From fe87c23ce3450ff8519e9c7d62cb879903519069 Mon Sep 17 00:00:00 2001 From: Tim Rozet Date: Sat, 15 Dec 2018 13:41:31 -0500 Subject: Attempting to fix NFS issues Issues still persist where sometimes instances fail to start due to a failure with os.utime to read the file path. This could be some bad race condition between qemu/nova while copying images on the NFS. This patch adds more ports to open in firewall, and changes initial directory owner to nfsnobody. Also, includes a patch to fix an apparent race condition when nova sends a remote call to the privsep helper daemon to modify the time of the base file owned by qemu: https://review.openstack.org/#/c/625741/ Includes another fix for patching container images where the docker image was not being detected correctly because the full gerrit project name including 'openstack/' prefix was being used to search tripleo docker images. Additionally, there were more bugs around patching openstack python containers where the patch was not being applied correctly. JIRA: APEX-654 Change-Id: I1d011035486298d5906038922e69d478c383c3f7 Signed-off-by: Tim Rozet (cherry picked from commit e1d286e89e04577bda2569a5909dfe8182d953ba) --- lib/ansible/playbooks/patch_containers.yml | 13 +++++++++++++ .../playbooks/prepare_overcloud_containers.yml | 20 ++++++++++++++------ 2 files changed, 27 insertions(+), 6 deletions(-) create mode 100644 lib/ansible/playbooks/patch_containers.yml (limited to 'lib/ansible/playbooks') diff --git a/lib/ansible/playbooks/patch_containers.yml b/lib/ansible/playbooks/patch_containers.yml new file mode 100644 index 00000000..f7b85137 --- /dev/null +++ b/lib/ansible/playbooks/patch_containers.yml @@ -0,0 +1,13 @@ +--- + - name: "Pull docker image to ensure it exists locally: {{ item }}" + shell: docker pull {{ undercloud_ip }}:8787/tripleo{{ os_version }}/centos-binary-{{ item }}:current-tripleo-rdo + - name: "Find docker image user {{ item }}" + shell: > + docker inspect --format='{{ '{{' }}.ContainerConfig.User{{ '}}' }}' + {{ undercloud_ip }}:8787/tripleo{{ os_version }}/centos-binary-{{ item }}:current-tripleo-rdo + register: user_result + - name: "Patch docker image {{ item }}" + shell: > + cd /home/stack/containers/{{ item }} && docker build + --build-arg REAL_USER={{ user_result.stdout }} + -t {{ undercloud_ip }}:8787/tripleo{{ os_version }}/centos-binary-{{ item }}:apex . diff --git a/lib/ansible/playbooks/prepare_overcloud_containers.yml b/lib/ansible/playbooks/prepare_overcloud_containers.yml index 54dbe098..45ca3011 100644 --- a/lib/ansible/playbooks/prepare_overcloud_containers.yml +++ b/lib/ansible/playbooks/prepare_overcloud_containers.yml @@ -42,6 +42,15 @@ become: yes become_user: stack when: sdn != false + - name: Touch sdn-images file when nosdn + copy: + content: "" + dest: /home/stack/sdn-images.yaml + force: no + group: stack + owner: stack + mode: 0644 + when: sdn == false - name: Update Ceph tag for aarch64 in container env file lineinfile: path: /home/stack/overcloud_containers.yml @@ -68,14 +77,13 @@ url: http://{{ undercloud_ip }}:8787/v2/_catalog body_format: json register: response - - name: Patch Docker images - shell: > - cd /home/stack/containers/{{ item }} && docker build - -t {{ undercloud_ip }}:8787/tripleo{{ os_version }}/centos-binary-{{ item }}:apex . + - include_tasks: patch_containers.yml + with_items: "{{ patched_docker_services }}" + loop_control: + loop_var: item when: - patched_docker_services|length > 0 - item in (response.json)['repositories']|join(" ") - with_items: "{{ patched_docker_services }}" - name: Push patched docker images to local registry shell: docker push {{ undercloud_ip }}:8787/tripleo{{ os_version }}/centos-binary-{{ item }}:apex when: @@ -89,4 +97,4 @@ replace: '\1:apex' with_nested: - [ '/home/stack/sdn-images.yaml', '/home/stack/docker-images.yaml'] - - "{{ patched_docker_services }}" \ No newline at end of file + - "{{ patched_docker_services }}" -- cgit 1.2.3-korg