Commit Graph

644 Commits

Author SHA1 Message Date
Zuul f5b386f3d4 Merge "Drop task that deletes old UCA repo" 2024-03-05 13:56:30 +00:00
Dmitriy Rabotyagov 88a9be604b Resolve custom hosts records on hosts
In order to save quite some time during the role execution, we apply
run_once when defining /etc/hosts content.

While this good for "static" content which is based on the inventory,
resolving openstack_host_custom_hosts_records once may lead to
unexpected behaviour. For instance, if host record depends on some specific
group or other variables defined in host/group variables.

In order to resolve it accordingly, we merge status and custom records together
in blockinfile, which allows to resolve record individually for each host
and not having penalty for most usecases.

Change-Id: I48274de908fc6dc4a2e22a789e8355c7ba263599
2024-02-15 12:26:17 +01:00
Jonathan Rosser 08784f1e67 Drop task that deletes old UCA repo
The variable `uca_apt_source_list_filename` is not defined anywhere
in openstack-ansible so this task is redundant.

Change-Id: I15cc331ad5ec11507860bf61b0c2b20fa8c0b2a0
2024-02-01 15:12:01 +00:00
Dmitriy Rabotyagov 1584983367 Skip installing curl for EL
Due to the bug in Ansible [1] it does not resolve requirement of /usr/bin/curl
properly, always trying to install `curl-minimal`, which would fail on systems with
already installed `curl`.

Since `curl` presence is essential for DNF, we should be able to skip installation
of curl to EL systems, as they are all shipped with it as of today.

[1] https://github.com/ansible/ansible/issues/82461

Closes-Bug: #2046172
Change-Id: I0f1bd3aa3dbce93c42fdb9399948c41edab2369d
2023-12-29 11:05:23 +00:00
Dmitriy Rabotyagov 2e78c2314d Remove `localhost` record from hosts file
After adding `localhost` to inventory explicitly [1] this caused an interesting
side-effect, where a record for `localhost` is being added to the managed block
in /etc/hosts file, which might override FQDN defenition for the host.

This also makes healthcheck-hosts.yml fail the test, since expected record is not present.

[1] https://review.opendev.org/c/openstack/openstack-ansible/+/899523

Change-Id: If1840530a54aa9ae22eda1d3094f0c40ab66ddde
2023-12-29 10:48:24 +01:00
Dmitriy Rabotyagov a93a952652 Switch codename to Bobcat
Once UCA and RDO have released their packages for 2023.2 we can update
the openstack_distrib_code_name

Change-Id: I4da504eb51ee7f5359902d1af432657982b8fc84
2023-10-25 20:10:32 +02:00
Dmitriy Rabotyagov 4f21f81dab Use relevant osbpo repository for Debian 12
Debian 11 latest repository for osbpo is Zed, while for Debian 12 both
Antelope and Bobact are available. We should use correct repos whenever
possible.

Depends-On: https://review.opendev.org/c/openstack/openstack-ansible/+/894561
Change-Id: Iad6cc3839ad474982dcf88dddd57775cd5a628c7
2023-10-18 16:58:59 +00:00
Marc Gariepy 660c6c8092 Remove rsyslog since we should use journald instead
Change-Id: Id3a82e722e5c118a35920eabeca62a9cf87756bc
2023-09-27 15:17:39 -04:00
Dmitriy Rabotyagov 565245f2f5 Define mode for journald configuration file
Change-Id: I3eb4162787a415d1d1556cab55d0ab157f1ca4c4
2023-09-18 15:32:21 +02:00
Dmitriy Rabotyagov 65f28c5bb4 Add ability to define a config for journald
At the moment we aim to make systemd-journald a universal destination
for log files across services. With that there is currently no way
of configuring journald using OSA. While this might be
neat for production deployments, it's very valuable to have for CI
as well.

Change-Id: I70a8c9266cb12811a58f5a183955dbec319e539f
2023-08-22 08:25:21 +00:00
Dmitriy Rabotyagov 4afafbbdb4 Drop bits for unsupported OS
There were couple of tasks designed for unsupported
operating systems like Debian 10 or CentOS 8 that were
left during previous cleanups.

Change-Id: I5f920c16a6f6053e64b8013b2a668eb3b1ed2f6a
2023-08-21 16:59:56 +02:00
Jonathan Rosser 936188e26f Rename internal variable _package_list
This var is renamed _openstack_hosts_package list so that it
does not collide with a variable of the same name used in the
python_venv_build role.

Change-Id: Idedf39312df718a7d815eebb3642f75207348afb
2023-08-15 15:03:14 +01:00
Dmitriy Rabotyagov 0fdd2ad27d Drop Ubuntu 20.04 support
Ubuntu 20.04 is not supported or tested in 2023.2, so we remove
focal-related variables from the role.

Change-Id: I52f772f519db6c4924443498bb3453f69cd997de
2023-08-15 15:51:20 +02:00
Dmitriy Rabotyagov 3cf5320038 Fix linters issue and metadata
With update of ansible-lint to version >=6.0.0 a lot of new
linters were added, that enabled by default. In order to comply
with linter rules we're applying changes to the role.

With that we also update metdata to reflect current state.

Change-Id: Ide0ca8cf60f3a92c98543465d53bc4720067b153
2023-07-14 05:47:17 +00:00
Zuul f1de9887b5 Merge "Add support to install distro packages from RDO CloudSIG repos" 2023-05-23 10:38:25 +00:00
Neil Hanlon d1b4da3f66 Revert pinning rdo-deps for openvswitch 2.17 for rocky
Rocky 9.2 was released today and ships a new centos-release-nfv which
points to builds of RDO Dependencies build against RHEL 9 buildroots
instead of CentOS Stream 9. As such, we no longer need to keep Rocky at
a lower version of ovs/ovn and can match other distributions (and
Stream) on 3.1.

Depends-On: https://review.opendev.org/c/openstack/openstack-ansible/+/883377
Change-Id: I396a75119cdfd3762a59f6e5437234fcc661b7ae
2023-05-17 14:46:35 +00:00
Alfredo Moralejo 25e8634b71 Add support to install distro packages from RDO CloudSIG repos
RDO provides two sets of repositories with OpenStack packages, RDO Trunk
and RDO CloudSIG [1]. Currently, openstack_hosts role always uses Trunk
repos but in some cases, users may prefer to use CloudSIG.

This patch adds a variable openstack_hosts_rdo_repo_type which can take
values "trunk" or "cloudsig" to select the type or repos to be used.

[1] https://www.rdoproject.org/what/repos/

Change-Id: I95ee40ae1366e815507b62ba632935e664971f42
2023-05-11 10:54:44 +02:00
Dmitriy Rabotyagov 5e92c6b3e9 Update release name to Antelope
Once distro packages are released, we can update our release name. This
should also fix distro jobs.

Change-Id: I826b08e026211271e9b0e363d4512b383dcd61d2
2023-04-19 18:09:43 +00:00
Dmitriy Rabotyagov 753c161674 Fix package exclude condition for rdo-deps
In [1] I;'ve accidentally missed round brackets which make ternary
filter test wrong value, so it always results in False

[1] https://review.opendev.org/c/openstack/openstack-ansible-openstack_hosts/+/878929

Change-Id: I6fbac1207f7c5932f7f4671fb50f3d8f5baf6cf2
2023-04-03 10:05:28 +02:00
Dmitriy Rabotyagov 449d19fd94 Limit usage of old OVS to Rocky only
As we've landed fix for CentOS to work properly with new OVS and
workarounded bug, we can now start using new OVS version for stream.

Exclude can be removed once issue will be sorted out for Rocky as well.

Depends-On: https://review.opendev.org/c/openstack/openstack-ansible-os_neutron/+/878911
Change-Id: I864cb07231ebf5c820c2ce3721323bebdc337e13
2023-03-29 18:54:01 +02:00
Dmitriy Rabotyagov 181036c13b Pin openvswitch package on RHEL to 2.17
OVS 3.1 was released by CentOS NFV SIG which is built against newer
rdma-core libraries leading to uninstallable openvswitch3.1 on
Rocky Linux due to missing libmlx5.so.1(MLX5_1.24).

While CentOS doesn't need this specific rollback, it will be easier to
fix gates this way.

Change-Id: I388c115d368c0c0638d1dd4f9f11f4448a13a6b1
2023-03-29 16:47:57 +00:00
Zuul ca1357f61e Merge "Add openstack_hosts_file tag" 2023-03-27 15:36:04 +00:00
Dmitriy Rabotyagov 150de8c27e Add openstack_hosts_file tag
This tag aimed to be used when a deployer only wants to refresh records
for their /etc/hosts file.

Change-Id: Ide65a7f362ee21fa07c729d04f592bf400bdc84e
2023-03-17 17:34:45 +01:00
Jonathan Rosser b55f56811f Add `acl` package to all hosts and containers
Ansible will use setfacl if it is present for managing tmp file
access on a remote node, if the executable is present - see [1].

This patch ensures that the acl package is installed on all hosts
and containers.

[1] https://docs.ansible.com/ansible/latest/playbook_guide/playbooks_privilege_escalation.html#risks-of-becoming-an-unprivileged-user

Change-Id: Ia76ebbafb0a7dfdc65364b4c374fc04cc05bfe7e
2023-03-16 20:44:09 +00:00
Dmitriy Rabotyagov 50f1a2842e Return centos jobs to voting
This partially reverts commit cfb9d1932c.

Change-Id: Icc44d08b57ad976429bced3ccc89027f36072764
Depends-On: https://review.opendev.org/c/openstack/openstack-ansible/+/872896
2023-02-09 18:32:18 +00:00
Dmitriy Rabotyagov cfb9d1932c Install curl by defining binary that is provided
Currently, curl conflicts with curl-minimal package on Rocky:
package curl-minimal-7.76.1-19.el9_1.1.x86_64 conflicts with curl
provided by curl-7.76.1-19.el9_1.1.x86_64

To avoid complex logic between curl/curl-minimal we just install
package by providing a path to the binary it should provide.

Based on the distro this will result in instalation of either
curl or curl-minimal.

We also disable rhel9 jobs to sort out circular dependnecy.

Change-Id: If0f08e98912f1f7d060e5b9a338062d3d8469f3a
2023-02-08 08:39:34 +00:00
Zuul 854397b5d0 Merge "Allow to manage extra services, mounts and networks" 2023-01-10 10:25:00 +00:00
Dmitriy Rabotyagov 95e6ca7705 Update tox.ini to work with 4.0
With tox release of 4.0, some parameters were deprecated and are ignored now
which causes tox failures. One of the most spread issues we have is using
`whitelist_externals` isntead of `allowlist_externals`


Change-Id: If97768b2420ae969369ea1642d5578f3ef6f7565
2022-12-27 17:53:15 +01:00
Dmitriy Rabotyagov 4d68d23f51 Allow to manage extra services, mounts and networks
We do mainatain set of systemd roles, that allow to easily provision
extra services, mounts or even networks and used quite widely across
roles. This way we can ease lives of deployers and need of maintaining
external playbooks and roles that will do basically same. Feature for a
way to create/manage internal networking was also asked for quite
a while amoung users. Systemd-service role can also be used to
define post/pre hooks for configured networks and systemd_mount
can be usefull to setup a shared filesystems for image or volume
conversion directories to avoid running out of diskspace on controllers.

Change-Id: Ia13f7747696db5b7b7640df7532c6d55627bdd01
2022-12-26 10:23:00 +00:00
OpenStack Release Bot 4d28a46f08 Update master for stable/zed
Add file to the reno documentation build to show release notes for
stable/zed.

Use pbr instruction to increment the minor version number
automatically so that master versions are higher than the versions on
stable/zed.

Sem-Ver: feature
Change-Id: Ief4ce78fc8c03bd2cc913cb06bc154cb6b41a774
2022-12-13 13:09:53 +00:00
Zuul a285682f5e Merge "Revert "Use pam_env for su commands on Centos-9"" 2022-11-29 20:07:38 +00:00
Zuul e3ed6f3e8d Merge "Cleanup CentOS 8 Stream support" 2022-11-09 11:02:38 +00:00
Dmitriy Rabotyagov 5936ae3f63 Cleanup CentOS 8 Stream support
Change-Id: I35a54c17d68027b9c291321834301ca7bb2fb3e7
2022-11-02 12:57:01 +01:00
Dmitriy Rabotyagov eb042cb2c3 Switch codename to Zed
Change-Id: I2a8a91aaa535044966619706734d3ad07714d671
2022-10-24 09:56:35 +02:00
Jonathan Rosser d0d7c8a16f Revert "Use pam_env for su commands on Centos-9"
This reverts commit cf358f169d.

Reason for revert: RHBA-2022:4082 has packages released which resolve the bug

Change-Id: Ic7135573bd16697d5fe289e9f3838843eb047cc8
2022-10-07 20:39:13 +01:00
Erik Berg caf936323f Remove redundant vars line
This line snuck in with If97b59759d8f89af371f8b0a4538402b1c3320c1
probably to bring it in line with other OSA roles, but should already
be covered by the distribution_major_version line above.

Change-Id: I6d48bf93be68d4fe89c9922c9b53beb6cea7ced5
2022-09-15 10:21:22 +02:00
Jean-Philippe Evrard 4d819ed0b6 Define coherent safe default for package state
Instead of overriding this value everywhere, it's easier to
define it from the start to the value we want. In this case,
we want to define it to "present", while still being
overridable.

Change-Id: I81e4fe25b2871600cac30476d021402deb359ae7
2022-08-11 14:49:57 +00:00
Dmitriy Rabotyagov f26fbe4c6a Allow to add extra records to /etc/hosts
Add variable, that would allow to provide extra records for /etc/hosts
file. That might be useful for ppl who still have not adopted proper
DNS or want to do DNS RR, but not for internal VIP and manage internal
VIP with /etc/hosts file, where each host group would resolve FQDN to
a local address.

Change-Id: I89f8cdebf9322c0451b5600b073c82b7773af164
2022-07-28 17:57:39 +02:00
Zuul 010b8377ed Merge "Add default apt config for ubuntu 22.04" 2022-06-02 15:35:39 +00:00
Jonathan Rosser e8ea5dd1d5 Add default apt config for ubuntu 22.04
The patch for this to the other operating systems landed before
support for ubuntu-22.04 was added to this role, so the var was
missing in the 22.04 specific vars file.

Change-Id: I3b497a65b65238ab005736376ca23d6dc0cb2f58
2022-06-02 11:02:09 +01:00
Dmitriy Rabotyagov eb329bfbb9 Switch sphinx language to en
With sphinx release of 5.0.0, they changed default for language variable
to 'en' from None. With that current None valuable is not valid and should
not be used.


Change-Id: Iba54e7d77b51e6c70c0d7a32a3b334807d255f7c
2022-05-30 16:01:18 +02:00
Jonathan Rosser c0d1978ee9 Fix pam_env config for debian
Debian requires a different fix for pam_env config than centos-9,
and this was broken in [1]. Return the original task to adjust pam
config on debian.

[1] Ibe4ab810ba48c9735af187d39fc34a7451c12d8a

Change-Id: Ib287ac4805aac8be8b71537e9c52f0c7e57fb8d4
2022-05-26 12:09:04 +01:00
Zuul f2ac55d454 Merge "Add passwd for rhel8." 2022-05-26 10:16:55 +00:00
Jonathan Rosser cf358f169d Use pam_env for su commands on Centos-9
See https://access.redhat.com/errata/RHBA-2022:4082

Change-Id: Ibe4ab810ba48c9735af187d39fc34a7451c12d8a
2022-05-23 16:15:22 +01:00
Marc Gariepy 57fa3c4ab3 Add passwd for rhel8.
Add passwd to fix rocky8 tests.

Depends-On: https://review.opendev.org/c/openstack/openstack-ansible-lxc_hosts/+/842086
Change-Id: I7734fae9b434e5bf6ff5a72e5bac248d4baa2800
2022-05-17 14:59:11 +00:00
Zuul ff61081089 Merge "Do not install UCA repository for ubuntu 22.04" 2022-04-28 08:35:15 +00:00
Zuul 3b53f191fc Merge "Add nova dependency repo for distro install" 2022-04-27 19:20:33 +00:00
Jonathan Rosser 5a352aaee6 Do not install UCA repository for ubuntu 22.04
This repository does not yet exist for the latest ubuntu release.

Depends-On: https://review.opendev.org/c/openstack/openstack-ansible/+/838762
Change-Id: I0abcce4c31d16b55fc1b8dcd70c9d137e273498a
2022-04-27 10:38:56 +00:00
Dmitriy Rabotyagov c4405603be Add default package manager config
We already have extra config for package manager. With this patch we
extend existing functionality by adding optional default value, that
will be concatinated with extra config.
Deployers are able to set default config to empty string if want to
disable that behaviour.

Change-Id: Ifa40a5296969088fd8f2d07968a8d94e3bc5b2c5
2022-04-21 14:08:38 +00:00
Jonathan Rosser 2fa0318c73 Prevent ceph packages installing from ubuntu-cloud-archive
This patch adds a new variable `openstack_hosts_apt_pinned_packages`
which defaults to pinning ceph packages from the UCA repository to
a lower priority than the equivalent packages from the main ubuntu
repository.

Without this change, installing lxc-templates will pull packages from
the Quincy release of Ceph via Yoga UCA, and this is ahead of the
Pacific version expected by the ceph_client and ceph-ansible code.

This change improves consistency of the ceph packages installed across
the deployment and does not allow very new packages in UCA to later
cause a package downgrade failure when the ceph_client/ceph-ansible
attempts to install the well-defined version of ceph required by
openstack-ansible.

Depends-On: https://review.opendev.org/c/openstack/openstack-ansible/+/838762
Change-Id: Ia19ba6bae3e95ceb2e517039fbbfb9346e014961
2022-04-21 12:54:36 +00:00