In trove-taskmanager.conf a typo has been
introduced for nova_proxy_admin_tenant_name
option.
It currently is:
"nova_proxy_admin_tenant_name = services"
But should be:
"nova_proxy_admin_tenant_name = service"
Change-Id: I7b5d0ca4c6c994b6dd3c5de3f0a79637fda88177
Closes-Bug: #1770262
The kolla-ansible certificates command creates a self-signed
certificate and corresponding private key. This change sets the
file mode on the files that contain the private key so that they
are not world readable.
Change-Id: I7bfba5975af8d230e5d00c2ce801a914fbbf2d4e
This commit adds the --by-service flag in the discover_hosts
command of the nova cell subsystem, using this flag,
hosts are mapped based on the existing nova-compute services instead
of using the compute node reference.
In this way, we can ensure that the host mappings exists
for this new host (and create it if not) preventing the
HostMappingNotFound exception to loop over and over.
Bug: #1768094
Change-Id: I948004031bc3e125f929ed3e6c670aea11e73a31
Signed-off-by: Jorge Niedbalski <jorge.niedbalski@linaro.org>
Allow to set computes_need_external_bridge to true/false
depending on the desired configuration, for allowing
cases such as disable dvr and enable l3 ha.
Closes-Bug: #1769686
Change-Id: I1565b08dfccb7bec2ddda8c048b7d951c9eb1824
Signed-off-by: Jorge Niedbalski <jorge.niedbalski@linaro.org>
Some variables should be modified too, just like this commit:
https://review.openstack.org/552863
Change-Id: Id43eefb948a05de03d19c46048b6151bf6f5dc0a
Related-Bug: #1769463
Aodh service credential defaults to publicURL.
Aodh should work with the internal interface (v3 API Identity syntax):
.....
[service_credentials]
interface = internal
.....
Change-Id: Ie11290be25291fee1938032ae6294546fb7a98f3
In ansible/roles/etcd/tasks/config.yml, the kolla_docker
compare_container action doesn't check environment.
Once a container is created, it won't get recreated if only the
environment change. This commit add the environment attribute to the
kolla_docker action in etcd role
Change-Id: I8fb71cc945867e06acc67f6d1256bf62f4276206
Closes-Bug: #1765517
Magnum was unable to fire up k8s cluster because heat-container-agent
inside kube-master was pointing to internal keystone endpoint instead of
public endpoint. This fix tells kolla ansible to set clients_keystone
auth_uri to public endpoint so that heat-container-agent communication
with heat is successfully authenticated by keystone.
Change-Id: Ida49528f88685710b5e6b8f3c4d4622506af5ae1
Closes-Bug: #1762754
Assuming both Prometheus and Grafana are enabled, this change
configures Grafana such that it can use data collected by the
Prometheus server.
Partially-Implements: blueprint prometheus
Change-Id: I0290806d0c622b1de33cf7047f099795b4c780b9
Setting endpoint_type to internalURL in the murano config allows murano
to work properly when using self-signed certificates.
Change-Id: I5873f92994d790d597ec5e97163bbf8001c362b9
For luminous, the ceph_mgr service provide the
dashborad for ceph, and it need connect to cluster,
but now it failed to connect ceph cluster due to
ceph.client.admin.keyring missing, this ps to fix it.
Co-Authored-By: chenqiaomin <chen.qiaomin@99cloud.net>
Closes-Bug: #1768462
Change-Id: Idb24661bc5674780db390220ca02e22975490663
As neutron-vpnaas-agent has been loaded just inside of the existing l3 agent
rather than requiring operators to run a completely different binary with a
subclass of the existing L3 agent[1]. We need restructure this role to fit
with this new feature.
[1] https://review.openstack.org/488247
Depends-On: I47cd8ba5a14da3c76d5b1eb0b4c0cf0c729eb2ff
Change-Id: Id690a652bc9facf1c3e39358f548ab7ddd967d80
Implements: blueprint restructure-neutron-vpnaas
Closes-Bug: #1731498
When attempting to inspect a node with ironic, it seems at times
ironic_dnsmasq fails to process dhcp bootp requests, giving the
following error repeating:
dnsmasq-dhcp: DHCPDISCOVER(eth0) 52:54:00:ff:15:55
dnsmasq-dhcp: DHCPOFFER(eth0) 192.169.5.100 52:54:00:ff:15:55
dnsmasq-dhcp: ARP-cache injection failed: Operation not permitted
Adding NET_ADMIN fixes this.
Co-Authored-By: Mark Goddard <mark@stackhpc.com>
Closes-Bug: #1762805
Change-Id: I39acb81801710f849336380d3fde01c70cd8d8ce
Change the default hardcoded values of the dnsmasq dns resolvers
on dhcp_agent.ini.j2 to a configuration option part
of group_vars/all.yml.
Also adding 1.1.1.1 as part of the default set.
Change-Id: I629c69e556d4ddba19f68f06627038e1886ae5f9
Signed-off-by: Jorge Niedbalski <jorge.niedbalski@linaro.org>
The ironic_dnsmasq config for ironic inspector uses the internal VIP for
the TFTP server address DHCP option. This is not going to work,
since HAProxy is not configured to forward TFTP, and does not support
UDP forwarding anyway. The config should use the api_interface IP for
the host running ironic_dnsmasq.
Change-Id: I56a0d46e9b528041cacea7196a525891ed5922f0
Closes-Bug: #1761815
The mount is "rprivate" by default, change this to "shared"
such that mount points will dynamically propagate.
Closes-Bug: #1767828
Change-Id: If3b99bd1626a44aa7b41cf7d50d67b4fc9634462
