With I57047682cfa82ba6ca4affff54fab5216e9ba51c Heat has added
a new template version for wallaby. This would allow us to use
2-argument variant of the ``if`` function that would allow for
e.g. conditional definition of resource properties and help
cleanup templates. If only two arguments are passed to ``if``
function, the entire enclosing item is removed when the condition
is false.
Change-Id: I25f981b60c6a66b39919adc38c02a051b6c51269
This changes all these parameters as heat would correctly
parse all values. Also, drops all yaql shenanigans
used for their handling and heat conditions.
Also fixes wrong usage of non-existent NeutronWrapperDebug
parameter in ovn-metadata-container-puppet.yaml.
We had converted all ``Debug`` parameters to boolean with
Ib6c3969d4dd75d5fb2cc274266c060acff8d5571.
Change-Id: Ia2bffffde34aa248a4cc60c3895464f1f9d1ded2
- ceilometer::agent::compute class was removed in Train release.
ceilometer::agent::polling class should be used instead.
change: I33c45e1ac69348df3d4f0a0df4561295123bdcce
Partial-Bug: #1916386
Change-Id: I597929128741be97bd859ea76e7f8dd8f7ac19fd
In 1ceb521805875b41ebfafb1ff7a862df4df6fd16 we added these and
can be simplified as they are are boolean parameters to get
rid of the redundant heat intrinsic functions.
Change-Id: I3851187c83965db5ecafcc945bff1fe3a5aa9ff4
This was mainly there as an legacy interface which was
for internal use. Now that we pull the passwords from
the existing environment and don't use it, we can drop
this.
Reduces a number of heat resources.
Change-Id: If83d0f3d72a229d737a45b2fd37507dc11a04649
Convert the NotificationDriver to a comma_delimited_list.
This will still not break existing templates because passing
a string is still completely valid. This is done so that the hiera keys
will be passed down as lists.
The oslo::messaging::notifications::driver expects a list anyway so this
won't break things and will allow us to actually specify multiple
notification drivers correctly. The change that allowed
oslo::notifications to use both strings and lists is
If65946412b42e0919456ed92fdd8e3788ad67872 (Messaging notifications
should be set as a list)
Related-Bug: #1851629
Change-Id: I24c860cd3121e5c307233864818ca86967ff6d72
Health check of Ceilometer compute agent does not check connection to RabbitMQ,
but connection to Redis, hence it should not use the RpcPort parameter.
Change-Id: Ic573d5a1fa1d695d19934246fe4d48c0d3065eb1
Currently we disable Telemetry services like Ceilometer by defaut,
which means that we don't have any consumers for notification messages.
So NotificationDriver should be set as noop by default so that we don't
have unconsumed messages in notification queues.
Change-Id: I1d05749c94bd58ad4badafa7d9755009cb4b64af
Closes-Bug: #1869355
Now that the FFU process relies on the upgrade_tasks and deployment
tasts there is no need to keep the old fast_forward_upgrade_tasks.
This patch removes all the fast_forward_upgrade_tasks section from
the services, as well as from the common structures.
Change-Id: I39b8a846145fdc2fb3d0f6853df541c773ee455e
There is no real value using /var/run instead of /run, especially since
/var/run is a symlink to /run.
This patch also removes duplicated mounts due to this very symlink.
Change-Id: Iaced2ba676a4e4f651c67da082797cc1c1ffccd1
Not sure why ceilometer_gnocchi_upgrade has healthcheck key in its
configuration but the container isn't managed by systemd and it's only
running a one-off shell command to upgrade ceilometer so it should not
have a healthcheck.
Change-Id: I38aa38099a2d759c1b1f2e14d64c36d52c0b1c0e
Related-Bug: #1873249
In [0] it was changed the type of some of the ports
used in the service. The template needs to be adapted
to be able to work correctly.
[0] - https://github.com/voxpupuli/puppet-collectd/commit/d7b79c
Change-Id: Ied613222a593566634c69fd63f891f0ac1497f86
Related-Bug: #1871086
Almost every single tripleo service creates a persistent directory. To
simplify the creation, a with_items structure was being used. In which
many times, the mode option was being set. However, that mode option
was not taken into account at the time of creating the file. As a
consequence, the directory was being created with its father directory
rights, instead of the ones being passed in the template.
Change-Id: I215db2bb79029c19ab8c62a7ae8d93cec50fb8dc
Closes-Bug: #1871231
Current puppet modules uses only absolute name to include classes,
so replace relative name by absolute name in template files so that
template description can be consistent with puppet implementation.
Change-Id: I7a704d113289d61ed05f7a31d65caf2908a7994a
Ceilometer is adding the topic prefix and suffix automatically, which makes the resulting
topic have the 'ceilometer/' prefix and '.sample' suffix duplicated.
This patch also adds comment to ceilometer env to ensure user deploys Redis for coordination.
Change-Id: I26027cd9b9eb1d166eae52021b1aef9d82a975f3
- deploy-steps-tasks-step-1.yaml: Do not ignore errors when dealing
with check-mode directories. The file module is resilient enough to
not fail if the path is already absent.
- deploy-steps-tasks.yaml: Replace ignore_errors by another condition,
"not ansible_check_mode"; this task is not needed in check mode.
- generate-config-tasks.yaml: Replace ignore_errors by another
condition, "not ansible_check_mode"; this task is not needed in check mode.
- Neutron wrappers: use fail_key: False instead of ignore_errors: True
if a key can't be found in /etc/passwd.
- All services with service checks: Replace "ignore_errors: true" by
"failed_when: false". Since we don't care about whether or not the
task returns 0, let's just make the task never fail. It will only
improve UX when scrawling logs; no more failure will be shown for
these tasks.
- Same as above for cibadmin commands, cluster resources show
commands and keepalived container restart command; and all other shell
or command or yum modules uses where we just don't care about their potential
failures.
- Aodh/Gnocchi: Add pipefail so the task isn't support to fail
- tripleo-packages-baremetal-puppet and undercloud-upgrade: check shell
rc instead of "succeeded", since the task will always succeed.
Change-Id: I0c44db40e1b9a935e7dde115bb0c9affa15c42bf
Allow the MetricsQdrNetwork to vary by role. This is needed
as the CephStorage, BlockStorage, and ObjectStorage roles need
to use the storage network, while other roles need internal_api.
Change-Id: I37611d516495b2b82b56a08df8b6ac38e0687083
Signed-off-by: Ryan McCabe <rmccabe@redhat.com>
ceilometer::keystone::authtoken module is never loaded, so remove
hieradata related to the module.
Change-Id: I4f89235b15a71435797b070fd664dda1eff0ebfc
While they are, at SELinux level, exactly the same (one is an alias to
the other), the "container_file_t" name is easier to understand (and
shorter to write).
A second pass in a couple of days or weeks will be needed in order to
change files that were merged after this first pass.
Change-Id: Ib4b3e65dbaeb5894403301251866b9817240a9d5
This patch:
- moves Ceilometer notification agent to proper composable service
- Adds possibility to configure query parameters for notifier publishers
Change-Id: Ieb3d97c3e2c3190607902227980e1ef4a1de2c8e
Depends-On: I5cd0b6e99f5ffcc495225c61f0773240d90e7930
The next iteration of fast-forward-upgrade will be
from queens through to train, so we update the names
accordingly.
Change-Id: Ia6d73c33774218b70c1ed7fa9eaad882fde2eefe
auth_uri parameter in authtoken was already removed from puppet modules[1],
so remove it from hieradata.
Also, some service templates missed www_authenticate_uri, which was
introduced as a replacement of auth_uri, so add it to make sure that
we have a correct parameter confugured.
[1] I12b4049e4942911c8d1d8027c579eb4c0d1a53eb
Change-Id: I1e8378f58662377344194916e8bc336df02d0591
Ansible has decided that roles with hypens in them are no longer supported
by not including support for them in collections. This change renames all
the roles we use to the new role name.
Depends-On: Ie899714aca49781ccd240bb259901d76f177d2ae
Change-Id: I4d41b2678a0f340792dd5c601342541ade771c26
Signed-off-by: Kevin Carter <kecarter@redhat.com>
While we can specify keystone region where all keystone resources
are created, currently we don't set the specified region correctly
in credential configurations used for authtoken middleware.
Configure region parameter for authtoken according to the parameter
KeystoneRegion so that we're consistent about the region where
we expect to have service users created.
Change-Id: Icc0ee9a859c2c67cae92339c6b4102946150269f
When podman parses such volume map it removes the slash
automatically and shows in inspection volumes w/o slash.
When comparing configurations it turns to be a difference and
it breaks idempotency of containers, causing them to be recreated.
Change-Id: Ifdebecc8c7975b6f5cfefb14b0133be247b7abf0
Disable the legacy telemetry services aodh, gnocchi,
ceilometer, and redis by default.
DocImpact
Signed-off-by: Ryan McCabe <rmccabe@redhat.com>
Change-Id: I8200e76f254fe6dd76f28d0768373a211927cfc3
When upgrading from Rocky to Stein we moved also from using the docker
container engine into Podman. To ensure that every single docker container
was removed after the upgrade a post_upgrade task was added which made
use of the tripleo-docker-rm role that removed the container. In this cycle,
from Stein to Train both the Undercloud and Overcloud work with Podman, so
there is no need to remove any docker container anymore.
This patch removes all the tripleo-docker-rm post-upgrade task and in those
services which only included a single task, the post-upgrade-tasks section
is also erased.
Change-Id: I5c9ab55ec6ff332056a426a76e150ea3c9063c6e
We switched to containers a long time ago. This patch drops the
management of a /var/log/<service> directory and the creation of a
readme indicating that we've moved to containers which makes the logging
available under /var/log/containers/<service>
Change-Id: Ia4e991d5d937031ac3312f639b726a944743dd1e
We should ensure that the service folders are 0750. We're setting
/var/log/containers but we should also ensure the service folders also
have the correct permissions.
Change-Id: I28e8017edc7e30a60288adf846da722fd6ab310e
Moving all the container environments from lists to dicts, so they can
be consumed later by the podman_container ansible module which uses
dict.
Using a dict is also easier to parse, since it doesn't involve "=" for
each item in the environment to export.
Change-Id: I894f339cdf03bc2a93c588f826f738b0b851a3ad
Depends-On: I98c75e03d78885173d829fa850f35c52c625e6bb
This patch removes fluentd composable service in favor of rsyslog composable service
and modifies *LoggingSource configuration accordingly.
Change-Id: I1e12470b4eea86d8b7a971875d28a2a5e50d5e07
Before we start services on upgraded bootstrap
controller (usually controller-0), we need to
stop services on unupgraded controllers
(usually controller-1 and controller-2).
Also we need to move the mysql data transfer
to the step 2 as we need to first stop the
services.
Depends-On: I4fcc0858cac8f59d797d62f6de18c02e4b1819dc
Change-Id: Ib4af5b4a92b3b516b8e2fc1ae12c8d5abe40327f
The tripleo-docker-rm role has been replaced by tripleo-container-rm [0].
This role will identify the docker engine via the container_cli variable
and perform a deletion of that container. However, these tasks inside the
post_upgrade_tasks section were thought to remove the old docker containers
after upgrading from rocky to stein, in which podman starts to be the
container engine by default.
For that reason, we need to ensure that the container engine in which the
containers are removed is docker, as otherwise we will be removing the
podman container and the deployment steps will fail.
Closes-Bug: #1836531
[0] - 2135446a35
Depends-On: https://review.opendev.org/#/c/671698/
Change-Id: Ib139a1d77f71fc32a49c9878d1b4a6d07564e9dc