Cinder needs to send notifications to nova when attached volumes
are being extended. By default, cinder uses the client context
for this, but nova requires admin privileges for this. So we
configure cinder to use the nova service user instead. See
also [0].
[0] https://bugs.launchpad.net/openstack-ansible/+bug/1902914
Change-Id: Ib4c6820dd15ecfa3e3763c188e0a2cc322ecea55
Update ChefSpec due to changes made in apache2 cookbook.
Depends-On: https://review.opendev.org/756168
Change-Id: Ie849f5bae082e94581146793f964d0e001a7c8c8
Signed-off-by: Lance Albertson <lance@osuosl.org>
- Cookstyle fixes
- Refactor Berksfile to use groups so we can exclude integration testing
cookbooks
- Update documentation
- Enable sensitive resources for the template[/etc/cinder/cinder.conf]
and to resources improve security.
- Update delivery configuration to exclude integration cookbooks
- Fix ChefSpec output.
- Switch package installations to send packages as arrays instead of individual
package resources. This generally speeds up chef runs.
Depends-On: https://review.opendev.org/701027
Depends-On: https://review.opendev.org/706151
Depends-On: https://review.opendev.org/706157
Change-Id: I73948a67e798477cfe7d3cf62474d0ea96f90db2
This brings us up to date with the latest apache2 cookbook which
included a major refactor in 6.0.0 removing all of the definitions and
recipe with proper resources. Instead of using the apache2_default_site
resource, directly use a template and then enable the config file using
the apache2_site resource. This gives us the most flexibility.
Other changes:
- Remove selinux for depends as it's not being referenced anywhere in
the cookbook
- Included more ChefSpec tests for api recipe
- Update WSGI template
- Include additional cookbooks in Berksfile required for CI
Depends-On: https://review.opendev.org/702772
Depends-On: https://review.opendev.org/701824
Change-Id: I289091f54750dd5068e98fd4f4853880f4b72c6c
Python2.7 is going EOL soon, let us deploy python3 for Rocky from the
start, so we avoid having to switch later.
Clean up some unused pkg attributes.
Depends-On: https://review.opendev.org/682918
Change-Id: I1a11352f54b4126d7b510aa74d9ed1c4a33348c1
Also fixes wrong service type reference in for wsgi banner
Change-Id: I82c60b7c4efaa19459a3a0ab835eb4e48f8ee991
Signed-off-by: Manuel Torrinha <manuel.torrinha@tecnico.ulisboa.pt>
- openstack rocky uses bionic as ubuntu platform
the package name changed since ubuntu xenial.
fixed it
Change-Id: I3607d10577ee3391c39027676151bd5ef03259b5
- scsi-target-utils comes from EPEL. Now that EPEL is disabled, this is removed
in favor of targetcli from the base repo. This is also available for Ubuntu to
provide a consistent outcome.
Change-Id: Ibc146350ef2ddd1d19e35402cbf69e036a759f1d
Implements: blueprint modern-chef
- deprecated postgresql support
- dropped apt cookbook dependency
- deprecated node.foo.bar method access for node['foo']['bar'] bracket syntax
- implemented foodcritic and cookstyle corrections
- migrated cinder api to a Chef-managed config
- deprecated cinder-group-active service, as it is no longer needed and gets in
the way of functionality
- added lvm cookbook dependency for better pv/vg handling
Implements blueprint modern-chef
Change-Id: Id248c9267af6750c871487bc8b577aa2011a782a
- Changed the default linter to cookstyle
- cinder-group-active was missing a Provides header for the SysV init script
- Switched the qemu package to SCL for CentOS to get a newer release
- Normalized template banner comment
Change-Id: Iec59e0c8e3cb0b83db92a0a9f8db34a40953351f
- cinder-api now runs under apache2 and no longer as systemd service
- cinder-volume needs explicit backend configuration
- don't install deprecated cinder v1 API endpoints
- clean up some config options
To be added in a follow-up:
- Make backend configuration more flexible
- Replace distro provided wsgi setup with our custom one
Change-Id: I77ac294fd8e1cd4e6bc39667ddfdea21c4daed8a
- Now use cookbook-openstackclient to create endpoints role service and
user
- added domain creation and access granting
- added values to work with identity_v3
- rewrote specs to work again
- added needed keystone_authtoken attributes
- updated README
Change-Id: I2f339055883354c6a8a77daa7967ff279c4d18d9
Depends-On: I0f8955f05de9b33711c54b9a198f45018cceb8e1
Depends-On: If7b4d6e563081a0be9957353d73ef61a9688df56
* endpoint type (admin, internal, public) and service (identitiy, network etc.)
was switched during refactoring, this patch reverts this unintended switching
* edited bind_service service type from public,internal,admin to 'all'
for default binding to just one service
Change-Id: I4d28b1b2489419c1f033dfcda0effa5a53c537c3
Depends-On: Iec485deaf415e4187a323435cce2b6bbadfc5d42
Depends-On: Ia5bddfc5e2fd77cd6e9e855c680b079f78fc1c3f
Depends-On: I4f97b659361dabd7fac216305d2aad2f1bb98f51
* added endpoint attributes (moved from common)
* removed qpid as a messaging option (can be incuded in a wrapper)
* deleted default attributes from nova.conf.rb originated in
openstack-common
* adapted optimized endpoint logic
* removed rubocop exceptions in recipes and regenerated the
.rubocop_todo.yaml containing all remaining exceptions
* added versionbumb for refactored os-identity and common
* moved version up to 13.0.0 for mitaka release
* removed fedora, suse as supported platform
* adapted the specs (unit tests) to work again
* added new logic into templates/default/cinder.conf.erb
* refactored attributes throughout all recipes that were connected to
the attributes used for the cinder.conf.erb template to adapt the new
template attribute syntax
* moved all attributes from attributes/default.rb that were used in
cinder_conf.erb to attributes/cinder_conf.rb
* refactored attributes to fit upcomming template logic
* refactored recipes to fit upcomming template logic
* removed all attributes from default.rb and cinder.conf.erb which are set
as default in attributes, openstack doc and used to render the template
Depends-On: Ifa5a7f4e1df47a3961976e64f654224864c3dcb4
Depends-On: I3262b2e6f792f37c32a446e6567790b82bdd4613
Depends-On: I0547182085eed91d05384fdd7734408a839a9a2c
Implements: blueprint cookbook-refactoring
Change-Id: Idadc97bd7380d6c4f9f6f33d9c6b1215a5f24772
Cinder volumes are associated with the cinder host that created them.
This unique host id can be changed in the conf file. This patch adds
support to allow that.
Change-Id: I9295ed1bfa24bfac8325bd347a92b5e334a31371
Closes-Bug: #1451967
On some recent platforms, systemd based, the /var/lock/ path gets
cleaned up at reboot and causes issues for projects like cinder.
Nova and neutron changed long ago to base the lock path off the
state path, this change does the same thing now for cinder.
Change-Id: Ibe693c21cfc63dd5b6e1753c85081a952005b293
Closes-Bug: #1449711
lvm volume recipe makes use of lvm commands like vgcreate. These
commands are part of the lvm2 package which may not be a
dependency for the base openstack cinder packages anymore. So,
make sure this get installed before using those commands.
Change-Id: I75f47260677b409ff32c4b2c6fc5598a31214ecf
Closes-Bug: #1435968
There are new configuration items added to cinder.conf
for new features "QoS" and "volume-replication" in Juno.
Change-Id: I6f69dbe6cc1e0a1dbb5da1417d44211463a7df36
Currently, if san private key is missing, cookbook will create an
empty one which cause cinder can't work properly.
This patch will check whether san private key is exist or not, if
not, raise an error to remind user to provide one.
Change-Id: Ia1e0a60dec9ef463a908756fffa5f5274ebc0fb7
Since we have no attribute overrides for api-paste.ini, no
need to have a template resource for it. Until we need to
have some attribute, removing this will take away burden of
keeping in sync with base openstack code.
Change-Id: Ic72c638ba61929bc06061b04d13ce986514b0460
Related-Bug: #1433152
Modify config in attributes/default.rb, recipes/cinder-common.rb,
spec/volume_spec.rb, spec/cinder_common_spec.rb and
templates/default/cinder.conf.erb with SAN login and password.
It has been merged in Kilo. iSCSI code is on the way.
Change-Id: I784f69424a5f1b20f99ba5faccc85b3066e23de3
In RHEL7, tgtd is replaced by LIO, and target deamon service and
targetcli package is used to manage iscsi target.
This fix also set iscsi_helper to lioadm for RHEL7
Change-Id: I5a5b1faec6a6aed9b9f3d5632e704a59e2d5c7b7
closes-bug: #1409619
Currently the qemu-img package is not installed by default
for a cinder-volume node. This causes cinder to fail when
trying to create images using the qemu-img command.
This patch will change the 'cinder_volume_packages' attribute
to also install the qemu-img package for cinder-volume nodes.
Change-Id: Idb923f3edfa39720178e498433d94e4e37a76f7d
Closes-bug: #1413088
The upstream ceph cookbook already hooks into chef for environment information.
This patch utilizes the client LWRP to create or add ceph keys for RBD support.
This patch also changes some default attribute names for more sane organization
Partial-Bug: #1409943
Change-Id: Ibba6c568d4e4d00153061458b71593cd28714e60
- This is a stage I fix for bug #1400958. First disable the related
resources for tgtd.
- Bump version to 10.1.0 to indicate this is a start point of new
platform support
Change-Id: Id3757f7847ba0620d4bf4492160921389e3ef475
Partial-bug: #1400958
Using The san_private_key by itself is a common use case. The
current code requires the san_login and password to be set.
This patch allows the key to be used without the login and password.
Also removed some clutter comments from the conf template.
Change-Id: Iea84c8310eec39481c115587219cdac35c9b3589
Closes-Bug: #1398469
This allows the administrator of the cloud the ability to specify
the glance API version. This is required for features such as
Copy on Write (CoW) as Glance's v1 API does not expose enough
information to allow Cinder to CoW the image.
Change-Id: I3ba80207c22916629d210a23aad94bd143d2b00e
Co-Authored-By: Craige McWhirter <craige.mcwhirter@anchor.com.au>
Closes-bug: #1390345
* add san_password= for storwize
* remove unused san_password attributes, get_password method is used
* add tests for password both storewize and solidfire
Change-Id: I4afde431332ca914d078bc3e30362ef22961016f
Closes-Bug: #1384085