Bug 1240395

Summary: RFE: Network Isolation should include a system management network
Product: Red Hat OpenStack Reporter: Dan Sneddon <dsneddon>
Component: openstack-tripleo-heat-templatesAssignee: Marios Andreou <mandreou>
Status: CLOSED CURRENTRELEASE QA Contact: Amit Ugol <augol>
Severity: unspecified Docs Contact:
Priority: urgent    
Version: 7.0 (Kilo)CC: achernet, dsneddon, jdonohue, jslagle, karatecletus323, kbasil, mburns, mcornea, morazi, rhel-osp-director-maint, sasha
Target Milestone: gaKeywords: FutureFeature, Reopened, TestOnly, ZStream
Target Release: 8.0 (Liberty)   
Hardware: Unspecified   
OS: Unspecified   
Whiteboard:
Fixed In Version: openstack-tripleo-heat-templates-0.8.10-1.el7ost Doc Type: Enhancement
Doc Text:
Feature: Add creation of a management network to the network isolation tripleo-heat-templates as well as a port on that network for all overcloud nodes. Reason: This network is to be used for administrative access to the overcloud nodes. Result: In https://review.openstack.org/#/c/264963 "Add Management Network For System Administration." (included in openstack-tripleo-heat-templates-0.8.10-1.el7ost) a new environment file "network-management.yaml" is introduced, which can be used when deploying your overcloud to enable creation of the management network/subnets and ports on each node. As well as this new environment file you will also need to ensure the management network is created correctly by your network templates. If you are deploying with the existing (in-tree) example templates, like the "single-nic-vlans" or "multiple-nics" you will need to uncomment the provided block - see https://github.com/openstack/tripleo-heat-templates/blob/365c35cc6e1e588215ab6d63143b84bb56dce376/network/config/single-nic-vlans/controller.yaml#L140 as an example, assuming you are using the single-nic-vlans templates and wish to create the management network vlan.
 Story Points: ---
Clone Of: Environment:
Last Closed: 2016-04-28 13:51:57 UTC Type: Bug
Regression: --- Mount Type: ---
Documentation: --- CRM:
Verified Versions: Category: ---
oVirt Team: --- RHEL 7.3 requirements from Atomic Host:
Cloudforms Team: --- Target Upstream Version:
Embargoed:
Bug Depends On:    
Bug Blocks: 1190166, 1243520    

Description Dan Sneddon 2015-07-06 19:20:45 UTC 
Description of problem:
I was working on a customer installation of OSP Director today, and the requirement was raised for a system management network that spanned all hosts. This network would be used for SSH connectivity, monitoring, and devops work.

Version-Release number of selected component (if applicable):
All

How reproducible:
100%

Steps to Reproduce:
1. Configure overcloud network
2.
3.

Actual results:
There is no option for a system management network.

Expected results:
This is a clear customer requirement.

Additional info:
We should really try to get this into 7.1, I think we're probably going to feel some pain since we won't have this in GA. Perhaps a PM should even take a look and evaluate if we need this for GA.
Comment 3 Dan Sneddon 2015-07-09 21:06:43 UTC 
Upstream review to add system management network:
https://review.openstack.org/#/c/199800/
Comment 5 Dan Sneddon 2015-08-26 17:16:55 UTC 
The original upstream patch was abandoned in favor of this newer patchset:

https://review.openstack.org/#/c/216912/
Comment 9 Mike Burns 2016-01-14 17:28:57 UTC 
Patch merged in master, needs to be backported to stable liberty
Comment 10 Dan Sneddon 2016-01-18 01:55:14 UTC 
Downstream review: https://code.engineering.redhat.com/gerrit/65730
Comment 18 Matt Wisch 2016-04-22 19:07:37 UTC 
We tested a multi-node overcloud deployment utilizing the management network and after getting a type error I noticed that the ManagementNetValueSpecs parameter was set to the wrong type (string instead of json).

I have already made the change in gerrit:
https://review.openstack.org/#/c/309468/

with a cherry pick for stable/liberty here:
https://review.openstack.org/#/c/309549/1