Existing defaults are setup for tcp, and set ca_file to an empty string.
'If you set this to an empty string, then no trusted CA certificate is loaded.'
libvirt may complain 'unsupported configuration: No server certificate path
set to match server key', as such tls should also be explicitly set to 0.
Change-Id: I49c64808cb236dab1d9fa2e699d0a2f2fc54cc99
- This change creates a new role to
support deploying ovs with dpdk.
- This change introduces an enable_ovs_dpdk
variable to enable ovs with dpdk as part of
the deploy action.
- This change extends the ovs-dpdkctl.sh tool
to correctly deploy ovs-dpdk on Ubuntu and CentOS
hosts.
- This change extends the cleanup-host tool
to correctly uninstall ovs-dpdkctl.sh tool and its
systemd files if present on the host.
- This change automatically configures userspace
kernel drivers.
partial-implementes: bp/ovs-dpdk
Change-Id: I55858d81df437e8258705b75426f61ab9b907c7d
Because the default domain name is "Default" in
ansible/group_vars/all.yml (default domain id is "default"),
the domain name in admin-openrc also should be "Default".
Change-Id: I05f905d87ca57c09d4bdf540c4efbe06ee9bff67
Signed-off-by: Alex Yang <yangyang1@zte.com.cn>
for example: the placement-api regular match
will override placement-api-access
Change-Id: I80ed896b2477709599be0ce73e00d03da1858349
Closes-Bug: #1708468
In some case, docker can not remove container and raise following error
message:
Unable to remove filesystem for xxx remove
/var/lib/docker/containers/xxx/shm: device or resource busy
But the container is removed. This patch assumes container is
removed if only container name is not shown in docker ps.
Closes-Bug: #1662598
Change-Id: I079d5ec6178018403ec7a49c975f137e27eb9ad4
Init fernet task fails if keystone_fernet container
is not running and ssh port bind.
This change add a check to ensure all keystone_fernet containers
are running before init fernet tokens.
Change-Id: Ib95bb5a47a9174f1a00b82cc8b697c0dc19c848e
Closes-Bug: #1704758
Currently nova.conf.j2 generates two compute_driver options for
nova_compute_ironic container like this:
compute_driver = ironic.IronicDriver
compute_driver = libvirt.LibvirtDriver
nova_compute_ironic container fails to start because the latter value
overrides the former one.
This patch fixes the issue recently introduced in [1].
[1] 63314ad6dd181a0e975438de2e99409238f1b775
Change-Id: Ibb661a5a594120be4195d331c38883c3b2886361
Closes-Bug: #1706534
Apache access log formats are modified to be consistent with
the format defined in wsgi-keystone.conf, which includes
the response time (%D) and X-forwarder-For fields.
Change-Id: I02aa5eb106fb894196dfb6e22daf2968e27ed3cb
Closes-Bug: #1703571
In the old implementation, if there is no external ntp server, only one
local chrony server is supported. If multi chrony-server is configured,
chrony client can not sync with them.
In the new implementation
* use VIP to connect chrony-server, which ensure multi local chrony
servers are supported.
* chrony servers depend on VIP. So chrony-server group should be
the same with haproxy group.
* prevent chrony client sync from itself.
* Change owner to chrony:kolla for chrony log folder
* fix keysfile path
* use chrony user for centos and ubuntu image
* fix permission issue for /var/lib/chrony folder
Closes-Bug: #1705200
Change-Id: I6e85fda9824b5ddc7a96895425c5932a3566c27e
adding cors section to keystone and gnocchi templates when
grafana is enabled
Change-Id: I54f4c06ed64254df0f9481e461c9393a399212a3
Closes-bug: #1651796
