bc053c09c1
Introduce kolla_address filter. Introduce put_address_in_context filter. Add AF config to vars. Address contexts: - raw (default): <ADDR> - memcache: inet6:[<ADDR>] - url: [<ADDR>] Other changes: globals.yml - mention just IP in comment prechecks/port_checks (api_intf) - kolla_address handles validation 3x interface conditional (swift configs: replication/storage) 2x interface variable definition with hostname (haproxy listens; api intf) 1x interface variable definition with hostname with bifrost exclusion (baremetal pre-install /etc/hosts; api intf) neutron's ml2 'overlay_ip_version' set to 6 for IPv6 on tunnel network basic multinode source CI job for IPv6 prechecks for rabbitmq and qdrouterd use proper NSS database now MariaDB Galera Cluster WSREP SST mariabackup workaround (socat and IPv6) Ceph naming workaround in CI TODO: probably needs documenting RabbitMQ IPv6-only proto_dist Ceph ms switch to IPv6 mode Remove neutron-server ml2_type_vxlan/vxlan_group setting as it is not used (let's avoid any confusion) and could break setups without proper multicast routing if it started working (also IPv4-only) haproxy upgrade checks for slaves based on ipv6 addresses TODO: ovs-dpdk grabs ipv4 network address (w/ prefix len / submask) not supported, invalid by default because neutron_external has no address No idea whether ovs-dpdk works at all atm. ml2 for xenapi Xen is not supported too well. This would require working with XenAPI facts. rp_filter setting This would require meddling with ip6tables (there is no sysctl param). By default nothing is dropped. Unlikely we really need it. ironic dnsmasq is configured IPv4-only dnsmasq needs DHCPv6 options and testing in vivo. KNOWN ISSUES (beyond us): One cannot use IPv6 address to reference the image for docker like we currently do, see: https://github.com/moby/moby/issues/39033 (docker_registry; docker API 400 - invalid reference format) workaround: use hostname/FQDN RabbitMQ may fail to bind to IPv6 if hostname resolves also to IPv4. This is due to old RabbitMQ versions available in images. IPv4 is preferred by default and may fail in the IPv6-only scenario. This should be no problem in real life as IPv6-only is indeed IPv6-only. Also, when new RabbitMQ (3.7.16/3.8+) makes it into images, this will no longer be relevant as we supply all the necessary config. See: https://github.com/rabbitmq/rabbitmq-server/pull/1982 For reliable runs, at least Ansible 2.8 is required (2.8.5 confirmed to work well). Older Ansible versions are known to miss IPv6 addresses in interface facts. This may affect redeploys, reconfigures and upgrades which run after VIP address is assigned. See: https://github.com/ansible/ansible/issues/63227 Bifrost Train does not support IPv6 deployments. See: https://storyboard.openstack.org/#!/story/2006689 Change-Id: Ia34e6916ea4f99e9522cd2ddde03a0a4776f7e2c Implements: blueprint ipv6-control-plane Signed-off-by: Radosław Piliszek <radoslaw.piliszek@gmail.com>
418 lines
14 KiB
YAML
418 lines
14 KiB
YAML
---
|
|
- hosts: all
|
|
any_errors_fatal: true
|
|
tasks:
|
|
# NOTE(yoctozepto): ensure we pick up fact changes from pre
|
|
- name: Refresh facts
|
|
setup:
|
|
|
|
# NOTE(yoctozepto): setting vars as facts for all to have them around in all the plays
|
|
- name: set facts for commonly used variables
|
|
set_fact:
|
|
kolla_inventory_path: "/etc/kolla/inventory"
|
|
logs_dir: "/tmp/logs"
|
|
kolla_ansible_src_dir: "{{ ansible_env.PWD }}/src/{{ zuul.project.canonical_hostname }}/openstack/kolla-ansible"
|
|
kolla_ansible_local_src_dir: "{{ zuul.executor.work_root }}/src/{{ zuul.project.canonical_hostname }}/openstack/kolla-ansible"
|
|
infra_dockerhub_mirror: "http://{{ zuul_site_mirror_fqdn }}:8082/"
|
|
need_build_image: false
|
|
build_image_tag: "change_{{ zuul.change | default('none') }}"
|
|
is_upgrade: "{{ 'upgrade' in scenario }}"
|
|
is_ceph: "{{ 'ceph' in scenario }}"
|
|
|
|
- name: Prepare disks for Ceph or LVM
|
|
script: "setup_disks.sh {{ disk_type }}"
|
|
when: scenario == "cinder-lvm" or is_ceph
|
|
become: true
|
|
vars:
|
|
disk_type: "{{ ceph_storetype if is_ceph else 'cinder-lvm' }}"
|
|
ceph_storetype: "{{ hostvars[inventory_hostname].get('ceph_osd_storetype') }}"
|
|
|
|
- hosts: primary
|
|
any_errors_fatal: true
|
|
tasks:
|
|
- name: detect whether need build images
|
|
set_fact:
|
|
need_build_image: true
|
|
when:
|
|
- item.project.short_name == "kolla"
|
|
- item.branch == zuul.branch
|
|
with_items: "{{ zuul['items'] }}"
|
|
|
|
# NOTE(hrw): we do not publish Debian images (yet)
|
|
- name: enable building images for Debian
|
|
set_fact:
|
|
need_build_image: true
|
|
when:
|
|
ansible_distribution == "Debian"
|
|
|
|
# NOTE(yoctozepto): required to template template_overrides.j2 for Zuul
|
|
- name: Include kolla Zuul vars if building new images
|
|
include_vars:
|
|
file: "{{ zuul.executor.work_root }}/src/opendev.org/openstack/kolla/tests/vars/zuul.yml"
|
|
when: need_build_image # only then kolla sources are available (and used)
|
|
|
|
# NOTE(mgoddard): This only affects the remote copy of the repo, not the
|
|
# one on the executor.
|
|
- name: checkout the previous kolla-ansible branch
|
|
shell:
|
|
cmd: |
|
|
git checkout stable/{{ previous_release | lower }}
|
|
echo "kolla-ansible checked out to:"
|
|
git log --pretty=oneline -1
|
|
chdir: "{{ kolla_ansible_src_dir }}"
|
|
when: is_upgrade
|
|
|
|
- name: ensure /etc/kolla exists
|
|
file:
|
|
path: "/etc/kolla"
|
|
state: "directory"
|
|
mode: 0777
|
|
become: true
|
|
|
|
# NOTE(yoctozepto): required to customize kolla to use local mirrors
|
|
- name: Template template_overrides.j2
|
|
template:
|
|
src: "{{ zuul.executor.work_root }}/src/opendev.org/openstack/kolla/tests/templates/template_overrides.j2"
|
|
dest: /etc/kolla/template_overrides.j2
|
|
when: need_build_image # only then kolla sources are available (and used)
|
|
|
|
- name: Ensure /etc/docker exists
|
|
file:
|
|
path: "/etc/docker"
|
|
state: directory
|
|
become: true
|
|
|
|
- name: Ensure configuration directories exist
|
|
file:
|
|
path: "/etc/kolla/config/{{ item }}"
|
|
state: directory
|
|
loop:
|
|
- nova
|
|
- bifrost
|
|
|
|
- name: generate configuration files
|
|
template:
|
|
src: "{{ kolla_ansible_local_src_dir }}/{{ item.src }}"
|
|
dest: "{{ item.dest }}"
|
|
become: "{{ item.become | default(false) }}"
|
|
vars:
|
|
is_previous_release: "{{ is_upgrade }}"
|
|
with_items:
|
|
# Docker daemon.json
|
|
# TODO(mgoddard): Remove templating of docker daemon.json in Ussuri cycle.
|
|
- src: "tests/templates/docker_daemon.json.j2"
|
|
dest: "/etc/docker/daemon.json"
|
|
become: true
|
|
when: "{{ is_previous_release and previous_release == 'stein' }}"
|
|
# Ansible inventory
|
|
- src: "tests/templates/inventory.j2"
|
|
dest: "{{ kolla_inventory_path }}"
|
|
# globals.yml
|
|
- src: "tests/templates/globals-default.j2"
|
|
dest: /etc/kolla/globals.yml
|
|
# nova-compute.conf
|
|
- src: "tests/templates/nova-compute-overrides.j2"
|
|
dest: /etc/kolla/config/nova/nova-compute.conf
|
|
when: "{{ scenario != 'bifrost' }}"
|
|
# ceph.conf
|
|
- src: "tests/templates/ceph-overrides.j2"
|
|
dest: /etc/kolla/config/ceph.conf
|
|
when: "{{ is_ceph }}"
|
|
# bifrost/dib.yml
|
|
- src: "tests/templates/bifrost-dib-overrides.j2"
|
|
dest: /etc/kolla/config/bifrost/dib.yml
|
|
when: "{{ scenario == 'bifrost' }}"
|
|
- src: "tests/templates/ironic-overrides.j2"
|
|
dest: /etc/kolla/config/ironic.conf
|
|
when: "{{ scenario == 'ironic' }}"
|
|
when: item.when | default(true)
|
|
|
|
- block:
|
|
- name: ensure ironic config directory exists
|
|
file:
|
|
path: /etc/kolla/config/ironic
|
|
state: directory
|
|
mode: 0777
|
|
|
|
- name: download Ironic Python Agent (IPA) images
|
|
get_url:
|
|
url: "https://tarballs.openstack.org/ironic-python-agent/tinyipa/files/{{ item.src }}"
|
|
dest: "/etc/kolla/config/ironic/{{ item.dest }}"
|
|
with_items:
|
|
- src: "tinyipa-{{ zuul.branch | replace('/', '-') }}.gz"
|
|
dest: ironic-agent.initramfs
|
|
- src: "tinyipa-{{ zuul.branch | replace('/', '-') }}.vmlinuz"
|
|
dest: ironic-agent.kernel
|
|
when: scenario == "ironic"
|
|
|
|
- name: install kolla-ansible
|
|
pip:
|
|
name: "{{ kolla_ansible_src_dir }}"
|
|
become: true
|
|
|
|
- name: copy passwords.yml file
|
|
copy:
|
|
src: "{{ kolla_ansible_src_dir }}/etc/kolla/passwords.yml"
|
|
dest: /etc/kolla/passwords.yml
|
|
remote_src: true
|
|
|
|
- name: generate passwords
|
|
shell: "{{ kolla_ansible_src_dir }}/tools/generate_passwords.py"
|
|
|
|
- name: slurp kolla passwords
|
|
slurp:
|
|
src: /etc/kolla/passwords.yml
|
|
register: passwords_yml
|
|
|
|
- name: write out kolla SSH private key
|
|
copy:
|
|
content: "{{ (passwords_yml.content | b64decode | from_yaml).kolla_ssh_key.private_key }}"
|
|
dest: ~/.ssh/id_rsa_kolla
|
|
mode: 0600
|
|
|
|
- name: authorise kolla public key for zuul user
|
|
authorized_key:
|
|
user: "{{ ansible_env.USER }}"
|
|
key: "{{ (passwords_yml.content | b64decode | from_yaml).kolla_ssh_key.public_key }}"
|
|
# Delegate to each host in turn. If more tasks require execution on all
|
|
# hosts in future, break out into a separate play.
|
|
with_inventory_hostnames:
|
|
- all
|
|
delegate_to: "{{ item }}"
|
|
|
|
# NOTE(mgoddard): We are using the script module here and later to ensure
|
|
# we use the local copy of these scripts, rather than the one on the remote
|
|
# host, which could be checked out to a previous release (in an upgrade
|
|
# job).
|
|
- name: Run setup_gate.sh script
|
|
script:
|
|
cmd: ../tools/setup_gate.sh
|
|
executable: /bin/bash
|
|
chdir: "{{ kolla_ansible_src_dir }}"
|
|
environment:
|
|
BASE_DISTRO: "{{ base_distro }}"
|
|
INSTALL_TYPE: "{{ install_type }}"
|
|
BUILD_IMAGE: "{{ need_build_image }}"
|
|
TAG: "{{ build_image_tag }}"
|
|
KOLLA_SRC_DIR: "{{ ansible_env.HOME }}/src/opendev.org/openstack/kolla"
|
|
ACTION: "{{ scenario }}"
|
|
|
|
# At this point we have generated all necessary configuration, and are
|
|
# ready to deploy the control plane services. Control flow now depends on
|
|
# the scenario being exercised.
|
|
|
|
# Deploy control plane. For upgrade jobs this is the previous release.
|
|
- block:
|
|
- name: Run deploy.sh script
|
|
script:
|
|
cmd: deploy.sh
|
|
executable: /bin/bash
|
|
chdir: "{{ kolla_ansible_src_dir }}"
|
|
environment:
|
|
ACTION: "{{ scenario }}"
|
|
|
|
- name: Run test-openstack.sh script
|
|
script:
|
|
cmd: test-openstack.sh
|
|
executable: /bin/bash
|
|
chdir: "{{ kolla_ansible_src_dir }}"
|
|
environment:
|
|
ACTION: "{{ scenario }}"
|
|
when: scenario not in ['ironic', 'scenario_nfv']
|
|
|
|
- name: Run test-zun.sh script
|
|
shell:
|
|
cmd: tests/test-zun.sh
|
|
executable: /bin/bash
|
|
chdir: "{{ kolla_ansible_src_dir }}"
|
|
when: "{{ 'zun' in scenario }}"
|
|
|
|
- name: Run test-scenario-nfv.sh script
|
|
script:
|
|
cmd: test-scenario-nfv.sh
|
|
executable: /bin/bash
|
|
chdir: "{{ kolla_ansible_src_dir }}"
|
|
when: scenario == "scenario_nfv"
|
|
|
|
- name: Run test-ironic.sh script
|
|
script:
|
|
cmd: test-ironic.sh
|
|
executable: /bin/bash
|
|
chdir: "{{ kolla_ansible_src_dir }}"
|
|
when: scenario == "ironic"
|
|
|
|
- name: Run test-masakari.sh script
|
|
script:
|
|
cmd: test-masakari.sh
|
|
executable: /bin/bash
|
|
chdir: "{{ kolla_ansible_src_dir }}"
|
|
when: scenario == "masakari"
|
|
|
|
- name: Run reconfigure.sh script
|
|
script:
|
|
cmd: reconfigure.sh
|
|
executable: /bin/bash
|
|
chdir: "{{ kolla_ansible_src_dir }}"
|
|
environment:
|
|
ACTION: "{{ scenario }}"
|
|
when: not is_upgrade
|
|
when: scenario != "bifrost"
|
|
|
|
# NOTE(yoctozepto): each host checks itself
|
|
- hosts: all
|
|
any_errors_fatal: true
|
|
tasks:
|
|
- name: Pre-upgrade sanity checks
|
|
block:
|
|
- name: Run pre-upgrade check-failure.sh script
|
|
shell:
|
|
cmd: tests/check-failure.sh
|
|
executable: /bin/bash
|
|
chdir: "{{ kolla_ansible_src_dir }}"
|
|
|
|
- name: Run pre-upgrade check-config.sh script
|
|
shell:
|
|
cmd: tests/check-config.sh
|
|
executable: /bin/bash
|
|
chdir: "{{ kolla_ansible_src_dir }}"
|
|
|
|
# Using script rather than shell here because check-logs.sh does not
|
|
# exist in Stein branch.
|
|
- name: Run check-logs.sh script
|
|
script:
|
|
cmd: check-logs.sh
|
|
executable: /bin/bash
|
|
chdir: "{{ kolla_ansible_src_dir }}"
|
|
when: is_upgrade
|
|
|
|
- hosts: primary
|
|
any_errors_fatal: true
|
|
tasks:
|
|
# Upgrade: update config.
|
|
- block:
|
|
# NOTE(mgoddard): This only affects the remote copy of the repo, not the
|
|
# one on the executor.
|
|
- name: checkout the current kolla-ansible branch
|
|
shell:
|
|
cmd: |
|
|
git checkout {{ zuul.branch }}
|
|
echo "kolla-ansible checked out to:"
|
|
git log --pretty=oneline -1
|
|
chdir: "{{ kolla_ansible_src_dir }}"
|
|
|
|
- name: Generate configuration files
|
|
template:
|
|
src: "{{ kolla_ansible_local_src_dir }}/{{ item.src }}"
|
|
dest: "{{ item.dest }}"
|
|
vars:
|
|
is_previous_release: false
|
|
with_items:
|
|
# Ansible inventory
|
|
- src: "tests/templates/inventory.j2"
|
|
dest: "{{ kolla_inventory_path }}"
|
|
# globals.yml
|
|
- src: "tests/templates/globals-default.j2"
|
|
dest: /etc/kolla/globals.yml
|
|
# nova-compute.conf
|
|
- src: "tests/templates/nova-compute-overrides.j2"
|
|
dest: /etc/kolla/config/nova/nova-compute.conf
|
|
# ceph.conf
|
|
- src: "tests/templates/ceph-overrides.j2"
|
|
dest: /etc/kolla/config/ceph.conf
|
|
when: "{{ is_ceph }}"
|
|
when: item.when | default(true)
|
|
|
|
- name: upgrade kolla-ansible
|
|
pip:
|
|
name: "{{ kolla_ansible_src_dir }}"
|
|
become: true
|
|
|
|
# Update passwords.yml to include any new passwords added in this
|
|
# release.
|
|
- name: move passwords.yml to passwords.yml.old
|
|
command: mv /etc/kolla/passwords.yml /etc/kolla/passwords.yml.old
|
|
|
|
- name: copy passwords.yml file
|
|
copy:
|
|
src: "{{ kolla_ansible_src_dir }}/etc/kolla/passwords.yml"
|
|
dest: /etc/kolla/passwords.yml
|
|
remote_src: true
|
|
|
|
- name: generate new passwords
|
|
shell: "{{ kolla_ansible_src_dir }}/tools/generate_passwords.py"
|
|
|
|
- name: merge old and new passwords
|
|
shell: >-
|
|
{{ kolla_ansible_src_dir }}/tools/merge_passwords.py
|
|
--old /etc/kolla/passwords.yml.old
|
|
--new /etc/kolla/passwords.yml
|
|
--final /etc/kolla/passwords.yml
|
|
|
|
# Perform an upgrade to the in-development code.
|
|
- name: Run upgrade.sh script
|
|
shell:
|
|
cmd: tests/upgrade.sh
|
|
executable: /bin/bash
|
|
chdir: "{{ kolla_ansible_src_dir }}"
|
|
environment:
|
|
ACTION: "{{ scenario }}"
|
|
|
|
- name: Run test-openstack.sh script
|
|
shell:
|
|
cmd: tests/test-openstack.sh
|
|
executable: /bin/bash
|
|
chdir: "{{ kolla_ansible_src_dir }}"
|
|
environment:
|
|
ACTION: "{{ scenario }}"
|
|
|
|
- name: Run test-zun.sh script
|
|
shell:
|
|
cmd: tests/test-zun.sh
|
|
executable: /bin/bash
|
|
chdir: "{{ kolla_ansible_src_dir }}"
|
|
when: "{{ 'zun' in scenario }}"
|
|
when: is_upgrade
|
|
|
|
# Bifrost testing.
|
|
- block:
|
|
- name: Run deploy-bifrost.sh script
|
|
shell:
|
|
cmd: tests/deploy-bifrost.sh
|
|
executable: /bin/bash
|
|
chdir: "{{ kolla_ansible_src_dir }}"
|
|
|
|
- name: Run test-bifrost.sh script
|
|
shell:
|
|
cmd: tests/test-bifrost.sh
|
|
executable: /bin/bash
|
|
chdir: "{{ kolla_ansible_src_dir }}"
|
|
|
|
- name: Run upgrade-bifrost.sh script
|
|
shell:
|
|
cmd: tests/upgrade-bifrost.sh
|
|
executable: /bin/bash
|
|
chdir: "{{ kolla_ansible_src_dir }}"
|
|
when: scenario == "bifrost"
|
|
|
|
# NOTE(yoctozepto): each host checks itself
|
|
- hosts: all
|
|
any_errors_fatal: true
|
|
tasks:
|
|
- name: Run check-failure.sh script
|
|
shell:
|
|
cmd: tests/check-failure.sh
|
|
executable: /bin/bash
|
|
chdir: "{{ kolla_ansible_src_dir }}"
|
|
|
|
- name: Run check-config.sh script
|
|
shell:
|
|
cmd: tests/check-config.sh
|
|
executable: /bin/bash
|
|
chdir: "{{ kolla_ansible_src_dir }}"
|
|
|
|
- name: Run check-logs.sh script
|
|
shell:
|
|
cmd: tests/check-logs.sh
|
|
executable: /bin/bash
|
|
chdir: "{{ kolla_ansible_src_dir }}"
|