Change fe83b5488d33b75be6a9bba97faa8ddd69210973 enforced usage of IPv6
in case the scenario requires IPv6, but this causes the following
failure during rabbitmq startup, because hostname is sometimes resolved
to IPv4 address in CI.
```
ERROR: epmd error for host np0033504771: badarg (unknown POSIX error)
```
This makes sure that hostname env is set according to IP address
version.
Change-Id: I4d876200f0fd8b2b84d893f243fe5615352ef11d
This refactors current usage of puppet-rabbitmq. Details follow below.
- the rabbitmql class supports the ipv6 parameter which injects
the required definitions to use IPv6
- ssl options are ignored if rabbitlqm::ssl is false
- we can use native parameters to define the bind address
Change-Id: Id33b56f84b04f0086f0e19e1938f36d109e4a188
- scenario001 and 004 will be running without ceph
until ceph repos get available for CentOS8
- scenario003 will run not run with linuxbridge until next CentOS
minor version as it has issues:-
- https://bugzilla.redhat.com/show_bug.cgi?id=1720637
- Add Puppetfile_centos7 to have different puppet modules
as compared to other distros. Currently only puppet-mysql
needs to be kept pinned for centos7 as newere mariadb version
is required to remove the pin, CentOS8 and ubuntu have required
mariadb version so pin is removed. So automatic updates of puppet
modules will not be applied for CentOS7 as those jobs are going to
be removed in coming months.
- check for rdo_dlrn url existence only for RedHat distros.
Change-Id: I98fc088cd87c1412544f9590ce7a925b413297e2
In Puppet 3 there was a need to use absolute
names to prevent issues. Since Puppet 4 everything
is absolute by default which makes this not needed.
We need to change this everywhere so that we can
revert the pin in [1] that now prevents us from
using the latest version of the puppet-lint check
puppet-lint-absolute_classname_check that properly
checks that we dont use absolute names.
[1] https://review.opendev.org/#/c/697742/
Change-Id: I78b74fbeb08be7234189e4d266412fb7fb7a73c0
This commit copies the repos_ensure parameter to the rabbitmq class
declaration for situations where SSL is diabled.
This needs to be done to keep consistency across all scenarios.
Change-Id: I8ce0316c4b7dcff6c4cfbd0dbcf61340f843ca84
This patch squash 2 commits to bring our CI back:
1) Pin Tempest to latest working commit:
https://review.openstack.org/#/c/297511/ broke us, we need to pin
Tempest to keep rolling.
This will be reverted once we sort things out.
2) rabbitmq: install packages from distro repos
Stop installing RabbitMQ from rabbitmq.com repository.
rabbitmq.com is providing a terrible and frustrating experience of
packaging repository:
* rabbitmq.com is very often down and we have to recheck our jobs
everytime it happens.
* packaging signature is currently broken, see [1].
From this patch, we'll deploy RabbitMQ using distro repositories.
[1] https://github.com/puppetlabs/puppetlabs-rabbitmq/pull/476
Change-Id: I1e79c04d7cd796493ae56423b70626e8841cf284
Switch package_provider to use $::package_provider fact present in
puppetlabs-stdlib.
It will avoid any collision later.
Change-Id: I2df1bff1b911c22eed8a2f6b9c0ab38edda43156
* Deploy Self-Signed Certificates for both IPv6 & IPv4 deployments.
* Disable IPv6 for RabbitMQ now, for SSL reasons, will be enabled again
later in a next iteration.
* Deploy Ironic API under WSGI instead of eventlet.
* Switch Glance API, Ironic API and Keystone to SSL.
* Configure Tempest with SSL endpoints when needed.
* Reduce the Ironic tests because of [1].
[1] https://bugs.launchpad.net/ironic/+bug/1554237
Note #1: puppet-swift, and puppet-cinder will require some work to support SSL, so it's not
implemented in this patch.
Note #2: we don't enable SSL for Neutron because of
https://bugs.launchpad.net/neutron/+bug/1514424
Change-Id: Ib2b5289b6f5e82f43cf60dee3152b2c2ddd5a014
* Configure RabbitMQ to bind on IPv6 (scenario002 only).
* Configure OpenStack service to connect with an IPv6 on
RabbitMQ (scenario002 only).
Change-Id: I0e4ab4b03d7b1c7bb47c55a751bc04f29292a621
Add config.pp file so we can enable common features (ssl, ipv6, ...)
more easily.
Also move the logic into config.pp so we avoid dupplicated code.
Change-Id: Ib7993ad1fbabfc22dc4ee22f72671303190e39e2
* Manage Puppet OpenStack CI CA and create a common certificate,
auto-signed.
* Configure RabbitMQ to activate SSL on scenario002
* Configure OpenStack services that run on scenario002 to connect to
RabbitMQ using SSL protocol.
Change-Id: Ic435078472ba4e0e0eaf04a64e5bcb7aabba7b3d
OpenStack services need RabbitMQ ready before starting, otherwise we
will randomly have this issue:
(...)closed the connection. Check login credentials: Socket closed
Change-Id: I55017c6a3eb91e96136c0928045136f423866aa2
