Starting with centos stream 9, libvirt will use the modular sockets in
session mode. This introduces a config variable for specifying what
socket file to use in the virtbmc role.
Change-Id: I07fc4232d880bd66d0cc1756f17af166ca5f679d
Current config assumed deployments to be based
on single-nic, update minimal featureset to support
deployment with multiple-nics-vlans network_isolation.
Not changing any defaults with that patch, user
who want to deploy with multi-nics-vlans can
pass -e network_isolation_type=multiple-nics-vlans
to quickstart deployment command.
Required networks will be auto created and attached
to overcloud and undercloud vms to support multi-nic-vlans.
By default 6 networks will be created with this config
each for ctlplane, Internal, Storage, StorageMgmt,
Tenant and External.
If want to created different number of networks or
with different name can be done by passing
extra_networks var like:-
extra_networks:
- name: data
bridge: br-data
- name: tenant
bridge: br-tenant
- name: ovcexternal
bridge: br-external
Need to use seperate name as used by default_networks.
Depends-On: I82013d33c1729619e47b633bddd1580e9efe0b55
Change-Id: Ife4d31ecd9912b424a178cc4bbc0d6de7216e512
The var overcloud_image defaults to overcloud-full, and will until the
switchover to the whole-disk overcloud.
Change-Id: I8037e8140e36ed0cd56e1654c4a8269dfbd4b5d1
Blueprint: whole-disk-default
This patch removes:
* legacy tripleo-validations config boolean, since now the role
is in tripleo-validations repos and is enabling by another
configuration in the zuul config directly
* documentation, because its now outdated and a new one should
be moved under tripleo-validations repos
Change-Id: Ibc5e1aec08643d53760953ebb1c026e99689a2b6
Jinja template for overcloud VMs is currently configured to skip
adding network to VM's definition if forward_mode: 'nat' is set
for this network. As a result, libvirt networks with enabled NAT
forwarding mode could not be used by overcloud nodes for external
connectivity.
It is not a problem for single-nic scenarios: director node is
used to connect overcloud nodes to external networks. But this
limitation makes it hard to create infrastructure for overcloud
deployments with multiple NICs and network isolation.
This patch adds flexibility by allowing users to force adding
network connections to overcloud VMs even if forward_mode: 'nat'
is set for this network. This patch doesn't change current
behavior if force_ovc parameter is not defined for any network.
Change-Id: Ibd2e40878b8fd4b1e4db7f654c251b4968da8b85
Partial-Bug: #1666916
This introduce needed changes to be able to deploy an additional
cell via oooq. If additional_cell is set to true after the
overcloud got deployed the additional cell gets deployed. Todo
this information gets extracted from the overcloud stack, which
is requried as input to the second heat stack, where the additional
cell is managed with. As a reference [1] is the scenario which
is installed adding a single additional cell.
config/general_config/featureset063.yml is used for the configuration
and config/nodes/1ctlr_1cellctrl_1comp.yml has a nova config
example.
[1] https://docs.openstack.org/project-deploy-guide/tripleo-docs/latest/features/deploy_cellv2_basic.html
Change-Id: Ib30a83f4a0bc3e503b422f8b5098c60133614959
Not all envs allow for ipv6 routing. This review adds an
ipv4 option, undercloud_external_network_ipv4, to be used
for routing/masquerade when undercloud_external_network
would return an ipv6 value.
This value is only referenced in
https://review.openstack.org/#/c/642924.
When ipv6 is not used, the undercloud_external_network_ipv4
value is never used.
Change-Id: I518bd9973bfd82350f75d2d1b2f444a5fb510a82
This normalizes the formatting of files from playbooks and roles
folders in order to allow further hardening of linting.
Fixing linting was too big to be made in a single commit as it would
involve too many files to review and could merge conflicts with
existing changes. Thus doing it in few chunks would makes it possible.
Original full change is at https://review.openstack.org/#/c/627545/ and
will be the one merging the last.
Change-Id: I73abb9ea78b8bea8d73eb95c52daacdb45f407b8
When building images from a container, the chrooted option
needs to be extended for the extras repos as well.
Make it shared via the common defaults.
Required-By: Ie880a33fbb758240638178c45c43156e80bf4d24
Related-Bug: #1676373
Change-Id: I8cc198bd1081e0c1864228dad6228daa92ac32b7
Signed-off-by: Bogdan Dobrelya <bdobreli@redhat.com>
Based on fs001, deploy fs035 with IPv6.
Some improvements will be done in the next iterations:
- enable tempest
- enable network-isolation-absolute
Also use one var for undercloud external network.
Change-Id: I5235e3f29fdb129281c76f1c70135580f640a112
This patch adds e1000 nics on overcloud VM. This is to test
DPDK features which is supported by e1000 drivers. We need to
enable e1000 via passing the var as --
-e 'overcloud_libvirt_nic_model: e1000'
Change-Id: I7583b65a4cd414c65aad9968d6e128acc8e02772
When removing the hardcoded repo setup from devmode, we actually
changed the behavior of when we run repo setup on the overcloud
images.
Instead, we should keep the behavior the same as before. Rather than
adding "update_images: true" to all tripleo-ci configs, we just make
the behavior trigger on either devmode or update_images vars.
Change-Id: Ic08cad28d3f6d33c3aaa35903f8013f49886712b
We still have one-off code from when we first implemented
devmode in the task that injects repos into downloaded images.
This code works only for the master-tripleo-ci release we use
for gating. In order to allow using other releases (like
master-consistent for promote), we need to instead use the
generic repo-setup role.
Closes-Bug: 1674799
Change-Id: Id7f22e5e386df0b80f1a4abd104e644f47bd14d3
Add support for openstack hosted pre-provisioned undercloud and
overcloud cluster nodes, identified by a clusterid metadata
(optional). Adapt the tripleo-inventory role for that need. Access overcloud nodes over a particular private admin/control network
(multiple networks supported) via the undercloud floating IP,
acting as a bastion node public IP.
List of changes:
* Reuse access URL/creds and clouds.yaml template from the
extras' OVB roles' defaults.
* Split inventory generation tasks into the openstack provider
case and remaining all/multinode/undercloud cases.
* Add var overcloud_user (defaults to heat-admin), overcloud_key,
undercloud_key instead of hardcoded values.
* Rely on shade dynamic inventory and update requirements.txt for os-
client-config and jmespath as well.
for its dependencies to become the part of quickstart deps.
* Add docs
Related-bug: #1691467
Change-Id: If2aef32a5df6fb407605a717523c5fcdec338534
Signed-off-by: Bogdan Dobrelya <bdobreli@redhat.com>
Previously NAT was required since bridges can't have addresses,
and the instackenv.json template was expecting an address on the
external bridge to populate pm_addr.
If the external network is designated as a bridge, another network
must be set to NAT in order for the virthost to be able to access
the undercloud, since otherwise there's no address given to
the VM. If no such network is defined, the default libvirt network
(virbr0) is used.
In addition, the requirement to have networks named 'external'
and 'overcloud' has been removed. The first bridge network specified
in the network list will be used as a pxe network regardless of name.
Change-Id: I77f2df7862a71d9a62e4382138bc5287d0687569
This patch allows us to run tripleo-validations tests through the
Mistral framework and running negative tests from Ansible directly.
Depends-On: Iec07a18322252af2d484bc3f06a59dbd1b08f537
Change-Id: I2e0831fc8b7bdf6acca1d0f99bf41adcad94f688
Signed-off-by: Gael Chamoulaud <gchamoul@redhat.com>
Add a systemd service that tunnels traffic between the virthost and the
undercloud. We forward ports for the UI itself, and a few other Openstack
services, like Keystone, Heat, Mistral, etc.
This requires a change that sets up the tripleo-ui javascript
config with the proper settings and restarts the httpd service
https://gist.github.com/weshayutin/0af348fafd70cb56c96d6856f073d79b
Completed this change in Ie9d3e7d12c420b9b65c25692435c0457f1233a27
Access to the TripleO-UI is available from http://virthost:3000
Author: Honza Pokorny <honza@redhat.com>
Co-Authored-By: Wes Hayutin <weshayutin@gmail.com>
Change-Id: Id53c5bd7f199c64bc9cb37df7e63f27c4673f415
Add ability to deploy a supplemental node along with undercloud
and overcloud nodes by the libvirt/setup role(s) along with
basic ability to deploy TLS everywhere.
- Update tripleo-inventory role to allow for configuring
supplmental node host access
- Update common role defaults with required vars
- Update quickstart.sh to support fake HA IPA deployment
- Update general_config/ipa.yml with relevant vars
- Add nodes/1ctlr_1comp_1supp.yml for supplmental node deployment
- Add release note
Depends-On: I53323511aabf0d616805efab6edde4acc7bedf11
Related-Bug: 1662923
Change-Id: I3f18e26d0e40942c7c54c07b644ee1209fb89c83
Few issues found:
1. the repo-setup playbook in tqe was overwriting
the repo-setup playbook in tq.
2. added the proper tags
3. create a default variable in tq/common
4. move repo-setup earlier in the workflow.
In most cases this will just be skipped, however
in the cases where custom yum repo-setup is required
it is best to do it early in the workflow.
Change-Id: I8f3680129205ff120bb455becbe6a9291035fe8a
The version of openstack was not accounted for in the
cache path and can cause image collisions.
Closes-Bug: #1679799
Change-Id: I6ae0979644182544cb1f494d0523cf2e3c7f3827
Openvswitch ports cannot be connected to unprivileged libvirt
guests, so the only way to use OVS on the undercloud host at
the moment is to run the guests with privileges.
In this case, the root user is used to launch the VMs, and the
new option added in this patch can be used to give access to
the image files owned by the non_root_user.
Change-Id: Ife7f10df3d89798d3c5753f5ddc9a06eda5ef8d9
Enables a deployment using clean base os RHEL/CentOS images.
A clean base os image would be the standard cloud images for
CentOS and RHEL. The normal path for quickstart is to use
a prebuilt undercloud image with all the packages preinstalled.
* undercloud_image_url points to a base os image and includes
a md5sum for that image in the config.
* update fetch.yml to handle base os images
* create a baseos convert image script in convert-image that
does not install openstack packages.
* create a new variable call baseos_as_undercloud variable
Change-Id: Ia2394943c12f3bc6ac29235ca741e0eb2dd17db3
This patch adds blank newline for each [yaml|sh] files if they
don't end with one. This will allows us getting linters happy and avoid us
having git adding "\ No newline at end of file" in diffs when pushing
a new patch.
In other way, you can configure Git to properly handle line endings in
typing:
$ git config --global core.autocrlf input
Change-Id: I8a113541b3eae6a36ed32995822dedbbd2d9666e
Signed-off-by: Gael Chamoulaud <gchamoul@redhat.com>
previously, we used set_fact to set the non_root_group variable but
this is problematic: the libvirt/ playbooks are expected to be
runnable *without* also running the provision/ playbooks, in which
case non_root_group is not set, causing ansible to fail.
this change makes non_root_group explicit and adds it to
roles/common/defaults/main.yml.
Change-Id: I5a174a303c980569fad31f7d7fa8e846105a2291
This patch changes the default value of the enable_vnc_console
variable from false to true. Having the console shouldn't cause any
harm and is probably a helpful default.
Change-Id: I542e4a65f14db7fcc05732ecd869943ce50b0a04
We introduced a few network isolation types support in
patch https://review.openstack.org/#/c/437437.
Now it's required to set type of network isolation.
Set centos.ci network isolation type by default to single nic
with vlans which was used always by quickstart before.
Change-Id: If3ad22a2db0cb9420264745620aa57841da5f1dd
We are using this outside of the libvirt role, in the convert-image
role, so we should put it in common/defaults.
Change-Id: I22a6a7e42c84e5ceb2a16e6aaab305347e58aa47
ansible_user is currently used both as the builtin variable
and a regular variable. Since its value changes multiple times
over the course of a deployment, determining its value at any given
point in time can be difficult. In addition, overriding its value
in order to connect to the virthost with a different user has
unexpected results for the same reason.
ansible_user is therefore replaced with ssh_user, which is never
modified from its default in common defaults, and can be safely
overridden by the user.
Change-Id: Id9bc7c2a3b11140508ef0911de317a4f1ece05dd
We need to differentiate local_working_dir from working_dir
as well as decouple the stack user from `ansible_user` var.
Both of these are causing issues as we begin to automate
deployments in more environments.
- update common/defaults to use undercloud_user
- make tripleo-inventory inherit from common role, pull
duplicate vars out of its defaults
- make convert-image inherit from common role, update
template to use undercloud_user
- update libvirt/setup/undercloud to use undercloud_user
Related-bug: 1654574
Change-Id: I45b0706df8351ff9ddc6c226989125dcb2f5b897