openstack/kolla-ansible
Code Issues Proposed changes
13,309 Commits 5 Branches 115 Tags
ff0fca8fdc
Commit Graph

13309 Commits

Author SHA1 Message Date
Zuul
ff0fca8fdc Merge "Switch trove-api to wsgi running under apache." 2023-02-20 16:46:42 +00:00
Zuul
b1e5a97028 Merge "Use loadbalancer to connect to etcd" 2023-02-17 08:55:34 +00:00
Zuul
5ee602fcf1 Merge "ansible: Use assert on checks for readability" 2023-02-17 08:55:31 +00:00
Zuul
8f15011134 Merge "neutron: Use assert on checks for readability" 2023-02-17 08:55:28 +00:00
Zuul
4a0f058c54 Merge "rabbitmq: Use assert on checks for readability" 2023-02-17 08:40:25 +00:00
Zuul
b2dcfa0824 Merge "host_os: Use assert on checks for readability" 2023-02-17 08:39:24 +00:00
Michal Nasiadka
59002ded86 CI: Pin ansible-lint to <6.13.0 
Change-Id: I13ee17a96033da75cbb377bce483f027127d646d
 2023-02-16 15:34:24 +00:00
Zuul
c8c3310a4a Merge "docs: fix information about libvirt SASL auth" 2023-02-15 14:46:39 +00:00
Zuul
0a128d24b9 Merge "Put etcd behind HTTP loadbalancer" 2023-02-14 11:31:09 +00:00
Will Szumski
e2c7dace44 Use loadbalancer to connect to etcd 
Hardcoding the first etcd host creates a single point of failure.

Change-Id: I0f83030fcd84ddcdc4bf2226e76605c7cab84cbb
 2023-02-14 10:16:55 +00:00
Zuul
4ba17d6da4 Merge "loadbalancer: Use assert on checks for readability" 2023-02-13 16:19:50 +00:00
Zuul
ffa9c307b4 Merge "zun: Use assert on checks for readability" 2023-02-13 16:19:48 +00:00
Will Szumski
6f536a4f71 Put etcd behind HTTP loadbalancer 
etcd-compatible tooz drivers do not support multiple endpoints via
backend_url. We can put a loadbalancer in front of etcd and configure
backend_url to use the VIP instead. The issue with hard coding the first
host is that we break coordination if we take this host offline. In the
case of cinder, we would not be able to perform any volume related
operations.

Co-Authored-By: Mark Goddard <mark@stackhpc.com>
Change-Id: Ib684501ba03c386dc5ac71e5cbea05c99f191665
 2023-02-13 11:45:53 +00:00
Zuul
df12f2ce02 Merge "Default neutron_tls_proxy and glance_tls_proxy to haproxy_tag" 2023-02-10 14:47:49 +00:00
Zuul
429ac6fc00 Merge "Fix kolla_docker module" 2023-02-08 11:53:22 +00:00
Zuul
b7731b97d7 Merge "CI: make debian/aarch64 voting" 2023-02-08 10:53:03 +00:00
Zuul
1a81e00b53 Merge "CI: Add Rocky9 upgrade jobs" 2023-02-08 10:53:00 +00:00
Zuul
0e7dfe8bec Merge "CI: Drop apparmor installation" 2023-02-08 10:36:25 +00:00
Zuul
75bd313678 Merge "Trivial: Add connection: local for keystone-fernet cron generate task" 2023-02-08 00:15:59 +00:00
Zuul
3425b0f662 Merge "docs: add note about tag suffix for aarch64" 2023-02-07 17:34:39 +00:00
Zuul
bc5e462143 Merge "remove elasticsearch remnants in antelope cycle" 2023-02-07 17:34:36 +00:00
Michal Nasiadka
654577646f CI: Drop apparmor installation 
Depends-On: https://review.opendev.org/c/openstack/ansible-collection-kolla/+/872590
Change-Id: Ia8283f28147fbbd2d24028d01e021f95598b86fb
 2023-02-07 17:12:07 +00:00
Bartosz Bezak
337cf3c9bf CI: Add Rocky9 upgrade jobs 
Rocky9 support landed in Zed release, we should start test them in
Antelope.

Change-Id: If4ca6aab660793015d577c3dfbeb7c75ca08c3fb
 2023-02-07 13:18:45 +00:00
Zuul
34c1034e30 Merge "Add skyline service" 2023-02-07 11:34:19 +00:00
Bartosz Bezak
ee658f4549 remove elasticsearch remnants in antelope cycle 
Change-Id: I115b491eca413437926f5bcaf53336151f9a7c0b
 2023-02-07 11:25:27 +01:00
Michal Nasiadka
ef49c7440f CI: Install lvm on setup_disk scenarios 
Change-Id: I99145322f65468e9926b1412844ad4ccaa6829d7
 2023-02-06 16:06:02 +00:00
Michal Arbet
63b9fa5639 Fix kolla_docker module 
This patch fixes kolla_docker module
as it did not take into account common_options
parameter. From patchset it's visible that module's
default values are used always - even if user overrided
some param in common_options dict.

Closes-Bug: #2003079

Change-Id: I677fde708dd004decaff4bd39f2173d8d81052fb
 2023-02-04 23:54:47 +01:00
Michal Nasiadka
f253f99c12 Do not support dimensions:kernel_memory on Docker API 1.42 
It is deprecated in 20.10 and removed in 23.0 (and 23.0 is out) [1], [2].

[1]: https://docs.docker.com/engine/deprecated/#kernel-memory-limit
[2]: https://docs.docker.com/engine/api/version-history/#v142-api-changes

Change-Id: Ia6fa85172aad7bcd5f958922d3c224ef79882e6c
 2023-02-03 11:32:32 +00:00
Pierre Riteau
cbf6ce640a docs: fix information about libvirt SASL auth 
Change-Id: I0ff303a2fad2edbcedbe88486b272d2efa765d8d
 2023-02-03 10:55:29 +01:00
wu.chunyang
303998e294 Switch trove-api to wsgi running under apache. 
This change also adds support for Trove backend TLS.

Depends-On: https://review.opendev.org/c/openstack/kolla/+/854744
Change-Id: I2acf7820b24b112b57b0c00a01f5c4b8cb85ce25
 2023-02-02 01:22:59 +00:00
Michal Arbet
78cf9585b7 Trivial: Add connection: local for keystone-fernet cron generate task 
This patch add connection local for above mentioned task as
kolla-ansible can be executed in docker container as in
my case.

When there is no connection: local, ansible is trying to connect
to localhost via ssh where specified python script is not available.

After connection: local everything is working as expected as file
is found inside container

Closes-Bug: #2004224

Change-Id: I219a958b4f101efb71a2935e6d910dae5c65f0be
 2023-01-31 06:48:40 +01:00
yangshaoxue
113b77c8cb Add skyline service 
Support to deploy skyline by kolla-ansible.

Implements: blueprint skyline
Depends-On: https://review.opendev.org/c/openstack/kolla/+/826948

Change-Id: Ice5621491a432ba32138abd6f62d1f815cc219e0
 2023-01-31 13:47:18 +08:00
Bartosz Bezak
95895d5b06 Default neutron_tls_proxy and glance_tls_proxy to haproxy_tag 
neutron_tls_proxy and glance_tls_proxy are using haproxy container
image. Pin them to haproxy_tag directly.

Change-Id: I73142db48ebe6641520d21b560f16de892e07c34
 2023-01-30 16:45:56 +00:00
Zuul
66ec9cef55 Merge "Remove support for Ubuntu Focal 20.04 hosts" 2023-01-30 14:50:57 +00:00
Zuul
98139b0f10 Merge "Remove system scope token to access services" 2023-01-30 13:03:13 +00:00
Bartosz Bezak
6db6bc0a9f Remove support for Ubuntu Focal 20.04 hosts 
Users running on a Focal host will now fail in prechecks.

Change-Id: Icaef4b25458490e46f623b055658abc678d2f1c6
 2023-01-29 14:28:51 +00:00
Ghanshyam Mann
283fa242ca Remove system scope token to access services 
As per the RBAC new direction in Zed cycle, we have dropped the
system scope from API policies and all the policies are hardcoded
to project scoped so that any user accessing APIs using system scope
will get 403 error. It is dropped from all the OpenStack services
except for the Ironic service which will have system scope and to
support ironic only deployment, we are keeping system as well as project
scope in Keystone.

Complete discussion and direction can be found in the below gerrit
change and TC goal direction:

- https://review.opendev.org/c/openstack/governance/+/847418
- https://governance.openstack.org/tc/goals/selected/consistent-and-secure-rbac.html#the-issues-we-are-facing-with-scope-concept

As phase-2 of RBAC goal, services will start enabling the new
defaults and project scope by default. For example: Nova did in
- https://review.opendev.org/c/openstack/nova/+/866218

Kolla who start accessing the services using system scope token
- https://review.opendev.org/c/openstack/kolla-ansible/+/692179

This commit partially revert the above change except keeping
system scope usage for Keystone and Ironic. Rest all services are changed
to use the project scope token.

And enable the scope and new defaults for Nova which was disabled
by https://review.opendev.org/c/openstack/kolla-ansible/+/870804

Change-Id: I0adbe0a6c39e11d7c9542569085fc5d580f26c9d
 2023-01-26 17:52:00 -06:00
Zuul
38ccebb8cb Merge "Add systemd container control" 2023-01-25 18:43:47 +00:00
Marcin Juszkiewicz
ee7eb5388f CI: make debian/aarch64 voting 
Change-Id: I81b53b6b219865f6f16d58097e6c055058c06d4c
 2023-01-25 15:20:00 +01:00
Zuul
99d1e3c710 Merge "Adding optional delay between l3 agent restarts" 2023-01-25 14:08:06 +00:00
Zuul
287a181466 Merge "CI: show coverage report in job" 2023-01-25 11:20:28 +00:00
Zuul
cab09e31dc Merge "Add ability to configure rabbitmq" 2023-01-25 11:20:23 +00:00
Michal Nasiadka
84be732361 CI: show coverage report in job 
Change-Id: I67bc12cb0a9b9d27c51d9c69a689dc16cd37c757
 2023-01-23 14:14:17 +01:00
Alex-Welsh
391aa4677f Adding optional delay between l3 agent restarts 
This change serialises the neutron l3 agent restart process and adds a
user configurable delay between restarts. This can prevent connectivity
loss due to all agents being restarted at the same time.

Routers increase the recovery time, making this issue more prevalent.

Change-Id: I3be0ebfa12965e6ae32d1b5f13f8fd23c3f52b8c
 2023-01-23 09:14:59 +00:00
Stanislav Dmitriev
0b62db7cc4 Set scheduler.max_attempts for nova conductor 
In order to honour configured max number of attempts
it has to be presented in nova.conf inside of
nova_conductor container, otherwise the default value
of 3 will be used

Closes-Bug: #2003587
Change-Id: I928af332b8658223444594f96417830233057284
 2023-01-20 17:10:52 -05:00
Zuul
5ca408f875 Merge "CI: Rename jobs - drop source part" 2023-01-20 08:33:48 +00:00
Michal Nasiadka
3348c6ef8d CI: Rename jobs - drop source part 
Change-Id: Ib69642056e760bad0e4ea13576502f0e08115259
 2023-01-19 12:07:22 +01:00
Zuul
32dce70f09 Merge "Drop skydive" 2023-01-19 10:26:01 +00:00
Martin Hiner
4866017e52 Add systemd container control 
This commit adds SystemdWorker class to kolla_docker ansible module.
It is used to manage container state via systemd calls.

Change-Id: I20e65a6771ebeee462a3aaaabaa5f0596bdd0581
Signed-off-by: Ivan Halomi <i.halomi@partner.samsung.com>
Signed-off-by: Martin Hiner <m.hiner@partner.samsung.com>
 2023-01-19 10:38:41 +01:00
Zuul
08267a59ce Merge "Stop firewalld config during kolla genconfig" 2023-01-18 16:26:19 +00:00