diff options
| -rw-r--r-- | environments/enable-tls.yaml | 2 | ||||
| -rw-r--r-- | network/config/bond-with-vlans/controller-no-external.yaml | 31 | ||||
| -rw-r--r-- | puppet/controller.yaml | 6 | ||||
| -rw-r--r-- | puppet/hieradata/controller.yaml | 1 | ||||
| -rw-r--r-- | puppet/manifests/overcloud_controller.pp | 1 | ||||
| -rw-r--r-- | puppet/manifests/overcloud_controller_pacemaker.pp | 1 |
6 files changed, 41 insertions, 1 deletions
diff --git a/environments/enable-tls.yaml b/environments/enable-tls.yaml index 6986a0c8..e708688f 100644 --- a/environments/enable-tls.yaml +++ b/environments/enable-tls.yaml @@ -42,7 +42,7 @@ parameter_defaults: NovaVNCProxyPublic: {protocol: 'https', port: '13080', host: 'CLOUDNAME'} SaharaAdmin: {protocol: 'http', port: '8386', host: 'IP_ADDRESS'} SaharaInternal: {protocol: 'http', port: '8386', host: 'IP_ADDRESS'} - SaharaPublic: {protocol: 'https', port: '13786', host: 'CLOUDNAME'} + SaharaPublic: {protocol: 'https', port: '13386', host: 'CLOUDNAME'} SwiftAdmin: {protocol: 'http', port: '8080', host: 'IP_ADDRESS'} SwiftInternal: {protocol: 'http', port: '8080', host: 'IP_ADDRESS'} SwiftPublic: {protocol: 'https', port: '13808', host: 'CLOUDNAME'} diff --git a/network/config/bond-with-vlans/controller-no-external.yaml b/network/config/bond-with-vlans/controller-no-external.yaml index 375d40be..d9532439 100644 --- a/network/config/bond-with-vlans/controller-no-external.yaml +++ b/network/config/bond-with-vlans/controller-no-external.yaml @@ -5,6 +5,10 @@ description: > with VLANs attached for the controller role. parameters: + ControlPlaneIp: + default: '' + description: IP address/subnet on the ctlplane network + type: string ExternalIpSubnet: default: '' description: IP address/subnet on the external network @@ -62,6 +66,18 @@ parameters: default: '10.0.0.1' description: default route for the external network type: string + ControlPlaneSubnetCidr: # Override this via parameter_defaults + default: '24' + description: The subnet CIDR of the control plane network. + type: string + DnsServers: # Override this via parameter_defaults + default: [] + description: A list of DNS servers (2 max for some implementations) that will be added to resolv.conf. + type: comma_delimited_list + EC2MetadataIp: # Override this via parameter_defaults + description: The IP address of the EC2 metadata server. + type: string + resources: OsNetConfigImpl: @@ -72,6 +88,21 @@ resources: os_net_config: network_config: - + type: interface + name: nic1 + use_dhcp: false + addresses: + - + ip_netmask: + list_join: + - '/' + - - {get_param: ControlPlaneIp} + - {get_param: ControlPlaneSubnetCidr} + routes: + - + ip_netmask: 169.254.169.254/32 + next_hop: {get_param: EC2MetadataIp} + - type: ovs_bridge name: {get_input: bridge_name} use_dhcp: true diff --git a/puppet/controller.yaml b/puppet/controller.yaml index f7e50846..04ce1c34 100644 --- a/puppet/controller.yaml +++ b/puppet/controller.yaml @@ -1162,6 +1162,11 @@ resources: nova_api_network: {get_attr: [NetIpMap, net_ip_map, {get_param: [ServiceNetMap, NovaApiNetwork]}]} nova_metadata_network: {get_attr: [NetIpMap, net_ip_map, {get_param: [ServiceNetMap, NovaMetadataNetwork]}]} horizon_network: {get_attr: [NetIpMap, net_ip_map, {get_param: [ServiceNetMap, HorizonNetwork]}]} + horizon_subnet: + str_replace: + template: "['SUBNET']" + params: + SUBNET: {get_attr: [NetIpSubnetMap, net_ip_subnet_map, {get_param: [ServiceNetMap, HorizonNetwork]}]} rabbitmq_network: {get_attr: [NetIpMap, net_ip_map, {get_param: [ServiceNetMap, RabbitMqNetwork]}]} redis_network: {get_attr: [NetIpMap, net_ip_map, {get_param: [ServiceNetMap, RedisNetwork]}]} redis_password: {get_param: RedisPassword} @@ -1482,6 +1487,7 @@ resources: nova_enable_db_purge: {get_input: nova_enable_db_purge} # Horizon + apache::mod::remoteip::proxy_ips: {get_input: horizon_subnet} apache::ip: {get_input: horizon_network} horizon::allowed_hosts: {get_input: horizon_allowed_hosts} horizon::django_debug: {get_input: debug} diff --git a/puppet/hieradata/controller.yaml b/puppet/hieradata/controller.yaml index 79db9418..9316cf17 100644 --- a/puppet/hieradata/controller.yaml +++ b/puppet/hieradata/controller.yaml @@ -141,6 +141,7 @@ horizon::django_session_engine: 'django.contrib.sessions.backends.cache' horizon::vhost_extra_params: add_listen: false priority: 10 + access_log_format: '%a %l %u %t \"%r\" %>s %b \"%%{}{Referer}i\" \"%%{}{User-Agent}i\"' # mysql mysql::server::manage_config_file: true diff --git a/puppet/manifests/overcloud_controller.pp b/puppet/manifests/overcloud_controller.pp index 94a9f239..910617fa 100644 --- a/puppet/manifests/overcloud_controller.pp +++ b/puppet/manifests/overcloud_controller.pp @@ -599,6 +599,7 @@ if hiera('step') >= 4 { include ::sahara::service::engine # Horizon + include ::apache::mod::remoteip if 'cisco_n1kv' in hiera('neutron::plugins::ml2::mechanism_drivers') { $_profile_support = 'cisco' } else { diff --git a/puppet/manifests/overcloud_controller_pacemaker.pp b/puppet/manifests/overcloud_controller_pacemaker.pp index 310d03cf..b3b6ce54 100644 --- a/puppet/manifests/overcloud_controller_pacemaker.pp +++ b/puppet/manifests/overcloud_controller_pacemaker.pp @@ -934,6 +934,7 @@ if hiera('step') >= 4 { service_enable => false, # service_manage => false, # <-- not supported with horizon&apache mod_wsgi? } + include ::apache::mod::remoteip include ::apache::mod::status if 'cisco_n1kv' in hiera('neutron::plugins::ml2::mechanism_drivers') { $_profile_support = 'cisco' |