diff --git a/playbooks/ceph-install.yml b/playbooks/ceph-install.yml index 8a573cb2d5..cdaa630e0e 100644 --- a/playbooks/ceph-install.yml +++ b/playbooks/ceph-install.yml @@ -24,7 +24,7 @@ log_dirs: - src: "/openstack/log/{{ inventory_hostname }}-ceph" dest: "/var/log/ceph" - - include: common-tasks/os-lxc-container-setup.yml + - include: "common-tasks/os-{{ container_tech | default('lxc') }}-container-setup.yml" vars: list_of_bind_mounts: "{{ ceph_container_bind_mounts }}" - include: common-tasks/unbound-clients.yml diff --git a/playbooks/common-playbooks/cinder.yml b/playbooks/common-playbooks/cinder.yml index 595bb54b1a..e58c5d293e 100644 --- a/playbooks/common-playbooks/cinder.yml +++ b/playbooks/common-playbooks/cinder.yml @@ -41,7 +41,7 @@ network_address: "storage_address" - name: Configure container (cinder-volume) - include: ../common-tasks/os-lxc-container-setup.yml + include: "../common-tasks/os-{{ container_tech | default('lxc') }}-container-setup.yml" static: no vars: aa_profile: "unconfined" @@ -56,7 +56,7 @@ - "cinder_backend_lvm_inuse | bool" - name: Configure container (other services) - include: ../common-tasks/os-lxc-container-setup.yml + include: "../common-tasks/os-{{ container_tech | default('lxc') }}-container-setup.yml" static: no when: - "'cinder_volume' not in group_names" @@ -89,6 +89,7 @@ {% endif %} with_dict: "{{ cinder_backends | default({}) }}" when: + - container_tech == 'lxc' - physical_host != container_name - cinder_backend_lvm_inuse | bool delegate_to: "{{ physical_host }}" diff --git a/playbooks/common-playbooks/glance.yml b/playbooks/common-playbooks/glance.yml index 97ee7ef9c2..4902c3dcf7 100644 --- a/playbooks/common-playbooks/glance.yml +++ b/playbooks/common-playbooks/glance.yml @@ -36,7 +36,7 @@ - name: Configure container (non-nfs) static: no - include: ../common-tasks/os-lxc-container-setup.yml + include: "../common-tasks/os-{{ container_tech | default('lxc') }}-container-setup.yml" vars: list_of_bind_mounts: "{{ glance_container_bind_mounts }}" when: @@ -44,7 +44,7 @@ - (glance_nfs_client is not defined) or (glance_nfs_client | length == 0) - name: Configure container (nfs) - include: ../common-tasks/os-lxc-container-setup.yml + include: "../common-tasks/os-{{ container_tech | default('lxc') }}-container-setup.yml" static: no when: (glance_default_store != "file") or (glance_nfs_client is defined) diff --git a/playbooks/common-playbooks/neutron.yml b/playbooks/common-playbooks/neutron.yml index 6fe01323ca..7fa933ea6a 100644 --- a/playbooks/common-playbooks/neutron.yml +++ b/playbooks/common-playbooks/neutron.yml @@ -29,7 +29,7 @@ network_address: "tunnel_address" - name: Configure container (neutron-agent) - include: ../common-tasks/os-lxc-container-setup.yml + include: "../common-tasks/os-{{ container_tech | default('lxc') }}-container-setup.yml" vars: aa_profile: "unconfined" list_of_bind_mounts: @@ -43,7 +43,7 @@ - "'neutron_agent' in group_names" - name: Configure container (other services) - include: ../common-tasks/os-lxc-container-setup.yml + include: "../common-tasks/os-{{ container_tech | default('lxc') }}-container-setup.yml" when: - "'neutron_agent' not in group_names" diff --git a/playbooks/common-playbooks/nova.yml b/playbooks/common-playbooks/nova.yml index c16a6e00cc..0de833892d 100644 --- a/playbooks/common-playbooks/nova.yml +++ b/playbooks/common-playbooks/nova.yml @@ -62,7 +62,7 @@ network_address: "management_address" - name: Configure container - include: ../common-tasks/os-lxc-container-setup.yml + include: "../common-tasks/os-{{ container_tech | default('lxc') }}-container-setup.yml" vars: extra_container_config_no_restart: - "lxc.start.order=39" @@ -93,6 +93,7 @@ 'added' in device_add.stdout.lower() delegate_to: "{{ physical_host }}" when: + - container_tech == 'lxc' - "'nova_compute' in group_names" - "not is_metal | bool" tags: @@ -103,6 +104,7 @@ lxc-device -n {{ container_name }} add /dev/net/tun /dev/net/tun delegate_to: "{{ physical_host }}" when: + - container_tech == 'lxc' - "'nova_compute' in group_names" - "not is_metal | bool" tags: @@ -114,6 +116,7 @@ delegate_to: "{{ physical_host }}" register: kvm_device when: + - container_tech == 'lxc' - "'nova_compute' in group_names" - "not is_metal | bool" tags: @@ -128,6 +131,7 @@ changed_when: > 'added' in device_add.stdout.lower() when: + - container_tech == 'lxc' - "'nova_compute' in group_names" - "not is_metal | bool" - "'ischr' in kvm_device.stat and kvm_device.stat.ischr | bool" diff --git a/playbooks/containers-deploy.yml b/playbooks/containers-deploy.yml new file mode 100644 index 0000000000..a18fed638c --- /dev/null +++ b/playbooks/containers-deploy.yml @@ -0,0 +1,17 @@ +--- +# Copyright 2017, Rackspace US, Inc. +# +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. + +- include: "containers-{{ container_tech | default('lxc') }}-host.yml" +- include: "containers-{{ container_tech | default('lxc') }}-create.yml" diff --git a/playbooks/containers-lxc-create.yml b/playbooks/containers-lxc-create.yml new file mode 100644 index 0000000000..9b7ae59527 --- /dev/null +++ b/playbooks/containers-lxc-create.yml @@ -0,0 +1,54 @@ +--- +# Copyright 2014, Rackspace US, Inc. +# +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. + +- name: Gather lxc container host facts + hosts: "{{ lxc_host_group | default('lxc_hosts')}}" + gather_facts: "{{ osa_gather_facts | default(True) }}" + +- name: Create container(s) + hosts: "{{ container_group|default('all_containers') }}" + gather_facts: false + max_fail_percentage: 20 + user: root + roles: + - role: "lxc_container_create" + post_tasks: + - name: Wait for container connectivity + wait_for_connection: + connect_timeout: "{{ lxc_container_wait_params.connect_timeout | default(omit) }}" + delay: "{{ lxc_container_wait_params.delay | default(omit) }}" + sleep: "{{ lxc_container_wait_params.sleep | default(omit) }}" + timeout: "{{ lxc_container_wait_params.timeout | default(omit) }}" + - name: Set local facts for new container(s) + setup: + filter: ansible_local + gather_subset: "!all" + environment: "{{ deployment_environment_variables | default({}) }}" + tags: + - lxc-containers-create + +# TODO(evrardjp): Remove host_need_pip in the future +# when the process building the repo is done before this step. +- name: Configure containers default software, but don't run pip yet + hosts: "{{ container_group|default('all_containers') }}" + gather_facts: true + user: root + roles: + - role: "openstack_hosts" + vars: + host_need_pip: False + environment: "{{ deployment_environment_variables | default({}) }}" + tags: + - lxc-containers-create diff --git a/playbooks/containers-lxc-destroy.yml b/playbooks/containers-lxc-destroy.yml new file mode 100644 index 0000000000..2cbbaa0c34 --- /dev/null +++ b/playbooks/containers-lxc-destroy.yml @@ -0,0 +1,64 @@ +--- +# Copyright 2016, Rackspace US, Inc. +# +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. + +- name: Destroy lxc containers + hosts: "{{ container_group|default('all_containers') }}" + gather_facts: false + max_fail_percentage: 20 + user: root + tasks: + - name: Destroy a container + lxc_container: + name: "{{ container_name }}" + state: "absent" + delegate_to: "{{ physical_host }}" + when: + - force_containers_destroy | bool + - force_containers_data_destroy | bool + - name: Destroy container service directories + file: + path: "{{ item }}" + state: "absent" + with_items: + - "/var/lib/lxc/{{ container_name }}" + delegate_to: "{{ physical_host }}" + when: + - force_containers_destroy | bool + - name: Destroy container data + file: + path: "{{ item }}" + state: "absent" + with_items: + - "/openstack/{{ container_name }}" + - "/openstack/backup/{{ container_name }}" + - "/openstack/log/{{ container_name }}" + - "/var/log/lxc/lxc-{{ container_name }}.log" + delegate_to: "{{ physical_host }}" + when: + - force_containers_destroy | bool + - force_containers_data_destroy | bool + vars_prompt: + - name: "force_containers_destroy" + prompt: "Are you sure you want to destroy the LXC containers?" + default: "no" + private: no + when: force_containers_destroy is undefined + - name: "force_containers_data_destroy" + prompt: "Are you sure you want to destroy the LXC container data?" + default: "no" + private: no + when: force_containers_data_destroy is undefined + tags: + - lxc-containers-destroy diff --git a/playbooks/containers-lxc-host.yml b/playbooks/containers-lxc-host.yml new file mode 100644 index 0000000000..580a438985 --- /dev/null +++ b/playbooks/containers-lxc-host.yml @@ -0,0 +1,58 @@ +--- +# Copyright 2014, Rackspace US, Inc. +# +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. + +- name: Basic lxc host setup + hosts: "{{ lxc_host_group | default('lxc_hosts')}}" + gather_facts: "{{ osa_gather_facts | default(True) }}" + max_fail_percentage: 20 + user: root + pre_tasks: + - include: common-tasks/set-upper-constraints.yml + - include: common-tasks/set-pip-upstream-url.yml + - name: Check the state of the default LXC service log directory + stat: + path: "/var/log/lxc" + register: _lxc_log_dir + - name: Create the log aggregation parent directory + file: + path: "/openstack/log" + state: directory + - name: Move the existing folder to the log aggregation parent + command: "mv /var/log/lxc /openstack/log/{{ inventory_hostname }}-lxc" + when: + - _lxc_log_dir.stat.isdir is defined + - _lxc_log_dir.stat.isdir | bool + - name: Create the new LXC service log directory + file: + path: "/openstack/log/{{ inventory_hostname }}-lxc" + state: directory + - name: Create the LXC service log aggregation link + file: + src: "/openstack/log/{{ inventory_hostname }}-lxc" + dest: "/var/log/lxc" + state: "link" + roles: + - role: "lxc_hosts" + - role: "rsyslog_client" + rsyslog_client_log_rotate_file: lxc_log_rotate + rsyslog_client_log_dir: "/var/log/lxc" + rsyslog_client_config_name: "99-lxc-rsyslog-client.conf" + tags: + - rsyslog + vars_files: + - defaults/repo_packages/openstack_services.yml + environment: "{{ deployment_environment_variables | default({}) }}" + tags: + - lxc-hosts diff --git a/playbooks/etcd-install.yml b/playbooks/etcd-install.yml index 963d69d4c1..0e429a9db0 100644 --- a/playbooks/etcd-install.yml +++ b/playbooks/etcd-install.yml @@ -19,7 +19,7 @@ max_fail_percentage: 20 user: root pre_tasks: - - include: common-tasks/os-lxc-container-setup.yml + - include: "common-tasks/os-{{ container_tech | default('lxc') }}-container-setup.yml" - include: common-tasks/unbound-clients.yml static: no when: diff --git a/playbooks/galera-install.yml b/playbooks/galera-install.yml index 2ca9c320fb..cf32b3dab4 100644 --- a/playbooks/galera-install.yml +++ b/playbooks/galera-install.yml @@ -25,7 +25,7 @@ log_dirs: - src: "/openstack/log/{{ inventory_hostname }}-mysql_logs" dest: "/var/log/mysql_logs" - - include: common-tasks/os-lxc-container-setup.yml + - include: "common-tasks/os-{{ container_tech | default('lxc') }}-container-setup.yml" vars: list_of_bind_mounts: "{{ galera_container_bind_mounts }}" extra_container_config_no_restart: diff --git a/playbooks/haproxy-install.yml b/playbooks/haproxy-install.yml index 7dbe610ec5..0246e67cc8 100644 --- a/playbooks/haproxy-install.yml +++ b/playbooks/haproxy-install.yml @@ -18,7 +18,7 @@ gather_facts: "{{ osa_gather_facts | default(True) }}" user: root pre_tasks: - - include: common-tasks/os-lxc-container-setup.yml + - include: "common-tasks/os-{{ container_tech | default('lxc') }}-container-setup.yml" - include: common-tasks/os-log-dir-setup.yml vars: log_dirs: diff --git a/playbooks/lxc-containers-create.yml b/playbooks/lxc-containers-create.yml deleted file mode 100644 index 9b7ae59527..0000000000 --- a/playbooks/lxc-containers-create.yml +++ /dev/null @@ -1,54 +0,0 @@ ---- -# Copyright 2014, Rackspace US, Inc. -# -# Licensed under the Apache License, Version 2.0 (the "License"); -# you may not use this file except in compliance with the License. -# You may obtain a copy of the License at -# -# http://www.apache.org/licenses/LICENSE-2.0 -# -# Unless required by applicable law or agreed to in writing, software -# distributed under the License is distributed on an "AS IS" BASIS, -# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -# See the License for the specific language governing permissions and -# limitations under the License. - -- name: Gather lxc container host facts - hosts: "{{ lxc_host_group | default('lxc_hosts')}}" - gather_facts: "{{ osa_gather_facts | default(True) }}" - -- name: Create container(s) - hosts: "{{ container_group|default('all_containers') }}" - gather_facts: false - max_fail_percentage: 20 - user: root - roles: - - role: "lxc_container_create" - post_tasks: - - name: Wait for container connectivity - wait_for_connection: - connect_timeout: "{{ lxc_container_wait_params.connect_timeout | default(omit) }}" - delay: "{{ lxc_container_wait_params.delay | default(omit) }}" - sleep: "{{ lxc_container_wait_params.sleep | default(omit) }}" - timeout: "{{ lxc_container_wait_params.timeout | default(omit) }}" - - name: Set local facts for new container(s) - setup: - filter: ansible_local - gather_subset: "!all" - environment: "{{ deployment_environment_variables | default({}) }}" - tags: - - lxc-containers-create - -# TODO(evrardjp): Remove host_need_pip in the future -# when the process building the repo is done before this step. -- name: Configure containers default software, but don't run pip yet - hosts: "{{ container_group|default('all_containers') }}" - gather_facts: true - user: root - roles: - - role: "openstack_hosts" - vars: - host_need_pip: False - environment: "{{ deployment_environment_variables | default({}) }}" - tags: - - lxc-containers-create diff --git a/playbooks/lxc-containers-create.yml b/playbooks/lxc-containers-create.yml new file mode 120000 index 0000000000..b9d47a06f0 --- /dev/null +++ b/playbooks/lxc-containers-create.yml @@ -0,0 +1 @@ +containers-lxc-create.yml \ No newline at end of file diff --git a/playbooks/lxc-containers-destroy.yml b/playbooks/lxc-containers-destroy.yml deleted file mode 100644 index 2cbbaa0c34..0000000000 --- a/playbooks/lxc-containers-destroy.yml +++ /dev/null @@ -1,64 +0,0 @@ ---- -# Copyright 2016, Rackspace US, Inc. -# -# Licensed under the Apache License, Version 2.0 (the "License"); -# you may not use this file except in compliance with the License. -# You may obtain a copy of the License at -# -# http://www.apache.org/licenses/LICENSE-2.0 -# -# Unless required by applicable law or agreed to in writing, software -# distributed under the License is distributed on an "AS IS" BASIS, -# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -# See the License for the specific language governing permissions and -# limitations under the License. - -- name: Destroy lxc containers - hosts: "{{ container_group|default('all_containers') }}" - gather_facts: false - max_fail_percentage: 20 - user: root - tasks: - - name: Destroy a container - lxc_container: - name: "{{ container_name }}" - state: "absent" - delegate_to: "{{ physical_host }}" - when: - - force_containers_destroy | bool - - force_containers_data_destroy | bool - - name: Destroy container service directories - file: - path: "{{ item }}" - state: "absent" - with_items: - - "/var/lib/lxc/{{ container_name }}" - delegate_to: "{{ physical_host }}" - when: - - force_containers_destroy | bool - - name: Destroy container data - file: - path: "{{ item }}" - state: "absent" - with_items: - - "/openstack/{{ container_name }}" - - "/openstack/backup/{{ container_name }}" - - "/openstack/log/{{ container_name }}" - - "/var/log/lxc/lxc-{{ container_name }}.log" - delegate_to: "{{ physical_host }}" - when: - - force_containers_destroy | bool - - force_containers_data_destroy | bool - vars_prompt: - - name: "force_containers_destroy" - prompt: "Are you sure you want to destroy the LXC containers?" - default: "no" - private: no - when: force_containers_destroy is undefined - - name: "force_containers_data_destroy" - prompt: "Are you sure you want to destroy the LXC container data?" - default: "no" - private: no - when: force_containers_data_destroy is undefined - tags: - - lxc-containers-destroy diff --git a/playbooks/lxc-containers-destroy.yml b/playbooks/lxc-containers-destroy.yml new file mode 120000 index 0000000000..ff39afa148 --- /dev/null +++ b/playbooks/lxc-containers-destroy.yml @@ -0,0 +1 @@ +containers-lxc-destroy.yml \ No newline at end of file diff --git a/playbooks/lxc-hosts-setup.yml b/playbooks/lxc-hosts-setup.yml deleted file mode 100644 index 580a438985..0000000000 --- a/playbooks/lxc-hosts-setup.yml +++ /dev/null @@ -1,58 +0,0 @@ ---- -# Copyright 2014, Rackspace US, Inc. -# -# Licensed under the Apache License, Version 2.0 (the "License"); -# you may not use this file except in compliance with the License. -# You may obtain a copy of the License at -# -# http://www.apache.org/licenses/LICENSE-2.0 -# -# Unless required by applicable law or agreed to in writing, software -# distributed under the License is distributed on an "AS IS" BASIS, -# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -# See the License for the specific language governing permissions and -# limitations under the License. - -- name: Basic lxc host setup - hosts: "{{ lxc_host_group | default('lxc_hosts')}}" - gather_facts: "{{ osa_gather_facts | default(True) }}" - max_fail_percentage: 20 - user: root - pre_tasks: - - include: common-tasks/set-upper-constraints.yml - - include: common-tasks/set-pip-upstream-url.yml - - name: Check the state of the default LXC service log directory - stat: - path: "/var/log/lxc" - register: _lxc_log_dir - - name: Create the log aggregation parent directory - file: - path: "/openstack/log" - state: directory - - name: Move the existing folder to the log aggregation parent - command: "mv /var/log/lxc /openstack/log/{{ inventory_hostname }}-lxc" - when: - - _lxc_log_dir.stat.isdir is defined - - _lxc_log_dir.stat.isdir | bool - - name: Create the new LXC service log directory - file: - path: "/openstack/log/{{ inventory_hostname }}-lxc" - state: directory - - name: Create the LXC service log aggregation link - file: - src: "/openstack/log/{{ inventory_hostname }}-lxc" - dest: "/var/log/lxc" - state: "link" - roles: - - role: "lxc_hosts" - - role: "rsyslog_client" - rsyslog_client_log_rotate_file: lxc_log_rotate - rsyslog_client_log_dir: "/var/log/lxc" - rsyslog_client_config_name: "99-lxc-rsyslog-client.conf" - tags: - - rsyslog - vars_files: - - defaults/repo_packages/openstack_services.yml - environment: "{{ deployment_environment_variables | default({}) }}" - tags: - - lxc-hosts diff --git a/playbooks/lxc-hosts-setup.yml b/playbooks/lxc-hosts-setup.yml new file mode 120000 index 0000000000..3ea0bbb73b --- /dev/null +++ b/playbooks/lxc-hosts-setup.yml @@ -0,0 +1 @@ +containers-lxc-host.yml \ No newline at end of file diff --git a/playbooks/memcached-install.yml b/playbooks/memcached-install.yml index d9feb7abc3..42b9f7a4d5 100644 --- a/playbooks/memcached-install.yml +++ b/playbooks/memcached-install.yml @@ -19,7 +19,7 @@ max_fail_percentage: 20 user: root pre_tasks: - - include: common-tasks/os-lxc-container-setup.yml + - include: "common-tasks/os-{{ container_tech | default('lxc') }}-container-setup.yml" - include: common-tasks/os-log-dir-setup.yml vars: log_dirs: diff --git a/playbooks/os-aodh-install.yml b/playbooks/os-aodh-install.yml index f5d9859b5a..694bebdd10 100644 --- a/playbooks/os-aodh-install.yml +++ b/playbooks/os-aodh-install.yml @@ -19,7 +19,7 @@ max_fail_percentage: 20 user: root pre_tasks: - - include: common-tasks/os-lxc-container-setup.yml + - include: "common-tasks/os-{{ container_tech | default('lxc') }}-container-setup.yml" - include: common-tasks/rabbitmq-vhost-user.yml static: no vars: diff --git a/playbooks/os-barbican-install.yml b/playbooks/os-barbican-install.yml index 5b0b899506..6362b55d00 100644 --- a/playbooks/os-barbican-install.yml +++ b/playbooks/os-barbican-install.yml @@ -19,7 +19,7 @@ max_fail_percentage: 20 user: root pre_tasks: - - include: common-tasks/os-lxc-container-setup.yml + - include: "common-tasks/os-{{ container_tech | default('lxc') }}-container-setup.yml" - include: common-tasks/rabbitmq-vhost-user.yml static: no vars: diff --git a/playbooks/os-ceilometer-install.yml b/playbooks/os-ceilometer-install.yml index 301ebc5beb..47dc8bcbcf 100644 --- a/playbooks/os-ceilometer-install.yml +++ b/playbooks/os-ceilometer-install.yml @@ -19,7 +19,7 @@ max_fail_percentage: 20 user: root pre_tasks: - - include: common-tasks/os-lxc-container-setup.yml + - include: "common-tasks/os-{{ container_tech | default('lxc') }}-container-setup.yml" - include: common-tasks/rabbitmq-vhost-user.yml static: no vars: diff --git a/playbooks/os-designate-install.yml b/playbooks/os-designate-install.yml index 585bb261b3..0e59866539 100644 --- a/playbooks/os-designate-install.yml +++ b/playbooks/os-designate-install.yml @@ -21,7 +21,7 @@ gather_facts: "{{ osa_gather_facts | default(True) }}" user: root pre_tasks: - - include: common-tasks/os-lxc-container-setup.yml + - include: "common-tasks/os-{{ container_tech | default('lxc') }}-container-setup.yml" - include: common-tasks/rabbitmq-vhost-user.yml static: no vars: diff --git a/playbooks/os-gnocchi-install.yml b/playbooks/os-gnocchi-install.yml index ba9b906a37..5c222c63d2 100644 --- a/playbooks/os-gnocchi-install.yml +++ b/playbooks/os-gnocchi-install.yml @@ -18,12 +18,12 @@ max_fail_percentage: 20 user: root pre_tasks: - - include: common-tasks/os-lxc-container-setup.yml + - include: "common-tasks/os-{{ container_tech | default('lxc') }}-container-setup.yml" static: no vars: list_of_bind_mounts: "{{ gnocchi_container_bind_mounts }}" when: (gnocchi_storage_driver == "file") or (gnocchi_storage_driver is not defined) - - include: common-tasks/os-lxc-container-setup.yml + - include: "common-tasks/os-{{ container_tech | default('lxc') }}-container-setup.yml" static: no when: - gnocchi_storage_driver is defined diff --git a/playbooks/os-heat-install.yml b/playbooks/os-heat-install.yml index 18f9c0ac3c..c18cc35e5b 100644 --- a/playbooks/os-heat-install.yml +++ b/playbooks/os-heat-install.yml @@ -19,7 +19,7 @@ max_fail_percentage: 20 user: root pre_tasks: - - include: common-tasks/os-lxc-container-setup.yml + - include: "common-tasks/os-{{ container_tech | default('lxc') }}-container-setup.yml" - include: common-tasks/rabbitmq-vhost-user.yml static: no vars: diff --git a/playbooks/os-horizon-install.yml b/playbooks/os-horizon-install.yml index 956d796e32..4374742e64 100644 --- a/playbooks/os-horizon-install.yml +++ b/playbooks/os-horizon-install.yml @@ -19,7 +19,7 @@ max_fail_percentage: 20 user: root pre_tasks: - - include: common-tasks/os-lxc-container-setup.yml + - include: "common-tasks/os-{{ container_tech | default('lxc') }}-container-setup.yml" - include: common-tasks/os-log-dir-setup.yml vars: log_dirs: diff --git a/playbooks/os-ironic-install.yml b/playbooks/os-ironic-install.yml index d78f0e88f5..cb0382fc4a 100644 --- a/playbooks/os-ironic-install.yml +++ b/playbooks/os-ironic-install.yml @@ -18,7 +18,7 @@ gather_facts: "{{ osa_gather_facts | default(True) }}" user: root pre_tasks: - - include: common-tasks/os-lxc-container-setup.yml + - include: "common-tasks/os-{{ container_tech | default('lxc') }}-container-setup.yml" - include: common-tasks/rabbitmq-vhost-user.yml static: no vars: diff --git a/playbooks/os-keystone-install.yml b/playbooks/os-keystone-install.yml index e5e11aef0e..c0ecbc6de6 100644 --- a/playbooks/os-keystone-install.yml +++ b/playbooks/os-keystone-install.yml @@ -83,7 +83,7 @@ - "keystone_admin-back" - name: Configure container - include: common-tasks/os-lxc-container-setup.yml + include: "common-tasks/os-{{ container_tech | default('lxc') }}-container-setup.yml" vars: extra_container_config_no_restart: - "lxc.start.order=19" diff --git a/playbooks/os-magnum-install.yml b/playbooks/os-magnum-install.yml index f87b0779f7..12540daf4d 100644 --- a/playbooks/os-magnum-install.yml +++ b/playbooks/os-magnum-install.yml @@ -21,7 +21,7 @@ max_fail_percentage: 20 user: root pre_tasks: - - include: common-tasks/os-lxc-container-setup.yml + - include: "common-tasks/os-{{ container_tech | default('lxc') }}-container-setup.yml" - include: common-tasks/os-log-dir-setup.yml vars: log_dirs: diff --git a/playbooks/os-molteniron-install.yml b/playbooks/os-molteniron-install.yml index f535634c46..eb03e90819 100644 --- a/playbooks/os-molteniron-install.yml +++ b/playbooks/os-molteniron-install.yml @@ -18,7 +18,7 @@ gather_facts: "{{ osa_gather_facts | default(True) }}" user: root pre_tasks: - - include: common-tasks/os-lxc-container-setup.yml + - include: "common-tasks/os-{{ container_tech | default('lxc') }}-container-setup.yml" vars: extra_container_config_no_restart: - "lxc.start.order=39" diff --git a/playbooks/os-octavia-install.yml b/playbooks/os-octavia-install.yml index 0b7d03a6a5..1c97926b1b 100644 --- a/playbooks/os-octavia-install.yml +++ b/playbooks/os-octavia-install.yml @@ -19,7 +19,7 @@ max_fail_percentage: 20 user: root pre_tasks: - - include: common-tasks/os-lxc-container-setup.yml + - include: "common-tasks/os-{{ container_tech | default('lxc') }}-container-setup.yml" static: no - include: common-tasks/rabbitmq-vhost-user.yml static: no diff --git a/playbooks/os-sahara-install.yml b/playbooks/os-sahara-install.yml index 265a1a03be..65b5bc76ef 100644 --- a/playbooks/os-sahara-install.yml +++ b/playbooks/os-sahara-install.yml @@ -16,7 +16,7 @@ gather_facts: "{{ osa_gather_facts | default(True) }}" user: root pre_tasks: - - include: common-tasks/os-lxc-container-setup.yml + - include: "common-tasks/os-{{ container_tech | default('lxc') }}-container-setup.yml" - include: common-tasks/rabbitmq-vhost-user.yml static: no vars: diff --git a/playbooks/os-swift-install.yml b/playbooks/os-swift-install.yml index 09a5382c5b..9a65b42491 100644 --- a/playbooks/os-swift-install.yml +++ b/playbooks/os-swift-install.yml @@ -19,7 +19,7 @@ max_fail_percentage: 20 user: root pre_tasks: - - include: common-tasks/os-lxc-container-setup.yml + - include: "common-tasks/os-{{ container_tech | default('lxc') }}-container-setup.yml" vars: extra_container_config_no_restart: - "lxc.start.order=39" diff --git a/playbooks/os-tacker-install.yml b/playbooks/os-tacker-install.yml index d0fc4bd4f5..4991321a35 100644 --- a/playbooks/os-tacker-install.yml +++ b/playbooks/os-tacker-install.yml @@ -19,7 +19,7 @@ max_fail_percentage: 20 user: root pre_tasks: - - include: common-tasks/os-lxc-container-setup.yml + - include: "common-tasks/os-{{ container_tech | default('lxc') }}-container-setup.yml" - include: common-tasks/rabbitmq-vhost-user.yml static: no vars: diff --git a/playbooks/os-trove-install.yml b/playbooks/os-trove-install.yml index e7bdaae4eb..cb8daee5e5 100644 --- a/playbooks/os-trove-install.yml +++ b/playbooks/os-trove-install.yml @@ -21,7 +21,7 @@ gather_facts: "{{ osa_gather_facts | default(True) }}" user: root pre_tasks: - - include: common-tasks/os-lxc-container-setup.yml + - include: "common-tasks/os-{{ container_tech | default('lxc') }}-container-setup.yml" - include: common-tasks/rabbitmq-vhost-user.yml static: no vars: diff --git a/playbooks/rabbitmq-install.yml b/playbooks/rabbitmq-install.yml index b9f58a97e6..0a3556b02d 100644 --- a/playbooks/rabbitmq-install.yml +++ b/playbooks/rabbitmq-install.yml @@ -20,7 +20,7 @@ max_fail_percentage: 0 user: root pre_tasks: - - include: common-tasks/os-lxc-container-setup.yml + - include: "common-tasks/os-{{ container_tech | default('lxc') }}-container-setup.yml" static: vars: extra_container_config_no_restart: diff --git a/playbooks/repo-server.yml b/playbooks/repo-server.yml index 1194a47366..d60070305c 100644 --- a/playbooks/repo-server.yml +++ b/playbooks/repo-server.yml @@ -30,7 +30,8 @@ register: _local_git_cache when: repo_build_git_cache is defined - - include: common-tasks/os-lxc-container-setup.yml + - include: "common-tasks/os-{{ container_tech | default('lxc') }}-container-setup.yml" + static: no vars: list_of_bind_mounts: - mount_path: "/openstack/{{ inventory_hostname }}" diff --git a/playbooks/rsyslog-install.yml b/playbooks/rsyslog-install.yml index 44e517bcc1..381e1865ea 100644 --- a/playbooks/rsyslog-install.yml +++ b/playbooks/rsyslog-install.yml @@ -19,7 +19,7 @@ max_fail_percentage: 20 user: root pre_tasks: - - include: common-tasks/os-lxc-container-setup.yml + - include: "common-tasks/os-{{ container_tech | default('lxc') }}-container-setup.yml" vars: list_of_bind_mounts: - bind_dir_path: "{{ rsyslog_server_storage_directory }}" diff --git a/playbooks/setup-hosts.yml b/playbooks/setup-hosts.yml index f2c62b9f99..618f8f0039 100644 --- a/playbooks/setup-hosts.yml +++ b/playbooks/setup-hosts.yml @@ -15,5 +15,4 @@ - include: openstack-hosts-setup.yml - include: security-hardening.yml -- include: lxc-hosts-setup.yml -- include: lxc-containers-create.yml +- include: containers-deploy.yml diff --git a/playbooks/unbound-install.yml b/playbooks/unbound-install.yml index 427abf7d56..6f2ecd2704 100644 --- a/playbooks/unbound-install.yml +++ b/playbooks/unbound-install.yml @@ -20,7 +20,7 @@ user: root pre_tasks: - include: common-tasks/os-log-dir-setup.yml - - include: common-tasks/os-lxc-container-setup.yml + - include: "common-tasks/os-{{ container_tech | default('lxc') }}-container-setup.yml" - include: common-tasks/package-cache-proxy.yml roles: - role: "unbound" diff --git a/playbooks/utility-install.yml b/playbooks/utility-install.yml index 9f252e1231..7a4ed4d9cb 100644 --- a/playbooks/utility-install.yml +++ b/playbooks/utility-install.yml @@ -18,7 +18,7 @@ max_fail_percentage: 20 user: root pre_tasks: - - include: common-tasks/os-lxc-container-setup.yml + - include: "common-tasks/os-{{ container_tech | default('lxc') }}-container-setup.yml" - include: common-tasks/os-log-dir-setup.yml vars: diff --git a/releasenotes/notes/lxc-container-tech-2a24afbef5a7bf6e.yaml b/releasenotes/notes/lxc-container-tech-2a24afbef5a7bf6e.yaml new file mode 100644 index 0000000000..585f6bb788 --- /dev/null +++ b/releasenotes/notes/lxc-container-tech-2a24afbef5a7bf6e.yaml @@ -0,0 +1,5 @@ +--- +features: + - A new variable has been added which allows deployers to set the container + technology OSA will use when running a deployment in containers. This new + variable is ``container_tech`` which has a default value of "lxc". diff --git a/scripts/gate-check-commit.sh b/scripts/gate-check-commit.sh index 2b518c7083..e523b07198 100755 --- a/scripts/gate-check-commit.sh +++ b/scripts/gate-check-commit.sh @@ -44,7 +44,7 @@ export ANSIBLE_ROLE_FETCH_MODE="git-clone" export ANSIBLE_LOG_DIR="/openstack/log/ansible-logging" # Set the scenario to execute based on the first CLI parameter -export SCENARIO=${1:-"aio"} +export SCENARIO=${1:-"aio_lxc"} # Set the action base on the second CLI parameter # Actions available: [ 'deploy', 'upgrade' ] diff --git a/tests/roles/bootstrap-host/defaults/main.yml b/tests/roles/bootstrap-host/defaults/main.yml index 825a2402d0..6598184fb8 100644 --- a/tests/roles/bootstrap-host/defaults/main.yml +++ b/tests/roles/bootstrap-host/defaults/main.yml @@ -194,6 +194,9 @@ bridge_iptables_rules: | up /sbin/iptables -t nat -A POSTROUTING -o {{ bootstrap_host_public_interface }} -j MASQUERADE down /sbin/iptables -t nat -D POSTROUTING -o {{ bootstrap_host_public_interface }} -j MASQUERADE +# Set the container technology in service. Options are lxc. +container_tech: "lxc" + ## Extra storage # An AIO may optionally be built using a second storage device. If a # secondary disk device to use is not specified, then the AIO will be diff --git a/tests/roles/bootstrap-host/templates/user_variables.aio.yml.j2 b/tests/roles/bootstrap-host/templates/user_variables.aio.yml.j2 index dcd58f3366..f09d447614 100644 --- a/tests/roles/bootstrap-host/templates/user_variables.aio.yml.j2 +++ b/tests/roles/bootstrap-host/templates/user_variables.aio.yml.j2 @@ -204,3 +204,6 @@ nova_service_negate: {% if _pypi_mirror is defined and _pypi_mirror.stdout is defined %} repo_nginx_pypi_upstream: "{{ _pypi_mirror.stdout | netloc }}" {% endif %} + +# Set the container tech. Options are "lxc" +container_tech: "{{ container_tech }}" diff --git a/tests/vars/bootstrap-aio-vars.yml b/tests/vars/bootstrap-aio-vars.yml index 1deb09107d..ef61dbf739 100644 --- a/tests/vars/bootstrap-aio-vars.yml +++ b/tests/vars/bootstrap-aio-vars.yml @@ -14,7 +14,7 @@ # limitations under the License. confd_overrides: - aio: + aio_lxc: - name: cinder.yml.aio - name: designate.yml.aio - name: glance.yml.aio diff --git a/zuul.d/jobs.yaml b/zuul.d/jobs.yaml index a404891b47..7db7080fa2 100644 --- a/zuul.d/jobs.yaml +++ b/zuul.d/jobs.yaml @@ -34,34 +34,35 @@ - ^Vagrantfile vars: action: deploy - scenario: aio + scenario: aio_lxc # Ensuring overrides work - job: - name: openstack-ansible-varstest-aio-ubuntu-xenial - parent: openstack-ansible-deploy-aio-ubuntu-xenial + name: openstack-ansible-varstest-aio_lxc-ubuntu-xenial + parent: openstack-ansible-deploy-aio_lxc-ubuntu-xenial vars: action: varstest # ubuntu - job: - name: openstack-ansible-deploy-aio-ubuntu-xenial + name: openstack-ansible-deploy-aio_lxc-ubuntu-xenial parent: openstack-ansible-deploy-aio nodeset: ubuntu-xenial + - job: name: openstack-ansible-deploy-ceph-ubuntu-xenial - parent: openstack-ansible-deploy-aio-ubuntu-xenial # temporarily moved to non voting until # https://bugs.launchpad.net/cinder/+bug/1737015 # has been fixed. voting: false + parent: openstack-ansible-deploy-aio_lxc-ubuntu-xenial vars: action: deploy scenario: ceph - job: - name: openstack-ansible-upgrade-aio-ubuntu-xenial - parent: openstack-ansible-deploy-aio-ubuntu-xenial + name: openstack-ansible-upgrade-aio_lxc-ubuntu-xenial + parent: openstack-ansible-deploy-aio_lxc-ubuntu-xenial timeout: 10800 vars: action: upgrade @@ -69,7 +70,7 @@ - job: name: openstack-ansible-upgrade-ceph-ubuntu-xenial - parent: openstack-ansible-deploy-aio-ubuntu-xenial + parent: openstack-ansible-deploy-aio_lxc-ubuntu-xenial timeout: 10800 vars: action: upgrade @@ -77,35 +78,35 @@ - job: name: openstack-ansible-deploy-octavia-ubuntu-xenial - parent: openstack-ansible-deploy-aio-ubuntu-xenial + parent: openstack-ansible-deploy-aio_lxc-ubuntu-xenial vars: action: deploy scenario: octavia - job: name: openstack-ansible-deploy-translations-ubuntu-xenial - parent: openstack-ansible-deploy-aio-ubuntu-xenial + parent: openstack-ansible-deploy-aio_lxc-ubuntu-xenial vars: action: deploy scenario: translations # centos - job: - name: openstack-ansible-deploy-aio-centos-7 + name: openstack-ansible-deploy-aio_lxc-centos-7 parent: openstack-ansible-deploy-aio nodeset: centos-7 voting: false - job: name: openstack-ansible-deploy-ceph-centos-7 - parent: openstack-ansible-deploy-aio-centos-7 + parent: openstack-ansible-deploy-aio_lxc-centos-7 vars: action: deploy scenario: ceph - job: - name: openstack-ansible-upgrade-aio-centos-7 - parent: openstack-ansible-deploy-aio-centos-7 + name: openstack-ansible-upgrade-aio_lxc-centos-7 + parent: openstack-ansible-deploy-aio_lxc-centos-7 timeout: 10800 vars: action: upgrade @@ -113,7 +114,7 @@ - job: name: openstack-ansible-upgrade-ceph-centos-7 - parent: openstack-ansible-deploy-aio-centos-7 + parent: openstack-ansible-deploy-aio_lxc-centos-7 timeout: 10800 vars: action: upgrade @@ -121,21 +122,60 @@ # opensuse - job: - name: openstack-ansible-deploy-aio-opensuse-423 + name: openstack-ansible-deploy-aio_lxc-opensuse-423 parent: openstack-ansible-deploy-aio nodeset: opensuse-423 voting: false - job: name: openstack-ansible-deploy-ceph-opensuse-423 - parent: openstack-ansible-deploy-aio-opensuse-423 + parent: openstack-ansible-deploy-aio_lxc-opensuse-423 vars: action: deploy scenario: ceph + - job: - name: openstack-ansible-upgrade-aio-opensuse-423 - parent: openstack-ansible-deploy-aio-opensuse-423 + name: openstack-ansible-upgrade-aio_lxc-opensuse-423 + parent: openstack-ansible-deploy-aio_lxc-opensuse-423 timeout: 10800 vars: action: upgrade scenario: aio + + +# NOTE(cloudnull): META JOB MAP +# In order to cater for the possibility that an external job was dependent on the old job name +# the following job items are used to repoint work to the updated job name should the old name +# be referenced. As we updated our zuul dependencies and external job runners these items should +# be removed as soon as they're no longer needed. +- job: + name: openstack-ansible-varstest-aio-ubuntu-xenial + parent: openstack-ansible-varstest-aio_lxc-ubuntu-xenial + +- job: + name: openstack-ansible-deploy-aio-ubuntu-xenial + parent: openstack-ansible-deploy-aio + +- job: + name: openstack-ansible-upgrade-aio-ubuntu-xenial + parent: openstack-ansible-deploy-aio_lxc-ubuntu-xenial + +- job: + name: openstack-ansible-deploy-aio-centos-7 + parent: openstack-ansible-deploy-aio_lxc-centos-7 + +- job: + name: openstack-ansible-upgrade-aio-centos-7 + parent: openstack-ansible-upgrade-aio_lxc-centos-7 + +- job: + name: openstack-ansible-deploy-aio-opensuse-423 + parent: openstack-ansible-deploy-aio_lxc-opensuse-423 + +- job: + name: openstack-ansible-deploy-ceph-opensuse-423 + parent: openstack-ansible-deploy-aio_lxc-opensuse-423 + +- job: + name: openstack-ansible-upgrade-aio-opensuse-423 + parent: openstack-ansible-deploy-aio_lxc-opensuse-423 diff --git a/zuul.d/project.yaml b/zuul.d/project.yaml index 967573029e..e092372327 100644 --- a/zuul.d/project.yaml +++ b/zuul.d/project.yaml @@ -18,10 +18,10 @@ check: jobs: - openstack-ansible-linters - - openstack-ansible-varstest-aio-ubuntu-xenial - - openstack-ansible-deploy-aio-centos-7 - - openstack-ansible-deploy-aio-opensuse-423 - - openstack-ansible-deploy-aio-ubuntu-xenial + - openstack-ansible-varstest-aio_lxc-ubuntu-xenial + - openstack-ansible-deploy-aio_lxc-centos-7 + - openstack-ansible-deploy-aio_lxc-opensuse-423 + - openstack-ansible-deploy-aio_lxc-ubuntu-xenial - openstack-ansible-deploy-ceph-centos-7 - openstack-ansible-deploy-ceph-ubuntu-xenial - openstack-ansible-deploy-ceph-opensuse-423 @@ -31,21 +31,21 @@ gate: jobs: - openstack-ansible-linters - - openstack-ansible-varstest-aio-ubuntu-xenial - - openstack-ansible-deploy-aio-ubuntu-xenial + - openstack-ansible-varstest-aio_lxc-ubuntu-xenial # Removed temporarily until # https://bugs.launchpad.net/cinder/+bug/1737015 is fixed # - openstack-ansible-deploy-ceph-ubuntu-xenial + - openstack-ansible-deploy-aio_lxc-ubuntu-xenial periodic: jobs: - - openstack-ansible-deploy-aio-centos-7 - - openstack-ansible-deploy-aio-opensuse-423 - - openstack-ansible-deploy-aio-ubuntu-xenial + - openstack-ansible-deploy-aio_lxc-centos-7 + - openstack-ansible-deploy-aio_lxc-opensuse-423 + - openstack-ansible-deploy-aio_lxc-ubuntu-xenial - openstack-ansible-deploy-ceph-centos-7 - openstack-ansible-deploy-ceph-ubuntu-xenial - openstack-ansible-deploy-translations-ubuntu-xenial - - openstack-ansible-upgrade-aio-centos-7 - - openstack-ansible-upgrade-aio-opensuse-423 - - openstack-ansible-upgrade-aio-ubuntu-xenial + - openstack-ansible-upgrade-aio_lxc-centos-7 + - openstack-ansible-upgrade-aio_lxc-opensuse-423 + - openstack-ansible-upgrade-aio_lxc-ubuntu-xenial - openstack-ansible-upgrade-ceph-centos-7 - openstack-ansible-upgrade-ceph-ubuntu-xenial