Skip to content
Snippets Groups Projects
Select Git revision
  • deployment default
1 result
Search by author
  • Any Author
  • KANAPA SYLVERE p1919734 KANAPA SYLVERE p1919734 p1919734
1 author
  1. Sep 21, 2022
  3. Sep 12, 2022
  5. Sep 09, 2022
  7. Sep 08, 2022
  9. Sep 06, 2022
    • Michal Nasiadka's avatar
      mariadb: Add reuseaddr to socat execution · 5d4e3807
      Michal Nasiadka authored 
      Sometimes in CI we're seeing Address already in use on clustercheck restarts.
Adding reuseaddr that allows immediate restart of the server process.

Change-Id: Ib1c9dcf99381b6b9d1095f450d74c797d39f4cb2
      5d4e3807
  11. Sep 05, 2022
    • Stig Telfer's avatar
      Increase the Fluentd request timeout for ES · ffb4767c
      Stig Telfer authored 
      Fluentd has a default timeout of 5s for flushing data to ElasticSearch.
If there is a significant backlog of unsent log messages, this timeout
can be exceeded, resulting in Fluentd failing to make further progress.

Raise the default timeout to 60s.

This patch adopts the configuration parameters previously proposed by
Krzysztof Klimonda.

Closes-Bug: #1983031
Closes-Bug: #1896611
Change-Id: I1aaab654a5a0752fccef2cfb8cc0bde4a0ee2562
      ffb4767c
  13. Aug 31, 2022
  15. Aug 30, 2022
    • Michal Arbet's avatar
      Fix creation of prometheus user and grant permissions · c5500bdf
      Michal Arbet authored 
      Prometheus is creating user and granting permissions
to database from which is gathering metrics. This
process is different when haproxy/proxysql is used.

Proxysql:

  - kolla-ansible should use root_shard_ID user to connect
    to ProxySQL endpoint and it is routed to proper shard.

Haproxy:

  - kolla-ansible should use root user to connect to HAProxy
    endpoint and that's all.

If proxysql is not used, mariadb role will not create user
shard_root_ID user in bootstrap (from my perspective of view
it should), and therefore it will fail when HAProxy is used.

This patch is just fixing user to connect.

Change-Id: Icd07807b2c404eb4d3f398879639b17f1e7949c2
      c5500bdf
  17. Aug 29, 2022
  19. Aug 26, 2022
  21. Aug 22, 2022
  23. Aug 12, 2022
  25. Aug 10, 2022
  27. Aug 09, 2022
  29. Aug 08, 2022
    • Monty Taylor's avatar
      Add clouds.yaml file and use it · 73a1812c
      Monty Taylor authored 
      clouds.yaml[0] is a richer way to express configuration for OpenStack
clouds. It's also fully supported by Ansible's OpenStack modules as
well as python-openstackclient and openstacksdk. It's the future - who
doesn't like the future?

Write a file using both the public (default) and the internal endpoints
for the admin user. Also, change all of the examples to reference it
and to get python-openstackclient to use it too.

[0] https://docs.openstack.org/openstacksdk/latest/user/guides/connect_from_config.html

Implements: blueprint use-clouds-yaml
Change-Id: I557d2e4975c7b3d3c713a556b9ba47af9567ce6e
      73a1812c
  31. Aug 05, 2022
    • Marcin Juszkiewicz's avatar
      loadbalancer: ignore missing keepalived container · f6a1e607
      Marcin Juszkiewicz authored 
      During deployment I got this error:

RUNNING HANDLER [loadbalancer : Stop master haproxy container]
ok: [192.168.66.143]

RUNNING HANDLER [loadbalancer : Stop master proxysql container]
ok: [192.168.66.143]

RUNNING HANDLER [loadbalancer : Stop master keepalived container]
fatal: [192.168.66.143]: FAILED! => changed=false
  msg: 'No such container: keepalived to stop'

Looks like we forgot to allow keepalived to not be present.

Change-Id: I720c719a6a6b35c5c2d5b5ee59b48349e58bac82
      f6a1e607
  33. Aug 03, 2022
  35. Aug 02, 2022
    • Mark Goddard's avatar
      Enable TLS in Bifrost · d6f4ef81
      Mark Goddard authored 
      Bifrost supports enabling TLS for the services it deploys, as well as
generating a self-signed TLS certificate. Let's use it.

Change-Id: I2a60ec780c37895e810cdba65bb485d0986a196d
      d6f4ef81
    • Mark Goddard's avatar
      Persist Bifrost's autogenerated passwords · d95e237f
      Mark Goddard authored 
      By default Bifrost generates passwords for use by services, and stores
them in files in /root/.config/bifrost/ in the container. This directory
is not persistent, so the passwords are lost if the container is
recreated. This is generally not a problem, because recreating the
container is generally done when redeploying Bifrost, and new passwords
will be generated and written to configuration files. However, if you
access the Ironic or Inspector APIs outside of the Bifrost playbooks,
the credentials will have changed.

This change fixes the issue by persisting the credentials directory in a
Docker volume. Note that applying this change will cause existing
credentials to be removed.

Closes-Bug: #1983356

Change-Id: I45a899e228b7634ba86fab5822139252c48a7f07
      d95e237f
  37. Jul 29, 2022
    • Mark Goddard's avatar
      haproxy-config: move firewalld reload handler to haproxy role · 492bc744
      Mark Goddard authored 
      With the handler in the haproxy-config role, it gets triggered once for
every service that changes the firewall config. This happens because the
role is included dynamically. If we move the handler to the haproxy
role, which is only included once, the handler will trigger at most
once.

This is a follow up for Iea3680142711873984efff2b701347b6a56dd355.

Change-Id: Iad9ed241026435085bc9a0f5802818010b47830f
      492bc744
    • Mark Goddard's avatar
      haproxy-config: Drop project_name variable · 54391899
      Mark Goddard authored 
      This variable shadows the name of the actual project that calls this
role, so we end up with the following nonsense:

  TASK [haproxy-config : Copying over haproxy-config haproxy config]

Change-Id: Id60046e0ddc7ec843f2e4ce7ddee7683470a88b2
      54391899
    • Michal Arbet's avatar
      Add proxysql support for database · de973b81
      Michal Arbet authored 
      Kolla environment currently uses haproxy
to fullfill HA in mariadb. This patch
is switching haproxy to proxysql if enabled.

This patch is also replacing mariadb's user
'haproxy' with user 'monitor'. This replacement
has two reasons:
  - Use better name to "monitor" galera claster
    as there are two services using this user
    (HAProxy, ProxySQL)
  - Set password for monitor user as it's
    always better to use password then not use.
    Previous haproxy user didn't use password
    as it was historically not possible with
    haproxy and mariadb-clustercheck wasn't
    implemented.

Depends-On: https://review.opendev.org/c/openstack/kolla/+/769385
Depends-On: https://review.opendev.org/c/openstack/kolla/+/765781
Depends-On: https://review.opendev.org/c/openstack/kolla/+/850656

Change-Id: I0edae33d982c2e3f3b5f34b3d5ad07a431162844
      de973b81
  39. Jul 28, 2022
  41. Jul 27, 2022
  43. Jul 26, 2022
  45. Jul 25, 2022
    • Michal Nasiadka's avatar
      Fix var-spacing · dcf5a8b6
      Michal Nasiadka authored 
      ansible-lint introduced var-spacing - let's fix our code.

Change-Id: I0d8aaf3c522a5a6a5495032f6dbed8a2be0251f0
      dcf5a8b6
  47. Jul 21, 2022