This change implements and enables by default quorum support
for rabbitmq as well as providing default variables to globally tune
it's behaviour.
In order to ensure upgrade path and ability to switch back to HA queues
we change vhost names with removing leading `/`, as enabling quorum
requires to remove exchange which is tricky thing to do with running
services.
Change-Id: I4781a0c23274b145970b3269e517c2a62497acc4
With update of ansible-lint to version >=6.0.0 a lot of new
linters were added, that enabled by default. In order to comply
with linter rules we're applying changes to the role.
With that we also update metdata to reflect current state.
Change-Id: Id8215882ee528d4c3055479e770c7432616649ba
Amphorav1 has been deprecated and is removed early at the
beginning of the 2023.2 cycle. With that Antelope is perfect time for
switching the default.
[1] 6c0515c988
Change-Id: I133f20a6d971832138708101e6a8380d23e75cf2
At the moment we don't restart services if systemd unit file is changed.
We knowingly prevent systemd_service role handlers to execute
by providing `state: started` as otherwise service will be restarted twice.
With that now we ensure that role handlers will also listen for systemd
unit changes.
Change-Id: I4a3346c90825a4bf0b416943286696fa529f526d
Distro instalaltion has been broken for a while and CI disabled for it.
With this commit we're fixing path and returning back
CI testing of it.
Depends-On: https://review.opendev.org/c/openstack/openstack-ansible/+/837845
Change-Id: Ia715e0506e45ead6ed8ecffac3fbd70e9849da13
All references to Gentoo, SUSE, Debian stretch and Centos-7 are removed.
Conditional tasks, ternary operators and variables are simplified where possible
OS specific variables files are generalised where possible
Change-Id: I4153df38980650c726cc1a79320b22e1e07605cf
We use the same condition, which defines against what host some "service"
tasks should run against, several times. It's hard to keep it the same
across the role and ansible spending additional resources to evaluate
it each time, so it's simpler and better for the maintenance to set
a boolean variable which will say for all tasks, that we want to run
only against signle host, if they should run or not now.
Change-Id: Icf411ab2df0f6e937ce056b085fee97b89fe8361
Move service to use uWSGI role instead of iternal task for uwsgi
deployment. This aims to ease the maintenance of uWSGI and speedup
metal deployments as the same uwsgi environment will be used
across all services.
Change-Id: Iaeb10f2e3018f8b19d47d5a557e6fc7beb0fb9cf
This patch aims to migrate service from usage of regular syslog files
to journald. We also disable uwsgi logging, since it dublicates
requests that are logged by service itself.
Depends-On: https://review.opendev.org/670824/
Change-Id: I8cfdd46a57a91ef3b1879bf85b03cced74234451
Distributions provide packages for the OpenStack services so we add
support for using these instead of the pip ones.
Change-Id: I7eb1cbe2c80ee889d2ae08dcfed6a19cc1bd3415
Depends-On: Ide70b5d8f67d8c8a87e3f16671f0f7fb72338b89
Depends-On: I8de48eb1fb4c8d321098ca54b9e21270edc7ac87
Depends-On: Ia5fda5d417b79189d048c8891b84d57331df1404
Implements: blueprint openstack-distribution-packages
This patch adds the Debian jobs for this role to make sure
it's always passing as well as updates the meta to reflect
it's support of Debian accordingly.
Depends-On: I9a92b73c419a0dc1cca40dacfef75de61a61db94
Change-Id: Idb2ec1248f22a039a723f513ce5cb88208a5fc4c
This removes the systemd service templates and tasks from this role and
leverages a common systemd service role instead. This changet removes a
lot of code duplication across all roles all without sacrificing features
or functionality. The intention of this change is to ensure uniformity and
reduce the maintenance burden on the community when sweeping changes are
needed. The exterior role is built to be OSA compatible and may be pulled
into tree should we deem it necessary.
In addition, it re-orders some tasks for consistency with other roles.
Change-Id: I124873a6ab96aa95f886ce146d28e7340c90d40d
In order to reduce the packages required to pip install on to the hosts,
we use service delegation to octavia_service_setup_host so that instead
of installing software on the target host, and putting credentials on
every target host, we isolate the software and credentials to a single
host.
In this patch we finally remove octavia_requires_pip_packages as it is
no longer required given that all services use delegation to the
octavia_service_setup_host now. We also remove the task which used to
install them.
We also remove the meta dependency on the openstack_openrc role because
the target host does not require openrc/clouds.yaml any more.
We remove the variable 'octavia_ansible_endpoint_type' as it is no longer
used.
We finally remove the python-pip package from the distro packages, as
with these changes, pip is no longer required on the host - everything
installed by pip is isolated into a venv.
Change-Id: If3f65fdb8a59a3c41cb8c2f0dee6b2e5a71f05c7
1. Remove tests/test-configure-octavia.yml because the 'shade' package
does not need to be installed again - this is already done by the
role test preparation.
2. Remove the key generation as the keys are already generated in the
common tests playbook 'test-prepare-keys.yml'.
3. Add some spacing between tasks to make it more readable.
4. Implement the extra packages needed in test-requirements.txt instead
of trying to use a task to install them, because doing it in Ansible
makes understanding the venv in relation to the inventory complicated..
5. Move the vars_files argument to the top of the play to make it easier
to find and more uniform with other plays in OSA.
6. Switch from using octavia_ansible_endpoint_type to a hard-coded
endpoint, then remove the octavia_ansible_endpoint_type var.
7. Switch from using the 'endpoint_type' argument for the openstack
modules to using the more modern 'interface' argument.
8. Remove the 'run_once' argument on the 'Upload key to nova' task
because only localhost is targeted, so the argument is moot.
9. Remove the 'Set VIP fact' task in favor of just using the 'vip_output'
register in the 'Test the Listener' task. Setting a fact is pointless.
10. To help the existing patches pass, we add python-pip to the distro
packages. This will be reverted later once the required changes
to remove this requirement have merged.
Depends-On: https://review.openstack.org/589248
Change-Id: I46962090f7baf4227e838e125fd318245f2bcb85
There is no record for why we implement the MQ vhost/user creation
outside of the role in the playbook, when we could do it inside the
role.
Implementing it inside the role allows us to reduce the quantity of
group_vars duplicated from the role, and allows us to better document
the required variables in the role. The delegation can still be done
as it is done in the playbook too.
In this patch we implement two new variables:
- octavia_oslomsg_rpc_setup_host
- octavia_oslomsg_notify_setup_host
These are used in the role to allow delegation of the MQ vhost/user
setup for each type to any host, but they default to using the first
member of the applicable oslomsg host group.
We also adjust some of the defaults to automatically inherit existing
vars set in group_vars form the integrated build so that we do not
need to do the wiring in the integrated build's group vars. We still
default them in the role too for independent role usage.
Finally, we remove the test mq setup tasks and clean up any unused
or unnecessary variables configured in tests.
We also rename the ubuntu-16.04.yml file to ubuntu.yml to cover both
xenial and bionic. This has become necessary because the
'Gather variables for each operating system' task in the galera_client
role is picking up this role's vars file instead of its own.
Change-Id: If7e3712dd70eb083b5dffc98e0c981ec4f513533
This creates a specific slice which all OpenStack services will operate
from. By creating an independent slice these components will be governed
away from the system slice allowing us to better optimise resource
consumption.
See the following for more information on slices:
* https://www.freedesktop.org/software/systemd/man/systemd.slice.html
See for following for more information on resource controls:
* https://www.freedesktop.org/software/systemd/man/systemd.resource-control.html
Tools like ``systemd-cgtop`` and ``systemd-cgls`` will now give us
insight into specific processes, process groups, and resouce consumption
in ways that we've not had access to before. To enable some of this reporting
the accounting options have been added to the [Service] section of the unit
file.
Change-Id: Ib19624a57063fba8f63eed5308639be224751fed
Signed-off-by: Kevin Carter <kevin.carter@rackspace.com>
- Adds iptables rules
- Makes sure that health manager ip is the one
on the management interface
- Reworks variables
- Improves documentation
- Tests now run with an extra octavia network
- renamed mgmt network to lbaas-mgmt
- added ubuntu/centos specific iptables save/restore
commands/packages
Change-Id: I761ce0d2dce73d018c2ba2022798a3962e44b235
- installs Octavia service in OSA
- adds a test which installs Octavia (but uses noop
to work around gate limitations)
Co-Authored-By: German Eichberger <German.eichberger@rackspace.com>
Change-Id: Idb419a4ca5daa311d39c90eda5f83412ccf576ad