Bug 1240395 - RFE: Network Isolation should include a system management network
Summary: RFE: Network Isolation should include a system management network
Keywords:
Status: CLOSED CURRENTRELEASE
Alias: None
Product: Red Hat OpenStack
Classification: Red Hat
Component: openstack-tripleo-heat-templates
Version: 7.0 (Kilo)
Hardware: Unspecified
OS: Unspecified
urgent
unspecified
Target Milestone: ga
: 8.0 (Liberty)
Assignee: Marios Andreou
QA Contact: Amit Ugol
URL:
Whiteboard:
Depends On:
Blocks: 1190166 1243520
TreeView+ depends on / blocked
 
Reported: 2015-07-06 19:20 UTC by Dan Sneddon
Modified: 2016-04-28 13:51 UTC (History)
11 users (show)

Fixed In Version: openstack-tripleo-heat-templates-0.8.10-1.el7ost
Doc Type: Enhancement
Doc Text:
Feature: Add creation of a management network to the network isolation tripleo-heat-templates as well as a port on that network for all overcloud nodes. Reason: This network is to be used for administrative access to the overcloud nodes. Result: In https://review.openstack.org/#/c/264963 "Add Management Network For System Administration." (included in openstack-tripleo-heat-templates-0.8.10-1.el7ost) a new environment file "network-management.yaml" is introduced, which can be used when deploying your overcloud to enable creation of the management network/subnets and ports on each node. As well as this new environment file you will also need to ensure the management network is created correctly by your network templates. If you are deploying with the existing (in-tree) example templates, like the "single-nic-vlans" or "multiple-nics" you will need to uncomment the provided block - see https://github.com/openstack/tripleo-heat-templates/blob/365c35cc6e1e588215ab6d63143b84bb56dce376/network/config/single-nic-vlans/controller.yaml#L140 as an example, assuming you are using the single-nic-vlans templates and wish to create the management network vlan.
Clone Of:
Environment:
Last Closed: 2016-04-28 13:51:57 UTC
Target Upstream Version:
Embargoed:

Attachments (Terms of Use)


Links
System ID Private Priority Status Summary Last Updated
OpenStack gerrit 226057 0 None None None 2016-01-14 17:28:07 UTC
OpenStack gerrit 264963 0 None None None 2016-02-25 12:58:03 UTC

Description Dan Sneddon 2015-07-06 19:20:45 UTC 
Description of problem:
I was working on a customer installation of OSP Director today, and the requirement was raised for a system management network that spanned all hosts. This network would be used for SSH connectivity, monitoring, and devops work.

Version-Release number of selected component (if applicable):
All

How reproducible:
100%

Steps to Reproduce:
1. Configure overcloud network
2.
3.

Actual results:
There is no option for a system management network.

Expected results:
This is a clear customer requirement.

Additional info:
We should really try to get this into 7.1, I think we're probably going to feel some pain since we won't have this in GA. Perhaps a PM should even take a look and evaluate if we need this for GA.
Comment 3 Dan Sneddon 2015-07-09 21:06:43 UTC 
Upstream review to add system management network:
https://review.openstack.org/#/c/199800/
Comment 5 Dan Sneddon 2015-08-26 17:16:55 UTC 
The original upstream patch was abandoned in favor of this newer patchset:

https://review.openstack.org/#/c/216912/
Comment 9 Mike Burns 2016-01-14 17:28:57 UTC 
Patch merged in master, needs to be backported to stable liberty
Comment 10 Dan Sneddon 2016-01-18 01:55:14 UTC 
Downstream review: https://code.engineering.redhat.com/gerrit/65730
Comment 18 Matt Wisch 2016-04-22 19:07:37 UTC 
We tested a multi-node overcloud deployment utilizing the management network and after getting a type error I noticed that the ManagementNetValueSpecs parameter was set to the wrong type (string instead of json).

I have already made the change in gerrit:
https://review.openstack.org/#/c/309468/

with a cherry pick for stable/liberty here:
https://review.openstack.org/#/c/309549/1
Note You need to log in before you can comment on or make changes to this bug.