This change removes the old workaround added by . This workaround is
no longer required since we replaced undercloud heat by ephemeral heat.
Now the overcloud stack is ephemeral and neutron ports should be
pre-allocated instead of being created/managed by heat.
This change removes the following parameters, which were used by
This also removes the NodeUserData resource because it depends on
cloud-init and nova metadata and is no longer used since Nova was
removed from baremetal node provisioning.
Finally, this change makes deployed server method used by default, and
removes remaining implementation to keep the resource compatible with
deployed-neutron-port.yaml template, and DeployedServerPortMap parameter
are deprecated in favor of NodePortMap, ControlPlaneVipData, and
VipPortMap, which can be used with the generated
Signed-off-by: James Slagle <firstname.lastname@example.org>
When specific roles are deployed, for example CephStorage,
then the parameters for UpgradeLeappDevelSkip are different
to all other roles.
This change makes UpgradeLeappDevelSkip a per-role parameter.
Included in this is the appropriate tagging for the other
parameters which had the same work done in:
Release notes are included for all of the above too.
Set up tag hints on all OS::Neutron::Port resources.
The network-data-v2 work uses tags on neutron resources
to find existing resources so that we update instead
of create. Also for generating environment files info
in the neutron tag field is utilized.
Partial-Implements: blueprint network-data-v2-ports
This removes the unused environments used for split-stack.
Split-stack is mostly irrelevant after we moved to use a
separate metalsmith based workflow since victoria. There
is also a related tripleo-docs patch to update the docs.
With I57047682cfa82ba6ca4affff54fab5216e9ba51c Heat has added
a new template version for wallaby. This would allow us to use
2-argument variant of the ``if`` function that would allow for
e.g. conditional definition of resource properties and help
cleanup templates. If only two arguments are passed to ``if``
function, the entire enclosing item is removed when the condition
This changes the parameter to non-role specific and by default
true. The dependant python-tripleoclient patch adds a check
to ensure that we only allow usage of old heat nic congigs with
By default, the overcloud plan name is "overcloud" but it can be renamed
if the stack is named directly. Allowing the operator to override it so
they can run that script on a deployment where the stack is named
differently than the default.
If enable-ssh-admin.sh workflow fails, the script was looping forever,
because it only checks if the workflow is SUCCESSFUL.
Now, we have a timeout of 500 seconds and when it reaches it, it'll stop
and print a debug message.
Note: we're using ENABLE_SSH_ADMIN_TIMEOUT variable which can be
overriden when calling the script; the default value was taken from
Neutron's dns_assignments field includes a nice pice of
structured data. This is a prerequirement for Designate
usage. (No plan's to use that, but being a bit ready
Enable for the undercloud:
- dns_domain_ports ml2 extension driver
These files were previously deprecated in
198cfb6f8d and can now be removed.
This patch removes the roles file that was previously used with
deployed-server at deployed-server/deployed-server-roles-data.yaml. It
was deprecated in train and is now removed in ussuri.
This roles file is now the same content as roles_data.yaml as no special
roles are needed for deployed-server. The file is now deprecated.
Note that the intent is to backport this patch to stable/train.
This change (with its dependent reviews) creates a separate VIP for the OVN DBS
service. A more detailed explanation can be found in https://bugs.launchpad.net/tripleo/+bug/1841811.
The short explanation is that the OVN DBS HA service puts some additional constraints on the VIP it
uses and that is problematic when that VIP is used by other services (e.g. a change in OVN DBS master
will move the VIP and will also reset all mysql connections. It also prevents us splitting OVN DBS from
where haproxy runs).
Tested as follows:
A) Deployed a mster environment with this review and all its dependencies and correctly obtained
an OVN DBS service with its own Vip and the OVN services
(controller/metadata) pointing to this separate Vip
B) Deployed a master environment as is and then applied this review +
dependencies and observed that a redeploy correctly created a new VIP,
reconfigured the services to point to the new VIP and that the old
obsolete constraints created around the per-network VIP were removed
The Tacker service has been incomplete since Queens. They restructured
the services and TripleO has never implemented code to handle this new
structure. Since it's been disabled since Queens and there is currently
no plans to fix it, let's remove the service code.
Now that disable_constraints doesn't exist, these roles data files
should be identical. A followup should delete
deployed-server-roles-data.yaml when the documentation is updated to
not refer to it.
These endpoints won't exist on the undercloud in the U cycle, and this
sort of check overlaps with tripleo-validations anyway. This change
also removes the disable_constraints roles data attribute as there is
no longer anything to disable.
Possibly this means deployed-server/deployed-server-roles-data.yaml is
no longer required because it only exists to set
disable_constraints:true (although it lags roles_data.yaml by quite a
It looks like tripleo-validations has checks for flavor and image
already, but not keypair. It is unlikely users stray from the
'default' keypair so it is probably fine to not have a validation of
this for the Train release.
This review introduces the CephDashboard service
to allow operators to deploy the new ceph dashboard
along with the other ceph components.
According to the spec we can add the environment
file to reference the template that contains all the
parameters needed to deploy the ceph-dashboard via
ceph-ansible related roles.
Implements: blueprint ceph-dashboard
Since https://review.opendev.org/656581 is merged (and the revert,
reverting the revert ...) there is no metadata service running.
This change removes all things related to setting up routes
to the metadata service, i.e the EC2MetadataIp. As well as NAT
firewall redirect rule used only on the undercloud but disabled
This is part 1 of a series of patches to properly deploy multipathd.
This patch makes Multipathd an optional TripleO service (defaults to
OS::Heat::None), and binds it to every role that might use the service.
This is essentially any role that accesses cinder volumes. Previously,
the service was not optional, but was not bound to any roles and so it
was never deployed.
Removes the deployed-server bootstrap resource from the deployed-server
template as the equivalent functionality enabled by the scripts has been
moved to the tripleo-bootstrap ansible role provided by tripleo-common.
The environments and templates for the bootstrap resource are deprecated
in train and will be removed in a future release.
implements: blueprint reduce-deployment-resources
The project has been retired and there will be no Train release .
This patch removes Neutron LBaaS support in tripleo-heat-templates.
This deployment was for getting the hostname of pre-provisioned nodes.
This is no longer required with config-download since a HostnameMap is
required to be used with config-download.
This deployment is no longer needed as it was only setting metadata that
was used by os-collect-config. Now that config-download is used,
os-collect-config is no longer used, we can get rid of this deployment.
As of Rocky , the nova-consoleauth service has been deprecated and
cell databases are used for storing token authorizations. All new consoles
will be supported by the database backend and existing consoles will be
reset. Console proxies must be run per cell because the new console token
authorizations are stored in cell databases.
nova-consoleauth was deprecated in tripleo with:
This change now removes the NovaConsoleauth Service.
The Ntp service should no longer defined on the roles as we should be
using the meta Timesync service to ensure the correct service is defined
for the sync service.