From 860a68a4a9e31df4c9224833b094d1ef8173c0f4 Mon Sep 17 00:00:00 2001
From: Martin Schuppert <mschuppert@redhat.com>
Date: Thu, 4 Mar 2021 08:26:58 +0100
Subject: [PATCH] Use single NovaLibvirtNetwork to configure instance console
 components

Nova vnc configuration right now uses NovaVncProxyNetwork,
NovaLibvirtNetwork and NovaApiNetwork to configure the different
components (novnc proxy, nova-compute and libvirt) for vnc.
If one of the networks get changed from internal_api, the service
configuration between libvirt, nova-compute and novnc proxy gets
inconsistent and the console is broken.
This changed to just use NovaLibvirtNetwork for configuring the vnc
endpoints and removes NovaVncProxyNetwork completely.

Conflicts:
 deployment/nova/nova-vnc-proxy-container-puppet.yaml

Added missing change from https://review.opendev.org/c/openstack/tripleo-heat-templates/+/786082

Depends-On: https://review.opendev.org/c/openstack/puppet-tripleo/+/781613

Change-Id: Icef2481b65b41b524ad44eeecfbee4451006e1d2
Closes-Bug: #1917719
(cherry picked from commit dadf71fcae73825888b8ed4850de5a6ecf2fc29d)
(cherry picked from commit 05b191d3e6254fcd6ded4fd8161456f3d5d89632)
(cherry picked from commit 6c80882f9f52a442400646785def50f5bb8ec4ee)
---
 deployment/nova/nova-compute-container-puppet.yaml |  2 +-
 .../nova-migration-target-container-puppet.yaml    |  8 +-------
 .../nova/nova-vnc-proxy-container-puppet.yaml      | 14 +++++++-------
 network/service_net_map.j2.yaml                    |  1 -
 .../notes/nova_novnc_network-83a1479bf227f867.yaml | 10 ++++++++++
 5 files changed, 19 insertions(+), 16 deletions(-)
 create mode 100644 releasenotes/notes/nova_novnc_network-83a1479bf227f867.yaml

diff --git a/deployment/nova/nova-compute-container-puppet.yaml b/deployment/nova/nova-compute-container-puppet.yaml
index fc51b0e2d0..f26892db9e 100644
--- a/deployment/nova/nova-compute-container-puppet.yaml
+++ b/deployment/nova/nova-compute-container-puppet.yaml
@@ -847,7 +847,7 @@ outputs:
                 template:
                   "%{hiera('$NETWORK')}"
                 params:
-                  $NETWORK: {get_param: [ServiceNetMap, NovaVncProxyNetwork]}
+                  $NETWORK: {get_param: [ServiceNetMap, NovaLibvirtNetwork]}
             nova::compute::vncproxy_host: {get_param: [EndpointMap, NovaPublic, host_nobrackets]}
             nova::vncproxy::common::vncproxy_protocol: {get_param: [EndpointMap, NovaVNCProxyCellPublic, protocol]}
             nova::vncproxy::common::vncproxy_host: {get_param: [EndpointMap, NovaVNCProxyCellPublic, host_nobrackets]}
diff --git a/deployment/nova/nova-migration-target-container-puppet.yaml b/deployment/nova/nova-migration-target-container-puppet.yaml
index e296da7a82..de2b608955 100644
--- a/deployment/nova/nova-migration-target-container-puppet.yaml
+++ b/deployment/nova/nova-migration-target-container-puppet.yaml
@@ -101,13 +101,7 @@ outputs:
                 template:
                   "%{hiera('$NETWORK')}"
                 params:
-                  $NETWORK:
-                    get_param:
-                      - ServiceNetMap
-                      - str_replace:
-                          template: "ROLENAMEHostnameResolveNetwork"
-                          params:
-                            ROLENAME: {get_param: RoleName}
+                  $NETWORK: {get_param: [ServiceNetMap, NovaLibvirtNetwork]}
             cold_migration_ssh_inbound_addr:
               str_replace:
                 template:
diff --git a/deployment/nova/nova-vnc-proxy-container-puppet.yaml b/deployment/nova/nova-vnc-proxy-container-puppet.yaml
index 4068bf991b..41d061adba 100644
--- a/deployment/nova/nova-vnc-proxy-container-puppet.yaml
+++ b/deployment/nova/nova-vnc-proxy-container-puppet.yaml
@@ -175,7 +175,7 @@ outputs:
                 template:
                   "%{hiera('$NETWORK')}"
                 params:
-                  $NETWORK: {get_param: [ServiceNetMap, NovaApiNetwork]}
+                  $NETWORK: {get_param: [ServiceNetMap, NovaLibvirtNetwork]}
             tripleo::nova_vnc_proxy::firewall_rules:
               '137 nova_vnc_proxy':
                 dport:
@@ -214,12 +214,12 @@ outputs:
                       str_replace:
                         template: "%{hiera('fqdn_NETWORK')}"
                         params:
-                          NETWORK: {get_param: [ServiceNetMap, NovaVncProxyNetwork]}
+                          NETWORK: {get_param: [ServiceNetMap, NovaLibvirtNetwork]}
                     principal:
                       str_replace:
                         template: "libvirt-vnc/%{hiera('fqdn_NETWORK')}"
                         params:
-                          NETWORK: {get_param: [ServiceNetMap, NovaVncProxyNetwork]}
+                          NETWORK: {get_param: [ServiceNetMap, NovaLibvirtNetwork]}
                     key_size:
                       if:
                         - key_size_libvirtvnc_override_unset
@@ -232,12 +232,12 @@ outputs:
                     str_replace:
                       template: "%{hiera('fqdn_NETWORK')}"
                       params:
-                        NETWORK: {get_param: [ServiceNetMap, NovaApiNetwork]}
+                        NETWORK: {get_param: [ServiceNetMap, NovaLibvirtNetwork]}
                   principal:
                     str_replace:
                       template: "novnc-proxy/%{hiera('fqdn_NETWORK')}"
                       params:
-                        NETWORK: {get_param: [ServiceNetMap, NovaApiNetwork]}
+                        NETWORK: {get_param: [ServiceNetMap, NovaLibvirtNetwork]}
                   key_size:
                     if:
                       - key_size_novavnc_override_unset
@@ -324,10 +324,10 @@ outputs:
           - use_tls_for_vnc
           -
             - service: libvirt-vnc
-              network: {get_param: [ServiceNetMap, NovaVncProxyNetwork]}
+              network: {get_param: [ServiceNetMap, NovaLibvirtNetwork]}
               type: node
             - service: novnc-proxy
-              network: {get_param: [ServiceNetMap, NovaApiNetwork]}
+              network: {get_param: [ServiceNetMap, NovaLibvirtNetwork]}
               type: node
           - null
       deploy_steps_tasks:
diff --git a/network/service_net_map.j2.yaml b/network/service_net_map.j2.yaml
index 5782a55554..d6c08830e2 100644
--- a/network/service_net_map.j2.yaml
+++ b/network/service_net_map.j2.yaml
@@ -57,7 +57,6 @@ parameters:
       NovaApiNetwork: {{ _service_nets.get('internal_api', 'ctlplane') }}
       PlacementNetwork: {{ _service_nets.get('internal_api', 'ctlplane') }}
       NovaMetadataNetwork: {{ _service_nets.get('internal_api', 'ctlplane') }}
-      NovaVncProxyNetwork: {{ _service_nets.get('internal_api', 'ctlplane') }}
       NovaLibvirtNetwork: {{ _service_nets.get('internal_api', 'ctlplane') }}
       NovajoinNetwork: {{ _service_nets.get('internal_api', 'ctlplane') }}
       Ec2ApiNetwork: {{ _service_nets.get('internal_api', 'ctlplane') }}
diff --git a/releasenotes/notes/nova_novnc_network-83a1479bf227f867.yaml b/releasenotes/notes/nova_novnc_network-83a1479bf227f867.yaml
new file mode 100644
index 0000000000..bcbd57ecff
--- /dev/null
+++ b/releasenotes/notes/nova_novnc_network-83a1479bf227f867.yaml
@@ -0,0 +1,10 @@
+---
+fixes:
+  - |
+    Nova vnc configuration right now uses NovaVncProxyNetwork, NovaLibvirtNetwork
+    and NovaApiNetwork to configure the different components (novnc proxy,
+    nova-compute and libvirt) for vnc. If one of the networks get changed from
+    internal_api, the service configuration between libvirt, nova-compute and
+    novnc proxy gets inconsistent and the console is broken.
+    This changed to just use NovaLibvirtNetwork for configuring the vnc endpoints
+    and removes NovaVncProxyNetwork completely.