when non-root (become), the permission changed is necessary,
but some roles is missing, the patch to add it.
Change-Id: I987becde489f4b509b32edc1deceabfa2d2e1b74
- Keystone
- Glance
- Nova
- Cinder
This will copy only yaml or json policy file if they exist.
Change-Id: I4a9415d82322aed68c9b7650bdf346f58fa49e2a
Implements: blueprint support-custom-policy-yaml
Co-authored-By: Duong Ha-Quang <duonghq@vn.fujitsu.com>
This change allows the following use cases:
1. Using an already-configured MariaDB / MySQL server / Cluster
2. Using already-created DB users, without requiring root DB access.
Update: added external mariadb precheck
Change-Id: I78b0d178306d7c5293b0bf53e445f19f18b4b824
Implements: blueprint external-mariadb-support.
Closes-Bug: #1603121
through the database_address has beed defined in groups_vars/all.yml, we should
better use it, this way, if we want to use external database, we just need to
redefined in all.yml
refer to https://github.com/openstack/kolla-ansible/blob/master/ansible/group_vars/all.yml#L83
Co-Authored-By: chenqiaomin <chen.qiaomin@99cloud.net>
Change-Id: Ie559301451954e16347ceaabf02f594c5c5cbe56
Prevent cinder conf from copy nfs_shares to all nodes instead of
just cinder-volume.
Change-Id: I4f94b6c0ca8b628c1babee7fff0b66fb5a8df257
Closes-Bug: #1713010
This commit separates the messaging rpc and notify transports in order
to support separate and different oslo.messaging backends
This patch:
* add rpc and notify variables
* update service role conf templates
* add example to globals.yaml
* add release note
Implements: blueprint hybrid-messaging
Change-Id: I34691c2895c8563f1f322f0850ecff98d11b5185
When deploying with tls enabled in public
endpoints, ansible modules fails due SSL certificates
are self-signed.
This change adds a new variable to allow customization
on which endpoints ansible should connect.
Defaults to admin because admin auth parameters defaults
to admin endpoint.
Change-Id: Ic3ed58cf9c9579cae08a11bbfe6fce983b5a9cbc
Closes-Bug: #1720995
We need set glance_api_version = 2 in cinder
configure to support upload volume to image.
Change-Id: I6162b94833043edb06b434bc578f4caa47213b94
Closes-bug: #1720048
my_ip is used by iscsi_ip_address in cinder.conf. Configure it to
api_interface_address.
Change-Id: Ib9f9140668f807b26bdaec849fc0cef0a63a8ca0
Closes-Bug: #1719274
Actually Openstack services configuration can be overriden using many
files:
- /etc/kolla/config/<< service name >>/<< config file >>
- /etc/kolla/config/<< service name >>/<<host>>/<< config file >>
- /etc/kolla/config/global.conf
- /etc/kolla/config/database.conf
- /etc/kolla/config/messaging.conf
Only per-service configuration is actually documented here:
https://github.com/openstack/kolla-ansible/blob/master/doc/advanced-configuration.rst#L164
Allowing to globally modify service configuration can be perform too,
but it can be done in 3 different manners, all not documented:
- /etc/kolla/config/global.conf
- /etc/kolla/config/database.conf
- /etc/kolla/config/messaging.conf
database.conf and messaging.conf seems redundant with global.conf.
In order to simplify codebase it seems logical to remove them.
Documentation has been added for overriding configuration globally and
release note has been added too.
Closes-Bug: #1682479
Change-Id: I5d922dfc0d938173bad34ac64e490b78db1b7e31
modify /etc/kolla/config/cinder/ceph.conf,
run kolla-ansible reconfigure but
in the container /etc/ceph.conf has not changed
Change-Id: I3bd55f76295b9ad1b799db9e910dbd0cd03d417c
Apache access log formats are modified to be consistent with
the format defined in wsgi-keystone.conf, which includes
the response time (%D) and X-forwarder-For fields.
Change-Id: I02aa5eb106fb894196dfb6e22daf2968e27ed3cb
Closes-Bug: #1703571
Introduced new option enable_cinder_backup, that controls
whether to deploy cinder-backup service.
Change-Id: Ibb0ca0a478748d4caba4df434456ead0df95ffca
Signed-off-by: Pavel Glushchak <pglushchak@virtuozzo.com>
Trace method is enabled in default for httpd. There is security risk
with trace enabled. So disable it in default. more info please check[0].
[0] https://security.stackexchange.com/a/7711
Change-Id: I4496a6d058d88e1abfb210085f189e7a610e0362
Closes-Bug: #1705160
kolla-kubernetes is using its own configuration generation[0], so it is
time for kolla-ansible to remove the related code to simplify the
logical.
[0] https://github.com/openstack/kolla-kubernetes/tree/master/ansible
Change-Id: I7bb0b7fe3b8eea906613e936d5e9d19f4f2e80bb
Implements: blueprint clean-k8s-config
