1349 Commits

Author SHA1 Message Date
Zuul
ff2c29b21c Merge "Support bypassing Monasca Log API for control plane logs" 2021-03-24 19:03:19 +00:00
Zuul
d3a1a1a504 Merge "Support disabling Monasca alerting pipeline" 2021-03-24 19:02:54 +00:00
Zuul
f9a9a9f327 Merge "Disable Monasca Log Metrics service by default" 2021-03-24 18:32:17 +00:00
Zuul
6c18e5814e Merge "Remove Monasca Log Transformer" 2021-03-24 18:21:04 +00:00
Michal Nasiadka
7a066f7154 Add missing octavia-driver-agent
For using 3rd party Octavia providers (such as OVN provider) an
octavia-driver-agent container must be running to expose those providers to
use.

OVN CI job has been extended with deploying Octavia and testing OVN Load
Balancer.

Closes-Bug: #1903506
Depends-On: https://review.opendev.org/c/openstack/kolla/+/771191

Change-Id: Ibafa8b7307981f2a51e630cc113d18af6162171c
2021-03-24 16:36:44 +00:00
Zuul
cdffc4845f Merge "prometheus: Collect metrics from rabbitmq" 2021-03-24 10:23:09 +00:00
Piotr Parczewski
268f0e4c9f Disable usage collection in Kibana
This commit disables collection of usage data in Kibana by default.
User has still an option to enable it via GUI. Reference: [1]

[1] https://www.elastic.co/guide/en/kibana/7.x/telemetry-settings-kbn.html

Change-Id: Ic3a8bf05a73fb042ae42cbd26ccced60240d8e94
2021-03-22 22:28:30 +01:00
Will Szumski
25c33f9c94 Make it possible to override automatic fluentd version detection
One use case for this is so that you can generate config in a CI job
without access to the container repository. It also removes the
dependency of having docker configured for config generation.

TrivialFix

Change-Id: I0d388851c8b953af0494e44ae569e7eb9e15c326
2021-03-18 08:59:56 +00:00
Zuul
2ba4c88c8d Merge "Add support for custom grafana dashboards" 2021-03-17 16:48:48 +00:00
Zuul
e18ccdb972 Merge "Disable Docker iptables and bridge networking by default" 2021-03-17 16:48:18 +00:00
Zuul
ea2f0e6aa4 Merge "[docker] Added a new flag to disable default network" 2021-03-17 16:47:59 +00:00
Zuul
610dead041 Merge "Upgrade service configuration for ELK 7" 2021-03-17 15:03:58 +00:00
Bartosz Bezak
a9e30382fe Add support for custom grafana dashboards
Allow users to import custom grafana dashboards.
Dashboards as JSON files should be placed into
"{{ node_custom_config }}/grafana/dashboards/" folder.

Change-Id: Id0f83b8d08541b3b74649f097b10c9450201b426
2021-03-16 17:10:19 +01:00
Doug Szumski
c2e08be414 Upgrade service configuration for ELK 7
ELK 7 requires some minor changes from the existing ELK 6 config.

Depends-On: Icfa3db5788b25f70ee75411dbaf20d8d4a6a734b
Change-Id: I9815d202a77da0477aea43d714a5def8a24724fa
2021-03-16 10:03:53 +00:00
wuchunyang
48cd90a8d5 Use Docker healthchecks for ceilometer services
This change enables the use of Docker healthchecks for ceilometer
services.
Implements: blueprint container-health-check

Change-Id: Ieed654e694e9a0a63fd3f0906395bc7bf7c07552
2021-03-15 22:24:36 +08:00
zhubingbing
f486e4930f prometheus: Collect metrics from rabbitmq
The rabbitmq_prometheus plugin is available in RabbitMQ 3.8.

https://www.rabbitmq.com/prometheus.html

Implements: blueprint rabbitmq-prometheus
Co-Authored-By: Mark Goddard <mark@stackhpc.com>
Change-Id: I4d69a93a6c70db8d40626042cdbe773747b238ae
2021-03-15 10:30:08 +00:00
LinPeiWen
35e15a770a Use Docker healthchecks for haproxy services
This change enables the use of Docker healthchecks for haproxy services.
Implements: blueprint container-health-check

Change-Id: I4b486e9c78e9a01a0f5983b83aca00ea3a001dcc
2021-03-13 06:22:58 +00:00
LinPeiWen
d3e91045f5 Use Docker healthchecks for qdrouterd services
This change enables the use of Docker healthchecks for qdrouterd services.
Implements: blueprint container-health-check

Change-Id: If689be90690251180972454ed0baee658cc5e895
2021-03-12 01:07:39 +00:00
Mark Goddard
aec027c435 Disable Docker iptables and bridge networking by default
In I165199fc98fb98f227f2a20284e1bab03ef65b5b and
Ic745300b27e50132d80d03787fa4abfada2d0173 we provided flags to disable
Docker's control of iptables and bridge networking respectively. The
original behaviour was maintained for backwards compatibility, to allow
the patches to be backported.

This patch changes the default behaviour to disable the manipulation of
iptables and disabling bridge networking.

Related-Bug: #1849275
Related-Bug: #1848249

Change-Id: I4e8206f13a847ff79e06c36d22068597458b6c3d
2021-03-11 18:03:31 +00:00
Dincer Celik
4053a0afdb [docker] Added a new flag to disable default network
Docker is using 172.17.0.0/16 by default for bridge networking on
docker0, and this might cause routing problems for operator networks.

This change introduces docker_disable_default_network to disable the
bridge networking by putting "bridge: none"[1] to daemon.json

Bridge networking does not work without iptables, so we set the default
for docker_disable_default_network to
docker_disable_default_iptables_rules.

For better defaults, this feature will be enabled by default in
Wallaby.

[1] https://docs.docker.com/engine/reference/commandline/dockerd/

Change-Id: Ic745300b27e50132d80d03787fa4abfada2d0173
Closes-Bug: #1848249
Related-Bug: #1849275
2021-03-11 18:03:28 +00:00
LinPeiWen
10f79eda1d Use Docker healthchecks for elasticsearch services
This change enables the use of Docker healthchecks for elasticsearch services.
Implements: blueprint container-health-check

Change-Id: Ib50d56cc206a80b20a4f96e95bcdd8d11269234f
2021-03-11 15:13:58 +00:00
wuchunyang
2db0a2a62d Use Docker healthchecks for kuryr services
This change enables the use of Docker healthchecks for kuryr
services.
Implements: blueprint container-health-check

Change-Id: Ia4401f97140e2c2acc37d5ee3aaf90544747c547
2021-03-11 21:03:46 +08:00
LinPeiWen
28dbde6add Use Docker healthchecks for kibana services
This change enables the use of Docker healthchecks for kibana services.
Implements: blueprint container-health-check

Change-Id: If7525e193c245435410b4071aed6d3b566424219
2021-03-11 11:28:12 +00:00
wuchunyang
04b970ca08 Use Docker healthchecks for zun services
This change enables the use of Docker healthchecks for zun
services.
Implements: blueprint container-health-check

Change-Id: I32ffa9754820098bb4d3325b25fc7a1a624507d5
2021-03-10 23:24:20 +08:00
Maksim Malchuk
835920782f Correctly configure S3 Token Middleware for Swift
According the documentation [1] there need to configure auth_uri in the
[filter:s3token] section instead of www_authenticate_uri which cause an
error 'swift.common.wsgi.ConfigFileError: Invalid auth_uri; must
include scheme and host' during start the swift-proxy-server container.

1. https://docs.openstack.org/swift/ussuri/middleware.html#s3-token-middleware

Change-Id: I6b8f5807ebb746428a501dca13eae30763dede8d
Closes-Bug: 1862765
Signed-off-by: Maksim Malchuk <maksim.malchuk@gmail.com>
2021-03-10 13:03:35 +00:00
Zuul
02371e0c82 Merge "Use Docker healthchecks for trove services" 2021-03-10 10:05:37 +00:00
Zuul
343268f060 Merge "Use Docker healthchecks for octavia services" 2021-03-10 10:05:18 +00:00
Zuul
4aa44f2caa Merge "Use Docker healthchecks for ironic services" 2021-03-10 03:42:35 +00:00
wuchunyang
f332fe8bb5 Remove cinder v2 api
Cinder api v2 support removed in  wallaby.
refer to http://lists.openstack.org/pipermail/openstack-discuss/2020-November/018697.html

Change-Id: I120101d6c30f9169f4c3811357b5ed06496c90ff
2021-03-10 11:24:40 +08:00
Zuul
261cce4f45 Merge "Add missing elasticsearch cloudkitty storage and prometheus collector backend support." 2021-03-09 20:18:28 +00:00
Zuul
cc1dda3035 Merge "Add Neutron DHCP agent to OVN networking setup" 2021-03-09 20:15:28 +00:00
Zuul
f0e4b582f7 Merge "Use Docker healthchecks for aodh services" 2021-03-09 20:15:12 +00:00
Zuul
ca8ab179a1 Merge "Use Docker healthchecks for gnocchi services" 2021-03-09 19:28:43 +00:00
Zuul
8fc45da505 Merge "Use Docker healthchecks for designate services" 2021-03-09 19:08:29 +00:00
Zuul
5ccd134cd1 Merge "Deprecate Prometheus 1.x" 2021-03-09 17:51:13 +00:00
LinPeiWen
bca6a34fcc Use Docker healthchecks for vitrage services
This change enables the use of Docker healthchecks for vitrage services.
Implements: blueprint container-health-check

Change-Id: Icd2a8471a08b737352cfe941b5d38b02ed3b19fe
2021-03-08 14:49:33 +00:00
LinPeiWen
c3969c4a7d Use Docker healthchecks for aodh services
This change enables the use of Docker healthchecks for aodh services.
Implements: blueprint container-health-check

Change-Id: Ic477ac77f7ea5c50de473382fb1ec63d78043267
2021-03-08 14:29:52 +00:00
LinPeiWen
3e9ad63187 Use Docker healthchecks for gnocchi services
This change enables the use of Docker healthchecks for gnocchi services.
Implements: blueprint container-health-check

Change-Id: Ib1eb766d061c376c0bdd693dd6ea1e5b3e3fc02a
2021-03-08 14:27:33 +00:00
LinPeiWen
cb537eb8d3 Use Docker healthchecks for ironic services
This change enables the use of Docker healthchecks for ironic services.
Implements: blueprint container-health-check

Change-Id: If0a11db5470899c3a0e69ca94fdd0903daadcf8b
2021-03-08 14:18:03 +00:00
LinPeiWen
51171452a8 Use Docker healthchecks for designate services
This change enables the use of Docker healthchecks for designate services.
Implements: blueprint container-health-check

Change-Id: Ide66a914b790ad9c106ba932a923654a960f7abf
2021-03-08 14:07:43 +00:00
LinPeiWen
72df931b58 Use Docker healthchecks for kafka services
This change enables the use of Docker healthchecks for kafka services.
Implements: blueprint container-health-check

Change-Id: I31c978be7f8687de1e41b168712aceed28c67a8a
2021-03-08 10:44:02 +00:00
Zuul
7c0c4dd6fd Merge "Remove whitespace around equal signs in zookeeper.cfg" 2021-03-07 11:04:54 +00:00
Zuul
4e7d1ab9cb Merge "Add variable for changing Apache HTTP timeout" 2021-03-07 10:41:37 +00:00
Pierre Riteau
2b723ead05 Remove whitespace around equal signs in zookeeper.cfg
The merge_configs action plugin is updated with an option to control
whether whitespace should be used around equal signs. The default
remains to use whitespace: only zookeeper.cfg doesn't use them.

This is to avoid issues with the zkCleanup.sh script which expects no
whitespace. The ZooKeeper documentation also uses no whitespace in
configuration file examples.

Change-Id: Ia082a1c002cc4e8b04f7696fdee827b747c6d13f
Closes-Bug: #1917490
2021-03-05 15:12:23 +01:00
Zuul
9194a3e99b Merge "Fix Cinder log parsing" 2021-03-04 13:03:17 +00:00
Doug Szumski
647ff667e6 Add variable for changing Apache HTTP timeout
In services which use the Apache HTTP server to service HTTP requests,
there exists a TimeOut directive [1] which defaults to 60 seconds. APIs
which come under heavy load, such as Cinder, can sometimes exceed this
which results in a HTTP 504 Gateway timeout, or similar. However, the
request can still be serviced without error. For example, if Nova calls
the Cinder API to detach a volume, and this operation takes longer
than the shortest of the two timeouts, Nova will emit a stack trace
with a 504 Gateway timeout. At some time later, the request to detach
the volume will succeed. The Nova and Cinder DBs then become
out-of-sync with each other, and frequently DB surgery is required.

Although strictly this category of bugs should be fixed in OpenStack
services, it is not realistic to expect this to happen in the short
term. Therefore, this change makes it easier to set the Apache HTTP
timeout via a new variable.

An example of a related bug is here:

https://bugs.launchpad.net/nova/+bug/1888665

Whilst this timeout can currently be set by overriding the WSGI
config for individual services, this change makes it much easier.

Change-Id: Ie452516655cbd40d63bdad3635fd66693e40ce34
Closes-Bug: #1917648
2021-03-04 11:25:06 +00:00
Doug Szumski
ca1a80ab2f Support bypassing Monasca Log API for control plane logs
This change allows a user to forward control plane logs
directly to Elasticsearch from Fluentd, rather than via
the Monasca Log API when Monasca is enabled. The Monasca
Log API can continue to handle tenant logs.

For many use cases this is simpler, reduces resource
consumption and helps to decouple control plane logging
services from tenant logging services.

It may not always be desired, so is optional and off by
default.

Change-Id: I195e8e4b73ca8f573737355908eb30a3ef13b0d6
2021-03-04 09:19:50 +00:00
Doug Szumski
444097848c Support disabling Monasca alerting pipeline
The Monasca alerting pipeline provides multi-tenancy alerts and
notifications. It runs as an Apache Storm topology and generally
places a significant memory and CPU burden on monitoring hosts,
particularly when there are lot of metrics. This is fine if the
alerting service is in use, but sometimes it is not. For example
you may use Prometheus for monitoring the control plane, and
wish to offer tenants a monitoring service via Monasca without
alerting and notification functionality. In this case it makes
sense to disable this part of the Monasca pipeline and this patch
adds support for that.

If the service is ever re-enabled, all alerts and notifications
should spawn back automatically since they are persisted in the
central mysql database cluster.

Change-Id: I84aa04125c621712f805f41c8efbc92c8e156db9
2021-03-04 09:19:44 +00:00
Doug Szumski
a52d661219 Disable Monasca Log Metrics service by default
The Log Metrics service is an admin only service. We now have
support in Fluentd via the Prometheus plugin to create metrics
from logs. These metrics can be scraped into Monasca or Prometheus.
It therefore makes sense to deprecate this service, starting by
disabling it by default, and then removing it in the Xena release.
This should improve the stability of the Monasca metrics pipeline
by ensuring that all metrics pass via the Monasca API for
validation, and ensure that metrics generated from logs are
available to both Prometheus and Monasca users by default.

Change-Id: I704feb4434c1eece3eb00c19dc5f934fd4bc27b4
2021-03-03 17:20:18 +00:00
Doug Szumski
0743a9bf4b Remove Monasca Log Transformer
Historically Monasca Log Transformer has been for log
standardisation and processing. For example, logs from different
sources may use slightly different error levels such as WARN, 5,
or WARNING. Monasca Log Transformer is a place where these could
be 'squashed' into a single error level to simplify log searches
based on labels such as these.

However, in Kolla Ansible, we do this processing in Fluentd so
that the simpler Fluentd -> Elastic -> Kibana pipeline also
benefits. This helps to avoid spreading out log parsing
configuration over many services, with the Fluentd Monasca output
plugin being yet another potential place for processing (which
should be avoided). It therefore makes sense to remove this
service entirely, and squash any existing configuration which
can't be moved to Fluentd into the Log Perister service. I.e.
by removing this pipeline, we don't loose any functionality,
we encourage log processing to take place in Fluentd, or at least
outside of Monasca, and we make significant gains in efficiency
by removing a topic from Kafka which contains a copy of all logs
in transit.

Finally, users forwarding logs from outside the control plane,
eg. from tenant instances, should be encouraged to process the
logs at the point of sending using whichever framework they are
forwarding them with. This makes sense, because all Logstash
configuration in Monasca is only accessible by control plane
admins. A user can't typically do any processing inside Monasca,
with or without this change.

Change-Id: I65c76d0d1cd488725e4233b7e75a11d03866095c
2021-03-03 17:20:18 +00:00