RETIRED, Heat templates for deploying OpenStack

Go to file

Sofer Athlan-Guyot 9ad87580ba Workaround ovn cluster failure during update when schema change. During update the ovndb server can have a schema change. The problem is that an updated slave ovndb wouldn't connect to a master which still has the old db schema. At some point (200000ms) pacemaker put the resource in error Time Out. Then it will wait for the operator to cleanup the resource. Meaning that the update can goes like this: - Original state: (Master, Slave, Failed): nothing updated - ctl0-M-old - ctl1-S-old - ctl2-S-old - First state: after update of ctl0 - ctl0-F-new - ctl1-M-old - ctl2-S-old - Second state: after update of ctl1 - ctl0-F-new - ctl1-F-new - ctl2-M-old - Third and final state: after update of ctl2 - ctl0-F-new - ctl1-F-new - ctl2-M-new During the third state we have a cut in the control plane as ctl2 is the master and there is no slave to fall back to. Then we end up loosing HA as only one node is active. The error persists after reboot. Only a pcs resource cleanup will bring the cluster online. The real solution will come from ovndb and the associated ocf agent, but in the meantime, we workaround it by: - cleanup - ban the resource; in step 1 and: - cleanup - unban the resource in step 5. This has the net effect of preventing the cut in the control plane for the last node as we move master to the updated controller which will form a cluster of one master and one slave (as two are updated). The last one will happily join then when it will be updated. That means: - we always have either 1 or 2 nodes working; - we end the update with the cluster converged back to a stable state. The problems are : - we could hide a real ovndb cluster issue; - if the update break in-between we could have a leftover ban on one of the node; But, all things considered, this looks like the best compromise for the time being. Change-Id: I8f71bf83ddafca167deae1a38ca819f7d930fb80 Closes-Bug: #1847780 (cherry picked from commit `751b3fc096`) (cherry picked from commit `d9c60ab05e`)		2019-10-24 17:36:59 +02:00
ci	CI should auto-generate server_certs_key_passphrase	2019-07-29 15:09:50 +00:00
common	[Rocky Only] Fix upgrade_steps_tasks playbook generation.	2019-10-21 17:29:25 +02:00
deployed-server	Add missing entries for Pure Storage Cinder Backend and fix typos	2019-03-07 19:18:59 +00:00
docker	Workaround ovn cluster failure during update when schema change.	2019-10-24 17:36:59 +02:00
docker_config_scripts	HA: fix <service>_restart_bundle with minor update workflow	2019-09-12 22:41:00 +02:00
environments	Allow overlay tunnel endpoints on IPv6 address	2019-09-02 15:24:34 +02:00
extraconfig	Filter nameservers for undercloud networks	2019-09-03 09:56:56 -06:00
firstboot	Try a timesync as part of first boot	2019-05-23 08:16:41 -06:00
network	Fix haproxy stats network binding	2019-05-31 17:07:54 +02:00
plan-samples	Role specific derive parameters workflow parameter	2018-06-28 08:10:27 -04:00
puppet	Set bridge-nf-call-* values to 1	2019-10-18 09:24:17 -04:00
releasenotes	Set bridge-nf-call-* values to 1	2019-10-18 09:24:17 -04:00
roles	Fix placement of Octavia services in roles	2019-10-08 07:48:20 +00:00
sample-env-generator	Fix ssl.yaml generating GaneshaInternal in the endpoint map	2019-06-05 20:08:22 +00:00
scripts	[Templates] Use str_replace for hosts.	2018-11-15 08:54:39 +00:00
tools	Add missing update_serial key to compute roles	2019-08-06 17:04:30 +01:00
tripleo_heat_templates	Do not generate apache/haproxy certs for invalid networks	2018-02-08 12:50:04 +00:00
validation-scripts	Make comparisons case insensitive	2019-06-26 08:06:52 -06:00
zuul.d	Remove scen009 (non-voting) from gate	2019-07-31 14:48:08 -03:00
.gitignore	Sample environment generator	2017-06-12 15:02:50 -05:00
.gitreview	OpenDev Migration Patch	2019-04-19 19:35:11 +00:00
.testr.conf	Improve nova statedir ownership logic	2018-07-09 17:07:30 +01:00
LICENSE	Add license file	2014-01-20 11:58:20 +01:00
README.rst	Fix RST syntax (needed by release)	2018-07-25 22:39:40 -04:00
all-nodes-validation.yaml	Optional ICMP validation of controllers and gateways	2019-03-18 17:06:34 +00:00
babel.cfg	Add release configuration.	2013-10-22 17:49:35 +01:00
bindep.txt	Add in roles data validation	2017-07-07 09:51:40 -06:00
bootstrap-config.yaml	Change template names to rocky	2018-05-09 08:28:42 +02:00
capabilities-map.yaml	Update manila environment file name in capabilities-map	2019-03-20 05:23:41 +00:00
config-download-software.yaml	Change template names to rocky	2018-05-09 08:28:42 +02:00
config-download-structured.yaml	Change template names to rocky	2018-05-09 08:28:42 +02:00
default_passwords.yaml	Change template names to rocky	2018-05-09 08:28:42 +02:00
hosts-config.yaml	[Templates] Use str_replace for hosts.	2018-11-15 08:54:39 +00:00
j2_excludes.yaml	Remove ipv6 specific network templates	2017-08-31 13:12:17 -07:00
lower-constraints.txt	Ensure unique containers names in docker-puppet	2018-10-31 10:35:27 +01:00
net-config-bond.j2.yaml	Add ability to specify dns search domains	2019-05-23 16:24:49 -04:00
net-config-bridge.j2.yaml	Add per-network routes to NIC templates	2018-07-30 09:53:30 +02:00
net-config-linux-bridge.j2.yaml	Add per-network routes to NIC templates	2018-07-30 09:53:30 +02:00
net-config-noop.j2.yaml	Add per-network routes to NIC templates	2018-07-30 09:53:30 +02:00
net-config-standalone.j2.yaml	Add ability to specify dns search domains	2019-05-23 16:24:49 -04:00
net-config-static-bridge-with-external-dhcp.j2.yaml	Add per-network routes to NIC templates	2018-07-30 09:53:30 +02:00
net-config-static-bridge.j2.yaml	Add ability to specify dns search domains	2019-05-23 16:24:49 -04:00
net-config-static.j2.yaml	Add ability to specify dns search domains	2019-05-23 16:24:49 -04:00
net-config-undercloud.j2.yaml	Add ability to specify dns search domains	2019-05-23 16:24:49 -04:00
network_data.yaml	Allow overlay tunnel endpoints on IPv6 address	2019-09-02 15:24:34 +02:00
network_data_ganesha.yaml	Allow overlay tunnel endpoints on IPv6 address	2019-09-02 15:24:34 +02:00
network_data_openshift.yaml	Add network data for use with openshift deployments	2018-11-08 08:42:24 +01:00
network_data_routed.yaml	Allow overlay tunnel endpoints on IPv6 address	2019-09-02 15:24:34 +02:00
overcloud-resource-registry-puppet.j2.yaml	Merge "Make krb-service-principal metadata per-Role" into stable/rocky	2019-05-30 22:42:59 +00:00
overcloud.j2.yaml	Add {{role.name}}RemovalPoliciesMode parameter	2019-06-10 21:35:18 +00:00
plan-environment.yaml	Add name and description fields to plan-environment.yaml	2017-04-12 17:25:40 +02:00
requirements.txt	Ensure unique containers names in docker-puppet	2018-10-31 10:35:27 +01:00
roles_data.yaml	Ensure openstack clients are installed	2019-06-19 22:18:57 +00:00
roles_data_undercloud.yaml	[Rocky-only] Install and configure tmpwatch for log cleanup	2019-03-21 18:25:45 +01:00
setup.cfg	Drop deprecated templates/Makefile/merge.py	2015-11-25 15:00:13 -05:00
setup.py	Updated from global requirements	2017-03-28 13:03:01 +00:00
test-requirements.txt	Improve nova statedir ownership logic	2018-07-09 17:07:30 +01:00
tox.ini	Update UPPER_CONSTRAINTS_FILE for stable/rocky	2018-08-24 14:44:46 +00:00

README.rst

Team and repository tags

tripleo-heat-templates

Heat templates to deploy OpenStack using OpenStack.

Free software: Apache License (2.0)
Documentation: https://docs.openstack.org/tripleo-docs/latest/
Source: http://git.openstack.org/cgit/openstack/tripleo-heat-templates
Bugs: https://bugs.launchpad.net/tripleo
Release notes: https://docs.openstack.org/releasenotes/tripleo-heat-templates/

Features

The ability to deploy a multi-node, role based OpenStack deployment using OpenStack Heat. Notable features include:

Choice of deployment/configuration tooling: puppet, (soon) docker

Role based deployment: roles for the controller, compute, ceph, swift, and cinder storage

physical network configuration: support for isolated networks, bonding, and standard ctlplane networking

Directories

A description of the directory layout in TripleO Heat Templates.

environments: contains heat environment files that can be used with -e

on the command like to enable features, etc.

extraconfig: templates used to enable 'extra' functionality. Includes

functionality for distro specific registration and upgrades.

firstboot: example first_boot scripts that can be used when initially

creating instances.

network: heat templates to help create isolated networks and ports

puppet: templates mostly driven by configuration with puppet. To use these

templates you can use the overcloud-resource-registry-puppet.yaml.

validation-scripts: validation scripts useful to all deployment

configurations

roles: example roles that can be used with the tripleoclient to generate

a roles_data.yaml for a deployment See the roles/README.rst for additional details.

Service testing matrix

The configuration for the CI scenarios will be defined in tripleo-heat-templates/ci/ and should be executed according to the following table:

-	scn000	scn001	scn002	scn003	scn004	scn006	scn007	scn009	scn010	non-ha	ovh-ha
openshift								X
keystone	X	X	X	X	X	X	X		X	X	X
glance		rbd	swift	file	rgw	file	file		file	file	file
cinder		rbd	iscsi
heat		X	X
ironic						X
mysql	X	X	X	X	X	X	X		X	X	X
neutron		ovs	ovs	ovs	ovs	ovs	ovn		ovs	ovs	ovs
neutron-bgpvpn					wip
ovn							X
neutron-l2gw					wip
om-rpc		rabbit	rabbit	amqp1	rabbit	rabbit	rabbit		rabbit	rabbit	rabbit
om-notify		rabbit	rabbit	rabbit	rabbit	rabbit	rabbit		rabbit	rabbit	rabbit
mongodb
redis		X	X
haproxy		X	X	X	X	X	X		X	X	X
memcached		X	X	X	X	X	X		X	X	X
pacemaker		X	X	X	X	X	X		X	X	X
nova		qemu	qemu	qemu	qemu	ironic	qemu		qemu	qemu	qemu
ntp	X	X	X	X	X	X	X	X	X	X	X
snmp	X	X	X	X	X	X	X	X	X	X	X
timezone	X	X	X	X	X	X	X	X	X	X	X
sahara				X
mistral				X
swift			X
aodh		X	X
ceilometer		X	X
gnocchi		rbd	swift
panko		X	X
barbican			X
zaqar			X
ec2api			X
cephrgw					X
tacker							X
congress							X
cephmds					X
manila					X
collectd		X
fluentd		X
sensu-client		X
designate				X
octavia				X					X