240 Commits

Author SHA1 Message Date
Michael Johnson
773fccb7c1 Add the Unbound DNS resolver service
This patch addes TripleO support for the Unbound DNS resolver service.
This service will initially be used by the Designate service.

Change-Id: I8135ce4f344aeb7c0cf7521e0ba42335c4c7bbc8
2021-03-18 17:12:35 +00:00
Michele Baldessari
97016b2012 Add FRR service
This adds support for BGP via the OS::TripleO::Services::Frr service.
Spec: https://review.opendev.org/c/openstack/tripleo-specs/+/758249

We create the frr configuration via the corresponding tripleo_frr
ansible role at step0. We start the FRR container at deployment step
1 before pacemaker gets configured as the routing to all the other nodes
needs to be functional before setting up the cluster.

Co-Authored-By: Carlos Gonçalves <cgoncalves@redhat.com>

Change-Id: I7cef73c57e7b69f4d031e220c954803afd5e0b8c
2021-03-13 18:25:42 +00:00
Grzegorz Grasza
e329ca915e Generate certificates using ansible role
This is using linux-system-roles.certificate ansible role,
which replaces puppet-certmonger for submitting certificate
requests to certmonger. Each service is configured through
it's heat template.

Partial-Implements: blueprint ansible-certmonger
Depends-On: https://review.rdoproject.org/r/31713
Change-Id: Ib868465c20d97c62cbcb214bfc62d949bd6efc62
2021-03-10 16:28:22 +01:00
Sofer Athlan-Guyot
f87652dfe0 Add a new role parameter rhsm_enforce.
With this new switch we can opt-out enforcement of the subscription
check for some composed role. This is mainly useful for composed Ceph
which have different constraint than other Openstack roles.

Closes-Bug: #1912512
Depends-On: https://review.opendev.org/c/openstack/tripleo-ansible/+/771671

Change-Id: I46529ccab6c197da4885950282eb6731e28573d6
2021-01-22 14:03:53 +00:00
Francesco Pantano
79686663e8 Configure Ceph clients via tripleo-ceph-client (not ceph-ansible)
Default CephAnsibleSkipClient to True and CephConfigPath to
/var/lib/tripleo-config/ceph (instead of /etc/ceph) and set
these paramters explicitly in scenario00{1,4}. This will
result in all Ceph client configuration being done not by
ceph-ansible but by the new tripleo-ceph-client role from
tripleo-ansible.

Add the CephClient service to all Controller* roles which will
use Ceph. The service could have always been there as there are
Ceph clients on the these controllers, but it was not because
ceph-ansible configured clients as a side effect. With new
CephConfigPath default they no longer overlap so the service
is required.

Add support for CephExternalMultiConfig via tripleo-ceph-client
by looping on the contents of the CephExternalMultiConfig list
and passing each map as the dcn variable while including the
tripleo-ceph-client role each time.

Related-Bug: #1708302
Depends-On: I938ab604859fda88f3491399444841a3a373d162
Change-Id: I784e6a476752ed701192b3a0155c42edd4836d97
2021-01-04 15:16:11 +00:00
Zuul
0519978254 Merge "Remove Sahara support" 2020-11-06 03:12:06 +00:00
Takashi Kajinami
4a7d56947a Remove Sahara support
Sahara support was deprecated during previous Ussuri cycle[1], so we
can remove it completely now.

[1] f1d9b15c85fd1ed2250d40cea8184a18f458234f
Change-Id: Id047221cb912c09984cc3bf864196a26fd36736f
2020-10-19 09:39:36 +09:00
Harald Jensås
ff4d1fbb66 Use tags instead of role names
Role names can be customized, yet in THT jinja2 we
have several places where conditions are based on
the role name. By using tag's such as 'storage',
'ceph' and 'ovsdpdk' we the role names become truly
customizable.

The depends-on change in TripleO common will
dynamically add tag's to role's based on role.name
for backward compatibility during deprecation
period.

Depends-On: https://review.opendev.org/758124
Change-Id: I5ab4e4a220294245f95d328391bfffec87781a09
2020-10-15 12:57:40 +05:30
Zuul
d08d828290 Merge "Create external bridge on Compute nodes by default for OVN with DVR" 2020-09-05 06:29:12 +00:00
Dan Sneddon
bc5b6133f1 Create external bridge on Compute nodes by default for OVN with DVR
OVN is used by default, which includes DVR and requires a Neutron
external network bridge on the Compute nodes. This change adds the
tag 'external_bridge' to the Controller roles and modifies the
overcloud-resource-registry-puppet.j2.yaml file to set the default
NIC configuration to net-config-bridge.yaml when this tag is set.
This will cause both Controller and Compute nodes to have an
external bridge by default if no specific NIC configuration files
are specified for both roles since the 'external_bridge' tag is set
in roles_data.yaml.

This change also stops using net-config-bridge.yaml when the role
includes the 'controller' tag, since the 'external_bridge' tag is
used instead. A release note explains the change.

Closes-bug: 1890337
Change-Id: I69c32d33a516c629303e87c8e9a0e4b8fe58c669
2020-08-19 17:07:20 -07:00
rajinir
08415cb54d Support for PowerFlex Cinder Backend
VxFlex OS driver is rebranded to PowerFlex.
This patch adds support for PowerFlex.
Will deprecate the VxFlexOS template in
a new patch.

Depends-On: https://review.opendev.org/#/c/743852/
Change-Id: I94310bf84a0af7a735bd6e1c0038686b0d0abfc8
2020-07-31 15:57:10 -05:00
rajinir
56e2702f4a Support for PowerStore Cinder Backend
Adding support for PowerStore Volume Backend Driver

Depends-On: https://review.opendev.org/#/c/743627/
Change-Id: Idc36f3241b3ebed71722c6a89459c230beea4542
2020-07-29 16:52:08 -05:00
Zuul
9f5bee1bff Merge "Remove support for Neutron FUJITSU plugin" 2020-06-18 10:28:56 +00:00
rajinir
57652b8efe Support for Dell EMC VXFlexOS Backend
Adding support for VXFlexOS Volume Backend

Change-Id: I9e8e3b4395c25a0458d28b15666768152736c752
Closes-Bug: 1875176
2020-05-29 10:50:31 -05:00
Zuul
b328baf72b Merge "Support for Xtremio Cinder Backend" 2020-05-13 04:32:36 +00:00
Zuul
a44b659bcf Merge "Deprecate Keepalived service" 2020-05-08 03:46:43 +00:00
Takashi Kajinami
8213618f33 Remove support for Neutron FUJITSU plugin
It seems that netwokring-fujitsu is no longer maintained[1], and it's
not compatible with Python 3.6 which currently all OpenStack services
require.

[1] https://opendev.org/x/networking-fujitsu

Change-Id: Iae639864cce8e3add635944f157ecde074312e74
2020-05-08 00:09:58 +00:00
Emilien Macchi
c712355e4b Deprecate Keepalived service
We don't deploy Keepalived in multi-node as our HA story is done with
Pacemaker. Therefore, we don't use VRRP protocol that Keepalived
provides to maintain the VIPs alive, so we don't really need this
service.

Instead, we can configure the VIPs on the br-ctlplane interface which
already handled the local_ip. Now it also handles the configuration of
public ip and admin ip.

Keepalived is now deprecated and will be removed in the next cycle.

blueprint replace-keepalived-undercloud
Change-Id: I3192be07cb6c19d5e26cb4cddbe68213e7e48937
2020-05-05 10:16:52 -04:00
rajinir
ddd2385e00 Support for SC Cinder Backend
Updating the SC cinder backend to support both iSCSI
and FC drivers. It is also enhanceded to support
multiple backends.
CinderScBackendName supports a list of backend names
and a new CindeScMultiConfig parameter provides
a way to specify parameter values for each backend.
For example see file environments/cinder-dellemc-sc-config.yaml

Depends-On: https://review.opendev.org/#/c/722538/
Change-Id: I6e5f3753fe167c7fbc75c3d382c88c09c247c7b3
2020-05-01 10:33:32 -05:00
rajinir
c53e9568e1 Support for Xtremio Cinder Backend
Updating the Xtremio cinder backend to support both iSCSI
and FC drivers. It is also enhanceded to support
multiple backends.

Depends-On: https://review.opendev.org/#/c/723020/
Change-Id: I2ba45aaa584c6fdcfb59cf6aed1b72dc8815f91f
2020-05-01 10:22:12 -05:00
Zuul
d801b0e002 Merge "Support for PowerMax Cinder Backend" 2020-04-18 04:48:28 +00:00
rajinir
6c234a73ba Support for PowerMax Cinder Backend
PowerMax config options have changed since Newton.
Updating them to the latest and support both iSCSI
and FC drivers.

CinderPowermaxBackend is also enhanceded to support
multiple backends. CinderPowermaxBackendName supports a
list of backend names and a new CinderPowermaxMultiConfig
parameter provides a way to specify parameter values for
each backend. For example see file
environments/cinder-dellemc-powermax-config.yaml

Depends-On: https://review.opendev.org/#/c/712184
Change-Id: I4429ed2d45661ea82ae38a7050abb2b229953c9c
2020-04-08 16:17:41 -05:00
Takashi Kajinami
336e9d39a9 Remove Dell EMC PS Series Driver support
... because it it not supported in anymore, and puppet-cinder
implementation was already removed in [1]

[1] 7083e88a699233930b0de413394ae95cab649462

Depends-on: https://review.opendev.org/#/c/716027/
Depends-on: https://review.opendev.org/#/c/717144/
Change-Id: I8b7af40a4dfba297821a7aae6edf5938c43034a1
2020-04-04 09:24:37 +09:00
Emilien Macchi
ac2711c72b Switch to Podman by default
- Remove Docker service from all the roles; not needed anymore
- Switch ContainerCli to podman for docker-ha environment. Note; this
  environment might be renamed at some point to, container-ha.yaml. But
  for backward compatibility we still use it now.
  Also switch EnablePaunch to false since we were waiting for the podman
  switch to do it.
- In the overcloud registry, disable Docker by default and enable Podman
  by default.

This patch will only work for centos8/rhel8 based deployments.

Change-Id: I561c52ce09c66a7f79763c59cd25f15949c054af
2020-03-18 09:27:36 -04:00
Alex Schultz
bac746b25b Remove skydive
We're dropping this as it has no testing and is not currentily available
for CentOS 8.

Change-Id: I408490346840d5a2e3ae29f53cbc100edcf72ee7
Depends-On: https://review.opendev.org/#/c/712517/
2020-03-12 14:02:52 -06:00
Telles Nobrega
79bd7c447b Adding ReaR THT
Adding a THT to install and configure ReaR.

Depends-On: I960e45f2162f8e1257f952a14e7f876468aa8fca

Change-Id: I156f0cd32bf028a2027b6baa6c4c999c239ca746
2019-11-21 11:07:51 -03:00
Zuul
ea7c85f26b Merge "Remove EC2 api" 2019-10-30 13:54:19 +00:00
Zuul
794da25b07 Merge "Add NovaAZConfig service to compute roles" 2019-10-29 02:57:40 +00:00
Martin Schuppert
7adb850fbc Remove EC2 api
EC2 api was deprecated with Ieb108a363cecafe3407d0dd505947c99bb24226c.
Lets remove it.

Change-Id: Ied22623e56d8a01649486b43a7c673470f75f13b
2019-10-23 15:24:39 +02:00
Saravanan KR
9c3638b8a1 Remove OpenDaylight templates and environments
OpenDaylight deployment has been deprecated in Stein. In Train,
the tempaltes are removed.

Change-Id: I9711ef977d045f1dbcdc631fe2655294109031b8
2019-10-18 11:39:41 +05:30
Zuul
adae981b14 Merge "Remove sensu-client service" 2019-10-10 22:59:46 +00:00
Zuul
3544453049 Merge "Remove Tacker service" 2019-10-10 22:59:38 +00:00
James Slagle
45c226c8fe Add NovaAZConfig service to compute roles
The NovaAZConfig service is added to all the compute related roles
of the box so that the nodes are automatically in a new AZ when the
service is enabled.

By default, the service is mapped to OS::Heat::None so no change in
default behavior is made.

Change-Id: If1e4e149100dccfe76ccd807997a611d0fc8841f
2019-10-10 10:37:39 -04:00
Hamdy Khader
fdb5c22bd9 Add support for Neutron Multi interface driver
- configures Neutron agents (dhcp,l3) to include multi interface configurations
  - configures Neutron ML2 to bind normal ports

Depends-On: I79a9bf7c07ca7c60e982a30b23308576daffc017
Change-Id: I212c0f4ae639023bdb75ced6a82a3a4aacf9d0f9
2019-10-03 12:50:27 +03:00
Martin Magr
b3ffd695fd Remove sensu-client service
Sensu client has been deprecated and it's functionality substituted
by collectd-sensubility. This patch removes sensu-client composable
service

Change-Id: I4be68eb7319b2c92cc7d0fc9df7a5c87dfb5106c
2019-10-01 12:07:46 +02:00
Alex Schultz
b44a079578 Remove Tacker service
The Tacker service has been incomplete since Queens. They restructured
the services and TripleO has never implemented code to handle this new
structure. Since it's been disabled since Queens and there is currently
no plans to fix it, let's remove the service code.

Change-Id: I2856e894b58d50c2d3484ccd02bfb1d43625847f
Depends-On: https://review.opendev.org/#/c/682457/
Related-Bug: #1714270
2019-09-19 15:21:13 +00:00
Ryan McCabe
112f485c7f Remove panko
Remove panko, which has been deprecated.

Change-Id: I590c889f838482d00cae596fcba2796f99d1e5b5
Signed-off-by: Ryan McCabe <rmccabe@redhat.com>
2019-09-05 15:15:43 -04:00
Martin Magr
5ccf8951e5 Remove fluentd composable service
This patch removes fluentd composable service in favor of rsyslog composable service
and modifies *LoggingSource configuration accordingly.

Change-Id: I1e12470b4eea86d8b7a971875d28a2a5e50d5e07
2019-08-29 13:52:55 +01:00
Zuul
f7b4851d99 Merge "Rsyslog composable service" 2019-07-24 18:02:58 +00:00
Martin Magr
8727ef050c Rsyslog composable service
This patch adds rsyslogd composable service with the same behaviour
the fluentd composable service currently has.

Co-Authored-By: Juan Badia Payno <jbadiapa@redhat.com>
Change-Id: I18e349c450a42dc7e9867d200e777a324e2d12bc
2019-07-18 15:41:28 +00:00
fpantano
a407d4f5da
Add dashboard component as new ceph composable service.
This review introduces the CephDashboard service
to allow operators to deploy the new ceph dashboard
along with the other ceph components.
According to the spec we can add the environment
file to reference the template that contains all the
parameters needed to deploy the ceph-dashboard via
ceph-ansible related roles.

Implements: blueprint ceph-dashboard
Change-Id: I1d31cd99823686986cdbd3ac1df184e9457a361e
2019-07-17 15:53:34 +02:00
Alan Bishop
b172661995 Make Multipathd an optional service
This is part 1 of a series of patches to properly deploy multipathd.

This patch makes Multipathd an optional TripleO service (defaults to
OS::Heat::None), and binds it to every role that might use the service.
This is essentially any role that accesses cinder volumes. Previously,
the service was not optional, but was not bound to any roles and so it
was never deployed.

Partial-Bug: #1834042
Change-Id: I3bc7d8557f758103c35533a59e06e36cd15f98b9
2019-06-24 07:15:37 -07:00
Mathieu Bultel
a59a188a6b Force ansible serial to 1 for the Controller
By introducing update_serial variable we parallelize update
execution on non-pacemaker enabled nodes. Custom role data users
need to update their role files. By default we do serial 1 making
sure nothing changes for users who didn't update their role data.

Resolves: rhbz#1652057
Closes-Bug: #1831617

Change-Id: I4ee0110a6c2b9466d81e37e5df27f5f81a6eceb5
2019-06-07 14:25:54 +02:00
Zuul
ebcc709330 Merge "Add creating br-ex for compute node in ovn" 2019-06-06 16:22:28 +00:00
Kamil Sambor
ff7cce93eb Add creating br-ex for compute node in ovn
For ovn compute nodes we need br-ex exactly like with
ComputeDVR role. Now we can do this in jinja templates
using new tag external_bridge

Change-Id: If44e9cbad714ce3954928407c42a8dc2473fed2e
Closes-Bug: #1822367
2019-06-05 10:15:39 +02:00
Carlos Goncalves
14436f915b Remove Neutron LBaaS
The project has been retired and there will be no Train release [1].
This patch removes Neutron LBaaS support in tripleo-heat-templates.

[1] https://review.opendev.org/#/c/658494/

Closes-Bug: #1831618
Change-Id: If13bbcdea82045d816485412f252c9b52bcf45a7
2019-06-04 15:12:38 +02:00
Alex Schultz
885715855b Ensure openstack clients are installed
We need to ensure the openstack clients are installed on controllers for
the deployed server case. This should be handled by the overcloud images
themselves, however if the images are not used we should make sure the
clients get installed with our OpenstackClients service.

Change-Id: If7fad9f24c7294c2d749fc3838b1fb71182930fc
Related-Bug: #1829769
2019-05-20 10:01:51 -06:00
Martin Schuppert
20dbe32060 Remove NovaConsoleauth Service
As of Rocky [1], the nova-consoleauth service has been deprecated and
cell databases are used for storing token authorizations. All new consoles
will be supported by the database backend and existing consoles will be
reset. Console proxies must be run per cell because the new console token
authorizations are stored in cell databases.

nova-consoleauth was deprecated in tripleo with:
I68485a6c4da4476d07ec0ab5e7b5a4c528820a4f

This change now removes the NovaConsoleauth Service.

[1] https://docs.openstack.org/releasenotes/nova/rocky.html

Closes-Bug: #1828414

Change-Id: Icdfbf26b5e83cc07a560eb227a0cf822e4c5a1e3
2019-05-09 15:24:13 +02:00
Lee Yarwood
555178160b placement: Introduce an extracted PlacementAPI service
This change introduces an optional extracted version of the Placement
service into TripleO. This extracted version will only be required once
the Placement service is fully removed from Nova during the T cycle
(previously S but delayed) at which point the corresponding
NovaPlacement service will also be removed from TripleO.

The majority of this change is code motion between the original
NovaPlacement service and the new PlacementAPI service.

Upgrades from the original NovaPlacement service to the extracted
PlacementAPI service are not currently supported by this change and will
be worked on independently during the Train cycle.

Co-authored-by: mschuppert@redhat.com

Depends-On: https://review.openstack.org/#/c/624335/
Change-Id: I9e3287bcbe9d317f32bf6b468c6ee17f04b6fff9
2019-04-18 17:34:06 +02:00
Emilien Macchi
f3b85e4ba5 Remove Congress
Congress doesn't seem to be used anywhere, we never had a bug report or
any sign of somebody out there actually using it.

Let's remove its support in TripleO, to reduce the codebase.

Change-Id: Idca6b12f1c0ca3bc15bedf6469d4063a4dac31fa
2019-02-28 16:29:03 -05:00