From e4fd6fb22b9428da747a488720cb3c42757902fc Mon Sep 17 00:00:00 2001 From: Pierre Riteau Date: Tue, 9 Dec 2025 21:52:23 +0100 Subject: [PATCH 1/2] CI: Ensure firewalld is unmasked Recent nodepool images are masking the firewalld service [1], but we need it for host configure jobs. [1] https://review.opendev.org/c/opendev/zuul-providers/+/967962 Change-Id: Ic72f2e3a262d6491da8bc39de19e23c3acbedf89 Signed-off-by: Pierre Riteau (cherry picked from commit 3c2cf92507ca0a493d1454b34dcc47f2673f830b) --- playbooks/kayobe-overcloud-host-configure-base/pre.yml | 6 ++++++ 1 file changed, 6 insertions(+) diff --git a/playbooks/kayobe-overcloud-host-configure-base/pre.yml b/playbooks/kayobe-overcloud-host-configure-base/pre.yml index 58603157a..5a3cbdb06 100644 --- a/playbooks/kayobe-overcloud-host-configure-base/pre.yml +++ b/playbooks/kayobe-overcloud-host-configure-base/pre.yml @@ -54,3 +54,9 @@ become: true loop: "{{ range(2, 8) | list }}" when: ansible_facts.os_family == 'Debian' + + - name: Ensure firewalld is unmasked + ansible.builtin.systemd_service: + name: firewalld + masked: false + become: true From 78d21cad1148bde59eec03f81e0564dd441be216 Mon Sep 17 00:00:00 2001 From: Pierre Riteau Date: Mon, 1 Dec 2025 10:13:26 +0100 Subject: [PATCH 2/2] Fix Bifrost host variable file generation In deployments without an IPv4 gateway defined, for example when behind a proxy, Bifrost host variable file generation was failing. Fix by allowing ipv4_gateway to be set to an empty string, which is supported in Bifrost. Closes-Bug: #2133489 Change-Id: I988810541b4620ac196d216bf54896a774282fdd Signed-off-by: Pierre Riteau (cherry picked from commit fa13678912cf57ff275768379a4af4e6d775f10d) --- ansible/kolla-bifrost-hostvars.yml | 2 +- releasenotes/notes/bug-2133489-1b83b7e24655caff.yaml | 5 +++++ 2 files changed, 6 insertions(+), 1 deletion(-) create mode 100644 releasenotes/notes/bug-2133489-1b83b7e24655caff.yaml diff --git a/ansible/kolla-bifrost-hostvars.yml b/ansible/kolla-bifrost-hostvars.yml index d560e4d0e..a63421038 100644 --- a/ansible/kolla-bifrost-hostvars.yml +++ b/ansible/kolla-bifrost-hostvars.yml @@ -26,7 +26,7 @@ # If the admin network does not have a gateway defined and seed SNAT is # enabled, use the seed as a gateway to allow external access until other # networks have been configured. Otherwise, do not set any gateway. - ipv4_gateway: "{{ (admin_oc_net_name | net_gateway) or (admin_oc_net_name | net_ip(seed_host) if seed_enable_snat | bool) }}" + ipv4_gateway: "{{ (admin_oc_net_name | net_gateway) or (admin_oc_net_name | net_ip(seed_host) if seed_enable_snat | bool) or '' }}" ipv4_nameserver: "{{ resolv_nameservers }}" network_mtu: "{{ admin_oc_net_name | net_mtu or '1500' }}" vlan_id: "{{ '' if admin_oc_net_name == provision_oc_net_name else (admin_oc_net_name | net_vlan) }}" diff --git a/releasenotes/notes/bug-2133489-1b83b7e24655caff.yaml b/releasenotes/notes/bug-2133489-1b83b7e24655caff.yaml new file mode 100644 index 000000000..3173fb921 --- /dev/null +++ b/releasenotes/notes/bug-2133489-1b83b7e24655caff.yaml @@ -0,0 +1,5 @@ +--- +fixes: + - | + Fixes generation of Bifrost host variable files when ``ipv4_gateway`` is + undefined. `LP#2133489 `__