Commit Graph

741 Commits (1caa1024e74a2f8d4e92e96c94ffca9072e45814)

Author SHA1 Message Date
ramishra c293dfc7b1 Deploy standalone ironic and neutron in undercloud
This makes the following changes:

- Create cloud.yaml for undercloud with standalone services
- Remove keystone and memcached from the undercloud

Change-Id: I741123dcbf4544845b40e253d8b42d868317cc03
2021-09-17 10:42:55 +05:30
ramishra 574cf27691 Drop mistral configuration from post deploy
Though we still have the option to enable mistral
in the undercloud, we don't use it for overcloud

Note: We can get rid of UndercloudPostPy* resources once
nova is not supported for node deployment.

Change-Id: If256b2b70f3a62648eb9563903c2adfb9b31fea9
2021-06-21 12:02:31 +05:30
ramishra 454b45c7d2 Set OS_CLOUD instead in stackrc
We now write clouds.yaml when configuring keystone and
can use OS_CLOUD instead. Setting OS_AUTH_URL overrides
when we want use OS_CLOUD pointing to overcloud.

Closes-bug: #1931172
Change-Id: Ib42fc397389d8b50c740edf334fe6f281c392ec6
2021-06-10 23:11:22 +05:30
ramishra c9991c2e31 Use 'wallaby' heat_template_version
With I57047682cfa82ba6ca4affff54fab5216e9ba51c Heat has added
a new template version for wallaby. This would allow us to use
2-argument variant of the ``if`` function that would allow for
 e.g. conditional definition of resource properties and help
cleanup templates. If only two arguments are passed to ``if``
function, the entire enclosing item is removed when the condition
is false.

Change-Id: I25f981b60c6a66b39919adc38c02a051b6c51269
2021-03-31 17:35:12 +05:30
Harald Jensås 679ecaada0 Set dns_name propery on ports and networks
Neutron's dns_assignments field includes a nice pice of
structured data. This is a prerequirement for Designate
usage. (No plan's to use that, but being a bit ready
does'nt hurt.)

  {"hostname": "my-vm",
   "ip_address": "",
   "fqdn": ""}

Enable for the undercloud:
 - dns_domain_ports ml2 extension driver

Change-Id: I46eb9a24dd66821b27524fe4d1fdab617b6fa948
2020-04-03 08:57:38 +02:00
Zuul c7d42ca119 Merge "Use /usr/libexec/platform-python in undercloud post" 2020-03-31 04:00:49 +00:00
Harald Jensås e41a3e65c6 Use /usr/libexec/platform-python in undercloud post
CentOS 8 undercloud installation is failing because
/usr/bin/env python does not exist. Update the
python scripts to use platform-python.

Closes-Bug: #1869714
Change-Id: I459410950503c42cc39a91c64e56f69aa0a34d20
2020-03-30 17:27:42 +02:00
Rabi Mishra e16b4e522b Remove most of the mistral related undercloud post config
Leaves the workbook/workflow creation part as we still have
some more workflows to migrate yet.

Change-Id: I54d21e486ef2c1fc6eed9b79e5a7f08f221935f7
2020-03-26 08:31:55 +05:30
Kevin Carter 5e3719d21e
Improve the ability to enable swap
This change will imporve the ability to enable a swap partition should
one be present. The updated script will now use the label when defined
and found, it then will look for a partition in the /etc/fstab file prior
to writing the file system entry. This resolves an issue where if this
template was executed more than once, a given partition would be written
to the /etc/fstab file repeatedly. If a given label is undefined the
script will look for swap filesystem types and use the UUID of the given
swap filesystem to enable swap functionality. This improvement will
ensure hosts that have swap partition already created, but potentially
unlabled, are able to be handled correctly. This will work with LVM,
Logical, Primary partition types.

Change-Id: I60a1f427d4f58ae559c797f37f8230d6eb694e1d
Signed-off-by: Kevin Carter <>
2020-02-20 17:41:04 -06:00
Harald Jensås 0af021bc5f Fix krb-service-principals with service_net_map_replace
The CloudNameStorageManagement property was used for almost all
networks when service_net_map_replace is defined. This should
not be hardcoded to StorageManagement, it needs to be replaced
by {{}}.

Closes-Bug: #1862679
Change-Id: I140aa8e44134130d03f6670a9314783288396dde
2020-02-10 19:43:00 +01:00
Zuul 914ca3eb28 Merge "Remove upload_validations workflow execution" 2020-01-06 19:17:53 +00:00
Emilien Macchi 25a2045e62 Deploy /etc/openstack/clouds.yaml with Ansible
Replace the python script that was run on post-config, by an Ansible
task running on the host where Keystone is running.

It'll be useful later when using OpenStackSDK to have access to the
credentials during the deployment and not having to wait the far end.

It's also reducing the Heat resources.

Change-Id: I585abc3e6a3b9b8ae9183e0b5170df2e39301e17
2019-12-19 20:09:08 +00:00
Gael Chamoulaud d31b694a2c
Remove upload_validations workflow execution
The 'tripleo.validations.v1.upload_validations' workflow has been
removed from tripleo-common, this Undercloud post installation step
could be safely removed.

Change-Id: I55495b932c682367a0b336741319aa31b0dcbcd2
Signed-off-by: Gael Chamoulaud <>
2019-12-16 13:22:38 +01:00
Harald Jensås af79ae34ad Relax filtering in krb-service-principals jinja
The filtering added to fix Bug: #1821377 filters any
network without a VIP address. This filtering is to
agressive and cause deployment failure when a management
network without a VIP is used.

Change-Id: If189eb6fc0b2dc2c78323a7c08f7e303be2b6124
Resolves: rhbz#1778719
Closes-Bug: #1854846
2019-12-05 16:22:23 +01:00
Saravanan KR 16679d0ec4 Move KernelArgs and OvS-DPDK deployment to ansible role
Ealier, KernelArgs had been configured using ansible
tasks part of THT repo. Thoese ansiblet asks has been
moved to tripleo-kernel role of tripleo-ansible. This
role will be invoked from the boot-params-service.
boot-params-service has been moved from pre network to
the deployment/kernel directory.

OvS-DPDK configuration was done using puppet-vswitch
module by invoking puppet in PreNetworkConfig's
ExtraConfig script. A new ansible role tripleo-ovs-dpdk
has been created to apply the DPDK configurations via
ansible instead of puppet. This role will be common
for both ml2-ovs and ml2-ovn. Common parameter merging
has been enhanced to provide common deploy steps.

ODL is not validated as it has been deprecated and
currently no active usage or development.

Change-Id: I4b6f7d73cf76954e93760c59d522d485187157cf
2019-10-23 10:12:42 +05:30
Zuul a829e57fd8 Merge "Undercloud ctplane router for IPv6 RA's idempotent" 2019-10-12 08:01:07 +00:00
Harald Jensås 4befee5f22 Use parameter for ipv6 address mode
Use the parameter UndercloudCtlplaneIPv6AddressMode
to control ipv6 address mode for the provisioning
network instead of hard-codeing to dhcpv6-stateless.

Change-Id: I549f930853539a7cd665a00d7ec3fd1705f819fb
Closes-Bug: #1847606
Depends-On: I7de5f5487065d20068229e0d34102be6119fbeef
2019-10-10 16:06:26 +02:00
Harald Jensås 3bbd48216a Undercloud ctplane router for IPv6 RA's idempotent
Check if the router exists before creating it. The undercloud
re-install fail's when using IPv6 provisioning network since
the router already exists.

Also, don't create the router if routed networks is enabled.
In this case the router in the infrastructure should handle
router advertisements.

Change-Id: I5bc0a88bbb7912bb10693ce393ac89365f29a940
Closes-Bug: #1844767
2019-10-10 12:24:27 +00:00
Takashi Kajinami f47dfe1059 Enforce pep8/pyflakes rule on python codes
This change makes sure that we apply pyflake8 checks on all python
codes to improve its readability.

Note that there are some rules applied for other OpenStack projects,
but not yet turned on, which should be enabled in the future.

Change-Id: Iaf0299983d3a3fe48e3beb8f47bd33c21deb4972
2019-09-05 15:40:46 +09:00
Alex Schultz b96f83dfa1 Filter nameservers for undercloud networks
We can have both ipv4 and ipv6 networks defined and could end up having
a mix of addresses passed into the undercloud configuration. Neutron
throws an error if the ip address type doesn't match the network being
created (e.g. ipv4 nameserver for ipv6 cidr and vice versa). Let's
filter the nameservers to ensure we only set the appropriate ip version
nameserver for the network.

Change-Id: I184797270dbb6c70cae11bc98128890529035690
Closes-Bug: #1841805
2019-08-28 10:26:09 -06:00
Piotr Kopec 8e00cef6ff Fix for enable VFIO module on boot for SR-IOV deployments
In this change [1] I've loaded wrong module. It needs the
Type1 IOMMU driver for VFIO to be loaded on boot.

[1]: I3ffd1c11a1851e62992a6a63e8abb130db82856f

Change-Id: Iba7fa6c4edea4755afb91a97460ec3cc8e7ee234
Closes-Bug: 1838159
2019-08-16 11:26:12 +02:00
Zuul b881a5e8e7 Merge "Move the Hiera symlink task from post configuration to deployment steps." 2019-07-31 02:27:36 +00:00
Zuul bb0f7510af Merge "Enable VFIO module on boot for SR-IOV deployments" 2019-07-30 18:44:47 +00:00
Piotr Kopec 3878bd3e47 Enable VFIO module on boot for SR-IOV deployments
On SR-IOV capable deployments when rebooting a compute node,
vfio_iommu_type1 will not be loaded which will cause guest
instances with VF/PF fail to start/spawn.

Manually loading the kernel module will allow to spawn guest
instances successfully.

Change-Id: I3ffd1c11a1851e62992a6a63e8abb130db82856f
Closes-Bug: 1838159
2019-07-30 00:21:14 +02:00
Zuul c8cc9b2830 Merge "Enable mistral_executor to perform backups" 2019-07-29 21:09:07 +00:00
Luke Short 3b813d845c Move the Hiera symlink task from post configuration to deployment steps.
This helps to consolidate the Undercloud and Standalone deployments. It
also avoids an issue where the Ansible Python interperter cannot be

Change-Id: I01a95be975011d2419a523da572503e0ebcfa49b
Resolves: rhbz#1733608
Signed-off-by: Luke Short <>
2019-07-29 16:48:03 -04:00
Martin Magr 70d41af00a Enable mistral_executor to perform backups
Moving undercloud deployment to container means that during execution
of undercloud backup mistral-executor does not have required connections
and data available and so creates empty tarball currently. This patch is
one of many, which are supposed to fix this. On THT side we need to:

- Include DB host IP address in tripleo.undercloud-config env
  - we need to have this information about undercloud IP available
    as we cannot connect to local socket anymore and using 'localhost'
    does not work.

- Mount directories which are meant to be backed up
  - currently directories backing up directories local to mistral_executor
    are useless for undercloud backup

Change-Id: Ia1fd60a13570a42f5243beb5bb0487c743e31d27
Partial-Bug: #1812960
2019-07-25 14:30:46 -04:00
Zuul f8d5fc1692 Merge "Move instanceha into scripts" 2019-07-19 14:57:55 +00:00
Zuul 2ac1b025c1 Merge "Remove extraconfig/services directory" 2019-07-19 14:57:51 +00:00
Zuul 67e3f8844c Merge "Remove unused extraconfig scripts" 2019-07-19 01:34:13 +00:00
Emilien Macchi 0b0553fdf7 Move instanceha into scripts
So we can clear out the extraconfig directory sometimes soon.

Change-Id: I8a5baeff456a569fb0e398b33dd90166d8720b41
2019-07-18 19:13:08 +00:00
Emilien Macchi e6fe9ff3d9 Remove mac_hostname & random_string
These resources aren't used anymore and are leftovers from previous Heat
resources which don't exist anymore.

Change-Id: I4b33df191c4eb3cd961bbdbaf6ef28844de6d1a9
2019-07-18 19:10:31 +00:00
Emilien Macchi 2f3554cdcb Remove extraconfig/services directory
... and move the services into the deployment directory.

The extraconfig/services directory was initially created for
experimental services using an interface that was work in progress but
is now stable enough, so the services can live among the others for

Change-Id: I2bd0b169ed18ea2fccfea4475402dd73076924c8
2019-07-18 14:44:14 -04:00
Emilien Macchi 7dbdec29a0 Remove unused extraconfig scripts
config_then_reboot.yaml and aren't used anywhere in

Change-Id: If20a1ab8f347cdb82bf7912bec220c49a02edf14
2019-07-16 14:27:34 -04:00
Zuul 0acb67c989 Merge "Reuse from tripleo-common in tht" 2019-07-15 14:13:27 +00:00
James Slagle 2f6f519149 Use Ansible for ssh known hosts config
Migrate to using the template mode of the tripleo-ssh-known-hosts role.

Detailed Changes:
  Remove ssh_known_hosts_hostnames parameter
  Remove ssh_known_hosts variable in config-download output
  Set tripleo_ssh_known_hosts_use_template var to true when including
    the tripleo-ssh-known-hosts role to activate template mode.
  Template removed as it was deprecated and is no longer used.
  Template removed as it was deprecated and is no longer used.
  Mappings for Ssh known hosts resources removed
  Resources removed: SshKnownHostsConfig, SshKnownHostsHostnames,
  Removed passing in ssh_known_hosts_hostnames parameter to
  Removed SshHostPubKey and SshKnownHostsHostnames resources
  Removed known_hosts_entry and known_hosts_hostnames stack outputs
  Add role_networks to set Ansible group vars which is a list of enabled
    networks for the role

Change-Id: I10d0de42acc0b88b7947b464e976b5d0b9067ca2
2019-07-13 11:50:01 +00:00
Chandan Kumar (raukadah) 41d9901ef2 Reuse from tripleo-common in tht script is used to generate clouds.yaml
for undercloud and standalone. It is now refactored and moved
to tripleo-common module[1] and can be reused here.


Related-Bug: #1719369

Change-Id: I50b37df1a87472a16e2d5d2c588c728d2a7a5c76
Signed-off-by: Chandan Kumar (raukadah) <>
2019-07-11 17:04:35 +00:00
Emilien Macchi b8a9fbc0e6 Remove pre_deploy/rhel-registration
The rhel-registration scripts support has been removed. It was replaced in
Rocky by the Ansible RHSM role. Upgrades have been tested and the new
configuration is well documented.

Change-Id: I596028eae8174fa86d7a721b8688c57c69d3d62c
2019-07-09 17:21:28 -04:00
Zuul c576556c58 Merge "Drop EC2MetadataIp parameter and its uses" 2019-07-09 19:15:48 +00:00
Zuul b8ae663e73 Merge "Remove the tripleo.plan_management.v1.publish_ui_logs_to_swift cron trigger" 2019-07-09 03:12:56 +00:00
Harald Jensås 7a52a6986e Drop EC2MetadataIp parameter and its uses
Since is merged (and the revert,
reverting the revert ...) there is no metadata service running.

This change removes all things related to setting up routes
to the metadata service, i.e the EC2MetadataIp. As well as NAT
firewall redirect rule used only on the undercloud but disabled
by default.

Blueprint: nova-less-deploy
Change-Id: Ic4ea74b45c566048e32dde82d2bf00498f932af6
2019-07-05 14:05:59 +02:00
Rabi Mishra 39a5545c41 Change OS::Heat::*Deployments to OS::Heat:*DeploymentGroup
Those are hidden resource types in heat. Changing these types
would not result in replacement of the resources.

Change-Id: I22d23a8f187263bd36e364f0cd3301c830f3220b
2019-07-04 20:21:06 +05:30
Dougal Matthews d665a2bb03 Remove the tripleo.plan_management.v1.publish_ui_logs_to_swift cron trigger
This was only used by tripleo-ui and is no longer needed.

Change-Id: I3c7854654cb7238ee6297c6178ee6d55402be40a
Related-bug: #1835242
2019-07-04 13:21:18 +01:00
Zuul 5ca88c254a Merge "Use per-subnet DNS nameservers for ctlplane" 2019-07-03 12:12:19 +00:00
Harald Jensås 578bcb2ffa Per-Role krb-service-principal for CompactServices
Filter krb-service-principals for the CompactServices
based on the networks associated with the role.

Filtering for the IndividualServices was added in previous
fix, which did'nt
fully fix the bug.

Closes-Bug: #1821377
Change-Id: Id54477ca5581e1f5fe8a09c3bc60a238d114dbb2
2019-07-02 12:26:19 +02:00
Harald Jensås dae0a89a80 Use per-subnet DNS nameservers for ctlplane
Use the DNS nameservers for each ctlplane subnet,
instead of using the same DNSServers for all subnets.

Related-Bug: #1834306
Depends-On: I0dc03eddf9ea00ff33cd3ae0cdc8f42a4961e89c
Change-Id: I4c102d8f728a90cf9eb90f6129738377a8d2503c
2019-06-26 11:20:21 +02:00
jacky06 8d85e61c36 Replace URLs with URLs
Change-Id: I0f522b848c586506d9556b6821d03f9c0c302cd8
2019-06-26 02:43:46 +00:00
Ade Lee 1a12568b73 Fix ipaclient script
The parameters for no_ntp_setup, ipa_domain and makehomedir
need to be set to whatever is coming in from heat.

Change-Id: Ica897528ee2ddd7d3e9f7cc7e920de8acdd61556
2019-06-18 16:38:01 -04:00
Zuul 14998e6a5d Merge "Convert Docker*Image parameters" 2019-06-18 08:01:14 +00:00
Carlos Camacho 8c6bec227f Change all step checks to |int
There are still some step checks parsing the
string value, this change moves them all to |int

Change-Id: Ib91525c1aa0413b8af76a60456e31ad9a8eb7bda
2019-06-07 16:11:08 +02:00