We currently do not enable debug for the l3, l2gw or dhcp agent if the
debug flag is set to true. This fixes the templates to support enabling
debug for these agents either via the global Debug setting or a specific
debug setting.
Change-Id: I0a44bfc27b306bfb08dab0656e3362503f07d6b3
Related-Bug: #1731063
Disabled fwaas plugin to prevent deployment crashing with horizon in
continuous restarting state due to missing image.
Change-Id: I44140f04ba793a039f6032739b64794ae7ad084d
Closes-bug: 1732937
These were hardcoded, even though the rest of the network-related bits
were dynamically generated with jinja.
This will end up creating the same entries as before, skipping the VIP
for the Tenant network and the Management network (which is not included
in the default roles). Also, the external network will now have an extra
hiera entry called external_virtual_ip, besides the public_virtual_ip.
They will have the same value, however, external_virtual_ip is
automatically generated as opposed to the public_virtual_ip. Hopefully
we can remove the instance of public_virtual_ip at some point and rely
on the automatically generated entries only.
Change-Id: I7f5285e2936b2158a4a8a5edc97a6a09f891fb1a
Related-Bug: #1732457
Docker services are missing the pre-upgrade validation task
in the upgrade_tasks section which verifies if the service
is running before going on with the upgrade.
Change-Id: I0df382206bd27343455a6ad18fa2df1eea74a1f5
Partial-Bug: #1704389
This adds the option to get the HAProxy container to log to stdout.
The option is disabled by default. If enabled, It also adds a sidecar
container that reads from syslog and outputs what it gets to stdout.
bp logging-stdout-rsyslog
Change-Id: Ica819713aa50352ba04a748c463534d982e00538
This introduces a "sidecar" container, which is meant to be used
besides other containers (or as part of the pod). It merely uses
rsyslog to listen on a specific UNIX socket and outputs what it
gets to stdout.
This adds the service to each relevant role and introduces a
composable service which merely configures the container. Subsequently
it'll be used as part of other templates.
Note that it is only enabled if "stdout logging" is enabled.
bp logging-stdout-rsyslog
Depends-On: I4864ddca223becd0a17f902729cf2e566df5e521
Change-Id: I2c54acaaa820961c936f1fbe304f42162f720496
The Iscsid service uses puppet to update the IQN of each node, so that
all overcloud nodes have a unique IQN. When Iscsid is containerized,
the new IQN is captured in the "puppet-generated" directory, and made
available to other containers using bind mounts.
However, any non-containerized service that uses the IQN will be seeing
the host's value, instead of the new value made available to the
containers. This IQN mismatch between containerized and non-containerized
services will cause failures, typically with authentication.
The problem is resolved by adding a bind mount to Iscsid's puppet_config
that allows the iscsid container to update the host's IQN.
Change-Id: I1cbcb858754cc4792a085438eb28f2476245228c
The neutron metadata agent isn't currently configured for debug when the
global debug flag is enabled. Additionally add a flag to just configure
debug for the metadata agent itself.
Change-Id: I7ef636b8ad4c6fe4f05970c41c05d522a0f0d892
Related-Bug: #1731063
This was supposed to be in I6b36db7b7ce8b3e4da566eb7828d0c3b8646a14f
but i missed it on the edit because memcached doesn't have its own
directory, so it didn't match the regex i created to edit the
patch. Apologies for the patch churn on this. This fix has been
directly incorporated into I6b36db7b7ce8b3e4da566eb7828d0c3b8646a14f
backport, so we at least won't need to backport this oneliner.
Change-Id: I31d8adf72ea6c3544e534dca57c5c415e2908674
Partial-Bug: #1730957
These were hardcoded, even though the rest of the network-related bits
were already dynamically generated with jinja.
Change-Id: I8b9e36cbc355065a9117b0a5c5b46afd6ee25d58
Closes-Bug: #1732457
Define the zuul v3 layout for jobs that we want to execute.
Change-Id: I149322f4b6d5c066eb345618445143df43607765
Depends-On: Ie8aa85fe7a8ee556cc1b46e215d329e95913290c
Step config is only required within the puppet_configs section
of docker/services/*. This patch drops the top level 'step_config'
and updates the unit tests accordingly.
Change-Id: I7dc7cfae3ef1965ec95b1d9ef23e7f162418c034
Also touches ceph-ansible/ceph-base.yaml to make sure this is
tested by scenario001
Change-Id: I7a7beea36669a79662f384315a3fbd19c958de8a
Related-Bug: #1715389
Pass mode parameter to ceph-ansible for Ceph keyrings on container
host. Pass mode and ownership parameter to each Ceph client container
using kolla_config. ACLs are set for Cinder if it is not running in
containers.
Change-Id: I11618b3fd696739ad9b86618a1f3f96570c61a30
Partial-Bug: #1720787
Deployers can change the network that a service is running on through
the ServiceNetMap. A common change is to switch the keystone admin API
to run in the external network instead of the ctlplane network. Doing
this in a TLS everywhere environment breaks, since we were explicitly
skipping the external network.
This no longer skips that network, thus enabling this use-case.
Change-Id: I488517528a77a257dede2f59488bb95ffc77743b
Closes-Bug: #1732443