From 90b96136c3cc8d74159a45afdfd38ea054d5fc66 Mon Sep 17 00:00:00 2001
From: Tim Rozet <trozet@redhat.com>
Date: Fri, 18 Jan 2019 15:01:38 -0500
Subject: Fixes broken compute role update

We now insert the External network into the compute role after it was
removed upstream. However, the format has now changed for the network
specification. It no longer uses an Array, but instead uses a Dict. This
patch accounts for that case.

Also, adds new required arg --role-name to the NIC template merge tool.

Additionally, now undercloud is missing iptables rule to allow ssh
after undercloud install. This patch adds it via ansible.

Change-Id: Id3e4ecdfb1633ec4c58435c294f544a9625a106e
Signed-off-by: Tim Rozet <trozet@redhat.com>
---
 lib/ansible/playbooks/configure_undercloud.yml | 14 ++++++++++++--
 lib/ansible/playbooks/deploy_overcloud.yml     |  9 ++++++++-
 2 files changed, 20 insertions(+), 3 deletions(-)

diff --git a/lib/ansible/playbooks/configure_undercloud.yml b/lib/ansible/playbooks/configure_undercloud.yml
index 493cd1a1..545d32ad 100644
--- a/lib/ansible/playbooks/configure_undercloud.yml
+++ b/lib/ansible/playbooks/configure_undercloud.yml
@@ -168,12 +168,22 @@
             jump: ACCEPT
             source: "{{ nat_cidr }}"
             ctstate: ESTABLISHED,RELATED
-        - name: Undercloud NAT - Save iptables
-          shell: service iptables save
       become: yes
       when:
         - not nat_network_ipv6
         - nat
+    - name: Allow SSH in iptables
+      iptables:
+        action: insert
+        chain: INPUT
+        rule_num: 1
+        protocol: tcp
+        destination_port: 22
+        jump: ACCEPT
+      become: yes
+    - name: Undercloud NAT - Save iptables
+      shell: service iptables save
+      become: yes
     - name: fetch storage environment file
       fetch:
         src: /usr/share/openstack-tripleo-heat-templates/environments/storage-environment.yaml
diff --git a/lib/ansible/playbooks/deploy_overcloud.yml b/lib/ansible/playbooks/deploy_overcloud.yml
index 44470da2..9a405814 100644
--- a/lib/ansible/playbooks/deploy_overcloud.yml
+++ b/lib/ansible/playbooks/deploy_overcloud.yml
@@ -78,7 +78,13 @@
         ruby -e '
         require "yaml"
         data = YAML.load(File.read("/usr/share/openstack-tripleo-heat-templates/roles_data.yaml"))
-        data[1]["networks"].push("External")
+        if data[1]["networks"].is_a?(Array)
+          data[1]["networks"].push("External")
+        elsif data[1]["networks"].is_a?(Hash)
+          data[1]["networks"].merge!("External"=> { "subnet" => "external_subnet" })
+        else
+          raise "Unable to determine data to modify in roles_data.yaml"
+        end
         data[1]["default_route_networks"] = Array.new(["External"])
         File.open("/usr/share/openstack-tripleo-heat-templates/roles_data.yaml", "w") { |f| f.write(data.to_yaml) }
         '
@@ -115,6 +121,7 @@
       shell: >
         /usr/share/openstack-tripleo-heat-templates/tools/merge-new-params-nic-config-script.py
         -n /home/stack/network_data.yaml -t /home/stack/nics/{{ item }}.yaml --discard-comments True
+        --role-name Controller
       become: yes
       become_user: stack
       with_items:
-- 
cgit 1.2.3-korg