Sync with generic openstack-config

.github/workflows/pull-request.yml

@@ -0,0 +1,33 @@
+---
+name: Pull request
+"on":
+  pull_request:
+jobs:
+  lint:
+    runs-on: ubuntu-22.04
+    permissions: {}
+    strategy:
+      fail-fast: false
+      matrix:
+        include:
+          # NOTE(upgrade): Keep these in sync with Kayobe's supported Ansible and Python versions (see release notes).
+          - ansible: "2.16"
+            python: "3.12"
+    name: Ansible ${{ matrix.ansible }} lint with Python ${{ matrix.python }}
+    steps:
+      - name: GitHub Checkout 🛎
+        uses: actions/checkout@v4
+
+      - name: Setup Python ${{ matrix.python-version }} 🐍
+        uses: actions/setup-python@v4
+        with:
+          python-version: ${{ matrix.python }}
+
+      - name: Install dependencies 📦
+        run: |
+          python -m pip install --upgrade pip
+          pip install ansible-core==${{ matrix.ansible }}.* ansible-lint
+
+      - name: Linting code 🧪
+        run: |
+          ansible-lint -v --force-color

README.rst

@@ -3,26 +3,26 @@ OpenStack Configuration
 =============================================
 
 This project contains Ansible playbooks and configuration of infrastructure on
-an existing OpenStack cloud for the OpenStack system. (Supported up to Yoga
-release.)
+an existing OpenStack cloud for the OpenStack system. 
 
 Preparation
 ===========
 
 Ensure that Ansible is installed, either via the system package manager or pip.
-If required, use a virtualenv to avoid interference with the system python
-packages. For example:
+It is recommended that you use a python virtual environment to avoid
+interference with the system python packages. For example:
 
 .. code-block::
 
-   $ virtualenv venv
-   $ source venv/bin/activate
+   $ python3 -m venv openstack-venv
+   $ source openstack-venv/bin/activate
    $ python -m pip install --upgrade pip
    $ pip install -r requirements.txt
 
 Install Ansible role and collection dependencies from Ansible Galaxy:
 
 .. code-block::
+
    $ ansible-galaxy collection install \
        -p ansible/collections \
        -r requirements.yml
@@ -87,10 +87,16 @@ variables in `etc/openstack-config.yml`
 
 .. code-block:: yaml
 
-   magnum_default_master_flavor_name: # Chosen flavor on target cloud
-   magnum_default_worker_flavor_name: # Chosen flavor on target cloud
-   magnum_external_net_name: # External network
-   magnum_loadbalancer_provider: # Octavia provider (e.g. 'ovn')
+   # Chosen flavor on target cloud
+   magnum_default_master_flavor_name:
+   # Chosen flavor on target cloud
+   magnum_default_worker_flavor_name:
+   # External network to use for load balancers etc.
+   magnum_external_net_name:
+   # Octavia provider (e.g. 'ovn')
+   magnum_loadbalancer_provider:
+   # Optional list of extra labels to add to all generated cluster templates
+   magnum_template_extra_labels:
 
 then run the provided playbook with
 

ansible.cfg

@@ -0,0 +1,4 @@
+[defaults]
+bin_ansible_callbacks = True
+callbacks_enabled = ansible.posix.profile_tasks
+stdout_callback = yaml

ansible/generate-magnum-capi-templates.yml

@@ -4,57 +4,59 @@
   vars:
     root_dir: ../
   tasks:
-
-  - name: Check that required variables are defined
-    assert:
-      that:
-        - magnum_default_master_flavor_name is defined
-        - magnum_default_worker_flavor_name is defined
-        - magnum_external_net_name is defined
-        - magnum_loadbalancer_provider is defined
-
-  - name: Fetch capi-helm-charts release information
-    ansible.builtin.uri:
-      url: https://api.github.com/repos/stackhpc/capi-helm-charts/releases/latest
-    register: capi_helm_chart_release_data
-
-  - name: Fetch dependencies.json for capi-helm-charts release
-    ansible.builtin.uri:
-      url: https://raw.githubusercontent.com/stackhpc/capi-helm-charts/{{ capi_helm_chart_release_data.json.tag_name }}/dependencies.json
-    register: dependencies_response
-
-  - name: Ensure wget packages is installed
-    become: true
-    package:
-      name: wget
-      state: present
-
-  - name: Fetch manifest.json for capi-helm-charts images
+    - name: Check that required variables are defined
+      ansible.builtin.assert:
+        that:
+          - magnum_default_master_flavor_name is defined
+          - magnum_default_worker_flavor_name is defined
+          - magnum_external_net_name is defined
+          - magnum_loadbalancer_provider is defined
+
+    - name: Fetch capi-helm-charts release information
+      ansible.builtin.uri:
+        url: https://api.github.com/repos/azimuth-cloud/capi-helm-charts/releases/latest
+      register: capi_helm_chart_release_data
+
+    - name: Fetch dependencies.json for capi-helm-charts release
+      ansible.builtin.uri:
+        url: https://raw.githubusercontent.com/azimuth-cloud/capi-helm-charts/{{ capi_helm_chart_release_data.json.tag_name }}/dependencies.json
+      register: dependencies_response
+
+    - name: Ensure wget packages is installed
+      become: true
+      ansible.builtin.package:
+        name: wget
+        state: present
+
+    - name: Fetch manifest.json for capi-helm-charts images  # noqa command-instead-of-module
     # ansible.builtin.uri:
-    #   url: https://raw.githubusercontent.com/stackhpc/azimuth-images/{{ dependencies_response.json['azimuth-images'] }}/manifest.json
+    #   url: https://raw.githubusercontent.com/azimuth-cloud/azimuth-images/{{ dependencies_response.json['azimuth-images'] }}/manifest.json
     # Above URL returns 404 even though similar URL for capi-helm-charts repo works fine
     # Not sure why but fall back to wget + JSON parsing for now.
-    shell: "wget -O - https://github.com/stackhpc/azimuth-images/releases/download/{{ dependencies_response.json['azimuth-images'] }}/manifest.json"
-    register: manifest_response
-    changed_when: false
-
-  - name: Parse JSON response
-    set_fact:
-      new_template_data: "{{ manifest_response.stdout | from_json | dict2items | selectattr('key', 'match', 'kubernetes*') | list }}"
-
-  - name: Ensure output dir exists
-    ansible.builtin.file:
-      path: "{{ [root_dir, 'generated-magnum-snippets', now(utc=true,fmt='%Y-%m-%d-T%H-%M-%S')] | path_join }}"
-      state: directory
-      mode: '0755'
-    register: output_dir
-
-  - name: Write new image config to file
-    template:
-      src: "magnum-capi-images.j2"
-      dest: "{{ output_dir.path }}/images.yml"
-
-  - name: Write new cluster template config to file
-    template:
-      src: "magnum-capi-templates.j2"
-      dest: "{{ output_dir.path }}/templates.yml"
+      ansible.builtin.command: >-
+        wget -O - https://github.com/azimuth-cloud/azimuth-images/releases/download/{{ dependencies_response.json['azimuth-images'] }}/manifest.json
+      register: manifest_response
+      changed_when: false
+
+    - name: Parse JSON response
+      ansible.builtin.set_fact:
+        new_template_data: "{{ manifest_response.stdout | from_json | dict2items | selectattr('key', 'match', 'kubernetes*') | list }}"
+
+    - name: Ensure output dir exists
+      ansible.builtin.file:
+        path: "{{ [root_dir, 'generated-magnum-snippets', now(utc=true, fmt='%Y-%m-%d-T%H-%M-%S')] | path_join }}"
+        state: directory
+        mode: "0755"
+      register: output_dir
+
+    - name: Write new image config to file
+      ansible.builtin.template:
+        src: "magnum-capi-images.j2"
+        dest: "{{ output_dir.path }}/images.yml"
+        mode: "0644"
+
+    - name: Write new cluster template config to file
+      ansible.builtin.template:
+        src: "magnum-capi-templates.j2"
+        dest: "{{ output_dir.path }}/templates.yml"
+        mode: "0644"

ansible/group_vars/all/openstack

@@ -62,3 +62,26 @@ openstack_host_aggregates: []
 # List of clusters templates in the openstack project. Format is as required by the
 # stackhpc.os-container-clusters role.
 openstack_container_clusters_templates: []
+
+###############################################################################
+# Configuration variables for a CloudKitty ratings service deployment.
+
+# A list where each item is a dictionary mapping the associated fields,
+# with the 'mappings' field also being a list of dictionaries.
+# Example of the mappings and their fields can be found below,
+# however for more information please refer to the README.md file.
+#
+openstack_ratings_hashmap_field_mappings: []
+
+# Much like the field mappings above, the service mappings are a list of
+# dictionaries, however these are not associated with a field.
+#
+openstack_ratings_hashmap_service_mappings: []
+
+###############################################################################
+# Configuration of volumes for OpenStack.
+openstack_volumes_types: []
+
+###############################################################################
+# Configuration of Cloudkitty for OpenStack.
+openstack_cloudkitty_enable: false

ansible/openstack-ratings.yml

@@ -0,0 +1,10 @@
+---
+- name: Generate OpenStack software ratings
+  hosts: localhost
+  tags:
+    - ratings
+  roles:
+    - role: stackhpc.openstack.os_ratings
+      os_ratings_hashmap_field_mappings: "{{ openstack_ratings_hashmap_field_mappings }}"
+      os_ratings_hashmap_service_mappings: "{{ openstack_ratings_hashmap_service_mappings }}"
+      os_ratings_venv: "{{ openstack_venv }}"

ansible/openstack-volume-types.yml

@@ -0,0 +1,12 @@
+---
+- name: Ensure OpenStack volume types exist
+  hosts: localhost
+  tags:
+    - volume-types
+  roles:
+    - role: stackhpc.openstack.os_volumes
+      os_volumes_venv: "{{ openstack_venv }}"
+      os_volumes_auth_type: "{{ openstack_auth_type }}"
+      os_volumes_auth: "{{ openstack_auth }}"
+      os_volumes_cacert: "{{ openstack_cacert }}"
+      os_volumes_types: "{{ openstack_volumes_types }}"

ansible/openstack.yml

@@ -1,8 +1,12 @@
 ---
 # Top level playbook that includes all others.
-- import_playbook: openstack-project.yml
-- import_playbook: openstack-networks.yml
-- import_playbook: openstack-flavors.yml
-- import_playbook: openstack-images.yml
-- import_playbook: openstack-host-aggregates.yml
-- import_playbook: openstack-container-clusters.yml
+
+- import_playbook: openstack-project.yml  # noqa name[play]
+- import_playbook: openstack-networks.yml  # noqa name[play]
+- import_playbook: openstack-flavors.yml  # noqa name[play]
+- import_playbook: openstack-images.yml  # noqa name[play]
+- import_playbook: openstack-host-aggregates.yml  # noqa name[play]
+- import_playbook: openstack-volume-types.yml  # noqa name[play]
+- import_playbook: openstack-container-clusters.yml  # noqa name[play]
+- import_playbook: openstack-ratings.yml  # noqa name[play]
+  when: openstack_cloudkitty_enable | bool

ansible/templates/magnum-capi-images.j2

@@ -15,10 +15,10 @@
   name: "{{ item.value.name }}"
   type: qcow2
   image_url: "{{ item.value.url }}"
-  visibility: "community"
+  visibility: "public"
   properties:
     os_distro: "ubuntu"
-    os_version: "20.04"
+    os_version: "22.04"
     kube_version: "{{ item.value.kubernetes_version }}"
 
 {% endfor %}

ansible/templates/magnum-capi-templates.j2

@@ -16,6 +16,9 @@
     keystone_auth_enabled: "false"
     capi_helm_chart_version: "{{ capi_helm_chart_release_data.json.tag_name }}"
     octavia_provider: {{ magnum_loadbalancer_provider }}
+{% if magnum_template_extra_labels is defined and magnum_template_extra_labels is not none %}
+    {{ magnum_template_extra_labels | to_nice_yaml | indent(4) -}}
+{% endif %}
   external_network_id: {{ magnum_external_net_name }}
   master_flavor: {{ magnum_default_master_flavor_name }}
   flavor: {{ magnum_default_worker_flavor_name }}
@@ -28,4 +31,4 @@
   dns_nameserver: "{{ (magnum_cluster_default_dns_nameservers | default(['1.1.1.1', '8.8.8.8', '8.8.4.4'])) | join(',') }}"
   public: "{{ magnum_cluster_templates_public | default('True') }}"
 
-{% endfor %}
+{% endfor %}