Supports merging configuration for the following files:
* kolla/globals.yml
* kolla/config/bifrost/bifrost.yml
* kolla/config/bifrost/dib.yml
* kolla/config/bifrost/servers.yml
* kolla/kolla-build.conf
Configuration is merged from the following sources:
* Kayobe source code
* Base Kayobe config
* Kayobe environment
Co-Authored-By: Will Szumski <will@stackhpc.com>
Change-Id: I552bd8f7853b2032954b372bf4476676dac3e271
Story: 2002009
Task: 42974
Cleaning was disabled by default in Bifrost
(Ie1198768889bd468176cd68c8ccb48791c724262) until the Victoria release,
when the default was changed. The 'kayobe overcloud provision' command
does not handle cleaning states when moving nodes from manageable to
available. This can lead to provisioning failures.
This change disables cleaning to maintain backwards
compatibility with earlier versions of Kayobe.
Change-Id: I23eb5116d8d1944167a0d50cafe5b99f766ad687
Story: 2008850
Task: 42363
In the Wallaby cycle, Bifrost changed the default value of
enable_inspector_discovery from true to false. To maintain backwards
compatibility, we override the setting to true.
Depends-On: https://review.opendev.org/762998/
Change-Id: Ie504fe9e7934e3e9f399d010cd8c5e242a152bb7
* Bump stackhpc.libvirt-host to v1.7.1. On seed-hypervisors installed
using CentOS 8.2 or earlier, interaction with libvirt may fail due to
libgcrypt being incompatible. See
https://github.com/stackhpc/ansible-role-libvirt-host/issues/42
* Bump MichaelRigart.interfaces to v1.9.2. The CentOS 8.3 cloud image
includes an ifcfg-ens3-1 file. See
https://github.com/michaelrigart/ansible-role-interfaces/pull/93
* Previously a second libvirt daemon was installed by Tenks on the host,
however changes in libvirt 6.0.0 to separate libvirtd into multiple
daemons do not allow for customisation of the PID files used by the
new daemons. This leads to a conflict between the container and host
daemons. Update the Tenks config to use the containerised Nova libvirt
daemon. This depends on a change to the stackhpc.libvirt-host role:
https://github.com/stackhpc/ansible-role-libvirt-host/pull/44
* Not CentOS 8.3 related, but tox jobs are now failing on python
dependencies. Remove upper limits from docker and paramiko.
* Not CentOS 8.3 related, but Bifrost has enabled authentication by
default. We are not ready to support this, so override it.
Story: 2008429
Task: 41378
Change-Id: Ie8fd965165e8d347d27528a2c16d0647e412ccdc
Without this setting, bifrost creates a bifrost firewalld zone only
allowing network traffic for Ironic services and assigns the
provisioning network interface to it, potentially causing loss of
connectivity.
Using the public zone is suggested as a workaround [1] but is not
sufficient: it allows SSH traffic, but blocks other services deployed on
the seed, such as Docker registry traffic.
[1] https://review.opendev.org/#/c/754406/
Change-Id: I80f9d95f02e11fda5916f9a9dd257b688a9db7e2
Story: 2008153
Task: 40899
Switches to use the IPA builder project for building IPA images.
Switches the IPA images used by default to CentOS 8 based image.
Changes the file extension of the IPA kernel image from vmlinuz to
kernel.
Story: 2007070
Task: 37953
Change-Id: I82fc455f41f48dacb453e135870dd776895d7c99
Story: 2006574
Task: 39485
Kolla recently upgraded bifrost from 7.0.0 to 7.1.0 on the stable/train
branch. This switched to IPA builder to build the IPA image, and
introduced a rename of the IPA kernel file from ipa.vmlinuz to
ipa.kernel, which breaks overcloud provisioning. The iPXE kernel
download fails with a 404, since Kayobe introspection rules use
ipa.vmlinuz for the driver_info.deploy_kernel URL.
This change works around the issue by setting two Bifrost variables,
ipa_kernel and ipa_kernel_url, to reference the old kernel filename of
ipa.vmlinuz. This works both in the case where the image is downloaded
from a URL (ipa_kernel sets the destination file name), and where it is
built via 'kayobe seed deployment image build' (kayobe uses the legacy
ironic-agent DIB element rather than IPA builder, which creates a
hardlink to ipa.vmlinuz).
We chose the above approach rather than switching to IPA builder due to
it being a less risky change at a time close to release. A future
release of Kayobe should switch to IPA builder, but this will be a
larger effort.
[1] https://review.opendev.org/#/c/692200/1/playbooks/roles/bifrost-ironic-install/defaults/main.yml
Change-Id: I7f75c25602fd7ae4bfeb6abbdd3b42d8ee465abf
Story: 2007068
Task: 37951
Ironic now provides DIB-built CentOS images at
https://tarballs.openstack.org/ironic-python-agent/dib/files. However,
if Bifrost is configured to use these, then the 'kayobe seed service
deploy' command fails because the checksum files are not available.
This change fixes the issue by allowing
'kolla_bifrost_ipa_kernel_checksum_url' and
'kolla_bifrost_ipa_ramdisk_checksum_url' to be overridden to empty
strings, indicating that there is no checksum.
Very similar to the issue fixed in https://review.opendev.org/688359 for
the overcloud.
Change-Id: If73cebb95c7d0596dc8087112fc19398a113f0cc
Story: 2006715
Task: 37407
From Rocky, Ironic no longer supports drivers, in favour of hardware
types. Hardware types were already implemented for the overcloud Ironic,
this change ensures that Bifrost configuration is given hardware types
where necessary.
Change-Id: Iea91d2cd88b7566bb9cad20367ec64b9213d8845
The IPA ramdisk and kernel images may be built or downloaded via a URL.
If the latter option is used, any images previously downloaded to
$KOLLA_CONFIG_PATH/config/ironic/ironic-agent.* would previously not be
updated if the image contents change.
This change introduces variables for setting a URL to a file containing
checksums for the images. The algorithm used to compute the checksum is
also configurable (default sha256). This allows us to ensure we are
using the correct version of the image, while avoiding an expensive few
hundred megabyte image download just to check.
If a checksum is not specified, the image will be downloaded every time
to ensure that it is up to date.
Change-Id: I8120518ed98d61f3652f5205ce7ec9f798ab2aa1
Story: 2001660
Task: 6693
The CLI command is:
kayobe seed deployment image build
This command will build Ironic Python Agent (IPA) kernel and ramdisk images
using the Diskimage Builder (DIB) ironic-agent element. The built images will
be copied to the appropriate location in the bifrost_deploy container on the
seed.
This allows us to build a customised image with site- or hardware- specific
extensions.