When setting multi memcached servers, the value should be a list
rather then a comma joined string
This patch set I586ce1c6c3300254c4e2a398ff46645df576aeb0 set it in
wrong
TrivialFix
Change-Id: Ic612658ab0310c6764310bbca92c925da6d47f6c
Leverage the browser cache and compress to speed up the file transfer.
In RHEL based image, the expire and deflate module are enabled in
default. In the Debian based image, only the deflate is enabled
* Enable expire module on the Debian based image
* Enable the expire for the assets resource
* Enable the deflate for the http response
Closes-Bug: #1605907
Change-Id: If25decc38a10a21929f72a89cdb350d4ac64a5a9
Ansible's template action supports replacing horizon default config with
custom config, it should only add with_first_found param to
config.yml to support this.
Change-Id: I45b8eed5b8d6c4d42672d99e41bc4eff7023a26f
Closes-Bug: #1570677
Note: This should not result in any behavior changes in regular Kolla, just
Kolla-Kubernetes and only when you've overridden stuff in globals.yml
Allows override of interface address and memcached pools, so that Kubernetes
can do the right thing.
There are some significant architectural issues involved in memcached pooling
in the Kolla-kubernetes world. Avoiding them right now.
Current working with this Kolla-Kubernetes globals.yml file:
api_interface_address: "0.0.0.0"
memcached_servers: "memcached"
keystone_database_address: "mariadb"
keystone_admin_url: "http://keystone-admin:35357/v3"
keystone_internal_url: "http://keystone-public:5000/v3"
keystone_public_url: "http://keystone-public:5000/v3"
Three tings to note:
* In Kolla-Kubernetes, the service is not using net=host, so a
0.0.0.0 interface address is totally OK. That patch has been merged.
* In Kolla-Kubernetes, the global.yml file doesn't do var substitution
so you have to be explicit about the URLs, otherwise Keystone will
look like it was provisioned but it won't quite be provisioned right.
* In order to not duplicate tons of code, moved the keystone_admin_url /
keystone_internal_url / keystone_public_url to the common defaults
from the keystone defaults.
Co-Authored-By: Ryan Hallisey <rhallise@redhat.com>
Change-Id: I586ce1c6c3300254c4e2a398ff46645df576aeb0
Partially-implements: blueprint api-interface-bind-address-override
When using multi memcached servers, a list of servers should be used
rather than a comma joined servers string.
Change-Id: I93ed68947465b3e6b0c7fa3cf6c8c4ac94ed0bf2
Closes-Bug: #1600082
Changes location of Horizon log, they will be stored on common log volume
kolla_logs.
Change-Id: Ie9d56999a83efd05ab7c3dcb00b4dc42c9bce8f8
Closes-Bug: 1560250
The horizon default is to prevent multidomain login. While allowing
multidomain login wont prevent default domain login. Overhead is we
must type in domain to login even if its default domain.
Change-Id: I965c3612eb584e88071c619037e1f42b3f4c7cd0
Closes-Bug: #1560683
TLS can be used to encrypt and authenticate the connection with
OpenStack endpoints. This patch provides the necessary
parameters and changes the resulting service configurations to
enable TLS for the Kolla deployed OpenStack cloud.
The new input parameters are:
kolla_enable_tls_external: "yes" or "no" (default is "no")
kolla_external_fqdn_cert: "/etc/kolla/certificates/haproxy.pem"
kolla_external_fqdn_cacert: "/etc/kolla/certificates/haproxy-ca.crt"
Implements: blueprint kolla-ssl
Change-Id: I48ef8a781c3035d58817f9bf6f36d59a488bab41
Due to poor planning on our variable names we have a situation where
we have "internal_address" which must be a VIP, but "external_address"
which should be a DNS name. Now with two vips "external_vip_address"
is a new variable.
This corrects that issue by deprecating kolla_internal_address and
replacing it with 4 nicely named variables.
kolla_internal_vip_address
kolla_internal_fqdn
kolla_external_vip_address
kolla_external_fqdn
The default behaviour will remain the same, and the way the variable
inheritance is setup the kolla_internal_address variable can still be
set in globals.yml and propogate out to these 4 new variables like it
normally would, but all reference to kolla_internal_address has been
completely removed.
Change-Id: I4556dcdbf4d91a8d2751981ef9c64bad44a719e5
Partially-Implements: blueprint ssl-kolla
To allow for TLS to protect the service endpoints, the protocol
in the URLs for the endpoints will be either http or https.
This patch removes the hardcoded values of http and replaces them
with variables that can be adjusted accordingly in future patches.
Change-Id: Ibca6f8aac09c65115d1ac9957410e7f81ac7671e
Partially-implements: blueprint ssl-kolla
After introduction of pull action and turing every main.yml into
{{action}}.yml we lost ability to perform upgrade
Change-Id: Ie9fa2cd083b061033abc733fba53d54f9c55e393
Fixes-Bug: #1538210
Convert config creation from a playbook to an action_plugin. This
reduces the complexity and confusion while retaining the same augment
structure and flexibility.
This allows us to remove the 0-byte files as requirements. They will
still be used if they are present (this means we require additional
documentation around them).
DocImpact
Closes-Bug: #1528430
Change-Id: I2c789f6be9f195c7771ca093a6d59499564b4740
In heterogeneous environment, api_interfaces are different each other.
So we should specify it from hostvars.
Implements: bp configure-network-interface
Change-Id: Id15d70bfb9ebb62a64a3847a6b77407efb171dbe
Use virtualenv for installation of OpenStack projects and
dependencies to avoid conflicts with Python libraries installed
by non-OpenStack binary packages.
Change-Id: I21ecd673b2e93335b1d3dd4e279e940c9d694c3c
Implements: blueprint virtualenv
Unfortunately there was no was to avoid memcache for consoleauth, so
we might as well take advantage of it for Horizon as well.
Change-Id: Idd338a025b031f6b50fe0c9f03c2c8d862f9d4c0
Closes-Bug: #1504606
Closes-Bug: #1504800
sudo requires a tty to function by default on centos. Instead of
tweaking the sudo conf we can just add a tty. This has the added
advantage of making the containers more friendly if you have to
`docker exec -i <container> bash` into them.
Change-Id: If97a02ca1d37c243a787d98ade54bde8d641aecd
backport: liberty
Partially-Implements: blueprint functional-testing-gate
Ansible 1.9.2 contains the fix needed for docker-py >1.2.0
This is needed for some gate reasons, but it is also a good version
bump because it fixes a few issues with delegate_to.
Change-Id: Iafbabb3b0232620849d0548c5cd9d8d316c2b0f3
backport: liberty
Partially-Implements: blueprint functional-testing-gate
This brings Kolla images inline with FHS and should make finding
locations of things more consistent and reliable with the linux world
at large.
Change-Id: Iece5b4da4bace0fb8b1f41a65ab2c852ec73e6f8
Closes-Bug: #1485742