The word "action" is now an Ansible reserved word, and things have
transitioned to "kolla_action", but looks like this was missed.
Change-Id: Ie07a2a7d8b153a6d39b91129256727157f8dfa34
In this patch, the glance-registry service was disabled:
https://review.openstack.org/#/c/566804/
However, the config task still tries to copy files for it, which will
break due to path errors.
Change-Id: If39bb12bf830e6559342037ae2a2b99a784ee503
The rsync prior to v3.1.0 the uid/gid parameter have no effect at
all if it runs as normal(non-root) user.
Since v3.1.0 these parameter are problematic for normal user
because now rsync, regardless of root or non-root, if the
parameters are given then it just tries to call setgroups() which
is not possible for normal user so errors may occur.
swift-object-replicator: @ERROR: setgroups failed\u0000
swift-object-replicator: rsync error: error starting
client-server protocol (code 5) at main.c(1648)
[sender=3.1.2]\u0000
Either way, these parameters are not needed for swift-rsync
container.
Change-Id: Ia7fe9f06d7a21a55f52b90c2cc1b2498300e6532
Signed-off-by: Minho Ban <mhban@samsung.com>
This service is only required if you want to support cold migration.
In some instances that is not a needed feature, and avoiding having
another key to manage is an advantage.
Co-Authored-By: Adam Harwell <flux.adam@gmail.com>
Change-Id: I0a55a91673d9178933f134832df4bd849ddf5af4
This commit will constrain the dimensions of service `Nova`
and sub-containers deployed along with it.
A user can give the dimension values in `/etc/kolla/globals.yml`
the data-types just like stated in this commit.
Reference-Docs:
https://docs.docker.com/config/containers/resource_constraints/
Added Test-cases for the same.
Partially-Implements: blueprint resource-constraints
Change-Id: I6458d8fb7b26a6e7c3a9fd0d674d9cf129b0bf5d
This is a Logstash component which reads processed logs from Kafka
and writes them to Elasticsearch (or some other backend supported by
Logstash).
Ingesting the logs from this service with Fluentd will be covered under
a different commit.
Change-Id: I2d722991ab2072c54c4715507b19a4c9279f921b
Partially-Implements: blueprint monasca-roles
To get forwarding to work in the kolla implementaion of designate,
I'm adding parameters to the named.conf.j2 template. I'm adding
the ability to change the default values for dnssec-validation and
recursion and creating a new paramater for forwarders.
Change-Id: Ideef39034d75a0d99e8a3dc2a5f1a7203ccf51d5
Closes-Bug: #1781196
This patch extends the prometheus role for being able
to deploy the prometheus-alertmanager[0] container.
The variable enable_prometheus_alertmanager
decides if the container should be deployed and enabled.
If enabled, the following configuration and actions are performed:
- The alerting section on the prometheus-server configuration
is added pointing the prometheus-alertmanager host group as targets.
- HAProxy is configured to load-balance over the prometheus-alertmanager
host group. (external/internal).
Please note that a default (dummy) configuration is provided, that
allows the service to start, the operator should extend it via a node custom config
[0] https://github.com/openstack/kolla/tree/master/docker/prometheus/prometheus-alertmanager
Change-Id: I3a13342c67744a278cc8d52900a913c3ccc452ae
Closes-Bug: 1774725
Signed-off-by: Jorge Niedbalski <jorge.niedbalski@linaro.org>
There are cases when we can lost original timestamp field given from
logs, like when we send our logs to the next fluentd forwarder in chain
of forwarders, it will rewrite our timestamp by default. Save
`Timestamp` field explicitly to avoid such situation and be able to
reconstruct messages date and time.
Closes-Bug: #1781046
Change-Id: I2b4486aedacbe16dc4c0fb2e4e4984bd80e59f2d
Ironic creates hardlinks between the TFTP master image store and the
HTTP root path when iPXE is enabled. With Docker volumes used for these
locations we run into https://bugs.launchpad.net/ironic/+bug/1507894
during deployment. If we use a directory under /httpboot to store the
master images this issue is avoided.
This change uses the new bifrost config variable,
ironic_tftp_master_path added in [1] to configure the path, rather than
the existing hacked approach of modifying the ironic.conf config file
after the bifrost_deploy container has started.
[1] https://review.openstack.org/#/c/577071
Change-Id: I5c62999c4956bebd0d3920d756ce67ba194b0ebe
Use Zuul's filtering mechanisms to only run the bifrost CI job in the
check pipeline when changes are made to the bifrost role. This should
reduce load on the CI system.
Also adds a periodic pipeline containing the bifrost job.
Change-Id: Ie7293d40616c91d2376f4cc85a8e87a130607d99
In some cases we may want a configuration in which the kolla user's
primary group name is not the same as their username. Doing this
currently breaks the sudoers configuration, since user entries should
reference a user, or a group prefixed with a '%'.
There does not seem to be a good reason to give root privileges to the
entire group (which sometimes may be a shared group), so let's revert to
giving only the user root privileges.
See kayobe CI test [1] in which a different user and group were
configured, leading to permission denied when using kolla ansible.
[1] http://logs.openstack.org/53/581053/2/check/kayobe-overcloud-centos/a70168e
TrivialFix
Change-Id: I677778ebd0de58df0adfa2a8705f161ec5552283
In some environments it may not be desirable to modify the sudoers
configuration. This change makes this part of bootstrap-servers
optional, based on the create_kolla_user_sudoers variable.
Change-Id: I653403bfc5431741807edef57df58e05e679900b
This makes the bootstrap-servers command more idempotent, since without
the append argument set the kolla user will be removed from the docker
group before being added to it again in a later task.
TrivialFix
Change-Id: Iab0f6b5e18a103e9140631ee3ebbbb48c490bc24
In I86bf5e1df3d6568c4f1ca6f4757f08a3dd22754d, creation of the kolla user
was moved to after package installation to ensure the sudo package is
installed when required. This change does not work when python
dependencies are installed in a virtual environment however - when the
virtualenv variable is set.
This change moves the ownership change of the virtualenv to after the
kolla user has been created. It also uses the kolla_user and kolla_group
variables to set the user and group appropriately.
Change-Id: I320e5d611099ad162945a98d5505a79606da0eba
TrivialFix
The Monasca Log Transformer takes raw, unstandardised logs from one
Kafka topic, standardises them with whatever rules the operator wants
to use, and then writes them to a standardised logs topic in Kafka. It
is currently implemented as a Logstash config file.
Since Kolla does a fairly good job of standardising logs, this service
does very little processing. However, when other sources of logs
are used, it may be useful to add rules to the Transformer, particularly
if it's not possible to standardise the logs at source.
Ingesting the logs from this service with Fluentd will be covered under
a different commit.
Change-Id: I31cbb7e9a40a848391f517a56a67e3fd5bc12529
Partially-Implements: blueprint monasca-roles
