openstack
/
openstack-ansible-os_placement
Code Issues Proposed changes
141 Commits 8 Branches 7 Tags 1.2 MiB
Commit Graph

7 Commits

Author SHA1 Message Date
Dmitriy Rabotyagov 88218e77c9 Use proper galera port in configuration 
While <service>_galera_port is defined and used for db_setup
role, it's not in fact used in a connection string for oslo.db.

Change-Id: I6746406488c372d5e31350ec8092af8cef027657
 2023-07-31 15:37:05 +02:00
Dmitriy Rabotyagov 242e17c230 Support service tokens 
Implement support for service_tokens. For that we convert
role_name to be a list along with renaming corresponding variable.

Additionally service_type is defined now for keystone_authtoken which
enables to validate tokens with restricted access rules

Depends-On: https://review.opendev.org/c/openstack/openstack-ansible-plugins/+/845690
Change-Id: I4e9fff59bbfa9c8a1ae0236d077ac9ee2881c04b
Related-Bug: #1948456
 2022-06-16 10:48:52 +00:00
Damian Dabrowski ed4f061d50 Database connection pooling improvements 
- Implemented new variable ``connection_recycle_time`` responsible for SQLAlchemy's connection recycling
- Set new default values for db pooling variables which are inherited from the global ones.

Depends-On: https://review.opendev.org/c/openstack/openstack-ansible/+/819424
Change-Id: I77b4e8c70a21eada431c824044c0d1563df70dcc
 2021-12-03 11:41:34 +01:00
Dmitriy Rabotyagov ad9f7c87cb Refactor galera_use_ssl behaviour 
With PKI role in place in most cases you don't need to explicitly
provide path to the CA file because PKI role ensures that CA is trusted
by the system overall. In the meanwhile in PyMySQL [1] you must either
provide CA file or cert/key or enable verify.

Since current behaviour is to provide path to the custom CA we expect
certificate being trusted overall. Thus we enable cert verification when
galera_use_ssl is True.

[1] 78f0cf99e5/pymysql/connections.py (L267)

Change-Id: Ie6e82e625808c64d44e603843ec985daf18efca4
 2021-09-20 09:52:35 +00:00
Guilherme Steinmüller d32cb44802 Refactor memcached_servers 
This patch aims to add a prefix for memcached_server
on each role to give the ability for deployers to
override the location of memcached cluster. I.e users
wants to create a single memcached cluster with k8s
for each service.

We also add pymemcache based on [1]

[1] https://review.opendev.org/711429

Change-Id: Ibf64fc04bd9b4359de902a92aa39cfc2923c8823
 2020-03-16 14:56:46 +00:00
Dmitriy Rabotyagov ab692dbc56 Use systemd-journald instead of log files 
This patch aims to migrate service from usage of regular syslog files
to journald. We also disable uwsgi logging, since it dublicates
requests that are logged by service itself.

Change-Id: Ib24a5c96359c349781c48a5d82d7c64e793b8e43
 2019-07-17 00:16:26 +03:00
Guilherme Steinmüller 32c1eb8488 Add initial placement role 
This patch adds the support for the placement service with
a simple functional test which hits the API (which in turn
hits the database and keystone for authorization).

Depends-On: I878e8c479d8963b339b5e1f6031f649c0f87082f
Change-Id: Iaa11a8cc4d945712b62c3b9c2cb6ad168def34eb
 2019-02-06 15:47:53 -05:00