python-tripleoclient

History

Martin Schuppert 94ada5c08a [train/stein] Handle UseTLSTransportForNbd for previous created envs With adding UseTLSTransportForNbd feature in stein, UseTLSTransportForNbd is enabled per default. If an environment gets upgraded where UseTLSTransportForNbd was not enabled will make live migration to fail as the required certs are not part of the env of the previously created qemu process containers. This change handles UseTLSTransportForNbd as: * new environments it is enabled, which is the default in THT since stein * if it is an existing environment * global_config_settings get checked for use_tls_for_nbd key * if the global_config_settings does not exist, e.g. update from previous THT version or previous major release, the hieradata key nova::compute::libvirt::qemu::nbd_tls gets evaluated that there is no unnecessary disable of nbd_tls In change I7f583d18e558b95922a66eb539cc91de74409c96 we move the certs to be handled using bind mounts, so the upgrade path to enable nbd-tls would be 1. deploy with this change + the puppet-tripleo and tht change to use bind mounts for certs. 2. migrate all instances once that the containers running the qemu processes have the correct cert bind mounts 3. run an overcloud deploy using UseTLSTransportForNbd=true Related-Bug: #1900986 Related: https://bugzilla.redhat.com/show_bug.cgi?id=1888951 Depends-On: I1d5f4a714692774bac4fd42935df68a2494e46b9 Change-Id: If6909283dbdae077d95ebc46bab679659ce57bc1	2020-12-08 13:31:27 +01:00
..
notes	[train/stein] Handle UseTLSTransportForNbd for previous created envs	2020-12-08 13:31:27 +01:00
source	Bump the openstackdocstheme extension to 1.20	2019-08-01 09:49:37 +08:00

Martin Schuppert 94ada5c08a [train/stein] Handle UseTLSTransportForNbd for previous created envs

With adding UseTLSTransportForNbd feature in stein, UseTLSTransportForNbd
is enabled per default. If an environment gets upgraded where
UseTLSTransportForNbd was not enabled will make live migration to fail
as the required certs are not part of the env of the previously created
qemu process containers.
This change handles UseTLSTransportForNbd as:
* new environments it is enabled, which is the default in THT since
  stein
* if it is an existing environment
  * global_config_settings get checked for use_tls_for_nbd key
  * if the global_config_settings does not exist, e.g. update from
    previous THT version or previous major release, the hieradata key
    nova::compute::libvirt::qemu::nbd_tls gets evaluated that there is
    no unnecessary disable of nbd_tls

In change I7f583d18e558b95922a66eb539cc91de74409c96 we move the certs
to be handled using bind mounts, so the upgrade path to enable nbd-tls
would be
  1. deploy with this change + the puppet-tripleo and tht change to
     use bind mounts for certs.
  2. migrate all instances once that the containers running the qemu
     processes have the correct cert bind mounts
  3. run an overcloud deploy using UseTLSTransportForNbd=true

Related-Bug: #1900986
Related: https://bugzilla.redhat.com/show_bug.cgi?id=1888951

Depends-On: I1d5f4a714692774bac4fd42935df68a2494e46b9
Change-Id: If6909283dbdae077d95ebc46bab679659ce57bc1

2020-12-08 13:31:27 +01:00

notes

[train/stein] Handle UseTLSTransportForNbd for previous created envs

2020-12-08 13:31:27 +01:00

source

Bump the openstackdocstheme extension to 1.20

2019-08-01 09:49:37 +08:00