summaryrefslogtreecommitdiffstats
path: root/network/internal_api_v6.yaml
blob: 68c14fbe9be644a7e31aebf617f8270039e14f3f (plain) 
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69

heat_template_version: 2015-04-30

description: >
  Internal API network. Used for most APIs, Database, RPC.

parameters:
  # the defaults here work for static IP assignment (IPAM) only
  InternalApiNetCidr:
    # OpenStack uses the EUI-64 address format, which requires a /64 prefix
    default: 'fd00:fd00:fd00:2000::/64'
    description: Cidr for the internal API network.
    type: string
  InternalApiNetValueSpecs:
    default: {'provider:physical_network': 'internal_api', 'provider:network_type': 'flat'}
    description: Value specs for the internal API network.
    type: json
  InternalApiNetAdminStateUp:
    default: false
    description: This admin state of of the network.
    type: boolean
  InternalApiNetShared:
    default: false
    description: Whether this network is shared across all tenants.
    type: boolean
  InternalApiNetName:
    default: internal_api
    description: The name of the internal API network.
    type: string
  InternalApiSubnetName:
    default: internal_api_subnet
    description: The name of the internal API subnet in Neutron.
    type: string
  InternalApiAllocationPools:
    default: [{'start': 'fd00:fd00:fd00:2000::10', 'end': 'fd00:fd00:fd00:2000:ffff:ffff:ffff:fffe'}]
    description: Ip allocation pool range for the internal API network.
    type: json
  IPv6AddressMode:
    default: dhcpv6-stateful
    description: Neutron subnet IPv6 address mode
    type: string
  IPv6RAMode:
    default: dhcpv6-stateful
    description: Neutron subnet IPv6 router advertisement mode
    type: string

resources:
  InternalApiNetwork:
    type: OS::Neutron::Net
    properties:
      admin_state_up: {get_param: InternalApiNetAdminStateUp}
      name: {get_param: InternalApiNetName}
      shared: {get_param: InternalApiNetShared}
      value_specs: {get_param: InternalApiNetValueSpecs}

  InternalApiSubnet:
    type: OS::Neutron::Subnet
    properties:
      ip_version: 6
      ipv6_address_mode: {get_param: IPv6AddressMode}
      ipv6_ra_mode: {get_param: IPv6RAMode}
      cidr: {get_param: InternalApiNetCidr}
      name: {get_param: InternalApiSubnetName}
      network: {get_resource: InternalApiNetwork}
      allocation_pools: {get_param: InternalApiAllocationPools}

outputs:
  OS::stack_id:
    description: Neutron internal network
    value: {get_resource: InternalApiNetwork}
ass="no">set at deployment time. The default value is present to allow the template to be used in environments that do not override it. default: 1 type: number resources: NeutronBase: type: ./neutron-base.yaml properties: ServiceNetMap: {get_param: ServiceNetMap} DefaultPasswords: {get_param: DefaultPasswords} EndpointMap: {get_param: EndpointMap} conditions: auto_enable_l3_ha: and: - not: equals: - get_param: ControllerCount - 1 - equals: - get_param: NeutronEnableDVR - false outputs: role_data: description: Role data for the Neutron Server agent service. value: service_name: neutron_api monitoring_subscription: {get_param: MonitoringSubscriptionNeutronServer} logging_source: {get_param: NeutronApiLoggingSource} logging_groups: - neutron config_settings: map_merge: - get_attr: [NeutronBase, role_data, config_settings] - neutron::server::database_connection: list_join: - '' - - {get_param: [EndpointMap, MysqlInternal, protocol]} - '://neutron:' - {get_param: NeutronPassword} - '@' - {get_param: [EndpointMap, MysqlInternal, host]} - '/ovs_neutron' neutron::keystone::auth::tenant: 'service' neutron::keystone::auth::public_url: {get_param: [EndpointMap, NeutronPublic, uri]} neutron::keystone::auth::internal_url: { get_param: [ EndpointMap, NeutronInternal, uri ] } neutron::keystone::auth::admin_url: { get_param: [ EndpointMap, NeutronAdmin, uri ] } neutron::keystone::auth::password: {get_param: NeutronPassword} neutron::keystone::auth::region: {get_param: KeystoneRegion} neutron::keystone::authtoken::auth_uri: {get_param: [EndpointMap, KeystoneInternal, uri] } neutron::keystone::authtoken::auth_url: {get_param: [EndpointMap, KeystoneAdmin, uri_no_suffix]} neutron::server::api_workers: {get_param: NeutronWorkers} neutron::server::rpc_workers: {get_param: NeutronWorkers} neutron::server::allow_automatic_l3agent_failover: {get_param: NeutronAllowL3AgentFailover} neutron::server::l3_ha: {if: ["auto_enable_l3_ha", true, {get_param: NeutronL3HA}]} neutron::keystone::authtoken::password: {get_param: NeutronPassword} neutron::server::notifications::nova_url: { get_param: [ EndpointMap, NovaInternal, uri ] } neutron::server::notifications::auth_url: { get_param: [ EndpointMap, KeystoneV3Admin, uri ] } neutron::server::notifications::tenant_name: 'service' neutron::server::notifications::project_name: 'service' neutron::server::notifications::password: {get_param: NovaPassword} neutron::keystone::authtoken::project_name: 'service' neutron::server::sync_db: true neutron::db::mysql::password: {get_param: NeutronPassword} neutron::db::mysql::user: neutron neutron::db::mysql::host: {get_param: [EndpointMap, MysqlInternal, host_nobrackets]} neutron::db::mysql::dbname: ovs_neutron neutron::db::mysql::allowed_hosts: - '%' - "%{hiera('mysql_bind_host')}" tripleo.neutron_server.firewall_rules: '114 neutron server': dport: - 9696 - 13696 '118 neutron vxlan networks': proto: 'udp' dport: 4789 '106 vrrp': proto: vrrp neutron::server::router_distributed: {get_param: NeutronEnableDVR} # NOTE: bind IP is found in Heat replacing the network name with the local node IP # for the given network; replacement examples (eg. for internal_api): # internal_api -> IP # internal_api_uri -> [IP] # internal_api_subnet - > IP/CIDR neutron::bind_host: {get_param: [ServiceNetMap, NeutronApiNetwork]} step_config: | include tripleo::profile::base::neutron::server