Role names can be customized, yet in THT jinja2 we
have several places where conditions are based on
the role name. By using tag's such as 'storage',
'ceph' and 'ovsdpdk' we the role names become truly
customizable.
The depends-on change in TripleO common will
dynamically add tag's to role's based on role.name
for backward compatibility during deprecation
period.
Depends-On: https://review.opendev.org/758124
Change-Id: I5ab4e4a220294245f95d328391bfffec87781a09
This adds a new script to convert jinja rendered nic config
templates to use OS::Heat::Value.
There is lots of duplication of code as tht is not installed
as a python package and can also be extended later to handle
multiple files if required.
Change-Id: I06ef54f70ffcd4fc1e501bf9c8395bbede1c6dda
This removes the run-os-net-config.sh script and uses
OS::Heat::Value for the NetworkConfig resources.
Depends-On: https://review.opendev.org/#/c/751713/
Change-Id: Ic3a0234d36525cdd6f415c77733d05a39bbeb3c2
With the switch to Ubuntu Focal for tox jobs via https://review.opendev.org/#/c/738322/
our 1.1.0 version of hacking pulls in old modules that are not compatible
with python3.8:
https://github.com/openstack/hacking/blob/1.1.0/requirements.txt#L6
Let's upgrade hacking to >= 3.0.1 and < 3.1.0 so that it supports python3.8
correctly. The newer hacking also triggered new errors which are
fixed in this review as well:
./tools/render-ansible-tasks.py:113:25: F841 local variable 'e' is assigned to but never used
./tools/yaml-validate.py:541:19: F999 '...'.format(...) has unused arguments at position(s): 2
./tools/render-ansible-tasks.py:126:1: E305 expected 2 blank lines after class or function definition, found 1
./tools/yaml-validate.py:33:1: E305 expected 2 blank lines after class or function definition, found 1
./container_config_scripts/tests/test_nova_statedir_ownership.py:35:1: E305 expected 2 blank lines after class or function definition, found 0
Also make sure we exclude .tox and __pycache__ from flake8 as well
We also need to change the lower-constraint requirements to make them
py3.8 compatible. See https://bugs.launchpad.net/nova/+bug/1886298
cffi==1.14.0
greenlet==0.4.15
MarkupSafe==1.1.0
paramiko==2.7.1
Suggested-By: Yatin Karel <ykarel@redhat.com>
Change-Id: Ic280ce9a51f26d165d4e93ba0dc0c47cdf8d7961
Closes-Bug: #1895093
Now that the FFU process relies on the upgrade_tasks and deployment
tasts there is no need to keep the old fast_forward_upgrade_tasks.
This patch removes all the fast_forward_upgrade_tasks section from
the services, as well as from the common structures.
Change-Id: I39b8a846145fdc2fb3d0f6853df541c773ee455e
When converting a HA control plane to TLS-e, 1) the bootstrap node
tells pacemaker to restart all redis instances to take into
account the new TLS-e config; 2) a new container redis_tls_proxy
is started on every controller to encapsulate redis traffic in TLS
tunnels. This happens during step 2.
Redis servers have to be restarted everywhere for redis_tls_proxy
to be able to start tunnels properly. Since we can't guarantee that
across several nodes during the same step, tweak the startup of
redis_tls_proxy instead; make sure to only create the tunnels once
the targeted host:port can be bound (i.e. redis was restarted).
Change-Id: I70560f80775dacddd82262e8079c13f86b0eb0e6
Closes-Bug: #1883096
In Python 3.8, the re module no longer escapes various
characters (such as ; or /), as opposed to python 3.6.
Update various regexes in yaml-validate.py to match
patterns as expected for all python versions.
Change-Id: Ica7a01b10bc9483acdf7468bec2f8840ee3f7170
Closes-Bug: #1883722
Detect the IP version used instead of relying on the
user specifying the IP version for services.
The IP version is stored in a net_ip_version_map which
is passed to all services in ServiceData.
Deprecates the following parameters:
CephIPv6, CorosyncIPv6, RabbitIPv6, MemcachedIPv6,
MysqlIPv6, RedisIPv6 and NeutronOverlayIPVersion.
Change-Id: Iebfd8ef686381be2f45d0d4c45dfd6bf654d1ac6
The scripts in tools should be updated to use python3
by default. Support for python2 has been dropped.
Closes-Bug: #1875685
Change-Id: Ia13a8a43d767d93263d5c717f273184bf78d23c9
Current puppet modules uses only absolute name to include classes,
so replace relative name by absolute name in template files so that
template description can be consistent with puppet implementation.
Change-Id: I7a704d113289d61ed05f7a31d65caf2908a7994a
We're dropping this as it has no testing and is not currentily available
for CentOS 8.
Change-Id: I408490346840d5a2e3ae29f53cbc100edcf72ee7
Depends-On: https://review.opendev.org/#/c/712517/
This change ensures that if there are several versions
of Python installed, the interpreter used is the first
one on the environment's $PATH.
Change-Id: I48eec3d22e5a2a018554c6864efd52e4ab3c87ce
Related-Bug: #1854214
The yaml validation was not updated when the service yaml files were moved.
This updates the paths and filename patterns and fixes any issues exposed.
Change-Id: I41e15dae78159985801b4f2a62284a6d382e0a68
Closes-bug: #1848205
Already implemented, tested and validated.
Addressed reviews/comments of Emilien Macchi - Jan 3 10:37 AM - Patch Set 1: Code-Review-1:
- "it would be nice to have a validate function in tools/yaml-validate.py like we already have for ComputeHCI role": Done, using validate_hci_computehci_role as ComputeHCIOvsDpdk.yaml does.
- 2 comments inline: adding return line and wront identation: Corrected
Change-Id: I20cd54b677e8da8c3c5691d913c4b6b67bb82e27
Signed-off-by: josecastillolema <josecastillolema@gmail.com>
This change just adds the missing resource to include the missed
CephGrafana bits, fixing the ceph-dashboard deployment scenario.
In this review is also added a validation to make sure that both
ControllerStorage{Dashboard,Nfs} propertly inherit from Controller.
Change-Id: I0075bcb5318462555c7f9f96204ce037016f3e69
Closes-Bug: #1856060
Because we don't need to use yaml.FullLoader, use yaml.SafeLoder
so that we can keep compability with PyYAML < 5.1 .
Change-Id: I51e700f5ad3364c5c8a26aa79b44cd8da1ec469d
Add small python program to tools directory for deployers
which generates a THT environment file containing valid
JSON to be used with NodeDataLookup. Uses ironic generated
data as input.
Tools like this end up getting written in the field after
deployers experience failures. Better to provide them an
official tool up front to solve this problem so they do
not have a bad experience.
Change-Id: I513e6564d18c7fe1c1e5dd63f164f3b5042cacf4
Closes-bug: #1854214
The two services use the same parameter for the location of the
CA cert. This causes problems when trying to deploy both services
on the same machine, for example in standalone mode.
Change-Id: Ie67bac28ac6097cba810b51496493584be0edcc8
Sphinx 1.8 introduced [1] the '--keep-going' argument which, as its name
suggests, keeps the build running when it encounters non-fatal errors.
This is exceptionally useful in avoiding a continuous edit-build loop
when undertaking large doc reworks where multiple errors may be
introduced.
[1] https://github.com/sphinx-doc/sphinx/commit/e3483e9b045
Change-Id: I806842ce6d2522deab060f5e9ef6607a1e919dbf
Until now if there is a nit inside any
Ansible task part of tripleo-heat-templates we will
need to wait until the end-to-end test imports
the actual tasks to fail.
This submission adds the hability to run a syntax
check for any Ansible task part of any role
defined by default in the resource registry.
Also it will allow to reduce the CI CO2 footprint
by not executing unneeded jobs meant to fail.
Let's save the planet and some CI cycles.
Change-Id: I6eb7c873cc9a4b7d765e745dc260475bff7b268a
Ealier, KernelArgs had been configured using ansible
tasks part of THT repo. Thoese ansiblet asks has been
moved to tripleo-kernel role of tripleo-ansible. This
role will be invoked from the boot-params-service.
boot-params-service has been moved from pre network to
the deployment/kernel directory.
OvS-DPDK configuration was done using puppet-vswitch
module by invoking puppet in PreNetworkConfig's
ExtraConfig script. A new ansible role tripleo-ovs-dpdk
has been created to apply the DPDK configurations via
ansible instead of puppet. This role will be common
for both ml2-ovs and ml2-ovn. Common parameter merging
has been enhanced to provide common deploy steps.
ODL is not validated as it has been deprecated and
currently no active usage or development.
Depends-On: https://review.opendev.org/#/c/688864/
Change-Id: I4b6f7d73cf76954e93760c59d522d485187157cf
Pass explicitly Loader to yaml.load so that we can get rid of
YAMLLoadWarning [1].
[1] https://msg.pyyaml.org/load
Also make sure to use context manager when opening file,
so that we don't miss to close it.
Change-Id: Ic12499c3286c6bed5e0ee231ad0c25e01f82b58e
This change makes sure that we apply pyflake8 checks on all python
codes to improve its readability.
Note that there are some rules applied for other OpenStack projects,
but not yet turned on, which should be enabled in the future.
Change-Id: Iaf0299983d3a3fe48e3beb8f47bd33c21deb4972
This change adds a StorageDashboard network, required to
run the ceph dashboard service in a separated network.
To define and enable the StorageDashboard network, deploy
using network_data_dashboard.yaml instead of network_data.yaml.
Change-Id: I9d592e459ee917eba839d11cd9712a6b85a6542b
This patch removes fluentd composable service in favor of rsyslog composable service
and modifies *LoggingSource configuration accordingly.
Change-Id: I1e12470b4eea86d8b7a971875d28a2a5e50d5e07
In some customer deployments, the run-os-net-config.sh script exists at
the relative path ../network/scripts/ so add that to the path search.
Downstream bug: https://bugzilla.redhat.com/show_bug.cgi?id=1724165
Change-Id: Ic9e9a2f0f5821805790aadb9f553c9ccadb35cab
These endpoints won't exist on the undercloud in the U cycle, and this
sort of check overlaps with tripleo-validations anyway. This change
also removes the disable_constraints roles data attribute as there is
no longer anything to disable.
Possibly this means deployed-server/deployed-server-roles-data.yaml is
no longer required because it only exists to set
disable_constraints:true (although it lags roles_data.yaml by quite a
lot now)
It looks like tripleo-validations has checks for flavor and image
already, but not keypair. It is unlikely users stray from the
'default' keypair so it is probably fine to not have a validation of
this for the Train release.
Change-Id: Id6146bfdc124e6e3e64ee7caea3ddeb2552bfa71
Blueprint: nova-less-deploy
OpenShift deployed by TripleO support has been removed in a downstream
version of Stein which make the upstream support difficult to maintain.
OpenShift can be deployed using OpenShift-Ansible and
users who desire to deploy OpenShift 3.11 onto bare metal nodes can
still do so using openshift-ansible directly. The provisioning of
the Operating System on baremetal can be done with OpenStack Ironic on
the Overcloud or also can be done with deployed-servers, achieving the
same result.
Change-Id: I6a73f7f22dda69bef324ffdaecdcd6be693c1257
I missed this the changes from I4ee0110a6c2b9466d81e37e5df27f5f81a6eceb5 when
rebasing I9f40a2a3561fcb1d1fec9d9c3c1f9cabaf02650c.
Add the missing key to the roles and add some validation to catch this.
Change-Id: I0f38df69777340ebbdc5c419f121524dbc74cad7
Related-bug: #1831617
Implements: blueprint nova-backend-per-role
This review introduces the CephDashboard service
to allow operators to deploy the new ceph dashboard
along with the other ceph components.
According to the spec we can add the environment
file to reference the template that contains all the
parameters needed to deploy the ceph-dashboard via
ceph-ansible related roles.
Implements: blueprint ceph-dashboard
Change-Id: I1d31cd99823686986cdbd3ac1df184e9457a361e
Since https://review.opendev.org/656581 is merged (and the revert,
reverting the revert ...) there is no metadata service running.
This change removes all things related to setting up routes
to the metadata service, i.e the EC2MetadataIp. As well as NAT
firewall redirect rule used only on the undercloud but disabled
by default.
Blueprint: nova-less-deploy
Change-Id: Ic4ea74b45c566048e32dde82d2bf00498f932af6
Those are hidden resource types in heat. Changing these types
would not result in replacement of the resources.
Change-Id: I22d23a8f187263bd36e364f0cd3301c830f3220b
When multiple Compute roles are used, admins may want to use different storage
backends on each role.
This change turns NovaEnableRbdBackend into a role specific param.
Any other config that is implicitly enabled by the global NovaEnableRbdBackend
now requires a dedicated param.
Co-Authored-By: ratailor@redhat.com
Change-Id: I9f40a2a3561fcb1d1fec9d9c3c1f9cabaf02650c
Implements: blueprint nova-backend-per-role