Merge "Add upgrade_rabbitmq job" into release/proposed/2019.2.0
diff --git a/aodh/server/coordination/redis.yml b/aodh/server/coordination/redis.yml
index e013e0f..7b353b7 100644
--- a/aodh/server/coordination/redis.yml
+++ b/aodh/server/coordination/redis.yml
@@ -1,7 +1,9 @@
classes:
- service.redis.server.single
parameters:
+ _param:
+ aodh_coordination_url: redis://openstack:${_param:openstack_telemetry_redis_password}@${_param:redis_sentinel_node01_address}:26379?db=0&sentinel=master_1&sentinel_fallback=${_param:redis_sentinel_node02_address}:26379&sentinel_fallback=${_param:redis_sentinel_node03_address}:26379
aodh:
server:
coordination_backend:
- url: redis://${_param:single_address}:6379/${_param:cluster_node01_address}
+ url: ${_param:aodh_coordination_url}
diff --git a/cinder/control/cluster.yml b/cinder/control/cluster.yml
index 7f8e2d7..8aa97c4 100644
--- a/cinder/control/cluster.yml
+++ b/cinder/control/cluster.yml
@@ -27,6 +27,8 @@
backend: {}
version: ${_param:cinder_version}
role: ${_param:openstack_node_role}
+ # set 'image_conversion_dir' option in case of ceph deployment volume and controller running on the same node
+ image_conversion_dir: ${_param:cinder_image_conversion_dir_path}
osapi:
host: ${_param:cluster_local_address}
database:
diff --git a/cinder/control/single.yml b/cinder/control/single.yml
index b8f670d..bae7bfc 100644
--- a/cinder/control/single.yml
+++ b/cinder/control/single.yml
@@ -19,6 +19,8 @@
backend: {}
default_volume_type: ''
role: ${_param:openstack_node_role}
+ # set 'image_conversion_dir' option in case of ceph deployment volume and controller running on the same node
+ image_conversion_dir: ${_param:cinder_image_conversion_dir_path}
database:
host: ${_param:single_address}
x509:
diff --git a/cinder/volume/local.yml b/cinder/volume/local.yml
index 301946b..cd07d4d 100644
--- a/cinder/volume/local.yml
+++ b/cinder/volume/local.yml
@@ -7,6 +7,7 @@
cinder:
volume:
enabled: True
+ image_conversion_dir: ${_param:cinder_image_conversion_dir_path}
database:
host: ${_param:single_address}
x509:
diff --git a/cinder/volume/single.yml b/cinder/volume/single.yml
index 9531aa4..34f5744 100644
--- a/cinder/volume/single.yml
+++ b/cinder/volume/single.yml
@@ -13,6 +13,7 @@
cinder:
volume:
enabled: True
+ image_conversion_dir: ${_param:cinder_image_conversion_dir_path}
database:
host: ${_param:openstack_database_address}
x509:
diff --git a/defaults/docker_images.yml b/defaults/docker_images.yml
index 1c43a70..3f21778 100644
--- a/defaults/docker_images.yml
+++ b/defaults/docker_images.yml
@@ -23,11 +23,11 @@
docker_image_operations_api: "${_param:mcp_docker_registry}/mirantis/model-generator/operations-api:${_param:mcp_version}"
docker_image_operations_ui: "${_param:mcp_docker_registry}/mirantis/model-generator/operations-ui:${_param:mcp_version}"
# OpenContrail
- opencontrail_docker_image_tag: "2019.2.3"
+ opencontrail_docker_image_tag: "2019.2.4"
# stacklight
# 6.5.0 version, from 11/29/2018, differ from latest upstream 6.5.0 - update next cycle
docker_image_alerta: "${_param:mcp_docker_registry}/mirantis/external/alerta-web:${_param:mcp_version}"
- docker_image_alertmanager: "${_param:mcp_docker_registry}/openstack-docker/alertmanager:${_param:mcp_version}"
+ docker_image_alertmanager: "${_param:mcp_docker_registry}/openstack-docker/alertmanager:2019.2.4"
docker_image_grafana: "${_param:mcp_docker_registry}/openstack-docker/grafana:${_param:mcp_version}"
docker_image_prometheus_es_exporter: "${_param:mcp_docker_registry}/mirantis/external/braedon/prometheus-es-exporter:0.5.1"
docker_image_prometheus: "${_param:mcp_docker_registry}/openstack-docker/prometheus:${_param:mcp_version}"
@@ -35,7 +35,7 @@
docker_image_prometheus_gainsight_elasticsearch: "${_param:mcp_docker_registry}/openstack-docker/gainsight_elasticsearch:${_param:mcp_version}"
docker_image_prometheus_relay: "${_param:mcp_docker_registry}/openstack-docker/prometheus_relay:${_param:mcp_version}"
docker_image_pushgateway: "${_param:mcp_docker_registry}/openstack-docker/pushgateway:${_param:mcp_version}"
- docker_image_remote_agent: "${_param:mcp_docker_registry}/openstack-docker/telegraf:${_param:mcp_version}"
+ docker_image_remote_agent: "${_param:mcp_docker_registry}/openstack-docker/telegraf:2019.2.4"
docker_image_remote_collector: "${_param:mcp_docker_registry}/openstack-docker/heka:${_param:mcp_version}"
docker_image_remote_storage_adapter: "${_param:mcp_docker_registry}/openstack-docker/remote_storage_adapter:${_param:mcp_version}"
docker_image_sf_notifier: "${_param:mcp_docker_registry}/openstack-docker/sf_notifier:2019.2.3"
@@ -45,7 +45,7 @@
docker_image_keycloak_server: "${_param:mcp_docker_registry}/mirantis/external/jboss/keycloak:4.5.0.Final"
docker_image_keycloak_proxy: "${_param:mcp_docker_registry}/mirantis/external/jboss/keycloak:3.4.2.Final"
# CVP
- docker_image_cvp_sanity_checks: ${_param:mcp_docker_registry}/mirantis/cvp/cvp-sanity-checks:2019.2.3
+ docker_image_cvp_sanity_checks: ${_param:mcp_docker_registry}/mirantis/cvp/cvp-sanity-checks:2019.2.4
docker_image_cvp_shaker_checks: ${_param:mcp_docker_registry}/mirantis/cvp/cvp-shaker:2019.2.3
# aptly
docker_image_aptly:
diff --git a/defaults/openstack/init.yml b/defaults/openstack/init.yml
index 711ab06..4b1960d 100644
--- a/defaults/openstack/init.yml
+++ b/defaults/openstack/init.yml
@@ -14,12 +14,15 @@
openstack_kmn_service_host: ${_param:openstack_kmn_service_hostname}.${linux:system:domain}
openstack_telemetry_service_host: ${_param:openstack_telemetry_service_hostname}.${linux:system:domain}
openstack_service_user_enabled: True
+ openstack_upgrade_enabled: False
# SSL
ceilometer_agent_ssl_enabled: False
openstack_mysql_x509_enabled: False
# for non-ssl use 5672 / for ssl 5671
openstack_rabbitmq_port: 5672
openstack_rabbitmq_x509_enabled: False
+ # RabbitMQ
+ rabbitmq_upgrade_enabled: ${_param:openstack_upgrade_enabled}
# Openstack memcache
openstack_memcached_server_bind_address: 0.0.0.0
openstack_memcache_security_enabled: False
@@ -28,7 +31,6 @@
openstack_memcached_proto_udp_enabled: False
openstack_version: queens
openstack_old_version: ${_param:openstack_version}
- openstack_upgrade_enabled: False
# Security compliance user options
openstack_service_user_options:
ignore_change_password_upon_first_use: True
@@ -42,6 +44,7 @@
cinder_version: ${_param:openstack_version}
cinder_upgrade_enabled: ${_param:openstack_upgrade_enabled}
cinder_service_user_enabled: ${_param:openstack_service_user_enabled}
+ cinder_image_conversion_dir_path: /var/tmp/cinder/conversion
# Nova
nova_memcache_security_enabled: ${_param:openstack_memcache_security_enabled}
nova_memcache_secret_key: ''
diff --git a/docker/client/compose/service/jenkins.yml b/docker/client/compose/service/jenkins.yml
index 55aacdc..7045b66 100644
--- a/docker/client/compose/service/jenkins.yml
+++ b/docker/client/compose/service/jenkins.yml
@@ -3,7 +3,7 @@
parameters:
_param:
jenkins_master_extra_opts: ""
- jenkins_master_executors_num: 4
+ jenkins_master_executors_num: 0
jenkins_master_max_concurent_requests: 40
jenkins_home_dir_path: /var/jenkins_home
docker:
diff --git a/docker/swarm/stack/jenkins/master.yml b/docker/swarm/stack/jenkins/master.yml
index 6af8d3e..4647521 100644
--- a/docker/swarm/stack/jenkins/master.yml
+++ b/docker/swarm/stack/jenkins/master.yml
@@ -4,7 +4,7 @@
parameters:
_param:
jenkins_master_extra_opts: ""
- jenkins_master_executors_num: 4
+ jenkins_master_executors_num: 0
jenkins_master_max_concurent_requests: 40
jenkins_home_dir_path: /var/jenkins_home
docker:
diff --git a/gnocchi/common/coordination/redis.yml b/gnocchi/common/coordination/redis.yml
index 673d9bd..99a5090 100644
--- a/gnocchi/common/coordination/redis.yml
+++ b/gnocchi/common/coordination/redis.yml
@@ -1,6 +1,6 @@
parameters:
_param:
- gnocchi_coordination_url: redis://${_param:single_address}:6379
+ gnocchi_coordination_url: redis://openstack:${_param:openstack_telemetry_redis_password}@${_param:redis_sentinel_node01_address}:26379?db=0&sentinel=master_1&sentinel_fallback=${_param:redis_sentinel_node02_address}:26379&sentinel_fallback=${_param:redis_sentinel_node03_address}:26379
gnocchi:
common:
coordination_backend:
diff --git a/gnocchi/common/storage/incoming/redis.yml b/gnocchi/common/storage/incoming/redis.yml
index d0f04d7..9d10bae 100644
--- a/gnocchi/common/storage/incoming/redis.yml
+++ b/gnocchi/common/storage/incoming/redis.yml
@@ -1,10 +1,10 @@
parameters:
_param:
- gnocchi_storage_incoming_redis_url: redis://${_param:single_address}:6379
+ gnocchi_storage_incoming_redis_url: redis://openstack:${_param:openstack_telemetry_redis_password}@${_param:redis_sentinel_node01_address}:26379?db=0&sentinel=master_1&sentinel_fallback=${_param:redis_sentinel_node02_address}:26379&sentinel_fallback=${_param:redis_sentinel_node03_address}:26379
gnocchi_storage_incoming_driver: redis
gnocchi:
common:
storage:
incoming:
driver: ${_param:gnocchi_storage_incoming_driver}
- redis_url: ${_param:gnocchi_storage_incoming_redis_url}
\ No newline at end of file
+ redis_url: ${_param:gnocchi_storage_incoming_redis_url}
diff --git a/gnocchi/common/storage/redis.yml b/gnocchi/common/storage/redis.yml
index d71fcf0..8bb855e 100644
--- a/gnocchi/common/storage/redis.yml
+++ b/gnocchi/common/storage/redis.yml
@@ -1,9 +1,9 @@
parameters:
_param:
- gnocchi_storage_redis_url: redis://${_param:single_address}:6379
+ gnocchi_storage_redis_url: redis://openstack:${_param:openstack_telemetry_redis_password}@${_param:redis_sentinel_node01_address}:26379?db=0&sentinel=master_1&sentinel_fallback=${_param:redis_sentinel_node02_address}:26379&sentinel_fallback=${_param:redis_sentinel_node03_address}:26379
gnocchi_storage_driver: redis
gnocchi:
common:
storage:
driver: ${_param:gnocchi_storage_driver}
- redis_url: ${_param:gnocchi_storage_redis_url}
\ No newline at end of file
+ redis_url: ${_param:gnocchi_storage_redis_url}
diff --git a/haproxy/proxy/listen/keycloak.yml b/haproxy/proxy/listen/keycloak.yml
index 89a9670..73697a3 100644
--- a/haproxy/proxy/listen/keycloak.yml
+++ b/haproxy/proxy/listen/keycloak.yml
@@ -1,7 +1,7 @@
parameters:
_param:
haproxy_keycloak_bind_host: ${_param:haproxy_bind_address}
- haproxy_keycloak_bind_port: 8080
+ haproxy_keycloak_bind_port: 8086
haproxy_keycloak_exposed_port: 18086
haproxy_keycloak_ssl:
enabled: false
diff --git a/jenkins/client/init.yml b/jenkins/client/init.yml
index 59faa0b..711c855 100644
--- a/jenkins/client/init.yml
+++ b/jenkins/client/init.yml
@@ -1,8 +1,9 @@
classes:
- - service.jenkins.support
- - service.jenkins.client
- - system.jenkins.client.approved_scripts
- - system.jenkins.client.plugins
+- service.jenkins.support
+- service.jenkins.client
+- system.jenkins.client.approved_scripts
+- system.jenkins.client.plugins
+- system.jenkins.client.security.csrf
parameters:
_param:
jenkins_client_user: none
diff --git a/jenkins/client/job/validate.yml b/jenkins/client/job/validate.yml
index cca73c5..90e135f 100644
--- a/jenkins/client/job/validate.yml
+++ b/jenkins/client/job/validate.yml
@@ -248,7 +248,7 @@
description: Credentials to the Salt API
TEST_IMAGE:
type: string
- default: "xrally/xrally-openstack:0.10.1"
+ default: "xrally/xrally-openstack:0.11.2"
description: Docker image to use for running Rally/Tempest
TARGET_NODE:
type: string
@@ -308,7 +308,7 @@
description: Node where container with tempest will be run
TEST_IMAGE:
type: string
- default: "xrally/xrally-openstack:0.10.1"
+ default: "xrally/xrally-openstack:0.11.2"
description: Docker image to use for running Rally/Tempest
TARGET_NODES:
type: string
@@ -346,6 +346,53 @@
type: string
default: "https://github.com/Mirantis/cvp-configuration"
description: URL of repo where testing tools, scenarios, configs are located.
+ cvp-tempest:
+ type: workflow-scm
+ name: cvp-tempest
+ display_name: "CVP-Tempest (technical preview)"
+ discard:
+ build:
+ keep_num: 20
+ artifact:
+ keep_num: 20
+ concurrent: false
+ scm:
+ type: git
+ url: "${_param:jenkins_gerrit_url}/mk/mk-pipelines"
+ branch: "${_param:jenkins_pipelines_branch}"
+ credentials: "gerrit"
+ script: cvp-tempest.groovy
+ param:
+ PREPARE_RESOURCES:
+ type: boolean
+ default: true
+ description: Prepare resources for Tempest
+ SALT_MASTER_URL:
+ type: string
+ default: "${_param:jenkins_salt_api_url}"
+ description: SALT_MASTER_URL
+ TEMPEST_TEST_PATTERN:
+ type: string
+ default: "set=smoke"
+ description: Use set=smoke, set=full or just test name (regex)
+ TEMPEST_ENDPOINT_TYPE:
+ type: choice
+ choices:
+ - internalURL
+ - adminURL
+ - publicURL
+ description: Openstack endpoint type to use during test run.
+ EXTRA_PARAMS:
+ type: text
+ default: |
+ ---
+ DEBUG_MODE: false
+ GENERATE_CONFIG: true
+ TARGET_NODE: "I@gerrit:client"
+ SKIP_LIST_PATH: ""
+ TEST_IMAGE: "docker-prod-virtual.docker.mirantis.net/mirantis/cicd/ci-tempest:${_param:openstack_version}"
+ report_prefix: "cvp_"
+ description: YAML context with additional parameters
cvp-perf:
type: workflow-scm
name: cvp-perf
@@ -373,7 +420,7 @@
description: Path to scenario file in container
TEST_IMAGE:
type: string
- default: "xrally/xrally-openstack:0.10.1"
+ default: "xrally/xrally-openstack:0.11.2"
description: Docker image to use for running Rally/Tempest
SALT_MASTER_URL:
type: string
diff --git a/jenkins/client/node.yml b/jenkins/client/node.yml
index e5e4d3b..2de0022 100644
--- a/jenkins/client/node.yml
+++ b/jenkins/client/node.yml
@@ -7,8 +7,7 @@
master:
node_mode: Exclusive
remote_home: /var/lib/jenkins
- labels:
- - python
+ num_executors: 0
launcher:
type: master
slave01:
diff --git a/jenkins/client/security/csrf.yml b/jenkins/client/security/csrf.yml
new file mode 100644
index 0000000..0f65db0
--- /dev/null
+++ b/jenkins/client/security/csrf.yml
@@ -0,0 +1,6 @@
+parameters:
+ jenkins:
+ client:
+ security:
+ csrf:
+ enable: True
diff --git a/keystone/client/service/radosgw-swift.yml b/keystone/client/service/radosgw-swift.yml
index e93f9b4..c8b6569 100644
--- a/keystone/client/service/radosgw-swift.yml
+++ b/keystone/client/service/radosgw-swift.yml
@@ -8,6 +8,8 @@
client:
server:
identity:
+ roles:
+ - ResellerAdmin
project:
service:
user:
@@ -16,6 +18,11 @@
password: ${_param:keystone_swift_password}
email: ${_param:admin_email}
options: ${_param:openstack_service_user_options}
+ admin:
+ user:
+ admin:
+ roles:
+ - ResellerAdmin
service:
radosgw-swift:
type: object-store
diff --git a/keystone/client/v3/service/radosgw-swift.yml b/keystone/client/v3/service/radosgw-swift.yml
index ca06fed..2e78bb9 100644
--- a/keystone/client/v3/service/radosgw-swift.yml
+++ b/keystone/client/v3/service/radosgw-swift.yml
@@ -6,6 +6,10 @@
client:
resources:
v3:
+ roles:
+ reseller_admin:
+ name: ResellerAdmin
+ enabled: true
users:
swift:
password: ${_param:keystone_swift_password}
@@ -15,6 +19,11 @@
service_admin:
name: admin
project_id: service
+ admin:
+ roles:
+ reseller_admin:
+ name: ResellerAdmin
+ project_id: admin
services:
radosgw-swift:
type: object-store
diff --git a/keystone/server/cluster.yml b/keystone/server/cluster.yml
index 7e9ea1b..824c6b5 100644
--- a/keystone/server/cluster.yml
+++ b/keystone/server/cluster.yml
@@ -37,7 +37,7 @@
region: ${_param:openstack_region}
bind:
address: ${_param:cluster_local_address}
- private_address: ${_param:cluster_vip_address}
+ private_address: ${_param:openstack_service_host}
private_port: 35357
public_address: ${_param:cluster_vip_address}
public_port: 5000
diff --git a/rabbitmq/server/cluster.yml b/rabbitmq/server/cluster.yml
index c9de9a8..2971795 100644
--- a/rabbitmq/server/cluster.yml
+++ b/rabbitmq/server/cluster.yml
@@ -1,4 +1,5 @@
classes:
- service.rabbitmq.server.cluster
- service.keepalived.cluster.single
-- service.haproxy.proxy.single
\ No newline at end of file
+- service.haproxy.proxy.single
+- system.rabbitmq.upgrade
diff --git a/rabbitmq/server/single.yml b/rabbitmq/server/single.yml
index 6183f81..9982957 100644
--- a/rabbitmq/server/single.yml
+++ b/rabbitmq/server/single.yml
@@ -1,2 +1,3 @@
classes:
- service.rabbitmq.server.single
+- system.rabbitmq.upgrade
diff --git a/rabbitmq/upgrade/init.yml b/rabbitmq/upgrade/init.yml
new file mode 100644
index 0000000..3a75137
--- /dev/null
+++ b/rabbitmq/upgrade/init.yml
@@ -0,0 +1,4 @@
+parameters:
+ rabbitmq:
+ upgrade:
+ enabled: ${_param:rabbitmq_upgrade_enabled}