[release-announce] tripleo-heat-templates 10.4.0 (stein)
no-reply at openstack.org
no-reply at openstack.org
Thu Mar 14 10:49:10 UTC 2019
We are delighted to announce the release of:
tripleo-heat-templates 10.4.0: Heat templates for deploying OpenStack
with OpenStack.
This release is part of the stein release series.
The source is available from:
https://git.openstack.org/cgit/openstack/tripleo-heat-templates
Download the package from:
https://tarballs.openstack.org/tripleo-heat-templates/
Please report issues through launchpad:
https://bugs.launchpad.net/tripleo
For more details, please see below.
10.4.0
^^^^^^
New Features
************
* Adds a specific upgrade hiera file. This is currently used to
override variables during upgrade.
* Introduce new parameter, ContainerLogStdoutPath. Must be an
absolute path to a directory where podman will output all containers
stdout. The existence of the directory is ensured directly as a
host_prep_task.
* Support setting values for "cephfs_volume_mode" manila parameter
via the THT parameter ManilaCephFSCephVolumeMode. These control the
POSIX rwx mode of the cephfs volumes, snapshots, and groups of these
that back corresponding manila resources. Default value for
ManilaCephFSCephVolumeMode is '0755', backwards-compatible with the
mode for these objects before it was settable.
* Adds a new GlobalConfigExtraMapData parameter that can be used to
inject global_config_settings hieradata into the deployment. Any
values generated in the stack will override those passed in by the
parameter value.
* Add neutron-plugin-ml2-mlnx-sdn-assist as a containerized Neutron
Core service template to support Mellanox SDN ml2 plugin.
* Adds functionality wheter to enable/disable KSM on compute nodes.
Especially in NFV use case one wants to disable the service. Because
ksm has little benefit in overcloud nodes it gets disabled per
default but can be set via NovaComputeEnableKsm.
* Added a new Barbican option *BarbicanPkcs11AlwaysSetCkaSensitive*.
The default value is *true*.
* Allow Neutron DHCP agent to use broadcast in DHCP replies
* Add the ability to configure the cinder-volume service to run in
active-active (A/A) mode using the cluster name specified by the new
CinderVolumeCluster parameter. Note that A/A mode requires the
backend driver support running A/A. Cinder's RBD driver supports
A/A, but most other cinder drivers currently do not.
* ContainerImagePrepareDebug is a parameter that allows to run the
tripleo container image prepare command with --debug. It is set to
'False' by default for backward compatibility.
* Docker is deprecated in Stein and will be removed in Train. It is
being replaced by Podman and Buildah.
* Deprecated services now live in deployment/deprecated directory.
* The "baremetal" ML2 mechanism driver is enabled in the Networking
Service (neutron) in the overcloud by default when the Baremtal
Service (ironic) is enabled. Previously the user would have to
enable this driver manually by overriding the
"NeutronMechanismDrivers" parameter.
* Add new parameter 'GlanceInjectMetadataProperties', to add
metadata properties to be injected in image. Add new parameter
'GlanceIgnoreUserRoles', to specify name of user roles to be
ignored for injecting metadata properties in the image.
* Add support for native TLS encryption on NBD for disk migration
The NBD protocol previously runs in clear text, offering no security
protection for the data transferred, unless it is tunnelled over
some external transport like SSH. Such tunnelling is inefficient and
inconvenient to manage. Support for TLS to the NBD clients & servers
provided by QEMU was added. In tls-everywhere use case we want to
take advantage of this feature to create the certificates and
configure qemu to use nbd tls.
* The RabbitMQ management plugin ("rabbitmq_management") is now
enabled. By default RabbitMQ managment is available on port 15672 on
the localhost ("127.0.0.1") interface.
* OVS and neutron now supports endpoint creation on IPv6 networks.
New network-*-v6-all.j2.yaml environment files are added to allow
tenant network to be created on IPv6 addresses. Note that these
files are only to be used for new deployments and not during update
or upgrade. network_data*.yaml files are also edited to reflect the
same.
* Add container for the Swift container sharder service. This
service is required for sharding containers. It is disabled by
default and can be enabled by setting the
SwiftContainerSharderEnabled to true.
* The Shared File Systems service (manila) API has been switched to
running behind httpd, and it now supports configuring TLS options.
* This patch switches the default mechanism driver for neutron from
openvswitch to OVN. DVR is now enabled by default which in the case
of OVN means that we're distributing FIP N/S traffic as E/W is
anyways distributed
* When deploying mistral-executor, create a tripleo-admin user on
the undercloud for running external deploy tasks with ansible.
* Add new CinderNetappPoolNameSearchPattern parameter, which
controls which Netapp FlexVol volumes represent pools in Cinder.
Known Issues
************
* Add OvnDbInternal to EndpointMap and use it for ovn_db_host
OVN controller/metadata use ovn_dbs_vip hiera key to configure the
central ovn DB. This key is not available on split control plane or
multi cell setup and therefore installation fails.
With this change a new entry gets created in the EndpointMap named
OvnDbInternal. This can then be exported for an overcloud stack and
can be used as an input for the cell stack.
The information from the EndpointMap is used for ovn-metadata and
ovn-controller as the ovn_db_host information in puppet-tripleo
Upgrade Notes
*************
* Non-lifecycle stack actions like stack check and cancel update for
undercloud are now disabled. Stack check is yet to be migrated to
heat convergence architecture and cancel update is not recommended
for overcloud. Both are disabled by adding required heat policy for
undercloud. 'overcloud update abort' wrapper for stack cancel update
had been dropped since few releases.
* Installing haproxy services on baremetal is no longer supported.
* Installing MySQL Server services on baremetal is no longer
supported.
* Installing Redis services on baremetal is no longer supported.
* Installing sahara services on baremetal is no longer supported.
* During upgrade from ml2/ovs please remember to provide similar
environment file to environments/updates/update-from-ml2-ovs-from-
rocky.yaml. This is good also to remember to provide this file as a
first to avoid overwriting custom modification by upgrade
environment file. If you will not provide such file during upgrade
from ml2/ovs you will see error and notification about problems
witch mutually exclusive network drivers.
Deprecation Notes
*****************
* Duplicate environment files "environments/neutron-sriov.yaml" and
"environments/neutron-ovs-dpdk.yaml" file are deprecated.
* Xinetd tripleo service is no longer managed. The xinetd service
hasn't been managed since the switch to containers.
OS::TripleO::Services::Xinetd is disabled by default and dropped
from the roles. The OS::TripleO::Services::Xinetd will be removed in
Train.
* docker_puppet_tasks is deprecated in favor of
container_puppet_tasks. docker_puppet_tasks is still working in
Stein but will be removed in Train.
* The NodeDataLookup parameter type was changed from string to json
* Removed 'glance-registry' related changes since it's been
deprecated from glance & no longer been used.
* The TLS-related environment files in the environments/ directory
were deleted. The ones in the environments/ssl/ are preferred
instead. Namely, the following files:: enable-internal-tls.yaml,
enable-tls.yaml, inject-trust-anchor-hiera.yaml, inject-trust-
anchor.yaml, no-tls-endpoints-public-ip.yaml, tls-endpoints-public-
dns.yaml tls-endpoints-public-ip.yaml, tls-everywhere-endpoints-
dns.yaml.
* TripleO UI is deprecated in Stein and will be removed in Train.
* The CinderNetappStoragePools parameter is deprecated in favor of
the new CinderNetappPoolNameSearchPattern parameter. The previously
deprecated CinderNetappEseriesHostType parameter has been removed.
* The /var/lib/docker-puppet is deprecated and can now be found
under /var/lib/container-puppet. We don't have Docker anymore so we
try to avoid confusion in the directories. The directory still
exists but a readme file points to the right directory.
Bug Fixes
*********
* It is now possible for temporary containers inside THT to test if
they are being run as part of a minor update by checking if the
TRIPLEO_MINOR_UPDATE environment variable is set to 'true' (said
containers need to export it to the container explicitely), see
<service>_restart_bundles for examples.
* When setting up TLS everywhere, some deployers may not have their
FreIPA server in the ctlplane, causing the ipaclient registration to
fail. We move this registration to host-prep tasks and invoke it
using ansible. At this point, all networks should be set up and the
FreeIPA server should be accessible.
* * Bug 1784967 invalid JSON in NodeDataLookup error message should
be more helpful
* e0e885b8ca3332e0815c537a32c564cac81f7f7e moved the cellv2
discovery from control plane to compute services. In case the
computes won't have access to the external API this task will fail.
Switch nova_cell_v2_discover_host.py to use internal api.
Other Notes
***********
* Paramter "ConfigDebug" now also controls the paunch logs
verbosity.
* Octavia may be deployed for a standalone cloud, which has yet Nova
services available for Amphorae SSH keys management. For that case,
the parameter "OctaviaAmphoraSshKeyFile" must be defined by a user.
Otherwise, it takes an empty value by usual for overcloud
deployments meanings and Nova will be used to create a key-pair for
Octavia instead.
* The utility script "tools/merge-new-params-nic-config-script.py"
previously used the "Controller" role by default if the "--role-
name" argument was not specified. The argument ("--role-name") no
longer have a default. It is now mandatory to specify the role when
merging new parameters into existing network configuration
templates.
* Remove "NeutronExternalNetworkBridge" Heat parameter. Option
"external_network_bridge" is deprecated and should not be used in
Neutron.
Changes in tripleo-heat-templates 10.3.0..10.4.0
------------------------------------------------
30968cedf Remove environments/baremetal-services.yaml
160cddda3 Rename docker_config_scripts to container_config_scripts
b1d82e6ac Workaround rhel8,0 iptables bug causing neutron_ovs_agent to restart continuously
4453d1dc3 Flatten and move logrotate-crond service container
e6ab4856d Do not restart bundles during a minor update
ce23ccf53 CI: force ContainerCli to Docker when needed
bb1a9ea62 ci/environments/ovb-ha: force Docker for ContainerCli
5d8e8bd86 image-serve: only uninstall docker-distribution when it was installed
3e62d483f Rename docker_puppet_tasks to container_puppet_tasks
9cb715a5e mistral-executor include host /etc/environment
ebc9dd98e flatten the octavia service configurations
5b11bb39d Support cinder-volume running active-active
2325992ae Drop unused deployment services parameters
b3fef6678 Fix logging config on misc services
e14dfc832 Fix monitoring_subscription on misc services
81c1cae40 Rename /var/lib/docker-puppet to /var/lib/container-puppet
47ec1089a flatten database service Redis
d02e80642 Disable SELinux separation for ironic_pxe_http
66a477509 Deprecate TripleO UI
c86e81d35 Remove Docker when upgrading to Podman
548f54b39 Added tar option to preserve metadata of existing fetch_dir
7d957ff26 step5: flatten the neutron service configurations
f101bbe8c step4: flatten the neutron service configurations
6dbfde9c8 flatten database service MySQL Server
65c62f47f allow to configure broadcast_dhcp in neutron DHCP server
fcdef786e step3: flatten the neutron service configurations
1ed3d2002 Make heat yaql limits configurable
d2eba382c Fix py3 compat for regex searches in YAML validate
0a9ff03c7 Add Mellanox SDN ML2 template for a containerized service
ad5dc5ca6 Remove unused resources of PreNetworkConfig for NFV
127dbb4e8 Support cephfs_volume_mode parameter
13d70f6bf container-image-prepare: redirect all output to logfile
142c944e0 [FFU] Ensure compatibility with ansible 2.6.
eab673e9c Fix skydive_vars evaluation
ad582c7ae Drop the role service override for ovb
badf39735 Add functionality to manage KSM on compute nodes per role
9b1bb23aa flatten the ec2 service configurations
37e1122f8 Add OvnDbInternal to EndpointMap and use it for ovn_db_host
f1e6de3f0 Fix typo in get container_id ansible task
37ea33037 Add SSHD composable service to Networker role definition
f0977f167 Do not bind mount the ovn_db folder for the ovn pcmk restart bundle
b49629f08 Do not ignore Swift ring changes to trigger container restart
f48ba5896 Use dedicated container tag per skydive service
e3f697df6 Switch scenario00{1,4}-standalone to Ceph bluestore
dbf63314d Podman support in haproxy-public-tls-inject
6f262c805 Apply stop period for paunch-managed stateful svcs
95362173c Don't look for primary_role ips in AllNodesValidationConfig
26a3d4336 Deprecate Docker
72aa2dfc0 Create deployment/deprecated directory
acb61d2c1 step4: flatten nova service configuration
ce0b89291 Change vxlan to geneve for network environment files
7133394c3 Be able to know when we are running inside a minor update workflow
359e72b60 standalone: switch container registry to ImageServce
9b5cb4b3a Enable OVN baremetal by default with Ironic service
5c2e741da Revert "Remove host-config-and-reboot interface"
ee6f88213 Switch scenario001-002-003 to use Podman
3836f0ff7 nova_libvirt_init_secret: add net=host
e2a8a494c Handle upper and lower case system uuids
2a8719960 Remove host-config-and-reboot interface
3a86fc57d Remove upgrade_tasks added during nova services flattening.
479821f1f Removes all pacemaker from scenario-standalone 1-3 environments
9d9feaf72 flatten collectd service configuration
acebe2593 Correct sshd configuration within nova-migration-target
f2412dacf Make openshift-ansible working dir owned by tripleo-admin
a08daffcc Fix malformed mistal_executor kolla config file
f7bc59d4b Fail to live migration if instance has NUMA topology
23e7aee08 Drop step_config from containerized Nova services
276743b5f Redis: fix podman start on reboot
284cfe911 Re-Add mysql configuration for nova host discovery
44245d19d Only request neutron certificate from neutron dhcp service
703bf1c05 Add missing RoleParameters and ServiceNames
8b69c6b58 Add CertmongerUser role to OVB defaults
a0c3612db [FFU] Make sure group access work correctly with ansible 2.6.
6090dc667 step2: flatten the designate service configurations
5e46c2a57 flatten the barbican service configurations
b99c0ce8a Add specific upgrade hiera data file.
3d07ad432 New parameter: ContainerLogStdoutPath
cc05a8d54 Replace docker-distribution with apache image-serve
2e0af5858 Move openstack clients service
479d7f587 flatten qdrouterd service configs
d59ac1bd9 Fix rabbitmq restart
d6727aff7 Enable rabbitmq_management plugin
dc9a76aa2 cell_v2 multi-cell
51a1e981f Translating scenario012 to standalone
9e264ea91 make skydive working with folder created by tripleo-admin
78f1901da Deprecate xinetd service management
5e629cacd Fix keystone opt deprecations in manila manifests
2a8385658 Move ipa enrollment to host_prep_tasks
56ebb309e Add missing parts from step2: flatten nova service configuration
6053eb196 Switch default neutron ML2 mechanism driver to OVN
cb4ed31ea Introduce ContainerImagePrepareDebug parameter
1cb6886a2 Switch Manila API to httpd and support TLS
93bc329b0 Don't mount docker.sock in the mistral-executor container
9d2acc284 Revert "mistral-executor: bind-mount /var/lib/containers"
b3a8610b9 flatten ceilometer service configuration
3e5488901 env/docker: add ContainerCli
94e307064 Restrict use of become to minimum necessary for Ceph deployment
92ea1131c step3: flatten nova service configuration
98ecf9760 step2: flatten nova service configuration
9689f6ed0 Re-Add the StackUpdateType parameter to the nova-vnc-proxy template
6e1ee4168 Drop Docker service from Undercloud roles
f7bf4efee flatten sensu service configuration
cab93fd31 flatten tripleo-ui service configuration
5c6dd22b8 Use net=none for gnocchi_init_lib
5ceb3c5ec Make ceph-ansible working dir owned by tripleo-admin
c95f315ef Remove RoleConfig
07709c44f Enable glance image cache's cleaner and pruner
17d8c985b FFWD: Introduce workaround for neutron cisco plugin
01a865130 Do not mount ceph-ansible and octavia playbook within mistral container
2634ffaa5 Add GlobalConfigExtraMapData
38fb412ac minor update: move VIP before stopping pacemaker on a node
ad803ab71 Sanitize the uuid string for ceph-ansible
2e5de85ce Fix with_items indentation in logs readme ec2-api.
a40a4927b Remove upgrade_tasks added during nova services flatten.
1d44eeafb Force host_routes to be a list
dca57f51b Remove the use of tests as filters as it will be deprecated.
58b99bf5e Do not pull image while tagging pcmk images in upgrade_tasks.
b026b860c Set Ironic default interface when using networking-ansible
edfe18063 Inject log-driver for podman containers
2e899f394 Move container-image-prepare.j2.yaml to deployment dir
bf111425b flatten the fluentd service configurations
b8d2dd3ac step1: flatten the designate service configurations
93f529764 Push some NodeDataLookup in scenario001
707dcf2b7 Disable tacker for scenario007
9d115a359 Add support for transferring MariaDB data between nodes
a64fa251e Add support for persistence of MariaDB data during reprovisioning
c9adaaeb2 Flatten rabbitmq service - step 2
aa2dc674f Adding dependency for NetworkDeployment in 'server_resource_name'Deployment
ec5fbe8de Fix generation of configs that contain password files
c01d9d847 Handle case change for dmidecode >= 3.1 in Ceph templates
fb7ea6734 Flatten rabbitmq service - step 1
fe2fda491 Change NodeDataLookup type from string to json
2587f4e96 Copy undercloud.conf file during mistral-executor start up.
1814b3032 Remove unneeded iptables mount points
8a0ddc7f0 Export global_config for compute-only stack
18f4e1177 Disable stack check and cancel update for undercloud
95245f6ad Remove incorrect mapped_data key from cisco ml2 hieradata
2bae8cc78 step1: flatten nova service configuration
3238e547a flatten the horizon service configurations
dd54e32d1 mysql: sync credentials in running container on password change
a2d0899f9 Add ContainerImagePrepare service to ControllerStorageNfs role
65041ed9d Clean unmanaged rules pushed by iptables-services package
d1fea280f step2: flatten the neutron service configurations
fff1df6ee TLS everywhere: Mount the whole /etc/pki/libvirt/ directory in libvirt
898154857 Catch directories we can not change ownership
ce1e7eafe TLS everywhere: Set post-save command for neutron dhcpd
a76a0a127 TLS everywhere: Set post-save command for nova-vnc-proxy
25bc2a687 flatten the congress service
edf4e9e73 flatten the panko service
8b89ff2f5 flatten the tacker service
27e8bbd2a flatten the manila service configurations
dcdb82c50 step1: flatten the neutron service configurations
efaf0c3be Run nova_statedir_owner on every run
4cfa7c066 certmonger: Don't restart haproxy on cert renewal
99b87fba1 mysql: do not stop container when upgrade doesn't update mysql image
a0a09d29a run docker_puppet_tasks on any role
0d106a261 Create tripleo-admin user on the undercloud
1d3fe8cb2 flatten database service MySQL Client
c618b2168 Add stop_grace_period for heat_engine container
05d77c9ed flatten haproxy service configuration
ce2ec4af9 Correct *_short_bootstrap_node_name variable.
bcd438344 Move the multipathd services into deployment
c4242729b flatten the iscsid service
f7fb76754 TLS everywhere: Set post-save command for redis
03c54b806 TLS everywhere: Set post-save command for RabbitMQ
514f99c57 TLS everywhere: Set post-save command for httpd
080b22c8b Add PacemakerNetwork definition
cb668e6b4 Optional ICMP validation of controllers and gateways
df7f43974 Rework nova_cell_v2_discover_host.py to use nova.conf and python novaclient
9164e6adb Move UpgradeInitCommand and UpgradeInitCommonCommand to run by Ansible
f0aecdd36 flatten the swift service configurations
b807077a2 Enable ML2 baremetal by default with Ironic service
f279e6ce6 noop package installation inside docker_puppet_apply.sh
cd354bc38 flatten the mistral service configurations
482ed3cab Remove conf.modules.d that doesn't exist
7d3c7b16b deployed-servers: symlink ansible-playbook
822a92a80 Add VLAN as a supported network type for OVN
648dfa2bd Reload haproxy when certificate is renewed
ca041e2c4 haproxy: deploy IPtables rules from the host
639285f09 Update parameters for cinder's Netapp backend
096fa8774 Explicitly manage http configs
ad81fba15 Mount mysql client configuration in nova cell discovery container
7f5dec079 Don't disable keepalived in nonha-arch.yaml
ae2ccb5f4 Remove workflow_tasks
f6b934bd6 Remove the scenario standalones from tht zuul layout - just use template
d9b311172 container-image-prepare: disable logging on the task
87a869a40 Fix nova_cell_v2_discover_host.py with python3
a619d990c Address python3 string issues with subprocess
f77d8e790 Add missing entries for Pure Storage Cinder Backend and fix typos
8a818ab22 Apply changes to cluster using updated inventory
ff36d44af Generate post-deployment openshift-ansible inventory
1febc8b7b Store nodes information in a dict
cb675a91a Fix openshift playbook import
d9a43277e Adding support of glance cinder store settings
85d9cf495 Revert "post_deploy: support python3 for undercloud scripts."
2dcd56041 Remove all glance-registry related changes
416f43c83 Flatten etcd configuration
c4f57e28c Move login-defs to deployment directory
213e5121c Move securetty to deployment dir
7fea2d075 Move kernel config to deployment directory
a0400c998 Move selinux to deployment folder
1143714b3 post_deploy: support python3 for undercloud scripts.
55188215d Use internal interface for keystone in "wait for placement" script
38ddc4c49 nova-metadata: use keystone internal endpoint instead of admin
c980a40e5 Designate: Use keystone v3 internal endpoint instead of admin
166803d05 Include the DB password in a Mistral environment for creating backups and restores
13ec67a3a Avoid dangling firewall rule for ssh access
c2e2b6297 Ensure /var/lib/config-data exists before setting selinux context
a6479d0b5 use include_tasks instead of include
e8a53f56f Remove networks from Undercloud and Standalone roles
c1116e59c Add network data for the undercloud
53027484a Skip templating disabled networks
cde4134d5 Service check in nova_cell_v2_discover_host.py to use internal API
8dbbf94a6 Adding pyshim.sh to missing python commands
80fb16378 Drop unused puppet/services parameters
397e2b4a3 Remove external_network_bridge Neutron option
25d063197 Remove configuration for cni0 bridge
87bc72a37 Use net=none for *_init_log(s) containers
9b284e74c Create /run/netns if does not exist
cb6d81bd9 mistral-executor: bind mount the docker socket only when needed
ae7ec1c79 mistral-executor: bind-mount /var/lib/containers
3fa634908 UX - Useful error msg if role is not in roles data
ccb242f91 Enable Glance image_conversion plugin when backend is rbd
2b7cb1987 Allow ssh from all for undercloud
6fefd102b Look for parameters in parameter_groups
123f40a56 flatten cinder service configuration
fe9372ece Add support for native TLS encryption on NBD for disk migration
a72f8d4ae Remove deprecated TLS-related environment files
2a5baa597 Allow Octavia deployments for Standalone
1e318b569 Ensure logs folder is created in prep hosts tasks.
9012fff84 Added Barbican option BarbicanPkcs11AlwaysSetCkaSensitive
ae1efdd44 flatten sahara service configuration
eb52c794d Add HorizonSecureCookies to environments/ssl/enable-tls.yaml
632a184a9 Fetch scheme/port from hiera instead of hard coding it
beb7aa112 Use the tripleo-standalone-scenarios-full template
f5fe93b1f Update memcache config in docker-uc-light env
144b74d3b Look for used parameters in conditionals
de3576633 Make neutron ovs agent work with python3
c5d1b6fb6 Fix paunch logs verbosity control
a3b55888f Drop duplicate keystone logging group parameter
34d0e5b02 nova-libvirt: conditionalize selinux bind-mount
8f297c22e Make ceph-ansible integration respect PythonInterpreter
726f0b0c2 Drop zaqar param duplicates
f01318640 Enable memcached debug if Debug param is set
704b6870b Reuse the container in case we have a temporary podman failure
9eeb4518c Remove with_items for 'yum/package'
d87efd29e Conditionalize docker socket bind-mount
e26ef65e5 Transitioning to HAProxy 1.8
fda5b5ab3 docker-puppet: retry container run command
1bebfdcbd Mount system modules when calling system iptables
35aae8730 Be explicit when passing vars into deploy steps
dc46a8684 Assure that updates job is listed in both check and gate
2e36a4cfe Remove unused jinja code in network-isolation environment
dfe4f2ddb Remove gluster settings from previous deployments on re-deploy
87358befc Fix deployment of gluster with openshift AllInOne
9ed011efc flatten the heat service configurations
5a8950c70 Run 'Delete Upgrade Flag and Unset it via Rest' only once
c740b5421 Remove default role-name from merge network param script
0b6375d69 Remove unused params from ci/environments/network/* templates
2b8ecaa11 Add missing Aodh monitoring_subscription
e32663b1f Add missing Ironic monitoring_subscription
2dae0b05e Update Barbican HSM ansible roles
0015cc744 Gracefully shutdown Mysql before upgrade.
ef1b85702 Add Swift container sharder service
d70d128aa Enable virt_sandbox_use_netlink SELinux boolean for port healthchecks
3df5f8db1 Fall back service_net_map to ctlplane
99f1c1ece Make ODL deployment compatible with podman
4b8c7055c Set keystone bind_host to both public and admin
a31585837 Allow container healthchecks to access netlink data
f86c89e08 Add scenario002-standalone to gates as we make it voting
fe8b808fd Allow overlay tunnel endpoints on IPv6 address
ae8998f36 Enable image inject metadata properties & user roles to be ignored
7c070ab11 Fix address for glusterfs container images
df8e59249 Restart openshift master services after stack update
d59e016cd Fix files: for scenario003 standalone - pointing to wrong env
2d608e07b Move docker into deployment directory
33b5658f0 Deprecate duplicate NFV environment files
e7c7f79f9 Snmp - Use net_cidr_map for firewall rules
f2ff3eb74 Memcached - Use net_cidr_map for firewall rules
5666a4fe0 Designate - Use net_cidr_map for rndc_allowed_addresses
da1de3aaf Apache - Use net_cidr_map for proxy_ips
e0e885b8c Move cellv2 discovery from control plane services to compute services
a433e05e6 implement default ssh-from-ctlplane rule via hiera
89faf9c02 flatten tripleo-packages service configuration
8cf1a9993 Don't force Horizon's secure cookies to disabled
ab6395a64 Set container images for openshift 3.11
3e613f178 Remove openshift-ansible customization
e26a5ea3b Rely on osa defaults for enabled services
841e17511 Update manila environment file name in capabilities-map
f252778d6 Fix Chinese quotes
a693e6f1c Enable ovs-stats by default when using ovs
ed46e6e28 Per role Numa aware vswitch configuration
5cb7fee7a Introducing Nuage Neutron VRS resource.
54b78df00 Fix files conditions for scenario 007 and 008
806cbd470 Fix a spelling mistake.
Diffstat (except docs and test files)
-------------------------------------
README.rst | 2 +-
all-nodes-validation.yaml | 12 +
capabilities-map.yaml | 9 +-
ci/common/ironic_standalone_post.yaml | 17 +
ci/environments/multinode-3nodes-registry.yaml | 10 +-
ci/environments/multinode-containers.yaml | 8 +-
.../multiple-nics-ipv6/network-environment.yaml | 2 +-
.../nic-configs/ceph-storage.yaml | 92 ---
.../nic-configs/cinder-storage.yaml | 70 --
.../nic-configs/compute-dvr.yaml | 189 +++++
.../multiple-nics-ipv6/nic-configs/compute.yaml | 70 --
.../multiple-nics-ipv6/nic-configs/controller.yaml | 22 -
.../nic-configs/swift-storage.yaml | 70 --
.../network/multiple-nics/network-environment.yaml | 2 +-
.../multiple-nics/nic-configs/ceph-storage.yaml | 92 ---
.../multiple-nics/nic-configs/cinder-storage.yaml | 92 ---
.../multiple-nics/nic-configs/compute-dvr.yaml | 188 +++++
.../network/multiple-nics/nic-configs/compute.yaml | 70 --
.../multiple-nics/nic-configs/controller.yaml | 22 -
.../multiple-nics/nic-configs/swift-storage.yaml | 70 --
.../public-bond/nic-configs/ceph-storage.yaml | 92 ---
.../public-bond/nic-configs/cinder-storage.yaml | 70 --
.../network/public-bond/nic-configs/compute.yaml | 70 --
.../public-bond/nic-configs/controller.yaml | 28 -
.../public-bond/nic-configs/swift-storage.yaml | 70 --
ci/environments/ovb-ha.yaml | 57 +-
.../scenario000-multinode-containers.yaml | 10 +-
.../scenario001-multinode-containers.yaml | 33 +-
ci/environments/scenario001-standalone.yaml | 57 +-
.../scenario002-multinode-containers.yaml | 33 +-
ci/environments/scenario002-standalone.yaml | 40 +-
.../scenario003-multinode-containers.yaml | 39 +-
ci/environments/scenario003-standalone.yaml | 32 +-
.../scenario004-multinode-containers.yaml | 31 +-
ci/environments/scenario004-standalone.yaml | 31 +-
.../scenario006-multinode-containers.yaml | 11 +-
ci/environments/scenario006-multinode.yaml | 1 -
.../scenario007-multinode-containers.yaml | 52 +-
.../scenario008-multinode-containers.yaml | 4 +
ci/environments/scenario009-multinode.yaml | 1 -
.../scenario010-multinode-containers.yaml | 23 +-
.../scenario012-multinode-containers.yaml | 23 +-
ci/environments/scenario012-standalone.yaml | 42 ++
common/deploy-steps-tasks.yaml | 179 +++--
common/deploy-steps.j2 | 314 +++------
common/services.yaml | 54 +-
.../__init__.py | 0
.../nova_cell_v2_discover_host.py | 109 +++
.../nova_statedir_ownership.py | 8 +-
.../nova_wait_for_placement_service.py | 2 +-
.../pyshim.sh | 0
.../deployed-server-bootstrap-centos.sh | 10 +
deployed-server/deployed-server-bootstrap-rhel.sh | 10 +
deployed-server/deployed-server-roles-data.yaml | 1 +
deployed-server/deployed-server.yaml | 21 -
deployment/aodh/aodh-api-container-puppet.yaml | 9 +-
.../aodh/aodh-evaluator-container-puppet.yaml | 11 +-
.../aodh/aodh-listener-container-puppet.yaml | 11 +-
.../aodh/aodh-notifier-container-puppet.yaml | 11 +-
.../barbican/barbican-api-container-puppet.yaml | 215 +++++-
.../barbican/barbican-backend-dogtag-puppet.yaml | 0
.../barbican/barbican-backend-kmip-puppet.yaml | 0
.../barbican-backend-pkcs11-crypto-puppet.yaml | 5 +
.../barbican-backend-simple-crypto-puppet.yaml | 0
.../ceilometer-agent-central-container-puppet.yaml | 40 +-
.../ceilometer-agent-compute-container-puppet.yaml | 56 +-
.../ceilometer-agent-ipmi-container-puppet.yaml | 58 +-
...ometer-agent-notification-container-puppet.yaml | 44 +-
.../ceilometer-base-container-puppet.yaml | 0
.../cinder/cinder-api-container-puppet.yaml | 149 +++-
.../cinder-backend-dellemc-unity-puppet.yaml | 0
.../cinder-backend-dellemc-vmax-iscsi-puppet.yaml | 0
.../cinder/cinder-backend-dellemc-vnx-puppet.yaml | 0
...inder-backend-dellemc-xtremio-iscsi-puppet.yaml | 0
.../cinder/cinder-backend-dellps-puppet.yaml | 0
.../cinder/cinder-backend-dellsc-puppet.yaml | 0
.../cinder/cinder-backend-netapp-puppet.yaml | 22 +-
.../cinder/cinder-backend-nvmeof-puppet.yaml | 0
.../cinder/cinder-backend-pure-puppet.yaml | 10 +-
.../cinder/cinder-backend-scaleio-puppet.yaml | 0
.../cinder-backend-veritas-hyperscale-puppet.yaml | 0
.../cinder/cinder-backup-container-puppet.yaml | 73 +-
.../cinder/cinder-backup-pacemaker-puppet.yaml | 20 +-
.../cinder}/cinder-base.yaml | 0
.../cinder/cinder-common-container-puppet.yaml | 3 +-
.../cinder/cinder-hpelefthand-iscsi-puppet.yaml | 0
.../cinder/cinder-scheduler-container-puppet.yaml | 25 +-
.../cinder/cinder-volume-container-puppet.yaml | 244 +++++--
.../cinder/cinder-volume-pacemaker-puppet.yaml | 33 +-
.../openstack-clients-baremetal-puppet.yaml | 0
.../congress/congress-container-puppet.yaml | 139 +++-
...ntainer-image-prepare-baremetal-ansible.j2.yaml | 16 +-
.../database/mysql-base.yaml | 22 -
.../database/mysql-client.yaml | 0
.../database/mysql-container-puppet.yaml | 107 ++-
.../database/mysql-pacemaker-puppet.yaml | 110 ++-
.../database/redis-base-puppet.yaml | 0
.../database/redis-container-puppet.yaml | 60 +-
.../database/redis-pacemaker-puppet.yaml | 30 +-
deployment/deprecated/README.rst | 6 +
.../docker/docker-baremetal-ansible.yaml | 0
.../docker/docker-registry-baremetal-ansible.yaml | 0
.../deprecated}/logging/fluentd-config.yaml | 0
.../logging/fluentd-container-puppet.yaml | 63 +-
.../deprecated}/monitoring/sensu-base.yaml | 0
.../monitoring/sensu-client-container-puppet.yaml | 78 ++-
.../panko/panko-api-container-puppet.yaml | 312 +++++++++
.../tripleo-ui/tripleo-ui-container-puppet.yaml | 119 +++-
.../designate/designate-api-container-puppet.yaml | 54 +-
.../designate}/designate-base.yaml | 0
.../designate-central-container-puppet.yaml | 74 +-
.../designate/designate-mdns-container-puppet.yaml | 78 ++-
.../designate-producer-container-puppet.yaml | 50 +-
.../designate/designate-sink-container-puppet.yaml | 50 +-
.../designate-worker-container-puppet.yaml | 100 ++-
.../ec2/ec2-api-container-puppet.yaml | 192 +++++-
.../etcd/etcd-container-puppet.yaml | 84 ++-
deployment/glance/glance-api-container-puppet.yaml | 41 +-
.../glance/glance-api-logging-file-container.yaml | 2 +
.../glance/glance-registry-disabled-puppet.yaml | 57 --
.../haproxy/haproxy-container-puppet.yaml | 142 ++--
.../haproxy-internal-tls-certmonger.j2.yaml | 1 +
.../haproxy/haproxy-pacemaker-puppet.yaml | 73 +-
.../haproxy}/haproxy-public-tls-certmonger.yaml | 1 +
.../haproxy}/haproxy-public-tls-inject.yaml | 6 +-
.../heat/heat-api-cfn-container-puppet.yaml | 100 ++-
.../heat/heat-api-cloudwatch-disabled-puppet.yaml | 0
.../heat/heat-api-container-puppet.yaml | 108 ++-
.../heat/heat-base-puppet.yaml | 16 +-
.../heat/heat-engine-container-puppet.yaml | 171 ++++-
.../horizon/horizon-container-puppet.yaml | 182 ++++-
.../image-serve/image-serve-baremetal-ansible.yaml | 83 +++
deployment/ironic/ironic-api-container-puppet.yaml | 11 +-
.../ironic/ironic-conductor-container-puppet.yaml | 5 +-
.../ironic/ironic-inspector-container-puppet.yaml | 14 +-
deployment/ironic/ironic-pxe-container-puppet.yaml | 6 +
.../iscsid/iscsid-container-puppet.yaml | 21 +-
.../keepalived/keepalived-container-puppet.yaml | 11 +-
.../kernel/kernel-baremetal-puppet.yaml | 2 +-
deployment/keystone/keystone-container-puppet.yaml | 34 +-
.../login-defs/login-defs-baremetal-puppet.yaml | 0
.../logrotate-crond-container-puppet.yaml | 3 +-
.../manila/manila-api-container-puppet.yaml | 134 +++-
.../manila}/manila-base.yaml | 0
.../manila/manila-scheduler-container-puppet.yaml | 55 +-
.../manila/manila-share-common.yaml | 2 +-
.../manila/manila-share-container-puppet.yaml | 39 +-
.../manila/manila-share-pacemaker-puppet.yaml | 27 +-
.../memcached/memcached-container-puppet.yaml | 55 +-
.../messaging/rpc-qdrouterd-container-puppet.yaml | 80 ++-
deployment/metrics/collectd-container-puppet.yaml | 545 +++++++++++++++
.../metrics/qdr-container-puppet.yaml | 3 +-
.../mistral/mistral-api-container-puppet.yaml | 94 ++-
.../mistral}/mistral-base.yaml | 0
.../mistral/mistral-engine-container-puppet.yaml | 55 +-
.../mistral-event-engine-container-puppet.yaml | 34 +-
.../mistral/mistral-executor-container-puppet.yaml | 79 ++-
.../multipathd/multipathd-container.yaml | 3 +-
.../neutron/neutron-api-container-puppet.yaml | 238 ++++++-
.../neutron-bgpvpn-api-container-puppet.yaml | 19 +-
.../neutron-bgpvpn-bagpipe-baremetal-puppet.yaml | 0
.../neutron/neutron-cleanup | 0
.../neutron/neutron-cleanup.service | 0
.../neutron/neutron-dhcp-container-puppet.yaml | 140 +++-
.../neutron-l2gw-agent-baremetal-puppet.yaml | 0
.../neutron/neutron-l2gw-api-container-puppet.yaml | 21 +-
.../neutron/neutron-l3-container-puppet.yaml | 100 ++-
.../neutron-lbaas-api-container-puppet.yaml | 22 +-
.../neutron/neutron-metadata-container-puppet.yaml | 96 ++-
.../neutron-ovs-agent-container-puppet.yaml | 169 ++++-
.../neutron-ovs-dpdk-agent-container-puppet.yaml | 46 +-
...eutron-plugin-ml2-ansible-container-puppet.yaml | 28 +-
...tron-plugin-ml2-cisco-vts-container-puppet.yaml | 78 ++-
.../neutron-plugin-nsx-container-puppet.yaml | 37 +-
.../neutron/neutron-sfc-api-container-puppet.yaml | 14 +-
.../neutron-sriov-agent-container-puppet.yaml | 89 ++-
.../nova/nova-api-container-puppet.yaml | 306 +++++----
.../nova/nova-base-puppet.yaml | 10 +-
.../nova/nova-compute-common-container-puppet.yaml | 9 +-
deployment/nova/nova-compute-container-puppet.yaml | 765 +++++++++++++++++++++
.../nova/nova-conductor-container-puppet.yaml | 121 +++-
.../nova/nova-consoleauth-container-puppet.yaml | 49 +-
.../nova/nova-ironic-container-puppet.yaml | 66 +-
.../nova/nova-libvirt-container-puppet.yaml | 390 ++++++++++-
.../nova/nova-libvirt-guests-container-puppet.yaml | 4 +-
.../nova/nova-metadata-container-puppet.yaml | 129 +++-
.../nova-migration-target-container-puppet.yaml | 62 +-
.../nova/nova-placement-container-puppet.yaml | 118 +++-
.../nova/nova-scheduler-container-puppet.yaml | 97 ++-
.../nova/nova-vnc-proxy-container-puppet.yaml | 135 +++-
.../nova/novajoin-container-puppet.yaml | 7 +-
.../octavia/octavia-api-container-puppet.yaml | 142 +++-
deployment/octavia/octavia-base.yaml | 215 ++++++
.../octavia/octavia-deployment-config.j2.yaml | 12 +
.../octavia-health-manager-container-puppet.yaml | 65 +-
.../octavia-housekeeping-container-puppet.yaml | 56 +-
.../octavia/octavia-worker-container-puppet.yaml | 89 ++-
deployment/podman/podman-baremetal-ansible.yaml | 49 ++
.../qdr/qdrouterd-container-puppet.yaml | 66 +-
.../rabbitmq/rabbitmq-container-puppet.yaml | 168 ++++-
...rabbitmq-messaging-notify-container-puppet.yaml | 111 ++-
...rabbitmq-messaging-notify-pacemaker-puppet.yaml | 18 +-
.../rabbitmq-messaging-notify-shared-puppet.yaml | 20 +-
.../rabbitmq-messaging-pacemaker-puppet.yaml | 23 +-
.../rabbitmq-messaging-rpc-container-puppet.yaml | 113 ++-
.../rabbitmq-messaging-rpc-pacemaker-puppet.yaml | 16 +-
.../sahara/sahara-api-container-puppet.yaml | 99 ++-
.../sahara}/sahara-base.yaml | 0
.../sahara/sahara-engine-container-puppet.yaml | 56 +-
.../securetty/securetty-baremetal-puppet.yaml | 0
.../selinux/selinux-baremetal-puppet.yaml | 0
deployment/snmp/snmp-baremetal-puppet.yaml | 33 +-
deployment/sshd/sshd-baremetal-puppet.yaml | 26 +-
.../services => deployment/swift}/swift-base.yaml | 0
.../swift/swift-dispersion-baremetal-puppet.yaml | 0
.../swift/swift-proxy-container-puppet.yaml | 241 ++++++-
.../swift/swift-ringbuilder-container-puppet.yaml | 54 +-
.../swift/swift-storage-container-puppet.yaml | 144 +++-
.../tacker/tacker-container-puppet.yaml | 120 +++-
.../tripleo-firewall-baremetal-puppet.yaml | 61 +-
.../tripleo-packages-baremetal-puppet.yaml | 44 +-
deployment/zaqar/zaqar-container-puppet.yaml | 24 +-
.../services/logging/files/opendaylight-api.yaml | 2 +-
.../services/messaging/notify-rabbitmq-shared.yaml | 54 --
...aml => neutron-plugin-ml2-mlnx-sdn-assist.yaml} | 29 +-
environments/barbican-backend-dogtag.yaml | 2 +-
environments/barbican-backend-kmip.yaml | 2 +-
environments/barbican-backend-pkcs11-atos.yaml | 3 +-
environments/barbican-backend-pkcs11-thales.yaml | 3 +-
environments/barbican-backend-pkcs11.yaml | 5 +-
environments/barbican-backend-simple-crypto.yaml | 2 +-
environments/baremetal-services.yaml | 63 --
environments/cinder-backup.yaml | 4 +-
environments/cinder-dellemc-unity-config.yaml | 2 +-
environments/cinder-dellemc-vmax-iscsi-config.yaml | 2 +-
environments/cinder-dellemc-vnx-config.yaml | 2 +-
.../cinder-dellemc-xtremio-iscsi-config.yaml | 2 +-
environments/cinder-dellps-config.yaml | 2 +-
environments/cinder-dellsc-config.yaml | 2 +-
environments/cinder-hpelefthand-config.yaml | 2 +-
environments/cinder-netapp-config.yaml | 4 +-
environments/cinder-nvmeof-config.yaml | 2 +-
environments/cinder-pure-config.yaml | 3 +-
environments/cinder-scaleio-config.yaml | 2 +-
environments/cinder-volume-active-active.yaml | 8 +
environments/collectd-environment.yaml | 2 +-
environments/compute-real-time-example.yaml | 2 +-
environments/computealt.yaml | 18 +-
environments/config-debug.yaml | 2 +-
environments/container-image-prepare-debug.yaml | 5 +
.../disable-config-download-environment.yaml | 5 -
environments/disable-workflow-tasks.yaml | 6 -
environments/docker-ha.yaml | 12 +-
environments/docker-uc-light.yaml | 36 +-
environments/docker.yaml | 12 +-
environments/enable-designate.yaml | 10 +-
environments/enable-internal-tls.yaml | 27 -
environments/enable-tls.yaml | 19 -
environments/enable_congress.yaml | 2 +-
environments/enable_tacker.yaml | 2 +-
environments/external-loadbalancer-vip-v6-all.yaml | 40 ++
environments/hyperconverged-ceph.yaml | 1 +
environments/inject-trust-anchor-hiera.yaml | 12 -
environments/inject-trust-anchor.yaml | 10 -
environments/kubernetes.yaml | 2 +-
environments/logging-environment.yaml | 4 +-
environments/login-defs.yaml | 2 +-
environments/manila-cephfsganesha-config.yaml | 7 +-
environments/manila-cephfsnative-config.yaml | 7 +-
environments/manila-isilon-config.yaml | 6 +-
environments/manila-netapp-config.yaml | 6 +-
environments/manila-unity-config.yaml | 6 +-
environments/manila-vmax-config.yaml | 6 +-
environments/manila-vnx-config.yaml | 6 +-
.../rpc-qdrouterd-notify-rabbitmq-hybrid.yaml | 4 +-
.../rpc-rabbitmq-notify-rabbitmq-shared.yaml | 4 +-
environments/metrics-collectd-qdr.yaml | 4 +-
environments/monitoring-environment.yaml | 4 +-
environments/network-environment-v6-all.j2.yaml | 62 ++
environments/network-environment-v6.j2.yaml | 4 +-
environments/network-environment.j2.yaml | 4 +-
environments/network-isolation-v6-all.j2.yaml | 67 ++
environments/network-isolation-v6.j2.yaml | 9 -
environments/network-isolation.j2.yaml | 9 -
environments/neutron-bgpvpn-bagpipe.yaml | 5 +-
environments/neutron-bgpvpn.yaml | 2 +-
environments/neutron-l2gw.yaml | 5 +-
environments/neutron-ml2-ansible.yaml | 3 +-
environments/neutron-ml2-vpp.yaml | 2 +-
environments/neutron-ovs-dpdk.yaml | 6 +-
environments/neutron-ovs-dvr.yaml | 29 +-
environments/neutron-sfc.yaml | 3 +-
environments/neutron-sriov.yaml | 6 +-
environments/no-tls-endpoints-public-ip.yaml | 120 ----
environments/nonha-arch.yaml | 12 +-
environments/nsx-config.yaml | 2 +-
environments/openshift.yaml | 4 +-
environments/public-tls-undercloud.yaml | 2 +-
environments/securetty.yaml | 2 +-
environments/services-baremetal/barbican.yaml | 2 +-
environments/services-baremetal/cinder-backup.yaml | 4 +-
environments/services-baremetal/collectd.yaml | 2 +-
environments/services-baremetal/congress.yaml | 2 +-
environments/services-baremetal/ec2-api.yaml | 2 +-
environments/services-baremetal/etcd.yaml | 2 +-
environments/services-baremetal/fluentd.yaml | 2 +-
environments/services-baremetal/manila.yaml | 6 +-
environments/services-baremetal/mistral.yaml | 8 +-
.../neutron-bgpvpn-opendaylight.yaml | 2 +-
.../neutron-l2gw-opendaylight.yaml | 2 +-
.../services-baremetal/neutron-lbaasv2.yaml | 2 +-
.../services-baremetal/neutron-ml2-cisco-vts.yaml | 2 +-
.../neutron-opendaylight-sriov.yaml | 2 +-
.../services-baremetal/neutron-ovs-dpdk.yaml | 2 +-
environments/services-baremetal/neutron-sriov.yaml | 2 +-
environments/services-baremetal/octavia.yaml | 10 +-
environments/services-baremetal/sahara.yaml | 3 -
environments/services-baremetal/sensu-client.yaml | 2 +-
environments/services-baremetal/tacker.yaml | 2 +-
.../services-baremetal/undercloud-ceilometer.yaml | 6 +-
.../services-baremetal/undercloud-cinder.yaml | 6 +-
.../services-baremetal/undercloud-gnocchi.yaml | 2 +-
.../services-baremetal/undercloud-haproxy.yaml | 2 +-
.../services-baremetal/undercloud-panko.yaml | 2 +-
environments/services/barbican.yaml | 2 +-
environments/services/cinder-backup.yaml | 4 +-
environments/services/collectd.yaml | 2 +-
environments/services/congress.yaml | 2 +-
environments/services/ec2-api.yaml | 2 +-
environments/services/etcd.yaml | 2 +-
environments/services/fluentd.yaml | 2 +-
.../services/haproxy-public-tls-certmonger.yaml | 2 +-
environments/services/ironic-overcloud.yaml | 10 +
environments/services/ironic.yaml | 5 +-
environments/services/manila.yaml | 6 +-
environments/services/mistral.yaml | 8 +-
.../services/neutron-bgpvpn-opendaylight.yaml | 2 +-
.../services/neutron-l2gw-opendaylight.yaml | 2 +-
environments/services/neutron-lbaasv2.yaml | 2 +-
environments/services/neutron-ml2-ansible.yaml | 1 +
environments/services/neutron-ml2-cisco-vts.yaml | 2 +-
environments/services/neutron-nsx-lbaasv2.yaml | 2 +-
.../services/neutron-opendaylight-sriov.yaml | 2 +-
environments/services/neutron-ovn-sriov.yaml | 4 +-
environments/services/neutron-ovs-dpdk.yaml | 2 +-
environments/services/neutron-ovs-dvr.yaml | 33 +-
environments/services/neutron-ovs.yaml | 35 +
.../services/neutron-sfc-opendaylight.yaml | 2 +-
environments/services/neutron-sfc-ovn.yaml | 2 +-
environments/services/neutron-sriov.yaml | 2 +-
environments/services/novajoin.yaml | 2 +-
environments/services/octavia.yaml | 10 +-
environments/services/qdr.yaml | 2 +-
environments/services/sahara.yaml | 4 +-
environments/services/sensu-client.yaml | 2 +-
environments/services/tacker.yaml | 2 +-
environments/services/tripleo-ui.yaml | 3 +-
environments/services/undercloud-ceilometer.yaml | 6 +-
environments/services/undercloud-cinder.yaml | 6 +-
environments/services/undercloud-gnocchi.yaml | 2 +-
environments/services/undercloud-haproxy.yaml | 2 +-
environments/services/undercloud-panko.yaml | 2 +-
environments/services/zaqar.yaml | 2 +-
environments/ssl/enable-internal-tls.yaml | 3 +-
environments/ssl/enable-tls.yaml | 4 +
environments/ssl/no-tls-endpoints-public-ip.yaml | 1 +
environments/ssl/tls-endpoints-public-dns.yaml | 1 +
environments/ssl/tls-endpoints-public-ip.yaml | 1 +
environments/ssl/tls-everywhere-endpoints-dns.yaml | 1 +
environments/standalone.yaml | 4 +-
environments/standalone/standalone-overcloud.yaml | 4 +-
environments/standalone/standalone-tripleo.yaml | 13 +-
environments/storage/cinder-netapp-config.yaml | 10 +-
environments/tls-endpoints-public-dns.yaml | 109 ---
environments/tls-endpoints-public-ip.yaml | 109 ---
environments/tls-everywhere-endpoints-dns.yaml | 105 ---
environments/undercloud.yaml | 28 +-
.../updates/update-from-ml2-ovs-from-rocky.yaml | 8 +
.../cinder-veritas-hyperscale-config.yaml | 2 +-
extraconfig/post_deploy/undercloud_post.py | 10 +-
extraconfig/post_deploy/undercloud_post.yaml | 5 +
extraconfig/pre_network/config_then_reboot.yaml | 7 +
.../pre_network/host_config_and_reboot.yaml | 184 -----
extraconfig/services/ipaclient.yaml | 147 ++++
extraconfig/services/kubernetes-master.yaml | 4 +-
extraconfig/services/openshift-cns.yaml | 53 +-
extraconfig/services/openshift-master.yaml | 230 +++++--
extraconfig/services/openshift-node.yaml | 41 +-
extraconfig/services/skydive-analyzer.yaml | 9 +-
firstboot/os-net-config-mappings.yaml | 5 +-
network/endpoints/endpoint_data.yaml | 6 +
network/endpoints/endpoint_map.yaml | 82 +++
network/networks.j2.yaml | 4 +-
network/ports/net_ip_list_map.j2.yaml | 42 +-
network/ports/net_ip_map.j2.yaml | 22 +-
network/ports/net_vip_map_external.j2.yaml | 10 +-
network/ports/net_vip_map_external_v6.j2.yaml | 10 +-
network/service_net_map.j2.yaml | 147 ++--
network_data.yaml | 1 -
network_data_ganesha.yaml | 1 -
network_data_routed.yaml | 2 -
network_data_undercloud.yaml | 3 +
overcloud-resource-registry-puppet.j2.yaml | 134 ++--
overcloud.j2.yaml | 312 ++++-----
puppet/all-nodes-config.j2.yaml | 21 +-
.../all_nodes/neutron-ml2-cisco-nexus-ucsm.j2.yaml | 33 +-
puppet/extraconfig/pre_deploy/per_node.yaml | 20 +-
puppet/role.role.j2.yaml | 37 +-
puppet/services/README.rst | 31 -
puppet/services/apache.j2.yaml | 15 +-
puppet/services/barbican-api.yaml | 206 ------
puppet/services/ceilometer-agent-central.yaml | 79 ---
puppet/services/ceilometer-agent-compute.yaml | 74 --
puppet/services/ceilometer-agent-ipmi.yaml | 76 --
puppet/services/ceilometer-agent-notification.yaml | 71 --
puppet/services/certmonger-user.yaml | 4 +
puppet/services/cinder-api.yaml | 197 ------
puppet/services/cinder-backup.yaml | 114 ---
puppet/services/cinder-scheduler.yaml | 72 --
puppet/services/database/redis.yaml | 105 ---
puppet/services/designate-api.yaml | 117 ----
puppet/services/designate-central.yaml | 101 ---
puppet/services/designate-mdns.yaml | 106 ---
puppet/services/designate-producer.yaml | 74 --
puppet/services/designate-sink.yaml | 74 --
puppet/services/designate-worker.yaml | 126 ----
puppet/services/ec2-api.yaml | 210 ------
puppet/services/haproxy.yaml | 175 -----
puppet/services/heat-api-cfn.yaml | 147 ----
puppet/services/heat-api.yaml | 154 -----
puppet/services/horizon.yaml | 197 ------
puppet/services/iscsid.yaml | 41 --
puppet/services/logging/fluentd.yaml | 82 ---
puppet/services/manila-api.yaml | 104 ---
puppet/services/manila-backend-cephfs.yaml | 4 +
puppet/services/manila-scheduler.yaml | 75 --
puppet/services/manila-share.yaml | 70 --
puppet/services/messaging/notify-rabbitmq.yaml | 145 ----
puppet/services/messaging/rpc-qdrouterd.yaml | 101 ---
puppet/services/messaging/rpc-rabbitmq.yaml | 146 ----
puppet/services/mistral-api.yaml | 135 ----
puppet/services/mistral-engine.yaml | 79 ---
puppet/services/mistral-event-engine.yaml | 54 --
puppet/services/mistral-executor.yaml | 60 --
puppet/services/monitoring/sensu-client.yaml | 83 ---
puppet/services/neutron-base.yaml | 31 +-
puppet/services/neutron-compute-plugin-nuage.yaml | 2 +-
.../services/neutron-controller-plugin-nuage.yaml | 81 +++
puppet/services/neutron-dhcp.yaml | 157 -----
puppet/services/neutron-l3-compute-dvr.yaml | 21 -
puppet/services/neutron-l3.yaml | 137 ----
puppet/services/neutron-metadata.yaml | 140 ----
puppet/services/neutron-ovs-agent.yaml | 177 -----
puppet/services/neutron-plugin-ml2-ansible.yaml | 62 --
puppet/services/neutron-plugin-ml2-ovn.yaml | 22 +-
puppet/services/neutron-plugin-ml2.yaml | 8 +-
puppet/services/neutron-sriov-agent.yaml | 119 ----
puppet/services/nova-api.yaml | 338 ---------
puppet/services/nova-compute.yaml | 440 ------------
puppet/services/nova-conductor.yaml | 98 ---
puppet/services/nova-consoleauth.yaml | 72 --
puppet/services/nova-ironic.yaml | 71 --
puppet/services/nova-libvirt.yaml | 362 ----------
puppet/services/nova-metadata.yaml | 161 -----
puppet/services/nova-migration-target.yaml | 84 ---
puppet/services/nova-placement.yaml | 159 -----
puppet/services/nova-scheduler.yaml | 118 ----
puppet/services/nova-vnc-proxy.yaml | 209 ------
puppet/services/octavia-api.yaml | 180 -----
puppet/services/octavia-base.yaml | 164 -----
puppet/services/octavia-controller.yaml | 108 ---
puppet/services/octavia-health-manager.yaml | 105 ---
puppet/services/octavia-housekeeping.yaml | 97 ---
puppet/services/octavia-worker.yaml | 121 ----
puppet/services/opendaylight-api.yaml | 3 -
puppet/services/opendaylight-ovs.yaml | 3 -
puppet/services/ovn-controller.yaml | 1 +
puppet/services/ovn-metadata.yaml | 6 +-
puppet/services/pacemaker.yaml | 24 +-
puppet/services/pacemaker/cinder-backup.yaml | 77 ---
puppet/services/pacemaker/cinder-volume.yaml | 73 --
puppet/services/pacemaker/database/mysql.yaml | 87 ---
puppet/services/pacemaker/database/redis.yaml | 94 ---
puppet/services/pacemaker/haproxy.yaml | 70 --
puppet/services/pacemaker/manila-share.yaml | 59 --
puppet/services/pacemaker/rabbitmq.yaml | 58 --
puppet/services/panko-api.yaml | 124 ----
puppet/services/panko-base.yaml | 137 ----
puppet/services/qdr.yaml | 77 ---
puppet/services/rabbitmq.yaml | 193 ------
puppet/services/sahara-api.yaml | 126 ----
puppet/services/sahara-engine.yaml | 73 --
puppet/services/swift-proxy.yaml | 283 --------
puppet/services/swift-ringbuilder.yaml | 100 ---
puppet/services/swift-storage.yaml | 175 -----
releasenotes/notes/6.0.0-b52a14a71fc62788.yaml | 2 +-
...grade-specific-hiera-file-7a41a23017a545b9.yaml | 5 +
.../ContainerLogStdoutPath-20cbce05a1710d8a.yaml | 5 +
...eph_volume_mode-parameter-5553a9b39718a749.yaml | 9 +
...-GlobalConfigExtraMapData-793757a2b767abe3.yaml | 5 +
...d-mellanox-sdn-ml2-docker-58d242b5a8c40ade.yaml | 5 +
.../add-ovn-db-endpointmap-2f75dea0b3aa4513.yaml | 15 +
.../add_compute_manage_ksm-86fcbd1dc9a193ca.yaml | 7 +
...-always-set-cka-sensitive-7a9dc31290899cac.yaml | 5 +
...dhcp-in-neutron-container-1e7835e4e7292492.yaml | 4 +
...nder-volume-active-active-976f2bc33ab52c94.yaml | 8 +
...ainer_image_prepare_debug-52fcb324633d2cf0.yaml | 6 +
...recate-duplicate-nfv-envs-615d5b97bae6f9a9.yaml | 5 +
...ecate-xinetd-service.yaml-d7594bf8a7b714e2.yaml | 7 +
.../deprecate_docker_all-40eb568c9234a3d8.yaml | 5 +
.../deprecated_services-172a1ae6348e6c52.yaml | 4 +
...eat-non-lifecycle-actions-d551fe4551d71770.yaml | 10 +
.../docker_puppet_tasks-e74637224ee66f66.yaml | 5 +
.../drop-baremetal-haproxy-5e2f0f3c9b8da664.yaml | 4 +
...op-baremetal-mysql-server-a36a2f39f88c8181.yaml | 4 +
.../drop-baremetal-redis-2e2f221b9ee6f9cc.yaml | 4 +
.../drop-baremetal-sahara-f2922322511047de.yaml | 4 +
...metal-with-ironic-service-8c2909023e3896a5.yaml | 6 +
...nject-metadata-properties-72cdc946748e9b1b.yaml | 7 +
.../notes/logging-paunch-7fa8570b380a7ebd.yaml | 4 +
.../notes/minor-update-env-20657417094d4aeb.yaml | 7 +
...enroll-to-host-prep-tasks-934c6e0a9f75f15b.yaml | 8 +
...ata_lookup_string_to_json-69362e93d862bd87.yaml | 7 +
...ver_host_use_internal_api-1bebb3e9c6e69113.yaml | 7 +
...on_nbd_for_disk_migration-2e16003c4764a399.yaml | 12 +
.../notes/octavia-standalone-f1f1121ba77981c3.yaml | 8 +
...-enable-management-plugin-94b27747e4f5e685.yaml | 6 +
...-nic-config-params-script-d670279038411978.yaml | 8 +
...-disabled-glance-registry-2738b41a2e200d95.yaml | 5 +
...external-bridge-parameter-a0c7e7ff8d937541.yaml | 6 +
.../remove-old-tls-envs-137cf19b55526a81.yaml | 9 +
..._IPv6_for_tenant_networks-30938bfdde547969.yaml | 8 +
.../swift-container-sharder-b96c2fa43aa66aac.yaml | 6 +
...-api-to-httpd-support-tls-9b995fe4113b2412.yaml | 6 +
...tch-to-default-ovn-driver-ab4ae9d348158d61.yaml | 16 +
.../notes/tripleo_ui-1923e35ee139f777.yaml | 4 +
.../undercloud-tripleo-admin-7043cc0b2e4bfb8a.yaml | 5 +
...-cinder-netapp-parameters-cf6da846e72007df.yaml | 11 +
.../var_lib_docker_deprec-0c48311c01605228.yaml | 7 +
roles/BlockStorage.yaml | 1 +
roles/CellController.yaml | 56 ++
roles/CephAll.yaml | 1 +
roles/CephFile.yaml | 1 +
roles/CephObject.yaml | 1 +
roles/CephStorage.yaml | 1 +
roles/Compute.yaml | 1 +
roles/ComputeAlt.yaml | 1 +
roles/ComputeDVR.yaml | 1 +
roles/ComputeHCI.yaml | 1 +
roles/ComputeInstanceHA.yaml | 1 +
roles/ComputeLiquidio.yaml | 1 +
roles/ComputeOvsDpdk.yaml | 1 +
roles/ComputeOvsDpdkRT.yaml | 1 +
roles/ComputeOvsDpdkSriov.yaml | 1 +
roles/ComputeOvsDpdkSriovRT.yaml | 1 +
roles/ComputePPC64LE.yaml | 1 +
roles/ComputeRealTime.yaml | 1 +
roles/ComputeSriov.yaml | 1 +
roles/ComputeSriovRT.yaml | 1 +
roles/Controller.yaml | 4 +-
roles/ControllerAllNovaStandalone.yaml | 2 +-
roles/ControllerNoCeph.yaml | 4 +-
roles/ControllerNovaStandalone.yaml | 2 +-
roles/ControllerOpenstack.yaml | 2 +-
roles/ControllerStorageNfs.yaml | 4 +-
roles/Database.yaml | 1 +
roles/DistributedCompute.yaml | 1 +
roles/DistributedComputeHCI.yaml | 1 +
roles/HciCephAll.yaml | 1 +
roles/HciCephFile.yaml | 1 +
roles/HciCephMon.yaml | 1 +
roles/HciCephObject.yaml | 1 +
roles/IronicConductor.yaml | 1 +
roles/Messaging.yaml | 1 +
roles/Networker.yaml | 2 +
roles/Novacontrol.yaml | 1 +
roles/ObjectStorage.yaml | 1 +
roles/Standalone.yaml | 15 +-
roles/Telemetry.yaml | 1 +
roles/Undercloud.yaml | 10 -
roles_data.yaml | 8 +-
roles_data_undercloud.yaml | 10 -
sample-env-generator/enable-services.yaml | 14 +-
sample-env-generator/messaging.yaml | 14 +-
sample-env-generator/networking.yaml | 2 +-
sample-env-generator/openidc.yaml | 2 +-
sample-env-generator/ssl.yaml | 23 +-
sample-env-generator/standalone.yaml | 25 +-
sample-env-generator/storage.yaml | 8 +-
tools/merge-new-params-nic-config-script.py | 19 +-
tools/process-templates.py | 2 +
tools/yaml-validate.py | 80 +--
tox.ini | 4 +-
validation-scripts/all-nodes.sh | 8 +-
zuul.d/layout.yaml | 108 +--
639 files changed, 12276 insertions(+), 16739 deletions(-)
More information about the Release-announce
mailing list