There is now a recipe - not really a new one, it's "vncproxy" with some
attributes renamed - which handles the relevant packages and services
(Debian names confirmed to have been valid at least since Jessie,
Ubuntu and RHEL ones based on existing convention + review comments).
Furthermore, nova.conf is now populated with required enpoint information
- with hopefully sane default values of relevant attributes.
Finally, the attribute node['openstack']['compute']['console_type']
can be used to enable the desired console type; it defaults to 'vnc'
in accordance with default Nova configuration.
Signed-off-by: Marek Szuba <m.szuba@gsi.de>
Change-Id: I0996daddda6d21633930ba73e174f99775a9e0c9
Modern versions of OpenStack (confirmed under Rocky and Victoria)
have two separate keys for specifying memcached servers to use - one
for Nova itself (which the cookbook already handled) and one for the
Keystone middleware (which it did not). As a result, with only the former
set Nova keeps on complaining in the logs (at least under Rocky) about
still using in-process token cache.
Signed-off-by: Marek Szuba <marek.szuba@cern.ch>
Change-Id: I7930048a55a26e66c1dd041245ae5b23794eada1
Update ChefSpec due to changes made in apache2 cookbook.
Depends-On: https://review.opendev.org/756168
Change-Id: I3ec792c519650b2d95a976ad50419a9b417a3514
Signed-off-by: Lance Albertson <lance@osuosl.org>
The current code tries to restart apache for every change to
/etc/nova/nova.conf even on compute nodes that do not have apache
installed. This changeset splits out the apache service resource into a
separate recipe that (unlike nova-common) is not included by the compute
recipe.
backport: stein
Change-Id: I87dda61dfabec460fe042b4cee21277382dd9487
The major change in this release is that the placement-api code base has been
removed from nova and put into it's own project called placement [1]. Users who
are coming from Stein will need to follow the upgrade guide [2] to properly
upgrade to the new service.
All attributes related to placement-api have been moved into their own files
including configuration file attributes for placement.conf.
Added:
- Template to manage /etc/placement/placement.conf
- Include openstack-compute::_nova_cell recipe to nova-setup so that the db
migrations happen properly
Changed:
- Update release to train
- Migrated from nova-placement-api to placement-api [1]
Fixed:
- Cookstyle & ChefSpec
- Ordering of db syncs which was causing issues for Train
- Set default['openstack']['compute']['syslog']['use'] to false by default
- Various comments
Removed:
- Removed references to nova-consoleauth which has been removed upstream [3]
- Removed references to xvpvnc which was removed upstream
- Unused .rubocop.yml and .rubocop_todo.yml
[1] https://docs.openstack.org/releasenotes/placement/train.html
[2] https://docs.openstack.org/placement/latest/admin/upgrade-to-stein.html
[3] https://docs.openstack.org/releasenotes/nova/train.html#prelude
Change-Id: I996bcd2f63a080e10fadf0c7adf9a0ddcb0b5c7a
Depends-On: https://review.opendev.org/731859
Depends-On: https://review.opendev.org/731860
Depends-On: https://review.opendev.org/731861
- Cookstyle fixes
- Refactor Berksfile to use groups so we can exclude integration testing
cookbooks
- Update documentation
- Cleanup line wraps
- Enable sensitive resources for the template[/etc/nova/nova.conf] to
resources improve security.
- Update delivery configuration to exclude integration cookbooks
- Fix ChefSpec output.
- Switch package installations to send packages as arrays instead of individual
package resources. This generally speeds up chef runs.
- Cleanup array syntax using %w() instead of []
- Add metadata to enabled_apis as that is the default upstream
- Switch to user resource for managing shell for nova user
- Switch to libvirtd instead of libvirt-bin for Ubuntu service name
Depends-On: https://review.opendev.org/701027
Depends-On: https://review.opendev.org/706151
Depends-On: https://review.opendev.org/708059
Depends-On: https://review.opendev.org/706157
Change-Id: I7e03fb9dace6e288a3b21f33106245b30b52ce9d
This brings us up to date with the latest apache2 cookbook which
included a major refactor in 6.0.0 removing all of the definitions and
recipe with proper resources. Instead of using the apache2_default_site
resource, directly use a template and then enable the config file using
the apache2_site resource. This gives us the most flexibility.
Additional fixes:
- Install mod_wsgi as a package on RHEL since there is no built-in
resource for it.
- Don't set SELinux to permissive on RHEL (I tested this works properly
with it set to enforcing).
- Remove hack for restarting apache.
- Convert web_app to template and subscribe to restarting apache.
- Remove resources to restore SELinux contexts since this taken care of
by Chef now automatically.
- Fix resource ordering in placement_api
- Improve ChefSpec tests
- Add missing placement_api RHEL tests
- Fix issues with chain file and cipher suite in in wsgi template
- Include additional cookbooks in Berksfile required for CI
Depends-On: https://review.opendev.org/702772
Depends-On: https://review.opendev.org/701824
Change-Id: Ib404ab6bfcae3340fd7f0f924539ca6c445b55cf
This uses edit_resource to add a notification in the nova-api,
nova-api-metadata and nova-placement-api apache configurations when one
of them gets updated. This is a workaround due to the fact we are using
a version of the apache2 cookbook that is still using definitions and
cannot add notifications with definitions.
This is intended to ensure we only restart apache when the configuration
is updated. Otherwise, the old behaviour was to restart apache on every
run which is problematic in production environments. I have been using
this in our production wrapper cookbook for the past year or so without
any issue.
This will be removed in the Stein release when we migrate to the newer
apache2 cookbook which uses proper resources.
Also amend the Berksfile to point to the new opendev.org location.
Change-Id: I55e6ea4124017e0f44f92f6a2fb01baad5a27555
Signed-off-by: Lance Albertson <lance@osuosl.org>
This patch replaces nova.conf.erb with openstack-service.conf.erb from
the openstack-common cookbook.
Besides removing some redundancy, it also makes nova.conf more readable
(due to a fix to openstack-service.conf.erb that never made it to
nova.conf.erb).
backport: queens pike
Change-Id: I07aeb7617ca152f66ec239cef4bcbef642c66bf7
Without www_authenticate_uri set, nova logs contain warnings:
WARNING keystonemiddleware.auth_token
Configuring www_authenticate_uri to point to the public identity
endpoint is required; clients may not be able to authenticate
against an admin endpoint
backport: queens
Change-Id: I0ff8202455b576227b882670c7254487b5e11f25
* removed all unused attributes
* removed vmware specific configuration option that can be set in a
wrapper cookbook (and was not maintained for quite some time)
* removed caseswitch for nova user and group since we currently only
support debian and rhel
* moved all libvirtd related config options to specific attribute file
in preparation for further refactoring
Change-Id: I42a0bbcd03a570b9d6d24ba32ed2cafacc33ec76
- Added basic cellv2 recipe, as it is required from Ocata on
- Style and lint fixes to support newer chefdk
- Rewrote metadata.rb for readability
- Removed ancient Gemfile
Change-Id: I97b453fc419bfbf01679dadf39a256b1f0f99859
The placement-api has been added by nova for the Newton cycle, it has
become mandatory for Ocata.
It is deployed as a wsgi app similar to what we have for keystone and
gnocchi already.
Change-Id: I1d1f1cc7046cb30a91894a0c884bc861d7f3dd95
- Now use cookbook-openstackclient to create endpoints role service and
user
- added domain creation and access granting
- added values to work with identity_v3
- rewrote specs to work again
- added needed keystone_authtoken attributes + neutron
- updated readme
Change-Id: I84f850f32f25a318c3ed3c7337a0dfa6f641a5fe
Depends-On: I0f8955f05de9b33711c54b9a198f45018cceb8e1
Depends-On: I2d404a424bd79a6e9b282304e21591fa33a48981
Depends-On: If7b4d6e563081a0be9957353d73ef61a9688df56
The default backend for oslo_cache is dogpile.cache.null, so we need to
explicitly specify the proper backend that we want to use.
Related-Bug: 1572062
Change-Id: I8942f872c072f263959ac8790df7f7eedc9599e2
* added sync for api_db (required in mitaka) and needed configuration options in
nova.conf
* made libvirtd_opts configurable in preparation for xenial and systemd on
ubuntu (libvirtd needs to be started with just -l option on xenial)
Change-Id: I6c01e45f10d75db96c95c0bb37b016ada2f5933f
Depends-On: Idf6645064a1c2f337f542b29a026969c7d35efbe
api-ec2 is being replaced by the `openstack-ec2` cookbook.
Change-Id: I5b4bc088bbf9a5061ed311d164dc381a3caca2d5
Depends-On: I2dbbafaf8641ece00d4181d1ea4ba93f00eed6ed
* cleaned up endpoint and bind interface attributes
* moved compute-ec2 attribute to compute-ec2-api
for clearness on which is public internal or admin
Change-Id: I16fb99ea2f865ea95b653c68fd5a42f15d039439
* endpoint type (admin, internal, public) and service (identitiy, network etc.)
was switched during refactoring, this patch reverts this unintended switching
* edited bind_service service type from public,internal,admin to 'all'
for default binding to just one service
Change-Id: Ia1785dc4ed7df88d0457e640fa0a668baccf12d5
Depends-On: I4f97b659361dabd7fac216305d2aad2f1bb98f51
Depends-On: I9bf230ba53d23ce11a32acaea2410572eaeb6123
Depends-On: Iec485deaf415e4187a323435cce2b6bbadfc5d42
Depends-On: Ia5bddfc5e2fd77cd6e9e855c680b079f78fc1c3f
* added endpoint attributes (moved from common)
* removed qpid as a messaging option (can be incuded in a wrapper)
* removed os-bare-metal dependencies
* deleted default attributes from nova.conf.rb originated in
openstack-common
* removed fedora and suse as supported platform
* adapted optimized endpoint logic
* removed rubocop exceptions in recipes and regenerated the
.rubocop_todo.yaml containing all remaining exceptions
* added versionbumb for refactored os-identity and common
* moved version up to 13.0.0 for mitaka release
* adapted the specs (unit tests) to work again
* refactored spec_helper.rb method "expect_creates_api_paste"
* added new logic into templates/default/nova.conf.erb
* refactored attributes throughout all recipes that were connected to
the attributes used for the nova.conf.erb template to adapt the new
template attribute syntax
* moved all attributes from attributes/default.rb that were used in
nova_conf.erb to attributes/nova_conf.rb
* refactored attributes to fit upcomming template logic
* refactored recipes/nova_common.rb to fit upcomming template logic
* removed all attributes from default.rb and nova.conf.erb which are set
as default in attributes, openstack doc and used to render the template
* removed nova-network as a supported config option
Depends-On: I9cc1b5cc069987ac83e064322c2291772505ff5f
Depends-On: Ifa5a7f4e1df47a3961976e64f654224864c3dcb4
Depends-On: I3262b2e6f792f37c32a446e6567790b82bdd4613
Depends-On: I0547182085eed91d05384fdd7734408a839a9a2c
Implements: blueprint cookbook-refactoring
Change-Id: I9ac9eeb29ab27f31394830e4b6f999d5870cc0e4
- According to the bool attribute
node['openstack']['endpoints']['db']['enabled_slave'], enable/disable
nova database slave_connection
- Add the slave_connection generated from db_uri function
Implements: blueprint sql-slave-connection-support
Change-Id: I8d904ca7076d7e6a74f1eda09c40ee79f1fc1a7f
Cleaned up all the minor rubocop issues, the ones left relate to
complex logic and what I think is a bug in rubocop for nested
vs compact modules/class definitions.
Change-Id: Ic874a3e0a8d005e410baa40584f0f00dfc805a56
Remove deprecated keys and use identity_uri via the new transform
helper method.
Also, cleanup specs for endpoint testing to make sure Common is
fully tested.
Change-Id: I3beac9d8d80d8a1a15e44bf944f1d8ca84d45350
Implements: blueprint identity-uri
Correctly default osapi_compute_link_prefix to nil.
Added osapi_glance_link_prefix for completeness.
Created attributes for these for flexibility.
Updated specs to cover these and other misc keys.
Change-Id: Ic2fd79fc74dedb649b08c451ded678ac1d1ed310
Closes-Bug: #1418583
Add ironic section configuration to make openstack compute service
use openstack bare metal service.
blueprint bare-metal-enablement
Change-Id: I7492edac417609a0eb952f0ca0780876ef8564fc
Nova metadata api endpoint was missing from common endpoints.
This patch will be follow by one for compute and network to
make use of these new endpoint.
Change-Id: I1c3bfe3dac4b04c7f482f698523327ce4754e594
Partial-Bug: #1425633
Now that admin_endpoint, public_endpoint, and internal_endpoint
in the common library are working, these are the changes to use
them in the openstack-compute recipes.
Change-Id: I4c90f4c7222f2f0b7fb7eba91f68e47841970e7c
Partial-Bug: 1412919
The upstream ceph cookbook already hooks into chef for environment information.
This patch utilizes the client LWRP to create or add ceph keys for RBD support.
This patch also changes some default attribute names for more sane organization
Partial-Bug: #1409943
Change-Id: Ia87e123ae2d88e3122b8d66d8ff144a804e6d8c4
This change adds some attributes into the cookbook so
that they are configurable. They are mainly to configure
for glance_api_insecure and neutron_api_insecure in nova.conf.
It also makes neutron_url and neutron_admin_auth_url to be
prefixed with scheme(http or https).
Change-Id: If6d50a6963b47ee0983ecc71087414ab7c366623
Closes-Bug: #1381599
* A patch for Common added a new endpoint for vnc proxy
* Use the new vnc proxy endpoint for the nova.conf
Change-Id: I9909e3dd500d9fcc31133b81c93420b629ed4e37
Closes-Bug: #1367807
contains password properties like:
qpid_password=
neutron_admin_password=
To avoid unauthorized user to access it and decode the password, this file will be set as 640
Fix bug 1369411
Change-Id: I66c7d742ce814be7d39e61180e896a9d02ccb800
In Icehouse, the configurations for keystone auth token has been moved
to nova.conf. So we need to remove the configurations from api-paste.ini
and move them to nova.conf.
Change-Id: I5b5b32b16c8e9235103bd61f3c3eb1774b093e0a
Closes-Bug: #1342002
*_python_packages attributes are being moved to -common in order to
remove the duplication from all the cookbooks which are using them
Change-Id: I952372ec06cc6560b9a942bfc100d12622152ab2
Implements: blueprint move-python-db-client-attrs-to-common