aboutsummaryrefslogtreecommitdiffstats
diff options
context:
space:
mode:
Diffstat
-rw-r--r--environments/net-single-nic-with-vlans.yaml13
-rw-r--r--network/config/single-nic-vlans/README.md19
-rw-r--r--network/config/single-nic-vlans/ceph-storage.yaml66
-rw-r--r--network/config/single-nic-vlans/cinder-storage.yaml73
-rw-r--r--network/config/single-nic-vlans/compute.yaml70
-rw-r--r--network/config/single-nic-vlans/controller.yaml82
-rw-r--r--network/config/single-nic-vlans/swift-storage.yaml73
-rw-r--r--overcloud-without-mergepy.yaml1
-rw-r--r--puppet/controller-puppet.yaml4
-rw-r--r--puppet/hieradata/common.yaml5
-rw-r--r--puppet/hieradata/compute.yaml2
-rw-r--r--puppet/hieradata/controller.yaml2
-rw-r--r--undercloud-bm-nova-config.yaml4
-rw-r--r--undercloud-source.yaml10
-rw-r--r--undercloud-vm-ironic-config.yaml4
-rw-r--r--undercloud-vm-nova-config.yaml4
16 files changed, 415 insertions, 17 deletions
diff --git a/environments/net-single-nic-with-vlans.yaml b/environments/net-single-nic-with-vlans.yaml
new file mode 100644
index 00000000..b087b3e4
--- /dev/null
+++ b/environments/net-single-nic-with-vlans.yaml
@@ -0,0 +1,13 @@
+# This template configures each role to use Vlans on a single nic for
+# each isolated network.
+# This template assumes use of network-isolation.yaml.
+#
+# FIXME: if/when we add functionality to heatclient to include heat
+# environment files we should think about using it here to automatically
+# include network-isolation.yaml.
+resource_registry:
+ OS::TripleO::BlockStorage::Net::SoftwareConfig: ../network/config/single-nic-vlans/cinder-storage.yaml
+ OS::TripleO::Compute::Net::SoftwareConfig: ../network/config/single-nic-vlans/compute.yaml
+ OS::TripleO::Controller::Net::SoftwareConfig: ../network/config/single-nic-vlans/controller.yaml
+ OS::TripleO::ObjectStorage::Net::SoftwareConfig: ../network/config/single-nic-vlans/swift-storage.yaml
+ OS::TripleO::CephStorage::Net::SoftwareConfig: ../network/config/single-nic-vlans/ceph-storage.yaml
diff --git a/network/config/single-nic-vlans/README.md b/network/config/single-nic-vlans/README.md
new file mode 100644
index 00000000..e3e16574
--- /dev/null
+++ b/network/config/single-nic-vlans/README.md
@@ -0,0 +1,19 @@
+This directory contains Heat templates to help configure
+Vlans on a single NICs for each Overcloud role.
+
+Configuration
+-------------
+
+To make use of these templates create a Heat environment that looks
+something like this:
+
+ resource\_registry:
+ OS::TripleO::BlockStorage::Net::SoftwareConfig: network/config/single-nic-vlans/cinder-storage.yaml
+ OS::TripleO::Compute::Net::SoftwareConfig: network/config/single-nic-vlans/compute.yaml
+ OS::TripleO::Controller::Net::SoftwareConfig: network/config/single-nic-vlans/controller.yaml
+ OS::TripleO::ObjectStorage::Net::SoftwareConfig: network/config/single-nic-vlans/swift-storage.yaml
+ OS::TripleO::CephStorage::Net::SoftwareConfig: network/config/single-nic-vlans/ceph-storage.yaml
+
+Or use this Heat environment file:
+
+ environments/net-single-nic-with-vlans.yaml
diff --git a/network/config/single-nic-vlans/ceph-storage.yaml b/network/config/single-nic-vlans/ceph-storage.yaml
new file mode 100644
index 00000000..0bc6253c
--- /dev/null
+++ b/network/config/single-nic-vlans/ceph-storage.yaml
@@ -0,0 +1,66 @@
+heat_template_version: 2015-04-30
+
+description: >
+ Software Config to drive os-net-config to configure VLANs for the
+ ceph storage role.
+
+parameters:
+ ExternalIpSubnet:
+ default: ''
+ description: IP address/subnet on the external network
+ type: string
+ InternalApiIpSubnet:
+ default: ''
+ description: IP address/subnet on the internal API network
+ type: string
+ StorageIpSubnet:
+ default: ''
+ description: IP address/subnet on the storage network
+ type: string
+ StorageMgmtIpSubnet:
+ default: ''
+ description: IP address/subnet on the storage mgmt network
+ type: string
+ TenantIpSubnet:
+ default: ''
+ description: IP address/subnet on the tenant network
+ type: string
+
+resources:
+ OsNetConfigImpl:
+ type: OS::Heat::StructuredConfig
+ properties:
+ group: os-apply-config
+ config:
+ os_net_config:
+ network_config:
+ -
+ type: ovs_bridge
+ name: {get_input: bridge_name}
+ use_dhcp: true
+ members:
+ -
+ type: interface
+ name: nic1
+ ovs_options: vlan_mode=trunk trunks=10,20,30,40,50
+ # force the MAC address of the bridge to this interface
+ primary: true
+ -
+ type: vlan
+ device: bond1
+ vlan_id: 30
+ addresses:
+ -
+ ip_netmask: {get_param: StorageIpSubnet}
+ -
+ type: vlan
+ device: bond1
+ vlan_id: 40
+ addresses:
+ -
+ ip_netmask: {get_param: StorageMgmtIpSubnet}
+
+outputs:
+ OS::stack_id:
+ description: The OsNetConfigImpl resource.
+ value: {get_resource: OsNetConfigImpl}
diff --git a/network/config/single-nic-vlans/cinder-storage.yaml b/network/config/single-nic-vlans/cinder-storage.yaml
new file mode 100644
index 00000000..1ca239c1
--- /dev/null
+++ b/network/config/single-nic-vlans/cinder-storage.yaml
@@ -0,0 +1,73 @@
+heat_template_version: 2015-04-30
+
+description: >
+ Software Config to drive os-net-config to configure VLANs for the
+ cinder storage role.
+
+parameters:
+ ExternalIpSubnet:
+ default: ''
+ description: IP address/subnet on the external network
+ type: string
+ InternalApiIpSubnet:
+ default: ''
+ description: IP address/subnet on the internal API network
+ type: string
+ StorageIpSubnet:
+ default: ''
+ description: IP address/subnet on the storage network
+ type: string
+ StorageMgmtIpSubnet:
+ default: ''
+ description: IP address/subnet on the storage mgmt network
+ type: string
+ TenantIpSubnet:
+ default: ''
+ description: IP address/subnet on the tenant network
+ type: string
+
+resources:
+ OsNetConfigImpl:
+ type: OS::Heat::StructuredConfig
+ properties:
+ group: os-apply-config
+ config:
+ os_net_config:
+ network_config:
+ -
+ type: ovs_bridge
+ name: {get_input: bridge_name}
+ use_dhcp: true
+ members:
+ -
+ type: interface
+ name: nic1
+ ovs_options: vlan_mode=trunk trunks=10,20,30,40,50
+ # force the MAC address of the bridge to this interface
+ primary: true
+ -
+ type: vlan
+ device: bond1
+ vlan_id: 20
+ addresses:
+ -
+ ip_netmask: {get_param: InternalApiIpSubnet}
+ -
+ type: vlan
+ device: bond1
+ vlan_id: 30
+ addresses:
+ -
+ ip_netmask: {get_param: StorageIpSubnet}
+ -
+ type: vlan
+ device: bond1
+ vlan_id: 40
+ addresses:
+ -
+ ip_netmask: {get_param: StorageMgmtIpSubnet}
+
+outputs:
+ OS::stack_id:
+ description: The OsNetConfigImpl resource.
+ value: {get_resource: OsNetConfigImpl}
diff --git a/network/config/single-nic-vlans/compute.yaml b/network/config/single-nic-vlans/compute.yaml
new file mode 100644
index 00000000..93fe0b50
--- /dev/null
+++ b/network/config/single-nic-vlans/compute.yaml
@@ -0,0 +1,70 @@
+heat_template_version: 2015-04-30
+
+description: >
+ Software Config to drive os-net-config to configure VLANs for the
+ compute role.
+
+parameters:
+ ExternalIpSubnet:
+ default: ''
+ description: IP address/subnet on the external network
+ type: string
+ InternalApiIpSubnet:
+ default: ''
+ description: IP address/subnet on the internal API network
+ type: string
+ StorageIpSubnet:
+ default: ''
+ description: IP address/subnet on the storage network
+ type: string
+ StorageMgmtIpSubnet:
+ default: ''
+ description: IP address/subnet on the storage mgmt network
+ type: string
+ TenantIpSubnet:
+ default: ''
+ description: IP address/subnet on the tenant network
+ type: string
+
+resources:
+ OsNetConfigImpl:
+ type: OS::Heat::StructuredConfig
+ properties:
+ group: os-apply-config
+ config:
+ os_net_config:
+ network_config:
+ -
+ type: ovs_bridge
+ name: {get_input: bridge_name}
+ use_dhcp: true
+ members:
+ -
+ type: interface
+ name: nic1
+ ovs_options: vlan_mode=trunk trunks=10,20,30,40,50
+ # force the MAC address of the bridge to this interface
+ primary: true
+ -
+ type: vlan
+ vlan_id: 20
+ addresses:
+ -
+ ip_netmask: {get_param: InternalApiIpSubnet}
+ -
+ type: vlan
+ vlan_id: 30
+ addresses:
+ -
+ ip_netmask: {get_param: StorageIpSubnet}
+ -
+ type: vlan
+ vlan_id: 50
+ addresses:
+ -
+ ip_netmask: {get_param: TenantIpSubnet}
+
+outputs:
+ OS::stack_id:
+ description: The OsNetConfigImpl resource.
+ value: {get_resource: OsNetConfigImpl}
diff --git a/network/config/single-nic-vlans/controller.yaml b/network/config/single-nic-vlans/controller.yaml
new file mode 100644
index 00000000..5e1d5d44
--- /dev/null
+++ b/network/config/single-nic-vlans/controller.yaml
@@ -0,0 +1,82 @@
+heat_template_version: 2015-04-30
+
+description: >
+ Software Config to drive os-net-config to configure VLANs for the
+ controller role.
+
+parameters:
+ ExternalIpSubnet:
+ default: ''
+ description: IP address/subnet on the external network
+ type: string
+ InternalApiIpSubnet:
+ default: ''
+ description: IP address/subnet on the internal API network
+ type: string
+ StorageIpSubnet:
+ default: ''
+ description: IP address/subnet on the storage network
+ type: string
+ StorageMgmtIpSubnet:
+ default: ''
+ description: IP address/subnet on the storage mgmt network
+ type: string
+ TenantIpSubnet:
+ default: ''
+ description: IP address/subnet on the tenant network
+ type: string
+
+resources:
+ OsNetConfigImpl:
+ type: OS::Heat::StructuredConfig
+ properties:
+ group: os-apply-config
+ config:
+ os_net_config:
+ network_config:
+ -
+ type: ovs_bridge
+ name: {get_input: bridge_name}
+ use_dhcp: true
+ members:
+ -
+ type: interface
+ name: nic1
+ ovs_options: vlan_mode=trunk trunks=10,20,30,40,50
+ # force the MAC address of the bridge to this interface
+ primary: true
+ -
+ type: vlan
+ vlan_id: 10
+ addresses:
+ -
+ ip_netmask: {get_param: ExternalIpSubnet}
+ -
+ type: vlan
+ vlan_id: 20
+ addresses:
+ -
+ ip_netmask: {get_param: InternalApiIpSubnet}
+ -
+ type: vlan
+ vlan_id: 30
+ addresses:
+ -
+ ip_netmask: {get_param: StorageIpSubnet}
+ -
+ type: vlan
+ vlan_id: 40
+ addresses:
+ -
+ ip_netmask: {get_param: StorageMgmtIpSubnet}
+ -
+ type: vlan
+ vlan_id: 50
+ addresses:
+ -
+ ip_netmask: {get_param: TenantIpSubnet}
+
+outputs:
+ OS::stack_id:
+ description: The OsNetConfigImpl resource.
+ value: {get_resource: OsNetConfigImpl}
diff --git a/network/config/single-nic-vlans/swift-storage.yaml b/network/config/single-nic-vlans/swift-storage.yaml
new file mode 100644
index 00000000..b2477175
--- /dev/null
+++ b/network/config/single-nic-vlans/swift-storage.yaml
@@ -0,0 +1,73 @@
+heat_template_version: 2015-04-30
+
+description: >
+ Software Config to drive os-net-config to configure VLANs for the
+ swift storage role.
+
+parameters:
+ ExternalIpSubnet:
+ default: ''
+ description: IP address/subnet on the external network
+ type: string
+ InternalApiIpSubnet:
+ default: ''
+ description: IP address/subnet on the internal API network
+ type: string
+ StorageIpSubnet:
+ default: ''
+ description: IP address/subnet on the storage network
+ type: string
+ StorageMgmtIpSubnet:
+ default: ''
+ description: IP address/subnet on the storage mgmt network
+ type: string
+ TenantIpSubnet:
+ default: ''
+ description: IP address/subnet on the tenant network
+ type: string
+
+resources:
+ OsNetConfigImpl:
+ type: OS::Heat::StructuredConfig
+ properties:
+ group: os-apply-config
+ config:
+ os_net_config:
+ network_config:
+ -
+ type: ovs_bridge
+ name: {get_input: bridge_name}
+ use_dhcp: true
+ members:
+ -
+ type: interface
+ name: nic1
+ ovs_options: vlan_mode=trunk trunks=10,20,30,40,50
+ # force the MAC address of the bridge to this interface
+ primary: true
+ -
+ type: vlan
+ device: bond1
+ vlan_id: 20
+ addresses:
+ -
+ ip_netmask: {get_param: InternalApiIpSubnet}
+ -
+ type: vlan
+ device: bond1
+ vlan_id: 30
+ addresses:
+ -
+ ip_netmask: {get_param: StorageIpSubnet}
+ -
+ type: vlan
+ device: bond1
+ vlan_id: 40
+ addresses:
+ -
+ ip_netmask: {get_param: StorageMgmtIpSubnet}
+
+outputs:
+ OS::stack_id:
+ description: The OsNetConfigImpl resource.
+ value: {get_resource: OsNetConfigImpl}
diff --git a/overcloud-without-mergepy.yaml b/overcloud-without-mergepy.yaml
index 899d6838..f9f0cbb7 100644
--- a/overcloud-without-mergepy.yaml
+++ b/overcloud-without-mergepy.yaml
@@ -629,6 +629,7 @@ resources:
NeutronPublicInterfaceIP: {get_param: NeutronPublicInterfaceIP}
NeutronFlatNetworks: {get_param: NeutronFlatNetworks}
NeutronBridgeMappings: {get_param: NeutronBridgeMappings}
+ NeutronEnableTunnelling: {get_param: NeutronEnableTunnelling}
NeutronNetworkVLANRanges: {get_param: NeutronNetworkVLANRanges}
NeutronPublicInterface: {get_param: NeutronPublicInterface}
NeutronPublicInterfaceDefaultRoute: {get_param: NeutronPublicInterfaceDefaultRoute}
diff --git a/puppet/controller-puppet.yaml b/puppet/controller-puppet.yaml
index 47c1c018..c874108a 100644
--- a/puppet/controller-puppet.yaml
+++ b/puppet/controller-puppet.yaml
@@ -244,7 +244,7 @@ parameters:
default: 'dvr_snat'
description: Agent mode for the neutron-l3-agent on the controller hosts
type: string
- NeutronL3HA: #FIXME this isn't wired in
+ NeutronL3HA:
default: 'False'
description: Whether to enable l3-agent HA
type: string
@@ -863,7 +863,7 @@ resources:
neutron_agent_mode: {get_input: neutron_agent_mode}
neutron_router_distributed: {get_input: neutron_router_distributed}
neutron_mechanism_drivers: {get_input: neutron_mechanism_drivers}
- neutron_allow_l3agent_failover: {get_input: neutron_allow_l3agent_failover}
+ neutron::server::allow_automatic_l3agent_failover: {get_input: neutron_allow_l3agent_failover}
neutron::server::l3_ha: {get_input: neutron_l3_ha}
neutron::plugins::ml2::network_vlan_ranges: {get_input: neutron_network_vlan_ranges}
neutron_bridge_mappings: {get_input: neutron_bridge_mappings}
diff --git a/puppet/hieradata/common.yaml b/puppet/hieradata/common.yaml
index c15d43ea..5901a9cf 100644
--- a/puppet/hieradata/common.yaml
+++ b/puppet/hieradata/common.yaml
@@ -13,6 +13,11 @@ nova::network::neutron::vif_plugging_is_fatal: false
nova::network::neutron::vif_plugging_timeout: 30
nova::network::neutron::dhcp_domain: ''
+neutron::plugins::ml2::tunnel_id_ranges:
+ - '1:1000'
+neutron::plugins::ml2::vni_ranges:
+ - '1:1000'
+
sysctl_settings:
net.ipv4.tcp_keepalive_intvl:
value: 1
diff --git a/puppet/hieradata/compute.yaml b/puppet/hieradata/compute.yaml
index a72c4850..4915d3c8 100644
--- a/puppet/hieradata/compute.yaml
+++ b/puppet/hieradata/compute.yaml
@@ -15,6 +15,4 @@ nova::compute::rbd::rbd_keyring: 'client.openstack'
nova::compute::rbd::libvirt_images_rbd_pool: 'vms'
nova::compute::rbd::libvirt_rbd_secret_uuid: "%{hiera('ceph::profile::params::fsid')}"
-neutron::plugins::ml2::tunnel_id_ranges: ['1:1000']
-
ceilometer::agent::auth::auth_tenant_name: 'service'
diff --git a/puppet/hieradata/controller.yaml b/puppet/hieradata/controller.yaml
index 4f46c7fb..4a506239 100644
--- a/puppet/hieradata/controller.yaml
+++ b/puppet/hieradata/controller.yaml
@@ -67,8 +67,6 @@ neutron::core_plugin: 'ml2'
neutron::service_plugins:
- 'neutron.services.l3_router.l3_router_plugin.L3RouterPlugin'
neutron::dhcp_agents_per_network: 2
-neutron::plugins::ml2::tunnel_id_ranges:
- - '1:1000'
neutron::server::sync_db: true
neutron::agents::dhcp::dnsmasq_config_file: /etc/neutron/dnsmasq-neutron.conf
diff --git a/undercloud-bm-nova-config.yaml b/undercloud-bm-nova-config.yaml
index e70c9099..306dc0a1 100644
--- a/undercloud-bm-nova-config.yaml
+++ b/undercloud-bm-nova-config.yaml
@@ -8,7 +8,7 @@ resources:
compute_driver: {get_param: NovaComputeDriver}
compute_manager: {get_param: NovaComputeManager}
scheduler_host_manager: {get_param: NovaSchedulerHostManager}
- db: mysql://nova:unset@localhost/nova
+ db: {list_join: ['', ['mysql://nova:', {get_param: NovaPassword}, '@localhost/nova']]}
default_ephemeral_format: ext4
host: 127.0.0.1
metadata-proxy: false
@@ -17,7 +17,7 @@ resources:
reserved_host_memory_mb: 0
baremetal:
arch: {get_input: nova_arch}
- db: mysql://nova:unset@localhost/nova_bm
+ db: {list_join: ['', ['mysql://nova:', {get_param: NovaPassword}, '@localhost/nova_bm']]}
power_manager: {get_input: power_manager}
pxe_deploy_timeout: {get_input: pxe_deploy_timeout}
service-password: {get_input: nova_service_password}
diff --git a/undercloud-source.yaml b/undercloud-source.yaml
index ce5b7e8d..6fe2066d 100644
--- a/undercloud-source.yaml
+++ b/undercloud-source.yaml
@@ -260,7 +260,7 @@ resources:
recheck_interval : 5
quorum_policy : ignore
ceilometer:
- db: mysql://ceilometer:unset@localhost/ceilometer
+ db: {list_join: ['', ['mysql://ceilometer:', {get_param: CeilometerPassword}, '@localhost/ceilometer']]}
debug: {get_param: Debug}
metering_secret: {get_param: CeilometerMeteringSecret}
snmpd_readonly_user_name:
@@ -272,7 +272,7 @@ resources:
db-password: unset
glance:
backend: file
- db: mysql://glance:unset@localhost/glance
+ db: {list_join: ['', ['mysql://glance:', {get_param: GlancePassword}, '@localhost/glance']]}
debug: {get_param: Debug}
host: 127.0.0.1
port:
@@ -291,14 +291,14 @@ resources:
admin_tenant_name: service
admin_user: heat
auth_encryption_key: unset___________
- db: mysql://heat:unset@localhost/heat
+ db: {list_join: ['', ['mysql://heat:', {get_param: HeatPassword}, '@localhost/heat']]}
debug: {get_param: Debug}
stack_domain_admin_password: {get_param: HeatStackDomainAdminPassword}
watch_server_url: {get_input: heat.watch_server_url}
metadata_server_url: {get_input: heat.metadata_server_url}
waitcondition_server_url: {get_input: heat.waitcondition_server_url}
keystone:
- db: mysql://keystone:unset@localhost/keystone
+ db: {list_join: ['', ['mysql://keystone:', {get_param: AdminToken}, '@localhost/keystone']]}
debug: {get_param: Debug}
host: 127.0.0.1
ca_certificate: {get_param: KeystoneCACertificate}
@@ -314,7 +314,7 @@ resources:
neutron:
debug: {get_param: Debug}
host: 127.0.0.1
- ovs_db: mysql://neutron:unset@localhost/ovs_neutron?charset=utf8
+ ovs_db: {list_join: ['', ['mysql://neutron:', {get_param: NeutronPassword}, '@localhost/ovs_neutron?charset=utf8']]}
ovs:
local_ip:
get_input: controller_host
diff --git a/undercloud-vm-ironic-config.yaml b/undercloud-vm-ironic-config.yaml
index f5aa4981..cc0dafb6 100644
--- a/undercloud-vm-ironic-config.yaml
+++ b/undercloud-vm-ironic-config.yaml
@@ -8,7 +8,7 @@ resources:
compute_driver: {get_param: NovaComputeDriver}
compute_manager: {get_param: NovaComputeManager}
scheduler_host_manager: {get_param: NovaSchedulerHostManager}
- db: mysql://nova:unset@localhost/nova
+ db: {list_join: ['', ['mysql://nova:', {get_param: NovaPassword}, '@localhost/nova']]}
debug: {get_param: Debug}
default_ephemeral_format: ext4
host: 127.0.0.1
@@ -22,6 +22,6 @@ resources:
properties:
config:
ironic:
- db: mysql://ironic:unset@localhost/ironic
+ db: {list_join: ['', ['mysql://ironic:', {get_param: IronicPassword}, '@localhost/ironic']]}
service-password: {get_input: ironic_service_password}
virtual_power_ssh_key: {get_input: virtual_power_ssh_key}
diff --git a/undercloud-vm-nova-config.yaml b/undercloud-vm-nova-config.yaml
index 9dbb8c22..1fb8abb3 100644
--- a/undercloud-vm-nova-config.yaml
+++ b/undercloud-vm-nova-config.yaml
@@ -8,7 +8,7 @@ resources:
compute_driver: {get_param: NovaComputeDriver}
compute_manager: {get_param: NovaComputeManager}
scheduler_host_manager: {get_param: NovaSchedulerHostManager}
- db: mysql://nova:unset@localhost/nova
+ db: {list_join: ['', ['mysql://nova:', {get_param: NovaPassword}, '@localhost/nova']]}
default_ephemeral_format: ext4
host: 127.0.0.1
metadata-proxy: false
@@ -17,7 +17,7 @@ resources:
reserved_host_memory_mb: 0
baremetal:
arch: {get_input: nova_arch}
- db: mysql://nova:unset@localhost/nova_bm
+ db: {list_join: ['', ['mysql://nova:', {get_param: NovaPassword}, '@localhost/nova_bm']]}
power_manager: {get_input: power_manager}
pxe_deploy_timeout: {get_input: pxe_deploy_timeout}
virtual_power: