summaryrefslogtreecommitdiff
diff options
context:
space:
mode:
authorOliver Walsh <owalsh@redhat.com>2017-03-28 16:15:08 +0100
committerOliver Walsh <owalsh@redhat.com>2017-06-06 21:38:09 +0100
commitc7e1f282000789a0f4ac787455ce1379f1c9d918 (patch)
tree3758ee591140d6dc94f3c3c051859e79331ffdc8
parentf178f5ae280467ca4086b36f5ba8fc3fe198759c (diff)
Add migration SSH tunneling support
This enables nova cold migration. This also switches to SSH as the default transport for live-migration. The tripleo-common mistral action that generates passwords supplies the MigrationSshKey parameter that enables this. The TCP transport is no longer used for live-migration and the firewall port has been closed. Change-Id: I4e55a987c93673796525988a2e4cc264a6b5c24f Depends-On: I367757cbe8757d11943af7e41af620f9ce919a06 Depends-On: I9e7a1862911312ad942233ac8fc828f4e1be1dcf Depends-On: Iac1763761c652bed637cb7cf85bc12347b5fe7ec (cherry picked from commit 0271a63e52b961eab0da2f5c6a61811a7a1498f7) (cherry picked from commit 1eeedbc095c432082c9a6d08c4d15ece36769a52)
Notes
Notes (review): Code-Review+2: Alex Schultz <aschultz@redhat.com> Workflow+1: Emilien Macchi <emilien@redhat.com> Verified+2: Jenkins Submitted-by: Jenkins Submitted-at: Wed, 07 Jun 2017 19:04:01 +0000 Reviewed-on: https://review.openstack.org/471478 Project: openstack/tripleo-heat-templates Branch: refs/heads/stable/newton
-rw-r--r--puppet/services/nova-compute.yaml8
-rw-r--r--puppet/services/nova-libvirt.yaml1
-rw-r--r--releasenotes/notes/migration_over_ssh-003e2a92f5f5374d.yaml14
3 files changed, 22 insertions, 1 deletions
diff --git a/puppet/services/nova-compute.yaml b/puppet/services/nova-compute.yaml
index f7f2510..120cafc 100644
--- a/puppet/services/nova-compute.yaml
+++ b/puppet/services/nova-compute.yaml
@@ -75,6 +75,13 @@ parameters:
75 default: 75 default:
76 tag: openstack.nova.compute 76 tag: openstack.nova.compute
77 path: /var/log/nova/nova-compute.log 77 path: /var/log/nova/nova-compute.log
78 MigrationSshKey:
79 type: json
80 description: >
81 SSH key for migration.
82 Expects a dictionary with keys 'public_key' and 'private_key'.
83 Values should be identical to SSH public/private key files.
84 default: {}
78 85
79resources: 86resources:
80 NovaBase: 87 NovaBase:
@@ -107,6 +114,7 @@ outputs:
107 # we manage migration in nova common puppet profile 114 # we manage migration in nova common puppet profile
108 nova::compute::libvirt::migration_support: false 115 nova::compute::libvirt::migration_support: false
109 tripleo::profile::base::nova::manage_migration: true 116 tripleo::profile::base::nova::manage_migration: true
117 tripleo::profile::base::nova::migration_ssh_key: {get_param: MigrationSshKey}
110 tripleo::profile::base::nova::nova_compute_enabled: true 118 tripleo::profile::base::nova::nova_compute_enabled: true
111 nova::compute::rbd::libvirt_images_rbd_pool: {get_param: NovaRbdPoolName} 119 nova::compute::rbd::libvirt_images_rbd_pool: {get_param: NovaRbdPoolName}
112 nova::compute::rbd::libvirt_rbd_user: {get_param: CephClientUserName} 120 nova::compute::rbd::libvirt_rbd_user: {get_param: CephClientUserName}
diff --git a/puppet/services/nova-libvirt.yaml b/puppet/services/nova-libvirt.yaml
index bffd162..b774980 100644
--- a/puppet/services/nova-libvirt.yaml
+++ b/puppet/services/nova-libvirt.yaml
@@ -57,7 +57,6 @@ outputs:
57 tripleo.nova_libvirt.firewall_rules: 57 tripleo.nova_libvirt.firewall_rules:
58 '200 nova_libvirt': 58 '200 nova_libvirt':
59 dport: 59 dport:
60 - 16509
61 - 16514 60 - 16514
62 - '49152-49215' 61 - '49152-49215'
63 - '5900-5999' 62 - '5900-5999'
diff --git a/releasenotes/notes/migration_over_ssh-003e2a92f5f5374d.yaml b/releasenotes/notes/migration_over_ssh-003e2a92f5f5374d.yaml
new file mode 100644
index 0000000..45ca9fe
--- /dev/null
+++ b/releasenotes/notes/migration_over_ssh-003e2a92f5f5374d.yaml
@@ -0,0 +1,14 @@
1---
2features:
3 - |
4 Add support for cold migration over ssh.
5
6 This enables nova cold migration.
7
8 This also switches to SSH as the default transport for live-migration.
9 The tripleo-common mistral action that generates passwords supplies the
10 MigrationSshKey parameter that enables this.
11deprecations:
12 - |
13 The TCP transport is no longer used for live-migration and the firewall
14 port has been closed.