Code Review / apex.git / commitdiff
? search:
summary | shortlog | log | commit | commitdiff | review | tree
raw | patch | inline | side by side (parent: 82bf9da)
Adding support for containerized undercloud 53/62453/10
authorRicardo Noriega <rnoriega@redhat.com>
Tue, 18 Sep 2018 14:11:15 +0000 (16:11 +0200)
committerTim Rozet <trozet@redhat.com>
Mon, 8 Oct 2018 18:55:55 +0000 (14:55 -0400)
Master code only supports containerized undercloud now, so this
migration is needed.
  - Containerized services in undercloud

We can still apply patches to THT and other non-docker services, but
we will need to add support for patching openstack services on
undercloud.

Change-Id: I1ca4c6108f144efef7b5889503af265ef0fff8b2
Signed-off-by: Ricardo Noriega <rnoriega@redhat.com>
Signed-off-by: Tim Rozet <trozet@redhat.com>
apex/tests/test_apex_undercloud.py patch | blob | history
apex/undercloud/undercloud.py patch | blob | history
lib/ansible/playbooks/configure_undercloud.yml patch | blob | history
lib/ansible/playbooks/deploy_overcloud.yml patch | blob | history

diff --git a/apex/tests/test_apex_undercloud.py b/apex/tests/test_apex_undercloud.py
index 5c33bf0..2d0dffc 100644 (file)
--- a/apex/tests/test_apex_undercloud.py
+++ b/apex/tests/test_apex_undercloud.py
@@ -276,7 +276,8 @@ class TestUndercloud(unittest.TestCase):
                     {'--upload':
                      '/root/.ssh/id_rsa.pub:/root/.ssh/authorized_keys'},
                     {'--run-command': 'chmod 600 /root/.ssh/authorized_keys'},
-                    {'--run-command': 'restorecon /root/.ssh/authorized_keys'},
+                    {'--run-command': 'restorecon '
+                                      '-R -v /root/.ssh'},
                     {'--run-command':
                      'cp /root/.ssh/authorized_keys /home/stack/.ssh/'},
                     {'--run-command':
@@ -293,6 +294,7 @@ class TestUndercloud(unittest.TestCase):
         ns_dict = {
             'apex': MagicMock(),
             'dns-domain': 'dns',
+            'ntp': 'pool.ntp.org',
             'networks': {'admin':
                          {'cidr': ipaddress.ip_network('192.0.2.0/24'),
                           'installer_vm': {'ip': '192.0.2.1',
diff --git a/apex/undercloud/undercloud.py b/apex/undercloud/undercloud.py
index 5608769..1658801 100644 (file)
--- a/apex/undercloud/undercloud.py
+++ b/apex/undercloud/undercloud.py
@@ -199,7 +199,7 @@ class Undercloud:
                          '/root/.ssh/id_rsa.pub:/root/.ssh/authorized_keys'})
         run_cmds = [
             'chmod 600 /root/.ssh/authorized_keys',
-            'restorecon /root/.ssh/authorized_keys',
+            'restorecon -R -v /root/.ssh',
             'cp /root/.ssh/authorized_keys /home/stack/.ssh/',
             'chown stack:stack /home/stack/.ssh/authorized_keys',
             'chmod 600 /home/stack/.ssh/authorized_keys'
@@ -234,12 +234,16 @@ class Undercloud:
             "undercloud_hostname undercloud.{}".format(ns['dns-domain']),
             "local_ip {}/{}".format(str(ns_admin['installer_vm']['ip']),
                                     str(ns_admin['cidr']).split('/')[1]),
-            "network_gateway {}".format(str(ns_admin['installer_vm']['ip'])),
-            "network_cidr {}".format(str(ns_admin['cidr'])),
+            "generate_service_certificate false",
+            "undercloud_ntp_servers {}".format(str(ns['ntp'][0]))
+        ]
+
+        config['undercloud_network_config'] = [
+            "gateway {}".format(str(ns_admin['installer_vm']['ip'])),
+            "cidr {}".format(str(ns_admin['cidr'])),
             "dhcp_start {}".format(str(ns_admin['dhcp_range'][0])),
             "dhcp_end {}".format(str(ns_admin['dhcp_range'][1])),
             "inspection_iprange {}".format(','.join(intro_range)),
-            "generate_service_certificate false"
         ]
 
         config['ironic_config'] = [
diff --git a/lib/ansible/playbooks/configure_undercloud.yml b/lib/ansible/playbooks/configure_undercloud.yml
index 1fb2283..96080e5 100644 (file)
--- a/lib/ansible/playbooks/configure_undercloud.yml
+++ b/lib/ansible/playbooks/configure_undercloud.yml
@@ -47,23 +47,12 @@
     - name: openstack-configs undercloud
       shell: openstack-config --set undercloud.conf DEFAULT {{ item }}
       with_items: "{{ undercloud_config }}"
-    - name: Add ironic packages
-      yum:
-        name: openstack-ironic-api,openstack-ironic-common,
-              openstack-ironic-inspector
-      become: yes
-    - name: openstack-configs ironic
-      shell: openstack-config --set /etc/ironic/ironic.conf {{ item }}
-      become: yes
-      with_items: "{{ ironic_config }}"
-    - lineinfile:
-        path: /usr/lib/python2.7/site-packages/ironic/common/pxe_utils.py
-        regexp: '_link_ip_address_pxe_configs'
-        line: '        _link_mac_pxe_configs(task)'
-      when: aarch64
+    - name: openstack-configs undercloud network
+      shell: openstack-config --set undercloud.conf ctlplane-subnet {{ item }}
+      with_items: "{{ undercloud_network_config }}"
     - block:
         - name: undercloud install
-          shell: openstack undercloud install --use-heat False &> apex-undercloud-install.log
+          shell: openstack undercloud install &> apex-undercloud-install.log
           become: yes
           become_user: stack
       rescue:
@@ -78,44 +67,50 @@
             dest: "{{ apex_temp_dir }}/"
             flat: yes
     - name: openstack-configs nova
-      shell: openstack-config --set /etc/nova/nova.conf DEFAULT {{ item }}
+      shell: openstack-config --set /var/lib/config-data/nova/etc/nova/nova.conf DEFAULT {{ item }}
       become: yes
       with_items: "{{ nova_config }}"
-    - name: change nova filters
-      shell: openstack-config --set /etc/nova/nova.conf filter_scheduler {{ item }}
-      become: yes
-      with_items: "enabled_filters RetryFilter,TripleOCapabilitiesFilter,ComputeCapabilitiesFilter,AvailabilityZoneFilter,ComputeFilter,ImagePropertiesFilter,ServerGroupAntiAffinityFilter,ServerGroupAffinityFilter"
     - name: restart nova services
-      service:
+      docker_container:
         name: "{{ item }}"
-        state: restarted
-        enabled: yes
+        state: started
+        restart: yes
       with_items:
-        - openstack-nova-conductor
-        - openstack-nova-compute
-        - openstack-nova-api
-        - openstack-nova-scheduler
+        - nova_conductor
+        - nova_compute
+        - nova_api
+        - nova_scheduler
     - name: openstack-configs neutron
-      shell: openstack-config --set /etc/neutron/neutron.conf DEFAULT {{ item }}
+      shell: openstack-config --set /var/lib/config-data/neutron/etc/neutron/neutron.conf DEFAULT {{ item }}
       become: yes
       with_items: "{{ neutron_config }}"
     - name: restart neutron services
-      service:
+      docker_container:
         name: "{{ item }}"
-        state: restarted
-        enabled: yes
+        state: started
+        restart: yes
       with_items:
-        - neutron-server
-        - neutron-dhcp-agent
-    - name: Configure workaround for mariadb long blob (LP#1768913)
-      shell: openstack-config --set /etc/my.cnf.d/galera.cnf mysqld innodb_log_file_size 256M
-      become: yes
-    - name: restart mariadb service
-      service:
-        name: mariadb
-        state: restarted
-        enabled: yes
+        - neutron_api
+        - neutron_dhcp
+    - name: openstack-configs ironic
+      shell: openstack-config --set /var/lib/config-data/ironic/etc/ironic/ironic.conf {{ item }}
       become: yes
+      with_items: "{{ ironic_config }}"
+    - name: restart ironic services
+      docker_container:
+        name: "{{ item }}"
+        state: started
+        restart: yes
+      with_items:
+        - ironic_api
+        - ironic_conductor
+        - ironic_inspector
+    # will need to modify the below to patch the container
+    - lineinfile:
+        path: /usr/lib/python2.7/site-packages/ironic/common/pxe_utils.py
+        regexp: '_link_ip_address_pxe_configs'
+        line: '        _link_mac_pxe_configs(task)'
+      when: aarch64
     - name: configure external network vlan ifcfg
       template:
         src: external_vlan_ifcfg.yml.j2
@@ -203,6 +198,9 @@
         src: /usr/share/openstack-tripleo-heat-templates/environments/services/neutron-opendaylight-sriov.yaml
         dest: "{{ apex_temp_dir }}/"
         flat: yes
+    - name: Restorecon for root ssh
+      shell: restorecon -r -v /root/.ssh
+      become: yes
 
 - include: undercloud_aarch64.yml
   when: aarch64
diff --git a/lib/ansible/playbooks/deploy_overcloud.yml b/lib/ansible/playbooks/deploy_overcloud.yml
index dd2b189..90c3ad1 100644 (file)
--- a/lib/ansible/playbooks/deploy_overcloud.yml
+++ b/lib/ansible/playbooks/deploy_overcloud.yml
@@ -37,11 +37,6 @@
         owner: root
         group: root
         mode: 0664
-    - systemd:
-        name: openstack-swift-proxy
-        state: restarted
-        enabled: yes
-      become: yes
     - name: Remove Ceph OSD from ceph storage role
       lineinfile:
         path: /usr/share/openstack-tripleo-heat-templates/roles_data.yaml
@@ -67,7 +62,7 @@
         group: root
       become: yes
     - name: Upload glance images
-      shell: "{{ stackrc }} && openstack overcloud image upload --http-boot /httpboot"
+      shell: "{{ stackrc }} && openstack overcloud image upload"
       become: yes
       become_user: stack
     - name: Import inventory (baremetal)