This ensures we execute the keystone os_* modules in one place.
Also rework some of the task names and loop item display.
Change-Id: I6764a71e8147410e7b24b0b73d0f92264f45240c
The current tasks only use a hardcoded list deploying only the required files.
When using multiple custom policies, additionnal object-*.builder and
object*.gz files are to be deployed as well.
This adds a new default-empty variable that can be overridden when needed
Change-Id: I29c8e349c7cc83e3a2e01ff702d235a0cd97340e
Closes-Bug: #1844752
During upgrade, we stop all slave keepalived containers. However, if the
keepalived container configuration has not changed, we never restart
them.
This change fixes the issue by notifying the restart handler when the
containers are stopped.
Change-Id: Ibe094b0c14a70a0eb811182d96f045027aa02c2a
Closes-Bug: #1836368
This allows the install type for the project to be different than
kolla_install_type
This can be used to avoid hitting bug 1786238, since kuryr only supports
the source type.
Change-Id: I2b6fc85bac092b1614bccfd22bee48442c55dda4
Closes-Bug: #1786238
This change introduces the way to pass extra options to prometheus.
Currently, prometheus runs with nearly default options, and when clouds
start getting bigger, you need to pass extra parameters to prometheus.
Change-Id: Ic773c0b73062cf3b2285343bafb25d5923911834
Heat's [DEFAULT] deferred_auth_method is deprecated, and we are setting
the default value of 'trusts'.
Glance's [DEFAULT] registry_host is deprecated, and we do not deploy a
registry.
Change-Id: I80024907c575982699ce323cd9a93bab94c988d3
Sometimes things go wrong. We shouldn't fail a Kolla Ansible run because
of a temporary failure when creating keystone resources.
This task adds retries to the tasks in the service-ks-tasks role.
Default is 5 retries with a 10 second delay, as is used in OpenStack
Ansible.
Change-Id: Ib692062fb93ba330bb9c8a35c684ad06652be8a2
To securely support live migration between computenodes we should enable
tls, with cert auth, instead of TCP with no auth support.
Implements: blueprint libvirt-tls
Change-Id: I22ea6233933c840b853fdcc8e03400b2bf577271
This commit follows up the work in Kolla to provide deploy and configure the
Prometheus blackbox exporter.
An example blackbox-exporter module has been added (disabled by default)
called os_endpoint. This allows for the probing of endpoints over HTTP
and HTTPS. This can be used to monitor that OpenStack endpoints return a status
code of either 200 or 300, and the word 'versions' in the payload.
This change introduces a new variable `prometheus_blackbox_exporter_endpoints`.
Currently no defaults are specified because the configuration is heavily
dependent on the deployment.
Co-authored-by: Jack Heskett <Jack.Heskett@gresearch.co.uk>
Change-Id: I36ad4961078d90e2fd70c9a3368f5157d6fd89cd
Use upstream Ansible modules for registration of services, endpoints,
users, projects, roles, and role grants.
Change-Id: I7c9138d422cc91c177fd8992347176bb54156b5a
The kolla_toolbox Ansible module executes as-hoc ansible commands in the
kolla_toolbox container, and parses the output to make it look as if
ansible-playbook executed the command. Currently however, this module
sometimes fails to catch failures of the underlying command, and also
sometimes shows tasks as 'ok' when the underlying command was changed.
This has been tested both before and after the upgrade to ansible 2.8.
This change fixes this issue by configuring ansible to emit output in
JSON format, to make parsing simpler. We can now pick up errors and
changes, and signal them to the caller.
This change also adds an ansible playbook, tests/test-kolla-toolbox.yml,
that can be executed to test the module. It's not currently integrated
with any CI jobs.
Note that this change cannot be backported as the JSON output callback
plugin was added in Ansible 2.5.
Change-Id: I8236dd4165f760c819ca972b75cbebc62015fada
Closes-Bug: #1844114
Since we use the release name as the default tag to publish images
to Dockerhub, we should use this by default.
This change also removes support for the magic value "auto".
Change-Id: I5610cc7729e9311709147ba5532199a033dfd156
Closes-Bug: #1843518
The admin api was never actually enabled,
and the admin extensions were added to the wrong
extension namespace.
Change-Id: I084b5cf05a786bde76cbf82381ba5f69cd5bce19
The pool manager has long been deperecated and
kolla-ansible does not currently have an option
to enable it. So we can safely remove the settings
around it.
Change-Id: I8e97d72421caebba979df0135fb65879e6ae3903
Also fixes similar issues introduced by the same recent change.
Added FIXME note about possible TLS malfunction regarding horizon.
Change-Id: I5f46a9306139eb550d3849757c8bdf0767537c78
Closes-Bug: #1844016
Signed-off-by: Radosław Piliszek <radoslaw.piliszek@gmail.com>
Edited the
ansible/roles/prometheus/templates/prometheus-alertmanager.json.j2 file
to change the mesh.peer and mesh.listen-address to cluter.peer and
cluster.listen-address. This stopped alertmanager from crashing with
error "--mesh.peer is an invalid flag"
Change-Id: Ia0447674b9ec377a814f37b70b4863a2bd1348ce
Signed-off-by: Mark Flynn <markandrewflynn@gmail.com>
This commit adds the necessary configuration to the Swift account,
container and object configuration files to enable the Swift recon
cli.
In order to give the object server on each Swift host access to the
recon files, a Docker volume is mounted into each container which
generates them. The volume is then mounted read only into the object
server container. Note that multiple containers append to the same
file. This should not be a problem since Swift uses a lock when
appending.
Change-Id: I343d8f45a78ebc3c11ed0c68fe8bec24f9ea7929
Co-authored-by: Doug Szumski <doug@stackhpc.com>
When nova-api group have no hosts, we don't have to run create_cells
and discover_computes. Add conditional blocks to prevent to run them.
Change-Id: Ia1ba058c1b74b06b678f45544883e567e2b4eb55
Closes-Bug: #1843235
