Skip to content
Snippets Groups Projects
Select Git revision
  • deployment default
1 result
Search by author
  • Any Author
  • KANAPA SYLVERE p1919734 KANAPA SYLVERE p1919734 p1919734
1 author
  1. Sep 30, 2021
  3. Sep 28, 2021
    • Niklas Hagman's avatar
      Transition Keystone admin user to system scope · 2e933dce
      Niklas Hagman authored 
      A system-scoped token implies the user has authorization to act on the
deployment system. These tokens are useful for interacting with
resources that affect the deployment as a whole, or exposes resources
that may otherwise violate project or domain isolation.

Since Queens, the keystone-manage bootstrap command assigns the admin
role to the admin user with system scope, as well as in the admin
project. This patch transitions the Keystone admin user from
authenticating using project scoped tokens to system scoped tokens.
This is a necessary step towards being able to enable the updated oslo
policies in services that allow finer grained access to system-level
resources and APIs.

An etherpad with discussion about the transition to the new oslo
service policies is:

https://etherpad.opendev.org/p/enabling-system-scope-in-kolla-ansible



Change-Id: Ib631e2211682862296cce9ea179f2661c90fa585
Signed-off-by: default avatarNiklas Hagman <ubuntu@post.blinkiz.com>
      2e933dce
    • Zuul's avatar
      Merge "Add way to change weight of haproxy backend per service" · 56938253
      Zuul authored
      56938253
  5. Sep 27, 2021
  7. Sep 26, 2021
    • Michal Arbet's avatar
      Add way to change weight of haproxy backend per service · 7c2b4bea
      Michal Arbet authored 
      This patch adding option to control weight of haproxy
backends per service via host variable.

Example:

[control]
server1 haproxy_nova_api_weight=10
server2 haproxy_nova_api_weight=2 haproxy_keystone_internal_weight=10
server3 haproxy_keystone_admin_weight=50

If weight is not defined, everything is working as before.

Change-Id: Ie8cc228198651c57f8ffe3eb060875e45d1f0700
      7c2b4bea
  9. Sep 24, 2021
  11. Sep 23, 2021
  13. Sep 21, 2021
    • Michal Arbet's avatar
      Add check and diff options to kolla-ansible · 0e720b38
      Michal Arbet authored 
      This patch is adding --check and --diff options
to kolla-ansible, which cause that kolla-ansible
run will be more verbose and able to run in
semi dry-run mode.

The --diff option for kolla-ansible can be used alone or
with --check. When you run in diff mode, any module that
supports diff mode reports the changes made or, if used
with --check, the changes that would have been made.
Diff mode is most common in modules that manipulate files
(for example, the template module) but other modules might
also show ‘before and after’ information
(for example, the user module).

For more information check [1].

[1] https://docs.ansible.com/ansible/latest/user_guide/playbooks_checkmode.html#using-diff-mode

Change-Id: Ifb82ea99e5af82540e938eab9e2a442b2820d7df
      0e720b38
    • Mark Goddard's avatar
      Use mariadb_tag as default for all mariadb tags · 6dc8b563
      Mark Goddard authored 
      This allows one variable to specify the tag for all MariaDB images.

Change-Id: I164cdd41787f8bd52d8e08cb380d42625a8bbd84
TrivialFix
      6dc8b563
  15. Sep 20, 2021
  17. Sep 16, 2021
  19. Sep 15, 2021
  21. Sep 13, 2021
  23. Sep 10, 2021
  25. Sep 09, 2021
  27. Sep 08, 2021
  29. Sep 07, 2021
  31. Sep 03, 2021
    • Radosław Piliszek's avatar
      Bump libvirtd memlock ulimit · 11d7233c
      Radosław Piliszek authored 
      This is required for libvirtd with cgroupsv2 (Debian Bullseye and
soon others).
Otherwise, device attachments simply fail.
The warning message suggests filtering will be disabled but it
actually just fails the action entirely.

Change-Id: Id1fbd49a31a6e6e51b667f646278b93897c05b21
Closes-Bug: #1941940
      11d7233c
    • Zuul's avatar
      Merge "reno: follow up" · b16e676b
      Zuul authored
      b16e676b
  33. Sep 02, 2021