Default user group should be set much earlier in deployment
and should be used consistently accross all projects.
Change-Id: Id399f9ddebc903bb9c3eeb5a0ff6f33ca6d6828c
Closes-Bug: #1650501
The account, container, and object templates were incorrectly
using the api_interface as their bind_ip configuration setting.
Updated these templates to instead use the storage_interface.
Change-Id: I683102096cd6aa3c77a7900f5a1a248cdcddba42
Note: Rings must be generated accordingly.
Currently, policy.json is put in
"{{ node_config_directory }}/{{ service_name }}"
in target nodes.
Relocation policy.json to "{{ node_config_directory }}/{{ item }}"
with item is corresponding service compoment config directory.
Currently, the policy.json is copied to all services, but it
should be reviewed and left only in neccesary service
(at many cases, only API service needs that).
Redundant files will be removed in follow up patchset.
Change-Id: I0e997dccf4ec438c9c0436db71ec2fd06650f50d
Closes-Bug: #1639686
The swift-object-auditor logs many complaints of missing
object-replicator configuration, as this section is undefined.
Move the header outside of the == 'swift-object-replicator' check,
so other services will get an empty section to stop complaints.
TrivialFix
Closes-Bug: #1637561
Change-Id: I9c8d960b0c31e448afdeaac5f3d38e1be5ff965d
Allow operators to use their custom policy files.
Avoid maintain policy files in kolla repos, only copying
the files when an operator add their custom config.
Implements: blueprint custom-policies
Change-Id: Icf3c961b87cbc7a1f1dd2ffbfffcf271d151d862
The swift-object-expirer is provided by the 'openstack-swift-proxy'
package and thus it is unavailable on swift-object image. This change
adds a new Docker image to fulfill this requirement and stop using
swift-object image in this case.
This image is needed while RDO does not fix the packaging. The issue
is being tracked in:
https://bugzilla.redhat.com/show_bug.cgi?id=1382921
Change-Id: Idc7ee92d756d8923da2198ede33abf5ed1142041
Closes-Bug: 1630425
do_reconfigure.yml is introduced to use serial directive. But we use
it in wrong. Now serial has moved to playbook file. So it is time to
remove the do_reconfigure.yml file
Closes-Bug: #1628152
Change-Id: I8d42d27e6bc302a0e575b0353956eaef9b2ca9fd
Useful for upgrade etc., which is preferablly done serially.
Example usage: tools/kolla-ansible deploy OR tools/kolla-ansible upgrade
Closes-Bug: #1576708
DocImpact
Change-Id: I34b2e16f8ce53e472a4682a4738c4ac0f5abf00c
Migrate to full variable syntax in with_ loop
instead of bare variables for:
- cinder
- haproxy
- ironic
- magnum
- mistral
- mongodb
- murano
- swift
- watcher
TrivialFix
Change-Id: I3ef2e79053cf609aaa710e43ffd0adbc5a97565b
The Ceph osd bootstrap/startup logic depends upon reading/writing
partition names. Some older versions of udev have trouble reading these
(/dev/disk/by-label is missing).
To work around this, we shell out to sgdisk and scrape the partition
name data directly.
Co-authored-by: Paul Bourke <paul.bourke@oracle.com>
Closes-Bug: 1585185
Change-Id: I362b3f8e91de79687fc84e256996fbcaf303b6af
An operator may want to specify the location of custom config
files so that kolla can detect their location and merge
them with the default configs generated.
Partially implements: blueprint multi-project-config
Change-Id: Ibfb38d07a36dfa7fe25381adc34cc1d3cbe7d1e1
This PS configures swift-rsyncd process to use non-default port
from the range above 1024.
Change-Id: I7c37c548a5185a2ffac789383fe012619e401131
Closes-Bug: #1573137
The in-process cache for keystone tokens has been deprecated due to
"incosistent results and high memory usage" with the expectation we
switch to memcached_servers if we want to stay performant.
Add memcache_servers [cache] section to the appropriate servers as the
[DEFAULT]\memcache_servers options was deprecated.
TrivialFix
Related-Id: Ied2b88c8cefe5655a88d0c2f334de04e588fa75a
Change-Id: Ic971bdddc0be3338b15924f7cc0f97d4a3ad2440
This type of per node configuration is required to support things like
availability zones for nova. As always, if this file doesnt exist it
doesnt get used so this change is safe.
TrivialFix
Change-Id: Iff8172af522c2c96e5f2c173b24a5dfd4d522ed2
This implements reconfigure for Swift service. Fixes swift-rsyncd in
All-in-One deployment
Partially-Implements: blueprint kolla-reconfig
Change-Id: I82bfa3c73b7365bc3a0ea35d3fc102a3525ebd8c
After our switch to keystone-manage bootstrap Horizon is not happy
due to v3 not being setup correctly. This patch fixes that
This also includes removal of unused variables (transforms them into
endpoint url variables)
TrivialFix
Change-Id: I1e04db8c24049f80e974c063f03068a2ab32a563
This runs first sanity check for swift. Once
swift is deployed it checks list()
Change-Id: I613bf9f2893d66814863893ec5acde5aa252548d
Partially-Implements: blueprint sanity-check-container
Due to poor planning on our variable names we have a situation where
we have "internal_address" which must be a VIP, but "external_address"
which should be a DNS name. Now with two vips "external_vip_address"
is a new variable.
This corrects that issue by deprecating kolla_internal_address and
replacing it with 4 nicely named variables.
kolla_internal_vip_address
kolla_internal_fqdn
kolla_external_vip_address
kolla_external_fqdn
The default behaviour will remain the same, and the way the variable
inheritance is setup the kolla_internal_address variable can still be
set in globals.yml and propogate out to these 4 new variables like it
normally would, but all reference to kolla_internal_address has been
completely removed.
Change-Id: I4556dcdbf4d91a8d2751981ef9c64bad44a719e5
Partially-Implements: blueprint ssl-kolla
Swift uses Syslog, but it uses a custom log format. So this commit
adds a specific Heka decoder for Swift.
It also increases the log level from "warning" to "info" to make
Swift more verbose. Note that "info" is the default log level in
Swift.
And it disables the Heka configuration for Swift when "enable_swift"
is set to "no". This prevents Heka from creating 15 empty Swift log
files in the logs volume.
Partially implements: blueprint heka
Change-Id: If7a7d0707e71be2957178e2d45b5de51b788232e
Based on the Nova upgrade patch and recommendations from Swift PTL John
Dickinson at
https://swiftstack.com/blog/2013/12/20/upgrade-openstack-swift-no-downtime/
Notes:
As part of this upgrade I have chosen to *not* migrate any data from the
old style swift_data container. This is because it was never intended to
be used in production; this fact is made clear in the docs.
In regards to testing, as of this patch we do not yet have an upgrade
task for the common containers (rsyslog and kolla-toolbox), so
attempting to upgrade swift will result in it failing to find the
kolla-toolbox. This will be true of any other upgrade until upgrade for
common is added. It can be worked around by deploying another role such
as keystone which will drag in the common role and start up
kolla-toolbox, after which Swift can be successfully upgraded.
Change-Id: I138556932e9bddcd595d94a3dcb69603268880ff
Partially-Implements: blueprint upgrade-kolla
Implements: blueprint upgrade-swift
The extend_start.sh script for rsyslog is removed as it is no longer
needed. Docker no longer binds to /dev/log or /run/kolla/log
Closes-Bug: #1544545
Change-Id: Ic0a323a26ee4e9e15baf4598285844a8a4955f23
To allow for TLS to protect the service endpoints, the protocol
in the URLs for the endpoints will be either http or https.
This patch removes the hardcoded values of http and replaces them
with variables that can be adjusted accordingly in future patches.
Change-Id: Ibca6f8aac09c65115d1ac9957410e7f81ac7671e
Partially-implements: blueprint ssl-kolla
Docker 1.10 has broken the gate and this patch will correct that
breakage.
The issue comes with rsyslog. Due to a commit in Docker 1.10 [1] we
must change the way we get the log socket for rsyslog. The /dev/
folder will no longer populate as we used it. So instead we simply
make a new socket in a path we control and share that to the correct
location in the containers.
Additionally, adjust the gate for new Docker daemon.
[1] https://github.com/docker/docker/pull/16639
Partially-Implements: blueprint kolla-upgrade
Change-Id: I881a2ecdf6d7b35991e1d38a3f3e60d022d6577f
This change is needed for clarity. We have a kolla-ansible script.
We have a kolla-mesos repo. We plan to have a kolla-ansible repo.
Already we have had far too much confusion about whether we are
talking about the container or the project. Naming this kolla-toolbox
eliminates all of that confusion and its probably a bit more accurate
of a name too.
Closes-Bug: #1541053
Change-Id: I8fd1f49d5a22b36ede5b10f46b9fe02ddda9007e
Current Swift playbook is based on the preassumption of AIO setup.
However, if one goes with default multinode setup
(ansible/inventory/multinode), it follows the P + ACO deployment model,
which proxy-server runs on controller nodes where ACO
(account/container/object services) run on storage nodes.
It will break because swift proxy-server no longer has access (it
shouldn't have) to /srv/node path. This change ensure disk mounting part
only happens on storage node. It also moves chown from proxy-server
Dockerfile to rsyncd because no matter with PACO, P+ACO or P+A+C+O
model, rsyncd is always running on each storage node.
Change-Id: I3aa20454902caa9c84d3901bb91e4e4c93ac5f34
Partially-Implements: blueprint swift-physical-disk
Closes-Bug: #1537544
Add back missing swift proxy server image which was removed in Swift
shared image change.
TrivialFix
Change-Id: Icf13d4a1550192f73e266a6c6aa74f604ee4e77a