Neutron's dns_assignments field includes a nice pice of
structured data. This is a prerequirement for Designate
usage. (No plan's to use that, but being a bit ready
does'nt hurt.)
{"hostname": "my-vm",
"ip_address": "192.0.2.16",
"fqdn": "my-vm.example.org."}
Enable for the undercloud:
- dns_domain_ports ml2 extension driver
Change-Id: I46eb9a24dd66821b27524fe4d1fdab617b6fa948
CentOS 8 undercloud installation is failing because
/usr/bin/env python does not exist. Update the
python scripts to use platform-python.
Closes-Bug: #1869714
Change-Id: I459410950503c42cc39a91c64e56f69aa0a34d20
This change will imporve the ability to enable a swap partition should
one be present. The updated script will now use the label when defined
and found, it then will look for a partition in the /etc/fstab file prior
to writing the file system entry. This resolves an issue where if this
template was executed more than once, a given partition would be written
to the /etc/fstab file repeatedly. If a given label is undefined the
script will look for swap filesystem types and use the UUID of the given
swap filesystem to enable swap functionality. This improvement will
ensure hosts that have swap partition already created, but potentially
unlabled, are able to be handled correctly. This will work with LVM,
Logical, Primary partition types.
Change-Id: I60a1f427d4f58ae559c797f37f8230d6eb694e1d
Signed-off-by: Kevin Carter <kecarter@redhat.com>
The CloudNameStorageManagement property was used for almost all
networks when service_net_map_replace is defined. This should
not be hardcoded to StorageManagement, it needs to be replaced
by {{network.name}}.
Closes-Bug: #1862679
Change-Id: I140aa8e44134130d03f6670a9314783288396dde
Replace the python script that was run on post-config, by an Ansible
task running on the host where Keystone is running.
It'll be useful later when using OpenStackSDK to have access to the
credentials during the deployment and not having to wait the far end.
It's also reducing the Heat resources.
Depends-On: https://review.opendev.org/#/c/700015
Change-Id: I585abc3e6a3b9b8ae9183e0b5170df2e39301e17
The 'tripleo.validations.v1.upload_validations' workflow has been
removed from tripleo-common, this Undercloud post installation step
could be safely removed.
Change-Id: I55495b932c682367a0b336741319aa31b0dcbcd2
Signed-off-by: Gael Chamoulaud <gchamoul@redhat.com>
The filtering added to fix Bug: #1821377 filters any
network without a VIP address. This filtering is to
agressive and cause deployment failure when a management
network without a VIP is used.
Change-Id: If189eb6fc0b2dc2c78323a7c08f7e303be2b6124
Resolves: rhbz#1778719
Closes-Bug: #1854846
Ealier, KernelArgs had been configured using ansible
tasks part of THT repo. Thoese ansiblet asks has been
moved to tripleo-kernel role of tripleo-ansible. This
role will be invoked from the boot-params-service.
boot-params-service has been moved from pre network to
the deployment/kernel directory.
OvS-DPDK configuration was done using puppet-vswitch
module by invoking puppet in PreNetworkConfig's
ExtraConfig script. A new ansible role tripleo-ovs-dpdk
has been created to apply the DPDK configurations via
ansible instead of puppet. This role will be common
for both ml2-ovs and ml2-ovn. Common parameter merging
has been enhanced to provide common deploy steps.
ODL is not validated as it has been deprecated and
currently no active usage or development.
Depends-On: https://review.opendev.org/#/c/688864/
Change-Id: I4b6f7d73cf76954e93760c59d522d485187157cf
Use the parameter UndercloudCtlplaneIPv6AddressMode
to control ipv6 address mode for the provisioning
network instead of hard-codeing to dhcpv6-stateless.
Change-Id: I549f930853539a7cd665a00d7ec3fd1705f819fb
Closes-Bug: #1847606
Depends-On: I7de5f5487065d20068229e0d34102be6119fbeef
Check if the router exists before creating it. The undercloud
re-install fail's when using IPv6 provisioning network since
the router already exists.
Also, don't create the router if routed networks is enabled.
In this case the router in the infrastructure should handle
router advertisements.
Change-Id: I5bc0a88bbb7912bb10693ce393ac89365f29a940
Closes-Bug: #1844767
This change makes sure that we apply pyflake8 checks on all python
codes to improve its readability.
Note that there are some rules applied for other OpenStack projects,
but not yet turned on, which should be enabled in the future.
Change-Id: Iaf0299983d3a3fe48e3beb8f47bd33c21deb4972
We can have both ipv4 and ipv6 networks defined and could end up having
a mix of addresses passed into the undercloud configuration. Neutron
throws an error if the ip address type doesn't match the network being
created (e.g. ipv4 nameserver for ipv6 cidr and vice versa). Let's
filter the nameservers to ensure we only set the appropriate ip version
nameserver for the network.
Change-Id: I184797270dbb6c70cae11bc98128890529035690
Closes-Bug: #1841805
In this change [1] I've loaded wrong module. It needs the
Type1 IOMMU driver for VFIO to be loaded on boot.
[1]: I3ffd1c11a1851e62992a6a63e8abb130db82856f
Change-Id: Iba7fa6c4edea4755afb91a97460ec3cc8e7ee234
Closes-Bug: 1838159
On SR-IOV capable deployments when rebooting a compute node,
vfio_iommu_type1 will not be loaded which will cause guest
instances with VF/PF fail to start/spawn.
Manually loading the kernel module will allow to spawn guest
instances successfully.
Change-Id: I3ffd1c11a1851e62992a6a63e8abb130db82856f
Closes-Bug: 1838159
This helps to consolidate the Undercloud and Standalone deployments. It
also avoids an issue where the Ansible Python interperter cannot be
found.
Change-Id: I01a95be975011d2419a523da572503e0ebcfa49b
Resolves: rhbz#1733608
Signed-off-by: Luke Short <ekultails@gmail.com>
Moving undercloud deployment to container means that during execution
of undercloud backup mistral-executor does not have required connections
and data available and so creates empty tarball currently. This patch is
one of many, which are supposed to fix this. On THT side we need to:
- Include DB host IP address in tripleo.undercloud-config env
- we need to have this information about undercloud IP available
as we cannot connect to local socket anymore and using 'localhost'
does not work.
- Mount directories which are meant to be backed up
- currently directories backing up directories local to mistral_executor
are useless for undercloud backup
Change-Id: Ia1fd60a13570a42f5243beb5bb0487c743e31d27
Partial-Bug: #1812960
These resources aren't used anymore and are leftovers from previous Heat
resources which don't exist anymore.
Change-Id: I4b33df191c4eb3cd961bbdbaf6ef28844de6d1a9
... and move the services into the deployment directory.
The extraconfig/services directory was initially created for
experimental services using an interface that was work in progress but
is now stable enough, so the services can live among the others for
simplification.
Change-Id: I2bd0b169ed18ea2fccfea4475402dd73076924c8
Migrate to using the template mode of the tripleo-ssh-known-hosts role.
Detailed Changes:
common/deploy-steps.j2:
Remove ssh_known_hosts_hostnames parameter
Remove ssh_known_hosts variable in config-download output
Set tripleo_ssh_known_hosts_use_template var to true when including
the tripleo-ssh-known-hosts role to activate template mode.
extraconfig/tasks/ssh/host_public_key.yaml:
Template removed as it was deprecated and is no longer used.
extraconfig/tasks/ssh/known_hosts_config.yaml:
Template removed as it was deprecated and is no longer used.
overcloud-resource-registry-puppet.j2.yaml:
Mappings for Ssh known hosts resources removed
overcloud.j2.yaml:
Resources removed: SshKnownHostsConfig, SshKnownHostsHostnames,
{{role.name}}SshKnownHostsDeployment
Removed passing in ssh_known_hosts_hostnames parameter to
common/deploy-steps.j2
puppet/role.role.j2.yaml:
Removed SshHostPubKey and SshKnownHostsHostnames resources
Removed known_hosts_entry and known_hosts_hostnames stack outputs
Add role_networks to set Ansible group vars which is a list of enabled
networks for the role
Change-Id: I10d0de42acc0b88b7947b464e976b5d0b9067ca2
clouds_yaml.py script is used to generate clouds.yaml
for undercloud and standalone. It is now refactored and moved
to tripleo-common module[1] and can be reused here.
[1.]https://review.opendev.org/#/c/664586/
Related-Bug: #1719369
Depends-On: https://review.opendev.org/#/c/664586/
Change-Id: I50b37df1a87472a16e2d5d2c588c728d2a7a5c76
Signed-off-by: Chandan Kumar (raukadah) <chkumar@redhat.com>
Since https://review.opendev.org/656581 is merged (and the revert,
reverting the revert ...) there is no metadata service running.
This change removes all things related to setting up routes
to the metadata service, i.e the EC2MetadataIp. As well as NAT
firewall redirect rule used only on the undercloud but disabled
by default.
Blueprint: nova-less-deploy
Change-Id: Ic4ea74b45c566048e32dde82d2bf00498f932af6
Those are hidden resource types in heat. Changing these types
would not result in replacement of the resources.
Change-Id: I22d23a8f187263bd36e364f0cd3301c830f3220b
Filter krb-service-principals for the CompactServices
based on the networks associated with the role.
Filtering for the IndividualServices was added in previous
fix https://review.openstack.org/646005, which did'nt
fully fix the bug.
Closes-Bug: #1821377
Change-Id: Id54477ca5581e1f5fe8a09c3bc60a238d114dbb2
Use the DNS nameservers for each ctlplane subnet,
instead of using the same DNSServers for all subnets.
Related-Bug: #1834306
Depends-On: I0dc03eddf9ea00ff33cd3ae0cdc8f42a4961e89c
Change-Id: I4c102d8f728a90cf9eb90f6129738377a8d2503c
The parameters for no_ntp_setup, ipa_domain and makehomedir
need to be set to whatever is coming in from heat.
Change-Id: Ica897528ee2ddd7d3e9f7cc7e920de8acdd61556
This converts all Docker*Image parameter varients into
Container*Image varients.
The commit was autogenerated with the following shell commands:
for file in $(grep -lr Docker.*Image --include \*.yaml --exclude-dir releasenotes); do
sed -e "s|Docker\([^ ]*Image\)|Container\1|g" -i $file
done
Change-Id: Iab06efa5616975b99aa5772a65b415629f8d7882
Depends-On: I7d62a3424ccb7b01dc101329018ebda896ea8ff3
Depends-On: Ib1dc0c08ce7971a03639acc42b1e738d93a52f98
We currently install the openldap-clients package on overcloud
controller nodes. It was assumed that this package was needed for
IPA client enrollment, but the ipa-client package only uses the
openldap libraries that will already be pulled in as an indirect
dependency of ipa-client. The openldap-clients package contains
LDAP CLI utilities, which don't appear to be actually used.
Change-Id: I14c1d8204bd84ead0d6995b5aefd10d2bbc4227d
The tuned heat template was using puppet to configure the service.
This change removes `tuned-baremetal-puppet.yaml` and replaces it
with `tuned-baremetal-ansible.yaml` in an effort to decrease our
reliance on puppet.
The old puppet file name was removed from the resource registry
template and replaced with the new file name.
Additional changes were made to the tuned boot params template
and tasks. These changes modify the tasks for readability and
ensure we're not needlessly running shell commands. Because the
parameter `TunedProfileName` is now used in the new ansible
based templatei, changes have been made to ensure we're enforcing
a consistent definition.
> Once this change has been merged a follow-up patch will be made
to puppet-tripleo to eliminate the tuned.pp manifest.
Change-Id: I06d07f6f0949095cb716dd706e05f2e567c0d3d8
Signed-off-by: Kevin Carter <kecarter@redhat.com>