diff options
author | Dan Sneddon <dsneddon@redhat.com> | 2015-10-15 08:10:44 -0700 |
---|---|---|
committer | Giulio Fidente <gfidente@redhat.com> | 2016-03-04 14:34:59 +0100 |
commit | 321e605a0a4c219415a3876a84fa063410380cac (patch) | |
tree | 2b159ddb26b9f85018f7a60c530af0b5c4e60297 /environments | |
parent | 07e99fef9ba96dd9a650ef43560e6a7794939a20 (diff) |
Add IPv6 Support to Isolated Networks
This change adds a new set of network templates with IPv6 subnets
that can be used instead of the existing IPv4 networks. Each network
can use either the IPv4 or IPv6 template, and the Neutron subnet will
be created with the specified IP version.
The default addresses used for the IPv6 networks use the fd00::/8
prefix for the internal isolated networks (this range is reserved
for private use similar to 10.0.0.0/8), and 2001:db8:fd00:1000::/64
is used as an example default for the External network
(2001:db8::/32 are the documentation addresses [RFC3849]), but this
would ordinarily be a globally addressable subnet. These
parameters may be overridden in an environment file.
This change will require updates to the OpenStack Puppet
Modules to support IPv6 addresses in some of the hieradata values.
Many of the OPM modules already have IPv6 support to support IPv6
deployments in Packstack, but some OPM packages that apply only to
Instack/TripleO deployments need to be updated.
IPv6 addresses used in URLs need to be surrounded by brackets in
order to differentiate IP address from port number. This change
adds a new output to the network/ports resources for
ip_address_uri, which is an IP address with brackets in the case
of IPv6, and a raw IP address without brackets for IPv4 ports.
This change also updates some URLs which are constructed in Heat.
This has been tested and problems were found with Puppet not
accepting IPv6 addresses. This is addressed in the latest Puppet.
Additional changes were required to make this work with Ceph.
IPv6 tunnel endpoints with Open vSwitch are not yet supported
(although support is coming soon), so this review leaves the
Tenant network as an isolated IPv4 network for the time being.
Change-Id: Ie7a742bdf1db533edda2998a53d28528f80ef8e2
Diffstat (limited to 'environments')
-rw-r--r-- | environments/network-isolation-v6.yaml | 49 |
1 files changed, 49 insertions, 0 deletions
diff --git a/environments/network-isolation-v6.yaml b/environments/network-isolation-v6.yaml new file mode 100644 index 00000000..8a3d806e --- /dev/null +++ b/environments/network-isolation-v6.yaml @@ -0,0 +1,49 @@ +# Enable the creation of IPv6 Neutron networks for isolated Overcloud +# traffic and configure each role to assign ports (related +# to that role) on these networks. +resource_registry: + OS::TripleO::Network::External: ../network/external_v6.yaml + OS::TripleO::Network::InternalApi: ../network/internal_api_v6.yaml + OS::TripleO::Network::StorageMgmt: ../network/storage_mgmt_v6.yaml + OS::TripleO::Network::Storage: ../network/storage_v6.yaml + # IPv4 until OVS and Neutron support IPv6 tunnel endpoints + OS::TripleO::Network::Tenant: ../network/tenant.yaml + + # Port assignments for the VIPs + OS::TripleO::Network::Ports::ExternalVipPort: ../network/ports/external_v6.yaml + OS::TripleO::Network::Ports::InternalApiVipPort: ../network/ports/internal_api_v6.yaml + OS::TripleO::Network::Ports::StorageVipPort: ../network/ports/storage_v6.yaml + OS::TripleO::Network::Ports::StorageMgmtVipPort: ../network/ports/storage_mgmt_v6.yaml + OS::TripleO::Network::Ports::RedisVipPort: ../network/ports/vip_v6.yaml + + # Port assignments for the controller role + OS::TripleO::Controller::Ports::ExternalPort: ../network/ports/external_v6.yaml + OS::TripleO::Controller::Ports::InternalApiPort: ../network/ports/internal_api_v6.yaml + OS::TripleO::Controller::Ports::StoragePort: ../network/ports/storage_v6.yaml + OS::TripleO::Controller::Ports::StorageMgmtPort: ../network/ports/storage_mgmt_v6.yaml + OS::TripleO::Controller::Ports::TenantPort: ../network/ports/tenant.yaml + + # Port assignments for the compute role + OS::TripleO::Compute::Ports::InternalApiPort: ../network/ports/internal_api_v6.yaml + OS::TripleO::Compute::Ports::StoragePort: ../network/ports/storage_v6.yaml + OS::TripleO::Compute::Ports::TenantPort: ../network/ports/tenant.yaml + + # Port assignments for the ceph storage role + OS::TripleO::CephStorage::Ports::StoragePort: ../network/ports/storage_v6.yaml + OS::TripleO::CephStorage::Ports::StorageMgmtPort: ../network/ports/storage_mgmt_v6.yaml + + # Port assignments for the swift storage role + OS::TripleO::SwiftStorage::Ports::InternalApiPort: ../network/ports/internal_api_v6.yaml + OS::TripleO::SwiftStorage::Ports::StoragePort: ../network/ports/storage_v6.yaml + OS::TripleO::SwiftStorage::Ports::StorageMgmtPort: ../network/ports/storage_mgmt_v6.yaml + + # Port assignments for the block storage role + OS::TripleO::BlockStorage::Ports::InternalApiPort: ../network/ports/internal_api_v6.yaml + OS::TripleO::BlockStorage::Ports::StoragePort: ../network/ports/storage_v6.yaml + OS::TripleO::BlockStorage::Ports::StorageMgmtPort: ../network/ports/storage_mgmt_v6.yaml + +parameter_defaults: + # Enable IPv6 for MongoDB. This is required when MongoDB is using an IPv6 IP. + MongoDbIPv6: True + # Enable various IPv6 features in Nova. + NovaIPv6: True |