1026 Commits

Author SHA1 Message Date
Dan Prince
ffd071417f Keystone network isolation fixes
This patch adds explicit nested stack parameters to
help manage use of the Keystone Admin API vs. the
Keystone Public API.

We also add a new output parameter specifically for the Keystone admin
API VIP. This can be useful when configuring keystone endpoints
with network isolation.

Change-Id: I2bd3e61570151e2faeee14ee09b03ad0b3208cc1
2015-09-05 07:29:13 -04:00
Jenkins
f498e7f3c0 Merge "Support for using external Ceph clusters" 2015-09-05 11:24:58 +00:00
Dan Prince
24f4146cbb Allow 'ctlplane' to be used within Net IP Maps
When using network isolation you might want to selective
move one of the services back to the default ctlplane network
by simply using the ServiceNetMap parameter. This patch
adds ctlplane to the output parameters for both
the net_ip_map and net_ip_list_map nested stacks so that
this is possible.

As part of this patch we also split out the NetIpSubnetMap
into its own unique nested stack so that the Heat input
parameters for this stack are more clearly named.

Change-Id: Iaa2dcaebeac896404e87ec0c635688b2a59a9e0f
2015-09-05 00:16:47 +00:00
Jenkins
e83af2b8c0 Merge "Enable Keystone notifications" 2015-08-31 19:36:39 +00:00
Jenkins
6f7b2fefb0 Merge "Wire in Compute pre-deployment extraconfig" 2015-08-18 19:14:03 +00:00
Giulio Fidente
55a1a0f388 Enable Keystone notifications
This change enables Keystone notifications and adds two parameters
to control the notification driver and format.

Change-Id: I23ac3c46ee9eb49523d3b8dab027ef21fc6e42df
2015-08-18 17:55:03 +02:00
Dan Sneddon
91af5ac557 Remove hardcoded bridge name in bonded compute NIC config
This change removes a hardcoded value for the bond name in the NIC
config for the compute node in the bond-with-vlan NIC config
templates. When this hardcoded value of "br-bond" is used, then the
Neutron bridge mappings must be set to set to datacentre:br-bond in
order for VLAN mode networking to recognize the bridge. By using the
input value for bridge_name we will ensure that the controller and
compute nodes have the same bridge name (defaults to "br-ex"), and
that the defaults will work with VLAN mode.

Change-Id: I28654ab93e3c10a8597c8b877f3f2f6b3eca887c
2015-08-17 14:08:08 -07:00
Dan Prince
bc9368fd91 Support for using external Ceph clusters
This patch adds support for using an externally managed Ceph
cluster with the TripleO Heat templates.

For an externally managed Ceph cluster we initially
only deploy the Ceph client tools, install the 'openstack' user
keyring, and generate the ceph.conf. This matches what we do
for managed Ceph installations and is a good first start.
No other Ceph related services are installed or managed.

To enable use of a Ceph external cluster simply add
the custom Heat environment file environments/puppet-ceph-external.yaml
to your heat stack create/update command and make sure to
set the required CephClientKey, CephExternalMonHost, and CephClusterFSID
variables.

Change-Id: I0a8b213ce9dfa2fc4e62ae1e7631466e5179fc2b
2015-08-13 16:19:04 +02:00
Jenkins
e96c087509 Merge "Drive DB initialization via Hiera" 2015-08-06 17:13:07 +00:00
Jenkins
bd79ed20c8 Merge "Add a default setting for BondInterfaceOvsOptions" 2015-08-06 17:11:47 +00:00
Shiva Prasad Rao
5471a9903e Wire in Compute pre-deployment extraconfig
This commit provides a way to configure some additional hieradata
for compute nodes. This is similar to the earlier added infra for
supporting Controller pre-deployment extraconfig.

Change-Id: I02dda0685c7df9013693db5eeacb2f47745d05b5
2015-08-03 14:15:47 -07:00
Jiri Stransky
bed3b9aeb8 Provide a sample storage environment file
Meant to help users configure their storage parameters by copying this
file out, amending it and passing it to `heat stack-create` or
`openstack overcloud deploy`.

Defaults to using Ceph as a backend for Cinder, Glance and also Nova
ephemeral storage.

Change-Id: Ia8f5ef175439394aacdea98cfd66416bcb9bfe3a
2015-07-30 15:25:25 +02:00
Jenkins
5a6e934b4b Merge "RHEL registration shouldn't use attach with activation key" 2015-07-29 20:37:50 +00:00
Jenkins
53ed88a19a Merge "Keystone token flushing" 2015-07-28 07:34:22 +00:00
Jenkins
8c9e344708 Merge "Set rabbitmq heatbeat timeout threshold to 60" 2015-07-24 23:00:07 +00:00
Dan Sneddon
91207d4ffe Add a default setting for BondInterfaceOvsOptions
This change adds a default setting for the OVS bond options to the
bond-with-vlans controller.yaml. This default will attempt to bring
up LACP bonding, but should that fail it will bring up the bond in
active/backup mode. This is a safe configuration if the switch is
not configured for bonding.

Change-Id: I91aad1e061ed1ecf26636e60da7a9a6e9cde50a5
2015-07-24 15:38:01 -07:00
Jenkins
386fc60890 Merge "Ensure SELinux is permissive on Ceph OSDs" 2015-07-24 16:24:13 +00:00
Jenkins
1a0f4eefc8 Merge "Set heat::instance_user to empty string" 2015-07-24 16:06:36 +00:00
Jiri Stransky
fad5d6da2e Keystone token flushing
Set up a cron job to flush keystone tokens periodically. The job runs
once a day near midnight per puppet-keystone defaults, and we pass
maxdelay 3600 which means each controller will wait a random delay of up
to 1 hour before running the task.

Change-Id: I351f0273c61106c182aa3945b7ad1ce8f5c7d12b
2015-07-24 18:00:35 +02:00
Jenkins
d982240bde Merge "NFS backend for Cinder" 2015-07-24 14:09:57 +00:00
Jenkins
e74b9fb33e Merge "Set default external port to noop for puppet" 2015-07-24 13:53:48 +00:00
Jenkins
e39fccd99e Merge "Use 'public' instead of 'nova' as default floating pool name" 2015-07-24 06:38:52 +00:00
Dan Prince
37b17c8cfc Set default external port to noop for puppet
In 9b89dd20162d962480d3cb84161ed6bfd4fa9de8 we had a regression
where the default "external" traffic port was set to a VIP
when using puppet. We should not ever specify a VIP to be used
for the actual machine IPs (VIPs are only guaranteed to
work once the load balancer is running).

Also, This doesn't match the non-puppet case.

Change-Id: Icd179a70001f2bd7a97e31c7f6445001330674cd
2015-07-23 14:08:40 -04:00
Jenkins
f00e08cbfd Merge "Wire in hieradata overrides via ExtraConfig for CephStorage" 2015-07-23 13:51:30 +00:00
Jenkins
f441b8ad6f Merge "Wire in hieradata overrides via ExtraConfig for ObjectStorage" 2015-07-23 13:51:22 +00:00
Jenkins
3b5b48cfd4 Merge "Convert PublicVirtualIP to new port creation method" 2015-07-23 12:52:50 +00:00
Giulio Fidente
48f1149459 Use 'public' instead of 'nova' as default floating pool name
The dafault in nova.conf for default_floating_pool is set to nova
which is confusing given to make Tempest tests to pass one has to
create a public network with such a name.

Change-Id: I148222a9f276309ede062ee5292993898ff899d6
2015-07-23 12:36:02 +02:00
Jenkins
9b5e99a56a Merge "Provide list of memcached servers to Nova" 2015-07-23 09:53:23 +00:00
Jenkins
0efe4c7ebe Merge "Wire in hieradata overrides via ExtraConfig for BlockStorage" 2015-07-22 11:43:44 +00:00
Jenkins
b6f5982160 Merge "Wire in hieradata overrides via ExtraConfig for NovaCompute" 2015-07-22 11:42:04 +00:00
Dan Sneddon
9b89dd2016 Convert PublicVirtualIP to new port creation method
This change brings PublicVirtualIP in line with the rest of the
VIPs in how it is created. This allows the network where
PublicVirtualIP is instantiated to be on cltplane when network
isolation is not used, and on the external network when network
isolation is used. This change removes the PublicVirtualNetwork
parameter, since it is no longer used. In order to continue to
support the PublicVirtualFixedIPs parameter, which is used to
provide a specific IP for the PublicVirtualIP, the FixedIP
parameter was added to cltplane_vip.yaml, vip.yaml, and
noop.yaml. The value of PublicVirtualIP is passed to FixedIP
in the VIP templates. This change also moves the default
network for keystone public api to the external net (which will
fallback to ctlplane if network isolation isn't used).

Change-Id: I3f5d35cbe55d3a148e95cf49dfbaad4874df960b
2015-07-22 01:09:15 -07:00
Giulio Fidente
0378fbe3ed Provide list of memcached servers to Nova
Memcached is used by novnc to share the auth tokens.

Change-Id: I18415b6ae38b46e3c92e4ce84b858a014ef8398b
2015-07-22 01:11:41 +02:00
Dan Prince
ffa6911096 Drive DB initialization via Hiera
This patch moves most of the ::db::mysql parameter initialization
into a new database.yaml Hiera file. This cleans up the
controller manifests and allows us to define things in a single
location across the two implementations (HA and nonHA).

Change-Id: I895b753b329097a96a6c6f3a03a5fcebefe32dd4
2015-07-21 08:36:39 -04:00
Giulio Fidente
9e6d86c02b Increase default start timeout for Pacemaker from 20s to 90s
On slow environments the start operation of some services can
take longer than 20s so we increase the default for start
operation to 90s, more info can be found at:
https://bugzilla.redhat.com/show_bug.cgi?id=1242052

Systemd defaults to 90s as well.

Change-Id: Ie4652bad518075be77937d47830f263034eda79c
2015-07-21 13:04:30 +02:00
Jenkins
7fc1f4df89 Merge "Puppet: wire in tripleo::packages" 2015-07-21 10:52:53 +00:00
Jenkins
9c8364184c Merge "Fix Puppet Configuring NetApp Cinder Backend" 2015-07-21 09:27:13 +00:00
Dan Prince
4f88464a62 Puppet: wire in tripleo::packages
This wires in use of a new puppet-tripleo class which
encapsulates the logic to enable/disable package
installation and upgrades.

By using the new class we can remove the global
Package provider declaration at the top of each
module.

Change-Id: I5c6e5fd8600031bd8fb6195649721607c560f9d5
Depends-on:  Ie8fbc344149bc8c9977e127de77636903607617a
2015-07-20 16:22:52 -04:00
Ryan Hefner
e284daa1ff Fix Puppet Configuring NetApp Cinder Backend
It was incorrectly assumed that Puppet variables assigned to a
defined class (as seen in cinder-netapp.yaml) would be applied to
any resources created with that type. This is not how Puppet works.

The full range of configuration parameters to cinder::backend::netapp
have been added back in. They are still pulling from Hiera like they
were intended before, but it needs to be a little more explicit for
Puppet to be happy.

Change-Id: I2e00eae829713b2dbb1e4a5f296b6d08d0c21100
2015-07-20 11:09:44 -04:00
Jenkins
a38319dde5 Merge "Ensure compute nodes use internalURL as catalog_info" 2015-07-20 11:27:18 +00:00
Jenkins
3fe8be130b Merge "Allow overlapping IPs in Neutron" 2015-07-20 07:20:11 +00:00
Jenkins
04e1f75910 Merge "Ensure CinderStorage nodes use internalURL as catalog_info" 2015-07-19 00:47:14 +00:00
Jenkins
ff84b24800 Merge "Use parameter_defaults in env files" 2015-07-19 00:45:10 +00:00
Dan Prince
e9aeae4a4f Set rabbitmq heatbeat timeout threshold to 60
Updates the default settings for Nova, Neutron, Cinder,
Ceilometer, and Heat services so we set the default rabbitmq
threshold to 60 seconds.

Change-Id: If537ae16968eb6b264b2ab071144f1eecab18b64
2015-07-18 15:10:47 -04:00
Jiri Stransky
4bd9920b97 Allow overlapping IPs in Neutron
Change-Id: I7703013b62bd67869c268fb8689389ec0eeb5aad
2015-07-17 14:56:21 +02:00
Jenkins
5426ea2f20 Merge "Increase default max_connections for MySQL from 1024 to 4096" 2015-07-17 11:17:38 +00:00
Jenkins
89095fea26 Merge "Enable hieradata ExtraConfig overrides for Controller" 2015-07-17 08:35:58 +00:00
Giulio Fidente
e91d3b1d03 Ensure CinderStorage nodes use internalURL as catalog_info
By default Cinder will get the publicURL for Nova and Swift, which
is not reachable by the CinderStorage nodes.

Change-Id: I25b7900c9ab261e0f706257ffdf6844533b63b94
2015-07-17 00:39:46 +02:00
Giulio Fidente
fa363535af Ensure compute nodes use internalURL as catalog_info
By default Nova will get the publicURL instead, which is not
reachable by the compute nodes.

Change-Id: I57b6a7a7eddb0ffaf6d2d152d932f390c48f908e
2015-07-17 00:39:13 +02:00
Steven Hardy
53924336a2 Wire in hieradata overrides via ExtraConfig for CephStorage
Adds support for global (ExtraConfig) and role-specific
(CephStorageExtraConfig) hiera overrides, similar to those added
for the Controller, NovaCompute, BlockStorage, ObjectStorage roles.

Change-Id: Idbe73b86a772491cd3c55ba69b5a95cc291d2598
2015-07-16 17:55:48 +01:00
Steven Hardy
ffe8386e49 Wire in hieradata overrides via ExtraConfig for ObjectStorage
Adds support for global (ExtraConfig) and role-specific
(ObjectStorageExtraConfig) hiera overrides, similar to those added
for the Controller, NovaCompute and BlockStorage roles.

Change-Id: I7dd0d8003017e2738366983cb5d8e08b3f3fa334
2015-07-16 17:55:48 +01:00