Now, I see mariadb are using utf8_general_ci as a default collation.
- https://mariadb.com/kb/en/mariadb/supported-character-sets-and-collations/
This mean all of Devstack database will be created with utf8_general_ci collation,
so may be, one service/project can be deployed successfully via Devstack
but will be fail with Kolla deployment.
Therefore, we should use above default collation for Kolla-ansible.
Change-Id: Icbb6c15f536fc6986816c58f4fd68bfb95813e46
Closes-Bug: 1680783
Cloudkitty processor use tooz to handle multi processor processes.
Otherwise, duplicated billing will be inserted into mysql.
Change-Id: Ifdc1be78afa89499ee4c3bbec5b9db8ddb2929cf
Closes-Bug: #1681160
The current module 'kolla_sanity' was written as a shim before full
shade support was added to Ansible. This should now no longer be needed,
we can implement the checks using Ansible provided modules.
Begin by updating the Keystone check to use 'os_auth' to fetch a token,
I think this is a good basic smoke test to verify Keystone is working.
Change-Id: I16049d9201fd8138c781ef2e1e0c1827ea817259
Partially-implements: blueprint sanity-check-container
Generally we specify the user is root when deploying ceph, it is no
problem. But if we have the need to use a non-root account, the deployment
will fail because the non-root account can't use the mount command.
I think it is necessary to add sudo for non-root account, when we can't use
the root account to deploy ceph because of security needs, we can use
non-root account to deploy ceph.
Change-Id: Iea1f30bcf8edbe15dc65909bbae780b55a669067
Closes-Bug: #1668823
Issue seems not fixed, it requires more work
This reverts commit 4f6470bb56e70cb65da7b9b9c044029eefb2533c.
Change-Id: I308ea4e0d5ace60cf730944e1883966fc6f8f8ce
Remove deprecation warning about service_token_roles_required
Set number of engine workers to avoid too many resources consuming.
Senlin can poll events from ceilometer when is enabled.
Closes-Bug: #1679697
Change-Id: I8b13d1f492344ca0b65020eb56f0e016c6bb6369
Actual InfluxDB config is deprecated, it must be updated based on the
following documentation:
https://docs.influxdata.com/influxdb/v1.2/administration/config
* remove following options:
lease-duration = "1m0s"
pprof-enabled = false
22173acb70
* rename "cluster" section to "coordination":
75e89e35d8
* remove shard-writer-timeout option:
shard-writer-timeout = "5s"
db7d58c867
Closes-Bug: #1678982
Change-Id: Id905336123bc5aa76d6e6903a82f915c3702669f
Fluentd actually parse all files in /var/log/kolla/*/*.log as Openstack
services files.
Dnsmasq file /var/log/kolla/neutron/dnsmasq.log, must be add to
exclude_path to avoid this warning message:
"/var/log/kolla/neutron/dnsmasq.log unreadable. It is excluded and would
be examined next time."
Change-Id: I8dc5320b9ed299200c4f1e6ee52d34a918e2f110
Closes-Bug: #1678530
HAproxy always restart containers when doing reconfigure.
compare_container not evaluate privileged while the containers
are privileged.
compare_container always evaluates true because of this.
Closes-Bug: #1678122
Change-Id: Iaea80c1e09ef16a6d2530a75e6f37e6259bb4ca7
Using "{{ item }}" is causing wrong fact assignment
and tries to check port when containers are running.
Closes-Bug: #1678102
Change-Id: I659e1c1828b9d82ef9d5bad81021a655cac21478
Source based routing is necessary for some services where we want the
same clients land to the same servers.
For exanmple, Keystone uses one of many memcached servers - if a client
gets a token from one but then lands on another api server on the next
request, that will bind to another cache and we get failed
authentication.
Other examples are horizon/murano where we upload a package in several
steps. If we don't balance client connections to the same host we will
end up with the package downloaded to one host but unsuccessfully
unpacked/imported on another host.
This option is commonly used in the official OpenStack docs [0]
[0] https://docs.openstack.org/ha-guide/controller-ha-haproxy.html
Co-Authored-By: James McCarthy <james.m.mccarthy@oracle.com>
Change-Id: I56f1e48f6dbe457e776a474222073bbefc48c92a
Considering the safety, 644 is enough
other user is not necessary to having write permission.
adding 'su' in where needs writing permissions is a good practice
this operation is safer.
Change-Id: I45d0c6e5ef7338f93db21cf4ef58b4a4fd831210
Change-Id: I13cf03d6a97fb94dd7cb309e99a417ad101dc21a
Co-Authored-By: Mauricio Lima <mauriciolimab@gmail.com>
Partially-implements: bp add-zun-ansible-role
If disable cinder in openstack environment.
Cinder of configuration items do not need to configure in nova.conf
Change-Id: Ie346dfe45f8c2d3fd383095d0c64f8e9421100ff
'v1' is missing in DEFAULT/swift_url property for trove.conf and
trove-taskmanager.conf file.
Closes-Bug: #1677362
Change-Id: I7f625b1ac665a26c4207c3cbb9b0238da82993d8
There are to parameter for ceph-mon/ceph-osd/radosgw, "-f" and "-d".
-d run in foreground, log to stderr.
-f run in foreground, log to usual location.
When log tin stderr, docker engine will collect the logs. It is useless
and we should write the log into file only. Then stop writing log to
stderr.
ceph-mon log location is controlled by "mon cluster log file".
Change-Id: I7883a4316420bc2bf4c772cb7248b663359f54b7
Closes-Bug: #1677237
