300 Commits

Author SHA1 Message Date
Takashi Kajinami
02965a6077 Allow (more) customization of amphora log offloading
This change extends coverage of [amphora_agent] options so that users
can customize these parameters.

Especially the log_protocol parameter is required to use TCP protocol
instead of UDP protocol for log transferring, for more robust logging.

Change-Id: I697fdbef762c69bb1494eae1cfa8252a2bd2c9b3
2022-07-11 16:15:28 +09:00
Zuul
7685156256 Merge "ovn: Accept arrays for ovn_*_connection parameters" 2022-06-20 18:52:50 +00:00
Takashi Kajinami
cf154d7172 ovn: Accept arrays for ovn_*_connection parameters
These parameters are regarded as StrOpt, but can accept comma-seprated
strings.

Change-Id: I725d7c167886ae799663bbe3c033fb99a81f9711
2022-06-16 10:22:58 +09:00
Zuul
ad3dc77a4a Merge "Move common parameters from the health_manager class" 2022-06-10 09:27:37 +00:00
Takashi Kajinami
dd729322ab Move common parameters from the health_manager class
Some health_manager parameters are used not only by health-manager but
also by worker. This change migrates the parameter used by these two
services from the health_manager class to the controller class, so that
we can deploy these two services separately.

Change-Id: I33d7a11514508a459546c905afe2165fb9fa1ebf
2022-06-02 14:21:10 +09:00
Zuul
c13c3ba6e7 Merge "Support [amphora_agent] agent_tls_protocol" 2022-05-31 15:17:59 +00:00
Zuul
c6a1b96d0a Merge "Support [amphora_agent] agent_request_read_timeout" 2022-05-31 15:17:57 +00:00
Takashi Kajinami
eabf0a2f5d Support [amphora_agent] agent_tls_protocol
Change-Id: Ib79a959abf90ccd1b9f122098d8794f89f9a46a7
2022-05-26 11:54:06 +09:00
Takashi Kajinami
2ac18b1050 Support [amphora_agent] agent_request_read_timeout
Change-Id: I0056d81ed88f0815019fe0e9671e0a3a2b78dbb2
2022-05-26 11:54:06 +09:00
Takashi Kajinami
44a32b37db Support more [certificats] parameters
Change-Id: Iabcc22e9fae5b510086370b53c3baa39b589712e
2022-05-24 13:49:26 +00:00
Tom Weininger
b5ab3de4bc Allow amphora timezone configuration
Adds support for the ``[controller_worker] amp_timezone`` configuration
parameter. It allows to configure the timezone of the amphora.

Depends-On: https://review.opendev.org/c/openstack/octavia/+/839937
Change-Id: I9a2cfddfa2e91fde8280c4cab4c51d05ae436ae5
2022-05-19 11:52:01 +02:00
Takashi Kajinami
c7dd10a34f Replace remaining hard-code of OS user/group
This is follow-up of 86ed6dd398ab11e7d541802952cb51ed000f3f05 and
replaces the remaining hard-coded OS user and group in individual
manifests.

Change-Id: I4f96d5f8ff7fc49157a556140e747fca61422fea
2022-04-08 23:00:43 +09:00
Tobias Urdin
c3d78e5cb4 Add allow_ping_health_monitors parameter to api
This can be used to set the allow_ping_health_monitors
configuration option in api_settings group

Change-Id: Icdee753af276224c969a3eb0e790d331269893d6
2022-04-01 10:03:45 +09:00
Takashi Kajinami
753b692799 Support more [certificates] options
Change-Id: I01e705c6500e5533a739719dcf00129f690b08bd
2022-03-24 14:23:56 +09:00
Zuul
4ee9cc5dc3 Merge "Add support for [haproxy_amphora] default_connection_limit" 2022-03-11 16:02:39 +00:00
Zuul
4af49c5707 Merge "[health_manager] Allow tuning individual threads" 2022-03-11 11:37:58 +00:00
Zuul
6bb749a4da Merge "Globally support system scope credentials" 2022-03-11 11:37:56 +00:00
Takashi Kajinami
9c24dbc63a Add support for [haproxy_amphora] default_connection_limit
... which was added during Ussuri cycle[1].

[1] f4305e036c30b23588d7d1448448010b95c24069

Change-Id: I3ee2fa2e02fd24b6eb357c7ffb69a3bbfe74c1a9
2022-03-10 23:47:46 +00:00
Zuul
1d7eff7725 Merge "Use consistent name for enabled_provider_drivers" 2022-03-08 01:07:04 +00:00
Zuul
25cc8cc20d Merge "Accept array or hash for enable_provider_drivers" 2022-03-08 01:07:01 +00:00
Zuul
772c4ddcc5 Merge "Add parameters to configure amphorav2 driver" 2022-03-08 00:52:37 +00:00
Takashi Kajinami
be91d620fa Globally support system scope credentials
After spending huge effort to understand the exact requirements to
enforce SRBAC, we learned it's very difficult to find the required
scope in each credential. This requires understanding implementation of
client-side as well as server-side, and requirement might be different
according to the deployment architecture or features used.

Instead of implementing support based on the actual implementation,
this introduces support for system scope credentials to all places
where keystone user credential is defined, and make all credential
configurations consistent.

Change-Id: I2d8c35023c9851e6c043b07a1270e386feb9b1dd
2022-03-04 01:52:41 +09:00
Gregory Thiemonge
2b9f2a0813 Add parameters to configure amphorav2 driver
amphorav2 driver was introduced in stable/ussuri in Octavia, but some
parameters to configure the backend server to enable persistence were
still missing in puppet-octavia.

Change-Id: I8a9bf0b2c17cd35bc09fbb0270c4ef4ed4e491bd
2022-03-01 08:04:09 +09:00
Zuul
4c8389f430 Merge "Create octavia flavor in the services project by default" 2022-02-24 09:57:48 +00:00
Takashi Kajinami
2b9282bab6 Use consistent name for enabled_provider_drivers
This change renames the octavia::api::provider_drivers parameter so
that the name is consistent with the parameter name in Octavia.

Change-Id: Id0371d4f9dd4a4922deabae512153d9f9767bf55
2022-02-23 23:05:23 +09:00
Takashi Kajinami
270d33d543 Accept array or hash for enable_provider_drivers
The [api_settings] enable_provider_drivers parameter is DictOpt and
accepts a string value which represents a dictionary. This change
allows using array or hash for this parameter so that users can use
a more "native" type to define its value.

Change-Id: Icfa01a6cba5f4eda68d51ec2740f24fbc049f6e2
2022-02-23 22:30:44 +09:00
Takashi Kajinami
cffdaec795 [health_manager] Allow tuning individual threads
This change allows users to tune health_update_threads and
stats_update_threads separately, instead of enforcing the same value
for these two parameters.

The workers parameter, to determine the common value for these two
parameters, has been deprecated in favor of the new separate
parameters.

Change-Id: I4fda43e1742795b98be4f15f960816644900217c
2022-02-23 03:48:24 +00:00
Zuul
41390b4afb Merge "Avoid hard-coding OS user/group in each manifest" 2022-02-22 16:37:53 +00:00
Takashi Kajinami
86ed6dd398 Avoid hard-coding OS user/group in each manifest
and replace hard-codes by definition in params.pp .

Change-Id: I423c8e1f773eb9d5e7c5bbf368fd252b7da891bb
2022-02-21 01:30:59 +09:00
Zuul
c731f61ca4 Merge "[service_auth] Define default values" 2022-02-20 13:23:36 +00:00
Zuul
7edbd6dcae Merge "api: Add support for TLS cipher/version parameters" 2022-02-20 10:39:33 +00:00
Zuul
26f6cb58ed Merge "Remove deprecated amqp_allow_insecure_clients" 2022-02-18 12:31:29 +00:00
Takashi Kajinami
e0d45ad9f9 Create octavia flavor in the services project by default
This change ensures the nova flavor for Octavia instances are created
in the project to which the Octavia service belongs to. Current usage
without project_id can result in an unexpected project according to
the behavior of provide implementation(and the libraries used by it).

Depends-on: https://review.opendev.org/829512
Change-Id: Ib26dc1477f5b7759e36a8e518ca52db9a9986642
2022-02-17 18:05:33 +09:00
Takashi Kajinami
99dbf043d7 Remove event_streamer_driver
... because it was deprecated during Train cycle by [1].

[1] 748f26fe2282ea00f5d71b4af2335eac8273cd9b

Change-Id: I2bb59b679714fa57c31dd0a2da9ec9ad3b9f79ad
2022-02-11 19:25:25 +09:00
Takashi Kajinami
5357bb2e87 api: Add support for TLS cipher/version parameters
Change-Id: Icf6795dfd6f7415f6828d29fd1a8a99af5f75270
2022-02-09 12:37:52 +09:00
Zuul
129c30ff1c Merge "Wire-in heartbeat_interval" 2022-02-09 00:17:02 +00:00
Takashi Kajinami
93cdf4a66e Remove deprecated amqp_allow_insecure_clients
... because it was deprecated during Wallaby cycle.

Change-Id: I6cdae966ac7bcddbf3510af77e462dec2944ad9c
2022-02-08 22:18:49 +09:00
Zuul
85e5488df2 Merge "Clean up deprecated database parameters" 2022-02-07 15:57:13 +00:00
Zuul
2533e85f1f Merge "Simplify definition to ensure keystone resource creation" 2022-02-07 15:52:12 +00:00
Zuul
65a4b38224 Merge "Remove unused logic" 2022-02-07 15:52:10 +00:00
Takashi Kajinami
ce727fb1aa [service_auth] Define default values
Currently all parameters of the octavia::service_auth class default to
$::os_service_default. However the [service_auth] parameters are
required to make Octavia work correctly and users always need to define
these parameters.

This change updates default of these parameters, following the global
default values we use for service authentication.

Change-Id: I655e9f1de3e32adac089a494a9d755e83eacc577
2022-02-07 22:18:32 +09:00
Bogdan Dobrelya
5e6774459b Wire-in heartbeat_interval
Allow to define heartbeat_interval for Octavia Health Manager
to configure sleep time between sending heartbeats.

Signed-off-by: Bogdan Dobrelya <bdobreli@redhat.com>
Change-Id: I306ceccd2b913ec39b2ddeff58ef7f19ccbc1170
2022-02-07 13:47:43 +01:00
Takashi Kajinami
f3646c1755 Clean up deprecated database parameters
Change-Id: If2d0dce800e767f7341b718a44af0edb97e26946
2022-02-07 19:46:45 +09:00
Takashi Kajinami
6732e2664d Simplify definition to ensure keystone resource creation
Use the whole resource type instead of its individual resources, to
rely on interface instead of implementation of the dependent module.

Change-Id: Ia6cc999d7a008dbd51b28b4c9bc869c723a8be83
2022-02-07 00:19:07 +09:00
Takashi Kajinami
c1c20ee0e8 Remove unused logic
The python-octaviaclient package is available in all distros we
currently support.

Change-Id: I7a0d4f170a2a58c635240ad7c305467df8f4af2e
2022-02-06 23:00:46 +09:00
Timothy Rice
be9130696f Allow wsgi script to be configurable
This is intended to be analogous to 1c7c146c917c5dbf51db378f8392cc328fe4632b and fa753eafe840ad1582e48442a975629e8694a058 for puppet-aodh.

Change-Id: I4ab78052d276dfb3c52cd13586065037e9b4a38f
2022-02-03 03:24:18 +00:00
Zuul
8f09984e5c Merge "Add support for more connection tunables in [haprpoxy_amphora]" 2022-01-24 08:45:43 +00:00
Takashi Kajinami
ca3c4cc1c1 Add support for more connection tunables in [haprpoxy_amphora]
This change adds support for the following tunable parameters in
the haproxy_amphora section.

 - active_connection_max_retries
 - active_connection_retry_interval
 - faiolver_connection_max_retries
 - faiolver_connection_retry_interval

Change-Id: I6a2686a4e33c75d863ae146a3af37d416e01a655
2022-01-16 11:04:48 +09:00
Zuul
d63fcd54a8 Merge "Fix dependency to purge default vhost config" 2022-01-12 16:27:25 +00:00
Takashi Kajinami
398ec47b02 Fix dependency to purge default vhost config
It turned out defining dependency for openstacklib::wsgi::apache
doesn't properly enforce resource order and the default vhost file
is not purged properly.
This change adds the more explicit dependency to enforce the order
properly.

Change-Id: I1db195cbbdf914b2592a4e7820d0d2680e630963
2022-01-11 18:52:40 +09:00