From 4d6117b6c884f57e6f779d4cbca9de129976c029 Mon Sep 17 00:00:00 2001 From: Eric Le Lay Date: Wed, 31 Dec 2025 16:49:56 +0100 Subject: [PATCH 1/6] fix: octavia-api broken in multinode OVS When kolla_enable_ovn is false, fallback to amphora driver --- etc/kayobe/environments/ci-multinode/kolla/globals.yml | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/etc/kayobe/environments/ci-multinode/kolla/globals.yml b/etc/kayobe/environments/ci-multinode/kolla/globals.yml index bf74fb4ab7..e9cec17fc8 100644 --- a/etc/kayobe/environments/ci-multinode/kolla/globals.yml +++ b/etc/kayobe/environments/ci-multinode/kolla/globals.yml @@ -49,8 +49,8 @@ opensearch_heap_size: 1g # Octavia load balancer configuration octavia_auto_configure: "no" -octavia_provider_drivers: "ovn:OVN provider" -octavia_provider_agents: "ovn" +octavia_provider_drivers: "{{ kolla_enable_ovn | ternary('ovn:OVN provider', 'amphora') }}" +octavia_provider_agents: "{{ kolla_enable_ovn | ternary('ovn', 'amphora_agent') }}" # Manila CephFS configuration manila_cephfs_filesystem_name: manila-cephfs From 684ae4e8d29d350b61897ad9a4a2fa7d0e9b8370 Mon Sep 17 00:00:00 2001 From: Eric Le Lay Date: Mon, 5 Jan 2026 14:59:20 +0100 Subject: [PATCH 2/6] fix octavia provider label Co-authored-by: Alex Welsh <112560678+Alex-Welsh@users.noreply.github.com> --- etc/kayobe/environments/ci-multinode/kolla/globals.yml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/etc/kayobe/environments/ci-multinode/kolla/globals.yml b/etc/kayobe/environments/ci-multinode/kolla/globals.yml index e9cec17fc8..5d1081e2d4 100644 --- a/etc/kayobe/environments/ci-multinode/kolla/globals.yml +++ b/etc/kayobe/environments/ci-multinode/kolla/globals.yml @@ -49,7 +49,7 @@ opensearch_heap_size: 1g # Octavia load balancer configuration octavia_auto_configure: "no" -octavia_provider_drivers: "{{ kolla_enable_ovn | ternary('ovn:OVN provider', 'amphora') }}" +octavia_provider_drivers: "{{ kolla_enable_ovn | ternary('ovn:OVN provider', 'amphora:Amphora provider') }}" octavia_provider_agents: "{{ kolla_enable_ovn | ternary('ovn', 'amphora_agent') }}" # Manila CephFS configuration From 0bc0c2d07423aef2ff0f4b09475e8666c98f8c6b Mon Sep 17 00:00:00 2001 From: Jack Hodgkiss Date: Mon, 17 Feb 2025 09:26:59 +0000 Subject: [PATCH 3/6] feat: add `amphora` load balancers to `ci-multinode` --- .../environments/ci-multinode/controllers.yml | 5 +++- .../group_vars/controllers/network-interfaces | 2 ++ .../ci-multinode/kolla/globals.yml | 23 +++++++++++++++---- .../environments/ci-multinode/networks.yml | 7 ++++++ .../environments/ci-multinode/stackhpc-ci.yml | 3 +++ 5 files changed, 34 insertions(+), 6 deletions(-) diff --git a/etc/kayobe/environments/ci-multinode/controllers.yml b/etc/kayobe/environments/ci-multinode/controllers.yml index 173bcc3714..66b8425725 100644 --- a/etc/kayobe/environments/ci-multinode/controllers.yml +++ b/etc/kayobe/environments/ci-multinode/controllers.yml @@ -5,7 +5,6 @@ controller_bootstrap_user: "{{ os_distribution if os_distribution == 'ubuntu' el controller_lvm_groups: - "{{ stackhpc_lvm_group_rootvg }}" - ############################################################################### # Controller node firewalld configuration. @@ -28,3 +27,7 @@ controller_firewalld_default_zone: trusted # - permanent: true # - state: enabled controller_firewalld_rules: "{{ stackhpc_firewalld_rules }}" + +# List of extra networks to which controller nodes are attached. +controller_extra_network_interfaces: + - octavia diff --git a/etc/kayobe/environments/ci-multinode/inventory/group_vars/controllers/network-interfaces b/etc/kayobe/environments/ci-multinode/inventory/group_vars/controllers/network-interfaces index 7df8bec280..16ab87eae1 100644 --- a/etc/kayobe/environments/ci-multinode/inventory/group_vars/controllers/network-interfaces +++ b/etc/kayobe/environments/ci-multinode/inventory/group_vars/controllers/network-interfaces @@ -16,6 +16,8 @@ public_routes: - cidr: "{{ external_cidr }}" gateway: "{{ public_net_name | net_ip( groups['seed'][0] ) }}" +octavia_interface: "{{ vxlan_interfaces[0].device}}.{{ octavia_vlan }}" + ############################################################################### # Dummy variable to allow Ansible to accept this file. workaround_ansible_issue_8743: yes diff --git a/etc/kayobe/environments/ci-multinode/kolla/globals.yml b/etc/kayobe/environments/ci-multinode/kolla/globals.yml index 5d1081e2d4..83b697908d 100644 --- a/etc/kayobe/environments/ci-multinode/kolla/globals.yml +++ b/etc/kayobe/environments/ci-multinode/kolla/globals.yml @@ -47,11 +47,6 @@ neutron_dns_domain: "{{ root_domain }}." # OpenSearch memory tuning opensearch_heap_size: 1g -# Octavia load balancer configuration -octavia_auto_configure: "no" -octavia_provider_drivers: "{{ kolla_enable_ovn | ternary('ovn:OVN provider', 'amphora:Amphora provider') }}" -octavia_provider_agents: "{{ kolla_enable_ovn | ternary('ovn', 'amphora_agent') }}" - # Manila CephFS configuration manila_cephfs_filesystem_name: manila-cephfs @@ -70,3 +65,21 @@ external_api_firewalld_zone: "{{ public_net_name | net_zone }}" # Test cinder cluster cinder_cluster_name: "stackhpc_test_cinder_cluster" + +# Octavia load balancer configuration +octavia_network_interface: "{{ hostvars[groups['controllers'] | first].octavia_interface }}" + +octavia_amp_network: + name: lb-mgmt-net + provider_network_type: vlan + provider_physical_network: "physnet1" + provider_segmentation_id: 999 + external: false + shared: false + subnet: + name: lb-mgmt-subnet + cidr: "192.168.34.0/24" + allocation_pool_start: "192.168.34.10" + allocation_pool_end: "192.168.34.254" + no_gateway_ip: yes + enable_dhcp: yes diff --git a/etc/kayobe/environments/ci-multinode/networks.yml b/etc/kayobe/environments/ci-multinode/networks.yml index 59d3760b9d..9f3e0ea0ac 100644 --- a/etc/kayobe/environments/ci-multinode/networks.yml +++ b/etc/kayobe/environments/ci-multinode/networks.yml @@ -131,6 +131,13 @@ provision_oc_allocation_pool_end: 192.168.33.254 provision_oc_vlan: 107 provision_oc_zone: "provision_oc" +octavia_cidr: 192.168.34.0/24 +octavia_vlan: 999 +octavia_allocation_pool_start: 192.168.34.3 +octavia_allocation_pool_end: 192.168.34.9 +octaiva_mtu: "{{ ansible_facts.default_ipv4.mtu - 50 }}" +octavia_zone: octavia + ############################################################################### # Network virtual patch link configuration. diff --git a/etc/kayobe/environments/ci-multinode/stackhpc-ci.yml b/etc/kayobe/environments/ci-multinode/stackhpc-ci.yml index b44b291374..b0251f7b2c 100644 --- a/etc/kayobe/environments/ci-multinode/stackhpc-ci.yml +++ b/etc/kayobe/environments/ci-multinode/stackhpc-ci.yml @@ -62,3 +62,6 @@ stackhpc_docker_registry: "{{ stackhpc_repo_mirror_url | regex_replace('^https?: stackhpc_docker_registry_username: "{{ stackhpc_repo_mirror_username }}" stackhpc_docker_registry_password: "{{ stackhpc_repo_mirror_password }}" + +stackhpc_release_pulp_username: "{{ stackhpc_repo_mirror_username }}" +stackhpc_release_pulp_password: "{{ stackhpc_repo_mirror_password }}" From 4db4a7eeb0eb8e8777290ad48541b18478e734d9 Mon Sep 17 00:00:00 2001 From: Jack Hodgkiss Date: Tue, 18 Feb 2025 09:08:46 +0000 Subject: [PATCH 4/6] Update etc/kayobe/environments/ci-multinode/networks.yml Co-authored-by: Matt Anson --- etc/kayobe/environments/ci-multinode/networks.yml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/etc/kayobe/environments/ci-multinode/networks.yml b/etc/kayobe/environments/ci-multinode/networks.yml index 9f3e0ea0ac..8873f2776b 100644 --- a/etc/kayobe/environments/ci-multinode/networks.yml +++ b/etc/kayobe/environments/ci-multinode/networks.yml @@ -135,7 +135,7 @@ octavia_cidr: 192.168.34.0/24 octavia_vlan: 999 octavia_allocation_pool_start: 192.168.34.3 octavia_allocation_pool_end: 192.168.34.9 -octaiva_mtu: "{{ ansible_facts.default_ipv4.mtu - 50 }}" +octavia_mtu: "{{ ansible_facts.default_ipv4.mtu - 50 }}" octavia_zone: octavia ############################################################################### From 499995afbebc44da84d4da996d64bebea92563de Mon Sep 17 00:00:00 2001 From: Eric Le Lay Date: Mon, 2 Feb 2026 17:11:57 +0100 Subject: [PATCH 5/6] fix octavia doc --- doc/source/operations/octavia.rst | 6 +++--- 1 file changed, 3 insertions(+), 3 deletions(-) diff --git a/doc/source/operations/octavia.rst b/doc/source/operations/octavia.rst index e470bf5047..59fb9dcfb6 100644 --- a/doc/source/operations/octavia.rst +++ b/doc/source/operations/octavia.rst @@ -87,8 +87,8 @@ Copy the relevant certificates into your kayobe-config: cd ${KAYOBE_CONFIG_PATH}/environments/$KAYOBE_ENVIRONMENT/kolla/config/octavia cp $KOLLA_CONFIG_PATH/octavia-certificates/client_ca/client_ca.cert.pem . cp $KOLLA_CONFIG_PATH/octavia-certificates/client_ca/client.cert-and-key.pem . - cp $KOLLA_CONFIG_PATH/octavia-certificates/client_ca/server_ca.cert.pem . - cp $KOLLA_CONFIG_PATH/octavia-certificates/client_ca/server_ca.key.pem . + cp $KOLLA_CONFIG_PATH/octavia-certificates/server_ca/server_ca.cert.pem . + cp $KOLLA_CONFIG_PATH/octavia-certificates/server_ca/server_ca.key.pem . Encrypt any files containing the keys: @@ -232,7 +232,7 @@ Access the database from a controller: .. code-block:: console docker exec -it mariadb bash - mysql -u root -p octavia + mysql -u octavia -p octavia # Enter the database password when prompted. List the load balancers to find the ID of the broken one(s): From 472f66dff47a73128887932eae884bbbf2ad216f Mon Sep 17 00:00:00 2001 From: Eric Le Lay Date: Mon, 2 Feb 2026 17:12:18 +0100 Subject: [PATCH 6/6] fix kayobe playbook run ansible/maintenance/octavia-amphora-image-register.yml --- etc/kayobe/environments/ci-multinode/globals.yml | 3 +++ 1 file changed, 3 insertions(+) diff --git a/etc/kayobe/environments/ci-multinode/globals.yml b/etc/kayobe/environments/ci-multinode/globals.yml index 0976d362c7..6c5f824828 100644 --- a/etc/kayobe/environments/ci-multinode/globals.yml +++ b/etc/kayobe/environments/ci-multinode/globals.yml @@ -63,6 +63,9 @@ stackhpc_barbican_role_id_file_path: "/tmp/barbican-role-id" # Enable rebooting to update SELinux state selinux_do_reboot: true +# For ansible/maintenance/octavia-amphora-image-register.yml +openstack_cacert: "{{ '/etc/pki/tls/certs/ca-bundle.crt' if os_distribution == 'rocky' else '/etc/ssl/certs/ca-certificates.crt' }}" + ############################################################################### # Extra vars.