This type of per node configuration is required to support things like
availability zones for nova. As always, if this file doesnt exist it
doesnt get used so this change is safe.
TrivialFix
Change-Id: Iff8172af522c2c96e5f2c173b24a5dfd4d522ed2
After our switch to keystone-manage bootstrap Horizon is not happy
due to v3 not being setup correctly. This patch fixes that
This also includes removal of unused variables (transforms them into
endpoint url variables)
TrivialFix
Change-Id: I1e04db8c24049f80e974c063f03068a2ab32a563
Due to poor planning on our variable names we have a situation where
we have "internal_address" which must be a VIP, but "external_address"
which should be a DNS name. Now with two vips "external_vip_address"
is a new variable.
This corrects that issue by deprecating kolla_internal_address and
replacing it with 4 nicely named variables.
kolla_internal_vip_address
kolla_internal_fqdn
kolla_external_vip_address
kolla_external_fqdn
The default behaviour will remain the same, and the way the variable
inheritance is setup the kolla_internal_address variable can still be
set in globals.yml and propogate out to these 4 new variables like it
normally would, but all reference to kolla_internal_address has been
completely removed.
Change-Id: I4556dcdbf4d91a8d2751981ef9c64bad44a719e5
Partially-Implements: blueprint ssl-kolla
New playbook for glance service upgrade.
Change-Id: I759e4eddf669112f752fe07d6b99a4bb9593d97f
Implements: blueprint upgrade-glance
Partially-Implements: blueprint upgrade-kolla
The extend_start.sh script for rsyslog is removed as it is no longer
needed. Docker no longer binds to /dev/log or /run/kolla/log
Closes-Bug: #1544545
Change-Id: Ic0a323a26ee4e9e15baf4598285844a8a4955f23
To allow for TLS to protect the service endpoints, the protocol
in the URLs for the endpoints will be either http or https.
This patch removes the hardcoded values of http and replaces them
with variables that can be adjusted accordingly in future patches.
Change-Id: Ibca6f8aac09c65115d1ac9957410e7f81ac7671e
Partially-implements: blueprint ssl-kolla
Docker 1.10 has broken the gate and this patch will correct that
breakage.
The issue comes with rsyslog. Due to a commit in Docker 1.10 [1] we
must change the way we get the log socket for rsyslog. The /dev/
folder will no longer populate as we used it. So instead we simply
make a new socket in a path we control and share that to the correct
location in the containers.
Additionally, adjust the gate for new Docker daemon.
[1] https://github.com/docker/docker/pull/16639
Partially-Implements: blueprint kolla-upgrade
Change-Id: I881a2ecdf6d7b35991e1d38a3f3e60d022d6577f
This change is needed for clarity. We have a kolla-ansible script.
We have a kolla-mesos repo. We plan to have a kolla-ansible repo.
Already we have had far too much confusion about whether we are
talking about the container or the project. Naming this kolla-toolbox
eliminates all of that confusion and its probably a bit more accurate
of a name too.
Closes-Bug: #1541053
Change-Id: I8fd1f49d5a22b36ede5b10f46b9fe02ddda9007e
Add bootstrap label to all bootstrap containers to ensure that when
the a new container is launched a difference is seen between it and
the bootstrap container since we cannot rely on ENV variables for
this. This only affects mariadb at this stage, but it is needed to
ensure rabbitmq works when we switch to named volumes.
Change-Id: Ia022af26212d2e5445c06149848831037a508407
Closes-Bug: #1538136
After introduction of pull action and turing every main.yml into
{{action}}.yml we lost ability to perform upgrade
Change-Id: Ie9fa2cd083b061033abc733fba53d54f9c55e393
Fixes-Bug: #1538210
This intentionally leaves out rabbitmq from this patchset. It will
require additional work to remove its data container
UpgradeImpact
Partially-Implements: blueprint docker-named-volumes
Change-Id: Id68b8e43a3c077ef4f4f4d67ea34d0692e66eef7
Convert config creation from a playbook to an action_plugin. This
reduces the complexity and confusion while retaining the same augment
structure and flexibility.
This allows us to remove the 0-byte files as requirements. They will
still be used if they are present (this means we require additional
documentation around them).
DocImpact
Closes-Bug: #1528430
Change-Id: I2c789f6be9f195c7771ca093a6d59499564b4740
This runs first sanity check for glance. After glance is deployed
it checks images.list(). Also consist few fixes for previous patches
Change-Id: I03d05d246302d8411b2e94c94ca7fe046c00d735
Partially-Implements: blueprint sanity-check-container
Additionally remove tty from the container cleanup docker section. It
was added in a sed in a previous patchset by serves no purpose.
Change-Id: Ib617870616bca687f72ffaa44b2e9a3a11ef1011
Partially-Implements: blueprint cleanup-playbooks
The bootstrap tasks could be started on any node listed in the
site.yml
The issue is that all the tasks must run on the same node, and the
only node that all the tasks can run on is the 'api' node due to
needing to start the bootstrap container which binds in the configs.
delegate_to is required to ensure that the proper node gets the task.
Co-Authored-By: Sam Yaple <sam@yaple.net>
Change-Id: Ica04ab366777a571a92212ac22c482f1881d4ecd
Closes-Bug: #1513598
Related-Bug: #1513439
Ceph can function just fine generating the keys before the pools have
been created so we can apply the proper permissions to the auth string
ahead of time. This allows us to not require additional steps to add a
cache tier on the fly in the future.
Change-Id: I8214c567fb7c337f95d908c5699d1da922bfa1a6
Closes-Bug: #1518475
The drop root change for Glance highlighted the fact that we were
binding volumes from glance_data into the wrong container - it was
glance_registry whereas it should be glance_api. This would result in
all images being lost if the glance_api container happens to restart.
Also, we need a sudoers file to chown the file backend dir to the glance
user.
Change-Id: If04337045bb94b3126e48d1f5bf0ea29e20373ae
Closes-Bug: #1516729
The original reason for having the data container in the bootstrap.yml
was to keep consistency with rabbitmq and mariadb, but in light of
this bug we need to move the data container out of the bootstrap.yml
role since we will be limiting the hosts that those tasks can run on.
Change-Id: I7f2f5979b01807275908699d1243756cb97d3588
Partial-Bug: #1513598
database_user_create was not correctly referenced when parsing the
variable names. This could never actually lead to a situation that
reported a false change, but it could break an operation if you were
using the --step option with ansible and skipped the database create
task.
TrivialFix
Backport: Liberty
Change-Id: Idf69fffcc3814f509448ccea11b7d175f074ccf1
The bootstrap must occur on the nova-api node due to binding in the
nova-api directory (same goes for all other services)
Closes-Bug: #1513439
Backport: Liberty
Change-Id: Iab88b49712828085e4d7e7f85e6d8f0b7999a9bf
Adjust all the configs to list all the rabbitmq hosts rather than
running rabbitmq through the VIP. This is made possible by clusterer
which has already merged.
Change-Id: I5db48f5f10ec68f4c8863a29bc13984f6845a4f9
Partially-Implements: blueprint rabbitmq-clusterer
Introduces a new flag to bootstrap cache devices
DocImpact
Partially-Implements: blueprint ceph-improvements
Change-Id: I09b5a0d5c61b3465237e5f01dc10120725561cd3
sudo requires a tty to function by default on centos. Instead of
tweaking the sudo conf we can just add a tty. This has the added
advantage of making the containers more friendly if you have to
`docker exec -i <container> bash` into them.
Change-Id: If97a02ca1d37c243a787d98ade54bde8d641aecd
backport: liberty
Partially-Implements: blueprint functional-testing-gate
Ansible 1.9.2 contains the fix needed for docker-py >1.2.0
This is needed for some gate reasons, but it is also a good version
bump because it fixes a few issues with delegate_to.
Change-Id: Iafbabb3b0232620849d0548c5cd9d8d316c2b0f3
backport: liberty
Partially-Implements: blueprint functional-testing-gate
This brings Kolla images inline with FHS and should make finding
locations of things more consistent and reliable with the linux world
at large.
Change-Id: Iece5b4da4bace0fb8b1f41a65ab2c852ec73e6f8
Closes-Bug: #1485742
This implements all the openstack pieces needed to make ceph work.
DocImpact
Change-Id: I1d24476a966602cf955e5ef872b0efb01319894a
Partially-Implements: blueprint ceph-container
Implements: blueprint kolla-live-migration
Currently bootstrap containers are waited to exit but are not
checked for exit status and ansible runs further tasks. If
bootstrapping fails we notice it at much later time.
Change-Id: I137fc11b0f9d1f03d2ded08a213e8dbd62741f92
Closes-Bug: #1492337
The register operation was registering user_database which is a global
variable in group_vars/all.yml. This results in glance not being deployable
because user_database is overwrriten at keystone task registration time.
The result of this is the playbooks fail to deploy.
Change-Id: Ic69725fb09aa0a368ec5b0d8f47bfc768c29c70c
Closes-Bug: #1486876
The previous method of using the API image for a data container
worked, but resulted in more data being bindmounted and copied
into the system. This patch resolves that by essentially using
a distro-type as a FROM in a Dockerfile to generate
distro-type-data. Further all of the data containers used
throughout ansible are modified to use this new data container.
Change-Id: I8846573d4f2d4b98d4f46c770bfefc6d4c5cd0b5
Partially-Implements: blueprint one-data-container
Glance bootstrap container is based on glance-api. Ansible playbook
incorrectly mounts
"{{ node_config_directory }}/glance" to "/opt/kolla/glance"
where it should mount
"{{ node_config_directory }}/glance-api" to "/opt/kolla/glance-api".
After start bootstrap container fails to find configuration and exits.
Change-Id: Id2e5ddb2191cfee7db57dd0aec2f06fc617aa9d6
Closes-Bug: #1483757
