This simply stores the data structure in the network_data
and roles_data YAML files provided with the -n and -r
options when deploying the overcloud.
This can be generally useful for troubleshooting.
Also the 'overcloud node extract provision' command rely
on the roles data source. Storing it in the stack means
we can get to the data in case the user missplaced the
file originally used, or in the case where we want to
automate the process for all deployed stacks.
NOTE: The idea is to backport this to the release intended
as the upgrade from release, so that the follow on change
Icc6a7a438e9d0f39d003d1cf8ed84d6fb1d5485a can use it during
upgrade.
Related: blueprint network-data-v2-ports
Change-Id: I1efecdcd7afa6af3e6b4b26f4435198836db535f
This change adds an extra ansible host var to the defaults which
will allow an operator to more easily define a mapping of options
to configure advanced ansible options within their deployment.
Change-Id: If4654470a77a67445a56fb8fed6963fed300aad4
Signed-off-by: Kevin Carter <kecarter@redhat.com>
Moving the network and port management for OVN
bridge MAC addresses to ansible.
Removes the heat resources, and adds an external
deploy task at step 0 in the ovn controller service
templates which uses the 'tripleo_ovn_mac_addresses'
ansible module to create/remove OVN mac address ports.
Adds parameter role_specific OVNStaticBridgeMacMappings,
parameter that can be used to set static bridge mac
mappings. When this is set no neutron resources will be
created by the tripleo_ovn_mac_addresses ansible module.
OVNStaticBridgeMacMappings must be used for standalone
deployments.
Implements: blueprint network-data-v2-port
Depends-On: https://review.opendev.org/782891
Depends-On: https://review.opendev.org/783137
Change-Id: I6ce29d2908e76044c55eb96d0d3779fe67ba9169
After a Overcloud deployment, /etc/hosts on the undercloud
will be populated with entries for each overcloud node. Since
we use the same tripleo_ansible roles for both the undercloud
and overcloud deployment, the /etc/hosts file on the Director
will be removed by undercloud install / upgrade operations.
This is outlined here:
https://bugzilla.redhat.com/show_bug.cgi?id=1933528
This change adds the RootStackName to the group_vars,
this is then used by the tripleo_host_entries role in
tripleo-ansible to write host entries per stack.
Closes-Bug: #1924751
RHBZ: 1933528
Change-Id: I9e53187f37d41d7180e66db1239b5f9c8846addd
With this change a Heat resource is no longer used to
create an undercloud neutron API port resource for the
redis and ovn_dbs service virtual IPs. Instead an
external deploy task at step 0 in the individual service
template uses the "tripleo_service_vip" ansible module
to mange a neutron API port resource for each service.
The interfaces to control the IP address and service
network (RedisVirtualFixedIPs, OVNDBsVirtualFixedIPs
and ServiceNetMap) remains the same.
It is also possible to include the 'use_neutron' boolean
in the FixedIPs parameter to instruct the ansible module
not to create a neutron API resource, and simply "echo"
the ip_address given in the FixedIPs parameter. For
example:
RedisVirtualFixedIPs:
- ip_address: 1.0.0.5
use_neutron: false
Alternatively the fixed-ips can be set using the
'ServiceVips' parameter, like this:
ServiceVips:
redis: 1.0.0.5
ovs_dbs: 1.0.0.6
NOTE: If the neutron service is not available the
tripleo_service_vip ansible module will "echo"
the IP provided in %service%VirtualFixedIPs.
Related: blueprint network-data-v2-ports
Depends-On: https://review.opendev.org/777307
Depends-On: https://review.opendev.org/779883
Change-Id: I4794418546363888e7a555a16b45b7a4417f1ef8
Set up tag hints on all OS::Neutron::Port resources.
The network-data-v2 work uses tags on neutron resources
to find existing resources so that we update instead
of create. Also for generating environment files info
in the neutron tag field is utilized.
Partial-Implements: blueprint network-data-v2-ports
Change-Id: I3d43ae22cc45e5528ecfb1a6b2cb8602faa162a0
The role ResourceGroup (puppet/role.role.j2.yaml template) tries to
create a port on the OVNMacAddressNetwork, as such we need a dependency
in the top level stack, otherwise the network may not exist before Heat
attempts to create the port.
Change-Id: Ie453fcdbb8eb42bbf718506b0b9b443ccd84543a
Signed-off-by: James Slagle <jslagle@redhat.com>
With I57047682cfa82ba6ca4affff54fab5216e9ba51c Heat has added
a new template version for wallaby. This would allow us to use
2-argument variant of the ``if`` function that would allow for
e.g. conditional definition of resource properties and help
cleanup templates. If only two arguments are passed to ``if``
function, the entire enclosing item is removed when the condition
is false.
Change-Id: I25f981b60c6a66b39919adc38c02a051b6c51269
All heat params have been copied over, there are a bunch
that are used for conditionals.
The outputs and conditionals secions in *-puppet do a lot
of configuration, and provides lists of defaults for
puppet. These will be moved to ansible, role is at [1]
and in tripleo_ansible.
[1] https://github.com/infrawatch/collectd-config-ansible-role
[x] https://github.com/infrawatch/tripleo-collectd-ansible-role
Depends-On: Ib75702bf17a76cae3a811db503d3365e6aacf663
Change-Id: I9939a524795bb3fbc63e44f203f851dadeb7c30a
This patch exposes the net_cidr_map variable so that tasks can
access the list of CIDRs that are valid for a network as opposed
to attempting to build the CIDRs from the network definitions.
In spine-leaf or edge use cases the networks may have multiple
subnets assigned to a given network.
The new Unbound service will use these maps to build lists of
CIDRs allowed to make queries.
Change-Id: I6004519e8b2317d19356c4a2b8bea416b4d94c22
Set tags tripleo_vip_net=ctlplane and tripleo_stack_name=$STACK_NAME
on the ControlVirtualIP port.
Related: blueprint network-data-v2-ports
Change-Id: I098f24423716688fe8ff61a894516f3e860b2a4c
This is added for backward compatibility for passing
json config directly for undercloud network configuration.
Partial-Bug: #1915585
Change-Id: I58c34766e8250f4de45172e0372329dd7a09af9d
This was mainly there as an legacy interface which was
for internal use. Now that we pull the passwords from
the existing environment and don't use it, we can drop
this.
Reduces a number of heat resources.
Change-Id: If83d0f3d72a229d737a45b2fd37507dc11a04649
We shouldn't be double quoting the hieradata files in overcloud.j2.yaml.
Related: https://bugzilla.redhat.com/1924862
Change-Id: I042c26ac5a488bbd9f9d3802cfe6ea95c7ab0380
In spine-and-leaf TLS-e deployments as done in OSP13,
services are filter based on role networks when adding
metadata for nova-join. This filtering removes valid
services due to the fact that the roles network does'nt
match the global ServiceNetMap.
Add a role based parameter {{role.name}}ServiceNetMap
that can be used to override the ServiceNetMap per-role
when it's being passed to {{role.name}}ServiceChain and
the {{role.name}} resource group.
Related: RHBZ#1875508
Closes-Bug: #1904482
Change-Id: I56b6dfe8a0e95385e469d9eac97a0ec24e147450
Add a group_var carrying all enabled overcloud
networks. The multi-nic templates should iterate
over all the networks in the order they apper in
network_data.yaml to allow maintaining the
network to nicX contract that existed in the Heat
mulit-nic config templates.
Change-Id: I69fa208d160f1ae2cb2cc252d9b7852ada9e96f0
Related-Bug: #1904894
For DVR the external bridge is needed also on compute nodes
where there is no 'External' network associated witht the
role. Compute nodes running DVR need the MTU to properly
configured.
Also create a 'network_lower' group_var mapping all
'network.name' to 'network.name_lower'.
NOTE: A follow up can deprecate 'role_networks_lower' once
all Ansible templates are updated to use the 'network_lower'
map.
Related-Bug: #1904809
Change-Id: I5e106874b7809b3b0b8265615863a9b9d35d7c44
The ansible network configs does a check if network
is in networks_skip_config. When networks_skip_config is
not defined in the role data it get's defined as 'null'
in the Ansible inventory.
Default it to an empty list when creating the GroupVars
so that it's always of type: List in the inventory.
Change-Id: I0c09118b947aeee9b011e7d0ec23ab99af3680af
Closes-Bug: #1904808
Set tag's with the stack name and the hostname
on composable network node ports. The tags will
be used by network-data-v2 with port management
handled outside of heat.
Change-Id: I23c600c1754d463028259a7dc2c6e5538c512ca4
This changes the parameter to non-role specific and by default
true. The dependant python-tripleoclient patch adds a check
to ensure that we only allow usage of old heat nic congigs with
'NetworkConfigWithAnsible: false'.
Change-Id: Ie37bdfe64eb1b33afe326161fc6f99601addb7b5
They'll be used in tripleo-ansible for the bonding nic configs:
I807f2e49482693735469f737a2459d3a559b2025
Change-Id: I9ca00a4d3d4bff2e12779201ff77263c44550857
Previoously the default route was concatenated with the
host_routes in the NetworkConfig. This change moves that
concatenation to overcloud.yaml.
GroupVars {{network.name_lower}}_host_routes and
ctlplane_host_routes will have the default route appended
based on role.default_route_networks setting.
For heat base NetworkConfig the parameters
ControlPlaneStaticRoutes and {{network.name}}InterfaceRoutes
will have the default route appropriately appended.
Doing the concatenation in overcloud.yaml enable simplified
user-facing NetworkConfig templates.
For standalone and undercloud define the default_route_networks
with an empty list. Cannot leave it undefined as this will
default the default route to the ctlplane's gateway. Undercloud
and Standalone uses the management interface as the gateway by
default, so we should not set a default gateway for these roles.
Change-Id: I3a35c4b46536fa2916d9fa387278077884adaf68
Since the key includes colons, we need to quote it so yaml stops trying
to interpret it as an element.
Change-Id: I04c24936bbff9f9ceea72f71e6e7798b4a2a39aa
Closes-Bug: #1898113
* Clean up port resoures outputs that is no longer
required since we get it of the network attributes
map instead. The removed outputs are mtu, host_routes,
gateway_ip, cidr
* Drop usage of parameter ``ControlPlaneSubnetCidr`` in
overcloud.yaml, get it from net_attributes_map instead,
* Remove old notes regarding parameters we don't need to
set in network-environment files.
* Remove DnsServers from network-environment files.
Nameservers should be defined in undercloud.conf, either
globally with undercloud_nameservers, or per-control plane
subnet using the dns_nameservers option in the subnet group.
(I don't think we can deprecate the param entirely, cause
standalone ...)
Change-Id: I31154448603ccbba692282c44511d963ca9b6d0e
For each role create a network config resource
{role.name}}NetworkConfig. Remove per node
NetworkConfig resource from puppet/role.role.j2.yaml.
NOTE: CI nic config templates was updated with using
tools/merge-new-params-nic-config-script.py
Depends-On: https://review.opendev.org/753930
Change-Id: Iff4bf742947a5a8170938372a8075519850b6f63
Read the VLAN id of the subnet tag's and populate the
{{network.name_lower}}_vlan_id group var.
The VLAN id is added to subnet tags in the depends-on
change.
Depends-On: https://review.opendev.org/750666
Change-Id: I09233e84e022433220f2fa7b6758368191880566
This patch changes undercloud and standalone roles to
generate network config with only ansible and
not depend on downloaded network config from
heat stack.
Depends-On: https://review.opendev.org/#/c/753958/
Change-Id: Ibcb0f0a65cfd04d677a4b861d9f647af13611b24
Add the attributes of ctlplane network and subnets to
the output of the Networks resource.
Also, set 'ctlplane_mtu' in group_vars. Follow-up changes
will add other ctlplane subnet attributes to group_vars.
The ctlplane attributes are added to the plan environment
by the depends-on tripleoclient change.
Depends-On: https://review.opendev.org/753195
Change-Id: Ic1772b384ad5b2003563b4e3d41a4a2f0e82f8e6
In the Networks resource tempaltes add the full resource
attributes to net_attributes_map.
Use the attributes to build per-role GroupVars.
Change-Id: I603521bd00dc100e03c765c25503b5e01f3383e4
Move the OVNMacAddressNetwork resource out of the
Networks resource. This is a special network that
we want to create internally.
Having this network nested in the Networks resource
interfer with the work related to creating composable
networks with non-heat tooling.
Change-Id: I5551af42bc87fb8489edbfbd2abadba3dca30b0b
The heat VIP resource on the external network is
PublicVirtualIP. The name of the port object in
neutron has also traditionally been 'public_virtual_ip'.
There is no need to special case the port name, removing
this logic will simplify the jinja2 rendering.
NOTE: Making the name format standard also keeps VIP
detection code in https://review.opendev.org/750671 nice
and simple, without the extra cases.
Change-Id: I1e6e9756af336a423e554b95b33077c2c97a3d4c
Since GroupVars moved to overcloud.j2.yaml in
https://review.opendev.org/677218 the CIDR set in
'{{network.name_lower}}_cidr' in groupvars is limited
to one of the subnets on the network.
When a network have multiple subnets with different
subnet prefixes, this becomes a problem as nodes are
configured with the from subnet mask.
This change moves them to AnsibleHostVars.
Closes-Bug: #1895899
Change-Id: I4e4e5b1195d17f59c825a3f7df73920921e1f86e
Define the parameter NetConfigDataLookup in overcloud.yaml,
and write it's content into ansible group_vars. The parameter
was previously used in the firstboot heat software config
resource firstboot/os-net-config-mappings.yaml. With nova-less
none of the firstboot software configuration resource can be
used. The depends-on change in tripleo-ansible will parse the
lookup data, and write the os-net-config mapping file.
Depends-On: https://review.opendev.org/749669
Change-Id: I583bf17c0020bb2a90f885ece0cd5684fc27a980
Blueprint: nova-less-deploy
For distributed vlan in ovn we need to add support of
creating mac addresses per compute and seting them in
external_ids:ovn-chassis-mac-mappings.
This change passes the ovn::controller::ovn_bridge_mappings
to the role node configuration so that ports for each
bridge mapping can be created. The map of physnet/mac_address
pairs is placed in the role output, and in RoleGroupVars.
Related-Bug: #1881593
Change-Id: If24653b629e39b6dd7ec6d09ae0ef32d7842c48f
This removes a resource and the the unnecessary yaql function.
Also replaces json data types with lists to reduce memory
footprint.
Change-Id: I04a6114ca3d2703ca2891d6807d49b78ffee0f97
Related-Bug: #1886203
Paunch was deprecated in Ussuri and is now being retired, to be fully
replaced by the new tripleo-ansible role, tripleo_container_manage.
This patch:
- Removes common/container-puppet.py (was only useful when paunch is
enabled, since that script was converted to container_puppet_config
Ansible module in tripleo-ansible).
- Update all comments refering to paunch, and replace by
tripleo_container_manage.
- Deprecate EnablePaunch parameter.
- Remove paunch as python dependencies.
Depends-On: https://review.opendev.org/#/c/731545/
Change-Id: I9294677fa18a7efc61898a25103414c8191d8805
Switch the default MaxFailPercentage to 0, to match with the traditional
default.
We're currently working on making MaxFailPercentage working in the
TripleO playbooks (it doesn't work today); so this patch just fix the
default value, 15% was never applied in reality and we don't want to set
any default for backward compatibility. It'll be up to the deployers to
pick their number.
Change-Id: Ifea95c933e7a7d378ddf42050abda790e8631236
Detect the IP version used instead of relying on the
user specifying the IP version for services.
The IP version is stored in a net_ip_version_map which
is passed to all services in ServiceData.
Deprecates the following parameters:
CephIPv6, CorosyncIPv6, RabbitIPv6, MemcachedIPv6,
MysqlIPv6, RedisIPv6 and NeutronOverlayIPVersion.
Change-Id: Iebfd8ef686381be2f45d0d4c45dfd6bf654d1ac6
Wire up ansible_managed hieradata and provide a default file.
Depends-On: https://review.opendev.org/#/c/722519/
Change-Id: If3226be3ac6b2596a13985fe226f23afc3458907
Harald Jensås
Oliver Walsh
Kevin Carter
ramishra
Brendan
James Slagle
Emma Foley
Michael Johnson
David Vallee Delisle
Emilien Macchi
Alex Schultz