We get a nice optimisation by using a filtered loop instead
of task skipping per service with 'when'.
Partially-Implements: blueprint performance-improvements
Change-Id: I8f68100870ab90cb2d6b68a66a4c97df9ea4ff52
Basically, there are three main installation scenario:
Scenario 1:
Ironic installation together with other openstack services
including keystone. In this case variable enable_keystone
is set to true and keystone service will be installed
together with ironic installation. It is possible realise this
scenario, no fix needed
Scenario 2:
Ironic installation with connection to already installed
keystone. In this scenario we have to set enable_keystone
to “No” to prevent from new keystone service installation
during the ironic installation process. But in other hand,
we need to have correct sections in ironic.conf to provide
all information needed to connect to existing keystone.
But all sections for keystone are added to ironic.conf only
if enable_keystone var is set to “Yes”. It isn’t possible
to realise this scenario. Proposed fix provide support for
this scenario, where multiple regions share the same
keystone service.
Scenario 3:
No keystone integration. Ironic don't connect to Keystone.
It is possible realise this scenario, no fix needed
Proposed solution also keep the default behaviour: if no
enable_keystone_integration is manually defined by default
it takes value of enable_keystone variable and all behaviour
is the same. But if we don't want to install keystone and
want to connect to existing one at the same time, it will be
possible to set enable_keystone var to “No”
(preventing keystone from installation) and at the same
time set ironic_enable_keystone_integration to Yes to allow
needed section appear in ironic.conf through templating.
Change-Id: I0c7e9a28876a1d4278fb2ed8555c2b08472864b9
Elevated (root) privileges are required to set owner/group/mode when
target owner does not math the user running Ansible. Without it the
playbook fails with 'Permission denied' error.
Change-Id: Ie7455a5f1ed709dfb9c9d7c653c6f808c00af4c2
This patch is fixing docker healthcheck for horizon
by changing value of horizon_listen_port, so
both apache's virtualhost and healthcheck will have
same correct port always. Also removing useless
apache's redirect as all redirects are done on
haproxy side.
Closes-Bug: #1933846
Change-Id: Ibb5ad1a5d1bbc74bcb62610d77852d8124c4a323
Kolla-ansible install python docker library in role/baremetal
to group/baremetal, because of this get container facts
for timesync checks is failing on deployment host.
This patch adding when conditional, so deployment host
will be skipped as there is no need to run timesync
checks.
Closes-Bug: #1933347
Change-Id: Ifefb9c74ee6a80cdbc458992d0196850ddfe7ffa
This trivial patch is setting "timeout tunnel" in haproxy's
configuration for spicehtml5proxy. This option extends time
when spice's websocket connection is closed, so spice will
not be freezed. Default value is set to 1h as it is in novnc.
Closes-Bug: #1938549
Change-Id: I3a5cd98ecf4916ebd0748e7c08111ad0e4dca0b2
Delete the "haproxy_single_service_listen.cfg.j2" template,
which has been replaced by "haproxy_single_service_split.cfg.j2"
and deprecated in the Victoria version
Change-Id: I3599f85afe9d3045820ea1ea70481ea2500e49ac
Manila's wallaby release [1] made it possible for
the v2 endpoint to not include a tenant_id
(project_id). This change was made to
accommodate interactions by system scoped users.
System scoped users cannot interact with an
endpoint that needs the "tenant_id" templating,
because system scoped tokens cannot be resolved
to a particular tenant_id by definition. More
information regarding this change is captured
in the release notes for the project [2] and
the API reference [3].
[1] https://review.opendev.org/c/openstack/manila/+/773709
[2] https://docs.openstack.org/releasenotes/manila/wallaby.html#prelude
[3] https://docs.openstack.org/api-ref/shared-file-system/#shared-file-systems-api
Signed-off-by: Goutham Pacha Ravi <gouthampravi@gmail.com>
Change-Id: Ice359bc31429a5da403598b9b4a0e1a95d71b83f
Nova always tries to create the rabbitmq user regardless of
whether RabbitMQ is enabled or not.
This ps also adds an external rabbitmq doc.
Change-Id: Iec517226e4c82ea351889b55689a3efceaadcc76
multiple external networks are supported by linuxbridge and OVS.
Currently the config template only works for OVS
Closes-Bug: #1863935
Change-Id: I9da331e007c25c4a760839c566831769a68507a9
In the Xena release, Ironic removed the iSCSI driver [1]. The
recommended driver is direct, which uses HTTP to transfer the disk
image. This requires an HTTP server, and the simplest option is to use
the one currently deployed when enable_ironic_ipxe is set to true. For
this reason, this patch always enables the HTTP server running on the
conductor.
iPXE is still enabled separately, since it cannot currently be used at
the same time as PXE.
[1] https://review.opendev.org/c/openstack/ironic/+/789382
Change-Id: I30c2ad2bf2957ac544942aefae8898cdc8a61ec6
The healthcheck checks for a process called httpd, but these distros
call it apache2. This results in the ironic_ipxe container being marked
as unhealthy.
This change fixes the issue by making the process name distro dependent.
Change-Id: I0b0126e3071146e7f8593ba970ecbed65b36fcfa
Closes-Bug: #1937037
Since the Victoria release, manila-share.conf requires a glance section
for some drivers. This change adds the missing section.
It also uses the correct cinder_keystone_user variable to reference the
cinder user.
Closes-Bug: #1921935
Change-Id: Ib7ce4ed79c28456281087eb4156577f910c072e7
Adds support for passing extra runtime options to cAdvisor.
By default new options disable exporting rarely useful metrics
and labels by cAdvisor. This helps reducing the load on Prometheus
and cAdvisor itself.
Change-Id: I81f3845d6cd03a70a0c8569f8d0ea421027df083
Currently, if you override docker_yum_url, the repo must contain a GPG
key at {{ docker_yum_url }}/gpg, despite the fact that the GPG key URL
can be overridden separately via docker_yum_gpgkey. This change uses
docker_yum_gpgkey consistently, avoiding the need to keep the key in the
repo.
Closes-Bug: #1934913
Change-Id: If8e6a02ce0760123f7b076c711727ef575965192
