This commit is the final commit to apply resource-constraints
to all OpenStack services.
Depends-on: I39004f54281f97d53dfa4b1dbcf248650ad6f186
Change-Id: I072d69be9698be54775cb0ae286ea2b6ed78776c
Implements: blueprint resource-constraints
Enables setting rp_filter mode on Neutron L3 agent and Nova compute
hosts whilst maintaining the default that it is disabled.
Closes-Bug: #1782799
Change-Id: I93e53bad9727beb786b00bd7fcd6d78785c619c2
It is possible to have an accessible swift API that is not managed by
kolla-ansible -- for example, ceph exposes a swift API, and using that
requires setting swift as the glance backend.
So, we should loosen the requirement that using the swift backend for
glance requires swift be enabled in kolla-ansible.
Co-Authored-By: Adam Harwell <flux.adam@gmail.com>
Change-Id: I17076d5412d2b1e1f13bb0badceaca85a5cee108
The word "action" is now an Ansible reserved word, and things have
transitioned to "kolla_action", but looks like this was missed.
Change-Id: Ie07a2a7d8b153a6d39b91129256727157f8dfa34
In this patch, the glance-registry service was disabled:
https://review.openstack.org/#/c/566804/
However, the config task still tries to copy files for it, which will
break due to path errors.
Change-Id: If39bb12bf830e6559342037ae2a2b99a784ee503
The rsync prior to v3.1.0 the uid/gid parameter have no effect at
all if it runs as normal(non-root) user.
Since v3.1.0 these parameter are problematic for normal user
because now rsync, regardless of root or non-root, if the
parameters are given then it just tries to call setgroups() which
is not possible for normal user so errors may occur.
swift-object-replicator: @ERROR: setgroups failed\u0000
swift-object-replicator: rsync error: error starting
client-server protocol (code 5) at main.c(1648)
[sender=3.1.2]\u0000
Either way, these parameters are not needed for swift-rsync
container.
Change-Id: Ia7fe9f06d7a21a55f52b90c2cc1b2498300e6532
Signed-off-by: Minho Ban <mhban@samsung.com>
This service is only required if you want to support cold migration.
In some instances that is not a needed feature, and avoiding having
another key to manage is an advantage.
Co-Authored-By: Adam Harwell <flux.adam@gmail.com>
Change-Id: I0a55a91673d9178933f134832df4bd849ddf5af4
This commit will constrain the dimensions of service `Nova`
and sub-containers deployed along with it.
A user can give the dimension values in `/etc/kolla/globals.yml`
the data-types just like stated in this commit.
Reference-Docs:
https://docs.docker.com/config/containers/resource_constraints/
Added Test-cases for the same.
Partially-Implements: blueprint resource-constraints
Change-Id: I6458d8fb7b26a6e7c3a9fd0d674d9cf129b0bf5d
This is a Logstash component which reads processed logs from Kafka
and writes them to Elasticsearch (or some other backend supported by
Logstash).
Ingesting the logs from this service with Fluentd will be covered under
a different commit.
Change-Id: I2d722991ab2072c54c4715507b19a4c9279f921b
Partially-Implements: blueprint monasca-roles
This patch extends the prometheus role for being able
to deploy the prometheus-alertmanager[0] container.
The variable enable_prometheus_alertmanager
decides if the container should be deployed and enabled.
If enabled, the following configuration and actions are performed:
- The alerting section on the prometheus-server configuration
is added pointing the prometheus-alertmanager host group as targets.
- HAProxy is configured to load-balance over the prometheus-alertmanager
host group. (external/internal).
Please note that a default (dummy) configuration is provided, that
allows the service to start, the operator should extend it via a node custom config
[0] https://github.com/openstack/kolla/tree/master/docker/prometheus/prometheus-alertmanager
Change-Id: I3a13342c67744a278cc8d52900a913c3ccc452ae
Closes-Bug: 1774725
Signed-off-by: Jorge Niedbalski <jorge.niedbalski@linaro.org>
There are cases when we can lost original timestamp field given from
logs, like when we send our logs to the next fluentd forwarder in chain
of forwarders, it will rewrite our timestamp by default. Save
`Timestamp` field explicitly to avoid such situation and be able to
reconstruct messages date and time.
Closes-Bug: #1781046
Change-Id: I2b4486aedacbe16dc4c0fb2e4e4984bd80e59f2d
This makes the bootstrap-servers command more idempotent, since without
the append argument set the kolla user will be removed from the docker
group before being added to it again in a later task.
TrivialFix
Change-Id: Iab0f6b5e18a103e9140631ee3ebbbb48c490bc24
In I86bf5e1df3d6568c4f1ca6f4757f08a3dd22754d, creation of the kolla user
was moved to after package installation to ensure the sudo package is
installed when required. This change does not work when python
dependencies are installed in a virtual environment however - when the
virtualenv variable is set.
This change moves the ownership change of the virtualenv to after the
kolla user has been created. It also uses the kolla_user and kolla_group
variables to set the user and group appropriately.
Change-Id: I320e5d611099ad162945a98d5505a79606da0eba
TrivialFix
The Monasca Log Transformer takes raw, unstandardised logs from one
Kafka topic, standardises them with whatever rules the operator wants
to use, and then writes them to a standardised logs topic in Kafka. It
is currently implemented as a Logstash config file.
Since Kolla does a fairly good job of standardising logs, this service
does very little processing. However, when other sources of logs
are used, it may be useful to add rules to the Transformer, particularly
if it's not possible to standardise the logs at source.
Ingesting the logs from this service with Fluentd will be covered under
a different commit.
Change-Id: I31cbb7e9a40a848391f517a56a67e3fd5bc12529
Partially-Implements: blueprint monasca-roles
