Commit Graph

207 Commits

Author SHA1 Message Date
Takashi Kajinami bd2debe260 Add support for new limit options
This introduces support for the new limit options which were added to
heat during 2024.1 cycle.

Depends-on: https://review.opendev.org/c/openstack/heat/+/906272
Change-Id: I622328a61ea24682dbe65dc4f4b3a90df5c7208f
2024-03-16 12:06:07 +09:00
Takashi Kajinami d82a354686 Expose rabbit_transient_quorum_queue
Depends-on: https://review.opendev.org/911021
Change-Id: Idc2dc23f294e83ddc67225808c7976d03cc93907
2024-03-14 09:27:55 +09:00
Takashi Kajinami 1dd45677b6 cache: Support new redis options
The oslo.cache 3.7.0 release introduced some options for redis backend
and redis sentinel backend. This introduces for these parameters.

Depneds-on: https://review.opendev.org/910629
Change-Id: Ia947c684f5f4cc10efad487d7c87e06c73cc1ba2
2024-03-07 22:58:03 +09:00
Zuul 20baac53ab Merge "cache: Support options for SASL mechanism in memcached" 2024-03-04 15:31:45 +00:00
Takashi Kajinami 88a97f1646 cache: Support options for SASL mechanism in memcached
Depends-on: https://review.opendev.org/910122
Change-Id: I582474abb94fc14c477ae352318b46b58882fb35
2024-03-01 10:49:59 +09:00
Zuul 4afa99a351 Merge "healthcheck: Expose ignore_proxied_requests parameter" 2024-02-26 02:44:43 +00:00
Takashi Kajinami 69d2fc778b healthcheck: Expose ignore_proxied_requests parameter
Depends-on: https://review.opendev.org/909807
Change-Id: Ib90d509a298736108894df150289005f133e6f87
2024-02-26 01:19:14 +09:00
OpenStack Release Bot 5feb8da5a3 reno: Update master for unmaintained/yoga
Update the yoga release notes configuration to build from
unmaintained/yoga.

Change-Id: I55d7b541160a3390b12a1a99c40d437b01bfb2f9
2024-02-21 16:45:25 +00:00
Takashi Kajinami fb2d047f0c Add support for oslo.reports options
Depends-on: https://review.opendev.org/804804
Change-Id: I257eda3461ae991fde3b5eeba44f1c69ab473957
2024-01-30 00:40:39 +09:00
Takashi Kajinami 67a4de90dc healthcheck: Expose allowed_source_ranges
... which was added to puppet-oslo recently.

Depends-on: https://review.opendev.org/905557
Change-Id: Ief3e3921bccf8194694339d3779cdad0a061e807
2024-01-17 15:01:04 +09:00
Takashi Kajinami 8a38b17a42 Support [cache] memcache_pool_flush_on_reconnect
Depends-on: https://review.opendev.org/902861
Change-Id: I047a1139d211b881b18d5a6192a383d62bcd8d9f
2023-12-14 17:55:24 +09:00
OpenStack Release Bot 43aef6995a Update master for stable/2023.2
Add file to the reno documentation build to show release notes for
stable/2023.2.

Use pbr instruction to increment the minor version number
automatically so that master versions are higher than the versions on
stable/2023.2.

Sem-Ver: feature
Change-Id: Ie1f9aff157b7351a4ac77d0880b076ef869cfe90
2023-10-16 15:16:34 +00:00
Takashi Kajinami 638aff2a93 RabbitMQ: Add support for quorum queue options
Depends-on: https://review.opendev.org/894866
Change-Id: I97f12ff89e0dab936fb8419dce70412002cfc2c1
2023-09-15 10:35:05 +09:00
Takashi Kajinami 43384d02b1 Remove deprecated client parameters
These parameters were deprecated in favor of the separate classes for
client options[1].

[1] 0d043d793f

Change-Id: I28b7462f2330409b9dee7debba63ce756a0a74b1
2023-06-23 14:32:23 +09:00
Zuul 7d927b9a02 Merge "Remove support for Puppet 6" 2023-05-22 14:26:41 +00:00
Takashi Kajinami 72a1d7e665 Remove support for Puppet 6
... because Puppet 6 reached its EOL in February 2023.

Change-Id: I7f65e8283aca591e1766cdf6368c1bb0503897e8
2023-05-22 12:22:46 +09:00
Takashi Kajinami da923f2283 Do not autocomplete heat::trustee class
This behavior was deprecated a while ago when the separate class was
added.

Change-Id: Ic3bff87a551262fc9e343217c5c8a933691bc29d
2023-05-15 13:12:00 +09:00
OpenStack Release Bot 671bff9647 Update master for stable/2023.1
Add file to the reno documentation build to show release notes for
stable/2023.1.

Use pbr instruction to increment the minor version number
automatically so that master versions are higher than the versions on
stable/2023.1.

Sem-Ver: feature
Change-Id: If71345e988656c23e6f8c0e6d193b4616df9acf5
2023-04-05 15:30:22 +00:00
Takashi Kajinami ee09225ba9 Expose executor_thread_pool_size
This option has been supported by puppet-oslo but has not been
configurable.

Change-Id: If4ea3913c5ec9c3719d57b8b682a87816cbaabf7
2023-03-06 13:48:27 +09:00
Takashi Kajinami e5c3e2756d Expose policy_default_rule
The option has been managed by the underlying puppet-oslo module but
has not been configurable. This introduces the parameter to customize
the option.

Change-Id: Ib7d19a8d3b634b3f2c88222881b175f74771de00
2023-01-23 14:27:32 +09:00
Takashi Kajinami 593779b8c7 Switch to Ubuntu Jammy (22.04)
... because Focal no longer supports the recent releases such as Zed.

Change-Id: Ica0bc2670e4bc6f8cc61c5e0def70e6139b555c0
2023-01-15 22:21:33 +09:00
OpenStack Release Bot 6348809e16 Update master for stable/zed
Add file to the reno documentation build to show release notes for
stable/zed.

Use pbr instruction to increment the minor version number
automatically so that master versions are higher than the versions on
stable/zed.

Sem-Ver: feature
Change-Id: I97e458a846eb689ea1d76093eeb7258776f8c474
2022-10-20 11:04:42 +00:00
Takashi Kajinami bd92c63d41 Add Apache WSGI logging parameters for pipe/syslog
Add parameters for advanced logging configurations in Apache to
support piped logging and support for syslog (via mod_syslog
available in Apache >= 2.5.0)

Co-Authored-By: Andy Botting <andy@andybotting.com>
Change-Id: Idb3d73309588a7436cd2e067121119c5878eee18
2022-08-26 16:49:56 +09:00
Takashi Kajinami 51cfa30945 Expose headers option of apache::vhost
The headers option in apache::vhost is required in some case, for
example when adding the X-XSS-Protection header. This change allows
customizing the option for the api vhost.

Change-Id: I2c527b5511db04f9daa7f605b565a567599b5431
2022-07-30 23:06:04 +09:00
Zuul 860681e667 Merge "Remove support for CentOS 8 Stream" 2022-06-01 05:42:08 +00:00
Takashi Kajinami 99fbfc61ea Remove support for CentOS 8 Stream
... because RDO will provide packages for only CentOS Stream 9 for Zed
release. This change removes RHEL 8 as well.

Depends-on: https://review.opendev.org/843503
Change-Id: Icc77d992339376e5c53b4a8ecd2fcc7743869fcb
2022-06-01 13:45:46 +09:00
Takashi Kajinami 68ec6e99d3 Remove deprecated heat::max_stack_per_tenant
... because it was deprecated during Xena cycle by [1].

[1] e79e74cd08

Change-Id: I3806ab51e6593a9e00172af6b1eb02d9812fcf72
2022-05-13 10:40:21 +09:00
Takashi Kajinami 0585656937 apache+mod_wsgi: Disable SSL by default
During the previous cycle, a warning message was added to inform users
of this change.

Now the default value is updated so that SSL is disabled by default.

Change-Id: I6bd11a340b8623b45da7284e52ee505ea6870562
2022-05-06 20:46:39 +09:00
Takashi Kajinami ec9c6317ff Support tuning batch size of DB purge operation
The heat-manage purge_deleted command supports customizing batch size,
number of stacks to delete by a single transaction. This change adds
the new parameter to customize the parameter.

Change-Id: Id980c6f975f22baa305d3cd84378c98b3e9f84f2
2022-04-08 13:44:55 +09:00
Zuul f267f9a1d8 Merge "Support more clients configurations" 2022-04-05 15:39:00 +00:00
OpenStack Release Bot 0d3f51d869 Update master for stable/yoga
Add file to the reno documentation build to show release notes for
stable/yoga.

Use pbr instruction to increment the minor version number
automatically so that master versions are higher than the versions on
stable/yoga.

Sem-Ver: feature
Change-Id: I16f92ab55db267e93bd609546c7c6fab5d107b92
2022-04-05 09:10:38 +00:00
Takashi Kajinami 0d043d793f Support more clients configurations
This change introduces support for [clients] parameters and
[clients_<service>] parameters, which determine behavior of service
clients used by heat for communication with the OpenStack services.

- Implementation of heat::clients::<service> are generally same.
  Only cinder, heat, keystone and nova provides additional parameters.

- The existing parameters in the base heat class are deprecated in
  favor of the new classes.

Change-Id: Icdf4f0201dd1e5f93a450473709851977ec20034
2022-04-03 23:22:26 +09:00
Takashi Kajinami 4de5256605 remove unicode literal from code
All strings are considered as unicode string from Python 3.

This patch drops the explicit unicode literal (u'...')
appearances from the unicode strings.

Change-Id: I3ccb8abed325c4137daee8f1dcbbf7b1526ba79f
Co-Authored-By: LiZekun <2954674728@qq.com>
2022-03-08 09:12:16 +09:00
Takashi Kajinami 31f8290d92 Add CentOS/RHEL 9 to supported operating systems
... because these operating systems are now verified by unit tests and
integration tests.

Change-Id: If0101b743520752258a3466baa822d1478ecc526
2022-02-23 01:16:10 +09:00
Takashi Kajinami 6830a2af6d Add HashClient retry options for the dogpile.cache backend
This patch specifies a set of options required to setup the HashClient
retry feature of dogpile.cache cache backend.

Original oslo.cache change:
https://review.opendev.org/c/openstack/oslo.cache/+/824944

Co-Authored-By: Hervé Beraud <hberaud@redhat.com>
Depends-On: https://review.opendev.org/826870
Change-Id: Ibe064defd7fca3f88206943ae2835daa4a96ea35
2022-02-16 11:34:29 +09:00
Takashi Kajinami be95d672a8 Add cache client retry options for the pymemcache backend
This patch specifies a set of options required to setup the retrying
wrapper feature of pymemcache (dogpile.cache) cache backend.

Original oslo.cache change:
https://review.opendev.org/c/openstack/oslo.cache/+/803747

Co-Authored-By: Hervé Beraud <hberaud@redhat.com>
Depends-On: https://review.opendev.org/826869
Change-Id: Ie28399b714f1707edfc6832cebd739dd3710cff8
2022-02-16 11:27:45 +09:00
Takashi Kajinami 37d5b04d78 Remove deprecated amqp_allow_insecure_clients
... because it was deprecated during Wallaby cycle.

Change-Id: I2d7619574f93958ceae15bafea02d77554fb5315
2022-02-09 10:00:20 +09:00
Takashi Kajinami ff16bee10a Remove some deprecated database parameters left
This is follow-up of c543bd33ae and
removes some deprecated database parameters still left.

Change-Id: I6325c5d8d290bf6176d17e4aea9058f85feea2f3
2022-02-09 09:59:17 +09:00
Takashi Kajinami c543bd33ae Clean up deprecated database parameters
Change-Id: I9d77ce1cbbd3fb8f7af2f144101ad064d760934e
2022-02-07 12:08:42 +09:00
Zuul c160858ee0 Merge "Add socket keepalive options for the pymemcache backend" 2022-01-27 21:29:27 +00:00
Grzegorz Grasza 1fe740c2a9 Add socket keepalive options for the pymemcache backend
This patch specifies a set of options required to setup the socket
keepalive feature of pymemcache (dogpile.cache) cache backend.

Original oslo.cache change:
https://review.opendev.org/c/openstack/oslo.cache/+/803716

Depends-On: https://review.opendev.org/807851
Change-Id: I195d3984248d8402953843bd49bd5e0838bf4fde
2022-01-27 20:23:44 +09:00
Zuul 14c630bffa Merge "Accept system scope credentials for Keystone API request" 2022-01-08 01:02:56 +00:00
Takashi Kajinami e0f9de35cb Support more tunable parameters of heat-engine
Change-Id: If314e079f45101439751c18eddbead56d0863fbb
2022-01-03 23:09:06 +09:00
Takashi Kajinami 63b791ef4f Add support for [DEFAULT] allow_trusts_redelegation
Change-Id: I4677e89b889f416cc503719286373407a08cffc9
2022-01-03 18:37:41 +09:00
Takashi Kajinami a06217b838 Use native support to define RequestHeader statement
... instead of injecting it by vhost_custom_fragment.

Depends-on: https://review.opendev.org/821082
Change-Id: I684e077d03b318cef01688c1b11ea37d7fc2f664
2021-12-09 00:24:40 +09:00
Takashi Kajinami d3a63122cb Accept system scope credentials for Keystone API request
This change is the first step to support secure RBAC and allows usage
of system scope credentials for Keystone API request.

This change covers the following two items.
 - assignment of system scope roles to system user
 - credential parameters for authtoken middleware

Depends-on: https://review.opendev.org/804325
Change-Id: I1429b2cc6f3c01c07ec26b1a7242e451072be368
2021-11-26 00:59:17 +09:00
Takashi Kajinami 603f545cbc Prepare to update default of <service>::wsgi::apache::ssl
Currently the <service>::wsgi::apache::ssl parameters have inconsistent
default values. Some parameters default to true while the other default
to false.

Based on the following points, false is considered to be the more
reasonable default.
 - Usage of SSL is optional and is not always required
 - There are other methods(like load-balancer) to implement SSL
   termination
 - Enabling SSL doesn't work with the default values currently
   defined, and requires additional parameters like ssl_cert.
 - false is the default value defined in the base implementation in
   puppet-openstacklib.

This change is the preparation to change the default value, and
introduces a warning message to make users aware of the future change.

Change-Id: I76516e3d0c659fabdb7736ff4a5a6621eed29371
2021-11-03 20:52:09 +09:00
Zuul a834405610 Merge "Allow customizing separator for api-paste.ini" 2021-10-17 21:36:55 +00:00
Takashi Kajinami 4b39a9330d Allow customizing separator for api-paste.ini
The api-paste.ini accepts not only "=" but also ":" and some services
like Barbican have been using ":" for their default api-paste.ini
files.

[composite:main]
use = egg:Paste#urlmap
/: barbican_version
/v1: barbican-api-keystone

This change allows users to use ":" so that they can update the ini
files with keeping it consistent with the default fules

Depends-on: https://review.opendev.org/813614
Change-Id: I6c79c6d865648cc309a489f6ef371d33673df93a
2021-10-15 12:00:56 +09:00
Takashi Kajinami 6e8b799ba8 Create a separate class to manage the trustee options
This change introduces the new heat::trustee class to manage
the parameters in the [trustee] options. These options have been set
according to authtoken parameters but it makes maintenance complicated
and the logic doesn't work properly when noauth is used.

This change also removes the [trustee] project_domain_name parameter
because the parameter has never been used actually.

Change-Id: I694a8ea771cc4d4dcfbf8384ece2be10d83ab3f0
2021-10-13 22:06:58 +09:00