tripleo-heat-templates 9.0.0 (rocky)
We are gleeful to announce the release of: tripleo-heat-templates 9.0.0: Heat templates for deploying OpenStack with OpenStack. This release is part of the rocky release series. The source is available from: http://git.openstack.org/cgit/openstack/tripleo-heat-templates Download the package from: https://tarballs.openstack.org/tripleo-heat-templates/ Please report issues through launchpad: https://bugs.launchpad.net/tripleo For more details, please see below. 9.0.0 ^^^^^ Bug Fixes * The baremetal API version is no longer hardcoded in "stackrc". This allows easy access to new features in *ironicclient* as they are introduced. If you need to use a fixed API version, set the "OS_BAREMETAL_API_VERSION" environment variable. Changes in tripleo-heat-templates 8.0.0.0rc1..9.0.0 --------------------------------------------------- cbdb235 Fix typo in ansible's module name. 82a2e33 Disable sync_power_state_interval in containerized undercloud f2680ce Run online data migrations 49916c0 Do not enable Ram/Disk Filter with filter_scheduler ec4eee4 undercloud: deploy kernel composable service abfe4ba Allow performing Ceph update/upgrade separately 2aa664e Make redeploy idempotent 9bfacf2 Always lowercase role name cec7627 Remove unused config file when start ovs agent ddeffdb import zuul job settings from project-config 128347f Stop hardcoding baremetal API version in stackrc 687aae2 Ceph update and upgrade in config-download era 41bde52 Always enable image prepare service for docker clouds 112f72d Update UPPER_CONSTRAINTS_FILE for stable/rocky 81828f7 Update .gitreview for stable/rocky 1bdefbe IHA Default the compute endpoint check script to internal 644b45f Fix standalone home dir variable a4bb5ab Fix bind-mount to manila's bootstrap container 7a70aec Group fast_forward_upgrade_tasks tasks into blocks 84f395f remove scen000 update job from gate as it's non-voting e977fcd Only configure rsyslog when present d8281c4 Fix rsyslog restart for swift aeb559e remove scen007 from gate jobs c41c427 Redis: Mount certificates on TLS proxy 4e1d12b Fix typo in network_data files 0cfe447 Clarify ironic classic driver removal reno 444fc04 Add role parameter for rx/tx virtio-net queue size d2da6c8 Add a FreeIPAExtraArgs param to ci/scripts/freeipa_setup.sh e60f836 Fix enabled tripleo-validations check 63a8f55 Remove md5 checksum output from CA injection 12e58ae Fix small nit in enable_validations parameter. c56e934 Enable collectd to connect to metrics QDR 5710f5b Fix logic around heat output exclusions handling e0d9e9e Mount tripleo validations for mistral containers 8126573 Add cleanup service for neutron ovs bridges fc2a5ae Migrate tripleo-packages service to ansible package module a87fcb1 Add tags to OpenShift external tasks to allow upgrading it separately 6ab5112 Fix interfaces in boot_param_tasks b85a676 Add limited retries in create_swift_temp_url_key.sh 8d163a2 SSL support for haproxy -> novnc proxy connection 6a4dcca Skip Ceph packages when running tripleo-packages e0ec6f5 Fix Swift storage device setup fc17e15 OpenShift upgrade with openshift-ansible and external_upgrade_tasks 0948b1e Set allow_action_execution_deletion to true in mistral api config 6a1ac35 DeployedServer support for cidr via get_attr ffe6345 Use fqdn for live_migration_inbound_addr 7d0a8f1 Move the shebang to /usr/bin/python 60a63ed Add neutron metadata agent to the undercloud d4d15d0 Default bootstrap_server_id aeded3e Add BlacklistedIpAddresses stack output 704d72f novajoin: Fix cloud-config configuration path 1433d58 Ensure Cinder has a default volume type 553fc0d Pass all vars to deploy-steps-tasks.yaml with config-download 6b506ee Parallelize server pre and post steps 450aed3 Fix Neutron SFC environment file 22645d3 Fixed wrong when condition in mounting staging location eb76fb9 Assert container's ssl cert exists before upgrade. 9668e7b Revert shebang change for InstanceHA startup script 7cf4a31 Mount /usr/lib/heat on undercloud Heat e2bf518 fix manila scheduler service typo c1cf334 Use /var/lib/kolla... path for TLS certificate b633eaf undercloud-post: Discard CA usage if not set b82f743 Drop obsolete environment for `overcloud ceph-upgrade run` 6364f22 Update and upgrade tasks for services deployed via external deploy tasks f55f4f6 adding vxlan into Neutuon drivers for networking-ansible 1bda1fd Break out image prepare into its own "service" 6860fb8 Switch deployment_source_hosts default to "Undercloud" 8a43253 ovn: Fix minor update failure with OVN db pacemaker HA resource 2c88645 Use RPCPassword instead of RabbitPassword for novajoin b76d762 QDR for metrics collection purposes b021c4e Add support to set cors config in gnocchi templates 6237903 Allow to remove xinetd service 908465c upgrade: move removal of services at step 3 (leftovers) 9654393 Add NovaResumeGuestsStateOnHostBoot and NovaResumeGuestsShutdownTimeout 26e0ce7 Add support for containerized networking-ansible ML2 plugin 6978fa1 Exercise scenarios with changes at common 2f44dbd Revert "Fix deploy health checks" 787e791 Fix parameter name used to create the Manila CephX keyring d27ec26 host_routes using get_attr (Composable Networks) f5f6553 Add per-network routes to NIC templates 4e44547 Add host routes to subnets 0b5efad nova: add parameters to configure nova::cron::archive_deleted_rows 8ec80c7 Fix errors using multiple-nics templates w/o VLANs defined 0811ccb Fix manila update, upgrade, and FFU tasks d37308d Fix python3 support in yaml-validate script. 8a43107 Avoid ifcfg files modification when a reboot is not required 9d9daeb Fix ironic containers data owning races ab7c43a Set default number of rabbitmq queues to CEIL(N/2) 07f74e1 Fix RST syntax (needed by release) 149ca6e Remove tftp service and package upon upgrade to container 1b8e78a NUMA aware vswitches 3ce08a8 Set CephX user for Ganesha c00a559 Remove HostnameFormatDefault from NFV roles 8b2fa8e Fix a race when upgrading Neutron & Ironic on the undercloud 4b60adf Add upgrade_tasks for HAproxy 42c1182 undercloud: revert to using the iscsi deploy interface by default bd1d5d7 Fix deploy health checks ba5a578 copy ceph config in manila-share container bundle 5dd4018 Instance create fails due to wrong default secontext with NFS 989a36f Edit some post update tasks logic e2148a5 Do undercloud container prepare in external_deploy_tasks 697b1d9 Don't run host_prep_tasks from {{role}}HostPrepDeployment 02a0b87 Update/correct vrrp check for haproxy 29bd1a9 Allow setting physical network MTU via heat template b3a7cfc ansible: replace yum module by package module when possible 879caaa Add secondary DNS server to disable-unbound environment a4175d4 Revert "Check container health as part of the deploy" ad7d6cf Add scenario010 for testing Octavia 90a7a22 Fix containerized ironic bind-mounts 10ebdc8 Bind mount mistral state for external deployments 65036d9 Move hugetlbfs gid config to BootParams service 08e67b8 Update manila environment file names 694ac8c Use global ansible.cfg for nodes-uuid playbook 60d75f1 Enable deep_compare of pcmk resources by default 3ebcfd1 Run scenario009 for more services aeb783f Fix HostnameMap lookup - replace str_replace with yaql c93489c Enable logging to stdout/stderr in memcached 7fbaee6 Limit deploy health checks to paunch managed ones 915c1eb Check container health as part of the deploy d10ba6f Mount my.cnf.d into the db_sync container for Barbican and Octavia. 5ac5aa6 remove scenario005 from experimental 5ed628f OVN: Set sysctl value 'net.ipv4.ip_nonlocal_bind' to 1 39321cc Update/upgrade prepare/converge in config-download era ddb2116 OVN: Add exec puppet tag to ovn-controller service file 3474e4b Add release note for vnx and unity template changes d348ebc Lower Ceph PGs count in scenario004 cc05e52 mysql/undercloud: add condition for upgrade 91b92dd Remove EXPERIMENTAL warning for manila docker deployments aaafe82 Edit environments/ovs-hw-offload.yaml file. e7d3984 Add OVS-DPDK parameter as part of roles file 52ec1a0 DnsServers using get_attr 19381ec EC2MetadatIp using get_attr c649cf0 ControlPlaneDefaultRoute using get_attr 6ab86a3 ControlPlaneSubnetCidr using get_attr 262755b Add ability to set openshift container images 52fea6d Move scenario009 to the check queue e489e58 Log more details for container images prepare 80d154d Give neutron ports names: $HOSTNAME_$NETWORKNAME 4564109 Iterate once in network-environment.yaml 67489e6 Increase the step for gnocchi_db_sync 27548d4 Unify the Manila HA and non-HA docker configurations 24dd970 Fluentd: Set cinder-backup log path 72b2417 Reduce default services for Standalone 2e47270 OVN: Add env file to deploy SRIOV with OVN. dbdde60 Remove step_config from NVMEoF cinder backend c5b2d08 Disable sensu-client in CI 662814e Generate and mount wrappers for haproxy in OVN metadata agent 5a70af7 Fix variables interpolation for included roles 99e933c Replace raw_get with dict access syntax 99b8119 HA support for OpenShift d5bfa09 Make Horizon's SECURITY_KEY 64 characters long 5c09e67 Update yaml files for Dell EMC VNX, Unity drivers 2a9fc8d standalone run a post config to generate a clouds.yaml 526f395 Update standalone role for a cloud e34cfb6 Cleanup hosts name on initial install c5dc8ef Disable recursion in Designate-managed BIND d4862bc Expose dnsmasq_local_resolv option 7f42272 Add AllNodesExtraMapData parameter 58624ab Improve nova statedir ownership logic d59798b Remove bogus "EXPERIMENTAL" in neutron-sriov.yaml environment file 00ed1a2 FFU Create cell0 db points to the nova-api bootstrap node. cabaf85 Leave undercloud images locally after prepare 45f5361 Add the ability to scaleup the openshift stack d30adea Fluentd configures rsyslog to send logs properly 25f93ef Fix bootstrap_host_exec check for manila_share 4028217 Add a ComputePPC64LE role 7817fcc Add support for {{role.name}}IPs in Composable Role 3bf5d07 Fix openstack-manila-share resource typo e27bb37 Correct unit file name check for heat_api_cfn validation. f0bc5e4 Add subnet host_routes to output of OS::TripleO::*::Ports::Port f3d74a6 Add some air - blank line between network's in net configs f29e2c7 Double the docker puppet process counts 1f98815 Replace deprecated include module with include/import_tasks module e999d67 Iterate only once in network configs parameters b9f185c yaml-validator - network_data validate show all errors e38f6e9 Add FFU upgrade steps to Sahara services 8cb66f6 FFU: missing ironic tasks b0a2775 Fluentd: disable log path docker transformation 93fb7f0 Do not disable ipv6 on loopback interface for epmd c0cf926 Refactor the inventory generation 4e30f51 Update for openshift 3.9 547552f Set configure_qemu to true to get qemu port range applied 723362e Fix missing parameters in OVN DVR environment files 76330d9 Increase max heat stack depth 223b942 Store ODL logs to file 372e1b5 Add ServerDeletionPolicy parameter 6d5b9ab Add networking-ansible ML2 plugin support a57f34f ceilometer: deprecation cleanup 819805d OVN: Remove environment files which deploy OVN dbs in non HA 7d85acf Correct Cinder NetApp backend name parameter mapping d989c01 Clean up env files for Cinder's Netapp backend f997e3d Handle blank lines followed by comment in nic conversion script afba68e Undercloud specific volumes for mistral-executor container db18173 Add SELinux management to containerized undercloud d3eb296 Add default value for name_lower in network_data.yaml to update ServiceNetMap cfe872e Prevent Neutron L3 and Metadata agents from running when using OVN DVR. 9c82505 Role specific derive parameters workflow parameter f14369c Fix non-HA rabbitmq user password updates c95cef9 Add release note link in README 9746e2f Do not grant caps if pool name is empty 58b6034 Remove the OVS-DPDK deprecated parameters 94ff4dc Set ODL API restart policy to unless-stopped a2e6f92 Add support for NodeDataLookup for Ceph deployment 1fa4414 storage_vnx_pool_name is incorrect for VNX cinder driver. beff479 Allow custom --bip CIDR for docker options 2664ddd Moving glance mount nfs block to puppet glance-api template 2022f09 Lower reserved memory for nova-compute 21bb3ba Make BIND /var dir persistent 0f02595 Add release note about Designate 139b552 Update scenario003 to deploy separate messaging backends 7e2cdc8 Delete default ODL Password 683de36 Add scenario011 to install ironic in the overcloud 371e5d6 ovn: Add dns_servers configuration support 6b3e8aa Execute post_update_tasks in update playbook ed26bd7 Fix syntax for set_fact ansible task. 448e040 Disable pid file usage in the swift_rsync container fae3f02 skydive external_deploy_task migration 1ebf314 Fix incorrect Redis VIP declaration in fixed-ip-vips-v6.yaml c16167f Enable Ansible error handling per role fdeabe0 Handle roles w/o deprecated_nic_config_name during template cleanup a866f55 Add host prep step for ntp time sync 3aa91b8 use versioned keystone endpoint in OPENSTACK_KEYSTONE_URL 637f335 Adding HeatEngineVolumes and HeatEngineOptEnvVars support 9104980 Allow a containerized mistral-executor to access docker cf2be03 Make BIND listen address configurable 7f278f7 Fix DNS firewall rules ddcca3c Fix gnocchi auth mode to basic 780d0e5 Introduces NovaComputeCpuSharedSet parameter 1ae411e Delete deprecated parameters 80a0415 Adds support to configure enabled bios interfaces c8d6b50 Call validations upload workflow instead of action d0f4022 Correct spelling 1898cc5 Activate memcached debug only when using MemcachedDebug param. c9c0fcf Log memcached to stdout/err only 2545687 undercloud: manage mysql user + revoke grant during upgrade a9c2235 Revert "scen007 is failing in the gate" 0c7e745 Remove unecessary back-slashes in CephManilaClientKey caps mon e421983 Print a more informative error message on misconfigured volumes 4413037 scen007 is failing in the gate e65889d Update CephX client.openstack keyring to use 'profile rbd' 43a39d4 use keystone public endpoint in horizon 0f34449 Run dispatch script for all unmanaged devices baec8bb Adds docker SFC and cleans up ODL envs ea9360b Set tuned profile for compute roles 0e01477 Implement TripleoValidations composable service 3f56cd2 Reduce verbosity during mysql bootstrap, non-HA c494a50 Remove unuseful become: true from deploy-steps 0f6c13f Update capabilities-map 46a5b2a Fix error in the role-specific parameter merging in rhsm service 058f923 Fix typo 170c311 Add environments/net-noop.yaml fcc2251 undercloud: add missing services for upgrade cleanup 3def4e0 Migrate Octavia to external_deploy_task e8532be Use UpgradeInitCommonCommand with deployed-server too db1976c Enable secure TUNNELLED mode for NFS c37b9ae Support enabling Debug in OVN metadata agent c0fc85f Uses new format for CephX keys caps 66b8d58 Fix typo dcf5586 Set Ceph pools rule_name to replicated_rule 416b35f Updates: run host_prep_tasks between update tasks and deployment tasks 916845f Add host_prep_task to setup proper logging for Swift cc046a7 Do not fail on non existent ansible group b95d1c1 Map OpenShift resources to services a472f7d Match only haproxy for docker ps and skipp all *-haproxy occurences c90e0a7 Add missing 'update_tasks' to the OVN dbs pacemaker service a0dfc6c rerun *_init_bundles all the time dc9c731 Fix update/upgrade or config change for ODL 65b7583 ffu: Add missing nova-manage db sync for Pike upgrade a6389da Introduce restart_bundle containers to detect config changes and restart pacemaker resources 979437a Upgrades: Refactor package removal to step3 56bec75 Upgrades: Refactor playbooks to set facts fd5339a Match Net:SoftwareConfig resource in scenario000 to other scenarios 5e3d90f Fix typo with Manila upgrade template bb92480 Add tempest container to docker.yaml b9caa67 Add docker service to OpenShift CI roles 9a37e5a Fix fail_if_empty invocation with pipes 1b6e061 Fix GlanceRegistry FFU cleanup e01005f Add blankline for readability 302af50 Add sanity checks for xinetd service restart. 59b2dcf trivialfix:fix a typo bd9646c Use wait_for_connection module instead of local action for reboot wait 487e061 Decouple OpenShiftGlusterDisks from openshift-master.yaml b3b027e Add a way to override base path when file driver is used 32ea502 undercloud: enable KernelIpNonLocalBind 3b81a45 Revert "Only add internal_api_virtual_ip if InternalApi is in network_data" 82df65c Fail yaml-validate.py on new deployments with outputs 07528b0 Deprecate templates replaced with config-download b749e02 Add release note for PasswordAuthentication parameter f3f4e28 Add OPNFV scenario environment a1a2048 Enable inspector dnsmasq dhcp filter b18e38c snmp: listen on ctrlplane 70901ab ssh: enable PasswordAuthentication for containerized undercloud f51f84e Support containerized DVR in compute role ba8168f Ensure WorkflowSteps resource is enabled in ceph-upgrade-prepare adb10e6 Pike to Queens controller upgrade guard rerun with no images 1037786 Create docker-puppet.sh only once to avoid ETXTBSY errors 1deab12 Optimized Ansible tasks in deplay-steps-tasks.yaml b8b0755 Run image prepare after registry install f5aeac7 standalone: cleanup environment 59b7626 Manage public certificate with ansible 81db32c Upgrades: Refactor httpd_enabled variable db69d36 Make VhostuserSocketGroup param as mandatory for ComputeOvsDpdkRT role 3426d4c Reset Cinder RPC versions after upgrade bdd51e9 Add flag to enable QoS DSCP marking in ODL e52d7a5 Add site id parameter to cisco vts ml2 template 5df1d9d Unset UpgradeRemoveUnusedPackages on converge. 29f9287 Pass designate configuration to neutron 548af1b Enable s3api by default 9408591 Fix Designate worker conditional f8d0eda Drop old ceilometer services 3a9c0e8 Parameterized deployment hosts f514438 Containerized control plane with Dell EMC ScaleIO storage d04e7ea Use user specified private key when deleting temp keys d51bd9e Add stack name to env() for OS::TripleO::WorkflowSteps 816c079 NeutronSriovHostConfig missing in SRIOV's env files 398bcc7 gnocchi: add missing /var/lib/gnocchi a8b7397 Replace hiera lookup for ceph::profile::params::fsid f96dbd0 Remove CephAnsiblePlaybook parameter reset from ceph-ansible env files e36cbb9 Remove UpgradeRemoveUnusedPackages from undercloud-upgrade-prepare.yaml 959cb6c Set default application for Ceph Luminous openstack_pools 10b5bed nova-ironic: add support for post-upgrade cleanup 818ad75 Add acl to paths that are shared among related neutron processes 0ef3058 Fix 3node deployment 5a28efc Make lb-mgmt-subnet a class B subnet 247438d Use /usr/bin/env python to autodetect python 5dfd932 Fix upgrade_tasks for TripleO UI ff1728f Rename Dell EMC XTREMIO iSCSI environment file c20a28a fix a typo in collectd.yaml d0ab92c Bring update/upgrade tasks for OsloMessagingRpc up to date a066ba3 Trigger scenario003 on designate changes 6d10c05 docker: cleanup update tasks 75d8605 Fix known hosts config script value 8a8ad26 Merge values for same key from multiple services a089310 Add support of shared staging location for glance-direct e04b3ce collectd: give access to the libvirt socket in ro e9e2b4d Don't delete br-ex on upgrade in multinode jobs 7c97320 Use str_replace for known_hosts 8cfaf35 Only add internal_api_virtual_ip if InternalApi is in network_data 96a5a49 Deployed Server - portmap should match neutron API 1d9629e Mount /var/run/redis for the redis socket 00f5019 Deploy Docker via Ansible and not Puppet 393476f Add ability to pre-assign IPs by role on ctlplane 753a350 Remove support for puppet-ceph 3848713 Correct log location in container environment for Fluentd 62cdc39 Allow custom time constraints to rotate logs b4ff453 Don't use crudini to get rhn server f30a057 Enable logging for tempest container 4b39b19 Use rabbitmq service principal in metadata settings e7a103c undercloud: change upgrade steps f254a21 Revert "Switch public endpoints to use FQDNs by default" 0a642a1 Add basics for standalone node 8ef2e7e Add missing UndercloudUpgrade to environment 28be105 undercloud: set OS_CACERT when TLS is used a423739 Remove support for classic drivers 30a95b7 FFU Add cinder-backup missing fast_forward_upgrade_tasks 6b6ae96 Allow configuration of NFS backend for Nova 392c3ae update tht jobs to include network/endpoints d5b3485 Revert "Change default endpoint map entries to use TLS" 1bec011 deploy-steps: switch to tripleo_role_name a3e4a90 NFV: Support for config-download to deploy node with kernel args ab1cba9 Expose parameter MistralDockerGroup 3147583 Add ability to control Glance's enabled_import_methods 5f00ddd Fix for the manila backend configuration errors 6c5b96c Enable default polling interval override 9757069 Clear up Upgrade params on converge 6403c9b Add fast_forward_upgrade_tasks in ironic services. d7ce2c8 FFU Set NetworkDeploymentActions CREATE,UPDATE for ffwd-upgrade prepare 0e87e64 Default Octavia SSH pub key to UC default keypair b032273 Fix cinder-backup image wrangling on update 553554a Add option to override confirmation in yaml-nic-config-2-script.py 64bc4a7 Remove undercloud specific service definitions af7a4ab yaml-validate: sets isn't python3 44ef2a3 Change template names to rocky bb1100d Add compute node L3 agent container for DVR b022737 Generate and mount wrappers for neutron agent processes f7e867b ironic-inspector: store ramdisk logs even on success in debug mode 8e104b3 Switch public endpoints to use FQDNs by default 22ad1bc Change default endpoint map entries to use TLS 9be5b8f Add no-tls environment to env-generator 10d9fac add tripleo update job as voting 1260da2 Add EnablePublicTLS flag 2d73097 Add necessary tags in Controller role for multinode job 9926359 Make the KeystoneURL stack output versionless 1dedf30 Do not overescape the Manila keyring caps afcf2c7 Add support for NVMeOF cinder backend 48c6253 Clean up Cinder backends in capabilities map 54fcdb2 undercloud: do not hardcode eth1 for public interface 77aa676 Undercloud upgrades will use upgrade_tasks 7c68540 Fix typo in multiple-nics/role.role.j2.yaml d535221 Mount ODL log file on host node 4742f2e Set normal CephAnsiblePlaybook on update/upgrade/ffwd converge 56898d9 heat: align config with instack-undercloud 9171eef Delay collectd start cdaa063 Fix case-sensitive OctaviaUserName parameter 9602a9b Instance HA: prevent compute to start on a host being evacuated f760088 Remove ironic_host_manager usage 1651f4a Add missing check for gnocchi api enabled 4f2c29e Expose Horizon "DocumentRoot" on host be5fd4e Copy-in libvirt certs via kolla extended/start 89de728 undercloud: switch to the "direct" deploy interface by default bce3452 Copy-in neutron cert via kolla extended/start 3267386 Add parameter for UndercloudNetConfigOverride 03c8cbc Fix sample env data 960fc05 Ensure tasks aren't empty dicts 262c0b4 Add BlacklistedHostnames stack output a990a15 Move Nova Compute undercloud upgrade logic into nova-ironic 1497da0 Run tasks on primary role first 6141e35 Remove deprecated NeutronExternalNetworkBridge from CI environments 49d0721 Convert resource_name to number 88bfa38 undercloud-upgrade: use deploy_steps_tasks for yum update 8e20095 Revert Ceph bridge names to previous values ca69e1c Remove empty host prep tasks for Tempest 3f22fb3 Remove UndercloudLight 94b5c11 Remove step_config from CinderVolume backend services 04fd6ff Copy-in redis certs via kolla extended/start 3379467 Removing the deprecated environment files for hw offloading in containers 3049141 Remove redundant config bond-with-vlans/compute-dpdk.j2.yaml cea554e Revert "Fixes ceph-external docker service name" cf8c443 Execute ceph-ansible with its own ansible.cfg 52d4eb5 Make novajoin vendordata timeout configurable 5fd8757 Add DeployIdentifier to Swift set_swift_secret container af51fc9 Download IPA kernel and ramdisk ae4aac8 Restrict tenant network to geneve fc9d9ee Ensure config-download mappings are unset on ceph-upgrade 041251d Switch remaining env files to containers defaults 542ec35 Fixes chowning neutron cert/key perms 8cbbd08 Fix deprecations in the ironic modules 0edc478 Disable StrictHostKeyChecking when removing keys too 3b56c9e Add validation on role names ccb7fed Upload validations to swift on undercloud install 57c2c3d Add defaults into name property for config-download. f44e8d7 Switch to config-download by default bc0f8d0 Fix few issues with deploying with baremetal-services.yaml 79719a1 [DellEMC]Update Manila Unity driver 60796eb [DellEMC]Update Manila VNX driver ec3e347 Add volumes list of docker-puppet container when merging config volumes 955d1da Fix path to deployed-server-environment.yaml c590ef7 Deploy Designate in scenario003 9faea72 Set live_migration_inbound_addr for ssh transport e792b99 Enable heat-ui plugin for horizon by default 4d8a80f Octavia amphora image handling updates 6730acc Introduce Ceph upgrade environments 2905293 Do not pass ceph_release to ceph-ansible bc3600b Add neutron "segments" plugin to the default list 2abefb3 Add /var/log/opendaylight directory to ODL 87c76e8 Fail validation on new workflow_tasks d696030 Suppress warnings with -qq fa3c822 Parameterizing Puppet Tags 31e4c01 Explicitly set nova/neutron/ceilometer host to expected fqdn 723e428 Default collectd to overcloud gnocchi 106666d Add neutron-plugin-ml2 to the scenario007 22459dc Add support to ironic "direct" deploy interface 4053399 Move remnants of environments/services-docker 8530dd9 Make pcs resource bundle image name update tolerant of rerun 3637f03 Added missing pki volume for custom CA. 19be98b No-op Mistral workflow resources for update/upgrade/ffwd 39ef030 Add OVNCMSOptions in dvr environment files 39f5b64 Telemetry services need to access to Storage 38eee38 Define Octavia SSH key name and file path b1d0ed0 Fix openstack-nova-consoleauth service upgrade check 78bc457 Support separate oslo.messaging services for RPC and Notification e8f1427 Revert "Fix neutron-plugin-ml2.yaml puppet base ref" 08b1132 add lower-constraints job 9932c28 Enable management network in network_data e200974 Add an openshift-cns service 8b246ab Add missing undercloud upgrade tasks a134b71 Add validation for SoftwareConfig outputs 5a4abee Deprecate support for workflow_tasks in Ceph services. 68c6089 Omit hiera YAML validations for external deploys 70ccf21 Fix neutron-plugin-ml2.yaml puppet base ref a246549 Reduce verbosity during mysql bootstrap 064d5d5 [tripleo-ui] Explicitly configure Nova CORS b079bcc Track global failures flag for YAML validations 1b54e4b Disallow SSLv2, SSLv3 and TLS1.0 in httpd for FedRAMP compliance. ae61a03 undercloud: deploy SSH service 7226efc Add dry-run mode for process templates e4c1531 Add environment file for Mellanox SDN fd75f65 Add CACerts service to scenario003 c2a555f Add IronicInspector to the Controller roles 9d61779 Improve nova-ironic cellv2 discovery cbecc1e Rely on client defaults for the Ceph container image to use in CI 9526cef Containerize Neutron LBaaS service plugin 2b662be Add www_authenticate_uri option to replace auth_uri. 0b44170 Add validation for hiera interpolation in services 2e224dd Add missing hiera interpolation calls 49963bc ovn: Mount /run instead of /run/openvswitch when starting ovn-controller container 3da3f5d Modify libvirt port range for live-migration 3ed0be0 Disable FluentClient service for ffwd/upgrades. 628da8a Move mod_ssl release note af8f06b Remove todo as mistral tag filtering is fixed 871e961 Correct indentation and file path e8a1fc2 Upgrade: make bundles use new container image name after upgrade 40eee6a Migrate Ceph deployment to external_deploy_task c333cf8 Environment to disable workflow_tasks 252f561 Add Barbican to the list of services for the undercloud 053be63 [DNM] ceph-nfs: disable ganesha caching 7390124 Logging Added nova-metadata log file 19ed1af Update environment files for Q upgrade and ffwd upgrade d3d27d7 Use hiera interpolation for memcached_network c0bf7c6 Add condition to ovs run during upgrade. a5e5041 pep8: include no-tls-endpoints-public-ip.yaml in validation c2536e2 FFU: Use yum shell instead of ansible yum module 51269a1 Add the service_config_settings from {{service-name}} base d860255 Handle undercloud upgrades via host_prep_tasks 5203e43 Add Ironic Networking Baremetal Templates 9757572 no-tls: add missing endpoint for Designate f64e471 Use external IP for public interfaces 7027693 Set ulimit for nova-compute and cinder-volume 87a48d7 Enable SSL when UI is containerized f51f533 Removes odl-dlux-gui feature for ODL bf99d30 Replace LOG.warn with LOG.warning 30e18b4 Mark Designate as experimental db5de1a Adding missing OVN Metadata service to DVR environments 00c9ec8 Add CACerts service to all scenario environment files 6c40b15 Always run mysql init bundle 8b85faf Mount the public TLS certificate for HAProxy on up(date|grade) on pacemaker 1e2cfcd Removed unnecessary services from the LiquidioCompute role. 4268c88 Stop configuring nova_catalog_admin_info for cinder 4ec9e65 Don't use keystone admin endpoint for nova placement 6c5f2b8 Delete not-used services-docker files 8e643e8 Add endpoint map environment without TLS 1f97dc0 masquerade-networks: update defaults 186b03d Fix missing allowed network type 'flat' for ODL OVS f35c417 Update OS::TripleO::Services::ComputeNeutronCorePlugin for containers 1dc2249 Fix typo in ovn_cms_options config 2ecf3ac Fixes the OvsVhostuserMode heat parameter dc37817 Sanitize the uuid string b7fe99e Run the dispatch script for vlans as well 1877ef8 Default NodeTLSData to always attempt setting TLS cert 7414edf Default CertmongerUser to be defined for undercloud setup 1db66f5 Add ability to set protocol in endpoint_data.yaml file 559db47 zaqar: fix hieradata to enable Debug 3dd0f5c Revert "Run containerized mistral-api eventlet" e456e10 Add nfs as a cinder backup driver option to CinderBackupBackend ab78b1f Correct the InternalTLSVncCAFile to comply with selinux policy b77cce2 Set ulimit for neutron agent containers e290824 Switch Zaqar to use Redis d3bbadd Fix Cinder's default db purge cron settings 6f9c97f Add prepare/converge env files for update 1cc26fb Added network enabled check in multiple nic role rendering file a360759 mistral: align parameters with undercloud 931067f ironic-conductor: configure ipxe_timeout to 60 b027405 Fixes ceph-external docker service name 6f3e703 masquerade: stop using YAQL for iptables data 02cacfd undercloud: increase token expiration time 7089f06 Support deploy_steps_tasks step 0 f044539 Don't log set_fact tasks for role_data 0b23ff7 Add spacing for readability 1673181 Fixes Neutron certificate and key permissions 3464547 Enable ironic rescue mode by default 0dfdf1d Collectd needs access to /var/run/ceph to load the ceph plugin bf9d590 Remove unused OS::TripleO::StructuredDeployment reference 8f24db8 Added Liquidio service definition in overcloud puppet registry f3d340f Revert "FFU: Add support for panko service upgrade" 562d223 Enable Octavia dashboard on horizon container e947c7e Add ctlplane networking for routed networks 15c5369 Add firewall rule to octavia health mgmt iface ffc14e3 Refresh keystone after deployment 9c4cb20 Add static routes for routed ctlplane ed33642 Use IronicInspectorSubnets in undercloud.yaml 66df6bd Remove no longer used disable_upgrade_deployment flag 154879b get-occ-config.sh: fix handling multiple nodes in a role bd48087 FFU: Add support for panko service upgrade fb29f77 Add purge to Nova cleanup cron. c8ba396 Resource name correction d7e672b Add environment to enable Designate c2c908a Containerized Designate c45d027 Designate Integration 04b898d Implement MasqueradeNetworks services e691bbe Default environment/services/* to docker d21bf18 HAProxy: expose stats socket in HA deployment after upgrade 4779392 Use sensu-client healthcheck parameter 9f4c691 Remove config.json for old style nic config files when using new style 55864c9 Remove the os-net-config element config.json template e534a7a Correctly set NeutronMl2PluginBase for OVN scenario 58d1e81 remove OS::TripleO::Services::CephClient from CephAll 624fedb Upgrade data on disk on mariadb major upgrade 2c1f866 Set TripleoUI bind_host via ServiceNetMap fa4b3e2 Honor {{role.name}}ExtraConfig with deprecated params de339ff Container Undercloud - Enable neutron segments c60489e Use ironic::inspector::dnsmasq_ip_subnets 611830f Apply the vhost group parameter for the vhost_sockets directory creation 88daf0d Move API cors config to their services 5513d94 ironic/undercloud: align configuration with instack-undercloud d42c59b HAProxy: fix bind mount to expose stats socket f4a45b7 Make HA containers log to /var/log/containers after upgrade e14ecb1 Fix undercloud key upload to nova keypairs UC post 70b3d1d Fix ssh keys validation workflow trigger UC post 882fb2a Add environment/services-baremetal/*. 02f8609 Upgrade data on disk on mysql major upgrade - non HA 2da94c5 Include pacemaker in Telemetry role d9e4d83 Allow stacks to remove old update resources 18469fc Enable octavia-api health check f857e21 Fix fluentd upgrade tasks during FFU. de39f8a Allow for passing boot-time vars/args to OC nodes f18ca89 Added the missing attributes for roles_data of ovs-dpdk-agent docker service 4f4e305 undercloud: remove IronicInspectorCollectors in environment ccfc1e9 Mount openvswitch dir rather than socket ddc7192 Do not create NetworkVlanID is the value is not defined 0077e8a Remove the lacp bond mode constraints f37c06c Fix update of pacemaker container images during major upgrade 0417a33 Add access to /var/run/openvswitch from collectd a3297af Add the service_config_settings from nova-compute base 23b4f75 Changing the description of NeutronSriovNumVFs parameter 1dd29b3 Add support to ping IPv6 metadata IP add4ce1 Changing to L2GW Opendaylight v2 driver a4a6fb7 FFU: Fix gnocchi FFU tasks eaf77cb [CVE-2018-1000115] memcached: restrict to TCP & internal_api network 088d5c1 Support SshKnownHostsDeployment with config-download 2587cb4 [FFU] Hook to allow user to pass a custom script for repo switching. 198d66a undercloud: enable only metadata cleaning 5473dc4 undercloud: set cleaning and provisioning networks to 'ctlplane' 0017b64 Add check for old-style nic config files 09ff488 Consume ceph-container project's new style of tags 3acf7e4 Remove hiera interpolation from ceph-ansible parameters 97173ca Fixes ODL container failing to start due to missing etc config e9557a6 FFU: Introduce Aodh fast-forward-upgrade tasks e3f6863 Update service readme files ae08582 Add pre_upgrade_rolling_tasks 7cbe28b docker: add support for TripleO UI a782462 Remove unused minor update code 487fdb8 FFU: Introduce fluentd fast-forward-upgrade tasks 74f751c FFU: Introduce collectd fast-forward-upgrade tasks d2eeb17 FFU: Fix Keystone FFU tasks 5015cc6 Fix newton compat mode for deployed server. 503762d FFU: Fix swift FFU tasks 3f38dd6 FFU: Upgrades: fix pacemaker checks 26c55d1 FFU: Introduce post FFU steps and use them for qeens switch 8695614 fix typo in scenario graph c2d1a7c Updated from global requirements 87e27d0 fix the scenario chart 1d704d4 Fix gnocchi-upgrade Table <..> already exists errors 9765f8d FFU: Fix glance tasks a9aff0b FFU: Add mongodb fast forward upgrade tasks 825bd7d Configure qemu group setting as hugetlbfs for ovs-dpdk fd740a4 Don't stop openvswitch when deploying OpenShift 781e1b2 Add novajoin service 5038364 FFU: Fix Cinder services action order 06638e7 Added release notes of tempest container c69ff5a Configure firewall rules for Congress 33abdba undercloud_post: manage post mistral config c1b35f0 mistral/undercloud: align configuration with instack-undercloud cb16252 Add EnablePuppet (defaults to true) 470bcd3 Assignning a value to NeutronServiceName propertiy in neutron-ovs-dpdk-agent.yaml c7d0e5a Updated from global requirements 5cb155e neutron: rename db when upgrading a containerized undercloud 06368c5 Set firewall rules for the tacker service 9cdfac3 Configure firewall rules for Zaqar 38387ad Added t-h-t for tempest container 77ae5a6 Replacing the count with loop.index for indexing 8dadaa1 A keystone only controller deployment 3a635ef Updated from global requirements 3a7baa8 Convert ServiceNetMap evals to hiera interpolation ad8446e Fix typo in network templates e860b95 neutron: Call destroy-patch-ports before starting ovs-agent a462d79 Add support for Dell EMC XtremIO Cinder ISCSI Backend 6f5776c Remove registry special casing which no longer has any effect 0acc40d undercloud_post: override stackrc 2278c76 DPDK deployment fails when there is no deprecated parameters d873259 Treat enable_debug in Ansible as a bool a28892d docker-puppet.py: don't pull if image exists df31016 Fixes certificate generation error for Neutron agents d347636 Configure deploy logs for Ironic 98faaca Minor update steps for ODL 336ccab Enable nova-metadata health check da1ed3d kernel: make ExtraKernelModules and ExtraSysctlSettings role-specific 237d1c0 undercloud: disable nova-compute disabling 42a032a neutron/undercloud: align configuration with instack-undercloud c334ad3 Consume RoleData config from config download files fa66d68 Adds fast_forward_upgrade_tasks for Heat services b2ea39e Enable libvirt health check 92624d6 Add fast_forward_upgrade_tasks for ceilometer services de40fe5 ffu: Introduce Neutron fast-forward upgrade tasks c5a08fd FFU: add fast forward upgrade support for sensu client 75ee85b Add KernelIpForward configuration d57bd29 Remove default value for pacmaker passwords 096b5d9 Fix default nic config file names b6bfa5b Fix network-isolation.yaml relative paths for ci 99ea8b6 Assign Cinder's backend_host when deploying for HA 97c0c1f Make ping test support older overcloud release. f5ffd40 Add validation task in docker services [Octavia] 9e0c55a Delete rendered nic configs during --clean 86793ee Add step to run secret_store_sync before instance startup 5ab9f4c Add ovs_extra netconfig for undercloud CI compat c310cd1 Increase size of Heat HeatMaxJsonBodySize 92b4bb8 Add UndercloudLocalMtu parameter 3feb7e6 Add IronicAutomatedClean parameter 32488d1 Update reno for stable/queens 5f7fdb1 Add support of netapp configuration for glance in THT 6f49d07 FFU: Add memcached fast forward upgrade tasks b3420f7 Enable containers by default 3038232 FFU: Fix nova fast forward steps 6846341 Add role_specific tag to missing role-specific parameters e581c27 Fixes OpenDaylight healthcheck/GUI feature 472b2f4 Enable nova placement health check e9bf341 Enable Tacker health check 2415b5e Enable gnocchi-metricd health check 1e7544d Enable gnocchi-api health check 9cf63b9 Enable nova-migration-target health check 02eb619 Enable gnocchi-statsd health check d93ac6b Enable cinder-api health check 3a76b9e Enable collectd health check 1beaa8d Enable aodh-api health check c5ca4da Enable etcd health check 57fe34b Enable ceilometer-agent-central health check 1e19b2e Enable memcached health check 98a63ab Enable iscsid health check bbc8e0a Adding a workaround for enabling steering in ConnectX-3 devices 37a339d Add support for libvirt VNC TLS 98925a4 Add a ComputeInstanceHA role a981dba FFU: Add update-from-ceph-newton.yaml 417e192 Add enpoints for TripleO UI Config 5cbe298 Remove the heat upgrade steps for Q upgrade workflow 317ed31 Disable memcached's cachedump 5a4d032 Make heat parameter plugin_dirs configurable f7fb484 Allowing Non-IP Traffic in L2 and L3 domains a1dde9b Start using nova_metadata_host Diffstat (except docs and test files) ------------------------------------- .gitreview | 1 + .testr.conf | 2 +- README.rst | 169 +- all-nodes-validation.yaml | 2 +- bootstrap-config.yaml | 2 +- capabilities-map.yaml | 61 +- ci/common/all-nodes-validation-disabled.yaml | 2 +- ci/common/net-config-multinode-os-net-config.yaml | 98 +- ci/common/net-config-multinode.yaml | 75 +- ci/common/net-config-simple-bridge.yaml | 80 +- ci/common/vbmc_setup.yaml | 34 + ci/environments/disable-unbound.yaml | 60 + ci/environments/multinode-3nodes-registry.yaml | 3 +- ci/environments/multinode-3nodes.yaml | 9 +- ci/environments/multinode-containers.yaml | 8 +- ci/environments/multinode-core.yaml | 2 +- ci/environments/multinode.yaml | 2 + ci/environments/multinode_major_upgrade.yaml | 1 + .../multiple-nics-ipv6/network-environment.yaml | 5 - .../multiple-nics-ipv6/network-isolation.yaml | 42 +- .../nic-configs/ceph-storage.yaml | 75 +- .../nic-configs/cinder-storage.yaml | 75 +- .../multiple-nics-ipv6/nic-configs/compute.yaml | 75 +- .../multiple-nics-ipv6/nic-configs/controller.yaml | 75 +- .../nic-configs/swift-storage.yaml | 75 +- .../network/multiple-nics/network-environment.yaml | 5 - .../network/multiple-nics/network-isolation.yaml | 44 +- .../multiple-nics/nic-configs/ceph-storage.yaml | 75 +- .../multiple-nics/nic-configs/cinder-storage.yaml | 75 +- .../network/multiple-nics/nic-configs/compute.yaml | 75 +- .../multiple-nics/nic-configs/controller.yaml | 75 +- .../multiple-nics/nic-configs/swift-storage.yaml | 75 +- .../network/public-bond/network-environment.yaml | 5 - .../network/public-bond/network-isolation.yaml | 42 +- .../public-bond/nic-configs/ceph-storage.yaml | 75 +- .../public-bond/nic-configs/cinder-storage.yaml | 75 +- .../network/public-bond/nic-configs/compute.yaml | 75 +- .../public-bond/nic-configs/controller.yaml | 75 +- .../public-bond/nic-configs/swift-storage.yaml | 75 +- ci/environments/ovb-ha.yaml | 4 +- .../scenario000-multinode-containers.yaml | 44 + .../scenario001-multinode-containers.yaml | 29 +- .../scenario002-multinode-containers.yaml | 8 +- .../scenario003-multinode-containers.yaml | 21 +- .../scenario004-multinode-containers.yaml | 16 +- .../scenario006-multinode-containers.yaml | 4 +- ci/environments/scenario006-multinode.yaml | 3 + .../scenario007-multinode-containers.yaml | 6 +- .../scenario008-multinode-containers.yaml | 57 + ci/environments/scenario009-multinode.yaml | 47 +- .../scenario010-multinode-containers.yaml | 74 + .../scenario011-multinode-containers.yaml | 75 + ci/scripts/freeipa_setup.sh | 4 +- common/deploy-steps-tasks.yaml | 197 ++- common/deploy-steps.j2 | 507 ++++-- common/major_upgrade_steps.j2.yaml | 252 --- common/post-upgrade.j2.yaml | 4 - common/services.yaml | 60 +- config-download-software.yaml | 12 +- config-download-structured.yaml | 12 +- default_passwords.yaml | 2 +- deployed-server/README.rst | 2 +- deployed-server/ctlplane-port.yaml | 5 +- deployed-server/deployed-neutron-port.yaml | 4 +- .../deployed-server-bootstrap-centos.yaml | 2 +- .../deployed-server-bootstrap-rhel.yaml | 2 +- .../deployed-server-environment-output.yaml | 2 +- deployed-server/deployed-server-roles-data.yaml | 8 +- deployed-server/deployed-server.yaml | 15 +- deployed-server/scripts/enable-ssh-admin.sh | 5 +- deployed-server/scripts/get-occ-config.sh | 8 +- .../services/logging/files/opendaylight-api.yaml | 32 + .../services/messaging/notify-rabbitmq-shared.yaml | 54 + .../octavia/octavia-deployment-config.yaml | 192 ++- environments/auditd.yaml | 1 + environments/baremetal-services.yaml | 63 + environments/cavium-liquidio.yaml | 7 + .../ceph-ansible/ceph-ansible-external.yaml | 1 - environments/ceph-ansible/ceph-ansible.yaml | 5 +- environments/ceph-radosgw.yaml | 8 - environments/cinder-backup.yaml | 4 +- environments/cinder-dellemc-vnx-config.yaml | 4 +- .../cinder-dellemc-xtremio-iscsi-config.yaml | 15 + environments/cinder-netapp-config.yaml | 4 - environments/cinder-nvmeof-config.yaml | 22 + environments/cinder-scaleio-config.yaml | 2 +- environments/collectd-environment.yaml | 10 +- environments/composable-roles/monolithic-ha.yaml | 4 +- .../composable-roles/monolithic-nonha.yaml | 4 +- environments/composable-roles/standalone.yaml | 4 +- environments/compute-instanceha.yaml | 4 +- environments/config-download-environment.yaml | 8 +- ...ontainerized-control-plane-dellemc-scaleio.yaml | 35 + .../disable-config-download-environment.yaml | 11 + environments/disable-telemetry.yaml | 1 + environments/disable-workflow-tasks.yaml | 6 + environments/docker-ha.yaml | 5 +- environments/docker-uc-light.yaml | 8 +- environments/docker.yaml | 5 + environments/enable-designate.yaml | 31 + environments/enable-internal-tls.yaml | 2 + environments/enable-tls.yaml | 2 +- environments/enable_congress.yaml | 2 +- environments/enable_tacker.yaml | 2 +- environments/enable_tempest.yaml | 2 + environments/fast-forward-upgrade.yaml | 18 - environments/fixed-ip-vips-v6.yaml | 2 +- environments/hyperconverged-ceph.yaml | 2 + environments/ips-from-pool-ctlplane.yaml | 26 + environments/lifecycle/ffwd-upgrade-converge.yaml | 9 + environments/lifecycle/ffwd-upgrade-prepare.yaml | 12 + .../lifecycle/undercloud-upgrade-prepare.yaml | 8 + environments/lifecycle/update-converge.yaml | 7 + environments/lifecycle/update-prepare.yaml | 6 + environments/lifecycle/upgrade-converge.yaml | 8 + environments/lifecycle/upgrade-prepare.yaml | 18 + environments/logging-environment.yaml | 2 +- environments/low-memory-usage.yaml | 6 +- .../major-upgrade-composable-steps-docker.yaml | 14 - environments/major-upgrade-composable-steps.yaml | 14 - environments/major-upgrade-converge-docker.yaml | 12 - environments/major-upgrade-converge.yaml | 11 - .../manila-cephfsganesha-config-docker.yaml | 22 - environments/manila-cephfsganesha-config.yaml | 22 + .../manila-cephfsnative-config-docker.yaml | 22 - environments/manila-cephfsnative-config.yaml | 18 +- environments/manila-isilon-config.yaml | 6 +- environments/manila-netapp-config-docker.yaml | 32 - environments/manila-netapp-config.yaml | 6 +- environments/manila-unity-config.yaml | 8 +- environments/manila-vmax-config.yaml | 6 +- environments/manila-vnx-config.yaml | 11 +- .../rpc-qdrouterd-notify-rabbitmq-hybrid.yaml | 22 + .../rpc-rabbitmq-notify-rabbitmq-shared.yaml | 18 + environments/metrics-collectd-qdr.yaml | 27 + environments/monitoring-environment.yaml | 2 +- .../net-bond-with-vlans-no-external.j2.yaml | 2 +- environments/net-bond-with-vlans-v6.j2.yaml | 2 +- environments/net-bond-with-vlans.j2.yaml | 2 +- environments/net-dpdkbond-with-vlans.j2.yaml | 2 +- environments/net-multiple-nics-v6.j2.yaml | 2 +- environments/net-multiple-nics.j2.yaml | 2 +- environments/net-noop.j2.yaml | 5 + .../net-single-nic-linux-bridge-with-vlans.j2.yaml | 2 +- .../net-single-nic-with-vlans-no-external.j2.yaml | 2 +- environments/net-single-nic-with-vlans-v6.j2.yaml | 2 +- environments/net-single-nic-with-vlans.j2.yaml | 2 +- environments/network-environment-v6.j2.yaml | 71 +- environments/network-environment.j2.yaml | 70 +- environments/neutron-bgpvpn-bagpipe.yaml | 3 +- environments/neutron-bgpvpn-opendaylight.yaml | 12 - environments/neutron-bgpvpn.yaml | 2 +- environments/neutron-l2gw-opendaylight.yaml | 18 - environments/neutron-l2gw.yaml | 5 +- environments/neutron-linuxbridge.yaml | 1 + environments/neutron-ml2-ansible.yaml | 8 + environments/neutron-ml2-bigswitch.yaml | 1 + environments/neutron-ml2-mlnx-sdn.yaml | 14 + environments/neutron-ml2-ovn-dvr-ha.yaml | 9 +- environments/neutron-ml2-ovn-dvr.yaml | 26 - environments/neutron-ml2-ovn-ha.yaml | 10 +- environments/neutron-ml2-ovn-hw-offload.yaml | 6 +- environments/neutron-ml2-ovn.yaml | 31 - environments/neutron-ml2-vpp.yaml | 4 +- environments/neutron-nuage-config.yaml | 3 +- environments/neutron-opendaylight-dpdk.yaml | 37 - environments/neutron-opendaylight-hw-offload.yaml | 31 - environments/neutron-opendaylight-sriov.yaml | 20 - environments/neutron-opendaylight.yaml | 15 - environments/neutron-ovs-dpdk-permissions.yaml | 15 - environments/neutron-ovs-dpdk.yaml | 2 +- environments/neutron-ovs-dvr.yaml | 20 +- environments/neutron-ovs-hw-offload.yaml | 24 - environments/neutron-sfc-opendaylight.yaml | 18 - environments/neutron-sfc.yaml | 1 + environments/neutron-sriov.yaml | 3 +- environments/no-tls-endpoints-public-ip.yaml | 117 ++ environments/nonha-arch.yaml | 10 +- environments/odl-dscp-marking-inheritance.yaml | 4 + environments/openshift-cns.yaml | 7 + environments/openshift.yaml | 12 - environments/ovs-dpdk-permissions.yaml | 20 + environments/ovs-hw-offload.yaml | 24 + environments/public-tls-undercloud.yaml | 1 - environments/puppet-ceph-devel.yaml | 24 - environments/puppet-ceph-external.yaml | 42 - environments/puppet-ceph.yaml | 16 - environments/services-baremetal/barbican.yaml | 4 + environments/services-baremetal/cinder-backup.yaml | 4 + environments/services-baremetal/collectd.yaml | 2 + environments/services-baremetal/congress.yaml | 2 + environments/services-baremetal/ec2-api.yaml | 2 + environments/services-baremetal/etcd.yaml | 2 + environments/services-baremetal/fluentd.yaml | 2 + .../services-baremetal/ironic-inspector.yaml | 2 + environments/services-baremetal/ironic.yaml | 7 + environments/services-baremetal/manila.yaml | 4 + environments/services-baremetal/mistral.yaml | 5 + .../neutron-bgpvpn-opendaylight.yaml | 12 + .../neutron-l2gw-opendaylight.yaml | 18 + .../services-baremetal/neutron-lbaasv2.yaml | 19 + .../services-baremetal/neutron-ml2-cisco-vts.yaml | 37 + .../neutron-opendaylight-dpdk.yaml | 37 + .../neutron-opendaylight-hw-offload.yaml | 31 + .../neutron-opendaylight-sriov.yaml | 22 + .../services-baremetal/neutron-opendaylight.yaml | 15 + .../services-baremetal/neutron-ovn-dvr-ha.yaml | 31 + .../services-baremetal/neutron-ovn-ha.yaml | 33 + .../services-baremetal/neutron-ovn-hw-offload.yaml | 44 + .../services-baremetal/neutron-ovs-dpdk.yaml | 11 + .../services-baremetal/neutron-ovs-hw-offload.yaml | 24 + environments/services-baremetal/neutron-sriov.yaml | 9 + environments/services-baremetal/octavia.yaml | 16 + environments/services-baremetal/sahara.yaml | 3 + environments/services-baremetal/sensu-client.yaml | 3 + environments/services-baremetal/tacker.yaml | 2 + .../services-baremetal/undercloud-aodh.yaml | 5 + .../services-baremetal/undercloud-ceilometer.yaml | 4 + .../services-baremetal/undercloud-cinder.yaml | 4 + .../services-baremetal/undercloud-gnocchi.yaml | 5 + .../services-baremetal/undercloud-haproxy.yaml | 2 + .../services-baremetal/undercloud-keepalived.yaml | 2 + .../services-baremetal/undercloud-panko.yaml | 2 + environments/services-baremetal/zaqar.yaml | 3 + environments/services-docker/barbican.yaml | 4 - environments/services-docker/cinder-backup.yaml | 4 - environments/services-docker/collectd.yaml | 2 - environments/services-docker/congress.yaml | 2 - environments/services-docker/ec2-api.yaml | 2 - environments/services-docker/etcd.yaml | 2 - environments/services-docker/fluentd.yaml | 2 - environments/services-docker/ironic-inspector.yaml | 2 - environments/services-docker/ironic.yaml | 7 - environments/services-docker/manila.yaml | 4 - environments/services-docker/mistral.yaml | 5 - .../neutron-bgpvpn-opendaylight.yaml | 12 - .../services-docker/neutron-l2gw-opendaylight.yaml | 18 - .../services-docker/neutron-ml2-cisco-vts.yaml | 37 - .../services-docker/neutron-opendaylight-dpdk.yaml | 37 - .../neutron-opendaylight-hw-offload.yaml | 31 - .../neutron-opendaylight-sriov.yaml | 22 - .../services-docker/neutron-opendaylight.yaml | 16 - .../services-docker/neutron-ovn-dvr-ha.yaml | 26 - environments/services-docker/neutron-ovn-dvr.yaml | 26 - environments/services-docker/neutron-ovn-ha.yaml | 33 - .../services-docker/neutron-ovn-hw-offload.yaml | 44 - environments/services-docker/neutron-ovn.yaml | 33 - environments/services-docker/neutron-ovs-dpdk.yaml | 11 - .../services-docker/neutron-ovs-hw-offload.yaml | 24 - environments/services-docker/neutron-sriov.yaml | 12 - environments/services-docker/octavia.yaml | 16 - environments/services-docker/sahara.yaml | 3 - environments/services-docker/sensu-client.yaml | 3 - .../services-docker/skydive-environment.yaml | 3 - environments/services-docker/tacker.yaml | 2 - environments/services-docker/undercloud-aodh.yaml | 5 - .../services-docker/undercloud-ceilometer.yaml | 4 - .../services-docker/undercloud-cinder.yaml | 4 - .../services-docker/undercloud-gnocchi.yaml | 5 - .../services-docker/undercloud-haproxy.yaml | 2 - .../services-docker/undercloud-keepalived.yaml | 2 - environments/services-docker/undercloud-panko.yaml | 2 - environments/services-docker/zaqar.yaml | 3 - environments/services/barbican.yaml | 2 +- environments/services/ceph-mds.yaml | 5 - environments/services/ceph-rbdmirror.yaml | 5 - environments/services/cinder-backup.yaml | 4 + environments/services/collectd.yaml | 2 + environments/services/congress.yaml | 2 + environments/services/ec2-api.yaml | 2 +- environments/services/etcd.yaml | 2 +- environments/services/fluentd.yaml | 2 + environments/services/ironic-inspector.yaml | 2 + environments/services/ironic.yaml | 10 +- environments/services/manila.yaml | 4 + environments/services/masquerade-networks.yaml | 7 + environments/services/mistral.yaml | 8 +- .../services/neutron-bgpvpn-opendaylight.yaml | 12 + .../services/neutron-l2gw-opendaylight.yaml | 18 + environments/services/neutron-lbaasv2.yaml | 13 +- environments/services/neutron-ml2-ansible.yaml | 7 + environments/services/neutron-ml2-cisco-vts.yaml | 37 + .../services/neutron-opendaylight-dpdk.yaml | 37 + .../services/neutron-opendaylight-hw-offload.yaml | 32 + .../services/neutron-opendaylight-sriov.yaml | 23 + environments/services/neutron-opendaylight.yaml | 16 + environments/services/neutron-ovn-dvr-ha.yaml | 34 + environments/services/neutron-ovn-ha.yaml | 35 + environments/services/neutron-ovn-hw-offload.yaml | 45 + environments/services/neutron-ovn-sriov.yaml | 17 + environments/services/neutron-ovs-dpdk.yaml | 11 + environments/services/neutron-ovs-dvr.yaml | 41 + environments/services/neutron-ovs-hw-offload.yaml | 24 + .../services/neutron-sfc-opendaylight.yaml | 9 + environments/services/neutron-sriov.yaml | 9 + environments/services/novajoin.yaml | 4 + environments/services/octavia.yaml | 15 +- environments/services/ptp.yaml | 1 + environments/services/qdr.yaml | 2 +- environments/services/sahara.yaml | 4 +- environments/services/sensu-client.yaml | 3 + environments/services/skydive-environment.yaml | 12 + environments/services/tacker.yaml | 2 + environments/services/tempest.yaml | 2 + environments/services/tripleo-ui.yaml | 2 + environments/services/undercloud-aodh.yaml | 7 + environments/services/undercloud-ceilometer.yaml | 6 + environments/services/undercloud-cinder.yaml | 6 + environments/services/undercloud-gnocchi.yaml | 7 + environments/services/undercloud-haproxy.yaml | 4 +- environments/services/undercloud-keepalived.yaml | 4 +- environments/services/undercloud-panko.yaml | 4 + environments/services/update-odl.yaml | 11 + environments/services/vpp.yaml | 1 + environments/services/zaqar.yaml | 4 +- environments/ssl/enable-internal-tls.yaml | 4 +- environments/ssl/enable-tls.yaml | 7 +- environments/ssl/no-tls-endpoints-public.yaml | 120 ++ environments/ssl/tls-endpoints-public-dns.yaml | 17 +- environments/ssl/tls-endpoints-public-ip.yaml | 17 +- environments/ssl/tls-everywhere-endpoints-dns.yaml | 17 +- environments/standalone.yaml | 90 + environments/storage-environment.yaml | 14 +- environments/storage/cinder-netapp-config.yaml | 2 +- environments/storage/enable-ceph.yaml | 39 - environments/storage/external-ceph.yaml | 78 - environments/storage/glance-nfs.yaml | 24 + environments/storage/nova-nfs.yaml | 30 + environments/tls-endpoints-public-dns.yaml | 17 +- environments/tls-endpoints-public-ip.yaml | 17 +- environments/tls-everywhere-endpoints-dns.yaml | 17 +- environments/tripleo-validations.yaml | 4 + environments/undercloud.yaml | 104 +- environments/updates/README.md | 3 + environments/updates/update-from-ceph-newton.yaml | 4 + .../veritas-hyperscale-config.yaml | 1 + extraconfig/all_nodes/mac_hostname.j2.yaml | 2 +- extraconfig/all_nodes/random_string.j2.yaml | 2 +- extraconfig/all_nodes/swap-partition.j2.yaml | 2 +- extraconfig/all_nodes/swap.j2.yaml | 2 +- .../nova_metadata/krb-service-principals.j2.yaml | 2 +- extraconfig/post_deploy/default.yaml | 2 +- extraconfig/post_deploy/example.yaml | 2 +- extraconfig/post_deploy/example_run_on_update.yaml | 2 +- extraconfig/post_deploy/standalone_post.sh | 26 + extraconfig/post_deploy/standalone_post.yaml | 90 + .../post_deploy/undercloud_ctlplane_network.py | 273 +++ extraconfig/post_deploy/undercloud_post.sh | 121 +- extraconfig/post_deploy/undercloud_post.yaml | 122 +- .../rhel-registration/rhel-registration.yaml | 2 +- .../rhel-registration/scripts/rhel-registration | 3 +- extraconfig/pre_network/ansible_host_config.yaml | 58 - extraconfig/pre_network/boot-params-service.yaml | 105 ++ extraconfig/pre_network/boot_param_tasks.yaml | 85 + extraconfig/pre_network/config_then_reboot.yaml | 2 +- .../pre_network/host_config_and_reboot.yaml | 62 +- extraconfig/services/ipsec.yaml | 2 +- extraconfig/services/kubernetes-master.yaml | 2 +- extraconfig/services/kubernetes-worker.yaml | 2 +- extraconfig/services/openshift-cns.yaml | 140 ++ extraconfig/services/openshift-master.yaml | 278 ++- extraconfig/services/openshift-worker.yaml | 78 +- extraconfig/services/rhsm.yaml | 4 +- extraconfig/services/skydive-agent.yaml | 40 + extraconfig/services/skydive-analyzer.yaml | 170 ++ .../tasks/instanceha/check-run-nova-compute | 200 +++ extraconfig/tasks/post_puppet_pacemaker.j2.yaml | 2 +- .../tasks/post_puppet_pacemaker_restart.yaml | 2 +- extraconfig/tasks/pre_puppet_pacemaker.yaml | 2 +- extraconfig/tasks/ssh/host_public_key.yaml | 7 +- extraconfig/tasks/ssh/known_hosts_config.yaml | 42 +- extraconfig/tasks/tripleo_upgrade_node.sh | 43 - extraconfig/tasks/yum_update.sh | 165 -- extraconfig/tasks/yum_update.yaml | 34 - extraconfig/tasks/yum_update_noop.yaml | 29 - firstboot/conntectx3_streering.yaml | 31 + firstboot/os-net-config-mappings.yaml | 2 +- firstboot/userdata_default.yaml | 2 +- firstboot/userdata_dev_rsync.yaml | 2 +- firstboot/userdata_example.yaml | 2 +- firstboot/userdata_heat_admin.yaml | 2 +- firstboot/userdata_root_password.yaml | 2 +- hosts-config.yaml | 2 +- lower-constraints.txt | 165 ++ net-config-bond.j2.yaml | 25 +- net-config-bridge.j2.yaml | 33 +- net-config-linux-bridge.j2.yaml | 35 +- net-config-noop.j2.yaml | 33 +- net-config-standalone.j2.yaml | 114 ++ ...config-static-bridge-with-external-dhcp.j2.yaml | 35 +- net-config-static-bridge.j2.yaml | 35 +- net-config-static.j2.yaml | 35 +- net-config-undercloud.j2.yaml | 94 +- network/config/bond-with-vlans/README.md | 11 +- .../config/bond-with-vlans/compute-dpdk.j2.yaml | 162 -- .../bond-with-vlans/controller-no-external.j2.yaml | 88 +- .../config/bond-with-vlans/controller-v6.j2.yaml | 97 +- network/config/bond-with-vlans/role.role.j2.yaml | 101 +- network/config/multiple-nics/README.md | 11 +- network/config/multiple-nics/compute-dvr.j2.yaml | 68 +- network/config/multiple-nics/controller-v6.j2.yaml | 80 +- network/config/multiple-nics/role.role.j2.yaml | 59 +- .../controller-v6.j2.yaml | 81 +- .../role.role.j2.yaml | 63 +- network/config/single-nic-vlans/README.md | 11 +- .../controller-no-external.j2.yaml | 47 +- .../config/single-nic-vlans/controller-v6.j2.yaml | 81 +- network/config/single-nic-vlans/role.role.j2.yaml | 59 +- network/endpoints/build_endpoint_map.py | 7 +- network/endpoints/endpoint_data.yaml | 63 +- network/endpoints/endpoint_map.yaml | 1784 +++++++++++++++----- network/network.j2 | 11 +- network/networks.j2.yaml | 2 +- network/ports/ctlplane_vip.yaml | 12 +- network/ports/from_service.yaml | 8 +- network/ports/from_service_v6.yaml | 8 +- network/ports/net_ip_list_map.j2.yaml | 2 +- network/ports/net_ip_map.j2.yaml | 10 +- network/ports/net_vip_map_external.j2.yaml | 2 +- network/ports/net_vip_map_external_v6.j2.yaml | 2 +- network/ports/noop.yaml | 13 +- network/ports/port.j2 | 13 +- network/ports/port_from_pool.j2 | 8 +- network/ports/vip.yaml | 12 +- network/ports/vip_v6.yaml | 12 +- network/scripts/run-os-net-config.sh | 17 +- network/service_net_map.j2.yaml | 17 +- network_data.yaml | 20 +- network_data_ganesha.yaml | 17 +- network_data_routed.yaml | 184 ++ overcloud-resource-registry-puppet.j2.yaml | 216 +-- overcloud.j2.yaml | 89 +- plan-samples/plan-environment-derived-params.yaml | 6 + puppet/all-nodes-config.j2.yaml | 160 +- puppet/deploy-artifacts.yaml | 2 +- .../all_nodes/neutron-midonet-all-nodes.yaml | 2 +- .../all_nodes/neutron-ml2-cisco-nexus-ucsm.j2.yaml | 2 +- .../pre_deploy/compute/neutron-ml2-bigswitch.yaml | 2 +- .../pre_deploy/controller/multiple.yaml | 2 +- .../controller/neutron-ml2-bigswitch.yaml | 2 +- .../controller/neutron-ml2-cisco-n1kv.yaml | 2 +- puppet/extraconfig/pre_deploy/default.yaml | 2 +- puppet/extraconfig/pre_deploy/per_node.yaml | 4 +- puppet/extraconfig/tls/ca-inject.yaml | 7 +- puppet/extraconfig/tls/freeipa-enroll.yaml | 2 +- puppet/extraconfig/tls/tls-cert-inject.yaml | 38 +- puppet/role.role.j2.yaml | 275 ++- puppet/services/README.rst | 40 +- puppet/services/aide.yaml | 4 +- puppet/services/aodh-api.yaml | 11 +- puppet/services/aodh-base.yaml | 48 +- puppet/services/aodh-evaluator.yaml | 2 +- puppet/services/aodh-listener.yaml | 2 +- puppet/services/aodh-notifier.yaml | 2 +- puppet/services/apache.j2.yaml | 47 +- puppet/services/auditd.yaml | 2 +- puppet/services/barbican-api.yaml | 57 +- puppet/services/barbican-backend-dogtag.yaml | 2 +- puppet/services/barbican-backend-kmip.yaml | 2 +- .../services/barbican-backend-pkcs11-crypto.yaml | 2 +- .../services/barbican-backend-simple-crypto.yaml | 2 +- puppet/services/ca-certs.yaml | 2 +- puppet/services/ceilometer-agent-central.yaml | 2 +- puppet/services/ceilometer-agent-compute.yaml | 2 +- puppet/services/ceilometer-agent-ipmi.yaml | 4 +- puppet/services/ceilometer-agent-notification.yaml | 2 +- puppet/services/ceilometer-base.yaml | 85 +- puppet/services/ceph-base.yaml | 176 -- puppet/services/ceph-client.yaml | 57 - puppet/services/ceph-external.yaml | 125 -- puppet/services/ceph-mds.yaml | 76 - puppet/services/ceph-mon.yaml | 187 -- puppet/services/ceph-osd.yaml | 135 -- puppet/services/ceph-rgw.yaml | 117 -- puppet/services/certmonger-user.yaml | 24 +- puppet/services/cinder-api.yaml | 21 +- puppet/services/cinder-backend-dellemc-unity.yaml | 4 +- .../cinder-backend-dellemc-vmax-iscsi.yaml | 4 +- puppet/services/cinder-backend-dellemc-vnx.yaml | 10 +- .../cinder-backend-dellemc-xtremio-iscsi.yaml | 91 + puppet/services/cinder-backend-dellps.yaml | 4 +- puppet/services/cinder-backend-dellsc.yaml | 4 +- puppet/services/cinder-backend-netapp.yaml | 6 +- puppet/services/cinder-backend-nvmeof.yaml | 74 + puppet/services/cinder-backend-pure.yaml | 4 +- puppet/services/cinder-backend-scaleio.yaml | 4 +- .../cinder-backend-veritas-hyperscale.yaml | 4 +- puppet/services/cinder-backup.yaml | 26 +- puppet/services/cinder-base.yaml | 48 +- puppet/services/cinder-hpelefthand-iscsi.yaml | 4 +- puppet/services/cinder-scheduler.yaml | 2 +- puppet/services/cinder-volume.yaml | 15 +- puppet/services/congress.yaml | 63 +- puppet/services/container-image-prepare.j2.yaml | 109 ++ puppet/services/database/mongodb-base.yaml | 2 +- puppet/services/database/mongodb.yaml | 11 +- puppet/services/database/mysql-client.yaml | 9 +- puppet/services/database/mysql.yaml | 17 +- puppet/services/database/redis-base.yaml | 16 +- puppet/services/database/redis.yaml | 10 +- puppet/services/designate-api.yaml | 119 ++ puppet/services/designate-base.yaml | 92 + puppet/services/designate-central.yaml | 100 ++ puppet/services/designate-mdns.yaml | 100 ++ puppet/services/designate-producer.yaml | 77 + puppet/services/designate-sink.yaml | 77 + puppet/services/designate-worker.yaml | 98 ++ .../services/disabled/ceilometer-api-disabled.yaml | 45 - .../disabled/ceilometer-collector-disabled.yaml | 42 - .../disabled/ceilometer-expirer-disabled.yaml | 44 - .../disabled/glance-registry-disabled.yaml | 20 +- .../disabled/heat-api-cloudwatch-disabled.yaml | 26 +- puppet/services/disabled/mongodb-disabled.yaml | 2 +- puppet/services/docker-registry.yaml | 32 +- puppet/services/docker.yaml | 124 +- puppet/services/ec2-api.yaml | 17 +- puppet/services/etcd.yaml | 11 +- puppet/services/external-swift-proxy.yaml | 2 +- puppet/services/glance-api.yaml | 133 +- puppet/services/gnocchi-api.yaml | 30 +- puppet/services/gnocchi-base.yaml | 9 +- puppet/services/gnocchi-metricd.yaml | 2 +- puppet/services/gnocchi-statsd.yaml | 2 +- .../haproxy-internal-tls-certmonger.j2.yaml | 2 +- puppet/services/haproxy-public-tls-certmonger.yaml | 2 +- puppet/services/haproxy-public-tls-inject.yaml | 198 +++ puppet/services/haproxy.yaml | 26 +- puppet/services/heat-api-cfn.yaml | 18 +- puppet/services/heat-api.yaml | 18 +- puppet/services/heat-base.yaml | 135 +- puppet/services/heat-engine.yaml | 21 +- puppet/services/horizon.yaml | 11 +- puppet/services/ironic-api.yaml | 38 +- puppet/services/ironic-base.yaml | 33 +- puppet/services/ironic-conductor.yaml | 142 +- puppet/services/ironic-inspector.yaml | 85 +- puppet/services/ironic-neutron-agent.yaml | 87 + puppet/services/iscsid.yaml | 2 +- puppet/services/keepalived.yaml | 2 +- puppet/services/kernel.yaml | 44 +- puppet/services/keystone.yaml | 67 +- puppet/services/liquidio-compute-config.yaml | 2 +- puppet/services/logging/fluentd-config.yaml | 2 +- puppet/services/logging/fluentd.yaml | 4 +- puppet/services/login-defs.yaml | 2 +- puppet/services/manila-api.yaml | 11 +- puppet/services/manila-backend-cephfs.yaml | 6 +- puppet/services/manila-backend-isilon.yaml | 2 +- puppet/services/manila-backend-netapp.yaml | 2 +- puppet/services/manila-backend-unity.yaml | 17 +- puppet/services/manila-backend-vmax.yaml | 4 +- puppet/services/manila-backend-vnx.yaml | 19 +- puppet/services/manila-base.yaml | 47 +- puppet/services/manila-scheduler.yaml | 2 +- puppet/services/manila-share.yaml | 3 +- puppet/services/masquerade-networks.yaml | 47 + puppet/services/memcached.yaml | 41 +- .../services/messaging/notify-rabbitmq-shared.yaml | 63 + puppet/services/messaging/notify-rabbitmq.yaml | 145 ++ puppet/services/messaging/rpc-qdrouterd.yaml | 101 ++ puppet/services/messaging/rpc-rabbitmq.yaml | 146 ++ puppet/services/metrics/collectd.yaml | 249 ++- puppet/services/mistral-api.yaml | 39 +- puppet/services/mistral-base.yaml | 50 +- puppet/services/mistral-engine.yaml | 22 +- puppet/services/mistral-event-engine.yaml | 4 +- puppet/services/mistral-executor.yaml | 12 +- puppet/services/monitoring/sensu-base.yaml | 2 +- puppet/services/monitoring/sensu-client.yaml | 4 +- puppet/services/neutron-api.yaml | 22 +- puppet/services/neutron-base.yaml | 53 +- puppet/services/neutron-bgpvpn-api.yaml | 2 +- puppet/services/neutron-bgpvpn-bagpipe.yaml | 2 +- puppet/services/neutron-bigswitch-agent.yaml | 2 +- .../services/neutron-compute-plugin-midonet.yaml | 2 +- puppet/services/neutron-compute-plugin-nuage.yaml | 2 +- .../services/neutron-compute-plugin-plumgrid.yaml | 2 +- puppet/services/neutron-dhcp.yaml | 10 +- puppet/services/neutron-l2gw-agent.yaml | 2 +- puppet/services/neutron-l2gw-api.yaml | 2 +- puppet/services/neutron-l3-compute-dvr.yaml | 4 +- puppet/services/neutron-l3.yaml | 26 +- puppet/services/neutron-lbaas-agent.yaml | 70 + puppet/services/neutron-lbaas-api.yaml | 56 + puppet/services/neutron-lbaas.yaml | 83 - puppet/services/neutron-linuxbridge-agent.yaml | 11 +- puppet/services/neutron-metadata.yaml | 4 +- puppet/services/neutron-midonet.yaml | 2 +- puppet/services/neutron-ovs-agent.yaml | 17 +- puppet/services/neutron-ovs-dpdk-agent.yaml | 16 +- puppet/services/neutron-plugin-ml2-ansible.yaml | 62 + puppet/services/neutron-plugin-ml2-cisco-vts.yaml | 9 +- .../services/neutron-plugin-ml2-fujitsu-cfab.yaml | 4 +- .../services/neutron-plugin-ml2-fujitsu-fossw.yaml | 5 +- .../neutron-plugin-ml2-mlnx-sdn-assist.yaml | 74 + puppet/services/neutron-plugin-ml2-nuage.yaml | 14 +- puppet/services/neutron-plugin-ml2-odl.yaml | 4 +- puppet/services/neutron-plugin-ml2-ovn.yaml | 21 +- puppet/services/neutron-plugin-ml2.yaml | 21 +- puppet/services/neutron-plugin-nsx.yaml | 2 +- puppet/services/neutron-plugin-nuage.yaml | 4 +- puppet/services/neutron-plugin-plumgrid.yaml | 3 +- puppet/services/neutron-sfc-api.yaml | 2 +- puppet/services/neutron-sriov-agent.yaml | 10 +- puppet/services/neutron-sriov-host-config.yaml | 10 +- puppet/services/neutron-vpp-agent.yaml | 6 +- puppet/services/nova-api.yaml | 60 +- puppet/services/nova-base.yaml | 142 +- puppet/services/nova-compute.yaml | 108 +- puppet/services/nova-conductor.yaml | 2 +- puppet/services/nova-consoleauth.yaml | 2 +- puppet/services/nova-ironic.yaml | 3 +- puppet/services/nova-libvirt-guests.yaml | 73 + puppet/services/nova-libvirt.yaml | 119 +- puppet/services/nova-metadata.yaml | 25 +- puppet/services/nova-migration-target.yaml | 26 +- puppet/services/nova-placement.yaml | 16 +- puppet/services/nova-scheduler.yaml | 2 +- puppet/services/nova-vnc-proxy.yaml | 127 +- puppet/services/octavia-api.yaml | 30 +- puppet/services/octavia-base.yaml | 52 +- puppet/services/octavia-health-manager.yaml | 16 +- puppet/services/octavia-housekeeping.yaml | 4 +- puppet/services/octavia-worker.yaml | 17 +- puppet/services/opendaylight-api.yaml | 53 +- puppet/services/opendaylight-ovs.yaml | 164 +- puppet/services/openvswitch.yaml | 68 +- puppet/services/ovn-controller.yaml | 16 +- puppet/services/ovn-dbs.yaml | 9 +- puppet/services/ovn-metadata.yaml | 20 +- puppet/services/pacemaker.yaml | 27 +- puppet/services/pacemaker/ceph-rbdmirror.yaml | 62 - puppet/services/pacemaker/cinder-backup.yaml | 4 +- puppet/services/pacemaker/cinder-volume.yaml | 4 +- puppet/services/pacemaker/compute-instanceha.yaml | 2 +- puppet/services/pacemaker/database/mysql.yaml | 10 +- puppet/services/pacemaker/database/redis.yaml | 8 +- puppet/services/pacemaker/haproxy.yaml | 3 +- puppet/services/pacemaker/manila-share.yaml | 2 +- puppet/services/pacemaker/ovn-dbs.yaml | 2 +- puppet/services/pacemaker/rabbitmq.yaml | 2 +- puppet/services/pacemaker_remote.yaml | 4 +- puppet/services/panko-api.yaml | 13 +- puppet/services/panko-base.yaml | 3 +- puppet/services/qdr.yaml | 9 +- puppet/services/rabbitmq.yaml | 20 +- .../notes/mod_ssl-e7fd4db71189242e.yaml | 5 - puppet/services/sahara-api.yaml | 11 +- puppet/services/sahara-base.yaml | 48 +- puppet/services/sahara-engine.yaml | 2 +- puppet/services/securetty.yaml | 2 +- puppet/services/selinux.yaml | 48 + puppet/services/snmp.yaml | 6 +- puppet/services/sshd.yaml | 8 +- puppet/services/swift-base.yaml | 2 +- puppet/services/swift-dispersion.yaml | 2 +- puppet/services/swift-proxy.yaml | 67 +- puppet/services/swift-ringbuilder.yaml | 2 +- puppet/services/swift-storage.yaml | 9 +- puppet/services/tacker.yaml | 64 +- puppet/services/time/ntp.yaml | 21 +- puppet/services/time/ptp.yaml | 8 +- puppet/services/time/timezone.yaml | 2 +- puppet/services/tripleo-firewall.yaml | 2 +- puppet/services/tripleo-packages.yaml | 70 +- puppet/services/tripleo-ui.yaml | 111 ++ puppet/services/tripleo-validations.yaml | 42 + puppet/services/tuned.yaml | 2 +- puppet/services/veritas-hyperscale-controller.yaml | 2 +- puppet/services/vpp.yaml | 2 +- puppet/services/zaqar-api.yaml | 39 +- puppet/upgrade_config.yaml | 58 - ...EnablePublicTLS-parameter-b3fcd01af6f3c101.yaml | 9 + ...I-nova_catalog_admin_info-006ebda240f730a2.yaml | 5 + ...activate-memcached-debug.-41cfa69d4537cbd7.yaml | 5 + ...n-from-KeystoneUrl-output-fe4ce6f1a45849d3.yaml | 4 + ...add-cinder-backend-nvmeof-023d967980fcf7b8.yaml | 4 + ...cinder-backup-nfs-backend-0108fba91a3058ea.yaml | 7 + .../notes/add-docker-sfc-bda84d08b119a250.yaml | 4 + ...omposable-network-subnets-7076e3b7a466d5fd.yaml | 15 + ...ace-routes-in-nic-configs-1628993fcaf6095c.yaml | 8 + ...add-mistral-volumes-param-a97418faf7a09022.yaml | 7 + ...ing-ansible-containerized-de68f6c2fd6e05fc.yaml | 3 + .../add-purge-nova-tables-e0706cdcffa0f42e.yaml | 6 + ...dd_bios_interface_support-740a666a4ec629fc.yaml | 5 + ...egments_plugin_to_default-8acb69b112d4b31c.yaml | 5 + ...arams_to_configure_ulimit-2359aa058da58054.yaml | 15 + .../add_site_id_cisco_ml2-60cfa450637d4fe0.yaml | 5 + .../all-nodes-extra-map-data-b8c8829dfa7f1c26.yaml | 6 + ...tedhostnames-stack-output-02c9f93f9d1ce7d8.yaml | 4 + ...manila-share-typo-upgrade-82d9b3edea77b94a.yaml | 4 + .../notes/bug-1782123-7b08ab6503033dd3.yaml | 6 + ...-db-sync-overcloud-deploy-f323d85509ca81ec.yaml | 7 + ...heck-old-style-nic-config-4624a60e3303411b.yaml | 5 + ...inder-default-volume-type-cc21a256202eb476.yaml | 7 + .../notes/collectd-amqp1-a1d8773e8e7ff80e.yaml | 5 + ...ollectd-overcloud-gnocchi-049a63bbd196a9bb.yaml | 5 + .../notes/collectd-polling-4aac123faaebd1bc.yaml | 6 + .../compute-cpu-shared-set-be9da772ac8f7582.yaml | 16 + ...guests-state-on-host-boot-090507db3ffad0d4.yaml | 12 + .../compute-tuned-profile-cbe4e22b1e185c5e.yaml | 7 + ...-download-default-to-true-2331debd56c396eb.yaml | 10 + .../configure-ip-forward-268c165708cbd203.yaml | 5 + .../container-images-prepare-c446ed0b04c587f7.yaml | 14 + ...tron-lbaas-service-plugin-20562487d6631c88.yaml | 5 + ...ainerized-tempest-support-0ceaaf6427ce36e9.yaml | 6 + .../containers-as-default-37bbe8afa0a60c2b.yaml | 16 + ...t-resource-name-to-number-80ada6c825554f56.yaml | 5 + .../notes/ctlplane_fixed_ip-81d14db5a01fa531.yaml | 8 + .../custom-network-names-c62a57827d98eea5.yaml | 8 + ...fault-bootstrap-server-id-eff49ef40bfde414.yaml | 5 + ...ia-ssh-pub-key-to-keypair-70377d43bf76a407.yaml | 3 + ...a-cephfsnative-parameters-e24978c8b344573b.yaml | 11 + ...config-download-templates-3971fbf85b93846d.yaml | 7 + ...recate_auth_uri_parameter-bdebdc6614ce8b7e.yaml | 4 + .../notes/designate-support-b66127d9f4995db2.yaml | 5 + .../direct-deploy-by-default-bc78a63f0a0c6e15.yaml | 12 + .../notes/docker-bip-9a334c8f31a59b96.yaml | 10 + ...w-heat-deployment-outputs-1377270acbc5bc7e.yaml | 5 + .../external-update-upgrade-2d7bd96959ace08d.yaml | 11 + ...tom-script-to-switch-repo-a65db91760b46ec2.yaml | 30 + ...with-role-count-greater-1-10ce2010556e5b76.yaml | 5 + ...utron-cert-key-perms.yaml-efcc17f188798cc4.yaml | 5 + .../fix-odl-gui-feature-6525b8c6807fb784.yaml | 5 + ...ix-odl-missing-etc-config-87c33bc05f692f44.yaml | 5 + ...ovs-allowed-network-types-d196d6d40fadb1bc.yaml | 6 + ...fix-odl-ovs-vhostusermode-7bc2b64fd2676ca2.yaml | 10 + ...-odl-update-upgrade-cache-83004abe108971c1.yaml | 6 + ...tr-replace-hostname-issue-393fb6954f12f7e6.yaml | 10 + .../fix-tls-neutron-agents-c40d5fc779d53bfa.yaml | 6 + .../notes/fix_nova_host-0b82c88597703353.yaml | 9 + ...rchive-policy-deprecation-09c086e9a0f9af86.yaml | 5 + .../notes/hiera_net_ip_map-ff866b443a28bdc4.yaml | 9 + .../notes/ipxe_timeout-5824c87e849b1b50.yaml | 5 + ...or-use-dnsmasq_ip_subnets-abba77307e761b96.yaml | 8 + ...onic-networking-baremetal-29d9ad465565bb87.yaml | 4 + .../notes/ironic-rescue-cb1edecce357fc0b.yaml | 5 + .../notes/kernel_sysctl_role-d4f6a50d08b7a388.yaml | 7 + .../notes/l2gw-driver-change-1f5b11d5676c5015.yaml | 3 + ...bound_addr_all_transports-2fc9cd74d435a367.yaml | 9 + ...live_migration_port_range-54c28faf0a67a3fc.yaml | 11 + ...ogrotate-containers-purge-a5587253fe6cbb28.yaml | 15 + .../memcached_hardening-2529734099da27f4.yaml | 4 + .../notes/memcached_logging-f69ade3665a70a5c.yaml | 5 + .../merge_keys_from_services-cd17425d58b49840.yaml | 21 + .../notes/metrics-qdr-97c00cc8059963fa.yaml | 9 + .../notes/mistral_execs-5e1c363c9293504d.yaml | 12 + .../ml2-networking-ansible-0330b1203f0fc75c.yaml | 3 + releasenotes/notes/mod_ssl-e7fd4db71189242e.yaml | 5 + ...ount_task_to_common_place-d284378fb16f180a.yaml | 9 + .../neutron-cleanup-services-3a8579cd03fac953.yaml | 4 + ...tron-port-predictable-ips-857b8369ca81aa4c.yaml | 23 + .../notes/neutron_db_rename-bbfbce1c58cadc84.yaml | 5 + ...-script-handle-blank-line-f86553d7589826ed.yaml | 5 + .../notes/no-classic-drivers-9c59b696d8b50692.yaml | 8 + ...virt_queue_size_parameter-b4409a91c553ce1b.yaml | 6 + ...ova_nfs_default_secontext-5ad33675aaf0b521.yaml | 13 + ...a_novnc_proxy_ssl_support-edc7bc13d0cd6d2b.yaml | 8 + .../nova_qemu_enable_config-c89016b4d93802d6.yaml | 7 + .../nova_statedir_ownership-54c75dfe8ad64b4f.yaml | 7 + .../numa-aware-vswitches-cd8df5dd9b725230.yaml | 5 + ...ia-amphora-image-defaults-0d9efe1a0222b76d.yaml | 9 + .../octavia-amphora-ssh-245a21a35598440a.yaml | 3 + .../odl_delete_data_folder-b8c2f9a9382fd692.yaml | 3 + ..._dscp_marking_inheritance-41e41ff5f0c281d4.yaml | 9 + ...dl_stand_alone_log_config-5358ec26f7e7a970.yaml | 9 + .../notes/odl_upgrade-f5540d242b9a6b52.yaml | 2 +- ...o-ports-output-hostroutes-3c710bd9f5641101.yaml | 5 + ...ssaging-separate-backends-2d2221066f88f479.yaml | 4 + ...ha-fix-minor-update-issue-3a1206549e3b75aa.yaml | 7 + ...vn-remove-nonha-env-files-7b68a1e656b9f753.yaml | 8 + ...dns-servers-config-option-e8f91ad2a05df9a9.yaml | 6 + ..._agent_support_debug_mode-9d0656ce156a3c91.yaml | 4 + .../ovs-dpdk-permissions-50c5b33334ff4711.yaml | 9 + .../ovs-dpdk-perms-deprecate-cfddb148fce9656d.yaml | 7 + ...-remove-deprecated-params-9b4e46eb336301b2.yaml | 11 + ...pre_upgrade_rolling_tasks-6345e98e8283a907.yaml | 9 + .../rabbitmq-nr-mirrorqueues-7d0451756a67eab4.yaml | 10 + .../remove-odl-dlux-gui-4728de06c973cd53.yaml | 6 + ...-passwords-default-values-dd0cfdf7922ecf90.yaml | 7 + ...e-support-for-puppet-ceph-bdafca24a59e7075.yaml | 9 + ...ercloud-specific-services-23046e607565d36d.yaml | 6 + .../notes/remove-xinetd-859f2a31631774d1.yaml | 8 + ...e_upgrade_deployment_flag-872df40d7ff171b8.yaml | 7 + ...pecial-manila-docker-envs-5a376db667ddfd1c.yaml | 7 + ...upgrade-to-dvr-containers-bc876f82f3e9f139.yaml | 7 + .../notes/ssh_pass_auth-8cab3ca5a50d2a5a.yaml | 7 + ...stackrc-baremetal-version-309809c01105095f.yaml | 7 + ...efault-openstack-services-4ca49c6795bf8ccc.yaml | 11 + .../notes/tls-inject-86ef6706e68f5740.yaml | 13 + .../notes/tripleo-nova-nfs-ead2827338aa9519.yaml | 5 + .../tripleo-ssh-known-hosts-5c64b1a90d61d7f2.yaml | 9 + .../tripleo-validations-b231184816a9ab64.yaml | 5 + .../notes/undercloud-selinux-37fc6f69a9753109.yaml | 6 + ...ate-dellemc-vnx-templates-74a0596fac39b488.yaml | 11 + ...lb-mgmt-subnet-to-class-b-1cd832ef08a30c85.yaml | 11 + ...-pcmk-resource-by-default-ed54100721f55a30.yaml | 8 + ...pdate_manila_unity_driver-43aeb041029c4e7f.yaml | 5 + .../update_manila_vnx_driver-678b22c4fcd81fcf.yaml | 4 + .../notes/update_odl-cb997ce5c136ebb7.yaml | 19 + ...use-attr-interface-routes-dfbe74adce15da1d.yaml | 7 + ...aConfig-with-deprecations-2688f34fbc6de74a.yaml | 6 + ...ubnet-attrs-ctlplane-cidr-a02e14a251733726.yaml | 37 + ...rs-ctlplane-default-route-625ef5e414a65f2e.yaml | 25 + ...e-subnet-attrs-dnsservers-f751ec1125a9f787.yaml | 24 + ...ubnet-attrs-ec2metadataip-aa28f3c030f13c9c.yaml | 25 + ...te-no-config-outputs-used-8abcb673da6d373f.yaml | 6 + releasenotes/notes/vnc_tls-b3707d0134697cc7.yaml | 8 + .../notes/xtremio_cinder_c5572898724a11e7.yaml | 4 + ...aqar-use-redis-by-default-930f542dda895a31.yaml | 5 + releasenotes/source/index.rst | 1 + releasenotes/source/queens.rst | 6 + requirements.txt | 3 +- roles/BlockStorage.yaml | 1 + roles/CephAll.yaml | 2 +- roles/CephFile.yaml | 1 + roles/CephObject.yaml | 1 + roles/CephStorage.yaml | 1 + roles/Compute.yaml | 5 +- roles/ComputeAlt.yaml | 3 +- roles/ComputeDVR.yaml | 61 + roles/ComputeHCI.yaml | 5 +- roles/ComputeInstanceHA.yaml | 62 + roles/ComputeLiquidio.yaml | 7 +- roles/ComputeOvsDpdk.yaml | 9 +- roles/ComputeOvsDpdkRT.yaml | 6 +- roles/ComputePPC64LE.yaml | 61 + roles/ComputeRealTime.yaml | 4 +- roles/ComputeSriov.yaml | 7 +- roles/ComputeSriovRT.yaml | 5 +- roles/Controller.yaml | 22 +- roles/ControllerAllNovaStandalone.yaml | 14 +- roles/ControllerNoCeph.yaml | 22 +- roles/ControllerNovaStandalone.yaml | 13 +- roles/ControllerOpenstack.yaml | 14 +- roles/ControllerStorageNfs.yaml | 14 +- roles/Database.yaml | 1 + roles/HciCephAll.yaml | 5 +- roles/HciCephFile.yaml | 5 +- roles/HciCephMon.yaml | 5 +- roles/HciCephObject.yaml | 5 +- roles/IronicConductor.yaml | 1 + roles/Messaging.yaml | 7 +- roles/Networker.yaml | 2 + roles/Novacontrol.yaml | 1 + roles/ObjectStorage.yaml | 2 +- roles/OpenShiftMaster.yaml | 31 + roles/OpenShiftWorker.yaml | 23 + roles/README.rst | 6 +- roles/Standalone.yaml | 174 ++ roles/Telemetry.yaml | 3 + roles/Undercloud.yaml | 65 +- roles/UndercloudLight.yaml | 37 - roles_data.yaml | 31 +- roles_data_undercloud.yaml | 65 +- sample-env-generator/composable-roles.yaml | 7 +- sample-env-generator/enable-services.yaml | 27 + sample-env-generator/messaging.yaml | 35 + sample-env-generator/ssl.yaml | 197 ++- sample-env-generator/storage.yaml | 100 +- scripts/hosts-config.sh | 5 + test-requirements.txt | 7 +- tools/check-up-to-date.sh | 1 + tools/process-templates.py | 44 +- tools/yaml-nic-config-2-script.py | 123 +- tools/yaml-validate.py | 525 +++++- tox.ini | 15 +- zuul.d/layout.yaml | 92 +- 1042 files changed, 29168 insertions(+), 9845 deletions(-) Requirements updates -------------------- diff --git a/requirements.txt b/requirements.txt index ff25bfe..bda4743 100644 --- a/requirements.txt +++ b/requirements.txt @@ -5 +5,2 @@ pbr!=2.1.0,>=2.0.0 # Apache-2.0 -Jinja2!=2.9.0,!=2.9.1,!=2.9.2,!=2.9.3,!=2.9.4,>=2.8 # BSD License (3 clause) +PyYAML>=3.12 # MIT +Jinja2>=2.10 # BSD License (3 clause) diff --git a/test-requirements.txt b/test-requirements.txt index bfca8ca..7235018 100644 --- a/test-requirements.txt +++ b/test-requirements.txt @@ -3,0 +4 @@ +hacking>=0.11.0,<0.12 # Apache-2.0 @@ -5,2 +6,2 @@ openstackdocstheme>=1.18.1 # Apache-2.0 -PyYAML>=3.10 # MIT -Jinja2!=2.9.0,!=2.9.1,!=2.9.2,!=2.9.3,!=2.9.4,>=2.8 # BSD License (3 clause) +PyYAML>=3.12 # MIT +Jinja2>=2.10 # BSD License (3 clause) @@ -8 +9 @@ six>=1.10.0 # MIT -sphinx!=1.6.6,>=1.6.2 # BSD +sphinx!=1.6.6,!=1.6.7,>=1.6.2 # BSD
participants (1)
-
no-reply@openstack.org