We seem to configure all networks in network_data.yaml for all roles

Bug #1800811 reported by Rabi Mishra
6
This bug affects 1 person
Affects Status Importance Assigned to Milestone
tripleo
Medium
Rabi Mishra

Bug Description

It seems we create Port and other resources for a network irrespective of whether the network is specified for a role or not and then HostEntry output has fallback ctlplane address for those networks.

(undercloud) [stack@undercloud ~]$ openstack stack output show overcloud HostsEntry -f value -c output_value|grep overcloudmak-cephstorage-0
172.16.1.102 overcloudmak-cephstorage-0.5a6s5.domain.com overcloudmak-cephstorage-0
172.16.1.102 overcloudmak-cephstorage-0.storage.5a6s5.domain.com overcloudmak-cephstorage-0.storage
172.16.3.111 overcloudmak-cephstorage-0.storagemgmt.5a6s5.domain.com overcloudmak-cephstorage-0.storagemgmt
192.0.2.71 overcloudmak-cephstorage-0.internalapi.5a6s5.domain.com overcloudmak-cephstorage-0.internalapi
192.0.2.71 overcloudmak-cephstorage-0.tenant.5a6s5.domain.com overcloudmak-cephstorage-0.tenant
192.0.2.71 overcloudmak-cephstorage-0.external.5a6s5.domain.com overcloudmak-cephstorage-0.external
192.0.2.71 overcloudmak-cephstorage-0.management.5a6s5.domain.com overcloudmak-cephstorage-0.management
192.0.2.71 overcloudmak-cephstorage-0.ctlplane.5a6s5.domain.com overcloudmak-cephstorage-0.ctlplane

Rabi Mishra (rabi)
Changed in tripleo:
assignee: nobody → Rabi Mishra (rabi)
Revision history for this message
OpenStack Infra (hudson-openstack) wrote : Fix proposed to tripleo-heat-templates (master)

Fix proposed to branch: master
Review: https://review.openstack.org/614457

Changed in tripleo:
status: New → In Progress
Changed in tripleo:
importance: Undecided → Medium
milestone: none → stein-2
Revision history for this message
OpenStack Infra (hudson-openstack) wrote : Fix merged to tripleo-heat-templates (master)

Reviewed: https://review.openstack.org/614457
Committed: https://git.openstack.org/cgit/openstack/tripleo-heat-templates/commit/?id=5d275fb9223c722d7436431c58f22a559a190773
Submitter: Zuul
Branch: master

commit 5d275fb9223c722d7436431c58f22a559a190773
Author: Rabi Mishra <email address hidden>
Date: Wed Oct 31 14:27:16 2018 +0530

    Check for available networks for a role

    For network isolation, we specifcy available networks for role.
    Therefore, there is no point in creating noop network resources for
    networks that are not available/connected. This results in redundant
    host entries for not available networks on overcloud nodes.

    If a network is not available for a role we don't need to create
    those extra noop resources.

    For Undercloud/Standalone role we keep all networks in roles data
    as the default ServiceNetMap specifies non ctlplane networks though
    they map to ctlplane.

    Change-Id: I07822ec0cba7eed352c0010eb893b5e5a522e95c
    Closes-Bug: #1800811

Changed in tripleo:
status: In Progress → Fix Released
Revision history for this message
OpenStack Infra (hudson-openstack) wrote : Fix proposed to tripleo-heat-templates (stable/rocky)

Fix proposed to branch: stable/rocky
Review: https://review.openstack.org/623051

Revision history for this message
OpenStack Infra (hudson-openstack) wrote : Related fix proposed to tripleo-heat-templates (master)

Related fix proposed to branch: master
Review: https://review.openstack.org/623159

Revision history for this message
OpenStack Infra (hudson-openstack) wrote : Related fix merged to tripleo-heat-templates (master)

Reviewed: https://review.openstack.org/623159
Committed: https://git.openstack.org/cgit/openstack/tripleo-heat-templates/commit/?id=670e720030bd1d3744281da32fc981643cecd037
Submitter: Zuul
Branch: master

commit 670e720030bd1d3744281da32fc981643cecd037
Author: Rabi Mishra <email address hidden>
Date: Thu Dec 6 13:40:11 2018 +0530

    Remove nic for storage_mgt network

    We don't enable StorageMgmt network on the Compute role by default.

    Change-Id: Idd0be76c8d7ad45cddc80b7c1867919acae77ea6
    Depends-On: https://review.openstack.org/622960
    Depends-On: https://review.openstack.org/618669
    Related-Bug: #1800811

Revision history for this message
OpenStack Infra (hudson-openstack) wrote : Related fix proposed to tripleo-heat-templates (stable/rocky)

Related fix proposed to branch: stable/rocky
Review: https://review.openstack.org/623641

Revision history for this message
OpenStack Infra (hudson-openstack) wrote : Related fix merged to tripleo-heat-templates (stable/rocky)

Reviewed: https://review.openstack.org/623641
Committed: https://git.openstack.org/cgit/openstack/tripleo-heat-templates/commit/?id=2f8553474eff5746bcfdb964451e3b4fb5f1d442
Submitter: Zuul
Branch: stable/rocky

commit 2f8553474eff5746bcfdb964451e3b4fb5f1d442
Author: Rabi Mishra <email address hidden>
Date: Thu Dec 6 13:40:11 2018 +0530

    Remove nic for storage_mgt network

    We don't enable StorageMgmt network on the Compute role by default.

    Change-Id: Idd0be76c8d7ad45cddc80b7c1867919acae77ea6
    Related-Bug: #1800811
    (cherry picked from commit 670e720030bd1d3744281da32fc981643cecd037)

tags: added: in-stable-rocky
Revision history for this message
OpenStack Infra (hudson-openstack) wrote : Related fix proposed to tripleo-heat-templates (stable/queens)

Related fix proposed to branch: stable/queens
Review: https://review.openstack.org/624563

Revision history for this message
OpenStack Infra (hudson-openstack) wrote : Fix proposed to tripleo-heat-templates (stable/queens)

Fix proposed to branch: stable/queens
Review: https://review.openstack.org/624567

Revision history for this message
OpenStack Infra (hudson-openstack) wrote : Fix merged to tripleo-heat-templates (stable/rocky)

Reviewed: https://review.openstack.org/623051
Committed: https://git.openstack.org/cgit/openstack/tripleo-heat-templates/commit/?id=2e620b9367e298ac5d1c0a31fdf98f72c4520985
Submitter: Zuul
Branch: stable/rocky

commit 2e620b9367e298ac5d1c0a31fdf98f72c4520985
Author: Rabi Mishra <email address hidden>
Date: Wed Oct 31 14:27:16 2018 +0530

    Check for available networks for a role

    For network isolation, we specifcy available networks for role.
    Therefore, there is no point in creating noop network resources for
    networks that are not available/connected. This results in redundant
    host entries for not available networks on overcloud nodes.

    If a network is not available for a role we don't need to create
    those extra noop resources.

    For Undercloud/Standalone role we keep all networks in roles data
    as the default ServiceNetMap specifies non ctlplane networks though
    they map to ctlplane.

    Change-Id: I07822ec0cba7eed352c0010eb893b5e5a522e95c
    Closes-Bug: #1800811
    (cherry picked from commit 5d275fb9223c722d7436431c58f22a559a190773)

Revision history for this message
OpenStack Infra (hudson-openstack) wrote : Related fix proposed to tripleo-heat-templates (master)

Related fix proposed to branch: master
Review: https://review.openstack.org/625187

Revision history for this message
OpenStack Infra (hudson-openstack) wrote : Related fix merged to tripleo-heat-templates (stable/queens)

Reviewed: https://review.openstack.org/624563
Committed: https://git.openstack.org/cgit/openstack/tripleo-heat-templates/commit/?id=3498a2474ae4bbcb3850bdcb32520ca19d310c89
Submitter: Zuul
Branch: stable/queens

commit 3498a2474ae4bbcb3850bdcb32520ca19d310c89
Author: Rabi Mishra <email address hidden>
Date: Thu Dec 6 13:40:11 2018 +0530

    Remove nic for storage_mgt network

    We don't enable StorageMgmt network on the Compute role by default.

    Change-Id: Idd0be76c8d7ad45cddc80b7c1867919acae77ea6
    Related-Bug: #1800811
    (cherry picked from commit 670e720030bd1d3744281da32fc981643cecd037)

tags: added: in-stable-queens
Revision history for this message
OpenStack Infra (hudson-openstack) wrote : Related fix merged to tripleo-heat-templates (master)

Reviewed: https://review.openstack.org/625187
Committed: https://git.openstack.org/cgit/openstack/tripleo-heat-templates/commit/?id=2f84e6e951a28a01a8da80fecad97b80a7f7f6a5
Submitter: Zuul
Branch: master

commit 2f84e6e951a28a01a8da80fecad97b80a7f7f6a5
Author: Harald Jensås <email address hidden>
Date: Fri Dec 14 09:58:34 2018 +0100

    Remove unused params in jinja rendered network config templates

    Since change I07822ec0cba7eed352c0010eb893b5e5a522e95c removed the
    noop resources only parameters for networks used by the role is
    passed to the network config templates.

    Add a conditional when iterating over networks in jinja templates
    so that only parameters for networks used by the role is included.

    Change-Id: I8b6c7d247d719a7c8559c4be5e35c478a0f189f7
    Related-Bug: #1800811

Revision history for this message
OpenStack Infra (hudson-openstack) wrote : Fix included in openstack/tripleo-heat-templates 9.2.0

This issue was fixed in the openstack/tripleo-heat-templates 9.2.0 release.

Revision history for this message
OpenStack Infra (hudson-openstack) wrote : Related fix proposed to tripleo-heat-templates (master)

Related fix proposed to branch: master
Review: https://review.openstack.org/629163

Revision history for this message
OpenStack Infra (hudson-openstack) wrote : Related fix merged to tripleo-heat-templates (master)

Reviewed: https://review.openstack.org/629163
Committed: https://git.openstack.org/cgit/openstack/tripleo-heat-templates/commit/?id=991e0fc0c0c9fc24b53b3760b396de75d9fb52ad
Submitter: Zuul
Branch: master

commit 991e0fc0c0c9fc24b53b3760b396de75d9fb52ad
Author: Harald Jensås <email address hidden>
Date: Tue Jan 8 12:23:52 2019 +0100

    Reno only - Check for available networks for a role

    Since change: I07822ec0cba7eed352c0010eb893b5e5a522e95c
    resources are no longer created for networks that are not
    defined in roles data. While this is an improvement we
    need to communicate this change.

    There is tribal knowledge and documentation that failed
    reflect the requirement to add networks to roles data
    since the introduction of composable networks in Pike.

    Prior to Pike adding a network to a role was achived by
    overriding the resource_registry entry to not use the
    noop.yaml fake port (fall back to ctlplane) template.
    i.e to add External network to compute role the
    following was commonly added to network-environment.yaml

      OS::TripleO::Compute::Ports::ExternalPort:
        ../network/ports/external.yaml

    NOTE: Current OVN-DVR and ODL doc's downstream uses the
          resource_registry override, whitout also adding
          the network to roles data.

    Related-Bug: #1800811
    Change-Id: I6c03c7a2bd6f369bf35a9e479a97302c9a455197

Revision history for this message
OpenStack Infra (hudson-openstack) wrote : Related fix proposed to tripleo-heat-templates (stable/rocky)

Related fix proposed to branch: stable/rocky
Review: https://review.openstack.org/629307

Revision history for this message
OpenStack Infra (hudson-openstack) wrote : Related fix merged to tripleo-heat-templates (stable/rocky)

Reviewed: https://review.openstack.org/629307
Committed: https://git.openstack.org/cgit/openstack/tripleo-heat-templates/commit/?id=836b1b3327e89a1136f30ea752d916c96eb6a082
Submitter: Zuul
Branch: stable/rocky

commit 836b1b3327e89a1136f30ea752d916c96eb6a082
Author: Harald Jensås <email address hidden>
Date: Tue Jan 8 12:23:52 2019 +0100

    Reno only - Check for available networks for a role

    Since change: I07822ec0cba7eed352c0010eb893b5e5a522e95c
    resources are no longer created for networks that are not
    defined in roles data. While this is an improvement we
    need to communicate this change.

    There is tribal knowledge and documentation that failed
    reflect the requirement to add networks to roles data
    since the introduction of composable networks in Pike.

    Prior to Pike adding a network to a role was achived by
    overriding the resource_registry entry to not use the
    noop.yaml fake port (fall back to ctlplane) template.
    i.e to add External network to compute role the
    following was commonly added to network-environment.yaml

      OS::TripleO::Compute::Ports::ExternalPort:
        ../network/ports/external.yaml

    NOTE: Current OVN-DVR and ODL doc's downstream uses the
          resource_registry override, whitout also adding
          the network to roles data.

    Related-Bug: #1800811
    Change-Id: I6c03c7a2bd6f369bf35a9e479a97302c9a455197
    (cherry picked from commit 991e0fc0c0c9fc24b53b3760b396de75d9fb52ad)

Revision history for this message
OpenStack Infra (hudson-openstack) wrote : Related fix proposed to tripleo-heat-templates (stable/queens)

Related fix proposed to branch: stable/queens
Review: https://review.openstack.org/629963

Revision history for this message
OpenStack Infra (hudson-openstack) wrote : Fix merged to tripleo-heat-templates (stable/queens)

Reviewed: https://review.openstack.org/624567
Committed: https://git.openstack.org/cgit/openstack/tripleo-heat-templates/commit/?id=719d0098f25172609e5e006bb0fa6760d71903fb
Submitter: Zuul
Branch: stable/queens

commit 719d0098f25172609e5e006bb0fa6760d71903fb
Author: Rabi Mishra <email address hidden>
Date: Wed Oct 31 14:27:16 2018 +0530

    Check for available networks for a role

    For network isolation, we specifcy available networks for role.
    Therefore, there is no point in creating noop network resources for
    networks that are not available/connected. This results in redundant
    host entries for not available networks on overcloud nodes.

    If a network is not available for a role we don't need to create
    those extra noop resources.

    For Undercloud/Standalone role we keep all networks in roles data
    as the default ServiceNetMap specifies non ctlplane networks though
    they map to ctlplane.

    Change-Id: I07822ec0cba7eed352c0010eb893b5e5a522e95c
    Depends-On: #https://review.openstack.org/624563
    Closes-Bug: #1800811
    (cherry picked from commit 5d275fb9223c722d7436431c58f22a559a190773)

Revision history for this message
OpenStack Infra (hudson-openstack) wrote : Fix included in openstack/tripleo-heat-templates 10.3.0

This issue was fixed in the openstack/tripleo-heat-templates 10.3.0 release.

Revision history for this message
OpenStack Infra (hudson-openstack) wrote : Related fix merged to tripleo-heat-templates (stable/queens)

Reviewed: https://review.openstack.org/629963
Committed: https://git.openstack.org/cgit/openstack/tripleo-heat-templates/commit/?id=c2f9d77f5ad4532205199f01b235b53a0d4db167
Submitter: Zuul
Branch: stable/queens

commit c2f9d77f5ad4532205199f01b235b53a0d4db167
Author: Harald Jensås <email address hidden>
Date: Tue Jan 8 12:23:52 2019 +0100

    Reno only - Check for available networks for a role

    Since change: I07822ec0cba7eed352c0010eb893b5e5a522e95c
    resources are no longer created for networks that are not
    defined in roles data. While this is an improvement we
    need to communicate this change.

    There is tribal knowledge and documentation that failed
    reflect the requirement to add networks to roles data
    since the introduction of composable networks in Pike.

    Prior to Pike adding a network to a role was achived by
    overriding the resource_registry entry to not use the
    noop.yaml fake port (fall back to ctlplane) template.
    i.e to add External network to compute role the
    following was commonly added to network-environment.yaml

      OS::TripleO::Compute::Ports::ExternalPort:
        ../network/ports/external.yaml

    NOTE: Current OVN-DVR and ODL doc's downstream uses the
          resource_registry override, whitout also adding
          the network to roles data.

    Related-Bug: #1800811
    Change-Id: I6c03c7a2bd6f369bf35a9e479a97302c9a455197
    (cherry picked from commit 991e0fc0c0c9fc24b53b3760b396de75d9fb52ad)

Revision history for this message
OpenStack Infra (hudson-openstack) wrote : Related fix merged to tripleo-heat-templates (master)

Reviewed: https://review.openstack.org/629051
Committed: https://git.openstack.org/cgit/openstack/tripleo-heat-templates/commit/?id=c740b542147f7e53cac12c46860bf8228d6ae5f6
Submitter: Zuul
Branch: master

commit c740b542147f7e53cac12c46860bf8228d6ae5f6
Author: Harald Jensås <email address hidden>
Date: Mon Jan 7 22:38:02 2019 +0100

    Remove default role-name from merge network param script

    The merge-new-params-nic-config-script.py previosly had the
    'Controller' role as the default for --role-name. It is not
    obvious that this parameter must be changed when merging
    nic config templates.

    Remove the default and make the argument required. Improves
    UX since user error is less likely.

    Making the mistake of using a Role with too many networks
    is'nt as forgiving since we now only pass parameters for
    the role.networks.

    Related-Bug: #1800811
    Change-Id: Iff9e364db66ad09a30ac10a7814a3c01d50caf58

Revision history for this message
OpenStack Infra (hudson-openstack) wrote : Fix included in openstack/tripleo-heat-templates 8.3.0

This issue was fixed in the openstack/tripleo-heat-templates 8.3.0 release.

Revision history for this message
OpenStack Infra (hudson-openstack) wrote : Related fix merged to tripleo-ansible (master)

Reviewed: https://review.opendev.org/710574
Committed: https://git.openstack.org/cgit/openstack/tripleo-ansible/commit/?id=997cb781bd057e0243e7795a3a301ca2eac69485
Submitter: Zuul
Branch: master

commit 997cb781bd057e0243e7795a3a301ca2eac69485
Author: Harald Jensås <email address hidden>
Date: Sat Feb 29 18:43:57 2020 +0100

    Only add host entries for role_networks

    When network isolastion was added there was no have
    composable networks and no jinja2 generated heat
    templates. Because of this the "standard" networks
    was always included, but the port template was
    overridden to use the ctlplane's ip address for
    disabled networks.

    The result is that we have kept host entries for
    networks that are irrelevant for some roles. This
    was fixed in https://review.opendev.org/614457 but
    re-intruduced in tripleo-ansibe.

    This fixes the tripleo_hosts_entries role to only
    write host entries for networks relavant to the
    tripleo role.

    Related-Bug: #1842001
    Related-Bug: #1800811
    Change-Id: I2c8f0eb33be26ebe6d4077b25de47c2b2ab1fca0

Revision history for this message
OpenStack Infra (hudson-openstack) wrote : Related fix proposed to tripleo-ansible (stable/train)

Related fix proposed to branch: stable/train
Review: https://review.opendev.org/711795

Revision history for this message
OpenStack Infra (hudson-openstack) wrote : Related fix merged to tripleo-ansible (stable/train)

Reviewed: https://review.opendev.org/711795
Committed: https://git.openstack.org/cgit/openstack/tripleo-ansible/commit/?id=0c9a9afbf24555082204fd9619885634deea4f19
Submitter: Zuul
Branch: stable/train

commit 0c9a9afbf24555082204fd9619885634deea4f19
Author: Harald Jensås <email address hidden>
Date: Sat Feb 29 18:43:57 2020 +0100

    Only add host entries for role_networks

    When network isolastion was added there was no have
    composable networks and no jinja2 generated heat
    templates. Because of this the "standard" networks
    was always included, but the port template was
    overridden to use the ctlplane's ip address for
    disabled networks.

    The result is that we have kept host entries for
    networks that are irrelevant for some roles. This
    was fixed in https://review.opendev.org/614457 but
    re-intruduced in tripleo-ansibe.

    This fixes the tripleo_hosts_entries role to only
    write host entries for networks relavant to the
    tripleo role.

    Related-Bug: #1842001
    Related-Bug: #1800811
    Change-Id: I2c8f0eb33be26ebe6d4077b25de47c2b2ab1fca0
    (cherry picked from commit 997cb781bd057e0243e7795a3a301ca2eac69485)

tags: added: in-stable-train
To post a comment you must log in.
This report contains Public information  Edit
Everyone can see this information.

Other bug subscribers