Introduce user modifiable variables instead of fixed-names
of Ceph keyring files for external Ceph functionality.
Change-Id: I1a33b3f9d6eca5babf53b91187461e43aef865ce
Currently, we have a lot of logic for checking if a handler should run,
depending on whether config files have changed and whether the
container configuration has changed. As rm_work pointed out during
the recent haproxy refactor, these conditionals are typically
unnecessary - we can rely on Ansible's handler notification system
to only trigger handlers when they need to run. This removes a lot
of error prone code.
This patch removes conditional handler logic for all services. It is
important to ensure that we no longer trigger handlers when unnecessary,
because without these checks in place it will trigger a restart of the
containers.
Implements: blueprint simplify-handlers
Change-Id: I4f1aa03e9a9faaf8aecd556dfeafdb834042e4cd
Several config file permissions are incorrect on the host. In general,
files should be 0660, and directories and executables 0770.
Change-Id: Id276ac1864f280554e98b937f2845bb424d521de
Closes-Bug: #1821579
If upgrading the nova, cinder or manila services via 'kolla-ansible
upgrade', the Ceph config files are not generated. Users will expect
that these files are generated, to pull in any changes from their
configuration or the base kolla configuration.
This change moves Ceph tasks inside config.yml to ensure that they are
performed during deploy, reconfigure and upgrade. This has been done for
nova, cinder, gnocchi and manila - glance already does this.
Change-Id: Ic75692c2bcba9b81dee922ff6fbbccd160e7fa19
Closes-Bug: #1794275
Various ceph-related tasks were missing a 'become' that would allow them
to work as a non-root user. This seems to only cause a problem after an
initial deployment, perhaps due to the recursive ownership & permissions
changes at the end of the ceph.yml and external_ceph.yml files.
This change adds the necessary becomes.
Change-Id: I887c7b3bdef49db1dd1bf9e5bdbf5dc47b7f41af
Closes-Bug: #1795125
There is no need to load custom ceph.conf and keyring from different
folder for gnocchi components. Just load the files from
node_custom_config/gnocchi folder.
Depends-On: I379ff17856509c9321b86c13a72eacc18f5c1202
Change-Id: Id553dff274a29d82fb1b743437e3656d6f817e52
when non-root (become), the permission changed is necessary,
but some roles is missing, the patch to add it.
Change-Id: I987becde489f4b509b32edc1deceabfa2d2e1b74
In destination path gnocchi keyring file, keyring spelling is
written as keryring.
Change-Id: I8e0ad26dec9a61206692b0f3f2de7b318ded172d
Closes-Bug: #1642621
Gnocchi previously lacked high availability. We consider a lack of HA
in our a vast majority of operator oriented services to be a defective
design choice. this change integrates gnocchi with ceph to resolve the
the lack of HA.
Closes-Bug: #1626623
Change-Id: I71c5137842cb48bc4af0e50a2952df5631d0d6df
