Skip to content

Playbooks & scripts for building, registering and rotating octavia amphora images #12

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom
Closed
wants to merge 2 commits into from
Closed

Playbooks & scripts for building, registering and rotating octavia amphora images #12

wants to merge 2 commits into from

Conversation

markgoddard
Copy link

No description provided.

@markgoddard markgoddard self-assigned this Dec 17, 2021
@priteau priteau requested a review from jovial February 11, 2022 13:41
@jovial
Copy link

jovial commented Feb 14, 2022

This is mostly working for me. The one issue was that I can't connect to the internal API from my seed. The octavia openrc file uses the internal interface by default. My workaround was to fudge the openrc file to use public endpoints and run octavia-amphora-image-register.yml with -e openstack_interface=public. Is there a way we could make this work across all deployments? I think having the seed on the internal network is non-standard.

@jovial
Copy link

jovial commented Feb 14, 2022

In kayobe, don't we typically use the first controller for these kind of operations (stuff that needs API access), e.g:

https://github.com/openstack/kayobe/blob/master/ansible/baremetal-compute-rename.yml#L7

Just wondering if we should use a controller with the internal openrc file here.

jovial
jovial reviewed Feb 14, 2022
View reviewed changes
octavia-amphora-image-register.yml

# FIXME: Use 'tags' parameter of os_image module available from
# openstack.cloud.image 1.5.0.
- name: Ensure Octavia Amphora image is tagged
Copy link

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Should we untag the old image? This seems to trigger a warning:

https://github.com/openstack/octavia/blob/bd01ad94dcea3eca7636f1286ceed0753b563a28/octavia/image/drivers/glance_driver.py#L65

This isn't mentioned in the docs and would appear not to have a negative impact as it seems like it would just select the image that was uploaded last.

jovial
jovial reviewed Feb 14, 2022
View reviewed changes
octavia-amphora-image-register.yml

- name: Get image checksum
stat:
path: "{{ image_cache_path }}/amphora-x64-haproxy-{{ openstack_release }}.qcow2"
Copy link

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Any reason to include the qcow2 file extension in the image name?

Copy link

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Wrong line, see: https://github.com/stackhpc/kayobe-ops/pull/12/files#diff-e5ac2a54d5ef4bca658be8fff362434d7d5155f62c23e1b7106198e815f0ff76R64

@markgoddard
Copy link
Author

This is mostly working for me. The one issue was that I can't connect to the internal API from my seed. The octavia openrc file uses the internal interface by default. My workaround was to fudge the openrc file to use public endpoints and run octavia-amphora-image-register.yml with -e openstack_interface=public. Is there a way we could make this work across all deployments? I think having the seed on the internal network is non-standard.

In kayobe, don't we typically use the first controller for these kind of operations (stuff that needs API access), e.g:

https://github.com/openstack/kayobe/blob/master/ansible/baremetal-compute-rename.yml#L7

Just wondering if we should use a controller with the internal openrc file here.

Sure, we could change the host to controllers[0], or use a variable:

hosts: "{{ groups('os_clients')[0] | default(groups('controllers')[0]) }}"

@jovial
Copy link

jovial commented Feb 15, 2022

This is mostly working for me. The one issue was that I can't connect to the internal API from my seed. The octavia openrc file uses the internal interface by default. My workaround was to fudge the openrc file to use public endpoints and run octavia-amphora-image-register.yml with -e openstack_interface=public. Is there a way we could make this work across all deployments? I think having the seed on the internal network is non-standard.

In kayobe, don't we typically use the first controller for these kind of operations (stuff that needs API access), e.g:
https://github.com/openstack/kayobe/blob/master/ansible/baremetal-compute-rename.yml#L7
Just wondering if we should use a controller with the internal openrc file here.

Sure, we could change the host to controllers[0], or use a variable:

hosts: "{{ groups('os_clients')[0] | default(groups('controllers')[0]) }}"

Would we still build the image on the seed and then transfer it to os_clients[0]?

@markgoddard
Copy link
Author

This is mostly working for me. The one issue was that I can't connect to the internal API from my seed. The octavia openrc file uses the internal interface by default. My workaround was to fudge the openrc file to use public endpoints and run octavia-amphora-image-register.yml with -e openstack_interface=public. Is there a way we could make this work across all deployments? I think having the seed on the internal network is non-standard.

In kayobe, don't we typically use the first controller for these kind of operations (stuff that needs API access), e.g:
https://github.com/openstack/kayobe/blob/master/ansible/baremetal-compute-rename.yml#L7
Just wondering if we should use a controller with the internal openrc file here.

Sure, we could change the host to controllers[0], or use a variable:

hosts: "{{ groups('os_clients')[0] | default(groups('controllers')[0]) }}"

Would we still build the image on the seed and then transfer it to os_clients[0]?

We could do. We actually build the IPA images on a controller, which isn't ideal.

@jovial jovial mentioned this pull request Feb 1, 2023
Merged
@markgoddard
Copy link
Author

Moved to stackhpc-kayobe-config

@markgoddard markgoddard deleted the amhpora-images branch February 22, 2023 15:24
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers

@jovial jovial jovial left review comments

Assignees

@markgoddard markgoddard

Labels
None yet
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.
2 participants
@markgoddard @jovial