306 Commits

Author SHA1 Message Date
Jean-Philippe Evrard
7e2db5362d Bring consistency to tags
Some tags were not applied on the highest level and forced duplication.
We apply here our practices to have role_name-(config|install) [1].

[1]: http://docs.openstack.org/developer/openstack-ansible/developer-docs/contribute.html#ansible-style-guide

Change-Id: I1cfb335307bc63e6c962c8bdbcb420b03c10f531
2017-01-13 13:44:06 +00:00
Andy McCrae
4615ef44cf [docs] Updating 404 link for os_swift
Change-Id: Iacff05a620afb07375b3aa648c047e161c721bb8
Partial-bug: #1652948
2016-12-29 16:08:43 +00:00
Andy McCrae
f01f4a8454 Remove Trusty final trusty bits from os_swift role
Change-Id: I1d20338106f452a17d103231e9321cb3cc106087
Implements: blueprint trusty-removal
2016-12-15 13:22:12 +00:00
Andy McCrae
06471b9977 Remove pattern reference in service restart
As part of the Trusty removal, the "pattern:" option for service
restarts can be removed. This prevents the following warning message
from appearing in the Ansible runs:

[WARNING]: Ignoring "pattern" as it is not used in "systemd"

Change-Id: I38e04f48360ef558fa7d99e90fb0e73a9cb887be
15.0.0.0b2
2016-12-12 11:01:03 +00:00
Jenkins
a0d6cdea8a Merge "Remove Trusty support from os_swift role" 2016-12-09 11:25:21 +00:00
Andy McCrae
26bd8127b6 Remove Trusty support from os_swift role
As a part of removing Trusty from OpenStack-Ansible we shall aim to
remove this from all the roles.

Testing has already been removed for Trusty in the integrated build and
all individual repositories on master (Ocata), as such we can now go
ahead and remove the support within the roles.

Change-Id: I89ba35fd15703aba2a05d11d4550690704bdf272
Implements: blueprint trusty-removal
2016-12-08 11:50:58 +00:00
Andy McCrae
db66b43dd2 Set copy as a middleware for Swift
This patch adds copy as a middleware for swift, this follows upstream's
approach and reduces errors that indicate it is being automatically
included in the pipeline.

Change-Id: I4591ff3f3464d8bfa4ffd012f117aba881b02b65
2016-12-07 14:29:52 +00:00
gecong1973
3a64525c11 Delete deprecated Hacking in tox.ini
Some hacking have been removed,so we can delete them.
More details:
     https://github.com/openstack-dev/hacking/blob/master/setup.cfg

Change-Id: I360fc27dbee4a4651eeebf03815979f021cf96aa
2016-12-04 10:24:41 +08:00
Jenkins
8238849e41 Merge "Allow X-History-Location versioned_writes" 2016-12-03 03:14:48 +00:00
Jenkins
f9213a7ae0 Merge "Attempt to fix swift_pypy memory issues" 2016-12-03 03:14:08 +00:00
OpenStack Proposal Bot
6ca2540995 Updated from global requirements
Change-Id: Ia6c7f6445f70dab762f21eaeb3581294e530011c
2016-12-02 05:11:11 +00:00
Jenkins
a4f5486614 Merge "Swift upgrade testing." 2016-12-01 17:38:05 +00:00
Jean-Philippe Evrard
d4a780395e Point roles docs bugs to openstack-ansible LP
Currently when clicking on the small bug in the roles'
docs, we land on openstack-manuals launchpad.

This should solve it.

Change-Id: Ie15e443caf00634db8ef5f1415a79f193db227ea
2016-12-01 12:09:57 +00:00
Andy McCrae
3fb6784459 Attempt to fix swift_pypy memory issues
Move to use tempauth to resolve memory issues resulting from an AIO
swift install running in pypy.

This PR adds some options for using pypy:
* Set a pypy Garbage collection value

This PR includes some tempauth fixes to make it useable:
* Set the tempauth users based on a variable

Testing is changed as follows for pypy:
* Use only memcache within swift-proxy
* Remove galera/keystone
* Add swap for swift-storage hosts
* Use tempauth for pypy
* Reduce to 2 swift hosts

Change-Id: Ic1ed5acc9b20853d9a159035226f97fda088f035
2016-12-01 11:07:10 +00:00
Andy McCrae
1d83a153a5 Adjust syslog username for CentOS
Since adding the rsyslog_client role as a dependency for Swift, the
syslog username for CentOS is the same as for Debian "syslog", as such
this patch removes the distro specific option for this variable.

Change-Id: I838dfacbe48fd8310c5e8d4405a683d11adf45ed
2016-11-30 15:51:09 +00:00
Andy McCrae
de7ab0a800 Allow X-History-Location versioned_writes
Versioned Objects in Swift now use a middleware that is added to the
pipeline instead of the "allow_versions" in the container config. These
have 2 different Headers, so to prevent "X-Versions-Location" from not
working the "allow_versions" in the container config is left in place.

This patch adds the middleware by default and sets the Versioned Objects
support to be on. This is the upstream default and the deployer would
still need to set the "X-History-Location" header on a container to
utilise the feature.

Change-Id: I88811fd77fad8d2241448ca5ffb565fa7d704a00
2016-11-30 11:18:45 +00:00
Jenkins
e69545f1ec Merge "Use new ansible package module to install distro packages." 2016-11-29 17:16:23 +00:00
Donovan Francesco (drifterza)
7db10248f9 Use new ansible package module to install distro packages.
From Newton onwards we're able to take advantage of
the Ansible package module, instead of conditionally
executing the apt or yum module.

Implementing this is an optimisation which we can do
in master and backport to stable/newton,
reducing the execution time.

Reference: http://docs.ansible.com/ansible/package_module.html

Change-Id: Ic4ac593ec53fc6e7e420c0bd31975f1fa34fbb06
Related-Bug: #1642654
2016-11-28 18:20:15 +02:00
Marc Gariepy
58b0b99cca Fix virtualenv-tools issue
please see https://github.com/fireteam/virtualenv-tools/issues/5

This make installation of the virtualenv impossible on CentOS7 since
you endup with python > python2.7 and python2.7 > python

lrwxrwxrwx. 1 root root       9 Nov 24 20:49 python -> python2.7
lrwxrwxrwx. 1 root root       6 Nov 14 20:03 python2 -> python
lrwxrwxrwx. 1 root root       6 Nov 14 20:03 python2.7 -> python

Change-Id: I8f7d772d51c6407207cbc8d6a9eab30939eccfde
Related-Bug: #1637509
Partial-Bug: #1644629
2016-11-28 09:40:14 -05:00
Flavio Percoco
eb18f77c2e Show team and repo badges on README
This patch adds the team's and repository's badges to the README file.
The motivation behind this is to communicate the project status and
features at first glance.

For more information about this effort, please read this email thread:

http://lists.openstack.org/pipermail/openstack-dev/2016-October/105562.html

To see an example of how this would look like check:

https://gist.github.com/b03ef51c8428611472d0b6a55a72f716

Change-Id: I722633d2839494df9b63c6bbdc0dd6a2c434fd09
2016-11-25 16:17:45 +01:00
Andy McCrae
a5e3fa7180 Swift upgrade testing.
Implement upgrade testing for os_swift role.

This patch adds an upgrade testenv, which configures a previous version
of swift, and the test-vars from the previous stable branch to be used
by the previous version of swift.

We don't run functional tests after the initial stable/newton deploy
because a working stable/newton branch is already tested, and it's
assumed it worked if the upgrade works too - which is more efficient.

This follows the pattern setup for Keystone in:
https://review.openstack.org/#/c/384269/

Change-Id: Icefc1c75b814b9d7dc5e79422e975346b9482e9d
Implements: blueprint upgrade-testing
2016-11-22 09:53:52 +00:00
Jesse Pretorius
e9cc96d50a Remove join filter from optional pip module tasks
Ansible 2.2 now treats the 'name' argument for the pip module
as a list, removing the need for us to implement the join
filter to optimise the install execution.

Change-Id: I16d6d75cc432ba57407689d0e1a4055c8172ce12
2016-11-21 17:45:13 +00:00
Jenkins
e8e08ec3e2 Merge "Fix hardcorded drive-audit path" 15.0.0.0b1 2016-11-16 14:56:41 +00:00
Logan V
37e77bbd50 Reinitialize venv upon install
Reinitializes (copies python, etc binaries) into the venv when
dropping a new venv into place. This is needed because the Python
binary packaged with the venv may not match the Python running on
the host it is being installed to. (ie. in the case of a Xenial
repo container and a Trusty target host.)

Change-Id: Ibb4ea98b56a5c9e7b1f4cc4ed75cd3bd9e29ada6
Partial-Bug: #1637509
2016-11-15 22:15:24 -06:00
Pedro Perez
3e90d83252 Fix hardcorded drive-audit path
Change-Id: I447e48ec704c4a3a0bfe1dc1cee46f0b0daf539e
2016-11-15 19:23:21 +01:00
Jenkins
1ff581f6b9 Merge "Add CentOS7 support for Swift" 2016-11-15 14:30:34 +00:00
Andy McCrae
42acde5ee9 Add CentOS7 support for Swift
This PR Adds CentOS 7 support for Swift.
The following was required to get CentOS 7 to work:
* Add yum install path + packages
* Variablize rsync service name
* Gather network interface facts prior to setting storage/repl IPs
* Ensure /etc/defaults/rsync is only set for apt installations.
* Ensure the rsyslog service is started and enabled.

Change-Id: Ibaf8bc8d54b55820e8b527b52940c61c05c732d8
2016-11-14 17:03:02 +00:00
Marc Gariepy
8587e19a6b Rename tmpfiles.d files
On CentOS /run/lock is created by /usr/lib/tmpfiles.d/legacy.conf file
which can be run after other conf we create for opentack services.
This patch rename the service files to openstack-service.conf to ensure
it is ran after legacy.conf

Change-Id: I2931178b0d817de886e4756c8a3155af72b9ca55
2016-11-10 09:48:59 -05:00
Logan V
dccb0c903c Use ansible_service_mgr fact
This patch removes some extra tasks for detecting systemd and uses
the  fact instead.

Partial-Bug: #1640125
Change-Id: I672596a8e0710c2d718e73393b8a3f3032f942dd
2016-11-10 07:19:52 +00:00
Jesse Pretorius
2d21424bb7 Remove join filter from pip module tasks
Ansible 2.2 now treats the 'name' argument for the pip module
as a list, removing the need for us to implement the join
filter to optimise the install execution.

Change-Id: I420873eb09b01ca55a02dd6b39f704875b9fa692
2016-11-09 21:35:01 +00:00
Jenkins
bb9c63bdc2 Merge "Set rsync to not perform reverse lookups" 2016-11-09 14:03:40 +00:00
Jenkins
c0e4699000 Merge "Use updated get_url module checksum functionality" 2016-11-08 15:26:12 +00:00
Jesse Pretorius
7286b39441 Use updated get_url module checksum functionality
Starting in Ansible 2.0, the get_url [1] module provides the
ability for a checksum to be provided to the get_url module
which will be verified against the local destination file
and the task skipped if it matches.

[1] http://docs.ansible.com/ansible/get_url_module.html

This patch implements the use of this functionality.

The ability to ignore a venv download failure is also removed
as this is not necessary or desirable. It is better for the
download to fail and the playbook execution to stop immediately
so that the failure point is exposed.

Change-Id: Ifb78bfae3748ed8c0954e761a624c87884fe48c6
2016-11-07 17:36:53 +00:00
Andy McCrae
4aa96a832c Set rsync to not perform reverse lookups
We don't setup hosts entries for replication addresses on storage hosts,
by default. Rsync is performing a reverse lookup on each rsync, and
failing. We should turn this reverse lookup off by default, but allow
this to be set to True.

This PR adds the "swift_rsync_reverse_lookup" boolean which is defaulted
to false.

Change-Id: Ie98113fd71a70ce9c74c3812046be6959b9a353f
2016-11-07 16:24:52 +00:00
Marc Gariepy
d277ccc437 Fix tmpfiles.d when multiple service are running
This fix tmpfile when multiple services runs in the same host with systemd.

Change-Id: Ibbac2bfd94affe27375cce13f5f91adcf37cb194
2016-11-04 14:53:36 -04:00
Jenkins
5e2ad01ed8 Merge "Remove ansible<2.2 apt cache hack" 2016-11-04 15:09:33 +00:00
Jean-Philippe Evrard
e04b4f4b30 Remove ansible<2.2 apt cache hack
Now ansible apt module correctly behaves, so it's time
to deprecate these cruft tasks for apt.

Change-Id: I33a3ee6cfafb58ba87639d8ad63157844baae35e
2016-11-03 23:38:37 +00:00
Jesse Pretorius
ead9bc82b0 Simplify pip options/constraints mechanism
The current constraints generation for the
installation involves multiple tasks and multiple
variables.

Using multiple tasks extends the installation time
unnecessarily and the additional variables are
unnecessary.

This patch aims to simplify the mechanism and
hopes to speed it up a little.

Change-Id: Icdd5d053346e7d31dcfd4331c7b7b0f184bf376b
2016-11-02 18:07:36 +00:00
OpenStack Proposal Bot
8903130a2e Updated from global requirements
Change-Id: I01505c9f3553b875d7c09d8053532d3bb366830d
2016-11-02 15:38:02 +00:00
Logan V
7de60df8c3 Fix linting issues for ansible-lint 3.4.1
Preparing this role for the ansible-lint version bump

Change-Id: Ib78b5fd36dcd23d18fc13382359f5099405856d0
2016-11-02 13:03:19 +00:00
Jenkins
6fc3caee2b Merge "Swift proxy performance fixes" 2016-10-28 15:39:06 +00:00
Samuel Matzek
b0f330e7b2 Swift proxy performance fixes
Performance testing of an OSA deployed Swift cluster hit several issues.
Comparison of the proxy conf with the Swift Auth docu [1] found
two settings that affect performance that that were not set in the template.

include_service_catalog - This defaults to True which makes the proxy server
fetch the service catalog on every request in the authtoken middleware. This
hammers Keystone.

cache - When using memcache this should be set so the authtoken middleware
uses the correct cache and not go back to Keystone on every request.

[1] http://docs.openstack.org/developer/swift/overview_auth.html

Change-Id: Iddaf097e3ff5c1b7118b11cfc598a40a91d6f96f
2016-10-28 15:58:40 +02:00
Andy McCrae
cd222e8cff Add object-reconstructor for swift EC
Swift Erasure Coding requires the object-reconstructor to be running,
this PR adds the object-reconstructor configuration and systemd/upstart
file.

Additionally, this PR adds testing for an erasure-coding policy as well
as for multiple policies in 1 deployment.

Change-Id: I71fe3d77e93112b9d27c93b37b59e6242cb3e00e
Closes-Bug: #1634859
2016-10-19 18:36:14 +01:00
Jenkins
c86cf011e0 Merge "[DOCS] Added release-name as a watermark to Docs." 2016-10-19 14:00:27 +00:00
Jesse Pretorius
4f6c605db6 Use upper constraints for all tox targets
With the implementation of https://review.openstack.org/388087 all
tox targets may now use upper constraints.

Change-Id: Ia19db752aa59ca1e5e992135e4d57054c3dfd5b2
2016-10-19 07:44:26 +01:00
Nish Patwa
b495b8f0f0 [DOCS] Added release-name as a watermark to Docs.
Added a water mark to the role documentation
to make clear to deployers which release they're
working with.

Modified conf.py that adds watermark to the documentation according
to particular branch. If the current branch is master than
watermark is 'Pre-release' and if the current branch is
stable/<release-name> than watermark is <release-name>.

This is a combined implementation based on the following
patches:
- https://review.openstack.org/372565
- https://review.openstack.org/382637
- https://review.openstack.org/384140

Change-Id: I5680e3e9a49b038a897735c2fe04cd3890b29a0f
2016-10-18 17:35:21 +00:00
Jenkins
fe6bfdaffa Merge "Remove 'ignore_errors: true' in favor of 'failed_when: false'" 2016-10-17 13:14:44 +00:00
Jenkins
6e816d8f37 Merge "Always setup ResellerAdmin role in keystone" 2016-10-16 11:14:30 +00:00
Kevin Carter
e7dd1eb0cb Remove 'ignore_errors: true' in favor of 'failed_when: false'
This change removes the use of 'ignore_errors: true' because it causes deployers
to see red output and a stacktrace, which traditionally means something is broken,
even when the failure is known to have a fall back option or be intentional. This
conversion will provide a generally cleaner interface.

It should be noted that the 'failed' filter will still function normally. Tasks
with the 'failed_when: false' option will still be marked as 'failed' in any
registered variable. This change simply makes the output look cleaner.

Change-Id: Idb837672142c26d0198bf914abab900fcade7ccb
Closes-Bug: #1633438
Signed-off-by: Kevin Carter <kevin.carter@rackspace.com>
2016-10-14 16:46:18 -05:00
Andy McCrae
033aa502e5 Fix swift init scripts w/o dedicated replication
When not using dedicated replication systemd still puts init scripts
down, which take a long time to restart/start. upstart scripts get
around this by setting blank scripts.

Now that we are using a service dict we can do better by defining an
"service_en" flag and not setting up scripts when the service isn't
enabled.

Additionally, the systemd tempfiles and init files were not using the
appropriate "program_binary" variable at all, this has been fixed.

Change-Id: Iae569bfe38a440fb09e56658b3a934799a8821e8
2016-10-14 18:19:51 +01:00