Jinja2 rendering failed when using network-v2 format
because the network_data yaml does not include the
ip_subnet key at the network level.
Default network.ip_subnet to "" in the places were it
does not have a the default already.
These templates are not used with network-v2.
Closes-Bug: #1929835
Change-Id: Ib4d0551d99afd55fbb513f8c5050fb835dc332b4
Adds a tag tripleo_role=$ROLE to neutron ports
created by heat.
Related: blueprint network-data-v2-ports
Change-Id: I238572444e2931546d44864b2de497dd2825c2dc
Commit cea78ad4fd added DefaultRoute as a
property of the port resources, but it was missed adding it as a
parameter of deployed_port.j2.
Change-Id: I8235220cc0d1d699ac2abf993d6c49494613bdac
Signed-off-by: James Slagle <jslagle@redhat.com>
With change I20d48b3a29193dbcb70ec5cb13daf153bb0aeff2
we need to define the DefaultRoute parameter in the
noop.yaml port template.
Change-Id: I0df6116e41e5c9932ec5876dbde409f6fdd5de13
Set up tag hints on all OS::Neutron::Port resources.
The network-data-v2 work uses tags on neutron resources
to find existing resources so that we update instead
of create. Also for generating environment files info
in the neutron tag field is utilized.
Partial-Implements: blueprint network-data-v2-ports
Change-Id: I3d43ae22cc45e5528ecfb1a6b2cb8602faa162a0
With I57047682cfa82ba6ca4affff54fab5216e9ba51c Heat has added
a new template version for wallaby. This would allow us to use
2-argument variant of the ``if`` function that would allow for
e.g. conditional definition of resource properties and help
cleanup templates. If only two arguments are passed to ``if``
function, the entire enclosing item is removed when the condition
is false.
Change-Id: I25f981b60c6a66b39919adc38c02a051b6c51269
Adds a tag tripleo_default_route=$BOOL to neutron ports
created by heat indicating if the ports interface is
used for the default route.
The value is controlled by the 'default_route_networks'
in roles data.
With network-data-v2 the same tag will be used to
set up ansible vars appropriately. Having the heat driven
process add the tag can be useful for upgrade/migration
automation.
Related: blueprint network-data-v2-ports
Change-Id: I20d48b3a29193dbcb70ec5cb13daf153bb0aeff2
The tags field in neutron has a max length of
60 characters. A hostname can be longer, and in
the case it is longer adding the tag will cause
a "Invalid input exceeds maximum length of 60"
error will be raised.
Related-Bug: #1921713
Change-Id: I72fd4a9575482389900145a03a6142cccd1111ba
Add a new deployed_vip_port template which will replace
the current neutron port templates when vip ports are
managed outside of the heat stack.
Change-Id: Ia1f7e344ccebb2291f1574fdb69c05f00f4c3dc9
Partial-Implements: blueprint network-data-v2-ports
Add a new deployed_port template which will replace
the current neutron port templates when ports are
managed outside of the heat stack.
Partial-Implements: blueprint network-data-v2-ports
Change-Id: Ia71b74e80122e6a12d4f88a90ede02d39763914e
Tag was added to neutron port resources in:
https://review.opendev.org/c/openstack/tripleo-heat-templates/+/761845
Tag's previously added was pefixed with 'tripleo_'. This
change adds the 'tripleo_' prefix to the tags on neutron
port resources as well.
Partial-Implements: blueprint network-data-v2-ports
Change-Id: I0fa2230ae4f8ff4fdc6fc4b79e7bdcf3bdff342f
In perparation for trainsition from composable network
ports managed by heat, to composable network ports
managed with other tooling.
The upgrade prepare step need to set ``PortDeletionPolicy``
to 'retain', so that network ports are not deleted when
running converge.
Change-Id: I16281faefdf68fcaee4c51caa47516ea7084418b
Partial-Implements: blueprint network-data-v2-ports
Set tag's with the stack name and the hostname
on composable network node ports. The tags will
be used by network-data-v2 with port management
handled outside of heat.
Change-Id: I23c600c1754d463028259a7dc2c6e5538c512ca4
* Clean up port resoures outputs that is no longer
required since we get it of the network attributes
map instead. The removed outputs are mtu, host_routes,
gateway_ip, cidr
* Drop usage of parameter ``ControlPlaneSubnetCidr`` in
overcloud.yaml, get it from net_attributes_map instead,
* Remove old notes regarding parameters we don't need to
set in network-environment files.
* Remove DnsServers from network-environment files.
Nameservers should be defined in undercloud.conf, either
globally with undercloud_nameservers, or per-control plane
subnet using the dns_nameservers option in the subnet group.
(I don't think we can deprecate the param entirely, cause
standalone ...)
Change-Id: I31154448603ccbba692282c44511d963ca9b6d0e
A network used to allocate MAC addresses for OVN chassis.
Ports without and IP allocation will be created on this
network, the MAC addresses of the ports will by used to
configure the ovn-chassis-mac-mappings.
NOTE, we may want to change the 'base_mac' option of the
undercloud, so that we don't have collissions with the
overcloud 'base_mac'.
Related-Bug: #1881593
Change-Id: If495b5d5c1e6beff02b48507051cccfb70fd995c
Currently InterfaceDefaultRoute doesn't affect when ips_from_pool
template is used, and gateway_ip in network_data is always picked up.
This patch allows operators to override default route by the parameter
even when ips_from_pool template is used.
Note that this patch also fixes incorrect handling about subnet in
ips_from_pool template when ipv6 is enabled.
Closes-Bug: #1881768
Change-Id: I2f0f60052c1acfc971fe3d5195f9499e45068396
Neutron's dns_assignments field includes a nice pice of
structured data. This is a prerequirement for Designate
usage. (No plan's to use that, but being a bit ready
does'nt hurt.)
{"hostname": "my-vm",
"ip_address": "192.0.2.16",
"fqdn": "my-vm.example.org."}
Enable for the undercloud:
- dns_domain_ports ml2 extension driver
Change-Id: I46eb9a24dd66821b27524fe4d1fdab617b6fa948
When disabling networks in network data an IpList
entry was added in {{role.name}}IpListMap. This
caused a validation error.
Add a yaql expression to filter on role networks in
network/ports/net_ip_list_map.j2.yaml. RoleNetIpMap
should'nt have entries for networks not used by the
role that maps to the ctlplane IP.
Depends-On: https://review.opendev.org/710574
Closes-Bug: #1842001
Change-Id: I0cda298b0ed27705a8b6e0f62633af2253d8d0de
network/ports/net_vip_map_external.j2.yaml needs the
ControlPlaneSubnetCidr parameter, since the resource
in overcloud.yaml is passing the property.
Change-Id: Ide91bd5956bcbbec36d865865c32cc6430d59a49
Closes-Bug: #1864912
Migrates the net_ip_map hieradata from Heat to the tripleo-hieradata
role.
Detailed changes:
network/ports/port.j2:
cidr output added for the network subnet cidr of the port
port for a role
network/ports/noop.yaml:
cidr output for compatiblity with port template interface
puppet/role.role.j2.yaml:
{{network.name}}_cidr output added for the each networks subnet cidr
Remove the net_ip_map hieradata from the per host datafiles generated
by Heat as tripleo-hieradata template will be used instead.
overcloud.j2.yaml:
consume cidr outputs from the roles, as well as the ctlplane subnet
cidr and set them as hieradata vars that get passed into the
templating process for tripleo-hieradata
common/deploy-steps.j2:
Add a networks data structure to the global vars setting some needed
vars for tripleo-heiradata.
Use the net_ip_map template from tripleo-hieradata
Change-Id: Ib30e8347e1a50efec2b6a97482dc98c383cb7cf7
Depends-On: Iaec3654900f250eacf39c7748df166b716937358
Migrate the generation of the all_nodes hieradata from Heat to using the
tripleo-hieradata role instead.
Change-Id: I9a37d1faec73a81a28d8f89d86375fb15ee765c7
Depends-On: I6e1e1c28dc09c9e04119db910068d62409a5afc8
Replaces the expressions for the node_ips values which resulted in
hardcoded data coming out of the Heat stack with a generic Ansible
jinja expression that will read the same values from the Ansible
inventory and facts.
The data will be rendered at config-download runtime instead of
during the Heat stack operation. This allows for more generic use of
the config-download playbooks with the Ansible inventory alone.
For example, adding a new node to the Ansible inventory and adding
it to the inventory group for a service would cause that node's ip
to be automatically added to the corresponding node_ips lists in the
hieradata. No Heat stack update would be required to add the node.
Depends-On: Iae9ccdf6fad2fabdce66650ee7b064f1ac9528e4
Change-Id: I2a5a7a8ecc992ce558301abfb7a7a098b22743fe
implements: blueprint reduce-deployment-resources
Replace the dependency of network data values for wrapping
'ip_address_uri' in brackets. Instead of using jinja2
variables network.ipv6 or ipv6_override to decide if the
IP need to be wrapped in brackets or not the make_url
function in heat in combination with a str_replace is
used.
Related-Bug: #1830406
Change-Id: I2d8c405c1df30ac11cc2286398fe4749694da10e
Adds the external_resource_vip_id property, which can be used to set an
external_id for the port resource for the network VIP.
Since the same template resource, port.network.j2.yaml is used for both
VIP and normal ports on a network, we can't simply add jinja to that
template that conditionally adds the external_id attribute because we
don't know during the jinja2 phase if the template is for a VIP or not.
Instead, we need to map the VIP resources to an entirely new template
resource (external_resource_port.network.j2.yaml) so that we can set the
external_id attribute just for the VIP ports.
Change-Id: I27d3eeb11277004b00aa4d6a66014d5c71081c26
implements: blueprint split-controlplane-templates
For networks in role.default_route_networks use get_attr
to fetch the gateway_ip of the port's subnet and pass
it to the nic-config template.
Changes the default in nic-config templates to ''.
Closes-Bug: #1821046
Change-Id: Ic07a3166fafba3aa307a9e1953b3e3be2594a6f5
- uses split-control-plane
- adds a new CellController role
- nova-conductor, message rpc (not notifications) and db
- move nova dbsync from nova-api to nova-conductor
- nova db is more tightly coupled to conductor/computes
- we don't have a nova-api services on a CellController
- super-conductor on Controller will sync cell0 db
- new 'magic' MysqlCellInternal endpoint
- always refers the to local MysqlInternal endpoint
- identical to MysqlInternal for regular deployment
- but doesn't get overridden when inheriting EndpointMap from parent
control-plane stack
- duplicate service node name hiera for transport_urls on cell stack
- nova -> cell oslo messaging rpc nodes
- neutron agent -> global messaging rpc nodes
- run cell host discovery only on default cell, for additional cells
the cell needs to be created first
bp tripleo-multicell-basic
Co-Authored-By: Martin Schuppert <mschuppert@redhat.com>
Change-Id: Ife9bf12d3a6011906fa8d9f97f7524b51aef906a
Depends-On: I79c1080605611c5c7748a28d2afcc9c7275a2e5d
Ignore disabled networks when rendering templates.
Add's the ctlplane network to maps to ensure we don't
end up with no keys/values in map_replace functions.
Also some Jinja cleanup:
- Reduce the number of times we iterate over networks
where we can.
- Add's indentation to make the code easier to read.
Related-Bug: #1809313
Depends-On: I2e8135bc9389d3bf1a6ef01e273515af5c488a9a
Change-Id: Ifeb2d2d1acb43c16a5bf29e95965776494d61fef
When using neutron routed networks we need to specify
either the subnet or a ip address in the fixed-ips-request
when creating neutron ports.
a) For the Vip's:
Adds VipSubnetMap and VipSubnetMapDefaults parameters in
service_net_map.yaml. The two maps are merged, so that the
operator can override the subnet where VIP port should be
hosted. For example:
parameter_defaults:
VipSubnetMap:
ctlplane: ctlplane-leaf1
InternalApi: internal_api_leaf1
Storage: storage_leaf1
redis: internal_api_leaf1
b) For overcloud node ports:
Enrich 'networks' in roles defenition to include both
network and subnet data. Changes the list to a map
instead of a list of strings. New schema:
- name: <role_name>
networks:
<network_name>
subnet: <subnet_name>
For backward compatibility a conditional is used to check
if the data is a map or not. In either case the internal
list of role networks is created as '_role_networks' in
the jinja2 templates.
When the data is a map, and the map contains the 'subnet'
key the subnet specified in roles_data.yaml is used as
the subnet in the fixed-ips-reqest when ports are created.
If subnet is not set (or role.networks is not a map) the
default will be {{network.name_lower}}_subnet.
Also, since the fixed_ips request passed to Vip ports are no
longer [] by default, the conditinal has been updated to
test for 'ip_address' entries in the request.
Partial: blueprint tripleo-routed-networks-templates
Depends-On: I773a38fd903fe287132151a4d178326a46890969
Change-Id: I77edc82723d00bfece6752b5dd2c79137db93443
Neutron has support[1] to set the guaranteed MTU for
networks and network segments so that this is exposed
to plug-ins. In interest of supporting the use of
plug-ins to configure network devices in the future
this change adds MTU property on neutron networks.
The new (optional) property 'mtu' in the network
defenitions in 'network_data.yaml' is used to control
the MTU settings. By default the mtu is '1500'.
We already configure the MTU on the ctlplane neutron
networks, this adds the MTU to composable networks.
Also update the nic-config sample templates to include
mtu settings. A heat value resource is added to
nic-config templates to get the required minimum
viable MTU value for bridges, bonds and member
interfaces to ensure the MTU is large enough to allow
the largest configured MTU to traverse the path.
Closes-Bug: #1790537
Change-Id: I11e38f82eb9040f77412fe8ad200fcc48031e2f8
This can be used to replace the per-role bootstrap_nodeid_ip,
and the redis-base template is updated to use the new hiera
key.
The old bootstrap_nodeid_ip appears to only be used for redis,
so the old key is removed, with an upgrade release note added
should any out-of-tree services reference this value.
Partial-Bug: #1792613
Change-Id: I830d5b9bae3e9d65c2c393e3dcdf70bffdb1ac7b
Add the host_routes as output of the fake neutron ports
created by legacy predictable IPs templates.
Closes-Bug: #1792968
Change-Id: Ie330635fa551d8406a1bf082c89f7c58d82088d6
Use get_attr on the server resource to resolve attribute
value from the subnet(s) and pass it to the parameter
'ControlPlaneSubnetCidr' used in the THT/network/config/*
templates.
As the value is now resolved from resource attributes,
this changes the default for 'ControlPlaneSubnetCidr' to ''
as well as the comment that these value should be overriden
in parameters_defaults. It also removes the parameter from
network-environment templates.
A conditinal is used in puppet/role.role.j2.yaml so that
the parameter value is used whenever it is not '' (the
default) to provide backwards compatibility in case the user
set a different value (different from the one used in
undercloud.conf) for this parameter in
network-environment.yaml.
When deploying a routed control plane the network config
templates would previously need to be updated to carry
'ControlPlaneXSubnetCidr' parameter (in case the subnet
mask is not the same for all the routed network leafs).
With 8 Leafs in addition to the network local to the
undercloud that is 8 parameters less to place in the
configuration. By getting the value to pass from the
server resource this change reduces the required nic-config
template customisation (reduces the risk of user error).
Partial: blueprint tripleo-routed-networks-templates
Change-Id: I92ee0f9a2107cdf1ca5903d3756a235a79c36c73
Adds the host_routes on the neutron ports subnet to the output
of the Tripleo Ports template. This will allow use of get_attr
in the role to pass routes for a subnet to NetworkConfig.
Partial: blueprint tripleo-routed-networks-templates
Change-Id: I46896153ea59ae0a6a8dff0208de2b0d168927ae
The new master branch should point now to rocky.
So, HOT templates should specify that they might contain features
for rocky release [1]
Also, this submission updates the yaml validation to use only latest
heat_version alias. There are cases in which we will need to set
the version for specific templates i.e. mixed versions, so there
is added a variable to assign specific templates to specific heat_version
aliases, avoiding the introductions of error by bulk replacing the
the old version in new releases.
[1]: https://docs.openstack.org/heat/latest/template_guide/hot_spec.html#rocky
Change-Id: Ib17526d9cc453516d99d4659ee5fa51a5aa7fb4b
Co-Authored-By: Juan Antonio Osorio Robles <jaosorior@redhat.com>
Co-Authored-By: Dan Prince <dprince@redhat.com>
Co-Authored-By: Ian Main <imain@redhat.com>
Change-Id: Icca382db28e4ea57f3cbf24e9e794b428b824db5
The subnet property is added to puppet/role.role.j2.yaml as
`{{role}}ControlPlaneSubnet`. Roles with a different subnet specified
can be used to deploy a routed network architecture by using one
role per routed network.
When enabling the neutron segments plug-in to support routed-networks
the neutron IPAM code will defer ipallocation unless the port create
request contain enough details. (Ref: LP Bug: #1695740) By adding the
subnet to port create request this change enables tripleo deployment
on an undercloud with Neutron segments plug-in and routed networks.
This depends on a Heat change that improves network logic in server
resource to not replace the current port if new props match what is
on the current interface. Without this adding the subnet property on
update/upgrades would cause a port replacement, which in turn would
cause IPAM info in undercloud neutron to miss-match the deployed
overcloud nodes.
Depends-On: Iab75ec49b962617943017dcaf1b04b89f91a982e
Change-Id: I33804bfd105a13c25d6057e8414e09957939e8af
Implements: blueprint tripleo-routed-networks-deployment
Remove these from the j2 excludes and instead render all the networks
to avoid duplication.
Change-Id: Id8e14e06ffe959c50456b4c88fef306046a8b478
Partially-Implements: blueprint composable-networks
This change renders the network IP maps and hostname maps for
all networks defined in network_data.yaml. This should make it
possible to create custom networks that will be rendered for
all applicable roles.
Note that at this time all networks will be rendered whether
they are enabled or not. All networks will be present in all
roles, but ports will be associated with noop.yaml in roles
that do not use the network. This is in accordance with
previous behavior, although we may wish to change this in
the future to limit the size of the role definitions and
reduce the number of placeholder resources in deployments
with many networks.
Note that this patch is a replacement for original patch
https://review.openstack.org/#/c/486280, which I was having
trouble rebasing to current.
Change-Id: I445b008fc1240af57c2b76a5dbb6c751a05b7a2a
Depends-on: I662e8d0b3737c7807d18c8917bfce1e25baa3d8a
Partially-implements: blueprint composable-networks
Use the network.network.j2.yaml to render these files, instead
of relying on the hard-coded versions.
Note this doesn't currently consider the _v6 templates as we may want
to deprecate these and instead rely on an ipv6 specific network_data file,
or perhaps make the network/network.network.j2.yaml generic and able to
detect the version from the cidr?
Change-Id: I662e8d0b3737c7807d18c8917bfce1e25baa3d8a
Partially-Implements: blueprint composable-networks
This change modifies the templates to dynamically define the VIPs
based on network_data.yaml. If a network is defined and marked
with "vip: true" in network_data.yaml, it will be included in the
overcloud.yaml which defines the deployment-level resources.
This should make it possible to create custom networks and
use them for services which use high-availability through VIPs.
Also, extraconfig/nova_metadata/krb-service-pricipals.yaml
was modified to dynamically produce the FQDN map for VIPs on
isolated networks, to match overcloud.j2.yaml.
Depends-On: If074f87494a46305c990a0ea332c7b576d3c6ed8
Depends-On: Iab8aca2f1fcaba0c8f109717a4b3068f629c9aab
Partially-implements: blueprint composable-networks
Closes-bug: 1667104
Change-Id: I71339a6ac41133e95dbc3f93abb7a9fdeb0f2da0
These are mostly the low hanging fruit that only required a few
minor changes to fix. There are more that require a lot of changes
or might be more controversial that will be done later.
Change-Id: I55cebc92ef37a3bb167f5fae0debe77339395e62
Partial-Bug: 1700664
This change adds templates that are used to create network and
port definition templates for each network that is defined in
network_data.yaml. In order to render the templates, additional
fields have been added to the network_data.yaml file. If this
optional data is present, it will be used to populate the default
parameter values in the network template.
The only required parameters in the network_data.yaml file is
the network name. If the network will have IPv6 addresses, then
ipv6: true must be set on the network.
The existing networks have been modeled in the network_data.yaml,
but until these templates are removed from the j2_excludes.yaml
file they will not be generated on the fly. Any additional
networks will have templates generated.
This change also removes an unnecessary conditional from the
networks.j2.yaml file, since InternalApiNetwork doesn't need
to be reformatted as InternalNetwork (it's only used in this
one file).
A follow-up patch will remove the existing network definitions
so all networks are created dynamically.
Change-Id: If074f87494a46305c990a0ea332c7b576d3c6ed8
Depends-On: Iab8aca2f1fcaba0c8f109717a4b3068f629c9aab
Partially-Implements: blueprint composable-networks
Adds in the execution environment of the workflow steps a list of
per-service network IPs. This can be used by the workflows to
execute actions against the nodes hosting a given service.
Change-Id: Id7c735d53f04f6ad848b2f9f1adaa3c84ecd2fcd
Implements: blueprint tripleo-ceph-ansible
Add 2 new environments to faciltate deploying split-stack:
environments/overcloud-baremetal.j2.yaml
environments/overcloud-services.j2.yaml
The environments are used to deploy 2 separate Heat stacks, one for just
the baremetal+network configuration and one for the service
configuration.
In order to keep Heat's view of the server's hostname consistent across
the 2 stacks the 2 environments set the same HostnameFormat with
"overcloud" as the stack name.
implements blueprint split-stack-default
Change-Id: I0b3f282c08af6fecea8f136908b806db70bada46
This needs to handle a ServiceNetMap containing non-default
network names when they are overridden via the *NetName parameters.
Closes-Bug: #1651541
Change-Id: I95d808444642a37612a495e822e50449a7e7da63
Harald Jensås
James Slagle
ramishra
Takashi Kajinami
Oliver Walsh
Steven Hardy
Carlos Camacho
Pradeep Kilambi
Harald Jensas
Tim Rozet
Dan Sneddon
Ben Nemec
Giulio Fidente