Add copy ca file to horizon container.
because:
Could not find a suitable TLS CA certificate bundle,
invalid path: /etc/pki/ca-trust/source/anchors/kolla-customca-haproxy-internal.crt
Closes-Bug: #1867121
Change-Id: I64d4dbeebd53048705005b61eb3c5b2104e8f2ed
Signed-off-by: yj.bai <bai.yongjun@99cloud.net>
We only log the release in the 'Checking host OS release or version'
precheck, but we allow either the release or version to be included in
the list. For example, on CentOS 7:
CentOS release Core is not supported. Supported releases are: 8
Include the version in the failure message too.
Change-Id: I0302cd4fc94a0c3a6aa1dbac7b9fedf37c11b81e
Related: blueprint improve-prechecks
grafana not support ipv6 in grafana.ini.j2.
Closes-Bug: #1866141
Change-Id: Ia89a9283e70c10a624f25108b487528dbb370ee4
Signed-off-by: yj.bai <bai.yongjun@99cloud.net>
I didn't use a for loop as the logic for omitting the
comma for the final element dirties the logic.
Change-Id: Id29d5deebcc5126d69a1bd8395e0df989f2081f0
This should help to ensure that users are running tested and supported
host OS distributions.
Change-Id: I6ee76463d284ad4f3646af1c7ec2b7e50e2f3b15
Partially-Implements: blueprint improve-prechecks
If haproxy is running somewhere in the cluster and listening on the VIP,
but not running locally, then the following precheck may fail:
TASK [haproxy : Checking free port for HAProxy monitor (vip interface)]
msg: Timeout when waiting for 192.0.2.10:61313 to stop.
This change fixes the issue by skipping the check if HAProxy is running
on any host.
Change-Id: I831eb2f700ef3fcf65b7e08382c3b4fcc4ce8d8d
Closes-Bug: #1866617
When change the cert file in /etc/kolla/certificate/.
The certificate in the container has not changed.
So I think can use kolla-ansible deploy when certificate is
changed. restart <container>
Partially-Implements: blueprint custom-cacerts
Change-Id: Iaac6f37e85ffdc0352e8062ae5049cc9a6b3db26
Signed-off-by: yj.bai <bai.yongjun@99cloud.net>
We already only include .conf files in fluent.conf:
(fluentd)[fluentd@cpu-e-1041 /etc/fluentd]$ cat fluent.conf
@include input/*.conf
@include filter/*.conf
@include format/*.conf
@include output/*.conf
so this change should not cause ill effect. This works because of the
merge option in config files:
merge: merges the source directory into the target directory instead of
replacing it. Boolean, defaults to false.
see https://docs.openstack.org/kolla/latest/admin/kolla_api.html#kolla-api-external-config
Change-Id: I28f63ec81f1ea5bc4a213d053bfb2c04388d5925
Closes-Bug: #1862211
Starting from U release, container driver is loaded from entry point.
Deployers should specify the entry point (i.e. ``docker``) in config
option ``container_driver`` under ``[DEFAULT]`` session.
Zun patch: https://review.opendev.org/#/c/703259/
Change-Id: I96e38760e7b13a6e11737372e9e7fd36cca6f749
The logrotate rotation interval and count are not configurable.
Currently, the configuration is a "default" that keeps 6 weeks of logs.
Change-Id: I4f55ee2a98f7861cb8de2724f5edc32da6d2f9ee
Both include_role and import_role expect role's name to be given
via "name" param instead of "role".
This worked but caused errors with ansible-lint.
See: https://review.opendev.org/694779
Change-Id: I388d4ae27111e430d38df1abcb6c6127d90a06e0
Service REST API urls should be constructed using the
{{ internal_protocol }} and {{ external_protocol }} configuration
parameters.
Change-Id: Id1e8098cf59f66aa35b371149fdb4b517fa4c908
Closes-Bug: 1862817
Service configuration urls should be constructed using
kolla_internal_fqdn instead of kolla_internal_vip_address. Otherwise SSL
validation will fail when certificates are issued using domain names.
Change-Id: I21689e22870c2f6206e37c60a3c33e19140f77ff
Closes-Bug: 1862419
Bifrost no longer deploys RabbitMQ, so we should not try to stop it
during upgrade. In fact, if we do then it fails:
Failed to stop rabbitmq-server.service: Unit rabbitmq-server.service not
loaded.
Bifrost removed RabbitMQ in Train, so this is only required from Ussuri.
Change-Id: Ie86f85974fd7385e72a918065fc9c5172f9684ba
Option "stores" from group "glance_store" is deprecated for removal
Option "default_store" from group "glance_store" is deprecated for removal
Multi store support is available since Rocky - time to start using
it.
Change-Id: I4991d754e34ec42a4b38331839d9679b307589bd