This allows swift service endpoints to use custom hostnames, and adds the
following variables:
* swift_internal_fqdn
* swift_external_fqdn
These default to the old values of kolla_internal_fqdn or
kolla_external_fqdn.
This also adds a swift_proxy_server_listen_port option, which defaults to
swift_proxy_server_port for backward compatibility.
This option allow the user to differentiate between the port the
service listens on, and the port the service is reachable on. This is
useful for external load balancers which live on the same host as the
service itself.
While we're in here, use the ``internal_protocol`` variable for the swift
endpoint in cinder's swift backup driver configuration, instead of hardcoding
to ``http``.
Change-Id: Ibc01618383c26e16c0067f7f6b9cf5160d968d1e
Implements: blueprint service-hostnames
This allows cinder service endpoints to use custom hostnames, and adds the
following variables:
* cinder_internal_fqdn
* cinder_external_fqdn
These default to the old values of kolla_internal_fqdn or
kolla_external_fqdn.
This also adds a cinder_api_listen_port option, which defaults to
cinder_api_port for backward compatibility.
This option allow the user to differentiate between the port the
service listens on, and the port the service is reachable on. This is
useful for external load balancers which live on the same host as the
service itself.
Change-Id: I2a5036456afac6135dca3723ae754ea9f8bc8475
Implements: blueprint service-hostnames
We're duplicating code to build the keystone URLs in nearly every
config, where we've already done it in group_vars. Replace the
redundancy with a variable that does the same thing.
Change-Id: I207d77870e2535c1cdcbc5eaf704f0448ac85a7a
The iscsi_helper option was deprecated in favour of target_helper in
Queens, and will be removed in the Stein release.
This also renames the cinder_iscsi_helper variable to
cinder_target_helper, deprecating but still supporting the former name
until the Train release.
Change-Id: Ie38c09b2dd8598f62b0733c8444eec5f6ce3daac
This allows glance service endpoints to use custom hostnames, and adds the
following variables:
* glance_internal_fqdn
* glance_external_fqdn
These default to the old values of kolla_internal_fqdn or
kolla_external_fqdn.
This also adds a glance_api_listen_port option, which defaults to
glance_api_port for backward compatibility.
This option allow the user to differentiate between the port the
service listens on, and the port the service is reachable on. This is
useful for external load balancers which live on the same host as the
service itself.
Change-Id: Icb91f728533e2db1908b23dabb0501cf9f8a2b75
Implements: blueprint service-hostnames
Use <project>_install_type instead of kolla_install_type
to set python_path. For example, general kolla_install_type
is 'binary', but user wants to deploy Horizon from 'source'.
Horizon templates still use python_path=/usr/share/openstack-dashboard,
it is wrong.
Change-Id: Ide6a24e17b1f8ab6506aa5e53f70693706830418
Add an enable_cinder_backend_quobyte option to etc/kolla/globals.yml to
enable use the Quobyte Cinder backend.
Change the bind mounts for /var/lib/nova/mnt to include the shared
propogation if Quobyte is enabled.
Update the documentation to include a section on configuring the Cinder.
Implements: blueprint cinder-quobyte-backend
Change-Id: I364939407ad244fe81cea40f880effdbcaa8a20d
According [1], vitrage notification has to be configured in Nova,
Neutron, Cinder & Aodh config file.
[1] https://review.openstack.org/#/c/302802/
Change-Id: Iaf8cd7d40e6eb988adf4d208e6ad784f1004caa5
Cinder has dropped [1] support for legacy backup services. It is now
necessary to specify the full class of the backup driver, rather than
just the module name. This was causing the kolla-ansible ceph jobs to
fail.
[1] https://review.openstack.org/#/c/595372
Change-Id: Icf0ee475ba73f013d4266332d999362651d9475b
Option auth_uri from group keystone_authtoken is deprecated[1].
Use option www_authenticate_uri from group keystone_authtoken.
[1]https://review.openstack.org/#/c/508522/
Co-Authored-By: confi-surya <singh.surya64mnnit@gmail.com>
Change-Id: Ifd8527d404f1df807ae8196eac2b3849911ddc26
Closes-Bug: #1761907
Currently osprofiler only choose elasticsearch,
which is only supported on x86.
On other platform like aarch64 osprofiler can
not be used since no elasticsearch package.
Enable osprofiler by enable_osprofiler: "yes",
which choose elasticsearch by default.
Choose redis by enable_redis: "yes" & osprofiler_backend: "redis"
On platform without elasticsearch support like aarch64
set enable_elasticsearch: "no"
Change-Id: I68fe7a33e11d28684962fc5d0b3d326e90784d78
Cinder requires access to Nova during Nova assisted backups and
snapshots. Both fail without proper Nova authentication section
in cinder.conf file.
Change-Id: I5d1fc3b466bf2df919e426d2052c1ee31c27030d
Closes-Bug: #1772959
Cinder cannot run with both snapshots or backups of volumes and
secure NAS feature. Choosing the former as the latter does not function
well everywhere.
Change-Id: Iba3783b2acb79dd0e765862ef972a568c96ec108
Closes-Bug: #1726836
If SSL is enabled, api of multiple services returns
wrong external URL without https prefix.
Removal of condition for deletion of http header.
Change-Id: I4264e04d0d6b9a3e11ef7dd7add6c5e166cf9fb4
Closes-Bug: #1749155
Closes-Bug: #1717491
- Keystone
- Glance
- Nova
- Cinder
This will copy only yaml or json policy file if they exist.
Change-Id: I4a9415d82322aed68c9b7650bdf346f58fa49e2a
Implements: blueprint support-custom-policy-yaml
Co-authored-By: Duong Ha-Quang <duonghq@vn.fujitsu.com>
This commit separates the messaging rpc and notify transports in order
to support separate and different oslo.messaging backends
This patch:
* add rpc and notify variables
* update service role conf templates
* add example to globals.yaml
* add release note
Implements: blueprint hybrid-messaging
Change-Id: I34691c2895c8563f1f322f0850ecff98d11b5185
We need set glance_api_version = 2 in cinder
configure to support upload volume to image.
Change-Id: I6162b94833043edb06b434bc578f4caa47213b94
Closes-bug: #1720048
my_ip is used by iscsi_ip_address in cinder.conf. Configure it to
api_interface_address.
Change-Id: Ib9f9140668f807b26bdaec849fc0cef0a63a8ca0
Closes-Bug: #1719274
Apache access log formats are modified to be consistent with
the format defined in wsgi-keystone.conf, which includes
the response time (%D) and X-forwarder-For fields.
Change-Id: I02aa5eb106fb894196dfb6e22daf2968e27ed3cb
Closes-Bug: #1703571
Introduced new option enable_cinder_backup, that controls
whether to deploy cinder-backup service.
Change-Id: Ibb0ca0a478748d4caba4df434456ead0df95ffca
Signed-off-by: Pavel Glushchak <pglushchak@virtuozzo.com>
Trace method is enabled in default for httpd. There is security risk
with trace enabled. So disable it in default. more info please check[0].
[0] https://security.stackexchange.com/a/7711
Change-Id: I4496a6d058d88e1abfb210085f189e7a610e0362
Closes-Bug: #1705160
kolla-kubernetes is using its own configuration generation[0], so it is
time for kolla-ansible to remove the related code to simplify the
logical.
[0] https://github.com/openstack/kolla-kubernetes/tree/master/ansible
Change-Id: I7bb0b7fe3b8eea906613e936d5e9d19f4f2e80bb
Implements: blueprint clean-k8s-config
Cinder ubuntu binary was already migrated under apache.
This change migrates rest of the distros/install types to
be executed under an apache process.
Change-Id: I8544eec5bfebf771d758f13abf4dfbc802f5d24f
This changes moves cinder-api to make use of apache to
launch its processes.
Ubuntu binary removed support in Ocata for cinder-api
system services [1]. At this moment cinder in Ocata branch
is not working at all due this issue.
This changes aims to fix cinder in master only for ubuntu
binary with the purpose of make a clean backport to stable/ocata
without do any other change on the backport process.
A follow up change will migrate other OS/install_type to make use
of Apache but only changing master branch.
[1] http://lists.openstack.org/pipermail/openstack-dev/2017-January/111069.html
Change-Id: I9885d6acadbac1da46844f583e7cd37785505ae0
Closes-Bug: #1676751
