Currently, policy.json is put in
"{{ node_config_directory }}/{{ service_name }}"
in target nodes.
Relocation policy.json to "{{ node_config_directory }}/{{ item }}"
with item is corresponding service compoment config directory.
Currently, the policy.json is copied to all services, but it
should be reviewed and left only in neccesary service
(at many cases, only API service needs that).
Redundant files will be removed in follow up patchset.
Change-Id: I0e997dccf4ec438c9c0436db71ec2fd06650f50d
Closes-Bug: #1639686
Haproxy often breaks mysql connections that results in
"MySQL server has gone away" or similar because of 1 minute
timeouts. Instead the timeouts should be not less than mysql
connections timeouts - in most cases set to 3600s by default
by OpenStack projects.
Change-Id: Ic364f6942cdc6c2f274a508ae548bf964b098da4
Closes-Bug: #1645098
check_mode option is included in Ansible 2.2.
Using in our playbooks mean that any other version before
Ansible 2.2 can be used
This reverts commit 529f202d00e4615caa1fcb447aaa47fde6aa1417.
Change-Id: I3af96290443d760346264e6d994fd2a44de65543
Closes-Bug: #1644828
When configuring kolla with
- kolla_enable_tls_external: "yes"
ceilometer service credential defaults to publicURL.
Ceilometer should work with the internal interface (v3 API Identity syntax):
.....
[service_credentials]
interface = internal
.....
Change-Id: I898ffb2b901f08b810756d80dbb988d8c9298219
Closes-Bug: #1643860
ceilometer is not sending logs to heka because no heka-ceilometer.toml is created.
Updated templates files.
Change-Id: I69f3d93377c6c51d22f37ed120800f7489f5a8a0
Closes-Bug: #1642665
* Build kolla image by using kolla project's code
* bump openstack_release to 4.0.0
* Remove tox deploy related env, it is useless now.
Depends-On: I132ee005bce993cbadf411697817c2e95548dc81
Change-Id: Id899eb39d476b95130fbeb43adf4fd49ef32be32
In destination path gnocchi keyring file, keyring spelling is
written as keryring.
Change-Id: I8e0ad26dec9a61206692b0f3f2de7b318ded172d
Closes-Bug: #1642621
PyMySQL is prefered to PythonMySQL for Sqlalchemy, as it provides
python3 support and is actively maintained, and is therefore the
currently recommended lib for db connections.
* https://wiki.openstack.org/wiki/PyMySQL_evaluation
Kolla currently uses PyMySQL for all connections bar Barbican
(which works fine with PyMySQL): once this commit is merged it will
be possible to remove the PythonMySQL libs, and mysql libs for kolla
images (except kolla-toolbox).
TrivialFix
Change-Id: Id256387134ca551a181c5e49c9b6d63f62b72523
Option "scheduler_max_attempts" from group "DEFAULT" is deprecated.
Use option "max_attempts" from group "scheduler".
Change-Id: I7b8e803c3579c53629a63912e2f6faa65a31f098
Closes-Bug: #1642590
Set a default for CONFIG_DIR in service_checks to more easily allow
consumers not using the kolla-ansible tool to run the prechecks.
Change-Id: I78bc5dd6f37e6a60ecc6a86d43e56b05803a4fd5
Closes-Bug: #1629893
If an operator wants to deploy a single node (e.g. add an additional
compute), they may want to use the --limit feature of Ansible to avoid
waiting for every play across every node.
The problem with this is that --limit will gather facts for that node
only, causing template errors such as the infamous ('dict object' has no
attribute u'ansible_eth0'").
Ansible has catered to this problem to an extent with it's
"delegate_facts" mechanism. The only problem is that in the default 'all
nodes' case, we end up with a storm of SSHs as each node SSHs to every
other. I'm solving this with a separate task to only use this mechanism
when a subset of nodes has been specified (see ansible_play_batch).
Useful links on this subject:
- https://medium.com/@george.shuklin/perfecting-forced-fact-gathering-in-ansible-1611f9c8d0d5#.tr5zs3e7x
- http://docs.ansible.com/ansible/playbooks_delegation.html#delegated-facts
Change-Id: Ibb691eae15cacd9e5129ae9280fd296f5ba95940
Closes-Bug: 1642004
Using the `when` conditional on a `with_` loop gets evaluated on each
loop iteration and will not skip a task entirely. Use the `skip`
attribute to ignore errors in this scenario but only `skip` when
`enable_cinder_backend_nfs` is not enabled. If it is enabled the
`nfs_shares` file should be required and this task should fail if it
does not exist.
Co-authored-by: Andrew Widdersheim <amwiddersheim@gmail.com>
Change-Id: I6b997dd943efe7b16beb63899c1488fa5353d996
Closes-Bug: #1641183
Keystone uses fernet as default provider in its code now. This patch
adds provider=token in keystone.conf file explicitly.
TrivialFix
Change-Id: Id7142ff4f00ee99579ad420573eafefea0f4dcb7
