The redhat-subscription ansible module doesn't cover the case
when a system is already registered via Satellite and we try to
upgrade it's repositories to a new version providing a different
activation key. The role will catch that the system is already
registered and it won't register the new activation key.
This patch passes the rhsm_force_registration option when invoking
redhat-subscription during an upgrade. This way the system will
be unregistered and registered again, activating the new key passed.
Change-Id: I9cd35882e5db47d22df8a456749188c17b48e451
Closes-Bug: #1807987
We don't need upgrade_tasks that stop systemd services since all
services are now containerized.
However, we decided to keep the tasks that remove the rpms in case some
of deployments didn't cleanup them in previous releases, they can still
do it now.
Change-Id: I6abdc9e37966cd818306f7af473958fd4662ccb5
Related-Bug: #1806733
In docker-puppet.py script we try to relable
/usr/share/openstack-puppet/modules by adding ":z" suffix
in the end.
Unfortunatelly this operation is not allowed in docker with
enabled SELinux. Docker's error message is:
Error response from daemon: error setting label on mount source
'/usr/share/openstack-puppet/modules': SELinux relabeling of
/usr/share/openstack-puppet/modules is not allowed:
"Relabeling content in /usr is not allowed.".
It leads to the fact that during the configuration the jobs fails
with "Permission denied - /usr/share/openstack-puppet/modules"
There is no need to relable that folder since it's read-only.
After removing ":z" it is possible to deploy the overcloud with
enabled SELinux.
Closes-Bug: #1807680
Change-Id: I11c7c5e9594fe0cdb2a114f81033651e411c9e3c
Containers inherit file descriptor limit from docker daemon (currently:1048576)
which is very high causing python2 subprocess to take very long and ansible
facts gathering to time out.
This patch defaults nofile limit to 1024 for mistral-executor, like it is
on the baremetal node.
Co-Authored-By: Yatin Karel <ykarel@redhat.com>
Change-Id: Ia76fcb87fc98fd93d6f487dd40d407c0bc875ffd
Related-Bug: 1806073
... and use host_prep_tasks from config-download.
We are trying to HostPrepConfig resource that use OS::Heat::SoftwareConfig
and the old fashion to run Ansible, for more native config-downlaod.
undercloud_pre is the only service that needs HostPrepConfig now, so
let's switch to config-download.
It restarts keepalived container at each undercloud install & upgrade.
Also it adds support for podman as it uses container_cli variable.
Note: the workaround can still be removed once we have Keepalived 2.0.6
but it won't happen before CentOS8 probably.
Change-Id: I7454013c2e37058b5010a2a6cacfae0d0f873744
Related-Bug: #1791238
The integration between podman and pacemaker is still work in progress.
While it's being done, let's remove pacemaker from this job, so we can
have at least one CI job running with podman on the overcloud.
We still have coverage for pacemaker in the container-upgrade jobs.
This patch will likely be reverted once we have pacemaker + podman
ready for centos7.
Change-Id: I8638386c8f394c98b047fb2ae4ff97daeeaf4475
This change combines the previous puppet and docker files into a single
file that performs the docker service installation and configuration.
With this patch the baremetal version of aodh services have been
removed.
Co-Authored-By: Juan Antonio Osorio Robles <jaosorior@redhat.com>
Depends-On: https://review.rdoproject.org/r/#/c/16994/
Change-Id: I39645aff0365218d4b841ed0d9c964b3622f143a
Related-Blueprint: services-yaml-flattening
Since we're looking at flattening the services into a deployment/
folder, we need to update the validation script to also handle this
directory structure. Additionally this change updates the service name
validation to ensure that the service name in matches the start of the
filename itself.
Change-Id: Ibb140a38b69a8780adf69362e0f437b3426f360d
Related-Blueprint: service-yaml-flattening
"data" folder mounted on host sometimes makes ODL
believe that it has boot features installed. So ODL
doesnot generate required files.
So don't mount that folder so that ODL can boot
properly on restart.
Closes-Bug: #1805859
Change-Id: Icb415f6ac379e757edfe6dd73f80484a6697d152
The NtpServer default set now includes multiple pool.ntp.org hosts to
ensure that the time can be properly synced during the deployment.
Having only a single timesource can lead to deployment failures if the
time source is unavailable during the deployment. It is recommended
that you either set multiple NtpServers or use the NtpPool
configuration to ensure that enough time sources are available for the
hosts. Note that the NtpPool configuration is only available when using
chrony.
Change-Id: I5b82d77cbf0f2e8c2a59645a72aa533d7d2c86b8
Closes-Bug: #1806521