350 Commits

Author SHA1 Message Date
Zuul
c83244dd1e Merge "multinode-containers: include Podman service" 2018-11-15 09:09:27 +00:00
Alex Schultz
fb0e8f62fc Convert dynamic lookups to use colon notation
With the upgrade to puppet 5, we can no longer use dots in the hieradata
key lookups. This change updates the THT for firewall_rules,
haproxy_endpoints and haproxy_userlists to use the colon notation.

Change-Id: I6f67153e04aed191acb715fe8cfa976ee2e75878
Related-Bug: #1803024
2018-11-12 21:21:49 -07:00
Emilien Macchi
7ef597c020 multinode-containers: include Podman service
The service is disabled by default but we need it in the registry so we
can enable it later in CI:
https://review.openstack.org/#/c/612526

Change-Id: I74466e6f9148d124734aeac9e06d85f4917abdba
2018-11-12 02:04:19 +00:00
Zuul
dec6e40b30 Merge "Add scenario 012 - overlcoud baremetal+ansible-ml2" 2018-11-02 17:49:17 +00:00
Derek Higgins
ca3d5e47b0 Add scenario 012 - overlcoud baremetal+ansible-ml2
Used by a new featureset[1] that uses the neutron ansible-networking driver
to configure the switch providing networking for overcloud ironic
nodes such that tenant networks are segregated via vlan.

This scenario also sets up ssh keys so that ansible inside the neutron
container can ssh to the controller to configure OVS.

The new scenario also includes a temporary workaround to upgrade
ansible in the neutron container, this can be removed once ansible
in the container is v2.5.8+

Also remove scenario011 as the patches that used it never merged and
now the tennant networks are working in the overcloud, we'll test
with this instead.

[1] - https://review.openstack.org/#/c/579601/

Change-Id: Ife83825216ccb96a5f24918f42a757d0c48b0e9d
2018-10-24 12:38:34 +01:00
Juan Antonio Osorio Robles
64f30b5b3c Delete novajoin manual setup from freeipa setup script
This is no longer needed, as the setup is done as part of the
installation steps for novajoin.

Change-Id: Iab76b924cfa569487ff557d30d767f7ec8680669
2018-10-23 13:28:30 +03:00
Zuul
14f5234300 Merge "Set openshift_docker_insecure_registries" 2018-10-22 21:15:53 +00:00
Zuul
ad06ebce20 Merge "Remove obsolete code for handling Pacemakerized resource restarts" 2018-10-15 11:31:45 +00:00
Martin André
cbac4c4373 Set openshift_docker_insecure_registries
This variable is used in the docker_image_availability check to
determine how to query the registries for image availability. Setting
this variable allows us to enable the docker_image_availability check
in the gate.

Change-Id: Ia1da542d342228bb28ad487371fad8d3ffc62d0b
2018-10-12 16:36:20 +02:00
Martin André
81ca843ee7 Deploy openshift all in one in scenario009
Previously we were only deploying a master node. This commit adds the
worker and infra service to the deployed node and configures it as an
all-in-one node. In order to do so, we need to disable HAproxy when
deploying in all-in-one as the HAproxy instance Openshift deploys on
the infra node conflicts with the one we normally set up. They both
bind ports 80 and 443.

Also removes the useless ComputeServices parameter that only makes
sense in a multinode environment.

Change-Id: I6c7d1b3f2fa5c7b1d9cf695c9e021a4192e5d23a
Depends-On: Ibc98e699d34dc6ab9ff6dce0d41f275b6403d983
Depends-On: I0aa878db62e28340d019cd92769f477189886571
2018-10-11 11:53:20 +02:00
Jiri Stransky
7a438651af Remove obsolete code for handling Pacemakerized resource restarts
Remove scripts and templates which dealt with Pacemaker and its
resource restarts before we moved to containerized deployments. These
should all now be unused.

Many environments had this mapping:

    OS::TripleO::Tasks::ControllerPreConfig: OS::Heat::None
    OS::TripleO::Tasks::ControllerPostConfig: OS::Heat::None
    OS::TripleO::Tasks::ControllerPostPuppetRestart: ../../extraconfig/tasks/post_puppet_pacemaker_restart.yaml

The ControllerPostPuppetRestart is only ever referenced from
ControllerPostConfig, so if ControllerPostConfig is OS::Heat::None, it
doesn't matter what ControllerPostPuppetRestart is mapped to.

Change-Id: Ibca72affb3d55cf62e5dfb52fe56b3b1c8b12ee0
Closes-Bug: #1794720
2018-10-11 10:41:15 +02:00
Zuul
ec227891bd Merge "scenario010: enable Ceph RBD" 2018-10-08 20:18:08 +00:00
Zuul
474b252358 Merge "ceilometer: Use new archive policies" 2018-10-07 09:06:33 +00:00
Zuul
42a6e65632 Merge "Remove unused parameter NeutronEnableDHCPAgent" 2018-10-03 01:42:49 +00:00
Daniel Alvarez
7bf7996c79 Remove unused parameter NeutronEnableDHCPAgent
NeutronEnableDHCPAgent is no longer consumed anywhere in OpenStack so
this patch is removing all occurrences of it in the environment files.

Change-Id: I042944c3f24d22fa60d4ed13fd9a56c5b93f465f
Signed-off-by: Daniel Alvarez <dalvarez@redhat.com>
2018-10-01 12:43:01 +02:00
Ben Nemec
9a69426508 Don't configure BIND to listen on localhost
It isn't useful for much of anything in a production deployment
and it conflicts with the local DNS server in CI.

Change-Id: Ied3ecdc71bfdf9bb6439e2c9464aa01346e69226
Closes-Bug: 1795043
2018-09-28 14:24:52 -05:00
Mehdi Abaakouk
7b71a4c073 ceilometer: Use new archive policies
Ceilometer now creates it own archive policies.

This change ensures we use the new one.

Change-Id: I23d678a4b2c92ad2e913594b0b8844605fe36355
2018-09-19 15:35:43 +02:00
Zuul
3ca0536773 Merge "Enable fluentd on scenario002-multinode-containers" 2018-09-19 08:01:44 +00:00
Carlos Goncalves
a33d42abb6 scenario010: enable Ceph RBD
Enabling Ceph on scenario010 allow us to test conversion of amphora
image format from QCOW2 to RAW in octavia-undercloud role in
tripleo-common.

This patch also removes NeutronServicePlugins from being set (in line
with I3da329db28701c7e9798083982953c5c9c861c50) and unchecks Octavia
from scenario003 in the service testing matrix set previously by
mistake.

Partial-Bug: #1778303
Related-Bug: #1722758

Change-Id: I717301dc0777ecd2118253a86cd1f8353539482f
2018-09-15 18:05:52 +02:00
Flavio Percoco
e1912cd59b Move to openshift-ansible 3.10
This patch adds a new role called OpenShiftInfra which is required to
define infra nodes. We've been bundling infra nodes with compute and
master nodes and they ought to be independent.

With the new node label management introduced in openshift-ansible, it
sounds like this is a good time for us to unbundle these nodes.

Co-Authored-By: Martin André <m.andre@redhat.com>
Depends-On: I291b6ac65eaa1a015bca2ee2bc1be90b0ea0aadc
Change-Id: I4f8127a9e2d822057f3db8f0974ab1db0698985a
2018-09-04 18:05:53 +00:00
Zuul
c3788f4ba9 Merge "Enable configuration of Designate's pools.yaml" 2018-08-30 02:07:21 +00:00
Juan Badia Payno
31a8ff2ecc Enable fluentd on scenario002-multinode-containers
As there are several log path that are not set properly to be used by fluentd.
Fluentd needs to be enabled on the scenarios to be able to check the path properly.

This patch only enables fluentd on scenario002-multinode-containers.

Change-Id: If253da4f0f89221dc6ddacc280c984079c6a3c7f
2018-08-28 10:27:46 +02:00
Zuul
a885599770 Merge "Always enable image prepare service for docker clouds" 2018-08-28 04:38:50 +00:00
Michele Baldessari
d2da6c8ac6 Add a FreeIPAExtraArgs param to ci/scripts/freeipa_setup.sh
There are scripts that need some customized parameters (infrared
uses freeipa_setup.sh for example). And sometimes it is convenient
to be able to disable dns verification for example.

Change-Id: Ie605aade96dc690e6b52f55bdf1526c8fd51de6c
2018-08-16 19:55:00 +02:00
Steve Baker
93d87cf18d Always enable image prepare service for docker clouds
This change includes the service
OS::TripleO::Services::ContainerImagePrepare by default in the overcloud
which will trigger a container image prepare in the same way as is
currently done for the containerized undercloud.

Along with the mistral action which populates the container image
parameters, this change makes blueprint container-prepare-workflow
functionally complete.

Change-Id: I8b0c5e630e63ef6a2e6f70f1eb00fd02f4cfd1c0
Blueprint: container-prepare-workflow
2018-08-15 12:09:23 +00:00
Zuul
008f5f5d93 Merge "Add per-network routes to NIC templates" 2018-08-14 19:40:23 +00:00
Martin Mágr
b76d7623ac QDR for metrics collection purposes
This patch adds composable new service (QDR) for containerized deployments.
Metrics QDR will run on each overcloud node in 'edge' mode. This basically
means that there is a possibility that there will be two QDRs running
on controllers in case that oslo messaging is deployed. This is a reason why
we need separate composable service for this use case.

Depends-On: If9e3658d304c3071f53ecb1c42796d2603875fcd
Depends-On: I68f39b6bda02ba3920f2ab1cf2df0bd54ad7453f
Depends-On: I73f988d05840eca44949f13f248f86d094a57c46
Change-Id: I1353020f874b348afd98e7ed3832033f85a5267f
2018-07-31 21:55:45 +00:00
Dan Sneddon
f5f6553797 Add per-network routes to NIC templates
This change adds a new {{network.name}}InterfaceRoutes
parameter to network config templates. It takes a list
of routes i.e:
  [{'destination':'10.0.0.0/16', 'nexthop':'10.0.0.1'}]

Co-Authored-By: Harald Jensås <hjensas@redhat.com>
Partial: blueprint tripleo-routed-networks-templates
Depends-On: Ifc5aad7a154c33488a7613c8ee038c92ee6cb1a7
Change-Id: I90aea46d3addab9792c7c9d4feff5c5f61520b9b
2018-07-30 09:53:30 +02:00
Zuul
3e875145cd Merge "DnsServers using get_attr" 2018-07-25 00:53:28 +00:00
Zuul
7ce066eba3 Merge "EC2MetadatIp using get_attr" 2018-07-25 00:36:06 +00:00
Zuul
ad5d4d1db1 Merge "ControlPlaneDefaultRoute using get_attr" 2018-07-24 01:34:22 +00:00
Zuul
dfc09b6ff1 Merge "ControlPlaneSubnetCidr using get_attr" 2018-07-24 01:34:20 +00:00
Zuul
fcbf9e375c Merge "Add scenario010 for testing Octavia" 2018-07-20 23:41:45 +00:00
trown
879caaa9fa Add secondary DNS server to disable-unbound environment
The Cloudflare DNS we are using in the disable-unbound CI
environment for OpenShift works fine in CI, but my ISP seems to
block it. This makes reproducing that job locally difficult. I had
success with the secondary DNS from Cloudflare, so this patch just
adds that to the resolv.conf.

If we were going to keep this disable-unbound solution for a long
time it would probably be better to have this be a template and
allow user configuration. However, my understanding is that this
is a temporary solution, so investing in complicated patches to
wire in a configuration option that will go away seems like
wasted effort.

Change-Id: I7b93efcd76b651807dff3c18885b8d291feffd3e
2018-07-20 12:05:37 +00:00
Brent Eagles
ad7d6cf74a Add scenario010 for testing Octavia
This patch adds the scenario010, initially for testing Octavia.

Change-Id: I125c75e0a3389bfe8bf600fba5aa9c345ddcdeaa
2018-07-20 10:52:52 +02:00
Giulio Fidente
d348ebc34e Lower Ceph PGs count in scenario004
Each OSD can only host maximum 200 PGs, in scenario004 we create 9
pools to enable MDS/Manila and RGW so we need to lower the PGs
count further, compared to scenario001.

Also lowers the values in low-memory-usage.yaml environment file.

Change-Id: If95a0e3fe5aeef61f9712d8006e0f49c11a0c90f
Closes-Bug: 1781910
2018-07-16 16:14:41 +00:00
Harald Jensås
52ec1a018b DnsServers using get_attr
Nameservers are configured on the ctlplane subnets by the
undercloud installer, the nameservers are used early during
the deployment, prior to running os-net-config.

Remove the default DnsServer's in THT, replacing it with
an empty list and use get_attr to get the values for
DnsServers for the overcloud from the ctlplane subnet(s).

A conditinal is used in  puppet/role.role.j2.yaml so that
the parameter value is used whenever it is not [] (default)
to provide backwards compatibilityi and in case the user
want to use different DnsServers for the overcloud and
undercloud.

Partial: blueprint tripleo-routed-networks-templates
Change-Id: I5f33e06ca3f4b13cc355e02156edd9d8a1f773cd
2018-07-14 09:19:12 +02:00
Harald Jensås
19381ecffb EC2MetadatIp using get_attr
The route to metadata service is set up in host_routes
of ctlplane subnets by extraconf post deploy::
  extraconfig/post_deploy/undercloud_ctlplane_network.py

Use get_attr on the server resource to resolve attribute
value from the subnet(s) and pass it to the parameter
'EC2MetadatIp' used in the THT/network/config/* templates.

Changes the default for 'EC2MetadatIp' to ''.
Removes the comment that the value should be overriden in
parameters_defaults. It also removes the parameter from
network-environment templates.

A conditinal is used in  puppet/role.role.j2.yaml so that
the parameter value is used whenever it is not '' (the
default) to provide backwards compatibility in case the
user set a different value for this parameter in
network-environment.yaml.

When deploying a routed control plane the network config
templates would previously need to be updated to carry
'EC2MetadatIpLeafX' parameters for each leaf.  By getting
the value to pass from the server resource this change
reduces the required nic-config template customisation.
(Reduces the risk of user error.)

Partial: blueprint tripleo-routed-networks-templates
Change-Id: I9c019ec840a44ca8c5f98be55daea365bc6554ec
2018-07-14 09:18:58 +02:00
Harald Jensås
c649cf0545 ControlPlaneDefaultRoute using get_attr
Use get_attr on the server resource to resolve attribute
value from the subnet(s) and pass it to the parameter
'ControlPlaneDefaultRoute' used in the THT/network/config/*
templates.

Changes the default for 'ControlPlaneDefaultRoute' to ''
as well as the comment that the value should be overriden
in parameters_defaults. It also removes the parameter from
network-environment templates.

A conditinal is used in  puppet/role.role.j2.yaml so that
the parameter value is used whenever it is not '' (the
default) to provide backwards compatibility in case the
user set a different value (different from the one used in
undercloud.conf) for this parameter in
network-environment.yaml.

When deploying a routed control plane the network config
templates would previously need to be updated to carry
'ControlPlaneXDefaultRoute' parameters for each leaf. With
8 Leafs in addition to the network local to the undercloud
that is 8 parameters less to place in the configuration.
By getting the value to pass from the server resource this
change reduces the required nic-config template
customisation (reduces the risk of user error).

Partial: blueprint tripleo-routed-networks-templates
Change-Id: I5139249d55e9ac01761c270b8c0f31ef35595940
2018-07-14 09:11:39 +02:00
Harald Jensås
6ab86a3ebe ControlPlaneSubnetCidr using get_attr
Use get_attr on the server resource to resolve attribute
value from the subnet(s) and pass it to the parameter
'ControlPlaneSubnetCidr' used in the THT/network/config/*
templates.

As the value is now resolved from resource attributes,
this changes the default for 'ControlPlaneSubnetCidr' to ''
as well as the comment that these value should be overriden
in parameters_defaults. It also removes the parameter from
network-environment templates.

A conditinal is used in  puppet/role.role.j2.yaml so that
the parameter value is used whenever it is not '' (the
default) to provide backwards compatibility in case the user
set a different value (different from the one used in
undercloud.conf) for this parameter in
network-environment.yaml.

When deploying a routed control plane the network config
templates would previously need to be updated to carry
'ControlPlaneXSubnetCidr' parameter (in case the subnet
mask is not the same for all the routed network leafs).
With 8 Leafs in addition to the network local to the
undercloud that is 8 parameters less to place in the
configuration. By getting the value to pass from the
server resource this change reduces the required nic-config
template customisation (reduces the risk of user error).

Partial: blueprint tripleo-routed-networks-templates
Change-Id: I92ee0f9a2107cdf1ca5903d3756a235a79c36c73
2018-07-14 09:11:28 +02:00
Zuul
6118dec096 Merge "HA support for OpenShift" 2018-07-12 04:25:29 +00:00
Martin Mágr
c5b2d08c40 Disable sensu-client in CI
After CI scenario deployment is finished the container ends in unhealthy
state because sensu-client is not successfully connected to RabbitMQ.
We will need to implement default connection to overcloud RabbitMQ instance
for the service to have this service deployed in CI job.

Change-Id: I1aec0c71a945c06a6d914638b45cae074288a90d
Closes-Bug: #1781108
2018-07-11 16:33:21 +02:00
Flavio Percoco
99b8119d98 HA support for OpenShift
The OSA assisted HA deployment is not recommended for production
environments, besides it being limited. Therefore, we're relying on our
deployment of HAproxy + Keepalived to provide HA on top of OpenShift in
addition to adding more OpenShift nodes.

Depends-On: Ib573758b515264d1dda90cc9de61f4fa6659dc7d

Change-Id: I7ab677e4803e9df5f6641204cb0b6ccc5b1eb79f
2018-07-11 07:41:51 +02:00
Ben Nemec
e025ebc0c4 Enable configuration of Designate's pools.yaml
This is necessary as the settings in this file are deployment
specific, so the defaults will never be correct.  For simplicity,
the enablement environment includes the sample pools.yaml content
from the Designate docs.  It can then be easily modified to match
the actual intended deployment environment.

Depends-On: https://review.openstack.org/580524
Change-Id: I84cc3b06ac77c723994be0f49960a93e0dbba0ad
2018-07-09 20:02:49 +00:00
Zuul
9b35006156 Merge "Update scenario003 to deploy separate messaging backends" 2018-07-05 07:06:59 +00:00
Martin André
4e30f51470 Update for openshift 3.9
This commit updates the openshift templates to deploy openshift 3.9
instead of 3.7.

Update the default playbook path to the one expected by
openshift-ansible 3.9.

Update the default openshift-ansible variables and move them in the
template where they belong. They can be overridden individually via the
OpenShiftGlobalVariables heat parameter.

Disable unbound on the openshift nodes in CI as it is listening on port
53 and is preventing openshift to start its own DNS service.

Co-Authored-By: Flavio Percoco <flavio@redhat.com>
Depends-On: I6f123cd71a23fb15aaa2005f7397fc98fdaf187a
Depends-On: I27ad9d168af575da8c4f5094152c94e2fa03987c
Change-Id: Ifc3d25fa590cfba1fa64ed0266c76c9342a7aa4f
2018-07-03 14:13:42 +02:00
Andrew Smith
139b552152 Update scenario003 to deploy separate messaging backends
This patch:
* Sets up amqp1/qdrouterd for RPC and rabbit/rabbitmq for Notify

Change-Id: Iabb447699910876d7c33a03efd2f35fc22618a0d
2018-06-25 11:48:33 -04:00
Derek Higgins
683de3683b Add scenario011 to install ironic in the overcloud
Depends-On: Ib3f183980ce3e383c0e6319ee373bd8438e8e6b8
Change-Id: Ice806c363950c7868f464c856c0594e5fc41b554
2018-06-25 12:09:38 +00:00
Zuul
b7dcbd8da7 Merge "Set Ceph pools rule_name to replicated_rule" 2018-06-15 12:03:25 +00:00
Zuul
d0f4e4879e Merge "Map OpenShift resources to services" 2018-06-15 11:36:19 +00:00