As part of the Trusty removal, the "pattern:" option for service
restarts can be removed. This prevents the following warning message
from appearing in the Ansible runs:
[WARNING]: Ignoring "pattern" as it is not used in "systemd"
Change-Id: I38e04f48360ef558fa7d99e90fb0e73a9cb887be
As a part of removing Trusty from OpenStack-Ansible we shall aim to
remove this from all the roles.
Testing has already been removed for Trusty in the integrated build and
all individual repositories on master (Ocata), as such we can now go
ahead and remove the support within the roles.
Change-Id: I89ba35fd15703aba2a05d11d4550690704bdf272
Implements: blueprint trusty-removal
This patch adds copy as a middleware for swift, this follows upstream's
approach and reduces errors that indicate it is being automatically
included in the pipeline.
Change-Id: I4591ff3f3464d8bfa4ffd012f117aba881b02b65
Currently when clicking on the small bug in the roles'
docs, we land on openstack-manuals launchpad.
This should solve it.
Change-Id: Ie15e443caf00634db8ef5f1415a79f193db227ea
Move to use tempauth to resolve memory issues resulting from an AIO
swift install running in pypy.
This PR adds some options for using pypy:
* Set a pypy Garbage collection value
This PR includes some tempauth fixes to make it useable:
* Set the tempauth users based on a variable
Testing is changed as follows for pypy:
* Use only memcache within swift-proxy
* Remove galera/keystone
* Add swap for swift-storage hosts
* Use tempauth for pypy
* Reduce to 2 swift hosts
Change-Id: Ic1ed5acc9b20853d9a159035226f97fda088f035
Since adding the rsyslog_client role as a dependency for Swift, the
syslog username for CentOS is the same as for Debian "syslog", as such
this patch removes the distro specific option for this variable.
Change-Id: I838dfacbe48fd8310c5e8d4405a683d11adf45ed
Versioned Objects in Swift now use a middleware that is added to the
pipeline instead of the "allow_versions" in the container config. These
have 2 different Headers, so to prevent "X-Versions-Location" from not
working the "allow_versions" in the container config is left in place.
This patch adds the middleware by default and sets the Versioned Objects
support to be on. This is the upstream default and the deployer would
still need to set the "X-History-Location" header on a container to
utilise the feature.
Change-Id: I88811fd77fad8d2241448ca5ffb565fa7d704a00
From Newton onwards we're able to take advantage of
the Ansible package module, instead of conditionally
executing the apt or yum module.
Implementing this is an optimisation which we can do
in master and backport to stable/newton,
reducing the execution time.
Reference: http://docs.ansible.com/ansible/package_module.html
Change-Id: Ic4ac593ec53fc6e7e420c0bd31975f1fa34fbb06
Related-Bug: #1642654
please see https://github.com/fireteam/virtualenv-tools/issues/5
This make installation of the virtualenv impossible on CentOS7 since
you endup with python > python2.7 and python2.7 > python
lrwxrwxrwx. 1 root root 9 Nov 24 20:49 python -> python2.7
lrwxrwxrwx. 1 root root 6 Nov 14 20:03 python2 -> python
lrwxrwxrwx. 1 root root 6 Nov 14 20:03 python2.7 -> python
Change-Id: I8f7d772d51c6407207cbc8d6a9eab30939eccfde
Related-Bug: #1637509
Partial-Bug: #1644629
Implement upgrade testing for os_swift role.
This patch adds an upgrade testenv, which configures a previous version
of swift, and the test-vars from the previous stable branch to be used
by the previous version of swift.
We don't run functional tests after the initial stable/newton deploy
because a working stable/newton branch is already tested, and it's
assumed it worked if the upgrade works too - which is more efficient.
This follows the pattern setup for Keystone in:
https://review.openstack.org/#/c/384269/
Change-Id: Icefc1c75b814b9d7dc5e79422e975346b9482e9d
Implements: blueprint upgrade-testing
Ansible 2.2 now treats the 'name' argument for the pip module
as a list, removing the need for us to implement the join
filter to optimise the install execution.
Change-Id: I16d6d75cc432ba57407689d0e1a4055c8172ce12
Reinitializes (copies python, etc binaries) into the venv when
dropping a new venv into place. This is needed because the Python
binary packaged with the venv may not match the Python running on
the host it is being installed to. (ie. in the case of a Xenial
repo container and a Trusty target host.)
Change-Id: Ibb4ea98b56a5c9e7b1f4cc4ed75cd3bd9e29ada6
Partial-Bug: #1637509
This PR Adds CentOS 7 support for Swift.
The following was required to get CentOS 7 to work:
* Add yum install path + packages
* Variablize rsync service name
* Gather network interface facts prior to setting storage/repl IPs
* Ensure /etc/defaults/rsync is only set for apt installations.
* Ensure the rsyslog service is started and enabled.
Change-Id: Ibaf8bc8d54b55820e8b527b52940c61c05c732d8
On CentOS /run/lock is created by /usr/lib/tmpfiles.d/legacy.conf file
which can be run after other conf we create for opentack services.
This patch rename the service files to openstack-service.conf to ensure
it is ran after legacy.conf
Change-Id: I2931178b0d817de886e4756c8a3155af72b9ca55
This patch removes some extra tasks for detecting systemd and uses
the fact instead.
Partial-Bug: #1640125
Change-Id: I672596a8e0710c2d718e73393b8a3f3032f942dd
Ansible 2.2 now treats the 'name' argument for the pip module
as a list, removing the need for us to implement the join
filter to optimise the install execution.
Change-Id: I420873eb09b01ca55a02dd6b39f704875b9fa692
Starting in Ansible 2.0, the get_url [1] module provides the
ability for a checksum to be provided to the get_url module
which will be verified against the local destination file
and the task skipped if it matches.
[1] http://docs.ansible.com/ansible/get_url_module.html
This patch implements the use of this functionality.
The ability to ignore a venv download failure is also removed
as this is not necessary or desirable. It is better for the
download to fail and the playbook execution to stop immediately
so that the failure point is exposed.
Change-Id: Ifb78bfae3748ed8c0954e761a624c87884fe48c6
We don't setup hosts entries for replication addresses on storage hosts,
by default. Rsync is performing a reverse lookup on each rsync, and
failing. We should turn this reverse lookup off by default, but allow
this to be set to True.
This PR adds the "swift_rsync_reverse_lookup" boolean which is defaulted
to false.
Change-Id: Ie98113fd71a70ce9c74c3812046be6959b9a353f
The current constraints generation for the
installation involves multiple tasks and multiple
variables.
Using multiple tasks extends the installation time
unnecessarily and the additional variables are
unnecessary.
This patch aims to simplify the mechanism and
hopes to speed it up a little.
Change-Id: Icdd5d053346e7d31dcfd4331c7b7b0f184bf376b
Performance testing of an OSA deployed Swift cluster hit several issues.
Comparison of the proxy conf with the Swift Auth docu [1] found
two settings that affect performance that that were not set in the template.
include_service_catalog - This defaults to True which makes the proxy server
fetch the service catalog on every request in the authtoken middleware. This
hammers Keystone.
cache - When using memcache this should be set so the authtoken middleware
uses the correct cache and not go back to Keystone on every request.
[1] http://docs.openstack.org/developer/swift/overview_auth.html
Change-Id: Iddaf097e3ff5c1b7118b11cfc598a40a91d6f96f
Swift Erasure Coding requires the object-reconstructor to be running,
this PR adds the object-reconstructor configuration and systemd/upstart
file.
Additionally, this PR adds testing for an erasure-coding policy as well
as for multiple policies in 1 deployment.
Change-Id: I71fe3d77e93112b9d27c93b37b59e6242cb3e00e
Closes-Bug: #1634859
With the implementation of https://review.openstack.org/388087 all
tox targets may now use upper constraints.
Change-Id: Ia19db752aa59ca1e5e992135e4d57054c3dfd5b2
Added a water mark to the role documentation
to make clear to deployers which release they're
working with.
Modified conf.py that adds watermark to the documentation according
to particular branch. If the current branch is master than
watermark is 'Pre-release' and if the current branch is
stable/<release-name> than watermark is <release-name>.
This is a combined implementation based on the following
patches:
- https://review.openstack.org/372565
- https://review.openstack.org/382637
- https://review.openstack.org/384140
Change-Id: I5680e3e9a49b038a897735c2fe04cd3890b29a0f
This change removes the use of 'ignore_errors: true' because it causes deployers
to see red output and a stacktrace, which traditionally means something is broken,
even when the failure is known to have a fall back option or be intentional. This
conversion will provide a generally cleaner interface.
It should be noted that the 'failed' filter will still function normally. Tasks
with the 'failed_when: false' option will still be marked as 'failed' in any
registered variable. This change simply makes the output look cleaner.
Change-Id: Idb837672142c26d0198bf914abab900fcade7ccb
Closes-Bug: #1633438
Signed-off-by: Kevin Carter <kevin.carter@rackspace.com>
When not using dedicated replication systemd still puts init scripts
down, which take a long time to restart/start. upstart scripts get
around this by setting blank scripts.
Now that we are using a service dict we can do better by defining an
"service_en" flag and not setting up scripts when the service isn't
enabled.
Additionally, the systemd tempfiles and init files were not using the
appropriate "program_binary" variable at all, this has been fixed.
Change-Id: Iae569bfe38a440fb09e56658b3a934799a8821e8