diff --git a/ci/environments/disable-unbound.yaml b/ci/environments/disable-unbound.yaml new file mode 100644 index 0000000000..9e3a54d2ed --- /dev/null +++ b/ci/environments/disable-unbound.yaml @@ -0,0 +1,60 @@ +heat_template_version: rocky + +description: > + Disable Unbound Service + +parameters: + RoleNetIpMap: + default: {} + type: json + ServiceData: + default: {} + description: Dictionary packing service data + type: json + ServiceNetMap: + default: {} + description: Mapping of service_name -> network name. Typically set + via parameter_defaults in the resource registry. This + mapping overrides those in ServiceNetMapDefaults. + type: json + DefaultPasswords: + default: {} + type: json + RoleName: + default: '' + description: Role name on which the service is applied + type: string + RoleParameters: + default: {} + description: Parameters specific to the role + type: json + EndpointMap: + default: {} + description: Mapping of service endpoint -> protocol. Typically set + via parameter_defaults in the resource registry. + type: json + Debug: + type: boolean + default: false + description: Set to True to enable debugging on all services. + +resources: + +outputs: + role_data: + description: Role data for the multinode firewall configuration + value: + service_name: disable_unbound + host_prep_tasks: + - name: Disable unbound + service: + name: unbound + state: stopped + enabled: false + ignore_errors: true + - name: Set resolv.conf + copy: + content: "nameserver 1.1.1.1" + dest: /etc/resolv.conf + force: yes + mode: '0644' diff --git a/ci/environments/scenario009-multinode.yaml b/ci/environments/scenario009-multinode.yaml index e396f9e5de..c97858d128 100644 --- a/ci/environments/scenario009-multinode.yaml +++ b/ci/environments/scenario009-multinode.yaml @@ -1,4 +1,5 @@ resource_registry: + OS::TripleO::Services::DisableUnbound: disable-unbound.yaml OS::TripleO::Controller::Net::SoftwareConfig: ../common/net-config-multinode.yaml OS::TripleO::Compute::Net::SoftwareConfig: ../common/net-config-multinode.yaml OS::TripleO::Services::OpenShift::Master: ../../extraconfig/services/openshift-master.yaml @@ -7,6 +8,7 @@ resource_registry: parameter_defaults: ControllerServices: + - OS::TripleO::Services::DisableUnbound - OS::TripleO::Services::CACerts - OS::TripleO::Services::Docker - OS::TripleO::Services::Kernel @@ -19,6 +21,7 @@ parameter_defaults: - OS::TripleO::Services::OpenShift::Master - OS::TripleO::Services::OpenShift::Worker ComputeServices: + - OS::TripleO::Services::DisableUnbound - OS::TripleO::Services::CACerts - OS::TripleO::Services::Docker - OS::TripleO::Services::Kernel @@ -30,3 +33,11 @@ parameter_defaults: - OS::TripleO::Services::Sshd - OS::TripleO::Services::OpenShift::Worker Debug: true + + OpenShiftGlobalVariables: + # NOTE(flaper87): Needed for the gate + openshift_disable_check: package_availability,package_version,disk_availability,docker_storage,memory_availability,docker_image_availability + + # NOTE(mandre) keep this until overcloud-full has dbus-python + # https://review.openstack.org/#/c/574674/ + l_install_base_packages: true diff --git a/environments/openshift.yaml b/environments/openshift.yaml index fd208ecde1..da63cbb0b1 100644 --- a/environments/openshift.yaml +++ b/environments/openshift.yaml @@ -2,15 +2,3 @@ resource_registry: OS::TripleO::Services::Docker: ../puppet/services/docker.yaml OS::TripleO::Services::OpenShift::Worker: ../extraconfig/services/openshift-worker.yaml OS::TripleO::Services::OpenShift::Master: ../extraconfig/services/openshift-master.yaml - -parameter_defaults: - OpenShiftGlobalVariables: - openshift_release: '3.7' - openshift_image_tag: v3.7.1 - enable_excluders: false - skip_ovs_svc_handlers: true - openshift_deployment_type: origin - openshift_docker_selinux_enabled: false - osm_etcd_image: "registry.fedoraproject.org/f27/etcd" - # NOTE(flaper87): Needed for the gate - openshift_disable_check: disk_availability,docker_storage,memory_availability,docker_image_availability diff --git a/extraconfig/services/openshift-master.yaml b/extraconfig/services/openshift-master.yaml index bbdf6670af..1614bbd8a5 100644 --- a/extraconfig/services/openshift-master.yaml +++ b/extraconfig/services/openshift-master.yaml @@ -37,7 +37,7 @@ parameters: description: Global Ansible variables for OpenShift-Ansible installer. type: json OpenShiftAnsiblePlaybook: - default: '/usr/share/ansible/openshift-ansible/playbooks/byo/config.yml' + default: '/usr/share/ansible/openshift-ansible/playbooks/deploy_cluster.yml' description: Path to OpenShift-Ansible playbook. type: string OpenShiftMasterNodeVars: @@ -79,7 +79,23 @@ outputs: - name: set openshift global vars fact set_fact: - openshift_global_vars: {get_param: OpenShiftGlobalVariables} + openshift_global_vars: + map_merge: + - openshift_release: '3.9' + openshift_version: '3.9.0' + openshift_image_tag: 'v3.9.0' + openshift_enable_excluders: false + openshift_deployment_type: origin + openshift_use_external_openvswitch: true + openshift_docker_selinux_enabled: false + # Disable services we're not using for now + openshift_enable_service_catalog: false + template_service_broker_install: false + # Needed for containerized deployment + skip_version: true + # Fatal and Errors only + debug_level: 0 + - {get_param: OpenShiftGlobalVariables} openshift_master_node_vars: {get_param: OpenShiftMasterNodeVars} openshift_worker_node_vars: {get_param: OpenShiftWorkerNodeVars} diff --git a/extraconfig/services/openshift-worker.yaml b/extraconfig/services/openshift-worker.yaml index 761e4c7eff..60ebf49e34 100644 --- a/extraconfig/services/openshift-worker.yaml +++ b/extraconfig/services/openshift-worker.yaml @@ -91,4 +91,5 @@ outputs: openshift_node_labels: region: 'infra' zone: 'default' + node-role.kubernetes.io/compute: true {% endfor %}