This makes the following changes:
- Create cloud.yaml for undercloud with standalone services
- Remove keystone and memcached from the undercloud
Change-Id: I741123dcbf4544845b40e253d8b42d868317cc03
Zaqar was deprecated in Wallaby and is no longer in use on the
undercloud and it hasn't been officially supported in the
overcloud for some time.
Change-Id: I3bdcc72d6127ec96ff2307cafbf57f6178c3ef5c
Mistral was deprecated in Wallaby and is no longer in use on the
undercloud and it hasn't been officially supported in the overcloud for
some time.
Change-Id: I6963453f53cb554ca8fdb58706f04838bbd11ba0
Openstack users are configured with openstacklib, which in turns
drive puppet-mysql to create several DB user for each db service:
<service>@'%' <service>@<ip> and <service>@<mysql_vip>.
We create several users because we use two different parameters
host and allowed_hosts in openstacklib, which only has the effect
of creating a list of users per openstack service.
However since we always create a user '%', this wildcard host
will always allow connection to the DB, so the other users are
currently not useful as they don't get any additional grants or
restrictions.
Simplify the entire mysql user creation to only generate one
user per service, with a wildcard host.
Change-Id: I928b03f06c702a13f4bd957eaa79153aa711cee4
Closes-Bug: #1943440
Closes-Bug: #1943330
tftp-server and xinetd are not anticipated to be in RHEL9 and as
such we need to remove their use in order to facilitate a transition
to RHEL9 when the time comes.
In this case, we're anticipating we can just directly launch dnsmasq
instead of in.tftpd directly within the container.
Change-Id: Ie75aa0f2994a4cf662905b912231a12e3bd8afe7
This is basically a revert ot I8f71bf83ddafca167deae1a38ca819f7d930fb80
https://bugzilla.redhat.com/show_bug.cgi?id=1759974 has now been fixed
via https://bugzilla.redhat.com/show_bug.cgi?id=1760763:
"[ovsdb-server] Allow replicating from older schema servers"
which has been fixed in openvswitch2.11-2.11.0-35.el8fdp.x86_64
which was released on 2020-01-22.
I think in master (and potentially wallaby) we can just remove this
workaround now.
Change-Id: I428a30d2ad7be295f8b3dbeaddd76eb88432a532
The package is part of the base image, but when doing a leapp
upgrade it is removed because it is not part of the standard
RHEL repositories.
Resolves: rhbz#1994919
Change-Id: Ia892ccb629b7ef7cb80d549fbe1c684e9b93c0fc
On particular role compositions, the code joining the update_tasks might order
things differently then on a typical 3ctrl control plane and the ovn-dbs tasks
at step1 (which require the cluster to be up) will happen after the pacemaker
task at step1 which stops the cluster.
So we can observe something like the following:
2021-09-10 10:05:13.370339 | 001c2891-506d-f833-ff5a-000000000954 | TASK | Change the bundle operation timeout
2021-09-10 10:05:14.136798 | 001c2891-506d-f833-ff5a-000000000954 | CHANGED | Change the bundle operation timeout | ovn-db-01
2021-09-10 10:05:14.137982 | 001c2891-506d-f833-ff5a-000000000954 | TIMING | Change the bundle operation timeout | ovn-db-01 | 0:00:54.808754 | 0.77s
2021-09-10 10:05:14.146853 | 001c2891-506d-f833-ff5a-000000000956 | TASK | Acquire the cluster shutdown lock to stop pacemaker cluster
2021-09-10 10:05:14.508085 | 001c2891-506d-f833-ff5a-000000000956 | CHANGED | Acquire the cluster shutdown lock to stop pacemaker cluster | ovn-db-01
2021-09-10 10:05:14.509257 | 001c2891-506d-f833-ff5a-000000000956 | TIMING | Acquire the cluster shutdown lock to stop pacemaker cluster | ovn-db-01 | 0:00:55.180032 | 0.36s
2021-09-10 10:05:14.518668 | 001c2891-506d-f833-ff5a-000000000957 | TASK | Stop pacemaker cluster
2021-09-10 10:05:18.559627 | 001c2891-506d-f833-ff5a-000000000957 | CHANGED | Stop pacemaker cluster | ovn-db-01
2021-09-10 10:05:18.560561 | 001c2891-506d-f833-ff5a-000000000957 | TIMING | Stop pacemaker cluster | ovn-db-01 | 0:00:59.231336 | 4.04s
2021-09-10 10:05:18.569161 | 001c2891-506d-f833-ff5a-000000000958 | TASK | Start pacemaker cluster
2021-09-10 10:05:18.627924 | 001c2891-506d-f833-ff5a-000000000958 | SKIPPED | Start pacemaker cluster | ovn-db-01
2021-09-10 10:05:18.628678 | 001c2891-506d-f833-ff5a-000000000958 | TIMING | Start pacemaker cluster | ovn-db-01 | 0:00:59.299453 | 0.06s
2021-09-10 10:05:18.637292 | 001c2891-506d-f833-ff5a-000000000959 | TASK | Release the cluster shutdown lock
2021-09-10 10:05:18.694945 | 001c2891-506d-f833-ff5a-000000000959 | SKIPPED | Release the cluster shutdown lock | ovn-db-01
2021-09-10 10:05:18.695717 | 001c2891-506d-f833-ff5a-000000000959 | TIMING | Release the cluster shutdown lock | ovn-db-01 | 0:00:59.366493 | 0.06s
2021-09-10 10:05:18.704368 | 001c2891-506d-f833-ff5a-00000000095a | TASK | Clear ovndb cluster pacemaker error
2021-09-10 10:05:19.368816 | 001c2891-506d-f833-ff5a-00000000095a | FATAL | Clear ovndb cluster pacemaker error | ovn-db-01 | error={"changed": true, "cmd": "pcs resource cleanup ovn-dbs-bundle", "delta": "0:00:00.399084", "end": "2021-09-10 10:05:20
.044985", "msg": "non-zero return code", "rc": 1, "start": "2021-09-10 10:05:19.645901", "stderr": "Error: Unable to forget failed operations of resource: ovn-dbs-bundle\nError connecting to the CIB manager: Transport endpoint is not connected\nError perf
orming operation: Transport endpoint is not connected", "stderr_lines": ["Error: Unable to forget failed operations of resource: ovn-dbs-bundle", "Error connecting to the CIB manager: Transport endpoint is not connected", "Error performing operation: Tran
sport endpoint is not connected"], "stdout": "", "stdout_lines": []}
We cannot call pcs resource cleanup at step1, we must call it at step0 so we're
guaranteed that the cluster is up, no matter how heat/ansible decide to order
the update_tasks.
Note: This is the short-term less-invasive fix. The mid-long term fix
should be around verifying that we can now remove those workarounds
that were implemented for OVN bugs.
Closes-Bug: #1943254
Change-Id: Idd827f72c0033978db7b9a8ea6acec2086cda961
The routed-networks.yaml template has a typo in it that causes it to
fail if you use it verbatim, or as the basis for your network data.
Additional properties are not allowed (\"end'\" was unexpected)\n
This is because there is a trailing ' in the definition.
Change-Id: Ie926afdf219179ac285be96b3f05a512c970be02
Configure api_base_uri to DesignateEndpoint URI because default
127.0.0.1:9001 is returned instead of a valid endpoint URI. This
behavior breaks openstacksdk starting with 0.31.2 but wasn't seen
with previous version.
Change-Id: Ie531ea68a3d8e98e40a58d9c5ee484eb134abb96
Add additional OIDC Options to allow for
user defined configuration.
This change adds:
KeystoneOpenIdcClaimDelimiter
KeystoneOpenIdcPassUserInfoAs
KeystoneOpenIdcPassClaimsAs
Depends-On: https://review.opendev.org/c/openstack/puppet-keystone/+/803868
Change-Id: I058486dda2d77d2456fd55b5823cb9684de8549b
Currently, we are setting file ACLs on /var/lib/neutron as part of
upgrade tasks if there is a neutron user in the system. Since moving to
containerized deployment, we don't have neutron user on the system
anymore. This code was added to resolve issues arising with existing
neutron resources when moving from system services to containerized
services.
This patch is to remove the stale upgrade tasks to remove file ACLs.
Closes-Bug: #1943034
Signed-off-by: Purandhar Sairam Mannidi <pmannidi@redhat.com>
Change-Id: I19f457a99dedfd781bd56987e3fea6626737500d
When ceph is deployed via TripleO, during the overcloud deployment
phase the tripleo_cephadm role is able to add a new trash purge
scheduler. This change exposes the tripleo CephRbdTrashPurgeInterval
which defines the interval that will be applied to the scheduler.
Depends-On: Ide51ba4cef7c9f0df78d505f7429745285d7d484
Change-Id: I6d560bbd67958ec484248ad0b20ef30f1f9593b8
Adds a parameter for configuring the managed resource email address used
to configure the email address included in DNS zone SOAs.
Change-Id: Ic7a0f5d21f138b9e522e8729163e01bfb9ae69dc
rabi
Zuul
Alex Schultz
Damien Ciabrini
Julia Kreger
Michele Baldessari
Jesse Pretorius (odyssey4me)
Lance Bragstad
Martin Magr
David Hill
Brendan Shephard
Purandhar Sairam Mannidi
Francesco Pantano
Brent Eagles