6175 Commits

Author SHA1 Message Date
Zuul
f5c9b0384a Merge "Memory channels parameter default value" 2017-12-13 19:10:20 +00:00
Zuul
2fa7509bad Merge "Add missing keystone_domain_config" 2017-12-13 15:47:29 +00:00
Zuul
3b626beca3 Merge "Add glance config for barbican" 2017-12-13 06:58:30 +00:00
Zuul
5d8c117bff Merge "Add parameters for Barbican worker image" 2017-12-13 06:58:29 +00:00
Zuul
314063b703 Merge "Add modulepath option when applying puppet inside docker." 2017-12-13 00:56:04 +00:00
Alex Schultz
40530c0e8c Add missing keystone_domain_config
When configuring the keystone LDAP integration we need to write out
domain configuration items using the keystone_domain_config provider.
Since this tag was missed in the docker conversion, the configuration
was not actually available in the docker container.

Change-Id: I7abdfdd55e38da80768c907863fa06429debf9cd
Closes-Bug: #1737799
2017-12-12 18:06:56 +00:00
Zuul
efc96a7b05 Merge "Add Instance HA support" 2017-12-11 23:21:31 +00:00
Zuul
910325509d Merge "Generate a default keypair for nova." 2017-12-11 22:51:21 +00:00
Ade Lee
f464e3d99f Add parameters for Barbican worker image
Change-Id: Idb1e776b6fa24d6be09b02300d4a57440bd9e05c
2017-12-11 15:26:08 -05:00
Ade Lee
1e3792470f Add glance config for barbican
Configure glance to use barbican as a key manager
when barbican is enabled for image signing.

Change-Id: I2cad0b81eeab07785dfd4bb66e582d359504b0aa
2017-12-11 10:17:00 -05:00
Zuul
e14e74c179 Merge "Add a new UndercloudHomeDir parameter" 2017-12-11 12:24:04 +00:00
Michele Baldessari
c56cdc8dda Add Instance HA support
This adds support for an Instance HA deployment option which evacuates
VMs after a compute node failure. To enable this feature just add
-e environments/compute-instanceha.yaml and make sure the compute nodes
have the OS::TripleO::Services::ComputeInstanceHA and the
OS::TripleO::Services::PacemakerRemote services added to it.

Testing has been done as follows:
1) Deploy an overcloud with Instance HA
2) Create a VM on the overcloud
3) Crash a compute node
4) Observe that the nova evacuate resource agent initiates the nova
   evacuation:
Nov 29 10:39:49 localhost NovaEvacuate(nova-evacuate)[32253]: NOTICE: Initiating evacuation of overcloud-novacompute-0.localdomain with fence_evacuate
Nov 29 10:39:57 localhost NovaEvacuate(nova-evacuate)[32253]: NOTICE: Completed evacuation of overcloud-novacompute-0.localdomain
5) Observe the VM having been started on the functional compute node

A documentation patch will follow explaining the whole mechanism more
in detail.

blueprint instance-ha

Depends-On: I4d1908242e9513a225d2b1da06ed4ee769ee10f7
Change-Id: If6c7d6c56eca96bd64ac5936036d119bd9ec6226
2017-12-10 09:08:01 +01:00
Dan Prince
07bc933d0d Add DockerDebug
Implement a mechanism to enable docker service debug logging.
If DockerDebug is unset defaults to the normal Debug parameter
setting.

Change-Id: I4f4627c7d8e90121c1262b2518b02989f5aaed18
2017-12-09 08:14:36 -05:00
Zuul
1724c7d088 Merge "Add support for providing Octavia cert data" 2017-12-09 06:01:38 +00:00
Zuul
0abacce779 Merge "Add Octavia certificate parameters" 2017-12-09 06:01:37 +00:00
Zuul
014d58089d Merge "Add support for Octavia service-to-service credentials" 2017-12-09 05:46:22 +00:00
Ian Main
da42199dec Generate a default keypair for nova.
This was missing from the post configuration.  Need a default keypair
for CI.

Change-Id: I79ce491890e0b3b7c6ca6f27c762cf8687b1428f
2017-12-09 02:11:54 +00:00
Dan Prince
315091e8dc Add a new UndercloudHomeDir parameter
Add a parameter to control the homedir of the
Undercloud user. Useful if you don't want stackrc
and ssh creds in /root/

Change-Id: I2ad703689b600280b2c1ab1752654f2d334cb6db
Co-Authored-By: Ian Main <imain@redhat.com>
2017-12-09 02:08:29 +00:00
Zuul
74c93b0ebe Merge "Add DockerRegistryMirror parameter" 2017-12-08 12:21:44 +00:00
Zuul
20a5994716 Merge "Add multiple secret store backends for barbican" 2017-12-08 01:23:23 +00:00
Zuul
e612bd769d Merge "Add parameters for Barbican keystone listener" 2017-12-07 22:58:08 +00:00
Zuul
bc84846239 Merge "Set simple crypto plugin as global default for Barbican" 2017-12-07 22:58:06 +00:00
Brent Eagles
c0b227135f Add support for providing Octavia cert data
This patch adds heat parameters for configuring the contents
of the Octavia CA and cert files.

Depends-On: I8d46bad372b8c24b290500ee6040207cb808ba23
Change-Id: I8595d85b7c9be703f9a247e07b677da0cfdb932c
2017-12-07 17:38:21 -03:30
Or Idgar
1331feaef1 Add Octavia certificate parameters
Adds configuration for the paths to Octavia's certificate files.

Change-Id: I892854d623e63f339e94fe83261ac9b8a84bdcb5
2017-12-07 17:33:09 -03:30
Brent Eagles
3dfd327db6 Add support for Octavia service-to-service credentials
This patch adds hiera for configuring octavia's service-to-service
communication.

Change-Id: Iaa48ed3de8de79134898267c6241546b6c1cd7ec
Depends-On: I67ab537d1b2a82f17657ed90f794f0fa13c5207f
2017-12-07 17:31:02 -03:30
Sofer Athlan-Guyot
4a708af34a Add modulepath option when applying puppet inside docker.
When new module are added, we may miss the symlink in
/etc/puppet/modules.  And for consistency as we mount the
/usr/share/openstack-puppet/modules directory it’s better to add it
to the modulepath.

Change-Id: I963aede41403ebbe3b9afb55a725b304a30a0cbb
Closes-Bug: #1736980
2017-12-07 20:09:13 +01:00
Zuul
2e6ea5f5dc Merge "CI: Test multi-rbd backend for cinder in scenario001" 2017-12-07 19:08:36 +00:00
Zuul
d7c03dfafc Merge "Make CephPools override properties of other pools" 2017-12-07 15:08:38 +00:00
Zuul
ce00019000 Merge "deploy-steps.j2: use ansible to bootstrap environment" 2017-12-07 07:34:28 +00:00
Zuul
8ff4c03d28 Merge "Adding Cisco VTS ML2 mechanism driver service template" 2017-12-07 03:41:32 +00:00
Zuul
f11fd9b918 Merge "Don't assume single sub_node in nic config" 2017-12-07 03:38:32 +00:00
Emilien Macchi
c45a8a462a deploy-steps.j2: use ansible to bootstrap environment
We introduced a new Ansible role, tripleo-bootstrap:
I560273be2ebe3a49ff37e3682222706939e5d879

This role will take care of preparing an environment that will deploy
TripleO later.
This patch aims to use execute this new role on all hosts.
We don't gather_facts, (already gathered previously), we want to fail on
any error and also the role will be executed on pre_deploy_steps tag.

Change-Id: If9306473701a340d577bbe0a4a7dfee90be99c2f
Depends-On: I560273be2ebe3a49ff37e3682222706939e5d879
2017-12-07 00:08:33 +00:00
Zuul
adeb5df53c Merge "Add IPSEC composable service" 2017-12-06 22:53:33 +00:00
Zuul
bd6af08bf1 Merge "SR-IOV agent: allow to configure agent extensions" 2017-12-06 22:50:35 +00:00
Zuul
758d84de05 Merge "undercloud: enable ansible deploy method by default" 2017-12-06 22:50:34 +00:00
Ade Lee
1e77eab7e4 Add parameters for Barbican keystone listener
Change-Id: Ic958010c3236089cb1b0c4820ac2241acb88a012
2017-12-06 14:09:04 -05:00
Dan Prince
819d0f4db4 Add DockerRegistryMirror parameter
We want to use this for the containerized undercloud to
be able to consume an in-rack registry mirror for
our CI jobs.

Change-Id: Ia0a2b4a2ddd99c9ee9b71875b144824aa7543da1
2017-12-06 13:03:47 -05:00
Zuul
97e841d986 Merge "Enable ironic staging drivers in the undercloud" 2017-12-06 14:14:10 +00:00
Moshe Levi
635f24c78d SR-IOV agent: allow to configure agent extensions
Closes-Bug: 1736687

Change-Id: I7979850d5d4babac745e3de969ccb10b1f550bf1
2017-12-06 11:42:41 +02:00
Zuul
2f48a455bd Merge "Make Kubespray install work without --private-key too" 2017-12-06 04:07:20 +00:00
Zuul
cb36af8c15 Merge "Add noop's for docker pacemaker for rabbitmq" 2017-12-05 21:50:58 +00:00
Zuul
71a2faab24 Merge "Add deploy_steps_tasks interface" 2017-12-05 21:49:44 +00:00
Jiri Stransky
ac6c11f7aa Make Kubespray install work without --private-key too
It seems the ansible_ssh_private_key_file variable is only defined
when --private-key parameter is passed to the main deployment Ansible
run. This is always true for deploying via tripleoclient and Mistral,
but may not be true when deploying via manual ansible-playbook
execution.

We now check whether the variable is defined before using it. If it's
not defined, user's default ssh key will be used for trying to connect
to the overcloud nodes.

Change-Id: Id04d3bab85713d644899694231dd4009a88385af
2017-12-05 18:15:29 +00:00
Ade Lee
f8decc73fc Add multiple secret store backends for barbican
Change-Id: I7aaa242ee1ecbfcbcc7502b0ce8e5a9191d307f2
Depends-On: I07e52897897f453382f74aa4fdaa98c37e6eca30
2017-12-05 13:07:50 -05:00
Zuul
410027d64f Merge "Add name property where missing" 2017-12-05 18:07:49 +00:00
Zuul
8a2fd62f23 Merge "Update capabilities-map.yaml to include latest storage environments" 2017-12-05 17:45:03 +00:00
Zuul
7d0d74891f Merge "Add NovaMigrationTarget service to SR-IOV Compute role" 2017-12-05 16:15:52 +00:00
Juan Antonio Osorio Robles
898ad4f54b Add IPSEC composable service
This service is tied to the external_deploy_tasks (such as the k8s
service); and it deploys IPSEC in the overcloud.

bp ipsec

Change-Id: Ie3b7af92c0ec97241de6d8badec13b9e93ee9305
2017-12-05 13:10:18 +00:00
Ade Lee
18282387c0 Set simple crypto plugin as global default for Barbican
This is needed for multiple config configuration.  Also,
renamed the parameters in the backend to be more consistent.

Change-Id: I8cb8d3cd745fbf7ddba1ce8e5347b38342afd58d
2017-12-05 01:52:33 -05:00
Steven Hardy
0524c86353 Add deploy_steps_tasks interface
This allows per-step ansible tasks to be run on the nodes when using
the config download mechanism, e.g adding the following to a service
template will create /tmp/testperstep populated for every step.

     deploy_steps_tasks:
        - name: Test something happens each step
          lineinfile:
            path: /tmp/testperstep
            create: true
            line: "{{step}} step happened"

Change-Id: Ic34f5c48736b6340a1cfcea614b05e33e2fce040
2017-12-05 08:47:48 +02:00