-heat_template_version: 2016-10-14
+heat_template_version: ocata
description: >
OpenStack Neutron Server configured with Puppet
default: 'True'
description: Allow automatic l3-agent failover
type: string
- NeutronL3HA:
- default: false
- description: |
- Whether to enable HA for virtual routers. While the default value is
- 'false', L3 HA will be automatically enabled if the number of nodes hosting
- controller configurations and DVR is disabled.
- type: boolean
NovaPassword:
description: The password for the nova service and db account, used by nova-api.
type: string
default:
tag: openstack.neutron.api
path: /var/log/neutron/server.log
- ControllerCount:
+
+ # DEPRECATED: the following options are deprecated and are currently maintained
+ # for backwards compatibility. They will be removed in the Ocata cycle.
+ NeutronL3HA:
+ default: ''
+ type: string
description: |
- Under normal conditions, this should not be overridden manually and is
- set at deployment time. The default value is present to allow the
- template to be used in environments that do not override it.
- default: 1
- type: number
+ Whether to enable HA for virtual routers. When not set, L3 HA will be
+ automatically enabled if the number of nodes hosting controller
+ configurations and DVR is disabled. Valid values are 'true' or 'false'
+ This parameter is being deprecated in Newton and is scheduled to be
+ removed in Ocata. Future releases will enable L3 HA by default if it is
+ appropriate for the deployment type. Alternate mechanisms will be
+ available to override.
+
+parameter_groups:
+- label: deprecated
+ description: |
+ The following parameters are deprecated and will be removed. They should not
+ be relied on for new deployments. If you have concerns regarding deprecated
+ parameters, please contact the TripleO development team on IRC or the
+ OpenStack mailing list.
+ parameters:
+ - NeutronL3HA
resources:
DefaultPasswords: {get_param: DefaultPasswords}
EndpointMap: {get_param: EndpointMap}
-conditions:
-
- auto_enable_l3_ha:
- and:
- - not:
- equals:
- - get_param: ControllerCount
- - 1
- - equals:
- - get_param: NeutronEnableDVR
- - false
-
outputs:
role_data:
description: Role data for the Neutron Server agent service.
- '@'
- {get_param: [EndpointMap, MysqlInternal, host]}
- '/ovs_neutron'
- neutron::keystone::auth::tenant: 'service'
- neutron::keystone::auth::public_url: {get_param: [EndpointMap, NeutronPublic, uri]}
- neutron::keystone::auth::internal_url: { get_param: [ EndpointMap, NeutronInternal, uri ] }
- neutron::keystone::auth::admin_url: { get_param: [ EndpointMap, NeutronAdmin, uri ] }
- neutron::keystone::auth::password: {get_param: NeutronPassword}
- neutron::keystone::auth::region: {get_param: KeystoneRegion}
neutron::keystone::authtoken::auth_uri: {get_param: [EndpointMap, KeystoneInternal, uri] }
neutron::keystone::authtoken::auth_url: {get_param: [EndpointMap, KeystoneAdmin, uri_no_suffix]}
neutron::server::api_workers: {get_param: NeutronWorkers}
neutron::server::rpc_workers: {get_param: NeutronWorkers}
neutron::server::allow_automatic_l3agent_failover: {get_param: NeutronAllowL3AgentFailover}
- neutron::server::l3_ha: {if: ["auto_enable_l3_ha", true, {get_param: NeutronL3HA}]}
+ neutron::server::enable_proxy_headers_parsing: true
neutron::keystone::authtoken::password: {get_param: NeutronPassword}
neutron::server::notifications::nova_url: { get_param: [ EndpointMap, NovaInternal, uri ] }
neutron::server::notifications::password: {get_param: NovaPassword}
neutron::keystone::authtoken::project_name: 'service'
neutron::server::sync_db: true
- neutron::db::mysql::password: {get_param: NeutronPassword}
- neutron::db::mysql::user: neutron
- neutron::db::mysql::host: {get_param: [EndpointMap, MysqlInternal, host_nobrackets]}
- neutron::db::mysql::dbname: ovs_neutron
- neutron::db::mysql::allowed_hosts:
- - '%'
- - "%{hiera('mysql_bind_host')}"
- tripleo.neutron_server.firewall_rules:
- '114 neutron server':
+ tripleo.neutron_api.firewall_rules:
+ '114 neutron api':
dport:
- 9696
- 13696
- '118 neutron vxlan networks':
- proto: 'udp'
- dport: 4789
- '106 vrrp':
- proto: vrrp
neutron::server::router_distributed: {get_param: NeutronEnableDVR}
# NOTE: bind IP is found in Heat replacing the network name with the local node IP
# for the given network; replacement examples (eg. for internal_api):
# internal_api_uri -> [IP]
# internal_api_subnet - > IP/CIDR
neutron::bind_host: {get_param: [ServiceNetMap, NeutronApiNetwork]}
+ tripleo::profile::base::neutron::server::l3_ha_override: {get_param: NeutronL3HA}
step_config: |
include tripleo::profile::base::neutron::server
+ service_config_settings:
+ keystone:
+ neutron::keystone::auth::tenant: 'service'
+ neutron::keystone::auth::public_url: {get_param: [EndpointMap, NeutronPublic, uri]}
+ neutron::keystone::auth::internal_url: { get_param: [ EndpointMap, NeutronInternal, uri ] }
+ neutron::keystone::auth::admin_url: { get_param: [ EndpointMap, NeutronAdmin, uri ] }
+ neutron::keystone::auth::password: {get_param: NeutronPassword}
+ neutron::keystone::auth::region: {get_param: KeystoneRegion}
+ mysql:
+ neutron::db::mysql::password: {get_param: NeutronPassword}
+ neutron::db::mysql::user: neutron
+ neutron::db::mysql::host: {get_param: [EndpointMap, MysqlInternal, host_nobrackets]}
+ neutron::db::mysql::dbname: ovs_neutron
+ neutron::db::mysql::allowed_hosts:
+ - '%'
+ - "%{hiera('mysql_bind_host')}"
Code Review / apex-tripleo-heat-templates.git / blobdiff