With the dynamic Jinja2 rendering for networks, the heat resource for
Internal API network was accidentally being renamed to:
OS::TripleO::Network::Internal
when it should be the same as previous versions:
OS::TripleO::Network::InternalApi
This patch removes the 'compat_name' which was overriding the network
name for rendering the resource. This patch also removes the
compat_name functionality from the network/networks.j2.yaml file
since it is no longer needed.
Closes-Bug: 1718764
Change-Id: If756cddd91933edb303cc056515d98b941a3eb14
Signed-off-by: Tim Rozet <trozet@redhat.com>
This wrapper binary spawns the HAproxy daemon and implements a
coordinated HAproxy restart on SIGHUP.
From a service's perspective, this allows reloading the HAProxy
configuration with minimal service disruption, i.e. without stopping
and restarting the HAProxy container.
Closes-Bug: #1717521
Change-Id: Ib3ef0c0bcf1a8151e179ff4d7509cf0d6b3ac5a1
During the bootstrap of the mariadb database, galera replication
must be disabled while the users credentials are being set up. This
is done by setting wsrep-provider=none when starting mysqld_safe.
Icf67fd2fbf520e8a62405b4d49e8d5169ff3925b already disabled it
when the clustercheck credentials are being set up, but Kolla also
start a temporary server for setting up the root password.
Disable the setting directly at the end of the mysql.cnf in the
running container. That way, the default setting from galera.cnf will
be overriden, all mysqld_safe calls will disable WSREP and the setting
will stay ephemeral.
Change-Id: If14e22992b46a35a05a16a9db5ecb360ea13df8f
Closes-Bug: #1717250
The environments/network-isolation[-v6].yaml files have an
unneeded reference to network/ports/noop.yaml for unused
networks.
This introduces a regression where environment files that
define the networks and ports on a per-role basis can
cancel out other environment files. See bug # 1717322.
The overcloud-resource-registry.j2.yaml already uses noop.yaml
for every network on every role (whether or not the networks
are enabled, or whether the particular network is supposed
to be on a role. So having noop.yaml specified for every
role in network-isolation[-v6].yaml is not needed and can
cause issues with upgrades if the environments are not
included in a specific order.
Change-Id: If06407e5235587af090ede44674bf9c7e08e340e
Closes-bug: 1717322
After landing https://review.openstack.org/#/c/503484/ we run the
puppet host configuration steps twice. This change removes the
deploy_steps_tasks.yaml playbook in order to run the puppet steps
only once.
Closes-bug: 1717244
Change-Id: I09461094618124915841c8390c8bce8daf64d029
The existing network-isolation-no-tunneling.yaml contains
references to missing files. This patch generates the file
with jinja to include custom networks and make it work
with composable networks.
Change-Id: Ibcab2f6b5ac880a6b3d7dd5126bd24facfa17322
Signed-off-by: Antoni Segura Puimedon <antonisp@celebdor.com>
Co-authored-by: Dan Sneddon <dsneddon@redhat.com>
Using the service_ prefix seems incoherent with its use in
service_config_settings (vs config_settings).
Change-Id: Ia39f181415bee0071409dabddfa0c5c312915e1f
This reverts commit a7a02f0da8.
This change requires a heat functionality which is not yet available so scenario001-containers job fails because of the new tags. Reverting to unblock CI and this should be back after we have heat promotion
Change-Id: Ib0fed291c1c4e41d1ea0bb7fc2ccbdabac1d336b
Closes-Bug: #1716915
This adds a new config/deployment per role that will come after any
post deploy steps. It drives the same ansible config as the
upgrade_tasks but instead collects the post_upgrade_tasks for any
service in the given role.
The workflow is upgrade_tasks, then post deploy steps (either
puppet/ or docker/ depending on the env) and then the
post_upgrade_tasks added here.
This is added to the pacemaker/cinder-volume.yaml service for now
see the bug below for more info
Change-Id: Iced34fecf02ebddc91df9302de54d2f4c2cab680
Closes-Bug: 1706951
Deploy Mistral with Keystone v3 options (authtoken) like we do for other
services.
Change-Id: I145f02eb5e00e00f8b90b32d1fd495a5b3a2726b
Depends-On: Ibc600c16195816d90b817a96029845a2954ac809
I96ec09bc788836584c4b39dcce5bf9b80e914c71 added this output to the
deploy-steps.j2, but missed adding this to the major upgrade template
which means the overcloud RoleConfig output is broken after the upgrade
(until the converge update switches back to the deploy-steps.j2 derived
template)
Closes-Bug: #1716404
Change-Id: I331fa18b456ca2d6c124316d513374e3fe5a5007
This is useful to easily filter workflows created by the templates
and for a specific stack.
Change-Id: I0a26cacaf5ad5709881043434694c9254a9e710b
Related-Bug: #1715389
This change allows running the major upgrade composable docker
steps multiple times by not trying to delete the pacemaker resources
if they're not reported as started or in master state.
Closes-bug: 1716031
Depends-On: I8da03f5c4a6d442617b81be5793a9724cc8842bf
Change-Id: Ifcf9de8c82550a90a9fb118052d43fdbcdc6ca7e
Since, user ID on host and container differs, image-create
with NFS backend was failing with permission error. But even after
resolving permission error[1] the image was not getting created
on the nfs share as the NFS endpoint is not mounted successfully on
the container via puppet. This will be fixed by [2].
Now, adding two below changes in this patch,
[1]. chown glance:glance /var/lib/glance.
[2]. Proposing this solution to mount NFS endpoint on the host instead
of mounting it on glance container, because mounting in container
does not work as explained in LP Bug.
Closes-Bug: 1708629
Change-Id: Ib60cb0d179e7c117dc26440746154136aa9d163e
OsNetConfigMappings should be case insensitive in
os-net-config-mappings.yaml
This patch casts all MAC addresses to lower case.
Change-Id: Ide18660a3a8063cfdf53500cd727c8f49407b436
Closes-Bug: 1709653
Redis does not have TLS out of the box. Let's use a proxy container for
TLS termination.
This commit enables redis TLS proxy for the HA deployment.
bp tls-via-certmonger
Change-Id: I45e539872a03878337def33c681c4577c1a5629e
Tim Rozet
Jenkins
Pradeep Kilambi
Damien Ciabrini
Dan Sneddon
Marius Cornea
Antoni Segura Puimedon
Giulio Fidente
Alex Schultz
marios
Emilien Macchi
Steven Hardy
Zane Bitter
Pranali Deore
Andreas Karis
Martin André