The baremetal scheduling options were deprecated
in Pike and the ironic_host_manager was deprecated
in Queens and has now been removed. Deployments
must use resource classes now for baremetal scheduling.
Depends-On: https://review.openstack.org/565805/
Change-Id: I92cab1c7b5dc8201b0a8a94287c75d6348ab4465
If SSL is enabled, api of multiple services returns
wrong external URL without https prefix.
Removal of condition for deletion of http header.
Change-Id: I4264e04d0d6b9a3e11ef7dd7add6c5e166cf9fb4
Closes-Bug: #1749155
Closes-Bug: #1717491
This patch allows configuration of the Infoblox
pluggable IPAM driver in neutron [0].
When 'infoblox' is chosen as the driver, an Infoblox
IPAM agent can be started as well. The agent
allows for enhanced DNS capabilities by listening
for neutron and nova notifications.
[0] https://github.com/openstack/networking-infoblox/blob/master/README.rst
Change-Id: I4f863750a7806a7b6eaf13900d44e5f063afe3de
Depends-On: Ia44f0e0d7a0d60cebf0857ad51700e02eba5099b
Partially-Implements: blueprint neutron-ipam-driver-infoblox
Option "os_region_name" from group "placement" is deprecated. Use
option "region_name" from group "placement".
Change-Id: I4a07a47adaa7b15a3e081bb2869218adc427111e
Closes-Bug: #1762106
When the virt dirver is xenapi, we should explicitly specify host
with dom0's hostname for nova-compute. The host field should be same
as neutron-openvswitch-agent-xenapi.
In order to use dom0's hostname, we need pull the bootstrap_xenapi
to before running nova config tasks. The dom0's hostname will be
included in the XenAPI facts.
Change-Id: Ibfc964bbd6c569062ad33c1399f9a4612baf5b92
blueprint: xenserver-support
- Keystone
- Glance
- Nova
- Cinder
This will copy only yaml or json policy file if they exist.
Change-Id: I4a9415d82322aed68c9b7650bdf346f58fa49e2a
Implements: blueprint support-custom-policy-yaml
Co-authored-By: Duong Ha-Quang <duonghq@vn.fujitsu.com>
Add ansible role to deploy blazar
Add nova filters to allow use of blazar
Change-Id: I6742ddc9a4736f256491dd0cfd31904fa8eb5652
Implements: blueprint blazar-ansible-role
Instance failed to spawn: libvirtError: unsupported configuration: CPU
mode 'host-model' for aarch64 kvm domain on aarch64 host is not
supported by hypervisor.
Change-Id: Iad530457aef24ee8f561a8f7d2c6c6150c55bc42
On AArch64 we run VMs without any graphics so nova console is not
available. For now we had to disable it by hand but it can be automated.
Change-Id: Ib903044493ca98c0dd29d3096f66272e130668b0
When using XenAPI as the virt driver, we need some XenAPI
specific configure options. This commit is to ensure nova's
configuration can be generated correctly for XenAPI. It
includes the folowing changes:
* Add XenAPI as one of the valid options for nova_compute_virt_type;
* Configure some options when XenAPI is chosen as the virt type.
This commit does NOT include the host and [vnc] configurations which
will be covered by a following commit.
References:
* XenServer (and other XAPI based Xen variants):
https://docs.openstack.org/nova/pike/admin/configuration/hypervisor-xen-api.html
* XenCenter HIMN plugin (adding HIMN network which is used by XenAPI driver to
communicate with XenServer):
https://github.com/citrix-openstack/xencenter-himn-plugin
* nova configuration options:
https://docs.openstack.org/nova/pike/configuration/config.html
Change-Id: Id34d247ab78976627f8e70685f27470b254cd418
blueprint: xenserver-support
This commit separates the messaging rpc and notify transports in order
to support separate and different oslo.messaging backends
This patch:
* add rpc and notify variables
* update service role conf templates
* add example to globals.yaml
* add release note
Implements: blueprint hybrid-messaging
Change-Id: I34691c2895c8563f1f322f0850ecff98d11b5185
The value set for "secure_proxy_ssl_header" should be
"HTTP_X_FORWARDED_PROTO" and not "X-Forwarded-Proto".
Change-Id: I7f4cc4871164ca9096a190101c179daa41e1ae9a
Closes-Bug: #1719325
This patch includes three unrelated fixes.
Make qemu use nova user in centos
Libvirt 3.2.0 (latest version in centos) seems to
have changed behavior of dynamic_ownership.
Pin ansible to <2.4 to make ara work in gates
ARA does not work yet with ansible 2.4, this change
pins to lower version to make gates work.
Revert once ara works with 2.4
Disable selinux for oraclelinux and centos.
Co-Authored-By: wanghongxu <wang19930902@gmail.com>
Co-Authored-By: Jeffrey Zhang <jeffrey.zhang@99cloud.net>
Change-Id: Iac8bec19437192cd198d58f71c6ed0a65a76f820
Closes-bug: #1718541
Existing defaults are setup for tcp, and set ca_file to an empty string.
'If you set this to an empty string, then no trusted CA certificate is loaded.'
libvirt may complain 'unsupported configuration: No server certificate path
set to match server key', as such tls should also be explicitly set to 0.
Change-Id: I49c64808cb236dab1d9fa2e699d0a2f2fc54cc99
Implements compute part of the blueprint.
Make virt_type of nova_compute configerable.
Change-Id: I0f37e49e09c4f14a64797506007bb55a6f534f0f
Partially-implements: blueprint kolla-ansible-support-vsphere
Co-Authored-By: shaofeng cheng <chengsf@winhong.com>
Currently nova.conf.j2 generates two compute_driver options for
nova_compute_ironic container like this:
compute_driver = ironic.IronicDriver
compute_driver = libvirt.LibvirtDriver
nova_compute_ironic container fails to start because the latter value
overrides the former one.
This patch fixes the issue recently introduced in [1].
[1] 63314ad6dd181a0e975438de2e99409238f1b775
Change-Id: Ibb661a5a594120be4195d331c38883c3b2886361
Closes-Bug: #1706534
Trace method is enabled in default for httpd. There is security risk
with trace enabled. So disable it in default. more info please check[0].
[0] https://security.stackexchange.com/a/7711
Change-Id: I4496a6d058d88e1abfb210085f189e7a610e0362
Closes-Bug: #1705160
kolla-kubernetes is using its own configuration generation[0], so it is
time for kolla-ansible to remove the related code to simplify the
logical.
[0] https://github.com/openstack/kolla-kubernetes/tree/master/ansible
Change-Id: I7bb0b7fe3b8eea906613e936d5e9d19f4f2e80bb
Implements: blueprint clean-k8s-config
RDO packages a distribution configuration file
/usr/share/nova/nova-dist.conf which contains the following setting:
firewall_driver = nova.virt.libvirt.firewall.IptablesFirewallDriver
This causes the nova-compute-ironic service to fail to start as the
nova ironic virt driver attempts and fails to create a firewall driver
using this class.
This change reinstates the explicit setting of the [DEFAULT]
firewall_driver option to the noop driver which resolves this issue.
This comes at the cost of a WARN log message due to the option being
deprecated (see
6d831db687).
Change-Id: I41bd9d0671118ff256e7ada766e8653bb4b2b376
Closes-Bug: #1701564
With the following configuration in globals.yml
enable_ceilometer="no"
enable_designate="no"
enable_searchlight="yes"
nova.conf is generated like following:
[oslo_messaging_notifications]
driver = messagingv2
topics =
topics value is missing.
Change-Id: I27145c0da8b864b2614091933c33d83bdec8b9be
Closes-Bug: #1671935
Co-Authored-By: Jeffrey Zhang <jeffrey.zhang@99cloud.net>
Remove option vnc_enabled from group default.
Add option enabled in group vnc.
Change-Id: Ia48b335fd9d160b53bc2ec98b7e3bc5b89b9c553
Closes-Bug: #1695181
Many of the templates use 600, remove unnecessary permission
on these templates to bring them in line with the others.
Change-Id: I30fe1b3822b9c7bb6ab98729fc519dc1d603db27
If used external ceph for nova,the ceph storage not enable cephx.
So ceph keyring file not does not exist.
Task throw error of check ceph keyring files.
Change-Id: I6257c107b94abf4d363e854229aaab8301d1d694
Closes-Bug: #1684522
If disable cinder in openstack environment.
Cinder of configuration items do not need to configure in nova.conf
Change-Id: Ie346dfe45f8c2d3fd383095d0c64f8e9421100ff
