Commit Graph

54 Commits

Author SHA1 Message Date
Dmitriy Rabotyagov 8499e1713e Switch default provider to amphorav2
Amphorav1 has been deprecated and is removed early at the
beginning of the 2023.2 cycle. With that Antelope is perfect time for
switching the default.

[1] 6c0515c988

Change-Id: I133f20a6d971832138708101e6a8380d23e75cf2
2023-04-24 16:16:20 +02:00
Dmitriy Rabotyagov cea4f2e358 Change default CIDR for security_group
At the moment security group allows to access Amphora SSH/API
from any network which is insecure. We're changing default for
security groups to allow access only from Octavia Management
network.

Change-Id: I6ea6ab4ec1c28a3b354d40f6744434eefb05fcfe
2023-04-19 09:51:08 +00:00
OpenStack Release Bot 4a686acc56 Update master for stable/zed
Add file to the reno documentation build to show release notes for
stable/zed.

Use pbr instruction to increment the minor version number
automatically so that master versions are higher than the versions on
stable/zed.

Sem-Ver: feature
Change-Id: I68231d7943454098b344fa51f75bdec7e2efa3ee
2022-12-13 13:19:03 +00:00
Zuul 910128fa7c Merge "Change defaults for octavia topology and affinity" 2022-12-12 18:25:08 +00:00
Zuul 21e174c25b Merge "Add coordination to octavia" 2022-12-12 15:34:04 +00:00
Dmitriy Rabotyagov b1a5d10f33 Change defaults for octavia topology and affinity
In most of production deployments it's preferable to have ACTIVE_STANDBY
topology with enable anti-affinity to ensure that loadbalancer
can survive compute node downtime and won't lead to service disruption.

Without these settings it will take quite some time to re-spawn failed
Amphora.

Depends-On: https://review.opendev.org/c/openstack/openstack-ansible/+/866061
Depends-On: https://review.opendev.org/c/openstack/openstack-ansible/+/867052
Change-Id: I4fa437117dce1c973512c09b1bc7d43d411276da
2022-12-10 19:10:49 +00:00
Dmitriy Rabotyagov aeb1dbf1dd Add coordination to octavia
This also enables usage of amphorav2 when coordination is
available.

Depends-On: https://review.opendev.org/c/openstack/ansible-role-zookeeper/+/867049
Depends-On: https://review.opendev.org/c/openstack/openstack-ansible/+/867052
Change-Id: I1234d36c58da3f6754cda1951ee4cc49f979ae0c
2022-12-08 20:47:00 +00:00
Bjoern Teipel 2f1a3b4db1 Adding octavia_provider_network_mtu-parameter parameter
The `octavia_provider_network_mtu-parameter` defaults to 1500
to not accidentially use `global_physnet_mtu` on deployment with
large MTU settings

Change-Id: I9fa33c5ee76197191f1e66b7a70a4c1c0a5fa394
2022-11-25 16:32:24 +00:00
siavash sardari 3e10d40b10 Add flexability for octavia cinder variable.
Introduces 3 new variables cinder_default_availability_zone, octavia_cinder_volume_size and octavia_cinder_volume_type. using these variables, enables Octavia to use different Cinder configurations.

Change-Id: I8162e83d39075cd99c516b84c39ed868306283c3
2022-05-23 12:52:04 +04:30
Jonathan Rosser d736c64072 Remove legacy db pooling variables
Change-Id: I7f7e9a5a4a12afff994f548abff2482818a43ccb
2022-02-01 04:20:55 -05:00
Damian Dabrowski 6353f2f747 Database connection pooling improvements
- Implemented new variable ``connection_recycle_time`` responsible for SQLAlchemy's connection recycling
- Set new default values for db pooling variables which are inherited from the global ones.

Depends-On: https://review.opendev.org/c/openstack/openstack-ansible/+/819424
Change-Id: I7804ec93d6ec82249f4d81ccec3ab02c4bc8a233
2021-12-04 09:33:28 +02:00
Marcus Klein 50b83c7927 Omit amp_ssh_access_allowed and remove amp_image_id options.
Octavia complains about option amp_ssh_access_allowed to be deprecated. See
https://docs.openstack.org/octavia/ussuri/configuration/configref.html#controller_worker.amp_ssh_access_allowed
The octavia_ssh_enabled OSA variable is instead used to either write the
amp_ssh_key_name configuration option or not.

The configuration option amp_image_id in Octavia is deprected and image tags
should be used instead. Therefore octavia_amp_image_id is removed.

Change-Id: Ibd5f3d2ca25f9bb880b0c535c59ef430bd1043be
2021-04-01 20:16:24 +02:00
Andreas Jaeger 9ce36dc684 Use newer openstackdocstheme and reno versions
The sync from https://review.opendev.org/733244 updated to
openstackdocstheme 2.2.1 and reno 3.1.0 versions.

Set openstackdocs_pdf_link to link to PDF file. Note that
the link to the published document only works on docs.openstack.org
where the PDF file is placed in the top-level html directory. The
site-preview places the PDF in a pdf directory.

openstackdocstheme renames some variables, so follow the renames
before the next release removes them. A couple of variables are also
not needed anymore, remove them.

See also
http://lists.openstack.org/pipermail/openstack-discuss/2020-May/014971.html

Change-Id: I495d48d0c2a9d83e987bf04abc78fbd15fd6a761
2020-06-03 20:03:13 +02:00
OpenStack Release Bot c170f2f9a5 Update master for stable/ussuri
Add file to the reno documentation build to show release notes for
stable/ussuri.

Use pbr instruction to increment the minor version number
automatically so that master versions are higher than the versions on
stable/ussuri.

Change-Id: I1043326e92d2a06284dc3ca482d7e0cd3ff75886
Sem-Ver: feature
2020-06-01 13:17:19 +00:00
Andreas Jaeger 1119512f06 Update docstheme for style
New version of openstackdocstheme (Victoria+) respects pygments_style.
Since this repo is using now Victoria (master) requirements but has
not branched for Ussuri yet, it uses the new version.

Change pygments_style to 'native' since old theme version always used
'native' and the theme now respects the setting and using 'sphinx' can
lead to some strange rendering.

Change-Id: I65977a52f4bc9ffb8b7e1b3f7ecb147b8a64d488
2020-05-20 18:50:39 +02:00
liushuobj 0703ab8d17 fix a typo
Change-Id: I686d898510f4c65e014b9a506741d63131a38d22
2019-12-27 09:52:22 +08:00
Dmitriy Rabotyagov fa7b62fca2 Replace git.openstack.org with opendev.org
This patch replaces git.openstack.org with opendev.org as redirection
from old path was enabled.
Also we change upper constraints url due to [1]

[1] http://lists.openstack.org/pipermail/openstack-discuss/2019-May/006478.html

Change-Id: I7d232d94f9c4e9f6493045245f60475f233b185d
2019-11-14 18:02:58 +02:00
OpenStack Release Bot a08b5d8b2f Update master for stable/train
Add file to the reno documentation build to show release notes for
stable/train.

Use pbr instruction to increment the minor version number
automatically so that master versions are higher than the versions on
stable/train.

Change-Id: Iff4de9801df9518906e0ad8c261965a6c1253c58
Sem-Ver: feature
2019-10-22 19:01:00 +00:00
pengyuesheng 0b695186d9 Bump the openstackdocstheme extension to 1.20
Some options are now automatically configured by the version 1.20:
- project
- html_last_updated_fmt
- latex_engine
- latex_elements
- version
- release.

Depend-On: https://review.opendev.org/#/c/672904/

Change-Id: Ib07384ce3098ce40567a5a6937ea763236cebae1
2019-09-20 13:51:27 +00:00
Zuul ae5edf5593 Merge "Add cinder volume support" 2019-09-20 08:37:54 +00:00
Maksim Malchuk d1380ea167 Create mgmt subnet with gateway if provided
This change adds the ability to create the mgmt subnet with default
gateway when the specified variable provided.

Change-Id: Ief7f60972c62388cee1f579e8988c4ba57c8fb65
Signed-off-by: Maksim Malchuk <maksim.malchuk@gmail.com>
2019-09-15 09:02:54 +00:00
Maksim Malchuk aa45cb8310 Add cinder volume support
Since I8181ed696b9ab556e7741c08839d79167aff8350 were merged we need to add
support for the Cinder Volume here. By default this functionality is
disabled. To enable it change the option 'octavia_cinder_enabled' to True.
To override default settings use 'octavia_octavia_conf_overrides'.

Change-Id: Ib9015383d36fe47272e0a27408db89df83a4b38c
Signed-off-by: Maksim Malchuk <maksim.malchuk@gmail.com>
2019-09-15 10:17:51 +03:00
Vadim Kuznetsov 6aa925e792 Add support for using distribution packages for OpenStack services
Distributions provide packages for the OpenStack services so we add
support for using these instead of the pip ones.

Change-Id: I7eb1cbe2c80ee889d2ae08dcfed6a19cc1bd3415
Depends-On: Ide70b5d8f67d8c8a87e3f16671f0f7fb72338b89
Depends-On: I8de48eb1fb4c8d321098ca54b9e21270edc7ac87
Depends-On: Ia5fda5d417b79189d048c8891b84d57331df1404
Implements: blueprint openstack-distribution-packages
2019-06-28 07:11:21 +00:00
OpenStack Release Bot 920cda835c Update master for stable/stein
Add file to the reno documentation build to show release notes for
stable/stein.

Use pbr instruction to increment the minor version number
automatically so that master versions are higher than the versions on
stable/stein.

Change-Id: Ia112e33fb43c4818f3e579ae6ee84a5fd2a5ec9d
Sem-Ver: feature
2019-04-08 09:20:36 +00:00
Francois Deppierraz 7b157f41eb releasenotes: oslo-messaging-separate-backends add project name
Without this patch, the release notes published at
https://docs.openstack.org/releasenotes/openstack-ansible/rocky.html contains
the same line multiple times which is not very clear.

[...]
    Support separate oslo.messaging services for RPC and Notifications
    to enable operation of separate and different messaging backend servers.

    Support separate oslo.messaging services for RPC and Notifications
    to enable operation of separate and different messaging backend servers.
[...]

Change-Id: I0ed1a43670d97f2e2215d04c641f7bd4cfbe4f44
2018-10-15 16:57:37 +02:00
German Eichberger b2d820d3fc Fixes too low security group rules quota
The quota for security group rules was erroneously set
to 100 with the aim to have 100 security group rules
per security group instead of to 100*#security group rules.
This patch fixes this discrepancy.

It also uses the int filter to avoid string mis-
interpretation.

Change-Id: Iafd15276524988e7240a26a1f362593c05529931
2018-10-02 16:50:12 +00:00
German Eichberger 3d0dfb706c Set quota for octavia service project
The default quotas are often not sufficient for a side wide
load balancing service. This will adjust them to some more
reasonable values.

The os_quota module of ansible assumes an installed
block storage service so it is not suitable for our
tests which don't install cinder. Therefore we
are using the openstack client straight.

Change-Id: If85cc3862b9316d9bf43e025bfaab8e1b7fd5576
2018-08-19 19:31:47 +00:00
Jesse Pretorius 14d5186079 Remove octavia_requires_pip_packages
In order to reduce the packages required to pip install on to the hosts,
we use service delegation to octavia_service_setup_host so that instead
of installing software on the target host, and putting credentials on
every target host, we isolate the software and credentials to a single
host.

In this patch we finally remove octavia_requires_pip_packages as it is
no longer required given that all services use delegation to the
octavia_service_setup_host now. We also remove the task which used to
install them.

We also remove the meta dependency on the openstack_openrc role because
the target host does not require openrc/clouds.yaml any more.

We remove the variable 'octavia_ansible_endpoint_type' as it is no longer
used.

We finally remove the python-pip package from the distro packages, as
with these changes, pip is no longer required on the host - everything
installed by pip is isolated into a venv.

Change-Id: If3f65fdb8a59a3c41cb8c2f0dee6b2e5a71f05c7
2018-08-19 18:18:47 +01:00
OpenStack Release Bot 1a5eeb06d8 Update reno for stable/rocky
Change-Id: I17385876891931a1079079ffd34d52696429bb03
2018-08-10 16:47:57 +00:00
Jesse Pretorius 33a709485c Execute image setup against octavia_service_setup_host
In order to reduce the packages required to pip install on to the hosts,
we use service delegation to octavia_service_setup_host so that instead
of installing software on the target host, and putting credentials on
every target host, we isolate the software and credentials to a single
host.

In this patch we remove the variable 'octavia_image_downloader' and replace
it with just using the 'octavia_service_setup_host' instead. We also need
to add the variable 'octavia_amp_image_path_owner' which is set to the user
running the playbook by default, so that the image can be downloaded to the
deployment host successfully.

There are any other tasks in the role which need updating before we can
eliminate the octavia_requires_pip_packages, but for the sake of keeping
the patch smaller and easier to review they will be done in follow up
patches.

Change-Id: I438cdf695abe223a9fcf7ead796fe2eef41845b7
2018-08-02 09:05:07 +01:00
Jesse Pretorius faf5d66876 Execute service setup against a delegated host using Ansible built-in modules
In order to reduce the packages required to pip install on to the hosts,
we allow the service setup to be delegated to a specific host, defaulting
to the deploy host.

There are any other tasks in the role which need updating before we can
eliminate the octavia_requires_pip_packages, but for the sake of keeping
the patch smaller and easier to review they will be done in follow up
patches.

Change-Id: I10f6d82cbdfe19fea577f276f95691115a07e01c
2018-08-02 09:05:07 +01:00
Andrew Smith 1ee708ffb6 Update to use oslo.messaging services for RPC and Notify
This introduces oslo.messaging variables that define the RPC and
Notify transports for the OpenStack services. These parameters replace
the rabbitmq values and are used to generate the messaging
transport_url for the service. The association of the messaging
backend server to the oslo.messaging services will then be transparent
to the octavia service.

This patch:
* Add oslo.messaging variable for RPC and Notify to defaults
* Update transport_url generation
* Add oslo.messaging to tests inventory
* Update tests
* Add release note

Change-Id: Ibfd9b5325bf89414439a1a516d1bbde0896904b5
2018-06-12 13:21:33 -04:00
German Eichberger 1515ca276b Adds certificate generation
This will generate self-signed certificates needed
for Octavia during install.

Change-Id: I39bbc4c43633b844b55f463723ba1b72d79fd206
2018-04-24 14:38:58 -07:00
German Eichberger 95eee6bc11 Downloads amphora images from artifact storage
This will download a test amphora image per default form the
Open Stack artifact storage to speed up tests. Operators can
configure their won artifact storage to simplify deploys.

Change-Id: I408d4128d35aab889dbe89fd9497d83a7830129b
2018-04-17 16:31:59 -07:00
OpenStack Release Bot 9eaab638ca Update reno for stable/queens
Change-Id: I845a876620acf93b2fb93286eea062bfbf59946d
2018-02-14 15:49:58 +00:00
Andreas Jaeger 51b2e89ae6 Remove setting of version/release from releasenotes
Release notes are version independent, so remove version/release
values. We've found that projects now require the service package
to be installed in order to build release notes, and this is entirely
due to the current convention of pulling in the version information.

Release notes should not need installation in order to build, so this
unnecessary version setting needs to be removed.

This is needed for new release notes publishing, see
I56909152975f731a9d2c21b2825b972195e48ee8 and the discussion starting
at
http://lists.openstack.org/pipermail/openstack-dev/2017-November/124480.html
.

Change-Id: Ib3377489b6273be3997e6023a9f36eb81f8b04eb
2017-11-17 08:02:48 +01:00
Major Hayden e4318b2a98
Fixing a few nits in release notes
Change-Id: I135b8597c52d888e06dcdaf7197027d60b720dff
2017-11-03 08:59:35 -05:00
German Eichberger 6f7128bb44 Improve event streaming with a better Octavia verison
In a newer Octavia version we can specify the transport_url for
the event streamer which listens on the neutron rabbit vhost.
This configures that and also enables provisonal status streaming by
default.

Depends-On: I00422b93d3ecfb672e967c2019424b64bc44ba66

Change-Id: I8bee145d5517c66c95bb24ba62cf6f7ed497df2d
2017-10-30 17:31:46 +00:00
Michael Johnson b9d8aa3fd6 Add zuul v3 support/jobs
Setup support for running the linters and functional tests under zuulv3.

Depends-On: I6490979d208938634373c08d164461e9d5d1150a
Change-Id: I04d1d38b6fb80400ffbe38e803f760b99eadf232
2017-10-27 10:45:17 -07:00
OpenStack Release Bot 7ea7f9b18e Update reno for stable/pike
Change-Id: I869ad108e4b13b9a22b4a5d34409fb7f5f31d39c
2017-08-18 08:01:24 +00:00
German Eichberger 072bf2c64d Enable V2 Octavia API (Experimental)
For Pike Octavia gains a way to run independent of Neutron with the
new V2 API. This adds an (experiemntal) switch to enable this which
defaults to False.

Change-Id: I009ea4feb7aecda861701af277122001c9bf4500
2017-08-10 21:08:37 +00:00
Andy McCrae b1fe866f42 Implement uWSGI for octavia-api
As part of the Pike goals we are moving api services to run as WSGI
apps. octavia-api service is set up as a wsgi app, and this patch
moves it over to uWSGI.

Since this is just a drop in replacement for the existing eventlet
service, operators an deployers should notice no difference.

Additionally, fix bug whereby git_install_branch was set to
"stable/ocata" for testing.

Change-Id: I0c473977e015015bd252a486c7191a95781b38a4
Implements: blueprint goal-deploy-api-in-wsgi
2017-08-04 13:20:54 +01:00
German Eichberger 8cfa0e02ca Octavia will create the network + upload image upon request itself
This is needed to simplify an intgrated AIO deploy

Change-Id: I7b8a2314a23281a4369d431aba280e0c0dc66f22
2017-07-21 21:53:38 +00:00
ZhongShengping e8693a1935 Fix openstackdocstheme settings
To use openstackdocstheme 1.11.0 properly, this patch fixes
some settings according to follow[0].

[0]https://docs.openstack.org/openstackdocstheme/latest/

Change-Id: I79f5da1152a7d6ba172230547cd94ee787dbb91a
2017-07-03 16:21:03 +08:00
ZhongShengping 8489bc4461 Switch from oslosphinx to openstackdocstheme
As part of the docs migration work[0] for Pike we need to switch to use the
openstackdocstheme.

[0]https://review.openstack.org/#/c/472275/

Change-Id: Ia0c01e10fd0a5e3914cdc6b26c82f1a38a5910fb
2017-06-26 11:37:37 +08:00
ZhongShengping e280bd6acf Deprecate rpc_backend option
Option "rpc_backend" from group "DEFAULT" is deprecated for removal
(Replaced by [DEFAULT]/transport_url). Its value may be silently
ignored in the future.

Change-Id: I568571751b6c31d9ade955489746f1abc2f0a766
Implements: blueprint deprecate-rpc-backend
2017-06-22 20:12:12 +00:00
Andy McCrae 2eb17d6260 Move release note to avoid duplication
Change-Id: I38e40fcb89714bc46a1e8d7228c4c52eb0569573
2017-06-02 15:51:29 +01:00
Jimmy McCrory 29a4e44b1b Allow deployers to provide haproxy template files
Add new variables, 'octavia_user_haproxy_templates' and
'octavia_haproxy_amphora_template' to allow deployers to provide and use
custom haproxy template files with Octavia.

Change-Id: I9527081d6ba6aac8f5bddc3796f8c2513625bf70
2017-05-27 21:48:56 +00:00
Jesse Pretorius c6e807e95f Rename release note to unique hash
Change-Id: Ie596d3034e68d83526b3de8e163c78a0e25566b7
2017-04-28 11:39:41 +01:00
Jesse Pretorius 4294f6016b Reduce init restart/kill times
The systemd unit 'TimeoutSec' value which controls the time
between sending a SIGTERM signal and a SIGKILL signal when
stopping or restarting the service has been reduced from 300
seconds to 120 seconds. This provides 2 minutes for long-lived
sessions to drain while preventing new ones from starting
before a restart or a stop.

The 'RestartSec' value which controls the time between the
service stop and start when restarting has been reduced from
150 seconds to 2 seconds to make the restart happen faster.

These values can be adjusted by using the *_init_config_overrides
variables which use the config_template task to change template
defaults.

Change-Id: I707b764758c7cc04445b4f0d6efebff8a7a7a81c
2017-04-27 16:04:43 +01:00