The purpose of this patch is to make it easier to
review changes, because renaming and changing the
file in one patch will generate diff when the entire
file will be deleted on the one hand and new file
(actually just renamed) will be new on the other hand,
which is hard to review.
Change-Id: I17a16ce746faa8898a457cadbb6f996f964a5b6f
Kolla Ansible is switching to OpenSearch and is dropping support for
deploying ElasticSearch. This is because the final OSS release of
ElasticSearch has exceeded its end of life.
Monasca is affected because it uses both Logstash and ElasticSearch.
Whilst it may continue to work with OpenSearch, Logstash remains an
issue.
In the absence of any renewed interest in the project, we remove
support for deploying it. This helps to reduce the complexity
of log processing configuration in Kolla Ansible, freeing up
development time.
Change-Id: I6fc7842bcda18e417a3fd21c11e28979a470f1cf
Config plays do not need to check containers. This avoids skipping
tasks during the genconfig action.
Ironic and Glance rolling upgrades are handled specially.
Swift and Bifrost do not use the handlers at all.
Partially-Implements: blueprint performance-improvements
Change-Id: I140bf71d62e8f0932c96270d1f08940a5ba4542a
Including tasks has a performance penalty when compared with importing
tasks. If the include has a condition associated with it, then the
overhead of the include may be lower than the overhead of skipping all
imported tasks. In the case of the check-containers.yml include, the
included file only has a single task, so the overhead of skipping this
task will not be greater than the overhead of the task import. It
therefore makes sense to switch to use import_tasks there.
Partially-Implements: blueprint performance-improvements
Change-Id: I65d911670649960708b9f6a4c110d1a7df1ad8f7
This patch introduces an optional backend encryption for Horizon and
Placement services. When used in conjunction with enabling TLS for
service API endpoints, network communcation will be encrypted end to
end, from client through HAProxy to the Horizon and Placement services.
Change-Id: I9cb274141c95aea20e733baa623da071b30acf2d
Partially-Implements: blueprint add-ssl-internal-network
Refactor service configuration to use the copy certificates task. This
reduces code duplication and simplifies implementing encrypting backend
HAProxy traffic for individual services.
Change-Id: I0474324b60a5f792ef5210ab336639edf7a8cd9e
Add copy ca file to horizon container.
because:
Could not find a suitable TLS CA certificate bundle,
invalid path: /etc/pki/ca-trust/source/anchors/kolla-customca-haproxy-internal.crt
Closes-Bug: #1867121
Change-Id: I64d4dbeebd53048705005b61eb3c5b2104e8f2ed
Signed-off-by: yj.bai <bai.yongjun@99cloud.net>
Variable added to evaluate "ENABLE_MONASCA" env for 'kolla/horizon'. In
case 'enable_horizon_monasca' is true, 'policy_item' would be called for
Monasca.
Change-Id: Ie9ecb8ab5d4e74af9b83a5b00ccced5b630ab1ed
Implements: blueprint monasca-ui
Signed-off-by: Hamed Bahadorzadeh <h.bahadorzadeh@gmail.com>
Sometimes as cloud admins, we want to only update code that is running
in a cloud. But we dont need to do anything else. Make an action in
kolla-ansible that allows us to do that.
Change-Id: I904f595c69f7276e71692696471e32fd1f88e6e8
Implements: blueprint deploy-containers-action
This commit adds the missing policy file for Octavia
in Horizon, thus enabling the panel where appropriate.
Change-Id: I60f1a52de71519f2d8bd84baa8aba5700fa75b1c
Currently, we have a lot of logic for checking if a handler should run,
depending on whether config files have changed and whether the
container configuration has changed. As rm_work pointed out during
the recent haproxy refactor, these conditionals are typically
unnecessary - we can rely on Ansible's handler notification system
to only trigger handlers when they need to run. This removes a lot
of error prone code.
This patch removes conditional handler logic for all services. It is
important to ensure that we no longer trigger handlers when unnecessary,
because without these checks in place it will trigger a restart of the
containers.
Implements: blueprint simplify-handlers
Change-Id: I4f1aa03e9a9faaf8aecd556dfeafdb834042e4cd
Qinling is an OpenStack project to provide "Function as a Service".
This project aims to provide a platform to support serverless functions.
Change-Id: I239a0130f8c8b061b531dab530d65172b0914d7c
Implements: blueprint ansible-qinling-support
Story: 2005760
Task: 33468
Currently, you cannot deploy custom policy files in horizon for disabled
openstack projects that don't have a horizon plugin.
This patch allows customizing disabled openstack projects policy files
used by horizon. For services that do not have horizon plugins, it
creates variables of the form `enable_*_horizon_policy_file` and sets
these to the relevant `enable_*` variables by default. This ensures
backwards compatibility.
This patch is useful when you are migrating to kolla-ansible from
another deployment method one openstack project at a time and you have
custom policy files deployed by the old method.
Partially-Implements: blueprint docs-migrating-to-kolla
Closes-Bug: #1809314
Change-Id: Ifc33ef65759fa4831c24d177b272af5b45f80931
This commit is to apply resource-constraints to a few more OpenStack services.
Commit to apply constraints to the last set of services will be made in
the upcoming commit.
Depends-on: Icafa54baca24d2de64238222a5677b9d8b90e2aa
Change-Id: I39004f54281f97d53dfa4b1dbcf248650ad6f186
Add become to all tasks that use the module "kolla_docker"
Change-Id: I4309c4011687b88ec31d739fd8f834fe2326ff10
Partial-Implements: blueprint ansible-specific-task-become
kolla-ansible should provide a mechanism to allow operators to overwrite
the default (or not exposed through configuration) options for the
local_settings.
local_settings.j2 may be good place to configure horizon but requires
operator to sync it every release.
custom_local_settings.j2 can be used to overwrite things from
local_settings.j2 without a need of syncing it first.
This patch also adds a release note and a documentation section
under the advanced configuration page.
Partial-Bug: #1769970
Depends-On: https://review.openstack.org/#/c/567006/
Change-Id: I84b54ba737276114e512d4577ac4b9010682bb98
- rename action and serial to kolla_ansible and kolla_serial
- use become instead of "sudo <command>" in shell
- Remove quota for failed_when and changed_when in rabbitmq tasks
Change-Id: I78cb60168aaa40bb6439198283546b7faf33917c
Implements: blueprint migrate-to-ansible-2-2-0
This patchset implements yamllint test to all *.yml
files.
Also fixes syntax errors to make jobs to pass.
Change-Id: I3186adf9835b4d0cada272d156b17d1bc9c2b799
- Horizon
This will copy only yaml or json policy file if they exist.
Change-Id: Ib8875ca54dc9dc69abc8338413f7724d9d4ecc45
Implements: blueprint support-custom-policy-yaml
Co-authored-By: Duong Ha-Quang <duonghq@vn.fujitsu.com>
Add become to only neccesary tasks in roles:
- glance
- heat
- horizon
- keystone
- neutron
- nova
- openvswitch
Gate is also updated to use 'become' feature
Change-Id: I2f3f27306e9f384148e1ad4d54d8da2ebef34d00
Partial-Implements: blueprint ansible-specific-task-become
This change [0] reverted designate dashboard change because
designate was not finished, we forgot to enable again.
[0] https://review.openstack.org/#/c/408714/
Change-Id: Ibaf7e5a5dc8cbef619d86a0f2b240d384984e8bd
In order to speed up deployment time some "local" actions should be run
only once using 'run_once: True'.
This will decrease deployment time in case of multihost configuration.
Change-Id: I6015d772d35c15e96c52f577013b6e41197cb41a
New dashboard plugins are included in horizon,
new custom policies support need to be added for
those services.
Change conditional check to apply changes when
horizon plugin is enabled, not the service itself.
Closes-Bug: #1664505
Change-Id: I67fcb88fd432b4c7554ddf24e76b28c3aab7c01f
Ansible's template action supports replacing horizon default config with
custom config, it should only add with_first_found param to
config.yml to support this.
Change-Id: I45b8eed5b8d6c4d42672d99e41bc4eff7023a26f
Closes-Bug: #1570677
Changes location of Horizon log, they will be stored on common log volume
kolla_logs.
Change-Id: Ie9d56999a83efd05ab7c3dcb00b4dc42c9bce8f8
Closes-Bug: 1560250