This change combines the previous puppet and docker files
into a single file that performs the docker service installation
and configuration. With this patch the baremetal version of
ceilometer has been removed.
Change-Id: I79c4ba47e147275fe945886b2773b7d9a97ab289
The puppet openstack modules have switched the debug setting to a
logging class in the modules. They are starting to remove the base debug
option so we need to switch our usages to use the logging classes
Change-Id: I690448db2de341ec428181f19364c93a3273b565
Needed-By: https://review.openstack.org/#/c/619379/
According to
https://docs.openstack.org/newton/config-reference/config-format.html we
can have a list of notification drivers like:
driver = messaging
driver = log
Let's not impose extra limitation in THT as folks might want special
notifications setups.
Change-Id: I873574944af237e1ff998f0e9b9b261c53c46f54
Closes-Bug: #1795026
Gnocchi dispatcher options will be removed upstream very soon [1].
But the deprecated options are still used in puppet-ceilometer and tht.
I proposed the puppet-gnocchi deprecation here [2]
ceilometer::dispatcher::gnocchi::url have been removed two cycles ago in
Ceilometer and is already ignored
.
ceilometer::dispatcher::gnocchi::archive_policy/filter_project are
passed to the url directly now.
ceilometer::dispatcher::gnocchi::resources_definition_file was set to
the default. So remove it does not change anything.
[1] https://review.openstack.org/#/c/575368/
[2] https://review.openstack.org/#/c/577794/
Change-Id: Ie0ff6f40d81b2e748347bd4c0e532531960bdefb
The new master branch should point now to rocky.
So, HOT templates should specify that they might contain features
for rocky release [1]
Also, this submission updates the yaml validation to use only latest
heat_version alias. There are cases in which we will need to set
the version for specific templates i.e. mixed versions, so there
is added a variable to assign specific templates to specific heat_version
aliases, avoiding the introductions of error by bulk replacing the
the old version in new releases.
[1]: https://docs.openstack.org/heat/latest/template_guide/hot_spec.html#rocky
Change-Id: Ib17526d9cc453516d99d4659ee5fa51a5aa7fb4b
This avoids any issues where the host/domainname is altered by a DHCP lease.
Also the puppet/facter fqdn can be unpredictable when there are multiple NICs.
Change-Id: I7ed52727d1515ee7f191a82b0b1d645a9d597cd3
Closes-bug: 1758034
This commit introduces oslo.messaging services in place of a single
rabbitmq server. This will enable the separation of rpc and
notifications for the continued use of a single backend (e.g.
rabbitmq server) or a dual backend for the messaging communications.
This patch:
* add oslo_messaging_rpc and oslo_messaging_notify services
* add puppet services for rpc and notification
(rabbitmq and qdrouterd servers)
* add docker services to deploy rpc (rabbitmq or qdrouterd)
and notify (rabbitmq or shared)
* retains rabbit parameters for core services
* update resource registries, service_net_map, roles, etc.
* update ci environment container scenarios
* add environment generator for messaging
* add release note
Depends-On: Ic2c1a58526febefc1703da5fec12ff68dcc0efa0
Depends-On: I154e2fe6f66b296b9b643627d57696e5178e1815
Depends-On: I03e99d35ed043cf11bea9b7462058bd80f4d99da
Needed-By: Ie181a92731e254b7f613ad25fee6cc37e985c315
Change-Id: I934561612d26befd88a9053262836b47bdf4efb0
auth_uri option has been depreacted in
favor of www_authenticate_uri from group
keystone_authtoken in puppet-keystone [0]
and keystonemiddleware [1].
This patch adds the new option keeping auth_uri
references in the templates until the replace
will be updated in all puppet packages.
[0] https://review.openstack.org/#/c/558344/
[1] https://review.openstack.org/#/c/508522/
Closes-Bug: #1761171
Change-Id: I804ec73b970844d245dbb0911710ec817359beb0
Without this there could be a mismatch with other services like
nova and neutron and ceilometer wont find nova instances.
Closes-bug: #1721054
Depends-On: I421a61dc31bd10fec0a10bf7e867001cf4dd3f02
Change-Id: I92f6d351931f1ea598d6a382704e8f986129be42
The service debug flags (e.g. BarbicanDebug), allow the deployer to set
the verbose logging for a specific service. They are strings to allow
folks to set it up regardless of the global Debug flag being set.
This commit adds a constraint to set the allowed values for these
parameters. It is based on a subset of the underlying implementation
that sets this flag (which uses any2bool).
Change-Id: I35e7a7ee35aefb7108ec6b0bb8f3124610fb97ee
This sets the keystone notification topics only if ceilometer is
enabled. This mitigates the issue of keystone sending notifications
when nobody is receiving them.
Closes-Bug: #1729293
Depends-On: I4dcce73446633c08ea37ba567610eec398094036
Change-Id: I063af5e642388acc180cb8e728481c5a36cc8ddc
Since the event pipeline publisher defaults in the heat templates are
different from what puppet sets. We need to have the Manage to true so
override takes effect. Without this we keep defaulting back to puppet
defaults. We can flip this back to false once panko:// is droppped as
a supported option from the pipeline.
Change-Id: I2248c165783dddfb4cb7cf5644884dd8f6e6ed63
Even though panko is deprecated, we still enable it by default.
So lets keep it in pipeline as well until its fully dead.
Change-Id: Idac89820a66c59b921551857cccae6dbc38241c3
Since we now support zaqar:// publisher, Enhance the description to indicate
how to set the zaqar publisher.
Change-Id: Ib7eba98d199fade2346620672e33b74686d4685b
Makes it possible to resolve network subnets within a service
template; the data is transported into a new property ServiceData
wired into every service which hopefully is generic enough to
be extended in the future and transport more data.
Data can be consumed in service templates to set config values
which need to know what is the subnet where a deamon operates (for
example the Ceph Public vs Cluster network).
Change-Id: I28e21c46f1ef609517175f7e7ee19e28d1c0cba2
This patch does 2 things:
* Configure messagingv2 as default driver for Oslo Notifications sent on
RPC.
* Allow users to choose between messagingv2 (default) and noop when we
want to disable notifications (for example, when Telemetry is disabled).
* Deprecate KeystoneNotificationDriver in favor of NotificationDriver.
Change-Id: Ia547d7f4bfb51e7c45246b097b48fd86da231bd3
Related-Bug: #1701357
Add ServiceDebug parameters for each services that will allow operators
to enable/disable Debug for specific services.
We keep the Debug parameters for backward compatibility.
Operators want to enable Debug everywhere:
Debug: true
Operators want to disable Debug everywhere:
Debug: false
Operators want to disable Debug everywhere except Glance:
GlanceDebug: true
Operators want to enable Debug everywhere except Glance:
Debug: true
GlanceDebug: false
New parameters: AodhDebug, BarbicanDebug, CeilometerDebug, CinderDebug,
CongressDebug, GlanceDebug, GnocchiDebug, HeatDebug, HorizonDebug,
IronicDebug, KeystoneDebug, ManilaDebug, MistralDebug, NeutronDebug,
NovaDebug, OctaviaDebug, PankoDebug, SaharaDebug, TackerDebug,
ZaqarDebug.
Note: for backward compatibility in Horizon, HorizonDebug is set to
false, so we maintain previous behavior.
Change-Id: Icbf4a38afcdbd8471d1afc11743df9705451db52
Implement-blueprint: composable-debug
Closes-Bug: #1634567
When a service is enabled on multiple roles, the parameters for the
service will be global. This change enables an option to provide
role specific parameter to services and other templates.
Two new parameters - RoleName and RoleParameters, are added to the
service template. RoleName provides the role name of on which the
current instance of the service is being applied on. RoleParameters
provides the list of parameters which are configured specific to the
role in the environment file, like below:
parameters_default:
# Default value for applied to all roles
NovaReservedHostMemory: 2048
ComputeDpdkParameters:
# Applied only to ComputeDpdk role
NovaReservedHostMemory: 4096
In above sample, the cluster contains 2 roles - Compute, ComputeDpdk.
The values of ComputeDpdkParameters will be passed on to the templates
as RoleParameters while creating the stack for ComputeDpdk role. The
parameter which supports role specific configuration, should find the
parameter first in in the RoleParameters list, if not found, then the
default (for all roles) should be used.
Implements: blueprint tripleo-derive-parameters
Change-Id: I72376a803ec6b2ed93903cc0c95a6ffce718b6dc
Ceilometer collector is deprecated in Pike release.
Do not deploy by default. Instead use the pipeline
yaml to configure the publisher directly.
Closes-bug: #1676961
Change-Id: Ic71360c6307086d5393cd37d38ab921de186a2e0
This hiera key is used by keystone to create the ceilometer service
user. It works in CI cause keystone and the ceilometer services are in
the same node. However, this fails if keystone is deployed on a separate
note.
We should only deploy it in the nodes containing the keystone service
since it's only relevant to create the service user.
Change-Id: Ic0f02fe9a78a1fe14ac2b87197692fbd80c003b8
Closes-Bug: #1685828
Ceilometer API has been deprecated since Ocata. lets disable
it by default and add an env file to enable it if needed.
Closes-bug: #1676968
Change-Id: I571f5467466c29271e0235e8fde6bdae07c20daf
Ceilometer Auth should be enabled even if ceilometer api
is not. Lets decouple these, this flag will be used in
puppet-tripleo where ceilometer::keystone::auth class
is initialized.
Change-Id: Iffebd40752eafb1d30b5962da8b5624fb9df7d48
Closes-bug: #1677354
panko is enabled by default, we might as well make it
the default dispatcher along with gnocchi.
Closes-bug: #1676900
Change-Id: Icb6c98ed0810724e4445d78f3d34d8b71db826ae
Switch Aodh, Ceilometer and Panko to use auth_uri parameter with
keystone versionless endpoint.
Change-Id: I5800f4161d0406d3717e1f539d23411b11378fbc
Partial-implement: blueprint keystone-v3
When fixing LP#1643487 we added ?bind_address to all DB URIs.
Since this clashes with Cellsv2 due to the URIs becoming host
dependent, we need a new approach to pass bind_address to pymysql
that leaves the DB URIs host-independent.
In change Iff8bd2d9ee85f7bb1445aa2e1b3cfbff1f397b18 we first create a
/etc/my.cnf.d/tripleo.cnf file with a [tripleo] section with the correct
bind-address option.
In this change we make sure that the DB URIs will point to the added
file and to the specific section containing the necessary bind-address
option. We do introduce a new MySQLClient profile which will hold all
this more client-specific configuration so that this change can fit
better in the composable roles work. Also, in the future it might
contain the necessary configuration for SSL for example.
Note that in case the /etc/my.cnf.d/tripleo.cnf file does not exist
(because it is created via the mysqlclient profile), things keep on
working as usual and the bind-address option simply won't be set, which
has no impact on hosts where there are no VIPs.
Co-Authored-By: Damien Ciabrini <dciabrin@redhat.com>
Change-Id: Ieac33efe38f32e949fd89545eb1cd8e0fe114a12
Related-Bug: #1643487
Closes-Bug: #1663181
Closes-Bug: #1664524
Depends-On: Iff8bd2d9ee85f7bb1445aa2e1b3cfbff1f397b18
The admin endpoint is listening on the ctlplane network by default;
services should ideally be using the internal api network for this kind
of traffic, as the ctlplane network is mostly for provisioning. On the
other hand, the admin endpoint shouldn't be as relevant with services
switching to keystone v3.
Change-Id: I1213a83ef8693c1cca1d20de974f7949a801d9f1
Use the standard composable interface to disable
ceilo api instead of using a separate flag.
Closes-bug: #1656364
Change-Id: I67900f7e6816212831aea8ed18f323652857fbd3
When a service connects to the database VIP from the node hosting this
VIP, the resulting TCP socket has a src address which is by default
bound to the VIP as well. If the VIP is failed over to another node
while the socket's Send-Q is not empty, TCP keepalive won't engage and
the service will become unavailable for a very long time (by default
more than 10m).
To prevent failover issues, DB connections should have the src address
of their TCP socket bound to the IP of the network interface used for
MySQL traffic. This is achieved by passing a new option to the
database connection URIs. This option is available starting from
PyMySQL 0.7.9-2.
We use a new intermediate variable in hiera to hold the IP to be used
as a source address for all DB connections. All services adapt their
database URI accordingly.
Moreover, a new YAML validation check is added to guarantee that new
services will construct their database URI appropriately.
Change-Id: Ic69de63acbfb992314ea30a3a9b17c0b5341c035
Closes-Bug: #1643487
Heat now supports release name aliases, so we can replace
the inconsistent mix of date related versions with one consistent
version that aligns with the supported version of heat for this
t-h-t branch.
This should also help new users who sometimes copy/paste old templates
and discover intrinsic functions in the t-h-t docs don't work because
their template version is too old.
Change-Id: Ib415e7290fea27447460baa280291492df197e54
Since we have aodh enabled for alarms, we should set the
notifier to the default queue alarm.all.
Closes-bug: #1590473
Change-Id: Ibcb5076424ac2ddcd18ff717d82da1aec4c035cb