Till now we've been flusing iptables in the gates to allow cross node
communication in the multi node ceph jobs. This raised security
concerns, in particular it exposed memcached to the external net.
This patch uses the infra provided role 'multi-node-firewall' in order
to correctly configure iptables. Thanks to Jeremy Stanley and Jeffrey
for help with this.
Closes-Bug: #1749326
Change-Id: Iafaf1cf1d9b0227b0f869969d0bd52fbde3791a0
This ensures that the default value of openstack_release - "auto" - is
handled correctly when deploying bifrost.
Change-Id: I71e6fc5a6b82dc5d6788bf093cd079c45d890ffd
Ansible provide script module to run shell script, The local script at
path will be transferred to the remote node and then executed, so no
need to copy script to remote node and use shell moulde to run it.
this patch optimise it.
Change-Id: If774502b66652f25593cda137cc8a5baefbd9695
Bifrost uses the www-data user for nginx on debian/ubuntu, and nginx on
other platforms. Kolla-ansible currently uses the nginx user for all
platforms when creating a log directory. This change uses the www-data
user on debian/ubuntu when setting ownership of the bifrost nginx log
directory.
Change-Id: I142a158b6f2e8f8a46b684267f6fbb2a6e22a259
Closes-Bug: #1753750
Kolla add multiple url in one outputs.influxdb.
This configuration is when influxdb is in cluster mode.
We need to write one conf by influxdb server.
Change-Id: I1c788b3c8400e74d50cace5a334311408989c5e1
Bifrost cannot modify /etc/hosts from within a container, so add a
host entry during bootstrap.
This was previously fixed by Ied378b4dd755788e75ad1814cecb5700732ba83e
but the logic in bifrost was changed [1], making it out of sync with
kolla-ansible, and triggering a write to /etc/hosts. This change applies
the new logic in bifrost to kolla-ansible, ensuring that the file will
not need to change in the container.
Longer term we should look at ways to make bifrost less eager to modify
/etc/hosts, accepting any file that will work for RabbitMQ.
[1]
60b9a9917e
Change-Id: I0ee05feae3630435b2ec52cfeddf33647a974ee0
Closes-Bug: #1661009
Bifrost will determine the name of the service for MySQL based on the OS
distro if mysql_service_name is not set. Setting it explicitly in
extra-vars was causing problems on systems that use mariadb.
Change-Id: I892b1c9cf636b9dfc1bacc92e1e2f0d066018260
Closes-Bug: #1753522
When bootstrap compute hosts for XenAPI, it will generate a facts
file for each compute node. It contains some XenAPI specific variables
for both the compute host and the XenServer where the compute host
run on. This commit is to fetch the facts file into deployment host
and put it under a centralized directory - each compute host will
have a separate sub-dir which is named with its *inventory_hostname*.
In this way, the following tasks can use proper variable from the
proper facts file which exactly belongs to the host they running on.
Change-Id: I68d1a2d098d38c8e6bf4db76cdaf1f0465831822
blueprint: xenserver-support