This flattens rabbitmq and removes puppet parts. The next step will
move the flattened templates to their final location.
It's split in two steps in order to make reviews easier on that big change.
Change-Id: I30f0802770d86d64e2ec6fa93dc9a608d4b15d69
Follows up Id0060a3abbcda8edb6124eb096cb824aaea48396.
This patch updates our Popen calls to enable universal newlines for
calls that we parse or consume the output for. Without
univeral_newlines=True, the output is treated as bytes under python3
which leads to issues later where we are using it as strings.
See https://docs.python.org/3/glossary.html#term-universal-newlines
Signed-off-by: Bogdan Dobrelya <bdobreli@redhat.com>
Change-Id: I1a82c14d8c894cb6ea6c0c322c3fe5b71b34a11e
The undercloud needs the External network for the external VIP
address. It uses the _from_pool template creating a fake neutron
port.
Other networks are not required, and should be removed to optimize
the number of heat resources and plan rendering.
NOTE: Skips validation of network_data_undercloud.yaml against
network_data.yaml, as is already done to openshift and routed
networks networks data examples.
Related Bug: #1809313
Change-Id: Ib11a134df93e59947168b40bc71fb1da9172d4ac
Ignore disabled networks when rendering templates.
Add's the ctlplane network to maps to ensure we don't
end up with no keys/values in map_replace functions.
Also some Jinja cleanup:
- Reduce the number of times we iterate over networks
where we can.
- Add's indentation to make the code easier to read.
Related-Bug: #1809313
Depends-On: I2e8135bc9389d3bf1a6ef01e273515af5c488a9a
Change-Id: Ifeb2d2d1acb43c16a5bf29e95965776494d61fef
If the user specify a role name that does not exist
in the provided roles data the scipt exits with a
StopIteration error. Catch it and raise RuntimeError
with user friendly error message.
Closes-Bug: #1812530
Change-Id: I704316f66c197668a7d8e373efe00889776d2a85
Look for used parameters in parameter_groups
This patch searches for parameter use in the parameter_groups section
as well and should eliminate some false positive warnings with
our validations.
Change-Id: I67c5ad2b6e865d454489702e5eb263a9508d26d2
The ones in environments/ssl/ are preferred instead. These have been
available since pike.
Change-Id: I84a7b354ede46d6ec88964e5dcbd5678d89c8c0f
Depends-On: I5a905ec7499a6faa08cbcacfccb19a6e424e4a80
This patch searches for parameter use in conditions as well
and should eliminate a lot of false positive warnings with
our validations.
Change-Id: I33eba9d46d8c83b7a34c39fdfcd35b62f52c8752
The merge-new-params-nic-config-script.py previosly had the
'Controller' role as the default for --role-name. It is not
obvious that this parameter must be changed when merging
nic config templates.
Remove the default and make the argument required. Improves
UX since user error is less likely.
Making the mistake of using a Role with too many networks
is'nt as forgiving since we now only pass parameters for
the role.networks.
Related-Bug: #1800811
Change-Id: Iff9e364db66ad09a30ac10a7814a3c01d50caf58
Change I68e064d23ec5d43f59146d974cae604d2c5fdb52 makes
NetCidrMapValue a list of ip networks.
The designate service configures the dns backend security
to contol from wich addresses updates are allowed. We
should use the list of cidr's associated with the
DesignateApiNetwork to allow all nodes in the network to
remotely control the nameserver.
Partial: blueprint tripleo-routed-networks-templates
Change-Id: I5c5cd51c8f127e8879c5528883c3abd261f4a5b3
Change I68e064d23ec5d43f59146d974cae604d2c5fdb52 makes
NetCidrMapValue a list of ip networks.
Pass the list of cidr's from the ApacheNetwork entry in
the cidr map to 'apache::mod::remoteip::proxy_ips:'.
Partial: blueprint tripleo-routed-networks-templates
Change-Id: Ieb6aff9889136f0ccbec32e36b46140aa7826019
MongoDB support was stopped in Pike, it is not used anywhere now.
Therefore, in Stein are removing it to clean things up.
Change-Id: I4ec8f35b1dd71c25cfb41cc54105ac743ef67745
When using neutron routed networks we need to specify
either the subnet or a ip address in the fixed-ips-request
when creating neutron ports.
a) For the Vip's:
Adds VipSubnetMap and VipSubnetMapDefaults parameters in
service_net_map.yaml. The two maps are merged, so that the
operator can override the subnet where VIP port should be
hosted. For example:
parameter_defaults:
VipSubnetMap:
ctlplane: ctlplane-leaf1
InternalApi: internal_api_leaf1
Storage: storage_leaf1
redis: internal_api_leaf1
b) For overcloud node ports:
Enrich 'networks' in roles defenition to include both
network and subnet data. Changes the list to a map
instead of a list of strings. New schema:
- name: <role_name>
networks:
<network_name>
subnet: <subnet_name>
For backward compatibility a conditional is used to check
if the data is a map or not. In either case the internal
list of role networks is created as '_role_networks' in
the jinja2 templates.
When the data is a map, and the map contains the 'subnet'
key the subnet specified in roles_data.yaml is used as
the subnet in the fixed-ips-reqest when ports are created.
If subnet is not set (or role.networks is not a map) the
default will be {{network.name_lower}}_subnet.
Also, since the fixed_ips request passed to Vip ports are no
longer [] by default, the conditinal has been updated to
test for 'ip_address' entries in the request.
Partial: blueprint tripleo-routed-networks-templates
Depends-On: I773a38fd903fe287132151a4d178326a46890969
Change-Id: I77edc82723d00bfece6752b5dd2c79137db93443
This change realigns the sshd baremetal puppet service yaml config
files into a common hierachy as with the rest of this blueprint.
This change also removes container functionality, since this was a
temporary measure to proxy live-migration connections from
non-containerized to containerized compute nodes during upgrade.
Change-Id: I87e112a0f1973fa3b0e959777e00071c2bbf7c9c
Related-Blueprint: services-yaml-flattening
Since we're looking at flattening the services into a deployment/
folder, we need to update the validation script to also handle this
directory structure. Additionally this change updates the service name
validation to ensure that the service name in matches the start of the
filename itself.
Change-Id: Ibb140a38b69a8780adf69362e0f437b3426f360d
Related-Blueprint: service-yaml-flattening
It is possible to use the process_templates script to generate the
user's jinja templates based on role and network data. But the script
expects the presence of j2_excludes file. Making it as optional, allows
users to generate templates in user's template directory itself, like
$ /usr/share/openstack-tripleo-heat-templates/tools/process-templates.py \
-p ~/templates/ \
-r ~/templates/roles_data.yaml \
-n ~/templates/network_data.yaml
Closes-Bug: #1806351
Change-Id: I375cd9ff9b40bbdad34d0732ec8abd25fbdde46e
Provide a network data file with only the External, InternalApi and the
Storage networks for use with OpenShift deployments.
Take out the IPv6 addresses from the network data until OpenShift can
be deployed in an IPv6 environment.
This also disables the validation for the network_data_openshift.yaml
since it expects network_data files to only add new networks to the
existing pre-defined overcloud networks and we're doing the opposite
here -- only keeping a subset of the networks.
Change-Id: I6d8c08c12ae9002e6386f26c5a8bcf70b8eda4b7
Utility script to merge new parameters into existing nic-config
templates. Uses process-templates.py rendered 'single-nic-vlans'
templates as reference and appends any parameters that is not
already present in the existing NIC template.
New NIC template parameters were introduced in:
https://review.openstack.org/#/c/580236/
When upgrading the existing NIC templates have to have these
new parameters merged.
Change-Id: I474e57878212d2cb7c2b392a5fdf4e449f783a66
Add all the keystone log files to fluentd, so
fluentd is aware of all the keystone log files
Added the new parameters to the exclusion ones
Depends-On: Ifd5fbf6509addf4a564ff83c4551525c9a139ff4
Depends-On: Id1d58637967ffb0e9bd0a83c3cbca699432f5378
Change-Id: I48c957496f7fb36d2128c545d5bcd1499e9e9bf6
This is no longer handled as the TLS handling tasks were converted
to ansible, and in the context of this series we need to remove it
because it references bootstrap_nodeid
Partial-Bug: #1792613
Change-Id: Ib32177b116f148f007574847320566e32240cf96
It was using a wrong name, which came by accident since it was
introduced to the sample environment generator.
Change-Id: I154af6d0b7ebf5cd339d5d06eaaf9b1ab66814b0
Related-Bug: #1796022
This has been unused for a while, and even deprecation was scheduled
(although the patch never merged [1]). So, in order to stop folks
getting confused with this, it's being removed.
[1] https://review.openstack.org/#/c/543871/
Change-Id: Iada64874432146ef311682f26af5990469790ed2
When translating comments into yaml the last_non_comment_spaces
must be set to the current spaces prior to insering the comment.
Change-Id: Ib5bbb47cfce7d6c0ac0990a3c9384f5143dd1263
When running the process-templates script with both the -o OUTPUT_DIR and
-p BASE_PATH options the output files were not being written to the output
directory. This fix splits out the file path from the base path to properly
write the files.
Change-Id: I845e8a2cbd2b12a4a1552b2cfa3ac013466da6bd
Closes-Bug: #1794769
This has been unused for a while, and even deprecation was scheduled
(although the patch never merged [1]). So, in order to stop folks
getting confused with this, it's being removed.
[1] https://review.openstack.org/#/c/543871/
Change-Id: Icc6b51044ccc826f5b629eb1abd3342813ed84c0
The logic in the validation was incorrect in that it would actually
error (return 1) if args.quiet >= 2, even though the file was excluded.
This commit fixes that bug, as well as improves the message around
excluded files, which should not be a warning, only informative.
Change-Id: I2cd8cd84a7ebb952e3c39f99a460177b9be9c2e1
Composable service templates can now define external_update_tasks and
external_upgrade_tasks. They are meant for update/upgrade logic of
services deployed via external_deploy_tasks. The external update
playbook first executes external_update_tasks and then
external_deploy_tasks, the procedure for upgrades works
analogously. All happens within a single playbook, so variables or
fact overrides exported from the update/upgrade tasks will be
available to the deploy tasks during the update/upgrade procedure.
Partial-Bug: #1783949
Change-Id: Ib2474e8f69711cd6610a78884d5032ffd19ad249
This patch adds composable new service (QDR) for containerized deployments.
Metrics QDR will run on each overcloud node in 'edge' mode. This basically
means that there is a possibility that there will be two QDRs running
on controllers in case that oslo messaging is deployed. This is a reason why
we need separate composable service for this use case.
Depends-On: If9e3658d304c3071f53ecb1c42796d2603875fcd
Depends-On: I68f39b6bda02ba3920f2ab1cf2df0bd54ad7453f
Depends-On: I73f988d05840eca44949f13f248f86d094a57c46
Change-Id: I1353020f874b348afd98e7ed3832033f85a5267f
This change adds a new routes field to the network
definition in network_data.yaml. This field contains
a list of network routes in JSON, e.g.
[{'destination':'10.0.0.0/16','nexthop':'10.0.0.1'}].
This list is used to set the ``host_routes`` property
of each networks subnet.
Co-Authored-By: Dan Sneddon <dsneddon@redhat.com>
Partial: blueprint tripleo-routed-networks-templates
Depends-On: Ifc5aad7a154c33488a7613c8ee038c92ee6cb1a7
Change-Id: I33b34f1445f4203fbf25edeb093b37c7494c664f