This patch is adding a feature for an option to copy different
ceph configuration files and corresponding keyrings for cinder,
glance, manila, gnocchi and nova services.
This is especially useful when the deployment uses availability
zones as below example.
- Individual compute can read/write to individual ceph
cluster in same AZ.
- Cinder can write to several ceph clusters in several AZs.
- Glance can use multistore and upload images to
several ceph clusters in several AZs at once.
Change-Id: Ie4d8ab5a3df748137835cae1c943b9180cd10eb1
The venus containers failed to start with an error
(venus_api container):
/usr/local/bin/kolla_start: line 24: exec: venus-api: not found
because of [1] and also changes the encoding of the files form
dos to unix introduced in [2].
1. https://opendev.org/openstack/venus/src/branch/master/setup.cfg#L29-L30
2. If3562bbed6181002b76831bab54f863041c5a885
Change-Id: I8bee27882c15e39a3d2946787d56bc90db994887
Signed-off-by: Maksim Malchuk <maksim.malchuk@gmail.com>
Followup on I34fd1dcb52cffd9d545d10526109772aeebc2393
Change-Id: I3a14f85fbe5be6ae635774c49872e17f5daea805
Signed-off-by: Maksim Malchuk <maksim.malchuk@gmail.com>
Where a list item has multiple paragraphs, the additional paragraphs
must be indented by three spaces (i.e. the level of the first paragraph)
to be considered part of the list item.
Change-Id: I34fd1dcb52cffd9d545d10526109772aeebc2393
Signed-off-by: Stephen Finucane <stephenfin@redhat.com>
According to the documentation [1] type of the Cyborg service should
be 'accelerator' and description 'Acceleration Service'. Also, this
change fixes incorrect endpoint URLs, and not configures an admin
endpoint [2] because the documentation [1] not updated yet.
1. https://docs.openstack.org/cyborg/latest/install/common.html
2. Icf3bf08deab2c445361f0a0124d87ad8b0e4e9d9
Closes-Bug: #2020080
Change-Id: I002db50cbad5a90e479498e605bdeab343e129c7
Signed-off-by: Maksim Malchuk <maksim.malchuk@gmail.com>
The kolla-genpwd, kolla-mergepwd, kolla-readpwd and kolla-writepwd
commands now creates or updates passwords.yml with correct
permissions. Also they display warning message about incorrect
permissions.
Closes-Bug: #2018338
Change-Id: I4b50053ced9150499d1d09fd4a0ec2e243cf938b
Signed-off-by: Maksim Malchuk <maksim.malchuk@gmail.com>
The ``[pci]`` options in the Nova SRIOV documentation are incorrect.
``alias`` is a JSON object but mentioned as a list of object here.
``through_whitelist`` is deprecated [1] in favour of ``device_spec``.
[1] https://docs.openstack.org/nova/2023.1/configuration/config.html#id116
Closes-Bug: #2019985
Change-Id: I4f9bce297bc3385f9749e4221f4721c1841700a1
Add file to the reno documentation build to show release notes for
stable/2023.1.
Use pbr instruction to increment the minor version number
automatically so that master versions are higher than the versions on
stable/2023.1.
Sem-Ver: feature
Change-Id: I870c0569a1e175ac5df59fc495812ba81c5147e6
Setting the CONTAINER_ENGINE env var was missed in one spot in [0].
[0] I395d2bdb0dfb4b325b6ad197c8893c8a0f768324
Change-Id: I29868d59cbef2bd5707ab20d2c30a2d8f6d6060e
We limit to 2.14.2 due to a regression in ansible-core [1] that breaks
conditional include_task loops in handlers. This is used for controlled
restarts of MariaDB and RabbitMQ.
[1]: 65366f663d
Change-Id: I57425680a4cdbf0daeb9b2cc35920f1b933aa4a8
Co-Authored-By: Michal Nasiadka <michal@stackhpc.com>
As of I3629b84d3255a8fe9d8a7cea8c6131d7c40899e8 nova
now requires the service_user section to be configured
to address CVE-2023-2088. This change adds
the service user section to the nova.conf template in
the nova and nova-cell roles.
Related-Bug: #2004555
Signed-off-by: Sven Kieske <kieske@osism.tech>
Change-Id: I2189dafca070accfd8efcd4b8cc4221c6decdc9f
(cherry picked from commit a77ea13ef1991543df29b7eea14b1f91ef26f858)
(cherry picked from commit 03c12abbcc107bfec451f4558bc97d14facae01c)
(cherry picked from commit cb105dc293ff1cdb11ab63fa3e3bf39fd17e0ee0)
(cherry picked from commit efe6650d09441b02cf93738a94a59723d84c5b19)
The flags ``--db-nb-pid`` and ``--db-sb-pid`` are corected to be
``--db-nb-pidfile`` and ``--db-sb-pidfile`` respectively. See here for
reference:
6c6a7ad1c6/utilities/ovn-ctl (L1045)
Closes-Bug: #2018436
Change-Id: Ic1e8768374566eb2198302807ecc644a19cd3062
This patch add a way to choose container engine inside tool and test
scripts. This is in preparation for Podman introduction but still
leaves Docker as default container engine.
Signed-off-by: Martin Hiner <m.hiner@partner.samsung.com>
Change-Id: I395d2bdb0dfb4b325b6ad197c8893c8a0f768324
Adds a flag ``kolla-ansible octavia-certificates --check-expiry <days>``
to the ``octavia-certificates`` command to check if the certificates
will expire within a given number of days.
Change-Id: I869b8afd85fe282d823ecf3593aa22f94a61b2a0
New openstack collection modules have changed output
dicts/variable names - adapting to that.
Also changing octavia amphora image to focal, since bionic
hasn't been rebuilt since May 2021.
Closes-Bug: #2012255
Change-Id: Icf38a52472d02ef7d69bcd3716afb16e859d44a2
Sometimes passwords, URLs and other values of the variables can
contain special symbols, for example the dollar sign, using these
values can lead to unpredictable attempts of the variable expansions
in the Bash scripts, such as openrc file, so we need to use single
quotes for all variables values.
Change-Id: Ib2aabadd0ffd6a8dc2591245f29b4478e03d92fc
Signed-off-by: Maksim Malchuk <maksim.malchuk@gmail.com>
When using externally managed certificates, according to [1],
one should set `kolla_externally_managed_cert: yes` and ensure
that the certificates are in the correct place.
However, RabbitMQ precheck still expects the certificates to be
available on the controller node. This is incorrect.
Fix by not running the tasks in question when `kolla_externally_managed_cert: yes`
[1] https://docs.openstack.org/kolla-ansible/latest/admin/tls.html
Closes-Bug: 1999081
Related-Bug: 1940286
Signed-off-by: Magnus Lööf <magnus.loof@basalt.se>
Change-Id: I9f845a7bdf5055165e199ab1887ed3ccbfb9d808
This reverts commit 9867060b6b3bd36aad121b53b9e5dddfca8a8e4c.
Reason for revert: seems this broke some jobs
Change-Id: I1ca81214ece403351c0a522ea05bf07802e4c4c0
