From e167e56857cdfa2f146a3416a9f5b61c850685c0 Mon Sep 17 00:00:00 2001 From: Mohammed Naser Date: Mon, 24 Feb 2020 13:48:51 +0100 Subject: [PATCH] Add Centos-8 support Depends-On: https://review.opendev.org/738903 Depends-On: https://review.opendev.org/735555 Depends-On: https://review.opendev.org/735781 Depends-On: https://review.opendev.org/735926 Depends-On: https://review.opendev.org/735971 Depends-On: https://review.opendev.org/736097 Depends-On: https://review.opendev.org/736095 Depends-On: https://review.opendev.org/736850 Depends-On: https://review.opendev.org/739026 Change-Id: Ibac278398ef533bc8fcf253c67cb983461bd145d --- ansible-role-requirements.yml | 2 +- doc/source/user/aio/quickstart.rst | 4 +- inventory/group_vars/utility_all.yml | 2 +- playbooks/openstack-hosts-setup.yml | 1 + ...add-centos-8-support-af546bd6ca3b10cd.yaml | 7 +++ scripts/bootstrap-ansible.sh | 2 +- scripts/gate-check-commit.sh | 20 +++---- scripts/scripts-library.sh | 18 ++----- tests/bootstrap-aio.yml | 1 + tests/roles/bootstrap-host/defaults/main.yml | 4 ++ .../tasks/check-requirements.yml | 1 + .../tasks/prepare_aio_config.yml | 25 +++++---- .../templates/user_variables.aio.yml.j2 | 2 + tests/roles/bootstrap-host/vars/redhat-8.yml | 35 ++++++++++++ zuul.d/jobs.yaml | 53 +++++++++++++++++++ zuul.d/playbooks/pre-gate-cleanup.yml | 11 ++++ zuul.d/project-templates.yaml | 7 +++ zuul.d/project.yaml | 2 +- 18 files changed, 158 insertions(+), 39 deletions(-) create mode 100644 releasenotes/notes/add-centos-8-support-af546bd6ca3b10cd.yaml create mode 100644 tests/roles/bootstrap-host/vars/redhat-8.yml diff --git a/ansible-role-requirements.yml b/ansible-role-requirements.yml index a585a1b5ef..c6d59ed416 100644 --- a/ansible-role-requirements.yml +++ b/ansible-role-requirements.yml @@ -245,7 +245,7 @@ trackbranch: master - name: sshd scm: git - src: https://github.com/willshersystems/ansible-sshd + src: https://github.com/bengoa/ansible-sshd version: master trackbranch: master - name: bird diff --git a/doc/source/user/aio/quickstart.rst b/doc/source/user/aio/quickstart.rst index d10f3e6e6a..4350ad59a9 100644 --- a/doc/source/user/aio/quickstart.rst +++ b/doc/source/user/aio/quickstart.rst @@ -129,8 +129,8 @@ version. .. note:: The |current_release_formal_name| release is only compatible with Debian 9 (stretch), Debian 10 (buster), Ubuntu 18.04 (Bionic Beaver), - CentOS 7. Experimentat support is provided for openSUSE Leap 15.X - but this is expected to be removed in the next major release. + CentOS 7 and CentOS 8. Experimentat support is provided for openSUSE + Leap 15.X but this is expected to be removed in the next major release. The next step is to bootstrap Ansible and the Ansible roles for the development environment. diff --git a/inventory/group_vars/utility_all.yml b/inventory/group_vars/utility_all.yml index 0ff96541f4..e7d141e8b5 100644 --- a/inventory/group_vars/utility_all.yml +++ b/inventory/group_vars/utility_all.yml @@ -34,7 +34,7 @@ utility_distro_packages: # Packages installed into the utility container for distro installs # NOTE(jrosser) this can be simplified when all supported # distros use python3 -utility_distro_openstack_clients_python_version: "{{ (ansible_distribution == 'CentOS') | ternary('2', '3') }}" +utility_distro_openstack_clients_python_version: "{{ (ansible_distribution == 'CentOS' and ansible_distribution_major_version is version('8', '<')) | ternary('2', '3') }}" _utility_distro_openstack_clients_packages: 2: diff --git a/playbooks/openstack-hosts-setup.yml b/playbooks/openstack-hosts-setup.yml index 63ed7fffeb..ddc22037e9 100644 --- a/playbooks/openstack-hosts-setup.yml +++ b/playbooks/openstack-hosts-setup.yml @@ -58,6 +58,7 @@ (ansible_distribution == 'Ubuntu' and ansible_distribution_release == 'bionic') or (ansible_distribution == 'Ubuntu' and ansible_distribution_release == 'focal') or (ansible_os_family == 'RedHat' and ansible_distribution_major_version == '7') or + (ansible_os_family == 'RedHat' and ansible_distribution_major_version == '8') or (ansible_os_family == 'Suse' and ansible_distribution_major_version in ['15', '42']) msg: "The only supported platforms for this release are Debian Stretch or Buster, Ubuntu 18.04 LTS (Bionic), CentOS 7 (WIP) and openSUSE Leap 42.X and openSUSE Leap 15.X" diff --git a/releasenotes/notes/add-centos-8-support-af546bd6ca3b10cd.yaml b/releasenotes/notes/add-centos-8-support-af546bd6ca3b10cd.yaml new file mode 100644 index 0000000000..f3cf7f16fc --- /dev/null +++ b/releasenotes/notes/add-centos-8-support-af546bd6ca3b10cd.yaml @@ -0,0 +1,7 @@ +--- +features: + - | + Support is added for deploying OpenStack on CentOS 8 with + source and distro based installs. However, nspawn support + can't be offered, as machinectl relies on btrfs which has + been dropped by CentOS. diff --git a/scripts/bootstrap-ansible.sh b/scripts/bootstrap-ansible.sh index cfc5b95968..ac20e972e8 100755 --- a/scripts/bootstrap-ansible.sh +++ b/scripts/bootstrap-ansible.sh @@ -74,7 +74,7 @@ case ${DISTRO_ID} in git curl autoconf gcc gcc-c++ nc \ python3 python3-devel libselinux-python3 \ openssl-devel libffi-devel \ - libselinux-python python-virtualenv + $(if [[ ${VERSION_ID} == '7' ]]; then echo "python-virtualenv"; else echo "python3-virtualenv"; fi) ;; ubuntu|debian) # NOTE(jrosser) remove this once infra debian images point to the upstream security repo diff --git a/scripts/gate-check-commit.sh b/scripts/gate-check-commit.sh index 6adc2f38b6..11772f4d12 100755 --- a/scripts/gate-check-commit.sh +++ b/scripts/gate-check-commit.sh @@ -91,15 +91,17 @@ if [[ -z "${SKIP_OSA_BOOTSTRAP_AIO+defined}" ]]; then fi # Flush all the iptables rules set by openstack-infra -iptables -F -iptables -X -iptables -t nat -F -iptables -t nat -X -iptables -t mangle -F -iptables -t mangle -X -iptables -P INPUT ACCEPT -iptables -P FORWARD ACCEPT -iptables -P OUTPUT ACCEPT +if which iptables; then + iptables -F + iptables -X + iptables -t nat -F + iptables -t nat -X + iptables -t mangle -F + iptables -t mangle -X + iptables -P INPUT ACCEPT + iptables -P FORWARD ACCEPT + iptables -P OUTPUT ACCEPT +fi # Bootstrap an AIO if [[ -z "${SKIP_OSA_BOOTSTRAP_AIO+defined}" ]]; then diff --git a/scripts/scripts-library.sh b/scripts/scripts-library.sh index be5abf0ead..c355aa492b 100755 --- a/scripts/scripts-library.sh +++ b/scripts/scripts-library.sh @@ -87,7 +87,11 @@ function build_ansible_runtime_venv { # Add SELinux support to the venv if [ -d "/usr/lib64/python3.6/site-packages/selinux/" ]; then - rsync -avX /usr/lib64/python3.6/site-packages/selinux/ /opt/ansible-runtime/lib64/python3.6/selinux/ + rsync -avX /usr/lib64/python3.6/site-packages/selinux/ /opt/ansible-runtime/lib64/python3.6/site-packages/selinux/ + fi + # NOTE(noonedeadpunk) Conditional is here for compatability with CentOS 7 + if [ -f "/usr/lib64/python3.6/site-packages/_selinux.cpython-36m-x86_64-linux-gnu.so" ]; then + rsync -avX /usr/lib64/python3.6/site-packages/_selinux.cpython-36m-x86_64-linux-gnu.so /opt/ansible-runtime/lib64/python3.6/site-packages/ fi } @@ -362,18 +366,6 @@ function get_instance_info { ;; esac - # Storage reports - for dir_name in lxc machines; do - btrfs filesystem usage /var/lib/${dir_name} > \ - "/openstack/log/instance-info/btrfs_${dir_name}_usage_${TS}.log" || true - btrfs filesystem show /var/lib/${dir_name} > \ - "/openstack/log/instance-info/btrfs_${dir_name}_show_${TS}.log" || true - btrfs filesystem df /var/lib/${dir_name} > \ - "/openstack/log/instance-info/btrfs_${dir_name}_df_${TS}.log" || true - btrfs qgroup show --human-readable -pcre --iec /var/lib/${dir_name} > \ - "/openstack/log/instance-info/btrfs_${dir_name}_quotas_${TS}.log" || true - done - if command -v zfs >/dev/null; then zfs list > "/openstack/log/instance-info/zfs_lxc_${TS}.log" || true fi diff --git a/tests/bootstrap-aio.yml b/tests/bootstrap-aio.yml index 5434314e94..def4efe633 100644 --- a/tests/bootstrap-aio.yml +++ b/tests/bootstrap-aio.yml @@ -27,6 +27,7 @@ sftp_subsystem: 'apt': 'sftp /usr/lib/openssh/sftp-server' 'yum': 'sftp /usr/libexec/openssh/sftp-server' + 'dnf': 'sftp /usr/libexec/openssh/sftp-server' 'zypper': 'sftp /usr/lib/ssh/sftp-server' sshd: ListenAddress: diff --git a/tests/roles/bootstrap-host/defaults/main.yml b/tests/roles/bootstrap-host/defaults/main.yml index 7b6ea57660..1d307c932b 100644 --- a/tests/roles/bootstrap-host/defaults/main.yml +++ b/tests/roles/bootstrap-host/defaults/main.yml @@ -117,6 +117,10 @@ bootstrap_host_network_utils: iptables: /usr/sbin/iptables ethtool: /usr/sbin/ethtool ip: /usr/sbin/ip + dnf: + iptables: /usr/sbin/iptables + ethtool: /usr/sbin/ethtool + ip: /usr/sbin/ip zypper: iptables: /usr/sbin/iptables ethtool: /sbin/ethtool diff --git a/tests/roles/bootstrap-host/tasks/check-requirements.yml b/tests/roles/bootstrap-host/tasks/check-requirements.yml index 5964a596d6..914b64c68b 100644 --- a/tests/roles/bootstrap-host/tasks/check-requirements.yml +++ b/tests/roles/bootstrap-host/tasks/check-requirements.yml @@ -21,6 +21,7 @@ (ansible_distribution == 'Ubuntu' and ansible_distribution_release == 'bionic') or (ansible_distribution == 'Ubuntu' and ansible_distribution_release == 'focal') or (ansible_os_family == 'RedHat' and ansible_distribution_major_version == '7') or + (ansible_os_family == 'RedHat' and ansible_distribution_major_version == '8') or (ansible_os_family == 'Suse' and ansible_distribution_major_version in ['42', '15']) msg: >- The only supported platforms for this release are Debian Stretch, Ubuntu 18.04 LTS (Bionic), diff --git a/tests/roles/bootstrap-host/tasks/prepare_aio_config.yml b/tests/roles/bootstrap-host/tasks/prepare_aio_config.yml index 8dad35d77f..43faa0a918 100644 --- a/tests/roles/bootstrap-host/tasks/prepare_aio_config.yml +++ b/tests/roles/bootstrap-host/tasks/prepare_aio_config.yml @@ -85,20 +85,23 @@ echo "centos_epel_mirror: '${NODEPOOL_EPEL_MIRROR}'" >> ${NODEPOOL_OVERRIDES} echo "galera_percona_xtrabackup_repo_host: '${NODEPOOL_PERCONA_PROXY}'" >> ${NODEPOOL_OVERRIDES} echo "galera_repo_host: '${NODEPOOL_MIRROR_HOST}:8080'" >> ${NODEPOOL_OVERRIDES} - echo "lxc_centos_package_baseurl: 'http://${NODEPOOL_MIRROR_HOST}:8080/copr-lxc2/epel-7-x86_64/'" >> ${NODEPOOL_OVERRIDES} - echo "lxc_centos_package_key: 'http://${NODEPOOL_MIRROR_HOST}:8080/copr-lxc2/pubkey.gpg'" >> ${NODEPOOL_OVERRIDES} echo "nova_virt_type: 'qemu'" >> ${NODEPOOL_OVERRIDES} - # NOTE(mnaser): We need to make sure we pull the latest RDO mirror - # which is hashed to avoid cache going stale during CI. - export DLRN_BASE=${DLRN_BASE:-centos7-master/puppet-passed-ci} - rdo_dlrn=`curl --silent ${NODEPOOL_RDO_PROXY}/${DLRN_BASE}/delorean.repo | grep baseurl | cut -d= -f2` - if [[ -z "$rdo_dlrn" ]]; then - echo "Failed to parse dlrn hash" - exit 1 + source /etc/os-release + if [[ $ID == 'centos' && VERSION_ID == '7' ]]; then + echo "lxc_centos_package_baseurl: 'http://${NODEPOOL_MIRROR_HOST}:8080/copr-lxc2/epel-7-x86_64/'" >> ${NODEPOOL_OVERRIDES} + echo "lxc_centos_package_key: 'http://${NODEPOOL_MIRROR_HOST}:8080/copr-lxc2/pubkey.gpg'" >> ${NODEPOOL_OVERRIDES} + # NOTE(mnaser): We need to make sure we pull the latest RDO mirror + # which is hashed to avoid cache going stale during CI. + export DLRN_BASE=${DLRN_BASE:-centos7-master/puppet-passed-ci} + rdo_dlrn=`curl --silent ${NODEPOOL_RDO_PROXY}/${DLRN_BASE}/delorean.repo | grep baseurl | cut -d= -f2` + if [[ -z "$rdo_dlrn" ]]; then + echo "Failed to parse dlrn hash" + exit 1 + fi + RDO_MIRROR_HOST=${rdo_dlrn/https:\/\/trunk.rdoproject.org/$NODEPOOL_RDO_PROXY} + echo "openstack_hosts_rdo_repo_url: '${RDO_MIRROR_HOST}'" >> ${NODEPOOL_OVERRIDES} fi - RDO_MIRROR_HOST=${rdo_dlrn/https:\/\/trunk.rdoproject.org/$NODEPOOL_RDO_PROXY} - echo "openstack_hosts_rdo_repo_url: '${RDO_MIRROR_HOST}'" >> ${NODEPOOL_OVERRIDES} args: executable: /bin/bash tags: diff --git a/tests/roles/bootstrap-host/templates/user_variables.aio.yml.j2 b/tests/roles/bootstrap-host/templates/user_variables.aio.yml.j2 index a0603a9142..fce8bc61c5 100644 --- a/tests/roles/bootstrap-host/templates/user_variables.aio.yml.j2 +++ b/tests/roles/bootstrap-host/templates/user_variables.aio.yml.j2 @@ -257,6 +257,8 @@ openstack_user_kernel_options: - key: 'kernel.printk' value: '4 1 7 4' +openstack_hosts_package_state: latest + {% if 'octavia' in bootstrap_host_scenarios_expanded %} # Enable Octavia V2 API/standalone octavia_v2: True diff --git a/tests/roles/bootstrap-host/vars/redhat-8.yml b/tests/roles/bootstrap-host/vars/redhat-8.yml new file mode 100644 index 0000000000..ad045b2d36 --- /dev/null +++ b/tests/roles/bootstrap-host/vars/redhat-8.yml @@ -0,0 +1,35 @@ +--- +# Copyright 2017, Rackspace US, Inc. +# +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. + +packages_install: + # - bridge-utils bridge-utils is not available in 8 + # - btrfs-progs BTRFS is not available in 8 + - curl + - dbus + - ethtool + - git + - iputils + - lvm2 + - python3 + - python3-devel + # - sshpass sshpass is not available in 8 + #- systemd-networkd networkd is not available in 8 + - vim + - xfsprogs + +packages_remove: [] + +rc_local: /etc/rc.d/rc.local +rc_local_insert_before: "^touch /var/lock/subsys/local$" diff --git a/zuul.d/jobs.yaml b/zuul.d/jobs.yaml index 5b8000d387..7bad47ba2b 100644 --- a/zuul.d/jobs.yaml +++ b/zuul.d/jobs.yaml @@ -344,6 +344,59 @@ nodeset: centos-7 timeout: 10800 +# centos 8 +- job: + name: openstack-ansible-deploy-aio_lxc-centos-8 + parent: openstack-ansible-deploy-aio + nodeset: centos-8 + +- job: + name: openstack-ansible-deploy-aio_distro_lxc-centos-8 + parent: openstack-ansible-deploy-aio + nodeset: centos-8 + +- job: + name: openstack-ansible-deploy-aio_ceph-centos-8 + parent: openstack-ansible-deploy-aio + nodeset: centos-8 + +- job: + name: openstack-ansible-deploy-aio_distro_ceph-centos-8 + parent: openstack-ansible-deploy-aio + nodeset: centos-8 + +- job: + name: openstack-ansible-upgrade-aio_lxc-centos-8 + parent: openstack-ansible-deploy-aio + nodeset: centos-8 + timeout: 10800 + +- job: + name: openstack-ansible-deploy-aio_metal-centos-8 + parent: openstack-ansible-deploy-aio + nodeset: centos-8 + +- job: + name: openstack-ansible-deploy-aio_telemetry_metal-centos-8 + parent: openstack-ansible-deploy-aio + nodeset: centos-8 + +- job: + name: openstack-ansible-deploy-aio_distro_metal-centos-8 + parent: openstack-ansible-deploy-aio + nodeset: centos-8 + +- job: + name: openstack-ansible-deploy-aio_nspawn-centos-8 + parent: openstack-ansible-deploy-aio + nodeset: centos-8 + +- job: + name: openstack-ansible-upgrade-aio_ceph-centos-8 + parent: openstack-ansible-deploy-aio + nodeset: centos-8 + timeout: 10800 + # debian - job: name: openstack-ansible-deploy-aio_telemetry_metal-debian-buster diff --git a/zuul.d/playbooks/pre-gate-cleanup.yml b/zuul.d/playbooks/pre-gate-cleanup.yml index 9cadc2e3e3..fd195a6354 100644 --- a/zuul.d/playbooks/pre-gate-cleanup.yml +++ b/zuul.d/playbooks/pre-gate-cleanup.yml @@ -30,6 +30,17 @@ when: - ansible_distribution_release in ['bionic', 'focal'] + # NOTE(noonedeadpunk): Added until CentOS 8.3 released because of the bug: + # https://bugzilla.redhat.com/show_bug.cgi?id=1777718 + - name: Set umask to 022 + lineinfile: + path: /etc/login.defs + regexp: "^UMASK" + line: "UMASK 022" + when: + - ansible_os_family | lower == 'redhat' + - ansible_distribution_major_version is version('8', '=') + - name: Remove package blacklist for yum/dnf lineinfile: dest: "{{ (ansible_pkg_mgr == 'dnf') | ternary('/etc/dnf/dnf.conf', '/etc/yum.conf') }}" diff --git a/zuul.d/project-templates.yaml b/zuul.d/project-templates.yaml index fafd967d03..6249745431 100644 --- a/zuul.d/project-templates.yaml +++ b/zuul.d/project-templates.yaml @@ -39,12 +39,14 @@ check: jobs: - openstack-ansible-deploy-aio_lxc-centos-7 + - openstack-ansible-deploy-aio_lxc-centos-8 - openstack-ansible-deploy-aio_lxc-debian-buster - openstack-ansible-deploy-aio_lxc-ubuntu-bionic - openstack-ansible-deploy-aio_lxc-ubuntu-focal gate: jobs: - openstack-ansible-deploy-aio_lxc-centos-7 + - openstack-ansible-deploy-aio_lxc-centos-8 - openstack-ansible-deploy-aio_lxc-debian-buster - openstack-ansible-deploy-aio_lxc-ubuntu-bionic - openstack-ansible-deploy-aio_lxc-ubuntu-focal @@ -61,6 +63,7 @@ experimental: jobs: - openstack-ansible-deploy-aio_distro_lxc-centos-7 + - openstack-ansible-deploy-aio_distro_lxc-centos-8 - openstack-ansible-deploy-aio_distro_lxc-opensuse-15 - openstack-ansible-deploy-aio_distro_lxc-ubuntu-bionic @@ -70,6 +73,7 @@ jobs: - openstack-ansible-deploy-aio_metal-debian-buster - openstack-ansible-deploy-aio_metal-centos-7 + - openstack-ansible-deploy-aio_metal-centos-8 - openstack-ansible-deploy-aio_metal-ubuntu-bionic - openstack-ansible-deploy-aio_metal-ubuntu-focal - openstack-ansible-upgrade-aio_metal-centos-7: @@ -79,6 +83,7 @@ jobs: - openstack-ansible-deploy-aio_metal-debian-buster - openstack-ansible-deploy-aio_metal-centos-7 + - openstack-ansible-deploy-aio_lxc-centos-8 - openstack-ansible-deploy-aio_metal-ubuntu-bionic - openstack-ansible-deploy-aio_metal-ubuntu-focal experimental: @@ -106,10 +111,12 @@ check: jobs: - openstack-ansible-deploy-aio_distro_metal-centos-7 + - openstack-ansible-deploy-aio_distro_metal-centos-8 - openstack-ansible-deploy-aio_distro_metal-ubuntu-bionic gate: jobs: - openstack-ansible-deploy-aio_distro_metal-centos-7 + - openstack-ansible-deploy-aio_distro_metal-centos-8 - openstack-ansible-deploy-aio_distro_metal-ubuntu-bionic experimental: jobs: diff --git a/zuul.d/project.yaml b/zuul.d/project.yaml index d1418ca4cc..c7101727b5 100644 --- a/zuul.d/project.yaml +++ b/zuul.d/project.yaml @@ -14,7 +14,7 @@ - project: templates: - - openstack-ansible-deploy-guide-jobs + - deploy-guide-jobs - openstack-ansible-deploy-base-jobs - openstack-ansible-deploy-aio_lxc-jobs - openstack-ansible-deploy-aio_distro_lxc-jobs