diff --git a/.gitignore b/.gitignore
index 0074ab6110a33211ec4a15a60f00decd8f821f55..b3f49b815677a70150d242c3575dcbb0bd5579c9 100644
--- a/.gitignore
+++ b/.gitignore
@@ -57,6 +57,8 @@ ansible/roles/mrlesmithjr.manage-lvm/
ansible/roles/MichaelRigart.interfaces/
ansible/roles/stackhpc.drac/
ansible/roles/stackhpc.drac-facts/
+ansible/roles/stackhpc.libvirt-host/
+ansible/roles/stackhpc.libvirt-vm/
ansible/roles/stackhpc.os-flavors/
ansible/roles/stackhpc.os-images/
ansible/roles/stackhpc.os-ironic-state/
diff --git a/ansible/filter_plugins/networks.py b/ansible/filter_plugins/networks.py
index b2f2f30196673dfcb8a3802887c4ac60207c4151..3c5d03f1a28a60e9442f6a8457d5c689a485600a 100644
--- a/ansible/filter_plugins/networks.py
+++ b/ansible/filter_plugins/networks.py
@@ -390,12 +390,14 @@ def net_configdrive_network_device(context, name, inventory_hostname=None):
netmask = net_mask(context, name, inventory_hostname)
gateway = net_gateway(context, name, inventory_hostname)
bootproto = 'static' if ip is not None else 'dhcp'
+ mtu = net_mtu(context, name, inventory_hostname)
interface = {
'device': device,
'address': ip,
'netmask': netmask,
'gateway': gateway,
'bootproto': bootproto,
+ 'mtu': mtu,
}
interface = {k: v for k, v in interface.items() if v is not None}
return interface
diff --git a/ansible/group_vars/all/overcloud b/ansible/group_vars/all/overcloud
index 58923c3dc9bf1455f1ded3e6d0f5a782bd5dd469..5c3cff2061f248efa6122162e528b91148db4165 100644
--- a/ansible/group_vars/all/overcloud
+++ b/ansible/group_vars/all/overcloud
@@ -15,3 +15,15 @@ overcloud_groups: >
# As a special case, the group 'ignore' can be used to specify hosts that
# should not be added to the inventory.
overcloud_group_hosts_map: {}
+
+###############################################################################
+# Overcloud host image configuration.
+
+# The CentOS cloud images from 7.2 (1511) onwards have a bogus name server
+# entry in /etc/resolv.conf, 10.0.2.3. Cloud-init only appends name server
+# entries to this file, and will not remove this bogus entry. Typically this
+# leads to a delay of around 30 seconds when connecting via SSH, due to a
+# timeout in NSS. The workaround employed here is to remove this bogus entry
+# from the image using virt-customize, if it exists. See
+# https://bugs.centos.org/view.php?id=14369.
+overcloud_host_image_workaround_resolv_enabled: True
diff --git a/ansible/kayobe-target-venv.yml b/ansible/kayobe-target-venv.yml
index 10cf3ffbdc52362731d0ad6756e66ca9d1529758..74e290b474b1ba2388bd194c4fceb715804539ad 100644
--- a/ansible/kayobe-target-venv.yml
+++ b/ansible/kayobe-target-venv.yml
@@ -52,3 +52,9 @@
vars:
activate_virtualenv_path: "{{ virtualenv }}"
when: virtualenv is defined
+
+ - name: Ensure pip is installed
+ easy_install:
+ name: pip
+ become: True
+ when: virtualenv is not defined
diff --git a/ansible/kolla-bifrost-hostvars.yml b/ansible/kolla-bifrost-hostvars.yml
index 8306c13aac29d76526cefbb187a5f0bcc7946881..202672d9560b4dbe634a411cd8f208c7d1765454 100644
--- a/ansible/kolla-bifrost-hostvars.yml
+++ b/ansible/kolla-bifrost-hostvars.yml
@@ -39,7 +39,7 @@
# seed as a gateway to allow external access until other networks have
# been configured.
ipv4_gateway: "{{ provision_oc_net_name | net_gateway or provision_oc_net_name | net_ip(seed_host) }}"
- ipv4_nameserver: "{{ resolv_nameservers[0] }}"
+ ipv4_nameserver: "{{ resolv_nameservers }}"
tasks:
- name: Ensure the Bifrost host variable files exist
copy:
diff --git a/ansible/kolla-openstack.yml b/ansible/kolla-openstack.yml
index cf8abca30f740820feb379efe7445ad7940df1c1..40752c46465114499796e97de30800c1b47b1e42 100644
--- a/ansible/kolla-openstack.yml
+++ b/ansible/kolla-openstack.yml
@@ -60,7 +60,9 @@
owner: "{{ lookup('env', 'USER') }}"
group: "{{ lookup('env', 'USER') }}"
become: True
- when: not image_cache_stat.stat.exists
+ when: >-
+ not image_cache_stat.stat.exists or
+ not image_cache_stat.stat.writeable
- name: Ensure Ironic Python Agent images are copied onto the local machine
fetch:
diff --git a/ansible/overcloud-host-image-workaround-resolv.yml b/ansible/overcloud-host-image-workaround-resolv.yml
new file mode 100644
index 0000000000000000000000000000000000000000..66567951987514b6760afeca1d4d8d2ef28021c9
--- /dev/null
+++ b/ansible/overcloud-host-image-workaround-resolv.yml
@@ -0,0 +1,36 @@
+---
+# The CentOS cloud images from 7.2 (1511) onwards have a bogus name server
+# entry in /etc/resolv.conf, 10.0.2.3. Cloud-init only appends name server
+# entries to this file, and will not remove this bogus entry. Typically this
+# leads to a delay of around 30 seconds when connecting via SSH, due to a
+# timeout in NSS. The workaround employed here is to remove this bogus entry
+# from the image using virt-customize, if it exists. See
+# https://bugs.centos.org/view.php?id=14369.
+
+- name: Ensure the overcloud host image has bogus name server entries removed
+ hosts: seed
+ tags:
+ - overcloud-host-image-workaround
+ tasks:
+ - block:
+ - name: Ensure libguestfs-tools is installed
+ command: >
+ docker exec bifrost_deploy
+ bash -c '
+ ansible localhost
+ --connection local
+ --become
+ -m yum
+ -a "name=libguestfs-tools state=installed"'
+
+ - name: Ensure the overcloud host image has bogus name server entries removed
+ command: >
+ docker exec bifrost_deploy
+ bash -c '
+ export LIBGUESTFS_BACKEND=direct &&
+ ansible localhost
+ --connection local
+ --become
+ -m command
+ -a "virt-customize -a /httpboot/deployment_image.qcow2 --edit \"/etc/resolv.conf:s/^nameserver 10\.0\.2\.3\$//\""'
+ when: overcloud_host_image_workaround_resolv_enabled | bool
diff --git a/ansible/overcloud-ipa-images.yml b/ansible/overcloud-ipa-images.yml
index 7c0ee8f5bbc8e74b2181e0c9092fbbecc6d058c4..e32829b25363f6e1548430bba58e46e20665e685 100644
--- a/ansible/overcloud-ipa-images.yml
+++ b/ansible/overcloud-ipa-images.yml
@@ -76,7 +76,9 @@
owner: "{{ ansible_user }}"
group: "{{ ansible_user }}"
become: True
- when: not image_cache_stat.stat.exists
+ when: >-
+ not image_cache_stat.stat.exists or
+ not image_cache_stat.stat.writeable
- name: Ensure locally built Ironic Python Agent (IPA) images are copied
copy:
diff --git a/doc/source/development.rst b/doc/source/development.rst
index 78b428a7a30c3cf9159a4c2bffe93241dfabbe2f..1dd6f50214b793917a8ac8f84e1eeb3d23b8c52d 100644
--- a/doc/source/development.rst
+++ b/doc/source/development.rst
@@ -62,19 +62,6 @@ Configure the controller host::
kayobe overcloud host configure
-During execution of this command, SELinux will be disabled and the VM will be
-rebooted, causing you to be logged out. Wait for the VM to finish rebooting and
-log in, performing the same environment setup steps as before::
-
- vagrant ssh
- source kayobe-venv/bin/activate
- cd /vagrant
- source kayobe-env
-
-Run the host configuration command again to completion::
-
- kayobe overcloud host configure
-
At this point, container images must be acquired. They can either be built
locally or pulled from an image repository if appropriate images are available.
diff --git a/doc/source/release-notes.rst b/doc/source/release-notes.rst
index f3f868a2417a21e7d786fd2de5b7d3f6693e62a4..74228aea63f142569c0a9dd7024e8155179fafb2 100644
--- a/doc/source/release-notes.rst
+++ b/doc/source/release-notes.rst
@@ -87,6 +87,13 @@ Upgrade Notes
The previous behaviour of installing python dependencies directly to the host
can be used by setting ``kolla_ansible_target_venv`` to ``None``.
+* Adds a workaround for an issue with CentOS cloud images 7.2 (1511) onwards,
+ which have a bogus name server entry in /etc/resolv.conf, 10.0.2.3.
+ Cloud-init only appends name server entries to this file, and will not remove
+ this bogus entry. Typically this leads to a delay of around 30 seconds when
+ connecting via SSH, due to a timeout in NSS. The workaround employed here is
+ to remove this bogus entry from the image using virt-customize, if it exists.
+ See https://bugs.centos.org/view.php?id=14369.
Kayobe 3.0.0
============
diff --git a/etc/kayobe/overcloud.yml b/etc/kayobe/overcloud.yml
index 0d54d0cb2cb28f62b8fbf59eedaec7f7eeea6731..4b35737a7b1b9a37a8e447750cd89030fae1af76 100644
--- a/etc/kayobe/overcloud.yml
+++ b/etc/kayobe/overcloud.yml
@@ -13,6 +13,18 @@
# should not be added to the inventory.
#overcloud_group_hosts_map:
+###############################################################################
+# Overcloud host image configuration.
+
+# The CentOS cloud images from 7.2 (1511) onwards have a bogus name server
+# entry in /etc/resolv.conf, 10.0.2.3. Cloud-init only appends name server
+# entries to this file, and will not remove this bogus entry. Typically this
+# leads to a delay of around 30 seconds when connecting via SSH, due to a
+# timeout in NSS. The workaround employed here is to remove this bogus entry
+# from the image using virt-customize, if it exists. See
+# https://bugs.centos.org/view.php?id=14369.
+#overcloud_host_image_workaround_resolv_enabled:
+
###############################################################################
# Dummy variable to allow Ansible to accept this file.
workaround_ansible_issue_8743: yes
diff --git a/kayobe/cli/commands.py b/kayobe/cli/commands.py
index a2f340dc2c95b93147e117ebed2e4eafc7be8d62..0640f9966ab637f2f8af692e4901ac305ac1f90f 100644
--- a/kayobe/cli/commands.py
+++ b/kayobe/cli/commands.py
@@ -450,6 +450,7 @@ class SeedServiceDeploy(KollaAnsibleMixin, KayobeAnsibleMixin, VaultMixin,
* Configures the bifrost service.
* Deploys the bifrost container using kolla-ansible.
* Builds disk images for the overcloud hosts using Diskimage Builder (DIB).
+ * Performs a workaround in the overcloud host image to fix resolv.conf.
* Configures ironic inspector introspection rules in the bifrost inspector
service.
* When enabled, configures a Bare Metal Provisioning (BMP) environment for
@@ -461,10 +462,13 @@ class SeedServiceDeploy(KollaAnsibleMixin, KayobeAnsibleMixin, VaultMixin,
playbooks = _build_playbook_list("kolla-ansible")
self.run_kayobe_playbooks(parsed_args, playbooks, tags="config")
- self.run_kayobe_playbook(parsed_args, "ansible/kolla-bifrost.yml")
+ playbooks = _build_playbook_list("kolla-bifrost")
+ self.run_kayobe_playbooks(parsed_args, playbooks)
self.run_kolla_ansible_seed(parsed_args, "deploy-bifrost")
playbooks = _build_playbook_list(
- "seed-introspection-rules", "dell-switch-bmp")
+ "overcloud-host-image-workaround-resolv",
+ "seed-introspection-rules",
+ "dell-switch-bmp")
self.run_kayobe_playbooks(parsed_args, playbooks)
diff --git a/kayobe/tests/unit/cli/test_commands.py b/kayobe/tests/unit/cli/test_commands.py
index d89d8b9fe7000ce0a41c926d58c4eb9324dfe491..ced4c27dfc6a59820e68568a481d9f1bb7a61476 100644
--- a/kayobe/tests/unit/cli/test_commands.py
+++ b/kayobe/tests/unit/cli/test_commands.py
@@ -387,6 +387,47 @@ class TestCase(unittest.TestCase):
]
self.assertEqual(expected_calls, mock_run.call_args_list)
+ @mock.patch.object(commands.KayobeAnsibleMixin,
+ "run_kayobe_playbooks")
+ @mock.patch.object(commands.KollaAnsibleMixin,
+ "run_kolla_ansible_seed")
+ def test_service_deploy(self, mock_kolla_run, mock_run):
+ command = commands.SeedServiceDeploy(TestApp(), [])
+ parser = command.get_parser("test")
+ parsed_args = parser.parse_args([])
+
+ result = command.run(parsed_args)
+ self.assertEqual(0, result)
+
+ expected_calls = [
+ mock.call(
+ mock.ANY,
+ ["ansible/kolla-ansible.yml"],
+ tags="config",
+ ),
+ mock.call(
+ mock.ANY,
+ ["ansible/kolla-bifrost.yml"],
+ ),
+ mock.call(
+ mock.ANY,
+ [
+ "ansible/overcloud-host-image-workaround-resolv.yml",
+ "ansible/seed-introspection-rules.yml",
+ "ansible/dell-switch-bmp.yml",
+ ],
+ ),
+ ]
+ self.assertEqual(expected_calls, mock_run.call_args_list)
+
+ expected_calls = [
+ mock.call(
+ mock.ANY,
+ "deploy-bifrost",
+ ),
+ ]
+ self.assertEqual(expected_calls, mock_kolla_run.call_args_list)
+
@mock.patch.object(commands.KayobeAnsibleMixin,
"run_kayobe_config_dump")
@mock.patch.object(commands.KayobeAnsibleMixin,