Commit Graph

9 Commits

Author SHA1 Message Date
karthik s
512c032a0b Add bootparams service for all roles
NIC partitioning requires IOMMU to be enabled on roles using it.
By adding the BootParams service to all the roles, we could
enable IOMMU selectively by supplying the role specific parameter
"KernelArgs". If a role doesn't use NIC Partitioning then
"KernelArgs" shall be not be set and backward compatibility would
be retained.

Change-Id: I2eb078d9860d9a46d6bffd0fe2f799298538bf73
2018-11-19 05:02:07 -05:00
Emilien Macchi
7bebdefda8 Introduce OS::TripleO::Services::Podman
Podman service will be in charge of installing, configuring, upgrading
and updating podman in TripleO.

For now, the service is disabled by default but included in all roles.
In the cycle, we'll make it the default.

Note: when Podman will be able to run in TripleO without Docker,
we'll do like https://review.openstack.org/#/c/586679/ and make it as
a generic service that can be switched to either podman or docker.
But for now, we need podman & docker working side by side.

Depends-On: Ie9f5d3b6380caa6824ca940ca48ed0fcf6308608
Change-Id: If9e311df2fc7b808982ee54224cc0ea27e21c830
2018-10-02 01:47:46 +00:00
Alex Schultz
f7f9053963 Create a Timesync service declaration
In order to support switching between multiple timesync backends, let's
simplify the service configurations for the roles so that there is a
single timesync service.  This timesync service should point to the
expected backend (ntp/ptp/chrony).

Change-Id: I986d39398b6143f6c11be29200a4ce364575e402
Related-Blueprint: tripleo-chrony
2018-09-04 21:00:56 +00:00
Martin Mágr
b76d7623ac QDR for metrics collection purposes
This patch adds composable new service (QDR) for containerized deployments.
Metrics QDR will run on each overcloud node in 'edge' mode. This basically
means that there is a possibility that there will be two QDRs running
on controllers in case that oslo messaging is deployed. This is a reason why
we need separate composable service for this use case.

Depends-On: If9e3658d304c3071f53ecb1c42796d2603875fcd
Depends-On: I68f39b6bda02ba3920f2ab1cf2df0bd54ad7453f
Depends-On: I73f988d05840eca44949f13f248f86d094a57c46
Change-Id: I1353020f874b348afd98e7ed3832033f85a5267f
2018-07-31 21:55:45 +00:00
binhong.hua
58d1e814c6 remove OS::TripleO::Services::CephClient from CephAll
CephClient should be removed from the CephAll role.
The only thing it does is the key set which is already
handled by the ceph mon profile.
if not will cause Duplicate declaration: Class[Ceph::Keys]

Change-Id: I77bbec1edd21cd6a4212a381a1a7712adc4b604f
Related-Bug: 1722633
2018-03-26 02:35:53 +00:00
zshi
d0a92f1c20 Add PTP composable service
Precision Time Protocol (PTP) is a protocol used to
synchronize clocks throughout a network. When used
in conjunction with hardware support, PTP is capable
of sub-microsecond accuracy which is far better than
is normally obtainable with NTP.

Change-Id: I98a1833db28944cfd5a89e4f28c192bb9af8ebbb
Depends-On: Idc78df3a90b73be504480bc9d33a3f0041d2d84f
2018-02-08 15:20:17 +08:00
lhinds
7e68dbdf8c Implements AIDE Intrusion Detection System
Introduces a service to configure AIDE Intrusion Detection.

This service init's the database and copies the new database
to the active naming. It also sets a cron job, using email if
`AideEmail` is populated, otherwise the reports are sent to
`/var/log/aide/`.

AIDE rules can be supplied as a hash, and should the rules ever
be changed, the service will populate the new rules and re-init
a fresh integrity database.

Related-Blueprint: tripleo-aide-database
Depends-On: Iac2ceb7fc6b610f8920ae6f75faa2885f3edf6eb
Change-Id: I23d8ba2c43e907372fe079026df1fca5fa1c9881
2018-01-15 13:10:16 +00:00
Emilien Macchi
6a6872f390 Introduce OS::TripleO::Services::Rhsm
Background:
extraconfig/pre_deploy/rhel-registration interface has been maintained
for some time now but it's missing some features and the code overlaps
with ongoing efforts to convert everything to Ansible.

Plan:
Consume ansible-role-redhat-subscription from TripleO, so all the logics
goes into the Ansible role, and not in TripleO anymore.
The single parameter exposed to TripleO is RhsmVars and any Ansible
parameter can be given to make the role working.
The parameter can be overriden per roles, so we can think at specific
cases were some Director roles would have specific RHSM configs.
Once we have feature parity between what is done and what was here
before, we'll deprecate the old interface.

Testing:
Because RHSM can't be tested on CentOS, this code was manually tested on
RHEL against the public subscription portal. Also, we verified that
generated Ansible playbooks were correct and called the role with the
right parameters.

Documentation:
We'll work on documentation during the following weeks and explain
how to switch from the previous interface to the new one, and also
document new uses requested by our users.

Change-Id: I8610e4f1f8478f2dcbe3afc319981df914ce1780
2017-12-27 11:03:49 -08:00
John Fulton
e5cda83954 Add new roles for Ceph containerization
With the move to containers, Ceph OSDs may be combined with other
Ceph services and dedicated Ceph monitors on controllers will be
used less. Popular Ceph roles which include OSDs are Ceph file,
object and nodes which can run all Ceph services. This pattern
will also apply to HCI roles. This change adds the following
pre-composed roles to make it easier for users to use these
patterns:

- CephAll: Standalone Storage Full Role (OSD + MON + RGW + MDS + MGR + RBD Mirroring)
- CephFile: Standalone Scale-out File Role (OSD + MDS)
- CephObject: Standalone Scale-out Object Role (OSD + RGW)
- HciCephAll: HCI Full Stack Role (OSD + MON + Nova + RGW + MDS + MGR + RBD Mirroring)
- HciCephFile: HCI Scale-out File Role (OSD + Nova + MDS)
- HciCephObject: HCI Scale-out Object Role (OSD + Nova + RGW)
- HciCephMon: HCI Scale-out Block Full Role (OSD + MON + MGR + Nova)
- ControllerNoCeph: OpenStack Controller without any Ceph Services

Change-Id: Idce7aa04753eadb459124d6095efd1fe2cc95c17
2017-12-24 07:07:11 +00:00