Sensu client has been deprecated and it's functionality substituted
by collectd-sensubility. This patch removes sensu-client composable
service
Change-Id: I4be68eb7319b2c92cc7d0fc9df7a5c87dfb5106c
This patch adds parameters and logic for configuring
collectd-sensubility. Please note that privileged mode
needs to be removed so that container health check gets
smooth access to host's systemd data. We should instead
use --cap-add when some regression caused by missing
capability will arise.
Change-Id: I4422d25396e74f8b4b9980dc16386353bc6e4627
Depends-On: Ieb5042603ff76fd22f867a17a853bb1ec6a744f2
This change (with its dependent reviews) creates a separate VIP for the OVN DBS
service. A more detailed explanation can be found in https://bugs.launchpad.net/tripleo/+bug/1841811.
The short explanation is that the OVN DBS HA service puts some additional constraints on the VIP it
uses and that is problematic when that VIP is used by other services (e.g. a change in OVN DBS master
will move the VIP and will also reset all mysql connections. It also prevents us splitting OVN DBS from
where haproxy runs).
Tested as follows:
A) Deployed a mster environment with this review and all its dependencies and correctly obtained
an OVN DBS service with its own Vip and the OVN services
(controller/metadata) pointing to this separate Vip
B) Deployed a master environment as is and then applied this review +
dependencies and observed that a redeploy correctly created a new VIP,
reconfigured the services to point to the new VIP and that the old
obsolete constraints created around the per-network VIP were removed
Closes-Bug: #1841811
Depends-On: Ic62b0fbc0fee40638811a5cd77a5dc5a4d82acf5
Change-Id: I620e37117c26b5b51bf9e1eda91daeb00fdf0f43
The bootstrap_nodeid group var is no longer needed coming out of Heat
because it's value can be calculated entirely with the Ansible jinja2
template.
Change-Id: I7406cb4d79a5fd988482fc679bb94bc2d33218c2
The DeployedServerEnvironment output has been removed from the stack
as they are no longer needed when using config-download with
pre-provisioned nodes.
Change-Id: If94997621ebd1096326ba77a167564a728102b54
Indicates that the nova-metadata API service has been deployed
per-cell, so that we can have better performance and data isolation
in a multi-cell deployment. Users should consider the use of this
configuration depending on how neutron is setup. If networks span
cells, you might need to run nova-metadata API service globally.
If your networks are segmented along cell boundaries, then you can
run nova-metadata API service per cell.
Introduces a new endpoint_map entry NovaMetadataInternal.
If NovaLocalMetadataPerCell is true, NovaMetadataCellInternal points
to the local cell endpoint.
If NovaLocalMetadataPerCell is false, NovaMetadataCellInternal points
to the central control plane nova metadata endpoint.
The NovaMetadataCellInternal endpoint is then used to configure the
nova-metadata api endpoint the ovn metadata agent points to.
Also removes setting the deprecated [DEFAULT]/nova_metadata_ip
hiera key and only uses [DEFAULT]/nova_metadata_host for the ovn
metadata agent.
Depends-On: https://review.opendev.org/675070
Depends-On: https://review.opendev.org/650943
Change-Id: I78f6d30676ee166f84d8aca1609b376bb73e5f2c
Closes-Bug: #1823760
Change-Id: I1e05230e4105a3706f0662b0c203137d05ebf3d8
The plugin isn't well maintained and we have zero feedback on how it is
working, therefore we are removing it from the tree; and a composable
service can be added out of tree later if needed.
Change-Id: Ibbcf0316aebd6c1ca87f510f5aa4c4b44941ed88
The plugin doesn't have maintainers nor testing in recent releases,
let's remove it from the tree; and a composable service can be added
later if needed, out of tree.
Change-Id: I7edc7d1c817c5577a11effc6732fb3797574ebac
Instead of writing a set of vars to hieradata_vars.yaml and then passing
that into tasks with vars_files, just set the data as group vars.
This makes for a simpler interface without having to remember to pass in
the data with vars_files on any task/play that might require them.
Change-Id: I851d9404861d55791bde1346c58bc1c94f591569
Migrate to using the template mode of the tripleo-ssh-known-hosts role.
Detailed Changes:
common/deploy-steps.j2:
Remove ssh_known_hosts_hostnames parameter
Remove ssh_known_hosts variable in config-download output
Set tripleo_ssh_known_hosts_use_template var to true when including
the tripleo-ssh-known-hosts role to activate template mode.
extraconfig/tasks/ssh/host_public_key.yaml:
Template removed as it was deprecated and is no longer used.
extraconfig/tasks/ssh/known_hosts_config.yaml:
Template removed as it was deprecated and is no longer used.
overcloud-resource-registry-puppet.j2.yaml:
Mappings for Ssh known hosts resources removed
overcloud.j2.yaml:
Resources removed: SshKnownHostsConfig, SshKnownHostsHostnames,
{{role.name}}SshKnownHostsDeployment
Removed passing in ssh_known_hosts_hostnames parameter to
common/deploy-steps.j2
puppet/role.role.j2.yaml:
Removed SshHostPubKey and SshKnownHostsHostnames resources
Removed known_hosts_entry and known_hosts_hostnames stack outputs
Add role_networks to set Ansible group vars which is a list of enabled
networks for the role
Change-Id: I10d0de42acc0b88b7947b464e976b5d0b9067ca2
The service_names isn't useful anymore:
- hiera('service_names') has been replaced by hiera('enabled_services')
- sensu::subscriptions moved under the {{role.name.lower()}}_extraconfig
hieradata file.
This is part of the effort which aims to reduce the number of hieradata
files.
Depends-On: I457f2c81a2cf6cc2f42dc4585b41b0d91dacc059
Change-Id: I22081888541e059cd9f258d15990f58df78c38d2
Closes-Bug: #1835551
Migrates these hieradata files to use the cloud_domain and fqdn
templates from tripleo-hieradata. The templates have more meaningful
names to actually represent the data that these hieradata files contain.
Detailed changes:
common/deploy-steps.j2:
Add parameter for CloudDomain and add it to the Ansible global vars
Remove the Per-host hieradata tasks and parameters as they are no longer used
Add cloud_domain and fqdn to list of templates for tripleo-hieradata
overcloud.j2.yaml:
Add role_networks to HieradataVars for each role
Replace {{role}} and host_extraconfig from hieradata hierarchy with
cloud_domain and fqdn.
puppet/role.role.j2.yaml:
Remove {{role}} hieradata from hieradata Datafiles as the template is
now used instead.
Remove per host hieradata resources and output as they are no longer
used.
Depends-On: I9c038399fccc4730b73e1a52281d7256ea689ee9
Change-Id: I136fb7aa864a2a3668f5a3845f3ded28b13bfe43
Migrates the net_ip_map hieradata from Heat to the tripleo-hieradata
role.
Detailed changes:
network/ports/port.j2:
cidr output added for the network subnet cidr of the port
port for a role
network/ports/noop.yaml:
cidr output for compatiblity with port template interface
puppet/role.role.j2.yaml:
{{network.name}}_cidr output added for the each networks subnet cidr
Remove the net_ip_map hieradata from the per host datafiles generated
by Heat as tripleo-hieradata template will be used instead.
overcloud.j2.yaml:
consume cidr outputs from the roles, as well as the ctlplane subnet
cidr and set them as hieradata vars that get passed into the
templating process for tripleo-hieradata
common/deploy-steps.j2:
Add a networks data structure to the global vars setting some needed
vars for tripleo-heiradata.
Use the net_ip_map template from tripleo-hieradata
Change-Id: Ib30e8347e1a50efec2b6a97482dc98c383cb7cf7
Depends-On: Iaec3654900f250eacf39c7748df166b716937358
Migrates the vip_data hieradata to the tripleo-hieradata role which will
use a jinja2 template to create this file on the deployed nodes. Allows
for removing the AllNodesConfig resource/template completely.
Change-Id: I5412f26423a1739088f12705fa47bac2377b9817
Depends-On: Iaf91f36a189d8e00627c21f14ca992a4d60fa10f
Migrate the generation of the all_nodes hieradata from Heat to using the
tripleo-hieradata role instead.
Change-Id: I9a37d1faec73a81a28d8f89d86375fb15ee765c7
Depends-On: I6e1e1c28dc09c9e04119db910068d62409a5afc8
Instead of generating and saving the hieradata in the bootstrap_node
hieradata file in Heat, use the tripleo-hieradata role instead.
Change-Id: Id6a7b10acc65ca6cd2135796a80fad0723078871
Depends-On: I9ccccbfee44fc7c1375dec7357ccad6cba909c16
Replace the Heat resources which used to manage the hiera config file
and now use Ansible with the new tripleo-hieradata role.
Remove {{server_resource_name}}Deployment and
{{server_resource_name}}Config resources not needed anymore.
Change-Id: I88fe3460af93b83cc086afeb1c2b959bbb720470
implements: blueprint reduce-deployment-resources
Depends-On: Ia5f11ea1a2f16b736ed7053c5182c7f5a7eb1f4b
Use the new tripleo-hieradata Ansible role to configure
the remaining Hieradata files that were created by Heat before.
{{server_resource_name}} isn't yet fully converted to Ansible, and
another patch will remove the resource when Ansible controls the
hiera.yaml file in /etc/puppet/hieradata.
Change-Id: Ib946b566d66300d23e7abc12498cc11d3f5fa5f8
implements: blueprint reduce-deployment-resources
The new AnsibleHostVarsMap output is a map of roles to Ansible host
vars, which later will be in config-download and populate the Ansible
host vars for each host in each role.
Change-Id: I3880f0f72beb24ee0b0868dca48afce6328144d3
Replace the HostsConfig SoftwareDeployment with an ansible task.
implements: blueprint reduce-deployment-resources
Change-Id: Ifd4bc4ce5618587c341ecbf37f82777ae6fc2f4a
Replaces the Heat SoftwareDeployment resoure for
AllNodesValidationConfig with an Ansible stask instead.
Depends-On: I0b3188ef45dc379f83c36561616b422418845b66
Change-Id: I6e8f8f29cf9ef906b9be55f27aa536d8cc200190
implements: blueprint reduce-deployment-resources
This output will map server names to their NetworkConfig resource id.
This makes it easy to retrieve the NetworkConfig resource for each
server in the config-download code.
Change-Id: I315f2e2eb880e9f3cb67d9f4cdc789f08c6c4021
implements: blueprint reduce-deployment-resources
Replaces the SoftwareDeployment resource for AllNodesDeployment with the
usage of the new tripleo-hieradata role.
Change-Id: Ic174699ef038ca3028c21a49373658a5d43844f6
Depends-On: I28b5c2bedbba1c27da628c6bda4c7a57ca0f3ad7
implements: blueprint reduce-deployment-resources
Replaces the expressions for the node_ips values which resulted in
hardcoded data coming out of the Heat stack with a generic Ansible
jinja expression that will read the same values from the Ansible
inventory and facts.
The data will be rendered at config-download runtime instead of
during the Heat stack operation. This allows for more generic use of
the config-download playbooks with the Ansible inventory alone.
For example, adding a new node to the Ansible inventory and adding
it to the inventory group for a service would cause that node's ip
to be automatically added to the corresponding node_ips lists in the
hieradata. No Heat stack update would be required to add the node.
Depends-On: Iae9ccdf6fad2fabdce66650ee7b064f1ac9528e4
Change-Id: I2a5a7a8ecc992ce558301abfb7a7a098b22743fe
implements: blueprint reduce-deployment-resources
This adds a new paramter to reset/update existing blacklisted nodes
set prior to this update with either node delete or using parameter
{{role.name}}RemovalPolicies.
Change-Id: I870d7605e35a7cda76d9de0e8830a87c898533d6
We're running into issues where if someone creates a firstboot script
that touches a file that will eventually be mounted into a container, it
can fail if the time of the file ends up being in the future due to a
later timesync. Let's try a basic timesync bootstrap as part of
cloud-init to address the case of configuration changes occuring prior
to the host_prep_tasks where we traditionally configure chrony/ntp
Depends-On: https://review.opendev.org/#/c/659398
Change-Id: I294eba826b98c5793336815282f766e3d2e60a51
Related-Bug: #1776869
This adds the ServiceNetMap value to global_vars for config-download.
This will make the value consumable from ansible tasks when running
config-download.
Additional values can be added in a similar fashion in the future to
allow for less hardcoded data coming out of Heat, and instead using
jinja expressions to consume data from Ansible variables when
config-download runs.
Change-Id: I8c442caac140f1c96123c1be47e858949419fd8f