CHANGES
=======

* Add index to node-to-node tunnels
* Add ctlplane support
* Skip ctlplane network and fallback IPs
* Add Opportunistic IPSEC tunnels to use with dynamic inventory
* Create uninstall function
* Remove psk include variables call from the test playbook
* Add become: yes to handlers
* Optionally skip firewall rules
* update .gitignore with python-related files
* ansible-lint: use command instead of shell
* ansible-lint: Explicitly skip ANSIBLE0016
* ansible-lint: Use shell only when shell functionality is required
* ansible-lint: All tasks should be named
* Use systemd ansible module instead of shell
* ansible-lint: Use shell only when shell functionality is required
* ansible-lint: Package installs should not use latest
* ansible-lint: All tasks should be named
* ansible-lint: Commands should not change things if nothing needs doing
* ansible-lint: Remove trailing whitespaces
* Add basic tox.ini
* Add python packaging files (setup.py and setup.cfg)
* Fix formatting for command to generate the ipsec\_psk
* Remove ipsec\_conf\_file docs
* Add docs about ipsec\_psk
* Remove outdated "Dependencies" section from README
* Change resource agent to match upstream
* Separate network gathering bits to another file
* Verify that PSK has been provided
* Remove travis CI configuration file
* Move role to repo's root directory
* Move README to main role's README
* Move sample playbook to tests directory
* Remove documentation instances of overcloud\_internal\_api\_fqdn
* Add failureshunt=drop to the configurations
* Enable tunnels for ctlplane VIP
* Add note about adding the undercloud to the inventory
* Add storagemgmt network
* Add network name to the ipsec conf tasks output
* Make resource agent creation generic
* Change format of networks dict to a list
* Fix hardcoded references to internalapi in node-to-node configurations
* Add tunnels for storage network
* Specify network for current IP and controller facts
* Make ipsec configuration for VIPs generic
* Move ipsec configuration to it's own template
* Remove unused fact for other\_ips
* Remove unnused configuration and secrets files
* Start roadwarrior tunnels automatically
* Separate VIP and node-to-node configuration and secrets
* Improve resource agent names output
* Add resource agent for Redis
* Make resource agent creation generic
* Add tunnels for redis VIP
* Explicitly use hiera configuration file in hiera call
* Add controller identifier parameter
* Add "internalapi" to the ipsec connection names
* Correctly detect errors in resource agent and enable symmetrical creation/deletion
* Add documentation about ansible inventory for TripleO
* Wrap lines in role's README file
* Document ipsec algorithm and shorten name
* Don't rely on /etc/hosts to get the internal API VIP
* Make algorithm and key size configurable
* Remove service restart bits
* Reduce dpdtimeout to 15
* Add dead peer detection timer settings
* Add resource agent to tell the VIP tunnel to listen
* Fix ESP/AH iptables settings
* Update reference to the iptables restore
* Restore iptables rules, don't restart it
* Restart heat as part of the playbook
* Move cinder to be the last service restarted
* Uncomment service restarts
* Add uniqueids=no to the ipsec configuration
* Remove debug task
* Add roadwarrior-like configuration for VIP tunnel
* Fix controllers' host-to-host configuration
* Uncomment restarting of services
* Add iptables rules to the top of the chain
* Persist iptables rules
* Use index for controller-to-compute tunnels on compute side
* Remove unnecessary whitespaces from command outputs and configurations
* Add controller-to-controller tunnels
* Add firewall rules before flushing handlers
* Move setup to its own file
* Clean whitespaces and clarify outputs with comments
* Controllers should use auto=add in the configuration
* Add road-warrior-like configuration
* configure always tunnels to VIP
* Restart services after ipsec configuration has been set
* Allow Authentication Header traffic in iptable rules
* Add tunnels for overcloud internal API VIP
* Make overcloud internal API VIP configurable
* Move all setup to one role
* Initial commit
* Initial commit for roles and playbook
