Update for openshift 3.9

This commit updates the openshift templates to deploy openshift 3.9 instead of 3.7. Update the default playbook path to the one expected by openshift-ansible 3.9. Update the default openshift-ansible variables and move them in the template where they belong. They can be overridden individually via the OpenShiftGlobalVariables heat parameter. Disable unbound on the openshift nodes in CI as it is listening on port 53 and is preventing openshift to start its own DNS service. Co-Authored-By: Flavio Percoco <flavio@redhat.com> Depends-On: I6f123cd71a23fb15aaa2005f7397fc98fdaf187a Depends-On: I27ad9d168af575da8c4f5094152c94e2fa03987c Change-Id: Ifc3d25fa590cfba1fa64ed0266c76c9342a7aa4f
2018-06-11 14:08:01 +02:00 · 2018-06-11 14:08:01 +02:00 · 4e30f51470
parent 9f1d855627
commit 4e30f51470
5 changed files with 90 additions and 14 deletions
--- a/ci/environments/disable-unbound.yaml
+++ b/ci/environments/disable-unbound.yaml
@ -0,0 +1,60 @@
+heat_template_version: rocky
+
+description: >
+  Disable Unbound Service
+
+parameters:
+  RoleNetIpMap:
+    default: {}
+    type: json
+  ServiceData:
+    default: {}
+    description: Dictionary packing service data
+    type: json
+  ServiceNetMap:
+    default: {}
+    description: Mapping of service_name -> network name. Typically set
+                 via parameter_defaults in the resource registry.  This
+                 mapping overrides those in ServiceNetMapDefaults.
+    type: json
+  DefaultPasswords:
+    default: {}
+    type: json
+  RoleName:
+    default: ''
+    description: Role name on which the service is applied
+    type: string
+  RoleParameters:
+    default: {}
+    description: Parameters specific to the role
+    type: json
+  EndpointMap:
+    default: {}
+    description: Mapping of service endpoint -> protocol. Typically set
+                 via parameter_defaults in the resource registry.
+    type: json
+  Debug:
+    type: boolean
+    default: false
+    description: Set to True to enable debugging on all services.
+
+resources:
+
+outputs:
+  role_data:
+    description: Role data for the multinode firewall configuration
+    value:
+      service_name: disable_unbound
+      host_prep_tasks:
+        - name: Disable unbound
+          service:
+            name: unbound
+            state: stopped
+            enabled: false
+          ignore_errors: true
+        - name: Set resolv.conf
+          copy:
+            content: "nameserver 1.1.1.1"
+            dest: /etc/resolv.conf
+            force: yes
+            mode: '0644'
--- a/ci/environments/scenario009-multinode.yaml
+++ b/ci/environments/scenario009-multinode.yaml
@ -1,4 +1,5 @@
 resource_registry:
+  OS::TripleO::Services::DisableUnbound: disable-unbound.yaml
  OS::TripleO::Controller::Net::SoftwareConfig: ../common/net-config-multinode.yaml
  OS::TripleO::Compute::Net::SoftwareConfig: ../common/net-config-multinode.yaml
  OS::TripleO::Services::OpenShift::Master: ../../extraconfig/services/openshift-master.yaml
@ -7,6 +8,7 @@ resource_registry:

 parameter_defaults:
  ControllerServices:
+    - OS::TripleO::Services::DisableUnbound
    - OS::TripleO::Services::CACerts
    - OS::TripleO::Services::Docker
    - OS::TripleO::Services::Kernel
@ -19,6 +21,7 @@ parameter_defaults:
    - OS::TripleO::Services::OpenShift::Master
    - OS::TripleO::Services::OpenShift::Worker
  ComputeServices:
+    - OS::TripleO::Services::DisableUnbound
    - OS::TripleO::Services::CACerts
    - OS::TripleO::Services::Docker
    - OS::TripleO::Services::Kernel
@ -30,3 +33,11 @@ parameter_defaults:
    - OS::TripleO::Services::Sshd
    - OS::TripleO::Services::OpenShift::Worker
  Debug: true
+
+  OpenShiftGlobalVariables:
+    # NOTE(flaper87): Needed for the gate
+    openshift_disable_check: package_availability,package_version,disk_availability,docker_storage,memory_availability,docker_image_availability
+
+    # NOTE(mandre) keep this until overcloud-full has dbus-python
+    # https://review.openstack.org/#/c/574674/
+    l_install_base_packages: true
--- a/environments/openshift.yaml
+++ b/environments/openshift.yaml
@ -2,15 +2,3 @@ resource_registry:
  OS::TripleO::Services::Docker: ../puppet/services/docker.yaml
  OS::TripleO::Services::OpenShift::Worker: ../extraconfig/services/openshift-worker.yaml
  OS::TripleO::Services::OpenShift::Master: ../extraconfig/services/openshift-master.yaml
-
-parameter_defaults:
-  OpenShiftGlobalVariables:
-    openshift_release: '3.7'
-    openshift_image_tag: v3.7.1
-    enable_excluders: false
-    skip_ovs_svc_handlers: true
-    openshift_deployment_type: origin
-    openshift_docker_selinux_enabled: false
-    osm_etcd_image: "registry.fedoraproject.org/f27/etcd"
-    # NOTE(flaper87): Needed for the gate
-    openshift_disable_check: disk_availability,docker_storage,memory_availability,docker_image_availability
--- a/extraconfig/services/openshift-master.yaml
+++ b/extraconfig/services/openshift-master.yaml
@ -37,7 +37,7 @@ parameters:
    description: Global Ansible variables for OpenShift-Ansible installer.
    type: json
  OpenShiftAnsiblePlaybook:
-    default: '/usr/share/ansible/openshift-ansible/playbooks/byo/config.yml'
+    default: '/usr/share/ansible/openshift-ansible/playbooks/deploy_cluster.yml'
    description: Path to OpenShift-Ansible playbook.
    type: string
  OpenShiftMasterNodeVars:
@ -79,7 +79,23 @@ outputs:

            - name: set openshift global vars fact
              set_fact:
-                openshift_global_vars: {get_param: OpenShiftGlobalVariables}
+                openshift_global_vars:
+                  map_merge:
+                  - openshift_release: '3.9'
+                    openshift_version: '3.9.0'
+                    openshift_image_tag: 'v3.9.0'
+                    openshift_enable_excluders: false
+                    openshift_deployment_type: origin
+                    openshift_use_external_openvswitch: true
+                    openshift_docker_selinux_enabled: false
+                    # Disable services we're not using for now
+                    openshift_enable_service_catalog: false
+                    template_service_broker_install: false
+                    # Needed for containerized deployment
+                    skip_version: true
+                    # Fatal and Errors only
+                    debug_level: 0
+                  - {get_param: OpenShiftGlobalVariables}
                openshift_master_node_vars: {get_param: OpenShiftMasterNodeVars}
                openshift_worker_node_vars: {get_param: OpenShiftWorkerNodeVars}

--- a/extraconfig/services/openshift-worker.yaml
+++ b/extraconfig/services/openshift-worker.yaml
@ -91,4 +91,5 @@ outputs:
                            openshift_node_labels:
                              region: 'infra'
                              zone: 'default'
+                              node-role.kubernetes.io/compute: true
                          {% endfor %}