Previously, Kayobe used Kolla Ansible's bootstrap-servers command to
create a user account and Python virtual environment for Kolla Ansible.
In order to do this it used the Kayobe Ansible user and Python
interpreter.
This causes problems for Ansible fact caching, which needs separate
caches for Kayobe and Kolla Ansible, since the different users and
Python interpreters used result in different facts. Bootstrapping
servers with the Kayobe user and interpreter resulted in the Kolla
Ansible fact cache being populated with Kayobe's user and interpreter.
This change disables user creation during Kolla Ansible's
bootstrap-servers command, instead creating the user and virtual
environment in Kayobe prior to running the command. This allows the
bootstrap-servers command to be executed using the normal Kolla Ansible
user and interpreter, which results in the correct facts being gathered.
The downside here is some duplication of code and configuration, but a
nice side effect is that we no longer need to dump configuration in the
CLI for host configure in order to fetch the Ansible user and
interpreter.
Change-Id: I85670be7242bc436f73c689f027670b0938ba031
Story: 2007492
Task: 39444
One way to improve the performance of Ansible is through fact caching.
Rather than gather facts in every play, we can configure Ansible to
cache them in a persistent store. An example Ansible configuration for
doing this is as follows:
[defaults]
gathering = smart
fact_caching = jsonfile
fact_caching_connection = ./facts
fact_caching_timeout = 86400
While this mostly just works, there are a few places where we
unconditionally gather facts using the setup module. This change
modifies these to only gather facts when necessary.
We no longer execute the MichaelRigart.interfaces role using become:
true, since it may gather facts and we do not want it to do so as root.
The role uses become where necessary.
Change-Id: I9984a187fc6c0496ada489bb8eef36e44d695aac
Story: 2007492
Task: 39216
Using become for all Kolla Ansible tasks is not ideal from a security
perspective. It is also incompatible with fact caching, since it causes
facts to be gathered and cached as root, which changes some facts.
This change modifies the default value of kolla_ansible_become to false.
Change-Id: I9ee5c55e59276f70c92e9c698c01123dcf8919a1
Story: 2007492
Task: 39217
Adds support for configuration of DNF repo mirrors for CentOS and EPEL
repositories, as well as custom repositories.
Adds support for DNF automatic, which is a replacement for yum-cron.
Configuration is backwards compatible, falling back to the equivalent
yum variables when DNF variables have not been overridden.
Change-Id: I8bef5e9c8e1c77c25d6077ff690da8f2cde6a643
Story: 2006574
Task: 38922
It leaves certain ceph mentions in globals.yml.j2 as it needs
syncing with kolla-ansible contents anyways
(these are all comments).
Change-Id: I05e9c6223583e9bb5dc0020edc0b56990275093c
Story: 2007295
Task: 38766
CentOS 8 does not provide an ntp package. Instead fall back to using the
chrony container provided by Kolla Ansible by default.
Depends-On: https://review.opendev.org/711511
Change-Id: If5230854d7565c8b3c91a46da4795c63edf095e4
Story: 2006574
Task: 38866
We enable ntpd by default, and provide a variable to disable it -
ntp_service_enabled. It is also automatically disabled if the user
enables the chrony container (kolla_enable_chrony).
However, setting ntp_service_enabled to false will cause the host
configure commands to fail due to a bug in the resmo.ntp role. This is
because it tries to configure the ntpd service in systemd, but it will
not exist so the task fails.
This change fixes the issue by skipping the resmo.ntp role if the NTP
service is disabled.
Change-Id: I640873c11ceae5008030dc03984c089a410a0cee
Story: 2007384
Task: 38968
Updates the minimum version of Ansible from 2.6 to 2.8, and the maximum
supported version from 2.8 to 2.9.
CentOS 8 requires Ansible 2.8.
Change-Id: I3f8f7f8d7d37e3cb851965a491ac9c43030869d5
Story: 2006574
Task: 38826
Kayobe overcloud introspection data save fails because the dynamic
inventory script siliently breaks causing Ansible to parse it as a
static inventory file. The failure occurs due to OS_TOKEN being set.
This change works around setting OS_TOKEN before running the dynamic
inventory script by setting OS_CLOUD before querying inspector.
Confirmed on Stein and Train, and verified in both environments.
Story: 2007326
Task: 38846
Change-Id: I57fbf91ae3440d3e4e6a64cd7d05151e299c9322
One use case is to use seperate disk for the registry storage. This
can prevent the rootfs from filling up.
Change-Id: I9634ee7f5730e93b8ddd96de04982d638dd4dae2
This pulls in a number of fixes to the iDRAC role which includes
a change to allow the role to work with a recent version of the
python-dracclient library.
Change-Id: I6aa1fcece42f93cf404cf06dc96b2d70b140775e
Since I56533ead8357945a42b079fda7edbd9912fc135a (present in 7.0.0.0rc1),
seed VM provisioning fails due to a missing configdrive volume. The
problem is caused by the stackhpc.libvirt-vm role at version 1.8.0, and
the issue is described in
https://github.com/stackhpc/ansible-role-libvirt-vm/issues/45.
This change bumps the requirement for stackhpc.libvirt-vm to v1.10.0,
which includes a fix for the issue.
Change-Id: I7361510a1c9c9c25356c5abd2a68b661c6b52692
Story: 2007063
Task: 37929
Since story 2006855, it is possible to specify a list of packages when
building IPA images. However, this introduced an issue in the case where
no packages are specified. See
https://github.com/stackhpc/ansible-role-os-images/issues/26.
This change fixes the issue by updating stackhpc.os-images role to
v1.7.0, which has a fix for this issue.
Change-Id: I70d20381bec3f5b92bb467e6c506e32bb13548c2
Story: 2007069
Task: 37952
Kolla recently upgraded bifrost from 7.0.0 to 7.1.0 on the stable/train
branch. This switched to IPA builder to build the IPA image, and
introduced a rename of the IPA kernel file from ipa.vmlinuz to
ipa.kernel, which breaks overcloud provisioning. The iPXE kernel
download fails with a 404, since Kayobe introspection rules use
ipa.vmlinuz for the driver_info.deploy_kernel URL.
This change works around the issue by setting two Bifrost variables,
ipa_kernel and ipa_kernel_url, to reference the old kernel filename of
ipa.vmlinuz. This works both in the case where the image is downloaded
from a URL (ipa_kernel sets the destination file name), and where it is
built via 'kayobe seed deployment image build' (kayobe uses the legacy
ironic-agent DIB element rather than IPA builder, which creates a
hardlink to ipa.vmlinuz).
We chose the above approach rather than switching to IPA builder due to
it being a less risky change at a time close to release. A future
release of Kayobe should switch to IPA builder, but this will be a
larger effort.
[1] https://review.opendev.org/#/c/692200/1/playbooks/roles/bifrost-ironic-install/defaults/main.yml
Change-Id: I7f75c25602fd7ae4bfeb6abbdd3b42d8ee465abf
Story: 2007068
Task: 37951
Add file to the reno documentation build to show release notes for
stable/train.
Use pbr instruction to increment the minor version number
automatically so that master versions are higher than the versions on
stable/train.
Change-Id: I8ee7a008dc6dfc07f2fd079323d43a28f15ecb42
Sem-Ver: feature
In Kayobe hosts which are part of a Nova cell can be managed via the
existing controller and compute groups. However, since Nova Cells are
configured via group vars in Kolla Ansible we need some way of setting
these. We could pass vars through to Kolla Ansible host vars using
`kolla_overcloud_inventory_pass_through_host_vars` but the list of
variables which may be set on a per cell basis is large and undefined.
This change allows the user to directly specify Kolla Ansible group vars
as part of Kayobe config, allowing the deployment of Nova Cells by
Kayobe to be largely unchanged from the procedure documented in Kolla
Ansible.
Change-Id: I2695034d36936fcc77a4828c67f9552155781dd6
Story: 2004291
Task: 37804
These are mostly formatting fixes, but also a correction of the default
value of pip_upper_constraints_file.
Change-Id: Iadb1b45644865d67e170f94d301d3eeeab2654ee
Updates the minimum version of Ansible from 2.5 to 2.6, and the maximum
supported version from 2.7 to 2.8.
Change-Id: I5aeb28424a8d1920b58ca73e37131d8cbfeabf29
Kolla ansible switched its database backup support to mariabackup from
xtrabackup due to incompatibilities. See
https://bugs.launchpad.net/kolla/+bug/1843043 for details.
Change-Id: Ib95771f09fd6d5e71a2af471de47f811e1cab88b
Related-Bug: #1843043
Story: 2006952
Task: 37634
Kolla Ansible Train introduces support for TLS encryption of the
internal API. This change introduces support for internal API encryption
in Kayobe.
The following new variables are introduced:
* kolla_enable_tls_internal
* kolla_internal_tls_cert
* kolla_internal_fqdn_cacert
Also only set kolla_*_fqdn_cacert in globals.yml if set.
Change-Id: If432afde374fe247d09c952e110c9567e17daea1
Story: 2006959
Task: 37649
This allows you to use a project reference for documentation, e.g
features:
- |
:kayobe-doc:`Testing versioned docs <configuration/kayobe.html#configuration-patterns>`
Change-Id: Ie25a7f12b99b8b02dfd76848ec7c3fc08c8b8108
Elasticsearch Curator will be driven by custom config. This adds
support in Kayobe for managing it.
Change-Id: Ie739ffbd67c6c26175f152449a7b7276ffa87824
Story: 2006852
Task: 37443
On Ubuntu sys.prefix is set to '/usr' even though pip will install
packages to '/usr/local' when not using a virtualenv. This change fixes
the detection in this instance. Non standard install locations are not
currently supported.
Change-Id: I214e11e7d099d1b39041fdc6b91002e1929d9c00
Story: 2005510
Task: 30620
Connections default to 'public' interface when attempting to run
openstack commands. This breaks setups where the network hosts are
separate from the controllers.
This change adds an ``openstack_interface`` variable to select the
correct endpoint to use, which defaults to ``internal``.
Co-Authored-By: Michael Senizaiz <michael@r-hpc.com>
Change-Id: Ifa766d2cc3ed7077f03c571398072ad5117701c6
Story: 2006814
Task: 37374
Diskimage builder supports specifying a list of packages to install via
-p. We currently support this for the root image, but not IPA images.
This change adds a new configuration option, 'ipa_build_dib_packages',
that should be a list of additional packages to install in locally built
IPA images. This affects the following commands:
kayobe seed deployment image build
kayobe overcloud deployment image build
This depends on
https://github.com/stackhpc/ansible-role-os-images/pull/25.
Also adds an example to the documentation for the equivalent option for
root image.
Change-Id: I04191d9541894b6a264e966c9ecb1056e0edade4
Story: 2006855
Task: 37446
Kolla ansible train adds a new command, kolla-ansible deploy-containers,
that will only deploy containers, and skips registration, bootstrapping
and configuration.
This change adds a new 'kayobe overcloud service deploy containers'
command to make use of the new kolla-ansible command.
Change-Id: I999dfe4b1d082bc88148f54b236644abcbd96a5a
Story: 2006951
Task: 37633
Remove transitional support for stopping the chrony container. This was
originally added for https://storyboard.openstack.org/#!/story/2005272.
Change-Id: Ief43e723b8f4b97fdcd5960aabfb7208beb0b7cd
Story: 2006949
Task: 37630
In the Train cycle, Kolla Ansible added support for
docker_custom_config, and writes out configuration to
/etc/docker/daemon.json. This will conflict with Kayobe's configuration
of that file, and changes made by kayobe will be reversed when
kolla-ansible bootstrap-servers is run.
This change uses the new variable to pass daemon.json configuration
through to kolla ansible. Because the ordering has changed, we also need
to separate out the devicemapper setup and run this prior to starting
docker.
Change-Id: Idc3fa9fefd8242ef9db76d4d773885e3594b453a
Depends-On: https://review.opendev.org/691001
Story: 2006764
Task: 37277
Add new variables, ``kolla_bifrost_dib_elements_extra`` and
``kolla_bifrost_dib_env_vars_extra``, in
``${KAYOBE_CONFIG_PATH}/bifrost.yml`` for setting additional
``diskimage-builder`` elements and environment variables for the disk
image generated by Bifrost. Default elements and environment variables
are now respectively defined by ``kolla_bifrost_dib_elements_default``
and ``kolla_bifrost_dib_env_vars_default``.
Change-Id: I22ab15c42d8db772f1a64f325f9371860491ccfb
