This fixes issues reported by Mark:
- possible failure with 4-node cluster (however unlikely)
- failure to stop all nodes from progressing when conditions are
not valid (due to: "any_errors_fatal: False")
Change-Id: Ib6995bf4c99202c9813859b3d9e2f420448f0445
This change introduces prune-images command.
Uses docker_prune module of Ansible that comes with version 2.8.
Depends-On: https://review.opendev.org/#/c/699333/
Implements: blueprint docker-image-pruning
Change-Id: Icbf374dd50e1cc1f1604bb4fa779b34279efd50c
Introduce user modifiable variables instead of fixed-names
of Ceph keyring files for external Ceph functionality.
Change-Id: I1a33b3f9d6eca5babf53b91187461e43aef865ce
204 for very long url which is hard to break safely
306 for "echo | docker" as echo should not fall
Change-Id: I14df39d611d39ad1f6184ab92d628cb010881fbb
These affected both deploy (and reconfigure) and upgrade
resulting in WSREP issues, failed deploys or need to
recover the cluster.
This patch makes sure k-a does not abruptly terminate
nodes to break cluster.
This is achieved by cleaner separation between stages
(bootstrap, restart current, deploy new) and 3 phases
for restarts (to keep the quorum).
Upgrade actions, which operate on a healthy cluster,
went to its section.
Service restart was refactored.
We no longer rely on the master/slave distinction as
all nodes are masters in Galera.
Closes-bug: #1857908
Closes-bug: #1859145
Change-Id: I83600c69141714fc412df0976f49019a857655f5
To use an iSCSI Cinder backend as its store, glance_api must run
privileged and have /dev and /etc/iscsi properly mounted
Co-authored-by: Radosław Piliszek <radoslaw.piliszek@gmail.com>
Change-Id: I988d3c9d0564483440ae17203ad88a8049abbea4
Closes-Bug: #1855695
Since [1] nova-compute uses rbd python library instead of libvirt to cleanup
volumes and get pool info - so it requires cinder keyring on filesystem.
In external ceph case it is often that nova key does not exist (is simply a copied
cinder key) and the rbd user is set to cinder - therefore the earlier mentioned
operations will fail due to a missing keyring on the filesystem.
[1]: https://review.opendev.org/#/c/668564/
Change-Id: Idef21dc5f7e9ff512bc8920630a3de61a1e69eee
Backport: train
Closes-Bug: #1859408
Include a reference to the globally configured Certificate Authority to
all services. Services use the CA to verify HTTPs connections.
Change-Id: I38da931cdd7ff46cce1994763b5c713652b096cc
Partially-Implements: blueprint support-trusted-ca-certificate-file
Per [1] Docker uses API version 1.26 since daemon version 1.13.1.
Kolla Ansible forced a limit on the Docker API version reported
to Zun of 1.24 which was surprising users and preventing
usage of Docker runtime selection via Zun.
The default of Zun is 1.26 [2] which enables runtime selection.
Zun does not use this parameter for anything else atm.
[1] https://docs.docker.com/engine/api/v1.26/#section/Versioning
[2] https://review.opendev.org/490794
Change-Id: Ide6eb4c2b079cf35e633ad6a04db1587e40e7633
Closes-bug: #1859176
Since Debian and Ubuntu are already on Python3 only and don't have unversioned
Python binaries (no /usr/bin/python) - we need to call the fetch-fernet-tokens
script using distro_python_version
Backport: train
Related-Bug: #1859047
Change-Id: I42378af9b25f14079fc57b4068ab25d5d4877362
This patch mounts the kolla_logs volume into the Elasticsearch
container so that logs are no longer written to the container
filesystem. It is up to the user to migrate any existing logs
into the kolla_logs volume, if they so desire.
Closes-Bug: #1859162
Change-Id: Ia1743e202e310fc88a61476c80eadf3855256c20
For the CentOS 7 to 8 transition, we will have a period where both
CentOS 7 and 8 images are available. We differentiate these images via a
tag - the CentOS 8 images will have a tag of train-centos8 (or
master-centos8 temporarily).
To achieve this, and maintain backwards compatibility for the
openstack_release variable, we introduce a new 'openstack_tag' variable.
This variable is based on openstack_release, but has a suffix of
'openstack_tag_suffix', which is empty except on CentOS 8 where it has a
value of '-centos8'.
Change-Id: I12ce4661afb3c255136cdc1aabe7cbd25560d625
Partially-Implements: blueprint centos-rhel-8
Maximum supported version is set to 2.9
Updated the minimum supported version to 2.8
Implements: blueprint ansible-max-version
Change-Id: I97cc95e37f49886e6d74f2d5a789b923b14b5a2d
In CentOS/RHEL 8 there is no scsi-target-utils package, nor is it
available in EPEL. It is removed from kolla in [1]. In RHEL 7 and beyond
the LIO kernel subsystem can be used instead of the tgtd daemon.
This change removes support for the SCSI target daemon on CentOS/RHEL 8.
The 'tgtd' image is no longer available for CentOS/RHEL 8.
[1] https://review.openstack.org/#/c/613815/5
Change-Id: I718fc16cde2dd177b2a1c2f79b932426034897fe
Related: blueprint centos-rhel-8
