This change implements and enables by default quorum support
for rabbitmq as well as providing default variables to globally tune
it's behaviour.
In order to ensure upgrade path and ability to switch back to HA queues
we change vhost names with removing leading `/`, as enabling quorum
requires to remove exchange which is tricky thing to do with running
services.
Change-Id: I49f9a18430f4912fe3e2fda36da6ad2acf6dde35
While <service>_galera_port is defined and used for db_setup
role, it's not in fact used in a connection string for oslo.db.
Change-Id: If34f937fe46cc3a2f181324c011fa9c9082d41ad
By overriding the variable `masakari_backend_ssl: True` HTTPS will
be enabled, disabling HTTP support on the masakari backend api.
The ansible-role-pki is used to generate the required TLS
certificates if this functionality is enabled.
Depends-On: https://review.opendev.org/c/openstack/openstack-ansible/+/879085
Change-Id: I2ea927dbfd7c9164b0f4d5fb793164ce4ad17094
- Implemented new variable ``connection_recycle_time`` responsible for SQLAlchemy's connection recycling
- Set new default values for db pooling variables which are inherited from the global ones.
Depends-On: https://review.opendev.org/c/openstack/openstack-ansible/+/819424
Change-Id: I02997d0537ac24bdd261b8bce8f4a2e34e1db74a
This patch fixes an error encounter within the processmonitor. The
libvirt service name has been changed from libvirt-bin (doesn't exist)
to libvirtd. Tested on Ubuntu Server 20.04 (Focal).
Change-Id: I6f909cb0dec22db6b3ab05d2158ac6e0601f9ad3
With PKI role in place in most cases you don't need to explicitly
provide path to the CA file because PKI role ensures that CA is trusted
by the system overall. In the meanwhile in PyMySQL [1] you must either
provide CA file or cert/key or enable verify.
Since current behaviour is to provide path to the custom CA we expect
certificate being trusted overall. Thus we enable cert verification when
galera_use_ssl is True.
[1] 78f0cf99e5/pymysql/connections.py (L267)
Change-Id: I933e1edbd4260e2bd61bcceec3ddad8aea85353c
Definition of the host parameter has been deprecated in favor
of the hostname, which by default set to socket.gethostname().
Since instancemonitor started using hostname param, it should equal
to the names compute has in `compute service list`
To make this change backportable, we explicitly replace parameter to
avoid confusion about missing parameter.
Change-Id: I21c7c8cc90cb10afcc224c7cfb9c8c628e5a308b
We add 2 extra variables, to make corosync port configurable along with
enablement of ipmi checks.
Change-Id: I970bdaad0af79599d8a7c8cf95f89d273eb791de
Role default must use openstack bind address when provided, previous
behavior of masakari role was always bind 0.0.0.0
Change-Id: I813edb9ad9d054e1ca32f528b2e702d847cef023
As per the community goal of migrating the policy file
the format from JSON to YAML[1], we need to replace policy.json to
policy.yaml and remove deprecated policy.json.
config_template has been choosen instead of the copy, since it can
properly handle content that has been lookuped.
We make a separate task not to restart service when it's not needed.
[1] https://governance.openstack.org/tc/goals/selected/wallaby/migrate-policy-format-from-json-to-yaml.html
Change-Id: I8c89b6d193f221faad4db9e1d0b0152f262b823b
This is pretty problematic check as after each minor upgrade
it cause cycle nova-compute restart (and all hypervisors being down)
until masakari-processmonitor upgrade and restart.
Change-Id: Iacf5086ce6443b3504d582cd8c7a82dd1d4c7fb5
This patch aims to add a prefix for memcached_server
on each role to give the ability for deployers to
override the location of memcached cluster. I.e users
wants to create a single memcached cluster with k8s
for each service.
We also add pymemcache based on [1]
[1] https://review.opendev.org/711429
Change-Id: I5ce2be9e7a8a648cbb734a2e418d434e7991e298
This patch aims to migrate service from usage of regular syslog files
to journald. We also disable uwsgi logging, since it dublicates
requests that are logged by service itself.
Change-Id: I4168cd484ef52cc7b47efdbcc26d3d3550d28654
With this change masakari-monitors will be installed on hosts
which are in group masakari-monitor (supposed to be nova compute hosts)
hostmonitor depends on pacemaker with corosync, which are implemented by
https://github.com/mit-scripts/ansible-pacemaker-corosync
Masakari api/engine config was simplified and unneccesary defaults
were removed from it.
Role now uses default ``systemd_service`` role for systemctl configuration
Co-Authored-By: Jesse Pretorius <jesse.pretorius@rackspace.co.uk>
Implements: blueprint masakari-ansible-plugin
Change-Id: I334877c0111a45d3f3a74e7f56931786f4301713
The conf file was hard-coded, instead of using the right
vars. We fix that.
Change-Id: I17d6b412a79da110eeabe545385129baa9ea4d63
Co-Authored-By: Dmitriy R <dmitriy.r@sitevalley.com>
The variable is not used consistently. We fix every reference
to '/var/log/masakari' to refer to masakari_log_dir instead.
We also simplify the task which creates it to work whether
there is a symlink there or not.
Co-Authored-By: Dmitriy R <dmitriy.r@sitevalley.com>
Change-Id: Ibf579b6655ddee5cfc8c32ad6a500b4dc85468a8
The variable is not used consistently. We fix every reference
to '/etc/masakari' to refer to masakari_etc_dir instead.
Co-Authored-By: Dmitriy R <dmitriy.r@sitevalley.com>
Change-Id: I48eac7ffa55717fc57d0287719edbd56bcf21fac
This introduces oslo.messaging variables that define the RPC and
Notify transports for the OpenStack services. These parameters replace
the rabbitmq values and are used to generate the messaging
transport_url for the service. The association of the messaging
backend server to the oslo.messaging services will then be transparent
to the masakari service.
This patch:
* Add oslo.messaging variables for RPC and Notify to defaults
* Update transport_url generation in conf
* Add oslo.messaging to tests inventory and update tests
* Install extra packages for optional drivers
Change-Id: I127ce216cfb7b4d5755b8f0a68406bbd251fbdd2
According to [1], "auth_uri" has been deprecated.
This patch replace it by using "www_authenticate_uri" instead.
[1] https://review.openstack.org/#/c/508522
Change-Id: Ie5b27ccaa5ce50e54858ab0ccb8b845e9589e150