Logrotate configuration is missing for ironic-inspector. Prior to [1],
ironic-inspector logs were stored in
kolla_logs/ironic/ironic-inspector.log. After [1], the logs
are stored in kolla_logs/ironic-inspector/ironic-inspector.log
but the logrotate config was not updated.
[1]
07453f3460
Change-Id: I7e78faea361cd67069c1a96aaf0a2ffffc0e8666
Closes-Bug: #1701578
Certain services such as Murano and trove require access to a rabbitmq
instance from tenant networks. [0]
Exposing the internal rabbitmq to end users is a security hole, hence
there are two options, 1) use vhosts in the existing rabbitmq, or two a
separate rabbitmq instances. Given the importance of rabbitmq to the
OpenStack deployment, we have decided to go with a separate instance.
Refer to [1] for more detail on the various options.
This change makes the rabbitmq role generic so that it can be reused, in
this case to start 'outward_rabbitmq'. It needs to be exposed via
haproxy both for network isolation and also because this is what Murano
configuration requires.
Follow on patches will be added to add a vhost in this outward instance
for Murano and other services which require access.
Based on the original work by bdaca[2]
[0] http://murano.readthedocs.io/en/stable-liberty/intro/architecture.html
[1] http://lists.openstack.org/pipermail/openstack-dev/2016-December/109091.html
[2] https://review.openstack.org/#/c/374525
Change-Id: Ib2bcc7ed4bf4f883a7cd1dfad3db89201e3cfd8d
Partial-Bug: #1620374
Depends-On: I020eb6219f89a310451becde41f6f1c7f54baadd
Co-Authored-By: Bartłomiej Daca <bartek.daca@gmail.com>
It should be removed during Heka cleanup made in the following review:
https://review.openstack.org/#/c/384122/
Change-Id: I4cb808e4f607f582bd143ca9c6e355ec44d1b961
Change-Id: I13cf03d6a97fb94dd7cb309e99a417ad101dc21a
Co-Authored-By: Mauricio Lima <mauriciolimab@gmail.com>
Partially-implements: bp add-zun-ansible-role
Haproxy binds the elasticsearch service to kolla_internal_vip_address but
the output templates for fluentd (td-agent) point to a non-existent
kolla_external_vip_address.
Output should also be able to be sent to an external elasticsearch
instance (as per the documentation regarding overriding
elasticsearch_address)
Change these settings so that fluentd outputs to either
the default elasticsearch_address (i.e. kolla_internal_vip_address) or to
the external elasticsearch instance.
Closes-Bug: #1673990
Change-Id: I081533ae8ea9aad186e9c44e1dee069729931453
Add a new subcommand 'check' to kolla-ansible, used to run the
smoke/sanity checks.
Add stub files to all services that don't currently have checks.
Change-Id: I9f661c5fc51fd5b9b266f23f6c524884613dee48
Partially-implements: blueprint sanity-check-container
Implement ansible role to deploy designate
and dependencies. The backend used is bind9.
Co-Authored-By: zhubingbing <zhubingbing10@gmail.com>
Co-Authored-By: Eduardo Gonzalez <dabarren@gmail.com>
Depends-On: 6d0dc3e0f931c7c50b64a4659900cc50b0d860a2
Implements: blueprint ansible-designate
Change-Id: I34d8126e0cd8d71d5ced9b62f3776cc354fbb549
Original we judge heka-custom.toml whether exists with stat: path=
method, but if deploy on multi-nodes, should add local_action.
Change-Id: Id4a124499d1db03b16cb8af231a394b53fe44cbf
Closes-Bug: #1646732
ceilometer is not sending logs to heka because no heka-ceilometer.toml is created.
Updated templates files.
Change-Id: I69f3d93377c6c51d22f37ed120800f7489f5a8a0
Closes-Bug: #1642665
Searchlight is an Openstack search and index service, this patch
implements the ansible role for searchlight.
Implement blueprint: support-searchlight-deployment
Change-Id: Ibf42d5b259a6740d6596041f896e1009657b7388
sahara.conf was not copied over to target nodes. Prevented cron container from starting
Change-Id: I98ad65ad1541e1a64fb5762571556e2661611ff2
Closes-Bug: #1631944
When using both /run and /run/netns in docker container, mount
propagation won't work when delete namespace after the containers are
restarted. This PS makes /run mount as shared.
Closes-Bug: #1616268
Change-Id: Ie16699e1b193b2bf1263d89ea634e89ea69add9e
This change adds copying iscsid logrotate
conf file for config task in common role.
Closes-bug: #1633127
Change-Id: I7da1f9ff794ed62f1baf70c04a2f6d0ca8d426aa
The Heka bookstrap doesn't do anything different then
the start code. Remove the boostrap step since it isn't
needed.
Change-Id: Id9906c6e2cef83fd6d1fcbcbef7a32d9948d07a3
Closes-bug: #1631651
In cf0c25c37 [0] a play was added to run the common role against all
hosts. This ends up being redundant since every role includes the common
role as a dependancy. The reasoning behind this change as pointed out by
the author in the review comments [1] was so that an operator could run
with '--tags common' and just have the common role applied.
To avoid redundancy, the common play has been removed and tags have been
added to the common role. This allows for just the common role to run
when another role is including it while reducing redundancy.
A side affect of removing the common playbook which runs against all
hosts is that not all facts on all hosts are gathered at the beginning
of the site.yml. This breaks the haproxy role since it relies heavily on
facts to build out the haproxy.cfg file.
Previously, the haproxy role would include several hosts purely for fact
gathering purposes as pointed out in c68c9d95 [2] and a guard was put in
place so that the tasks would only run against the 'haproxy' group. In
423e3f3f [3] these hosts were removed. After reading the review [4],
this seems to have been done without fully understanding why the hosts
were there in the first place.
This change did not break anything however since the common role that
ran on all hosts mentioned previously would gather all of the facts
necessary.
To fix this fact gathering issue replace the common role play with a
play that will simply gather facts with an 'always' tag to ensure it is
run regardless of what might be passed in the '--tags' argument by the
operator.
Kudos to Paul Bourke for helping identify many of these issues.
[0] cf0c25c37d
[1] https://review.openstack.org/#/c/369212/
[2] c68c9d95fc
[3] 423e3f3fdf
[4] https://review.openstack.org/#/c/355861
TrivialFix
Closes-Bug: #1628472
Change-Id: Ia94146579e743935501f1ff4b4c1bf6cb7c43aa3
do_reconfigure.yml is introduced to use serial directive. But we use
it in wrong. Now serial has moved to playbook file. So it is time to
remove the do_reconfigure.yml file
Closes-Bug: #1628152
Change-Id: I8d42d27e6bc302a0e575b0353956eaef9b2ca9fd
Only enabled services logs should be added to cron container
and be inclued in cron.json.
This PS adds logic to only copy enabled services cron files.
Change-Id: Id6303a4c77a0230599e11be165489ba46dba65e0
Closes-bug: #1623712
