This adds the option to get the heat containers to log to stdout.
The option is disabled by default.
If enabled, It also adds a sidecar container that reads the apache
access logs.
bp logging-stdout-rsyslog
Depends-On: Iae6a86cb93305cb3307e058cfd31e0fca3b1be8e
Change-Id: Iac79232bc981fff365faa818afde72e38fc176fb
This adds the option to get the nova-libvirt container to log to stdout.
The option is disabled by default.
bp logging-stdout-rsyslog
Change-Id: Ie769b4d93f3bd728b7efb84d283509db8213b5fc
This adds the option to get the nova-compute container to log to stdout.
The option is disabled by default.
bp logging-stdout-rsyslog
Change-Id: Id09f4c439987ce3d668d53932e5a4dc6ee3b280d
nova-manage cell_v2 create_cell just uses a dumb string comparison to detect
when a cell already exists. If there is a slight difference (e.g ordering of
params in the db uri query string) it can result in duplicate cells.
With this patch we should detect that the default cell already exists and
update it to use the current transport_url/database_connection instead of
attempting to create a new cell.
Change-Id: If6a32e87b19cb0edf683144367701a115657ad0a
Closes-bug: 1718912
The compute service list is polled until all expected hosts are reported or a
timeout occurs (600s).
Adds a cellv2_discovery flag to puppet services. Used to generate a list of
hosts that should have cellv2 host mappings.
Adds a canonical fqdn and that should match the fqdn reported by a host.
Adds the ability to upload a config script for docker config instead of using
complex bash on-liners.
Closes-bug: 1720821
Change-Id: I33e2f296526c957cb5f96dff19682a4e60c6a0f0
I2b564610721152c4f4dab9da79442256ba8d0b33 unexpectedly switched the
default firewall driver for security groups from iptables_hybrid to
openvswitch for neutron-server. (openvswitch agent is still configured
for iptables_hybrid.) This made openvswitch ml2 mechanism driver to
disable hybrid bridges in vif details unless the agent explictly
requests it.
Good news is that openvswitch agent does request hybrid bridges if
its firewall driver has OVS_HYBRID_PLUG_REQUIRED set to True, which is
the case for iptables_hybrid, and we still configure firewall_driver to
iptables_hybrid for the agent, so it still worked out as if there was
no change for the driver. That being said, this all worked out by mere
chance, and so we should not rely on it.
Besides, changing default configuration to a driver that is not the
default one in integrated gate unnecessarily diverges tripleo from main
OpenStack components. And there is no established migration path between
those drivers for brown field deployments. Long story short, TripleO
should stick to neutron choices.
We could just remove the TripleO knob and allow puppet to do its job
(that would pick iptables_hybrid), but it's not backwards compatible
with existing users of the knob. The change doesn't remove the newly
introduced option to avoid breaking templates using it, but just falls
back to iptables_hybrid as default option.
Change-Id: Icf5d14f5d08973c1877c91ba12d93d4776513a08
For some reasonf that directory doesn't have r/x rights, so when
compress is ran as root, it can access config files in it, but when
horizon is run by apache, it can't, and expects different theme files,
thus failing with OfflineGenerationError. Giving apache access to that
directory fixes the problem and makes the custom theme work.
Closes-bug: #1730911
Change-Id: I53f6db23b036bc9b5a689bbac958550f384194c6
Add new CinderRbdExtraPools Heat parameter, which specifies a list of
Ceph pools for use with RBD backends for Cinder. An extra Cinder RBD
backend driver is created for each pool in the list. This is in addition
to the standard RBD backend driver associated with the CinderRbdPoolName.
The new parameter is optional, and defaults to an empty list.
Adding this feature requires changes in two areas:
o The extra Cinder RBD backends get created via a new Puppet parameter
o The Ceph client key that permits access to specific Ceph pools is
updated to allow client access to the extra RBD pools
Implements: blueprint multiple-cinder-rbd-backend
Depends-On: I3318b9eaef607d6992f9a8cb605817b6f76dd331
Change-Id: If410ed43b2cc70094a3274c1488833fcaae56cca
Ceilometer API, Collector and Expirer are removed from upstream,
so lets clean these deprecated services.
Change-Id: Ifd28a3029cd39644833ab0e9fc66efb7b5b67c9d
Since the undercloud is localhost, ansible skips ssh and just runs local
commands. That will cause problems when running ansible-playbook under
the mistral workflow because the mistral user can not use sudo. Set
become:false on all the undercloud plays as sudo is not actually needed.
Change-Id: I2980c584d2f4ee5c2de3720eecfc80cc43ee1fa6
implements: blueprint ansible-config-download
This adds the option to get the neutron containers to log to stdout.
The option is disabled by default.
bp logging-stdout-rsyslog
Change-Id: I0f9d201d93da702b702e7ecf4b43a6d705389846
This is required for nfs exports mounted by the nova_compute container to be
visible to nova_libvirt.
Depends-on: I8a63c044e15d7ca0f54654e9fc9c5d878461aa25
Change-Id: I55859e744e3c2ebbd6975c96b84b6b0774dc6700
Closes-bug: 1730533
When SELinux is enforcing, use the docker volume mount flag
:z for the docker-puppet tool's bind-mounted volumes in RW mode.
Note, if a volume mount with a Z, then the label will be specific
to the container, and not be able to be shared between containers.
Volumes from /etc/pki mounted RO do not require the context changes.
For those RO volumes that do require it, use :ro,z.
For deploy-steps, make sure ansible file resources in /var/lib/
are enforced the same SELinux context attributes what docker's :z
provides.
Partial-bug: #1682179
Related-bug: #1723003
Change-Id: Idc0caa49573bd88e8410d3d4217fd39e9aabf8f2
Signed-off-by: Bogdan Dobrelya <bdobreli@redhat.com>
During mysql initialization, mysql needs to be able to write in the
database directory.
Change-Id: I82c2e46f66ab01021cb910eb7e0d17c81b00fa09
Closes-bug: #1730349
This add two conditionals:
- first check that os-net-config needs upgrade
- second verify that the configuration file exist and non empty.
This prevent unnecessary run of os-net-config and error in certain
network configuration.
Change-Id: Ic905f7ed7e7fc9018bc494f77811392045fddfe8
Closes-Bug: #1730328
Juan Antonio Osorio Robles