As per I1213a83ef8693c1cca1d20de974f7949a801d9f1 this moves to
using KeystoneInternal for the nova-ironic template and updates
some deprecated hiera keys.
Change-Id: Ib1103c00ddb7d6d624f4911147197d8355a3a6dd
The admin endpoint is listening on the ctlplane network by default;
services should ideally be using the internal api network for this kind
of traffic, as the ctlplane network is mostly for provisioning. On the
other hand, the admin endpoint shouldn't be as relevant with services
switching to keystone v3.
Change-Id: I1213a83ef8693c1cca1d20de974f7949a801d9f1
Add:
- OS::TripleO::Services::TripleoPackages
- OS::TripleO::Services::TripleoFirewall
to the CI environments, so we can test Firewalling and also TripleO
packages upgrades.
Change-Id: I5d39c7a332a4c376fb4d6ee9463d27f481b6a0d0
These are handle by puppet as usual (puppet run comes after the
ansible steps) so remove them from these remaining upgrade_tasks
Change-Id: Ic341f31251622ccb11a5f7818b2edf7a82391560
In line with other service we leave the db sync to puppet unless
needed for some workaround/upgrade related reason.
Change-Id: I9ae463cda19ffdd66f9ccbae40e85551841ab938
Due to the keystoneauth library's defaults, it uses the public interface
currently. This is not desirable in most cases (specially when using
network isolation); so we set it to use the internal one.
Change-Id: Ic222a2b734f4d512349fd8556aa2864b13a1eb07
Depends-On: I1c7fd3a32d04e2fafb3820d1c1f221f45c613c83
Closes-Bug: #1663187
Default in puppet-neutron is 'RegionOne', so let's override it with the
right parameter in TripleO.
Change-Id: I3f1693b91178027c8e05288aeba72b7d6bd042be
We wants to run puppet on each role which has the flag
disable_upgrade_deployment to true. It will run after the upgrade
of the role and before running the whole converge step.
Change-Id: Ia85be688d070dfb5b8337e8ef3c4bc439fb6052e
We do not need the upgrade scripts used to migrate Ceph from
hammer to jewel. This submission removes that and the legacy
upgrade scripts used for the BlockStorage role.
Change-Id: I2674216dd9b5b849de6a2624ee1115420a254182
This delivers a /root/tripleo_upgrade_node.sh to those nodes
that have the disable_upgrade_deployment flag set to true.
They will later be upgraded manually by the operator who will
invoke the script delivered here using upgrade-non-controller.sh
We can also deliver any service specific upgrade configuration,
such as configuring nova-compute to use the placement API as this
is required in order for placement to be configured and installed
during the subsequent upgrade steps for controller services.
This removes the compute and swift specific upgrade scripts as
they are now merged into the common
tripleo_upgrade_node.sh - removing any hard coded
reference to a particular role name (compute/objectstorage) and
only relying on the disable_upgrade_deployment is roles_data.yaml
Change-Id: I4531a4038b78087ef4a1a62c35f1328822427817
Co-Authored-By: Mathieu Bultel <mbultel@redhat.com>
Make UpgradeBatch depends on BatchConfig, for step0
avoid creation of the UpgradeBatchConfig_stepX prior
to UpgradeBatchConfig step0 and add condition
Change-Id: I852beee65590270422cfbc9abe02111d88442f2e
In current setup some Contrail services belong to the wrong roles.
The Contrail control plane can be impacted if the Analytics database has
problems.
Change-Id: I0d57a2324c38b5b20cc687c6217a7a364941f7e6
Depends-On: Id0dd35b95c5fe9d0fcc1e16c4b7d6cc601f10818
Closes-Bug: #1659560
It was suggested by Nova team to not deploying Nova API in WSGI with
Apache in production.
It's causing some issues that we didn't catch until now (see in the bug
report). Until we figure out what was wrong, let's disable it so we can
move forward in the upgrade process.
Change-Id: I09b73476762593642a0e011f83f0233de68f2c33
Related-Bug: 1661360