Merge "Build Rocky based IPA images"#544
Closed
owenjones wants to merge 314 commits intostackhpc/2025.1from
Closed
Merge "Build Rocky based IPA images"#544owenjones wants to merge 314 commits intostackhpc/2025.1from
owenjones wants to merge 314 commits intostackhpc/2025.1from
Conversation
Change-Id: I8a0c9a7c195c259378cb0b7b4e01434394ab10ae
Synchronise master with upstream
This resolves an issue with applying some configuration blocks. Closes-Bug: #2115121 Change-Id: I3937cb29143f3b9965032c186e8086854de7fbef Signed-off-by: Pierre Riteau <pierre@stackhpc.com>
Closes-Bug: #2115000 Change-Id: Ib27428f89b0e3f2865ab1c498f05de741fa49587 Signed-off-by: Pierre Riteau <pierre@stackhpc.com>
Synchronise master with upstream
These jobs are broken due to a missing cirros image from cache [1]. [1] https://review.opendev.org/c/opendev/zuul-providers/+/953908 Change-Id: Ic19aee58748e088e6d68a476ed82e48e5b186822 Signed-off-by: Pierre Riteau <pierre@stackhpc.com>
The junos_config module dropped support for the provider parameter and for connection: local [1]. Apply a similar to fix to the Arista one [2]. [1] ansible-collections/junipernetworks.junos#333 [2] https://review.opendev.org/c/openstack/kayobe/+/922631 Closes-Bug: #2111341 Change-Id: I531862fa9bebb8ef8ee900457278e0959dbe66cc Signed-off-by: Pierre Riteau <pierre@stackhpc.com>
This is now provided by ansible-collection-kolla directly [1]. [1] https://review.opendev.org/c/openstack/ansible-collection-kolla/+/952910 Change-Id: I9ebba113bd734d8e100653fdaab206d846033258 Signed-off-by: Pierre Riteau <pierre@stackhpc.com>
Synchronise master with upstream
Change-Id: Iebd91d92c603efeaac94cebf009036873dd97093 Signed-off-by: Alex Welsh <alex@stackhpc.com>
Synchronise master with upstream
In case of a deployment utilising network nodes the backend TLS configuration is missing on network nodes. Closes-Bug: #2117084 Change-Id: Ie5247cbcc81388d67707b0772ae00fda8ab7262b Signed-off-by: Michal Nasiadka <mnasiadka@gmail.com>
This resolves an issue where incorrect network-data.json would be generated when interfaces without IP addresses were attached to infrastructure VMs. Closes-Bug: #2118403 Change-Id: I8698e0b0fa01c84318e16a5e61f698ad36996a7f Signed-off-by: Matt Anson <matta@stackhpc.com>
This mirrors what was done in Kolla images [1] and may be a more stable repository. Also fix an outdated comment. [1] https://review.opendev.org/c/openstack/kolla/+/894948 Change-Id: I953b168240edc88e9248a7a1b353d318aa09853c Signed-off-by: Pierre Riteau <pierre@stackhpc.com>
Synchronise master with upstream
Synchronise master with upstream
Change-Id: Id7fdbd3871e4385455767cb14fb167140ee0d55d Signed-off-by: Bartosz Bezak <bartosz@stackhpc.com>
Skip the admin OS_CACERT line when rendering public-openrc. Recent change [1] introduced that. It occurs only when both admin and public cacert variables are set. [1] https://review.opendev.org/c/openstack/kayobe/+/949624 Closes-Bug: #2116318 Change-Id: I29c0c6bf77e919940c3452b1f5d219462552cdff Signed-off-by: Bartosz Bezak <bartosz@stackhpc.com>
This is only an issue when dnf_use_local_mirror is true. Closes-Bug: #2119921 Change-Id: I55e703dcf67e556dd97289a58b8720511b60355b Signed-off-by: Pierre Riteau <pierre@stackhpc.com>
Synchronise master with upstream
The known_hosts module returns a failure on centos/rocky 10 when given a comment line from ssh-keyscan output. Fix by excluding them with grep. Change-Id: I29e7e8a7480009fd359b8aa8b867b11900109f00 Signed-off-by: Pierre Riteau <pierre@stackhpc.com>
Change-Id: I3c793f1f63d5d220efd967dcea17beff4f861644 Signed-off-by: Pierre Riteau <pierre@stackhpc.com>
Match recent bashate cleanup by excluding local artifact paths from the tox linters ansible-lint run. Skip .ansible, ansible/collections and dotted Galaxy role directories under ansible/roles/*.* so external downloaded collections and roles are not linted. Closes-Bug: #2141527 Change-Id: If0eee54d7ade3d85ab5b999b32a216d8ea3a91b9 Signed-off-by: Grzegorz Koper <grzegorzk@stackhpc.com>
Synchronise master with upstream
Change-Id: Ib2f9c10433c42f783e1d5f618291ba5cb7be1641 Signed-off-by: Pierre Riteau <pierre@stackhpc.com>
Adds support for managing the Ansible control host configuration. This is provided by the new `kayobe control host configure` command, and uses the existing host configuration features in Kayobe. Also provided is a `kayobe control host command run` command for running commands on the Ansible control host, and a `kayobe control host package update` command for updating its OS packages. Co-Authored-By: Leonie Chamberlin-Medd <leonie@stackhpc.com> Change-Id: Idde1272da3f17c4a09e77c98c3570a7bbc8d326b Signed-off-by: Pierre Riteau <pierre@stackhpc.com> Signed-off-by: Leonie Chamberlin-Medd <leonie@stackhpc.com>
When originally introduced the `kayobe overcloud service passwords view` command included usage documentation that showed the wrong command this has been corrected. Change-Id: I806c9ea8a8175a564e6deb131f715bb0abea158f Signed-off-by: Jack Hodgkiss <jack@stackhpc.com>
Change-Id: I34081d7d2e46cf8229609f366998c6d798eb0caf Signed-off-by: Pierre Riteau <pierre@stackhpc.com>
Synchronise master with upstream
Bifrost is currently broken by passlib issues. Change-Id: Ib5b031b27195a2b39daf2d05a43af4d8c8f9882c Signed-off-by: Pierre Riteau <pierre@stackhpc.com>
Synchronise master with upstream
Release 6.0.0 of python-ironicclient changed the way node attributes are named in JSON output [1]. We now need to access attributes using lower case. [1] https://review.opendev.org/c/openstack/python-ironicclient/+/973948 Depends-On: https://review.opendev.org/c/openstack/kolla-ansible/+/901100 Change-Id: Iccb99cfd1a723b3680b64781488d15e417642522 Signed-off-by: Pierre Riteau <pierre@stackhpc.com>
This reverts commit aa230f9. Reason for revert: Bifrost passlib fix is merged. Change-Id: I5b179291a335cb32c782cf351554fdd6bd3e144f Signed-off-by: Pierre Riteau <pierre@stackhpc.com>
This prevents us needing the CRB and EPEL repositories to be enabled on Rocky hosts when building DIB images. Closes-Bug: #2141684 Closes-Bug: #2142501 Change-Id: Id3e610ad466212d3b8dde7a429ea66cc1562b047 Signed-off-by: Will Szumski <will@stackhpc.com>
[DEPRECATION WARNING]: Conditional result (False) was derived from
value of type 'int' at
'/home/ubuntu/kayobe/ansible/roles/network-debian/tasks/main.yml:51:9'.
Conditionals must have a boolean result. This feature will be
removed from ansible-core version 2.23.
Origin: /home/ubuntu/kayobe/ansible/roles/network-debian/tasks/main.yml:51:9
49 command: "udevadm trigger --verbose --subsystem-match=net --action=add"
50 changed_when: false
51 when: network_interfaces | networkd_links | length
^ column 9
Broken conditionals are currently allowed because the
`ALLOW_BROKEN_CONDITIONALS` configuration option is enabled.
TrivialFix
Change-Id: I3e04902ac1cf129d325d291cafb719fd15a84368
Signed-off-by: Will Szumski <will@stackhpc.com>
Broken conditionals are currently allowed because the
`ALLOW_BROKEN_CONDITIONALS` configuration option is enabled.
[DEPRECATION WARNING]: Conditional result (True) was derived from
value of type 'str' at
'/home/zuul/src/opendev.org/openstack/kayobe-config-dev/etc/kayobe/zz-30-overrides.yml:47:25'.
Conditionals must have a boolean result. This feature will be removed
from ansible-core version 2.23.
Origin: /home/zuul/kayobe-venv/share/kayobe/ansible/roles/firewalld/tasks/enabled.yml:50:9
48 become: true
49 loop: "{{ network_interfaces }}"
50 when: item | net_zone
^ column 9
TrivialFix
Change-Id: I88e0f12e838070196d8f3ffa4ec95464ab323632
Signed-off-by: Will Szumski <will@stackhpc.com>
Network connectivity check fails for hosts that have no external network, so this check is now skipped if ``http_proxy`` is defined. Change-Id: Ib6f815c319a7e92e675382cfe9d4011598e72aba Signed-off-by: Hollie Hutchinson <hollie@stackhpc.com>
Adds support for installing and configuring fail2ban in Kayobe using the robertdebock.fail2ban Ansible role https://galaxy.ansible.com/ui/standalone/roles/robertdebock/fail2ban/ Change-Id: Ic484b2c4f6e261a5173ba8f5378258068f468fa2 Signed-off-by: Leonie Chamberlin-Medd <leonie@stackhpc.com>
Deprecates the options ``--kolla-tags``, ``--kolla-skip-tags``, and ``kolla-limit``. Regular ``--tags``, ``--skip-tags``, and ``--limit`` will now be passed directly to the Kolla-Ansible invocations. The ``kayobe-generate-config`` tag is added to ``kolla-ansible.yml`` and ``kolla-openstack.yml``. It is always called, to allow for limiting to OpenStack services with just one tag, e.g. ``kayobe overcloud service deploy -t nova`. You can still skip this with ``--skip-tags kayobe-generate-config``. Also adds the ``bifrost`` tag to ``kolla-bifrost.yml``, so that we can easily limit to bifrost in the seed service deploy. As there is no clean way to handle some of Ansible's "special" tags like ``none``, using both regular and kolla tags/limits together is no longer allowed. Change-Id: I6f466305d49031da4d048f8fa7d2625b261a6fa0 Signed-off-by: Matt Crees <mattc@stackhpc.com> Co-Authored-By: Will Szumski <will@stackhpc.com>
Change-Id: I5f20b51346eb58d4a5cbf921b5387beb1056b24e Signed-off-by: Pierre Riteau <pierre@stackhpc.com>
With the G cycle, this feature is always supported. Change-Id: I0ccbfd7baa2ae43f06a91f34d8357d91e57317ee Signed-off-by: Matt Crees <mattc@stackhpc.com>
When `os_distribution` is set to `rocky`, IPA images will now be built using Rocky, rather than CentOS Stream. Original-author: Will Szumski <will@stackhpc.com> Change-Id: I9fbfaeb1b88e747de1a7c16934d3c46f7cc82d3d Signed-off-by: Owen Jones <owen@stackhpc.com> (Original WIP: https://review.opendev.org/c/openstack/kayobe/+/924498)
owenjones
force-pushed
the
rocky-ipa-images
branch
from
83f62de to
fda8262
Compare
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
20 participants
Add this suggestion to a batch that can be applied as a single commit.This suggestion is invalid because no changes were made to the code.Suggestions cannot be applied while the pull request is closed.Suggestions cannot be applied while viewing a subset of changes.Only one suggestion per line can be applied in a batch.Add this suggestion to a batch that can be applied as a single commit.Applying suggestions on deleted lines is not supported.You must change the existing code in this line in order to create a valid suggestion.Outdated suggestions cannot be applied.This suggestion has been applied or marked resolved.Suggestions cannot be applied from pending reviews.Suggestions cannot be applied on multi-line comments.Suggestions cannot be applied while the pull request is queued to merge.Suggestion cannot be applied right now. Please check back later.
Merging upstream patch