heat_template_version: pike

description: >
  OpenStack Neutron Compute OpenContrail plugin

parameters:
  ServiceData:
    default: {}
    description: Dictionary packing service data
    type: json
  ServiceNetMap:
    default: {}
    description: Mapping of service_name -> network name. Typically set
                 via parameter_defaults in the resource registry.  This
                 mapping overrides those in ServiceNetMapDefaults.
    type: json
  DefaultPasswords:
    default: {}
    type: json
  RoleName:
    default: ''
    description: Role name on which the service is applied
    type: string
  RoleParameters:
    default: {}
    description: Parameters specific to the role
    type: json
  EndpointMap:
    default: {}
    description: Mapping of service endpoint -> protocol. Typically set
                 via parameter_defaults in the resource registry.
    type: json
  NeutronMetadataProxySharedSecret:
    description: Shared secret to prevent spoofing
    type: string
    hidden: true
  ContrailVrouterPhysicalInterface:
    default: 'eth0'
    description: vRouter physical interface
    type: string
  ContrailVrouterGateway:
    default: '192.168.24.1'
    description: vRouter default gateway
    type: string
  ContrailVrouterNetmask:
    default: '255.255.255.0'
    description: vRouter netmask
    type: string
  ContrailVrouterControlNodeIps:
    description: List of Contrail Node IPs
    type: comma_delimited_list
    default: ''

resources:
  ContrailBase:
    type: ./contrail-base.yaml
    properties:
      ServiceData: {get_param: ServiceData}
      ServiceNetMap: {get_param: ServiceNetMap}
      DefaultPasswords: {get_param: DefaultPasswords}
      EndpointMap: {get_param: EndpointMap}
      RoleName: {get_param: RoleName}
      RoleParameters: {get_param: RoleParameters}

outputs:
  role_data:
    description: Role data for the Neutron Compute OpenContrail plugin
    value:
      service_name: contrail_vrouter
      config_settings:
        map_merge:
          - get_attr: [ContrailBase, role_data, config_settings]
          - contrail::vrouter::host_ip: {get_param: [ServiceNetMap, ContrailVrouterNetwork]}
            contrail::vrouter::physical_interface: {get_param: ContrailVrouterPhysicalInterface}
            contrail::vrouter::gateway: {get_param: ContrailVrouterGateway}
            contrail::vrouter::netmask: {get_param: ContrailVrouterNetmask}
            contrail::vrouter::metadata_proxy_shared_secret: {get_param: NeutronMetadataProxySharedSecret}
            contrail::vrouter::control_node_ips: {get_param: ContrailVrouterControlNodeIps}
            tripleo.contrail_vrouter.firewall_rules:
              '111 contrail_vrouter_8085':
                dport: 8085
              '112 contrail_vrouter_8097':
                dport: 8097
      step_config: |
        include ::tripleo::network::contrail::vrouter