This is partial revert of 0ed626e1461fecc4f443fcd543a99ba945539b1f .
After discussing several problems caused by scope separation, we
decided to suspend implementing the scope enforcement and focus on
project personas like reader role. As the result of that decision,
the system admin persona will be removed, thus we should use
the project admin persona instead. The previous policy rules to allow
system scope access have been reverted by [1].
This does not revert the original patch to keep the unit tests which
were hugely refactored by that change.
[1] 066e1e69d1394839a9f0bde4ca8c3a0db2d52396
Change-Id: I85847850602ab3526d2fdb1a56bb927183198825
This change adds support for the [quota] count_usage_from_placement
option in nova.conf, which allows nova to count core/ram usage
from placement.
Change-Id: I1668efd5f9fe2509e0fcfdd431dd74c304e3d0bd
Currently we implement separate providers for all libvirt configuration
files but this is quite redundant because we have the same logic in
all providers.
This change refactors these providers makes use the libvirtd_config
provider used as the base implementation.
Change-Id: I486211306620d245262678875be3ec607640e921
The current default values are same as the defaults defined in Nova,
thus can be replaced by $::os_service_default .
Change-Id: I723215afe7ba085f3da993189d9e2db85c1fa2aa
Libvirt setting for (admin_/)max_client_requests is an important
configuration to be tweaked when serving long running requests.
Signed-off-by: Bogdan Dobrelya <bdobreli@redhat.com>
Change-Id: I2d0ab2472f940ef6edac662e167033881ab09086
Currently parameter description of the <module>::wsgi::apache classes
are formatted differently in individual modules, and this is making
the maintenance effort quite difficult.
This change updates the description format following the standard one
we are globally using in our modules to reduce undesired differences
between modules.
Change-Id: I1f78cc018c6a98412fdabb9aa731f1f7b8509eec
Add parameters for advanced logging configurations in Apache to
support piped logging and support for syslog (via mod_syslog
available in Apache >= 2.5.0)
Co-Authored-By: Andy Botting <andy@andybotting.com>
Change-Id: I1491f5b5a895b214e16263c9a2f57838911789be
This parameter was deprecated during Yoga cycle in favor of the new
mdev_types parameter[1].
[1] 0be9d0a3c70001517bf2cf8535973bd77064ec96
Change-Id: Idad6f62157ee637be64cee585beafe292efc9c15
These were deprecated in favor of the separate classes to customize
key manager, which were added during Xena cycle[1].
[1] e500bfe5e0900f163b6d0b69e224615786d7f6c2
Change-Id: Iad3298e0b0cefd7049536820e21eb4ab69afec42
This change introduces support for the new workarounds option, which
allows users to migrate instances from a newer version of hypervisor
to an old version.
Depends-on: https://review.opendev.org/851034
Change-Id: I6a8b1229bc7b759d6d4ac737758ca8331c192f2d
The puppetlabs-apache module is enforcing more strict data type
validation[1].
This change updates the default values to adapt to that change.
[1] f41251e336
Closes-Bug: #1983300
Depends-on: https://review.opendev.org/851652
Change-Id: I102a35c38f100a729ccea7c955b7e015590f2500
There are some features in nova-compute which validate policy rules.
For example when connecting an instance to an external network,
nova-compute checks ``network:attach_external_network`` to determine
whether the operation is permitted.
This enables the configuration resources related policies in
nova-compute, as is done for the nova-api service.
Closes-Bug: #1983295
Change-Id: I199102af1f9b8f9fd08f2066a0b54737ff7b41e3
These parameters were deprecated during Yoga cycle[1] and has no effect
now.
[1] 25651f25e259ca957eb26cd15a290dfde142888e
Related-Bug: #1941855
Change-Id: Ic1479131983b790a38c9ae6002b5e83bfcded59d
This reverts commit 20fec0749121b93189fd8a4195e21914982a3d30.
Reason for revert:
puppet-postgresql 8.1.0 was released and now the module supports RHEL 9
(and CentOS 9 effectively).
Note:
This change adds the service_provider fact in test fact data because
it is required by puppet-postgresql.
Depends-on: https://review.opendev.org/850705
Change-Id: I912189bb54c0116b0c3df9f68cb96b1b9659de53
The value with a white space should be accepted instead of being
rejected. This change fixes the wrong test case description and makes
sure the description explains what is actually tested.
Change-Id: I4804617c448e3ea8f65e8b971b1cafcde0a1d321
... so that we users can use '<SERVICE DEFAULT>' similarly to
the resource types to manage the <service>.conf files.
Closes-Bug: #1981118
Change-Id: I4092da4732d5e68ce190e7341df7a01166954504
The headers option in apache::vhost is required in some case, for
example when adding the X-XSS-Protection header. This change allows
customizing the option for the api vhost.
This change also adds support for request_headers so that both request
headers and response headers can customized.
Change-Id: I23568d804f97c804f8883b49690f77d2119c4b87
This change fixes the wrong notification which was introduced by
170edf57d8798d7b14770a73d93d0c00ee9bbd4a and ensures the correct
service is restarted.
Change-Id: Id8c38281fc8a69c1a83bd3806ac216556152759e
