* Update openstack-ansible-lxc_container_create from branch 'master'
to 51ce76824302b1397231c5c4851da39dbde41162
- Merge "Allow LXC container auto mounts to be customised"
- Allow LXC container auto mounts to be customised
The list of auto mounts is currently hardcoded so there is
no opportunity to adjust the mounts or change the permissions
if necessary.
This patch converts the mounts to a list which can be overridden
as required via host or group vars.
The auto mount configuration is assumed to only be present once
in the LXC config file and any existing statements are replaced.
Change-Id: I62deed28287dae8b289bf882ca0b1a24b207c92d
* Update openstack-ansible-lxc_container_create from branch 'master'
to 0b897c1eb03a62ec39b9c8ac15391bd5e4e8968b
- Use FQCN for lxc_container module
This is currently using a redirect from ansible.builtin.lxc_container
to community.general.lxc_container, so be explicit about which
module we are using.
Change-Id: I9cdde57a10c7249687ee47fe91a3e84160b46ce1
* Update openstack-ansible-lxc_container_create from branch 'master'
to 3cdcb1115fef74951a0471f0c59dfd7bcfdab0d3
- Fix linters issue and metadata
With update of ansible-lint to version >=6.0.0 a lot of new
linters were added, that enabled by default. In order to comply
with linter rules we're applying changes to the role.
With that we also update metdata to reflect current state.
Change-Id: I6a9986cd948dbeaf2847ea4dd04deed974f80d20
* Update openstack-ansible-lxc_container_create from branch 'master'
to d2a3a22a58d1539eb466824a3a301fb78470cd2c
- Properly render sysctl-container
Inside jinja block variables should not be inside start/end block.
This used to work due to the workaround placed in config_template
that was removed within [1]. So we fix our usage of jinja to make
variable resolved properly.
[1] https://review.opendev.org/c/openstack/ansible-config_template/+/881887
Change-Id: I1c3178e5694b08ace9364f6da397837049ca2d49
* Update openstack-ansible-lxc_container_create from branch 'master'
to 4903bac1f7788a159fe1a48a1a9b7860902e7275
- Merge "Add bridge_type to lxc_container_networks"
- Add bridge_type to lxc_container_networks
In order to generate proper config for containers, we should respect
bridge type and bridge name that are defined in lxc_hosts role.
Depends-On: https://review.opendev.org/c/openstack/openstack-ansible-lxc_hosts/+/868603
Change-Id: Ifcc2f38459877b9760697efac5c23b2ff9adf53b
* Update openstack-ansible-lxc_container_create from branch 'master'
to e09707752955d17a00b3b22f920a78a2c2069276
- Update tox.ini to work with 4.0
With tox release of 4.0, some parameters were deprecated and are ignored now
which causes tox failures. One of the most spread issues we have is using
`whitelist_externals` isntead of `allowlist_externals`
Change-Id: I2c6fc60cda0151fc6cd23951c4c976b9cef6a543
* Update openstack-ansible-lxc_container_create from branch 'master'
to 4c6c0225cd210d741bf2392ab0359ef992bdb104
- Update master for stable/zed
Add file to the reno documentation build to show release notes for
stable/zed.
Use pbr instruction to increment the minor version number
automatically so that master versions are higher than the versions on
stable/zed.
Sem-Ver: feature
Change-Id: I52a2ac12df98edbeba79eb1c39f23bf1b113255b
* Update openstack-ansible-lxc_container_create from branch 'master'
to 5af3d0c20046e98f50fd2e935ef04cca541e9fbc
- Replace systemd_service templates with role
For consistency reasons we try to leverage our systemd_service role as
much as we can. Instead of maintaining separate systemd unit templates
the role can be leveraged for same purposes and reduce complexity in
this role.
Depends-On: https://review.opendev.org/c/openstack/openstack-ansible/+/865952
Change-Id: I59e6504240eafdb5f0d010ff8a051078e25b1281
* Update openstack-ansible-lxc_container_create from branch 'master'
to 517b75ac615d7a1bf9968853188f308193da7117
- Replace usage of networkd template with role
For consistency reasons instead of placing a template for
systemd-networkd we better use systemd_networkd role that is present
for a while.
Change-Id: I1e9deaa2892a8fa7eb171acaf75441d7efeac297
* Update openstack-ansible-lxc_container_create from branch 'master'
to 0b7a8645de235f9fd1d06a059bf767f8cd618ee3
- Add ovs support for lxc containers.
The main problem this commit is resolving is that with openvswitch,
the ports were not get cleaned up, and after restart (hard restart or even with soft restart
lxc.service gets time-out) containers couldn't start properly, due to existing port on the bridges.
Change-Id: I707dbfc6878095f7593abe3fca3a5e5b310063e5
Depends-On: https://review.opendev.org/c/openstack/openstack-ansible/+/837742
* Update openstack-ansible-lxc_container_create from branch 'master'
to 37422a7e3dbfff32a1e18c69ca288e593c620727
- Switch sphinx language to en
With sphinx release of 5.0.0, they changed default for language variable
to 'en' from None. With that current None valuable is not valid and should
not be used.
Change-Id: I3f0403e3d74f105ea567ee411349791eae3a470c
* Update openstack-ansible-lxc_container_create from branch 'master'
to 75483317e427b7ecf261a0feb841ebbfde8a47ae
- Merge "Unify variables for all operating systems."
- Unify variables for all operating systems.
Refactoring of the lxc_hosts role means that there is no need for
differences in variables between operating systems.
This patch makes the ubuntu focal CI jobs non voting as it must
merge at the same time as a corresponding patch to lxc_hosts.
Change-Id: I29e91320baebb9a3a649533a0e1d3a433dd04ad9
* Update openstack-ansible-lxc_container_create from branch 'master'
to 9a0dbf05f3e54295b7d80b3cb1551d53ed3d612b
- Wait for 2s after restarting systemd-networkd
Systemd has a limit of 5 service restart in 10 seconds. If a service is
restarted more often it fails. The lxc-vet-wiring.sh script can trigger
this if more than 5 interfaces are configured in a container. To avoid
this failure wait for 2s after each service restart.
Change-Id: I4ca394314b1fa9c5f3ac5918e98a497ca5b55471
* Update openstack-ansible-lxc_container_create from branch 'master'
to 105d467a3b8ca2972554b87d5e443c4b1ee60c63
- Allow redhat.yml to support any distribution and major release
Change-Id: If230992ba779bc8fffb953c4dd56bca9b4edc247
* Update openstack-ansible-lxc_container_create from branch 'master'
to e9a70f37894fb3ddc11e761536a71238b8fcc09d
- Merge "Drop plugins from role requirements"
- Drop plugins from role requirements
Change-Id: I055ec8c40ede15ee0b0e3534550e4c166106eadc
* Update openstack-ansible-lxc_container_create from branch 'master'
to e8d4dfb51e4a7c5ece23d9af95f7563e37486147
- Merge "Use only supported functional jobs"
- Use only supported functional jobs
This drops jobs for unsupported Ubuntu Bionic and CentOS 8
Change-Id: I844713dc00fc6cfb073776069226e3625ca6f570
* Update openstack-ansible-lxc_container_create from branch 'master'
to aaee5637e2bb96f3d9a054e4d44bd23c677d16bc
- Add pki role to local a-r-r
Change-Id: I09ef161ef8cf0bee8159f7ae3ee1115bb296e802
* Update openstack-ansible-lxc_container_create from branch 'master'
to e3a82d3a884b262d196e8288787bd34814fafd06
- Merge "Add upgrade jobs"
- Add upgrade jobs
With previous commit we accidentally removed upgrade jobs, since
they're not explicitly included into deploy template
Change-Id: I5a0d18744d0f9102fb4f8866043bcd8e2d4cc0d8
* Update openstack-ansible-lxc_container_create from branch 'master'
to 5d2072f79e07d5552ab0dd8be161faa34799c55e
- Merge "Add Debian Bullseye support"
- Add Debian Bullseye support
Switching to proc:mixed improves container isolation and is not required
for Bullseye.
But cgroup:mixed is required for container to start, as it provides
ability for the container to manage own cgroups (but not parents).
Change-Id: Ifce5b9673319d077e57cdf8a28b182b57b7d4507
* Update openstack-ansible-lxc_container_create from branch 'master'
to 10ef365507757b22072d385a555dfe3f6dcb3f7a
- Replace linters test with integarted one
We've created integrated linters check job a while back and it's successfully
working for several releases. At the moment we experience difficulties
with future maintenance of the linters check from the openstack-ansible-tests
repo. So instead of fixing current one, we replace it with modern version of
the test.
We also replace regular functional tests with integrated scenario.
Change-Id: I4638a72507642a4a70aa09a9c9243c16d2bba376
* Update openstack-ansible-lxc_container_create from branch 'master'
to 8c6c6caa0406e32166570628783222c876260cf2
- Do not create extras in /openstack/{{ inventory_hostname }}
Directory /openstack/{{ inventory_hostname }} can be bind mounted
inside container. So we should keep it clean without any third party
scripts.
Change-Id: I79a55cad21333553bd4f59ffb145faf96c283c9e
* Update openstack-ansible-lxc_container_create from branch 'master'
to 8e35c2fdb7ae01cbcb6942ed7c72434c3ee3664e
- Merge "Remove references to unsupported operating systems"
- Remove references to unsupported operating systems
All references to Gentoo, SUSE, Debian stretch and Centos-7 are removed.
Conditional tasks, ternary operators and variables are simplified where possible
OS specific variables files are generalised where possible
Change-Id: I2defac928ff0081b262ba31bdb9981274f13b32b
* Update openstack-ansible-lxc_container_create from branch 'master'
to 5d22a389c257f189a6a8ab42973e8c142df08169
- Use ansible_facts[] instead of fact variables
See https://github.com/ansible/ansible/issues/73654
Change-Id: If6b30e40bf71f60ee72fdc1459ce5e5a9f4f7d93
* Update openstack-ansible-lxc_container_create from branch 'master'
to 9a397730b4889f246ddf859b012da4c4fa47706b
- Fix formatting of LXC container config files
Spacing changes were inadvertently introduced in
https://review.opendev.org/742121 which result in duplicate entries
in LXC config files.
This commit reverts to the original formatting with spaces either
side of the '=', although it makes no attempt to fix files which
may already include duplicate entries.
Change-Id: Ia95bbc959b54f494b5861afcb4e84d4c227e7b31
* Update openstack-ansible-lxc_container_create from branch 'master'
to ba3a69981a6e5106afe4ebb1ec620bf0a5b5d7ec
- [reno] Stop publishing release notes
Since we copy all release notes to the integrated repo there is not need
in publishing release notes for each repository. We should only verify their
validity and linting.
Change-Id: Ibfedbf5cd264eac572fc51ec8a39974ce99d65d1
* Update openstack-ansible-lxc_container_create from branch 'master'
- Merge "Allow user to override UseDNS in template"
- Allow user to override UseDNS in template
You could perhaps have something that overrides a container network
like this;
---
container_extra_networks:
dns_address:
...
dhcp_use_dns: false
and would take precedence over lxc_container_enable_resolved
Also documentations says UseDNS takes true/false
https://www.freedesktop.org/software/systemd/man/systemd.network.html#UseDNS=
Change-Id: I91f25eaf0782a6b4febfc95d9ee7c33f1f965224
* Update openstack-ansible-lxc_container_create from branch 'master'
- Allow user to override UseRoutes in template
You could perhaps have a group_vars/designate_all.yml looking like
this;
---
lxc_container_networks:
lxcbr0_address:
...
dhcp_use_routes: false
Change-Id: Id61fdb5a3b52a01a49242fc01cc01bf2dede09af
* Update openstack-ansible-lxc_container_create from branch 'master'
- Merge "Add centos-8/focal/bionic zuul jobs for the different storage backends"
- Add centos-8/focal/bionic zuul jobs for the different storage backends
Change-Id: I344d80ed4c0f0ee674351cfbb3c7f8af87abfa50
* Update openstack-ansible-lxc_container_create from branch 'master'
- Merge "Remove support for LXC2 configuration keys"
- Remove support for LXC2 configuration keys
The removal of support for Centos-7 means that it is no longer necessary
to maintain compatibility with LXC2 configuration keys. This patch removes
the code which substitutes LXC3 keys for LXC2 keys.
Depends-On: https://review.opendev.org/742166
Depends-On: https://review.opendev.org/742103
Change-Id: I2911a20a3391e880df80f41eed5c9a8d5e36c2f4
* Update openstack-ansible-lxc_container_create from branch 'master'
- Merge "Remove support for Centos-7"
- Remove support for Centos-7
Openstack-ansible does not support Centos-7 beyond Ussuri so drop
support for Victoria.
Depends-On: https://review.opendev.org/742166
Depends-On: https://review.opendev.org/742103
Change-Id: I6f72eb69f54ae780712831dbcb2f9151478e8b83
* Update openstack-ansible-lxc_container_create from branch 'master'
- Fix linter errors
Also remove centos-7 jobs which are no longer supported
Change-Id: I82dc5ca09e436d5703cf8a4bb59ea7d2c3120411
* Update openstack-ansible-lxc_container_create from branch 'master'
- Merge "Remove obosletd lxc_container_interface variable"
- Remove obosletd lxc_container_interface variable
These variables are not used anywhere, so no need to carry them
Change-Id: Ib4b972a76bb63dba90d024f452724fec19411b87
* Update openstack-ansible-lxc_container_create from branch 'master'
- Merge "Fix tmpfiles-setup wait handler"
- Fix tmpfiles-setup wait handler
Precess column was present only for CentOS 8 and is not applicable for
other distros. In the meanwhile Active column is present in all distros.
Change-Id: I13605f21497c7eb8e2dd569ab90e2466bce8ac3e
* Update openstack-ansible-lxc_container_create from branch 'master'
- Wait for systemd-tmpfiles-setup service to complete after container restart
There is a race condition between starting an lxc container and executing
the first ansible task. Ansible makes heavy use of /tmp and the first
task executed after 'lxc-start' will collide with systemd-tmpfiles-setup
which by default removes all content from /tmp, including the working
files of any ansible task which happens to be running. This causes a fatal
error for ansible which cannot be recovered with retries.
This patch adds a raw command to check the state of the tmpfiles-setup
service and wait until it has completed, avoiding the race confdition.
Co-Authored-By: Dmitriy Rabotyagov <noonedeadpunk@ya.ru>
Change-Id: I8111ae7548cddd71b0f384157e28ced40392401b
* Update openstack-ansible-lxc_container_create from branch 'master'
- Merge "Use newer openstackdocstheme and reno versions"
- Use newer openstackdocstheme and reno versions
The sync from https://review.opendev.org/733244 updated to
openstackdocstheme 2.2.1 and reno 3.1.0 versions.
Set openstackdocs_pdf_link to link to PDF file. Note that
the link to the published document only works on docs.openstack.org
where the PDF file is placed in the top-level html directory. The
site-preview places the PDF in a pdf directory.
openstackdocstheme renames some variables, so follow the renames
before the next release removes them. A couple of variables are also
not needed anymore, remove them.
See also
http://lists.openstack.org/pipermail/openstack-discuss/2020-May/014971.html
Change-Id: Ic5b77991ef4fe356771041fc71c2930744b23d4e
* Update openstack-ansible-lxc_container_create from branch 'master'
- Update master for stable/ussuri
Add file to the reno documentation build to show release notes for
stable/ussuri.
Use pbr instruction to increment the minor version number
automatically so that master versions are higher than the versions on
stable/ussuri.
Change-Id: I5946da2354a2adf955df3c3eabf4fe2129845f77
Sem-Ver: feature
* Update openstack-ansible-lxc_container_create from branch 'master'
- Merge "Use a single vars file for all ubuntu releases"
- Use a single vars file for all ubuntu releases
This adds support for focal without requiring a second vars file.
Change-Id: Id21b3bc6721511d8d4a6b3e16ac465d14ec1a7f6
* Update openstack-ansible-lxc_container_create from branch 'master'
- Merge "Add lxc config key mapping for version 4.x"
- Add lxc config key mapping for version 4.x
This is required to support ubuntu focal, but can be simplified when
this code does not need to maintain compatibility with lxc 2.x
Change-Id: I699ca3b6fbd35982c4fe384fbbdecf60e92e8d91