Commit Graph

494 Commits

Author SHA1 Message Date
Zuul 51ce768243 Merge "Allow LXC container auto mounts to be customised" 2024-01-16 10:14:26 +00:00
Jonathan Rosser 8a32fc65d9 Allow LXC container auto mounts to be customised
The list of auto mounts is currently hardcoded so there is
no opportunity to adjust the mounts or change the permissions
if necessary.

This patch converts the mounts to a list which can be overridden
as required via host or group vars.

The auto mount configuration is assumed to only be present once
in the LXC config file and any existing statements are replaced.
Change-Id: I62deed28287dae8b289bf882ca0b1a24b207c92d
2024-01-15 15:04:47 +00:00
Jonathan Rosser 0b897c1eb0 Use FQCN for lxc_container module
This is currently using a redirect from ansible.builtin.lxc_container
to community.general.lxc_container, so be explicit about which
module we are using.

Change-Id: I9cdde57a10c7249687ee47fe91a3e84160b46ce1
2023-10-24 08:01:40 +01:00
Dmitriy Rabotyagov d6f0630c8c Properly apply tags for include_tasks
Change-Id: I5307fe00a8cf875b622f8b077242596648d52182
2023-09-08 13:01:40 +02:00
Dmitriy Rabotyagov 3cdcb1115f Fix linters issue and metadata
With update of ansible-lint to version >=6.0.0 a lot of new
linters were added, that enabled by default. In order to comply
with linter rules we're applying changes to the role.

With that we also update metdata to reflect current state.

Change-Id: I6a9986cd948dbeaf2847ea4dd04deed974f80d20
2023-07-11 21:43:23 +02:00
Dmitriy Rabotyagov d2a3a22a58 Properly render sysctl-container
Inside jinja block variables should not be inside start/end block.
This used to work due to the workaround placed in config_template
that was removed within [1]. So we fix our usage of jinja to make
variable resolved properly.

[1] https://review.opendev.org/c/openstack/ansible-config_template/+/881887

Change-Id: I1c3178e5694b08ace9364f6da397837049ca2d49
2023-05-19 11:38:28 +02:00
Zuul 4903bac1f7 Merge "Add bridge_type to lxc_container_networks" 2023-01-14 21:46:17 +00:00
Dmitriy Rabotyagov e097077529 Update tox.ini to work with 4.0
With tox release of 4.0, some parameters were deprecated and are ignored now
which causes tox failures. One of the most spread issues we have is using
`whitelist_externals` isntead of `allowlist_externals`


Change-Id: I2c6fc60cda0151fc6cd23951c4c976b9cef6a543
2022-12-27 17:53:11 +01:00
Dmitriy Rabotyagov bef1567a45 Add bridge_type to lxc_container_networks
In order to generate proper config for containers, we should respect
bridge type and bridge name that are defined in lxc_hosts role.

Depends-On: https://review.opendev.org/c/openstack/openstack-ansible-lxc_hosts/+/868603
Change-Id: Ifcc2f38459877b9760697efac5c23b2ff9adf53b
2022-12-26 16:40:38 +01:00
OpenStack Release Bot 4c6c0225cd Update master for stable/zed
Add file to the reno documentation build to show release notes for
stable/zed.

Use pbr instruction to increment the minor version number
automatically so that master versions are higher than the versions on
stable/zed.

Sem-Ver: feature
Change-Id: I52a2ac12df98edbeba79eb1c39f23bf1b113255b
2022-12-13 13:08:44 +00:00
Dmitriy Rabotyagov 5af3d0c200 Replace systemd_service templates with role
For consistency reasons we try to leverage our systemd_service role as
much as we can. Instead of maintaining separate systemd unit templates
the role can be leveraged for same purposes and reduce complexity in
this role.

Depends-On: https://review.opendev.org/c/openstack/openstack-ansible/+/865952
Change-Id: I59e6504240eafdb5f0d010ff8a051078e25b1281
2022-11-29 08:28:17 +00:00
Dmitriy Rabotyagov 517b75ac61 Replace usage of networkd template with role
For consistency reasons instead of placing a template for
systemd-networkd we better use systemd_networkd role that is present
for a while.

Change-Id: I1e9deaa2892a8fa7eb171acaf75441d7efeac297
2022-10-14 16:17:19 +00:00
siavash sardari 0b7a8645de Add ovs support for lxc containers.
The main problem this commit is resolving is that with openvswitch,
the ports were not get cleaned up, and after restart (hard restart or even with soft restart
lxc.service gets time-out) containers couldn't start properly, due to existing port on the bridges.

Change-Id: I707dbfc6878095f7593abe3fca3a5e5b310063e5
Depends-On: https://review.opendev.org/c/openstack/openstack-ansible/+/837742
2022-06-08 08:10:06 +00:00
Dmitriy Rabotyagov 37422a7e3d Switch sphinx language to en
With sphinx release of 5.0.0, they changed default for language variable
to 'en' from None. With that current None valuable is not valid and should
not be used.


Change-Id: I3f0403e3d74f105ea567ee411349791eae3a470c
2022-05-30 16:01:16 +02:00
Jonathan Rosser 4ab7921ca8 Use integrated repo 'hosts' jobs to test different backing stores
This uses the main openstack-ansible repo for testing these different
backing store scenarios rather than openstack-ansible-tests. This is
more maintainable and ensures that we test using the same code as is
used for a real deployment.

Depends-On: https://review.opendev.org/c/openstack/openstack-ansible/+/843027
Depends-On: https://review.opendev.org/c/openstack/openstack-ansible-repo_server/+/843418
Depends-On: https://review.opendev.org/c/openstack/openstack-ansible-galera_server/+/843547
Change-Id: Ieb53ae161c67a83408b6a8c77b4c8428ec9c4634
2022-05-26 21:30:04 +00:00
Zuul f8e6838749 Merge "Restore focal lxc tests" 2022-05-03 10:14:23 +00:00
Marc Gariepy b095b9a20c Restore focal lxc tests
Change-Id: I31f39aac094e38e4e40f5f6fa665615534f19150
2022-04-29 13:02:24 -04:00
OpenStack Proposal Bot 9860dd7316 Updated from OpenStack Ansible Tests
Change-Id: Ic03b5559d5baf79690acf5a79306ddda5befe79d
2022-04-29 12:00:45 +00:00
Zuul 75483317e4 Merge "Unify variables for all operating systems." 2022-04-28 08:21:50 +00:00
Jonathan Rosser 91b7997b34 Unify variables for all operating systems.
Refactoring of the lxc_hosts role means that there is no need for
differences in variables between operating systems.

This patch makes the ubuntu focal CI jobs non voting as it must
merge at the same time as a corresponding patch to lxc_hosts.

Change-Id: I29e91320baebb9a3a649533a0e1d3a433dd04ad9
2022-04-27 15:58:29 +00:00
Gaudenz Steinlin 9a0dbf05f3 Wait for 2s after restarting systemd-networkd
Systemd has a limit of 5 service restart in 10 seconds. If a service is
restarted more often it fails. The lxc-vet-wiring.sh script can trigger
this if more than 5 interfaces are configured in a container. To avoid
this failure wait for 2s after each service restart.

Change-Id: I4ca394314b1fa9c5f3ac5918e98a497ca5b55471
2022-04-11 12:17:08 +02:00
Dmitriy Rabotyagov 2765025768 Change location of ipaddr filter
ipaddr filter has been moved from netcommon to utils collection [1]

Based on that we must add that collection to requirements.

[1] db4920ebf6

Depends-On: https://review.opendev.org/c/openstack/openstack-ansible/+/831525
Depends-On: https://review.opendev.org/c/openstack/ansible-role-systemd_networkd/+/831603
Change-Id: I609a6a0da073ea39235ef862e580b00f9e7f91c7
2022-03-14 14:27:37 +00:00
Jonathan Rosser 105d467a3b Allow redhat.yml to support any distribution and major release
Change-Id: If230992ba779bc8fffb953c4dd56bca9b4edc247
2022-02-14 16:54:25 +00:00
Zuul e9a70f3789 Merge "Drop plugins from role requirements" 2022-01-12 14:38:09 +00:00
Zuul e8d4dfb51e Merge "Use only supported functional jobs" 2022-01-12 14:14:20 +00:00
Dmitriy Rabotyagov 4e0d864ff0 Drop plugins from role requirements
Change-Id: I055ec8c40ede15ee0b0e3534550e4c166106eadc
2022-01-12 10:03:51 +00:00
Dmitriy Rabotyagov e5325384f9 Use only supported functional jobs
This drops jobs for unsupported Ubuntu Bionic and CentOS 8

Change-Id: I844713dc00fc6cfb073776069226e3625ca6f570
2022-01-12 10:03:16 +00:00
OpenStack Proposal Bot 7cd8c033eb Updated from OpenStack Ansible Tests
Change-Id: I135bf9a915e1e5cd7f83864605d4da2fb88ff5ee
2021-12-17 16:44:44 +00:00
Dmitriy Rabotyagov aaee5637e2 Add pki role to local a-r-r
Change-Id: I09ef161ef8cf0bee8159f7ae3ee1115bb296e802
2021-07-02 12:27:39 +03:00
Zuul e3a82d3a88 Merge "Add upgrade jobs" 2021-06-03 13:47:01 +00:00
Zuul 5d2072f79e Merge "Add Debian Bullseye support" 2021-06-03 12:49:27 +00:00
Dmitriy Rabotyagov 0beb7cebf7 Add upgrade jobs
With previous commit we accidentally removed upgrade jobs, since
they're not explicitly included into deploy template

Change-Id: I5a0d18744d0f9102fb4f8866043bcd8e2d4cc0d8
2021-06-02 18:29:15 +03:00
Dmitriy Rabotyagov 10ef365507 Replace linters test with integarted one
We've created integrated linters check job a while back and it's successfully
working for several releases. At the moment we experience difficulties
with future maintenance of the linters check from the openstack-ansible-tests
repo. So instead of fixing current one, we replace it with modern version of
the test.

We also replace regular functional tests with integrated scenario.

Change-Id: I4638a72507642a4a70aa09a9c9243c16d2bba376
2021-06-01 13:04:45 +03:00
Dmitriy Rabotyagov 3834c32c0e Add Debian Bullseye support
Switching to proc:mixed improves container isolation and is not required
for Bullseye.
But cgroup:mixed is required for container to start, as it provides
ability for the container to manage own cgroups (but not parents).

Change-Id: Ifce5b9673319d077e57cdf8a28b182b57b7d4507
2021-06-01 10:44:24 +03:00
Dmitriy Rabotyagov 8c6c6caa04 Do not create extras in /openstack/{{ inventory_hostname }}
Directory /openstack/{{ inventory_hostname }} can be bind mounted
inside container. So we should keep it clean without any third party
scripts.

Change-Id: I79a55cad21333553bd4f59ffb145faf96c283c9e
2021-04-29 09:42:48 +00:00
Zuul 8e35c2fdb7 Merge "Remove references to unsupported operating systems" 2021-03-22 13:39:43 +00:00
OpenStack Proposal Bot 8c02ded690 Updated from OpenStack Ansible Tests
Change-Id: I8ba17f0345aa61ac6a7ccbcdb450765e864d6d51
2021-03-22 08:44:43 +00:00
Jonathan Rosser 06ac9563a4 Remove references to unsupported operating systems
All references to Gentoo, SUSE, Debian stretch and Centos-7  are removed.
Conditional tasks, ternary operators and variables are simplified where possible
OS specific variables files are generalised where possible

Change-Id: I2defac928ff0081b262ba31bdb9981274f13b32b
2021-03-17 08:36:24 +00:00
Jonathan Rosser 3f07f8ad90 Convert remaining ansible_ fact variables to ansible_facts[]
Change-Id: I6909d6e91eb2211c1015625fee4f39c34189dc69
2021-03-17 08:35:47 +00:00
OpenStack Proposal Bot 67191fb74d Updated from OpenStack Ansible Tests
Change-Id: Id5d26be6f391f04b28fe4b07ffa16cfabf857972
2021-03-12 22:16:11 +00:00
Jonathan Rosser 5d22a389c2 Use ansible_facts[] instead of fact variables
See https://github.com/ansible/ansible/issues/73654

Change-Id: If6b30e40bf71f60ee72fdc1459ce5e5a9f4f7d93
2021-02-24 14:18:48 +00:00
Andrew Bonney 9a397730b4 Fix formatting of LXC container config files
Spacing changes were inadvertently introduced in
https://review.opendev.org/742121 which result in duplicate entries
in LXC config files.

This commit reverts to the original formatting with spaces either
side of the '=', although it makes no attempt to fix files which
may already include duplicate entries.

Change-Id: Ia95bbc959b54f494b5861afcb4e84d4c227e7b31
2021-02-01 09:46:30 +00:00
dmitriy ba3a69981a [reno] Stop publishing release notes
Since we copy all release notes to the integrated repo there is not need
in publishing release notes for each repository. We should only verify their
validity and linting.


Change-Id: Ibfedbf5cd264eac572fc51ec8a39974ce99d65d1
2021-01-22 18:23:25 +02:00
Zuul b4d4f858bb Merge "Allow user to override UseDNS in template" 2020-10-16 08:11:31 +00:00
Erik Berg 8b3ff31c3a Allow user to override UseDNS in template
You could perhaps have something that overrides a container network
like this;

---
container_extra_networks:
  dns_address:
    ...
    dhcp_use_dns: false

and would take precedence over lxc_container_enable_resolved

Also documentations says UseDNS takes true/false

https://www.freedesktop.org/software/systemd/man/systemd.network.html#UseDNS=

Change-Id: I91f25eaf0782a6b4febfc95d9ee7c33f1f965224
2020-10-06 14:43:26 +02:00
Erik Berg fd62da8df0 Allow user to override UseRoutes in template
You could perhaps have a group_vars/designate_all.yml looking like
this;

---
lxc_container_networks:
  lxcbr0_address:
    ...
    dhcp_use_routes: false

Change-Id: Id61fdb5a3b52a01a49242fc01cc01bf2dede09af
2020-10-06 14:40:42 +02:00
Zuul 2c463783aa Merge "Add centos-8/focal/bionic zuul jobs for the different storage backends" 2020-10-06 09:40:03 +00:00
Zuul 6dae37f9f4 Merge "Remove support for LXC2 configuration keys" 2020-10-06 08:37:41 +00:00
Zuul 7d7900421c Merge "Remove support for Centos-7" 2020-10-06 08:37:40 +00:00
Zuul 1d273ff792 Merge "Updated from OpenStack Ansible Tests" 2020-10-05 21:06:28 +00:00