From 4398856ec80ae765e805df9aab7d6f2105a34009 Mon Sep 17 00:00:00 2001 From: Mark Goddard Date: Wed, 9 Dec 2020 11:26:40 +0000 Subject: [PATCH] Fixes for CentOS 8.3 * Bump stackhpc.libvirt-host to v1.7.1. On seed-hypervisors installed using CentOS 8.2 or earlier, interaction with libvirt may fail due to libgcrypt being incompatible. See https://github.com/stackhpc/ansible-role-libvirt-host/issues/42 * Bump MichaelRigart.interfaces to v1.9.2. The CentOS 8.3 cloud image includes an ifcfg-ens3-1 file. See https://github.com/michaelrigart/ansible-role-interfaces/pull/93 * Previously a second libvirt daemon was installed by Tenks on the host, however changes in libvirt 6.0.0 to separate libvirtd into multiple daemons do not allow for customisation of the PID files used by the new daemons. This leads to a conflict between the container and host daemons. Update the Tenks config to use the containerised Nova libvirt daemon. This depends on a change to the stackhpc.libvirt-host role: https://github.com/stackhpc/ansible-role-libvirt-host/pull/44 * Not CentOS 8.3 related, but tox jobs are now failing on python dependencies. Remove upper limits from docker and paramiko. * Not CentOS 8.3 related, but Bifrost has enabled authentication by default. We are not ready to support this, so override it. Story: 2008429 Task: 41378 Change-Id: Ie8fd965165e8d347d27528a2c16d0647e412ccdc --- .../kolla-bifrost/templates/bifrost.yml.j2 | 3 +++ dev/tenks-deploy-config-compute.yml | 20 +++++++++++++------ .../kayobe-overcloud-upgrade-base/run.yml | 14 ++++++------- .../notes/centos-8.3-89d07c8f8db5b17b.yaml | 4 ++++ requirements.yml | 4 ++-- test-requirements.txt | 4 ++-- 6 files changed, 32 insertions(+), 17 deletions(-) create mode 100644 releasenotes/notes/centos-8.3-89d07c8f8db5b17b.yaml diff --git a/ansible/roles/kolla-bifrost/templates/bifrost.yml.j2 b/ansible/roles/kolla-bifrost/templates/bifrost.yml.j2 index a4d64dd3f..0459df9db 100644 --- a/ansible/roles/kolla-bifrost/templates/bifrost.yml.j2 +++ b/ansible/roles/kolla-bifrost/templates/bifrost.yml.j2 @@ -67,6 +67,9 @@ ipa_ramdisk_upstream_checksum_algo: "{{ kolla_bifrost_ipa_ramdisk_checksum_algor # Firewalld zone used by Bifrost. firewalld_internal_zone: "{{ kolla_bifrost_firewalld_internal_zone }}" +# Disable authentication for the Ironic and Inspector APIs. +noauth_mode: true + {% if kolla_bifrost_extra_globals %} ############################################################################### # Extra configuration diff --git a/dev/tenks-deploy-config-compute.yml b/dev/tenks-deploy-config-compute.yml index 2ff60889f..d73ae9800 100644 --- a/dev/tenks-deploy-config-compute.yml +++ b/dev/tenks-deploy-config-compute.yml @@ -34,10 +34,18 @@ physnet_mappings: deploy_kernel: ipa.kernel deploy_ramdisk: ipa.initramfs -# Use a custom socket path to avoid a conflict with the nova_libvirt kolla -# container which bind mounts /var/run/libvirt. -libvirt_custom_socket_path: /var/run/libvirt-tenks +# Use the libvirt daemon deployed by Kolla Ansible in the nova_libvirt +# container. Tenks will install libvirt client packages. +libvirt_host_install_daemon: false -# Nested virtualisation is not working well in CI currently. Force the use of -# QEMU. -libvirt_vm_engine: "qemu" +# QEMU may not be installed on the host, so set the path and avoid +# autodetection. +libvirt_vm_emulator: "/usr/libexec/qemu-kvm" + +# Specify a log path in the kolla_logs Docker volume. It is accessible on the +# host at the same path. +libvirt_vm_default_console_log_dir: "/var/log/kolla/tenks" + +# Console logs are owned by the ID of the Nova user in the nova_libvirt +# container. +libvirt_vm_log_owner: 42436 diff --git a/playbooks/kayobe-overcloud-upgrade-base/run.yml b/playbooks/kayobe-overcloud-upgrade-base/run.yml index 288a4fd15..0cf3cb32c 100644 --- a/playbooks/kayobe-overcloud-upgrade-base/run.yml +++ b/playbooks/kayobe-overcloud-upgrade-base/run.yml @@ -24,13 +24,6 @@ cmd: dev/overcloud-deploy.sh &> {{ logs_dir }}/ansible/overcloud-deploy-pre-upgrade chdir: "{{ previous_kayobe_src_dir }}" - - name: Ensure test Tenks cluster is deployed - shell: - # Pass absolute source directory, since otherwise the `chdir` will - # cause this to fail. - cmd: dev/tenks-deploy-compute.sh '{{ tenks_src_dir }}' &> {{ logs_dir }}/ansible/tenks-deploy - chdir: "{{ previous_kayobe_src_dir }}" - environment: KAYOBE_CONFIG_SOURCE_PATH: "{{ previous_kayobe_config_src_dir }}" @@ -61,6 +54,13 @@ # Perform a smoke test against the previous release. - block: + - name: Ensure test Tenks cluster is deployed + shell: + # Pass absolute source directory, since otherwise the `chdir` will + # cause this to fail. + cmd: dev/tenks-deploy-compute.sh '{{ tenks_src_dir }}' &> {{ logs_dir }}/ansible/tenks-deploy + chdir: "{{ kayobe_src_dir }}" + - name: Perform testing of the VMs in the overcloud prior to upgrade shell: cmd: dev/overcloud-test-vm.sh &> {{ logs_dir }}/ansible/overcloud-test-vm-pre-upgrade diff --git a/releasenotes/notes/centos-8.3-89d07c8f8db5b17b.yaml b/releasenotes/notes/centos-8.3-89d07c8f8db5b17b.yaml new file mode 100644 index 000000000..a5883e2d7 --- /dev/null +++ b/releasenotes/notes/centos-8.3-89d07c8f8db5b17b.yaml @@ -0,0 +1,4 @@ +--- +fixes: + - | + Fixes a number of issues with using Kayobe on CentOS 8.3. diff --git a/requirements.yml b/requirements.yml index 5dccf5746..42d28a33b 100644 --- a/requirements.yml +++ b/requirements.yml @@ -5,7 +5,7 @@ # There are no versioned releases of this role. version: 8438592c84585c86e62ae07e526d3da53629b377 - src: MichaelRigart.interfaces - version: v1.9.0 + version: v1.9.2 - src: mrlesmithjr.manage-lvm version: v0.1.4 - src: mrlesmithjr.mdadm @@ -22,7 +22,7 @@ - src: stackhpc.grafana-conf version: 1.1.0 - src: stackhpc.libvirt-host - version: v1.7.0 + version: v1.7.1 - src: stackhpc.libvirt-vm version: v1.13.0 - src: stackhpc.luks diff --git a/test-requirements.txt b/test-requirements.txt index ddaa65725..194c468c7 100644 --- a/test-requirements.txt +++ b/test-requirements.txt @@ -6,11 +6,11 @@ ansible-lint>=3.0.0,!=4.3.0 # MIT bashate>=0.2 # Apache-2.0 coverage>=4.0 # Apache-2.0 doc8 # Apache-2.0 -docker<3 # Apache-2.0 +docker # Apache-2.0 hacking>=3.0.1,<3.1.0 # Apache-2.0 molecule<3 # MIT oslotest>=1.10.0 # Apache-2.0 # paramiko 2.5.0 makes the kayobe-tox-molecule job fail. -paramiko<2.5.0 +paramiko stestr # Apache-2.0 yamllint # GPLv3