10244 Commits

Author SHA1 Message Date
Nate Johnston
f3df90f2c0 Set arp_notify to match ndisc_notify
A previous change [1] enabled ndisc_notify, which is the IPv6 equivalent
for IPv4's arp_notify.  Enable the latter to keep them consistent with
each other.

Change-Id: I15e8348585a9c0ee824a4c123677992010980b9e
Related-Bug: #1827927
2019-05-07 16:51:04 -04:00
Alex Schultz
6ce5b5e12d Revert "Switch off nova metadata api on the undercloud"
This reverts commit 28a675dea5444ddb6de34fbdfc5599702e03cef5.

Change-Id: I7bfd1fc7b7fa873d249a158604c2f5fe57a86a25
Closes-Bug: #1828065
2019-05-07 15:15:30 +00:00
Mathieu Bultel
9755a1b2d6 Enable serial execution for ansible host
Allow to override serial parameter for parallel execution
in Ansible

Needed-By: Iafd7c58aaf2f1b30cf46cd16122b5821c96c497c
Needed-By: I15511b4f36260292e0ea4100b15b8e65a701b38b

Change-Id: I707282bf3cfcc7e370af41f987700e39c1b0b268
2019-05-07 14:03:27 +00:00
Jose Luis Franco Arza
a8ec699416 Clean up leftover mount point after docker stop.
Some mountpoints are left on the host after docker shut down.  This
seems to be an issue with docker, but couldn't trace it back to a
specific docker bug.

In the meantime to unblock the upgrade CI we make sure that every
mount point under /var/lib/docker are umounted before deleting that
directory.

Note that we need to keep the order right, so that we do a depth first
list so that umount can do leaves before root.

Closes-Bug: #1826375
Co-Authored-By: Sofer Athlan-Guyot <sathlang@redhat.com>

Change-Id: I03a065556caca4385bb8b28be0dfbe21addbf003
2019-05-07 10:15:52 +02:00
Kamil Sambor
d2fae913d9 Copy keys for tripleo-admin user
Change-Id: Iab64473d2b5ccc910d226fc6bec06c73f43515b8
Partial-Bug: #1824326
2019-05-07 10:01:18 +02:00
Zuul
a5d7d84a02 Merge "Enable ndisc_notify sysctl setting to notify of MAC changes" 2019-05-07 03:21:08 +00:00
Zuul
1c4d4e3862 Merge "Remove NTP" 2019-05-06 23:49:41 +00:00
Zuul
c6a8010dcf Merge "Use timesync service" 2019-05-06 23:29:12 +00:00
Zuul
7fb48013a4 Merge "Clean metrics related environments" 2019-05-06 20:38:52 +00:00
Dan Sneddon
4b113a7a12 Enable ndisc_notify sysctl setting to notify of MAC changes
On RHEL/CentOS systems, ndisc_notify is disabled by default. When
OVS restarts or an internal port flaps, the MAC address may change.
Without ndisc_notify, neighbor hosts on the same network will not
know about the MAC change, and will lose connectivity until the MAC
timer expires.

This change sets net.ipv6.conf.all.ndisc_notify to 1, which will
cause a gratuitous neighbor discovery packet which will update MAC
address tables on neighboring hosts.

Change-Id: I89062275541d7c6bb6fb725f5283ba59feb38a94
Closes-bug: 1827927
2019-05-06 11:45:17 -07:00
Zuul
209c2919f6 Merge "Scale-down tasks for RHSM" 2019-05-06 16:16:36 +00:00
Arx Cruz
9e14ae6c92 Set configure_delegated_roles a parameter
The configure_delegated_roles configure if the heat_stack_onwer role
would be created or not by keystone. Right now this is set to false,
without any way to override to true. This patch change this option to be
a parameter and it also change scenario001 to true in order to run heat
tempest tests.

Change-Id: I916cc4842ccef587a25b06cb422436953974e790
2019-05-06 13:15:43 +00:00
Emilien Macchi
d1b187a56a Scale-down tasks for nova-compute
This patch will properly tear down a compute node.
It's running openstackclient from the Undercloud against Nova API on the
Overcloud, to disable and delete the nova compute service.
Then it's disabling and stopping the containers.

Change-Id: Iedf5b45b9870ad90735d5d7f7c7cafe638db67d1
2019-05-05 15:23:28 +01:00
Zuul
577f507dfe Merge "Revert "mistral: configure heartbeat parameters to avoid action timeout"" 2019-05-04 20:13:11 +00:00
Zuul
96f8dc7807 Merge "Enable Podman Service For Lacking Roles" 2019-05-04 19:24:58 +00:00
Zuul
20e099bbc1 Merge "Use oslo_messaging_rpc_port for nova rpc healthchecks" 2019-05-04 17:22:39 +00:00
Emilien Macchi
738486f108 Revert "mistral: configure heartbeat parameters to avoid action timeout"
This reverts commit 374fafd66afa792ba197403b479dadbfa3055bce.

The root cause of the timeout has been addressed by:
Id22b1465d6d2424d90781983b970aba4545feb8a

We don't need that horrible hack.
Related-Bug: #1826281

Change-Id: I5f1c89e7fad7624c2edbf557ec39f5777b089d55
2019-05-04 14:52:25 +00:00
Vadim Khitrin
894481fafe Enable Podman Service For Lacking Roles
ComputeOvsDpdkSriov, ComputeOvsDpdkSriovRT and CellController roles do
not include OS::TripleO::Services::Podman which may cause Overcloud deployments to
fail.

Adding Podman service to these roles in order to be aligned with the rest of the roles.

Change-Id: If9b9ffa4651133b966ea0c28069dd1a81f3b2df5
2019-05-04 17:17:50 +03:00
Zuul
4c3b51cbc4 Merge "Fix cinder-backup deployment templates" 2019-05-03 21:58:55 +00:00
Alex Schultz
3abededac2 Remove NTP
Chrony has replaced the usage of ntp and is not supported beyond Stein.

Change-Id: Iab476205f29e0ca9e4053c0c9fb2d051b72b13f0
Related-Blueprint: tripleo-chrony
2019-05-03 14:42:15 -06:00
Alex Schultz
90562b6f5d Use timesync service
The Ntp service should no longer defined on the roles as we should be
using the meta Timesync service to ensure the correct service is defined
for the sync service.

Change-Id: Ic2fb3291de78891d05ef12e3778263fe74fbff8c
Related-Blueprint: tripleo-chrony
Closes-Bug: #1827676
2019-05-03 14:41:27 -06:00
Zuul
17f70ba91e Merge "Split upgrade_steps_playbook into different plays." 2019-05-03 13:41:34 +00:00
Zuul
71bb8ff635 Merge "Remove ceph-ansible fetch directory as privileged user" 2019-05-03 00:51:46 +00:00
Zuul
dc3c396b34 Merge "Avoid issues with non-existing directories" 2019-05-03 00:19:57 +00:00
Zuul
29034440a8 Merge "Switch off nova metadata api on the undercloud" 2019-05-02 21:40:41 +00:00
Zuul
94676125a3 Merge "Adjust deployed-server install package list for RHEL8" 2019-05-02 21:40:31 +00:00
Zuul
d4dab0cb8e Merge "Set debug level of nova container_config_scripts only when enabled" 2019-05-02 17:48:08 +00:00
Steve Baker
36148ff6a8 Propagate AdditionalArchitectures to container image prepare
This list will be used by container image prepare to determine whether
to prepare images for every architecture in the registry, or just for
the default architecture.

Change-Id: Ie2885e5a5cdd6dde71be996950154cd2e759062f
Blueprint: multiarch-support
2019-05-02 11:33:57 -06:00
Matthias Runge
db89f2d9a5 Avoid issues with non-existing directories
at deploy time.

Change-Id: I693a21f1d6b48602642fe161d5f0ee2bc03e3acf
2019-05-02 17:33:53 +02:00
Zuul
06362bcdc2 Merge "Add ServiceNetMap to global_vars" 2019-05-02 01:13:20 +00:00
Zuul
ebde0249fc Merge "Add Keystone admin/public to enabled services list" 2019-05-02 01:10:38 +00:00
Marius Cornea
d9c83dbf9b Adjust deployed-server install package list for RHEL8
- python-ipaddress is not available in rhel8
 - python3-heat-agent* need to be installed instead of
   python-heat-agent*
 - lvm2 is required by ceph deployments

Closes-bug: 1827276

Change-Id: Id5eb7edb48a7c56e8c9a3798fc8bd3eb08f4294a
2019-05-01 16:46:12 -04:00
Marius Cornea
87549eb4c5 Remove ceph-ansible fetch directory as privileged user
Currently the 'Remove ceph-ansible fetch directory' task fails with
permission denied.

Change-Id: Iab61b0fed8251ffe0e208d12abd874d02a37027f
Closes-bug: 1827273
2019-05-01 15:47:09 -04:00
Zuul
694777ba05 Merge "Introduce scale_tasks" 2019-04-30 23:54:00 +00:00
Steve Baker
28a675dea5 Switch off nova metadata api on the undercloud
All known consumers of boot data (os-collect-config, etc) have a
preference for using config-drive as the data source.

The last known consumer was novajoin, but that switched to preferring
config-drive early in the Stein development cycle[1] so it should now
be safe to switch off the nova metadata API service.

[1] https://review.opendev.org/#/c/607492/
Blueprint: nova-less-deploy

Change-Id: If35aec24f446769fca7897c2126fb6657454f073
2019-04-30 14:10:32 -06:00
Martin Schuppert
4d4263f4f1 Set debug level of nova container_config_scripts only when enabled
Right now all scripts log in DEBUG level. This change enables only
DEBUG level if debug is also enabled for the nova service.

Change-Id: Ie58a6630877a58bec8ce763ede166997bd41f882
2019-04-30 14:40:33 +02:00
Zuul
cf553f90fe Merge "ensure /var/run/redis is present upon reboot" 2019-04-30 11:32:30 +00:00
Martin Schuppert
372ca22483 Use oslo_messaging_rpc_port for nova rpc healthchecks
With 405366fa32583e88c34417e5f46fa574ed8f4e98 the parameters RpcPort,
RpcUserName, RpcPassword and RpcUseSSL got deprecated and
nova::rabbitmq_port removed. As a result the healtcheck get called with
null parameter and fail.
We now get the global_config_settings from RabbitMQService and use
oslo_messaging_rpc_port for the healthcheck.

This is an addition to 8ff04029f5bc4cc2db4b3575229ce7bafb4eb358 for
the undercloud compute service.

Related-Bug: #1824805

Change-Id: Ic5f545b3bda571e028452d5c4123d9eca4493054
2019-04-30 11:47:45 +02:00
Damien Ciabrini
75361e66b0 ensure /var/run/redis is present upon reboot
/var/run is mounted as a tmpfs, which means /var/run/redis
disappears on reboot. Since podman doesn't try to recreate a
directory if it doesn't exist, containerized redis cannot
be restarted because one of its bind mount is missing.

Force the creation of /var/run/redis after every reboot, with
default permissions. On container restart, Kolla will chown and
chmod the directory to the proper value.

Change-Id: I36c81f58c3b3e9366212a93f73b6212cca4ea569
Closes-Bug: #1826554
Depends-On: Iaa8a99eb9ced21fb6c7c87c5b56dec55383af9a9
2019-04-29 18:58:17 +02:00
Alan Bishop
1e33dfa8f6 Fix cinder-backup deployment templates
Fix the step_config portion of the puppet_config that configures the
cinder-backup service's backend driver. For the pacemaker version,
fix the path to the CinderBackupBase's step_config.

Closes-Bug: #1826897
Change-Id: I9c7e938ddd3a21eeb6166ade7874c46700bb6a5b
2019-04-29 12:17:27 -04:00
Zuul
9e55d59cef Merge "Add parameter to configure maxdelay in db purge/archive job" 2019-04-29 13:12:36 +00:00
Zuul
54c6c3ae76 Merge "Remove ceph-ansible fetch directory after it is saved" 2019-04-29 13:04:33 +00:00
Zuul
51ad20db4e Merge "Change setype for non container /var/log/<service> directories" 2019-04-29 13:04:31 +00:00
John Fulton
53657f6184 Remove ceph-ansible fetch directory after it is saved
Because the ceph-ansible fetch directory is backed up to Swift
or the directory defined by LocalCephAnsibleFetchDirectoryBackup,
it is safe to delete it after ceph-ansible has run. If we need
to apply a system update, the fetch directory will be restored
each time before ceph-ansible is run and it will then subsequently
be backed up and deleted.

During the restore, problems can occur if the update is being run
by a different user or if the restore tries to overwrite metadata.
Rather than try to handle this by setting permissions or passing
metadata overwrite flags, it is simpler to just ensure that each
restore is a restore to a new copy of the fetch directory.

Also, remove the task which removes nested sections of fetch
directory (if any) and remove registrations of nested sections.
This task's goal was to clean the fetch directory which would
continue to exist on the filesystem. Since that directory is
now being fully removed there is nothing to clean.

Change-Id: I7a01146a135254ccb948b8e793859f8fa3bdc690
Closes-Bug: #1823229
2019-04-28 19:42:37 -04:00
Zuul
3a41e8af39 Merge "Ensure there is no redis on host" 2019-04-28 11:15:31 +00:00
Zuul
927395dae5 Merge "Override ceph_mon to v2 protocol" 2019-04-27 23:31:53 +00:00
Martin Schuppert
5906f45ffe Change setype for non container /var/log/<service> directories
/var/log/<service> is not used by containers, therefore setype
svirt_sandbox_file_t is not required. This changes it to the
default var_log_t.

Change-Id: I870f6f5286ac9222d6d8fbdcb48fe6b6559993ba
2019-04-27 18:24:07 +02:00
Zuul
2d50c070ef Merge "Run nova_cell_v2_discover_hosts.py on every deploy run" 2019-04-27 01:33:38 +00:00
Zuul
b9d7d501fc Merge "nova: Remove the NovaPlacement service" 2019-04-27 01:22:24 +00:00
Zuul
439ca76217 Merge "MetricsQdr: Build sslProfiles without internal TLS" 2019-04-26 22:43:13 +00:00