Skip to content
Snippets Groups Projects
Select Git revision
  • deployment default
1 result
Search by author
  • Any Author
  • KANAPA SYLVERE p1919734 KANAPA SYLVERE p1919734 p1919734
1 author
  1. Sep 28, 2021
    • Niklas Hagman's avatar
      Transition Keystone admin user to system scope · 2e933dce
      Niklas Hagman authored 
      A system-scoped token implies the user has authorization to act on the
deployment system. These tokens are useful for interacting with
resources that affect the deployment as a whole, or exposes resources
that may otherwise violate project or domain isolation.

Since Queens, the keystone-manage bootstrap command assigns the admin
role to the admin user with system scope, as well as in the admin
project. This patch transitions the Keystone admin user from
authenticating using project scoped tokens to system scoped tokens.
This is a necessary step towards being able to enable the updated oslo
policies in services that allow finer grained access to system-level
resources and APIs.

An etherpad with discussion about the transition to the new oslo
service policies is:

https://etherpad.opendev.org/p/enabling-system-scope-in-kolla-ansible



Change-Id: Ib631e2211682862296cce9ea179f2661c90fa585
Signed-off-by: default avatarNiklas Hagman <ubuntu@post.blinkiz.com>
      2e933dce
  3. Sep 15, 2021
  5. Sep 10, 2021
  7. Sep 09, 2021
  9. Sep 08, 2021
  11. Sep 07, 2021
  13. Sep 03, 2021
    • Radosław Piliszek's avatar
      Bump libvirtd memlock ulimit · 11d7233c
      Radosław Piliszek authored 
      This is required for libvirtd with cgroupsv2 (Debian Bullseye and
soon others).
Otherwise, device attachments simply fail.
The warning message suggests filtering will be disabled but it
actually just fails the action entirely.

Change-Id: Id1fbd49a31a6e6e51b667f646278b93897c05b21
Closes-Bug: #1941940
      11d7233c
    • Zuul's avatar
      Merge "reno: follow up" · b16e676b
      Zuul authored
      b16e676b
  15. Sep 02, 2021
  17. Aug 30, 2021
  19. Aug 28, 2021
  21. Aug 27, 2021
  23. Aug 25, 2021
  25. Aug 24, 2021
  27. Aug 23, 2021
  29. Aug 21, 2021
  31. Aug 20, 2021
  33. Aug 19, 2021
    • Michal Arbet's avatar
      Rename role haproxy to loadbalancer · ffd53512
      Michal Arbet authored 
      For now role haproxy is maintaining haproxy
and keepalived. In follow-up changes there is also
proxysql added.

This patch is *only* renaming/moving stuff to more
prominent role loadbalancer, and moving also specific
templates to subdirectory.

This was done only to better diff in follow-up
changes.

Change-Id: I1d39d5bcaefc4016983bf267a2736b742cc3a555
      ffd53512
    • Radosław Piliszek's avatar
      Add ability to retry image pulling · cbb567cb
      Radosław Piliszek authored 
      Sometimes, the registries may intermittently fail to deliver the
images. This is often seen in the CI, though it also happens with
production deployments, even those with internal registries and/or
registry mirrors - due to sheer load when trying to pull the
images from many hosts.

This patchs adds two new vars to control retry behaviour.
The default has been set to make users happier by default. :-)

Change-Id: I81ad7d8642654f8474f11084c6934aab40243d35
      cbb567cb
    • Zuul's avatar
      Merge "Use more RMQ flags for less busy wait" · a98076f1
      Zuul authored
      a98076f1
    • Radosław Piliszek's avatar
      Remove an unused file · 16a4a9e5
      Radosław Piliszek authored 
      It seems to have been mistakenly introduced by
de00bf49
"Simplify handler conditionals"

Change-Id: I65b6e322fa11a870f32099bbfd62150cbea4feb5
      16a4a9e5