This change bumps up the maximum supported Ansible version to 6.x
(ansible-core 2.13.x) and minimum to 5.x. This synchronises Kayobe with
Kolla Ansible.
Shebang has been removed from modules due to [1].
os_openstacksdk_version has been added as openstack cloud modules don't
support versions greater than 0.99.
[1]: https://github.com/ansible/ansible/pull/76677
Depends-On: https://review.opendev.org/c/openstack/kolla-ansible/+/867546
Change-Id: Ibb00f6d079442a8509411ae8a71d74fd7bd8cccd
There are a few places where we have a play with one task that uses the
group_by module to generate groups that are used in a subsequent play.
These plays do not need to gather facts for their target hosts.
In particular, the kolla-openstack.yml playbook should really be able to
operate without access to remote hosts.
This change also adds changed_when: false to all group_by tasks, since
they show as changed but haven't really made any changes outside of
Ansible.
TrivialFix
Change-Id: I18f67eda4e48058f3f402b9d0e692d6eeb02855f
* Always use Python 3
* Drop code paths for CentOS 7
* Drop support for Yum
* Remove support for host NTP daemon, always use chrony
* Switch references from 'yum_install_epel' to 'dnf_install_epel'
* Remove overcloud host image workaround for tagged VLAN admin network
* Remove the kayobe.utils.yum_install function, which is unused
Change-Id: I368f6edafed9779658798fc342116b4c1b3ffd48
Story: 2006574
Task: 39481
Upstream Ansible OpenStack modules now use openstacksdk rather than shade.
Switch local Ansible modules to follow suit. Also switch to use the
stackhpc.os_openstacksdk role from stackhpc.os-shade.
The stackhpc.os-shade role is removed during 'kayobe control host upgrade'.
Change-Id: Id3894c3c36ef99f00ed463de6a3457e11733d6b7
Story: 2007294
Task: 38759
Connections default to 'public' interface when attempting to run
openstack commands. This breaks setups where the network hosts are
separate from the controllers.
This change adds an ``openstack_interface`` variable to select the
correct endpoint to use, which defaults to ``internal``.
Co-Authored-By: Michael Senizaiz <michael@r-hpc.com>
Change-Id: Ifa766d2cc3ed7077f03c571398072ad5117701c6
Story: 2006814
Task: 37374
Kayobe uses a number of virtual environments on the remote hosts for
python dependencies such as shade, python-openstackclient, docker, etc.
By default these are stored in /opt/kayobe/venvs/. Typically we do not
provide version restrictions when installing these packages, so over the
course of time they may become stale and incompatible.
This change installs the latest version of packages allowed by OpenStack
upper constraints.
It also adds a new variable, 'pip_upper_constraints_file', to set the
upper constraints file. The existing variable
'kolla_upper_constraints_file' now defaults to the value of
'pip_upper_constraints_file'.
Change-Id: I8d2956f95bbc44b5a9e88e7569372048a62f12f5
Story: 2005923
Task: 34193
When using Ansible OpenStack modules, if OS_CACERT is defined, then this
will be passed as the cacert module argument.
This ensures that non-standard CA certificate paths can be used.
Change-Id: I2a2575b1fb0f149cc13c44526fc0167e68e07aab
Story: 2004911
Task: 29261
The Dell LLDP workaround is not necessary on switches running newer
versions of Dell Networking OS. Since version 9.11(2.0P1), the interface
description can be advertised by LLDP, at least for S6000 and S3048–ON
switches.
Change-Id: Iaccab56ba068d1ca9ab9c0351d5ffc32a2348787
The epel-release package provides a yum repository configuration for
EPEL, and points to the upstream EPEL mirrors. In some cases this is
undesirable, such as when a local EPEL mirror is available, or access to
the public repositories is not possible.
This change makes it possible to skip installation of epel-release, by
setting 'yum_install_epel' to 'false'.
Change-Id: Ib685b0c3e21df01c4dd177771f019fae4bb90e66
Story: 2003277
Task: 24218
When specifying tags with 'kayobe overcloud post configure --tags <tags>', the
expected plays typically do not run. This seems to be due to an ansible bug,
where if a dynamically created group is referenced before creation, it will
remain empty. See https://github.com/ansible/ansible/issues/20360.
This change works around this issue by modifying the name of the dynamic groups
used in the post configure playbooks to be unique to each playbook.
Fixes: #138
(cherry picked from commit 77a41a9d0a37acd2d4c25bd7d969d965a9552428)
Change-Id: I7a884f538cfeba9d6b4b990ec445b5ad6f914193
Having tagged plays allows us to easily run a subset of the plays for a
command, and perform targeted operations with less risk of unintended
consequences.
The tags are typically named after the playbook, although some of the
overcloud playbooks have been tagged without an overcloud- prefix.
We use the group_by module to create groups based on host variables.
When the variable is a boolean, we should convert it to a bool using the
bool filter, to ensure that the group name has a consistent format.
This includes:
* Building and registering IPA images
* Registering a provisioning network
* Registering ironic inspector introspection rules
* Creating an inspection store container
The current implementation only works if all compute nodes in the system
have the same interface name for their provisioning network. This change
adds a default value and a map for exceptions
Some Dell switch OSs (including Dell Network OS 9.10(0.1)) do not support
sending interface port description TLVs correctly. Instead of sending the
interface description, they send the interface name (e.g. TenGigabitEthernet
1/1/1). This breaks the discovery process which relies on Ironic node
introspection data containing the node's name in the interface port
description. We work around this here by creating an introspection rule for
each ironic node that matches against the switch system and the relevant
interface name, then sets the node's name appropriately.