Map Nova services to isolated networks

This change adds parameters to specify which networks the Nova API and
metadata services will use. If the internal_api network exists, it will be
used for the bind IP for Nova API and metadata servers, otherwise the
Undercloud 'ctlplane' IP will be used by default.

Change-Id: Ie420274c7fba80abf9cf2b599431acc47e28fc7a

diff --git a/overcloud-resource-registry-puppet.yaml b/overcloud-resource-registry-puppet.yaml
index fbd20bc..e2a778b 100644 (file)
--- a/overcloud-resource-registry-puppet.yaml
+++ b/overcloud-resource-registry-puppet.yaml
@@ -78,3 +78,5 @@ parameter_defaults:
     HeatApiNetwork: internal_api
     HeatApiCfnNetwork: internal_api
     HeatApiCloudwatchNetwork: internal_api
+    NovaApiNetwork: internal_api
+    NovaMetadataNetwork: internal_api

diff --git a/puppet/controller-puppet.yaml b/puppet/controller-puppet.yaml
index 169280f..2a1731d 100644 (file)
--- a/puppet/controller-puppet.yaml
+++ b/puppet/controller-puppet.yaml
@@ -870,8 +870,8 @@ resources:
                 nova::debug: {get_input: debug}
                 nova::api::auth_uri: {get_input: keystone_auth_uri}
                 nova::api::identity_uri: {get_input: keystone_identity_uri}
-                nova::api::api_bind_address: {get_input: controller_host}
-                nova::api::metadata_listen: {get_input: controller_host}
+                nova::api::api_bind_address: {get_attr: [NetIpMap, net_ip_map, {get_param: [ServiceNetMap, NovaApiNetwork]}]}
+                nova::api::metadata_listen: {get_attr: [NetIpMap, net_ip_map, {get_param: [ServiceNetMap, NovaMetadataNetwork]}]}
                 nova::api::admin_password: {get_input: nova_password}
                 nova::database_connection: {get_input: nova_dsn}
                 nova::api::neutron_metadata_proxy_shared_secret: {get_input: neutron_metadata_proxy_shared_secret}