We now insert the External network into the compute role after it was
removed upstream. However, the format has now changed for the network
specification. It no longer uses an Array, but instead uses a Dict. This
patch accounts for that case.
Also, adds new required arg --role-name to the NIC template merge tool.
Additionally, now undercloud is missing iptables rule to allow ssh
after undercloud install. This patch adds it via ansible.
Change-Id: Id3e4ecdfb1633ec4c58435c294f544a9625a106e
Signed-off-by: Tim Rozet <trozet@redhat.com>
jump: ACCEPT
source: "{{ nat_cidr }}"
ctstate: ESTABLISHED,RELATED
- - name: Undercloud NAT - Save iptables
- shell: service iptables save
become: yes
when:
- not nat_network_ipv6
- nat
+ - name: Allow SSH in iptables
+ iptables:
+ action: insert
+ chain: INPUT
+ rule_num: 1
+ protocol: tcp
+ destination_port: 22
+ jump: ACCEPT
+ become: yes
+ - name: Undercloud NAT - Save iptables
+ shell: service iptables save
+ become: yes
- name: fetch storage environment file
fetch:
src: /usr/share/openstack-tripleo-heat-templates/environments/storage-environment.yaml
ruby -e '
require "yaml"
data = YAML.load(File.read("/usr/share/openstack-tripleo-heat-templates/roles_data.yaml"))
- data[1]["networks"].push("External")
+ if data[1]["networks"].is_a?(Array)
+ data[1]["networks"].push("External")
+ elsif data[1]["networks"].is_a?(Hash)
+ data[1]["networks"].merge!("External"=> { "subnet" => "external_subnet" })
+ else
+ raise "Unable to determine data to modify in roles_data.yaml"
+ end
data[1]["default_route_networks"] = Array.new(["External"])
File.open("/usr/share/openstack-tripleo-heat-templates/roles_data.yaml", "w") { |f| f.write(data.to_yaml) }
'
shell: >
/usr/share/openstack-tripleo-heat-templates/tools/merge-new-params-nic-config-script.py
-n /home/stack/network_data.yaml -t /home/stack/nics/{{ item }}.yaml --discard-comments True
+ --role-name Controller
become: yes
become_user: stack
with_items:
Code Review / apex.git / commitdiff