Tooz 6.0.1 includes commit [1], which introduced
parsing the username from the Redis connection URL.
As a result, services started authenticating as admin
which, by the way, was incorrect even before, as either
a created user or the default one should have been used.
The reason it worked before is simply because the username
'admin' wasn't parsed anywhere.
This patch fixes the user being used and sets the correct
'default' one.
[1] https://review.opendev.org/c/openstack/tooz/+/907656
Closes-Bug: #2056667
Depends-On: https://review.opendev.org/c/openstack/kolla/+/911703
Change-Id: I5568dba15fa98e009ad4a9e41756aba0fa659371
Service user passwords will now be updated in keystone if services are
reconfigured with new passwords set in config. This behaviour can be
overridden.
Closes-Bug: #2045990
Change-Id: I91671dda2242255e789b521d19348b0cccec266f
* Remove docker's cluster-store option. This option was removed from
the latest version of docker so we removed it.
* Switch kuryr's capability_scope from "global" to "local". The "global"
scope relies on a cluster store but docker no longer supports it.
Change-Id: Ie62396184552938d099223f9d325a41c9a5067c3
Adds configurations and changes tasks to enable the
systemd plugin. Additionaly, the plugin is set to
read logs from the /var/log/journal directory
Implements: enable-fluent-plugin-systemd
Signed-off-by: Juan Pablo Suazo <jsuazo@whitestack.com>
Change-Id: Ic714a341befa5f906d9c0f78fa86f4c934df87cd
This avoids the need to use a proxy, or some other means, to connect to
Prometheus. This is disabled by default and can be enabled by setting
enable_prometheus_server_external to true.
Change-Id: Ia0af044ff436c2a204b357750a16ff49fcdfec45
Kolla Ansible should deploy Glance and Cinder Backup with
S3 backend support working out-of-the-box.
The S3 backend had been re-introduced in Ussuri after being
deprecated around the Mitaka timeframe, and having some local
object storage options is nice for testing..
Closes-Bug: #1977515
Change-Id: I4ca58382d1ee568bfca2ad108495422163f81260
Co-authored-by: Juan Pablo Suazo <jsuazo@whitestack.com>
Co-authored-by: Maksim Malchuk <maksim.malchuk@gmail.com>
This change adds basic deployment based on Podman
container manager as an alternative to Docker.
Signed-off-by: Ivan Halomi <i.halomi@partner.samsung.com>
Signed-off-by: Martin Hiner <m.hiner@partner.samsung.com>
Signed-off-by: Petr Tuma <p.tuma@partner.samsung.com>
Change-Id: I2b52964906ba8b19b8b1098717b9423ab954fa3d
Depends-On: Ie4b4c1cf8fe6e7ce41eaa703b423dedcb41e3afc
Adding missing group_vars for gnocchi service.
Using proper variables in haproxy config for vitrage and venus services.
Closes-Bug: #2038904
Change-Id: I06e8f29440c13864a866ea03ce0a0821fbe846f8
Adds the needed changes and configurations in
order to use the neutron plugin, tap-as-a-service,
to create port mirrors using `openstack tap` commands.
Implements: configure-taas-plugin
Depends-On: https://review.opendev.org/c/openstack/kolla/+/885151
Change-Id: Ia09e1f8b423d43c0466fe2d6605ce383fd813544
Signed-off-by: Juan Pablo Suazo <jsuazo@whitestack.com>
This change introduces haproxy_enable_http2 to let operators enable
http/2 on HAProxy frontends when kolla_enable_tls_external is enabled.
Change-Id: I2e00d3e9193a3052d43a228915ea249794490afe
Closes-Bug: #1850924
This commit adds the ironic-prometheus-exporter, following the
conventions used by the previously integrated exporters. '[The] Ironic
Prometheus Exporter is a Tool to expose hardware sensor data in the
Prometheus format through an HTTP endpoint.'[0]
Prometheus has been enabled in CI jobs to ensure test coverage.
[0] https://opendev.org/openstack/ironic-prometheus-exporter
Depends-On: https://review.opendev.org/c/openstack/kolla/+/874415
Change-Id: I6d421effd833d2e0524dd0b81736445c9a730ea9
Sets the variable ``om_enable_rabbitmq_high_availability`` to ``true``
by default. An upgrade will therefore require some manual steps to
migrate from transient to durable queues. Note that this will be
caught by this precheck:
https://review.opendev.org/c/openstack/kolla-ansible/+/880274
Also updates the CI upgrade jobs to perform this migration. This will
need to be removed in Caracal.
Related-Bug: #2031294
Change-Id: I26a70d4722aaa4663eced5f5337840474c7b961c
Use case: exposing single external https frontend and
load balancing services using FQDNs.
Support different ports for internal and external endpoints.
Introduced kolla_url filter to normalize urls like:
- https://magnum.external:443/v1
- http://magnum.external:80/v1
Change-Id: I9fb03fe1cebce5c7198d523e015280c69f139cd0
Co-Authored-By: Jakub Darmach <jakub@stackhpc.com>
ironic tftp service binds on 0.0.0.0. This may be
an issue in some setup. This patch propose a better
default, such as using the same listen address as
the dnsmasq service
Closes-Bug: #2024664
Change-Id: I0401bfc03cd31d72c5a2ae0a111889d5c29a8aa2
Replaces the instance label on prometheus metrics with the inventory
hostname as opposed to the ip address. The ip address is still used as
the target address which means that there is no issue of the hostname
being unresolvable. Can be optionally enabled or set to FQDNs by
changing the prometheus_instance_label variable as mentioned in the
release notes.
Co-Authored-By: Will Szumski <will@stackhpc.com>
Change-Id: I387c9d8f5c01baf6054381834ecf4e554d0fff35
Zuul