From 4e032923c05576541117e0196857663b46050470 Mon Sep 17 00:00:00 2001 From: Jeffrey Zhang Date: Sat, 25 May 2019 12:52:56 +0800 Subject: [PATCH] Remove nova-consoleauth The nova-consoleauth service was deprecated during the Rocky release [1] and has not been necessary since unless you're using cells v1. As Kolla has never supported cells v1, which is finally being removed during Train [2], we can get ahead of the curve and stop deploying nova-consoleauth immediately. [1] https://specs.openstack.org/openstack/nova-specs/specs/rocky/implemented/convert-consoles-to-objects.html [2] https://blueprints.launchpad.net/nova/+spec/remove-cells-v1/ Change-Id: I099080979f5497537e390f531005a517ab12aa7a --- ansible/inventory/all-in-one | 3 --- ansible/inventory/multinode | 3 --- .../conf/filter/01-rewrite-0.12.conf.j2 | 2 +- .../conf/filter/01-rewrite-0.14.conf.j2 | 2 +- ansible/roles/nova/defaults/main.yml | 7 ----- ansible/roles/nova/handlers/main.yml | 26 ------------------- ansible/roles/nova/tasks/config.yml | 2 -- ansible/roles/nova/tasks/upgrade.yml | 7 +++++ .../nova/templates/nova-consoleauth.json.j2 | 24 ----------------- ansible/site.yml | 1 - ...ove-nova-consoleauth-0f6a327de69e1273.yaml | 8 ++++++ tests/templates/inventory.j2 | 3 --- 12 files changed, 17 insertions(+), 71 deletions(-) delete mode 100644 ansible/roles/nova/templates/nova-consoleauth.json.j2 create mode 100644 releasenotes/notes/remove-nova-consoleauth-0f6a327de69e1273.yaml diff --git a/ansible/inventory/all-in-one b/ansible/inventory/all-in-one index badb4db5b6..b01bee8423 100644 --- a/ansible/inventory/all-in-one +++ b/ansible/inventory/all-in-one @@ -270,9 +270,6 @@ nova [nova-conductor:children] nova -[nova-consoleauth:children] -nova - [nova-novncproxy:children] nova diff --git a/ansible/inventory/multinode b/ansible/inventory/multinode index 4db1174050..4d1fb3b9a6 100644 --- a/ansible/inventory/multinode +++ b/ansible/inventory/multinode @@ -289,9 +289,6 @@ nova [nova-conductor:children] nova -[nova-consoleauth:children] -nova - [nova-novncproxy:children] nova diff --git a/ansible/roles/common/templates/conf/filter/01-rewrite-0.12.conf.j2 b/ansible/roles/common/templates/conf/filter/01-rewrite-0.12.conf.j2 index adacb767a7..7b26ea2d16 100644 --- a/ansible/roles/common/templates/conf/filter/01-rewrite-0.12.conf.j2 +++ b/ansible/roles/common/templates/conf/filter/01-rewrite-0.12.conf.j2 @@ -3,7 +3,7 @@ capitalize_regex_backreference yes rewriterule1 programname ^(cinder-api-access|cloudkitty-api-access|gnocchi-api-access|horizon-access|keystone-apache-admin-access|keystone-apache-public-access|monasca-api-access|monasca-log-api-access|placement-api-access|panko-api-access)$ apache_access rewriterule2 programname ^(aodh_wsgi_access|barbican-api|zun_api_wsgi_access|vitrage_wsgi_access)$ wsgi_access - rewriterule3 programname ^(nova-api|nova-compute|nova-compute-ironic|nova-conductor|nova-consoleauth|nova-manage|nova-novncproxy|nova-scheduler|nova-placement-api|placement-api|privsep-helper)$ openstack_python + rewriterule3 programname ^(nova-api|nova-compute|nova-compute-ironic|nova-conductor|nova-manage|nova-novncproxy|nova-scheduler|nova-placement-api|placement-api|privsep-helper)$ openstack_python rewriterule4 programname ^(sahara-api|sahara-engine)$ openstack_python rewriterule5 programname ^(neutron-server|neutron-openvswitch-agent|neutron-ns-metadata-proxy|neutron-metadata-agent|neutron-l3-agent|neutron-dhcp-agent)$ openstack_python rewriterule6 programname ^(magnum-conductor|magnum-api)$ openstack_python diff --git a/ansible/roles/common/templates/conf/filter/01-rewrite-0.14.conf.j2 b/ansible/roles/common/templates/conf/filter/01-rewrite-0.14.conf.j2 index 0e03844ff8..35e80d3d0a 100644 --- a/ansible/roles/common/templates/conf/filter/01-rewrite-0.14.conf.j2 +++ b/ansible/roles/common/templates/conf/filter/01-rewrite-0.14.conf.j2 @@ -13,7 +13,7 @@ key programname - pattern ^(nova-api|nova-compute|nova-compute-ironic|nova-conductor|nova-consoleauth|nova-manage|nova-novncproxy|nova-scheduler|nova-placement-api|placement-api|privsep-helper)$ + pattern ^(nova-api|nova-compute|nova-compute-ironic|nova-conductor|nova-manage|nova-novncproxy|nova-scheduler|nova-placement-api|placement-api|privsep-helper)$ tag openstack_python diff --git a/ansible/roles/nova/defaults/main.yml b/ansible/roles/nova/defaults/main.yml index 0474bbc279..21ac5c8873 100644 --- a/ansible/roles/nova/defaults/main.yml +++ b/ansible/roles/nova/defaults/main.yml @@ -57,13 +57,6 @@ nova_services: external: false port: "{{ rdp_port }}" host_group: "hyperv" - nova-consoleauth: - container_name: "nova_consoleauth" - group: "nova-consoleauth" - image: "{{ nova_consoleauth_image_full }}" - enabled: True - volumes: "{{ nova_consoleauth_default_volumes + nova_consoleauth_extra_volumes }}" - dimensions: "{{ nova_consoleauth_dimensions }}" nova-novncproxy: container_name: "nova_novncproxy" group: "nova-novncproxy" diff --git a/ansible/roles/nova/handlers/main.yml b/ansible/roles/nova/handlers/main.yml index ad73838e9a..6b8b1179e7 100644 --- a/ansible/roles/nova/handlers/main.yml +++ b/ansible/roles/nova/handlers/main.yml @@ -109,32 +109,6 @@ or policy_overwriting.changed | bool or nova_scheduler_container.changed | bool -- name: Restart nova-consoleauth container - vars: - service_name: "nova-consoleauth" - service: "{{ nova_services[service_name] }}" - config_json: "{{ config_jsons.results|selectattr('item.key', 'equalto', service_name)|first }}" - nova_conf: "{{ nova_confs.results|selectattr('item.key', 'equalto', service_name)|first }}" - policy_overwriting: "{{ nova_policy_overwriting.results|selectattr('item.key', 'equalto', service_name)|first }}" - nova_consoleauth_container: "{{ check_nova_containers.results|selectattr('item.key', 'equalto', service_name)|first }}" - become: true - kolla_docker: - action: "recreate_or_restart_container" - common_options: "{{ docker_common_options }}" - name: "{{ service.container_name }}" - image: "{{ service.image }}" - privileged: "{{ service.privileged | default(False) }}" - volumes: "{{ service.volumes|reject('equalto', '')|list }}" - dimensions: "{{ service.dimensions }}" - when: - - kolla_action != "config" - - inventory_hostname in groups[service.group] - - service.enabled | bool - - config_json.changed | bool - or nova_conf.changed | bool - or policy_overwriting.changed | bool - or nova_consoleauth_container.changed | bool - - name: Restart nova-novncproxy container vars: service_name: "nova-novncproxy" diff --git a/ansible/roles/nova/tasks/config.yml b/ansible/roles/nova/tasks/config.yml index 8491e480bc..a6af574928 100644 --- a/ansible/roles/nova/tasks/config.yml +++ b/ansible/roles/nova/tasks/config.yml @@ -31,7 +31,6 @@ inventory_hostname in groups['compute'] or inventory_hostname in groups['nova-api'] or inventory_hostname in groups['nova-conductor'] or - inventory_hostname in groups['nova-consoleauth'] or inventory_hostname in groups['nova-novncproxy'] or inventory_hostname in groups['nova-scheduler'] @@ -182,7 +181,6 @@ - nova-compute - nova-compute-ironic - nova-conductor - - nova-consoleauth - nova-novncproxy - nova-serialproxy - nova-scheduler diff --git a/ansible/roles/nova/tasks/upgrade.yml b/ansible/roles/nova/tasks/upgrade.yml index bc04f78868..1433394d38 100644 --- a/ansible/roles/nova/tasks/upgrade.yml +++ b/ansible/roles/nova/tasks/upgrade.yml @@ -19,3 +19,10 @@ - include_tasks: rolling_upgrade.yml when: nova_enable_rolling_upgrade | bool + +# NOTE(jeffrey4l): Remove this task in U cycle. +- name: Remove nova-consoleauth container + become: true + kolla_docker: + action: "remove_container" + name: "nova_consoleauth" diff --git a/ansible/roles/nova/templates/nova-consoleauth.json.j2 b/ansible/roles/nova/templates/nova-consoleauth.json.j2 deleted file mode 100644 index 09e663402f..0000000000 --- a/ansible/roles/nova/templates/nova-consoleauth.json.j2 +++ /dev/null @@ -1,24 +0,0 @@ -{ - "command": "nova-consoleauth", - "config_files": [ - { - "source": "{{ container_config_directory }}/nova.conf", - "dest": "/etc/nova/nova.conf", - "owner": "nova", - "perm": "0600" - }{% if nova_policy_file is defined %}, - { - "source": "{{ container_config_directory }}/{{ nova_policy_file }}", - "dest": "/etc/nova/{{ nova_policy_file }}", - "owner": "nova", - "perm": "0600" - }{% endif %} - ], - "permissions": [ - { - "path": "/var/log/kolla/nova", - "owner": "nova:nova", - "recurse": true - } - ] -} diff --git a/ansible/site.yml b/ansible/site.yml index 2f27d6e4e1..499800e5ad 100644 --- a/ansible/site.yml +++ b/ansible/site.yml @@ -708,7 +708,6 @@ - compute - nova-api - nova-conductor - - nova-consoleauth - nova-novncproxy - nova-scheduler - '&enable_nova_True' diff --git a/releasenotes/notes/remove-nova-consoleauth-0f6a327de69e1273.yaml b/releasenotes/notes/remove-nova-consoleauth-0f6a327de69e1273.yaml new file mode 100644 index 0000000000..1034a50b0b --- /dev/null +++ b/releasenotes/notes/remove-nova-consoleauth-0f6a327de69e1273.yaml @@ -0,0 +1,8 @@ +--- +upgrade: + - | + The ``nova-consoleauth`` service is no longer deployed. This has been + `deprecated in nova since Rocky`__ and has not been used by other nova + services since. + + __ https://specs.openstack.org/openstack/nova-specs/specs/rocky/implemented/convert-consoles-to-objects.html diff --git a/tests/templates/inventory.j2 b/tests/templates/inventory.j2 index 2697b405d0..99ef045d6b 100644 --- a/tests/templates/inventory.j2 +++ b/tests/templates/inventory.j2 @@ -263,9 +263,6 @@ nova [nova-conductor:children] nova -[nova-consoleauth:children] -nova - [nova-novncproxy:children] nova