309 Commits

Author SHA1 Message Date
Zuul
5478f362e7 Merge "Docs: improve Nova documentation" 2019-10-13 08:49:32 +00:00
Mark Goddard
e91186c66c Docs: improve Nova documentation
Adds a top-level guide for Nova, with links off to the various virt
driver guides.

Generalises the libvirt TLS guide into a libvirt guide, and adds info on
hardware virtualisation and qemu vs. kvm.

Adds information on configuring consoles.

Change-Id: I36beaaee313bdbc4bcf8cc15c41dda245a5a81ba
2019-10-08 08:30:35 +00:00
Zuul
6bdd7dba75 Merge "[designate] Add coordination backend for designate workers" 2019-10-03 13:15:52 +00:00
Pierre Riteau
46a5d87102 Update mention of Kayobe in documentation
Change-Id: I95116bd2f33dfc2db9f8f913b6995113a8cb2dbf
2019-09-30 18:54:05 +02:00
Joseph M
9cae608392 [designate] Add coordination backend for designate workers
Add coordination backend configuration to designate.conf which is
required in multinode environments. Fixes warning from designate:

WARNING designate.coordination [-] No coordination backend configured,
assuming we are the only worker. Please configure a coordination backend

Change-Id: I23c4d2de7e3f9368795c423000a4f9a6c3a431e2
Closes-Bug: #1843842
Related-Bug: #1840070
2019-09-30 11:02:27 -04:00
Zuul
87e671c6b4 Merge "Add a job that *only* deploys updated containers" 2019-09-30 13:19:28 +00:00
Zuul
2abfa97e82 Merge "Add custom filters for checking services" 2019-09-29 20:36:17 +00:00
Kris Lindgren
2fe0d98ebb Add a job that *only* deploys updated containers
Sometimes as cloud admins, we want to only update code that is running
in a cloud.  But we dont need to do anything else.  Make an action in
kolla-ansible that allows us to do that.

Change-Id: I904f595c69f7276e71692696471e32fd1f88e6e8
Implements: blueprint deploy-containers-action
2019-09-26 17:51:14 +01:00
Michal Nasiadka
d3b41a181a Update Neutron reference docs
Add Neutron reference docs, especially a note around
using OVS native firewall driver on recent (4.3+) kernels [1].

[1]: https://docs.openstack.org/neutron/latest/admin/config-ovsfwdriver.html

Change-Id: I6994e364c116234b46f5d5e9f0a4666b83f86375
Closes-Bug: #1653987
2019-09-26 15:49:53 +00:00
Zuul
b2f5d53b58 Merge "[prometheus] Added documentation for deployment and setting extra options" 2019-09-26 09:42:31 +00:00
Zuul
340b6d9456 Merge "Add support for libvirt+tls" 2019-09-26 09:19:33 +00:00
Dincer Celik
bb7fc2e5b1 [prometheus] Added documentation for deployment and setting extra options
Change-Id: I8bb39eaf8a4239c37fcbf91b55ec8003542e2506
2019-09-24 15:58:31 +03:00
Alexis Deberg
0adbbb268e Swift: add swift_extra_ring_files variable to handle multi-policies deployment
The current tasks only use a hardcoded list deploying only the required files.
When using multiple custom policies, additionnal object-*.builder and
object*.gz files are to be deployed as well.
This adds a new default-empty variable that can be overridden when needed

Change-Id: I29c8e349c7cc83e3a2e01ff702d235a0cd97340e
Closes-Bug: #1844752
2019-09-24 02:43:15 -04:00
Kris Lindgren
f8cfccb99e Add support for libvirt+tls
To securely support live migration between computenodes we should enable
tls, with cert auth, instead of TCP with no auth support.

Implements: blueprint libvirt-tls

Change-Id: I22ea6233933c840b853fdcc8e03400b2bf577271
2019-09-19 15:32:41 +01:00
Zuul
68b9d78cb3 Merge "Build pdf doc" 2019-09-18 17:11:11 +00:00
Mark Goddard
15e35333dd Remove support for OracleLinux
We have agreed to remove support for Oracle Linux.

http://lists.openstack.org/pipermail/openstack-discuss/2019-June/006896.html

Change-Id: If11b4ff37af936a0cfd34443e8babb952307882b
2019-09-18 12:25:12 +01:00
Mark Goddard
ef3abc455f Build pdf doc
The is one of community goals that each project should produce a
single PDF file. The pdf should be in the output of openstack-tox-docs
job.

TeX packages are required to build PDF locally, following is
recommended:

* inkscape
* texlive-latex-base
* texlive-latex-extra
* texlive-fonts-recommended

More about the goal:
https://governance.openstack.org/tc/goals/train/pdf-doc-generation.html
https://etherpad.openstack.org/p/train-pdf-support-goal
https://etherpad.openstack.org/p/pdf-goal-train-common-problems

Change-Id: Ia0f8b73bcbda6295319f5c8de1aa02a40844207b
2019-09-17 14:14:18 +01:00
Mark Goddard
af2e7fd73e Add custom filters for checking services
These filters can be used to capture a lot of the logic that we
currently have in 'when' statements, about which services are enabled
for a particular host.

In order to use these filters, it is necessary to install the
kolla_ansible python module, and not just the dependencies listed in
requirements.txt. The CI test and quickstart install from source
documentation has been updated accordingly.

Ansible is not currently in OpenStack global requirements, so for unit
tests we avoid a direct dependency on Ansible and provide fakes where
necessary.

Change-Id: Ib91cac3c28e2b5a834c9746b1d2236a309529556
2019-09-16 12:48:52 +00:00
Zuul
5dae45e26e Merge "Enable Swift Recon" 2019-09-12 14:06:15 +00:00
Scott Solkhon
d463d3f7bf Enable Swift Recon
This commit adds the necessary configuration to the Swift account,
container and object configuration files to enable the Swift recon
cli.

In order to give the object server on each Swift host access to the
recon files, a Docker volume is mounted into each container which
generates them. The volume is then mounted read only into the object
server container. Note that multiple containers append to the same
file. This should not be a problem since Swift uses a lock when
appending.

Change-Id: I343d8f45a78ebc3c11ed0c68fe8bec24f9ea7929
Co-authored-by: Doug Szumski <doug@stackhpc.com>
2019-09-12 11:45:02 +01:00
Zuul
ff86c2f2e3 Merge "Implement TLS encryption for internal endpoints" 2019-09-12 09:20:54 +00:00
Mark Goddard
8c8adb0e45 Update minimum version of Ansible to 2.6
This is required for the dict2items filter.

Change-Id: I60a04e839bf06506ff36c2631a286130d5fde972
2019-09-11 17:09:32 +01:00
Hongbin Lu
0f5e065855 Configure Zun for Placement (Train+)
After the integration with placement [1], we need to configure how
zun-compute is going to work with nova-compute.

* If zun-compute and nova-compute run on the same compute node,
  we need to set 'host_shared_with_nova' as true so that Zun
  will use the resource provider (compute node) created by nova.
  In this mode, containers and VMs could claim allocations against
  the same resource provider.
* If zun-compute runs on a node without nova-compute, no extra
  configuration is needed. By default, each zun-compute will create
  a resource provider in placement to represent the compute node
  it manages.

[1] https://blueprints.launchpad.net/zun/+spec/use-placement-resource-management

Change-Id: I2d85911c4504e541d2994ce3d48e2fbb1090b813
2019-09-10 01:47:15 +00:00
Marcin Juszkiewicz
a5808ad8ba Modernize the way of configuring Docker daemon
Instead of changing Docker daemon command line let's change config
for Docker instead. In /etc/docker/daemon.json file as it should be.

Custom Docker options can be set with 'docker_custom_config' variable.

Old 'docker_custom_option' is still present but should be avoided.

Co-Authored-By: Radosław Piliszek <radoslaw.piliszek@gmail.com>
Change-Id: I1215e04ec15b01c0b43bac8c0e81293f6724f278
2019-09-05 08:19:26 +00:00
Michal Nasiadka
837f19a770 docs: ceph-ansible usage, add note around ceph keys
ceph-ansible by default generates what we call nova.keyring as
openstack.keyring - adding a note to not confuse users.

Change-Id: I3992a037ab8e7947e35521b5c721a89bd954fdcd
2019-08-23 09:27:04 +00:00
Krzysztof Klimonda
b0ecd8b67c Implement TLS encryption for internal endpoints
This review is the first one in a series of patches and it introduces an
optional encryption for internal openstack endpoints, implementing part
of the add-ssl-internal-network spec.

Change-Id: I6589751626486279bf24725f22e71da8cd7f0a43
2019-08-22 16:39:21 -07:00
Radosław Piliszek
44f88d16ac Allow to configure docker for Zun
Change-Id: Icf3f01516185afb7b9f642407b06a0204c36ecbe
Closes-Bug: #1840315
Signed-off-by: Radosław Piliszek <radoslaw.piliszek@gmail.com>
2019-08-16 15:35:11 +02:00
Zuul
bf372c2502 Merge "Add Masakari Ansible role" 2019-08-15 16:36:44 +00:00
Kien Nguyen
577bb50a04 Add Masakari Ansible role
Masakari provides Instances High Availability Service for
OpenStack clouds by automatically recovering failed Instances.

Depends-On: https://review.openstack.org/#/c/615469/
Change-Id: I0b3457232ee86576022cff64eb2e227ff9bbf0aa
Implements: blueprint ansible-masakari
Co-Authored-By: Gaëtan Trellu <gaetan.trellu@incloudus.com>
2019-08-15 09:58:53 -04:00
Zuul
495be668d8 Merge "Add support for Swift S3 API" 2019-08-14 12:28:19 +00:00
Scott Solkhon
d72b27f2d1 Add support for Swift S3 API
This feature is disabled by default, and can be enabled by setting
'enable_swift_s3api' to 'true' in globals.yml.

Two middlewares are required for Swift S3 - s3api and s3token. Additionally, we
need to configure the authtoken middleware to delay auth decisions to give
s3token a chance to authorise requests using EC2 credentials.

Change-Id: Ib8e8e3a1c2ab383100f3c60ec58066e588d3b4db
2019-08-14 09:55:35 +00:00
Zuul
b16bb0d787 Merge "Do not require EPEL repo on RHEL-based target hosts" 2019-08-10 00:33:53 +00:00
Mark Goddard
f63e36780b Remove support for Docker legacy packages
Docker is now always installed using the community edition (CE)
packages.

Change-Id: I8c3fe44fd9d2da99b5bb1c0ec3472d7e1b5fb295
2019-08-06 18:34:19 +01:00
Radosław Piliszek
67cedb7ad5 Do not require EPEL repo on RHEL-based target hosts
This change makes kolla-ansible more compatible with
RHEL which does not provide epel-release package.

EPEL was required to install simplejson from rpm
which was an ansible requirement when used python
version was below 2.5 ([1]). This has been obsolete for
quite a time so it's a good idea to get rid of it.

This change includes update of docs to read more properly.

[1] https://docs.ansible.com/ansible/2.3/intro_installation.html

Change-Id: I825431d41fbceb824baff27130d64dabe4475d33
Signed-off-by: Radosław Piliszek <radoslaw.piliszek@gmail.com>
2019-08-05 09:01:49 +02:00
Raimund Hook
99463849eb Updated multi-region docs to include keepalived
The keepalived_virtual_router_id should be changed from the default in
the case of a multi-region deployment where the VIP of the different
regions resides on the same subnet.

This is not immediately clear - this change should make it more obvious.

Change-Id: Ia4899ba407937d9f27832c9d123701729e89987a
2019-07-18 10:56:42 +01:00
Michal Nasiadka
efcaf400b8 ceph-nfs: Add rpcbind to Ubuntu host bootstrap
* Ubuntu ships with nfs-ganesha 2.6.0, which requires to do an rpcbind
udp test on startup (was fixed later)
* Add rpcbind package to be installed by kolla-ansible bootstrap when
ceph_nfs is enabled
* Update Ceph deployment docs with a note

Change-Id: Ic19264191a0ed418fa959fdc122cef543446fbe5
2019-07-16 17:38:18 +00:00
chenxing
897391762f Note that kolla doesn't support ovsdpdk for RHEL-based distros
Change-Id: I6974858a0a44d85a065502ed7b3a8e2797be7228
Closes-Bug: #1832979
2019-07-15 08:26:07 +00:00
Raimund Hook
fd07e3d911 Language tweaks in multi-region docs for clarity
Tweaked some of the language in doc/source/user/multi-regions.rst for
clarity purposes.

TrivialFix

Change-Id: Icdd8da6886d0e39da5da80c37d14d2688431ba8f
2019-07-12 12:45:10 +01:00
Zuul
768852f8d5 Merge "Fix the incorrect backup_driver configuration" 2019-07-10 16:50:25 +00:00
Raimund Hook
ec3fe167af Update designate-guide cli command for dns_domain
Updated the docs to refer to the openstack client, rather than the (old)
neutron client.

TrivialFix

Change-Id: I82011175f7206f52570a0f7d1c6863ad8fa08fd0
2019-07-10 10:57:35 +01:00
chenxing
8b55268d44 Fix the incorrect backup_driver configuration
The "backup_driver" option should be configured to
cinder.backup.drivers.ceph.CephBackupDriver instead of
cinder.backup.drivers.ceph.

Change-Id: I22457023c6ad76b508bcbe05e37517c18f1ffc81
Closes-Bug: #1832878
2019-07-10 16:06:35 +08:00
Zuul
48223fe83c Merge "Deprecate Ceph deployment" 2019-07-08 22:22:57 +00:00
Mark Goddard
e6d0e610c5 Deprecate Ceph deployment
There are now several good tools for deploying Ceph, including Ceph
Ansible and ceph-deploy. Maintaining our own Ceph deployment is a
significant maintenance burden, and we should focus on our core mission
to deploy OpenStack. Given that this is a significant part of kolla
ansible currently we will need a long deprecation period and a migration
path to another tool.

Change-Id: Ic603c85c04d8794580a19f9efaa7a8589565f4f6
Partially-Implements: blueprint remove-ceph
2019-07-04 19:05:54 +01:00
Mark Goddard
0a769dc30b Bump minimum Ansible version to 2.5
This is necessary for some Ansible tests which were renamed in 2.5 -
including 'version' and 'successful'.

Change-Id: Iacf88ef5589c7571fcf56ba8b99d3dbe76975195
2019-07-01 09:38:01 +01:00
Zuul
e5ad12c429 Merge "doc: Start using openstackdoctheme's extlink extension" 2019-06-27 11:33:48 +00:00
Zuul
a956c53181 Merge "Remove `hnas_iscsi` from the supported storage backends list of Cinder" 2019-06-24 13:08:24 +00:00
chenxing
b7ca065edf Remove `hnas_iscsi` from the supported storage backends list of Cinder
The Hitachi NAS Platform iSCSI driver was marked as not supported by
Cinder in the Ocata realease[1].

[1] https://review.opendev.org/#/c/444287/

Change-Id: I1a25789374fddaefc57bc59badec06f91ee6a52a
Closes-Bug: #1832821
2019-06-24 09:04:14 +00:00
Doug Szumski
c4f488adcf Add some notes for users Migrating to Kolla Monasca
This commit should help guide people migrating to Kolla Monasca
through the murky depths of the migration process. Since Kolla
did not support Monasca in Queens, some of these steps which
could be automated are not.

Change-Id: I79051cca27178c3cf1671f5c603e38baf929c55c
2019-06-20 17:30:29 +01:00
chenxing
31526d4c26 doc: Start using openstackdoctheme's extlink extension
This ensures we have version-specific references to other projects [1].
Note that this doesn't mean the URLs are actually valid - we need to do
more work (linkcheck?) here, but it's an improvement nonetheless.

[1] https://docs.openstack.org/openstackdocstheme/latest/#external-link-helper

Change-Id: I118e4d211617c5df66ff04dc04e308a1d2fc67ad
2019-06-17 23:00:42 +08:00
Zuul
29b755eb15 Merge "Remove Neutron LBaaS support" 2019-06-13 19:15:42 +00:00