We shouldn't override the hieradata but rather be explicit about which
mode we're operating in. e.g. pacemaker or not. This will help in
troubleshooting and not rely on hieradata overrides to work.
This reverts commit 0b51d8258c.
Related-Bug: #1931133
Change-Id: Id8df4fe5ce26dbcdeb7ba073ecb2199cf392b03b
When deploying multiple compute cells, conductor module needs to source
the nova::network::neutron module otherwise the neutron settings are not
configured on the cell conductor node.
Closes-Bug: #1929427
Change-Id: I236ab69175877f8ec5d3b1bef732486ae2b15b9d
Keep the default network=writeback setting, but allow it
to come from hiera overrides as well.
Change-Id: I47aaf4be463684f5b67820b8ebb5db44ba960b44
Signed-off-by: Bogdan Dobrelya <bdobreli@redhat.com>
Allow clustercheck to be started on-demand by either socat or
xinetd. T-h-t configures the backend to be run by Kolla at
container start.
Change-Id: Ie7ede82a755e729d66e077f97e87b3d6c816ed3c
Related-Bug: #1928693
The keymgr_* parameters are deprecated and these parameters will be
completely migrated to glance::key_manager. This change ensures the new
classes are included.
Depends-on: https://review.opendev.org/772141
Change-Id: Idc5b51db85b007abad34d0d69cf5be9fe51c5f0d
This change fixes the lint errors detected since we removed pins of
lint packages.
Note that this change also replaces absolute name used to call
the tripleo::stunnel::service_proxy resource type, which is not yet
detected by the latest lint rules.
Closes-Bug: #1928079
Change-Id: I12ba801db92cb3df1d05f14f4c150ac765f0b874
If defined, set reopenOnTruncate rsyslog imfile option for all services. Paremeter definition set by the services takes precedence
Change-Id: I5870c0689434eaca8d114cd83e1164e1454565d7
When nova_virtlogd container gets restarted the instance console auth files
will not be reopened again by virtlogd. As a result either instances need
to be restarted or live migrated to a different compute node to get new
console logs messages logged again.
Usually on receipt of SIGUSR1, virtlogd will re-exec() its binary, while
maintaining all current logs and clients. This allows for live upgrades of
the virtlogd service on non containerized environments where updates just
by doing an RPM update.
To reduce the likelihood in a containerized environment virtlogd should
only be restarted on manual request, or on compute node reboot. It should
not be restarted on a minor update without migration off instances.
This introduces a nova_virtlogd_wrapper container and virtlogd wrapper
script, to only restart virtlogd on either manual or compute node restart.
Closes-Bug: #1838272
Change-Id: I5192f8c306422d0966eef7544f719cc21172bd92
Co-Authored-By: Rajesh Tailor <ratailor@redhat.com>
Following the change in tripleo-heat-templates, this change removes
all implementation to support the Veritas HyperScale Driver, since
the driver itself has been removed from cinder.
Depends-on: https://review.opendev.org/787587
Change-Id: I4131fcd5bb39dc09527f17b5d149fe18be3f2fd5
... because the cinder_catalog_info parameter, which is used by api
and compute, have been migrated from nova to nova::cinder[1].
[1] 72103db985d00b3289b8b936956166f20ef8f3d0
Change-Id: Ic90e3eb0898d9c8317fb994db4275be2db0bc679
The barbican::keystone::authtoken class in imported by
the barbican::authtoken class thus we don't need to include it in
the barbican::api class.
Change-Id: I6e1a144cd3e449491b61d060a3df5355a405e67a
tripleo::profile::base::cinder::volume::dellemc_xtremio_iscsi
is deprecated and should have been removed in Victoria release.
Note:
This change includes switch of puppetlabs-haproxy branch name to fix
the unit tests failure at the same time.
Change-Id: I0682ab192de4ddafc4abcc9d57b1dacc713c49a8
With the merging of the pcs on host patchset for train we are seeing a
problem with FFUs on Instance HA environments.
Preamble:
Tripleo keeps the stonith-enabled cluster property set to false until the puppet step 5
With the pcs on host patchset the enablement happens still at step 5 but
it gets triggered during tripleo_ha_wrapper deployment task of
cinder-volume which tries to restart the cinder-volume service (during
the leapp of the first controller) and this hangs forever because
pacemaker is in the following transition:
- stonith-fence_compute-fence-nova is configured
- pacemaker wants to call stonith on for controller-0 (which is probably
dumb, but it is unlikely we'll be able to change that in the right
timeframe as it seems a potentially involved change in behaviour)
- Any other action, like cinder-volume restart in this case, is stuck
and the FFU fails.
If we simply move the stonith resource creation (and change nothing else
in the stonith-enabled property being set at step 5) to step 2, we
fix this.
Tested and with the injection of this puppet-tripleo review into the
FFU queens->train upgrade on an IHA system, now the FFU passes.
Also applied this patch to a Train based IHA deployment and verified
that deployment, redeploy, minor update and scaleup all keep on working.
Closes-Bug: #1923723
Change-Id: Ib3e2d9c93221dfc2e15974142f30e8c84e7afd63
On an OVN clustered database environment, there is no OVN VIP as all
OVN databases are active. Neutron has to be configured to point to all
OVN database servers in the cluster.
Co-Authored-By: Michele Baldessari <michele@acksyn.org>
Change-Id: Ib8624f0c2e87de18a990060c3cb939c13ec3a6f2
... because this logic is never enabled and blocking usage of the exec
resource now.
Change-Id: I65842685b026eca1eb18f458c1b81096d9bd51bf
Related-Bug: #1922282
Change c376d64e5f deprecated
the key_mgr_backend parameter of the cinder::api class, but the logic
to pick up the deprecatd parameter, which was implemented by this
change, was invalid because the cinder class is included before
the cinder::api class is included.
This change removes the invalid implementation and makes that parameter
just ineffective, because we use the cinder::* parameter from t-h-t
and it is unlikely that users would use that puppet-tripleo parameter
directly.
Change-Id: Ie24f82fcede4d2862f9e6a49734959499d9fd845
Following the pattern of other cinder backends, a new
tripleo::profile::base::cinder::volume::rbd::multi_config parameter
adds support for configuring cinder RBD backends associated with
multiple ceph clusters. The multi_config parameter is a hash that
specifies the settings required to access each additional cluster
(FSID, pool and client names, etc.).
This patch also deprecates legacy code that managed ACLs for the ceph
client keyring. THT already ensures cinder can access the keyring
using kolla_config permissions.
Change-Id: I040e25341c9869ad289d7e7c98e831caef23fece
1. Adding 'cinder_volume_type' configuration parameter to allow
cinder stores to specify a volume type for each cinder store.
2. Removed the restrictions are imposed to allow only a single
instance of the 'cinder'.
Partially Implements: blueprint multiple-cinder-backend-support
Change-Id: I58df2815e59fe064fe3f0f1d5e1cd35e63d5bdd1
The gatekeeper middleware and the listing_formats middleware are always
enabled in proxy-server pipeline, even if these middlewares are not
explicitly enabled in the pipeline parameter.
This change ensure that the corresponding puppet classes are included
so that operators can set parameters of the these two middlewares.
This change also updates order of class inclusions so that the order
becomes consistent with the pipeline parameter.
Depends-on: https://review.opendev.org/776826
Change-Id: I994e549c5ccc9b06af2682826ac040edf51a3efa
This patch adds these new classes:
- tripleo::profile::base::cinder::backup::gcs
- tripleo::profile::base::cinder::backup::s3
Depends-On: I7fd2c745480086571d02b89d4adbaa02213a94fa
Change-Id: I06857dd2fb64071ea734a0d3ef68ada5e5d2c077
Currently just a thin layer between the templates and puppet-designate.
bind9 is currently the only supported backend.
Change-Id: If97e16a125537c1b5d9f5cfac1de0ffae0edb99a