Remove RoleNames ansible-lint custom rule
As this rule has been merged upstream, we don't need it anymore locally.
This patch also bumps the ansible-lint release from v4.3.5 to v5.0.3
It also mocks the following modules and roles coming from
validations-common to pass the --syntax-check:
- hiera, validations_read_ini and warn customs libs
- check_latest_packages_version role
Signed-off-by: Jiri Podivin <jpodivin@redhat.com>
Change-Id: I9b17582c3ec1fc1a7e6223f5fcf9f47471f4c1ac
(cherry picked from commit 32e9e9e16e)
(cherry picked from commit 3257d51775)
(cherry picked from commit 5492f5f39a)
(cherry picked from commit 8afc404335)
(cherry picked from commit 9808650864)
Rename system_encoding.yaml to system-encoding.yaml to respect the
nomenclature.
Change-Id: I811ee8c811fbc4171c4f54cf8d03e801eec62009
(cherry picked from commit cce263b578)
(cherry picked from commit d925c56f8d)
(cherry picked from commit 03ee7daa1f)
The newly introduced role oslo_config_validator is probably a
better framework to validate settings as it's centralized and
will most probably be called by sosreport for troubleshooting
purpose. It only makes sense to move some setting validations
to this new role when possible.
This patch also adds the nova_event_callback role documentation in
sphinx.
Closes-Bug: #1934609
Conflicts:
- playbooks/nova-event-callback.yaml
Change-Id: Iac8126429773d3b63d17ad851d24e8c6f498f557
(cherry picked from commit 23992a3576)
(cherry picked from commit 23a2ec2164)
(cherry picked from commit 0c00c50064)
(cherry picked from commit 1a2243b891)
Pacemaker-status validation always reports success regardless
of the actual status of the service.
Add a task to fail validation when pacemaker service is found
inactive/failed
Closes-Bug: #1940519
Signed-off-by: Yadnesh Kulkarni <ykulkarn@redhat.com>
Change-Id: Id8d99321c870aee70f0e177b1b633654a04c8402
(cherry picked from commit 2a7c43df4a)
1. Stop using DockerInsecureRegistryAddress from
containers-prepare-parameter.yaml
2. Instead, use:
'openstack stack environment show qe-Cloud-0'
Co-authored-by: Daniel Bengtsson <dbengt@redhat.com>
Change-Id: I8b30574fcc769b4ee39a0c24f3a5a982b80f6c0a
(cherry picked from commit 8492bf8e35)
(cherry picked from commit 87cb274041)
(cherry picked from commit d786eddb26)
(cherry picked from commit a6c8d6243d)
This change is to fix the emulatorpin cpus validation of NFV
OvS DPDK instance.
Change-Id: I4e1bd9ca270bc7503beb0a0074e4e2aff887119a
(cherry picked from commit 7136337b09)
The utils.list_plan_and_stack function returns None in case of exceptions
or and empty list if no stacks or no plans have been found in the
environment.
This patch fixes the conditional to allow the tripleo-ansible-inventory
script to generate only the undercloud Inventory when no Overcloud has
been deployed.
Related-bz: rhbz#1987318
Signed-off-by: Gael Chamoulaud (Strider) <gchamoul@redhat.com>
Change-Id: If0dc3300fbd8cf245c0477be782110d897344860
(cherry picked from commit 5a8cfac7f9)
(cherry picked from commit 9289704779)
(cherry picked from commit 8ad642f538)
(cherry picked from commit 1e9ba89030)
This changes to add the validations for NFV OvS DPDK zero packet loss
rules.
Change-Id: I70e60b8039eb99af26c8e39e30c7cdfd93f5a3c0
(cherry picked from commit 46d9b751fd)
When spinning a container, podman_container defaults network to bridge
as opposed to docker_container that defaults to none.
This causes "Missing CNI default network" errors and doesn't run the
oslo-config-validator command as expected.
Change-Id: I4faeab61421a9dbd6e5e2ea92c7e64ab1467453b
(cherry picked from commit 9311c11823)
(cherry picked from commit bc692be30d)
(cherry picked from commit 16c6893280)
(cherry picked from commit 5f949e3da0)
This role is intended to leverage the `oslo-config-validator` on each one
of the configuration files found on a deployment. The goal is to quickly
catch erroneous configurations.
When called manually, it will also be possible to generate a report
returning all the differences between the current configuration and the
default configuration
One last thing, it will also validate the values of some specific
settings, based on the invalid_settings dict in the configuration.
Because of that, we moved some checks in nova_event_callback to the
oslo_config_validator role.
NOTE(dvd):
- Removing backup-and-restore group from this branch as it's
not available prior to Wallaby.
- train-only modification to support docker container during
FFU stage.
- oslo_config_validator/tasks/build_validation_config.yml
- oslo_config_validator/tasks/container_run.yml
- Change hosts from all to allovercloud because of undercloud
configured with ``notify_nova_on_port_data_changes``
- Removed cinder's enable_v3_api as it's still valid in train.
Depends-On: https://review.opendev.org/c/openstack/oslo.config/+/794817
Related: https://bugzilla.redhat.com/show_bug.cgi?id=1940815
Resolves: rhbz#1940815
Change-Id: Id047fe378cf512b985c9d7478a991f11b280102b
(cherry picked from commit 4aaca32f19)
(cherry picked from commit fab6429d98)
(cherry picked from commit 727625fe95)
(cherry picked from commit 92c55031e6)
By placing further constraints on the versions of the
requested packages, we can minimize the time used by
the pip resolver mechanism. [1]
[1](https://github.com/pypa/pip/issues/9215)
Signed-off-by: Jiri Podivin <jpodivin@redhat.com>
Change-Id: I21702338f2f12cd39b16c4aaf031c29bffa07ac0
This patch moves back the haproxy validation from validations-common to
tripleo-validations. It has been renamed in tripleo-haproxy and the role
is called now tripleo_haproxy.
This patch also fix the host targeting in order to only execute this
validation on nodes where haproxy is really installed and configured.
Note that the haproxy validations hosted in validations-common will be
removed in a follow up patch.
Closes-Bug: #1926024
Co-Authored-By: Michele Baldessari <michele@redhat.com>
Signed-off-by: Gael Chamoulaud (Strider) <gchamoul@redhat.com>
Change-Id: I9869afd60342fdb0aca69a313c1c6e35e0947fb8
(cherry picked from commit 9dd662a1b9)
(cherry picked from commit 253a16de42)
(cherry picked from commit bb5a538a56)
(cherry picked from commit 2744976e60)
RHEL-8.3 kernel disabled the Intel TSX (Transactional
Synchronization Extensions) feature by default as a preemptive
security measure, but it breaks live migration from RHEL-7.9
(or even RHEL-8.1 or RHEL-8.2) to RHEL-8.3.
Operators are expected to explicitly define the TSX flag in
their KernelArgs for the compute role to prevent live-migration
issues during the upgrade process.
This also impacts upstream CentOS systems.
Co-Authored-By: Martin Schuppert <mschuppert@redhat.com>
Related: https://bugzilla.redhat.com/1923165
Closes-Bug: #1916758
Change-Id: Icfcfb1c07bbfbe05d27d67187d941c0c34fad2b2
(cherry picked from commit ede25c3e36)
(cherry picked from commit 74c30cf491)
(cherry picked from commit 1d8c110b52)
(cherry picked from commit 3c80b58b45)
This patch adds documentation for:
- How to develop a molecule test for a new role
- How to run the molecule test scenarios via tox-ansible
Signed-off-by: Gael Chamoulaud (Strider) <gchamoul@redhat.com>
Change-Id: I1fb32100139736b88a078940f930122f2694955c
(cherry picked from commit 443f8d328f)
(cherry picked from commit 99acc1cb49)
(cherry picked from commit 6fd4fc82d5)
(cherry picked from commit 9058d182d2)
This patch migrates the new role addition playbook into a proper Ansible
role with proper molecule tests. This new role will be responsible for
creating a new validation.
It is good to mention that the process won't change and it will be
fully transparent for the user.
To create a new role in tripleo-validations:
$ cd tripleo-validations/
$ export ANSIBLE_ROLES_PATH="${PWD}/roles"
$ ansible-playbook -i localhost, role-addition.yml -e validation_init_role_name=${NEWROLENAME}
Signed-off-by: Gael Chamoulaud (Strider) <gchamoul@redhat.com>
Change-Id: I219f4054e6b854306719b9c91a0738c526f07666
(cherry picked from commit 83ba5e32fd)
(cherry picked from commit 19bb19ea3c)
(cherry picked from commit fc7ab69ef0)
(cherry picked from commit d32efebfae)
[1] has been merged and released[2] in upstream tox-ansible and it is now
able to manage global molecule configuration. The workaround, which
consisted in adding the molecule driver name in each scenarios
molecule.yml files, is not necessary anymore.
This patch also removes all the relative symlink to the Dockerfile and
adds directly in the global molecule configuration file.
[1] https://github.com/ansible-community/tox-ansible/pull/89
[2] https://github.com/ansible-community/tox-ansible/releases/tag/v1.5.0
Signed-off-by: Gael Chamoulaud (Strider) <gchamoul@redhat.com>
Change-Id: I259c17b7a49ff5bf3476df4da399cc4b2782403d
(cherry picked from commit c551910cf5)
(cherry picked from commit f3cba823d7)
(cherry picked from commit 12dd20e3b5)
(cherry picked from commit 76eb983e98)
This patch organizes better the content of the documentation files in order
to render it clearer and better.
Change-Id: I5a00e854198fc5429db0353b490dc07192183476
(cherry picked from commit 06ce5bf55c)
(cherry picked from commit 98cdbd03db)
(cherry picked from commit 3d68f6a644)
(cherry picked from commit ab125b4cd9)
This patch adds a molecule configuration file at the repository
level (tripleo-validations/.config/molecule/config.yml) which defines
all the default values for molecule.yml files in all roles.
This patch also introduces a common Dockerfile (UBI8 image) shared
between all the role molecule tests. This Dockerfile will install the
CentOS 8.x Linux Repos and GPG Keys during the image build.
This Dockerfile is located in tripleo-validations/.config/molecule
directory and it is shared through a relative symbolic link between all
the molecule directories.
NOTE: tox-ansible doesn't manage shared molecule configuration at the
project level (see [1]). To be able to use it, we have to explicitly add
the driver name in each molecule.yml file in the roles level. Once [1]
will be fixed, these will be removed.
[1] - https://github.com/ansible-community/tox-ansible/issues/88).
Signed-off-by: Gael Chamoulaud (Strider) <gchamoul@redhat.com>
Change-Id: I4717825e2767dc55016a30fb62aa6a5541f26cfd
(cherry picked from commit 66193a69b7)
(cherry picked from commit 6a3081beac)
(cherry picked from commit 8bd52a2fba)
(cherry picked from commit f2f322c1ea)
For the update it's not required to define the DockerInsecureRegistryAddress parameter.
Change-Id: I329d56a266a62327ab3ba88ac726729624d2a766
(cherry picked from commit 90858c7db4)
Furing FFWD workflow, the validation gets triggered as part of the
pre-upgrade group. When it gets triggered, the environment is in
state where the Undercloud has been upgrade to OSP16.1 (container
engine is podman) but the Overcloud nodes are still on OSP13
(container engine is still docker).
This patch is similar to I46c4fbe0ef7b281d77bff82483eb0b48b4570bb3
to check which container cli should be used.
Related: https://bugzilla.redhat.com/show_bug.cgi?id=1963872
Signed-off-by: Gael Chamoulaud (Strider) <gchamoul@redhat.com>
Change-Id: I15b105d03193a83ab7bbf3e911cbb37974a54495
This breaks the get_swift_client function that uses a password
auth_type. We should instead use the token stored in the inventory.
Related: https://bugzilla.redhat.com/show_bug.cgi?id=1962225
Change-Id: Ib53632c30c8eb9f7ebc4dc59043cb51bcb8b81a0
Furing FFWD workflow, the validation gets triggered as part of the
pre-upgrade group. When it gets triggered, the environment is in
state where the Undercloud has been upgrade to OSP16.1 (container
engine is podman) but the Overcloud nodes are still on OSP13
(container engine is still docker).
This patch is similar to I46c4fbe0ef7b281d77bff82483eb0b48b4570bb3
to check which container cli should be used.
Related: https://bugzilla.redhat.com/show_bug.cgi?id=1963879
Change-Id: I98e42d5d7edb0718660a69fab9c1e6c25af2b138
When running pre-upgrade, it triggers a failed validation during FFU
Because undercloud is 16.2 and the overcloud is still running on 13.
Change-Id: Ia3d9ea6c3a69392975046518d5728496a3bec998
(cherry picked from commit 1271bb838c)
(cherry picked from commit 306d4ff8db)
(cherry picked from commit 8dcc4a4262)
(cherry picked from commit ee7208bc4e)
Gael Chamoulaud (Strider)
Jiri Podivin
Daniel Bengtsson
David Vallee Delisle
Zuul
Yadnesh Kulkarni
omcgonag
Jaganathan Palanisamy
Christopher Brown
Martin Schuppert