Adds an ability to enable SNAT service on the seed hypervisor.
Depends-On: Ie42ab7a0dc9dd1ed1925b3a17134b3770ae8ba98
Change-Id: I0a2ff5caa01d54b1532d30d501b55ef23a6deff8
Signed-off-by: Maksim Malchuk <maksim.malchuk@gmail.com>
When customising kolla_bifrost_inspector_extra_kernel_options, for
example to define which console to use, operators should note that
Kayobe defines extra kernel parameters that are important for
inspection, such as ipa-collect-lldp=1.
Change-Id: Id789dede2d1886ef5ec66ebc86968d6cf62fa2de
Adds a '--diff' argument to kayobe CLI commands. This is passed through
to ansible-playbook for Kayobe Ansible playbooks, and can be used with
the '--check' argument to see changes that would be made to files.
This change also passes through --check and --diff arguments to
kolla-ansible.
Story: 2009038
Task: 42794
Change-Id: I350795c328c0dc0a91a5cd500c252c5b7b1eafc1
This change is a missing part for the new Kayobe functionality
introduced in Ie16354cd01ea7dd83cd3d4058dd8451b8387600b.
Change-Id: Ia3d665d53ccdb9e3b1d40949e96b720fab6df348
Signed-off-by: Maksim Malchuk <maksim.malchuk@gmail.com>
If ICMP is filtered, it can be useful to change the IP and hostname used
by the network connectivity check feature.
Change-Id: I7432287dcb43992688600415fbb360709a532565
Kolla Ansible has recently updated the default Docker configuration to
stop using an insecure registry [1]. To avoid breaking existing Kayobe
deployments, automatically set docker_registry_insecure to true if we
deploy a registry without TLS.
[1] https://review.opendev.org/c/openstack/kolla-ansible/+/805449
Change-Id: Ifec7102812b5503cb02f207098192e99e7193d49
Supports merging configuration for the following files:
* kolla/globals.yml
* kolla/config/bifrost/bifrost.yml
* kolla/config/bifrost/dib.yml
* kolla/config/bifrost/servers.yml
* kolla/kolla-build.conf
Configuration is merged from the following sources:
* Kayobe source code
* Base Kayobe config
* Kayobe environment
Co-Authored-By: Will Szumski <will@stackhpc.com>
Change-Id: I552bd8f7853b2032954b372bf4476676dac3e271
Story: 2002009
Task: 42974
This is only supported on CentOS for now due to limitations of the
Ansible role used to configure tuned.
Change-Id: Ie07c5f467975f8da2f720e70c94cea6285981d72
Co-Authored-By: Pierre Riteau <pierre@stackhpc.com>
Story: 2007853
Task: 40155
Follow up to Id60e25e129e323f3c07e702bb81a11efc530fb3e, adds support for
firewalld configuration on Infra VMs.
Change-Id: Idd1ab982d4bca1cbdb0c4c6041cf3b6c17eae6cb
CentOS cloud images come with net.ifnames=0 on the kernel command line,
which disables consistent network device naming. This does not provide a
good experience on bare metal because NIC ordering can vary. This is
specific to cloud images: an ISO installation would use consistent
network device naming.
We now set net.ifnames=1 in the DIB default environment to use
consistent network device naming. The parameters `nofb nomodeset
gfxpayload=text` are also set to preserve defaults from DIB.
To restore the existing behaviour, set DIB_BOOTLOADER_DEFAULT_CMDLINE to
`nofb nomodeset gfxpayload=text net.ifnames=0` in the
kolla_bifrost_dib_env_vars_extra dictionary.
Change-Id: I20465eab4e0aec6620578a92d3bdbddcec0954df
This change allows you to define additional VMs to deploy
on the seed-hypervisor.
Co-authored-by: Piotr Parczewski <piotr@stackhpc.com>
Co-authored-by: Will Szumski <will@stackhpc.com>
Co-authored-by: Mark Goddard <mark@stackhpc.com>
Story: 2008741
Task: 42095
Change-Id: I8055fc5eb0a9edadcb35767303c659922f2d07ca
Adds support for configuring firewalld for CentOS hosts managed by
Kayobe.
* create zones
* set default zone
* set zone for interfaces
* define rules
Change-Id: Id60e25e129e323f3c07e702bb81a11efc530fb3e
Story: 2008991
Task: 42644
This change bumps up the maximum supported Ansible version to 4.x
(ansible-core 2.11.x) and minimum to 2.10. This synchronises Kayobe with
Kolla Ansible (see change I8b9212934dfab3831986e8db55671baee32f4bbd).
Uses of docker_image are updated. We must now provide the source
parameter. When source is build (for molecule), we replace force by
force_source and force_tag and move path and dockerfile under the build
parameter.
Use docker_image_info instead of docker_image_facts.
Handle update of ansible inside kolla-ansible virtualenv and document
how to do it for the kayobe virtualenv.
Change-Id: I7a4530f4f63ddb37aa30a617db5944b97bc3e17f
Ansible facts can have a large impact on the performance of the Ansible
control host. This patch introduces some control over which facts are
gathered (kayobe_ansible_setup_gather_subset) and which facts are stored
(kayobe_ansible_setup_filter). By default we do not change the default
values of these arguments to the setup module. The flexibility of these
arguments is limited, but they do provide enough for a large performance
improvement in a typical moderate to large OpenStack cloud.
In particular, the large complex dict fact for each interface has a
large effect, and on an OpenStack controller or hypervisor there may be
many virtual interfaces. We can use the kayobe_ansible_setup_filter
variable to help:
kayobe_ansible_setup_filter: 'ansible_[!qt]*'
This causes Ansible to collect but not store facts matching that
pattern, which includes the virtual interface facts. Currently we are
not referencing other facts matching the pattern within Kayobe.
Note that including the 'ansible_' prefix causes meta facts module_setup
and gather_subset to be filtered, but this seems to be the only way to
get a good match on the interface facts. To work around this, we use
ansible_facts rather than module_setup to detect whether facts exist in
the cache.
The exact improvement will vary, but has been reported to be as large as
18x on systems with many virtual interfaces.
This change also introduces a new command to gather facts for Kayobe &
Kolla Ansible on demand, 'kayobe overcloud facts gather'. This can be
used to populate a fact cache.
Depends-On: https://review.opendev.org/c/openstack/kolla-ansible/+/794610
Story: 2007993
Task: 42586
Change-Id: I5ce3c734433e1682ee942867505468c57440e689
This change adds support for installing Ansible collections via
requirements.yml in Kayobe or Kayobe config.
Story: 2008391
Task: 41315
Change-Id: I764ff019a18266b593add7ab80ee095d7d07a869
The CentOS Stream 8 section used the wrong heading style, which broke
the rest of the document, making the other headings the wrong sizes.
Change-Id: I8015c905074016c53c803ce40a299ad5c911ada6
By default, Ansible injects a variable for every fact, prefixed with
ansible_. This can result in a large number of variables for each host,
which at scale can incur a performance penalty. Ansible provides a
configuration option [0] that can be set to False to prevent this
injection of facts. In this case, facts should be referenced via
ansible_facts.<fact>.
This change updates all references to Ansible facts within Kayobe
from using individual fact variables to using the items in the
ansible_facts dictionary. This allows users to disable fact variable
injection in their Ansible configuration, which may provide some
performance improvement.
This change disables fact variable injection in the ansible
configuration used in CI, to catch any attempts to use the injected
variables.
[0] https://docs.ansible.com/ansible/latest/reference_appendices/config.html#inject-facts-as-vars
Story: 2007993
Task: 42464
Depends-On: https://review.opendev.org/c/openstack/kolla-ansible/+/791276
Change-Id: I14db53ed6e57d37bbd28dd5819e432e3fe6628b2
Documentation about DIB_DISABLE_KERNEL_CLEANUP was left in place after
the variable was removed in Ie25e88bb96f186399ae69837e93185127628ce86.
Backport: wallaby, victoria, ussuri
Change-Id: Iddb699aa98ddee8446d532ce4bd23ba9174fb38e
Migrating to Ironic hardware types was required in Rocky. This can now
be removed from upgrading instructions.
Change-Id: I0510db9fd1b8dd72540c83173267491b32728330
