At the moment Cloudkitty is targeted at all LXC hosts along with containers
which is not needed nor intended.
Unfortunatelly there's no really good compatible fix exist, so action from operator is required to handle transition to new naming for
the service.
Change-Id: I9360495e3b3347568969e36e0e96bb1325efd59f
To allow encrypting connections of db healthcheck tasks, include the
check_hostname option to verify a server host name when an SSL
connection is required.
Also enable galera_require_secure_transport during TLS test jobs.
Change-Id: I23d839e75b202d0400aeefe6e98c429e16ecd37e
In case, when there's more then 1 image with name `fedora-coreos-latest`
Magnum fails to resolve it's uuid and fails to create a template from such
image.
In order to prevent this happening, we do enable image rotation in CI
to fix upgrade jobs.
Changing visability to `community` does hide the image from non-owner
unless explicitly asked for listing community images.
Change-Id: I1d5f02824e0c0fed820ee0808127efccad1017cf
Previously this was either 'vlan' or 'flat' depending on the external
network type, and there were also cases when the name and type were
mismatched - particularly when the flat network was untagged traffic
on a vlan bridge.
This patch removes that confusion and always names the external
network 'physnet1' to align with the upstream neutron examples.
Change-Id: I3cd8b93b42777b787552051bcdc9a90347f1e03d
When deploying a complex AIO with several services enabled, currently
duplicate definitions are made for the tempest test include and
exclude lists. It is down to ansible variable precedence to
determine which one is actually used.
This patch uses the changes made in [1] to allow tempest include and
exlude lists to be defined in many variables and aggregated at the
point the config files for tempest are written.
[1] https://review.opendev.org/c/openstack/openstack-ansible-os_tempest/+/891579
Change-Id: If047578c283e85b38e73a5f117289f42150f3daf
Due to the bug in Ansible [1] it does not resolve requirement of /usr/bin/curl
properly, always trying to install `curl-minimal`, which would fail on systems with
already installed `curl`.
Since `curl` presence is essential for DNF, we should be able to skip installation
of curl to EL systems, as they are all shipped with it as of today.
[1] https://github.com/ansible/ansible/issues/82461
Closes-Bug: #2046172
Change-Id: I65d3fa2e3d6d38f0a51ce1f402ac25d976b67b89
The code in this playbook assumes that the path to a partition is just
the partition number appended to the disk path. However when working
with NVMe disks, the partition will actually be "pN" where N is the
partition number and p is the literal character. To attempt to be
agnostic use lsblk to show all the partitions on the disk, since it was
just reformatted and only has the partitions this playbook creates. This
is then stored in a new temporary fact that can be used throughout the
rest of the playbook.
Change-Id: I661696c275fbc2e91d049303f5498ff8d401fc83
During PTG we agreed to disable quorum queues by default during this
cycle and wait for improvements proposed as part of [1] before enabling
it by default.
This also adds a separate job that will test scenario with enabled quorum
queues.
[1] https://review.opendev.org/q/topic:bug-2031497
Change-Id: I0807cc1ed991fd85f9f74d4a360d3fd23cde227c
The disk check for AIO deployments using BTRFS was breaking due to
a change in the command line utility output. This change updates
the commands we use to ensure that the output is usable.
Change-Id: I548ad1a4a0ee7527f7b5fcd871ed55c9bc5ce6e7
Signed-off-by: Kevin Carter <kevin.carter@rackspace.com>
Building wheels takes quite some resources and time in CI without
giving much benefit on metal runs, because requirements for wheels
build could be provided by other role while build would fail in LXC
jobs.
So in order to reduce load on CI and speedup tests we disable wheels
build for metal AIO deployments.
Change-Id: I98abd19d9ecd62bde9df088219308a5f4d4cc950
This is not dependant on if we are running a regular or an upgrade
job. Move the code to a more logical location.
Change-Id: Ibdb29a679504ce30bcdc7591b8e68c054dbea580
Enabling a complex AIO scenario will result in many definitions
of tempest_tempest_conf_overrides and only one will actually be applied
in accordance with ansible variable precedence.
This patch allows the final content passed to tempest to be
composed from many variables simultaneously.
Depends-On: https://review.opendev.org/c/openstack/openstack-ansible-os_tempest/+/894757
Change-Id: I9095e61d80ed51f1c60e8838d376c9cded6adbe6
At the moment we experience DISK_FULL issue in CI for upgrade
jobs on Rocky. This happens as our log files are more then
available per-job limit, which is capped at 5Gb. In order
to see what fills up the diskspace and reduce overall disk consumption,
we apply rate limiting and define maximum size of files as well as
total diskspace that can be consumed by logs not to exceed that limit.
Depends-On: https://review.opendev.org/c/openstack/openstack-ansible-openstack_hosts/+/892151
Change-Id: I960a4377f6cfc6977a4d0df0e53744cdfb539b1e
The os_tempest role determines which components are installed
internally and enables the necessary plugins. Overriding
tempest_plugins in user_variables for AIO scenarios prevents
the correct set of plugins being loaded for more complex
tests involving multiple openstack components.
Change-Id: I775ee16e1fd28e23d6f8695e4ac4f21912903356
Bootstrap-host role has some tags defined but running only specific
set of tags is not possible.
In this case, gather_nodepool_vars.yml should be always executed because
it defines `nodepool_dir` variable that is later used by the
`user_variables.aio.yml.j2` template.
Change-Id: I8ae0a256d9f6138f5764b2f69d1e767af538a429
When bootstrap-host role is reexecuted, user_secrets.yml is overriden.
It may lead to unexpeted behaviors. This task should not override
user_secrets.yml if this file already exists.
Change-Id: I140b1675526e0d3fbf206d09bcda768206918c1e
In cases when SSH and mgmt networks are different, it might be important
to have valid management_address that services are relying on when
listening on interfaces. At the moment for bare metal hosts
management_address will be equal to ansible_host which leads to
unpredictable behaviour under some scenarios. With management_ip we allow
to define another IP address that will be used as container/management
address for bare metal host, while `ip` will still represent
ansible_host.
Related-Bug: #2002645
Change-Id: I3152ae7985319e85b9ea520021f9eea6f5850341
This patch aims to reduce confusion caused by a variable
`container_address` that's applicable for bare metal hosts. With that
it renames `is_container_address` to `is_management_address`
to be aligned with the purpose of the variable, as `container` part
raised confusion.
Change-Id: I314224f3376cf91e05680b11d225fdaf81ec32ab