In some environment the containers' tag isn't modified (think
"latest"). This is already supported during deployment so we re-use
the code during update.
We also make sure that the same mechanism is available for
ovn_controller update. It can be selectively disable if one pass:
--skip-tags ovn_image
to the external-update run command.
We remove the ignore error as it's wrong indication that we are not
taking errors into account in those tasks. We also adjust the
delay as it's 3 seconds by default making the time we check longer
than the async tasks. Eventually, we add a new parameter for
controlling the downloading of the image
"OVNControllerImageUpdateTimeout" which is set to 10min by default.
Note that in order to pass CI, we need to modify the tht syntax test:
- ensure containers.podman collection is installed;
- ensure custom tripleo-ansible filter are found;
- make sure tripleo_role_name is defined in the syntax test playbook.
Change-Id: I6d439367816d5f5968b8f890f74b7a2f74715f52
ansible.builtin.debug is redirected to ansible.posix.debug.
We need to install the collection explicitly.
This needs to be fixed for stdout callback plugin related changes
in ansible-runner >=2.2.0.
Also, increases ansible verbosity to track these issues better in
the future.
Closes-Bug: #1971703
Change-Id: Ibe883e19c25926ab302db741afae70821209a350
When using nic paritioning feature, the VFs used
by host has to be excluded from passthrough
whitelist. Added support to the derive pci script
to support pci address as string or dict format.
Specifying product_id, vendor_id is also allowed.
Added test cases for the derive pci script.
Change-Id: I35b3fe177f08214d06e20334e08be9bfe06f16d1
The six library was used to bridge the py2 > py3
gap. This library is longer required on branches
that do not support Python2.
Change-Id: I40cb90bc6bc058dcbf3659b97dbb489b53adb9d3
- enable run of ansible-lint, with a temporary set of excludes
- fixes two problems reported by ansible-linter
Change-Id: Ibbe23db8fd5ac1008109f50f514df96686b0fa19
Bug: #1921409
This was mainly there as an legacy interface which was
for internal use. Now that we pull the passwords from
the existing environment and don't use it, we can drop
this.
Reduces a number of heat resources.
Change-Id: If83d0f3d72a229d737a45b2fd37507dc11a04649
Now that the FFU process relies on the upgrade_tasks and deployment
tasts there is no need to keep the old fast_forward_upgrade_tasks.
This patch removes all the fast_forward_upgrade_tasks section from
the services, as well as from the common structures.
Change-Id: I39b8a846145fdc2fb3d0f6853df541c773ee455e
The mock third party library was needed for mock support in py2
runtimes. Since we now only support py36 and later, we can use the
standard lib unittest.mock module instead.
Change-Id: Iabd3e90a46fd087c8e780796e04fcc050c5277ab
With the HA NG work having landed, the impact of pacemaker
is reduced and only very few core services are being managed
by pacemaker. Since the HA deployments work just fine
with a single node, it makes little sense to use the non-ha
deployment as default any longer (Also because downstream
we do the default to the HA deployment by default and this
keeps confusing users).
This patch does the following :
* Remove Keepalived services from all CI scenarios running it.
* Make sure all HA services deployed in CI run with Pacemaker.
* Remove non HA containers so Pacemaker can
bootstrap the new containers safely.
* Before removing mysql container, create the clustercheck user and
grant correct permissions to avoid bootstrap issues later when galera
is spawned.
* Disable HA on the minor update job, it seems to not working fine if
only one controller is deployed.
Depends-On: https://review.opendev.org/#/c/718759
Change-Id: I0f61016df6a9f07971c5eab51cc9674a1458c66f
tripleo-ansible isn't the only source of roles and modules, we also have
modules in ansible-pacemaker for example, and more. We need to make the
THT ansible syntax check able to also include these in the testing.
Change-Id: Ieb089d20fced84bf44980d35b88ba20964545b7f
We are removing Paunch, and also Podman is the only container cli
supported when it comes to upgrades, so this patch simplifies a bit how
we deal with the upgrade of MySQL container.
This submission also adds the path for the ansible modules
installed from tripleo-ansible in the tht-check job.
Change-Id: I8b01ac05bae6544119769e50501bf705b22081f3
Until now if there is a nit inside any
Ansible task part of tripleo-heat-templates we will
need to wait until the end-to-end test imports
the actual tasks to fail.
This submission adds the hability to run a syntax
check for any Ansible task part of any role
defined by default in the resource registry.
Also it will allow to reduce the CI CO2 footprint
by not executing unneeded jobs meant to fail.
Let's save the planet and some CI cycles.
Change-Id: I6eb7c873cc9a4b7d765e745dc260475bff7b268a
This change makes sure that we apply pyflake8 checks on all python
codes to improve its readability.
Note that there are some rules applied for other OpenStack projects,
but not yet turned on, which should be enabled in the future.
Change-Id: Iaf0299983d3a3fe48e3beb8f47bd33c21deb4972
Indenting blank description lines just creates unnecessary trailing
whitespace in the output file. Skip the indentation in this case.
Change-Id: Ib0fbd26b489f6d9cf262c1186d3b3e604d4c0c67
We have environments that are exclusively resource_registry entries,
and we shouldn't have to include a dummy files: key to make that
work with the generator.
Change-Id: I8ffabb5e583aabbfa4f2f22a4418783c857118fa
Certs were being generated for all networks in service net map.
This was failing as we do not generate hieradata for all of these networks.
Switching from yaql to jinga templating to match the logic that
generates the hieradata.
Change-Id: Ic6c25aceb07ea3824a8fb23549bc5d1205e5cefc
Closes-bug: 1748023
Closes-Bug: 1748053
We use yaql in many hot templates, but they are usually faily obscure
and not documented, which makes it hard to change them over time (to
make them perform better for example).
This introduces some basic infrastructure for testing them, as well as a
first modification to show how things would be easier to change.
Change-Id: I1a8d3a514d8fa0de4b024d3ae320723d791f3e7d
It is possible to pass parameters only to a specific role by using an
environment with a <role name>Parameters dict. This change adds support
for sample environments with such nested parameters.
Change-Id: I7eb91d4262013341fab733342ab313caf8cec118
This patch fix the following error when running python3
TypeError: can only concatenate list (not "dict_keys") to list
Change-Id: Ic487bf4c4f6cb2bc35011416056bef1417a23076
The method "generate_environments" in environment_generator.py
takes two arguments but 1 given in "test_environment_generator.py"
Change-Id: I39abcf2340ce04f3d193d80c8af177027c512556
This check ensures that if a parameter is changed that would affect
a generated environment then the environment must be updated before
pep8 will pass. It will also catch any mistaken hand edits to the
generated files.
bp generated-environments
Change-Id: I2d12992ed55f963285422e1282a4cee06e989b6d
All of the other SSL environments were converted, but this one was
missed. That's an inconsistent user experience and should be
cleaned up.
This environment also exposed a bug in the tool where it did not
include the parameter_defaults section key if all the parameters
were marked static.
Change-Id: I19bc422c22b9f60f781e696ce703b026dc317786
Closes-Bug: 1713761
It looks like this was added recently and it doesn't appear to be a
parameter we want in the sample environments.
Change-Id: I0ac433553e7ad9b0a54c011b66c54b4692b44be0
Fix a bug that prevented these working. A unit test and
documentation for the nested environment functionality is also
included.
Change-Id: I2d4aeb584eb624178d601cfd6bc0a6473cb5289f
Starts converting storage-related sample environments to the tool,
and adds a few new ones for demonstration purposes.
This has required the addition of a new category of parameter
overrides in the tool. There are some parameters that are part of
the public API of roles that should not normally be included in a
sample environment for that role. Examples are EndpointMap and
ServiceNetMap. Those are both passed into most (all?) roles, but
their template defaults are not useful (both default to {}).
Unless we are explicitly creating a sample environment that
overrides those defaults we don't want them included.
Parameters such as RoleName and RoleParameters are similar. We
can't change them because they are part of the composable roles
interface and that would break any existing custom roles, but we
don't really want them included normally either. It's possible
these could be made completely private, but there have been some
very preliminary discussions about generating role samples that
might actually want to set them.
In order to avoid issues with editing the unit test file in editors
that strip trailing whitespace, the minor formatting bug where
params like EndpointMap had a trailing space after the name has
also been fixed.
Change-Id: If11f30c734bfbc17d463a9890c736d7477186fb9
We're not going to want to list every single sample environment in
a single file, so let's also take a directory and just read every
yaml file in it. This commit adds support for that as well as
some initial environments to demonstrate its use.
Change-Id: If2c608f2a61fc5e16784ab594d23f1fa335e1d3c
This is a tool to automate the generation of our sample environment
files. It takes a yaml file as input, and based on the environments
defined in that file generates a number of sample environment files
from the parameters in the Heat templates. A tox genconfig target
is added that mirrors how the other OpenStack services generate
their sample config files.
A description of the available options for the input file is
provided in a README file in the sample-env-generator directory.
In this commit only a single sample config is provided as a basic
example of how the tool works, but subsequent commits will add
more generated sample configs.
Change-Id: I855f33a61bba5337d844555a7c41b633b3327f7a
bp: environment-generator
Sofer Athlan-Guyot