It's useful to know when a command last ran as well as being able to
cross coordinate when something was running between the ansible output
and other logs. We can use the output timestamp do this.
Change-Id: I3f55f0a7f966f025a9938576ccf735f50f4c8589
This patch configures Octavia to enable amphora log offloading
to the Octavia rsyslog container if the OctaviaOffloadAllLogs
parameter is True.
Depends-On: https://review.opendev.org/724187
Change-Id: Ic4ee6f4a150200531491cdd78ca3c4f66e5d1ffb
Forcing lo.disable_ipv6=0 in tripleo-ansible may result in such
value being placed in /etc/sysctl.d/99-tripleo.conf *before*
net.ipv6.conf.all.disable_ipv6 = 1, thus effectively being ignored.
See rhbz#1841522 for an example of a side effect of this, where
'KernelDisableIPv6: 1' results in epmd/rabbitmq being unable to start.
Depends-on: https://review.opendev.org/#/c/732098
Change-Id: Iea01c7d6ef19ed2f0a2b7ecab15de0c30fcb4f8c
We're working on changing the default callbacks for tripleo but we don't
want to use them when invoking ceph-ansible. We should exclude the
callbacks that were used in the calling env and specifically set the
regular callbacks.
Change-Id: I6ab1709d2e0e0d60d2401281aa3bb88cfea6e5d4
Related-Bug: #1881670
In order to allow us to share some logic between the linear and free
strategies, we need to create a base strategy to use for our shared
logic.
Change-Id: I593f193f98112dbf1d493ffd22040837597db11c
Prior to this patch, run_once was basically ignored. This patch adds
tracking on tasks that are tagged with run_once and will only allow it
to be invoked once. This means if the run_once task fails, all the other
hosts will continue to process their tasks like nothing happened. The
play itself will exit if the run_once task fails at the end. For tripleo
this means that run_once should not be used for any required tasks
within a play but can be used to make sure a task will only run once
time for a given play.
Change-Id: Iaa1278763d56429b2886371a18477e1f54680e19
This strategy is to be used for the execution of deployment steps so
that tasks run on all hosts (up to # of workers) freely without locking
at each task. This is closer to what we had when Heat drove the
deployments as each of the software deployments would execute
simultaneously on all nodes at the same time.
This strategy does two important things for us:
1) Hosts execute their tasks freely with no dependencies on the other
hosts that are running the same tasks
2) Failures on any given host will not stop future tasks from
executing on other hosts, but will cause the overall playbook
execution to stop at the end of the "PLAY".
These specific things are how the previous deployment executed when Heat
was the driver of deployment actions. The nodes would fetch their list
of actions, execute and report back to status. Heat would fail the
deployment if any of the hosts failed to execute their work however a
failure on one host did not impact the other hosts. The TripleO
deployment framework already has the step concept in itself to allow
for the individual steps (1 through 5) to execute in a parallael on all
hosts at the same time. At the end of the "PLAY", ansible waits for all
nodes to complete before proceeding on to the next "PLAY". So Step 1 is
a "PLAY" followed by Step 2. If a failure occurs during Step 1 on any
host, we would not proceed to the Step 2 play.
Change-Id: Id921ed48a948211b9a90def4a4667d015ec11d2f
Add file to the reno documentation build to show release notes for
stable/ussuri.
Use pbr instruction to increment the minor version number
automatically so that master versions are higher than the versions on
stable/ussuri.
Change-Id: Ib651730924f36c9511bf73372c71fb5d14feaffc
Sem-Ver: feature
This change will allow deployers to expose sensitive data as needed.
Change-Id: I717b34920ab0129a2bac287015a6cd1053c7e1c9
Signed-off-by: Kevin Carter <kecarter@redhat.com>
This change will enable or disable no_log and debug options whenever the
verbosity is set to an integer greater than 2. This will ensure operators and
deployers are best equipped to troubleshoot issues by dynamically providing
additional data in an expected way. To ensure we're able to differentiate
between output masking and security masking, two options were used to enable or
disable no_log across our roles and playbooks.
> All debug options, without security implications, will now react to the
`ansible_verbosity` built in by default. Changes have been made to our
skeleton role to ensure this is enforced on all new roles created going
forward.
> An additional prefixed role option, `*_hide_sensitive_logs`, has been added to
allow operators to easily toggle sensitive output when required. The role
prefixed variables will respond to the global option `hide_sensitive_logs` as
defined in THT which will ensure a consistent user experience.
Depends-On: I84f3982811ade59bac5ebaf3a124f9bfa6fa22a4
Change-Id: Ia6658110326899107a0e277f0d2574c79a8a820b
Signed-off-by: Kevin Carter <kecarter@redhat.com>
* Use become: true or the role can't be run as a regular user.
* Add the missing rst file that will generate the doc for the
tripleo_provision_mcelog role.
* Add zuul layout to create the molecule job so we can test
tripleo_provision_mcelog.
* Remove useless molecule/default/Dockerfile
* Update molecule/default/molecule.yml to match with other roles
Change-Id: I50efdfe02a3deec961f0a1fde473458ca6110698
The new `cli-derive-parameters.yaml` has been built to replace the mistral
workflow of the same name. This new playbook is leveraging several modules
which take advantage of the new ansible module utilities for tripleo-common.
The role `tripleo_derived_parameters` has been created, which will house all
of the required tasks to ensure an effective execution while also providing a
medium to test our process.
> Mock data has been added from a real deployment to ensure that the role
data processing is correct and tested accordingly.
Change-Id: I6f3f797a37724d0eb91b37514087462ac25d175e
Signed-off-by: Kevin Carter <kecarter@redhat.com>
These options can be used instead of the --privileged option with
some containerised services in TripleO.
Change-Id: If1d97e5f1697fdc1d6a7b845cf116d54b1897245
If debug is enabled we want the new log level option to be debug
otherwise fallback to error like it's the default in the module.
Change-Id: I7ceed8d9720c0df8a88c7e1de9d9afd05afde166
This adds a module to generate ansible inventory for a plan.
Depends-On: https://review.opendev.org/#/c/729928/
Change-Id: Ifc4bad57dc6f20c73e9082d30f814ad89742b31b
Add option to configure log-level for podman.
Print stderr, stdout and rc in case of "debug" option.
Fail container module if there is stderr not empty (excluding logs)
Change-Id: Id3854e70608fae9721978263d503bbeaf20d64e8
10 minutes is what we should aim for and we were doing 7 min 30s before,
since we rely on the default delay (5s and not 10s).
Change-Id: I95182701212717d8998ff9eb0737919b51350d21
containers_to_check is a list of containers that run something and then
exit with a return code. Later we will check what their return code is
and make sure the containers didn't fail before we continue with the
deployment.
Also, if a container failed to be created or updated; we don't want to include
it in the list that contains the containers in which we want to check if
the returned RC is valid; since we already know the container didn't
terminate correctly.
Closes-Bug: #1878405
Change-Id: Ia3a985d923c5f44babaae601f3ba62b6d48659da
