348 Commits

Author SHA1 Message Date
Emilien Macchi
bfbe25b312 Deprecate Keepalived
Keepalived is deprecated in Ussuri and will be removed in the next cycle.

blueprint replace-keepalived-undercloud
Change-Id: I8b72e35e5ea4bb5c7a8ff60792d96236fa8b3554
(cherry picked from commit 57d04446f3ab2a1ee259e67dceb219e2c6a8105d)
2020-05-29 13:18:10 +00:00
rajinir
a9831936f5 Deprecating ScaleIO Volume Config
A new Dell EMC VxFlexOS  config is added with
new parameters. Use that instead.
See https://review.opendev.org/#/c/728720/

Change-Id: I9a820e4ed83a3e22fafa8e0cfe2153fd33f09090
(cherry picked from commit 6a27375c2a14b8fc821ba6b65abd503d81da5752)
2020-05-28 02:29:08 +00:00
Zuul
ca3ce73676 Merge "Support for Dell EMC XtremIO Volume Config" 2020-05-09 05:36:28 +00:00
Zuul
1e3910a361 Merge "Deprecating Old Dell SC Volume Config" 2020-05-07 02:07:40 +00:00
rajinir
d9bdd746dc Support for Dell EMC XtremIO Volume Config
Added support for XtremIO volume config options.
Supports both iSCSI and FC drivers.
Supports deploying multiple instances of the
cinder::backend::dellemc_xtremio backend
(e.g. one iscsi + one fc, multiple iscsi, etc.).

Change-Id: I5a02b90530057f616fb84de5b04d04865693ce2f
2020-05-04 12:15:19 -05:00
rajinir
bd15ac0a1f Support for Dell EMC SC Volume Config
Added support for SC volume config options.
Supports both iSCSI and FC drivers.
Supports deploying multiple instances of the
cinder::backend::dellemc_sc backend
(e.g. one iscsi + one fc, multiple iscsi, etc.).

Change-Id: I2f441a9df5bda4e1c646b3259d233f760fd3e742
2020-04-29 21:47:51 -05:00
rajinir
8e074fd166 Deprecating Old Dell SC Volume Config
A new Dell SC volume config which supports both iSCSI and FC drivers
is added. Deprecating the old Dell SC config
See review https://review.opendev.org/#/c/722538/

Change-Id: I3402f71fde956ede80da0840780ad4bd227103c7
2020-04-24 15:05:17 -05:00
Takashi Kajinami
474d20438a Remove OpenDaylight support
... because OpenDaylight tempmates and environemtns were alredy removed
in tripleo-heat-teampltes[1].

[1] 9c3638b8a13ea08a1bab95c9cd6ab335b729b6b3

Change-Id: I0204b6985de71441e0f63f21cfda24d55fd340e5
2020-04-14 22:42:44 +09:00
Zuul
e27d092742 Merge "Add Octavia OVN Provider configuration (2 of 2)" 2020-04-10 15:24:46 +00:00
Flavio Fernandes
a485965a23 Add Octavia OVN Provider configuration (2 of 2)
This is part 2 of 2, where ovn provider info located in
tripleo::profile::base::octavia::api will move
to newly created octavia::provider::ovn.
But that has to be split into 2 parts to avoid breaking the
CI until the THT+pupple-tripleo changes merges [1].

[1]: https://review.opendev.org/#/q/topic:bug/1861886+(status:open+OR+status:merged)

This patch enhances Octavia's OVN driver config, so it can connect to
OVN_Northbound DB using TLS.

Depends-On: https://review.opendev.org/#/c/711333/
Depends-On: https://review.opendev.org/#/c/711557/
Depends-On: https://review.opendev.org/#/c/705728/
Depends-On: https://review.opendev.org/#/c/707695/

Closes-Bug: #1861886

Change-Id: If4a6f25015374883050c48b7705e8207906118f4
2020-04-09 09:41:51 -04:00
Takashi Kajinami
baf5ab640e Define nova::cache parameters in tht
Migrate parameter definitions for nova::cache module from
puppet-tripleo to tht, so that we can be less dependent on puppet
to set configurable items.

Depends-on: https://review.opendev.org/#/c/716988/
Change-Id: I796196f7a6e0f1235ac269a55e64161613018b1d
2020-04-04 09:48:15 +09:00
Zuul
e67355c2de Merge "Support for PowerMax Volume Config" 2020-03-31 22:43:32 +00:00
rajinir
8cee314746 Deprecating VMax Volume Config
VMax backend is now PowerMax and config options have changed
since newton.

Change-Id: Ib5d38009de0d29325e6da31c5a030a65eaf02e26
2020-03-30 16:48:33 -05:00
rajinir
f21f50ce92 Support for PowerMax Volume Config
PowerMax config options have changed since newton.
Updating them to the latest. Supports both iSCSI and FC
drivers.

Supports deploying multiple instances of the
cinder::backend::dellemc_powermax backend
(e.g. one iscsi + one fc, multiple iscsi, etc.).

Depends-On: https://review.opendev.org/#/c/708960/
Change-Id: I25be51121390afd7ed3d0f0249733d3ccaf557de
2020-03-30 16:27:03 -05:00
Flavio Fernandes
c68aa2e140 Add Octavia OVN Provider configuration (1 of 2)
This is part 1 of 2, where ovn provider info located in
tripleo::profile::base::octavia::api will move
to newly created octavia::provider::ovn.
But that has to be split into 2 parts to avoid breaking the
CI until the THT+pupple-tripleo changes merges [1].

[1]: https://review.opendev.org/#/q/topic:bug/1861886+(status:open+OR+status:merged)

This patch enhances Octavia's OVN driver config, so it can connect to
OVN_Northbound DB using TLS.

Depends-On: https://review.opendev.org/#/c/711333/

Change-Id: I85049de9960586a1069aa750c8d727c6e37cec73
Related-Bug: #1861886
2020-03-18 14:35:16 -04:00
Sagi Shnaidman
9c05cdf97f Revert "Add replication_probe_interval for ovsdbs"
it broke OVB in master
Closes-Bug: #1866031
This reverts commit 5b5291423a04e324a3075caaf07620e7b0a14ac0.
Change-Id: Id4ec674ecd18bed02034714c2da103933b4e0b42
2020-03-04 14:18:05 +00:00
Zuul
ac76abf7b1 Merge "Add replication_probe_interval for ovsdbs" 2020-03-02 20:57:00 +00:00
Takashi Kajinami
ebdbbfe8fd Remove wsgi enabled parameters in nova
... because issue with wsgi deployment in nova[1] was resolved a while
ago, and we don't encourage users to use standalone eventlet servers.

[1] https://bugs.launchpad.net/nova/+bug/1661360

Change-Id: I40c3b6ea9a958cb5b1548282299414a72eb254c4
2020-03-02 00:14:15 +09:00
Kamil Sambor
5b5291423a Add replication_probe_interval for ovsdbs
Add posibilities to configure replication_probe_interval for ovsdb-server.
It configure probe interval for connection for ovsdb-server when it is
in backup mode and connects to the active ovsdb-server for replication

Change-Id: I6e5af0cfc00778e251bae0fc42c116a24c8fabc3
2020-02-28 11:30:30 +01:00
Zuul
0c162fcf70 Merge "Add support for glance multistore" 2020-02-26 22:30:07 +00:00
Zuul
2039b4d842 Merge "Add support to configure virtlogd" 2020-02-14 10:03:18 +00:00
Alan Bishop
c7b9b90dbd Add support for glance multistore
Add new tripleo::profile::base::glance::api::multistore_config parameter
to support configuring multiple glance-api backends. The parameter is
optional, and represents a hash of settings for each additional backend.
The existing 'glance_backend' parameter specifies the default backend.

In order to support DCN/Edge deployments, the syntax supports multiple
instances of the 'rbd' backend type. Restrictions are imposed to allow
only a single instance of the 'cinder', 'file' and 'swift' backend types.

Change-Id: I41ab9b3593bf3d078c5bbd1826df8308e3f5e7af
Depends-On: I5a1c61430879a910e7b6c79effba538431959d56
2020-01-31 07:06:16 -08:00
Francesco Pantano
eec31fd149
Add ceph dashboard frontend endpoint and tls-e integration
This change exposes to the end-user the new ceph dashboard
frontend which is fully integrated with grafana service.
This review also adds all the info/classes to integrate the
service with tls-everywhere framework, providing the cert
request and generation that will be passed to ceph dashboard
via ceph-ansible.

Depends-On: https://review.opendev.org/#/c/704308
Change-Id: Id6d2e4b00355cd84baccc2b493f3205c2b32a44b
2020-01-30 12:37:52 +01:00
Takashi Kajinami
be3892e601 Add support to configure virtlogd
Include nova::compute::libvirt::virtlogd to manage virtlogd
configuration.

Depends-on: https://review.opendev.org/#/c/685024/
Change-Id: I3d28680b4cf18c06b799e329639bb424e63d1368
2020-01-09 21:34:52 +09:00
Flavio Fernandes
373ad6a6c0 Add the ability to configure ovn-remote-probe-interval
This parameter sets inactive probe interval of the JSON
session from ovn-metadata to the OVN SB database.
By default this it is 5s which not be sufficient in
loaded systems or during high control-plane activity spikes,
leading to unnecessary reconnections to OVSDB server.
Now it is extended by default to 1 min and it
is configurable.

Depends-On: https://review.opendev.org/#/c/695577
Change-Id: I0ff2f1b01abc4bad74532f4954c80509c02a2375
2019-11-22 10:31:54 -05:00
Zuul
18a9016b7a Merge "Fix upper case checks for SRIOV interface" 2019-10-25 19:47:09 +00:00
Kamil Sambor
15e21010a8 Add configurable monitor timeouts for ovn dbs
Under pressure, the default monitor timeout value of 20 seconds is not
enough to prevent unnecessary failovers of the ovn-dbs pacemaker resource.
While spawning a few VMs in the same time this could lead to unnecessary
movements of master DB, then re-connections of ovn-controllers (slaves are
read-only), further peaks of load on DBs, and at the end it could lead to
snowball effect. Now this value can be configurable by dbs_timeout in
tripleo::profile::pacemaker::ovn_dbs_bundle and by default is set to 60s.

Change-Id: Ib95c6b7614631eed264d42e6cf61672b705e7893
Signed-off-by: Kamil Sambor <ksambor@redhat.com>
2019-10-21 14:59:09 +02:00
yogananth subramanian
f5daa76982 Fix upper case checks for SRIOV interface
Allow using upper case names for SRIOV interface names.

Fixes bug 1848483

Change-Id: I2d2cb42d87371f5807a4527eef22425416d4a774
2019-10-17 23:14:44 +05:30
Zuul
5f1b0010f4 Merge "Revert "Add support to configure token caching in keystone"" 2019-10-16 05:42:02 +00:00
63dd90aacc Revert "Add support to configure token caching in keystone"
Changing cache/enabled=False by default has dropped performance.
keystone local cache also got disabled with this.

This reverts commit 469d432195d1f5b5e15ce72ce1624d4ed4447e4e.


Depends-On: https://review.opendev.org/#/c/688770/
Closes-Bug: #1847585
Change-Id: I2af70755746f3fc3eb10eba2188ad2772704d988
2019-10-15 17:53:40 +00:00
Zuul
4dee772a2b Merge "Add support to configure token caching in keystone" 2019-10-07 23:31:01 +00:00
Harald Jensås
7264c75c37 Add 'ipversion' to firewall/rule.pp
Add the posibility to add 'ipversion' to the firewall
rule manifest.

Closes-Bug: #1845153
Change-Id: Id872c55cfc6b958fef3ccda2d923f821a1fe6a13
2019-09-25 18:36:44 +00:00
Takashi Kajinami
469d432195 Add support to configure token caching in keystone
Add support to configure token caching in keystone[1] using
memcached, so that we can improve performance about token
validation.

[1] https://docs.openstack.org/keystone/latest/admin/configuration.html#caching-layer

Change-Id: I351eb64ff1df652b0a284d8cd3d835cec58a310f
2019-09-21 09:24:38 +09:00
Kamil Sambor
f5bbc3ff85 Support connecting OVN DB over SSL
This patch introduce parameters which support using SSL to connect to
OVN_Northbound DB and OVN_Southbound DB.

Depends-On: https://review.opendev.org/#/c/674603/
Change-Id: I03bda5d2e36ab168079fc7e8be220c9a4e29e44f
Signed-off-by: Kamil Sambor <ksambor@redhat.com>
2019-09-11 18:08:12 +02:00
Zuul
bc7d275c67 Merge "Remove the duplicated word" 2019-08-22 04:59:25 +00:00
Zuul
9133971c59 Merge "Add ceph grafana dashboard endpoint to haproxy" 2019-07-31 12:11:44 +00:00
fpantano
548b966aa0
Add ceph grafana dashboard endpoint to haproxy
This review adds the ceph grafana endpoint to
haproxy.

Depends-On: https://review.opendev.org/#/c/672536
Change-Id: If1a111662203896ee51fd61183f720a4cef18a3e
2019-07-29 18:07:53 +02:00
Zuul
9a079a3490 Merge "Remove aide puppet manifest" 2019-07-29 00:14:45 +00:00
Bogdan Dobrelya
6fb9d8e6cd Allow to configure Apache MPM module
Defaults to 'prefork', which ensures there is no upgrade/update impact.

Related-bug: #1829062

Change-Id: I3deb3e944ed4911962d204357bb3134569f153f6
Signed-off-by: Bogdan Dobrelya <bdobreli@redhat.com>
2019-07-17 17:33:44 +02:00
Zuul
787387a5f7 Merge "Include nova::metadata to compute profile" 2019-07-11 12:04:08 +00:00
Zuul
610691ca65 Merge "Allow custom per-service bind_options for haproxy" 2019-07-10 11:18:07 +00:00
Keigo Noha
1eafeb67bf Add dateext and related parameters for logrotate
logrotate.pp should support dateext and related parameters.
By this change, a filename of a rotated file can be easily distinguished
by rotated date.

Change-Id: I798304a472df41b86a88611c97c2c99131faa0ad
2019-07-08 16:58:38 +09:00
Martin Schuppert
3273d29163 Include nova::metadata to compute profile
The old DEFAULT/dhcp_domain setting was moved to api/dhcp_domain.
nova::network::neutron::dhcp_domain will be removed later in the cycle.
We need include nova::metadata which sets the new [api]/dhcp_domain
as this is used by the virt driver to generate the config drive.

Closes-Bug: 1832537

Depends-On: https://review.opendev.org/668663
Depends-On: https://review.opendev.org/668666
Depends-On: https://review.opendev.org/665131
Depends-On: https://review.opendev.org/669066
Depends-On: https://review.opendev.org/669208

Change-Id: I5da1e67684f8317eec8c499c3534977e00a63098
2019-07-07 16:43:25 +02:00
Martin Magr
bcb17115a3 Add TLS support for rsyslog
This patch implements creation of TLS certs and key for Elasticsearch
connection.

Change-Id: Ie97449b6f3e5d3a6481e087803d1982d7c6387f3
2019-07-03 13:24:27 +02:00
Kevin Carter
04c6f343e2 Remove tuned puppet manifest
The tuned puppet manifest is being removed because the heat template
which invoked it has been converted to ansible. This change removes
the tuned manifest and spec files accordingly.

Depends-On: I06d07f6f0949095cb716dd706e05f2e567c0d3d8

Change-Id: I1c76efb07474f8b0f5e226712aad30a75f6843af
Signed-off-by: Kevin Carter <kecarter@redhat.com>
2019-06-24 13:28:59 +00:00
Zuul
94c05e9984 Merge "Base profile for rsyslogd" 2019-06-14 22:11:46 +00:00
Zuul
1e5c120f48 Merge "RabbitMQ: always allow promotion on HA queue during failover" 2019-06-14 19:40:52 +00:00
Michele Baldessari
610c8d8d41 RabbitMQ: always allow promotion on HA queue during failover
When the RabbitMQ experience a rolling restart of its peers, the
master of an HA queue fails over from one replica to another.

If there are messages sent to the HA queue while some rabbit
nodes are restarting, the latter will reconnect as unsynchronized
slaves. It can happen that during a rolling restart, all rabbit
nodes reconnect as unsynchronized, which prevents RabbitMQ to
automatically elect a new Master for failover. This has other
side effects on fanout queues and may prevent OpenStack
notification to be consumed properly.

Change the HA policy to always allow a promotion even when all
replicas are unsynchronized. When such rare condition happens,
rely on OpenStack client to retry RPC if they need to.

Closes-Bug: #1823305
Co-Authored-By: Damien Ciabrini <dciabrin@redhat.com>
Change-Id: Id9bdd36aa0ee81424212e3a89185311817a15aee
2019-06-14 10:07:24 +02:00
Martin Magr
ff13fa1304 Base profile for rsyslogd
Adds profile for rsyslogd composable service which aims to replace fluentd
with the same behaviour. This means that rsyslog will be tailing OpenStack
log files and forwarding it to central log collector (ELK)

Change-Id: I5e5aae692482ee1de6de298eb18c49563a2d7d29
2019-06-12 08:12:52 +02:00
Carlos Goncalves
f95c6d1b54 Remove Neutron LBaaS
The project has been retired and there will be no Train release [1].
This patch removes Neutron LBaaS support in tripleo-heat-templates.

[1] https://review.opendev.org/#/c/658494/

Related-Bug: #1831618
Change-Id: I8e95027aa0bd7f1257c7f99c1b5a474aeb2fada4
2019-06-04 19:30:02 +02:00