Merge branch 'main' into feat/extend-ood

Author: bertiethorpe

.github/workflows/extra.yml

@@ -43,6 +43,7 @@ jobs:
       OS_CLOUD: openstack
       CI_CLOUD: ${{ vars.CI_CLOUD }} # default from repo settings
       ARK_PASSWORD: ${{ secrets.ARK_PASSWORD }}
+      PACKER_GITHUB_API_TOKEN: ${{ secrets.GITHUB_TOKEN }}
 
     steps:
       - uses: actions/checkout@v2
@@ -95,7 +96,7 @@ jobs:
           . environments/.stackhpc/activate
           cd packer/
           packer init .
-          
+
           PACKER_LOG=1 packer build \
           -on-error=${{ vars.PACKER_ON_ERROR }} \
           -var-file=$PKR_VAR_environment_root/${{ env.CI_CLOUD }}.pkrvars.hcl \
@@ -104,7 +105,7 @@ jobs:
           -var "inventory_groups=${{ matrix.build.inventory_groups }}" \
           -var "volume_size=${{ matrix.build.volume_size }}" \
           openstack.pkr.hcl
-        
+
       - name: Get created image names from manifest
         id: manifest
         run: |

.github/workflows/fatimage.yml

@@ -39,6 +39,7 @@ jobs:
       CI_CLOUD: ${{ github.event.inputs.ci_cloud }}
       ARK_PASSWORD: ${{ secrets.ARK_PASSWORD }}
       LEAFCLOUD_PULP_PASSWORD: ${{ secrets.LEAFCLOUD_PULP_PASSWORD }}
+      PACKER_GITHUB_API_TOKEN: ${{ secrets.GITHUB_TOKEN }}
 
     steps:
       - uses: actions/checkout@v2

.github/workflows/nightlybuild.yml

@@ -36,6 +36,7 @@ jobs:
       CI_CLOUD: ${{ github.event.inputs.ci_cloud || vars.CI_CLOUD }}
       ARK_PASSWORD: ${{ secrets.ARK_PASSWORD }}
       LEAFCLOUD_PULP_PASSWORD: ${{ secrets.LEAFCLOUD_PULP_PASSWORD }}
+      PACKER_GITHUB_API_TOKEN: ${{ secrets.GITHUB_TOKEN }}
 
     steps:
       - uses: actions/checkout@v2

ansible/cleanup.yml

@@ -71,12 +71,12 @@
   vars:
     image_info:
       branch: "{{ lookup('pipe', 'git rev-parse --abbrev-ref HEAD') }}"
-      build: "{{  ansible_nodename | split('.') | first }}" # hostname is image name, which contains build info
+      build: "{{ ansible_nodename | split('.') | first }}" # hostname is image name, which contains build info
       os: "{{ ansible_distribution }} {{ ansible_distribution_version }}"
       kernel: "{{ ansible_kernel }}"
       ofed: "{{ ansible_facts.packages['mlnx-ofa_kernel'].0.version | default('-') }}"
       doca: "{{ ansible_facts.packages[doca_profile | default('doca-ofed') ].0.version | default('-') }}"
-      cuda:  "{{ ansible_facts.packages['cuda'].0.version | default('-') }}"
+      cuda: "{{ ansible_facts.packages['cuda-toolkit'].0.version | default('-') }}"
       slurm-ohpc: "{{ ansible_facts.packages['slurm-ohpc'].0.version | default('-') }}"
 
 - name: Show image summary

docs/operations.md

@@ -74,6 +74,7 @@ By default, the following utility packages are installed during the StackHPC ima
 - postfix
 - git
 - latest python version for system (3.6 for for Rocky 8.9 and 3.12 for Rocky 9.4)
+- s-nail
 
 Additional packages can be added during image builds by:
 - adding the `extra_packages` group to the build `inventory_groups` (see

docs/production.md

@@ -48,21 +48,28 @@ and referenced from the `site` and `production` environments, e.g.:
 
     ```
     ...
+    variable "environment_root" {
+      type = string
+      description = "Path to environment root, automatically set by activate script"
+    }
+
     module "cluster" {
         source = "../../site/tofu/"
+        environment_root = var.environment_root
 
         cluster_name = "foo"
         ...
     }
     ```
 
     Note that:
-        - Environment-specific variables (`cluster_name`) should be hardcoded
-          into the cluster module block.
-        - Environment-independent variables (e.g. maybe `cluster_net` if the
-          same is used for staging and production) should be set as *defaults*
-          in `environments/site/tofu/variables.tf`, and then don't need to
-          be passed in to the module.
+    
+    - Environment-specific variables (`cluster_name`) should be hardcoded
+      into the cluster module block.
+    - Environment-independent variables (e.g. maybe `cluster_net` if the
+      same is used for staging and production) should be set as *defaults*
+      in `environments/site/tofu/variables.tf`, and then don't need to
+      be passed in to the module.
 
 - Vault-encrypt secrets. Running the `generate-passwords.yml` playbook creates
   a secrets file at `environments/$ENV/inventory/group_vars/all/secrets.yml`.
@@ -120,22 +127,14 @@ and referenced from the `site` and `production` environments, e.g.:
   set the "attach" options and run `tofu apply` again - this should show there
   are no changes planned.
 
-- Enable `etc_hosts` templating:
-
-    ```yaml
-    # environments/site/inventory/groups:
-    [etc_hosts:children]
-    cluster
-    ```
-
 - Configure Open OnDemand - see [specific documentation](openondemand.md).
 
 - Remove the `demo_user` user from `environments/$ENV/inventory/group_vars/all/basic_users.yml`
 
 - Consider whether having (read-only) access to Grafana without login is OK. If not, remove `grafana_auth_anonymous` in `environments/$ENV/inventory/group_vars/all/grafana.yml`
 
-- If floating IPs are required for login nodes, modify the OpenTofu configurations
-  appropriately.
+- If floating IPs are required for login nodes, create these in OpenStack and add the IPs into
+  the OpenTofu `login` definition.
 
 - Consider whether mapping of baremetal nodes to ironic nodes is required. See
   [PR 485](https://github.com/stackhpc/ansible-slurm-appliance/pull/485).

environments/.stackhpc/tofu/cluster_image.auto.tfvars.json

@@ -1,6 +1,6 @@
 {
     "cluster_image": {
-        "RL8": "openhpc-RL8-250704-1445-ff88ca4e",
-        "RL9": "openhpc-RL9-250704-1445-ff88ca4e"
+        "RL8": "openhpc-RL8-250708-1502-1494192e",
+        "RL9": "openhpc-RL9-250708-1547-1494192e"
     }
 }

environments/common/inventory/group_vars/all/defaults.yml

@@ -94,6 +94,7 @@ appliances_extra_packages_default:
  - postfix
  - git
  - "{{ 'python36' if ansible_distribution_version == '8.9' else 'python312' }}"
+ - s-nail
 
 appliances_extra_packages_other: []