- Sep 30, 2024
-
-
Michal Arbet authored
This patch adds ansible-core as a dependency to requirements.txt since there is really no reason not to have it in the requirements.txt, given that kolla-ansible project even has ansible in its name and ansible-core is a crucial dependency. Change-Id: I4d01b7eb944c4edf6a440f2b775221986509f7eb
-
- Sep 27, 2024
- Sep 26, 2024
-
-
Michal Arbet authored
Kolla-ansible itself requires ansible-core>=2.16,<2.18, but ansible-core in this version no longer supports python38 and python39 as per [1]. So let's just drop this old python support. [1] https://github.com/ansible/ansible/blob/v2.16.11/setup.cfg Change-Id: Ic8aaa57f75479a17c215c27ac5e6df0f18c74edc
-
- Sep 24, 2024
- Sep 23, 2024
-
-
Michal Arbet authored
This update enhances the monitoring of the databasecluster in ProxySQL. The default monitoring intervals were insufficient for reliably detecting failures in the Galera cluster environment. A detailed configuration for monitoring intervals has been introduced, providing better control over how quickly and accurately ProxySQL can identify issues. - Variables such as `mariadb_monitor_connect_interval`, `mariadb_monitor_galera_healthcheck_interval, and `mariadb_monitor_ping_interval` significantly reduce the time between connection checks. - Timeouts like `mariadb_monitor_galera_healthcheck_timeout` and `mariadb_monitor_ping_timeout` allow faster failure detection, while `mariadb_monitor_galera_healthcheck_max_timeout_count` sets the maximum number of allowed timeouts before marking a node as down. Calculation: - Galera healthcheck: 4 seconds (interval) + 1 second (timeout) + 4 seconds (interval) + 1 second (timeout) = 10 seconds. - Ping healthcheck: 3 seconds (interval) + 2 seconds (timeout) + 3 seconds (interval) + 2 seconds (timeout) = 10 seconds. Both the health check and ping check mechanisms will detect a node failure within a maximum of 10 seconds. Both processes (health check and ping) operate independently, and failure in either mechanism will mark the node as failed. Health Check Failure Detection: Up to 10 seconds. Ping Failure Detection: Up to 10 seconds. Connect Attempts: ProxySQL also tries to connect every 2 seconds, which helps monitor connectivity. These changes ensure that ProxySQL can detect issues in 10 seconds as haproxy, significantly reducing downtime compared to default settings. This adjustment enables faster and more reliable monitoring, improving system stability and reducing potential downtime in production environments. Change-Id: Ic28801519cdb35ed2387a1468b9df661847a5476
-
Michal Arbet authored
The ProxySQL startup script was incorrectly using the `--reload` flag, which only reloads/merges the configuration without initializing the database from the config file [1]. This change corrects it to use the `--initial` flag, ensuring that the database is always reloaded from the configuration at startup. [1] https://proxysql.com/documentation/configuring-proxysql/#initialstartup Change-Id: I9cc721555a6d19409b6ac24432b6b34a83efc42c
-
Zuul authored
-
- Sep 20, 2024
-
-
Michal Arbet authored
This patch resolves an issue where ProxySQL could not bind due to incorrectly formatted IPv6 addresses in the `mysql_ifaces` configuration. The kolla's `put_address_in_context` filter is now used, ensuring the addresses are properly enclosed in square brackets for correct binding. Closes-Bug: #2081106 Change-Id: Ic166b8d9a500023c8d23ec9fee03b28b268b26e7
-
- Sep 19, 2024
-
-
Michal Arbet authored
This patch adds missing ironic_database_shard_id which is used by proxysql-config role to generate proxysql configuration. Change-Id: I11ddfe73c79cc59a97d119091c8b9a3f5eda001d
-
Zuul authored
-
Michal Arbet authored
This patch removes the hardcoded `distro_python_version` mapping and usage from the configuration and templates, aligning with the dynamic Python version detection introduced in the dependent patch below. The changes simplify the kolla-ansible roles by using general `python3` paths, ensuring compatibility across distributions without requiring version-specific handling. Template files for Horizon, Ironic, Skyline, and others have been updated to reflect this, improving maintainability and reducing complexity. Depends-On: https://review.opendev.org/c/openstack/kolla/+/926744 Change-Id: I85431b058b4184d96600cf17aaf8de871a018d61
-
- Sep 18, 2024
-
-
Zuul authored
-
Zuul authored
-
Zuul authored
-
Zuul authored
-
Zuul authored
-
Matt Crees authored
We don't use dots in the image name Change-Id: I29172448c14a1ca9a5fa23abe701366f875959e0
-
Grzegorz Koper authored
Closes-bug: #2077511 Change-Id: Icd15e8d04771cf50bc704f0c40006a8ac0aeb3ef
-
- Sep 17, 2024
-
-
Zuul authored
-
Zuul authored
-
Zuul authored
-
Zuul authored
-
Michal Arbet authored
This trivial fix simply consists of adding the forgotten action after the kolla-ansible was reworked in review [1]. [1] https://review.opendev.org/c/openstack/kolla-ansible/+/911417 Closes-Bug: #2080408 Change-Id: I26b5db3a3eeebd758ad05d9cb9aa689a68e1816f
-
Michal Arbet authored
From version 2.1, ProxySQL has a built-in ProxySQL Prometheus exporter. This patch adds an option to easily enable this exporter [1]. [1] https://proxysql.com/documentation/prometheus-exporter Change-Id: I8776cdc0a6ec9e4e35a2424dd0984488514a711f
-
Michal Nasiadka authored
Change-Id: I65fb8fb028a085f0f1c980417c021522b4eea20d
-
- Sep 16, 2024
-
-
Zuul authored
-
- Sep 13, 2024
-
-
Will Szumski authored
When using dnsmasq as a DHCP server, unless you use the noping option (and that is not recommended), the NET_RAW capabilty is required so that dnsmasq can send ICMP packets. These are used to check an address is not currently in use[1]. Docker enables this capability by default. Podman runs containers with a minimal set of capabilities[3]. [1] https://lists.thekelleys.org.uk/pipermail/dnsmasq-discuss/2019q1/012840.html [2] https://docs.docker.com/engine/containers/run/#runtime-privilege-and-linux-capabilities [3] https://github.com/rhatdan/common/blob/f39f2a3f8c7680b9e456b9d235570e511807d6c6/docs/containers.conf.5.md?plain=1#L84-L101 Closes-Bug: #2055282 Change-Id: Ib3a1313df680d91c7f008063937ca7d37e82f690
-
Zuul authored
-
Zuul authored
-
Zuul authored
-
Zuul authored
-
Michal Arbet authored
The --reload parameter ensures that any changes in the proxysql configuration file are applied to the already existing internal proxysql database. Change-Id: I9215d6cef3795030676c44a8184d99ba46dcb60c
-
Roman Krček authored
This is a prerequisite for patchset #924651 Nova runs checks before upgrading. A new nova_upgrade_checks container is started for that purpose. This container uses the new nova-api image, but the old config.json file. The image expects CA certificates in a certain location, but due to the old config.json file, they will not be present. This results in the container not trusting keystone SSL certificate and the upgrade fails, since it can't connect. Moving the config section before the checks ensures that the new container has all the certificates it needs to connect to Keystone. Also nova_enable_rolling_upgrade is no longed used, so there was no point in keeping upgrade tasks split. Change-Id: I44bf48fb86f639d7f0acb786392573ebfed7ee97 Signed-off-by:
Roman Krček <roman.krcek@tietoevry.com>
-
Michal Nasiadka authored
In I70dd1751dea6bfc9bb265aeda04b3392e135324c we removed Requires=docker.service and left only After=docker.service. In a case where something starts docker.service that's enough, but if docker.service is disabled or no service is dependent on it - it won't be started. This patch adds Wants=docker.service which will try to start docker.service if it is not started or enabled but does not impose a dependency which causes restart of kolla systemd units when docker.service is restarted (see [1]). Closes-Bug: #2065168 [1]: https://www.freedesktop.org/software/systemd/man/latest/systemd.unit.html#Wants= Change-Id: Ic3acb15f7c6ba7269ef62ccc8895b6bea4fc1f4d
-
- Sep 12, 2024
-
-
Pierre Riteau authored
Inner modules called by the kolla_toolbox module were returning stdout and stderr as a single output object. This could break JSON parsing if any data was present in stderr, for example warnings such as: [WARNING]: Collection ansible.posix does not support Ansible version 2.14.17 Fix by using demux=True to separate the two streams. The stderr content is logged as it could be useful for troubleshooting or catching deprecation notices. Change-Id: Iad0476d4511f28c837794352c9a3e2f47113d9a1 Closes-Bug: #2080544
-
Sven Kieske authored
Add a new variable keystone_federation_oidc_claim_delimiter to make this configurable for keycloak OIDC federation. Closes-Bug: #2080394 Signed-off-by:
Sven Kieske <kieske@osism.tech> Change-Id: If14285f033ed4914fd3b28d7efcc95e1c9f273a5
-
- Sep 11, 2024
-
-
Zuul authored
-