1 heat_template_version: ocata
4 OpenStack Neutron Server configured with Puppet
9 description: Mapping of service_name -> network name. Typically set
10 via parameter_defaults in the resource registry. This
11 mapping overrides those in ServiceNetMapDefaults.
18 description: Mapping of service endpoint -> protocol. Typically set
19 via parameter_defaults in the resource registry.
24 Sets the number of API and RPC workers for the Neutron service. The
25 default value results in the configuration being left unset and a
26 system-dependent default will be chosen (usually the number of
27 processors). Please note that this can result in a large number of
28 processes and memory consumption on systems with a large core count. On
29 such systems it is recommended that a non-default value be selected that
30 matches the load requirements.
33 description: The password for the neutron service and db account, used by neutron agents.
36 NeutronAllowL3AgentFailover:
38 description: Allow automatic l3-agent failover
41 description: The password for the nova service and db account, used by nova-api.
45 description: Enable Neutron DVR.
51 description: Keystone region for endpoint
52 MonitoringSubscriptionNeutronServer:
53 default: 'overcloud-neutron-server'
55 NeutronApiLoggingSource:
58 tag: openstack.neutron.api
59 path: /var/log/neutron/server.log
61 # DEPRECATED: the following options are deprecated and are currently maintained
62 # for backwards compatibility. They will be removed in the Ocata cycle.
67 Whether to enable HA for virtual routers. When not set, L3 HA will be
68 automatically enabled if the number of nodes hosting controller
69 configurations and DVR is disabled. Valid values are 'true' or 'false'
70 This parameter is being deprecated in Newton and is scheduled to be
71 removed in Ocata. Future releases will enable L3 HA by default if it is
72 appropriate for the deployment type. Alternate mechanisms will be
73 available to override.
78 The following parameters are deprecated and will be removed. They should not
79 be relied on for new deployments. If you have concerns regarding deprecated
80 parameters, please contact the TripleO development team on IRC or the
81 OpenStack mailing list.
88 type: ./neutron-base.yaml
90 ServiceNetMap: {get_param: ServiceNetMap}
91 DefaultPasswords: {get_param: DefaultPasswords}
92 EndpointMap: {get_param: EndpointMap}
96 description: Role data for the Neutron Server agent service.
98 service_name: neutron_api
99 monitoring_subscription: {get_param: MonitoringSubscriptionNeutronServer}
100 logging_source: {get_param: NeutronApiLoggingSource}
105 - get_attr: [NeutronBase, role_data, config_settings]
106 - neutron::server::database_connection:
109 - - {get_param: [EndpointMap, MysqlInternal, protocol]}
111 - {get_param: NeutronPassword}
113 - {get_param: [EndpointMap, MysqlInternal, host]}
116 - "%{hiera('tripleo::profile::base::database::mysql::client_bind_address')}"
117 neutron::keystone::authtoken::auth_uri: {get_param: [EndpointMap, KeystoneInternal, uri] }
118 neutron::keystone::authtoken::auth_url: {get_param: [EndpointMap, KeystoneAdmin, uri_no_suffix]}
119 neutron::server::api_workers: {get_param: NeutronWorkers}
120 neutron::server::rpc_workers: {get_param: NeutronWorkers}
121 neutron::server::allow_automatic_l3agent_failover: {get_param: NeutronAllowL3AgentFailover}
122 neutron::server::enable_proxy_headers_parsing: true
123 neutron::keystone::authtoken::password: {get_param: NeutronPassword}
125 neutron::server::notifications::nova_url: { get_param: [ EndpointMap, NovaInternal, uri ] }
126 neutron::server::notifications::auth_url: { get_param: [ EndpointMap, KeystoneV3Admin, uri ] }
127 neutron::server::notifications::tenant_name: 'service'
128 neutron::server::notifications::project_name: 'service'
129 neutron::server::notifications::password: {get_param: NovaPassword}
130 neutron::keystone::authtoken::project_name: 'service'
131 neutron::server::sync_db: true
132 tripleo.neutron_api.firewall_rules:
137 neutron::server::router_distributed: {get_param: NeutronEnableDVR}
138 # NOTE: bind IP is found in Heat replacing the network name with the local node IP
139 # for the given network; replacement examples (eg. for internal_api):
141 # internal_api_uri -> [IP]
142 # internal_api_subnet - > IP/CIDR
143 neutron::bind_host: {get_param: [ServiceNetMap, NeutronApiNetwork]}
144 tripleo::profile::base::neutron::server::l3_ha_override: {get_param: NeutronL3HA}
146 include tripleo::profile::base::neutron::server
147 service_config_settings:
149 neutron::keystone::auth::tenant: 'service'
150 neutron::keystone::auth::public_url: {get_param: [EndpointMap, NeutronPublic, uri]}
151 neutron::keystone::auth::internal_url: { get_param: [ EndpointMap, NeutronInternal, uri ] }
152 neutron::keystone::auth::admin_url: { get_param: [ EndpointMap, NeutronAdmin, uri ] }
153 neutron::keystone::auth::password: {get_param: NeutronPassword}
154 neutron::keystone::auth::region: {get_param: KeystoneRegion}
156 neutron::db::mysql::password: {get_param: NeutronPassword}
157 neutron::db::mysql::user: neutron
158 neutron::db::mysql::host: {get_param: [EndpointMap, MysqlInternal, host_nobrackets]}
159 neutron::db::mysql::dbname: ovs_neutron
160 neutron::db::mysql::allowed_hosts:
162 - "%{hiera('mysql_bind_host')}"
164 - name: Stop neutron_api service
166 service: name=neutron-server state=stopped
167 - name: Sync neutron_api DB
169 command: neutron-db-manage --config-file /etc/neutron/neutron.conf --config-file /etc/neutron/plugin.ini upgrade head