From e1d286e89e04577bda2569a5909dfe8182d953ba Mon Sep 17 00:00:00 2001 From: Tim Rozet Date: Sat, 15 Dec 2018 13:41:31 -0500 Subject: Attempting to fix NFS issues Issues still persist where sometimes instances fail to start due to a failure with os.utime to read the file path. This could be some bad race condition between qemu/nova while copying images on the NFS. This patch adds more ports to open in firewall, and changes initial directory owner to nfsnobody. Also, includes a patch to fix an apparent race condition when nova sends a remote call to the privsep helper daemon to modify the time of the base file owned by qemu: https://review.openstack.org/#/c/625741/ Includes another fix for patching container images where the docker image was not being detected correctly because the full gerrit project name including 'openstack/' prefix was being used to search tripleo docker images. Additionally, there were more bugs around patching openstack python containers where the patch was not being applied correctly. JIRA: APEX-654 Change-Id: I1d011035486298d5906038922e69d478c383c3f7 Signed-off-by: Tim Rozet --- lib/ansible/playbooks/patch_containers.yml | 13 +++++++++++++ lib/ansible/playbooks/prepare_overcloud_containers.yml | 11 +++++------ 2 files changed, 18 insertions(+), 6 deletions(-) create mode 100644 lib/ansible/playbooks/patch_containers.yml (limited to 'lib/ansible/playbooks') diff --git a/lib/ansible/playbooks/patch_containers.yml b/lib/ansible/playbooks/patch_containers.yml new file mode 100644 index 00000000..bc4899ba --- /dev/null +++ b/lib/ansible/playbooks/patch_containers.yml @@ -0,0 +1,13 @@ +--- + - name: "Pull docker image to ensure it exists locally: {{ item }}" + shell: docker pull {{ undercloud_ip }}:8787/tripleo{{ os_version }}/centos-binary-{{ item }}:current-tripleo + - name: "Find docker image user {{ item }}" + shell: > + docker inspect --format='{{ '{{' }}.ContainerConfig.User{{ '}}' }}' + {{ undercloud_ip }}:8787/tripleo{{ os_version }}/centos-binary-{{ item }}:current-tripleo + register: user_result + - name: "Patch docker image {{ item }}" + shell: > + cd /home/stack/containers/{{ item }} && docker build + --build-arg REAL_USER={{ user_result.stdout }} + -t {{ undercloud_ip }}:8787/tripleo{{ os_version }}/centos-binary-{{ item }}:apex . diff --git a/lib/ansible/playbooks/prepare_overcloud_containers.yml b/lib/ansible/playbooks/prepare_overcloud_containers.yml index e2a4e134..db1bff89 100644 --- a/lib/ansible/playbooks/prepare_overcloud_containers.yml +++ b/lib/ansible/playbooks/prepare_overcloud_containers.yml @@ -28,14 +28,13 @@ url: http://{{ undercloud_ip }}:8787/v2/_catalog body_format: json register: response - - name: Patch Docker images - shell: > - cd /home/stack/containers/{{ item }} && docker build - -t {{ undercloud_ip }}:8787/tripleo{{ os_version }}/centos-binary-{{ item }}:apex . + - include_tasks: patch_containers.yml + with_items: "{{ patched_docker_services }}" + loop_control: + loop_var: item when: - patched_docker_services|length > 0 - item in (response.json)['repositories']|join(" ") - with_items: "{{ patched_docker_services }}" - name: Push patched docker images to local registry shell: docker push {{ undercloud_ip }}:8787/tripleo{{ os_version }}/centos-binary-{{ item }}:apex when: @@ -45,7 +44,7 @@ - name: Modify Images with Apex tag replace: path: "/home/stack/docker-images.yaml" - regexp: "(\\s*Docker.*?:.*?centos-binary-{{ item[1] }}):.*" + regexp: "(\\s*Docker.*?:.*?centos-binary-{{ item }}):.*" replace: '\1:apex' with_items: "{{ patched_docker_services }}" become: yes -- cgit 1.2.3-korg