# This is a cross-platform list tracking distribution packages needed by tests;
# see http://docs.openstack.org/infra/bindep/ for additional information.
+libssl-dev [platform:dpkg]
+openssl-devel [platform:rpm]
description: Enables Neutron BGPVPN Service Plugin
requires:
- overcloud-resource-registry-puppet.yaml
+ - file: environments/services/neutron-lbaasv2.yaml
+ title: Neutron LBaaSv2 Service Plugin
+ description: Enables Neutron LBaaSv2 Service Plugin and Agent
+ requires:
+ - overcloud-resource-registry-puppet.yaml
- file: environments/neutron-ml2-bigswitch.yaml
title: BigSwitch Extensions
description: >
--- /dev/null
+heat_template_version: pike
+
+description: >
+ Software Config to drive validations that occur on all nodes.
+ Note, you need the heat-config-script element built into your
+ images, due to the script group below.
+
+ This implementation of the validations is a noop that always reports success.
+
+parameters:
+ PingTestIps:
+ default: ''
+ description: A string containing a space separated list of IP addresses used to ping test each available network interface.
+ type: string
+ ValidateFqdn:
+ default: false
+ description: Optional validation to ensure FQDN as set by Nova matches the name set in /etc/hosts.
+ type: boolean
+ ValidateNtp:
+ default: true
+ description: Validation to ensure at least one time source is accessible.
+ type: boolean
+
+resources:
+ AllNodesValidationsImpl:
+ type: OS::Heat::SoftwareConfig
+ properties:
+ group: script
+ inputs:
+ - name: ping_test_ips
+ default: {get_param: PingTestIps}
+ - name: validate_fqdn
+ default: {get_param: ValidateFqdn}
+ - name: validate_ntp
+ default: {get_param: ValidateNtp}
+ config: |
+ #!/bin/bash
+ exit 0
+
+outputs:
+ OS::stack_id:
+ description: The ID of the AllNodesValidationsImpl resource.
+ value: {get_resource: AllNodesValidationsImpl}
# mapping at all. After we stop CI'ing Ocata->Pike upgrade, we can
# remove this.
OS::TripleO::Services::Docker: OS::Heat::None
+ # Some infra instances don't pass the ping test but are otherwise working.
+ # Since the OVB jobs also test this functionality we can shut it off here.
+ OS::TripleO::AllNodes::Validation: ../common/all-nodes-validation-disabled.yaml
parameter_defaults:
ControllerServices:
OS::TripleO::Tasks::ControllerPreConfig: ../../extraconfig/tasks/pre_puppet_pacemaker.yaml
OS::TripleO::Tasks::ControllerPostConfig: ../../extraconfig/tasks/post_puppet_pacemaker.yaml
OS::TripleO::Tasks::ControllerPostPuppetRestart: ../../extraconfig/tasks/post_puppet_pacemaker_restart.yaml
+ # Some infra instances don't pass the ping test but are otherwise working.
+ # Since the OVB jobs also test this functionality we can shut it off here.
+ OS::TripleO::AllNodes::Validation: ../common/all-nodes-validation-disabled.yaml
parameter_defaults:
ControllerServices:
OS::TripleO::Services::PankoApi: ../../docker/services/panko-api.yaml
OS::TripleO::Services::Collectd: ../../docker/services/collectd.yaml
OS::TripleO::Services::Tacker: ../../docker/services/tacker.yaml
- OS::TripleO::Services::Congress: ../../docker/services/congress-api.yaml
+ OS::TripleO::Services::Congress: ../../docker/services/congress.yaml
# TODO fluentd is being containerized: https://review.openstack.org/#/c/467072/
OS::TripleO::Services::FluentdClient: ../../puppet/services/logging/fluentd-client.yaml
OS::TripleO::Services::SensuClient: ../../docker/services/sensu-client.yaml
# mapping at all. After we stop CI'ing Ocata->Pike upgrade, we can
# remove this.
OS::TripleO::Services::Docker: OS::Heat::None
+ # Some infra instances don't pass the ping test but are otherwise working.
+ # Since the OVB jobs also test this functionality we can shut it off here.
+ OS::TripleO::AllNodes::Validation: ../common/all-nodes-validation-disabled.yaml
parameter_defaults:
ControllerServices:
OS::TripleO::Tasks::ControllerPostPuppetRestart: ../../extraconfig/tasks/post_puppet_pacemaker_restart.yaml
OS::TripleO::Services::FluentdClient: ../../puppet/services/logging/fluentd-client.yaml
OS::TripleO::Services::SensuClient: ../../puppet/services/monitoring/sensu-client.yaml
+ # Some infra instances don't pass the ping test but are otherwise working.
+ # Since the OVB jobs also test this functionality we can shut it off here.
+ OS::TripleO::AllNodes::Validation: ../common/all-nodes-validation-disabled.yaml
parameter_defaults:
ControllerServices:
# mapping at all. After we stop CI'ing Ocata->Pike upgrade, we can
# remove this.
OS::TripleO::Services::Docker: OS::Heat::None
+ # Some infra instances don't pass the ping test but are otherwise working.
+ # Since the OVB jobs also test this functionality we can shut it off here.
+ OS::TripleO::AllNodes::Validation: ../common/all-nodes-validation-disabled.yaml
parameter_defaults:
ControllerServices:
OS::TripleO::Tasks::ControllerPreConfig: ../../extraconfig/tasks/pre_puppet_pacemaker.yaml
OS::TripleO::Tasks::ControllerPostConfig: ../../extraconfig/tasks/post_puppet_pacemaker.yaml
OS::TripleO::Tasks::ControllerPostPuppetRestart: ../../extraconfig/tasks/post_puppet_pacemaker_restart.yaml
+ # Some infra instances don't pass the ping test but are otherwise working.
+ # Since the OVB jobs also test this functionality we can shut it off here.
+ OS::TripleO::AllNodes::Validation: ../common/all-nodes-validation-disabled.yaml
parameter_defaults:
ControllerServices:
# mapping at all. After we stop CI'ing Ocata->Pike upgrade, we can
# remove this.
OS::TripleO::Services::Docker: OS::Heat::None
+ # Some infra instances don't pass the ping test but are otherwise working.
+ # Since the OVB jobs also test this functionality we can shut it off here.
+ OS::TripleO::AllNodes::Validation: ../common/all-nodes-validation-disabled.yaml
parameter_defaults:
ControllerServices:
OS::TripleO::Tasks::ControllerPreConfig: ../../extraconfig/tasks/pre_puppet_pacemaker.yaml
OS::TripleO::Tasks::ControllerPostConfig: ../../extraconfig/tasks/post_puppet_pacemaker.yaml
OS::TripleO::Tasks::ControllerPostPuppetRestart: ../../extraconfig/tasks/post_puppet_pacemaker_restart.yaml
+ # Some infra instances don't pass the ping test but are otherwise working.
+ # Since the OVB jobs also test this functionality we can shut it off here.
+ OS::TripleO::AllNodes::Validation: ../common/all-nodes-validation-disabled.yaml
parameter_defaults:
ControllerServices:
# mapping at all. After we stop CI'ing Ocata->Pike upgrade, we can
# remove this.
OS::TripleO::Services::Docker: OS::Heat::None
+ # Some infra instances don't pass the ping test but are otherwise working.
+ # Since the OVB jobs also test this functionality we can shut it off here.
+ OS::TripleO::AllNodes::Validation: ../common/all-nodes-validation-disabled.yaml
parameter_defaults:
OS::TripleO::Services::Redis: ../../puppet/services/pacemaker/database/redis.yaml
OS::TripleO::Services::MySQL: ../../puppet/services/pacemaker/database/mysql.yaml
OS::TripleO::Services::Keepalived: OS::Heat::None
+ # Some infra instances don't pass the ping test but are otherwise working.
+ # Since the OVB jobs also test this functionality we can shut it off here.
+ OS::TripleO::AllNodes::Validation: ../common/all-nodes-validation-disabled.yaml
parameter_defaults:
ContainersCommon:
type: ./containers-common.yaml
- CongressApiBase:
+ CongressBase:
type: ../../puppet/services/congress.yaml
properties:
EndpointMap: {get_param: EndpointMap}
role_data:
description: Role data for the Congress API role.
value:
- service_name: {get_attr: [CongressApiBase, role_data, service_name]}
+ service_name: {get_attr: [CongressBase, role_data, service_name]}
config_settings:
map_merge:
- - get_attr: [CongressApiBase, role_data, config_settings]
+ - get_attr: [CongressBase, role_data, config_settings]
step_config: &step_config
- get_attr: [CongressApiBase, role_data, step_config]
- service_config_settings: {get_attr: [CongressApiBase, role_data, service_config_settings]}
+ get_attr: [CongressBase, role_data, step_config]
+ service_config_settings: {get_attr: [CongressBase, role_data, service_config_settings]}
# BEGIN DOCKER SETTINGS
puppet_config:
config_volume: congress
resource_registry:
- OS::TripleO::Services::Congress: ../../docker/services/congress-api.yaml
+ OS::TripleO::Services::Congress: ../../docker/services/congress.yaml
--- /dev/null
+# A Heat environment file that can be used to deploy Neutron LBaaSv2 service
+#
+# Currently there are only two interface drivers for Neutron LBaaSv2
+# The default option is the standard OVS driver the other option is to be used
+# when linux bridges are used instead of OVS
+# In order to enable other backend, replace the content of NeutronLbaasInterfaceDriver
+#
+# - OVS: neutron.agent.linux.interface.OVSInterfaceDriver
+# - LinuxBridges: neutron.agent.linux.interface.BridgeInterfaceDriver
+resource_registry:
+ OS::TripleO::Services::NeutronLbaas: ../puppet/services/neutron-lbaas.yaml
+
+parameter_defaults:
+ NeutronLbaasInterfaceDriver: "neutron.agent.linux.interface.OVSInterfaceDriver"
+ NeutronLbaasDeviceDriver: "neutron.services.loadbalancer.drivers.haproxy.namespace_driver.HaproxyNSDriver"
+ NeutronServiceProviders: ['LOADBALANCERV2:Haproxy:neutron_lbaas.drivers.haproxy.plugin_driver.HaproxyOnHostPluginDriver:default']
+
# Type: string
CinderNetappLogin: <None>
+ #
+ # Type: string
+ CinderNetappNasSecureFileOperations: false
+
+ #
+ # Type: string
+ CinderNetappNasSecureFilePermissions: false
+
#
# Type: string
CinderNetappNfsMountOptions: ''
addresses:
- ip_netmask:
get_param: StorageIpSubnet
+ # Uncomment when including environments/hyperconverged-ceph.yaml
+ #- type: vlan
+ # device: bond1
+ # vlan_id: {get_param: StorageMgmtNetworkVlanID}
+ # addresses:
+ # - ip_netmask: {get_param: StorageMgmtIpSubnet}
- type: vlan
device: bond1
vlan_id:
# Uncomment when including environments/network-management.yaml
# If setting default route on the Management interface, comment
# out the default route on the Control Plane.
- #-
- # type: vlan
+ #- type: vlan
# device: bond1
# vlan_id: {get_param: ManagementNetworkVlanID}
# addresses:
- # -
- # ip_netmask: {get_param: ManagementIpSubnet}
+ # - ip_netmask: {get_param: ManagementIpSubnet}
# routes:
- # -
- # default: true
+ # - default: true
# next_hop: {get_param: ManagementInterfaceDefaultRoute}
outputs:
OS::stack_id:
--- /dev/null
+heat_template_version: pike
+description: >
+ Software Config to drive os-net-config with 2 bonded nics on a bridge with VLANs attached for a dedicated Neutron networker role.
+parameters:
+ ControlPlaneIp:
+ default: ''
+ description: IP address/subnet on the ctlplane network
+ type: string
+ ExternalIpSubnet:
+ default: ''
+ description: IP address/subnet on the external network
+ type: string
+ InternalApiIpSubnet:
+ default: ''
+ description: IP address/subnet on the internal API network
+ type: string
+ StorageIpSubnet:
+ default: ''
+ description: IP address/subnet on the storage network
+ type: string
+ StorageMgmtIpSubnet:
+ default: ''
+ description: IP address/subnet on the storage mgmt network
+ type: string
+ TenantIpSubnet:
+ default: ''
+ description: IP address/subnet on the tenant network
+ type: string
+ ManagementIpSubnet: # Only populated when including environments/network-management.yaml
+ default: ''
+ description: IP address/subnet on the management network
+ type: string
+ BondInterfaceOvsOptions:
+ default: bond_mode=active-backup
+ description: The ovs_options string for the bond interface. Set things like lacp=active and/or bond_mode=balance-slb using
+ this option.
+ type: string
+ constraints:
+ - allowed_pattern: ^((?!balance.tcp).)*$
+ description: 'The balance-tcp bond mode is known to cause packet loss and
+ should not be used in BondInterfaceOvsOptions.
+ '
+ ExternalNetworkVlanID:
+ default: 10
+ description: Vlan ID for the external network traffic.
+ type: number
+ InternalApiNetworkVlanID:
+ default: 20
+ description: Vlan ID for the internal_api network traffic.
+ type: number
+ StorageNetworkVlanID:
+ default: 30
+ description: Vlan ID for the storage network traffic.
+ type: number
+ StorageMgmtNetworkVlanID:
+ default: 40
+ description: Vlan ID for the storage mgmt network traffic.
+ type: number
+ TenantNetworkVlanID:
+ default: 50
+ description: Vlan ID for the tenant network traffic.
+ type: number
+ ManagementNetworkVlanID:
+ default: 60
+ description: Vlan ID for the management network traffic.
+ type: number
+ ControlPlaneDefaultRoute: # Override this via parameter_defaults
+ description: The default route of the control plane network.
+ type: string
+ ExternalInterfaceDefaultRoute:
+ default: 10.0.0.1
+ description: default route for the external network
+ type: string
+ ManagementInterfaceDefaultRoute: # Commented out by default in this template
+ default: unset
+ description: The default route of the management network.
+ type: string
+ ControlPlaneSubnetCidr: # Override this via parameter_defaults
+ default: '24'
+ description: The subnet CIDR of the control plane network.
+ type: string
+ DnsServers: # Override this via parameter_defaults
+ default: []
+ description: A list of DNS servers (2 max for some implementations) that will be added to resolv.conf.
+ type: comma_delimited_list
+ EC2MetadataIp: # Override this via parameter_defaults
+ description: The IP address of the EC2 metadata server.
+ type: string
+resources:
+ OsNetConfigImpl:
+ type: OS::Heat::SoftwareConfig
+ properties:
+ group: script
+ config:
+ str_replace:
+ template:
+ get_file: ../../scripts/run-os-net-config.sh
+ params:
+ $network_config:
+ network_config:
+ - type: interface
+ name: nic1
+ use_dhcp: false
+ addresses:
+ - ip_netmask:
+ list_join:
+ - /
+ - - get_param: ControlPlaneIp
+ - get_param: ControlPlaneSubnetCidr
+ routes:
+ - ip_netmask: 169.254.169.254/32
+ next_hop:
+ get_param: EC2MetadataIp
+ - type: ovs_bridge
+ name: bridge_name
+ dns_servers:
+ get_param: DnsServers
+ members:
+ - type: ovs_bond
+ name: bond1
+ ovs_options:
+ get_param: BondInterfaceOvsOptions
+ members:
+ - type: interface
+ name: nic2
+ primary: true
+ - type: interface
+ name: nic3
+ - type: vlan
+ device: bond1
+ vlan_id:
+ get_param: ExternalNetworkVlanID
+ addresses:
+ - ip_netmask:
+ get_param: ExternalIpSubnet
+ routes:
+ - default: true
+ next_hop:
+ get_param: ExternalInterfaceDefaultRoute
+ - type: vlan
+ device: bond1
+ vlan_id:
+ get_param: InternalApiNetworkVlanID
+ addresses:
+ - ip_netmask:
+ get_param: InternalApiIpSubnet
+ - type: vlan
+ device: bond1
+ vlan_id:
+ get_param: TenantNetworkVlanID
+ addresses:
+ - ip_netmask:
+ get_param: TenantIpSubnet
+ # Uncomment when including environments/network-management.yaml
+ # If setting default route on the Management interface, comment
+ # out the default route on the External interface. This will
+ # make the External API unreachable from remote subnets.
+ #-
+ # type: vlan
+ # device: bond1
+ # vlan_id: {get_param: ManagementNetworkVlanID}
+ # addresses:
+ # -
+ # ip_netmask: {get_param: ManagementIpSubnet}
+ # routes:
+ # -
+ # default: true
+ # next_hop: {get_param: ManagementInterfaceDefaultRoute}
+outputs:
+ OS::stack_id:
+ description: The OsNetConfigImpl resource.
+ value:
+ get_resource: OsNetConfigImpl
+
addresses:
- ip_netmask:
get_param: StorageIpSubnet
+ # Uncomment when including environments/hyperconverged-ceph.yaml
+ #- type: interface
+ # name: nic3
+ # use_dhcp: false
+ # addresses:
+ # - ip_netmask: {get_param: StorageMgmtIpSubnet}
- type: interface
name: nic4
use_dhcp: false
# Uncomment when including environments/network-management.yaml
# If setting default route on the Management interface, comment
# out the default route on the Control Plane.
- #-
- # type: interface
+ #- type: interface
# name: nic7
# use_dhcp: false
# addresses:
- # -
- # ip_netmask: {get_param: ManagementIpSubnet}
+ # - ip_netmask: {get_param: ManagementIpSubnet}
# routes:
- # -
- # default: true
+ # - default: true
# next_hop: {get_param: ManagementInterfaceDefaultRoute}
outputs:
OS::stack_id:
--- /dev/null
+heat_template_version: pike
+description: >
+ Software Config to drive os-net-config to configure multiple interfaces for a dedicated Neutron networker role.
+parameters:
+ ControlPlaneIp:
+ default: ''
+ description: IP address/subnet on the ctlplane network
+ type: string
+ ExternalIpSubnet:
+ default: ''
+ description: IP address/subnet on the external network
+ type: string
+ InternalApiIpSubnet:
+ default: ''
+ description: IP address/subnet on the internal API network
+ type: string
+ StorageIpSubnet:
+ default: ''
+ description: IP address/subnet on the storage network
+ type: string
+ StorageMgmtIpSubnet:
+ default: ''
+ description: IP address/subnet on the storage mgmt network
+ type: string
+ TenantIpSubnet:
+ default: ''
+ description: IP address/subnet on the tenant network
+ type: string
+ ManagementIpSubnet: # Only populated when including environments/network-management.yaml
+ default: ''
+ description: IP address/subnet on the management network
+ type: string
+ ExternalNetworkVlanID:
+ default: 10
+ description: Vlan ID for the external network traffic.
+ type: number
+ InternalApiNetworkVlanID:
+ default: 20
+ description: Vlan ID for the internal_api network traffic.
+ type: number
+ StorageNetworkVlanID:
+ default: 30
+ description: Vlan ID for the storage network traffic.
+ type: number
+ StorageMgmtNetworkVlanID:
+ default: 40
+ description: Vlan ID for the storage mgmt network traffic.
+ type: number
+ TenantNetworkVlanID:
+ default: 50
+ description: Vlan ID for the tenant network traffic.
+ type: number
+ ManagementNetworkVlanID:
+ default: 60
+ description: Vlan ID for the management network traffic.
+ type: number
+ ControlPlaneSubnetCidr: # Override this via parameter_defaults
+ default: '24'
+ description: The subnet CIDR of the control plane network.
+ type: string
+ ControlPlaneDefaultRoute: # Override this via parameter_defaults
+ description: The default route of the control plane network.
+ type: string
+ ExternalInterfaceDefaultRoute:
+ default: 10.0.0.1
+ description: default route for the external network
+ type: string
+ ManagementInterfaceDefaultRoute: # Commented out by default in this template
+ default: unset
+ description: The default route of the management network.
+ type: string
+ DnsServers: # Override this via parameter_defaults
+ default: []
+ description: A list of DNS servers (2 max for some implementations) that will be added to resolv.conf.
+ type: comma_delimited_list
+ EC2MetadataIp: # Override this via parameter_defaults
+ description: The IP address of the EC2 metadata server.
+ type: string
+resources:
+ OsNetConfigImpl:
+ type: OS::Heat::SoftwareConfig
+ properties:
+ group: script
+ config:
+ str_replace:
+ template:
+ get_file: ../../scripts/run-os-net-config.sh
+ params:
+ $network_config:
+ network_config:
+ - type: interface
+ name: nic1
+ use_dhcp: false
+ dns_servers:
+ get_param: DnsServers
+ addresses:
+ - ip_netmask:
+ list_join:
+ - /
+ - - get_param: ControlPlaneIp
+ - get_param: ControlPlaneSubnetCidr
+ routes:
+ - ip_netmask: 169.254.169.254/32
+ next_hop:
+ get_param: EC2MetadataIp
+ - type: interface
+ name: nic4
+ use_dhcp: false
+ addresses:
+ - ip_netmask:
+ get_param: InternalApiIpSubnet
+ - type: ovs_bridge
+ name: br-tenant
+ use_dhcp: false
+ addresses:
+ - ip_netmask:
+ get_param: TenantIpSubnet
+ members:
+ - type: interface
+ name: nic5
+ use_dhcp: false
+ primary: true
+ - type: ovs_bridge
+ name: bridge_name
+ dns_servers:
+ get_param: DnsServers
+ use_dhcp: false
+ addresses:
+ - ip_netmask:
+ get_param: ExternalIpSubnet
+ routes:
+ - default: true
+ next_hop:
+ get_param: ExternalInterfaceDefaultRoute
+ members:
+ - type: interface
+ name: nic6
+ primary: true
+ # Uncomment when including environments/network-management.yaml
+ # If setting default route on the Management interface, comment
+ # out the default route on the External interface. This will
+ # make the External API unreachable from remote subnets.
+ #-
+ # type: interface
+ # name: nic7
+ # use_dhcp: false
+ # addresses:
+ # -
+ # ip_netmask: {get_param: ManagementIpSubnet}
+ # routes:
+ # -
+ # default: true
+ # next_hop: {get_param: ManagementInterfaceDefaultRoute}
+outputs:
+ OS::stack_id:
+ description: The OsNetConfigImpl resource.
+ value:
+ get_resource: OsNetConfigImpl
+
addresses:
- ip_netmask:
get_param: StorageIpSubnet
+ # Uncomment when including environments/hyperconverged-ceph.yaml
+ #- type: vlan
+ # vlan_id: {get_param: StorageMgmtNetworkVlanID}
+ # device: bridge_name
+ # addresses:
+ # - ip_netmask: {get_param: StorageMgmtIpSubnet}
- type: vlan
vlan_id:
get_param: TenantNetworkVlanID
# Uncomment when including environments/network-management.yaml
# If setting default route on the Management interface, comment
# out the default route on the Control Plane.
- #-
- # type: vlan
+ #- type: vlan
# vlan_id: {get_param: ManagementNetworkVlanID}
# device: bridge_name
# addresses:
- # -
- # ip_netmask: {get_param: ManagementIpSubnet}
+ # - ip_netmask: {get_param: ManagementIpSubnet}
# routes:
- # -
- # default: true
+ # - default: true
# next_hop: {get_param: ManagementInterfaceDefaultRoute}
outputs:
OS::stack_id:
--- /dev/null
+heat_template_version: pike
+description: >
+ Software Config to drive os-net-config to configure VLANs for a dedicated Neutron networker role.
+parameters:
+ ControlPlaneIp:
+ default: ''
+ description: IP address/subnet on the ctlplane network
+ type: string
+ ExternalIpSubnet:
+ default: ''
+ description: IP address/subnet on the external network
+ type: string
+ InternalApiIpSubnet:
+ default: ''
+ description: IP address/subnet on the internal API network
+ type: string
+ StorageIpSubnet:
+ default: ''
+ description: IP address/subnet on the storage network
+ type: string
+ StorageMgmtIpSubnet:
+ default: ''
+ description: IP address/subnet on the storage mgmt network
+ type: string
+ TenantIpSubnet:
+ default: ''
+ description: IP address/subnet on the tenant network
+ type: string
+ ManagementIpSubnet: # Only populated when including environments/network-management.yaml
+ default: ''
+ description: IP address/subnet on the management network
+ type: string
+ ExternalNetworkVlanID:
+ default: 10
+ description: Vlan ID for the external network traffic.
+ type: number
+ InternalApiNetworkVlanID:
+ default: 20
+ description: Vlan ID for the internal_api network traffic.
+ type: number
+ StorageNetworkVlanID:
+ default: 30
+ description: Vlan ID for the storage network traffic.
+ type: number
+ StorageMgmtNetworkVlanID:
+ default: 40
+ description: Vlan ID for the storage mgmt network traffic.
+ type: number
+ TenantNetworkVlanID:
+ default: 50
+ description: Vlan ID for the tenant network traffic.
+ type: number
+ ManagementNetworkVlanID:
+ default: 60
+ description: Vlan ID for the management network traffic.
+ type: number
+ ControlPlaneDefaultRoute: # Override this via parameter_defaults
+ description: The default route of the control plane network.
+ type: string
+ ExternalInterfaceDefaultRoute:
+ default: 10.0.0.1
+ description: default route for the external network
+ type: string
+ ManagementInterfaceDefaultRoute: # Commented out by default in this template
+ default: unset
+ description: The default route of the management network.
+ type: string
+ ControlPlaneSubnetCidr: # Override this via parameter_defaults
+ default: '24'
+ description: The subnet CIDR of the control plane network.
+ type: string
+ DnsServers: # Override this via parameter_defaults
+ default: []
+ description: A list of DNS servers (2 max for some implementations) that will be added to resolv.conf.
+ type: comma_delimited_list
+ EC2MetadataIp: # Override this via parameter_defaults
+ description: The IP address of the EC2 metadata server.
+ type: string
+resources:
+ OsNetConfigImpl:
+ type: OS::Heat::SoftwareConfig
+ properties:
+ group: script
+ config:
+ str_replace:
+ template:
+ get_file: ../../scripts/run-os-net-config.sh
+ params:
+ $network_config:
+ network_config:
+ - type: linux_bridge
+ name: bridge_name
+ use_dhcp: false
+ dns_servers:
+ get_param: DnsServers
+ addresses:
+ - ip_netmask:
+ list_join:
+ - /
+ - - get_param: ControlPlaneIp
+ - get_param: ControlPlaneSubnetCidr
+ routes:
+ - ip_netmask: 169.254.169.254/32
+ next_hop:
+ get_param: EC2MetadataIp
+ - default: true
+ next_hop:
+ get_param: ControlPlaneDefaultRoute
+ members:
+ - type: interface
+ # NOTE: "interface_name" will be replaced by the value of NeutronPublicInterface,
+ # default is "nic1". Set this value via parameter_defaults in an environment file.
+ name: interface_name
+ primary: true
+ - type: vlan
+ vlan_id:
+ get_param: ExternalNetworkVlanID
+ device: bridge_name
+ addresses:
+ - ip_netmask:
+ get_param: ExternalIpSubnet
+ routes:
+ - default: true
+ next_hop:
+ get_param: ExternalInterfaceDefaultRoute
+ - type: vlan
+ vlan_id:
+ get_param: InternalApiNetworkVlanID
+ device: bridge_name
+ addresses:
+ - ip_netmask:
+ get_param: InternalApiIpSubnet
+ - type: vlan
+ vlan_id:
+ get_param: TenantNetworkVlanID
+ device: bridge_name
+ addresses:
+ - ip_netmask:
+ get_param: TenantIpSubnet
+ # Uncomment when including environments/network-management.yaml
+ # If setting default route on the Management interface, comment
+ # out the default route on the External interface. This will
+ # make the External API unreachable from remote subnets.
+ #-
+ # type: vlan
+ # vlan_id: {get_param: ManagementNetworkVlanID}
+ # device: bridge_name
+ # addresses:
+ # -
+ # ip_netmask: {get_param: ManagementIpSubnet}
+ # routes:
+ # -
+ # default: true
+ # next_hop: {get_param: ManagementInterfaceDefaultRoute}
+outputs:
+ OS::stack_id:
+ description: The OsNetConfigImpl resource.
+ value:
+ get_resource: OsNetConfigImpl
+
default: 30
description: Vlan ID for the storage network traffic.
type: number
+ StorageMgmtNetworkVlanID:
+ default: 40
+ description: Vlan ID for the storage mgmt network traffic.
+ type: number
TenantNetworkVlanID:
default: 50
description: Vlan ID for the tenant network traffic.
addresses:
- ip_netmask:
get_param: StorageIpSubnet
+ # Uncomment when including environments/hyperconverged-ceph.yaml
+ #- type: vlan
+ # vlan_id: {get_param: StorageMgmtNetworkVlanID}
+ # addresses:
+ # - ip_netmask: {get_param: StorageMgmtIpSubnet}
- type: vlan
vlan_id:
get_param: TenantNetworkVlanID
# Uncomment when including environments/network-management.yaml
# If setting default route on the Management interface, comment
# out the default route on the Control Plane.
- #-
- # type: vlan
+ #- type: vlan
# vlan_id: {get_param: ManagementNetworkVlanID}
# addresses:
- # -
- # ip_netmask: {get_param: ManagementIpSubnet}
+ # - ip_netmask: {get_param: ManagementIpSubnet}
# routes:
- # -
- # default: true
+ # - default: true
# next_hop: {get_param: ManagementInterfaceDefaultRoute}
outputs:
OS::stack_id:
--- /dev/null
+heat_template_version: pike
+description: >
+ Software Config to drive os-net-config to configure VLANs for a dedicated Neutron networker role.
+parameters:
+ ControlPlaneIp:
+ default: ''
+ description: IP address/subnet on the ctlplane network
+ type: string
+ ExternalIpSubnet:
+ default: ''
+ description: IP address/subnet on the external network
+ type: string
+ InternalApiIpSubnet:
+ default: ''
+ description: IP address/subnet on the internal API network
+ type: string
+ StorageIpSubnet:
+ default: ''
+ description: IP address/subnet on the storage network
+ type: string
+ StorageMgmtIpSubnet:
+ default: ''
+ description: IP address/subnet on the storage mgmt network
+ type: string
+ TenantIpSubnet:
+ default: ''
+ description: IP address/subnet on the tenant network
+ type: string
+ ManagementIpSubnet: # Only populated when including environments/network-management.yaml
+ default: ''
+ description: IP address/subnet on the management network
+ type: string
+ ExternalNetworkVlanID:
+ default: 10
+ description: Vlan ID for the external network traffic.
+ type: number
+ InternalApiNetworkVlanID:
+ default: 20
+ description: Vlan ID for the internal_api network traffic.
+ type: number
+ StorageNetworkVlanID:
+ default: 30
+ description: Vlan ID for the storage network traffic.
+ type: number
+ StorageMgmtNetworkVlanID:
+ default: 40
+ description: Vlan ID for the storage mgmt network traffic.
+ type: number
+ TenantNetworkVlanID:
+ default: 50
+ description: Vlan ID for the tenant network traffic.
+ type: number
+ ManagementNetworkVlanID:
+ default: 60
+ description: Vlan ID for the management network traffic.
+ type: number
+ ControlPlaneDefaultRoute: # Override this via parameter_defaults
+ description: The default route of the control plane network.
+ type: string
+ ExternalInterfaceDefaultRoute:
+ default: 10.0.0.1
+ description: default route for the external network
+ type: string
+ ManagementInterfaceDefaultRoute: # Commented out by default in this template
+ default: unset
+ description: The default route of the management network.
+ type: string
+ ControlPlaneSubnetCidr: # Override this via parameter_defaults
+ default: '24'
+ description: The subnet CIDR of the control plane network.
+ type: string
+ DnsServers: # Override this via parameter_defaults
+ default: []
+ description: A list of DNS servers (2 max for some implementations) that will be added to resolv.conf.
+ type: comma_delimited_list
+ EC2MetadataIp: # Override this via parameter_defaults
+ description: The IP address of the EC2 metadata server.
+ type: string
+resources:
+ OsNetConfigImpl:
+ type: OS::Heat::SoftwareConfig
+ properties:
+ group: script
+ config:
+ str_replace:
+ template:
+ get_file: ../../scripts/run-os-net-config.sh
+ params:
+ $network_config:
+ network_config:
+ - type: ovs_bridge
+ name: bridge_name
+ use_dhcp: false
+ dns_servers:
+ get_param: DnsServers
+ addresses:
+ - ip_netmask:
+ list_join:
+ - /
+ - - get_param: ControlPlaneIp
+ - get_param: ControlPlaneSubnetCidr
+ routes:
+ - ip_netmask: 169.254.169.254/32
+ next_hop:
+ get_param: EC2MetadataIp
+ members:
+ - type: interface
+ name: nic1
+ # force the MAC address of the bridge to this interface
+ primary: true
+ - type: vlan
+ vlan_id:
+ get_param: ExternalNetworkVlanID
+ addresses:
+ - ip_netmask:
+ get_param: ExternalIpSubnet
+ routes:
+ - default: true
+ next_hop:
+ get_param: ExternalInterfaceDefaultRoute
+ - type: vlan
+ vlan_id:
+ get_param: InternalApiNetworkVlanID
+ addresses:
+ - ip_netmask:
+ get_param: InternalApiIpSubnet
+ - type: vlan
+ vlan_id:
+ get_param: TenantNetworkVlanID
+ addresses:
+ - ip_netmask:
+ get_param: TenantIpSubnet
+ # Uncomment when including environments/network-management.yaml
+ # If setting default route on the Management interface, comment
+ # out the default route on the External interface. This will
+ # make the External API unreachable from remote subnets.
+ #-
+ # type: vlan
+ # vlan_id: {get_param: ManagementNetworkVlanID}
+ # addresses:
+ # -
+ # ip_netmask: {get_param: ManagementIpSubnet}
+ # routes:
+ # -
+ # default: true
+ # next_hop: {get_param: ManagementInterfaceDefaultRoute}
+outputs:
+ OS::stack_id:
+ description: The OsNetConfigImpl resource.
+ value:
+ get_resource: OsNetConfigImpl
+
OS::TripleO::Services::NeutronL2gwApi: OS::Heat::None
OS::TripleO::Services::NeutronL3Agent: puppet/services/neutron-l3.yaml
OS::TripleO::Services::NeutronL2gwAgent: OS::Heat::None
+ OS::TripleO::Services::NeutronLbaasv2Agent: OS::Heat::None
OS::TripleO::Services::NeutronMetadataAgent: puppet/services/neutron-metadata.yaml
# FIXME(shardy) the duplicate NeutronServer line can be removed when we've updated
# the multinode job ControllerServices after this patch merges
--- /dev/null
+heat_template_version: pike
+
+description: >
+ Neutron LBaaS service configured with Puppet
+
+parameters:
+ ServiceNetMap:
+ default: {}
+ description: Mapping of service_name -> network name. Typically set
+ via parameter_defaults in the resource registry. This
+ mapping overrides those in ServiceNetMapDefaults.
+ type: json
+ DefaultPasswords:
+ default: {}
+ type: json
+ RoleName:
+ default: ''
+ description: Role name on which the service is applied
+ type: string
+ RoleParameters:
+ default: {}
+ description: Parameters specific to the role
+ type: json
+ EndpointMap:
+ default: {}
+ description: Mapping of service endpoint -> protocol. Typically set
+ via parameter_defaults in the resource registry.
+ type: json
+ NeutronLbaasInterfaceDriver:
+ default: 'neutron.agent.linux.interface.OVSInterfaceDriver'
+ type: string
+ NeutronLbaasDeviceDriver:
+ default: 'neutron.services.loadbalancer.drivers.haproxy.namespace_driver.HaproxyNSDriver'
+ type: string
+ NeutronServiceProviders:
+ default: 'LOADBALANCERV2:Haproxy:neutron_lbaas.drivers.haproxy.plugin_driver.HaproxyOnHostPluginDriver:default'
+ description: Global list of service providers used by neutron. This
+ list should be passed in to ensure all service
+ providers desired by the user are included. The
+ provided default value only set the provider for the LBaaSv2
+ subsystem.This is currently incompatible with enabling
+ octavia-api as one service or the other will break because the defaults are different.
+ type: comma_delimited_list
+
+resources:
+
+ NeutronBase:
+ type: ./neutron-base.yaml
+ properties:
+ ServiceNetMap: {get_param: ServiceNetMap}
+ DefaultPasswords: {get_param: DefaultPasswords}
+ EndpointMap: {get_param: EndpointMap}
+ RoleName: {get_param: RoleName}
+ RoleParameters: {get_param: RoleParameters}
+
+outputs:
+ role_data:
+ description: Role data for the Neutron LBaaS role.
+ value:
+ service_name: neutron_lbaas
+ config_settings:
+ map_merge:
+ - get_attr: [NeutronBase, role_data, config_settings]
+ - neutron::agents::lbaas::interface_driver: {get_param: NeutronLbaasInterfaceDriver}
+ neutron::agents::lbaas::device_driver: {get_param: NeutronLbaasDeviceDriver}
+ step_config: |
+ include ::tripleo::profile::base::neutron::lbaas
+ service_config_settings:
+ neutron_api:
+ neutron::server::service_providers: {get_param: NeutronServiceProviders}
--- /dev/null
+---
+features:
+ - Allows the configuration of the Neutron LBaaS
+ agent.
\ No newline at end of file
--- /dev/null
+---
+features:
+ - |
+ The roles_data.yaml and roles_data_undercloud.yaml can be generated with
+ tox using ``tox -e genrolesdata``.
+ - |
+ pep8 now checks that the roles_data.yaml and roles_data_undercloud.yaml
+ matches data generated from the roles/ files.
pbr!=2.1.0,>=2.0.0 # Apache-2.0
Jinja2!=2.9.0,!=2.9.1,!=2.9.2,!=2.9.3,!=2.9.4,>=2.8 # BSD License (3 clause)
six>=1.9.0 # MIT
+tripleo-common>=7.1.0 # Apache-2.0
- OS::TripleO::Services::CinderHPELeftHandISCSI
- OS::TripleO::Services::CinderScheduler
- OS::TripleO::Services::CinderVolume
+ - OS::TripleO::Services::Clustercheck
- OS::TripleO::Services::Collectd
- OS::TripleO::Services::Congress
- - OS::TripleO::Services::Clustercheck
- OS::TripleO::Services::Docker
- OS::TripleO::Services::Ec2Api
- OS::TripleO::Services::Etcd
- OS::TripleO::Services::NeutronL2gwAgent
- OS::TripleO::Services::NeutronL2gwApi
- OS::TripleO::Services::NeutronL3Agent
+ - OS::TripleO::Services::NeutronLbaasv2Agent
- OS::TripleO::Services::NeutronLinuxbridgeAgent
- OS::TripleO::Services::NeutronMetadataAgent
- OS::TripleO::Services::NeutronML2FujitsuCfab
- OS::TripleO::Services::Kernel
- OS::TripleO::Services::MySQLClient
- OS::TripleO::Services::NeutronApi
- - OS::TripleO::Services::NeutronBgpvpnApi
+ - OS::TripleO::Services::NeutronBgpVpnApi
- OS::TripleO::Services::NeutronCorePlugin
- OS::TripleO::Services::NeutronDhcpAgent
- OS::TripleO::Services::NeutronL2gwAgent
- OS::TripleO::Services::NeutronL2gwApi
- OS::TripleO::Services::NeutronL3Agent
+ - OS::TripleO::Services::NeutronLbaasv2Agent
- OS::TripleO::Services::NeutronMetadataAgent
- OS::TripleO::Services::NeutronML2FujitsuCfab
- OS::TripleO::Services::NeutronML2FujitsuFossw
- OS::TripleO::Services::HeatEngine
- OS::TripleO::Services::IronicApi
- OS::TripleO::Services::IronicConductor
+ - OS::TripleO::Services::IronicInspector
- OS::TripleO::Services::IronicPxe
- OS::TripleO::Services::Iscsid
- OS::TripleO::Services::Keystone
- OS::TripleO::Services::UndercloudAodhListener
- OS::TripleO::Services::UndercloudAodhNotifier
- OS::TripleO::Services::UndercloudCeilometerAgentCentral
+ - OS::TripleO::Services::UndercloudCeilometerAgentIpmi
- OS::TripleO::Services::UndercloudCeilometerAgentNotification
- OS::TripleO::Services::UndercloudGnocchiApi
- OS::TripleO::Services::UndercloudGnocchiMetricd
###############################################################################
-# File generated by tripleoclient
+# File generated by TripleO
###############################################################################
###############################################################################
# Role: Controller #
- OS::TripleO::Services::NeutronL2gwAgent
- OS::TripleO::Services::NeutronL2gwApi
- OS::TripleO::Services::NeutronL3Agent
+ - OS::TripleO::Services::NeutronLbaasv2Agent
- OS::TripleO::Services::NeutronLinuxbridgeAgent
- OS::TripleO::Services::NeutronMetadataAgent
- OS::TripleO::Services::NeutronML2FujitsuCfab
- OS::TripleO::Services::Timezone
- OS::TripleO::Services::TripleoFirewall
- OS::TripleO::Services::TripleoPackages
+
###############################################################################
-# File generated by tripleoclient
+# File generated by TripleO
###############################################################################
###############################################################################
# Role: Undercloud #
- OS::TripleO::Services::UndercloudGnocchiStatsd
- OS::TripleO::Services::UndercloudPankoApi
- OS::TripleO::Services::Zaqar
+
--- /dev/null
+#!/bin/bash
+#
+# Copyright 2017 Red Hat, Inc.
+#
+# Licensed under the Apache License, Version 2.0 (the "License"); you may
+# not use this file except in compliance with the License. You may obtain
+# a copy of the License at
+#
+# http://www.apache.org/licenses/LICENSE-2.0
+#
+# Unless required by applicable law or agreed to in writing, software
+# distributed under the License is distributed on an "AS IS" BASIS, WITHOUT
+# WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the
+# License for the specific language governing permissions and limitations
+# under the License.
+#
+set -e
+
+SCRIPT_DIR=$(cd `dirname $0` && pwd -P)
+OUTPUT_DIR=${OUTPUT_DIR:-$(cd "${SCRIPT_DIR}/../" && pwd -P)}
+
+echo "Generating ${OUTPUT_DIR}/roles_data.yaml"
+$SCRIPT_DIR/roles-data-generate.py Controller Compute BlockStorage ObjectStorage CephStorage > $OUTPUT_DIR/roles_data.yaml
+
+echo "Generating ${OUTPUT_DIR}/roles_data_undercloud.yaml"
+$SCRIPT_DIR/roles-data-generate.py Undercloud > $OUTPUT_DIR/roles_data_undercloud.yaml
--- /dev/null
+#!/usr/bin/env python
+#
+# Copyright 2017 Red Hat, Inc.
+#
+# Licensed under the Apache License, Version 2.0 (the "License"); you may
+# not use this file except in compliance with the License. You may obtain
+# a copy of the License at
+#
+# http://www.apache.org/licenses/LICENSE-2.0
+#
+# Unless required by applicable law or agreed to in writing, software
+# distributed under the License is distributed on an "AS IS" BASIS, WITHOUT
+# WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the
+# License for the specific language governing permissions and limitations
+# under the License.
+#
+
+import argparse
+import collections
+import os
+import sys
+
+from tripleo_common.utils import roles as rolesutils
+
+__tht_root_dir = os.path.dirname(os.path.dirname(__file__))
+__tht_roles_dir = os.path.join(__tht_root_dir, 'roles')
+
+
+def parse_opts(argv):
+ parser = argparse.ArgumentParser(
+ description='Generate roles_data.yaml for requested roles. NOTE: '
+ 'This is a stripped down version of what is provided by '
+ 'the tripleoclient. The tripleoclient should be used for '
+ 'additional functionality.')
+ parser.add_argument('--roles-path', metavar='<roles directory>',
+ help="Filesystem path containing the roles yaml files",
+ default=__tht_roles_dir)
+ parser.add_argument('roles', nargs="+", metavar='<role>',
+ help='List of roles to use to generate the '
+ 'roles_data.yaml file')
+ opts = parser.parse_args(argv[1:])
+
+ return opts
+
+opts = parse_opts(sys.argv)
+
+roles = collections.OrderedDict.fromkeys(opts.roles)
+print(rolesutils.generate_roles_data_from_directory(opts.roles_path,
+ roles.keys()))
--- /dev/null
+#!/bin/bash
+#
+# Copyright 2017 Red Hat, Inc.
+#
+# Licensed under the Apache License, Version 2.0 (the "License"); you may
+# not use this file except in compliance with the License. You may obtain
+# a copy of the License at
+#
+# http://www.apache.org/licenses/LICENSE-2.0
+#
+# Unless required by applicable law or agreed to in writing, software
+# distributed under the License is distributed on an "AS IS" BASIS, WITHOUT
+# WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the
+# License for the specific language governing permissions and limitations
+# under the License.
+#
+set -e
+
+SCRIPT_DIR=$(cd `dirname $0` && pwd -P)
+THT_DIR=${OUTPUT_DIR:-$(cd "${SCRIPT_DIR}/../" && pwd -P)}
+TMPDIR=$(mktemp -d)
+
+function do_cleanup {
+ rm -rf $TMPDIR
+}
+trap do_cleanup EXIT
+
+function check_diff {
+ local thtfile=$1
+ local genfile=$2
+ echo -n "Performing diff on $thtfile $genfile... "
+ diff $thtfile $genfile > $TMPDIR/diff_results
+ if [ $? = 1 ]; then
+ echo "ERROR: Generated roles file not match the current ${thtfile}"
+ echo "Please make sure to update the appropriate roles/* files."
+ echo "Here is the diff ${thtfile} ${genfile}"
+ cat $TMPDIR/diff_results
+ exit 1
+ fi
+ echo "OK!"
+}
+
+OUTPUT_DIR=$TMPDIR
+source $SCRIPT_DIR/roles-data-generate-samples.sh
+
+set +e
+check_diff $THT_DIR/roles_data.yaml $TMPDIR/roles_data.yaml
+check_diff $THT_DIR/roles_data_undercloud.yaml $TMPDIR/roles_data_undercloud.yaml
for base_path in path_args:
if os.path.isdir(base_path):
for subdir, dirs, files in os.walk(base_path):
+ if '.tox' in dirs:
+ dirs.remove('.tox')
for f in files:
if f.endswith('.yaml') and not f.endswith('.j2.yaml'):
file_path = os.path.join(subdir, f)
commands = {posargs}
[testenv:pep8]
+whielist_externals =
+ bash
commands =
python ./tools/process-templates.py
python ./network/endpoints/build_endpoint_map.py --check
python ./tools/yaml-validate.py .
+ bash -c ./tools/roles-data-validation.sh
[testenv:templates]
commands = python ./tools/process-templates.py
commands =
python ./tools/process-templates.py
python ./tripleo_heat_templates/environment_generator.py sample-env-generator/
+
+[testenv:genroledata]
+whielist_externals =
+ bash
+commands =
+ bash -c tools/roles-data-generate-samples.sh
Code Review / apex-tripleo-heat-templates.git / commitdiff