OpenStack-Ansible

Allow config drive to be disabled

Bug #1468514 reported by Bjoern on 2015-06-24

This bug affects 3 people

	Status	Importance	Assigned to	Milestone
OpenStack-Ansible	Fix Released	Medium	Kevin Carter	OpenStack-Ansible liberty-3
Juno	Fix Released	Medium	Christopher H. Laco	OpenStack-Ansible 10.1.13
Kilo	Fix Released	Medium	Jesse Pretorius	OpenStack-Ansible 11.1.2
Trunk	Fix Released	Medium	Kevin Carter	OpenStack-Ansible liberty-3

Bug Description

Currently we set the parameter force_config_drive to always which will create a config drive for every instance.
Unfortunately nova does not support live migration (actually a libvirt limitation) so I would propose to set this to none, like the default setting in nova.
That will leave the customer with the option to enable config drives per flavor or boot request (--config-drive) instead of enforcing it and limiting other important features like live migration

Revision history for this message

Bjoern (bjoern-t) wrote on 2015-06-24:

Some background info : http://docs.openstack.org/admin-guide-cloud/content/section_configuring-compute-migrations.html

Revision history for this message

Bjoern (bjoern-t) wrote on 2015-06-24:

FYI : NOTE: The "always" will be deprecated in the Liberty release cycle.

Revision history for this message

Bjoern (bjoern-t) wrote on 2015-06-24:

per http://docs.openstack.org/kilo/config-reference/content/list-of-compute-config-options.html#config_table_nova_api

Kevin Carter (kevin-carter) on 2015-06-25

Changed in openstack-ansible:
status:	New → In Progress
importance:	Undecided → Medium
assignee:	nobody → Kevin Carter (kevin-carter)
milestone:	none → 11.0.4

Revision history for this message

Bjoern (bjoern-t) wrote on 2015-06-25:

Additionally we need to set

libvirtd_opts="-d -l"

inside /etc/default/libvirt-bin, otherwise libvirt is not listening to tcp.
At some point we should look if we want to use/support TLS on libvirtd

Revision history for this message

Kevin Carter (kevin-carter) wrote on 2015-06-27:

This is a WIP right now, changes found here: https://review.openstack.org/#/c/195403/

Changed in openstack-ansible:
milestone:	11.0.4 → 11.1.0

Revision history for this message

RPC Customer (rpc-customer) wrote on 2015-08-05:

Please backport this to Juno.

Jesse Pretorius (jesse-pretorius) on 2015-08-11

summary:

- Disable default nova config drive enforcing
+ Allow config drive to be disabled

Revision history for this message

OpenStack Infra (hudson-openstack) wrote on 2015-08-13: Fix merged to os-ansible-deployment (master)

Reviewed: https://review.openstack.org/195403
Committed: https://git.openstack.org/cgit/stackforge/os-ansible-deployment/commit/?id=e65066cf1253c8a27d12c3e3da6797199f0016b5
Submitter: Jenkins
Branch: master

commit e65066cf1253c8a27d12c3e3da6797199f0016b5
Author: kevin <email address hidden>
Date: Wed Jun 24 22:51:41 2015 -0500

Remove hardcoded config drive enforcement

    This change removes the forced use of config drive to ensure that a user
    can choose to use config drive as needed. This adds ability to
    disable/enable config drive and allows libvirt to listen for connections
    on tcp as needed for live migrations (prohibited otherwise by config drive).

The following new variables were added to os_nova role:

    nova_force_config_drive
    nova_libvirtd_listen_tls: 1
    nova_libvirtd_listen_tcp: 0
    nova_libvirtd_auth_tcp: sasl

    Change-Id: I1de35a4b3611b8bc33a21930dae3fd38f9aaa151
    Closes-Bug: #1468514
    DocImpact

Changed in openstack-ansible:
status:	In Progress → Fix Committed

Revision history for this message

OpenStack Infra (hudson-openstack) wrote on 2015-08-18: Fix merged to os-ansible-deployment (kilo)

Reviewed: https://review.openstack.org/212497
Committed: https://git.openstack.org/cgit/stackforge/os-ansible-deployment/commit/?id=be83c1c811fa7c5fd18e2c3e73ac7d30d74a3af0
Submitter: Jenkins
Branch: kilo

commit be83c1c811fa7c5fd18e2c3e73ac7d30d74a3af0
Author: kevin <email address hidden>
Date: Wed Jun 24 22:51:41 2015 -0500

Remove hardcoded config drive enforcement

The following new variables were added to os_nova role:

    nova_force_config_drive
    nova_libvirtd_listen_tls: 1
    nova_libvirtd_listen_tcp: 0
    nova_libvirtd_auth_tcp: sasl

    Change-Id: I1de35a4b3611b8bc33a21930dae3fd38f9aaa151
    Closes-Bug: #1468514
    DocImpact
    (cherry picked from commit e65066cf1253c8a27d12c3e3da6797199f0016b5)

Revision history for this message

OpenStack Infra (hudson-openstack) wrote on 2015-08-28: Fix proposed to os-ansible-deployment (juno)

Fix proposed to branch: juno
Review: https://review.openstack.org/218480

Revision history for this message

Matthew Thode (prometheanfire) wrote on 2015-08-29:

#10

Why did the config_drive var stick in master (liberty)?

Revision history for this message

Jesse Pretorius (jesse-pretorius) wrote on 2015-08-29:

#11

@Matthew What do you mean by 'stick'?

Revision history for this message

OpenStack Infra (hudson-openstack) wrote on 2015-09-03: Fix merged to os-ansible-deployment (juno)

#12

Reviewed: https://review.openstack.org/218480
Committed: https://git.openstack.org/cgit/stackforge/os-ansible-deployment/commit/?id=05e8f2df879240e1e686a181b1f8c45294cd5c10
Submitter: Jenkins
Branch: juno

commit 05e8f2df879240e1e686a181b1f8c45294cd5c10
Author: Christopher H. Laco <email address hidden>
Date: Fri Aug 28 16:23:46 2015 -0500

Remove hardcoded config drive enforcement

The following new variables were added to nova_common and nova_libvirt
roles, retaining their existing values:

    nova_force_config_drive: always
    nova_libvirtd_listen_tls: 0
    nova_libvirtd_listen_tcp: 1
    nova_libvirtd_auth_tcp: none

    Conflicts:
      playbooks/roles/os_nova/defaults/main.yml
      playbooks/roles/os_nova/templates/nova.conf.j2

    Change-Id: I1de35a4b3611b8bc33a21930dae3fd38f9aaa151
    Closes-Bug: #1468514
    DocImpact
    (cherry picked from commit e65066cf1253c8a27d12c3e3da6797199f0016b5)