* Bump stackhpc.libvirt-host to v1.7.1. On seed-hypervisors installed
using CentOS 8.2 or earlier, interaction with libvirt may fail due to
libgcrypt being incompatible. See
https://github.com/stackhpc/ansible-role-libvirt-host/issues/42
* Bump MichaelRigart.interfaces to v1.9.2. The CentOS 8.3 cloud image
includes an ifcfg-ens3-1 file. See
https://github.com/michaelrigart/ansible-role-interfaces/pull/93
* Previously a second libvirt daemon was installed by Tenks on the host,
however changes in libvirt 6.0.0 to separate libvirtd into multiple
daemons do not allow for customisation of the PID files used by the
new daemons. This leads to a conflict between the container and host
daemons. Update the Tenks config to use the containerised Nova libvirt
daemon. This depends on a change to the stackhpc.libvirt-host role:
https://github.com/stackhpc/ansible-role-libvirt-host/pull/44
* Not CentOS 8.3 related, but tox jobs are now failing on python
dependencies. Remove upper limits from docker and paramiko.
* Not CentOS 8.3 related, but Bifrost has enabled authentication by
default. We are not ready to support this, so override it.
Story: 2008429
Task: 41378
Change-Id: Ie8fd965165e8d347d27528a2c16d0647e412ccdc
For some reason this configuration was omitted or incomplete in these
jobs. Without this configuration, Kayobe development configuration adds
eth1 to the breth1 bridge if it exists, or leaves the bridge without a
port otherwise. This can lead to network connectivity issues, if the IP
address of eth1 becomes inaccessible when it is added to breth1.
This change fixes the issue by ensuring that the dummy1 interface
exists, and configuring the aio network to add it to breth1 as a port,
instead of eth1.
Change-Id: I47115e5d8d1fb448cb9e46dc43b56c64987e428b
Ironic is now disabled by default in the overcloud. This brings Kayobe's
default set of services into line with Kolla Ansible. For environments
using Ironic in the overcloud, set kolla_enable_ironic to true in
kolla.yml.
Story: 2008207
Task: 40991
Change-Id: I33eb4fa534847e199a599350b525d4762a2beaac
The flag dnf_install_epel was being used to predicate installation
of the EPEL RPM repo package, but not preventing the installation
of configuration for access to EPEL. This small patch completes
the job.
Updates the overcloud host configure CI job to install EPEL mirrors,
since it was previously relying on this buggy behaviour.
Change-Id: Ib417837d0772338b16ea9f7f2540549f277d5de8
Ironic has an issue where nodes will be switched to use the direct
deploy interface during upgrade, if it is enabled. This should be fixed
via https://review.opendev.org/755295, after which this patch should be
reverted.
Change-Id: I55af5d979bdbee9dd963845204c2f082fa7b27d7
Adds the kayobe-seed-vm-centos8 CI job to configure the Zuul VM as a
seed hypervisor, and use nested virt to provision a seed VM. This
ensures that the seed hypervisor code paths are tested.
The job uses a Cirros image for the seed VM rather than the usual CentOS
cloud image. This is to reduce bandwidth required to download the image.
It does mean that the resulting seed VM cannot be used as a seed, but
nested virt would make this slow and unreliable anyway. Cirros does not
load cdrom drivers by default, so we add the configdrive as a disk
rather than a cdrom device.
Depends-On: https://review.opendev.org/617161
Change-Id: I2268a1ddf9a2870c713f32a40689e1686365aabd
Story: 2001655
Task: 6683
Switches to use the IPA builder project for building IPA images.
Switches the IPA images used by default to CentOS 8 based image.
Changes the file extension of the IPA kernel image from vmlinuz to
kernel.
Story: 2007070
Task: 37953
Change-Id: I82fc455f41f48dacb453e135870dd776895d7c99
Story: 2006574
Task: 39485
* Always use Python 3
* Drop code paths for CentOS 7
* Drop support for Yum
* Remove support for host NTP daemon, always use chrony
* Switch references from 'yum_install_epel' to 'dnf_install_epel'
* Remove overcloud host image workaround for tagged VLAN admin network
* Remove the kayobe.utils.yum_install function, which is unused
Change-Id: I368f6edafed9779658798fc342116b4c1b3ffd48
Story: 2006574
Task: 39481
This can be advantageous in deployments with a data security
requirement.
Change-Id: I555ee575ccec0cfbcc4c4bcb53677796c83227e3
Story: 2007555
Task: 39410
1. Blacklist Ansible 2.9.8
Ansible 2.9.8 includes a regression on the fileglob plugin [1] that
causes the Kolla Ansible HAProxy role to fail.
This change blacklists Ansible 2.9.8 to work around the issue.
2. Use ensure-docker role instead of install-docker
The install-* roles are being deprecated and renamed to follow the
ensure-* naming convention [2].
[1] https://github.com/ansible/ansible/issues/69450
[2] http://lists.zuul-ci.org/pipermail/zuul-announce/2020-April/000071.html
Change-Id: Iab1d84e6a8c1b3dd81e53279309153687677a061
Story: 2007659
Task: 39748
Tests various non-default configuration:
* Custom users
* Network interfaces, VLANs, bridges, bonds
* Software RAID
* LVM & docker devicemapper
* timezone
* Package mirrors
* yum-cron / DNF automatic
This improved test coverage allows us to be more confident about these
features working on CentOS 8.
Change-Id: I36148e4356deb7d5ec00d8d3ebeb2d3932ff4f94
Story: 2006574
Task: 38938
CentOS 8 removes interfaces from their bridge during ifdown, and removes
the bridge if there are no interfaces left. When Kayobe bounces veth
links plugged into the bridge, it causes the bridge which has the IP we
are using for SSH to be removed. Use a dummy interface in CI to avoid
this problem.
Kolla-ansible has dropped all CentOS 7 jobs on master now, and prechecks
only allow CentOS 7 hosts. Drop all CentOS 7 jobs. We will have to run
without upgrade jobs in place until Train supports CentOS 8.
Depends-On: https://review.opendev.org/695881
Change-Id: I7c1a885b36445e33d4db1b1c8533db28a644b4a1
Story: 2006574
Task: 38870
Currently Kayobe stderr is logged to the Zuul playbook output. This
change redirects stderr to the ansible log files.
Change-Id: Ia2f25a2e41859159275d418b57ab59bb97f58d6a
Also refactors the CI job playbooks to create the previous git repo
clones for upgrade jobs in the kayobe-base job.
Change-Id: I10c2b872887a47fab1a373fc0525dcd6fc78f7e2
Kayobe uses a number of virtual environments on the remote hosts for
python dependencies such as shade, python-openstackclient, docker, etc.
By default these are stored in /opt/kayobe/venvs/. Typically we do not
provide version restrictions when installing these packages, so over the
course of time they may become stale and incompatible.
This change installs the latest version of packages allowed by OpenStack
upper constraints.
It also adds a new variable, 'pip_upper_constraints_file', to set the
upper constraints file. The existing variable
'kolla_upper_constraints_file' now defaults to the value of
'pip_upper_constraints_file'.
Change-Id: I8d2956f95bbc44b5a9e88e7569372048a62f12f5
Story: 2005923
Task: 34193
Using Kayobe with cliff 2.15.0 fails with the following error:
kayobe playbook run playbook.yml
invalid conflict_resolution value: 'ignore'
This change restricts cliff to <2.15.0.
Also, fix git cloning previous release repos in CI to allow this patch
to merge.
Zuul provides repositories with all branches containing all prospective
changes, not just the current branch. We can use this in the upgrade
jobs to include changes to the previous release branch when a patch
depends on them.
Change-Id: I7966cf33f6133090d83232504b8c1da4c7817e0c
Depends-On: https://review.opendev.org/665703/
Story: 2005891
Task: 33748
Allows users to explicitly specify which type of tenks
deployment they wish to create / destroy.
Preserves existing behaviour with defaults.
Modifies Zuul tests to use new tenks-deploy entrypoints.
Change-Id: I9aafed8481fd7564c0fc0abe5f6b21eceb824d75
Adds a new abstract parent job for the following kayobe deploy jobs:
kayobe-overcloud-centos
kayobe-overcloud-upgrade-centos
kayobe-seed-centos
kayobe-seed-upgrade-centos
This parent includes commonly used variables, and pre-run and post-run
playbooks for preparing and executing diagnostics, plus other
initialisation.
Change-Id: I9ab89fbc49bb32d86af56d50ec3914740e65d0f8
The project infrastructure is now hosted at opendev.org.
Kayobe projects have been moved from the openstack/ namespace to x/.
Change-Id: I16b523285eb34c1cd0eaf920aa4512d0ae1b4f05
Use master branch of:
* Kolla
* Kolla ansible
* Bifrost
* IPA
* OpenStack services
* Requirements
Also, use the infra docker registry mirror at port 8082 which does not
have any path component in its URL, and so works with Docker CE.
Depends-On: https://review.openstack.org/#/c/651254/
Change-Id: Icdb62aa0083d9272a08421138719cf5f6b52ec5a
Story: 2001864
Task: 14316
Currently nested virtualisation under KVM does not seem to be working in
CI. This breaks the 'bare metal' deployment testing using Tenks, which
lead us to disable it in 749ef8243e9ae855cf8ceb54dc3f88c6c1b2fea0.
This commit forces Tenks to use QEMU for its VMs, allowing us to revert
commit 749ef8243e9ae855cf8ceb54dc3f88c6c1b2fea0..
Change-Id: Id382c218f3b37979341f0d96718a6011a1d9da37
Story: 2005316
Task: 30223
When first added, the bare metal deployment tests using Tenks were
fairly reliable (although not 100%). Recently though, jobs seem to be
failing at this step quite frequently, making it difficult to merge
patches. Looking at the historical zuul jobs, the failure rate per job
seems to be about 1/3:
http://zuul.openstack.org/builds?job_name=kayobe-overcloud-centos. With
two overcloud jobs and check and gate required to pass, the merge
success rate is around 20%.
Let's skip this testing for now, until we can make it more reliable.
Change-Id: Id0a05f8c5d227f8cd9424c7a5b138eddee93f827
Story: 2005316
Task: 30224
This script is used by developers to activate the kayobe virtual
environment and source the configuration's kayobe-env file. A cd to /tmp
is an unexpected outcome of running the script.
To test the location-independent installation, remove the chdir from the
zuul job tasks that execute kayobe commands.
Change-Id: I59194952901fa648382489f48dc7aafb03d3a682
Story: 2004252
Task: 29347
Adds the kayobe-seed-upgrade-centos job, which performs an upgrade of
the seed services from the previous release to the current release.
Change-Id: Ia3eb39cf81cb3618fd94c4456bd576b52098c946
Story: 2004308
Task: 27873
previous_release variable is used for two different purposes in Zuul config.
Rename one to reflect its flagginess.
Change-Id: Ib7833b29ab2959db7c7ff85b90fb8a4f5082d864
In the upgrade CI job, the kayobe configuration is first generated for
the previous release. If the job fails while deploying the previous
release, we don't have access to the configuration that was used.
This change adds previous_kayobe_config and previous_kolla_config to the
saved logs.
Change-Id: I603fc856cf79bdc52f5bf158c6706c1c0ffe2d95
The mirror caches images from Dockerhub, and should reduce load on the
cloud and improve download times.
Change-Id: I2b52fa6371118e28c1d601e8b90065897f24f41d
tenks-deploy.sh deploys a minimal virtualized baremetal test cluster
locally. It also adds it to the overcloud-base CI job. To make the new
CI job work, we need to configure the firewall on the test machine to
allow the baremetal machines to communicate with the openstack services.
Change-Id: I7487a2606cf0bac71c5c63db41b2b518a6f6398b
Depends-On: https://review.openstack.org/#/c/615939
Depends-On: https://review.openstack.org/#/c/618003
Story: 2004297
Task: 27850
Use stable/rocky branch of:
* Kolla
* Kolla ansible
* Bifrost
* IPA
* OpenStack services
* Requirements
Also updates Kolla Ansible inventory template.
The seed deploy job has been made non-voting and non-gating, because we
are waiting for bifrost change https://review.openstack.org/#/c/618740
to merge, be released, and for the kolla bifrost image to use the new
package.
Change-Id: Id5e7fdbd196f96e1e75ffc68bc93aab18fa38aa7
Story: 2001864
Task: 27798
Depends-On: I58e4f951d4a3dd89e0784fd82d8a62dbba374f79
This allows us to remove the sudo from the tox molecule environment, since
the install-docker role correctly adds the zuul user to the docker group.
Change-Id: Ib7abd22c0caf793a8a59d38a4f63df7e60a7b69e
There is currently no coverage of upgrades in CI, which leaves us open
to regression in this infrequently tested but crucial area. This change
adds the required scripts and Zuul configuration.
A control plane is first deployed using the Kayobe stable/pike branch
and associated default configuration. The control plane is tested by
deploying then deleting a server instance. An upgrade to Queens is
performed, using the Kayobe master branch, or code in review if
applicable. The upgraded control plane is tested by deploying then
deleting a second server instance.
A workaround was required to restart the nova_compute service after the
upgrade, since the SIGHUP sent to it by Kolla Ansible during upgrade
appeared to be putting it into a degraded state.
A future improvement to this test could be to leave a server instance
running during the upgrade.
Change-Id: I0e595524e39d1131fe3ec6aaf2aeec3ff3d6a536
Story: 2003472
Task: 24732
The Kayobe development configuration has moved to
openstack/kayobe-config-dev. It was previously hosted at
stackhpc/dev-kayobe-config on Github.
This change updates the Zuul configuration and development documentation
to use the new location. It also uses a location for the kayobe source
code that works when kayobe is not the repository against which the code
review is targetted. This allows us to run kayobe jobs for
kayobe-config-dev changes.
Configuration for the seed VM and seed hypervisor development
environments is not yet supported by kayobe-config-dev, so the
documentation references a branch in my personal fork on Github.
Change-Id: I621324093b8dff0ac52a648539cd91bc12da4862
We no longer need to use devicemapper with a loopback-mounted LVM since
Bifrost can now support the overlay driver.
Change-Id: I043d3be303e337a1fcbbca6e6edc5abc5dcb9c1b
