Age | Commit message (Collapse) | Author | Files | Lines |
|
Currently we have a hard-coded list of ips for various services that
run on the controller, instead we can dynamically generate that list
of per-service ips, initially only for the controller but this approach
can be extended so it works for any role.
Change-Id: I3c8a946e439539d239ad7281a1395414df0893eb
Partially-Implements: blueprint custom-roles
|
|
Takes the net_ip_uri_map value from the *_uri values emitted
by net_ip_map instead.
Also removes TenantIp and TenantIpUri from net_vip_map_external
templates as there won't be any VIP on the tenant network.
Change-Id: Icdac3d58162891f5ca3d5c20f14fcdff1781996f
|
|
Change-Id: I83ca923140d7f8ca3101e851e88ca3107a99555a
|
|
To allow per-node data such as bind_ip's to move into the
composable services templates, we do a value substitution
on the config settings hiera map, where e.g internal_api
will be replaced with the NetIpMap IP assigned to that.
To enable subnet/uri lookup via the same method, we add
all the subnet/uri mappings to the main net_ip_map output.
Change-Id: I7850d4dc8bf4db5f7ac6a6b53c1d900b561b4580
|
|
This change introduces the ability to use IPv6 addressing for the
management network by passing the network-management-v6.yaml
environment file. It also adjusts the network-management.yaml
environment file to point to the right network config templates.
Change-Id: I7f797c49f03b2623a08e033bdf45772edff0f08f
|
|
|
|
The str_split function was added after the 2015-04-30 release so
it wasn't working as intended.
Change-Id: Ib8827879182e6ea3bd2227b0cfa77f70aabb0ac6
Closes-Bug: 1575622
|
|
This might be useful if we switch to %{hiera()} calls to lookup
the bind address from within a service.
Also gets rid of NetIpSubnetMap and provides same output from
NetIpMap instead.
Change-Id: I328a417d1f1fff9c31e9ad7b2b5083ac19bc7329
|
|
Change-Id: I282dbc025500b1628d4f08a49b54a2adefd38b5f
|
|
|
|
This change modifies the network isolation templates that allow for
fixed IP addresses on the controllers' IPs and VIPs, and makes them
compatible with IPv6 addresses.
The latest version of the patchset creates an from_service_v6.yaml
in order to properly handle service VIPs on IPv6 networks.
Note that since OVS is not currently compatible with IPv6 tunnel
endpoints, this patch does not yet enable IPv6 for the Tenant
network by default.
Change-Id: If881b000c6000ec13b54c0ee39f1c8940f079ae3
Co-Authored-By: Giulio Fidente <gfidente@redhat.com>
|
|
Multiple files in t-h-t were having small typos.
Fixed in this patchset.
.
Change-Id: I82d7071747f47544990ed46e2be22931190406b3
|
|
This change adds a new set of network templates with IPv6 subnets
that can be used instead of the existing IPv4 networks. Each network
can use either the IPv4 or IPv6 template, and the Neutron subnet will
be created with the specified IP version.
The default addresses used for the IPv6 networks use the fd00::/8
prefix for the internal isolated networks (this range is reserved
for private use similar to 10.0.0.0/8), and 2001:db8:fd00:1000::/64
is used as an example default for the External network
(2001:db8::/32 are the documentation addresses [RFC3849]), but this
would ordinarily be a globally addressable subnet. These
parameters may be overridden in an environment file.
This change will require updates to the OpenStack Puppet
Modules to support IPv6 addresses in some of the hieradata values.
Many of the OPM modules already have IPv6 support to support IPv6
deployments in Packstack, but some OPM packages that apply only to
Instack/TripleO deployments need to be updated.
IPv6 addresses used in URLs need to be surrounded by brackets in
order to differentiate IP address from port number. This change
adds a new output to the network/ports resources for
ip_address_uri, which is an IP address with brackets in the case
of IPv6, and a raw IP address without brackets for IPv4 ports.
This change also updates some URLs which are constructed in Heat.
This has been tested and problems were found with Puppet not
accepting IPv6 addresses. This is addressed in the latest Puppet.
Additional changes were required to make this work with Ceph.
IPv6 tunnel endpoints with Open vSwitch are not yet supported
(although support is coming soon), so this review leaves the
Tenant network as an isolated IPv4 network for the time being.
Change-Id: Ie7a742bdf1db533edda2998a53d28528f80ef8e2
|
|
Id3d4f12235501ae77200430a2dc022f378dce336 added support for pre-allocated
IPs on the other overlay networks, but because the patch adding the
managment network (I0813a13f60a4f797be04b34258a2cffa9ea7e84f) was
under review around the same time, we missed adding the from_pool
capability to the ManagementNetwork.
Change-Id: If99f37634d5da7e7fb7cfc31232e926bd5ff074a
|
|
Previously we used an interim workaround which required a 2 digit subnet
but now heat (as of liberty) has str_split, which was implemented for this
purpose.
Change-Id: I29bb5f407b717e26a09c8c661954ee07fff72d71
|
|
This change adds a system management network to all overcloud
nodes. The purpose of this network is for system administration,
for access to infrastructure services like DNS or NTP, or for
monitoring. This allows the management network to be placed on a
bond for redundancy, or for the system management network to be
an out-of-band network with no routing in or out. The management
network might also be configured as a default route instead of the
provisioning 'ctlplane' network.
This change does not enable the management network by default. An
environment file named network-management.yaml may be included to
enable the network and ports for each role. The included NIC config
templates have been updated with a block that may be uncommented
when the management network is enabled.
This change also contains some minor cleanup to the NIC templates,
particularly the multiple nic templates.
Change-Id: I0813a13f60a4f797be04b34258a2cffa9ea7e84f
|
|
This change adds a new *_from_pool.yaml meant to return an IP from
a list instead of allocating a Neutron port, useful to pick an IP
from a pre-defined list and making it possible to configure, for
example an external balancer in advance (or dns), with the future
IPs of the controller nodes.
The list of IPs is provided via parameter_defaults (in the
ControllerIPs struct) using ControllerIPs param.
Also some additional VipPort types are created for the *VirtualIP
resources. The VIPs were previously created using the same port
resource used by the nodes, but when deploying with an external
balancer we want the VIP resource to be nooped instead.
Change-Id: Id3d4f12235501ae77200430a2dc022f378dce336
|
|
|
|
|
|
Change-Id: Id63c1bcfc34058eb7285698ba9bf86d1cf2025a6
|
|
Changes VipMap into a new NetVipMap resource which defaults to
being the same as the 'old' VipMap. An environment file can be
used to map NetVipMap instead to the net_vip_map_external.yaml
which allows for passing in explicit Virtual IP addresses.
It also ensures that references to the Virtual IPs are gathered
from the VipMap resource and allows for an empty ControlPlaneIP
parameter in the neutron port templates where it can be.
Co-Authored-By: Giulio Fidente <gfidente@redhat.com>
Change-Id: Ifad32e18f12b9997e3f89e4afe3ebc4c30e14a86
|
|
This change adds to the internal_api, storage, storage_mgmt and
tenant network ports the FixedIPs param and make them consume it
when passed.
Change-Id: Ica2bca9f573b206cc60c9d572224a8cc7b9b8aa4
|
|
When using network isolation you might want to selective
move one of the services back to the default ctlplane network
by simply using the ServiceNetMap parameter. This patch
adds ctlplane to the output parameters for both
the net_ip_map and net_ip_list_map nested stacks so that
this is possible.
As part of this patch we also split out the NetIpSubnetMap
into its own unique nested stack so that the Heat input
parameters for this stack are more clearly named.
Change-Id: Iaa2dcaebeac896404e87ec0c635688b2a59a9e0f
|
|
This change brings PublicVirtualIP in line with the rest of the
VIPs in how it is created. This allows the network where
PublicVirtualIP is instantiated to be on cltplane when network
isolation is not used, and on the external network when network
isolation is used. This change removes the PublicVirtualNetwork
parameter, since it is no longer used. In order to continue to
support the PublicVirtualFixedIPs parameter, which is used to
provide a specific IP for the PublicVirtualIP, the FixedIP
parameter was added to cltplane_vip.yaml, vip.yaml, and
noop.yaml. The value of PublicVirtualIP is passed to FixedIP
in the VIP templates. This change also moves the default
network for keystone public api to the external net (which will
fallback to ctlplane if network isolation isn't used).
Change-Id: I3f5d35cbe55d3a148e95cf49dfbaad4874df960b
|
|
There are two files in network/ports which control the VIP
behavior called ctlplane_vip.yaml and vip.yaml. One of these
files was missing ControlPlaneNetwork, since it wasn't used
inside the template. Unfortunately, tuskar chokes on this,
even though Heat can build the stack just fine. This change
makes the vip.yaml and ctlplane_vip.yaml equivalent by adding
ControlPlaneNetwork to the vip.yaml template.
Change-Id: Ic20281e58a1130afe18d5aec505a3df199841fd5
|
|
The redis_vip should come from a Neutron Port as its cidr depends
on the Neutron Network configuration. This change adds 2 new files
and modifies 1 in the network/ports directory:
- noop.yaml - Passes through the ctlplane Controller IP (modified)
- ctlplane_vip.yaml - Creates a new VIP on the control plane
- vip.yaml - Creates a VIP on the named network (for isolated nets)
Also, changes to overcloud-without-mergepy.yaml create the
Redis Virtual IP. The standard resource registry was modified to
use noop.yaml for the new Redis VIP. The Puppet resource registry
was modified to use ctlplane_vip.yaml by default, but can be made
to use vip.yaml when network isolation is used by using an
environment file. vip.yaml will place the VIP according to the
ServiceNetMap, which can also be overridden.
We use this new VIP port definition to assign a VIP to Redis,
but follow-up patches will assign VIPs to the rest of the
services in a similar fashion.
Co-Authored-By: Dan Sneddon <dsneddon@redhat.com>
Change-Id: I2cb44ea7a057c4064d0e1999702623618ee3390c
|
|
For VIP ports we set an explicit name on the ports. This
patch adds an optional PortName parameter to the ports
objects which can be used to specify a name.
Change-Id: Iad0f5e4cfc31a931dbb574d9e589570125e9465c
|
|
This patch adds a new NetIpListMap abstraction which we can use
to make the all-nodes-config IP list network assignments
configurable. Ip address lists for all overcloud services
which require IPs were added to all-nodes-config so
that puppet manifests can be directly supplied the
correct network list for each service.
Change-Id: I209f2b4f97a4bb78648c54813dad8615770bcf1a
|
|
This patch adds a resource which constructs a Json output
parameter called net_ip_map which will allow us to easily
extract arbitrary IP addresses for each network using the
get_attr function in heat.
The goal is to use this data construct in each role
template to obtain the correct IP address on each
network.
Change-Id: I1a8c382651f8096f606ad38f78bbd76314fbae5f
|
|
This patch adds a set of templates to create ports on isolated
networks via Heat. There are 5 port templates in total
which are split out according to the available overcloud
networks.
Change-Id: I5175ef48c1960ea0d13fc8518328db53921c70cd
|