When using neutron routed networks we need to specify
either the subnet or a ip address in the fixed-ips-request
when creating neutron ports.
a) For the Vip's:
Adds VipSubnetMap and VipSubnetMapDefaults parameters in
service_net_map.yaml. The two maps are merged, so that the
operator can override the subnet where VIP port should be
hosted. For example:
parameter_defaults:
VipSubnetMap:
ctlplane: ctlplane-leaf1
InternalApi: internal_api_leaf1
Storage: storage_leaf1
redis: internal_api_leaf1
b) For overcloud node ports:
Enrich 'networks' in roles defenition to include both
network and subnet data. Changes the list to a map
instead of a list of strings. New schema:
- name: <role_name>
networks:
<network_name>
subnet: <subnet_name>
For backward compatibility a conditional is used to check
if the data is a map or not. In either case the internal
list of role networks is created as '_role_networks' in
the jinja2 templates.
When the data is a map, and the map contains the 'subnet'
key the subnet specified in roles_data.yaml is used as
the subnet in the fixed-ips-reqest when ports are created.
If subnet is not set (or role.networks is not a map) the
default will be {{network.name_lower}}_subnet.
Also, since the fixed_ips request passed to Vip ports are no
longer [] by default, the conditinal has been updated to
test for 'ip_address' entries in the request.
Partial: blueprint tripleo-routed-networks-templates
Depends-On: I773a38fd903fe287132151a4d178326a46890969
Change-Id: I77edc82723d00bfece6752b5dd2c79137db93443
When installing OpenShift by means of TripleO, after
the initial docker configuration, openshift-ansible
also adds several parameters there.
Then, if we want to remove a single node, then a stack
update is performed, which returns the configuration
to its original state. In other words, it removes all
parameters added by openshift-ansible, which breaks OpenShift.
This commit adds the ability to disable reconfiguration of
docker at the time of stack update for all roles associated
with OpenShift.
Closes-Bug: #1804790
Depends-On: I0bcaeea9cd24ab35a81d8c3d6fc3a384c1e4c3c2
Change-Id: If202be5d27d81672e39cbe21867459d277220e23
NIC partitioning requires IOMMU to be enabled on roles using it.
By adding the BootParams service to all the roles, we could
enable IOMMU selectively by supplying the role specific parameter
"KernelArgs". If a role doesn't use NIC Partitioning then
"KernelArgs" shall be not be set and backward compatibility would
be retained.
Change-Id: I2eb078d9860d9a46d6bffd0fe2f799298538bf73
The StorageMgmt and Tenant networks are not used in an OpenShift
context and should hence be removed from the OpenShift roles.
Change-Id: I06951742cd4e1e203e95d49ffe1b7404f75fca70
Openshift-ansible already sets the right firewall rules on the
provisioned nodes, there is no need to set up (some of) the rules by
ourselves.
Add the 'OS::TripleO::Services::TripleoFirewall' to all the OpenShift
roles so that the operator can still set additional rules if desired.
Change-Id: I1e8ca10069c3f1017207abfebb803cb7aa3835a8
At the moment the 'OS::TripleO::Services::Timesync' service is
synonymous to 'OS::TripleO::Services::Ntp'. Let's use the more generic
Timesync service to pick up the new default in the event the value for
'OS::TripleO::Services::Timesync' changes.
This better aligns with the rest of the roles.
Change-Id: I44f706ce7dd1909ffd3805337fc6d9a5ce6de80f
The OpenShift roles should include the OS::TripleO::Services::Rhsm
service for Red Hat Subscription Management so that the provisioned
nodes can register with a Satellite or CDN.
Add the Podman service to OpenShifAllInOne to be more consistent with
other roles.
Change-Id: I08862635c68eddbb0940863c43867ece1b289ee5
Podman service will be in charge of installing, configuring, upgrading
and updating podman in TripleO.
For now, the service is disabled by default but included in all roles.
In the cycle, we'll make it the default.
Note: when Podman will be able to run in TripleO without Docker,
we'll do like https://review.openstack.org/#/c/586679/ and make it as
a generic service that can be switched to either podman or docker.
But for now, we need podman & docker working side by side.
Depends-On: Ie9f5d3b6380caa6824ca940ca48ed0fcf6308608
Change-Id: If9e311df2fc7b808982ee54224cc0ea27e21c830
Openshift Routers are located on the infra node and need to be highly
available on ports 80 and 443.
Depends-On: I5de14152904d06c49e9d5b2df6e3f09a35f23d92
Change-Id: Iee088e1279bff2cdb7a3601288804f626bff29a3
Introduce an openshift_node template that serves as base for all
openshift services. This reworks the inventory files so that hosts are
defined once and made part of the appropriate groups.
The master node can now be split from the infra node, or bundled
together with the Worker in the all-in-one role.
Provide environment files to enable the Master, Worker, Infra or
all-in-one role individually.
Change-Id: I9ad86185b01c88b609d320e2384c5644bd99bdae
This patch adds a new role called OpenShiftInfra which is required to
define infra nodes. We've been bundling infra nodes with compute and
master nodes and they ought to be independent.
With the new node label management introduced in openshift-ansible, it
sounds like this is a good time for us to unbundle these nodes.
Co-Authored-By: Martin André <m.andre@redhat.com>
Depends-On: I291b6ac65eaa1a015bca2ee2bc1be90b0ea0aadc
Change-Id: I4f8127a9e2d822057f3db8f0974ab1db0698985a
