Migrate tripleo_ovn host_prep_tasks to tripleo-ansible

Migrate the tripleo-heat-template ansible tasks into the tripleo_ovn
standalone ansible role.

Change-Id: Ic381cd8504b4b20d28a424fe9a0be4307783d041

tripleo_ansible/roles/tripleo_ovn/defaults/main.yml

@@ -0,0 +1,2 @@
+---
+# defaults file for tripleo_ovn

tripleo_ansible/roles/tripleo_ovn/files/neutron-cleanup

@@ -0,0 +1,24 @@
+#!/bin/bash
+# Cleanup neutron OVS bridges. To be called on startup to avoid
+# "difficult-to-debug" issues with partially configured resources.
+
+NEUTRON_OVS_CONF=/var/lib/config-data/puppet-generated/neutron/etc/neutron/plugins/ml2/openvswitch_agent.ini
+
+if [ -e ${NEUTRON_OVS_CONF} ]; then
+    INT_BRIDGE=`crudini --get ${NEUTRON_OVS_CONF} ovs integration_bridge`
+    TUN_BRIDGE=`crudini --get ${NEUTRON_OVS_CONF} ovs tunnel_bridge`
+fi
+
+for port in `ovs-vsctl list-ports ${INT_BRIDGE:-"br-int"}`; do
+    skip_cleanup=`ovs-vsctl --if-exists get Interface $port external_ids:skip_cleanup`
+    if ! [[ "x$skip_cleanup" == "x\"true\"" ]]; then
+        ovs-vsctl del-port ${INT_BRIDGE:-"br-int"} $port
+    fi
+done
+
+ovs-vsctl --if-exists del-br ${TUN_BRIDGE:-"br-tun"}
+
+# Clean up trunk port bridges
+for br in $(ovs-vsctl list-br | egrep 'tbr-[0-9a-f\-]+'); do
+    ovs-vsctl --if-exists del-br $br
+done

tripleo_ansible/roles/tripleo_ovn/files/neutron-cleanup.service

@@ -0,0 +1,12 @@
+[Unit]
+Description=Neutron cleanup on startup
+After=openvswitch.service network.target
+Before=tripleo_neutron_ovs_agent.service tripleo_neutron_dhcp.service tripleo_neutron_l3_agent.service tripleo_nova_compute.service
+RefuseManualStop=yes
+
+[Service]
+Type=oneshot
+ExecStart=/usr/libexec/neutron-cleanup
+
+[Install]
+WantedBy=multi-user.target

tripleo_ansible/roles/tripleo_ovn/meta/main.yml

@@ -0,0 +1,44 @@
+---
+# Copyright 2022 Red Hat, Inc.
+# All Rights Reserved.
+#
+# Licensed under the Apache License, Version 2.0 (the "License"); you may
+# not use this file except in compliance with the License. You may obtain
+# a copy of the License at
+#
+#     http://www.apache.org/licenses/LICENSE-2.0
+#
+# Unless required by applicable law or agreed to in writing, software
+# distributed under the License is distributed on an "AS IS" BASIS, WITHOUT
+# WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the
+# License for the specific language governing permissions and limitations
+# under the License.
+
+
+galaxy_info:
+  namespace: openstack
+  author: OpenStack
+  description: TripleO OpenStack Role -- tripleo_ovn
+  company: Red Hat
+  license: Apache-2.0
+  min_ansible_version: 2.7
+  #
+  # Provide a list of supported platforms, and for each platform a list of versions.
+  # If you don't wish to enumerate all versions for a particular platform, use 'all'.
+  # To view available platforms and versions (or releases), visit:
+  # https://galaxy.ansible.com/api/v1/platforms/
+  #
+  platforms:
+    - name: CentOS
+      versions:
+        - 7
+        - 8
+        - 9
+
+  galaxy_tags:
+    - tripleo
+
+
+# List your role dependencies here, one per line. Be sure to remove the '[]' above,
+# if you add dependencies to this list.
+dependencies: []

tripleo_ansible/roles/tripleo_ovn/molecule/default/converge.yml

@@ -0,0 +1,21 @@
+---
+# Copyright 2021 Red Hat, Inc.
+# All Rights Reserved.
+#
+# Licensed under the Apache License, Version 2.0 (the "License"); you may
+# not use this file except in compliance with the License. You may obtain
+# a copy of the License at
+#
+#     http://www.apache.org/licenses/LICENSE-2.0
+#
+# Unless required by applicable law or agreed to in writing, software
+# distributed under the License is distributed on an "AS IS" BASIS, WITHOUT
+# WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the
+# License for the specific language governing permissions and limitations
+# under the License.
+
+- name: Converge
+  hosts: all
+  gather_facts: true
+  roles:
+    - role: "tripleo_ovn"

tripleo_ansible/roles/tripleo_ovn/molecule/default/molecule.yml

@@ -0,0 +1,28 @@
+---
+driver:
+  name: podman
+
+provisioner:
+  inventory:
+    hosts:
+      all:
+        hosts:
+          centos:
+            ansible_python_interpreter: /usr/bin/python3
+  name: ansible
+  log: true
+  env:
+    ANSIBLE_STDOUT_CALLBACK: yaml
+
+scenario:
+  test_sequence:
+    - destroy
+    - create
+    - prepare
+    - converge
+    - check
+    - verify
+    - destroy
+
+verifier:
+  name: testinfra

tripleo_ansible/roles/tripleo_ovn/molecule/default/prepare.yml

@@ -0,0 +1,23 @@
+---
+# Copyright 2021 Red Hat, Inc.
+# All Rights Reserved.
+#
+# Licensed under the Apache License, Version 2.0 (the "License"); you may
+# not use this file except in compliance with the License. You may obtain
+# a copy of the License at
+#
+#     http://www.apache.org/licenses/LICENSE-2.0
+#
+# Unless required by applicable law or agreed to in writing, software
+# distributed under the License is distributed on an "AS IS" BASIS, WITHOUT
+# WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the
+# License for the specific language governing permissions and limitations
+# under the License.
+
+
+- name: Prepare
+  hosts: all
+  gather_facts: true
+  roles:
+    - role: test_deps
+      test_deps_setup_stream: true

tripleo_ansible/roles/tripleo_ovn/tasks/hostprep.yml

@@ -0,0 +1,52 @@
+---
+# Copyright 2022 Red Hat, Inc.
+# All Rights Reserved.
+#
+# Licensed under the Apache License, Version 2.0 (the "License"); you may
+# not use this file except in compliance with the License. You may obtain
+# a copy of the License at
+#
+#     http://www.apache.org/licenses/LICENSE-2.0
+#
+# Unless required by applicable law or agreed to in writing, software
+# distributed under the License is distributed on an "AS IS" BASIS, WITHOUT
+# WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the
+# License for the specific language governing permissions and limitations
+# under the License.
+
+- name: create persistent directories
+  ansible.builtin.file:
+    path: "{{ item.path }}"
+    state: directory
+    setype: "{{ item.setype }}"
+    mode: "{{ item.mode|default(omit) }}"
+  loop:
+    - { 'path': /var/log/containers/openvswitch, 'setype': container_file_t, 'mode': '0750' }
+    - { 'path': /var/lib/openvswitch/ovn, 'setype': container_file_t }
+
+- name: enable virt_sandbox_use_netlink for healthcheck
+  ansible.builtin.seboolean:
+    name: virt_sandbox_use_netlink
+    persistent: true
+    state: true
+  when:
+    - ansible_facts.selinux is defined
+    - ansible_facts.selinux.status == "enabled"
+
+- name: Copy in cleanup script
+  ansible.builtin.copy:
+    src: neutron-cleanup
+    dest: '/usr/libexec/neutron-cleanup'
+    force: true
+    mode: '0755'
+
+- name: Copy in cleanup service
+  ansible.builtin.copy:
+    src: neutron-cleanup.service
+    dest: '/usr/lib/systemd/system/neutron-cleanup.service'
+    force: true
+
+- name: Enabling the cleanup service
+  ansible.builtin.service:
+    name: neutron-cleanup
+    enabled: true

tripleo_ansible/roles/tripleo_ovn/tasks/main.yml

@@ -0,0 +1,17 @@
+---
+# Copyright 2021 Red Hat, Inc.
+# All Rights Reserved.
+#
+# Licensed under the Apache License, Version 2.0 (the "License"); you may
+# not use this file except in compliance with the License. You may obtain
+# a copy of the License at
+#
+#     http://www.apache.org/licenses/LICENSE-2.0
+#
+# Unless required by applicable law or agreed to in writing, software
+# distributed under the License is distributed on an "AS IS" BASIS, WITHOUT
+# WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the
+# License for the specific language governing permissions and limitations
+# under the License.
+- name: Include host prep tasks
+  include_tasks: hostprep.yml