22 Commits

Author SHA1 Message Date
Sagi Shnaidman
016f7c6002 Remove unnecessary slash volume maps
When podman parses such volume map it removes the slash
automatically and shows in inspection volumes w/o slash.
When comparing configurations it turns to be a difference and
it breaks idempotency of containers, causing them to be recreated.

Change-Id: Ifdebecc8c7975b6f5cfefb14b0133be247b7abf0
2019-12-04 20:32:14 +02:00
Kevin Carter
50367fbe35 Convert firewall rules to use TripleO-Ansible
This change converts our filewall deployment practice to use
the tripleo-ansible firewall role. This change creates a new
"firewall_rules" object which is queried using YAQL from the
"FirewallRules" resource.

A new parameter has been added allowing users to input
additional firewall rules as needed. The new parameter is
`ExtraFirewallRules` and will be merged on top of the YAQL
interface.

Depends-On: Ie5d0f51d7efccd112847d3f1edf5fd9cdb1edeed
Change-Id: I1be209a04f599d1d018e730c92f1fc8dd9bf884b
Signed-off-by: Kevin Carter <kecarter@redhat.com>
2019-11-18 15:40:22 -06:00
Jose Luis Franco Arza
4cbae84c75 Get rid of docker removing in post_upgrade tasks.
When upgrading from Rocky to Stein we moved also from using the docker
container engine into Podman. To ensure that every single docker container
was removed after the upgrade a post_upgrade task was added which made
use of the tripleo-docker-rm role that removed the container. In this cycle,
from Stein to Train both the Undercloud and Overcloud work with Podman, so
there is no need to remove any docker container anymore.

This patch removes all the tripleo-docker-rm post-upgrade task and in those
services which only included a single task, the post-upgrade-tasks section
is also erased.

Change-Id: I5c9ab55ec6ff332056a426a76e150ea3c9063c6e
2019-11-12 16:33:38 +01:00
Alex Schultz
7906fb43be Drop legacy log folder and readme
We switched to containers a long time ago. This patch drops the
management of a /var/log/<service> directory and the creation of a
readme indicating that we've moved to containers which makes the logging
available under /var/log/containers/<service>

Change-Id: Ia4e991d5d937031ac3312f639b726a944743dd1e
2019-11-04 09:19:07 -07:00
Alex Schultz
f2147c9974 Ensure service log folder permissions
We should ensure that the service folders are 0750. We're setting
/var/log/containers but we should also ensure the service folders also
have the correct permissions.

Change-Id: I28e8017edc7e30a60288adf846da722fd6ab310e
2019-11-04 08:48:24 -07:00
Emilien Macchi
81258ae551 Convert container environment from a list to a dict
Moving all the container environments from lists to dicts, so they can
be consumed later by the podman_container ansible module which uses
dict.

Using a dict is also easier to parse, since it doesn't involve "=" for
each item in the environment to export.

Change-Id: I894f339cdf03bc2a93c588f826f738b0b851a3ad
Depends-On: I98c75e03d78885173d829fa850f35c52c625e6bb
2019-10-16 01:29:31 +00:00
Harald Jensås
6e202df4ea Fix Ironic configuration for IPv6
When using IPv6 for provisioning baremtal nodes ironic.conf
needs:
  - [pxe]/ip_version must be set to '6'. Add parameter
    IronicIpVersion.
  - [deploy]/http_url must have the IPv6 address wrapped.
    Use the $NETWORK_uri value from hiera which carries
    an ip address fit for use in url.

Related-Bug: #1845746
Depends-On: Ib29adccc8378bd3e2a46b7d2ca3cfacba55e7674
Change-Id: I6384e11dd68cdbf2179545caae2c818fd1a6b23e
2019-10-01 06:13:19 +00:00
Zuul
50f02ff9b9 Merge "Ironic: disallow deployment and cleaning in maintenance mode" 2019-09-28 03:18:02 +00:00
Dmitry Tantsur
036946bc7d Ironic: disallow deployment and cleaning in maintenance mode
This is a common source of confusion for users since ironic essentially
gets stuck in "wait call-back" or "clean wait" state. See e.g.
https://bugzilla.redhat.com/show_bug.cgi?id=1712561

Depends-On: https://review.opendev.org/#/c/683970/
Change-Id: I3b3f6037970e741f93549878e4e36d36297be9c3
2019-09-23 16:15:14 +02:00
Harald Jensås
d2b607c976 Use _uri which is wrapped if IPv6 for ironic tftp
Use $NETWORK_uri for ironic::pxe::tftp_bind_host so that
the wrapped ip address is picked up from hieradata when
IPv6 is used.

Closes-Bug: #1844713
Change-Id: I874d5eb401113fb9a1664be0b3cd29e76756d970
2019-09-19 22:01:30 +02:00
Jose Luis Franco Arza
d1035703b7 Force removal of docker container in tripleo-docker-rm.
The tripleo-docker-rm role has been replaced by tripleo-container-rm [0].
This role will identify the docker engine via the container_cli variable
and perform a deletion of that container. However, these tasks inside the
post_upgrade_tasks section were thought to remove the old docker containers
after upgrading from rocky to stein, in which podman starts to be the
container engine by default.

For that reason, we need to ensure that the container engine in which the
containers are removed is docker, as otherwise we will be removing the
podman container and the deployment steps will fail.

Closes-Bug: #1836531
[0] - 2135446a35

Depends-On: https://review.opendev.org/#/c/671698/
Change-Id: Ib139a1d77f71fc32a49c9878d1b4a6d07564e9dc
2019-07-19 12:37:35 +00:00
Dan Prince
a68151d02a Convert Docker*Image parameters
This converts all Docker*Image parameter varients into
Container*Image varients.

The commit was autogenerated with the following shell commands:

for file in $(grep -lr Docker.*Image --include \*.yaml --exclude-dir releasenotes); do
  sed -e "s|Docker\([^ ]*Image\)|Container\1|g" -i $file
done

Change-Id: Iab06efa5616975b99aa5772a65b415629f8d7882
Depends-On: I7d62a3424ccb7b01dc101329018ebda896ea8ff3
Depends-On: Ib1dc0c08ce7971a03639acc42b1e738d93a52f98
2019-06-05 14:33:44 -06:00
Bogdan Dobrelya
7cbcea8b52 Add support for Ironic Conductor Groups
Allows to distrubute baremetal nodes over multiple Ironic
Conductor instances running on undercloud/minions.

Related-Blueprint: undercloud-minion

Change-Id: I05c16412f623165d99dfa020ae9d864034728512
Signed-off-by: Bogdan Dobrelya <bdobreli@redhat.com>
2019-05-31 15:56:13 +02:00
Alan Bishop
c5fe51147b Use RpcPort for container healthchecks
Update healthcheck commands that probe oslo's messaging port to use the
RpcPort parameter. Previously, some templates referenced the service's
own 'rabbit_port' config setting, which led to malformed healthcheck
commands when the 'rabbit_port' settings were deprecated.

Update the templates that looked up the port in the RabbitMQService's
global_config_settings. Not only did this break the oslo abstraction
by referring to a specific messaging backend (rabbit), it broke
split-stack deployments in which the RabbitMQService is not actually
deployed on the secondary stack's nodes.

This patch creates a common healthcheck command using the RpcPort
parameter in containers-common.yaml. This allows other templates to
reference a common healthcheck command. Other templates that should
also use this can be cleaned up in a separate patch.

Closes-Bug: #1825342
Change-Id: I0d3974089ae6e6879adab4852715c7a1c1188f7c
2019-05-09 14:41:36 -04:00
Dan Prince
a52498ab4d Move containers-common.yaml into deployment
Change-Id: I8cc27cd8ed76a1e124cbb54c938bb86332956ac2
Related-Blueprint: services-yaml-flattening
2019-04-14 18:15:12 -04:00
Emilien Macchi
860333cf31 Rename /var/lib/docker-config-scripts to /var/lib/container-config-scripts
We don't have Docker anymore so let's avoid confusion and rename this
directory.

Change-Id: I79fca28ef8e5396fee78bef992fd800918f05b88
2019-03-26 21:21:57 +00:00
Sergii Golovatiuk
2a8fcc4ddf Remove UpgradeRemoveUnusedPackages
UpgradeRemoveUnusedPackages is not used anymore. All packages are
supposed to be removed on undercloud upgrade to 14.

Change-Id: Ie6b739390ec0ae0c5773a5a6c63b49422195623a
2019-03-19 13:40:02 +00:00
Emilien Macchi
160cddda3f Rename docker_config_scripts to container_config_scripts
Change-Id: Iabd65560c2fc28b3aeca07a21efa861c4c583c01
2019-03-06 09:05:50 -05:00
David J Peacock
1d3fe8cb27 flatten database service MySQL Client
This change combines the previous puppet and docker files into a single
file that performs the docker service installation and configuration.

With this patch the baremetal version of database service MySQL Client
has been removed.

Change-Id: I855524f30cfe3c8cdab6c52a67fba0dee157103d
Related-Blueprint: services-yaml-flattening
2019-01-30 09:38:32 -05:00
Carlos Camacho
1e318b569e Ensure logs folder is created in prep hosts tasks.
We have non fatal errors in the upgrade
jobs execution if the logs folder is not
created when adding the readme.txt file
to clarify the possible locations of
the logs.

Closes-Bug: 1811708
Change-Id: Ibc0a266bdc6630eaf34bfadeff21f7bd72fa75ad
2019-01-18 09:28:56 +01:00
Dmitry Tantsur
8865d01da5 ironic: enable the ipxe boot interface by default
Ironic is separating the pxe and ipxe implementations into separate boot
interfaces, deprecating the ipxe part of the pxe interface. This change
enables the new ipxe interface instead.

Story: #1628069
Change-Id: Icffcfae290f94f91823d80cc640f4a9bf9eafa5f
2019-01-04 16:35:09 +01:00
Cédric Jeanneret
ced9f888e9 Flatten Ironic services configuration
This change combines the previous puppet and docker files into a single file
that performs the docker service installation and configuration.

With this patch the baremetal version of Ironic services have been removed.

Change-Id: Icb33158a129356d939940433c82dae25a6334baf
Related-Blueprint: services-yaml-flattening
2018-12-14 07:25:13 +01:00