heat_template_version: pike description: > OpenStack Neutron L3 agent configured with Puppet parameters: ServiceData: default: {} description: Dictionary packing service data type: json ServiceNetMap: default: {} description: Mapping of service_name -> network name. Typically set via parameter_defaults in the resource registry. This mapping overrides those in ServiceNetMapDefaults. type: json DefaultPasswords: default: {} type: json RoleName: default: '' description: Role name on which the service is applied type: string RoleParameters: default: {} description: Parameters specific to the role type: json EndpointMap: default: {} description: Mapping of service endpoint -> protocol. Typically set via parameter_defaults in the resource registry. type: json Debug: type: string default: '' description: Set to True to enable debugging on all services. NeutronL3AgentMode: description: | Agent mode for L3 agent. Must be one of legacy or dvr_snat. default: 'legacy' type: string constraints: - allowed_values: - legacy - dvr_snat MonitoringSubscriptionNeutronL3: default: 'overcloud-neutron-l3-agent' type: string NeutronL3AgentLoggingSource: type: json default: tag: openstack.neutron.agent.l3 path: /var/log/neutron/l3-agent.log # DEPRECATED: the following options are deprecated and are currently maintained # for backwards compatibility. They will be removed in the Pike cycle. NeutronExternalNetworkBridge: description: Name of bridge used for external network traffic. Usually L2 agent handles port wiring into external bridge, and hence the parameter should be unset. type: string default: '' conditions: external_network_bridge_empty: {equals : [{get_param: NeutronExternalNetworkBridge}, "''"]} resources: NeutronBase: type: ./neutron-base.yaml properties: ServiceData: {get_param: ServiceData} ServiceNetMap: {get_param: ServiceNetMap} DefaultPasswords: {get_param: DefaultPasswords} EndpointMap: {get_param: EndpointMap} RoleName: {get_param: RoleName} RoleParameters: {get_param: RoleParameters} outputs: role_data: description: Role data for the Neutron L3 agent service. value: service_name: neutron_l3 monitoring_subscription: {get_param: MonitoringSubscriptionNeutronL3} logging_source: {get_param: NeutronL3AgentLoggingSource} logging_groups: - neutron config_settings: map_merge: - get_attr: [NeutronBase, role_data, config_settings] - neutron::agents::l3::agent_mode: {get_param: NeutronL3AgentMode} tripleo.neutron_l3.firewall_rules: '106 neutron_l3 vrrp': proto: vrrp - if: - external_network_bridge_empty - {} - neutron::agents::l3::external_network_bridge: {get_param: NeutronExternalNetworkBridge} step_config: | include tripleo::profile::base::neutron::l3 upgrade_tasks: - name: Check if neutron_l3_agent is deployed command: systemctl is-enabled neutron-l3-agent tags: common ignore_errors: True register: neutron_l3_agent_enabled - name: "PreUpgrade step0,validation: Check service neutron-l3-agent is running" shell: /usr/bin/systemctl show 'neutron-l3-agent' --property ActiveState | grep '\bactive\b' when: neutron_l3_agent_enabled.rc == 0 tags: step0,validation - name: Stop neutron_l3 service tags: step1 when: neutron_l3_agent_enabled.rc == 0 service: name=neutron-l3-agent state=stopped