Allow to configure Apache MPM module for the containerized API/WSGI'ish
services running Apache as a backend. Change the default from 'prefork'
to 'event', which is a low level change and should provide no sensible
upgrade impact. This alleviates the related heartbeats threading issue
arising with the monkey-patched eventlet.
Merge the missing ApacheServiceBase config settings for Octavia API,
Horizon and Ironix PXE. This is needed to apply the base Apache
service hiera settings, including MPM module switches, for those
as well.
Related-bug: #1829062
Change-Id: Ia65af7a9d6ae106a61ec52912bebba72830d5f28
Signed-off-by: Bogdan Dobrelya <bdobreli@redhat.com>
The changes listed below provide a single unit of work required to
configure Apache backend for WSGI-based OpenStack API services
w/o conflicts causing containers startup failures.
W/o this change /etc/httpd/conf.modules.d/00-mpm.conf shipped with RPM
or other conflicting httpd modules might remain in the containers
and cause startup failures. While puppet removes such conflicts from
the configuration, f.e. when switching MPM 'prefork' to 'event', and we
expect it never gets into container configs.
Make kolla extended start properly enforcing the wanted state of
/etc/httpd, including conf.d and conf.modules.d, and also any of the
removed by puppet files, like conflicting Apache MPM modules.
Add container-puppet tasks to ensure apache MPM configs generated
before the main config steps that require Apache started in the
service container.
Additionally, ensure consistent mirroring across config-data
paths for the container-puppet tool. Purge obsoleted/irrelevant files
in the destingation (puppet-generated) before rsyncing new contents
into it.
Closes-Bug: #1835414
Change-Id: I3e5b4372a01b29bf13179d8a16acc36da9c5caab
Signed-off-by: Bogdan Dobrelya <bdobreli@redhat.com>
The tripleo-docker-rm role has been replaced by tripleo-container-rm [0].
This role will identify the docker engine via the container_cli variable
and perform a deletion of that container. However, these tasks inside the
post_upgrade_tasks section were thought to remove the old docker containers
after upgrading from rocky to stein, in which podman starts to be the
container engine by default.
For that reason, we need to ensure that the container engine in which the
containers are removed is docker, as otherwise we will be removing the
podman container and the deployment steps will fail.
Closes-Bug: #1836531
[0] - 2135446a35
Depends-On: https://review.opendev.org/#/c/671698/
Change-Id: Ib139a1d77f71fc32a49c9878d1b4a6d07564e9dc
ConfigParser in python3 is not happy with the default
config(contain %%) shipped with swift package[1]. So while applying
puppet manifest for swift-ringbuilder default config from
package is used(as swift_config tag doesn't exist in puppet-tags),
this patch adds it, so swift-ringbuilder uses the generated config
instead of package defaults.
[1] https://github.com/rdo-packages/swift-distgit/blob/rpm-master/swift.conf
Closes-Bug: #1836572
Change-Id: I737b85393e9ce13bda279dc0388bf27bd979af42
Bind to 127.0.0.1 in case ipv6 is disabled. Set a hiera value
localhost_address, so that it can be used in tls_proxy.pp to
unambiguously connect to those services.
Change-Id: Ide761c21dc87dadc722e27c9b8a7b68194164cb2
Related: rhbz#1703460
Ensure that the logging forwarding tasks do not fail in ansible check
mode, and we make sure the rsyslog_config is actually defined.
Change-Id: Ifaf692643f21f2ae30557b251ae58a9b32fbb143
Closes-Bug: #1835415
Once we remove the symlinks in update_staks, host_prep_tasks
would create those directories.
Assuming that minor update runs before upgrades, this should
take care of upgrades too.
Change-Id: Idabfec5f568a4e02900d103d23f4cb3c199e84c9
Related-Bug: #1833690
logrotate 3.14.0 silently ignores all files when
there is a broken symlink in the container.
Change-Id: I52a74c7b5473340e2afd240d7d6af9ad5bc97544
Closes-Bug: #1833690
Remove references to RpcPort, RpcUserName, RpcPassword and
RpcUseSSL from all templates that do not actually use the parameter.
Change-Id: I295a7ae93feda24a179a53158ecfc633721bcd59
This converts all Docker*Image parameter varients into
Container*Image varients.
The commit was autogenerated with the following shell commands:
for file in $(grep -lr Docker.*Image --include \*.yaml --exclude-dir releasenotes); do
sed -e "s|Docker\([^ ]*Image\)|Container\1|g" -i $file
done
Change-Id: Iab06efa5616975b99aa5772a65b415629f8d7882
Depends-On: I7d62a3424ccb7b01dc101329018ebda896ea8ff3
Depends-On: Ib1dc0c08ce7971a03639acc42b1e738d93a52f98
Evaluating ansible_check_mode as a bare variable is deprecated in
Ansible 2.8 and its support will be removed in 2.12.
Change-Id: I4d566bf8b7b3085d693fe94b53384e667f81b092
UpgradeRemoveUnusedPackages is not used anymore. All packages are
supposed to be removed on undercloud upgrade to 14.
Change-Id: Ie6b739390ec0ae0c5773a5a6c63b49422195623a
Using "cp -a" in a container might lead to SELinux failures, since this option
is a shortcut for "-dR --preserve=all". The "all" has the context, and we do
not allow SELinux relabelling within containers.
Splitting the "-a" to "-dR --preserve" will provide the same end results, but
without the relabelling, preventing audit.log to fill up during the deploy.
Closes-Bug: #1819459
Change-Id: Ic280ad8e95fcc32986987f5abaa524f171d7c13b
This change combines the previous puppet and docker files into a single
file that performs the docker service installation and configuration
for all swift services.
With this patch the baremetal version of each swift service has been removed
except for swift-dispersion which only exists in baremetal form.
Related-Blueprint: services-yaml-flattening
Change-Id: I7986efed381a2149bdff42526048ae72e0bf36c0