Merge "Get rid of all-clouds.yaml"

.zuul.yaml

@@ -1605,7 +1605,6 @@
       - playbooks/roles/install-kubectl/.*
       - playbooks/roles/configure-kubectl/.*
       - playbooks/roles/configure-openstacksdk/.*
-      - playbooks/templates/clouds/bridge_clouds.yaml.j2
       - playbooks/templates/clouds/bridge_all_clouds.yaml.j2
 
 - job:

doc/source/sysadmin.rst

@@ -109,7 +109,6 @@ Accessing Clouds
 As an unprivileged user who is a member of the `admin` group on
 bridge, you can access any of the clouds with::
 
-  export OS_CLIENT_CONFIG_FILE=/etc/openstack/all-clouds.yaml
   openstack --os-cloud <cloud name> --os-cloud-region <region name>
 
 

playbooks/service-bridge.yaml

@@ -9,9 +9,8 @@
     - include_role:
         name: configure-openstacksdk
       vars:
-        openstacksdk_config_file: '{{ openstacksdk_config_dir }}/all-clouds.yaml'
         openstacksdk_config_template: clouds/bridge_all_clouds.yaml.j2
-    - include_role:
+    - name: Get rid of all-clouds.yaml
-        name: configure-openstacksdk
+      file:
-      vars:
+        state: absent
-        openstacksdk_config_template: clouds/bridge_clouds.yaml.j2
+        path: '/etc/openstack/all-clouds.yaml'

playbooks/templates/clouds/bridge_all_clouds.yaml.j2

@@ -1,9 +1,9 @@
 #
 # Bridge all clouds
 #
-# This file is deployed to /etc/openstack/all-clouds.yaml on the
+# This file is deployed to /etc/openstack/clouds.yaml on the
 # bastion host and contains information for all cloud environments
-# provided to OpenStack Infra.
+# provided to OpenDev.
 #
 # Providers have two projects:
 #
@@ -19,11 +19,6 @@
 # canonicalises all providers with correct keypairs and other
 # configuration details.
 #
-# To manually operate on projects only in this file, you can redirect
-# openstacksdk with
-#
-#  $ OS_CLIENT_CONFIG_FILE=/etc/openstack/all-clouds.yaml openstack ...
-#
 
 clouds:
   openstackci-inap:

playbooks/templates/clouds/bridge_clouds.yaml.j2

@@ -1,178 +0,0 @@
-#
-# Bridge clouds
-#
-# This file is deployed to /etc/openstack/clouds.yaml on the bastion
-# host and is thus the default configuration file for openstacksdk
-# operations.
-#
-# It is a strict subset of all-clouds.yaml but contains only the CI
-# (control-plane) projects for each provider.  This is useful because
-# the test-node tenants have hundreds of ephemeral nodes, whose
-# cache-evading behaviour would make enumerating their projects
-# unnecessarily slow when building an inventory for our default
-# control-plane cron runs.
-#
-
-ansible:
-  fail_on_errors: False
-  expand_hostvars: False
-  use_hostnames: True
-cache:
-  expiration_time: 86400
-  path: /var/cache/ansible-inventory
-  expiration:
-    server: 5
-    port: 5
-    floating-ip: 5
-clouds:
-  openstackci-inap:
-    profile: internap
-    auth:
-      username: '{{ clouds.openstackci_internap_username }}'
-      password: '{{ clouds.openstackci_internap_password }}'
-      project_name: '{{ clouds.openstackci_internap_project_name }}'
-    regions:
-      - name: mtl01
-        values:
-          networks:
-            - name: inap-17301-WAN1102
-              routes_externally: True
-  openstackci-ovh:
-    regions:
-      - GRA1
-      - SBG1
-      - BHS1
-    profile: ovh
-    # OVH has a weird new ipv6 setup that we can't handle properly
-    # for now ignore ipv6
-    force_ipv4: true
-    auth:
-      username: '{{ clouds.openstackci_ovh_username }}'
-      password: '{{ clouds.openstackci_ovh_password }}'
-      project_name: '{{ clouds.openstackci_ovh_project_name }}'
-  openstackci-rax:
-    regions:
-      - name: DFW
-        values:
-          block_storage_endpoint_override: 'https://dfw.blockstorage.api.rackspacecloud.com/v2/{{ clouds.openstackci_rax_project_id }}/'
-      - name: ORD
-        values:
-          block_storage_endpoint_override: 'https://ord.blockstorage.api.rackspacecloud.com/v2/{{ clouds.openstackci_rax_project_id }}'
-      - name: IAD
-        values:
-          block_storage_endpoint_override: 'https://iad.blockstorage.api.rackspacecloud.com/v2/{{ clouds.openstackci_rax_project_id }}'
-    profile: rackspace
-    auth:
-      username: '{{ clouds.openstackci_rax_username }}'
-      password: '{{ clouds.openstackci_rax_password }}'
-      project_id: '{{ clouds.openstackci_rax_project_id }}'
-    identity_api_version: 2
-    volume_api_version: 2
-  openstackci-vexxhost:
-    regions:
-      - ca-ymq-1
-      - sjc1
-    profile: vexxhost
-    auth:
-      username: '{{ clouds.openstackci_vexxhost_username }}'
-      password: '{{ clouds.openstackci_vexxhost_password }}'
-      project_name: '{{ clouds.openstackci_vexxhost_project_name }}'
-      project_domain_name: default
-      user_domain_name: default
-  openstackci-citycloud:
-    regions:
-      - Kna1
-      - La1
-      - Lon1
-      - Sto2
-    profile: citycloud
-    auth:
-      # TODO(mordred) This auth_url entry is only needed until openstacksdk
-      # 0.18.2 or 0.19.0 is released.
-      auth_url: "https://{region_name}.citycloud.com:5000/v3/"
-      username: '{{ clouds.openstackci_citycloud_username }}'
-      password: '{{ clouds.openstackci_citycloud_password }}'
-      project_name: 'Default Project 27611'
-      project_domain_name: CCP_Domain_27611
-      user_domain_name: CCP_Domain_27611
-  openstackci-linaro-london:
-    regions:
-      - London
-    auth:
-      auth_url: https://uk.linaro.cloud:5000
-      username: '{{ clouds.openstackci_linaro_london_username }}'
-      password: '{{ clouds.openstackci_linaro_london_password }}'
-      project_name: '{{ clouds.openstackci_linaro_london_project_name }}'
-      project_domain_name: default
-      user_domain_name: default
-    identity_api_version: 3
-  openstackci-linaro-us:
-    regions:
-      - RegionOne
-    auth:
-      auth_url: https://us.linaro.cloud:5000
-      username: '{{ clouds.openstackci_linaro_us_username }}'
-      password: '{{ clouds.openstackci_linaro_us_password }}'
-      project_name: '{{ clouds.openstackci_linaro_us_project_name }}'
-      project_domain_name: default
-      user_domain_name: default
-    identity_api_version: 3
-  openstackci-limestone:
-    regions:
-      - name: RegionOne
-        values:
-          networks:
-            - name: "Gateway Network"
-              routes_externally: false
-              routes_ipv6_externally: true
-              nat_destination: true
-            - name: "Flat External"
-              routes_externally: true
-              nat_source: true
-    auth:
-      auth_url: https://osa.continuous.pw:5000
-      username: '{{ clouds.openstackci_limestone_username }}'
-      password: '{{ clouds.openstackci_limestone_password }}'
-      project_name: '{{ clouds.openstackci_limestone_project_name }}'
-      user_domain_name: default
-      project_domain_name: default
-    identity_api_version: 3
-    cacert: /etc/openstack/limestone_cacert.pem
-  openstackci-packethost:
-    regions:
-      - name: us-west-1
-        values:
-          networks:
-            - name: openstackci-net
-              default_interface: True
-    auth:
-      auth_url: https://packet.platform9.net/keystone
-      username: '{{ clouds.openstackci_packethost_username }}'
-      password: '{{ clouds.openstackci_packethost_password }}'
-      project_name: '{{ clouds.openstackci_packethost_project_name }}'
-      user_domain_name: default
-      project_domain_name: default
-    identity_api_version: '3'
-  openstackci-openedge:
-    regions:
-      - us-east
-    api_timeout: 60
-    auth:
-      auth_url: https://api.us-east.open-edge.io:5000/v3
-      username: '{{ clouds.openstackci_openedge_username }}'
-      password: '{{ clouds.openstackci_openedge_password }}'
-      project_name: '{{ clouds.openstackci_openedge_project_name }}'
-      project_domain_name: Default
-      user_domain_name: Default
-    identity_api_version: 3
-    image_format: 'qcow2'
-  opendevci-airship:
-    regions:
-      - Kna1
-    profile: citycloud
-    auth:
-      username: '{{ clouds.opendevci_airship_username }}'
-      password: '{{ clouds.opendevci_airship_password }}'
-      project_name: 'Airship_OpenDev_Mirror'
-      project_domain_name: CCP_Domain_34466
-      user_domain_name: CCP_Domain_34466

run_cloud_launcher.sh

@@ -42,9 +42,6 @@ _START_TIME=$(date '+%s')
 
 echo "--- begin run @ $(date -Is) ---"
 
-# We need access to all-clouds
-export OS_CLIENT_CONFIG_FILE=/etc/openstack/all-clouds.yaml
-
 # Pass -i /dev/null to avoid the ansible-playbook run with all-clouds.yaml
 # being active messing with the normal inventory cache.
 /usr/bin/timeout -k 2m 120m /usr/local/bin/ansible-playbook -i /dev/null -f 1 \

testinfra/test_bridge.py

@@ -22,11 +22,6 @@ def test_clouds_yaml(host):
 
     assert b'password' in clouds_yaml.content
 
-    all_clouds_yaml = host.file('/etc/openstack/all-clouds.yaml')
-    assert all_clouds_yaml.exists
-
-    assert b'password' in all_clouds_yaml.content
-
 
 def test_openstacksdk_config(host):
     f = host.file('/etc/openstack')

tools/check_clouds_yaml.py

@@ -23,7 +23,6 @@ import tempfile
 FILES_TO_CHECK = (
     'playbooks/templates/clouds/nodepool_clouds.yaml.j2',
     'playbooks/templates/clouds/bridge_all_clouds.yaml.j2',
-    'playbooks/templates/clouds/bridge_clouds.yaml.j2',
 )
 
 
@@ -31,7 +30,7 @@ def check_files():
 
     with tempfile.TemporaryDirectory() as tempdir:
         for file in FILES_TO_CHECK:
-            # These are actually erb files that have templating in
+            # These are actually jinja files that have templating in
             # them, we just rewrite them with a string in there for
             # the parser to read, as the <>'s can confuse yaml
             # depending on how they're quoted in the file

tools/clean-leaked-bfv.py

@@ -1,6 +1,4 @@
 # Tool to clean up leaked Boot-From-Volume Volumes
-# Run this with:
-# OS_CLIENT_CONFIG_FILE=/etc/openstack/all-clouds.yaml python3 clean-volumes.py
 from openstack import connection
 import openstack
 import datetime