openstack/tripleo-heat-templates
Code Issues Proposed changes

Revert "Switch public endpoints to use FQDNs by default"

Browse Source 
This reverts commit 8e104b3c54.

https://review.openstack.org/#/c/559926/ introduced requiring CloudName.
This broke the documented deployment process. I also don't see how
CloudName can be required, but CloudDomain can not.

I don't see a technical reason why we can't keep the default as
localdomain. If necessary, we can instead add a parameter
validation instead of requiring the parameter.

Closes-Bug: #1771627
Depends-On: Ia86842b0b1f42512f25390d6bdb695e0f8133c6d
Change-Id: I2c5b511df50f29c63aa613899c2bebb506360bf4
This commit is contained in:
James Slagle 2018-05-16 16:54:44 +00:00
parent 8e104b3c54
commit f254a2169d
6 changed files with 33 additions and 43 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

3
environments/predictable-placement/custom-domain.yaml
View File

@ -14,9 +14,8 @@ parameter_defaults:
CloudDomain: localdomain
# The DNS name of this cloud. E.g. ci-overcloud.tripleo.org
# Mandatory. This parameter must be set by the user.
# Type: string
CloudName: <None>
CloudName: overcloud.localdomain
# The DNS name of this cloud's provisioning network endpoint. E.g. 'ci-overcloud.ctlplane.tripleo.org'.
# Type: string

1
extraconfig/nova_metadata/krb-service-principals.j2.yaml
View File

@ -9,6 +9,7 @@ parameters:
{%- if network.name == 'External' %}
# Special case the External hostname param, which is CloudName
CloudName:
default: overcloud.localdomain
description: The DNS name of this cloud. E.g. ci-overcloud.tripleo.org
type: string
{%- elif network.name == 'InternalApi' %}

2
network/endpoints/build_endpoint_map.py
View File

@ -68,7 +68,7 @@ def endpoint_map_default(config):
(F_PROTOCOL, str(svc[ep_type].get(F_PROTOCOL,
svc.get(F_PROTOCOL, 'http')))),
(F_PORT, str(svc[ep_type].get(F_PORT, svc[F_PORT]))),
(F_HOST, SUBST_IP_ADDRESS if ep_type != 'Public' else SUBST_CLOUDNAME),
(F_HOST, SUBST_IP_ADDRESS),
])
return ep_name + ep_type, values

58
network/endpoints/endpoint_map.yaml
View File

@ -21,101 +21,101 @@ parameters:
default:
AodhAdmin: {protocol: http, port: '8042', host: IP_ADDRESS}
AodhInternal: {protocol: http, port: '8042', host: IP_ADDRESS}
AodhPublic: {protocol: http, port: '8042', host: CLOUDNAME}
AodhPublic: {protocol: http, port: '8042', host: IP_ADDRESS}
BarbicanAdmin: {protocol: http, port: '9311', host: IP_ADDRESS}
BarbicanInternal: {protocol: http, port: '9311', host: IP_ADDRESS}
BarbicanPublic: {protocol: http, port: '9311', host: CLOUDNAME}
BarbicanPublic: {protocol: http, port: '9311', host: IP_ADDRESS}
CeilometerAdmin: {protocol: http, port: '8777', host: IP_ADDRESS}
CeilometerInternal: {protocol: http, port: '8777', host: IP_ADDRESS}
CeilometerPublic: {protocol: http, port: '8777', host: CLOUDNAME}
CeilometerPublic: {protocol: http, port: '8777', host: IP_ADDRESS}
CephRgwAdmin: {protocol: http, port: '8080', host: IP_ADDRESS}
CephRgwInternal: {protocol: http, port: '8080', host: IP_ADDRESS}
CephRgwPublic: {protocol: http, port: '8080', host: CLOUDNAME}
CephRgwPublic: {protocol: http, port: '8080', host: IP_ADDRESS}
CinderAdmin: {protocol: http, port: '8776', host: IP_ADDRESS}
CinderInternal: {protocol: http, port: '8776', host: IP_ADDRESS}
CinderPublic: {protocol: http, port: '8776', host: CLOUDNAME}
CinderPublic: {protocol: http, port: '8776', host: IP_ADDRESS}
CongressAdmin: {protocol: http, port: '1789', host: IP_ADDRESS}
CongressInternal: {protocol: http, port: '1789', host: IP_ADDRESS}
CongressPublic: {protocol: http, port: '1789', host: CLOUDNAME}
CongressPublic: {protocol: http, port: '1789', host: IP_ADDRESS}
DesignateAdmin: {protocol: http, port: '9001', host: IP_ADDRESS}
DesignateInternal: {protocol: http, port: '9001', host: IP_ADDRESS}
DesignatePublic: {protocol: http, port: '9001', host: CLOUDNAME}
DesignatePublic: {protocol: http, port: '9001', host: IP_ADDRESS}
DockerRegistryInternal: {protocol: http, port: '8787', host: IP_ADDRESS}
Ec2ApiAdmin: {protocol: http, port: '8788', host: IP_ADDRESS}
Ec2ApiInternal: {protocol: http, port: '8788', host: IP_ADDRESS}
Ec2ApiPublic: {protocol: http, port: '8788', host: CLOUDNAME}
Ec2ApiPublic: {protocol: http, port: '8788', host: IP_ADDRESS}
GaneshaInternal: {protocol: nfs, port: '2049', host: IP_ADDRESS}
GlanceAdmin: {protocol: http, port: '9292', host: IP_ADDRESS}
GlanceInternal: {protocol: http, port: '9292', host: IP_ADDRESS}
GlancePublic: {protocol: http, port: '9292', host: CLOUDNAME}
GlancePublic: {protocol: http, port: '9292', host: IP_ADDRESS}
GnocchiAdmin: {protocol: http, port: '8041', host: IP_ADDRESS}
GnocchiInternal: {protocol: http, port: '8041', host: IP_ADDRESS}
GnocchiPublic: {protocol: http, port: '8041', host: CLOUDNAME}
GnocchiPublic: {protocol: http, port: '8041', host: IP_ADDRESS}
HeatAdmin: {protocol: http, port: '8004', host: IP_ADDRESS}
HeatInternal: {protocol: http, port: '8004', host: IP_ADDRESS}
HeatPublic: {protocol: http, port: '8004', host: CLOUDNAME}
HeatPublic: {protocol: http, port: '8004', host: IP_ADDRESS}
HeatUIConfig: {protocol: http, port: '3000', host: IP_ADDRESS}
HeatCfnAdmin: {protocol: http, port: '8000', host: IP_ADDRESS}
HeatCfnInternal: {protocol: http, port: '8000', host: IP_ADDRESS}
HeatCfnPublic: {protocol: http, port: '8000', host: CLOUDNAME}
HorizonPublic: {protocol: http, port: '80', host: CLOUDNAME}
HeatCfnPublic: {protocol: http, port: '8000', host: IP_ADDRESS}
HorizonPublic: {protocol: http, port: '80', host: IP_ADDRESS}
IronicAdmin: {protocol: http, port: '6385', host: IP_ADDRESS}
IronicInternal: {protocol: http, port: '6385', host: IP_ADDRESS}
IronicPublic: {protocol: http, port: '6385', host: CLOUDNAME}
IronicPublic: {protocol: http, port: '6385', host: IP_ADDRESS}
IronicUIConfig: {protocol: http, port: '3000', host: IP_ADDRESS}
IronicInspectorAdmin: {protocol: http, port: '5050', host: IP_ADDRESS}
IronicInspectorInternal: {protocol: http, port: '5050', host: IP_ADDRESS}
IronicInspectorPublic: {protocol: http, port: '5050', host: CLOUDNAME}
IronicInspectorPublic: {protocol: http, port: '5050', host: IP_ADDRESS}
IronicInspectorUIConfig: {protocol: http, port: '3000', host: IP_ADDRESS}
KeystoneAdmin: {protocol: http, port: '35357', host: IP_ADDRESS}
KeystoneInternal: {protocol: http, port: '5000', host: IP_ADDRESS}
KeystonePublic: {protocol: http, port: '5000', host: CLOUDNAME}
KeystonePublic: {protocol: http, port: '5000', host: IP_ADDRESS}
KeystoneUIConfig: {protocol: http, port: '3000', host: IP_ADDRESS}
ManilaAdmin: {protocol: http, port: '8786', host: IP_ADDRESS}
ManilaInternal: {protocol: http, port: '8786', host: IP_ADDRESS}
ManilaPublic: {protocol: http, port: '8786', host: CLOUDNAME}
ManilaPublic: {protocol: http, port: '8786', host: IP_ADDRESS}
MistralAdmin: {protocol: http, port: '8989', host: IP_ADDRESS}
MistralInternal: {protocol: http, port: '8989', host: IP_ADDRESS}
MistralPublic: {protocol: http, port: '8989', host: CLOUDNAME}
MistralPublic: {protocol: http, port: '8989', host: IP_ADDRESS}
MistralUIConfig: {protocol: http, port: '3000', host: IP_ADDRESS}
MysqlInternal: {protocol: mysql+pymysql, port: '3306', host: IP_ADDRESS}
NeutronAdmin: {protocol: http, port: '9696', host: IP_ADDRESS}
NeutronInternal: {protocol: http, port: '9696', host: IP_ADDRESS}
NeutronPublic: {protocol: http, port: '9696', host: CLOUDNAME}
NeutronPublic: {protocol: http, port: '9696', host: IP_ADDRESS}
NovaAdmin: {protocol: http, port: '8774', host: IP_ADDRESS}
NovaInternal: {protocol: http, port: '8774', host: IP_ADDRESS}
NovaPublic: {protocol: http, port: '8774', host: CLOUDNAME}
NovaPublic: {protocol: http, port: '8774', host: IP_ADDRESS}
NovaUIConfig: {protocol: http, port: '3000', host: IP_ADDRESS}
NovaPlacementAdmin: {protocol: http, port: '8778', host: IP_ADDRESS}
NovaPlacementInternal: {protocol: http, port: '8778', host: IP_ADDRESS}
NovaPlacementPublic: {protocol: http, port: '8778', host: CLOUDNAME}
NovaPlacementPublic: {protocol: http, port: '8778', host: IP_ADDRESS}
NovaVNCProxyAdmin: {protocol: http, port: '6080', host: IP_ADDRESS}
NovaVNCProxyInternal: {protocol: http, port: '6080', host: IP_ADDRESS}
NovaVNCProxyPublic: {protocol: http, port: '6080', host: CLOUDNAME}
NovaVNCProxyPublic: {protocol: http, port: '6080', host: IP_ADDRESS}
OctaviaAdmin: {protocol: http, port: '9876', host: IP_ADDRESS}
OctaviaInternal: {protocol: http, port: '9876', host: IP_ADDRESS}
OctaviaPublic: {protocol: http, port: '9876', host: CLOUDNAME}
OctaviaPublic: {protocol: http, port: '9876', host: IP_ADDRESS}
OpenDaylightAdmin: {protocol: http, port: '8081', host: IP_ADDRESS}
OpenDaylightInternal: {protocol: http, port: '8081', host: IP_ADDRESS}
PankoAdmin: {protocol: http, port: '8977', host: IP_ADDRESS}
PankoInternal: {protocol: http, port: '8977', host: IP_ADDRESS}
PankoPublic: {protocol: http, port: '8977', host: CLOUDNAME}
PankoPublic: {protocol: http, port: '8977', host: IP_ADDRESS}
SaharaAdmin: {protocol: http, port: '8386', host: IP_ADDRESS}
SaharaInternal: {protocol: http, port: '8386', host: IP_ADDRESS}
SaharaPublic: {protocol: http, port: '8386', host: CLOUDNAME}
SaharaPublic: {protocol: http, port: '8386', host: IP_ADDRESS}
SwiftAdmin: {protocol: http, port: '8080', host: IP_ADDRESS}
SwiftInternal: {protocol: http, port: '8080', host: IP_ADDRESS}
SwiftPublic: {protocol: http, port: '8080', host: CLOUDNAME}
SwiftPublic: {protocol: http, port: '8080', host: IP_ADDRESS}
SwiftUIConfig: {protocol: http, port: '3000', host: IP_ADDRESS}
TackerAdmin: {protocol: http, port: '9890', host: IP_ADDRESS}
TackerInternal: {protocol: http, port: '9890', host: IP_ADDRESS}
TackerPublic: {protocol: http, port: '9890', host: CLOUDNAME}
TackerPublic: {protocol: http, port: '9890', host: IP_ADDRESS}
ZaqarAdmin: {protocol: http, port: '8888', host: IP_ADDRESS}
ZaqarInternal: {protocol: http, port: '8888', host: IP_ADDRESS}
ZaqarPublic: {protocol: http, port: '8888', host: CLOUDNAME}
ZaqarPublic: {protocol: http, port: '8888', host: IP_ADDRESS}
ZaqarWebSocketAdmin: {protocol: ws, port: '9000', host: IP_ADDRESS}
ZaqarWebSocketInternal: {protocol: ws, port: '9000', host: IP_ADDRESS}
ZaqarWebSocketPublic: {protocol: ws, port: '9000', host: CLOUDNAME}
ZaqarWebSocketPublic: {protocol: ws, port: '9000', host: IP_ADDRESS}
ZaqarWebSocketUIConfig: {protocol: ws, port: '3000', host: IP_ADDRESS}
description: Mapping of service endpoint -> protocol. Typically set
via parameter_defaults in the resource registry.

1
overcloud.j2.yaml
View File

@ -25,6 +25,7 @@ parameters:
{%- if network.name == 'External' %}
# Special case the External hostname param, which is CloudName
CloudName:
default: overcloud.localdomain
description: The DNS name of this cloud. E.g. ci-overcloud.tripleo.org
type: string
{%- elif network.name == 'InternalApi' %}

11
releasenotes/notes/Overcloud-endpoints-FQDN-78797a6c34e31bd5.yaml
View File

@ -1,11 +0,0 @@
---
features:
- |
CloudName is now a required parameter. Given that FQDNs are now the
default instead of IP addresses, to avoid people using the localdomain
(which used to be the default for domain for CloudName), we now remove
the default, and require folks to set their own.
- |
The overcloud endpoints now point to FQDNs instead of IP addresses.
This was done as part of the public TLS by default work, and is needed
since the certificates have FQDNs for SubjectAltNames.