- Nov 05, 2024
-
-
Matt Crees authored
Multiple parameters in the URL should be prefixed with an ampersand. Closes-Bug: #2085908 Change-Id: Ia9e43f7043c0757e11e1924c3df9fe16c037d484 (cherry picked from commit d808d716)
-
- Oct 25, 2024
-
-
Michal Nasiadka authored
Change-Id: I33a3ec11b0cdef94b08cd7551008284755824cb7
-
Michal Nasiadka authored
It has been removed in I23867aa98f68298beb5db4558c66c1ffd4e7d6f1 Change-Id: I12d287b9f7f1e5ddf754b7f2ca1dee39778e710e
-
- Sep 20, 2024
-
-
Piotr Milewski authored
Closes-Bug: #2081149 Change-Id: I9969492571e5e9864d4acb95b1af172264cfbd66
-
- Aug 20, 2024
-
-
Simon Dodsley authored
From OpenStack 2023.2 (Bobcat) the Pure Storage Cinder driver supports NVMe-TCP as a dataplane protocol. This patch adds support for this new driver type. Change-Id: I3c0ad7652a03388ab2eafa173c644a55b0405cc6
-
- Aug 12, 2024
-
-
Roman Krček authored
For possible config options see docs https://docs.openstack.org/keystonemiddleware/latest/middlewarearchitecture.html#memcache-protection Closes-bug: #1850733 Signed-off-by:
Roman Krček <roman.krcek@tietoevry.com> Change-Id: I169e27899f7350f5eb8adb1f81a062c51e6cbdfc
-
- Feb 21, 2024
-
-
Maksim Malchuk authored
Closes-Bug: #2051986 Depends-On: https://review.opendev.org/c/openstack/cinder/+/907494 Change-Id: I6a17e689d62ab467b7dcc2650e7f63813ce84a12 Signed-off-by:
Maksim Malchuk <maksim.malchuk@gmail.com>
-
- Feb 15, 2024
-
-
Michal Nasiadka authored
In order to do this - we need to add service role to Nova and Cinder. Closes-Bug: #2049762 Change-Id: Ic121bf9f90c9865cd4d08890c80247570ef310ae
-
- Nov 30, 2023
-
-
Sven Kieske authored
This implements a global toggle `om_enable_rabbitmq_quorum_queues` to enable quorum queues for each service in RabbitMQ, similar to what was done for HA[0]. Quorum Queues are enabled by default. Quorum queues are more reliable, safer, simpler and faster than replicated mirrored classic queues[1]. Mirrored classic queues are deprecated and scheduled for removal in RabbitMQ 4.0[2]. Notice, that we do not need a new policy in the RabbitMQ definitions template, because their usage is enabled on the client side and can't be set using a policy[3]. Notice also, that quorum queues are not yet enabled in oslo.messaging for the usage of reply_ and fanout_ queues (transient queues). This will change once[4] is merged. [0]: https://review.opendev.org/c/openstack/kolla-ansible/+/867771 [1]: https://www.rabbitmq.com/quorum-queues.html [2]: https://blog.rabbitmq.com/posts/2021/08/4.0-deprecation-announcements/ [3]: https://www.rabbitmq.com/quorum-queues.html#declaring [4]: https://review.opendev.org/c/openstack/oslo.messaging/+/888479 Signed-off-by:
Sven Kieske <kieske@osism.tech> Change-Id: I6c033d460a5c9b93c346e9e47e93b159d3c27830
-
- Nov 29, 2023
-
-
Jan Gutter authored
* Updates etcd to v3.4 * Updated the config to use v3.4's logging mechanism * Deprecated etcd CA parameters aren't used, so we are not affected by their removal. * Note that we are not currently guarding against skip-version updates for etcd. Notable non-voting jobs exercising some of this: * kolla-ansible-ubuntu-upgrade-cephadm (cinder->tooz->etcd3gw->etcd) * kolla-ansible-ubuntu-zun (see https://review.opendev.org/c/openstack/openstack-ansible/+/883194 ) Depends-On: https://review.opendev.org/c/openstack/kolla/+/890464 Change-Id: I086e7bbc7db64421445731a533265e7056fbdb43
-
- Oct 25, 2023
-
-
Sergei Raiskii authored
Kolla Ansible should deploy Glance and Cinder Backup with S3 backend support working out-of-the-box. The S3 backend had been re-introduced in Ussuri after being deprecated around the Mitaka timeframe, and having some local object storage options is nice for testing.. Closes-Bug: #1977515 Change-Id: I4ca58382d1ee568bfca2ad108495422163f81260 Co-authored-by:
Juan Pablo Suazo <jsuazo@whitestack.com> Co-authored-by:
Maksim Malchuk <maksim.malchuk@gmail.com>
-
- Jun 14, 2023
-
-
Michal Arbet authored
This patch is adding a feature for an option to copy different ceph configuration files and corresponding keyrings for cinder, glance, manila, gnocchi and nova services. This is especially useful when the deployment uses availability zones as below example. - Individual compute can read/write to individual ceph cluster in same AZ. - Cinder can write to several ceph clusters in several AZs. - Glance can use multistore and upload images to several ceph clusters in several AZs at once. Change-Id: Ie4d8ab5a3df748137835cae1c943b9180cd10eb1
-
- May 16, 2023
-
-
Sean Mooney authored
As of I3629b84d3255a8fe9d8a7cea8c6131d7c40899e8 nova now requires the service_user section to be configured to address CVE-2023-2088. This change adds the service user section to the nova.conf template in the nova and nova-cell roles. Related-Bug: #2004555 Signed-off-by:
Sven Kieske <kieske@osism.tech> Change-Id: I2189dafca070accfd8efcd4b8cc4221c6decdc9f (cherry picked from commit a77ea13ef1991543df29b7eea14b1f91ef26f858) (cherry picked from commit 03c12abbcc107bfec451f4558bc97d14facae01c) (cherry picked from commit cb105dc293ff1cdb11ab63fa3e3bf39fd17e0ee0) (cherry picked from commit efe6650d09441b02cf93738a94a59723d84c5b19)
-
- Mar 02, 2023
-
-
Matthew N Heler authored
deployments This allows services to work with etcd when coordination is enabled for TLS internal deployments. Without this fix, we fail to connect to etcd with the coordination backend and the service itself crashes. Change-Id: I0c1d6b87e663e48c15a846a2774b0a4531a3ca68
-
- Feb 14, 2023
-
-
Will Szumski authored
Hardcoding the first etcd host creates a single point of failure. Change-Id: I0f83030fcd84ddcdc4bf2226e76605c7cab84cbb
-
- Jan 13, 2023
-
-
Matt Crees authored
A combination of durable queues and classic queue mirroring can be used to provide high availability of RabbitMQ. However, these options should only be used together, otherwise the system will become unstable. Using the flag ``om_enable_rabbitmq_high_availability`` will either enable both options at once, or neither of them. There are some queues that should not be mirrored: * ``reply`` queues (these have a single consumer and TTL policy) * ``fanout`` queues (these have a TTL policy) * ``amq`` queues (these are auto-delete queues, with a single consumer) An exclusionary pattern is used in the classic mirroring policy. This pattern is ``^(?!(amq\\.)|(.*_fanout_)|(reply_)).*`` Change-Id: I51c8023b260eb40b2eaa91bd276b46890c215c25
-
- Jan 05, 2023
-
-
Matt Crees authored
The ``[oslo_messaging_rabbit] heartbeat_in_pthread`` config option is set to ``true`` for wsgi applications to allow the RabbitMQ heartbeats to function. For non-wsgi applications it is set to ``false`` as it may otherwise break the service [1]. [1] https://docs.openstack.org/releasenotes/oslo.messaging/zed.html#upgrade-notes Change-Id: Id89bd6158aff42d59040674308a8672c358ccb3c
-
- Nov 07, 2022
-
-
Simon Dodsley authored
From OpenStack Zed the Pure Storage Cinder driver supports NVMe-RoCE as a dataplane protocol. This patch adds support for this new driver type. Also amend a couple of documentation formatting typos. Change-Id: Ic1eed7d19e9b583e22419625c92ac3507ea4614d
-
- Oct 07, 2022
-
-
Radosław Piliszek authored
By resetting image_upload_use_cinder_backend to upstream default. When uploading volume to glance image, cinder looks at the backend's image_upload_use_cinder_backend config knob to decide whether to try link the glance image to a cloned volume made by cinder, i.e. by doing all work locally and only updating glance's locations for the image (when the knob is set to True). However, after all [1], [2] and [3], which happens since Victoria, this option requires further config from user (using volume type with image_service:store_id property (aka extra spec) set to the desired glance store (even if there is only one cinder store configured). Please read the bug report as to why the option removal is the best option (TL;DR it is the most compatible approach). [1] https://review.opendev.org/c/openstack/kolla-ansible/+/708114 [2] https://review.opendev.org/c/openstack/glance_store/+/746556 [3] https://review.opendev.org/c/openstack/cinder/+/661676 Closes-Bug: #1991516 Change-Id: Ife87ee0241d907a0c407eb21811a354ed1734408
-
- Oct 03, 2022
-
-
Radosław Piliszek authored
These are upstream defaults, no need to carry them around. TrivialFix Change-Id: I2907d5f38c6a74776961bd473553edf2d83f7257
-
- Aug 17, 2022
-
-
Will Szumski authored
This allows you to use a more descriptive name if you desire. For example, when using cinder with multiple ceph backends, rbd-1, doesn't convey much information. You could include location, disk technology, etc. in the name. Change-Id: Icfdc2e5726fec8b645d6c2c63391a13c31f2ce9a
-
- Jul 27, 2022
-
-
Michal Nasiadka authored
This reverts commit 73fc230f. Reason for revert: CI jobs failing with "msg": "{{ s3_url }}: 's3_url' is undefined" Change-Id: Iba7099988cea0c0d8254b9e202309cd9c82a984d
-
- Jul 21, 2022
-
-
Sergei Raiskii authored
Added options to configure S3 cinder backup driver, so cinder backup can use S3 storage, for safekeeping backups. Change-Id: Id6ff6206714581555baacecebfb6d8dd53bed8ac
-
- Jun 09, 2022
-
-
Will Szumski authored
Fixes an issue where access rules failed to validate: Cannot validate request with restricted access rules. Set service_type in [keystone_authtoken] to allow access rule validation I've used the values from the endpoint. This was mostly a straight forward copy and paste, except: - versioned endpoints e.g cinderv3 where I stripped the version - monasca has multiple endpoints associated with a single service. For this, I concatenated logging and monitoring to be logging-monitoring. Closes-Bug: #1965111 Change-Id: Ic4b3ab60abad8c3dd96cd4923a67f2a8f9d195d7
-
- Jun 02, 2022
-
-
Michal Arbet authored
This patch is removing api related configuration from service's config files as we are using apache mod_wsgi and this configuration is not used. Change-Id: I69a1542a6f24214fbf6e703782aefb566de4fb26
-
- May 28, 2022
-
-
Radosław Piliszek authored
Following up on [1]. The 3 variables are only introducing noise after we removed the reliance on Keystone's admin port. [1] I5099b08953789b280c915a6b7a22bdd4e3404076 Change-Id: I3f9dab93042799eda9174257e604fd1844684c1c
-
- May 13, 2022
-
-
Simon Dodsley authored
Add an enable_cinder_backend_pure_iscsi and enable_cinder_backend_pure_fc options to etc/kolla/globals.yml to enable use of the FlashArray backend. Update the documentation to include a section on configuring Cinder with the FlashArray. Implements: blueprint pure-cinder-driver Change-Id: I464733f1322237321ed1ffff8636cf30bd1cbb38
-
- Feb 18, 2022
-
-
alecorps authored
An FCD, also known as an Improved Virtual Disk (IVD) or Managed Virtual Disk, is a named virtual disk independent of a virtual machine. Using FCDs for Cinder volumes eliminates the need for shadow virtual machines. This patch adds Kolla support. Change-Id: Ic0b66269e6d32762e786c95cf6da78cb201d2765
-
- Jan 04, 2022
-
-
wu.chunyang authored
glance_api_version and os_region_name are removed from cinder. see: https://docs.openstack.org/cinder/xena/configuration/block-storage/samples/cinder.conf.html Closes-Bug: #1830997 Change-Id: I751bfe64d47935f183ff2ca891ec56f61e618009
-
- Jun 22, 2021
-
-
Michal Arbet authored
Closes-Bug: #1933025 Change-Id: Ib67d715ddfa986a5b70a55fdda39e6d0e3333162
-
- Jun 21, 2021
-
-
Radosław Piliszek authored
Following upstream which removed ZFSSA support in Ussuri [1]. [1] https://review.opendev.org/c/openstack/cinder/+/690137 Change-Id: Idb311e18b437fba696759ecb1cf2a6b4803aa5c5
-
- Feb 24, 2021
-
-
Doug Szumski authored
The Cinder API log is currently written to a file called cinder-wsgi.log, and the WSGI logs to cinder-api.log. Fluentd then tries to parse the WSGI log as an OpenStack log which results in 'got incomplete line' errors and prevents proper ingestion of these logs. Co-Authored-By:
yaoning <yaoning@unitedstack.com> Closes-Bug: 1916752 Change-Id: I3296dcc4780160cbf88bd18285571276f58bb249
-
- Sep 22, 2020
-
-
Pierre Riteau authored
When the internal VIP is moved in the event of a failure of the active controller, OpenStack services can become unresponsive as they try to talk with MariaDB using connections from the SQLAlchemy pool. It has been argued that OpenStack doesn't really need to use connection pooling with MariaDB [1]. This commit reduces the use of connection pooling via two configuration options: - max_pool_size is set to 1 to allow only a single connection in the pool (it is not possible to disable connection pooling entirely via oslo.db, and max_pool_size = 0 means unlimited pool size) - lower connection_recycle_time from the default of one hour to 10 seconds, which means the single connection in the pool will be recreated regularly These settings have shown better reactivity of the system in the event of a failover. [1] http://lists.openstack.org/pipermail/openstack-dev/2015-April/061808.html Change-Id: Ib6a62d4428db9b95569314084090472870417f3d Closes-Bug: #1896635
-
- Sep 17, 2020
-
-
Mark Goddard authored
This change adds support for encryption of communication between OpenStack services and RabbitMQ. Server certificates are supported, but currently client certificates are not. The kolla-ansible certificates command has been updated to support generating certificates for RabbitMQ for development and testing. RabbitMQ TLS is enabled in the all-in-one source CI jobs, or when The Zuul 'tls_enabled' variable is true. Change-Id: I4f1d04150fb2b5af085b762890092f87ae6076b5 Implements: blueprint message-queue-ssl-support
-
- Aug 19, 2020
-
-
Rafael Weingärtner authored
The goal for this push request is to normalize the construction and use of internal, external, and admin URLs. While extending Kolla-ansible to enable a more flexible method to manage external URLs, we noticed that the same URL was constructed multiple times in different parts of the code. This can make it difficult for people that want to work with these URLs and create inconsistencies in a large code base with time. Therefore, we are proposing here the use of "single Kolla-ansible variable" per endpoint URL, which facilitates for people that are interested in overriding/extending these URLs. As an example, we extended Kolla-ansible to facilitate the "override" of public (external) URLs with the following standard "<component/serviceName>.<companyBaseUrl>". Therefore, the "NAT/redirect" in the SSL termination system (HAproxy, HTTPD or some other) is done via the service name, and not by the port. This allows operators to easily and automatically create more friendly URL names. To develop this feature, we first applied this patch that we are sending now to the community. We did that to reduce the surface of changes in Kolla-ansible. Another example is the integration of Kolla-ansible and Consul, which we also implemented internally, and also requires URLs changes. Therefore, this PR is essential to reduce code duplicity, and to facility users/developers to work/customize the services URLs. Change-Id: I73d483e01476e779a5155b2e18dd5ea25f514e93 Signed-off-by:
Rafael Weingärtner <rafael@apache.org>
-
- Jul 09, 2020
-
-
ramboman authored
The Castellan (Barbican client) has different parameters to control the used CA file. This patch uses them. Moreover, this aligns Barbican with other services by defaulting its client config to the internal endpoint. See also [1]. [1] https://bugs.launchpad.net/castellan/+bug/1876102 Closes-Bug: #1886615 Change-Id: I6a174468bd91d214c08477b93c88032a45c137be
-
- Jun 27, 2020
-
-
James Kirsch authored
The etcd service protocol is currently configured with internal_protocol. The etcd service is not load balanced by a HAProxy container, so there is no proxy layer to do TLS termination when internal_protocol is configured to be "https". Until the etcd service is configured to deploy with native TLS termination, the etcd uses should be independent of internal_protocol, and "http" by default. Change-Id: I730c02331514244e44004aa06e9399c01264c65d Closes-Bug: 1884137
-
- Jun 11, 2020
-
-
Michal Arbet authored
When installing kolla with external ceph, ceph_cinder_user var has to be set per documentation instead of ceph_cinder_volume_user. This value is also rendered in example etc/kolla/globals.yml file. This patch is fixing this bug or, let's say typo. Change-Id: Id82b07867f4bc0e5d5e56363f0122014df6892bc
-
- Apr 03, 2020
-
-
Mark Goddard authored
The use of default(omit) is for module parameters, not templates. We define a default value for openstack_cacert, so it should never be undefined anyway. Change-Id: Idfa73097ca168c76559dc4f3aa8bb30b7113ab28
-
- Mar 26, 2020
-
-
Jeffrey Zhang authored
Change-Id: I9395ae32378f4ff1fd57be78d7daec7745579e04 Closes-Bug: #1869133
-