heat_template_version: 2016-04-08 description: > OpenStack Neutron Server configured with Puppet parameters: ServiceNetMap: default: {} description: Mapping of service_name -> network name. Typically set via parameter_defaults in the resource registry. This mapping overrides those in ServiceNetMapDefaults. type: json DefaultPasswords: default: {} type: json EndpointMap: default: {} description: Mapping of service endpoint -> protocol. Typically set via parameter_defaults in the resource registry. type: json NeutronWorkers: default: '' description: | Sets the number of API and RPC workers for the Neutron service. The default value results in the configuration being left unset and a system-dependent default will be chosen (usually the number of processors). Please note that this can result in a large number of processes and memory consumption on systems with a large core count. On such systems it is recommended that a non-default value be selected that matches the load requirements. type: string NeutronPassword: description: The password for the neutron service and db account, used by neutron agents. type: string hidden: true NeutronAllowL3AgentFailover: default: 'True' description: Allow automatic l3-agent failover type: string NeutronL3HA: default: false description: Whether to enable HA for virtual routers type: boolean NovaPassword: description: The password for the nova service and db account, used by nova-api. type: string hidden: true NeutronEnableDVR: description: Enable Neutron DVR. default: false type: boolean KeystoneRegion: type: string default: 'regionOne' description: Keystone region for endpoint resources: NeutronBase: type: ./neutron-base.yaml properties: ServiceNetMap: {get_param: ServiceNetMap} DefaultPasswords: {get_param: DefaultPasswords} EndpointMap: {get_param: EndpointMap} outputs: role_data: description: Role data for the Neutron Server agent service. value: service_name: neutron_api config_settings: map_merge: - get_attr: [NeutronBase, role_data, config_settings] neutron::server::database_connection: list_join: - '' - - {get_param: [EndpointMap, MysqlInternal, protocol]} - '://neutron:' - {get_param: NeutronPassword} - '@' - {get_param: [EndpointMap, MysqlInternal, host]} - '/ovs_neutron' neutron::keystone::auth::tenant: 'service' neutron::keystone::auth::public_url: {get_param: [EndpointMap, NeutronPublic, uri]} neutron::keystone::auth::internal_url: { get_param: [ EndpointMap, NeutronInternal, uri ] } neutron::keystone::auth::admin_url: { get_param: [ EndpointMap, NeutronAdmin, uri ] } neutron::keystone::auth::password: {get_param: NeutronPassword} neutron::keystone::auth::region: {get_param: KeystoneRegion} neutron::keystone::authtoken::auth_uri: {get_param: [EndpointMap, KeystoneInternal, uri] } neutron::keystone::authtoken::auth_url: {get_param: [EndpointMap, KeystoneAdmin, uri_no_suffix]} neutron::server::api_workers: {get_param: NeutronWorkers} neutron::server::rpc_workers: {get_param: NeutronWorkers} neutron::server::allow_automatic_l3agent_failover: {get_param: NeutronAllowL3AgentFailover} neutron::server::l3_ha: {get_param: NeutronL3HA} neutron::keystone::authtoken::password: {get_param: NeutronPassword} neutron::server::notifications::nova_url: { get_param: [ EndpointMap, NovaInternal, uri ] } neutron::server::notifications::auth_url: { get_param: [ EndpointMap, KeystoneV3Admin, uri ] } neutron::server::notifications::tenant_name: 'service' neutron::server::notifications::project_name: 'service' neutron::server::notifications::password: {get_param: NovaPassword} neutron::keystone::authtoken::project_name: 'service' neutron::server::sync_db: true neutron::db::mysql::password: {get_param: NeutronPassword} neutron::db::mysql::user: neutron neutron::db::mysql::host: {get_param: [EndpointMap, MysqlInternal, host_nobrackets]} neutron::db::mysql::dbname: ovs_neutron neutron::db::mysql::allowed_hosts: - '%' - "%{hiera('mysql_bind_host')}" tripleo.neutron_server.firewall_rules: '114 neutron server': dport: - 9696 - 13696 '118 neutron vxlan networks': proto: 'udp' dport: 4789 '106 vrrp': proto: vrrp neutron::server::router_distributed: {get_param: NeutronEnableDVR} # NOTE: bind IP is found in Heat replacing the network name with the local node IP # for the given network; replacement examples (eg. for internal_api): # internal_api -> IP # internal_api_uri -> [IP] # internal_api_subnet - > IP/CIDR neutron::bind_host: {get_param: [ServiceNetMap, NeutronApiNetwork]} step_config: | include tripleo::profile::base::neutron::server