check_uc_hostname¶
About the role¶
Ansible role to check DockerInsecureRegistryAddress
matches the UC hostname.
The purpose of this validation is mostly target for the FFWD 13 to 16.X procedure.
Customer is expected to follow the step 9.3. Configuring access to the undercloud registry
The customer needs to retrieve the control plane host name on the
undercloud and add it into the DockerInsecureRegistryAddress
.
It might happen that the user misses this step or doesn’t really add
the right control plan host name and then podman
fails to retrieve the
containers.
To summarize what customer is expected to do:
Run
sudo hiera container_image_prepare_node_names
to get host name(s)Edit the containers-prepare-parameter.yaml file and the
DockerInsecureRegistryAddress
parameter with host name and IP of the undercloud.
This validation will:
Pull
DockerInsecureRegistryAddress
(list) from the Openstack environmentRun
sudo hiera container_image_prepare_node_names
Verify the container_image_prepare_node_names returned from
hiera
is contained in theDockerInsecureRegistryAddress
list.
Requirements¶
This role will be executed pre Overcloud Update.
Dependencies¶
No Dependencies
Example Playbook¶
- hosts: servers
vars:
check_uc_hostname_debug: true
roles:
- check_uc_hostname
License¶
Apache
Full Description¶
Role Documentation¶
Welcome to the “check_uc_hostname” role documentation.
Role Defaults¶
This section highlights all of the defaults and variables set within the “check_uc_hostname” role.
# All variables intended for modification should place placed in this file.
# All variables within this role should have a prefix of "check_uc_hostname"
# Debugging mode
check_uc_hostname_debug: false
# Contains the ansible inventory hosts variable,
# which is used to get the hostvars stack (plan) name
check_uc_hostname_inventory_host: undercloud
Molecule Scenarios¶
Molecule is being used to test the “check_uc_hostname” role. The following section highlights the drivers in service and provides an example playbook showing how the role is leveraged.
- Driver: podman
Scenario: default¶
Molecule Platform(s)¶
- name: centos
hostname: centos
image: centos/centos:stream8
registry:
url: quay.io
dockerfile: ../../../../.config/molecule/Dockerfile
pkg_extras: python*-setuptools python*-pyyaml
volumes:
- /etc/ci/mirror_info.sh:/etc/ci/mirror_info.sh:ro
privileged: true
environment:
http_proxy: "{{ lookup('env', 'http_proxy') }}"
https_proxy: "{{ lookup('env', 'https_proxy') }}"
ulimits:
- host
Molecule Inventory¶
hosts:
all:
hosts:
centos:
ansible_python_interpreter: /usr/bin/python3
vars:
plan: qe-Cloud-0
plans: [qe-Cloud-0]
Example default playbook¶
- name: Converge
hosts: all
tasks:
- name: Working 1 - openstack one entry in list
copy:
dest: /usr/bin/openstack
mode: 0755
content: |
#!/bin/bash
echo "{"
echo " \"parameters\": {},"
echo " \"parameter_defaults\": {"
echo " \"DockerInsecureRegistryAddress\": ["
echo " \"undercloud-0.ctlplane.redhat.local:8787\""
echo " ]"
echo " }"
echo "}"
- name: Working 1 - hiera one entry in list
copy:
dest: /usr/bin/hiera
mode: 0755
content: |
#!/bin/bash
echo [\"undercloud-0.ctlplane.redhat.local\"]
exit 0
- name: Test Working 1
include_role:
name: check_uc_hostname
vars:
check_uc_hostname_inventory_host: centos
- name: Working 2 - openstack multiple entry in list
copy:
dest: /usr/bin/openstack
mode: 0755
content: |
#!/bin/bash
echo "{"
echo " \"parameters\": {},"
echo " \"parameter_defaults\": {"
echo " \"DockerInsecureRegistryAddress\": ["
echo " \"undercloud-0.ctlplane.redhat.local:8787\","
echo " \"undercloud-1.ctlplane.redhat.local:8787\","
echo " \"undercloud-2.ctlplane.redhat.local:8787\""
echo " ]"
echo " }"
echo "}"
- name: Working 2 - hiera multiple entry in list
copy:
dest: /usr/bin/hiera
mode: 0755
content: |
#!/bin/bash
echo "["
echo " \"undercloud-0.ctlplane.redhat.local\","
echo " \"undercloud-1.ctlplane.redhat.local\","
echo " \"undercloud-2.ctlplane.redhat.local\""
echo "]"
exit 0
- name: Test Working 2
include_role:
name: check_uc_hostname
vars:
check_uc_hostname_inventory_host: centos
- name: Working 3 - openstack multiple entry in list
copy:
dest: /usr/bin/openstack
mode: 0755
content: |
#!/bin/bash
echo "{"
echo " \"parameters\": {},"
echo " \"parameter_defaults\": {"
echo " \"DockerInsecureRegistryAddress\": ["
echo " \"undercloud-0.ctlplane.redhat.local:8787\","
echo " \"redhat.registry.io:8787\","
echo " \"mysuper-registry.io\","
echo " ]"
echo " }"
echo "}"
- name: Working 3 - hiera single entry in list
copy:
dest: /usr/bin/hiera
mode: 0755
content: |
#!/bin/bash
echo "["
echo " \"undercloud-0.ctlplane.redhat.local\","
echo "]"
exit 0
- name: Test Working 3
include_role:
name: check_uc_hostname
vars:
check_uc_hostname_inventory_host: centos
- name: Working 4 - openstack multiple entry in list
copy:
dest: /usr/bin/openstack
mode: 0755
content: |
#!/bin/bash
echo "{"
echo " \"parameters\": {},"
echo " \"parameter_defaults\": {"
echo " \"DockerInsecureRegistryAddress\": ["
echo " \"BROKENCLOUD-0.ctlplane.redhat.local:8787\","
echo " \"redhat.registry.io:8787\","
echo " \"mysuper-registry.io\","
echo " ]"
echo " }"
echo "}"
- name: Working 4 - we do not fail if hiera returns empty list
copy:
dest: /usr/bin/hiera
mode: 0755
content: |
#!/bin/bash
echo "[]"
exit 0
- name: Test Working 4
include_role:
name: check_uc_hostname
vars:
check_uc_hostname_inventory_host: centos
- name: Failing 1 - we fail if DockerInsecureRegistryAddress is not found
copy:
dest: /usr/bin/openstack
mode: 0755
content: |
#!/bin/bash
echo "{"
echo " \"parameters\": {},"
echo " \"parameter_defaults\": {"
echo " }"
echo "}"
- name: Failing 1 - hiera no entry found
copy:
dest: /usr/bin/hiera
mode: 0755
content: |
#!/bin/bash
exit 0
- name: Failing 1
block:
- include_role:
name: check_uc_hostname
vars:
check_uc_hostname_inventory_host: centos
rescue:
- name: Clear host errors
meta: clear_host_errors
- debug:
msg: The validation Case Failing 1 works! Continuing playbook run...
- name: Failing 2 - openstack multiple entry in list
copy:
dest: /usr/bin/openstack
mode: 0755
content: |
#!/bin/bash
echo "{"
echo " \"parameters\": {},"
echo " \"parameter_defaults\": {"
echo " \"DockerInsecureRegistryAddress\": ["
echo " \"BROKENCLOUD-0.ctlplane.redhat.local:8787\","
echo " \"redhat.registry.io:8787\","
echo " \"mysuper-registry.io\","
echo " ]"
echo " }"
echo "}"
- name: Failing 2 - hiera single entry in list
copy:
dest: /usr/bin/hiera
mode: 0755
content: |
#!/bin/bash
echo "["
echo " \"undercloud-0.ctlplane.redhat.local\","
echo "]"
exit 0
- name: Failing 2
block:
- include_role:
name: check_uc_hostname
vars:
check_uc_hostname_inventory_host: centos
rescue:
- name: Clear host errors
meta: clear_host_errors
- debug:
msg: The validation Case Failing 2 works! Ending playbook run
- name: End play
meta: end_play
- name: Fail the test
fail:
msg: |
The check-uc-hostname validation failed to check that the hostnames
did not match.