aboutsummaryrefslogtreecommitdiffstats
path: root/network
AgeCommit message (Collapse)AuthorFilesLines
2016-08-12Convert ServiceNetMap to a nested templateSteven Hardy1-0/+92
We introduce a new ServiceNetMap resource which enables some more flexible mappings between the services and their networks. Specifically this patch means: 1. ServiceNetMap no longer has to specify the entire list of all services, operators may if they wish, but a subset is now valid where you want to accept the defaults for some services (the defaults are now accessible via the ServiceNetMapDefaults parameter. 2. We can map some keys which don't fit a pattern that enables conversion from CamelCase to snake_case which is required for compatibility with the service_names in puppet/services* This should be backwards compatible, and in future when we remove internal dependency on the CamelCase names, we could also enable operators to specify e.g heat_api_network in ServiceNetMap which would be more consistent. Change-Id: Ib60198adf76bb69ffbafbfac739e356d153f6194 Partially-Implements: blueprint custom-roles
2016-08-11Convert EndpointMap to not require per-service VIP parametersSteven Hardy3-319/+2259
Currently we have a hard-coded set of per-service parameters, which will cause problems for custom roles and full composability. As a first step towards making this more configurable, remove the hard-coded per-service parameters from overcloud.yaml, and adjust the EndpointMap generation to instead accept two mappings, the ServiceNetMap and a mapping of networks to IPs (effectively this just moves the map lookup inside the endpoint map instead of inside overcloud.yaml) Change-Id: Ib522e89c36eed2115a6586dd5a6770907d9b33db Partially-Implements: blueprint custom-roles
2016-08-11Merge "Add hieradata for Manila v1 and v2 endpoints"Jenkins2-0/+120
2016-08-11Merge "Add support for cinder v3 endpoint"Jenkins2-1/+121
2016-08-11Add hieradata for Manila v1 and v2 endpointsJuan Antonio Osorio Robles2-1/+121
manila::keystone::auth assumes that two endpoints will be created; one for each version of Manila. This is not consistent with what we provide to the manifest. So we then add the needed endpoint to the EndpointMap. v2 is left as the default (not needing to specify a version when getting the value from the endpoint map), and v1 was added as an extra suffix. Change-Id: Ie8754fbb21f50c2613a2c05a52d771f4d1aeb4bb
2016-08-10Add support for cinder v3 endpointJuan Antonio Osorio Robles2-1/+121
This adds the needed parts for the keystone endpoint of cinder v3 API. Change-Id: Ic56446095e72b9e469a7b0e9ea5159fa31847381
2016-08-09Allow map_replace substitution of network namesSteven Hardy1-0/+21
To allow per-node data such as bind_ip's to move into the composable services templates, we do a value substitution on the config settings hiera map, where e.g internal_api will be replaced with the NetIpMap IP assigned to that. To enable subnet/uri lookup via the same method, we add all the subnet/uri mappings to the main net_ip_map output. Change-Id: I7850d4dc8bf4db5f7ac6a6b53c1d900b561b4580
2016-08-08Updates and fixes to NIC config template routesDan Sneddon26-43/+730
This change adds the ManagementInterfaceDefaultRoute parameter for setting the Management network as the default route in some deployments. Notes were added to indicate that if the Management network is used as the default gateway, then the default route on the control plane should be commented out. The sample network-environment.yaml was modified to include the ManagementInterfaceDefaultRoute, but this is commented out like the rest of the Management network parameters. This change also adds the ControlPlaneDefaultRoute and ExternalInterfaceDefaultRoute to all templates, so that if the networks are customized, the NIC configs can be modified without having to modify the parameters section of the template. The default for the ExternalInterfaceDefaultRoute is '10.0.0.1', and the default for ManagementInterfaceDefaultRoute is set to 'unset'. This change also converts the single-nic-linux-bridge-vlans from DHCP to static IPs on the Control Plane Interface, bringing these templates in line with the rest of the NIC config templates. The parameters needed to be updated in these templates as well. The controller-v6.yaml templates had a default value of "10.0.0.1" for the ExternalInterfaceDefaultRoute. This was confusing, and is now undefined. This change also sets a default gateway on the Control Plane in controller-no-external.yaml templates. Change-Id: I8ea6733fe46902e1baeff4ccfbcd42ecc5a1825f
2016-08-02Enable Manila integration - as a composable controller serviceRyan Hefner2-0/+136
Allows the installation and configuration of Manila. Supports the generic driver only. This has a dependency on the puppet-tripleo classes for manila where the puppet specific config now lives. The review at https://review.openstack.org/#/c/315658/ has been merge into this one, as of v68, so manila lands as a composable service. This was brought up on the mailing list at [1] [1] http://lists.openstack.org/pipermail/openstack-dev/2016-May/096126.html Co-Authored-By: Marios Andreou <marios@redhat.com> Implements: blueprint composable-services-within-roles Depends-On: I444916d60a67bf730bf4089323dba1c1429e2e71 Depends-On: I9eda4b3364e5c59342761a1ec71b0eb567c69cf1 Depends-On: I571b65a5402c1028418476a573ebeb9450ed00c9 Change-Id: I7acebac4354fca1f8d7ff6c343c1346bf29b81c6
2016-07-25Merge "Remove tenant_id from nova v2.1 endpoint"Jenkins2-6/+6
2016-07-08Pass MysqlVirtualIP without brackets to EndpointMapGiulio Fidente2-0/+47
While the endpoints do need brackets around IPv6 addresses these are not wanted by some of the puppet classes so we must pass the non bracketed version as well. It will allow us to remove the need for the MysqlVirtualIP param passed to the controller role thouh when hieradata/database.yaml is emptied. Change-Id: If264b02a134b96368035f032e05d02e84f6499ed
2016-06-30Merge "Basic support for deploying Ironic in overcloud"Jenkins2-0/+136
2016-06-29Basic support for deploying Ironic in overcloudImre Farkas2-0/+136
Note that this change is not enough yet to deploy bare metal instances, it only deploys Ironic services themselves and makes sure they work. Also it does not support HA for now. Co-Authored-By: Dmitry Tantsur <dtansur@redhat.com> Partially-implements: blueprint ironic-integration Change-Id: I541be905022264e2d4828e7c46338f2e300df540
2016-06-25Convert noop NetworkExtraConfig to OS::Heat::NoneSteven Hardy1-3/+0
This avoids creating an empty nested stack. Change-Id: Icce0bfab005a69fce42f58956dcc81acea805e74
2016-06-24Merge "Add network ExtraConfig hook"Jenkins2-0/+6
2016-06-20Add IPv6 support for the management networkMarius Cornea2-0/+121
This change introduces the ability to use IPv6 addressing for the management network by passing the network-management-v6.yaml environment file. It also adjusts the network-management.yaml environment file to point to the right network config templates. Change-Id: I7f797c49f03b2623a08e033bdf45772edff0f08f
2016-06-14Add gateway_ip in OS::Neutron::SubnetDimitri Savineau11-1/+24
This patch allows to : - disable the gateway ip for non routable network - use the first ip in the subnet - set the correct gateway on the external network Change-Id: Idc816c782856e93ecd339b3aca2a7f53c1564b1d Closes-bug: #1588379 Depends-On: I8ea6733fe46902e1baeff4ccfbcd42ecc5a1825f
2016-05-30Pass MysqlVirtualIP via EndpointMapGiulio Fidente2-1/+42
By passing the MysqlVirtualIP via the EndpointMap we won't need it to be provided as a parameter to the services. This follows what is already happening for the glance registry service with I9186e56cd4746a60e65dc5ac12e6595ac56505f0. Change-Id: Iad2ab389bf64d0fc8b06eb0e7d29b5370ff27dff Co-Authored-By: Juan Antonio Osorio Robles <jaosorior@redhat.com>
2016-05-24Merge "Dump IPs configuration as hieradata"Jenkins2-48/+40
2016-05-23Update management_from_pool template version to 2015-10-15Giulio Fidente1-1/+1
The str_split function was added after the 2015-04-30 release so it wasn't working as intended. Change-Id: Ib8827879182e6ea3bd2227b0cfa77f70aabb0ac6 Closes-Bug: 1575622
2016-05-19Merge "add heat-api-cfn to endpoint map"Jenkins2-0/+135
2016-05-18Dump IPs configuration as hieradataGiulio Fidente2-48/+40
This might be useful if we switch to %{hiera()} calls to lookup the bind address from within a service. Also gets rid of NetIpSubnetMap and provides same output from NetIpMap instead. Change-Id: I328a417d1f1fff9c31e9ad7b2b5083ac19bc7329
2016-05-16Remove tenant_id from nova v2.1 endpointBen Nemec2-6/+6
Per the nova devs on [1], this is not necessary. Change-Id: I11974432c995b22b3c98ef9ae2adc3508d9cc536 1: https://review.openstack.org/#/c/316241/1/manifests/keystone/auth.pp
2016-05-16Remove Nova EC2 deploymentEmilien Macchi2-135/+0
Nova EC2 does not exist anymore since Mitaka, parameters are already deprecated in Mitaka and send warnings to the Puppet catalog. The service has been replaced by ec2api project, where Puppet OpenStack team is currently writting a module. In the meantime we add support in TripleO, this patch removes all occurences of Nova EC2 configuration, which are useless and send warnings for nothing. Change-Id: Ief2d0e5c77b5ac58560606fee930fbd66c40ffc3
2016-05-12add heat-api-cfn to endpoint mapSteven Hardy2-0/+135
Change-Id: I8f98ce92fc387d2263fda738c1c8a209e3cbbb85
2016-04-29Use str_split to compute netmask in _v6 port templatesGiulio Fidente11-44/+22
Change-Id: I282dbc025500b1628d4f08a49b54a2adefd38b5f
2016-04-28Fix the Sahara public endpoint and make it point to the Public VIPGiulio Fidente2-4/+4
Change-Id: Iff287b9ea46100800e386efb98371be7ab48361f
2016-04-22Fix the ManagementNetValueSpecs param typeMatt Wisch1-1/+1
The ManagementNetValueSpecs param type is currently set to string. This change sets the param to the correct type of json, allowing the network value specs to correctly parse. Example Management Network value spec: {'provider:physical_network': 'management', 'provider:network_type': 'flat'} Change-Id: I5b12c7251690368d79a4d00725a9d6e0d5e75af8 Closes-Bug: #1573649
2016-04-21Fix controller-no-external.yaml in bonded configs.Dan Sneddon1-0/+31
For some reason the controller-no-external.yaml template is configured for DHCP on the control plane interface. We switched to static control plane IPs before the controller-no-external.yaml was created (IIRC), so I'm not sure how that happened. This change brings the controller-no-external.yaml in line with the rest of the bonded NIC templates. Change-Id: I2ac929e241707db72a0beabf9d5cd7fc14b90f76
2016-04-14Add GlanceRegistry to the endpoint mapDan Prince2-0/+45
This patch adds GlanceRegistry to the endpoint map. This will make accessing Glance registry setings via the endpoint map possible. Change-Id: I9186e56cd4746a60e65dc5ac12e6595ac56505f0
2016-04-11Deploy Gnocchi as a Ceilometer metrics storage backendPradeep Kilambi2-0/+127
* Deploy Gnocchi API. * Storage backends: swift, rbd and file. * Indexer backend default to mysql * Configure Ceilometer to send metrics datas to Gnocchi * Pacemaker config Depends-On: Ic8778a3104e0ed0460423e4bf857682220dc5802 Depends-On: I7d2eb9405e0171fc54fa0b616122f69db5f51ce2 Co-Authored-By: Pradeep Kilambi <pkilambi@redhat.com> Change-Id: Ifde17b1ab8fa2b30544633e455e1c7eb475705aa
2016-04-11Don't have separate protocols/ports for Keystone v3Zane Bitter2-48/+32
The change in ab068a824ed51e78bf111387223e58e885ec5c84 is described as temporary, so it would be better if it did not affect the EndpointMap parameter (which is effectively a public interface, since it may be overridden in an environment file). No configuration should end up with different ports/protocols/hosts for Keystone v2 and v3, and somebody customising them should not have to account for them separately. Nor should things break when the need to distinguish between v2 and v3 endpoints goes away. This change removes the KeystoneV3* keys from the EndpointMap input and uses the Keystone* keys instead, so that any change to the internal organisation becomes transparent to the user. Change-Id: If4cdd9232f4dbc9f2af651bbdfe68f09dc26ed2e
2016-04-08Remove network/noop.yaml, use OS::Heat::NoneDan Prince1-3/+0
Removes the old noop nested stack template for networks and instead uses OS::Heat::None instead. This should avoid a few extra resource checks on create and update. Change-Id: Ia3d7f62dbda2705ffc3d9edcddebcd3ece3cc9d2
2016-04-06Add network ExtraConfig hookPierre Blanc2-0/+6
Adds a post-network hook to execute some tasks before nodes deployment. This hook is execute one time (not for each node) during network step. It can be useful to execute scripts or templates before creating nodes. For example, we can use this hook for : - Deploy stuff used during the deployment of nodes. - Deploying network, backup, monitoring infrastructure. Change-Id: I3e999d73b55c5c27f70f722ec63ec8f2150bb5aa
2016-04-01Disable Nova v3 APIJiri Stransky2-120/+0
Microversions since Nova API v2.1 are aimed to replace the v3 work. The /v2.1 is backwards compatible with the legacy /v2 endpoint. What we called in the past /v3 is now something defunct in-tree. The /v2.1 API is based on the v3 work, but there are many things that differ, in particular with the backwards-compat thing. We keep the /v2 path in api-paste.ini for making sure an upgrade doesn't trample operators and users but if you look in tree, that's redirecting to the v2.1 codepath (just not asking for microversions). In summary, we only need one endpoint, ie. /v2.1. Additional information at https://bugzilla.redhat.com/show_bug.cgi?id=1291291 Related-Bug: #1564372 Change-Id: I1654665663bc5a19c201f7d25407910654ac1308 Depends-On: I6d64b8bcd0f79f1f298ddc809e6d92fbc2985c45
2016-03-24Merge "Deploy Aodh services, replacing Ceilometer Alarm"Jenkins2-0/+127
2016-03-20Deploy Aodh services, replacing Ceilometer AlarmPradeep Kilambi2-0/+127
Ceilometer Alarm is deprecated in Liberty by Aodh. This patch: * manage Aodh Keystone resources * deploy Aodh API under WSGI, Notifier, Listener and Evaluator * manage new parameters to customize Aodh deployment * uses ceilometer DB for the upgrade path * pacemaker config * Add migration logic to remove pcs resources Depends-On: I5333faa72e52d2aa2a622ac2d4b60825aadc52b5 Depends-On: Ib6c9c4c35da3fb55e0ca8e2d5a58ebaf4204d792 Co-Authored-By: Emilien Macchi <emilien@redhat.com> Change-Id: Ib47a22884afb032ebc1655e1a4a06bfe70249134
2016-03-18Remove GlanceRegistry from EndpointMapGiulio Fidente2-127/+0
We don't need an endpoint for the glance-registry service, that is used by glance-api when needed and is not meant to be user-facing. Change-Id: Ia6c9dd6164d3b91adbc937d70fa74d5fbbfb28a3
2016-03-15Merge "Fix typos"Jenkins7-10/+10
2016-03-09Make External Load Balancer templates work with IPv6Dan Sneddon7-0/+406
This change modifies the network isolation templates that allow for fixed IP addresses on the controllers' IPs and VIPs, and makes them compatible with IPv6 addresses. The latest version of the patchset creates an from_service_v6.yaml in order to properly handle service VIPs on IPv6 networks. Note that since OVS is not currently compatible with IPv6 tunnel endpoints, this patch does not yet enable IPv6 for the Tenant network by default. Change-Id: If881b000c6000ec13b54c0ee39f1c8940f079ae3 Co-Authored-By: Giulio Fidente <gfidente@redhat.com>
2016-03-08Fix typosSwapnil Kulkarni (coolsvap)7-10/+10
Multiple files in t-h-t were having small typos. Fixed in this patchset. . Change-Id: I82d7071747f47544990ed46e2be22931190406b3
2016-03-07Merge "Make the Neutron subnet ipv6_{ra,address}_mode configurable"Jenkins5-10/+50
2016-03-07Merge "Revert "Deploy Aodh services, replacing Ceilometer Alarm""Jenkins2-127/+0
2016-03-04Revert "Deploy Aodh services, replacing Ceilometer Alarm"James Slagle2-127/+0
This just a revert to see if reverting this gets back to a normal CI run time. This reverts commit f72aed85594f223b6f888e6d0af3c880ea581a66. Change-Id: I04a0893f6cf69f547a4db26261005e580e1fc90b
2016-03-05Make the Neutron subnet ipv6_{ra,address}_mode configurableGiulio Fidente5-10/+50
Use of slaac does not permit stati assignment of IPs to a Neutron port, so we default to dhcpv6-stateful instead. Change-Id: Id7f104be60ae05785a3d0a33516d7875a4698ed1
2016-03-05Add IPv6 versions of the Controller NIC configsDan Sneddon4-1/+513
This change adds Controller NIC configs for the sample NIC config templates that are compatible with IPv6 on the External network. These controller-v6.yaml templates include a default route for IPv6 on the External network, and a default route for IPv4 on the Control Plane. The Heat parameters ExternalNetworkDefaultRoute and ControlPlaneDefaultRoute are used to set these values. Change-Id: Ifed8cb359eae1d9d623d3eb2fe40ea8a0d1d889a
2016-03-04Add IPv6 Support to Isolated NetworksDan Sneddon32-2/+863
This change adds a new set of network templates with IPv6 subnets that can be used instead of the existing IPv4 networks. Each network can use either the IPv4 or IPv6 template, and the Neutron subnet will be created with the specified IP version. The default addresses used for the IPv6 networks use the fd00::/8 prefix for the internal isolated networks (this range is reserved for private use similar to 10.0.0.0/8), and 2001:db8:fd00:1000::/64 is used as an example default for the External network (2001:db8::/32 are the documentation addresses [RFC3849]), but this would ordinarily be a globally addressable subnet. These parameters may be overridden in an environment file. This change will require updates to the OpenStack Puppet Modules to support IPv6 addresses in some of the hieradata values. Many of the OPM modules already have IPv6 support to support IPv6 deployments in Packstack, but some OPM packages that apply only to Instack/TripleO deployments need to be updated. IPv6 addresses used in URLs need to be surrounded by brackets in order to differentiate IP address from port number. This change adds a new output to the network/ports resources for ip_address_uri, which is an IP address with brackets in the case of IPv6, and a raw IP address without brackets for IPv4 ports. This change also updates some URLs which are constructed in Heat. This has been tested and problems were found with Puppet not accepting IPv6 addresses. This is addressed in the latest Puppet. Additional changes were required to make this work with Ceph. IPv6 tunnel endpoints with Open vSwitch are not yet supported (although support is coming soon), so this review leaves the Tenant network as an isolated IPv4 network for the time being. Change-Id: Ie7a742bdf1db533edda2998a53d28528f80ef8e2
2016-03-04Allow for usage of pre-allocated IPs for the management networkSteven Hardy2-0/+49
Id3d4f12235501ae77200430a2dc022f378dce336 added support for pre-allocated IPs on the other overlay networks, but because the patch adding the managment network (I0813a13f60a4f797be04b34258a2cffa9ea7e84f) was under review around the same time, we missed adding the from_pool capability to the ManagementNetwork. Change-Id: If99f37634d5da7e7fb7cfc31232e926bd5ff074a
2016-03-03Merge "Deploy Aodh services, replacing Ceilometer Alarm"Jenkins2-0/+127
2016-03-03Deploy Aodh services, replacing Ceilometer AlarmEmilien Macchi2-0/+127
Ceilometer Alarm is deprecated in Liberty by Aodh. This patch: * manage Aodh Keystone resources * deploy Aodh API under WSGI, Notifier, Listener and Evaluator * manage new parameters to customize Aodh deployment * uses ceilometer DB for the upgrade path * pacemaker config Depends-On: I9e34485285829884d9c954b804e3bdd5d6e31635 Depends-On: I891985da9248a88c6ce2df1dd186881f582605ee Depends-On: Ied8ba5985f43a5c5b3be5b35a091aef6ed86572f Co-Authored-By: Pradeep Kilambi <pkilambi@redhat.com> Change-Id: I58d419173e80d2462accf7324c987c71420fd5f6