diff --git a/.github/workflows/multinode-inputs.py b/.github/workflows/multinode-inputs.py index 198dfc6741..7e51a54c66 100644 --- a/.github/workflows/multinode-inputs.py +++ b/.github/workflows/multinode-inputs.py @@ -31,12 +31,14 @@ class Scenario: ROCKY_9 = OSRelease("rocky", "9", "cloud-user") +ROCKY_10 = OSRelease("rocky", "10", "cloud-user") UBUNTU_JAMMY = OSRelease("ubuntu", "jammy", "ubuntu") UBUNTU_NOBLE = OSRelease("ubuntu", "noble", "ubuntu") # NOTE(upgrade): Add supported releases here. OPENSTACK_RELEASES = [ OpenStackRelease("2024.1", "2023.1", [ROCKY_9, UBUNTU_JAMMY]), OpenStackRelease("2025.1", "2024.1", [ROCKY_9, UBUNTU_NOBLE]), + OpenStackRelease("2025.1", "", [ROCKY_10]), ] NEUTRON_PLUGINS = ["ovs", "ovn"] VERSION_HIERARCHY = ["2023.1", "2024.1", "2025.1"] @@ -75,7 +77,7 @@ def random_scenario() -> Scenario: openstack_release = random.choice(OPENSTACK_RELEASES) os_release = random.choice(openstack_release.os_releases) neutron_plugin = random.choice(NEUTRON_PLUGINS) - upgrade = "major" if random.random() > 0.6 else "none" + upgrade = "major" if (random.random() > 0.6 and openstack_release.previous_version not "") else "none" return Scenario(openstack_release, os_release, neutron_plugin, upgrade) diff --git a/.github/workflows/stackhpc-multinode-periodic.yml b/.github/workflows/stackhpc-multinode-periodic.yml index fbbebda6bb..00bdc95a45 100644 --- a/.github/workflows/stackhpc-multinode-periodic.yml +++ b/.github/workflows/stackhpc-multinode-periodic.yml @@ -38,7 +38,7 @@ jobs: name: Multinode periodic needs: - generate-inputs - uses: stackhpc/stackhpc-openstack-gh-workflows/.github/workflows/multinode.yml@1.8.0 + uses: stackhpc/stackhpc-openstack-gh-workflows/.github/workflows/multinode.yml@1.8.1 with: multinode_name: mn-periodic-${{ github.run_id }} os_distribution: ${{ needs.generate-inputs.outputs.os_distribution }} diff --git a/.github/workflows/stackhpc-multinode.yml b/.github/workflows/stackhpc-multinode.yml index 9878ed9d14..10e6690928 100644 --- a/.github/workflows/stackhpc-multinode.yml +++ b/.github/workflows/stackhpc-multinode.yml @@ -11,12 +11,13 @@ name: Multinode description: Multinode cluster name type: string required: true - os_distribution: - description: Host OS distribution + host_os: + description: Host OS type: choice - default: rocky + default: rocky-9 options: - - rocky + - rocky-9 + - rocky-10 - ubuntu neutron_plugin: description: Neutron ML2 plugin @@ -95,12 +96,12 @@ jobs: multinode: name: Multinode needs: github_user_ssh_keys - uses: stackhpc/stackhpc-openstack-gh-workflows/.github/workflows/multinode.yml@1.8.0 + uses: stackhpc/stackhpc-openstack-gh-workflows/.github/workflows/multinode.yml@1.8.1 with: multinode_name: ${{ inputs.multinode_name }} - os_distribution: ${{ inputs.os_distribution }} - os_release: ${{ inputs.os_distribution == 'rocky' && '9' || 'noble' }} - ssh_username: ${{ inputs.os_distribution == 'rocky' && 'cloud-user' || 'ubuntu' }} + os_distribution: ${{ inputs.host_os == 'ubuntu' && 'ubuntu' || 'rocky' }} + os_release: ${{ inputs.host_os == 'rocky-9' && '9' || inputs.host_os == 'rocky-10' && '10' || 'noble' }} + ssh_username: ${{ (inputs.host_os == 'rocky-9' || inputs.host_os == 'rocky-10') && 'cloud-user' || 'ubuntu' }} neutron_plugin: ${{ inputs.neutron_plugin }} upgrade: ${{ inputs.upgrade }} break_on: ${{ inputs.break_on }} diff --git a/etc/kayobe/ansible/ceph/cephadm-deploy.yml b/etc/kayobe/ansible/ceph/cephadm-deploy.yml index 471d6037db..390f38ea71 100644 --- a/etc/kayobe/ansible/ceph/cephadm-deploy.yml +++ b/etc/kayobe/ansible/ceph/cephadm-deploy.yml @@ -7,6 +7,29 @@ - cephadm - cephadm-deploy tasks: + # note(owenjones): the Ceph release signing key still uses SHA-1, which requires us to + # downgrade to the LEGACY policy on Rocky 10 until a new key is published. + # A later Ceph release might fix this - https://tracker.ceph.com/issues/74861 + - name: Discover currently active crypto policy (Rocky 10) + ansible.builtin.command: + cmd: update-crypto-policies --show + become: true + changed_when: false + register: crypto_policy + when: ansible_facts.os_family == 'RedHat' and ansible_facts.distribution_major_version == '10' + - name: Set crypto policy to LEGACY (Rocky 10) + ansible.builtin.command: + cmd: update-crypto-policies --set LEGACY + become: true + when: ansible_facts.os_family == 'RedHat' and ansible_facts.distribution_major_version == '10' - name: Apply Cephadm role - ansible.builtin.import_role: - name: stackhpc.cephadm.cephadm + block: + - name: Apply Cephadm role + ansible.builtin.import_role: + name: stackhpc.cephadm.cephadm + always: + - name: Revert crypto policy to {{ crypto_policy.stdout | default('DEFAULT') }} (Rocky 10) + ansible.builtin.command: + cmd: update-crypto-policies --set {{ crypto_policy.stdout | default('DEFAULT') }} + become: true + when: ansible_facts.os_family == 'RedHat' and ansible_facts.distribution_major_version == '10' diff --git a/etc/kayobe/ansible/requirements.yml b/etc/kayobe/ansible/requirements.yml index 70a41ac1a2..2690b17a37 100644 --- a/etc/kayobe/ansible/requirements.yml +++ b/etc/kayobe/ansible/requirements.yml @@ -1,7 +1,7 @@ --- collections: - name: stackhpc.cephadm - version: 1.22.0 + version: 1.22.1 - name: pulp.squeezer version: 0.3.0 - name: stackhpc.pulp diff --git a/etc/kayobe/environments/ci-multinode/kolla.yml b/etc/kayobe/environments/ci-multinode/kolla.yml index 809c71142e..c81747d309 100644 --- a/etc/kayobe/environments/ci-multinode/kolla.yml +++ b/etc/kayobe/environments/ci-multinode/kolla.yml @@ -1,12 +1,13 @@ --- -kolla_enable_cinder: true +kolla_enable_barbican: true kolla_enable_cinder_backup: true +kolla_enable_cinder: true +kolla_enable_designate: true +kolla_enable_magnum: true kolla_enable_neutron_provider_networks: true kolla_enable_octavia: true -kolla_enable_magnum: true -kolla_enable_designate: true -kolla_enable_redis: true -kolla_enable_barbican: true +kolla_enable_redis: "{{ kolla_base_distro_and_version in ['ubuntu-noble', 'rocky-9'] }}" +kolla_enable_valkey: "{{ kolla_base_distro_and_version == 'rocky-10' }}" kolla_enable_tls_external: true kolla_enable_tls_internal: true diff --git a/etc/kayobe/environments/ci-multinode/stackhpc-ci.yml b/etc/kayobe/environments/ci-multinode/stackhpc-ci.yml index b44b291374..3fea498e19 100644 --- a/etc/kayobe/environments/ci-multinode/stackhpc-ci.yml +++ b/etc/kayobe/environments/ci-multinode/stackhpc-ci.yml @@ -22,36 +22,51 @@ stackhpc_repo_mirror_password: !vault | 33306539316466373763656137653232313732646533353333626665313936613736 # Build and deploy released Pulp repository versions. -stackhpc_repo_grafana_version: "{{ stackhpc_pulp_repo_grafana_version }}" -stackhpc_repo_rhel9_rabbitmq_erlang_version: "{{ stackhpc_pulp_repo_multiarch_rhel9_rabbitmq_erlang_version }}" -stackhpc_repo_rhel9_rabbitmq_erlang_26_version: "{{ stackhpc_pulp_repo_multiarch_rhel9_rabbitmq_erlang_26_version }}" -stackhpc_repo_rhel9_rabbitmq_erlang_27_version: "{{ stackhpc_pulp_repo_multiarch_rhel9_rabbitmq_erlang_27_version }}" -stackhpc_repo_rhel9_rabbitmq_server_version: "{{ stackhpc_pulp_repo_rhel9_rabbitmq_server_version }}" -stackhpc_repo_ubuntu_noble_version: "{{ stackhpc_pulp_repo_ubuntu_noble_version }}" -stackhpc_repo_ubuntu_noble_security_version: "{{ stackhpc_pulp_repo_ubuntu_noble_security_version }}" -stackhpc_repo_ubuntu_cloud_archive_version: "{{ stackhpc_pulp_repo_ubuntu_cloud_archive_version }}" -stackhpc_repo_docker_ce_ubuntu_noble_version: "{{ stackhpc_pulp_repo_docker_ce_ubuntu_noble_version }}" +# Minor versions for stackhpc_repo_rocky_X_* repos are derived from +# stackhpc_pulp_repo_rocky_X_minor_version in etc/kayobe/pulp.yml +stackhpc_repo_almalinux_9_proxysql_2_7_version: "{{ stackhpc_pulp_repo_almalinux_9_proxysql_2_7_version }}" +stackhpc_repo_centos_stream_10_docker_version: "{{ stackhpc_pulp_repo_multiarch_centos_stream_10_docker_version }}" +stackhpc_repo_centos_stream_10_nfv_openvswitch_version: "{{ stackhpc_pulp_repo_multiarch_centos_stream_10_nfv_openvswitch_version }}" +stackhpc_repo_centos_stream_10_openstack_epoxy_version: "{{ stackhpc_pulp_repo_multiarch_centos_stream_10_openstack_epoxy_version }}" +stackhpc_repo_centos_stream_10_ovn_lts_version: "{{ stackhpc_pulp_repo_multiarch_centos_stream_10_ovn_lts_version }}" +stackhpc_repo_centos_stream_10_storage_ceph_squid_version: "{{ stackhpc_pulp_repo_multiarch_centos_stream_10_storage_ceph_squid_version }}" +stackhpc_repo_centos_stream_9_docker_version: "{{ stackhpc_pulp_repo_multiarch_centos_stream_9_docker_version }}" stackhpc_repo_centos_stream_9_nfv_openvswitch_version: "{{ stackhpc_pulp_repo_multiarch_centos_stream_9_nfv_openvswitch_version }}" stackhpc_repo_centos_stream_9_openstack_epoxy_version: "{{ stackhpc_pulp_repo_multiarch_centos_stream_9_openstack_epoxy_version }}" stackhpc_repo_centos_stream_9_opstools_version: "{{ stackhpc_pulp_repo_multiarch_centos_stream_9_opstools_version }}" stackhpc_repo_centos_stream_9_storage_ceph_squid_version: "{{ stackhpc_pulp_repo_multiarch_centos_stream_9_storage_ceph_squid_version }}" -stackhpc_repo_centos_stream_9_docker_version: "{{ stackhpc_pulp_repo_multiarch_centos_stream_9_docker_version }}" -stackhpc_repo_rhel_9_treasuredata_5_version: "{{ stackhpc_pulp_repo_multiarch_rhel_9_treasuredata_5_version }}" -stackhpc_repo_rhel_9_mariadb_10_11_version: "{{ stackhpc_pulp_repo_multiarch_rhel_9_mariadb_10_11_version }}" -stackhpc_repo_rhel_9_influxdb_version: "{{ stackhpc_pulp_repo_multiarch_rhel_9_influxdb_version }}" +stackhpc_repo_docker_ce_ubuntu_noble_version: "{{ stackhpc_pulp_repo_docker_ce_ubuntu_noble_version }}" +stackhpc_repo_epel_10_version: "{{ stackhpc_pulp_repo_multiarch_epel_10_version }}" stackhpc_repo_epel_9_version: "{{ stackhpc_pulp_repo_multiarch_epel_9_version }}" +stackhpc_repo_grafana_version: "{{ stackhpc_pulp_repo_grafana_version }}" stackhpc_repo_opensearch_2_x_version: "{{ stackhpc_pulp_repo_opensearch_2_x_version }}" stackhpc_repo_opensearch_dashboards_2_x_version: "{{ stackhpc_pulp_repo_opensearch_dashboards_2_x_version }}" -stackhpc_repo_almalinux_9_proxysql_2_7_version: "{{ stackhpc_pulp_repo_almalinux_9_proxysql_2_7_version }}" -## Use derived vars from etc/kayobe/pulp.yml to switch between -## minor Rocky versions using stackhpc_pulp_repo_rocky_x_minor_version -stackhpc_repo_rocky_9_baseos_version: "{{ stackhpc_pulp_repo_rocky_9_baseos_version }}" +stackhpc_repo_rhel_10_mariadb_10_11_version: "{{ stackhpc_pulp_repo_multiarch_rhel_10_mariadb_10_11_version }}" +stackhpc_repo_rhel_9_influxdb_version: "{{ stackhpc_pulp_repo_multiarch_rhel_9_influxdb_version }}" +stackhpc_repo_rhel_9_mariadb_10_11_version: "{{ stackhpc_pulp_repo_multiarch_rhel_9_mariadb_10_11_version }}" +stackhpc_repo_rhel_9_treasuredata_5_version: "{{ stackhpc_pulp_repo_multiarch_rhel_9_treasuredata_5_version }}" +stackhpc_repo_rhel10_doca_version: "{{ stackhpc_pulp_repo_rhel10_doca_version }}" +stackhpc_repo_rhel9_doca_version: "{{ stackhpc_pulp_repo_rhel9_doca_version }}" +stackhpc_repo_rhel9_rabbitmq_erlang_26_version: "{{ stackhpc_pulp_repo_multiarch_rhel9_rabbitmq_erlang_26_version }}" +stackhpc_repo_rhel9_rabbitmq_erlang_27_version: "{{ stackhpc_pulp_repo_multiarch_rhel9_rabbitmq_erlang_27_version }}" +stackhpc_repo_rhel9_rabbitmq_erlang_version: "{{ stackhpc_pulp_repo_multiarch_rhel9_rabbitmq_erlang_version }}" +stackhpc_repo_rhel9_rabbitmq_server_version: "{{ stackhpc_pulp_repo_rhel9_rabbitmq_server_version }}" +stackhpc_repo_rocky_10_appstream_version: "{{ stackhpc_pulp_repo_rocky_10_appstream_version }}" +stackhpc_repo_rocky_10_baseos_version: "{{ stackhpc_pulp_repo_rocky_10_baseos_version }}" +stackhpc_repo_rocky_10_crb_version: "{{ stackhpc_pulp_repo_rocky_10_crb_version }}" +stackhpc_repo_rocky_10_extras_version: "{{ stackhpc_pulp_repo_rocky_10_extras_version }}" +stackhpc_repo_rocky_10_highavailability_version: "{{ stackhpc_pulp_repo_rocky_10_highavailability_version }}" +stackhpc_repo_rocky_10_security_version: "{{ stackhpc_pulp_repo_rocky_10_security_version }}" stackhpc_repo_rocky_9_appstream_version: "{{ stackhpc_pulp_repo_rocky_9_appstream_version }}" -stackhpc_repo_rocky_9_extras_version: "{{ stackhpc_pulp_repo_rocky_9_extras_version }}" +stackhpc_repo_rocky_9_baseos_version: "{{ stackhpc_pulp_repo_rocky_9_baseos_version }}" stackhpc_repo_rocky_9_crb_version: "{{ stackhpc_pulp_repo_rocky_9_crb_version }}" +stackhpc_repo_rocky_9_extras_version: "{{ stackhpc_pulp_repo_rocky_9_extras_version }}" stackhpc_repo_rocky_9_highavailability_version: "{{ stackhpc_pulp_repo_rocky_9_highavailability_version }}" stackhpc_repo_rocky_9_security_version: "{{ stackhpc_pulp_repo_rocky_9_security_version }}" stackhpc_repo_rocky_9_sig_security_common_version: "{{ stackhpc_pulp_repo_multiarch_rocky_9_sig_security_common_version }}" +stackhpc_repo_ubuntu_cloud_archive_version: "{{ stackhpc_pulp_repo_ubuntu_cloud_archive_version }}" +stackhpc_repo_ubuntu_noble_security_version: "{{ stackhpc_pulp_repo_ubuntu_noble_security_version }}" +stackhpc_repo_ubuntu_noble_version: "{{ stackhpc_pulp_repo_ubuntu_noble_version }}" # Rocky-and-CI-specific Pulp urls stackhpc_include_os_minor_version_in_repo_url: true diff --git a/releasenotes/notes/rocky-10-multinode-cbcb0f38859626e7.yaml b/releasenotes/notes/rocky-10-multinode-cbcb0f38859626e7.yaml new file mode 100644 index 0000000000..afdeff37be --- /dev/null +++ b/releasenotes/notes/rocky-10-multinode-cbcb0f38859626e7.yaml @@ -0,0 +1,11 @@ +--- +features: + - | + The ``ci-multinode`` environment has been updated to support multinode + testing with Rocky 10. + - | + cephadm deployment now supported in Rocky 10; The cephadm collection has + been bumped to 1.22.1 which updates the Ceph repository URL for Squid on + Rocky 10. The Rocky crypto policy in use during Ceph deployment is required + to be downgraded to LEGACY in order to use Ceph's release signing key. The + policy is reverted after deployment or on deployment failure.