diff --git a/modules/puppet-dcorch/src/dcorch/manifests/keystone/auth.pp b/modules/puppet-dcorch/src/dcorch/manifests/keystone/auth.pp index 3f8f59723..8e74ec7be 100644 --- a/modules/puppet-dcorch/src/dcorch/manifests/keystone/auth.pp +++ b/modules/puppet-dcorch/src/dcorch/manifests/keystone/auth.pp @@ -62,15 +62,6 @@ class dcorch::keystone::auth ( internal_url => $internal_url, } - keystone_endpoint { "${region}/nova::compute" : - ensure => 'present', - name => 'nova', - type => 'compute', - region => $region, - public_url => $nova_proxy_public_url, - admin_url => $nova_proxy_internal_url, - internal_url => $nova_proxy_internal_url - } keystone_endpoint { "${region}/sysinv::platform" : ensure => 'present', name => 'sysinv', @@ -80,36 +71,7 @@ class dcorch::keystone::auth ( admin_url => $sysinv_proxy_internal_url, internal_url => $sysinv_proxy_internal_url } - keystone_endpoint { "${region}/neutron::network" : - ensure => 'present', - name => 'neutron', - type => 'network', - region => $region, - public_url => $neutron_proxy_public_url, - admin_url => $neutron_proxy_internal_url, - internal_url => $neutron_proxy_internal_url - } - if $::openstack::cinder::params::service_enabled { - keystone_endpoint { "${region}/cinderv2::volumev2" : - ensure => 'present', - name => 'cinderv2', - type => 'volumev2', - region => $region, - public_url => $cinder_proxy_public_url_v2, - admin_url => $cinder_proxy_internal_url_v2, - internal_url => $cinder_proxy_internal_url_v2 - } - keystone_endpoint { "${region}/cinderv3::volumev3" : - ensure => 'present', - name => 'cinderv3', - type => 'volumev3', - region => $region, - public_url => $cinder_proxy_public_url_v3, - admin_url => $cinder_proxy_internal_url_v3, - internal_url => $cinder_proxy_internal_url_v3 - } - } keystone_endpoint { "${region}/patching::patching" : ensure => 'present', name => 'patching', diff --git a/puppet-manifests/src/modules/openstack/manifests/keystone.pp b/puppet-manifests/src/modules/openstack/manifests/keystone.pp index 276d4b8c9..922119bf5 100644 --- a/puppet-manifests/src/modules/openstack/manifests/keystone.pp +++ b/puppet-manifests/src/modules/openstack/manifests/keystone.pp @@ -175,16 +175,8 @@ class openstack::keystone::api # the subcloud region. if ($::platform::params::distributed_cloud_role == 'subcloud' and $::platform::params::region_2_name != 'RegionOne') { - Keystone_endpoint["${platform::params::region_2_name}/keystone::identity"] -> Keystone_endpoint['RegionOne/keystone::identity'] - keystone_endpoint { 'RegionOne/keystone::identity': - ensure => 'absent', - name => 'keystone', - type => 'identity', - region => 'RegionOne', - public_url => 'http://127.0.0.1:5000/v3', - admin_url => 'http://127.0.0.1:5000/v3', - internal_url => 'http://127.0.0.1:5000/v3' - } + Keystone_endpoint<||> -> Class['::platform::client'] + # TODO: use exec openstack endpoint delete commands to clean up the bootstrap endpoints } } diff --git a/puppet-manifests/src/modules/openstack/templates/keystone-defaultregion.erb b/puppet-manifests/src/modules/openstack/templates/keystone-defaultregion.erb index 350ce05c2..e02562157 100644 --- a/puppet-manifests/src/modules/openstack/templates/keystone-defaultregion.erb +++ b/puppet-manifests/src/modules/openstack/templates/keystone-defaultregion.erb @@ -5,7 +5,6 @@ keystone-<%=@reference_region %>-filter.conf \ --os-username <%=@os_username %> \ --os-password $PASSWORD \ --os-region-name <%=@identity_region %> \ - --os-keystone-region-name <%=@keystone_region %> \ --os-auth-url <%=@auth_url %> \ --os-identity-api-version <%=@api_version %> \ --os-project-name <%=@os_project_name %> | awk '/id\ \ / { print $4 }' ) @@ -13,7 +12,6 @@ openstack endpoint group add project $ENDPOINTGROUP_ID services \ --os-username <%=@os_username %> \ --os-password $PASSWORD \ --os-region-name <%=@identity_region %> \ - --os-keystone-region-name <%=@keystone_region %> \ --os-auth-url <%=@auth_url %> \ --os-identity-api-version <%=@api_version %> \ --os-project-name <%=@os_project_name %> diff --git a/puppet-manifests/src/modules/openstack/templates/keystone-systemcontroller.erb b/puppet-manifests/src/modules/openstack/templates/keystone-systemcontroller.erb index 3474d4472..3bd7805b0 100644 --- a/puppet-manifests/src/modules/openstack/templates/keystone-systemcontroller.erb +++ b/puppet-manifests/src/modules/openstack/templates/keystone-systemcontroller.erb @@ -5,7 +5,6 @@ keystone-<%=@system_controller_region %>-filter.conf \ --os-username <%=@os_username %> \ --os-password $PASSWORD \ --os-region-name <%=@identity_region %> \ - --os-keystone-region-name <%=@keystone_region %> \ --os-auth-url <%=@auth_url %> \ --os-identity-api-version <%=@api_version %> \ --os-project-name <%=@os_project_name %> | awk '/id\ \ / { print $4 }' ) @@ -13,7 +12,6 @@ openstack endpoint group add project $ENDPOINTGROUP_ID services \ --os-username <%=@os_username %> \ --os-password $PASSWORD \ --os-region-name <%=@identity_region %> \ - --os-keystone-region-name <%=@keystone_region %> \ --os-auth-url <%=@auth_url %> \ --os-identity-api-version <%=@api_version %> \ --os-project-name <%=@os_project_name %> diff --git a/puppet-manifests/src/modules/platform/manifests/kubernetes.pp b/puppet-manifests/src/modules/platform/manifests/kubernetes.pp index ad8ceb05a..6c1d0ab53 100644 --- a/puppet-manifests/src/modules/platform/manifests/kubernetes.pp +++ b/puppet-manifests/src/modules/platform/manifests/kubernetes.pp @@ -433,6 +433,7 @@ class platform::kubernetes::firewall $system_mode = $::platform::params::system_mode $oam_float_ip = $::platform::network::oam::params::controller_address + $oam_interface = $::platform::network::oam::params::interface_name $mgmt_subnet = $::platform::network::mgmt::params::subnet_network $mgmt_prefixlen = $::platform::network::mgmt::params::subnet_prefixlen @@ -448,7 +449,8 @@ class platform::kubernetes::firewall dport => $dports, destination => $d_mgmt_subnet, source => $s_mgmt_subnet, - tosource => $oam_float_ip + tosource => $oam_float_ip, + outiface => $oam_interface, } } } diff --git a/puppet-manifests/src/modules/platform/manifests/sm.pp b/puppet-manifests/src/modules/platform/manifests/sm.pp index 4a00982f4..241cea952 100644 --- a/puppet-manifests/src/modules/platform/manifests/sm.pp +++ b/puppet-manifests/src/modules/platform/manifests/sm.pp @@ -1129,18 +1129,6 @@ class platform::sm -> exec { 'Provision DCOrch-Sysinv-Api-Proxy in SM (service dcorch-sysinv-api-proxy)': command => 'sm-provision service dcorch-sysinv-api-proxy', } - -> exec { 'Provision DCOrch-Nova-Api-Proxy (service-group-member dcorch-nova-api-proxy)': - command => 'sm-provision service-group-member distributed-cloud-services dcorch-nova-api-proxy', - } - -> exec { 'Provision DCOrch-Nova-Api-Proxy in SM (service dcorch-nova-api-proxy)': - command => 'sm-provision service dcorch-nova-api-proxy', - } - -> exec { 'Provision DCOrch-Neutron-Api-Proxy (service-group-member dcorch-neutron-api-proxy)': - command => 'sm-provision service-group-member distributed-cloud-services dcorch-neutron-api-proxy', - } - -> exec { 'Provision DCOrch-Neutron-Api-Proxy in SM (service dcorch-neutron-api-proxy)': - command => 'sm-provision service dcorch-neutron-api-proxy', - } -> exec { 'Provision DCOrch-Patch-Api-Proxy (service-group-member dcorch-patch-api-proxy)': command => 'sm-provision service-group-member distributed-cloud-services dcorch-patch-api-proxy', } @@ -1165,25 +1153,9 @@ class platform::sm -> exec { 'Configure OpenStack - DCOrch-sysinv-api-proxy': command => "sm-configure service_instance dcorch-sysinv-api-proxy dcorch-sysinv-api-proxy \"\"", } - -> exec { 'Configure OpenStack - DCOrch-nova-api-proxy': - command => "sm-configure service_instance dcorch-nova-api-proxy dcorch-nova-api-proxy \"\"", - } - -> exec { 'Configure OpenStack - DCOrch-neutron-api-proxy': - command => "sm-configure service_instance dcorch-neutron-api-proxy dcorch-neutron-api-proxy \"\"", - } -> exec { 'Configure OpenStack - DCOrch-patch-api-proxy': command => "sm-configure service_instance dcorch-patch-api-proxy dcorch-patch-api-proxy \"\"", } - - exec { 'Provision DCOrch-Cinder-Api-Proxy (service-group-member dcorch-cinder-api-proxy)': - command => 'sm-provision service-group-member distributed-cloud-services dcorch-cinder-api-proxy', - } - -> exec { 'Provision DCOrch-Cinder-Api-Proxy in SM (service dcorch-cinder-api-proxy)': - command => 'sm-provision service dcorch-cinder-api-proxy', - } - -> exec { 'Configure OpenStack - DCOrch-cinder-api-proxy': - command => "sm-configure service_instance dcorch-cinder-api-proxy dcorch-cinder-api-proxy \"\"", - } } # lint:endignore:140chars diff --git a/puppet-manifests/src/modules/platform/templates/openrc.admin.erb b/puppet-manifests/src/modules/platform/templates/openrc.admin.erb index 680cfae0a..caeb83fd1 100644 --- a/puppet-manifests/src/modules/platform/templates/openrc.admin.erb +++ b/puppet-manifests/src/modules/platform/templates/openrc.admin.erb @@ -13,7 +13,6 @@ export OS_USER_DOMAIN_NAME=<%= @admin_user_domain %> export OS_PROJECT_DOMAIN_NAME=<%= @admin_project_domain %> export OS_IDENTITY_API_VERSION=<%= @identity_api_version %> export OS_REGION_NAME=<%= @identity_region %> -export OS_KEYSTONE_REGION_NAME=<%= @keystone_identity_region %> export OS_INTERFACE=internal if [ ! -z "${OS_PASSWORD}" ]; then