aboutsummaryrefslogtreecommitdiffstats
path: root/network
AgeCommit message (Collapse)AuthorFilesLines
2017-10-09Fix cold/live migration network configOliver Walsh1-1/+0
Cold migration network is determined by the value of my_ip in nova.conf. If this isn't set then the network with the default gateway will be used. This patch sets my_ip and the whitelisted IP for cold migation over SSH to the NovaApiNetwork. Until https://bugs.launchpad.net/nova/+bug/1671288 is fixed we cannot control the network used for live migration over SSH. It is determined by hostname resolution. This patch sets the whitelisted IP for live migration over SSH to the hostname resolution network for the role - which is typically the same as NovaApiNetwork. (NB The puppet manifest will remove duplicates). Live migration over TLS is not affected. It can control the network used so it configurable via NovaLibvirtNetwork. Change-Id: Ica3f79d6d0cfae446e276172146f3a9407f2971f Depends-On: Id22a6c990f424b9f3ca6159088540ea207460ffd (cherry picked from commit 23331889a577b82b625610a80ecd44e164fe6cf1)
2017-10-07Merge "Fixes missing type for heat param TenantNetName" into stable/pikeJenkins1-24/+0
2017-10-07Fixes missing type for heat param TenantNetNameTim Rozet1-24/+0
Closes-Bug: 1720823 Change-Id: I239cc9f827fe99a553f9c18b80336bc6ce0b1d14 Signed-off-by: Tim Rozet <trozet@redhat.com> (cherry picked from commit ba5436099d37898e418406f8b4376923e14f4c89)
2017-10-04Fixes heat resource name for Internal API NetworkTim Rozet1-4/+2
With the dynamic Jinja2 rendering for networks, the heat resource for Internal API network was accidentally being renamed to: OS::TripleO::Network::Internal when it should be the same as previous versions: OS::TripleO::Network::InternalApi This patch removes the 'compat_name' which was overriding the network name for rendering the resource. This patch also removes the compat_name functionality from the network/networks.j2.yaml file since it is no longer needed. Closes-Bug: 1718764 Change-Id: If756cddd91933edb303cc056515d98b941a3eb14 Signed-off-by: Tim Rozet <trozet@redhat.com> (cherry picked from commit 97244b942d29d2b5acd7a3eb07acdba0d9b99677)
2017-09-22Fix upgrades that use Management networkDan Sneddon1-71/+0
Upgrades from older versions using Management network fail. This patch enables the management network even though it is not enabled in any of the role definitions. This will allow upgrades to complete using existing network environment files, without requiring operators to switch to the new method for defining which networks are attached to roles. Eventually these older environment files will be removed. Change-Id: Iadd12a559f0ad6918958a1355f189187fd327363 Closes-bug: 1717123 (cherry picked from commit 5b9fbc2b2bfa00de2fe0f437f21e05e3fc09a53d)
2017-09-01Remove ipv6 specific network templatesDan Sneddon8-455/+108
This change renders the IPv6 versions of the isolated networks using j2. To allow for backward compatibility, there will be 2 versions of the network definitions, <network>.yaml and <network>_v6.yaml. If the ip_subnet contains an IPv6 address, or if ipv6: true is set on the network definition in network_data.yaml, then the <network>.yaml version will contain an IPv6 definition, otherwise the <network>.yaml will be IPv4, and the <network>_v6.yaml will be IPv6. In a future follow-up patch, we will probably only create the required versions of the networks, either IPv4, IPv6, not both. The ipv6_subnet, ipv6_allocation_pools, and ipv6_gateway settings in the network_data.yaml definition file are used for the <network>_v6.yaml network definition. Note that these subnet/cidr/gateway definitions only set the defaults, which can be overridden with parameters set in an environment file. Since the parameters for IP and subnet range are the same (e.g. InternalApiNetCidr applies to both IPv4/v6), only one version can be used at a time. If an operator wishes to use dual-stack IPv4/IPv6, then two different networks should be created, and both networks can be applied to a single interface. Note that the workflow for the operator is the same as before this change, but a new example template has been added to environments/network-environment-v6.yaml. Change-Id: I0e674e4b1e43786717ae6416571dde3a0e11a5cc Partially-Implements: blueprint composable-networks Closes-bug: 1714115 (cherry picked from commit dd299f08bd6b1df43760148d83ce9b6e09ba6572)
2017-08-26Handle failure of carrier check in configure_safe_defaults()Bob Fournier1-3/+4
Configure_safe_defaults() should handle carrier check failures in the same way as the change that was made to dhcp-all-interfaces.sh in https://review.openstack.org/#/c/419527/. That is, it should ignore failures when cat'ing the carrier file. Change-Id: I100a40835d0ccecee9b4851aae6366c6ab4813a5 Closes-Bug: 1712687 (cherry picked from commit ed976d285caab1858f0b6e74e14a723113d27052)
2017-08-21Render port templates via j2Steven Hardy29-1372/+91
Remove these from the j2 excludes and instead render all the networks to avoid duplication. Change-Id: Id8e14e06ffe959c50456b4c88fef306046a8b478 Partially-Implements: blueprint composable-networks
2017-08-17Merge "Render IP map and host maps according to network_data.yaml"Jenkins37-306/+163
2017-08-16Merge "Render VIPs dynamically based on network_data.yaml"Jenkins4-156/+85
2017-08-16Render IP map and host maps according to network_data.yamlDan Sneddon37-306/+163
This change renders the network IP maps and hostname maps for all networks defined in network_data.yaml. This should make it possible to create custom networks that will be rendered for all applicable roles. Note that at this time all networks will be rendered whether they are enabled or not. All networks will be present in all roles, but ports will be associated with noop.yaml in roles that do not use the network. This is in accordance with previous behavior, although we may wish to change this in the future to limit the size of the role definitions and reduce the number of placeholder resources in deployments with many networks. Note that this patch is a replacement for original patch https://review.openstack.org/#/c/486280, which I was having trouble rebasing to current. Change-Id: I445b008fc1240af57c2b76a5dbb6c751a05b7a2a Depends-on: I662e8d0b3737c7807d18c8917bfce1e25baa3d8a Partially-implements: blueprint composable-networks
2017-08-15Convert network templates to be rendered via j2Steven Hardy20-429/+30
Use the network.network.j2.yaml to render these files, instead of relying on the hard-coded versions. Note this doesn't currently consider the _v6 templates as we may want to deprecate these and instead rely on an ipv6 specific network_data file, or perhaps make the network/network.network.j2.yaml generic and able to detect the version from the cidr? Change-Id: I662e8d0b3737c7807d18c8917bfce1e25baa3d8a Partially-Implements: blueprint composable-networks
2017-08-11Merge "Keep dynamic network creation backward compatible."Jenkins1-3/+4
2017-08-08Fix cidr get_attr in custom networksGiulio Fidente13-14/+13
We were missing the square brackets around the list of arguments for get_attr when building the networks cidr output. This passed CI because Heat does not fail validation and Ceph (which is consuming the cidr output) is tested with a single network (ctlplane) which does not build the output using the same templates. Change-Id: I40bba0784a30295cb0d4eda1fbff20ebac85db99 Closes-Bug: #1709464
2017-08-08Keep dynamic network creation backward compatible.Sofer Athlan-Guyot1-3/+4
We had an history mapping for InternalApi to InternalNetwork. If we remove it then heat will want to destroy InternalNetwork and create InternalApi which cannot work during upgrade. This adds compat name parameters to network_data.yaml. Closes-Bug: #1709105 Change-Id: I8ce6419a5e13a13ee6e991db5ca2196763f52d7a
2017-08-04Render VIPs dynamically based on network_data.yamlDan Sneddon4-156/+85
This change modifies the templates to dynamically define the VIPs based on network_data.yaml. If a network is defined and marked with "vip: true" in network_data.yaml, it will be included in the overcloud.yaml which defines the deployment-level resources. This should make it possible to create custom networks and use them for services which use high-availability through VIPs. Also, extraconfig/nova_metadata/krb-service-pricipals.yaml was modified to dynamically produce the FQDN map for VIPs on isolated networks, to match overcloud.j2.yaml. Depends-On: If074f87494a46305c990a0ea332c7b576d3c6ed8 Depends-On: Iab8aca2f1fcaba0c8f109717a4b3068f629c9aab Partially-implements: blueprint composable-networks Closes-bug: 1667104 Change-Id: I71339a6ac41133e95dbc3f93abb7a9fdeb0f2da0
2017-08-03Merge "Make many networking parameters consistent"Jenkins32-36/+51
2017-08-03Merge "Render isolated network templates using jinja2"Jenkins4-11/+229
2017-08-02Make many networking parameters consistentBen Nemec32-36/+51
These are mostly the low hanging fruit that only required a few minor changes to fix. There are more that require a lot of changes or might be more controversial that will be done later. Change-Id: I55cebc92ef37a3bb167f5fae0debe77339395e62 Partial-Bug: 1700664
2017-07-26Render isolated network templates using jinja2Dan Sneddon4-11/+229
This change adds templates that are used to create network and port definition templates for each network that is defined in network_data.yaml. In order to render the templates, additional fields have been added to the network_data.yaml file. If this optional data is present, it will be used to populate the default parameter values in the network template. The only required parameters in the network_data.yaml file is the network name. If the network will have IPv6 addresses, then ipv6: true must be set on the network. The existing networks have been modeled in the network_data.yaml, but until these templates are removed from the j2_excludes.yaml file they will not be generated on the fly. Any additional networks will have templates generated. This change also removes an unnecessary conditional from the networks.j2.yaml file, since InternalApiNetwork doesn't need to be reformatted as InternalNetwork (it's only used in this one file). A follow-up patch will remove the existing network definitions so all networks are created dynamically. Change-Id: If074f87494a46305c990a0ea332c7b576d3c6ed8 Depends-On: Iab8aca2f1fcaba0c8f109717a4b3068f629c9aab Partially-Implements: blueprint composable-networks
2017-07-25Contrail network realignement + DPDK enablementMichael Henkel4-2397/+331
This patch moves Contrail roles communication from public/external to internal_api network for OpenStack API. It also adds the option to enable dpdk. Monolithic firstboot script is broken down into small pre-network and per-node extraconfig scripts Change-Id: I296a3bf60cef6fa950fd71d6e68effe367d1e66b Closes-Bug: 1698422
2017-07-14Adds network/cidr mapping into a new service propertyGiulio Fidente13-1/+44
Makes it possible to resolve network subnets within a service template; the data is transported into a new property ServiceData wired into every service which hopefully is generic enough to be extended in the future and transport more data. Data can be consumed in service templates to set config values which need to know what is the subnet where a deamon operates (for example the Ceph Public vs Cluster network). Change-Id: I28e21c46f1ef609517175f7e7ee19e28d1c0cba2
2017-07-13Merge "Make CephValidationDelay/Retries default consistent"Jenkins1-0/+1
2017-07-13Merge "Make *AdminStateUp parameters consistent"Jenkins11-11/+11
2017-07-07Merge "Create NIC templates for Neutron Networker composable role"Jenkins4-0/+645
2017-07-07Merge "Add sample usage of StorageMgmt network for compute nodes"Jenkins4-24/+39
2017-06-28Make CephValidationDelay/Retries default consistentBen Nemec1-0/+1
Also fix one instance of ManagementIpSubnet that was missing a description. Change-Id: I7c5b31d9ef464cefee1dd6ae7ebb9c017cbbd894 Partial-Bug: 1700664
2017-06-27Make *AdminStateUp parameters consistentBen Nemec11-11/+11
Change-Id: I1849663744dc1ce9aba8067201c03090796df8bb Partial-Bug: 1700664
2017-06-27Merge "Provides a list of per-service ctlplane IPs to the workflows env"Jenkins1-0/+14
2017-06-26Merge "Add split-stack environments"Jenkins1-1/+1
2017-06-26Merge "Fix descriptions on bonding templates"Jenkins8-44/+31
2017-06-26Provides a list of per-service ctlplane IPs to the workflows envGiulio Fidente1-0/+14
Adds in the execution environment of the workflow steps a list of per-service network IPs. This can be used by the workflows to execute actions against the nodes hosting a given service. Change-Id: Id7c735d53f04f6ad848b2f9f1adaa3c84ecd2fcd Implements: blueprint tripleo-ceph-ansible
2017-06-22Merge "Fixes incorrect glance api network"Jenkins1-1/+1
2017-06-21Fix descriptions on bonding templatesDan Sneddon8-44/+31
This change updates the descriptions of bond paramters in the bonded network interface templates. Previously, only OVS bond settings were mentioned, and the description for the bond options constraints had extra whitespace. This change mentions settings for Linux bonds, and removes extra spaces. Change-Id: Id50c042ae4a3b9298e8de0364e315b9f8777b79f
2017-06-21Create NIC templates for Neutron Networker composable roleDan Sneddon4-0/+645
This change adds a Neutron Networker role to each of the sample NIC config directories. The Networker roles are similar to the controller roles, since they use the External interface for the default gateway, but they don't need any connection to the Storage or Storage Management networks. Partial-bug: 1633090 Partial-bug: 1625558 Change-Id: Ieb4a293ea71d942cbfbf732f29c6eb41c975d4eb
2017-06-21Fix fallback logic in run-os-net-config.shBen Nemec1-1/+1
The expression "${variable:-''}" with $variable unset results in a value that looks like "''", which will not pass a -z test, as I believe is intended in this code. Making the default value blank yields the correct behavior. Change-Id: I9fe98f3c69c797feb9c37da1ad8c7912a15bcecb Closes-Bug: 1699614
2017-06-21Fixes incorrect glance api networkTim Rozet1-1/+1
The glance API network was being set to storage and it should be internal_api. Closes-Bug: 1699535 Change-Id: I75bc05aeab999f0e3eb3f4ebaceb276e888addc9 Signed-off-by: Tim Rozet <trozet@redhat.com>
2017-06-21Add sample usage of StorageMgmt network for compute nodesGiulio Fidente4-24/+39
The hyperconverged-ceph.yaml environment file assumes there will be a StorageMgmt network deployed on compute nodes. This change adds commented examples to add such a network for the compute nodes in: bond-with-vland, multiple-nics, single-nic-linux-bridge-vlans and single-nic-vlans. Change-Id: I4535cc5ea2556730f91362bd5f859e8700cd24f6
2017-06-15Add split-stack environmentsJames Slagle1-1/+1
Add 2 new environments to faciltate deploying split-stack: environments/overcloud-baremetal.j2.yaml environments/overcloud-services.j2.yaml The environments are used to deploy 2 separate Heat stacks, one for just the baremetal+network configuration and one for the service configuration. In order to keep Heat's view of the server's hostname consistent across the 2 stacks the 2 environments set the same HostnameFormat with "overcloud" as the stack name. implements blueprint split-stack-default Change-Id: I0b3f282c08af6fecea8f136908b806db70bada46
2017-06-14Update Panko api portPradeep Kilambi2-4/+4
The current port conflicts with trove. This is updated in puppet module. See related change: https://review.openstack.org/#/c/471551/ Change-Id: Iefacb98320eef0bca782055e3da5d243993828d7
2017-05-20Merge "Add IronicInspector settings to the network map"Jenkins3-0/+256
2017-05-19Update the template_version alias for all the templates to pike.Carlos Camacho78-78/+78
Master is now the development branch for pike changing the release alias name. Change-Id: I938e4a983e361aefcaa0bd9a4226c296c5823127
2017-05-03Restrict nova migration ssh tunnelOliver Walsh1-0/+1
Specify the allowed networks for migration ssh tunneling. bp tripleo-cold-migration Change-Id: Iab022bdfb655e3c52fecebf416e75c9e981072ab Depends-on: Idb56acd1e1ecb5a5fd4d942969be428cc9cbe293
2017-04-21Merge "Add network_data.yaml to encapsulate list of networks for j2"Jenkins2-26/+17
2017-04-18Add IronicInspector settings to the network mapDan Prince3-0/+256
This will allow us to support adding ironic inspector services in follow up patches. Change-Id: I5e743f789ab7dd731bc7ad26226a92a4e71f95a1
2017-04-03Merge "Qpid dispatch router composable role"Jenkins1-0/+1
2017-03-31Remove EC2 endpoint from EndpointMapJuan Antonio Osorio Robles2-83/+0
We are removing this in favor of just using the keystone uri and appending /ec2tokens Change-Id: Idab78d61f3931818aa91faad2d68c1fe20f68db6
2017-03-29Qpid dispatch router composable roleJohn Eckersberg1-0/+1
Note: since it replaces rabbitmq, in order to aim for the smallest amount of changes the service_name is called 'rabbitmq' so all the other services do not need additional logic to use qdr. Depends-On: Idecbbabdd4f06a37ff0cfb34dc23732b1176a608 Change-Id: I27f01d2570fa32de91ffe1991dc873cdf2293dbc
2017-03-05Add network_data.yaml to encapsulate list of networks for j2Steven Hardy2-26/+17
This moves the hard-coded networks from the default environment, and provides the first step towards enabling composable networks. Co-Author: Dan Sneddon <dsneddon@redhat.com> Partial-Bug: #1633090 Depends-On: I9f818912bd8e2a3220e41c8ccbbab3d9063b4d72 Change-Id: I7793b8badede5450b05437c84d9b40c28de7546b
2017-02-25Merge "Don't assume default network names in net_ip*map"Jenkins2-43/+177