Add a service check for Cinder when using iscsi/LVM, that the
appropriate volume group exists.
TrivialFix
Change-Id: I54e01911709db73549334760498b4246fe6271d7
Co-Authored-By: Vladislav Belogrudov <vladislav.belogrudov@oracle.com>
Currently when set enable_ceilometer: true and enable_mongodb: no,
the deploy will fail with ceilometer database creating error.
Add a precheck to avoid this situation in both prechecks and bootstrap.
Change-Id: I2d46ef9adeb8e028f3c18e6bc2d3752cc39bcb29
Closes-bug: #1605522
New option enable_neutron_agent_ha added to enable/disable dhcp/l3 agent
high availability, dhcp_agents_per_network is default to 2 and it's
configurable.
Implement blueprint: support-network-ha
Change-Id: Id4742aa67c80584634b923195545bf2b654172f3
rabbitmq's start task contains a precheck. This should be part of the
other prechecks for consistency
TrivialFix
Change-Id: I7728ec3f5be3248424d74a4387925b72114b8943
This addresses the ansible aspects of fernet key bootstrapping as
well as distributed key rotation.
- Bootstrapping is handled in the same way as keystone bootstrap.
- A new keystone-fernet and keystone-ssh container is created to allow
the nodes to communicate with each other (taken from nova-ssh).
- The keystone-fernet is a keystone container with crontab installed.
This will handle key rotations through keystone-manage and trigger
an rsync to push new tokens to other nodes.
- Key rotation is setup to be balanced across the keystone nodes using
a round-robbin style. This ensures that any node failures will not
stop the keys from rotating. This is configured by a desired token
expiration time which then determines the cron scheduling for each
node as well as the number of fernet tokens in rotation.
- Ability for recovered node to resync with the cluster. When a node
starts it will run sanity checks to ensure that its fernet tokens
are not stale. If they are it will rsync with other nodes to ensure
its tokens are up to date.
The Docker component is implemented in:
https://review.openstack.org/#/c/349366
Change-Id: I15052c25a1d1149d364236f10ced2e2346119738
Implements: blueprint keystone-fernet-token
Add the following prechecks for network_interface:
* Check it exists on the node
* Check its up
* Check it has an IP associated
TrivialFix
Change-Id: I86f1d79d8592a3b108822e7d19541f91a1c0d716
Co-Authored-By: James McCarthy <james.m.mccarthy@oracle.com>
In the case of a single node environment without haproxy, the var
"kolla_internal_vip_adress" in global.yml should be the ip address
of the host. However, the prechecks will fail, because this ip
address is used by the host node and is pingable.
This commit fixes the prechecks of a vip address properly.
When the var "enable_haproxy" is "no", this fix will skip prechecks
for a vip address.
Change-Id: I0b752f179d20f82e3d6331047ee0bd802ab99a4b
Closes-Bug: #1570935
When kolla_internal_vip_address didn't belong to the same network as
network_interface, the prechecks would spit out an ugly error:
Unexpected templating type error occurred on [snip]:
argument of type 'NoneType' is not iterable"
This commit fixes the check to execute properly.
Change-Id: I24a066c212c78e105a923525b131724736ac74b6
The Nova EC2 API is disabled by default, the default value
of the enabled_apis parameter in nova.conf is "osapi_compute, metadata"
The EC2 API is marked as deprecated and will be removed from Nova in
the future.
Change-Id: I6b9d66017e066cde5749be45b367194d2192ead3
Closes-bug: #1586605
Upgrade the kernel version is not acceptable for the server in most
of case. I do not see the issue when using ubuntu 14.04 default
kernel with docker aufs storage driver.
Even if there is some wrong in the aufs driver, we could recommend
the user to use other drivers, like lvm, brtfs or even overlay driver.
This reverts commit 833c1269c7941498787d49ce879be6c283728407.
Change-Id: I6ee71ecd1ca64777b874bfcc342162622643b89c
This change makes each step of the kolla deployment aware
of the port database was configured to listen on.
It defaults mariadb_port to database_port.
Change-Id: I8e85d5732015afc0a5481cb33e0b629fdfa84a1b
Closes-Bug: #1576151
DocImpact
Check MountFlags option with systemd rather than with
configuration files which can be overriden with
different ones.
Co-Authored-By: Jeffrey Zhang <jeffrey.zhang@99cloud.net>
Change-Id: Ifa4ce62372af3fe75a66b45c8e7cf9ac9f9c2415
Closes-Bug: #1571281
going to merge Swapnil's patch instead of this patch as it relies on real system output rather then looking in files on the filesystem which differ between distributions.
This reverts commit 5c5e903973a9db4541196fbe9fcb99ce66c5cfa4.
Change-Id: I3e474620c90c1f7b2f5e16106f2c18b2058e169c
check "/etc/systemd/system/docker.service" instead of
"/lib/systemd/system/docker.service" in ubuntu.
In Ubuntu,
the settings in "/etc/systemd/system/docker.service"
will overwrite the settings in "/lib/systemd/system/docker.service"
Change-Id: Idd5b99643b4fb9a4800f5d450e9aaeb22210aa8b
Closes-Bug: #1569644
This partially implements iscsi and lvm2 support for cinder
in Kolla. Add integration with Kolla infrastructure.
Change-Id: I5b7d59163518080f38aec0c00617440de0763f1d
Implements: blueprint iscsi-lvm2-docker
This patch set makes "kolla-ansible prechecks" flag an error if
any password is empty in /etc/kolla/passwords.yml.
Change-Id: I87dee25b79c97be64ca49a5638c7f5a30d4cf464
Closes-Bug: #1563506
Kolla recommends LTS wily kernel version 4.2 on Ubuntu 14.04.
http://docs.openstack.org/developer/kolla/quickstart.html#installing-dependencies
The precheck check the running kernel version, because checking
the linux-image-generic-lts-wily cannot be a valid check.
The package (linux-image-generic-lts-wily) can be installed, but
the running kernel can be other version.
Closes-Bug: #1563500
Co-Authored-By: Vikram Hosakote <vhosakot@cisco.com>
Change-Id: I4e08bca95493b2dbd0ad5f8d1ea4e07b18c4959d
Due to poor planning on our variable names we have a situation where
we have "internal_address" which must be a VIP, but "external_address"
which should be a DNS name. Now with two vips "external_vip_address"
is a new variable.
This corrects that issue by deprecating kolla_internal_address and
replacing it with 4 nicely named variables.
kolla_internal_vip_address
kolla_internal_fqdn
kolla_external_vip_address
kolla_external_fqdn
The default behaviour will remain the same, and the way the variable
inheritance is setup the kolla_internal_address variable can still be
set in globals.yml and propogate out to these 4 new variables like it
normally would, but all reference to kolla_internal_address has been
completely removed.
Change-Id: I4556dcdbf4d91a8d2751981ef9c64bad44a719e5
Partially-Implements: blueprint ssl-kolla
In order to avoid the neutron-dhcp-agent container from
failing, you need to change 'MountFlags' to 'shared' in
/var/lib/systemd/system/docker.serivce. Add a precheck
so that this issue will not happen as often.
Closes-bug: #1546681
Change-Id: I339b5e93e870534fe16c6610f299ca789e5ada62
Remove the docker max version check since we are not pinning
docker version any more.
Partially-Implements: blueprint precheck-tasks
Change-Id: Icfa10e72c56092931aae016afaeed4c6ce8cb337
This playbook runs on hosts before deployment to be sure we don't
have any conflicting services running and systems are in expected
state.
DocImpact
Change-Id: If5f288b7fbdf269697ca834da4eb969b61683ca0
Partially-implements: blueprint precheck-tasks
