wait_for module waits 300 seconds for the port started or stopped. This
is meaningless and useless in precheck. This patch change timeout to 1
seconds.
Change-Id: I9b251ec4ba17ce446655917e8ef5e152ef947298
Closes-Bug: #1688152
Add a new subcommand 'check' to kolla-ansible, used to run the
smoke/sanity checks.
Add stub files to all services that don't currently have checks.
Change-Id: I9f661c5fc51fd5b9b266f23f6c524884613dee48
Partially-implements: blueprint sanity-check-container
The default roles used by Barbican are missing.
According to the policy.json the Key Manager
comes with, four roles have to be defined.
Change-Id: I8882c2cf328b62e68797e383b26908540d669629
Closes-Bug: #1657742
Usernames can be configured with variables in
configuration files, but user creation is hardcoded.
Change-Id: I057cfb921d776217db66f59226dcfa79f3eb7368
Closes-Bug: #1661587
The barbican service should use the external fqdn as value for the
host_href parameter. Typically this is the endpoint that clients
would use to connect to barbican from outside.
Change-Id: I075acb6335354a61f935d57a7b84f0f92978c9bd
Closes-Bug: #1660282
Currently, policy.json is put in
"{{ node_config_directory }}/{{ service_name }}"
in target nodes.
Relocation policy.json to "{{ node_config_directory }}/{{ item }}"
with item is corresponding service compoment config directory.
Currently, the policy.json is copied to all services, but it
should be reviewed and left only in neccesary service
(at many cases, only API service needs that).
Redundant files will be removed in follow up patchset.
Change-Id: I0e997dccf4ec438c9c0436db71ec2fd06650f50d
Closes-Bug: #1639686
PyMySQL is prefered to PythonMySQL for Sqlalchemy, as it provides
python3 support and is actively maintained, and is therefore the
currently recommended lib for db connections.
* https://wiki.openstack.org/wiki/PyMySQL_evaluation
Kolla currently uses PyMySQL for all connections bar Barbican
(which works fine with PyMySQL): once this commit is merged it will
be possible to remove the PythonMySQL libs, and mysql libs for kolla
images (except kolla-toolbox).
TrivialFix
Change-Id: Id256387134ca551a181c5e49c9b6d63f62b72523
This fixes a race condition when starting barbican processes,
as by default they attempt to manage the db schema on startup.
TrivialFix
Change-Id: Ic168211880709a3279511ce519756e4cbdd57fe8
Allow operators to use their custom policy files.
Avoid maintain policy files in kolla repos, only copying
the files when an operator add their custom config.
Implements: blueprint custom-policies
Change-Id: Icf3c961b87cbc7a1f1dd2ffbfffcf271d151d862
Add /etc/localtime:/etc/localtime:ro to volume for aodh, barbican, etcd,
gnocchi, kuryr and sahara.
All the containers are added in Netwon cycle, so no need to backport
Closes-Bug: #1633049
Change-Id: I9cdba54cf730af44fb1a9ff6f2c936d23dadbe9a
By default Barbican has not enabled the Keystone authentication:
[pipeline:barbican_api]
pipeline = cors unauthenticated-context apiapp
According to the Barbican install guide[1] this pipeline should be:
pipeline = cors authtoken context apiapp
[1]: http://docs.openstack.org/developer/barbican/setup/keystone.html
Change-Id: I941515a98772a72762b20507e100e7872f3b4ab8
Closes-bug: #1625337
do_reconfigure.yml is introduced to use serial directive. But we use
it in wrong. Now serial has moved to playbook file. So it is time to
remove the do_reconfigure.yml file
Closes-Bug: #1628152
Change-Id: I8d42d27e6bc302a0e575b0353956eaef9b2ca9fd
* add serial for reconfigure
* set playbook serial by using variable
* fix serial for barbican, influxdb and vmtp
Closes-Bug: #1624607
Change-Id: I66530c7736e1673a592eddbde75637825d12d9e2