We exuberantly announce the release of: tripleo-heat-templates 8.0.0: Heat templates for deploying OpenStack with OpenStack. This release is part of the queens release series. The source is available from: http://git.openstack.org/cgit/openstack/tripleo-heat-templates Download the package from: https://tarballs.openstack.org/tripleo-heat-templates/ Please report issues through launchpad: https://bugs.launchpad.net/tripleo For more details, please see below. 8.0.0 ^^^^^ New Features ************ * Add KernelIpForward configuration to enable/disable the net.ipv4.ip_forward configuration. * Allow to configure extra Kernel modules and extra sysctl settings per role and not only global to the whole deployment. The two parameters that can be role-specific are ExtraKernelModules and ExtraSysctlSettings. * If TLS on the internal network is enabled, the nova-novnc to libvirt vnc transport defaults to using TLS. This can be changed by setting the "UseTLSTransportForVnc" parameter, which is "true" by default. A dedicated IPA sub-CA can be specified by the "LibvirtVncCACert" parameter. By default the main IPA CA will be used. Bug Fixes ********* * Fixes GUI feature loaded into OpenDaylight, which fixes the GUI as well as the URL used for Docker healthcheck. Changes in tripleo-heat-templates 7.0.0.0rc1..8.0.0 --------------------------------------------------- 295f22b kernel: make ExtraKernelModules and ExtraSysctlSettings role-specific b11e641 Adding a workaround for enabling steering in ConnectX-3 devices 25eba57 Add KernelIpForward configuration 5871c9f Fixes OpenDaylight healthcheck/GUI feature f0c01ef Add a ComputeInstanceHA role 9800a56 Add support for libvirt VNC TLS 1b767be Add step to run secret_store_sync before instance startup 6cd4184 Update UPPER_CONSTRAINTS_FILE for stable/queens a8688e9 Update .gitreview for stable/queens c43a910 Import net-config-simple-bridge.yaml from tropleo-ci repo c2538f7 Disable murano horizon plugin until dep is met d0a0397 Use ipaddress module b5f2985 Revert "Add firewall chain configuration" dd9b008 Make the minor update for docker idempotent 3ba9190 Zaqar: Bind to IP, not proxied host a929185 Enable mistral-api health check b2c996c Enable mistral-event-engine health check ec8d2ba Set openshift_(ip|hostname) to ctrlplane ip fc06a7d Introduce wait_backoff, fail_if_empty wrappers 9348508 ffu: Introduce Keystone fast-forward upgrade tasks 5b9127c Return old ranges to network_data.yaml 293dc73 Fix invalid Ceph and BlockStorage role template 06afcee FFU: repo section string manipulation error. 11ff6d0 Add extra yaml validations in upgrade tasks. cf64b89 Remove tags from upgrade tasks for ptp.yaml. bbf0e9b Allows Configuration of Additional of Lbaas and Neutron ca77210 Do not remove packages during FFU d726a9c Add cisco VTS ML2 template for a dockerized service and default environment settings e8634c8 Add OVN Hardware Offloading environment files ec4f24e ffu: Introduce Glance fast-forward upgrade tasks d2073a1 ffu: Introduce Cinder fast-forward upgrade tasks 781094e ffu: Introduce Nova fast-forward upgrade tasks b627ccb ffu: Introduce Swift fast-forward upgrade tasks 65b05c0 ffu: Introduce Pacemaker fast-forward upgrade tasks c538e29 ffu: Introduce prep workarounds for FFU 93083a6 ffu: Add fast-forward-upgrade env 961f731 Refactor get-occ-config.sh 4be6bb1 FFU: Introduce gnocchi fast-forward-upgrade tasks 863c798 Adding support for ComputeLiquidio role in Network jinja file. Since Liquidio compute nodes contain Liquidio smart NIC, tenant network ip is assigned in the smart NIC instead of Compute node. 0b1afb4 Allows for configuration of the Ceph cluster name a1ec856 Add firewall chain configuration 0ddfff7 Do not use the 3rd argument of yaql groupBy e4faefc Enable multipathd health check 4982646 Improve the minor update of the docker service dcf126b Remove unused DeploymentActions resource db61b37 Add RHELRegistrationActions to rhel-registration template b7a70f5 Removed ovs-dpdk workaround to fix the vhost socket permission 1902907 Simplify FastForwardRepoArgs structure used in FFU repo selection. f48709e Revert "Disable SNMP service in all CI jobs" 43155ed Restrict SNMP to internal network 995cf71 docker: don't override horizon::vhost_extra_params 05a0f6c Add TripleOFirewall service to undercloud roles 9d9289c undercloud: remove duplicate Neutron Server entry c658ca5 docker-registry: add missing firewall rules fd7999c mistral-executor: mount /var/lib/mistral e897da3 Update YAQL queries with groupBy ee0521b Add reno for manila generic driver removal dc811f8 Fix a typo in docker_puppet_apply.sh fa026d6 Add non-production ceph defaults to low-memory-usage.yaml 985e037 docker: configure group/user for deployment_user 7b762a6 Disable UseDNS in sshd config fb27465 Mount netns as shared to persist namespaces 029ec62 Add pacemaker upgrade_tasks for P..Q major upgrade dc9fcd3 Align zaqar max_messages_post_size with undercloud 53c2327 Undercloud: support for external VIP for SSL ac9af72 Fix PublicVirtualFixedIPs in envs 2468fe1 undercloud_post: fix subnet name f89d8d2 Unify the Cinder HA and non-HA docker configurations 32fe279 Undercloud: fix stackrc TLS URL detection 7a5d5a8 Add tls roles for undercloud cb90c8c Disable SNMP service in all CI jobs d20264c Do not depends on the order of the hash vars in ffu repo switching. 7e43466 Added and modified the services for ComputeLiquidio role 910cf40 Add docker service for neutron-ovs-dpdk-agent service 2adb2b6 Fixes missing SSL configuration for Neutron DHCP agent b2d7622 Adding new config parameters for Cisco UCSM ML2 driver 3d8f47a ffu: Allow FASTFORWARDUPGRADE as a StackUpdateType cf1de90 Allow passing custom openshift-ansible playbook a3b3653 Revert "Enable *_use_fqdn in ceph-ansible when EnableInternalTLS" 1dec175 Render NIC config templates with jinja2 26553aa Add support for OVN hw offloading in containers f9e099f Ensure node is rebooted before enabling DPDK b121325 Enable Barbican health checks 7f48117 Add name to debug tasks 60a209b Ignore same file errors for templates processor 50bd7f1 Cleanup /etc/sysconfig/iptables on stack update 2629906 Fix docker neutron logging 7cf9a76 ffu: tripleo-packages repo management acb2475 ffu: Add fast-forward upgrade outputs to RoleConfig 0cb5c84 Always evaluate step first in conditional e6946bc Fix custom output dir for templates processor a1c479f [Upgrade] Reuse OVS workaround in docker neutron ovs agent 39cf6ef Adding docker service for the L2GW 910e39c Adding docker service for BGPVPN Service Plugin 8318923 Fix docker nova logging 5defc7a Expose params to enable panko expirer cron cc9ec3d Mount central agent log dir to access outside the container b2b37b6 Add S3 storage driver as an option and its config 83ae4b7 Adding /usr/share/neutron/server config dir fa66c32 Do not generate apache/haproxy certs for invalid networks 5ebcd23 OpenShift: Properly disable bare metal OVS 05b8f5e Set rgw_keystone_revocation_interval to 0 for ceph-ansible 0845f02 Remove tags from upgrade tasks for aide.yml. d0a92f1 Add PTP composable service ab1a421 Add new encryption middleware to swift proxy 5d81257 Add Mistral to the provided controller roles dfb6a4c Add --live-restore to the docker_options in puppet/services/docker.yaml 5e0e06b Move options out of the OpenShiftMaster template 254d1de OpenShift: Accept generic global parameters bc86181 Fix missing Swift d1 directory b20bce1 logging: use service_config_settings for fluentd e5c72b1 Fixes SSL/TLS with OpenDaylight docker service 6f2204f RHSM: update parameters in doc b9ebc4e Pass storage nfs VIP to ceph-ansible 96b82d1 Add support for ceph-nfs manila backend 52ac3b3 horizon: trigger _member_ role creation in Keystone fa95169 Remove heat-api-cloudwatch service support 35e024a Include check of deployed server configs in multinode 4308485 Restore disable templates for telemetry for Queens 91db202 Fix Redis TLS setup and its HA deployment 64e648d Fix the paths for the enable-internal-tls.yaml file in the ssl/ dir ee65c76 Add a StorageNFS network for use by Manila/Ganesha f17b0a1 Revert "Introduce wait_backoff, fail_if_empty wrappers" e727fd4 Remove redundant action key on NetworkDeployment 897f828 Add bond-network-templates for OVB public bond CI 77c82f6 Add subnet property to ctlplane network for server resources 25b0b97 Add incoming storage driver param 4ae6833 Disable ceph-mgr dashboard module 3c7c763 Enable Neutron server health check 7fa5b28 Fix OpenDaylightConnectionProtocol deprecated 9a2dcc2 Zuul: Remove project name 56038f3 Change type of CephAnsiblePlaybook from string to comma_delimited_list ec08df3 Expose param to configure EventTTL 8b578da inspector: fix perms on /var/lib/ironic e99296b Add CephClient and CephExternal to the Telemetry role 6381879 Bind mount the database client settings in cinder_api_db_sync 0f2f51d Fix hardcoded dependency for ExtraConfigPost. bfbab1d Add release notes for IPSec 9875e4e Adding support for odl hw offloading in containers 9ec8c8f Make sure deploy_steps_max is defined for update playbook afe81a4 Add support for Dell EMC VNX Cinder Backend 0dcb51e Enable configuring tripleo-ipsec variables through IpsecVars 886b815 Upgrade ODL c5e692c Added realtime NFV roles for OVS-DPDK and SR-IOV dae0bd9 Tie keystone admin API port to what we configure in t-h-t 785d1b2 Configure qemu group setting as hugetlbfs for ovs-dpdk 0c65801 Run cinder-backup in a privileged container 2a25eda Sync services on roles/Telemetry.yaml ba0719c Add {{step}} var to Task name 86e3cf2 Add post_upgrade_tasks with post_upgrade_steps_playbook output 54f14a0 Switch to ceph-ansible rolling_update on upgrade converge b4c1110 Add OVNController service to Networker role 71d59bb ovn: Provide the option to configure OVNCMSOptions ('ovn-cms-options') as a role parameter d5be6a2 Introduce wait_backoff, fail_if_empty wrappers a592cc0 Pass blacklisted_{ip_addresses,hostnames} to major_upgrade_steps 238675b Update to openshift 3.7 a592631 Assign labels to nodes 4260db4 Default service plugin for OpenDaylight scenario are not present d3e053c Add tag "always" to the inclusion of global_vars.yaml 1c6e2d8 Environment to disable Neutron networks 06bab12 Add custom role for realtime compute a9890d7 Add IPSEC service to ovb-ha environment c889a3d Update pingtest description 49c0316 Ensure packages for octavia only when EnablePackageInstall is True 278b141 Add endpoint for ODL 01ae609 Updated from global requirements 966f4a7 Configure neutron notifier to use internal endpoint type for nova 706053f Add release notes for the migration of Ceph env files to containers 178cfdd Add rgw_keystone_implicit_tenants to ceph-ansible/ceph-base.yaml 7320053 Add barbican keystone notification topics e2c18c3 OpenShift: Don't pre-install Docker 39b7b93 Add yaml validations for FFU. 43bd273 Enables configuring Octavia flavor by default 360ed77 Don't run check-tripleo OVB jobs frm RH1 anymore a8fd321 Adds SSL/TLS everywhere for OpenDaylight 5cbf193 Enable Redis health check e2caa40 Migrates ceph-{radosgw,mds,rbdmirror} to ceph-ansible 1e00567 Containerize keepalived e08ddb1 Enable panko API health check 4254e58 Do not format output for kubespray or openshift deployments 997f4f6 Fix server post deploy step with config-download e658c4b Align Manila Share docker templates d006711 Allow defaults for Image/Flavor/RoleParameters in roles_data.yaml c572c99 Fix path to ceph-mgr in storage-environment a2a0ba9 Move step 1 preparation to deploy-steps-tasks.yaml 7ee9f00 Point heat.conf[clients_keystone/auth_uri] to the public endpoint. 1363eda Split IPSEC deployment in two bee24f0 Updated from global requirements 3ecb286 Set permissions for openstack keyring on CephPools e10d529 Introduce tests for yaql structures 2e7b195 Include common_deploy_steps_tasks.yaml cc0c466 Correct erroneous upgrade tasks. 75a062b Adding support for ovs hw offloading in containers 17a7c25 Enable *_use_fqdn in ceph-ansible when EnableInternalTLS dc8a61b Replace hardcoded profile name with _TUNED_PROFILE_NAME_ f95306a Revert "Revert "Re-enable voting on scenario002-container"" 9d692aa Run Octavia configuration on the overcloud 3d13feb Updated from global requirements 41988ea Default empty map for docker_config steps 07f275b Deprecate CeilometerWorkers dc6c1a9 Updated from global requirements d06b1db Updated from global requirements 85d2c53 Configure ODL Logging mechanism 9664b3b Add become: true for host_prep_tasks d4a5876 Also pass blacklisted hostnames 79570ed Workflow execution blacklist support 7e68dbd Implements AIDE Intrusion Detection System 913444d Update default value for derive params workflow inputs 615128f Add support for outputting role-specific parameters 39c6233 Revert "Re-enable voting on scenario002-container" 7bd8942 Cinder containers: volume and env customizations d11d815 Latest Nexus Configuration Variables Updates 85e006d Add support for OVN Metadata Agent fb9d834 Containerize multinode-3nodes 100784c Drop redundant delay param 7823d27 zuul: run scenarios when touching pacemaker services f75f429 Set cloud_name hiera parameter for composable networks bb9fd2c Reinstate common overcloud manifest for all roles b9870d4 Configure auth_uri for swift proxy explicitly without suffix 5e8bec8 Remove unused env var during mysql bootstrap 7bf4edd Enhance completion message when upgrading non controller nodes f6108f5 Create Swift directory d1 if required 2194cce OvsDpdkMemoryChannels parameter default value b008e04 Fix the dellemc vmax to use the correct hiera name a1088cb ci: update multinode-3nodes-registry 7be65d2 Fixes generating public certificates db60365 update example repos to more closely match OSP 13 requirements 761a809 Re-enable voting on scenario002-container ec1be1f kernel: allow to override modules & sysctl settings cdadebc Fix log file nova-conductor service 6f834f6 Use docker_config_scripts for puppet apply 5f3e82c Correct panko auth region df42eb1 Remove Octavia LBaaS service plugin from neutron config 8eb351d Fix path for iscsi config file 511c25d Add DockerPuppetDebug to environments/config-debug.yaml 7170307 Update CI coverage in README c3cbce2 Convert ipv4 nic-config templates c743183 Use relative path in ipv6 nic configs 0c76a2a Start step at 0 for update_ + upgrade_steps_playbook d68619a Update Ceph container CPU/memory limits in Ceph scenarios dec003d Convert tags to when statements for Q major upgrade workflow 23abbda Revert "zuul: disable voting on scenario 001, 002 and 003" 4b2ef68 Removal of Contrail templates 3764ab1 Enable DockerPuppetDebug ee4ddad Add connection timeout options to ssh bf819a0 ci/telemetry: Decrease test_telemetry_integration time b83a62f Allow for optinal volumes and env variables cfcfed7 OpenShift: allow scheduling on all nodes fe3be57 IPSEC: stop relying on cloning the repository from t-h-t fc49be5 Add PublicVirtualFixedIPs to ci network-environment.yaml 749a99a Add composable network VIPs for puppet configuration eb32476 puppet apply: add --summarize a857184 Add missing CephClient service to ControllerNoCeph role cb875d3 Add parameters to configure options in keystone's security_compliance group 7d69b51 Set tftp to only listen to the provisioning network 42497c8 Define 'NeutronPluginExtensions' in OVN environment files with dns extension 82f128f Fix puppet config volume for iscsid in containers 1b0eb4b Clean trailing whitespace in HciCeph roles 95bafaf zuul: cleanup old unused jobs f855222 CI: move tacker / congress from scenario001 to 007 c54b1b6 heat-base: remove default policy rules ae81ed9 scenario001: disable mongodb (not used) fc2d8b2 Remove pingtest env for scenario007 2fa0ece multinode-contaier: reduce the number of services 6a6872f Introduce OS::TripleO::Services::Rhsm 45e96e5 Remove _member_ role from the keystone accepted roles b54135f Telemetry Needs Redis 30154ed Add MinPoll and MaxPoll options to NTP module cec4158 Add docker-registry service 4fbc896 Adds environment file for ODL OVS Hardware Offload 609784d fix generate_environments to run in python3 6035443 Fixing bug in "test_environment_generator.py" e5cda83 Add new roles for Ceph containerization 309e409 zuul: disable voting on scenario 001, 002 and 003 5ef76cc Allow to increase docker daemon verbosity 02d452a Enable barbican keystone listener e9a1122 Add support for DVR in OVN based environments f5754bf swift_rsync: don't bind mount /run ba2169d Parameterize ceph-ansible environment variables 80e9bb3 nova: Add VerifyGlanceSignatures compute param b13728c Update templates alias to queens e144858 Create flavors for undercloud d8b1d64 Manila network plugin address family support bab6ec2 Wait for rabbitmq_ready tag a7842a7 Enable collectd to send metrics to Gnocchi bfe876e Check for yum lock befor all yum* operations. 13afaf0 fix the description of CongressDebug 4d7e03b Add proper debug switch on init_bundles f3f1437 Add ovs hardware Offload support to ovs mechansim driver 4e6eeb1 Improve comment re nova live_migration_tunnelled setting 58736c0 Enable queueing to use barbican workers for key generation 5ada691 Fix permissions on .ssh directory. 88bbed3 Add readme for experimental extraconfig/services 8dd99ba Deploy OpenShift using OOO on the overcloud 3a94c99 Add ceph-rbdmirror ansible container service f66df2e Add "clean" tox target 11e2cf0 Revert "Add upgrade task to run gnocchi upgrade" 22b5fd7 Expose logs from nova_libvirt container 51a3b05 Improve debugging possibilities for docker-puppet.py time handling 1971e7b Passes NodeDataLookup to ceph-ansible workflow e8ab069 Cleanup dead code 09dcd7e Search for containers within stopped containers. ec6a94b Autogenerate the barbican simple crypto KEK bb9e7a4 Disable SSH key access to amphora 7ab4bd4 Add auth_type to service_auth configuration 40530c0 Add missing keystone_domain_config a59be61 Add Novacontrol role b97fa08 Implements: Heat template for integrating Cavium SmartNIC LiquidIO a0c7f55 Set barbican to be configured in step 3 f464e3d Add parameters for Barbican worker image 1e37924 Add glance config for barbican c56cdc8 Add Instance HA support 07bc933 Add DockerDebug 2486af2 undercloud: set default_resource_class to 'baremetal' da42199 Generate a default keypair for nova. 315091e Add a new UndercloudHomeDir parameter 1ad70e7 Add NovaSchedulerMaxAttempts parameter c4e6a70 Enable docker-puppet.py for a single config_volume c0b2271 Add support for providing Octavia cert data 1331fea Add Octavia certificate parameters 3dfd327 Add support for Octavia service-to-service credentials 08641d8 Use StrictHostKeyChecking=no in enable-ssh-admin.sh 4a708af Add modulepath option when applying puppet inside docker. d0702e8 Add a tag to all the role specific parameters c45a8a4 deploy-steps.j2: use ansible to bootstrap environment 1e77eab Add parameters for Barbican keystone listener 819d0f4 Add DockerRegistryMirror parameter 635f24c SR-IOV agent: allow to configure agent extensions 34b7a81 Add -c for clean_templates ac6c11f Make Kubespray install work without --private-key too f8decc7 Add multiple secret store backends for barbican 898ad4f Add IPSEC composable service 1828238 Set simple crypto plugin as global default for Barbican 0524c86 Add deploy_steps_tasks interface f64eabf Add noop's for docker pacemaker for rabbitmq 7a3fc67 Add name property where missing f62ce9c CI: Test multi-rbd backend for cinder in scenario001 9207b00 Make CephPools override properties of other pools d760921 Create /var/log/containers on Swift storage-only nodes 113b86d scenario002: enable panko and ceilo-compute-agent faf245d Remove -U from pip install ad8ee6a undercloud: enable ansible deploy method by default dd3dfed Cleanup CI files for scenario007 on baremetal a76090a scenario002: configure SimpleCryptoKek ae34bee Enable Barbican simple_crypto backend bde39b6 Move scenario001 and scenario003 back to the gate e355e33 zuul: remove file rule for ovb-ha 27b2cd8 OpenDaylight BGPVPN driver has been deprecated 63bea76 Do not use lsns to kill non-containerized epmd on the host 9f97a4e Move Kubespray job from experimental to check 3a4698d Avoid tox_install.sh for constraints support ce2f5b8 Exclude 'vnet' interfaces from being candidates for running a dhcp client. ba273f2 Reintroduce TripleoPackages in the default Controller service. 6c1244d gnocchi: mount the correct volume for /etc/ceph 0f310f2 Fix optional services-docker environment files e870783 Allow to override manage polling param 995217f zuul: run container jobs when touching puppet services 44e1b94 Add NovaMigrationTarget service to SR-IOV Compute role a3769c0 Redis replication does not work with TLS ebc8414 Redis replication does not work with TLS 9726a78 Update capabilities-map.yaml to include latest storage environments cb17631 Don't fail Kubespray scenario if swap is enabled 502fde7 Implements management of `/etc/login.defs` cfcbf3d Add ComputeAlt role and environment c54c622 Fix neutron agent start order 4eab1a7 ci: add ovb-ha.yaml 5595e7f Swap the order of stdout and stderr in debug output ce64848 Add validation task in docker services [Horizon] 904cc3d Pass private key file from parent Ansible to Kubespray 849a00b Stop creating kubectl binary on undercloud 2531c07 Download Kubespray instead of git clone 4cbac12 Remove hiera hook transition from the upgradeinitcommand. ebf3124 Memory channels parameter default value 570c957 Ensure rsyncd PID file is removed during overcloud updates a460a09 Select first node as bootstrap node not using name 86608ee Don't assume single sub_node in nic config f0e5f05 Remove Cinder UID from CephX keyrings' ACLs 9a4fd69 Enable ironic staging drivers in the undercloud ce48b4c undercloud: support the standard set of hardware types and interface bd69b09 Remove unused pre_network configuration 0f55e3a Remove httpd log dir for glance-api 1ed1f1d Remove hardcoded skydive container image ead7018 Remove hardcoded docker image names 05dbb4e Fix applying pci whitelist in nova compute 2e3a91f Fix ovs/netns mounts for neutron agents 079c0ff Mount /var/cache/swift across containers aa8bf4b Ensure os-net-config conditional for upgrade doesn’t fail. fac92ba Fix wrong logic for triggering os-net-config special handling. fbb3dd9 Set the default CephAnsiblePlaybook to use into the env files 0f49e8e Add EndpointMapOverride parameter f291555 Add parameter ExtraHostFileEntries 30d602c Allow empty list of enabled_roles d4bbea3 Trigger Kubernetes/OpenShift jobs on changing themselves 1ccb030 docker/internal TLS: spawn extra container for ec2api TLS proxy 927495f Change template names to queens 263ea5e Add DeployIdentifier to Nova discover hosts container b66dda4 ci: remove Heat services from some scenarios 64854af Fix glance config generation when using NFS 9ce99ce Add noop-deploy-steps.yaml environment 9ce8695 Add external_post_deploy_tasks interface e13c06c CI: remove useless templates 07dc724 Make CephPools type json instead of list 5c7c51f Make scenario007-container voting b336b45 RHEL/Update: replace wc by yum to check updates b3d1d45 Stop the object-expirer service before removing swift-proxy 524c676 Remove scenario003 from the gate 03e8766 Host access fixes for Kubespray playbook run ed2b957 Fix all outputs|failed and outputs is defined 60925fa Add upgrade task to run gnocchi upgrade 3cea68f Deploy Ceph Luminous and add support for CephMgr service 41921cf Add swift_config puppet tag to the dockerized proxy service 0a001b6 Correct ignore_error -> ignore_errors 3d510d7 Add option for barbican API container to log to stdout/stderr 93adbba Format SwiftRawDisks before attempting to mount 5de608f Add debug to neutron agents df18509 Disabled fwaas plugin for horizon 365230a Dynamically generate VIP hiera entries 2aab697 Re-enable libvirt TLS with SCRAM SHA-1 auth f982eb5 logging: merge fluentd-client and fluentd-base d492677 Add validation task in docker services [Aodh] 32d5e0c Add option for HAProxy (non-HA) container to log to stdout/stderr 97f9a01 Add rsyslog-sidecar resource and configuration 33c5207 Update Iscsid puppet_config to reset host's IQN 17acd02 Debug configuration for neutron metadata agent 809c0d8 Add ignore_errors for memcached readme.txt 719a211 Updated from global requirements 3ebcb8e Added NovaMigrationTarget service to OVS-DPDK role 3b1e644 Dynamically generate FQDN hiera entries 6c41713 Migrate THT to zuul v3 jobs a307fe7 Drop step_config as top level docker requirement f890e4e Revert "Revert "Tag workflows created by the templates"" ce7b65f Set file mode permission for Ceph keyrings in containers c17c806 Remove too opinionated parameters from kubernetes.yaml environment 9515af7 Run rabbitmq_policy,rabbitmq_user with pacemaker 451020b Enable httpd to request certificates for the "external" network e095995 Using stevedore alias for BGPVPN/L2GW Service Plugin c0e1ef6 Remove TLS-specific docker environment dc621da Add yml extension to kubespray inventory 84e9425 Polish swift containers logging configuration 85ec193 Write readme.txt into old log directories 1e43e5b OVN: Provide the option to define NeutronBridgeMappings as a role parameter bdf1ade Set restrictive file permissions on Ceph keyrings for non-containerized deployment ef78b46 Undercloud: Add router for IPv6 ctlplane subnet efa7f8f Set host name explicitly for telemetry 3f13662 Enable ntp iburst 726303d Add validation task in docker services [Mixed-2] 0b3932a Use 'NeutronTenantNetwork' instead of 'NeutronApiNetwork' for ovn-encap-ip 5ac3f3c Enable TLS for ec2api metadata service b356cd8 Pass the CloudDomain parameter down to hiera on all nodes 07ce5c4 Add undercloud cinder roles and environment files 1624e1c Set notification_format to 'unversioned' ce7d8e3 Move parameter to parameter_defaults section db60db9 Add missing host_prep_tasks for memcached 0b51178 Add option for panko container to log to stdout/stderr 97e3a2f Add option for heat containers to log to stdout/stderr 759d107 Add option for nova-libvirt container to log to stdout/stderr 1e1a86e Deprecate hyperconverged-ceph.yaml ee10ae9 Fail on upgrade if legacy ceph::profile::params::osds hiera is found 1bbcc5d libvirt: Remove unnecessary binding of /var/log/containers/nova c651a67 Add option for nova compute container to log to stdout/stderr f0b4b0d Add Docker service to the undercloud roles ebcaabc Update default cell_v2 cell when it already exists 61fcfca Refactor cellv2 host discovery logic to avoid races 2267342 Change default ml2 firewall driver back to iptables_hybrid 669be6f Add missing host_prep_tasks for log dirs creation f48e11e Make sure /var/lib/mysql rights are setup correctly. 659d23a Add tags to plays 266c6f1 Rename Undercloud->External deployment 9fa81be Add CephAnsiblePlaybookVerbosity parameter to overcloud-ceph-ansible 2af0769 Clone kubespray to location accessible by the user 2827fa4 Fix rights to local_settings.d for dockerized Horizon fc3c0db Fixing typos in the Bagpipe driver environment file 5429754 Add support for multiple Cinder RBD backends 10b749c Start using nic-configs from THT repo instead of tripleo-ci 38ab147 Enable in-cluster loadbalancing of kubernetes API 5ebbc81 Remove deprecated Telemetry services from roles data 9ae319b Set become:false for undercloud plays d1f3b1f Remove certificate before updating it e0441af Add option for Neutron containers to log to stdout/stderr 0c1ac1d Update ansible before the ansible upgrade tasks 645757c Disable live migration over TLS ef0493f Set bind mount propegatation to shared for /var/lib/nova. 1fc9285 Allow containerized undercloud deploy with SELinux 0d65e38 Fix wrong permission on database during mysql_init tasks. 48aa4ff Add condition to os-net-config run during upgrade. 2f7888c Add constraints to service Debug flags 7c2eee2 Tell HAProxy container template that the public cert was autogenerated c795e74 Re-enable containerized fluentd ffcff0f Add validation task in docker services [Mistral] e238b20 Add validation task in docker services [Mixed-3] 07095af Add validation task in docker services [Swift] 2f5a74a Add validation task in docker services [Ovn] 82d9744 Add validation task in docker services [Manila] 133d9a2 Add validation task in docker services [Sahara] 15dde44 Add validation task in docker services [Ironic] 188435c Add validation task in docker services [Nova] 07c154f Add validation task in docker services [Mixed-1] 4f77534 Add validation task in docker services [Gnocchi] 43f241f Add validation task in docker services [Heat] 29be469 Add validation task in docker services [Neutron] 776338d Add validation task in docker services [Ceilometer] 50a67e1 Make KeystoneURL versionless fe8551a Add trunk service plugin to OVN environment files 2089a53 Barbican: Add ability to specify KEK for simple crypto plugin 326147f Add containerized barbican environment 17d3488 Containerize cinder services under pacemaker in CI 72c5c73 Fix cinder-{backup,volume} container with pacemaker 8400aef Migrates storage-environment.yaml to ceph-ansible 42b92ef Speed up deployment by reusing facts a314d1b Allow installing multiple-node Kubernetes 56ce141 Only mount Haproxy TLS if contents are set 3de6bc0 HAProxy: Mount the CA certificate if TLS everywhere is enabled 05b6147 Set ipc=host for services attaching encrypted volumes b99a240 cinder: switch CinderCronDbPurgeUser to 'cinder' 24f859c Fix nova-cpu/collectd hieradata 7c8127c Only mount selinux sysfs in nova_libvirt container 410e062 mysql: Only set certificate specs if TLS everywhere is enabled 3de75cc Keystone: Enable notification topics to be configured 4adb82d Set keystone notification topics if ceilometer is enabled 838c835 Increase the Mistral RPC timeout 41a3194 Set notification_bind on zaqar websocket 71dad1a Increase the size of the Mistral output limit 3df6a42 Fix iptables rules override bug in clustercheck docker service 87735ac Expose role tags via heat RoleTags output 65a8b65 Add NetIpMap to hieradata for *ExtraConfig overrides 543f846 Enable keystone db sync to log to stdout ca1fc58 Force memcached container log to file b4de9e5 Add docker templates to configure Ironic inspector a78166e docker: Run mistral-db-manage populate at step 5 f4e46f4 RHSM: when using proxy, test its connectivity first b248ae1 Upgrade rhel_reg_sat_repo to 6.2 d9f7b01 RHSM: do not use retry to deploy katello-agent b9500bc Allow the configuration of image_member_quota from THT 79fd873 ovn: Remove setting of DockerNeutronApiImage param e04d49e Define PGs for cephfs pools 509209a Configure docker0 bridge address 8523420 Make memcached logs verbosity configurable 5020f38 persist memcached logs in /var/log/containers/memcached/memcached.log 15ad21b Set verbosity by default for memcached 85c8606 Remove log-dir option from neutron-dhcp execution 1e854d6 Add option for nova containers to log to stdout/stderr dcc415e glance logging: Fix description and use yaml anchor 56140c5 Move keystone init log container to files logging template 11e599d Add --detailed-exitcodes when running puppet via ansible e0c89d6 Env files for ODL deployments 96a6145 Enable TLS for ec2api service 65d38fa Fix networking settings for ObjectStorage role 66f85f1 Set metric procssing delay for metricd ce2e8af update nova keymgr parameter for Queens 7204290 Enable horizon plugins by default in docker 739b05f Added a new role definition for SR-IOV Compute role f037da0 Add option for Glance API containers to log to stdout/stderr e5f0113 Add option for keystone containers to log to stdout/stderr c10aa7a Update CephPools format in the docker templates to fit ceph-ansible e158acb Run containerized mistral-api eventlet 4add59c nova-placement: switch auth_uri to keystone versionless endpoint 3fc4da7 Start using ipv6 nic-configs from THT repo instead of tripleo-ci 35d91dd Temporarily disable fluentd from scenario001-multinode-containers b2ae660 update cinder kmgr parameter for Queens 7494476 Don't open unused nova ports in iptables cef3f5b Transform mongodb::server::bind_ip in an array 44c2a34 Switch cinder_catalog_info from v2 to v3 900416d Disable MongoDB in scenario002 97879c3 Enable neutron-lbaasv2 UI in Horizon 49da5a8 Update scenarios doc for Ceph RGW 8e92d7c Do not set cluster in maintenance mode during split stack upgrade 48b1cfd Don't alter default docker configuration during kubernetes install 215515e Generate Kubespray artifacts on undercloud d77327d Kubespray installation via config download mechanism d4477a8 Add validation task in docker services [cinder] b0e72c1 Create short lived ssh key for enable-ssh-admin.sh ad3ea5b Support for Satellite Capsule in rhel-registration 4e85813 Switch scenario004-containers to use ceph-ansible 847c473 Adding multinode-3nodes-registry.yaml 29f32c4 Do not rely on openstack-puppet-modules afba3b1 Default pre_deployments/post_deployments to empty lists b5eeeab Disable xinetd class when creating swift-storage puppet configuration 0c8ba96 Disable SwiftDispersion when using docker 6740f94 Removes manila-generic-config from TripleO 1fd272a Fixes InternalApi Heat network resource 6e7a431 Remove deprecation handling from custom roles 34edcd2 Add advanced features to ironic-inspector templates ecc6ce3 Fix ConfigDebug for puppet host runs c504f83 Add all services to container scenarios 24c7566 Switch RabbitFDLimit to a Puppet integer 80eff5f Add external deployment tasks executed on undercloud 850f90b Add validation to logging templates a0e6d30 Config download support for standalone deployments 8817c54 Revert "Fixes heat resource name for Internal API Network" 0e6c86d Sync deployed-server-roles-data and roles-data 3e90ae3 Remove monitor_interface from ceph-ansible parameters fd657aa Fix /etc/openstack-dashboard/ permissions for access to *policy.json e828e8c Enable Cinder as a backend for Glance 06331a8 Hardcode tag-stable-3.0-jewel-centos-7 in scenario001-containers 7e398bf ci-ovn: Disable Swift services in scenario 007 container job 5c3efe6 Remove Heat Cloudwatch API f301463 Addition of Nuage bridge MTU parameter b27cc34 Make Horizon parameters: vhost_extra_params and customization_module configurable 7059ca1 Add networking-sfc support 7c6e0a4 Remove rsync from xinetd when upgrading to containerized deployment 4014ed4 Correct template names from ocata to pike. 4d21451 Remove Heat Cloudwatch API during upgrade and disable by default 2f33309 Adding Cisco VTS ML2 mechanism driver service template 8aef24d Take all mounted config_volumes into account 40959f1 Explicitly list Apache License as 2.0 7e49ed6 Allow configuration Zaqar with Redis a124dd1 our undercloud default nic should be eth1 536d1c4 Fix standalone ControllerOpenstack vars 962ce36 RabbitMQ should use net_ticktime 833e3ba rabbitmq: set cluster_partition_handling to 'ignore' 7f82dbe Temporarily fallback to BM fluentd a953bda Adds pacemaker update_tasks for Pike minor update workflow 9285cb5 Fixes dynamic networks falling back to ctlplane ce0ef2f Remove package if service stopped and disabled 9b016c9 List all unhealthy containers 2f9ed49 Reintroduce containerized Cinder bee2145 Use sub_nodes_private instead of node_private ba54360 Fixes missing type for heat param TenantNetName 3e8de70 Pin scenario001-multinode-containers to earlier ceph docker container 3a9cfaa Create mysql user for non-ha deployments d31bc3a Add a Skydive composable service 5aab25b Special treatment for os-net-config upgrade. ef1768e Fix some missed hard-coded network references ff0a0dd mysql: expose IPv6 configuration to mysql puppet modules d9f640f Remove External network from Networker role NIC configs 3a932b0 Also match config volumes for /var/lib/config-data/puppet-generated/ 2333188 Fix cold/live migration network config 4853391 added level of indirection causes incorrect hiera config 74641a3 Add a name to the post deployment. 627971b Explicitly set healthcheck command. 4f01c8d ovn: Provide the option to configure the integration bridge 95a7a27 Add Mistral event engine 97244b9 Fixes heat resource name for Internal API Network 6ba04cc Fix logging for docker-puppet 3fd7680 Allow Sensu to connect to RabbitMQ cluster c9b7091 Ensure Debug is a boolean bb24fbf Use "become: true" in deploy steps tasks 17416dc Make CephConfigOverrides append to ceph.conf[global] aae3cc1 Fix stackrc for containerized undercloud 960d7ff Fix permissions for dockerized horizon 31550b4 Stop mapping docker to OS::Heat::None in scenarios 5dbe112 docker: add logging(source & groups) b4d0a81 Add all services to scenario004-containers 320f80d Start sequence at 1 for deploy steps playbook 684267a Disable role host_prep_tasks on controlplane upgrade e10aa59 Make containerized galera use mysql_network everywhere dd0edf4 Add Neutron DHCP Agent Interface Driver configuration option 0b60f60 Updated from global requirements a850d80 Add IronicPxe to the default controller d2d0c3f Bump fs.inotify.max_user_instances for scale 253d9b9 Fixes missing keystone authtoken pw for Tacker 5a400f8 Sync undercloud stackrc w/ instack f4bdf65 Remove pacemaker remote from the Networker role 9a7f62f Remove healthcheck override in docker-puppet. e17ae76 Default Ceph pg_num and pgp_num to 128 5b9fbc2 Fix upgrades that use Management network f543752 Fix issue where 2 Redis VIPs are assigned, but only one used. edc02b3 Fixed resource registry path in neutron-lbaasv2.yaml 9874126 Run roles data validation in CI f37fe4f Containerized Fluentd client 964a5d7 Move neutron api services to ControllerOpenstack 4d40494 Use conditional to set heat-engine workers 96667ed Update panko port in env ssl yaml files to correct one 58e6f65 Set Ceph pgp_num after pg_num 91cd44c Use haproxy-systemd-wrapper as pid1 in containerized Haproxy b0f50db Disable all uses of wsrep-provider in mysql_bootstrap container 9b08df3 Remove extra noop.yaml ports from network-isolation files. f1632fe Make our json output prettier. e471c67 Remove deploy_steps_tasks.yaml from upgrade_steps_playbook 4718534 Create network-isolation-no-tunneling.yaml using jinja2 0913730 Rename service_workflow_tasks into workflow_tasks ab7fd80 Revert "Tag workflows created by the templates" 2e182bf Adds post_upgrade_tasks for any service post-upgrade ansible tasks 452d2c2 Deploy Mistral with Keystone v3 options (authtoken) 27018b4 Add RoleConfig output to major_upgrade_steps.j2.yaml a7a02f0 Tag workflows created by the templates 64d7be1 One time delete pacemaker resources during upgrade to containers e7b51ef Use the make_url function in the endpoint map ed11f8e Providing required priviledges to the mounted NFS volume 397a5cc Case insentitive MAC address matching in OsNetConfigMappings c6d8df0 Enable redis TLS proxy in HA deployments cab8ab1 Change to boolean for boolean type params 1760079 Move the clustercheck service to the DB role e92430d Retry if the pacemaker_resource commands failed 5437086 Add panko config to ceilometer notification agent container 317ca9c Remove VXLAN type driver from OVN environment files d3b3361 Add a docker pull retry to docker-puppet.py 1c9553c Add pep8 check that generated environments are up to date e10dd12 Update custom-domain.yaml environment e3f25df teach yaml-validate.py how to be --quiet 32bc2ab Add CephConfigOverrides to allow arbitrary configs in ceph.conf 17fd16b Support for Ocata-Pike live-migration over ssh d109c1d Add defaults for ceilometer-agent-compute upgrade tasks 94c9c2f Add Neutron SR-IOV agent container d69940d Fix env-generator doc formatting e2558c4 Fixes OpenDaylight updating port status cfd0d18 Disables QoS with OpenDaylight deployments fc44ee6 Enable Ceilometer agent logging for containers 2c0ec1b Change all references of nsx_v3 to nsx. 0be3317 Add yaml validation for upgrade_tasks section. 13d2bdf Use containerized mongodb in scenario002-multinode-containers 6a991f6 OpenStack containerized qdrouterd service 01e55c3 Add CephExternal role for ceph-ansible 071c764 Escape ceph capabilities for manila client 7897d38 Add tags in upgrade_tasks for mongodb services. 1128271 Add tags to baremetal cron removal tasks 81dd080 Mount folders and log file 5a89ea2 Maintain ceph-osd package only on nodes hosting CephOSD service cb81cbe Containerized mongodb, disable by default, fix upgrade 520f889 Enable selinux in containers 9d8e496 Run gnocchi statsd and metrcd at step 5 c9c3d98 docker-puppet.py duplicated import 03622e8 Mount public certificate in haproxy init container f395d9e Use DeployedSSLCertificatePath for public TLS via certmonger 9a450a8 Add param to configure snat mechanism 94c7752 Set mode for ansible written files c70d815 Environment to deploy BGPVPN with Bagpipe in a unique file 3b4e12c Fix NeutronServicePlugins parameter to match ODL L3 feature 3ea0474 Mount vhost_sockets directory for vhost-user socket creation fbdd6d0 Remove tacker from containers scenario001 e2f00ef Allow upgrade tasks to run when looping through steps f004115 Make nova patching parameters configurable in Nuage 02cd34d Switch manila-share to pacemaker version in scenario004/containers 4a4f678 Fix hardcoded references to deprecated *ExtraConfig parameters a18a94e Add Bagpipe driver composable service dd299f0 Remove ipv6 specific network templates d7d5459 Add storage backends env files for containerized deployment d782f68 Fix containerized zaqar-api db_sync fcc3259 Unset default value for the DockerCephDaemonImage c2a93cf TLS proxy for redis fde4ff2 Remove bgp-vpn from scenario004-multinode-containers 5ea728c Add DhcpAgentNotification param to neutron base c19968c Add --wsrep-provider=none to the mysql_bootstrap container fe8ad28 Add a lightweight UC template/role data for deployed-servers 21a6b66 Remove hard-coded image reference 88dd06e Provide DPDK nic configs and add multiqueue config 8008089 Use list_concat in place of yaql f6c9906 Add support for Dell EMC Isilon Manila backend 04daabd Add support for Dell EMC VMAX Manila Backend c771899 Add support for Dell EMC VMAX ISCSI Backend 4782394 Use Python to compute release notes version 7c06db3 Convert enable-internal-tls.yaml to be generated 406b198 Update generated ssl environments 50c975d Add missing Docker service 5b3cd1dc Add support for deploying RGW with ceph-ansible 1b4df60 Rabbitmq: Enable Erlang distribution TLS 4c5b9c5 Remove puppet run and workarounds from tripleo_upgrade_node.sh 4bea8cf Use integers for rabbitmq ports 76f130d container ovs-agent, ensure br-ex exists 0855d4c Telemetry specific config for scenario001 941b5d6 Change ManageEventPipeline to true cab266c Use switch to containers instead of take over playbook for ceph-ansible cba00ab Separate config_volume for ringbuilder 0d8040c Remove src_ceph from manila kolla_config 5b805cb Add clustercheck to service list for scenarios e1b1b56 Configure Zaqar trust notifier 444a39f Support HA for OVN DBs containers using pacemaker bundle b1d7887 Make archive policy configurable d9db0c5 fluentd: log configuration was not generated correctly 949d367 Add DockerPuppetProcessCount defaults to 3 20e1f0e Set docker-puppet --health-cmd = /bin/true d1aaf0a Manually set healthchecks for _cron services dc64a11 Add verbose output to containerized cell_v2 host discovery 287e845 Persist containerized services httpd logs a2ce6d2 Enable ceilometer compute agent 2aa9bbe Expose account/container/object worker count beb5fde Add Swift dispersion profile d057fea Update reno for stable/pike 7380183 manila: set "neutron_admin_auth_url" correctly 8fa6c6e manila: set "host" to "hostgroup" ed976d2 Handle failure of carrier check in configure_safe_defaults() 6d338b8 Containarise Barbican API 3dbd5bf Add panko publisher in the event pipeline e7cd03d Support deploying OVN as container services c620737 Move deprecated SchedulerHints logic to overcloud.j2.yaml a3debcf Add support for Dell EMC VNX Manila Backend c5ee7b7 Add support for Dell EMC Unity Manila Backend 88711c3 NetworkDeploymentActions shall be made role specific 159939c Make swift's endpoint type configurable for gnocchi storage d9fa1f6 Stricter heat template version validation 4b1276b Drop extraconfig for nova-nuage 0c62b6c Stop hardcoding host's config volume path 51da812 Update documentation links in README 2ffc622 Don't hardcode eth1 for undercloud nic config e77bd2c Update the services README with the ServiceData parameter a8d42e5 Drop MANIFEST.in - it's not needed by pbr Diffstat (except docs and test files) ------------------------------------- .gitreview | 1 + MANIFEST.in | 1 - README.rst | 170 +- all-nodes-validation.yaml | 2 +- bootstrap-config.yaml | 2 +- capabilities-map.yaml | 112 +- ci/common/all-nodes-validation-disabled.yaml | 2 +- ci/common/net-config-multinode-os-net-config.yaml | 6 +- ci/common/net-config-multinode.yaml | 6 +- ci/common/net-config-simple-bridge.yaml | 65 + ci/environments/multinode-3nodes-registry.yaml | 23 + ci/environments/multinode-3nodes.yaml | 5 +- ci/environments/multinode-containers.yaml | 43 +- ci/environments/multinode-core.yaml | 6 +- ci/environments/multinode.yaml | 5 +- ci/environments/multinode_major_upgrade.yaml | 3 +- ci/environments/network/multiple-nics-ipv6/README | 23 + .../multiple-nics-ipv6/network-environment.yaml | 25 + .../network-isolation-absolute.yaml | 37 + .../multiple-nics-ipv6/network-isolation.yaml | 36 + .../nic-configs/ceph-storage.yaml | 124 + .../nic-configs/cinder-storage.yaml | 96 + .../multiple-nics-ipv6/nic-configs/compute.yaml | 135 + .../multiple-nics-ipv6/nic-configs/controller.yaml | 156 + .../nic-configs/swift-storage.yaml | 96 + .../network/multiple-nics-ipv6/ui-settings.pickle | 732 ++++ ci/environments/network/multiple-nics/README | 23 + .../network/multiple-nics/network-environment.yaml | 26 + .../multiple-nics/network-isolation-absolute.yaml | 29 + .../network/multiple-nics/network-isolation.yaml | 29 + .../multiple-nics/nic-configs/ceph-storage.yaml | 123 + .../multiple-nics/nic-configs/cinder-storage.yaml | 96 + .../network/multiple-nics/nic-configs/compute.yaml | 140 + .../multiple-nics/nic-configs/controller.yaml | 152 + .../multiple-nics/nic-configs/swift-storage.yaml | 96 + .../network/multiple-nics/ui-settings.pickle | 716 ++++ ci/environments/network/public-bond/README | 23 + .../network/public-bond/network-environment.yaml | 26 + .../public-bond/network-isolation-absolute.yaml | 28 + .../network/public-bond/network-isolation.yaml | 28 + .../public-bond/nic-configs/ceph-storage.yaml | 123 + .../public-bond/nic-configs/cinder-storage.yaml | 96 + .../network/public-bond/nic-configs/compute.yaml | 134 + .../public-bond/nic-configs/controller.yaml | 160 + .../public-bond/nic-configs/swift-storage.yaml | 96 + .../network/public-bond/ui-settings.pickle | 699 ++++ ci/environments/ovb-ha.yaml | 59 + .../scenario001-multinode-containers.yaml | 85 +- ci/environments/scenario001-multinode.yaml | 140 - .../scenario002-multinode-containers.yaml | 71 +- ci/environments/scenario002-multinode.yaml | 89 - .../scenario003-multinode-containers.yaml | 31 +- ci/environments/scenario003-multinode.yaml | 72 - .../scenario004-multinode-containers.yaml | 95 +- ci/environments/scenario004-multinode.yaml | 103 - .../scenario006-multinode-containers.yaml | 3 +- ci/environments/scenario006-multinode.yaml | 59 + .../scenario007-multinode-containers.yaml | 88 + ci/environments/scenario007-multinode.yaml | 76 - ci/environments/scenario009-multinode.yaml | 53 + common/deploy-steps-tasks.yaml | 125 +- common/deploy-steps.j2 | 450 ++- common/major_upgrade_steps.j2.yaml | 83 +- common/post-upgrade.j2.yaml | 2 +- common/services.yaml | 111 +- config-download-software.yaml | 87 + config-download-structured.yaml | 87 + default_passwords.yaml | 2 +- deployed-server/ctlplane-port.yaml | 7 +- deployed-server/deployed-neutron-port.yaml | 2 +- .../deployed-server-bootstrap-centos.sh | 4 +- .../deployed-server-bootstrap-centos.yaml | 2 +- deployed-server/deployed-server-bootstrap-rhel.sh | 4 +- .../deployed-server-bootstrap-rhel.yaml | 2 +- .../deployed-server-environment-output.yaml | 2 +- deployed-server/deployed-server-roles-data.yaml | 264 +- deployed-server/deployed-server.yaml | 20 +- deployed-server/scripts/enable-ssh-admin.sh | 35 +- deployed-server/scripts/get-occ-config.sh | 103 +- .../octavia/octavia-deployment-config.yaml | 155 + environments/barbican-backend-dogtag.yaml | 17 + environments/barbican-backend-kmip.yaml | 15 + environments/barbican-backend-pkcs11.yaml | 16 + environments/barbican-backend-simple-crypto.yaml | 13 + environments/cavium-liquidio.yaml | 25 + .../ceph-ansible/ceph-ansible-external.yaml | 28 + environments/ceph-ansible/ceph-ansible.yaml | 2 + environments/ceph-ansible/ceph-rbdmirror.yaml | 2 + environments/ceph-ansible/ceph-rgw.yaml | 5 + environments/ceph-radosgw.yaml | 5 +- environments/cinder-dellemc-vmax-iscsi-config.yaml | 9 + environments/cinder-dellemc-vnx-config.yaml | 19 + environments/composable-roles/standalone.yaml | 12 +- environments/compute-instanceha.yaml | 9 + environments/compute-real-time-example.yaml | 33 + environments/computealt.yaml | 19 + environments/config-debug.yaml | 1 + environments/config-download-environment.yaml | 8 + .../contrail/contrail-net-storage-mgmt.yaml | 37 - environments/contrail/contrail-net.yaml | 33 - environments/contrail/contrail-services.yaml | 60 - environments/contrail/roles_data_contrail.yaml | 273 -- .../deployed-server-pacemaker-environment.yaml | 4 +- environments/disable-telemetry.yaml | 3 - environments/docker-ha.yaml | 4 +- environments/docker-network.yaml | 4 +- environments/docker-services-tls-everywhere.yaml | 54 - environments/docker-uc-light.yaml | 29 + environments/docker.yaml | 18 +- environments/enable-internal-tls.yaml | 4 + environments/enable-tls.yaml | 3 + environments/fast-forward-upgrade.yaml | 18 + environments/fixed-ip-vips-v6.yaml | 2 +- environments/fixed-ip-vips.yaml | 2 +- environments/hyperconverged-ceph.yaml | 25 +- environments/ips-from-pool-all.yaml | 12 +- environments/ipsec.yaml | 2 + environments/kubernetes.yaml | 4 + environments/logging-environment.yaml | 2 +- environments/login-defs.yaml | 9 + environments/low-memory-usage.yaml | 5 +- .../major-upgrade-composable-steps-docker.yaml | 3 + environments/major-upgrade-composable-steps.yaml | 8 +- environments/major-upgrade-converge-docker.yaml | 2 + environments/major-upgrade-converge.yaml | 1 + .../manila-cephfsganesha-config-docker.yaml | 22 + .../manila-cephfsnative-config-docker.yaml | 22 + environments/manila-cephfsnative-config.yaml | 2 - environments/manila-generic-config.yaml | 24 - environments/manila-isilon-config.yaml | 17 + environments/manila-netapp-config-docker.yaml | 32 + environments/manila-unity-config.yaml | 17 + environments/manila-vmax-config.yaml | 19 + environments/manila-vnx-config.yaml | 18 + .../net-bond-with-vlans-no-external.j2.yaml | 23 + environments/net-bond-with-vlans-no-external.yaml | 22 - environments/net-bond-with-vlans-v6.j2.yaml | 16 + environments/net-bond-with-vlans-v6.yaml | 14 - environments/net-bond-with-vlans.j2.yaml | 12 + environments/net-bond-with-vlans.yaml | 13 - environments/net-dpdkbond-with-vlans.j2.yaml | 19 + environments/net-multiple-nics-v6.j2.yaml | 15 + environments/net-multiple-nics-v6.yaml | 13 - environments/net-multiple-nics.j2.yaml | 12 + environments/net-multiple-nics.yaml | 13 - .../net-single-nic-linux-bridge-with-vlans.j2.yaml | 12 + .../net-single-nic-linux-bridge-with-vlans.yaml | 13 - .../net-single-nic-with-vlans-no-external.j2.yaml | 23 + .../net-single-nic-with-vlans-no-external.yaml | 21 - environments/net-single-nic-with-vlans-v6.j2.yaml | 15 + environments/net-single-nic-with-vlans-v6.yaml | 13 - environments/net-single-nic-with-vlans.j2.yaml | 12 + environments/net-single-nic-with-vlans.yaml | 13 - environments/network-environment-v6.j2.yaml | 64 + environments/network-environment.j2.yaml | 61 + environments/network-environment.yaml | 59 - .../network-isolation-no-tunneling.j2.yaml | 34 + environments/network-isolation-no-tunneling.yaml | 61 - environments/network-isolation-v6.j2.yaml | 16 +- environments/network-isolation.j2.yaml | 8 +- environments/network-management-v6.yaml | 2 +- environments/network-management.yaml | 2 +- environments/networks-disable.j2.yaml | 12 + environments/neutron-bgpvpn-bagpipe.yaml | 26 + environments/neutron-bgpvpn-opendaylight.yaml | 6 +- environments/neutron-bgpvpn.yaml | 4 +- environments/neutron-l2gw-opendaylight.yaml | 2 +- environments/neutron-l2gw.yaml | 2 +- environments/neutron-ml2-cisco-nexus-ucsm.yaml | 7 +- environments/neutron-ml2-cisco-vts.yaml | 29 + environments/neutron-ml2-ovn-dvr-ha.yaml | 27 + environments/neutron-ml2-ovn-dvr.yaml | 26 + environments/neutron-ml2-ovn-ha.yaml | 11 +- environments/neutron-ml2-ovn-hw-offload.yaml | 40 + environments/neutron-ml2-ovn.yaml | 10 +- environments/neutron-nuage-config.yaml | 2 + environments/neutron-opendaylight-dpdk.yaml | 12 +- environments/neutron-opendaylight-hw-offload.yaml | 31 + environments/neutron-opendaylight-sriov.yaml | 8 - environments/neutron-opendaylight.yaml | 1 + environments/neutron-ovs-dpdk-permissions.yaml | 15 + environments/neutron-ovs-dpdk.yaml | 1 + environments/neutron-ovs-hw-offload.yaml | 24 + environments/neutron-sfc-opendaylight.yaml | 18 + environments/neutron-sfc.yaml | 6 + environments/neutron-sriov.yaml | 15 +- environments/noop-deploy-steps.yaml | 6 + environments/nova-nuage-config.yaml | 3 +- environments/openshift.yaml | 16 + .../predictable-placement/custom-domain.yaml | 4 +- environments/public-tls-undercloud.yaml | 7 + environments/puppet-ceph-external.yaml | 1 + environments/rhsm.yaml | 37 + environments/services-docker/barbican.yaml | 4 + environments/services-docker/cinder-backup.yaml | 4 + environments/services-docker/fluentd.yaml | 2 + environments/services-docker/ironic-inspector.yaml | 2 + environments/services-docker/mistral.yaml | 1 + .../neutron-bgpvpn-opendaylight.yaml | 12 + .../services-docker/neutron-l2gw-opendaylight.yaml | 18 + .../services-docker/neutron-ml2-cisco-vts.yaml | 37 + .../services-docker/neutron-opendaylight-dpdk.yaml | 37 + .../neutron-opendaylight-hw-offload.yaml | 31 + .../neutron-opendaylight-sriov.yaml | 22 + .../services-docker/neutron-opendaylight.yaml | 4 +- .../services-docker/neutron-ovn-dvr-ha.yaml | 26 + environments/services-docker/neutron-ovn-dvr.yaml | 26 + environments/services-docker/neutron-ovn-ha.yaml | 33 + .../services-docker/neutron-ovn-hw-offload.yaml | 44 + environments/services-docker/neutron-ovn.yaml | 33 + environments/services-docker/neutron-ovs-dpdk.yaml | 11 + .../services-docker/neutron-ovs-hw-offload.yaml | 24 + environments/services-docker/neutron-sriov.yaml | 12 + environments/services-docker/octavia.yaml | 8 +- .../services-docker/skydive-environment.yaml | 3 + .../services-docker/undercloud-cinder.yaml | 4 + .../services-docker/undercloud-gnocchi.yaml | 1 + .../services-docker/undercloud-haproxy.yaml | 2 + .../services-docker/undercloud-keepalived.yaml | 2 + environments/services/ceilometer-api.yaml | 6 - environments/services/ceilometer-collector.yaml | 3 - environments/services/ceilometer-expirer.yaml | 2 - environments/services/ceph-mds.yaml | 5 +- environments/services/ceph-rbdmirror.yaml | 5 +- .../services/haproxy-public-tls-certmonger.yaml | 3 + environments/services/mistral.yaml | 1 + environments/services/neutron-lbaasv2.yaml | 4 +- environments/services/octavia.yaml | 2 +- environments/services/ptp.yaml | 15 + environments/services/undercloud-haproxy.yaml | 2 + environments/services/undercloud-keepalived.yaml | 2 + environments/ssl/enable-internal-tls.yaml | 36 + environments/ssl/enable-tls.yaml | 1 - environments/ssl/tls-endpoints-public-dns.yaml | 10 +- environments/ssl/tls-endpoints-public-ip.yaml | 10 +- environments/ssl/tls-everywhere-endpoints-dns.yaml | 10 +- environments/stdout-logging.yaml | 17 + environments/storage-environment-external.yaml | 38 + environments/storage-environment.yaml | 18 +- environments/storage/enable-ceph.yaml | 4 +- environments/storage/external-ceph.yaml | 4 +- environments/storage/glance-nfs.yaml | 4 +- environments/tls-endpoints-public-dns.yaml | 4 + environments/tls-endpoints-public-ip.yaml | 4 + environments/tls-everywhere-endpoints-dns.yaml | 4 + environments/undercloud.yaml | 31 + .../all_nodes/contrail/enable_contrail_repo.yaml | 43 - extraconfig/all_nodes/mac_hostname.j2.yaml | 2 +- extraconfig/all_nodes/random_string.j2.yaml | 2 +- extraconfig/all_nodes/swap-partition.j2.yaml | 3 +- extraconfig/all_nodes/swap.j2.yaml | 3 +- .../nova_metadata/krb-service-principals.j2.yaml | 2 +- extraconfig/post_deploy/default.yaml | 2 +- extraconfig/post_deploy/example.yaml | 2 +- extraconfig/post_deploy/example_run_on_update.yaml | 2 +- extraconfig/post_deploy/undercloud_post.sh | 98 +- extraconfig/post_deploy/undercloud_post.yaml | 38 +- .../environment-rhel-registration.yaml | 2 +- .../rhel-registration/rhel-registration.yaml | 43 +- .../rhel-registration/scripts/rhel-registration | 55 +- extraconfig/pre_network/ansible_host_config.yaml | 2 +- extraconfig/pre_network/config_then_reboot.yaml | 2 +- .../pre_network/contrail/compute_pre_network.yaml | 162 - .../contrail/contrail_dpdk_pre_network.yaml | 168 - .../host_config_and_reboot.role.j2.yaml | 129 - .../pre_network/host_config_and_reboot.yaml | 136 +- extraconfig/services/README.rst | 6 + extraconfig/services/ipsec.yaml | 123 + extraconfig/services/kubernetes-master.yaml | 181 + extraconfig/services/kubernetes-worker.yaml | 64 + extraconfig/services/openshift-master.yaml | 204 + extraconfig/services/openshift-worker.yaml | 54 + extraconfig/services/rhsm.yaml | 74 + extraconfig/tasks/pacemaker_common_functions.sh | 62 + extraconfig/tasks/post_puppet_pacemaker.j2.yaml | 2 +- .../tasks/post_puppet_pacemaker_restart.yaml | 2 +- extraconfig/tasks/pre_puppet_pacemaker.yaml | 3 +- extraconfig/tasks/run_puppet.sh | 1 + extraconfig/tasks/ssh/host_public_key.yaml | 2 +- extraconfig/tasks/ssh/known_hosts_config.yaml | 2 +- extraconfig/tasks/tripleo_upgrade_node.sh | 49 +- extraconfig/tasks/yum_update.sh | 12 +- extraconfig/tasks/yum_update.yaml | 2 +- extraconfig/tasks/yum_update_noop.yaml | 2 +- firstboot/conntectx3_streering.yaml | 31 + firstboot/os-net-config-mappings.yaml | 18 +- firstboot/userdata_default.yaml | 2 +- firstboot/userdata_dev_rsync.yaml | 2 +- firstboot/userdata_example.yaml | 2 +- firstboot/userdata_heat_admin.yaml | 2 +- firstboot/userdata_root_password.yaml | 2 +- hosts-config.yaml | 2 +- j2_excludes.yaml | 7 +- net-config-bond.j2.yaml | 55 + net-config-bond.yaml | 74 - net-config-bridge.j2.yaml | 40 + net-config-bridge.yaml | 58 - net-config-linux-bridge.j2.yaml | 59 + net-config-linux-bridge.yaml | 77 - net-config-noop.j2.yaml | 29 + net-config-noop.yaml | 47 - ...config-static-bridge-with-external-dhcp.j2.yaml | 69 + net-config-static-bridge-with-external-dhcp.yaml | 87 - net-config-static-bridge.j2.yaml | 70 + net-config-static-bridge.yaml | 87 - net-config-static.j2.yaml | 64 + net-config-static.yaml | 82 - net-config-undercloud.j2.yaml | 60 + net-config-undercloud.yaml | 77 - network/config/bond-with-vlans/README.md | 16 +- network/config/bond-with-vlans/ceph-storage.yaml | 165 - network/config/bond-with-vlans/cinder-storage.yaml | 172 - .../config/bond-with-vlans/compute-dpdk.j2.yaml | 162 + network/config/bond-with-vlans/compute-dpdk.yaml | 184 - network/config/bond-with-vlans/compute.yaml | 175 - .../bond-with-vlans/controller-no-external.j2.yaml | 147 + .../bond-with-vlans/controller-no-external.yaml | 178 - .../config/bond-with-vlans/controller-v6.j2.yaml | 156 + network/config/bond-with-vlans/controller-v6.yaml | 193 - network/config/bond-with-vlans/controller.yaml | 188 - network/config/bond-with-vlans/networker.yaml | 174 - network/config/bond-with-vlans/role.role.j2.yaml | 179 + network/config/bond-with-vlans/swift-storage.yaml | 172 - .../contrail/contrail-nic-config-compute.yaml | 167 - network/config/contrail/contrail-nic-config.yaml | 164 - network/config/multiple-nics/README.md | 14 +- network/config/multiple-nics/ceph-storage.yaml | 140 - network/config/multiple-nics/cinder-storage.yaml | 146 - network/config/multiple-nics/compute-dvr.j2.yaml | 132 + network/config/multiple-nics/compute-dvr.yaml | 162 - network/config/multiple-nics/compute.yaml | 154 - network/config/multiple-nics/controller-v6.j2.yaml | 145 + network/config/multiple-nics/controller-v6.yaml | 176 - network/config/multiple-nics/controller.yaml | 171 - network/config/multiple-nics/networker.yaml | 159 - network/config/multiple-nics/role.role.j2.yaml | 152 + network/config/multiple-nics/swift-storage.yaml | 146 - .../ceph-storage.yaml | 147 - .../cinder-storage.yaml | 154 - .../single-nic-linux-bridge-vlans/compute.yaml | 157 - .../controller-v6.j2.yaml | 142 + .../controller-v6.yaml | 173 - .../single-nic-linux-bridge-vlans/controller.yaml | 172 - .../single-nic-linux-bridge-vlans/networker.yaml | 160 - .../role.role.j2.yaml | 104 + .../swift-storage.yaml | 154 - network/config/single-nic-vlans/README.md | 15 +- network/config/single-nic-vlans/ceph-storage.yaml | 132 - .../config/single-nic-vlans/cinder-storage.yaml | 142 - network/config/single-nic-vlans/compute.yaml | 148 - .../controller-no-external.j2.yaml | 100 + .../single-nic-vlans/controller-no-external.yaml | 156 - .../config/single-nic-vlans/controller-v6.j2.yaml | 136 + network/config/single-nic-vlans/controller-v6.yaml | 167 - network/config/single-nic-vlans/controller.yaml | 164 - network/config/single-nic-vlans/networker.yaml | 152 - network/config/single-nic-vlans/role.role.j2.yaml | 103 + network/config/single-nic-vlans/swift-storage.yaml | 142 - network/endpoints/build_endpoint_map.py | 26 +- network/endpoints/endpoint_data.yaml | 24 +- network/endpoints/endpoint_map.yaml | 3879 +++++++++++--------- network/external_v6.yaml | 76 - network/internal_api_v6.yaml | 72 - network/management_v6.yaml | 71 - network/network.j2 | 105 + network/network.network.j2.yaml | 92 +- network/network_v6.network.j2.yaml | 2 + network/networks.j2.yaml | 2 +- network/ports/ctlplane_vip.yaml | 18 +- network/ports/from_service.yaml | 6 +- network/ports/from_service_v6.yaml | 2 +- network/ports/net_ip_list_map.j2.yaml | 26 +- network/ports/net_ip_map.j2.yaml | 2 +- network/ports/net_vip_map_external.j2.yaml | 2 +- network/ports/net_vip_map_external_v6.j2.yaml | 2 +- network/ports/noop.yaml | 6 +- network/ports/port.j2 | 26 +- network/ports/port_from_pool.j2 | 12 +- network/ports/vip.yaml | 26 +- network/ports/vip_v6.yaml | 26 +- network/scripts/run-os-net-config.sh | 9 +- network/service_net_map.j2.yaml | 51 +- network/storage_mgmt_v6.yaml | 72 - network/storage_v6.yaml | 72 - network/tenant_v6.yaml | 72 - network_data.yaml | 90 +- network_data_ganesha.yaml | 115 + overcloud-resource-registry-puppet.j2.yaml | 73 +- overcloud.j2.yaml | 190 +- plan-samples/plan-environment-derived-params.yaml | 4 +- puppet/all-nodes-config.j2.yaml | 215 ++ puppet/all-nodes-config.yaml | 236 -- puppet/config.role.j2.yaml | 59 - puppet/deploy-artifacts.yaml | 2 +- .../all_nodes/neutron-midonet-all-nodes.yaml | 4 +- .../all_nodes/neutron-ml2-cisco-nexus-ucsm.j2.yaml | 67 +- .../pre_deploy/compute/neutron-ml2-bigswitch.yaml | 23 +- .../extraconfig/pre_deploy/compute/nova-nuage.yaml | 92 - .../pre_deploy/controller/multiple.yaml | 2 +- .../controller/neutron-ml2-bigswitch.yaml | 21 +- .../controller/neutron-ml2-cisco-n1kv.yaml | 2 +- puppet/extraconfig/pre_deploy/default.yaml | 2 +- puppet/extraconfig/pre_deploy/per_node.yaml | 4 +- puppet/extraconfig/tls/ca-inject.yaml | 2 +- puppet/extraconfig/tls/freeipa-enroll.yaml | 2 +- puppet/extraconfig/tls/tls-cert-inject.yaml | 7 +- puppet/manifests/overcloud_common.pp | 29 + puppet/manifests/overcloud_role.pp | 30 - puppet/role.role.j2.yaml | 149 +- puppet/services/README.rst | 48 +- puppet/services/aide.yaml | 96 + puppet/services/aodh-api.yaml | 17 +- puppet/services/aodh-base.yaml | 8 +- puppet/services/aodh-evaluator.yaml | 13 +- puppet/services/aodh-listener.yaml | 13 +- puppet/services/aodh-notifier.yaml | 13 +- puppet/services/apache.j2.yaml | 141 + puppet/services/apache.yaml | 139 - puppet/services/auditd.yaml | 13 +- puppet/services/barbican-api.yaml | 61 +- puppet/services/barbican-backend-dogtag.yaml | 65 + puppet/services/barbican-backend-kmip.yaml | 62 + .../services/barbican-backend-pkcs11-crypto.yaml | 70 + .../services/barbican-backend-simple-crypto.yaml | 50 + puppet/services/ca-certs.yaml | 2 +- puppet/services/ceilometer-agent-central.yaml | 25 +- puppet/services/ceilometer-agent-compute.yaml | 13 +- puppet/services/ceilometer-agent-ipmi.yaml | 27 +- puppet/services/ceilometer-agent-notification.yaml | 25 +- puppet/services/ceilometer-api.yaml | 129 - puppet/services/ceilometer-base.yaml | 36 +- puppet/services/ceilometer-collector.yaml | 146 - puppet/services/ceilometer-expirer.yaml | 59 - puppet/services/ceph-base.yaml | 42 +- puppet/services/ceph-client.yaml | 2 +- puppet/services/ceph-external.yaml | 2 +- puppet/services/ceph-mds.yaml | 2 +- puppet/services/ceph-mon.yaml | 92 +- puppet/services/ceph-osd.yaml | 119 +- puppet/services/ceph-rgw.yaml | 15 +- puppet/services/certmonger-user.yaml | 24 +- puppet/services/cinder-api.yaml | 67 +- puppet/services/cinder-backend-dellemc-unity.yaml | 2 +- .../cinder-backend-dellemc-vmax-iscsi.yaml | 65 + puppet/services/cinder-backend-dellemc-vnx.yaml | 106 + puppet/services/cinder-backend-dellps.yaml | 2 +- puppet/services/cinder-backend-dellsc.yaml | 2 +- puppet/services/cinder-backend-netapp.yaml | 2 +- puppet/services/cinder-backend-pure.yaml | 2 +- puppet/services/cinder-backend-scaleio.yaml | 2 +- .../cinder-backend-veritas-hyperscale.yaml | 2 +- puppet/services/cinder-backup.yaml | 17 +- puppet/services/cinder-base.yaml | 10 +- puppet/services/cinder-hpelefthand-iscsi.yaml | 2 +- puppet/services/cinder-scheduler.yaml | 22 +- puppet/services/cinder-volume.yaml | 46 +- puppet/services/congress.yaml | 26 +- puppet/services/database/mongodb-base.yaml | 2 +- puppet/services/database/mongodb.yaml | 29 +- puppet/services/database/mysql-client.yaml | 2 +- puppet/services/database/mysql.yaml | 62 +- puppet/services/database/redis-base.yaml | 34 +- puppet/services/database/redis.yaml | 61 +- .../services/disabled/ceilometer-api-disabled.yaml | 8 +- .../disabled/ceilometer-collector-disabled.yaml | 6 +- .../disabled/ceilometer-expirer-disabled.yaml | 9 +- .../disabled/glance-registry-disabled.yaml | 4 +- .../disabled/heat-api-cloudwatch-disabled.yaml | 49 + puppet/services/disabled/mongodb-disabled.yaml | 10 +- puppet/services/docker-registry.yaml | 54 + puppet/services/docker.yaml | 100 +- puppet/services/ec2-api.yaml | 89 +- puppet/services/etcd.yaml | 13 +- puppet/services/external-swift-proxy.yaml | 2 +- puppet/services/glance-api.yaml | 60 +- puppet/services/gnocchi-api.yaml | 46 +- puppet/services/gnocchi-base.yaml | 65 +- puppet/services/gnocchi-metricd.yaml | 18 +- puppet/services/gnocchi-statsd.yaml | 13 +- .../haproxy-internal-tls-certmonger.j2.yaml | 100 + .../services/haproxy-internal-tls-certmonger.yaml | 99 - puppet/services/haproxy-public-tls-certmonger.yaml | 19 +- puppet/services/haproxy.yaml | 35 +- puppet/services/heat-api-cfn.yaml | 28 +- puppet/services/heat-api-cloudwatch.yaml | 141 - puppet/services/heat-api.yaml | 28 +- puppet/services/heat-base.yaml | 15 +- puppet/services/heat-engine.yaml | 31 +- puppet/services/horizon.yaml | 39 +- puppet/services/ironic-api.yaml | 6 +- puppet/services/ironic-base.yaml | 56 +- puppet/services/ironic-conductor.yaml | 60 +- puppet/services/ironic-inspector.yaml | 43 +- puppet/services/iscsid.yaml | 2 +- puppet/services/keepalived.yaml | 6 +- puppet/services/kernel.yaml | 170 +- puppet/services/keystone.yaml | 160 +- puppet/services/liquidio-compute-config.yaml | 78 + puppet/services/logging/fluentd-base.yaml | 49 - puppet/services/logging/fluentd-client.yaml | 99 - puppet/services/logging/fluentd-config.yaml | 2 +- puppet/services/logging/fluentd.yaml | 103 + puppet/services/login-defs.yaml | 66 + puppet/services/manila-api.yaml | 2 +- puppet/services/manila-backend-cephfs.yaml | 56 +- puppet/services/manila-backend-generic.yaml | 101 - puppet/services/manila-backend-isilon.yaml | 72 + puppet/services/manila-backend-netapp.yaml | 2 +- puppet/services/manila-backend-unity.yaml | 74 + puppet/services/manila-backend-vmax.yaml | 74 + puppet/services/manila-backend-vnx.yaml | 75 + puppet/services/manila-base.yaml | 16 +- puppet/services/manila-scheduler.yaml | 4 +- puppet/services/manila-share.yaml | 2 +- puppet/services/memcached.yaml | 27 +- puppet/services/metrics/collectd.yaml | 216 +- puppet/services/mistral-api.yaml | 20 +- puppet/services/mistral-base.yaml | 19 +- puppet/services/mistral-engine.yaml | 24 +- puppet/services/mistral-event-engine.yaml | 75 + puppet/services/mistral-executor.yaml | 15 +- puppet/services/monitoring/sensu-base.yaml | 47 +- puppet/services/monitoring/sensu-client.yaml | 18 +- .../network/contrail-analytics-database.yaml | 58 - puppet/services/network/contrail-analytics.yaml | 85 - puppet/services/network/contrail-base.yaml | 151 - puppet/services/network/contrail-config.yaml | 75 - puppet/services/network/contrail-control.yaml | 73 - puppet/services/network/contrail-database.yaml | 58 - puppet/services/network/contrail-dpdk.yaml | 82 - puppet/services/network/contrail-heat.yaml | 55 - .../services/network/contrail-neutron-plugin.yaml | 60 - puppet/services/network/contrail-tsn.yaml | 80 - puppet/services/network/contrail-vrouter.yaml | 85 - puppet/services/network/contrail-webui.yaml | 68 - puppet/services/neutron-api.yaml | 33 +- puppet/services/neutron-base.yaml | 42 +- puppet/services/neutron-bgpvpn-api.yaml | 2 +- puppet/services/neutron-bgpvpn-bagpipe.yaml | 71 + puppet/services/neutron-bigswitch-agent.yaml | 2 +- .../services/neutron-compute-plugin-midonet.yaml | 2 +- puppet/services/neutron-compute-plugin-nuage.yaml | 50 +- .../services/neutron-compute-plugin-plumgrid.yaml | 2 +- puppet/services/neutron-dhcp.yaml | 62 +- puppet/services/neutron-l2gw-agent.yaml | 38 +- puppet/services/neutron-l2gw-api.yaml | 2 +- puppet/services/neutron-l3-compute-dvr.yaml | 15 +- puppet/services/neutron-l3.yaml | 43 +- puppet/services/neutron-lbaas.yaml | 10 +- puppet/services/neutron-linuxbridge-agent.yaml | 2 +- puppet/services/neutron-metadata.yaml | 39 +- puppet/services/neutron-midonet.yaml | 2 +- puppet/services/neutron-ovs-agent.yaml | 73 +- puppet/services/neutron-ovs-dpdk-agent.yaml | 31 +- puppet/services/neutron-plugin-ml2-cisco-vts.yaml | 87 + .../services/neutron-plugin-ml2-fujitsu-cfab.yaml | 2 +- .../services/neutron-plugin-ml2-fujitsu-fossw.yaml | 2 +- puppet/services/neutron-plugin-ml2-nuage.yaml | 14 +- puppet/services/neutron-plugin-ml2-odl.yaml | 15 +- puppet/services/neutron-plugin-ml2-ovn.yaml | 12 +- puppet/services/neutron-plugin-ml2.yaml | 4 +- puppet/services/neutron-plugin-nsx.yaml | 22 +- puppet/services/neutron-plugin-nuage.yaml | 2 +- puppet/services/neutron-plugin-plumgrid.yaml | 2 +- puppet/services/neutron-sfc-api.yaml | 51 + puppet/services/neutron-sriov-agent.yaml | 34 +- puppet/services/neutron-sriov-host-config.yaml | 80 + puppet/services/neutron-vpp-agent.yaml | 2 +- puppet/services/nova-api.yaml | 191 +- puppet/services/nova-base.yaml | 14 +- puppet/services/nova-compute.yaml | 53 +- puppet/services/nova-conductor.yaml | 25 +- puppet/services/nova-consoleauth.yaml | 13 +- puppet/services/nova-ironic.yaml | 4 +- puppet/services/nova-libvirt.yaml | 114 +- puppet/services/nova-metadata.yaml | 2 +- puppet/services/nova-migration-target.yaml | 23 +- puppet/services/nova-placement.yaml | 16 +- puppet/services/nova-scheduler.yaml | 22 +- puppet/services/nova-vnc-proxy.yaml | 110 +- puppet/services/octavia-api.yaml | 12 +- puppet/services/octavia-base.yaml | 84 +- puppet/services/octavia-health-manager.yaml | 11 +- puppet/services/octavia-housekeeping.yaml | 11 +- puppet/services/octavia-worker.yaml | 50 +- puppet/services/opendaylight-api.yaml | 137 +- puppet/services/opendaylight-ovs.yaml | 154 +- puppet/services/openvswitch.yaml | 26 +- puppet/services/ovn-controller.yaml | 78 +- puppet/services/ovn-dbs.yaml | 13 +- puppet/services/ovn-metadata.yaml | 126 + puppet/services/pacemaker.yaml | 49 +- puppet/services/pacemaker/ceph-rbdmirror.yaml | 2 +- puppet/services/pacemaker/cinder-backup.yaml | 2 +- puppet/services/pacemaker/cinder-volume.yaml | 26 +- puppet/services/pacemaker/compute-instanceha.yaml | 48 + puppet/services/pacemaker/database/mysql.yaml | 4 +- puppet/services/pacemaker/database/redis.yaml | 35 +- puppet/services/pacemaker/haproxy.yaml | 2 +- puppet/services/pacemaker/manila-share.yaml | 5 +- puppet/services/pacemaker/ovn-dbs.yaml | 2 +- puppet/services/pacemaker/rabbitmq.yaml | 2 +- puppet/services/pacemaker_remote.yaml | 11 +- puppet/services/panko-api.yaml | 55 +- puppet/services/panko-base.yaml | 45 +- puppet/services/qdr.yaml | 2 +- puppet/services/rabbitmq.yaml | 24 +- puppet/services/sahara-api.yaml | 13 +- puppet/services/sahara-base.yaml | 8 +- puppet/services/sahara-engine.yaml | 13 +- puppet/services/securetty.yaml | 2 +- puppet/services/snmp.yaml | 23 +- puppet/services/sshd.yaml | 3 +- puppet/services/swift-base.yaml | 2 +- puppet/services/swift-dispersion.yaml | 50 + puppet/services/swift-proxy.yaml | 40 +- puppet/services/swift-ringbuilder.yaml | 2 +- puppet/services/swift-storage.yaml | 28 +- puppet/services/tacker.yaml | 25 +- puppet/services/time/ntp.yaml | 31 +- puppet/services/time/ptp.yaml | 106 + puppet/services/time/timezone.yaml | 2 +- puppet/services/tripleo-firewall.yaml | 4 +- puppet/services/tripleo-packages.yaml | 71 +- puppet/services/tuned.yaml | 4 +- puppet/services/veritas-hyperscale-controller.yaml | 2 +- puppet/services/vpp.yaml | 13 +- puppet/services/zaqar-api.yaml | 97 +- puppet/upgrade_config.yaml | 2 +- ...ndpoint-type-configurable-718be8645b7ab3a0.yaml | 5 + .../notes/ODL_log_mechanism-99f008362d2392de.yaml | 4 + .../notes/add-bgpvpn-support-f60c5a9cee0bb393.yaml | 1 + .../notes/add-cisco_vts_ml2-fa96d8edb117c416.yaml | 6 + ...efault-for-host-parameter-02e3d48de1f69765.yaml | 9 + .../add-mistral-event-engine-3a33700c20c88e86.yaml | 4 + .../add-mistral-to-roles-52525fe9689e60b1.yaml | 4 + .../notes/add-networking-sfc-72cd16bb34075150.yaml | 4 + ...ctavia-cert-key-variables-48133267832ee196.yaml | 4 + ...nused-packages-on-upgrade-5a469428a6948148.yaml | 12 + .../notes/add-panko-expirer-bac4243971fc23e5.yaml | 4 + .../notes/add-s3-driver-da8a31a3c646892e.yaml | 4 + ...ervice-auth-configuration-cb6537998a37f785.yaml | 4 + ...rt-manila-cephnfs-backend-fb35ecc995705256.yaml | 7 + ...orking-ovn-metadata-agent-3bfecfbabd6d9628.yaml | 8 + .../add_cisco_vts_ml2_docker-0d7cfafe4647074d.yaml | 5 + .../adds-post_upgrade_tasks-eba0656012c861a1.yaml | 12 + releasenotes/notes/aide-50fc91178430f1a5.yaml | 12 + ...figure-image-member-quota-59e228bc62ec7792.yaml | 6 + .../notes/bug-1741452-6f73b550d94b8f6f.yaml | 5 + .../notes/bug-1741464-78403f89e9dc5d75.yaml | 6 + ...er-keystone-notifications-f1e463d0ec939b22.yaml | 5 + ...ansible-blacklist-support-164b5726cc4532b7.yaml | 5 + ...h-pools-with-ceph-ansible-f82425e585f90ef6.yaml | 17 + ...migration_to_ceph_ansible-fd1a8cb659ac2401.yaml | 9 + ...e_default_docker0_address-6a017b7078825996.yaml | 7 + .../composable-network-vips-4d7b28fa3769d38b.yaml | 4 + .../configure-ip-forward-268c165708cbd203.yaml | 5 + ...ring-snat-in-opendaylight-d5ed4d62275e1876.yaml | 5 + .../containarise-barbican-1253606411d497ff.yaml | 4 + .../containerized-ceph-role-1e02fd11551e92ac.yaml | 17 + ...ntainerized-services-logs-0dc652513870f46d.yaml | 11 + ...ontainers-selinux-context-13b720cc1d5ec6f2.yaml | 16 + .../notes/deploy_steps_tasks-bb2279bcda7cd04c.yaml | 5 + ...recate-ceilometer-workers-72b01f4bc6423f48.yaml | 3 + ...sable-heat-api-cloudwatch-d5a471da22472bde.yaml | 15 + ...cker-puppet-config-volume-5ad50b90dc24672b.yaml | 10 + ...-generic-driver-templates-b33e8966c263a1fd.yaml | 7 + ...op-redundant-metric-param-ddea256079fbbbe0.yaml | 6 + .../notes/enable-ntp-iburst-efbc24a43a72daae.yaml | 7 + ...octavia-flavor-by-default-d356fbb265508f76.yaml | 7 + .../ensure-debug-is-boolean-aecc8fbb6c8fd368.yaml | 6 + ...xternal_post_deploy_tasks-1b6423b73ae083cc.yaml | 6 + ...stone-notification-topics-8be1d37afd90b910.yaml | 9 + ...ast-forward-upgrade-tasks-a8b5d64831a71e24.yaml | 8 + ...api-network-resource-name-41bbf4258a0174eb.yaml | 5 + ...-dynamic-network-disabled-9f700a9e900221b6.yaml | 5 + ...x-missing-tacker-password-c2ce555cdd52c102.yaml | 4 + .../fix-neutron-dhcp-tls-d62383530419f0bd.yaml | 6 + ...ix-neutron_admin_auth_url-c88224251d8eb807.yaml | 4 + .../fix-odl-gui-feature-6525b8c6807fb784.yaml | 5 + .../notes/fix-odl-tls-docker-67b8453a6be7fa58.yaml | 4 + ...ix-odl-websocket-firewall-9e2f78ebaa39313f.yaml | 6 + ...ix-public-cert-generation-41c75be0b07a48fe.yaml | 5 + .../fix-tenant-net-name-type-94a9c50c86529001.yaml | 5 + .../horizon_keystone_member-838d4b65cc0b0d11.yaml | 5 + .../notes/instance-ha-18e59ab0e9697ef3.yaml | 6 + .../notes/integrate-skydive-900756d8870b3876.yaml | 5 + releasenotes/notes/ipsec-8e24afb777de48e3.yaml | 11 + .../notes/ipv6_defaults-7dbb62113f4e5084.yaml | 10 + .../notes/isilon_manila_e9677898724a11e7.yaml | 4 + .../notes/kernel-extra-aa48704056be72cd.yaml | 6 + .../notes/kernel_sysctl_role-d4f6a50d08b7a388.yaml | 7 + .../notes/keystone_authtoken-655da476bbf82e1c.yaml | 3 + .../notes/libvirtd-tls-6de6fb35e0ac0ab1.yaml | 6 + .../memcached-verbose-logs-84ca938d76c16429.yaml | 6 + .../notes/mistral_container-23c4432aad469f30.yaml | 6 + ...ltiple-cinder-rbd-backend-9b015f99887e9241.yaml | 9 + .../notes/nfv-rt-roles-9ceac2b10d565971.yaml | 3 + .../notes/ntp-poll-options-3019fe517e012300.yaml | 10 + .../notes/odl-enable-tls-377fbbfff6f67230.yaml | 10 + .../notes/odl-ovs-hw-offload-54b662c633e9eda8.yaml | 5 + releasenotes/notes/odl-qos-48b70c804755e3a5.yaml | 4 + .../notes/odl_endpoint-74b00c6ed38e9a98.yaml | 7 + .../notes/odl_upgrade-f5540d242b9a6b52.yaml | 16 + .../ovn-container-support-3ab333fff6e90dc4.yaml | 5 + .../notes/ovs-hw-offload-a6bf0fa9c39a8204.yaml | 6 + .../notes/pacemaker-rabbitmq-b1b5fc2b47cb84e4.yaml | 8 + releasenotes/notes/ptp-a1bf70fbfddd1830.yaml | 7 + .../rabbit-ignore-partitions-0a0ae8c636c256ea.yaml | 6 + .../rabbit-net_ticktime-519f904e52218c2d.yaml | 8 + ...cated-ceilometer-services-edc0c260d7009414.yaml | 6 + ...emove-heat-api-cloudwatch-577417e2b2db3b15.yaml | 5 + ...lugin-from-neutron-config-b923cca547d9dd52.yaml | 4 + .../remove-unused-nova-ports-a9f4d9b0ac3e21c9.yaml | 4 + ...lometer-disable-templates-82ed8b7d33fc3bda.yaml | 6 + .../notes/rhsm-service-fbec46930264b355.yaml | 5 + .../notes/rhsm_proxy_verify-548f104c97cf5f90.yaml | 5 + releasenotes/notes/sat-tools-0d0f0c53de9d34a5.yaml | 5 + .../notes/sat_capsule-bb59fad44c17f97f.yaml | 7 + .../security-compliance-f4f7ae077b148af1.yaml | 10 + .../service_workflow_tasks-4da5830821b7154b.yaml | 8 - .../notes/snmp_firewall-ab17f60ba1ec71d2.yaml | 7 + .../sriov-agent-extentions-08e1d9fb89c2efbf.yaml | 4 + .../notes/sriov-role-1ef30615048239c7.yaml | 14 + ...t-sequence-1-deploy-steps-59043a5ea87a83f8.yaml | 4 + ...t-create-d1-containerized-8eda040d9088be7d.yaml | 7 + .../swift-create-local-dir-7671f7967620e261.yaml | 6 + .../swift-mount-var-cache-7e95199532b542c4.yaml | 7 + ...ift-proxy-use-hash-suffix-a0641435337a4b05.yaml | 7 + .../telemetry-role-services-7dba4996aff89027.yaml | 5 + .../notes/unity_manila_1967789872aa11e7.yaml | 3 + ...-heat-templates-to-queens-dec638e7b34bed09.yaml | 4 + ...ate-manage-event-pipeline-0a21e9ca92cbff4f.yaml | 6 + ...asks_remove_tags_add_when-99f18cdb3cf58f64.yaml | 9 + ...-in-deploy-steps-playbook-01decb18d895879f.yaml | 6 + ...rict-host-key-checking-no-766c6d9814243de3.yaml | 7 + .../notes/vmax_cinder_a6672898724a11e7.yaml | 4 + .../notes/vmax_manila_2967789872aa11e8.yaml | 4 + releasenotes/notes/vnc_tls-b3707d0134697cc7.yaml | 8 + .../notes/vnx_cinder_b5572898724a11e7.yaml | 4 + .../notes/vnx_manila_2967789872aa11e7.yaml | 4 + .../notes/workflow_tasks-4da5830821b7154b.yaml | 8 + releasenotes/source/conf.py | 4 +- releasenotes/source/index.rst | 1 + releasenotes/source/pike.rst | 6 + requirements.txt | 2 +- roles/BlockStorage.yaml | 10 +- roles/CephAll.yaml | 42 + roles/CephFile.yaml | 38 + roles/CephObject.yaml | 38 + roles/CephStorage.yaml | 10 +- roles/Compute.yaml | 13 +- roles/ComputeAlt.yaml | 50 + roles/ComputeHCI.yaml | 12 +- roles/ComputeInstanceHA.yaml | 59 + roles/ComputeLiquidio.yaml | 59 + roles/ComputeOvsDpdk.yaml | 14 +- roles/ComputeOvsDpdkRT.yaml | 55 + roles/ComputeRealTime.yaml | 65 + roles/ComputeSriov.yaml | 57 + roles/ComputeSriovRT.yaml | 60 + roles/Controller.yaml | 41 +- roles/ControllerAllNovaStandalone.yaml | 123 + roles/ControllerNoCeph.yaml | 162 + roles/ControllerNovaStandalone.yaml | 145 + roles/ControllerOpenstack.yaml | 40 +- roles/ControllerStorageNfs.yaml | 158 + roles/Database.yaml | 9 +- roles/HciCephAll.yaml | 63 + roles/HciCephFile.yaml | 59 + roles/HciCephMon.yaml | 60 + roles/HciCephObject.yaml | 59 + roles/IronicConductor.yaml | 8 +- roles/Messaging.yaml | 7 +- roles/Networker.yaml | 18 +- roles/Novacontrol.yaml | 42 + roles/ObjectStorage.yaml | 9 +- roles/README.rst | 17 +- roles/Telemetry.yaml | 26 +- roles/Undercloud.yaml | 17 +- roles/UndercloudLight.yaml | 37 + roles_data.yaml | 83 +- roles_data_undercloud.yaml | 17 +- sample-env-generator/README.rst | 2 + sample-env-generator/composable-roles.yaml | 25 +- sample-env-generator/ssl.yaml | 163 +- test-requirements.txt | 19 +- tools/check-up-to-date.sh | 27 + tools/process-templates.py | 102 +- tools/tox_install.sh | 30 - tools/yaml-validate.py | 384 +- tox.ini | 14 +- tripleo_heat_templates/environment_generator.py | 133 +- validation-scripts/all-nodes.sh | 2 +- zuul.d/layout.yaml | 151 + 945 files changed, 33870 insertions(+), 17564 deletions(-) Requirements updates -------------------- diff --git a/requirements.txt b/requirements.txt index d4e343e..ff25bfe 100644 --- a/requirements.txt +++ b/requirements.txt @@ -6 +6 @@ Jinja2!=2.9.0,!=2.9.1,!=2.9.2,!=2.9.3,!=2.9.4,>=2.8 # BSD License (3 clause) -six>=1.9.0 # MIT +six>=1.10.0 # MIT diff --git a/test-requirements.txt b/test-requirements.txt index 1b60459..bfca8ca 100644 --- a/test-requirements.txt +++ b/test-requirements.txt @@ -4,2 +4,2 @@ -openstackdocstheme>=1.11.0 # Apache-2.0 -PyYAML>=3.10.0 # MIT +openstackdocstheme>=1.18.1 # Apache-2.0 +PyYAML>=3.10 # MIT @@ -7,3 +7,3 @@ Jinja2!=2.9.0,!=2.9.1,!=2.9.2,!=2.9.3,!=2.9.4,>=2.8 # BSD License (3 clause) -six>=1.9.0 # MIT -sphinx>=1.6.2 # BSD -reno!=2.3.1,>=1.8.0 # Apache-2.0 +six>=1.10.0 # MIT +sphinx!=1.6.6,>=1.6.2 # BSD +reno>=2.5.0 # Apache-2.0 @@ -12 +12 @@ fixtures>=3.0.0 # Apache-2.0/BSD -python-subunit>=0.0.18 # Apache-2.0/BSD +python-subunit>=1.0.0 # Apache-2.0/BSD @@ -15,3 +15,4 @@ testscenarios>=0.4 # Apache-2.0/BSD -testtools>=1.4.0 # MIT -mock>=2.0 # BSD -oslotest>=1.10.0 # Apache-2.0 +testtools>=2.2.0 # MIT +mock>=2.0.0 # BSD +oslotest>=3.2.0 # Apache-2.0 +yaql>=1.1.3 # Apache 2.0 License