The hook for os-net-config in multinode NIC config templates contains
a call to `ovs-vsctl del-br br-ex` to remove the bridge we got from
nodepool and initialize network config. We need to avoid executing
that again on upgrade, or the Ansible process running the upgrade gets
stuck.
Change-Id: Ie36342402426d74fd528e320d60adc951bf8c9ac
Closes-Bug: #1772040
Under pacemaker, it manages this mount correctly. When not deploying
redis with pacemaker, the /var/run/redis folder is not properly mounted
so the container cannot start correctly after a reboot.
Change-Id: I1b86bc91e7ca95a1e70fecee1b6507787d98e9cd
Closes-Bug: #1771888
Deploy Docker with Ansible instead of Puppet so later we will be able
to prepare the registry before deploying any containerized service
and do tasks in the middle like updating containers.
Remove the Puppet run from update_tasks, we'll move these tasks later in
ansible-role-container-registry.
Change-Id: Iee0e08cd48f173a39a6f3a1ea54b29e370d4f334
Since we moved services in containers, their logs aren't in the old location, but
in /var/log/containers/<service>. This patch fixes the generated Hiera hash used
by Fluentd for its configuration
Regarding Designate config service: some of the yaml doesn't use at all the
`service_config_settings` parameter - they will need to be updated accordingly
once it's supported
Co-Authored-By: Thomas Herve <therve@redhat.com>, Steven Hardy <shardy@redhat.com>
Change-Id: I1bc0930de4053dc1c34b50477e82d9ccdab7ae2e
Closes-Bug: 1769051
Related-Bug: 1674715
crudini is not installed by default on Red Hat derivitive OS's, so we
shouldn't rely on it. We probably can't just install it since this
script is the rhel-registration script, so there are likely no repos
enabled when we need it.
Instead just use grep/cut/sed to get the value we need.
Change-Id: I78fce8b6c7f1d3528f9d8c02772f95cb8ad3b3c8
Closes-Bug: #1771830
* In order to make sure tempest container is available in CI,
It adds the logging for the same in /var/log/containers/tempest.
Change-Id: I3d526b374b6233bad69f5c6be12036b3ede37028
We don't request a certificate for oslo_messaging_rpc, so we use
rabbitmq (the one we used to use) instead.
Closes-Bug: #1771744
Change-Id: I05ef290215fa0303b3be6ddb4462e7ca02b2d71b
1) Rename the neutron DB at step 2 so Neutron has time to stop (during
step 1) and right after we stop mariadb, so no chance for any app to
access to old db.
2) Upgrade all rpms at step 3 like we do for other services. Step 1 was
way too early.
Change-Id: I34bdc0a9d575e5d1b8f3ce1e09c145cc34563a85
This reverts commit 8e104b3c549118727b53c9825a438e799715b7f9.
https://review.openstack.org/#/c/559926/ introduced requiring CloudName.
This broke the documented deployment process. I also don't see how
CloudName can be required, but CloudDomain can not.
I don't see a technical reason why we can't keep the default as
localdomain. If necessary, we can instead add a parameter
validation instead of requiring the parameter.
Closes-Bug: #1771627
Depends-On: Ia86842b0b1f42512f25390d6bdb695e0f8133c6d
Change-Id: I2c5b511df50f29c63aa613899c2bebb506360bf4
UndercloudUpgrade needs to be set to True when upgrading a containerized
undercloud. It was missed in a previous patch.
Change-Id: I5f06052b1d5290f8193aea57bafc8ddf86d2d8cf
Looks like the cinder-backup ffu tasks were missed as
discussed in [0]. Adding here and they are the same as the
other docker/services/pacemaker things e.g. rabbit @[1].
This also fixes the resource check in the bm->containers
upgrade_tasks so cinder-backup is also properly deleted.
[0] https://bugzilla.redhat.com/show_bug.cgi?id=1578158
[1] e37e0e6d47/docker/services/pacemaker/rabbitmq.yaml (L367-L397)
Change-Id: Idc1b8d444fb354450b8e584d199d1f22e0d92e5a
Allow NFS configuration of storage backend for Nova.
This way the instances files will be stored on a shared
NFS storage.
Implements: bp tripleo-nova-nfs
Depends-On: Id15aec6324814a871e87f19f24999b0e3b8a8f05
Change-Id: Ie4fe217bd119b638f42c682d21572547f02f17b2
"role_name" is internal to Ansible, we should not use it.
This patch uses the new variable set in the inventory to use a specific
TripleO var: tripleo_role_name which is the TripleO role name and not
the Ansible role names, both things are very different.
Depends-On: I57c4eac87e2f96dfe5490b111cd2508505715d56
Change-Id: Iecaf6f1b830e65be2f9e2e44431054fe46f9f565
Related-Bug: #1771171
Add GlanceEnabledImportMethods parameter, and set the default value to
restrict Glance from using its 'glance-direct' import method. The
glance-direct method requires a special configuration when deployed in
an HA environment, and that capability will be added in a later release.
Closes-Bug: #1765439
Depends-On: https://review.openstack.org/568366
Change-Id: I7038601d7505a60df2a1fb7fd8db818efa105341
By default collectd polling interval is set to 10 seconds for all plugins,
which is bringing down the entire cloud if the default Gnocchi deployment
(Swift on controllers) is used. We have to override the default higher value.
Closes-Bug: #1771083
Change-Id: I210c72028da35068ed8469b2d2deb75797a2b08f
Ironic services already present in Newton release,
ironic-api and ironic-conductor, are missing their
fast_forward_upgrade_tasks section.
Change-Id: Ic6e8c1515bb16d29a285b5a5bdbd4971adf3e2c2
Closes-Bug: #1770634
And unset back to CREATE on ffwd-upgrade converge. See [0] for more
discussion. This is to allow operators to update to the new script
based os-net-config network templates during the ffwd-upgrade.
[0] https://bugzilla.redhat.com/show_bug.cgi?id=1568561#c3
Change-Id: Ib5be49579545ad0ec7bf95e96fbe1f62ec4d3ac0
The Octavia public key configuration is run by Mistral meaning under the
'mistral' user. The previously default /home/stack/.ssh/id_rsa.pub file
may not be readable or not accessible because the of lack of permissions
from its parent directory leading to permission denied and hence failure
to deploy overcloud. It is safer to not default to a file path but to
use the existing 'default' keypair from the undercloud which anyway is
the public key of the 'stack' user. Users can still specify a file path
but will need to ensure it is readable.
Related-Bug: #1770641
Change-Id: I1dea4a8d5bb3c5a64ee7fb8995b837909bc1cafe
The minor update tasks for cinder-backup first pull the new image and
then delete the old one. If the image hasn't changed, deleting the old
one means deleting the new one too, and then trying to tag it as
pcmklatest will fail. The other services under
services/docker/pacemaker seem to have the order correct.
All services here could use a performance optimization for cases when
the image hasn't changed (don't reshuffle images if the hash hasn't
changed) but let's fix the breakage first and address performance
later.
Change-Id: I5e0fcb7467fcff7e549e04789ceeb8eb49ee265a
Closes-Bug: #1770598
Related-Bug: #1770599
Since we're aligning the overcloud/undercloud and we've switched to
containerization it, we should reuse the same heat services rather than
duplicating the services with the Undercloud definition.
Depends-On: Ic7dba7e548f85574cce2db23e3fec5c8ea761bb7
Change-Id: I497597a47533375f34a22a56e2e9a145d9393358
Related-Blueprint: containerized-undercloud