- remove uesless module_extra_vars, this is a historical issue. In the
past, we use 'docker exec kolla_toolbox ansible xxx' to run module on
target node, so complex data have to pass through extra_vars. Now we
are using kolla_toolbox module, no need to use extra_vars anymore.
- Remove some useless until.
Change-Id: I72ed28001202917f9a82a1c3ea33cd6319911ec8
This feature replaces splitting of compute hosts into inner
and external with a new variable 'neutron_compute_dvr_mode'
that controls whether computes will have full-blown DVR or
internal only (tenant) networking.
Change-Id: I6720ccfcfcec89f9996d4cb5ae60f31eb3113667
Implements: blueprint dvr-mode-property
This patchset implements yamllint test to all *.yml
files.
Also fixes syntax errors to make jobs to pass.
Change-Id: I3186adf9835b4d0cada272d156b17d1bc9c2b799
When bootstrap compute hosts for XenAPI, it will generate a facts
file for each compute node. It contains some XenAPI specific variables
for both the compute host and the XenServer where the compute host
run on. This commit is to fetch the facts file into deployment host
and put it under a centralized directory - each compute host will
have a separate sub-dir which is named with its *inventory_hostname*.
In this way, the following tasks can use proper variable from the
proper facts file which exactly belongs to the host they running on.
Change-Id: I68d1a2d098d38c8e6bf4db76cdaf1f0465831822
blueprint: xenserver-support
This change allows the following use cases:
1. Using an already-configured MariaDB / MySQL server / Cluster
2. Using already-created DB users, without requiring root DB access.
Update: added external mariadb precheck
Change-Id: I78b0d178306d7c5293b0bf53e445f19f18b4b824
Implements: blueprint external-mariadb-support.
Closes-Bug: #1603121
When using XenAPI as the compute virt driver, we need an OVS agent
to manage the OVS running in XenServer dom0. This OVS agent uses
the HIMN(Host Internal Management Network) to communicate with
dom0's OVS. This commit includes the following changes:
* Add a new ovs agent service - neutron-openvswitch-agent-xenapi
This new agent service will run in the compute hosts and controls
the OVS running in XenServer dom0; the existing agent service -
neutron-openvswitch-agent will run in the network hosts and controls
the OVS running in network hosts.
* It retrieves XenAPI variables from the json file generated at XenAPI
bootstrap.
* Basing on the XenAPI variables, it will customize relative ml2_conf.ini's
configure options in a new template which will override the default options.
e.g.
* of_listen_address:
XenAPI use the local himn interface's IP as of_listen_address, so
that the ovs running dom0 can receive OpenFlow rules from the service
of neutron-openvswitch-agent-xenapi.
* ovsdb_connection:
XenAPI use XenServer dom0's HIMN IP as the OVS DB connection IP, so
that neutron-openvswitch-agent-xenapi can connect to dom0's OVS DB.
* host:
Use the dom0's hostname.
* At the moment, l2_population doesn't for for XenAPI. So disable it.
References:
* XenServer (and other XAPI based Xen variants):
https://docs.openstack.org/nova/pike/admin/configuration/hypervisor-xen-api.html
* XenCenter HIMN plugin (adding HIMN network which is used by XenAPI driver to
communicate with XenServer):
https://github.com/citrix-openstack/xencenter-himn-plugin
* Neutron OVS agent configuration options:
https://docs.openstack.org/neutron/latest/configuration/openvswitch-agent.html
Change-Id: Iaee0a6c84069b3e6015b00de7aea880cdd33ab09
blueprint: xenserver-support
Add become to only neccesary tasks in roles:
- glance
- heat
- horizon
- keystone
- neutron
- nova
- openvswitch
Gate is also updated to use 'become' feature
Change-Id: I2f3f27306e9f384148e1ad4d54d8da2ebef34d00
Partial-Implements: blueprint ansible-specific-task-become
When deploying with tls enabled in public
endpoints, ansible modules fails due SSL certificates
are self-signed.
This change adds a new variable to allow customization
on which endpoints ansible should connect.
Defaults to admin because admin auth parameters defaults
to admin endpoint.
Change-Id: Ic3ed58cf9c9579cae08a11bbfe6fce983b5a9cbc
Closes-Bug: #1720995
Actually Openstack services configuration can be overriden using many
files:
- /etc/kolla/config/<< service name >>/<< config file >>
- /etc/kolla/config/<< service name >>/<<host>>/<< config file >>
- /etc/kolla/config/global.conf
- /etc/kolla/config/database.conf
- /etc/kolla/config/messaging.conf
Only per-service configuration is actually documented here:
https://github.com/openstack/kolla-ansible/blob/master/doc/advanced-configuration.rst#L164
Allowing to globally modify service configuration can be perform too,
but it can be done in 3 different manners, all not documented:
- /etc/kolla/config/global.conf
- /etc/kolla/config/database.conf
- /etc/kolla/config/messaging.conf
database.conf and messaging.conf seems redundant with global.conf.
In order to simplify codebase it seems logical to remove them.
Documentation has been added for overriding configuration globally and
release note has been added too.
Closes-Bug: #1682479
Change-Id: I5d922dfc0d938173bad34ac64e490b78db1b7e31
Service_providers config group is already configured in the neutron_vpnaas.conf.
So, we only need to load the neutron_vpnaas.conf configuration file
when the neutron_vpnaas_agent container starts, without having
to duplicate the configuration.
Change-Id: I7b78831325db4bbb263b2cc174e848ea7037ad0a
Openstack is able to simply manage VLAN network on VMware
Distributed Switch.
DHCP agent can provide dhcp offer with vlan tag provided
by OVS.
Both neutron external nic and physical nic of vCenter/
vSphere should be on a vlan trunk port and can communicate
with each other.
Depends-On: I4655086a3f058ec769d3d37ec6a19565b5ea0841
Change-Id: I6d1629e93f0efeddd2a9000f66cc6f714bebb07c
Partially-implements: blueprint kolla-ansible-support-vsphere
Neutron-sfc-agent start its functions with openvswitch.
This change moves sfc configuration into neutron-openvswitch-agent.
Rework config files to use openvswitch when sfc or openvswitch
are used as network plugin.
Also adds sfc extension_driver to ml2
Change-Id: If1ebf9554f6d686cc6d064e698a48f8a6b6172b3
Closes-Bug: #1664493
Depends-On: I60ba1333231a4ae38a041d41e551f7d74fe15e3b
Remove all l3 related namespaces in case of multiple active routers in
l3 high available mode. The root cause is that keepalived does not
remove the vip address from nic during starting.
neutron-vpnaas-agent is subclass of l3 agent, so should remove all l3
related namespace before starting vpnaas agent.
Closes-Bug: #1703078
Depends-On: Ic9417d2eb03e0dd93f7c668b189b4ad9c72eae0f
Change-Id: I05c1faf2551bb5e70c299e884adf58cd2af52739
fwaas is in pending create state when I attach it to a router.
This patch fix this.
Change-Id: I18b56ed3698e22a02a8718b39360fde76c12428b
Closes-Bug: #1689703
In order to speed up deployment time some "local" actions should be run
only once using 'run_once: True'.
This will decrease deployment time in case of multihost configuration.
Change-Id: I6015d772d35c15e96c52f577013b6e41197cb41a
Some roles have a symlink to deploy.yml file
for reconfigure. This is causing some issues.
"included task files must contain a list of tasks"
Change-Id: Ie7ade52900a61bc1c5b867fa7a8f75fc541a6426
Closes-Bug: #1694251
This patch add configuration options for tenant network types and type
drivers. Both lists are checked so that tenant types are listed in
drivers. For ironic 'flat' driver is mandatory and is added explicitly
into ironic prechecks.
Change-Id: Ie5775001165412910a258cbed2d2ebbb8ebbd879
Closes-Bug: #1694725
Ansible task support vars directive, no need implement another one in
merge_config. This patch remove the vars directive in merge_config
action plugin.
Change-Id: I33648a2b6e39b4d49ce76eb66fbf2522721f8c68
wait_for module waits 300 seconds for the port started or stopped. This
is meaningless and useless in precheck. This patch change timeout to 1
seconds.
Change-Id: I9b251ec4ba17ce446655917e8ef5e152ef947298
Closes-Bug: #1688152
The following Neutron agents:
- neutron-metadata
- neutron-dhcp-agent
- neutron-l3-agent
- neutron-lbaasv2-agent
- neutron-vpn-agent
doesn't require ml2_conf.ini file.
ml2_conf.ini file is used to managed L2 network configuration.
This config doesn't have to be in DHCP, L3, metadata agents...
We should remove it to avoid restarting these agents in case of
ml2_conf.ini file modification.
Only neutron-server, neutron-openvswitch-agent,
neutron-linuxbridge-agent must be restarted.
Closes-Bug: #1677163
Change-Id: I0876b8a3845d1c2bccd996426a65df1a3a6f7085
In task "Running Neutron vpnaas bootstrap container",
parameter "volumes" of kolla_docker should be
"{{ neutron_vpnaas_agent.volumes }}"
NOT
"{{ neutron_vpnaas_agent.image }}"
Change-Id: Id7c95d4d6f53dfab384e387951eecf4d87459de
Closes-Bug: #1683669
Some roles made a bad usage of the 'node_config_directory' variable.
As described here:
https://github.com/openstack/kolla-ansible/blob/master/ansible/group_vars/all.yml#L16
'node_config_directory' is the directory to store the config files on
the destination node.
This variable MUST be changed to 'node_custom_config'.
Futhermore this will unified all roles.
Closes-Bug: #1682445
Change-Id: Id8d8a1268c79befac8938c1e0396267314b40301
Last Openstack version supported on Ubuntu 14.04 is Mitaka.
Hence Ubuntu 14.04 related code can be safely remove from Ansible tasks
since Kolla Newton release.
Change-Id: I7202c1f6d21a2e6f3536c0420a7cc889aff0f5ed
Add a new subcommand 'check' to kolla-ansible, used to run the
smoke/sanity checks.
Add stub files to all services that don't currently have checks.
Change-Id: I9f661c5fc51fd5b9b266f23f6c524884613dee48
Partially-implements: blueprint sanity-check-container
* Move the tasks to the role
* Skip the task when container is already running
Change-Id: I1990d4dd2a02efa2b3766329000aa23419e0ff17
Closes-Bug: #1670286
Usernames can be configured with variables in
configuration files, but user creation is hardcoded.
Change-Id: I057cfb921d776217db66f59226dcfa79f3eb7368
Closes-Bug: #1661587
Leaved vagrant and documentation harcoded
/etc/kolla paths due the nature of the files.
Change-Id: Id316980d3d4e8f3de98672d7ed258e0652ed7213
Closes-Bug: #1659771
