304 Commits

Author SHA1 Message Date
Zuul
4a8c95a06c Merge "Switch to Chrony by default" 2018-11-05 23:49:11 +00:00
Zuul
c6a5a6f345 Merge "Add chrony time service" 2018-11-05 03:01:00 +00:00
Alex Schultz
88bccfe8c6 Switch to Chrony by default
This change switches the default timesync service from NTP to Chrony.
With this switch, NTP is officially deprecated.

Depends-On: https://review.openstack.org/#/c/614876/
Change-Id: Iff7981ae7144c59cbc03b35ee0b1dcda5af2f6a4
Implements-Blueprint: tripleo-chrony
2018-11-01 21:45:11 +00:00
Alex Schultz
2d59a92a34 Add chrony time service
Add a chrony service configuration. The chrony service configuration
includes tasks to ensure that the ntpd service is stopped prior to
configuring chronyd. Since both can be switched back and forth, the ntpd
configuration is also updated to stop chronyd prior to attemping to
configure the ntpd service.

Change-Id: Ie5e8183c000915f28166c842cecc04f445c013ae
Related-Blueprint: tripleo-chrony
2018-10-31 18:55:19 +00:00
Alex Schultz
653649ebbc Add OpenStack clients service
We did not have a easy way to ensure all the openstack clients are
installed on a given system. In the old instack-undercloud installation,
we were installing some additional clients outside of the ones required
via python-tripleoclient. To allow a user to quickly install all the
clients on a given system, this change adds an OpenStack clients
"service" which can be added to a role to ensure the clients are
available. In the future if we provide a client container, this service
can be converted into a container deployment mechanism.

Change-Id: If878c2ab7679eea2fff42b410bec9c8c9b92ed6f
Closes-Bug: #1800001
2018-10-26 16:25:35 -06:00
Zuul
5d2b9a420e Merge "Configure haproxy for openshift infra" 2018-10-06 12:46:01 +00:00
Emilien Macchi
7bebdefda8 Introduce OS::TripleO::Services::Podman
Podman service will be in charge of installing, configuring, upgrading
and updating podman in TripleO.

For now, the service is disabled by default but included in all roles.
In the cycle, we'll make it the default.

Note: when Podman will be able to run in TripleO without Docker,
we'll do like https://review.openstack.org/#/c/586679/ and make it as
a generic service that can be switched to either podman or docker.
But for now, we need podman & docker working side by side.

Depends-On: Ie9f5d3b6380caa6824ca940ca48ed0fcf6308608
Change-Id: If9e311df2fc7b808982ee54224cc0ea27e21c830
2018-10-02 01:47:46 +00:00
Martin André
b2bcc10d5a Configure haproxy for openshift infra
Openshift Routers are located on the infra node and need to be highly
available on ports 80 and 443.

Depends-On: I5de14152904d06c49e9d5b2df6e3f09a35f23d92
Change-Id: Iee088e1279bff2cdb7a3601288804f626bff29a3
2018-09-25 16:35:48 +02:00
Martin Schuppert
a823be0733 Move nova-metadata api to httpd wsgi
Upstream will deprecate usage of eventlet of all the WSGI-run
services, including nova-api and nova-metadata-api.
See https://review.openstack.org/#/c/549510/ for more details.

With this change we move nova-metadata to run via httpd wsgi
and therefore uses its own config volume.

Closes-Bug: 1781405

Change-Id: I7206925c5416814bcbf92021e606afeaedde4b1b
Depends-On: Ic65736cb0e95c400a728cd699ecf06c6aecff832
Depends-On: Ic46acdbac280ac648ec5ed9d7af0139126334fe0
Depends-On: I47d79ab8e274e94cbe0d4cadd204e63cbbe3dca8
Depends-On: I069510b8dfc8e6a7c5ff6f07826f10a2038856d7
Depends-On: I3d572dda2e90b7e24f2f8912d704462b9332d807
2018-09-19 15:07:38 +02:00
Alex Schultz
f7f9053963 Create a Timesync service declaration
In order to support switching between multiple timesync backends, let's
simplify the service configurations for the roles so that there is a
single timesync service.  This timesync service should point to the
expected backend (ntp/ptp/chrony).

Change-Id: I986d39398b6143f6c11be29200a4ce364575e402
Related-Blueprint: tripleo-chrony
2018-09-04 21:00:56 +00:00
Steve Baker
93d87cf18d Always enable image prepare service for docker clouds
This change includes the service
OS::TripleO::Services::ContainerImagePrepare by default in the overcloud
which will trigger a container image prepare in the same way as is
currently done for the containerized undercloud.

Along with the mistral action which populates the container image
parameters, this change makes blueprint container-prepare-workflow
functionally complete.

Change-Id: I8b0c5e630e63ef6a2e6f70f1eb00fd02f4cfd1c0
Blueprint: container-prepare-workflow
2018-08-15 12:09:23 +00:00
Zuul
39e360624e Merge "Break out image prepare into its own "service"" 2018-08-10 02:31:33 +00:00
Zuul
e7bde70073 Merge "Add NovaResumeGuestsStateOnHostBoot and NovaResumeGuestsShutdownTimeout" 2018-08-08 12:39:02 +00:00
Zuul
7248cd24ba Merge "Allow to remove xinetd service" 2018-08-02 08:14:58 +00:00
Steve Baker
1bda1fd9a7 Break out image prepare into its own "service"
This makes the docker-registry service focused on installing the
registry, as it should be. Also this makes it possible to invoke this
service during overcloud deploy too.

This change also switches to calling the tripleo-common script
tripleo-container-image-prepare instead of the full openstack command.
This will allow a mistral image to do a prepare without depending on
the python-tripleoclient package.

The {{role}}Services and {{role}}Count are propagated to
tripleo-container-image-prepare so that images are filtered correctly.

sudo is used instead of become:true so that the tripleo-common mistral
sudoers pattern matches.

Depends-On: Ic1648e43f45bb7604d4c0f9abf247a475fb23707
Change-Id: Ibc16bed673de7b22cd8eef3f6fb0d45871083873
Blueprint: container-prepare-workflow
2018-08-02 11:29:39 +12:00
Martin Mágr
b76d7623ac QDR for metrics collection purposes
This patch adds composable new service (QDR) for containerized deployments.
Metrics QDR will run on each overcloud node in 'edge' mode. This basically
means that there is a possibility that there will be two QDRs running
on controllers in case that oslo messaging is deployed. This is a reason why
we need separate composable service for this use case.

Depends-On: If9e3658d304c3071f53ecb1c42796d2603875fcd
Depends-On: I68f39b6bda02ba3920f2ab1cf2df0bd54ad7453f
Depends-On: I73f988d05840eca44949f13f248f86d094a57c46
Change-Id: I1353020f874b348afd98e7ed3832033f85a5267f
2018-07-31 21:55:45 +00:00
Cédric Jeanneret
6237903852 Allow to remove xinetd service
The xinetd service isn't used anymore on the host - it runs in
containers where it is needed, meaning that service can be dropped
for good, as well as its package.

Change-Id: I004a43c1b6c9cee21c24749bd6589435530e48e0
2018-07-31 15:21:59 +02:00
Martin Schuppert
9654393f24 Add NovaResumeGuestsStateOnHostBoot and NovaResumeGuestsShutdownTimeout
NovaResumeGuestsStateOnHostBoot (true/false) parameter which
configures whether or not to start again instances which were running at
the time of a compute reboot.
This will set the resume_guests_state_on_host_boot parameter in nova.conf
and configures and enables libvirt-guests with a dependency to the
docker service to shutdown instances before the libvirt container gets
stopped.
NovaResumeGuestsShutdownTimeout specifies the number in seconds for an
instance to allow to shutdown.

Change-Id: I946600ebbc3afd88385ca89015e8f6a6c46f46ef
Closes-Bug: 1778216
Depends-On: I2766cdd66ff17756daaf1a75ad516a7af6eebddc
Depends-On: Id1cc2e75af316b864cebf601395f1111b7fb049a
2018-07-31 12:24:08 +02:00
rabi
26e0ce7702 Add support for containerized networking-ansible ML2 plugin
Co-Authored-By: Derek Higgins <derekh@redhat.com>
Change-Id: I8500de7ec71a8efa567a0b3aa29725ef235795bc
2018-07-30 20:48:22 +00:00
Zuul
1842528f14 Merge "Store ODL logs to file" 2018-07-06 13:34:01 +00:00
Zuul
cf77ea0ae0 Merge "Add networking-ansible ML2 plugin support" 2018-07-05 17:44:05 +00:00
Janki Chhatbar
223b9428f1 Store ODL logs to file
ODL is configured to log to console and then access the logs
via docker logs. Older logs are being deleted too fast. So
moving back to logging to file which is default setting in ODL
THT.
https://github.com/openstack/tripleo-heat-templates/blob/
master/puppet/services/opendaylight-api.yaml#L60

Change-Id: I29724cfb23e13c8293d1b7b4341cbd409ae1b7a6
Closes-Bug: 1779629
2018-07-02 10:35:25 +00:00
rabi
6d5b9ab421 Add networking-ansible ML2 plugin support
Depends-On: https://review.openstack.org/577074
Depends-On: https://review.openstack.org/576093

Change-Id: Ib0c2395fbabc654378101527ca065b5c69d3222d
2018-07-02 13:22:04 +05:30
Alex Schultz
db181732c6 Add SELinux management to containerized undercloud
In instack-undercloud we manage the selinux configuration during the
deployment. This change exposes the configuration as a new tripleo
service for selinux so we can configure it.

Change-Id: I2109bf62e307df92b6bdb57600c58dd61482f46d
Partial-Bug: #1779005
2018-06-28 09:12:30 -06:00
Emilien Macchi
0e0147732c Implement TripleoValidations composable service
Implement a service that will deploy TripleO Validations package and
user by using Puppet like we did with instack-undercloud. This service
will be included on the undercloud but disabled by default. We'll keep
the same interface in undercloud.conf to enable it or not so no change
for the end user.

Change-Id: Ida09f92010e31d952edd82b42a7fc20451537d42
2018-06-13 11:35:49 -07:00
Zuul
096cef093c Merge "Manage public certificate with ansible" 2018-06-01 17:37:48 +00:00
Cédric Jeanneret
59b762658d Manage public certificate with ansible
This is basically a rewrite of the bash script pushed by
puppet/extraconfig/tls/tls-cert-inject.yaml

UpgradeImpact: NodeTLSData is not used anymore

Change-Id: Iaf7386207e5bd8b336759f51e4405fe15114123a
2018-05-31 14:50:00 +02:00
Alex Schultz
f8d0edac5f Drop old ceilometer services
These were needed for FFU to Queens so we should remove them for Rocky.

Change-Id: I0e24d19cd17d35644fa02e989fa9ef592195b9f1
2018-05-29 20:51:07 +00:00
Zuul
161156d750 Merge "NFV: Support for config-download to deploy node with kernel args" 2018-05-29 18:52:58 +00:00
Saravanan KR
a3e4a90636 NFV: Support for config-download to deploy node with kernel args
For NFV deployments, specific kernel args should be applied and
the nodes should be restarted before running the NetworkDeployment.
It is supported in the heat deployment via PreNetworkConfig. In the
config-download mechanism, ansible steps need to be improved
to handle the reboot and wait for the node.

Change-Id: I43b383ad0e04b8be6c321f8c5b05e628b2520141
2018-05-15 11:01:06 +05:30
Alex Schultz
64bc4a7683 Remove undercloud specific service definitions
Since we're aligning the overcloud/undercloud and we've switched to
containerization it, we should reuse the same heat services rather than
duplicating the services with the Undercloud definition.

Depends-On: Ic7dba7e548f85574cce2db23e3fec5c8ea761bb7
Change-Id: I497597a47533375f34a22a56e2e9a145d9393358
Related-Blueprint: containerized-undercloud
2018-05-09 21:33:20 +00:00
Hamdy Khader
afcf2c71e3 Add support for NVMeOF cinder backend
Change-Id: I2ee3b44fc4a7bede635b0bfcacd1dab8547d123a
2018-05-07 15:45:42 +03:00
Zuul
7eb4eafae6 Merge "Add an openshift-cns service" 2018-05-01 09:25:09 +00:00
Zuul
24b4c1ecbd Merge "Switch remaining env files to containers defaults" 2018-04-27 11:22:23 +00:00
Bogdan Dobrelya
041251d473 Switch remaining env files to containers defaults
Mark regular non-containerized services with FIXME
to be switched, once it is containerized

Do not mark yet an external/backend/plugin/host-config
related puppet services templates with that FIXME

Mark puppet/services/ceph- related templates as TODO
switch it to containerized ceph-ansible eventually, maybe.

Change-Id: Ib9fbad05eeb57dc641499fbf411cb5870da7a8e9
Signed-off-by: Bogdan Dobrelya <bdobreli@redhat.com>
2018-04-26 23:45:01 +00:00
James Slagle
f44e8d7bd2 Switch to config-download by default
Updates overcloud-resource-registry.j2.yaml to include the mappings from
enviornments/config-download-environment.yaml. This enables
config-download by default. The environment to explicitly enable
config-download is deprecated.

An environment at environments/disable-config-download.yaml is added
which can be used to disable config-download but is marked as
deprecated.

Change-Id: I8389a0c48e1aa610fdc6a8580516889340883034
implements: blueprint config-download-default
2018-04-25 09:42:13 -04:00
Zuul
cfc4126af2 Merge "No-op Mistral workflow resources for update/upgrade/ffwd" 2018-04-25 04:53:30 +00:00
Zuul
822bd996b3 Merge "Support separate oslo.messaging services for RPC and Notification" 2018-04-25 04:43:46 +00:00
Zuul
784145857d Merge "Add environment file for Mellanox SDN" 2018-04-23 17:11:52 +00:00
Jiri Stransky
19be98ba07 No-op Mistral workflow resources for update/upgrade/ffwd
So far we haven't been disabling workflows for update/upgrade. We
should disable them by default as they could have the potential to
disrupt the update/upgrade/ffwd procedure.

The main example of a thing we deploy via the workflow resources is
Ceph. We decided no-opping ceph-ansible for the main
update/upgrade/ffwd upgrade steps is the safest path forward and we'll
update/upgrade Ceph it after the main procedure is finished.


Change-Id: I34c7213ab7b70963ad2e50f7633b665fad70bde5
2018-04-23 10:47:58 +00:00
Andrew Smith
78bc457585 Support separate oslo.messaging services for RPC and Notification
This commit introduces oslo.messaging services in place of a single
rabbitmq server. This will enable the separation of rpc and
notifications for the continued use of a single backend (e.g.
rabbitmq server) or a dual backend for the messaging communications.

This patch:
* add oslo_messaging_rpc and oslo_messaging_notify services
* add puppet services for rpc and notification
  (rabbitmq and qdrouterd servers)
* add docker services to deploy rpc (rabbitmq or qdrouterd)
  and notify (rabbitmq or shared)
* retains rabbit parameters for core services
* update resource registries, service_net_map, roles, etc.
* update ci environment container scenarios
* add environment generator for messaging
* add release note

Depends-On: Ic2c1a58526febefc1703da5fec12ff68dcc0efa0
Depends-On: I154e2fe6f66b296b9b643627d57696e5178e1815
Depends-On: I03e99d35ed043cf11bea9b7462058bd80f4d99da
Needed-By: Ie181a92731e254b7f613ad25fee6cc37e985c315
Change-Id: I934561612d26befd88a9053262836b47bdf4efb0
2018-04-22 04:33:44 +00:00
Flavio Percoco
e200974421 Add an openshift-cns service
This service file allows for enabling CNS in an OpenShift deployment.
It works as a tagging service and the rest of the configs are applied in
the openshift-master service file.

Note that the disks used can be specified as follows:

parameter_defaults:
  OpenShiftGlusterDisks:
    - /dev/sdb

Or per-role like:

parameter_defaults:
  OpenShiftMasterParameters:
    OpenShiftGlusterDisks:
      - /dev/sdb
  OpenShiftWorkerParameters:
    OpenShiftGlusterDisks:
      - /dev/sdc

Change-Id: I92972d89ee7edf2ff211e88c6e0758628c3018a2
2018-04-20 17:27:14 +02:00
Hamdy Khader
e4c1531a42 Add environment file for Mellanox SDN
Depends-On: I805bdfc6f2bed8f998f73d3e17a4c2ab493f5717
Change-Id: I2a8f66b2f3b2f5e9eb3542bd7a1ab7bb4d1ba90d
2018-04-18 17:20:28 +03:00
Carlos Goncalves
9526cef547 Containerize Neutron LBaaS service plugin
Change-Id: I68e5ca5a78a2bd08082a494b636c6e2debb6bbae
2018-04-18 10:53:48 +02:00
Zuul
628cd0e390 Merge "Add Ironic Networking Baremetal Templates" 2018-04-18 05:52:20 +00:00
Emilien Macchi
d86025593b Handle undercloud upgrades via host_prep_tasks
Using host_prep_tasks interface to handle undercloud teardown before we
run the undercloud install.
The reason of not using upgrade_tasks is because the existing tasks were
created for the overcloud upgrade first and there are too much logic
right now so we can easily re-use the bits for the undercloud. In the
future, we'll probably use upgrade_tasks for both the undercloud and
overcloud but right now this is not possible and a simple way to move
forward was to implement these tasks that work fine for the undercloud
containerization case.

Workflow will be:
- Services will be stopped and disabled (except mariadb)
- Neutron DB will be renamed, then mariadb stopped & disabled
- Remove cron jobs
- All packages will be upgraded with yum update.

Change-Id: I36be7f398dcd91e332687c6222b3ccbb9cd74ad2
2018-04-12 18:14:28 -07:00
Harald Jensas
5203e43979 Add Ironic Networking Baremetal Templates
Ironic neutron agent will be installed on controller nodes, or
networker nodes, when environments/services/ironic.yaml or
environments/services-docker/ironic.yaml is used.

It should also be enabled on undercloud.

Also enables ``baremetal`` ML2 mechanism driver on undercloud.

Depends-On: Ic1f44414e187393d35e1382a42d384760d5757ef
Depends-On: I3c40f84052a41ed440758b971975c5c81ace4225
Change-Id: I0b4ef83a5383ff9726f6d69e0394fc544c381a7e
2018-04-12 23:59:34 +02:00
Zuul
0b45e404cb Merge "Update OS::TripleO::Services::ComputeNeutronCorePlugin for containers" 2018-04-12 18:11:44 +00:00
Zuul
95761ae6f1 Merge "Designate Integration" 2018-04-10 20:44:18 +00:00
Emilien Macchi
f35c417804 Update OS::TripleO::Services::ComputeNeutronCorePlugin for containers
Neutron ML2 plugin has been containerized, we need to switch
ComputeNeutronCorePlugin to use the containerized service in THT for the
Neutron ML2 plugin, otherwise Neutron will be configured on the host and
not in the container.

Change-Id: I744cde656cc827762b13995d05f8881d4da2b5b8
Closes-Bug: #1762504
2018-04-09 11:39:27 -07:00