207 Commits

Author SHA1 Message Date
Mark Goddard
1d8b4e2500 Enable 'data' LVM group only for Docker devicemapper
This change is a precursor to switching the default Docker storage
driver to overlay2.

Previously, Kayobe's default configuration included a 'data' LVM volume
group, with a 'docker-volumes' logical volume mounted at
/var/lib/docker/volumes. Additionally, if the Docker devicemapper
storage driver was used, the data volume group would contain the
docker-thinpool and docker-thinpoolmeta volumes.

This LVM setup was really included for devicemapper, and while in some
cases it may be useful to have docker volumes as a separate logical
volume, this doesn't really make sense as a default. Often in
environments using other Docker storage drivers, the data volume group
would be removed from configuration.

This change modifies the default LVM configuration to only create a
'data' volume group if the Docker storage driver is devicemapper.
Additionally, new flags are added to make this choice independent from
the storage driver, to support cases where the data volume group is
required without devicemapper.

Change-Id: Ia3c1f6423c32fa2580b57db32512a34ce35d7acc
Story: 2005667
Task: 30973
2020-04-23 14:20:59 +01:00
Zuul
a8f1045842 Merge "Fix seed VM provisioning on a remote seed hypervisor" 2020-04-22 12:38:12 +00:00
Zuul
eaf511adad Merge "Don't use become for Kolla Ansible" 2020-04-22 00:50:41 +00:00
Zuul
95a4d7e093 Merge "Add support for stopping overcloud services" 2020-04-22 00:28:40 +00:00
Zuul
c31870591d Merge "Prevent openrc files from using wrong OS_CACERT value" 2020-04-15 17:27:33 +00:00
Pierre Riteau
010681d7d9 Filter out switch port descriptions on Ruckus switches
Some Ruckus switches, e.g. the Ruckus ICX 7150, advertise switch
interface names as switch port descriptions. Unlike Dell switches, there
is no space character between port type and port number. For example:
GigabitEthernet1/1/9.

Update regular expression to match both styles.

Change-Id: I359b07abadc8665ff0a8c3407ca0fc5effc504cf
Story: 2007532
Task: 39343
2020-04-09 08:35:45 +02:00
Pierre Riteau
cc3d27e2e1 Fix seed VM provisioning on a remote seed hypervisor
The seed VM will fail to provision if the Ansible control host and the
seed hypervisor are not the same hosts.

This is because Kayobe creates the seed-vm-user-data file on the
seed-hypervisor host. It then invokes the jriguera.configdrive role
which uses a copy task without remote_src, which fails to find the
source file locally on the Ansible control host.

Instead we create a local temporary file for seed VM user data.

Change-Id: Iabbe4c624b9ad02bb82c323070f99c16e5822966
Story: 2007530
Task: 39338
2020-04-08 19:02:19 +02:00
Pierre Riteau
ce212cc23c Prevent openrc files from using wrong OS_CACERT value
Kolla Ansible sets kolla_{external,internal}_fqdn_cacert variables with
default values compatible with the use of `kolla-ansible certificates`.

However, when these variables are left unset in Kayobe, which is
generally the case when using trusted certificates, we end up with
openrc files setting OS_CACERT to a file that does not exist:

    ${KOLLA_CONFIG_PATH}/certificates/haproxy-ca.crt

Instead we allow null cacert variables to be passed to kolla-ansible,
which results in openrc files without the bogus OS_CACERT entry.

Change-Id: Ifa615888b6d8d54c9e6314fd90f3fc4872fc6e5a
Story: 2007516
Task: 39299
2020-04-03 17:17:24 +02:00
Zuul
ba21631aaa Merge "Switch to stackhpc fork of resmo.ntp" 2020-04-02 17:11:21 +00:00
Will Szumski
31ad22abc4 Switch to stackhpc fork of resmo.ntp
There is no activity on the resmo fork of the role and it seems
impossible to get any patches merged.

Change-Id: I1f09f7c11767226e89b34687dab1553e87be76ba
Story: 2005272
Task: 39197
2020-04-02 14:44:27 +02:00
Mark Goddard
939e298c56 Don't use become for Kolla Ansible
Using become for all Kolla Ansible tasks is not ideal from a security
perspective. It is also incompatible with fact caching, since it causes
facts to be gathered and cached as root, which changes some facts.

This change modifies the default value of kolla_ansible_become to false.

Change-Id: I9ee5c55e59276f70c92e9c698c01123dcf8919a1
Story: 2007492
Task: 39217
2020-03-31 15:32:10 +01:00
Doug Szumski
cdc1d5ada2 Fix loading of Monasca Grafana dashboards
This is a minimal fix to support loading dashboards into the Monasca
Grafana fork. It firstly aligns the default Monasca Grafana control
plane organisation and Monasca Grafana local admin username with Kolla
Ansible to make the feature easier to use. Secondly, it extracts the
associated OpenStack project name from this variable by stripping off
the OpenStack domain.

Longer term we may wish to move the dashboard loading functionality into
Kolla Ansible, now that it supports deploying Monasca.

Affects Rocky onwards.

Change-Id: I77c94edf654565a12ce8be681e3c9b16caa55c86
Story: 2007477
Task: 39186
2020-03-30 15:13:15 +02:00
Zuul
1617ce680a Merge "Add support for configuring Cumulus switches with NCLU" 2020-03-28 00:28:35 +00:00
Zuul
ea070e42c3 Merge "Remove seed_hypervisor_libvirt_pool_capacity variable" 2020-03-28 00:28:31 +00:00
Mark Goddard
71c2aa1d90 Add support for stopping overcloud services
Implemented via 'kolla-ansible stop'.

Change-Id: Iaf8db47e70f023b446c17aa61fc8bb89cf7c2b28
Story: 2007467
Task: 39155
2020-03-26 14:34:07 +00:00
Zuul
f4def02e0e Merge "CentOS 8: Support DNF" 2020-03-19 18:34:10 +00:00
Zuul
8bd7df5de3 Merge "Make docker registry volume configurable" 2020-03-19 13:50:18 +00:00
Mark Goddard
dc32b52f08 CentOS 8: Support DNF
Adds support for configuration of DNF repo mirrors for CentOS and EPEL
repositories, as well as custom repositories.

Adds support for DNF automatic, which is a replacement for yum-cron.

Configuration is backwards compatible, falling back to the equivalent
yum variables when DNF variables have not been overridden.

Change-Id: I8bef5e9c8e1c77c25d6077ff690da8f2cde6a643
Story: 2006574
Task: 38922
2020-03-19 11:23:39 +00:00
Zuul
458e6a6424 Merge "Fix Kayobe overcloud introspection data save" 2020-03-19 11:03:20 +00:00
Radosław Piliszek
e7d7daa531 Remove ceph block device support
It leaves certain ceph mentions in globals.yml.j2 as it needs
syncing with kolla-ansible contents anyways
(these are all comments).

Change-Id: I05e9c6223583e9bb5dc0020edc0b56990275093c
Story: 2007295
Task: 38766
2020-03-18 10:28:33 +00:00
Zuul
be1e3d8853 Merge "CentOS 8: Disable ntpd, enable chrony container" 2020-03-06 19:39:30 +00:00
Mark Goddard
71d36cbe5e CentOS 8: Disable ntpd, enable chrony container
CentOS 8 does not provide an ntp package. Instead fall back to using the
chrony container provided by Kolla Ansible by default.

Depends-On: https://review.opendev.org/711511

Change-Id: If5230854d7565c8b3c91a46da4795c63edf095e4
Story: 2006574
Task: 38866
2020-03-05 16:56:58 +00:00
Mark Goddard
35e50bb6b8 Skip resmo.ntp role if ntp_service_enabled is false
We enable ntpd by default, and provide a variable to disable it -
ntp_service_enabled. It is also automatically disabled if the user
enables the chrony container (kolla_enable_chrony).

However, setting ntp_service_enabled to false will cause the host
configure commands to fail due to a bug in the resmo.ntp role. This is
because it tries to configure the ntpd service in systemd, but it will
not exist so the task fails.

This change fixes the issue by skipping the resmo.ntp role if the NTP
service is disabled.

Change-Id: I640873c11ceae5008030dc03984c089a410a0cee
Story: 2007384
Task: 38968
2020-03-05 16:46:05 +00:00
Pierre Riteau
7b7d39ebbe Remove seed_hypervisor_libvirt_pool_capacity variable
This is ignored by Libvirt, so there is no need to pass it to the
libvirt-host role.

Note: omitting the capacity argument requires libvirt-host 1.3.1 or
later.

Change-Id: Id94e7b514ed36c8e042e56e8f1891d98f8371e5d
Story: 2007381
Task: 38957
2020-03-05 16:06:49 +01:00
Pierre Riteau
1ee19568b0 Add support for configuring Cumulus switches with NCLU
This extends the physical network configuration in Kayobe to configure
Cumulus physical switches using the nclu Ansible module.

Change-Id: I960027ead301c5793a0ada1959a23549a71bdbfb
2020-03-03 20:46:32 +00:00
Zuul
afa42f72a1 Merge "Bump Ansible version range to 2.8 - 2.9" 2020-02-28 21:47:00 +00:00
Mark Goddard
ebd5aa4477 Bump Ansible version range to 2.8 - 2.9
Updates the minimum version of Ansible from 2.6 to 2.8, and the maximum
supported version from 2.8 to 2.9.

CentOS 8 requires Ansible 2.8.

Change-Id: I3f8f7f8d7d37e3cb851965a491ac9c43030869d5
Story: 2006574
Task: 38826
2020-02-27 15:39:27 +00:00
Michal Nasiadka
a0ab81d752 Allow setting pip_proxy
Change-Id: I2547ef2556ca96b614854515069aaca3349cd692
2020-02-26 11:10:01 +01:00
Doug Szumski
167e2ff3db Fix Kayobe overcloud introspection data save
Kayobe overcloud introspection data save fails because the dynamic
inventory script siliently breaks causing Ansible to parse it as a
static inventory file. The failure occurs due to OS_TOKEN being set.
This change works around setting OS_TOKEN before running the dynamic
inventory script by setting OS_CLOUD before querying inspector.

Confirmed on Stein and Train, and verified in both environments.

Story: 2007326
Task: 38846
Change-Id: I57fbf91ae3440d3e4e6a64cd7d05151e299c9322
2020-02-21 15:53:07 +00:00
Will Szumski
06ad1c3a96 Make docker registry volume configurable
One use case is to use seperate disk for the registry storage. This
can prevent the rootfs from filling up.

Change-Id: I9634ee7f5730e93b8ddd96de04982d638dd4dae2
2020-02-19 10:16:00 +00:00
Doug Szumski
f2d46a57e4 Use latest release of StackHPC iDRAC role
This pulls in a number of fixes to the iDRAC role which includes
a change to allow the role to work with a recent version of the
python-dracclient library.

Change-Id: I6aa1fcece42f93cf404cf06dc96b2d70b140775e
2020-02-18 11:23:41 +00:00
Ghanshyam Mann
c0a1216afa [ussuri][goal] Drop python 2.7 support and testing
OpenStack is dropping the py2.7 support in ussuri cycle.

kayobe is ready with python 3 and ok to drop the
python 2.7 support.

Complete discussion & schedule can be found in
- http://lists.openstack.org/pipermail/openstack-discuss/2019-October/010142.html
- https://etherpad.openstack.org/p/drop-python2-support

Ussuri Communtiy-wide goal:
https://governance.openstack.org/tc/goals/selected/ussuri/drop-py27.html

Change-Id: Idbbdd96ff23846d29833c5997d1e32e65b5169f2
2020-02-11 10:12:39 +00:00
Zuul
2056983a56 Merge "Fix overcloud provisioning due to Bifrost IPA rename" 2020-01-06 16:02:51 +00:00
Zuul
b22ef99114 Merge "Fix IPA builds without packages specified" 2020-01-06 15:58:32 +00:00
Mark Goddard
a076ae6dc3 Fix seed VM provision
Since I56533ead8357945a42b079fda7edbd9912fc135a (present in 7.0.0.0rc1),
seed VM provisioning fails due to a missing configdrive volume. The
problem is caused by the stackhpc.libvirt-vm role at version 1.8.0, and
the issue is described in
https://github.com/stackhpc/ansible-role-libvirt-vm/issues/45.

This change bumps the requirement for stackhpc.libvirt-vm to v1.10.0,
which includes a fix for the issue.

Change-Id: I7361510a1c9c9c25356c5abd2a68b661c6b52692
Story: 2007063
Task: 37929
2020-01-06 10:11:39 +01:00
Mark Goddard
beba4d29b5 Fix IPA builds without packages specified
Since story 2006855, it is possible to specify a list of packages when
building IPA images. However, this introduced an issue in the case where
no packages are specified. See
https://github.com/stackhpc/ansible-role-os-images/issues/26.

This change fixes the issue by updating stackhpc.os-images role to
v1.7.0, which has a fix for this issue.

Change-Id: I70d20381bec3f5b92bb467e6c506e32bb13548c2
Story: 2007069
Task: 37952
2020-01-03 15:20:36 +00:00
Mark Goddard
fa7d29b47e Fix overcloud provisioning due to Bifrost IPA rename
Kolla recently upgraded bifrost from 7.0.0 to 7.1.0 on the stable/train
branch. This switched to IPA builder to build the IPA image, and
introduced a rename of the IPA kernel file from ipa.vmlinuz to
ipa.kernel, which breaks overcloud provisioning. The iPXE kernel
download fails with a 404, since Kayobe introspection rules use
ipa.vmlinuz for the driver_info.deploy_kernel URL.

This change works around the issue by setting two Bifrost variables,
ipa_kernel and ipa_kernel_url, to reference the old kernel filename of
ipa.vmlinuz. This works both in the case where the image is downloaded
from a URL (ipa_kernel sets the destination file name), and where it is
built via 'kayobe seed deployment image build' (kayobe uses the legacy
ironic-agent DIB element rather than IPA builder, which creates a
hardlink to ipa.vmlinuz).

We chose the above approach rather than switching to IPA builder due to
it being a less risky change at a time close to release. A future
release of Kayobe should switch to IPA builder, but this will be a
larger effort.

[1] https://review.opendev.org/#/c/692200/1/playbooks/roles/bifrost-ironic-install/defaults/main.yml

Change-Id: I7f75c25602fd7ae4bfeb6abbdd3b42d8ee465abf
Story: 2007068
Task: 37951
2020-01-03 15:07:07 +00:00
4acc1b64ec Update master for stable/train
Add file to the reno documentation build to show release notes for
stable/train.

Use pbr instruction to increment the minor version number
automatically so that master versions are higher than the versions on
stable/train.

Change-Id: I8ee7a008dc6dfc07f2fd079323d43a28f15ecb42
Sem-Ver: feature
2019-12-20 16:49:21 +00:00
Zuul
e65ac9ac08 Merge "Support custom Kolla group_vars" 2019-12-20 11:37:29 +00:00
Pierre Riteau
6b0f1c68c4 Add prelude to mark the first release as part of Kolla
Change-Id: Ie8cad275089315ef62b826ff3ab720537bc71cdb
2019-12-19 11:37:02 +01:00
Doug Szumski
72d4d64609 Support custom Kolla group_vars
In Kayobe hosts which are part of a Nova cell can be managed via the
existing controller and compute groups. However, since Nova Cells are
configured via group vars in Kolla Ansible we need some way of setting
these. We could pass vars through to Kolla Ansible host vars using
`kolla_overcloud_inventory_pass_through_host_vars` but the list of
variables which may be set on a per cell basis is large and undefined.

This change allows the user to directly specify Kolla Ansible group vars
as part of Kayobe config, allowing the deployment of Nova Cells by
Kayobe to be largely unchanged from the procedure documented in Kolla
Ansible.

Change-Id: I2695034d36936fcc77a4828c67f9552155781dd6
Story: 2004291
Task: 37804
2019-12-18 16:45:36 +01:00
Pierre Riteau
319827e1a8 Fix Train release notes
These are mostly formatting fixes, but also a correction of the default
value of pip_upper_constraints_file.

Change-Id: Iadb1b45644865d67e170f94d301d3eeeab2654ee
2019-12-17 10:20:49 +01:00
Will Szumski
f16ff2b64e Switch default IPA images to centos
The CoreOS images are no longer built or maintained.

Change-Id: I8928c2def85070f6310e5fb859abf21b3e234256
Story: 2007021
Task: 37808
2019-12-16 10:11:17 +00:00
Zuul
01f04e500d Merge "Improve detection of base path" 2019-12-13 15:01:35 +00:00
Zuul
95b6747686 Merge "Adds support for Ansible 2.8, bump mimimum to 2.6" 2019-12-13 12:58:44 +00:00
Zuul
30e9c3af8a Merge "Use mariabackup for database backups" 2019-12-12 13:07:45 +00:00
Will Szumski
8454cf8551 Adds support for Ansible 2.8, bump mimimum to 2.6
Updates the minimum version of Ansible from 2.5 to 2.6, and the maximum
supported version from 2.7 to 2.8.

Change-Id: I5aeb28424a8d1920b58ca73e37131d8cbfeabf29
2019-12-12 11:20:40 +00:00
Mark Goddard
e93bbd9ed5 Use mariabackup for database backups
Kolla ansible switched its database backup support to mariabackup from
xtrabackup due to incompatibilities. See
https://bugs.launchpad.net/kolla/+bug/1843043 for details.

Change-Id: Ib95771f09fd6d5e71a2af471de47f811e1cab88b
Related-Bug: #1843043
Story: 2006952
Task: 37634
2019-12-11 17:16:59 +00:00
Mark Goddard
c8f105a907 Support internal API TLS encryption
Kolla Ansible Train introduces support for TLS encryption of the
internal API. This change introduces support for internal API encryption
in Kayobe.

The following new variables are introduced:

* kolla_enable_tls_internal
* kolla_internal_tls_cert
* kolla_internal_fqdn_cacert

Also only set kolla_*_fqdn_cacert in globals.yml if set.

Change-Id: If432afde374fe247d09c952e110c9567e17daea1
Story: 2006959
Task: 37649
2019-12-11 17:13:38 +00:00
Zuul
9332c211f4 Merge "Add kayobe as openstack project for release notes" 2019-12-11 17:07:06 +00:00