Merge "Set ceph osd max object name and namespace len on upgrade when on ext4"

[apex-tripleo-heat-templates.git] / puppet / services / neutron-api.yaml

heat_template_version: 2016-10-14

description: >
  OpenStack Neutron Server configured with Puppet

parameters:
  ServiceNetMap:
    default: {}
    description: Mapping of service_name -> network name. Typically set
                 via parameter_defaults in the resource registry.  This
                 mapping overrides those in ServiceNetMapDefaults.
    type: json
  DefaultPasswords:
    default: {}
    type: json
  EndpointMap:
    default: {}
    description: Mapping of service endpoint -> protocol. Typically set
                 via parameter_defaults in the resource registry.
    type: json
  NeutronWorkers:
    default: ''
    description: |
      Sets the number of API and RPC workers for the Neutron service. The
      default value results in the configuration being left unset and a
      system-dependent default will be chosen (usually the number of
      processors). Please note that this can result in a large number of
      processes and memory consumption on systems with a large core count. On
      such systems it is recommended that a non-default value be selected that
      matches the load requirements.
    type: string
  NeutronPassword:
    description: The password for the neutron service and db account, used by neutron agents.
    type: string
    hidden: true
  NeutronAllowL3AgentFailover:
    default: 'True'
    description: Allow automatic l3-agent failover
    type: string
  NovaPassword:
    description: The password for the nova service and db account, used by nova-api.
    type: string
    hidden: true
  NeutronEnableDVR:
    description: Enable Neutron DVR.
    default: false
    type: boolean
  KeystoneRegion:
    type: string
    default: 'regionOne'
    description: Keystone region for endpoint
  MonitoringSubscriptionNeutronServer:
    default: 'overcloud-neutron-server'
    type: string
  NeutronApiLoggingSource:
    type: json
    default:
      tag: openstack.neutron.api
      path: /var/log/neutron/server.log
  ControllerCount:
    description: |
      Under normal conditions, this should not be overridden manually and is
      set at deployment time. The default value is present to allow the
      template to be used in environments that do not override it.
    default: 1
    type: number

  # DEPRECATED: the following options are deprecated and are currently maintained
  # for backwards compatibility. They will be removed in the Ocata cycle.
  NeutronL3HA:
    default: false
    description: |
      Whether to enable HA for virtual routers. While the default value is
      'false', L3 HA will be automatically enabled if the number of nodes
      hosting controller configurations and DVR is disabled. This parameter is
      being deprecated in Newton and is scheduled to be removed in Ocata.
      Future releases will enable L3 HA by default if it is appropriate for the
      deployment type. Alternate mechanisms will be available to override.
    type: boolean

parameter_groups:
- label: deprecated
  description: |
   The following parameters are deprecated and will be removed. They should not
   be relied on for new deployments. If you have concerns regarding deprecated
   parameters, please contact the TripleO development team on IRC or the
   OpenStack mailing list.
  parameters:
  - NeutronL3HA

resources:

  NeutronBase:
    type: ./neutron-base.yaml
    properties:
      ServiceNetMap: {get_param: ServiceNetMap}
      DefaultPasswords: {get_param: DefaultPasswords}
      EndpointMap: {get_param: EndpointMap}

conditions:

  auto_enable_l3_ha:
    and:
      - not:
          equals:
            - get_param: ControllerCount
            - 1
      - equals:
        - get_param: NeutronEnableDVR
        - false

outputs:
  role_data:
    description: Role data for the Neutron Server agent service.
    value:
      service_name: neutron_api
      monitoring_subscription: {get_param: MonitoringSubscriptionNeutronServer}
      logging_source: {get_param: NeutronApiLoggingSource}
      logging_groups:
        - neutron
      config_settings:
        map_merge:
          - get_attr: [NeutronBase, role_data, config_settings]
          - neutron::server::database_connection:
              list_join:
                - ''
                - - {get_param: [EndpointMap, MysqlInternal, protocol]}
                  - '://neutron:'
                  - {get_param: NeutronPassword}
                  - '@'
                  - {get_param: [EndpointMap, MysqlInternal, host]}
                  - '/ovs_neutron'
            neutron::keystone::authtoken::auth_uri: {get_param: [EndpointMap, KeystoneInternal, uri] }
            neutron::keystone::authtoken::auth_url: {get_param: [EndpointMap, KeystoneAdmin, uri_no_suffix]}
            neutron::server::api_workers: {get_param: NeutronWorkers}
            neutron::server::rpc_workers: {get_param: NeutronWorkers}
            neutron::server::allow_automatic_l3agent_failover: {get_param: NeutronAllowL3AgentFailover}
            neutron::server::l3_ha: {if: ["auto_enable_l3_ha", true, {get_param: NeutronL3HA}]}
            neutron::keystone::authtoken::password: {get_param: NeutronPassword}

            neutron::server::notifications::nova_url: { get_param: [ EndpointMap, NovaInternal, uri ] }
            neutron::server::notifications::auth_url: { get_param: [ EndpointMap, KeystoneV3Admin, uri ] }
            neutron::server::notifications::tenant_name: 'service'
            neutron::server::notifications::project_name: 'service'
            neutron::server::notifications::password: {get_param: NovaPassword}
            neutron::keystone::authtoken::project_name: 'service'
            neutron::server::sync_db: true
            tripleo.neutron_server.firewall_rules:
              '114 neutron server':
                dport:
                  - 9696
                  - 13696
              '118 neutron vxlan networks':
                proto: 'udp'
                dport: 4789
              '106 vrrp':
                proto: vrrp
            neutron::server::router_distributed: {get_param: NeutronEnableDVR}
            # NOTE: bind IP is found in Heat replacing the network name with the local node IP
            # for the given network; replacement examples (eg. for internal_api):
            # internal_api -> IP
            # internal_api_uri -> [IP]
            # internal_api_subnet - > IP/CIDR
            neutron::bind_host: {get_param: [ServiceNetMap, NeutronApiNetwork]}
      step_config: |
        include tripleo::profile::base::neutron::server
      service_config_settings:
        keystone:
          neutron::keystone::auth::tenant: 'service'
          neutron::keystone::auth::public_url: {get_param: [EndpointMap, NeutronPublic, uri]}
          neutron::keystone::auth::internal_url: { get_param: [ EndpointMap, NeutronInternal, uri ] }
          neutron::keystone::auth::admin_url: { get_param: [ EndpointMap, NeutronAdmin, uri ] }
          neutron::keystone::auth::password: {get_param: NeutronPassword}
          neutron::keystone::auth::region: {get_param: KeystoneRegion}
        mysql:
          neutron::db::mysql::password: {get_param: NeutronPassword}
          neutron::db::mysql::user: neutron
          neutron::db::mysql::host: {get_param: [EndpointMap, MysqlInternal, host_nobrackets]}
          neutron::db::mysql::dbname: ovs_neutron
          neutron::db::mysql::allowed_hosts:
            - '%'
            - "%{hiera('mysql_bind_host')}"