diff --git a/deployment/nova/nova-compute-container-puppet.yaml b/deployment/nova/nova-compute-container-puppet.yaml index ae6293ea66..a4099693fe 100644 --- a/deployment/nova/nova-compute-container-puppet.yaml +++ b/deployment/nova/nova-compute-container-puppet.yaml @@ -1004,19 +1004,6 @@ conditions: - {get_param: EnableInternalTLS} - {get_param: UseTLSTransportForLiveMigration} - enable_live_migration_tunnelled: - and: - - or: - - and: - - {get_param: NovaNfsEnabled} - - equals: [{get_param: [RoleParameters, NovaNfsEnabled]}, ''] - - equals: [{get_param: [RoleParameters, NovaNfsEnabled]}, true] - - equals: [{get_param: [RoleParameters, NovaEnableRbdBackend]}, true] - - and: - - equals: [{get_param: [RoleParameters, NovaEnableRbdBackend]}, ''] - - {get_param: NovaEnableRbdBackend} - - not: use_tls_for_live_migration - libvirt_file_backed_memory_enabled: not: or: @@ -1155,19 +1142,8 @@ outputs: - live_migration_optimization_set - true - false - - # TUNNELLED mode provides a security improvement for migration, but - # can't be used in combination with block migration. So we only enable it - # when shared storage is available (Ceph RDB is currently the only option). - # See https://bugzilla.redhat.com/show_bug.cgi?id=1301986#c12 - # In future versions of QEMU (2.6, mostly), danpb's native - # encryption work will obsolete the need to use TUNNELLED transport - # mode. - nova::migration::libvirt::live_migration_tunnelled: - if: - - enable_live_migration_tunnelled - - true - - false + # TUNNELLED mode is not compatible with post_copy. + nova::migration::libvirt::live_migration_tunnelled: false # NOTE: bind IP is found in hiera replacing the network name with the # local node IP for the given network; replacement examples # (eg. for internal_api):