- The baremetal_nic variable was used as part of
kolla host playbook when generating the /etc/hosts file.
Populating the /etc/hosts is done to ensure that rabbitmq
can reach the other nodes in the rabbitmq cluster by hostname.
- Before this change the baremetal_nic variable was used to
determin which interface to read when mapping the hostname to
an ip address.
- This change removes baremetal_nic and uses api_interface
instead as the hostname used by rabbitmq should always map to the
api_interface ip.
TrivialFix
Closes-Bug: #1618381
Change-Id: I65fe3aad58ac34b001a1f4a38641addc9fa5a1d4
- This change extends kolla-ansible
with a deploy-server command to enroll and deploy
physical servers with bifrost.
Change-Id: Iaa9f34b00e676569f6e3df679b7454b1ec0b8e34
Implements: blueprint bifrost-support
- This change extend the genpwd.py
command to generate an ssh key pair
bifrost.
- This change bifrost config and bootstrap
task to install the generated keys.
- This change updates the bifrost guide to
discribe how to provide your own key.
Change-Id: I05243f58843d9195cace253dff5628fae89c78e8
Implements: blueprint bifrost-support
- This change addes the ability to deploy
and bootstrap bifrost.
- This change introduces a deploy-bifrost
command to kolla-ansible.
Change-Id: I62afcf348661add900c98904e90a15a0eddffd4b
Implements: blueprint bifrost-support
New option enable_neutron_agent_ha added to enable/disable dhcp/l3 agent
high availability, dhcp_agents_per_network is default to 2 and it's
configurable.
Implement blueprint: support-network-ha
Change-Id: Id4742aa67c80584634b923195545bf2b654172f3
There will never be a need for these python development packages
in the baremental install case, so removing them from main.yml.
TrivialFix
Change-Id: Iab8edcfd07c818e40328aa5311b84880b656af08
With current implementation generation of hostfile is N^2, let's at
least limit this to controller nodes. Currently only RabbitMQ requires
hostnames, and these lands on control.
TrivialFix
Change-Id: I15f8d98386ede8bbc89f66923f21547efe20ff37
An unwitting user may apply the KOLLA_CEPH_OSD[_CACHE]_BOOTSTRAP label
to a partition assuming it will only use that partition for Ceph, and
end up wiping out their disk.
This change adds a layer of checking to this scenario to try and help
avoid a disaster scenario.
Closes-Bug: 1599103
DocImpact
Change-Id: Ibb9fb42f87a76bc02165ec0b93b60234bad8747a
Retry once when removing or upgrading nova_libvirt to ensure it is
removed
Closes-Bug: #1617741
Change-Id: I8b5046a438c0ef3599a4333bbe77333f0af323ff
Signed-off-by: Jeffrey Zhang <zhang.lei.fly@gmail.com>
Migrate to full variable syntax in with_ loop for
manila and tempest.
TrivialFix
Partial-Implements: bp ansible2
Change-Id: Ic68fd6123f0cd5bd0035e139e89f7b569574074c
In links: http://pythonhosted.org/six/, we know 'cStringIO' is
a module of python 2.x, but in python3.x module 'io' has the
same function as 'cStringIO' in python2.x. So here we use
six.stringIO instead.
TrivialFix.
Change-Id: I8022b92b186e239cd76a36dab7766301bf96d2c4
rabbitmq's start task contains a precheck. This should be part of the
other prechecks for consistency
TrivialFix
Change-Id: I7728ec3f5be3248424d74a4387925b72114b8943
Directory /home/ansible/.ansible and file /var/log/kolla/ansible.log are
not created by default in toolbox image, so when ceph enabled, the directory
and file will be created with user 'root' instead of user 'ansible' after
running bootstrap osds because it using sudo when bootstraping osds,
this will cause permission denied issue for other commands not using sudo.
Fixes this issue by initializing ansible by running 'ansible localhost
--version' using user 'ansible'
TrivialFix
Change-Id: Ibac3f98b3b72cbe287ee1d3a69ed9cea7ae3cd9e
In order for Murano to be operational the core library package must be
imported [0]
Add Ansible tasks to do this idempotently.
[0] http://docs.openstack.org/developer/murano/install/manual.html
TrivialFix
Change-Id: I2c49e9d663595650b885267839012b543505337a
This addresses the ansible aspects of fernet key bootstrapping as
well as distributed key rotation.
- Bootstrapping is handled in the same way as keystone bootstrap.
- A new keystone-fernet and keystone-ssh container is created to allow
the nodes to communicate with each other (taken from nova-ssh).
- The keystone-fernet is a keystone container with crontab installed.
This will handle key rotations through keystone-manage and trigger
an rsync to push new tokens to other nodes.
- Key rotation is setup to be balanced across the keystone nodes using
a round-robbin style. This ensures that any node failures will not
stop the keys from rotating. This is configured by a desired token
expiration time which then determines the cron scheduling for each
node as well as the number of fernet tokens in rotation.
- Ability for recovered node to resync with the cluster. When a node
starts it will run sanity checks to ensure that its fernet tokens
are not stale. If they are it will rsync with other nodes to ensure
its tokens are up to date.
The Docker component is implemented in:
https://review.openstack.org/#/c/349366
Change-Id: I15052c25a1d1149d364236f10ced2e2346119738
Implements: blueprint keystone-fernet-token
This ensures that the same client IP address will always reach the same
server as long as no server goes down or up. [0]
Prevents a situation where during Murano package upload - we end up
having zip file on one control node but the import continues on another
and ends up failing.
[0] http://cbonte.github.io/haproxy-dconv/configuration-1.7.html#4-balance
TrivialFix
Co-Authored-By: Vladislav Belogrudov <vladislav.belogrudov@oracle.com>
Change-Id: I5f90d2757f31e8b24459a585153d5aa7fe6ad90a
The values for 'network_interface' and 'neutron_external_interface' are
missing from all.yml, meaning it is impossible to override them on a per
node / per group basis. (globals.yml get's top precedence).
Make these consistent with the rest of the variables and move the
defaults into all.yml. Operators can still override / update these in
globals.yml as before, but those wanting more flexibility now have it
via host / group variables.
Change-Id: I2575921f76a8e245106da765757c70353bd6762c
Closes-Bug: #1604129
Add Ansbile reconfigure playbook to Elasticsearch role.
Add run condition to start playbook in Elasticsearch role.
Change-Id: I7862089cae55d392eb2d922f89a382d392cf8b97
Closes-Bug: #1616005
