the openvswitch.openvswitch collection is removed from Ansible packages
starting with Ansible 11. This causes ansible-lint to correctly not find
the openvswitch_bridge module when ansible-lint runs with Ansible 11.
Workaround this by capping Ansible used by ansible-lint to <10 and leave
a note about the module going away where we use it.
Change-Id: Id2d4e4f59c7d7e595c5458bc8717146c2326c573
After moving to C9S we started using testing repository for ovs and we
never switched to release one after NFV SIG started releasing packages
to the official mirrors.
Change-Id: I0f199c9fafe9d5ac3a47b9e55a2d33c4d6735604
Latest ansible-lint is finding this. It seems reasonable enough to
ensure the task is named; it's always nice to have context about what
is happening as you read the file.
Change-Id: Ia7e490aaba99da9694a6f3fdb1bca9838221b30a
We should use the oldest release where we run centos stream 9 jobs which
is wallaby. We set up xena in the past as we backported cs9 jobs to xena
first but now we should switch to wallaby or we may hit issues in
wallaby jobs when the ovs version in xena is higher that in wallaby (as
now).
Change-Id: I18dab9701e96b25396b45df221f54fe94c1ab36b
This is preparation for a later version of ansbile-lint, which finds
missing names on blocks. This seems a reasonable rule, and the
Ansible manual says [1]
Names for blocks have been available since Ansible 2.3. We recommend
using names in all tasks, within blocks or elsewhere, for better
visibility into the tasks being executed when you run the playbook.
This simply adds a name tag for blocks that are missing it. This
should have no operational change, but allows us to update the linter
in a follow-on change.
[1] https://docs.ansible.com/ansible/latest/user_guide/playbooks_blocks.html
Change-Id: I92ed4616775650aced352bc9088a07e919f1a25f
Currently in multi-node-bridge role, For RHEL and CentOS
distro, RDO repos are setted up and from where rdo-openvswitch
get pulled in RHEL deployment and causes unwanted failures.
Like a particular version of rdo-openvswitch is not yet available
in CentOS and it fails the job with nothing provides message.
Enabling RDO repos specifically for CentOS and other distros
except RHEL and Fedora will fix the
issue.
Signed-off-by: Chandan Kumar (raukadah) <chkumar@redhat.com>
Change-Id: Id68f5904c4ec3d667a16e9f4f195d53b02d29cec
In neutron-multinode jobs where we use ovs/ovn from source,
we want to use multi-node-bridge role only for bridge
configuration but not for ovs installation. In the job
we install ovn and openvswitch before calling this role to
configure the bridges.
Adding a role var 'install_ovs' to allow skipping ovs
installation and service start, it's default to true so
no change in current behavior of the role.
It's an alternative approach to [1].
[1] https://review.opendev.org/c/zuul/zuul-jobs/+/762650
Related-Bug: #1904117
Change-Id: I64942679520681bdf7f953c0a3c7fc0d13e77856
After removing Centos 8 repositories [1], the repository has been
set to buildlogs server, which provides testing packages.
This commit is switching back repository to mirror.centos.org once we
have openvswitch in centos network and AFS mirrors.
[1] https://www.centos.org/centos-linux-eol/
Change-Id: I6e0dd26312c593a5c7fe5525a733be8e26faec9d
CentOS Linux 8 repos have been removed from centos mirrors. We were
using that repo to install OVS in multi-node from train repo.
This patch is moving multi-node rolo to install ovs from the RDO testing
repo for train until we have it pushed to the official mirrors for CS8.
Change-Id: Id57e8e90903a0d468c6d3094fbbaf4840a368e2a
With this patch, Adding repos to install openvswitch
in Centos9 stream.
For Centos9 stream nodes we need to enable 2 repos:-
* nfv repo - Ussuri+ openvswitch is shipped as part of NFV SIG
* rdo xena repo - rdo-openvswitch(which provides openvswitch wrapper)
is available in OpenStack repo
Closes-Bug: #1947665
Change-Id: If5a32b30637296a070f2e75ba8feb6aa45d8ecac
(MTU - 50) only supports VxLAN over IPv4, decrease it
to support IPv6 as well, which is 20 bytes larger.
Change-Id: Ifa2633169afe2dd73c78ca7bbfa1a0102caffc95
In case of nodeset which doesn't have peers and switch there is
no need to install openswitch and firewall rules, because nothing
will be installed. Let's skip it if no need.
Change-Id: I98cf5ec390ee22e538baa076c9ab87eea6a44c9e
Currently it's using master repo for CentOS 8. RDO s updating the version of
OVS in master to 2.13 while previous releases use version 2.12 so it's a
problem to install 2.13 for jobs gating reviews for Train or Ussuri.
This review is moving to use Train repository to install openvswitch in
all CentOS 8 jobs as it's the older version supported on CentOS 8. Note
that CI jobs running with this multi-node setup configure proper repos for
the tested release (ussuri, victoria or master) at a later stage and
update the version of OpenvSwitch to the one included on each specific
release repo.
Closes-Bug: #1896469
Change-Id: Ie30997f360b285131cb5051d582da2a15cca7205
Gentoo multinode job is consistently failing. To disable only this
job with current test framework, we need to adapt the test framework, so
that disabling of specific jobs is possible.
Also includes minor documentation fix which triggers affected jobs.
Co-Authored-By: Andreas Jaeger <aj@suse.com>
Change-Id: Ida9d1714f1f6c3f4fbee469ef940147f969d9466
CentOS8 deps should be compatible with RHEL and provide latest versions
of deps compared to the old rhel8 one. Let's switch to use it to install
openvswitch too.
Change-Id: I04090a179706c52e3db4e9118b74f7c7d5ad9776
Currently, centos8 jobs are using old RHEL repo. A repo with CentOS8
packages has been created by RDO, so let's switch to it.
Change-Id: I0df0950de5a42bb7a425609c3d5d065550d956f4
On Gentoo this allows multiple packages to compile/install at once.
Change-Id: I23fd629a351b4c6b2acc325611ed47cc04bca404
Signed-off-by: Matthew Thode <mthode@mthode.org>
Ansible 2.9 does not accept the "installed" state so we need to update
occurences of that to "present".
Change-Id: I13c95794efc63697c2418334ded7c6912bd7b59f
This is a bit of a hack, but allows installation of openvswitch for
testing the multinode roles. Official CentOS 8 RDO builds are still a
work in progress, but this will let us get a head-start on any
multi-node testing.
Change-Id: I2eb1a16e9995a19d61e309aa59b232577184b527
This reverts commit 46b7b6e1c98a8b12647be4b30b5b54405379d6ec.
This didn't end up changing the incidence of the iptables-save command
task failures.
Change-Id: I02e725d7330bc9b438a9864ea49510cca7fee524
Previously to persist the filewall we were including the
persistent-firewall role. This seems to occasionally break because the
second invocation of the role (on multinode jobs after setting up the
multinode bridge) fails with an RC of -13 when listing ipv4 iptables
roles. Then when we try to write them to disk the variable is empty.
One thought is that dynamically loading the role multiple times may be
confusing ansible. Use import_role to statically load the role instead
and see if this helps.
Change-Id: I2458f8eb4c2e4638336fa14e436e13b5a2263cce
In I32fb17bae98f13f735da4d5b9a6a01e948f21678, the evaluated facts
should also fallback to public_ipv4, when private_ipv4 is "empty-like",
e.g. contains no valid IP but something like '\n'.
It also restores the lost switch_private_ip fact just in case.
Change-Id: I139272746129213994f298a4a9178b4441d439af
Signed-off-by: Bogdan Dobrelya <bdobreli@redhat.com>
cecf9e902c
broke Openstack jobs running on Red Hat 7.
This review includes the ansible_distribution_major_version
when deciding which repos to include for openvswitch.
Change-Id: I6ec32e2913843adb0778a63133296bb26a0b5e6e
With the arrival of ansible-lint 4, Jinja2 variable expansions must
include spaces before and after the variable name inside the
brackets.
Adjust the new violations accordingly and remove the rule
206 exclusion.
Change-Id: Ib3ff7b0233a5d5cf99772f9c2adc81861cf34ffa
For running job on RHEL use openvswitch from RHEL8 deps repo,
because centos queens openvswitch causes conflicts with RHEL8
version.
Change-Id: Ia09227cb28ec4a4f9bdbb664b9c7caf714043e31
openvswitch on gentoo needs another packaging hint, add it.
For failure, see https://review.opendev.org/668249
Co-Authored-By: Matthew Thode <mthode@mthode.org>
Change-Id: I0a43dbf2fa63fa93bd7bf73db210ba4685b28127
The static zuul driver returns only a public_ipv4 address for
nodes in use. The multinode bridge role accesses the node
private_ipv4 address. As such, when the private address is
empty/null the role fails.
This review defaults that private address so that the role
uses the public address when the private address is null.
Change-Id: I32fb17bae98f13f735da4d5b9a6a01e948f21678
Installing OVS on CentOS requires one RDO repository and the
centos-release-openstack packages sets up two additional repos which
aren't required.
In addition, we removed the centos-release-openstack package but this
did not remove the two extra repositories, causing them to "leak" into
the jobs.
This sets up the one repository we need and ensures it is removed after
OVS is installed.
Change-Id: Ida2299a4356282d23b79fac6753b6171211a7651
find is used instead of ls as we can select the 'link' type with find
only the link type is needed because files do not have interface
properties and directories are not used for this area of /sys
As an example, the bonding_masters exists in /sys/class/net/ as a file
without any 'subdirectory' of information to it.
Change-Id: Id31fcfb858c6abff4d44444e019f0d48e4f3c671
Drop the dependency on RDO infra in favor of latest OVS releases in
centos-7. This means we'll be bumping to 2.9.0.
This still isn't the best, as we are pinning to a specific release of
openstack. However, until there is the OVS SIG in centos, this is the
best we can do.
Change-Id: Ic8a7ee26ebe0ef4f8c2dcecf9bcfce03b55422e5
Signed-off-by: Paul Belanger <pabelanger@redhat.com>
Not all clouds will provide us with MTUs of 1500. Instead of assuming a
1500 - 50 byte MTU to accomodate for vxlan overhead we list all
interface MTUs, filter by those that appear to be "real" interfaces (to
avoid those we ourselves may have created), take the smallest one and
subtract it by 50 to accomodate for vxlan overhead. You can still set an
explicitl bridge_mtu value if necessary.
Change-Id: If899a1bee3b4b69df8c2905a219b41e119d8f652
It seems that there has been a recent change where the PATH used
has changed somehow. This adds it and make sure that it covers
all 3 major distros location where `ip` is stored.
Change-Id: Ic3c255bd24d1202fec436d4fcc484ce420110518
We configured iptables rules but did not persist them.
This meant that rules would be flushed when restarting iptables or
the instance.
Change-Id: I9d90f55323a33d6a0f0dda1f7ab25d10984fa6cb
The RDO community doesn't meaningfully test their packages on
Fedora and openvswitch is also available in Fedora base
repositories at a recent enough version.
Change-Id: I30713e1ecd70d03d8a520e31bdccdfbe08482699
This sets up a default 'br-infra' bridge between nodes in a multi-node
job. Two groups are expected in order for this to be set up:
- switch
- peers
The 'switch' group, with only one expected member, will be set up as
the switch node while the 'peers' group will be connected to the switch
node with virtual ports.
The default settings such as the bridge name, the IP range used, the MTU
and so on can be overridden at the job level by setting vars.
Change-Id: If5a3f512837e5b235bd2f6dbfdbb454435aa983e
