Age | Commit message (Collapse) | Author | Files | Lines |
|
|
|
|
|
The SSH keys for the OPNFV host have been configured in the
configure-opnfvhost.yml playbook so we shouldn't do that in a playbook
that is only meant to configure the target hosts. As such, fix the group
to use 'k8s-cluster' instead.
Since the targethosts playbook does not apply to all hosts anymore, we
can simply drop the list of required packages and only install 'netaddr'
on the OPNFV host which is the host that needs it. Similarly, the dbus
package is only needed on the targethosts.
Change-Id: I293ad83a3a95797d9025f2cddd7849be7b3a49da
Signed-off-by: Markos Chandras <mchandras@suse.de>
|
|
Move default k8s-cluster.yml from kubespray/files/ to
role/k8-nosdn-nofeature/files/k8s-cluster.yml since it's scenario
specific. Moreover, we set 'cloud' as kube_network_plugin, which would
use kubnet as network plugin. The kubenet network plugin requires
routing between to be setup by the administrator so we need to add
static routes on every host since they are connected using a bridge
instead of a router.
installer-type:kubespray
deploy-scenario:k8-nosdn-nofeature
Change-Id: I6ab7288c966d7f17e9d61279056f7673be37bebe
Signed-off-by: wutianwei <wutianwei1@huawei.com>
Signed-off-by: Markos Chandras <mchandras@suse.de>
|
|
Fixes the following ansible-lint warning
[WARNING]: While constructing a mapping from /home/devuser/releng-
xci/xci/installer/osa/playbooks/configure-opnfvhost.yml, line 113,
column 7,
found a duplicate dict key (args). Using last defined value only.
We also remove the changed_when value since we now use 'args' to get
proper status report.
Change-Id: I382e3183b66e590462fbcb8663d53cade0e5d92c
Signed-off-by: Markos Chandras <mchandras@suse.de>
|
|
The upstream PR to include openSUSE support has been merged so we need
to bump the SHA to make it available in XCI.
Change-Id: Ida5bd05ce8b0c883b6d7582a495ca934ecc4b1f1
Signed-off-by: Markos Chandras <mchandras@suse.de>
|
|
add the k8-nosdn-noeature and k8-canal-nofeature roles under scenarios directory
run different roles to configure the k8s-cluster according to the deploy scenario
installer-type:kubespray
deploy-scenario:k8-canal-nofeature
Change-Id: Ia96b01f79fb058e045c5b7d9d9aecb7f15a21e63
Signed-off-by: wutianwei <wutianwei1@huawei.com>
|
|
This change updates prepare-functest role for testing k8s scenarios
using functest healthcheck. The changes include
- update tasks to skip checking/creation of public gateway which
is needed for OpenStack based scenarios
- update run-functest.sh.j2 template and set the used docker image
name based on FUNCTEST_SUITE_NAME that is going to be used
- update run-functest.sh.j2 template and add commands needed to run
tests using functest-kubernetes-${FUNCTEST_SUITE_NAME} docker image
- update env.j2 to exclude setting the var EXTERNAL_NETWORK which is needed
for OpenStack based scenarios
Apart from updating the the prepare-functest role, a bug has also been fixed
by adding the fetching of xci.env for installer kubespray.
installer-type:kubespray
deploy-scenario:k8-nosdn-nofeature
Change-Id: Ia701db9748ea9509a2dc165341285fb189aa7266
Signed-off-by: Fatih Degirmenci <fdegir@gmail.com>
|
|
sfc scenario fails when running the functest snaps-healthcheck.
The reason is a race condition found in ODL Nitrogen.
This race condition is gone in ODL Oxygen. We need latest ODL role
to include the ODL Oxygen version
Depends-On: I59802f467a77ae755886e4cc389c2406e9d17d4c
deploy-scenario:os-odl-sfc
installer-type:osa
Change-Id: I6d575370834eabb1b6a0532f74e1b2fc733e500c
Signed-off-by: Manuel Buil <mbuil@suse.com>
|
|
|
|
|
|
|
|
The conditional was wrong since it was being treated as a string
instead of actually evaluating it as a boolean value.
Change-Id: I59802f467a77ae755886e4cc389c2406e9d17d4c
Signed-off-by: Markos Chandras <mchandras@suse.de>
|
|
In the OpenStack-Ansible installers we are using the XCI ssl
certificates for the endpoints but in kubespray we are generating them
on the fly. In order to keep both setups as close as possible, we can
use the XCI certificates in kubespray as well.
Change-Id: I1ca55127fe747618205394c02b3d44bb573435f4
Signed-off-by: Markos Chandras <mchandras@suse.de>
|
|
The tasks for creating and managing the XCI SSL certificates
can be shared between installers so move them to a common file.
Change-Id: I9df82517e737681420429a992aa8d68e78528fd4
Signed-off-by: Markos Chandras <mchandras@suse.de>
|
|
Drop the kubespray specific tasks for managing the SSH keys in favor of
the common ones.
Change-Id: Ib8e18fcc14c4c0126cae72740dbb33921a21af6b
Signed-off-by: Markos Chandras <mchandras@suse.de>
|
|
|
|
|
|
(this commit fixes many things because they all need to be submitted
together to unblock the jobs)
Commit 9e1d3d6e62abf5d0da26a296bcd235f37a54d9c6 ("xci: playbooks: Fixes
various ansible-lint warnings") broke public key authentication from
localhost to the OPNFV host because the localhost pubkey was not
appended in the authorized_keys file. The reason for that was that the
task was skipped due to the 'creates' parameter. This is now fixed, by
dropping the check since we always need to append the localhost pubkey.
This is only a temporary solution until we modify kubespray to use the
common file for managing the SSH keys.
This also makes the final 'kubectl' move to /usr/local/bin non-fatal
since future kubespray releases put it there already.
The same commit also broke the k8s-cluster.yml overrides. This is
because the file was never copied across due to the task conditional
being wrong. As such, we fix the conditional to check for the correct
file.
Change-Id: I9cfb29eba50c7fea9df29581ebb015163b8a9754
Signed-off-by: Markos Chandras <mchandras@suse.de>
|
|
The bootstrap script from the OpenStack-Ansible repository creates
several things in /opt/ansible-runtime and /usr/local/bin so we can
check if the final 'openstack-ansible' symlink exists in order to
report a proper status for that task and even skip if everything
is prepared already.
Change-Id: I4ca3a733746f8d757aa1156b533e4b4de90188e6
Signed-off-by: Markos Chandras <mchandras@suse.de>
|
|
Ansible already provides modules to create ssl certificates so we can
use these instead of running the openssl commands directly. Moreover, we
can drop all the tasks which create the ssl directories since there are
being created by the openssl package which also creates the appropriate
symlinks. Finally, there is no need to generate the certificate on
localhost if only the OPNFV host consumes it, so move these steps to
the appropriate playbook.
Change-Id: I0045945c502013be3d76440876e894a44a092690
Signed-off-by: Markos Chandras <mchandras@suse.de>
|
|
The tasks that manage the SSH keys are common across hosts and
also common across different installers. As such, lets move them
to a new file so we can share them more easily.
Change-Id: If235877394f224a47a2f2b8de748a2330eabcec1
Signed-off-by: Markos Chandras <mchandras@suse.de>
|
|
* changes:
xci: bootstrap-host: Make active network interface consistent
xci: osa: Simplify tasks for copying OSA configuration files
xci: Use proper Ansible modules to manage SSH keys
|
|
This change brings the fix for
- cinder haproxy check for ha deployments
- pip related fixes
- fixes for lxc_hosts
Change-Id: I4af64041a4a76c10361456f73577e7c7040edf8a
Signed-off-by: Fatih Degirmenci <fdegir@gmail.com>
|
|
We can use a loop to copy all these files instead of multiple tasks.
This simplifies the playbook quite a bit.
Change-Id: I5f0d387ac090d81fc577b5ebeaeb6131e75cffa1
Signed-off-by: Markos Chandras <mchandras@suse.de>
|
|
We can use the 'user', 'slurp' and 'authorized_key' modules
to manage the various SSH configurations across the hosts instead
of using command line tools.
Change-Id: I2dde4d584fc336e267868607d5a58f5ee2c1feed
Signed-off-by: Markos Chandras <mchandras@suse.de>
|
|
In preparation for adding support for the 'ansible-lint' tool we fix
various problems in our playbooks to make the tool happy before we make
it mandatory.
Some of the problems that are fixed here are
- [ANSIBLE0011] All tasks should be named
- [ANSIBLE0012] Commands should not change things if nothing needs doing
- [ANSIBLE0013] Use shell only when shell functionality is required
- [ANSIBLE0010] Package installs should not use latest
installer-type:osa
deploy-scenario:os-nosdn-nofeature
Change-Id: I66c759d3932a414b81b2846393d2d98ce80c0b6d
Signed-off-by: Markos Chandras <mchandras@suse.de>
|
|
|
|
|
|
|
|
|
|
The OSA deployment is driven by the OPNFV host so we need to install
and configure the ARA plugin there as well.
Change-Id: Ib583f5771a8c2da7531f0a42612d7c0b34fb4898
Signed-off-by: Markos Chandras <mchandras@suse.de>
|
|
Move bootstrap-scenarios.yml from installer/osa/playbooks/bootstrap-scenarios.yml
to playbooks/bootstrap-scenarios.yml as a common playbook.
So we can use this file to bootstarap k8s-* scenarios, instead of creating a new
file under installer/kubespray/playbooks/bootstrap-scenarios.yml
Change-Id: Ic31ee00e1a0863f48fb86298d7c00fa8420fa28a
Signed-off-by: wutianwei <wutianwei1@huawei.com>
|
|
This change brings the SHAs needed for os-odl-bgpvpn scenario
and will be tested using os-odl-nofeature scenario.
installer-type:osa
deploy-scenario:os-odl-nofeature
Change-Id: I3ab8be557d78710f47c8a2e558078e13eb70553c
Signed-off-by: Fatih Degirmenci <fdegir@gmail.com>
|
|
Change-Id: Iae3f642bea54feae4c033b61e8ea4cfe759848ec
Signed-off-by: Fatih Degirmenci <fdegir@gmail.com>
|
|
Using package_state:present should give our jobs better chance
to finish on time and perhaps improve the overall deployment times
even.
Change-Id: Ifa4e01318fe364a91c32f5326024d34c364e25c8
Signed-off-by: Fatih Degirmenci <fdegir@gmail.com>
|
|
Add experimental support for openSUSE until the upstream PR
is accepted
installer-type:kubespray
deploy-scenario:k8-nosdn-nofeature
Change-Id: Icd3698d882d249a18be77560ba0ba52159893816
Link: https://github.com/kubernetes-incubator/kubespray/pull/2380
Signed-off-by: Markos Chandras <mchandras@suse.de>
|
|
This change removes the variables that are not used in any of the
playbooks/roles from opnfv ansible vars.
Apart from that, all caps ansible vars replaced with lowercase ones
and impacted playbooks/roles are updated.
installer-type:osa
deploy-scenario:os-nosdn-nofeature
Change-Id: I99ebdc155b3903176ac5940b64cef0c0f3aa0f0d
Signed-off-by: Fatih Degirmenci <fdegir@gmail.com>
|
|
In some cases the XCI development environment can be located behind a
corporate proxy resulting in a additional layer to consider to
configure. These changes pretend to include proxy support for all
linux distros in all the posible flavors.
Change-Id: Iab469268809ac471d09e244bb3ccd83de1a41b88
Signed-off-by: Victor Morales <victor.morales@intel.com>
|
|
1. Add the type: NodePort in dashboard service. the default is ClustIP,
which cannot access from outside.
2. Print the url ,user, password for user to access dashboard.
3. configure the kubectl CLI in opnfv host.
Change-Id: I6cb6e6f7547412139ece0c40a85de67a9edce0ef
Signed-off-by: wutianwei <wutianwei1@huawei.com>
|
|
|
|
|
|
The configure-targethost playbook is configuring all the OSA hosts so
we can simplify all that by introducing a new 'openstack' host group
with the controller and the compute nodes and configure all of them
in parallel.
Change-Id: I21f8709e7649b041575dab45fc4e070aa01e0a6f
Signed-off-by: Markos Chandras <mchandras@suse.de>
|
|
There is no reference on the actual upstream problem so lets assume
this is fixed and drop the workaround we had locally.
Change-Id: I3f71ea2e6fdc67e342f014e572f74760a78d3816
Signed-off-by: Markos Chandras <mchandras@suse.de>
|
|
The XCI hosts may need some of the XCI env variables to perform
certain tasks so dump the XCI environment to /root/xci.env file and
make that available to every host on the deployment.
Change-Id: I286a01ca7da8ff206438c261798167f5e4daf7f2
Signed-off-by: Markos Chandras <mchandras@suse.de>
|
|
|
|
|
|
|
|
Pipefail should be sufficient to determine the failure so this
change gets rid of grepping the logs for failure and unreachable
to leave the evaluation to bash itself.
Change-Id: I0fcd6016ddc19eb11b3eb2402347032a11c5a32a
Signed-off-by: Fatih Degirmenci <fdegir@gmail.com>
|
|
|