heat_template_version: pike

description: >
  OpenStack OVN Controller agent

parameters:
  EndpointMap:
    default: {}
    description: Mapping of service endpoint -> protocol. Typically set
                 via parameter_defaults in the resource registry.
    type: json
  DefaultPasswords:
    default: {}
    type: json
  RoleName:
    default: ''
    description: Role name on which the service is applied
    type: string
  RoleParameters:
    default: {}
    description: Parameters specific to the role
    type: json
  ServiceData:
    default: {}
    description: Dictionary packing service data
    type: json
  ServiceNetMap:
    default: {}
    description: Mapping of service_name -> network name. Typically set
                 via parameter_defaults in the resource registry.  This
                 mapping overrides those in ServiceNetMapDefaults.
    type: json
  OVNSouthboundServerPort:
    description: Port of the Southbound DB Server
    type: number
    default: 6642
  OVNTunnelEncapType:
    description: Tunnel encapsulation type
    type: string
    default: geneve
  NeutronBridgeMappings:
    description: >
      The OVS logical->physical bridge mappings to use. See the Neutron
      documentation for details. Defaults to mapping br-ex - the external
      bridge on hosts - to a physical name 'datacentre' which can be used
      to create provider networks (and we use this for the default floating
      network) - if changing this either use different post-install network
      scripts or be sure to keep 'datacentre' as a mapping network name.
    type: comma_delimited_list
    default: "datacentre:br-ex"


outputs:
  role_data:
    description: Role data for the OVN Controller agent
    value:
      service_name: ovn_controller
      config_settings:
        ovn::southbound::port: {get_param: OVNSouthboundServerPort}
        ovn::controller::ovn_encap_type: {get_param: OVNTunnelEncapType}
        ovn::controller::ovn_encap_ip: {get_param: [ServiceNetMap, NeutronApiNetwork]}
        ovn::controller::ovn_bridge_mappings: {get_param: NeutronBridgeMappings}
        nova::compute::force_config_drive: true
        tripleo.ovn_controller.firewall_rules:
          '118 neutron vxlan networks':
                proto: 'udp'
                dport: 4789
          '119 neutron geneve networks':
            proto: 'udp'
            dport: 6081
      step_config: |
        include ::tripleo::profile::base::neutron::agents::ovn
      upgrade_tasks:
        - name: Check if ovn_controller is deployed
          command: systemctl is-enabled ovn-controller
          tags: common
          ignore_errors: True
          register: ovn_controller_enabled
        - name: "PreUpgrade step0,validation: Check service ovn-controller is running"
          shell: /usr/bin/systemctl show 'ovn-controller' --property ActiveState | grep '\bactive\b'
          when: ovn_controller_enabled.rc == 0
          tags: step0,validation
        - name: Stop ovn-controller service
          tags: step1
          when: ovn_controller_enabled.rc == 0
          service: name=ovn-controller state=stopped