instead collects the post_upgrade_tasks for any
service in the given role.

The workflow is upgrade_tasks, then post deploy steps (either
puppet/ or docker/ depending on the env) and then the
post_upgrade_tasks added here.

This is added to the pacemaker/cinder-volume.yaml service for now
see the bug below for more info

Change-Id: Iced34fecf02ebddc91df9302de54d2f4c2cab680
Closes-Bug: 1706951
2017-09-12 18:43:16 +03:00
Jose Luis Franco Arza
0be3317f45 Add yaml validation for upgrade_tasks section.
In every ansible task defined within upgrade_tasks it is
necessary to specify the tag 'tags' which are used during
the ansible execution for the upgrade_tasks serialization.

Adding the 'tags' check per upgrade_tasks step into
the YAML validation will allow us to catch if any
service upgrade task is missing this flag.

Change-Id: I8f56a87cc2e9ffc0d827bbb729f6bc3f6ca7550b
2017-09-06 15:21:01 +02:00
Martin André
c2a93cf4c5 TLS proxy for redis
Redis does not have TLS out of the box. Let's use a proxy container for
TLS termination.

bp tls-via-certmonger

Co-Authored-By: Juan Antonio Osorio Robles <jaosorior@redhat.com>
Change-Id: Ie2ae0d048a71e1b1b4edb10c74bc0395a1a9d5c9
Depends-On: I078567c831ade540cf704f81564e2b7654c85c0b
Depends-On: Ia50933da9e59268b17f56db34d01dcc6b6c38147
2017-08-31 05:28:20 +00:00
Tom Barron
8fa6c6e58c manila: set "host" to "hostgroup"
when running manila-share under control of pacemaker, as
is done for cinder-volume service in the same circumstance.

Change-Id: Ic97f01913bae2a388c962a38fa175eb1d763cdcb
Depends-On: Ie31f2d5ccf458f5fcfe8bec5f2c37f45070cfde2
Closes-Bug: #1712842
2017-08-24 12:27:20 -04:00
Sofer Athlan-Guyot
42d8a1c944 Make cinder-manage db sync run on only one controller during upgrade
We got to ensure that the cinder-manage db sync is run on only one
controller.

Change-Id: I88a6aa4c49d893b95a26795fbfcf163a780fd0bc
Closes-Bug: #1709315
2017-08-08 15:18:42 +02:00
Giulio Fidente
baf6eee501 Adds network/cidr mapping into a new service property
Makes it possible to resolve network subnets within a service
template; the data is transported into a new property ServiceData
wired into every service which hopefully is generic enough to
be extended in the future and transport more data.

Data can be consumed in service templates to set config values
which need to know what is the subnet where a deamon operates (for
example the Ceph Public vs Cluster network).

Change-Id: I28e21c46f1ef609517175f7e7ee19e28d1c0cba2
2017-07-14 13:44:04 +02:00
Juan Antonio Osorio Robles
53407bd8b7 Add node's FQDN to mysql certificate request and CA file
This will add the node's FQDN to the mysql certificate request
besides the VIP's FQDN which we already use. This is needed for
adding TLS to the replication traffic. The CA file was also added
as hieradata, since the path will be needed for the TLS
configuration.

bp tls-via-certmonger

Change-Id: I9252303b92a2805ba83f86a85770db2551a014d3
2017-06-19 12:45:37 +00:00
Numan Siddique
b327ea5d86 Pacemaker HA suport for OVN DB servers
This patch adds the templates required to enable the OVN DB servers
to be started in master/slave mode in the pacemaker cluster.

For the OVN DBs base profile, ::tripleo::haproxy expects the parameter
'ovn_dbs_manage_lb' set to true in order for it to configure OVN DBs
for load balancing (please see this commit [1]). So this patch sets
'ovn_dbs_manage_lb' to true.

[1] - I9dc366002ef5919339961e5deebbf8aa815c73db

Co-authored-by: Babu Shanmugam (babu.shanmugam@gmail.com)
Depends-on: I94d3960e6c5406e3af309cc8c787ac0a6c9b1756
Change-Id: I60c55abfc523973aa926d8a12ec77f198d885916
Closes-bug: #1670564
2017-06-12 15:05:40 +05:30
Alan Bishop
c4e3bbe039 Handle upgrading cinder-volume under pacemaker
Add upgrade tasks for cinder-volume when it's controlled by pacemaker:

o Stop the service before the entire pacemaker cluster is stopped.
  This ensures the service is stopped before infrastructure services
  (e.g. rabbitmq) go away.
o Migrate the cinder DB prior to restarting the service. This covers
  the situation when puppet-cinder (who otherwise would handle the db
  sync) isn't managing the service.
o Start the service after the rest of the pacemaker cluster has been
  started.

Closes-Bug: #1691851
Change-Id: I5874ab862964fadb68320d5c4de39b20f53dc25c
2017-05-26 08:26:49 -04:00
Carlos Camacho
0a0e2ee629 Update the template_version alias for all the templates to pike.
Master is now the development branch for pike
changing the release alias name.

Change-Id: I938e4a983e361aefcaa0bd9a4226c296c5823127
2017-05-19 09:58:07 +02:00
Saravanan KR
a096ddab34 Add role specific information to the service template
When a service is enabled on multiple roles, the parameters for the
service will be global. This change enables an option to provide
role specific parameter to services and other templates.

Two new parameters - RoleName and RoleParameters, are added to the
service template. RoleName provides the role name of on which the
current instance of the service is being applied on. RoleParameters
provides the list of parameters which are configured specific to the
role in the environment file, like below:

  parameters_default:
      # Default value for applied to all roles
      NovaReservedHostMemory: 2048
      ComputeDpdkParameters:
          # Applied only to ComputeDpdk role
          NovaReservedHostMemory: 4096

In above sample, the cluster contains 2 roles - Compute, ComputeDpdk.
The values of ComputeDpdkParameters will be passed on to the templates
as RoleParameters while creating the stack for ComputeDpdk role. The
parameter which supports role specific configuration, should find the
parameter first in in the RoleParameters list, if not found, then the
default (for all roles) should be used.
Implements: blueprint tripleo-derive-parameters

Change-Id: I72376a803ec6b2ed93903cc0c95a6ffce718b6dc
2017-05-15 10:06:46 +05:30
Michele Baldessari
dde4f6d1cf Set puppet-redis managed_by_cluster_manager to true
Via https://github.com/arioch/puppet-redis/pull/192 puppet-redis grew
ulimit support also for pacemaker managed redis instances. To be able to
use that we need to set redis::managed_by_cluster_manager to true.

We also allow redis::ulimit to be configurable and we set a default of
10420 which was the default value before the above change.

Change-Id: I06129870665d7d3bfa09057fd9f0a33a99f98397
Depends-On: I4ffccfe3e3ba862d445476c14c8f2cb267fa108d
Closes-Bug: #1688464
2017-05-06 19:09:08 +02:00
Michele Baldessari
90fc4b2e27 Change the default for rabbitmq back to ha-mode: all
In change Ib62001c03e1e08f58cf0c6e0ba07a8879a584084 we switched the
rabbitmq queues HA mode from ha-all to ha-exactly. While this gives us a
nice performance boost with rabbitmq, it makes rabbit less resilient to
network glitches as we painfully found out via
https://bugzilla.redhat.com/show_bug.cgi?id=1441635.

This is the THT part of the change that changes the default to
ha-mode: all.

Closes-Bug: #1686337
Co-Authored-By: Damien Ciabrini <dciabrin@redhat.com>
Co-Authored-By: John Eckersberg <jeckersb@redhat.com>

Change-Id: I7afcf2b3c8deb13fc2134e4cae9c06a44e775384
Depends-On: I9a90e71094b8d8d58b5be0a45a2979701b0ac21c
2017-04-26 15:16:36 +02:00
Juan Antonio Osorio Robles
1992282b88 Pass hieradata for internal TLS for RabbitMQ
As with other services, this passes the necessary hieradata to enable
TLS for RabbitMQ. This will mean (once we set it via puppet-tripleo)
that there will only be TLS connections, as the ssl_only option is being
used.

bp tls-via-certmonger

Change-Id: I960bf747cd5e3040f99b28e2fc5873ca3a7472b5
Depends-On: Ic2a7f877745a0a490ddc9315123bd1180b03c514
2017-03-09 11:08:41 +00:00
Michele Baldessari
41514d0cd6 Upgrades: fix up the rabbitmq HA mode like in new ocata deployments
In ocata we changed the rabbitmq ha policy to "ha-exactly" via the
following changes:
- tht: Iace6daf27a76cb8ef1050ada0de7ff1f530916c6
- puppet-tripleo: Ib62001c03e1e08f58cf0c6e0ba07a8879a584084

We took care of the upgrade path via I3a97505d2ae1ae27f3080ffe74c33fdabffd2420

With the move to the ansible-based composable upgrades we left this change out.
And now an upgraded environment has the following policy:
- Upgraded environment
Attributes: set_policy="ha-all ^(?!amq\.).* {"ha-mode":"all"}"

- New environment
Attributes: set_policy="ha-all ^(?!amq\.).* {"ha-mode":"exactly","ha-params":2}"

We need to add this pcs resource change to the our upgrade scripts.

Change-Id: I3c4113c207e9d0c45be43df7c2379ac26cb60692
Closes-Bug: #1668600
2017-03-02 08:46:54 +01:00
Giulio Fidente
bdfc7c6f01 Add Ceph RBD mirror Pacemaker profile
This change adds a profile to deploy the Ceph RBD mirroring daemon
as a Pacemaker resource.

Change-Id: Ib07e5bca6a45f0c6c59a3acf07f4e3ae9d2f8948
Depends-On: Ic63dc5cffece38942d305f538f71dd58a5d50789
Closes-Bug: #1652177
2017-01-26 12:24:56 +00:00
Juan Antonio Osorio Robles
80086fd342 Add metadata settings for needed kerberos principals
These are only used for TLS-everywhere, and fills up the kerberos
principals that will need to be created for the certs used by the
overcloud. With this, the metadata hook will format these principals
correctly and will further pass them on to the nova metadata service.
Where they can be used if there's a plugin enabled.

bp tls-via-certmonger
bp novajoin

Change-Id: I873094bb69200052febda629fda698a7a782c031
2017-01-25 00:33:11 +02:00
marios
7ac5ef5f85 Adds a step0 for pre upgrade-init checks
Adds a step0 for any pre-upgrade checks. This migrates
some of the checks we have at the top of
extraconfig/tasks/major_upgrade_controller_pacemaker_1.sh

Checks for other services (and for the cluster) will follow
in separate commits.

Partially-Implements: blueprint overcloud-upgrades-per-service
Change-Id: I607f1fed68d7f11773484c3d7cb3e5af67465d57
2017-01-13 12:34:57 +00:00
Michele Baldessari
d9986387f5 Remove unused pacemaker profiles
With change I80c8559bb2d915385bcc20ae71fe144ddd6591c1 we removed
all the unused puppet-tripleo pacemaker profiles. With this change
we remove the corresponding puppet profiles from tripleo-heat-templates.

We can also remove any trace of the fake ::Core service as it was
introduced via Iacd94294b8a66bc082bb2b3e8d3364ec1bf053b8
for the fake openstack-core pacemaker resource during the Mitaka cycle
and became unused in Newton.

Change-Id: I48cd2b6a4593d673d5883b45feae088392e7e713
2017-01-06 09:41:18 +01:00
Steven Hardy
3c6ec654b4 Bump template version for all templates to "ocata"
Heat now supports release name aliases, so we can replace
the inconsistent mix of date related versions with one consistent
version that aligns with the supported version of heat for this
t-h-t branch.

This should also help new users who sometimes copy/paste old templates
and discover intrinsic functions in the t-h-t docs don't work because
their template version is too old.

Change-Id: Ib415e7290fea27447460baa280291492df197e54
2016-12-23 11:43:39 +00:00
Juan Antonio Osorio Robles
b4cd2ed1ee Use network-based fqdn entry from hiera instead of the custom fact
This changes how we get the network-based FQDNs for the specific
services, from using the custom fact, to the new hiera entries.

Change-Id: Iae668a5d89fb7bee091db4a761aa6c91d369b276
2016-12-01 11:18:23 +02:00
Dan Prince
7876851011 Hiera optimization: use a new hiera hook
This patch optimizes how we deploy hiera by using a new
heat hook specifically designed to help compose hiera
within heat templates. As part of this change:

 - we update all the 'hiera' software configurations to set the group to hiera
   instead of os-apply-config.

 - The new format uses JSON instead of YAML. The hook actually writes
   out the hiera JSON directly so no conversion takes place. Arrays,
   Strings, Booleans all stay in their native formats. As such we can avoid
   having to do many of the awkward string and list conversions in t-h-t to
   support the previous YAML formatting.

 - The new hook prefers JSON over YAML so upgrading users will have the
   new files prefered. (we will post a cleanup routine for the old files
   soon but this isn't a new behavior, JSON is now simply prefered.)

 - A lot of services required edits to account for default settings that
   worked in YAML that no longer work correctly in the native JSON
   format. In almost all these cases I think the resulting codes looks
   cleaner and is more explicit with regards to what is getting
   configured in hiera on the actual nodes.

Depends-On: I6a383b1ad4ec29458569763bd3f56fd3f2bd726b
Closes-bug: #1596373

Change-Id: Ibe7e2044e200e2c947223286fdf4fd5bcf98c2e1
2016-11-30 22:16:13 -05:00
Steven Hardy
0f742c7ec9 Disable keepalived for HA deployments via t-h-t
Currently this is disabled via a conditional in the keepalived
profile in puppet-tripleo, but this will be incompatible with
the planned composable upgrades implementation.  Instead we should
disable the service template by mapping to OS::Heat::None, and
ensure the haproxy manifest uses the t-h-t generated hiera value
keepalived_enabled instead of hard-coding a hiera override in the
haproxy template.

Change-Id: I85a8b1cca7268506de22adfb3a8ce7faa4f157ef
Partial-Bug: #1642936
Depends-On: I90faf51881bd05920067c1e1d82baf5d7586af23
2016-11-18 11:45:57 +00:00
Dan Prince
3fa2ab420c Include redis/mongo hiera when using pacemaker
This patch updates the pacemaker composable service templates for
mongo and redis to extend the proper base (redis.yaml and mongo.yaml)
templates instead of the -base.yaml versions. This was causing
some missing hiera settings for these services which caused symptoms
like missing firewall rules for these services.

Change-Id: I3f94acbf4d1baadbb151b1c4d34b4a0ab28ad5e5
Partial-bug: #1629934
2016-10-04 10:04:44 -04:00
Giulio Fidente
7822c9756a Cinder volume service is not managed by Pacemaker on BlockStorage
We do not want cinder-volume to be managed by Pacemaker on
BlockStorage nodes, where Pacemaker is not running at all.

This change adds a new BlockStorageCinderVolume service name
which can (and is, by default) mapped to the non Pacemaker
implementation of the service.

The error was:
Could not find dependency Exec[wait-for-settle] for
Pacemaker::Resource::Systemd[openstack-cinder-volume]

Also moves cinder::host setting into the Pacemaker specific service
definition because we only want to set a shared host= string when
the service is managed by Pacemaker.

Closes-Bug: #1628912
Change-Id: I2f7e82db4fdfd5f161e44d65d17893c3e19a89c9
2016-09-29 17:57:40 +02:00
Juan Antonio Osorio Robles
99449a38fb Use parameter name to configure gmcast_listen_addr
This used to used mysql_bind_ip, but this parameter is quite misleading
since what it actually configures is not the bind-ip itself, but the
gmcast.listen_addr parameter. This fixes that confusion.

Depends-On: Iea4bd67074824e5dc6732fd7e408743e693d80b3
Change-Id: I2b114600e622491ccff08a07946926734b50ac70
2016-09-26 16:53:22 +03:00
Juan Antonio Osorio Robles
a387c110a6 Bind MySQL address to hostname appropriate to its network
This now takes into use the mysql_bind_host key, to set an
appropriate fqdn for mysql to bind to.

Closes-Bug: #1627060
Change-Id: I50f4082ea968d93b240b6b5541d84f27afd6e2a3
Depends-On: I316acfd514aac63b84890e20283c4ca611ccde8b
2016-09-26 10:37:58 +03:00
Lars Kellogg-Stedman
0d9298bb8f Add fluentd client service
This implements support for installing fluentd agents as a composable
service on the overcloud.

Depends-On: I2e1abe4d8c8359e56ff626255ee50c9cacca1940

Implements: tripleo-opstools-centralized-logging
Change-Id: I23b0e23881b742158fcfb6b8c145a3211d45086e
2016-09-17 01:31:12 +00:00
Juan Antonio Osorio Robles
b1c32247a2 Make Nova VNC Proxy service name match service net map
If these names don't match then we cannot set the service's nodes,
VIP and network.

Change-Id: I8f1c0eaf62eee2704a5f2556a553032106db606b
Closes-Bug: #1621368
2016-09-10 12:43:59 +03:00
Martin Mágr
25ad7b8e1e Availability monitoring agents support
- adds possibility to install sensu-client on all nodes
- each composable service has it's own subscription

Co-Authored-By: Emilien Macchi <emilien@redhat.com>
Co-Authored-By: Michele Baldessari <michele@redhat.com>
Implements: blueprint tripleo-opstools-availability-monitoring
Change-Id: I6a215763fd0f0015285b3573305d18d0f56c7770
2016-08-31 09:22:59 -04:00
Pradeep Kilambi
a30d1745f9 Fix base service type inheriting gnocchi service templates
Change-Id: I5018e4cdb1e5df7c2d67a8c1248d7453941b725f
2016-08-25 14:39:41 -04:00
Pradeep Kilambi
aae669aa17 Fix base service type inheriting ceilometer service pcmk templates
Change-Id: Id2227bedee098e0f18704a3dc82fb0be311ff4d2
2016-08-25 14:37:53 -04:00
Jenkins
b61f1a33d5 Merge "Enable gnocchi systemd services" 2016-08-25 13:26:19 +00:00
Dan Prince
58bf3932a8 Move MySQL settings out of puppet/controller.yaml
This moves the config settings out of controller.yaml for MySQL
and into puppet/services/database/mysql.yaml.

The top leve MysqlRootPassword is still maintained by default
in overcloud.yaml so that users who upgrade won't get
broken. New users may optionally specify the MysqlRootPassword
as a parameter instead which will take priority over the top
level generated parameter.

We drop the top level MysqlClusterUniquePart because it is no
longer used (I think it was a remnant from t-i-e).

Related-Bug: #1604414

Change-Id: I06ebac0f4c87dabfccefb2e550a64650868c5b26
2016-08-23 21:29:02 -04:00
Michele Baldessari
fbbd134f6b Enable gnocchi systemd services
Marian Krcmari noticed that on a freshly deployed HA Newton system
gnocchi-metricd and gnocchi-statsd are down. This likely came about when
gnocchi moved to composable roles
(I40a3815923099d00a0f3fc1d88a942784e7c6fb9) and those settings made
sense when it was managed by pacemaker.

Also make sure that all services are disabled when managed via
pacemaker and add manage_service: false for gnocchi-api for pacemaker
which was missing.

Change-Id: If7d681e0fa3e84379ac83c8a55b481369fe2849e
2016-08-18 23:18:30 +02:00
Dan Prince
3b62761d2f Add DefaultPasswords to composable services
This patch adds a new DefaultPasswords parameter to
composable services. This is needed to help provide
access to top level password resources that overcloud.yaml
currently manages (passwords for Rabbit, Mysql, etc.).

Moving the RandomString resources into composable services
would cause them to regenerate within the stack. With this
approach we can leave them where they are while we deprecate
the top level mechanism and move the code that uses the
passwords into the composable services.

Change-Id: I4f21603c58a169a093962594e860933306879e3f
2016-08-18 12:45:30 -04:00
Giulio Fidente
885b37c80e Pass ServiceNetMap to services
This will be needed to pick the network where the service has
to bind to from within the service template.

Change-Id: I52652e1ad8c7b360efd2c7af199e35932aaaea8c
2016-08-18 12:36:18 -04:00
Erno Kuvaja
75110de9dd Add cinder-backup service as role
Tempest tests for cinder contain backup tests that fail
unless cinder-backup service is started. This patch facilitates
the service start upon the overcloud deployment.

Original patch converted to composable role.

Co-Authored-By: Giulio Fidente <gfidente@redhat.com>
Depends-On: Ib1dfe52b83ab01819fc669312967950e75d8ddf1
Change-Id: I9ca97b3f1c26aac6d81b3525377e1f5fb962313f
2016-08-10 19:02:08 +00:00
Steven Hardy
0327fc2bbb Add Sahara services to ControllerServices list
https://review.openstack.org/#/c/318840/ decomposed the Sahara services
but they weren't added to the ControllerServices list, thus are now disabled.

Since we shipped mitaka with sahara enabled by default, we should probably add
them so the behavior is consistent when folks upgrade.

This also fixes a couple of issues we missed when landing the initial service
templates (partly because CI didn't test them).

In order for each service to operate independently when used with Pacemaker,
the roles needed to be separated. This commit also does this.

Depends-On: Id61eb15b1e2366f5b73c6e7d47941651e40651b1
Change-Id: I0846b328e9d938275e373d58f0b99219b19b326c
Closes-Bug: #1592284
Co-Authored-By: Brad P. Crochet <brad@redhat.com>
2016-08-06 10:45:31 +02:00
Michele Baldessari
81de065665 Next generation HA architecture work
This is the THT part that brings us the next generation architecture
as described in the following spec:
https://review.openstack.org/#/c/299628/

Blueprint:
https://blueprints.launchpad.net/tripleo/+spec/ha-lightweight-architecture

So far we tested deployment + tripleo.sh --overcloud-pingtest and
failover + tripleo.sh --overcloud-pingtest

Note that many of the Pacemaker template files become redundant with
this change, but to simplify the process of getting this change landed,
those templates will not be removed until a future commit.

Depends-On: I5e7585c08675d8a4bd071523b94210d325d79b59

Change-Id: I00bccb2563c006f80baed623b64f1e17af20dd4e
Implements: blueprint ha-lightweight-architecture
Co-Author: cmsj@tenshu.net
2016-08-04 15:07:39 +02:00
Ryan Hefner
b99733d08a Enable Manila integration - as a composable controller service
Allows the installation and configuration of Manila.
Supports the generic driver only. This has a dependency on the
puppet-tripleo classes for manila where the puppet specific
config now lives.

The review at https://review.openstack.org/#/c/315658/ has been
merge into this one, as of v68, so manila lands as a composable
service. This was brought up on the mailing list at [1]

[1] http://lists.openstack.org/pipermail/openstack-dev/2016-May/096126.html

Co-Authored-By: Marios Andreou <marios@redhat.com>
Implements: blueprint composable-services-within-roles
Depends-On: I444916d60a67bf730bf4089323dba1c1429e2e71
Depends-On: I9eda4b3364e5c59342761a1ec71b0eb567c69cf1
Depends-On: I571b65a5402c1028418476a573ebeb9450ed00c9
Change-Id: I7acebac4354fca1f8d7ff6c343c1346bf29b81c6
2016-08-02 17:18:07 +03:00
Jenkins
9aec3de5b8 Merge "Convert service_name to underscore syntax" 2016-07-29 08:52:05 +00:00