This patch will allow custom volume and env variables for the
cinder-volume container.
This is likely going to be needed by some Cinder backends who may not
have in-tree TripleO integration yet and need these types of
customizations.
Change-Id: I825c5373c7c4ab6896579eae705bc034f67fb68f
This patch adds support for networking-ovn-metadata-agent.
It will deploy the agent on compute nodes and disable Nova
force_config_drive.
The following two patches have been squashed into this one:
* https://review.openstack.org/#/c/525164/
* https://review.openstack.org/#/c/522813/
The reason behind the squash is that we had interdepenencies
and this patch alone wouldn't be testing the code properly
without the two other ones since scenario007 job in baremetal
has been removed for this cycle.
UpgradeImpact
Depends-On: I678652294cb8f964c34b742a0bc0ea360d736fb9
Depends-On: If3dffde5e0db8f7607a9708d36d54d1600fe5da8
Depends-On: I38f775479d178f5b252619635b67f876bc8c5ed5
Depends-On: Ifdd42437333730a3b3e6f36cbab6df0a2971a5a1
Depends-On: I940cec6d670df39ac6e2a3559a028acbeee99331
Change-Id: Idc2bb4e31a64502ac6fcdac771d823509dc328e7
Signed-off-by: Daniel Alvarez <dalvarez@redhat.com>
In TripleO we exported the KOLLA_KUBERNETES to skip the cluster
readiness check and workaround a limitation of the mariadb boostrap
script in Kolla that expected MariaDB 10.0 coming from the MariaDB
repository and didn't work with the MariaDB 10.1 from RDO.
Luckily this was fixed in Kolla with
Ia2acb09e877a586243fc1acb49d8d140cf27d7b5 and we can now remove this
tech debt from t-h-t.
Change-Id: Iba62e436a16ddb3cfc87fc4ec03b599e55841681
Related-Bug: #1740060
There are some configuration applies that we need to do during the
deployment. These currently live as manually constructed bash runs which
are missing the --detailed-exitcode handling to know when we have
failures. In order to reduce the duplicated code and simplify this
exeuction, this change creates a docker_config_scripts with
docker_puppet_run.sh in containers-common that can be reused by any of
the docker services. This allows use to properly handle
--detailed-exitcodes while also reducing the amount of duplicated code
bits that we have within THT.
Additionally this change adds a new shared value for ContainersCommon to
pull the required volumes for the docker_puppet_apply.sh script into a
single place. Unfortunately the existing volumes from ContainersCommon
includes a mount for /etc/puppet to /etc/puppet which causes problems
because we need to be able to write out a hiera value. The /etc/puppet
mount is needed for the bootstrap_host_exec function which is consumed
by various docker_config tasks but the mount conflicts with the puppet
apply logic being used.
Depends-On: I24e5e344b7f657ce5d42a7c7c45be7b5ed5e6445
Change-Id: Icf4a64ed76635e39bbb34c3a088c55e1f14fddca
Related-Bug: #1741345
Co-Authored-By: Damien Ciabrini <dciabrin@redhat.com>
We changed the bind mount to be /etc/iscsi in
I838427ccae06cfe1be72939c4bcc2978f7dc36a8, we need to copy the files to
/etc/iscsi so that they do not end up at '/' in the container.
Change-Id: Id5c1f16d08ffd36a35a6669d64460a7b2240d401
Closes-Bug: #1741850
This converts "tags: stepN" to "when: step|int == N" for the direct
execution as an ansible playbook, with a loop variable 'step'.
The tasks all include the explicit cast |int.
This also adds a set_fact task for handling of the package removal
with the UpgradeRemovePackages parameter (no change to the interface)
The yaml-validate also now checks for duplicate 'when:' statements
Q upgrade spec @ Ibde21e6efae3a7d311bee526d63c5692c4e27b28
Related Blueprint: major-upgrade-workflow
[0]: 394a92f761/tripleo_common/utils/config.py (L141)
Change-Id: I6adc5619a28099f4e241351b63377f1e96933810
This patch will allow to attach optional volumes and env variables to the
neutron-api, heat-api and nova-compute containers.
Change-Id: I95cd5017fdbbec257d274b805be4509ec32f9019
Closes-Bug: 1741464
... so we can know how long take resources configuration in Puppet
catalogs, and more easily debug why we have timeouts.
Change-Id: If3fae8837140caae91120e46b4880146ffe22afc
Bind mount the /etc/iscsi host path for iscsi container puppet config.
Use the real host path /etc/iscsi for containers dependsing on it.
Closes-bug: #1735425
Change-Id: I838427ccae06cfe1be72939c4bcc2978f7dc36a8
Depends-on: I7e9f0641164691682516ac3e72e2145c7d112409
Co-authored-by: Alan Bishop <abishop@redhat.com>
Co-authored-by: Martin André <m.andre@redhat.com>
Signed-off-by: Bogdan Dobrelya <bdobreli@redhat.com>
This resolves an issue where the pid file exists from a previous
run of the container.
Change-Id: Id051172407f0e879d3edf18c8b2ec13734794ed2
Closes-bug: #1724559
Add CephAnsibleEnvironmentVariables which allows a user to
override any Ansible environment variable.
Depends-On: I5d69af146ca6ca8b3d5f78445cd1b47828daa955
Change-Id: Ic731c8f0c988c485c5b3448182a568b8514cab0a
Closes-Bug: 1738276
We need to wait for rabbitmq_ready exec so that rabbit is fully
up. This can only happen if we add the tag for it.
Also we need to make sure that launching the epmd process cannot
happen. The reason for this is the following:
When the puppet-rabbitmq module gets invoked (a simple facter run
will be sufficient) inside the rabbitmq_init_bundle container it spawns
an epmd process.
Now if we wait for the Exec[rabbitmq-ready], it means that this epmd
process is staying around until rabbit is up, but then will disappear
suddenly when the rabbitmq_init_bundle container exits, which will
subsequently confuse the rabbitmq cluster and make it fail.
Partial-Bug: #1739026
Co-Authored-By: Damien Ciabrini <dciabrin@redhat.com>
Co-Authored-By: John Eckersberg <jeckersb@redhat.com>
Change-Id: Ie74a13a6c8181948900ea0de8ee9717f76f3ce79
When deploying with -e environments/config-debug.yaml, which sets
ConfigDebug to true, it is expected that puppet is run with --debug
--verbose. This has happened for most of the puppet uses (via
LP#1722752), but we missed enabling it for the init_bundle under
docker/services.
While we're at it we also add '--color=false' to the puppet apply
command of the init_bundle containers as that is what we use in the
other puppet apply runs.
Closes-Bug: #1738764
Change-Id: If529b83a7342b3ad17d705517978539d1c6b949e
By default logs for libvirt are disabled. However, for debugging
purposes they might be enabled but are only available within the
container. This change bind mounts the log directory to the host.
Change-Id: I4a69e39355a332872ab40663d85a0bc15b98dcf4
We faced issue where on some environments docker-puppet.py picks up
/etc/hosts as modified, even though that shouldn't be the case (LP bug
1709689). On the last occasion we found the cause to be desynced time
on the host machine of a virtual setup, and subsequent NTP sync of
overcloud nodes (causing a 5 hour skip back in time) racing with
docker-puppet.py.
Still, more info to debug these kinds of issues would be nice to
have. Printing the timestamp of origin_of_time, saving it to a
persistent directory and making sure /etc/localtime is mounted into
docker-puppet containers should make finding the root cause on such
occasions easier.
Change-Id: I2ea197673b470379ead295058b6952cce3a69606
Closes-Bug: #1737954
Per-node customizations were only dumped as hieradata, so the
ceph-ansible workflow could not consume them.
This change passes the structure to the mistral workflow so that it
can consume the data and populate the inventory accordingly.
Change-Id: Ie7a9f10f0c821b8c642494a4d3933b2901f39d40
Depends-On: Ia23825aea938f6f9bcf536e35cad562a1b96c93b
Closes-Bug: #1736707
During minor update pcs cluster is stopped during step 1.
Then we search for pcs managed containers at step 2.
But since pcs cluster is stopped, 'docker ps' won't report stopped
containers.
This change adds '--all' option to show all the containers.
Change-Id: If38a4f7e25d4d1f4679d9684ad2c0db8475d679b
Closes-Bug: #1737548
When configuring the keystone LDAP integration we need to write out
domain configuration items using the keystone_domain_config provider.
Since this tag was missed in the docker conversion, the configuration
was not actually available in the docker container.
Change-Id: I7abdfdd55e38da80768c907863fa06429debf9cd
Closes-Bug: #1737799
Barbican is set to be configured in step 3 after keystone.
This allows other services (like swift) to use barbican to store
and retrieve configuration secrets.
Change-Id: Ie486473d001b10a23374b55369431b4c2bb85419
If docker-puppet.py fails on any config_volume, it can be difficult to
reproduce the failure given all the other entries in docker-puppet.json.
Often to reproduce a single failure, one has to modify the json file,
and remove all other entries, save the result to a new file, then pass
that new file as $CONFIG.
This commit adds the ability to specify $CONFIG_VOLUME, which will cause
docker-puppet.py to only run the configuration for the specified entry
in docker-puppet.json whose config_volume value matches the user
specified value.
Change-Id: I2889647a27a8b891696a6a3e7f78b59a015c2c79
Closes-Bug: #1737043
When new module are added, we may miss the symlink in
/etc/puppet/modules. And for consistency as we mount the
/usr/share/openstack-puppet/modules directory it’s better to add it
to the modulepath.
Change-Id: I963aede41403ebbe3b9afb55a725b304a30a0cbb
Closes-Bug: #1736980