Commit Graph

14286 Commits

Author SHA1 Message Date
OpenDev Sysadmins 58cfb69ea7 OpenDev Migration Patch
This commit was bulk generated and pushed by the OpenDev sysadmins
as a part of the Git hosting and code review systems migration
detailed in these mailing list posts:

http://lists.openstack.org/pipermail/openstack-discuss/2019-March/003603.html
http://lists.openstack.org/pipermail/openstack-discuss/2019-April/004920.html

Attempts have been made to correct repository namespaces and
hostnames based on simple pattern matching, but it's possible some
were updated incorrectly or missed entirely. Please reach out to us
via the contact information listed at https://opendev.org/ with any
questions you may have.
2019-04-19 19:40:00 +00:00
Jenkins 459c52c8e2 Merge "Correct logical expressions for storage backends" into stable/newton 2017-06-19 08:57:07 +00:00
Sergii Rizvan 98154bff02 Clean up keystone.conf file
At the end of keystone.conf file there were some options from
keystone-paste.ini file. These options don't affect anything
that's why they were removed in order to clean up keystone.conf

Change-Id: Ib388c37ac4f622cabc405a4d83ba71f2f35b7e83
Closes-Bug: #1693188
2017-06-15 12:54:34 +03:00
Sergii Rizvan 2a164b335f Corrected default limits filter in nova API
The old syntax that used % symbols, caused some errors upon a restart
of the nova-api. Replacing the % and parentheses with the double quotes
allows the API to start without errors.

Change-Id: I96c00590390c6caf0a17a43e68ede111684b3110
Closes-Bug: #1683496
2017-05-29 16:19:51 +00:00
Sergii Rizvan 9e3e2da305 Correct logical expressions for storage backends
After introducing the change Iead5167210c4132badb866afc25d4ef14e27f6b2
swift isn't installed if ceph used as a backend for images
and not for object-storage service. In this sutiation we end up
with absence of object-storage at all which is wrong.

The commit introduces changes which makes possible
to swift been installed if ceph used only for image service.

Change-Id: If319845aa9f2d9b3ca07936350ef374f504679cb
Closes-Bug: #1604879
2017-05-17 17:09:49 +03:00
Jenkins ebf2b45109 Merge "Prevent a bond for unrequired re-assembles" into stable/newton 2017-05-11 10:22:23 +00:00
Jenkins 804debbacf Merge "Exclude anonymous cipher suites from Cobbler SSL configuration" into stable/newton 2017-05-10 10:14:42 +00:00
Jenkins b26864cbc5 Merge "Fix race condition for primary component bootstrap" into stable/newton 2017-05-03 20:14:02 +00:00
Jenkins 4621956420 Merge "Support a "mirror" method of apt-get" into stable/newton 2017-05-03 12:46:11 +00:00
Vladimir Kuklin 31efd1e2c9 Fix race condition for primary component bootstrap
Create node is_pc flag before starting to check if there
is more than one of those flags. Thus, we avoid race condition
when there is 0 is_pc flags and galera starts with --wsrep-new-cluster
on 2 nodes.

We set it before the check and, as setting them is synchronous through
Pacemaker CIB, in that case when >1 nodes attempt to bootstrap with
--wsrep-new-cluster, only one node will see <= 1 is_pc flags. Others
will see more than one and fail and reattempt to start. At that point
one of the nodes will already be bootstrapped, thus reelection will not
be triggered and the section of bootstrap will be skipped

Change-Id: I82a71132eef7877ac7ab1ed04263044b3b1e8d9b
Closes-bug: #1617400
Signed-off-by: Sergii Golovatiuk <sgolovatiuk@mirantis.com>
2017-05-03 12:31:41 +00:00
Jenkins b9c2da3385 Merge "Update ref for puppet-ironic module" into stable/newton 2017-04-28 20:32:20 +00:00
Michael Polenchuk c8b04173d9 Support a "mirror" method of apt-get
apt-get supports a "mirror" method that will automatically select a
closest mirror based on geographical location. So extend URI library
to handle repository sources with mirror://

Change-Id: I7b8018af50e431614d0d5c87ad3f1c8bad94e4d9
Closes-Bug: #1669751
2017-04-28 20:27:18 +00:00
Sergey Vasilenko 0695eedc5f Create Upstart-compatible state files for each interface
created by l23network in runtime.
This functionality required for correct 'ifdown' command work
first time without ifup (interface created by l23network runtime).

Change-Id: I05aecf2a69158f15eac636e33cedbdfbe817adc0
Closes-bug: #1674430
2017-04-19 08:39:39 +00:00
Sergii Rizvan 7875c960ac Exclude anonymous cipher suites from Cobbler SSL configuration
The server used to be configured to support anonymous cipher suites
with no key authentication. These ciphers are highly vulnerable
to man in the middle attacks.

New configuration applies only strong cipher suites on SSL server.

Change-Id: I8ecac040a77614fd78188995a873b85c94781411
Closes-Bug: #1646761
2017-04-05 09:54:21 +00:00
Stanislaw Bogatkin 3f01bb9d23 Use intersection of added vs deleted nodes instead of just deleted ones
There are cases when nailgun can send us data where there are nodes
included into list of added nodes and deleted ones. As a result, puppet
manifests failed with resource ensurance for present and absent hosts.
To avoid this situation, subtract added nodes from deleted prior to
actually deleting them from hosts.

Change-Id: I515f7fae4bbe67123d70572a4f861e879ec580f6
Closes-Bug: #1679522
2017-04-04 13:38:17 +00:00
Vasyl Saienko f8a06c0f56 Update ref for puppet-ironic module
Recently 'ironic:drivers:interface' class was backported to Newton
by https://review.openstack.org/#/c/445799/
And ability to convert network name to UUID was added by
https://review.openstack.org/#/c/449804/
This patch update ref for puppet-ironic module to use that commit.

Related-Bug: #1588380

Change-Id: I4043bb406aafaf9fb46509f8a2542e5b6c3d9d7d
2017-03-31 13:25:40 +03:00
Jenkins b3f8640a0b Merge "Set memcached server to local one for non-keyston services" into stable/newton 2017-03-30 11:29:02 +00:00
Vladimir Kuklin 41d4a11ee7 Set memcached server to local one for non-keyston services
We misconfigured local cache for services with change
https://review.openstack.org/#/q/Id1034e22d79c3ea6b25575d9bcf8e8750a02365d
Thus, it becomes extremely slow when a controller is down.

With this commit we revert things back to normal with local memcached
for all openstack services leaving keystone memcached shared for tokens
(this was thoroughly tested previously)

This commit a529033fdc
pointed all non-keystone services to local memcached for keystone auth tokens, however it also
pointed cache/memcache_servers in nova to local memcached. This led to regression in Nova.

Revert setting local memcached server for swift proxy

Switch back to using all available mamcached servers, because of
failures during swift testing.

Change-Id: I8f6bbf77d27f3d8976985241deb8a948984862f5
Closes-bug: #1657727
Closes-Bug: #1576218
Closes-Bug: 1666837
2017-03-29 15:18:20 +03:00
Jenkins 06213b8551 Merge "[ceph] Employ radosgw built-in frontend" into stable/newton 2017-03-29 09:01:14 +00:00
Jenkins eff979ee43 Merge "Add all needed certs to all tags" into stable/newton 2017-03-28 17:38:27 +00:00
Jenkins c986e02a68 Merge "Rename all predefined graphs to experimental-*" into stable/newton 2017-03-28 15:46:28 +00:00
Vladimir Kozhukalov e3acbeea41 Rename all predefined graphs to experimental-*
By doing this we avoid running these graphs when
api handlers are called. Handlers try to
find graphs in the database by thier name and if they are unable
to do this they fall back to plain task managers.
That is what we actually need.

Change-Id: Iba98c3b337c2856bbd29d17bb06d24adf35594e6
Closes-Bug: #1676849
2017-03-28 14:58:45 +03:00
Oleksiy Molchanov a00717a852 Add all needed certs to all tags
Change-Id: I8905003d85ce527ee9b9479889e81497c2973441
Closes-Bug: 1673134
2017-03-28 09:15:11 +00:00
Michael Polenchuk 280a29e518 Conform cgroups to systemd based services
Update cgroups configuration to be running on ubuntu 16.04.
Remove "cgroup-lite" package/service since systemd
mounts cgroups sanely itself.

Change-Id: I250f1ba92fbe1ceac415a73b640fd00d6e2898e4
Closes-Bug: #1669747
(cherry picked from commit 4f33d4aabb)
2017-03-28 07:40:00 +00:00
Jenkins 56fe404341 Merge "Revert "Port for distributed serialization added"" into stable/newton 2017-03-27 18:33:39 +00:00
Alexander Kislitsky 037cdf6ef0 Revert "Port for distributed serialization added"
This reverts commit e0c44beaec.

Change-Id: I247aff832c48054c19636eb93e519a65b8e2fa1b
2017-03-27 16:13:42 +00:00
Jenkins d78b0fcbae Merge "Rename default sequence" into stable/newton 2017-03-24 20:14:05 +00:00
Vladimir Kozhukalov 95e0abbc34 Revert "Remove cobbler and use dhcpd named and tftp"
This reverts commit 0b5ab4ff80.

Change-Id: I5ab0f2adea210f03b7bf3994f7ccbd2137ef2bb8
2017-03-24 20:11:48 +03:00
Jenkins a080e4883e Merge "Revert "Fix deletion graph (no cobbler mode)"" into stable/newton 2017-03-24 16:57:53 +00:00
Jenkins 49f8513de4 Merge "Revert "Fix task dependencies for provision and deletion graphs"" into stable/newton 2017-03-24 16:47:11 +00:00
Vladimir Kozhukalov 7e5d92882d Revert "Fix deletion graph (no cobbler mode)"
This reverts commit 83ae1d3d61.

Change-Id: I9c29ea9bfa714173ffe53adfd242bb9c2c1c99a7
2017-03-24 16:36:45 +00:00
Vladimir Kozhukalov 7344296472 Revert "Fix task dependencies for provision and deletion graphs"
This reverts commit 3996115211.

Change-Id: I1242142fd60015a061e4259fde772f2471f67297
2017-03-24 14:25:01 +00:00
Stanislaw Bogatkin 2513d17713 Rename default sequence
Change-Id: I2e389324837e23321872d0a6be5b5a13e130393c
Closes-Bug: #1675792
2017-03-24 14:24:45 +00:00
Alexander Kislitsky e0c44beaec Port for distributed serialization added
We allow connections to 8002 port in the admin network for
incoming connections from distributed serialization workers.
Distributed serialization workers should be installed and run
on slave and bootstrap nodes.

Change-Id: Idae764bde0b0dd482e6b08d69a97cd5d0717547d
Implements: blueprint distributed-serialization
(cherry picked from commit 97c9ca2c5f)
2017-03-24 10:11:19 +00:00
Jenkins 9f16ad761c Merge "Use proper IP address for rabbit management access" into stable/newton 2017-03-23 10:34:13 +00:00
Jenkins ae5bb9b01e Merge "Fix building ironic bootstrap" into stable/newton 2017-03-23 09:42:13 +00:00
Vladimir Kozhukalov 3996115211 Fix task dependencies for provision and deletion graphs
Change-Id: I375f9ad6716c4e5eff76d30b74fc591e0c0ea71d
Implements: blueprint get-rid-cobbler-dnsmasq
2017-03-21 18:55:54 +03:00
Michael Polenchuk d1136773ba [ceph] Employ radosgw built-in frontend
As of firefly (v0.80), ceph object gateway is running on civetweb
(embedded into the ceph-radosgw daemon) instead of apache and fastcgi.
Using civetweb simplifies the ceph object gateway installation and
configuration.

Change-Id: Idba61e094390e3c75a6e5d9b35a8e8e47a2a696f
Closes-Bug: #1671808
(cherry picked from commit d38e1a399c)
2017-03-21 13:32:09 +00:00
Vasyl Saienko c90b8a2fab Fix building ironic bootstrap
This patch fixes issues with building ironic bootstrap:
  * fix if condition that is a trigger to build ironic bootstrap
  * build fuel image always, ironic bootstrap only when ironic is enabled
  * Drop incorrect condition check for fuel image

Change-Id: Ib7ee0c656ffa71ce913e1924bb80260744319a3a
Closes-Bug: #1653204
2017-03-21 15:00:42 +02:00
Vladimir Kozhukalov 83ae1d3d61 Fix deletion graph (no cobbler mode)
Change-Id: I0bbf9d2a261dcf3e1c8a8d11bdb4073353f87936
Implements: blueprint get-rid-cobbler-dnsmasq
Depends-On: I80c62056dcfdf70b3786e163960d0307849e019c
2017-03-21 11:41:59 +00:00
Vladimir Kozhukalov 0b5ab4ff80 Remove cobbler and use dhcpd named and tftp
Implements: blueprint get-rid-cobbler-dnsmasq
Change-Id: I80c62056dcfdf70b3786e163960d0307849e019c
2017-03-21 09:32:09 +00:00
Alexey Lebedeff 56ec92bab9 Use proper IP address for rabbit management access
`host_ip` parameter is only used in OCF script, and it's used to
connect to management HTTP API - so using host to which rabbit binds
its AMQP listener makes completely no sense.

Change-Id: I029ef9c88f397de11da5ec5048e7314b92ddc441
Closes-Bug: 1668311
2017-03-20 09:07:37 +00:00
Jenkins a2ed9a7eba Merge "Increase tcp_retries2 value" into stable/newton 2017-03-17 09:12:21 +00:00
Jenkins dde16f25b2 Merge "Set up local logging for lrmd" into stable/newton 2017-03-17 09:10:41 +00:00
Jenkins 69e8d96767 Merge "Make ovs-vswitchd restart instead of stop/start" into stable/newton 2017-03-16 14:32:27 +00:00
Jenkins 8d75107759 Merge "Override all dependent ovs providers" into stable/newton 2017-03-16 10:27:29 +00:00
Stanislaw Bogatkin 74acfc23f3 Increase reboot task timeout
To avoid broken provision on baremetal servers, increase reboot
task timeout to 15 minutes.

Change-Id: Ia7b9aa96407dae5819420146f5e1e934031b662c
Closes-Bug: #1671793
2017-03-15 13:49:22 +00:00
Michael Polenchuk f2e124344d Override all dependent ovs providers
Take into account (i.e. make override actions for)
dpdk enabled interfaces as well.

Change-Id: I8d35814ccc9ddda4c904a4abf6a51105baa12b9a
Closes-Bug: #1672695
(cherry picked from commit 221dba9592)
2017-03-15 12:24:22 +00:00
Alexey Lebedeff 2238c94efc Increase tcp_retries2 value
Current value of 5 results in socket operation timeout after ~12.9
seconds. This is a bit too low, e.g. we've seen RabbitMQ network
splits in production.

This 12.9s amount is equal as 0.2*(2^1+2^2+..2^5), where 0.2 is a
retry timeout (RTO) that is calculated by kernel on a per-socket
basis. But in fast local networks it usually almost equal to minimum
values of 0.2s hardcoded in linux kernel (and BTW, RFC says that
minimum value should be 1s).

On the other hand, comment in netconfig.pp says that our target
timeout is ~54 seconds. And changing tcp_retries2 to 7 is consistent
with that comment - tests an live env show that resulting timeout is
~52.2s

Change-Id: Ib52f40ef1017a9da5a29cd62fb744a4597860763
(cherry picked from commit 5d4d53082d)
2017-03-15 09:32:07 +00:00
Dmitry Mescheryakov 3e67eb0043 Set up local logging for lrmd
Write lrmd logs to the /var/log/lrmd.log on controllers.

Also disabled collecting all pacemaker logs into /var/log/pacemaker.log
because Pacemaker already does that itself. In our installation rsyslog
does not write that file because in most cases Pacemaker creates it
first. For example, see the file's owner in any env, it will be
hacluster, not syslog.

Closes-Bug: #1661003
Change-Id: I0acb59a43bd856b1689918a7cf066624efa13a63
(cherry picked from commit 4d18ef0dad)
2017-03-15 09:31:23 +00:00