Merge "Add deployment of CAs via hieradata"

[apex-tripleo-heat-templates.git] / network / config / single-nic-linux-bridge-vlans / controller.yaml
diff --git a/network/config/single-nic-linux-bridge-vlans/controller.yaml b/network/config/single-nic-linux-bridge-vlans/controller.yaml

index 7210548..aef5d4e 100644 (file)
--- a/network/config/single-nic-linux-bridge-vlans/controller.yaml
+++ b/network/config/single-nic-linux-bridge-vlans/controller.yaml
@@ -29,6 +29,10 @@ parameters:
      default: ''
      description: IP address/subnet on the tenant network
      type: string
+  ManagementIpSubnet: # Only populated when including environments/network-management.yaml
+    default: ''
+    description: IP address/subnet on the management network
+    type: string
    ExternalNetworkVlanID:
      default: 10
      description: Vlan ID for the external network traffic.
@@ -49,10 +53,21 @@ parameters:
      default: 50
      description: Vlan ID for the tenant network traffic.
      type: number
+  ManagementNetworkVlanID:
+    default: 60
+    description: Vlan ID for the management network traffic.
+    type: number
+  ControlPlaneDefaultRoute: # Override this via parameter_defaults
+    description: The default route of the control plane network.
+    type: string
    ExternalInterfaceDefaultRoute:
      default: '10.0.0.1'
      description: default route for the external network
      type: string
+  ManagementInterfaceDefaultRoute: # Commented out by default in this template
+    default: unset
+    description: The default route of the management network.
+    type: string
    ControlPlaneSubnetCidr: # Override this via parameter_defaults
      default: '24'
      description: The subnet CIDR of the control plane network.
@@ -64,9 +79,6 @@ parameters:
    EC2MetadataIp: # Override this via parameter_defaults
      description: The IP address of the EC2 metadata server.
      type: string
-  ControlPlaneDefaultRoute: # Override this via parameter_defaults
-    description: The default route of the control plane network.
-    type: string
  
  resources:
    OsNetConfigImpl:
@@ -92,8 +104,8 @@ resources:
                  -
                    ip_netmask: 169.254.169.254/32
                    next_hop: {get_param: EC2MetadataIp}
+                # IPv4 Default Route
                  -
-                  ip_netmask: 0.0.0.0/0
                    default: true
                    next_hop: {get_param: ControlPlaneDefaultRoute}
                members:
@@ -110,8 +122,8 @@ resources:
                  -
                    ip_netmask: {get_param: ExternalIpSubnet}
                routes:
+                # IPv6 Default Route
                  -
-                  ip_netmask: 0.0.0.0/0
                    default: true
                    next_hop: {get_param: ExternalInterfaceDefaultRoute}
              -
@@ -142,6 +154,21 @@ resources:
                addresses:
                  -
                    ip_netmask: {get_param: TenantIpSubnet}
+              # Uncomment when including environments/network-management.yaml
+              # If setting default route on the Management interface, comment
+              # out the default route on the External interface. This will
+              # make the External API unreachable from remote subnets.
+              #-
+              #  type: vlan
+              #  vlan_id: {get_param: ManagementNetworkVlanID}
+              #  device: {get_input: bridge_name}
+              #  addresses:
+              #    -
+              #      ip_netmask: {get_param: ManagementIpSubnet}
+              #  routes:
+              #    -
+              #      default: true
+              #      next_hop: {get_param: ManagementInterfaceDefaultRoute}
  
  outputs:
    OS::stack_id: