parameter_defaults:
NeutronCorePlugin: neutron_plugin_contrail.plugins.opencontrail.contrail_plugin.NeutronPluginContrailCoreV2
NeutronServicePlugins: neutron_plugin_contrail.plugins.opencontrail.loadbalancer.plugin.LoadBalancerPlugin
- NeutronEnableDHCPAgent: false
+ OS::TripleO::Services::NeutronDhcpAgent: OS::Heat::None
NeutronEnableL3Agent: false
NeutronEnableMetadataAgent: false
NeutronEnableOVSAgent: false
#PLUMgridPlumlibVersion: present
# PLUMgrid doesn't require dhcp, l3, ovs and metadata agents
- NeutronEnableDHCPAgent: false
+ OS::TripleO::Services::NeutronDhcpAgent: OS::Heat::None
NeutronEnableL3Agent: false
NeutronEnableMetadataAgent: false
NeutronEnableOVSAgent: false
OS::TripleO::Services::Keystone: ../puppet/services/pacemaker/keystone.yaml
OS::TripleO::Services::GlanceApi: ../puppet/services/pacemaker/glance-api.yaml
OS::TripleO::Services::GlanceRegistry: ../puppet/services/pacemaker/glance-registry.yaml
+ OS::TripleO::Services::NeutronDhcpAgent: ../puppet/services/pacemaker/neutron-dhcp.yaml
OS::TripleO::Services::Keystone: puppet/services/keystone.yaml
OS::TripleO::Services::GlanceApi: puppet/services/glance-api.yaml
OS::TripleO::Services::GlanceRegistry: puppet/services/glance-registry.yaml
+ OS::TripleO::Services::NeutronDhcpAgent: puppet/services/neutron-dhcp.yaml
parameter_defaults:
EnablePackageInstall: false
default: 'ctlplane'
type: string
description: Neutron ID or name for ctlplane network.
- NeutronEnableIsolatedMetadata:
- default: 'False'
- description: If True, DHCP provide metadata route to VM.
- type: string
NeutronEnableTunnelling:
type: string
default: "True"
default: 'False'
description: Whether to enable l3-agent HA
type: string
- NeutronDhcpAgentsPerNetwork:
- type: number
- default: 1
- description: The number of neutron dhcp agents to schedule per network
NovaIPv6:
default: false
description: Enable IPv6 features in Nova
description: Configures MySQL max_connections config setting
type: number
default: 4096
- NeutronDnsmasqOptions:
- default: 'dhcp-option-force=26,%MTU%'
- description: >
- Dnsmasq options for neutron-dhcp-agent. The default value here forces MTU
- to be set to the value of NeutronTenantMtu, which should be set to account
- for tunnel overhead.
- type: string
NeutronPublicInterfaceDefaultRoute:
default: ''
description: A custom default route for the NeutronPublicInterface.
- OS::TripleO::Services::Keystone
- OS::TripleO::Services::GlanceApi
- OS::TripleO::Services::GlanceRegistry
+ - OS::TripleO::Services::NeutronDhcpAgent
description: A list of service resources (configured in the Heat
resource_registry) which represent nested stacks
for each service that should get installed on the Controllers.
NeutronBridgeMappings: {get_param: NeutronBridgeMappings}
NeutronTenantMtu: {get_param: NeutronTenantMtu}
NeutronExternalNetworkBridge: {get_param: NeutronExternalNetworkBridge}
- NeutronEnableIsolatedMetadata: {get_param: NeutronEnableIsolatedMetadata}
NeutronEnableTunnelling: {get_param: NeutronEnableTunnelling}
NeutronEnableL2Pop: {get_param: NeutronEnableL2Pop}
NeutronNetworkVLANRanges: {get_param: NeutronNetworkVLANRanges}
NeutronPublicInterfaceDefaultRoute: {get_param: NeutronPublicInterfaceDefaultRoute}
NeutronPublicInterfaceRawDevice: {get_param: NeutronPublicInterfaceRawDevice}
NeutronPassword: {get_param: NeutronPassword}
- NeutronDnsmasqOptions:
- str_replace:
- template: {get_param: NeutronDnsmasqOptions}
- params:
- '%MTU%': {get_param: NeutronTenantMtu}
NeutronDVR: {get_param: NeutronDVR}
NeutronMetadataProxySharedSecret: {get_param: NeutronMetadataProxySharedSecret}
NeutronAgentMode: {get_param: NeutronAgentMode}
NeutronAgentExtensions: {get_param: NeutronAgentExtensions}
NeutronAllowL3AgentFailover: {get_param: NeutronAllowL3AgentFailover}
NeutronL3HA: {get_param: NeutronL3HA}
- NeutronDhcpAgentsPerNetwork: {get_param: NeutronDhcpAgentsPerNetwork}
NeutronNetworkType: {get_param: NeutronNetworkType}
NeutronTunnelTypes: {get_param: NeutronTunnelTypes}
NovaIPv6: {get_param: NovaIPv6}
scripts or be sure to keep 'datacentre' as a mapping network name.
type: comma_delimited_list
default: "datacentre:br-ex"
- NeutronDnsmasqOptions:
- default: 'dhcp-option-force=26,1400'
- description: Dnsmasq options for neutron-dhcp-agent. The default value here forces MTU to be set to 1400 to account for the gre tunnel overhead.
- type: string
- NeutronEnableDHCPAgent:
- description: Knob to enable/disable DHCP Agent
- type: boolean
- default: true
NeutronEnableL3Agent:
description: Knob to enable/disable L3 agent
type: boolean
default: 'False'
description: Whether to enable l3-agent HA
type: string
- NeutronDhcpAgentsPerNetwork:
- type: number
- default: 3
- description: The number of neutron dhcp agents to schedule per network
NeutronDVR:
default: 'False'
description: Whether to configure Neutron Distributed Virtual Routers
default: 'True'
description: Allow automatic l3-agent failover
type: string
- NeutronEnableIsolatedMetadata:
- default: 'False'
- description: If True, DHCP provide metadata route to VM.
- type: string
NeutronEnableTunnelling:
type: string
default: "True"
swift_workers: {get_param: SwiftWorkers}
neutron_enable_tunneling: {get_param: NeutronEnableTunnelling}
neutron_enable_l2pop: {get_param: NeutronEnableL2Pop}
- neutron_enable_isolated_metadata: {get_param: NeutronEnableIsolatedMetadata}
haproxy_log_address: {get_param: HAProxySyslogAddress}
haproxy_stats_password: {get_param: HAProxyStatsPassword}
haproxy_stats_user: {get_param: HAProxyStatsUser}
template: DRIVERS
params:
DRIVERS: {get_param: NeutronTypeDrivers}
- neutron_enable_dhcp_agent: {get_param: NeutronEnableDHCPAgent}
neutron_enable_l3_agent: {get_param: NeutronEnableL3Agent}
neutron_enable_metadata_agent: {get_param: NeutronEnableMetadataAgent}
neutron_enable_ovs_agent: {get_param: NeutronEnableOVSAgent}
MECHANISMS: {get_param: NeutronMechanismDrivers}
neutron_allow_l3agent_failover: {get_param: NeutronAllowL3AgentFailover}
neutron_l3_ha: {get_param: NeutronL3HA}
- neutron_dhcp_agents_per_network: {get_param: NeutronDhcpAgentsPerNetwork}
neutron_network_vlan_ranges:
str_replace:
template: RANGES
AGENT_EXTENSIONS: {get_param: NeutronAgentExtensions}
neutron_password: {get_param: NeutronPassword}
neutron_tenant_mtu: {get_param: NeutronTenantMtu}
- neutron_dnsmasq_options: {get_param: NeutronDnsmasqOptions}
neutron_dsn:
list_join:
- ''
# Neutron
neutron::bind_host: {get_input: neutron_api_network}
- neutron::rabbit_password: {get_input: rabbit_password}
- neutron::rabbit_user: {get_input: rabbit_username}
- neutron::rabbit_use_ssl: {get_input: rabbit_client_use_ssl}
- neutron::rabbit_port: {get_input: rabbit_client_port}
- neutron::debug: {get_input: debug}
neutron::server::auth_uri: {get_input: keystone_auth_uri}
neutron::server::identity_uri: {get_input: keystone_identity_uri}
neutron::server::database_connection: {get_input: neutron_dsn}
neutron::network_device_mtu: {get_input: neutron_tenant_mtu}
neutron::agents::ml2::ovs::enable_tunneling: {get_input: neutron_enable_tunneling}
neutron::agents::ml2::ovs::l2_population: {get_input: neutron_enable_l2pop}
- neutron::agents::dhcp::enable_isolated_metadata: {get_input: neutron_enable_isolated_metadata}
neutron::agents::ml2::ovs::local_ip: {get_input: neutron_local_ip}
neutron::plugins::ml2::flat_networks: {get_input: neutron_flat_networks}
neutron::agents::metadata::shared_secret: {get_input: neutron_metadata_proxy_shared_secret}
neutron_router_distributed: {get_input: neutron_router_distributed}
neutron::core_plugin: {get_input: neutron_core_plugin}
neutron::service_plugins: {get_input: neutron_service_plugins}
- neutron::enable_dhcp_agent: {get_input: neutron_enable_dhcp_agent}
neutron::enable_l3_agent: {get_input: neutron_enable_l3_agent}
neutron::enable_metadata_agent: {get_input: neutron_enable_metadata_agent}
neutron::enable_ovs_agent: {get_input: neutron_enable_ovs_agent}
neutron::plugins::ml2::extension_drivers: {get_input: neutron_plugin_extensions}
neutron::server::allow_automatic_l3agent_failover: {get_input: neutron_allow_l3agent_failover}
neutron::server::l3_ha: {get_input: neutron_l3_ha}
- neutron::dhcp_agents_per_network: {get_input: neutron_dhcp_agents_per_network}
neutron::plugins::ml2::network_vlan_ranges: {get_input: neutron_network_vlan_ranges}
neutron::plugins::ml2::tunnel_id_ranges: {get_input: neutron_tunnel_id_ranges}
neutron::plugins::ml2::vni_ranges: {get_input: neutron_vni_ranges}
neutron::agents::ml2::ovs::extensions: {get_input: neutron_agent_extensions}
neutron::server::auth_password: {get_input: neutron_password}
neutron::agents::metadata::auth_password: {get_input: neutron_password}
- neutron_dnsmasq_options: {get_input: neutron_dnsmasq_options}
neutron_dsn: {get_input: neutron_dsn}
neutron::agents::metadata::auth_url: {get_input: keystone_identity_uri}
neutron::db::mysql::password: {get_input: neutron_password}
neutron::server::auth_tenant: 'service'
neutron::agents::metadata::auth_tenant: 'service'
neutron::agents::l3::router_delete_namespaces: True
-neutron::agents::dhcp::dhcp_delete_namespaces: True
cinder::api::keystone_tenant: 'service'
swift::proxy::authtoken::admin_tenant_name: 'service'
ceilometer::api::keystone_tenant: 'service'
# neutron
neutron::server::sync_db: true
-neutron::agents::dhcp::dnsmasq_config_file: /etc/neutron/dnsmasq-neutron.conf
# nova
nova::notify_on_state_change: 'vm_and_task_state'
}
} else {
include ::neutron::agents::l3
- include ::neutron::agents::dhcp
include ::neutron::agents::metadata
- file { '/etc/neutron/dnsmasq-neutron.conf':
- content => hiera('neutron_dnsmasq_options'),
- owner => 'neutron',
- group => 'neutron',
- notify => Service['neutron-dhcp-service'],
- require => Package['neutron'],
- }
-
# If the value of core plugin is set to 'midonet',
# skip all the ML2 configuration
if hiera('neutron::core_plugin') == 'midonet.neutron.plugin_v1.MidonetPluginV2' {
neutron_l3_agent_config {
'DEFAULT/ovs_use_veth': value => hiera('neutron_ovs_use_veth', false);
}
- neutron_dhcp_agent_config {
- 'DEFAULT/ovs_use_veth': value => hiera('neutron_ovs_use_veth', false);
- }
Service['neutron-server'] -> Service['neutron-ovs-agent-service']
}
- Service['neutron-server'] -> Service['neutron-dhcp-service']
Service['neutron-server'] -> Service['neutron-l3']
Service['neutron-server'] -> Service['neutron-metadata']
}
metadata_proxy_shared_secret => hiera('nova::api::neutron_metadata_proxy_shared_secret'),
}
}
- if hiera('neutron::enable_dhcp_agent',true) {
- class { '::neutron::agents::dhcp' :
- manage_service => false,
- enabled => false,
- }
- file { '/etc/neutron/dnsmasq-neutron.conf':
- content => hiera('neutron_dnsmasq_options'),
- owner => 'neutron',
- group => 'neutron',
- notify => Service['neutron-dhcp-service'],
- require => Package['neutron'],
- }
- }
if hiera('neutron::enable_l3_agent',true) {
class { '::neutron::agents::l3' :
manage_service => false,
neutron_l3_agent_config {
'DEFAULT/ovs_use_veth': value => hiera('neutron_ovs_use_veth', false);
}
- neutron_dhcp_agent_config {
- 'DEFAULT/ovs_use_veth': value => hiera('neutron_ovs_use_veth', false);
- }
- neutron_config {
- 'DEFAULT/notification_driver': value => 'messaging';
- }
include ::cinder
include ::cinder::config
Pacemaker::Resource::Service[$::sahara::params::engine_service_name]],
}
- if hiera('step') == 5 {
- # Neutron
- # NOTE(gfidente): Neutron will try to populate the database with some data
- # as soon as neutron-server is started; to avoid races we want to make this
- # happen only on one node, before normal Pacemaker initialization
- # https://bugzilla.redhat.com/show_bug.cgi?id=1233061
- # NOTE(emilien): we need to run this Exec only at Step 4 otherwise this exec
- # will try to start the service while it's already started by Pacemaker
- # It would result to a deployment failure since systemd would return 1 to Puppet
- # and the overcloud would fail to deploy (6 would be returned).
- # This conditional prevents from a race condition during the deployment.
- # https://bugzilla.redhat.com/show_bug.cgi?id=1290582
- exec { 'neutron-server-systemd-start-sleep' :
- command => 'systemctl start neutron-server && /usr/bin/sleep 5',
- path => '/usr/bin',
- unless => '/sbin/pcs resource show neutron-server',
- } ->
- pacemaker::resource::service { $::neutron::params::server_service:
- clone_params => 'interleave=true',
- require => Pacemaker::Resource::Ocf['openstack-core']
- }
- } else {
- pacemaker::resource::service { $::neutron::params::server_service:
- clone_params => 'interleave=true',
- require => Pacemaker::Resource::Ocf['openstack-core']
- }
- }
if hiera('neutron::enable_l3_agent', true) {
pacemaker::resource::service { $::neutron::params::l3_agent_service:
clone_params => 'interleave=true',
}
}
- if hiera('neutron::enable_dhcp_agent', true) {
- pacemaker::resource::service { $::neutron::params::dhcp_agent_service:
- clone_params => 'interleave=true',
- }
- }
+
if hiera('neutron::enable_ovs_agent', true) {
pacemaker::resource::service { $::neutron::params::ovs_agent_service:
clone_params => 'interleave=true',
Pacemaker::Resource::Service[$::neutron::params::ovs_agent_service]],
}
}
- pacemaker::constraint::base { 'keystone-to-neutron-server-constraint':
- constraint_type => 'order',
- first_resource => 'openstack-core-clone',
- second_resource => "${::neutron::params::server_service}-clone",
- first_action => 'start',
- second_action => 'start',
- require => [Pacemaker::Resource::Ocf['openstack-core'],
- Pacemaker::Resource::Service[$::neutron::params::server_service]],
- }
- if hiera('neutron::enable_ovs_agent',true) {
- pacemaker::constraint::base { 'neutron-openvswitch-agent-to-dhcp-agent-constraint':
- constraint_type => 'order',
- first_resource => "${::neutron::params::ovs_agent_service}-clone",
- second_resource => "${::neutron::params::dhcp_agent_service}-clone",
- first_action => 'start',
- second_action => 'start',
- require => [Pacemaker::Resource::Service[$::neutron::params::ovs_agent_service],
- Pacemaker::Resource::Service[$::neutron::params::dhcp_agent_service]],
- }
- }
- if hiera('neutron::enable_dhcp_agent',true) and hiera('neutron::enable_ovs_agent',true) {
- pacemaker::constraint::base { 'neutron-server-to-openvswitch-agent-constraint':
- constraint_type => 'order',
- first_resource => "${::neutron::params::server_service}-clone",
- second_resource => "${::neutron::params::ovs_agent_service}-clone",
- first_action => 'start',
- second_action => 'start',
- require => [Pacemaker::Resource::Service[$::neutron::params::server_service],
- Pacemaker::Resource::Service[$::neutron::params::ovs_agent_service]],
- }
-
- pacemaker::constraint::colocation { 'neutron-openvswitch-agent-to-dhcp-agent-colocation':
- source => "${::neutron::params::dhcp_agent_service}-clone",
- target => "${::neutron::params::ovs_agent_service}-clone",
- score => 'INFINITY',
- require => [Pacemaker::Resource::Service[$::neutron::params::ovs_agent_service],
- Pacemaker::Resource::Service[$::neutron::params::dhcp_agent_service]],
- }
- }
- if hiera('neutron::enable_dhcp_agent',true) and hiera('neutron::enable_l3_agent',true) {
- pacemaker::constraint::base { 'neutron-dhcp-agent-to-l3-agent-constraint':
- constraint_type => 'order',
- first_resource => "${::neutron::params::dhcp_agent_service}-clone",
- second_resource => "${::neutron::params::l3_agent_service}-clone",
- first_action => 'start',
- second_action => 'start',
- require => [Pacemaker::Resource::Service[$::neutron::params::dhcp_agent_service],
- Pacemaker::Resource::Service[$::neutron::params::l3_agent_service]]
- }
- pacemaker::constraint::colocation { 'neutron-dhcp-agent-to-l3-agent-colocation':
- source => "${::neutron::params::l3_agent_service}-clone",
- target => "${::neutron::params::dhcp_agent_service}-clone",
- score => 'INFINITY',
- require => [Pacemaker::Resource::Service[$::neutron::params::dhcp_agent_service],
- Pacemaker::Resource::Service[$::neutron::params::l3_agent_service]]
- }
- }
- if hiera('neutron::enable_l3_agent',true) and hiera('neutron::enable_metadata_agent',true) {
- pacemaker::constraint::base { 'neutron-l3-agent-to-metadata-agent-constraint':
- constraint_type => 'order',
- first_resource => "${::neutron::params::l3_agent_service}-clone",
- second_resource => "${::neutron::params::metadata_agent_service}-clone",
- first_action => 'start',
- second_action => 'start',
- require => [Pacemaker::Resource::Service[$::neutron::params::l3_agent_service],
- Pacemaker::Resource::Service[$::neutron::params::metadata_agent_service]]
- }
- pacemaker::constraint::colocation { 'neutron-l3-agent-to-metadata-agent-colocation':
- source => "${::neutron::params::metadata_agent_service}-clone",
- target => "${::neutron::params::l3_agent_service}-clone",
- score => 'INFINITY',
- require => [Pacemaker::Resource::Service[$::neutron::params::l3_agent_service],
- Pacemaker::Resource::Service[$::neutron::params::metadata_agent_service]]
- }
- }
if hiera('neutron::core_plugin') == 'midonet.neutron.plugin_v1.MidonetPluginV2' {
#midonet-chain chain keystone-->neutron-server-->dhcp-->metadata->tomcat
pacemaker::constraint::base { 'neutron-server-to-dhcp-agent-constraint':
--- /dev/null
+heat_template_version: 2016-04-08
+
+description: >
+ OpenStack Neutron base service. Shared for all Neutron agents.
+
+parameters:
+ RabbitPassword:
+ description: The password for RabbitMQ
+ type: string
+ hidden: true
+ RabbitUserName:
+ default: guest
+ description: The username for RabbitMQ
+ type: string
+ RabbitClientUseSSL:
+ default: false
+ description: >
+ Rabbit client subscriber parameter to specify
+ an SSL connection to the RabbitMQ host.
+ type: string
+ RabbitClientPort:
+ default: 5672
+ description: Set rabbit subscriber port, change this if using SSL
+ type: number
+ NeutronDhcpAgentsPerNetwork:
+ type: number
+ default: 3
+ description: The number of neutron dhcp agents to schedule per network
+ Debug:
+ type: string
+ default: ''
+ description: Set to True to enable debugging on all services.
+
+outputs:
+ role_data:
+ description: Role data for the Neutron base service.
+ value:
+ config_settings:
+ neutron::rabbit_password: {get_param: RabbitPassword}
+ neutron::rabbit_user: {get_param: RabbitUserName}
+ neutron::rabbit_use_ssl: {get_param: RabbitClientUseSSL}
+ neutron::rabbit_port: {get_param: RabbitClientPort}
+ neutron::dhcp_agents_per_network: {get_param: NeutronDhcpAgentsPerNetwork}
+ neutron::debug: {get_param: Debug}
--- /dev/null
+heat_template_version: 2016-04-08
+
+description: >
+ OpenStack Neutron DHCP agent configured with Puppet
+
+parameters:
+ EndpointMap:
+ default: {}
+ description: Mapping of service endpoint -> protocol. Typically set
+ via parameter_defaults in the resource registry.
+ type: json
+ MysqlVirtualIPUri:
+ type: string
+ default: ''
+ NeutronEnableIsolatedMetadata:
+ default: 'False'
+ description: If True, DHCP provide metadata route to VM.
+ type: string
+ NeutronDnsmasqOptions:
+ default: 'dhcp-option-force=26,%MTU%'
+ description: >
+ Dnsmasq options for neutron-dhcp-agent. The default value here forces MTU
+ to be set to the value of NeutronTenantMtu, which should be set to account
+ for tunnel overhead.
+ type: string
+ NeutronTenantMtu:
+ description: >
+ The default MTU for tenant networks. For VXLAN/GRE tunneling, this should
+ be at least 50 bytes smaller than the MTU on the physical network. This
+ value will be used to set the MTU on the virtual Ethernet device.
+ This value will be used to construct the NeutronDnsmasqOptions, since that
+ will determine the MTU that is assigned to the VM host through DHCP.
+ default: "1400"
+ type: string
+
+resources:
+
+ NeutronBase:
+ type: ./neutron-base.yaml
+
+outputs:
+ role_data:
+ description: Role data for the Neutron DHCP agent service.
+ value:
+ config_settings:
+ map_merge:
+ - get_attr: [NeutronBase, role_data, config_settings]
+ - neutron::agents::dhcp::dnsmasq_config_file: /etc/neutron/dnsmasq-neutron.conf
+ tripleo::profile::base::neutron::dhcp:
+ str_replace:
+ template: {get_param: NeutronDnsmasqOptions}
+ params:
+ '%MTU%': {get_param: NeutronTenantMtu}
+ neutron::agents::dhcp::enable_isolated_metadata: {get_param: NeutronEnableIsolatedMetadata}
+ step_config: |
+ include tripleo::profile::base::neutron::dhcp
--- /dev/null
+heat_template_version: 2016-04-08
+
+description: >
+ OpenStack Neutron DHCP service with Pacemaker configured with Puppet.
+
+parameters:
+ EndpointMap:
+ default: {}
+ description: Mapping of service endpoint -> protocol. Typically set
+ via parameter_defaults in the resource registry.
+ type: json
+ MysqlVirtualIPUri:
+ type: string
+ default: ''
+
+resources:
+
+ NeutronDhcpBase:
+ type: ../neutron-dhcp.yaml
+ properties:
+ EndpointMap: {get_param: EndpointMap}
+ MysqlVirtualIPUri: {get_param: MysqlVirtualIPUri}
+
+outputs:
+ role_data:
+ description: Role data for the Neutron DHCP role.
+ value:
+ config_settings:
+ map_merge:
+ - get_attr: [NeutronDhcpBase, role_data, config_settings]
+ - tripleo::profile::pacemaker::neutron::enable_dhcp: True
+ step_config: |
+ include ::tripleo::profile::pacemaker::neutron::dhcp
Code Review / apex-tripleo-heat-templates.git / commitdiff