This change enables the use of Docker healthchecks for ironic-neutron-agent services.

Change-Id: I80f8319b2cf2e4ae09904a08532cde5ec0385fa3
Implements: blueprint container-health-check

Changes to Neutron can also affect Ironic.
Nova was already triggering these jobs.

Change-Id: I58d5f3d8e3512ee69a4d08438f4fd91ca15158b8

Barbican has recently bumped max_allowed_secret_in_bytes from 10 KB to
20 KB since the original value was too small for some certificates [1].
Remove custom value from the barbican.conf template, which anyway was
the same as the default configuration before the recent upstream change.

The upstream change was backported to Wallaby and has been proposed to
Victoria, Ussuri and Train [2], so this change should be backported too.

[1] https://review.opendev.org/c/openstack/barbican/+/783381
[2] https://review.opendev.org/q/I59d11c5c9c32128ab9d71eaecdf46dd2d789a8d1

Change-Id: I83e4cb48192c8024650a8d347363f6babb75ad90
Closes-Bug: #1957795

They seem to think ping is too dangerous for normal users.

Co-Authored-By: Pierre Riteau <pierre@stackhpc.com>
Signed-off-by: Dr. Jens Harbott <harbott@osism.tech>
Depends-On: https://review.opendev.org/c/openstack/kolla-ansible/+/824903
Change-Id: I30c2a7b6850350901b15fe196175508634c8e9a5

CentOS Stream 8 currently has a bug which makes it require root
privileges for ping.
A workaround patch (see needed-by below) has been proposed, yet
the dependency on previous branches via the upgrade jobs make it
fail the CI.
Thus, this patch temporarily disables those jobs on CentOS Stream 8.
This patch is to be reverted once we patch the affected branches.

Needed-By: https://review.opendev.org/c/openstack/kolla-ansible/+/824681
Change-Id: I827ed30d0247f21478a45d96ae8396ec0e778d3b

Access to console of any zun container fails when
kolla_enable_tls_external is true.
This is due to the protocol of the base_url of the websocket_proxy
section in zun.conf is hardcoded to 'ws'.
[base_url = ws://<external_fqdn>:<port>]

This fix adds a new variable zun_wsproxy_protocol
and sets it's value to 'wss' when kolla_enable_tls_external is true
or to 'ws' otherwise

Then the base url's protocol of the websocket_proxy section
in zun.conf is set by zun_wsproxy_protocol
[base_url = "{{ zun_wsproxy_protocol }}://<external_fqdn>:<port>"]

Closes-Bug: 1957117
Change-Id: Ibd9ca6e40ee8c265775b0657d318aa3f82e4cccb

To catch early issues like [1].

[1] https://bugs.launchpad.net/cinder/+bug/1947518

Change-Id: I8091817939b976fbd5e44a9640b573cc112a0525

Change-Id: I547ab4b05aa14ed3bbee8be2dc77a6840d4816f6

Move new variables added in I4d694d6224c813285d228d6bc7eece5731db1078 to
role defaults.

Change-Id: Ie09a2dbae2701cb18fd1eb5bfab76e82f9920fb3

Closes-Bug: #1954723
Change-Id: I6ffc8caae1aef757d37c629fbc05bb129f80147b

Some ID provider configurations do not require a certificate file.
Change the logic to allow this, and update documentation accordingly.

Change-Id: I2c34a6b5894402bbebeb3fb96768789bc3c7fe84

rabbitmq starting from 3.8.0, built-in Prometheus support,
prometheus plugins are enabled by default, when the environment is
"enable_prometheus is no", rabbitmq role will disable prometheus plugins

Closes-Bug: #1885106

Change-Id: I4d694d6224c813285d228d6bc7eece5731db1078

Moved the DockerWorker class from module file into its separate file
in module_utils directory for future extension.
Unit tests changed accordingly.

Signed-off-by: Ivan Halomi <ivan.halomi@tietoevry.com>
Co-authored-by: Martin Hiner <martin.hiner@tietoevry.com>
Change-Id: Ia2a471a9a2805e13b2c20dbf8a7297c23231aae3

It is required for infra cleanup.

[1] http://lists.openstack.org/pipermail/openstack-discuss/2021-December/026408.html

Change-Id: I6479e84b57bb988e7196f781644bb8f62b1f0406

We are not using it anywhere (metadata agents are using internal network),
so let's disable it by default.

Change-Id: If06db5030b0f09e20ef506c3b3ab39c3573b5f3d

Kolla has removed the Volume V2 API by default since OpenStack Wallaby.
However, openstack-exporter attempts to use the Volume V2 API by
default, resulting in clean installs failing to fetch Cinder metrics
in Prometheus.

This patch updates the clouds.yml configuration file for
openstack-exporter to use the Volume V3 API instead.

Closes-Bug: #1938194
Change-Id: Ifbb601be3ef1a1e853d5a7e832adf556c0ae38b9

Change-Id: I5d484ba10c8d2a924801d5f8223845e28023c345

glance_api_version and os_region_name are removed from cinder.
see: https://docs.openstack.org/cinder/xena/configuration/block-storage/samples/cinder.conf.html

Closes-Bug: #1830997
Change-Id: I751bfe64d47935f183ff2ca891ec56f61e618009

Change-Id: I2e6b6ecd3717ff0811b47892aad406376c89a18c