5949 Commits

Author SHA1 Message Date
Zuul
d4d675b4fa Merge "Remove TLS-specific docker environment" 2017-11-21 01:48:47 +00:00
Zuul
2fc41438ec Merge "Add option for HAProxy (non-HA) container to log to stdout/stderr" 2017-11-21 01:21:24 +00:00
Zuul
6961aa587c Merge "Add rsyslog-sidecar resource and configuration" 2017-11-21 01:21:22 +00:00
Zuul
5da47d2e4f Merge "Set file mode permission for Ceph keyrings in containers" 2017-11-21 01:00:07 +00:00
Zuul
38d0525a5e Merge "Clone kubespray to location accessible by the user" 2017-11-20 14:43:04 +00:00
Zuul
58fcf909fe Merge "Add ignore_errors for memcached readme.txt" 2017-11-20 12:30:07 +00:00
Zuul
f7c0619f1b Merge "Format SwiftRawDisks before attempting to mount" 2017-11-20 12:07:21 +00:00
Zuul
d6e5cc181b Merge "Add debug to neutron agents" 2017-11-20 11:47:41 +00:00
Zuul
4757403050 Merge "Disabled fwaas plugin for horizon" 2017-11-19 07:06:36 +00:00
Zuul
e3643d4320 Merge "Update Iscsid puppet_config to reset host's IQN" 2017-11-19 07:01:56 +00:00
Zuul
8795796730 Merge "Dynamically generate VIP hiera entries" 2017-11-19 06:28:22 +00:00
akrzos
93adbba5f5 Format SwiftRawDisks before attempting to mount
Current play only attempts to mount the disk and does not actually
format it for Swift usage.

Change-Id: I8e47b977407491faa71bb196211eeccf21357c54
2017-11-18 10:29:00 -08:00
Zuul
2b903d3225 Merge "Polish swift containers logging configuration" 2017-11-18 18:09:00 +00:00
Zuul
192aaebad4 Merge "Migrate THT to zuul v3 jobs" 2017-11-18 01:12:12 +00:00
Alex Schultz
5de608f0eb Add debug to neutron agents
We currently do not enable debug for the l3, l2gw or dhcp agent if the
debug flag is set to true. This fixes the templates to support enabling
debug for these agents either via the global Debug setting or a specific
debug setting.

Change-Id: I0a44bfc27b306bfb08dab0656e3362503f07d6b3
Related-Bug: #1731063
2017-11-17 14:55:06 -07:00
Zuul
30d35e70c9 Merge "Add validation task in docker services [Aodh]" 2017-11-17 18:07:02 +00:00
Zuul
a5a83d33fc Merge "Add validation task in docker services [Neutron]" 2017-11-17 18:06:59 +00:00
Zuul
55681943d7 Merge "Add validation task in docker services [Ironic]" 2017-11-17 18:06:57 +00:00
Zuul
91fc259cf2 Merge "Add validation task in docker services [Sahara]" 2017-11-17 18:06:55 +00:00
Zuul
6d5f99b3eb Merge "Add validation task in docker services [Mixed-3]" 2017-11-17 17:32:35 +00:00
Beth Elwell
df18509bc5 Disabled fwaas plugin for horizon
Disabled fwaas plugin to prevent deployment crashing with horizon in
continuous restarting state due to missing image.

Change-Id: I44140f04ba793a039f6032739b64794ae7ad084d
Closes-bug: 1732937
2017-11-17 15:40:31 +00:00
Juan Antonio Osorio Robles
365230af46 Dynamically generate VIP hiera entries
These were hardcoded, even though the rest of the network-related bits
were dynamically generated with jinja.

This will end up creating the same entries as before, skipping the VIP
for the Tenant network and the Management network (which is not included
in the default roles). Also, the external network will now have an extra
hiera entry called external_virtual_ip, besides the public_virtual_ip.
They will have the same value, however, external_virtual_ip is
automatically generated as opposed to the public_virtual_ip. Hopefully
we can remove the instance of public_virtual_ip at some point and rely
on the automatically generated entries only.

Change-Id: I7f5285e2936b2158a4a8a5edc97a6a09f891fb1a
Related-Bug: #1732457
2017-11-17 15:00:30 +00:00
Zuul
da2167ea00 Merge "Set host name explicitly for telemetry" 2017-11-17 12:11:54 +00:00
Jose Luis Franco Arza
d492677559 Add validation task in docker services [Aodh]
Docker services are missing the pre-upgrade validation task
in the upgrade_tasks section which verifies if the service
is running before going on with the upgrade.

Change-Id: I0df382206bd27343455a6ad18fa2df1eea74a1f5
Partial-Bug: #1704389
2017-11-17 09:20:42 +00:00
Juan Antonio Osorio Robles
32d5e0cd77 Add option for HAProxy (non-HA) container to log to stdout/stderr
This adds the option to get the HAProxy container to log to stdout.
The option is disabled by default. If enabled, It also adds a sidecar
container that reads from syslog and outputs what it gets to stdout.

bp logging-stdout-rsyslog

Change-Id: Ica819713aa50352ba04a748c463534d982e00538
2017-11-17 10:39:00 +02:00
Juan Antonio Osorio Robles
97f9a01f79 Add rsyslog-sidecar resource and configuration
This introduces a "sidecar" container, which is meant to be used
besides other containers (or as part of the pod). It merely uses
rsyslog to listen on a specific UNIX socket and outputs what it
gets to stdout.

This adds the service to each relevant role and introduces a
composable service which merely configures the container. Subsequently
it'll be used as part of other templates.

Note that it is only enabled if "stdout logging" is enabled.

bp logging-stdout-rsyslog
Depends-On: I4864ddca223becd0a17f902729cf2e566df5e521

Change-Id: I2c54acaaa820961c936f1fbe304f42162f720496
2017-11-17 10:38:57 +02:00
Zuul
49341d6a9a Merge "Debug configuration for neutron metadata agent" 2017-11-17 08:33:33 +00:00
Zuul
0531cbe9a7 Merge "Dynamically generate FQDN hiera entries" 2017-11-17 08:33:31 +00:00
Zuul
6a72a9f1b4 Merge "Drop step_config as top level docker requirement" 2017-11-17 08:33:29 +00:00
Zuul
6bae8ba2a5 Merge "Add CephAnsiblePlaybookVerbosity parameter to overcloud-ceph-ansible" 2017-11-16 23:02:44 +00:00
Alan Bishop
33c5207f97 Update Iscsid puppet_config to reset host's IQN
The Iscsid service uses puppet to update the IQN of each node, so that
all overcloud nodes have a unique IQN. When Iscsid is containerized,
the new IQN is captured in the "puppet-generated" directory, and made
available to other containers using bind mounts.

However, any non-containerized service that uses the IQN will be seeing
the host's value, instead of the new value made available to the
containers. This IQN mismatch between containerized and non-containerized
services will cause failures, typically with authentication.

The problem is resolved by adding a bind mount to Iscsid's puppet_config
that allows the iscsid container to update the host's IQN.

Change-Id: I1cbcb858754cc4792a085438eb28f2476245228c
2017-11-16 15:32:34 -05:00
Zuul
37ab371ce5 Merge "Add yml extension to kubespray inventory" 2017-11-16 20:27:19 +00:00
Zuul
60f469640b Merge "Enable httpd to request certificates for the "external" network" 2017-11-16 20:27:18 +00:00
Alex Schultz
17acd02140 Debug configuration for neutron metadata agent
The neutron metadata agent isn't currently configured for debug when the
global debug flag is enabled. Additionally add a flag to just configure
debug for the metadata agent itself.

Change-Id: I7ef636b8ad4c6fe4f05970c41c05d522a0f0d892
Related-Bug: #1731063
2017-11-16 16:57:12 +00:00
Zuul
f0be3d1f0d Merge "Add Docker service to the undercloud roles" 2017-11-16 15:25:09 +00:00
Jiri Stransky
809c0d8bde Add ignore_errors for memcached readme.txt
This was supposed to be in I6b36db7b7ce8b3e4da566eb7828d0c3b8646a14f
but i missed it on the edit because memcached doesn't have its own
directory, so it didn't match the regex i created to edit the
patch. Apologies for the patch churn on this. This fix has been
directly incorporated into I6b36db7b7ce8b3e4da566eb7828d0c3b8646a14f
backport, so we at least won't need to backport this oneliner.

Change-Id: I31d8adf72ea6c3544e534dca57c5c415e2908674
Partial-Bug: #1730957
2017-11-16 16:22:36 +01:00
Zuul
effa7ec0cd Merge "Start using nic-configs from THT repo instead of tripleo-ci" 2017-11-16 07:31:08 +00:00
Zuul
c12a4b88f9 Merge "Define PGs for cephfs pools" 2017-11-16 07:31:06 +00:00
Juan Antonio Osorio Robles
3b1e644e8e Dynamically generate FQDN hiera entries
These were hardcoded, even though the rest of the network-related bits
were already dynamically generated with jinja.

Change-Id: I8b9e36cbc355065a9117b0a5c5b46afd6ee25d58
Closes-Bug: #1732457
2017-11-16 09:28:26 +02:00
Zuul
d8742c1cc8 Merge "Revert "Revert "Tag workflows created by the templates""" 2017-11-16 03:27:53 +00:00
Emilien Macchi
6c41713459 Migrate THT to zuul v3 jobs
Define the zuul v3 layout for jobs that we want to execute.

Change-Id: I149322f4b6d5c066eb345618445143df43607765
Depends-On: Ie8aa85fe7a8ee556cc1b46e215d329e95913290c
2017-11-16 02:16:57 +00:00
Zuul
a4631060f6 Merge "Write readme.txt into old log directories" 2017-11-15 22:42:34 +00:00
Zuul
48e232d19a Merge "OVN: Provide the option to define NeutronBridgeMappings as a role parameter" 2017-11-15 21:51:22 +00:00
Zuul
6bc4861107 Merge "Enable TLS for ec2api metadata service" 2017-11-15 21:29:01 +00:00
Dan Prince
a307fe7ffc Drop step_config as top level docker requirement
Step config is only required within the puppet_configs section
of docker/services/*. This patch drops the top level 'step_config'
and updates the unit tests accordingly.

Change-Id: I7dc7cfae3ef1965ec95b1d9ef23e7f162418c034
2017-11-15 16:01:16 -05:00
Giulio Fidente
f890e4e512 Revert "Revert "Tag workflows created by the templates""
Also touches ceph-ansible/ceph-base.yaml to make sure this is
tested by scenario001

Change-Id: I7a7beea36669a79662f384315a3fbd19c958de8a
Related-Bug: #1715389
2017-11-15 17:24:51 +00:00
John Fulton
ce7b65f443 Set file mode permission for Ceph keyrings in containers
Pass mode parameter to ceph-ansible for Ceph keyrings on container
host. Pass mode and ownership parameter to each Ceph client container
using kolla_config. ACLs are set for Cinder if it is not running in
containers.

Change-Id: I11618b3fd696739ad9b86618a1f3f96570c61a30
Partial-Bug: #1720787
2017-11-15 15:03:41 +00:00
Juan Antonio Osorio Robles
451020b72e Enable httpd to request certificates for the "external" network
Deployers can change the network that a service is running on through
the ServiceNetMap. A common change is to switch the keystone admin API
to run in the external network instead of the ctlplane network. Doing
this in a TLS everywhere environment breaks, since we were explicitly
skipping the external network.

This no longer skips that network, thus enabling this use-case.

Change-Id: I488517528a77a257dede2f59488bb95ffc77743b
Closes-Bug: #1732443
2017-11-15 13:58:25 +00:00
Zuul
052ad2607f Merge "Update the services README with the ServiceData parameter" 2017-11-15 11:37:54 +00:00
Zuul
192356ecc4 Merge "Fail on upgrade if legacy ceph::profile::params::osds hiera is found" 2017-11-15 11:37:52 +00:00