From 20230cd5979776aba6b7ff41a812680353fa4c23 Mon Sep 17 00:00:00 2001 From: Takashi Kajinami Date: Sun, 13 Mar 2022 21:42:34 +0900 Subject: [PATCH] Remove support for the novajoin service ... because it was deprecated during Wallaby cycle by [1]. [1] bf910512c344f55d01303409f6c2151d89347583 Change-Id: Ib9379b2fdb24773eb38c4baec18c1d50aa60d2f4 --- ci/environments/scenario000-standalone.yaml | 1 - .../novajoin/ipaclient-baremetal-ansible.yaml | 191 --------- .../novajoin/novajoin-container-puppet.yaml | 295 -------------- environments/services/novajoin.yaml | 6 - .../ssl/tls-endpoints-public-dns.yaml | 1 - environments/ssl/tls-endpoints-public-ip.yaml | 1 - .../ssl/tls-everywhere-endpoints-dns.yaml | 3 - environments/undercloud-enable-nova.yaml | 6 - network/endpoints/endpoint_map.yaml | 384 ------------------ overcloud-resource-registry-puppet.j2.yaml | 5 - .../remove-novajoin-3ccef190c99c419b.yaml | 8 + sample-env-generator/ssl.yaml | 5 - 12 files changed, 8 insertions(+), 898 deletions(-) delete mode 100644 deployment/deprecated/novajoin/ipaclient-baremetal-ansible.yaml delete mode 100644 deployment/deprecated/novajoin/novajoin-container-puppet.yaml delete mode 100644 environments/services/novajoin.yaml create mode 100644 releasenotes/notes/remove-novajoin-3ccef190c99c419b.yaml diff --git a/ci/environments/scenario000-standalone.yaml b/ci/environments/scenario000-standalone.yaml index 9cd9448c5f..9be02aca61 100644 --- a/ci/environments/scenario000-standalone.yaml +++ b/ci/environments/scenario000-standalone.yaml @@ -136,7 +136,6 @@ resource_registry: OS::TripleO::Services::NovaPlacement: OS::Heat::None OS::TripleO::Services::NovaScheduler: OS::Heat::None OS::TripleO::Services::NovaVncProxy: OS::Heat::None - OS::TripleO::Services::Novajoin: OS::Heat::None OS::TripleO::Services::Ntp: OS::Heat::None OS::TripleO::Services::OVNController: OS::Heat::None OS::TripleO::Services::OVNDBs: OS::Heat::None diff --git a/deployment/deprecated/novajoin/ipaclient-baremetal-ansible.yaml b/deployment/deprecated/novajoin/ipaclient-baremetal-ansible.yaml deleted file mode 100644 index 655d0fee1a..0000000000 --- a/deployment/deprecated/novajoin/ipaclient-baremetal-ansible.yaml +++ /dev/null @@ -1,191 +0,0 @@ -heat_template_version: wallaby - -description: Registers nodes with the IPA server - -parameters: - RoleNetIpMap: - default: {} - type: json - ServiceData: - default: {} - description: Dictionary packing service data - type: json - ServiceNetMap: - default: {} - description: Mapping of service_name -> network name. Typically set - via parameter_defaults in the resource registry. Use - parameter_merge_strategies to merge it with the defaults. - type: json - RoleName: - default: '' - description: Role name on which the service is applied - type: string - RoleParameters: - default: {} - description: Parameters specific to the role - type: json - EndpointMap: - default: {} - description: Mapping of service endpoint -> protocol. Typically set - via parameter_defaults in the resource registry. - type: json - PythonInterpreter: - type: string - description: The python interpreter to use for python and ansible actions - default: "$(command -v python3 || command -v python)" - MakeHomeDir: - type: boolean - description: Configure PAM to create a users home directory if it does not exist. - default: False - IdMDomain: - default: '' - description: IDM domain to register IDM client. Typically, this is discovered - through DNS and does not have to be set explicitly. - type: string - IdMNoNtpSetup: - default: False - description: Set to true to add --no-ntp to the IDM client install call. - This will cause IDM client install not to set up NTP. - type: boolean - -outputs: - role_data: - description: Role data for the ipaclient service - value: - service_name: ipaclient - upgrade_tasks: [] - step_config: '' - host_prep_tasks: - - name: enroll client in ipa and get metadata - become: true - vars: - python_interpreter: {get_param: PythonInterpreter} - makehomedir: {get_param: MakeHomeDir} - idm_domain: {get_param: IdMDomain} - idm_no_ntp: {get_param: IdMNoNtpSetup} - block: - - name: install needed packages - package: - name: "{{ item }}" - state: present - with_items: - - ipa-client - - ipa-admintools - - hostname - - - name: create enrollment script - copy: - dest: /root/setup-ipa-client.sh - mode: '0700' - content: | - #!/bin/sh - set -x - - function get_metadata_config_drive { - if [ -f /run/cloud-init/status.json ]; then - # Get metadata from config drive - data=`cat /run/cloud-init/status.json` - config_drive=`echo $data | {{ python_interpreter }} -c 'import json,re,sys;obj=json.load(sys.stdin);ds=obj.get("v1", {}).get("datasource"); print(re.findall(r"source=(.*)]", ds)[0])'` - if [[ -b $config_drive ]]; then - temp_dir=`mktemp -d` - mount $config_drive $temp_dir - if [ -f $temp_dir/openstack/latest/vendor_data2.json ]; then - data=`cat $temp_dir/openstack/latest/vendor_data2.json` - umount $config_drive - rmdir $temp_dir - else - umount $config_drive - rmdir $temp_dir - fi - else - echo "Unable to retrieve metadata from config drive." - return 1 - fi - else - echo "Unable to retrieve metadata from config drive." - return 1 - fi - - return 0 - } - - function get_metadata_network { - # Get metadata over the network - data=$(timeout 300 /bin/bash -c 'data=""; while [ -z "$data" ]; do sleep $[ ( $RANDOM % 10 ) + 1 ]s; data=`curl -s http://169.254.169.254/openstack/2016-10-06/vendor_data2.json 2>/dev/null`; done; echo $data') - - if [[ $? != 0 ]] ; then - echo "Unable to retrieve metadata from metadata service." - return 1 - fi - } - - function get_fqdn { - # Get the instance hostname out of the metadata - fqdn=`echo $data | {{ python_interpreter }} -c 'import json,sys;obj=json.load(sys.stdin);print(obj.get("join", {}).get("hostname", ""))'` - if [ -z "$fqdn"]; then - echo "Unable to determine hostname" - return 1 - fi - return 0 - } - - if ! get_metadata_config_drive || ! get_fqdn; then - if ! get_metadata_network || ! get_fqdn; then - echo "FATAL: No metadata available or could not read the hostname from the metadata" - exit 1 - fi - fi - - realm=`echo $data | {{ python_interpreter }} -c 'import json,sys;obj=json.load(sys.stdin);print(obj.get("join", {}).get("krb_realm", ""))'` - otp=`echo $data | {{ python_interpreter }} -c 'import json,sys;obj=json.load(sys.stdin);print(obj.get("join", {}).get("ipaotp", ""))'` - - # Force hostname to use the FQDN - hostnamectl set-hostname $fqdn - - makehomedir={{ makehomedir }} - idm_no_ntp={{ idm_no_ntp }} - idm_domain={{ idm_domain }} - - # run ipa-client-install - OPTS="-U -w $otp --hostname $fqdn" - - if [ -n "$realm" ]; then - OPTS="$OPTS --realm=$realm" - fi - if [ -n "$idm_domain" ]; then - OPTS="$OPTS --domain=$idm_domain" - fi - if [ "${makehomedir,,}" = "true" ]; then - OPTS="$OPTS --mkhomedir" - fi - if [ "${idm_no_ntp,,}" = "true" ]; then - OPTS="$OPTS --no-ntp" - fi - - - # Ensure we have the proper domain in /etc/resolv.conf - domain=$(hostname -d) - if [ -n "$idm_domain" ]; then - domain = "$domain $idm_domain" - fi - if ! grep -q ${domain} /etc/resolv.conf ; then - sed -i "0,/nameserver/s/\(nameserver.*\)/search ${domain}\n\1/" /etc/resolv.conf - fi - - ipa-client-install $OPTS - - - name: determine if client is already enrolled - stat: - path: /etc/ipa/default.conf - register: ipa_default_conf - - - block: - - name: run enrollment script - shell: /root/setup-ipa-client.sh >> /var/log/setup-ipa-client-ansible.log 2>&1 - - - name: restart certmonger service - systemd: - state: restarted - daemon_reload: true - name: certmonger.service - when: ipa_default_conf.stat.exists == False diff --git a/deployment/deprecated/novajoin/novajoin-container-puppet.yaml b/deployment/deprecated/novajoin/novajoin-container-puppet.yaml deleted file mode 100644 index fc8ecc0298..0000000000 --- a/deployment/deprecated/novajoin/novajoin-container-puppet.yaml +++ /dev/null @@ -1,295 +0,0 @@ -heat_template_version: wallaby - -description: > - OpenStack containerized novajoin service - -parameters: - ContainerNovajoinServerImage: - description: image - type: string - tags: - - role_specific - ContainerNovajoinNotifierImage: - description: image - type: string - tags: - - role_specific - ContainerNovajoinConfigImage: - description: image - type: string - tags: - - role_specific - EndpointMap: - default: {} - description: Mapping of service endpoint -> protocol. Typically set - via parameter_defaults in the resource registry. - type: json - ServiceNetMap: - default: {} - description: Mapping of service_name -> network name. Typically set - via parameter_defaults in the resource registry. Use - parameter_merge_strategies to merge it with the defaults. - type: json - ServiceData: - default: {} - description: Dictionary packing service data - type: json - RoleName: - default: '' - description: Role name on which the service is applied - type: string - RoleParameters: - default: {} - description: Parameters specific to the role - type: json - NovajoinPassword: - description: The password for the Novajoin service account. - type: string - hidden: true - NovaPassword: - description: The password for the nova service and db account - type: string - hidden: true - KeystoneRegion: - type: string - default: 'regionOne' - description: Keystone region for endpoint - RabbitClientPort: - default: 5672 - description: Set rabbit subscriber port, change this if using SSL - type: number - RabbitClientUseSSL: - default: false - description: > - Rabbit client subscriber parameter to specify - an SSL connection to the RabbitMQ host. - type: string - RpcPassword: - description: The password for messaging backend - type: string - hidden: true - RabbitUserName: - default: guest - description: The username for RabbitMQ - type: string - NovajoinIpaOtp: - default: '' - description: The OTP to use to enroll to FreeIPA - type: string - NovajoinVendordataTimeout: - default: 30 - description: The timeout for both the vendordata dynamic connect and read - values. - type: number - NovajoinPolicies: - description: | - A hash of policies to configure for Novajoin. - default: {} - type: json - MemcacheUseAdvancedPool: - type: boolean - description: | - Use the advanced (eventlet safe) memcached client pool. - default: true - -resources: - - ContainersCommon: - type: ../../containers-common.yaml - - RoleParametersValue: - type: OS::Heat::Value - properties: - type: json - value: - map_replace: - - map_replace: - - ContainerNovajoinServerImage: ContainerNovajoinServerImage - ContainerNovajoinNotifierImage: ContainerNovajoinNotifierImage - ContainerNovajoinConfigImage: ContainerNovajoinConfigImage - - values: {get_param: [RoleParameters]} - - values: - ContainerNovajoinServerImage: {get_param: ContainerNovajoinServerImage} - ContainerNovajoinNotifierImage: {get_param: ContainerNovajoinNotifierImage} - ContainerNovajoinConfigImage: {get_param: ContainerNovajoinConfigImage} - -outputs: - role_data: - description: Role data for the novajoin API role. - value: - service_name: novajoin - firewall_rules: - '119 novajoin': - dport: - - 9090 - keystone_resources: - novajoin: - endpoints: - public: {get_param: [EndpointMap, NovajoinPublic, uri]} - internal: {get_param: [EndpointMap, NovajoinInternal, uri]} - admin: {get_param: [EndpointMap, NovajoinAdmin, uri]} - users: - novajoin: - password: {get_param: NovajoinPassword} - region: {get_param: KeystoneRegion} - service: 'compute-vendordata-plugin' - config_settings: - tripleo::profile::base::novajoin::oslomsg_rpc_password: {get_param: RpcPassword} - tripleo::profile::base::novajoin::oslomsg_rpc_port: {get_param: RabbitClientPort} - tripleo::profile::base::novajoin::oslomsg_rpc_username: {get_param: RabbitUserName} - tripleo::profile::base::novajoin::oslomsg_use_ssl: {get_param: RabbitClientUseSSL} - tripleo::profile::base::novajoin::service_password: {get_param: NovajoinPassword} - nova::metadata::novajoin::api::bind_address: &novajoin_address - str_replace: - template: - "%{hiera('novajoin_network')}" - params: - novajoin_network: {get_param: [ServiceNetMap, NovajoinNetwork]} - nova::metadata::novajoin::api::join_listen_port: 9090 - nova::metadata::novajoin::api::project_name: service - nova::metadata::novajoin::api::keystone_auth_url: {get_param: [EndpointMap, KeystoneInternal, uri_no_suffix]} - # We will rely on the host being enrolled for this - nova::metadata::novajoin::api::enable_ipa_client_install: false - # Since we rely on the host to be enrolled, we need to configure - # kerberos via puppet. - nova::metadata::novajoin::api::configure_kerberos: true - nova::metadata::novajoin::authtoken::auth_url: {get_param: [EndpointMap, KeystoneInternal, uri_no_suffix]} - nova::metadata::novajoin::authtoken::www_authenticate_uri: {get_param: [EndpointMap, KeystonePublic, uri_no_suffix]} - nova::metadata::novajoin::authtoken::password: {get_param: NovajoinPassword} - nova::metadata::novajoin::authtoken::project_name: 'service' - nova::metadata::novajoin::authtoken::region_name: {get_param: KeystoneRegion} - nova::metadata::novajoin::authtoken::interface: 'internal' - nova::metadata::novajoin::authtoken::memcache_use_advanced_pool: {get_param: MemcacheUseAdvancedPool} - nova::metadata::novajoin::policy::policies: {get_param: NovajoinPolicies} - service_config_settings: - nova_metadata: &nova_vendordata - novajoin_address: *novajoin_address - nova::vendordata::vendordata_jsonfile_path: '/etc/novajoin/cloud-config-novajoin.json' - nova::vendordata::vendordata_providers: ['StaticJSON', 'DynamicJSON'] - # TODO(jaosorior): Add TLS support here. Novajoin is currently not - # accessed behind haproxy, but is accessed directly instead. For this - # reason, we don't use the make_url function. Also note that for now - # this is only meant to be used in a single node containerized - # undercloud. Multinode support will come later. - nova::vendordata::vendordata_dynamic_targets: - - str_replace: - template: - "join@http://%{hiera('novajoin_network')}:9090/v1/" - params: - novajoin_network: {get_param: [ServiceNetMap, NovajoinNetwork]} - nova::vendordata::vendordata_dynamic_failure_fatal: true - nova::vendordata::vendordata_dynamic_auth_auth_type: 'password' - nova::vendordata::vendordata_dynamic_auth_auth_url: - get_param: [EndpointMap, KeystoneInternal, uri_no_suffix] - nova::vendordata::vendordata_dynamic_auth_os_region_name: - get_param: KeystoneRegion - nova::vendordata::vendordata_dynamic_auth_username: 'nova' - nova::vendordata::vendordata_dynamic_auth_project_name: 'service' - nova::vendordata::vendordata_dynamic_auth_project_domain_name: 'Default' - nova::vendordata::vendordata_dynamic_auth_user_domain_name: 'Default' - nova::vendordata::vendordata_dynamic_auth_password: {get_param: NovaPassword} - nova::vendordata::vendordata_dynamic_connect_timeout: {get_param: NovajoinVendordataTimeout} - nova::vendordata::vendordata_dynamic_read_timeout: {get_param: NovajoinVendordataTimeout} - # novajoin requires that the notification driver be set which could - # be disabled if telemetry is off. - nova::notification_driver: messagingv2 - nova::notification_topics: ['notifications', 'novajoin_notifications'] - nova::notify_on_state_change: 'vm_state' - nova_api: *nova_vendordata - nova_compute: *nova_vendordata - nova_ironic: *nova_vendordata - # BEGIN DOCKER SETTINGS - puppet_config: - config_volume: novajoin - puppet_tags: novajoin_config - step_config: include tripleo::profile::base::novajoin - config_image: {get_attr: [RoleParametersValue, value, ContainerNovajoinConfigImage]} - kolla_config: - /var/lib/kolla/config_files/novajoin_server.json: - command: novajoin-server --config-file /etc/novajoin/join.conf - config_files: - - source: "/var/lib/kolla/config_files/src/etc/novajoin/join.conf" - dest: "/etc/novajoin/" - merge: false - preserve_properties: true - /var/lib/kolla/config_files/novajoin_notifier.json: - command: novajoin-notify --config-file /etc/novajoin/join.conf - config_files: - - source: "/var/lib/kolla/config_files/src/etc/novajoin/join.conf" - dest: "/etc/novajoin/" - merge: false - preserve_properties: true - docker_config: - step_4: - novajoin_server: - start_order: 0 - image: {get_attr: [RoleParametersValue, value, ContainerNovajoinServerImage]} - net: host - privileged: false - restart: always - volumes: - list_concat: - - {get_attr: [ContainersCommon, volumes]} - - - - /var/lib/kolla/config_files/novajoin_server.json:/var/lib/kolla/config_files/config.json:ro - - /var/lib/config-data/puppet-generated/novajoin:/var/lib/kolla/config_files/src:ro - - /etc/ipa:/etc/ipa:ro - - /etc/novajoin/krb5.keytab:/etc/novajoin/krb5.keytab:ro - - /var/log/containers/novajoin:/var/log/novajoin - environment: - KOLLA_CONFIG_STRATEGY: COPY_ALWAYS - KRB5_CONFIG: /etc/novajoin/krb5.conf - novajoin_notifier: - start_order: 1 - image: {get_attr: [RoleParametersValue, value, ContainerNovajoinNotifierImage]} - net: host - privileged: false - restart: always - volumes: - list_concat: - - {get_attr: [ContainersCommon, volumes]} - - - - /var/lib/kolla/config_files/novajoin_notifier.json:/var/lib/kolla/config_files/config.json:ro - - /var/lib/config-data/puppet-generated/novajoin:/var/lib/kolla/config_files/src:ro - - /etc/ipa:/etc/ipa:ro - - /etc/novajoin/krb5.keytab:/etc/novajoin/krb5.keytab:ro - - /var/log/containers/novajoin:/var/log/novajoin - environment: - KOLLA_CONFIG_STRATEGY: COPY_ALWAYS - KRB5_CONFIG: /etc/novajoin/krb5.conf - host_prep_tasks: - # https://bugs.launchpad.net/tripleo/+bug/1821139 - # This is here only for split stack environments to make sure - # openssl-perl is installed which provides /etc/pki/CA on RHEL8 - - name: Ensure openssl-perl package is present on RHEL8 - when: - - ansible_facts['os_family'] == 'RedHat' - - ansible_facts['distribution_major_version'] is version('8', '==') - package: - name: openssl-perl - state: present - - name: Ensure FreeIPA Client package is present - package: - name: ipa-client - state: present - - name: Set FreeIPA OTP fact - set_fact: - ipa_otp: {get_param: NovajoinIpaOtp} - no_log: "{{ hide_sensitive_logs | bool }}" - - name: create persistent directories - file: - path: "{{ item.path }}" - state: directory - setype: "{{ item.setype }}" - mode: "{{ item.mode }}" - with_items: - - { 'path': /var/log/containers/novajoin, 'setype': container_file_t, 'mode': '0750' } - - name: Enroll to FreeIPA - command: ipa-client-install -U --password={{ ipa_otp }} - args: - creates: /etc/ipa/default.conf - when: ipa_otp != '' - - name: Request kerberos keytab - shell: "/usr/bin/kinit -kt /etc/krb5.keytab && ipa-getkeytab -s $(grep xmlrpc_uri /etc/ipa/default.conf | cut -d/ -f3) -p nova/{{ ansible_facts['nodename'] }} -k /etc/novajoin/krb5.keytab" - args: - creates: /etc/novajoin/krb5.keytab diff --git a/environments/services/novajoin.yaml b/environments/services/novajoin.yaml deleted file mode 100644 index d0cc5418fd..0000000000 --- a/environments/services/novajoin.yaml +++ /dev/null @@ -1,6 +0,0 @@ -# A Heat environment file which can be used to enable -# Novajoin to provide registration for TLS-E. -# As of Victoria, this service has been deprecated. -resource_registry: - OS::TripleO::Services::Novajoin: ../../deployment/deprecated/novajoin/novajoin-container-puppet.yaml - OS::TripleO::Services::UndercloudRemoveNovajoin: OS::Heat::None diff --git a/environments/ssl/tls-endpoints-public-dns.yaml b/environments/ssl/tls-endpoints-public-dns.yaml index a88c8644bb..4ac2b3d029 100644 --- a/environments/ssl/tls-endpoints-public-dns.yaml +++ b/environments/ssl/tls-endpoints-public-dns.yaml @@ -32,7 +32,6 @@ parameter_defaults: MetricsQdrPublic: {protocol: 'amqp', port: '5666', host: 'CLOUDNAME'} NeutronPublic: {protocol: 'https', port: '13696', host: 'CLOUDNAME'} NovaPublic: {protocol: 'https', port: '13774', host: 'CLOUDNAME'} - NovajoinPublic: {protocol: 'https', port: '13090', host: 'CLOUDNAME'} PlacementPublic: {protocol: 'https', port: '13778', host: 'CLOUDNAME'} NovaVNCProxyPublic: {protocol: 'https', port: '13080', host: 'CLOUDNAME'} OctaviaPublic: {protocol: 'https', port: '13876', host: 'CLOUDNAME'} diff --git a/environments/ssl/tls-endpoints-public-ip.yaml b/environments/ssl/tls-endpoints-public-ip.yaml index e342841011..4c3889f04c 100644 --- a/environments/ssl/tls-endpoints-public-ip.yaml +++ b/environments/ssl/tls-endpoints-public-ip.yaml @@ -31,7 +31,6 @@ parameter_defaults: ManilaPublic: {protocol: 'https', port: '13786', host: 'IP_ADDRESS'} NeutronPublic: {protocol: 'https', port: '13696', host: 'IP_ADDRESS'} NovaPublic: {protocol: 'https', port: '13774', host: 'IP_ADDRESS'} - NovajoinPublic: {protocol: 'https', port: '13090', host: 'IP_ADDRESS'} NovaMetadataInternal: {protocol: 'https', port: '8775', host: 'IP_ADDRESS'} PlacementPublic: {protocol: 'https', port: '13778', host: 'IP_ADDRESS'} NovaVNCProxyPublic: {protocol: 'https', port: '13080', host: 'IP_ADDRESS'} diff --git a/environments/ssl/tls-everywhere-endpoints-dns.yaml b/environments/ssl/tls-everywhere-endpoints-dns.yaml index 4db0d26533..42e67d7d11 100644 --- a/environments/ssl/tls-everywhere-endpoints-dns.yaml +++ b/environments/ssl/tls-everywhere-endpoints-dns.yaml @@ -64,9 +64,6 @@ parameter_defaults: NovaAdmin: {protocol: 'https', port: '8774', host: 'CLOUDNAME'} NovaInternal: {protocol: 'https', port: '8774', host: 'CLOUDNAME'} NovaPublic: {protocol: 'https', port: '13774', host: 'CLOUDNAME'} - NovajoinAdmin: {protocol: 'https', port: '9090', host: 'CLOUDNAME'} - NovajoinInternal: {protocol: 'https', port: '9090', host: 'CLOUDNAME'} - NovajoinPublic: {protocol: 'https', port: '13090', host: 'CLOUDNAME'} NovaMetadataInternal: {protocol: 'https', port: '8775', host: 'CLOUDNAME'} PlacementAdmin: {protocol: 'https', port: '8778', host: 'CLOUDNAME'} PlacementInternal: {protocol: 'https', port: '8778', host: 'CLOUDNAME'} diff --git a/environments/undercloud-enable-nova.yaml b/environments/undercloud-enable-nova.yaml index 8616453a1e..3c18e38647 100644 --- a/environments/undercloud-enable-nova.yaml +++ b/environments/undercloud-enable-nova.yaml @@ -22,12 +22,6 @@ parameter_defaults: NovaAutoDisabling: '0' NovaCorsAllowedOrigin: '*' NovaSyncPowerStateInterval: -1 - # Overwrite compute_server_user policy to allow any user with role admin - # to post to novajoin (required for mistral workflow) - NovajoinPolicies: - compute_service_user: - key: 'compute_service_user' - value: 'role:admin' IronicConfigureSwiftTempUrlKey: true resource_registry: diff --git a/network/endpoints/endpoint_map.yaml b/network/endpoints/endpoint_map.yaml index b30d45b609..bb945f0409 100644 --- a/network/endpoints/endpoint_map.yaml +++ b/network/endpoints/endpoint_map.yaml @@ -8755,390 +8755,6 @@ outputs: - EndpointMap - NovaVNCProxyPublic - port - NovajoinAdmin: - host: - str_replace: - template: - get_param: - - EndpointMap - - NovajoinAdmin - - host - params: - CLOUDNAME: - get_param: - - CloudEndpoints - - get_param: - - ServiceNetMap - - NovajoinNetwork - IP_ADDRESS: - get_param: - - NetIpMap - - str_replace: - params: - NETWORK: - get_param: - - ServiceNetMap - - NovajoinNetwork - template: NETWORK_uri - host_nobrackets: - str_replace: - template: - get_param: - - EndpointMap - - NovajoinAdmin - - host - params: - CLOUDNAME: - get_param: - - CloudEndpoints - - get_param: - - ServiceNetMap - - NovajoinNetwork - IP_ADDRESS: - get_param: - - NetIpMap - - get_param: - - ServiceNetMap - - NovajoinNetwork - port: - get_param: - - EndpointMap - - NovajoinAdmin - - port - protocol: - get_param: - - EndpointMap - - NovajoinAdmin - - protocol - uri: - make_url: - scheme: - get_param: - - EndpointMap - - NovajoinAdmin - - protocol - host: - str_replace: - template: - get_param: - - EndpointMap - - NovajoinAdmin - - host - params: - CLOUDNAME: - get_param: - - CloudEndpoints - - get_param: - - ServiceNetMap - - NovajoinNetwork - IP_ADDRESS: - get_param: - - NetIpMap - - str_replace: - params: - NETWORK: - get_param: - - ServiceNetMap - - NovajoinNetwork - template: NETWORK_uri - port: - get_param: - - EndpointMap - - NovajoinAdmin - - port - path: /v1 - uri_no_suffix: - make_url: - scheme: - get_param: - - EndpointMap - - NovajoinAdmin - - protocol - host: - str_replace: - template: - get_param: - - EndpointMap - - NovajoinAdmin - - host - params: - CLOUDNAME: - get_param: - - CloudEndpoints - - get_param: - - ServiceNetMap - - NovajoinNetwork - IP_ADDRESS: - get_param: - - NetIpMap - - str_replace: - params: - NETWORK: - get_param: - - ServiceNetMap - - NovajoinNetwork - template: NETWORK_uri - port: - get_param: - - EndpointMap - - NovajoinAdmin - - port - NovajoinInternal: - host: - str_replace: - template: - get_param: - - EndpointMap - - NovajoinInternal - - host - params: - CLOUDNAME: - get_param: - - CloudEndpoints - - get_param: - - ServiceNetMap - - NovajoinNetwork - IP_ADDRESS: - get_param: - - NetIpMap - - str_replace: - params: - NETWORK: - get_param: - - ServiceNetMap - - NovajoinNetwork - template: NETWORK_uri - host_nobrackets: - str_replace: - template: - get_param: - - EndpointMap - - NovajoinInternal - - host - params: - CLOUDNAME: - get_param: - - CloudEndpoints - - get_param: - - ServiceNetMap - - NovajoinNetwork - IP_ADDRESS: - get_param: - - NetIpMap - - get_param: - - ServiceNetMap - - NovajoinNetwork - port: - get_param: - - EndpointMap - - NovajoinInternal - - port - protocol: - get_param: - - EndpointMap - - NovajoinInternal - - protocol - uri: - make_url: - scheme: - get_param: - - EndpointMap - - NovajoinInternal - - protocol - host: - str_replace: - template: - get_param: - - EndpointMap - - NovajoinInternal - - host - params: - CLOUDNAME: - get_param: - - CloudEndpoints - - get_param: - - ServiceNetMap - - NovajoinNetwork - IP_ADDRESS: - get_param: - - NetIpMap - - str_replace: - params: - NETWORK: - get_param: - - ServiceNetMap - - NovajoinNetwork - template: NETWORK_uri - port: - get_param: - - EndpointMap - - NovajoinInternal - - port - path: /v1 - uri_no_suffix: - make_url: - scheme: - get_param: - - EndpointMap - - NovajoinInternal - - protocol - host: - str_replace: - template: - get_param: - - EndpointMap - - NovajoinInternal - - host - params: - CLOUDNAME: - get_param: - - CloudEndpoints - - get_param: - - ServiceNetMap - - NovajoinNetwork - IP_ADDRESS: - get_param: - - NetIpMap - - str_replace: - params: - NETWORK: - get_param: - - ServiceNetMap - - NovajoinNetwork - template: NETWORK_uri - port: - get_param: - - EndpointMap - - NovajoinInternal - - port - NovajoinPublic: - host: - str_replace: - template: - get_param: - - EndpointMap - - NovajoinPublic - - host - params: - CLOUDNAME: - get_param: - - CloudEndpoints - - get_param: - - ServiceNetMap - - PublicNetwork - IP_ADDRESS: - get_param: - - NetIpMap - - str_replace: - params: - NETWORK: - get_param: - - ServiceNetMap - - PublicNetwork - template: NETWORK_uri - host_nobrackets: - str_replace: - template: - get_param: - - EndpointMap - - NovajoinPublic - - host - params: - CLOUDNAME: - get_param: - - CloudEndpoints - - get_param: - - ServiceNetMap - - PublicNetwork - IP_ADDRESS: - get_param: - - NetIpMap - - get_param: - - ServiceNetMap - - PublicNetwork - port: - get_param: - - EndpointMap - - NovajoinPublic - - port - protocol: - get_param: - - EndpointMap - - NovajoinPublic - - protocol - uri: - make_url: - scheme: - get_param: - - EndpointMap - - NovajoinPublic - - protocol - host: - str_replace: - template: - get_param: - - EndpointMap - - NovajoinPublic - - host - params: - CLOUDNAME: - get_param: - - CloudEndpoints - - get_param: - - ServiceNetMap - - PublicNetwork - IP_ADDRESS: - get_param: - - NetIpMap - - str_replace: - params: - NETWORK: - get_param: - - ServiceNetMap - - PublicNetwork - template: NETWORK_uri - port: - get_param: - - EndpointMap - - NovajoinPublic - - port - path: /v1 - uri_no_suffix: - make_url: - scheme: - get_param: - - EndpointMap - - NovajoinPublic - - protocol - host: - str_replace: - template: - get_param: - - EndpointMap - - NovajoinPublic - - host - params: - CLOUDNAME: - get_param: - - CloudEndpoints - - get_param: - - ServiceNetMap - - PublicNetwork - IP_ADDRESS: - get_param: - - NetIpMap - - str_replace: - params: - NETWORK: - get_param: - - ServiceNetMap - - PublicNetwork - template: NETWORK_uri - port: - get_param: - - EndpointMap - - NovajoinPublic - - port OctaviaAdmin: host: str_replace: diff --git a/overcloud-resource-registry-puppet.j2.yaml b/overcloud-resource-registry-puppet.j2.yaml index 5b7af1df20..bc715b82cc 100644 --- a/overcloud-resource-registry-puppet.j2.yaml +++ b/overcloud-resource-registry-puppet.j2.yaml @@ -201,7 +201,6 @@ resource_registry: OS::TripleO::Services::PlacementApi: deployment/placement/placement-api-container-puppet.yaml OS::TripleO::Services::NovaScheduler: deployment/nova/nova-scheduler-container-puppet.yaml OS::TripleO::Services::NovaVncProxy: deployment/nova/nova-vnc-proxy-container-puppet.yaml - OS::TripleO::Services::Novajoin: OS::Heat::None OS::TripleO::Services::NovaAZConfig: OS::Heat::None OS::TripleO::Services::ContainersLogrotateCrond: deployment/logrotate/logrotate-crond-container-puppet.yaml OS::TripleO::Services::SwiftProxy: deployment/swift/swift-proxy-container-puppet.yaml @@ -390,7 +389,6 @@ parameter_defaults: PlacementNetwork: {{ _service_nets.get('internal_api', 'ctlplane') }} NovaMetadataNetwork: {{ _service_nets.get('internal_api', 'ctlplane') }} NovaLibvirtNetwork: {{ _service_nets.get('internal_api', 'ctlplane') }} - NovajoinNetwork: {{ _service_nets.get('internal_api', 'ctlplane') }} SwiftStorageNetwork: {{ _service_nets.get('storage_mgmt', 'ctlplane') }} SwiftProxyNetwork: {{ _service_nets.get('storage', 'ctlplane') }} HorizonNetwork: {{ _service_nets.get('internal_api', 'ctlplane') }} @@ -510,9 +508,6 @@ parameter_defaults: NovaAdmin: {protocol: http, port: '8774', host: IP_ADDRESS} NovaInternal: {protocol: http, port: '8774', host: IP_ADDRESS} NovaPublic: {protocol: http, port: '8774', host: IP_ADDRESS} - NovajoinAdmin: {protocol: http, port: '9090', host: IP_ADDRESS} - NovajoinInternal: {protocol: http, port: '9090', host: IP_ADDRESS} - NovajoinPublic: {protocol: http, port: '9090', host: IP_ADDRESS} NovaMetadataInternal: {protocol: http, port: '8775', host: IP_ADDRESS} PlacementAdmin: {protocol: http, port: '8778', host: IP_ADDRESS} PlacementInternal: {protocol: http, port: '8778', host: IP_ADDRESS} diff --git a/releasenotes/notes/remove-novajoin-3ccef190c99c419b.yaml b/releasenotes/notes/remove-novajoin-3ccef190c99c419b.yaml new file mode 100644 index 0000000000..753b42f4d1 --- /dev/null +++ b/releasenotes/notes/remove-novajoin-3ccef190c99c419b.yaml @@ -0,0 +1,8 @@ +--- +upgrade: + - | + Support for the novajoin service has been removed. + + - | + The ``OS::TripleO::Service::Novajoin`` resource has been removed. It should + be removed from roles data before upgrade. diff --git a/sample-env-generator/ssl.yaml b/sample-env-generator/ssl.yaml index 3df88ad574..62d0e714c3 100644 --- a/sample-env-generator/ssl.yaml +++ b/sample-env-generator/ssl.yaml @@ -144,7 +144,6 @@ environments: ManilaPublic: {protocol: 'https', port: '13786', host: 'IP_ADDRESS'} NeutronPublic: {protocol: 'https', port: '13696', host: 'IP_ADDRESS'} NovaPublic: {protocol: 'https', port: '13774', host: 'IP_ADDRESS'} - NovajoinPublic: {protocol: 'https', port: '13090', host: 'IP_ADDRESS'} NovaMetadataInternal: {protocol: 'https', port: '8775', host: 'IP_ADDRESS'} PlacementPublic: {protocol: 'https', port: '13778', host: 'IP_ADDRESS'} NovaVNCProxyPublic: {protocol: 'https', port: '13080', host: 'IP_ADDRESS'} @@ -190,7 +189,6 @@ environments: MetricsQdrPublic: {protocol: 'amqp', port: '5666', host: 'CLOUDNAME'} NeutronPublic: {protocol: 'https', port: '13696', host: 'CLOUDNAME'} NovaPublic: {protocol: 'https', port: '13774', host: 'CLOUDNAME'} - NovajoinPublic: {protocol: 'https', port: '13090', host: 'CLOUDNAME'} PlacementPublic: {protocol: 'https', port: '13778', host: 'CLOUDNAME'} NovaVNCProxyPublic: {protocol: 'https', port: '13080', host: 'CLOUDNAME'} OctaviaPublic: {protocol: 'https', port: '13876', host: 'CLOUDNAME'} @@ -267,9 +265,6 @@ environments: NovaAdmin: {protocol: 'https', port: '8774', host: 'CLOUDNAME'} NovaInternal: {protocol: 'https', port: '8774', host: 'CLOUDNAME'} NovaPublic: {protocol: 'https', port: '13774', host: 'CLOUDNAME'} - NovajoinAdmin: {protocol: 'https', port: '9090', host: 'CLOUDNAME'} - NovajoinInternal: {protocol: 'https', port: '9090', host: 'CLOUDNAME'} - NovajoinPublic: {protocol: 'https', port: '13090', host: 'CLOUDNAME'} NovaMetadataInternal: {protocol: 'https', port: '8775', host: 'CLOUDNAME'} PlacementAdmin: {protocol: 'https', port: '8778', host: 'CLOUDNAME'} PlacementInternal: {protocol: 'https', port: '8778', host: 'CLOUDNAME'}