This is a docs amendment to let users know that calling
init-runonce is not a required deployment step and it may not work
for them if they modified the defaults.
Change-Id: Ia3922b53d91a1a820447fec6a8074b941edc2ee9
Nova provides a mechanism to set static vendordata via a file [1].
This patch provides support in Kolla Ansible for using this
feature.
Arguably this could be part of a generic mechansim for copying
arbitrary config, but:
- It's not clear if there is anything else that would take
advantage of this
- One size might not fit all
[1] https://docs.openstack.org/nova/latest/configuration/config.html#api.vendordata_jsonfile_path
Change-Id: Id420376d96d0c40415c369ae8dd36e845a781820
Implement simple global variables system in docs and add global variables
KOLLA_OPENSTACK_RELEASE, KOLLA_ANSIBLE_MAJOR_VERSION and
KOLLA_BRANCH_NAME.
Closes-Bug: #1844710
Change-Id: I2c131463eaf1c51eb8768f6d90e9697c77a7833b
Signed-off-by: Adrian Andreias <adrian@fleio.com>
This change updates documentation, examples and tests to support
Ironic inspection through DHCP-relay. The dnsmasq service should be
configured with more specific format set in the variable
``ironic_dnsmasq_dhcp_range``. See the dnsmasq manual page [1].
[1] https://thekelleys.org.uk/dnsmasq/docs/dnsmasq-man.html
Change-Id: I9488a72db588e31289907668f1997596a8ccdec6
Signed-off-by: Maksim Malchuk <maksim.malchuk@gmail.com>
* Register Swift-compatible endpoints in Keystone
* Load balance across RadosGW API servers using HAProxy
The support is exercised in the cephadm CI jobs, but since RGW is
not currently enabled via cephadm, it is not yet tested.
https://docs.ceph.com/en/latest/radosgw/keystone/
Implements: blueprint ceph-rgw
Change-Id: I891c3ed4ed93512607afe65a42dd99596fd4dbf9
A system-scoped token implies the user has authorization to act on the
deployment system. These tokens are useful for interacting with
resources that affect the deployment as a whole, or exposes resources
that may otherwise violate project or domain isolation.
Since Queens, the keystone-manage bootstrap command assigns the admin
role to the admin user with system scope, as well as in the admin
project. This patch transitions the Keystone admin user from
authenticating using project scoped tokens to system scoped tokens.
This is a necessary step towards being able to enable the updated oslo
policies in services that allow finer grained access to system-level
resources and APIs.
An etherpad with discussion about the transition to the new oslo
service policies is:
https://etherpad.opendev.org/p/enabling-system-scope-in-kolla-ansible
Change-Id: Ib631e2211682862296cce9ea179f2661c90fa585
Signed-off-by: Niklas Hagman <ubuntu@post.blinkiz.com>
This patch adding option to control weight of haproxy
backends per service via host variable.
Example:
[control]
server1 haproxy_nova_api_weight=10
server2 haproxy_nova_api_weight=2 haproxy_keystone_internal_weight=10
server3 haproxy_keystone_admin_weight=50
If weight is not defined, everything is working as before.
Change-Id: Ie8cc228198651c57f8ffe3eb060875e45d1f0700
This change bumps up max supported Ansible version
to 4.x (ansible-core 2.11.x) and minimum to 2.10.
Change-Id: I8b9212934dfab3831986e8db55671baee32f4bbd
Docs adapted to match.
Removed the unsupported-for-quay option to set up
a pull-through cache.
Closes-Bug: #1942134
Change-Id: If5a26b1ba4bf35bc29306c24f608396dbf5e3371
In some situations it may be helpful to populate the fact cache on
demand. The 'kolla-ansible gather-facts' command may be used to do this.
One specific case where this may be helpful is when running kolla-ansible
with a --limit argument, since in that case hosts that match the limit
will gather facts for hosts that fall outside the limit. In the extreme
case of a limit that matches only one host, it will serially gather
facts for all other hosts. To avoid this issue, run 'kolla-ansible
gather-facts' without a limit to populate the fact cache in parallel
before running the required command with a limit.
Change-Id: I79db9bca23aa1bd45bafa7e7500a90de5a684593
When running without that option, the list of servers might be empty,
resulting in leftover instances on the host that is about to be
migrated.
Change-Id: I85915f0f86655f3a1eb5f54911d24e4e0e75f340
To follow best security practices and help fellow operators.
More details inline and in the linked bug report.
Closes-Bug: #1940547
Change-Id: Ide9e9009a6e272f20a43319f27d257efdf315f68
Manila has changed from using subfolders to subvolumes.
We need a bit of a tidy up to prevent deploy errors.
This change also adds the ability to specify the ceph FS
Manila uses instead of relying on the default "first found".
Closes-Bug: #1938285
Closes-Bug: #1935784
Change-Id: I1d0d34919fbbe74a4022cd496bf84b8b764b5e0f
