Commit Graph

8289 Commits

Author SHA1 Message Date
Dmitriy Rabotyagov 3e2d7afa05 Remove Jinja from conditions
Due to CVE-2023-5764 conditional statements should not include
jinja2 templating anymore and result in warnings/failures

This patch replaces Jinja tags with slightly different format that leads to the
same result/logic.

Change-Id: I049ac770b32152866194190e54f5947fe7589b39
2024-03-27 10:42:53 +00:00
Zuul 3a19764f48 Merge "Bump ansible version to 2.15.9" 2024-03-15 11:16:55 +00:00
Zuul 30879b1e64 Merge "Add check_hostname option to db healthcheck tasks" 2024-03-14 17:44:51 +00:00
Zuul 49b8eed1b4 Merge "Upgrade Gnocchi to 4.6" 2024-03-14 12:36:29 +00:00
Jonathan Rosser e910144dd2 Bump ansible version to 2.15.9
Depends-On: https://review.opendev.org/c/openstack/ansible-role-python_venv_build/+/910477
Change-Id: Iea39f6859cd85cf4ff2e9686ff33a905f7ea33c7
2024-03-14 08:56:29 +00:00
Jonathan Rosser 52e02439ca Fix physical network mapping for linuxbridge
The same physical network label cannot be used more than once with
Linuxbridge.

This patch standardises the label physnet1 for the flat public network
and instead uses physnet2 for the vlan project networks for
Linuxbridge.

Change-Id: Ie42b995c93e081d484fc177fb665802950335c50
2024-03-13 13:12:35 +00:00
Jimmy McCrory 671ed19c3f Remove obsolete nova_force_config_drive variable from docs
The nova_force_config_drive variable was removed several releases ago.
Update the docs to only mention using nova_nova_conf_overrides to
disable the config drive.

Change-Id: I1565e1e6e7b8fe12a6b70f09947c48cc893d3ef5
2024-03-11 11:23:47 -07:00
Jimmy McCrory 6240c769c0 Add check_hostname option to db healthcheck tasks
To allow encrypting connections of db healthcheck tasks, include the
check_hostname option to verify a server host name when an SSL
connection is required.

Also enable galera_require_secure_transport during TLS test jobs.

Change-Id: I23d839e75b202d0400aeefe6e98c429e16ecd37e
2024-03-11 11:07:00 -07:00
Zuul 15fecdd42b Merge "Allow env.d to contain underscores in physical_skel" 2024-03-10 16:10:15 +00:00
Zuul e64daca9ce Merge "Do not use underscores in container names" 2024-03-10 16:10:12 +00:00
Zuul 500d4c3ce4 Merge "Always use physnet1 as external network name in AIO and examples" 2024-03-08 17:40:53 +00:00
Dmitriy Rabotyagov 4786095e24 Upgrade Gnocchi to 4.6
It is not possible to install Gnocchi 4.5 with 2024.1 due to conflicting
dependency of pyparsing. It is fixed in 4.6 with [1]

[1] a565df6923

Change-Id: I056a4a382abffc2d2b70a0cead787f22dd737fdc
2024-03-08 16:54:13 +01:00
Zuul 55574b4a87 Merge "Determine if upgrade source branch is stable/ or unmaintained/" 2024-03-08 15:51:03 +00:00
Jonathan Rosser ccdb5932b0 Determine if upgrade source branch is stable/ or unmaintained/
Branch renaming to unmaintanted/ breaks the gate-check-commit
script when it sets the source branch for an upgrade job.

This patch determines the source branch prefix dynamically in
an attempt to make upgrade jobs still work from branches marked
as unmaintained under wider OpenStack policy.

Change-Id: I9662156fe0e9463e54ccc5c6ede0624a85887ebe
2024-03-07 14:11:28 +00:00
Dmitriy Rabotyagov 91051b08b2 Enable image rotation for Magnum
In case, when there's more then 1 image with name `fedora-coreos-latest`
Magnum fails to resolve it's uuid and fails to create a template from such
image.

In order to prevent this happening, we do enable image rotation in CI
to fix upgrade jobs.

Changing visability to `community` does hide the image from non-owner
unless explicitly asked for listing community images.

Change-Id: I1d5f02824e0c0fed820ee0808127efccad1017cf
2024-03-05 21:39:28 +01:00
Dmitriy Rabotyagov e72984ca95 Update upstream SHAs
Closes-Bug: #2054224
Change-Id: Idab46a7c557366dabd6979ee08c1332a2d2d7515
2024-03-05 09:18:38 +00:00
Dmitriy Rabotyagov 8d46ed8842 Allow env.d to contain underscores in physical_skel
At the moment our dynamic_inventory does have assumption that group names
defined in env.d will not contain underscores, except when it's ending
with `_hosts` or `_containers` since inventory script uses split on `_` and taking
the last argument. So in cases when underscore was used elsewhere in the
group name it will result in unexpected behaviour.

Instead of this approach we now use regexp which replaces the last octet separated with underscore with intended suffix to preserve
rest behaviour.

Change-Id: Id9ba56292972b8b52b4786c78684f2d6f289d88a
2024-03-05 09:17:44 +00:00
Dmitriy Rabotyagov d74d038032 Do not use underscores in container names
According to RFC1034 [1], underscores are not legitimate symbols for
hostnames. We have a naming convention that historically uses underscores
in names of containers which leads to a complications in some cases/logic
Moreover, container actual hostnames are always different from their
inventory_hostnames, which might break some logic of external dependencies.

To change this historical issue, all new containers will have different
naming convention, where only dash will be used as a separator.
This will not touch already existing in inventory containers and they will
preserve their names for the time being.

[1] http://www.faqs.org/rfcs/rfc1034.html

Change-Id: Iedebf9935059ecfe8370f2a84ad52516cc93320e
2024-03-05 09:17:37 +00:00
OpenStack Release Bot f73cf9a0a9 reno: Update master for unmaintained/yoga
Update the yoga release notes configuration to build from
unmaintained/yoga.

This also workaround the issue with Zed not being able to
find out where it's changes started by defining
proper regexp for `closed_branch_tag_re`

Presumably, default for reno should be adjusted to avoid this
config override, ie with [1]

[1] https://review.opendev.org/c/openstack/reno/+/910547

Change-Id: I9ff589583e7e53941c81c52e7ca5dae77c5de1d9
2024-03-05 09:17:00 +00:00
Zuul 022c9c4c22 Merge "Treat dashes/underscores as interchangeable symbols for container names" 2024-02-28 00:04:49 +00:00
Andrew Bonney 9cd05a5f5b [doc] Use bootstrap node override for gluster primary upgrade
Overriding the bootstrap host is necessary to establish the
original gluster primary as a member of an existing cluster.

Depends-On: https://review.opendev.org/c/openstack/openstack-ansible-plugins/+/908981
Change-Id: I29dacded7220dce796429c36cb082f37c5278031
2024-02-21 19:00:06 +00:00
Jonathan Rosser 563159f49c Always use physnet1 as external network name in AIO and examples
Previously this was either 'vlan' or 'flat' depending on the external
network type, and there were also cases when the name and type were
mismatched - particularly when the flat network was untagged traffic
on a vlan bridge.

This patch removes that confusion and always names the external
network 'physnet1' to align with the upstream neutron examples.

Change-Id: I3cd8b93b42777b787552051bcdc9a90347f1e03d
2024-02-20 17:26:00 +00:00
Zuul fca293037e Merge "Allow virtualisation type to be defined in a test scenario" 2024-02-14 16:16:14 +00:00
Zuul f58c0dd1c6 Merge "Remove unused variable" 2024-02-13 18:09:01 +00:00
Zuul 077ff384e3 Merge "Fix formatting issue for SPICE HAProxy httpcheck" 2024-02-13 16:28:09 +00:00
Zuul 3e11d7cf5a Merge "Remove tempest concurrency exception for Octavia AIO" 2024-02-13 16:03:24 +00:00
Zuul 2c19da0d8b Merge "Remove galera_client from required projects" 2024-02-13 14:04:32 +00:00
Zuul dd65a44893 Merge "Add Octavia OVN provider to required repos" 2024-02-13 14:04:29 +00:00
Dmitriy Rabotyagov cac820710f Remove tempest concurrency exception for Octavia AIO
Change-Id: I1ceafe3798c08d38494271ac78617c005e128811
2024-02-12 16:39:29 +01:00
Zuul 52c04d4624 Merge "[doc] Update dist upgrade guide for 2023.1 / Ubuntu Jammy" 2024-02-12 15:26:13 +00:00
Jonathan Rosser 9cad92d41c Allow virtualisation type to be defined in a test scenario
Change-Id: I6d3055139bc6482c6d7fe28dea9b5b5ead500a5c
2024-02-12 15:07:32 +00:00
Zuul a357f59c39 Merge "[doc] Slighly simplify primary node redeployment" 2024-02-12 13:57:38 +00:00
Zuul 08062730ef Merge "[doc] Remove guidance to drain RMQ which can result in failures" 2024-02-12 13:57:36 +00:00
Zuul e4eabf0b76 Merge "Add SLURP upgrade jobs" 2024-02-12 13:57:32 +00:00
Zuul 5767d4cb6f Merge "Extra PIP_OPTS in bootstrap_ansible script must be space separated" 2024-02-12 13:57:29 +00:00
Jonathan Rosser 13c83a0da5 Remove unused variable
This variable is not defined anywhere in openstack-ansible or
its roles

Change-Id: I3e511612433c5819d8df0a3d93dce9ae9d71a625
2024-02-12 12:23:07 +00:00
Andrew Bonney ded73432b8 [doc] Update dist upgrade guide for 2023.1 / Ubuntu Jammy
Change-Id: Ic708385ce2a75e42e9a70fa53dbd6030ba318a7c
2024-02-12 08:51:04 +00:00
Andrew Bonney 4abddeaf30 [doc] Remove guidance to drain RMQ which can result in failures
oslo_messaging isn't set up to handle this situation and appears
to expect the node to come back (as would happen during a version
upgrade). As a result, client processes don't attempt to re-create
queues which lived on the node being upgraded. This situation
doesn't auto-recover which can be very disruptive.

Change-Id: I608202d665417682ce7309bb9bf4b52a2cf4373e
2024-02-12 08:38:08 +00:00
Dmitriy Rabotyagov 76bb370450 Fix formatting issue for SPICE HAProxy httpcheck
Due to the issue in formatting healthcheck address was merged with meth
which resulted in invalid haproxy configuration, when SPICE is being used
as a console.

Closes-Bug: #2052891
Change-Id: I38b2ff6887382164e4b28852274ec6dfee4d7d78
2024-02-11 17:17:24 +01:00
Zuul b53af87c95 Merge "Add user defined hooks that can run extra playbooks" 2024-02-10 01:08:04 +00:00
Zuul 08aa54330d Merge "Allow zuul pre playbook bootstrap to be skipped" 2024-02-10 00:48:45 +00:00
Dmitriy Rabotyagov aa8d40bf65 Remove galera_client from required projects
Repository has been deprecated a while ago, so should not be fetched
anymore.

Change-Id: I268603d3466af05ba2fb8938d2b79180fedf520f
2024-02-09 19:32:02 +00:00
Dmitriy Rabotyagov 37e15db17f Allow zuul pre playbook bootstrap to be skipped
This is needed if a child job in an openstack-ansible role repo
needs to do some configuration before bootstrap-ansible is run.

An example might be configuring extra roles, collections or
pythin modules to be installed during bootstrap.

Change-Id: I463cf5df7c2aa4e2cdf399efaeb17df980d29edc
2024-02-08 09:26:11 +00:00
Dmitriy Rabotyagov fc75a09d35 Add Octavia OVN provider to required repos
Needed-By: https://review.opendev.org/c/openstack/openstack-ansible-os_octavia/+/868462
Change-Id: Iac5e66076cc8caee4f47a286d2f5e0145697d59a
2024-02-07 15:39:22 +00:00
Dmitriy Rabotyagov d1d2aa00f2 Remove distro_ceph template from project defenition
We never had a template for distro_ceph jobs, so it's resulting in zuul
configuration errors for all our stable branches.

Change-Id: Ied048e041abc5563d01cd58f57c1a4b685de0586
2024-02-07 16:38:54 +01:00
Dmitriy Rabotyagov 8215dcce9e Add SLURP upgrade jobs
Since we're to support 2023.1 -> 2024.1 upgrades, it would be good
to add CI testing as well.

Change-Id: I106d86c702300673a142e15bbeead0642287474d
2024-02-07 10:57:36 +00:00
Jonathan Rosser 03e9c6b69e Add user defined hooks that can run extra playbooks
This patch adds variables which when can be used to extend
openstack ansible by calling additional user defined playbooks
at the start and end of the main setup-* playbooks.

Change-Id: Ic55dd6447f603d91beaeea28beb04e4c1393d6af
2024-02-05 12:32:37 +00:00
Zuul 8bb7091958 Merge "[doc] Update documentation for galera cluster recovery" 2024-02-05 08:43:10 +00:00
Zuul 55e9baecac Merge "Add openstack-resources playbook" 2024-02-02 22:07:36 +00:00
Zuul f62e0cba13 Merge "Adopt magnum test variables for openstack_resources" 2024-02-02 21:56:16 +00:00