A previous change [1] enabled ndisc_notify, which is the IPv6 equivalent
for IPv4's arp_notify. Enable the latter to keep them consistent with
each other.
Change-Id: I15e8348585a9c0ee824a4c123677992010980b9e
Related-Bug: #1827927
Allow to override serial parameter for parallel execution
in Ansible
Needed-By: Iafd7c58aaf2f1b30cf46cd16122b5821c96c497c
Needed-By: I15511b4f36260292e0ea4100b15b8e65a701b38b
Change-Id: I707282bf3cfcc7e370af41f987700e39c1b0b268
Some mountpoints are left on the host after docker shut down. This
seems to be an issue with docker, but couldn't trace it back to a
specific docker bug.
In the meantime to unblock the upgrade CI we make sure that every
mount point under /var/lib/docker are umounted before deleting that
directory.
Note that we need to keep the order right, so that we do a depth first
list so that umount can do leaves before root.
Closes-Bug: #1826375
Co-Authored-By: Sofer Athlan-Guyot <sathlang@redhat.com>
Change-Id: I03a065556caca4385bb8b28be0dfbe21addbf003
On RHEL/CentOS systems, ndisc_notify is disabled by default. When
OVS restarts or an internal port flaps, the MAC address may change.
Without ndisc_notify, neighbor hosts on the same network will not
know about the MAC change, and will lose connectivity until the MAC
timer expires.
This change sets net.ipv6.conf.all.ndisc_notify to 1, which will
cause a gratuitous neighbor discovery packet which will update MAC
address tables on neighboring hosts.
Change-Id: I89062275541d7c6bb6fb725f5283ba59feb38a94
Closes-bug: 1827927
The configure_delegated_roles configure if the heat_stack_onwer role
would be created or not by keystone. Right now this is set to false,
without any way to override to true. This patch change this option to be
a parameter and it also change scenario001 to true in order to run heat
tempest tests.
Change-Id: I916cc4842ccef587a25b06cb422436953974e790
This patch will properly tear down a compute node.
It's running openstackclient from the Undercloud against Nova API on the
Overcloud, to disable and delete the nova compute service.
Then it's disabling and stopping the containers.
Change-Id: Iedf5b45b9870ad90735d5d7f7c7cafe638db67d1
This reverts commit 374fafd66afa792ba197403b479dadbfa3055bce.
The root cause of the timeout has been addressed by:
Id22b1465d6d2424d90781983b970aba4545feb8a
We don't need that horrible hack.
Related-Bug: #1826281
Change-Id: I5f1c89e7fad7624c2edbf557ec39f5777b089d55
ComputeOvsDpdkSriov, ComputeOvsDpdkSriovRT and CellController roles do
not include OS::TripleO::Services::Podman which may cause Overcloud deployments to
fail.
Adding Podman service to these roles in order to be aligned with the rest of the roles.
Change-Id: If9b9ffa4651133b966ea0c28069dd1a81f3b2df5
Chrony has replaced the usage of ntp and is not supported beyond Stein.
Change-Id: Iab476205f29e0ca9e4053c0c9fb2d051b72b13f0
Related-Blueprint: tripleo-chrony
The Ntp service should no longer defined on the roles as we should be
using the meta Timesync service to ensure the correct service is defined
for the sync service.
Change-Id: Ic2fb3291de78891d05ef12e3778263fe74fbff8c
Related-Blueprint: tripleo-chrony
Closes-Bug: #1827676
This list will be used by container image prepare to determine whether
to prepare images for every architecture in the registry, or just for
the default architecture.
Change-Id: Ie2885e5a5cdd6dde71be996950154cd2e759062f
Blueprint: multiarch-support
- python-ipaddress is not available in rhel8
- python3-heat-agent* need to be installed instead of
python-heat-agent*
- lvm2 is required by ceph deployments
Closes-bug: 1827276
Change-Id: Id5eb7edb48a7c56e8c9a3798fc8bd3eb08f4294a
Currently the 'Remove ceph-ansible fetch directory' task fails with
permission denied.
Change-Id: Iab61b0fed8251ffe0e208d12abd874d02a37027f
Closes-bug: 1827273
All known consumers of boot data (os-collect-config, etc) have a
preference for using config-drive as the data source.
The last known consumer was novajoin, but that switched to preferring
config-drive early in the Stein development cycle[1] so it should now
be safe to switch off the nova metadata API service.
[1] https://review.opendev.org/#/c/607492/
Blueprint: nova-less-deploy
Change-Id: If35aec24f446769fca7897c2126fb6657454f073
Right now all scripts log in DEBUG level. This change enables only
DEBUG level if debug is also enabled for the nova service.
Change-Id: Ie58a6630877a58bec8ce763ede166997bd41f882
With 405366fa32583e88c34417e5f46fa574ed8f4e98 the parameters RpcPort,
RpcUserName, RpcPassword and RpcUseSSL got deprecated and
nova::rabbitmq_port removed. As a result the healtcheck get called with
null parameter and fail.
We now get the global_config_settings from RabbitMQService and use
oslo_messaging_rpc_port for the healthcheck.
This is an addition to 8ff04029f5bc4cc2db4b3575229ce7bafb4eb358 for
the undercloud compute service.
Related-Bug: #1824805
Change-Id: Ic5f545b3bda571e028452d5c4123d9eca4493054
/var/run is mounted as a tmpfs, which means /var/run/redis
disappears on reboot. Since podman doesn't try to recreate a
directory if it doesn't exist, containerized redis cannot
be restarted because one of its bind mount is missing.
Force the creation of /var/run/redis after every reboot, with
default permissions. On container restart, Kolla will chown and
chmod the directory to the proper value.
Change-Id: I36c81f58c3b3e9366212a93f73b6212cca4ea569
Closes-Bug: #1826554
Depends-On: Iaa8a99eb9ced21fb6c7c87c5b56dec55383af9a9
Fix the step_config portion of the puppet_config that configures the
cinder-backup service's backend driver. For the pacemaker version,
fix the path to the CinderBackupBase's step_config.
Closes-Bug: #1826897
Change-Id: I9c7e938ddd3a21eeb6166ade7874c46700bb6a5b
Because the ceph-ansible fetch directory is backed up to Swift
or the directory defined by LocalCephAnsibleFetchDirectoryBackup,
it is safe to delete it after ceph-ansible has run. If we need
to apply a system update, the fetch directory will be restored
each time before ceph-ansible is run and it will then subsequently
be backed up and deleted.
During the restore, problems can occur if the update is being run
by a different user or if the restore tries to overwrite metadata.
Rather than try to handle this by setting permissions or passing
metadata overwrite flags, it is simpler to just ensure that each
restore is a restore to a new copy of the fetch directory.
Also, remove the task which removes nested sections of fetch
directory (if any) and remove registrations of nested sections.
This task's goal was to clean the fetch directory which would
continue to exist on the filesystem. Since that directory is
now being fully removed there is nothing to clean.
Change-Id: I7a01146a135254ccb948b8e793859f8fa3bdc690
Closes-Bug: #1823229
/var/log/<service> is not used by containers, therefore setype
svirt_sandbox_file_t is not required. This changes it to the
default var_log_t.
Change-Id: I870f6f5286ac9222d6d8fbdcb48fe6b6559993ba