openstack/tripleo-heat-templates
Code Issues Proposed changes

Fix OS_CLOUD for multistack and nova az tasks

Browse Source 
The entry in clouds.yaml will correspond to the stack that deploys
keystone. Therefore in a multistack deployment RootStackName will not be
give the correct entry. Add a parameter to override this.

Also clouds.yaml is owned by root and mode 0600 so we much use
become: true.

Update nova az tasks to use clouds.yaml.

Change-Id: I7e97108d8165c16946b3b11f3084bfd51e3128dc
This commit is contained in:
Oliver Walsh 2022-02-02 16:06:59 +00:00
parent c4aa1e3464
commit ceed5ac9e7
5 changed files with 68 additions and 15 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

20
deployment/cinder/cinder-api-container-puppet.yaml
View File

@ -102,6 +102,14 @@ parameters:
description: |
Use the advanced (eventlet safe) memcached client pool.
default: true
AuthCloudName:
description: Entry in clouds.yaml to use for authentication
type: string
default: ""
conditions:
auth_cloud_name_set:
not: {equals: [{get_param: AuthCloudName}, ""]}
resources:
ContainersCommon:
@ -409,7 +417,11 @@ outputs:
- name: Clean up legacy Cinder keystone catalog entries
become: true
openstack.cloud.catalog_service:
cloud: {get_param: RootStackName}
cloud:
if:
- auth_cloud_name_set
- {get_param: AuthCloudName}
- {get_param: RootStackName}
name: "{{ item.service_name }}"
service_type: "{{ item.service_type }}"
state: absent
@ -428,7 +440,11 @@ outputs:
vars:
default_volume_type: {get_param: CinderDefaultVolumeType}
environment:
OS_CLOUD: {get_param: RootStackName}
OS_CLOUD:
if:
- auth_cloud_name_set
- {get_param: AuthCloudName}
- {get_param: RootStackName}
when:
- step|int == 5
- not ansible_check_mode|bool

23
deployment/nova/nova-az-config.yaml
View File

@ -40,10 +40,17 @@ parameters:
RootStackName:
description: The name of the stack/plan.
type: string
AuthCloudName:
description: Entry in clouds.yaml to use for authentication
type: string
default: ""
conditions:
availability_zone_set:
not: {equals: [{get_param: NovaComputeAvailabilityZone}, ""]}
auth_cloud_name_set:
not: {equals: [{get_param: AuthCloudName}, ""]}
outputs:
role_data:
@ -63,10 +70,13 @@ outputs:
when: "step|int == 1"
external_post_deploy_tasks:
- name: "Nova: Manage aggregate and availability zone and add hosts to the zone"
become: true
environment:
# Force openstackclient to not try and read a clouds.yaml as none
# exists for the tripleo-admin user.
OS_CLIENT_CONFIG_FILE: /dev/null
OS_CLOUD:
if:
- auth_cloud_name_set
- {get_param: AuthCloudName}
- {get_param: RootStackName}
os_nova_host_aggregate:
name: &availability_zone
if:
@ -75,10 +85,3 @@ outputs:
- {get_param: RootStackName}
availability_zone: *availability_zone
hosts: "{{ groups['nova_compute'] | default([]) | map('extract', hostvars, 'nova_host') | select('defined') | list }}"
auth:
username: admin
password: {get_param: AdminPassword}
project_name: admin
project_domain_name: Default
user_domain_name: Default
auth_url: { get_param: [EndpointMap, KeystoneV3Public, uri] }

14
deployment/nova/nova-compute-container-puppet.yaml
View File

@ -817,6 +817,11 @@ parameters:
description: >
Disk cachemodes for RBD backend.
AuthCloudName:
description: Entry in clouds.yaml to use for authentication
type: string
default: ""
parameter_groups:
- label: deprecated
description: |
@ -828,6 +833,8 @@ parameter_groups:
- NovaVcpuPinSet
conditions:
auth_cloud_name_set:
not: {equals: [{get_param: AuthCloudName}, ""]}
compute_startup_delay:
and:
- not: {equals: [{get_param: NovaComputeStartupDelay}, 0]}
@ -1663,8 +1670,13 @@ outputs:
- step|int == 1
- container_cli == 'podman'
tags: down
become: true
environment:
OS_CLOUD: {get_param: RootStackName}
OS_CLOUD:
if:
- auth_cloud_name_set
- {get_param: AuthCloudName}
- {get_param: RootStackName}
block:
# Some tasks are running from the Undercloud which has
# the OpenStack clients installed.

13
deployment/nova/nova-vnc-proxy-container-puppet.yaml
View File

@ -106,8 +106,14 @@ parameters:
RootStackName:
description: The name of the stack/plan.
type: string
AuthCloudName:
description: Entry in clouds.yaml to use for authentication
type: string
default: ""
conditions:
auth_cloud_name_set:
not: {equals: [{get_param: AuthCloudName}, ""]}
use_tls_for_vnc:
and:
- {get_param: EnableInternalTLS}
@ -400,8 +406,13 @@ outputs:
post_upgrade_tasks:
- when:
- step|int == 3
become: true
environment:
OS_CLOUD: {get_param: RootStackName}
OS_CLOUD:
if:
- auth_cloud_name_set
- {get_param: AuthCloudName}
- {get_param: RootStackName}
block:
- name: Get nova-consoleauth service ID
command: openstack compute service list --service nova-consoleauth --column ID --column Host --format yaml

13
deployment/ovn/ovn-controller-container-puppet.yaml
View File

@ -160,8 +160,14 @@ parameters:
provider: 00:00:5E:00:54:01
tags:
- role_specific
AuthCloudName:
description: Entry in clouds.yaml to use for authentication
type: string
default: ""
conditions:
auth_cloud_name_set:
not: {equals: [{get_param: AuthCloudName}, ""]}
ovn_cpu_set:
or:
- not: {equals: [{get_param: OVNContainerCpusetCpus}, '']}
@ -462,8 +468,13 @@ outputs:
- step|int == 1
- container_cli == 'podman'
tags: down
become: true
environment:
OS_CLOUD: {get_param: RootStackName}
OS_CLOUD:
if:
- auth_cloud_name_set
- {get_param: AuthCloudName}
- {get_param: RootStackName}
block:
# Some tasks are running from the Undercloud which has
# the OpenStack clients installed.