openstack
/
tripleo-heat-templates
Code Issues Proposed changes

Remove support for the novajoin service 

... because it was deprecated during Wallaby cycle by [1].

[1] bf910512c3

Change-Id: Ib9379b2fdb24773eb38c4baec18c1d50aa60d2f4
This commit is contained in:
Takashi Kajinami 2022-03-13 21:42:34 +09:00
parent 13554baa4f
commit 20230cd597
12 changed files with 8 additions and 898 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

1
ci/environments/scenario000-standalone.yaml
View File

@ -136,7 +136,6 @@ resource_registry:
OS::TripleO::Services::NovaPlacement: OS::Heat::None
OS::TripleO::Services::NovaScheduler: OS::Heat::None
OS::TripleO::Services::NovaVncProxy: OS::Heat::None
OS::TripleO::Services::Novajoin: OS::Heat::None
OS::TripleO::Services::Ntp: OS::Heat::None
OS::TripleO::Services::OVNController: OS::Heat::None
OS::TripleO::Services::OVNDBs: OS::Heat::None

191
deployment/deprecated/novajoin/ipaclient-baremetal-ansible.yaml
View File

@ -1,191 +0,0 @@
heat_template_version: wallaby
description: Registers nodes with the IPA server
parameters:
RoleNetIpMap:
default: {}
type: json
ServiceData:
default: {}
description: Dictionary packing service data
type: json
ServiceNetMap:
default: {}
description: Mapping of service_name -> network name. Typically set
via parameter_defaults in the resource registry. Use
parameter_merge_strategies to merge it with the defaults.
type: json
RoleName:
default: ''
description: Role name on which the service is applied
type: string
RoleParameters:
default: {}
description: Parameters specific to the role
type: json
EndpointMap:
default: {}
description: Mapping of service endpoint -> protocol. Typically set
via parameter_defaults in the resource registry.
type: json
PythonInterpreter:
type: string
description: The python interpreter to use for python and ansible actions
default: "$(command -v python3 || command -v python)"
MakeHomeDir:
type: boolean
description: Configure PAM to create a users home directory if it does not exist.
default: False
IdMDomain:
default: ''
description: IDM domain to register IDM client. Typically, this is discovered
through DNS and does not have to be set explicitly.
type: string
IdMNoNtpSetup:
default: False
description: Set to true to add --no-ntp to the IDM client install call.
This will cause IDM client install not to set up NTP.
type: boolean
outputs:
role_data:
description: Role data for the ipaclient service
value:
service_name: ipaclient
upgrade_tasks: []
step_config: ''
host_prep_tasks:
- name: enroll client in ipa and get metadata
become: true
vars:
python_interpreter: {get_param: PythonInterpreter}
makehomedir: {get_param: MakeHomeDir}
idm_domain: {get_param: IdMDomain}
idm_no_ntp: {get_param: IdMNoNtpSetup}
block:
- name: install needed packages
package:
name: "{{ item }}"
state: present
with_items:
- ipa-client
- ipa-admintools
- hostname
- name: create enrollment script
copy:
dest: /root/setup-ipa-client.sh
mode: '0700'
content: |
#!/bin/sh
set -x
function get_metadata_config_drive {
if [ -f /run/cloud-init/status.json ]; then
# Get metadata from config drive
data=`cat /run/cloud-init/status.json`
config_drive=`echo $data | {{ python_interpreter }} -c 'import json,re,sys;obj=json.load(sys.stdin);ds=obj.get("v1", {}).get("datasource"); print(re.findall(r"source=(.*)]", ds)[0])'`
if [[ -b $config_drive ]]; then
temp_dir=`mktemp -d`
mount $config_drive $temp_dir
if [ -f $temp_dir/openstack/latest/vendor_data2.json ]; then
data=`cat $temp_dir/openstack/latest/vendor_data2.json`
umount $config_drive
rmdir $temp_dir
else
umount $config_drive
rmdir $temp_dir
fi
else
echo "Unable to retrieve metadata from config drive."
return 1
fi
else
echo "Unable to retrieve metadata from config drive."
return 1
fi
return 0
}
function get_metadata_network {
# Get metadata over the network
data=$(timeout 300 /bin/bash -c 'data=""; while [ -z "$data" ]; do sleep $[ ( $RANDOM % 10 ) + 1 ]s; data=`curl -s http://169.254.169.254/openstack/2016-10-06/vendor_data2.json 2>/dev/null`; done; echo $data')
if [[ $? != 0 ]] ; then
echo "Unable to retrieve metadata from metadata service."
return 1
fi
}
function get_fqdn {
# Get the instance hostname out of the metadata
fqdn=`echo $data | {{ python_interpreter }} -c 'import json,sys;obj=json.load(sys.stdin);print(obj.get("join", {}).get("hostname", ""))'`
if [ -z "$fqdn"]; then
echo "Unable to determine hostname"
return 1
fi
return 0
}
if ! get_metadata_config_drive || ! get_fqdn; then
if ! get_metadata_network || ! get_fqdn; then
echo "FATAL: No metadata available or could not read the hostname from the metadata"
exit 1
fi
fi
realm=`echo $data | {{ python_interpreter }} -c 'import json,sys;obj=json.load(sys.stdin);print(obj.get("join", {}).get("krb_realm", ""))'`
otp=`echo $data | {{ python_interpreter }} -c 'import json,sys;obj=json.load(sys.stdin);print(obj.get("join", {}).get("ipaotp", ""))'`
# Force hostname to use the FQDN
hostnamectl set-hostname $fqdn
makehomedir={{ makehomedir }}
idm_no_ntp={{ idm_no_ntp }}
idm_domain={{ idm_domain }}
# run ipa-client-install
OPTS="-U -w $otp --hostname $fqdn"
if [ -n "$realm" ]; then
OPTS="$OPTS --realm=$realm"
fi
if [ -n "$idm_domain" ]; then
OPTS="$OPTS --domain=$idm_domain"
fi
if [ "${makehomedir,,}" = "true" ]; then
OPTS="$OPTS --mkhomedir"
fi
if [ "${idm_no_ntp,,}" = "true" ]; then
OPTS="$OPTS --no-ntp"
fi
# Ensure we have the proper domain in /etc/resolv.conf
domain=$(hostname -d)
if [ -n "$idm_domain" ]; then
domain = "$domain $idm_domain"
fi
if ! grep -q ${domain} /etc/resolv.conf ; then
sed -i "0,/nameserver/s/\(nameserver.*\)/search ${domain}\n\1/" /etc/resolv.conf
fi
ipa-client-install $OPTS
- name: determine if client is already enrolled
stat:
path: /etc/ipa/default.conf
register: ipa_default_conf
- block:
- name: run enrollment script
shell: /root/setup-ipa-client.sh >> /var/log/setup-ipa-client-ansible.log 2>&1
- name: restart certmonger service
systemd:
state: restarted
daemon_reload: true
name: certmonger.service
when: ipa_default_conf.stat.exists == False

295
deployment/deprecated/novajoin/novajoin-container-puppet.yaml
View File

@ -1,295 +0,0 @@
heat_template_version: wallaby
description: >
OpenStack containerized novajoin service
parameters:
ContainerNovajoinServerImage:
description: image
type: string
tags:
- role_specific
ContainerNovajoinNotifierImage:
description: image
type: string
tags:
- role_specific
ContainerNovajoinConfigImage:
description: image
type: string
tags:
- role_specific
EndpointMap:
default: {}
description: Mapping of service endpoint -> protocol. Typically set
via parameter_defaults in the resource registry.
type: json
ServiceNetMap:
default: {}
description: Mapping of service_name -> network name. Typically set
via parameter_defaults in the resource registry. Use
parameter_merge_strategies to merge it with the defaults.
type: json
ServiceData:
default: {}
description: Dictionary packing service data
type: json
RoleName:
default: ''
description: Role name on which the service is applied
type: string
RoleParameters:
default: {}
description: Parameters specific to the role
type: json
NovajoinPassword:
description: The password for the Novajoin service account.
type: string
hidden: true
NovaPassword:
description: The password for the nova service and db account
type: string
hidden: true
KeystoneRegion:
type: string
default: 'regionOne'
description: Keystone region for endpoint
RabbitClientPort:
default: 5672
description: Set rabbit subscriber port, change this if using SSL
type: number
RabbitClientUseSSL:
default: false
description: >
Rabbit client subscriber parameter to specify
an SSL connection to the RabbitMQ host.
type: string
RpcPassword:
description: The password for messaging backend
type: string
hidden: true
RabbitUserName:
default: guest
description: The username for RabbitMQ
type: string
NovajoinIpaOtp:
default: ''
description: The OTP to use to enroll to FreeIPA
type: string
NovajoinVendordataTimeout:
default: 30
description: The timeout for both the vendordata dynamic connect and read
values.
type: number
NovajoinPolicies:
description: |
A hash of policies to configure for Novajoin.
default: {}
type: json
MemcacheUseAdvancedPool:
type: boolean
description: |
Use the advanced (eventlet safe) memcached client pool.
default: true
resources:
ContainersCommon:
type: ../../containers-common.yaml
RoleParametersValue:
type: OS::Heat::Value
properties:
type: json
value:
map_replace:
- map_replace:
- ContainerNovajoinServerImage: ContainerNovajoinServerImage
ContainerNovajoinNotifierImage: ContainerNovajoinNotifierImage
ContainerNovajoinConfigImage: ContainerNovajoinConfigImage
- values: {get_param: [RoleParameters]}
- values:
ContainerNovajoinServerImage: {get_param: ContainerNovajoinServerImage}
ContainerNovajoinNotifierImage: {get_param: ContainerNovajoinNotifierImage}
ContainerNovajoinConfigImage: {get_param: ContainerNovajoinConfigImage}
outputs:
role_data:
description: Role data for the novajoin API role.
value:
service_name: novajoin
firewall_rules:
'119 novajoin':
dport:
- 9090
keystone_resources:
novajoin:
endpoints:
public: {get_param: [EndpointMap, NovajoinPublic, uri]}
internal: {get_param: [EndpointMap, NovajoinInternal, uri]}
admin: {get_param: [EndpointMap, NovajoinAdmin, uri]}
users:
novajoin:
password: {get_param: NovajoinPassword}
region: {get_param: KeystoneRegion}
service: 'compute-vendordata-plugin'
config_settings:
tripleo::profile::base::novajoin::oslomsg_rpc_password: {get_param: RpcPassword}
tripleo::profile::base::novajoin::oslomsg_rpc_port: {get_param: RabbitClientPort}
tripleo::profile::base::novajoin::oslomsg_rpc_username: {get_param: RabbitUserName}
tripleo::profile::base::novajoin::oslomsg_use_ssl: {get_param: RabbitClientUseSSL}
tripleo::profile::base::novajoin::service_password: {get_param: NovajoinPassword}
nova::metadata::novajoin::api::bind_address: &novajoin_address
str_replace:
template:
"%{hiera('novajoin_network')}"
params:
novajoin_network: {get_param: [ServiceNetMap, NovajoinNetwork]}
nova::metadata::novajoin::api::join_listen_port: 9090
nova::metadata::novajoin::api::project_name: service
nova::metadata::novajoin::api::keystone_auth_url: {get_param: [EndpointMap, KeystoneInternal, uri_no_suffix]}
# We will rely on the host being enrolled for this
nova::metadata::novajoin::api::enable_ipa_client_install: false
# Since we rely on the host to be enrolled, we need to configure
# kerberos via puppet.
nova::metadata::novajoin::api::configure_kerberos: true
nova::metadata::novajoin::authtoken::auth_url: {get_param: [EndpointMap, KeystoneInternal, uri_no_suffix]}
nova::metadata::novajoin::authtoken::www_authenticate_uri: {get_param: [EndpointMap, KeystonePublic, uri_no_suffix]}
nova::metadata::novajoin::authtoken::password: {get_param: NovajoinPassword}
nova::metadata::novajoin::authtoken::project_name: 'service'
nova::metadata::novajoin::authtoken::region_name: {get_param: KeystoneRegion}
nova::metadata::novajoin::authtoken::interface: 'internal'
nova::metadata::novajoin::authtoken::memcache_use_advanced_pool: {get_param: MemcacheUseAdvancedPool}
nova::metadata::novajoin::policy::policies: {get_param: NovajoinPolicies}
service_config_settings:
nova_metadata: &nova_vendordata
novajoin_address: *novajoin_address
nova::vendordata::vendordata_jsonfile_path: '/etc/novajoin/cloud-config-novajoin.json'
nova::vendordata::vendordata_providers: ['StaticJSON', 'DynamicJSON']
# TODO(jaosorior): Add TLS support here. Novajoin is currently not
# accessed behind haproxy, but is accessed directly instead. For this
# reason, we don't use the make_url function. Also note that for now
# this is only meant to be used in a single node containerized
# undercloud. Multinode support will come later.
nova::vendordata::vendordata_dynamic_targets:
- str_replace:
template:
"join@http://%{hiera('novajoin_network')}:9090/v1/"
params:
novajoin_network: {get_param: [ServiceNetMap, NovajoinNetwork]}
nova::vendordata::vendordata_dynamic_failure_fatal: true
nova::vendordata::vendordata_dynamic_auth_auth_type: 'password'
nova::vendordata::vendordata_dynamic_auth_auth_url:
get_param: [EndpointMap, KeystoneInternal, uri_no_suffix]
nova::vendordata::vendordata_dynamic_auth_os_region_name:
get_param: KeystoneRegion
nova::vendordata::vendordata_dynamic_auth_username: 'nova'
nova::vendordata::vendordata_dynamic_auth_project_name: 'service'
nova::vendordata::vendordata_dynamic_auth_project_domain_name: 'Default'
nova::vendordata::vendordata_dynamic_auth_user_domain_name: 'Default'
nova::vendordata::vendordata_dynamic_auth_password: {get_param: NovaPassword}
nova::vendordata::vendordata_dynamic_connect_timeout: {get_param: NovajoinVendordataTimeout}
nova::vendordata::vendordata_dynamic_read_timeout: {get_param: NovajoinVendordataTimeout}
# novajoin requires that the notification driver be set which could
# be disabled if telemetry is off.
nova::notification_driver: messagingv2
nova::notification_topics: ['notifications', 'novajoin_notifications']
nova::notify_on_state_change: 'vm_state'
nova_api: *nova_vendordata
nova_compute: *nova_vendordata
nova_ironic: *nova_vendordata
# BEGIN DOCKER SETTINGS
puppet_config:
config_volume: novajoin
puppet_tags: novajoin_config
step_config: include tripleo::profile::base::novajoin
config_image: {get_attr: [RoleParametersValue, value, ContainerNovajoinConfigImage]}
kolla_config:
/var/lib/kolla/config_files/novajoin_server.json:
command: novajoin-server --config-file /etc/novajoin/join.conf
config_files:
- source: "/var/lib/kolla/config_files/src/etc/novajoin/join.conf"
dest: "/etc/novajoin/"
merge: false
preserve_properties: true
/var/lib/kolla/config_files/novajoin_notifier.json:
command: novajoin-notify --config-file /etc/novajoin/join.conf
config_files:
- source: "/var/lib/kolla/config_files/src/etc/novajoin/join.conf"
dest: "/etc/novajoin/"
merge: false
preserve_properties: true
docker_config:
step_4:
novajoin_server:
start_order: 0
image: {get_attr: [RoleParametersValue, value, ContainerNovajoinServerImage]}
net: host
privileged: false
restart: always
volumes:
list_concat:
- {get_attr: [ContainersCommon, volumes]}
-
- /var/lib/kolla/config_files/novajoin_server.json:/var/lib/kolla/config_files/config.json:ro
- /var/lib/config-data/puppet-generated/novajoin:/var/lib/kolla/config_files/src:ro
- /etc/ipa:/etc/ipa:ro
- /etc/novajoin/krb5.keytab:/etc/novajoin/krb5.keytab:ro
- /var/log/containers/novajoin:/var/log/novajoin
environment:
KOLLA_CONFIG_STRATEGY: COPY_ALWAYS
KRB5_CONFIG: /etc/novajoin/krb5.conf
novajoin_notifier:
start_order: 1
image: {get_attr: [RoleParametersValue, value, ContainerNovajoinNotifierImage]}
net: host
privileged: false
restart: always
volumes:
list_concat:
- {get_attr: [ContainersCommon, volumes]}
-
- /var/lib/kolla/config_files/novajoin_notifier.json:/var/lib/kolla/config_files/config.json:ro
- /var/lib/config-data/puppet-generated/novajoin:/var/lib/kolla/config_files/src:ro
- /etc/ipa:/etc/ipa:ro
- /etc/novajoin/krb5.keytab:/etc/novajoin/krb5.keytab:ro
- /var/log/containers/novajoin:/var/log/novajoin
environment:
KOLLA_CONFIG_STRATEGY: COPY_ALWAYS
KRB5_CONFIG: /etc/novajoin/krb5.conf
host_prep_tasks:
# https://bugs.launchpad.net/tripleo/+bug/1821139
# This is here only for split stack environments to make sure
# openssl-perl is installed which provides /etc/pki/CA on RHEL8
- name: Ensure openssl-perl package is present on RHEL8
when:
- ansible_facts['os_family'] == 'RedHat'
- ansible_facts['distribution_major_version'] is version('8', '==')
package:
name: openssl-perl
state: present
- name: Ensure FreeIPA Client package is present
package:
name: ipa-client
state: present
- name: Set FreeIPA OTP fact
set_fact:
ipa_otp: {get_param: NovajoinIpaOtp}
no_log: "{{ hide_sensitive_logs | bool }}"
- name: create persistent directories
file:
path: "{{ item.path }}"
state: directory
setype: "{{ item.setype }}"
mode: "{{ item.mode }}"
with_items:
- { 'path': /var/log/containers/novajoin, 'setype': container_file_t, 'mode': '0750' }
- name: Enroll to FreeIPA
command: ipa-client-install -U --password={{ ipa_otp }}
args:
creates: /etc/ipa/default.conf
when: ipa_otp != ''
- name: Request kerberos keytab
shell: "/usr/bin/kinit -kt /etc/krb5.keytab && ipa-getkeytab -s $(grep xmlrpc_uri /etc/ipa/default.conf | cut -d/ -f3) -p nova/{{ ansible_facts['nodename'] }} -k /etc/novajoin/krb5.keytab"
args:
creates: /etc/novajoin/krb5.keytab

6
environments/services/novajoin.yaml
View File

@ -1,6 +0,0 @@
# A Heat environment file which can be used to enable
# Novajoin to provide registration for TLS-E.
# As of Victoria, this service has been deprecated.
resource_registry:
OS::TripleO::Services::Novajoin: ../../deployment/deprecated/novajoin/novajoin-container-puppet.yaml
OS::TripleO::Services::UndercloudRemoveNovajoin: OS::Heat::None

1
environments/ssl/tls-endpoints-public-dns.yaml
View File

@ -32,7 +32,6 @@ parameter_defaults:
MetricsQdrPublic: {protocol: 'amqp', port: '5666', host: 'CLOUDNAME'}
NeutronPublic: {protocol: 'https', port: '13696', host: 'CLOUDNAME'}
NovaPublic: {protocol: 'https', port: '13774', host: 'CLOUDNAME'}
NovajoinPublic: {protocol: 'https', port: '13090', host: 'CLOUDNAME'}
PlacementPublic: {protocol: 'https', port: '13778', host: 'CLOUDNAME'}
NovaVNCProxyPublic: {protocol: 'https', port: '13080', host: 'CLOUDNAME'}
OctaviaPublic: {protocol: 'https', port: '13876', host: 'CLOUDNAME'}

1
environments/ssl/tls-endpoints-public-ip.yaml
View File

@ -31,7 +31,6 @@ parameter_defaults:
ManilaPublic: {protocol: 'https', port: '13786', host: 'IP_ADDRESS'}
NeutronPublic: {protocol: 'https', port: '13696', host: 'IP_ADDRESS'}
NovaPublic: {protocol: 'https', port: '13774', host: 'IP_ADDRESS'}
NovajoinPublic: {protocol: 'https', port: '13090', host: 'IP_ADDRESS'}
NovaMetadataInternal: {protocol: 'https', port: '8775', host: 'IP_ADDRESS'}
PlacementPublic: {protocol: 'https', port: '13778', host: 'IP_ADDRESS'}
NovaVNCProxyPublic: {protocol: 'https', port: '13080', host: 'IP_ADDRESS'}

3
environments/ssl/tls-everywhere-endpoints-dns.yaml
View File

@ -64,9 +64,6 @@ parameter_defaults:
NovaAdmin: {protocol: 'https', port: '8774', host: 'CLOUDNAME'}
NovaInternal: {protocol: 'https', port: '8774', host: 'CLOUDNAME'}
NovaPublic: {protocol: 'https', port: '13774', host: 'CLOUDNAME'}
NovajoinAdmin: {protocol: 'https', port: '9090', host: 'CLOUDNAME'}
NovajoinInternal: {protocol: 'https', port: '9090', host: 'CLOUDNAME'}
NovajoinPublic: {protocol: 'https', port: '13090', host: 'CLOUDNAME'}
NovaMetadataInternal: {protocol: 'https', port: '8775', host: 'CLOUDNAME'}
PlacementAdmin: {protocol: 'https', port: '8778', host: 'CLOUDNAME'}
PlacementInternal: {protocol: 'https', port: '8778', host: 'CLOUDNAME'}

6
environments/undercloud-enable-nova.yaml
View File

@ -22,12 +22,6 @@ parameter_defaults:
NovaAutoDisabling: '0'
NovaCorsAllowedOrigin: '*'
NovaSyncPowerStateInterval: -1
# Overwrite compute_server_user policy to allow any user with role admin
# to post to novajoin (required for mistral workflow)
NovajoinPolicies:
compute_service_user:
key: 'compute_service_user'
value: 'role:admin'
IronicConfigureSwiftTempUrlKey: true
resource_registry:

384
network/endpoints/endpoint_map.yaml
View File

@ -8755,390 +8755,6 @@ outputs:
- EndpointMap
- NovaVNCProxyPublic
- port
NovajoinAdmin:
host:
str_replace:
template:
get_param:
- EndpointMap
- NovajoinAdmin
- host
params:
CLOUDNAME:
get_param:
- CloudEndpoints
- get_param:
- ServiceNetMap
- NovajoinNetwork
IP_ADDRESS:
get_param:
- NetIpMap
- str_replace:
params:
NETWORK:
get_param:
- ServiceNetMap
- NovajoinNetwork
template: NETWORK_uri
host_nobrackets:
str_replace:
template:
get_param:
- EndpointMap
- NovajoinAdmin
- host
params:
CLOUDNAME:
get_param:
- CloudEndpoints
- get_param:
- ServiceNetMap
- NovajoinNetwork
IP_ADDRESS:
get_param:
- NetIpMap
- get_param:
- ServiceNetMap
- NovajoinNetwork
port:
get_param:
- EndpointMap
- NovajoinAdmin
- port
protocol:
get_param:
- EndpointMap
- NovajoinAdmin
- protocol
uri:
make_url:
scheme:
get_param:
- EndpointMap
- NovajoinAdmin
- protocol
host:
str_replace:
template:
get_param:
- EndpointMap
- NovajoinAdmin
- host
params:
CLOUDNAME:
get_param:
- CloudEndpoints
- get_param:
- ServiceNetMap
- NovajoinNetwork
IP_ADDRESS:
get_param:
- NetIpMap
- str_replace:
params:
NETWORK:
get_param:
- ServiceNetMap
- NovajoinNetwork
template: NETWORK_uri
port:
get_param:
- EndpointMap
- NovajoinAdmin
- port
path: /v1
uri_no_suffix:
make_url:
scheme:
get_param:
- EndpointMap
- NovajoinAdmin
- protocol
host:
str_replace:
template:
get_param:
- EndpointMap
- NovajoinAdmin
- host
params:
CLOUDNAME:
get_param:
- CloudEndpoints
- get_param:
- ServiceNetMap
- NovajoinNetwork
IP_ADDRESS:
get_param:
- NetIpMap
- str_replace:
params:
NETWORK:
get_param:
- ServiceNetMap
- NovajoinNetwork
template: NETWORK_uri
port:
get_param:
- EndpointMap
- NovajoinAdmin
- port
NovajoinInternal:
host:
str_replace:
template:
get_param:
- EndpointMap
- NovajoinInternal
- host
params:
CLOUDNAME:
get_param:
- CloudEndpoints
- get_param:
- ServiceNetMap
- NovajoinNetwork
IP_ADDRESS:
get_param:
- NetIpMap
- str_replace:
params:
NETWORK:
get_param:
- ServiceNetMap
- NovajoinNetwork
template: NETWORK_uri
host_nobrackets:
str_replace:
template:
get_param:
- EndpointMap
- NovajoinInternal
- host
params:
CLOUDNAME:
get_param:
- CloudEndpoints
- get_param:
- ServiceNetMap
- NovajoinNetwork
IP_ADDRESS:
get_param:
- NetIpMap
- get_param:
- ServiceNetMap
- NovajoinNetwork
port:
get_param:
- EndpointMap
- NovajoinInternal
- port
protocol:
get_param:
- EndpointMap
- NovajoinInternal
- protocol
uri:
make_url:
scheme:
get_param:
- EndpointMap
- NovajoinInternal
- protocol
host:
str_replace:
template:
get_param:
- EndpointMap
- NovajoinInternal
- host
params:
CLOUDNAME:
get_param:
- CloudEndpoints
- get_param:
- ServiceNetMap
- NovajoinNetwork
IP_ADDRESS:
get_param:
- NetIpMap
- str_replace:
params:
NETWORK:
get_param:
- ServiceNetMap
- NovajoinNetwork
template: NETWORK_uri
port:
get_param:
- EndpointMap
- NovajoinInternal
- port
path: /v1
uri_no_suffix:
make_url:
scheme:
get_param:
- EndpointMap
- NovajoinInternal
- protocol
host:
str_replace:
template:
get_param:
- EndpointMap
- NovajoinInternal
- host
params:
CLOUDNAME:
get_param:
- CloudEndpoints
- get_param:
- ServiceNetMap
- NovajoinNetwork
IP_ADDRESS:
get_param:
- NetIpMap
- str_replace:
params:
NETWORK:
get_param:
- ServiceNetMap
- NovajoinNetwork
template: NETWORK_uri
port:
get_param:
- EndpointMap
- NovajoinInternal
- port
NovajoinPublic:
host:
str_replace:
template:
get_param:
- EndpointMap
- NovajoinPublic
- host
params:
CLOUDNAME:
get_param:
- CloudEndpoints
- get_param:
- ServiceNetMap
- PublicNetwork
IP_ADDRESS:
get_param:
- NetIpMap
- str_replace:
params:
NETWORK:
get_param:
- ServiceNetMap
- PublicNetwork
template: NETWORK_uri
host_nobrackets:
str_replace:
template:
get_param:
- EndpointMap
- NovajoinPublic
- host
params:
CLOUDNAME:
get_param:
- CloudEndpoints
- get_param:
- ServiceNetMap
- PublicNetwork
IP_ADDRESS:
get_param:
- NetIpMap
- get_param:
- ServiceNetMap
- PublicNetwork
port:
get_param:
- EndpointMap
- NovajoinPublic
- port
protocol:
get_param:
- EndpointMap
- NovajoinPublic
- protocol
uri:
make_url:
scheme:
get_param:
- EndpointMap
- NovajoinPublic
- protocol
host:
str_replace:
template:
get_param:
- EndpointMap
- NovajoinPublic
- host
params:
CLOUDNAME:
get_param:
- CloudEndpoints
- get_param:
- ServiceNetMap
- PublicNetwork
IP_ADDRESS:
get_param:
- NetIpMap
- str_replace:
params:
NETWORK:
get_param:
- ServiceNetMap
- PublicNetwork
template: NETWORK_uri
port:
get_param:
- EndpointMap
- NovajoinPublic
- port
path: /v1
uri_no_suffix:
make_url:
scheme:
get_param:
- EndpointMap
- NovajoinPublic
- protocol
host:
str_replace:
template:
get_param:
- EndpointMap
- NovajoinPublic
- host
params:
CLOUDNAME:
get_param:
- CloudEndpoints
- get_param:
- ServiceNetMap
- PublicNetwork
IP_ADDRESS:
get_param:
- NetIpMap
- str_replace:
params:
NETWORK:
get_param:
- ServiceNetMap
- PublicNetwork
template: NETWORK_uri
port:
get_param:
- EndpointMap
- NovajoinPublic
- port
OctaviaAdmin:
host:
str_replace:

5
overcloud-resource-registry-puppet.j2.yaml
View File

@ -201,7 +201,6 @@ resource_registry:
OS::TripleO::Services::PlacementApi: deployment/placement/placement-api-container-puppet.yaml
OS::TripleO::Services::NovaScheduler: deployment/nova/nova-scheduler-container-puppet.yaml
OS::TripleO::Services::NovaVncProxy: deployment/nova/nova-vnc-proxy-container-puppet.yaml
OS::TripleO::Services::Novajoin: OS::Heat::None
OS::TripleO::Services::NovaAZConfig: OS::Heat::None
OS::TripleO::Services::ContainersLogrotateCrond: deployment/logrotate/logrotate-crond-container-puppet.yaml
OS::TripleO::Services::SwiftProxy: deployment/swift/swift-proxy-container-puppet.yaml
@ -390,7 +389,6 @@ parameter_defaults:
PlacementNetwork: {{ _service_nets.get('internal_api', 'ctlplane') }}
NovaMetadataNetwork: {{ _service_nets.get('internal_api', 'ctlplane') }}
NovaLibvirtNetwork: {{ _service_nets.get('internal_api', 'ctlplane') }}
NovajoinNetwork: {{ _service_nets.get('internal_api', 'ctlplane') }}
SwiftStorageNetwork: {{ _service_nets.get('storage_mgmt', 'ctlplane') }}
SwiftProxyNetwork: {{ _service_nets.get('storage', 'ctlplane') }}
HorizonNetwork: {{ _service_nets.get('internal_api', 'ctlplane') }}
@ -510,9 +508,6 @@ parameter_defaults:
NovaAdmin: {protocol: http, port: '8774', host: IP_ADDRESS}
NovaInternal: {protocol: http, port: '8774', host: IP_ADDRESS}
NovaPublic: {protocol: http, port: '8774', host: IP_ADDRESS}
NovajoinAdmin: {protocol: http, port: '9090', host: IP_ADDRESS}
NovajoinInternal: {protocol: http, port: '9090', host: IP_ADDRESS}
NovajoinPublic: {protocol: http, port: '9090', host: IP_ADDRESS}
NovaMetadataInternal: {protocol: http, port: '8775', host: IP_ADDRESS}
PlacementAdmin: {protocol: http, port: '8778', host: IP_ADDRESS}
PlacementInternal: {protocol: http, port: '8778', host: IP_ADDRESS}

8
releasenotes/notes/remove-novajoin-3ccef190c99c419b.yaml Normal file
View File

@ -0,0 +1,8 @@
---
upgrade:
- |
Support for the novajoin service has been removed.
- |
The ``OS::TripleO::Service::Novajoin`` resource has been removed. It should
be removed from roles data before upgrade.

5
sample-env-generator/ssl.yaml
View File

@ -144,7 +144,6 @@ environments:
ManilaPublic: {protocol: 'https', port: '13786', host: 'IP_ADDRESS'}
NeutronPublic: {protocol: 'https', port: '13696', host: 'IP_ADDRESS'}
NovaPublic: {protocol: 'https', port: '13774', host: 'IP_ADDRESS'}
NovajoinPublic: {protocol: 'https', port: '13090', host: 'IP_ADDRESS'}
NovaMetadataInternal: {protocol: 'https', port: '8775', host: 'IP_ADDRESS'}
PlacementPublic: {protocol: 'https', port: '13778', host: 'IP_ADDRESS'}
NovaVNCProxyPublic: {protocol: 'https', port: '13080', host: 'IP_ADDRESS'}
@ -190,7 +189,6 @@ environments:
MetricsQdrPublic: {protocol: 'amqp', port: '5666', host: 'CLOUDNAME'}
NeutronPublic: {protocol: 'https', port: '13696', host: 'CLOUDNAME'}
NovaPublic: {protocol: 'https', port: '13774', host: 'CLOUDNAME'}
NovajoinPublic: {protocol: 'https', port: '13090', host: 'CLOUDNAME'}
PlacementPublic: {protocol: 'https', port: '13778', host: 'CLOUDNAME'}
NovaVNCProxyPublic: {protocol: 'https', port: '13080', host: 'CLOUDNAME'}
OctaviaPublic: {protocol: 'https', port: '13876', host: 'CLOUDNAME'}
@ -267,9 +265,6 @@ environments:
NovaAdmin: {protocol: 'https', port: '8774', host: 'CLOUDNAME'}
NovaInternal: {protocol: 'https', port: '8774', host: 'CLOUDNAME'}
NovaPublic: {protocol: 'https', port: '13774', host: 'CLOUDNAME'}
NovajoinAdmin: {protocol: 'https', port: '9090', host: 'CLOUDNAME'}
NovajoinInternal: {protocol: 'https', port: '9090', host: 'CLOUDNAME'}
NovajoinPublic: {protocol: 'https', port: '13090', host: 'CLOUDNAME'}
NovaMetadataInternal: {protocol: 'https', port: '8775', host: 'CLOUDNAME'}
PlacementAdmin: {protocol: 'https', port: '8778', host: 'CLOUDNAME'}
PlacementInternal: {protocol: 'https', port: '8778', host: 'CLOUDNAME'}