30 Commits

Author SHA1 Message Date
ramishra
454b45c7d2 Set OS_CLOUD instead in stackrc
We now write clouds.yaml when configuring keystone and
can use OS_CLOUD instead. Setting OS_AUTH_URL overrides
when we want use OS_CLOUD pointing to overcloud.

Closes-bug: #1931172
Depends-On: https://review.opendev.org/c/openstack/tripleo-common/+/795225
Depends-On: https://review.opendev.org/c/openstack/tripleo-validations/+/795293
Change-Id: Ib42fc397389d8b50c740edf334fe6f281c392ec6
2021-06-10 23:11:22 +05:30
ramishra
c9991c2e31 Use 'wallaby' heat_template_version
With I57047682cfa82ba6ca4affff54fab5216e9ba51c Heat has added
a new template version for wallaby. This would allow us to use
2-argument variant of the ``if`` function that would allow for
 e.g. conditional definition of resource properties and help
cleanup templates. If only two arguments are passed to ``if``
function, the entire enclosing item is removed when the condition
is false.

Change-Id: I25f981b60c6a66b39919adc38c02a051b6c51269
2021-03-31 17:35:12 +05:30
Harald Jensås
679ecaada0 Set dns_name propery on ports and networks
Neutron's dns_assignments field includes a nice pice of
structured data. This is a prerequirement for Designate
usage. (No plan's to use that, but being a bit ready
does'nt hurt.)

  {"hostname": "my-vm",
   "ip_address": "192.0.2.16",
   "fqdn": "my-vm.example.org."}

Enable for the undercloud:
 - dns_domain_ports ml2 extension driver

Change-Id: I46eb9a24dd66821b27524fe4d1fdab617b6fa948
2020-04-03 08:57:38 +02:00
Emilien Macchi
25a2045e62 Deploy /etc/openstack/clouds.yaml with Ansible
Replace the python script that was run on post-config, by an Ansible
task running on the host where Keystone is running.

It'll be useful later when using OpenStackSDK to have access to the
credentials during the deployment and not having to wait the far end.

It's also reducing the Heat resources.

Depends-On: https://review.opendev.org/#/c/700015
Change-Id: I585abc3e6a3b9b8ae9183e0b5170df2e39301e17
2019-12-19 20:09:08 +00:00
Harald Jensås
4befee5f22 Use parameter for ipv6 address mode
Use the parameter UndercloudCtlplaneIPv6AddressMode
to control ipv6 address mode for the provisioning
network instead of hard-codeing to dhcpv6-stateless.

Change-Id: I549f930853539a7cd665a00d7ec3fd1705f819fb
Closes-Bug: #1847606
Depends-On: I7de5f5487065d20068229e0d34102be6119fbeef
2019-10-10 16:06:26 +02:00
Zuul
c8cc9b2830 Merge "Enable mistral_executor to perform backups" 2019-07-29 21:09:07 +00:00
Martin Magr
70d41af00a Enable mistral_executor to perform backups
Moving undercloud deployment to container means that during execution
of undercloud backup mistral-executor does not have required connections
and data available and so creates empty tarball currently. This patch is
one of many, which are supposed to fix this. On THT side we need to:

- Include DB host IP address in tripleo.undercloud-config env
  - we need to have this information about undercloud IP available
    as we cannot connect to local socket anymore and using 'localhost'
    does not work.

- Mount directories which are meant to be backed up
  - currently directories backing up directories local to mistral_executor
    are useless for undercloud backup

Change-Id: Ia1fd60a13570a42f5243beb5bb0487c743e31d27
Partial-Bug: #1812960
2019-07-25 14:30:46 -04:00
Rabi Mishra
39a5545c41 Change OS::Heat::*Deployments to OS::Heat:*DeploymentGroup
Those are hidden resource types in heat. Changing these types
would not result in replacement of the resources.

Change-Id: I22d23a8f187263bd36e364f0cd3301c830f3220b
2019-07-04 20:21:06 +05:30
Harald Jensås
dae0a89a80 Use per-subnet DNS nameservers for ctlplane
Use the DNS nameservers for each ctlplane subnet,
instead of using the same DNSServers for all subnets.

Related-Bug: #1834306
Depends-On: I0dc03eddf9ea00ff33cd3ae0cdc8f42a4961e89c
Change-Id: I4c102d8f728a90cf9eb90f6129738377a8d2503c
2019-06-26 11:20:21 +02:00
Emilien Macchi
016279b71e standalone/undercloud - post: use EndpointMap to fetch Keystone URL
Using EndpointMap to ensure we get the hostname/fqdn if possible
otherwise it fallbacks to the IP for Keystone public endpoint.

This is useful when the operator uses a certificate based on
hostname/fqdn and not an IP address.

Closes-Bug #1763776
Change-Id: Ifa9d55cca90caf5be0c83507cb47447e25311fce
2019-05-21 08:41:22 -04:00
Carlos Camacho
166803d05f Include the DB password in a Mistral environment for creating backups and restores
We need to include also the Undercloud DB in a Mistral
environment to be able to create the DB backup from the CLI.

Now, we do this using python and THT but we didn't include it.

Change-Id: If503e733b103a34ae5639eb56dfae05f9783d59a
Closes-Bug: 1812839
2019-01-22 16:08:03 +01:00
Harald Jensås
afa16ae150 Create clouds.yaml for the undercloud
Add the cloud to clouds.yaml for the undercloud so
that it is available for post deploy script's.

The clouds.yaml is created both in the stack users
home directory ~/.config/openstack/clouds.yaml and
globally for the system in /etc/openstack/clouds.yaml.

Update standalone post configuration to use the same
code to create and update clouds.yaml on standalone.

clouds.yaml is used when setting up client's in other
post scripts instead of passing all the options to
each script.

Partial-Bug: #1801927
Change-Id: I6402fa561745bacf184b1ad2ada44bf8f7c75324
2018-11-22 13:54:54 +01:00
Zuul
2ffe5d65f9 Merge "Fix hiera condition in UndercloudCtlplaneNetworkDeployment" 2018-11-10 03:46:51 +00:00
Harald Jensås
0312050421 Move UndercloudPostDeployment to python
Configuring Nova (quota, flavors) and Mistral (workbooks,
workflows, etc.) is a lot faster if we do it in python.

Initial undercloud install - 3.5x faster
----------------------------------------
Run deployment UndercloudPostDeployment ---- 130.50s  < Shell
Run deployment UndercloudPostDeployment ----  37.39s  < Python

Re-Running undercloud install - 10x faster
------------------------------------------
Run deployment UndercloudPostDeployment ---- 405.01s < Shell
Run deployment UndercloudPostDeployment ----  39.95s < Python

Change-Id: If7b3ad701e434ed0d606356b9bbab2716d53c5bb
2018-11-08 03:58:11 +01:00
Harald Jensås
f3e55fae5c Fix hiera condition in UndercloudCtlplaneNetworkDeployment
_run_command() returns the output of the command executed.
If the Neutron API is disabled it would return the string
'false' which is in fact True as far as python is concerned.

We also need a depends_on to ensure the link to hiera.yaml
created in extraconfig/post_deploy/undercloud_post.sh is
already in place.

Change-Id: Iec958a92433d3f671862422ac85bc78d7babc01d
2018-11-08 03:53:55 +01:00
Martin André
e60f836de4 Fix enabled tripleo-validations check
With the move from instack-undercloud to containerized undercloud, the
hiera key to check for whether the tripleo-validations are enabled
changed from `enable_validations` to `tripleo_validations_enabled`. This
commit updated the check in undercloud_post.sh to use the right key. It
also removed the useless EnableValidation heat param.

Change-Id: I338e139fa770ebb7bdcc1c0afb79eec062fada8b
2018-08-16 11:44:45 +02:00
Jose Luis Franco Arza
12e58ae097 Fix small nit in enable_validations parameter.
The get_param call wasn't properly formatted
and the script was being rendered with the
following enabled_validations content:
enable_validations=[{u'get_params': u'EnableValidations'}]

Closes-Bug: #1786953
Change-Id: I6c1de0295cb1da4e72b447b78847e1b586b40e4a
2018-08-14 16:22:41 +02:00
Juan Antonio Osorio Robles
b633eaf73a undercloud-post: Discard CA usage if not set
If there is nothing set for the CA, discard the value. This way we can
ignore this value when using trusted certificates.

Change-Id: Ia0085c43fe9468cd1827f6e4ae39f48ce0e398b6
Related-Bug: #1785059
2018-08-02 16:37:55 +03:00
Harald Jensås
52ec1a018b DnsServers using get_attr
Nameservers are configured on the ctlplane subnets by the
undercloud installer, the nameservers are used early during
the deployment, prior to running os-net-config.

Remove the default DnsServer's in THT, replacing it with
an empty list and use get_attr to get the values for
DnsServers for the overcloud from the ctlplane subnet(s).

A conditinal is used in  puppet/role.role.j2.yaml so that
the parameter value is used whenever it is not [] (default)
to provide backwards compatibilityi and in case the user
want to use different DnsServers for the overcloud and
undercloud.

Partial: blueprint tripleo-routed-networks-templates
Change-Id: I5f33e06ca3f4b13cc355e02156edd9d8a1f773cd
2018-07-14 09:19:12 +02:00
Dmitry Tantsur
28be1058f6 undercloud: set OS_CACERT when TLS is used
This fixes TLS errors when anything using python-requests is run
from a virtualenv.

Change-Id: Icf659e54e8887dc9759cd4d8f732982ce3e0ae5f
Closes-Bug: #1771565
2018-05-16 18:40:14 +02:00
Carlos Camacho
44ef2a3ec1 Change template names to rocky
The new master branch should point now to rocky.

So, HOT templates should specify that they might contain features
for rocky release [1]

Also, this submission updates the yaml validation to use only latest
heat_version alias. There are cases in which we will need to set
the version for specific templates i.e. mixed versions, so there
is added a variable to assign specific templates to specific heat_version
aliases, avoiding the introductions of error by bulk replacing the
the old version in new releases.

[1]: https://docs.openstack.org/heat/latest/template_guide/hot_spec.html#rocky
Change-Id: Ib17526d9cc453516d99d4659ee5fa51a5aa7fb4b
2018-05-09 08:28:42 +02:00
Harald Jensas
e947c7e610 Add ctlplane networking for routed networks
* Add a new post install software deployment which runs
a python script to configure the undercloud control
plane network. Replaces section in post shell script.

Change-Id: I1cd594564d1628a6e1fccb9eadf18b716ccc5c72
2018-03-29 23:32:45 +00:00
Emilien Macchi
33abdba533 undercloud_post: manage post mistral config
- Replicate what has been done in _post_config_mistral
  (instack-undercloud)
- Cleanup cron triggers before cleaning workflows.
- Re-create publish-ui-logs-hourly cron trigger.
- If validations are enabled, execute copy_ssh_key workflow.

Depends-On: I10abed7f1514e9d72d5ebac0c85bad11cdf3210f
Depends-On: I01c4497324b2c8666d9f749147693d580c0a5e20
Change-Id: If641a9f91c85a0dcc5fcd8d89784ff4258123ea7
2018-03-13 14:35:23 +01:00
Dan Prince
32fe279eec Undercloud: fix stackrc TLS URL detection
We want to configure a TLS url for the underclouds stackrc
when a user specified or generated TLS certificate is used.
This patch updates the existing check so that
the PublicSSLCertificateAutogenerated paremeter is also used
when deciding if the SSL URL should be enabled.

Change-Id: I7561b5de7749ca57f8ac8056b470228e1026eb31
2018-02-15 00:02:39 +00:00
Dan Prince
315091e8dc Add a new UndercloudHomeDir parameter
Add a parameter to control the homedir of the
Undercloud user. Useful if you don't want stackrc
and ssh creds in /root/

Change-Id: I2ad703689b600280b2c1ab1752654f2d334cb6db
Co-Authored-By: Ian Main <imain@redhat.com>
2017-12-09 02:08:29 +00:00
Carlos Camacho
927495fe3d Change template names to queens
The new master branch should point now to queens instead of pike.

So, HOT templates should specify that they might contain features
for queens release [1]

[1]: https://docs.openstack.org/heat/latest/template_guide/hot_spec.html#queens

Change-Id: I7654d1c59db0c4508a9d7045f452612d22493004
2017-11-23 10:15:32 +01:00
Ian Main
74641a37f0 Add a name to the post deployment.
This is used by ansible generation.

Co-Authored-By: Dan Prince <dprince@redhat.com>

Change-Id: Ifad323af8311f70c698bb50e2d4d8ff8b2ab0be9
2017-09-28 19:25:46 -04:00
Martin André
aae3cc1ef5 Fix stackrc for containerized undercloud
Commit 5a400f8011c482abd9c0b550f566bb452159a383 broke the stackrc for
the containerized undercloud, making all the openstack commands fail
with:

  Cannot use v2 authentication with domain scope

This replaces the OS_TENANT_NAME variable with OS_PROJECT_NAME to and
switch to versionless auth_url to use keystone v3 instead.

Change-Id: I869adb75294b38c61e508870a69e1637bb410a94
Closes-Bug: #1719796
2017-09-27 14:12:22 +02:00
Zane Bitter
b26fe7d164 Use the make_url function to build URLs
Change-Id: I2b23d92c85d5ecc889a7ee597b90e930bde9028e
Depends-On: I72f84e737b042ecfaabf5639c6164d46a072b423
2017-05-05 14:43:11 -04:00
Dan Prince
b1fe2e8d60 Template and role support for the undercloud
Add a new roles data YAML file and environment to help
create the undercloud via t-h-t.

Partially-implements: blueprint heat-undercloud

Change-Id: I36df7fa86c2ff40026d59f02248af529a4a81861
2017-01-06 20:01:14 -05:00