1554 Commits

Author SHA1 Message Date
Pierre Riteau
4ba18116ff Fix docker-devicemapper playbook
Backport: train

Commit efb8b8bd27d08469c94f103b7314e9905cf6aa0e introduced in Train uses
docker_storage_driver in a Kayobe top-level playbook, but this variable
was only defined in defaults of the docker-devicemapper role. Unless
docker_storage_driver is explicitly set by the operator, the
docker-devicemapper playbook would fail due to the variable being
undefined.

Change-Id: I5e8219d1807b1a4e3ec65f5478eb3f1c7c02b241
Story: 2007719
Task: 39857
2020-06-03 18:06:05 +02:00
Zuul
436a28b9c8 Merge "Bump version of os-images role" 2020-06-02 12:14:05 +00:00
Stig Telfer
d4120473c6 Bump version of os-images role
Version 1.9.0 of stackhpc.os-images removes the dependency
on shade and replaces it with openstacksdk.  This version
is required for python3 support.

Change-Id: If0d73e13b5922ae071671d2c7983dda6a6c5ae5e
Co-Authored-By: Sebastian Luna Valero <sebastian.luna.valero@gmail.com>
Story: 2006574
Task: 39485
2020-05-31 11:18:15 +01:00
Mark Goddard
ffce6fa641 Use OpenStack Ussuri release
Switch all dependencies to use the OpenStack Ussuri release.

This commit should be reverted on the master branch once the
Kayobe stable/ussuri branch has been cut and RC1 released.

Change-Id: Id126ea109e6dfcba09b524129876985547ad368f
2020-05-29 15:42:07 +01:00
Zuul
f2c2114370 Merge "CI: Encrypt passwords.yml in overcloud host configure job" 2020-05-28 17:51:58 +00:00
Zuul
68fb5ec429 Merge "Move timezone configuration from ntp.yml to time.yml" 2020-05-28 15:59:40 +00:00
Zuul
f19b25b8ab Merge "CentOS 8: add docs and release note" 2020-05-28 15:59:35 +00:00
Zuul
6ea786fe27 Merge "Remove six" 2020-05-28 15:59:34 +00:00
Zuul
990ab26ef0 Merge "Remove support for CentOS 7 and Python 2" 2020-05-28 15:54:26 +00:00
Mark Goddard
3b03bfe3fd CI: Encrypt passwords.yml in overcloud host configure job
This gives us some test coverage with Ansible Vault.

Change-Id: Ic9db7f84e9f0dcbe69c31b6fff6bda3dfb401a33
Story: 2004959
Task: 39813
2020-05-28 12:10:24 +00:00
Mark Goddard
49c3e1dab4 Python 3: fix Ansible Vault password helper
In Python 3, the return type of subprocess.check_output is bytes by
default. It needs to be decoded to a string.

Passing universal_newlines=True to the subprocess functions results in
file objects opened in text mode, decoded using the system locale. A
unit test has also been added.

Change-Id: Idb4e66aa1f2c973a956907d7986d1c05c7ce2e67
Story: 2004959
Task: 39483
2020-05-28 10:57:00 +01:00
jacky06
b540482171 Remove six
Six is a python 2 and 3 compatibility library, remove it since openstack
use python3

Change-Id: Ib0e84ce417759843eccc2606ccb621242411e6c2
2020-05-28 10:30:07 +01:00
Mark Goddard
922175ebd2 CentOS 8: add docs and release note
Adds a support matrix page to documentation.

Change-Id: Ie42900d89afff40b8a12364b38de9854ed817275
Story: 2006574
Task: 39552
2020-05-28 10:26:31 +01:00
Mark Goddard
b05ba768e3 Move timezone configuration from ntp.yml to time.yml
Change-Id: I0814f62d25ebc9c6d007d2514d57f023308f54c4
Story: 2006574
Task: 39812
2020-05-28 10:25:51 +01:00
Mark Goddard
b9d76f6ef5 Remove support for CentOS 7 and Python 2
* Always use Python 3
* Drop code paths for CentOS 7
* Drop support for Yum
* Remove support for host NTP daemon, always use chrony
* Switch references from 'yum_install_epel' to 'dnf_install_epel'
* Remove overcloud host image workaround for tagged VLAN admin network
* Remove the kayobe.utils.yum_install function, which is unused

Change-Id: I368f6edafed9779658798fc342116b4c1b3ffd48
Story: 2006574
Task: 39481
2020-05-28 10:25:51 +01:00
Zuul
8fb3020827 Merge "Add ability to run playbooks before and after a kayobe command" 2020-05-27 17:19:53 +00:00
Will Szumski
e240a29a92 Add ability to run playbooks before and after a kayobe command
Sometimes there is a need to develop site specific playbooks. Currently,
it is necessary to manually invoke these at the right point during the
deployment. Adding the ability to automatically run these custom
playbooks will reduce the chance of running these playbooks at the wrong
point or forgetting to run them at all.

Change-Id: I1ae0f1f94665925326c8b1869dd75038f6f1b87d
Story: 2001663
Task: 12606
2020-05-26 14:16:02 +01:00
Zuul
1fd8f323c1 Merge "Add support for encrypted block devices" 2020-05-21 11:13:10 +00:00
Will Szumski
5d2a46b2b0 Add support for encrypted block devices
This can be advantageous in deployments with a data security
requirement.

Change-Id: I555ee575ccec0cfbcc4c4bcb53677796c83227e3
Story: 2007555
Task: 39410
2020-05-20 15:49:51 +00:00
Zuul
63fbb616a1 Merge "Fix pygments style" 2020-05-20 15:42:41 +00:00
Zuul
e8eb5f4128 Merge "Upgrade Vagrant VM to CentOS 8" 2020-05-20 10:24:51 +00:00
gugug
233c10d1b0 Fix pygments style
Change-Id: Ie15aa810538ecfdc8293dc0eda0610d82587fddd
2020-05-20 00:57:02 +00:00
Scott Solkhon
4e70fbcec6 Upgrade Vagrant VM to CentOS 8
This commit upgrades the development Vagrant vm to use
CentOS 8.

This also increases the size of the root disk as the
CentOS 8 cloud image is only 10GB which is not
sufficient for a Kayobe deployment.

Change-Id: I614cf6e0a774229da30831e806e2ae125e5cf0fb
2020-05-19 10:08:36 +01:00
Zuul
62665da88b Merge "Allow OVS bridges to connect directly to interface" 2020-05-18 11:23:22 +00:00
Pierre Riteau
fc017249c2 Install coreutils package before using configdrive role
On seed hypervisors running CentOS 8, the configdrive role will fail to
install coreutils if coreutils-single is already present:

Error:
 Problem: problem with installed package coreutils-single-8.30-6.el8.x86_64
  - package coreutils-8.30-6.el8_1.1.x86_64 conflicts with coreutils-single provided by coreutils-single-8.30-6.el8.x86_64
  - package coreutils-8.30-6.el8_1.1.x86_64 conflicts with coreutils-single provided by coreutils-single-8.30-6.el8_1.1.x86_64
  - conflicting requests

Until the role handles it, install coreutils using the --allowerasing
option which will remove coreutils-single at the same time. Use a
command task for now since this option has just been added to
ansible:devel [1].

[1] https://github.com/ansible/ansible/pull/48319

Change-Id: I43bbe9dae3d6796e308fbf66cb04d16b57ff5e37
Story: 2007612
Task: 39607
2020-05-13 20:30:08 +00:00
Zuul
93c471406a Merge "CentOS 8: Fix network configuration persistence" 2020-05-13 19:14:56 +00:00
Zuul
840c56167a Merge "Fix multiple CI failures" 2020-05-13 10:49:23 +00:00
Mark Goddard
cd1753d85a Fix multiple CI failures
1. Blacklist Ansible 2.9.8

Ansible 2.9.8 includes a regression on the fileglob plugin [1] that
causes the Kolla Ansible HAProxy role to fail.

This change blacklists Ansible 2.9.8 to work around the issue.

2. Use ensure-docker role instead of install-docker

The install-* roles are being deprecated and renamed to follow the
ensure-* naming convention [2].

[1] https://github.com/ansible/ansible/issues/69450
[2] http://lists.zuul-ci.org/pipermail/zuul-announce/2020-April/000071.html

Change-Id: Iab1d84e6a8c1b3dd81e53279309153687677a061
Story: 2007659
Task: 39748
2020-05-12 19:04:43 +02:00
Mark Goddard
b4de1fd70c CentOS 8: Fix network configuration persistence
See bug in MichaelRigart.interfaces role [1] for details.

[1] https://github.com/michaelrigart/ansible-role-interfaces/issues/68

Change-Id: I6a5275d54c35fdb7bbe8a92309972b9ed7f69395
Story: 2007616
Task: 39626
2020-05-04 11:03:02 +01:00
Pierre Riteau
1a4134419f Improve formatting in release note
Change-Id: I7e90d6f81d8f7a1bf3948f06cf2776a37c801752
2020-04-30 15:59:49 +02:00
Zuul
565a0614dc Merge "Define default variables for Monasca config" 2020-04-29 17:33:48 +00:00
Mark Goddard
2a00b4cc67 Fix ironic inspector rule creation idempotency
Ironic inspector rules are registered both with the seed and (if using)
overcloud ironic inspector services. These tasks often show up as
changed even when no configuration changes have been made that would
affect the rules.

This is caused by inspector returning default values for fields that may
be omitted in the requested rule. This change fixes the issue by
including those defaults in the comparison.

Change-Id: Ia24e328d4531201d76a65b6385e4463bb1f3c5c6
Story: 2007399
Task: 38997
2020-04-28 13:51:35 +00:00
Isaac Prior
39308a4591 Define default variables for Monasca config
Sets 'monasca_install_type: source' to remove need
for kolla-ansible var boilerplate.

Also use default Monasca parameters to configure
Grafana post deploy.

Change-Id: I2b6d62104c9c127cb8f6b4f4930dd695cd00da17
Story: 2007597
Task: 39587
2020-04-28 14:51:26 +01:00
Zuul
5cfca2aa82 Merge "Run kolla-ansible bootstrap-servers as kolla user" 2020-04-27 13:56:54 +00:00
Zuul
c343d4d877 Merge "Docs: Ansible tuning" 2020-04-27 12:05:00 +00:00
Zuul
bf319b71a9 Merge "Support custom Ansible configuration" 2020-04-27 12:04:56 +00:00
Zuul
00b9fa2dbe Merge "Improve SSH known host error messages" 2020-04-27 11:02:24 +00:00
Zuul
316a42e623 Merge "Remove nameservers with any IP in overcloud resolv.conf workaround" 2020-04-27 11:02:19 +00:00
Zuul
0d1de84cb2 Merge "Avoid unconditional fact gathering" 2020-04-27 08:50:19 +00:00
Zuul
558276a8a6 Merge "CI: Add overcloud host configure job" 2020-04-24 00:03:24 +00:00
Zuul
6afc813c83 Merge "Add kolla_enable_openstack_core variable" 2020-04-23 23:44:32 +00:00
Mark Goddard
7890914627 Improve SSH known host error messages
A common failure early on when using Kayobe is during discovery of SSH
known hosts. This happens if a host does not have an IP address
configured on the admin (SSH) network. The failure looks like this:

PLAY [Ensure known hosts are configured]
**********************************************************************
TASK [ssh-known-host : Scan for SSH keys]
**********************************************************************
failed: [compute0 -> localhost] (item=) => {"ansible_loop_var": "item",
    "changed": false, "cmd": ["ssh-keyscan"], "delta": "0:00:00.013855",
    "end": "2020-04-17 10:51:01.857855", "item": "", "msg": "non-zero
        return code", "rc": 1, "start": "2020-04-17 10:51:01.844000",
    "stderr": "usage: ssh-keyscan [-46cDHv] [-f file] [-p port] [-T
        timeout] [-t type]\n\t\t   [host | addrlist namelist]",
    "stderr_lines": ["u sage: ssh-keyscan [-46cDHv] [-f file] [-p port]
        [-T timeout] [-t type]", "\t\t   [host | addrlist namelist]"],
        "stdout": "", "stdout_lines": []}

This happens when ansible_host is an empty string, typically because the
host has no IP address defined in for the admin network in
network-allocation.yml. This is very confusing for a new user. We should
provide a more informative message.

It's not exactly clear how a user gets to this point, since the
ip-allocation.yml playbook runs before ssh-known-host.yml, which should
populate network-allocation.yml.

This change detects this failure mode and provides a message with
information about how to resolve it.

Change-Id: I564b6e4509a30dec7c49a23bb2f75d490be775ed
Story: 2007566
Task: 39456
2020-04-23 19:55:39 +00:00
Zuul
7932314e54 Merge "Use upper constraints when installing Tenks" 2020-04-22 20:11:14 +00:00
Zuul
d0b2f14318 Merge "Cleanup py27 support" 2020-04-22 17:59:29 +00:00
Zuul
1dc5cf0c65 Merge "Fix passwords.yml generation with vault encryption on Python 3" 2020-04-22 17:59:25 +00:00
Zuul
a8f1045842 Merge "Fix seed VM provisioning on a remote seed hypervisor" 2020-04-22 12:38:12 +00:00
Zuul
647b19ae76 Merge "Avoid writing out requirements.txt in kolla-ansible role" 2020-04-22 00:50:45 +00:00
Zuul
eaf511adad Merge "Don't use become for Kolla Ansible" 2020-04-22 00:50:41 +00:00
Zuul
6b19b817cf Merge "CI: Test SSH connectivity to deployed instances" 2020-04-22 00:28:44 +00:00
Zuul
95a4d7e093 Merge "Add support for stopping overcloud services" 2020-04-22 00:28:40 +00:00