tripleo

RFE: Network Isolation Should Allow Non-Standard Networks on Nodes

Bug #1517575 reported by Dan Sneddon
6
This bug affects 1 person
Affects Status Importance Assigned to Milestone
tripleo
Fix Released
Wishlist
Dan Sneddon
tripleo newton-3 "newton-3"

Bug Description

Currently TripleO network isolation assumes that certain networks will be on certain roles. These networks can be individually enabled/disabled, but it isn't possible to arbitrarily assign networks to roles. The Ceph OSD nodes, for instance, only have ports configured on the Control Plane, Storage, Storage Management, and Management networks. If one wanted to place a port from the Internal API network on the Ceph node, it would require customizing the Ceph Heat templates.

We should not be so prescriptive about which networks are on which nodes. If we just add all networks to all nodes, they will ordinarily be noop'd, and can be enabled for custom environments.

This work will mainly need to take place in the role templates for the overcloud nodes, so compute.yaml, ceph-storage.yaml, etc. and the Puppet equivalent role files. Since these networks would only be enabled in a custom environment, no changes to the existing NIC config templates are needed.

Dan Sneddon (dsneddon)
summary: - Network Isolation Should Allow Non-Standard Networks on Nodes
+ RFE: Network Isolation Should Allow Non-Standard Networks on Nodes
Ben Nemec (bnemec)
Changed in tripleo:
status: New → Triaged
importance: Undecided → Wishlist
Steven Hardy (shardy)
Changed in tripleo:
milestone: none → newton-1
Revision history for this message
Steven Hardy (shardy) wrote :

This doesn't appear to have been started, and it has no assignee, so I'm bumping to n2

Changed in tripleo:
milestone: newton-1 → newton-2
Revision history for this message
Dan Sneddon (dsneddon) wrote :

Note, this was 90% implemented in Mitaka. In fact, the work in Newton involves changes that could be considered bugfixes (improvements in routing, an additional VIP for the Management network).

Changed in tripleo:
assignee: nobody → Dan Sneddon (dsneddon)
Revision history for this message
Dan Sneddon (dsneddon) wrote :

Here is the main patch which implemented this change: https://review.openstack.org/#/c/249533/

Also, this was backported to stable/liberty: https://review.openstack.org/#/c/268833

Revision history for this message
Steven Hardy (shardy) wrote :

Dan, can you break down what remains before we can close this bug please? I'm going to defer to n-3 because atm it's not clear what work remains.

Changed in tripleo:
milestone: newton-2 → newton-3
Revision history for this message
Dan Sneddon (dsneddon) wrote :

The only work remaining on this bug is the patch to make some corrections to IP routing:
https://review.openstack.org/#/c/318389/

Changed in tripleo:
status: Triaged → Fix Committed
Emilien Macchi (emilienm)
Changed in tripleo:
status: Fix Committed → Fix Released
To post a comment you must log in.
This report contains Public information  
Everyone can see this information.
Subscribing...

Other bug subscribers

Remote bug watches

Bug watches keep track of this bug in other bug trackers.