In the event you have different disks in nodes assigned to each role
you may need to pass role specific parameters, e.g like:
parameter_defaults:
OpenShiftMasterParameters:
OpenShiftGlusterDisks:
- /dev/vdc
OpenShiftWorkerParameters:
OpenShiftGlusterDisks:
- /dev/vdd
To enable that we create an inventory file per role, and pass the directory
of files to ansible.
Change-Id: I8b4d8698405ffb004b081e1f097f300216edfa77
We need KernelIpNonLocalBind on the undercloud to bind non local ips
among other ip forward options. This sysctl parameter was managed by
instack-undercloud but never ported to the containerized undercloud.
We need the same sysctl parameters for parity with non containerized
undercloud.
Change-Id: Idd3d432b8f7eb573d94cd56be8e05614510ebddf
Related-Bug: #1774898
We don't expect our operators to have SSH keys setup on the undercloud
node, so we don't want to block the PasswordAuthentication in
sshd_config.
Depends-On: I88b24c82fb3cf2309f45d5d447a9b0c403da7fc9
Change-Id: I10b112e8bffff30879606ddd970dfd3ec67fd9c7
Closes-Bug: #1772519
This patch adds the required parameters to the Compute role so the
agents are configured properly on upgrade.
Related-Bug: #1774199
Change-Id: Iab42ae0fb13e8e92cc9903432a95e04a94a5913c
To trigger ceph-ansible we need to make sure the WorkfowSteps
resource is enabled in ceph-upgrade-prepare env file.
Change-Id: Id760305971a68c397f9334265dd023b1e1884295
Closes-Bug: 1774647
We currently create /var/lib/docker-puppet/docker-puppet.sh
inside the mp_puppet_config() function which then gets
invoked in parallel via the following:
p = multiprocessing.Pool(process_count)
returncodes = list(p.map(mp_puppet_config, process_map))
This is problematic because we have the following potential race:
1) Process A opens /var/lib/docker-puppet/docker-puppet.sh for writing
2) Process B runs docker run and has the following bind mount:
/var/lib/docker-puppet/docker-puppet.sh:/var/lib/docker-puppet/docker-puppet.sh:z
3) Process B will fail because an exec of a file being written to
will return ETXTBSY
The deployment can fail due to the above with the following error:
[root@overcloud-controller-2 ~]# docker ps -a
CONTAINER ID IMAGE COMMAND CREATED STATUS PORTS NAMES
a401108cd827 192.168.24.1:8787/tripleoqueens/centos-binary-glance-api:current-tripleo-rdo "/var/lib/docker-p..." 19 minutes ago Exited (1) 19 minutes ago docker-puppet-glance_api
[root@overcloud-controller-2 ~]# docker logs docker-puppet-glance_api
standard_init_linux.go:178: exec user process caused "text file busy"
Since /var/lib/docker-puppet/docker-puppet.sh never changes
there is really no need to create it multiple times. Let's just
create it once before spawning the multiple docker run commands
so we avoid any ETXTBSY errors.
Ran 20 successful deployments in sequence with this change applied.
Change-Id: I16b19488ce9f1411273459576db76d16b318dacb
Closes-Bug: #1760787
- do not use set_fact when a lookup can be done directly in the task
- use multi-line YAML for easier legibility
- ignore errors in file lookup plugin when file does not exist and set defaults
Change-Id: I832a2ec34f4ed4a87e30d0c88f4c60bcf2f4c151
For containerized undercloud install this completes the image
preperation. The flow for undercloud install is now:
1. Early in tripleo deploy there is a dry-run prepare which generates
the heat environment for all of the image parameters
2. Here after the registry is installed, populate it by running
prepare again
This file is now a jinja template so that the prepare command has
access to the roles data. This reduces the number of images processed
to services which *might* be containerized, but we can't filter by
services which *are* containerised because we're inside the heat stack
and don't have access to the full heat environment. The actual image
numbers are:
136 prepare with no filtering
97 prepare filtering only by roles_data_undercloud.yaml
64 prepare with undercloud env+roles_data_undercloud.yaml filtering
This might be a time hit for undercloud jobs, but hopefully not
a big hit for undercloud+overcloud jobs because many of those extra images
will be used in the overcloud.
Change-Id: I7449ee364ec9e976fbe9df95024ce3c42f6459b5
Blueprint: container-prepare-workflow
This is basically a rewrite of the bash script pushed by
puppet/extraconfig/tls/tls-cert-inject.yaml
UpgradeImpact: NodeTLSData is not used anymore
Change-Id: Iaf7386207e5bd8b336759f51e4405fe15114123a
To not to redefine variable multiple times in each service we
split httpd_enabled to per service fact set in step|int == 0 block.
Change-Id: Icea0865aadd9253ead464247bf78f45842b3a578
Add "--bump-versions" option to Cinder's db sync command so that stale
RPC version info is purged from Cinder's DB. This ensures all Cinder
services use the latest RPC version after an upgrade.
Closes-Bug: #1774262
Change-Id: I935e65e765fe0a5a88b9cdce9a72b67555e7f9a6
There is an option to remove package, if the service is being
disabled during upgrade. This option should be unset when running
'overcloud upgrade converge'.
Change-Id: I7bad96be0c3dfc1e605efe9d504249dc9045d71d