This patch removes fluentd composable service in favor of rsyslog composable service
and modifies *LoggingSource configuration accordingly.
Change-Id: I1e12470b4eea86d8b7a971875d28a2a5e50d5e07
Use of show_multiple_locations in Glance should have been enabled
for the RBD backend only up to Mitaka.
Change-Id: I143d908bf1a5e55fff9a1c6833a978455eb15898
Closes-Bug: 1840138
Before we start services on upgraded bootstrap
controller (usually controller-0), we need to
stop services on unupgraded controllers
(usually controller-1 and controller-2).
Also we need to move the mysql data transfer
to the step 2 as we need to first stop the
services.
Depends-On: I4fcc0858cac8f59d797d62f6de18c02e4b1819dc
Change-Id: Ib4af5b4a92b3b516b8e2fc1ae12c8d5abe40327f
Allow to configure Apache MPM module for the containerized API/WSGI'ish
services running Apache as a backend. Change the default from 'prefork'
to 'event', which is a low level change and should provide no sensible
upgrade impact. This alleviates the related heartbeats threading issue
arising with the monkey-patched eventlet.
Merge the missing ApacheServiceBase config settings for Octavia API,
Horizon and Ironix PXE. This is needed to apply the base Apache
service hiera settings, including MPM module switches, for those
as well.
Related-bug: #1829062
Change-Id: Ia65af7a9d6ae106a61ec52912bebba72830d5f28
Signed-off-by: Bogdan Dobrelya <bdobreli@redhat.com>
The changes listed below provide a single unit of work required to
configure Apache backend for WSGI-based OpenStack API services
w/o conflicts causing containers startup failures.
W/o this change /etc/httpd/conf.modules.d/00-mpm.conf shipped with RPM
or other conflicting httpd modules might remain in the containers
and cause startup failures. While puppet removes such conflicts from
the configuration, f.e. when switching MPM 'prefork' to 'event', and we
expect it never gets into container configs.
Make kolla extended start properly enforcing the wanted state of
/etc/httpd, including conf.d and conf.modules.d, and also any of the
removed by puppet files, like conflicting Apache MPM modules.
Add container-puppet tasks to ensure apache MPM configs generated
before the main config steps that require Apache started in the
service container.
Additionally, ensure consistent mirroring across config-data
paths for the container-puppet tool. Purge obsoleted/irrelevant files
in the destingation (puppet-generated) before rsyncing new contents
into it.
Closes-Bug: #1835414
Change-Id: I3e5b4372a01b29bf13179d8a16acc36da9c5caab
Signed-off-by: Bogdan Dobrelya <bdobreli@redhat.com>
With [1], /etc/multipath.conf is configured for use by the multipath
daemon running in its own container. However, other containerized
services (such as cinder-volume) execute commands that also require
access to multipath.conf. This patch adds a volume mount to each
container that needs access to the file.
[1] https://review.opendev.org/665456
Related-Bug: #1834042
Change-Id: If76c935b288013c858e7d3e477021210d319547a
The tripleo-docker-rm role has been replaced by tripleo-container-rm [0].
This role will identify the docker engine via the container_cli variable
and perform a deletion of that container. However, these tasks inside the
post_upgrade_tasks section were thought to remove the old docker containers
after upgrading from rocky to stein, in which podman starts to be the
container engine by default.
For that reason, we need to ensure that the container engine in which the
containers are removed is docker, as otherwise we will be removing the
podman container and the deployment steps will fail.
Closes-Bug: #1836531
[0] - 2135446a35
Depends-On: https://review.opendev.org/#/c/671698/
Change-Id: Ib139a1d77f71fc32a49c9878d1b4a6d07564e9dc
Bind to 127.0.0.1 in case ipv6 is disabled. Set a hiera value
localhost_address, so that it can be used in tls_proxy.pp to
unambiguously connect to those services.
Change-Id: Ide761c21dc87dadc722e27c9b8a7b68194164cb2
Related: rhbz#1703460
When multiple Compute roles are used, admins may want to use different storage
backends on each role.
This change turns NovaEnableRbdBackend into a role specific param.
Any other config that is implicitly enabled by the global NovaEnableRbdBackend
now requires a dedicated param.
Co-Authored-By: ratailor@redhat.com
Change-Id: I9f40a2a3561fcb1d1fec9d9c3c1f9cabaf02650c
Implements: blueprint nova-backend-per-role
This is part 2 of a series of patches to properly deploy multipathd.
This patch configures /etc/multipath.conf, which is required by the
multipath daemon. The config file contents are managed using the
'mpathconf' tool instead of a puppet module, but a tiny puppet wrapper
is employed to take advantage of the tripleo tooling (e.g. restarting
the multipathd container whenever the config file changes).
Other changes include:
- Ensuring the multipath daemon isn't running on the host
- Preparing the /etc/multipath directory that must be shared by all
containers that use the service
- Adding a volume mount to services that need access to /etc/multipath
Closes-Bug: #1834042
Change-Id: Ib3ce0a753f7220c3ee2556425e9798b0c4a906f3
Remove references to RpcPort, RpcUserName, RpcPassword and
RpcUseSSL from all templates that do not actually use the parameter.
Change-Id: I295a7ae93feda24a179a53158ecfc633721bcd59
This converts all Docker*Image parameter varients into
Container*Image varients.
The commit was autogenerated with the following shell commands:
for file in $(grep -lr Docker.*Image --include \*.yaml --exclude-dir releasenotes); do
sed -e "s|Docker\([^ ]*Image\)|Container\1|g" -i $file
done
Change-Id: Iab06efa5616975b99aa5772a65b415629f8d7882
Depends-On: I7d62a3424ccb7b01dc101329018ebda896ea8ff3
Depends-On: Ib1dc0c08ce7971a03639acc42b1e738d93a52f98
These settings become mandatory in a multi-region deployment.
Updated settings for cinder, glance, heat, neutron and nova.
Change-Id: I15aa7ec663da4e29e935b5c4b5819307977f5682
The value for 'cinder_store_user_name' should be only user name
instead of tenant:username
Changing value of 'cinder_store_user_name' to 'glance' from
'service:glance'
Change-Id: Idbc3541564fb405d60cf3dcc01960fd5e0befb97
Closes-Bug: #1809104
UpgradeRemoveUnusedPackages is not used anymore. All packages are
supposed to be removed on undercloud upgrade to 14.
Change-Id: Ie6b739390ec0ae0c5773a5a6c63b49422195623a
When glance's image cache is enabled, configure the cron jobs to
periodically run the image cache's "cleaner" and "pruner". This ensures
the cache contents is properly maintained, and does not exceed the
size limit.
blueprint: split-controlplane-glance-cache
Change-Id: Ie358cce307420b5ec76bb95f90bc1ca7b97fe83b
This change combines the previous puppet and docker files into a single
file that performs the docker service installation and configuration.
With this patch the baremetal version of database service MySQL Client
has been removed.
Change-Id: I855524f30cfe3c8cdab6c52a67fba0dee157103d
Related-Blueprint: services-yaml-flattening
Previously the kolla config is merging the existing apache configuration
files in the container with our generated ones. This can lead to extra
configurations in the containers that we are not expecting. This change
updates the kolla configs to not merge the httpd conf.d folder so we only
end up with our expected configurations.
Change-Id: Ibb9bbeb12e73b2cf8887554f461873e42532edd7
Related-Bug: 1813084
Currently TripleO is completely unaware of the 4 glance
settings when cinder backend of glance is enabled.
To make the Image-Volume in the internal project accessible from
the Image service, the below parameters need to be set.
- cinder_store_auth_address
- cinder_store_project_name
- cinder_store_user_name
- cinder_store_password
Closes-Bug: #1809104
Depends-on: Ib19958577cdc4b829601018114ee0f564778c4da
Change-Id: I15f9c286798b74529a7b4b09d7e9353eb715f5b1
Ceph can store QCOW2 images but to be able to create Nova guests
from image snapshots the image format must be in RAW format,
otherwise Nova will download the QCOW2 image, convert it locally
and upload it back into the Ceph pool if the ephemeral storage is
also Ceph. This process slows down guest boot especially when
multiple guests are booted in parallel and consumes a lot of CPU
and network resources.
This change enables the Glance image_conversion plugin when the
Glance backend is set to 'rbd', which takes care of converting
the uploaded images into RAW format automatically when operators
use the glance 'import' command.
Change-Id: I9fc0758dbe64f3fcf0e990f4253151e9472a6ab6
Adding GlanceInjectMetadataProperties & GlanceIgnoreUserRoles to
inject metadata properties to the image with specific user roles
to be ignored for injecting metadata properties in the image.
Depends-on: I02482dff7b1412d6254ce82d80257ce26c23430d
Change-Id: Ie6504f73fd5f7492389d6c55a89c66b8ca568ef7
The /var/lib/glance service directory needs 'slave' propagation to handle
situations where an NFS mount performed in a host prep task is delayed
and doesn't finish until after the glance-api container is running. The
'slave' propagation was inadvertently lost in [1].
[1] I284126db5dcf9dc31ee5ee640b2684643ef3a066
Change-Id: Ib6c2028df861d350267a0408407775e7d5b24e18
Services that create iSCSI connections need to share the connection info
that gets created in /var/lib/iscsi. It's especially important that the
host has knowledge of *all* connections so that it can disconnect them
whenever the host shuts down or reboots.
Closes-Bug: #1810338
Change-Id: I803ed2ba9ff52f9a02c550a28d21cc9102568c8e
This change combines the previous puppet and docker files into a single file
that performs the docker service installation and configuration.
With this patch the baremetal version of glance services has been removed.
Change-Id: Ie2ac2072f0742ec5e521fc6e3734e89f8a007077
Related-Blueprint: services-yaml-flattening