The current redhat derived bases that Kolla ships use libreswan instead
of openswan (even running 'yum install openswan' on these bases results
in libreswan being installed).
This means we need to use this device_driver in vpnaas_agent.ini. Also
/lib/modules is required from the host for the ipsec driver.
Change-Id: I94480cda06718ab4aa10250520fa58956151e33a
Closes-Bug: #1644518
ceilometer is not sending logs to heka because no heka-ceilometer.toml is created.
Updated templates files.
Change-Id: I69f3d93377c6c51d22f37ed120800f7489f5a8a0
Closes-Bug: #1642665
* Build kolla image by using kolla project's code
* bump openstack_release to 4.0.0
* Remove tox deploy related env, it is useless now.
Depends-On: I132ee005bce993cbadf411697817c2e95548dc81
Change-Id: Id899eb39d476b95130fbeb43adf4fd49ef32be32
In destination path gnocchi keyring file, keyring spelling is
written as keryring.
Change-Id: I8e0ad26dec9a61206692b0f3f2de7b318ded172d
Closes-Bug: #1642621
Set a default for CONFIG_DIR in service_checks to more easily allow
consumers not using the kolla-ansible tool to run the prechecks.
Change-Id: I78bc5dd6f37e6a60ecc6a86d43e56b05803a4fd5
Closes-Bug: #1629893
If an operator wants to deploy a single node (e.g. add an additional
compute), they may want to use the --limit feature of Ansible to avoid
waiting for every play across every node.
The problem with this is that --limit will gather facts for that node
only, causing template errors such as the infamous ('dict object' has no
attribute u'ansible_eth0'").
Ansible has catered to this problem to an extent with it's
"delegate_facts" mechanism. The only problem is that in the default 'all
nodes' case, we end up with a storm of SSHs as each node SSHs to every
other. I'm solving this with a separate task to only use this mechanism
when a subset of nodes has been specified (see ansible_play_batch).
Useful links on this subject:
- https://medium.com/@george.shuklin/perfecting-forced-fact-gathering-in-ansible-1611f9c8d0d5#.tr5zs3e7x
- http://docs.ansible.com/ansible/playbooks_delegation.html#delegated-facts
Change-Id: Ibb691eae15cacd9e5129ae9280fd296f5ba95940
Closes-Bug: 1642004
Using the `when` conditional on a `with_` loop gets evaluated on each
loop iteration and will not skip a task entirely. Use the `skip`
attribute to ignore errors in this scenario but only `skip` when
`enable_cinder_backend_nfs` is not enabled. If it is enabled the
`nfs_shares` file should be required and this task should fail if it
does not exist.
Co-authored-by: Andrew Widdersheim <amwiddersheim@gmail.com>
Change-Id: I6b997dd943efe7b16beb63899c1488fa5353d996
Closes-Bug: #1641183
Keystone uses fernet as default provider in its code now. This patch
adds provider=token in keystone.conf file explicitly.
TrivialFix
Change-Id: Id7142ff4f00ee99579ad420573eafefea0f4dcb7
The parameter "required=True" is mistyped as "requried=True"
in ansible/library/kolla_docker.py and tests/test_kolla_docker.py
Closes bug: 1640423
Change-Id: I64c333275b9eb3eff5b1c0fa5d550f478e68020d
- logrotate does not have a maxsize option.
while logrotate supports a minsize option its
couterpart is size.
- This chage replaces the use of maxsize with size
in cron-logrotate-global.conf.j2
Change-Id: I381c52e8a866b74b5f2c3b38a2c87f74c48c05e1
Closes-Bug: #1640196
Allow cinder-volume, nova-compute and nova-libvirtd to be configured to
use NFS. In order to mount and work with NFS shares, several containers
needed the NFS packages installed during build time.
One somewhat significant change is the addition of an explicit bind
volume for nova-compute that has shared mounts enabled.
According to docker-run(1), the shared mount propagation flag can only
be specified for bind mounted Docker volumes and not named volumes.
In an NFS setup, cinder-volume mounts the NFS shares so that it can
create and manage the Cinder volumes. When a new instance is created
with a Cinder volume or a Cinder volume is attached to an existing
instance, nova-compute mounts the Cinder volume from the NFS share for
nova-libvirtd. In order for nova-libvirtd to then see those Cinder
volumes the shared mounts flag must be enabled for the Docker volume.
Remove the rpcbind container as it is only necessary for operators who
are using NFSv3 or lower. There is no known need for this currently
however, this container can be added in the future should an operator
require it.
Co-authored-by: Ryan Hallisey <rhallise@redhat.com>
Co-authored-by: Andrew Widdersheim <amwiddersheim@gmail.com>
Change-Id: Iad77c05bce8876bdcc69b7ec22edd50e3bf48b9f
Closes-Bug: #1530515
Partially implements: blueprint nfs-support-in-cinder
After a research regarding manila-share node,
is required that for the generic driver the
manila-share service should be run on the network node.
As the generic driver is our default driver, so this change is needed.
Closes-Bug: #1639028
Change-Id: I4b73fec4f96e3e2f9c442c8716941bede5dfbc8e
Users can specify database address and port for mysql backend
of Ceilometer. Currently ceilometer_database_mysql_address
incorrectly includes port. This is unnecessary, also Ceilometer
bootstrapping (mysql_user, mysql_db Ansible modules) wants to use
these variables separately.
Change-Id: I88f5359517fcf4f119ec6abfdf16a15a4e33b6fd
Closes-Bug: #1639786
