Check for podman dangling images.
Make sure before update we do not have any dangling images.
Role documentation
RHEL8.x kernel flag for Compute nodes validation.
RHEL-8.3 kernel disabled the Intel TSX (Transactional Synchronization Extensions) feature by default as a preemptive security measure, but it breaks live migration from RHEL-7.9 (or even RHEL-8.1 or RHEL-8.2) to RHEL-8.3.
Operators are expected to explicitly define the TSX flag in their KernelArgs for the compute role to prevent live-migration issues during the upgrade process.
This also impacts upstream CentOS systems.
Role documentation
Ensure container status.
Detect failed containers and raise an error.
Role documentation
Check correctness of installed nova-libvirt version.
Detect if installed nova-libvirt satisfies constraints.
Role documentation
Check connectivity to various OpenStack services.
This validation gets the PublicVip address from the deployment and tries to access Horizon and get a Keystone token.
Role documentation
Check correctness of current repositories.
Detect whether the repositories listed in yum repolist can be connected to and that there is at least one repo configured. Detect if there are any unwanted repositories (such as EPEL) enabled.
Role documentation
System encoding.
Ensure the local is unicode
Role documentation
Verify undercloud services state before running update or upgrade.
Check undercloud status before running a stack update - especially minor update and major upgrade.
Role documentation
Verify heat-manage purge_deleted is enabled in crontab.
Without a purge_deleted crontab enabled, the heat database can grow very large. This validation checks that the purge_deleted crontab has been set up.
Role documentation
Verify that the IPA server has the right permissions and ACI.
This validation is relevant for systems where TLS Everywhere is enabled.
A new ACI is needed on the FreeIPA server to ensure that certificates with IP SANs can be issued. This ACI will be delivered by default from FreeIPA 4.8.5.
In addition, a new permission is needed to add DNS zones for tripleo-ipa. This permission is an addition to the current permissions for the Nova Host Manager role.
This validation confirms that the new permission and ACI are present.
https://docs.openstack.org/project-deploy-guide/tripleo-docs/latest/features/tls-introduction.html
Role documentation
Verify undercloud services state before running update or upgrade.
Check undercloud status before running a stack update - especially minor update and major upgrade.
Role documentation
Except where otherwise noted, this document is licensed under Creative Commons Attribution 3.0 License. See all OpenStack Legal Documents.