Not all roles are connected to all networks, there is no
need to create metadata for networks not associated with
the role.
In edge/spine-and-leaf deployments the total number of
composable networks used can be high. Passing all the
networks we quickly go beyond the nova metadata fields
size limit (each field cannot exceed 256 bytes).
Also update tools/check-up-to-date.sh script to use the
simple yaml-diff.py instead of diff. The env generator
code will sort data, while jinja rendered environments
are not sorted, thus need to diff the data in yaml not
the text.
Closes-Bug: #1821377
Change-Id: I5ae3bc845b0a6ad6986d44b14ff4b0737a9b033b
The entries in the tls-everywhere-endpoints-dns.yaml was wrong for
octavia; pointing to IPs instead of DNS. This made the TLS everywhere
deployment fail, since it assigns certificates for DNS subjectAltNames.
Change-Id: Ic6f0f26c03c443edf1715927a4542245e08567f4
Closes-Bug: #1822035
Move the apache service undercloud the deployment directory.
Change-Id: Iead4f910390cb75f56f96da2d24889a461275c9d
Related-Blueprint: services-yaml-flattening
New parameter ``NovaNfsVersion`` allow configuring the NFS version
used for nova storage (when NovaNfsEnabled is true). Since NFSv3
does not support full locking a NFSv4 version need to be used. To
not break current installations the default is the previous hard
coded version 4.
Change-Id: I810478ed82ee6dc056d9652be91dc45b123e78cf
Designate is a great service but unfortunatly, we don't have
full time maintainers therefore we can't certify the service will be
tested and work correctly.
In this patch, we create an experimental folder and put Designate in it.
Change-Id: I8a587ebdca2c7e64ab8348155cf75c2dbb65a5ed
Installing and configuring tmpwatch allows to get rid of some
ugly things in logrotate configuration. As the container has no
network access anymore, we have to install the tool on the host
directly - this isn't that bad.
In order to avoid issues with logrotate manage logs, we explicitely
exclude patterns manage in the specific logorate configuration.
Also, always in order to avoid issues and ensure logrotate does its
own cleanup, we clean files one day later.
Change-Id: Ic666388d9ba7556e7b68ab2fc1082957a9e26552
Congress doesn't seem to be used anywhere, we never had a bug report or
any sign of somebody out there actually using it.
Let's remove its support in TripleO, to reduce the codebase.
Change-Id: Idca6b12f1c0ca3bc15bedf6469d4063a4dac31fa
OVN controller/metadata use ovn_dbs_vip hiera key to configure
the central ovn DB. This key is not available on split control
plane or multi cell setup and therefore installation fails.
With this change a new entry gets created in the EndpointMap
named OvnDbInternal. This can then be exported for an overcloud
stack and can be used as an input for the cell stack.
The information from the EndpointMap is used for ovn-metadata
and ovn-controller as the ovn_db_host information in puppet-tripleo
Change-Id: I0d9eb663405d1113ea84e3c12651a3f0dbdfc75d
Closes-Bug: #1817524
This change combines the previous puppet and docker files
into a single file that performs the docker service installation
and configuration.
Change-Id: I9bd5c9f007d9f69d7310cdd0106bcc923c1b0acd
This change combines the previous puppet and docker files into a single
file that performs the docker service installation and configuration
for the designate Producer, Worker, and Mdns services.
Change-Id: Ibbd14996eb6fc9b2e45dd9f24d3b7156c42da990
Related-Blueprint: services-yaml-flattening
Moving the service that installs all the openstack clients to the
deployment directory.
Change-Id: I5cfecf0217232380319a68e3689a7fe7d945b15a
Related-Blueprint: services-yaml-flattening
This change combines the previous puppet and docker files
into a single file that performs the docker service installation
and configuration.
Change-Id: I7b1688a12964d939ece33a7f06d2493bf13c08eb
This addresses a possible bug when using FreeIPA to do TLS
everywhere.
It is possible that the IPA server is not on the ctlplane.
In this case, when the nodes start up, the registration of the node
with IPA will fail, resulting in failed certificate issuance requests
later on.
We introduce a composable service to run in host_prep_tasks.
This will always run once the networks have been set up. If the
instance has already been enrolled (by cloud-init or in an update),
then the script executed by the service will just exit.
In this iteration, we simply execute the code that the cloud-init
would have done. In later releases, we will execute all the code
performed by novajoin-server here in ansible - and deprecate the
novajoin server.
Change-Id: I31f64c3cbd1d151e3c2a436cc3e2ec5316535087
Co-Authored-By: Juan Antonio Osorio Robles <jaosorior@redhat.com>
Resolves: rhbz#1661635
Closes-Bug: #1815924
This patch switches the default mechanism driver for neutron from
openvswitch to OVN.
It will also flip scenario007 job to run with ML2/OVS.
Depends-On: I74ffb6b7f912e1fce6ce428cd23a7283c91b8b96
Depends-On: I99ba2fd6a85b4895b577719a7541b7cbf1fdb85c
Depends-On: Ib60de9b0df451273d1d81ba049b46b5214e09080
Depends-On: Iaed7304adf40a87a0f14b7a95339f8416140e947
Change-Id: Iab52cdf5d0f7a392c4f17c884493b5c5beb1d89f
Co-Authored-By: Kamil Sambor <ksambor@redhat.com>
This change combines the previous puppet and docker files
into a single file that performs the docker service installation
and configuration. With this patch the baremetal version of
nova has been removed.
Change-Id: Ia41a6adf9fda2d6be8f1b5ac57854381b7f92ce7
This change combines the previous puppet and docker files into a single
file that performs the docker service installation and configuration
for the designate API, Central, and Sink services.
Related-Blueprint: services-yaml-flattening
Change-Id: I1c18780b252ce118836462b0857040fe1a3e8789
Now that we could get rid of the puppet dedicated definitions,
we can move the docker/* rabbitmq related stuff to the final
location, and correct the paths and some nits.
Change-Id: I47ca1e303bd38642200ccb7f6823bcd06cd00255
This flattens rabbitmq and removes puppet parts. The next step will
move the flattened templates to their final location.
It's split in two steps in order to make reviews easier on that big change.
Change-Id: I30f0802770d86d64e2ec6fa93dc9a608d4b15d69
This change combines the previous puppet and docker files into a single
file that performs the docker service installation and configuration
for the horizon service.
With this patch the baremetal version of each respective horizon service
has been removed.
Change-Id: I132465a32cd9f5e094ed184a92549d6521ad4e64
Related-Blueprint: services-yaml-flattening
This change combines the previous puppet and docker files into a single
file that performs the docker service installation and configuration
for the neutron-api, neutron-dhcp, and neutron-l3 services.
With this patch the baremetal version of each respective neutron service
has been removed.
Related-Blueprint: services-yaml-flattening
Change-Id: I6d1fae29498d2c8bffff2ccffcfbf0b605350205
This change combines the previous puppet and docker files into a single
file that performs the docker service installation and configuration.
With this patch the baremetal version of haproxy services has been removed.
Change-Id: Id55ae44a7b1b5f08b40170f7406e14973fa93639
Related-Blueprint: services-yaml-flattening
This change combines the previous puppet and docker files into a single
file that performs the docker service installation and configuration
for all swift services.
With this patch the baremetal version of each swift service has been removed
except for swift-dispersion which only exists in baremetal form.
Related-Blueprint: services-yaml-flattening
Change-Id: I7986efed381a2149bdff42526048ae72e0bf36c0
Update THT to align with puppet-tripleo changes made in [1]
- Add new CinderNetappPoolNameSearchPattern parameter
- Deprecate CinderNetappStoragePools parameter
- Remove previously deprecated CinderNetappEseriesHostType parameter
[1] https://review.openstack.org/570406
Fix relative path in file the sample-env-generator uses to generate
environments/storage/cinder-netapp-config.yaml.
Change-Id: I813ca60eb5ce9e008e1b72e88d83709d3125676f
I89cff59947dda3f51482486c41a3d67c4aa36a3e broke SSH access on the
Undercloud, we shouldn't be that restrictive by default for the
undercloud and standalone (as deployed via tripleo deploy).
This change adds a new parameter called SshFirewallAllowAll that can be
used to include an allow all for ssh. By default it is disabled when
deploying the overcloud but is used by the undercloud and standalone to
allow access after installation.
Change-Id: Ie548f7216610e15af24c96f65a58cc8de603235c
Co-Authored-By: Alex Schultz <aschultz@redhat.com>
This change combines the previous puppet and docker files into a single
file that performs the docker service installation and configuration.
With this patch the baremetal version of cinder services has been removed.
Change-Id: I88f047a8ee9c3eed80e4c48ed9cabdb3035d518b
Related-Blueprint: services-yaml-flattening
This changes moves docker services from puppet to deployment directory.
Change-Id: I11a34708ee91f5b5928d7c647c83e95ca1b01cae
Related-Blueprint: services-yaml-flattening