Skip to content
Snippets Groups Projects

Compare revisions

Changes are shown as if the source revision was being merged into the target revision. Learn more about comparing revisions.

Source

Select target project
No results found

Target

Select target project
  • very-demiurge-very-mindful/kolla-ansible
1 result
Show changes
Commits on Source (38)
Showing
with 126 additions and 65 deletions
...@@ -2,3 +2,4 @@ ...@@ -2,3 +2,4 @@
host=review.opendev.org host=review.opendev.org
port=29418 port=29418
project=openstack/kolla-ansible.git project=openstack/kolla-ansible.git
defaultbranch=stable/2024.2
...@@ -779,7 +779,7 @@ external_api_firewalld_zone: "public" ...@@ -779,7 +779,7 @@ external_api_firewalld_zone: "public"
#################### ####################
# OpenStack options # OpenStack options
#################### ####################
openstack_release: "master" openstack_release: "2024.2"
# Docker image tag used by default. # Docker image tag used by default.
openstack_tag: "{{ openstack_release }}-{{ kolla_base_distro }}-{{ kolla_base_distro_version }}{{ openstack_tag_suffix }}" openstack_tag: "{{ openstack_release }}-{{ kolla_base_distro }}-{{ kolla_base_distro_version }}{{ openstack_tag_suffix }}"
openstack_tag_suffix: "" openstack_tag_suffix: ""
...@@ -788,7 +788,7 @@ openstack_logging_debug: "False" ...@@ -788,7 +788,7 @@ openstack_logging_debug: "False"
openstack_region_name: "RegionOne" openstack_region_name: "RegionOne"
# Variable defined the pin_release_version, apply for rolling upgrade process # Variable defined the pin_release_version, apply for rolling upgrade process
openstack_previous_release_name: "2023.2" openstack_previous_release_name: "2024.1"
# A list of policy file formats that are supported by Oslo.policy # A list of policy file formats that are supported by Oslo.policy
supported_policy_format_list: supported_policy_format_list:
......
...@@ -50,6 +50,15 @@ ...@@ -50,6 +50,15 @@
group: "{{ ansible_facts.user_gid }}" group: "{{ ansible_facts.user_gid }}"
mode: 0600 mode: 0600
- name: Template out public-openrc-system.sh
become: true
template:
src: "roles/common/templates/public-openrc-system.sh.j2"
dest: "{{ node_config }}/public-openrc-system.sh"
owner: "{{ ansible_facts.user_uid }}"
group: "{{ ansible_facts.user_gid }}"
mode: 0600
- import_role: - import_role:
name: octavia name: octavia
tasks_from: openrc.yml tasks_from: openrc.yml
......
...@@ -16,7 +16,7 @@ ...@@ -16,7 +16,7 @@
<parse> <parse>
@type multiline @type multiline
format_firstline /^\d{4}-\d{2}-\d{2} \d{2}:\d{2}:\d{2}.\d{3} \d+ \S+ \S+ \[.*\]/ format_firstline /^\d{4}-\d{2}-\d{2} \d{2}:\d{2}:\d{2}.\d{3} \d+ \S+ \S+ \[.*\]/
format1 /^(?<Timestamp>\S+ \S+) (?<Pid>\d+) (?<log_level>\S+) (?<python_module>\S+) \[(\S+ req-)?((?<request_id>\S+) (?<user_id>\S+) (?<tenant_id>\S+) (?<domain_id>\S+) (?<system_scope>\S+) (?<user_domain>\S+) (?<project_domain>\S+)|-)\] (?<Payload>.*)?$/ format1 /^(?<Timestamp>\S+ \S+) (?<Pid>\d+) (?<log_level>\S+) (?<python_module>\S+) ((?:\[)(?:None|req-)(?<global_request_id>\S+)? (?:None|req-)(?<request_id>\S+) (?<user_id>\S+) (?<tenant_id>\S+) (?<domain_id>\S+) (?<system_scope>\S+) (?<user_domain>\S+) (?<project_domain>\S+)(?:\]))?(?<Payload>.*)?$/
time_key Timestamp time_key Timestamp
keep_time_key true keep_time_key true
time_format %F %T.%L time_format %F %T.%L
......
# {{ ansible_managed }}
# Clear any old environment that may conflict.
for key in $( set | awk '{FS="="} /^OS_/ {print $1}' ); do unset $key ; done
export OS_USER_DOMAIN_NAME=Default
export OS_SYSTEM_SCOPE=all
export OS_USERNAME={{ keystone_admin_user }}
export OS_PASSWORD={{ keystone_admin_password }}
export OS_AUTH_URL={{ keystone_public_url }}
export OS_IDENTITY_API_VERSION=3
export OS_REGION_NAME={{ openstack_region_name }}
export OS_AUTH_PLUGIN=password
{% if kolla_admin_openrc_cacert is not none and kolla_admin_openrc_cacert | length > 0 %}
export OS_CACERT={{ kolla_admin_openrc_cacert }}
{% endif %}
...@@ -14,7 +14,7 @@ ...@@ -14,7 +14,7 @@
kolla_dev_repos_directory: "{{ kolla_dev_repos_directory }}" kolla_dev_repos_directory: "{{ kolla_dev_repos_directory }}"
opensearch_datadir_volume: "{{ opensearch_datadir_volume }}" opensearch_datadir_volume: "{{ opensearch_datadir_volume }}"
destroy_include_dev: "{{ destroy_include_dev }}" destroy_include_dev: "{{ destroy_include_dev }}"
kolla_ansible_inventories: "{{ inventories_comma_separated.replace(',',' ') }}" kolla_ansible_inventories: "{{ ansible_inventory_sources | join(' ') }}"
- block: - block:
- name: Disable octavia-interface service - name: Disable octavia-interface service
......
...@@ -110,7 +110,9 @@ ...@@ -110,7 +110,9 @@
file: file:
state: absent state: absent
path: "{{ node_config_directory }}/grafana/dashboards/" path: "{{ node_config_directory }}/grafana/dashboards/"
when: service | service_enabled_and_mapped_to_host when:
- not ansible_check_mode
- service | service_enabled_and_mapped_to_host
- name: Copying over custom dashboards - name: Copying over custom dashboards
vars: vars:
......
...@@ -12,6 +12,7 @@ ...@@ -12,6 +12,7 @@
retries: 30 retries: 30
delay: 2 delay: 2
run_once: true run_once: true
when: not ansible_check_mode
- name: Remove old grafana docker volume - name: Remove old grafana docker volume
become: true become: true
......
...@@ -175,7 +175,7 @@ heat_engine_extra_volumes: "{{ heat_extra_volumes }}" ...@@ -175,7 +175,7 @@ heat_engine_extra_volumes: "{{ heat_extra_volumes }}"
heat_internal_endpoint: "{{ heat_internal_base_endpoint }}/v1/%(tenant_id)s" heat_internal_endpoint: "{{ heat_internal_base_endpoint }}/v1/%(tenant_id)s"
heat_public_endpoint: "{{ heat_public_base_endpoint }}/v1/%(tenant_id)s" heat_public_endpoint: "{{ heat_public_base_endpoint }}/v1/%(tenant_id)s"
heat_cfn_internal_endpoint: "{{ heat_cfn_internal_base_endpoint }}/v1}" heat_cfn_internal_endpoint: "{{ heat_cfn_internal_base_endpoint }}/v1"
heat_cfn_public_endpoint: "{{ heat_cfn_public_base_endpoint }}/v1" heat_cfn_public_endpoint: "{{ heat_cfn_public_base_endpoint }}/v1"
heat_logging_debug: "{{ openstack_logging_debug }}" heat_logging_debug: "{{ openstack_logging_debug }}"
......
...@@ -236,7 +236,7 @@ ironic_conductor_default_volumes: ...@@ -236,7 +236,7 @@ ironic_conductor_default_volumes:
- "kolla_logs:/var/log/kolla" - "kolla_logs:/var/log/kolla"
- "ironic:/var/lib/ironic" - "ironic:/var/lib/ironic"
- "{{ kolla_dev_repos_directory ~ '/ironic:/dev-mode/ironic' if ironic_dev_mode | bool else '' }}" - "{{ kolla_dev_repos_directory ~ '/ironic:/dev-mode/ironic' if ironic_dev_mode | bool else '' }}"
- "{{ 'ironic_prometheus_exporter_data:/var/lib/ironic/metrics' if enable_ironic_prometheus_exporter | bool else '' }}" - "{{ 'ironic_prometheus_exporter_data:/var/lib/ironic-metrics' if enable_ironic_prometheus_exporter | bool else '' }}"
ironic_tftp_default_volumes: ironic_tftp_default_volumes:
- "{{ node_config_directory }}/ironic-tftp/:{{ container_config_directory }}/:ro" - "{{ node_config_directory }}/ironic-tftp/:{{ container_config_directory }}/:ro"
- "/etc/localtime:/etc/localtime:ro" - "/etc/localtime:/etc/localtime:ro"
...@@ -267,7 +267,7 @@ ironic_prometheus_exporter_default_volumes: ...@@ -267,7 +267,7 @@ ironic_prometheus_exporter_default_volumes:
- "/etc/localtime:/etc/localtime:ro" - "/etc/localtime:/etc/localtime:ro"
- "{{ '/etc/timezone:/etc/timezone:ro' if ansible_facts.os_family == 'Debian' else '' }}" - "{{ '/etc/timezone:/etc/timezone:ro' if ansible_facts.os_family == 'Debian' else '' }}"
- "kolla_logs:/var/log/kolla" - "kolla_logs:/var/log/kolla"
- "ironic_prometheus_exporter_data:/var/lib/ironic/metrics" - "ironic_prometheus_exporter_data:/var/lib/ironic-metrics"
ironic_extra_volumes: "{{ default_extra_volumes }}" ironic_extra_volumes: "{{ default_extra_volumes }}"
ironic_api_extra_volumes: "{{ ironic_extra_volumes }}" ironic_api_extra_volumes: "{{ ironic_extra_volumes }}"
......
...@@ -14,6 +14,7 @@ ...@@ -14,6 +14,7 @@
- ironic_api - ironic_api
- ironic_inspector - ironic_inspector
- ironic_http - ironic_http
- ironic_prometheus_exporter
check_mode: false check_mode: false
register: container_facts register: container_facts
......
...@@ -34,7 +34,7 @@ driver = prometheus_exporter ...@@ -34,7 +34,7 @@ driver = prometheus_exporter
driver = noop driver = noop
{% endif %} {% endif %}
{% if enable_ironic_prometheus_exporter | bool %} {% if enable_ironic_prometheus_exporter | bool %}
location = /var/lib/ironic/metrics location = /var/lib/ironic-metrics
{% endif %} {% endif %}
[oslo_messaging_rabbit] [oslo_messaging_rabbit]
......
...@@ -51,3 +51,4 @@ ...@@ -51,3 +51,4 @@
cacert: "{{ openstack_cacert }}" cacert: "{{ openstack_cacert }}"
region_name: "{{ openstack_region_name }}" region_name: "{{ openstack_region_name }}"
run_once: True run_once: True
when: not ansible_check_mode
...@@ -154,5 +154,5 @@ connection_string = {{ osprofiler_backend_connection_string }} ...@@ -154,5 +154,5 @@ connection_string = {{ osprofiler_backend_connection_string }}
{% if magnum_kubeconfig_file_path is not defined %} {% if magnum_kubeconfig_file_path is not defined %}
[drivers] [drivers]
disabled_drivers = k8s_cluster_api_flatcar,k8s_cluster_api_ubuntu,k8s_cluster_api_ubuntu_focal disabled_drivers = k8s_cluster_api_flatcar,k8s_cluster_api_rockylinux,k8s_cluster_api_ubuntu,k8s_cluster_api_ubuntu_focal
{% endif %} {% endif %}
...@@ -41,7 +41,7 @@ ...@@ -41,7 +41,7 @@
- name: Extract cinder key from file - name: Extract cinder key from file
set_fact: set_fact:
cinder_cephx_raw_key: cinder_cephx_raw_key:
"{{ lookup('file', cinder_cephx_keyring_file.stat.path) | regex_search('key\\s*=.*$', multiline=True) | regex_replace('key\\s*=\\s*(.*)\\s*', '\\1') }}" "{{ lookup('template', cinder_cephx_keyring_file.stat.path) | regex_search('key\\s*=.*$', multiline=True) | regex_replace('key\\s*=\\s*(.*)\\s*', '\\1') }}"
changed_when: false changed_when: false
when: when:
- cinder_backend_ceph | bool - cinder_backend_ceph | bool
......
...@@ -13,6 +13,7 @@ ...@@ -13,6 +13,7 @@
retries: 30 retries: 30
delay: 2 delay: 2
run_once: true run_once: true
when: not ansible_check_mode
- name: Check if a log retention policy exists - name: Check if a log retention policy exists
become: true become: true
...@@ -46,7 +47,9 @@ ...@@ -46,7 +47,9 @@
delegate_to: "{{ groups['opensearch'][0] }}" delegate_to: "{{ groups['opensearch'][0] }}"
run_once: true run_once: true
changed_when: opensearch_retention_policy_create.status == 201 changed_when: opensearch_retention_policy_create.status == 201
when: opensearch_retention_policy_check.status == 404 when:
- not ansible_check_mode
- opensearch_retention_policy_check.status == 404
- name: Apply retention policy to existing indices - name: Apply retention policy to existing indices
become: true become: true
...@@ -66,4 +69,6 @@ ...@@ -66,4 +69,6 @@
delegate_to: "{{ groups['opensearch'][0] }}" delegate_to: "{{ groups['opensearch'][0] }}"
run_once: true run_once: true
changed_when: opensearch_retention_policy_create.status == 201 changed_when: opensearch_retention_policy_create.status == 201
when: opensearch_retention_policy_check.status == 404 when:
- not ansible_check_mode
- opensearch_retention_policy_check.status == 404
--- ---
- import_tasks: version-check.yml
- include_tasks: remove-ha-all-policy.yml - include_tasks: remove-ha-all-policy.yml
when: when:
- not om_enable_rabbitmq_high_availability | bool - not om_enable_rabbitmq_high_availability | bool
......
--- ---
- block: - block:
- name: Get current RabbitMQ version - name: Get container facts
vars:
service_name: "rabbitmq"
service: "{{ rabbitmq_services[service_name] }}"
become: true become: true
command: "{{ kolla_container_engine }} exec {{ service.container_name }} rabbitmqctl --version" kolla_container_facts:
register: rabbitmq_version_current action: get_containers
changed_when: false container_engine: "{{ kolla_container_engine }}"
name:
- "{{ service.container_name }}"
register: container_facts
- name: Get new RabbitMQ version - block:
become: true - name: Get current RabbitMQ version
vars: become: true
rabbitmq_container: "{{ rabbitmq_services['rabbitmq'] }}" command: "{{ kolla_container_engine }} exec {{ service.container_name }} rabbitmqctl --version"
kolla_container: register: rabbitmq_version_current
action: "start_container" changed_when: false
command: "rabbitmqctl --version"
detach: false - name: Get new RabbitMQ version
environment: become: true
KOLLA_CONFIG_STRATEGY: "{{ config_strategy }}" vars:
image: "{{ rabbitmq_container.image }}" rabbitmq_container: "{{ rabbitmq_services['rabbitmq'] }}"
name: "rabbitmq_version_check" kolla_container:
restart_policy: oneshot action: "start_container"
volumes: "{{ rabbitmq_default_volumes + rabbitmq_extra_volumes }}" command: "rabbitmqctl --version"
register: rabbitmq_version_new common_options: "{{ docker_common_options }}"
failed_when: false container_engine: "{{ kolla_container_engine }}"
check_mode: false detach: false
environment:
KOLLA_CONFIG_STRATEGY: "{{ config_strategy }}"
image: "{{ rabbitmq_container.image }}"
name: "rabbitmq_version_check"
restart_policy: oneshot
volumes: "{{ rabbitmq_default_volumes + rabbitmq_extra_volumes }}"
register: rabbitmq_version_new
failed_when: false
check_mode: false
# As an example, when the new RabbitMQ version is 3.13.6:
# new_major_version = 3
# new_minor_version = 13
# new_version = 3.13
# And if the current RabbitMQ version is 3.11.28:
# upgrade_version = 3.12
- name: Check if running RabbitMQ is at most one version behind
vars:
current_version_major: "{{ rabbitmq_version_current.stdout | regex_search('^[0-9]+') }}"
current_version_minor: "{{ rabbitmq_version_current.stdout | regex_search('(?<=.)[^.].') }}"
current_version: "{{ rabbitmq_version_current.stdout | regex_replace('.[^.]+$', '') }}"
new_version_major: "{{ rabbitmq_version_new.stdout | regex_search('^[0-9]+') }}"
new_version_minor: "{{ rabbitmq_version_new.stdout | regex_search('(?<=.)[^.].') }}"
new_version: "{{ rabbitmq_version_new.stdout | regex_replace('.[^.]+$', '') }}"
# Note: this assumes 3.13 will be the last release before 4.0.
upgrade_version: "{{ '4.0' if current_version == '3.13' else current_version_major + '.' + (current_version_minor | int + 1) | string }}"
assert:
that: (current_version_major == new_version_major and
new_version_minor | int - current_version_minor | int <= 1) or
(new_version | float == 4.0 and current_version | float == 3.13)
fail_msg: >
Looks like you're trying to run a skip-release upgrade!
RabbitMQ must be at most one version behind the target release version ({{ rabbitmq_version_new.stdout | trim }}) to run this upgrade.
You are running {{ rabbitmq_version_current.stdout }}.
Please first upgrade to {{ upgrade_version }} with the command ``kolla-ansible rabbitmq-upgrade {{ upgrade_version }}``.
See these docs for more details: https://docs.openstack.org/kolla-ansible/latest/reference/message-queues/rabbitmq.html#slurp
- name: Catch when RabbitMQ is being downgraded
assert:
that: rabbitmq_version_current.stdout is version(rabbitmq_version_new.stdout | trim, 'le', version_type='semver')
fail_msg: >
Looks like you're about to downgrade RabbitMQ from version {{ rabbitmq_version_current.stdout }} to version {{ rabbitmq_version_new.stdout | trim }}.
If you're absolutely certain you want to do this, please skip the tag `rabbitmq-version-check`.
Otherwise, see these docs for how to pin the version of RabbitMQ:
https://docs.openstack.org/kolla-ansible/latest/reference/message-queues/rabbitmq.html#rabbitmq-versions
# As an example, when the new RabbitMQ version is 3.13.6: when: container_facts[service.container_name] is defined
# new_major_version = 3
# new_minor_version = 13
# new_version = 3.13
# And if the current RabbitMQ version is 3.11.28:
# upgrade_version = 3.12
- name: Check if running RabbitMQ is at most one version behind
vars:
current_version_major: "{{ rabbitmq_version_current.stdout | regex_search('^[0-9]+') }}"
current_version_minor: "{{ rabbitmq_version_current.stdout | regex_search('(?<=.)[^.].') }}"
current_version: "{{ rabbitmq_version_current.stdout | regex_replace('.[^.]+$', '') }}"
new_version_major: "{{ rabbitmq_version_new.stdout | regex_search('^[0-9]+') }}"
new_version_minor: "{{ rabbitmq_version_new.stdout | regex_search('(?<=.)[^.].') }}"
new_version: "{{ rabbitmq_version_new.stdout | regex_replace('.[^.]+$', '') }}"
# Note: this assumes 3.13 will be the last release before 4.0.
upgrade_version: "{{ '4.0' if current_version == '3.13' else current_version_major + '.' + (current_version_minor | int + 1) | string }}"
assert:
that: (current_version_major == new_version_major and
new_version_minor | int - current_version_minor | int <= 1) or
(new_version | float == 4.0 and current_version | float == 3.13)
fail_msg: >
Looks like you're trying to run a skip-release upgrade!
RabbitMQ must be at most one version behind the target release version ({{ rabbitmq_version_new.stdout | trim }}) to run this upgrade.
You are running {{ rabbitmq_version_current.stdout }}.
Please first upgrade to {{ upgrade_version }} with the command ``kolla-ansible rabbitmq-upgrade {{ upgrade_version }}``.
See these docs for more details: https://docs.openstack.org/kolla-ansible/latest/reference/message-queues/rabbitmq.html#slurp
delegate_to: "{{ groups[role_rabbitmq_groups] | first }}" delegate_to: "{{ groups[role_rabbitmq_groups] | first }}"
run_once: true run_once: true
tags: rabbitmq-version-check tags: rabbitmq-version-check
vars:
service_name: "rabbitmq"
service: "{{ rabbitmq_services[service_name] }}"
...@@ -40,7 +40,7 @@ workaround_ansible_issue_8743: yes ...@@ -40,7 +40,7 @@ workaround_ansible_issue_8743: yes
#kolla_base_distro: "rocky" #kolla_base_distro: "rocky"
# Do not override this unless you know what you are doing. # Do not override this unless you know what you are doing.
#openstack_release: "master" #openstack_release: "2024.2"
# Docker image tag used by default. # Docker image tag used by default.
#openstack_tag: "{{ openstack_release ~ openstack_tag_suffix }}" #openstack_tag: "{{ openstack_release ~ openstack_tag_suffix }}"
......
...@@ -201,7 +201,8 @@ class OctaviaCertificates(KollaAnsibleMixin, Command): ...@@ -201,7 +201,8 @@ class OctaviaCertificates(KollaAnsibleMixin, Command):
def take_action(self, parsed_args): def take_action(self, parsed_args):
extra_vars = {} extra_vars = {}
if hasattr(parsed_args, "check_expiry"): if hasattr(parsed_args, "check_expiry") \
and parsed_args.check_expiry is not None:
self.app.LOG.info("Checking if certificates expire " self.app.LOG.info("Checking if certificates expire "
"within given number of days.") "within given number of days.")
extra_vars["octavia_certs_check_expiry"] = "yes" extra_vars["octavia_certs_check_expiry"] = "yes"
......