- Sep 30, 2021
-
-
Mark Goddard authored
* Register Swift-compatible endpoints in Keystone * Load balance across RadosGW API servers using HAProxy The support is exercised in the cephadm CI jobs, but since RGW is not currently enabled via cephadm, it is not yet tested. https://docs.ceph.com/en/latest/radosgw/keystone/ Implements: blueprint ceph-rgw Change-Id: I891c3ed4ed93512607afe65a42dd99596fd4dbf9
-
Zuul authored
-
- Sep 28, 2021
-
-
Niklas Hagman authored
A system-scoped token implies the user has authorization to act on the deployment system. These tokens are useful for interacting with resources that affect the deployment as a whole, or exposes resources that may otherwise violate project or domain isolation. Since Queens, the keystone-manage bootstrap command assigns the admin role to the admin user with system scope, as well as in the admin project. This patch transitions the Keystone admin user from authenticating using project scoped tokens to system scoped tokens. This is a necessary step towards being able to enable the updated oslo policies in services that allow finer grained access to system-level resources and APIs. An etherpad with discussion about the transition to the new oslo service policies is: https://etherpad.opendev.org/p/enabling-system-scope-in-kolla-ansible Change-Id: Ib631e2211682862296cce9ea179f2661c90fa585 Signed-off-by:
Niklas Hagman <ubuntu@post.blinkiz.com>
-
Zuul authored
-
- Sep 27, 2021
- Sep 26, 2021
-
-
Michal Arbet authored
This patch adding option to control weight of haproxy backends per service via host variable. Example: [control] server1 haproxy_nova_api_weight=10 server2 haproxy_nova_api_weight=2 haproxy_keystone_internal_weight=10 server3 haproxy_keystone_admin_weight=50 If weight is not defined, everything is working as before. Change-Id: Ie8cc228198651c57f8ffe3eb060875e45d1f0700
-
- Sep 24, 2021
- Sep 23, 2021
-
-
Zuul authored
-
Michał Nasiadka authored
This change bumps up max supported Ansible version to 4.x (ansible-core 2.11.x) and minimum to 2.10. Change-Id: I8b9212934dfab3831986e8db55671baee32f4bbd
-
- Sep 21, 2021
-
-
Michal Arbet authored
This patch is adding --check and --diff options to kolla-ansible, which cause that kolla-ansible run will be more verbose and able to run in semi dry-run mode. The --diff option for kolla-ansible can be used alone or with --check. When you run in diff mode, any module that supports diff mode reports the changes made or, if used with --check, the changes that would have been made. Diff mode is most common in modules that manipulate files (for example, the template module) but other modules might also show ‘before and after’ information (for example, the user module). For more information check [1]. [1] https://docs.ansible.com/ansible/latest/user_guide/playbooks_checkmode.html#using-diff-mode Change-Id: Ifb82ea99e5af82540e938eab9e2a442b2820d7df
-
Mark Goddard authored
This allows one variable to specify the tag for all MariaDB images. Change-Id: I164cdd41787f8bd52d8e08cb380d42625a8bbd84 TrivialFix
-
- Sep 20, 2021
- Sep 16, 2021
-
-
Michal Arbet authored
Haproxy was renamed in [1]. [1] https://review.opendev.org/c/openstack/kolla-ansible/+/770618 Change-Id: Ib2d7f0774fede570a8c4c315d83afd420c31da0b
-
- Sep 15, 2021
-
-
Zuul authored
-
- Sep 13, 2021
-
-
Bernd Mueller authored
Signed-off-by:
Bernd Mueller <mueller@b1-systems.de> Change-Id: Idb8a82acbd8193fd3fe71c080a1c57e8614d89ec
-
- Sep 10, 2021
-
-
Pierre Riteau authored
When running kolla-ansible upgrade with a host limit that does not include controllers, the neutron upgrade fails. Change-Id: I7125a6ef1f180db6997026ff27e84feb04ee239d Closes-Bug: #1939691
-
Radosław Piliszek authored
Continuing fixing CI after [1], this patch fixes the other branch that [2] has not previously included. [1] https://review.opendev.org/c/openstack/kolla-ansible/+/805449 [2] 02e07a08 Change-Id: I44014a93b92b5a8782e34cf394881dec74cdeea1
-
Michał Nasiadka authored
As a result of https://review.opendev.org/c/openstack/kolla-ansible/+/805449 CI is failing, because we don't have a TLS certificate on our registry. This workaround will get our CI to be green while a proper patch (TLS certs for registry) can be worked out. Change-Id: Ia45c8a764a1f87d1c44717c4da3b9a3f94cdc967
-
- Sep 09, 2021
- Sep 08, 2021
-
-
Zuul authored
-
- Sep 07, 2021
-
-
Hongbin Lu authored
Related-Bug: #1941982 Change-Id: I0e03db1177931ee6d17b21f614573575c3493eef
-
Michał Nasiadka authored
Currently only operations done with default kolla_toolbox user are logged to /var/log/kolla/ansible.log. In order to fix logging, permissions to ansible.log must allow writing for other users in kolla group - and then a separate patch will follow to make custom ansible.cfg file usable by other toolbox users. Partial-Bug: #1942846 Change-Id: I1be60ac7647b1a838e97f05f15ba5f0e39e8ae3c
-
Zuul authored
-
Zuul authored
-
- Sep 03, 2021
-
-
Radosław Piliszek authored
This is required for libvirtd with cgroupsv2 (Debian Bullseye and soon others). Otherwise, device attachments simply fail. The warning message suggests filtering will be disabled but it actually just fails the action entirely. Change-Id: Id1fbd49a31a6e6e51b667f646278b93897c05b21 Closes-Bug: #1941940
-
Zuul authored
-
- Sep 02, 2021
-
-
Zuul authored
-
Piotr Parczewski authored
corrected nits from: https://review.opendev.org/c/openstack/kolla-ansible/+/800068 https://review.opendev.org/c/openstack/kolla-ansible/+/803644 Change-Id: Ia30afd795067a36b132a8c75c72dd7c65d624a83
-