wangxiyuan 01ed75acef Add openEuler Distro support
openEuler is the newest open source operating system, which is quite
famous and widely used in China. This patch aims to add the OS support
in kolla-ansible for the host OS.

bp: support-openeuler-os

Depends-On: https://review.opendev.org/c/openstack/ansible-collection-kolla/+/830320

Change-Id: I66dc84f02c324dbc0787ec25d4bd92ada9362e94
2022-03-28 07:54:49 +00:00

138 lines
4.4 KiB
YAML

---
- hosts: all
any_errors_fatal: true
vars:
logs_dir: "/tmp/logs"
roles:
- bindep
- multi-node-firewall
- role: multi-node-vxlan-overlay
vars:
vxlan_interface_name: "{{ api_interface_name }}"
vxlan_vni: 10000
- role: multi-node-managed-addressing
vars:
managed_interface_name: "{{ api_interface_name }}"
managed_network_prefix: "{{ api_network_prefix }}"
managed_network_prefix_length: "{{ api_network_prefix_length }}"
managed_network_address_family: "{{ address_family }}"
# NOTE(yoctozepto): no addressing for neutron_external_interface in here
# because it is enslaved by a bridge
- role: multi-node-vxlan-overlay
vars:
vxlan_interface_name: "{{ neutron_external_vxlan_interface_name }}"
vxlan_vni: 10001
- role: bridge
vars:
bridge_name: "{{ neutron_external_bridge_name }}"
bridge_member_name: "{{ neutron_external_vxlan_interface_name }}"
# TODO(mnasiadka): Update ipv6 jobs to test ipv6 in Neutron
- role: multi-node-managed-addressing
vars:
managed_interface_name: "{{ neutron_external_bridge_name }}"
managed_network_prefix: "{{ neutron_external_network_prefix }}"
managed_network_prefix_length: "{{ neutron_external_network_prefix_length }}"
managed_network_address_family: "ipv4"
- role: veth
vars:
veth_pair:
- "veth-{{ neutron_external_bridge_name }}"
- "veth-{{ neutron_external_bridge_name }}-ext"
bridge_name: "{{ neutron_external_bridge_name }}"
tasks:
# NOTE(yoctozepto): we use gawk to add time to each logged line
# outside of Ansible (e.g. for init-runonce)
- name: Install gawk and Python modules
package:
name:
- gawk
- python3-pip
- python3-setuptools
- python3-wheel
become: true
- name: Ensure /tmp/logs/ dir
file:
path: "{{ logs_dir }}"
state: "directory"
- name: Ensure /tmp/logs/pre dir
file:
path: "{{ logs_dir }}/pre"
state: "directory"
- name: Run diagnostics script
environment:
LOG_DIR: "{{ logs_dir }}/pre"
KOLLA_INTERNAL_VIP_ADDRESS: "{{ kolla_internal_vip_address }}"
script: get_logs.sh
register: get_logs_result
become: true
failed_when: false
- name: Print get_logs output
debug:
msg: "{{ get_logs_result.stdout }}"
- name: Ensure node directories
file:
path: "{{ logs_dir }}/{{ item }}"
state: "directory"
mode: 0777
with_items:
- "docker_logs"
- "kolla_configs"
- "system_logs"
- "kolla"
- "ansible"
# NOTE(yoctozepto): let's observe forwarding behavior
- name: iptables - LOG FORWARD
become: true
iptables:
state: present
action: append
chain: FORWARD
jump: LOG
log_prefix: 'iptables FORWARD: '
- name: set new hostname based on ansible inventory file
hostname:
name: "{{ inventory_hostname }}"
use: systemd
become: true
# NOTE(wxy): There are some issues on openEuler, fix them by hand.
# 1. iptables-legacy is used by default.
# 2. NTP sync doesn't work by default.
- block:
# The CentOS Stream 8 in container uses iptables-nft while the host
# openEuler uses iptables-legacy by default. We should update openEuler
# to keep iptables the same.
# Ubuntu 20.04 container OS uses iptables-legacy by default. It works
# well on openEuler.
- name: Set iptables from legacy to nft for centos stream container
shell:
cmd: |
dnf install -y iptables-nft
iptables-save > iptables.txt
iptables-nft-restore < iptables.txt
update-alternatives --set iptables /usr/sbin/iptables-nft
become: true
when: base_distro == 'centos'
# The command `timedatectl status` always times out if the command
# `timedatectl show-timesync` is not run first.
- name: Let ntp service work
shell: timedatectl show-timesync
become: true
when: ansible_facts.distribution == 'openEuler'
- name: Wait for ntp time sync
command: timedatectl status
register: timedatectl_status
changed_when: false
until: "'synchronized: yes' in timedatectl_status.stdout"
retries: 90
delay: 10