From 4cbad53ea9293fd51c5ffc368ca01787549472f7 Mon Sep 17 00:00:00 2001 From: Tim Rozet Date: Fri, 4 Jan 2019 12:28:30 -0500 Subject: Fixes undercloud install failure with setting hostname There is a new bug when deploying master/rocky where the OS of the undercloud/overcloud is now upgraded to CentOS 7.6. When the undercloud install runs it fails to configure the hostname using hostnamectl. This is because systemd-hostnamed is not running and fails to start. Simply reloading dbus seems to fix the issue. In the dbus logs there are odd error messages like: dbus-daemon[3230]: Unknown username "root" in message bus configuration file Disabling selinux seems to fix this. This patch also moves to use podman instead of docker for container management and invokes a script in Ansible which updates NIC templates as new variables are added upstream. Furthermore, with the new patches for routed networks in OOO, it is now required that the MTU is set in network-data, as well as adding the External network to the Compute role. Now the External network is removed by default from the Compute role. Change-Id: Ie8b86f6f28d69bda11b1f7a430df882970ac3cb9 Signed-off-by: Tim Rozet --- apex/common/utils.py | 12 +++++++++++ apex/deploy.py | 7 +++++++ apex/network/network_data.py | 2 +- apex/tests/test_apex_common_utils.py | 5 +++++ apex/undercloud/undercloud.py | 5 ++++- build/network-environment.yaml | 22 +++++++++++++++++++- lib/ansible/playbooks/configure_undercloud.yml | 6 +++--- lib/ansible/playbooks/deploy_overcloud.yml | 24 +++++++++++++++++----- lib/ansible/playbooks/patch_containers.yml | 6 +++--- lib/ansible/playbooks/post_deploy_overcloud.yml | 6 +++--- .../playbooks/prepare_overcloud_containers.yml | 2 +- 11 files changed, 79 insertions(+), 18 deletions(-) diff --git a/apex/common/utils.py b/apex/common/utils.py index aae821ef..72a66d10 100644 --- a/apex/common/utils.py +++ b/apex/common/utils.py @@ -310,3 +310,15 @@ def fetch_properties(url): logging.warning('Unable to fetch properties for: {}'.format(url)) raise exc.FetchException('Unable determine properties location: ' '{}'.format(url)) + + +def find_container_client(os_version): + """ + Determines whether to use docker or podman client + :param os_version: openstack version + :return: client name as string + """ + if os_version == 'rocky' or os_version == 'queens': + return 'docker' + else: + return 'podman' diff --git a/apex/deploy.py b/apex/deploy.py index f5d64820..d0c2b208 100644 --- a/apex/deploy.py +++ b/apex/deploy.py @@ -527,6 +527,8 @@ def main(): container_vars['os_version'] = os_version container_vars['aarch64'] = platform.machine() == 'aarch64' container_vars['sdn_env_file'] = sdn_env_files + container_vars['container_client'] = utils.find_container_client( + os_version) try: utils.run_ansible(container_vars, docker_playbook, host=undercloud.ip, user='stack', @@ -569,6 +571,8 @@ def main(): deploy_vars['http_proxy'] = net_settings.get('http_proxy', '') deploy_vars['https_proxy'] = net_settings.get('https_proxy', '') deploy_vars['vim'] = ds_opts['vim'] + deploy_vars['container_client'] = utils.find_container_client( + os_version) for dns_server in net_settings['dns_servers']: deploy_vars['dns_server_args'] += " --dns-nameserver {}".format( dns_server) @@ -733,6 +737,9 @@ def main(): deploy_vars['sriov'] = ds_opts.get('sriov') deploy_vars['tacker'] = ds_opts.get('tacker') deploy_vars['all_in_one'] = all_in_one + # TODO(trozet): need to set container client to docker until OOO + # migrates OC to podman. Remove this later. + deploy_vars['container_client'] = 'docker' # TODO(trozet): pull all logs and store in tmp dir in overcloud # playbook post_overcloud = os.path.join(args.lib_dir, constants.ANSIBLE_PATH, diff --git a/apex/network/network_data.py b/apex/network/network_data.py index 1177af09..6f330c50 100644 --- a/apex/network/network_data.py +++ b/apex/network/network_data.py @@ -83,7 +83,7 @@ def create_network_data(ns, target=None): "{}".format(net)) raise NetworkDataException("cidr is null for network {}".format( net)) - + tmp_net['mtu'] = network.get('mtu', 1500) network_data.append(copy.deepcopy(tmp_net)) # have to do this due to the aforementioned bug diff --git a/apex/tests/test_apex_common_utils.py b/apex/tests/test_apex_common_utils.py index f307990d..1ecb7df6 100644 --- a/apex/tests/test_apex_common_utils.py +++ b/apex/tests/test_apex_common_utils.py @@ -155,3 +155,8 @@ class TestCommonUtils: def test_unique(self): dummy_list = [1, 2, 1, 3, 4, 5, 5] assert_equal(utils.unique(dummy_list), [1, 2, 3, 4, 5]) + + def test_find_container_client(self): + for version in 'rocky', 'queens': + assert_equal(utils.find_container_client(version), 'docker') + assert_equal(utils.find_container_client('master'), 'podman') diff --git a/apex/undercloud/undercloud.py b/apex/undercloud/undercloud.py index ccdcd168..5ee487c2 100644 --- a/apex/undercloud/undercloud.py +++ b/apex/undercloud/undercloud.py @@ -155,6 +155,8 @@ class Undercloud: ansible_vars['apex_temp_dir'] = apex_temp_dir ansible_vars['nat'] = self.detect_nat(net_settings) + ansible_vars['container_client'] = utils.find_container_client( + self.os_version) try: utils.run_ansible(ansible_vars, playbook, host=self.ip, user='stack') @@ -252,7 +254,8 @@ class Undercloud: "generate_service_certificate false", "undercloud_ntp_servers {}".format(str(ns['ntp'][0])), "container_images_file " - "/home/stack/containers-prepare-parameter.yaml" + "/home/stack/containers-prepare-parameter.yaml", + "undercloud_enable_selinux false" ] config['undercloud_network_config'] = [ diff --git a/build/network-environment.yaml b/build/network-environment.yaml index 3fd22e3d..1397a0c8 100644 --- a/build/network-environment.yaml +++ b/build/network-environment.yaml @@ -63,33 +63,53 @@ parameter_defaults: NeutronExternalNetworkBridge: 'br-ex' ServiceNetMap: + ApacheNetwork: internal_api NeutronTenantNetwork: tenant CeilometerApiNetwork: internal_api AodhApiNetwork: internal_api + PankoApiNetwork: internal_api + BarbicanApiNetwork: internal_api + GnocchiApiNetwork: internal_api OpendaylightApiNetwork: internal_api MongoDbNetwork: internal_api CinderApiNetwork: internal_api CinderIscsiNetwork: storage GlanceApiNetwork: internal_api GlanceRegistryNetwork: internal_api + IronicApiNetwork: ctlplane + IronicNetwork: ctlplane + IronicInspectorNetwork: ctlplane KeystoneAdminApiNetwork: ctlplane KeystonePublicApiNetwork: internal_api NeutronApiNetwork: internal_api HeatApiNetwork: internal_api + HeatApiCfnNetwork: internal_api + HeatApiCloudwatchNetwork: internal_api + ManilaApiNetwork: internal_api + MetricsQdrNetwork: internal_api NovaApiNetwork: internal_api NovaMetadataNetwork: internal_api + NovaPlacementNetwork: internal_api NovaVncProxyNetwork: internal_api + NovaLibvirtNetwork: internal_api + NovajoinNetwork: internal_api + OctaviaApiNetwork: internal_api SwiftMgmtNetwork: storage SwiftProxyNetwork: storage TackerApiNetwork: internal_api CongressApiNetwork: internal_api HorizonNetwork: internal_api + OsloMessagingRpcNetwork: internal_api + OsloMessagingNotifyNetwork: internal_api MemcachedNetwork: internal_api RabbitMqNetwork: internal_api RedisNetwork: internal_api MysqlNetwork: internal_api CephClusterNetwork: storage - CephPublicNetwork: storage + CephMonNetwork: storage + PublicNetwork: external + OvnDbsNetwork: internal_api + DockerRegistryNetwork: ctlplane # Define which network will be used for hostname resolution ControllerHostnameResolveNetwork: internal_api ComputeHostnameResolveNetwork: internal_api diff --git a/lib/ansible/playbooks/configure_undercloud.yml b/lib/ansible/playbooks/configure_undercloud.yml index 80f3e67e..493cd1a1 100644 --- a/lib/ansible/playbooks/configure_undercloud.yml +++ b/lib/ansible/playbooks/configure_undercloud.yml @@ -78,7 +78,7 @@ become: yes with_items: "{{ nova_config }}" - name: restart nova services - shell: "docker restart {{ item }}" + shell: "{{ container_client }} restart {{ item }}" with_items: - nova_conductor - nova_compute @@ -90,7 +90,7 @@ become: yes with_items: "{{ neutron_config }}" - name: restart neutron services - shell: "docker restart {{ item }}" + shell: "{{ container_client }} restart {{ item }}" with_items: - neutron_api - neutron_dhcp @@ -100,7 +100,7 @@ become: yes with_items: "{{ ironic_config }}" - name: restart ironic services - shell: "docker restart {{ item }}" + shell: "{{ container_client }} restart {{ item }}" with_items: - ironic_api - ironic_conductor diff --git a/lib/ansible/playbooks/deploy_overcloud.yml b/lib/ansible/playbooks/deploy_overcloud.yml index e2e84d18..44470da2 100644 --- a/lib/ansible/playbooks/deploy_overcloud.yml +++ b/lib/ansible/playbooks/deploy_overcloud.yml @@ -73,6 +73,16 @@ owner: root group: root become: yes + - name: Insert External network into Compute role + shell: | + ruby -e ' + require "yaml" + data = YAML.load(File.read("/usr/share/openstack-tripleo-heat-templates/roles_data.yaml")) + data[1]["networks"].push("External") + data[1]["default_route_networks"] = Array.new(["External"]) + File.open("/usr/share/openstack-tripleo-heat-templates/roles_data.yaml", "w") { |f| f.write(data.to_yaml) } + ' + become: yes - name: Upload glance images shell: "{{ stackrc }} && openstack overcloud image upload" become: yes @@ -92,11 +102,6 @@ - baremetal - control - compute - - name: Downgrade ceph - yum: - allow_downgrade: yes - name: ceph-ansible-3.1.6 - become: yes - name: Re-enable ceph config for aarch64 replace: path: "/usr/share/ceph-ansible/roles/ceph-client/tasks/create_users_keys.yml" @@ -106,6 +111,15 @@ when: aarch64 - name: Configure DNS server for ctlplane network shell: "{{ stackrc }} && openstack subnet set ctlplane-subnet {{ dns_server_args }}" + - name: Update NIC templates before deployment + shell: > + /usr/share/openstack-tripleo-heat-templates/tools/merge-new-params-nic-config-script.py + -n /home/stack/network_data.yaml -t /home/stack/nics/{{ item }}.yaml --discard-comments True + become: yes + become_user: stack + with_items: + - controller + - compute - block: - name: Execute Overcloud Deployment shell: "{{ stackrc }} && bash deploy_command" diff --git a/lib/ansible/playbooks/patch_containers.yml b/lib/ansible/playbooks/patch_containers.yml index bc4899ba..1ef05810 100644 --- a/lib/ansible/playbooks/patch_containers.yml +++ b/lib/ansible/playbooks/patch_containers.yml @@ -1,13 +1,13 @@ --- - name: "Pull docker image to ensure it exists locally: {{ item }}" - shell: docker pull {{ undercloud_ip }}:8787/tripleo{{ os_version }}/centos-binary-{{ item }}:current-tripleo + shell: "{{ container_client }} pull {{ undercloud_ip }}:8787/tripleo{{ os_version }}/centos-binary-{{ item }}:current-tripleo" - name: "Find docker image user {{ item }}" shell: > - docker inspect --format='{{ '{{' }}.ContainerConfig.User{{ '}}' }}' + {{ container_client }} inspect --format='{{ '{{' }}.ContainerConfig.User{{ '}}' }}' {{ undercloud_ip }}:8787/tripleo{{ os_version }}/centos-binary-{{ item }}:current-tripleo register: user_result - name: "Patch docker image {{ item }}" shell: > - cd /home/stack/containers/{{ item }} && docker build + cd /home/stack/containers/{{ item }} && {{ container_client }} build --build-arg REAL_USER={{ user_result.stdout }} -t {{ undercloud_ip }}:8787/tripleo{{ os_version }}/centos-binary-{{ item }}:apex . diff --git a/lib/ansible/playbooks/post_deploy_overcloud.yml b/lib/ansible/playbooks/post_deploy_overcloud.yml index f3dbfbd2..2b90ab1f 100644 --- a/lib/ansible/playbooks/post_deploy_overcloud.yml +++ b/lib/ansible/playbooks/post_deploy_overcloud.yml @@ -55,11 +55,11 @@ - openstack-nova-scheduler - openstack-nova-conductor - name: Restart Compute Nova Compute (workaround for NFS) - shell: "docker restart nova_compute" + shell: "{{ container_client }} restart nova_compute" become: yes when: "'compute' in ansible_hostname or all_in_one" - name: Update ODL container restart policy to always - shell: "docker update --restart=always opendaylight_api" + shell: "{{ container_client }} update --restart=always opendaylight_api" become: yes when: - sdn == 'opendaylight' @@ -88,7 +88,7 @@ - "'controller' in ansible_hostname" - sdn != 'ovn' - name: Restart metadata service - shell: "docker restart neutron_metadata_agent" + shell: "{{ container_client }} restart neutron_metadata_agent" become: yes when: - "'controller' in ansible_hostname" diff --git a/lib/ansible/playbooks/prepare_overcloud_containers.yml b/lib/ansible/playbooks/prepare_overcloud_containers.yml index db1bff89..ebf081dc 100644 --- a/lib/ansible/playbooks/prepare_overcloud_containers.yml +++ b/lib/ansible/playbooks/prepare_overcloud_containers.yml @@ -36,7 +36,7 @@ - patched_docker_services|length > 0 - item in (response.json)['repositories']|join(" ") - name: Push patched docker images to local registry - shell: docker push {{ undercloud_ip }}:8787/tripleo{{ os_version }}/centos-binary-{{ item }}:apex + shell: "{{ container_client }} push {{ undercloud_ip }}:8787/tripleo{{ os_version }}/centos-binary-{{ item }}:apex" when: - patched_docker_services|length > 0 - item in (response.json)['repositories']|join(" ") -- cgit 1.2.3-korg