Allow enable SNAT service on the seed hypervisor

Adds an ability to enable SNAT service on the seed hypervisor. Depends-On: Ie42ab7a0dc9dd1ed1925b3a17134b3770ae8ba98 Change-Id: I0a2ff5caa01d54b1532d30d501b55ef23a6deff8 Signed-off-by: Maksim Malchuk <maksim.malchuk@gmail.com>
2021-12-05 02:01:07 +03:00 · 2021-12-05 02:01:07 +03:00 · e10b52c588
commit e10b52c588
parent f88f49ec67
10 changed files with 30 additions and 5 deletions
--- a/ansible/group_vars/all/seed-hypervisor
+++ b/ansible/group_vars/all/seed-hypervisor
@ -20,6 +20,9 @@ seed_hypervisor_default_network_interfaces: "{{ seed_default_network_interfaces
 # List of extra networks to which seed hypervisor nodes are attached.
 seed_hypervisor_extra_network_interfaces: "{{ seed_extra_network_interfaces }}"
 # Whether to enable SNAT on seed hypervisor node. Default is false.
 seed_hypervisor_enable_snat: false
 ###############################################################################
 # Seed hypervisor node software RAID configuration.
--- a/ansible/group_vars/seed-hypervisor/snat
+++ b/ansible/group_vars/seed-hypervisor/snat
@ -0,0 +1,3 @@
 ---
 # Whether to enable SNAT on seed hypervisor node.
 enable_snat: "{{ seed_hypervisor_enable_snat }}"
--- a/ansible/group_vars/seed/snat
+++ b/ansible/group_vars/seed/snat
@ -0,0 +1,3 @@
 ---
 # Whether to enable SNAT on seed node.
 enable_snat: "{{ seed_enable_snat }}"
--- a/ansible/ip-routing.yml
+++ b/ansible/ip-routing.yml
@ -2,9 +2,9 @@
 # Enable IP routing in the kernel.
 - name: Ensure IP routing is enabled
-  hosts: seed
+  hosts: seed-hypervisor:seed
  tags:
    - ip-routing
  roles:
    - role: ip-routing
-      when: seed_enable_snat | bool
+      when: enable_snat | bool
--- a/ansible/snat.yml
+++ b/ansible/snat.yml
@ -2,7 +2,7 @@
 # Enable SNAT using iptables.
 - name: Ensure SNAT is configured
-  hosts: seed
+  hosts: seed-hypervisor:seed
  tags:
    - snat
  vars:
@ -11,4 +11,4 @@
        source_ip: "{{ ansible_facts.default_ipv4.address }}"
  roles:
    - role: snat
-      when: seed_enable_snat | bool
+      when: enable_snat | bool
--- a/doc/source/configuration/reference/hosts.rst
+++ b/doc/source/configuration/reference/hosts.rst
@ -507,6 +507,11 @@ allows it to be used as a default gateway for overcloud hosts. This is disabled
 by default since the Xena 11.0.0 release, and may be enabled by setting
 ``seed_enable_snat`` to ``true`` in ``${KAYOBE_CONFIG_PATH}/seed.yml``.
 The seed-hypervisor host also can be configured the same way to be used as a
 default gateway. This is disabled by default too, and may be enabled by setting
 ``seed_hypervisor_enable_snat`` to ``true``
 in ``${KAYOBE_CONFIG_PATH}/seed-hypervisor.yml``.
 Disable cloud-init
 ==================
 *tags:*
--- a/etc/kayobe/seed-hypervisor.yml
+++ b/etc/kayobe/seed-hypervisor.yml
@ -18,6 +18,9 @@
 # List of extra networks to which seed hypervisor nodes are attached.
 #seed_hypervisor_extra_network_interfaces:
 # Whether to enable SNAT on seed hypervisor node. Default is false.
 #seed_hypervisor_enable_snat:
 ###############################################################################
 # Seed hypervisor node software RAID configuration.
--- a/kayobe/cli/commands.py
+++ b/kayobe/cli/commands.py
@ -448,7 +448,8 @@ class SeedHypervisorHostConfigure(KollaAnsibleMixin, KayobeAnsibleMixin,
            playbooks += _build_playbook_list("wipe-disks")
        playbooks += _build_playbook_list(
            "users", "dev-tools", "network", "firewall", "tuned", "sysctl",
-            "time", "mdadm", "luks", "lvm", "seed-hypervisor-libvirt-host")
+            "ip-routing", "snat", "time", "mdadm", "luks", "lvm",
            "seed-hypervisor-libvirt-host")
        self.run_kayobe_playbooks(parsed_args, playbooks,
                                  limit="seed-hypervisor")
--- a/kayobe/tests/unit/cli/test_commands.py
+++ b/kayobe/tests/unit/cli/test_commands.py
@ -330,6 +330,8 @@ class TestCase(unittest.TestCase):
                    utils.get_data_files_path("ansible", "firewall.yml"),
                    utils.get_data_files_path("ansible", "tuned.yml"),
                    utils.get_data_files_path("ansible", "sysctl.yml"),
                    utils.get_data_files_path("ansible", "ip-routing.yml"),
                    utils.get_data_files_path("ansible", "snat.yml"),
                    utils.get_data_files_path("ansible", "time.yml"),
                    utils.get_data_files_path("ansible", "mdadm.yml"),
                    utils.get_data_files_path("ansible", "luks.yml"),
--- a/releasenotes/notes/seed-hypervisor-snat-3f4844bd1156bce9.yaml
+++ b/releasenotes/notes/seed-hypervisor-snat-3f4844bd1156bce9.yaml
@ -0,0 +1,5 @@
 ---
 features:
  - |
    Adds a new variable ``seed_hypervisor_enable_snat`` that allows users to
    enable SNAT service on the seed hypervisor. The default value is ``false``.