This patch adds loadbalancer-config role
which is "wrapper" around haproxy-config
and proxysql-config role which will be added
in follow-up patches.
Change-Id: I64d41507317081e1860a94b9481a85c8d400797d
With the handler in the haproxy-config role, it gets triggered once for
every service that changes the firewall config. This happens because the
role is included dynamically. If we move the handler to the haproxy
role, which is only included once, the handler will trigger at most
once.
This is a follow up for Iea3680142711873984efff2b701347b6a56dd355.
Change-Id: Iad9ed241026435085bc9a0f5802818010b47830f
This variable shadows the name of the actual project that calls this
role, so we end up with the following nonsense:
TASK [haproxy-config : Copying over haproxy-config haproxy config]
Change-Id: Id60046e0ddc7ec843f2e4ce7ddee7683470a88b2
Kolla environment currently uses haproxy
to fullfill HA in mariadb. This patch
is switching haproxy to proxysql if enabled.
This patch is also replacing mariadb's user
'haproxy' with user 'monitor'. This replacement
has two reasons:
- Use better name to "monitor" galera claster
as there are two services using this user
(HAProxy, ProxySQL)
- Set password for monitor user as it's
always better to use password then not use.
Previous haproxy user didn't use password
as it was historically not possible with
haproxy and mariadb-clustercheck wasn't
implemented.
Depends-On: https://review.opendev.org/c/openstack/kolla/+/769385
Depends-On: https://review.opendev.org/c/openstack/kolla/+/765781
Depends-On: https://review.opendev.org/c/openstack/kolla/+/850656
Change-Id: I0edae33d982c2e3f3b5f34b3d5ad07a431162844
This change introduces automated configuration of firewalld and adds
a new filter for extracting services from the project_services dict.
the filter selects any enabled services and their haproxy element
and returns them so they can be iterated over.
This commit also enables automated configuration of firewalld from enabled
openstack services and adds them to the defined zone and reloads the
system firewall.
Change-Id: Iea3680142711873984efff2b701347b6a56dd355
This reverts commit 73fc230fe3f1d159b5bb9d62a6e15f93cecb6e7c.
Reason for revert: CI jobs failing with "msg": "{{ s3_url }}: 's3_url' is undefined"
Change-Id: Iba7099988cea0c0d8254b9e202309cd9c82a984d
Added options to configure S3 cinder backup driver, so cinder backup
can use S3 storage, for safekeeping backups.
Change-Id: Id6ff6206714581555baacecebfb6d8dd53bed8ac
To use notifications with ironic, the notification_level
option in the [DEFAULT] section of the configuration file
must be set, we use ``info`` as a reasonable level.
Closes-Bug: #1969826
Change-Id: I38bb1e5404e917c788689a3181741022f875da06
The neutron-bgp-dragent container is also needed when using OVN as
backend plugin.
Signed-off-by: Dr. Jens Harbott <harbott@osism.tech>
Change-Id: Idec79a53fad048f45139af3b8c72e85385ac80b6
With the ironic_http_interface/ironic_http_interface_address
parameters it is possible to set the addresses for the
ironic_http service.
Change-Id: I72c257ebedf283cdef1b98485a576631e2190657
Starting from v1.5.0 of the exporter, OS_COMPUTE_API_VERSION can be set
to configure the Nova API version to be used [1]. Microversion 2.1 can
be used to keep metrics unmodified from the previous exporter version
deployed by Kolla (v1.3.0).
Support it with prometheus_openstack_exporter_compute_api_version,
defaulting to using the latest version.
[1] https://github.com/openstack-exporter/openstack-exporter/pull/201
Change-Id: I7605a3f9f74effb29ecec3b28e4709fd5f7f8cd4
As kolla-toolbox is mounting /run:/run
there is no need to mount also /run/openvswitch.
This is causing /run/openvswitch is mounted
again and again up to 32767 times after kolla-toolbox
restart.
Closes-Bug: #1979295
Change-Id: I49b3bde8b2bd61b6c931a81542a0d89f8a303ffc
Fixes an issue where access rules failed to validate:
Cannot validate request with restricted access rules. Set
service_type in [keystone_authtoken] to allow access rule validation
I've used the values from the endpoint. This was mostly a straight
forward copy and paste, except:
- versioned endpoints e.g cinderv3 where I stripped the version
- monasca has multiple endpoints associated with a single service. For
this, I concatenated logging and monitoring to be logging-monitoring.
Closes-Bug: #1965111
Change-Id: Ic4b3ab60abad8c3dd96cd4923a67f2a8f9d195d7
This patch is removing nova configuration
options, this was probably caused by migration
from nova-placement to placement.
Change-Id: Ib54b26428b79d5c4f554928b8634a0bb4e884a90
