This commit brings necessary configuration and container start-up
options to use two popular backends for backup - nfs and swift.
Both drivers support incremental backups and should work with any
cinder volume backend.
Change-Id: Ieed29a895dc1b9faad196e160a88ea9d293f9c75
Allow cinder-volume, nova-compute and nova-libvirtd to be configured to
use NFS. In order to mount and work with NFS shares, several containers
needed the NFS packages installed during build time.
One somewhat significant change is the addition of an explicit bind
volume for nova-compute that has shared mounts enabled.
According to docker-run(1), the shared mount propagation flag can only
be specified for bind mounted Docker volumes and not named volumes.
In an NFS setup, cinder-volume mounts the NFS shares so that it can
create and manage the Cinder volumes. When a new instance is created
with a Cinder volume or a Cinder volume is attached to an existing
instance, nova-compute mounts the Cinder volume from the NFS share for
nova-libvirtd. In order for nova-libvirtd to then see those Cinder
volumes the shared mounts flag must be enabled for the Docker volume.
Remove the rpcbind container as it is only necessary for operators who
are using NFSv3 or lower. There is no known need for this currently
however, this container can be added in the future should an operator
require it.
Co-authored-by: Ryan Hallisey <rhallise@redhat.com>
Co-authored-by: Andrew Widdersheim <amwiddersheim@gmail.com>
Change-Id: Iad77c05bce8876bdcc69b7ec22edd50e3bf48b9f
Closes-Bug: #1530515
Partially implements: blueprint nfs-support-in-cinder
Add a service check for Cinder when using iscsi/LVM, that the
appropriate volume group exists.
TrivialFix
Change-Id: I54e01911709db73549334760498b4246fe6271d7
Co-Authored-By: Vladislav Belogrudov <vladislav.belogrudov@oracle.com>
Use a lower number of workers rather than the default value, which is
equal to the number of the cpu. Otherwise, in a multi cpu environment,
the number of the processes will very high.
In this PS, we use min(5, << number of cpu >>) as the default worker
count.
Closes-Bug: #1582254
Change-Id: I1c32cf0db794b43b8fb8be18f39190422ca5846f
Remove the unnecessary option in the group_vars/all.yml file.
* removed some cinder.conf options like volume_backend_name,
iscsi_helper, iscsi_protocol etc. these value can be configured by
custom cinder.conf file, no need export as global variables.
* remove meaningless iscsi_ip_addess, which is not used in LVM driver
* force start iscsi relate when enable_cinder_backend_lvm is yes
TrivialFix
Change-Id: Ifcbfdad15e4d68bc5f20fc77e0315a09983ef022
This patch adds support for external Ceph clusters for Cinder.
For clean integration the backend configuration mechanism had to be
slightly adjusted.
We now have the option to enable multiple backends for Cinder
independently.
Currently, the flags cinder_backend_iscsi and cinder_backend_ceph are
used to toggle backends.
Documentation on how to use external ceph was added.
Change-Id: I7e0267b90d62d6d881f24f063cdb894422ec8618
Partially-Implements: Blueprint: external-ceph
Use [oslo_messaging_notifications]/driver option in cinder.conf
to enable block storage meters, set the option default value is
'messagingv2'.
Change-Id: I1e885324fbeb2ad1c547c6c6618cbacd0e441d51
Closes-Bug: 1602055
To use Cinder LVM2 backend with iSCSI,
add enable_iscsi option and fix document.
Change-Id: I286733508b5582c311c313c172b3c3a774be993c
Closes-Bug: #1599088
This fix adds several variables required for Cinder iSCSI backend
configutation.
Change-Id: I2f709f8589fdbf62e3d0b265452fd58f413bee65
Closes-Bug: #1579800
In the old rendition of this code, Cinder would attempt
one access to glance, fail, and then cinder would fail. Now
it accesses all servers in round robin fashion.
Change-Id: I4759b0b586919b33f49b974312072820062f35c2
Closes-Bug: #1571128
Make sure that all the sevices will attempt to
connect to the database an infinite about of times.
If the database ever disappears for some reason we
want the services to try and reconnect more than just
10 times.
Closes-bug: #1505636
Change-Id: I77abbf72ce5bfd68faa451bb9a72bd2544963f4b
These values are optional only when the services are not enabled.
If the file does not exist we should not warn, but rather inform.
Ceph-mon is an exception here since its bootstrap process means
the files may or may not exist initially.
TrivialFix
Change-Id: Ic02bece76d480e99deecf612036f37abb5604135
The in-process cache for keystone tokens has been deprecated due to
"incosistent results and high memory usage" with the expectation we
switch to memcached_servers if we want to stay performant.
Add memcache_servers [cache] section to the appropriate servers as the
[DEFAULT]\memcache_servers options was deprecated.
TrivialFix
Related-Id: Ied2b88c8cefe5655a88d0c2f334de04e588fa75a
Change-Id: Ic971bdddc0be3338b15924f7cc0f97d4a3ad2440
This matches the current default for nova.conf. Use unmap/discard if
t is enabled on the hypervisor. This option is new for mitaka.
TrivialFix
Change-Id: Id94c05e2ec8a65c75ec82afcd4150390f8b87ee2
Due to poor planning on our variable names we have a situation where
we have "internal_address" which must be a VIP, but "external_address"
which should be a DNS name. Now with two vips "external_vip_address"
is a new variable.
This corrects that issue by deprecating kolla_internal_address and
replacing it with 4 nicely named variables.
kolla_internal_vip_address
kolla_internal_fqdn
kolla_external_vip_address
kolla_external_fqdn
The default behaviour will remain the same, and the way the variable
inheritance is setup the kolla_internal_address variable can still be
set in globals.yml and propogate out to these 4 new variables like it
normally would, but all reference to kolla_internal_address has been
completely removed.
Change-Id: I4556dcdbf4d91a8d2751981ef9c64bad44a719e5
Partially-Implements: blueprint ssl-kolla
HAProxy: change to use option forwardfor to pass origin IP address
to backend via X-Forwarded-For header
Keystone: Apache does the audit logs for keystone. Change the
LogFormat to display the passed address instead of the connection
address which is that of the load balancer.
Nova, Cinder, Glance: these services can make use of the address
passed in X-Forwarded-For. With this setting the API logs for
these services include the client IP address.
Change-Id: Ia861ecc11a7c7d463d0366586926d1a842853f69
Closes-Bug: #1548935
To allow for TLS to protect the service endpoints, the protocol
in the URLs for the endpoints will be either http or https.
This patch removes the hardcoded values of http and replaces them
with variables that can be adjusted accordingly in future patches.
Change-Id: Ibca6f8aac09c65115d1ac9957410e7f81ac7671e
Partially-implements: blueprint ssl-kolla
Option "verbose" from group "DEFAULT" is deprecated for removal.
Its value may be silently ignored in the future.
If this option is not set explicitly, there is no such warning.
Furthermore, the default value of verbose is true, so there is
no need to set this value in config files.
TrivialFix
Change-Id: I3ec2a8900c984a64bc0645672ef89a63975f7f4e
In heterogeneous environment, api_interfaces are different each other.
So we should specify it from hostvars.
Implements: bp configure-network-interface
Change-Id: Id15d70bfb9ebb62a64a3847a6b77407efb171dbe
Use virtualenv for installation of OpenStack projects and
dependencies to avoid conflicts with Python libraries installed
by non-OpenStack binary packages.
Change-Id: I21ecd673b2e93335b1d3dd4e279e940c9d694c3c
Implements: blueprint virtualenv
Adjust all the configs to list all the rabbitmq hosts rather than
running rabbitmq through the VIP. This is made possible by clusterer
which has already merged.
Change-Id: I5db48f5f10ec68f4c8863a29bc13984f6845a4f9
Partially-Implements: blueprint rabbitmq-clusterer
This brings Kolla images inline with FHS and should make finding
locations of things more consistent and reliable with the linux world
at large.
Change-Id: Iece5b4da4bace0fb8b1f41a65ab2c852ec73e6f8
Closes-Bug: #1485742
This implements all the openstack pieces needed to make ceph work.
DocImpact
Change-Id: I1d24476a966602cf955e5ef872b0efb01319894a
Partially-Implements: blueprint ceph-container
Implements: blueprint kolla-live-migration
Default value for auth_strategy changed for Cinder in Liberty
release from 'noauth' to 'keystone'. Therefore relying on
default value makes Cinder fail in Kilo. This patch covers
both releases by setting auth strategy to 'keystone' explicitely
Change-Id: Ic1f45fd43e0a94ca1dbfc63e90e2756c40453352
Closes-Bug: #1492233