-heat_template_version: 2016-04-08
+heat_template_version: 2016-10-14
description: >
OpenStack Neutron Server configured with Puppet
default: 'True'
description: Allow automatic l3-agent failover
type: string
- NeutronL3HA:
- default: false
- description: Whether to enable HA for virtual routers
- type: boolean
NovaPassword:
description: The password for the nova service and db account, used by nova-api.
type: string
type: string
default: 'regionOne'
description: Keystone region for endpoint
+ MonitoringSubscriptionNeutronServer:
+ default: 'overcloud-neutron-server'
+ type: string
+ NeutronApiLoggingSource:
+ type: json
+ default:
+ tag: openstack.neutron.api
+ path: /var/log/neutron/server.log
+ ControllerCount:
+ description: |
+ Under normal conditions, this should not be overridden manually and is
+ set at deployment time. The default value is present to allow the
+ template to be used in environments that do not override it.
+ default: 1
+ type: number
+
+ # DEPRECATED: the following options are deprecated and are currently maintained
+ # for backwards compatibility. They will be removed in the Ocata cycle.
+ NeutronL3HA:
+ default: false
+ description: |
+ Whether to enable HA for virtual routers. While the default value is
+ 'false', L3 HA will be automatically enabled if the number of nodes
+ hosting controller configurations and DVR is disabled. This parameter is
+ being deprecated in Newton and is scheduled to be removed in Ocata.
+ Future releases will enable L3 HA by default if it is appropriate for the
+ deployment type. Alternate mechanisms will be available to override.
+ type: boolean
+
+parameter_groups:
+- label: deprecated
+ description: |
+ The following parameters are deprecated and will be removed. They should not
+ be relied on for new deployments. If you have concerns regarding deprecated
+ parameters, please contact the TripleO development team on IRC or the
+ OpenStack mailing list.
+ parameters:
+ - NeutronL3HA
resources:
DefaultPasswords: {get_param: DefaultPasswords}
EndpointMap: {get_param: EndpointMap}
+conditions:
+
+ auto_enable_l3_ha:
+ and:
+ - not:
+ equals:
+ - get_param: ControllerCount
+ - 1
+ - equals:
+ - get_param: NeutronEnableDVR
+ - false
+
outputs:
role_data:
description: Role data for the Neutron Server agent service.
value:
service_name: neutron_api
+ monitoring_subscription: {get_param: MonitoringSubscriptionNeutronServer}
+ logging_source: {get_param: NeutronApiLoggingSource}
+ logging_groups:
+ - neutron
config_settings:
map_merge:
- get_attr: [NeutronBase, role_data, config_settings]
- neutron::server::database_connection:
+ - neutron::server::database_connection:
list_join:
- ''
- - {get_param: [EndpointMap, MysqlInternal, protocol]}
- '@'
- {get_param: [EndpointMap, MysqlInternal, host]}
- '/ovs_neutron'
- neutron::keystone::auth::tenant: 'service'
- neutron::keystone::auth::public_url: {get_param: [EndpointMap, NeutronPublic, uri]}
- neutron::keystone::auth::internal_url: { get_param: [ EndpointMap, NeutronInternal, uri ] }
- neutron::keystone::auth::admin_url: { get_param: [ EndpointMap, NeutronAdmin, uri ] }
- neutron::keystone::auth::password: {get_param: NeutronPassword}
- neutron::keystone::auth::region: {get_param: KeystoneRegion}
neutron::keystone::authtoken::auth_uri: {get_param: [EndpointMap, KeystoneInternal, uri] }
neutron::keystone::authtoken::auth_url: {get_param: [EndpointMap, KeystoneAdmin, uri_no_suffix]}
neutron::server::api_workers: {get_param: NeutronWorkers}
neutron::server::rpc_workers: {get_param: NeutronWorkers}
neutron::server::allow_automatic_l3agent_failover: {get_param: NeutronAllowL3AgentFailover}
- neutron::server::l3_ha: {get_param: NeutronL3HA}
+ neutron::server::l3_ha: {if: ["auto_enable_l3_ha", true, {get_param: NeutronL3HA}]}
+ neutron::server::enable_proxy_headers_parsing: true
neutron::keystone::authtoken::password: {get_param: NeutronPassword}
neutron::server::notifications::nova_url: { get_param: [ EndpointMap, NovaInternal, uri ] }
neutron::server::notifications::password: {get_param: NovaPassword}
neutron::keystone::authtoken::project_name: 'service'
neutron::server::sync_db: true
- neutron::db::mysql::password: {get_param: NeutronPassword}
- neutron::db::mysql::user: neutron
- neutron::db::mysql::host: {get_param: [EndpointMap, MysqlInternal, host_nobrackets]}
- neutron::db::mysql::dbname: ovs_neutron
- neutron::db::mysql::allowed_hosts:
- - '%'
- - "%{hiera('mysql_bind_host')}"
- tripleo.neutron_server.firewall_rules:
- '114 neutron server':
+ tripleo.neutron_api.firewall_rules:
+ '114 neutron api':
dport:
- 9696
- 13696
- '118 neutron vxlan networks':
- proto: 'udp'
- dport: 4789
- '106 vrrp':
- proto: vrrp
neutron::server::router_distributed: {get_param: NeutronEnableDVR}
# NOTE: bind IP is found in Heat replacing the network name with the local node IP
# for the given network; replacement examples (eg. for internal_api):
neutron::bind_host: {get_param: [ServiceNetMap, NeutronApiNetwork]}
step_config: |
include tripleo::profile::base::neutron::server
+ service_config_settings:
+ keystone:
+ neutron::keystone::auth::tenant: 'service'
+ neutron::keystone::auth::public_url: {get_param: [EndpointMap, NeutronPublic, uri]}
+ neutron::keystone::auth::internal_url: { get_param: [ EndpointMap, NeutronInternal, uri ] }
+ neutron::keystone::auth::admin_url: { get_param: [ EndpointMap, NeutronAdmin, uri ] }
+ neutron::keystone::auth::password: {get_param: NeutronPassword}
+ neutron::keystone::auth::region: {get_param: KeystoneRegion}
+ mysql:
+ neutron::db::mysql::password: {get_param: NeutronPassword}
+ neutron::db::mysql::user: neutron
+ neutron::db::mysql::host: {get_param: [EndpointMap, MysqlInternal, host_nobrackets]}
+ neutron::db::mysql::dbname: ovs_neutron
+ neutron::db::mysql::allowed_hosts:
+ - '%'
+ - "%{hiera('mysql_bind_host')}"
Code Review / apex-tripleo-heat-templates.git / blobdiff