Because of the way glean works, we don't actually need to have a DNS
server setup to boot our images. In this case, it is actually
problematic for centos-7, because glean overwrites our
/etc/resolv.conf file.
Change-Id: Ie81bc593ac3257021e0636b6c111c37e8b87b747
Signed-off-by: Paul Belanger <pabelanger@redhat.com>
If that is not set, it is not picking the max_connection
updates until next restart, causing manifest to fail at
first run.
Change-Id: Ia6ff2700b564801e647b88d68d6a4ecb579b96c1
Depending on the cores and memory of the server, this needs
to be parameterized properly or is causing issues on
neutron and nova.
Change-Id: Id5a0e5af031175cc0a9d8b5a3bb97ae4adfbdf1e
The external gateway is passed with the parameter
gateway_ip, this ipv4_gateway was the old one, and
hardcoded on the manifest.
Change-Id: I0eb532bf423e45ac683fc6bf23d80699d074bd17
Naming with dashes is causing issues on CentOS,
because glean is called with interface br/xxx instead
of br-xxx due some naming translation.
Also interface name and vlans can differ on environments,
causing all puppet modules to change their naming. Instead of
depending on vlan or nic to configure bridge name, add the
ability to pass that name as a parameter, and likely set
to br_infracloud on our deployments.
At the moment, leaving the default naming to do not break
existing cloud deployment.
Change-Id: I0790bab2fd63f525e8b9c8d47ee79ea63a72750a
We upload our images today as qcow2 format, however compute nodes will
force them to raw format. To improve performance when first booting a
node, do bother converting the image to raw format.
Change-Id: I82e16825a90a1a8995b6dd3c8769954e3976a15f
Signed-off-by: Paul Belanger <pabelanger@redhat.com>
This doesn't have to be hardcoded in the module, but
parameterized, and ideally shall be configured using
hiera. As an initial step, add the parameters with
default values, to pass tests until the corresponding
change for system-config lands.
Change-Id: Ic1f0368a1cb6c94405a4cb52dec1b83131164035
We do not rely anymore on infra-cloud-networking element,
replaced by infra-cloud-bridge. So removing not needed
templates, and files from the manifest.
Also remove global vars for hpuswest, as this is not
used anymore.
Change-Id: Ie05d4c1e5bf5801cf0a3d2dd5cf5203c480ed53e
Current ansible install fails when does not find gcc
or openssl-dev. Add this before calling the ansible class.
Also remove uuid dependency from RHEL as package does
not exist.
Change-Id: I1c9002d669ec8df30ef09b3086f9f5297e032da1
Since vanilla and chocolate are on the same VLAN, we don't have
two different bifrost machines, just one to handle both.
Therefore, the per-region split logic is not needed anymore and makes
it impossible to have on the current baremetal machine in prod
having both inventories at the same time.
Note: I'm leaving the 'region' parameter on purpose, otherwise
the apply tests fail.
Will remove it in a subsequent patch.
Change-Id: I433cdb8675c3acd2e699272aaf6a0e67eb9200b0
It is causing troubles on rabbit and linuxbridge, crashing
because permission denied errors. Initially disable it to
have a working cloud, and add the right settings on future
patches to re-enable it.
Change-Id: Ibc3303966e7bc450f9d9dbaa4fce7104fcb90635
The puppet rabbit module is affected by
https://tickets.puppetlabs.com/browse/MODULES-3599.
On rabbit install, we are seeing error:
Error: Could not update: Execution of '/usr/bin/yum -d 0 -e 0 -y
install rabbitmq-server-3.6.3-1' returned 1: Error: Package:
rabbitmq-server-3.6.3-1.noarch (rabbitmq_rabbitmq-server)
Requires: erlang >= R16B-03
Installing package properly before rabbitmq class solves the
install problem for us.
Change-Id: Ie145c70859013c927a3ee0f14c003cca739c996e
SSL cert path and command are different from Debian/Redhat.
So parameterize it to be able to reuse on different components.
Change-Id: I8c1332e36f9b6a288a5736bee2a7171476aab739
Once the corresponding change to pass the
parameter from system-config has landed, set this
as mandatory so we can fail if not passing it properly.
Change-Id: Ibff909139dc003c69b443577af87df929fb1f819
If not present, key cannot be updated successfully.
This is not done by infracloud::ssl_key module, because we are
using a custom path.
Change-Id: I85522619623ae2dec7fb813359d060e403279ae5
If not set, it currently fails when spinning vms, giving
errors in nova compute logs about nova pem key not being
present.
Change-Id: I407137d5cdbe957acd5ee865808ed62121680d79
The current bifrost playbooks now depend on a role that is present
on Ansible 2.1.1.0, thus we need to bump it.
Depends-On: Ie4120c8744eed78022ebcc3ea696142d1a1375aa
Change-Id: I801064cf9dd4578b8d1135d986c0c2f0578092b3
Our current way to trust on our self-signed certs was hardcoded
for Debian. Run this for Redhat family as well.
Change-Id: I3faae7fc3507c131addbfebf1bc902fc8112d7e6
Certificate path was pointing to incorrect one. Point
to the path generated by the cacert class, and add
right dependency to rabbit to prevent races.
Change-Id: If0b79cb8e080bb9b1bb71230f85502004c1349ff
Under certain environments where /usr/local/share/ca-certificates
does not exist, the play fails not finding that directory.
Create it with right ownership and permissions.
Change-Id: Icef55cc083f59e55b564edca2b20e05ef0f916b0
Depending on distros, the glance package is called with
different names, so hardcoding to glance-api causes failures.
Reuse glance parameters instead, that are properly setting
the names.
Change-Id: I011addf10c9648e7f2ca64cfa44c0d72fc269845
mod_enable_dir is not necessarily defined under all the
operating systems. For example, for Redhat it has undef value.
It is causing puppet manifest to fail, so just execute that fix
when that directory has some value.
Change-Id: Iab56636151ac4d7da24a5a5ce18356b81adad832
Add support for Debian and RedHat packaging as well,
and allow to pass release as parameter, so we can choose
the packaging versions we want to deploy.
Change-Id: I95407bd1f504e679be329b36442535793841536e
The infracloud servers are all now in the same location, thus
it will be likely we'll just have one bifrost host managing
the provisioning of vanilla/chocolate regions.
The glean and bifrost changes now allows to do all the network
config without a double dhcp, thus removing this logic.
Change-Id: I649334fbc657c9a27378360d2763d378d59cb763
This patch makes the following changes to use the Mitaka release of
OpenStack and to be compatible with the stable/mitaka branches of the
OpenStack Puppet modules:
- use the 'mitaka' Ubuntu Cloud Archive repository
- avoid using deprecated or removed parameters
- use unversioned endpoints for the [neutron] config in nova.conf and
specify 'password' as the auth_plugin, since it defaults to 'v3'
password in the mitaka version of the nova module[1] even though
that's not necessarily desired[2]
- add the nova_api database
- explicitly use the Image v1 API in the functional tests since
openstackclient now defaults to v2
[1] http://git.openstack.org/cgit/openstack/puppet-nova/commit/?id=d09868a59c451932d67c66101b725182d7066a14
[2] https://review.openstack.org/#/c/312300/
Depends-On: I5ed2d851ffab26a45a58a9ef6f990e72f5d14380
Change-Id: Ie290802d655cb74491153c56cf58a6b3b5af8388
Some of these defined types were properly ordered to require the
packages that creates their parent directories, and some of them
weren't, which sometimes causes failures. This patch makes sure all the
ssl_key resources require their related packages so that this never has
to happen again.
Change-Id: If77eeba7d5891d109e6da6f9a6480bb63f11e7f9