11 Commits

Author SHA1 Message Date
Zuul
82a95ab73d Merge "Add ReaR service to all roles" 2021-04-23 14:12:20 +00:00
Michele Baldessari
97016b2012 Add FRR service
This adds support for BGP via the OS::TripleO::Services::Frr service.
Spec: https://review.opendev.org/c/openstack/tripleo-specs/+/758249

We create the frr configuration via the corresponding tripleo_frr
ansible role at step0. We start the FRR container at deployment step
1 before pacemaker gets configured as the routing to all the other nodes
needs to be functional before setting up the cluster.

Co-Authored-By: Carlos Gonçalves <cgoncalves@redhat.com>

Change-Id: I7cef73c57e7b69f4d031e220c954803afd5e0b8c
2021-03-13 18:25:42 +00:00
Grzegorz Grasza
e329ca915e Generate certificates using ansible role
This is using linux-system-roles.certificate ansible role,
which replaces puppet-certmonger for submitting certificate
requests to certmonger. Each service is configured through
it's heat template.

Partial-Implements: blueprint ansible-certmonger
Depends-On: https://review.rdoproject.org/r/31713
Change-Id: Ib868465c20d97c62cbcb214bfc62d949bd6efc62
2021-03-10 16:28:22 +01:00
Harald Jensås
ff4d1fbb66 Use tags instead of role names
Role names can be customized, yet in THT jinja2 we
have several places where conditions are based on
the role name. By using tag's such as 'storage',
'ceph' and 'ovsdpdk' we the role names become truly
customizable.

The depends-on change in TripleO common will
dynamically add tag's to role's based on role.name
for backward compatibility during deprecation
period.

Depends-On: https://review.opendev.org/758124
Change-Id: I5ab4e4a220294245f95d328391bfffec87781a09
2020-10-15 12:57:40 +05:30
Alan Bishop
500ba04798 Remove Etcd from DCN roles that don't need it
Remove the Etcd service from DCN roles that do not need it. Etcd is
only required by the cinder-volume service in order to run in active/
active mode. Roles that do not host the cinder-volume service do not
need Etcd.

Change-Id: Ia24eed019ba973aad0e8f5b7fc0d53c1ee4149e8
2020-08-31 07:17:20 -07:00
Takashi Kajinami
6ff238199d Add ReaR service to all roles
This patch adds ReaR service to some roles currently without it,
because this service is expected to be added to all roles when rear
service templates were introduced initially[1].

[1] 79bd7c447b11cc8d2eee9ed20e14dc575fd070a7

Note that this patch doesn't add ReaR service to Ceph roles because
generally we don't expect taking backup of Ceph nodes by ReaR.

Change-Id: I8222c39925a3ba3172fa03ae8931a6de3fb021a1
2020-08-14 14:55:05 +09:00
Alan Bishop
5080e45fd2 Add BarbicanClient service for configuring edge sites
A new BarbicanClient tripleo service provides a means of configuring
the barbican Key Manager settings for cinder, glance and nova services
running at an edge site. This is necessary because the BarbicanApi
tripleo service is only capable of configuring the Key Manager settings
for services running in the control plane.

For cinder, the BarbicanClient ensures the KeyManager settings are
available to the cinder-volume and cinder-backup services. This is
necessary because the Key Manager setttings are traditionally associated
with the cinder-api service, but cinder-api is not deployed at the edge.

Closes-Bug: #1886070
Change-Id: I17d6c3a3af5b192b77d264ff3e94e64ef6064c77
2020-07-10 06:35:11 -07:00
Emilien Macchi
ac2711c72b Switch to Podman by default
- Remove Docker service from all the roles; not needed anymore
- Switch ContainerCli to podman for docker-ha environment. Note; this
  environment might be renamed at some point to, container-ha.yaml. But
  for backward compatibility we still use it now.
  Also switch EnablePaunch to false since we were waiting for the podman
  switch to do it.
- In the overcloud registry, disable Docker by default and enable Podman
  by default.

This patch will only work for centos8/rhel8 based deployments.

Change-Id: I561c52ce09c66a7f79763c59cd25f15949c054af
2020-03-18 09:27:36 -04:00
Alex Schultz
bac746b25b Remove skydive
We're dropping this as it has no testing and is not currentily available
for CentOS 8.

Change-Id: I408490346840d5a2e3ae29f53cbc100edcf72ee7
Depends-On: https://review.opendev.org/#/c/712517/
2020-03-12 14:02:52 -06:00
John Fulton
e81a3f8d36 Remove BlockStorageCinderVolume service from certain DCN roles
The ScaleOut roles should accompany the DistributedCompute roles
which are sufficient to provide the BlockStorageCinderVolume
service.

The DistributedCompute role supports usecases without persistent
storage via Cinder while the DistributedComputeHCI supports
usecases with persistent storage via Cinder. For those usecases
we want the BlockStorageCinderVolume service to be used by
DistributedComputeHCI with Ceph but not without Ceph as that
is presently the only Cinder backend supporting active/active.

Change-Id: I8588919cecc2be06447eba2b53b79d8d7cfc6a9e
Fixes-Bug: #1863799
2020-02-18 16:57:04 -05:00
John Fulton
d739e9a4b6 Add DCN Scale Out Roles
In Id6c416b8c7b3b6314d935e3eeb8a3f114492cecd the roles for
DistributedCompute and DistributedComputeHCI received the
GlanceApiEdge service so that Glance could run at DCN sites.
Those who wish to run >3 DCN nodes with Glance may then add
scale out roles by replacing the GlanceApiEdge service with
the new HAproxyEdge service, which configures a local haproxy
to forward glance-api requests to edge nodes running Glance.
This patch provides the DistributedComputeScaleOut and
DistributedComputeHCIScaleOut roles so that deployers may
specify 3 DCN nodes and N DCN scale out nodes without having
to compose the roles themselves.

Change-Id: I8900ba3bb470804b5bb5016aacc66dc171e1bb62
2020-02-14 07:27:08 -05:00