This is single task to upgrade both haproxy and keepalived. It stops
slave nodes of keepalived and upgrades them separately to avoid
VIP migration and allow nearly no-downtime upgrade
Change-Id: I06124635a3f3553a4e8e91013cefbf897dd7179f
Implements: blueprint upgrade-haproxy
Implements: blueprint upgrade-keepalived
Partially-implements: blueprint upgrade-kolla
The permissions fix was not applied due to a recent patch.
Related-Id: I37d737509bc7cf3dc74bb13ecb0a6ae68080556e
TrivialFix
Change-Id: Ica737a8e51cdb66b06a09b5484a4915d6e26ee06
- Provided info on installing ansible via yum from EPEL and pointed
readers to the EPEL docs to learn how to install/enable the repo
Change-Id: I4bf87fbf90779be85293eb65fe7cd2ffe548d6ae
In Deploying Kolla section of the quickstart.rst IP addr needed to
be changed IP address.
Change-Id: I4f3895d6f05340a0608b2b66170a769bd1454fb7
Signed-off-by: Asha Saravanamohan <assarava@cisco.com>
Since docker 1.10.1 is required, and docker 1.8.2 does not work with Kolla,
Remove the downgrade instructions
TrivialFix
Change-Id: I461572a40b6fc96f73593cf989967449e4bc8e0a
Signed-off-by: Jason Myers <jason@jasonamyers.com>
The operators aren't mindreaders. Lets throw them a bone about
how to properly evaluate Kolla. This can probably be expanded
on.
TrivialFix
Change-Id: I70d0f6a63417dc9f361d8c14bbb512e1dcc44ed0
All manila rootwrap calls are failing in
source build because lack of sudoer setting
Change-Id: I301fd7b6ff3721328828c2e0384f7e320146731b
Partially-Implements: blueprint enable-manila-containers
HAProxy: change to use option forwardfor to pass origin IP address
to backend via X-Forwarded-For header
Keystone: Apache does the audit logs for keystone. Change the
LogFormat to display the passed address instead of the connection
address which is that of the load balancer.
Nova, Cinder, Glance: these services can make use of the address
passed in X-Forwarded-For. With this setting the API logs for
these services include the client IP address.
Change-Id: Ia861ecc11a7c7d463d0366586926d1a842853f69
Closes-Bug: #1548935
To improve security, operators have asked for two VIPs for
their cloud.
VIP 1 is the internal VIP that can reach internal and admin endpoints.
In addition, the internal VIP can also reach other internal services,
such as the database and message services.
VIP 2 is the external VIP that can only reach public endpoints.
With one VIP only, all services are reached at the same address.
To add a second VIP, this patch adds two new configuration parameters.
kolla_external_vip_address: is an IPv4 address to use for created VIP
kolla_external_vip_interface: is the network interface to use for VIP
In this scenario, the first VIP (the internal VIP), is defined by
the original parameters (kolla_internal address and network_interface).
When using two VIPs, the existing kolla_external_address parameter
should be/point to/resolve to the kolla_external_vip_address.
Closes-bug: 1535333
Change-Id: I5bfcefaf7899298455cdade8209c34324aebfecb
This bootstrap was non-idempotent. This patch follows the style
first implemented with nova to make this idempotent.
TrivialFix
Change-Id: Id04e59c5274a7d8a5bffd3ce018f3bbb84839d75
