diff --git a/etc/kayobe/ansible/cephadm-gather-keys.yml b/etc/kayobe/ansible/cephadm-gather-keys.yml index d73f15a9e..0a47de8d0 100644 --- a/etc/kayobe/ansible/cephadm-gather-keys.yml +++ b/etc/kayobe/ansible/cephadm-gather-keys.yml @@ -25,6 +25,7 @@ - name: Get Ceph keys stackhpc.cephadm.cephadm_key: name: "{{ item }}" + output_format: plain state: info register: cephadm_key_info become: true @@ -49,10 +50,12 @@ - name: Save Ceph keys to Kayobe configuration vars: key_info: "{{ cephadm_key_info.results | selectattr('item', 'equalto', item.1) | first }}" - cephadm_key: "{{ (key_info.stdout | from_json | first)['key'] }}" - cephadm_user: "{{ (key_info.stdout | from_json | first)['entity'] }}" + cephadm_key: "{{ key_info.stdout }}" + cephadm_user: "{{ item.1 }}" copy: - content: "{{ cephadm_key }}" + # Include a trailing newline. + content: | + {{ cephadm_key }} dest: "{{ kayobe_env_config_path }}/kolla/config/{{ kolla_service_to_key_dir[item.0.name] }}/ceph.{{ cephadm_user }}.keyring" loop: "{{ query('subelements', kolla_ceph_services | selectattr('required'), 'keys') }}" loop_control: @@ -64,7 +67,10 @@ - name: Save ceph.conf to Kayobe configuration copy: - content: "{{ cephadm_ceph_conf.stdout }}" + # Include a trailing newline. + # Kolla Ansible's merge_configs module does not like the leading tabs in ceph.conf. + content: | + {{ cephadm_ceph_conf.stdout | regex_replace('\t') }} dest: "{{ kayobe_env_config_path }}/kolla/config/{{ kolla_service_to_conf_dir[item.0.name] }}/ceph.conf" loop: "{{ query('subelements', kolla_ceph_services | selectattr('required'), 'keys') }}" loop_control: diff --git a/etc/kayobe/ansible/rsyslog.yml b/etc/kayobe/ansible/rsyslog.yml new file mode 100644 index 000000000..acc567eb7 --- /dev/null +++ b/etc/kayobe/ansible/rsyslog.yml @@ -0,0 +1,36 @@ +--- +# Custom playbook to configure rsyslog to forward operating system logs to +# fluentd, eventually reaching Kolla's Elasticsearch cluster. +# +# Variables: +# * rsyslog_group: Host pattern against which to target the playbook. Default +# is 'overcloud'. + +- name: Configure rsyslog to forward messages + hosts: "{{ rsyslog_group | default('overcloud') }}" + become: yes + + tasks: + - name: Ensure rsyslog is installed + package: + name: rsyslog + state: present + + - name: Ensure rsyslog is started and enabled + systemd: + state: started + enabled: yes + name: rsyslog + + - name: Update rsyslog configuration + lineinfile: + path: /etc/rsyslog.conf + insertafter: "^#*.* @@remote-host:514" + line: "*.* @{{ internal_net_name | net_ip }}:5140" + register: rsyslog_config + + - name: Restart rsyslog + systemd: + state: restarted + name: rsyslog + when: rsyslog_config.changed diff --git a/etc/kayobe/cephadm.yml b/etc/kayobe/cephadm.yml index eff49c565..b82111cb7 100644 --- a/etc/kayobe/cephadm.yml +++ b/etc/kayobe/cephadm.yml @@ -23,6 +23,9 @@ cephadm_registry_username: "{{ stackhpc_docker_registry_username }}" # Ceph container image registry password. cephadm_registry_password: "{{ stackhpc_docker_registry_password }}" +# Cephadm admin network interface. +cephadm_admin_interface: "{{ admin_oc_net_name | net_interface }}" + # Ceph public network interface. cephadm_public_interface: "{{ storage_net_name | net_interface }}" diff --git a/etc/kayobe/hooks/overcloud-service-deploy/post.d/.gitkeep b/etc/kayobe/hooks/overcloud-service-deploy/post.d/.gitkeep new file mode 100644 index 000000000..e69de29bb diff --git a/etc/kayobe/kolla/globals.yml b/etc/kayobe/kolla/globals.yml index 98dca856a..341ffff63 100644 --- a/etc/kayobe/kolla/globals.yml +++ b/etc/kayobe/kolla/globals.yml @@ -1,7 +1,7 @@ # yamllint disable-file --- docker_yum_baseurl: "{{ stackhpc_repo_docker_url }}" -docker_yum_gpgkey: "https://download.docker.com/linux/{% raw %}{{ ansible_facts.distribution | lower }}{% endraw %}/gpg" +docker_yum_gpgkey: "https://download.docker.com/linux/centos/gpg" {% if kolla_base_distro == 'centos' %} bifrost_tag: yoga-20220831T122627 diff --git a/etc/kayobe/pulp-repo-versions.yml b/etc/kayobe/pulp-repo-versions.yml index e158c24a0..b91748c03 100644 --- a/etc/kayobe/pulp-repo-versions.yml +++ b/etc/kayobe/pulp-repo-versions.yml @@ -20,6 +20,11 @@ stackhpc_pulp_repo_mariadb_10_6_centos8_version: 20220819T111114 stackhpc_pulp_repo_rabbitmq_erlang_version: 20220828T050510 stackhpc_pulp_repo_rabbitmq_server_version: 20220803T043053 stackhpc_pulp_repo_treasuredata_4_version: 20220823T042339 -stackhpc_pulp_repo_ubuntu_cloud_archive_version: 20220830T054227 -stackhpc_pulp_repo_ubuntu_focal_security_version: 20220830T054227 -stackhpc_pulp_repo_ubuntu_focal_version: 20220830T054227 +stackhpc_pulp_repo_ubuntu_cloud_archive_version: 20220804T040153 +stackhpc_pulp_repo_ubuntu_focal_security_version: 20220804T040153 +stackhpc_pulp_repo_ubuntu_focal_version: 20220804T040153 +stackhpc_pulp_repo_rocky_8_6_appstream_version: "20220606T111205" +stackhpc_pulp_repo_rocky_8_6_baseos_version: "20220606T111205" +stackhpc_pulp_repo_rocky_8_6_extras_version: "20220606T111205" +stackhpc_pulp_repo_rocky_8_6_nfv_version: "20220606T111205" +stackhpc_pulp_repo_rocky_8_6_powertools_version: "20220606T111205" diff --git a/etc/kayobe/pulp.yml b/etc/kayobe/pulp.yml index 7efec2735..57b61970e 100644 --- a/etc/kayobe/pulp.yml +++ b/etc/kayobe/pulp.yml @@ -167,6 +167,21 @@ stackhpc_pulp_distribution_deb_production: # Whether to sync CentOS Stream 8 packages. stackhpc_pulp_sync_centos_stream8: "{{ os_distribution == 'centos' }}" +# Whether to sync Rocky Linux 8 packages. +stackhpc_pulp_sync_rocky_8: "{{ os_distribution == 'rocky' }}" +# Rocky 8 minor version number. Supported values: 6. +stackhpc_pulp_repo_rocky_8_minor_version: 6 +# Rocky 8 Snapshot versions. The defaults use the appropriate version from +# pulp-repo-versions.yml for the selected minor release. +stackhpc_pulp_repo_rocky_8_appstream_version: "{{ lookup('vars', 'stackhpc_pulp_repo_rocky_8_%s_appstream_version' % stackhpc_pulp_repo_rocky_8_minor_version) }}" +stackhpc_pulp_repo_rocky_8_baseos_version: "{{ lookup('vars', 'stackhpc_pulp_repo_rocky_8_%s_baseos_version' % stackhpc_pulp_repo_rocky_8_minor_version) }}" +stackhpc_pulp_repo_rocky_8_extras_version: "{{ lookup('vars', 'stackhpc_pulp_repo_rocky_8_%s_extras_version' % stackhpc_pulp_repo_rocky_8_minor_version) }}" +stackhpc_pulp_repo_rocky_8_nfv_version: "{{ lookup('vars', 'stackhpc_pulp_repo_rocky_8_%s_nfv_version' % stackhpc_pulp_repo_rocky_8_minor_version) }}" +stackhpc_pulp_repo_rocky_8_powertools_version: "{{ lookup('vars', 'stackhpc_pulp_repo_rocky_8_%s_powertools_version' % stackhpc_pulp_repo_rocky_8_minor_version) }}" + +# Whether to sync packages common to all RHEL derivatives. +stackhpc_pulp_sync_el_8: "{{ stackhpc_pulp_sync_rocky_8 or stackhpc_pulp_sync_centos_stream8 }}" + stackhpc_pulp_repository_rpm_repos: # Base CentOS 8 Stream repositories - name: CentOS Stream 8 - AppStream @@ -194,6 +209,48 @@ stackhpc_pulp_repository_rpm_repos: state: present required: "{{ stackhpc_pulp_sync_centos_stream8 | bool }}" + # Base Rocky 8 repositories + - name: Rocky Linux 8 - AppStream + url: "{{ stackhpc_release_pulp_content_url }}/rocky/8.{{ stackhpc_pulp_repo_rocky_8_minor_version }}/AppStream/x86_64/os/{{ stackhpc_pulp_repo_rocky_8_appstream_version }}" + client_cert: "{{ stackhpc_release_pulp_client_cert }}" + client_key: "{{ stackhpc_release_pulp_client_key }}" + policy: on_demand + sync_policy: mirror_complete + state: present + required: "{{ stackhpc_pulp_sync_rocky_8 | bool }}" + - name: Rocky Linux 8 - BaseOS + url: "{{ stackhpc_release_pulp_content_url }}/rocky/8.{{ stackhpc_pulp_repo_rocky_8_minor_version }}/BaseOS/x86_64/os/{{ stackhpc_pulp_repo_rocky_8_baseos_version }}" + client_cert: "{{ stackhpc_release_pulp_client_cert }}" + client_key: "{{ stackhpc_release_pulp_client_key }}" + policy: on_demand + sync_policy: mirror_complete + state: present + required: "{{ stackhpc_pulp_sync_rocky_8 | bool }}" + - name: Rocky Linux 8 - Extras + url: "{{ stackhpc_release_pulp_content_url }}/rocky/8.{{ stackhpc_pulp_repo_rocky_8_minor_version }}/extras/x86_64/os/{{ stackhpc_pulp_repo_rocky_8_extras_version }}" + client_cert: "{{ stackhpc_release_pulp_client_cert }}" + client_key: "{{ stackhpc_release_pulp_client_key }}" + policy: on_demand + sync_policy: mirror_complete + state: present + required: "{{ stackhpc_pulp_sync_rocky_8 | bool }}" + - name: Rocky Linux 8 - NFV + url: "{{ stackhpc_release_pulp_content_url }}/rocky/8.{{ stackhpc_pulp_repo_rocky_8_minor_version }}/nfv/x86_64/os/{{ stackhpc_pulp_repo_rocky_8_nfv_version }}" + client_cert: "{{ stackhpc_release_pulp_client_cert }}" + client_key: "{{ stackhpc_release_pulp_client_key }}" + policy: on_demand + sync_policy: mirror_complete + state: present + required: "{{ stackhpc_pulp_sync_rocky_8 | bool }}" + - name: Rocky Linux 8 - PowerTools + url: "{{ stackhpc_release_pulp_content_url }}/rocky/8.{{ stackhpc_pulp_repo_rocky_8_minor_version }}/PowerTools/x86_64/os/{{ stackhpc_pulp_repo_rocky_8_6_powertools_version }}" + client_cert: "{{ stackhpc_release_pulp_client_cert }}" + client_key: "{{ stackhpc_release_pulp_client_key }}" + policy: on_demand + sync_policy: mirror_complete + state: present + required: "{{ stackhpc_pulp_sync_rocky_8 | bool }}" + # EPEL repositories - name: Extra Packages for Enterprise Linux 8 - x86_64 url: "{{ stackhpc_release_pulp_content_url }}/epel/8/Everything/x86_64/{{ stackhpc_pulp_repo_epel_version }}" @@ -202,7 +259,7 @@ stackhpc_pulp_repository_rpm_repos: policy: on_demand sync_policy: mirror_content_only state: present - required: "{{ stackhpc_pulp_sync_centos_stream8 | bool }}" + required: "{{ stackhpc_pulp_sync_el_8 | bool }}" - name: Extra Packages for Enterprise Linux Modular 8 - x86_64 url: "{{ stackhpc_release_pulp_content_url }}/epel/8/Modular/x86_64/{{ stackhpc_pulp_repo_epel_modular_version }}" client_cert: "{{ stackhpc_release_pulp_client_cert }}" @@ -210,7 +267,7 @@ stackhpc_pulp_repository_rpm_repos: policy: on_demand sync_policy: mirror_complete state: present - required: "{{ stackhpc_pulp_sync_centos_stream8 | bool }}" + required: "{{ stackhpc_pulp_sync_el_8 | bool }}" # Third-party repositories - name: Docker CE for CentOS 8 @@ -220,7 +277,7 @@ stackhpc_pulp_repository_rpm_repos: policy: on_demand sync_policy: mirror_complete state: present - required: "{{ stackhpc_pulp_sync_centos_stream8 | bool }}" + required: "{{ stackhpc_pulp_sync_el_8 }}" # Publication format is a subset of distribution. stackhpc_pulp_publication_rpm_development: "{{ stackhpc_pulp_distribution_rpm_development }}" @@ -247,24 +304,51 @@ stackhpc_pulp_distribution_rpm_development: state: present required: "{{ stackhpc_pulp_sync_centos_stream8 | bool }}" + # Base Rocky 8 repositories + - name: "rocky-8-appstream-development" + repository: Rocky Linux 8 - AppStream + base_path: "rocky/8/AppStream/x86_64/os/development" + state: present + required: "{{ stackhpc_pulp_sync_rocky_8 | bool }}" + - name: "rocky-8-baseos-development" + repository: Rocky Linux 8 - BaseOS + base_path: "rocky/8/BaseOS/x86_64/os/development" + state: present + required: "{{ stackhpc_pulp_sync_rocky_8 | bool }}" + - name: "rocky-8-extras-development" + repository: Rocky Linux 8 - Extras + base_path: "rocky/8/extras/x86_64/os/development" + state: present + required: "{{ stackhpc_pulp_sync_rocky_8 | bool }}" + - name: "rocky-8-nfv-development" + repository: Rocky Linux 8 - NFV + base_path: "rocky/8/nfv/x86_64/os/development" + state: present + required: "{{ stackhpc_pulp_sync_rocky_8 | bool }}" + - name: "rocky-powertools-development" + repository: Rocky Linux 8 - PowerTools + base_path: "rocky/8/PowerTools/x86_64/os/development" + state: present + required: "{{ stackhpc_pulp_sync_rocky_8 | bool }}" + # EPEL repositories - name: "extra-packages-for-enterprise-linux-8-x86_64-development" repository: Extra Packages for Enterprise Linux 8 - x86_64 base_path: "epel/8/Everything/x86_64/development" state: present - required: "{{ stackhpc_pulp_sync_centos_stream8 | bool }}" + required: "{{ stackhpc_pulp_sync_el_8 | bool }}" - name: "extra-packages-for-enterprise-linux-modular-8-x86_64-development" repository: Extra Packages for Enterprise Linux Modular 8 - x86_64 base_path: "epel/8/Modular/x86_64/development" state: present - required: "{{ stackhpc_pulp_sync_centos_stream8 | bool }}" + required: "{{ stackhpc_pulp_sync_el_8 | bool }}" # Third-party repositories - name: "docker-ce-for-centos-8-development" repository: Docker CE for CentOS 8 base_path: "docker-ce/centos/8/x86_64/stable/development" state: present - required: "{{ stackhpc_pulp_sync_centos_stream8 | bool }}" + required: "{{ stackhpc_pulp_sync_el_8 | bool }}" # Development gets promoted to production. stackhpc_pulp_distribution_rpm_production: @@ -285,24 +369,51 @@ stackhpc_pulp_distribution_rpm_production: state: present required: "{{ stackhpc_pulp_sync_centos_stream8 | bool }}" + # Base Rocky 8 repositories + - name: "rocky-8-appstream-production" + distribution: "rocky-8-appstream-development" + base_path: "rocky/8/AppStream/x86_64/os/production" + state: present + required: "{{ stackhpc_pulp_sync_rocky_8 | bool }}" + - name: "rocky-8-baseos-production" + distribution: "rocky-8-baseos-development" + base_path: "rocky/8/BaseOS/x86_64/os/production" + state: present + required: "{{ stackhpc_pulp_sync_rocky_8 | bool }}" + - name: "rocky-8-extras-production" + distribution: "rocky-8-extras-development" + base_path: "rocky/8/extras/x86_64/os/production" + state: present + required: "{{ stackhpc_pulp_sync_rocky_8 | bool }}" + - name: "rocky-8-nfv-production" + distribution: "rocky-8-nfv-development" + base_path: "rocky/8/nfv/x86_64/os/production" + state: present + required: "{{ stackhpc_pulp_sync_rocky_8 | bool }}" + - name: "rocky-8-powertools-production" + distribution: "rocky-8-powertools-development" + base_path: "rocky/8/PowerTools/x86_64/os/production" + state: present + required: "{{ stackhpc_pulp_sync_rocky_8 | bool }}" + # EPEL repositories - name: "extra-packages-for-enterprise-linux-8-x86_64-production" base_path: "epel/8/Everything/x86_64/production" distribution: "extra-packages-for-enterprise-linux-8-x86_64-development" state: present - required: "{{ stackhpc_pulp_sync_centos_stream8 | bool }}" + required: "{{ stackhpc_pulp_sync_el_8 | bool }}" - name: "extra-packages-for-enterprise-linux-modular-8-x86_64-production" base_path: "epel/8/Modular/x86_64/production" distribution: "extra-packages-for-enterprise-linux-modular-8-x86_64-development" state: present - required: "{{ stackhpc_pulp_sync_centos_stream8 | bool }}" + required: "{{ stackhpc_pulp_sync_el_8 | bool }}" # Third-party repositories - name: "docker-ce-for-centos-8-production" base_path: "docker-ce/centos/8/x86_64/stable/production" distribution: "docker-ce-for-centos-8-development" state: present - required: "{{ stackhpc_pulp_sync_centos_stream8 | bool }}" + required: "{{ stackhpc_pulp_sync_el_8 | bool }}" ############################################################################### # Containers @@ -313,24 +424,18 @@ stackhpc_release_pulp_registry_url: "{{ stackhpc_release_pulp_url }}" # List of all image names. stackhpc_pulp_images_kolla: - barbican-api - - barbican-base - barbican-keystone-listener - barbican-worker - - base - - bifrost-base - bifrost-deploy - cinder-api - cinder-backup - - cinder-base - cinder-scheduler - cinder-volume - cloudkitty-api - - cloudkitty-base - cloudkitty-processor - cron - designate-api - designate-backend-bind9 - - designate-base - designate-central - designate-mdns - designate-producer @@ -341,17 +446,14 @@ stackhpc_pulp_images_kolla: - elasticsearch-curator - fluentd - glance-api - - glance-base - grafana - haproxy - heat-api - heat-api-cfn - - heat-base - heat-engine - horizon - influxdb - ironic-api - - ironic-base - ironic-conductor - ironic-inspector - ironic-neutron-agent @@ -359,24 +461,19 @@ stackhpc_pulp_images_kolla: - iscsid - keepalived - keystone - - keystone-base - keystone-fernet - keystone-ssh - kibana - kolla-toolbox - magnum-api - - magnum-base - magnum-conductor - manila-api - - manila-base - manila-data - manila-scheduler - manila-share - - mariadb-base - mariadb-clustercheck - mariadb-server - memcached - - neutron-base - neutron-dhcp-agent - neutron-l3-agent - neutron-metadata-agent @@ -384,7 +481,6 @@ stackhpc_pulp_images_kolla: - neutron-server - neutron-sriov-agent - nova-api - - nova-base - nova-compute - nova-compute-ironic - nova-conductor @@ -394,25 +490,19 @@ stackhpc_pulp_images_kolla: - nova-serialproxy - nova-ssh - octavia-api - - octavia-base - octavia-driver-agent - octavia-health-manager - octavia-housekeeping - octavia-worker - - openstack-base - - openvswitch-base - openvswitch-db-server - openvswitch-netcontrold - openvswitch-vswitchd - - ovn-base - ovn-controller - ovn-nb-db-server - ovn-northd - ovn-sb-db-server - placement-api - - placement-base - prometheus-alertmanager - - prometheus-base - prometheus-blackbox-exporter - prometheus-cadvisor - prometheus-elasticsearch-exporter @@ -428,11 +518,9 @@ stackhpc_pulp_images_kolla: - prometheus-v2-server - rabbitmq - redis - - redis-base - redis-sentinel - skydive-agent - skydive-analyzer - - skydive-base # Whitespace-separated list of regular expressions matching Kolla image names. # Usage is similar to kolla-build CLI arguments. @@ -486,6 +574,7 @@ stackhpc_pulp_repository_container_repos_ceph: url: "https://quay.io" policy: on_demand state: present + include_tags: "{{ cephadm_image_tag }}" required: "{{ stackhpc_sync_ceph_images | bool }}" # List of Ceph container image distributions. diff --git a/terraform/aio/scripts/configure-local-networking.sh b/terraform/aio/scripts/configure-local-networking.sh index 0b4869bc3..c7bd70bf8 100644 --- a/terraform/aio/scripts/configure-local-networking.sh +++ b/terraform/aio/scripts/configure-local-networking.sh @@ -55,4 +55,4 @@ if ! sudo ip a show dev breth1 | grep $public_ip/24 >/dev/null 2>&1; then fi # This prevents network.service from restarting correctly. -sudo killall dhclient +sudo killall dhclient || true