When only the directory is specified, separate log files
are created for the Nova API / metadata services with a
-wsgi postfix. This affects the 'programname' field in
Fluentd which affects the processing of these logs. This
is a regression.
When the log file name is specified, the directory is
not required.
Closes-Bug: #1950185
Change-Id: I8fec8b787349f83c05d8af7f52fc58da7c3e9cc4
In case of running mariadb role with --limit the group_by module will only include the limited hosts and other hosts that are not limited by ansible will not be included.
Using add_host will add all hosts in mariadb group to their shards group
Signed-off-by: Seena Fallah <seenafallah@gmail.com>
Change-Id: I1331698e313bd714a16fc35f38fb579d75b56370
Closes-Bug: #1947589
This reverts commit 15259002beb6b9f35f8eee6529132c6e1a126902.
Reason for revert: The iptables_firewall produces warnings without it.
Change-Id: Id046a3048436c4c18dd1fd9700ac9971d8c42c57
Correct typo in role's playbook in order to be able to deploy
the service with customized policy file.
Change-Id: I252ffaf73dd2a649387ddacc73286b49f36dfdf2
Closes-Bug: #1948835
The copy job for the grafana home dashboard file needs to run
priviliged, otherwise permission denied error occurs.
Closes-Bug: #1947710
Change-Id: Ib15e961e5193af55e45a443305a96667295f3cb7
There seems to be a bug in Galera that causes
TASK [mariadb : Check MariaDB service WSREP sync status]
to fail.
One (in case of 3-node cluster) or more (possible with
more-than-3-node clusters) nodes may "lose the race" and get stuck
in the "initialized" state of WSREP.
This is entirely random as is the case with most race issues.
MariaDB service restart on that node will fix the situation but
it's unwieldy.
The above may happen because Kolla Ansible starts and waits for
all new nodes at once.
This did not bother the old galera (galera 3) which figured out
the ordering for itself and let each node join the cluster properly.
The proposed workaround is to start and wait for nodes serially.
Change-Id: I449d4c2073d4e3953e9f09725577d2e1c9d563c9
Closes-Bug: #1947485
Add file to the reno documentation build to show release notes for
stable/xena.
Use pbr instruction to increment the minor version number
automatically so that master versions are higher than the versions on
stable/xena.
Sem-Ver: feature
Change-Id: I5ec222dde45ed36b70547f4d03612e91fc2ea02e
This change adds the dnsmasq.log for the ironic-dnsmasq container and
also enables more verbose logging when debug logging enabled.
This can be triggered globbaly via 'openstack_logging_debug' or per
service via 'ironic_logging_debug' or 'neutron_logging_debug'.
Change-Id: I0e6b089beb88827effbcc365625eb2df902f5470
Signed-off-by: Maksim Malchuk <maksim.malchuk@gmail.com>
Updates the default value of 'monasca_ntp_server' from
'external_ntp_servers[0]' to '0.pool.ntp.org'. This is due to the
removal of the 'external_ntp_servers' variable as part of the removal of
Chrony deployment.
Change-Id: I2e7538a2e95c7b8e9280eb051ee634b4313db129
chrony is not supported in Xena cycle, remove it from kolla
Moved tasks from chrony role to chrony-cleanup.yml playbook to avoid a
vestigial chrony role.
Co-Authored-By: Mark Goddard <mark@stackhpc.com>
Change-Id: I5a730d55afb49d517c85aeb9208188c81e2c84cf
* Register Swift-compatible endpoints in Keystone
* Load balance across RadosGW API servers using HAProxy
The support is exercised in the cephadm CI jobs, but since RGW is
not currently enabled via cephadm, it is not yet tested.
https://docs.ceph.com/en/latest/radosgw/keystone/
Implements: blueprint ceph-rgw
Change-Id: I891c3ed4ed93512607afe65a42dd99596fd4dbf9
A system-scoped token implies the user has authorization to act on the
deployment system. These tokens are useful for interacting with
resources that affect the deployment as a whole, or exposes resources
that may otherwise violate project or domain isolation.
Since Queens, the keystone-manage bootstrap command assigns the admin
role to the admin user with system scope, as well as in the admin
project. This patch transitions the Keystone admin user from
authenticating using project scoped tokens to system scoped tokens.
This is a necessary step towards being able to enable the updated oslo
policies in services that allow finer grained access to system-level
resources and APIs.
An etherpad with discussion about the transition to the new oslo
service policies is:
https://etherpad.opendev.org/p/enabling-system-scope-in-kolla-ansible
Change-Id: Ib631e2211682862296cce9ea179f2661c90fa585
Signed-off-by: Niklas Hagman <ubuntu@post.blinkiz.com>
This patch adding option to control weight of haproxy
backends per service via host variable.
Example:
[control]
server1 haproxy_nova_api_weight=10
server2 haproxy_nova_api_weight=2 haproxy_keystone_internal_weight=10
server3 haproxy_keystone_admin_weight=50
If weight is not defined, everything is working as before.
Change-Id: Ie8cc228198651c57f8ffe3eb060875e45d1f0700
This change bumps up max supported Ansible version
to 4.x (ansible-core 2.11.x) and minimum to 2.10.
Change-Id: I8b9212934dfab3831986e8db55671baee32f4bbd
This patch is adding --check and --diff options
to kolla-ansible, which cause that kolla-ansible
run will be more verbose and able to run in
semi dry-run mode.
The --diff option for kolla-ansible can be used alone or
with --check. When you run in diff mode, any module that
supports diff mode reports the changes made or, if used
with --check, the changes that would have been made.
Diff mode is most common in modules that manipulate files
(for example, the template module) but other modules might
also show ‘before and after’ information
(for example, the user module).
For more information check [1].
[1] https://docs.ansible.com/ansible/latest/user_guide/playbooks_checkmode.html#using-diff-mode
Change-Id: Ifb82ea99e5af82540e938eab9e2a442b2820d7df
