This change implements and enables by default quorum support
for rabbitmq as well as providing default variables to globally tune
it's behaviour.
In order to ensure upgrade path and ability to switch back to HA queues
we change vhost names with removing leading `/`, as enabling quorum
requires to remove exchange which is tricky thing to do with running
services.
Change-Id: I49f9a18430f4912fe3e2fda36da6ad2acf6dde35
While <service>_galera_port is defined and used for db_setup
role, it's not in fact used in a connection string for oslo.db.
Change-Id: If34f937fe46cc3a2f181324c011fa9c9082d41ad
With update of ansible-lint to version >=6.0.0 a lot of new
linters were added, that enabled by default. In order to comply
with linter rules we're applying changes to the role.
With that we also update metdata to reflect current state.
Depends-On: https://review.opendev.org/c/openstack/ansible-role-systemd_service/+/888223
Change-Id: I7163d2e68b1f0f97bd31d7734a99f74ed60b1bb5
By overriding the variable `masakari_backend_ssl: True` HTTPS will
be enabled, disabling HTTP support on the masakari backend api.
The ansible-role-pki is used to generate the required TLS
certificates if this functionality is enabled.
Depends-On: https://review.opendev.org/c/openstack/openstack-ansible/+/879085
Change-Id: I2ea927dbfd7c9164b0f4d5fb793164ce4ad17094
We don't pin packages in masakari role, so dependency on
apt_package_pinning role can be safely removed.
Change-Id: Ife81410d59e8a646aab741bc1a5ef01784bf13b0
Related-Bug: #1979145
At the moment we don't restart services if systemd unit file is changed.
We knowingly prevent systemd_service role handlers to execute
by providing `state: started` as otherwise service will be restarted twice.
With that now we ensure that role handlers will also listen for systemd
unit changes.
Change-Id: I3f17e680d1bf9e6e34de6b611db2a484eabbded9
This line has been here since the initial commit, but should already
be covered by the distribution_major_version line above.
Change-Id: If4f937f31f11e9b5c235dac6d8119bdc6905257c
With sphinx release of 5.0.0, they changed default for language variable
to 'en' from None. With that current None valuable is not valid and should
not be used.
Change-Id: Ib85d59a879972de4f5771335f1772447f39d0219
Use a first_found lookup instead of a with_first_found loop so that
the 'paths' parameter can be used.
This ensures that only vars from the role are included, and not vars
from a parent calling role. This can happen when a parent role has
a higher priority vars file available for inclusion than the role
it calls.
Change-Id: Id5beb6f4b7cafb1841cb2f1cb075cd04d911c456
- Implemented new variable ``connection_recycle_time`` responsible for SQLAlchemy's connection recycling
- Set new default values for db pooling variables which are inherited from the global ones.
Depends-On: https://review.opendev.org/c/openstack/openstack-ansible/+/819424
Change-Id: I02997d0537ac24bdd261b8bce8f4a2e34e1db74a
This patch fixes an error encounter within the processmonitor. The
libvirt service name has been changed from libvirt-bin (doesn't exist)
to libvirtd. Tested on Ubuntu Server 20.04 (Focal).
Change-Id: I6f909cb0dec22db6b3ab05d2158ac6e0601f9ad3
Since we still use ceph-ansible that has their own implementation of
config_template module it's worth to use mentioned module as a collection
explicitly.
Depends-On: https://review.opendev.org/c/openstack/openstack-ansible/+/819814
Change-Id: If9bed4699d5a7ab10b6a9779ae6fbde143b747b7
With PKI role in place in most cases you don't need to explicitly
provide path to the CA file because PKI role ensures that CA is trusted
by the system overall. In the meanwhile in PyMySQL [1] you must either
provide CA file or cert/key or enable verify.
Since current behaviour is to provide path to the custom CA we expect
certificate being trusted overall. Thus we enable cert verification when
galera_use_ssl is True.
[1] 78f0cf99e5/pymysql/connections.py (L267)
Change-Id: I933e1edbd4260e2bd61bcceec3ddad8aea85353c
We've created integrated linters check job a while back and it's successfully
working for several releases. At the moment we experience difficulties
with future maintenance of the linters check from the openstack-ansible-tests
repo. So instead of fixing current one, we replace it with modern version of
the test.
Change-Id: I0e6ded7eb4642e35ee88f4515aefec6c31f9937e
All references to Gentoo, SUSE, Debian stretch and Centos-7 are removed.
Conditional tasks, ternary operators and variables are simplified where possible
OS specific variables files are generalised where possible
Change-Id: Ia712d170740c748002aa44d921ade8750997f8f0
Masakari has added introspectiveinstancemonitor for a while, however it
has not bee implemented in OSA.
Change-Id: I3ae31a3518f5580aadcd9935dda9f1bdabb6ae7e
Definition of the host parameter has been deprecated in favor
of the hostname, which by default set to socket.gethostname().
Since instancemonitor started using hostname param, it should equal
to the names compute has in `compute service list`
To make this change backportable, we explicitly replace parameter to
avoid confusion about missing parameter.
Change-Id: I21c7c8cc90cb10afcc224c7cfb9c8c628e5a308b
We add 2 extra variables, to make corosync port configurable along with
enablement of ipmi checks.
Change-Id: I970bdaad0af79599d8a7c8cf95f89d273eb791de
Setuptools v54.1.0 introduces a warning that the use of dash-separated
options in 'setup.cfg' will not be supported in a future version [1].
Get ahead of the issue by replacing the dashes with underscores. Without
this, we see 'UserWarning' messages like the following on new enough
versions of setuptools:
UserWarning: Usage of dash-separated 'description-file' will not be
supported in future versions. Please use the underscore name
'description_file' instead
[1] https://github.com/pypa/setuptools/commit/a2e9ae4cb
Change-Id: I04790eabe9680a5b2d19a3e721920e5c8f00aa9e
Role default must use openstack bind address when provided, previous
behavior of masakari role was always bind 0.0.0.0
Change-Id: I813edb9ad9d054e1ca32f528b2e702d847cef023
As per the community goal of migrating the policy file
the format from JSON to YAML[1], we need to replace policy.json to
policy.yaml and remove deprecated policy.json.
config_template has been choosen instead of the copy, since it can
properly handle content that has been lookuped.
We make a separate task not to restart service when it's not needed.
[1] https://governance.openstack.org/tc/goals/selected/wallaby/migrate-policy-format-from-json-to-yaml.html
Change-Id: I8c89b6d193f221faad4db9e1d0b0152f262b823b
Since we copy all release notes to the integrated repo there is not need
in publishing release notes for each repository. We should only verify their
validity and linting.
Change-Id: I54e19c08c879665c1ed55541942fe2951d63f862
Instead of overriding each service separatelly it might make
sense for deployers to define some higher level variable that
will be used first or fallback to default variable.
Change-Id: Ie526c3fed0d6a1c706d5ef17e9c1bcb38418e861