348 Commits

Author SHA1 Message Date
Pradeep Kilambi
aec471a78d Re-run gnocchi and ceilometer upgrade in step 5
Without this gnocchi resources types are not created
as they are skipped initially and the resources from
ceilometer wont make it to gnocchi.

Closes-bug: #1674421

Depends-On: I753f37e121b95813e345f200ad3f3e75ec4bd7e1

Change-Id: Ib45bf1b3e526a58f675d7555fe7bb5038dadeede
2017-03-27 13:00:31 +00:00
Peng Liu
1deb6fea53 Add l2 gateway Neutron service plugin profile
Introduce profile to configure l2 gateway Neutron
service plugin.

Implements: blueprint l2gw-service-integration

Change-Id: I01a8afdc51b2a077be1bbc7855892f68756e1fd3
Signed-off-by: Peng Liu <pliu@redhat.com>
2017-03-27 05:14:02 +00:00
Alex Schultz
b517344423 Create bigswitch agent profile
Create a tripleo profile for the bigswitch neutron agent configuration
to be consumed by THT.

Change-Id: I7a8f7f73c9c8446e21c16a5c378bd7e0f0a4c94e
Partial-Bug: #1674791
2017-03-21 12:55:17 -06:00
Andrew Smith
8db8040e8b Include oslo.messaging amqp support for rpc and notifications
This commit conditionally includes messaging amqp class for the
oslo.messaging AMQP 1.0 driver to support notifications.

This patch:
* include keystone::messaging::amqp class for oslo_messaging_amqp opts

Change-Id: I8eb23a21d2499795c3a76ae3197bda7773165a8c
2017-03-21 11:15:05 -04:00
Tim Rozet
0cec9b6f49 Enables OpenDaylight Clustering in HA deployments
Previously ODL was restricted to only running on the first node in an
tripleO HA deployment.  This patches enables clustering for ODL and
allows multiple ODL instances (minimum 3 for HA).

Partially-implements: blueprint opendaylight-ha

Change-Id: Ic9a955a1c2afc040b2f9c6fb86573c04a60f9f31
Signed-off-by: Tim Rozet <trozet@redhat.com>
2017-03-16 16:13:10 -04:00
Feng Pan
8fa4f7c87f Add networking-vpp ML2 mechanism driver support
Implements: blueprint fdio-integration-tripleo

Change-Id: I5af0b8bbfa3ea6ace9a5cce4aa2fc1fab49ab9f2
Signed-off-by: Feng Pan <fpan@redhat.com>
2017-03-15 10:25:56 -04:00
Jenkins
8a6e4c7b99 Merge "Add support for BGPVPN service plugin" 2017-03-11 19:07:14 +00:00
Ricardo Noriega
83e7494bd2 Add support for BGPVPN service plugin
Introduce profile to configure networking-bgpvpn service

Implements: blueprint bgpvpn-service-integration

Change-Id: I7c1686693a29cc1985f009bd7a3c268c0e211876
Signed-off-by: Ricardo Noriega <rnoriega@redhat.com>
2017-03-11 19:08:22 +01:00
Jenkins
9aa3841a3c Merge "httpd: Clean up heat API profiles and add release note" 2017-03-11 02:58:19 +00:00
Emilien Macchi
03523df5c1 sahara: include authtoken class
authtoken class configures the keystone_authtoken parameters, required
to move to Keystone V3 auth.

Change-Id: Ibfd761fef813faa7bf13881c52c34e20d3eac9e5
2017-03-07 20:42:42 +00:00
Juan Antonio Osorio Robles
a2f3b91fa6 httpd: Clean up heat API profiles and add release note
There were some values that were passed to the classes manually, and
this takes the parameters from t-h-t instead. Also, the release note was
added.

bp tls-via-certmonger

Change-Id: I17c4b7041e16da6489f4b713fdeb28a6e1c5563c
Depends-On: I88e5ea7b9bbf35ae03f84fdc3ec76ae09f11a1b6
2017-03-07 15:04:43 +00:00
Jenkins
b235d6b096 Merge "fix typo in release note" 2017-03-07 03:39:32 +00:00
Emilien Macchi
ca8656e5bf fix typo in release note
Change-Id: I89e544474b3f73a9e00d37dcddb605d5fe979ca8
2017-03-06 21:06:25 -05:00
Steven Hardy
149f04e9cf Add docker profile
This configures the docker service on the host, as an alternative
to the firstboot script in docker/firstboot/setup_docker_host.sh

Doing this via puppet will enable easier integration with e.g
the multinode jobs where no firstboot scripts run, and also
enables a better error path in the event the service fails to start

Co-Authored-By: Alex Schultz <aschultz@redhat.com>
Change-Id: Id8add1e8a0ecaedb7d8a7dc9ba3747c1ac3b8eea
2017-03-06 08:42:54 -07:00
Jenkins
4e17386fda Merge "Default neutron dhcp_agents_per_network to number of agents" 2017-02-28 06:53:13 +00:00
Jenkins
8250ec9611 Merge "Add ceilometer polling agent profile" 2017-02-27 21:01:40 +00:00
Alex Schultz
354818cb19 Add release note for httpchk
Adding release note for Ie72b96c76d7513f84003bc15b6527c97df7ba92f

Change-Id: Ie3dd31519a4a2cc7aa94a5fc7cd7e906482668f3
Related-Bug: #1629052
2017-02-27 09:07:21 -07:00
Brent Eagles
52a68ffc8f Default neutron dhcp_agents_per_network to number of agents
This patch will set neutron's dhcp_agents_per_network equal to the
number of deployed neutron DHCP agents unless otherwise explicitly set.

Partial-bug: #1632721
Change-Id: I5533e42c5ba9f72cc70d80489a07e30ee2341198
2017-02-27 11:46:45 -03:30
Pradeep Kilambi
7dddf041c5 Add ceilometer polling agent profile
Ceilometer central, compute and ipmi agent classes are
deprecated. Instead we should be using polling agent
with relevant namespace.

Closes-bug: #1662685

Change-Id: I1ee50124bf8936e12414f984e1bcd4545d92e953
2017-02-25 12:19:31 -05:00
Jenkins
9a8ca3a1da Merge "Remove the string cast for using transport_url" 2017-02-25 16:04:22 +00:00
Carlos Camacho
d0e69f73c1 Remove the string cast for using transport_url
os_transport_url was updated to allow receiving
a string or an integer as parameter.

Fixes the workarounds in puppet-tripleo

Change-Id: I50993514048bf96b5a42b3425a7d6f98778fe694
Depends-On: I9e56f8e2de542b20fe9e6995506cff5bb435e220
2017-02-22 10:39:44 +01:00
Jenkins
71f655326b Merge "Add VPP service" 2017-02-21 21:16:21 +00:00
Jenkins
fb67bd6dae Merge "Enable languages in UI config" 2017-02-18 04:52:24 +00:00
Feng Pan
f59e01c097 Add VPP service
Vector Packet Processing (VPP) is a high performance packet processing
stack that runs in user space in Linux. VPP is used as an alternative to
kernel networking stack for accelerated network data path.

Implements: blueprint fdio-integration-tripleo

Change-Id: I70a68a204a8b9d533fc2fa4fc33c39c3b1c366bf
Signed-off-by: Feng Pan <fpan@redhat.com>
2017-02-17 09:57:06 -05:00
Julie Pichon
053ee06787 Enable languages in UI config
Which language options to offer to the UI users is determined in the
configuration file. Let's show all possible languages by default,
unless specified otherwise.

Change-Id: I513303bf82dca53e2291ab66f2385a2985a1846e
Related-Bug: #1663279
2017-02-17 13:11:08 +00:00
Emilien Macchi
aafff78c87 Add missing release notes for Ocata RC1
Change-Id: I95f7b57a6cb0811af324996bd00580732503ed28
2017-02-15 11:29:01 -05:00
Jenkins
ca9fffc549 Merge "Add support to changing the Rabbitmq password on update" 2017-02-12 19:01:23 +00:00
Jenkins
2a3b8ea554 Merge "Proxy API endpoints that UI uses" 2017-02-07 05:16:34 +00:00
Emilien Macchi
6556123395 nova/libvirt: switch vnc server binding
On compute nodes, instead of binding vnc server on 0.0.0.0, use the IP
address provided by libvirt's t-h-t profile (hiera).

Co-Authored-By: Juan Antonio Osorio Robles <jaosorior@redhat.com>
Depends-On: Ie377c09734e9f6170daa519aed69c53fc67c366b
Change-Id: If6b116b238a52144aad5e76c9edc7df6aa15313c
Closes-Bug: #1660099
2017-02-06 17:10:19 +00:00
Jenkins
2b11f29824 Merge "Revert "Revert "set innodb_file_per_table to ON for MySQL / Galera""" 2017-02-06 01:41:40 +00:00
Dan Trainor
9a69201b5f Proxy API endpoints that UI uses
Add support to enable the UI to use paths via mod_proxy to access API
endpoints instead of connecting to each endpoint directly on a port
other than where the UI is served from.  This is necessary to prevent
certificate acceptance errors from non-Chrome browsers which take
exception to connections made to other ports on the same hostname, using
one SSL certificate.

This change extends the UI's Apache configuration to create one
mod_proxy location for each of the API endpoints that UI calls upon.
These mod_proxy (using ProxyPass, ProxyPassReverse) endpoints are
configured using new heira variables provided in the dependent commit.

Additionally, this change modifies the default UI configuration file to
include endpoint URLs formatted to use the new endpoint paths that are
created.

Removed puppet variables which were previously used to generate the
contents of the tripleo_ui_config.js template, since they are no longer
used to generate this file, replaced with the new endpoint URLs
formatted to use the new endpoint paths that are created.

Change-Id: I55e375ad462fa98e181277ec0bd88658e620e8ad
Implements: blueprint proxy-undercloud-api-services
Depends-On: Ib20f4b0891563ae90ec80675635a64c39bd2fdb7
2017-02-03 20:04:10 -05:00
Alex Schultz
a0983a4ed7 Revert "Revert "set innodb_file_per_table to ON for MySQL / Galera""
This reverts commit 3f7e74ab24bb43f9ad7e24e0efd4206ac6a3dd4e.

After identifying how to workaround the performance issues on the
undercloud, let's put this back in. Enabling innodb_file_per_table is
important for operators to be able to better manage their databases.

Change-Id: I435de381a0f0e3ef221e498f442335cdce3fb818
Depends-On: I77507c638237072e38d9888aff3da884aeff0b59
Closes-Bug: #1660722
2017-02-03 19:50:08 +00:00
Saravanan KR
76931e535c Add support to changing the Rabbitmq password on update
Rabbitmq Password is set on the fresh deployment, but during
update, if the password is changed, it is modified in all config
files including rabbitmq config. But the rabbitmq connection fails
because the new password is not successful applied to rabbitmq.
Setting the rabbitmq_user will invoke 'rabbitmqctl change_password'.

Scenario: The password change is applied on Step1 when configuring
Rabbitmq. Other services may be updated on different Steps. Till
other services config is updated with new rabbitmq password, and
restarted, the connections will get Access Denied response. It has
cyclic dependency. So the passwords will be changes at Step1 and
once all services are updated, the connections will work as is.

Partial-Bug: #1611704
Change-Id: I44865af3d5eb2d37eb648ac7227277e86c8fbc54
2017-02-03 16:15:50 +05:30
Jenkins
8536cdd703 Merge "Add initial profiles for rest of Octavia services" 2017-02-03 01:02:55 +00:00
Alex Schultz
3f7e74ab24 Revert "set innodb_file_per_table to ON for MySQL / Galera"
This reverts commit 621ea892a299d2029348db2b56fea1338bd41c48.

We're getting performance problems on SATA disks.

Change-Id: I30312fd5ca3405694d57e6a4ff98b490de388b92
Closes-Bug: #1661396
Related-Bug: #1660722
2017-02-02 21:43:41 +00:00
Mike Bayer
621ea892a2 set innodb_file_per_table to ON for MySQL / Galera
InnoDB uses a single file by default which can grow to be
tens/hundreds of gigabytes, and is not shrinkable even
if data is deleted from the database.

Best practices are that innodb_file_per_table is set to ON
which instead stores each database table in its own file, each of
which is also shrinkable by the InnoDB engine.

Closes-Bug: #1660722
Change-Id: I59ee53f6462a2eeddad72b1d75c77a69322d5de4
2017-02-01 16:12:13 -05:00
Jenkins
181087e448 Merge "Add AuditD Profile" 2017-01-27 16:37:38 +00:00
Emilien Macchi
8bb10297ce nova: deploy basic setup for cells
it's not required in Ocata, let's configure the basic setup for cells.

note: it also cleanup old code that is not valid anymore.

Change-Id: Iac5b2fbe1b03ec7ad4cb8cab2c7694547be6957d
2017-01-27 14:26:25 +00:00
Steven Hardy
eb14c2a9f7 Add AuditD Profile
This patch allows the management of the AuditD service and its associated
files (such as `audit.rules`)

This is achieved by means of the `puppet-auditd` puppet module.

Closes-Bug: #1640302
Co-Authored-By: Luke Hinds (lhinds@redhat.com)
Change-Id: Ie31c063b674075e35e1bfa28d1fc07f3f897407b
2017-01-27 10:10:34 +00:00
Brent Eagles
6b8349b2cb Add initial profiles for rest of Octavia services
Initial profile files for Octavia services.

Partially-implements: blueprint octavia-service-integration
Change-Id: Ic6f945cdf36744382a4a63fcc374d5562964ca68
2017-01-25 18:17:25 -03:30
Keith Schincke
bbf13fe1d5 Add support for not using admin_token in Ceph/RGW
This patch add the option for using Keyston V3 authention with
the Ceph/RGW service instead of using the admin_token

Change-Id: I42861afcac221478dcb68be13b6dbc2533a7f158
2017-01-09 18:31:33 +01:00
Jenkins
71af301fc5 Merge "Adds ability to populate SSH Banner text" 2017-01-04 02:37:57 +00:00
Jenkins
28373c2afa Merge "Add basic structure for ReNo" 2016-12-23 11:29:21 +00:00
Luke Hinds
5a1764acf7 Adds ability to populate SSH Banner text
A puppet manifest to allow the toggle of 'Banner' in sshd_config
and enable population of an SSH login banner needed for security
compliance such as DISA STIG

If `Bannertext` is set as a parameter, the `Banner` key within
sshd_config is toggled to `/etc/issue` and the content is copied
into the `/etc/issue` file

Change-Id: Ie9f8afdfa9930428f06c9669fedb460dc1064d5e
Closes-Bug: #1640306
2016-12-21 16:45:37 +00:00
chinthagovardhan
3d74ad8300 HPELeftHandISCSIDriver support for cinder
Cinder Backend configuration support for
HPELeftHandISCSIDriver for VSA storage

Change-Id: Ia7e5f3d436283f7949b0eb8f109b3dc0309af4f5
2016-12-09 03:00:55 -08:00
Luke Hinds
fb0436eee3 Add basic structure for ReNo
ReNo [1] is the release management tool in OpenStack.

This patch adds the basic structure to start using it for doc
builds in puppet-tripleo.

* Update .gitignore
* Add a basic note "use-reno"
* Add releasenotes/ dir and basic files
* Add python files: setup.cfg, setup.py, test-requirements.txt and
  tox.ini.

  [1] http://docs.openstack.org/developer/reno

Change-Id: Idc9a30ab632c8e2ca794fb10431cdefd5d861d14
2016-12-03 13:16:33 +00:00
Luke Hinds
0921a93d42 Fixes typo in sriov_numvfs releasenotes
Change-Id: I729702a5326d74ad35485fa7276af45e2223ec5f
2016-12-02 10:39:11 +00:00
karthik s
eec3bba44b Configure the numvfs for SRIOV interfaces
This patch shall create VFs via the PCI SYS interface.
Default value : $::os_service_default
Sample Format : ['eth0:4','eth2:128']
For values as in sample format, the sriov_numvfs config files
for eth0 and eth2 will have the values 4 and 128 respectively
The SR-IOV numvfs configuration shall be persisted in /sbin/ifup-local
so that, during the bootup of the compute nodes, the numvfs
configuration will be restored.

Change-Id: I7450b904475bdf46498d9af633416b3eba12f761
Implements: blueprint tripleo-sriov
Signed-off-by: karthik s <ksundara@redhat.com>
2016-08-29 19:41:35 +05:30