As of Rocky [1], the nova-consoleauth service has been deprecated and
cell databases are used for storing token authorizations. All new consoles
will be supported by the database backend and existing consoles will be
reset. Console proxies must be run per cell because the new console token
authorizations are stored in cell databases.
Lets deprecate it also in tripleo that it can be removed in a later
release.
[1] https://docs.openstack.org/releasenotes/nova/rocky.html
Change-Id: I68485a6c4da4476d07ec0ab5e7b5a4c528820a4f
With cellsv2 multicell in each cell there needs to be a novnc proxy as the
console token is stored in the cell conductor database. This change adds
the NovaVncProxy service to the CellController role and configures the
endpoint to the local public address of the cell.
Closes-Bug: #1822607
Depends-On: https://review.openstack.org/649265
Change-Id: Ia3a36d369fdc18685f4c965a9e371ca3143967bf
The QemuMemoryBackingDir and NovaLibvirtFileBackedMemory params can be a role
parameters however the heat conditions only checked the normal param.
Change-Id: Iac6d96b2eb3ab92211150572f5a117f07964aaa1
Related-bug: 1793687
Move the apache service undercloud the deployment directory.
Change-Id: Iead4f910390cb75f56f96da2d24889a461275c9d
Related-Blueprint: services-yaml-flattening
Directory /etc/pki/CA is no longer available in CentOS 8 with base openssl
package. Libvirt still has the default to /etc/pki/CA for some TLS settings.
Lets add openssl-perl to get /etc/pki/CA and keep defaults where possible.
The package gets added to overcloud image and container via:
https://review.openstack.org/645498https://review.openstack.org/645501
This check is mainly to make sure the package is also installed on
split stack deployments.
Change-Id: Id81ad942db6b193ab8b1dad537c65249348714d8
Related-Bug: #1821139
UpgradeRemoveUnusedPackages is not used anymore. All packages are
supposed to be removed on undercloud upgrade to 14.
Change-Id: Ie6b739390ec0ae0c5773a5a6c63b49422195623a
New parameter ``NovaNfsVersion`` allow configuring the NFS version
used for nova storage (when NovaNfsEnabled is true). Since NFSv3
does not support full locking a NFSv4 version need to be used. To
not break current installations the default is the previous hard
coded version 4.
Change-Id: I810478ed82ee6dc056d9652be91dc45b123e78cf
The plan is:
- Docker is deprecated in Stein
- Podman is the default in Stein
- Docker will be removed in Train
Change-Id: I8f00d3e539abc4a169d6b48b8ce697e54aa2eae9
Adds functionality whether to enable / disable KSM on compute nodes.
Especially in NFV use case one wants to disable the service and as there
is in general little benefit in overcloud nodes, KSM is disabled per
default, but can be enabled using the new NovaComputeEnableKsm role
parameter.
Change-Id: I1b8dba2e2a9ff4f5ad73a4fbc3251b5dc96fd38e
This change combines the previous puppet and docker files
into a single file that performs the docker service installation
and configuration.
Change-Id: I9bd5c9f007d9f69d7310cdd0106bcc923c1b0acd
During some of the nova service flattening it was included some of the
baremetal upgrade_tasks into the containerized services. This patch removes
them.
Change-Id: I4a569195deeadb34180561c778dabe77be4f6466
Closes-Bug: #1816453
The flattening introduced an error with sshd config, where the
host was listening on port 2022, preventing the nova_migration_target
container to start, since it wants to start an sshd service on port
2022.
Closes-Bug: 1816523
Change-Id: I3a7ba82cf978cf6c056dba2d623fc94183650474
Live migration is currently totally broken if a NUMA topology is
present. This affects everything that's been regrettably stuffed in with
NUMA topology including CPU pinning, hugepage support and emulator
thread support. Side effects can range from simple unexpected
performance hits (due to instances running on the same cores) to
complete failures (due to instance cores or huge pages being mapped to
CPUs/NUMA nodes that don't exist on the destination host).
Until such a time as we resolve these issues, we should alert users to
the fact that such issues exist. A workaround option is provided for
operators that _really_ need the broken behavior, but it's defaulted to
False to highlight the brokenness of this feature to unsuspecting
operators.
The related nova change is I217fba9138132b107e9d62895d699d238392e761
The proposed change allows to configure the 'enable_numa_live_migration'
workarounds option through TripleO. By default this feature will be
disabled for NUMA topology instances.
Depends-On: I16794fbfef0e6e83d3fcebb9e6bc2fcf478ebf72
Change-Id: I523756b418afe1827490c936966af8936ffdbaa6
Duplicate 'step_config' sections were added to these services
during the recent flattening efforts. This is causing Puppet
to execute on the host which can cause duplicate ssh port
errors in the case of the nova-migration-target service.
Change-Id: I7034a0952788db8c663ed00fb2c8622f3e14122b
Closes-bug: #1816484
It was removed again by a recent commit [1]. This configuration is
needed for TLS everywhere.
[1] Ife9bf12d3a6011906fa8d9f97f7524b51aef906a
Change-Id: I3896bc9eccc1fb08923b4dbecd8109f3b56038e9
Closes-Bug: #1815888
- uses split-control-plane
- adds a new CellController role
- nova-conductor, message rpc (not notifications) and db
- move nova dbsync from nova-api to nova-conductor
- nova db is more tightly coupled to conductor/computes
- we don't have a nova-api services on a CellController
- super-conductor on Controller will sync cell0 db
- new 'magic' MysqlCellInternal endpoint
- always refers the to local MysqlInternal endpoint
- identical to MysqlInternal for regular deployment
- but doesn't get overridden when inheriting EndpointMap from parent
control-plane stack
- duplicate service node name hiera for transport_urls on cell stack
- nova -> cell oslo messaging rpc nodes
- neutron agent -> global messaging rpc nodes
- run cell host discovery only on default cell, for additional cells
the cell needs to be created first
bp tripleo-multicell-basic
Co-Authored-By: Martin Schuppert <mschuppert@redhat.com>
Change-Id: Ife9bf12d3a6011906fa8d9f97f7524b51aef906a
Depends-On: I79c1080605611c5c7748a28d2afcc9c7275a2e5d
[1] missed some parts from puppet/services/nova-libvirt.yaml which
broke tls-everywhere as the qemu-nbd-client-cert were not created,
also the file was not removed after merge.
Changes:
- added missing parts from puppet/services/nova-libvirt.yaml
- removed no longer needed ENV parameters for
nova_cell_v2_discover_host.py
- re-added /etc/my.cnf.d to nova_cell_v2_discover_host
- deleted puppet/services/nova-libvirt.yaml
[1] https://review.openstack.org/633278
Change-Id: I8d476fd7a040d275cd70ea8393386443b557fe4d
Closes-Bug: #1815888
This change combines the previous puppet and docker files
into a single file that performs the docker service installation
and configuration. With this patch the baremetal version of
nova has been removed.
Change-Id: Ic577851f8d865d5eec41dbfb00c27520bedc3fdb
This change combines the previous puppet and docker files
into a single file that performs the docker service installation
and configuration. With this patch the baremetal version of
nova has been removed.
Change-Id: Ia41a6adf9fda2d6be8f1b5ac57854381b7f92ce7
The check and stop for systemd services during upgrade tasks was
removed in [0], however the task to stop them was re-included by
mistake.
[0] - e4ee042a2aaf880e9863461a7423549be3bb0aa1
Closes-Bug: #1815170
Change-Id: I62c9c0a01ab723347e724c46b9b7be78ec6213c0
This change combines the previous puppet and docker files
into a single file that performs the docker service installation
and configuration. With this patch the baremetal version of
nova has been removed.
Change-Id: If8f4daa9127aa528a2088a978494f2d6d83106e2