From efdc68b51370fa77e2279e33e5b0cd6c568fd249 Mon Sep 17 00:00:00 2001
From: Pierre Riteau <pierre@stackhpc.com>
Date: Tue, 20 May 2025 10:41:05 +0200
Subject: [PATCH 1/3] [release] Synchronise with kayobe for 2025.1

Change-Id: Id0a953f4f1f05654edc6dff5d7f93bb066947148
---
 etc/kayobe/apt.yml              |  2 +
 etc/kayobe/compute.yml          | 19 +++++++-
 etc/kayobe/container-engine.yml | 80 +++++++++++++++++++++++++++++++++
 etc/kayobe/docker.yml           | 43 ------------------
 etc/kayobe/globals.yml          |  5 +++
 etc/kayobe/inventory/groups     |  4 +-
 etc/kayobe/ipa.yml              |  5 ++-
 etc/kayobe/kolla.yml            | 13 ++++--
 etc/kayobe/openstack.yml        |  4 +-
 etc/kayobe/time.yml             | 14 ++++++
 10 files changed, 136 insertions(+), 53 deletions(-)
 create mode 100644 etc/kayobe/container-engine.yml
 delete mode 100644 etc/kayobe/docker.yml

diff --git a/etc/kayobe/apt.yml b/etc/kayobe/apt.yml
index 9302675c3..4027d4365 100644
--- a/etc/kayobe/apt.yml
+++ b/etc/kayobe/apt.yml
@@ -27,6 +27,8 @@
 #apt_keys:
 
 # A list of Apt repositories. Each item is a dict with the following keys:
+# * name: the <name>.sources filename part. Optional. Default is 'kayobe' and
+#   the default filename is 'kayobe.sources'.
 # * types: whitespace-separated list of repository types, e.g. deb or deb-src
 #   (optional, default is 'deb')
 # * url: URL of the repository
diff --git a/etc/kayobe/compute.yml b/etc/kayobe/compute.yml
index c1ebf4bbc..5572bbe00 100644
--- a/etc/kayobe/compute.yml
+++ b/etc/kayobe/compute.yml
@@ -76,7 +76,9 @@
 #compute_lvm_groups_extra:
 
 # Whether a 'data' LVM volume group should exist on compute hosts. By default
-# this contains a 'docker-volumes' logical volume for Docker volume storage.
+# this contains a 'docker-volumes' logical volume for container volume storage
+# if using the docker container engine, or a 'podman-volumes' logical volume
+# for container volume storage if using the podman container engine.
 # Default is false.
 #compute_lvm_group_data_enabled:
 
@@ -88,18 +90,33 @@
 # invalid value to require configuration.
 #compute_lvm_group_data_disks:
 
+# List of LVM logical volumes for the data volume group when using docker.
+#compute_lvm_group_data_docker_lvs:
+
+# List of LVM logical volumes for the data volume group when using podman.
+#compute_lvm_group_data_podman_lvs:
+
 # List of LVM logical volumes for the data volume group.
 #compute_lvm_group_data_lvs:
 
 # Docker volumes LVM backing volume.
 #compute_lvm_group_data_lv_docker_volumes:
 
+# Podman volumes LVM backing volume.
+#compute_lvm_group_data_lv_podman_volumes:
+
 # Size of docker volumes LVM backing volume.
 #compute_lvm_group_data_lv_docker_volumes_size:
 
 # Filesystem for docker volumes LVM backing volume. ext4 allows for shrinking.
 #compute_lvm_group_data_lv_docker_volumes_fs:
 
+# Size of podman volumes LVM backing volume.
+#compute_lvm_group_data_lv_podman_volumes_size:
+
+# Filesystem for podman volumes LVM backing volume. ext4 allows for shrinking.
+#compute_lvm_group_data_lv_podman_volumes_fs:
+
 ###############################################################################
 # Compute node sysctl configuration.
 
diff --git a/etc/kayobe/container-engine.yml b/etc/kayobe/container-engine.yml
new file mode 100644
index 000000000..8bb696819
--- /dev/null
+++ b/etc/kayobe/container-engine.yml
@@ -0,0 +1,80 @@
+---
+###############################################################################
+# Container engine configuration
+
+# Configures the container engine. Default is 'docker'.
+#container_engine:
+
+# Path to container volumes. Default is '{{ podman_volumes_path }}' if
+# 'container_engine' is set to podman, otherwise '{{ docker_volumes_path }}'.
+#container_engine_volumes_path:
+
+###############################################################################
+# Docker configuration.
+
+# Name of the docker storage driver. Default is 'overlay2'.
+#docker_storage_driver:
+
+# Name of the docker storage LVM volume group.
+#docker_storage_volume_group:
+
+# Name of the docker storage data LVM volume.
+#docker_storage_volume_thinpool:
+
+# Size of the docker storage data LVM volume (see lvol module size argument).
+#docker_storage_volume_thinpool_size:
+
+# Name of the docker storage metadata LVM volume.
+#docker_storage_volume_thinpool_meta:
+
+# Size of the docker storage metadata LVM volume (see lvol module size
+# argument).
+#docker_storage_volume_thinpool_meta_size:
+
+# URL of docker registry
+#docker_registry:
+
+# Whether docker should be configured to use an insecure registry.
+# Default is false, unless docker_registry_enabled is true and
+# docker_registry_enable_tls is false.
+#docker_registry_insecure:
+
+# CA of docker registry
+#docker_registry_ca:
+
+# List of Docker registry mirrors.
+#docker_registry_mirrors:
+
+# Enable live-restore on docker daemon
+#docker_daemon_live_restore:
+
+# Path to docker runtime directory. Default is "", which means to use the
+# default location: '/var/lib/docker'.
+#docker_runtime_directory:
+
+# Path to docker volumes. Default is '{{ docker_runtime_directory |
+# default('/var/lib/docker', true) ~ '/volumes' }}"'.
+#docker_volumes_path:
+
+###############################################################################
+# Podman configuration.
+
+# URL of podman container registry
+#podman_registry:
+
+# Whether podman should be configured to use an insecure registry.
+# Default is false, unless docker_registry_enabled is true and
+# docker_registry_enable_tls is false.
+#podman_registry_insecure:
+
+# Path to podman runtime directory. Default is None, which means to use the
+# default location: '/var/lib/containers/storage'.
+#podman_runtime_directory:
+
+# Path to podman volumes. Default is '{{ podman_runtime_directory |
+# default('/var/lib/containers/storage', true) ~ '/volumes' }}"'.
+#podman_volumes_path:
+
+###############################################################################
+# Dummy variable to allow Ansible to accept this file.
+workaround_ansible_issue_8743: yes
diff --git a/etc/kayobe/docker.yml b/etc/kayobe/docker.yml
deleted file mode 100644
index ba3f22c9a..000000000
--- a/etc/kayobe/docker.yml
+++ /dev/null
@@ -1,43 +0,0 @@
----
-###############################################################################
-# Docker configuration.
-
-# Name of the docker storage driver. Default is 'overlay2'.
-#docker_storage_driver:
-
-# Name of the docker storage LVM volume group.
-#docker_storage_volume_group:
-
-# Name of the docker storage data LVM volume.
-#docker_storage_volume_thinpool:
-
-# Size of the docker storage data LVM volume (see lvol module size argument).
-#docker_storage_volume_thinpool_size:
-
-# Name of the docker storage metadata LVM volume.
-#docker_storage_volume_thinpool_meta:
-
-# Size of the docker storage metadata LVM volume (see lvol module size
-# argument).
-#docker_storage_volume_thinpool_meta_size:
-
-# URL of docker registry
-#docker_registry:
-
-# Whether docker should be configured to use an insecure registry.
-# Default is false, unless docker_registry_enabled is true and
-# docker_registry_enable_tls is false.
-#docker_registry_insecure:
-
-# CA of docker registry
-#docker_registry_ca:
-
-# List of Docker registry mirrors.
-#docker_registry_mirrors:
-
-# Enable live-restore on docker daemon
-#docker_daemon_live_restore:
-
-###############################################################################
-# Dummy variable to allow Ansible to accept this file.
-workaround_ansible_issue_8743: yes
diff --git a/etc/kayobe/globals.yml b/etc/kayobe/globals.yml
index 93ebdb4f9..ce4570f39 100644
--- a/etc/kayobe/globals.yml
+++ b/etc/kayobe/globals.yml
@@ -68,6 +68,11 @@
 # equivalent to a value of 100.
 #kayobe_max_fail_percentage:
 
+# Whether or not we should try and escalate privileges on the control host.
+# This allows us to install packages and create arbitrary directories that our
+# user would not normally have permission to create. Default is true.
+#kayobe_control_host_become:
+
 ###############################################################################
 # Dummy variable to allow Ansible to accept this file.
 workaround_ansible_issue_8743: yes
diff --git a/etc/kayobe/inventory/groups b/etc/kayobe/inventory/groups
index 645a550b5..a870bc8b5 100644
--- a/etc/kayobe/inventory/groups
+++ b/etc/kayobe/inventory/groups
@@ -65,8 +65,8 @@ vgpu
 ###############################################################################
 # Service groups.
 
-[docker:children]
-# Hosts in this group will have Docker installed.
+[container-engine:children]
+# Hosts in this group will have Docker/Podman installed.
 seed
 controllers
 network
diff --git a/etc/kayobe/ipa.yml b/etc/kayobe/ipa.yml
index 0138c6c44..00a9b9e97 100644
--- a/etc/kayobe/ipa.yml
+++ b/etc/kayobe/ipa.yml
@@ -23,9 +23,10 @@
 #ipa_build_dib_host_packages_extra:
 
 # List of default Diskimage Builder (DIB) elements to use when building IPA
-# images. Default is ["centos", "enable-serial-console",
+# images. Default is ["centos", "dynamic-login", "enable-serial-console",
 # "ironic-python-agent-ramdisk"] when os_distribution is "rocky", and
-# ["ubuntu", "enable-serial-console", "ironic-python-agent-ramdisk"] otherwise.
+# ["ubuntu", "dynamic-login", "enable-serial-console",
+# "ironic-python-agent-ramdisk"] otherwise.
 #ipa_build_dib_elements_default:
 
 # List of additional Diskimage Builder (DIB) elements to use when building IPA
diff --git a/etc/kayobe/kolla.yml b/etc/kayobe/kolla.yml
index 827c60712..929fc6d31 100644
--- a/etc/kayobe/kolla.yml
+++ b/etc/kayobe/kolla.yml
@@ -267,6 +267,10 @@
 # Primary group of Kolla SSH user. Default is 'kolla'.
 #kolla_ansible_group:
 
+# Whether to use privilege escalation for operations on the control host.
+# Default is {{ kayobe_control_host_become }}.
+#kolla_ansible_control_host_become:
+
 # Whether to use privilege escalation for all operations performed via Kolla
 # Ansible. Default is 'false'.
 #kolla_ansible_become:
@@ -291,6 +295,7 @@
 #kolla_enable_ceph_rgw_loadbalancer:
 #kolla_enable_cinder:
 #kolla_enable_cinder_backend_iscsi:
+#kolla_enable_cinder_backend_lightbits:
 #kolla_enable_cinder_backend_lvm:
 #kolla_enable_cinder_backend_nfs:
 #kolla_enable_cinder_backend_pure_fc:
@@ -338,10 +343,13 @@
 #kolla_enable_horizon_octavia:
 #kolla_enable_horizon_tacker:
 #kolla_enable_horizon_trove:
+#kolla_enable_horizon_venus:
 #kolla_enable_horizon_watcher:
 #kolla_enable_horizon_zun:
 #kolla_enable_influxdb:
 #kolla_enable_ironic:
+#kolla_enable_ironic_dnsmasq:
+#kolla_enable_ironic_inspector:
 #kolla_enable_ironic_neutron_agent:
 #kolla_enable_ironic_prometheus_exporter:
 #kolla_enable_iscsid:
@@ -356,6 +364,7 @@
 #kolla_enable_manila:
 #kolla_enable_manila_backend_cephfs_native:
 #kolla_enable_manila_backend_cephfs_nfs:
+#kolla_enable_manila_backend_flashblade:
 #kolla_enable_manila_backend_generic:
 #kolla_enable_manila_backend_glusterfs_nfs:
 #kolla_enable_manila_backend_hnas:
@@ -402,6 +411,7 @@
 #kolla_enable_openvswitch:
 #kolla_enable_osprofiler:
 #kolla_enable_ovn:
+#kolla_enable_ovn_sb_db_relay:
 #kolla_enable_ovs_dpdk:
 #kolla_enable_placement:
 #kolla_enable_prometheus:
@@ -427,9 +437,6 @@
 #kolla_enable_rabbitmq:
 #kolla_enable_redis:
 #kolla_enable_skyline:
-#kolla_enable_swift:
-#kolla_enable_swift_recon:
-#kolla_enable_swift_s3api:
 #kolla_enable_tacker:
 #kolla_enable_telegraf:
 #kolla_enable_trove:
diff --git a/etc/kayobe/openstack.yml b/etc/kayobe/openstack.yml
index 1acfd0756..081e4be24 100644
--- a/etc/kayobe/openstack.yml
+++ b/etc/kayobe/openstack.yml
@@ -2,10 +2,10 @@
 ###############################################################################
 # OpenStack release configuration.
 
-# Name of the current OpenStack release. Default is "master".
+# Name of the current OpenStack release. Default is "2025.1".
 #openstack_release:
 
-# Name of the current OpenStack branch. Default is "master".
+# Name of the current OpenStack branch. Default is "stable/2025.1".
 #openstack_branch:
 
 ###############################################################################
diff --git a/etc/kayobe/time.yml b/etc/kayobe/time.yml
index 8bfbd3391..652844c8d 100644
--- a/etc/kayobe/time.yml
+++ b/etc/kayobe/time.yml
@@ -33,6 +33,20 @@
 # Synchronise hardware clock with system time. Default is true.
 #chrony_rtcsync_enabled:
 
+# Force synchronisation from NTP sources. This methods may jump the clock by
+# large values which can cause issues with some software. Disabled by default.
+#ntp_force_sync:
+
+# Maximum number of tries used by the `chronyc waitsync` command. Only used
+# when ntp_force_sync is true. Default is 60 which waits for a maximum of 10
+# minutes (60 times 10 seconds).
+#chrony_waitsync_max_tries:
+
+# Maximum correction used by the `chronyc waitsync` command. Only used when
+# ntp_force_sync is true. Default is 0.01 which waits for the remaining
+# correction to be less than 10 milliseconds.
+#chrony_waitsync_max_correction:
+
 ###############################################################################
 # Dummy variable to allow Ansible to accept this file.
 workaround_ansible_issue_8743: yes

From bcdb518dbdaceb0a065afdc26e53a612250f5440 Mon Sep 17 00:00:00 2001
From: OpenStack Release Bot <infra-root@openstack.org>
Date: Tue, 20 May 2025 13:52:12 +0000
Subject: [PATCH 2/3] Update .gitreview for stable/2025.1

Change-Id: I409e99237281e79597cbe066658a958b70a5e7dd
---
 .gitreview | 1 +
 1 file changed, 1 insertion(+)

diff --git a/.gitreview b/.gitreview
index b9adc8dd9..fc87ae85d 100644
--- a/.gitreview
+++ b/.gitreview
@@ -2,3 +2,4 @@
 host=review.opendev.org
 port=29418
 project=openstack/kayobe-config.git
+defaultbranch=stable/2025.1

From 720e492d9ce32c77b17ff3278748ac3f80284285 Mon Sep 17 00:00:00 2001
From: OpenStack Release Bot <infra-root@openstack.org>
Date: Tue, 20 May 2025 13:52:14 +0000
Subject: [PATCH 3/3] Update TOX_CONSTRAINTS_FILE for stable/2025.1

Update the URL to the upper-constraints file to point to the redirect
rule on releases.openstack.org so that anyone working on this branch
will switch to the correct upper-constraints list automatically when
the requirements repository branches.

Until the requirements repository has as stable/2025.1 branch, tests will
continue to use the upper-constraints list on master.

Change-Id: I6ddd3db536c3bf24d9fd1dd115795473908bde23
---
 tox.ini | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/tox.ini b/tox.ini
index 47adec2e2..5b21f4185 100644
--- a/tox.ini
+++ b/tox.ini
@@ -6,7 +6,7 @@ skipsdist = True
 [testenv]
 install_command = pip install {opts} {packages}
 deps =
-    -c{env:TOX_CONSTRAINTS_FILE:https://releases.openstack.org/constraints/upper/master}
+    -c{env:TOX_CONSTRAINTS_FILE:https://releases.openstack.org/constraints/upper/2025.1}
     -r{toxinidir}/test-requirements.txt
 
 [testenv:pep8]