Commit Graph

27 Commits

Author SHA1 Message Date
Mark Goddard
0edad7138c Remove default(omit) from openstack_cacert in templates
The use of default(omit) is for module parameters, not templates. We
define a default value for openstack_cacert, so it should never be
undefined anyway.

Change-Id: Idfa73097ca168c76559dc4f3aa8bb30b7113ab28
2020-04-03 14:49:11 +01:00
James Kirsch
c15dc20341 Configure services to use Certificate Authority
Include a reference to the globally configured Certificate Authority to
all services. Services use the CA to verify HTTPs connections.

Change-Id: I38da931cdd7ff46cce1994763b5c713652b096cc
Partially-Implements: blueprint support-trusted-ca-certificate-file
2020-01-13 11:00:11 -08:00
Rafael Weingärtner
22a6223b1b Standardize the configuration of "oslo_messaging" section
After all of the discussions we had on
"https://review.opendev.org/#/c/670626/2", I studied all projects that
have an "oslo_messaging" section. Afterwards, I applied the same method
that is already used in "oslo_messaging" section in Nova, Cinder, and
others. This guarantees that we have a consistent method to
enable/disable notifications across projects based on components (e.g.
Ceilometer) being enabled or disabled. Here follows the list of
components, and the respective changes I did.

* Aodh:
The section is declared, but it is not used. Therefore, it will
be removed in an upcomming PR.

* Congress:
The section is declared, but it is not used. Therefore, it will
be removed in an upcomming PR.

* Cinder:
It was already properly configured.

* Octavia:
The section is declared, but it is not used. Therefore, it will
be removed in an upcomming PR.

* Heat:
It was already using a similar scheme; I just modified it a little bit
to be the same as we have in all other components

* Ceilometer:
Ceilometer publishes some messages in the rabbitMQ. However, the
default driver is "messagingv2", and not ''(empty) as defined in Oslo;
these configurations are defined in ceilometer/publisher/messaging.py.
Therefore, we do not need to do anything for the
"oslo_messaging_notifications" section in Ceilometer

* Tacker:
It was already using a similar scheme; I just modified it a little bit
to be the same as we have in all other components

* Neutron:
It was already properly configured.

* Nova
It was already properly configured. However, we found another issue
with its configuration. Kolla-ansible does not configure nova
notifications as it should. If 'searchlight' is not installed (enabled)
the 'notification_format' should be 'unversioned'. The default is
'both'; so nova will send a notification to the queue
versioned_notifications; but that queue has no consumer when
'searchlight' is disabled. In our case, the queue got 511k messages.
The huge amount of "stuck" messages made the Rabbitmq cluster
unstable.

https://bugzilla.redhat.com/show_bug.cgi?id=1478274
https://bugs.launchpad.net/ceilometer/+bug/1665449

* Nova_hyperv:
I added the same configurations as in Nova project.

* Vitrage
It was already using a similar scheme; I just modified it a little bit
to be the same as we have in all other components

* Searchlight
I created a mechanism similar to what we have in AODH, Cinder, Nova,
and others.

* Ironic
I created a mechanism similar to what we have in AODH, Cinder, Nova,
and others.

* Glance
It was already properly configured.

* Trove
It was already using a similar scheme; I just modified it a little bit
to be the same as we have in all other components

* Blazar
It was already using a similar scheme; I just modified it a little bit
to be the same as we have in all other components

* Sahara
It was already using a similar scheme; I just modified it a little bit
to be the same as we have in all other components

* Watcher
I created a mechanism similar to what we have in AODH, Cinder, Nova,
and others.

* Barbican
I created a mechanism similar to what we have in Cinder, Nova,
and others. I also added a configuration to 'keystone_notifications'
section. Barbican needs its own queue to capture events from Keystone.
Otherwise, it has an impact on Ceilometer and other systems that are
connected to the "notifications" default queue.

* Keystone
Keystone is the system that triggered this work with the discussions
that followed on https://review.opendev.org/#/c/670626/2. After a long
discussion, we agreed to apply the same approach that we have in Nova,
Cinder and other systems in Keystone. That is what we did. Moreover, we
introduce a new topic "barbican_notifications" when barbican is
enabled. We also removed the "variable" enable_cadf_notifications, as
it is obsolete, and the default in Keystone is CADF.

* Mistral:
It was hardcoded "noop" as the driver. However, that does not seem a
good practice. Instead, I applied the same standard of using the driver
and pushing to "notifications" queue if Ceilometer is enabled.

* Cyborg:
I created a mechanism similar to what we have in AODH, Cinder, Nova,
and others.

* Murano
It was already using a similar scheme; I just modified it a little bit
to be the same as we have in all other components

* Senlin
It was already using a similar scheme; I just modified it a little bit
to be the same as we have in all other components

* Manila
It was already using a similar scheme; I just modified it a little bit
to be the same as we have in all other components

* Zun
The section is declared, but it is not used. Therefore, it will
be removed in an upcomming PR.

* Designate
It was already using a similar scheme; I just modified it a little bit
to be the same as we have in all other components

* Magnum
It was already using a similar scheme; I just modified it a little bit
to be the same as we have in all other components

Closes-Bug: #1838985

Change-Id: I88bdb004814f37c81c9a9c4e5e491fac69f6f202
Signed-off-by: Rafael Weingärtner <rafael@apache.org>
2019-08-15 13:18:16 -03:00
Jim Rollenhagen
2e4e60503a Use keystone_*_url var in all configs
We're duplicating code to build the keystone URLs in nearly every
config, where we've already done it in group_vars. Replace the
redundancy with a variable that does the same thing.

Change-Id: I207d77870e2535c1cdcbc5eaf704f0448ac85a7a
2019-03-06 15:08:26 -05:00
wu.chunyang
69bc7b4ee2 add trove policy file customization
now,the trove does not support policy customization.
this ps to add it.

Change-Id: I32d62d0293ddf63572cf754a7108ed74f94b216a
2018-08-20 04:28:06 +00:00
ZhongShengping
ae246945a6 Deprecate auth_uri option
Option auth_uri from group keystone_authtoken is deprecated[1].
Use option www_authenticate_uri from group keystone_authtoken.

[1]https://review.openstack.org/#/c/508522/

Co-Authored-By: confi-surya <singh.surya64mnnit@gmail.com>
Change-Id: Ifd8527d404f1df807ae8196eac2b3849911ddc26
Closes-Bug: #1761907
2018-08-07 11:58:23 +05:30
Zhangfei Gao
ce809aea23 osprofiler support redis
Currently osprofiler only choose elasticsearch,
which is only supported on x86.
On other platform like aarch64 osprofiler can
not be used since no elasticsearch package.

Enable osprofiler by enable_osprofiler: "yes",
which choose elasticsearch by default.
Choose redis by enable_redis: "yes" & osprofiler_backend: "redis"
On platform without elasticsearch support like aarch64
set enable_elasticsearch: "no"

Change-Id: I68fe7a33e11d28684962fc5d0b3d326e90784d78
2018-06-01 09:34:04 +08:00
Zuul
08b4930e29 Merge "Homogenize the topics conf variable on templates" 2018-03-13 07:35:49 +00:00
Zuul
e7b3bd0358 Merge "Add cinder_enpoint_type option in trove" 2018-01-17 08:38:20 +00:00
ZhongShengping
ca558f4bb6 Add cinder_enpoint_type option in trove
https://github.com/openstack/trove/blob/master/trove/common/cfg.py#L85

Change-Id: I51d08d5a57453bb8a8459daea73a17b5e800f45f
2018-01-17 15:31:21 +08:00
goldyfruit
474b15dc5b Add os_region_name to Trove configuration files
By default Trove is looking for "RegionOne", if the region is
different the os_region_name parameter needs to be defined withing
the Trove configuration files.

To solve this issue, we need to set "os_region_name" option in
trove-api, trove-taskmanager and trove-conductor configuration.

os_region_name = {{ openstack_region_name }}

Change-Id: I1397046d2c88ba50d01a65c48e021d3535fe39d2
Closes-bug: #1743402
2018-01-15 10:33:49 -05:00
Pierre Blanc
b84bee79c3 Homogenize the topics conf variable on templates
In several templates the variable topics is configured
between simple quotes.
It is better to remove them to use the openstack default value.

Change-Id: I418c714240b38b2853a5c746203eac31588e841a
2018-01-12 16:39:47 -05:00
Pierre Blanc
953433ce7b Remove duplicate configuration options on trove templates
The option neutron_endpoint_type is duplicate on these files:
 - trove/templates/trove.conf.j2
 - trove/templates/trove-taskmanager.conf.j2

We just have to remove one occurrence.

Change-Id: If5c91cf7b491966b1deac42c694af5995df9b11e
2017-12-20 10:33:39 -05:00
Zuul
5f58b609b2 Merge "Fix launch instance failed in trove" 2017-12-04 13:40:44 +00:00
Jeffrey Zhang
0b931c9347 Fix launch instance failed in trove
- remove useless *_url, which can be auto discovery
- use internalURL instead of publicURL which make it works when
  using self-signed SSL certification.
- configure network_driver to Neutron
- add network_label_regex to match all network name

Change-Id: I5654dbf391db7076c82aede5c2a4f8b7530b8381
Closes-Bug: #1734039
2017-12-01 15:59:32 +08:00
Andrew Smith
fd1d3af0df Add support for hybrid messaging backends
This commit separates the messaging rpc and notify transports in order
to support separate and different oslo.messaging backends

This patch:
* add rpc and notify variables
* update service role conf templates
* add example to globals.yaml
* add release note

Implements: blueprint hybrid-messaging
Change-Id: I34691c2895c8563f1f322f0850ecff98d11b5185
2017-11-22 14:09:40 -05:00
jimmygc
69d9343fd0 Add ceph rgw object store support into trove
Ceph rgw can be used as object store instead of Swift.
This patch enable trove to use ceph rgw as object store.

Change-Id: I50b878078b7c62c1034a102d064dfa90a1357ee8
2017-07-10 11:30:10 +08:00
Bertrand Lallau
372e991bec Standardize Keystone domain variables
As described here:
https://github.com/openstack/keystone/blob/master/keystone/resource/core.py#L841
https://github.com/openstack/keystone/blob/master/keystone/conf/identity.py#L21

* default project domain name MUST be named 'Default'
* default project domain id MUST be named 'default'
* default project user name MUST be named 'Default'
* default project user id MUST be named 'default'

Change-Id: I610a0416647fdea31bb04889364da5395d8c8d74
2017-07-06 14:34:11 +00:00
Eduardo Gonzalez
ab4b1ff785 Support OSprofile usage
OSprofile allows user/devs trace OpenStack requests.

Implements: blueprint enable-osprofiler
Co-Authored-By: Bertrand Lallau <bertrand.lallau@gmail.com>
Change-Id: I82ea85d726011ef6cbf99380f395452d6d7f8053
2017-06-02 22:41:33 +02:00
Jenkins
1246266fad Merge "Fix wrong variable used in trove role" 2017-05-23 11:15:31 +00:00
Bertrand Lallau
afdd11b9a2 Generalize api_interface_address variable usage
Useful api_interface_address variable has been define here:
https://github.com/openstack/kolla-ansible/blob/master/ansible/group_vars/all.yml#L57
In order to simplify codebase we must use it as much as possible.

Change-Id: I18fec19bf69e05a22a4142a9cd1165eccd022455
2017-05-23 08:35:15 +00:00
jimmygc
0fca39dd03 Fix wrong variable used in trove role
There is no swift_api_port.
swift_proxy_server_port should be the correct one.

Closes-Bug: #1689260
Change-Id: I63e0edb76603374b479eabf0199c4024ad3e2dbd
2017-05-08 17:25:04 +08:00
Jenkins
88eb3a9696 Merge "Trove fix backup restore with Swift" 2017-03-30 09:16:52 +00:00
Bertrand Lallau
b6ab5bf7e9 Trove fix backup restore with Swift
'v1' is missing in DEFAULT/swift_url property for trove.conf and
trove-taskmanager.conf file.

Closes-Bug: #1677362
Change-Id: I7f625b1ac665a26c4207c3cbb9b0238da82993d8
2017-03-29 21:32:25 +02:00
Bertrand Lallau
6a8b3ede43 Trove: add oslo_messaging_notifications config
Trove can send RPC notifications to Ceilometer as define here:
https://github.com/openstack/ceilometer/blob/master/ceilometer/pipeline/data/event_definitions.yaml#L444

oslo_messaging_notifications section MUST be managed in conf files.

Change-Id: I063b9807686e9b4ca6f7e7bfa6a444191378e513
2017-03-14 11:18:28 +01:00
Jeffrey Zhang
9140abc0b2 Fix trove role issue
* add the bind_host and bind_port option for trove api service
* add emptry upgrade.yml file

Change-Id: Ie861e43f98d513d2831303249ddf407de40bba2a
2017-01-06 12:51:49 +08:00
zhubingbing
195a32b1e9 Add trove role
Add trove enable options and port configuration
Add trove groups to ansible inventory
Add defaults/main.yml
Add bootstrap Ansible task
Add config Ansible task
Add deploy Ansible task
Add pull Ansible task
Add register Ansible task
Add start Ansible task
Add upgrade Ansible task
Add reconfigure Ansible task
Add templatized json and .conf files for trove
Integrate trove with haproxy
Reference installation configuration link:http://docs.openstack.org/mitaka/install-guide-rdo/trove-install.html

Change-Id: I0bc6edbf2e495ce377f994f793bde979d5c55dbf
Implements: blueprint ansible-trove
2016-11-24 03:02:27 +00:00