When specific roles are deployed, for example CephStorage,
then the parameters for UpgradeLeappDevelSkip are different
to all other roles.
This change makes UpgradeLeappDevelSkip a per-role parameter.
Included in this is the appropriate tagging for the other
parameters which had the same work done in:
- https://review.opendev.org/779522
- https://review.opendev.org/774537
Release notes are included for all of the above too.
Related-Bug: rhbz#1962365
Change-Id: I522951cc7ec6034bb6287dd144a9fc433c0090e0
Adds a tag tripleo_role=$ROLE to neutron ports
created by heat.
Related: blueprint network-data-v2-ports
Change-Id: I238572444e2931546d44864b2de497dd2825c2dc
Moving the network and port management for OVN
bridge MAC addresses to ansible.
Removes the heat resources, and adds an external
deploy task at step 0 in the ovn controller service
templates which uses the 'tripleo_ovn_mac_addresses'
ansible module to create/remove OVN mac address ports.
Adds parameter role_specific OVNStaticBridgeMacMappings,
parameter that can be used to set static bridge mac
mappings. When this is set no neutron resources will be
created by the tripleo_ovn_mac_addresses ansible module.
OVNStaticBridgeMacMappings must be used for standalone
deployments.
Implements: blueprint network-data-v2-port
Depends-On: https://review.opendev.org/782891
Depends-On: https://review.opendev.org/783137
Change-Id: I6ce29d2908e76044c55eb96d0d3779fe67ba9169
With I57047682cfa82ba6ca4affff54fab5216e9ba51c Heat has added
a new template version for wallaby. This would allow us to use
2-argument variant of the ``if`` function that would allow for
e.g. conditional definition of resource properties and help
cleanup templates. If only two arguments are passed to ``if``
function, the entire enclosing item is removed when the condition
is false.
Change-Id: I25f981b60c6a66b39919adc38c02a051b6c51269
Adds a tag tripleo_default_route=$BOOL to neutron ports
created by heat indicating if the ports interface is
used for the default route.
The value is controlled by the 'default_route_networks'
in roles data.
With network-data-v2 the same tag will be used to
set up ansible vars appropriately. Having the heat driven
process add the tag can be useful for upgrade/migration
automation.
Related: blueprint network-data-v2-ports
Change-Id: I20d48b3a29193dbcb70ec5cb13daf153bb0aeff2
This change restores the PreNetworkConfig resources, so that we migrate
back ExtraCnfigPre and NodeExtraConfig from pre network configurations
to post network configurations, to be consistent with older version
depending on Heat software deployments instead of config download.
Depends-on: https://review.opendev.org/772303
Closes-Bug: #1907214
Change-Id: I96e7e4c570839cfba6011788464d8e93925b2f01
Set tag's with the stack name and the hostname
on composable network node ports. The tags will
be used by network-data-v2 with port management
handled outside of heat.
Change-Id: I23c600c1754d463028259a7dc2c6e5538c512ca4
For each role create a network config resource
{role.name}}NetworkConfig. Remove per node
NetworkConfig resource from puppet/role.role.j2.yaml.
NOTE: CI nic config templates was updated with using
tools/merge-new-params-nic-config-script.py
Depends-On: https://review.opendev.org/753930
Change-Id: Iff4bf742947a5a8170938372a8075519850b6f63
This patch changes undercloud and standalone roles to
generate network config with only ansible and
not depend on downloaded network config from
heat stack.
Depends-On: https://review.opendev.org/#/c/753958/
Change-Id: Ibcb0f0a65cfd04d677a4b861d9f647af13611b24
This removes the run-os-net-config.sh script and uses
OS::Heat::Value for the NetworkConfig resources.
Depends-On: https://review.opendev.org/#/c/751713/
Change-Id: Ic3a0234d36525cdd6f415c77733d05a39bbeb3c2
Since GroupVars moved to overcloud.j2.yaml in
https://review.opendev.org/677218 the CIDR set in
'{{network.name_lower}}_cidr' in groupvars is limited
to one of the subnets on the network.
When a network have multiple subnets with different
subnet prefixes, this becomes a problem as nodes are
configured with the from subnet mask.
This change moves them to AnsibleHostVars.
Closes-Bug: #1895899
Change-Id: I4e4e5b1195d17f59c825a3f7df73920921e1f86e
For distributed vlan in ovn we need to add support of
creating mac addresses per compute and seting them in
external_ids:ovn-chassis-mac-mappings.
This change passes the ovn::controller::ovn_bridge_mappings
to the role node configuration so that ports for each
bridge mapping can be created. The map of physnet/mac_address
pairs is placed in the role output, and in RoleGroupVars.
Related-Bug: #1881593
Change-Id: If24653b629e39b6dd7ec6d09ae0ef32d7842c48f
This removes a resource and the the unnecessary yaql function.
Also replaces json data types with lists to reduce memory
footprint.
Change-Id: I04a6114ca3d2703ca2891d6807d49b78ffee0f97
Related-Bug: #1886203
Neutron's dns_assignments field includes a nice pice of
structured data. This is a prerequirement for Designate
usage. (No plan's to use that, but being a bit ready
does'nt hurt.)
{"hostname": "my-vm",
"ip_address": "192.0.2.16",
"fqdn": "my-vm.example.org."}
Enable for the undercloud:
- dns_domain_ports ml2 extension driver
Change-Id: I46eb9a24dd66821b27524fe4d1fdab617b6fa948
This simplifies all the split/join transformations and improves the
memory footprint to a reduced list of unique entries for
HostsEntryValue (originally required for storing the ultimate data for
hosts entries in a form of a quite long single-line string value).
That improves the hosts entries processing for large scale deployments
and removes possible limitations to the sizes of strings.
Closes-bug: #1869375
Change-Id: I5ac498621e9e3c49def565744a7b521cb2cc5c25
Signed-off-by: Bogdan Dobrelya <bdobreli@redhat.com>
PreNetworkConfig resource was required to support host changes
before network deployment (for OvS-DPDK). As the required steps
has been migrated to ansible deploy_steps with 'step: 0', this
resources is no longer required.
Change-Id: I11a8ec280b4f5c33b6061a96cb546b4760a45b3a
This patch updates the templates to use the new ansible role,
tripleo-hosts-entries, for managing the entries in /etc/hosts instead of
the values from the Heat stack.
Change-Id: I606e0f27f9f9ae9d85bc0fc653f8985eb734d004
Depends-On: Ia02ca1263590e2b579f2534e99119d7b1cd4b39a
_role_net_subnet contains the name of the subnet, so
_role_net_subnet.vlan will not return the correct configured
vlan id. This change uses network.subnets[_role_net_subnet].vlan
to get the configured vlan id.
Change-Id: Ifef98f45a57af508d7302584aa52eedd45316edd
Closes-Bug: #1840054
These endpoints won't exist on the undercloud in the U cycle, and this
sort of check overlaps with tripleo-validations anyway. This change
also removes the disable_constraints roles data attribute as there is
no longer anything to disable.
Possibly this means deployed-server/deployed-server-roles-data.yaml is
no longer required because it only exists to set
disable_constraints:true (although it lags roles_data.yaml by quite a
lot now)
It looks like tripleo-validations has checks for flavor and image
already, but not keypair. It is unlikely users stray from the
'default' keypair so it is probably fine to not have a validation of
this for the Train release.
Change-Id: Id6146bfdc124e6e3e64ee7caea3ddeb2552bfa71
Blueprint: nova-less-deploy
Migrates the NetworkConfig resource to use ansible vars as the values
for Heat parameters for the IP and subnet cidr. This makes it so that
the nic config template value coming out of Heat is generic per role.
The same nic config can then be used for any node of that role type by
Ansible, and the Ansible vars will be resolved at config-download
runtime.
Change-Id: I7e85dabd42ccb348ea27825d03c08157222956a1
Adds a group var for {{network.name_lower}}_cidr for each role. Using
the lowecase name will make it more consistent with the lowercase
network names for the IP addresses.
Also removes the {{network.name}}_cidr output from role.role.j2.yaml as
those values have already been included the group vars.
Change-Id: Ib660c2dd25e2207f51439ec6b9c59b6e88eb23f8
Now that we do all node configurations using config-download,
this interface is not useful anymore.
Change-Id: Ifffaff6f044e334491b8f00cc6c6c8779d7bf7e5
Instead of writing a set of vars to hieradata_vars.yaml and then passing
that into tasks with vars_files, just set the data as group vars.
This makes for a simpler interface without having to remember to pass in
the data with vars_files on any task/play that might require them.
Change-Id: I851d9404861d55791bde1346c58bc1c94f591569
Migrate to using the template mode of the tripleo-ssh-known-hosts role.
Detailed Changes:
common/deploy-steps.j2:
Remove ssh_known_hosts_hostnames parameter
Remove ssh_known_hosts variable in config-download output
Set tripleo_ssh_known_hosts_use_template var to true when including
the tripleo-ssh-known-hosts role to activate template mode.
extraconfig/tasks/ssh/host_public_key.yaml:
Template removed as it was deprecated and is no longer used.
extraconfig/tasks/ssh/known_hosts_config.yaml:
Template removed as it was deprecated and is no longer used.
overcloud-resource-registry-puppet.j2.yaml:
Mappings for Ssh known hosts resources removed
overcloud.j2.yaml:
Resources removed: SshKnownHostsConfig, SshKnownHostsHostnames,
{{role.name}}SshKnownHostsDeployment
Removed passing in ssh_known_hosts_hostnames parameter to
common/deploy-steps.j2
puppet/role.role.j2.yaml:
Removed SshHostPubKey and SshKnownHostsHostnames resources
Removed known_hosts_entry and known_hosts_hostnames stack outputs
Add role_networks to set Ansible group vars which is a list of enabled
networks for the role
Change-Id: I10d0de42acc0b88b7947b464e976b5d0b9067ca2
The service_names isn't useful anymore:
- hiera('service_names') has been replaced by hiera('enabled_services')
- sensu::subscriptions moved under the {{role.name.lower()}}_extraconfig
hieradata file.
This is part of the effort which aims to reduce the number of hieradata
files.
Depends-On: I457f2c81a2cf6cc2f42dc4585b41b0d91dacc059
Change-Id: I22081888541e059cd9f258d15990f58df78c38d2
Closes-Bug: #1835551
Migrates these hieradata files to use the cloud_domain and fqdn
templates from tripleo-hieradata. The templates have more meaningful
names to actually represent the data that these hieradata files contain.
Detailed changes:
common/deploy-steps.j2:
Add parameter for CloudDomain and add it to the Ansible global vars
Remove the Per-host hieradata tasks and parameters as they are no longer used
Add cloud_domain and fqdn to list of templates for tripleo-hieradata
overcloud.j2.yaml:
Add role_networks to HieradataVars for each role
Replace {{role}} and host_extraconfig from hieradata hierarchy with
cloud_domain and fqdn.
puppet/role.role.j2.yaml:
Remove {{role}} hieradata from hieradata Datafiles as the template is
now used instead.
Remove per host hieradata resources and output as they are no longer
used.
Depends-On: I9c038399fccc4730b73e1a52281d7256ea689ee9
Change-Id: I136fb7aa864a2a3668f5a3845f3ded28b13bfe43
Migrates the net_ip_map hieradata from Heat to the tripleo-hieradata
role.
Detailed changes:
network/ports/port.j2:
cidr output added for the network subnet cidr of the port
port for a role
network/ports/noop.yaml:
cidr output for compatiblity with port template interface
puppet/role.role.j2.yaml:
{{network.name}}_cidr output added for the each networks subnet cidr
Remove the net_ip_map hieradata from the per host datafiles generated
by Heat as tripleo-hieradata template will be used instead.
overcloud.j2.yaml:
consume cidr outputs from the roles, as well as the ctlplane subnet
cidr and set them as hieradata vars that get passed into the
templating process for tripleo-hieradata
common/deploy-steps.j2:
Add a networks data structure to the global vars setting some needed
vars for tripleo-heiradata.
Use the net_ip_map template from tripleo-hieradata
Change-Id: Ib30e8347e1a50efec2b6a97482dc98c383cb7cf7
Depends-On: Iaec3654900f250eacf39c7748df166b716937358
Since https://review.opendev.org/656581 is merged (and the revert,
reverting the revert ...) there is no metadata service running.
This change removes all things related to setting up routes
to the metadata service, i.e the EC2MetadataIp. As well as NAT
firewall redirect rule used only on the undercloud but disabled
by default.
Blueprint: nova-less-deploy
Change-Id: Ic4ea74b45c566048e32dde82d2bf00498f932af6
Replace the Heat resources which used to manage the hiera config file
and now use Ansible with the new tripleo-hieradata role.
Remove {{server_resource_name}}Deployment and
{{server_resource_name}}Config resources not needed anymore.
Change-Id: I88fe3460af93b83cc086afeb1c2b959bbb720470
implements: blueprint reduce-deployment-resources
Depends-On: Ia5f11ea1a2f16b736ed7053c5182c7f5a7eb1f4b
Use the new tripleo-hieradata Ansible role to configure
the remaining Hieradata files that were created by Heat before.
{{server_resource_name}} isn't yet fully converted to Ansible, and
another patch will remove the resource when Ansible controls the
hiera.yaml file in /etc/puppet/hieradata.
Change-Id: Ib946b566d66300d23e7abc12498cc11d3f5fa5f8
implements: blueprint reduce-deployment-resources
The new AnsibleHostVarsMap output is a map of roles to Ansible host
vars, which later will be in config-download and populate the Ansible
host vars for each host in each role.
Change-Id: I3880f0f72beb24ee0b0868dca48afce6328144d3
Use ansible to apply the NetworkConfig resource instead of the
NetworkDeployment resource. The script module is used to run the same
rendered script as NetworkDeployment. In the future the script could be
refactored into a more proper ansible role, but the first step is to
remove the SoftwareDeployment for NetworkConfig and just use an ansible
task.
Change-Id: Ie60ddb90562f9630c24711337473f9e3acdcf4c1
Depends-On: Ie543782569de14d56bc41740611f7512e8357a22
implements: blueprint reduce-deployment-resources
If name_lower of a network is changed, and service_net_map_replace
is used. The subnet defined for the network in roles_data would
have to be updated to match the new name_lower. This was not the
case prior to stein, because roles_data did'nt include the subnet.
A downstream regression test is failing because of this. The
workaround is to update roles_data with a value for the subnet
that match name_lower.
This patch should fix the need to update roles_data in the case
that the net_map_replace matches the subnet in roles_data and no
additional subnet with this defined for this network in
network_data.
Closes-Bug: #1832759
Change-Id: I10f99fad0f0016bf81edd53e1c5579f9d5c0ef88
This output will map server names to their NetworkConfig resource id.
This makes it easy to retrieve the NetworkConfig resource for each
server in the config-download code.
Change-Id: I315f2e2eb880e9f3cb67d9f4cdc789f08c6c4021
implements: blueprint reduce-deployment-resources
Per-subnet vlan id parameters are already rendered in
network-environment.yaml. This change uses networks data
and roles data so that per-subnet vlan id param is used
when passing the relevant NetworkVlanId data to nic-config
templates.
By using the generic %network%NetworkVlanId (no subnet suffix)
in nic-config templates instead of %network%NetworkVlanId_%subnet%,
this allow homogeneous computes in multiple sites to use the
same nic-config template.
Also use type: number for all vlan parameters.
Closes-Bug: #1821043
Change-Id: Id8e76ae7c41a562f5c47d911c42aa18001c11be1
For networks in role.default_route_networks use get_attr
to fetch the gateway_ip of the port's subnet and pass
it to the nic-config template.
Changes the default in nic-config templates to ''.
Closes-Bug: #1821046
Change-Id: Ic07a3166fafba3aa307a9e1953b3e3be2594a6f5
The /var/lib/docker-puppet is deprecated and can now be found under
/var/lib/container-puppet. We don't have Docker anymore so we try to avoid
confusion in the directories. The directory still exists but a readme
file points to the right directory.
Change-Id: Ie3d05d18e2471d25c0c4ddaba4feece840b34196
During upgrade we need to provides hiera variable that will override
the cluster member definition.
Change-Id: I4272797a40ee61842fe29b2e177d432c27fb47c3
Implements: blueprint upgrades-with-os
As a follow up to https://review.openstack.org/#/c/635622/, this also
defaults the value for mtu to 1500 when using DeployedServerPortMap.
Previously, the value was getting set to "0" since it did not get set in
the output. While the "0" value showed up in
/etc/os-net-config/config.json, it didn't actually break anything since
os-net-config has code that only set MTU with "if interface.mtu ...",
and 0 evaluated to False, so it assumed it wasn't set.
With this patch the value will be properly defaulted to 1500 though.
Change-Id: I12d110d653a77bef87d06b4713704844a46b065d
In commit 055e252872, we started pulling
the host_routes attribute out of the "addresses" output from the server
resource.
When using deployed-server with DeployedServerPortMap however,
host_routes is not guaranteed to be present within the output value (and
we didn't tell anyone to add it). Since it's not present, it defaults to
{}.
When this value is passed into a nic config template such as
single-nic-vlans/role.role.j2.yaml, it is used as a value to
list_concat_unique to concat host_routes with the route for
169.254.169.254. This causes Heat to fail with an error: "Incorrect
arguments: Items to concat must be lists.".
To fix the scenario where host_routes is not specified in
DeployedServerPortMap, we use a yaql expression to default the value to
[] if it's not already a list.
Change-Id: I6bffc302265c45a2363fa9e973e90ff0938eac5c
We removed the dependency for NetworkDeployment[1] in
role.role.j2.yaml after moving to Ansible the
UpgradeInitCommand and UpgradeInitCommonCommand Heat hooks.
[1]: https://review.openstack.org/#/c/632108/17/puppet/role.role.j2.yaml@649
Change-Id: I2dae3358b56946aaae7eddbf3eb501e672455565
This change moves the execution of UpgradeInitCommand
and UpgradeInitCommonCommand to be executed with
Ansible in the upgrade step 0 instead of Heat.
Closes-bug: 1812659
Change-Id: I76eb6a2572e24b6f114e38897a68cd85276af3c6
When using neutron routed networks we need to specify
either the subnet or a ip address in the fixed-ips-request
when creating neutron ports.
a) For the Vip's:
Adds VipSubnetMap and VipSubnetMapDefaults parameters in
service_net_map.yaml. The two maps are merged, so that the
operator can override the subnet where VIP port should be
hosted. For example:
parameter_defaults:
VipSubnetMap:
ctlplane: ctlplane-leaf1
InternalApi: internal_api_leaf1
Storage: storage_leaf1
redis: internal_api_leaf1
b) For overcloud node ports:
Enrich 'networks' in roles defenition to include both
network and subnet data. Changes the list to a map
instead of a list of strings. New schema:
- name: <role_name>
networks:
<network_name>
subnet: <subnet_name>
For backward compatibility a conditional is used to check
if the data is a map or not. In either case the internal
list of role networks is created as '_role_networks' in
the jinja2 templates.
When the data is a map, and the map contains the 'subnet'
key the subnet specified in roles_data.yaml is used as
the subnet in the fixed-ips-reqest when ports are created.
If subnet is not set (or role.networks is not a map) the
default will be {{network.name_lower}}_subnet.
Also, since the fixed_ips request passed to Vip ports are no
longer [] by default, the conditinal has been updated to
test for 'ip_address' entries in the request.
Partial: blueprint tripleo-routed-networks-templates
Depends-On: I773a38fd903fe287132151a4d178326a46890969
Change-Id: I77edc82723d00bfece6752b5dd2c79137db93443
Jesse Pretorius (odyssey4me)
Harald Jensås
ramishra
Takashi Kajinami
Bogdan Dobrelya
Saravanan KR
James Slagle
Martin Schuppert
Steve Baker
Emilien Macchi
Sergii Golovatiuk
Sofer Athlan-Guyot
Carlos Camacho