aboutsummaryrefslogtreecommitdiffstats
path: root/puppet
diff options
context:
space:
mode:
authorMichael Henkel <mhenkel@juniper.net>2017-01-26 15:24:04 +0100
committerMichael Henkel <mhenkel@juniper.net>2017-02-08 20:25:41 +0100
commitda91bb6e1e041b4462765c87ff36458528d952e8 (patch)
treed0423a1cd45ced6af122dcaded289a90d0eab73d /puppet
parent4774913d09e62b433d99eb6aa3b04f8e3e13fa9c (diff)
Re-organizes Contrail services to the correct roles
In current setup some Contrail services belong to the wrong roles. The Contrail control plane can be impacted if the Analytics database has problems. Change-Id: I0d57a2324c38b5b20cc687c6217a7a364941f7e6 Depends-On: Id0dd35b95c5fe9d0fcc1e16c4b7d6cc601f10818 Closes-Bug: #1659560
Diffstat (limited to 'puppet')
-rw-r--r--puppet/extraconfig/pre_deploy/compute/neutron-opencontrail.yaml59
-rw-r--r--puppet/services/network/contrail-analytics-database.yaml43
-rw-r--r--puppet/services/network/contrail-analytics.yaml57
-rw-r--r--puppet/services/network/contrail-base.yaml85
-rw-r--r--puppet/services/network/contrail-config.yaml28
-rw-r--r--puppet/services/network/contrail-control.yaml21
-rw-r--r--puppet/services/network/contrail-database.yaml12
-rw-r--r--puppet/services/network/contrail-heat.yaml40
-rw-r--r--puppet/services/network/contrail-neutron-plugin.yaml45
-rw-r--r--puppet/services/network/contrail-provision.yaml (renamed from puppet/services/neutron-compute-plugin-opencontrail.yaml)18
-rw-r--r--puppet/services/network/contrail-tsn.yaml64
-rw-r--r--puppet/services/network/contrail-vrouter.yaml64
-rw-r--r--puppet/services/network/contrail-webui.yaml30
-rw-r--r--puppet/services/neutron-plugin-opencontrail.yaml74
14 files changed, 344 insertions, 296 deletions
diff --git a/puppet/extraconfig/pre_deploy/compute/neutron-opencontrail.yaml b/puppet/extraconfig/pre_deploy/compute/neutron-opencontrail.yaml
deleted file mode 100644
index 66252f1f..00000000
--- a/puppet/extraconfig/pre_deploy/compute/neutron-opencontrail.yaml
+++ /dev/null
@@ -1,59 +0,0 @@
-heat_template_version: ocata
-
-description: Compute node hieradata for Neutron OpenContrail configuration
-
-parameters:
- server:
- description: ID of the compute node to apply this config to
- type: string
- ContrailApiServerIp:
- description: IP address of the OpenContrail API server
- type: string
- ContrailApiServerPort:
- description: Port of the OpenContrail API
- type: string
- default: 8082
-
-resources:
- ComputeContrailConfig:
- type: OS::Heat::StructuredConfig
- properties:
- group: os-apply-config
- config:
- hiera:
- datafiles:
- neutron_opencontrail_data:
- mapped_data:
- nova::network::neutron::network_api_class: nova.network.neutronv2.api.API
-
- contrail::vrouter::provision_vrouter::api_address: {get_input: contrail_api_server_ip}
- contrail::vrouter::provision_vrouter::api_port: {get_input: contrail_api_server_port}
- contrail::vrouter::provision_vrouter::keystone_admin_user: admin
- contrail::vrouter::provision_vrouter::keystone_admin_tenant_name: admin
- contrail::vrouter::provision_vrouter::keystone_admin_password: '"%{::admin_password}"'
-
- contrail::vnc_api::vnc_api_config:
- 'auth/AUTHN_TYPE':
- value: keystone
- 'auth/AUTHN_PROTOCOL':
- value: http
- 'auth/AUTHN_SERVER':
- value: "%{hiera('keystone_admin_api_vip')}"
- 'auth/AUTHN_PORT':
- value: 35357
- 'auth/AUTHN_URL':
- value: '/v2.0/tokens'
-
- ComputeContrailDeployment:
- type: OS::Heat::StructuredDeployment
- properties:
- config: {get_resource: ComputeContrailConfig}
- server: {get_param: server}
- input_values:
- contrail_api_server_ip: {get_param: ContrailApiServerIp}
- contrail_api_server_port: {get_param: ContrailApiServerPort}
-
-outputs:
- deploy_stdout:
- description: Output of the extra hiera data deployment
- value: {get_attr: [ComputeContrailDeployment, deploy_stdout]}
diff --git a/puppet/services/network/contrail-analytics-database.yaml b/puppet/services/network/contrail-analytics-database.yaml
new file mode 100644
index 00000000..67341ed3
--- /dev/null
+++ b/puppet/services/network/contrail-analytics-database.yaml
@@ -0,0 +1,43 @@
+heat_template_version: ocata
+
+description: >
+ Contrail Analytics Database service deployment using puppet, this YAML file
+ creates the interface between the HOT template
+ and the puppet manifest that actually installs
+ and configures Contrail Analytics Database.
+
+parameters:
+ ServiceNetMap:
+ default: {}
+ description: Mapping of service_name -> network name. Typically set
+ via parameter_defaults in the resource registry. This
+ mapping overrides those in ServiceNetMapDefaults.
+ type: json
+ DefaultPasswords:
+ default: {}
+ type: json
+ EndpointMap:
+ default: {}
+ description: Mapping of service endpoint -> protocol. Typically set
+ via parameter_defaults in the resource registry.
+ type: json
+
+resources:
+ ContrailBase:
+ type: ./contrail-base.yaml
+ properties:
+ ServiceNetMap: {get_param: ServiceNetMap}
+ DefaultPasswords: {get_param: DefaultPasswords}
+ EndpointMap: {get_param: EndpointMap}
+
+outputs:
+ role_data:
+ description: Role Contrail Analytics Database using composable services.
+ value:
+ service_name: contrail_analytics_database
+ config_settings:
+ map_merge:
+ - get_attr: [ContrailBase, role_data, config_settings]
+ - contrail::analytics::database::host_ip: {get_param: [ServiceNetMap, ContrailAnalyticsDatabaseNetwork]}
+ step_config: |
+ include ::tripleo::network::contrail::analyticsdatabase
diff --git a/puppet/services/network/contrail-analytics.yaml b/puppet/services/network/contrail-analytics.yaml
index ad14d315..e3e0ec4b 100644
--- a/puppet/services/network/contrail-analytics.yaml
+++ b/puppet/services/network/contrail-analytics.yaml
@@ -21,44 +21,6 @@ parameters:
description: Mapping of service endpoint -> protocol. Typically set
via parameter_defaults in the resource registry.
type: json
- ContrailAnalyticsHostIP:
- description: host IP address of Analytics
- type: string
- ContrailAnalyticsRedisServerIp:
- description: Redis server ip address
- type: string
- ContrailAnalyticsCollectorServerHttpPort:
- description: Collector http port
- type: number
- default: 8089
- ContrailAnalyticsCollectorSandeshPort:
- description: Collector sandesh port
- type: number
- default: 8086
- ContrailAnalyticsHttpServerPort:
- description: Analytics http port
- type: number
- default: 8090
- ContrailAnalyticsListenAddress:
- default: '0.0.0.0'
- description: IP address Config API is listening on
- type: string
- ContrailAnalyticsListenPort:
- default: 8082
- description: Port Config API is listening on
- type: number
- ContrailAnalyticsRedisServerPort:
- description: Redis server port
- type: number
- default: 6379
- ContrailAnalyticsRestApiIp:
- description: IP address Analytics rest interface listens on
- type: string
- default: '0.0.0.0'
- ContrailAnalyticsRestApiPort:
- description: Analytics rest port
- type: number
- default: 8081
resources:
ContrailBase:
@@ -76,15 +38,14 @@ outputs:
config_settings:
map_merge:
- get_attr: [ContrailBase, role_data, config_settings]
- - contrail::analytics::collector_http_server_port: {get_param: ContrailAnalyticsCollectorServerHttpPort}
- contrail::analytics::collector_sandesh_port: {get_param: ContrailAnalyticsCollectorSandeshPort}
- contrail::analytics::host_ip: {get_param: ContrailAnalyticsHostIP}
- contrail::analytics::http_server_port: {get_param: ContrailAnalyticsHttpServerPort}
- contrail::analytics::listen_ip_address: {get_param: ContrailAnalyticsListenAddress}
- contrail::analytics::listen_port: {get_param: ContrailAnalyticsListenPort}
- contrail::analytics::redis_server: {get_param: ContrailAnalyticsRedisServerIp}
- contrail::analytics::redis_server_port: {get_param: ContrailAnalyticsRedisServerPort}
- contrail::analytics::rest_api_ip: {get_param: ContrailAnalyticsRestApiIp}
- contrail::analytics::rest_api_port: {get_param: ContrailAnalyticsRestApiPort}
+ - contrail::analytics::collector_http_server_port: {get_param: [EndpointMap, ContrailAnalyticsCollectorHttpInternal, port]}
+ contrail::analytics::collector_sandesh_port: {get_param: [EndpointMap, ContrailAnalyticsCollectorSandeshInternal, port]}
+ contrail::analytics::host_ip: {get_param: [ServiceNetMap, ContrailAnalyticsNetwork]}
+ contrail::analytics::http_server_port: {get_param: [EndpointMap, ContrailAnalyticsHttpInternal, port]}
+ contrail::analytics::listen_ip_address: {get_param: [ServiceNetMap, ContrailAnalyticsNetwork]}
+ contrail::analytics::redis_server: '127.0.0.1'
+ contrail::analytics::redis_server_port: {get_param: [EndpointMap, ContrailAnalyticsRedisInternal, port]}
+ contrail::analytics::rest_api_ip: {get_param: [ServiceNetMap, ContrailAnalyticsNetwork]}
+ contrail::analytics::rest_api_port: {get_param: [EndpointMap, ContrailAnalyticsApiInternal, port]}
step_config: |
include ::tripleo::network::contrail::analytics
diff --git a/puppet/services/network/contrail-base.yaml b/puppet/services/network/contrail-base.yaml
index b49b2add..bc56a3ca 100644
--- a/puppet/services/network/contrail-base.yaml
+++ b/puppet/services/network/contrail-base.yaml
@@ -18,47 +18,42 @@ parameters:
description: Mapping of service endpoint -> protocol. Typically set
via parameter_defaults in the resource registry.
type: json
+ ContrailAAAMode:
+ description: AAAmode can be no-auth, cloud-admin or rbac
+ type: string
+ default: 'rbac'
+ ContrailAAAModeAnalytics:
+ description: AAAmode for analytics can be no-auth, cloud-admin or rbac
+ type: string
+ default: 'no-auth'
AdminPassword:
description: Keystone admin user password
type: string
+ hidden: true
AdminTenantName:
description: Keystone admin tenant name
type: string
+ default: 'admin'
AdminToken:
description: Keystone admin token
type: string
+ hidden: true
AdminUser:
description: Keystone admin user name
type: string
- AuthHost:
- description: Keystone host IP address
- type: string
- AuthPort:
- default: 35357
- description: Keystone port
+ default: 'admin'
+ AuthPortSSL:
+ default: 13357
+ description: Keystone SSL port
+ type: number
+ AuthPortSSLPublic:
+ default: 13000
+ description: Keystone Public SSL port
type: number
- AuthProtocol:
- default: 'http'
- description: Keystone authentication protocol
- type: string
- ContrailDiscoveryServerIp:
- description: Discovery server ip address
- type: string
- ContrailKafkaBrokerList:
- description: List of kafka servers
- type: comma_delimited_list
ContrailAuth:
default: 'keystone'
description: Keystone authentication method
type: string
- ContrailCassandraServerList:
- default: []
- description: List of cassandra servers
- type: comma_delimited_list
- ContrailDiscoveryServerPort:
- description: Discovery server port
- type: number
- default: 5998
ContrailInsecure:
default: false
description: Keystone insecure mode
@@ -67,14 +62,18 @@ parameters:
default: '127.0.0.1:12111'
description: Memcached server
type: string
- ContrailMultiTenancy:
- default: true
- description: Turn on/off multi-tenancy
- type: boolean
- ContrailZkServerIp:
- default: []
- description: List of zookeeper servers
- type: comma_delimited_list
+ RabbitPassword:
+ description: The password for RabbitMQ
+ type: string
+ hidden: true
+ RabbitUserName:
+ default: guest
+ description: The username for RabbitMQ
+ type: string
+ RabbitClientPort:
+ default: 5672
+ description: Set rabbit subscriber port, change this if using SSL
+ type: number
outputs:
role_data:
@@ -82,19 +81,23 @@ outputs:
value:
service_name: contrail_base
config_settings:
+ contrail::aaa_mode: {get_param: ContrailAAAMode}
+ contrail::analytics_aaa_mode: {get_param: ContrailAAAModeAnalytics}
contrail::admin_password: {get_param: AdminPassword}
contrail::admin_tenant_name: {get_param: AdminTenantName}
contrail::admin_token: {get_param: AdminToken}
contrail::admin_user: {get_param: AdminUser}
- contrail::auth_host: {get_param: [EndpointMap, KeystoneInternal, host] }
- contrail::auth_port: {get_param: [EndpointMap, KeystoneInternal, port] }
- contrail::auth_protocol: {get_param: [EndpointMap, KeystoneInternal, protocol] }
- contrail::disc_server_ip: {get_param: ContrailDiscoveryServerIp}
- contrail::kafka_broker_list: {get_param: ContrailKafkaBrokerList}
contrail::auth: {get_param: ContrailAuth}
- contrail::cassandra_server_list: {get_param: ContrailCassandraServerList}
- contrail::disc_server_port: {get_param: ContrailDiscoveryServerPort}
+ contrail::auth_host: {get_param: [EndpointMap, KeystonePublic, host] }
+ contrail::auth_port: {get_param: [EndpointMap, KeystoneAdmin, port] }
+ contrail::auth_port_ssl: {get_param: AuthPortSSL }
+ contrail::auth_port_public: {get_param: [EndpointMap, KeystonePublic, port] }
+ contrail::auth_port_ssl_public: {get_param: AuthPortSSLPublic }
+ contrail::auth_protocol: {get_param: [EndpointMap, KeystoneInternal, protocol] }
+ contrail::api_port: {get_param: [EndpointMap, ContrailConfigInternal, port] }
+ contrail::disc_server_port: {get_param: [EndpointMap, ContrailDiscoveryInternal, port] }
contrail::insecure: {get_param: ContrailInsecure}
contrail::memcached_server: {get_param: ContrailMemcachedServer}
- contrail::multi_tenancy: {get_param: ContrailMultiTenancy}
- contrail::zk_server_ip: {get_param: ContrailZkServerIp}
+ contrail::rabbit_password: {get_param: RabbitPassword}
+ contrail::rabbit_user: {get_param: RabbitUserName}
+ contrail::rabbit_port: {get_param: RabbitClientPort}
diff --git a/puppet/services/network/contrail-config.yaml b/puppet/services/network/contrail-config.yaml
index 03774480..185b6094 100644
--- a/puppet/services/network/contrail-config.yaml
+++ b/puppet/services/network/contrail-config.yaml
@@ -21,29 +21,14 @@ parameters:
description: Mapping of service endpoint -> protocol. Typically set
via parameter_defaults in the resource registry.
type: json
- ContrailConfigIfmapServerIp:
- description: Ifmap server ip address
- type: string
ContrailConfigIfmapUserName:
description: Ifmap user name
type: string
+ default: 'api-server'
ContrailConfigIfmapUserPassword:
description: Ifmap user password
type: string
- ContrailConfigRabbitServerIp:
- description: RabbitMq server ip address
- type: string
- ContrailConfigRedisServerIp:
- description: Redis server ip address
- type: string
- ContrailConfigListenAddress:
- default: '0.0.0.0'
- description: IP address Config API is listening on
- type: string
- ContrailConfigListenPort:
- default: 8082
- description: Port Config API is listening on
- type: number
+ default: 'api-server'
resources:
ContrailBase:
@@ -62,11 +47,10 @@ outputs:
map_merge:
- get_attr: [ContrailBase, role_data, config_settings]
- contrail::config::ifmap_password: {get_param: ContrailConfigIfmapUserPassword}
- contrail::config::ifmap_server_ip: {get_param: ContrailConfigIfmapServerIp}
contrail::config::ifmap_username: {get_param: ContrailConfigIfmapUserName}
- contrail::config::listen_ip_address: {get_param: ContrailConfigListenAddress}
- contrail::config::listen_port: {get_param: ContrailConfigListenPort}
- contrail::config::rabbit_server: {get_param: ContrailConfigRabbitServerIp}
- contrail::config::redis_server: {get_param: ContrailConfigRedisServerIp}
+ contrail::config::listen_ip_address: {get_param: [ServiceNetMap, ContrailConfigNetwork]}
+ contrail::config::listen_port: {get_param: [EndpointMap, ContrailConfigInternal, port] }
+ contrail::config::redis_server: '127.0.0.1'
+ contrail::config::host_ip: {get_param: [ServiceNetMap, ContrailConfigNetwork] }
step_config: |
include ::tripleo::network::contrail::config
diff --git a/puppet/services/network/contrail-control.yaml b/puppet/services/network/contrail-control.yaml
index 7c28d283..0964989b 100644
--- a/puppet/services/network/contrail-control.yaml
+++ b/puppet/services/network/contrail-control.yaml
@@ -21,15 +21,14 @@ parameters:
description: Mapping of service endpoint -> protocol. Typically set
via parameter_defaults in the resource registry.
type: json
- ContrailControlHostIP:
- description: host IP address of Analytics
- type: string
- ContrailControlIfmapUserName:
- description: Ifmap user name
- type: string
- ContrailControlIfmapUserPassword:
- description: Ifmap user password
+ ContrailControlASN:
+ description: Autonomous System Number
+ type: number
+ default: 64512
+ ContrailControlRNDCSecret:
+ description: sda1/256 hmac key, e.g. echo -n "values" | openssl dgst -sha256 -hmac key -binary | base64
type: string
+ hidden: true
resources:
ContrailBase:
@@ -47,8 +46,8 @@ outputs:
config_settings:
map_merge:
- get_attr: [ContrailBase, role_data, config_settings]
- - contrail::control::host_ip: {get_param: ContrailControlHostIP}
- contrail::control::ifmap_username: {get_param: ContrailControlIfmapUserName}
- contrail::control::ifmap_password: {get_param: ContrailControlIfmapUserPassword}
+ - contrail::control::asn: {get_param: ContrailControlASN }
+ contrail::control::host_ip: {get_param: [ServiceNetMap, ContrailControlNetwork]}
+ contrail::control::rndc_secret: {get_param: ContrailControlRNDCSecret}
step_config: |
include ::tripleo::network::contrail::control
diff --git a/puppet/services/network/contrail-database.yaml b/puppet/services/network/contrail-database.yaml
index c56b90a2..b47c2c36 100644
--- a/puppet/services/network/contrail-database.yaml
+++ b/puppet/services/network/contrail-database.yaml
@@ -21,13 +21,6 @@ parameters:
description: Mapping of service endpoint -> protocol. Typically set
via parameter_defaults in the resource registry.
type: json
- ContrailDatabaseHostIP:
- description: host IP address of Database node
- type: string
- ContrailDatabaseMinDisk:
- description: Minimum disk size for database
- type: number
- default: 64
resources:
ContrailBase:
@@ -45,7 +38,6 @@ outputs:
config_settings:
map_merge:
- get_attr: [ContrailBase, role_data, config_settings]
- - contrail::database::host_ip: {get_param: ContrailDatabaseHostIP}
- contrail::database::minimum_diskGB: {get_param: ContrailDatabaseMinDisk}
+ - contrail::database::host_ip: {get_param: [ServiceNetMap, ContrailDatabaseNetwork]}
step_config: |
- include ::tripleo::profile::contrail::database
+ include ::tripleo::network::contrail::database
diff --git a/puppet/services/network/contrail-heat.yaml b/puppet/services/network/contrail-heat.yaml
new file mode 100644
index 00000000..4dfc6579
--- /dev/null
+++ b/puppet/services/network/contrail-heat.yaml
@@ -0,0 +1,40 @@
+heat_template_version: ocata
+
+description: >
+ Contrail Heat plugin adds Contrail specific heat resources enabling heat
+ to orchestrate Contrail
+
+parameters:
+ ServiceNetMap:
+ default: {}
+ description: Mapping of service_name -> network name. Typically set
+ via parameter_defaults in the resource registry. This
+ mapping overrides those in ServiceNetMapDefaults.
+ type: json
+ DefaultPasswords:
+ default: {}
+ type: json
+ EndpointMap:
+ default: {}
+ description: Mapping of service endpoint -> protocol. Typically set
+ via parameter_defaults in the resource registry.
+ type: json
+
+resources:
+ ContrailBase:
+ type: ./contrail-base.yaml
+ properties:
+ ServiceNetMap: {get_param: ServiceNetMap}
+ DefaultPasswords: {get_param: DefaultPasswords}
+ EndpointMap: {get_param: EndpointMap}
+
+outputs:
+ role_data:
+ description: Contrail Heat plugin
+ value:
+ service_name: contrail_heat
+ config_settings:
+ map_merge:
+ - get_attr: [ContrailBase, role_data, config_settings]
+ step_config: |
+ include ::tripleo::network::contrail::heat
diff --git a/puppet/services/network/contrail-neutron-plugin.yaml b/puppet/services/network/contrail-neutron-plugin.yaml
new file mode 100644
index 00000000..2f2ceb37
--- /dev/null
+++ b/puppet/services/network/contrail-neutron-plugin.yaml
@@ -0,0 +1,45 @@
+heat_template_version: ocata
+
+description: >
+ OpenStack Neutron Opencontrail plugin
+
+parameters:
+ ServiceNetMap:
+ default: {}
+ description: Mapping of service_name -> network name. Typically set
+ via parameter_defaults in the resource registry. This
+ mapping overrides those in ServiceNetMapDefaults.
+ type: json
+ DefaultPasswords:
+ default: {}
+ type: json
+ EndpointMap:
+ default: {}
+ description: Mapping of service endpoint -> protocol. Typically set
+ via parameter_defaults in the resource registry.
+ type: json
+ ContrailExtensions:
+ description: List of OpenContrail extensions to be enabled
+ type: comma_delimited_list
+ default: ''
+
+resources:
+ ContrailBase:
+ type: ./contrail-base.yaml
+ properties:
+ ServiceNetMap: {get_param: ServiceNetMap}
+ DefaultPasswords: {get_param: DefaultPasswords}
+ EndpointMap: {get_param: EndpointMap}
+
+outputs:
+ role_data:
+ description: Role data for the Neutron Opencontrail plugin
+ value:
+ service_name: contrail_neutron_plugin
+ config_settings:
+ map_merge:
+ - get_attr: [ContrailBase, role_data, config_settings]
+ - neutron::api_extensions_path: /usr/lib/python2.7/site-packages/neutron_plugin_contrail/extensions
+ contrail::vrouter::contrail_extensions: {get_param: ContrailExtensions}
+ step_config: |
+ include tripleo::network::contrail::neutron_plugin
diff --git a/puppet/services/neutron-compute-plugin-opencontrail.yaml b/puppet/services/network/contrail-provision.yaml
index bbe4a051..765be9a9 100644
--- a/puppet/services/neutron-compute-plugin-opencontrail.yaml
+++ b/puppet/services/network/contrail-provision.yaml
@@ -1,7 +1,7 @@
heat_template_version: ocata
description: >
- OpenStack Neutron Compute OpenContrail plugin
+ Provision Contrail services after deployment
parameters:
ServiceNetMap:
@@ -19,11 +19,21 @@ parameters:
via parameter_defaults in the resource registry.
type: json
+resources:
+ ContrailBase:
+ type: ./contrail-base.yaml
+ properties:
+ ServiceNetMap: {get_param: ServiceNetMap}
+ DefaultPasswords: {get_param: DefaultPasswords}
+ EndpointMap: {get_param: EndpointMap}
+
outputs:
role_data:
- description: Role data for the Neutron Compute OpenContrail plugin
+ description: Contrail provisioning role
value:
- service_name: neutron_compute_plugin_opencontrail
+ service_name: contrail_provision
config_settings:
+ map_merge:
+ - get_attr: [ContrailBase, role_data, config_settings]
step_config: |
- include ::tripleo::profile::base::neutron::opencontrail::vrouter
+ include ::tripleo::network::contrail::provision
diff --git a/puppet/services/network/contrail-tsn.yaml b/puppet/services/network/contrail-tsn.yaml
new file mode 100644
index 00000000..88adc4a5
--- /dev/null
+++ b/puppet/services/network/contrail-tsn.yaml
@@ -0,0 +1,64 @@
+heat_template_version: ocata
+
+description: >
+ Contrail TSN Service
+
+parameters:
+ ServiceNetMap:
+ default: {}
+ description: Mapping of service_name -> network name. Typically set
+ via parameter_defaults in the resource registry. This
+ mapping overrides those in ServiceNetMapDefaults.
+ type: json
+ DefaultPasswords:
+ default: {}
+ type: json
+ EndpointMap:
+ default: {}
+ description: Mapping of service endpoint -> protocol. Typically set
+ via parameter_defaults in the resource registry.
+ type: json
+ NeutronMetadataProxySharedSecret:
+ description: Metadata Secret
+ type: string
+ VrouterPhysicalInterface:
+ default: 'eth0'
+ description: vRouter physical interface
+ type: string
+ VrouterGateway:
+ default: '192.168.24.1'
+ description: vRouter default gateway
+ type: string
+ VrouterNetmask:
+ default: '255.255.255.0'
+ description: vRouter netmask
+ type: string
+
+resources:
+ ContrailBase:
+ type: ./contrail-base.yaml
+ properties:
+ ServiceNetMap: {get_param: ServiceNetMap}
+ DefaultPasswords: {get_param: DefaultPasswords}
+ EndpointMap: {get_param: EndpointMap}
+
+outputs:
+ role_data:
+ description: Role data for the Contrail TSN Service
+ value:
+ service_name: contrail_tsn
+ config_settings:
+ map_merge:
+ - get_attr: [ContrailBase, role_data, config_settings]
+ - contrail::vrouter::host_ip: {get_param: [ServiceNetMap, NeutronCorePluginOpencontrailNetwork]}
+ contrail::vrouter::physical_interface: {get_param: VrouterPhysicalInterface}
+ contrail::vrouter::gateway: {get_param: VrouterGateway}
+ contrail::vrouter::netmask: {get_param: VrouterNetmask}
+ contrail::vrouter::metadata_proxy_shared_secret: {get_param: NeutronMetadataProxySharedSecret}
+ contrail::vrouter::is_tsn: 'true'
+ tripleo.neutron_compute_plugin_opencontrail.firewall_rules:
+ '111 neutron_compute_plugin_opencontrail proxy':
+ dport: 8097
+ proto: tcp
+ step_config: |
+ include ::tripleo::network::contrail::vrouter
diff --git a/puppet/services/network/contrail-vrouter.yaml b/puppet/services/network/contrail-vrouter.yaml
new file mode 100644
index 00000000..db9f0836
--- /dev/null
+++ b/puppet/services/network/contrail-vrouter.yaml
@@ -0,0 +1,64 @@
+heat_template_version: ocata
+
+description: >
+ OpenStack Neutron Compute OpenContrail plugin
+
+parameters:
+ ServiceNetMap:
+ default: {}
+ description: Mapping of service_name -> network name. Typically set
+ via parameter_defaults in the resource registry. This
+ mapping overrides those in ServiceNetMapDefaults.
+ type: json
+ DefaultPasswords:
+ default: {}
+ type: json
+ EndpointMap:
+ default: {}
+ description: Mapping of service endpoint -> protocol. Typically set
+ via parameter_defaults in the resource registry.
+ type: json
+ NeutronMetadataProxySharedSecret:
+ description: Metadata Secret
+ type: string
+ hidden: true
+ ContrailVrouterPhysicalInterface:
+ default: 'eth0'
+ description: vRouter physical interface
+ type: string
+ ContrailVrouterGateway:
+ default: '192.0.2.1'
+ description: vRouter default gateway
+ type: string
+ ContrailVrouterNetmask:
+ default: '255.255.255.0'
+ description: vRouter netmask
+ type: string
+
+resources:
+ ContrailBase:
+ type: ./contrail-base.yaml
+ properties:
+ ServiceNetMap: {get_param: ServiceNetMap}
+ DefaultPasswords: {get_param: DefaultPasswords}
+ EndpointMap: {get_param: EndpointMap}
+
+outputs:
+ role_data:
+ description: Role data for the Neutron Compute OpenContrail plugin
+ value:
+ service_name: contrail_vrouter
+ config_settings:
+ map_merge:
+ - get_attr: [ContrailBase, role_data, config_settings]
+ - contrail::vrouter::host_ip: {get_param: [ServiceNetMap, NeutronCorePluginOpencontrailNetwork]}
+ contrail::vrouter::physical_interface: {get_param: ContrailVrouterPhysicalInterface}
+ contrail::vrouter::gateway: {get_param: ContrailVrouterGateway}
+ contrail::vrouter::netmask: {get_param: ContrailVrouterNetmask}
+ contrail::vrouter::metadata_proxy_shared_secret: {get_param: NeutronMetadataProxySharedSecret}
+ tripleo.neutron_compute_plugin_opencontrail.firewall_rules:
+ '111 neutron_compute_plugin_opencontrail proxy':
+ dport: 8097
+ proto: tcp
+ step_config: |
+ include ::tripleo::network::contrail::vrouter
diff --git a/puppet/services/network/contrail-webui.yaml b/puppet/services/network/contrail-webui.yaml
index 72cc6fa5..3786cdd1 100644
--- a/puppet/services/network/contrail-webui.yaml
+++ b/puppet/services/network/contrail-webui.yaml
@@ -21,27 +21,6 @@ parameters:
description: Mapping of service endpoint -> protocol. Typically set
via parameter_defaults in the resource registry.
type: json
- ContrailWebUiAnalyticsVip:
- description: Contrail Analytics VIP
- type: string
- ContrailWebUiConfigVip:
- description: Contrail Config VIP
- type: string
- ContrailWebUiNeutronVip:
- description: Neutron VIP
- type: string
- ContrailWebuiHttpPort:
- default: 8080
- description: HTTP Port of Webui
- type: number
- ContrailWebuiHttpsPort:
- default: 8143
- description: HTTPS Port of Webui
- type: number
- ContrailWebUiRedisIp:
- description: Redis IP
- type: string
- default: '127.0.0.1'
resources:
ContrailBase:
@@ -59,11 +38,8 @@ outputs:
config_settings:
map_merge:
- get_attr: [ContrailBase, role_data, config_settings]
- - contrail::webui::contrail_analytics_vip: {get_param: ContrailWebUiAnalyticsVip}
- contrail::webui::contrail_config_vip: {get_param: ContrailWebUiConfigVip}
- contrail::webui::contrail_webui_http_port: {get_param: ContrailWebuiHttpPort}
- contrail::webui::contrail_webui_https_port: {get_param: ContrailWebuiHttpsPort}
- contrail::webui::neutron_vip: {get_param: ContrailWebUiNeutronVip}
- contrail::webui::redis_ip: {get_param: ContrailWebUiRedisIp}
+ - contrail::webui::http_port: {get_param: [EndpointMap, ContrailWebuiHttpInternal, port] }
+ contrail::webui::https_port: {get_param: [EndpointMap, ContrailWebuiHttpsInternal, port] }
+ contrail::webui::redis_ip: '127.0.0.1'
step_config: |
include ::tripleo::network::contrail::webui
diff --git a/puppet/services/neutron-plugin-opencontrail.yaml b/puppet/services/neutron-plugin-opencontrail.yaml
deleted file mode 100644
index 976e5f19..00000000
--- a/puppet/services/neutron-plugin-opencontrail.yaml
+++ /dev/null
@@ -1,74 +0,0 @@
-heat_template_version: ocata
-
-description: >
- OpenStack Neutron Opencontrail plugin
-
-parameters:
- ServiceNetMap:
- default: {}
- description: Mapping of service_name -> network name. Typically set
- via parameter_defaults in the resource registry. This
- mapping overrides those in ServiceNetMapDefaults.
- type: json
- DefaultPasswords:
- default: {}
- type: json
- EndpointMap:
- default: {}
- description: Mapping of service endpoint -> protocol. Typically set
- via parameter_defaults in the resource registry.
- type: json
- AdminPassword:
- description: The password for the keystone admin account, used for monitoring, querying neutron etc.
- type: string
- hidden: true
- AdminToken:
- description: The keystone auth secret and db password.
- type: string
- hidden: true
- ContrailApiServerIp:
- description: IP address of the OpenContrail API server
- type: string
- ContrailApiServerPort:
- description: Port of the OpenContrail API
- type: string
- default: 8082
- ContrailMultiTenancy:
- description: Whether to enable multi tenancy
- type: boolean
- default: false
- ContrailExtensions:
- description: List of OpenContrail extensions to be enabled
- type: comma_delimited_list
- default: ''
-
-resources:
-
- NeutronBase:
- type: ./neutron-base.yaml
- properties:
- ServiceNetMap: {get_param: ServiceNetMap}
- DefaultPasswords: {get_param: DefaultPasswords}
- EndpointMap: {get_param: EndpointMap}
-
-outputs:
- role_data:
- description: Role data for the Neutron Opencontrail plugin
- value:
- service_name: neutron_plugin_opencontrail
- config_settings:
- map_merge:
- - get_attr: [NeutronBase, role_data, config_settings]
- - neutron::api_extensions_path: /usr/lib/python2.7/site-packages/neutron_plugin_contrail/extensions,/usr/lib/python2.7/site-packages/neutron_lbaas/extensions
-
- neutron::plugins::opencontrail::api_server_ip: {get_param: ContrailApiServerIp}
- neutron::plugins::opencontrail::api_server_port: {get_param: ContrailApiServerPort}
- neutron::plugins::opencontrail::multi_tenancy: {get_param: ContrailMultiTenancy}
- neutron::plugins::opencontrail::contrail_extensions: {get_param: ContrailExtensions}
- neutron::plugins::opencontrail::keystone_auth_url: {get_param: [EndpointMap, KeystoneInternal, uri] }
- neutron::plugins::opencontrail::keystone_admin_user: admin
- neutron::plugins::opencontrail::keystone_admin_tenant_name: admin
- neutron::plugins::opencontrail::keystone_admin_password: {get_param: AdminPassword}
- neutron::plugins::opencontrail::keystone_admin_token: {get_param: AdminToken}
- step_config: |
- include tripleo::profile::base::neutron::plugins::opencontrail