From bee62ca1e54294e264ae9d91c69b9cda9df317a5 Mon Sep 17 00:00:00 2001 From: Brendan Shephard Date: Mon, 25 Nov 2024 09:51:16 +1000 Subject: [PATCH 01/15] Skip package install when using bootc Signed-off-by: Brendan Shephard dnf yum-utils Signed-off-by: Brendan Shephard nvme-package Signed-off-by: Brendan Shephard Don't install packages - bootc Signed-off-by: Brendan Shephard Skip os-net-config package install Signed-off-by: Brendan Shephard --- roles/edpm_bootstrap/tasks/bootstrap.yml | 54 +++++++++++++++++++ roles/edpm_bootstrap/tasks/packages.yml | 1 + roles/edpm_kernel/defaults/main.yml | 1 + roles/edpm_kernel/tasks/main.yml | 4 +- roles/edpm_libvirt/defaults/main.yml | 1 + roles/edpm_libvirt/tasks/install.yml | 1 + roles/edpm_logrotate_crond/defaults/main.yml | 1 + roles/edpm_logrotate_crond/tasks/install.yml | 2 + roles/edpm_network_config/defaults/main.yml | 1 + roles/edpm_network_config/tasks/main.yml | 8 ++- .../tasks/network_config.yml | 1 + roles/edpm_nvmeof/tasks/install.yml | 1 + roles/edpm_ovs/defaults/main.yml | 1 + roles/edpm_ovs/tasks/download_cache.yml | 1 + roles/edpm_ovs/tasks/install.yml | 1 + roles/edpm_podman/defaults/main.yml | 1 + roles/edpm_podman/tasks/install.yml | 1 + roles/edpm_reboot/tasks/main.yaml | 1 + roles/edpm_sshd/tasks/install.yml | 2 + 19 files changed, 81 insertions(+), 3 deletions(-) diff --git a/roles/edpm_bootstrap/tasks/bootstrap.yml b/roles/edpm_bootstrap/tasks/bootstrap.yml index 8a32403c1..3ba31319c 100644 --- a/roles/edpm_bootstrap/tasks/bootstrap.yml +++ b/roles/edpm_bootstrap/tasks/bootstrap.yml @@ -35,3 +35,57 @@ - name: Import FIPS tasks ansible.builtin.import_tasks: fips.yml when: edpm_bootstrap_fips_mode != 'check' + +- name: Execute bootstrap command + ansible.builtin.import_tasks: bootstrap_command.yml + +- name: Import packages tasks + ansible.builtin.import_tasks: packages.yml + when: not ansible_local.bootc + +- name: Set selinux state + ansible.posix.selinux: + policy: targeted + state: "{{ edpm_bootstrap_selinux_mode }}" + become: true + +- name: Stop NetworkManager from updating resolv.conf + when: ( edpm_bootstrap_network_service == 'NetworkManager' ) and ( not edpm_bootstrap_network_resolvconf_update ) + become: true + block: + - name: Set 'dns=none' in /etc/NetworkManager/NetworkManager.conf + community.general.ini_file: + path: /etc/NetworkManager/NetworkManager.conf + state: present + no_extra_spaces: true + section: main + option: dns + value: none + backup: true + mode: '0644' + - name: Set 'rc-manager=unmanaged' in /etc/NetworkManager/NetworkManager.conf + community.general.ini_file: + path: /etc/NetworkManager/NetworkManager.conf + state: present + no_extra_spaces: true + section: main + option: rc-manager + value: unmanaged + backup: true + mode: '0644' + - name: Reload NetworkManager + ansible.builtin.systemd: + name: NetworkManager + state: reloaded + +- name: Stop dhclient from updating resolv.conf + become: true + ansible.builtin.copy: + dest: /etc/dhcp/dhclient-enter-hooks + mode: "0755" + content: | + #!/bin/sh + make_resolv_conf() { : ; } + +- name: Configure swap + ansible.builtin.import_tasks: swap.yml diff --git a/roles/edpm_bootstrap/tasks/packages.yml b/roles/edpm_bootstrap/tasks/packages.yml index 836659c82..e89f8ccdb 100644 --- a/roles/edpm_bootstrap/tasks/packages.yml +++ b/roles/edpm_bootstrap/tasks/packages.yml @@ -65,6 +65,7 @@ - name: Install and enable network service when: - (edpm_bootstrap_legacy_network_packages | length) > 0 + - not ansible_local.bootc become: true block: - name: Deploy network-scripts required for deprecated network service diff --git a/roles/edpm_kernel/defaults/main.yml b/roles/edpm_kernel/defaults/main.yml index 5fe8791b3..b100a8cc4 100644 --- a/roles/edpm_kernel/defaults/main.yml +++ b/roles/edpm_kernel/defaults/main.yml @@ -36,3 +36,4 @@ edpm_nova_compute_config_dir: /var/lib/config-data/ansible-generated/nova_libvir # KSM control edpm_kernel_enable_ksm: false +edpm_use_bootc: false diff --git a/roles/edpm_kernel/tasks/main.yml b/roles/edpm_kernel/tasks/main.yml index 8a70e7ef0..05179ab88 100644 --- a/roles/edpm_kernel/tasks/main.yml +++ b/roles/edpm_kernel/tasks/main.yml @@ -25,7 +25,9 @@ name: "{{ edpm_kernel_extra_packages }}" state: present register: _install_packages_result - when: edpm_kernel_extra_packages | length > 0 + when: + - edpm_kernel_extra_packages | length > 0 + - not edpm_use_bootc until: _install_packages_result is succeeded retries: "{{ edpm_kernel_download_retries }}" delay: "{{ edpm_kernel_download_delay }}" diff --git a/roles/edpm_libvirt/defaults/main.yml b/roles/edpm_libvirt/defaults/main.yml index 90c75966d..4ba010d6e 100644 --- a/roles/edpm_libvirt/defaults/main.yml +++ b/roles/edpm_libvirt/defaults/main.yml @@ -72,3 +72,4 @@ edpm_libvirt_password_path: /var/lib/openstack/configs/{{ edpm_libvirt_service_n # certs edpm_libvirt_tls_certs_enabled: "{{ edpm_tls_certs_enabled | default(False) }}" edpm_libvirt_tls_cert_src_dir: /var/lib/openstack/certs/{{ edpm_libvirt_service_name }}/default +edpm_use_bootc: false diff --git a/roles/edpm_libvirt/tasks/install.yml b/roles/edpm_libvirt/tasks/install.yml index 799ef6e57..d168de985 100644 --- a/roles/edpm_libvirt/tasks/install.yml +++ b/roles/edpm_libvirt/tasks/install.yml @@ -13,6 +13,7 @@ delay: "{{ edpm_libvirt_download_delay }}" notify: - Restart libvirt + when: not edpm_use_bootc - name: Ensure monolithic libvirt and tcp socket activation is not enabled or running tags: diff --git a/roles/edpm_logrotate_crond/defaults/main.yml b/roles/edpm_logrotate_crond/defaults/main.yml index c055a4922..8d599d109 100644 --- a/roles/edpm_logrotate_crond/defaults/main.yml +++ b/roles/edpm_logrotate_crond/defaults/main.yml @@ -66,3 +66,4 @@ edpm_logrotate_crond_dateformat: null edpm_logrotate_crond_dateyesterday: null # If container health check should be enabled edpm_logrotate_crond_healthcheck: true +edpm_use_bootc: false diff --git a/roles/edpm_logrotate_crond/tasks/install.yml b/roles/edpm_logrotate_crond/tasks/install.yml index 1990cc994..acd56e2d4 100644 --- a/roles/edpm_logrotate_crond/tasks/install.yml +++ b/roles/edpm_logrotate_crond/tasks/install.yml @@ -23,6 +23,8 @@ until: edpm_logrotate_crond_cronie_package_download is succeeded retries: "{{ edpm_logrotate_crond_download_retries }}" delay: "{{ edpm_logrotate_crond_download_delay }}" + when: + - not edpm_use_bootc - name: Gather SELinux fact if needed when: diff --git a/roles/edpm_network_config/defaults/main.yml b/roles/edpm_network_config/defaults/main.yml index d5266db7b..0ef798bdd 100644 --- a/roles/edpm_network_config/defaults/main.yml +++ b/roles/edpm_network_config/defaults/main.yml @@ -51,3 +51,4 @@ edpm_network_config_safe_defaults: true edpm_network_config_template: "" edpm_bond_interface_ovs_options: "bond_mode=active-backup" edpm_dns_search_domains: [] +edpm_use_bootc: false diff --git a/roles/edpm_network_config/tasks/main.yml b/roles/edpm_network_config/tasks/main.yml index afed98124..6532cfa23 100644 --- a/roles/edpm_network_config/tasks/main.yml +++ b/roles/edpm_network_config/tasks/main.yml @@ -15,7 +15,8 @@ # under the License. - name: Configure network with network role from system roles [nmstate] - when: edpm_network_config_tool == 'nmstate' + when: + - edpm_network_config_tool == 'nmstate' become: true block: - name: Install OVS NetworkManager plugin [nmstate] @@ -26,11 +27,14 @@ until: nm_ovs_status is succeeded retries: "{{ edpm_network_config_download_retries }}" delay: "{{ edpm_network_config_download_delay }}" + when: not ansible_local.bootc - name: Restart NetworkManager after plugin installation [nmstate] ansible.builtin.systemd: name: NetworkManager state: restarted - when: nm_ovs_status.changed # noqa: no-handler + when: + - nm_ovs_status.changed # noqa: no-handler + - not ansible_local.bootc - name: Render network_state variable ansible.builtin.set_fact: network_state: "{{ edpm_network_config_template | from_yaml }}" diff --git a/roles/edpm_network_config/tasks/network_config.yml b/roles/edpm_network_config/tasks/network_config.yml index db8913d7a..25a7e78b5 100644 --- a/roles/edpm_network_config/tasks/network_config.yml +++ b/roles/edpm_network_config/tasks/network_config.yml @@ -47,6 +47,7 @@ until: edpm_network_config_onc_download is succeeded retries: "{{ edpm_network_config_download_retries }}" delay: "{{ edpm_network_config_download_delay }}" + when: not edpm_use_bootc - name: Ensure /var/lib/edpm-config directory exists become: true diff --git a/roles/edpm_nvmeof/tasks/install.yml b/roles/edpm_nvmeof/tasks/install.yml index 5f0b5be98..544df7be8 100644 --- a/roles/edpm_nvmeof/tasks/install.yml +++ b/roles/edpm_nvmeof/tasks/install.yml @@ -29,3 +29,4 @@ ansible.builtin.package: name: nvme-cli state: present + when: not edpm_use_bootc diff --git a/roles/edpm_ovs/defaults/main.yml b/roles/edpm_ovs/defaults/main.yml index 2d03e647f..4cd2231bf 100644 --- a/roles/edpm_ovs/defaults/main.yml +++ b/roles/edpm_ovs/defaults/main.yml @@ -37,3 +37,4 @@ edpm_ovs_packages: - openvswitch # whether to reload the openvswitch service after an update is complete edpm_ovs_reload_after_update: false +edpm_use_bootc: false diff --git a/roles/edpm_ovs/tasks/download_cache.yml b/roles/edpm_ovs/tasks/download_cache.yml index 000491b7b..a7da2fd71 100644 --- a/roles/edpm_ovs/tasks/download_cache.yml +++ b/roles/edpm_ovs/tasks/download_cache.yml @@ -9,3 +9,4 @@ until: _install_packages_result is succeeded retries: "{{ edpm_ovs_download_retries }}" delay: "{{ edpm_ovs_download_delay }}" + when: not edpm_use_bootc diff --git a/roles/edpm_ovs/tasks/install.yml b/roles/edpm_ovs/tasks/install.yml index 590e294d7..9ff08dd89 100644 --- a/roles/edpm_ovs/tasks/install.yml +++ b/roles/edpm_ovs/tasks/install.yml @@ -11,6 +11,7 @@ until: edpm_ovs_package_install is succeeded retries: "{{ edpm_ovs_download_retries }}" delay: "{{ edpm_ovs_download_delay }}" + when: not edpm_use_bootc - name: Ensure ovs services are enabled and running tags: diff --git a/roles/edpm_podman/defaults/main.yml b/roles/edpm_podman/defaults/main.yml index 20b4ac60a..a85079a3f 100644 --- a/roles/edpm_podman/defaults/main.yml +++ b/roles/edpm_podman/defaults/main.yml @@ -103,3 +103,4 @@ edpm_podman_auth_file: ~/.config/containers/auth.json edpm_podman_registries_conf: "" edpm_podman_disconnected_ocp: false +edpm_use_bootc: false diff --git a/roles/edpm_podman/tasks/install.yml b/roles/edpm_podman/tasks/install.yml index f86546df5..35d920154 100644 --- a/roles/edpm_podman/tasks/install.yml +++ b/roles/edpm_podman/tasks/install.yml @@ -25,6 +25,7 @@ until: edpm_podman_package_download is succeeded retries: "{{ edpm_podman_download_retries }}" delay: "{{ edpm_podman_download_delay }}" + when: not edpm_use_bootc - name: Ensure we get the ansible interfaces facts when: diff --git a/roles/edpm_reboot/tasks/main.yaml b/roles/edpm_reboot/tasks/main.yaml index b46d07ee1..ba22c8ee1 100644 --- a/roles/edpm_reboot/tasks/main.yaml +++ b/roles/edpm_reboot/tasks/main.yaml @@ -18,6 +18,7 @@ become: true ansible.builtin.dnf: name: yum-utils + when: not edpm_use_bootc - name: Check if reboot is required with needs-restarting ansible.builtin.command: needs-restarting -r diff --git a/roles/edpm_sshd/tasks/install.yml b/roles/edpm_sshd/tasks/install.yml index b7ad8be07..fdcf98411 100644 --- a/roles/edpm_sshd/tasks/install.yml +++ b/roles/edpm_sshd/tasks/install.yml @@ -26,6 +26,8 @@ until: _sshd_install_result is succeeded retries: "{{ edpm_sshd_download_retries }}" delay: "{{ edpm_sshd_download_delay }}" + when: + - not edpm_use_bootc # NOTE(mwhahaha): we need this here because in order to validate our generated # config, we need to ensure the host keys exist From 0ad4c882cef3ce1db371773c898777a8bfc8b06e Mon Sep 17 00:00:00 2001 From: Brendan Shephard Date: Tue, 26 Nov 2024 17:40:51 +1000 Subject: [PATCH 02/15] edpm_container_manage support bootc This change writes systemd files to etc instead of /usr/share along with adding support for Python libraries baked into the bootc image. Signed-off-by: Brendan Shephard --- .../edpm_container_manage/tasks/shutdown.yml | 24 ++++++++++++------- 1 file changed, 16 insertions(+), 8 deletions(-) diff --git a/roles/edpm_container_manage/tasks/shutdown.yml b/roles/edpm_container_manage/tasks/shutdown.yml index 6d840b3fc..2c0153b4c 100644 --- a/roles/edpm_container_manage/tasks/shutdown.yml +++ b/roles/edpm_container_manage/tasks/shutdown.yml @@ -27,17 +27,25 @@ loop: - 'edpm-container-shutdown' - 'edpm-start-podman-container' - - name: "Create /usr/lib/systemd/system/edpm-container-shutdown.service" + when: not edpm_use_bootc + + - name: "Create systemd preset dir" + ansible.builtin.file: + state: "directory" + path: "/etc/systemd/system-preset" + mode: 0644 + + - name: "Create /etc/systemd/system/edpm-container-shutdown.service" ansible.builtin.copy: src: "{{ role_path }}/files/edpm-container-shutdown-service" - dest: "/usr/lib/systemd/system/edpm-container-shutdown.service" + dest: "/etc/systemd/system/edpm-container-shutdown.service" mode: '0644' owner: root group: root - - name: "Create /usr/lib/systemd/system-preset/91-edpm-container-shutdown.preset" + - name: "Create /etc/systemd/system-preset/91-edpm-container-shutdown.preset" ansible.builtin.copy: src: "{{ role_path }}/files/91-edpm-container-shutdown-preset" - dest: "/usr/lib/systemd/system-preset/91-edpm-container-shutdown.preset" + dest: "/etc/systemd/system-preset/91-edpm-container-shutdown.preset" mode: '0644' owner: root group: root @@ -47,17 +55,17 @@ state: started enabled: true daemon_reload: true - - name: "Create /usr/lib/systemd/system/netns-placeholder.service" + - name: "Create /etc/systemd/system/netns-placeholder.service" ansible.builtin.copy: src: "{{ role_path }}/files/netns-placeholder-service" - dest: "/usr/lib/systemd/system/netns-placeholder.service" + dest: "/etc/systemd/system/netns-placeholder.service" mode: '0644' owner: root group: root - - name: "Create /usr/lib/systemd/system-preset/91-netns-placeholder.preset" + - name: "Create /etc/systemd/system-preset/91-netns-placeholder.preset" ansible.builtin.copy: src: "{{ role_path }}/files/91-netns-placeholder-preset" - dest: "/usr/lib/systemd/system-preset/91-netns-placeholder.preset" + dest: "/etc/systemd/system-preset/91-netns-placeholder.preset" mode: '0644' owner: root group: root From 8f703fe6dccbee8716adca01f5c9b84f67c643b8 Mon Sep 17 00:00:00 2001 From: Brendan Shephard Date: Wed, 27 Nov 2024 10:39:11 +1000 Subject: [PATCH 03/15] Move containers-tmpwatch to /var/lib/openstack This change moves the script we're using for the logs cronjob into the /var/lib/openstack/cron directory. This facilitates the bootc immutable filesystem where we can't write to /usr, while also consolidating scripts relevant to our deployment in a common place. Signed-off-by: Brendan Shephard --- roles/edpm_logrotate_crond/tasks/configure.yml | 18 +++++++++++++++++- 1 file changed, 17 insertions(+), 1 deletion(-) diff --git a/roles/edpm_logrotate_crond/tasks/configure.yml b/roles/edpm_logrotate_crond/tasks/configure.yml index a7b45af01..120346112 100644 --- a/roles/edpm_logrotate_crond/tasks/configure.yml +++ b/roles/edpm_logrotate_crond/tasks/configure.yml @@ -17,9 +17,25 @@ - name: Configure tmpwatch on the host become: true block: + - name: Create /var/lib/openstack + ansible.builtin.file: + path: "/var/lib/openstack" + mode: 0755 + state: directory + owner: "{{ ansible_user }}" + group: "{{ ansible_user }}" + setype: "container_file_t" + + - name: Create /var/lib/openstack/cron + ansible.builtin.file: + path: "/var/lib/openstack/cron" + mode: 0644 + state: directory + setype: "container_file_t" + - name: Push script ansible.builtin.copy: - dest: /usr/local/sbin/containers-tmpwatch + dest: /var/lib/openstack/cron/containers-tmpwatch owner: root group: root mode: "0755" From f77e8eb6e98c965654a3be67975ff4286c975ce2 Mon Sep 17 00:00:00 2001 From: Brendan Shephard Date: Mon, 9 Dec 2024 15:23:35 +1000 Subject: [PATCH 04/15] Change name of services for bootc Signed-off-by: Brendan Shephard --- roles/edpm_iscsid/tasks/run.yml | 31 ++++++++++++++++++++++- roles/edpm_multipathd/tasks/install.yml | 2 +- roles/edpm_multipathd/tasks/run.yml | 19 +++++++++++++- roles/edpm_neutron_metadata/tasks/run.yml | 17 +++++++++++++ roles/edpm_ovn/tasks/run.yml | 18 +++++++++++++ 5 files changed, 84 insertions(+), 3 deletions(-) diff --git a/roles/edpm_iscsid/tasks/run.yml b/roles/edpm_iscsid/tasks/run.yml index 4ad60cbe1..140403aa6 100644 --- a/roles/edpm_iscsid/tasks/run.yml +++ b/roles/edpm_iscsid/tasks/run.yml @@ -25,7 +25,7 @@ - name: Manage iscsid containers ansible.builtin.include_role: - name: edpm_container_standalone + name: edpm_container_standalone vars: edpm_container_standalone_service: iscsid edpm_container_standalone_container_defs: @@ -33,6 +33,24 @@ edpm_container_standalone_kolla_config_files: iscsid: "{{ lookup('file', 'files/iscsid.yaml') | from_yaml }}" register: manage_iscsid_stat + when: not ansible_local.bootc + +- name: Configure iscsid for bootc + when: ansible_local.bootc + become: true + block: + - name: Render kolla config file + ansible.builtin.template: + src: templates/iscsid.yaml.j2 + dest: /var/lib/kolla/config_files/iscsid.json + mode: 0644 + + - name: Manage iscsid crond containers + ansible.builtin.systemd_service: + name: edpm-compute@iscsid + enabled: true + state: started + register: manage_iscsid_stat - name: Check if the iscsid container restart is required ansible.builtin.stat: @@ -49,12 +67,23 @@ - name: Restart iscsid container to refresh /etcd/iscsid.conf become: true when: + - not ansible_local.bootc - not manage_iscsid_stat.changed|bool - iscsi_restart_stat.stat.exists|bool ansible.builtin.systemd: name: edpm_iscsid state: restarted +- name: Restart iscsid container to refresh /etcd/iscsid.conf + become: true + when: + - ansible_local.bootc + - not manage_iscsid_stat.changed|bool + - iscsi_restart_stat.stat.exists|bool + ansible.builtin.systemd: + name: edpm-compute@iscsid + state: restarted + - name: Remove iscsid container restart sentinel file become: true ansible.builtin.file: diff --git a/roles/edpm_multipathd/tasks/install.yml b/roles/edpm_multipathd/tasks/install.yml index 6ccca3698..e209c8bc8 100644 --- a/roles/edpm_multipathd/tasks/install.yml +++ b/roles/edpm_multipathd/tasks/install.yml @@ -41,7 +41,7 @@ - ansible_facts.services["multipathd"]["status"] == "enabled" failed_when: false loop: - - multipathd.service + - edpm-compute@multipathd.service - multipathd.socket loop_control: index_var: multipath_service_index diff --git a/roles/edpm_multipathd/tasks/run.yml b/roles/edpm_multipathd/tasks/run.yml index 42988f15a..febdb0242 100644 --- a/roles/edpm_multipathd/tasks/run.yml +++ b/roles/edpm_multipathd/tasks/run.yml @@ -32,7 +32,24 @@ multipathd: "{{ lookup('template', 'multipathd.yaml.j2') | from_yaml }}" edpm_container_standalone_kolla_config_files: multipathd: "{{ lookup('template', 'kolla_multipathd.yaml.j2') | from_yaml }}" - register: manage_multipathd_stat + when: not ansible_local.bootc + +- name: Configure multipathd for bootc + when: ansible_local.bootc + become: true + block: + - name: Render kolla config file + ansible.builtin.template: + src: templates/kolla_ovn_multipathd.yaml.j2 + dest: /var/lib/kolla/config_files/multipathd.json + mode: 0644 + + - name: Manage logrotate crond containers + ansible.builtin.systemd_service: + name: edpm-compute@multipathd + enabled: true + state: started + register: manage_multipathd_stat - name: Check if the multipathd container restart is required ansible.builtin.stat: diff --git a/roles/edpm_neutron_metadata/tasks/run.yml b/roles/edpm_neutron_metadata/tasks/run.yml index bc46b251d..ed8ddbdab 100644 --- a/roles/edpm_neutron_metadata/tasks/run.yml +++ b/roles/edpm_neutron_metadata/tasks/run.yml @@ -45,3 +45,20 @@ ovn_metadata_agent: "{{ lookup('template', 'ovn_metadata_agent.yaml.j2') | from_yaml }}" edpm_container_standalone_kolla_config_files: ovn_metadata_agent: "{{ lookup('template', 'kolla_ovn_metadata_agent.yaml.j2') | from_yaml }}" + when: not ansible_local.bootc + +- name: Configure ovn_metadata_agent for bootc + when: ansible_local.bootc + become: true + block: + - name: Render kolla config file + ansible.builtin.template: + src: templates/kolla_ovn_metadata_agent.yaml.j2 + dest: /var/lib/kolla/config_files/ovn_metadata_agent.json + mode: 0644 + + - name: Manage logrotate crond containers + ansible.builtin.systemd_service: + name: edpm-compute@ovn_metadata_agent + enabled: true + state: started diff --git a/roles/edpm_ovn/tasks/run.yml b/roles/edpm_ovn/tasks/run.yml index 2571db040..cd6c24318 100644 --- a/roles/edpm_ovn/tasks/run.yml +++ b/roles/edpm_ovn/tasks/run.yml @@ -45,3 +45,21 @@ ovn_controller: "{{ lookup('template', 'ovn_controller.yaml.j2') | from_yaml }}" edpm_container_standalone_kolla_config_files: ovn_controller: "{{ lookup('template', 'kolla_ovn_controller.yaml.j2') | from_yaml }}" + when: not ansible_local.bootc + +- name: Configure OVN Controller container on bootc nodes + become: true + when: ansible_local.bootc + block: + - name: Render kolla config file for ovn_controller + ansible.builtin.template: + src: templates/kolla_ovn_controller.yaml + dest: /var/lib/kolla/config_files/ovn_controller.json + mode: 0644 + + - name: Run ovn_controller container + ansible.builtin.systemd_service: + name: edpm-compute@ovn_controller + enabled: true + state: started + From 2e6ec6746f1df532cb1a7e3c755677987e9b6fa0 Mon Sep 17 00:00:00 2001 From: Brendan Shephard Date: Wed, 11 Dec 2024 12:47:44 +1000 Subject: [PATCH 05/15] Rebase on bootc branch Signed-off-by: Brendan Shephard --- roles/edpm_kernel/defaults/main.yml | 1 - roles/edpm_kernel/tasks/main.yml | 2 +- roles/edpm_libvirt/defaults/main.yml | 1 - roles/edpm_libvirt/tasks/install.yml | 2 +- roles/edpm_logrotate_crond/defaults/main.yml | 1 - roles/edpm_logrotate_crond/tasks/install.yml | 2 +- roles/edpm_network_config/defaults/main.yml | 1 - roles/edpm_network_config/tasks/network_config.yml | 2 +- roles/edpm_nvmeof/tasks/install.yml | 2 +- roles/edpm_ovs/defaults/main.yml | 1 - roles/edpm_ovs/tasks/download_cache.yml | 2 +- roles/edpm_ovs/tasks/install.yml | 2 +- roles/edpm_podman/defaults/main.yml | 1 - roles/edpm_podman/tasks/install.yml | 2 +- roles/edpm_reboot/tasks/main.yaml | 2 +- roles/edpm_sshd/tasks/install.yml | 2 +- 16 files changed, 10 insertions(+), 16 deletions(-) diff --git a/roles/edpm_kernel/defaults/main.yml b/roles/edpm_kernel/defaults/main.yml index b100a8cc4..5fe8791b3 100644 --- a/roles/edpm_kernel/defaults/main.yml +++ b/roles/edpm_kernel/defaults/main.yml @@ -36,4 +36,3 @@ edpm_nova_compute_config_dir: /var/lib/config-data/ansible-generated/nova_libvir # KSM control edpm_kernel_enable_ksm: false -edpm_use_bootc: false diff --git a/roles/edpm_kernel/tasks/main.yml b/roles/edpm_kernel/tasks/main.yml index 05179ab88..67c91a296 100644 --- a/roles/edpm_kernel/tasks/main.yml +++ b/roles/edpm_kernel/tasks/main.yml @@ -27,7 +27,7 @@ register: _install_packages_result when: - edpm_kernel_extra_packages | length > 0 - - not edpm_use_bootc + - not bootc until: _install_packages_result is succeeded retries: "{{ edpm_kernel_download_retries }}" delay: "{{ edpm_kernel_download_delay }}" diff --git a/roles/edpm_libvirt/defaults/main.yml b/roles/edpm_libvirt/defaults/main.yml index 4ba010d6e..90c75966d 100644 --- a/roles/edpm_libvirt/defaults/main.yml +++ b/roles/edpm_libvirt/defaults/main.yml @@ -72,4 +72,3 @@ edpm_libvirt_password_path: /var/lib/openstack/configs/{{ edpm_libvirt_service_n # certs edpm_libvirt_tls_certs_enabled: "{{ edpm_tls_certs_enabled | default(False) }}" edpm_libvirt_tls_cert_src_dir: /var/lib/openstack/certs/{{ edpm_libvirt_service_name }}/default -edpm_use_bootc: false diff --git a/roles/edpm_libvirt/tasks/install.yml b/roles/edpm_libvirt/tasks/install.yml index d168de985..fdc8eeeb7 100644 --- a/roles/edpm_libvirt/tasks/install.yml +++ b/roles/edpm_libvirt/tasks/install.yml @@ -13,7 +13,7 @@ delay: "{{ edpm_libvirt_download_delay }}" notify: - Restart libvirt - when: not edpm_use_bootc + when: not bootc - name: Ensure monolithic libvirt and tcp socket activation is not enabled or running tags: diff --git a/roles/edpm_logrotate_crond/defaults/main.yml b/roles/edpm_logrotate_crond/defaults/main.yml index 8d599d109..c055a4922 100644 --- a/roles/edpm_logrotate_crond/defaults/main.yml +++ b/roles/edpm_logrotate_crond/defaults/main.yml @@ -66,4 +66,3 @@ edpm_logrotate_crond_dateformat: null edpm_logrotate_crond_dateyesterday: null # If container health check should be enabled edpm_logrotate_crond_healthcheck: true -edpm_use_bootc: false diff --git a/roles/edpm_logrotate_crond/tasks/install.yml b/roles/edpm_logrotate_crond/tasks/install.yml index acd56e2d4..99550767d 100644 --- a/roles/edpm_logrotate_crond/tasks/install.yml +++ b/roles/edpm_logrotate_crond/tasks/install.yml @@ -24,7 +24,7 @@ retries: "{{ edpm_logrotate_crond_download_retries }}" delay: "{{ edpm_logrotate_crond_download_delay }}" when: - - not edpm_use_bootc + - not bootc - name: Gather SELinux fact if needed when: diff --git a/roles/edpm_network_config/defaults/main.yml b/roles/edpm_network_config/defaults/main.yml index 0ef798bdd..d5266db7b 100644 --- a/roles/edpm_network_config/defaults/main.yml +++ b/roles/edpm_network_config/defaults/main.yml @@ -51,4 +51,3 @@ edpm_network_config_safe_defaults: true edpm_network_config_template: "" edpm_bond_interface_ovs_options: "bond_mode=active-backup" edpm_dns_search_domains: [] -edpm_use_bootc: false diff --git a/roles/edpm_network_config/tasks/network_config.yml b/roles/edpm_network_config/tasks/network_config.yml index 25a7e78b5..ca6a6bb8d 100644 --- a/roles/edpm_network_config/tasks/network_config.yml +++ b/roles/edpm_network_config/tasks/network_config.yml @@ -47,7 +47,7 @@ until: edpm_network_config_onc_download is succeeded retries: "{{ edpm_network_config_download_retries }}" delay: "{{ edpm_network_config_download_delay }}" - when: not edpm_use_bootc + when: not bootc - name: Ensure /var/lib/edpm-config directory exists become: true diff --git a/roles/edpm_nvmeof/tasks/install.yml b/roles/edpm_nvmeof/tasks/install.yml index 544df7be8..baca6bff2 100644 --- a/roles/edpm_nvmeof/tasks/install.yml +++ b/roles/edpm_nvmeof/tasks/install.yml @@ -29,4 +29,4 @@ ansible.builtin.package: name: nvme-cli state: present - when: not edpm_use_bootc + when: not bootc diff --git a/roles/edpm_ovs/defaults/main.yml b/roles/edpm_ovs/defaults/main.yml index 4cd2231bf..2d03e647f 100644 --- a/roles/edpm_ovs/defaults/main.yml +++ b/roles/edpm_ovs/defaults/main.yml @@ -37,4 +37,3 @@ edpm_ovs_packages: - openvswitch # whether to reload the openvswitch service after an update is complete edpm_ovs_reload_after_update: false -edpm_use_bootc: false diff --git a/roles/edpm_ovs/tasks/download_cache.yml b/roles/edpm_ovs/tasks/download_cache.yml index a7da2fd71..3feeed401 100644 --- a/roles/edpm_ovs/tasks/download_cache.yml +++ b/roles/edpm_ovs/tasks/download_cache.yml @@ -9,4 +9,4 @@ until: _install_packages_result is succeeded retries: "{{ edpm_ovs_download_retries }}" delay: "{{ edpm_ovs_download_delay }}" - when: not edpm_use_bootc + when: not bootc diff --git a/roles/edpm_ovs/tasks/install.yml b/roles/edpm_ovs/tasks/install.yml index 9ff08dd89..fb5e56d10 100644 --- a/roles/edpm_ovs/tasks/install.yml +++ b/roles/edpm_ovs/tasks/install.yml @@ -11,7 +11,7 @@ until: edpm_ovs_package_install is succeeded retries: "{{ edpm_ovs_download_retries }}" delay: "{{ edpm_ovs_download_delay }}" - when: not edpm_use_bootc + when: not bootc - name: Ensure ovs services are enabled and running tags: diff --git a/roles/edpm_podman/defaults/main.yml b/roles/edpm_podman/defaults/main.yml index a85079a3f..20b4ac60a 100644 --- a/roles/edpm_podman/defaults/main.yml +++ b/roles/edpm_podman/defaults/main.yml @@ -103,4 +103,3 @@ edpm_podman_auth_file: ~/.config/containers/auth.json edpm_podman_registries_conf: "" edpm_podman_disconnected_ocp: false -edpm_use_bootc: false diff --git a/roles/edpm_podman/tasks/install.yml b/roles/edpm_podman/tasks/install.yml index 35d920154..eebe46da6 100644 --- a/roles/edpm_podman/tasks/install.yml +++ b/roles/edpm_podman/tasks/install.yml @@ -25,7 +25,7 @@ until: edpm_podman_package_download is succeeded retries: "{{ edpm_podman_download_retries }}" delay: "{{ edpm_podman_download_delay }}" - when: not edpm_use_bootc + when: not bootc - name: Ensure we get the ansible interfaces facts when: diff --git a/roles/edpm_reboot/tasks/main.yaml b/roles/edpm_reboot/tasks/main.yaml index ba22c8ee1..8b5d3c7b0 100644 --- a/roles/edpm_reboot/tasks/main.yaml +++ b/roles/edpm_reboot/tasks/main.yaml @@ -18,7 +18,7 @@ become: true ansible.builtin.dnf: name: yum-utils - when: not edpm_use_bootc + when: not bootc - name: Check if reboot is required with needs-restarting ansible.builtin.command: needs-restarting -r diff --git a/roles/edpm_sshd/tasks/install.yml b/roles/edpm_sshd/tasks/install.yml index fdcf98411..d3439d6ae 100644 --- a/roles/edpm_sshd/tasks/install.yml +++ b/roles/edpm_sshd/tasks/install.yml @@ -27,7 +27,7 @@ retries: "{{ edpm_sshd_download_retries }}" delay: "{{ edpm_sshd_download_delay }}" when: - - not edpm_use_bootc + - not bootc # NOTE(mwhahaha): we need this here because in order to validate our generated # config, we need to ensure the host keys exist From 5323adaf9803d307c69498e4da9b7a5fb711ef38 Mon Sep 17 00:00:00 2001 From: Brendan Shephard Date: Wed, 11 Dec 2024 13:40:51 +1000 Subject: [PATCH 06/15] edpm_tuned support bootc Signed-off-by: Brendan Shephard --- roles/edpm_tuned/tasks/main.yml | 1 + 1 file changed, 1 insertion(+) diff --git a/roles/edpm_tuned/tasks/main.yml b/roles/edpm_tuned/tasks/main.yml index 575fc3722..2b2f63b0d 100644 --- a/roles/edpm_tuned/tasks/main.yml +++ b/roles/edpm_tuned/tasks/main.yml @@ -17,6 +17,7 @@ - name: Install packages ansible.builtin.include_tasks: install.yml + when: not bootc - name: Configure tuned ansible.builtin.include_tasks: configure.yml From b0c5c6f101b8e323a5db375f0a734d6552d4b542 Mon Sep 17 00:00:00 2001 From: Brendan Shephard Date: Wed, 11 Dec 2024 14:43:24 +1000 Subject: [PATCH 07/15] Skip edpm_kernel when using bootc Signed-off-by: Brendan Shephard --- playbooks/bootstrap.yml | 3 +++ 1 file changed, 3 insertions(+) diff --git a/playbooks/bootstrap.yml b/playbooks/bootstrap.yml index c8948766c..7062d1bb6 100644 --- a/playbooks/bootstrap.yml +++ b/playbooks/bootstrap.yml @@ -42,6 +42,7 @@ name: osp.edpm.edpm_kernel tags: - edpm_kernel + when: not bootc - name: Import edpm_tuned ansible.builtin.import_role: name: osp.edpm.edpm_tuned @@ -53,9 +54,11 @@ tasks_from: kernelargs.yml tags: - edpm_kernel + when: not bootc - name: Configure KSM for kernel ansible.builtin.import_role: name: osp.edpm.edpm_kernel tasks_from: ksm.yml tags: - edpm_kernel + when: not bootc From ee7c9a46376756b1f5b58097a006c02461d77d45 Mon Sep 17 00:00:00 2001 From: Brendan Shephard Date: Thu, 12 Dec 2024 11:53:10 +1000 Subject: [PATCH 08/15] Add Telemetry bootc compatibility Signed-off-by: Brendan Shephard --- roles/edpm_telemetry/tasks/configure.yml | 7 +++++++ roles/edpm_telemetry/tasks/exporter.yml | 9 +++++++++ 2 files changed, 16 insertions(+) diff --git a/roles/edpm_telemetry/tasks/configure.yml b/roles/edpm_telemetry/tasks/configure.yml index aa74f52b7..9ffa19902 100644 --- a/roles/edpm_telemetry/tasks/configure.yml +++ b/roles/edpm_telemetry/tasks/configure.yml @@ -133,3 +133,10 @@ mode: "0644" owner: ceilometer group: ceilometer + +- name: Start ceilometer_agent_compute container - bootc + ansible.builtin.systemd_service: + name: edpm-compute@ceilometer_agent_compute + state: started + enabled: true + when: bootc diff --git a/roles/edpm_telemetry/tasks/exporter.yml b/roles/edpm_telemetry/tasks/exporter.yml index d125d2718..8da0ce2c7 100644 --- a/roles/edpm_telemetry/tasks/exporter.yml +++ b/roles/edpm_telemetry/tasks/exporter.yml @@ -18,9 +18,18 @@ edpm_container_manage_healthcheck_disabled: true edpm_container_manage_config_patterns: "{{ exporter }}.json" edpm_container_manage_clean_orphans: false + when: not bootc - name: Restart exporter container become: true ansible.builtin.systemd: state: restarted name: "edpm_{{ exporter }}.service" + when: not bootc + +- name: Deploy exporter container - bootc + ansible.builtin.systemd_service: + name: edpm-compute@node_exporter + state: started + enabled: true + From 35944eb5e214c34b5942b66269709005bf2663be Mon Sep 17 00:00:00 2001 From: Brendan Shephard Date: Fri, 13 Dec 2024 13:25:28 +1000 Subject: [PATCH 09/15] Add multipathd bootc support Signed-off-by: Brendan Shephard --- roles/edpm_multipathd/tasks/install.yml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/roles/edpm_multipathd/tasks/install.yml b/roles/edpm_multipathd/tasks/install.yml index e209c8bc8..6ccca3698 100644 --- a/roles/edpm_multipathd/tasks/install.yml +++ b/roles/edpm_multipathd/tasks/install.yml @@ -41,7 +41,7 @@ - ansible_facts.services["multipathd"]["status"] == "enabled" failed_when: false loop: - - edpm-compute@multipathd.service + - multipathd.service - multipathd.socket loop_control: index_var: multipath_service_index From 3fa4be3922fca23d3ae19744d17126973cd240a4 Mon Sep 17 00:00:00 2001 From: Brendan Shephard Date: Mon, 13 Jan 2025 09:08:37 +1000 Subject: [PATCH 10/15] Use local fact for bootc Signed-off-by: Brendan Shephard --- playbooks/bootstrap.yml | 6 +++--- roles/edpm_container_manage/tasks/shutdown.yml | 2 +- roles/edpm_kernel/tasks/main.yml | 2 +- roles/edpm_libvirt/tasks/install.yml | 2 +- roles/edpm_logrotate_crond/tasks/install.yml | 2 +- roles/edpm_network_config/tasks/network_config.yml | 2 +- roles/edpm_nvmeof/tasks/install.yml | 2 +- roles/edpm_ovs/tasks/download_cache.yml | 2 +- roles/edpm_ovs/tasks/install.yml | 2 +- roles/edpm_podman/tasks/install.yml | 2 +- roles/edpm_reboot/tasks/main.yaml | 2 +- roles/edpm_sshd/tasks/install.yml | 2 +- roles/edpm_telemetry/tasks/configure.yml | 2 +- roles/edpm_telemetry/tasks/exporter.yml | 4 ++-- roles/edpm_tuned/tasks/main.yml | 2 +- 15 files changed, 18 insertions(+), 18 deletions(-) diff --git a/playbooks/bootstrap.yml b/playbooks/bootstrap.yml index 7062d1bb6..3fa905692 100644 --- a/playbooks/bootstrap.yml +++ b/playbooks/bootstrap.yml @@ -42,7 +42,7 @@ name: osp.edpm.edpm_kernel tags: - edpm_kernel - when: not bootc + when: not ansible_local.bootc - name: Import edpm_tuned ansible.builtin.import_role: name: osp.edpm.edpm_tuned @@ -54,11 +54,11 @@ tasks_from: kernelargs.yml tags: - edpm_kernel - when: not bootc + when: not ansible_local.bootc - name: Configure KSM for kernel ansible.builtin.import_role: name: osp.edpm.edpm_kernel tasks_from: ksm.yml tags: - edpm_kernel - when: not bootc + when: not ansible_local.bootc diff --git a/roles/edpm_container_manage/tasks/shutdown.yml b/roles/edpm_container_manage/tasks/shutdown.yml index 2c0153b4c..700679dc9 100644 --- a/roles/edpm_container_manage/tasks/shutdown.yml +++ b/roles/edpm_container_manage/tasks/shutdown.yml @@ -27,7 +27,7 @@ loop: - 'edpm-container-shutdown' - 'edpm-start-podman-container' - when: not edpm_use_bootc + when: not ansible_local.bootc - name: "Create systemd preset dir" ansible.builtin.file: diff --git a/roles/edpm_kernel/tasks/main.yml b/roles/edpm_kernel/tasks/main.yml index 67c91a296..325affa8b 100644 --- a/roles/edpm_kernel/tasks/main.yml +++ b/roles/edpm_kernel/tasks/main.yml @@ -27,7 +27,7 @@ register: _install_packages_result when: - edpm_kernel_extra_packages | length > 0 - - not bootc + - not ansible_local.bootc until: _install_packages_result is succeeded retries: "{{ edpm_kernel_download_retries }}" delay: "{{ edpm_kernel_download_delay }}" diff --git a/roles/edpm_libvirt/tasks/install.yml b/roles/edpm_libvirt/tasks/install.yml index fdc8eeeb7..a936bfed6 100644 --- a/roles/edpm_libvirt/tasks/install.yml +++ b/roles/edpm_libvirt/tasks/install.yml @@ -13,7 +13,7 @@ delay: "{{ edpm_libvirt_download_delay }}" notify: - Restart libvirt - when: not bootc + when: not ansible_local.bootc - name: Ensure monolithic libvirt and tcp socket activation is not enabled or running tags: diff --git a/roles/edpm_logrotate_crond/tasks/install.yml b/roles/edpm_logrotate_crond/tasks/install.yml index 99550767d..8121f9136 100644 --- a/roles/edpm_logrotate_crond/tasks/install.yml +++ b/roles/edpm_logrotate_crond/tasks/install.yml @@ -24,7 +24,7 @@ retries: "{{ edpm_logrotate_crond_download_retries }}" delay: "{{ edpm_logrotate_crond_download_delay }}" when: - - not bootc + - not ansible_local.bootc - name: Gather SELinux fact if needed when: diff --git a/roles/edpm_network_config/tasks/network_config.yml b/roles/edpm_network_config/tasks/network_config.yml index ca6a6bb8d..5992a207c 100644 --- a/roles/edpm_network_config/tasks/network_config.yml +++ b/roles/edpm_network_config/tasks/network_config.yml @@ -47,7 +47,7 @@ until: edpm_network_config_onc_download is succeeded retries: "{{ edpm_network_config_download_retries }}" delay: "{{ edpm_network_config_download_delay }}" - when: not bootc + when: not ansible_local.bootc - name: Ensure /var/lib/edpm-config directory exists become: true diff --git a/roles/edpm_nvmeof/tasks/install.yml b/roles/edpm_nvmeof/tasks/install.yml index baca6bff2..e7621359b 100644 --- a/roles/edpm_nvmeof/tasks/install.yml +++ b/roles/edpm_nvmeof/tasks/install.yml @@ -29,4 +29,4 @@ ansible.builtin.package: name: nvme-cli state: present - when: not bootc + when: not ansible_local.bootc diff --git a/roles/edpm_ovs/tasks/download_cache.yml b/roles/edpm_ovs/tasks/download_cache.yml index 3feeed401..e07f5a819 100644 --- a/roles/edpm_ovs/tasks/download_cache.yml +++ b/roles/edpm_ovs/tasks/download_cache.yml @@ -9,4 +9,4 @@ until: _install_packages_result is succeeded retries: "{{ edpm_ovs_download_retries }}" delay: "{{ edpm_ovs_download_delay }}" - when: not bootc + when: not ansible_local.bootc diff --git a/roles/edpm_ovs/tasks/install.yml b/roles/edpm_ovs/tasks/install.yml index fb5e56d10..535c485ea 100644 --- a/roles/edpm_ovs/tasks/install.yml +++ b/roles/edpm_ovs/tasks/install.yml @@ -11,7 +11,7 @@ until: edpm_ovs_package_install is succeeded retries: "{{ edpm_ovs_download_retries }}" delay: "{{ edpm_ovs_download_delay }}" - when: not bootc + when: not ansible_local.bootc - name: Ensure ovs services are enabled and running tags: diff --git a/roles/edpm_podman/tasks/install.yml b/roles/edpm_podman/tasks/install.yml index eebe46da6..0a09ae039 100644 --- a/roles/edpm_podman/tasks/install.yml +++ b/roles/edpm_podman/tasks/install.yml @@ -25,7 +25,7 @@ until: edpm_podman_package_download is succeeded retries: "{{ edpm_podman_download_retries }}" delay: "{{ edpm_podman_download_delay }}" - when: not bootc + when: not ansible_local.bootc - name: Ensure we get the ansible interfaces facts when: diff --git a/roles/edpm_reboot/tasks/main.yaml b/roles/edpm_reboot/tasks/main.yaml index 8b5d3c7b0..3df54acba 100644 --- a/roles/edpm_reboot/tasks/main.yaml +++ b/roles/edpm_reboot/tasks/main.yaml @@ -18,7 +18,7 @@ become: true ansible.builtin.dnf: name: yum-utils - when: not bootc + when: not ansible_local.bootc - name: Check if reboot is required with needs-restarting ansible.builtin.command: needs-restarting -r diff --git a/roles/edpm_sshd/tasks/install.yml b/roles/edpm_sshd/tasks/install.yml index d3439d6ae..981a19b08 100644 --- a/roles/edpm_sshd/tasks/install.yml +++ b/roles/edpm_sshd/tasks/install.yml @@ -27,7 +27,7 @@ retries: "{{ edpm_sshd_download_retries }}" delay: "{{ edpm_sshd_download_delay }}" when: - - not bootc + - not ansible_local.bootc # NOTE(mwhahaha): we need this here because in order to validate our generated # config, we need to ensure the host keys exist diff --git a/roles/edpm_telemetry/tasks/configure.yml b/roles/edpm_telemetry/tasks/configure.yml index 9ffa19902..5b4e4d865 100644 --- a/roles/edpm_telemetry/tasks/configure.yml +++ b/roles/edpm_telemetry/tasks/configure.yml @@ -139,4 +139,4 @@ name: edpm-compute@ceilometer_agent_compute state: started enabled: true - when: bootc + when: ansible_local.bootc diff --git a/roles/edpm_telemetry/tasks/exporter.yml b/roles/edpm_telemetry/tasks/exporter.yml index 8da0ce2c7..62df92607 100644 --- a/roles/edpm_telemetry/tasks/exporter.yml +++ b/roles/edpm_telemetry/tasks/exporter.yml @@ -18,14 +18,14 @@ edpm_container_manage_healthcheck_disabled: true edpm_container_manage_config_patterns: "{{ exporter }}.json" edpm_container_manage_clean_orphans: false - when: not bootc + when: not ansible_local.bootc - name: Restart exporter container become: true ansible.builtin.systemd: state: restarted name: "edpm_{{ exporter }}.service" - when: not bootc + when: not ansible_local.bootc - name: Deploy exporter container - bootc ansible.builtin.systemd_service: diff --git a/roles/edpm_tuned/tasks/main.yml b/roles/edpm_tuned/tasks/main.yml index 2b2f63b0d..c381ea5ae 100644 --- a/roles/edpm_tuned/tasks/main.yml +++ b/roles/edpm_tuned/tasks/main.yml @@ -17,7 +17,7 @@ - name: Install packages ansible.builtin.include_tasks: install.yml - when: not bootc + when: not ansible_local.bootc - name: Configure tuned ansible.builtin.include_tasks: configure.yml From f1accdaa7c76cce912ce2b667dc75201346b5d28 Mon Sep 17 00:00:00 2001 From: Brendan Shephard Date: Mon, 13 Jan 2025 09:41:59 +1000 Subject: [PATCH 11/15] Skip swapfile creation for bootc Signed-off-by: Brendan Shephard --- roles/edpm_bootstrap/tasks/swap.yml | 1 + 1 file changed, 1 insertion(+) diff --git a/roles/edpm_bootstrap/tasks/swap.yml b/roles/edpm_bootstrap/tasks/swap.yml index 2ce1c8522..f2053e7cc 100644 --- a/roles/edpm_bootstrap/tasks/swap.yml +++ b/roles/edpm_bootstrap/tasks/swap.yml @@ -16,6 +16,7 @@ - name: Configure swap file when: + - not ansible_local.bootc - not edpm_bootstrap_swap_partition_enabled|bool - edpm_bootstrap_swap_size_megabytes|int > 0 become: true From 201b67307169e5ad0551fc118bcc198e75a28248 Mon Sep 17 00:00:00 2001 From: Brendan Shephard Date: Tue, 14 Jan 2025 11:38:59 +1000 Subject: [PATCH 12/15] Use quadlet for logrotate_crond Signed-off-by: Brendan Shephard --- roles/edpm_logrotate_crond/tasks/logrotate_crond.yml | 10 ++++++++++ roles/edpm_logrotate_crond/tasks/run.yml | 9 +++++++++ 2 files changed, 19 insertions(+) diff --git a/roles/edpm_logrotate_crond/tasks/logrotate_crond.yml b/roles/edpm_logrotate_crond/tasks/logrotate_crond.yml index 1a8bd6217..093de201b 100644 --- a/roles/edpm_logrotate_crond/tasks/logrotate_crond.yml +++ b/roles/edpm_logrotate_crond/tasks/logrotate_crond.yml @@ -24,3 +24,13 @@ logrotate_crond: "{{ lookup('template', 'logrotate_crond.yaml.j2') | from_yaml }}" edpm_container_standalone_kolla_config_files: logrotate_crond: "{{ lookup('file', 'files/logrotate_crond.yaml') | from_yaml }}" + when: not ansible_local.bootc + +- name: Manage logrotate crond containers + ansible.builtin.systemd_service: + name: edpm-compute@logrotate_crond + enabled: true + state: started + become: true + when: ansible_local.bootc + diff --git a/roles/edpm_logrotate_crond/tasks/run.yml b/roles/edpm_logrotate_crond/tasks/run.yml index 923194e97..aa588514a 100644 --- a/roles/edpm_logrotate_crond/tasks/run.yml +++ b/roles/edpm_logrotate_crond/tasks/run.yml @@ -27,3 +27,12 @@ logrotate_crond: "{{ lookup('template', 'logrotate_crond.yaml.j2') | from_yaml }}" edpm_container_standalone_kolla_config_files: logrotate_crond: "{{ lookup('file', 'files/logrotate_crond.yaml') | from_yaml }}" + when: not ansible_local.bootc + +- name: Manage logrotate crond containers + ansible.builtin.systemd_service: + name: edpm-compute@logrotate_crond + enabled: true + state: started + become: true + when: ansible_local.bootc From dcbe803e26fc853e39b47c17469e8fd6663dd515 Mon Sep 17 00:00:00 2001 From: Brendan Shephard Date: Tue, 14 Jan 2025 11:59:37 +1000 Subject: [PATCH 13/15] Nova_compute support bootc Signed-off-by: Brendan Shephard --- roles/edpm_nova/handlers/main.yml | 10 ++++++ roles/edpm_nova/tasks/install.yml | 58 +++++++++++++++++++------------ 2 files changed, 46 insertions(+), 22 deletions(-) diff --git a/roles/edpm_nova/handlers/main.yml b/roles/edpm_nova/handlers/main.yml index d3fc8d8ee..908e7f67c 100644 --- a/roles/edpm_nova/handlers/main.yml +++ b/roles/edpm_nova/handlers/main.yml @@ -19,6 +19,7 @@ state: restarted name: "edpm_nova_compute.service" listen: "Restart nova" + when: not ansible_local.bootc - name: Restart nova init container become: true @@ -26,3 +27,12 @@ name: nova_compute_init state: started listen: "Restart nova init" + when: not ansible_local.bootc + +- name: Restart nova container + become: true + ansible.builtin.systemd: + state: restarted + name: edpm-compute@nova_compute + listen: "Restart nova" + when: ansible_local.bootc diff --git a/roles/edpm_nova/tasks/install.yml b/roles/edpm_nova/tasks/install.yml index 994bdc68f..40cb9789d 100644 --- a/roles/edpm_nova/tasks/install.yml +++ b/roles/edpm_nova/tasks/install.yml @@ -31,26 +31,40 @@ notify: - Restart nova init -- name: Deploy nova init container - tags: - - install - - nova - ansible.builtin.include_role: - name: osp.edpm.edpm_container_manage - vars: - edpm_container_manage_config: '/var/lib/openstack/config/containers' - edpm_container_manage_healthcheck_disabled: true - edpm_container_manage_config_patterns: 'nova_compute_init.json' - edpm_container_manage_clean_orphans: false +- name: Deploy non-image mode Nova containers + when: not ansible_local.bootc + block: + - name: Deploy nova init container + tags: + - install + - nova + ansible.builtin.include_role: + name: osp.edpm.edpm_container_manage + vars: + edpm_container_manage_config: '/var/lib/openstack/config/containers' + edpm_container_manage_healthcheck_disabled: true + edpm_container_manage_config_patterns: 'nova_compute_init.json' + edpm_container_manage_clean_orphans: false + + - name: Deploy nova container + tags: + - install + - nova + ansible.builtin.include_role: + name: osp.edpm.edpm_container_manage + vars: + edpm_container_manage_config: '/var/lib/openstack/config/containers' + edpm_container_manage_healthcheck_disabled: true + edpm_container_manage_config_patterns: 'nova_compute.json' + edpm_container_manage_clean_orphans: false + +- name: Deploy image mode Nova containers + when: ansible_local.bootc + become: true + block: + - name: Deploy nova_compute container + ansible.builtin.systemd_service: + name: edpm-compute@nova_compute + state: started + enabled: true -- name: Deploy nova container - tags: - - install - - nova - ansible.builtin.include_role: - name: osp.edpm.edpm_container_manage - vars: - edpm_container_manage_config: '/var/lib/openstack/config/containers' - edpm_container_manage_healthcheck_disabled: true - edpm_container_manage_config_patterns: 'nova_compute.json' - edpm_container_manage_clean_orphans: false From e8ce9a61bc568b41bf99a9a9f65b32191bfa86ad Mon Sep 17 00:00:00 2001 From: Brendan Shephard Date: Wed, 15 Jan 2025 16:40:46 +1000 Subject: [PATCH 14/15] Ensure /var/log/containers exists Signed-off-by: Brendan Shephard --- roles/edpm_podman/tasks/install.yml | 11 +++++++++++ 1 file changed, 11 insertions(+) diff --git a/roles/edpm_podman/tasks/install.yml b/roles/edpm_podman/tasks/install.yml index 0a09ae039..de0f8e638 100644 --- a/roles/edpm_podman/tasks/install.yml +++ b/roles/edpm_podman/tasks/install.yml @@ -149,3 +149,14 @@ name: podman.socket state: started enabled: true + + - name: Ensure /var/log/containers exists + ansible.builtin.file: + path: /var/log/containers + state: directory + mode: '0750' + owner: root + group: root + setype: var_log_t + become: true + From d56b3114f3fdbdfad67c8bdebfeb74ce77bc4eff Mon Sep 17 00:00:00 2001 From: Brendan Shephard Date: Thu, 16 Jan 2025 14:02:46 +1000 Subject: [PATCH 15/15] Render kolla_config files for bootc Signed-off-by: Brendan Shephard --- .../tasks/logrotate_crond.yml | 20 +++++++++++++------ roles/edpm_logrotate_crond/tasks/run.yml | 20 +++++++++++++------ roles/edpm_multipathd/tasks/run.yml | 2 +- roles/edpm_ovn/tasks/run.yml | 2 +- roles/edpm_podman/tasks/install.yml | 10 ++++++++++ 5 files changed, 40 insertions(+), 14 deletions(-) diff --git a/roles/edpm_logrotate_crond/tasks/logrotate_crond.yml b/roles/edpm_logrotate_crond/tasks/logrotate_crond.yml index 093de201b..f97390bcf 100644 --- a/roles/edpm_logrotate_crond/tasks/logrotate_crond.yml +++ b/roles/edpm_logrotate_crond/tasks/logrotate_crond.yml @@ -26,11 +26,19 @@ logrotate_crond: "{{ lookup('file', 'files/logrotate_crond.yaml') | from_yaml }}" when: not ansible_local.bootc -- name: Manage logrotate crond containers - ansible.builtin.systemd_service: - name: edpm-compute@logrotate_crond - enabled: true - state: started - become: true +- name: Configure logrotate for bootc when: ansible_local.bootc + block: + - name: Render kolla config file + ansible.builtin.copy: + src: files/logrotate_crond.yaml + dest: /var/lib/kolla/config_files/logrotate_crond.json + mode: 0644 + - name: Manage logrotate crond containers + ansible.builtin.systemd_service: + name: edpm-compute@logrotate_crond + enabled: true + state: started + become: true + diff --git a/roles/edpm_logrotate_crond/tasks/run.yml b/roles/edpm_logrotate_crond/tasks/run.yml index aa588514a..fdd3a41c7 100644 --- a/roles/edpm_logrotate_crond/tasks/run.yml +++ b/roles/edpm_logrotate_crond/tasks/run.yml @@ -29,10 +29,18 @@ logrotate_crond: "{{ lookup('file', 'files/logrotate_crond.yaml') | from_yaml }}" when: not ansible_local.bootc -- name: Manage logrotate crond containers - ansible.builtin.systemd_service: - name: edpm-compute@logrotate_crond - enabled: true - state: started - become: true +- name: Configure logrotate for bootc when: ansible_local.bootc + become: true + block: + - name: Render kolla config file + ansible.builtin.copy: + src: files/logrotate_crond.yaml + dest: /var/lib/kolla/config_files/logrotate_crond.json + mode: 0644 + + - name: Manage logrotate crond containers + ansible.builtin.systemd_service: + name: edpm-compute@logrotate_crond + enabled: true + state: started diff --git a/roles/edpm_multipathd/tasks/run.yml b/roles/edpm_multipathd/tasks/run.yml index febdb0242..3faf44d86 100644 --- a/roles/edpm_multipathd/tasks/run.yml +++ b/roles/edpm_multipathd/tasks/run.yml @@ -40,7 +40,7 @@ block: - name: Render kolla config file ansible.builtin.template: - src: templates/kolla_ovn_multipathd.yaml.j2 + src: templates/kolla_multipathd.yaml.j2 dest: /var/lib/kolla/config_files/multipathd.json mode: 0644 diff --git a/roles/edpm_ovn/tasks/run.yml b/roles/edpm_ovn/tasks/run.yml index cd6c24318..8a2e33c91 100644 --- a/roles/edpm_ovn/tasks/run.yml +++ b/roles/edpm_ovn/tasks/run.yml @@ -53,7 +53,7 @@ block: - name: Render kolla config file for ovn_controller ansible.builtin.template: - src: templates/kolla_ovn_controller.yaml + src: templates/kolla_ovn_controller.yaml.j2 dest: /var/lib/kolla/config_files/ovn_controller.json mode: 0644 diff --git a/roles/edpm_podman/tasks/install.yml b/roles/edpm_podman/tasks/install.yml index de0f8e638..67767f47e 100644 --- a/roles/edpm_podman/tasks/install.yml +++ b/roles/edpm_podman/tasks/install.yml @@ -160,3 +160,13 @@ setype: var_log_t become: true + - name: Ensure /var/lib/kolla/config_files/ exists + ansible.builtin.file: + path: /var/lib/kolla/config_files + state: directory + mode: '0750' + owner: root + group: root + setype: container_file_t + become: true +