diff --git a/ansible/kolla-ansible.yml b/ansible/kolla-ansible.yml index b4d5126df..8c9b99211 100644 --- a/ansible/kolla-ansible.yml +++ b/ansible/kolla-ansible.yml @@ -95,13 +95,6 @@ - "{{ kayobe_config_path }}" kolla_overcloud_inventory_search_paths: "{{ kolla_overcloud_inventory_search_paths_static + kayobe_env_search_paths }}" kolla_ansible_certificates_path: "{{ kayobe_env_config_path }}/kolla/certificates" - # NOTE: This differs from the default SELinux mode in kolla ansible, - # which is permissive. The justification for using this mode is twofold: - # 1. it avoids filling up the audit log - # 2. it avoids an issue seen when using diskimage-builder in the bifrost - # container. - # We could look at making the SELinux mode configurable in future. - kolla_selinux_state: disabled kolla_inspector_dhcp_pool_start: "{{ inspection_net_name | net_inspection_allocation_pool_start }}" kolla_inspector_dhcp_pool_end: "{{ inspection_net_name | net_inspection_allocation_pool_end }}" kolla_inspector_netmask: "{{ inspection_net_name | net_mask }}" diff --git a/ansible/roles/kolla-ansible/templates/kolla/globals.yml b/ansible/roles/kolla-ansible/templates/kolla/globals.yml index 643a9e951..a9deedfd7 100644 --- a/ansible/roles/kolla-ansible/templates/kolla/globals.yml +++ b/ansible/roles/kolla-ansible/templates/kolla/globals.yml @@ -519,31 +519,6 @@ ironic_inspector_kernel_cmdline_extras: grafana_admin_username: "{{ grafana_local_admin_user_name }}" {% endif %} -######################################### -# Bootstrap-servers - Host Configuration -######################################### - -{% if kolla_selinux_state is not none %} -selinux_state: {{ kolla_selinux_state }} -{% endif %} - -# Kayobe performs creation of the Kolla Ansible user account, so there is no -# need for Kolla Ansible to repeat this. -create_kolla_user: false - -# User account to use for Kolla SSH access. -kolla_user: "{{ kolla_ansible_user }}" - -# Primary group of Kolla SSH user. -kolla_group: "{{ kolla_ansible_group }}" - -{% if kolla_ansible_target_venv %} -virtualenv: {{ kolla_ansible_target_venv }} -{% endif %} - -# Avoid disabling the firewall on CentOS, since we manage it in Kayobe. -disable_firewall: "{% raw %}{{ ansible_facts.os_family == 'Debian' }}{% endraw %}" - {% if kolla_extra_globals %} ####################### # Extra configuration diff --git a/ansible/roles/kolla-ansible/tests/test-defaults.yml b/ansible/roles/kolla-ansible/tests/test-defaults.yml index fe5fbda7a..f42353a3a 100644 --- a/ansible/roles/kolla-ansible/tests/test-defaults.yml +++ b/ansible/roles/kolla-ansible/tests/test-defaults.yml @@ -80,8 +80,6 @@ kolla_enable_tls_external: False kolla_enable_tls_internal: False openstack_logging_debug: False - kolla_user: "kolla" - kolla_group: "kolla" - name: Validate variables are absent from globals.yml assert: diff --git a/ansible/roles/kolla-ansible/tests/test-extras.yml b/ansible/roles/kolla-ansible/tests/test-extras.yml index 8f8576a62..3f9de1863 100644 --- a/ansible/roles/kolla-ansible/tests/test-extras.yml +++ b/ansible/roles/kolla-ansible/tests/test-extras.yml @@ -238,8 +238,6 @@ globals_yml: "{{ lookup('file', temp_path ~ '/etc/kolla/globals.yml') | from_yaml }}" expected_variables: config_strategy: "COPY_ALWAYS" - kolla_user: "fake-user" - kolla_group: "fake-group" kolla_base_distro: "fake-distro" kolla_base_distro_version: "1.23" openstack_release: "fake-release"