*** Requires Docker 1.10 which is released ***
Documentation will be in the next patch. You must set the following
in your docker.service daemon control file for propogation to work:
[Service]
MountFlags=shared
======================================================================
Thanks to mount propagation in Docker 1.10 we can use thin containers
finally! This is extremely useful to operators since now they can
access the network namespaces from the hosts (outside the neutron
container). But additionally it allows us to implement the VPN agent
and other services easier.
Neutron containers and the neutron role are brought into the standards
of the new Kolla. Completely with drop-root and ansible formating
updates.
The ip_wrapper.py script was (thankfully) not needed so it has been
removed from the repo.
Partially-Implements: blueprint upgrade-neutron
Change-Id: Iaf5555283240457e1912459f397a6393d886fba1
Docker 1.10 has broken the gate and this patch will correct that
breakage.
The issue comes with rsyslog. Due to a commit in Docker 1.10 [1] we
must change the way we get the log socket for rsyslog. The /dev/
folder will no longer populate as we used it. So instead we simply
make a new socket in a path we control and share that to the correct
location in the containers.
Additionally, adjust the gate for new Docker daemon.
[1] https://github.com/docker/docker/pull/16639
Partially-Implements: blueprint kolla-upgrade
Change-Id: I881a2ecdf6d7b35991e1d38a3f3e60d022d6577f
This change is needed for clarity. We have a kolla-ansible script.
We have a kolla-mesos repo. We plan to have a kolla-ansible repo.
Already we have had far too much confusion about whether we are
talking about the container or the project. Naming this kolla-toolbox
eliminates all of that confusion and its probably a bit more accurate
of a name too.
Closes-Bug: #1541053
Change-Id: I8fd1f49d5a22b36ede5b10f46b9fe02ddda9007e
Add bootstrap label to all bootstrap containers to ensure that when
the a new container is launched a difference is seen between it and
the bootstrap container since we cannot rely on ENV variables for
this. This only affects mariadb at this stage, but it is needed to
ensure rabbitmq works when we switch to named volumes.
Change-Id: Ia022af26212d2e5445c06149848831037a508407
Closes-Bug: #1538136
After introduction of pull action and turing every main.yml into
{{action}}.yml we lost ability to perform upgrade
Change-Id: Ie9fa2cd083b061033abc733fba53d54f9c55e393
Fixes-Bug: #1538210
Option "verbose" from group "DEFAULT" is deprecated for removal.
Its value may be silently ignored in the future.
If this option is not set explicitly, there is no such warning.
Furthermore, the default value of verbose is true, so there is
no need to set this value in config files.
TrivialFix
Change-Id: I3ec2a8900c984a64bc0645672ef89a63975f7f4e
This intentionally leaves out rabbitmq from this patchset. It will
require additional work to remove its data container
UpgradeImpact
Partially-Implements: blueprint docker-named-volumes
Change-Id: Id68b8e43a3c077ef4f4f4d67ea34d0692e66eef7
- See instructions in doc/nova-fake-driver.rst
Implements: blueprint nova-fake-driver
Change-Id: I553a40c2df39bdcc391eb1b8b2b8fd5f4ed48c33
Signed-off-by: Hui Kang <kangh@us.ibm.com>
Signed-off-by: Marcio D. Silva <marcios@us.ibm.com>
Convert config creation from a playbook to an action_plugin. This
reduces the complexity and confusion while retaining the same augment
structure and flexibility.
This allows us to remove the 0-byte files as requirements. They will
still be used if they are present (this means we require additional
documentation around them).
DocImpact
Closes-Bug: #1528430
Change-Id: I2c789f6be9f195c7771ca093a6d59499564b4740
In heterogeneous environment, api_interfaces are different each other.
So we should specify it from hostvars.
Implements: bp configure-network-interface
Change-Id: Id15d70bfb9ebb62a64a3847a6b77407efb171dbe
- this change moves the ovs_ensure_configured.sh file to the
openvswitch-db container.
- this change reorders the plays in ansible/roles/neutron/tasks/start.yml
to configure the ovs bridges before starting the vswitchd container.
Change-Id: Ied1a82d48377534c15680406df9a96caf3b79515
Closes-Bug: #1522133
Use virtualenv for installation of OpenStack projects and
dependencies to avoid conflicts with Python libraries installed
by non-OpenStack binary packages.
Change-Id: I21ecd673b2e93335b1d3dd4e279e940c9d694c3c
Implements: blueprint virtualenv
vxlan should be allowed in tenant_network_types because it used in
tunnel_types.
Allow all flat networks when ironic enabled.
TrivialFix
Change-Id: I39b2fbf26bb4c9047e7c3ea5ca7749ae113e4ed8
Additionally remove tty from the container cleanup docker section. It
was added in a sed in a previous patchset by serves no purpose.
Change-Id: Ib617870616bca687f72ffaa44b2e9a3a11ef1011
Partially-Implements: blueprint cleanup-playbooks
The bootstrap tasks could be started on any node listed in the
site.yml
The issue is that all the tasks must run on the same node, and the
only node that all the tasks can run on is the 'api' node due to
needing to start the bootstrap container which binds in the configs.
delegate_to is required to ensure that the proper node gets the task.
Co-Authored-By: Sam Yaple <sam@yaple.net>
Change-Id: Ica04ab366777a571a92212ac22c482f1881d4ecd
Closes-Bug: #1513598
Related-Bug: #1513439
database_user_create was not correctly referenced when parsing the
variable names. This could never actually lead to a situation that
reported a false change, but it could break an operation if you were
using the --step option with ansible and skipped the database create
task.
TrivialFix
Backport: Liberty
Change-Id: Idf69fffcc3814f509448ccea11b7d175f074ccf1
The bootstrap must occur on the nova-api node due to binding in the
nova-api directory (same goes for all other services)
Closes-Bug: #1513439
Backport: Liberty
Change-Id: Iab88b49712828085e4d7e7f85e6d8f0b7999a9bf
The main reason for this change is to allow the DinD stuff to work. It
has limited use outside of that use case, but it may still be useful
to others in the future.
Change-Id: Ib3a4639cfb3fc0d378d33fc8b9ff8eb597f818ab
Partially-Implements: blueprint multinode-gate
Adjust all the configs to list all the rabbitmq hosts rather than
running rabbitmq through the VIP. This is made possible by clusterer
which has already merged.
Change-Id: I5db48f5f10ec68f4c8863a29bc13984f6845a4f9
Partially-Implements: blueprint rabbitmq-clusterer
sudo requires a tty to function by default on centos. Instead of
tweaking the sudo conf we can just add a tty. This has the added
advantage of making the containers more friendly if you have to
`docker exec -i <container> bash` into them.
Change-Id: If97a02ca1d37c243a787d98ade54bde8d641aecd
backport: liberty
Partially-Implements: blueprint functional-testing-gate
Ansible 1.9.2 contains the fix needed for docker-py >1.2.0
This is needed for some gate reasons, but it is also a good version
bump because it fixes a few issues with delegate_to.
Change-Id: Iafbabb3b0232620849d0548c5cd9d8d316c2b0f3
backport: liberty
Partially-Implements: blueprint functional-testing-gate
This brings Kolla images inline with FHS and should make finding
locations of things more consistent and reliable with the linux world
at large.
Change-Id: Iece5b4da4bace0fb8b1f41a65ab2c852ec73e6f8
Closes-Bug: #1485742
A few sysctl values are required for networking to work. All of them
are documented at docs.openstack.org and while some of them are the
defaults on systems, they should be explicitly set since networking
will break without them set.
Change-Id: I4507eb2602e52eeab61bdceea4c94b1c35696a7d
Closes-Bug: #1482794
Neutron Agents is a special case for json support. Since it's a fat
container, there will be multiple commnds that will need to be run
in the container. In order to account for this, the commands will be
hardcoded until the agents are split out to their own containers.
The files will be copied the normal way.
Co-Authored-By: Steven Dake <stdake@cisco.com>
Change-Id: I9fc226cc7b82c2594db5814d30d453a29a4af8c0
Partially-Implements: blueprint replace-config-external
Closes-Bug: #1500566
Configuration based off upstream documentation here:
http://docs.openstack.org/developer/ironic/deploy/install-guide.html
A few notes:
-ironic-api is not configured to use mod_wsgi
-several places it's noted that discoverd is going away and needs to be
replaced with ironic-inspector - (sqlite connection should be changed
too)
-currently enabling ironic reconfigures nova compute (driver and
scheduler) as well as changes neutron network settings
-a nice enhancement would be to configure the web console
Required post-deployment configuration:
Create the flat network to launch the instances:
neutron net-create --tenant-id $TENANT_ID sharednet1 --shared \
--provider:network_type flat --provider:physical_network physnet1
neutron subnet-create sharednet1 $NETWORK_CIDR --name $SUBNET_NAME \
--ip-version=4 --gateway=$GATEWAY_IP --allocation-pool \
start=$START_IP,end=$END_IP --enable-dhcp
And then the above ID is used to set cleaning_network_uuid in the neutron
section of ironic.conf.
Change-Id: I572e7ff1f23c4e57a2c50817cafe9269fd9950dd
Implements: blueprint ironic-container
Our openvswitch image does not follow the naming convention of any of
our other containers and it should.
Change-Id: If1b815117bb39df74061218e48778479b8d674bc
Closes-Bug: #1500392
