Commit Graph

460 Commits

Author SHA1 Message Date
Takashi Kajinami bd2debe260 Add support for new limit options
This introduces support for the new limit options which were added to
heat during 2024.1 cycle.

Depends-on: https://review.opendev.org/c/openstack/heat/+/906272
Change-Id: I622328a61ea24682dbe65dc4f4b3a90df5c7208f
2024-03-16 12:06:07 +09:00
Zuul 2334842ab1 Merge "Expose rabbit_transient_quorum_queue" 2024-03-14 18:04:00 +00:00
Takashi Kajinami d82a354686 Expose rabbit_transient_quorum_queue
Depends-on: https://review.opendev.org/911021
Change-Id: Idc2dc23f294e83ddc67225808c7976d03cc93907
2024-03-14 09:27:55 +09:00
Zuul 53b0016ea1 Merge "Stop hard-coding config file for db sync" 2024-03-08 14:21:07 +00:00
Takashi Kajinami 1dd45677b6 cache: Support new redis options
The oslo.cache 3.7.0 release introduced some options for redis backend
and redis sentinel backend. This introduces for these parameters.

Depneds-on: https://review.opendev.org/910629
Change-Id: Ia947c684f5f4cc10efad487d7c87e06c73cc1ba2
2024-03-07 22:58:03 +09:00
Takashi Kajinami 14eca21f0e Stop hard-coding config file for db sync
The heat-manage command by default loads /etc/heat/heat.conf. Removing
the override allows us to use additional paths such as heat.conf.d in
the future.

Change-Id: Id015bab7ad0dff14788bbabfe54ebae128b037b7
2024-03-05 03:25:14 +00:00
Zuul 20baac53ab Merge "cache: Support options for SASL mechanism in memcached" 2024-03-04 15:31:45 +00:00
Zuul fc9491c27d Merge "Refactor resource dependencies" 2024-03-04 11:38:40 +00:00
Takashi Kajinami 88a97f1646 cache: Support options for SASL mechanism in memcached
Depends-on: https://review.opendev.org/910122
Change-Id: I582474abb94fc14c477ae352318b46b58882fb35
2024-03-01 10:49:59 +09:00
Takashi Kajinami d9840e99d0 Refactor resource dependencies
This refactors resource dependencies to improve the following points.

 - Avoid unnecessary dependencies across services. For example aodh
   service does not require cinder db.

 - Restart only api service when config files like paste.ini, which
   are used only be api service is changed.

Change-Id: Iadb8552abf55228729bf5d31795b1e4bbb8b9929
2024-03-01 02:31:36 +09:00
Takashi Kajinami 69d2fc778b healthcheck: Expose ignore_proxied_requests parameter
Depends-on: https://review.opendev.org/909807
Change-Id: Ib90d509a298736108894df150289005f133e6f87
2024-02-26 01:19:14 +09:00
Takashi Kajinami fb2d047f0c Add support for oslo.reports options
Depends-on: https://review.opendev.org/804804
Change-Id: I257eda3461ae991fde3b5eeba44f1c69ab473957
2024-01-30 00:40:39 +09:00
Takashi Kajinami 67a4de90dc healthcheck: Expose allowed_source_ranges
... which was added to puppet-oslo recently.

Depends-on: https://review.opendev.org/905557
Change-Id: Ief3e3921bccf8194694339d3779cdad0a061e807
2024-01-17 15:01:04 +09:00
Takashi Kajinami 8a38b17a42 Support [cache] memcache_pool_flush_on_reconnect
Depends-on: https://review.opendev.org/902861
Change-Id: I047a1139d211b881b18d5a6192a383d62bcd8d9f
2023-12-14 17:55:24 +09:00
Takashi Kajinami aae84d93b0 Use new openstackclient tag
The new openstackclient tag was added so that we can get all resources
about openstack CLI more easily. This adds this tag to heatclient
because the package provides some sub-commands.

Also, the heatclient package is required by heat so updating it should
restart the services.

Change-Id: I4e24408d9c377d0b67d87efa07f07913ef997402
2023-11-20 01:18:41 +09:00
Zuul d9298fefef Merge "RabbitMQ: Add support for quorum queue options" 2023-09-15 15:52:46 +00:00
Takashi Kajinami 638aff2a93 RabbitMQ: Add support for quorum queue options
Depends-on: https://review.opendev.org/894866
Change-Id: I97f12ff89e0dab936fb8419dce70412002cfc2c1
2023-09-15 10:35:05 +09:00
Takashi Kajinami 57f2f332f0 Do not restart services after policy file changes
The oslo.policy library has implementations to detect change in policy
rules and reload the new rules without service restart.

Change-Id: Ie95b74bf43c2749c738286cc8a175beff5742976
2023-09-11 12:30:49 +09:00
Zuul 82b1ce702b Merge "Remove strict validation of enable_stack_adopt/abandon" 2023-07-22 16:53:31 +00:00
Takashi Kajinami ae4cce773a Remove strict validation of enable_stack_adopt/abandon
We have not yet implemented global way to validate bool options in
OpenStack. To keep the implementation simple and consistent across
the modules/parameters, this change removes the current strict
validation for now.

Change-Id: Ida223d6d06d3538b8c2f7b430db233782b3ba500
2023-07-18 00:54:43 +09:00
Takashi Kajinami 16bb17356e Ensure purge_config takes a boolean value
The purge_config parameters only accept boolean values. This enforces
that using the typed parameters.

Change-Id: Iecf1322669c06feed46bbe02eaeee48b929fc000
2023-07-18 00:53:51 +09:00
Takashi Kajinami cda67444f9 authtoken: Make password required
The password parameter is not really optional. This makes it
a required parameter to give more sensible validation error.

Change-Id: I1e7ef82de4f41f79ceeb089dc29de3119c6b01f0
2023-07-12 22:00:38 +09:00
Zuul 23c75218ce Merge "Validate status of cron resource" 2023-06-28 15:42:58 +00:00
Zuul f0ca808cfe Merge "Add per module policy service refresh" 2023-06-26 15:17:47 +00:00
Takashi Kajinami c62209b8e7 Validate status of cron resource
This makes sure that the supported value is used for the parameters
which determine the ensure property of a cron resource type.

This also re-implements the validation of age_type parameter using
the native data type.

Change-Id: Ie3d9c4d3dac3484051be3b9418e833454c0fbd2a
2023-06-26 22:08:16 +09:00
Tobias Urdin 41dae27b09 Add per module policy service refresh
Updating the policies for this project should only
refresh the services that reads it.

Change-Id: Ie190999dfdce7fe75bbc1889ec11feda796e226c
2023-06-26 00:04:40 +02:00
Takashi Kajinami 43384d02b1 Remove deprecated client parameters
These parameters were deprecated in favor of the separate classes for
client options[1].

[1] 0d043d793f

Change-Id: I28b7462f2330409b9dee7debba63ce756a0a74b1
2023-06-23 14:32:23 +09:00
Takashi Kajinami 3021cd9daf replace validate_legacy with proper data types
the validate_legacy function is marked for deprecation in
v9.0.0 from puppetlabs-stdlib.

Depends-on: https://review.opendev.org/c/openstack/puppet-openstacklib/+/885996
Change-Id: I144468b4f5536a48702e457f2a5db879f3ca217a
2023-06-23 09:26:59 +09:00
Takashi Kajinami da923f2283 Do not autocomplete heat::trustee class
This behavior was deprecated a while ago when the separate class was
added.

Change-Id: Ic3bff87a551262fc9e343217c5c8a933691bc29d
2023-05-15 13:12:00 +09:00
Takashi Kajinami 5fe73417a2 Add strict validation about boolean parameters
This ensures the parameters used by if-else logic accept only boolean
values because non-boolean can result in unexpected behavior.

Change-Id: Ia67f4aba2c3064f9b0ba93430b9c0f7a14800ced
2023-03-16 13:21:52 +09:00
Takashi Kajinami ee09225ba9 Expose executor_thread_pool_size
This option has been supported by puppet-oslo but has not been
configurable.

Change-Id: If4ea3913c5ec9c3719d57b8b682a87816cbaabf7
2023-03-06 13:48:27 +09:00
Takashi Kajinami da45ce8a21 Replace legacy facts and use fact hash
... because the latest lint no longer allows usage of legacy facts and
top scope fact.

Change-Id: Ib395d70d0d528adfef6600f67f9cd6bb238f8206
2023-03-02 11:31:36 +09:00
Takashi Kajinami 15c5b7148c CentOS: Remove workaround for missing selinux rule
This removes the workaround to add missing selinux rule. The bug in
openstack-sexlinux[1] was already fixed and we no longer need to
add the rule additionally.

[1] https://bugzilla.redhat.com/show_bug.cgi?id=1396553

Change-Id: I979d2c30fb0a0c7f456dff6376bf91ef141e86a2
2023-02-05 00:54:53 +09:00
Takashi Kajinami e5c3e2756d Expose policy_default_rule
The option has been managed by the underlying puppet-oslo module but
has not been configurable. This introduces the parameter to customize
the option.

Change-Id: Ib7d19a8d3b634b3f2c88222881b175f74771de00
2023-01-23 14:27:32 +09:00
Takashi Kajinami 3a8ae230cc Use standard parameter description format for wsgi::apache
Currently parameter description of the <module>::wsgi::apache classes
are formatted differently in individual modules, and this is making
the maintenance effort quite difficult.

This change updates the description format following the standard one
we are globally using in our modules to reduce undesired differences
between modules.

Change-Id: Icec870fce75185f2ca902c565dd94c467b9f6638
2022-08-29 15:11:28 +00:00
Takashi Kajinami bd92c63d41 Add Apache WSGI logging parameters for pipe/syslog
Add parameters for advanced logging configurations in Apache to
support piped logging and support for syslog (via mod_syslog
available in Apache >= 2.5.0)

Co-Authored-By: Andy Botting <andy@andybotting.com>
Change-Id: Idb3d73309588a7436cd2e067121119c5878eee18
2022-08-26 16:49:56 +09:00
Takashi Kajinami 1516806fc5 Adapt to new type validation in puppetlabs-apache
The puppetlabs-apache module is enforcing more strict data type
validation[1].

This change updates the default values to adapt to that change.

[1] f41251e336

Closes-Bug: #1983300
Depends-on: https://review.opendev.org/851652
Change-Id: I2df44be85cb73144ce45b8f5bea2ccba64d0be86
2022-08-02 16:54:29 +09:00
Zuul 73c888a69b Merge "Expose headers option of apache::vhost" 2022-07-30 17:38:13 +00:00
Takashi Kajinami 51cfa30945 Expose headers option of apache::vhost
The headers option in apache::vhost is required in some case, for
example when adding the X-XSS-Protection header. This change allows
customizing the option for the api vhost.

Change-Id: I2c527b5511db04f9daa7f605b565a567599b5431
2022-07-30 23:06:04 +09:00
Zuul adb38d75b5 Merge "Fix typos in parameter descriptions and tests" 2022-06-27 17:05:19 +00:00
Rajesh Tailor 82809e9095 Fix typos in parameter descriptions and tests
Change-Id: I4b368e030e207beabb1d69b9c5079d34aa494856
2022-06-27 16:11:37 +05:30
Takashi Kajinami 98c92fe15c Ensure [DEFAULT] deferred_auth_method is purged
... instead of left unmanaged. The parameter was deprecated a while ago
but is still valid in Heat.

Change-Id: I13c7c869855c60c9db1ca57772a2c0989b511e94
2022-06-19 22:13:37 +09:00
Takashi Kajinami 68ec6e99d3 Remove deprecated heat::max_stack_per_tenant
... because it was deprecated during Xena cycle by [1].

[1] e79e74cd08

Change-Id: I3806ab51e6593a9e00172af6b1eb02d9812fcf72
2022-05-13 10:40:21 +09:00
Takashi Kajinami 0585656937 apache+mod_wsgi: Disable SSL by default
During the previous cycle, a warning message was added to inform users
of this change.

Now the default value is updated so that SSL is disabled by default.

Change-Id: I6bd11a340b8623b45da7284e52ee505ea6870562
2022-05-06 20:46:39 +09:00
Takashi Kajinami ec9c6317ff Support tuning batch size of DB purge operation
The heat-manage purge_deleted command supports customizing batch size,
number of stacks to delete by a single transaction. This change adds
the new parameter to customize the parameter.

Change-Id: Id980c6f975f22baa305d3cd84378c98b3e9f84f2
2022-04-08 13:44:55 +09:00
Takashi Kajinami 0d043d793f Support more clients configurations
This change introduces support for [clients] parameters and
[clients_<service>] parameters, which determine behavior of service
clients used by heat for communication with the OpenStack services.

- Implementation of heat::clients::<service> are generally same.
  Only cinder, heat, keystone and nova provides additional parameters.

- The existing parameters in the base heat class are deprecated in
  favor of the new classes.

Change-Id: Icdf4f0201dd1e5f93a450473709851977ec20034
2022-04-03 23:22:26 +09:00
Zuul b7964e1116 Merge "Avoid hard-coding OS user/group in each manifest" 2022-02-22 16:51:47 +00:00
Takashi Kajinami e5cc108c00 Avoid hard-coding OS user/group in each manifest
and replace hard-codes by definition in params.pp .

Change-Id: I4fc49eab447ef2b7e4f0d6cbd75f193cff7719b9
2022-02-20 19:39:47 +09:00
Takashi Kajinami 6830a2af6d Add HashClient retry options for the dogpile.cache backend
This patch specifies a set of options required to setup the HashClient
retry feature of dogpile.cache cache backend.

Original oslo.cache change:
https://review.opendev.org/c/openstack/oslo.cache/+/824944

Co-Authored-By: Hervé Beraud <hberaud@redhat.com>
Depends-On: https://review.opendev.org/826870
Change-Id: Ibe064defd7fca3f88206943ae2835daa4a96ea35
2022-02-16 11:34:29 +09:00
Takashi Kajinami be95d672a8 Add cache client retry options for the pymemcache backend
This patch specifies a set of options required to setup the retrying
wrapper feature of pymemcache (dogpile.cache) cache backend.

Original oslo.cache change:
https://review.opendev.org/c/openstack/oslo.cache/+/803747

Co-Authored-By: Hervé Beraud <hberaud@redhat.com>
Depends-On: https://review.opendev.org/826869
Change-Id: Ie28399b714f1707edfc6832cebd739dd3710cff8
2022-02-16 11:27:45 +09:00