diff options
62 files changed, 1517 insertions, 117 deletions
diff --git a/environments/enable-tls.yaml b/environments/enable-tls.yaml index 5c2506e9..bc4d1bef 100644 --- a/environments/enable-tls.yaml +++ b/environments/enable-tls.yaml @@ -4,6 +4,38 @@ parameter_defaults: SSLIntermediateCertificate: '' SSLKey: | The contents of the private key go here + EndpointMap: + CeilometerAdmin: {protocol: 'http', port: '8777', host: 'IP_ADDRESS'} + CeilometerInternal: {protocol: 'http', port: '8777', host: 'IP_ADDRESS'} + CeilometerPublic: {protocol: 'https', port: '13777', host: 'CLOUDNAME'} + CinderAdmin: {protocol: 'http', port: '8776', host: 'IP_ADDRESS'} + CinderInternal: {protocol: 'http', port: '8776', host: 'IP_ADDRESS'} + CinderPublic: {protocol: 'https', port: '13776', host: 'CLOUDNAME'} + GlanceAdmin: {protocol: 'http', port: '9292', host: 'IP_ADDRESS'} + GlanceInternal: {protocol: 'http', port: '9292', host: 'IP_ADDRESS'} + GlancePublic: {protocol: 'https', port: '13292', host: 'CLOUDNAME'} + GlanceRegistryAdmin: {protocol: 'http', port: '9191', host: 'IP_ADDRESS'} + GlanceRegistryInternal: {protocol: 'http', port: '9191', host: 'IP_ADDRESS'} + GlanceRegistryPublic: {protocol: 'https', port: '9191', host: 'IP_ADDRESS'} # Not set on the loadbalancer yet. + HeatAdmin: {protocol: 'http', port: '8004', host: 'IP_ADDRESS'} + HeatInternal: {protocol: 'http', port: '8004', host: 'IP_ADDRESS'} + HeatPublic: {protocol: 'https', port: '13004', host: 'CLOUDNAME'} + HorizonPublic: {protocol: 'https', port: '443', host: 'CLOUDNAME'} + KeystoneAdmin: {protocol: 'http', port: '35357', host: 'IP_ADDRESS'} + KeystoneInternal: {protocol: 'http', port: '5000', host: 'IP_ADDRESS'} + KeystonePublic: {protocol: 'https', port: '13000', host: 'CLOUDNAME'} + NeutronAdmin: {protocol: 'http', port: '9696', host: 'IP_ADDRESS'} + NeutronInternal: {protocol: 'http', port: '9696', host: 'IP_ADDRESS'} + NeutronPublic: {protocol: 'https', port: '13696', host: 'CLOUDNAME'} + NovaAdmin: {protocol: 'http', port: '8774', host: 'IP_ADDRESS'} + NovaInternal: {protocol: 'http', port: '8774', host: 'IP_ADDRESS'} + NovaPublic: {protocol: 'https', port: '13774', host: 'CLOUDNAME'} + NovaEC2Admin: {protocol: 'http', port: '8773', host: 'IP_ADDRESS'} + NovaEC2Internal: {protocol: 'http', port: '8773', host: 'IP_ADDRESS'} + NovaEC2Public: {protocol: 'https', port: '13773', host: 'CLOUDNAME'} + SwiftAdmin: {protocol: 'http', port: '8080', host: 'IP_ADDRESS'} + SwiftInternal: {protocol: 'http', port: '8080', host: 'IP_ADDRESS'} + SwiftPublic: {protocol: 'https', port: '13808', host: 'CLOUDNAME'} resource_registry: OS::TripleO::NodeTLSData: ../puppet/extraconfig/tls/tls-cert-inject.yaml diff --git a/environments/external-loadbalancer-vip.yaml b/environments/external-loadbalancer-vip.yaml index 47d5bd9b..1cf59825 100644 --- a/environments/external-loadbalancer-vip.yaml +++ b/environments/external-loadbalancer-vip.yaml @@ -1,14 +1,37 @@ resource_registry: OS::TripleO::Network::Ports::NetVipMap: ../network/ports/net_vip_map_external.yaml + OS::TripleO::Network::Ports::ExternalVipPort: ../network/ports/noop.yaml + OS::TripleO::Network::Ports::InternalApiVipPort: ../network/ports/noop.yaml + OS::TripleO::Network::Ports::StorageVipPort: ../network/ports/noop.yaml + OS::TripleO::Network::Ports::StorageMgmtVipPort: ../network/ports/noop.yaml + OS::TripleO::Network::Ports::RedisVipPort: ../network/ports/from_service.yaml + OS::TripleO::Controller::Ports::ExternalPort: ../network/ports/external_from_pool.yaml + OS::TripleO::Controller::Ports::InternalApiPort: ../network/ports/internal_api_from_pool.yaml + OS::TripleO::Controller::Ports::StoragePort: ../network/ports/storage_from_pool.yaml + OS::TripleO::Controller::Ports::StorageMgmtPort: ../network/ports/storage_mgmt_from_pool.yaml + OS::TripleO::Controller::Ports::TenantPort: ../network/ports/tenant_from_pool.yaml parameter_defaults: # When using an external loadbalancer set the following in parameter_defaults # to control your VIPs (currently one per network) # NOTE: we will eventually move to one VIP per service # - # ControlNetworkVip: - # ExternalNetworkVip: - # InternalApiNetworkVip: - # StorageNetworkVip: - # StorageMgmtNetworkVip: - EnableLoadBalancer: false
\ No newline at end of file + ControlPlaneIP: 192.0.2.251 + ExternalNetworkVip: 10.0.0.251 + InternalApiNetworkVip: 172.16.2.251 + StorageNetworkVip: 172.16.1.251 + StorageMgmtNetworkVip: 172.16.3.251 + ServiceVips: + redis: 172.16.2.252 + ControllerIPs: + external: + - 10.0.0.253 + internal_api: + - 172.16.2.253 + storage: + - 172.16.1.253 + storage_mgmt: + - 172.16.3.253 + tenant: + - 172.16.0.253 + EnableLoadBalancer: false diff --git a/environments/ips-from-pool.yaml b/environments/ips-from-pool.yaml new file mode 100644 index 00000000..8c27fe4e --- /dev/null +++ b/environments/ips-from-pool.yaml @@ -0,0 +1,20 @@ +resource_registry: + OS::TripleO::Controller::Ports::ExternalPort: ../network/ports/external_from_pool.yaml + OS::TripleO::Controller::Ports::InternalApiPort: ../network/ports/internal_api_from_pool.yaml + OS::TripleO::Controller::Ports::StoragePort: ../network/ports/storage_from_pool.yaml + OS::TripleO::Controller::Ports::StorageMgmtPort: ../network/ports/storage_mgmt_from_pool.yaml + OS::TripleO::Controller::Ports::TenantPort: ../network/ports/tenant_from_pool.yaml + +parameter_defaults: + ControllerIPs: + # Each controller will get an IP from the lists below, first controller, first IP + external: + - 10.0.0.251 + internal_api: + - 172.16.2.251 + storage: + - 172.16.1.251 + storage_mgmt: + - 172.16.3.251 + tenant: + - 172.16.0.251 diff --git a/environments/network-isolation.yaml b/environments/network-isolation.yaml index 937931d1..87fc22f5 100644 --- a/environments/network-isolation.yaml +++ b/environments/network-isolation.yaml @@ -1,12 +1,23 @@ # Enable the creation of Neutron networks for isolated Overcloud # traffic and configure each role to assign ports (related # to that role) on these networks. +# Many networks are disabled by default because they are not used +# in a typical configuration. Override via parameter_defaults. resource_registry: OS::TripleO::Network::External: ../network/external.yaml OS::TripleO::Network::InternalApi: ../network/internal_api.yaml OS::TripleO::Network::StorageMgmt: ../network/storage_mgmt.yaml OS::TripleO::Network::Storage: ../network/storage.yaml OS::TripleO::Network::Tenant: ../network/tenant.yaml + # Management network is optional and disabled by default + OS::TripleO::Network::Management: ../network/noop.yaml + + # Port assignments for the VIPs + OS::TripleO::Network::Ports::ExternalVipPort: ../network/ports/external.yaml + OS::TripleO::Network::Ports::InternalApiVipPort: ../network/ports/internal_api.yaml + OS::TripleO::Network::Ports::StorageVipPort: ../network/ports/storage.yaml + OS::TripleO::Network::Ports::StorageMgmtVipPort: ../network/ports/storage_mgmt.yaml + OS::TripleO::Network::Ports::RedisVipPort: ../network/ports/vip.yaml # Port assignments for the controller role OS::TripleO::Controller::Ports::ExternalPort: ../network/ports/external.yaml @@ -14,25 +25,39 @@ resource_registry: OS::TripleO::Controller::Ports::StoragePort: ../network/ports/storage.yaml OS::TripleO::Controller::Ports::StorageMgmtPort: ../network/ports/storage_mgmt.yaml OS::TripleO::Controller::Ports::TenantPort: ../network/ports/tenant.yaml + OS::TripleO::Controller::Ports::ManagementPort: ../network/ports/noop.yaml # Port assignments for the compute role + OS::TripleO::Compute::Ports::ExternalPort: ../network/ports/noop.yaml OS::TripleO::Compute::Ports::InternalApiPort: ../network/ports/internal_api.yaml OS::TripleO::Compute::Ports::StoragePort: ../network/ports/storage.yaml + OS::TripleO::Compute::Ports::StorageMgmtPort: ../network/ports/noop.yaml OS::TripleO::Compute::Ports::TenantPort: ../network/ports/tenant.yaml + OS::TripleO::Compute::Ports::ManagementPort: ../network/ports/noop.yaml # Port assignments for the ceph storage role + OS::TripleO::CephStorage::Ports::ExternalPort: ../network/ports/noop.yaml + OS::TripleO::CephStorage::Ports::InternalApiPort: ../network/ports/noop.yaml OS::TripleO::CephStorage::Ports::StoragePort: ../network/ports/storage.yaml OS::TripleO::CephStorage::Ports::StorageMgmtPort: ../network/ports/storage_mgmt.yaml + OS::TripleO::CephStorage::Ports::TenantPort: ../network/ports/noop.yaml + OS::TripleO::CephStorage::Ports::ManagementPort: ../network/ports/noop.yaml # Port assignments for the swift storage role + OS::TripleO::SwiftStorage::Ports::ExternalPort: ../network/ports/noop.yaml OS::TripleO::SwiftStorage::Ports::InternalApiPort: ../network/ports/internal_api.yaml OS::TripleO::SwiftStorage::Ports::StoragePort: ../network/ports/storage.yaml OS::TripleO::SwiftStorage::Ports::StorageMgmtPort: ../network/ports/storage_mgmt.yaml + OS::TripleO::SwiftStorage::Ports::TenantPort: ../network/ports/noop.yaml + OS::TripleO::SwiftStorage::Ports::ManagementPort: ../network/ports/noop.yaml # Port assignments for the block storage role + OS::TripleO::BlockStorage::Ports::ExternalPort: ../network/ports/noop.yaml OS::TripleO::BlockStorage::Ports::InternalApiPort: ../network/ports/internal_api.yaml OS::TripleO::BlockStorage::Ports::StoragePort: ../network/ports/storage.yaml OS::TripleO::BlockStorage::Ports::StorageMgmtPort: ../network/ports/storage_mgmt.yaml + OS::TripleO::BlockStorage::Ports::TenantPort: ../network/ports/noop.yaml + OS::TripleO::BlockStorage::Ports::ManagementPort: ../network/ports/noop.yaml # Port assignments for service virtual IPs for the controller role OS::TripleO::Controller::Ports::RedisVipPort: ../network/ports/vip.yaml diff --git a/environments/network-management.yaml b/environments/network-management.yaml new file mode 100644 index 00000000..2f0cff8b --- /dev/null +++ b/environments/network-management.yaml @@ -0,0 +1,24 @@ +# Enable the creation of a system management network. This +# creates a Neutron network for isolated Overcloud +# system management traffic and configures each role to +# assign a port (related to that role) on that network. +# Note that the basic sample NIC configuration templates +# do not include the management network, see the +# single-nic-vlans-mgmt templates for an example. +resource_registry: + OS::TripleO::Network::Management: ../network/management.yaml + + # Port assignments for the controller role + OS::TripleO::Controller::Ports::ManagementPort: ../network/ports/management.yaml + + # Port assignments for the compute role + OS::TripleO::Compute::Ports::ManagementPort: ../network/ports/management.yaml + + # Port assignments for the ceph storage role + OS::TripleO::CephStorage::Ports::ManagementPort: ../network/ports/management.yaml + + # Port assignments for the swift storage role + OS::TripleO::SwiftStorage::Ports::ManagementPort: ../network/ports/management.yaml + + # Port assignments for the block storage role + OS::TripleO::BlockStorage::Ports::ManagementPort: ../network/ports/management.yaml diff --git a/environments/neutron-midonet.yaml b/environments/neutron-midonet.yaml new file mode 100644 index 00000000..726852a0 --- /dev/null +++ b/environments/neutron-midonet.yaml @@ -0,0 +1,20 @@ +# A Heat environment that can be used to deploy MidoNet Services +resource_registry: + OS::TripleO::AllNodesExtraConfig: ../puppet/extraconfig/all_nodes/neutron-midonet-all-nodes.yaml + OS::TripleO::Controller::Net::SoftwareConfig: ../net-config-linux-bridge.yaml # We have to avoid any ovs bridge. MidoNet is incompatible with its datapath + +parameter_defaults: + EnableZookeeperOnController: true + EnableCassandraOnController: true + NeutronCorePlugin: 'midonet.neutron.plugin_v1.MidonetPluginV2' # Overriding default core_plugin in Neutron. Don't touch it + NeutronEnableIsolatedMetadata: true # MidoNet 1.9 needs this one to work. Don't change it + NeutronEnableL3Agent: false + NeutronEnableOVSAgent: false + + # Other available options for MidoNet Services + # TunnelZoneName: 'tunnelname' + # TunnelZoneType: 'gre' + # CassandraStoragePort: 7000 + # CassandraSslStoragePort: 7009 + # CassandraClientPort: 9042 + # CassandraClientPortThrift: 9160 diff --git a/net-config-bond.yaml b/net-config-bond.yaml index 797df4bf..b624563f 100644 --- a/net-config-bond.yaml +++ b/net-config-bond.yaml @@ -28,6 +28,10 @@ parameters: default: '' description: IP address/subnet on the tenant network type: string + ManagementIpSubnet: + default: '' + description: IP address/subnet on the management network + type: string resources: OsNetConfigImpl: diff --git a/net-config-bridge.yaml b/net-config-bridge.yaml index ad16ef0b..4f7a19dc 100644 --- a/net-config-bridge.yaml +++ b/net-config-bridge.yaml @@ -28,6 +28,10 @@ parameters: default: '' description: IP address/subnet on the tenant network type: string + ManagementIpSubnet: + default: '' + description: IP address/subnet on the management network + type: string resources: OsNetConfigImpl: diff --git a/net-config-noop.yaml b/net-config-noop.yaml index 30de5846..94c492c6 100644 --- a/net-config-noop.yaml +++ b/net-config-noop.yaml @@ -29,6 +29,10 @@ parameters: default: '' description: IP address/subnet on the tenant network type: string + ManagementIpSubnet: + default: '' + description: IP address/subnet on the management network + type: string resources: OsNetConfigImpl: diff --git a/network/config/bond-with-vlans/README.md b/network/config/bond-with-vlans/README.md index 98879b4f..afe71776 100644 --- a/network/config/bond-with-vlans/README.md +++ b/network/config/bond-with-vlans/README.md @@ -3,10 +3,9 @@ Vlans on a bonded pair of NICs for each Overcloud role. There are two versions of the controller role template, one with an external network interface, and another without. If the -external network interface is not configured the ctlplane address +external network interface is not configured, the ctlplane address ranges will be used for external (public) network traffic. - Configuration ------------- @@ -20,8 +19,31 @@ something like this: OS::TripleO::ObjectStorage::Net::SoftwareConfig: network/config/bond-with-vlans/swift-storage.yaml OS::TripleO::CephStorage::Net::SoftwareConfig: network/config/bond-with-vlans/ceph-storage.yaml +Or use this Heat environment file: + + environments/net-bond-with-vlans.yaml + Configuration with no External Network -------------------------------------- + Same as above except set the following value for the controller role: OS::TripleO::Controller::Net::SoftwareConfig: network/config/bond-with-vlans/controller-no-external.yaml + +Configuration with System Management Network +-------------------------------------------- + +To enable the optional System Management network, create a Heat environment +that looks something like this: + + resource\_registry: + OS::TripleO::Network::Management: ../network/management.yaml + OS::TripleO::Controller::Ports::ManagementPort: ../network/ports/management.yaml + OS::TripleO::Compute::Ports::ManagementPort: ../network/ports/management.yaml + OS::TripleO::CephStorage::Ports::ManagementPort: ../network/ports/management.yaml + OS::TripleO::SwiftStorage::Ports::ManagementPort: ../network/ports/management.yaml + OS::TripleO::BlockStorage::Ports::ManagementPort: ../network/ports/management.yaml + +Or use this Heat environment file: + + environments/network-management.yaml diff --git a/network/config/bond-with-vlans/ceph-storage.yaml b/network/config/bond-with-vlans/ceph-storage.yaml index 620d1f7a..93db8666 100644 --- a/network/config/bond-with-vlans/ceph-storage.yaml +++ b/network/config/bond-with-vlans/ceph-storage.yaml @@ -29,6 +29,10 @@ parameters: default: '' description: IP address/subnet on the tenant network type: string + ManagementIpSubnet: # Only populated when including environments/network-management.yaml + default: '' + description: IP address/subnet on the management network + type: string BondInterfaceOvsOptions: default: '' description: The ovs_options string for the bond interface. Set things like @@ -42,6 +46,10 @@ parameters: default: 40 description: Vlan ID for the storage mgmt network traffic. type: number + ManagementNetworkVlanID: + default: 60 + description: Vlan ID for the management network traffic. + type: number ControlPlaneSubnetCidr: # Override this via parameter_defaults default: '24' description: The subnet CIDR of the control plane network. @@ -114,6 +122,14 @@ resources: addresses: - ip_netmask: {get_param: StorageMgmtIpSubnet} + # Uncomment when including environments/network-management.yaml + #- + # type: vlan + # device: bond1 + # vlan_id: {get_param: ManagementNetworkVlanID} + # addresses: + # - + # ip_netmask: {get_param: ManagementIpSubnet} outputs: OS::stack_id: diff --git a/network/config/bond-with-vlans/cinder-storage.yaml b/network/config/bond-with-vlans/cinder-storage.yaml index f4c6de8f..bea98c19 100644 --- a/network/config/bond-with-vlans/cinder-storage.yaml +++ b/network/config/bond-with-vlans/cinder-storage.yaml @@ -29,6 +29,10 @@ parameters: default: '' description: IP address/subnet on the tenant network type: string + ManagementIpSubnet: # Only populated when including environments/network-management.yaml + default: '' + description: IP address/subnet on the management network + type: string BondInterfaceOvsOptions: default: '' description: The ovs_options string for the bond interface. Set things like @@ -46,6 +50,10 @@ parameters: default: 40 description: Vlan ID for the storage mgmt network traffic. type: number + ManagementNetworkVlanID: + default: 60 + description: Vlan ID for the management network traffic. + type: number ControlPlaneSubnetCidr: # Override this via parameter_defaults default: '24' description: The subnet CIDR of the control plane network. @@ -125,6 +133,14 @@ resources: addresses: - ip_netmask: {get_param: StorageMgmtIpSubnet} + # Uncomment when including environments/network-management.yaml + #- + # type: vlan + # device: bond1 + # vlan_id: {get_param: ManagementNetworkVlanID} + # addresses: + # - + # ip_netmask: {get_param: ManagementIpSubnet} outputs: OS::stack_id: diff --git a/network/config/bond-with-vlans/compute.yaml b/network/config/bond-with-vlans/compute.yaml index 8cb3705b..774bf02d 100644 --- a/network/config/bond-with-vlans/compute.yaml +++ b/network/config/bond-with-vlans/compute.yaml @@ -29,6 +29,10 @@ parameters: default: '' description: IP address/subnet on the tenant network type: string + ManagementIpSubnet: # Only populated when including environments/network-management.yaml + default: '' + description: IP address/subnet on the management network + type: string BondInterfaceOvsOptions: default: '' description: The ovs_options string for the bond interface. Set things like @@ -46,6 +50,10 @@ parameters: default: 50 description: Vlan ID for the tenant network traffic. type: number + ManagementNetworkVlanID: + default: 60 + description: Vlan ID for the management network traffic. + type: number ControlPlaneSubnetCidr: # Override this via parameter_defaults default: '24' description: The subnet CIDR of the control plane network. @@ -125,6 +133,14 @@ resources: addresses: - ip_netmask: {get_param: TenantIpSubnet} + # Uncomment when including environments/network-management.yaml + #- + # type: vlan + # device: bond1 + # vlan_id: {get_param: ManagementNetworkVlanID} + # addresses: + # - + # ip_netmask: {get_param: ManagementIpSubnet} outputs: OS::stack_id: diff --git a/network/config/bond-with-vlans/controller-no-external.yaml b/network/config/bond-with-vlans/controller-no-external.yaml index 22579e8f..375d40be 100644 --- a/network/config/bond-with-vlans/controller-no-external.yaml +++ b/network/config/bond-with-vlans/controller-no-external.yaml @@ -25,6 +25,10 @@ parameters: default: '' description: IP address/subnet on the tenant network type: string + ManagementIpSubnet: # Only populated when including environments/network-management.yaml + default: '' + description: IP address/subnet on the management network + type: string BondInterfaceOvsOptions: default: '' description: The ovs_options string for the bond interface. Set things like @@ -50,6 +54,10 @@ parameters: default: 50 description: Vlan ID for the tenant network traffic. type: number + ManagementNetworkVlanID: + default: 60 + description: Vlan ID for the management network traffic. + type: number ExternalInterfaceDefaultRoute: default: '10.0.0.1' description: default route for the external network @@ -66,6 +74,7 @@ resources: - type: ovs_bridge name: {get_input: bridge_name} + use_dhcp: true members: - type: ovs_bond @@ -107,6 +116,14 @@ resources: addresses: - ip_netmask: {get_param: TenantIpSubnet} + # Uncomment when including environments/network-management.yaml + #- + # type: vlan + # device: bond1 + # vlan_id: {get_param: ManagementNetworkVlanID} + # addresses: + # - + # ip_netmask: {get_param: ManagementIpSubnet} outputs: OS::stack_id: diff --git a/network/config/bond-with-vlans/controller.yaml b/network/config/bond-with-vlans/controller.yaml index eb4399ea..d3627ead 100644 --- a/network/config/bond-with-vlans/controller.yaml +++ b/network/config/bond-with-vlans/controller.yaml @@ -29,6 +29,10 @@ parameters: default: '' description: IP address/subnet on the tenant network type: string + ManagementIpSubnet: # Only populated when including environments/network-management.yaml + default: '' + description: IP address/subnet on the management network + type: string BondInterfaceOvsOptions: default: 'bond_mode=active-backup' description: The ovs_options string for the bond interface. Set things like @@ -54,6 +58,10 @@ parameters: default: 50 description: Vlan ID for the tenant network traffic. type: number + ManagementNetworkVlanID: + default: 60 + description: Vlan ID for the management network traffic. + type: number ExternalInterfaceDefaultRoute: default: '10.0.0.1' description: default route for the external network @@ -119,7 +127,7 @@ resources: ip_netmask: {get_param: ExternalIpSubnet} routes: - - ip_netmask: 0.0.0.0/0 + default: true next_hop: {get_param: ExternalInterfaceDefaultRoute} - type: vlan @@ -149,6 +157,14 @@ resources: addresses: - ip_netmask: {get_param: TenantIpSubnet} + # Uncomment when including environments/network-management.yaml + #- + # type: vlan + # device: bond1 + # vlan_id: {get_param: ManagementNetworkVlanID} + # addresses: + # - + # ip_netmask: {get_param: ManagementIpSubnet} outputs: OS::stack_id: diff --git a/network/config/bond-with-vlans/swift-storage.yaml b/network/config/bond-with-vlans/swift-storage.yaml index f6b2a699..de9121e5 100644 --- a/network/config/bond-with-vlans/swift-storage.yaml +++ b/network/config/bond-with-vlans/swift-storage.yaml @@ -29,6 +29,10 @@ parameters: default: '' description: IP address/subnet on the tenant network type: string + ManagementIpSubnet: # Only populated when including environments/network-management.yaml + default: '' + description: IP address/subnet on the management network + type: string BondInterfaceOvsOptions: default: '' description: The ovs_options string for the bond interface. Set things like @@ -46,6 +50,10 @@ parameters: default: 40 description: Vlan ID for the storage mgmt network traffic. type: number + ManagementNetworkVlanID: + default: 60 + description: Vlan ID for the management network traffic. + type: number ControlPlaneSubnetCidr: # Override this via parameter_defaults default: '24' description: The subnet CIDR of the control plane network. @@ -125,6 +133,14 @@ resources: addresses: - ip_netmask: {get_param: StorageMgmtIpSubnet} + # Uncomment when including environments/network-management.yaml + #- + # type: vlan + # device: bond1 + # vlan_id: {get_param: ManagementNetworkVlanID} + # addresses: + # - + # ip_netmask: {get_param: ManagementIpSubnet} outputs: OS::stack_id: diff --git a/network/config/multiple-nics/README.md b/network/config/multiple-nics/README.md index 3d81f0be..0d8a0f03 100644 --- a/network/config/multiple-nics/README.md +++ b/network/config/multiple-nics/README.md @@ -19,3 +19,21 @@ something like this: Or use this Heat environment file: environments/net-multiple-nics.yaml + +Configuration with System Management Network +-------------------------------------------- + +To enable the optional System Management network, create a Heat environment +that looks something like this: + + resource\_registry: + OS::TripleO::Network::Management: ../network/management.yaml + OS::TripleO::Controller::Ports::ManagementPort: ../network/ports/management.yaml + OS::TripleO::Compute::Ports::ManagementPort: ../network/ports/management.yaml + OS::TripleO::CephStorage::Ports::ManagementPort: ../network/ports/management.yaml + OS::TripleO::SwiftStorage::Ports::ManagementPort: ../network/ports/management.yaml + OS::TripleO::BlockStorage::Ports::ManagementPort: ../network/ports/management.yaml + +Or use this Heat environment file: + + environments/network-management.yaml diff --git a/network/config/multiple-nics/ceph-storage.yaml b/network/config/multiple-nics/ceph-storage.yaml index 7d650f4b..a2a6b40d 100644 --- a/network/config/multiple-nics/ceph-storage.yaml +++ b/network/config/multiple-nics/ceph-storage.yaml @@ -29,6 +29,10 @@ parameters: default: '' description: IP address/subnet on the tenant network type: string + ManagementIpSubnet: # Only populated when including environments/network-management.yaml + default: '' + description: IP address/subnet on the management network + type: string ExternalNetworkVlanID: default: 10 description: Vlan ID for the external network traffic. @@ -49,6 +53,10 @@ parameters: default: 50 description: Vlan ID for the tenant network traffic. type: number + ManagementNetworkVlanID: + default: 60 + description: Vlan ID for the management network traffic. + type: number ExternalInterfaceDefaultRoute: default: '10.0.0.1' description: default route for the external network @@ -58,12 +66,12 @@ parameters: description: The subnet CIDR of the control plane network. type: string ControlPlaneDefaultRoute: # Override this via parameter_defaults - description: The subnet CIDR of the control plane network. + description: The default route of the control plane network. type: string DnsServers: # Override this via parameter_defaults default: [] description: A list of DNS servers (2 max for some implementations) that will be added to resolv.conf. - type: json + type: comma_delimited_list EC2MetadataIp: # Override this via parameter_defaults description: The IP address of the EC2 metadata server. type: string @@ -109,6 +117,14 @@ resources: addresses: - ip_netmask: {get_param: StorageMgmtIpSubnet} + # Uncomment when including environments/network-management.yaml + #- + # type: interface + # name: nic7 + # use_dhcp: false + # addresses: + # - + # ip_netmask: {get_param: ManagementIpSubnet} outputs: OS::stack_id: diff --git a/network/config/multiple-nics/cinder-storage.yaml b/network/config/multiple-nics/cinder-storage.yaml index fdb6c9d8..06b4b83f 100644 --- a/network/config/multiple-nics/cinder-storage.yaml +++ b/network/config/multiple-nics/cinder-storage.yaml @@ -29,6 +29,10 @@ parameters: default: '' description: IP address/subnet on the tenant network type: string + ManagementIpSubnet: # Only populated when including environments/network-management.yaml + default: '' + description: IP address/subnet on the management network + type: string ExternalNetworkVlanID: default: 10 description: Vlan ID for the external network traffic. @@ -49,6 +53,10 @@ parameters: default: 50 description: Vlan ID for the tenant network traffic. type: number + ManagementNetworkVlanID: + default: 60 + description: Vlan ID for the management network traffic. + type: number ExternalInterfaceDefaultRoute: default: '10.0.0.1' description: default route for the external network @@ -58,12 +66,12 @@ parameters: description: The subnet CIDR of the control plane network. type: string ControlPlaneDefaultRoute: # Override this via parameter_defaults - description: The subnet CIDR of the control plane network. + description: The default route of the control plane network. type: string DnsServers: # Override this via parameter_defaults default: [] description: A list of DNS servers (2 max for some implementations) that will be added to resolv.conf. - type: json + type: comma_delimited_list EC2MetadataIp: # Override this via parameter_defaults description: The IP address of the EC2 metadata server. type: string @@ -116,6 +124,14 @@ resources: addresses: - ip_netmask: {get_param: InternalApiIpSubnet} + # Uncomment when including environments/network-management.yaml + #- + # type: interface + # name: nic7 + # use_dhcp: false + # addresses: + # - + # ip_netmask: {get_param: ManagementIpSubnet} outputs: OS::stack_id: diff --git a/network/config/multiple-nics/compute.yaml b/network/config/multiple-nics/compute.yaml index 0032a287..97eef52b 100644 --- a/network/config/multiple-nics/compute.yaml +++ b/network/config/multiple-nics/compute.yaml @@ -29,6 +29,14 @@ parameters: default: '' description: IP address/subnet on the tenant network type: string + ManagementIpSubnet: # Only populated when including environments/network-management.yaml + default: '' + description: IP address/subnet on the management network + type: string + ExternalNetworkVlanID: + default: 10 + description: Vlan ID for the external network traffic. + type: number InternalApiNetworkVlanID: default: 20 description: Vlan ID for the internal_api network traffic. @@ -37,21 +45,33 @@ parameters: default: 30 description: Vlan ID for the storage network traffic. type: number + StorageMgmtNetworkVlanID: + default: 40 + description: Vlan ID for the storage mgmt network traffic. + type: number TenantNetworkVlanID: default: 50 description: Vlan ID for the tenant network traffic. type: number + ManagementNetworkVlanID: + default: 60 + description: Vlan ID for the management network traffic. + type: number + ExternalInterfaceDefaultRoute: + default: '10.0.0.1' + description: default route for the external network + type: string ControlPlaneSubnetCidr: # Override this via parameter_defaults default: '24' description: The subnet CIDR of the control plane network. type: string ControlPlaneDefaultRoute: # Override this via parameter_defaults - description: The subnet CIDR of the control plane network. + description: The default route of the control plane network. type: string DnsServers: # Override this via parameter_defaults default: [] description: A list of DNS servers (2 max for some implementations) that will be added to resolv.conf. - type: json + type: comma_delimited_list EC2MetadataIp: # Override this via parameter_defaults description: The IP address of the EC2 metadata server. type: string @@ -112,6 +132,14 @@ resources: use_dhcp: false # force the MAC address of the bridge to this interface primary: true + # Uncomment when including environments/network-management.yaml + #- + # type: interface + # name: nic7 + # use_dhcp: false + # addresses: + # - + # ip_netmask: {get_param: ManagementIpSubnet} outputs: OS::stack_id: diff --git a/network/config/multiple-nics/controller.yaml b/network/config/multiple-nics/controller.yaml index 63f53a1f..32851cfb 100644 --- a/network/config/multiple-nics/controller.yaml +++ b/network/config/multiple-nics/controller.yaml @@ -29,6 +29,10 @@ parameters: default: '' description: IP address/subnet on the tenant network type: string + ManagementIpSubnet: # Only populated when including environments/network-management.yaml + default: '' + description: IP address/subnet on the management network + type: string ExternalNetworkVlanID: default: 10 description: Vlan ID for the external network traffic. @@ -49,6 +53,10 @@ parameters: default: 50 description: Vlan ID for the tenant network traffic. type: number + ManagementNetworkVlanID: + default: 60 + description: Vlan ID for the management network traffic. + type: number ExternalInterfaceDefaultRoute: default: '10.0.0.1' description: default route for the external network @@ -58,12 +66,12 @@ parameters: description: The subnet CIDR of the control plane network. type: string ControlPlaneDefaultRoute: # Override this via parameter_defaults - description: The subnet CIDR of the control plane network. + description: The default route of the control plane network. type: string DnsServers: # Override this via parameter_defaults default: [] description: A list of DNS servers (2 max for some implementations) that will be added to resolv.conf. - type: json + type: comma_delimited_list EC2MetadataIp: # Override this via parameter_defaults description: The IP address of the EC2 metadata server. type: string @@ -131,13 +139,14 @@ resources: - type: ovs_bridge name: {get_input: bridge_name} + dns_servers: {get_param: DnsServers} use_dhcp: false addresses: - ip_netmask: {get_param: ExternalIpSubnet} routes: - - ip_netmask: 0.0.0.0/0 + default: true next_hop: {get_param: ExternalInterfaceDefaultRoute} members: - @@ -145,6 +154,14 @@ resources: name: nic6 # force the MAC address of the bridge to this interface primary: true + # Uncomment when including environments/network-management.yaml + #- + # type: interface + # name: nic7 + # use_dhcp: false + # addresses: + # - + # ip_netmask: {get_param: ManagementIpSubnet} outputs: OS::stack_id: diff --git a/network/config/multiple-nics/swift-storage.yaml b/network/config/multiple-nics/swift-storage.yaml index 00e4f353..4d5a7b99 100644 --- a/network/config/multiple-nics/swift-storage.yaml +++ b/network/config/multiple-nics/swift-storage.yaml @@ -29,6 +29,10 @@ parameters: default: '' description: IP address/subnet on the tenant network type: string + ManagementIpSubnet: # Only populated when including environments/network-management.yaml + default: '' + description: IP address/subnet on the management network + type: string ExternalNetworkVlanID: default: 10 description: Vlan ID for the external network traffic. @@ -49,6 +53,10 @@ parameters: default: 50 description: Vlan ID for the tenant network traffic. type: number + ManagementNetworkVlanID: + default: 60 + description: Vlan ID for the management network traffic. + type: number ExternalInterfaceDefaultRoute: default: '10.0.0.1' description: default route for the external network @@ -58,12 +66,12 @@ parameters: description: The subnet CIDR of the control plane network. type: string ControlPlaneDefaultRoute: # Override this via parameter_defaults - description: The subnet CIDR of the control plane network. + description: The default route of the control plane network. type: string DnsServers: # Override this via parameter_defaults default: [] description: A list of DNS servers (2 max for some implementations) that will be added to resolv.conf. - type: json + type: comma_delimited_list EC2MetadataIp: # Override this via parameter_defaults description: The IP address of the EC2 metadata server. type: string @@ -116,6 +124,14 @@ resources: addresses: - ip_netmask: {get_param: InternalApiIpSubnet} + # Uncomment when including environments/network-management.yaml + #- + # type: interface + # name: nic7 + # use_dhcp: false + # addresses: + # - + # ip_netmask: {get_param: ManagementIpSubnet} outputs: OS::stack_id: diff --git a/network/config/single-nic-vlans/README.md b/network/config/single-nic-vlans/README.md index 6f128650..f9c2e512 100644 --- a/network/config/single-nic-vlans/README.md +++ b/network/config/single-nic-vlans/README.md @@ -1,9 +1,9 @@ This directory contains Heat templates to help configure -Vlans on a single NICs for each Overcloud role. +Vlans on a single NIC for each Overcloud role. There are two versions of the controller role template, one with an external network interface, and another without. If the -external network interface is not configured the ctlplane address +external network interface is not configured, the ctlplane address ranges will be used for external (public) network traffic. Configuration @@ -23,9 +23,27 @@ Or use this Heat environment file: environments/net-single-nic-with-vlans.yaml - Configuration with no External Network -------------------------------------- + Same as above except set the following value for the controller role: OS::TripleO::Controller::Net::SoftwareConfig: network/config/single-nic-vlans/controller-no-external.yaml + +Configuration with System Management Network +-------------------------------------------- + +To enable the optional System Management network, create a Heat environment +that looks something like this: + + resource\_registry: + OS::TripleO::Network::Management: ../network/management.yaml + OS::TripleO::Controller::Ports::ManagementPort: ../network/ports/management.yaml + OS::TripleO::Compute::Ports::ManagementPort: ../network/ports/management.yaml + OS::TripleO::CephStorage::Ports::ManagementPort: ../network/ports/management.yaml + OS::TripleO::SwiftStorage::Ports::ManagementPort: ../network/ports/management.yaml + OS::TripleO::BlockStorage::Ports::ManagementPort: ../network/ports/management.yaml + +Or use this Heat environment file: + + environments/network-management.yaml diff --git a/network/config/single-nic-vlans/ceph-storage.yaml b/network/config/single-nic-vlans/ceph-storage.yaml index 5148c520..80bc32d3 100644 --- a/network/config/single-nic-vlans/ceph-storage.yaml +++ b/network/config/single-nic-vlans/ceph-storage.yaml @@ -29,6 +29,10 @@ parameters: default: '' description: IP address/subnet on the tenant network type: string + ManagementIpSubnet: # Only populated when including environments/network-management.yaml + default: '' + description: IP address/subnet on the management network + type: string StorageNetworkVlanID: default: 30 description: Vlan ID for the storage network traffic. @@ -37,6 +41,10 @@ parameters: default: 40 description: Vlan ID for the storage mgmt network traffic. type: number + ManagementNetworkVlanID: + default: 60 + description: Vlan ID for the management network traffic. + type: number ControlPlaneSubnetCidr: # Override this via parameter_defaults default: '24' description: The subnet CIDR of the control plane network. @@ -97,6 +105,13 @@ resources: addresses: - ip_netmask: {get_param: StorageMgmtIpSubnet} + # Uncomment when including environments/network-management.yaml + #- + # type: vlan + # vlan_id: {get_param: ManagementNetworkVlanID} + # addresses: + # - + # ip_netmask: {get_param: ManagementIpSubnet} outputs: OS::stack_id: diff --git a/network/config/single-nic-vlans/cinder-storage.yaml b/network/config/single-nic-vlans/cinder-storage.yaml index e79a9f4b..e509443a 100644 --- a/network/config/single-nic-vlans/cinder-storage.yaml +++ b/network/config/single-nic-vlans/cinder-storage.yaml @@ -29,6 +29,10 @@ parameters: default: '' description: IP address/subnet on the tenant network type: string + ManagementIpSubnet: # Only populated when including environments/network-management.yaml + default: '' + description: IP address/subnet on the management network + type: string InternalApiNetworkVlanID: default: 20 description: Vlan ID for the internal_api network traffic. @@ -41,6 +45,10 @@ parameters: default: 40 description: Vlan ID for the storage mgmt network traffic. type: number + ManagementNetworkVlanID: + default: 60 + description: Vlan ID for the management network traffic. + type: number ControlPlaneSubnetCidr: # Override this via parameter_defaults default: '24' description: The subnet CIDR of the control plane network. @@ -107,6 +115,13 @@ resources: addresses: - ip_netmask: {get_param: StorageMgmtIpSubnet} + # Uncomment when including environments/network-management.yaml + #- + # type: vlan + # vlan_id: {get_param: ManagementNetworkVlanID} + # addresses: + # - + # ip_netmask: {get_param: ManagementIpSubnet} outputs: OS::stack_id: diff --git a/network/config/single-nic-vlans/compute.yaml b/network/config/single-nic-vlans/compute.yaml index 4e93b31c..8cf6825d 100644 --- a/network/config/single-nic-vlans/compute.yaml +++ b/network/config/single-nic-vlans/compute.yaml @@ -29,6 +29,10 @@ parameters: default: '' description: IP address/subnet on the tenant network type: string + ManagementIpSubnet: # Only populated when including environments/network-management.yaml + default: '' + description: IP address/subnet on the management network + type: string InternalApiNetworkVlanID: default: 20 description: Vlan ID for the internal_api network traffic. @@ -41,6 +45,10 @@ parameters: default: 50 description: Vlan ID for the tenant network traffic. type: number + ManagementNetworkVlanID: + default: 60 + description: Vlan ID for the management network traffic. + type: number ControlPlaneSubnetCidr: # Override this via parameter_defaults default: '24' description: The subnet CIDR of the control plane network. @@ -107,6 +115,13 @@ resources: addresses: - ip_netmask: {get_param: TenantIpSubnet} + # Uncomment when including environments/network-management.yaml + #- + # type: vlan + # vlan_id: {get_param: ManagementNetworkVlanID} + # addresses: + # - + # ip_netmask: {get_param: ManagementIpSubnet} outputs: OS::stack_id: diff --git a/network/config/single-nic-vlans/controller-no-external.yaml b/network/config/single-nic-vlans/controller-no-external.yaml index faf9e9c2..eb5e1e5a 100644 --- a/network/config/single-nic-vlans/controller-no-external.yaml +++ b/network/config/single-nic-vlans/controller-no-external.yaml @@ -25,6 +25,10 @@ parameters: default: '' description: IP address/subnet on the tenant network type: string + ManagementIpSubnet: # Only populated when including environments/network-management.yaml + default: '' + description: IP address/subnet on the management network + type: string ExternalNetworkVlanID: default: 10 description: Vlan ID for the external network traffic. @@ -45,6 +49,10 @@ parameters: default: 50 description: Vlan ID for the tenant network traffic. type: number + ManagementNetworkVlanID: + default: 60 + description: Vlan ID for the management network traffic. + type: number ExternalInterfaceDefaultRoute: default: '10.0.0.1' description: default route for the external network @@ -92,6 +100,13 @@ resources: addresses: - ip_netmask: {get_param: TenantIpSubnet} + # Uncomment when including environments/network-management.yaml + #- + # type: vlan + # vlan_id: {get_param: ManagementNetworkVlanID} + # addresses: + # - + # ip_netmask: {get_param: ManagementIpSubnet} outputs: OS::stack_id: diff --git a/network/config/single-nic-vlans/controller.yaml b/network/config/single-nic-vlans/controller.yaml index 3c536d67..3b22b36b 100644 --- a/network/config/single-nic-vlans/controller.yaml +++ b/network/config/single-nic-vlans/controller.yaml @@ -29,6 +29,10 @@ parameters: default: '' description: IP address/subnet on the tenant network type: string + ManagementIpSubnet: # Only populated when including environments/network-management.yaml + default: '' + description: IP address/subnet on the management network + type: string ExternalNetworkVlanID: default: 10 description: Vlan ID for the external network traffic. @@ -49,6 +53,10 @@ parameters: default: 50 description: Vlan ID for the tenant network traffic. type: number + ManagementNetworkVlanID: + default: 60 + description: Vlan ID for the management network traffic. + type: number ExternalInterfaceDefaultRoute: default: '10.0.0.1' description: default route for the external network @@ -129,6 +137,12 @@ resources: addresses: - ip_netmask: {get_param: TenantIpSubnet} + #- # Uncomment when including environments/network-management.yaml + # type: vlan + # vlan_id: {get_param: ManagementNetworkVlanID} + # addresses: + # - + # ip_netmask: {get_param: ManagementIpSubnet} outputs: OS::stack_id: diff --git a/network/config/single-nic-vlans/swift-storage.yaml b/network/config/single-nic-vlans/swift-storage.yaml index 83b3304f..efc03393 100644 --- a/network/config/single-nic-vlans/swift-storage.yaml +++ b/network/config/single-nic-vlans/swift-storage.yaml @@ -29,6 +29,10 @@ parameters: default: '' description: IP address/subnet on the tenant network type: string + ManagementIpSubnet: # Only populated when including environments/network-management.yaml + default: '' + description: IP address/subnet on the management network + type: string InternalApiNetworkVlanID: default: 20 description: Vlan ID for the internal_api network traffic. @@ -41,6 +45,10 @@ parameters: default: 40 description: Vlan ID for the storage mgmt network traffic. type: number + ManagementNetworkVlanID: + default: 60 + description: Vlan ID for the management network traffic. + type: number ControlPlaneSubnetCidr: # Override this via parameter_defaults default: '24' description: The subnet CIDR of the control plane network. @@ -107,6 +115,13 @@ resources: addresses: - ip_netmask: {get_param: StorageMgmtIpSubnet} + # Uncomment when including environments/network-management.yaml + #- + # type: vlan + # vlan_id: {get_param: ManagementNetworkVlanID} + # addresses: + # - + # ip_netmask: {get_param: ManagementIpSubnet} outputs: OS::stack_id: diff --git a/network/management.yaml b/network/management.yaml new file mode 100644 index 00000000..9bfaafa2 --- /dev/null +++ b/network/management.yaml @@ -0,0 +1,64 @@ +heat_template_version: 2015-04-30 + +description: > + Management network. System administration, SSH, DNS, NTP, etc. This network + would usually be the default gateway for the non-controller nodes. + +parameters: + # the defaults here work for static IP assignment (IPAM) only + ManagementNetCidr: + default: '10.0.1.0/24' + description: Cidr for the management network. + type: string + ManagementNetValueSpecs: + default: {'provider:physical_network': 'management', 'provider:network_type': 'flat'} + description: Value specs for the management network. + type: string + ManagementNetAdminStateUp: + default: false + description: This admin state of of the network. + type: boolean + ManagementNetEnableDHCP: + default: false + description: Whether to enable DHCP on the associated subnet. + type: boolean + ManagementNetShared: + default: false + description: Whether this network is shared across all tenants. + type: boolean + ManagementNetName: + default: management + description: The name of the management network. + type: string + ManagementSubnetName: + default: management_subnet + description: The name of the management subnet in Neutron. + type: string + ManagementAllocationPools: + default: [{'start': '10.0.1.4', 'end': '10.0.1.250'}] + description: Ip allocation pool range for the management network. + type: json + +resources: + ManagementNetwork: + type: OS::Neutron::Net + properties: + admin_state_up: {get_param: ManagementNetAdminStateUp} + name: {get_param: ManagementNetName} + shared: {get_param: ManagementNetShared} + value_specs: {get_param: ManagementNetValueSpecs} + + ManagementSubnet: + type: OS::Neutron::Subnet + properties: + cidr: {get_param: ManagementNetCidr} + enable_dhcp: {get_param: ManagementNetEnableDHCP} + name: {get_param: ManagementSubnetName} + network: {get_resource: ManagementNetwork} + allocation_pools: {get_param: ManagementAllocationPools} + +outputs: + OS::stack_id: + description: Neutron management network + value: {get_resource: ManagementNetwork} + diff --git a/network/networks.yaml b/network/networks.yaml index 6618af38..ab50ae11 100644 --- a/network/networks.yaml +++ b/network/networks.yaml @@ -18,3 +18,6 @@ resources: TenantNetwork: type: OS::TripleO::Network::Tenant + + ManagementNetwork: + type: OS::TripleO::Network::Management diff --git a/network/ports/ctlplane_vip.yaml b/network/ports/ctlplane_vip.yaml index ab6b18f8..7a7043bd 100644 --- a/network/ports/ctlplane_vip.yaml +++ b/network/ports/ctlplane_vip.yaml @@ -5,6 +5,10 @@ description: > The IP address will be chosen automatically if FixedIPs is empty. parameters: + ServiceName: # Here for compatibility with from_service.yaml + description: Name of the service to lookup + default: '' + type: string NetworkName: description: # Here for compatibility with isolated networks default: ctlplane diff --git a/network/ports/external.yaml b/network/ports/external.yaml index 4180a223..7624eb9f 100644 --- a/network/ports/external.yaml +++ b/network/ports/external.yaml @@ -27,6 +27,12 @@ parameters: [{'ip_address':'1.2.3.4'}] default: [] type: json + IPPool: # Here for compatibility with from_pool.yaml + default: {} + type: json + NodeIndex: # Here for compatibility with from_pool.yaml + default: 0 + type: number resources: diff --git a/network/ports/external_from_pool.yaml b/network/ports/external_from_pool.yaml new file mode 100644 index 00000000..8e9dc7c2 --- /dev/null +++ b/network/ports/external_from_pool.yaml @@ -0,0 +1,45 @@ +heat_template_version: 2015-04-30 + +description: > + Returns an IP from a network mapped list of IPs + +parameters: + ExternalNetName: + description: Name of the external network + default: external + type: string + PortName: + description: Name of the port + default: '' + type: string + ControlPlaneIP: # Here for compatability with noop.yaml + description: IP address on the control plane + default: '' + type: string + IPPool: + default: {} + description: A network mapped list of IPs + type: json + NodeIndex: + default: 0 + description: Index of the IP to get from Pool + type: number + ExternalNetCidr: + default: '10.0.0.0/24' + description: Cidr for the external network. + type: string + +outputs: + ip_address: + description: external network IP + value: {get_param: [IPPool, {get_param: ExternalNetName}, {get_param: NodeIndex}]} + ip_subnet: + # FIXME: this assumes a 2 digit subnet CIDR (need more heat functions?) + description: IP/Subnet CIDR for the external network IP + value: + list_join: + - '' + - - {get_param: [IPPool, {get_param: ExternalNetName}, {get_param: NodeIndex}]} + - '/' + - {get_param: [ExternalNetCidr, -2]} + - {get_param: [ExternalNetCidr, -1]} diff --git a/network/ports/from_service.yaml b/network/ports/from_service.yaml new file mode 100644 index 00000000..6b669f41 --- /dev/null +++ b/network/ports/from_service.yaml @@ -0,0 +1,34 @@ +heat_template_version: 2015-04-30 + +description: > + Returns an IP from a service mapped list of IPs + +parameters: + ServiceName: + description: Name of the service to lookup + default: '' + type: string + NetworkName: # Here for compatability with ctlplane_vip.yaml + description: Name of the network where the VIP will be created + default: ctlplane + type: string + PortName: # Here for compatability with ctlplane_vip.yaml + description: Name of the port + default: '' + type: string + ControlPlaneIP: # Here for compatability with ctlplane_vip.yaml + description: IP address on the control plane + default: '' + type: string + ControlPlaneNetwork: # Here for compatability with ctlplane_vip.yaml + description: The name of the undercloud Neutron control plane + default: ctlplane + type: string + ServiceVips: + default: {} + type: json + +outputs: + ip_address: + description: network IP + value: {get_param: [ServiceVips, {get_param: ServiceName}]} diff --git a/network/ports/internal_api.yaml b/network/ports/internal_api.yaml index 01cdfe9b..f84e8f71 100644 --- a/network/ports/internal_api.yaml +++ b/network/ports/internal_api.yaml @@ -22,6 +22,12 @@ parameters: [{'ip_address':'1.2.3.4'}] default: [] type: json + IPPool: # Here for compatibility with from_pool.yaml + default: {} + type: json + NodeIndex: # Here for compatibility with from_pool.yaml + default: 0 + type: number resources: diff --git a/network/ports/internal_api_from_pool.yaml b/network/ports/internal_api_from_pool.yaml new file mode 100644 index 00000000..b98e1fb1 --- /dev/null +++ b/network/ports/internal_api_from_pool.yaml @@ -0,0 +1,45 @@ +heat_template_version: 2015-04-30 + +description: > + Returns an IP from a network mapped list of IPs + +parameters: + InternalApiNetName: + description: Name of the internal API network + default: internal_api + type: string + PortName: + description: Name of the port + default: '' + type: string + ControlPlaneIP: # Here for compatability with noop.yaml + description: IP address on the control plane + default: '' + type: string + IPPool: + default: {} + description: A network mapped list of IPs + type: json + NodeIndex: + default: 0 + description: Index of the IP to get from Pool + type: number + InternalApiNetCidr: + default: '172.16.2.0/24' + description: Cidr for the internal API network. + type: string + +outputs: + ip_address: + description: internal API network IP + value: {get_param: [IPPool, {get_param: InternalApiNetName}, {get_param: NodeIndex}]} + ip_subnet: + # FIXME: this assumes a 2 digit subnet CIDR (need more heat functions?) + description: IP/Subnet CIDR for the internal API network IP + value: + list_join: + - '' + - - {get_param: [IPPool, {get_param: InternalApiNetName}, {get_param: NodeIndex}]} + - '/' + - {get_param: [InternalApiNetCidr, -2]} + - {get_param: [InternalApiNetCidr, -1]} diff --git a/network/ports/management.yaml b/network/ports/management.yaml new file mode 100644 index 00000000..1d15ca60 --- /dev/null +++ b/network/ports/management.yaml @@ -0,0 +1,42 @@ +heat_template_version: 2015-04-30 + +description: > + Creates a port on the management network. The IP address will be chosen + automatically if FixedIPs is empty. + +parameters: + ManagementNetName: + description: Name of the management neutron network + default: management + type: string + PortName: + description: Name of the port + default: '' + type: string + ControlPlaneIP: # Here for compatibility with noop.yaml + description: IP address on the control plane + type: string + +resources: + + ManagementPort: + type: OS::Neutron::Port + properties: + network: {get_param: ManagementNetName} + name: {get_param: PortName} + replacement_policy: AUTO + +outputs: + ip_address: + description: management network IP + value: {get_attr: [ManagementPort, fixed_ips, 0, ip_address]} + ip_subnet: + # FIXME: this assumes a 2 digit subnet CIDR (need more heat functions?) + description: IP/Subnet CIDR for the management network IP + value: + list_join: + - '' + - - {get_attr: [ManagementPort, fixed_ips, 0, ip_address]} + - '/' + - {get_attr: [ManagementPort, subnets, 0, cidr, -2]} + - {get_attr: [ManagementPort, subnets, 0, cidr, -1]} diff --git a/network/ports/net_ip_list_map.yaml b/network/ports/net_ip_list_map.yaml index 257d3f9b..32272bd6 100644 --- a/network/ports/net_ip_list_map.yaml +++ b/network/ports/net_ip_list_map.yaml @@ -19,6 +19,9 @@ parameters: TenantIpList: default: [] type: comma_delimited_list + ManagementIpList: + default: [] + type: comma_delimited_list outputs: net_ip_map: @@ -32,3 +35,4 @@ outputs: storage: {get_param: StorageIpList} storage_mgmt: {get_param: StorageMgmtIpList} tenant: {get_param: TenantIpList} + management: {get_param: ManagementIpList} diff --git a/network/ports/net_ip_map.yaml b/network/ports/net_ip_map.yaml index 7aaed160..c6386025 100644 --- a/network/ports/net_ip_map.yaml +++ b/network/ports/net_ip_map.yaml @@ -19,6 +19,9 @@ parameters: TenantIp: default: '' type: string + ManagementIp: + default: '' + type: string outputs: net_ip_map: @@ -32,3 +35,4 @@ outputs: storage: {get_param: StorageIp} storage_mgmt: {get_param: StorageMgmtIp} tenant: {get_param: TenantIp} + management: {get_param: ManagementIp} diff --git a/network/ports/net_ip_subnet_map.yaml b/network/ports/net_ip_subnet_map.yaml index cf59adb3..2f933eaa 100644 --- a/network/ports/net_ip_subnet_map.yaml +++ b/network/ports/net_ip_subnet_map.yaml @@ -19,6 +19,9 @@ parameters: TenantIpSubnet: default: '' type: string + ManagementIpSubnet: + default: '' + type: string ControlPlaneSubnetCidr: # Override this via parameter_defaults default: '24' description: The subnet CIDR of the control plane network. @@ -41,3 +44,4 @@ outputs: storage: {get_param: StorageIpSubnet} storage_mgmt: {get_param: StorageMgmtIpSubnet} tenant: {get_param: TenantIpSubnet} + management: {get_param: ManagementIpSubnet} diff --git a/network/ports/net_vip_map_external.yaml b/network/ports/net_vip_map_external.yaml index 36426b32..23e1f992 100644 --- a/network/ports/net_vip_map_external.yaml +++ b/network/ports/net_vip_map_external.yaml @@ -2,7 +2,7 @@ heat_template_version: 2015-04-30 parameters: # Set these via parameter defaults to configure external VIPs - ControlNetworkVip: + ControlPlaneIP: default: '' type: string ExternalNetworkVip: @@ -43,7 +43,7 @@ outputs: A Hash containing a mapping of network names to assigned IPs for a specific machine. value: - ctlplane: {get_param: ControlNetworkVip} + ctlplane: {get_param: ControlPlaneIP} external: {get_param: ExternalNetworkVip} internal_api: {get_param: InternalApiNetworkVip} storage: {get_param: StorageNetworkVip} diff --git a/network/ports/noop.yaml b/network/ports/noop.yaml index 028624fd..ac946cd9 100644 --- a/network/ports/noop.yaml +++ b/network/ports/noop.yaml @@ -4,6 +4,10 @@ description: > Returns the control plane port (provisioning network) as the ip_address. parameters: + ServiceName: # Here for compatibility with from_service.yaml + description: Name of the service to lookup + default: '' + type: string ControlPlaneIP: description: IP address on the control plane type: string @@ -27,6 +31,14 @@ parameters: default: '24' description: The subnet CIDR of the control plane network. type: string + IPPool: # Here for compatibility with from_pool.yaml + default: {} + description: A network mapped list of IPs + type: json + NodeIndex: # Here for compatibility with from_pool.yaml + default: 0 + description: Index of the IP to get from Pool + type: number outputs: ip_address: diff --git a/network/ports/storage.yaml b/network/ports/storage.yaml index 1d2384c5..a07e5a4f 100644 --- a/network/ports/storage.yaml +++ b/network/ports/storage.yaml @@ -22,6 +22,12 @@ parameters: [{'ip_address':'1.2.3.4'}] default: [] type: json + IPPool: # Here for compatibility with from_pool.yaml + default: {} + type: json + NodeIndex: # Here for compatibility with from_pool.yaml + default: 0 + type: number resources: diff --git a/network/ports/storage_from_pool.yaml b/network/ports/storage_from_pool.yaml new file mode 100644 index 00000000..668bc6f6 --- /dev/null +++ b/network/ports/storage_from_pool.yaml @@ -0,0 +1,45 @@ +heat_template_version: 2015-04-30 + +description: > + Returns an IP from a network mapped list of IPs + +parameters: + StorageNetName: + description: Name of the storage network + default: storage + type: string + PortName: + description: Name of the port + default: '' + type: string + ControlPlaneIP: # Here for compatability with noop.yaml + description: IP address on the control plane + default: '' + type: string + IPPool: + default: {} + description: A network mapped list of IPs + type: json + NodeIndex: + default: 0 + description: Index of the IP to get from Pool + type: number + StorageNetCidr: + default: '172.16.1.0/24' + description: Cidr for the storage network. + type: string + +outputs: + ip_address: + description: storage network IP + value: {get_param: [IPPool, {get_param: StorageNetName}, {get_param: NodeIndex}]} + ip_subnet: + # FIXME: this assumes a 2 digit subnet CIDR (need more heat functions?) + description: IP/Subnet CIDR for the storage network IP + value: + list_join: + - '' + - - {get_param: [IPPool, {get_param: StorageNetName}, {get_param: NodeIndex}]} + - '/' + - {get_param: [StorageNetCidr, -2]} + - {get_param: [StorageNetCidr, -1]} diff --git a/network/ports/storage_mgmt.yaml b/network/ports/storage_mgmt.yaml index f10e3582..4890bf5a 100644 --- a/network/ports/storage_mgmt.yaml +++ b/network/ports/storage_mgmt.yaml @@ -22,6 +22,12 @@ parameters: [{'ip_address':'1.2.3.4'}] default: [] type: json + IPPool: # Here for compatibility with from_pool.yaml + default: {} + type: json + NodeIndex: # Here for compatibility with from_pool.yaml + default: 0 + type: number resources: diff --git a/network/ports/storage_mgmt_from_pool.yaml b/network/ports/storage_mgmt_from_pool.yaml new file mode 100644 index 00000000..bea87105 --- /dev/null +++ b/network/ports/storage_mgmt_from_pool.yaml @@ -0,0 +1,45 @@ +heat_template_version: 2015-04-30 + +description: > + Returns an IP from a network mapped list of IPs + +parameters: + StorageMgmtNetName: + description: Name of the storage MGMT network + default: storage_mgmt + type: string + PortName: + description: Name of the port + default: '' + type: string + ControlPlaneIP: # Here for compatability with noop.yaml + description: IP address on the control plane + default: '' + type: string + IPPool: + default: {} + description: A network mapped list of IPs + type: json + NodeIndex: + default: 0 + description: Index of the IP to get from Pool + type: number + StorageMgmtNetCidr: + default: '172.16.3.0/24' + description: Cidr for the storage MGMT network. + type: string + +outputs: + ip_address: + description: storage MGMT network IP + value: {get_param: [IPPool, {get_param: StorageMgmtNetName}, {get_param: NodeIndex}]} + ip_subnet: + # FIXME: this assumes a 2 digit subnet CIDR (need more heat functions?) + description: IP/Subnet CIDR for the storage MGMT network IP + value: + list_join: + - '' + - - {get_param: [IPPool, {get_param: StorageMgmtNetName}, {get_param: NodeIndex}]} + - '/' + - {get_param: [StorageMgmtNetCidr, -2]} + - {get_param: [StorageMgmtNetCidr, -1]} diff --git a/network/ports/tenant.yaml b/network/ports/tenant.yaml index ccdc57ee..86c58f2f 100644 --- a/network/ports/tenant.yaml +++ b/network/ports/tenant.yaml @@ -22,6 +22,12 @@ parameters: [{'ip_address':'1.2.3.4'}] default: [] type: json + IPPool: # Here for compatibility with from_pool.yaml + default: {} + type: json + NodeIndex: # Here for compatibility with from_pool.yaml + default: 0 + type: number resources: diff --git a/network/ports/tenant_from_pool.yaml b/network/ports/tenant_from_pool.yaml new file mode 100644 index 00000000..29303bb6 --- /dev/null +++ b/network/ports/tenant_from_pool.yaml @@ -0,0 +1,45 @@ +heat_template_version: 2015-04-30 + +description: > + Returns an IP from a network mapped list of IPs + +parameters: + TenantNetName: + description: Name of the tenant network + default: tenant + type: string + PortName: + description: Name of the port + default: '' + type: string + ControlPlaneIP: # Here for compatability with noop.yaml + description: IP address on the control plane + default: '' + type: string + IPPool: + default: {} + description: A network mapped list of IPs + type: json + NodeIndex: + default: 0 + description: Index of the IP to get from Pool + type: number + TenantNetCidr: + default: '172.16.0.0/24' + description: Cidr for the tenant network. + type: string + +outputs: + ip_address: + description: tenant network IP + value: {get_param: [IPPool, {get_param: TenantNetName}, {get_param: NodeIndex}]} + ip_subnet: + # FIXME: this assumes a 2 digit subnet CIDR (need more heat functions?) + description: IP/Subnet CIDR for the tenant network IP + value: + list_join: + - '' + - - {get_param: [IPPool, {get_param: TenantNetName}, {get_param: NodeIndex}]} + - '/' + - {get_param: [TenantNetCidr, -2]} + - {get_param: [TenantNetCidr, -1]} diff --git a/network/ports/vip.yaml b/network/ports/vip.yaml index ab6cd2c0..9bb6cde2 100644 --- a/network/ports/vip.yaml +++ b/network/ports/vip.yaml @@ -5,6 +5,10 @@ description: > The IP address will be chosen automatically if FixedIPs is empty. parameters: + ServiceName: # Here for compatibility with from_service.yaml + description: Name of the service to lookup + default: '' + type: string NetworkName: description: Name of the network where the VIP will be created default: internal_api diff --git a/overcloud-resource-registry-puppet.yaml b/overcloud-resource-registry-puppet.yaml index 77368d0a..888a3c89 100644 --- a/overcloud-resource-registry-puppet.yaml +++ b/overcloud-resource-registry-puppet.yaml @@ -61,40 +61,59 @@ resource_registry: OS::TripleO::Network::StorageMgmt: network/noop.yaml OS::TripleO::Network::Storage: network/noop.yaml OS::TripleO::Network::Tenant: network/noop.yaml + OS::TripleO::Network::Management: network/noop.yaml OS::TripleO::Network::Ports::NetVipMap: network/ports/net_ip_map.yaml OS::TripleO::Network::Ports::NetIpMap: network/ports/net_ip_map.yaml OS::TripleO::Network::Ports::NetIpSubnetMap: network/ports/net_ip_subnet_map.yaml OS::TripleO::Network::Ports::NetIpListMap: network/ports/net_ip_list_map.yaml + # Port assignments for the VIPs + OS::TripleO::Network::Ports::ExternalVipPort: network/ports/noop.yaml + OS::TripleO::Network::Ports::InternalApiVipPort: network/ports/noop.yaml + OS::TripleO::Network::Ports::StorageVipPort: network/ports/noop.yaml + OS::TripleO::Network::Ports::StorageMgmtVipPort: network/ports/noop.yaml + OS::TripleO::Network::Ports::RedisVipPort: network/ports/ctlplane_vip.yaml + # Port assignments for the controller role OS::TripleO::Controller::Ports::ExternalPort: network/ports/noop.yaml OS::TripleO::Controller::Ports::InternalApiPort: network/ports/noop.yaml OS::TripleO::Controller::Ports::StoragePort: network/ports/noop.yaml OS::TripleO::Controller::Ports::StorageMgmtPort: network/ports/noop.yaml OS::TripleO::Controller::Ports::TenantPort: network/ports/noop.yaml + OS::TripleO::Controller::Ports::ManagementPort: network/ports/noop.yaml # Port assignments for the compute role + OS::TripleO::Compute::Ports::ExternalPort: network/ports/noop.yaml OS::TripleO::Compute::Ports::InternalApiPort: network/ports/noop.yaml OS::TripleO::Compute::Ports::StoragePort: network/ports/noop.yaml + OS::TripleO::Compute::Ports::StorageMgmtPort: network/ports/noop.yaml OS::TripleO::Compute::Ports::TenantPort: network/ports/noop.yaml + OS::TripleO::Compute::Ports::ManagementPort: network/ports/noop.yaml # Port assignments for the ceph storage role + OS::TripleO::CephStorage::Ports::ExternalPort: network/ports/noop.yaml + OS::TripleO::CephStorage::Ports::InternalApiPort: network/ports/noop.yaml OS::TripleO::CephStorage::Ports::StoragePort: network/ports/noop.yaml OS::TripleO::CephStorage::Ports::StorageMgmtPort: network/ports/noop.yaml + OS::TripleO::CephStorage::Ports::TenantPort: network/ports/noop.yaml + OS::TripleO::CephStorage::Ports::ManagementPort: network/ports/noop.yaml # Port assignments for the swift storage role + OS::TripleO::SwiftStorage::Ports::ExternalPort: network/ports/noop.yaml OS::TripleO::SwiftStorage::Ports::InternalApiPort: network/ports/noop.yaml OS::TripleO::SwiftStorage::Ports::StoragePort: network/ports/noop.yaml OS::TripleO::SwiftStorage::Ports::StorageMgmtPort: network/ports/noop.yaml + OS::TripleO::SwiftStorage::Ports::TenantPort: network/ports/noop.yaml + OS::TripleO::SwiftStorage::Ports::ManagementPort: network/ports/noop.yaml # Port assignments for the block storage role + OS::TripleO::BlockStorage::Ports::ExternalPort: network/ports/noop.yaml OS::TripleO::BlockStorage::Ports::InternalApiPort: network/ports/noop.yaml OS::TripleO::BlockStorage::Ports::StoragePort: network/ports/noop.yaml OS::TripleO::BlockStorage::Ports::StorageMgmtPort: network/ports/noop.yaml - - # Port assignments for service virtual IPs for the controller role - OS::TripleO::Controller::Ports::RedisVipPort: network/ports/ctlplane_vip.yaml + OS::TripleO::BlockStorage::Ports::TenantPort: network/ports/noop.yaml + OS::TripleO::BlockStorage::Ports::ManagementPort: network/ports/noop.yaml # Service Endpoint Mappings OS::TripleO::Endpoint: network/endpoints/endpoint.yaml diff --git a/overcloud.yaml b/overcloud.yaml index 1a571120..fe82bfd5 100644 --- a/overcloud.yaml +++ b/overcloud.yaml @@ -13,7 +13,6 @@ parameters: # Common parameters (not specific to a role) AdminPassword: - default: unset description: The password for the keystone admin account, used for monitoring, querying neutron etc. type: string hidden: true @@ -22,12 +21,10 @@ parameters: description: The ceilometer backend type. type: string CeilometerMeteringSecret: - default: unset description: Secret shared by the ceilometer services. type: string hidden: true CeilometerPassword: - default: unset description: The password for the ceilometer service account. type: string hidden: true @@ -138,7 +135,6 @@ parameters: description: The tenant network type for Neutron. type: comma_delimited_list NeutronPassword: - default: unset description: The password for the neutron service account, used by neutron agents. type: string hidden: true @@ -169,7 +165,6 @@ parameters: description: Whether to configure Neutron Distributed Virtual Routers type: string NeutronMetadataProxySharedSecret: - default: 'unset' description: Shared secret to prevent spoofing type: string hidden: true @@ -225,7 +220,6 @@ parameters: default: 1 description: The number of neutron dhcp agents to schedule per network NovaPassword: - default: unset description: The password for the nova service account, used by nova-api. type: string hidden: true @@ -277,7 +271,6 @@ parameters: description: The user name for SNMPd with readonly rights running on all Overcloud nodes type: string SnmpdReadonlyUserPassword: - default: unset description: The user password for SNMPd with readonly rights running on all Overcloud nodes type: string hidden: true @@ -296,7 +289,6 @@ parameters: # Controller-specific params AdminToken: - default: unset description: The keystone auth secret. type: string hidden: true @@ -317,7 +309,6 @@ parameters: CinderEnableNfsBackend is true. type: comma_delimited_list CinderPassword: - default: unset description: The password for the cinder service account, used by cinder-api. type: string hidden: true @@ -418,7 +409,6 @@ parameters: type: string default: noop GlancePassword: - default: unset description: The password for the glance service account, used by the glance services. type: string hidden: true @@ -430,14 +420,12 @@ parameters: constraints: - allowed_values: ['swift', 'file', 'rbd'] HeatPassword: - default: unset description: The password for the Heat service account, used by the Heat services. type: string hidden: true HeatStackDomainAdminPassword: description: Password for heat_domain_admin user. type: string - default: '' hidden: true InstanceNameTemplate: default: 'instance-%08x' @@ -517,12 +505,10 @@ parameters: This should be int_public when a VLAN is being used. type: string SwiftHashSuffix: - default: unset description: A random string to be used as a salt when hashing to determine mappings in the ring. type: string hidden: true SwiftPassword: - default: unset description: The password for the swift service account, used by the swift proxy services. type: string hidden: true @@ -1139,6 +1125,7 @@ resources: StorageIpList: {get_attr: [Controller, storage_ip_address]} StorageMgmtIpList: {get_attr: [Controller, storage_mgmt_ip_address]} TenantIpList: {get_attr: [Controller, tenant_ip_address]} + ManagementIpList: {get_attr: [Controller, management_ip_address]} allNodesConfig: type: OS::TripleO::AllNodes::SoftwareConfig @@ -1201,17 +1188,18 @@ resources: RedisVirtualIP: depends_on: Networks - type: OS::TripleO::Controller::Ports::RedisVipPort + type: OS::TripleO::Network::Ports::RedisVipPort properties: ControlPlaneIP: {get_attr: [ControlVirtualIP, fixed_ips, 0, ip_address]} ControlPlaneNetwork: {get_param: NeutronControlPlaneID} PortName: redis_virtual_ip NetworkName: {get_param: [ServiceNetMap, RedisNetwork]} + ServiceName: redis # The public VIP is on the External net, falls back to ctlplane PublicVirtualIP: depends_on: Networks - type: OS::TripleO::Controller::Ports::ExternalPort + type: OS::TripleO::Network::Ports::ExternalVipPort properties: ControlPlaneIP: {get_attr: [ControlVirtualIP, fixed_ips, 0, ip_address]} ControlPlaneNetwork: {get_param: NeutronControlPlaneID} @@ -1220,21 +1208,21 @@ resources: InternalApiVirtualIP: depends_on: Networks - type: OS::TripleO::Controller::Ports::InternalApiPort + type: OS::TripleO::Network::Ports::InternalApiVipPort properties: ControlPlaneIP: {get_attr: [ControlVirtualIP, fixed_ips, 0, ip_address]} PortName: internal_api_virtual_ip StorageVirtualIP: depends_on: Networks - type: OS::TripleO::Controller::Ports::StoragePort + type: OS::TripleO::Network::Ports::StorageVipPort properties: ControlPlaneIP: {get_attr: [ControlVirtualIP, fixed_ips, 0, ip_address]} PortName: storage_virtual_ip StorageMgmtVirtualIP: depends_on: Networks - type: OS::TripleO::Controller::Ports::StorageMgmtPort + type: OS::TripleO::Network::Ports::StorageMgmtVipPort properties: ControlPlaneIP: {get_attr: [ControlVirtualIP, fixed_ips, 0, ip_address]} PortName: storage_management_virtual_ip @@ -1247,7 +1235,7 @@ resources: InternalApiIp: {get_attr: [InternalApiVirtualIP, ip_address]} StorageIp: {get_attr: [StorageVirtualIP, ip_address]} StorageMgmtIp: {get_attr: [StorageMgmtVirtualIP, ip_address]} - # No tenant VIP required + # No tenant or management VIP required VipConfig: type: OS::TripleO::VipConfig @@ -1540,7 +1528,7 @@ outputs: value: {get_attr: [VipMap, net_ip_map, {get_param: [ServiceNetMap, SwiftProxyNetwork]}]} HostsEntry: description: | - The content that should be appended to your /etc/hosts if you want do get + The content that should be appended to your /etc/hosts if you want to get hostname-based access to the deployed nodes (useful for testing without setting up a DNS). value: {get_attr: [allNodesConfig, hosts_entries]} diff --git a/puppet/all-nodes-config.yaml b/puppet/all-nodes-config.yaml index 895ddc3d..9dd43680 100644 --- a/puppet/all-nodes-config.yaml +++ b/puppet/all-nodes-config.yaml @@ -261,7 +261,7 @@ outputs: {get_resource: allNodesConfigImpl} hosts_entries: description: | - The content that should be appended to your /etc/hosts if you want do get + The content that should be appended to your /etc/hosts if you want to get hostname-based access to the deployed nodes (useful for testing without setting up a DNS). value: {get_attr: [allNodesConfigImpl, config, hosts]} diff --git a/puppet/ceph-storage.yaml b/puppet/ceph-storage.yaml index b6a1007a..ede1263b 100644 --- a/puppet/ceph-storage.yaml +++ b/puppet/ceph-storage.yaml @@ -59,6 +59,13 @@ parameters: description: > Heat action when to apply network configuration changes default: ['CREATE'] + SoftwareConfigTransport: + default: POLL_SERVER_CFN + description: | + How the server should receive the metadata required for software configuration. + type: string + constraints: + - allowed_values: [POLL_SERVER_CFN, POLL_SERVER_HEAT, POLL_TEMP_URL, ZAQAR_MESSAGE] CloudDomain: default: '' type: string @@ -89,6 +96,7 @@ resources: user_data_format: SOFTWARE_CONFIG user_data: {get_resource: UserData} name: {get_param: Hostname} + software_config_transport: {get_param: SoftwareConfigTransport} metadata: {get_param: ServerMetadata} scheduler_hints: {get_param: SchedulerHints} @@ -112,6 +120,16 @@ resources: NodeUserData: type: OS::TripleO::NodeUserData + ExternalPort: + type: OS::TripleO::CephStorage::Ports::ExternalPort + properties: + ControlPlaneIP: {get_attr: [CephStorage, networks, ctlplane, 0]} + + InternalApiPort: + type: OS::TripleO::CephStorage::Ports::InternalApiPort + properties: + ControlPlaneIP: {get_attr: [CephStorage, networks, ctlplane, 0]} + StoragePort: type: OS::TripleO::CephStorage::Ports::StoragePort properties: @@ -122,26 +140,48 @@ resources: properties: ControlPlaneIP: {get_attr: [CephStorage, networks, ctlplane, 0]} + TenantPort: + type: OS::TripleO::CephStorage::Ports::TenantPort + properties: + ControlPlaneIP: {get_attr: [CephStorage, networks, ctlplane, 0]} + + ManagementPort: + type: OS::TripleO::CephStorage::Ports::ManagementPort + properties: + ControlPlaneIP: {get_attr: [CephStorage, networks, ctlplane, 0]} + NetworkConfig: type: OS::TripleO::CephStorage::Net::SoftwareConfig properties: ControlPlaneIp: {get_attr: [CephStorage, networks, ctlplane, 0]} + ExternalIpSubnet: {get_attr: [ExternalPort, ip_subnet]} + InternalApiIpSubnet: {get_attr: [InternalApiPort, ip_subnet]} StorageIpSubnet: {get_attr: [StoragePort, ip_subnet]} StorageMgmtIpSubnet: {get_attr: [StorageMgmtPort, ip_subnet]} + TenantIpSubnet: {get_attr: [TenantPort, ip_subnet]} + ManagementIpSubnet: {get_attr: [ManagementPort, ip_subnet]} NetIpMap: type: OS::TripleO::Network::Ports::NetIpMap properties: ControlPlaneIp: {get_attr: [CephStorage, networks, ctlplane, 0]} + ExternalIp: {get_attr: [ExternalPort, ip_address]} + InternalApiIp: {get_attr: [InternalApiPort, ip_address]} StorageIp: {get_attr: [StoragePort, ip_address]} StorageMgmtIp: {get_attr: [StorageMgmtPort, ip_address]} + TenantIp: {get_attr: [TenantPort, ip_address]} + ManagementIp: {get_attr: [ManagementPort, ip_address]} NetIpSubnetMap: type: OS::TripleO::Network::Ports::NetIpSubnetMap properties: ControlPlaneIp: {get_attr: [CephStorage, networks, ctlplane, 0]} + ExternalIpSubnet: {get_attr: [ExternalPort, ip_subnet]} + InternalApiIpSubnet: {get_attr: [InternalApiPort, ip_subnet]} StorageIpSubnet: {get_attr: [StoragePort, ip_subnet]} StorageMgmtIpSubnet: {get_attr: [StorageMgmtPort, ip_subnet]} + TenantIpSubnet: {get_attr: [TenantPort, ip_subnet]} + ManagementIpSubnet: {get_attr: [ManagementPort, ip_subnet]} NetworkDeployment: type: OS::TripleO::SoftwareDeployment @@ -241,12 +281,24 @@ outputs: description: Heat resource handle for the ceph storage server value: {get_resource: CephStorage} + external_ip_address: + description: IP address of the server in the external network + value: {get_attr: [ExternalPort, ip_address]} + internal_api_ip_address: + description: IP address of the server in the internal_api network + value: {get_attr: [InternalApiPort, ip_address]} storage_ip_address: description: IP address of the server in the storage network value: {get_attr: [StoragePort, ip_address]} storage_mgmt_ip_address: description: IP address of the server in the storage_mgmt network value: {get_attr: [StorageMgmtPort, ip_address]} + tenant_ip_address: + description: IP address of the server in the tenant network + value: {get_attr: [TenantPort, ip_address]} + management_ip_address: + description: IP address of the server in the management network + value: {get_attr: [ManagementPort, ip_address]} config_identifier: description: identifier which changes if the node configuration may need re-applying value: diff --git a/puppet/cinder-storage.yaml b/puppet/cinder-storage.yaml index fc197059..9fdd0123 100644 --- a/puppet/cinder-storage.yaml +++ b/puppet/cinder-storage.yaml @@ -17,7 +17,6 @@ parameters: description: The size of the loopback file used by the cinder LVM driver. type: number CinderPassword: - default: unset description: The password for the cinder service and db account, used by cinder-api. type: string hidden: true @@ -70,7 +69,6 @@ parameters: description: The user name for SNMPd with readonly rights running on all Overcloud nodes type: string SnmpdReadonlyUserPassword: - default: unset description: The user password for SNMPd with readonly rights running on all Overcloud nodes type: string hidden: true @@ -112,6 +110,13 @@ parameters: description: > Heat action when to apply network configuration changes default: ['CREATE'] + SoftwareConfigTransport: + default: POLL_SERVER_CFN + description: | + How the server should receive the metadata required for software configuration. + type: string + constraints: + - allowed_values: [POLL_SERVER_CFN, POLL_SERVER_HEAT, POLL_TEMP_URL, ZAQAR_MESSAGE] CloudDomain: default: '' type: string @@ -143,6 +148,7 @@ resources: user_data_format: SOFTWARE_CONFIG user_data: {get_resource: UserData} name: {get_param: Hostname} + software_config_transport: {get_param: SoftwareConfigTransport} metadata: {get_param: ServerMetadata} scheduler_hints: {get_param: SchedulerHints} @@ -166,6 +172,11 @@ resources: NodeUserData: type: OS::TripleO::NodeUserData + ExternalPort: + type: OS::TripleO::BlockStorage::Ports::ExternalPort + properties: + ControlPlaneIP: {get_attr: [BlockStorage, networks, ctlplane, 0]} + InternalApiPort: type: OS::TripleO::BlockStorage::Ports::InternalApiPort properties: @@ -181,21 +192,37 @@ resources: properties: ControlPlaneIP: {get_attr: [BlockStorage, networks, ctlplane, 0]} + TenantPort: + type: OS::TripleO::BlockStorage::Ports::TenantPort + properties: + ControlPlaneIP: {get_attr: [BlockStorage, networks, ctlplane, 0]} + + ManagementPort: + type: OS::TripleO::BlockStorage::Ports::ManagementPort + properties: + ControlPlaneIP: {get_attr: [BlockStorage, networks, ctlplane, 0]} + NetworkConfig: type: OS::TripleO::BlockStorage::Net::SoftwareConfig properties: ControlPlaneIp: {get_attr: [BlockStorage, networks, ctlplane, 0]} + ExternalIpSubnet: {get_attr: [ExternalPort, ip_subnet]} InternalApiIpSubnet: {get_attr: [InternalApiPort, ip_subnet]} StorageIpSubnet: {get_attr: [StoragePort, ip_subnet]} StorageMgmtIpSubnet: {get_attr: [StorageMgmtPort, ip_subnet]} + TenantIpSubnet: {get_attr: [TenantPort, ip_subnet]} + ManagementIpSubnet: {get_attr: [ManagementPort, ip_subnet]} NetIpMap: type: OS::TripleO::Network::Ports::NetIpMap properties: ControlPlaneIp: {get_attr: [BlockStorage, networks, ctlplane, 0]} + ExternalIp: {get_attr: [ExternalPort, ip_address]} InternalApiIp: {get_attr: [InternalApiPort, ip_address]} StorageIp: {get_attr: [StoragePort, ip_address]} StorageMgmtIp: {get_attr: [StorageMgmtPort, ip_address]} + TenantIp: {get_attr: [TenantPort, ip_address]} + ManagementIp: {get_attr: [ManagementPort, ip_address]} NetworkDeployment: type: OS::TripleO::SoftwareDeployment @@ -316,6 +343,9 @@ outputs: description: Heat resource handle for the block storage server value: {get_resource: BlockStorage} + external_ip_address: + description: IP address of the server in the external network + value: {get_attr: [ExternalPort, ip_address]} internal_api_ip_address: description: IP address of the server in the internal_api network value: {get_attr: [InternalApiPort, ip_address]} @@ -325,6 +355,12 @@ outputs: storage_mgmt_ip_address: description: IP address of the server in the storage_mgmt network value: {get_attr: [StorageMgmtPort, ip_address]} + tenant_ip_address: + description: IP address of the server in the tenant network + value: {get_attr: [TenantPort, ip_address]} + management_ip_address: + description: IP address of the server in the management network + value: {get_attr: [ManagementPort, ip_address]} config_identifier: description: identifier which changes if the node configuration may need re-applying value: diff --git a/puppet/compute.yaml b/puppet/compute.yaml index 43ef5820..0d3e0754 100644 --- a/puppet/compute.yaml +++ b/puppet/compute.yaml @@ -5,7 +5,6 @@ description: > parameters: AdminPassword: - default: unset description: The password for the keystone admin account, used for monitoring, querying neutron etc. type: string hidden: true @@ -16,12 +15,10 @@ parameters: constraints: - allowed_values: ['', Present] CeilometerMeteringSecret: - default: unset description: Secret shared by the ceilometer services. type: string hidden: true CeilometerPassword: - default: unset description: The password for the ceilometer service account. type: string hidden: true @@ -110,7 +107,6 @@ parameters: VLAN on the 'datacentre' physical network (See NeutronBridgeMappings). type: comma_delimited_list NeutronPassword: - default: unset description: The password for the neutron service account, used by neutron agents. type: string hidden: true @@ -146,7 +142,6 @@ parameters: default: 'False' type: string NeutronMetadataProxySharedSecret: - default: 'unset' description: Shared secret to prevent spoofing type: string hidden: true @@ -210,7 +205,6 @@ parameters: description: Whether to enable or not the Rbd backend for Nova type: boolean NovaPassword: - default: unset description: The password for the nova service account, used by nova-api. type: string hidden: true @@ -256,7 +250,6 @@ parameters: description: The user name for SNMPd with readonly rights running on all Overcloud nodes type: string SnmpdReadonlyUserPassword: - default: unset description: The user password for SNMPd with readonly rights running on all Overcloud nodes type: string hidden: true @@ -288,6 +281,13 @@ parameters: description: > Heat action when to apply network configuration changes default: ['CREATE'] + SoftwareConfigTransport: + default: POLL_SERVER_CFN + description: | + How the server should receive the metadata required for software configuration. + type: string + constraints: + - allowed_values: [POLL_SERVER_CFN, POLL_SERVER_HEAT, POLL_TEMP_URL, ZAQAR_MESSAGE] CloudDomain: default: '' type: string @@ -321,6 +321,7 @@ resources: user_data_format: SOFTWARE_CONFIG user_data: {get_resource: UserData} name: {get_param: Hostname} + software_config_transport: {get_param: SoftwareConfigTransport} metadata: {get_param: ServerMetadata} scheduler_hints: {get_param: SchedulerHints} @@ -344,6 +345,11 @@ resources: NodeUserData: type: OS::TripleO::NodeUserData + ExternalPort: + type: OS::TripleO::Compute::Ports::ExternalPort + properties: + ControlPlaneIP: {get_attr: [NovaCompute, networks, ctlplane, 0]} + InternalApiPort: type: OS::TripleO::Compute::Ports::InternalApiPort properties: @@ -354,26 +360,42 @@ resources: properties: ControlPlaneIP: {get_attr: [NovaCompute, networks, ctlplane, 0]} + StorageMgmtPort: + type: OS::TripleO::Compute::Ports::StorageMgmtPort + properties: + ControlPlaneIP: {get_attr: [NovaCompute, networks, ctlplane, 0]} + TenantPort: type: OS::TripleO::Compute::Ports::TenantPort properties: ControlPlaneIP: {get_attr: [NovaCompute, networks, ctlplane, 0]} + ManagementPort: + type: OS::TripleO::Compute::Ports::ManagementPort + properties: + ControlPlaneIP: {get_attr: [NovaCompute, networks, ctlplane, 0]} + NetIpMap: type: OS::TripleO::Network::Ports::NetIpMap properties: ControlPlaneIp: {get_attr: [NovaCompute, networks, ctlplane, 0]} + ExternalIp: {get_attr: [ExternalPort, ip_address]} InternalApiIp: {get_attr: [InternalApiPort, ip_address]} StorageIp: {get_attr: [StoragePort, ip_address]} + StorageMgmtIp: {get_attr: [StorageMgmtPort, ip_address]} TenantIp: {get_attr: [TenantPort, ip_address]} + ManagementIp: {get_attr: [ManagementPort, ip_address]} NetworkConfig: type: OS::TripleO::Compute::Net::SoftwareConfig properties: ControlPlaneIp: {get_attr: [NovaCompute, networks, ctlplane, 0]} + ExternalIpSubnet: {get_attr: [ExternalPort, ip_subnet]} InternalApiIpSubnet: {get_attr: [InternalApiPort, ip_subnet]} StorageIpSubnet: {get_attr: [StoragePort, ip_subnet]} + StorageMgmtIpSubnet: {get_attr: [StorageMgmtPort, ip_subnet]} TenantIpSubnet: {get_attr: [TenantPort, ip_subnet]} + ManagementIpSubnet: {get_attr: [ManagementPort, ip_subnet]} NetworkDeployment: type: OS::TripleO::SoftwareDeployment @@ -404,6 +426,7 @@ resources: - common - cisco_n1kv_data # Optionally provided by ComputeExtraConfigPre - nova_nuage_data # Optionally provided by ComputeExtraConfigPre + - midonet_data # Optionally provided by AllNodesExtraConfig datafiles: compute_extraconfig: mapped_data: {get_param: NovaComputeExtraConfig} @@ -620,15 +643,24 @@ outputs: ip_address: description: IP address of the server in the ctlplane network value: {get_attr: [NovaCompute, networks, ctlplane, 0]} + external_ip_address: + description: IP address of the server in the external network + value: {get_attr: [ExternalPort, ip_address]} internal_api_ip_address: description: IP address of the server in the internal_api network value: {get_attr: [InternalApiPort, ip_address]} storage_ip_address: description: IP address of the server in the storage network value: {get_attr: [StoragePort, ip_address]} + storage_mgmt_ip_address: + description: IP address of the server in the storage_mgmt network + value: {get_attr: [StorageMgmtPort, ip_address]} tenant_ip_address: description: IP address of the server in the tenant network value: {get_attr: [TenantPort, ip_address]} + management_ip_address: + description: IP address of the server in the management network + value: {get_attr: [ManagementPort, ip_address]} hostname: description: Hostname of the server value: {get_attr: [NovaCompute, name]} diff --git a/puppet/controller.yaml b/puppet/controller.yaml index 7089f60b..4ec62762 100644 --- a/puppet/controller.yaml +++ b/puppet/controller.yaml @@ -10,12 +10,10 @@ parameters: type: string hidden: true AdminPassword: - default: unset description: The password for the keystone admin account, used for monitoring, querying neutron etc. type: string hidden: true AdminToken: - default: unset description: The keystone auth secret and db password. type: string hidden: true @@ -27,12 +25,10 @@ parameters: description: The ceilometer backend type. type: string CeilometerMeteringSecret: - default: unset description: Secret shared by the ceilometer services. type: string hidden: true CeilometerPassword: - default: unset description: The password for the ceilometer service and db account. type: string hidden: true @@ -76,7 +72,6 @@ parameters: CinderEnableNfsBackend is true. type: comma_delimited_list CinderPassword: - default: unset description: The password for the cinder service and db account, used by cinder-api. type: string hidden: true @@ -98,6 +93,15 @@ parameters: description: | Controller specific hiera configuration data to inject into the cluster. type: json + ControllerIPs: + default: {} + description: > + A network mapped list of IPs to assign to Controllers in the following form: + { + "internal_api": ["a.b.c.d", "e.f.g.h"], + ... + } + type: json ControlVirtualInterface: default: 'br-ex' description: Interface where virtual ip will be assigned. @@ -178,7 +182,6 @@ parameters: type: string default: '' GlancePassword: - default: unset description: The password for the glance service and db account, used by the glance services. type: string hidden: true @@ -222,14 +225,12 @@ parameters: description: Number of workers for Glance service. type: number HeatPassword: - default: unset description: The password for the Heat service and db account, used by the Heat services. type: string hidden: true HeatStackDomainAdminPassword: description: Password for heat_domain_admin user. type: string - default: '' hidden: true HeatAuthEncryptionKey: description: Auth encryption key for heat-engine @@ -387,7 +388,6 @@ parameters: description: Whether to configure Neutron Distributed Virtual Routers type: string NeutronMetadataProxySharedSecret: - default: 'unset' description: Shared secret to prevent spoofing type: string hidden: true @@ -449,7 +449,6 @@ parameters: VLAN on the 'datacentre' physical network (See NeutronBridgeMappings). type: comma_delimited_list NeutronPassword: - default: unset description: The password for the neutron service and db account, used by neutron agents. type: string hidden: true @@ -504,7 +503,6 @@ parameters: description: Number of workers for Neutron service. type: number NovaPassword: - default: unset description: The password for the nova service and db account, used by nova-api. type: string hidden: true @@ -568,12 +566,10 @@ parameters: description: The user name for SNMPd with readonly rights running on all Overcloud nodes type: string SnmpdReadonlyUserPassword: - default: unset description: The user password for SNMPd with readonly rights running on all Overcloud nodes type: string hidden: true SwiftHashSuffix: - default: unset description: A random string to be used as a salt when hashing to determine mappings in the ring. hidden: true @@ -591,7 +587,6 @@ parameters: description: Partition Power to use when building Swift rings type: number SwiftPassword: - default: unset description: The password for the swift service account, used by the swift proxy services. hidden: true @@ -662,6 +657,13 @@ parameters: NodeIndex: type: number default: 0 + SoftwareConfigTransport: + default: POLL_SERVER_CFN + description: | + How the server should receive the metadata required for software configuration. + type: string + constraints: + - allowed_values: [POLL_SERVER_CFN, POLL_SERVER_HEAT, POLL_TEMP_URL, ZAQAR_MESSAGE] CloudDomain: default: '' type: string @@ -693,6 +695,7 @@ resources: user_data_format: SOFTWARE_CONFIG user_data: {get_resource: UserData} name: {get_param: Hostname} + software_config_transport: {get_param: SoftwareConfigTransport} metadata: {get_param: ServerMetadata} scheduler_hints: {get_param: SchedulerHints} @@ -719,26 +722,41 @@ resources: ExternalPort: type: OS::TripleO::Controller::Ports::ExternalPort properties: + IPPool: {get_param: ControllerIPs} + NodeIndex: {get_param: NodeIndex} ControlPlaneIP: {get_attr: [Controller, networks, ctlplane, 0]} InternalApiPort: type: OS::TripleO::Controller::Ports::InternalApiPort properties: + IPPool: {get_param: ControllerIPs} + NodeIndex: {get_param: NodeIndex} ControlPlaneIP: {get_attr: [Controller, networks, ctlplane, 0]} StoragePort: type: OS::TripleO::Controller::Ports::StoragePort properties: + IPPool: {get_param: ControllerIPs} + NodeIndex: {get_param: NodeIndex} ControlPlaneIP: {get_attr: [Controller, networks, ctlplane, 0]} StorageMgmtPort: type: OS::TripleO::Controller::Ports::StorageMgmtPort properties: + IPPool: {get_param: ControllerIPs} + NodeIndex: {get_param: NodeIndex} ControlPlaneIP: {get_attr: [Controller, networks, ctlplane, 0]} TenantPort: type: OS::TripleO::Controller::Ports::TenantPort properties: + IPPool: {get_param: ControllerIPs} + NodeIndex: {get_param: NodeIndex} + ControlPlaneIP: {get_attr: [Controller, networks, ctlplane, 0]} + + ManagementPort: + type: OS::TripleO::Controller::Ports::ManagementPort + properties: ControlPlaneIP: {get_attr: [Controller, networks, ctlplane, 0]} NetIpMap: @@ -750,6 +768,7 @@ resources: StorageIp: {get_attr: [StoragePort, ip_address]} StorageMgmtIp: {get_attr: [StorageMgmtPort, ip_address]} TenantIp: {get_attr: [TenantPort, ip_address]} + ManagementIp: {get_attr: [ManagementPort, ip_address]} NetIpSubnetMap: type: OS::TripleO::Network::Ports::NetIpSubnetMap @@ -760,6 +779,7 @@ resources: StorageIpSubnet: {get_attr: [StoragePort, ip_subnet]} StorageMgmtIpSubnet: {get_attr: [StorageMgmtPort, ip_subnet]} TenantIpSubnet: {get_attr: [TenantPort, ip_subnet]} + ManagementIpSubnet: {get_attr: [ManagementPort, ip_subnet]} NetworkConfig: type: OS::TripleO::Controller::Net::SoftwareConfig @@ -770,6 +790,7 @@ resources: StorageIpSubnet: {get_attr: [StoragePort, ip_subnet]} StorageMgmtIpSubnet: {get_attr: [StorageMgmtPort, ip_subnet]} TenantIpSubnet: {get_attr: [TenantPort, ip_subnet]} + ManagementIpSubnet: {get_attr: [ManagementPort, ip_subnet]} NetworkDeployment: type: OS::TripleO::SoftwareDeployment @@ -1119,6 +1140,7 @@ resources: - neutron_cisco_data # Optionally provided by ControllerExtraConfigPre - cisco_n1kv_data # Optionally provided by ControllerExtraConfigPre - neutron_nuage_data # Optionally provided by ControllerExtraConfigPre + - midonet_data #Optionally provided by AllNodesExtraConfig datafiles: controller_extraconfig: mapped_data: {get_param: ControllerExtraConfig} @@ -1415,12 +1437,7 @@ resources: tripleo::loadbalancer::control_virtual_interface: {get_input: control_virtual_interface} tripleo::loadbalancer::public_virtual_interface: {get_input: public_virtual_interface} tripleo::loadbalancer::haproxy_log_address: {get_input: haproxy_log_address} - # NOTE(jaosorior): The service certificate configuration for - # HAProxy was left commented because to properly use this, we - # need to be able to set up the keystone endpoints. And - # currently that is not possible, but is being addressed by - # other commits. A subsequent commit will uncomment this. - #tripleo::loadbalancer::service_certificate: {get_attr: [NodeTLSData, deployed_ssl_certificate_path]} + tripleo::loadbalancer::service_certificate: {get_attr: [NodeTLSData, deployed_ssl_certificate_path]} tripleo::packages::enable_install: {get_input: enable_package_install} tripleo::packages::enable_upgrade: {get_input: enable_package_upgrade} @@ -1470,6 +1487,9 @@ outputs: tenant_ip_address: description: IP address of the server in the tenant network value: {get_attr: [TenantPort, ip_address]} + management_ip_address: + description: IP address of the server in the management network + value: {get_attr: [ManagementPort, ip_address]} hostname: description: Hostname of the server value: {get_attr: [Controller, name]} diff --git a/puppet/extraconfig/all_nodes/neutron-midonet-all-nodes.yaml b/puppet/extraconfig/all_nodes/neutron-midonet-all-nodes.yaml new file mode 100644 index 00000000..26ce7138 --- /dev/null +++ b/puppet/extraconfig/all_nodes/neutron-midonet-all-nodes.yaml @@ -0,0 +1,119 @@ +heat_template_version: 2015-10-15 + +description: Configure hieradata for all MidoNet nodes + +parameters: + # Parameters passed from the parent template + controller_servers: + type: json + compute_servers: + type: json + blockstorage_servers: + type: json + objectstorage_servers: + type: json + cephstorage_servers: + type: json + + EnableZookeeperOnController: + label: Enable Zookeeper On Controller + description: 'Whether enable Zookeeper cluster on Controller' + type: boolean + default: false + EnableCassandraOnController: + label: Enable Cassandra On Controller + description: 'Whether enable Cassandra cluster on Controller' + type: boolean + default: false + CassandraStoragePort: + label: Cassandra Storage Port + description: 'The Cassandra port for inter-node communication' + type: string + default: '7000' + CassandraSslStoragePort: + label: Cassandra SSL Storage Port + description: 'The SSL port for encrypted communication. Unused unless enabled in encryption_options' + type: string + default: '7001' + CassandraClientPort: + label: Cassandra Client Port + description: 'Native Transport Port' + type: string + default: '9042' + CassandraClientPortThrift: + label: Cassandra Client Thrift Port + description: 'The port for the Thrift RPC service, which is used for client connections' + type: string + default: '9160' + TunnelZoneName: + label: Name of the Tunnelzone + description: 'Name of the tunnel zone used to tunnel packages' + type: string + default: 'tunnelzone_tripleo' + TunnelZoneType: + label: Type of the Tunnel + description: 'Type of the tunnels on the overlay. Choose between `gre` and `vxlan`' + type: string + default: 'vxlan' + +resources: + + NetworkMidoNetConfig: + type: OS::Heat::StructuredConfig + properties: + group: os-apply-config + config: + hiera: + datafiles: + midonet_data: + mapped_data: + enable_zookeeper_on_controller: {get_param: EnableZookeeperOnController} + enable_cassandra_on_controller: {get_param: EnableCassandraOnController} + midonet_tunnelzone_name: {get_param: TunnelZoneName} + midonet_tunnelzone_type: {get_param: TunnelZoneType} + midonet_libvirt_qemu_data: | + user = "root" + group = "root" + cgroup_device_acl = [ + "/dev/null", "/dev/full", "/dev/zero", + "/dev/random", "/dev/urandom", + "/dev/ptmx", "/dev/kvm", "/dev/kqemu", + "/dev/rtc","/dev/hpet", "/dev/vfio/vfio", + "/dev/net/tun" + ] + tripleo::cluster::cassandra::storage_port: {get_param: CassandraStoragePort} + tripleo::cluster::cassandra::ssl_storage_port: {get_param: CassandraSslStoragePort} + tripleo::cluster::cassandra::client_port: {get_param: CassandraClientPort} + tripleo::cluster::cassandra::client_port_thrift: {get_param: CassandraClientPortThrift} + tripleo::loadbalancer::midonet_api: true + # Missed Neutron Puppet data + neutron::agents::dhcp::interface_driver: 'neutron.agent.linux.interface.MidonetInterfaceDriver' + neutron::agents::dhcp::dhcp_driver: 'midonet.neutron.agent.midonet_driver.DhcpNoOpDriver' + neutron::plugins::midonet::midonet_api_port: 8081 + neutron::params::midonet_server_package: 'python-networking-midonet' + + # Make sure the l3 agent does not run + l3_agent_service: false + neutron::agents::l3::manage_service: false + neutron::agents::l3::enabled: false + + + NetworkMidonetDeploymentControllers: + type: OS::Heat::StructuredDeploymentGroup + properties: + config: {get_resource: NetworkMidoNetConfig} + servers: {get_param: controller_servers} + + NetworkMidonetDeploymentComputes: + type: OS::Heat::StructuredDeploymentGroup + properties: + config: {get_resource: NetworkMidoNetConfig} + servers: {get_param: compute_servers} + +outputs: + config_identifier: + value: + list_join: + - ' ' + - - {get_attr: [NetworkMidonetDeploymentControllers, deploy_stdouts]} + - {get_attr: [NetworkMidonetDeploymentComputes, deploy_stdouts]} diff --git a/puppet/manifests/overcloud_compute.pp b/puppet/manifests/overcloud_compute.pp index e0566ac1..79a6abbb 100644 --- a/puppet/manifests/overcloud_compute.pp +++ b/puppet/manifests/overcloud_compute.pp @@ -68,11 +68,19 @@ if hiera('cinder_enable_nfs_backend', false) { } include ::nova::compute::libvirt +if hiera('neutron::core_plugin') == 'midonet.neutron.plugin_v1.MidonetPluginV2' { + file {'/etc/libvirt/qemu.conf': + ensure => present, + content => hiera('midonet_libvirt_qemu_data') + } +} include ::nova::network::neutron include ::neutron # If the value of core plugin is set to 'nuage', # include nuage agent, +# If the value of core plugin is set to 'midonet', +# include midonet agent, # else use the default value of 'ml2' if hiera('neutron::core_plugin') == 'neutron.plugins.nuage.plugin.NuagePlugin' { include ::nuage::vrs @@ -84,7 +92,20 @@ if hiera('neutron::core_plugin') == 'neutron.plugins.nuage.plugin.NuagePlugin' { nova_metadata_ip => hiera('nova_metadata_node_ips'), nova_auth_ip => hiera('keystone_public_api_virtual_ip'), } -} else { +} +elsif hiera('neutron::core_plugin') == 'midonet.neutron.plugin_v1.MidonetPluginV2' { + + # TODO(devvesa) provide non-controller ips for these services + $zookeeper_node_ips = hiera('neutron_api_node_ips') + $cassandra_node_ips = hiera('neutron_api_node_ips') + + class {'::tripleo::network::midonet::agent': + zookeeper_servers => $zookeeper_node_ips, + cassandra_seeds => $cassandra_node_ips + } +} +else { + include ::neutron::plugins::ml2 include ::neutron::agents::ml2::ovs diff --git a/puppet/manifests/overcloud_controller.pp b/puppet/manifests/overcloud_controller.pp index 7d3012e5..a84a534b 100644 --- a/puppet/manifests/overcloud_controller.pp +++ b/puppet/manifests/overcloud_controller.pp @@ -230,13 +230,61 @@ if hiera('step') >= 3 { include ::nova::scheduler include ::nova::scheduler::filter - include ::neutron + if hiera('neutron::core_plugin') == 'midonet.neutron.plugin_v1.MidonetPluginV2' { + + # TODO(devvesa) provide non-controller ips for these services + $zookeeper_node_ips = hiera('neutron_api_node_ips') + $cassandra_node_ips = hiera('neutron_api_node_ips') + + # Run zookeeper in the controller if configured + if hiera('enable_zookeeper_on_controller') { + class {'::tripleo::cluster::zookeeper': + zookeeper_server_ips => $zookeeper_node_ips, + zookeeper_client_ip => $ipaddress, + zookeeper_hostnames => hiera('controller_node_names') + } + } + + # Run cassandra in the controller if configured + if hiera('enable_cassandra_on_controller') { + class {'::tripleo::cluster::cassandra': + cassandra_servers => $cassandra_node_ips, + cassandra_ip => $ipaddress + } + } + + class {'::tripleo::network::midonet::agent': + zookeeper_servers => $zookeeper_node_ips, + cassandra_seeds => $cassandra_node_ips + } + + class {'::tripleo::network::midonet::api': + zookeeper_servers => $zookeeper_node_ips, + vip => $ipaddress, + keystone_ip => $ipaddress, + keystone_admin_token => hiera('keystone::admin_token'), + bind_address => $ipaddress, + admin_password => hiera('admin_password') + } + + # TODO: find a way to get an empty list from hiera + class {'::neutron': + service_plugins => [] + } + + } + else { + + # ML2 plugin + include ::neutron + } + include ::neutron::server include ::neutron::server::notifications # If the value of core plugin is set to 'nuage', - # include nuage core plugin, - # else use the default value of 'ml2' + # include nuage core plugin, and it does not + # need the l3, dhcp and metadata agents if hiera('neutron::core_plugin') == 'neutron.plugins.nuage.plugin.NuagePlugin' { include ::neutron::plugins::nuage } else { @@ -252,45 +300,57 @@ if hiera('step') >= 3 { require => Package['neutron'], } - include ::neutron::plugins::ml2 - include ::neutron::agents::ml2::ovs - - if 'cisco_n1kv' in hiera('neutron::plugins::ml2::mechanism_drivers') { - include ::neutron::plugins::ml2::cisco::nexus1000v + # If the value of core plugin is set to 'midonet', + # skip all the ML2 configuration + if hiera('neutron::core_plugin') == 'midonet.neutron.plugin_v1.MidonetPluginV2' { - class { '::neutron::agents::n1kv_vem': - n1kv_source => hiera('n1kv_vem_source', undef), - n1kv_version => hiera('n1kv_vem_version', undef), + class {'::neutron::plugins::midonet': + midonet_api_ip => $ipaddress, + keystone_tenant => hiera('neutron::server::auth_tenant'), + keystone_password => hiera('neutron::server::auth_password') } + } else { + + include ::neutron::plugins::ml2 + include ::neutron::agents::ml2::ovs + + if 'cisco_n1kv' in hiera('neutron::plugins::ml2::mechanism_drivers') { + include ::neutron::plugins::ml2::cisco::nexus1000v - class { '::n1k_vsm': - n1kv_source => hiera('n1kv_vsm_source', undef), - n1kv_version => hiera('n1kv_vsm_version', undef), - pacemaker_control => false, + class { '::neutron::agents::n1kv_vem': + n1kv_source => hiera('n1kv_vem_source', undef), + n1kv_version => hiera('n1kv_vem_version', undef), + } + + class { '::n1k_vsm': + n1kv_source => hiera('n1kv_vsm_source', undef), + n1kv_version => hiera('n1kv_vsm_version', undef), + pacemaker_control => false, + } } - } - if 'cisco_ucsm' in hiera('neutron::plugins::ml2::mechanism_drivers') { - include ::neutron::plugins::ml2::cisco::ucsm - } - if 'cisco_nexus' in hiera('neutron::plugins::ml2::mechanism_drivers') { - include ::neutron::plugins::ml2::cisco::nexus - include ::neutron::plugins::ml2::cisco::type_nexus_vxlan - } + if 'cisco_ucsm' in hiera('neutron::plugins::ml2::mechanism_drivers') { + include ::neutron::plugins::ml2::cisco::ucsm + } + if 'cisco_nexus' in hiera('neutron::plugins::ml2::mechanism_drivers') { + include ::neutron::plugins::ml2::cisco::nexus + include ::neutron::plugins::ml2::cisco::type_nexus_vxlan + } - if hiera('neutron_enable_bigswitch_ml2', false) { - include ::neutron::plugins::ml2::bigswitch::restproxy - } - neutron_l3_agent_config { - 'DEFAULT/ovs_use_veth': value => hiera('neutron_ovs_use_veth', false); - } - neutron_dhcp_agent_config { - 'DEFAULT/ovs_use_veth': value => hiera('neutron_ovs_use_veth', false); + if hiera('neutron_enable_bigswitch_ml2', false) { + include ::neutron::plugins::ml2::bigswitch::restproxy + } + neutron_l3_agent_config { + 'DEFAULT/ovs_use_veth': value => hiera('neutron_ovs_use_veth', false); + } + neutron_dhcp_agent_config { + 'DEFAULT/ovs_use_veth': value => hiera('neutron_ovs_use_veth', false); + } + Service['neutron-server'] -> Service['neutron-ovs-agent-service'] } Service['neutron-server'] -> Service['neutron-dhcp-service'] Service['neutron-server'] -> Service['neutron-l3'] - Service['neutron-server'] -> Service['neutron-ovs-agent-service'] Service['neutron-server'] -> Service['neutron-metadata'] } diff --git a/puppet/manifests/overcloud_controller_pacemaker.pp b/puppet/manifests/overcloud_controller_pacemaker.pp index ad356e33..d0d46e2d 100644 --- a/puppet/manifests/overcloud_controller_pacemaker.pp +++ b/puppet/manifests/overcloud_controller_pacemaker.pp @@ -592,8 +592,54 @@ if hiera('step') >= 3 { } include ::nova::network::neutron - # Neutron class definitions - include ::neutron + if hiera('neutron::core_plugin') == 'midonet.neutron.plugin_v1.MidonetPluginV2' { + + # TODO(devvesa) provide non-controller ips for these services + $zookeeper_node_ips = hiera('neutron_api_node_ips') + $cassandra_node_ips = hiera('neutron_api_node_ips') + + # Run zookeeper in the controller if configured + if hiera('enable_zookeeper_on_controller') { + class {'::tripleo::cluster::zookeeper': + zookeeper_server_ips => $zookeeper_node_ips, + zookeeper_client_ip => $ipaddress, + zookeeper_hostnames => hiera('controller_node_names') + } + } + + # Run cassandra in the controller if configured + if hiera('enable_cassandra_on_controller') { + class {'::tripleo::cluster::cassandra': + cassandra_servers => $cassandra_node_ips, + cassandra_ip => $ipaddress + } + } + + class {'::tripleo::network::midonet::agent': + zookeeper_servers => $zookeeper_node_ips, + cassandra_seeds => $cassandra_node_ips + } + + class {'::tripleo::network::midonet::api': + zookeeper_servers => hiera('neutron_api_node_ips'), + vip => $public_vip, + keystone_ip => $public_vip, + keystone_admin_token => hiera('keystone::admin_token'), + bind_address => $ipaddress, + admin_password => hiera('admin_password') + } + + # Configure Neutron + class {'::neutron': + service_plugins => [] + } + + } + else { + # Neutron class definitions + include ::neutron + } + class { '::neutron::server' : sync_db => $sync_db, manage_service => false, @@ -603,6 +649,13 @@ if hiera('step') >= 3 { if hiera('neutron::core_plugin') == 'neutron.plugins.nuage.plugin.NuagePlugin' { include ::neutron::plugins::nuage } + if hiera('neutron::core_plugin') == 'midonet.neutron.plugin_v1.MidonetPluginV2' { + class {'::neutron::plugins::midonet': + midonet_api_ip => $public_vip, + keystone_tenant => hiera('neutron::server::auth_tenant'), + keystone_password => hiera('neutron::server::auth_password') + } + } if hiera('neutron::enable_dhcp_agent',true) { class { '::neutron::agents::dhcp' : manage_service => false, @@ -1095,6 +1148,11 @@ if hiera('step') >= 4 { clone_params => 'interleave=true', } } + if hiera('neutron::core_plugin') == 'midonet.neutron.plugin_v1.MidonetPluginV2' { + pacemaker::resource::service {'tomcat': + clone_params => 'interleave=true', + } + } if hiera('neutron::enable_metadata_agent', true) { pacemaker::resource::service { $::neutron::params::metadata_agent_service: clone_params => 'interleave=true', @@ -1145,7 +1203,6 @@ if hiera('step') >= 4 { } } - #another chain keystone-->neutron-server-->ovs-agent-->dhcp-->l3 pacemaker::constraint::base { 'keystone-to-neutron-server-constraint': constraint_type => 'order', first_resource => "${::keystone::params::service_name}-clone", @@ -1221,6 +1278,43 @@ if hiera('step') >= 4 { Pacemaker::Resource::Service[$::neutron::params::metadata_agent_service]] } } + if hiera('neutron::core_plugin') == 'midonet.neutron.plugin_v1.MidonetPluginV2' { + #midonet-chain chain keystone-->neutron-server-->dhcp-->metadata->tomcat + pacemaker::constraint::base { 'neutron-server-to-dhcp-agent-constraint': + constraint_type => 'order', + first_resource => "${::neutron::params::server_service}-clone", + second_resource => "${::neutron::params::dhcp_agent_service}-clone", + first_action => 'start', + second_action => 'start', + require => [Pacemaker::Resource::Service[$::neutron::params::server_service], + Pacemaker::Resource::Service[$::neutron::params::dhcp_agent_service]], + } + pacemaker::constraint::base { 'neutron-dhcp-agent-to-metadata-agent-constraint': + constraint_type => 'order', + first_resource => "${::neutron::params::dhcp_agent_service}-clone", + second_resource => "${::neutron::params::metadata_agent_service}-clone", + first_action => 'start', + second_action => 'start', + require => [Pacemaker::Resource::Service[$::neutron::params::dhcp_agent_service], + Pacemaker::Resource::Service[$::neutron::params::metadata_agent_service]], + } + pacemaker::constraint::base { 'neutron-metadata-agent-to-tomcat-constraint': + constraint_type => 'order', + first_resource => "${::neutron::params::metadata_agent_service}-clone", + second_resource => 'tomcat-clone', + first_action => 'start', + second_action => 'start', + require => [Pacemaker::Resource::Service[$::neutron::params::metadata_agent_service], + Pacemaker::Resource::Service['tomcat']], + } + pacemaker::constraint::colocation { 'neutron-dhcp-agent-to-metadata-agent-colocation': + source => "${::neutron::params::metadata_agent_service}-clone", + target => "${::neutron::params::dhcp_agent_service}-clone", + score => 'INFINITY', + require => [Pacemaker::Resource::Service[$::neutron::params::dhcp_agent_service], + Pacemaker::Resource::Service[$::neutron::params::metadata_agent_service]], + } + } # Nova pacemaker::resource::service { $::nova::params::api_service_name : diff --git a/puppet/swift-storage.yaml b/puppet/swift-storage.yaml index 721dcba4..b60664a1 100644 --- a/puppet/swift-storage.yaml +++ b/puppet/swift-storage.yaml @@ -7,7 +7,6 @@ parameters: constraints: - custom_constraint: nova.flavor HashSuffix: - default: unset description: A random string to be used as a salt when hashing to determine mappings in the ring. hidden: true @@ -40,7 +39,6 @@ parameters: description: The user name for SNMPd with readonly rights running on all Overcloud nodes type: string SnmpdReadonlyUserPassword: - default: unset description: The user password for SNMPd with readonly rights running on all Overcloud nodes type: string hidden: true @@ -82,6 +80,13 @@ parameters: description: > Heat action when to apply network configuration changes default: ['CREATE'] + SoftwareConfigTransport: + default: POLL_SERVER_CFN + description: | + How the server should receive the metadata required for software configuration. + type: string + constraints: + - allowed_values: [POLL_SERVER_CFN, POLL_SERVER_HEAT, POLL_TEMP_URL, ZAQAR_MESSAGE] CloudDomain: default: '' type: string @@ -112,6 +117,7 @@ resources: user_data_format: SOFTWARE_CONFIG user_data: {get_resource: UserData} name: {get_param: Hostname} + software_config_transport: {get_param: SoftwareConfigTransport} metadata: {get_param: ServerMetadata} scheduler_hints: {get_param: SchedulerHints} @@ -135,6 +141,11 @@ resources: NodeUserData: type: OS::TripleO::NodeUserData + ExternalPort: + type: OS::TripleO::SwiftStorage::Ports::ExternalPort + properties: + ControlPlaneIP: {get_attr: [SwiftStorage, networks, ctlplane, 0]} + InternalApiPort: type: OS::TripleO::SwiftStorage::Ports::InternalApiPort properties: @@ -150,21 +161,37 @@ resources: properties: ControlPlaneIP: {get_attr: [SwiftStorage, networks, ctlplane, 0]} + TenantPort: + type: OS::TripleO::SwiftStorage::Ports::TenantPort + properties: + ControlPlaneIP: {get_attr: [SwiftStorage, networks, ctlplane, 0]} + + ManagementPort: + type: OS::TripleO::SwiftStorage::Ports::ManagementPort + properties: + ControlPlaneIP: {get_attr: [SwiftStorage, networks, ctlplane, 0]} + NetworkConfig: type: OS::TripleO::ObjectStorage::Net::SoftwareConfig properties: ControlPlaneIp: {get_attr: [SwiftStorage, networks, ctlplane, 0]} + ExternalIpSubnet: {get_attr: [ExternalPort, ip_subnet]} InternalApiIpSubnet: {get_attr: [InternalApiPort, ip_subnet]} StorageIpSubnet: {get_attr: [StoragePort, ip_subnet]} StorageMgmtIpSubnet: {get_attr: [StorageMgmtPort, ip_subnet]} + TenantIpSubnet: {get_attr: [TenantPort, ip_subnet]} + ManagementIpSubnet: {get_attr: [ManagementPort, ip_subnet]} NetIpMap: type: OS::TripleO::Network::Ports::NetIpMap properties: ControlPlaneIp: {get_attr: [SwiftStorage, networks, ctlplane, 0]} + ExternalIp: {get_attr: [ExternalPort, ip_address]} InternalApiIp: {get_attr: [InternalApiPort, ip_address]} StorageIp: {get_attr: [StoragePort, ip_address]} StorageMgmtIp: {get_attr: [StorageMgmtPort, ip_address]} + TenantIp: {get_attr: [TenantPort, ip_address]} + ManagementIp: {get_attr: [ManagementPort, ip_address]} NetworkDeployment: type: OS::TripleO::SoftwareDeployment @@ -283,6 +310,9 @@ outputs: template: 'r1z1-IP:%PORT%/d1' params: IP: {get_attr: [NetIpMap, net_ip_map, {get_param: [ServiceNetMap, SwiftMgmtNetwork]}]} + external_ip_address: + description: IP address of the server in the external network + value: {get_attr: [ExternalPort, ip_address]} internal_api_ip_address: description: IP address of the server in the internal_api network value: {get_attr: [InternalApiPort, ip_address]} @@ -292,6 +322,12 @@ outputs: storage_mgmt_ip_address: description: IP address of the server in the storage_mgmt network value: {get_attr: [StorageMgmtPort, ip_address]} + tenant_ip_address: + description: IP address of the server in the tenant network + value: {get_attr: [TenantPort, ip_address]} + management_ip_address: + description: IP address of the server in the management network + value: {get_attr: [ManagementPort, ip_address]} config_identifier: description: identifier which changes if the node configuration may need re-applying value: |