Since we are in ocata lets remove all old parameters in api
to configure the keystone_authtoken section
Change-Id: I4dc0bd544f91fd52ad437b4c3ebbd16a43895726
The rabbitmq connection parameters have been deprecated in favor of the
transport_url setting.
Change-Id: I891570dde75dc58f45e5ad6386be9e522b2706eb
Related-Bug: #1625198
It's possible for glance-api to get stuck in a loop starting when
the backend is swift, and python-swiftclient is not present on
the system.
Depends-On: I65fb0736e9fa9e68c3c7877cf6caf228c49eb82d
Change-Id: I1eeb9f12cf82961ae820067ad8fe91d096d1d6e1
Closes-bug: #1632143
This patch changes the default worker count from ::processorcount to the
new ::os_workers fact. ::os_workers is based on the number of processors
(currently cpu/4) but is capped at a maximum of 8 worker processors.
This is a much more reasonable default in general and prevents excessive
resource consumption on systems with a large number of CPUs.
Change-Id: I3808177027a880c88f075cdbef0aba2a56fb26bc
If db sync fails, it is never retried leading to errors. So, this
patch adds retries for db_sync to avoid sync fails.
Change-Id: I8778bd1b609bc5458a250111dc0a0f9b2fb52161
Closes-Bug: #1628580
Add parameters to configure tasks & taskflow executor. Allows mainly to
allow enabling automatic image conversion at import using the
'conversion_format' parameter.
Change-Id: Ice376ca219ee36ddc97a8317fac20bf8f157b7db
Removing puppet-lint warnings
in favor of upgrading to latest gem
2016-09-13 21:08:47.767844 | manifests/api.pp:558:WARNING: line has more than 140 characters
2016-09-13 21:08:47.767929 | manifests/params.pp:35:WARNING: line has more than 140 characters
2016-09-13 21:08:47.767948 | tests/site.pp:6:WARNING: unquoted node name found
Change-Id: I3a8a01057befa358867eb0396e19c9b763e2b13a
log_file should be set to $::os_service_default and not to the boolean
false because the boolean false gets interpreted as a file name.
Change-Id: I2b7f3ad6f04b24e357948bd23782b89764e632e5
Use glance::<service>::authtoken to configure keystone_authtoken
section in glance configs, with all parameters required
to configure keystonemiddleware.
Also changed auth_type to auth_strategy, because auth_type is
related to keystone authentication.
Change-Id: I722a1e41b2cee0b3040c37f07adfd13c33edaa5c
Closes-bug: #1604463
Glance is now using the HTTPProxyToWSGI middleware from
oslo.middlware in its default api-paste configuration [1]. This commit
gives us the ability to enable/disable that middleware.
[1] I481d88020b6e8420ce4b9072dd30ec82fe3fb4f7
Change-Id: I51fbc6050dfbdc72f7ee56a2d17dd5223a208a17
Patch Ie50ab3371386691b72e25e1088198c05edb920b6 is missed deprecation
for Glare service, so this patch fix it.
Also fix typo in release note.
Change-Id: If6292e518d1ccd7b83072c99cff1e76078753218
The auth_region options in the [DEFAULT] configuration section in
glance-api.conf are deprecated, and will be removed in the O release.
Change-Id: Ie50ab3371386691b72e25e1088198c05edb920b6
This adds defined anchor points for external modules to hook into the
software install, config and service dependency chain. This allows
external modules to manage software installation (virtualenv,
containers, etc) and service management (pacemaker) without needing rely
on resources that may change or be renamed.
Change-Id: If683fbd098e701a3c4da91941cf818b18b41b209
This patch switches the service name from 'Image Service' to
just 'glance' so that it matches what we do for other services.
Typically we use the project (auth) name for the service_name.
Not having a consistent catalog can cause failure to find
endpoints for some services. Mistral for example would fail
to lookup the glance endpoint due to it being set as 'Image Service'
rather than 'glance'.
Change-Id: I17116c0f995ab76ed79bd8b2df57629c1ed4e4d0
Closes-bug: #1584229
This change updates glance::keystone::auth to include the
user-provided auth_name as a parameter for the service_identity
provider. Hardcoding the namevar of that resource as was agreed. the
service_name parameter was not undef as in other resources, so the
name was left as-is. And we no longer pick a service_name out of the
service_name and auth_name; now only the service_name is taken into
account.
Closes-Bug: #1590040
Change-Id: I757930e05b6e14cb15139840c9e4a513c9af5d17
The README file refers to an invalid *_address parameters
when *_url parameters should be used. The example in the
manifest does not show a password listed (which is required).
Change-Id: I03eb31f0c660afca1688e6fc7a992cfb70317706
Option "verbose" from group "DEFAULT" is deprecated for removal.
The parameter has no effect.
-Deprecated verbose for logging and init
-Remove verbose in README
-Remove verbose from tests.
If this option is not set explicitly, there is no such warning
Change-Id: I7e58412fe26962337845b3cb9d67679bac0709d8
The db_max_retries parameter regulates the number of reconnection
attempts performed after an error raised rather than at startup.
Change-Id: Ic1192deded14f9640aa02fe00f5339d3a878de70
Closes-Bug: 1579718
Co-Authored-By: Giulio Fidende <gfidente@redhat.com>
Database, logging and policy parameters for api, registry
and glare services are configured from oslo defines now.
Change-Id: Iee5ee3adfaf9cef1dd3f634806d47c3c52c648fb
Additonal changes:
* switch messaging related parameters to $::os_service_default
as they are used in oslo::messaging_rabbit define
* update unit tests
* update docs for notify::rabbitmq class
* drop deprecated rabbit_durable_queues parameter
* fix notification parameters according to mitaka config file
Change-Id: Ib20c13f136a299c958d9ac064e8ad93ceb0ebd40
It appears that the resources decleration, that made purge_config work,
was accidently removed. I am adding it back so that the option will work
again. This resources decleration was setting the purge flag with a
boolean, so that inifile would handle it.
* Adding in spec tests
Change-Id: Ib80b89932c60aeab0d252109d2e79ac0f209596b
Glance with vsphere backend by default verifies vCenter server TLS/SSL
certificate using system truststore (e.g.
/etc/ssl/certs/ca-certificates.crt). Here is a problem with connection
to vCenter: if we consider case with default installation, then vCenter
starts with self-signed certificate which cannot be verified using linux
shipped CA bundle. Glance starts, but fails to do any useful work,
because it generates SSL errors due to inability to verify vCenter
TLS/SSL certificate.
User can provide its own CA bundle file for Glance to verify connection,
but currently puppet-glance does not support this. This patch aims to
fix this problem, it:
- introduces new optional parameter $vcenter_ca_file which undef by
default, which means that value will not be written to glance-api.conf
- it switches default value of vmware_api_insecure to True
- provides rspec tests for changed behaviour
Change-Id: Icef5c35ad1128df465da548dd880a0dfeeadb5e1
Related-bug: #1559067
We need options to be able to set the user and project domain
when using keystone v3 credentials for the swift backend. Without
these options keystone v3 swift will fail.
Change-Id: Id384b0eca750e0946b42cb8ccb60a7f9ed64d21a
This patch adds posibility to configure backend settings for Glare
service.
Since Glare service is experimental feature, it can be usually disabled
for deployment. Hence was added a optional parameter 'glare_enabled' for
each backend manifest. So, if Glare is enabled glance glare config
will (and should) have same backend options as main glance api config.
Change-Id: I112a332f490d2e57eef5fa7d41d465c0eb89da04
Related-bug: #1555697
Change I3371d1d57486e79ccfae565417f2195d3ae66bc9 is introduced a new
glance service - Glare, but it missed options for glance::config
Also this patch adds tests for glance::config class
Change-Id: Ie07480562b2c0761f5218eb00b3ed3f335bd7cfb
Change I3371d1d57486e79ccfae565417f2195d3ae66bc9 is introduced a new
glance service - Glare and it has own endpoint. This patch adds it.
Change-Id: Ibea50c249e6f0f33dbcfae4bf7cf3569f27c21e5
Related-bug: #1555697
In Mitaka Glance v3 was moved to stand alone service [1] - now
it's called Glance Artifacts Repository (Glare).
This patch adds appropriate service managing, package installation,
configuration and related spec tests.
[1] I5b7bd4cdcc5f2a40fc4a5f74bcc422fd700c4fb0
Change-Id: I3371d1d57486e79ccfae565417f2195d3ae66bc9
Closes-bug: #1555697
Add missing options to allow Glance API to connect to Glance Registry
when SSL is enabled on both services.
Also switching SSL options to os_service_default to avoid useless
conditions in manifests.
Change-Id: Ia40228fc165ef8ce1213fed7f5eec4de1c12c013
This patch removes File resources which should be delivered by packaging
tools. These resources (files, directories, modes, users, and group
attributes) could be in conflict with different OS packaging systems
which isn't a desired result.
Co-Authored-By: Ivan Berezovskiy <iberezovskiy@mirantis.com>
Closes-Bug: #1458915
Change-Id: I02fe8cc99dcd56e16ac66136a0da244a1eeb630b
This patch moves the default_store config option to the glance::api
class, and makes it possible to configure more than one store while
supplying a value for the default store to be used. If only one store
is given for glance_store/stores, the default store is automatically
set to be the same value. If multiple stores are given and no default
store is explicitly set, the config will fail and ask the user to
provide a default store.
Change-Id: I28a79ae36e673a3537ea16910d338666b65c80f7
Closes-bug: #1481460
Co-Authored-By: Alex Schultz <aschultz@mirantis.com>
Iury Gregory Melo Ferreira