flatten sshd service configuration

This change realigns the sshd baremetal puppet service yaml config files into a common hierachy as with the rest of this blueprint. This change also removes container functionality, since this was a temporary measure to proxy live-migration connections from non-containerized to containerized compute nodes during upgrade. Change-Id: I87e112a0f1973fa3b0e959777e00071c2bbf7c9c Related-Blueprint: services-yaml-flattening
2018-12-18 12:52:42 -05:00 · 2018-12-18 12:52:42 -05:00 · 67e74a676c
parent 15d34de247
commit 67e74a676c
6 changed files with 3 additions and 79 deletions
--- a/deployment/sshd/sshd-baremetal-puppet.yaml
+++ b/deployment/sshd/sshd-baremetal-puppet.yaml
--- a/docker/services/nova-migration-target.yaml
+++ b/docker/services/nova-migration-target.yaml
@ -71,7 +71,7 @@ resources:
    type: ./containers-common.yaml

  SshdBase:
-    type: ../../puppet/services/sshd.yaml
+    type: ../../deployment/sshd/sshd-baremetal-puppet.yaml
    properties:
      EndpointMap: {get_param: EndpointMap}
      ServiceNetMap: {get_param: ServiceNetMap}
--- a/docker/services/sshd.yaml
+++ b/docker/services/sshd.yaml
@ -1,72 +0,0 @@
-heat_template_version: rocky
-
-description: >
-  Configure sshd_config
-
-parameters:
-  ServiceData:
-    default: {}
-    description: Dictionary packing service data
-    type: json
-  ServiceNetMap:
-    default: {}
-    description: Mapping of service_name -> network name. Typically set
-                 via parameter_defaults in the resource registry.  This
-                 mapping overrides those in ServiceNetMapDefaults.
-    type: json
-  DefaultPasswords:
-    default: {}
-    type: json
-  RoleName:
-    default: ''
-    description: Role name on which the service is applied
-    type: string
-  RoleParameters:
-    default: {}
-    description: Parameters specific to the role
-    type: json
-  EndpointMap:
-    default: {}
-    description: Mapping of service endpoint -> protocol. Typically set
-                 via parameter_defaults in the resource registry.
-    type: json
-  MigrationSshPort:
-    default: 2022
-    description: Target port for migration over ssh
-    type: number
-
-conditions:
-
-  # During Ocata->Pike upgrade initially configure the ssh service on port 22
-  # to proxy migration commands to the containerized sshd on port 2022.
-  # When the upgrade converges we can switch migrations over to port 2022.
-  enable_migration_proxy:
-    equals:
-      - {get_param: MigrationSshPort}
-      - 22
-
-resources:
-   SshdBase:
-    type: ../../puppet/services/sshd.yaml
-    properties:
-      EndpointMap: {get_param: EndpointMap}
-      ServiceNetMap: {get_param: ServiceNetMap}
-      DefaultPasswords: {get_param: DefaultPasswords}
-      RoleName: {get_param: RoleName}
-      RoleParameters: {get_param: RoleParameters}
-
-outputs:
-  role_data:
-    description: Role data for the ssh
-    value:
-      service_name: sshd
-      config_settings: {get_attr: [SshdBase, role_data, config_settings]}
-      step_config:
-        list_join:
-          - "\n"
-          - - get_attr: [SshdBase, role_data, step_config]
-            - if:
-              - enable_migration_proxy
-              - |
-                include tripleo::profile::base::nova::migration::proxy
-              - ''
--- a/environments/baremetal-services.yaml
+++ b/environments/baremetal-services.yaml
@ -51,7 +51,7 @@ resource_registry:
  OS::TripleO::Services::Qdr: OS::Heat::None
  OS::TripleO::Services::RabbitMQ: ../puppet/services/rabbitmq.yaml
  OS::TripleO::Services::Redis: ../puppet/services/database/redis.yaml
-  OS::TripleO::Services::Sshd: ../puppet/services/sshd.yaml
+  OS::TripleO::Services::Sshd: ../deployment/sshd/sshd-baremetal-puppet.yaml
  OS::TripleO::Services::SwiftDispersion: ../puppet/services/swift-dispersion.yaml
  OS::TripleO::Services::SwiftProxy: ../puppet/services/swift-proxy.yaml
  OS::TripleO::Services::SwiftRingBuilder: ../puppet/services/swift-ringbuilder.yaml
--- a/overcloud-resource-registry-puppet.j2.yaml
+++ b/overcloud-resource-registry-puppet.j2.yaml
@ -189,7 +189,7 @@ resource_registry:
  OS::TripleO::Services::Tuned: puppet/services/tuned.yaml
  OS::TripleO::Services::Securetty: OS::Heat::None
  OS::TripleO::Services::SELinux: OS::Heat::None
-  OS::TripleO::Services::Sshd: docker/services/sshd.yaml
+  OS::TripleO::Services::Sshd: deployment/sshd/sshd-baremetal-puppet.yaml
  OS::TripleO::Services::Redis: docker/services/database/redis.yaml
  OS::TripleO::Services::MongoDb: puppet/services/disabled/mongodb-disabled.yaml
  OS::TripleO::Services::NovaApi: docker/services/nova-api.yaml
--- a/tools/yaml-validate.py
+++ b/tools/yaml-validate.py
@ -229,8 +229,6 @@ PREFERRED_CAMEL_CASE = {
 # If a filename is not found in the overrides then the top level directory is
 # used to determine which validation method to use.
 VALIDATE_PUPPET_OVERRIDE = {
-  # docker/service/sshd.yaml is a variation of the puppet sshd service
-  './docker/services/sshd.yaml': True,
  # docker/services/messaging/*.yaml provide oslo_messaging services
  './docker/services/messaging/notify-rabbitmq-shared.yaml': False,
  './docker/services/messaging/notify-rabbitmq.yaml': False,
@ -249,8 +247,6 @@ VALIDATE_PUPPET_OVERRIDE = {

 }
 VALIDATE_DOCKER_OVERRIDE = {
-  # docker/service/sshd.yaml is a variation of the puppet sshd service
-  './docker/services/sshd.yaml': False,
  # docker/services/messaging/notify-rabbitmq-shared.yaml does not
  # deploy container
  './docker/services/messaging/notify-rabbitmq-shared.yaml': False,