756ec498d3
Merge "Update Skyline configuration to enable SSO"
2024-04-19 17:14:36 +00:00
de1552b7d7
Merge "Fix incorrect condition in kolla_container_facts"
2024-04-15 15:13:32 +00:00
7f655d63ac
Merge "Configure log level field for the Grafana OpenSearch datasource"
2024-04-15 15:13:28 +00:00
065820aeba
Merge "Update Grafana OpenSearch datasource configuration"
2024-04-15 15:13:25 +00:00
345759c03d
Merge "ironic: disable heartbeat_in_pthreads"
2024-04-12 17:23:52 +00:00
3c3c517958
tests: Replace imp with importlib.machinery
...
It's needed for Python3.12 support, because imp has been dropped [1].
Also shlex dropped s=None support [2].
[1]: https://docs.python.org/3/whatsnew/3.12.html
[2]: https://github.com/python/cpython/issues/94352
Change-Id: I23f37897ea08ac708f6df485f699122df647e552
2024-03-29 05:16:51 +00:00
88aa51ac36
ironic: disable heartbeat_in_pthreads
...
inspector is not running as a WSGI
Related-Bug: #2054705
Change-Id: I20dbaef29b2ef2d6ceffc21c156c6fa4b5e8d205
2024-03-25 16:51:28 +01:00
372f725237
Merge "Fix installation of ovs-dpdk service"
2024-03-25 11:23:49 +00:00
4fc974d3df
Merge "Add conditionals for IPv6 sysctl settings"
2024-03-22 13:26:01 +00:00
8025341023
common: Fix fluentd labels when using Docker 26
...
Closes-Bug: #2058615
[1]: https://github.com/docker/cli/blob/v26.0.0/docs/deprecated.md#container-and-containerconfig-fields-in-image-inspect
Change-Id: I96ec812a482f017a48d978586c6f535fedd5fbe8
2024-03-21 08:21:32 +01:00
a7c8bcda2e
Fix incorrect condition in kolla_container_facts
...
Incorrect condition in Podman part prevented the retrieval
of facts of all the containers when no names were provided.
Closes-Bug: #2058492
Change-Id: I6d7f7ca0523eb17c7d9a9b93d2037bf77f2c2a47
Signed-off-by: Martin Hiner <martin.hiner@tietoevry.com>
2024-03-20 16:13:23 +01:00
0b820f10e0
Merge "Skyline configure Prometheus"
2024-03-19 15:41:51 +00:00
9874e775ec
Merge "Fix Skyline API Server TLS configuration"
2024-03-19 15:41:48 +00:00
338b570602
Merge "Revert "zun: Deprecate Zun provisionally""
2024-03-19 15:37:30 +00:00
238ceea44f
Merge "Zun: remove docker's cluster-store option"
2024-03-19 15:37:28 +00:00
deb08630fc
Fix installation of ovs-dpdk service
...
This patch fixes ovs-dpdk script as options
in DPDK changed and PCI whitelist config changed
from '-w' to '-a' as per [1].
[1] db27370b57#2058372
Change-Id: Iae812a4a255c13a42b2d6a691e265922d220f4c8
2024-03-19 11:44:57 +01:00
7102c9cc9c
Configure log level field for the Grafana OpenSearch datasource
...
Change-Id: Ic38469661323fbce438c70bd1b9301e9f7db8030
2024-03-18 21:10:59 +00:00
38673b269b
Merge "Allow customizing of Skyline configuration"
2024-03-18 08:24:28 +00:00
ba9a454304
Fix Skyline API Server TLS configuration
...
Closes-Bug: #1998417
Change-Id: Ib6c725880caaa7f39bb269bd8398f3894eb033c5
2024-03-18 06:40:49 +00:00
a4e6e58e4e
Update Skyline configuration to enable SSO
...
Change-Id: I5b4a30e605bb143cf342f83f0c811c25046269ef
2024-03-15 20:18:29 +01:00
9afc9da226
Update Grafana OpenSearch datasource configuration
...
Updates the Grafana OpenSearch datasource configuration to use values
for OpenSearch that work out of the box.
Closes-Bug: #2039500
Change-Id: Id9c7e59e6ae1dd98176c68b14a2aff1985306751
2024-03-15 16:04:45 +00:00
57a11260f0
octavia: add missing bool to the enable_octavia_jobboard parameter
...
Closes-Bug: #2058046
Change-Id: I9304f3546b20c0406e195163dccb1433fe802204
2024-03-15 16:40:39 +01:00
21543fefb9
Merge "Fix images pull in ovs-dpdk role"
2024-03-14 18:43:49 +00:00
bffed1ab68
Merge "Bump ansible-core versions to 2.15 and 2.16"
2024-03-14 11:13:42 +00:00
b04486df07
Bump ansible-core versions to 2.15 and 2.16
...
Change-Id: Iab40eb92c7e4a9092471bef9d4477a4fa34f1c85
2024-03-14 06:13:38 +00:00
465f6ce298
Merge "rabbitmq: Add 3.12 feature flags (for upgrade to 3.13)"
2024-03-13 18:29:00 +00:00
9301e82d7b
Add conditionals for IPv6 sysctl settings
...
This way the playbooks won't try to set ipv6 systemctl options
unless ipv6 is available on the system.
Closes-bug: #1906306
Change-Id: Icccfc1c509179c3cfd59650b7917a637f9af9646
2024-03-13 09:47:29 +01:00
7bb50ee05e
rabbitmq: bump wait timeout to 60 seconds
...
Closes-Bug: #2057676
Change-Id: I9e0287a4e80b1ebcecf9e3b66c11d4233970a30b
2024-03-12 14:48:41 +00:00
a81a53092d
Fix images pull in ovs-dpdk role
...
This patch fixes ovs-dpdk images pull by adding
the variable kolla_role_name to the ovs-dpdk vars, so
services-image-pull can work correctly.
Closes-Bug: #2041864
Change-Id: I2e799290a57ebfacbc0ff9a0b1ca3dc956c513df
Signed-off-by: German Espinoza <gespinoza@whitestack.com>
2024-03-12 10:09:37 +01:00
13dd9309df
Skyline configure Prometheus
...
Change-Id: I0a086c59076120aa53e6a05526dbab88e393c1c7
2024-03-11 18:08:41 +01:00
8c760d38a0
Fix creation of ovs bridges
...
This patch fixes the creation of the openvswitch
bridge by fixing an ansible task that was rewritten
to use an ansible module, but unfortunately, its loop
was implemented incorrectly.
Closes-Bug: #2056332
Change-Id: Ia55a36c0f9b122b72d757ca973e7d8f76ae84344
2024-03-11 09:49:51 +01:00
59da07920b
Fix coordination when redis used
...
Tooz 6.0.1 includes commit [1], which introduced
parsing the username from the Redis connection URL.
As a result, services started authenticating as admin
which, by the way, was incorrect even before, as either
a created user or the default one should have been used.
The reason it worked before is simply because the username
'admin' wasn't parsed anywhere.
This patch fixes the user being used and sets the correct
'default' one.
[1] https://review.opendev.org/c/openstack/tooz/+/907656
Closes-Bug: #2056667
Depends-On: https://review.opendev.org/c/openstack/kolla/+/911703
Change-Id: I5568dba15fa98e009ad4a9e41756aba0fa659371
2024-03-11 09:49:01 +01:00
a7dd2425ec
Merge "prometheus: Add friendly instance labels for ironic and alertmanager"
2024-03-06 12:27:58 +00:00
b2a187e84e
rabbitmq: Add 3.12 feature flags (for upgrade to 3.13)
...
As per [1].
[1]: https://rabbitmq-website.pages.dev/docs/feature-flags
Depends-On: https://review.opendev.org/c/openstack/kolla/+/911093
Change-Id: Ib5bfc99a5023e4b949c1ea38eca9bfd1ea9cd633
2024-03-05 12:05:10 +00:00
2185be008e
Allow customizing of Skyline configuration
...
Change-Id: I84cc5ce25da2fcfe4f284d8b3197f40d3a6d7ce1
2024-03-05 09:17:00 +01:00
4d40c9e68f
Adds feature flag for ironic-inspector in bifrost
...
This is useful for backwards compatability.
Depends-On: https://review.opendev.org/c/openstack/kolla/+/909865
Change-Id: Ib2936580db5e7ab3479722bc353c39063010b5f2
2024-02-28 14:59:29 +00:00
10f0e9ddef
prometheus: Add friendly instance labels for ironic and alertmanager
...
These were omitted from I387c9d8f5c01baf6054381834ecf4e554d0fff35 and
I387c9d8f5c01baf6054381834ecf4e554d0fff35.
Closes-Bug: #2041855
Change-Id: I25e5450d1caeebd9c900c190fc0079988f1ca574
2024-02-28 12:16:32 +00:00
e513ddd982
Merge "Adjust Ceph metrics scrape interval in Prometheus"
2024-02-27 11:59:32 +00:00
ce3a6aff09
Merge "Fix gnocchi-metricd when TLS and Swift enabled"
2024-02-21 16:02:52 +00:00
d30fb56c2a
Merge "Remove the `grafana` volume"
2024-02-20 17:25:50 +00:00
ff63af4e65
Merge "cinder: Stop using admin service token"
2024-02-20 14:24:34 +00:00
3c77151225
Merge "Revert "Disable new defaults and scope for Ironic (RBAC)""
2024-02-19 12:43:31 +00:00
311fd881e4
Merge "Template system scoped admin-openrc and clouds.yml files"
2024-02-19 12:40:06 +00:00
33129b7554
Merge "Add service role to ironic service users"
2024-02-19 12:40:03 +00:00
a6fa564499
Merge "Ironic: enable elevated access for project scoped service role"
2024-02-19 12:40:00 +00:00
c51fbfdd8b
Revert "Disable new defaults and scope for Ironic (RBAC)"
...
This reverts commit d77372e86ahttps://review.opendev.org/c/openstack/ironic/+/907148
Closes-Bug: #2051837
Change-Id: I49664e3a353f54e0d51f454c552a78846ba64101
2024-02-15 15:14:56 +00:00
6e835ae758
Template system scoped admin-openrc and clouds.yml files
...
Ironic enabled secure RBAC with system scoped enforcement [1].
Some API calls, for instance 'baremetal:driver:get' needs system
scope role by design [2], even with elevated access project scope
service role [3].
[1] https://review.opendev.org/c/openstack/ironic/+/902009
[2] 8ec5606622/ironic/common/policy.py (L1349-L1357)https://review.opendev.org/c/openstack/kolla-ansible/+/908007
Related-Bug: #2051837
Change-Id: Id6313d7dd343b82d4c9ccf7bf429d340ea0e93d1
2024-02-15 15:01:59 +00:00
0dac9eb93d
Merge "Fix mariadb role when used with check mode"
2024-02-15 14:13:18 +00:00
600e912400
Add service role to ironic service users
...
Add the service role to ironic service users. Ironic recently enforced
new policy validation as part of the RBAC efforts. [1][2]
Service user support was also added to Ironic. [3]
Admin role needs to stay as not all services added service role support. [4][5]
[1] https://review.opendev.org/c/openstack/ironic/+/902009
[2] e2a47de10a/goals/selected/consistent-and-secure-rbac.rst (phase-2)https://review.opendev.org/c/openstack/ironic/+/907148
[4] https://review.opendev.org/q/topic:bp%252Fpolicy-service-role-default
[5] https://review.opendev.org/q/topic:%22New-Location-Apis%22
Related-Bug: #2051837
Change-Id: I048402c2247188cf57f35437f557f84ac25d4ff2
2024-02-15 14:05:52 +00:00
121aa3d258
Ironic: enable elevated access for project scoped service role
...
Ironic recently started to enforce new policies and scope [1].
And Ironic is one of the sole openstack project which need
system scope for some admin related api calls [2].
However Ironic also started to allow project-scope behaviour
for service role with setting
``rbac_service_role_elevated_access``[3] [4]. This change enables
this setting to get similar behaviour of service role as other
openstack projects.
[1] https://review.opendev.org/c/openstack/ironic/+/902009
[2] e2a47de10a/goals/selected/consistent-and-secure-rbac.rsthttps://review.opendev.org/c/openstack/ironic/+/907148
[4] 8ec5606622/releasenotes/notes/service-project-service-role-fix-e4d1a8c23856926a.yaml#2051837
Change-Id: If8d7cf1663145d0398a2e936486e2b316d4df5e0
2024-02-15 15:04:06 +01:00
Zuul