There is now a recipe - not really a new one, it's "vncproxy" with some
attributes renamed - which handles the relevant packages and services
(Debian names confirmed to have been valid at least since Jessie,
Ubuntu and RHEL ones based on existing convention + review comments).
Furthermore, nova.conf is now populated with required enpoint information
- with hopefully sane default values of relevant attributes.
Finally, the attribute node['openstack']['compute']['console_type']
can be used to enable the desired console type; it defaults to 'vnc'
in accordance with default Nova configuration.
Signed-off-by: Marek Szuba <m.szuba@gsi.de>
Change-Id: I0996daddda6d21633930ba73e174f99775a9e0c9
In [0] we followed the release-note about using threads=1 for the nova-api
service, but missed that the nova-metadata and placement service are
affected by the same issue.
[0] Iebf78d24c57a069eabced1bf35051cbae5014902
Change-Id: I9107ca1a135ac090dc9cf80b5192eed4838595df
Update ChefSpec due to changes made in apache2 cookbook.
Depends-On: https://review.opendev.org/756168
Change-Id: I3ec792c519650b2d95a976ad50419a9b417a3514
Signed-off-by: Lance Albertson <lance@osuosl.org>
The current code tries to restart apache for every change to
/etc/nova/nova.conf even on compute nodes that do not have apache
installed. This changeset splits out the apache service resource into a
separate recipe that (unlike nova-common) is not included by the compute
recipe.
backport: stein
Change-Id: I87dda61dfabec460fe042b4cee21277382dd9487
The major change in this release is that the placement-api code base has been
removed from nova and put into it's own project called placement [1]. Users who
are coming from Stein will need to follow the upgrade guide [2] to properly
upgrade to the new service.
All attributes related to placement-api have been moved into their own files
including configuration file attributes for placement.conf.
Added:
- Template to manage /etc/placement/placement.conf
- Include openstack-compute::_nova_cell recipe to nova-setup so that the db
migrations happen properly
Changed:
- Update release to train
- Migrated from nova-placement-api to placement-api [1]
Fixed:
- Cookstyle & ChefSpec
- Ordering of db syncs which was causing issues for Train
- Set default['openstack']['compute']['syslog']['use'] to false by default
- Various comments
Removed:
- Removed references to nova-consoleauth which has been removed upstream [3]
- Removed references to xvpvnc which was removed upstream
- Unused .rubocop.yml and .rubocop_todo.yml
[1] https://docs.openstack.org/releasenotes/placement/train.html
[2] https://docs.openstack.org/placement/latest/admin/upgrade-to-stein.html
[3] https://docs.openstack.org/releasenotes/nova/train.html#prelude
Change-Id: I996bcd2f63a080e10fadf0c7adf9a0ddcb0b5c7a
Depends-On: https://review.opendev.org/731859
Depends-On: https://review.opendev.org/731860
Depends-On: https://review.opendev.org/731861
This adds some attributes for adjusting the thread counts for each wsgi
application. By default we use 10 threads, however for the api service, it needs
to be set to 1 due to this upstream issue [1]. In addition, increase the
processes for the api service to 6 to account for the reduction in threads.
[1] https://docs.openstack.org/releasenotes/nova/stein.html#known-issues
Change-Id: Iebf78d24c57a069eabced1bf35051cbae5014902
- Cookstyle fixes
- Refactor Berksfile to use groups so we can exclude integration testing
cookbooks
- Update documentation
- Cleanup line wraps
- Enable sensitive resources for the template[/etc/nova/nova.conf] to
resources improve security.
- Update delivery configuration to exclude integration cookbooks
- Fix ChefSpec output.
- Switch package installations to send packages as arrays instead of individual
package resources. This generally speeds up chef runs.
- Cleanup array syntax using %w() instead of []
- Add metadata to enabled_apis as that is the default upstream
- Switch to user resource for managing shell for nova user
- Switch to libvirtd instead of libvirt-bin for Ubuntu service name
Depends-On: https://review.opendev.org/701027
Depends-On: https://review.opendev.org/706151
Depends-On: https://review.opendev.org/708059
Depends-On: https://review.opendev.org/706157
Change-Id: I7e03fb9dace6e288a3b21f33106245b30b52ce9d
This brings us up to date with the latest apache2 cookbook which
included a major refactor in 6.0.0 removing all of the definitions and
recipe with proper resources. Instead of using the apache2_default_site
resource, directly use a template and then enable the config file using
the apache2_site resource. This gives us the most flexibility.
Additional fixes:
- Install mod_wsgi as a package on RHEL since there is no built-in
resource for it.
- Don't set SELinux to permissive on RHEL (I tested this works properly
with it set to enforcing).
- Remove hack for restarting apache.
- Convert web_app to template and subscribe to restarting apache.
- Remove resources to restore SELinux contexts since this taken care of
by Chef now automatically.
- Fix resource ordering in placement_api
- Improve ChefSpec tests
- Add missing placement_api RHEL tests
- Fix issues with chain file and cipher suite in in wsgi template
- Include additional cookbooks in Berksfile required for CI
Depends-On: https://review.opendev.org/702772
Depends-On: https://review.opendev.org/701824
Change-Id: Ib404ab6bfcae3340fd7f0f924539ca6c445b55cf
This updates all references of let(:chef_run) to cached(:chef_run) to
speed up tests. By doing this, we have to create a new cached(:chef_run)
block whenever we need to adjust node attributes for testing.
- Remove unused default recipe ChefSpec
- Formatting cleanup
Speed was improved from 7 minutes 17 seconds to 1 minute 34.18 seconds
Change-Id: I8bdde8b68371d25275aa78d9438f5aeff960062f
Python2.7 is going EOL soon, let us deploy python3 for Rocky from the
start, so we avoid having to switch later.
Depends-On: https://review.opendev.org/682918
Change-Id: Ia3adf776d48ebbf364530201f85307805a6b48d6
This uses edit_resource to add a notification in the nova-api,
nova-api-metadata and nova-placement-api apache configurations when one
of them gets updated. This is a workaround due to the fact we are using
a version of the apache2 cookbook that is still using definitions and
cannot add notifications with definitions.
This is intended to ensure we only restart apache when the configuration
is updated. Otherwise, the old behaviour was to restart apache on every
run which is problematic in production environments. I have been using
this in our production wrapper cookbook for the past year or so without
any issue.
This will be removed in the Stein release when we migrate to the newer
apache2 cookbook which uses proper resources.
Also amend the Berksfile to point to the new opendev.org location.
Change-Id: I55e6ea4124017e0f44f92f6a2fb01baad5a27555
Signed-off-by: Lance Albertson <lance@osuosl.org>
fog-openstack-1.x already appends "auth/tokens" so we no longer need to
do that. In addition, comment out endpoint type until this PR [1] gets
merged and released.
[1] https://github.com/fog/fog-openstack/pull/494
Depends-On: https://review.opendev.org/666176
Change-Id: I99dceff452695302865d267ca4cd5e8aa094ead5
Signed-off-by: Lance Albertson <lance@osuosl.org>
* removed all unused attributes
* removed vmware specific configuration option that can be set in a
wrapper cookbook (and was not maintained for quite some time)
* removed caseswitch for nova user and group since we currently only
support debian and rhel
* moved all libvirtd related config options to specific attribute file
in preparation for further refactoring
Change-Id: I42a0bbcd03a570b9d6d24ba32ed2cafacc33ec76
This patch removes the openstack_user resource with :grant_domain
action. A user is always created within a specific domain; such a
membership cannot be tacked on later. This resource gave the users
the role intended for their project for the domain (i.e., for the Default
domain instead of for the service project).
We add the domain_name attribute that creates the nova and placement
users in the desired domain. Note that this change needs a sufficiently
recent openstackclient cookbook -- otherwise the domain_name attribute
is ignored (which does not matter as long as the users are to be created
in the Default domain).
Change-Id: I333da4d0d93c8a0065c6c1001b5ebed8cd6eab5c
This patch removes the role_name when using openstack_user's :create
action (it gets ignored by the target method).
Note that the spec test would still pass if only the line in
identity_registration.rb (but not the test) were changed, because the
code that actually does grant the role to the resource is executed right
after user creation and before any tests check the resource for the
existence of the role_name attribute. In other words: if the argument
were required in a call but only supplied in another call, the spec
tests would not catch it. Something to watch out for.
Change-Id: I559ffa40c37f8e073a8e7fcb5186f2270e5ccd72
- Added basic cellv2 recipe, as it is required from Ocata on
- Style and lint fixes to support newer chefdk
- Rewrote metadata.rb for readability
- Removed ancient Gemfile
Change-Id: I97b453fc419bfbf01679dadf39a256b1f0f99859
The default content of api-paste.ini has changed, in particular we were
missing the http_proxy_to_wsgi filter allowing proper URL discovery.
Change-Id: Iaa968a963df5baf49116829f111ef4f46c4f8951
- nova-cert is deprecated and causes build failures if attempts to
utilize it are made.
- nova-placement-api package is prefixed with openstack- in RDO.
Change-Id: Iea2070467503f9a434e927e2580ef2b4135e98f7
Ubuntu has decided to change the group name from libvirtd to libvirt after
Xenial. This change is also in the libvirt packages from the Ocata UCA, so
we need to follow them here.
Change-Id: Ib87e9b5142b835c4be5e07b9d53e39b48b6f605e
The placement-api has been added by nova for the Newton cycle, it has
become mandatory for Ocata.
It is deployed as a wsgi app similar to what we have for keystone and
gnocchi already.
Change-Id: I1d1f1cc7046cb30a91894a0c884bc861d7f3dd95
The docker-setup receive has been unmaintained and untested for some
time now. The nova-docker project is also being removed from
OpenStack [1] and people are advised to look at deploying Zun as
a replacement.
This also avoids having to rewrite this receipe in order to remove the
use of the deprecated python cookbook.
[1] https://review.openstack.org/430232
Change-Id: Ia8c9db272c6a0353130fc93d446b385fd72ac250
Partial-Bug: 1558538
- Now use cookbook-openstackclient to create endpoints role service and
user
- added domain creation and access granting
- added values to work with identity_v3
- rewrote specs to work again
- added needed keystone_authtoken attributes + neutron
- updated readme
Change-Id: I84f850f32f25a318c3ed3c7337a0dfa6f641a5fe
Depends-On: I0f8955f05de9b33711c54b9a198f45018cceb8e1
Depends-On: I2d404a424bd79a6e9b282304e21591fa33a48981
Depends-On: If7b4d6e563081a0be9957353d73ef61a9688df56
* added sync for api_db (required in mitaka) and needed configuration options in
nova.conf
* made libvirtd_opts configurable in preparation for xenial and systemd on
ubuntu (libvirtd needs to be started with just -l option on xenial)
Change-Id: I6c01e45f10d75db96c95c0bb37b016ada2f5933f
Depends-On: Idf6645064a1c2f337f542b29a026969c7d35efbe
api-ec2 is being replaced by the `openstack-ec2` cookbook.
Change-Id: I5b4bc088bbf9a5061ed311d164dc381a3caca2d5
Depends-On: I2dbbafaf8641ece00d4181d1ea4ba93f00eed6ed
* cleaned up endpoint and bind interface attributes
* moved compute-ec2 attribute to compute-ec2-api
for clearness on which is public internal or admin
Change-Id: I16fb99ea2f865ea95b653c68fd5a42f15d039439
* endpoint type (admin, internal, public) and service (identitiy, network etc.)
was switched during refactoring, this patch reverts this unintended switching
* edited bind_service service type from public,internal,admin to 'all'
for default binding to just one service
Change-Id: Ia1785dc4ed7df88d0457e640fa0a668baccf12d5
Depends-On: I4f97b659361dabd7fac216305d2aad2f1bb98f51
Depends-On: I9bf230ba53d23ce11a32acaea2410572eaeb6123
Depends-On: Iec485deaf415e4187a323435cce2b6bbadfc5d42
Depends-On: Ia5bddfc5e2fd77cd6e9e855c680b079f78fc1c3f
* added endpoint attributes (moved from common)
* removed qpid as a messaging option (can be incuded in a wrapper)
* removed os-bare-metal dependencies
* deleted default attributes from nova.conf.rb originated in
openstack-common
* removed fedora and suse as supported platform
* adapted optimized endpoint logic
* removed rubocop exceptions in recipes and regenerated the
.rubocop_todo.yaml containing all remaining exceptions
* added versionbumb for refactored os-identity and common
* moved version up to 13.0.0 for mitaka release
* adapted the specs (unit tests) to work again
* refactored spec_helper.rb method "expect_creates_api_paste"
* added new logic into templates/default/nova.conf.erb
* refactored attributes throughout all recipes that were connected to
the attributes used for the nova.conf.erb template to adapt the new
template attribute syntax
* moved all attributes from attributes/default.rb that were used in
nova_conf.erb to attributes/nova_conf.rb
* refactored attributes to fit upcomming template logic
* refactored recipes/nova_common.rb to fit upcomming template logic
* removed all attributes from default.rb and nova.conf.erb which are set
as default in attributes, openstack doc and used to render the template
* removed nova-network as a supported config option
Depends-On: I9cc1b5cc069987ac83e064322c2291772505ff5f
Depends-On: Ifa5a7f4e1df47a3961976e64f654224864c3dcb4
Depends-On: I3262b2e6f792f37c32a446e6567790b82bdd4613
Depends-On: I0547182085eed91d05384fdd7734408a839a9a2c
Implements: blueprint cookbook-refactoring
Change-Id: I9ac9eeb29ab27f31394830e4b6f999d5870cc0e4
This attribute is not currently a part of the cookbook template.
Adding this attribute will allow operators to configure this option
which can reduce unecessary neutron requests in non OVS or Linux
Bridge deployments.
Closes-Bug:1499551
Change-Id: Ibcf6b7bb614d629926b7d1f50ac552a9d1b1e670