In order to reduce divergance with ansible-lint rules, we apply
auto-fixing of violations.
In current patch we replace all kind of truthy variables with
`true` or `false` values to align with recommendations along with
alignment of used quotes.
Change-Id: Ib404b386664c1ad2171ffb98e049c947243affac
During last release cycle oslo.messaging has landed [1] series of extremely
useful changes that are designed to implement modern messaging
techniques for rabbitmq quorum queues.
Since these changes are breaking and require queues being re-created,
it makes total sense to align these with migration to quorum queues by default.
[1] https://review.opendev.org/q/topic:%22bug-2031497%22
Change-Id: If7a239a4af522e8fb8e4ad2f1a17cafb3efaa49b
In order to be able to globally enable notification reporting for all services,
without an need to have ceilometer deployed or bunch of overrides for each
service, we add `oslomsg_notify_enabled` variable that aims to control
behaviour of enabled notifications.
Presence of ceilometer is still respected by default and being referenced.
Potential usecase are various billing panels that do rely on notifications
but do not require presence of Ceilometer.
Depends-On: https://review.opendev.org/c/openstack/openstack-ansible-plugins/+/914144
Change-Id: Iac58d5d133da0f94241e10bdfd99d02665d68311
In order to allow definition of policies per service, we need to add variables
to service roles, that will be passed to openstack.osa.mq_setup.
Currently this can be handled by leveraging group_vars and overriding `oslomsg_rpc_policies` as a whole, but it's not obvious and
can be non-trivial for some groups which are co-locating multiple services
or in case of metal deployments.
Change-Id: I7411f80830b6bc5d007b26ffdbb37be87c0b521a
This change implements and enables by default quorum support
for rabbitmq as well as providing default variables to globally tune
it's behaviour.
In order to ensure upgrade path and ability to switch back to HA queues
we change vhost names with removing leading `/`, as enabling quorum
requires to remove exchange which is tricky thing to do with running
services.
Change-Id: I49f9a18430f4912fe3e2fda36da6ad2acf6dde35
With update of ansible-lint to version >=6.0.0 a lot of new
linters were added, that enabled by default. In order to comply
with linter rules we're applying changes to the role.
With that we also update metdata to reflect current state.
Depends-On: https://review.opendev.org/c/openstack/ansible-role-systemd_service/+/888223
Change-Id: I7163d2e68b1f0f97bd31d7734a99f74ed60b1bb5
By overriding the variable `masakari_backend_ssl: True` HTTPS will
be enabled, disabling HTTP support on the masakari backend api.
The ansible-role-pki is used to generate the required TLS
certificates if this functionality is enabled.
Depends-On: https://review.opendev.org/c/openstack/openstack-ansible/+/879085
Change-Id: I2ea927dbfd7c9164b0f4d5fb793164ce4ad17094
- Implemented new variable ``connection_recycle_time`` responsible for SQLAlchemy's connection recycling
- Set new default values for db pooling variables which are inherited from the global ones.
Depends-On: https://review.opendev.org/c/openstack/openstack-ansible/+/819424
Change-Id: I02997d0537ac24bdd261b8bce8f4a2e34e1db74a
With PKI role in place in most cases you don't need to explicitly
provide path to the CA file because PKI role ensures that CA is trusted
by the system overall. In the meanwhile in PyMySQL [1] you must either
provide CA file or cert/key or enable verify.
Since current behaviour is to provide path to the custom CA we expect
certificate being trusted overall. Thus we enable cert verification when
galera_use_ssl is True.
[1] 78f0cf99e5/pymysql/connections.py (L267)
Change-Id: I933e1edbd4260e2bd61bcceec3ddad8aea85353c
All references to Gentoo, SUSE, Debian stretch and Centos-7 are removed.
Conditional tasks, ternary operators and variables are simplified where possible
OS specific variables files are generalised where possible
Change-Id: Ia712d170740c748002aa44d921ade8750997f8f0
Masakari has added introspectiveinstancemonitor for a while, however it
has not bee implemented in OSA.
Change-Id: I3ae31a3518f5580aadcd9935dda9f1bdabb6ae7e
We add 2 extra variables, to make corosync port configurable along with
enablement of ipmi checks.
Change-Id: I970bdaad0af79599d8a7c8cf95f89d273eb791de
As per the community goal of migrating the policy file
the format from JSON to YAML[1], we need to replace policy.json to
policy.yaml and remove deprecated policy.json.
config_template has been choosen instead of the copy, since it can
properly handle content that has been lookuped.
We make a separate task not to restart service when it's not needed.
[1] https://governance.openstack.org/tc/goals/selected/wallaby/migrate-policy-format-from-json-to-yaml.html
Change-Id: I8c89b6d193f221faad4db9e1d0b0152f262b823b
Instead of overriding each service separatelly it might make
sense for deployers to define some higher level variable that
will be used first or fallback to default variable.
Change-Id: Ie526c3fed0d6a1c706d5ef17e9c1bcb38418e861
Move it to the service setup host (defaults to utility[0]) instead
of the galera[0] host, and use galera_address (defaults to internal VIP)
as the endpoint instead of a local connection on the db host.
Change-Id: I3347e9a33beff2f0dc57c429acd973f20789912c
masakari-monitors egg was missing from contraints, which resulted in
failures while installing it dependencies for py2 on stable branches
Depends-On: https://review.opendev.org/745572
Depends-On: https://review.opendev.org/739146
Change-Id: I06f8580cbcf7a2633077bb8429c90474837644f0
Make masakari respect set openstack_venv_python_executable
This also will create py3 venvs by default
Change-Id: I9d7abbeff0f68cad3b646cde270437c88554080c
This patch aims to add a prefix for memcached_server
on each role to give the ability for deployers to
override the location of memcached cluster. I.e users
wants to create a single memcached cluster with k8s
for each service.
We also add pymemcache based on [1]
[1] https://review.opendev.org/711429
Change-Id: I5ce2be9e7a8a648cbb734a2e418d434e7991e298
Unfortunatelly CentOS 7 do not have libvirt library
for py3, so instead of symlinking them, we have to install devel package
and build inside venv.
Change-Id: I5a2fc38e86debfb9a73394552b79f83e56dd1231
This patch aims to migrate service from usage of regular syslog files
to journald. We also disable uwsgi logging, since it dublicates
requests that are logged by service itself.
Change-Id: I4168cd484ef52cc7b47efdbcc26d3d3550d28654
Fixed variable from glance_galera_address inside example playbook.
Also modified comment for masakari_monitor_corosync_multicast_interface
Change-Id: I8ca88549abedea124522a2290d678bbe65f818a9
The variables masakari_developer_mode and masakari_venv_download
no longer carry any meaning. This review changes masakari to
do the equivalent of what developer_mode was all the time,
meaning that it always builds the venv and never requires
the repo server, but it will use a repo server when available.
We also change include_tasks to import_tasks and include_role
to import_role so that the tags in the python_venv_build role
will work.
Depends-On: https://review.openstack.org/#/c/647571/
Change-Id: I850ba83a8683be45988f2d9eafcc6a2e8ad4d8b2
In order to enable the service setup host python interpreter to
be changed easily, we make it a variable. This will be useful
when someone sets the service setup host to be the utility
container, because we'll be able to set this var by default.
Change-Id: I0f34a17274ec1abcb43efffcba196049b6161edb
With this change masakari-monitors will be installed on hosts
which are in group masakari-monitor (supposed to be nova compute hosts)
hostmonitor depends on pacemaker with corosync, which are implemented by
https://github.com/mit-scripts/ansible-pacemaker-corosync
Masakari api/engine config was simplified and unneccesary defaults
were removed from it.
Role now uses default ``systemd_service`` role for systemctl configuration
Co-Authored-By: Jesse Pretorius <jesse.pretorius@rackspace.co.uk>
Implements: blueprint masakari-ansible-plugin
Change-Id: I334877c0111a45d3f3a74e7f56931786f4301713
In order to radically simplify how we prepare the service
venvs, we use a common role to do the wheel builds and the
venv preparation. This makes the process far simpler to
understand, because the role does its own building and
installing. It also reduces the code maintenance burden,
because instead of duplicating the build processes in the
repo_build role and the service role - we only have it all
done in a single place.
We also change the role venv tag var to use the integrated
build's common venv tag so that we can remove the role's
venv tag in group_vars in the integrated build. This reduces
memory consumption and also reduces the duplication.
This is by no means the final stop in the simplification
process, but it is a step forward. The will be work to follow
which:
1. Replaces 'developer mode' with an equivalent mechanism
that uses the common role and is simpler to understand.
We will also simplify the provisioning of pip install
arguments when doing this.
2. Simplifies the installation of optional pip packages.
Right now it's more complicated than it needs to be due
to us needing to keep the py_pkgs plugin working in the
integrated build.
Depends-On: https://review.openstack.org/598957
Change-Id: I676ddbb7028ad203e4ca3f3e1cee7ff1435d23a2
Implements: blueprint python-build-install-simplification
Signed-off-by: Jesse Pretorius <jesse.pretorius@rackspace.co.uk>
There are references to the masakari_venv_download_url var,
but it's not set anywhere.
Change-Id: I28ba50fc0b675dcb9241f97f3930e4fb33ac4c2e
Co-Authored-By: Dmitriy R <dmitriy.r@sitevalley.com>
There is no record for why we implement the MQ vhost/user creation
outside of the role in the playbook, when we could do it inside the
role.
Implementing it inside the role allows us to reduce the quantity of
group_vars duplicated from the role, and allows us to better document
the required variables in the role. The delegation can still be done
as it is done in the playbook too.
In this patch we implement two new variables:
- masakari_oslomsg_rpc_setup_host
- masakari_oslomsg_notify_setup_host
These are used in the role to allow delegation of the MQ vhost/user
setup for each type to any host, but they default to using the first
member of the applicable oslomsg host group.
We also adjust some of the defaults to automatically inherit existing
vars set in group_vars form the integrated build so that we do not
need to do the wiring in the integrated build's group vars. We still
default them in the role too for independent role usage.
Finally, we remove the test mq setup tasks and clean up any unused
or unnecessary variables configured in tests.
We also rename the ubuntu-16.04.yml file to ubuntu.yml to cover both
xenial and bionic. This has become necessary because the
'Gather variables for each operating system' task in the galera_client
role is picking up this role's vars file instead of its own.
Change-Id: Ibf05d527b6dbed8a10ecf0b64cfb161b66295d35
This introduces oslo.messaging variables that define the RPC and
Notify transports for the OpenStack services. These parameters replace
the rabbitmq values and are used to generate the messaging
transport_url for the service. The association of the messaging
backend server to the oslo.messaging services will then be transparent
to the masakari service.
This patch:
* Add oslo.messaging variables for RPC and Notify to defaults
* Update transport_url generation in conf
* Add oslo.messaging to tests inventory and update tests
* Install extra packages for optional drivers
Change-Id: I127ce216cfb7b4d5755b8f0a68406bbd251fbdd2
I've decided to add env and required secrets example for easier stratup.
Also added missing variables to defaults, as playbook was just failiing without them.
Variables regarding rabbitmq were missing.
Also, as masakari_venv_download_url is not defined by default,
masakari_venv_download had been set to false.
Handlers were missing Manage LB task and had wrong variable -
masakari-services instead of masakari_services
Functional test was missing USER system environment variable.
Also test inventory had mistakes.
test-masakari-functions.yml wasn't able to pass test due to error.
Functional tests moved to voting.
Change-Id: I6644d576177f441ca59e9221ce9a2e5b7cc0fc46
In order to reduce the packages required to pip install on to the hosts,
we allow the service setup to be delegated to a specific host, defaulting
to the deploy host. We also switch as many tasks as possible to using the
built-in Ansible modules which make use of the shade library.
The 'virtualenv' package is now installed appropriately by the openstack_hosts
role, so there's no need to install it any more. The 'httplib2' package is a
legacy Ansible requirement for the get_url/get_uri module which is no longer
needed. The keystone client library is not required any more now that we're
using the upstream modules. The masakari client is not used on the host, so
it serves no purpose. As there are no required packages left, the task to
install them is also removed.
Change-Id: I5f4339b322b967fcfd326c7442d634abf8b6cb05
There is no record for why we implement the database creation outside
of the role in the playbook, when we could do it inside the role.
Implementing it inside the role allows us to reduce the quantity of
group_vars duplicated from the role, and allows us to better document
the required variables in the role. The delegation can still be done
as it is done in the playbook too.
In this patch we implement a new variable called 'masakari_db_setup_host'
which is used in the role to allow delegation of the database setup
task to any host, but defaults to the first member of the galera_all
host group. We also document the variable 'masakari_galera_address' which
has been used for a long time, but never documented. A bunch of unused
variables have also been removed.
Change-Id: I6c1e4e32681cbb592f6daa805501031bb84e6e0c
The following packages are required in-order to run osprofiler.
these packages will provide deployers the ability to profile
a service on demand should they choose to enable the profile
functionality.
Change-Id: Ie9d2909c2e0d3b6951dea14013649a66ce93e7af
Signed-off-by: Kevin Carter <kevin.carter@rackspace.com>
