This change adds enable_fluentd option and enables some other log shippers
to be integrated. When enable_fluentd is "no", syslog server is also disabled.
Then, this change also adds syslog parameters to use a syslog server
prepared by users.
Change-Id: I7c83ef7fe30a6b9ab7385bcee953ad07e96b0a83
Implements: blueprint fluentd-enable-option
Console access for HyperV VMs is now done via Kolla VIP.
The VIP will point to each HyperV compute node IP on which
FreeRDP-WebConnect is installed.
Closes-Bug: #1714249
Change-Id: I3a5d23425996a5c347ff21df3f99c3f63dd35173
Update comments and add enable_haproxy to let helpinners know how
to set kolla_internal_vip_address and deploy AIO OpenStack without
haproxy correctly.
As a beginner in kolla-ansible, current comments for
kolla_internal_vip_address let me belive that if I set it to my eth0 ip,
kolla-ansible will help deploy an AIO OpenStack without haproxy. But in
fact it throws an error, I get the right way after searching IRC log.
Change-Id: I1ba1ffe774ad0cf29543523a56854b9d7caa680a
Rollout redis container in master/slave configuration
Deploy redis-sentinel and connect to redis cluster
Redis is needed for mistral coordination backend.
Partial-Bug: #1700591
Change-Id: Ic0269d0db10624925e7bcdbf0e33ae87b84a9cf2
- This change creates a new role to
support deploying ovs with dpdk.
- This change introduces an enable_ovs_dpdk
variable to enable ovs with dpdk as part of
the deploy action.
- This change extends the ovs-dpdkctl.sh tool
to correctly deploy ovs-dpdk on Ubuntu and CentOS
hosts.
- This change extends the cleanup-host tool
to correctly uninstall ovs-dpdkctl.sh tool and its
systemd files if present on the host.
- This change automatically configures userspace
kernel drivers.
partial-implementes: bp/ovs-dpdk
Change-Id: I55858d81df437e8258705b75426f61ab9b907c7d
Implements compute part of the blueprint.
Make virt_type of nova_compute configerable.
Change-Id: I0f37e49e09c4f14a64797506007bb55a6f534f0f
Partially-implements: blueprint kolla-ansible-support-vsphere
Co-Authored-By: shaofeng cheng <chengsf@winhong.com>
Introduced new option enable_cinder_backup, that controls
whether to deploy cinder-backup service.
Change-Id: Ibb0ca0a478748d4caba4df434456ead0df95ffca
Signed-off-by: Pavel Glushchak <pglushchak@virtuozzo.com>
Openstack is able to simply manage VLAN network on VMware
Distributed Switch.
DHCP agent can provide dhcp offer with vlan tag provided
by OVS.
Both neutron external nic and physical nic of vCenter/
vSphere should be on a vlan trunk port and can communicate
with each other.
Depends-On: I4655086a3f058ec769d3d37ec6a19565b5ea0841
Change-Id: I6d1629e93f0efeddd2a9000f66cc6f714bebb07c
Partially-implements: blueprint kolla-ansible-support-vsphere
Neutron-sfc-agent start its functions with openvswitch.
This change moves sfc configuration into neutron-openvswitch-agent.
Rework config files to use openvswitch when sfc or openvswitch
are used as network plugin.
Also adds sfc extension_driver to ml2
Change-Id: If1ebf9554f6d686cc6d064e698a48f8a6b6172b3
Closes-Bug: #1664493
Depends-On: I60ba1333231a4ae38a041d41e551f7d74fe15e3b
Ceph was default backup driver in ceph.
Before this change [0] ceph backup was enabled
when ceph was enabled, but now uses
cinder_backup_driver which defaults to NFS.
This will cause users upgrading from ocata
loose their backup functionallity.
[0] a7c47a0539
Change-Id: I44ef59291c90289abfb8c05726540893ae029d23
* remove ceilometer-api and ceilometer-collector service
* use ceilometer-notification to publish message to proper backend
* remove useless ceilometer_database_type and ceilometer_event_type
variables
* sync event_definitions.yaml, event_pipeline.yaml and pipeline.yaml
file with upstream
Change-Id: Ib39053cb5f70bd11ee61d3f26d5b28accecd7190
Adding the role needed to run the qdrouterd as an infrastructure
component which provides a messaging backend for the
oslo.messaging AMQP 1.0 driver. The qdrouterd will provide direct
messaging capabilities for the RPC messaging pattern in support
of hybrid messaging deployments.
Implements: blueprint qdrouterd-role
Change-Id: I74c654b3c70f61f81c2c7efa87f076a62a4a2dd8
This change [0] reverted designate dashboard change because
designate was not finished, we forgot to enable again.
[0] https://review.openstack.org/#/c/408714/
Change-Id: Ibaf7e5a5dc8cbef619d86a0f2b240d384984e8bd
The external_ceph_cephx_enabled option is duplicated
in the global.yml. So one of them was deleted.
Change-Id: I2eff2f1d00b3344f90488bfe0477fe800bcaa85f
Closes-Bug: #1702395
Signed-off-by: jangseon ryu <jangseon.ryu@navercorp.com>
When using the simple_crypto plugin, barbican expects the
[simple_crypto_plugin] kek config value to be a base64-encoded 32 byte
value. However, kolla-ansible is providing a standard autogenerated
password.
There are two relevant variables in kolla-ansible -
barbican_crypto_password (a standard password) and barbican_crypto_key
(a HMAC-SHA256 key). There is no use of barbican_crypto_key other than
when it is generated. barbican_crypto_password is used to set the
[simple_crypto_plugin] kek config value but causes an error when the
simple_crypto plugin is used as the value is not in the expected format.
Using barbican_crypto_key instead resolves the error. Clearly there is a
naming issue here and we should be using barbican_crypto_key instead of
barbican_crypto_password.
This change removes the barbican_crypto_password variable and uses
barbican_crypto_key instead.
Change-Id: I63e2b381c260265e5901ee88ca0a649d96952bda
Closes-Bug: #1699014
Related-Bug: #1683216
Co-Authored-By: Stig Telfer <stig@stackhpc.com>
Implement an ansible role that adds Hyper-V as a compute node for
OpenStack using Kolla.
This will install and configure the Nova Compute service, the
Hyper-V Neutron agent and FreeRDP-WebConnect.
https://docs.openstack.org/ocata/config-reference/compute/hypervisor-hyper-v.html
Change-Id: I601835b0769c5ff173a980a05a752391ae8cc82f
Implements: blueprint hyperv-ansible-role
Co-Authored-By: Alessandro Pilotti <apilotti@cloudbasesolutions.com>
Certain services such as Murano and trove require access to a rabbitmq
instance from tenant networks. [0]
Exposing the internal rabbitmq to end users is a security hole, hence
there are two options, 1) use vhosts in the existing rabbitmq, or two a
separate rabbitmq instances. Given the importance of rabbitmq to the
OpenStack deployment, we have decided to go with a separate instance.
Refer to [1] for more detail on the various options.
This change makes the rabbitmq role generic so that it can be reused, in
this case to start 'outward_rabbitmq'. It needs to be exposed via
haproxy both for network isolation and also because this is what Murano
configuration requires.
Follow on patches will be added to add a vhost in this outward instance
for Murano and other services which require access.
Based on the original work by bdaca[2]
[0] http://murano.readthedocs.io/en/stable-liberty/intro/architecture.html
[1] http://lists.openstack.org/pipermail/openstack-dev/2016-December/109091.html
[2] https://review.openstack.org/#/c/374525
Change-Id: Ib2bcc7ed4bf4f883a7cd1dfad3db89201e3cfd8d
Partial-Bug: #1620374
Depends-On: I020eb6219f89a310451becde41f6f1c7f54baadd
Co-Authored-By: Bartłomiej Daca <bartek.daca@gmail.com>