Merge "Remove support for nspawn containers."
This commit is contained in:
commit
2aa71dfebc
@ -293,16 +293,6 @@
|
||||
src: https://github.com/noonedeadpunk/ansible-pacemaker-corosync
|
||||
trackbranch: master
|
||||
version: master
|
||||
- name: nspawn_container_create
|
||||
src: https://opendev.org/openstack/openstack-ansible-nspawn_container_create
|
||||
scm: git
|
||||
version: master
|
||||
trackbranch: master
|
||||
- name: nspawn_hosts
|
||||
src: https://opendev.org/openstack/openstack-ansible-nspawn_hosts
|
||||
scm: git
|
||||
version: master
|
||||
trackbranch: master
|
||||
- name: systemd_service
|
||||
src: https://opendev.org/openstack/ansible-role-systemd_service
|
||||
scm: git
|
||||
|
@ -39,6 +39,3 @@ The following are some useful commands to manage LXC:
|
||||
|
||||
# lxc-stop --name container_name
|
||||
|
||||
Systemd nspawn commands
|
||||
=======================
|
||||
|
||||
|
@ -218,40 +218,3 @@ To omit a component from a deployment, you can use one of several options:
|
||||
you specify the component to run directly on a host by using the ``is_metal``
|
||||
property, a container is created for this component.
|
||||
|
||||
Deploying using a different container technology
|
||||
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
|
||||
|
||||
.. warning::
|
||||
|
||||
While nspawn is an available containerization technology it should be
|
||||
considered unmaintained and it's support will be removed in the upcoming
|
||||
release.
|
||||
|
||||
OpenStack-Ansible presently supports two different container technologies, LXC
|
||||
and nspawn. These two container technologies can be used separately or together
|
||||
within the same cluster but has a limitation of only one setting per host.
|
||||
|
||||
Using ``shared-infra_hosts`` as an example, consider this
|
||||
``openstack_user_config.yml`` configuration:
|
||||
|
||||
.. code-block:: yaml
|
||||
|
||||
shared-infra_hosts:
|
||||
infra1:
|
||||
ip: 172.29.236.101
|
||||
container_vars:
|
||||
container_tech: lxc
|
||||
infra2:
|
||||
ip: 172.29.236.102
|
||||
container_vars:
|
||||
container_tech: nspawn
|
||||
infra3:
|
||||
ip: 172.29.236.103
|
||||
|
||||
In this example the three hosts are assigned to the `shared-infra_hosts` group,
|
||||
and will deploy containerized workloads using ``lxc`` on **infra1**, ``nspawn``
|
||||
on **infra2**, and ``lxc`` on **infra3**. Notice **infra3** does not define the
|
||||
``container_tech`` option because it not required. If this option is undefined
|
||||
the value will automatically be set to ``lxc`` within the generated inventory.
|
||||
The two supported options for the ``container_tech`` configuration variable are
|
||||
``lxc`` or ``nspawn``.
|
||||
|
@ -231,7 +231,7 @@ It is possible to also do this (and change other defaults) during the bootstrap
|
||||
script initial execution by changing the SCENARIO environment variable before
|
||||
running the script. The key word 'aio' will ensure that a basic set of
|
||||
OpenStack services (cinder, glance, horizon, neutron, nova) will be deployed.
|
||||
The key words 'lxc' and 'nspawn' can be used to set the container back-end,
|
||||
The key words 'lxc' can be used to set the container back-end,
|
||||
while the key word 'metal' will deploy all services without containers. In
|
||||
order to implement any other services, add the name of the conf.d file name
|
||||
without the `.yml.aio` extension into the SCENARIO environment variable. Each
|
||||
|
@ -1,140 +0,0 @@
|
||||
---
|
||||
cidr_networks:
|
||||
container: "172.29.236.0/22"
|
||||
flat: 172.29.240.0/22
|
||||
storage: "172.29.244.0/22"
|
||||
vxlan: "172.29.248.0/22"
|
||||
|
||||
|
||||
used_ips:
|
||||
- 172.29.236.100,172.29.236.200
|
||||
- 172.29.240.110,172.29.240.200
|
||||
- 172.29.241.0,172.29.241.254
|
||||
- 172.29.242.100,172.29.242.200
|
||||
- 172.29.244.100,172.29.244.200
|
||||
- 172.29.248.100,172.29.248.200
|
||||
|
||||
|
||||
global_overrides:
|
||||
internal_lb_vip_address: 172.29.236.100
|
||||
external_lb_vip_address: "{{ bootstrap_host_public_address | default(ansible_facts['default_ipv4']['address']) }}"
|
||||
tunnel_bridge: "mv-vxlan"
|
||||
management_bridge: "mv-{{ ansible_facts['default_ipv4']['alias'] }}"
|
||||
provider_networks:
|
||||
- network:
|
||||
container_bridge: "{{ ansible_facts['default_ipv4']['alias'] }}"
|
||||
container_interface: "mv-container"
|
||||
ip_from_q: "container"
|
||||
type: "raw"
|
||||
is_container_address: true
|
||||
group_binds:
|
||||
- all_containers
|
||||
- hosts
|
||||
- network:
|
||||
container_bridge: "{{ ansible_facts['default_ipv4']['alias'] }}"
|
||||
container_interface: "mv-flat"
|
||||
host_bind_override: "mv-flat"
|
||||
ip_from_q: "flat"
|
||||
type: "flat"
|
||||
net_name: "flat"
|
||||
group_binds:
|
||||
- neutron_linuxbridge_agent
|
||||
- octavia-worker
|
||||
- octavia-housekeeping
|
||||
- octavia-health-manager
|
||||
- rabbitmq
|
||||
- utility_all
|
||||
- network:
|
||||
container_bridge: "{{ ansible_facts['default_ipv4']['alias'] }}"
|
||||
container_interface: "mv-storage"
|
||||
ip_from_q: "storage"
|
||||
type: "raw"
|
||||
is_container_address: true
|
||||
group_binds:
|
||||
- glance_api
|
||||
- cinder_api
|
||||
- cinder_volume
|
||||
- nova_compute
|
||||
- swift_proxy
|
||||
- network:
|
||||
container_bridge: "{{ ansible_facts['default_ipv4']['alias'] }}"
|
||||
container_interface: "mv-vxlan"
|
||||
ip_from_q: "vxlan"
|
||||
type: "vxlan"
|
||||
net_name: "vxlan"
|
||||
range: "1:1000"
|
||||
group_binds:
|
||||
- neutron_linuxbridge_agent
|
||||
|
||||
|
||||
###
|
||||
### Anchors
|
||||
###
|
||||
# NOTE(cloudull): This section and is only present as a way to show how blocks
|
||||
# can be used to to simplify config when hosts serve multiple
|
||||
# roles. In this case the AIO block is defined once and used
|
||||
# for all other components without needing to duplicate config.
|
||||
aio_block: &aio_info_block
|
||||
aio1:
|
||||
ip: 172.29.236.100
|
||||
host_vars:
|
||||
# NOTE(cloudnull): local connection is used in the gate because of the
|
||||
# current gate scripts are structured. Once inline fact
|
||||
# gathering is moved/removed this option can be removed.
|
||||
ansible_connection: local
|
||||
#
|
||||
# NOTE(cloudnull): Currently set to false to speed up the test, set this
|
||||
# true at a later date, when confidence is higher.
|
||||
apply_security_hardening: false
|
||||
#
|
||||
# NOTE(cloudull): This is an example of an extra network that will be
|
||||
# created on the host. This is used to setup a local host
|
||||
# for testing with tempest and not something that is used
|
||||
# in production.
|
||||
#
|
||||
# + The flat network configuration option provided here
|
||||
# was created so a user can interact with a local flat
|
||||
# network without any manual intervention. In a
|
||||
# poduction setup with VLAN tagged interfaces or
|
||||
# multiple nics this would not be required.
|
||||
#
|
||||
# + The "vxlan" network configuration option is provided
|
||||
# so test instances can be built using l3 networks. In a
|
||||
# normal production environment this would not be needed
|
||||
# as a physical device (or vlan tagged interface) would
|
||||
# be used and should already have an IP address assigned
|
||||
# to it.
|
||||
container_extra_networks:
|
||||
container_network:
|
||||
bridge: "{{ ansible_facts['default_ipv4']['alias'] }}"
|
||||
interface: mv-container
|
||||
address: 172.29.236.100
|
||||
netmask: 255.255.252.0
|
||||
flat_network:
|
||||
bridge: "{{ ansible_facts['default_ipv4']['alias'] }}"
|
||||
interface: mv-flat
|
||||
address: 172.29.240.100
|
||||
netmask: 255.255.252.0
|
||||
storage_network:
|
||||
bridge: "{{ ansible_facts['default_ipv4']['alias'] }}"
|
||||
interface: mv-storage
|
||||
address: 172.29.244.100
|
||||
netmask: 255.255.252.0
|
||||
vxlan_network:
|
||||
bridge: "{{ ansible_facts['default_ipv4']['alias'] }}"
|
||||
interface: mv-vxlan
|
||||
address: 172.29.248.100
|
||||
netmask: 255.255.252.0
|
||||
container_vars:
|
||||
# Optional | container_tech for a target host, default is "lxc".
|
||||
container_tech: "nspawn"
|
||||
|
||||
|
||||
###
|
||||
### Infrastructure
|
||||
###
|
||||
# galera, memcache, rabbitmq, utility
|
||||
shared-infra_hosts: *aio_info_block
|
||||
|
||||
# repository (apt cache, python packages, etc)
|
||||
repo-infra_hosts: *aio_info_block
|
@ -54,9 +54,6 @@ global_overrides:
|
||||
# neutron public addresses, LXC
|
||||
- cidr: 172.29.248.0/22
|
||||
gateway: 172.29.236.100
|
||||
# neutron public networks, nspawn
|
||||
- cidr: 172.29.240.0/22
|
||||
gateway: 172.29.236.100
|
||||
{% if 'ovn' in bootstrap_host_scenarios_expanded %}
|
||||
- network:
|
||||
container_bridge: "br-vxlan"
|
||||
@ -193,9 +190,6 @@ global_overrides:
|
||||
shared-infra_hosts:
|
||||
aio1:
|
||||
ip: 172.29.236.100
|
||||
container_vars:
|
||||
# Optional | container_tech for a target host, default is "lxc".
|
||||
container_tech: "{{ bootstrap_host_container_tech }}"
|
||||
{% if 'infra' in bootstrap_host_scenarios_expanded %}
|
||||
affinity:
|
||||
galera_container: 3
|
||||
|
@ -318,38 +318,6 @@
|
||||
# infra3:
|
||||
# ip: 172.29.236.103
|
||||
#
|
||||
# List of target hosts on which to deploy shared infrastructure services
|
||||
# and define the container_tech for a specific infra node. If this setting
|
||||
# is omitted the inventory generation system will default to "lxc". Accpetable
|
||||
# options are "lxc" and "nspawn". Please note, that nspawn is unmaintained
|
||||
# and will be removed in the upcoming release
|
||||
#
|
||||
# Level: <value> (required, string)
|
||||
# Hostname of a target host.
|
||||
#
|
||||
# Option: ip (required, string)
|
||||
# IP address of this target host, typically the IP address assigned to
|
||||
# the management bridge.
|
||||
#
|
||||
# Level: container_vars (required)
|
||||
# Contains storage options for this target host.
|
||||
#
|
||||
# Example:
|
||||
#
|
||||
# Define three shared infrastructure hosts with different "container_tech":
|
||||
#
|
||||
# shared-infra_hosts:
|
||||
# infra1:
|
||||
# ip: 172.29.236.101
|
||||
# container_vars:
|
||||
# container_tech: nspawn
|
||||
# infra2:
|
||||
# ip: 172.29.236.102
|
||||
# container_vars:
|
||||
# container_tech: lxc
|
||||
# infra3:
|
||||
# ip: 172.29.236.103
|
||||
#
|
||||
# --------
|
||||
#
|
||||
# Level: repo-infra_hosts (required)
|
||||
|
@ -115,7 +115,7 @@ class MissingStaticRouteInfo(Exception):
|
||||
|
||||
class LxcHostsDefined(Exception):
|
||||
def __init__(self):
|
||||
self.message = ("The group 'lxc_hosts' or 'nspawn_hosts' must not"
|
||||
self.message = ("The group 'lxc_hosts' must not"
|
||||
" be defined in config; it will be dynamically "
|
||||
" generated.")
|
||||
|
||||
@ -637,7 +637,7 @@ def _add_additional_networks(key, inventory, ip_q, q_name, netmask, interface,
|
||||
is_metal = properties.get('is_metal', False)
|
||||
|
||||
_network = network_entry(
|
||||
is_metal and (container.get('container_tech') != 'nspawn'),
|
||||
is_metal,
|
||||
interface,
|
||||
bridge,
|
||||
net_type,
|
||||
@ -786,10 +786,9 @@ def populate_lxc_hosts(inventory):
|
||||
|
||||
:param inventory: The dictionary containing the Ansible inventory
|
||||
"""
|
||||
lxc_host_nodes, nspawn_host_nodes = _find_lxc_hosts(inventory)
|
||||
inventory['nspawn_hosts'] = {'hosts': nspawn_host_nodes}
|
||||
lxc_host_nodes = _find_lxc_hosts(inventory)
|
||||
inventory['lxc_hosts'] = {'hosts': lxc_host_nodes}
|
||||
logger.debug("Created lxc_hosts and nspawn_hosts group.")
|
||||
logger.debug("Created lxc_hosts group.")
|
||||
|
||||
|
||||
def _find_lxc_hosts(inventory):
|
||||
@ -807,7 +806,6 @@ def _find_lxc_hosts(inventory):
|
||||
:rtype: list
|
||||
"""
|
||||
lxc_host_nodes = []
|
||||
nspawn_host_nodes = []
|
||||
for host, hostvars in inventory['_meta']['hostvars'].items():
|
||||
physical_host = hostvars.get('physical_host', None)
|
||||
container_tech = hostvars.get('container_tech', 'lxc')
|
||||
@ -820,19 +818,14 @@ def _find_lxc_hosts(inventory):
|
||||
array=lxc_host_nodes,
|
||||
item=physical_host
|
||||
)
|
||||
elif container_tech == 'nspawn':
|
||||
appended = du.append_if(
|
||||
array=nspawn_host_nodes,
|
||||
item=physical_host
|
||||
)
|
||||
else:
|
||||
appended = None
|
||||
|
||||
if appended:
|
||||
logger.debug("%s added to lxc_hosts and nspawn_hosts group",
|
||||
logger.debug("%s added to lxc_hosts group",
|
||||
physical_host)
|
||||
|
||||
return lxc_host_nodes, nspawn_host_nodes
|
||||
return lxc_host_nodes
|
||||
|
||||
|
||||
def _ensure_inventory_uptodate(inventory, container_skel):
|
||||
@ -958,9 +951,7 @@ def _check_multiple_ips_to_host(config):
|
||||
def _check_lxc_hosts(config):
|
||||
if 'lxc_hosts' in config.keys():
|
||||
raise LxcHostsDefined()
|
||||
elif 'nspawn_hosts' in config.keys():
|
||||
raise LxcHostsDefined()
|
||||
logger.debug("lxc_hosts or nspawn_hosts group not defined")
|
||||
logger.debug("lxc_hosts group not defined")
|
||||
|
||||
|
||||
def _check_group_branches(config, physical_skel):
|
||||
|
@ -1,129 +0,0 @@
|
||||
---
|
||||
# Copyright 2017, Rackspace US, Inc.
|
||||
#
|
||||
# Licensed under the Apache License, Version 2.0 (the "License");
|
||||
# you may not use this file except in compliance with the License.
|
||||
# You may obtain a copy of the License at
|
||||
#
|
||||
# http://www.apache.org/licenses/LICENSE-2.0
|
||||
#
|
||||
# Unless required by applicable law or agreed to in writing, software
|
||||
# distributed under the License is distributed on an "AS IS" BASIS,
|
||||
# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
|
||||
# See the License for the specific language governing permissions and
|
||||
# limitations under the License.
|
||||
|
||||
- name: Pull systemd version
|
||||
command: "systemctl --version"
|
||||
changed_when: false
|
||||
register: systemd_version
|
||||
delegate_to: "{{ physical_host }}"
|
||||
tags:
|
||||
- skip_ansible_lint
|
||||
- always
|
||||
|
||||
- name: Set facts
|
||||
set_fact:
|
||||
nspawn_systemd_version: "{{ systemd_version.stdout_lines[0].split()[-1] }}"
|
||||
tags:
|
||||
- always
|
||||
|
||||
- name: Escape quote container name
|
||||
command: "systemd-escape {{ inventory_hostname }}"
|
||||
changed_when: false
|
||||
register: systemd_escape
|
||||
delegate_to: "{{ physical_host }}"
|
||||
tags:
|
||||
- skip_ansible_lint
|
||||
- always
|
||||
|
||||
- name: Ensure mount directories exists (physical host)
|
||||
file:
|
||||
path: "{{ item['mount_path'] }}"
|
||||
state: "directory"
|
||||
with_items:
|
||||
- "{{ list_of_bind_mounts | default([]) }}"
|
||||
delegate_to: "{{ physical_host }}"
|
||||
tags:
|
||||
- common-nspawn
|
||||
|
||||
- name: Ensure mount directories exists (container)
|
||||
file:
|
||||
path: "{{ item['bind_dir_path'] }}"
|
||||
state: "directory"
|
||||
with_items:
|
||||
- "{{ list_of_bind_mounts | default([]) }}"
|
||||
tags:
|
||||
- common-nspawn
|
||||
|
||||
- name: Create container bind mount config
|
||||
lineinfile:
|
||||
dest: "/etc/systemd/nspawn/{{ inventory_hostname }}.nspawn"
|
||||
line: "Bind={{ item['mount_path'] }}:{{ item['bind_dir_path'] }}"
|
||||
insertafter: "^Bind"
|
||||
backup: "true"
|
||||
with_items:
|
||||
- "{{ list_of_bind_mounts | default([]) }}"
|
||||
delegate_to: "{{ physical_host }}"
|
||||
register: add_bind
|
||||
when:
|
||||
- nspawn_systemd_version | int > 219
|
||||
tags:
|
||||
- common-nspawn
|
||||
|
||||
- name: Create container bind mount config (old)
|
||||
block:
|
||||
- name: Get ExecStart from config
|
||||
shell: >-
|
||||
grep -w '^ExecStart=/usr/bin/systemd-nspawn'
|
||||
/etc/systemd/system/systemd-nspawn@$(/usr/bin/systemd-escape {{ inventory_hostname }}).service
|
||||
delegate_to: "{{ physical_host }}"
|
||||
register: _ec_old_start
|
||||
changed_when: false
|
||||
|
||||
- name: set flag fact
|
||||
set_fact:
|
||||
nspawn_flags: "{{ _ec_old_start.stdout.split('ExecStart=/usr/bin/systemd-nspawn')[-1] }}"
|
||||
nspawn_extra_flags: "{% for item in list_of_bind_mounts %} --bind={{ item['mount_path'] }}:{{ item['bind_dir_path'] }}{% endfor %}"
|
||||
|
||||
- name: set flag list
|
||||
set_fact:
|
||||
nspawn_flag_list: "{{ nspawn_flags.split() | union(nspawn_extra_flags.split()) | unique }}"
|
||||
|
||||
- name: Add line in container start config
|
||||
lineinfile:
|
||||
dest: "/etc/systemd/system/systemd-nspawn@{{ systemd_escape.stdout }}.service"
|
||||
line: "ExecStart=/usr/bin/systemd-nspawn {{ nspawn_flag_list | join(' ') }}"
|
||||
regexp: "^ExecStart"
|
||||
backup: "true"
|
||||
delegate_to: "{{ physical_host }}"
|
||||
register: _ec
|
||||
when:
|
||||
- list_of_bind_mounts | default([])
|
||||
- nspawn_systemd_version | int < 220
|
||||
tags:
|
||||
- common-nspawn
|
||||
|
||||
- name: Restart container
|
||||
systemd:
|
||||
name: "systemd-nspawn@{{ systemd_escape.stdout }}"
|
||||
state: restarted
|
||||
register: _container_restart
|
||||
until: _container_restart is success
|
||||
retries: 3
|
||||
delay: 5
|
||||
delegate_to: "{{ physical_host }}"
|
||||
when:
|
||||
- (_ec is defined and _ec is changed) or
|
||||
(add_bind is defined and add_bind is changed)
|
||||
tags:
|
||||
- common-nspawn
|
||||
|
||||
- name: Wait for container connectivity
|
||||
wait_for_connection:
|
||||
delay: 3
|
||||
timeout: 60
|
||||
when:
|
||||
- _container_restart is changed
|
||||
tags:
|
||||
- common-nspawn
|
@ -15,5 +15,3 @@
|
||||
|
||||
- import_playbook: "containers-lxc-host.yml"
|
||||
- import_playbook: "containers-lxc-create.yml"
|
||||
- import_playbook: "containers-nspawn-host.yml"
|
||||
- import_playbook: "containers-nspawn-create.yml"
|
||||
|
@ -1,120 +0,0 @@
|
||||
---
|
||||
# Copyright 2017, Rackspace US, Inc.
|
||||
#
|
||||
# Licensed under the Apache License, Version 2.0 (the "License");
|
||||
# you may not use this file except in compliance with the License.
|
||||
# You may obtain a copy of the License at
|
||||
#
|
||||
# http://www.apache.org/licenses/LICENSE-2.0
|
||||
#
|
||||
# Unless required by applicable law or agreed to in writing, software
|
||||
# distributed under the License is distributed on an "AS IS" BASIS,
|
||||
# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
|
||||
# See the License for the specific language governing permissions and
|
||||
# limitations under the License.
|
||||
|
||||
- name: Gather nspawn host facts
|
||||
hosts: "{{ nspawn_host_group | default('nspawn_hosts') }}"
|
||||
gather_facts: true
|
||||
tags:
|
||||
- always
|
||||
|
||||
- name: Set nspawn containers group
|
||||
hosts: "{{ container_group | default('all_containers') }}"
|
||||
gather_facts: false
|
||||
tags:
|
||||
- always
|
||||
- nspawn-containers-create
|
||||
tasks:
|
||||
- name: Add hosts to dynamic inventory group
|
||||
group_by:
|
||||
key: nspawn_containers
|
||||
parents: all_nspawn_containers
|
||||
when:
|
||||
- container_tech == 'nspawn'
|
||||
|
||||
|
||||
- name: Create container(s)
|
||||
hosts: all_nspawn_containers
|
||||
gather_facts: false
|
||||
user: root
|
||||
environment: "{{ deployment_environment_variables | default({}) }}"
|
||||
tags:
|
||||
- nspawn-containers-create
|
||||
roles:
|
||||
- role: "nspawn_container_create"
|
||||
post_tasks:
|
||||
- name: Wait for container connectivity
|
||||
wait_for_connection:
|
||||
connect_timeout: "{{ lxc_container_wait_params.connect_timeout | default(omit) }}"
|
||||
delay: "{{ lxc_container_wait_params.delay | default(omit) }}"
|
||||
sleep: "{{ lxc_container_wait_params.sleep | default(omit) }}"
|
||||
timeout: "{{ lxc_container_wait_params.timeout | default(omit) }}"
|
||||
|
||||
|
||||
- name: Rescan storage quotas
|
||||
hosts: "{{ nspawn_host_group | default('nspawn_hosts') }}"
|
||||
gather_facts: false
|
||||
tags:
|
||||
- nspawn-containers-create
|
||||
tasks:
|
||||
- name: Rescan quotas
|
||||
command: "btrfs quota rescan -w /var/lib/machines"
|
||||
changed_when: false
|
||||
|
||||
- name: Gather nspawn containers facts
|
||||
hosts: all_nspawn_containers
|
||||
gather_facts: true
|
||||
tags:
|
||||
- always
|
||||
|
||||
- name: Configure containers default software
|
||||
hosts: all_nspawn_containers
|
||||
gather_facts: false
|
||||
user: root
|
||||
vars_files:
|
||||
- defaults/repo_packages/openstack_services.yml
|
||||
- "defaults/{{ install_method }}_install.yml"
|
||||
environment: "{{ deployment_environment_variables | default({}) }}"
|
||||
tags:
|
||||
- nspawn-containers-create
|
||||
pre_tasks:
|
||||
- name: Update package cache (apt)
|
||||
package:
|
||||
update_cache: yes
|
||||
force_apt_get: yes
|
||||
force: yes
|
||||
register: cache_update
|
||||
until: cache_update is success
|
||||
retries: 5
|
||||
delay: 15
|
||||
when:
|
||||
- ansible_facts['pkg_mgr'] == 'apt'
|
||||
|
||||
- name: Update package cache (zypper)
|
||||
zypper_repository:
|
||||
repo: '*'
|
||||
runrefresh: yes
|
||||
register: cache_update
|
||||
until: cache_update is success
|
||||
retries: 5
|
||||
delay: 15
|
||||
when:
|
||||
- ansible_facts['pkg_mgr'] == 'zypper'
|
||||
|
||||
# When using gather_facts with smart gathering,
|
||||
# the facts aren't fully updated unless they
|
||||
# are old. Using the setup module in a task
|
||||
# does a more thorough collection.
|
||||
# Given we've just created the container, it is
|
||||
# best that we do a full collection of facts -
|
||||
# otherwise we end up with a stale set which
|
||||
# has stuff like the hostname = localhost.
|
||||
- name: Gather facts for new container(s)
|
||||
setup:
|
||||
gather_subset: "network,hardware,virtual"
|
||||
|
||||
roles:
|
||||
- role: "openstack_hosts"
|
||||
is_container: true
|
||||
|
@ -1,110 +0,0 @@
|
||||
---
|
||||
# Copyright 2017, Rackspace US, Inc.
|
||||
#
|
||||
# Licensed under the Apache License, Version 2.0 (the "License");
|
||||
# you may not use this file except in compliance with the License.
|
||||
# You may obtain a copy of the License at
|
||||
#
|
||||
# http://www.apache.org/licenses/LICENSE-2.0
|
||||
#
|
||||
# Unless required by applicable law or agreed to in writing, software
|
||||
# distributed under the License is distributed on an "AS IS" BASIS,
|
||||
# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
|
||||
# See the License for the specific language governing permissions and
|
||||
# limitations under the License.
|
||||
|
||||
- name: Set nspawn containers group
|
||||
hosts: "{{ container_group | default('all_containers') }}"
|
||||
gather_facts: false
|
||||
tasks:
|
||||
- name: Add hosts to dynamic inventory group
|
||||
group_by:
|
||||
key: nspawn_containers
|
||||
parents: all_nspawn_containers
|
||||
when:
|
||||
- container_tech == 'nspawn'
|
||||
tags:
|
||||
- always
|
||||
- nspawn-containers-destroy
|
||||
|
||||
- name: Destroy nspawn containers
|
||||
hosts: all_nspawn_containers
|
||||
gather_facts: false
|
||||
user: root
|
||||
tasks:
|
||||
- name: Get container status
|
||||
command: machinectl status "{{ inventory_hostname }}"
|
||||
register: machinectl_status
|
||||
failed_when: false
|
||||
delegate_to: "{{ physical_host }}"
|
||||
|
||||
- name: Get container image status
|
||||
command: machinectl image-status "{{ inventory_hostname }}"
|
||||
register: machinectl_image_status
|
||||
failed_when: false
|
||||
delegate_to: "{{ physical_host }}"
|
||||
|
||||
- name: Escape quote container name
|
||||
command: "systemd-escape {{ inventory_hostname }}"
|
||||
changed_when: false
|
||||
register: systemd_escape
|
||||
delegate_to: "{{ physical_host }}"
|
||||
|
||||
- name: Get machine-id
|
||||
shell: >-
|
||||
hostnamectl --machine="{{ inventory_hostname }}" status | awk '/Machine ID/ {print $3}'
|
||||
register: _container_machine_id
|
||||
delegate_to: "{{ physical_host }}"
|
||||
|
||||
- name: Disable container
|
||||
systemd:
|
||||
name: "systemd-nspawn@{{ systemd_escape.stdout }}"
|
||||
state: stopped
|
||||
enabled: false
|
||||
failed_when: false
|
||||
delegate_to: "{{ physical_host }}"
|
||||
when:
|
||||
- force_containers_destroy | bool
|
||||
|
||||
- name: Halt container
|
||||
command: "machinectl poweroff {{ inventory_hostname }}"
|
||||
failed_when: false
|
||||
delegate_to: "{{ physical_host }}"
|
||||
when:
|
||||
- machinectl_status.rc == 0
|
||||
- force_containers_destroy | bool
|
||||
|
||||
- name: Remove container
|
||||
command: "machinectl remove {{ inventory_hostname }}"
|
||||
delegate_to: "{{ physical_host }}"
|
||||
when:
|
||||
- machinectl_image_status.rc == 0
|
||||
- force_containers_destroy | bool
|
||||
|
||||
- include_tasks: "common-tasks/remove_container_journal.yml"
|
||||
vars:
|
||||
container_machine_id: "{{ (_container_machine_id.stdout).strip() }}"
|
||||
|
||||
- name: Destroy container data
|
||||
file:
|
||||
path: "{{ item }}"
|
||||
state: "absent"
|
||||
with_items:
|
||||
- "/openstack/{{ container_name }}"
|
||||
- "/openstack/backup/{{ container_name }}"
|
||||
- "/openstack/log/{{ container_name }}"
|
||||
delegate_to: "{{ physical_host }}"
|
||||
when:
|
||||
- force_containers_destroy | bool
|
||||
- force_containers_data_destroy | bool
|
||||
vars_prompt:
|
||||
- name: "force_containers_destroy"
|
||||
prompt: "Are you sure you want to destroy the nspawn containers?"
|
||||
default: "no"
|
||||
private: no
|
||||
- name: "force_containers_data_destroy"
|
||||
prompt: "Are you sure you want to destroy the nspawn container data?"
|
||||
default: "no"
|
||||
private: no
|
||||
tags:
|
||||
- nspawn-containers-destroy
|
@ -1,32 +0,0 @@
|
||||
---
|
||||
# Copyright 2017, Rackspace US, Inc.
|
||||
#
|
||||
# Licensed under the Apache License, Version 2.0 (the "License");
|
||||
# you may not use this file except in compliance with the License.
|
||||
# You may obtain a copy of the License at
|
||||
#
|
||||
# http://www.apache.org/licenses/LICENSE-2.0
|
||||
#
|
||||
# Unless required by applicable law or agreed to in writing, software
|
||||
# distributed under the License is distributed on an "AS IS" BASIS,
|
||||
# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
|
||||
# See the License for the specific language governing permissions and
|
||||
# limitations under the License.
|
||||
|
||||
- name: Gather nspawn hosts facts
|
||||
hosts: "{{ nspawn_host_group | default('nspawn_hosts') }}"
|
||||
gather_facts: true
|
||||
tags:
|
||||
- always
|
||||
|
||||
- name: Additional nspawn host setup
|
||||
hosts: "{{ nspawn_host_group | default('nspawn_hosts') }}"
|
||||
gather_facts: false
|
||||
vars_files:
|
||||
- "defaults/{{ install_method }}_install.yml"
|
||||
user: root
|
||||
roles:
|
||||
- role: "nspawn_hosts"
|
||||
environment: "{{ deployment_environment_variables | default({}) }}"
|
||||
tags:
|
||||
- nspawn-hosts
|
@ -32,13 +32,6 @@
|
||||
command: pgrep dnsmasq
|
||||
changed_when: false
|
||||
|
||||
- name: Ensuring hosts good behavior
|
||||
hosts: nspawn_hosts
|
||||
gather_facts: yes
|
||||
tasks:
|
||||
- debug:
|
||||
msg: "To be implemented. Please help."
|
||||
|
||||
- name: Ensuring containers creation, connection and good behavior
|
||||
hosts: all_containers
|
||||
gather_facts: yes
|
||||
|
5
releasenotes/notes/remove-nspawn-c92939b8c20f096b.yaml
Normal file
5
releasenotes/notes/remove-nspawn-c92939b8c20f096b.yaml
Normal file
@ -0,0 +1,5 @@
|
||||
---
|
||||
upgrade:
|
||||
- |
|
||||
The Wallaby release of openstack-ansible does not support deployment of
|
||||
the control plane in nspawn containers.
|
@ -311,12 +311,6 @@ function get_instance_info {
|
||||
lxc-checkconfig > \
|
||||
"/openstack/log/instance-info/host_lxc_config_info_${TS}.log" || true
|
||||
fi
|
||||
if [ "$(which machinectl)" ]; then
|
||||
machinectl list > \
|
||||
"/openstack/log/instance-info/host_nspawn_container_info_${TS}.log" || true
|
||||
machinectl list-images > \
|
||||
"/openstack/log/instance-info/host_nspawn_container_image_info_${TS}.log" || true
|
||||
fi
|
||||
if [ "$(which networkctl)" ]; then
|
||||
networkctl list > \
|
||||
"/openstack/log/instance-info/host_networkd_list_${TS}.log" || true
|
||||
@ -337,13 +331,6 @@ function get_instance_info {
|
||||
get_repos_info > \
|
||||
"/openstack/log/instance-info/host_repo_info_${TS}.log" || true
|
||||
|
||||
for i in nspawn-macvlan.service nspawn-networking.slice nspawn.slice; do
|
||||
if [ "$(systemctl is-active --quiet ${i})" ]; then
|
||||
systemctl status ${i} > "/openstack/log/instance-info/${i}_${TS}.log" || true
|
||||
journalctl -u ${i} >> "/openstack/log/instance-info/${i}_${TS}.log" || true
|
||||
fi
|
||||
done
|
||||
|
||||
ip route get 1 > "/openstack/log/instance-info/routes_${TS}.log" || true
|
||||
ip link show > "/openstack/log/instance-info/links_${TS}.log" || true
|
||||
|
||||
|
@ -84,7 +84,5 @@
|
||||
- ansible_facts['eth12']['active'] | bool
|
||||
- ansible_facts['eth13']['active'] | bool
|
||||
- ansible_facts['eth14']['active'] | bool
|
||||
when:
|
||||
- (bootstrap_host_container_tech | default('unknown')) != 'nspawn'
|
||||
- name: Clear facts
|
||||
meta: clear_facts
|
||||
|
@ -163,7 +163,6 @@ bootstrap_host_data_disk_min_size: "{{ (bootstrap_host_scenario is search('metal
|
||||
# Set the data disk formats table. If the backing store is set to lvm the option
|
||||
# the partition will not actually be formatted however for parted, ext2 is used.
|
||||
bootstrap_host_data_disk2_formats:
|
||||
machinectl: btrfs
|
||||
zfs: zfs
|
||||
btrfs: btrfs
|
||||
xfs: xfs
|
||||
@ -171,7 +170,6 @@ bootstrap_host_data_disk2_formats:
|
||||
lvm: ext2
|
||||
|
||||
bootstrap_host_format_options:
|
||||
machinectl: '--metadata single --data single --mixed'
|
||||
btrfs: '--metadata single --data single --mixed'
|
||||
xfs: '-K -d agcount=64 -l size=128m'
|
||||
ext4: '-O dir_index'
|
||||
@ -179,7 +177,6 @@ bootstrap_host_format_options:
|
||||
#
|
||||
# Set the data disk mount options.
|
||||
bootstrap_host_data_mount_options:
|
||||
machinectl: "noatime,nodiratime,compress=lzo,commit=120,{{ (ansible_facts['kernel'] is version('4.5', '>=')) | ternary('space_cache=v2', 'space_cache') }}"
|
||||
zfs: "defaults"
|
||||
btrfs: "noatime,nodiratime,compress=lzo,commit=120,{{ (ansible_facts['kernel'] is version('4.5', '>=')) | ternary('space_cache=v2', 'space_cache') }}"
|
||||
xfs: "noatime,nodiratime,logbufs=8,logbsize=256k"
|
||||
@ -188,9 +185,9 @@ bootstrap_host_data_mount_options:
|
||||
lvm: "defaults"
|
||||
swap: "%%"
|
||||
|
||||
bootstrap_host_data_disk2_fs: "{{ bootstrap_host_data_disk2_formats[((bootstrap_host_container_tech == 'nspawn') | ternary('btrfs', lxc_container_backing_store))] }}"
|
||||
bootstrap_host_data_disk2_fs_mount_options: "{{ bootstrap_host_data_mount_options[((bootstrap_host_container_tech == 'nspawn') | ternary('btrfs', lxc_container_backing_store))] }}"
|
||||
bootstrap_host_data_disk2_path: "{{ (lxc_container_backing_store == 'machinectl' or bootstrap_host_container_tech == 'nspawn') | ternary('/var/lib/machines', '/var/lib/lxc') }}"
|
||||
bootstrap_host_data_disk2_fs: "{{ bootstrap_host_data_disk2_formats[lxc_container_backing_store] }}"
|
||||
bootstrap_host_data_disk2_fs_mount_options: "{{ bootstrap_host_data_mount_options[lxc_container_backing_store] }}"
|
||||
bootstrap_host_data_disk2_path: '/var/lib/lxc'
|
||||
|
||||
### Optional Settings ###
|
||||
|
||||
@ -202,8 +199,5 @@ bootstrap_host_data_disk2_path: "{{ (lxc_container_backing_store == 'machinectl'
|
||||
# Set the install method for the deployment. Options are ['source', 'distro']
|
||||
bootstrap_host_install_method: "{{ lookup('env', 'INSTALL_METHOD') | default('source', true) }}"
|
||||
|
||||
# Set the container technology in service. Options are nspawn and lxc.
|
||||
bootstrap_host_container_tech: "{{ (bootstrap_host_scenario is search('nspawn')) | ternary('nspawn', 'lxc') }}"
|
||||
|
||||
# Set the lxc backing store for the job
|
||||
lxc_container_backing_store: dir
|
||||
|
@ -35,12 +35,8 @@
|
||||
with_items:
|
||||
- conditional: "{{ (bootstrap_host_scenario is search('distro')) and (bootstrap_host_scenario is search('source')) }}"
|
||||
msg: "The scenario key words 'distro' and 'source' are mutually exclusive."
|
||||
- conditional: "{{ (bootstrap_host_scenario is search('lxc')) and (bootstrap_host_scenario is search('nspawn')) }}"
|
||||
msg: "The scenario key words 'lxc' and 'nspawn' are mutually exclusive."
|
||||
- conditional: "{{ (bootstrap_host_scenario is search('lxc')) and (bootstrap_host_scenario is search('metal')) }}"
|
||||
msg: "The scenario key words 'lxc' and 'metal' are mutually exclusive."
|
||||
- conditional: "{{ (bootstrap_host_scenario is search('metal')) and (bootstrap_host_scenario is search('nspawn')) }}"
|
||||
msg: "The scenario key words 'metal' and 'nspawn' are mutually exclusive."
|
||||
|
||||
- name: Identify the space available in /
|
||||
# NOTE(hwoarang): df does not work reliably on btrfs filesystems
|
||||
|
@ -83,15 +83,6 @@
|
||||
tags:
|
||||
- prepare-loopback
|
||||
|
||||
# Prepare the Machines storage loopback disk
|
||||
- include: prepare_loopback_machines.yml
|
||||
when:
|
||||
- bootstrap_host_loopback_machines | bool
|
||||
- bootstrap_host_data_disk_device == None
|
||||
- lxc_container_backing_store == 'machinectl' or bootstrap_host_container_tech == 'nspawn'
|
||||
tags:
|
||||
- prepare-loopback
|
||||
|
||||
# Prepare the zfs storage loopback disk
|
||||
- include: prepare_loopback_zfs.yml
|
||||
when:
|
||||
@ -153,8 +144,6 @@
|
||||
|
||||
# Prepare the network interfaces
|
||||
- include: prepare_networking.yml
|
||||
when:
|
||||
- bootstrap_host_container_tech != 'nspawn'
|
||||
tags:
|
||||
- prepare-networking
|
||||
|
||||
|
@ -43,7 +43,7 @@
|
||||
|
||||
- name: Deploy openstack_user_config
|
||||
config_template:
|
||||
src: "{{ bootstrap_host_aio_config_path }}/openstack_user_config.yml.{{ (bootstrap_host_container_tech == 'nspawn') | ternary('aio-nspawn', 'aio') }}.j2"
|
||||
src: "{{ bootstrap_host_aio_config_path }}/openstack_user_config.yml.aio.j2"
|
||||
dest: "/etc/openstack_deploy/openstack_user_config.yml"
|
||||
config_overrides: "{{ openstack_user_config_overrides | default({}) }}"
|
||||
config_type: "yaml"
|
||||
|
@ -1,43 +0,0 @@
|
||||
---
|
||||
# Copyright 2018, Rackspace US, Inc.
|
||||
#
|
||||
# Licensed under the Apache License, Version 2.0 (the "License");
|
||||
# you may not use this file except in compliance with the License.
|
||||
# You may obtain a copy of the License at
|
||||
#
|
||||
# http://www.apache.org/licenses/LICENSE-2.0
|
||||
#
|
||||
# Unless required by applicable law or agreed to in writing, software
|
||||
# distributed under the License is distributed on an "AS IS" BASIS,
|
||||
# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
|
||||
# See the License for the specific language governing permissions and
|
||||
# limitations under the License.
|
||||
|
||||
- name: Create sparse machines file
|
||||
command: "truncate -s {{ bootstrap_host_loopback_machines_size }}G /openstack/machines.img"
|
||||
args:
|
||||
creates: /openstack/machines.img
|
||||
tags:
|
||||
- machines-file-create
|
||||
|
||||
- name: Format the machines file
|
||||
filesystem:
|
||||
fstype: btrfs
|
||||
opts: "{{ bootstrap_host_format_options['btrfs'] | default(omit) }}"
|
||||
dev: /openstack/machines.img
|
||||
tags:
|
||||
- machines-format-file
|
||||
|
||||
- name: Run the systemd mount role
|
||||
include_role:
|
||||
name: systemd_mount
|
||||
vars:
|
||||
systemd_mounts:
|
||||
- what: "/openstack/machines.img"
|
||||
where: "/var/lib/machines"
|
||||
options: "loop,{{ bootstrap_host_data_mount_options['btrfs'] }}"
|
||||
type: "btrfs"
|
||||
state: 'started'
|
||||
enabled: true
|
||||
tags:
|
||||
- machines-config
|
@ -25,13 +25,8 @@ debug: True
|
||||
install_method: "{{ bootstrap_host_install_method }}"
|
||||
|
||||
## Tempest settings
|
||||
{% if bootstrap_host_container_tech == 'nspawn' %}
|
||||
tempest_public_subnet_cidr: "172.29.240.0/22"
|
||||
tempest_public_subnet_allocation_pools: "172.29.243.110-172.29.243.200"
|
||||
{% else %}
|
||||
tempest_public_subnet_cidr: "172.29.248.0/22"
|
||||
tempest_public_subnet_allocation_pools: "172.29.249.110-172.29.249.200"
|
||||
{% endif %}
|
||||
|
||||
## Galera settings
|
||||
galera_monitoring_allowed_source: "0.0.0.0/0"
|
||||
@ -274,7 +269,7 @@ openstack_hosts_package_state: latest
|
||||
octavia_v2: True
|
||||
# Disable Octavia V1 API
|
||||
octavia_v1: False
|
||||
octavia_management_net_subnet_cidr: "{{ (bootstrap_host_container_tech == 'nspawn') | ternary('172.29.240.0/22', '172.29.232.0/22') }}"
|
||||
octavia_management_net_subnet_cidr: '172.29.232.0/22'
|
||||
tempest_run_concurrency: 0
|
||||
{% endif %}
|
||||
|
||||
|
@ -18,12 +18,6 @@ trove_provider_net_name: dbaas-mgmt
|
||||
trove_service_net_phys_net: dbaas-mgmt
|
||||
trove_service_net_setup: True
|
||||
|
||||
{% if bootstrap_host_container_tech == 'nspawn' %}
|
||||
trove_service_net_subnet_cidr: "172.29.236.0/22"
|
||||
trove_service_net_allocation_pool_start: "172.29.237.110"
|
||||
trove_service_net_allocation_pool_end: "172.29.237.200"
|
||||
{% else %}
|
||||
trove_service_net_subnet_cidr: "172.29.252.0/22"
|
||||
trove_service_net_allocation_pool_start: "172.29.252.50"
|
||||
trove_service_net_allocation_pool_end: "172.29.255.254"
|
||||
{% endif %}
|
||||
|
@ -334,7 +334,6 @@ class TestAnsibleInventoryFormatConstraints(unittest.TestCase):
|
||||
'mano_all',
|
||||
'mano_containers',
|
||||
'mano_hosts',
|
||||
'nspawn_hosts',
|
||||
'octavia-infra_hosts',
|
||||
'octavia_all',
|
||||
'octavia-api',
|
||||
|
@ -93,8 +93,6 @@
|
||||
- name: openstack/openstack-ansible-repo_server
|
||||
- name: openstack/openstack-ansible-rsyslog_client
|
||||
- name: openstack/openstack-ansible-rsyslog_server
|
||||
- name: openstack/openstack-ansible-nspawn_container_create
|
||||
- name: openstack/openstack-ansible-nspawn_hosts
|
||||
- name: openstack/ansible-role-systemd_service
|
||||
- name: openstack/ansible-role-systemd_mount
|
||||
- name: openstack/ansible-role-systemd_networkd
|
||||
@ -162,8 +160,6 @@
|
||||
- name: openstack/openstack-ansible-repo_server
|
||||
- name: openstack/openstack-ansible-rsyslog_client
|
||||
- name: openstack/openstack-ansible-rsyslog_server
|
||||
- name: openstack/openstack-ansible-nspawn_container_create
|
||||
- name: openstack/openstack-ansible-nspawn_hosts
|
||||
- name: openstack/ansible-role-systemd_service
|
||||
- name: openstack/ansible-role-systemd_mount
|
||||
- name: openstack/ansible-role-systemd_networkd
|
||||
@ -375,11 +371,6 @@
|
||||
nodeset: ubuntu-bionic
|
||||
timeout: 10800
|
||||
|
||||
- job:
|
||||
name: openstack-ansible-deploy-aio_nspawn-ubuntu-bionic
|
||||
parent: openstack-ansible-deploy-aio
|
||||
nodeset: ubuntu-bionic
|
||||
|
||||
- job:
|
||||
name: openstack-ansible-upgrade-aio_ceph-ubuntu-bionic
|
||||
parent: openstack-ansible-deploy-aio
|
||||
@ -471,8 +462,8 @@
|
||||
nodeset: centos-8
|
||||
|
||||
- job:
|
||||
name: openstack-ansible-deploy-aio_nspawn-centos-8
|
||||
parent: openstack-ansible-deploy-aio
|
||||
name: openstack-ansible-deploy-aio_distro_metal-centos-8
|
||||
parent: openstack-ansible-deploy-aio-distro
|
||||
nodeset: centos-8
|
||||
|
||||
- job:
|
||||
|
@ -29,7 +29,6 @@
|
||||
- openstack-ansible-deploy-translations-ubuntu-bionic
|
||||
experimental:
|
||||
jobs:
|
||||
- openstack-ansible-deploy-aio_nspawn-ubuntu-bionic
|
||||
- openstack-ansible-deploy-aio_qdrouterd-ubuntu-bionic
|
||||
- openstack-ansible-deploy_with_ansible_devel-aio-ubuntu-bionic
|
||||
- openstack-ansible-deploy_with_ansible_next-aio-ubuntu-bionic
|
||||
@ -180,15 +179,6 @@
|
||||
jobs:
|
||||
- openstack-ansible-deploy-aio_distro_metal-debian-buster
|
||||
|
||||
- project-template:
|
||||
name: openstack-ansible-deploy-aio_nspawn-jobs
|
||||
check:
|
||||
jobs:
|
||||
- openstack-ansible-deploy-aio_nspawn-ubuntu-bionic:
|
||||
voting: false
|
||||
gate:
|
||||
jobs: []
|
||||
|
||||
- project-template:
|
||||
name: openstack-ansible-deploy-ceph-jobs
|
||||
check:
|
||||
|
Loading…
Reference in New Issue
Block a user