openstack
/
openstack-ansible
Code Issues Proposed changes

Add scaffolding for multiple container techs 

This change makes it possible for us to add future support for multiple
container technologies within a single deployment. A new variable has
been added allowing the deployer to set the container tech within a
deployment. At this point the only supported container tech is "lxc"
however in a follow on PR we intend to add systemd-nspawn.

The playbooks for lxc-containers-* have all been renamed so we have a
consistent experience when sourcing and executing container type plays.
To ensure this change does not break existing deployer automation links
have been created for the old playbook names. In a future release we can
remove these links.

Change-Id: I8c2f8f29a93a3212de73c74c7d1ab7d851bbd204
Signed-off-by: Kevin Carter <kevin.carter@rackspace.com>
This commit is contained in:
Kevin Carter 2017-12-13 11:24:56 -06:00
parent 9499621f61
commit d586000465
45 changed files with 321 additions and 245 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

2
playbooks/ceph-install.yml
View File

@ -24,7 +24,7 @@
log_dirs:
- src: "/openstack/log/{{ inventory_hostname }}-ceph"
dest: "/var/log/ceph"
- include: common-tasks/os-lxc-container-setup.yml
- include: "common-tasks/os-{{ container_tech | default('lxc') }}-container-setup.yml"
vars:
list_of_bind_mounts: "{{ ceph_container_bind_mounts }}"
- include: common-tasks/unbound-clients.yml

5
playbooks/common-playbooks/cinder.yml
View File

@ -41,7 +41,7 @@
network_address: "storage_address"
- name: Configure container (cinder-volume)
include: ../common-tasks/os-lxc-container-setup.yml
include: "../common-tasks/os-{{ container_tech | default('lxc') }}-container-setup.yml"
static: no
vars:
aa_profile: "unconfined"
@ -56,7 +56,7 @@
- "cinder_backend_lvm_inuse | bool"
- name: Configure container (other services)
include: ../common-tasks/os-lxc-container-setup.yml
include: "../common-tasks/os-{{ container_tech | default('lxc') }}-container-setup.yml"
static: no
when:
- "'cinder_volume' not in group_names"
@ -89,6 +89,7 @@
{% endif %}
with_dict: "{{ cinder_backends | default({}) }}"
when:
- container_tech == 'lxc'
- physical_host != container_name
- cinder_backend_lvm_inuse | bool
delegate_to: "{{ physical_host }}"

4
playbooks/common-playbooks/glance.yml
View File

@ -36,7 +36,7 @@
- name: Configure container (non-nfs)
static: no
include: ../common-tasks/os-lxc-container-setup.yml
include: "../common-tasks/os-{{ container_tech | default('lxc') }}-container-setup.yml"
vars:
list_of_bind_mounts: "{{ glance_container_bind_mounts }}"
when:
@ -44,7 +44,7 @@
- (glance_nfs_client is not defined) or (glance_nfs_client | length == 0)
- name: Configure container (nfs)
include: ../common-tasks/os-lxc-container-setup.yml
include: "../common-tasks/os-{{ container_tech | default('lxc') }}-container-setup.yml"
static: no
when: (glance_default_store != "file") or (glance_nfs_client is defined)

4
playbooks/common-playbooks/neutron.yml
View File

@ -29,7 +29,7 @@
network_address: "tunnel_address"
- name: Configure container (neutron-agent)
include: ../common-tasks/os-lxc-container-setup.yml
include: "../common-tasks/os-{{ container_tech | default('lxc') }}-container-setup.yml"
vars:
aa_profile: "unconfined"
list_of_bind_mounts:
@ -43,7 +43,7 @@
- "'neutron_agent' in group_names"
- name: Configure container (other services)
include: ../common-tasks/os-lxc-container-setup.yml
include: "../common-tasks/os-{{ container_tech | default('lxc') }}-container-setup.yml"
when:
- "'neutron_agent' not in group_names"

6
playbooks/common-playbooks/nova.yml
View File

@ -62,7 +62,7 @@
network_address: "management_address"
- name: Configure container
include: ../common-tasks/os-lxc-container-setup.yml
include: "../common-tasks/os-{{ container_tech | default('lxc') }}-container-setup.yml"
vars:
extra_container_config_no_restart:
- "lxc.start.order=39"
@ -93,6 +93,7 @@
'added' in device_add.stdout.lower()
delegate_to: "{{ physical_host }}"
when:
- container_tech == 'lxc'
- "'nova_compute' in group_names"
- "not is_metal | bool"
tags:
@ -103,6 +104,7 @@
lxc-device -n {{ container_name }} add /dev/net/tun /dev/net/tun
delegate_to: "{{ physical_host }}"
when:
- container_tech == 'lxc'
- "'nova_compute' in group_names"
- "not is_metal | bool"
tags:
@ -114,6 +116,7 @@
delegate_to: "{{ physical_host }}"
register: kvm_device
when:
- container_tech == 'lxc'
- "'nova_compute' in group_names"
- "not is_metal | bool"
tags:
@ -128,6 +131,7 @@
changed_when: >
'added' in device_add.stdout.lower()
when:
- container_tech == 'lxc'
- "'nova_compute' in group_names"
- "not is_metal | bool"
- "'ischr' in kvm_device.stat and kvm_device.stat.ischr | bool"

17
playbooks/containers-deploy.yml Normal file
View File

@ -0,0 +1,17 @@
---
# Copyright 2017, Rackspace US, Inc.
#
# Licensed under the Apache License, Version 2.0 (the "License");
# you may not use this file except in compliance with the License.
# You may obtain a copy of the License at
#
# http://www.apache.org/licenses/LICENSE-2.0
#
# Unless required by applicable law or agreed to in writing, software
# distributed under the License is distributed on an "AS IS" BASIS,
# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
# See the License for the specific language governing permissions and
# limitations under the License.
- include: "containers-{{ container_tech | default('lxc') }}-host.yml"
- include: "containers-{{ container_tech | default('lxc') }}-create.yml"

54
playbooks/containers-lxc-create.yml Normal file
View File

@ -0,0 +1,54 @@
---
# Copyright 2014, Rackspace US, Inc.
#
# Licensed under the Apache License, Version 2.0 (the "License");
# you may not use this file except in compliance with the License.
# You may obtain a copy of the License at
#
# http://www.apache.org/licenses/LICENSE-2.0
#
# Unless required by applicable law or agreed to in writing, software
# distributed under the License is distributed on an "AS IS" BASIS,
# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
# See the License for the specific language governing permissions and
# limitations under the License.
- name: Gather lxc container host facts
hosts: "{{ lxc_host_group | default('lxc_hosts')}}"
gather_facts: "{{ osa_gather_facts | default(True) }}"
- name: Create container(s)
hosts: "{{ container_group|default('all_containers') }}"
gather_facts: false
max_fail_percentage: 20
user: root
roles:
- role: "lxc_container_create"
post_tasks:
- name: Wait for container connectivity
wait_for_connection:
connect_timeout: "{{ lxc_container_wait_params.connect_timeout | default(omit) }}"
delay: "{{ lxc_container_wait_params.delay | default(omit) }}"
sleep: "{{ lxc_container_wait_params.sleep | default(omit) }}"
timeout: "{{ lxc_container_wait_params.timeout | default(omit) }}"
- name: Set local facts for new container(s)
setup:
filter: ansible_local
gather_subset: "!all"
environment: "{{ deployment_environment_variables | default({}) }}"
tags:
- lxc-containers-create
# TODO(evrardjp): Remove host_need_pip in the future
# when the process building the repo is done before this step.
- name: Configure containers default software, but don't run pip yet
hosts: "{{ container_group|default('all_containers') }}"
gather_facts: true
user: root
roles:
- role: "openstack_hosts"
vars:
host_need_pip: False
environment: "{{ deployment_environment_variables | default({}) }}"
tags:
- lxc-containers-create

64
playbooks/containers-lxc-destroy.yml Normal file
View File

@ -0,0 +1,64 @@
---
# Copyright 2016, Rackspace US, Inc.
#
# Licensed under the Apache License, Version 2.0 (the "License");
# you may not use this file except in compliance with the License.
# You may obtain a copy of the License at
#
# http://www.apache.org/licenses/LICENSE-2.0
#
# Unless required by applicable law or agreed to in writing, software
# distributed under the License is distributed on an "AS IS" BASIS,
# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
# See the License for the specific language governing permissions and
# limitations under the License.
- name: Destroy lxc containers
hosts: "{{ container_group|default('all_containers') }}"
gather_facts: false
max_fail_percentage: 20
user: root
tasks:
- name: Destroy a container
lxc_container:
name: "{{ container_name }}"
state: "absent"
delegate_to: "{{ physical_host }}"
when:
- force_containers_destroy | bool
- force_containers_data_destroy | bool
- name: Destroy container service directories
file:
path: "{{ item }}"
state: "absent"
with_items:
- "/var/lib/lxc/{{ container_name }}"
delegate_to: "{{ physical_host }}"
when:
- force_containers_destroy | bool
- name: Destroy container data
file:
path: "{{ item }}"
state: "absent"
with_items:
- "/openstack/{{ container_name }}"
- "/openstack/backup/{{ container_name }}"
- "/openstack/log/{{ container_name }}"
- "/var/log/lxc/lxc-{{ container_name }}.log"
delegate_to: "{{ physical_host }}"
when:
- force_containers_destroy | bool
- force_containers_data_destroy | bool
vars_prompt:
- name: "force_containers_destroy"
prompt: "Are you sure you want to destroy the LXC containers?"
default: "no"
private: no
when: force_containers_destroy is undefined
- name: "force_containers_data_destroy"
prompt: "Are you sure you want to destroy the LXC container data?"
default: "no"
private: no
when: force_containers_data_destroy is undefined
tags:
- lxc-containers-destroy

58
playbooks/containers-lxc-host.yml Normal file
View File

@ -0,0 +1,58 @@
---
# Copyright 2014, Rackspace US, Inc.
#
# Licensed under the Apache License, Version 2.0 (the "License");
# you may not use this file except in compliance with the License.
# You may obtain a copy of the License at
#
# http://www.apache.org/licenses/LICENSE-2.0
#
# Unless required by applicable law or agreed to in writing, software
# distributed under the License is distributed on an "AS IS" BASIS,
# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
# See the License for the specific language governing permissions and
# limitations under the License.
- name: Basic lxc host setup
hosts: "{{ lxc_host_group | default('lxc_hosts')}}"
gather_facts: "{{ osa_gather_facts | default(True) }}"
max_fail_percentage: 20
user: root
pre_tasks:
- include: common-tasks/set-upper-constraints.yml
- include: common-tasks/set-pip-upstream-url.yml
- name: Check the state of the default LXC service log directory
stat:
path: "/var/log/lxc"
register: _lxc_log_dir
- name: Create the log aggregation parent directory
file:
path: "/openstack/log"
state: directory
- name: Move the existing folder to the log aggregation parent
command: "mv /var/log/lxc /openstack/log/{{ inventory_hostname }}-lxc"
when:
- _lxc_log_dir.stat.isdir is defined
- _lxc_log_dir.stat.isdir | bool
- name: Create the new LXC service log directory
file:
path: "/openstack/log/{{ inventory_hostname }}-lxc"
state: directory
- name: Create the LXC service log aggregation link
file:
src: "/openstack/log/{{ inventory_hostname }}-lxc"
dest: "/var/log/lxc"
state: "link"
roles:
- role: "lxc_hosts"
- role: "rsyslog_client"
rsyslog_client_log_rotate_file: lxc_log_rotate
rsyslog_client_log_dir: "/var/log/lxc"
rsyslog_client_config_name: "99-lxc-rsyslog-client.conf"
tags:
- rsyslog
vars_files:
- defaults/repo_packages/openstack_services.yml
environment: "{{ deployment_environment_variables | default({}) }}"
tags:
- lxc-hosts

2
playbooks/etcd-install.yml
View File

@ -19,7 +19,7 @@
max_fail_percentage: 20
user: root
pre_tasks:
- include: common-tasks/os-lxc-container-setup.yml
- include: "common-tasks/os-{{ container_tech | default('lxc') }}-container-setup.yml"
- include: common-tasks/unbound-clients.yml
static: no
when:

2
playbooks/galera-install.yml
View File

@ -25,7 +25,7 @@
log_dirs:
- src: "/openstack/log/{{ inventory_hostname }}-mysql_logs"
dest: "/var/log/mysql_logs"
- include: common-tasks/os-lxc-container-setup.yml
- include: "common-tasks/os-{{ container_tech | default('lxc') }}-container-setup.yml"
vars:
list_of_bind_mounts: "{{ galera_container_bind_mounts }}"
extra_container_config_no_restart:

2
playbooks/haproxy-install.yml
View File

@ -18,7 +18,7 @@
gather_facts: "{{ osa_gather_facts | default(True) }}"
user: root
pre_tasks:
- include: common-tasks/os-lxc-container-setup.yml
- include: "common-tasks/os-{{ container_tech | default('lxc') }}-container-setup.yml"
- include: common-tasks/os-log-dir-setup.yml
vars:
log_dirs:

54
playbooks/lxc-containers-create.yml
View File

@ -1,54 +0,0 @@
---
# Copyright 2014, Rackspace US, Inc.
#
# Licensed under the Apache License, Version 2.0 (the "License");
# you may not use this file except in compliance with the License.
# You may obtain a copy of the License at
#
# http://www.apache.org/licenses/LICENSE-2.0
#
# Unless required by applicable law or agreed to in writing, software
# distributed under the License is distributed on an "AS IS" BASIS,
# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
# See the License for the specific language governing permissions and
# limitations under the License.
- name: Gather lxc container host facts
hosts: "{{ lxc_host_group | default('lxc_hosts')}}"
gather_facts: "{{ osa_gather_facts | default(True) }}"
- name: Create container(s)
hosts: "{{ container_group|default('all_containers') }}"
gather_facts: false
max_fail_percentage: 20
user: root
roles:
- role: "lxc_container_create"
post_tasks:
- name: Wait for container connectivity
wait_for_connection:
connect_timeout: "{{ lxc_container_wait_params.connect_timeout | default(omit) }}"
delay: "{{ lxc_container_wait_params.delay | default(omit) }}"
sleep: "{{ lxc_container_wait_params.sleep | default(omit) }}"
timeout: "{{ lxc_container_wait_params.timeout | default(omit) }}"
- name: Set local facts for new container(s)
setup:
filter: ansible_local
gather_subset: "!all"
environment: "{{ deployment_environment_variables | default({}) }}"
tags:
- lxc-containers-create
# TODO(evrardjp): Remove host_need_pip in the future
# when the process building the repo is done before this step.
- name: Configure containers default software, but don't run pip yet
hosts: "{{ container_group|default('all_containers') }}"
gather_facts: true
user: root
roles:
- role: "openstack_hosts"
vars:
host_need_pip: False
environment: "{{ deployment_environment_variables | default({}) }}"
tags:
- lxc-containers-create

1
playbooks/lxc-containers-create.yml Symbolic link
View File

@ -0,0 +1 @@
containers-lxc-create.yml

64
playbooks/lxc-containers-destroy.yml
View File

@ -1,64 +0,0 @@
---
# Copyright 2016, Rackspace US, Inc.
#
# Licensed under the Apache License, Version 2.0 (the "License");
# you may not use this file except in compliance with the License.
# You may obtain a copy of the License at
#
# http://www.apache.org/licenses/LICENSE-2.0
#
# Unless required by applicable law or agreed to in writing, software
# distributed under the License is distributed on an "AS IS" BASIS,
# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
# See the License for the specific language governing permissions and
# limitations under the License.
- name: Destroy lxc containers
hosts: "{{ container_group|default('all_containers') }}"
gather_facts: false
max_fail_percentage: 20
user: root
tasks:
- name: Destroy a container
lxc_container:
name: "{{ container_name }}"
state: "absent"
delegate_to: "{{ physical_host }}"
when:
- force_containers_destroy | bool
- force_containers_data_destroy | bool
- name: Destroy container service directories
file:
path: "{{ item }}"
state: "absent"
with_items:
- "/var/lib/lxc/{{ container_name }}"
delegate_to: "{{ physical_host }}"
when:
- force_containers_destroy | bool
- name: Destroy container data
file:
path: "{{ item }}"
state: "absent"
with_items:
- "/openstack/{{ container_name }}"
- "/openstack/backup/{{ container_name }}"
- "/openstack/log/{{ container_name }}"
- "/var/log/lxc/lxc-{{ container_name }}.log"
delegate_to: "{{ physical_host }}"
when:
- force_containers_destroy | bool
- force_containers_data_destroy | bool
vars_prompt:
- name: "force_containers_destroy"
prompt: "Are you sure you want to destroy the LXC containers?"
default: "no"
private: no
when: force_containers_destroy is undefined
- name: "force_containers_data_destroy"
prompt: "Are you sure you want to destroy the LXC container data?"
default: "no"
private: no
when: force_containers_data_destroy is undefined
tags:
- lxc-containers-destroy

1
playbooks/lxc-containers-destroy.yml Symbolic link
View File

@ -0,0 +1 @@
containers-lxc-destroy.yml

58
playbooks/lxc-hosts-setup.yml
View File

@ -1,58 +0,0 @@
---
# Copyright 2014, Rackspace US, Inc.
#
# Licensed under the Apache License, Version 2.0 (the "License");
# you may not use this file except in compliance with the License.
# You may obtain a copy of the License at
#
# http://www.apache.org/licenses/LICENSE-2.0
#
# Unless required by applicable law or agreed to in writing, software
# distributed under the License is distributed on an "AS IS" BASIS,
# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
# See the License for the specific language governing permissions and
# limitations under the License.
- name: Basic lxc host setup
hosts: "{{ lxc_host_group | default('lxc_hosts')}}"
gather_facts: "{{ osa_gather_facts | default(True) }}"
max_fail_percentage: 20
user: root
pre_tasks:
- include: common-tasks/set-upper-constraints.yml
- include: common-tasks/set-pip-upstream-url.yml
- name: Check the state of the default LXC service log directory
stat:
path: "/var/log/lxc"
register: _lxc_log_dir
- name: Create the log aggregation parent directory
file:
path: "/openstack/log"
state: directory
- name: Move the existing folder to the log aggregation parent
command: "mv /var/log/lxc /openstack/log/{{ inventory_hostname }}-lxc"
when:
- _lxc_log_dir.stat.isdir is defined
- _lxc_log_dir.stat.isdir | bool
- name: Create the new LXC service log directory
file:
path: "/openstack/log/{{ inventory_hostname }}-lxc"
state: directory
- name: Create the LXC service log aggregation link
file:
src: "/openstack/log/{{ inventory_hostname }}-lxc"
dest: "/var/log/lxc"
state: "link"
roles:
- role: "lxc_hosts"
- role: "rsyslog_client"
rsyslog_client_log_rotate_file: lxc_log_rotate
rsyslog_client_log_dir: "/var/log/lxc"
rsyslog_client_config_name: "99-lxc-rsyslog-client.conf"
tags:
- rsyslog
vars_files:
- defaults/repo_packages/openstack_services.yml
environment: "{{ deployment_environment_variables | default({}) }}"
tags:
- lxc-hosts

1
playbooks/lxc-hosts-setup.yml Symbolic link
View File

@ -0,0 +1 @@
containers-lxc-host.yml

2
playbooks/memcached-install.yml
View File

@ -19,7 +19,7 @@
max_fail_percentage: 20
user: root
pre_tasks:
- include: common-tasks/os-lxc-container-setup.yml
- include: "common-tasks/os-{{ container_tech | default('lxc') }}-container-setup.yml"
- include: common-tasks/os-log-dir-setup.yml
vars:
log_dirs:

2
playbooks/os-aodh-install.yml
View File

@ -19,7 +19,7 @@
max_fail_percentage: 20
user: root
pre_tasks:
- include: common-tasks/os-lxc-container-setup.yml
- include: "common-tasks/os-{{ container_tech | default('lxc') }}-container-setup.yml"
- include: common-tasks/rabbitmq-vhost-user.yml
static: no
vars:

2
playbooks/os-barbican-install.yml
View File

@ -19,7 +19,7 @@
max_fail_percentage: 20
user: root
pre_tasks:
- include: common-tasks/os-lxc-container-setup.yml
- include: "common-tasks/os-{{ container_tech | default('lxc') }}-container-setup.yml"
- include: common-tasks/rabbitmq-vhost-user.yml
static: no
vars:

2
playbooks/os-ceilometer-install.yml
View File

@ -19,7 +19,7 @@
max_fail_percentage: 20
user: root
pre_tasks:
- include: common-tasks/os-lxc-container-setup.yml
- include: "common-tasks/os-{{ container_tech | default('lxc') }}-container-setup.yml"
- include: common-tasks/rabbitmq-vhost-user.yml
static: no
vars:

2
playbooks/os-designate-install.yml
View File

@ -21,7 +21,7 @@
gather_facts: "{{ osa_gather_facts | default(True) }}"
user: root
pre_tasks:
- include: common-tasks/os-lxc-container-setup.yml
- include: "common-tasks/os-{{ container_tech | default('lxc') }}-container-setup.yml"
- include: common-tasks/rabbitmq-vhost-user.yml
static: no
vars:

4
playbooks/os-gnocchi-install.yml
View File

@ -18,12 +18,12 @@
max_fail_percentage: 20
user: root
pre_tasks:
- include: common-tasks/os-lxc-container-setup.yml
- include: "common-tasks/os-{{ container_tech | default('lxc') }}-container-setup.yml"
static: no
vars:
list_of_bind_mounts: "{{ gnocchi_container_bind_mounts }}"
when: (gnocchi_storage_driver == "file") or (gnocchi_storage_driver is not defined)
- include: common-tasks/os-lxc-container-setup.yml
- include: "common-tasks/os-{{ container_tech | default('lxc') }}-container-setup.yml"
static: no
when:
- gnocchi_storage_driver is defined

2
playbooks/os-heat-install.yml
View File

@ -19,7 +19,7 @@
max_fail_percentage: 20
user: root
pre_tasks:
- include: common-tasks/os-lxc-container-setup.yml
- include: "common-tasks/os-{{ container_tech | default('lxc') }}-container-setup.yml"
- include: common-tasks/rabbitmq-vhost-user.yml
static: no
vars:

2
playbooks/os-horizon-install.yml
View File

@ -19,7 +19,7 @@
max_fail_percentage: 20
user: root
pre_tasks:
- include: common-tasks/os-lxc-container-setup.yml
- include: "common-tasks/os-{{ container_tech | default('lxc') }}-container-setup.yml"
- include: common-tasks/os-log-dir-setup.yml
vars:
log_dirs:

2
playbooks/os-ironic-install.yml
View File

@ -18,7 +18,7 @@
gather_facts: "{{ osa_gather_facts | default(True) }}"
user: root
pre_tasks:
- include: common-tasks/os-lxc-container-setup.yml
- include: "common-tasks/os-{{ container_tech | default('lxc') }}-container-setup.yml"
- include: common-tasks/rabbitmq-vhost-user.yml
static: no
vars:

2
playbooks/os-keystone-install.yml
View File

@ -83,7 +83,7 @@
- "keystone_admin-back"
- name: Configure container
include: common-tasks/os-lxc-container-setup.yml
include: "common-tasks/os-{{ container_tech | default('lxc') }}-container-setup.yml"
vars:
extra_container_config_no_restart:
- "lxc.start.order=19"

2
playbooks/os-magnum-install.yml
View File

@ -21,7 +21,7 @@
max_fail_percentage: 20
user: root
pre_tasks:
- include: common-tasks/os-lxc-container-setup.yml
- include: "common-tasks/os-{{ container_tech | default('lxc') }}-container-setup.yml"
- include: common-tasks/os-log-dir-setup.yml
vars:
log_dirs:

2
playbooks/os-molteniron-install.yml
View File

@ -18,7 +18,7 @@
gather_facts: "{{ osa_gather_facts | default(True) }}"
user: root
pre_tasks:
- include: common-tasks/os-lxc-container-setup.yml
- include: "common-tasks/os-{{ container_tech | default('lxc') }}-container-setup.yml"
vars:
extra_container_config_no_restart:
- "lxc.start.order=39"

2
playbooks/os-octavia-install.yml
View File

@ -19,7 +19,7 @@
max_fail_percentage: 20
user: root
pre_tasks:
- include: common-tasks/os-lxc-container-setup.yml
- include: "common-tasks/os-{{ container_tech | default('lxc') }}-container-setup.yml"
static: no
- include: common-tasks/rabbitmq-vhost-user.yml
static: no

2
playbooks/os-sahara-install.yml
View File

@ -16,7 +16,7 @@
gather_facts: "{{ osa_gather_facts | default(True) }}"
user: root
pre_tasks:
- include: common-tasks/os-lxc-container-setup.yml
- include: "common-tasks/os-{{ container_tech | default('lxc') }}-container-setup.yml"
- include: common-tasks/rabbitmq-vhost-user.yml
static: no
vars:

2
playbooks/os-swift-install.yml
View File

@ -19,7 +19,7 @@
max_fail_percentage: 20
user: root
pre_tasks:
- include: common-tasks/os-lxc-container-setup.yml
- include: "common-tasks/os-{{ container_tech | default('lxc') }}-container-setup.yml"
vars:
extra_container_config_no_restart:
- "lxc.start.order=39"

2
playbooks/os-tacker-install.yml
View File

@ -19,7 +19,7 @@
max_fail_percentage: 20
user: root
pre_tasks:
- include: common-tasks/os-lxc-container-setup.yml
- include: "common-tasks/os-{{ container_tech | default('lxc') }}-container-setup.yml"
- include: common-tasks/rabbitmq-vhost-user.yml
static: no
vars:

2
playbooks/os-trove-install.yml
View File

@ -21,7 +21,7 @@
gather_facts: "{{ osa_gather_facts | default(True) }}"
user: root
pre_tasks:
- include: common-tasks/os-lxc-container-setup.yml
- include: "common-tasks/os-{{ container_tech | default('lxc') }}-container-setup.yml"
- include: common-tasks/rabbitmq-vhost-user.yml
static: no
vars:

2
playbooks/rabbitmq-install.yml
View File

@ -20,7 +20,7 @@
max_fail_percentage: 0
user: root
pre_tasks:
- include: common-tasks/os-lxc-container-setup.yml
- include: "common-tasks/os-{{ container_tech | default('lxc') }}-container-setup.yml"
static:
vars:
extra_container_config_no_restart:

3
playbooks/repo-server.yml
View File

@ -30,7 +30,8 @@
register: _local_git_cache
when: repo_build_git_cache is defined
- include: common-tasks/os-lxc-container-setup.yml
- include: "common-tasks/os-{{ container_tech | default('lxc') }}-container-setup.yml"
static: no
vars:
list_of_bind_mounts:
- mount_path: "/openstack/{{ inventory_hostname }}"

2
playbooks/rsyslog-install.yml
View File

@ -19,7 +19,7 @@
max_fail_percentage: 20
user: root
pre_tasks:
- include: common-tasks/os-lxc-container-setup.yml
- include: "common-tasks/os-{{ container_tech | default('lxc') }}-container-setup.yml"
vars:
list_of_bind_mounts:
- bind_dir_path: "{{ rsyslog_server_storage_directory }}"

3
playbooks/setup-hosts.yml
View File

@ -15,5 +15,4 @@
- include: openstack-hosts-setup.yml
- include: security-hardening.yml
- include: lxc-hosts-setup.yml
- include: lxc-containers-create.yml
- include: containers-deploy.yml

2
playbooks/unbound-install.yml
View File

@ -20,7 +20,7 @@
user: root
pre_tasks:
- include: common-tasks/os-log-dir-setup.yml
- include: common-tasks/os-lxc-container-setup.yml
- include: "common-tasks/os-{{ container_tech | default('lxc') }}-container-setup.yml"
- include: common-tasks/package-cache-proxy.yml
roles:
- role: "unbound"

2
playbooks/utility-install.yml
View File

@ -18,7 +18,7 @@
max_fail_percentage: 20
user: root
pre_tasks:
- include: common-tasks/os-lxc-container-setup.yml
- include: "common-tasks/os-{{ container_tech | default('lxc') }}-container-setup.yml"
- include: common-tasks/os-log-dir-setup.yml
vars:

5
releasenotes/notes/lxc-container-tech-2a24afbef5a7bf6e.yaml Normal file
View File

@ -0,0 +1,5 @@
---
features:
- A new variable has been added which allows deployers to set the container
technology OSA will use when running a deployment in containers. This new
variable is ``container_tech`` which has a default value of "lxc".

2
scripts/gate-check-commit.sh
View File

@ -44,7 +44,7 @@ export ANSIBLE_ROLE_FETCH_MODE="git-clone"
export ANSIBLE_LOG_DIR="/openstack/log/ansible-logging"
# Set the scenario to execute based on the first CLI parameter
export SCENARIO=${1:-"aio"}
export SCENARIO=${1:-"aio_lxc"}
# Set the action base on the second CLI parameter
# Actions available: [ 'deploy', 'upgrade' ]

3
tests/roles/bootstrap-host/defaults/main.yml
View File

@ -194,6 +194,9 @@ bridge_iptables_rules: |
up /sbin/iptables -t nat -A POSTROUTING -o {{ bootstrap_host_public_interface }} -j MASQUERADE
down /sbin/iptables -t nat -D POSTROUTING -o {{ bootstrap_host_public_interface }} -j MASQUERADE
# Set the container technology in service. Options are lxc.
container_tech: "lxc"
## Extra storage
# An AIO may optionally be built using a second storage device. If a
# secondary disk device to use is not specified, then the AIO will be

3
tests/roles/bootstrap-host/templates/user_variables.aio.yml.j2
View File

@ -204,3 +204,6 @@ nova_service_negate:
{% if _pypi_mirror is defined and _pypi_mirror.stdout is defined %}
repo_nginx_pypi_upstream: "{{ _pypi_mirror.stdout | netloc }}"
{% endif %}
# Set the container tech. Options are "lxc"
container_tech: "{{ container_tech }}"

2
tests/vars/bootstrap-aio-vars.yml
View File

@ -14,7 +14,7 @@
# limitations under the License.
confd_overrides:
aio:
aio_lxc:
- name: cinder.yml.aio
- name: designate.yml.aio
- name: glance.yml.aio

78
zuul.d/jobs.yaml
View File

@ -34,34 +34,35 @@
- ^Vagrantfile
vars:
action: deploy
scenario: aio
scenario: aio_lxc
# Ensuring overrides work
- job:
name: openstack-ansible-varstest-aio-ubuntu-xenial
parent: openstack-ansible-deploy-aio-ubuntu-xenial
name: openstack-ansible-varstest-aio_lxc-ubuntu-xenial
parent: openstack-ansible-deploy-aio_lxc-ubuntu-xenial
vars:
action: varstest
# ubuntu
- job:
name: openstack-ansible-deploy-aio-ubuntu-xenial
name: openstack-ansible-deploy-aio_lxc-ubuntu-xenial
parent: openstack-ansible-deploy-aio
nodeset: ubuntu-xenial
- job:
name: openstack-ansible-deploy-ceph-ubuntu-xenial
parent: openstack-ansible-deploy-aio-ubuntu-xenial
# temporarily moved to non voting until
# https://bugs.launchpad.net/cinder/+bug/1737015
# has been fixed.
voting: false
parent: openstack-ansible-deploy-aio_lxc-ubuntu-xenial
vars:
action: deploy
scenario: ceph
- job:
name: openstack-ansible-upgrade-aio-ubuntu-xenial
parent: openstack-ansible-deploy-aio-ubuntu-xenial
name: openstack-ansible-upgrade-aio_lxc-ubuntu-xenial
parent: openstack-ansible-deploy-aio_lxc-ubuntu-xenial
timeout: 10800
vars:
action: upgrade
@ -69,7 +70,7 @@
- job:
name: openstack-ansible-upgrade-ceph-ubuntu-xenial
parent: openstack-ansible-deploy-aio-ubuntu-xenial
parent: openstack-ansible-deploy-aio_lxc-ubuntu-xenial
timeout: 10800
vars:
action: upgrade
@ -77,35 +78,35 @@
- job:
name: openstack-ansible-deploy-octavia-ubuntu-xenial
parent: openstack-ansible-deploy-aio-ubuntu-xenial
parent: openstack-ansible-deploy-aio_lxc-ubuntu-xenial
vars:
action: deploy
scenario: octavia
- job:
name: openstack-ansible-deploy-translations-ubuntu-xenial
parent: openstack-ansible-deploy-aio-ubuntu-xenial
parent: openstack-ansible-deploy-aio_lxc-ubuntu-xenial
vars:
action: deploy
scenario: translations
# centos
- job:
name: openstack-ansible-deploy-aio-centos-7
name: openstack-ansible-deploy-aio_lxc-centos-7
parent: openstack-ansible-deploy-aio
nodeset: centos-7
voting: false
- job:
name: openstack-ansible-deploy-ceph-centos-7
parent: openstack-ansible-deploy-aio-centos-7
parent: openstack-ansible-deploy-aio_lxc-centos-7
vars:
action: deploy
scenario: ceph
- job:
name: openstack-ansible-upgrade-aio-centos-7
parent: openstack-ansible-deploy-aio-centos-7
name: openstack-ansible-upgrade-aio_lxc-centos-7
parent: openstack-ansible-deploy-aio_lxc-centos-7
timeout: 10800
vars:
action: upgrade
@ -113,7 +114,7 @@
- job:
name: openstack-ansible-upgrade-ceph-centos-7
parent: openstack-ansible-deploy-aio-centos-7
parent: openstack-ansible-deploy-aio_lxc-centos-7
timeout: 10800
vars:
action: upgrade
@ -121,21 +122,60 @@
# opensuse
- job:
name: openstack-ansible-deploy-aio-opensuse-423
name: openstack-ansible-deploy-aio_lxc-opensuse-423
parent: openstack-ansible-deploy-aio
nodeset: opensuse-423
voting: false
- job:
name: openstack-ansible-deploy-ceph-opensuse-423
parent: openstack-ansible-deploy-aio-opensuse-423
parent: openstack-ansible-deploy-aio_lxc-opensuse-423
vars:
action: deploy
scenario: ceph
- job:
name: openstack-ansible-upgrade-aio-opensuse-423
parent: openstack-ansible-deploy-aio-opensuse-423
name: openstack-ansible-upgrade-aio_lxc-opensuse-423
parent: openstack-ansible-deploy-aio_lxc-opensuse-423
timeout: 10800
vars:
action: upgrade
scenario: aio
# NOTE(cloudnull): META JOB MAP
# In order to cater for the possibility that an external job was dependent on the old job name
# the following job items are used to repoint work to the updated job name should the old name
# be referenced. As we updated our zuul dependencies and external job runners these items should
# be removed as soon as they're no longer needed.
- job:
name: openstack-ansible-varstest-aio-ubuntu-xenial
parent: openstack-ansible-varstest-aio_lxc-ubuntu-xenial
- job:
name: openstack-ansible-deploy-aio-ubuntu-xenial
parent: openstack-ansible-deploy-aio
- job:
name: openstack-ansible-upgrade-aio-ubuntu-xenial
parent: openstack-ansible-deploy-aio_lxc-ubuntu-xenial
- job:
name: openstack-ansible-deploy-aio-centos-7
parent: openstack-ansible-deploy-aio_lxc-centos-7
- job:
name: openstack-ansible-upgrade-aio-centos-7
parent: openstack-ansible-upgrade-aio_lxc-centos-7
- job:
name: openstack-ansible-deploy-aio-opensuse-423
parent: openstack-ansible-deploy-aio_lxc-opensuse-423
- job:
name: openstack-ansible-deploy-ceph-opensuse-423
parent: openstack-ansible-deploy-aio_lxc-opensuse-423
- job:
name: openstack-ansible-upgrade-aio-opensuse-423
parent: openstack-ansible-deploy-aio_lxc-opensuse-423

24
zuul.d/project.yaml
View File

@ -18,10 +18,10 @@
check:
jobs:
- openstack-ansible-linters
- openstack-ansible-varstest-aio-ubuntu-xenial
- openstack-ansible-deploy-aio-centos-7
- openstack-ansible-deploy-aio-opensuse-423
- openstack-ansible-deploy-aio-ubuntu-xenial
- openstack-ansible-varstest-aio_lxc-ubuntu-xenial
- openstack-ansible-deploy-aio_lxc-centos-7
- openstack-ansible-deploy-aio_lxc-opensuse-423
- openstack-ansible-deploy-aio_lxc-ubuntu-xenial
- openstack-ansible-deploy-ceph-centos-7
- openstack-ansible-deploy-ceph-ubuntu-xenial
- openstack-ansible-deploy-ceph-opensuse-423
@ -31,21 +31,21 @@
gate:
jobs:
- openstack-ansible-linters
- openstack-ansible-varstest-aio-ubuntu-xenial
- openstack-ansible-deploy-aio-ubuntu-xenial
- openstack-ansible-varstest-aio_lxc-ubuntu-xenial
# Removed temporarily until
# https://bugs.launchpad.net/cinder/+bug/1737015 is fixed
# - openstack-ansible-deploy-ceph-ubuntu-xenial
- openstack-ansible-deploy-aio_lxc-ubuntu-xenial
periodic:
jobs:
- openstack-ansible-deploy-aio-centos-7
- openstack-ansible-deploy-aio-opensuse-423
- openstack-ansible-deploy-aio-ubuntu-xenial
- openstack-ansible-deploy-aio_lxc-centos-7
- openstack-ansible-deploy-aio_lxc-opensuse-423
- openstack-ansible-deploy-aio_lxc-ubuntu-xenial
- openstack-ansible-deploy-ceph-centos-7
- openstack-ansible-deploy-ceph-ubuntu-xenial
- openstack-ansible-deploy-translations-ubuntu-xenial
- openstack-ansible-upgrade-aio-centos-7
- openstack-ansible-upgrade-aio-opensuse-423
- openstack-ansible-upgrade-aio-ubuntu-xenial
- openstack-ansible-upgrade-aio_lxc-centos-7
- openstack-ansible-upgrade-aio_lxc-opensuse-423
- openstack-ansible-upgrade-aio_lxc-ubuntu-xenial
- openstack-ansible-upgrade-ceph-centos-7
- openstack-ansible-upgrade-ceph-ubuntu-xenial