From c5fb81828a0b854d1d892b4685e9a1ba1659976f Mon Sep 17 00:00:00 2001 From: Fabiano Correa Mercer Date: Wed, 4 Oct 2023 16:42:47 -0300 Subject: [PATCH] Use FQDN for MGMT network The management network is used extensively for all internal communication. Since the original use of the network was a private network before it was exposed for external communication in a distributed cloud configuration, it was never designed to be reconfigured. To support MGMT network reconfiguration the idea is to configure the applications to use the hostname/FQDN instead of a static MGMT IP address. In this way the MGMT network can be changed and the services and applications will still work since they are using the hostname/FQDN and the DNS will be responsible to translate to the current MGMT IP address. The use of FQDN will be applied for all installation modes: AIO-SX, AIO-DX, Standard, AIO-PLUS and DC subclouds. But given the complexities of supporting the multi-host reconfiguration, the MGMT network reconfiguration will focus on support for AIO-SX only. The DNSMASQ service must start as soon as possible to translate the FQDN to IP address, for this reason the dnsmasq will start as soon the management-ip is ready. Test plan ( Debian only ) - AIO-SX and AIO-DX virtualbox installation IPv4/IPv6 - Standard virtualbox installation IPv6 - DC virtualbox installation IPv4 ( AIO-SX/DX subclouds ) - AIO-SX and AIO-DX installation IPv4/IPv6 - AIO-DX plus installation IPv6 - DC IPv6 and subcloud AIO-SX - AIO-DX host-swact - DC IPv4 virtualbox with subcloud AIO-DX and AIO-DX - AIO-SX to AIO-DX migration - netstat -tupl ( no services are using the MGMT IP address ) - Ran sanity/regression tests Story: 2010722 Task: 48889 Depends-On: https://review.opendev.org/c/starlingx/config/+/886208 Change-Id: If118132410a5a3db4c3a9d0ba029f4d45521574d Signed-off-by: Fabiano Correa Mercer --- service-mgmt/sm-db/database/create_sm_db.sql | 15 ++++++++++++--- 1 file changed, 12 insertions(+), 3 deletions(-) diff --git a/service-mgmt/sm-db/database/create_sm_db.sql b/service-mgmt/sm-db/database/create_sm_db.sql index a53d4426..1bb23ff5 100644 --- a/service-mgmt/sm-db/database/create_sm_db.sql +++ b/service-mgmt/sm-db/database/create_sm_db.sql @@ -192,12 +192,16 @@ INSERT INTO "SERVICE_DEPENDENCY" VALUES('action','hw-mon','not-applicable','enab INSERT INTO "SERVICE_DEPENDENCY" VALUES('action','vim','not-applicable','enable','mtc-agent','enabled-active'); INSERT INTO "SERVICE_DEPENDENCY" VALUES('action','vim-api','not-applicable','enable','vim','enabled-active'); INSERT INTO "SERVICE_DEPENDENCY" VALUES('action','vim-webserver','not-applicable','enable','vim','enabled-active'); -INSERT INTO "SERVICE_DEPENDENCY" VALUES('action','dnsmasq','not-applicable','enable','sysinv-conductor','enabled-active'); +INSERT INTO "SERVICE_DEPENDENCY" VALUES('action','dnsmasq','not-applicable','enable','management-ip','enabled-active'); +INSERT INTO "SERVICE_DEPENDENCY" VALUES('action','dnsmasq','not-applicable','enable','platform-fs','enabled-active'); +INSERT INTO "SERVICE_DEPENDENCY" VALUES('action','dnsmasq','not-applicable','disable','keystone','disabled'); +INSERT INTO "SERVICE_DEPENDENCY" VALUES('action','dnsmasq','not-applicable','disable','barbican-api','disabled'); INSERT INTO "SERVICE_DEPENDENCY" VALUES('action','fm-mgr','not-applicable','enable','postgres','enabled-active'); INSERT INTO "SERVICE_DEPENDENCY" VALUES('action','etcd','not-applicable','enable','etcd-fs','enabled-active'); INSERT INTO "SERVICE_DEPENDENCY" VALUES('action','keystone','not-applicable','enable','postgres','enabled-active'); INSERT INTO "SERVICE_DEPENDENCY" VALUES('action','keystone','not-applicable','enable','rabbit','enabled-active'); INSERT INTO "SERVICE_DEPENDENCY" VALUES('action','keystone','not-applicable','enable','management-ip','enabled-active'); +INSERT INTO "SERVICE_DEPENDENCY" VALUES('action','keystone','not-applicable','enable','dnsmasq','enabled-active'); INSERT INTO "SERVICE_DEPENDENCY" VALUES('action','horizon','not-applicable','enable','lighttpd','enabled-active'); INSERT INTO "SERVICE_DEPENDENCY" VALUES('action','ceph-manager','not-applicable','enable','mgr-restful-plugin','enabled-active'); INSERT INTO "SERVICE_DEPENDENCY" VALUES('action','drbd-cinder','not-applicable','go-active','management-ip','enabled-active'); @@ -230,13 +234,13 @@ INSERT INTO "SERVICE_DEPENDENCY" VALUES('action','management-ip','not-applicable INSERT INTO "SERVICE_DEPENDENCY" VALUES('action','management-ip','not-applicable','disable','sysinv-conductor','disabled'); INSERT INTO "SERVICE_DEPENDENCY" VALUES('action','sysinv-conductor','not-applicable','disable','sysinv-inv','disabled'); INSERT INTO "SERVICE_DEPENDENCY" VALUES('action','sysinv-inv','not-applicable','disable','mtc-agent','disabled'); -INSERT INTO "SERVICE_DEPENDENCY" VALUES('action','sysinv-conductor','not-applicable','disable','dnsmasq','disabled'); +INSERT INTO "SERVICE_DEPENDENCY" VALUES('action','management-ip','not-applicable','disable','dnsmasq','disabled'); +INSERT INTO "SERVICE_DEPENDENCY" VALUES('action','platform-fs','not-applicable','disable','dnsmasq','disabled'); INSERT INTO "SERVICE_DEPENDENCY" VALUES('action','mtc-agent','not-applicable','disable','hw-mon','disabled'); INSERT INTO "SERVICE_DEPENDENCY" VALUES('action','mtc-agent','not-applicable','disable','vim','disabled'); INSERT INTO "SERVICE_DEPENDENCY" VALUES('action','hw-mon','not-applicable','disable','',''); INSERT INTO "SERVICE_DEPENDENCY" VALUES('action','vim','not-applicable','disable','vim-api','disabled'); INSERT INTO "SERVICE_DEPENDENCY" VALUES('action','vim','not-applicable','disable','vim-webserver','disabled'); -INSERT INTO "SERVICE_DEPENDENCY" VALUES('action','dnsmasq','not-applicable','disable','',''); INSERT INTO "SERVICE_DEPENDENCY" VALUES('action','lighttpd','not-applicable','disable','horizon','disabled'); INSERT INTO "SERVICE_DEPENDENCY" VALUES('action','mgr-restful-plugin','not-applicable','disable','ceph-manager','disabled'); INSERT INTO "SERVICE_DEPENDENCY" VALUES('action','drbd-platform','not-applicable','disable','iscsi','disabled'); @@ -256,10 +260,12 @@ INSERT INTO "SERVICE_DEPENDENCY" VALUES('action','dcmanager-manager','not-applic INSERT INTO "SERVICE_DEPENDENCY" VALUES('action','dcmanager-manager','not-applicable','enable','rabbit','enabled-active'); INSERT INTO "SERVICE_DEPENDENCY" VALUES('action','dcmanager-manager','not-applicable','enable','postgres','enabled-active'); INSERT INTO "SERVICE_DEPENDENCY" VALUES('action','dcmanager-manager','not-applicable','enable','management-ip','enabled-active'); +INSERT INTO "SERVICE_DEPENDENCY" VALUES('action','dcmanager-manager','not-applicable','enable','dnsmasq','enabled-active'); INSERT INTO "SERVICE_DEPENDENCY" VALUES('action','sysinv-inv','not-applicable','disable','dcmanager-manager','disabled'); INSERT INTO "SERVICE_DEPENDENCY" VALUES('action','rabbit','not-applicable','disable','dcmanager-manager','disabled'); INSERT INTO "SERVICE_DEPENDENCY" VALUES('action','postgres','not-applicable','disable','dcmanager-manager','disabled'); INSERT INTO "SERVICE_DEPENDENCY" VALUES('action','management-ip','not-applicable','disable','dcmanager-manager','disabled'); +INSERT INTO "SERVICE_DEPENDENCY" VALUES('action','dnsmasq','not-applicable','disable','dcmanager-manager','disabled'); INSERT INTO "SERVICE_DEPENDENCY" VALUES('action','dcmanager-api','not-applicable','enable','dcmanager-manager','enabled-active'); INSERT INTO "SERVICE_DEPENDENCY" VALUES('action','dcmanager-manager','not-applicable','disable','dcmanager-api','disabled'); INSERT INTO "SERVICE_DEPENDENCY" VALUES('action','dcmanager-audit','not-applicable','enable','dcmanager-audit-worker','enabled-active'); @@ -291,6 +297,7 @@ INSERT INTO "SERVICE_DEPENDENCY" VALUES('action','etcd-fs','not-applicable','ena INSERT INTO "SERVICE_DEPENDENCY" VALUES('action','drbd-etcd','not-applicable','go-standby','etcd-fs','disabled'); INSERT INTO "SERVICE_DEPENDENCY" VALUES('action','barbican-api','not-applicable','enable','postgres','enabled-active'); INSERT INTO "SERVICE_DEPENDENCY" VALUES('action','barbican-api','not-applicable','enable','rabbit','enabled-active'); +INSERT INTO "SERVICE_DEPENDENCY" VALUES('action','barbican-api','not-applicable','enable','dnsmasq','enabled-active'); INSERT INTO "SERVICE_DEPENDENCY" VALUES('action','barbican-worker','not-applicable','enable','barbican-api','enabled-active'); INSERT INTO "SERVICE_DEPENDENCY" VALUES('action','barbican-keystone-listener','not-applicable','enable','barbican-worker','enabled-active'); INSERT INTO "SERVICE_DEPENDENCY" VALUES('action','postgres','not-applicable','disable','barbican-api','disabled'); @@ -760,6 +767,8 @@ INSERT INTO "SERVICE_GROUP_MEMBERS" SELECT MAX(id) + 1,'no','controller-services INSERT INTO "SERVICES" SELECT MAX(id) + 1, 'no','registry-token-server','initial','initial','none','none',2,1,90000,4,16,'/var/run/registry-token-server.pid' FROM "SERVICES"; INSERT INTO "SERVICE_DEPENDENCY" VALUES('action','registry-token-server','not-applicable','enable','management-ip','enabled-active'); INSERT INTO "SERVICE_DEPENDENCY" VALUES('action','management-ip','not-applicable','disable','registry-token-server','disabled'); +INSERT INTO "SERVICE_DEPENDENCY" VALUES('action','registry-token-server','not-applicable','enable','dnsmasq','enabled-active'); +INSERT INTO "SERVICE_DEPENDENCY" VALUES('action','dnsmasq','not-applicable','disable','registry-token-server','disabled'); INSERT INTO "SERVICE_ACTIONS" VALUES('registry-token-server','enable','lsb-script','','registry-token-server','start','',2,2,2,15,''); INSERT INTO "SERVICE_ACTIONS" VALUES('registry-token-server','disable','lsb-script','','registry-token-server','stop','',1,1,1,15,''); INSERT INTO "SERVICE_ACTIONS" VALUES('registry-token-server','audit-enabled','lsb-script','','registry-token-server','status','',2,2,2,15,40);