Nova should use Neutron credentials to interact with Neutron.
Backport: liberty
Closes-Bug: #1512070
Change-Id: I78ec4c032d457b519ccfed9cab190afd65027048
Introduces a new flag to bootstrap cache devices
DocImpact
Partially-Implements: blueprint ceph-improvements
Change-Id: I09b5a0d5c61b3465237e5f01dc10120725561cd3
Unfortunately there was no was to avoid memcache for consoleauth, so
we might as well take advantage of it for Horizon as well.
Change-Id: Idd338a025b031f6b50fe0c9f03c2c8d862f9d4c0
Closes-Bug: #1504606
Closes-Bug: #1504800
sudo requires a tty to function by default on centos. Instead of
tweaking the sudo conf we can just add a tty. This has the added
advantage of making the containers more friendly if you have to
`docker exec -i <container> bash` into them.
Change-Id: If97a02ca1d37c243a787d98ade54bde8d641aecd
backport: liberty
Partially-Implements: blueprint functional-testing-gate
Ansible 1.9.2 contains the fix needed for docker-py >1.2.0
This is needed for some gate reasons, but it is also a good version
bump because it fixes a few issues with delegate_to.
Change-Id: Iafbabb3b0232620849d0548c5cd9d8d316c2b0f3
backport: liberty
Partially-Implements: blueprint functional-testing-gate
The bridge parameters should be net.bridge.* according to install
documentation at docs.openstack.org.
Change-Id: Ib29dd462e01f26e3fec48f0730ed322f2704cd8a
Closes-Bug: #1503416
This brings Kolla images inline with FHS and should make finding
locations of things more consistent and reliable with the linux world
at large.
Change-Id: Iece5b4da4bace0fb8b1f41a65ab2c852ec73e6f8
Closes-Bug: #1485742
A few sysctl values are required for networking to work. All of them
are documented at docs.openstack.org and while some of them are the
defaults on systems, they should be explicitly set since networking
will break without them set.
Change-Id: I4507eb2602e52eeab61bdceea4c94b1c35696a7d
Closes-Bug: #1482794
Recent regressions in the code base removed permission setting of
/dev/kvm to root:kvm 660 permissions which are default for CentOS's
version of libvirt.
Also Libvirt must be able to read its cnofiguration file, which was
previously 600 root:root. Now its 644 root:root so its always readable.
This is fine, since this file doesn't contain any secret information.
Change-Id: Id87cf5da8e37bc5bb613ce919d0293803d0fe5ed
Closes-Bug: #1500733
Configuration based off upstream documentation here:
http://docs.openstack.org/developer/ironic/deploy/install-guide.html
A few notes:
-ironic-api is not configured to use mod_wsgi
-several places it's noted that discoverd is going away and needs to be
replaced with ironic-inspector - (sqlite connection should be changed
too)
-currently enabling ironic reconfigures nova compute (driver and
scheduler) as well as changes neutron network settings
-a nice enhancement would be to configure the web console
Required post-deployment configuration:
Create the flat network to launch the instances:
neutron net-create --tenant-id $TENANT_ID sharednet1 --shared \
--provider:network_type flat --provider:physical_network physnet1
neutron subnet-create sharednet1 $NETWORK_CIDR --name $SUBNET_NAME \
--ip-version=4 --gateway=$GATEWAY_IP --allocation-pool \
start=$START_IP,end=$END_IP --enable-dhcp
And then the above ID is used to set cleaning_network_uuid in the neutron
section of ironic.conf.
Change-Id: I572e7ff1f23c4e57a2c50817cafe9269fd9950dd
Implements: blueprint ironic-container
The previous patch (I92f2eac895283791b2eea6a4351a43e90fdbb5a3) didn't
fix it because of the ceph patch that merged.
Change-Id: I82207f5cc684f7c180e301cac69fcc98fca63268
Partially-Implements: blueprint replace-config-external
This implements all the openstack pieces needed to make ceph work.
DocImpact
Change-Id: I1d24476a966602cf955e5ef872b0efb01319894a
Partially-Implements: blueprint ceph-container
Implements: blueprint kolla-live-migration
Libvirt shuts down existing virtual machines. To solve this problem,
the /var/lib/libvirt directory needs to be persisted. By persisting
this directory in the nova data container, libvirt can communicate
with the sockets setup by the previous data container.
Change-Id: I362c533f8493984123686fe6e3f8e43d97434ca6
Closes-Bug: #1494060
Make nova-libvirt and nova-compute use a data container called
nova_data. This data container contains /var/lib/nova/instances
data so upgrades to nova-compute work properly.
Change-Id: I89362eb0857f7b07503c35178475bc91d0d19ca8
Closes-Bug: #1486333
Currently bootstrap containers are waited to exit but are not
checked for exit status and ansible runs further tasks. If
bootstrapping fails we notice it at much later time.
Change-Id: I137fc11b0f9d1f03d2ded08a213e8dbd62741f92
Closes-Bug: #1492337
Nova-compute is curerntly generating a backtrace when trying to nova
boot a VM. The backtrace is described in the bug log. Bind-mounting
/sys/fs/cgroup:/sys/fs/cgroup in the libvirt container resolves the
problem.
Change-Id: I5a56b61fd260728fb76e19bcbdf403b80a4ec5a6
Closes-Bug: #1490326
nova.conf was not using the proper port value for glance and would
only work with the default port in that situation.
Additionally, the state_path defaults to the python directory rather
that the expected /var/lib/nova/ directory.
Paritially-Implements: blueprint update-configs
Change-Id: I9cc2117c1d786fc1b81c53848e543d27afaf8979
The register operation was registering user_database which is a global
variable in group_vars/all.yml. This results in glance not being deployable
because user_database is overwrriten at keystone task registration time.
The result of this is the playbooks fail to deploy.
Change-Id: Ic69725fb09aa0a368ec5b0d8f47bfc768c29c70c
Closes-Bug: #1486876
Cleanup all options in the minimal nova.conf. Remove options where
the default value was specified explicitly. Updated ports and bindings
to be configurable.
Partially-Implements: blueprint update-configs
Change-Id: I0bca7a8f9c4c6fa40145d66a95de7e98edc0edce
Currently we require a slew of deps on each destination node, this
includes a gcc compiler and installing things via pip. We can remove
these dependencies by containerizing them and running and Ansible
inside the container itself. The container would then report back
facts about idempotency.
DocImpact
Closes-Bug: #1481495
Implements: blueprint containerize-dependencies
Change-Id: I3dfccbf9fafc06ffc36e78f3006fe5d3367891df
Allows the user to configure neutron_plugin_agent value for Ansible.
Current allowed values are openvswitch and linuxbridge.
Implements: blueprint ansible-neutron-linuxbridge
Change-Id: I0572464a5459d2f9da09b6da22db16e240511f99
If user specifies registry a full image name is constructed by
concatenation of the registry, namespace and image. Currently
concatenation does not include '/' if registry is non-empty but
it should. If registry is empty '/' is not required.
This fix covers both use cases with help of Ansible filter.
Change-Id: I0588dd0da55d777e6caa7eb47d51b2435d38d5e0
Closes-Bug: #1479013
