While most of services already have TLS encryption with backend
implemented, Skyline implementation was missed.
Now, with migration to the common role, it's way easier to add
TLS coverage for backends.
Change-Id: I7c17d36212891108674240ddb8ac4c1fd637532c
In order to unify approach for managing Apache Web server, we migrate
to usage of standalone `httpd` role instead of managing apache
separately inside service roles.
Depends-On: https://review.opendev.org/c/openstack/openstack-ansible/+/939307
Change-Id: Iea11943229aa432704868ed008ae2470b08d6588
With ansible-core 2.16 a breaking changes landed [1] to some filters
making their result returned in arbitrary order. With that, we were
relying on them to always return exactly same ordered lists.
With that we need to ensure that we still have determenistic behaviour
where this is important.
[1] https://github.com/ansible/ansible/issues/82554
Change-Id: Ic54eede6fa7de1fd7f03c9519a6239aa11489b5d
Zuul configuration file has been dropped from the project [1] during
import to opendev as a pre-requisite.
We re-add it now to be able to merge changes to the role.
[1] https://github.com/jrosser/openstack-ansible-os_skyline/pull/2
Change-Id: I0f5a4de5d273014951e48b82703a042e74118ab1
Enough code to install skyline-apiserver and make a non functional
dashboard viewable in a browser.
Depends-On: https://review.opendev.org/c/openstack/openstack-ansible/+/841154
NOTE:
Only works in an AIO
Only works with LXC deployment
Manually copy files/skyline_env_d.yml and files/skyline_conf.d to
the proper directories in /etc/openstack_deploy to add skyline to
the inventory.
Boostrap / create containers, run whole openstack deployment.
Copy files/os-skyline-install.yml to /opt/openstack-ansible/playbooks
Run openstack-ansible playbooks/os-skyline-install.yml
Manually adjust haproxy config so that the skyline container is the
backend for the dashboard, just hack horizon-back config, reload
haproxy config with systemctl.
The apache config this ansible role installs is not working.
Attach to the skyline container, then:
* Stop the apache service
* Install nginx with apt
* Copy files/nginx.conf to /etc/nginx/nginx.conf
* Restart nginx
Should be possible to visit the dashboard now.
TODO:
Figure out a working apache reverse proxy config
or better....
Figure out how to do the same reverse proxying at haproxy
Work out what all the skyline.conf fields are about (where are the docs?)
Figure out why the nginx config generator binary in the skyline
venv has broken python imports (markupsafe/jinja2) - Do we need a newer
version of pip to install this all properly?
Why are certain parts of the dashboard broken with "not authorised to..."
Make the npm install parts idempotent, check we are using native ansible
modules where possible.
