The extend_start.sh script for rsyslog is removed as it is no longer
needed. Docker no longer binds to /dev/log or /run/kolla/log
Closes-Bug: #1544545
Change-Id: Ic0a323a26ee4e9e15baf4598285844a8a4955f23
To allow for TLS to protect the service endpoints, the protocol
in the URLs for the endpoints will be either http or https.
This patch removes the hardcoded values of http and replaces them
with variables that can be adjusted accordingly in future patches.
Change-Id: Ibca6f8aac09c65115d1ac9957410e7f81ac7671e
Partially-implements: blueprint ssl-kolla
Part of ELK stack. Includes Dockerfiles for both Centos and Ubuntu.
Change-Id: I9f76adf084cd4f68e29326112b76ffd02b5adada
Partially-implements: blueprint central-logging-service
- sets privileged: true on cinder backup container
- adds /dev/mapper to cinder-backup mounts
- this change allows the cinder backup manager to access the
cinder-volumes lvm volume group via the kernel device mapper.
Change-Id: I252ee9cadb5f06c383ac9f48d0b1b16d83037a41
Closes-Bug: #1542574
*** Requires Docker 1.10 which is released ***
Documentation will be in the next patch. You must set the following
in your docker.service daemon control file for propogation to work:
[Service]
MountFlags=shared
======================================================================
Thanks to mount propagation in Docker 1.10 we can use thin containers
finally! This is extremely useful to operators since now they can
access the network namespaces from the hosts (outside the neutron
container). But additionally it allows us to implement the VPN agent
and other services easier.
Neutron containers and the neutron role are brought into the standards
of the new Kolla. Completely with drop-root and ansible formating
updates.
The ip_wrapper.py script was (thankfully) not needed so it has been
removed from the repo.
Partially-Implements: blueprint upgrade-neutron
Change-Id: Iaf5555283240457e1912459f397a6393d886fba1
Docker 1.10 has broken the gate and this patch will correct that
breakage.
The issue comes with rsyslog. Due to a commit in Docker 1.10 [1] we
must change the way we get the log socket for rsyslog. The /dev/
folder will no longer populate as we used it. So instead we simply
make a new socket in a path we control and share that to the correct
location in the containers.
Additionally, adjust the gate for new Docker daemon.
[1] https://github.com/docker/docker/pull/16639
Partially-Implements: blueprint kolla-upgrade
Change-Id: I881a2ecdf6d7b35991e1d38a3f3e60d022d6577f
Libvirt stores some information in /run at runtime that is needed to
automatically reestablish a connection with the VM when a new
container is created. Without this information a long (and manual)
process is needed to redefine the running vms and reattach to the
running qemu process.
This mountpoint was removed as "unneeded" in the past, but it does
exist in Liberty branch enabling a no-vm-downtime upgrade.
TrivialFix
Change-Id: I2eb31c602d8d17cbd6a8e405daf4123070794843
This change is needed for clarity. We have a kolla-ansible script.
We have a kolla-mesos repo. We plan to have a kolla-ansible repo.
Already we have had far too much confusion about whether we are
talking about the container or the project. Naming this kolla-toolbox
eliminates all of that confusion and its probably a bit more accurate
of a name too.
Closes-Bug: #1541053
Change-Id: I8fd1f49d5a22b36ede5b10f46b9fe02ddda9007e
Current Swift playbook is based on the preassumption of AIO setup.
However, if one goes with default multinode setup
(ansible/inventory/multinode), it follows the P + ACO deployment model,
which proxy-server runs on controller nodes where ACO
(account/container/object services) run on storage nodes.
It will break because swift proxy-server no longer has access (it
shouldn't have) to /srv/node path. This change ensure disk mounting part
only happens on storage node. It also moves chown from proxy-server
Dockerfile to rsyncd because no matter with PACO, P+ACO or P+A+C+O
model, rsyncd is always running on each storage node.
Change-Id: I3aa20454902caa9c84d3901bb91e4e4c93ac5f34
Partially-Implements: blueprint swift-physical-disk
Closes-Bug: #1537544
Add back missing swift proxy server image which was removed in Swift
shared image change.
TrivialFix
Change-Id: Icf13d4a1550192f73e266a6c6aa74f604ee4e77a
This change let Swift detect and use physical disk for storage. The
old named volume for storage isn't really useful for any serious setup.
Also updated swift-guide.rst accordingly.
Change-Id: I4f577b7b69d8bcd8b3961500946241c65a16db22
Partially-Implements: blueprint swift-physical-disk
Add bootstrap label to all bootstrap containers to ensure that when
the a new container is launched a difference is seen between it and
the bootstrap container since we cannot rely on ENV variables for
this. This only affects mariadb at this stage, but it is needed to
ensure rabbitmq works when we switch to named volumes.
Change-Id: Ia022af26212d2e5445c06149848831037a508407
Closes-Bug: #1538136
With the switch to named volumes we run into a few situations where
we cannot bootstrap volumes like we used to. This labels param will
fix that as the next patchset shows.
Change-Id: Ia93166dd204c5c0d1a0eb9ffeb6d0aba486e269a
Partially-Implements: blueprint docker-named-volumes
There is no reason to have a hostname-unique pidfile in the container
as we currently have. This posed problems with kolla-mesos reusing
the same script. Since there is no reason for this pidfile to be
configurable in path _at_ _all_, we hardcode the path.
Additionally, we adjust the file perm change to only update the perms
on the folder if it is not already properly set.
This also incorperates a kolla-ansible file in the bootstrap process
which follows our other container techniques of using the idempotent
creation of a volume in the bootstrap process (see nova)
TrivialFix
Related-Bug: #1538136
Change-Id: I2380529fc7146a9603145cdc31e649cb8841f7dd
Since the fetch script fetched _all_ keyrings from the ceph-mon
container, the ceph-mon container must contain all keyrings. This
setup works AIO but was broken on multinode because the ceph-mon
container did not have the radosgw keyring. This issue affects every
multinode install regardless of using the radosgw or not.
TrivialFix
Change-Id: Ie416de1a5275862da6d77ef0dd174e85e499fc0f