* Update openstack-ansible from branch 'master'
to 506d3bae4952cb998fa3f70f356f8002c171f17a
- Merge "[Feature] Add skyline deployment capability"
- [Feature] Add skyline deployment capability
This change adds Skyline deployment options to OSA.
New files have been added / integrated into the normal deployment
process to support the use of skyline.
Co-Authored-By: Jonathan Rosser <jonathan.rosser@rd.bbc.co.uk>
Signed-off-by: Kevin Carter <kevin@cloudnull.com>
Needed-By: https://review.opendev.org/c/openstack/openstack-ansible-os_skyline/+/912333
Depends-On: https://review.opendev.org/c/openstack/openstack-ansible-os_skyline/+/914439
Change-Id: Ia5c8c60fb152e3eb27e2719f6d7032ca62690601
* Update openstack-ansible from branch 'master'
to 5cf750c9dc2a0823118f04fdb1de50441894873a
- Merge "Use container setup role from plugins repo"
- Use container setup role from plugins repo
This patch converts the container setup from a task include
to a role in the plugins repo so that the container setup
code can be re-used when extending openstack-ansible through
further use of ansible collections.
Depends-On: https://review.opendev.org/c/openstack/openstack-ansible-plugins/+/900529
Change-Id: Idc8ece17ca334a6b46fa18446218a38b2c85c32b
* Update openstack-ansible from branch 'master'
to f4bf8419e8ffdc29d8e038d8a5d785ec2b27038f
- Merge "Fix inventory defenition for Cloudkitty"
- Fix inventory defenition for Cloudkitty
At the moment Cloudkitty is targeted at all LXC hosts along with containers
which is not needed nor intended.
Unfortunatelly there's no really good compatible fix exist, so action from operator is required to handle transition to new naming for
the service.
Change-Id: I9360495e3b3347568969e36e0e96bb1325efd59f
* Update openstack-ansible from branch 'master'
to da13b8a11d3c7dd459ac259d0ae82a6886891352
- Merge "Define haproxy fact gathering vars at group rather than task level"
- Define haproxy fact gathering vars at group rather than task level
Task vars are higher precedence than inventory group vars so
cannot be overidden except in user_variables (ansible extra vars)
which then become a global setting, which is almost certainly
incorrect for this case.
Change-Id: Ie43e339df50adbe8240ffe43159c28f132e50000
* Update openstack-ansible from branch 'master'
to 2b88403afd375abac6a3598967e157e62137d403
- Merge "Apply ironic virt_type only for ironic_compute group"
- Apply ironic virt_type only for ironic_compute group
With current inventory state, ironic_compute group is not the same as
ironic-compute_hosts, since latter does also include hosts, on which
ironic_compute LXC container resides in LXC scenario.
For example in AIO LXC, 'ironic-compute_hosts' includes aio1, while
ironic_compute - aio1_ironic_compute_container-5fd060b3.
This results in setting `nova_virt_type` for proper nova-compute, that
resides on AIO breaking it.
Change-Id: I47b2e9af86b5dceafe68c7e56e149a8b34c30439
* Update openstack-ansible from branch 'master'
to 3e2d7afa05013ce48582cabfd18b617c0c89e64a
- Remove Jinja from conditions
Due to CVE-2023-5764 conditional statements should not include
jinja2 templating anymore and result in warnings/failures
This patch replaces Jinja tags with slightly different format that leads to the
same result/logic.
Change-Id: I049ac770b32152866194190e54f5947fe7589b39
* Update openstack-ansible from branch 'master'
to 30879b1e64c7489efc0384f95dba93b29574a693
- Merge "Add check_hostname option to db healthcheck tasks"
- Add check_hostname option to db healthcheck tasks
To allow encrypting connections of db healthcheck tasks, include the
check_hostname option to verify a server host name when an SSL
connection is required.
Also enable galera_require_secure_transport during TLS test jobs.
Change-Id: I23d839e75b202d0400aeefe6e98c429e16ecd37e
* Update openstack-ansible from branch 'master'
to 49b8eed1b415e8b2d87423ed4f20f8979c6784e4
- Merge "Upgrade Gnocchi to 4.6"
- Upgrade Gnocchi to 4.6
It is not possible to install Gnocchi 4.5 with 2024.1 due to conflicting
dependency of pyparsing. It is fixed in 4.6 with [1]
[1] a565df6923
Change-Id: I056a4a382abffc2d2b70a0cead787f22dd737fdc
* Update openstack-ansible from branch 'master'
to 52e02439ca12b338b2a45d431947188c0f7fc453
- Fix physical network mapping for linuxbridge
The same physical network label cannot be used more than once with
Linuxbridge.
This patch standardises the label physnet1 for the flat public network
and instead uses physnet2 for the vlan project networks for
Linuxbridge.
Change-Id: Ie42b995c93e081d484fc177fb665802950335c50
* Update openstack-ansible from branch 'master'
to 671ed19c3fbea3f62fca542377d06f076d91521a
- Remove obsolete nova_force_config_drive variable from docs
The nova_force_config_drive variable was removed several releases ago.
Update the docs to only mention using nova_nova_conf_overrides to
disable the config drive.
Change-Id: I1565e1e6e7b8fe12a6b70f09947c48cc893d3ef5
* Update openstack-ansible from branch 'master'
to 15fecdd42b272c137c6c04952382135762f775cc
- Merge "Allow env.d to contain underscores in physical_skel"
- Allow env.d to contain underscores in physical_skel
At the moment our dynamic_inventory does have assumption that group names
defined in env.d will not contain underscores, except when it's ending
with `_hosts` or `_containers` since inventory script uses split on `_` and taking
the last argument. So in cases when underscore was used elsewhere in the
group name it will result in unexpected behaviour.
Instead of this approach we now use regexp which replaces the last octet separated with underscore with intended suffix to preserve
rest behaviour.
Change-Id: Id9ba56292972b8b52b4786c78684f2d6f289d88a
* Update openstack-ansible from branch 'master'
to e64daca9ce1fbd468baeb4907b898434b31ede3e
- Merge "Do not use underscores in container names"
- Do not use underscores in container names
According to RFC1034 [1], underscores are not legitimate symbols for
hostnames. We have a naming convention that historically uses underscores
in names of containers which leads to a complications in some cases/logic
Moreover, container actual hostnames are always different from their
inventory_hostnames, which might break some logic of external dependencies.
To change this historical issue, all new containers will have different
naming convention, where only dash will be used as a separator.
This will not touch already existing in inventory containers and they will
preserve their names for the time being.
[1] http://www.faqs.org/rfcs/rfc1034.html
Change-Id: Iedebf9935059ecfe8370f2a84ad52516cc93320e
* Update openstack-ansible from branch 'master'
to 500d4c3ce4775c0ea23c998076f712d3330724fa
- Merge "Always use physnet1 as external network name in AIO and examples"
- Always use physnet1 as external network name in AIO and examples
Previously this was either 'vlan' or 'flat' depending on the external
network type, and there were also cases when the name and type were
mismatched - particularly when the flat network was untagged traffic
on a vlan bridge.
This patch removes that confusion and always names the external
network 'physnet1' to align with the upstream neutron examples.
Change-Id: I3cd8b93b42777b787552051bcdc9a90347f1e03d
* Update openstack-ansible from branch 'master'
to 55574b4a87f0de437f423375659adf572e09357a
- Merge "Determine if upgrade source branch is stable/ or unmaintained/"
- Determine if upgrade source branch is stable/ or unmaintained/
Branch renaming to unmaintanted/ breaks the gate-check-commit
script when it sets the source branch for an upgrade job.
This patch determines the source branch prefix dynamically in
an attempt to make upgrade jobs still work from branches marked
as unmaintained under wider OpenStack policy.
Change-Id: I9662156fe0e9463e54ccc5c6ede0624a85887ebe
* Update openstack-ansible from branch 'master'
to 91051b08b2e97a2b559c15837eee3fbd3059d49b
- Enable image rotation for Magnum
In case, when there's more then 1 image with name `fedora-coreos-latest`
Magnum fails to resolve it's uuid and fails to create a template from such
image.
In order to prevent this happening, we do enable image rotation in CI
to fix upgrade jobs.
Changing visability to `community` does hide the image from non-owner
unless explicitly asked for listing community images.
Change-Id: I1d5f02824e0c0fed820ee0808127efccad1017cf
* Update openstack-ansible from branch 'master'
to f73cf9a0a94b2efe858bf8aff7fc112dfc62a72b
- reno: Update master for unmaintained/yoga
Update the yoga release notes configuration to build from
unmaintained/yoga.
This also workaround the issue with Zed not being able to
find out where it's changes started by defining
proper regexp for `closed_branch_tag_re`
Presumably, default for reno should be adjusted to avoid this
config override, ie with [1]
[1] https://review.opendev.org/c/openstack/reno/+/910547
Change-Id: I9ff589583e7e53941c81c52e7ca5dae77c5de1d9
* Update openstack-ansible from branch 'master'
to 022c9c4c22adc3d6f088f52c34d5f2d455459722
- Merge "Treat dashes/underscores as interchangeable symbols for container names"
- Treat dashes/underscores as interchangeable symbols for container names
This patch aims to treat dashes and underscores equally in the existing
inventory.
In case a host already exists in the inventory, but has different separators,
treat underscore and dash symbol as interchangeable.
This is needed for futher coversion of container names to spearated with only dashes,
while not adding new records to the inventory
Change-Id: I63cd14c3353d7a9d7ea4d96155be26697ee4fa40
* Update openstack-ansible from branch 'master'
to 9cd05a5f5b206bbefd6d729518c98390c6498661
- [doc] Use bootstrap node override for gluster primary upgrade
Overriding the bootstrap host is necessary to establish the
original gluster primary as a member of an existing cluster.
Depends-On: https://review.opendev.org/c/openstack/openstack-ansible-plugins/+/908981
Change-Id: I29dacded7220dce796429c36cb082f37c5278031
* Update openstack-ansible from branch 'master'
to fca293037e1df70a0a539f18d9bfe0401d83ca11
- Merge "Allow virtualisation type to be defined in a test scenario"
- Allow virtualisation type to be defined in a test scenario
Change-Id: I6d3055139bc6482c6d7fe28dea9b5b5ead500a5c
* Update openstack-ansible from branch 'master'
to f58c0dd1c68224777b3f7a089de29769d017def7
- Merge "Remove unused variable"
- Remove unused variable
This variable is not defined anywhere in openstack-ansible or
its roles
Change-Id: I3e511612433c5819d8df0a3d93dce9ae9d71a625
* Update openstack-ansible from branch 'master'
to 077ff384e32ff78163c840822ecd133285fd8660
- Merge "Fix formatting issue for SPICE HAProxy httpcheck"
- Fix formatting issue for SPICE HAProxy httpcheck
Due to the issue in formatting healthcheck address was merged with meth
which resulted in invalid haproxy configuration, when SPICE is being used
as a console.
Closes-Bug: #2052891
Change-Id: I38b2ff6887382164e4b28852274ec6dfee4d7d78
* Update openstack-ansible from branch 'master'
to 2c19da0d8bca257e8121501e03c772211ca1e528
- Merge "Remove galera_client from required projects"
- Remove galera_client from required projects
Repository has been deprecated a while ago, so should not be fetched
anymore.
Change-Id: I268603d3466af05ba2fb8938d2b79180fedf520f
* Update openstack-ansible from branch 'master'
to a357f59c39c936c5df8ae120377856cfdc4f39b8
- Merge "[doc] Slighly simplify primary node redeployment"
- [doc] Slighly simplify primary node redeployment
There is actually no need in extra manual actions for primary node, except
override what primary node actually is.
Change-Id: Ibaba5f28551e98c805c988ab52b33c5eb1b98e86
* Update openstack-ansible from branch 'master'
to 08062730ef3f077f5321f2396dbf021f3358ea2d
- Merge "[doc] Remove guidance to drain RMQ which can result in failures"
- [doc] Remove guidance to drain RMQ which can result in failures
oslo_messaging isn't set up to handle this situation and appears
to expect the node to come back (as would happen during a version
upgrade). As a result, client processes don't attempt to re-create
queues which lived on the node being upgraded. This situation
doesn't auto-recover which can be very disruptive.
Change-Id: I608202d665417682ce7309bb9bf4b52a2cf4373e
* Update openstack-ansible from branch 'master'
to e4eabf0b76e7731d25bd46c1efa10f7383cb171b
- Merge "Add SLURP upgrade jobs"
- Add SLURP upgrade jobs
Since we're to support 2023.1 -> 2024.1 upgrades, it would be good
to add CI testing as well.
Change-Id: I106d86c702300673a142e15bbeead0642287474d
* Update openstack-ansible from branch 'master'
to 5767d4cb6f090d0f8508d19426fe0659f70a3235
- Merge "Extra PIP_OPTS in bootstrap_ansible script must be space separated"
- Extra PIP_OPTS in bootstrap_ansible script must be space separated
Currently PIP_OPTS concatenate with no spaces and result in an
invalid set of command line options for pip.
Change-Id: I07b88856d8c1c30843eed1f991d475b431d0486f
* Update openstack-ansible from branch 'master'
to b53af87c956762a61e684ed3775950106965a7d0
- Merge "Add user defined hooks that can run extra playbooks"
- Add user defined hooks that can run extra playbooks
This patch adds variables which when can be used to extend
openstack ansible by calling additional user defined playbooks
at the start and end of the main setup-* playbooks.
Change-Id: Ic55dd6447f603d91beaeea28beb04e4c1393d6af
* Update openstack-ansible from branch 'master'
to 08aa54330d4c2dcad1ce8b5077d404485715340c
- Merge "Allow zuul pre playbook bootstrap to be skipped"
- Allow zuul pre playbook bootstrap to be skipped
This is needed if a child job in an openstack-ansible role repo
needs to do some configuration before bootstrap-ansible is run.
An example might be configuring extra roles, collections or
pythin modules to be installed during bootstrap.
Change-Id: I463cf5df7c2aa4e2cdf399efaeb17df980d29edc
* Update openstack-ansible from branch 'master'
to d1d2aa00f29c7a0de728bd377b891e1a35e78d8a
- Remove distro_ceph template from project defenition
We never had a template for distro_ceph jobs, so it's resulting in zuul
configuration errors for all our stable branches.
Change-Id: Ied048e041abc5563d01cd58f57c1a4b685de0586
* Update openstack-ansible from branch 'master'
to 8bb70919586851a3444a079ab4597f3d72b8be55
- Merge "[doc] Update documentation for galera cluster recovery"
- [doc] Update documentation for galera cluster recovery
Prior doc was misleading on a way how to re-bootstrap galera cluster.
It's now updated with relevant iinformation, that should trigger bootstrap
and rolling restart of the cluster.
Closes-Bug: #1927148
Change-Id: I0aee053cc6fcd6c8eb2261c20dba4e338ff61735
* Update openstack-ansible from branch 'master'
to 55e9baecac9def6d3dc8d9232a6f79307d3c1754
- Merge "Add openstack-resources playbook"
- Add openstack-resources playbook
This aims to add a user-facing interface to interact with
openstack_resources role.
Change-Id: I1c2688f469cfaef02e6e925fa7a99573f61efbd6
* Update openstack-ansible from branch 'master'
to f62e0cba130fdb40e3bed1e5e3481fa4113ec5b0
- Merge "Adopt magnum test variables for openstack_resources"
- Adopt magnum test variables for openstack_resources
Change-Id: Icb26aa7c61b2f3539705261b7530491eac2f0edb
* Update openstack-ansible from branch 'master'
to 2ab8d9c5ce83ea230af4a432b5d8f062a617272d
- [doc] Reffer need of haproxy backend configuration in upgrade guide
Sicne 2023.1 we have started configuring haproxy backends per service
during specific playbook runtime. While it works in general, it requires
some extra steps to be run for upgrades to avoid race conditions,
when keepalived selects host as active that does not have any
backends configured.
To avoid this we suggest running haproxy with skipping keepalived
installation and proceed with backends configuration.
Change-Id: I37d9b25ae996bc66f69a7aad7a0ba13c32abc929
* Update openstack-ansible from branch 'master'
to 3f9923adac5f7c8238f5fa79497348fbd59cdf1c
- Merge "Update ansible collections."
- Update ansible collections.
Only community.general to bump at this time.
Change-Id: Ia286807f610a1be5ab0ebf344453b880a9904357
* Update openstack-ansible from branch 'master'
to 87eb24c4e0c8b9119526087ee98a06c7f678251f
- Merge "Add support for extra Python packages inside Ansible runtime"
- Add support for extra Python packages inside Ansible runtime
At the moment there is no well defined way to supply list of extra Python
requirements for Ansible venv. However, some collections for their work might
require presence of extra libraries inside the execution environment.
While PIP_OPTS might be used right for that, it's usage is not transparent
or documented.
In order to handle such need, `user-ansible-venv-requirements.txt ` is being implemented
that reside inside OSA_CONFIG_DIR and contains list of required packages
for installation when running bootstrap-ansible.sh
Change-Id: Ic99f7eff200e2e672dcc3edd875b155af84232b7
* Update openstack-ansible from branch 'master'
to ae6e59d1e5318cd909771b9bb3a198d321e6a03b
- Merge "Ensure tempest include and exclude lists all use unique names"
- Ensure tempest include and exclude lists all use unique names
When deploying a complex AIO with several services enabled, currently
duplicate definitions are made for the tempest test include and
exclude lists. It is down to ansible variable precedence to
determine which one is actually used.
This patch uses the changes made in [1] to allow tempest include and
exlude lists to be defined in many variables and aggregated at the
point the config files for tempest are written.
[1] https://review.opendev.org/c/openstack/openstack-ansible-os_tempest/+/891579
Change-Id: If047578c283e85b38e73a5f117289f42150f3daf
* Update openstack-ansible from branch 'master'
to 777019a386f25fab83777153ec93993b25f8f937
- Merge "Modify RGW client format"
- Modify RGW client format
With changes to config_template module that restored usage of {% raw %} tags [1]
renderring of mapping keys, if they're defined as variables, was broken.
Ansible, by design [2], does not render mapping keys. Moreover, it was not
working as intended anyway, since renderring happened in post-copy stage
so same records were not merged together, which resulted in #1812245
As such behaviour is expected by Ansible design, instead of adding some
workaround in config_template module, I suggest working around issue
by defining troublesome mapping with Jinja, that will allow it to render properly.
[1] https://review.opendev.org/c/openstack/ansible-config_template/+/881887
[2] https://github.com/ansible/ansible/issues/17324#issuecomment-685102595
Closes-Bug: #2048036
Related-Bug: #1812245
Change-Id: I8a32736239c6326d817c620451799c13d5d8938c
* Update openstack-ansible from branch 'master'
to c3142a91a397d039b44fc02fbae3d364075cdc47
- Merge "Ensure disable/enable haproxy backends exists for all services"
- Ensure disable/enable haproxy backends exists for all services
Right now we ensure that services are enabled/disabled while running
playbooks only for core services. At the same time some services still do
not have this mechanism, that might result in unexpected outages.
So we ensure that all service playbooks will behave in the same way and
disable backends in advance before playbook will do any modifications.
With that, setting variable `haproxy_drain: true` will ensure that moving
backend to the MAINT state will be graceful and all current connections
will close normally unless a timeout is reached, which is 2 min by default.
Closes-Bug: #2047017
Change-Id: I8554defec4df54d14be72ae9a1560907ff1aaddf