From 4a4bd9c06a55383ca700320dc4362b7be7a14d2d Mon Sep 17 00:00:00 2001 From: Takashi Kajinami Date: Tue, 18 Oct 2022 12:21:20 +0900 Subject: [PATCH] overcloud: Remove logic for unsupported old releases This change removes logic for releases older than train, because these releases are already EOLed. This covers only overcloud-* roles and playbooks and the other items will be covered by separate changes. Note that this change also removes the containerized_* variables because current active releases(>=Train) no longer supports non-containerized deployment. The containerized_overcloud_upgrade variable is still left because the variable is still required by the tripleo-ci-base-multinode-standard job template. Change-Id: If29ec2c2219a28a1f79db0e552e2c622c0a7bda6 --- playbooks/baremetal-full-overcloud-prep.yml | 2 +- ...node-overcloud-mixed-os-deploy-compute.yml | 1 - playbooks/multinode-overcloud-prep.yml | 1 - playbooks/multinode-overcloud-upgrade.yml | 3 -- .../tasks/adjust-mtu-dnsmasq-ironic.yml | 13 ------ .../tasks/allow-traffic-for-controller.yml | 17 ------- roles/baremetal-prep-overcloud/tasks/main.yml | 6 --- .../templates/adjust-interface-mtus.sh.j2 | 25 ----------- .../allow-traffic-for-controller.sh.j2 | 16 ------- roles/overcloud-deploy/defaults/main.yml | 25 ----------- .../overcloud-deploy/tasks/create-scripts.yml | 1 - roles/overcloud-deploy/tasks/pre-deploy.yml | 44 +------------------ .../templates/config-download.yaml.j2 | 4 +- .../templates/deployed_server_prepare.sh.j2 | 9 ---- .../templates/overcloud-deploy-cell.sh.j2 | 6 +-- .../templates/overcloud-deploy-post.sh.j2 | 24 ---------- .../templates/overcloud-deploy.sh.j2 | 6 +-- .../overcloud_baremetal_deploy.yaml.j2 | 2 +- roles/overcloud-prep-config/tasks/main.yml | 2 +- roles/overcloud-prep-containers/README.md | 1 - .../defaults/main.yml | 1 - .../overcloud-prep-containers/tasks/main.yml | 10 ----- .../tasks/overcloud-prep-containers.yml | 1 - .../templates/overcloud-prep-containers.sh.j2 | 29 +----------- .../tasks/create-scripts.yml | 1 - .../tasks/overcloud-prep-images.yml | 24 +--------- .../templates/overcloud-image-upload.sh.j2 | 2 - .../templates/overcloud-prep-images.sh.j2 | 2 +- .../templates/overcloud-prep-network.sh.j2 | 30 ------------- roles/overcloud-scale/README.md | 10 +---- roles/overcloud-ssl/library/tls_tht.py | 26 ++--------- 31 files changed, 16 insertions(+), 328 deletions(-) delete mode 100644 roles/baremetal-prep-overcloud/tasks/adjust-mtu-dnsmasq-ironic.yml delete mode 100644 roles/baremetal-prep-overcloud/tasks/allow-traffic-for-controller.yml delete mode 100644 roles/baremetal-prep-overcloud/templates/adjust-interface-mtus.sh.j2 delete mode 100644 roles/baremetal-prep-overcloud/templates/allow-traffic-for-controller.sh.j2 diff --git a/playbooks/baremetal-full-overcloud-prep.yml b/playbooks/baremetal-full-overcloud-prep.yml index eb565d513..4f989811f 100644 --- a/playbooks/baremetal-full-overcloud-prep.yml +++ b/playbooks/baremetal-full-overcloud-prep.yml @@ -27,7 +27,7 @@ hosts: undercloud gather_facts: false roles: - - {role: overcloud-prep-containers, when: containerized_overcloud|bool} + - role: overcloud-prep-containers tags: - overcloud-prep-containers diff --git a/playbooks/multinode-overcloud-mixed-os-deploy-compute.yml b/playbooks/multinode-overcloud-mixed-os-deploy-compute.yml index 463e2a03e..78c9e178a 100644 --- a/playbooks/multinode-overcloud-mixed-os-deploy-compute.yml +++ b/playbooks/multinode-overcloud-mixed-os-deploy-compute.yml @@ -6,7 +6,6 @@ - overcloud-prep-containers roles: - role: overcloud-prep-containers - when: containerized_overcloud|bool tasks: - name: Resolve dlrn_hash for periodic jobs (no content provider) when: not job.consumer_job | default(false) | bool diff --git a/playbooks/multinode-overcloud-prep.yml b/playbooks/multinode-overcloud-prep.yml index 7caaf1409..dee2e9c50 100644 --- a/playbooks/multinode-overcloud-prep.yml +++ b/playbooks/multinode-overcloud-prep.yml @@ -26,7 +26,6 @@ roles: - role: overcloud-prep-containers use_overcloud_mixed_upgrade: "{{ mixed_upgrade|default(false) }}" - when: containerized_overcloud|bool - name: Ensure openvswitch is started and enabled hosts: overcloud diff --git a/playbooks/multinode-overcloud-upgrade.yml b/playbooks/multinode-overcloud-upgrade.yml index 8d4bcf3d0..db0589771 100644 --- a/playbooks/multinode-overcloud-upgrade.yml +++ b/playbooks/multinode-overcloud-upgrade.yml @@ -49,9 +49,6 @@ - role: overcloud-prep-containers # This need the new repo in place. update_containers: true - # This enable us to run it even on non-containerized overcloud deployment - # ie, ffu upgrade where deployment is on newton. - containerized_overcloud: "{{ prep_container_upgrade_run|default(false) }}" # Do not overwrite the deployment log if any. overcloud_prep_containers_log: "upgrade_overcloud_prep_containers.log" overcloud_prep_containers_script: "upgrade_overcloud_prep_containers.sh" diff --git a/roles/baremetal-prep-overcloud/tasks/adjust-mtu-dnsmasq-ironic.yml b/roles/baremetal-prep-overcloud/tasks/adjust-mtu-dnsmasq-ironic.yml deleted file mode 100644 index bafff9625..000000000 --- a/roles/baremetal-prep-overcloud/tasks/adjust-mtu-dnsmasq-ironic.yml +++ /dev/null @@ -1,13 +0,0 @@ ---- - -- name: Copy over adjust interface mtus script template - template: - src: adjust-interface-mtus.sh.j2 - dest: "{{ working_dir }}/adjust-interface-mtus.sh" - mode: 0755 - -- name: Adjust MTU values and modify dnsmasq-ironic.conf - become: true - shell: > - "{{ working_dir }}"/adjust-interface-mtus.sh - when: step_adjust_mtu|bool diff --git a/roles/baremetal-prep-overcloud/tasks/allow-traffic-for-controller.yml b/roles/baremetal-prep-overcloud/tasks/allow-traffic-for-controller.yml deleted file mode 100644 index 606911d21..000000000 --- a/roles/baremetal-prep-overcloud/tasks/allow-traffic-for-controller.yml +++ /dev/null @@ -1,17 +0,0 @@ ---- - -- name: Copy over allow traffic script template - template: - src: allow-traffic-for-controller.sh.j2 - dest: "{{ working_dir }}/allow-traffic-for-controller.sh" - mode: 0755 - -- name: Allow traffic for the controller - become: true - shell: > - "{{ working_dir }}"/allow-traffic-for-controller.sh - when: - - network_isolation|bool - - undercloud_type == "baremetal" - - not overcloud_ipv6|bool - - release in ['newton','ocata','pike','queens'] or not containerized_undercloud|bool diff --git a/roles/baremetal-prep-overcloud/tasks/main.yml b/roles/baremetal-prep-overcloud/tasks/main.yml index 520121e48..6e82cfb87 100644 --- a/roles/baremetal-prep-overcloud/tasks/main.yml +++ b/roles/baremetal-prep-overcloud/tasks/main.yml @@ -1,8 +1,2 @@ --- -# this was fixed in queens/master -- include: adjust-mtu-dnsmasq-ironic.yml - when: release in ['newton', 'ocata', 'pike'] - -- include: allow-traffic-for-controller.yml - - include: install-upstream-ipxe.yml diff --git a/roles/baremetal-prep-overcloud/templates/adjust-interface-mtus.sh.j2 b/roles/baremetal-prep-overcloud/templates/adjust-interface-mtus.sh.j2 deleted file mode 100644 index a5ad72206..000000000 --- a/roles/baremetal-prep-overcloud/templates/adjust-interface-mtus.sh.j2 +++ /dev/null @@ -1,25 +0,0 @@ -#!/bin/bash - -set -eux - -### --start_docs - -## Adjust interface MTU valuesfor undercloud and overcloud -## ======================================================= - -## * Adjust interface mtus -## :: - -{% for interface in (mtu_interface) %} - ip link set {{ interface }} mtu {{ mtu }} - echo "MTU={{ mtu }}" >> /etc/sysconfig/network-scripts/ifcfg-{{ interface }} -{% endfor %} - -## * Modify dnsmasq-ironic.conf -## :: - -echo -e "\ndhcp-option-force=26,{{ mtu }}" >> /etc/dnsmasq-ironic.conf -systemctl restart 'neutron-*' -systemctl restart openstack-ironic-conductor - -### --stop_docs diff --git a/roles/baremetal-prep-overcloud/templates/allow-traffic-for-controller.sh.j2 b/roles/baremetal-prep-overcloud/templates/allow-traffic-for-controller.sh.j2 deleted file mode 100644 index 3f46b8dcb..000000000 --- a/roles/baremetal-prep-overcloud/templates/allow-traffic-for-controller.sh.j2 +++ /dev/null @@ -1,16 +0,0 @@ -#!/bin/bash - -set -eux - -### --start_docs - -## Add traffic for controller on baremetal undercloud -## ================================================== - -## * Modify iptables -## :: - -iptables -A BOOTSTACK_MASQ -s {{ network_isolation_ipv4_cidr }} ! -d {{ network_isolation_ipv4_cidr }} -j MASQUERADE -t nat -iptables-save > /etc/sysconfig/iptables - -### --stop_docs diff --git a/roles/overcloud-deploy/defaults/main.yml b/roles/overcloud-deploy/defaults/main.yml index 151213a69..af4195d42 100644 --- a/roles/overcloud-deploy/defaults/main.yml +++ b/roles/overcloud-deploy/defaults/main.yml @@ -49,30 +49,6 @@ use_git_tht_repo: false tht_branch: master overcloud_release: "{{ release }}" -# we generally assume that the argument to --control-flavor will -# always be the `oooq_control` that we create from the flavors: key. -# If the deployer needs to use a different name, she can configure a -# `flavor_map` key that will map overcloud roles to specific flavor -# names, like: -# -# flavor_map: -# control: my_special_control_flavor -# -# This is to avoid having to replace the flavor_args key wholesale for -# a single change. -# -flavor_args: >- - --control-flavor {{flavor_map.control - if flavor_map is defined and 'control' in flavor_map else 'oooq_control'}} - --compute-flavor {{flavor_map.compute - if flavor_map is defined and 'compute' in flavor_map else 'oooq_compute'}} - --ceph-storage-flavor {{flavor_map.ceph - if flavor_map is defined and 'ceph' in flavor_map else 'oooq_ceph'}} - --block-storage-flavor {{flavor_map.block - if flavor_map is defined and 'blockstorage' in flavor_map else 'oooq_blockstorage'}} - --swift-storage-flavor {{flavor_map.swift - if flavor_map is defined and 'objectstorage' in flavor_map else 'oooq_objectstorage'}} - timeout_args: "--timeout {{ deploy_timeout }}" set_overcloud_workers: true @@ -118,7 +94,6 @@ selinux_args: "" deploy_args: >- {{ libvirt_args }} - {{ flavor_args if release in ['newton','ocata','pike','queens','stein'] else '' }} {{ timeout_args }} {{ ntp_args }} {{ cloud_name_args }} diff --git a/roles/overcloud-deploy/tasks/create-scripts.yml b/roles/overcloud-deploy/tasks/create-scripts.yml index 5e3ef6f92..066a42673 100644 --- a/roles/overcloud-deploy/tasks/create-scripts.yml +++ b/roles/overcloud-deploy/tasks/create-scripts.yml @@ -120,7 +120,6 @@ - name: Set OS::TripleO::Services::IpaClient for novajoin-less deployment when: - enable_tls_everywhere|bool and not undercloud_enable_novajoin|bool - - release not in ['mitaka', 'liberty', 'newton'] template: src: "tls-everywhere.yaml.j2" dest: "{{ working_dir }}/tls-everywhere.yaml" diff --git a/roles/overcloud-deploy/tasks/pre-deploy.yml b/roles/overcloud-deploy/tasks/pre-deploy.yml index 22fc63af1..0f16761f4 100644 --- a/roles/overcloud-deploy/tasks/pre-deploy.yml +++ b/roles/overcloud-deploy/tasks/pre-deploy.yml @@ -111,14 +111,6 @@ when: - ntp_server|default('') -- name: enable pacemaker - set_fact: - pacemaker_args: >- - -e {{ overcloud_templates_path }}/environments/puppet-pacemaker.yaml - when: - - enable_pacemaker|bool - - not containerized_overcloud|bool - - name: use resource registry set_fact: resource_registry_nic_configs_args: >- @@ -164,22 +156,13 @@ - overcloud_nodes[0] is defined - overcloud_nodes[0].hostnamemap_override is defined -- name: set set overcloud SSL args for releases after mitaka +- name: set set overcloud SSL args set_fact: ssl_overcloud_args: >- -e {{ working_dir }}/enable-tls.yaml -e {{ overcloud_templates_path }}/environments/ssl/tls-endpoints-public-ip.yaml when: - ssl_overcloud|bool - - release not in ['mitaka', 'liberty'] - -- name: set overcloud SSL args fact for mitaka/liberty - set_fact: - ssl_overcloud_args: >- - -e {{ working_dir }}/enable-tls.yaml - when: - - ssl_overcloud|bool - - release in ['mitaka', 'liberty'] - name: set CA injection arg set_fact: @@ -203,7 +186,6 @@ -e {{ overcloud_templates_path }}/environments/ssl/enable-memcached-tls.yaml when: - enable_tls_everywhere|bool and undercloud_enable_novajoin|bool - - release not in ['mitaka', 'liberty', 'newton'] - name: set TLS everywhere fact with tripleo-ipa set_fact: @@ -215,12 +197,6 @@ -e {{ working_dir }}/tls-everywhere.yaml when: - enable_tls_everywhere|bool and not undercloud_enable_novajoin|bool - - release not in ['mitaka', 'liberty', 'newton'] - -- name: set validation_args fact for mitaka/liberty - set_fact: - validation_args: "--validation-errors-fatal --validation-warnings-fatal" - when: release in ['mitaka', 'liberty'] - name: disable L3 HA set_fact: @@ -236,28 +212,16 @@ workers_args: >- -e {{ overcloud_templates_path }}/environments/low-memory-usage.yaml when: - - release not in ['mitaka', 'liberty'] - set_overcloud_workers|bool - name: set container_args fact set_fact: container_args: >- - {% if release in ['pike', 'queens'] %} - -e {{ overcloud_templates_path }}/environments/docker.yaml - {% endif %} {% if enable_pacemaker|bool or osp_release is defined%} -e {{ overcloud_templates_path }}/environments/docker-ha.yaml {% endif %} - {% if release in ['ocata', 'pike', 'queens'] %} - -e {{ working_dir }}/containers-default-parameters.yaml - {% else %} -e {{ working_dir }}/containers-prepare-parameter.yaml - {% endif %} - {% if release not in ['pike', 'queens'] %} -e {{ overcloud_templates_path }}/environments/{{ overcloud_container_cli }}.yaml - {% endif %} - when: - - containerized_overcloud|bool - name: set composable roles args fact set_fact: @@ -286,9 +250,6 @@ set_fact: multinode_args: >- -e {{ overcloud_templates_path }}/environments/deployed-server-environment.yaml - {% if release in ['queens', 'stein'] and overcloud_release|default('') in ['queens', 'stein'] %} - -e {{ overcloud_templates_path }}/environments/deployed-server-bootstrap-environment-centos.yaml - {% endif %} --overcloud-ssh-user {{ undercloud_user }} {% if not undercloud_enable_nova|bool %} --deployed-server @@ -306,9 +267,6 @@ hypervisor_wait: false multinode_args: >- -e {{ overcloud_templates_path }}/environments/deployed-server-environment.yaml - {% if release in ['queens', 'stein'] and overcloud_release|default('') in ['queens', 'stein'] %} - -e {{ overcloud_templates_path }}/environments/deployed-server-bootstrap-environment-centos.yaml - {% endif %} -e {{ working_dir }}/overcloud-baremetal-deployed.yaml --deployed-server when: baremetal_provision|bool diff --git a/roles/overcloud-deploy/templates/config-download.yaml.j2 b/roles/overcloud-deploy/templates/config-download.yaml.j2 index f01a5fe86..97834e2cc 100644 --- a/roles/overcloud-deploy/templates/config-download.yaml.j2 +++ b/roles/overcloud-deploy/templates/config-download.yaml.j2 @@ -4,7 +4,7 @@ resource_registry: OS::TripleO::OVNMacAddressPort: OS::Heat::None parameter_defaults: -{% if release not in ['train', 'ussuri', 'victoria'] %} +{% if release not in ['train'] %} # Set VIP's for redis and OVN RedisVirtualFixedIPs: - ip_address: 192.168.24.101 @@ -15,7 +15,7 @@ parameter_defaults: {% endif %} # TODO: This is workaround for https://bugzilla.redhat.com/show_bug.cgi?id=2006409, Remove this # once this bug is fixed. -{% if release not in ['train', 'ussuri', 'victoria'] %} +{% if release not in ['train'] %} NovaLibvirtNumPciePorts: 12 {% endif %} # Set machine type if default is not supported on current OS diff --git a/roles/overcloud-deploy/templates/deployed_server_prepare.sh.j2 b/roles/overcloud-deploy/templates/deployed_server_prepare.sh.j2 index a4c26d3f8..65c00aa84 100644 --- a/roles/overcloud-deploy/templates/deployed_server_prepare.sh.j2 +++ b/roles/overcloud-deploy/templates/deployed_server_prepare.sh.j2 @@ -2,24 +2,15 @@ source {{ working_dir }}/stackrc -# We did not have OVERCLOUD_ROLES var in the newton version of the -# get-occ-config script. Instead we need to use CONTROLLER_HOSTS var. -{% if release != "newton" and (overcloud_release is not defined or overcloud_release != "newton") %} export OVERCLOUD_ROLES="" {% for role in deployed_server_overcloud_roles %} OVERCLOUD_ROLES="$OVERCLOUD_ROLES {{ role.name }}" export {{ role.name }}_hosts={{ role.hosts }} {% endfor %} export OVERCLOUD_HOSTS="{{ deployed_server_overcloud_roles|map(attribute='hosts')|join(' ') }}" -{% else %} -export CONTROLLER_HOSTS="{{deployed_server_overcloud_roles|map(attribute='hosts')|join(' ') }}" -{% endif %} {% set get_occ_config_script = overcloud_templates_path|default('/usr/share/openstack-tripleo-heat-templates') ~ '/deployed-server/scripts/get-occ-config.sh' %} {{ get_occ_config_script }} 2>&1 | sudo dd of=/var/log/deployed-server-os-collect-config.log -# We also do not have the deployed-server-enable-ssh-admin script on newton. -{% if release != "newton" %} /usr/share/openstack-tripleo-heat-templates/deployed-server/scripts/enable-ssh-admin.sh 2>&1 | sudo dd of=/var/log/deployed-server-enable-ssh-admin.log -{% endif %} diff --git a/roles/overcloud-deploy/templates/overcloud-deploy-cell.sh.j2 b/roles/overcloud-deploy/templates/overcloud-deploy-cell.sh.j2 index 3bee1c630..365e19470 100644 --- a/roles/overcloud-deploy/templates/overcloud-deploy-cell.sh.j2 +++ b/roles/overcloud-deploy/templates/overcloud-deploy-cell.sh.j2 @@ -30,7 +30,7 @@ openstack overcloud roles generate --roles-path \ ## * Deploy the cell ## :: -openstack overcloud deploy {% if release is not in ['newton', 'ocata', 'pike', 'queens'] %}--override-ansible-cfg {{ working_dir }}/custom_ansible.cfg{% endif %} \ +openstack overcloud deploy --override-ansible-cfg {{ working_dir }}/custom_ansible.cfg \ --templates {{overcloud_templates_path}} \ {{ deploy_args | regex_replace("\n", " ") }} \ {{ cell_deploy_args | regex_replace("\n", " ") }} \ @@ -46,10 +46,8 @@ if ! openstack stack list | grep -q {{ cell_name }}; then # so check `openstack stack list` for a CREATE_COMPLETE or an UPDATE_COMPLETE # status. elif ! openstack stack list | grep {{ cell_name }} | grep -Eq '(CREATE|UPDATE)_COMPLETE'; then - {%if release not in ['mitaka', 'liberty'] %} # get the failures list openstack stack failures list overcloud --long > {{ failed_cell_deployment_list }} || true - {% endif %} # get any puppet related errors for failed in $(openstack stack resource list \ @@ -70,12 +68,10 @@ elif ! openstack stack list | grep {{ cell_name }} | grep -Eq '(CREATE|UPDATE)_C # We need to exit with 1 because of the above || true done exit 1 -{%if release in ['master'] %} elif ! openstack overcloud status --stack {{ cell_name }}| grep -Eq 'DEPLOY_SUCCESS'; then # NOTE(emilien) "openstack overcloud failures" was introduced in Rocky openstack overcloud failures --stack {{ cell_name }}>> {{ failed_cell_deployment_list }} || true exit 1 -{% endif %} fi # Create inventory files for overcloud and cell stack diff --git a/roles/overcloud-deploy/templates/overcloud-deploy-post.sh.j2 b/roles/overcloud-deploy/templates/overcloud-deploy-post.sh.j2 index d52870efc..0b01c8288 100644 --- a/roles/overcloud-deploy/templates/overcloud-deploy-post.sh.j2 +++ b/roles/overcloud-deploy/templates/overcloud-deploy-post.sh.j2 @@ -9,33 +9,9 @@ set -eux ## * Prepare Your Environment. ## :: -{% if release in ['mitaka', 'newton', 'ocata', 'pike', 'queens', 'stein'] -%} -HOSTFILE=/etc/hosts -{% endif -%} - ## * Source in the undercloud credentials. ## :: . {{ working_dir }}/stackrc -{% if release in ['mitaka', 'newton', 'ocata', 'pike', 'queens', 'stein'] -%} -## * Remove any old overcloud host entries from `/etc/hosts`. -## :: - -sudo sed -i '/^## BEGIN OVERCLOUD HOSTS/,/^## END OVERCLOUD HOSTS/ d' $HOSTFILE - -## * Add overcloud hosts to `/etc/hosts`. -## :: - -cat < {{ failed_deployment_list }} || true - {% endif %} # get any puppet related errors for failed in $(openstack stack resource list \ @@ -59,11 +57,9 @@ elif ! openstack stack list | grep -Eq '(CREATE|UPDATE)_COMPLETE'; then # We need to exit with 1 because of the above || true done exit 1 -{%if release in ['master'] %} elif ! openstack overcloud status --plan {{ stack_name }} | grep -Eq 'DEPLOY_SUCCESS'; then # NOTE(emilien) "openstack overcloud failures" was introduced in Rocky openstack overcloud failures --plan {{ stack_name }} >> {{ failed_deployment_list }} || true -{% endif %} fi {% endif %} exit $status_code diff --git a/roles/overcloud-deploy/templates/overcloud_baremetal_deploy.yaml.j2 b/roles/overcloud-deploy/templates/overcloud_baremetal_deploy.yaml.j2 index e4d38caac..155373c9b 100644 --- a/roles/overcloud-deploy/templates/overcloud_baremetal_deploy.yaml.j2 +++ b/roles/overcloud-deploy/templates/overcloud_baremetal_deploy.yaml.j2 @@ -48,7 +48,7 @@ network_config: {{ network_config | to_nice_yaml(indent=2) | indent(6)}} {% endif %} -{% if growvols_args and release not in ['train','ussuri','victoria'] %} +{% if growvols_args and release not in ['train'] %} ansible_playbooks: - playbook: /usr/share/ansible/tripleo-playbooks/cli-overcloud-node-growvols.yaml extra_vars: diff --git a/roles/overcloud-prep-config/tasks/main.yml b/roles/overcloud-prep-config/tasks/main.yml index 7d0626c25..52534fe03 100644 --- a/roles/overcloud-prep-config/tasks/main.yml +++ b/roles/overcloud-prep-config/tasks/main.yml @@ -24,7 +24,7 @@ - overcloud-scripts - when: - - release not in ['train', 'ussuri', 'victoria'] + - release not in ['train'] - job.environment_type is defined and job.environment_type == 'baremetal' block: - name: Create network_data.yaml according to baremetal environment diff --git a/roles/overcloud-prep-containers/README.md b/roles/overcloud-prep-containers/README.md index e2a66f23a..babe3b990 100644 --- a/roles/overcloud-prep-containers/README.md +++ b/roles/overcloud-prep-containers/README.md @@ -25,7 +25,6 @@ overcloud-prep-containers variables -------------- * working_dir: /home/stack -* containerized_overcloud: false * overcloud_prep_containers_script: overcloud-prep-containers.sh.j2 * overcloud_prep_containers_log: overcloud_prep_containers.log * undercloud_network_cidr: 192.168.24.0/24 diff --git a/roles/overcloud-prep-containers/defaults/main.yml b/roles/overcloud-prep-containers/defaults/main.yml index 179b6faf6..ac7c7d9f7 100644 --- a/roles/overcloud-prep-containers/defaults/main.yml +++ b/roles/overcloud-prep-containers/defaults/main.yml @@ -1,6 +1,5 @@ --- tripleo_common_dir: /usr/share/openstack-tripleo-common -containerized_overcloud: false overcloud_prep_containers_template: overcloud-prep-containers.sh.j2 overcloud_prep_containers_script: "overcloud-prep-containers.sh" overcloud_prep_containers_log: "overcloud_prep_containers.log" diff --git a/roles/overcloud-prep-containers/tasks/main.yml b/roles/overcloud-prep-containers/tasks/main.yml index 6dd956d20..eb34bb226 100644 --- a/roles/overcloud-prep-containers/tasks/main.yml +++ b/roles/overcloud-prep-containers/tasks/main.yml @@ -12,13 +12,3 @@ python_cmd: "python{{ ansible_python.version.major }}" cacheable: true when: python_cmd is not defined - -- include: create-scripts.yml - tags: - - undercloud-scripts - when: release in ['ocata', 'pike', 'queens'] - -- include: overcloud-prep-containers.yml - tags: - - containers - when: release in ['ocata', 'pike', 'queens'] diff --git a/roles/overcloud-prep-containers/tasks/overcloud-prep-containers.yml b/roles/overcloud-prep-containers/tasks/overcloud-prep-containers.yml index a8c24645f..6b9a35654 100644 --- a/roles/overcloud-prep-containers/tasks/overcloud-prep-containers.yml +++ b/roles/overcloud-prep-containers/tasks/overcloud-prep-containers.yml @@ -23,4 +23,3 @@ set -o pipefail && {{ working_dir }}/{{ overcloud_prep_containers_script }} 2>&1 {{ timestamper_cmd }} > {{ overcloud_prep_containers_log }} - when: containerized_overcloud|bool diff --git a/roles/overcloud-prep-containers/templates/overcloud-prep-containers.sh.j2 b/roles/overcloud-prep-containers/templates/overcloud-prep-containers.sh.j2 index 5683b8f8c..80f212c5e 100644 --- a/roles/overcloud-prep-containers/templates/overcloud-prep-containers.sh.j2 +++ b/roles/overcloud-prep-containers/templates/overcloud-prep-containers.sh.j2 @@ -42,7 +42,7 @@ PREPARE_ARGS=${PREPARE_ARGS:-"{{ prepare_service_env_args }}"} ## populate the docker registry. This is done automatically. ## :: -{% if release not in ['ocata', 'pike', 'queens'] and not mixed_upgrade|default(false)|bool %} +{% if not mixed_upgrade|default(false)|bool %} openstack tripleo container image prepare --verbose \ --output-env-file {{ working_dir }}/containers-default-parameters.yaml \ ${PREPARE_ARGS} \ @@ -235,33 +235,6 @@ openstack overcloud container image prepare \ openstack overcloud container image upload --debug --config-file {{ working_dir }}/overcloud_containers.yaml -{% if release in ['ocata', 'pike'] %} -## * Configure the {{ working_dir }}/containers-default-parameters.yaml to pull -## from a local registry, this is done automatically. -## :: - - openstack overcloud container image prepare \ - --env-file {{ working_dir }}/containers-default-parameters.yaml \ - ${PREPARE_ARGS} \ - --namespace {{ local_docker_registry_host }}:8787/{{ docker_registry_namespace }} \ - {% if docker_prep_prefix is defined %} - --prefix "{{ docker_prep_prefix }}" \ - {% endif %} - {% if docker_prep_suffix is defined %} - --suffix "{{ docker_prep_suffix }}" \ - {% endif %} - {% if docker_ceph_namespace is defined %} - --set "ceph_namespace={{ docker_ceph_namespace }}" \ - {% endif %} - {% if docker_ceph_image is defined %} - --set "ceph_image={{ docker_ceph_image }}" \ - {% endif %} - {% if docker_ceph_tag is defined %} - --set "ceph_tag={{ docker_ceph_tag }}" \ - {% endif %} - --tag {{ container_build_id }} -{% endif %} - {% if update_containers|bool and not use_overcloud_mixed_upgrade|default(false)|bool %} # See https://github.com/imain/container-check for script and documentation diff --git a/roles/overcloud-prep-images/tasks/create-scripts.yml b/roles/overcloud-prep-images/tasks/create-scripts.yml index 261b9fcfb..770550ff6 100644 --- a/roles/overcloud-prep-images/tasks/create-scripts.yml +++ b/roles/overcloud-prep-images/tasks/create-scripts.yml @@ -69,5 +69,4 @@ dest: "{{ working_dir }}/inject-ara.sh" mode: 0755 when: - - release not in ['newton', 'ocata', 'pike', 'queens'] - undercloud_enable_mistral|bool diff --git a/roles/overcloud-prep-images/tasks/overcloud-prep-images.yml b/roles/overcloud-prep-images/tasks/overcloud-prep-images.yml index 70809c309..72370fe48 100644 --- a/roles/overcloud-prep-images/tasks/overcloud-prep-images.yml +++ b/roles/overcloud-prep-images/tasks/overcloud-prep-images.yml @@ -19,7 +19,7 @@ tripleo_os_cloud: undercloud tripleo_overcloud_image_upload_debug: true tripleo_overcloud_image_upload_generate_scripts: true - tripleo_overcloud_image_upload_http_boot: "{{ containerized_undercloud | default(false) | bool | ternary('/var/lib/ironic/httpboot', None) }}" + tripleo_overcloud_image_upload_http_boot: '/var/lib/ironic/httpboot' tripleo_overcloud_image_upload_whole_disk: "{{ whole_disk_images | default(false) | bool }}" tripleo_overcloud_image_upload_local: "{{ not undercloud_enable_nova | default(false) |bool }}" tripleo_overcloud_image_upload_log: "{{ overcloud_image_upload_log }}" @@ -45,18 +45,7 @@ when: - step_register|bool block: - - name: Import and register overcloud nodes - legacy - when: - - release in ['queens', 'stein'] - shell: > - set -o pipefail && - {{ working_dir }}/overcloud-import-nodes.sh 2>&1 {{ timestamper_cmd }} > - {{ overcloud_import_nodes_log }} - changed_when: true - - name: Run import nodes via tripleo-operator-ansible - when: - - release not in ['queens', 'stein'] collections: - tripleo.operator include_role: @@ -114,17 +103,7 @@ - name: Run Introspection when: step_introspect|bool block: - - name: Introspect overcloud nodes - legacy - when: release in ['queens', 'stein'] - shell: > - set -o pipefail && - {{ working_dir }}/overcloud-introspect.sh 2>&1 {{ timestamper_cmd }} > - {{ overcloud_introspect_script_log }} - changed_when: true - - name: Run Introspection on overcloud nodes via tripleo-operator-ansible - when: - - release not in ['queens', 'stein'] collections: - tripleo.operator include_role: @@ -149,5 +128,4 @@ {{ inject_ara_log }} changed_when: true when: - - release not in ['newton', 'ocata', 'pike', 'queens'] - undercloud_enable_mistral|bool diff --git a/roles/overcloud-prep-images/templates/overcloud-image-upload.sh.j2 b/roles/overcloud-prep-images/templates/overcloud-image-upload.sh.j2 index 222d68994..2a4109211 100644 --- a/roles/overcloud-prep-images/templates/overcloud-image-upload.sh.j2 +++ b/roles/overcloud-prep-images/templates/overcloud-image-upload.sh.j2 @@ -23,9 +23,7 @@ source {{ working_dir }}/stackrc {% endif %} openstack overcloud image upload -{%- if containerized_undercloud|bool %} --http-boot=/var/lib/ironic/httpboot -{%- endif %} {%- if whole_disk_images|bool %} --whole-disk {%- endif %} diff --git a/roles/overcloud-prep-images/templates/overcloud-prep-images.sh.j2 b/roles/overcloud-prep-images/templates/overcloud-prep-images.sh.j2 index 0ba446c65..cb8b1621b 100644 --- a/roles/overcloud-prep-images/templates/overcloud-prep-images.sh.j2 +++ b/roles/overcloud-prep-images/templates/overcloud-prep-images.sh.j2 @@ -32,6 +32,6 @@ source {{ working_dir }}/stackrc {% if step_introspect|bool %} {% include 'overcloud-introspect.sh.j2' %} {% endif %} -{% if release not in ['newton', 'ocata', 'pike', 'queens'] and undercloud_enable_mistral|bool %} +{% if undercloud_enable_mistral|bool %} {% include 'inject-ara.sh.j2' %} {% endif %} diff --git a/roles/overcloud-prep-network/templates/overcloud-prep-network.sh.j2 b/roles/overcloud-prep-network/templates/overcloud-prep-network.sh.j2 index fa9bcf1f5..ae2da6666 100644 --- a/roles/overcloud-prep-network/templates/overcloud-prep-network.sh.j2 +++ b/roles/overcloud-prep-network/templates/overcloud-prep-network.sh.j2 @@ -23,36 +23,6 @@ if ! sudo iptables -nvL INPUT | grep "$COMMENT"; then fi {% endif %} -{% if network_isolation|bool and not overcloud_ipv6|bool and (release in ['newton','ocata','pike','queens'] or not containerized_undercloud|bool) %} -## Setup Networking -## ---------------- - -## * Enable Masquerading for undercloud network. -## This is only useful before Rocky cycle. -## :: - -sudo iptables -w -t nat -D POSTROUTING -j BOOTSTACK_MASQ_OVB || true -sudo iptables -w -t nat -X BOOTSTACK_MASQ_OVB || true -sudo iptables -w -t nat -N BOOTSTACK_MASQ_OVB -sudo iptables -w -t nat -A BOOTSTACK_MASQ_OVB -s {{ undercloud_network_cidr }} -d {{ undercloud_network_cidr }} -j RETURN -sudo iptables -w -t nat -A BOOTSTACK_MASQ_OVB -s {{ undercloud_network_cidr }} -j MASQUERADE -sudo iptables -w -t nat -I POSTROUTING -j BOOTSTACK_MASQ_OVB -sudo iptables -w -t nat -F BOOTSTACK_MASQ || true -sudo iptables -w -t nat -D POSTROUTING -j BOOTSTACK_MASQ || true -sudo iptables -w -t nat -X BOOTSTACK_MASQ || true -sudo iptables -w -t nat -E BOOTSTACK_MASQ_OVB BOOTSTACK_MASQ - -## * Enable NAT for "external" network. -## :: - -RULE="-s {{undercloud_external_network_cidr}} ! -d {{undercloud_external_network_cidr}} -j MASQUERADE" -if ! sudo iptables -t nat -C BOOTSTACK_MASQ $RULE; then - sudo iptables -t nat -A BOOTSTACK_MASQ $RULE -fi - -sudo sh -c 'iptables-save > /etc/sysconfig/iptables' -{% endif %} - {% if network_isolation|bool and network_isolation_type in ['single-nic-vlans', 'single_nic_vlans', 'bond-with-vlans', 'bond_with_vlans', 'multiple-nics-vlans'] %} {% if network_isolation_type in ['single_nic_vlans', 'bond_with_vlans'] %} diff --git a/roles/overcloud-scale/README.md b/roles/overcloud-scale/README.md index 84cb88d3f..0d1e8abbc 100644 --- a/roles/overcloud-scale/README.md +++ b/roles/overcloud-scale/README.md @@ -6,7 +6,7 @@ An Ansible role for scaling and deleting nodes from an overcloud. Requirements ------------ -This role assumes it will be executed against a host on which a Liberty, Mitaka, Newton, or Ocata under/overcloud have already been deployed. +This role assumes it will be executed against a host on which an under/overcloud have already been deployed. **Note:** The validate-simple role must be accessible. @@ -63,13 +63,6 @@ Example Playbook # General deployment info libvirt_args: "--libvirt-type qemu" - flavor_args: >- - --control-flavor {{flavor_map.control - if flavor_map is defined and 'control' in flavor_map else 'oooq_control'}} - --compute-flavor {{flavor_map.compute - if flavor_map is defined and 'compute' in flavor_map else 'oooq_compute'}} - --ceph-storage-flavor {{flavor_map.ceph - if flavor_map is defined and 'ceph' in flavor_map else 'oooq_ceph'}} timeout_args: "--timeout {{ deploy_timeout }}" # Pulled this out so we can hand these configs to the openstack overcloud node delete command scale_extra_configs: "-e /usr/share/openstack-tripleo-heat-templates/environments/network-isolation.yaml -e /usr/share/openstack-tripleo-heat-templates/environments/net-single-nic-with-vlans.yaml -e ~/network-environment.yaml" @@ -83,7 +76,6 @@ Example Playbook # Scale deployment arguments scale_args: >- {{ libvirt_args }} - {{ flavor_args }} {{ timeout_args }} {{ scale_extra_args }} diff --git a/roles/overcloud-ssl/library/tls_tht.py b/roles/overcloud-ssl/library/tls_tht.py index c08e2b820..860ac9a8a 100644 --- a/roles/overcloud-ssl/library/tls_tht.py +++ b/roles/overcloud-ssl/library/tls_tht.py @@ -75,38 +75,20 @@ def _open_yaml(filename): def create_enable_file(certpem, keypem, source_dir, dest_dir, tht_release): # environments/ssl/* is preferred starting with pike - if tht_release in ['mitaka', 'newton', 'ocata']: - output_dict = _open_yaml("{}environments/enable-tls.yaml".format(source_dir)) - else: - output_dict = _open_yaml("{}environments/ssl/enable-tls.yaml".format(source_dir)) - - if tht_release == 'mitaka': - for key in output_dict["parameter_defaults"]["EndpointMap"]: - if output_dict["parameter_defaults"]["EndpointMap"][key]["host"] == "CLOUDNAME": - output_dict["parameter_defaults"]["EndpointMap"][key]["host"] = "IP_ADDRESS" + output_dict = _open_yaml("{}environments/ssl/enable-tls.yaml".format(source_dir)) output_dict["parameter_defaults"]["SSLCertificate"] = certpem output_dict["parameter_defaults"]["SSLKey"] = keypem - # NoteTLSData has been deprecated/removed in rocky and onwards - if tht_release in ['mitaka', 'newton', 'ocata', 'pike', 'queens']: - output_dict["resource_registry"]["OS::TripleO::NodeTLSData"] = \ - "{}/puppet/extraconfig/tls/tls-cert-inject.yaml".format(source_dir) - with open("{}enable-tls.yaml".format(dest_dir), "w") as stream: yaml.safe_dump(output_dict, stream, default_style='|') def create_anchor_file(cert_ca_pem, source_dir, dest_dir, enable_tls_overcloud, tht_release): - if tht_release in ['mitaka', 'newton', 'ocata']: - output_dict = _open_yaml( - "{}environments/inject-trust-anchor.yaml".format(source_dir) - ) - else: - output_dict = _open_yaml( - "{}environments/ssl/inject-trust-anchor.yaml".format(source_dir) - ) + output_dict = _open_yaml( + "{}environments/ssl/inject-trust-anchor.yaml".format(source_dir) + ) if enable_tls_overcloud: ca_map = {"overcloud-ca": {"content": cert_ca_pem}}